cc3e8ba3c2
- markus@cvs.openbsd.org 2006/03/14 16:32:48
...
[ssh_config.5 sshd_config.5]
*AliveCountMax applies to protcol v2 only; ok dtucker, djm
2006-03-15 12:06:55 +11:00
de85a28825
- djm@cvs.openbsd.org 2006/03/14 00:15:39
...
[canohost.c]
log the originating address and not just the name when a reverse
mapping check fails, requested by linux AT linuon.com
2006-03-15 12:06:41 +11:00
8275fade44
- dtucker@cvs.openbsd.org 2006/03/13 10:26:52
...
[authfile.c authfile.h ssh-add.c]
Make ssh-add check file permissions before attempting to load private
key files multiple times; it will fail anyway and this prevents confusing
multiple prompts and warnings. mindrot #1138 , ok djm@
2006-03-15 12:06:23 +11:00
306d118f72
- dtucker@cvs.openbsd.org 2006/03/13 10:14:29
...
[misc.c ssh_config.5 sshd_config.5]
Allow config directives to contain whitespace by surrounding them by double
quotes. mindrot #482 , man page help from jmc@, ok djm@
2006-03-15 12:05:59 +11:00
8056a9d46a
- dtucker@cvs.openbsd.org 2006/03/13 08:43:16
...
[ssh-keygen.c]
Make ssh-keygen handle CR and CRLF line termination when converting IETF
format keys, in adition to vanilla LF. mindrot #1157 , tested by Chris
Pepper, ok djm@
2006-03-15 12:05:40 +11:00
314dd4b2f3
- dtucker@cvs.openbsd.org 2006/03/13 08:33:00
...
[packet.c]
Set TCP_NODELAY for all connections not just "interactive" ones. Fixes
poor performance and protocol stalls under some network conditions (mindrot
bugs #556 and #981 ). Patch originally from markus@, ok djm@
2006-03-15 12:05:22 +11:00
b24c2f8e33
- djm@cvs.openbsd.org 2006/03/13 08:16:00
...
[sshd.c]
don't log that we are listening on a socket before the listen() call
actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@
2006-03-15 12:04:36 +11:00
2ecb6bd95d
- djm@cvs.openbsd.org 2006/03/12 04:23:07
...
[ssh.c]
knf nit
2006-03-15 12:03:53 +11:00
ec04f360eb
- djm@cvs.openbsd.org 2006/03/04 04:12:58
...
[serverloop.c]
move a debug() outside of a signal handler; ok markus@ a little while back
2006-03-15 12:01:34 +11:00
1cf76d97f9
- djm@cvs.openbsd.org 2006/02/28 01:10:21
...
[session.c]
fix logout recording when privilege separation is disabled, analysis and
patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@
NB. ID sync only - patch already in portable
2006-03-15 12:01:14 +11:00
4aea974a1d
- jmc@cvs.openbsd.org 2006/02/26 18:03:10
...
[ssh_config.5]
comma;
2006-03-15 11:59:39 +11:00
e3beba231a
- jmc@cvs.openbsd.org 2006/02/26 18:01:13
...
[sshd_config.5]
subsection is pointless here;
2006-03-15 11:59:25 +11:00
b5282c2f06
- jmc@cvs.openbsd.org 2006/02/26 17:17:18
...
[ssh_config.5]
move PATTERNS to the end of the main body; requested by dtucker
2006-03-15 11:59:08 +11:00
ac73e51390
- jmc@cvs.openbsd.org 2006/02/25 12:28:34
...
[sshd_config.5]
document the order in which allow/deny directives are processed;
help/ok dtucker
2006-03-15 11:58:49 +11:00
d450f49d4a
missed in commit message:
...
help/ok dtucker
2006-03-15 11:58:25 +11:00
9cfbaecb64
- jmc@cvs.openbsd.org 2006/02/25 12:26:17
...
[ssh_config.5]
document the possible values for KbdInteractiveDevices;
2006-03-15 11:57:55 +11:00
f4f22b54c0
- jmc@cvs.openbsd.org 2006/02/24 23:51:17
...
