openssh-portable

Commit Graph

Author	SHA1	Message	Date
Darren Tucker	5965ae13e0	- (dtucker) [monitor.c] Correctly handle auditing of single commands when using Protocol 1. From jhb at freebsd.	2006-09-17 12:00:13 +10:00
Darren Tucker	54e1b2291c	- (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth process so that any logging it does is with the right timezone. From Scott Strickler, ok djm@.	2006-09-17 11:57:46 +10:00
Damien Miller	dd1f9b307e	- (djm) Add openssh.xml to .cvsignore and sort it	2006-09-17 08:05:03 +10:00
Damien Miller	3c9c1fbd21	- djm@cvs.openbsd.org 2006/09/16 19:53:37 [deattack.c deattack.h packet.c] limit maximum work performed by the CRC compensation attack detector, problem reported by Tavis Ormandy, Google Security Team; ok markus@ deraadt@	2006-09-17 06:08:53 +10:00
Damien Miller	223897a01a	- (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in] Support SMF in Solaris Packages if enabled by configure. Patch from Chad Mynhier, tested by dtucker@	2006-09-12 21:54:10 +10:00
Darren Tucker	5d8a9acef0	- (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. Noted by Pekka Savola.	2006-09-11 20:46:13 +10:00
Darren Tucker	57b2920ad8	- (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.	2006-09-10 20:25:51 +10:00
Darren Tucker	f376669328	- (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.	2006-09-10 13:24:18 +10:00
Darren Tucker	733a292c11	- (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@	2006-09-09 20:41:25 +10:00
Darren Tucker	19a66dbf4f	- (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.	2006-09-09 20:34:15 +10:00
Darren Tucker	08432d54fa	- (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.	2006-09-09 15:59:43 +10:00
Darren Tucker	6d0d6fbfdf	- (dtucker) [configure.ac] The BSM header test needs time.h in some cases.	2006-09-09 01:05:21 +10:00
Darren Tucker	17da530d60	- (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch from Chris Adams.	2006-09-08 09:54:41 +10:00
Darren Tucker	89f59cea1c	- (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better chance of winning.	2006-09-08 00:03:05 +10:00
Darren Tucker	f19bbc3883	- (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.	2006-09-07 22:57:53 +10:00
Tim Rice	b8f00193d8	- (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6	2006-09-06 18:11:29 -07:00
Damien Miller	6433df036e	- (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can be used to drop privilege to; fixes Solaris GSSAPI crash reported by Magnus Abrante; suggestion and feedback dtucker@ NB. this change will require that the privilege separation user must exist on all the time, not just when UsePrivilegeSeparation=yes	2006-09-07 10:36:43 +10:00
Darren Tucker	6e1033318c	- (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.	2006-09-05 19:25:19 +10:00
Darren Tucker	e1fe09968d	- (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.	2006-09-05 07:53:38 +10:00
Darren Tucker	3e0891093a	- (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius, ok djm@	2006-09-04 22:37:41 +10:00
Darren Tucker	ed0b59218e	- (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for declaration of writev(2) and declare it ourselves if necessary. Makes the atomiciov() calls build on really old systems. ok djm@	2006-09-03 22:44:49 +10:00
Darren Tucker	46aa3e0ce1	- (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> for hton* and ntoh* macros. Required on (at least) HP-UX since we define _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.	2006-09-02 15:32:40 +10:00
Darren Tucker	25fa0ee693	- (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.	2006-09-02 12:38:56 +10:00
Darren Tucker	9fdeb66f67	- (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] Crank versions.	2006-09-01 21:32:53 +10:00
Darren Tucker	096faecdea	- (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly test for GLOB_NOMATCH and use our glob functions if it's not found. Stops sftp from segfaulting when attempting to get a nonexistent file on Cygwin (previous versions of OpenSSH didn't use the native glob). Partly from and tested by Corinna Vinschen.	2006-09-01 20:29:10 +10:00
Darren Tucker	0646ca6be8	- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration warnings for binary_open and binary_close. Patch from Corinna Vinschen.	2006-09-01 19:29:01 +10:00
Damien Miller	607aede26c	- (djm) [includes.h monitor.c openbsd-compat/bindresvport.c] [openbsd-compat/rresvport.c] Some more headers: netinet/in.h sys/socket.h and unistd.h in various places	2006-09-01 15:48:19 +10:00
Damien Miller	ded319cca2	- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c rc4.diff] [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] [openbsd-compat/port-uw.c] Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; compile problems reported by rac AT tenzing.org	2006-09-01 15:38:36 +10:00
Darren Tucker	288cbbd59e	- (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege while setting up the ssh service account. Patch from Corinna Vinschen.	2006-08-31 11:28:49 +10:00
Damien Miller	1b06dc30ad	- (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ] [platform.c platform.h sshd.c openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c] [openbsd-compat/port-solaris.h] Add support for Solaris process contracts, enabled with --use-solaris-contracts. Patch from Chad Mynhier, tweaked by dtucker@ and myself; ok dtucker@	2006-08-31 03:24:41 +10:00
Darren Tucker	26d4e19caa	- (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207 : always call loginsuccess on AIX immediately after authentication to clear the failed login count. Previously this would only happen when an interactive session starts (ie when a pty is allocated) but this means that accounts that have primarily non-interactive sessions (eg scp's) may gradually accumulate enough failures to lock out an account. This change may have a side effect of creating two audit records, one with a tty of "ssh" corresponding to the authentication and one with the allocated pty per interactive session.	2006-08-30 22:33:09 +10:00
Damien Miller	8ff1da81ec	- (djm) [openbsd-compat/xcrypt.c] needs unistd.h	2006-08-30 17:52:03 +10:00
Damien Miller	6ba5740941	- djm@cvs.openbsd.org 2006/08/30 00:14:37 [version.h] crank to 4.4	2006-08-30 11:09:01 +10:00
Damien Miller	2125887a94	- dtucker@cvs.openbsd.org 2006/08/30 00:06:51 [sshconnect2.c] Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL where previously it weren't. bz #1221, found by Dean Kopesky, ok djm@	2006-08-30 11:08:33 +10:00
Damien Miller	76758b6423	- dtucker@cvs.openbsd.org 2006/08/29 12:02:30 [gss-genr.c] Work around a problem in Heimdal that occurs when KRB5CCNAME file is missing, by checking whether or not kerberos allocated us a context before attempting to free it. Patch from Simon Wilkinson, tested by biorn@, ok djm@	2006-08-30 11:08:04 +10:00
Damien Miller	d5fe0baa73	- djm@cvs.openbsd.org 2006/08/29 10:40:19 [channels.c session.c] normalise some inconsistent (but harmless) NULL pointer checks spotted by the Stanford SATURN tool, via Isil Dillig; ok markus@ deraadt@	2006-08-30 11:07:39 +10:00
Damien Miller	5d43d49014	- dtucker@cvs.openbsd.org 2006/08/21 08:15:57 [sshd.8] Add more detail about what permissions are and aren't accepted for authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@	2006-08-30 11:07:00 +10:00
Damien Miller	b594f38bae	- (djm) OpenBSD CVS Sync - dtucker@cvs.openbsd.org 2006/08/21 08:14:01 [sshd_config.5] Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, ok jmc@ djm@	2006-08-30 11:06:34 +10:00
Darren Tucker	e83a83c7be	- (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent unused variable warning when we have a broken or missing mmap(2).	2006-08-24 19:55:41 +10:00
Darren Tucker	c1abe8e3e8	- (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.	2006-08-24 19:53:40 +10:00
Darren Tucker	f80f5ec81b	- (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).	2006-08-24 19:52:30 +10:00
Darren Tucker	450d2af2a3	- (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2) on POSIX systems.	2006-08-24 19:45:33 +10:00
Darren Tucker	e086955531	- (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on older systems.	2006-08-24 19:43:16 +10:00
Darren Tucker	fe408b4826	- (dtucker) [openbsd-compat/basename.c] Include errno.h.	2006-08-24 19:41:03 +10:00
Darren Tucker	12259d9680	- (dtucker) [Makefile.in] Bug #1177 : fix incorrect path for sshrc in Makefile. Patch from santhi.amirta at gmail, ok djm.	2006-08-22 22:24:10 +10:00
Darren Tucker	0eb810015f	- (dtucker) [configure.ac] Remove errant "-".	2006-08-20 21:43:19 +10:00
Darren Tucker	639bbe8bfe	- (dtucker) [configure.ac] Bug #1181 : Explicitly test to see if OpenSSL (0.9.8a and presumably newer) requires -ldl to successfully link.	2006-08-20 20:17:53 +10:00
Darren Tucker	3e6bde483d	- (dtucker) [configure.ac] Relocate --with-pam parts in preparation for fixing bug #1181. No changes yet.	2006-08-20 20:03:50 +10:00
Darren Tucker	4ba387337c	- (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore afterward. Removes the need to mangle $LIBS later to remove -lpam and -ldl.	2006-08-20 19:55:02 +10:00
Darren Tucker	aa1517ca1e	- (dtucker) [log.c] Move ifdef to prevent unused variable warning.	2006-08-20 17:55:54 +10:00
Darren Tucker	f0625699df	- (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a single rule for the test progs.	2006-08-19 19:12:14 +10:00
