tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,642 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

5160 Commits

Author SHA1 Message Date
Damien Miller 0266677f0f - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make 
ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity"
   key). Patch from cjwatson AT debian.org
 2009-01-21 20:29:20 +11:00
Damien Miller 819dbb633a - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via 
launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked;
   ok dtucker@
 2009-01-21 16:46:26 +11:00
Damien Miller 1598d6bc55 - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X. 
Patch based on one from vgiffin AT apple.com; ok dtucker@
 2009-01-21 16:04:24 +11:00
Tim Rice 2676791c38 - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section. 
OpenServer 6 doesn't need libcrypt.
 2009-01-07 20:50:08 -08:00
Tim Rice 351529ce30 - (tim) [configure.ac defines.h openbsd-compat/port-uw.c 
openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI.
   OK djm@ dtucker@
 2009-01-07 10:04:12 -08:00
Damien Miller 7ebfad789f - djm@cvs.openbsd.org 2008/12/09 03:02:37 
[sftp.1 sftp.c]
     correct sftp(1) and corresponding usage syntax;
     bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@
 2008-12-09 14:12:33 +11:00
Damien Miller 0d772d9d11 - djm@cvs.openbsd.org 2008/12/09 02:58:16 
[readconf.c]
     don't leave junk (free'd) pointers around in Forward *fwd argument on
     failure; avoids double-free in ~C -L handler when given an invalid
     forwarding specification; bz#1539 report from adejong AT debian.org
     via Colin Watson; ok markus@ dtucker@
 2008-12-09 14:12:05 +11:00
Damien Miller 1be2cc4496 - djm@cvs.openbsd.org 2008/12/09 02:39:59 
[sftp.c]
     Deal correctly with failures in remote stat() operation in sftp,
     correcting fail-on-error behaviour in batchmode. bz#1541 report and
     fix from anedvedicky AT gmail.com; ok markus@
 2008-12-09 14:11:49 +11:00
Damien Miller 586b00532f - djm@cvs.openbsd.org 2008/12/09 02:38:18 
[clientloop.c]
     The ~C escape handler does not work correctly for multiplexed sessions -
     it opens a commandline on the master session, instead of on the slave
     that requested it. Disable it on slave sessions until such time as it
     is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
     ok markus@
 2008-12-09 14:11:32 +11:00
Damien Miller 16a73076b7 - markus@cvs.openbsd.org 2008/12/02 19:09:38 
[channels.c]
     s/remote_id/id/ to be more consistent with other code; ok djm@
 2008-12-08 09:55:25 +11:00
Damien Miller 5a33ec68bc - markus@cvs.openbsd.org 2008/12/02 19:08:59 
[serverloop.c]
     backout 1.149, since it's not necessary and openssh clients send
     broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@
 2008-12-08 09:55:02 +11:00
Damien Miller 8533c7801d - markus@cvs.openbsd.org 2008/12/02 19:01:07 
[clientloop.c]
     we have to use the recipient's channel number (RFC 4254) for
     SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
     otherwise we trigger 'Non-public channel' error messages on sshd
     systems with clientkeepalive enabled; noticed by sturm; ok djm;
 2008-12-08 09:54:40 +11:00
Damien Miller 7df2e40074 - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually 
use some stack in main().