[sshd_config.5]
oops - bits i missed;
2006-03-15 11:57:25 +11:00
5b0d63f894
- jmc@cvs.openbsd.org 2006/02/24 23:43:57
...
[sshd_config.5]
some grammar/wording fixes;
2006-03-15 11:56:56 +11:00
45ee2b91e6
- jmc@cvs.openbsd.org 2006/02/24 23:20:07
...
[ssh_config.5]
some grammar/wording fixes;
2006-03-15 11:56:18 +11:00
208f1ed6f1
- jmc@cvs.openbsd.org 2006/02/24 20:31:31
...
[ssh.1 ssh_config.5 sshd.8 sshd_config.5]
more consistency fixes;
2006-03-15 11:56:03 +11:00
1faa713323
- jmc@cvs.openbsd.org 2006/02/24 20:22:16
...
[ssh-keysign.8 ssh_config.5 sshd_config.5]
some consistency fixes;
2006-03-15 11:55:31 +11:00
c7d5b5e466
- jmc@cvs.openbsd.org 2006/02/24 10:39:52
...
[sshd.8]
signpost to PATTERNS section;
2006-03-15 11:55:08 +11:00
f54a4b9da5
- jmc@cvs.openbsd.org 2006/02/24 10:37:07
...
[ssh_config.5]
tidy up the refs to PATTERNS;
2006-03-15 11:54:36 +11:00
0c2079d81f
- jmc@cvs.openbsd.org 2006/02/24 10:33:54
...
[sshd_config.5]
signpost to PATTERNS;
2006-03-15 11:54:21 +11:00
6def55171f
- jmc@cvs.openbsd.org 2006/02/24 10:25:14
...
[ssh_config.5]
add section on patterns;
from dtucker + myself
2006-03-15 11:54:05 +11:00
c7b06369a8
- stevesk@cvs.openbsd.org 2006/02/22 00:04:45
...
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
6ff3caddb6
oops, this commit is really:
...
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
574c41fdb3
- stevesk@cvs.openbsd.org 2006/02/20 16:36:15
...
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
5c853b531f
- jmc@cvs.openbsd.org 2006/02/19 20:12:25
...
[ssh_config.5]
add some vertical space;
2006-03-15 11:37:02 +11:00
edd0375d82
- jmc@cvs.openbsd.org 2006/02/19 20:05:00
...
[sshd.8]
grammar;
2006-03-15 11:36:45 +11:00
445121fe8d
- jmc@cvs.openbsd.org 2006/02/19 20:02:17
...
[sshd.8]
sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
2006-03-15 11:36:18 +11:00
fd725cf585
- jmc@cvs.openbsd.org 2006/02/19 19:52:10
...
[sshd.8]
move the sshrc stuff out of FILES, and into its own section:
FILES is not a good place to document how stuff works;
2006-03-15 11:35:54 +11:00
adc35b9583
- jmc@cvs.openbsd.org 2006/02/16 09:05:34
...
[sshd.8]
sync some of the FILES entries w/ ssh.1;
2006-03-15 11:35:27 +11:00
bc1936ad87
- jmc@cvs.openbsd.org 2006/02/15 16:55:33
...
[sshd.8]
remove ietf draft references; RFC list now maintained in ssh.1;
2006-03-15 11:35:05 +11:00
39a93a3305
- jmc@cvs.openbsd.org 2006/02/15 16:53:20
...
[ssh.1]
remove the IETF draft references and replace them with some updated RFCs;
2006-03-15 11:34:45 +11:00
0c8d8f68db
- david@cvs.openbsd.org 2006/02/15 05:08:24
...
[sftp-client.c]
typo in comment; ok djm@
2006-03-15 11:34:25 +11:00
d8702e865d
- jmc@cvs.openbsd.org 2006/02/13 11:27:25
...
[sshd.8]
sort FILES and use a -compact list;
2006-03-15 11:33:56 +11:00
c8f61cf199
- jmc@cvs.openbsd.org 2006/02/13 11:08:43
...
