tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,593 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

7593 Commits

Author SHA1 Message Date
Damien Miller 005a64da0f - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL 2014-08-21 10:48:41 +10:00
Damien Miller aa6598ebb3 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. 2014-08-21 10:47:54 +10:00
Damien Miller 54703e3cf6 - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna 2014-08-20 11:10:51 +10:00
Damien Miller f0935698f0 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC 2014-08-20 11:06:50 +10:00
Damien Miller c5089ecaec - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than 
-L/-l; fixes linking problems on some platforms
 2014-08-20 11:06:20 +10:00
Damien Miller 2195847e50 - (djm) [configure.ac] Check OpenSSL version is supported at configure time; 
suggested by Kevin Brott
 2014-08-20 11:05:03 +10:00
Damien Miller a75aca1bbc - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] 
[contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
   of TCP wrappers.
 2014-08-19 11:36:07 +10:00
Damien Miller 3f022b5a94 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG 2014-08-19 11:32:34 +10:00
Damien Miller 8813790263 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. 2014-08-19 11:28:11 +10:00
Damien Miller 2f3d1e7fb2 - (djm) [myproposal.h] Make curve25519 KEX dependent on 
HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
 2014-08-19 11:14:36 +10:00
Damien Miller d4e7d59d01 - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen 2014-08-19 11:14:17 +10:00
Damien Miller 9eaeea2cf2 - (djm) [README contrib/caldera/openssh.spec] 
[contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
 2014-08-10 11:35:05 +10:00
Damien Miller f8988fbef0 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate 
nc from stdin, it's more portable
 2014-08-01 13:31:52 +10:00
Damien Miller 5b3879fd4b - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin 
is closed; avoid regress failures when stdin is /dev/null
 2014-08-01 12:28:31 +10:00
Damien Miller a9c46746d2 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need 
a better solution, but this will have to do for now.
 2014-08-01 12:26:49 +10:00
Damien Miller 426117b2e9 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 
[sftp-server.8 sshd_config.5]
     some systems no longer need /dev/log;
     issue noticed by jirib;
     ok deraadt
 2014-07-30 12:33:20 +10:00
Damien Miller f497794b69 - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 
[ssh-agent.c]
     Clear buffer used for handling messages.  This prevents keys being
     left in memory after they have been expired or deleted in some cases
     (but note that ssh-agent is setgid so you would still need root to
     access them).  Pointed out by Kevin Burns, ok deraadt
 2014-07-30 12:32:46 +10:00
Damien Miller a8a0f65c57 - OpenBSD CVS Sync 
- millert@cvs.openbsd.org 2014/07/24 22:57:10
     [ssh.1]
     Mention UNIX-domain socket forwarding too.  OK jmc@ deraadt@
 2014-07-30 12:32:28 +10:00
Damien Miller 56b840f2b8 - (djm) [regress/multiplex.sh] restore incorrectly deleted line; 
pointed out by Christian Hesse
 2014-07-25 08:11:30 +10:00
Darren Tucker dd417b60d5 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 
[regress/unittests/sshkey/testdata/*]
     Regenerate test keys with certs signed with ed25519 instead of ecdsa.
     These can be used in -portable on platforms that don't support ECDSA.
 2014-07-23 10:41:21 +10:00
Darren Tucker 40e5021189 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 
[regress/unittests/sshkey/mktestdata.sh]
     Add $OpenBSD tag to make syncs easier
 2014-07-23 10:35:45 +10:00
Darren Tucker 07e644251e - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 
[regress/unittests/sshkey/mktestdata.sh]
     Sign test certs with ed25519 instead of ecdsa so that they'll work in
     -portable on platforms that don't have ECDSA in their OpenSSL.  ok djm
 2014-07-23 10:34:26 +10:00
Darren Tucker cea099a7c4 - djm@cvs.openbsd.org 2014/07/22 01:32:12 
[regress/multiplex.sh]
     change the test for still-open Unix domain sockets to be robust against
     nc implementations that produce error messages. from -portable
     (Id sync only)
 2014-07-23 10:04:02 +10:00
Darren Tucker 31eb78078d - guenther@cvs.openbsd.org 2014/07/22 07:13:42 
[umac.c]
     Convert from <sys/endian.h> to the shiney new <endian.h>
     ok dtucker@, who also confirmed that -portable handles this already
     (ID sync only, includes.h pulls in endian.h if available.)
 2014-07-23 09:43:42 +10:00
Darren Tucker 820763efef - dtucker@cvs.openbsd.org 2014/07/22 01:18:50 
[key.c]
     Prevent spam from key_load_private_pem during hostbased auth.  ok djm@
 2014-07-23 09:40:46 +10:00
Darren Tucker c4ee219a66 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa- 
specific tests inside OPENSSL_HAS_ECC.
 2014-07-23 04:27:50 +10:00
Damien Miller 04f4824940 - (djm) [regress/multiplex.sh] change the test for still-open Unix 
domain sockets to be robust against nc implementations that produce
    error messages.
 2014-07-22 11:31:47 +10:00
Damien Miller 5ea4fe00d5 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow; 
put it back
 2014-07-22 09:39:19 +10:00
Darren Tucker 948a1774a7 - (dtucker) [sshkey.c] ifdef out unused variable when compiling without 
OPENSSL_HAS_ECC.
 2014-07-22 01:07:11 +10:00
Damien Miller c8f610f6cc - (djm) [regress/multiplex.sh] Not all netcat accept the -N option. 2014-07-21 10:23:27 +10:00
Damien Miller 0e4e95566c - millert@cvs.openbsd.org 2014/07/15 15:54:15 
[forwarding.sh multiplex.sh]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
 2014-07-21 09:52:54 +10:00
Darren Tucker 93a87ab27e - (dtucker) [regress/unittests/sshkey/ 
{common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
   ifdefs.
 2014-07-21 06:30:25 +10:00
Darren Tucker 5573171352 - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits 
needed to build AES CTR mode against OpenSSL 0.9.8f and above.  ok djm
 2014-07-21 02:24:59 +10:00
Tim Rice 74e2868271 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used 
in servconf.h.
 2014-07-18 20:00:11 -07:00
Darren Tucker d1a0421f8e - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC. 2014-07-19 07:23:55 +10:00
Darren Tucker f0fe9ea1be - (dtucker) [Makefile.in] Add a t-exec target to run just the executable 
tests.
 2014-07-19 06:33:12 +10:00
Darren Tucker 450bc1180d - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used 
in servconf.h.
 2014-07-19 06:23:18 +10:00
Damien Miller ab2ec586ba - djm@cvs.openbsd.org 2014/07/18 02:46:01 
[ssh-agent.c]
     restore umask around listener socket creation (dropped in streamlocal patch
     merge)
 2014-07-18 15:04:47 +10:00
Damien Miller 357610d159 - djm@cvs.openbsd.org 2014/07/17 07:22:19 
[mux.c ssh.c]
     reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
     previously we were always returning 0. bz#2255 reported by Brendan
     Germain; ok dtucker
 2014-07-18 15:04:10 +10:00
Damien Miller dad9a4a0b7 - djm@cvs.openbsd.org 2014/07/17 00:12:03 
[key.c]
     silence "incorrect passphrase" error spam; reported and ok dtucker@
 2014-07-18 15:03:49 +10:00
Damien Miller f42f7684ec - djm@cvs.openbsd.org 2014/07/17 00:10:18 
[mux.c]
     preserve errno across syscall
 2014-07-18 15:03:27 +10:00
Damien Miller 1b83320628 - djm@cvs.openbsd.org 2014/07/17 00:10:56 
[sandbox-systrace.c]
     ifdef SYS_sendsyslog so this will compile without patching on -stable
 2014-07-18 15:03:02 +10:00
Damien Miller 6d57656331 - jmc@cvs.openbsd.org 2014/07/16 14:48:57 
[ssh.1]
     add the streamlocal* options to ssh's -o list; millert says they're
     irrelevant for scp/sftp;

