IABSD.fr/src/usr.bin

Branch :


Log

Author Commit Date CI Message
2dfc98f4 2019-12-04 09:51:07 libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig Reported by Qualys
0925375c 2019-12-03 10:47:22 Style nits in function arguments.
e8a72117 2019-12-03 09:14:37 With -R and an implicit ".", don't prepend file paths with "./" Looks nicer and matches the output of GNU grep. ok millert@ deraadt@ visa@ miod@
ef8fff59 2019-12-03 08:48:49 Document implicit "." default file for -R OK visa deraadt
ba697fea 2019-12-02 22:32:18 Tweak inaccurate comment
aa8fed3a 2019-12-02 22:23:19 Tweak previous, using fputs here was fine
5fbd5e42 2019-12-02 22:17:32 Use getline(3) to handle lines longer than 8192 bytes in patch files Spotted by jsg@ when working on mesa. Diff tested by sthen@ in a partial i386 bulk. Input from and ok jsg@ millert@
c1cbe94b 2019-12-02 21:50:11 With -R assume that "." was passed instead of printing a warning Saner default behavior that matches GNU grep. Diff from miod@, support from espie@, ok visa@ millert@
fa9a3d3a 2019-12-02 19:25:52 Remove client menu, I don't think it adds anything.
9f5f6f88 2019-12-02 15:35:35 update currency exchange rates;
083d4b5c 2019-11-30 14:01:45 After fork(2) the pledge(2) in the parent proc can be reduced to "stdio rpath sendfd" so that it can call {l,}stat/open and sendfd for imsg_* in order to send fds to the child proc which is already pledged by recvfd to receive them OK brynet@ deraadt@
1890c57d 2019-11-30 07:07:59 tweak the Nd lines for a bit of consistency; ok markus
1e388329 2019-11-29 16:04:07 If a window appears in only one attached session, there is no point in worrying about which is the latest client (there is only one).
65ac2342 2019-11-29 03:12:35 at(1): ctime comparison: subtraction is not comparison; ok millert@
a2f7fe09 2019-11-29 00:11:21 perform hashing directly in crypto_hash_sha512() using libcrypto or libc SHA512 functions rather than calling ssh_digest_memory(); avoids many dependencies on ssh code that complicate standalone use of ed25519, as we want to do in sk-dummy.so
5ae34e9e 2019-11-28 21:18:38 Do not crash when a format doesn't exist, reported by Thomas Sattler.
68acdce2 2019-11-28 16:27:25 ks_mapblocks is gone
4499ca0c 2019-11-28 12:24:31 improve the text for -A a little; input from naddy and djm
40e92372 2019-11-28 12:23:25 reshuffle the text to read better; input from naddy, djmc, and dtucker
d8fa3dd1 2019-11-28 11:21:33 Add manual for openssl(1) cms ok and comments jmc@
449be3e3 2019-11-28 10:55:45 Missing after-kill-pane option.
2afb856a 2019-11-28 10:17:22 Parse out DA features.
21e62bdb 2019-11-28 09:56:25 Long lines and spacing fixes.
18b1287e 2019-11-28 09:51:58 Add xrecallocarray.
d7dc1b61 2019-11-28 09:50:09 Bump the escape sequence timeout to five seconds to allow for longer legitimate sequences.
4a8b0ea5 2019-11-28 09:45:15 Make a best effort to set xpixel and ypixel for each pane and add formats for them.
8002856b 2019-11-28 09:05:34 Store xpixel/ypixel from TIOCGWINSZ and add formats.
57b78c22 2019-11-28 08:38:04 status-left and status-right need push-default also, reported by Eric Pruitt in GitHub issue 1989.
9b45e825 2019-11-28 05:20:54 tweak wording
33e48bcd 2019-11-27 22:32:11 remove stray semicolon after closing brace of function; from Michael Forney
2490d52d 2019-11-27 20:54:30 REG_STARTEND is not portable, but it turns out we don't actually need it. From Evan Green, GitHub issue 1982.
b8c0aef4 2019-11-27 16:50:21 use _PATH_PROTOCOLS from netdb.h instead
4c0d1d38 2019-11-27 08:18:22 Initialize nfds fields of new file structures. Fixes a possible crash when a new file structure is added in the time-out processing code-path.