[sshd.8]
- avoid nasty line split
- `*' does not need to be escaped
2006-03-15 11:33:25 +11:00
cc00f5e259
- jmc@cvs.openbsd.org 2006/02/13 11:02:26
...
[sshd.8]
turn this into an example ssh_known_hosts file; ok djm
2006-03-15 11:33:00 +11:00
9a7f201d45
- jmc@cvs.openbsd.org 2006/02/13 10:21:25
...
[sshd.8]
small tweaks for the ssh_known_hosts section;
2006-03-15 11:32:42 +11:00
7d2ef02f1c
- jmc@cvs.openbsd.org 2006/02/13 10:16:39
...
[sshd.8]
no need to subsection the authorized_keys examples - instead, convert
this to look like an actual file. also use proto 2 keys, and use IETF
example addresses;
2006-03-15 11:32:06 +11:00
31bdc52325
- jmc@cvs.openbsd.org 2006/02/12 17:57:19
...
[sshd.8]
sort the list of options permissable w/ authorized_keys;
ok djm dtucker
2006-03-15 11:31:44 +11:00
dcfea27f1b
- jmc@cvs.openbsd.org 2006/02/12 10:52:41
...
[sshd.8]
rework the description of authorized_keys a little;
2006-03-15 11:31:22 +11:00
20c2ec48c3
- jmc@cvs.openbsd.org 2006/02/12 10:49:44
...
[ssh_config.5]
slight rewording; ok djm
2006-03-15 11:31:01 +11:00
b59d4fe8b5
- djm@cvs.openbsd.org 2006/02/12 10:44:18
...
[readconf.c]
raise error when the user specifies a RekeyLimit that is smaller than 16
(the smallest of our cipher's blocksize) or big enough to cause integer
wraparound; ok & feedback dtucker@
2006-03-15 11:30:38 +11:00
3ec54c7e58
- djm@cvs.openbsd.org 2006/02/12 06:45:34
...
[ssh.c ssh_config.5]
add a %l expansion code to the ControlPath, which is filled in with the
local hostname at runtime. Requested by henning@ to avoid some problems
with /home on NFS; ok dtucker@
2006-03-15 11:30:13 +11:00
3fd019ecca
- otto@cvs.openbsd.org 2006/02/11 19:31:18
...
[atomicio.c]
type correctness; from Ray Lai in PR 5011; ok millert@
2006-03-15 11:29:51 +11:00
9cf6d077fb
- stevesk@cvs.openbsd.org 2006/02/10 01:44:27
...
[includes.h monitor.c readpass.c scp.c serverloop.c session.c^?]
[sftp.c sshconnect.c sshconnect2.c sshd.c]
move #include <sys/wait.h> out of includes.h; ok markus@
2006-03-15 11:29:24 +11:00
17e91c0fb0
- stevesk@cvs.openbsd.org 2006/02/10 00:27:13
...
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
[ssh.c sshd.c sshpty.c]
move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
c47d7e9e19
- jmc@cvs.openbsd.org 2006/02/09 10:10:47
...
[sshd.8]
- move some text into a CAVEATS section
- merge the COMMAND EXECUTION... section into AUTHENTICATION
2006-03-15 11:27:20 +11:00
1d90540534
- stevesk@cvs.openbsd.org 2006/02/09 00:32:07
...
[includes.h]
#include <sys/endian.h> not needed; ok djm@
NB. ID Sync only - we still need this (but it may move later)
2006-03-15 11:26:55 +11:00
88f254b9a5
- stevesk@cvs.openbsd.org 2006/02/08 23:51:24
...
[includes.h scp.c sftp-glob.c sftp-server.c]
move #include <dirent.h> out of includes.h; ok markus@
2006-03-15 11:25:13 +11:00
68f8e992bf
- stevesk@cvs.openbsd.org 2006/02/08 14:38:18
...
[includes.h packet.c]
move #include <netinet/in_systm.h> and <netinet/ip.h> out of
includes.h; ok markus@
2006-03-15 11:24:12 +11:00
cd4223c245
- stevesk@cvs.openbsd.org 2006/02/08 14:31:30
...
