| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-11-27 | use _PATH_PROTOCOLS from netdb.h instead | Theo de Raadt | |
| 2019-11-27 | Initialize nfds fields of new file structures. | Alexandre Ratchov | |
| Fixes a possible crash when a new file structure is added in the time-out processing code-path. | |||
| 2019-11-27 | Revert previous commit. The channels code still uses int in many places | Darren Tucker | |
| for channel ids so the INT_MAX check still makes sense. | |||
| 2019-11-27 | use error()+_exit() instead of fatal() to avoid running cleanup | Damien Miller | |
| handlers in child process; spotted via weird regress failures in portable | |||
| 2019-11-27 | Make channel_id u_int32_t and remove unnecessary check and cast that were | Darren Tucker | |
| left over from the type conversion. Noted by t-hashida@amiya.co.jp in bz#3098, ok markus@ djm@ | |||
| 2019-11-26 | tweak previous; | Jason McIntyre | |
| 2019-11-26 | Prevent divide-by zero in tcpbench(1). Found while testing iwm(4). | Stefan Sperling | |
| #0 0x000004c27b9051a9 in udp_process_slice (fd=<optimized out>, event=<optimized out>, v_sc=0x4c55279f500) at /usr/src/usr.bin/tcpbench/tcpbench.c:606 606 pps = (sc->udp_slice_pkts * 1000) / since_last; (gdb) p since_last $1 = 0 ok benno@ | |||
| 2019-11-26 | Add default # and * binding with vi(1) keys. | Nicholas Marriott | |
| 2019-11-26 | kdump reads /etc/protocols to translate proto numbers into names; ok sthen@ ↵ | Otto Moerbeek | |
| gilles@ | |||
| 2019-11-26 | more debugging; behind DEBUG_SK | Damien Miller | |
| 2019-11-25 | Don't use motion flag uninitialized. | Nicholas Marriott | |
| 2019-11-25 | Fix a warning in previous. | Nicholas Marriott | |
| 2019-11-25 | Do not clear search marks on cursor movement with vi(1) keys, from Eric | Nicholas Marriott | |
| Pruitt in GitHub issue 1985. | |||
| 2019-11-25 | Add p format modifier for padding to width. | Nicholas Marriott | |
| 2019-11-25 | Allow multiple substitutions in a single format. | Nicholas Marriott | |
| 2019-11-25 | redundant test | Damien Miller | |
| 2019-11-25 | document the "no-touch-required" certificate extension; | Damien Miller | |
| ok markus, feedback deraadt | |||
| 2019-11-25 | Print a key touch reminder when generating a security key. Most keys | Damien Miller | |
| require a touch to authorize the operation. | |||
| 2019-11-25 | allow "ssh-keygen -x no-touch-required" when generating a security key | Damien Miller | |
| keypair to request one that does not require a touch for each authentication attempt. The default remains to require touch. feedback deraadt; ok markus@ | |||
| 2019-11-25 | add a "no-touch-required" option for authorized_keys and a similar | Damien Miller | |
| extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus | |||
| 2019-11-25 | Add a sshd_config PubkeyAuthOptions directive | Damien Miller | |
| This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key signature was made (usually by the user touching the key). ok markus@ | |||
| 2019-11-25 | Add new structure for signature options | Damien Miller | |
| This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ | |||
| 2019-11-25 | memleak in error path | Damien Miller | |
| 2019-11-24 | Only substitute patterns starting with ^ once. | Nicholas Marriott | |
| 2019-11-22 | Wait for FD to be readable or writeable during a nonblocking connect, | Darren Tucker | |
| not just readable. Prevents a timeout when the server doesn't immediately send a banner (eg multiplexers like sslh) but is also slightly quicker for other connections since, unlike ssh1, ssh2 doesn't specify that the client should parse the server banner before sending its own. Patch from mnissler@chromium.org, ok djm@ | |||
| 2019-11-20 | Do not check the client readonly flag when there is no client, GitHub issue ↵ | Nicholas Marriott | |
| 1980. | |||
| 2019-11-19 | adjust on-wire signature encoding for ecdsa-sk keys to better match | Damien Miller | |
| ec25519-sk keys. Discussed with markus@ and Sebastian Kinne NB. if you are depending on security keys (already?) then make sure you update both your clients and servers. | |||
| 2019-11-19 | a little more information from the monitor when signature | Damien Miller | |
| verification fails. | |||
| 2019-11-19 | revert previous: naddy pointed out what's meant to happen. rethink needed... | Jason McIntyre | |
| 2019-11-19 | -c and -s do not make sense with -k; reshuffle -k into the main synopsis/usage; | Jason McIntyre | |
| ok djm | |||
| 2019-11-19 | More return value check in openssl(1) cms | Kinichiro Inoguchi | |
| Checking return value of sk_.*_new_null(). ok beck@ jsing@ | |||
| 2019-11-19 | Add manual descriptions for openssl(1) req -addext | Kinichiro Inoguchi | |
| ok jmc@ | |||
| 2019-11-18 | document '$' environment variable expansion for SecurityKeyProvider; ok djm@ | Christian Weisgerber | |
| 2019-11-18 | more missing mentions of ed25519-sk; ok djm@ | Christian Weisgerber | |
| 2019-11-18 | additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@ | Christian Weisgerber | |
| 2019-11-18 | add the missing WITH_OPENSSL ifdefs after the ED25519-SK addition; ok djm@ | Christian Weisgerber | |
| 2019-11-18 | Remove typedef and check sk_push return value in openssl(1) cms | Kinichiro Inoguchi | |
| - Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@ | |||
| 2019-11-18 | Add -keyopt opiton to openssl(1) cms subcommand | Kinichiro Inoguchi | |
| This provides rsa_padding_mode:oaep for cms -encrypt, and rsa_padding_mode:pss for cms -sign. ok jsing@ | |||
| 2019-11-18 | Add -f for full size to join-pane (like split-window), from Theo Buehler. | Nicholas Marriott | |
| 2019-11-18 | Keep modifiers on backspace when translating it. | Nicholas Marriott | |
| 2019-11-18 | fix a bug that prevented serialisation of ed25519-sk keys | Damien Miller | |
| 2019-11-18 | Fix incorrect error message when key certification fails | Damien Miller | |
| 2019-11-18 | fix bug that prevented certification of ed25519-sk keys | Damien Miller | |
| 2019-11-18 | allow *-sk key types to be turned into certificates | Damien Miller | |
| 2019-11-18 | mention ed25519-sk key/cert types here too; prompted by jmc@ | Damien Miller | |
| 2019-11-18 | mention ed25519-sk in places where it is accepted; prompted by jmc@ | Damien Miller | |
| 2019-11-18 | various knf and whitespace; ok jca | Theo de Raadt | |
| 2019-11-18 | document ed25519-sk pubkey, private key and certificate formats | Damien Miller | |
| 2019-11-18 | correct order or ecdsa-sk private key fields | Damien Miller | |
| 2019-11-18 | correct description of fields in pub/private keys (was missing curve | Damien Miller | |
| name); spotted by Sebastian Kinne | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |