067263e848
- djm@cvs.openbsd.org 2007/06/13 00:21:27
...
[scp.c]
don't ftruncate() non-regular files; bz#1236 reported by wood AT
xmission.com; ok dtucker@
2007-06-25 18:32:33 +10:00
7dae3d296e
- (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
...
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
subsequent <0.9.7 test.
2007-06-14 23:47:31 +10:00
a2ed75582f
- (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL
...
sections. Fixes builds with early OpenSSL 0.9.6 versions.
2007-06-14 23:38:39 +10:00
cb52017ad9
- (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
...
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
shared with umac.c. Allows building with OpenSSL 0.9.5 again including
umac support. With tim@ djm@, ok djm.
2007-06-14 23:21:32 +10:00
bed63112f5
- dtucker@cvs.openbsd.org 2007/06/12 13:54:28
...
[scp.c]
Encode filename with strnvis if the name contains a newline (which can't
be represented in the scp protocol), from bz #891 . ok markus@
2007-06-13 00:02:07 +10:00
0409e15078
- jmc@cvs.openbsd.org 2007/06/12 13:43:55
...
[ssh.1]
add -K to SYNOPSIS;
2007-06-13 00:00:58 +10:00
930cb0b718
- jmc@cvs.openbsd.org 2007/06/12 13:41:03
...
[ssh-add.1]
identies -> identities;
2007-06-13 00:00:27 +10:00
b1e128f75a
- dtucker@cvs.openbsd.org 2007/06/12 11:56:15
...
[gss-genr.c]
Pass GSS OID to gss_display_status to provide better information in
error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
2007-06-12 23:44:36 +10:00
2604749651
- djm@cvs.openbsd.org 2007/06/12 11:45:27
...
[ssh.c]
improved exit message from multiplex slave sessions; bz #1262
reported by alexandre.nunes AT gmail.com; ok dtucker@
2007-06-12 23:44:10 +10:00
415bddc1bd
- djm@cvs.openbsd.org 2007/06/12 11:15:17
...
[ssh.c ssh.1]
Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
and is useful for hosts with /home on Kerberised NFS; bz #1312
patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
2007-06-12 23:43:16 +10:00
2cbec749d7
- djm@cvs.openbsd.org 2007/06/12 11:11:08
...
[ssh.c]
fix slave exit value when a control master goes away without passing the
full exit status by ensuring that the slave reads a full int. bz#1261
reported by frekko AT gmail.com; ok markus@ dtucker@
2007-06-12 23:41:33 +10:00
43ce902449
- djm@cvs.openbsd.org 2007/06/12 08:24:20
...
[scp.c]
make scp try to skip FIFOs rather than blocking when nothing is listening.
depends on the platform supporting sane O_NONBLOCK semantics for open
on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
bz #856 ; report by cjwatson AT debian.org; ok markus@
2007-06-12 23:41:06 +10:00
8f6d0ed60e
- djm@cvs.openbsd.org 2007/06/12 08:20:00
...
[ssh-gss.h gss-serv.c gss-genr.c]
relocate server-only GSSAPI code from libssh to server; bz #1225
patch from simon AT sxw.org.uk; ok markus@ dtucker@
2007-06-12 23:40:39 +10:00
29a5707acc
- djm@cvs.openbsd.org 2007/06/12 07:41:00
...
[ssh-add.1]
better document ssh-add's -d option (delete identies from agent), bz#1224
new text based on some provided by andrewmc-debian AT celt.dias.ie;
ok dtucker@
2007-06-12 23:39:52 +10:00
395ecc2bde
- markus@cvs.openbsd.org 2007/06/11 09:14:00
...
[channels.h]
increase default channel windows; ok djm
2007-06-12 23:38:53 +10:00
3191a8e8ba
- markus@cvs.openbsd.org 2007/06/11 08:04:44
...
[channels.c]
send 'window adjust' messages every tree packets and do not wait
until 50% of the window is consumed. ok djm dtucker
2007-06-11 18:33:15 +10:00
725286e223
- (dtucker) [includes.h] Bug #1243 : HAVE_PATHS -> HAVE_PATHS_H. Should
...
prevent warnings about redefinitions of various things in paths.h.
Spotted by cartmanltd at hotmail.com.
2007-06-11 14:44:02 +10:00
1534fa41e0
- (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
...
argument to nanosleep may be NULL. Currently this never happens in OpenSSH,
but check anyway in case this changes or the code gets used elsewhere.
2007-06-11 14:34:53 +10:00
34a176995f
- (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
...
fallback to provided bit-swizzing functions
2007-06-11 14:15:42 +10:00
22b7b49331
- jmc@cvs.openbsd.org 2007/06/08 07:48:09
...
[sshd_config.5]
oops, here too: put the MAC list into a display, like we do for
ciphers, since groff has trouble with wide lines;
2007-06-11 14:07:12 +10:00
5e7c30bdf1
- jmc@cvs.openbsd.org 2007/06/08 07:43:46
...
[ssh_config.5]
put the MAC list into a display, like we do for ciphers,
since groff has trouble handling wide lines;
2007-06-11 14:06:32 +10:00
4de545a6fb
- pvalchev@cvs.openbsd.org 2007/06/08 04:40:40
...
[ssh_config]
Add a "MACs" line after "Ciphers" with the default MAC algorithms,
to ease people who want to tweak both (eg. for performance reasons).
ok deraadt@ djm@ dtucker@
2007-06-11 14:04:42 +10:00
e45796f7b4
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
...
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com ). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
2007-06-11 14:01:42 +10:00
835284b74c
- (djm) Bugzilla #1306 : silence spurious error messages from hang-on-exit
...
fix; tested by dtucker@ and jochen.kirn AT gmail.com
2007-06-11 13:03:16 +10:00
0c0dc49bd1
- (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs.
2007-06-05 20:01:16 +10:00
88bca0641d
- (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so
...
mindrot's cvs doesn't expand it on us.
2007-06-05 19:30:47 +10:00
51e5ab06d3
- (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that
...
OpenBSD's cvs now adds.
2007-06-05 19:16:59 +10:00
5f3d5be52f
- djm@cvs.openbsd.org 2007/06/05 06:52:37
...
[kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
Preserve MAC ctx between packets, saving 2xhash calls per-packet.
Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm
committing at his request)
2007-06-05 18:30:18 +10:00
7b21cb5bdc
- djm@cvs.openbsd.org 2007/06/02 09:04:58
...
[bufbn.c]
memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca
2007-06-05 18:29:35 +10:00
a394f9913c
- djm@cvs.openbsd.org 2007/05/31 23:34:29
...
[packet.c]
gc unreachable code; spotted by Tavis Ormandy
2007-06-05 18:28:20 +10:00
aa4d5eda10
- jmc@cvs.openbsd.org 2007/05/31 19:20:16
...
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
convert to new .Dd format;
(We will need to teach mdoc2man.awk to understand this too.)
2007-06-05 18:27:13 +10:00
0d0d195969
- djm@cvs.openbsd.org 2007/05/30 05:58:13
...
[kex.c]
tidy: KNF, ARGSUSED and u_int
2007-06-05 18:23:28 +10:00
4a40ae28c3
- djm@cvs.openbsd.org 2007/05/22 10:18:52
...
[sshd.c]
zap double include; from p_nowaczyk AT o2.pl
(not required in -portable, Id sync only)
2007-06-05 18:22:32 +10:00
2216471510
- (dtucker) [auth-pam.c] Return empty string if fgets fails in
...
sshpam_tty_conv. Patch from ldv at altlinux.org.
2007-05-20 15:26:07 +10:00
29171e9f5c
- (dtucker) [auth-pam.c] malloc+memset -> calloc. Patch from
...
ldv at altlinux.org.
2007-05-20 15:20:08 +10:00
f520ea1567
- jolan@cvs.openbsd.org 2007/05/17 23:53:41
...
[sshconnect2.c]
djm owes me a vb and a tism cd for breaking ssh compilation
2007-05-20 15:11:33 +10:00
7fa339bb7c
- djm@cvs.openbsd.org 2007/05/17 20:52:13
...
[monitor.c]
pass received SIGINT from monitor to postauth child so it can clean
up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com;
ok markus@
2007-05-20 15:10:16 +10:00
26c6662834
- djm@cvs.openbsd.org 2007/05/17 20:48:13
...
[sshconnect2.c]
fall back to gethostname() when the outgoing connection is not
on a socket, such as is the case when ProxyCommand is used.
Gives hostbased auth an opportunity to work; bz#616, report
and feedback stuart AT kaloram.com; ok markus@
2007-05-20 15:09:42 +10:00
e9405983dc
- djm@cvs.openbsd.org 2007/05/17 07:55:29
...
[sftp-server.c]
bz#1286 stop reading and processing commands when input or output buffer
is nearly full, otherwise sftp-server would happily try to grow the
input/output buffers past the maximum supported by the buffer API and
promptly fatal()
based on patch from Thue Janus Kristensen; feedback & ok dtucker@
2007-05-20 15:09:04 +10:00
36b78000a7
- djm@cvs.openbsd.org 2007/05/17 07:50:31
...
[log.c]
save and restore errno when logging; ok deraadt@
2007-05-20 15:08:15 +10:00
f78bb41772
- dtucker@cvs.openbsd.org 2007/04/23 10:15:39
...
[servconf.c]
Remove debug() left over from development. ok deraadt@
2007-05-20 15:03:15 +10:00
86473c57a8
- stevesk@cvs.openbsd.org 2007/04/18 01:12:43
...
[sftp-server.c]
cast "%llu" format spec to (unsigned long long); do not assume a
u_int64_t arg is the same as 'unsigned long long'.
from Dmitry V. Levin <ldv@altlinux.org>
ok markus@ 'Yes, that looks correct' millert@
2007-05-20 14:59:32 +10:00
208ac57c30
- stevesk@cvs.openbsd.org 2007/04/14 22:01:58
...
[auth2.c]
remove unused macro; from Dmitry V. Levin <ldv@altlinux.org>
2007-05-20 14:58:41 +10:00
aa8954f1d9
20070509
...
- (tim) [configure.ac] Bug #1287 : Add missing test for ucred.h.
2007-05-09 15:57:43 -07:00
d0adab5a12
trim pasto
2007-04-29 17:14:48 +10:00
dca0edff2f
- (dtucker) [configure.ac defines.h] Have configure check for offsetof
...
to prevent redefinition warnings.
2007-04-29 15:06:44 +10:00
391de5c023
- (dtucker) [configure.ac defines.h] Prevent warnings about __attribute__
...
__nonnull__ for versions of GCC that don't support it.
2007-04-29 14:49:21 +10:00
6d862a50db
- (dtucker) [configure.ac defines.h] Have configure check for MAXSYMLINKS
...
so we don't get redefinition warnings.
2007-04-29 14:39:02 +10:00
2ac529b505
- (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
2007-04-29 14:02:43 +10:00
cc40d5ecdf
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299 : Use the
...
platform's _res if it has one. Should fix problem of DNSSEC record lookups
on NetBSD as reported by Curt Sampson.
2007-04-29 13:58:06 +10:00
d757e69cda
- (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) prototype.
2007-04-29 12:10:57 +10:00
781e7a28d0
- (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.h
...
for select(2) prototype.
2007-04-29 12:06:55 +10:00
2a3868589b
- (dtucker) [INSTALL] prngd lives at sourceforge these days.
2007-04-06 12:25:08 +10:00
62995c1f1e
- (dtucker) [INSTALL] Update the systems that have PAM as standard. Link
...
to OpenPAM too.
2007-04-06 12:21:47 +10:00
99203ec48b
20070326
...
- (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
2007-03-26 09:35:28 -07:00
20e9f976c1
- (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
...
LIBWRAP and LIBPAM variables in Makefile with the general-purpose
SSHDLIBS. "I like" djm@
2007-03-25 18:26:01 +10:00
9869ab3557
- (dtucker) [regress/agent-getpeereid.sh] Do peereid test if we have
...
HAVE_GETPEERUCRED too. Also from Jan Pechanec.
2007-03-21 21:45:48 +11:00
164aa30e46
- (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287 : Use
...
getpeerucred to implement getpeereid (currently only Solaris 10 and up).
