tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,371 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

4898 Commits

Author SHA1 Message Date
Damien Miller 5f5cd746f3 - markus@cvs.openbsd.org 2008/04/02 15:36:51 
[channels.c]
     avoid possible hijacking of x11-forwarded connections (back out 1.183)
     CVE-2008-1483; ok djm@
 2008-04-03 08:43:57 +11:00
Damien Miller 0abb232428 - (djm) Release 4.9p1 2008-03-27 17:53:09 +11:00
Damien Miller 949fb9033c - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Crank version numbers in RPM spec files
 2008-03-27 17:43:45 +11:00
Damien Miller 59682b5961 - (djm) [README] Update link to release notes 2008-03-27 17:43:34 +11:00
Damien Miller 9c8a427453 - (djm) [regress/Makefile] cleanup PuTTY interop test droppings 2008-03-27 17:42:06 +11:00
Damien Miller 5b1c8b3103 - (djm) [configure.ac] --with-selinux too 2008-03-27 12:33:07 +11:00
Damien Miller da3155e159 - (djm) [configure.ac] fix alignment of --without-stackprotect description 2008-03-27 12:30:18 +11:00
Damien Miller 6f1c462ca3 - djm@cvs.openbsd.org 2008/03/24 21:46:54 
[regress/sftp-badcmds.sh]
     disable no-replace rename test now that we prefer a POSIX rename; spotted
     by dkrause@
 2008-03-27 11:26:56 +11:00
Damien Miller 2ff24f66bf - djm@cvs.openbsd.org 2008/03/27 00:16:49 
[version.h]
     openssh-4.9
 2008-03-27 11:18:13 +11:00
Damien Miller 95e80955f2 - djm@cvs.openbsd.org 2008/03/26 21:28:14 
[auth-options.c auth-options.h session.c sshd.8]
     add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
 2008-03-27 11:03:05 +11:00
Damien Miller 55360e1ceb - djm@cvs.openbsd.org 2008/03/25 23:01:41 
[session.c]
     last patch had backwards test; spotted by termim AT gmail.com
 2008-03-27 11:02:27 +11:00
Damien Miller a1b48ccf2d - djm@cvs.openbsd.org 2008/03/25 11:58:02 
[session.c sshd_config.5]
     ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
     from dtucker@ ok deraadt@ djm@
 2008-03-27 11:02:02 +11:00
Damien Miller e241e85ad3 - deraadt@cvs.openbsd.org 2008/03/24 16:11:07 
[monitor_fdpass.c]
     msg_controllen has to be CMSG_SPACE so that the kernel can account for
     each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len).  This
     works now that kernel fd passing has been fixed to accept a bit of
     sloppiness because of this ABI repair.
     lots of discussion with kettenis
 2008-03-27 11:01:15 +11:00
Damien Miller 7a3e1d0bc9 - djm@cvs.openbsd.org 2008/03/23 12:54:01 
[sftp-client.c]
     prefer POSIX-style file renaming over filexfer rename behaviour if the
     server supports the posix-rename@openssh.com extension.
     Note that the old (filexfer) behaviour would refuse to clobber an
     existing file. Users who depended on this should adjust their sftp(1)
     usage.
     ok deraadt@ markus@
 2008-03-27 10:59:57 +11:00
Damien Miller be71e2d972 - deraadt@cvs.openbsd.org 2008/03/15 16:19:02 
[monitor_fdpass.c]
     Repair the simple cases for msg_controllen where it should just be
     CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
     of alignment; ok kettenis hshoexer
 2008-03-27 10:54:44 +11:00
Damien Miller f92e063872 - deraadt@cvs.openbsd.org 2008/03/13 01:49:53 
[monitor_fdpass.c]
     Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
     an extensive discussion with otto, kettenis, millert, and hshoexer
 2008-03-27 10:53:23 +11:00
Damien Miller 5447eb2454 - jmc@cvs.openbsd.org 2008/02/11 07:58:28 
[ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
 2008-03-27 10:50:21 +11:00
Damien Miller bc98185cde - (djm) Fix RCS ident in sftp-server-main.c 2008-03-27 10:45:49 +11:00
Darren Tucker b8eb586412 - (dtucker) Cache selinux status earlier so we know if it's enabled after a 
chroot.  Allows ChrootDirectory to work with selinux support compiled in
   but not enabled.  Using it with selinux enabled will require some selinux
   support inside the chroot.  "looks sane" djm@
 2008-03-27 07:27:20 +11:00
Damien Miller a193900674 - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing 
crashes when used with ChrootDirectory
 2008-03-15 17:27:58 +11:00
Damien Miller 8f8b156acc - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are 
empty; report and patch from Peter Stuge
 - (djm) [regress/test-exec.sh] Silence noise from detection of putty
   commands; report from Peter Stuge
 2008-03-15 09:25:54 +11:00
Tim Rice 02db85bdcb - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at 
nas.nasa.gov
 2008-03-14 11:02:51 -07:00
Tim Rice 5143043409 - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by 
vinschen at redhat.com. Add () to put echo commands in subshell for lls test
   I mistakenly left out of last commit.
 2008-03-14 10:39:17 -07:00
Tim Rice 817d7efb57 forgot to add vinschen at redhat.com on last commit 2008-03-13 18:37:05 -07:00
Tim Rice dce65cfb3c - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes 
from imorgan at nas.nasa.gov
 2008-03-13 18:21:06 -07:00
Tim Rice 3eb144911c - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch 
by vinschen at redhat.com.
