tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,545 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

6047 Commits

Author SHA1 Message Date
Darren Tucker 4a725ef6a5 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@ 2011-11-21 16:38:48 +11:00
Darren Tucker aa3cbd1b5b - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in 
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.
 2011-11-04 11:25:24 +11:00
Darren Tucker be4032ba1e - dtucker@cvs.openbsd.org 011/11/04 00:09:39 
[moduli]
     regenerated moduli file; ok deraadt
 2011-11-04 11:16:06 +11:00
Darren Tucker 9c5d553d58 - djm@cvs.openbsd.org 2011/10/24 02:13:13 
[session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@
 2011-11-04 10:55:24 +11:00
Darren Tucker 2d6665d944 - djm@cvs.openbsd.org 2011/10/24 02:10:46 
[ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@
 2011-11-04 10:54:22 +11:00
Darren Tucker 8a057953d2 - djm@cvs.openbsd.org 2011/10/19 10:39:48 
[umac.c]
     typo in comment; patch from Michael W. Bombardieri
 2011-11-04 10:53:31 +11:00
Darren Tucker 9ee09cfce6 - djm@cvs.openbsd.org 2011/10/19 00:06:10 
[moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
 2011-11-04 10:52:43 +11:00
Darren Tucker e68cf84ac8 - djm@cvs.openbsd.org 2011/10/18 23:37:42 
[ssh-add.c]
     add -k to usage(); reminded by jmc@
 2011-11-04 10:51:51 +11:00
Darren Tucker 45c66d7ad4 - djm@cvs.openbsd.org 2011/10/18 05:15:28 
[ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
 2011-11-04 10:50:40 +11:00
Darren Tucker 9f157abbb6 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file 
fails.  Patch from Corinna Vinschen.
 2011-10-25 09:37:57 +11:00
Damien Miller 8f4279e4ab - djm@cvs.openbsd.org 2011/10/18 05:00:48 
[ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@
 2011-10-18 16:06:33 +11:00
Damien Miller c51a5ab2c6 - djm@cvs.openbsd.org 2011/10/18 04:58:26 
[auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
 2011-10-18 16:06:14 +11:00
Damien Miller 91f3eaec88 - stsp@cvs.openbsd.org 2011/10/16 15:51:39 
[moduli.c]
     add missing includes to unbreak tree; fix from rpointel
 2011-10-18 16:05:55 +11:00
Damien Miller 927d82bc6a - jmc@cvs.openbsd.org 2011/10/16 15:02:41 
[ssh-keygen.c]
     put -K in the right place (usage());
 2011-10-18 16:05:38 +11:00
Damien Miller 390d0561fc - dtucker@cvs.openbsd.org 2011/10/16 11:02:46 
[moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
 2011-10-18 16:05:19 +11:00
Damien Miller d3e6990c4c - djm@cvs.openbsd.org 2011/10/04 14:17:32 
[sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
 2011-10-18 16:04:57 +11:00
Darren Tucker 2e13560ff5 - djm@cvs.openbsd.org 2011/09/30 21:22:49 
[sshd.c]
     fix inverted test that caused logspam; spotted by henning@
 2011-10-02 19:10:13 +11:00
Darren Tucker 95125e5f43 ChangeLog entry for sshd.c rev 1.409 2011-10-02 19:09:07 +11:00
Darren Tucker af1a60ec4f - djm@cvs.openbsd.org 2011/09/25 05:44:47 
[auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
 2011-10-02 18:59:59 +11:00
Darren Tucker 68afb8c5f2 - markus@cvs.openbsd.org 2011/09/23 07:45:05 
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@
 2011-10-02 18:59:03 +11:00
Darren Tucker 1338b9e067 - dtucker@cvs.openbsd.org 2011/09/23 00:22:04 
[channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
 2011-10-02 18:57:35 +11:00
Darren Tucker 036876cd7d - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm 2011-10-01 18:46:12 +10:00
Darren Tucker b54f50e5d0 - (dtucker) [configure.ac openbsd-compat/Makefile.in 
openbsd-compat/strnlen.c] Add strnlen to the compat library.
 2011-09-29 23:17:18 +10:00
Damien Miller 5ffe1c4b43 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch 
from des AT des.no
 2011-09-29 11:11:51 +10:00
Damien Miller d1a74580f8 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion 
of static __findenv() function from upstream setenv.c
 2011-09-23 11:26:34 +10:00
Damien Miller 3e6fe87ef9 - otto@cvs.openbsd.org 2008/12/09 19:38:38 
[openbsd-compat/inet_ntop.c]
     fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
 2011-09-23 11:16:09 +10:00
Damien Miller 64efe9671d - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid 
marker. The upstream API has changed (function and structure names)
   enough to put it out of sync with other providers of this interface.
