03890e44cd
- (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug
...
#1102 workaround.
2006-06-24 16:58:45 +10:00
0249f93c4d
- (dtucker) [configure.ac] Bug #1193 : Define PASSWD_NEEDS_USERNAME on Solaris.
...
Works around limitation in Solaris' passwd program for changing passwords
where the username is longer than 8 characters. ok djm@
2006-06-24 12:10:07 +10:00
9afe115f0a
- (dtucker) [channels.c configure.ac serverloop.c] Bug #1102 : Around AIX
...
4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
on the pty slave as zero-length reads on the pty master, which sshd
interprets as the descriptor closing. Since most things don't do zero
length writes this rarely matters, but occasionally it happens, and when
it does the SSH pty session appears to hang, so we add a special case for
this condition. ok djm@
2006-06-23 21:24:12 +10:00
3eb4834489
- (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
...
tunnel support for Mac OS X/Darwin via a third-party tun driver. Patch
from reyk@, tested by anil@
2006-06-23 21:05:12 +10:00
643460803f
- (djm) [getput.h] This file has been replaced by functions in misc.c
2006-06-13 13:15:54 +10:00
a6680a4e35
- djm@cvs.openbsd.org 2006/06/13 01:18:36
...
[ssh-agent.c]
always use a format string, even when printing a constant
- djm@cvs.openbsd.org 2006/06/13 02:17:07
[ssh-agent.c]
revert; i am on drugs. spotted by alexander AT beard.se
2006-06-13 13:10:18 +10:00
2e5fe88ebe
- markus@cvs.openbsd.org 2006/06/08 14:45:49
...
[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
do not set the gid, noted by solar; ok djm
2006-06-13 13:10:00 +10:00
6b4069ad56
- markus@cvs.openbsd.org 2006/06/06 10:20:20
...
[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
replace remaining setuid() calls with permanently_set_uid() and
check seteuid() return values; report Marcus Meissner; ok dtucker djm
2006-06-13 13:05:15 +10:00
eb13e556e5
- markus@cvs.openbsd.org 2006/06/01 09:21:48
...
[sshd.c]
call get_remote_ipaddr() early; fixes logging after client disconnects;
report mpf@; ok dtucker@
2006-06-13 13:03:53 +10:00
7b1e757b28
- mk@cvs.openbsd.org 2006/05/30 11:46:38
...
[ssh-add.c]
Sync usage() with man page and reality.
ok deraadt dtucker
2006-06-13 13:03:34 +10:00
fbc94c857a
- jmc@cvs.openbsd.org 2006/05/29 16:13:23
...
[ssh.1]
add GSSAPI to the list of authentication methods supported;
2006-06-13 13:03:16 +10:00
3c6ed7bbd5
- jmc@cvs.openbsd.org 2006/05/29 16:10:03
...
[ssh_config.5]
oops - previous was too long; split the list of auths up
2006-06-13 13:01:41 +10:00
81a38928eb
- dtucker@cvs.openbsd.org 2006/05/29 12:56:33
...
[ssh_config]
Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in sample
ssh_config. ok markus@
2006-06-13 13:01:09 +10:00
658f945538
- dtucker@cvs.openbsd.org 2006/05/29 12:54:08
...
[ssh_config.5]
Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
2006-06-13 13:00:55 +10:00
ad6b14d274
- miod@cvs.openbsd.org 2006/05/18 21:27:25
...
[kexdhc.c kexgexc.c]
paramter -> parameter
2006-06-13 13:00:41 +10:00
40b5985fe0
- markus@cvs.openbsd.org 2006/05/17 12:43:34
...
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
24fd8ddd61
- markus@cvs.openbsd.org 2006/05/16 09:00:00
...
[clientloop.c]
missing free; from Kylene Hall
2006-06-13 13:00:09 +10:00
e250a94e69
- djm@cvs.openbsd.org 2006/05/08 10:49:48
...
[sshconnect2.c]
uint32_t -> u_int32_t (which we use everywhere else)
(Id sync only - portable already had this)
2006-06-13 12:59:53 +10:00
f14b2aa672
- (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
...
and slave, we can remove the special-case handling in the audit hook in
auth_log.
2006-05-21 18:26:40 +10:00
f58b29d515
- (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file
...
pointer leak. From kjhall at us.ibm.com, found by coverity.
2006-05-17 22:24:56 +10:00
73373877db
typo
2006-05-15 17:24:25 +10:00
2c77b7f1c1
- (dtucker) [auth-pam.c] Bug #1188 : pass result of do_pam_account back and
...
do not allow kbdint again after the PAM account check fails. ok djm@
2006-05-15 17:22:33 +10:00
cefd8bb36d
- (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative
...
default. Patch originally from tim@, ok djm
2006-05-15 17:17:29 +10:00
13c539a4dc
- (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of
...
_res, prevents problems on some platforms that have _res as a global but
don't have getrrsetbyname(), eg IRIX 5.3. Found and tested by
georg.schwarz at freenet.de, ok djm@.
2006-05-15 17:15:56 +10:00
43ff44e7db
- dtucker@cvs.openbsd.org 2006/05/06 08:35:40
...
[auth-krb5.c]
Add $OpenBSD$ in comment here too
2006-05-06 18:40:53 +10:00
f779f672eb
- djm@cvs.openbsd.org 2006/04/01 05:37:46
...
[OVERVIEW]
$OpenBSD$ in here too
2006-05-06 17:48:48 +10:00
31cde6828d
- djm@cvs.openbsd.org 2006/05/04 14:55:23
...
[dh.c]
tighter DH exponent checks here too; feedback and ok markus@
2006-05-06 17:43:33 +10:00
232b76f9f8
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
...
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186 , ok djm@
2006-05-06 17:41:51 +10:00
d8093e49bf
- (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
...
session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
in Portable-only code; since calloc zeros, remove now-redundant memsets.
Also add a couple of sanity checks. With & ok djm@
2006-05-04 16:24:34 +10:00
596d33801f
- (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
...
and double including it on IRIX 5.3 causes problems. From Georg Schwarz,
"no objections" tim@
2006-05-03 19:01:09 +10:00
7b50b2030b
missing file
2006-04-23 12:31:27 +10:00
2bdd1c117c
- (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
...
sig_atomic_t
2006-04-23 12:28:53 +10:00
08d4b0ca5d
- stevesk@cvs.openbsd.org 2006/04/22 18:29:33
...
[crc32.c]
remove extra spaces
2006-04-23 12:12:24 +10:00
2282c6e305
- djm@cvs.openbsd.org 2006/04/22 04:06:51
...
[uidswap.c]
use setres[ug]id() to permanently revoke privileges; ok deraadt@
(ID Sync only - portable already uses setres[ug]id() whenever possible)
2006-04-23 12:11:57 +10:00
525a0b090f
- djm@cvs.openbsd.org 2006/04/20 21:53:44
...
[includes.h session.c sftp.c]
Switch from using pipes to socketpairs for communication between
sftp/scp and ssh, and between sshd and its subprocesses. This saves
a file descriptor per session and apparently makes userland ppp over
ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this
decision on a per-platform basis)
2006-04-23 12:10:49 +10:00
56e5e6ad11
- markus@cvs.openbsd.org 2006/04/20 09:47:59
...
[sshconnect.c]
simplify; ok djm@
2006-04-23 12:08:59 +10:00
97c91f688f
- djm@cvs.openbsd.org 2006/04/20 09:27:09
...
[auth.h clientloop.c dispatch.c dispatch.h kex.h]
replace the last non-sig_atomic_t flag used in a signal handler with a
sig_atomic_t, unfortunately with some knock-on effects in other (non-
signal) contexts in which it is used; ok markus@
2006-04-23 12:08:37 +10:00
58629fad82
- dtucker@cvs.openbsd.org 2006/04/18 10:44:28
...
[bufaux.c bufbn.c]
Move Buffer bignum functions into their own file, bufbn.c. This means
that sftp and sftp-server (which use the Buffer functions in bufaux.c
but not the bignum ones) no longer need to be linked with libcrypto.
ok markus@
2006-04-23 12:08:19 +10:00
b5ea7e7c03
- djm@cvs.openbsd.org 2006/04/16 07:59:00
...
[atomicio.c]
reorder sanity test so that it cannot dereference past the end of the
iov array; well spotted canacar@!
2006-04-23 12:06:49 +10:00
58ca98bfe1
- djm@cvs.openbsd.org 2006/04/16 00:54:10
...
[sftp-client.c]
avoid making a tiny 4-byte write to send the packet length of sftp
commands, which would result in a separate tiny packet on the wire by
using atomiciov(writev, ...) to write the length and the command in one
pass; ok deraadt@
2006-04-23 12:06:35 +10:00
6aa139c41f
- djm@cvs.openbsd.org 2006/04/16 00:52:55
...
[atomicio.c atomicio.h]
introduce atomiciov() function that wraps readv/writev to retry
interrupted transfers like atomicio() does for read/write;
feedback deraadt@ dtucker@ stevesk@ ok deraadt@
2006-04-23 12:06:20 +10:00
499a0d5ada
- djm@cvs.openbsd.org 2006/04/16 00:48:52
...
[buffer.c buffer.h channels.c]
Fix condition where we could exit with a fatal error when an input
buffer became too large and the remote end had advertised a big window.
The problem was a mismatch in the backoff math between the channels code
and the buffer code, so make a buffer_check_alloc() function that the
channels code can use to propsectivly check whether an incremental
allocation will succeed. bz #1131 , debugged with the assistance of
cove AT wildpackets.com; ok dtucker@ deraadt@
2006-04-23 12:06:03 +10:00
63e437f053
- djm@cvs.openbsd.org 2006/04/03 07:10:38
...
[gss-genr.c]
GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
by dleonard AT vintela.com. use xasprintf() to simplify code while in
there; "looks right" deraadt@
2006-04-23 12:05:46 +10:00
603e68f1a2
- dtucker@cvs.openbsd.org 2006/04/02 08:34:52
...
[ssh-keysign.c]
sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
2006-04-23 12:05:32 +10:00
7a656f7922
- djm@cvs.openbsd.org 2006/04/01 05:50:29
...
[scp.c]
xasprintification; ok deraadt@
2006-04-23 12:04:46 +10:00
07aa132a5e
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/04/01 05:42:20
[scp.c]
minimal lint cleanup (unused crud, and some size_t); ok djm
2006-04-23 12:04:27 +10:00
73b42d2bb0
- (djm) [Makefile.in configure.ac session.c sshpty.c]
...
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
[openbsd-compat/port-linux.h] Add support for SELinux, setting
the execution and TTY contexts. based on patch from Daniel Walsh,
bz #880 ; ok dtucker@
2006-04-22 21:26:08 +10:00
2eaf37d899
- (djm) Reorder IP options check so that it isn't broken by
...
mapped addresses; bz #1179 reported by markw wtech-llc.com;
ok dtucker@
2006-04-18 15:13:16 +10:00
dfc6183f13
- djm@cvs.openbsd.org 2006/03/31 09:13:56
...
[ssh_config.5]
remote user escape is %r not %h; spotted by jmc@
2006-03-31 23:14:57 +11:00
c6437cf00a
- jmc@cvs.openbsd.org 2006/03/31 09:09:30
...
[ssh_config.5]
kill trailing whitespace;
2006-03-31 23:14:41 +11:00
7a8f5b330d
- dtucker@cvs.openbsd.org 2006/03/30 11:40:21
...
[auth.c monitor.c]
Prevent duplicate log messages when privsep=yes; ok djm@
2006-03-31 23:14:23 +11:00
e23209f434
- dtucker@cvs.openbsd.org 2006/03/30 11:05:17
...
[ssh-keygen.c]
Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
6b1d53c2b0
- djm@cvs.openbsd.org 2006/03/30 10:41:25
...
[ssh.c ssh_config.5]
add percent escape chars to the IdentityFile option, bz #1159 based
on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
3f9418893e
- djm@cvs.openbsd.org 2006/03/30 09:58:16
...
[authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
[monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
replace {GET,PUT}_XXBIT macros with functionally similar functions,
silencing a heap of lint warnings. also allows them to use
__bounded__ checking which can't be applied to macros; requested
by and feedback from deraadt@
2006-03-31 23:13:02 +11:00
d79b424e8a
- djm@cvs.openbsd.org 2006/03/30 09:41:25
...
[channels.c]
ARGSUSED for dispatch table-driven functions
2006-03-31 23:11:44 +11:00
89c3fe4a9e
- deraadt@cvs.openbsd.org 2006/03/28 01:53:43
...
[ssh-agent.c]
use strtonum() to parse the pid from the file, and range check it
better; ok djm
2006-03-31 23:11:28 +11:00
57c4e875f8
- deraadt@cvs.openbsd.org 2006/03/28 01:52:28
...
[channels.c]
do not accept unreasonable X ports numbers; ok djm
2006-03-31 23:11:07 +11:00
ddd63ab1d0
- deraadt@cvs.openbsd.org 2006/03/28 00:12:31
...
[README.tun ssh.c]
spacing
2006-03-31 23:10:51 +11:00
2b5a0de903
- djm@cvs.openbsd.org 2006/03/27 23:15:46
...
[sftp.c]
always use a format string for addargs; spotted by mouring@
2006-03-31 23:10:31 +11:00
5a73c1a34d
- deraadt@cvs.openbsd.org 2006/03/27 13:03:54
...
[dh.c]
use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
2006-03-31 23:09:41 +11:00
da380becc6
- OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/03/27 01:21:18
[xmalloc.c]
we can do the size & nmemb check before the integer overflow check;
evol
2006-03-31 23:09:17 +11:00
b3cdc220c4
- deraadt@cvs.openbsd.org 2006/03/26 01:31:48
...
[uuencode.c]
typo
2006-03-26 14:30:33 +11:00
51096383e9
- djm@cvs.openbsd.org 2006/03/25 22:22:43
...
[atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
[bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
[compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
[dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
[gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
[misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
[myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
[scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
[ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
[ttymodes.h uidswap.h uuencode.h xmalloc.h]
standardise spacing in $OpenBSD$ tags; requested by deraadt@
2006-03-26 14:30:00 +11:00
e3b21a5f59
- deraadt@cvs.openbsd.org 2006/03/25 18:58:10
...
[channels.c]
delete cast not required
2006-03-26 14:29:06 +11:00
a0fdce9a47
- deraadt@cvs.openbsd.org 2006/03/25 18:56:55
...
[bufaux.c channels.c packet.c]
remove (char *) casts to a function that accepts void * for the arg
2006-03-26 14:28:50 +11:00
08d61505d7
- deraadt@cvs.openbsd.org 2006/03/25 18:43:30
...
[channels.c]
use strtonum() instead of atoi() [limit X screens to 400, sorry]
2006-03-26 14:28:32 +11:00
1c13bd8d79
- deraadt@cvs.openbsd.org 2006/03/25 18:41:45
...
[ssh-agent.c]
mark two more signal handlers ARGSUSED
2006-03-26 14:28:14 +11:00
5f340065fc
- deraadt@cvs.openbsd.org 2006/03/25 18:40:14
...
