ec7ce9ace4
- markus@cvs.openbsd.org 2012/12/11 23:12:13
...
[try-ciphers.sh]
add hmac-ripemd160-etm@openssh.com
2012-12-12 10:55:32 +11:00
1fb593a3f1
- markus@cvs.openbsd.org 2012/12/11 22:42:11
...
[regress/Makefile regress/modpipe.c regress/integrity.sh]
test the integrity of the packets; with djm@
2012-12-12 10:54:37 +11:00
1a45b63d7b
- markus@cvs.openbsd.org 2012/12/11 22:32:56
...
[regress/try-ciphers.sh]
add etm modes
2012-12-12 10:52:07 +11:00
74f13bdf26
- sthen@cvs.openbsd.org 2012/12/11 22:51:45
...
[mac.c]
fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@
2012-12-12 10:46:53 +11:00
af43a7ac2d
- markus@cvs.openbsd.org 2012/12/11 22:31:18
...
[PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
[packet.c ssh_config.5 sshd_config.5]
add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
that change the packet format and compute the MAC over the encrypted
message (including the packet size) instead of the plaintext data;
these EtM modes are considered more secure and used by default.
feedback and ok djm@
2012-12-12 10:46:31 +11:00
6a1937eac5
- markus@cvs.openbsd.org 2012/12/11 22:16:21
...
[monitor.c]
drain the log messages after receiving the keystate from the unpriv
child. otherwise it might block while sending. ok djm@
2012-12-12 10:44:38 +11:00
3e1027cd1f
- dtucker@cvs.openbsd.org 2012/12/07 01:51:35
...
[serverloop.c]
Cast signal to int for logging. A no-op on openbsd (they're always ints)
but will prevent warnings in portable. ok djm@
2012-12-07 13:07:46 +11:00
8a96522482
- markus@cvs.openbsd.org 2012/12/05 15:42:52
...
[ssh-add.c]
prevent double-free of comment; ok djm@
2012-12-07 13:07:02 +11:00
f9333d5246
- jmc@cvs.openbsd.org 2012/12/03 08:33:03
...
[ssh-add.1 sshd_config.5]
tweak previous;
2012-12-07 13:06:13 +11:00
3dfb877046
- dtucker@cvs.openbsd.org 2012/12/06 06:06:54
...
[regress/keys-command.sh]
Fix some problems with the keys-command test:
- use string comparison rather than numeric comparison
- check for existing KEY_COMMAND file and don't clobber if it exists
- clean up KEY_COMMAND file if we do create it.
- check that KEY_COMMAND is executable (which it won't be if eg /var/run
is mounted noexec).
ok djm.
2012-12-07 13:03:10 +11:00
96ce9a1e45
20121205
...
- (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@.
2012-12-04 07:50:03 -08:00
8b48982a56
- (djm) [configure.ac] Revert previous. configure.ac already does this
...
for us.
2012-12-03 12:35:55 +11:00
03af12e930
- (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
...
debugging. ok dtucker@
2012-12-03 11:55:53 +11:00
55aca027ed
- djm@cvs.openbsd.org 2012/12/03 00:14:06
...
[auth2-chall.c ssh-keygen.c]
Fix compilation with -Wall -Werror (trivial type fixes)
2012-12-03 11:25:30 +11:00
999bd2d259
- djm@cvs.openbsd.org 2012/12/02 20:47:48
...
[Makefile regress/forward-control.sh]
regress for AllowTcpForwarding local/remote; ok markus@
2012-12-03 10:13:39 +11:00
771c43cee6
- djm@cvs.openbsd.org 2012/11/22 22:49:30
...
[regress/Makefile regress/keys-command.sh]
regress for AuthorizedKeysCommand; hints from markus@
2012-12-03 10:12:13 +11:00
6618e92509
- djm@cvs.openbsd.org 2012/10/19 05:10:42
...
[regress/cert-userkey.sh]
include a serial number when generating certs
2012-12-03 10:09:04 +11:00
fa51d8b6b2
- dtucker@cvs.openbsd.org 2012/10/05 02:20:48
...
[regress/cipher-speed.sh regress/try-ciphers.sh]
Add umac-128@openssh.com to the list of MACs to be tested
2012-12-03 10:08:25 +11:00
d27a026ab7
- dtucker@cvs.openbsd.org 2012/10/05 02:05:30
...
[regress/multiplex.sh]
Use 'kill -0' to test for the presence of a pid since it's more portable
2012-12-03 10:06:37 +11:00
15b05cfa17
- djm@cvs.openbsd.org 2012/12/02 20:34:10
...
[auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
[monitor.c monitor.h]
Fixes logging of partial authentication when privsep is enabled
Previously, we recorded "Failed xxx" since we reset authenticated before
calling auth_log() in auth2.c. This adds an explcit "Partial" state.
Add a "submethod" to auth_log() to report which submethod is used
for keyboard-interactive.
Fix multiple authentication when one of the methods is
keyboard-interactive.
ok markus@
2012-12-03 09:53:20 +11:00
aa5b3f8314
- djm@cvs.openbsd.org 2012/12/02 20:46:11
...
[auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
[sshd_config.5]
make AllowTcpForwarding accept "local" and "remote" in addition to its
current "yes"/"no" to allow the server to specify whether just local or
remote TCP forwarding is enabled. ok markus@
2012-12-03 09:50:54 +11:00
33a813613a
- djm@cvs.openbsd.org 2012/12/02 20:42:15
...
