tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,622 Commits 6 Branches 20 Tags 99 MiB
Commit Graph

6124 Commits

Author SHA1 Message Date
Darren Tucker 2920bc145c - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 
[regress/connect-privsep.sh]
     test sandbox with every malloc option
 2012-06-30 15:06:28 +10:00
Darren Tucker ff32d7c9d2 - djm@cvs.openbsd.org 2012/06/01 00:52:52 
[regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
 2012-06-30 15:04:13 +10:00
Darren Tucker 4430a86c14 - djm@cvs.openbsd.org 2012/06/01 00:47:35 
[multiplex.sh forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.
 2012-06-30 15:03:28 +10:00
Darren Tucker 301390316c - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 
[regress/addrmatch.sh]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@ markus@.
 2012-06-30 15:01:22 +10:00
Damien Miller ee3c196ec7 - naddy@cvs.openbsd.org 2012/06/29 13:57:25 
[ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@

(actual patch accidentally committed with previous)
 2012-06-30 08:35:59 +10:00
Damien Miller db4f8e8618 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 
[mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 2012-06-30 08:34:59 +10:00
Damien Miller 560de922b1 - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 
[sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
 2012-06-30 08:33:53 +10:00
Damien Miller ea8582931f - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 
[sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@
 2012-06-30 08:33:32 +10:00
Damien Miller 5f58a87768 - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 
[monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@
 2012-06-30 08:33:17 +10:00
Damien Miller 97f43bbfc9 - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 
[addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
 2012-06-30 08:32:29 +10:00
Darren Tucker 8908da7dce - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null 
pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.
 2012-06-28 15:21:32 +10:00
Darren Tucker 62dcd63f5e - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as 
can logon as a service.  Patch from vinschen at redhat com.
 2012-06-22 22:02:42 +10:00
Damien Miller 6c6da33d31 - djm@cvs.openbsd.org 2012/06/20 04:42:58 
[clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying
 2012-06-20 22:31:26 +10:00
Damien Miller f8268503d1 - jmc@cvs.openbsd.org 2012/06/19 21:35:54 
[sshd_config.5]
     tweak previous; ok markus
 2012-06-20 21:54:15 +10:00
Damien Miller c24da77015 - markus@cvs.openbsd.org 2012/06/19 18:25:28 
[servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@ (back in March)
 2012-06-20 21:53:58 +10:00
Damien Miller 36378c6413 - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 
[ssh.1]
     Clarify description of -W.  Noted by Steve.McClellan at radisys com, ok jmc
 2012-06-20 21:53:25 +10:00
Damien Miller b9902cf6f6 - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 
[ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
 2012-06-20 21:52:58 +10:00
Damien Miller 7192433633 - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 
[ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
 2012-06-20 21:52:38 +10:00
Damien Miller 276dcfd7f7 - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 
[jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
 2012-06-20 21:52:18 +10:00
Damien Miller 2e7decfcc0 - djm@cvs.openbsd.org 2012/06/01 01:01:22 
[mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
 2012-06-20 21:52:00 +10:00
Damien Miller 7f12157c0a - djm@cvs.openbsd.org 2012/06/01 00:49:35 
[PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
 2012-06-20 21:51:29 +10:00
Damien Miller 3bde12aeef - djm@cvs.openbsd.org 2012/05/23 03:28:28 
[dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
 2012-06-20 21:51:11 +10:00
Damien Miller ac58ce86e6 - djm@cvs.openbsd.org 2012/01/07 21:11:36 
[mux.c]
     fix double-free in new session handler
     NB. Id sync only
 2012-06-20 21:50:47 +10:00
Damien Miller 140df63e1f - djm@cvs.openbsd.org 2011/12/04 23:16:12 
[mux.c]
     revert:

     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@

     it interacts badly with ControlPersist
 2012-06-20 21:46:57 +10:00
Damien Miller efc6fc995d - djm@cvs.openbsd.org 2011/12/02 00:41:56 
[mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@
 2012-06-20 21:44:56 +10:00
Darren Tucker ba9ea3200d - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 
[sshd_config.5]
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron
 2012-05-19 19:37:33 +10:00
Darren Tucker fbcf827559 - (dtucker) OpenBSD CVS Sync 
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@ markus@.