[ssh-keygen.c]
cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
a1690d08b4
- deraadt@cvs.openbsd.org 2006/03/25 18:36:15
...
[sshlogin.c sshlogin.h]
nicer size_t and time_t types
2006-03-26 14:27:35 +11:00
90fdfaf69c
- deraadt@cvs.openbsd.org 2006/03/25 18:30:55
...
[clientloop.c serverloop.c]
spacing
2006-03-26 14:25:37 +11:00
8ba29fe72d
- deraadt@cvs.openbsd.org 2006/03/25 18:29:35
...
[auth-rsa.c authfd.c packet.c]
needed casts (always will be needed)
2006-03-26 14:25:19 +11:00
48c4ed2b78
oops, rewrap
2006-03-26 14:25:05 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
55b04f1d77
- djm@cvs.openbsd.org 2006/03/25 01:30:23
...
[sftp.c]
"abormally" is a perfectly cromulent word, but "abnormally" is better
2006-03-26 14:23:17 +11:00
36812092ec
- djm@cvs.openbsd.org 2006/03/25 01:13:23
...
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
[sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
[uidswap.c]
change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
to xrealloc(p, new_nmemb, new_itemsize).
realloc is particularly prone to integer overflows because it is
almost always allocating "n * size" bytes, so this is a far safer
API; ok deraadt@
2006-03-26 14:22:47 +11:00
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
a5a2859275
- deraadt@cvs.openbsd.org 2006/03/20 21:11:53
...
[ttymodes.c]
spacing
2006-03-26 14:10:34 +11:00
4f7becb44f
- deraadt@cvs.openbsd.org 2006/03/20 18:48:34
...
[channels.c fatal.c kex.c packet.c serverloop.c]
spacing
2006-03-26 14:10:14 +11:00
1d2b6706ba
- deraadt@cvs.openbsd.org 2006/03/20 18:42:27
...
[canohost.c match.c ssh.c sshconnect.c]
be strict with tolower() casting
2006-03-26 14:09:54 +11:00
1ff7c642ee
- deraadt@cvs.openbsd.org 2006/03/20 18:41:43
...
[dns.c]
cast xstrdup to propert u_char *
2006-03-26 14:09:09 +11:00
4ae97f1885
- deraadt@cvs.openbsd.org 2006/03/20 18:35:12
...
[channels.c]
x11_fake_data is only ever used as u_char *
2006-03-26 14:08:10 +11:00
9f3bd53acd
- deraadt@cvs.openbsd.org 2006/03/20 18:27:50
...
[monitor.c]
spacing
2006-03-26 14:07:52 +11:00
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
91d4b12fcb
- deraadt@cvs.openbsd.org 2006/03/20 18:17:20
...
[auth1.c auth2.c sshd.c]
sprinkle some ARGSUSED for table driven functions (which sometimes
must ignore their args)
2006-03-26 14:05:20 +11:00
1b81a49f86
rewrap
2006-03-26 14:05:02 +11:00
71a7367130
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
6d39bcf898
- deraadt@cvs.openbsd.org 2006/03/20 17:17:23
...
[ssh-rsa.c]
in a switch (), break after return or goto is stupid
2006-03-26 14:03:21 +11:00
bbaad7772a
- deraadt@cvs.openbsd.org 2006/03/20 17:13:16
...
[key.c]
djm did a typo
2006-03-26 14:03:03 +11:00
69b7203e6f
- deraadt@cvs.openbsd.org 2006/03/20 17:10:19
...
[auth.c key.c misc.c packet.c ssh-add.c]
in a switch (), break after return or goto is stupid
2006-03-26 14:02:35 +11:00
429fcc23db
- djm@cvs.openbsd.org 2006/03/20 11:38:46
...
[key.c]
(really) last of the Coverity diffs: avoid possible NULL deref in
key_free. via elad AT netbsd.org; markus@ ok
2006-03-26 14:02:16 +11:00
96937bd914
- djm@cvs.openbsd.org 2006/03/20 04:09:44
...
[monitor.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
that should be all of them now
2006-03-26 14:01:54 +11:00
3305f5591f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:09
...
[authfile.c]
whoever thought that break after return was a good idea needs to
get their head examimed
2006-03-26 14:00:31 +11:00
4662d3492f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:30
...
[ssh.c]
spacing
2006-03-26 13:59:59 +11:00
3bbaba6075
- deraadt@cvs.openbsd.org 2006/03/19 18:59:49
...
[ssh-keyscan.c]
please lint
2006-03-26 13:59:38 +11:00
f0b15dfc52
- deraadt@cvs.openbsd.org 2006/03/19 18:56:41
...
[clientloop.c progressmeter.c serverloop.c sshd.c]
ARGSUSED for signal handlers
2006-03-26 13:59:20 +11:00
c91e556d8a
- deraadt@cvs.openbsd.org 2006/03/19 18:53:12
...
[kex.c kex.h monitor.c myproposal.h session.c]
spacing
2006-03-26 13:58:55 +11:00
d62f2ca376
- deraadt@cvs.openbsd.org 2006/03/19 18:52:11
...
[auth1.c authfd.c channels.c]
spacing
2006-03-26 13:57:41 +11:00
78f16cb07b
- dtucker@cvs.openbsd.org 2006/03/19 11:51:52
...
[servconf.c]
Correct strdelim null test; ok djm@
2006-03-26 13:54:37 +11:00
5790b5910b
- djm@cvs.openbsd.org 2006/03/19 07:41:30
...
[sshconnect2.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
2006-03-26 13:54:03 +11:00
928b23684a
- djm@cvs.openbsd.org 2006/03/19 02:24:05
...
[dh.c readconf.c servconf.c]
potential NULL pointer dereferences detected by Coverity
via elad AT netbsd.org; ok deraadt@
2006-03-26 13:53:32 +11:00
6db780e259
- djm@cvs.openbsd.org 2006/03/19 02:23:26
...
[hostfile.c]
FILE* leak detected by Coverity via elad AT netbsd.org;
ok deraadt@
2006-03-26 13:52:20 +11:00
e0b90a6766
- djm@cvs.openbsd.org 2006/03/19 02:22:56
...
[sftp.c]
more memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
2006-03-26 13:51:44 +11:00
6f98a1fea7
- djm@cvs.openbsd.org 2006/03/19 02:22:32
...
[serverloop.c]
memory leaks detected by Coverity via elad AT netbsd.org;
ok deraadt@ dtucker@
2006-03-26 13:51:08 +11:00
304a940889
- djm@cvs.openbsd.org 2006/03/17 22:31:11
...
[authfd.c]
unreachanble statement, found by lint
2006-03-26 13:50:37 +11:00
5b83232b48
- djm@cvs.openbsd.org 2006/03/17 22:31:50
...
[authfd.c]
another unreachable found by lint
2006-03-26 13:50:14 +11:00
745570cd79
- biorn@cvs.openbsd.org 2006/03/16 10:31:45
...
[scp.c]
Try to display errormessage even if remout == -1
ok djm@, markus@
2006-03-26 13:49:43 +11:00
cb314828eb
- OpenBSD CVS Sync
...
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
[ssh-keygen.c]
if no key file are given when printing the DNS host record, use the
host key file(s) as default. ok djm@
2006-03-26 13:48:01 +11:00
2dbbf8e9fc
[deattack.c deattack.h]
...
remove IV support from the CRC attack detector, OpenSSH has never used
it - it only applied to IDEA-CFB, which we don't support.
prompted by NetBSD Coverity report via elad AT netbsd.org;
feedback markus@ "nuke it" deraadt@
2006-03-26 00:11:46 +11:00
a1b3d636ab
- jakob@cvs.openbsd.org 2006/03/22 21:16:24
...