[includes.h ssh-agent.c ssh-keyscan.c ssh.c]
move #include <sys/resource.h> out of includes.h; ok markus@
2006-03-15 11:22:47 +11:00
52ab084755
- stevesk@cvs.openbsd.org 2006/02/08 14:16:59
...
[sshconnect.c]
<openssl/bn.h> not needed
2006-03-15 11:20:46 +11:00
0b70b54abc
- stevesk@cvs.openbsd.org 2006/02/08 13:15:44
...
[gss-serv.c monitor.c]
small KNF
2006-03-15 11:20:03 +11:00
3a4051e88b
- stevesk@cvs.openbsd.org 2006/02/08 12:32:49
...
[includes.h misc.c]
move #include <netinet/tcp.h> out of includes.h; ok markus@
2006-03-15 11:19:42 +11:00
03e2003a23
- stevesk@cvs.openbsd.org 2006/02/08 12:15:27
...
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
[session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
[sshd.c sshpty.c]
move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
de6dd0a35f
- stevesk@cvs.openbsd.org 2006/02/07 03:59:20
...
[deattack.c]
duplicate #include
2006-03-15 11:12:38 +11:00
5d77105527
- stevesk@cvs.openbsd.org 2006/02/07 03:47:05
...
[hostfile.c]
"packet.h" not needed
2006-03-15 11:12:13 +11:00
972c84b800
- stevesk@cvs.openbsd.org 2006/02/07 01:52:50
...
[sshtty.c]
"log.h" not needed
2006-03-15 11:11:56 +11:00
99bd21e3fe
- stevesk@cvs.openbsd.org 2006/02/07 01:42:00
...
[channels.c clientloop.c clientloop.h includes.h packet.h]
[serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
move #include <termios.h> out of includes.h; ok markus@
2006-03-15 11:11:28 +11:00
2eb6340ddd
- stevesk@cvs.openbsd.org 2006/02/07 01:18:09
...
[includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
move #include <sys/queue.h> out of includes.h; ok markus@
2006-03-15 11:09:42 +11:00
015cd79ac5
- stevesk@cvs.openbsd.org 2006/02/07 01:08:04
...
[auth-rhosts.c includes.h]
move #include <netgroup.h> out of includes.h; ok markus@
2006-03-15 11:08:02 +11:00
e93eaaa0d1
- jmc@cvs.openbsd.org 2006/02/06 21:44:47
...
[ssh.1]
make this a little less ambiguous...
2006-03-15 11:05:59 +11:00
9f67a21de6
- msf@cvs.openbsd.org 2006/02/06 15:54:07
...
[ssh.1]
- typo fix
ok jmc@
2006-03-15 11:05:35 +11:00
d1450dbe2a
- (dtucker) [configure.ac] Bug #1171 : Don't use printf("%lld", longlong)
...
since not all platforms support it. Instead, use internal equivalent while
computing LLONG_MIN and LLONG_MAX. Remove special case for alpha-dec-osf*
as it's no longer required. Tested by Bernhard Simon, ok djm@
2006-03-13 19:06:51 +11:00
f35014af79
typo
2006-03-04 09:00:19 +11:00
890909ec48
- (dtucker) [gss-serv-krb5.c] Bug #1166 : Correct #ifdefs for gssapi_krb5.h
...
includes. Patch from gentoo.riverrat at gmail.com.
2006-03-04 08:59:39 +11:00
18614c254d
- (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
...
file rather than directory, required as Cygwin will be importing lastlog(1).
Also tightens up permissions on the file. Patch from vinschen@redhat.com .
2006-03-04 08:50:31 +11:00
54b75fe742
- (dtucker) [configure.ac] Bug #1156 : QNX apparently needs SSHD_ACQUIRES_CTTY
...
patch from kraai at ftbfs.org.
2006-02-26 12:31:48 +11:00
a4904f7bf1
- (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
...
reality. Pointed out by tryponraj at gmail.com.
