991dba43e1
- stevesk@cvs.openbsd.org 2006/07/02 17:12:58
...
[ssh.1 ssh.c ssh_config.5 sshd_config.5]
more details and clarity for tun(4) device forwarding; ok and help
jmc@
2006-07-10 20:16:27 +10:00
43020951ad
- djm@cvs.openbsd.org 2006/06/26 10:36:15
...
[clientloop.c]
mention optional bind_address in runtime port forwarding setup
command-line help. patch from santhi.amirta AT gmail.com
2006-07-10 20:16:12 +10:00
1e88ea6556
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2006/06/14 10:50:42
[sshconnect.c]
limit the number of pre-banner characters we will accept; ok markus@
2006-07-10 20:15:56 +10:00
e34c96aea1
- (dtucker) [INSTALL] New autoconf version: 2.60.
2006-07-10 12:55:24 +10:00
f32f55259c
- (dtucker) [INSTALL] A bit more info on autoconf.
2006-07-06 19:12:08 +10:00
bdc121279f
- (dtucker) [configure.ac] Try AIX blibpath test in different order when
...
compiling with gcc. gcc 4.1.x will accept (but ignore) -b flags so
configure would not select the correct libpath linker flags.
2006-07-06 11:56:25 +10:00
365e18db51
whitespace
2006-07-05 22:48:07 +10:00
ee9ee9175c
whitespace
2006-07-05 22:47:21 +10:00
daf6ff4312
- (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the
...
target already exists.
2006-07-05 21:35:48 +10:00
db4c54bed1
- (dtucker) [INSTALL] Bug #1202 : Note when autoconf is required and which
...
version.
2006-06-30 16:20:58 +10:00
7243f9db60
- (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it,
...
prevents warnings on platforms where _res is in the system headers.
2006-06-30 11:47:49 +10:00
66c32d5caa
- (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf
...
declaration too. Patch from russ at sludge.net.
2006-06-30 10:51:32 +10:00
8b272ab09b
- (dtucker) [configure.ac] Bug #1203 : Add missing '[', which causes problems
...
with autoconf 2.60. Patch from vapier at gentoo.org.
2006-06-27 11:20:28 +10:00
144e8d60cd
- (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys
...
only, otherwise sshd can hang exiting non-interactive sessions.
2006-06-25 08:25:25 +10:00
03890e44cd
- (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug
...
#1102 workaround.
2006-06-24 16:58:45 +10:00
0249f93c4d
- (dtucker) [configure.ac] Bug #1193 : Define PASSWD_NEEDS_USERNAME on Solaris.
...
Works around limitation in Solaris' passwd program for changing passwords
where the username is longer than 8 characters. ok djm@
2006-06-24 12:10:07 +10:00
9afe115f0a
- (dtucker) [channels.c configure.ac serverloop.c] Bug #1102 : Around AIX
...
4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
on the pty slave as zero-length reads on the pty master, which sshd
interprets as the descriptor closing. Since most things don't do zero
length writes this rarely matters, but occasionally it happens, and when
it does the SSH pty session appears to hang, so we add a special case for
this condition. ok djm@
2006-06-23 21:24:12 +10:00
3eb4834489
- (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
...
tunnel support for Mac OS X/Darwin via a third-party tun driver. Patch
from reyk@, tested by anil@
2006-06-23 21:05:12 +10:00
643460803f
- (djm) [getput.h] This file has been replaced by functions in misc.c
2006-06-13 13:15:54 +10:00
a6680a4e35
- djm@cvs.openbsd.org 2006/06/13 01:18:36
...
[ssh-agent.c]
always use a format string, even when printing a constant
- djm@cvs.openbsd.org 2006/06/13 02:17:07
[ssh-agent.c]
revert; i am on drugs. spotted by alexander AT beard.se
2006-06-13 13:10:18 +10:00
2e5fe88ebe
- markus@cvs.openbsd.org 2006/06/08 14:45:49
...
[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
do not set the gid, noted by solar; ok djm
2006-06-13 13:10:00 +10:00
6b4069ad56
- markus@cvs.openbsd.org 2006/06/06 10:20:20
...