[ssh.1]
simplify SSHFP example; ok jmc@
2006-03-26 00:07:02 +11:00
5996294a95
- deraadt@cvs.openbsd.org 2006/03/20 18:41:43
...
[dns.c]
cast xstrdup to propert u_char *
2006-03-26 00:06:48 +11:00
1345e617da
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[session.h]
annoying spacing fixes getting in the way of real diffs
2006-03-26 00:06:32 +11:00
ed3986a004
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[monitor_wrap.h sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 00:06:14 +11:00
91a2d9746a
- djm@cvs.openbsd.org 2006/03/20 04:08:18
...
[gss-serv.c]
last lot of GSSAPI related leaks detected by Coverity via
elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:05:44 +11:00
a66cf68dd7
- djm@cvs.openbsd.org 2006/03/20 04:07:49
...
[gss-genr.c]
more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:05:23 +11:00
f23c09670a
- djm@cvs.openbsd.org 2006/03/20 04:07:22
...
[auth2-gss.c]
GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:04:53 +11:00
51b4f82123
- deraadt@cvs.openbsd.org 2006/03/19 18:53:12
...
[kex.h myproposal.h]
spacing
2006-03-26 00:04:32 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
3e96d74274
- djm@cvs.openbsd.org 2006/03/16 04:24:42
...
[ssh.1]
Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
that OpenSSH supports
2006-03-25 23:39:29 +11:00
9834cab32e
- (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173 : make fmtint() take
...
a LLONG rather than a long. Fixes scp'ing of large files on platforms
with missing/broken snprintfs. Patch from e.borovac at bom.gov.au.
2006-03-19 00:07:07 +11:00
66f9eb65ff
- (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
...
elad AT NetBSD.org
2006-03-18 23:04:49 +11:00
b309203ce0
- (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old
...
OpenSSL; ok tim
2006-03-16 18:22:18 +11:00
425a6886f9
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable
...
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
2006-03-15 20:17:05 -08:00
c495301bf8
- (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in
...
/usr/include/crypto. Hint from djm@.
2006-03-16 08:14:34 +11:00
d82cbcb9da
- (dtucker) [entropy.c] Add headers for WIFEXITED and friends.
2006-03-16 07:21:35 +11:00
8bb9e2c900
- (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.
2006-03-15 22:28:17 +11:00
dc6118e127
- (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs
...
sys/ioctl.h for struct winsize.
2006-03-15 22:25:54 +11:00
b0024914c9
- (djm) [includes.h] Put back paths.h, it is needed in defines.h
2006-03-15 21:48:54 +11:00
486d95e6f7
- (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE
2006-03-15 21:31:39 +11:00
4b23f7c660
- (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some
...
includes removed from includes.h
2006-03-14 22:09:50 -08:00
7a4cf232c9
- (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"
...
warnings.
2006-03-14 21:04:18 -08:00
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
34877d2e17
- (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out
...
SHA384, which we don't need and doesn't compile without tweaks
2006-03-15 14:36:55 +11:00
42fb06898e
- (djm) [ssh-agent.c] Restore dropped stat.h
2006-03-15 14:03:06 +11:00
3717cdac60
- (djm) [ssh-rand-helper.c] Needs a bunch of headers
2006-03-15 14:02:36 +11:00
a623807860
- (djm) [openbsd-compat/sha2.h] Avoid include macro clash with
...
system sha2.h
2006-03-15 14:02:01 +11:00
627725281e
- (djm) [loginrec.c] Need stat.h
2006-03-15 14:01:11 +11:00
b3b4ba3fba
- (djm) [regress/.cvsignore] Ignore Makefile here
2006-03-15 13:13:27 +11:00
41e364bcfa
- (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present
2006-03-15 13:12:41 +11:00
471e9b3ca6
- (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files
2006-03-15 13:09:18 +11:00
dcf4ca110e
- (djm) [includes.h] Restore accidentally dropped netinet/in.h
2006-03-15 13:07:48 +11:00
af87af165f
- (djm) [configure.ac defines.h kex.c md-sha256.c]
...
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
[openbsd-compat/sha2.c] First stab at portability glue for SHA256
KEX support, should work with libc SHA256 support or OpenSSL
EVP_sha256 if present
2006-03-15 13:02:28 +11:00
a63128d1a8
- djm@cvs.openbsd.org 2006/03/07 09:07:40
...
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
Implement the diffie-hellman-group-exchange-sha256 key exchange method
using the SHA256 code in libc (and wrapper to make it into an OpenSSL
EVP), interop tested against CVS PuTTY
NB. no portability bits committed yet
2006-03-15 12:08:28 +11:00
cc3e8ba3c2
- markus@cvs.openbsd.org 2006/03/14 16:32:48
...
[ssh_config.5 sshd_config.5]
*AliveCountMax applies to protcol v2 only; ok dtucker, djm
2006-03-15 12:06:55 +11:00
de85a28825
- djm@cvs.openbsd.org 2006/03/14 00:15:39
...
[canohost.c]
log the originating address and not just the name when a reverse
mapping check fails, requested by linux AT linuon.com
2006-03-15 12:06:41 +11:00
8275fade44
- dtucker@cvs.openbsd.org 2006/03/13 10:26:52
...
[authfile.c authfile.h ssh-add.c]
Make ssh-add check file permissions before attempting to load private
key files multiple times; it will fail anyway and this prevents confusing
multiple prompts and warnings. mindrot #1138 , ok djm@
2006-03-15 12:06:23 +11:00
306d118f72
- dtucker@cvs.openbsd.org 2006/03/13 10:14:29
...
[misc.c ssh_config.5 sshd_config.5]
Allow config directives to contain whitespace by surrounding them by double
quotes. mindrot #482 , man page help from jmc@, ok djm@
2006-03-15 12:05:59 +11:00
8056a9d46a
- dtucker@cvs.openbsd.org 2006/03/13 08:43:16
...
[ssh-keygen.c]
Make ssh-keygen handle CR and CRLF line termination when converting IETF
format keys, in adition to vanilla LF. mindrot #1157 , tested by Chris
Pepper, ok djm@
2006-03-15 12:05:40 +11:00
314dd4b2f3
- dtucker@cvs.openbsd.org 2006/03/13 08:33:00
...
[packet.c]
Set TCP_NODELAY for all connections not just "interactive" ones. Fixes
poor performance and protocol stalls under some network conditions (mindrot
bugs #556 and #981 ). Patch originally from markus@, ok djm@
2006-03-15 12:05:22 +11:00
b24c2f8e33
- djm@cvs.openbsd.org 2006/03/13 08:16:00
...
[sshd.c]
don't log that we are listening on a socket before the listen() call
actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@
2006-03-15 12:04:36 +11:00
2ecb6bd95d
- djm@cvs.openbsd.org 2006/03/12 04:23:07
...
[ssh.c]
knf nit
2006-03-15 12:03:53 +11:00
ec04f360eb
- djm@cvs.openbsd.org 2006/03/04 04:12:58
...
[serverloop.c]
move a debug() outside of a signal handler; ok markus@ a little while back
2006-03-15 12:01:34 +11:00
1cf76d97f9
- djm@cvs.openbsd.org 2006/02/28 01:10:21
...
[session.c]
fix logout recording when privilege separation is disabled, analysis and
patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@
NB. ID sync only - patch already in portable
2006-03-15 12:01:14 +11:00
4aea974a1d
- jmc@cvs.openbsd.org 2006/02/26 18:03:10
...
[ssh_config.5]
comma;
2006-03-15 11:59:39 +11:00
e3beba231a
- jmc@cvs.openbsd.org 2006/02/26 18:01:13
...
