tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,852 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

6351 Commits

Author SHA1 Message Date
Darren Tucker 91af05c516 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange 
methods.  When the openssl version doesn't support ECDH then next one on
   the list is DH group exchange, but that causes a bit more traffic which can
   mean that the tests flip bits in the initial exchange rather than the MACed
   traffic and we get different errors to what the tests look for.
 2013-05-17 13:16:59 +10:00
Darren Tucker 6e1e60c3c2 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it 
in portable and it's long gone in openbsd.
 2013-05-17 11:23:41 +10:00
Darren Tucker 982b0cbc4c - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 
[regress/rekey.sh]
     add tests for RekeyLimit parsing
 2013-05-17 09:45:12 +10:00
Darren Tucker 14490fe7b0 - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 
[regress/rekey.sh]
     add server-side rekey test
 2013-05-17 09:44:20 +10:00
Darren Tucker c31c8729c1 - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 
[regress/rekey.sh]
     test rekeying when there's no data being transferred
 2013-05-17 09:43:33 +10:00
Darren Tucker a8a62fcc46 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 
[rekey.sh]
     Add test for time-based rekeying
 2013-05-17 09:42:34 +10:00
Darren Tucker 5e95173715 - djm@cvs.openbsd.org 2013/05/10 03:46:14 
[modpipe.c]
     sync some portability changes from portable OpenSSH (id sync only)
 2013-05-17 09:41:33 +10:00
Darren Tucker a4df65b9fc - dtucker@cvs.openbsd.org 2013/04/22 07:28:53 
[multiplex.sh]
     Add tests for -Oforward and -Ocancel for local and remote forwards
 2013-05-17 09:37:31 +10:00
Darren Tucker 40aaff7e4b - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 
[multiplex.sh]
     Write mux master logs to regress.log instead of ssh.log to keep separate
 2013-05-17 09:36:20 +10:00
Darren Tucker f3568fc62b - djm@cvs.openbsd.org 2013/04/18 02:46:12 
[Makefile regress/sftp-chroot.sh]
     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
 2013-05-17 09:35:26 +10:00
Darren Tucker dfea3bcdd7 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 
[regress/Makefile regress/rekey.sh regress/integrity.sh
     regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
     use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
     save the output from any failing tests.  If a test fails the debug output
     from ssh and sshd for the failing tests (and only the failing tests) should
     be available in failed-ssh{,d}.log.
 2013-05-17 09:31:39 +10:00
Darren Tucker 75129025a2 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
     regress/multiplex.sh Makefile regress/cfgmatch.sh]
     Split the regress log into 3 parts: the debug output from ssh, the debug
     log from sshd and the output from the client command (ssh, scp or sftp).
     Somewhat functional now, will become more useful when ssh/sshd -E is added.
 2013-05-17 09:19:10 +10:00
Darren Tucker 7c8b1e7233 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 
[test-exec.sh]
     Only regenerate host keys if they don't exist or if ssh-keygen has changed
     since they were.  Reduces test runtime by 5-30% depending on machine
     speed.
 2013-05-17 09:10:20 +10:00
Darren Tucker 712de4d110 - djm@cvs.openbsd.org 2013/03/07 00:20:34 
[regress/proxy-connect.sh]
     repeat test with a style appended to the username
 2013-05-17 09:07:12 +10:00
Darren Tucker 09c0f0325b - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 
[servconf.c]
     remove another now-unused variable
 2013-05-16 20:48:57 +10:00
Darren Tucker 9113d0c238 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 
[servconf.c readconf.c]
     remove now-unused variables
 2013-05-16 20:48:14 +10:00
Darren Tucker e194ba4111 - (dtucker) [configure.ac readconf.c servconf.c 
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
 2013-05-16 20:47:31 +10:00
Darren Tucker b7ee852144 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 
[readconf.c servconf.c]
     switch RekeyLimit traffic volume parsing to scan_scaled.  ok djm@
 2013-05-16 20:33:10 +10:00
Darren Tucker dbee308253 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
     Fix some "unused result" warnings found via clang and -portable.
     ok markus@
 2013-05-16 20:32:29 +10:00
Darren Tucker 64d22946d6 - jmc@cvs.openbsd.org 2013/05/16 06:30:06 
[sshd_config.5]
     oops! avoid Xr to self;
 2013-05-16 20:31:29 +10:00
Darren Tucker 63e0df2b93 - jmc@cvs.openbsd.org 2013/05/16 06:28:45 
[ssh_config.5]
     put IgnoreUnknown in the right place;
 2013-05-16 20:30:31 +10:00
Darren Tucker 0763698f71 - djm@cvs.openbsd.org 2013/05/16 04:27:50 
[ssh_config.5 readconf.h readconf.c]
     add the ability to ignore specific unrecognised ssh_config options;
     bz#866; ok markus@
 2013-05-16 20:30:03 +10:00
Darren Tucker 5f96f3b4be - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
     sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
     rekeying based on traffic volume or time.  ok djm@, help & ok jmc@ for the man
     page.