2006-02-23 21:35:30 +11:00
94413cf32b
- (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
...
compile in compat code if required.
2006-02-22 22:24:47 +11:00
3322e0d421
- (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
...
redefinition of SSLeay_add_all_algorithms.
2006-02-22 00:00:27 +11:00
fabdb6c290
- (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
...
Add optional enabling of OpenSSL's (hardware) Engine support, via
configure --with-ssl-engine. Based in part on a diff by michal at
logix.cz.
2006-02-20 20:17:35 +11:00
4881c371ce
- (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
...
Add first attempt at regress tests for compat library. ok djm@
2006-02-19 22:50:20 +11:00
bf209f5901
- (tim) [buildpkg.sh.in] Make the names consistent.
...
s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@
2006-02-13 12:46:44 -08:00
6163350eb9
- (dtucker) [README version.h contrib/caldera/openssh.spec
...
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
strings to match 4.3p2 release.
2006-02-12 16:48:56 +11:00
2f993465d4
- (tim) [configure.ac] Bug #1149 . Disable /etc/default/login check for QNX.
2006-02-11 18:37:48 -08:00
84af61555a
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
...
to silence compiler warning, from vinschen at redhat.com.
2006-02-12 11:59:08 +11:00
988b3fd161
- (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
...
-> NEED_SETPGRP), reported by Berhard Simon. ok tim@
2006-02-08 22:11:27 +11:00
83d2f5fedf
- (tim) [session.c] Logout records were not updated on systems with
...
post auth privsep disabled due to bug 1086 changes. Analysis and patch
by vinschen at redhat.com. OK tim@, dtucker@.
2006-02-07 15:17:44 -08:00
ac9b0609e1
- (tim) [configure.ac] Remove unnecessary tests for net/if.h and
...
netinet/in_systm.h. OK dtucker@.
2006-02-05 11:27:10 -08:00
70335a6b5f
- (tim) [configure.ac] Bug #1149 . Changes in QNX section only. Patch by
...
kraai at ftbfs.org.
2006-02-04 17:42:58 -08:00
0daad78fab
- (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
...
for Solaris. OK dtucker@.
2006-02-04 17:33:55 -08:00
fd80ddcb23
- (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
...
AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
by a platform specific check, builtin standard includes tests will be
skipped on the other platforms.
Analysis and suggestion by vinschen at redhat.com, patch by dtucker@.
OK tim@, djm@.
2006-02-02 19:11:56 -08:00
cc7c212830
- (dtucker) [configure.ac] Bug #1148 : Fix "crippled AES" test so that it
...
works with picky compilers. Patch from alex.kiernan at thus.net.
2006-02-02 18:44:19 +11:00
bfd52192f3
- (djm) Release OpenSSH 4.3p1
2006-02-01 22:32:17 +11:00
c79824bbab
- markus@cvs.openbsd.org 2006/02/01 11:27:22
...
[version.h]
openssh 4.3
2006-02-01 22:27:31 +11:00
0d689568a4
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] Update versions ahead of release
2006-02-01 22:10:47 +11:00
2ac05779f7
- jmc@cvs.openbsd.org 2006/02/01 09:11:41
...
[sshd.8]
small tweak;
2006-02-01 22:05:42 +11:00
8bbdf90f33
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/02/01 09:06:50
[sshd.8]
- merge sections on protocols 1 and 2 into a single section
- remove configuration file section
ok markus
2006-02-01 22:05:25 +11:00
e682cb0780
- (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to
...
determine the user's login name - needed for regress tests on Solaris
10 and OpenSolaris
2006-02-01 11:21:01 +11:00
923f1ce0b7
- djm@cvs.openbsd.org 2006/01/31 10:35:43
...
[scp.c]
"scp a b c" shouldn't clobber "c" when it is not a directory, report and
fix from biorn@; ok markus@
2006-01-31 22:11:37 +11:00
50c6eedce3
- djm@cvs.openbsd.org 2006/01/31 10:36:33
...