[ssh-add.1 ssh-add.c]
make deleting explicit keys "ssh-add -d" symmetric with adding keys -
try to delete the corresponding certificate too and respect the -k option
to allow deleting of the key only; feedback and ok markus@
2012-12-03 09:50:24 +11:00
cb6b68b209
- djm@cvs.openbsd.org 2012/12/02 20:26:11
...
[ssh_config.5 sshconnect2.c]
Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
This allows control of which keys are offered from tokens using
IdentityFile. ok markus@
2012-12-03 09:49:52 +11:00
cf6ef137b5
- (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
...
TAILQ_FOREACH_SAFE needed for upcoming changes.
2012-12-03 09:37:56 +11:00
6f3b362fa8
- djm@cvs.openbsd.org 2012/11/14 02:32:15
...
[ssh-keygen.c]
allow the full range of unsigned serial numbers; 'fine' deraadt@
2012-11-14 19:04:33 +11:00
1e85469fcb
- djm@cvs.openbsd.org 2012/11/14 02:24:27
...
[auth2-pubkey.c]
fix username passed to helper program
prepare stdio fds before closefrom()
spotted by landry@
2012-11-14 19:04:02 +11:00
0120c41d6b
- jmc@cvs.openbsd.org 2012/09/26 17:34:38
...
[moduli.5]
last stage of rfc changes, using consistent Rs/Re blocks, and moving the
references into a STANDARDS section;
2012-11-07 08:36:00 +11:00
d5c3d4c0ca
- eric@cvs.openbsd.org 2011/11/28 08:46:27
...
[moduli.5]
fix formula
ok djm@
2012-11-07 08:35:38 +11:00
737f7aff36
- (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
...
don't have it. Spotted by tim@.
2012-11-05 17:07:43 +11:00
f96ff18a92
- (dtucker) [uidswap.c openbsd-compat/Makefile.in
...
openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids
and gids from uidswap.c to the compat library, which allows it to work with
the new setresuid calls in auth2-pubkey. with tim@, ok djm@
2012-11-05 17:04:37 +11:00
a6e3f01d1e
- djm@cvs.openbsd.org 2012/11/04 11:09:15
...
[auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
[sshd_config.5]
Support multiple required authentication via an AuthenticationMethods
option. This option lists one or more comma-separated lists of
authentication method names. Successful completion of all the methods in
any list is required for authentication to complete;
feedback and ok markus@
2012-11-04 23:21:40 +11:00
d0d1099b3b
- djm@cvs.openbsd.org 2012/11/04 10:38:43
...
[auth2-pubkey.c sshd.c sshd_config.5]
Remove default of AuthorizedCommandUser. Administrators are now expected
to explicitly specify a user. feedback and ok markus@
2012-11-04 22:23:14 +11:00
f33580eed0
- OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2012/10/31 08:04:50
[sshd_config.5]
tweak previous;
2012-11-04 22:22:52 +11:00
09d3e12512
- djm@cvs.openbsd.org 2012/10/30 21:29:55
...
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
[sshd.c sshd_config sshd_config.5]
new sshd_config option AuthorizedKeysCommand to support fetching
authorized_keys from a command in addition to (or instead of) from
the filesystem. The command is run as the target server user unless
another specified via a new AuthorizedKeysCommandUser option.
patch originally by jchadima AT redhat.com, reworked by me; feedback
and ok markus@
2012-10-31 08:58:58 +11:00
07daed505f
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2012/10/05 12:34:39
[sftp.c]
fix signed vs unsigned warning; feedback & ok: djm@
2012-10-31 08:57:55 +11:00
c0e5cbe222
- (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
...
the generated file as intended.
2012-10-18 21:38:58 -07:00
cc8e9ffdd1
- [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom"
2012-10-05 15:41:06 +10:00
50ce447ef9
- [umac.c] Enforce allowed umac output sizes. From djm@.
2012-10-05 12:11:33 +10:00
ee4ad778d7
- dtucker@cvs.openbsd.org 2012/09/10 01:51:19
...
[regress/multiplex.sh]
use -Ocheck and waiting for completions by PID to make multiplexing test
less racy and (hopefully) more reliable on slow hardware.
2012-10-05 12:04:10 +10:00
9b2c0360cf
- dtucker@cvs.openbsd.org 2012/09/10 00:49:21
...
[regress/multiplex.sh]
Log -O cmd output to the log file and make logging consistent with the
other tests. Test clean shutdown of an existing channel when testing
"stop".
2012-10-05 11:45:39 +10:00
6fc5aa8b2e
- dtucker@cvs.openbsd.org 2012/09/09 11:51:25
...
[multiplex.sh]
Add test for ssh -Ostop
2012-10-05 11:43:57 +10:00
189e5bad5c
- dtucker@cvs.openbsd.org 2012/09/06 04:11:07
...
[regress/try-ciphers.sh]
Restore missing space. (Id sync only).
2012-10-05 11:41:52 +10:00
992faad1f1
- [Makefile umac.c] Add special-case target to build umac128.o.
2012-10-05 11:38:24 +10:00
427e409e99
- markus@cvs.openbsd.org 2012/10/04 13:21:50
...
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
add umac128 variant; ok djm@ at n2k12
(note: further Makefile work is required)
2012-10-05 11:02:39 +10:00
0dc283b13a
- djm@cvs.openbsd.org 2012/10/02 07:07:45
...