Patch by Jan.Pechanec at Sun.
2007-03-21 21:39:57 +11:00
04354b97dc
- jmc@cvs.openbsd.org 2007/03/20 15:57:15
...
[sshd.8]
- let synopsis and description agree for -f
- sort FILES
- +.Xr ssh-keyscan 1 ,
from Igor Sobrado
2007-03-21 20:46:54 +11:00
03b1cdbb44
- tedu@cvs.openbsd.org 2007/03/20 03:56:12
...
[readconf.c clientloop.c]
remove some bogus *p tests from charles longeau
ok deraadt millert
2007-03-21 20:46:03 +11:00
2812dc9285
- dtucker@cvs.openbsd.org 2007/03/19 12:16:42
...
[ssh-agent.c]
Remove the signal handler that checks if the agent's parent process
has gone away, instead check when the select loop returns. Record when
the next key will expire when scanning for expired keys. Set the select
timeout to whichever of these two things happens next. With djm@, with &
ok deraadt@ markus@
2007-03-21 20:45:06 +11:00
506ed88cef
- djm@cvs.openbsd.org 2007/03/19 01:01:29
...
[sshd_config]
Disable the legacy SSH protocol 1 for new installations via
a configuration override. In the future, we will change the
server's default itself so users who need the legacy protocol
will need to turn it on explicitly
2007-03-21 20:42:24 +11:00
97b1bb568c
- dtucker@cvs.openbsd.org 2007/03/09 05:20:06
...
[servconf.c sshd.c]
Move C/R -> kbdint special case to after the defaults have been
loaded, which makes ChallengeResponse default to yes again. This
was broken by the Match changes and not fixed properly subsequently.
Found by okan at demirmen.com, ok djm@ "please do it" deraadt@
2007-03-21 20:38:53 +11:00
5548e8cf2e
- (dtucker) [README.platform] Info about blibpath on AIX.
2007-03-13 21:00:45 +11:00
da05f48739
- (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in
...
bug #1291 also affects Protocol 1 3des. While at it, use compat-openssl.h
in cipher-bf1.c. Patch from Juan Gallego.
2007-03-13 18:50:04 +11:00
b9fe6a337a
- (dtucker) [LICENCE] Add Daniel Walsh as a copyright holder for the
...
selinux bits in -portable.
2007-03-13 07:37:49 +11:00
a8d51ee307
- (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294 : include
...
string.h to prevent warnings, from vapier at gentoo.org.
2007-03-13 07:35:38 +11:00
c49dd34a3e
- (djm) [README] correct link to release notes
2007-03-08 20:13:39 +11:00
f0ffec906c
- (djm) Release 4.6p1
2007-03-06 21:24:00 +11:00
d91cfab088
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] crank spec files for release
2007-03-06 21:23:24 +11:00
2dbab87386
- djm@cvs.openbsd.org 2007/03/06 10:13:14
...
[version.h]
openssh-4.6; "please" deraadt@
2007-03-06 21:21:37 +11:00
5737e363c5
- OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2007/03/01 16:19:33
[sshd_config.5]
sort the `match' keywords;
2007-03-06 21:21:18 +11:00
fd30986c92
- (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291 : Work around a
...
bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256
ciphers from working correctly (disconnects with "Bad packet length"
errors) as found by Ben Harris. ok djm@
2007-03-05 18:25:20 +11:00
9975e48349
- (djm) [configure.ac] add a --without-openssl-header-check option to
...
configure, as some platforms (OS X) ship OpenSSL headers whose version
does not match that of the shipping library. ok dtucker@
2007-03-05 11:51:27 +11:00
90a58fdf22
- (dtucker) [regress/agent-ptrace.sh] Make ttrace gdb error a little more
...
general to cover newer gdb versions on HP-UX.
2007-03-03 09:42:23 +11:00
aef5beef12
- (dtucker) [INSTALL] Update to autoconf-2.61.
2007-03-02 17:53:41 +11:00
573e3878b8
- (dtucker) [configure.ac] For Cygwin, read files in textmode (which allows
...
CRLF as well as LF lineendings) and write in binary mode. Patch from
vinschen at redhat.com.
2007-03-02 17:50:03 +11:00
c3af6d4d13
- (tim) [buildpkg.sh.in openssh.xml.in] Clean up Solaris 10 smf(5) bits.
...
"Looks sane" dtucker@
2007-03-01 09:34:52 -08:00
1d75f22c5d
- dtucker@cvs.openbsd.org 2007/03/01 10:28:02
...
[auth2.c sshd_config.5 servconf.c]
Remove ChallengeResponseAuthentication support inside a Match
block as its interaction with KbdInteractive makes it difficult to
support. Also, relocate the CR/kbdint option special-case code into
servconf. "please commit" djm@, ok markus@ for the relocation.
2007-03-01 21:31:28 +11:00
cf0d2db2fa
- dtucker@cvs.openbsd.org 2007/02/28 00:55:30
...
[ssh-agent.c]
Remove expired keys periodically so they don't remain in memory when
the agent is entirely idle, as noted by David R. Piegdon. This is the
simple fix, a more efficient one will be done later. With markus,
deraadt, with & ok djm.
2007-02-28 21:19:58 +11:00
90aaed4397
- ray@cvs.openbsd.org 2007/02/24 03:30:11
...
[moduli.c]
- strlen returns size_t, not int.
- Pass full buffer size to fgets.
OK djm@, millert@, and moritz@.
2007-02-25 20:38:55 +11:00
82347a8fd6
- dtucker@cvs.openbsd.org 2007/02/22 12:58:40
...
[servconf.c]
Check activep so Match and GatewayPorts work together; ok markus@
2007-02-25 20:37:52 +11:00
ed623966e3
- dtucker@cvs.openbsd.org 2007/02/21 11:00:05
...
[sshd.c]
Clear alarm() before restarting sshd on SIGHUP. Without this, if there's
a SIGALRM pending (for SSH1 key regeneration) when sshd is SIGHUP'ed, the
newly exec'ed sshd will get the SIGALRM and not have a handler for it,
and the default action will terminate the listening sshd. Analysis and
patch from andrew at gaul.org.