[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
replace remaining setuid() calls with permanently_set_uid() and
check seteuid() return values; report Marcus Meissner; ok dtucker djm
2006-06-13 13:05:15 +10:00
eb13e556e5
- markus@cvs.openbsd.org 2006/06/01 09:21:48
...
[sshd.c]
call get_remote_ipaddr() early; fixes logging after client disconnects;
report mpf@; ok dtucker@
2006-06-13 13:03:53 +10:00
7b1e757b28
- mk@cvs.openbsd.org 2006/05/30 11:46:38
...
[ssh-add.c]
Sync usage() with man page and reality.
ok deraadt dtucker
2006-06-13 13:03:34 +10:00
fbc94c857a
- jmc@cvs.openbsd.org 2006/05/29 16:13:23
...
[ssh.1]
add GSSAPI to the list of authentication methods supported;
2006-06-13 13:03:16 +10:00
3c6ed7bbd5
- jmc@cvs.openbsd.org 2006/05/29 16:10:03
...
[ssh_config.5]
oops - previous was too long; split the list of auths up
2006-06-13 13:01:41 +10:00
81a38928eb
- dtucker@cvs.openbsd.org 2006/05/29 12:56:33
...
[ssh_config]
Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in sample
ssh_config. ok markus@
2006-06-13 13:01:09 +10:00
658f945538
- dtucker@cvs.openbsd.org 2006/05/29 12:54:08
...
[ssh_config.5]
Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
2006-06-13 13:00:55 +10:00
ad6b14d274
- miod@cvs.openbsd.org 2006/05/18 21:27:25
...
[kexdhc.c kexgexc.c]
paramter -> parameter
2006-06-13 13:00:41 +10:00
40b5985fe0
- markus@cvs.openbsd.org 2006/05/17 12:43:34
...
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
24fd8ddd61
- markus@cvs.openbsd.org 2006/05/16 09:00:00
...
[clientloop.c]
missing free; from Kylene Hall
2006-06-13 13:00:09 +10:00
e250a94e69
- djm@cvs.openbsd.org 2006/05/08 10:49:48
...
[sshconnect2.c]
uint32_t -> u_int32_t (which we use everywhere else)
(Id sync only - portable already had this)
2006-06-13 12:59:53 +10:00
f14b2aa672
- (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
...
and slave, we can remove the special-case handling in the audit hook in
auth_log.
2006-05-21 18:26:40 +10:00
f58b29d515
- (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file
...
pointer leak. From kjhall at us.ibm.com, found by coverity.
2006-05-17 22:24:56 +10:00
73373877db
typo
2006-05-15 17:24:25 +10:00
2c77b7f1c1
- (dtucker) [auth-pam.c] Bug #1188 : pass result of do_pam_account back and
...
do not allow kbdint again after the PAM account check fails. ok djm@
2006-05-15 17:22:33 +10:00
cefd8bb36d
- (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative
...
default. Patch originally from tim@, ok djm
2006-05-15 17:17:29 +10:00
13c539a4dc
- (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of
...
_res, prevents problems on some platforms that have _res as a global but
don't have getrrsetbyname(), eg IRIX 5.3. Found and tested by
georg.schwarz at freenet.de, ok djm@.
2006-05-15 17:15:56 +10:00
43ff44e7db
- dtucker@cvs.openbsd.org 2006/05/06 08:35:40
...
[auth-krb5.c]
Add $OpenBSD$ in comment here too
2006-05-06 18:40:53 +10:00
f779f672eb
- djm@cvs.openbsd.org 2006/04/01 05:37:46
...
[OVERVIEW]
$OpenBSD$ in here too
2006-05-06 17:48:48 +10:00
31cde6828d
- djm@cvs.openbsd.org 2006/05/04 14:55:23
...
[dh.c]
tighter DH exponent checks here too; feedback and ok markus@
2006-05-06 17:43:33 +10:00
232b76f9f8
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
...
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186 , ok djm@
2006-05-06 17:41:51 +10:00
d8093e49bf
- (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
...
session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
in Portable-only code; since calloc zeros, remove now-redundant memsets.