 2012-05-19 19:37:01 +10:00
Darren Tucker 593538911a - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find 
pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
 2012-05-19 15:24:37 +10:00
Darren Tucker d0494fdb29 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch 
from cjwatson at debian org.
 2012-05-19 14:25:39 +10:00
Darren Tucker e1a3ddf992 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h> 
to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.
 2012-05-04 11:05:45 +10:00
Darren Tucker d0d3fff483 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 
platform rather than exiting early, so that we still clean up and return
   status to test-exec.sh
 2012-04-27 10:55:39 +10:00
Damien Miller 025bfd11d9 - (djm) [auth-krb5.c] Save errno across calls that might modify it; 
ok dtucker@
 2012-04-26 09:52:15 +10:00
Damien Miller 7584cb1ac4 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters 
via Niels
 2012-04-26 09:51:26 +10:00
Damien Miller ba77e1f673 - djm@cvs.openbsd.org 2012/04/23 08:18:17 
[channels.c]
     fix function proto/source mismatch
 2012-04-23 18:21:05 +10:00
Damien Miller 70b2d5550b - jmc@cvs.openbsd.org 2012/04/20 16:26:22 
[ssh.1]
     use "brackets" instead of "braces", for consistency;
 2012-04-22 11:26:10 +10:00
Damien Miller 4922315d1d - djm@cvs.openbsd.org 2012/04/20 03:24:23 
[sftp.c]
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
 2012-04-22 11:25:47 +10:00
Damien Miller 8fef9ebbab - djm@cvs.openbsd.org 2012/04/12 02:43:55 
[sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
 2012-04-22 11:25:10 +10:00
Damien Miller 23528816dc - djm@cvs.openbsd.org 2012/04/12 02:42:32 
[servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@ "don't care" markus@
 2012-04-22 11:24:43 +10:00
Damien Miller 839f743464 - djm@cvs.openbsd.org 2012/04/11 13:34:17 
[ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
 2012-04-22 11:24:21 +10:00
Damien Miller a116d13c4d - djm@cvs.openbsd.org 2012/04/11 13:26:40 
[sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@ markus@
 2012-04-22 11:23:46 +10:00
Damien Miller 9fed161e67 - djm@cvs.openbsd.org 2012/04/11 13:17:54 
[auth.c]
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
 2012-04-22 11:21:43 +10:00
Damien Miller a6508753db - djm@cvs.openbsd.org 2012/04/11 13:16:19 
[channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@ markus@
 2012-04-22 11:21:10 +10:00
Damien Miller c6081482b2 - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 
[channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@
 2012-04-22 11:18:53 +10:00
Damien Miller 48348fc3b4 - djm@cvs.openbsd.org 2012/03/28 07:23:22 
[PROTOCOL.certkeys]
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
 2012-04-22 11:08:30 +10:00
Damien Miller 29cd188887 - guenther@cvs.openbsd.org 2012/03/15 03:10:27 
[session.c]
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@ millert@
 2012-04-22 11:08:10 +10:00
Damien Miller a563cced06 - djm@cvs.openbsd.org 2012/02/29 11:21:26 
[ssh-keygen.c]
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
 2012-04-22 11:07:28 +10:00
Damien Miller d5dacb43fa - (djm) Release openssh-6.0 2012-04-20 15:01:01 +10:00
Damien Miller bf2304167b - (djm) [README] Update URL to release notes. 2012-04-20 14:11:04 +10:00
Damien Miller 8beb320390 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Update for release 6.0
 2012-04-20 10:58:34 +10:00
Damien Miller 398c0ffe0e - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil 
contains openpty() but not login()
 2012-04-19 21:46:35 +10:00
Damien Miller e0956e3834 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox 
mode for Linux's new seccomp filter; patch from Will Drewry; feedback
   and ok dtucker@
 2012-04-04 11:27:54 +10:00
Damien Miller ce1ec9d4e2 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect 
assumptions when building on Cygwin; patch from Corinna Vinschen
 2012-03-30 14:07:05 +11:00
Damien Miller 4d55734c16 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running 
openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@
 2012-03-30 11:34:27 +11:00
Darren Tucker 67ccc86506 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING 
file from spec file.  From crighter at nuclioss com.