Damien Miller	deccaa7d0f	- (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2006/08/18 22:41:29 [gss-genr.c] GSSAPI error code should be 0 and not -1; from simon@sxw.org.uk	2006-08-19 08:50:57 +10:00
Damien Miller	bb59814cd6	- (djm) Disable sigdie() for platforms that cannot safely syslog inside a signal handler (basically all of them, excepting OpenBSD); ok dtucker@	2006-08-19 08:38:23 +10:00
Damien Miller	3d2d6e90e4	- djm@cvs.openbsd.org 2006/08/18 14:40:34 [gss-genr.c ssh-gss.h] constify host argument to match the rest of the GSSAPI functions and unbreak compilation with -Werror	2006-08-19 00:46:43 +10:00
Damien Miller	a1cb9f334b	- djm@cvs.openbsd.org 2006/08/18 13:54:54 [gss-genr.c ssh-gss.h sshconnect2.c] bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk ok markus@	2006-08-19 00:33:34 +10:00
Damien Miller	bdf00ca0bd	- djm@cvs.openbsd.org 2006/08/18 10:27:16 [misc.h] reorder so prototypes are sorted by the files they refer to; no binary change	2006-08-19 00:33:05 +10:00
Damien Miller	3f8123c804	- markus@cvs.openbsd.org 2006/08/18 09:15:20 [auth.h session.c sshd.c] delay authentication related cleanups until we're authenticated and all alarms have been cancelled; ok deraadt	2006-08-19 00:32:46 +10:00
Damien Miller	99a648e592	- deraadt@cvs.openbsd.org 2006/08/18 09:13:26 [log.c log.h sshd.c] make signal handler termination path shorter; risky code pointed out by mark dowd; ok djm markus	2006-08-19 00:32:20 +10:00
Damien Miller	a1f6840a4f	- djm@cvs.openbsd.org 2006/08/16 11:47:15 [sshd.c] factor inetd connection, TCP listen and main TCP accept loop out of main() into separate functions to improve readability; ok markus@	2006-08-19 00:31:39 +10:00
Damien Miller	565ca3f600	- dtucker@cvs.openbsd.org 2006/08/14 12:40:25 [servconf.c servconf.h sshd_config.5] Add ability to match groups to Match keyword in sshd_config. Feedback djm@, stevesk@, ok stevesk@.	2006-08-19 00:23:15 +10:00
Damien Miller	1c89ce0749	- miod@cvs.openbsd.org 2006/08/12 20:46:46 [monitor.c monitor_wrap.c] Revert previous include file ordering change, for ssh to compile under gcc2 (or until openssl include files are cleaned of parameter names in function prototypes)	2006-08-19 00:22:40 +10:00
Damien Miller	63b94128cb	- (djm) OpenBSD CVS Sync - stevesk@cvs.openbsd.org 2006/08/06 01:13:32 [compress.c monitor.c monitor_wrap.c] "zlib.h" can be <zlib.h>; ok djm@ markus@	2006-08-19 00:21:46 +10:00
Darren Tucker	637c80aa6f	- (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the test progs instead; they work better than what we have.	2006-08-18 20:56:18 +10:00
Darren Tucker	ec4e4daa6c	- (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.	2006-08-18 20:09:32 +10:00
Darren Tucker	43d3ccdbdd	- (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.	2006-08-18 19:49:58 +10:00
Darren Tucker	d018b2e9c8	- (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with closefrom.c from sudo.	2006-08-18 18:51:20 +10:00
Darren Tucker	c889ffdbc6	- (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress test for closefrom() in compat code.	2006-08-17 19:40:35 +10:00
Darren Tucker	3083bc2b52	- (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl for closefrom() on AIX. Pointed out by William Ahern.	2006-08-17 19:35:49 +10:00
Darren Tucker	e6b641a9a1	- (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c] Include stdlib.h for malloc and friends.	2006-08-17 18:55:27 +10:00
Damien Miller	56799c3f2a	- (djm) [audit-bsm.c] Sprinkle in some headers	2006-08-16 11:40:45 +10:00
Darren Tucker	533418138f	- (dtucker) [LICENCE] Add Reyk to the list for the compat dir.	2006-08-15 18:21:32 +10:00
Damien Miller	0e5143e88e	- (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings on Solaris 10	2006-08-07 11:26:36 +10:00
Darren Tucker	f78fb54412	- (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c, glob.c}] Include stdlib.h for malloc and friends in compat code.	2006-08-06 21:25:24 +10:00
Darren Tucker	32ab2ae3f3	- (dtucker) [defines.h] With the includes.h changes we no longer get the name clash on "YES" so we can remove the workaround for it.	2006-08-06 21:23:27 +10:00
Darren Tucker	3e714514e8	- (dtucker) [audit-bsm.c] Add additional headers now required.	2006-08-06 00:12:54 +10:00
Darren Tucker	79ba868fbe	- (dtucker) [audit.c audit.h] Repair headers.	2006-08-06 00:05:09 +10:00
Darren Tucker	6e1a9aa9b9	- (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.	2006-08-05 19:56:00 +10:00
Darren Tucker	2b4e38b712	- (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.	2006-08-05 19:18:08 +10:00
Darren Tucker	92350103fc	- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile on Cygwin.	2006-08-05 19:08:16 +10:00
Darren Tucker	f676c57958	- dtucker@cvs.openbsd.org 2006/08/05 08:34:04 [packet.c] Typo in comment	2006-08-05 18:51:08 +10:00
Darren Tucker	d6a23f2057	- dtucker@cvs.openbsd.org 2006/08/05 08:28:24 [monitor_wrap.c auth-skey.c auth2-chall.c] Zap unused variables in -DSKEY code. ok djm@	2006-08-05 18:50:35 +10:00
Darren Tucker	260cb3519d	- dtucker@cvs.openbsd.org 2006/08/05 08:00:33 [auth-skey.c] Add headers required to build with -DSKEY. ok djm@	2006-08-05 18:48:01 +10:00
Darren Tucker	1a3d6e7bdd	- dtucker@cvs.openbsd.org 2006/08/05 07:52:52 [auth2-none.c sshd.c monitor_wrap.c] Add headers required to build with KERBEROS5=no. ok djm@	2006-08-05 18:46:47 +10:00
Darren Tucker	8a15f01aff	- (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll, otherwise it is implicitly declared as returning an int.	2006-08-05 16:27:20 +10:00
Darren Tucker	d8aec107fe	- (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.	2006-08-05 16:12:15 +10:00
Darren Tucker	4c65543c89	- (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.	2006-08-05 15:57:40 +10:00
Darren Tucker	ecf28ba7aa	- (dtucker) [entropy.c] Needs unistd.h too.	2006-08-05 15:50:20 +10:00
Darren Tucker	e7eec90f38	- (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of #include stdarg.h, needed for log.h.	2006-08-05 15:47:26 +10:00
Darren Tucker	8c6fedaf22	- (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.	2006-08-05 15:24:59 +10:00
Darren Tucker	90659f8166	- (dtucker) [cleanup.c] Need defines.h for __dead.	2006-08-05 14:46:27 +10:00
Damien Miller	75bb664458	- (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c] [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more includes for Linux in	2006-08-05 14:07:20 +10:00
Damien Miller	d04db59ad9	- (djm) [openbsd-compat/regress/snprintftest.c] [openbsd-compat/regress/strduptest.c] Add missing includes so they pass compilation with "-Wall -Werror"	2006-08-05 13:27:29 +10:00
Damien Miller	36cbe41ceb	- (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec	2006-08-05 12:54:24 +10:00
Damien Miller	4cbfe8ebeb	- (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c] remove last traces of bufaux.h - it was merged into buffer.h in the big includes.h commit	2006-08-05 12:49:30 +10:00
Damien Miller	2ab323e0bd	- (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c	2006-08-05 12:43:32 +10:00
Damien Miller	9ab00b44c1	- stevesk@cvs.openbsd.org 2006/08/04 20:46:05 [monitor.c session.c ssh-agent.c] spaces	2006-08-05 12:40:11 +10:00
Damien Miller	d783435315	- deraadt@cvs.openbsd.org 2006/08/03 03:34:42 [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything except removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy")	2006-08-05 12:39:39 +10:00
Damien Miller	4dec5d75da	- stevesk@cvs.openbsd.org 2006/08/01 23:36:12 [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c] clean extra spaces	2006-08-05 11:38:40 +10:00
Damien Miller	a7a73ee35d	- stevesk@cvs.openbsd.org 2006/08/01 23:22:48 [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c] [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c] [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c] [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c] [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c] [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c] [uuencode.h xmalloc.c] move #include <stdio.h> out of includes.h	2006-08-05 11:37:59 +10:00
Damien Miller	da82839597	- dtucker@cvs.openbsd.org 2006/08/01 11:34:36 [sshconnect.c] Allow fallback to known_hosts entries without port qualifiers for non-standard ports too, so that all existing known_hosts entries will be recognised. Requested by, feedback and ok markus@	2006-08-05 11:35:45 +10:00
Damien Miller	1a5b4041fb	- stevesk@cvs.openbsd.org 2006/07/30 20:15:19 [atomicio.h] order includes to KNF	2006-08-05 11:35:23 +10:00
Damien Miller	858bb7dc7c	- jmc@cvs.openbsd.org 2006/07/27 08:00:50 [ssh_config.5] avoid confusing wording in HashKnownHosts: originally spotted by alan amesbury; ok deraadt	2006-08-05 11:34:51 +10:00
Damien Miller	e7a1e5cf63	- stevesk@cvs.openbsd.org 2006/07/26 13:57:17 [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c] [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c] [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c] [sshconnect1.c sshd.c xmalloc.c] move #include <stdlib.h> out of includes.h	2006-08-05 11:34:19 +10:00
Damien Miller	8dbffe7904	- stevesk@cvs.openbsd.org 2006/07/26 02:35:17 [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c] [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c] [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c] [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c] [uidswap.c xmalloc.c] move #include <sys/param.h> out of includes.h	2006-08-05 11:02:17 +10:00