2007-02-25 20:37:21 +11:00
d04188e70e
- djm@cvs.openbsd.org 2007/02/20 10:25:14
...
[clientloop.c]
set maximum packet and window sizes the same for multiplexed clients
as normal connections; ok markus@
2007-02-25 20:36:49 +11:00
89ee69e3c6
- (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to calloc
...
an array for signatures when there are none since "calloc(0, n) returns
NULL on some platforms (eg Tru64), which is explicitly permitted by
POSIX. Diagnosis and patch by svallet genoscope.cns.fr.
2007-02-19 22:56:55 +11:00
53ced25d61
- (dtucker) [contrib/findssl.sh] Add "which" as a shell function since some
...
platforms don't have it. Patch from dleonard at vintela.com.
2007-02-19 22:44:25 +11:00
1629c07c07
- dtucker@cvs.openbsd.org 2007/02/19 10:45:58
...
[monitor_wrap.c servconf.c servconf.h monitor.c sshd_config.5]
Teach Match how handle config directives that are used before
authentication. This allows configurations such as permitting password
authentication from the local net only while requiring pubkey from
offsite. ok djm@, man page bits ok jmc@
2007-02-19 22:25:37 +11:00
591322ae38
- stevesk@cvs.openbsd.org 2007/02/14 14:32:00
...
[bufbn.c]
typos in comments; ok jmc@
2007-02-19 22:17:28 +11:00
6ec2fbec8b
- djm@cvs.openbsd.org 2007/01/22 13:06:21
...
[scp.c]
fix detection of whether we should show progress meter or not: scp
tested isatty(stderr) but wrote the progress meter to stdout. This patch
makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com;
of dtucker@
2007-02-19 22:14:11 +11:00
0aa3dbb508
- djm@cvs.openbsd.org 2007/01/22 11:32:50
...
[sftp-client.c]
return error from do_upload() when a write fails. fixes bz#1252: zero
exit status from sftp when uploading to a full device. report from
jirkat AT atlas.cz; ok dtucker@
2007-02-19 22:13:39 +11:00
cb0e1753c7
- stevesk@cvs.openbsd.org 2007/01/21 01:45:35
...
[readconf.c]
spaces
2007-02-19 22:12:53 +11:00
c58b5b0742
ChangeLog entries for previous 2 commits
2007-02-19 22:12:23 +11:00
26dc3e656a
- jmc@cvs.openbsd.org 2007/01/12 20:20:41
...
[ssh-keygen.1 ssh-keygen.c]
more secsh -> rfc 4716 updates;
spotted by wiz@netbsd
ok markus
2007-02-19 22:09:06 +11:00
bf6b328f27
- jmc@cvs.openbsd.org 2007/01/10 13:23:22
...
[ssh_config.5]
do not use a list for SYNOPSIS;
this is actually part of a larger report sent by eric s. raymond
and forwarded by brad, but i only read half of it. spotted by brad.
2007-02-19 22:08:17 +11:00
e42bd24b22
- (djm) [channels.c serverloop.c] Fix so-called "hang on exit" (bz #52 )
...
when closing a tty session when a background process still holds tty
fds open. Great detective work and patch by Marc Aurele La France,
slightly tweaked by me; ok dtucker@
2007-01-29 10:16:28 +11:00
07877ca680
- (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for public
...
library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro
so it works properly and modify its callers so that they don't pre or
post decrement arguments that are conditionally evaluated. While there,
put SNPRINTF_CONST back as it prevents build failures in some
configurations. ok djm@ (for most of it)
2007-01-24 00:07:29 +11:00
9f74105289
- (djm) [ssh-rand-helper.8] manpage nits;
...
from dleonard AT vintela.com (bz#1529)
2007-01-22 12:44:53 +11:00
eae5fa1b58
- (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h
...
and multiple including it causes problems on old IRIXes. (It snuck back
in during a sync.) Found (again) by Georg Schwarz.
2007-01-17 11:00:13 +11:00
742cc1c194
- (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in return
...
value of snprintf replacement, similar to bugs in various libc
implementations. This overflow is not exploitable in OpenSSH.
While I'm fiddling with it, make it a fair bit faster by inlining the
append-char routine; ok dtucker@
2007-01-14 21:20:30 +11:00
e67ac00b9b
typo
2007-01-14 10:26:25 +11:00
9ac56e945b
- (dtucker) [ssh-keygen.c] ac -> argv to match earlier sync.
2007-01-14 10:19:59 +11:00
e2334d600b
- stevesk@cvs.openbsd.org 2007/01/03 07:22:36
...
[sftp-server.c]
spaces
2007-01-05 16:31:02 +11:00
b6c85fcf37
- stevesk@cvs.openbsd.org 2007/01/03 04:09:15
...
[sftp.c]
ARGSUSED for lint
2007-01-05 16:30:41 +11:00
80163907ed
- stevesk@cvs.openbsd.org 2007/01/03 03:01:40
...
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
spaces
2007-01-05 16:30:16 +11:00
6c7439f963
- stevesk@cvs.openbsd.org 2007/01/03 00:53:38
...
[ssh-keygen.c]
remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan
2007-01-05 16:29:55 +11:00
d94fc72bcd
- jmc@cvs.openbsd.org 2007/01/02 09:57:25
...
[sshd_config.5]
do not use lists for SYNOPSIS;
from eric s. raymond via brad
2007-01-05 16:29:30 +11:00
9fc6a56204
- dtucker@cvs.openbsd.org 2006/12/14 10:01:14
...
[servconf.c]
Make "PermitOpen all" first-match within a block to match the way other
options work. ok markus@ djm@
2007-01-05 16:29:02 +11:00
a29b95ec3a
- dtucker@cvs.openbsd.org 2006/12/13 08:34:39
...
[servconf.c]
Make PermitOpen work with multiple values like the man pages says.
bz #1267 with details from peter at dmtz.com, with & ok djm@
2007-01-05 16:28:36 +11:00
1ec462658e
- djm@cvs.openbsd.org 2006/12/12 03:58:42
...
