tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,214 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

6214 Commits

Author SHA1 Message Date
Darren Tucker b69e033e67 - (dtucker) [regress/keytype.sh] Import new test. 2010-11-05 18:19:15 +11:00
Darren Tucker b12fe272a0 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case 
check into platform.c
 2010-11-05 14:47:01 +11:00
Darren Tucker cc12418e18 - (dtucker) [platform.c session.c] Move PAM credential establishment for the 
non-LOGIN_CAP case into platform.c.
 2010-11-05 13:32:52 +11:00
Darren Tucker 0b2ee6452c - (dtucker) [platform.c session.c] Move irix setusercontext fragment into 
platform.c.
 2010-11-05 13:29:25 +11:00
Darren Tucker 676b912e78 - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. 2010-11-05 13:11:04 +11:00
Darren Tucker 7a8afe3186 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into 
platform.c
 2010-11-05 13:07:24 +11:00
Darren Tucker 728d8371a1 - (dtucker) [platform.c session.c] Move the PAM credential establishment for 
the LOGIN_CAP case into platform.c.
 2010-11-05 13:00:05 +11:00
Darren Tucker fd4d8aa2cb - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to 
retain previous behavior.
 2010-11-05 12:50:41 +11:00
Darren Tucker 44a97be0cc - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. 2010-11-05 12:45:18 +11:00
Darren Tucker 4db380701d - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into 
platform.c
 2010-11-05 12:41:13 +11:00
Darren Tucker 920612e45a - (dtucker) [platform.c platform.h session.c] Add a platform hook to run 
after the user's groups are established and move the selinux calls into it.
 2010-11-05 12:36:15 +11:00
Darren Tucker 97528353c2 - (dtucker) [configure.ac platform.{c,h} session.c 
openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
   ok djm@
 2010-11-05 12:03:05 +11:00
Damien Miller 34ee4204c6 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of 
int. Should fix bz#1817 cleanly; ok dtucker@
 2010-11-05 10:52:37 +11:00
Damien Miller 0733121194 - djm@cvs.openbsd.org 2010/11/04 02:45:34 
[sftp-server.c]
     umask should be parsed as octal. reported by candland AT xmission.com;
     ok markus@
 2010-11-05 10:20:31 +11:00
Damien Miller 55fa56505b - jmc@cvs.openbsd.org 2010/10/28 18:33:28 
[scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     knock out some "-*- nroff -*-" lines;
 2010-11-05 10:20:14 +11:00
Damien Miller b472a90d4c - djm@cvs.openbsd.org 2010/10/28 11:22:09 
[authfile.c key.c key.h ssh-keygen.c]
     fix a possible NULL deref on loading a corrupt ECDH key