Damien Miller	9aec91948d	- stevesk@cvs.openbsd.org 2006/07/25 02:59:21 [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c] [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c] move #include <sys/time.h> out of includes.h	2006-08-05 10:57:45 +10:00
Damien Miller	7c6e4b059c	- stevesk@cvs.openbsd.org 2006/07/25 02:01:34 [scard.c] need #include <string.h>	2006-08-05 09:33:15 +10:00
Damien Miller	437edb9e66	- stevesk@cvs.openbsd.org 2006/07/24 13:58:22 [sshconnect.c] disable tunnel forwarding when no strict host key checking and key changed; ok djm@ markus@ dtucker@	2006-08-05 09:11:13 +10:00
Darren Tucker	f1f4bdd1aa	- (dtucker) [configure.ac] The "crippled AES" test does not work on recent versions of Solaris, so use AC_LINK_IFELSE to actually link the test program rather than just compiling it. Spotted by dlg@.	2006-08-04 19:44:23 +10:00
Darren Tucker	88fdc83d4c	- (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.	2006-08-02 23:33:54 +10:00
Darren Tucker	94346f8596	- (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW.	2006-07-25 19:52:07 +10:00
Darren Tucker	28e9ad1bed	- (dtucker) [regress/forcecommand.sh] Portablize.	2006-07-24 23:50:23 +10:00
Darren Tucker	22c58b0242	- (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including system headers before defines.h will cause conflicting definitions.	2006-07-24 23:19:40 +10:00
Damien Miller	7b1877c803	- (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh] [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh] Sync regress tests to -current; include dtucker@'s new cfgmatch and forcecommand tests. Add cipher-speed.sh test (not linked in yet)	2006-07-24 15:31:41 +10:00
Damien Miller	24f2a42e53	- (djm) [Makefile.in] Remove generated openbsd-compat/regress/Makefile in distclean target	2006-07-24 15:30:18 +10:00
Damien Miller	62da44f064	- (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c] [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c] [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c] [openbsd-compat/port-aix.c openbsd-compat/port-irix.c] [openbsd-compat/rresvport.c] These look to need string.h and/or unistd.h (based on a grep for function names)	2006-07-24 15:08:35 +10:00
Damien Miller	ad5ecbf072	- (djm) [session.c] fix compile error with -Werror -Wall: 'path' is only used in do_setup_env() if HAVE_LOGIN_CAP is not defined	2006-07-24 15:03:06 +10:00
Damien Miller	874bc48832	- (djm) [uuencode.c] Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on some platforms	2006-07-24 14:58:07 +10:00
Damien Miller	8b373baf13	- (djm) [openbsd-compat/glob.c] Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles on OpenBSD (or other platforms with a decent glob implementation) with -Werror	2006-07-24 14:55:47 +10:00
Damien Miller	b8fe89c4d9	- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] make the portable tree compile again - sprinkle unistd.h and string.h back in. Don't redefine __unused, as it turned out to be used in headers on Linux, and replace its use in auth-pam.c with ARGSUSED	2006-07-24 14:51:00 +10:00
Damien Miller	d8337c5e60	- stevesk@cvs.openbsd.org 2006/07/23 01:11:05 [auth.h dispatch.c kex.h sftp-client.c] #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h> move	2006-07-24 14:14:19 +10:00
Damien Miller	e3476ed03b	- stevesk@cvs.openbsd.org 2006/07/22 20:48:23 [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] move #include <string.h> out of includes.h	2006-07-24 14:13:33 +10:00
Damien Miller	5598b4f125	- stevesk@cvs.openbsd.org 2006/07/22 19:08:54 [includes.h moduli.c progressmeter.c scp.c sftp-common.c] [sftp-server.c ssh-agent.c sshlogin.c] move #include <time.h> out of includes.h	2006-07-24 14:09:40 +10:00
Damien Miller	ee0d0db7da	- stevesk@cvs.openbsd.org 2006/07/21 21:26:55 [progressmeter.c] ARGSUSED for signal handler	2006-07-24 14:08:50 +10:00
Damien Miller	8473dd85fe	- stevesk@cvs.openbsd.org 2006/07/21 21:13:30 [channels.c] more ARGSUSED (lint) for dispatch table-driven functions; ok djm@	2006-07-24 14:08:32 +10:00
Damien Miller	a765cf4b66	- dtucker@cvs.openbsd.org 2006/07/21 12:43:36 [channels.c channels.h servconf.c servconf.h sshd_config.5] Make PermitOpen take a list of permitted ports and act more like most other keywords (ie the first match is the effective setting). This also makes it easier to override a previously set PermitOpen. ok djm@	2006-07-24 14:08:13 +10:00
Damien Miller	1cdde6f536	- stevesk@cvs.openbsd.org 2006/07/20 15:26:15 [auth1.c serverloop.c session.c sshconnect2.c] missed some needed #include <unistd.h> when KERBEROS5=no; issue from massimo@cedoc.mo.it	2006-07-24 14:07:35 +10:00
Damien Miller	e275443f66	- dtucker@cvs.openbsd.org 2006/07/19 13:07:10 [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5] Add ForceCommand keyword to sshd_config, equivalent to the "command=" key option, man page entry and example in sshd_config. Feedback & ok djm@, man page corrections & ok jmc@	2006-07-24 14:06:47 +10:00
Damien Miller	d1de9950e5	- dtucker@cvs.openbsd.org 2006/07/19 08:56:41 [servconf.c sshd_config.5] Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to Match. ok djm@	2006-07-24 14:05:48 +10:00
Damien Miller	f757d22e8b	- stevesk@cvs.openbsd.org 2006/07/18 22:27:55 [dh.c] remove unneeded includes; ok djm@	2006-07-24 14:05:24 +10:00
Damien Miller	8c23403b51	- dtucker@cvs.openbsd.org 2006/07/18 08:22:23 [sshd_config.5] Clarify description of Match, with minor correction from jmc@	2006-07-24 14:05:08 +10:00
Damien Miller	393821ad72	- jmc@cvs.openbsd.org 2006/07/18 08:03:09 [ssh-agent.1 sshd_config.5] mark up angle brackets;	2006-07-24 14:04:53 +10:00
Damien Miller	22d47abbe3	- jmc@cvs.openbsd.org 2006/07/18 07:56:28 [scp.1] replace DIAGNOSTICS with .Ex;	2006-07-24 14:04:36 +10:00
Damien Miller	65bc2c4028	- jmc@cvs.openbsd.org 2006/07/18 07:50:40 [sshd_config.5] tweak; ok dtucker	2006-07-24 14:04:16 +10:00
Damien Miller	9b439df18a	- dtucker@cvs.openbsd.org 2006/07/17 12:06:00 [channels.c channels.h servconf.c sshd_config.5] Add PermitOpen directive to sshd_config which is equivalent to the "permitopen" key option. Allows server admin to allow TCP port forwarding only two specific host/port pairs. Useful when combined with Match. If permitopen is used in both sshd_config and a key option, both must allow a given connection before it will be permitted. Note that users can still use external forwarders such as netcat, so to be those must be controlled too for the limits to be effective. Feedback & ok djm@, man page corrections & ok jmc@.	2006-07-24 14:04:00 +10:00
Damien Miller	98299261eb	- dtucker@cvs.openbsd.org 2006/07/17 12:02:24 [auth-options.c] Use '\0' rather than 0 to terminates strings; ok djm@	2006-07-24 14:01:43 +10:00
Damien Miller	e6b3b610ec	- stevesk@cvs.openbsd.org 2006/07/17 01:31:10 [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c] [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c] [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c] [sshconnect.c sshlogin.c sshpty.c uidswap.c] move #include <unistd.h> out of includes.h	2006-07-24 14:01:23 +10:00
Damien Miller	def915b0ff	- stevesk@cvs.openbsd.org 2006/07/14 01:15:28 [monitor_wrap.h] don't need incompletely-typed 'struct passwd' now with #include <pwd.h>; ok markus@	2006-07-24 13:55:56 +10:00
Damien Miller	2d00e63cb8	- stevesk@cvs.openbsd.org 2006/07/12 22:42:32 [includes.h ssh.c ssh-rand-helper.c] move #include <stddef.h> out of includes.h	2006-07-24 13:53:19 +10:00
Damien Miller	939878b95f	tidy	2006-07-24 13:52:06 +10:00
Damien Miller	be43ebf975	- stevesk@cvs.openbsd.org 2006/07/12 22:28:52 [auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c] move #include <netdb.h> out of includes.h; ok djm@	2006-07-24 13:51:51 +10:00
Damien Miller	d04f357ac2	- jmc@cvs.openbsd.org 2006/07/12 13:39:55 [sshd_config.5] - new sentence, new line - s/The the/The/ - kill a bad comma	2006-07-24 13:46:50 +10:00
Darren Tucker	341dae59c8	- (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h	2006-07-13 08:45:14 +10:00
Darren Tucker	2eaea99054	- (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c openbsd-compat/rresvport.c] More errno.h.	2006-07-12 23:41:33 +10:00
Darren Tucker	5998ed03aa	- (dtucker) [openbsd-compat/openbsd-compat.h] v*printf needs stdarg.h.	2006-07-12 23:10:33 +10:00
Darren Tucker	deecec98c7	- (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too.	2006-07-12 22:44:34 +10:00
Darren Tucker	767e4134f1	- (dtucker) [openbsd-compat/setproctitle.c] Include stdarg.h.	2006-07-12 22:43:28 +10:00
Darren Tucker	2c1a02a8d0	- (dtucker) [loginrec.c openbsd-compat/xmmap.c openbsd-compat/bindresvport.c openbsd-compat/glob.c openbsd-compat/mktemp.c openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c openbsd-compat/strtonum.c] Include <errno.h>.	2006-07-12 22:40:50 +10:00
Darren Tucker	c931c433f6	- (dtucker) [openbsd-compat/xmmap.c] Include <errno.h>.	2006-07-12 22:35:51 +10:00
Darren Tucker	4515047e47	- dtucker@cvs.openbsd.org 2006/07/12 11:34:58 [sshd.c servconf.h servconf.c sshd_config.5 auth.c] Add support for conditional directives to sshd_config via a "Match" keyword, which works similarly to the "Host" directive in ssh_config. Lines after a Match line override the default set in the main section if the condition on the Match line is true, eg AllowTcpForwarding yes Match User anoncvs AllowTcpForwarding no will allow port forwarding by all users except "anoncvs". Currently only a very small subset of directives are supported. ok djm@	2006-07-12 22:34:17 +10:00