 2011-09-23 11:13:00 +10:00
Damien Miller 4888671343 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version. 
The file was totally rewritten between what we had in tree and -current.
 2011-09-23 10:56:29 +10:00
Damien Miller 3a359b3228 - millert@cvs.openbsd.org 2008/08/21 16:54:44 
[mktemp.c]
     Remove useless code, the kernel will set errno appropriately if an
     element in the path does not exist.  OK deraadt@ pvalchev@
 2011-09-23 10:47:29 +10:00
Damien Miller dc0e09b41c - deraadt@cvs.openbsd.org 2008/07/22 21:47:45 
[mktemp.c]
     use arc4random_uniform(); ok djm millert
 2011-09-23 10:46:48 +10:00
Damien Miller cd92790fcb - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the 
upstream version is YPified and we don't want this
 2011-09-23 10:44:03 +10:00
Damien Miller 834e820317 - tobias@cvs.openbsd.org 2007/10/21 11:09:30 
[mktemp.c]
     Comment fix about time consumption of _gettemp.
     FreeBSD did this in revision 1.20.
     OK deraadt@, krw@
 2011-09-23 10:42:02 +10:00
Damien Miller acdf3fbdba - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no 
longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
   want this longhand version)
 2011-09-23 10:40:50 +10:00
Damien Miller add1e20802 - millert@cvs.openbsd.org 2006/05/05 15:27:38 
[strlcpy.c]
     Convert do {} while loop -> while {} for clarity.  No binary change
     on most architectures.  From Oliver Smith.  OK deraadt@ and henning@
 2011-09-23 10:38:01 +10:00
Damien Miller d7be70d052 - djm@cvs.openbsd.org 2011/09/22 06:29:03 
[sftp.c]
     don't let remote_glob() implicitly sort its results in do_globbed_ls() -
     in all likelihood, they will be resorted anyway
 2011-09-22 21:43:06 +10:00
Damien Miller 57c38ac7d5 - markus@cvs.openbsd.org 2011/09/12 08:46:15 
[sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
 2011-09-22 21:42:45 +10:00
Damien Miller 3decdba425 - markus@cvs.openbsd.org 2011/09/11 16:07:26 
[sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
 2011-09-22 21:41:05 +10:00
Damien Miller 1bcbd0a9de - okan@cvs.openbsd.org 2011/09/11 06:59:05 
[ssh.1]
     document new -O cancel command; ok djm@
 2011-09-22 21:40:45 +10:00
Damien Miller ff773644e6 - markus@cvs.openbsd.org 2011/09/10 22:26:34 
[channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@
 2011-09-22 21:39:48 +10:00
Damien Miller f6dff7cd2f - djm@cvs.openbsd.org 2011/09/09 22:46:44 
[channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
     the cancellation of the specified forwardings; ok markus@
 2011-09-22 21:38:52 +10:00
Damien Miller 9ee2c606c1 - djm@cvs.openbsd.org 2011/09/09 22:38:21 
[sshd.c]
     kill the preauth privsep child on fatal errors in the monitor;
     ok markus@
 2011-09-22 21:38:30 +10:00
Damien Miller 0603d98b4e - djm@cvs.openbsd.org 2011/09/09 22:37:01 
[scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
 2011-09-22 21:38:00 +10:00
Damien Miller 4cb855b070 - djm@cvs.openbsd.org 2011/09/09 00:44:07 
[PROTOCOL.mux]
     MUX_C_CLOSE_FWD includes forward type in message (though it isn't
     implemented anyway)
 2011-09-22 21:37:38 +10:00
Damien Miller f6e758cdba - djm@cvs.openbsd.org 2011/09/09 00:43:00 
[ssh_config.5 sshd_config.5]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
 2011-09-22 21:37:13 +10:00
Damien Miller 6232a16a9a - deraadt@cvs.openbsd.org 2011/09/07 02:18:31 
[ssh-keygen.1]
     typo (they vs the) found by Lawrence Teo
 2011-09-22 21:36:00 +10:00
Damien Miller e029673f1f - jmc@cvs.openbsd.org 2011/09/05 07:01:44 
[scp.1]
     knock out a useless Ns;
 2011-09-22 21:34:56 +10:00
Damien Miller 2918e030fc - djm@cvs.openbsd.org 2011/09/05 05:59:08 
[misc.c]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
 2011-09-22 21:34:35 +10:00
Damien Miller e577772a89 - djm@cvs.openbsd.org 2011/09/05 05:56:13 
[scp.1 sftp.1]
     mention ControlPersist and KbdInteractiveAuthentication in the -o
     verbiage in these pages too (prompted by jmc@)
 2011-09-22 21:34:15 +10:00
Damien Miller efad727517 - djm@cvs.openbsd.org 2011/08/26 01:45:15 
[ssh.1]
     Add some missing ssh_config(5) options that can be used in ssh(1)'s
     -o argument. Patch from duclare AT guu.fi
 2011-09-22 21:33:53 +10:00
Damien Miller e128a50e35 - djm@cvs.openbsd.org 2011/09/22 06:27:29 
[glob.c]
     fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
     applied only to the gl_pathv vector and not the corresponding gl_statv
     array. reported in OpenSSH bz#1935; feedback and okay matthew@
 2011-09-22 21:22:21 +10:00
Damien Miller c4bf7dde92 - stsp@cvs.openbsd.org 2011/09/20 10:18:46 
[glob.c]
     In glob(3), limit recursion during matching attempts. Similar to
     fnmatch fix. Also collapse consecutive '*' (from NetBSD).
