summaryrefslogtreecommitdiffstats
path: root/bitmap.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-07-13Enable leak checks for unit tests with valgrindDamien Miller1-5/+3
Leave the leak checking on unconditionally when running with valgrind. The unit tests are leak-free and I want them to stay that way.
2018-07-13increase timeout to match cfgmatch.shDamien Miller1-1/+1
lets test pass under valgrind (on my workstation at least)
2018-07-13rm regress/misc/kexfuzz/*.o in distclean targetDamien Miller1-0/+1
2018-07-13repair !WITH_OPENSSL buildDamien Miller1-0/+2
2018-07-13missing headersDamien Miller2-0/+3
2018-07-12Remove key.h from portable files too.Darren Tucker6-6/+0
Commit 5467fbcb removed key.h so stop including it in portable files too. Fixes builds on lots of platforms.
2018-07-12upstream: remove prototype to long-gone functiondjm@openbsd.org1-3/+1
OpenBSD-Commit-ID: 0414642ac7ce01d176b9f359091a66a8bbb640bd
2018-07-12upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@markus@openbsd.org3-9/+9
OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org22-489/+197
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12upstream: s/wuth/with/ in commentmartijn@openbsd.org1-2/+2
OpenBSD-Commit-ID: 9de41468afd75f54a7f47809d2ad664aa577902c
2018-07-11Include stdlib.h for declaration of free.Darren Tucker1-0/+1
Fixes build with -Werror on at least Fedora and probably others.
2018-07-11VALGRIND_CHECK_LEAKS logic was backwards :(Damien Miller2-2/+2
2018-07-11Fix sshbuf_new error path in skey.Darren Tucker1-2/+2
2018-07-11Supply missing third arg in skey.Darren Tucker1-1/+1
During the change to the new buffer api the third arg to sshbuf_get_cstring was ommitted. Fixes build when configured with skey.
2018-07-11Supply some more missing "int r" in skeyDarren Tucker2-2/+3
2018-07-11disable valgrind memleak checking by defaultDamien Miller2-2/+10
Add VALGRIND_CHECK_LEAKS knob to turn it back on.
2018-07-11Supply missing "int r" in skey code.Darren Tucker1-0/+1
2018-07-11upstream: re-remove some pre-auth compression bitssf@openbsd.org2-4/+3
This time, make sure to not remove things that are necessary for pre-auth compression on the client. Add a comment that pre-auth compression is still supported in the client. ok markus@ OpenBSD-Commit-ID: 282c6fec7201f18a5c333bbb68d9339734d2f784
2018-07-10Adapt portable to legacy buffer API removalDamien Miller18-440/+561
2018-07-10upstream: kerberos/gssapi fixes for buffer removaldjm@openbsd.org5-15/+43
OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
2018-07-10upstream: buffer.[ch] and bufaux.c are no moredjm@openbsd.org1-4/+3
OpenBSD-Commit-ID: d1a1852284e554f39525eb4d4891b207cfb3d3a0
2018-07-10upstream: one mention of Buffer that almost got away :)djm@openbsd.org1-2/+3
OpenBSD-Commit-ID: 30d7c27a90b4544ad5dfacf654595710cd499f02
2018-07-10upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@markus@openbsd.org6-12/+12
OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
2018-07-10upstream: remove legacy buffer API emulation layer; ok djm@markus@openbsd.org9-649/+6
OpenBSD-Commit-ID: 2dd5dc17cbc23195be4299fa93be2707a0e08ad9
2018-07-10upstream: sshd: switch monitor to sshbuf API; lots of help & okmarkus@openbsd.org3-421/+566
djm@ OpenBSD-Commit-ID: d89bd02d33974fd35ca0b8940d88572227b34a48
2018-07-10upstream: sshd: switch GSSAPI to sshbuf API; ok djm@markus@openbsd.org4-65/+86
OpenBSD-Commit-ID: e48449ab4be3f006f7ba33c66241b7d652973e30
2018-07-10upstream: sshd: switch authentication to sshbuf API; ok djm@markus@openbsd.org12-85/+95
OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
2018-07-10upstream: sshd: switch config to sshbuf API; ok djm@markus@openbsd.org3-44/+48
OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd
2018-07-10upstream: sshd: switch loginmsg to sshbuf API; ok djm@markus@openbsd.org7-43/+56
OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
2018-07-10upstream: ttymodes: switch to sshbuf API; ok djm@markus@openbsd.org4-64/+81
OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
2018-07-10upstream: client: switch mux to sshbuf API; with & ok djm@markus@openbsd.org1-414/+507
OpenBSD-Commit-ID: 5948fb98d704f9c4e075b92edda64e0290b5feb2