[ssh-keygen.c]
fix -z option, broken in revision 1.215
2012-10-05 10:52:51 +10:00
3a7c04105a
- naddy@cvs.openbsd.org 2012/10/01 13:59:51
...
[monitor_wrap.c]
pasto; ok djm@
2012-10-05 10:51:59 +10:00
628a3fdce2
- jmc@cvs.openbsd.org 2012/09/26 16:12:13
...
[ssh.1]
last stage of rfc changes, using consistent Rs/Re blocks, and moving the
references into a STANDARDS section;
2012-10-05 10:50:15 +10:00
17146d369c
- dtucker@cvs.openbsd.org 2012/09/21 10:55:04
...
[sftp.c]
Fix handling of filenames containing escaped globbing characters and
escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 10:46:16 +10:00
191fcc6e4e
- dtucker@cvs.openbsd.org 2012/09/21 10:53:07
...
[sftp.c]
Fix improper handling of absolute paths when PWD is part of the completed
path. Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 10:45:01 +10:00
063018d9f6
- dtucker@cvs.openbsd.org 2012/09/18 10:36:12
...
[sftp.c]
Add bounds check on sftp tab-completion. Part of a patch from from
Jean-Marc Robert via tech@, ok djm
2012-10-05 10:43:58 +10:00
302889a1b0
- markus@cvs.openbsd.org 2012/09/17 13:04:11
...
[packet.c]
clear old keys on rekeing; ok djm
2012-10-05 10:42:53 +10:00
0af2405ebf
- (dtucker) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2012/09/17 09:54:44
[sftp.c]
an XXX for later
2012-10-05 10:41:25 +10:00
26b9e3b0c5
- markus@cvs.openbsd.org 2012/09/14 16:51:34
...
[sshconnect.c]
remove unused variable
2012-09-17 13:25:44 +10:00
bb6cc07cf4
- dtucker@cvs.openbsd.org 2012/09/13 23:37:36
...
[servconf.c]
Fix comment line length
2012-09-17 13:25:06 +10:00
86dc9b4110
Fix author's name for RFC6594 SSHFP change
2012-09-07 18:08:23 +10:00
48bf4b0ca3
- dtucker@cvs.openbsd.org 2012/09/07 06:34:21
...
[clientloop.c]
when muxmaster is run with -N, make it shut down gracefully when a client
sends it "-O stop" rather than hanging around (bz#1985). ok djm@
2012-09-07 16:38:53 +10:00
ca0d0fd806
- dtucker@cvs.openbsd.org 2012/09/07 01:10:21
...
[clientloop.c]
Merge escape help text for ~v and ~V; ok djm@
2012-09-07 11:22:24 +10:00
f111d40604
- dtucker@cvs.openbsd.org 2012/09/07 00:30:19
...
[clientloop.c]
Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@
2012-09-07 11:21:42 +10:00
83d0af6907
- jmc@cvs.openbsd.org 2012/09/06 13:57:42
...
[ssh.1]
missing letter in previous;
2012-09-07 11:21:03 +10:00
92a39cfa09
- dtucker@cvs.openbsd.org 2012/09/06 09:50:13
...
[clientloop.c]
Make the escape command help (~?) context sensitive so that only commands
that will work in the current session are shown. ok markus@
(note: previous commit with this description was a mistake on my part while
pulling changes from OpenBSD)
2012-09-07 11:20:20 +10:00
241995382e
bz#2039: add acknowledgement of the original authors of the ECDSA SSHFP DNS
...
work. From Ondřej Surý.
2012-09-07 10:44:34 +10:00
29bf4040b4
- dtucker@cvs.openbsd.org 2012/09/06 09:50:13
...
[clientloop.c]
Make the escape command help (~?) context sensitive so that only commands
that will work in the current session are shown. ok markus@
2012-09-06 21:26:34 +10:00
50a48d025f
- dtucker@cvs.openbsd.org 2012/09/06 04:37:39
...
[clientloop.c log.c ssh.1 log.h]
Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc
2012-09-06 21:25:37 +10:00
00c1518a4d
- djm@cvs.openbsd.org 2012/08/17 01:30:00
...
[compat.c sshconnect.c]
Send client banner immediately, rather than waiting for the server to
move first for SSH protocol 2 connections (the default). Patch based on
one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
2012-09-06 21:21:56 +10:00
f09a8a6c6d
- djm@cvs.openbsd.org 2012/08/17 01:25:58
...
[ssh-keygen.c]
print details of which host lines were deleted when using
"ssh-keygen -R host"; ok markus@
2012-09-06 21:20:39 +10:00
ae608bdd83
- djm@cvs.openbsd.org 2012/08/17 01:22:56
...
[kex.c]
add some comments about better handling first-KEX-follows notifications
from the server. Nothing uses these right now. No binary change
2012-09-06 21:19:51 +10:00
66cb0e0733
- dtucker@cvs.openbsd.org 2012/08/17 00:45:45
...
[clientloop.c clientloop.h mux.c]
Force a clean shutdown of ControlMaster client sessions when the ~. escape
sequence is used. This means that ~. should now work in mux clients even
if the server is no longer responding. Found by tedu, ok djm.
2012-09-06 21:19:05 +10:00
3ee50c5d9f
- jmc@cvs.openbsd.org 2012/08/15 18:25:50
...
[ssh-keygen.1]
a little more info on certificate validity;
requested by Ross L Richardson, and provided by djm
2012-09-06 21:18:11 +10:00
23e4b80a60
- (dtucker) [moduli] Import new moduli file.