Darren Tucker	ba72405026	- stevesk@cvs.openbsd.org 2006/07/11 20:27:56 [authfile.c ssh.c] need <errno.h> here also (it's also included in <openssl/err.h>)	2006-07-12 22:24:22 +10:00
Darren Tucker	57f4224677	- stevesk@cvs.openbsd.org 2006/07/11 20:16:43 [ssh.c] cast asterisk field precision argument to int to remove warning; ok markus@	2006-07-12 22:23:35 +10:00
Darren Tucker	3997249346	- stevesk@cvs.openbsd.org 2006/07/11 20:07:25 [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c] move #include <errno.h> out of includes.h; ok markus@	2006-07-12 22:22:46 +10:00
Darren Tucker	e7d4b19f75	- markus@cvs.openbsd.org 2006/07/11 18:50:48 [clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c channels.h readconf.c] add ExitOnForwardFailure: terminate the connection if ssh(1) cannot set up all requested dynamic, local, and remote port forwardings. ok djm, dtucker, stevesk, jmc	2006-07-12 22:17:10 +10:00
Darren Tucker	284706a755	- dtucker@cvs.openbsd.org 2006/07/11 10:12:07 [ssh.c] Only copy the part of environment variable that we actually use. Prevents ssh bailing when SendEnv is used and an environment variable with a really long value exists. ok djm@	2006-07-12 22:16:23 +10:00
Darren Tucker	5d19626a04	- stevesk@cvs.openbsd.org 2006/07/10 16:37:36 [readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c auth.c packet.c log.c] move #include <stdarg.h> out of includes.h; ok markus@	2006-07-12 22:15:16 +10:00
Darren Tucker	1131847684	- jmc@cvs.openbsd.org 2006/07/10 16:04:21 [sshd.8] s/and and/and/	2006-07-12 22:07:59 +10:00
Darren Tucker	a5362458d0	- stevesk@cvs.openbsd.org 2006/07/10 16:01:57 [sftp-glob.c sftp-common.h sftp.c] buffer.h only needed in sftp-common.h and remove some unneeded user includes; ok djm@	2006-07-12 22:07:08 +10:00
Darren Tucker	686852f665	- (dtucker) [openbsd-compat/port-tun.c] OpenBSD needs <netinet/in.h> before <netinet/ip.h>.	2006-07-12 19:05:56 +10:00
Darren Tucker	128a0894a5	- (dtucker) [configure.ac] OpenBSD needs <sys/types.h> before <sys/socket.h> for SHUT_RD.	2006-07-12 19:02:56 +10:00
Darren Tucker	250f1a6901	rewrap	2006-07-12 19:01:29 +10:00
Darren Tucker	248469bc8d	- (dtucker) [configure.ac defines.h] Only define SHUT_RD (and friends) and O_NONBLOCK if they're really needed. Fixes build errors on HP-UX, old Linuxes and probably more.	2006-07-12 14:14:31 +10:00
Darren Tucker	e0e4aad1fd	- (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably others).	2006-07-11 19:01:51 +10:00
Darren Tucker	44c828fe29	- (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c openbsd-compat/daemon.c] Add includes needed by open(2). Conditionally include paths.h. Fixes build error on Solaris.	2006-07-11 18:00:06 +10:00
Darren Tucker	4e880e632b	- (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h> for struct sockaddr on platforms that use the fake-rfc stuff.	2006-07-11 00:20:51 +10:00
Darren Tucker	da34553561	- dtucker@cvs.openbsd.org 2006/07/10 12:46:51 [misc.c misc.h sshd.8 sshconnect.c] Add port identifier to known_hosts for non-default ports, based originally on a patch from Devin Nate in bz#910. For any connection using the default port or using a HostKeyAlias the format is unchanged, otherwise the host name or address is enclosed within square brackets in the same format as sshd's ListenAddress. Tested by many, ok markus@.	2006-07-10 23:04:19 +10:00
Damien Miller	0f07707267	- djm@cvs.openbsd.org 2006/07/10 12:08:08 [channels.c] fix misparsing of SOCKS 5 packets that could result in a crash; reported by mk@ ok markus@	2006-07-10 22:21:02 +10:00
Damien Miller	3d1a9f4d5d	- djm@cvs.openbsd.org 2006/07/10 12:03:20 [scp.c] duplicate argv at the start of main() because it gets modified later; pointed out by deraadt@ ok markus@	2006-07-10 22:19:53 +10:00
Damien Miller	a1738e4c65	- (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h	2006-07-10 21:33:04 +10:00
Damien Miller	6444fe996b	- djm@cvs.openbsd.org 2006/07/10 11:25:53 [sftp-server.c] don't log variables that aren't yet set	2006-07-10 21:31:27 +10:00
Damien Miller	c718c743c1	- djm@cvs.openbsd.org 2006/07/10 11:24:54 [sftp-server.c] remove optind - it isn't used here	2006-07-10 21:31:00 +10:00
Damien Miller	211838d8e2	- stevesk@cvs.openbsd.org 2006/07/09 15:27:59 [ssh-add.c] use O_RDONLY vs. 0 in open(); no binary change	2006-07-10 21:14:00 +10:00
Damien Miller	57cf638577	- stevesk@cvs.openbsd.org 2006/07/09 15:15:11 [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c] [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] [sshlogin.c sshpty.c] move #include <fcntl.h> out of includes.h	2006-07-10 21:13:46 +10:00
Damien Miller	194a1cb018	- stevesk@cvs.openbsd.org 2006/07/08 23:30:06 [log.c] move user includes after /usr/include files	2006-07-10 21:09:22 +10:00
Damien Miller	e33b60343b	- stevesk@cvs.openbsd.org 2006/07/08 21:48:53 [monitor.c session.c] missed these from last commit: move #include <sys/socket.h> out of includes.h	2006-07-10 21:08:34 +10:00
Damien Miller	e3b60b524e	- stevesk@cvs.openbsd.org 2006/07/08 21:47:12 [authfd.c canohost.c clientloop.c dns.c dns.h includes.h] [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h] move #include <sys/socket.h> out of includes.h	2006-07-10 21:08:03 +10:00
Damien Miller	58059aef05	- stevesk@cvs.openbsd.org 2006/07/06 17:36:37 [monitor_wrap.h] typo in comment	2006-07-10 20:53:45 +10:00
Damien Miller	69996104fe	- stevesk@cvs.openbsd.org 2006/07/06 16:22:39 [ssh-keygen.c] move #include "dns.h" up	2006-07-10 20:53:31 +10:00
Damien Miller	9f2abc47eb	- stevesk@cvs.openbsd.org 2006/07/06 16:03:53 [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c] [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c] [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c] [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c] [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c] [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c] [uidswap.h] move #include <pwd.h> out of includes.h; ok markus@	2006-07-10 20:53:08 +10:00
Damien Miller	fef95ad816	- djm@cvs.openbsd.org 2006/07/06 10:47:57 [sftp-server.8 sftp-server.c] add commandline options to enable logging of transactions; ok markus@	2006-07-10 20:46:55 +10:00
Damien Miller	917f9b6b6e	- djm@cvs.openbsd.org 2006/07/06 10:47:05 [servconf.c servconf.h session.c sshd_config.5] support arguments to Subsystem commands; ok markus@	2006-07-10 20:36:47 +10:00
Damien Miller	8ec8c3e98a	- stevesk@cvs.openbsd.org 2006/07/05 02:42:09 [canohost.c hostfile.c includes.h misc.c packet.c readconf.c] [serverloop.c sshconnect.c uuencode.c] move #include <netinet/in.h> out of includes.h; ok deraadt@ (also ssh-rand-helper.c logintest.c loginrec.c)	2006-07-10 20:35:38 +10:00
Damien Miller	efc04e70b8	- stevesk@cvs.openbsd.org 2006/07/03 17:59:32 [channels.c includes.h] move #include <arpa/inet.h> out of includes.h; old ok djm@ (portable needed session.c too)	2006-07-10 20:26:27 +10:00
Damien Miller	b757677d02	- stevesk@cvs.openbsd.org 2006/07/03 08:54:20 [includes.h ssh.c sshconnect.c sshd.c] move #include "version.h" out of includes.h; ok markus@	2006-07-10 20:23:39 +10:00
Damien Miller	57e8ad3f5e	- stevesk@cvs.openbsd.org 2006/07/02 23:01:55 [clientloop.c ssh.1] use -KR[bind_address:]port here; ok djm@	2006-07-10 20:20:52 +10:00
Damien Miller	427a1d57bb	- stevesk@cvs.openbsd.org 2006/07/02 22:45:59 [groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c] move #include <grp.h> out of includes.h (portable needed uidswap.c too)	2006-07-10 20:20:33 +10:00
Damien Miller	5d3ac7f7ee	- stevesk@cvs.openbsd.org 2006/07/02 18:36:47 [gss-serv-krb5.c gss-serv.c] no "servconf.h" needed here (gss-serv-krb5.c change not applied, portable needs the server options)	2006-07-10 20:17:55 +10:00
Damien Miller	991dba43e1	- stevesk@cvs.openbsd.org 2006/07/02 17:12:58 [ssh.1 ssh.c ssh_config.5 sshd_config.5] more details and clarity for tun(4) device forwarding; ok and help jmc@	2006-07-10 20:16:27 +10:00
Damien Miller	43020951ad	- djm@cvs.openbsd.org 2006/06/26 10:36:15 [clientloop.c] mention optional bind_address in runtime port forwarding setup command-line help. patch from santhi.amirta AT gmail.com	2006-07-10 20:16:12 +10:00
Damien Miller	1e88ea6556	- OpenBSD CVS Sync - djm@cvs.openbsd.org 2006/06/14 10:50:42 [sshconnect.c] limit the number of pre-banner characters we will accept; ok markus@	2006-07-10 20:15:56 +10:00
Darren Tucker	e34c96aea1	- (dtucker) [INSTALL] New autoconf version: 2.60.	2006-07-10 12:55:24 +10:00
Darren Tucker	f32f55259c	- (dtucker) [INSTALL] A bit more info on autoconf.	2006-07-06 19:12:08 +10:00
Darren Tucker	bdc121279f	- (dtucker) [configure.ac] Try AIX blibpath test in different order when compiling with gcc. gcc 4.1.x will accept (but ignore) -b flags so configure would not select the correct libpath linker flags.	2006-07-06 11:56:25 +10:00
Damien Miller	365e18db51	whitespace	2006-07-05 22:48:07 +10:00
Damien Miller	ee9ee9175c	whitespace	2006-07-05 22:47:21 +10:00
Darren Tucker	daf6ff4312	- (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the target already exists.	2006-07-05 21:35:48 +10:00
Darren Tucker	db4c54bed1	- (dtucker) [INSTALL] Bug #1202 : Note when autoconf is required and which version.	2006-06-30 16:20:58 +10:00
Darren Tucker	7243f9db60	- (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it, prevents warnings on platforms where _res is in the system headers.	2006-06-30 11:47:49 +10:00
Darren Tucker	66c32d5caa	- (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf declaration too. Patch from russ at sludge.net.	2006-06-30 10:51:32 +10:00