2018-07-10upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org8-328/+416
OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
2018-07-10upstream: pkcs11: switch to sshbuf API; ok djm@markus@openbsd.org1-57/+79
OpenBSD-Commit-ID: 98cc4e800f1617c51caf59a6cb3006f14492db79
2018-07-10upstream: Revert previous two commitssf@openbsd.org6-14/+20
It turns out we still support pre-auth compression on the client. Therefore revert the previous two commits: date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE; Rename COMP_DELAYED to COMP_ZLIB Only delayed compression is supported nowadays. ok markus@ date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP; Remove leftovers from pre-authentication compression Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
2018-07-10upstream: Rename COMP_DELAYED to COMP_ZLIBsf@openbsd.org4-12/+12
Only delayed compression is supported nowadays. ok markus@ OpenBSD-Commit-ID: 5b1dbaf3d9a4085aaa10fec0b7a4364396561821
2018-07-10upstream: Remove leftovers from pre-authentication compressionsf@openbsd.org5-15/+9
Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: 6a99616c832627157113fcb0cf5a752daf2e6b58
2018-07-10upstream: Remove unused ssh_packet_start_compression()sf@openbsd.org3-27/+3
ok markus@ OpenBSD-Commit-ID: 9d34cf2f59aca5422021ae2857190578187dc2b4
2018-07-06Defer setting bufsiz in getdelim.Darren Tucker1-2/+2
Do not write to bufsiz until we are sure the malloc has succeeded, in case any callers rely on it (which they shouldn't). ok djm@
2018-07-05Fix other callers of read_environment_file.Darren Tucker1-2/+4
read_environment_file recently gained an extra argument Some platform specific code also calls it so add the argument to those too. Fixes build on Solaris and AIX.
2018-07-04upstream: deal with API rename: match_filter_list() =>djm@openbsd.org1-2/+2
match_filter_blacklist() OpenBSD-Regress-ID: 2da342be913efeb51806351af906fab01ba4367f
2018-07-04upstream: exercise new expansion behaviour ofdjm@openbsd.org1-1/+50
PubkeyAcceptedKeyTypes and, by proxy, test kex_assemble_names() ok markus@ OpenBSD-Regress-ID: 292978902e14d5729aa87e492dd166c842f72736
2018-07-04upstream: add a comment that could have saved me 45 minutes of wilddjm@openbsd.org1-1/+2
goose chasing OpenBSD-Regress-ID: d469b29ffadd3402c090e21b792d627d46fa5297
2018-07-04upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSAdjm@openbsd.org10-67/+187
signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
2018-07-03upstream: some magic for RSA-SHA2 checksdjm@openbsd.org1-1/+8
OpenBSD-Regress-ID: e5a9b11368ff6d86e7b25ad10ebe43359b471cd4
2018-07-03dependDamien Miller1-2/+2
2018-07-03upstream: some finesse to fix RSA-SHA2 certificate authenticationdjm@openbsd.org3-8/+12
for certs hosted in ssh-agent OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f
2018-07-03upstream: check correct variable; unbreak agent keysdjm@openbsd.org1-2/+2
OpenBSD-Commit-ID: c36981fdf1f3ce04966d3310826a3e1e6233d93e
2018-07-03upstream: crank version number to 7.8; needed for new compat flagdjm@openbsd.org2-4/+5
for prior version; part of RSA-SHA2 strictification, ok markus@ OpenBSD-Commit-ID: 84a11fc0efd2674c050712336b5093f5d408e32b
2018-07-03upstream: Improve strictness and control over RSA-SHA2 signaturedjm@openbsd.org18-256/+469
In ssh, when an agent fails to return a RSA-SHA2 signature when requested and falls back to RSA-SHA1 instead, retry the signature to ensure that the public key algorithm sent in the SSH_MSG_USERAUTH matches the one in the signature itself. In sshd, strictly enforce that the public key algorithm sent in the SSH_MSG_USERAUTH message matches what appears in the signature. Make the sshd_config PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes options control accepted signature algorithms (previously they selected supported key types). This allows these options to ban RSA-SHA1 in favour of RSA-SHA2. Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures with certificate keys. feedback and ok markus@ OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
2018-07-03upstream: allow sshd_config PermitUserEnvironment to accept adjm@openbsd.org4-11/+62
pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@ OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24