[sshd_config.5]
subsection is pointless here;
2006-03-15 11:59:25 +11:00
b5282c2f06
- jmc@cvs.openbsd.org 2006/02/26 17:17:18
...
[ssh_config.5]
move PATTERNS to the end of the main body; requested by dtucker
2006-03-15 11:59:08 +11:00
ac73e51390
- jmc@cvs.openbsd.org 2006/02/25 12:28:34
...
[sshd_config.5]
document the order in which allow/deny directives are processed;
help/ok dtucker
2006-03-15 11:58:49 +11:00
d450f49d4a
missed in commit message:
...
help/ok dtucker
2006-03-15 11:58:25 +11:00
9cfbaecb64
- jmc@cvs.openbsd.org 2006/02/25 12:26:17
...
[ssh_config.5]
document the possible values for KbdInteractiveDevices;
2006-03-15 11:57:55 +11:00
f4f22b54c0
- jmc@cvs.openbsd.org 2006/02/24 23:51:17
...
[sshd_config.5]
oops - bits i missed;
2006-03-15 11:57:25 +11:00
5b0d63f894
- jmc@cvs.openbsd.org 2006/02/24 23:43:57
...
[sshd_config.5]
some grammar/wording fixes;
2006-03-15 11:56:56 +11:00
45ee2b91e6
- jmc@cvs.openbsd.org 2006/02/24 23:20:07
...
[ssh_config.5]
some grammar/wording fixes;
2006-03-15 11:56:18 +11:00
208f1ed6f1
- jmc@cvs.openbsd.org 2006/02/24 20:31:31
...
[ssh.1 ssh_config.5 sshd.8 sshd_config.5]
more consistency fixes;
2006-03-15 11:56:03 +11:00
1faa713323
- jmc@cvs.openbsd.org 2006/02/24 20:22:16
...
[ssh-keysign.8 ssh_config.5 sshd_config.5]
some consistency fixes;
2006-03-15 11:55:31 +11:00
c7d5b5e466
- jmc@cvs.openbsd.org 2006/02/24 10:39:52
...
[sshd.8]
signpost to PATTERNS section;
2006-03-15 11:55:08 +11:00
f54a4b9da5
- jmc@cvs.openbsd.org 2006/02/24 10:37:07
...
[ssh_config.5]
tidy up the refs to PATTERNS;
2006-03-15 11:54:36 +11:00
0c2079d81f
- jmc@cvs.openbsd.org 2006/02/24 10:33:54
...
[sshd_config.5]
signpost to PATTERNS;
2006-03-15 11:54:21 +11:00
6def55171f
- jmc@cvs.openbsd.org 2006/02/24 10:25:14
...
[ssh_config.5]
add section on patterns;
from dtucker + myself
2006-03-15 11:54:05 +11:00
c7b06369a8
- stevesk@cvs.openbsd.org 2006/02/22 00:04:45
...
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
6ff3caddb6
oops, this commit is really:
...
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
574c41fdb3
- stevesk@cvs.openbsd.org 2006/02/20 16:36:15
...
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
5c853b531f
- jmc@cvs.openbsd.org 2006/02/19 20:12:25
...
[ssh_config.5]
add some vertical space;
2006-03-15 11:37:02 +11:00
edd0375d82
- jmc@cvs.openbsd.org 2006/02/19 20:05:00
...
[sshd.8]
grammar;
2006-03-15 11:36:45 +11:00
445121fe8d
- jmc@cvs.openbsd.org 2006/02/19 20:02:17
...
[sshd.8]
sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
2006-03-15 11:36:18 +11:00
fd725cf585
- jmc@cvs.openbsd.org 2006/02/19 19:52:10
...
[sshd.8]
move the sshrc stuff out of FILES, and into its own section:
FILES is not a good place to document how stuff works;
2006-03-15 11:35:54 +11:00
adc35b9583
- jmc@cvs.openbsd.org 2006/02/16 09:05:34
...
[sshd.8]
sync some of the FILES entries w/ ssh.1;
2006-03-15 11:35:27 +11:00
bc1936ad87
- jmc@cvs.openbsd.org 2006/02/15 16:55:33
...
[sshd.8]
remove ietf draft references; RFC list now maintained in ssh.1;
2006-03-15 11:35:05 +11:00
39a93a3305
- jmc@cvs.openbsd.org 2006/02/15 16:53:20
...
[ssh.1]
remove the IETF draft references and replace them with some updated RFCs;
2006-03-15 11:34:45 +11:00
0c8d8f68db
- david@cvs.openbsd.org 2006/02/15 05:08:24
...
[sftp-client.c]
typo in comment; ok djm@
2006-03-15 11:34:25 +11:00
d8702e865d
- jmc@cvs.openbsd.org 2006/02/13 11:27:25
...
[sshd.8]
sort FILES and use a -compact list;
2006-03-15 11:33:56 +11:00
c8f61cf199
- jmc@cvs.openbsd.org 2006/02/13 11:08:43
...
[sshd.8]
- avoid nasty line split
- `*' does not need to be escaped
2006-03-15 11:33:25 +11:00
cc00f5e259
- jmc@cvs.openbsd.org 2006/02/13 11:02:26
...
[sshd.8]
turn this into an example ssh_known_hosts file; ok djm
2006-03-15 11:33:00 +11:00
9a7f201d45
- jmc@cvs.openbsd.org 2006/02/13 10:21:25
...
[sshd.8]
small tweaks for the ssh_known_hosts section;
2006-03-15 11:32:42 +11:00
7d2ef02f1c
- jmc@cvs.openbsd.org 2006/02/13 10:16:39
...
[sshd.8]
no need to subsection the authorized_keys examples - instead, convert
this to look like an actual file. also use proto 2 keys, and use IETF
example addresses;
2006-03-15 11:32:06 +11:00
31bdc52325
- jmc@cvs.openbsd.org 2006/02/12 17:57:19
...
[sshd.8]
sort the list of options permissable w/ authorized_keys;
ok djm dtucker
2006-03-15 11:31:44 +11:00
dcfea27f1b
- jmc@cvs.openbsd.org 2006/02/12 10:52:41
...
[sshd.8]
rework the description of authorized_keys a little;
2006-03-15 11:31:22 +11:00
20c2ec48c3
- jmc@cvs.openbsd.org 2006/02/12 10:49:44
...
[ssh_config.5]
slight rewording; ok djm
2006-03-15 11:31:01 +11:00
b59d4fe8b5
- djm@cvs.openbsd.org 2006/02/12 10:44:18
...
[readconf.c]
raise error when the user specifies a RekeyLimit that is smaller than 16
(the smallest of our cipher's blocksize) or big enough to cause integer
wraparound; ok & feedback dtucker@
2006-03-15 11:30:38 +11:00
3ec54c7e58
- djm@cvs.openbsd.org 2006/02/12 06:45:34
...
[ssh.c ssh_config.5]
add a %l expansion code to the ControlPath, which is filled in with the
local hostname at runtime. Requested by henning@ to avoid some problems
with /home on NFS; ok dtucker@
2006-03-15 11:30:13 +11:00
3fd019ecca
- otto@cvs.openbsd.org 2006/02/11 19:31:18
...
[atomicio.c]
type correctness; from Ray Lai in PR 5011; ok millert@
2006-03-15 11:29:51 +11:00
9cf6d077fb
- stevesk@cvs.openbsd.org 2006/02/10 01:44:27
...
[includes.h monitor.c readpass.c scp.c serverloop.c session.c^?]
[sftp.c sshconnect.c sshconnect2.c sshd.c]
move #include <sys/wait.h> out of includes.h; ok markus@
2006-03-15 11:29:24 +11:00
17e91c0fb0
- stevesk@cvs.openbsd.org 2006/02/10 00:27:13
...