[channels.c compat.c compat.h]
bz #1019 : some ssh.com versions apparently can't cope with the
remote port forwarding bind_address being a hostname, so send
them an address for cases where they are not explicitly
specified (wildcard or localhost bind). reported by daveroth AT
acm.org; ok dtucker@ deraadt@
2007-01-05 16:26:45 +11:00
c0367fb0d2
- markus@cvs.openbsd.org 2006/12/11 21:25:46
...
[ssh-keygen.1 ssh.1]
add rfc 4716 (public key format); ok jmc
2007-01-05 16:25:46 +11:00
3ca8b77179
- ray@cvs.openbsd.org 2006/11/23 01:35:11
...
[misc.c sftp.c]
Don't access buf[strlen(buf) - 1] for zero-length strings.
``ok by me'' djm@.
2007-01-05 16:24:47 +11:00
df8b7db16e
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/11/14 19:41:04
[ssh-keygen.c]
use argc and argv not some made up short form
2007-01-05 16:22:57 +11:00
be6db83462
- (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@
2006-12-05 22:58:09 +11:00
143c2ef1ce
- (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would
...
occur if the server did not have the privsep user and an invalid user
tried to login and both privsep and krb5 auth are disabled.
2006-12-05 09:08:54 +11:00
b0781f79db
- markus@cvs.openbsd.org 2006/11/07 13:02:07
...
[dh.c]
BN_hex2bn returns int; from dtucker@
2006-11-08 10:01:36 +11:00
14ea86391b
- (dtucker) Release 4.5p1.
2006-11-07 23:27:34 +11:00
c2820c5822
- (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump
...
versions.
2006-11-07 23:25:45 +11:00
fbba735aa3
- markus@cvs.openbsd.org 2006/11/07 10:31:31
...
[monitor.c version.h]
correctly check for bad signatures in the monitor, otherwise the monitor
and the unpriv process can get out of sync. with dtucker@, ok djm@,
dtucker@
2006-11-07 23:16:08 +11:00
0bc85579a9
- markus@cvs.openbsd.org 2006/11/06 21:25:28
...
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
add missing checks for openssl return codes; with & ok djm@
2006-11-07 23:14:41 +11:00
df0e438a2e
- (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
...
if we absolutely need it. Pointed out by Corinna, ok djm@
2006-11-07 11:28:40 +11:00
570c2ab1b6
- markus@cvs.openbsd.org 2006/10/31 16:33:12
...
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
check DH_compute_key() for -1 even if it should not happen because of
earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm
2006-11-05 05:32:02 +11:00
3975ee2c3c
- (djm) OpenBSD CVS Sync
...
- otto@cvs.openbsd.org 2006/10/28 18:08:10
[ssh.1]
correct/expand example of usage of -w; ok jmc@ stevesk@
2006-11-05 05:31:33 +11:00
4d13ecea54
- (dtucker) [openbsd-compat/port-solaris.c] Bug #1255 : Make only hwerr
...
events fatal in Solaris process contract support and tell it to signal
only processes in the same process group when something happens.
Based on information from andrew.benham at thus.net and similar to
a patch from Chad Mynhier. ok djm@
2006-11-01 10:28:49 +11:00
796c6c693d
- (djm) [auth.c] gc some dead code
2006-10-28 01:10:15 +10:00
bcf8be356f
- (tim) [Makefile.in scard/Makefile.in] Add datarootdir= lines to keep
...
autoconf 2.60 from complaining.
2006-10-23 14:44:47 -07:00
50455890f3
- djm@cvs.openbsd.org 2006/10/22 02:25:50
...
[sftp-client.c]
cancel progress meter when upload write fails; ok deraadt@
2006-10-24 03:03:02 +10:00
985a4485f5
- markus@cvs.openbsd.org 2006/10/11 12:38:03
...
[clientloop.c serverloop.c]
exit instead of doing a blocking tcp send if we detect a client/server
timeout, since the tcp sendqueue might be already full (of alive
requests); ok dtucker, report mpf
2006-10-24 03:02:41 +10:00
f4bcd10c4c
- markus@cvs.openbsd.org 2006/10/10 10:12:45
...
[sshconnect.c]
sleep before retrying (not after) since sleep changes errno; fixes
pr 5250; rad@twig.com ; ok dtucker djm
2006-10-24 03:02:23 +10:00
990b1a80b5
- djm@cvs.openbsd.org 2006/10/09 23:36:11
...
[session.c]
xmalloc -> xcalloc that was missed previously, from portable
(NB. Id sync only for portable, obviously)
2006-10-24 03:01:56 +10:00
952dce6593
- djm@cvs.openbsd.org 2006/10/06 02:29:19
...
[ssh-agent.c ssh-keyscan.c ssh.c]
sys/resource.h needs sys/time.h; prompted by brad@
(NB. Id sync only for portable)
2006-10-24 03:01:16 +10:00
e7658a50f0
- (djm) OpenBSD CVS Sync
...
- ray@cvs.openbsd.org 2006/09/30 17:48:22
[sftp.c]
Clear errno before calling the strtol functions.
From Paul Stoeber <x0001 at x dot de1 dot cc>.
OK deraadt@.
2006-10-24 03:00:12 +10:00
78802f0af3
- (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warnings
...
on older versions of OS X. ok djm@
2006-10-18 22:51:31 +10:00
ffe88e15af
- ray@cvs.openbsd.org 2006/09/25 04:55:38
...
[ssh-keyscan.1 ssh.1]
Change "a SSH" to "an SSH". Hurray, I'm not the only one who
pronounces "SSH" as "ess-ess-aich".
OK jmc@ and stevesk@.
2006-10-18 07:53:06 +10:00
a43c005825
- (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macros
...
on older (2.0) Linuxes. Based on patch from thmo-13 at gmx de.
2006-10-16 19:49:12 +10:00
77674b1efa
- (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).
...
Allow setting alternate awk in openssh-config.local.
2006-10-06 18:49:36 -07:00
adc947d5a5
- (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing for
...
SELinux functions so they're detected correctly. Patch from pebenito at
gentoo.org.
2006-10-07 09:07:20 +10:00
09f1093a29
20061006
...
- (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris.