0c034787 2019-11-27 05:38:43 Revert previous commit. The channels code still uses int in many places for channel ids so the INT_MAX check still makes sense.
da06e094 2019-11-27 05:00:17 use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
2bf2fb2b 2019-11-27 03:34:04 Make channel_id u_int32_t and remove unnecessary check and cast that were left over from the type conversion. Noted by t-hashida@amiya.co.jp in bz#3098, ok markus@ djm@
bffdb0b7 2019-11-26 22:42:26 tweak previous;
9b3d3828 2019-11-26 17:51:33 Prevent divide-by zero in tcpbench(1). Found while testing iwm(4). #0 0x000004c27b9051a9 in udp_process_slice (fd=<optimized out>, event=<optimized out>, v_sc=0x4c55279f500) at /usr/src/usr.bin/tcpbench/tcpbench.c:606 606 pps = (sc->udp_slice_pkts * 1000) / since_last; (gdb) p since_last $1 = 0 ok benno@
7f0389c5 2019-11-26 15:35:56 Add default # and * binding with vi(1) keys.
8625808f 2019-11-26 09:43:49 kdump reads /etc/protocols to translate proto numbers into names; ok sthen@ gilles@
584bea6c 2019-11-26 03:04:27 more debugging; behind DEBUG_SK
e104123d 2019-11-25 22:38:36 Don't use motion flag uninitialized.
99faff9b 2019-11-25 20:43:32 Fix a warning in previous.
4bd94dea 2019-11-25 20:42:18 Do not clear search marks on cursor movement with vi(1) keys, from Eric Pruitt in GitHub issue 1985.
a318a7fa 2019-11-25 15:04:15 Add p format modifier for padding to width.
144aa191 2019-11-25 15:02:48 Allow multiple substitutions in a single format.
a84762ce 2019-11-25 10:23:36 redundant test
d70f2191 2019-11-25 00:57:51 document the "no-touch-required" certificate extension; ok markus, feedback deraadt
093f1094 2019-11-25 00:57:27 Print a key touch reminder when generating a security key. Most keys require a touch to authorize the operation.
40f04aad 2019-11-25 00:55:58 allow "ssh-keygen -x no-touch-required" when generating a security key keypair to request one that does not require a touch for each authentication attempt. The default remains to require touch. feedback deraadt; ok markus@
6e27da75 2019-11-25 00:54:23 add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus
47ce46c8 2019-11-25 00:52:46 Add a sshd_config PubkeyAuthOptions directive This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key signature was made (usually by the user touching the key). ok markus@
493ad5b0 2019-11-25 00:51:37 Add new structure for signature options This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@
11c8e95a 2019-11-25 00:38:17 memleak in error path
9eb62517 2019-11-24 18:37:23 Only substitute patterns starting with ^ once.
8cd3d8c5 2019-11-22 06:50:30 Wait for FD to be readable or writeable during a nonblocking connect, not just readable. Prevents a timeout when the server doesn't immediately send a banner (eg multiplexers like sslh) but is also slightly quicker for other connections since, unlike ssh1, ssh2 doesn't specify that the client should parse the server banner before sending its own. Patch from mnissler@chromium.org, ok djm@
494db7cc 2019-11-20 11:42:51 Do not check the client readonly flag when there is no client, GitHub issue 1980.
039d6aae 2019-11-19 22:23:19 adjust on-wire signature encoding for ecdsa-sk keys to better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne NB. if you are depending on security keys (already?) then make sure you update both your clients and servers.
73734971 2019-11-19 22:21:15 a little more information from the monitor when signature verification fails.
c98bcbbd 2019-11-19 16:02:32 revert previous: naddy pointed out what's meant to happen. rethink needed...