[scp.sh]
regress test for "scp a b c" where "c" is not a directory
2006-01-31 22:06:41 +11:00
7410ad79f8
- djm@cvs.openbsd.org 2006/01/31 10:23:23
...
[scp.sh]
regression test for CVE-2006-0225 written by dtucker@
2006-01-31 22:06:14 +11:00
0b996462f8
- djm@cvs.openbsd.org 2006/01/27 06:49:21
...
[scp.sh]
regress test for local to local scp copies; ok dtucker@
2006-01-31 22:05:23 +11:00
15a815bb64
- dtucker@cvs.openbsd.org 2005/12/14 04:36:39
...
[regress/scp-ssh-wrapper.sh]
Fix assumption about how many args scp will pass; ok djm@
NB. ID sync only, we already had this
2006-01-31 22:03:11 +11:00
27a0dfaea9
- grunk@cvs.openbsd.org 2005/11/14 21:25:56
...
[regress/agent-getpeereid.sh]
all other scripts in this dir use $SUDO, not 'sudo', so pull this even
ok markus@
2006-01-31 22:02:16 +11:00
10c5fa7e87
- markus@cvs.openbsd.org 2005/06/30 11:02:37
...
[regress/scp.sh]
allow SUDO=sudo; from Alexander Bluhm
2006-01-31 22:01:42 +11:00
ec7b2f12f0
- djm@cvs.openbsd.org 2005/05/24 04:10:54
...
[regress/try-ciphers.sh]
oops, new arcfour modes here too
2006-01-31 21:59:35 +11:00
76be6b8765
- djm@cvs.openbsd.org 2005/05/20 23:14:15
...
[regress/test-exec.sh]
force addressfamily=inet for tests, unbreaking dynamic-forward regress for
recently committed nc SOCKS5 changes
2006-01-31 21:59:01 +11:00
f0cbb3d7cb
- (djm) Sync regress tests to OpenBSD:
...
- dtucker@cvs.openbsd.org 2005/03/10 10:20:39
[regress/forwarding.sh]
Regress test for ClearAllForwardings (bz #994 ); ok markus@
2006-01-31 21:58:23 +11:00
c34940c1f5
- dtucker@cvs.openbsd.org 2005/04/25 09:54:09
...
[regress/multiplex.sh]
Don't call cleanup in multiplex as test-exec will cleanup anyway
found by tim@, ok djm@
NB. ID sync only, we already had this
2006-01-31 21:57:27 +11:00
3eec6b73a2
- djm@cvs.openbsd.org 2006/01/31 10:19:02
...
[misc.c misc.h scp.c sftp.c]
fix local arbitrary command execution vulnerability on local/local and
remote/remote copies (CVE-2006-0225, bz #1094 ), patch by
t8m AT centrum.cz, polished by dtucker@ and myself; ok markus@
2006-01-31 21:49:27 +11:00
b5dd55cccc
- jmc@cvs.openbsd.org 2006/01/30 13:37:49
...
[ssh.1]
remove an incorrect sentence;
reported by roumen petrov;
ok djm markus
2006-01-31 21:47:58 +11:00
e204f6aa0d
- reyk@cvs.openbsd.org 2006/01/30 12:22:22
...
[channels.c]
mark channel as write failed or dead instead of read failed on error
of the channel output filter.
ok markus@
2006-01-31 21:47:15 +11:00
bbc59094b9
- jmc@cvs.openbsd.org 2006/01/26 08:47:56
...
[ssh.1]
add a section on verifying host keys in dns;
written with a lot of help from jakob;
feedback dtucker/markus;
ok markus
2006-01-31 21:46:51 +11:00
7602cba59d
- jmc@cvs.openbsd.org 2006/01/25 09:07:22
...
[sshd.8]
move subsections to full sections;
2006-01-31 21:46:20 +11:00
99cc4a8f1e
- jmc@cvs.openbsd.org 2006/01/25 09:04:34
...
[sshd.8]
move the options description up the page, and a few additional tweaks
whilst in here;
ok markus
2006-01-31 21:45:53 +11:00
ddfddf1ba3
- jmc@cvs.openbsd.org 2006/01/20 11:21:45
...