     ok markus millert
 2014-07-18 15:02:06 +10:00
Damien Miller 7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14 
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
 2014-07-18 14:11:24 +10:00
Damien Miller 6262d760e0 - tedu@cvs.openbsd.org 2014/07/11 13:54:34 
[myproposal.h]
     by popular demand, add back hamc-sha1 to server proposal for better compat
     with many clients still in use. ok deraadt
 2014-07-17 09:52:07 +10:00
Damien Miller 9d69d937b4 - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 
[sandbox-systrace.c]
     Permit use of SYS_sendsyslog from inside the sandbox.  Clock is ticking,
     update your kernels and sshd soon.. libc will start using sendsyslog()
     in about 4 days.
 2014-07-17 09:49:37 +10:00
Damien Miller f6293a0b41 - (djm) [digest-openssl.c] Preserve array order when disabling digests. 
Reported by Petr Lautrbach.
 2014-07-17 09:01:25 +10:00
Damien Miller 00f9cd2307 - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto 
has been located; fixes builds agains libressl-portable
 2014-07-15 10:41:38 +10:00
Damien Miller 1d0df3249c - OpenBSD CVS Sync 
- benno@cvs.openbsd.org 2014/07/09 14:15:56
     [ssh-add.c]
     fix ssh-add crash while loading more than one key
     ok markus@
 2014-07-11 09:19:04 +10:00
Damien Miller 7a57eb3d10 - djm@cvs.openbsd.org 2014/07/07 08:15:26 
[multiplex.sh]
     remove forced-fatal that I stuck in there to test the new cleanup
     logic and forgot to remove...
 2014-07-09 13:22:31 +10:00