Differentiate between OpenServer 5 and OpenServer 6
2006-10-06 14:58:38 -07:00
1cfab23b7f
- (tim) [configure.ac] Move CHECK_HEADERS test before platform specific
...
section so additional platform specific CHECK_HEADER tests will work
correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no
Feedback and "seems like a good idea" dtucker@
2006-10-03 09:34:35 -07:00
47bda1ff83
- (dtucker) [audit-bsm.c] Include errno.h. Pointed out by des at des.no.
2006-10-01 08:09:50 +10:00
5e8381ee86
- (dtucker) [configure.ac] Bug #1239 : Fix configure test for OpenSSH engine
...
support. Patch from andrew.benham at thus net.
2006-09-29 20:16:51 +10:00
23dd658e57
- (dtucker) [entropy.c] Bug #1238 : include signal.h to fix compilation error
...
on Solaris 8 w/out /dev/random or prngd. Patch from rl at
math.technion.ac.il.
2006-09-28 19:40:20 +10:00
b4b2f9a6c9
Marker for 4.4p1 release
2006-09-28 19:08:32 +10:00
25bd3c0612
- (dtucker) [sftp-server.8] Resync; spotted by djm@
2006-09-26 20:14:28 +10:00
822d3a6fc1
- (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not
...
referenced any more. ok djm@
2006-09-26 18:59:34 +10:00
f2ae7bf4a8
Trim ChangeLog Prior to 4.2p1
2006-09-26 18:57:28 +10:00
983b35b281
20060924
...
- (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added
to rev 1.308) to work around broken gcc 2.x header file.
2006-09-24 12:08:59 -07:00
0ee3cbfc51
- (dtucker) [configure.ac] Bug #1234 : Put opensc libs into $LIBS rather than
...
$LDFLAGS. Patch from vapier at gentoo org.
2006-09-23 16:25:19 +10:00
dace233d70
- (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on
...
some platforms (eg HP-UX 11.00). From santhi.amirta at gmail com.
2006-09-22 19:22:17 +10:00
0dc5484ca6
- (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes
...
build error on Ultrix. From Bernhard Simon.
2006-09-21 23:13:30 +10:00
4aa665b71c
- markus@cvs.openbsd.org 2006/09/19 21:14:08
...
[packet.c]
client NULL deref on protocol error; Tavis Ormandy, Google Security Team
2006-09-21 13:00:25 +10:00
1e80e4023b
- otto@cvs.openbsd.org 2006/09/19 05:52:23
...
[sftp.c]
Use S_IS* macros insted of masking with S_IF* flags. The latter may
have multiple bits set, which lead to surprising results. Spotted by
Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@
2006-09-21 12:59:33 +10:00
c70ce7b09d
- (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.
...
Prevents macro redefinition warnings of "RDONLY".
2006-09-18 23:54:32 +10:00
9216c37d60
- (dtucker) [configure.ac] On AIX, check to see if the compiler will allow
...
macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags.
Allows build out of the box with older VAC and XLC compilers. Found by
David Bronder and Bernhard Simon.
2006-09-18 23:17:40 +10:00
83bbb03e52
- (dtucker) [INSTALL] Add info about audit support.
2006-09-17 22:55:52 +10:00
1f062ca339
- (djm) [sshd.c] Fix warning/API abuse; ok dtucker@
2006-09-17 14:04:46 +10:00
5965ae13e0
- (dtucker) [monitor.c] Correctly handle auditing of single commands when
...
using Protocol 1. From jhb at freebsd.
2006-09-17 12:00:13 +10:00
54e1b2291c
- (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
...
process so that any logging it does is with the right timezone. From
Scott Strickler, ok djm@.
2006-09-17 11:57:46 +10:00
dd1f9b307e
- (djm) Add openssh.xml to .cvsignore and sort it
2006-09-17 08:05:03 +10:00
3c9c1fbd21
- djm@cvs.openbsd.org 2006/09/16 19:53:37
...
[deattack.c deattack.h packet.c]
limit maximum work performed by the CRC compensation attack detector,
problem reported by Tavis Ormandy, Google Security Team;
ok markus@ deraadt@
2006-09-17 06:08:53 +10:00
223897a01a
- (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]
...
Support SMF in Solaris Packages if enabled by configure. Patch from
Chad Mynhier, tested by dtucker@
2006-09-12 21:54:10 +10:00
5d8a9acef0
- (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. Noted
...
by Pekka Savola.
2006-09-11 20:46:13 +10:00
57b2920ad8
- (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.
2006-09-10 20:25:51 +10:00
f376669328
- (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.
2006-09-10 13:24:18 +10:00
733a292c11
- (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@
2006-09-09 20:41:25 +10:00
19a66dbf4f
- (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
2006-09-09 20:34:15 +10:00
08432d54fa
- (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
2006-09-09 15:59:43 +10:00
6d0d6fbfdf
- (dtucker) [configure.ac] The BSM header test needs time.h in some cases.
2006-09-09 01:05:21 +10:00
17da530d60
- (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch
...
from Chris Adams.
2006-09-08 09:54:41 +10:00
89f59cea1c
- (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better
...
chance of winning.
2006-09-08 00:03:05 +10:00
f19bbc3883
- (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.
2006-09-07 22:57:53 +10:00
b8f00193d8
- (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6
2006-09-06 18:11:29 -07:00
6433df036e
- (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
...
be used to drop privilege to; fixes Solaris GSSAPI crash reported by
Magnus Abrante; suggestion and feedback dtucker@
NB. this change will require that the privilege separation user must
exist on all the time, not just when UsePrivilegeSeparation=yes
2006-09-07 10:36:43 +10:00
6e1033318c
- (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.
2006-09-05 19:25:19 +10:00
e1fe09968d
- (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.
2006-09-05 07:53:38 +10:00
3e0891093a
- (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native
...
updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius,
ok djm@
2006-09-04 22:37:41 +10:00
ed0b59218e
- (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
...
declaration of writev(2) and declare it ourselves if necessary. Makes
the atomiciov() calls build on really old systems. ok djm@
2006-09-03 22:44:49 +10:00
46aa3e0ce1
- (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
...
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
for hton* and ntoh* macros. Required on (at least) HP-UX since we define
_XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-09-02 15:32:40 +10:00
25fa0ee693
- (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.