   Report and suggested fix from vapier AT gentoo.org
 2008-12-08 09:35:36 +11:00
Darren Tucker 23645649bb - dtucker@cvs.openbsd.org 2008/11/30 11:59:26 
[monitor_fdpass.c]
     Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@
 2008-12-01 21:42:13 +11:00
Darren Tucker 99d11a3ed2 - markus@cvs.openbsd.org 2008/11/21 15:47:38 
[packet.c]
     packet_disconnect() on padding error, too.  should reduce the success
     probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
     ok djm@
 2008-12-01 21:40:48 +11:00
Darren Tucker 83795d61d2 - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files 
and tweak the is-sshd-running check in ssh-host-config.  Patch from
   vinschen at redhat com.
 2008-12-01 21:34:28 +11:00
Darren Tucker d3782b4e76 cmsg thing was originally spotted by des 2008-11-23 19:05:53 +11:00
Darren Tucker 69087eae6d - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some 
declarations, removing an unnecessary union member and adding whitespace.
    ok djm some time ago.
 2008-11-23 14:03:19 +11:00
Tim Rice 0f4d2c02f2 - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id 
member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
   feedback by djm@
 2008-11-18 21:26:41 -08:00
Damien Miller edecb37a4b test commit 2008-11-19 11:54:24 +11:00
Darren Tucker 4a6f62d4ae - djm@cvs.openbsd.org 2008/11/10 02:06:35 
[regress/putty-ciphers.sh]
     PuTTY supports AES CTR modes, so interop test against them too
 2008-11-11 16:55:25 +11:00
Darren Tucker 22662e880f - stevesk@cvs.openbsd.org 2008/11/11 03:55:11 
[channels.c]
     for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
     permitopen's; ok and input dtucker@
 2008-11-11 16:40:22 +11:00
Darren Tucker 49c31c4225 - stevesk@cvs.openbsd.org 2008/11/11 02:58:09 
[servconf.c]
     USE_AFS not referenced so remove #ifdef.  fixes sshd -T not printing
     kerberosgetafstoken. ok dtucker@
     (Id sync only, we still want the ifdef in portable)
 2008-11-11 16:39:44 +11:00
Darren Tucker 63917bd0da - tobias@cvs.openbsd.org 2008/11/09 12:34:47 
[session.c ssh.1]
     typo fixed (overriden -> overridden)
     ok espie, jmc
 2008-11-11 16:33:48 +11:00
Darren Tucker c6d744e9cd - dtucker@cvs.openbsd.org 2008/11/07 23:34:48 
[auth2-jpake.c]
     Move JPAKE define to make life easier for portable.  ok djm@
 2008-11-11 16:33:03 +11:00
Darren Tucker b57fab6b0b - stevesk@cvs.openbsd.org 2008/11/07 18:50:18 
[nchan.c]
     add space to some log/debug messages for readability; ok djm@ markus@
 2008-11-11 16:32:25 +11:00
Darren Tucker e15fb09847 - stevesk@cvs.openbsd.org 2008/11/07 00:42:12 
[ssh-keygen.c]
     spelling/typo in comment
 2008-11-11 16:31:43 +11:00
Darren Tucker ff4350e1b8 - (dtucker) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2008/11/05 11:22:54
     [servconf.c]
     passord -> password;
     fixes user/5975 from Rene Maroufi
 2008-11-11 16:31:05 +11:00
Damien Miller 0164cb8a87 - stevesk@cvs.openbsd.org 2008/11/05 03:23:09 
[clientloop.c ssh.1]
     add dynamic forward escape command line; ok djm@
 2008-11-05 16:30:31 +11:00
Damien Miller 1a0442fce8 - stevesk@cvs.openbsd.org 2008/11/04 19:18:00 
[readconf.c]
     because parse_forward() is now used to parse all forward types (DLR),
     and it malloc's space for host variables, we don't need to malloc
     here.  fixes small memory leaks.