 2012-03-30 10:19:56 +11:00
Damien Miller 54c38d24c6 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6 
addressed connections. ok dtucker@
 2012-03-09 10:28:07 +11:00
Damien Miller 7bf7b889b3 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@
 2012-03-09 10:25:16 +11:00
Darren Tucker 93a2d41505 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM 
audit breakage in Solaris 11.  Patch from Magnus Johansson.
 2012-02-24 10:40:41 +11:00
Tim Rice a3f297de91 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote 
to work. Spotted by Angel Gonzalez
 2012-02-14 23:01:42 -08:00
Tim Rice f79b5d38a1 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so 
it actually works.
 2012-02-14 20:13:05 -08:00
Tim Rice e3609c935c - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for 
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
   ok dtucker@
 2012-02-14 10:03:30 -08:00
Damien Miller 7b7901c330 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of 
preserved Cygwin environment variables; from Corinna Vinschen
 2012-02-14 06:38:36 +11:00
Damien Miller db854559be - markus@cvs.openbsd.org 2012/02/09 20:00:18 
[version.h]
     move from 6.0-beta to 6.0
 2012-02-11 08:19:44 +11:00
Damien Miller 72de982def - markus@cvs.openbsd.org 2012/01/25 19:40:09 
[packet.c packet.h]
     packet_read_poll() is not used anymore.
 2012-02-11 08:19:21 +11:00
Damien Miller 5d0077008f - markus@cvs.openbsd.org 2012/01/25 19:36:31 
[authfile.c]
     memleak in key_load_file(); from Jan Klemkow
 2012-02-11 08:19:02 +11:00
Damien Miller 1de2cfe9a9 - markus@cvs.openbsd.org 2012/01/25 19:26:43 
[packet.c]
     do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
     ok dtucker@, djm@
 2012-02-11 08:18:43 +11:00
Damien Miller 8d60be5487 - dtucker@cvs.openbsd.org 2012/01/18 21:46:43 
[clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
 2012-02-11 08:18:17 +11:00
Damien Miller fb12c6d8bb - miod@cvs.openbsd.org 2012/01/16 20:34:09 
[ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@
 2012-02-11 08:17:52 +11:00
Damien Miller 83ba8e6056 - miod@cvs.openbsd.org 2012/01/08 13:17:11 
[ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@
 2012-02-11 08:17:27 +11:00
Damien Miller 2ec0342ed4 - djm@cvs.openbsd.org 2012/01/07 21:11:36 
[mux.c]
     fix double-free in new session handler
 2012-02-11 08:16:28 +11:00
Damien Miller a2876db5e6 - djm@cvs.openbsd.org 2012/01/05 00:16:56 
[monitor.c]
     memleak on error path
 2012-02-11 08:16:06 +11:00
Damien Miller b56e4930ae - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms 
that don't support ECC. Patch from Phil Oleson
 2012-02-06 07:41:27 +11:00
Darren Tucker e9b3ad73ba - (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] Add 
null implementation of HMAC_CTX_init for the benefit of old versions
   of OpenSSL that don't have it.
 2012-01-17 14:03:34 +11:00
Damien Miller 8ed4de8f1d - djm@cvs.openbsd.org 2011/12/07 05:44:38 
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@
 2011-12-19 10:52:50 +11:00
Damien Miller 913ddff40d - djm@cvs.openbsd.org 2011/12/04 23:16:12 
[mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@
     it interacts badly with ControlPersist
 2011-12-19 10:52:21 +11:00
Damien Miller d0e582c6da - djm@cvs.openbsd.org 2011/12/02 00:43:57 
[mac.c]
     fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
     HMAC_init (this change in policy seems insane to me)
     ok dtucker@
 2011-12-19 10:51:39 +11:00
Damien Miller 5360dff2a0 - djm@cvs.openbsd.org 2011/12/02 00:41:56 
[mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@
 2011-12-19 10:51:11 +11:00
Damien Miller 47d8115e53 - oga@cvs.openbsd.org 2011/11/16 12:24:28 
[sftp.c]
     Don't leak list in complete_cmd_parse if there are no commands found.