Also add a couple of sanity checks. With & ok djm@
2006-05-04 16:24:34 +10:00
596d33801f
- (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
...
and double including it on IRIX 5.3 causes problems. From Georg Schwarz,
"no objections" tim@
2006-05-03 19:01:09 +10:00
7b50b2030b
missing file
2006-04-23 12:31:27 +10:00
2bdd1c117c
- (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
...
sig_atomic_t
2006-04-23 12:28:53 +10:00
08d4b0ca5d
- stevesk@cvs.openbsd.org 2006/04/22 18:29:33
...
[crc32.c]
remove extra spaces
2006-04-23 12:12:24 +10:00
2282c6e305
- djm@cvs.openbsd.org 2006/04/22 04:06:51
...
[uidswap.c]
use setres[ug]id() to permanently revoke privileges; ok deraadt@
(ID Sync only - portable already uses setres[ug]id() whenever possible)
2006-04-23 12:11:57 +10:00
525a0b090f
- djm@cvs.openbsd.org 2006/04/20 21:53:44
...
[includes.h session.c sftp.c]
Switch from using pipes to socketpairs for communication between
sftp/scp and ssh, and between sshd and its subprocesses. This saves
a file descriptor per session and apparently makes userland ppp over
ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this
decision on a per-platform basis)
2006-04-23 12:10:49 +10:00
56e5e6ad11
- markus@cvs.openbsd.org 2006/04/20 09:47:59
...
[sshconnect.c]
simplify; ok djm@
2006-04-23 12:08:59 +10:00
97c91f688f
- djm@cvs.openbsd.org 2006/04/20 09:27:09
...
[auth.h clientloop.c dispatch.c dispatch.h kex.h]
replace the last non-sig_atomic_t flag used in a signal handler with a
sig_atomic_t, unfortunately with some knock-on effects in other (non-
signal) contexts in which it is used; ok markus@
2006-04-23 12:08:37 +10:00
58629fad82
- dtucker@cvs.openbsd.org 2006/04/18 10:44:28
...
[bufaux.c bufbn.c]
Move Buffer bignum functions into their own file, bufbn.c. This means
that sftp and sftp-server (which use the Buffer functions in bufaux.c
but not the bignum ones) no longer need to be linked with libcrypto.
ok markus@
2006-04-23 12:08:19 +10:00
b5ea7e7c03
- djm@cvs.openbsd.org 2006/04/16 07:59:00
...
[atomicio.c]
reorder sanity test so that it cannot dereference past the end of the
iov array; well spotted canacar@!
2006-04-23 12:06:49 +10:00
58ca98bfe1
- djm@cvs.openbsd.org 2006/04/16 00:54:10
...
[sftp-client.c]
avoid making a tiny 4-byte write to send the packet length of sftp
commands, which would result in a separate tiny packet on the wire by
using atomiciov(writev, ...) to write the length and the command in one
pass; ok deraadt@
2006-04-23 12:06:35 +10:00
6aa139c41f
- djm@cvs.openbsd.org 2006/04/16 00:52:55
...
[atomicio.c atomicio.h]
introduce atomiciov() function that wraps readv/writev to retry
interrupted transfers like atomicio() does for read/write;
feedback deraadt@ dtucker@ stevesk@ ok deraadt@
2006-04-23 12:06:20 +10:00
499a0d5ada
- djm@cvs.openbsd.org 2006/04/16 00:48:52
...
[buffer.c buffer.h channels.c]
Fix condition where we could exit with a fatal error when an input
buffer became too large and the remote end had advertised a big window.
The problem was a mismatch in the backoff math between the channels code
and the buffer code, so make a buffer_check_alloc() function that the
channels code can use to propsectivly check whether an incremental
allocation will succeed. bz #1131 , debugged with the assistance of
cove AT wildpackets.com; ok dtucker@ deraadt@
2006-04-23 12:06:03 +10:00
63e437f053
- djm@cvs.openbsd.org 2006/04/03 07:10:38
...
[gss-genr.c]
GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
by dleonard AT vintela.com. use xasprintf() to simplify code while in
there; "looks right" deraadt@
2006-04-23 12:05:46 +10:00
603e68f1a2
- dtucker@cvs.openbsd.org 2006/04/02 08:34:52
...