Darren Tucker	8b272ab09b	- (dtucker) [configure.ac] Bug #1203 : Add missing '[', which causes problems with autoconf 2.60. Patch from vapier at gentoo.org.	2006-06-27 11:20:28 +10:00
Darren Tucker	144e8d60cd	- (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys only, otherwise sshd can hang exiting non-interactive sessions.	2006-06-25 08:25:25 +10:00
Darren Tucker	03890e44cd	- (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug #1102 workaround.	2006-06-24 16:58:45 +10:00
Darren Tucker	0249f93c4d	- (dtucker) [configure.ac] Bug #1193 : Define PASSWD_NEEDS_USERNAME on Solaris. Works around limitation in Solaris' passwd program for changing passwords where the username is longer than 8 characters. ok djm@	2006-06-24 12:10:07 +10:00
Darren Tucker	9afe115f0a	- (dtucker) [channels.c configure.ac serverloop.c] Bug #1102 : Around AIX 4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes on the pty slave as zero-length reads on the pty master, which sshd interprets as the descriptor closing. Since most things don't do zero length writes this rarely matters, but occasionally it happens, and when it does the SSH pty session appears to hang, so we add a special case for this condition. ok djm@	2006-06-23 21:24:12 +10:00
Darren Tucker	3eb4834489	- (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add tunnel support for Mac OS X/Darwin via a third-party tun driver. Patch from reyk@, tested by anil@	2006-06-23 21:05:12 +10:00
Damien Miller	643460803f	- (djm) [getput.h] This file has been replaced by functions in misc.c	2006-06-13 13:15:54 +10:00
Damien Miller	a6680a4e35	- djm@cvs.openbsd.org 2006/06/13 01:18:36 [ssh-agent.c] always use a format string, even when printing a constant - djm@cvs.openbsd.org 2006/06/13 02:17:07 [ssh-agent.c] revert; i am on drugs. spotted by alexander AT beard.se	2006-06-13 13:10:18 +10:00
Damien Miller	2e5fe88ebe	- markus@cvs.openbsd.org 2006/06/08 14:45:49 [readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h] do not set the gid, noted by solar; ok djm	2006-06-13 13:10:00 +10:00
Damien Miller	6b4069ad56	- markus@cvs.openbsd.org 2006/06/06 10:20:20 [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c] replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm	2006-06-13 13:05:15 +10:00
Damien Miller	eb13e556e5	- markus@cvs.openbsd.org 2006/06/01 09:21:48 [sshd.c] call get_remote_ipaddr() early; fixes logging after client disconnects; report mpf@; ok dtucker@	2006-06-13 13:03:53 +10:00
Damien Miller	7b1e757b28	- mk@cvs.openbsd.org 2006/05/30 11:46:38 [ssh-add.c] Sync usage() with man page and reality. ok deraadt dtucker	2006-06-13 13:03:34 +10:00
Damien Miller	fbc94c857a	- jmc@cvs.openbsd.org 2006/05/29 16:13:23 [ssh.1] add GSSAPI to the list of authentication methods supported;	2006-06-13 13:03:16 +10:00
Damien Miller	3c6ed7bbd5	- jmc@cvs.openbsd.org 2006/05/29 16:10:03 [ssh_config.5] oops - previous was too long; split the list of auths up	2006-06-13 13:01:41 +10:00
Damien Miller	81a38928eb	- dtucker@cvs.openbsd.org 2006/05/29 12:56:33 [ssh_config] Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in sample ssh_config. ok markus@	2006-06-13 13:01:09 +10:00
Damien Miller	658f945538	- dtucker@cvs.openbsd.org 2006/05/29 12:54:08 [ssh_config.5] Add gssapi-with-mic to PreferredAuthentications default list; ok jmc	2006-06-13 13:00:55 +10:00
Damien Miller	ad6b14d274	- miod@cvs.openbsd.org 2006/05/18 21:27:25 [kexdhc.c kexgexc.c] paramter -> parameter	2006-06-13 13:00:41 +10:00
Damien Miller	40b5985fe0	- markus@cvs.openbsd.org 2006/05/17 12:43:34 [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c] fix leak; coverity via Kylene Jo Hall	2006-06-13 13:00:25 +10:00
Damien Miller	24fd8ddd61	- markus@cvs.openbsd.org 2006/05/16 09:00:00 [clientloop.c] missing free; from Kylene Hall	2006-06-13 13:00:09 +10:00
Damien Miller	e250a94e69	- djm@cvs.openbsd.org 2006/05/08 10:49:48 [sshconnect2.c] uint32_t -> u_int32_t (which we use everywhere else) (Id sync only - portable already had this)	2006-06-13 12:59:53 +10:00
Darren Tucker	f14b2aa672	- (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor and slave, we can remove the special-case handling in the audit hook in auth_log.	2006-05-21 18:26:40 +10:00
Darren Tucker	f58b29d515	- (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file pointer leak. From kjhall at us.ibm.com, found by coverity.	2006-05-17 22:24:56 +10:00
Darren Tucker	73373877db	typo	2006-05-15 17:24:25 +10:00
Darren Tucker	2c77b7f1c1	- (dtucker) [auth-pam.c] Bug #1188 : pass result of do_pam_account back and do not allow kbdint again after the PAM account check fails. ok djm@	2006-05-15 17:22:33 +10:00
Darren Tucker	cefd8bb36d	- (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative default. Patch originally from tim@, ok djm	2006-05-15 17:17:29 +10:00
Darren Tucker	13c539a4dc	- (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of _res, prevents problems on some platforms that have _res as a global but don't have getrrsetbyname(), eg IRIX 5.3. Found and tested by georg.schwarz at freenet.de, ok djm@.	2006-05-15 17:15:56 +10:00
Darren Tucker	43ff44e7db	- dtucker@cvs.openbsd.org 2006/05/06 08:35:40 [auth-krb5.c] Add $OpenBSD$ in comment here too	2006-05-06 18:40:53 +10:00
Darren Tucker	f779f672eb	- djm@cvs.openbsd.org 2006/04/01 05:37:46 [OVERVIEW] $OpenBSD$ in here too	2006-05-06 17:48:48 +10:00
Darren Tucker	31cde6828d	- djm@cvs.openbsd.org 2006/05/04 14:55:23 [dh.c] tighter DH exponent checks here too; feedback and ok markus@	2006-05-06 17:43:33 +10:00
Darren Tucker	232b76f9f8	- dtucker@cvs.openbsd.org 2006/04/25 08:02:27 [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c] Prevent ssh from trying to open private keys with bad permissions more than once or prompting for their passphrases (which it subsequently ignores anyway), similar to a previous change in ssh-add. bz #1186, ok djm@	2006-05-06 17:41:51 +10:00
Darren Tucker	d8093e49bf	- (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar) in Portable-only code; since calloc zeros, remove now-redundant memsets. Also add a couple of sanity checks. With & ok djm@	2006-05-04 16:24:34 +10:00
Darren Tucker	596d33801f	- (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h and double including it on IRIX 5.3 causes problems. From Georg Schwarz, "no objections" tim@	2006-05-03 19:01:09 +10:00
Damien Miller	7b50b2030b	missing file	2006-04-23 12:31:27 +10:00
Damien Miller	2bdd1c117c	- (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get sig_atomic_t	2006-04-23 12:28:53 +10:00
Damien Miller	08d4b0ca5d	- stevesk@cvs.openbsd.org 2006/04/22 18:29:33 [crc32.c] remove extra spaces	2006-04-23 12:12:24 +10:00
Damien Miller	2282c6e305	- djm@cvs.openbsd.org 2006/04/22 04:06:51 [uidswap.c] use setres[ug]id() to permanently revoke privileges; ok deraadt@ (ID Sync only - portable already uses setres[ug]id() whenever possible)	2006-04-23 12:11:57 +10:00
Damien Miller	525a0b090f	- djm@cvs.openbsd.org 2006/04/20 21:53:44 [includes.h session.c sftp.c] Switch from using pipes to socketpairs for communication between sftp/scp and ssh, and between sshd and its subprocesses. This saves a file descriptor per session and apparently makes userland ppp over ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this decision on a per-platform basis)	2006-04-23 12:10:49 +10:00
Damien Miller	56e5e6ad11	- markus@cvs.openbsd.org 2006/04/20 09:47:59 [sshconnect.c] simplify; ok djm@	2006-04-23 12:08:59 +10:00
Damien Miller	97c91f688f	- djm@cvs.openbsd.org 2006/04/20 09:27:09 [auth.h clientloop.c dispatch.c dispatch.h kex.h] replace the last non-sig_atomic_t flag used in a signal handler with a sig_atomic_t, unfortunately with some knock-on effects in other (non- signal) contexts in which it is used; ok markus@	2006-04-23 12:08:37 +10:00
Damien Miller	58629fad82	- dtucker@cvs.openbsd.org 2006/04/18 10:44:28 [bufaux.c bufbn.c] Move Buffer bignum functions into their own file, bufbn.c. This means that sftp and sftp-server (which use the Buffer functions in bufaux.c but not the bignum ones) no longer need to be linked with libcrypto. ok markus@	2006-04-23 12:08:19 +10:00
Damien Miller	b5ea7e7c03	- djm@cvs.openbsd.org 2006/04/16 07:59:00 [atomicio.c] reorder sanity test so that it cannot dereference past the end of the iov array; well spotted canacar@!	2006-04-23 12:06:49 +10:00
Damien Miller	58ca98bfe1	- djm@cvs.openbsd.org 2006/04/16 00:54:10 [sftp-client.c] avoid making a tiny 4-byte write to send the packet length of sftp commands, which would result in a separate tiny packet on the wire by using atomiciov(writev, ...) to write the length and the command in one pass; ok deraadt@	2006-04-23 12:06:35 +10:00
Damien Miller	6aa139c41f	- djm@cvs.openbsd.org 2006/04/16 00:52:55 [atomicio.c atomicio.h] introduce atomiciov() function that wraps readv/writev to retry interrupted transfers like atomicio() does for read/write; feedback deraadt@ dtucker@ stevesk@ ok deraadt@	2006-04-23 12:06:20 +10:00
Damien Miller	499a0d5ada	- djm@cvs.openbsd.org 2006/04/16 00:48:52 [buffer.c buffer.h channels.c] Fix condition where we could exit with a fatal error when an input buffer became too large and the remote end had advertised a big window. The problem was a mismatch in the backoff math between the channels code and the buffer code, so make a buffer_check_alloc() function that the channels code can use to propsectivly check whether an incremental allocation will succeed. bz #1131, debugged with the assistance of cove AT wildpackets.com; ok dtucker@ deraadt@	2006-04-23 12:06:03 +10:00