2012-08-30 10:42:47 +10:00
4eb0a532ef
- (djm) Release openssh-6.1
2012-08-29 10:26:20 +10:00
318541854f
- (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
...
for compatibility with future mingw-w64 headers. Patch from vinschen at
redhat com.
2012-08-28 19:57:19 +10:00
39a9d2c933
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] Update version numbers
2012-08-22 21:57:13 +10:00
38fe66230f
- markus@cvs.openbsd.org 2012/07/22 18:19:21
...
[version.h]
openssh 6.1
2012-07-31 12:23:16 +10:00
46cb75a258
- dtucker@cvs.openbsd.org 2012/07/13 01:35:21
...
[servconf.c]
handle long comments in config files better. bz#2025, ok markus
2012-07-31 12:22:37 +10:00
1cce103b3e
fix truncated entry
2012-07-31 12:22:18 +10:00
5a5c2b9063
- djm@cvs.openbsd.org 2012/07/10 02:19:15
...
[servconf.c servconf.h sshd.c sshd_config]
Turn on systrace sandboxing of pre-auth sshd by default for new installs
by shipping a config that overrides the current UsePrivilegeSeparation=yes
default. Make it easier to flip the default in the future by adding too.
2012-07-31 12:21:34 +10:00
709a1e90d9
- jmc@cvs.openbsd.org 2012/07/06 06:38:03
...
[ssh-keygen.c]
missing full stop in usage();
2012-07-31 12:20:43 +10:00
d809a4bc28
Import regened moduli file.
2012-07-20 10:42:06 +10:00
fff9f095e2
- djm@cvs.openbsd.org 2012/07/06 01:47:38
...
[ssh.c]
move setting of tty_flag to after config parsing so RequestTTY options
are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
ok dtucker@
2012-07-06 13:45:01 +10:00
ab523b0246
- djm@cvs.openbsd.org 2012/07/06 01:37:21
...
[mux.c]
fix memory leak of passed-in environment variables and connection
context when new session message is malformed; bz#2003 from Bert.Wesarg
AT googlemail.com
2012-07-06 13:44:43 +10:00
dfceafe8b1
- dtucker@cvs.openbsd.org 2012/07/06 00:41:59
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add options to specify starting line number and number of lines to process
when screening moduli candidates. This allows processing of different
parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
2012-07-06 13:44:19 +10:00
77eab7b024
- (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
...
unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
esperi.org.uk; ok dtucker@
2012-07-06 11:49:28 +10:00
a0433a7096
- (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
...
not available. Allows use of sshd compiled on host with a filter-capable
kernel on hosts that lack the support. bz#2011 ok dtucker@
2012-07-06 10:27:10 +10:00
34f702ae64
- (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
...
platforms that don't have it. "looks good" tim@
2012-07-04 08:50:09 +10:00
d545a4b974
- (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
...
setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its
benefit is minor, so it's not worth disabling the sandbox if it doesn't
work.
2012-07-03 22:48:31 +10:00
60395f91c6
- (dtucker) [configure.ac] Detect platforms that can't use select(2) with
...
setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
2012-07-03 14:31:18 +10:00
6ea5dc6bb8
- (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.
2012-07-03 01:11:28 +10:00
ec1e15d51a
- (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
...
Move cygwin detection to test-exec and use to skip reexec test on cygwin.
2012-07-03 01:06:49 +10:00
369ceedce2
- dtucker@cvs.openbsd.org 2012/07/02 14:37:06
...
[regress/connect-privsep.sh]
remove exit from end of test since it prevents reporting failure
2012-07-03 00:53:18 +10:00
4908d44e67
- dtucker@cvs.openbsd.org 2012/07/02 12:13:26
...
[ssh-pkcs11-helper.c sftp-client.c]
fix a couple of "assigned but not used" warnings. ok markus@
2012-07-02 22:15:38 +10:00
7b30501bf5
- dtucker@cvs.openbsd.org 2012/07/02 08:50:03
...
[ssh.c]
set interactive ToS for forwarded X11 sessions. ok djm@
2012-07-02 18:55:09 +10:00
3b4b2d3021
- markus@cvs.openbsd.org 2012/06/30 14:35:09
...
[sandbox-systrace.c sshd.c]
fix a during the load of the sandbox policies (child can still make
the read-syscall and wait forever for systrace-answers) by replacing
the read/write synchronisation with SIGSTOP/SIGCONT;
report and help hshoexer@; ok djm@, dtucker@
2012-07-02 18:54:31 +10:00
ecbf14aa53
- naddy@cvs.openbsd.org 2012/06/29 13:57:25
...
[ssh_config.5 sshd_config.5]
match the documented MAC order of preference to the actual one;
ok dtucker@
2012-07-02 18:53:37 +10:00
14a9d2515b
- (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
...
the required functions in libcrypto.
2012-06-30 20:05:02 +10:00
3886f95d42
- (dtucker) [myproposal.h] Remove trailing backslash to fix compile error
2012-06-30 19:47:01 +10:00
a08c20763a
- dtucker@cvs.openbsd.org 2012/06/28 05:07:45
...
[regress/try-ciphers.sh regress/cipher-speed.sh]
Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
from draft6 of the spec and will not be in the RFC when published. Patch
from mdb at juniper net via bz#2023, ok markus
2012-06-30 15:08:53 +10:00
2920bc145c
- dtucker@cvs.openbsd.org 2012/06/26 12:06:59
...
