| Age | Commit message (Collapse) | Author |
|---|
|
Gives better symmetry with the existing mux_client_*() names and makes
it more obvious when a message comes from the master vs client (they
are interleved in ControlMaster=auto mode).
no functional change beyond prefixing a could of log messages with
__func__ where they were previously lacking.
|
|
from nan xiao
|
|
This simplifies the code, makes it less address family specific and plays
nicely with previously used getaddrinfo(2).
While here, make function parameter `const', sort stack variables by size
and nitpick PF_UNSPEC.
OK millert
|
|
OK tb
|
|
scroll region, from Soeren Tempel in GitHub issue 1487.
|
|
specific file (in read mode) we can add a 4th attribute to the struct getentdb
to define each of those files, except for group/hosts/passwd dbs which will be
assigned NULL to that attribute because all the necessary files they need to
open are already whitelisted through pledge(2) via either dns or getpw
promises.
With that set we can then check if the 4th attribute (called unveil) is not
NULL and in that case unveil(2) that specific file per each database.
After a discussion with millert@ regarding YP then deraadt@ chimed in referring
that when he wrote this code even though we can have YP mappings with several
of these dbs "it doesn't mean that things use it, or should, or will" so adding
unveil(2) here should not impact any YP environments.
OK millert@ deraadt@
|
|
short lived, we either go directly exiting the program or just a few lines
below we call pledge(2) again, where it actually should be, and with really
reduced promises. Next commit will restrict further access to the filesystem
through unveil(2).
OK deraadt@ kn@
|
|
issue 1480.
|
|
|
|
in username.c are now so simple there is no longer a good reason
to use them. OK deraadt@
|
|
ok deraadt@
|
|
the return value of getgrgid(3) or getgrnam(3) which relies on
undefined behavior. The rdist server will now use getgroups(2) to
determine group membership of the invoking user. In addition, there
is now one implementation of tilde expansion instead of two.
OK tb@ tim@
|
|
the return value of getgrgid(3) or getgrnam(3) which relies on
undefined behavior. The rdist server will now use getgroups(2) to
determine group membership of the invoking user. In addition, there
is now one implementation of tilde expansion instead of two.
OK tb@ tim@
|
|
X11 connections in untrusted mode indefinitely. ok dtucker@
|
|
calling ssh_gssapi_prepare_supported_oids() regardless of whether
GSSAPI authentication is enabled in the main config.
This avoids sandbox violations for configurations that enable GSSAPI
auth later, e.g.
Match user djm
GSSAPIAuthentication yes
bz#2107; ok dtucker@
|
|
short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to
be "in the file". This allows key revocation lists to contain short
keys without the entire revocation list being considered invalid.
bz#2897; ok dtucker
|
|
ProxyCommand set with regards to hostname canonicalisation (i.e.
don't try to canonicalise the hostname unless CanonicalizeHostname
is set to 'always').
Patch from Sven Wegener via bz#2896
|
|
|
|
ok krw@ millert@
|
|
ok krw@ millert@
|
|
|
|
ok djm
|
|
erroneously showing certificate algorithms); prompted by markus@
|
|
which signature algorithms may be used by CAs when signing certificates.
Useful if you want to ban RSA/SHA1; ok markus@
|
|
which signature algorithms a CA may use when signing certificates.
In particular, this allows a sshd to ban certificates signed with
RSA/SHA1.
ok markus@
|
|
successful operations.
Based on patch from Thijs van Dijk; ok dtucker@ deraadt@
|
|
This broke the chmod regression test, as noted and tracked down
by bluhm.
ok millert
|
|
|
|
|
|
string if there is no passwd entry. OK tb@
|
|
|
|
linenum variable for something that is not a line number to avoid
the confusion that resulted in the bug in rev. 1.64. This also
lets us pass the actual linenum to parse_prime() so the error
messages include the correct line number. OK markus@ some time ago.
|
|
|
|
access and disable further calls to unveil(2) with unveil(NULL, NULL).
OK ratchov@
|
|
userid().
|
|
do repeated lookups. OK tb@
|
|
that do repeated lookups. OK tb@
|
|
and group file lookups. This required a bit of reordering of the
file mode handling bits to deal with the const char *. OK tb@
|
|
to user_from_uid(3) and uid_from_user(3). This requires sprinkling
const in a few places to match the return value of user_from_uid(3).
OK tb@
|
|
that stdout and stderr are not closed.
from Nan Xiao
|
|
Pointed out by Clemens Goessnitzer (clemens AT goessnitzer.info), thanks!
|
|
Use consistent format in debug log for keys readied, offered and
received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains (where available) the key filename, its type and fingerprint,
and whether the key is hosted in an agent or a token.
|
|
revision 1.285
date: 2018/09/14 04:17:12; author: djm; state: Exp; lines: +47 -26; commitid: lflGFcNb2X2HebaK;
Use consistent format in debug log for keys readied, offered and
received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains the key filename, its type and fingerprint, and whether
the key is hosted in an agent or a token.
|
|
|
|
received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains the key filename, its type and fingerprint, and whether
the key is hosted in an agent or a token.
|
|
returning const char *.
|
|
feedback and ok tb@ jsing@ markus@
|
|
|
|
that are allowed for CA signatures. Notably excludes ssh-dsa.
ok markus@
|
|
against a supplied whitelist; ok markus
|