[ssh-keysign.c]
sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
2006-04-23 12:05:32 +10:00
7a656f7922
- djm@cvs.openbsd.org 2006/04/01 05:50:29
...
[scp.c]
xasprintification; ok deraadt@
2006-04-23 12:04:46 +10:00
07aa132a5e
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/04/01 05:42:20
[scp.c]
minimal lint cleanup (unused crud, and some size_t); ok djm
2006-04-23 12:04:27 +10:00
73b42d2bb0
- (djm) [Makefile.in configure.ac session.c sshpty.c]
...
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
[openbsd-compat/port-linux.h] Add support for SELinux, setting
the execution and TTY contexts. based on patch from Daniel Walsh,
bz #880 ; ok dtucker@
2006-04-22 21:26:08 +10:00
2eaf37d899
- (djm) Reorder IP options check so that it isn't broken by
...
mapped addresses; bz #1179 reported by markw wtech-llc.com;
ok dtucker@
2006-04-18 15:13:16 +10:00
dfc6183f13
- djm@cvs.openbsd.org 2006/03/31 09:13:56
...
[ssh_config.5]
remote user escape is %r not %h; spotted by jmc@
2006-03-31 23:14:57 +11:00
c6437cf00a
- jmc@cvs.openbsd.org 2006/03/31 09:09:30
...
[ssh_config.5]
kill trailing whitespace;
2006-03-31 23:14:41 +11:00
7a8f5b330d
- dtucker@cvs.openbsd.org 2006/03/30 11:40:21
...
[auth.c monitor.c]
Prevent duplicate log messages when privsep=yes; ok djm@
2006-03-31 23:14:23 +11:00
e23209f434
- dtucker@cvs.openbsd.org 2006/03/30 11:05:17
...
[ssh-keygen.c]
Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
6b1d53c2b0
- djm@cvs.openbsd.org 2006/03/30 10:41:25
...
[ssh.c ssh_config.5]
add percent escape chars to the IdentityFile option, bz #1159 based
on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
3f9418893e
- djm@cvs.openbsd.org 2006/03/30 09:58:16
...
[authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
[monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
replace {GET,PUT}_XXBIT macros with functionally similar functions,
silencing a heap of lint warnings. also allows them to use
__bounded__ checking which can't be applied to macros; requested
by and feedback from deraadt@
2006-03-31 23:13:02 +11:00
d79b424e8a
- djm@cvs.openbsd.org 2006/03/30 09:41:25
...
[channels.c]
ARGSUSED for dispatch table-driven functions
2006-03-31 23:11:44 +11:00
89c3fe4a9e
- deraadt@cvs.openbsd.org 2006/03/28 01:53:43
...
[ssh-agent.c]
use strtonum() to parse the pid from the file, and range check it
better; ok djm
2006-03-31 23:11:28 +11:00
57c4e875f8
- deraadt@cvs.openbsd.org 2006/03/28 01:52:28
...
[channels.c]
do not accept unreasonable X ports numbers; ok djm
2006-03-31 23:11:07 +11:00
ddd63ab1d0
- deraadt@cvs.openbsd.org 2006/03/28 00:12:31
...
[README.tun ssh.c]
spacing
2006-03-31 23:10:51 +11:00
2b5a0de903
- djm@cvs.openbsd.org 2006/03/27 23:15:46
...
[sftp.c]
always use a format string for addargs; spotted by mouring@
2006-03-31 23:10:31 +11:00
5a73c1a34d
- deraadt@cvs.openbsd.org 2006/03/27 13:03:54
...
[dh.c]
use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
2006-03-31 23:09:41 +11:00
da380becc6
- OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/03/27 01:21:18
[xmalloc.c]
we can do the size & nmemb check before the integer overflow check;
evol
2006-03-31 23:09:17 +11:00
b3cdc220c4
- deraadt@cvs.openbsd.org 2006/03/26 01:31:48
...
[uuencode.c]
typo
2006-03-26 14:30:33 +11:00
51096383e9
- djm@cvs.openbsd.org 2006/03/25 22:22:43
...
[atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
[bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
[compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
[dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
[gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
[misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
[myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
[scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
[ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
[ttymodes.h uidswap.h uuencode.h xmalloc.h]
standardise spacing in $OpenBSD$ tags; requested by deraadt@
2006-03-26 14:30:00 +11:00
e3b21a5f59
- deraadt@cvs.openbsd.org 2006/03/25 18:58:10
...
[channels.c]
delete cast not required
2006-03-26 14:29:06 +11:00
a0fdce9a47
- deraadt@cvs.openbsd.org 2006/03/25 18:56:55
...
[bufaux.c channels.c packet.c]
remove (char *) casts to a function that accepts void * for the arg
2006-03-26 14:28:50 +11:00
08d61505d7
- deraadt@cvs.openbsd.org 2006/03/25 18:43:30
...
[channels.c]
use strtonum() instead of atoi() [limit X screens to 400, sorry]
2006-03-26 14:28:32 +11:00
1c13bd8d79
- deraadt@cvs.openbsd.org 2006/03/25 18:41:45
...
[ssh-agent.c]
mark two more signal handlers ARGSUSED
2006-03-26 14:28:14 +11:00
5f340065fc
- deraadt@cvs.openbsd.org 2006/03/25 18:40:14
...
[ssh-keygen.c]
cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
a1690d08b4
- deraadt@cvs.openbsd.org 2006/03/25 18:36:15
...
[sshlogin.c sshlogin.h]
nicer size_t and time_t types
2006-03-26 14:27:35 +11:00
90fdfaf69c
- deraadt@cvs.openbsd.org 2006/03/25 18:30:55
...
[clientloop.c serverloop.c]
spacing
2006-03-26 14:25:37 +11:00
8ba29fe72d
- deraadt@cvs.openbsd.org 2006/03/25 18:29:35
...
[auth-rsa.c authfd.c packet.c]
needed casts (always will be needed)
2006-03-26 14:25:19 +11:00
48c4ed2b78
oops, rewrap
2006-03-26 14:25:05 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
55b04f1d77
- djm@cvs.openbsd.org 2006/03/25 01:30:23
...
[sftp.c]
"abormally" is a perfectly cromulent word, but "abnormally" is better
2006-03-26 14:23:17 +11:00
36812092ec
- djm@cvs.openbsd.org 2006/03/25 01:13:23
...
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
[sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
[uidswap.c]
change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
to xrealloc(p, new_nmemb, new_itemsize).
realloc is particularly prone to integer overflows because it is
almost always allocating "n * size" bytes, so this is a far safer
API; ok deraadt@
2006-03-26 14:22:47 +11:00
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
a5a2859275
- deraadt@cvs.openbsd.org 2006/03/20 21:11:53
...
[ttymodes.c]
spacing
2006-03-26 14:10:34 +11:00
4f7becb44f
- deraadt@cvs.openbsd.org 2006/03/20 18:48:34
...
[channels.c fatal.c kex.c packet.c serverloop.c]
spacing
2006-03-26 14:10:14 +11:00
1d2b6706ba
- deraadt@cvs.openbsd.org 2006/03/20 18:42:27
...
[canohost.c match.c ssh.c sshconnect.c]
be strict with tolower() casting
2006-03-26 14:09:54 +11:00
1ff7c642ee
- deraadt@cvs.openbsd.org 2006/03/20 18:41:43
...
[dns.c]
cast xstrdup to propert u_char *
2006-03-26 14:09:09 +11:00
4ae97f1885
- deraadt@cvs.openbsd.org 2006/03/20 18:35:12
...
[channels.c]
x11_fake_data is only ever used as u_char *
2006-03-26 14:08:10 +11:00
9f3bd53acd
- deraadt@cvs.openbsd.org 2006/03/20 18:27:50
...
[monitor.c]
spacing
2006-03-26 14:07:52 +11:00
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
91d4b12fcb
- deraadt@cvs.openbsd.org 2006/03/20 18:17:20
...
[auth1.c auth2.c sshd.c]
sprinkle some ARGSUSED for table driven functions (which sometimes
must ignore their args)
2006-03-26 14:05:20 +11:00
1b81a49f86
rewrap
2006-03-26 14:05:02 +11:00
71a7367130
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
6d39bcf898
- deraadt@cvs.openbsd.org 2006/03/20 17:17:23
...