[regress/connect-privsep.sh]
test sandbox with every malloc option
2012-06-30 15:06:28 +10:00
ff32d7c9d2
- djm@cvs.openbsd.org 2012/06/01 00:52:52
...
[regress/sftp-cmds.sh]
don't delete .* on cleanup due to unintended env expansion; pointed out in
bz#2014 by openssh AT roumenpetrov.info
2012-06-30 15:04:13 +10:00
4430a86c14
- djm@cvs.openbsd.org 2012/06/01 00:47:35
...
[multiplex.sh forwarding.sh]
append to rather than truncate test log; bz#2013 from openssh AT
roumenpetrov.
2012-06-30 15:03:28 +10:00
301390316c
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32
...
[regress/addrmatch.sh]
Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
to match. Feedback and ok djm@ markus@.
2012-06-30 15:01:22 +10:00
ee3c196ec7
- naddy@cvs.openbsd.org 2012/06/29 13:57:25
...
[ssh_config.5 sshd_config.5]
match the documented MAC order of preference to the actual one; ok dtucker@
(actual patch accidentally committed with previous)
2012-06-30 08:35:59 +10:00
db4f8e8618
- dtucker@cvs.openbsd.org 2012/06/28 05:07:45
...
[mac.c myproposal.h ssh_config.5 sshd_config.5]
Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
from draft6 of the spec and will not be in the RFC when published. Patch
from mdb at juniper net via bz#2023, ok markus.
2012-06-30 08:34:59 +10:00
560de922b1
- dtucker@cvs.openbsd.org 2012/06/26 11:02:30
...
[sandbox-systrace.c]
Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
sandbox" since malloc now uses it. From johnw.mail at gmail com.
2012-06-30 08:33:53 +10:00
ea8582931f
- dtucker@cvs.openbsd.org 2012/06/22 14:36:33
...
[sftp.c]
Remove unused variable leftover from tab-completion changes.
From Steve.McClellan at radisys com, ok markus@
2012-06-30 08:33:32 +10:00
5f58a87768
- dtucker@cvs.openbsd.org 2012/06/22 12:30:26
...
[monitor.c sshconnect2.c]
remove dead code following 'for (;;)' loops.
From Steve.McClellan at radisys com, ok markus@
2012-06-30 08:33:17 +10:00
97f43bbfc9
- dtucker@cvs.openbsd.org 2012/06/21 00:16:07
...
[addrmatch.c]
fix strlcpy truncation check. from carsten at debian org, ok markus
2012-06-30 08:32:29 +10:00
8908da7dce
- (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022 : prevent null
...
pointer deref in the client when built with LDNS and using DNSSEC with a
CNAME. Patch from gregdlg+mr at hochet info.
2012-06-28 15:21:32 +10:00
62dcd63f5e
- (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
...
can logon as a service. Patch from vinschen at redhat com.
2012-06-22 22:02:42 +10:00
6c6da33d31
- djm@cvs.openbsd.org 2012/06/20 04:42:58
...
[clientloop.c serverloop.c]
initialise accept() backoff timer to avoid EINVAL from select(2) in
rekeying
2012-06-20 22:31:26 +10:00
f8268503d1
- jmc@cvs.openbsd.org 2012/06/19 21:35:54
...
[sshd_config.5]
tweak previous; ok markus
2012-06-20 21:54:15 +10:00
c24da77015
- markus@cvs.openbsd.org 2012/06/19 18:25:28
...
[servconf.c servconf.h sshd_config.5]
sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
ok djm@ (back in March)
2012-06-20 21:53:58 +10:00
36378c6413
- dtucker@cvs.openbsd.org 2012/06/18 12:17:18
...
[ssh.1]
Clarify description of -W. Noted by Steve.McClellan at radisys com, ok jmc
2012-06-20 21:53:25 +10:00
b9902cf6f6
- dtucker@cvs.openbsd.org 2012/06/18 12:07:07
...
[ssh.1 sshd.8]
Remove mention of 'three' key files since there are now four. From
Steve.McClellan at radisys com.
2012-06-20 21:52:58 +10:00
7192433633
- dtucker@cvs.openbsd.org 2012/06/18 11:49:58
...
[ssh_config.5]
RSA instead of DSA twice. From Steve.McClellan at radisys com
2012-06-20 21:52:38 +10:00
276dcfd7f7
- dtucker@cvs.openbsd.org 2012/06/18 11:43:53
...
[jpake.c]
correct sizeof usage. patch from saw at online.de, ok deraadt
2012-06-20 21:52:18 +10:00
2e7decfcc0
- djm@cvs.openbsd.org 2012/06/01 01:01:22
...
[mux.c]
fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
AT googlemail.com
2012-06-20 21:52:00 +10:00
7f12157c0a
- djm@cvs.openbsd.org 2012/06/01 00:49:35
...
[PROTOCOL.mux]
correct types of port numbers (integers, not strings); bz#2004 from
bert.wesarg AT googlemail.com
2012-06-20 21:51:29 +10:00
3bde12aeef
- djm@cvs.openbsd.org 2012/05/23 03:28:28
...
[dns.c dns.h key.c key.h ssh-keygen.c]
add support for RFC6594 SSHFP DNS records for ECDSA key types.
patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
2012-06-20 21:51:11 +10:00
ac58ce86e6
- djm@cvs.openbsd.org 2012/01/07 21:11:36
...