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
[ssh.c sshd.c sshpty.c]
move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
c47d7e9e19
- jmc@cvs.openbsd.org 2006/02/09 10:10:47
...
[sshd.8]
- move some text into a CAVEATS section
- merge the COMMAND EXECUTION... section into AUTHENTICATION
2006-03-15 11:27:20 +11:00
1d90540534
- stevesk@cvs.openbsd.org 2006/02/09 00:32:07
...
[includes.h]
#include <sys/endian.h> not needed; ok djm@
NB. ID Sync only - we still need this (but it may move later)
2006-03-15 11:26:55 +11:00
88f254b9a5
- stevesk@cvs.openbsd.org 2006/02/08 23:51:24
...
[includes.h scp.c sftp-glob.c sftp-server.c]
move #include <dirent.h> out of includes.h; ok markus@
2006-03-15 11:25:13 +11:00
68f8e992bf
- stevesk@cvs.openbsd.org 2006/02/08 14:38:18
...
[includes.h packet.c]
move #include <netinet/in_systm.h> and <netinet/ip.h> out of
includes.h; ok markus@
2006-03-15 11:24:12 +11:00
cd4223c245
- stevesk@cvs.openbsd.org 2006/02/08 14:31:30
...
[includes.h ssh-agent.c ssh-keyscan.c ssh.c]
move #include <sys/resource.h> out of includes.h; ok markus@
2006-03-15 11:22:47 +11:00
52ab084755
- stevesk@cvs.openbsd.org 2006/02/08 14:16:59
...
[sshconnect.c]
<openssl/bn.h> not needed
2006-03-15 11:20:46 +11:00
0b70b54abc
- stevesk@cvs.openbsd.org 2006/02/08 13:15:44
...
[gss-serv.c monitor.c]
small KNF
2006-03-15 11:20:03 +11:00
3a4051e88b
- stevesk@cvs.openbsd.org 2006/02/08 12:32:49
...
[includes.h misc.c]
move #include <netinet/tcp.h> out of includes.h; ok markus@
2006-03-15 11:19:42 +11:00
03e2003a23
- stevesk@cvs.openbsd.org 2006/02/08 12:15:27
...
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
[session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
[sshd.c sshpty.c]
move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
de6dd0a35f
- stevesk@cvs.openbsd.org 2006/02/07 03:59:20
...
[deattack.c]
duplicate #include
2006-03-15 11:12:38 +11:00
5d77105527
- stevesk@cvs.openbsd.org 2006/02/07 03:47:05
...
[hostfile.c]
"packet.h" not needed
2006-03-15 11:12:13 +11:00
972c84b800
- stevesk@cvs.openbsd.org 2006/02/07 01:52:50
...
[sshtty.c]
"log.h" not needed
2006-03-15 11:11:56 +11:00
99bd21e3fe
- stevesk@cvs.openbsd.org 2006/02/07 01:42:00
...
[channels.c clientloop.c clientloop.h includes.h packet.h]
[serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
move #include <termios.h> out of includes.h; ok markus@
2006-03-15 11:11:28 +11:00
2eb6340ddd
- stevesk@cvs.openbsd.org 2006/02/07 01:18:09
...
[includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
move #include <sys/queue.h> out of includes.h; ok markus@
2006-03-15 11:09:42 +11:00
015cd79ac5
- stevesk@cvs.openbsd.org 2006/02/07 01:08:04
...
[auth-rhosts.c includes.h]
move #include <netgroup.h> out of includes.h; ok markus@
2006-03-15 11:08:02 +11:00
e93eaaa0d1
- jmc@cvs.openbsd.org 2006/02/06 21:44:47
...
[ssh.1]
make this a little less ambiguous...
2006-03-15 11:05:59 +11:00
9f67a21de6
- msf@cvs.openbsd.org 2006/02/06 15:54:07
...
[ssh.1]
- typo fix
ok jmc@
2006-03-15 11:05:35 +11:00
d1450dbe2a
- (dtucker) [configure.ac] Bug #1171 : Don't use printf("%lld", longlong)
...
since not all platforms support it. Instead, use internal equivalent while
computing LLONG_MIN and LLONG_MAX. Remove special case for alpha-dec-osf*
as it's no longer required. Tested by Bernhard Simon, ok djm@
2006-03-13 19:06:51 +11:00
f35014af79
typo
2006-03-04 09:00:19 +11:00
890909ec48
- (dtucker) [gss-serv-krb5.c] Bug #1166 : Correct #ifdefs for gssapi_krb5.h
...
includes. Patch from gentoo.riverrat at gmail.com.
2006-03-04 08:59:39 +11:00
18614c254d
- (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
...
file rather than directory, required as Cygwin will be importing lastlog(1).
Also tightens up permissions on the file. Patch from vinschen@redhat.com .
2006-03-04 08:50:31 +11:00
54b75fe742
- (dtucker) [configure.ac] Bug #1156 : QNX apparently needs SSHD_ACQUIRES_CTTY
...
patch from kraai at ftbfs.org.
2006-02-26 12:31:48 +11:00
a4904f7bf1
- (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
...
reality. Pointed out by tryponraj at gmail.com.
2006-02-23 21:35:30 +11:00
94413cf32b
- (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
...
compile in compat code if required.
2006-02-22 22:24:47 +11:00
3322e0d421
- (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
...
redefinition of SSLeay_add_all_algorithms.
2006-02-22 00:00:27 +11:00
fabdb6c290
- (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
...
Add optional enabling of OpenSSL's (hardware) Engine support, via
configure --with-ssl-engine. Based in part on a diff by michal at
logix.cz.
2006-02-20 20:17:35 +11:00
4881c371ce
- (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
...
Add first attempt at regress tests for compat library. ok djm@
2006-02-19 22:50:20 +11:00
bf209f5901
- (tim) [buildpkg.sh.in] Make the names consistent.
...
s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@
2006-02-13 12:46:44 -08:00
6163350eb9
- (dtucker) [README version.h contrib/caldera/openssh.spec
...
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
strings to match 4.3p2 release.
2006-02-12 16:48:56 +11:00
2f993465d4
- (tim) [configure.ac] Bug #1149 . Disable /etc/default/login check for QNX.
2006-02-11 18:37:48 -08:00
84af61555a
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
...
to silence compiler warning, from vinschen at redhat.com.
2006-02-12 11:59:08 +11:00
988b3fd161
- (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
...
-> NEED_SETPGRP), reported by Berhard Simon. ok tim@
2006-02-08 22:11:27 +11:00
83d2f5fedf
- (tim) [session.c] Logout records were not updated on systems with
...
post auth privsep disabled due to bug 1086 changes. Analysis and patch
by vinschen at redhat.com. OK tim@, dtucker@.
2006-02-07 15:17:44 -08:00
ac9b0609e1
- (tim) [configure.ac] Remove unnecessary tests for net/if.h and
...
netinet/in_systm.h. OK dtucker@.
2006-02-05 11:27:10 -08:00
70335a6b5f
- (tim) [configure.ac] Bug #1149 . Changes in QNX section only. Patch by
...
kraai at ftbfs.org.
2006-02-04 17:42:58 -08:00
0daad78fab
- (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
...
for Solaris. OK dtucker@.
2006-02-04 17:33:55 -08:00
fd80ddcb23
- (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
...
AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
by a platform specific check, builtin standard includes tests will be
skipped on the other platforms.
Analysis and suggestion by vinschen at redhat.com, patch by dtucker@.
OK tim@, djm@.
2006-02-02 19:11:56 -08:00
cc7c212830
- (dtucker) [configure.ac] Bug #1148 : Fix "crippled AES" test so that it
...
works with picky compilers. Patch from alex.kiernan at thus.net.
