summaryrefslogtreecommitdiffstats
path: root/README.privsep (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-06-06Add compat bits to utf8.c.Darren Tucker1-1/+5
2016-06-06Fix utf->utf8 typo.Darren Tucker1-1/+1
2016-06-06upstream commitschwarze@openbsd.org1-27/+24
Backout rev. 1.43 for now. The function update_progress_meter() calls refresh_progress_meter() which calls snmprintf() which calls malloc(); but update_progress_meter() acts as the SIGALRM signal handler. "malloc(): error: recursive call" reported by sobrado@. Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
2016-06-06upstream commitschwarze@openbsd.org1-15/+31
Even when only writing an unescaped character, the dst buffer may need to grow, or it would be overrun; issue found by tb@ with malloc.conf(5) 'C'. While here, reserve an additional byte for the terminating NUL up front such that we don't have to realloc() later just for that. OK tb@ Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
2016-06-06upstream commitschwarze@openbsd.org1-10/+18
Fix two rare edge cases: 1. If vasprintf() returns < 0, do not access a NULL pointer in snmprintf(), and do not free() the pointer returned from vasprintf() because on some systems other than OpenBSD, it might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" rather than -1 and NULL. Besides, free(dst) is pointless after failure (not a bug). One half OK martijn@, the other half OK deraadt@; committing quickly before people get hurt. Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
2016-06-06upstream commitschwarze@openbsd.org7-66/+369
To prevent screwing up terminal settings when printing to the terminal, for ASCII and UTF-8, escape bytes not forming characters and bytes forming non-printable characters with vis(3) VIS_OCTAL. For other character sets, abort printing of the current string in these cases. In particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * sanitize data received from the remote host; * sanitize filenames, usernames, and similar data even locally; * take character display widths into account for the progressmeter. This is believed to be sufficient to keep the local terminal safe on OpenBSD, but bad things can still happen on other systems with state-dependent locales because many places in the code print unencoded ASCII characters into the output stream. Using feedback from djm@ and martijn@, various aspects discussed with many others. deraadt@ says it should go in now, i probably already hesitated too long Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
2016-06-06upstream commitdtucker@openbsd.org2-11/+8
KNF compression proposal and simplify the client side a little. ok djm@ Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
2016-06-06upstream commitdtucker@openbsd.org1-3/+2
Back out 'plug memleak'. Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
2016-06-06upstream commitdjm@openbsd.org1-24/+24
prefer agent-hosted keys to keys from PKCS#11; ok markus Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
2016-06-06upstream commitdtucker@openbsd.org1-2/+3
Plug mem leak in filter_proposal. ok djm@ Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
2016-06-03Update vis.h and vis.c from OpenBSD.Darren Tucker2-15/+50
This will be needed for the upcoming utf8 changes.
2016-05-31modified: configure.acTim Rice1-48/+47
whitspace clean up. No code changes.
2016-05-31whitespace at EOLDamien Miller1-5/+5
2016-05-30Add missing ssh-host-config --name optionDarren Tucker1-0/+1
Patch from vinschen@redhat.com.
2016-05-20Fix comment about sshpam_const and AIX.Darren Tucker1-2/+2
From mschwager via github.
2016-05-20Deny lstat syscalls in seccomp sandboxDamien Miller1-0/+6
Avoids sandbox violations for some krb/gssapi libraries.
2016-05-19upstream commitdjm@openbsd.org1-5/+8
fix type of ed25519 values Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
2016-05-19upstream commitmarkus@openbsd.org2-4/+6
add IdentityAgent; noticed & ok jmc@ Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
2016-05-19upstream commitmarkus@openbsd.org4-7/+14
allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@ Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
2016-05-19upstream commitmarkus@openbsd.org5-10/+9
move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
2016-05-10initialise salen in binresvport_saDamien Miller1-0/+1
avoids failures with UsePrivilegedPort=yes patch from Juan Gallego
2016-05-04upstream commitmarkus@openbsd.org1-2/+3
missing const in prototypes (ssh1) Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
2016-05-04upstream commitdtucker@openbsd.org1-2/+2
Fix inverted logic for updating StreamLocalBindMask which would cause the server to set an invalid mask. ok djm@ Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
2016-05-04upstream commitmarkus@openbsd.org5-8/+58
IdentityAgent for specifying specific agent sockets; ok djm@ Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
2016-05-04upstream commitdjm@openbsd.org1-3/+3
fix junk characters after quotes Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
2016-05-04upstream commitjmc@openbsd.org1-2/+2
correct article; Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
2016-05-03upstream commitdjm@openbsd.org1-1/+12
fix overriding of StreamLocalBindMask and StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
2016-05-03upstream commitdjm@openbsd.org1-1/+2
don't forget to include StreamLocalBindUnlink in the config dump output Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
2016-05-03upstream commitdjm@openbsd.org1-3/+4
make nethack^wrandomart fingerprint flag more readily searchable pointed out by Matt Johnston Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
2016-05-03upstream commitdjm@openbsd.org1-1/+3
clarify ordering of subkeys; pointed out by ietf-ssh AT stbuehler.de Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
2016-05-03upstream commitdtucker@openbsd.org1-3/+4
Use a subshell for constructing key types to work around different sed behaviours for -portable. Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
2016-05-03upstream commitdjm@openbsd.org1-10/+32
correct some typos and remove a long-stale XXX note. add specification for ed25519 certificates mention no host certificate options/extensions are currently defined pointed out by Simon Tatham Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
2016-05-03upstream commitdjm@openbsd.org1-1/+20
add ed25519 keys that are supported but missing from this documents; from Peter Moody Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
2016-05-03upstream commitdtucker@openbsd.org1-1/+4
Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch from Simon Tatham, ok markus@ Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
2016-05-02upstream commitdjm@openbsd.org1-2/+2
unbreak config parsing on reexec from previous commit Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
2016-05-02upstream commitdjm@openbsd.org3-77/+102
unit and regress tests for SHA256/512; ok markus Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
2016-05-02upstream commitdjm@openbsd.org13-32/+146
add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
2016-05-02upstream commitdjm@openbsd.org4-10/+16
support SHA256 and SHA512 RSA signatures in certificates; ok markus@ Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
2016-05-02upstream commitdjm@openbsd.org13-64/+112
fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-04-29upstream commitdjm@openbsd.org2-5/+7
close ControlPersist background process stderr when not in debug mode or when logging to a file or syslog. bz#1988 ok dtucker Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
2016-04-29upstream commitdjm@openbsd.org1-3/+3
fix comment Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
2016-04-28upstream commitjmc@openbsd.org1-2/+6
cidr permitted for {allow,deny}users; from lars nooden ok djm Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
2016-04-21upstream commitdjm@openbsd.org4-8/+12
make argument == NULL tests more consistent Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
2016-04-21upstream commitjmc@openbsd.org1-4/+4
tweak previous; Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
2016-04-15upstream commitdjm@openbsd.org1-1/+2
missing bit of Include regress Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
2016-04-15upstream commitdjm@openbsd.org1-1/+1
remove redundant CLEANFILES section Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
2016-04-15upstream commitdjm@openbsd.org1-23/+23
sync CLEANFILES with portable, sort Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
2016-04-15upstream commitdjm@openbsd.org2-3/+295
regression test for ssh_config Include directive Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
2016-04-15upstream commitdjm@openbsd.org1-2/+2
unbreak test for recent ssh de-duplicated forwarding change Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
2016-04-15upstream commitdjm@openbsd.org1-1/+8
add test knob and warning for StrictModes Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682