[mux.c]
fix double-free in new session handler
NB. Id sync only
2012-06-20 21:50:47 +10:00
140df63e1f
- djm@cvs.openbsd.org 2011/12/04 23:16:12
...
[mux.c]
revert:
> revision 1.32
> date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
> fix bz#1948: ssh -f doesn't fork for multiplexed connection.
> ok dtucker@
it interacts badly with ControlPersist
2012-06-20 21:46:57 +10:00
efc6fc995d
- djm@cvs.openbsd.org 2011/12/02 00:41:56
...
[mux.c]
fix bz#1948: ssh -f doesn't fork for multiplexed connection.
ok dtucker@
2012-06-20 21:44:56 +10:00
ba9ea3200d
- dtucker@cvs.openbsd.org 2012/05/19 06:30:30
...
[sshd_config.5]
Document PermitOpen none. bz#2001, patch from Loganaden Velvindron
2012-05-19 19:37:33 +10:00
fbcf827559
- (dtucker) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32
[servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
to match. Feedback and ok djm@ markus@.
2012-05-19 19:37:01 +10:00
593538911a
- (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
...
pkg-config so it does the right thing when cross-compiling. Patch from
cjwatson at debian org.
2012-05-19 15:24:37 +10:00
d0494fdb29
- (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch
...
from cjwatson at debian org.
2012-05-19 14:25:39 +10:00
e1a3ddf992
- (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
...
to fix building on some plaforms. Fom bowman at math utah edu and
des at des no.
2012-05-04 11:05:45 +10:00
d0d3fff483
- (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
...
platform rather than exiting early, so that we still clean up and return
status to test-exec.sh
2012-04-27 10:55:39 +10:00
025bfd11d9
- (djm) [auth-krb5.c] Save errno across calls that might modify it;
...
ok dtucker@
2012-04-26 09:52:15 +10:00
7584cb1ac4
- (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
...
via Niels
2012-04-26 09:51:26 +10:00
ba77e1f673
- djm@cvs.openbsd.org 2012/04/23 08:18:17
...
[channels.c]
fix function proto/source mismatch
2012-04-23 18:21:05 +10:00
70b2d5550b
- jmc@cvs.openbsd.org 2012/04/20 16:26:22
...
[ssh.1]
use "brackets" instead of "braces", for consistency;
2012-04-22 11:26:10 +10:00
4922315d1d
- djm@cvs.openbsd.org 2012/04/20 03:24:23
...
[sftp.c]
setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
2012-04-22 11:25:47 +10:00
8fef9ebbab
- djm@cvs.openbsd.org 2012/04/12 02:43:55
...
[sshd_config sshd_config.5]
mention AuthorizedPrincipalsFile=none default
2012-04-22 11:25:10 +10:00
23528816dc
- djm@cvs.openbsd.org 2012/04/12 02:42:32
...
[servconf.c servconf.h sshd.c sshd_config sshd_config.5]
VersionAddendum option to allow server operators to append some arbitrary
text to the SSH-... banner; ok deraadt@ "don't care" markus@
2012-04-22 11:24:43 +10:00
839f743464
- djm@cvs.openbsd.org 2012/04/11 13:34:17
...
[ssh-keyscan.1 ssh-keyscan.c]
now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
look for them by default; bz#1971
2012-04-22 11:24:21 +10:00
a116d13c4d
- djm@cvs.openbsd.org 2012/04/11 13:26:40
...
[sshd.c]
don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
while; ok deraadt@ markus@
2012-04-22 11:23:46 +10:00
9fed161e67
- djm@cvs.openbsd.org 2012/04/11 13:17:54
...
[auth.c]
Support "none" as an argument for AuthorizedPrincipalsFile to indicate
no file should be read.
2012-04-22 11:21:43 +10:00
a6508753db
- djm@cvs.openbsd.org 2012/04/11 13:16:19
...
[channels.c channels.h clientloop.c serverloop.c]
don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
while; ok deraadt@ markus@
2012-04-22 11:21:10 +10:00
c6081482b2
- dtucker@cvs.openbsd.org 2012/03/29 23:54:36
...
[channels.c channels.h servconf.c]
Add PermitOpen none option based on patch from Loganaden Velvindron
(bz #1949 ). ok djm@
2012-04-22 11:18:53 +10:00
48348fc3b4
- djm@cvs.openbsd.org 2012/03/28 07:23:22
...
[PROTOCOL.certkeys]
explain certificate extensions/crit split rationale. Mention requirement
that each appear at most once per cert.
2012-04-22 11:08:30 +10:00
29cd188887
- guenther@cvs.openbsd.org 2012/03/15 03:10:27
...
[session.c]
root should always be excluded from the test for /etc/nologin instead
of having it always enforced even when marked as ignorenologin. This
regressed when the logic was incompletely flipped around in rev 1.251
ok halex@ millert@
2012-04-22 11:08:10 +10:00
a563cced06
- djm@cvs.openbsd.org 2012/02/29 11:21:26
...
[ssh-keygen.c]
allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
2012-04-22 11:07:28 +10:00
d5dacb43fa
- (djm) Release openssh-6.0
2012-04-20 15:01:01 +10:00
bf2304167b
- (djm) [README] Update URL to release notes.