2006-02-02 18:44:19 +11:00
bfd52192f3
- (djm) Release OpenSSH 4.3p1
2006-02-01 22:32:17 +11:00
c79824bbab
- markus@cvs.openbsd.org 2006/02/01 11:27:22
...
[version.h]
openssh 4.3
2006-02-01 22:27:31 +11:00
0d689568a4
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] Update versions ahead of release
2006-02-01 22:10:47 +11:00
2ac05779f7
- jmc@cvs.openbsd.org 2006/02/01 09:11:41
...
[sshd.8]
small tweak;
2006-02-01 22:05:42 +11:00
8bbdf90f33
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/02/01 09:06:50
[sshd.8]
- merge sections on protocols 1 and 2 into a single section
- remove configuration file section
ok markus
2006-02-01 22:05:25 +11:00
e682cb0780
- (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to
...
determine the user's login name - needed for regress tests on Solaris
10 and OpenSolaris
2006-02-01 11:21:01 +11:00
923f1ce0b7
- djm@cvs.openbsd.org 2006/01/31 10:35:43
...
[scp.c]
"scp a b c" shouldn't clobber "c" when it is not a directory, report and
fix from biorn@; ok markus@
2006-01-31 22:11:37 +11:00
50c6eedce3
- djm@cvs.openbsd.org 2006/01/31 10:36:33
...
[scp.sh]
regress test for "scp a b c" where "c" is not a directory
2006-01-31 22:06:41 +11:00
7410ad79f8
- djm@cvs.openbsd.org 2006/01/31 10:23:23
...
[scp.sh]
regression test for CVE-2006-0225 written by dtucker@
2006-01-31 22:06:14 +11:00
0b996462f8
- djm@cvs.openbsd.org 2006/01/27 06:49:21
...
[scp.sh]
regress test for local to local scp copies; ok dtucker@
2006-01-31 22:05:23 +11:00
15a815bb64
- dtucker@cvs.openbsd.org 2005/12/14 04:36:39
...
[regress/scp-ssh-wrapper.sh]
Fix assumption about how many args scp will pass; ok djm@
NB. ID sync only, we already had this
2006-01-31 22:03:11 +11:00
27a0dfaea9
- grunk@cvs.openbsd.org 2005/11/14 21:25:56
...
[regress/agent-getpeereid.sh]
all other scripts in this dir use $SUDO, not 'sudo', so pull this even
ok markus@
2006-01-31 22:02:16 +11:00
10c5fa7e87
- markus@cvs.openbsd.org 2005/06/30 11:02:37
...
[regress/scp.sh]
allow SUDO=sudo; from Alexander Bluhm
2006-01-31 22:01:42 +11:00
ec7b2f12f0
- djm@cvs.openbsd.org 2005/05/24 04:10:54
...
[regress/try-ciphers.sh]
oops, new arcfour modes here too
2006-01-31 21:59:35 +11:00
76be6b8765
- djm@cvs.openbsd.org 2005/05/20 23:14:15
...
[regress/test-exec.sh]
force addressfamily=inet for tests, unbreaking dynamic-forward regress for
recently committed nc SOCKS5 changes
2006-01-31 21:59:01 +11:00
f0cbb3d7cb
- (djm) Sync regress tests to OpenBSD:
...
- dtucker@cvs.openbsd.org 2005/03/10 10:20:39
[regress/forwarding.sh]
Regress test for ClearAllForwardings (bz #994 ); ok markus@
2006-01-31 21:58:23 +11:00
c34940c1f5
- dtucker@cvs.openbsd.org 2005/04/25 09:54:09
...
[regress/multiplex.sh]
Don't call cleanup in multiplex as test-exec will cleanup anyway
found by tim@, ok djm@
NB. ID sync only, we already had this
2006-01-31 21:57:27 +11:00
3eec6b73a2
- djm@cvs.openbsd.org 2006/01/31 10:19:02
...
[misc.c misc.h scp.c sftp.c]
fix local arbitrary command execution vulnerability on local/local and
remote/remote copies (CVE-2006-0225, bz #1094 ), patch by
t8m AT centrum.cz, polished by dtucker@ and myself; ok markus@
2006-01-31 21:49:27 +11:00
b5dd55cccc
- jmc@cvs.openbsd.org 2006/01/30 13:37:49
...
[ssh.1]
remove an incorrect sentence;
reported by roumen petrov;
ok djm markus
2006-01-31 21:47:58 +11:00
e204f6aa0d
- reyk@cvs.openbsd.org 2006/01/30 12:22:22
...
[channels.c]
mark channel as write failed or dead instead of read failed on error
of the channel output filter.
ok markus@
2006-01-31 21:47:15 +11:00
bbc59094b9
- jmc@cvs.openbsd.org 2006/01/26 08:47:56
...
[ssh.1]
add a section on verifying host keys in dns;
written with a lot of help from jakob;
feedback dtucker/markus;
ok markus
2006-01-31 21:46:51 +11:00
7602cba59d
- jmc@cvs.openbsd.org 2006/01/25 09:07:22
...
[sshd.8]
move subsections to full sections;
2006-01-31 21:46:20 +11:00
99cc4a8f1e
- jmc@cvs.openbsd.org 2006/01/25 09:04:34
...
[sshd.8]
move the options description up the page, and a few additional tweaks
whilst in here;
ok markus
2006-01-31 21:45:53 +11:00
ddfddf1ba3
- jmc@cvs.openbsd.org 2006/01/20 11:21:45
...
[ssh_config.5]
- word change, agreed w/ markus
- consistency fixes
2006-01-31 21:39:03 +11:00
fbea76400f
- (dtucker) [configure.ac opensshd.init.in] Bug #1144 : Use /bin/sh for the
...
opensshd.init script interpretter if /sbin/sh does not exist. ok tim@
2006-01-30 00:22:39 +11:00
62388b2b63
- dtucker@cvs.openbsd.org 2006/01/20 00:14:55
...
[scp.1 ssh.1 ssh_config.5 sftp.1]
Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
#1056 with feedback from jmc, djm and markus; ok jmc@ djm@
2006-01-20 11:31:47 +11:00
248dd13c46
- jmc@cvs.openbsd.org 2006/01/18 10:53:29
...
[ssh.1]
add a section on ssh-based vpn, based on reyk's README.tun;
2006-01-20 11:30:58 +11:00
94299ec251
- jmc@cvs.openbsd.org 2006/01/15 17:37:05
...
[ssh.1]
correction from deraadt
2006-01-20 11:30:14 +11:00
4a8dc9e297
- jmc@cvs.openbsd.org 2006/01/12 22:34:12
...
[ssh.1]
back out a sentence - AUTHENTICATION already documents this;
2006-01-14 10:10:31 +11:00
e9d001e02b
- jmc@cvs.openbsd.org 2006/01/12 22:26:02
...
[ssh_config.5]
refer to TCP forwarding, rather than TCP/IP forwarding;
2006-01-14 10:10:17 +11:00
7c24b81699
- jmc@cvs.openbsd.org 2006/01/12 22:20:00
...
[sshd.8]
refer to TCP forwarding, rather than TCP/IP forwarding;
2006-01-14 10:09:56 +11:00
8bfaf93f60
- jmc@cvs.openbsd.org 2006/01/12 18:48:48
...
[ssh.1]
refer to `TCP' rather than `TCP/IP' in the context of connection
forwarding;
ok markus
2006-01-14 10:09:30 +11:00
f31771810c
- jmc@cvs.openbsd.org 2006/01/12 14:44:12
...