     previously dynamic forwards were not parsed in parse_forward() and
     space was not malloc'd in that case.

     ok djm@
 2008-11-05 16:30:06 +11:00
Damien Miller 01ed2272a1 - djm@cvs.openbsd.org 2008/11/04 08:22:13 
[auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.

     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.

     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).

     "just commit it.  It isn't too intrusive." deraadt@
 2008-11-05 16:20:46 +11:00
Damien Miller 6f66d34308 - djm@cvs.openbsd.org 2008/11/04 07:58:09 
[auth.c]
     need unistd.h for close() prototype
     (ID sync only)
 2008-11-05 16:12:54 +11:00
Damien Miller 7fc5c0f621 - OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2008/11/03 08:59:41
     [servconf.c]
     include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov
 2008-11-05 16:12:11 +11:00
Damien Miller 250071fd77 - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam] 
[contrib/redhat/sshd.pam] Move pam_nologin to account group from
   incorrect auth group in example files;
   patch from imorgan AT nas.nasa.gov
 2008-11-03 20:18:12 +11:00
Damien Miller 85dec73463 - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd] 
Make example scripts generate keys with default sizes rather than fixed,
   non-default 1024 bits; patch from imorgan AT nas.nasa.gov
 2008-11-03 20:16:01 +11:00
Damien Miller f4b39538f4 - stevesk@cvs.openbsd.org 2008/11/03 02:44:41 
[readconf.c]
     fix comment
 2008-11-03 19:28:21 +11:00
Damien Miller a279d252ab - stevesk@cvs.openbsd.org 2008/11/03 01:07:02 
[readconf.c]
     remove valueless comment
 2008-11-03 19:28:07 +11:00
Damien Miller 660d7dabc0 - stevesk@cvs.openbsd.org 2008/11/02 00:16:16 
[ttymodes.c]
     protocol 2 tty modes support is now 7.5 years old so remove these
     debug3()s; ok deraadt@
 2008-11-03 19:27:52 +11:00
Damien Miller a699d952e5 - stevesk@cvs.openbsd.org 2008/11/01 17:40:33 
[clientloop.c readconf.c readconf.h ssh.c]
     merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@
 2008-11-03 19:27:34 +11:00
Damien Miller c1719f7f0d - sobrado@cvs.openbsd.org 2008/11/01 11:14:36 
[ssh-keyscan.1 ssh-keyscan.c]
     the ellipsis is not an optional argument; while here, improve spacing.
 2008-11-03 19:27:07 +11:00
Damien Miller a009433333 - stevesk@cvs.openbsd.org 2008/11/01 06:43:33 
[channels.c]
     fix some typos in log messages; ok djm@
 2008-11-03 19:26:35 +11:00
Damien Miller f7475d7e97 - djm@cvs.openbsd.org 2008/11/01 04:50:08 
[sshconnect2.c]
     sprinkle ARGSUSED on dispatch handlers
     nuke stale unusued prototype
 2008-11-03 19:26:18 +11:00
Damien Miller 2b20a92b7b - stevesk@cvs.openbsd.org 2008/10/31 15:05:34 
[dispatch.c]
     remove unused #define DISPATCH_MIN; ok markus@
 2008-11-03 19:26:00 +11:00
Damien Miller e7261c7e36 - stevesk@cvs.openbsd.org 2008/10/30 19:31:16 
[clientloop.c sshd.c]
     don't need to #include "monitor_fdpass.h"
 2008-11-03 19:25:40 +11:00
Damien Miller a414cd3b19 - stevesk@cvs.openbsd.org 2008/10/17 18:36:24 
[ssh_config.5]
     correct and clarify VisualHostKey; ok jmc@
 2008-11-03 19:25:21 +11:00
Damien Miller ece92c8c5e - stevesk@cvs.openbsd.org 2008/10/14 18:11:33 
[sshconnect.c]
     use #define ROQUIET here; no binary change. ok dtucker@
 2008-11-03 19:25:03 +11:00
Damien Miller 2f54adabbb - stevesk@cvs.openbsd.org 2008/10/10 05:00:12 
[key.c]
     typo in error message; ok djm@
 2008-11-03 19:24:16 +11:00
Damien Miller b4acb47f5f - stevesk@cvs.openbsd.org 2008/10/10 04:55:16 
[scp.c]
     spelling in comment; ok djm@
 2008-11-03 19:23:45 +11:00
Damien Miller c13c3ee44a - jmc@cvs.openbsd.org 2008/10/09 06:54:22 
[ssh.c]
     add -y to usage();
 2008-11-03 19:23:28 +11:00
Damien Miller 51bde6000a - djm@cvs.openbsd.org 2008/10/09 03:50:54 
[servconf.c sshd_config.5]
     support setting PermitEmptyPasswords in a Match block
     requested in PR3891; ok dtucker@
 2008-11-03 19:23:10 +11:00