Damien Miller	63e437f053	- djm@cvs.openbsd.org 2006/04/03 07:10:38 [gss-genr.c] GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066 by dleonard AT vintela.com. use xasprintf() to simplify code while in there; "looks right" deraadt@	2006-04-23 12:05:46 +10:00
Damien Miller	603e68f1a2	- dtucker@cvs.openbsd.org 2006/04/02 08:34:52 [ssh-keysign.c] sessionid can be 32 bytes now too when sha256 kex is used; ok djm@	2006-04-23 12:05:32 +10:00
Damien Miller	7a656f7922	- djm@cvs.openbsd.org 2006/04/01 05:50:29 [scp.c] xasprintification; ok deraadt@	2006-04-23 12:04:46 +10:00
Damien Miller	07aa132a5e	- (djm) OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2006/04/01 05:42:20 [scp.c] minimal lint cleanup (unused crud, and some size_t); ok djm	2006-04-23 12:04:27 +10:00
Damien Miller	73b42d2bb0	- (djm) [Makefile.in configure.ac session.c sshpty.c] [contrib/redhat/sshd.init openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c] [openbsd-compat/port-linux.h] Add support for SELinux, setting the execution and TTY contexts. based on patch from Daniel Walsh, bz #880; ok dtucker@	2006-04-22 21:26:08 +10:00
Damien Miller	2eaf37d899	- (djm) Reorder IP options check so that it isn't broken by mapped addresses; bz #1179 reported by markw wtech-llc.com; ok dtucker@	2006-04-18 15:13:16 +10:00
Damien Miller	dfc6183f13	- djm@cvs.openbsd.org 2006/03/31 09:13:56 [ssh_config.5] remote user escape is %r not %h; spotted by jmc@	2006-03-31 23:14:57 +11:00
Damien Miller	c6437cf00a	- jmc@cvs.openbsd.org 2006/03/31 09:09:30 [ssh_config.5] kill trailing whitespace;	2006-03-31 23:14:41 +11:00
Damien Miller	7a8f5b330d	- dtucker@cvs.openbsd.org 2006/03/30 11:40:21 [auth.c monitor.c] Prevent duplicate log messages when privsep=yes; ok djm@	2006-03-31 23:14:23 +11:00
Damien Miller	e23209f434	- dtucker@cvs.openbsd.org 2006/03/30 11:05:17 [ssh-keygen.c] Correctly handle truncated files while converting keys; ok djm@	2006-03-31 23:13:35 +11:00
Damien Miller	6b1d53c2b0	- djm@cvs.openbsd.org 2006/03/30 10:41:25 [ssh.c ssh_config.5] add percent escape chars to the IdentityFile option, bz #1159 based on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@	2006-03-31 23:13:21 +11:00
Damien Miller	3f9418893e	- djm@cvs.openbsd.org 2006/03/30 09:58:16 [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h] [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c] replace {GET,PUT}_XXBIT macros with functionally similar functions, silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and feedback from deraadt@	2006-03-31 23:13:02 +11:00
Damien Miller	d79b424e8a	- djm@cvs.openbsd.org 2006/03/30 09:41:25 [channels.c] ARGSUSED for dispatch table-driven functions	2006-03-31 23:11:44 +11:00
Damien Miller	89c3fe4a9e	- deraadt@cvs.openbsd.org 2006/03/28 01:53:43 [ssh-agent.c] use strtonum() to parse the pid from the file, and range check it better; ok djm	2006-03-31 23:11:28 +11:00
Damien Miller	57c4e875f8	- deraadt@cvs.openbsd.org 2006/03/28 01:52:28 [channels.c] do not accept unreasonable X ports numbers; ok djm	2006-03-31 23:11:07 +11:00
Damien Miller	ddd63ab1d0	- deraadt@cvs.openbsd.org 2006/03/28 00:12:31 [README.tun ssh.c] spacing	2006-03-31 23:10:51 +11:00
Damien Miller	2b5a0de903	- djm@cvs.openbsd.org 2006/03/27 23:15:46 [sftp.c] always use a format string for addargs; spotted by mouring@	2006-03-31 23:10:31 +11:00
Damien Miller	5a73c1a34d	- deraadt@cvs.openbsd.org 2006/03/27 13:03:54 [dh.c] use strtonum() instead of atoi(), limit dhg size to 64k; ok djm	2006-03-31 23:09:41 +11:00
Damien Miller	da380becc6	- OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2006/03/27 01:21:18 [xmalloc.c] we can do the size & nmemb check before the integer overflow check; evol	2006-03-31 23:09:17 +11:00
Damien Miller	b3cdc220c4	- deraadt@cvs.openbsd.org 2006/03/26 01:31:48 [uuencode.c] typo	2006-03-26 14:30:33 +11:00
Damien Miller	51096383e9	- djm@cvs.openbsd.org 2006/03/25 22:22:43 [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h] [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h] [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h] [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c] [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h] [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h] [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h] [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h] [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h] [ttymodes.h uidswap.h uuencode.h xmalloc.h] standardise spacing in $OpenBSD$ tags; requested by deraadt@	2006-03-26 14:30:00 +11:00
Damien Miller	e3b21a5f59	- deraadt@cvs.openbsd.org 2006/03/25 18:58:10 [channels.c] delete cast not required	2006-03-26 14:29:06 +11:00
Damien Miller	a0fdce9a47	- deraadt@cvs.openbsd.org 2006/03/25 18:56:55 [bufaux.c channels.c packet.c] remove (char ) casts to a function that accepts void for the arg	2006-03-26 14:28:50 +11:00
Damien Miller	08d61505d7	- deraadt@cvs.openbsd.org 2006/03/25 18:43:30 [channels.c] use strtonum() instead of atoi() [limit X screens to 400, sorry]	2006-03-26 14:28:32 +11:00
Damien Miller	1c13bd8d79	- deraadt@cvs.openbsd.org 2006/03/25 18:41:45 [ssh-agent.c] mark two more signal handlers ARGSUSED	2006-03-26 14:28:14 +11:00
Damien Miller	5f340065fc	- deraadt@cvs.openbsd.org 2006/03/25 18:40:14 [ssh-keygen.c] cast strtonum() result to right type	2006-03-26 14:27:57 +11:00
Damien Miller	a1690d08b4	- deraadt@cvs.openbsd.org 2006/03/25 18:36:15 [sshlogin.c sshlogin.h] nicer size_t and time_t types	2006-03-26 14:27:35 +11:00
Damien Miller	90fdfaf69c	- deraadt@cvs.openbsd.org 2006/03/25 18:30:55 [clientloop.c serverloop.c] spacing	2006-03-26 14:25:37 +11:00
Damien Miller	8ba29fe72d	- deraadt@cvs.openbsd.org 2006/03/25 18:29:35 [auth-rsa.c authfd.c packet.c] needed casts (always will be needed)	2006-03-26 14:25:19 +11:00
Damien Miller	48c4ed2b78	oops, rewrap	2006-03-26 14:25:05 +11:00
Damien Miller	57c30117c1	- djm@cvs.openbsd.org 2006/03/25 13:17:03 [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files	2006-03-26 14:24:48 +11:00
Damien Miller	55b04f1d77	- djm@cvs.openbsd.org 2006/03/25 01:30:23 [sftp.c] "abormally" is a perfectly cromulent word, but "abnormally" is better	2006-03-26 14:23:17 +11:00
Damien Miller	36812092ec	- djm@cvs.openbsd.org 2006/03/25 01:13:23 [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] [uidswap.c] change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@	2006-03-26 14:22:47 +11:00
Damien Miller	07d86bec5e	- djm@cvs.openbsd.org 2006/03/25 00:05:41 [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] [xmalloc.c xmalloc.h] introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@	2006-03-26 14:19:21 +11:00
Damien Miller	a5a2859275	- deraadt@cvs.openbsd.org 2006/03/20 21:11:53 [ttymodes.c] spacing	2006-03-26 14:10:34 +11:00
Damien Miller	4f7becb44f	- deraadt@cvs.openbsd.org 2006/03/20 18:48:34 [channels.c fatal.c kex.c packet.c serverloop.c] spacing	2006-03-26 14:10:14 +11:00
Damien Miller	1d2b6706ba	- deraadt@cvs.openbsd.org 2006/03/20 18:42:27 [canohost.c match.c ssh.c sshconnect.c] be strict with tolower() casting	2006-03-26 14:09:54 +11:00
Damien Miller	1ff7c642ee	- deraadt@cvs.openbsd.org 2006/03/20 18:41:43 [dns.c] cast xstrdup to propert u_char *	2006-03-26 14:09:09 +11:00
Damien Miller	4ae97f1885	- deraadt@cvs.openbsd.org 2006/03/20 18:35:12 [channels.c] x11_fake_data is only ever used as u_char *	2006-03-26 14:08:10 +11:00
Damien Miller	9f3bd53acd	- deraadt@cvs.openbsd.org 2006/03/20 18:27:50 [monitor.c] spacing	2006-03-26 14:07:52 +11:00
Damien Miller	9096740f6c	- deraadt@cvs.openbsd.org 2006/03/20 18:26:55 [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c] [ssh-rsa.c ssh.c sshlogin.c] annoying spacing fixes getting in the way of real diffs	2006-03-26 14:07:26 +11:00
Damien Miller	91d4b12fcb	- deraadt@cvs.openbsd.org 2006/03/20 18:17:20 [auth1.c auth2.c sshd.c] sprinkle some ARGSUSED for table driven functions (which sometimes must ignore their args)	2006-03-26 14:05:20 +11:00
Damien Miller	1b81a49f86	rewrap	2006-03-26 14:05:02 +11:00
Damien Miller	71a7367130	- deraadt@cvs.openbsd.org 2006/03/20 18:14:02 [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c] [ssh.c sshpty.c sshpty.h] sprinkle u_int throughout pty subsystem, ok markus	2006-03-26 14:04:36 +11:00
Damien Miller	6d39bcf898	- deraadt@cvs.openbsd.org 2006/03/20 17:17:23 [ssh-rsa.c] in a switch (), break after return or goto is stupid	2006-03-26 14:03:21 +11:00
Damien Miller	bbaad7772a	- deraadt@cvs.openbsd.org 2006/03/20 17:13:16 [key.c] djm did a typo	2006-03-26 14:03:03 +11:00
Damien Miller	69b7203e6f	- deraadt@cvs.openbsd.org 2006/03/20 17:10:19 [auth.c key.c misc.c packet.c ssh-add.c] in a switch (), break after return or goto is stupid	2006-03-26 14:02:35 +11:00
Damien Miller	429fcc23db	- djm@cvs.openbsd.org 2006/03/20 11:38:46 [key.c] (really) last of the Coverity diffs: avoid possible NULL deref in key_free. via elad AT netbsd.org; markus@ ok	2006-03-26 14:02:16 +11:00
Damien Miller	96937bd914	- djm@cvs.openbsd.org 2006/03/20 04:09:44 [monitor.c] memory leaks detected by Coverity via elad AT netbsd.org; deraadt@ ok that should be all of them now	2006-03-26 14:01:54 +11:00
Damien Miller	3305f5591f	- deraadt@cvs.openbsd.org 2006/03/19 18:59:09 [authfile.c] whoever thought that break after return was a good idea needs to get their head examimed	2006-03-26 14:00:31 +11:00