 2013-05-16 20:29:28 +10:00
Darren Tucker c53c2af173 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
     ssh_config.5 packet.h]
     Add an optional second argument to RekeyLimit in the client to allow
     rekeying based on elapsed time in addition to amount of traffic.
     with djm@ jmc@, ok djm
 2013-05-16 20:28:16 +10:00
Darren Tucker 64c6fceecd - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 
[ssh-pkcs11-helper.c]
     remove unused extern optarg.  ok markus@
 2013-05-16 20:27:14 +10:00
Darren Tucker caf0010934 - djm@cvs.openbsd.org 2013/05/10 04:08:01 
[key.c]
     memleak in cert_free(), wasn't actually freeing the struct;
     bz#2096 from shm AT digitalsun.pl
 2013-05-16 20:26:18 +10:00
Darren Tucker 7e831edbf7 add missing attribution 2013-05-16 20:25:40 +10:00
Darren Tucker 54da6be320 - djm@cvs.openbsd.org 2013/05/10 03:40:07 
[sshconnect2.c]
     fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
 2013-05-16 20:25:04 +10:00
Darren Tucker 5d8b702d95 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 
[sftp-server.8]
     Reference the version of the sftp draft we actually implement.  ok djm@
 2013-05-16 20:24:23 +10:00
Darren Tucker 026d9db3fb - tedu@cvs.openbsd.org 2013/04/24 16:01:46 
[misc.c]
     remove extra parens noticed by nicm
 2013-05-16 20:23:52 +10:00
Darren Tucker 2ca51bf140 - tedu@cvs.openbsd.org 2013/04/23 17:49:45 
[misc.c]
     use xasprintf instead of a series of strlcats and strdup. ok djm
 2013-05-16 20:22:46 +10:00
Damien Miller 6aa3eacc5e - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be 
executed if mktemp failed; bz#2105 ok dtucker@
 2013-05-16 11:10:17 +10:00
Darren Tucker c54e3e0741 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so 
we don't get a warning on compilers that *don't* support it.  Add
   -Wno-unknown-warning-option.  Move both to the start of the list for
   maximum noise suppression.  Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
 2013-05-10 18:53:14 +10:00
Darren Tucker a75d247a18 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the 
underlying libraries support them.
 2013-05-10 18:11:55 +10:00
Darren Tucker 0abfb559e3 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c 
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
  in to use it when we're using our own getopt.
 2013-05-10 18:08:49 +10:00
Darren Tucker ccfdfceacb - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c 
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
   portability code to getopt_long.c and switch over Makefile and the ugly
   hack in modpipe.c.  Fixes bz#1448.
 2013-05-10 16:28:55 +10:00
Darren Tucker 3933202007 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No 
portability changes yet.
 2013-05-10 15:38:11 +10:00
Darren Tucker 35b2fe99be - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to 
getopt.c.  Preprocessed source is identical other than line numbers.
 2013-05-10 15:35:26 +10:00
Darren Tucker abbc7a7c02 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler 
supports it.  Mentioned by Colin Watson in bz#2100, ok djm.
 2013-05-10 13:54:23 +10:00
Damien Miller bc02f163f6 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 
[mux.c]
     typo in debug output: evitval->exitval
 2013-04-23 19:25:49 +10:00
Damien Miller f8b894e31d - djm@cvs.openbsd.org 2013/04/19 12:07:08 
[kex.c]
     remove duplicated list entry pointed out by naddy@
 2013-04-23 19:25:29 +10:00
Damien Miller 34bd20a1e5 - djm@cvs.openbsd.org 2013/04/19 11:10:18 
[ssh.c]
     add -Q to usage; reminded by jmc@
 2013-04-23 19:25:00 +10:00
Damien Miller ea11119eee - djm@cvs.openbsd.org 2013/04/19 01:06:50 
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
     [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
     add the ability to query supported ciphers, MACs, key type and KEX
     algorithms to ssh. Includes some refactoring of KEX and key type handling
     to be table-driven; ok markus@
 2013-04-23 19:24:32 +10:00
Damien Miller a56086b990 - djm@cvs.openbsd.org 2013/04/19 01:03:01 
[session.c]
     reintroduce 1.262 without the connection-killing bug:
     fatal() when ChrootDirectory specified by running without root privileges;
     ok markus@
 2013-04-23 15:24:18 +10:00
Damien Miller 0d6771b464 - djm@cvs.openbsd.org 2013/04/19 01:01:00 
[ssh-keygen.c]
     fix some memory leaks; bz#2088 ok dtucker@
 2013-04-23 15:23:24 +10:00
Damien Miller 467b00c38b - djm@cvs.openbsd.org 2013/04/19 01:00:10 
[sshd_config.5]
     document the requirment that the AuthorizedKeysCommand be owned by root;
     ok dtucker@ markus@
 2013-04-23 15:23:07 +10:00
Damien Miller 9303e6527b - djm@cvs.openbsd.org 2013/04/18 02:16:07 
[sftp.c]
     make "sftp -q" do what it says on the sticker: hush everything but errors;
 2013-04-23 15:22:40 +10:00
Damien Miller f1a02aea35 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 
[session.c]
     revert rev 1.262; it fails because uid is already set here.  ok djm@
 2013-04-23 15:22:13 +10:00
Damien Miller d5edefd27a - djm@cvs.openbsd.org 2013/04/11 02:27:50 
[packet.c]
     quiet disconnect notifications on the server from error() back to logit()
     if it is a normal client closure; bz#2057 ok+feedback dtucker@
 2013-04-23 15:21:39 +10:00
Damien Miller 6901032b05 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 
[sshd.8]
     clarify -e text. suggested by & ok jmc@
 2013-04-23 15:21:24 +10:00