2012-04-20 14:11:04 +10:00
8beb320390
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] Update for release 6.0
2012-04-20 10:58:34 +10:00
398c0ffe0e
- (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
...
contains openpty() but not login()
2012-04-19 21:46:35 +10:00
e0956e3834
- (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
...
mode for Linux's new seccomp filter; patch from Will Drewry; feedback
and ok dtucker@
2012-04-04 11:27:54 +10:00
ce1ec9d4e2
- (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
...
assumptions when building on Cygwin; patch from Corinna Vinschen
2012-03-30 14:07:05 +11:00
4d55734c16
- (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
...
openssh binaries on a newer fix release than they were compiled on.
with and ok dtucker@
2012-03-30 11:34:27 +11:00
67ccc86506
- (dtucker) [contrib/redhat/openssh.spec] Bug #1992 : remove now-gone WARNING
...
file from spec file. From crighter at nuclioss com.
2012-03-30 10:19:56 +11:00
54c38d24c6
- (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
...
addressed connections. ok dtucker@
2012-03-09 10:28:07 +11:00
7bf7b889b3
- (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux
...
systems where sshd is run in te wrong context. Patch from Sven
Vermeulen; ok dtucker@
2012-03-09 10:25:16 +11:00
93a2d41505
- (dtucker) [audit-bsm.c configure.ac] bug #1968 : enable workarounds for BSM
...
audit breakage in Solaris 11. Patch from Magnus Johansson.
2012-02-24 10:40:41 +11:00
a3f297de91
- (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
...
to work. Spotted by Angel Gonzalez
2012-02-14 23:01:42 -08:00
f79b5d38a1
- (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
...
it actually works.
2012-02-14 20:13:05 -08:00
e3609c935c
- (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
...
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
ok dtucker@
2012-02-14 10:03:30 -08:00
7b7901c330
- (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
...
preserved Cygwin environment variables; from Corinna Vinschen
2012-02-14 06:38:36 +11:00
db854559be
- markus@cvs.openbsd.org 2012/02/09 20:00:18
...
[version.h]
move from 6.0-beta to 6.0
2012-02-11 08:19:44 +11:00
72de982def
- markus@cvs.openbsd.org 2012/01/25 19:40:09
...
[packet.c packet.h]
packet_read_poll() is not used anymore.
2012-02-11 08:19:21 +11:00
5d0077008f
- markus@cvs.openbsd.org 2012/01/25 19:36:31
...
[authfile.c]
memleak in key_load_file(); from Jan Klemkow
2012-02-11 08:19:02 +11:00
1de2cfe9a9
- markus@cvs.openbsd.org 2012/01/25 19:26:43
...
[packet.c]
do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
ok dtucker@, djm@
2012-02-11 08:18:43 +11:00
8d60be5487
- dtucker@cvs.openbsd.org 2012/01/18 21:46:43
...
[clientloop.c]
Ensure that $DISPLAY contains only valid characters before using it to
extract xauth data so that it can't be used to play local shell
metacharacter games. Report from r00t_ati at ihteam.net, ok markus.
2012-02-11 08:18:17 +11:00
fb12c6d8bb
- miod@cvs.openbsd.org 2012/01/16 20:34:09
...
[ssh-pkcs11-client.c]
Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
While there, be sure to buffer_clear() between send_msg() and recv_msg().
ok markus@
2012-02-11 08:17:52 +11:00
83ba8e6056
- miod@cvs.openbsd.org 2012/01/08 13:17:11
...
[ssh-ecdsa.c]
Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
ok markus@
2012-02-11 08:17:27 +11:00
2ec0342ed4
- djm@cvs.openbsd.org 2012/01/07 21:11:36
...
[mux.c]
fix double-free in new session handler
2012-02-11 08:16:28 +11:00
a2876db5e6
- djm@cvs.openbsd.org 2012/01/05 00:16:56
...
[monitor.c]
memleak on error path
2012-02-11 08:16:06 +11:00
b56e4930ae
- (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
...
that don't support ECC. Patch from Phil Oleson
2012-02-06 07:41:27 +11:00
e9b3ad73ba
- (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] Add
...
null implementation of HMAC_CTX_init for the benefit of old versions
of OpenSSL that don't have it.
2012-01-17 14:03:34 +11:00
8ed4de8f1d
- djm@cvs.openbsd.org 2011/12/07 05:44:38
...
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
fix some harmless and/or unreachable int overflows;
reported Xi Wang, ok markus@
2011-12-19 10:52:50 +11:00
913ddff40d
- djm@cvs.openbsd.org 2011/12/04 23:16:12
...
[mux.c]
revert:
> revision 1.32
> date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
> fix bz#1948: ssh -f doesn't fork for multiplexed connection.
> ok dtucker@
it interacts badly with ControlPersist
2011-12-19 10:52:21 +11:00
d0e582c6da
- djm@cvs.openbsd.org 2011/12/02 00:43:57
...
[mac.c]
fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
HMAC_init (this change in policy seems insane to me)
ok dtucker@
2011-12-19 10:51:39 +11:00
5360dff2a0
- djm@cvs.openbsd.org 2011/12/02 00:41:56
...
[mux.c]
fix bz#1948: ssh -f doesn't fork for multiplexed connection.
ok dtucker@
2011-12-19 10:51:11 +11:00
47d8115e53
- oga@cvs.openbsd.org 2011/11/16 12:24:28
...
[sftp.c]
Don't leak list in complete_cmd_parse if there are no commands found.
Discovered when I was ``borrowing'' this code for something else.
ok djm@
2011-11-25 13:53:48 +11:00
4a725ef6a5
- (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@
2011-11-21 16:38:48 +11:00
aa3cbd1b5b
- (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
...