Damien Miller	4662d3492f	- deraadt@cvs.openbsd.org 2006/03/19 18:59:30 [ssh.c] spacing	2006-03-26 13:59:59 +11:00
Damien Miller	3bbaba6075	- deraadt@cvs.openbsd.org 2006/03/19 18:59:49 [ssh-keyscan.c] please lint	2006-03-26 13:59:38 +11:00
Damien Miller	f0b15dfc52	- deraadt@cvs.openbsd.org 2006/03/19 18:56:41 [clientloop.c progressmeter.c serverloop.c sshd.c] ARGSUSED for signal handlers	2006-03-26 13:59:20 +11:00
Damien Miller	c91e556d8a	- deraadt@cvs.openbsd.org 2006/03/19 18:53:12 [kex.c kex.h monitor.c myproposal.h session.c] spacing	2006-03-26 13:58:55 +11:00
Damien Miller	d62f2ca376	- deraadt@cvs.openbsd.org 2006/03/19 18:52:11 [auth1.c authfd.c channels.c] spacing	2006-03-26 13:57:41 +11:00
Damien Miller	78f16cb07b	- dtucker@cvs.openbsd.org 2006/03/19 11:51:52 [servconf.c] Correct strdelim null test; ok djm@	2006-03-26 13:54:37 +11:00
Damien Miller	5790b5910b	- djm@cvs.openbsd.org 2006/03/19 07:41:30 [sshconnect2.c] memory leaks detected by Coverity via elad AT netbsd.org; deraadt@ ok	2006-03-26 13:54:03 +11:00
Damien Miller	928b23684a	- djm@cvs.openbsd.org 2006/03/19 02:24:05 [dh.c readconf.c servconf.c] potential NULL pointer dereferences detected by Coverity via elad AT netbsd.org; ok deraadt@	2006-03-26 13:53:32 +11:00
Damien Miller	6db780e259	- djm@cvs.openbsd.org 2006/03/19 02:23:26 [hostfile.c] FILE* leak detected by Coverity via elad AT netbsd.org; ok deraadt@	2006-03-26 13:52:20 +11:00
Damien Miller	e0b90a6766	- djm@cvs.openbsd.org 2006/03/19 02:22:56 [sftp.c] more memory leaks detected by Coverity via elad AT netbsd.org; deraadt@ ok	2006-03-26 13:51:44 +11:00
Damien Miller	6f98a1fea7	- djm@cvs.openbsd.org 2006/03/19 02:22:32 [serverloop.c] memory leaks detected by Coverity via elad AT netbsd.org; ok deraadt@ dtucker@	2006-03-26 13:51:08 +11:00
Damien Miller	304a940889	- djm@cvs.openbsd.org 2006/03/17 22:31:11 [authfd.c] unreachanble statement, found by lint	2006-03-26 13:50:37 +11:00
Damien Miller	5b83232b48	- djm@cvs.openbsd.org 2006/03/17 22:31:50 [authfd.c] another unreachable found by lint	2006-03-26 13:50:14 +11:00
Damien Miller	745570cd79	- biorn@cvs.openbsd.org 2006/03/16 10:31:45 [scp.c] Try to display errormessage even if remout == -1 ok djm@, markus@	2006-03-26 13:49:43 +11:00
Damien Miller	cb314828eb	- OpenBSD CVS Sync - jakob@cvs.openbsd.org 2006/03/15 08:46:44 [ssh-keygen.c] if no key file are given when printing the DNS host record, use the host key file(s) as default. ok djm@	2006-03-26 13:48:01 +11:00
Damien Miller	2dbbf8e9fc	[deattack.c deattack.h] remove IV support from the CRC attack detector, OpenSSH has never used it - it only applied to IDEA-CFB, which we don't support. prompted by NetBSD Coverity report via elad AT netbsd.org; feedback markus@ "nuke it" deraadt@	2006-03-26 00:11:46 +11:00
Damien Miller	a1b3d636ab	- jakob@cvs.openbsd.org 2006/03/22 21:16:24 [ssh.1] simplify SSHFP example; ok jmc@	2006-03-26 00:07:02 +11:00
Damien Miller	5996294a95	- deraadt@cvs.openbsd.org 2006/03/20 18:41:43 [dns.c] cast xstrdup to propert u_char *	2006-03-26 00:06:48 +11:00
Damien Miller	1345e617da	- deraadt@cvs.openbsd.org 2006/03/20 18:26:55 [session.h] annoying spacing fixes getting in the way of real diffs	2006-03-26 00:06:32 +11:00
Damien Miller	ed3986a004	- deraadt@cvs.openbsd.org 2006/03/20 18:14:02 [monitor_wrap.h sshpty.h] sprinkle u_int throughout pty subsystem, ok markus	2006-03-26 00:06:14 +11:00
Damien Miller	91a2d9746a	- djm@cvs.openbsd.org 2006/03/20 04:08:18 [gss-serv.c] last lot of GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok	2006-03-26 00:05:44 +11:00
Damien Miller	a66cf68dd7	- djm@cvs.openbsd.org 2006/03/20 04:07:49 [gss-genr.c] more GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok	2006-03-26 00:05:23 +11:00
Damien Miller	f23c09670a	- djm@cvs.openbsd.org 2006/03/20 04:07:22 [auth2-gss.c] GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok	2006-03-26 00:04:53 +11:00
Damien Miller	51b4f82123	- deraadt@cvs.openbsd.org 2006/03/19 18:53:12 [kex.h myproposal.h] spacing	2006-03-26 00:04:32 +11:00
Damien Miller	b0fb6872ed	- deraadt@cvs.openbsd.org 2006/03/19 18:51:18 [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die	2006-03-26 00:03:21 +11:00
Damien Miller	3e96d74274	- djm@cvs.openbsd.org 2006/03/16 04:24:42 [ssh.1] Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs that OpenSSH supports	2006-03-25 23:39:29 +11:00
Darren Tucker	9834cab32e	- (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173 : make fmtint() take a LLONG rather than a long. Fixes scp'ing of large files on platforms with missing/broken snprintfs. Patch from e.borovac at bom.gov.au.	2006-03-19 00:07:07 +11:00
Damien Miller	66f9eb65ff	- (djm) [auth-pam.c] Fix memleak in error path, from Coverity via elad AT NetBSD.org	2006-03-18 23:04:49 +11:00
Damien Miller	b309203ce0	- (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old OpenSSL; ok tim	2006-03-16 18:22:18 +11:00
Tim Rice	425a6886f9	- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.	2006-03-15 20:17:05 -08:00
Darren Tucker	c495301bf8	- (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in /usr/include/crypto. Hint from djm@.	2006-03-16 08:14:34 +11:00
Darren Tucker	d82cbcb9da	- (dtucker) [entropy.c] Add headers for WIFEXITED and friends.	2006-03-16 07:21:35 +11:00
Darren Tucker	8bb9e2c900	- (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.	2006-03-15 22:28:17 +11:00
Darren Tucker	dc6118e127	- (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs sys/ioctl.h for struct winsize.	2006-03-15 22:25:54 +11:00
Damien Miller	b0024914c9	- (djm) [includes.h] Put back paths.h, it is needed in defines.h	2006-03-15 21:48:54 +11:00
Darren Tucker	486d95e6f7	- (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE	2006-03-15 21:31:39 +11:00
Tim Rice	4b23f7c660	- (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some includes removed from includes.h	2006-03-14 22:09:50 -08:00
Tim Rice	7a4cf232c9	- (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:" warnings.	2006-03-14 21:04:18 -08:00
Damien Miller	6645e7a70d	- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris	2006-03-15 14:42:54 +11:00
Damien Miller	34877d2e17	- (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out SHA384, which we don't need and doesn't compile without tweaks	2006-03-15 14:36:55 +11:00
Damien Miller	42fb06898e	- (djm) [ssh-agent.c] Restore dropped stat.h	2006-03-15 14:03:06 +11:00
Damien Miller	3717cdac60	- (djm) [ssh-rand-helper.c] Needs a bunch of headers	2006-03-15 14:02:36 +11:00
Damien Miller	a623807860	- (djm) [openbsd-compat/sha2.h] Avoid include macro clash with system sha2.h	2006-03-15 14:02:01 +11:00
Damien Miller	627725281e	- (djm) [loginrec.c] Need stat.h	2006-03-15 14:01:11 +11:00
Damien Miller	b3b4ba3fba	- (djm) [regress/.cvsignore] Ignore Makefile here	2006-03-15 13:13:27 +11:00
Damien Miller	41e364bcfa	- (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present	2006-03-15 13:12:41 +11:00
Damien Miller	471e9b3ca6	- (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files	2006-03-15 13:09:18 +11:00
Damien Miller	dcf4ca110e	- (djm) [includes.h] Restore accidentally dropped netinet/in.h	2006-03-15 13:07:48 +11:00
Damien Miller	af87af165f	- (djm) [configure.ac defines.h kex.c md-sha256.c] [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present	2006-03-15 13:02:28 +11:00
Damien Miller	a63128d1a8	- djm@cvs.openbsd.org 2006/03/07 09:07:40 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet	2006-03-15 12:08:28 +11:00
Damien Miller	cc3e8ba3c2	- markus@cvs.openbsd.org 2006/03/14 16:32:48 [ssh_config.5 sshd_config.5] *AliveCountMax applies to protcol v2 only; ok dtucker, djm	2006-03-15 12:06:55 +11:00
Damien Miller	de85a28825	- djm@cvs.openbsd.org 2006/03/14 00:15:39 [canohost.c] log the originating address and not just the name when a reverse mapping check fails, requested by linux AT linuon.com	2006-03-15 12:06:41 +11:00
Damien Miller	8275fade44	- dtucker@cvs.openbsd.org 2006/03/13 10:26:52 [authfile.c authfile.h ssh-add.c] Make ssh-add check file permissions before attempting to load private key files multiple times; it will fail anyway and this prevents confusing multiple prompts and warnings. mindrot #1138, ok djm@	2006-03-15 12:06:23 +11:00
Damien Miller	306d118f72	- dtucker@cvs.openbsd.org 2006/03/13 10:14:29 [misc.c ssh_config.5 sshd_config.5] Allow config directives to contain whitespace by surrounding them by double quotes. mindrot #482, man page help from jmc@, ok djm@	2006-03-15 12:05:59 +11:00
Damien Miller	8056a9d46a	- dtucker@cvs.openbsd.org 2006/03/13 08:43:16 [ssh-keygen.c] Make ssh-keygen handle CR and CRLF line termination when converting IETF format keys, in adition to vanilla LF. mindrot #1157, tested by Chris Pepper, ok djm@	2006-03-15 12:05:40 +11:00
Damien Miller	314dd4b2f3	- dtucker@cvs.openbsd.org 2006/03/13 08:33:00 [packet.c] Set TCP_NODELAY for all connections not just "interactive" ones. Fixes poor performance and protocol stalls under some network conditions (mindrot bugs #556 and #981). Patch originally from markus@, ok djm@	2006-03-15 12:05:22 +11:00
Damien Miller	b24c2f8e33	- djm@cvs.openbsd.org 2006/03/13 08:16:00 [sshd.c] don't log that we are listening on a socket before the listen() call actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@	2006-03-15 12:04:36 +11:00