     store ECDH group information in private keys files as "named groups"
     rather than as a set of explicit group parameters (by setting
     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
     retrieves the group's OpenSSL NID that we need for various things.
 2010-11-05 10:19:49 +11:00
Damien Miller 3a0e9f6479 - djm@cvs.openbsd.org 2010/09/22 12:26:05 
[regress/Makefile regress/kextype.sh]
     regress test for each of the key exchange algorithms that we support
 2010-11-05 10:16:34 +11:00
Darren Tucker 54b1f3121d - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a 
native one.
 2010-10-25 16:54:28 +11:00
Tim Rice bdd3e67c19 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with 
1.12 to unbreak Solaris build.
   ok djm@
 2010-10-24 18:35:55 -07:00
Darren Tucker 7bc236de21 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't 
have it.
 2010-10-24 11:58:43 +11:00
Darren Tucker d633fef471 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms 
which don't have ECC support in libcrypto.
 2010-10-24 11:33:07 +11:00
Darren Tucker bfd9b1be41 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms 
which don't have ECC support in libcrypto.
 2010-10-24 11:19:26 +11:00
Darren Tucker d78739ab90 - sthen@cvs.openbsd.org 2010/10/23 22:06:12 
[sftp.c]
     escape '[' in filename tab-completion; fix a type while there.
     ok djm@
 2010-10-24 10:56:32 +11:00
Darren Tucker a53939332d - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build. 2010-10-24 10:47:30 +11:00
Damien Miller 6fd2d7de4b - djm@cvs.openbsd.org 2010/08/31 12:24:09 
[regress/cert-hostkey.sh regress/cert-userkey.sh]
     tests for ECDSA certificates
 2010-10-21 15:27:14 +11:00
Damien Miller 68512c0341 - OpenBSD CVS Sync 
- dtucker@cvs.openbsd.org 2010/10/12 02:22:24
     [mux.c]
     Typo in confirmation message.  bz#1827, patch from imorgan at nas nasa gov
 2010-10-21 15:21:11 +11:00
Damien Miller 9c0c31d2db - (djm) [sshconnect.c] Need signal.h for prototype for kill(2) 2010-10-12 13:30:44 +11:00
Damien Miller 47e57bfab4 - (djm) [canohost.c] Zero a4 instead of addr to better match type. 
bz#1825, reported by foo AT mailinator.com
 2010-10-12 13:28:12 +11:00
Damien Miller 1f78980099 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from 
dr AT vasco.com
 2010-10-11 22:35:22 +11:00
Damien Miller 88b844f19b - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp 2010-10-07 22:19:23 +11:00
Damien Miller 80e9953938 - (djm) [cipher-acss.c] Add missing header. 2010-10-07 22:12:08 +11:00
Damien Miller 37f4f1892f - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code. 2010-10-07 22:10:38 +11:00
Damien Miller 45fcdaa1cf - djm@cvs.openbsd.org 2010/10/06 21:10:21 
[sshconnect.c]
     swapped args to kill(2)
 2010-10-07 22:07:58 +11:00
Damien Miller a41ccca643 - djm@cvs.openbsd.org 2010/10/06 06:39:28 
[clientloop.c ssh.c sshconnect.c sshconnect.h]
     kill proxy command on fatal() (we already kill it on clean exit);
     ok markus@
 2010-10-07 22:07:32 +11:00
Damien Miller 38d9a965bf - djm@cvs.openbsd.org 2010/10/05 05:13:18 
[sftp.c sshconnect.c]
     use default shell /bin/sh if $SHELL is ""; ok markus@
 2010-10-07 22:07:11 +11:00
Damien Miller 9a3d0dc062 - djm@cvs.openbsd.org 2010/10/01 23:05:32 
[cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
     adapt to API changes in openssl-1.0.0a
     NB. contains compat code to select correct API for older OpenSSL
 2010-10-07 22:06:42 +11:00
Damien Miller 195dbaff7a - (djm) [ssh-agent.c] Fix type for curve name. 2010-10-07 22:05:11 +11:00
Damien Miller 2738361878 sadly, two typos on one line is not my best record 2010-10-07 22:00:24 +11:00
Damien Miller faca8ccd4d unbreak previous 2010-10-07 21:59:40 +11:00
Damien Miller c54b02c4eb - djm@cvs.openbsd.org 2010/09/30 11:04:51 
[servconf.c]
     prevent free() of string in .rodata when overriding AuthorizedKeys in
     a Match block; patch from rein AT basefarm.no
 2010-10-07 21:40:17 +11:00
Damien Miller 68e2e56ea9 - djm@cvs.openbsd.org 2010/09/26 22:26:33 
[sftp.c]
     when performing an "ls" in columnated (short) mode, only call
     ioctl(TIOCGWINSZ) once to get the window width instead of per-
     filename
 2010-10-07 21:39:55 +11:00
Damien Miller a6e121aaa0 - djm@cvs.openbsd.org 2010/09/25 09:30:16 
[sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
     make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
     rountrips to fetch per-file stat(2) information.
     NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
     match.
 2010-10-07 21:39:17 +11:00
Damien Miller aa18063baf - matthew@cvs.openbsd.org 2010/09/24 13:33:00 
[misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
     [openbsd-compat/timingsafe_bcmp.c]
     Add timingsafe_bcmp(3) to libc, mention that it's already in the
     kernel in kern(9), and remove it from OpenSSH.
     ok deraadt@, djm@
     NB. re-added under openbsd-compat/ for portable OpenSSH
 2010-10-07 21:25:27 +11:00
Damien Miller 2beb32f290 - jmc@cvs.openbsd.org 2010/09/23 13:36:46 
[scp.1 sftp.1]
     add KexAlgorithms to the -o list;
 2010-09-24 22:16:03 +10:00
Damien Miller 56883e194f - jmc@cvs.openbsd.org 2010/09/23 13:34:43 
[sftp.c]
     add [-l limit] to usage();
 2010-09-24 22:15:39 +10:00
Damien Miller 65e42f87fe - djm@cvs.openbsd.org 2010/09/22 22:58:51 
[atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@
 2010-09-24 22:15:11 +10:00
Damien Miller 7fe2b1fec3 - jmc@cvs.openbsd.org 2010/09/22 08:30:08 
[ssh.1 ssh_config.5]
     ssh.1: add kexalgorithms to the -o list
     ssh_config.5: format the kexalgorithms in a more consistent
     (prettier!) way
     ok djm
 2010-09-24 22:11:53 +10:00
Damien Miller d5f62bf280 - djm@cvs.openbsd.org 2010/09/22 05:01:30 
[kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
     [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
     add a KexAlgorithms knob to the client and server configuration to allow
     selection of which key exchange methods are used by ssh(1) and sshd(8)
     and their order of preference.
     ok markus@
 2010-09-24 22:11:14 +10:00
Damien Miller 603134e077 - djm@cvs.openbsd.org 2010/09/20 07:19:27 
[mux.c]
     "atomically" create the listening mux socket by binding it on a temorary
     name and then linking it into position after listen() has succeeded.
     this allows the mux clients to determine that the server socket is
     either ready or stale without races. stale server sockets are now
     automatically removed
     ok deraadt
 2010-09-24 22:07:55 +10:00
Damien Miller 18e1cab1a1 - djm@cvs.openbsd.org 2010/09/20 04:54:07 
[jpake.c]
     missing #include
 2010-09-24 22:07:17 +10:00