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
2011-11-04 11:25:24 +11:00
be4032ba1e
- dtucker@cvs.openbsd.org 011/11/04 00:09:39
...
[moduli]
regenerated moduli file; ok deraadt
2011-11-04 11:16:06 +11:00
9c5d553d58
- djm@cvs.openbsd.org 2011/10/24 02:13:13
...
[session.c]
bz#1859: send tty break to pty master instead of (probably already
closed) slave side; "looks good" markus@
2011-11-04 10:55:24 +11:00
2d6665d944
- djm@cvs.openbsd.org 2011/10/24 02:10:46
...
[ssh.c]
bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
was incorrectly requesting the forward in both the control master and
slave. skip requesting it in the master to fix. ok markus@
2011-11-04 10:54:22 +11:00
8a057953d2
- djm@cvs.openbsd.org 2011/10/19 10:39:48
...
[umac.c]
typo in comment; patch from Michael W. Bombardieri
2011-11-04 10:53:31 +11:00
9ee09cfce6
- djm@cvs.openbsd.org 2011/10/19 00:06:10
...
[moduli.c]
s/tmpfile/tmp/ to make this -Wshadow clean
2011-11-04 10:52:43 +11:00
e68cf84ac8
- djm@cvs.openbsd.org 2011/10/18 23:37:42
...
[ssh-add.c]
add -k to usage(); reminded by jmc@
2011-11-04 10:51:51 +11:00
45c66d7ad4
- djm@cvs.openbsd.org 2011/10/18 05:15:28
...
[ssh.c]
ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
2011-11-04 10:50:40 +11:00
9f157abbb6
- (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
...
fails. Patch from Corinna Vinschen.
2011-10-25 09:37:57 +11:00
8f4279e4ab
- djm@cvs.openbsd.org 2011/10/18 05:00:48
...
[ssh-add.1 ssh-add.c]
new "ssh-add -k" option to load plain keys (skipping certificates);
"looks ok" markus@
2011-10-18 16:06:33 +11:00
c51a5ab2c6
- djm@cvs.openbsd.org 2011/10/18 04:58:26
...
[auth-options.c key.c]
remove explict search for \0 in packet strings, this job is now done
implicitly by buffer_get_cstring; ok markus
2011-10-18 16:06:14 +11:00
91f3eaec88
- stsp@cvs.openbsd.org 2011/10/16 15:51:39
...
[moduli.c]
add missing includes to unbreak tree; fix from rpointel
2011-10-18 16:05:55 +11:00
927d82bc6a
- jmc@cvs.openbsd.org 2011/10/16 15:02:41
...
[ssh-keygen.c]
put -K in the right place (usage());
2011-10-18 16:05:38 +11:00
390d0561fc
- dtucker@cvs.openbsd.org 2011/10/16 11:02:46
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add optional checkpoints for moduli screening. feedback & ok deraadt
2011-10-18 16:05:19 +11:00
d3e6990c4c
- djm@cvs.openbsd.org 2011/10/04 14:17:32
...
[sftp-glob.c]
silence error spam for "ls */foo" in directory with files; bz#1683
2011-10-18 16:04:57 +11:00
2e13560ff5
- djm@cvs.openbsd.org 2011/09/30 21:22:49
...
[sshd.c]
fix inverted test that caused logspam; spotted by henning@
2011-10-02 19:10:13 +11:00
95125e5f43
ChangeLog entry for sshd.c rev 1.409
2011-10-02 19:09:07 +11:00
af1a60ec4f
- djm@cvs.openbsd.org 2011/09/25 05:44:47
...
[auth2-pubkey.c]
improve the AuthorizedPrincipalsFile debug log message to include
file and line number
2011-10-02 18:59:59 +11:00
68afb8c5f2
- markus@cvs.openbsd.org 2011/09/23 07:45:05
...
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h]
unbreak remote portforwarding with dynamic allocated listen ports:
1) send the actual listen port in the open message (instead of 0).
this allows multiple forwardings with a dynamic listen port
2) update the matching permit-open entry, so we can identify where
to connect to
report: den at skbkontur.ru and P. Szczygielski
feedback and ok djm@
2011-10-02 18:59:03 +11:00
1338b9e067
- dtucker@cvs.openbsd.org 2011/09/23 00:22:04
...
[channels.c auth-options.c servconf.c channels.h sshd.8]
Add wildcard support to PermitOpen, allowing things like "PermitOpen
localhost:*". bz #1857 , ok djm markus.
2011-10-02 18:57:35 +11:00
036876cd7d
- (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm
2011-10-01 18:46:12 +10:00
b54f50e5d0
- (dtucker) [configure.ac openbsd-compat/Makefile.in
...
openbsd-compat/strnlen.c] Add strnlen to the compat library.
2011-09-29 23:17:18 +10:00
5ffe1c4b43
- (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
...
from des AT des.no
2011-09-29 11:11:51 +10:00
d1a74580f8
- (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
...
of static __findenv() function from upstream setenv.c
2011-09-23 11:26:34 +10:00
3e6fe87ef9
- otto@cvs.openbsd.org 2008/12/09 19:38:38
...
[openbsd-compat/inet_ntop.c]
fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
2011-09-23 11:16:09 +10:00
64efe9671d
- (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
...
marker. The upstream API has changed (function and structure names)
enough to put it out of sync with other providers of this interface.
2011-09-23 11:13:00 +10:00
Damien Miller
Darren Tucker
Tim Rice