Damien Miller	2ecb6bd95d	- djm@cvs.openbsd.org 2006/03/12 04:23:07 [ssh.c] knf nit	2006-03-15 12:03:53 +11:00
Damien Miller	ec04f360eb	- djm@cvs.openbsd.org 2006/03/04 04:12:58 [serverloop.c] move a debug() outside of a signal handler; ok markus@ a little while back	2006-03-15 12:01:34 +11:00
Damien Miller	1cf76d97f9	- djm@cvs.openbsd.org 2006/02/28 01:10:21 [session.c] fix logout recording when privilege separation is disabled, analysis and patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@ NB. ID sync only - patch already in portable	2006-03-15 12:01:14 +11:00
Damien Miller	4aea974a1d	- jmc@cvs.openbsd.org 2006/02/26 18:03:10 [ssh_config.5] comma;	2006-03-15 11:59:39 +11:00
Damien Miller	e3beba231a	- jmc@cvs.openbsd.org 2006/02/26 18:01:13 [sshd_config.5] subsection is pointless here;	2006-03-15 11:59:25 +11:00
Damien Miller	b5282c2f06	- jmc@cvs.openbsd.org 2006/02/26 17:17:18 [ssh_config.5] move PATTERNS to the end of the main body; requested by dtucker	2006-03-15 11:59:08 +11:00
Damien Miller	ac73e51390	- jmc@cvs.openbsd.org 2006/02/25 12:28:34 [sshd_config.5] document the order in which allow/deny directives are processed; help/ok dtucker	2006-03-15 11:58:49 +11:00
Damien Miller	d450f49d4a	missed in commit message: help/ok dtucker	2006-03-15 11:58:25 +11:00
Damien Miller	9cfbaecb64	- jmc@cvs.openbsd.org 2006/02/25 12:26:17 [ssh_config.5] document the possible values for KbdInteractiveDevices;	2006-03-15 11:57:55 +11:00
Damien Miller	f4f22b54c0	- jmc@cvs.openbsd.org 2006/02/24 23:51:17 [sshd_config.5] oops - bits i missed;	2006-03-15 11:57:25 +11:00
Damien Miller	5b0d63f894	- jmc@cvs.openbsd.org 2006/02/24 23:43:57 [sshd_config.5] some grammar/wording fixes;	2006-03-15 11:56:56 +11:00
Damien Miller	45ee2b91e6	- jmc@cvs.openbsd.org 2006/02/24 23:20:07 [ssh_config.5] some grammar/wording fixes;	2006-03-15 11:56:18 +11:00
Damien Miller	208f1ed6f1	- jmc@cvs.openbsd.org 2006/02/24 20:31:31 [ssh.1 ssh_config.5 sshd.8 sshd_config.5] more consistency fixes;	2006-03-15 11:56:03 +11:00
Damien Miller	1faa713323	- jmc@cvs.openbsd.org 2006/02/24 20:22:16 [ssh-keysign.8 ssh_config.5 sshd_config.5] some consistency fixes;	2006-03-15 11:55:31 +11:00
Damien Miller	c7d5b5e466	- jmc@cvs.openbsd.org 2006/02/24 10:39:52 [sshd.8] signpost to PATTERNS section;	2006-03-15 11:55:08 +11:00
Damien Miller	f54a4b9da5	- jmc@cvs.openbsd.org 2006/02/24 10:37:07 [ssh_config.5] tidy up the refs to PATTERNS;	2006-03-15 11:54:36 +11:00
Damien Miller	0c2079d81f	- jmc@cvs.openbsd.org 2006/02/24 10:33:54 [sshd_config.5] signpost to PATTERNS;	2006-03-15 11:54:21 +11:00
Damien Miller	6def55171f	- jmc@cvs.openbsd.org 2006/02/24 10:25:14 [ssh_config.5] add section on patterns; from dtucker + myself	2006-03-15 11:54:05 +11:00
Damien Miller	c7b06369a8	- stevesk@cvs.openbsd.org 2006/02/22 00:04:45 [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c] [sshconnect.c] move #include <ctype.h> out of includes.h; ok djm@	2006-03-15 11:53:45 +11:00
Damien Miller	6ff3caddb6	oops, this commit is really: - stevesk@cvs.openbsd.org 2006/02/20 17:02:44 [clientloop.c includes.h monitor.c progressmeter.c scp.c] [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c] move #include <signal.h> out of includes.h; ok markus@ the previous was: - stevesk@cvs.openbsd.org 2006/02/20 17:19:54 [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c] [authfile.c clientloop.c includes.h readconf.c scp.c session.c] [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c] [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c] [sshconnect2.c sshd.c sshpty.c] move #include <sys/stat.h> out of includes.h; ok markus@	2006-03-15 11:52:09 +11:00
Damien Miller	f17883e6a0	- stevesk@cvs.openbsd.org 2006/02/20 17:02:44 [clientloop.c includes.h monitor.c progressmeter.c scp.c] [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c] move #include <signal.h> out of includes.h; ok markus@	2006-03-15 11:45:54 +11:00
Damien Miller	574c41fdb3	- stevesk@cvs.openbsd.org 2006/02/20 16:36:15 [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c] move #include <sys/un.h> out of includes.h; ok djm@	2006-03-15 11:40:10 +11:00
Damien Miller	5c853b531f	- jmc@cvs.openbsd.org 2006/02/19 20:12:25 [ssh_config.5] add some vertical space;	2006-03-15 11:37:02 +11:00
Damien Miller	edd0375d82	- jmc@cvs.openbsd.org 2006/02/19 20:05:00 [sshd.8] grammar;	2006-03-15 11:36:45 +11:00
Damien Miller	445121fe8d	- jmc@cvs.openbsd.org 2006/02/19 20:02:17 [sshd.8] sync the (s)hosts.equiv FILES entries w/ those from ssh.1;	2006-03-15 11:36:18 +11:00
Damien Miller	fd725cf585	- jmc@cvs.openbsd.org 2006/02/19 19:52:10 [sshd.8] move the sshrc stuff out of FILES, and into its own section: FILES is not a good place to document how stuff works;	2006-03-15 11:35:54 +11:00
Damien Miller	adc35b9583	- jmc@cvs.openbsd.org 2006/02/16 09:05:34 [sshd.8] sync some of the FILES entries w/ ssh.1;	2006-03-15 11:35:27 +11:00
Damien Miller	bc1936ad87	- jmc@cvs.openbsd.org 2006/02/15 16:55:33 [sshd.8] remove ietf draft references; RFC list now maintained in ssh.1;	2006-03-15 11:35:05 +11:00
Damien Miller	39a93a3305	- jmc@cvs.openbsd.org 2006/02/15 16:53:20 [ssh.1] remove the IETF draft references and replace them with some updated RFCs;	2006-03-15 11:34:45 +11:00
Damien Miller	0c8d8f68db	- david@cvs.openbsd.org 2006/02/15 05:08:24 [sftp-client.c] typo in comment; ok djm@	2006-03-15 11:34:25 +11:00
Damien Miller	d8702e865d	- jmc@cvs.openbsd.org 2006/02/13 11:27:25 [sshd.8] sort FILES and use a -compact list;	2006-03-15 11:33:56 +11:00
Damien Miller	c8f61cf199	- jmc@cvs.openbsd.org 2006/02/13 11:08:43 [sshd.8] - avoid nasty line split - `*' does not need to be escaped	2006-03-15 11:33:25 +11:00
Damien Miller	cc00f5e259	- jmc@cvs.openbsd.org 2006/02/13 11:02:26 [sshd.8] turn this into an example ssh_known_hosts file; ok djm	2006-03-15 11:33:00 +11:00
Damien Miller	9a7f201d45	- jmc@cvs.openbsd.org 2006/02/13 10:21:25 [sshd.8] small tweaks for the ssh_known_hosts section;	2006-03-15 11:32:42 +11:00
Damien Miller	7d2ef02f1c	- jmc@cvs.openbsd.org 2006/02/13 10:16:39 [sshd.8] no need to subsection the authorized_keys examples - instead, convert this to look like an actual file. also use proto 2 keys, and use IETF example addresses;	2006-03-15 11:32:06 +11:00
Damien Miller	31bdc52325	- jmc@cvs.openbsd.org 2006/02/12 17:57:19 [sshd.8] sort the list of options permissable w/ authorized_keys; ok djm dtucker	2006-03-15 11:31:44 +11:00
Damien Miller	dcfea27f1b	- jmc@cvs.openbsd.org 2006/02/12 10:52:41 [sshd.8] rework the description of authorized_keys a little;	2006-03-15 11:31:22 +11:00
Damien Miller	20c2ec48c3	- jmc@cvs.openbsd.org 2006/02/12 10:49:44 [ssh_config.5] slight rewording; ok djm	2006-03-15 11:31:01 +11:00
Damien Miller	b59d4fe8b5	- djm@cvs.openbsd.org 2006/02/12 10:44:18 [readconf.c] raise error when the user specifies a RekeyLimit that is smaller than 16 (the smallest of our cipher's blocksize) or big enough to cause integer wraparound; ok & feedback dtucker@	2006-03-15 11:30:38 +11:00
Damien Miller	3ec54c7e58	- djm@cvs.openbsd.org 2006/02/12 06:45:34 [ssh.c ssh_config.5] add a %l expansion code to the ControlPath, which is filled in with the local hostname at runtime. Requested by henning@ to avoid some problems with /home on NFS; ok dtucker@	2006-03-15 11:30:13 +11:00
Damien Miller	3fd019ecca	- otto@cvs.openbsd.org 2006/02/11 19:31:18 [atomicio.c] type correctness; from Ray Lai in PR 5011; ok millert@	2006-03-15 11:29:51 +11:00
Damien Miller	9cf6d077fb	- stevesk@cvs.openbsd.org 2006/02/10 01:44:27 [includes.h monitor.c readpass.c scp.c serverloop.c session.c^?] [sftp.c sshconnect.c sshconnect2.c sshd.c] move #include <sys/wait.h> out of includes.h; ok markus@	2006-03-15 11:29:24 +11:00
Damien Miller	17e91c0fb0	- stevesk@cvs.openbsd.org 2006/02/10 00:27:13 [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c] [ssh.c sshd.c sshpty.c] move #include <sys/ioctl.h> out of includes.h; ok markus@	2006-03-15 11:28:34 +11:00
Damien Miller	c47d7e9e19	- jmc@cvs.openbsd.org 2006/02/09 10:10:47 [sshd.8] - move some text into a CAVEATS section - merge the COMMAND EXECUTION... section into AUTHENTICATION	2006-03-15 11:27:20 +11:00
Damien Miller	1d90540534	- stevesk@cvs.openbsd.org 2006/02/09 00:32:07 [includes.h] #include <sys/endian.h> not needed; ok djm@ NB. ID Sync only - we still need this (but it may move later)	2006-03-15 11:26:55 +11:00
Damien Miller	88f254b9a5	- stevesk@cvs.openbsd.org 2006/02/08 23:51:24 [includes.h scp.c sftp-glob.c sftp-server.c] move #include <dirent.h> out of includes.h; ok markus@	2006-03-15 11:25:13 +11:00
Damien Miller	68f8e992bf	- stevesk@cvs.openbsd.org 2006/02/08 14:38:18 [includes.h packet.c] move #include <netinet/in_systm.h> and <netinet/ip.h> out of includes.h; ok markus@	2006-03-15 11:24:12 +11:00
Damien Miller	cd4223c245	- stevesk@cvs.openbsd.org 2006/02/08 14:31:30 [includes.h ssh-agent.c ssh-keyscan.c ssh.c] move #include <sys/resource.h> out of includes.h; ok markus@	2006-03-15 11:22:47 +11:00
Damien Miller	52ab084755	- stevesk@cvs.openbsd.org 2006/02/08 14:16:59 [sshconnect.c] <openssl/bn.h> not needed	2006-03-15 11:20:46 +11:00
Damien Miller	0b70b54abc	- stevesk@cvs.openbsd.org 2006/02/08 13:15:44 [gss-serv.c monitor.c] small KNF	2006-03-15 11:20:03 +11:00
Damien Miller	3a4051e88b	- stevesk@cvs.openbsd.org 2006/02/08 12:32:49 [includes.h misc.c] move #include <netinet/tcp.h> out of includes.h; ok markus@	2006-03-15 11:19:42 +11:00

... 6 7 8 9 10 ...

4898 Commits