| Commit message (Collapse) | Author | Files | Lines |
|---|
|
extension request that allows the client to obtain user/group names that
correspond to a set of uids/gids.
Will be used to make directory listings more useful and consistent
in sftp(1).
ok markus@
OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
|
|
OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
|
|
beneath this limit will be ignored for user and host-based authentication.
Feedback deraadt@ ok markus@
OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
|
|
ssh(1). User authentication keys that fall beneath this limit will be
ignored. If a host presents a host key beneath this limit then the connection
will be terminated (unfortunately there are no fallbacks in the protocol for
host authentication).
feedback deraadt, Dmitry Belyavskiy; ok markus@
OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
|
|
length of an RSA key; ok markus@
OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134
|
|
was never actually used. Spotted by Matthew Garrett
OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
|
|
OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4
|
|
There are commands (e.g. "get" or "put") that accept two
arguments, a local path and a remote path. However, the way
current completion is written doesn't take this distinction into
account and always completes remote or local paths.
By expanding CMD struct and "cmds" array this distinction can be
reflected and with small adjustment to completer code the correct
path can be completed.
By Michal Privoznik, ok dtucker@
OpenBSD-Commit-ID: 1396d921c4eb1befd531f5c4a8ab47e7a74b610b
|
|
non-existent commands
If user entered a non-existent command (e.g. because they made a
typo) there is no point in trying to complete its arguments. Skip
calling complete_match() if that's the case.
From Michal Privoznik
OpenBSD-Commit-ID: cf39c811a68cde2aeb98fc85addea4000ef6b07a
|
|
from response
Now that all FIDO signing calls attempt first without PIN and then
fall back to trying PIN only if that attempt fails, we can remove the
hack^wtrick that removed the UV flag from the keys returned during
enroll.
By Corinna Vinschen
OpenBSD-Commit-ID: 684517608c8491503bf80cd175425f0178d91d7f
|
|
OpenBSD-Commit-ID: edf1601c1d0905f6da4c713f4d9cecc7d1c0295a
|
|
the error to determine whether a PIN is required and prompt only if
necessary. from Corinna Vinschen
OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
|
|
tweaked by schwarze
ok schwarze
OpenBSD-Commit-ID: 565046e3ce68b46c2f440a93d67c2a92726de8ed
|
|
OpenBSD-Commit-ID: 6765daefe26a6b648cc15cadbbe337596af709b7
|
|
that ctx!=NULL; from Corinna Vinschen
OpenBSD-Commit-ID: ade2f2e9cc519d01a586800c25621d910bce384a
|
|
Fixes the following build failure with Clang 15 on musl:
```
bsd-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, unsigned long, const char *, struct __va_list_tag *)'; ISO C99 and laterclang -O2 -pipe -fdiagnostics-color=always -frecord-gcc-switches -pipe -Wunknown-warning-option -Qunused-arguments -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -Wmisleading-indentation -Wbitwise-instead-of-logical -fno-strict-aliasing -mretpoline -ftrapv -fzero-call-used-regs=all -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/lib/misc/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/lib/misc/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/lib/misc/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/lib/misc/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/lib/misc/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher-aes.c -o cipher-aes.o
do not support
implicit function declarations [-Wimplicit-function-declaration]
ret = vsnprintf(string, INIT_SZ, fmt, ap2);
^
bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'vsnprintf'
1 error generated.
```
|
|
|
|
This brings us up to current, including djm's random-reseeding change,
as prompted by logan at cyberstorm.mu in bz#3467. It brings the
platform-specific hooks from LibreSSL Portable, simplified to match our
use case. ok djm@.
|
|
Putting this after the copyright statement (which doesn't change)
instead of before the version identifier (which does) prevents merge
conflicts when resyncing changes.
|
|
This was previously moved into its own file (matching OpenBSD) which
prematurely committed in commit 73541f2.
|
|
explicitly test whether the token performs built-in UV (e.g. biometric
tokens) and enable UV in that case. From Pedro Martelletto via GHPR#388
OpenBSD-Commit-ID: 007eb7e387d27cf3029ab06b88224e03eca62ccd
|
|
|
|
OpenBSD-Commit-ID: c2bcbf93610d3d62ed206cdf9bf9ff98c6aaf232
|
|
|