     ok miod deraadt
 2011-09-22 21:21:48 +10:00
Damien Miller e01a627047 - pyr@cvs.openbsd.org 2011/05/12 07:15:10 
[openbsd-compat/glob.c]
     When the max number of items for a directory has reached GLOB_LIMIT_READDIR
     an error is returned but closedir() is not called.
     spotted and fix provided by Frank Denis obsd-tech@pureftpd.org
     ok otto@, millert@
 2011-09-22 21:20:21 +10:00
Darren Tucker e8a82c5faf - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng. From 
Colin Watson.
 2011-09-09 11:29:40 +10:00
Damien Miller 022ee24197 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon 2011-09-07 09:15:02 +10:00
Damien Miller fb9d8173f0 - (djm) [README version.h] Correct version 2011-09-07 09:11:53 +10:00
Damien Miller 8e4a71e952 - (djm) Release OpenSSH-5.9 2011-09-05 15:39:20 +10:00
Damien Miller 86dcd3e45a - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Update version numbers.
 2011-09-05 10:29:04 +10:00
Darren Tucker 0dd24e02ec - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations 
ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen support.
 2011-09-04 19:59:26 +10:00
Damien Miller 6efd94f32e - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal 
regress errors for the sandbox to warnings. ok tim dtucker
 2011-09-04 19:04:16 +10:00
Damien Miller 58ac11a2bd - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting 
to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@
 2011-08-29 16:09:52 +10:00
Darren Tucker 4438354870 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey. 2011-08-28 04:50:16 +10:00
Tim Rice a6e60616be - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze 2011-08-17 21:48:22 -07:00
Damien Miller 2df1bec086 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2 
MAC tests for platforms that hack EVP_SHA2 support
 2011-08-17 12:25:46 +10:00
Damien Miller 062fa30532 - djm@cvs.openbsd.org 2011/08/02 01:23:41 
[regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
 2011-08-17 12:10:02 +10:00
Damien Miller faf4d80420 - markus@cvs.openbsd.org 2011/06/30 22:44:43 
[connect-privsep.sh]
     test with sandbox enabled; ok djm@
 2011-08-17 12:09:19 +10:00
Damien Miller 9231c8bde4 - dtucker@cvs.openbsd.org 2011/06/03 05:35:10 
[regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
 2011-08-17 12:08:15 +10:00
Damien Miller 44a6c9340a - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by 
bisson AT archlinux.org
 2011-08-17 12:01:44 +10:00
Damien Miller 1a91c0f163 - (djm) [configure.ac] error out if the host lacks the necessary bits for 
an explicitly requested sandbox type
 2011-08-17 11:59:25 +10:00
Damien Miller 9c08312968 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h] 
binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
 2011-08-17 11:31:07 +10:00
Tim Rice a1226828ad - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for 
OpenSSL 0.9.7. ok djm
 2011-08-16 17:29:01 -07:00
Damien Miller d1eb1dd5ed - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the 
identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@
 2011-08-12 11:22:47 +10:00
Damien Miller 2db9977c06 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init] 
[contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov
 2011-08-12 11:02:35 +10:00
Darren Tucker 4d47ec9c89 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context 
change error by reporting old and new context names  Patch from
   jchadima at redhat.
