tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,670 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

6670 Commits

Author SHA1 Message Date
Darren Tucker 191fcc6e4e - dtucker@cvs.openbsd.org 2012/09/21 10:53:07 
[sftp.c]
     Fix improper handling of absolute paths when PWD is part of the completed
     path.  Patch from Jean-Marc Robert via tech@, ok djm.
 2012-10-05 10:45:01 +10:00
Darren Tucker 063018d9f6 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12 
[sftp.c]
     Add bounds check on sftp tab-completion.  Part of a patch from from
     Jean-Marc Robert via tech@, ok djm
 2012-10-05 10:43:58 +10:00
Darren Tucker 302889a1b0 - markus@cvs.openbsd.org 2012/09/17 13:04:11 
[packet.c]
     clear old keys on rekeing; ok djm
 2012-10-05 10:42:53 +10:00
Darren Tucker 0af2405ebf - (dtucker) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2012/09/17 09:54:44
     [sftp.c]
     an XXX for later
 2012-10-05 10:41:25 +10:00
Darren Tucker 26b9e3b0c5 - markus@cvs.openbsd.org 2012/09/14 16:51:34 
[sshconnect.c]
     remove unused variable
 2012-09-17 13:25:44 +10:00
Darren Tucker bb6cc07cf4 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36 
[servconf.c]
     Fix comment line length
 2012-09-17 13:25:06 +10:00
Darren Tucker 86dc9b4110 Fix author's name for RFC6594 SSHFP change 2012-09-07 18:08:23 +10:00
Darren Tucker 48bf4b0ca3 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21 
[clientloop.c]
     when muxmaster is run with -N, make it shut down gracefully when a client
     sends it "-O stop" rather than hanging around (bz#1985).  ok djm@
 2012-09-07 16:38:53 +10:00
Darren Tucker ca0d0fd806 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21 
[clientloop.c]
     Merge escape help text for ~v and ~V; ok djm@
 2012-09-07 11:22:24 +10:00
Darren Tucker f111d40604 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19 
[clientloop.c]
     Print '^Z' instead of a raw ^Z when the sequence is not supported.  ok djm@
 2012-09-07 11:21:42 +10:00
Darren Tucker 83d0af6907 - jmc@cvs.openbsd.org 2012/09/06 13:57:42 
[ssh.1]
     missing letter in previous;
 2012-09-07 11:21:03 +10:00
Darren Tucker 92a39cfa09 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 
[clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@