[ssh.1]
split sections on tcp and x11 forwarding into two sections.
add an example in the tcp section, based on sth i wrote for ssh faq;
help + ok: djm markus dtucker
2006-01-14 10:09:13 +11:00
7e76e1f101
- jmc@cvs.openbsd.org 2006/01/06 13:29:10
...
[ssh.1]
final round of whacking FILES for duplicate info, and some consistency
fixes;
ok djm
2006-01-14 10:08:57 +11:00
e87eb4ce3c
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/01/06 13:27:32
[ssh.1]
weed out some duplicate info in the known_hosts FILES entries;
ok djm
2006-01-14 10:08:36 +11:00
e78c6ce8cf
- (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
...
tcpip service so it's always started after IP is up. Patch from
vinschen at redhat.com.
2006-01-10 00:02:44 +11:00
72c5b7d85d
- djm@cvs.openbsd.org 2006/01/05 23:43:53
...
[misc.c]
check that stdio file descriptors are actually closed before clobbering
them in sanitise_stdfd(). problems occurred when a lower numbered fd was
closed, but higher ones weren't. spotted by, and patch tested by
Frédéric Olivié
2006-01-06 14:50:44 +11:00
c27f83a63c
- jmc@cvs.openbsd.org 2006/01/04 19:50:09
...
[ssh.1]
-.Xr gzip 1 ,
2006-01-06 14:50:26 +11:00
128a0f114d
- jmc@cvs.openbsd.org 2006/01/04 19:40:24
...
[ssh.1]
+.Xr ssh-keyscan 1 ,
2006-01-06 14:50:11 +11:00
a246d3b9b2
- jmc@cvs.openbsd.org 2006/01/04 18:45:01
...
[ssh.1]
remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
2006-01-06 14:49:54 +11:00
1bcdb50a3d
- jmc@cvs.openbsd.org 2006/01/04 18:42:46
...
[ssh.1]
chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
entries;
ok markus
2006-01-06 14:49:38 +11:00
4c102eede3
- jmc@cvs.openbsd.org 2006/01/03 16:55:18
...
[ssh.1]
tweak the description of ~/.ssh/environment
2006-01-06 14:49:17 +11:00
fb8ea74116
- jmc@cvs.openbsd.org 2006/01/03 16:52:36
...
[ssh.1]
put FILES in some sort of order: sort by pathname
2006-01-06 14:48:52 +11:00
6aa2290b0c
- jmc@cvs.openbsd.org 2006/01/03 16:35:30
...
[ssh.1]
use a larger width for the ENVIRONMENT list;
2006-01-06 14:48:34 +11:00
7655f5cd9f
- jmc@cvs.openbsd.org 2006/01/03 16:31:10
...
[ssh.1]
move FILES to a -compact list, and make each files an item in that list.
this avoids nastly line wrap when we have long pathnames, and treats
each file as a separate item;
remove the .Pa too, since it is useless.
2006-01-06 14:48:18 +11:00
a969437645
- (djm) [channels.c] clean up harmless merge error, from reyk@
2006-01-04 07:27:50 +11:00
b797770da2
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2006/01/02 17:09:49
[ssh_config.5 sshd_config.5]
some corrections from michael knudsen;
2006-01-03 18:47:31 +11:00
a07a59188a
- jmc@cvs.openbsd.org 2006/01/02 12:31:06
...
[ssh.1]
start to cut some duplicate info from FILES;
help/ok djm
2006-01-02 23:41:37 +11:00
a1d9a18e14
- reyk@cvs.openbsd.org 2006/01/02 07:53:44
...
[misc.c]
clarify tun(4) opening - set the mode and bring the interface up. also
(re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
suggested and ok by djm@
2006-01-02 23:41:21 +11:00
5444618987
- djm@cvs.openbsd.org 2006/01/02 01:20:31
...
[sftp-client.c sftp-common.h sftp-server.c]
use a common max. packet length, no binary change
2006-01-02 23:40:50 +11:00
a210d52235
- stevesk@cvs.openbsd.org 2006/01/01 10:08:48
...
[misc.c]
no trailing "\n" for debug()
2006-01-02 23:40:30 +11:00
3beb852e09
- stevesk@cvs.openbsd.org 2006/01/01 08:59:27
...
[includes.h misc.c]
move <net/if.h>; ok djm@
2006-01-02 23:40:10 +11:00
1164c299f1
- jmc@cvs.openbsd.org 2005/12/31 13:45:19
...
[ssh.1]
.Nm does not require an argument;
2006-01-02 23:38:37 +11:00
14af93ee77
- jmc@cvs.openbsd.org 2005/12/31 13:44:04
...
[ssh.1]
clean up ENVIRONMENT a little;
2006-01-02 23:38:21 +11:00
48c94abf5b
- (djm) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2005/12/31 10:46:17
[ssh.1]
merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
AUTHENTICATION" sections into "AUTHENTICATION";
some rewording done to make the text read better, plus some
improvements from djm;
ok djm
2006-01-02 23:38:00 +11:00
90cd1c549b
- (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
2006-01-02 20:23:18 +11:00
5df52e89b4
- (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too
2006-01-01 21:15:50 +11:00
bd4e410817
- (djm) [configure.ac] Fix linux/if_tun.h test
2006-01-01 21:03:30 +11:00
2dcddbfaf6
- (djm) [Makefile.in configure.ac includes.h misc.c]
...
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
limited to IPv4 tunnels only, and most versions don't support the
tap(4) device at all.
2006-01-01 19:47:05 +11:00
c4bcc91751
- (djm) [configure.ac] oops, make that linux/if_tun.h
2005-12-31 17:05:58 +11:00
89e03bae5c
- (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
...
not exist
2005-12-31 16:42:03 +11:00
598bbc2d8f
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
...
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
2005-12-31 16:33:36 +11:00
88b25524b8
- stevesk@cvs.openbsd.org 2005/12/31 01:38:45
...
[ssh.1]
document -MM; ok djm@
2005-12-31 16:23:15 +11:00
134eb81383
- jmc@cvs.openbsd.org 2005/12/30 16:59:00
...
[sftp.1]
do not suggest that interactive authentication will work
with the -b flag;
based on a diff from john l. scarfone;
ok djm
2005-12-31 16:22:55 +11:00
077b23864f
- reyk@cvs.openbsd.org 2005/12/30 15:56:37
...
[channels.c channels.h clientloop.c]
add channel output filter interface.
ok djm@, suggested by markus@
2005-12-31 16:22:32 +11:00
5eb137c6d1
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2005/12/28 22:46:06
[canohost.c channels.c clientloop.c]
use 'break-in' for consistency; ok deraadt@ ok and input jmc@
2005-12-31 16:19:53 +11:00
8db70e2398
(tim) [buildpkg.sh.in] grep for $SSHDUID instead of $SSHDGID on /etc/passwd
2005-12-28 14:28:08 -08:00
7bff1a9b5e
- djm@cvs.openbsd.org 2005/12/24 02:27:41
...
[session.c sshd.c]
eliminate some code duplicated in privsep and non-privsep paths, and
explicitly clear SIGALRM handler; "groovy" deraadt@
2005-12-24 14:59:12 +11:00
3597821046
- jmc@cvs.openbsd.org 2005/12/23 23:46:23
...
[ssh.1]
less mark up for -c;
2005-12-24 14:56:47 +11:00
2142ba0769
- jmc@cvs.openbsd.org 2005/12/23 14:55:53
...
[ssh.1]
- sync the description of -e w/ synopsis
- simplify the description of -I
- note that -I is only available if support compiled in, and that it
isn't by default
feedback/ok djm@
2005-12-24 14:56:29 +11:00
Darren Tucker
Damien Miller
Tim Rice