[ssh-rsa.c]
in a switch (), break after return or goto is stupid
2006-03-26 14:03:21 +11:00
bbaad7772a
- deraadt@cvs.openbsd.org 2006/03/20 17:13:16
...
[key.c]
djm did a typo
2006-03-26 14:03:03 +11:00
69b7203e6f
- deraadt@cvs.openbsd.org 2006/03/20 17:10:19
...
[auth.c key.c misc.c packet.c ssh-add.c]
in a switch (), break after return or goto is stupid
2006-03-26 14:02:35 +11:00
429fcc23db
- djm@cvs.openbsd.org 2006/03/20 11:38:46
...
[key.c]
(really) last of the Coverity diffs: avoid possible NULL deref in
key_free. via elad AT netbsd.org; markus@ ok
2006-03-26 14:02:16 +11:00
96937bd914
- djm@cvs.openbsd.org 2006/03/20 04:09:44
...
[monitor.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
that should be all of them now
2006-03-26 14:01:54 +11:00
3305f5591f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:09
...
[authfile.c]
whoever thought that break after return was a good idea needs to
get their head examimed
2006-03-26 14:00:31 +11:00
4662d3492f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:30
...
[ssh.c]
spacing
2006-03-26 13:59:59 +11:00
3bbaba6075
- deraadt@cvs.openbsd.org 2006/03/19 18:59:49
...
[ssh-keyscan.c]
please lint
2006-03-26 13:59:38 +11:00
f0b15dfc52
- deraadt@cvs.openbsd.org 2006/03/19 18:56:41
...
[clientloop.c progressmeter.c serverloop.c sshd.c]
ARGSUSED for signal handlers
2006-03-26 13:59:20 +11:00
c91e556d8a
- deraadt@cvs.openbsd.org 2006/03/19 18:53:12
...
[kex.c kex.h monitor.c myproposal.h session.c]
spacing
2006-03-26 13:58:55 +11:00
d62f2ca376
- deraadt@cvs.openbsd.org 2006/03/19 18:52:11
...
[auth1.c authfd.c channels.c]
spacing
2006-03-26 13:57:41 +11:00
78f16cb07b
- dtucker@cvs.openbsd.org 2006/03/19 11:51:52
...
[servconf.c]
Correct strdelim null test; ok djm@
2006-03-26 13:54:37 +11:00
5790b5910b
- djm@cvs.openbsd.org 2006/03/19 07:41:30
...
[sshconnect2.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
2006-03-26 13:54:03 +11:00
928b23684a
- djm@cvs.openbsd.org 2006/03/19 02:24:05
...
[dh.c readconf.c servconf.c]
potential NULL pointer dereferences detected by Coverity
via elad AT netbsd.org; ok deraadt@
2006-03-26 13:53:32 +11:00
6db780e259
- djm@cvs.openbsd.org 2006/03/19 02:23:26
...
[hostfile.c]
FILE* leak detected by Coverity via elad AT netbsd.org;
ok deraadt@
2006-03-26 13:52:20 +11:00
e0b90a6766
- djm@cvs.openbsd.org 2006/03/19 02:22:56
...
[sftp.c]
more memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
2006-03-26 13:51:44 +11:00
6f98a1fea7
- djm@cvs.openbsd.org 2006/03/19 02:22:32
...
[serverloop.c]
memory leaks detected by Coverity via elad AT netbsd.org;
ok deraadt@ dtucker@
2006-03-26 13:51:08 +11:00
304a940889
- djm@cvs.openbsd.org 2006/03/17 22:31:11
...
[authfd.c]
unreachanble statement, found by lint
2006-03-26 13:50:37 +11:00
5b83232b48
- djm@cvs.openbsd.org 2006/03/17 22:31:50
...
[authfd.c]
another unreachable found by lint
2006-03-26 13:50:14 +11:00
745570cd79
- biorn@cvs.openbsd.org 2006/03/16 10:31:45
...
[scp.c]
Try to display errormessage even if remout == -1
ok djm@, markus@
2006-03-26 13:49:43 +11:00
cb314828eb
- OpenBSD CVS Sync
...
