1. 20 Oct, 2018 1 commit
    • Simon Wilkinson's avatar
      GSSAPI key exchange support · 72b1d308
      Simon Wilkinson authored
      This patch has been rejected upstream: "None of the OpenSSH developers are
      in favour of adding this, and this situation has not changed for several
      years.  This is not a slight on Simon's patch, which is of fine quality, but
      just that a) we don't trust GSSAPI implementations that much and b) we don't
      like adding new KEX since they are pre-auth attack surface.  This one is
      particularly scary, since it requires hooks out to typically root-owned
      system resources."
      
      However, quite a lot of people rely on this in Debian, and it's better to
      have it merged into the main openssh package rather than having separate
      -krb5 packages (as we used to have).  It seems to have a generally good
      security history.
      
      Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
      Last-Updated: 2018-10-20
      
      Patch-Name: gssapi.patch
      72b1d308
  2. 13 Jul, 2018 1 commit
  3. 20 Oct, 2017 1 commit
    • djm@openbsd.org's avatar
      upstream commit · b011edbb
      djm@openbsd.org authored
      add RCSIDs to these; they make syncing portable a bit
      easier
      
      Upstream-ID: 56cb7021faea599736dd7e7f09c2e714425b1e68
      b011edbb
  4. 30 Apr, 2017 1 commit
    • djm@openbsd.org's avatar
      upstream commit · 56912dea
      djm@openbsd.org authored
      unifdef WITH_SSH1 ok markus@
      
      Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
      56912dea
  5. 27 Jan, 2016 1 commit
    • markus@openbsd.org's avatar
      upstream commit · a3068638
      markus@openbsd.org authored
      remove roaming support; ok djm@
      
      Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
      a3068638
  6. 03 Mar, 2015 1 commit
  7. 24 Feb, 2015 1 commit
    • Darren Tucker's avatar
      Convert two macros into functions. · dcc8997d
      Darren Tucker authored
      Convert packet_send_debug and packet_disconnect from macros to
      functions.  Some older GCCs (2.7.x, 2.95.x) see to have problems with
      variadic macros with only one argument so we convert these two into
      functions.  ok djm@
      dcc8997d
  8. 22 Feb, 2015 1 commit
  9. 30 Jan, 2015 1 commit
    • djm@openbsd.org's avatar
      upstream commit · 4509b5d4
      djm@openbsd.org authored
      avoid more fatal/exit in the packet.c paths that
       ssh-keyscan uses; feedback and "looks good" markus@
      4509b5d4
  10. 28 Jan, 2015 1 commit
    • djm@openbsd.org's avatar
      upstream commit · fae7bbe5
      djm@openbsd.org authored
      avoid fatal() calls in packet code makes ssh-keyscan more
       reliable against server failures ok dtucker@ markus@
      fae7bbe5
  11. 19 Jan, 2015 1 commit
    • markus@openbsd.org's avatar
      upstream commit · 091c3028
      markus@openbsd.org authored
      update packet.c & isolate, introduce struct ssh a) switch
       packet.c to buffer api and isolate per-connection info into struct ssh b)
       (de)serialization of the state is moved from monitor to packet.c c) the old
       packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and
       integrated into packet.c with and ok djm@
      091c3028