[ssh_config.5]
- word change, agreed w/ markus
- consistency fixes
2006-01-31 21:39:03 +11:00
fbea76400f
- (dtucker) [configure.ac opensshd.init.in] Bug #1144 : Use /bin/sh for the
...
opensshd.init script interpretter if /sbin/sh does not exist. ok tim@
2006-01-30 00:22:39 +11:00
62388b2b63
- dtucker@cvs.openbsd.org 2006/01/20 00:14:55
...
[scp.1 ssh.1 ssh_config.5 sftp.1]
Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
#1056 with feedback from jmc, djm and markus; ok jmc@ djm@
2006-01-20 11:31:47 +11:00
248dd13c46
- jmc@cvs.openbsd.org 2006/01/18 10:53:29
...
[ssh.1]
add a section on ssh-based vpn, based on reyk's README.tun;
2006-01-20 11:30:58 +11:00
94299ec251
- jmc@cvs.openbsd.org 2006/01/15 17:37:05
...
[ssh.1]
correction from deraadt
2006-01-20 11:30:14 +11:00
4a8dc9e297
- jmc@cvs.openbsd.org 2006/01/12 22:34:12
...
[ssh.1]
back out a sentence - AUTHENTICATION already documents this;
2006-01-14 10:10:31 +11:00
e9d001e02b
- jmc@cvs.openbsd.org 2006/01/12 22:26:02
...
[ssh_config.5]
refer to TCP forwarding, rather than TCP/IP forwarding;
2006-01-14 10:10:17 +11:00
7c24b81699
- jmc@cvs.openbsd.org 2006/01/12 22:20:00
...
[sshd.8]
refer to TCP forwarding, rather than TCP/IP forwarding;
2006-01-14 10:09:56 +11:00
8bfaf93f60
- jmc@cvs.openbsd.org 2006/01/12 18:48:48
...
[ssh.1]
refer to `TCP' rather than `TCP/IP' in the context of connection
forwarding;
ok markus
2006-01-14 10:09:30 +11:00
f31771810c
- jmc@cvs.openbsd.org 2006/01/12 14:44:12
...
[ssh.1]
split sections on tcp and x11 forwarding into two sections.
add an example in the tcp section, based on sth i wrote for ssh faq;
help + ok: djm markus dtucker
2006-01-14 10:09:13 +11:00
7e76e1f101
- jmc@cvs.openbsd.org 2006/01/06 13:29:10
...
[ssh.1]
final round of whacking FILES for duplicate info, and some consistency
fixes;
ok djm
2006-01-14 10:08:57 +11:00
e87eb4ce3c
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/01/06 13:27:32
[ssh.1]
weed out some duplicate info in the known_hosts FILES entries;
ok djm
2006-01-14 10:08:36 +11:00
e78c6ce8cf
- (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
...
tcpip service so it's always started after IP is up. Patch from
vinschen at redhat.com.
2006-01-10 00:02:44 +11:00
72c5b7d85d
- djm@cvs.openbsd.org 2006/01/05 23:43:53
...
[misc.c]
check that stdio file descriptors are actually closed before clobbering
them in sanitise_stdfd(). problems occurred when a lower numbered fd was
closed, but higher ones weren't. spotted by, and patch tested by
Frédéric Olivié
2006-01-06 14:50:44 +11:00
c27f83a63c
- jmc@cvs.openbsd.org 2006/01/04 19:50:09
...
[ssh.1]
-.Xr gzip 1 ,
2006-01-06 14:50:26 +11:00
128a0f114d
- jmc@cvs.openbsd.org 2006/01/04 19:40:24
...
[ssh.1]
+.Xr ssh-keyscan 1 ,
2006-01-06 14:50:11 +11:00
a246d3b9b2
- jmc@cvs.openbsd.org 2006/01/04 18:45:01
...
[ssh.1]
remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
2006-01-06 14:49:54 +11:00
1bcdb50a3d
- jmc@cvs.openbsd.org 2006/01/04 18:42:46
...
