1. 03 Oct, 2018 1 commit
    • Ed Maste's avatar
      openssh: cherry-pick OpenSSL 1.1.1 compatibility · 0a5cc6b2
      Ed Maste authored
      Upstream commits:
      482d23bcac upstream: hold our collective noses and use the openssl-1.1.x
      48f54b9d12 adapt -portable to OpenSSL 1.1x API
      86e0a9f3d2 upstream: use only openssl-1.1.x API here too
      a3fd8074e2 upstream: missed a bit of openssl-1.0.x API in this unittest
      cce8cbe0ed Fix openssl-1.1 fallout for --without-openssl.
      
      Trivial conflicts in sshkey.c and test_sshkey.c were resolved.
      
      Discussed with:	des
      0a5cc6b2
  2. 28 Aug, 2018 1 commit
  3. 16 May, 2018 1 commit
  4. 06 May, 2018 2 commits
  5. 03 Aug, 2017 1 commit
  6. 31 Jan, 2017 2 commits
  7. 11 Jan, 2017 1 commit
    • Xin LI's avatar
      Apply upstream fix for CVE-2016-10009 and CVE-2016-10010: · 8f8c5592
      Xin LI authored
        add a whitelist of paths from which ssh-agent will load (via
        ssh-pkcs11-helper) a PKCS#11 module; ok markus@
      
        disable Unix-domain socket forwarding when privsep is disabled
      
      (Note that this is a backport of upstream fixes, and this commit
      is mainly to ease future imports).
      
      Obtained from:  OpenBSD
      8f8c5592
  8. 02 Nov, 2016 1 commit
    • Xin LI's avatar
      Apply upstream fix for CVE-2016-8858: · 642a1c38
      Xin LI authored
        Unregister the KEXINIT handler after message has been received.
        Otherwise an unauthenticated peer can repeat the KEXINIT and cause
        allocation of up to 128MB -- until the connection is closed.
        Reported by shilei-c at 360.cn
      
      Obtained from:	OpenBSD
      642a1c38
  9. 10 Mar, 2016 2 commits
  10. 19 Jan, 2016 1 commit
  11. 26 Aug, 2015 2 commits
  12. 02 Jul, 2015 2 commits
  13. 05 Jan, 2015 1 commit
  14. 20 Apr, 2014 1 commit
  15. 22 Mar, 2014 1 commit
  16. 30 Jan, 2014 1 commit
  17. 11 Nov, 2013 1 commit
  18. 18 Sep, 2013 1 commit
  19. 13 Aug, 2013 1 commit
  20. 17 May, 2013 1 commit
  21. 24 Apr, 2013 1 commit
  22. 14 Apr, 2013 1 commit
  23. 02 Apr, 2013 1 commit
  24. 22 Mar, 2013 1 commit
  25. 29 Aug, 2012 2 commits
  26. 25 Jun, 2012 1 commit
    • Xin LI's avatar
      Merge from upstream: · 4bc11fc9
      Xin LI authored
         - djm@cvs.openbsd.org 2012/04/11 13:34:17
           [ssh-keyscan.1 ssh-keyscan.c]
           now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
           look for them by default; bz#1971
      
      Approved by:	des
      4bc11fc9
  27. 28 Sep, 2011 4 commits
  28. 05 May, 2011 2 commits
  29. 03 May, 2011 1 commit
  30. 17 Feb, 2011 1 commit