| Commit message (Collapse) | Author | Files | Lines |
|
default, generic error message. feedback/ok markus & jsg
OpenBSD-Commit-ID: 81f251e975d759994131b717ee7c0b439659c40f
|
|
paths with no trailing slash; feedback/ok markus and jsg
OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
|
|
sshd_config. It defaults to "no", and not explicitly setting it allows us to
enable it for the (optional) hostbased test.
OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
|
|
setup (see comments at the top) and thus is disabled unless
TEST_SSH_HOSTBASED_AUTH and SUDO are set.
OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
|
|
|
|
RSA/SHA2 are configured (this is the default case); ok markus@
OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
|
|
signature algorithms. RSA keys can make signatures with multiple algorithms,
so some special handling is required. ok markus@
OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
|
|
hostbased authn ok markus@
OpenBSD-Commit-ID: da17061fa1f0e58cb31b88478a40643e18233e38
|
|
ok markus
OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
|
|
updating known_hosts with new keys, ignore NULL keys (forgot to include in
prior commit)
OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
|
|
and not the (useless) key type; ok markus
OpenBSD-Commit-ID: 4180b5ec7ab347b43f84e00b1972515296dab023
|
|
and not the default for the keytype. Part of unbreaking hostbased auth for
RSA/SHA2 keys. ok markus@
OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
|
|
the client- side. Require RSA/SHA2 signatures for RSA hostkeys except when
RSA/SHA1 was explicitly negotiated during initial KEX; bz3375
ok markus@
OpenBSD-Commit-ID: 46e75e8dfa2c813781805b842580dcfbd888cf29
|
|
UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
signatures for RSA keys if the client proposed these algorithms in initial
KEX. bz3375
Mostly by Dmitry Belyavskiy with some tweaks by me.
ok markus@
OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
|
|
feedback & ok deraadt@ and markus@ has been in snaps for a few months
OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
|
|
select() to poll() by moving FD_SET construction out of channel handlers into
separate functions. ok markus
OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
|
|
OpenBSD-Commit-ID: 69c7f2362f9de913bb29b6318580c5a1b52c921e
|
|
OpenBSD-Commit-ID: 4cc5c619e4b456cd2e9bb760d17e3a9c84659198
|
|
not just RSA-SHA1
OpenBSD-Regress-ID: b40e62b65863f2702a0c10aca583b2fe76772bd8
|
|
now because the algorithm is controllable via the CLI
OpenBSD-Regress-ID: 0196fa87acc3544b2b4fd98de844a571cb09a39f
|
|
already supported either sha512 (default) or sha256, but plumbing wasn't
there mostly by Linus Nordberg
OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
|
|
from Linus Nordberg
OpenBSD-Commit-ID: 4e78feb4aa830727ab76bb2e3d940440ae1d7af0
|
|
functional code change
OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
|
|
Stelzer
OpenBSD-Regress-ID: f845a8632a5a7d5ae26978004c93e796270fd3e5
|
|
allowed_signers line that contains a namespace restriction, but no
restriction specified on the command-line; report and fix from Fabian Stelzer
OpenBSD-Commit-ID: 4a201b86afb668c908d1a559c6af456a61f4b145
|
|
This will aid in manually reproducing failing commands.
OpenBSD-Regress-ID: b4aba8d5ac5675ceebeeeefa3261ce344e67333a
|
|
Should allow better comparison between failing and succeeding test
platforms.
|
|
|
|
OpenBSD-Commit-ID: c63e43087a64d0727af13409c708938e05147b62
|
|
one supposedly being tested. Spotted by dtucker and using his VM zoo (which
includes some systems old enough to lack ed25519 key support)
OpenBSD-Regress-ID: 7976eb3df11cc2ca3af91030a6a8c0cef1590bb5
|
|
OpenBSD-Commit-ID: d8d49f840162fb7b8949e3a5adb8107444b6de1e
|
|
OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
|
|
authmethod_lookup() into a separate authmethod_byname(), for cases where we
don't need to check whether a method is enabled, etc.
use this to fix the "none" authentication method regression reported
by Nam Nguyen via bugs@
ok deraadt@
OpenBSD-Commit-ID: 8cd188dc3a83aa8abe5b7693e762975cd8ea8a17
|
|
ok djm
OpenBSD-Commit-ID: 90721643e41e9e09deb5b776aaa0443456ab0965
|
|
If the platform has a native SHA2, does not define SHA.*_BLOCK_LENGTH
but does define SHA.*_HMAC_BLOCK_SIZE (eg Solaris) then use the latter.
Should fix --without-openssl build on Solaris.
|
|
|