[ssh.1]
chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
entries;
ok markus
2006-01-06 14:49:38 +11:00
4c102eede3
- jmc@cvs.openbsd.org 2006/01/03 16:55:18
...
[ssh.1]
tweak the description of ~/.ssh/environment
2006-01-06 14:49:17 +11:00
fb8ea74116
- jmc@cvs.openbsd.org 2006/01/03 16:52:36
...
[ssh.1]
put FILES in some sort of order: sort by pathname
2006-01-06 14:48:52 +11:00
6aa2290b0c
- jmc@cvs.openbsd.org 2006/01/03 16:35:30
...
[ssh.1]
use a larger width for the ENVIRONMENT list;
2006-01-06 14:48:34 +11:00
7655f5cd9f
- jmc@cvs.openbsd.org 2006/01/03 16:31:10
...
[ssh.1]
move FILES to a -compact list, and make each files an item in that list.
this avoids nastly line wrap when we have long pathnames, and treats
each file as a separate item;
remove the .Pa too, since it is useless.
2006-01-06 14:48:18 +11:00
a969437645
- (djm) [channels.c] clean up harmless merge error, from reyk@
2006-01-04 07:27:50 +11:00
b797770da2
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/01/02 17:09:49
[ssh_config.5 sshd_config.5]
some corrections from michael knudsen;
2006-01-03 18:47:31 +11:00
a07a59188a
- jmc@cvs.openbsd.org 2006/01/02 12:31:06
...
[ssh.1]
start to cut some duplicate info from FILES;
help/ok djm
2006-01-02 23:41:37 +11:00
a1d9a18e14
- reyk@cvs.openbsd.org 2006/01/02 07:53:44
...
[misc.c]
clarify tun(4) opening - set the mode and bring the interface up. also
(re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
suggested and ok by djm@
2006-01-02 23:41:21 +11:00
5444618987
- djm@cvs.openbsd.org 2006/01/02 01:20:31
...
[sftp-client.c sftp-common.h sftp-server.c]
use a common max. packet length, no binary change
2006-01-02 23:40:50 +11:00
a210d52235
- stevesk@cvs.openbsd.org 2006/01/01 10:08:48
...
[misc.c]
no trailing "\n" for debug()
2006-01-02 23:40:30 +11:00
3beb852e09
- stevesk@cvs.openbsd.org 2006/01/01 08:59:27
...
[includes.h misc.c]
move <net/if.h>; ok djm@
2006-01-02 23:40:10 +11:00
1164c299f1
- jmc@cvs.openbsd.org 2005/12/31 13:45:19
...
[ssh.1]
.Nm does not require an argument;
2006-01-02 23:38:37 +11:00
14af93ee77
- jmc@cvs.openbsd.org 2005/12/31 13:44:04
...
[ssh.1]
clean up ENVIRONMENT a little;
2006-01-02 23:38:21 +11:00
48c94abf5b
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2005/12/31 10:46:17
[ssh.1]
merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
AUTHENTICATION" sections into "AUTHENTICATION";
some rewording done to make the text read better, plus some
improvements from djm;
ok djm
2006-01-02 23:38:00 +11:00
90cd1c549b
- (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
2006-01-02 20:23:18 +11:00
5df52e89b4
- (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too
2006-01-01 21:15:50 +11:00
bd4e410817
- (djm) [configure.ac] Fix linux/if_tun.h test
2006-01-01 21:03:30 +11:00
2dcddbfaf6
- (djm) [Makefile.in configure.ac includes.h misc.c]
...
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
limited to IPv4 tunnels only, and most versions don't support the
tap(4) device at all.
2006-01-01 19:47:05 +11:00
c4bcc91751
- (djm) [configure.ac] oops, make that linux/if_tun.h
2005-12-31 17:05:58 +11:00
89e03bae5c
- (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
...
not exist
2005-12-31 16:42:03 +11:00
598bbc2d8f
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
...
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
2005-12-31 16:33:36 +11:00
Damien Miller
Darren Tucker
Tim Rice