 2011-08-12 10:12:53 +10:00
Darren Tucker ddccfb4b98 - dtucker@cvs.openbsd.org 2011/08/07 12:55:30 
[sftp.1]
     typo, fix from Laurent Gautrot
 2011-08-07 23:12:26 +10:00
Darren Tucker 91e6b57729 - jmc@cvs.openbsd.org 2010/10/14 20:41:28 
[moduli.5]
     probabalistic -> probabilistic; from naddy
 2011-08-07 23:10:56 +10:00
Darren Tucker f279474f1b - sobrado@cvs.openbsd.org 2009/10/28 08:56:54 
[moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@
 2011-08-07 23:10:11 +10:00
Darren Tucker 578451ddda - (dtucker) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
 2011-08-07 23:09:20 +10:00
Damien Miller 765f8c4eff - djm@cvs.openbsd.org 2011/08/02 23:15:03 
[ssh.c]
     typo in comment
 2011-08-06 06:18:16 +10:00
Damien Miller c471860d25 - djm@cvs.openbsd.org 2011/08/02 23:13:01 
[version.h]
     crank now, release later
 2011-08-06 06:17:48 +10:00
Damien Miller 20bd4535c0 - djm@cvs.openbsd.org 2011/08/02 01:22:11 
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@
 2011-08-06 06:17:30 +10:00
Damien Miller adb467fb69 - markus@cvs.openbsd.org 2011/08/01 19:18:15 
[gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@, deraadt@
 2011-08-06 06:16:46 +10:00
Damien Miller 35e48198a8 - djm@cvs.openbsd.org 2011/07/29 14:42:45 
[sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@
 2011-08-06 06:16:23 +10:00
Damien Miller 6ea5e44871 - tedu@cvs.openbsd.org 2011/07/06 18:09:21 
[authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
 2011-08-06 06:16:00 +10:00
Damien Miller 7741ce8bd2 - djm@cvs.openbsd.org 2011/06/23 23:35:42 
[monitor.c]
     ignore EINTR errors from poll()
 2011-08-06 06:15:15 +10:00
Damien Miller cd5e52ee78 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for 
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@
 2011-06-27 07:18:18 +10:00
Damien Miller dcbd41e7af - djm@cvs.openbsd.org 2011/06/23 09:34:13 
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
 2011-06-23 19:45:51 +10:00
Damien Miller 80b62e3738 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support 
setrlimit(2)
 2011-06-23 19:03:18 +10:00
Damien Miller 6d7b4377dd - djm@cvs.openbsd.org 2011/06/22 22:08:42 
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@
 2011-06-23 08:31:57 +10:00
Damien Miller 69ff1df952 - djm@cvs.openbsd.org 2011/06/22 21:57:01 
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c]
     [sandbox-systrace.c sandbox.h configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).

     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.

     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.

     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.

     feedback dtucker@; ok markus@
 2011-06-23 08:30:03 +10:00
Damien Miller 82c558761d - OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
 2011-06-23 08:20:30 +10:00
Damien Miller 4ac99c366c - djm@cvs.openbsd.org 2011/06/17 21:57:25 
[clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com
 2011-06-20 14:43:31 +10:00
Damien Miller 33322127ec - djm@cvs.openbsd.org 2011/06/17 21:47:35 
[servconf.c]
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@
 2011-06-20 14:43:11 +10:00
Damien Miller f145a5be1c - djm@cvs.openbsd.org 2011/06/17 21:46:16 
[sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
 2011-06-20 14:42:51 +10:00
Damien Miller 8f0bf237d4 - djm@cvs.openbsd.org 2011/06/17 21:44:31 
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
 2011-06-20 14:42:23 +10:00
Damien Miller e7ac2bd42a - markus@cvs.openbsd.org 2011/06/14 22:49:18 
[authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@; ok djm@
 2011-06-20 14:23:25 +10:00
Damien Miller 6029e076b2 - djm@cvs.openbsd.org 2011/06/04 00:10:26 
[ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
 2011-06-20 14:22:49 +10:00
Tim Rice bc481570d1 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix. 2011-06-02 22:26:19 -07:00
Darren Tucker bf4d05a37c - dtucker@cvs.openbsd.org 2011/06/03 00:29:52 
[regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
 2011-06-03 14:19:02 +10:00
Darren Tucker 75e035c34e - dtucker@cvs.openbsd.org 2011/05/31 02:03:34 
[regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
 2011-06-03 14:18:17 +10:00
Darren Tucker 260c8fbc4d - dtucker@cvs.openbsd.org 2011/05/31 02:01:58 
[regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
 2011-06-03 14:17:27 +10:00