     Discovered when I was ``borrowing'' this code for something else.
     ok djm@
 2011-11-25 13:53:48 +11:00
Darren Tucker 4a725ef6a5 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@ 2011-11-21 16:38:48 +11:00
Darren Tucker aa3cbd1b5b - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in 
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.
 2011-11-04 11:25:24 +11:00
Darren Tucker be4032ba1e - dtucker@cvs.openbsd.org 011/11/04 00:09:39 
[moduli]
     regenerated moduli file; ok deraadt
 2011-11-04 11:16:06 +11:00
Darren Tucker 9c5d553d58 - djm@cvs.openbsd.org 2011/10/24 02:13:13 
[session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@
 2011-11-04 10:55:24 +11:00
Darren Tucker 2d6665d944 - djm@cvs.openbsd.org 2011/10/24 02:10:46 
[ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@
 2011-11-04 10:54:22 +11:00
Darren Tucker 8a057953d2 - djm@cvs.openbsd.org 2011/10/19 10:39:48 
[umac.c]
     typo in comment; patch from Michael W. Bombardieri
 2011-11-04 10:53:31 +11:00
Darren Tucker 9ee09cfce6 - djm@cvs.openbsd.org 2011/10/19 00:06:10 
[moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
 2011-11-04 10:52:43 +11:00
Darren Tucker e68cf84ac8 - djm@cvs.openbsd.org 2011/10/18 23:37:42 
[ssh-add.c]
     add -k to usage(); reminded by jmc@
 2011-11-04 10:51:51 +11:00
Darren Tucker 45c66d7ad4 - djm@cvs.openbsd.org 2011/10/18 05:15:28 
[ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
 2011-11-04 10:50:40 +11:00
Darren Tucker 9f157abbb6 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file 
fails.  Patch from Corinna Vinschen.
 2011-10-25 09:37:57 +11:00
Damien Miller 8f4279e4ab - djm@cvs.openbsd.org 2011/10/18 05:00:48 
[ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@
 2011-10-18 16:06:33 +11:00
Damien Miller c51a5ab2c6 - djm@cvs.openbsd.org 2011/10/18 04:58:26 
[auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
 2011-10-18 16:06:14 +11:00
Damien Miller 91f3eaec88 - stsp@cvs.openbsd.org 2011/10/16 15:51:39 
[moduli.c]
     add missing includes to unbreak tree; fix from rpointel
 2011-10-18 16:05:55 +11:00
Damien Miller 927d82bc6a - jmc@cvs.openbsd.org 2011/10/16 15:02:41 
[ssh-keygen.c]
     put -K in the right place (usage());
 2011-10-18 16:05:38 +11:00
Damien Miller 390d0561fc - dtucker@cvs.openbsd.org 2011/10/16 11:02:46 
[moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
 2011-10-18 16:05:19 +11:00
Damien Miller d3e6990c4c - djm@cvs.openbsd.org 2011/10/04 14:17:32 
[sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
 2011-10-18 16:04:57 +11:00
Darren Tucker 2e13560ff5 - djm@cvs.openbsd.org 2011/09/30 21:22:49 
[sshd.c]
     fix inverted test that caused logspam; spotted by henning@
 2011-10-02 19:10:13 +11:00
Darren Tucker 95125e5f43 ChangeLog entry for sshd.c rev 1.409 2011-10-02 19:09:07 +11:00
Darren Tucker af1a60ec4f - djm@cvs.openbsd.org 2011/09/25 05:44:47 
[auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
 2011-10-02 18:59:59 +11:00
Darren Tucker 68afb8c5f2 - markus@cvs.openbsd.org 2011/09/23 07:45:05 
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@
 2011-10-02 18:59:03 +11:00
Darren Tucker 1338b9e067 - dtucker@cvs.openbsd.org 2011/09/23 00:22:04 
[channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
 2011-10-02 18:57:35 +11:00
Darren Tucker 036876cd7d - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm 2011-10-01 18:46:12 +10:00
Darren Tucker b54f50e5d0 - (dtucker) [configure.ac openbsd-compat/Makefile.in 
openbsd-compat/strnlen.c] Add strnlen to the compat library.
 2011-09-29 23:17:18 +10:00