22150316 2019-11-19 14:54:47 -c and -s do not make sense with -k; reshuffle -k into the main synopsis/usage; ok djm
d4271273 2019-11-19 10:28:18 More return value check in openssl(1) cms Checking return value of sk_.*_new_null(). ok beck@ jsing@
f872ba1d 2019-11-19 10:20:10 Add manual descriptions for openssl(1) req -addext ok jmc@
98d39534 2019-11-18 23:17:48 document '$' environment variable expansion for SecurityKeyProvider; ok djm@
bfff4a28 2019-11-18 23:16:49 more missing mentions of ed25519-sk; ok djm@
d2a7ef38 2019-11-18 16:10:05 additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@
f8cd6cb1 2019-11-18 16:08:57 add the missing WITH_OPENSSL ifdefs after the ED25519-SK addition; ok djm@
514c2dab 2019-11-18 12:43:27 Remove typedef and check sk_push return value in openssl(1) cms - Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@
99e5b935 2019-11-18 11:34:41 Add -keyopt opiton to openssl(1) cms subcommand This provides rsa_padding_mode:oaep for cms -encrypt, and rsa_padding_mode:pss for cms -sign. ok jsing@
b9f4fd46 2019-11-18 09:43:31 Add -f for full size to join-pane (like split-window), from Theo Buehler.
4c8b1ab8 2019-11-18 09:42:09 Keep modifiers on backspace when translating it.
3ae5026f 2019-11-18 06:58:00 fix a bug that prevented serialisation of ed25519-sk keys
0f6aa503 2019-11-18 06:39:36 Fix incorrect error message when key certification fails
6350a416 2019-11-18 06:39:02 fix bug that prevented certification of ed25519-sk keys
fdaabcac 2019-11-18 06:24:17 allow *-sk key types to be turned into certificates
7d93d597 2019-11-18 04:55:02 mention ed25519-sk key/cert types here too; prompted by jmc@
d4a18e60 2019-11-18 04:50:45 mention ed25519-sk in places where it is accepted; prompted by jmc@
544013c6 2019-11-18 04:37:35 various knf and whitespace; ok jca
9d61155f 2019-11-18 04:34:47 document ed25519-sk pubkey, private key and certificate formats
0c5b4bc7 2019-11-18 04:29:50 correct order or ecdsa-sk private key fields
3d83e935 2019-11-18 04:16:53 correct description of fields in pub/private keys (was missing curve name); spotted by Sebastian Kinne
847074b1 2019-11-18 01:59:48 missing break in getopt switch; spotted by Sebastian Kinne
572ca008 2019-11-17 17:38:33 fail to usage if extra argv are present noticed by jsing and beck, ok tedu
cbee8d56 2019-11-16 23:17:20 tweak debug message
c6495727 2019-11-16 22:42:30 a little debug() in the security key interface
6c1668c6 2019-11-16 22:36:48 always use ssh-sk-helper, even for the internal USB HID support. This avoid the need for a wpath pledge in ssh-agent. reported by jmc@
35f0234c 2019-11-15 15:41:01 fix typos in sk_enroll
a467abc7 2019-11-15 11:21:32 Do not add path if it is NULL, duh.
e9afa876 2019-11-15 11:16:53 Handle OSC 7 (a VTE extension) and put the result in a new format (pane_path).
11497b5d 2019-11-15 11:16:28 double word;
07b718ed 2019-11-15 06:00:20 remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CTX_end and the places we were using it didn't benefit from its use anyway. ok dtucker@
096d667c 2019-11-15 05:37:27 unshield security key privkey before attempting signature in agent. spotted by dtucker@
2b479b17 2019-11-15 05:26:56 rewrite c99-ism
bc7dc720 2019-11-15 05:25:52 only clang understands those new -W options
b425d036 2019-11-15 04:12:32 don't consult dlopen whitelist for internal security key provider; spotted by dtucker@
7cf8e58d 2019-11-15 03:41:57 U2F tokens may return FIDO_ERR_USER_PRESENCE_REQUIRED when probed to see if they own a key handle. Handle this case so the find_device() look can work for them. Reported by Michael Forney
2b753a7a 2019-11-15 02:38:07 show the "please touch your security key" notifier when using the (default) build-in security key support.
4c7cc78c 2019-11-15 02:37:24 close the "touch your security key" notifier on the error path too
59959935 2019-11-15 02:20:06 correct function name in debug message
6e93bb8e 2019-11-15 00:32:40 follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.