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
[ssh-keygen.c]
if no key file are given when printing the DNS host record, use the
host key file(s) as default. ok djm@
2006-03-26 13:48:01 +11:00
2dbbf8e9fc
[deattack.c deattack.h]
...
remove IV support from the CRC attack detector, OpenSSH has never used
it - it only applied to IDEA-CFB, which we don't support.
prompted by NetBSD Coverity report via elad AT netbsd.org;
feedback markus@ "nuke it" deraadt@
2006-03-26 00:11:46 +11:00
a1b3d636ab
- jakob@cvs.openbsd.org 2006/03/22 21:16:24
...
[ssh.1]
simplify SSHFP example; ok jmc@
2006-03-26 00:07:02 +11:00
5996294a95
- deraadt@cvs.openbsd.org 2006/03/20 18:41:43
...
[dns.c]
cast xstrdup to propert u_char *
2006-03-26 00:06:48 +11:00
1345e617da
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[session.h]
annoying spacing fixes getting in the way of real diffs
2006-03-26 00:06:32 +11:00
ed3986a004
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[monitor_wrap.h sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 00:06:14 +11:00
91a2d9746a
- djm@cvs.openbsd.org 2006/03/20 04:08:18
...
[gss-serv.c]
last lot of GSSAPI related leaks detected by Coverity via
elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:05:44 +11:00
a66cf68dd7
- djm@cvs.openbsd.org 2006/03/20 04:07:49
...
[gss-genr.c]
more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:05:23 +11:00
f23c09670a
- djm@cvs.openbsd.org 2006/03/20 04:07:22
...
[auth2-gss.c]
GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 00:04:53 +11:00
51b4f82123
- deraadt@cvs.openbsd.org 2006/03/19 18:53:12
...
[kex.h myproposal.h]
spacing
2006-03-26 00:04:32 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
3e96d74274
- djm@cvs.openbsd.org 2006/03/16 04:24:42
...
[ssh.1]
Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
that OpenSSH supports
2006-03-25 23:39:29 +11:00
9834cab32e
- (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173 : make fmtint() take
...
a LLONG rather than a long. Fixes scp'ing of large files on platforms
with missing/broken snprintfs. Patch from e.borovac at bom.gov.au.
2006-03-19 00:07:07 +11:00
66f9eb65ff
- (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
...
elad AT NetBSD.org
2006-03-18 23:04:49 +11:00
b309203ce0
- (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old
...
OpenSSL; ok tim
2006-03-16 18:22:18 +11:00
425a6886f9
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable
...
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
2006-03-15 20:17:05 -08:00
c495301bf8
- (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in
...
/usr/include/crypto. Hint from djm@.
2006-03-16 08:14:34 +11:00
d82cbcb9da
- (dtucker) [entropy.c] Add headers for WIFEXITED and friends.
2006-03-16 07:21:35 +11:00
8bb9e2c900
- (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.
2006-03-15 22:28:17 +11:00
dc6118e127
- (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs
...
sys/ioctl.h for struct winsize.
2006-03-15 22:25:54 +11:00
b0024914c9
- (djm) [includes.h] Put back paths.h, it is needed in defines.h
2006-03-15 21:48:54 +11:00
486d95e6f7
- (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE
2006-03-15 21:31:39 +11:00
4b23f7c660
- (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some
...
includes removed from includes.h
2006-03-14 22:09:50 -08:00
7a4cf232c9
- (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"
...
warnings.
2006-03-14 21:04:18 -08:00
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
34877d2e17
- (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out
...
SHA384, which we don't need and doesn't compile without tweaks
2006-03-15 14:36:55 +11:00
42fb06898e
- (djm) [ssh-agent.c] Restore dropped stat.h
2006-03-15 14:03:06 +11:00
3717cdac60
- (djm) [ssh-rand-helper.c] Needs a bunch of headers
2006-03-15 14:02:36 +11:00
a623807860
- (djm) [openbsd-compat/sha2.h] Avoid include macro clash with
...
system sha2.h
2006-03-15 14:02:01 +11:00
627725281e
- (djm) [loginrec.c] Need stat.h
2006-03-15 14:01:11 +11:00
Damien Miller
Darren Tucker
Tim Rice