adapt kex to sshbuf and struct ssh; ok djm@

update packet.c & isolate, introduce struct ssh
a) switch packet.c to buffer api and isolate per-connection info into struct ssh
b) (de)serialization of the state is moved from monitor to packet.c
c)

update packet.c & isolate, introduce struct ssh
a) switch packet.c to buffer api and isolate per-connection info into struct ssh
b) (de)serialization of the state is moved from monitor to packet.c
c) the old packet.c API is implemented in opacket.[ch]
d) compress.c/h is removed and integrated into packet.c
with and ok djm@

show more ...

move authfd.c and its tentacles to the new buffer/key API;
ok markus@

add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes
options to allow sshd to control what public key types will be
accepted. Currently defaults to all. Feedback & ok markus@

remember which public keys have been used for authentication and
refuse to accept previously-used keys.

This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using

remember which public keys have been used for authentication and
refuse to accept previously-used keys.

This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ pubkeys.

ok markus@

show more ...

Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
o

Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@

show more ...

New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.

with and ok markus@

Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matt

New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.

with and ok markus@

Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.

show more ...

unbreak compression, by re-init-ing the compression code in the
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originall

unbreak compression, by re-init-ing the compression code in the
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originally from djm@

show more ...

make compiling against OpenSSL optional (make OPENSSL=no);
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm

convert memset of potentially-private data to explicit_bzero()

replace most bzero with explicit_bzero, except a few that cna be memset
ok djm dtucker

remove experimental, never-enabled JPAKE code; ok markus@

fix rekeying for KEX_C25519_SHA256; noted by dtucker@

add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
ok djm@

for hostbased authentication, print the client host and user on
the auth success/failure line; bz#2064, ok dtucker@

Standardise logging of supplemental information during userauth. Keys
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. C

Standardise logging of supplemental information during userauth. Keys
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. Certificates
contents and CA are logged too.

Pushing all logging onto a single line simplifies log analysis as it is
no longer necessary to relate information scattered across multiple log
entries. "I like it" markus@

show more ...

bye, bye xfree(); ok markus@

Add RekeyLimit to sshd with the same syntax as the client allowing rekeying
based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.

add submethod support to AuthenticationMethods; ok and freedback djm@

reconstruct the original username that was sent by the client, which may
have included a style (e.g. "root:skey") when checking public key
signatures. Fixes public key and hostbased auth when the cli

reconstruct the original username that was sent by the client, which may
have included a style (e.g. "root:skey") when checking public key
signatures. Fixes public key and hostbased auth when the client specified
a style; ok markus@

show more ...

drain the log messages after receiving the keystate from the unpriv
child. otherwise it might block while sending. ok djm@

Fixes logging of partial authentication when privsep is enabled
Previously, we recorded "Failed xxx" since we reset authenticated before
calling auth_log() in auth2.c. This adds an explcit "Partial"

Fixes logging of partial authentication when privsep is enabled
Previously, we recorded "Failed xxx" since we reset authenticated before
calling auth_log() in auth2.c. This adds an explcit "Partial" state.

Add a "submethod" to auth_log() to report which submethod is used
for keyboard-interactive.

Fix multiple authentication when one of the methods is
keyboard-interactive.

ok markus@

show more ...

Support multiple required authentication via an AuthenticationMethods
option. This option lists one or more comma-separated lists of
authentication method names. Successful completion of all the meth

Support multiple required authentication via an AuthenticationMethods
option. This option lists one or more comma-separated lists of
authentication method names. Successful completion of all the methods in
any list is required for authentication to complete;
feedback and ok markus@

show more ...

remove dead code following 'for (;;)' loops.
From Steve.McClellan at radisys com, ok markus@

memleak on error path