 2008-03-13 17:59:50 -07:00
Damien Miller c2cefb0fe9 - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and 
puttygen(1) by $PATH
 2008-03-13 12:41:31 +11:00
Damien Miller 6642996134 - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to 
self: make changes to Makefile.in next time, not the generated Makefile).
 2008-03-13 12:05:40 +11:00
Damien Miller af78493bba - djm@cvs.openbsd.org 2007/12/21 04:13:53 
[regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
     [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
     basic (crypto, kex and transfer) interop regression tests against putty
     To run these, install putty and run "make interop-tests" from the build
     directory - the tests aren't run by default yet.
 2008-03-13 00:17:00 +11:00
Damien Miller 4cd5fbab4d - djm@cvs.openbsd.org 2007/12/12 05:04:03 
[regress/sftp-cmds.sh]
     unbreak lls command and add a regress test that would have caught the
     breakage; spotted by mouring@
     NB. sftp code change already committed.
 2008-03-12 23:59:43 +11:00
Damien Miller d666d8e5d4 - jmc@cvs.openbsd.org 2007/11/25 15:35:09 
[regress/agent-getpeereid.sh regress/agent.sh]
     more existant -> existent, from Martynas Venckus;
     pfctl changes: ok henning
     ssh changes: ok deraadt
 2008-03-12 23:58:55 +11:00
Damien Miller a5e584274d - dtucker@cvs.openbsd.org 2007/10/29 06:57:13 
[regress/Makefile regress/localcommand.sh]
     Add simple regress test for LocalCommand; ok djm@
 2008-03-12 23:58:05 +11:00
Darren Tucker 1e42689ad5 fix log date 2008-03-11 23:01:44 +11:00
Darren Tucker 52358d6df3 - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move 
pam_open_session and pam_close_session into the privsep monitor, which
   will ensure that pam_session_close is called as root.  Patch from Tomas
   Mraz.
 2008-03-11 22:58:25 +11:00
Darren Tucker fe1cf97ee8 - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch 
platforms where gcc understands the option but it's not supported (and
   thus generates a warning).
 2008-03-09 22:50:50 +11:00
Darren Tucker 7643e3397d - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's 
equivalent of LLONG_MAX for the compat regression tests, which makes them
   run on AIX and HP-UX.  Patch from David Leonard.
 2008-03-09 17:10:09 +11:00
Darren Tucker 16ba6a8ea2 - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups 
implementation.  It's not needed to fix bug #1081 and breaks the build
   on some AIX configurations.
 2008-03-09 16:36:55 +11:00
Darren Tucker b7918afddf - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't 
always work for all platforms and versions, so test what we can and
   add a configure flag to turn it of if needed.  ok djm@
 2008-03-09 11:34:23 +11:00
Tim Rice 68d293859e - (tim) [regress/sftp-glob.sh] Shell portability fix. 2008-03-07 19:00:33 -08:00
Damien Miller a79bb8ec5e - deraadt@cvs.openbsd.org 2008/03/04 21:15:42 
[version.h]
     crank version; from djm
 2008-03-07 18:35:47 +11:00
Damien Miller c0c53c3114 - deraadt@cvs.openbsd.org 2008/03/02 18:19:35 
[monitor_fdpass.c]
     use a union to ensure alignment of the cmsg (pay attention: various other
     parts of the tree need this treatment too); ok djm
 2008-03-07 18:35:26 +11:00
Damien Miller 7c29661471 - djm@cvs.openbsd.org 2008/02/27 20:21:15 
[sftp-server.c]
     add an extension method "posix-rename@openssh.com" to perform POSIX atomic
     rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
     ok dtucker@ markus@
 2008-03-07 18:33:53 +11:00
Damien Miller 58226f6068 - dtucker@cvs.openbsd.org 2008/02/22 20:44:02 
[clientloop.c packet.c packet.h serverloop.c]
     Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
     keepalive timer (bz #1307).  ok markus@
 2008-03-07 18:33:30 +11:00
Damien Miller 7cb2b56b1c - djm@cvs.openbsd.org 2008/02/22 05:58:56 
[session.c]
     closefrom() call was too early, delay it until just before we execute
     the user's rc files (if any).
 2008-03-07 18:33:12 +11:00
Damien Miller 767087b8ec - markus@cvs.openbsd.org 2008/02/20 15:25:26 
[session.c]
     correct boolean encoding for coredump; der Mouse via dugsong
 2008-03-07 18:32:42 +11:00
Damien Miller 2ee0c43f98 - mbalmer@cvs.openbsd.org 2008/02/14 13:10:31 
[sshd.c]
     When started in configuration test mode (-t) do not check that sshd is
     being started with an absolute path.
     ok djm
 2008-03-07 18:31:47 +11:00
Damien Miller 76e95daad1 - djm@cvs.openbsd.org 2008/02/13 22:38:17 
[servconf.h session.c sshd.c]
     rekey arc4random and OpenSSL RNG in postauth child
     closefrom fds > 2 before shell/command execution
     ok markus@
 2008-03-07 18:31:24 +11:00
Damien Miller 757a38a43b - jmc@cvs.openbsd.org 2008/02/11 07:58:28 
[ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
 2008-03-07 18:27:58 +11:00
Darren Tucker 54e859f63d - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect 
either, so use our own.
 2008-03-02 21:52:27 +11:00
Damien Miller baf7c3d33a - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From 
Debian patch via bernd AT openbsd.org
 2008-02-29 22:53:40 +11:00