(note: previous commit with this description was a mistake on my part while
pulling changes from OpenBSD)
 2012-09-07 11:20:20 +10:00
Darren Tucker 241995382e bz#2039: add acknowledgement of the original authors of the ECDSA SSHFP DNS 
work.  From Ondřej Surý.
 2012-09-07 10:44:34 +10:00
Darren Tucker 29bf4040b4 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 
[clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@
 2012-09-06 21:26:34 +10:00
Darren Tucker 50a48d025f - dtucker@cvs.openbsd.org 2012/09/06 04:37:39 
[clientloop.c log.c ssh.1 log.h]
     Add ~v and ~V escape sequences to raise and lower the logging level
     respectively. Man page help from jmc, ok deraadt jmc
 2012-09-06 21:25:37 +10:00
Darren Tucker 00c1518a4d - djm@cvs.openbsd.org 2012/08/17 01:30:00 
[compat.c sshconnect.c]
     Send client banner immediately, rather than waiting for the server to
     move first for SSH protocol 2 connections (the default). Patch based on
     one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
 2012-09-06 21:21:56 +10:00
Darren Tucker f09a8a6c6d - djm@cvs.openbsd.org 2012/08/17 01:25:58 
[ssh-keygen.c]
     print details of which host lines were deleted when using
     "ssh-keygen -R host"; ok markus@
 2012-09-06 21:20:39 +10:00
Darren Tucker ae608bdd83 - djm@cvs.openbsd.org 2012/08/17 01:22:56 
[kex.c]
     add some comments about better handling first-KEX-follows notifications
     from the server. Nothing uses these right now. No binary change
 2012-09-06 21:19:51 +10:00
Darren Tucker 66cb0e0733 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45 
[clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
 2012-09-06 21:19:05 +10:00
Darren Tucker 3ee50c5d9f - jmc@cvs.openbsd.org 2012/08/15 18:25:50 
[ssh-keygen.1]
     a little more info on certificate validity;
     requested by Ross L Richardson, and provided by djm
 2012-09-06 21:18:11 +10:00
Darren Tucker 23e4b80a60 - (dtucker) [moduli] Import new moduli file. 2012-08-30 10:42:47 +10:00
Damien Miller 4eb0a532ef - (djm) Release openssh-6.1 2012-08-29 10:26:20 +10:00
Darren Tucker 318541854f - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN 
for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.
 2012-08-28 19:57:19 +10:00
Damien Miller 39a9d2c933 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Update version numbers
 2012-08-22 21:57:13 +10:00
Damien Miller 38fe66230f - markus@cvs.openbsd.org 2012/07/22 18:19:21 
[version.h]
     openssh 6.1
 2012-07-31 12:23:16 +10:00
Damien Miller 46cb75a258 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 
[servconf.c]
     handle long comments in config files better.  bz#2025, ok markus
 2012-07-31 12:22:37 +10:00
Damien Miller 1cce103b3e fix truncated entry 2012-07-31 12:22:18 +10:00
Damien Miller 5a5c2b9063 - djm@cvs.openbsd.org 2012/07/10 02:19:15 
[servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
 2012-07-31 12:21:34 +10:00
Damien Miller 709a1e90d9 - jmc@cvs.openbsd.org 2012/07/06 06:38:03 
[ssh-keygen.c]
     missing full stop in usage();
 2012-07-31 12:20:43 +10:00
Darren Tucker d809a4bc28 Import regened moduli file. 2012-07-20 10:42:06 +10:00
Damien Miller fff9f095e2 - djm@cvs.openbsd.org 2012/07/06 01:47:38 
[ssh.c]
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@
 2012-07-06 13:45:01 +10:00
Damien Miller ab523b0246 - djm@cvs.openbsd.org 2012/07/06 01:37:21 
[mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
 2012-07-06 13:44:43 +10:00
Damien Miller dfceafe8b1 - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 
[moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@, ok djm@
 2012-07-06 13:44:19 +10:00
Damien Miller 77eab7b024 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no 
unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@
 2012-07-06 11:49:28 +10:00
Damien Miller a0433a7096 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is 
not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@
 2012-07-06 10:27:10 +10:00
Darren Tucker 34f702ae64 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for 
platforms that don't have it.  "looks good" tim@
 2012-07-04 08:50:09 +10:00
Darren Tucker d545a4b974 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not 
setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.
 2012-07-03 22:48:31 +10:00
Darren Tucker 60395f91c6 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with 
setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 2012-07-03 14:31:18 +10:00
Darren Tucker 6ea5dc6bb8 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. 2012-07-03 01:11:28 +10:00
Darren Tucker ec1e15d51a - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] 
Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 2012-07-03 01:06:49 +10:00
Darren Tucker 369ceedce2 - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 
[regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 2012-07-03 00:53:18 +10:00
Darren Tucker 4908d44e67 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 
[ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@
 2012-07-02 22:15:38 +10:00
Darren Tucker 7b30501bf5 - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 
[ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@
 2012-07-02 18:55:09 +10:00
Darren Tucker 3b4b2d3021 - markus@cvs.openbsd.org 2012/06/30 14:35:09 
[sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@; ok djm@, dtucker@
 2012-07-02 18:54:31 +10:00
Darren Tucker ecbf14aa53 - naddy@cvs.openbsd.org 2012/06/29 13:57:25 
[ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@
 2012-07-02 18:53:37 +10:00
Darren Tucker 14a9d2515b - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have 
the required functions in libcrypto.
 2012-06-30 20:05:02 +10:00
Darren Tucker 3886f95d42 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error 2012-06-30 19:47:01 +10:00
Darren Tucker a08c20763a - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 
[regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus
 2012-06-30 15:08:53 +10:00
Darren Tucker 2920bc145c - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 
[regress/connect-privsep.sh]
     test sandbox with every malloc option
 2012-06-30 15:06:28 +10:00
Darren Tucker ff32d7c9d2 - djm@cvs.openbsd.org 2012/06/01 00:52:52 
[regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
 2012-06-30 15:04:13 +10:00