2006-09-02 12:38:56 +10:00
9fdeb66f67
- (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] Crank
...
versions.
2006-09-01 21:32:53 +10:00
096faecdea
- (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly
...
test for GLOB_NOMATCH and use our glob functions if it's not found.
Stops sftp from segfaulting when attempting to get a nonexistent file on
Cygwin (previous versions of OpenSSH didn't use the native glob). Partly
from and tested by Corinna Vinschen.
2006-09-01 20:29:10 +10:00
0646ca6be8
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
...
warnings for binary_open and binary_close. Patch from Corinna Vinschen.
2006-09-01 19:29:01 +10:00
607aede26c
- (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]
...
[openbsd-compat/rresvport.c] Some more headers: netinet/in.h
sys/socket.h and unistd.h in various places
2006-09-01 15:48:19 +10:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
288cbbd59e
- (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege
...
while setting up the ssh service account. Patch from Corinna Vinschen.
2006-08-31 11:28:49 +10:00
1b06dc30ad
- (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
...
[platform.c platform.h sshd.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
[openbsd-compat/port-solaris.h] Add support for Solaris process
contracts, enabled with --use-solaris-contracts. Patch from Chad
Mynhier, tweaked by dtucker@ and myself; ok dtucker@
2006-08-31 03:24:41 +10:00
26d4e19caa
- (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207 : always call
...
loginsuccess on AIX immediately after authentication to clear the failed
login count. Previously this would only happen when an interactive
session starts (ie when a pty is allocated) but this means that accounts
that have primarily non-interactive sessions (eg scp's) may gradually
accumulate enough failures to lock out an account. This change may have
a side effect of creating two audit records, one with a tty of "ssh"
corresponding to the authentication and one with the allocated pty per
interactive session.
2006-08-30 22:33:09 +10:00
8ff1da81ec
- (djm) [openbsd-compat/xcrypt.c] needs unistd.h
2006-08-30 17:52:03 +10:00
6ba5740941
- djm@cvs.openbsd.org 2006/08/30 00:14:37
...
[version.h]
crank to 4.4
2006-08-30 11:09:01 +10:00
2125887a94
- dtucker@cvs.openbsd.org 2006/08/30 00:06:51
...
[sshconnect2.c]
Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
where previously it weren't. bz #1221 , found by Dean Kopesky, ok djm@
2006-08-30 11:08:33 +10:00
76758b6423
- dtucker@cvs.openbsd.org 2006/08/29 12:02:30
...
[gss-genr.c]
Work around a problem in Heimdal that occurs when KRB5CCNAME file is
missing, by checking whether or not kerberos allocated us a context
before attempting to free it. Patch from Simon Wilkinson, tested by
biorn@, ok djm@
2006-08-30 11:08:04 +10:00
d5fe0baa73
- djm@cvs.openbsd.org 2006/08/29 10:40:19
...
[channels.c session.c]
normalise some inconsistent (but harmless) NULL pointer checks
spotted by the Stanford SATURN tool, via Isil Dillig;
ok markus@ deraadt@
2006-08-30 11:07:39 +10:00
5d43d49014
- dtucker@cvs.openbsd.org 2006/08/21 08:15:57
...
[sshd.8]
Add more detail about what permissions are and aren't accepted for
authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
2006-08-30 11:07:00 +10:00
b594f38bae
- (djm) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2006/08/21 08:14:01
[sshd_config.5]
Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@,
ok jmc@ djm@
2006-08-30 11:06:34 +10:00
e83a83c7be
- (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
...
unused variable warning when we have a broken or missing mmap(2).
2006-08-24 19:55:41 +10:00
c1abe8e3e8
- (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.
2006-08-24 19:53:40 +10:00
f80f5ec81b
- (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).
2006-08-24 19:52:30 +10:00
450d2af2a3
- (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)
...
on POSIX systems.
2006-08-24 19:45:33 +10:00
e086955531
- (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on
...
older systems.
2006-08-24 19:43:16 +10:00
fe408b4826
- (dtucker) [openbsd-compat/basename.c] Include errno.h.
2006-08-24 19:41:03 +10:00
12259d9680
- (dtucker) [Makefile.in] Bug #1177 : fix incorrect path for sshrc in
...
Makefile. Patch from santhi.amirta at gmail, ok djm.
2006-08-22 22:24:10 +10:00
0eb810015f
- (dtucker) [configure.ac] Remove errant "-".
2006-08-20 21:43:19 +10:00
639bbe8bfe
- (dtucker) [configure.ac] Bug #1181 : Explicitly test to see if OpenSSL
...
(0.9.8a and presumably newer) requires -ldl to successfully link.
2006-08-20 20:17:53 +10:00
3e6bde483d
- (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
...
fixing bug #1181 . No changes yet.
2006-08-20 20:03:50 +10:00
4ba387337c
- (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore
...
afterward. Removes the need to mangle $LIBS later to remove -lpam and -ldl.
2006-08-20 19:55:02 +10:00
aa1517ca1e
- (dtucker) [log.c] Move ifdef to prevent unused variable warning.
2006-08-20 17:55:54 +10:00
f0625699df
- (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a
...
single rule for the test progs.
2006-08-19 19:12:14 +10:00
deccaa7d0f
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2006/08/18 22:41:29
[gss-genr.c]
GSSAPI error code should be 0 and not -1; from simon@sxw.org.uk
2006-08-19 08:50:57 +10:00
bb59814cd6
- (djm) Disable sigdie() for platforms that cannot safely syslog inside
...
a signal handler (basically all of them, excepting OpenBSD);
ok dtucker@
2006-08-19 08:38:23 +10:00
3d2d6e90e4
- djm@cvs.openbsd.org 2006/08/18 14:40:34
...
[gss-genr.c ssh-gss.h]
constify host argument to match the rest of the GSSAPI functions and
unbreak compilation with -Werror
2006-08-19 00:46:43 +10:00
a1cb9f334b
- djm@cvs.openbsd.org 2006/08/18 13:54:54
...
[gss-genr.c ssh-gss.h sshconnect2.c]
bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
ok markus@
2006-08-19 00:33:34 +10:00
bdf00ca0bd
- djm@cvs.openbsd.org 2006/08/18 10:27:16
...
[misc.h]
reorder so prototypes are sorted by the files they refer to; no
binary change
2006-08-19 00:33:05 +10:00
3f8123c804
- markus@cvs.openbsd.org 2006/08/18 09:15:20
...
[auth.h session.c sshd.c]
delay authentication related cleanups until we're authenticated and
all alarms have been cancelled; ok deraadt
2006-08-19 00:32:46 +10:00
99a648e592
- deraadt@cvs.openbsd.org 2006/08/18 09:13:26
...
[log.c log.h sshd.c]
make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus
2006-08-19 00:32:20 +10:00
a1f6840a4f
- djm@cvs.openbsd.org 2006/08/16 11:47:15
...
[sshd.c]
factor inetd connection, TCP listen and main TCP accept loop out of
main() into separate functions to improve readability; ok markus@
2006-08-19 00:31:39 +10:00
565ca3f600
- dtucker@cvs.openbsd.org 2006/08/14 12:40:25
...
[servconf.c servconf.h sshd_config.5]
Add ability to match groups to Match keyword in sshd_config. Feedback
djm@, stevesk@, ok stevesk@.
2006-08-19 00:23:15 +10:00
1c89ce0749
- miod@cvs.openbsd.org 2006/08/12 20:46:46
...
[monitor.c monitor_wrap.c]
Revert previous include file ordering change, for ssh to compile under
gcc2 (or until openssl include files are cleaned of parameter names
in function prototypes)
2006-08-19 00:22:40 +10:00
63b94128cb
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2006/08/06 01:13:32
[compress.c monitor.c monitor_wrap.c]
"zlib.h" can be <zlib.h>; ok djm@ markus@
2006-08-19 00:21:46 +10:00
637c80aa6f
- (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the
...
test progs instead; they work better than what we have.
2006-08-18 20:56:18 +10:00
ec4e4daa6c
- (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.
2006-08-18 20:09:32 +10:00
43d3ccdbdd
- (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.
2006-08-18 19:49:58 +10:00
d018b2e9c8
- (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with
...
closefrom.c from sudo.
2006-08-18 18:51:20 +10:00
c889ffdbc6
- (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress
...
test for closefrom() in compat code.
2006-08-17 19:40:35 +10:00
3083bc2b52
- (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl
...
for closefrom() on AIX. Pointed out by William Ahern.
2006-08-17 19:35:49 +10:00
e6b641a9a1
- (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c]
...
Include stdlib.h for malloc and friends.
2006-08-17 18:55:27 +10:00
56799c3f2a
- (djm) [audit-bsm.c] Sprinkle in some headers
2006-08-16 11:40:45 +10:00
533418138f
- (dtucker) [LICENCE] Add Reyk to the list for the compat dir.
2006-08-15 18:21:32 +10:00
0e5143e88e
- (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings
...
on Solaris 10
2006-08-07 11:26:36 +10:00
f78fb54412
- (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c,
...
glob.c}] Include stdlib.h for malloc and friends in compat code.
2006-08-06 21:25:24 +10:00
32ab2ae3f3
- (dtucker) [defines.h] With the includes.h changes we no longer get the
...
name clash on "YES" so we can remove the workaround for it.
2006-08-06 21:23:27 +10:00
3e714514e8
- (dtucker) [audit-bsm.c] Add additional headers now required.
2006-08-06 00:12:54 +10:00
79ba868fbe
- (dtucker) [audit.c audit.h] Repair headers.
2006-08-06 00:05:09 +10:00
6e1a9aa9b9
- (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.
2006-08-05 19:56:00 +10:00
2b4e38b712
- (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.
2006-08-05 19:18:08 +10:00
92350103fc
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile
...
on Cygwin.
2006-08-05 19:08:16 +10:00
f676c57958
- dtucker@cvs.openbsd.org 2006/08/05 08:34:04
...
[packet.c]
Typo in comment
2006-08-05 18:51:08 +10:00
d6a23f2057
- dtucker@cvs.openbsd.org 2006/08/05 08:28:24
...
[monitor_wrap.c auth-skey.c auth2-chall.c]
Zap unused variables in -DSKEY code. ok djm@
2006-08-05 18:50:35 +10:00
260cb3519d
- dtucker@cvs.openbsd.org 2006/08/05 08:00:33
...
[auth-skey.c]
Add headers required to build with -DSKEY. ok djm@
2006-08-05 18:48:01 +10:00
1a3d6e7bdd
- dtucker@cvs.openbsd.org 2006/08/05 07:52:52
...
[auth2-none.c sshd.c monitor_wrap.c]
Add headers required to build with KERBEROS5=no. ok djm@
2006-08-05 18:46:47 +10:00
8a15f01aff
- (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll,
...
otherwise it is implicitly declared as returning an int.
2006-08-05 16:27:20 +10:00
d8aec107fe
- (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.
2006-08-05 16:12:15 +10:00
4c65543c89
- (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.
2006-08-05 15:57:40 +10:00
ecf28ba7aa
- (dtucker) [entropy.c] Needs unistd.h too.
2006-08-05 15:50:20 +10:00
e7eec90f38
- (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of
...
#include stdarg.h, needed for log.h.
2006-08-05 15:47:26 +10:00
8c6fedaf22
- (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.
2006-08-05 15:24:59 +10:00
90659f8166
- (dtucker) [cleanup.c] Need defines.h for __dead.
2006-08-05 14:46:27 +10:00
75bb664458
- (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
...
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
includes for Linux in
2006-08-05 14:07:20 +10:00
d04db59ad9
- (djm) [openbsd-compat/regress/snprintftest.c]
...
[openbsd-compat/regress/strduptest.c] Add missing includes so they pass
compilation with "-Wall -Werror"
2006-08-05 13:27:29 +10:00
36cbe41ceb
- (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec
2006-08-05 12:54:24 +10:00
4cbfe8ebeb
- (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
...
remove last traces of bufaux.h - it was merged into buffer.h in the big
includes.h commit
2006-08-05 12:49:30 +10:00
2ab323e0bd
- (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
2006-08-05 12:43:32 +10:00
Darren Tucker
Damien Miller
Tim Rice