af78493bba
- djm@cvs.openbsd.org 2007/12/21 04:13:53
...
[regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
[regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
basic (crypto, kex and transfer) interop regression tests against putty
To run these, install putty and run "make interop-tests" from the build
directory - the tests aren't run by default yet.
2008-03-13 00:17:00 +11:00
4cd5fbab4d
- djm@cvs.openbsd.org 2007/12/12 05:04:03
...
[regress/sftp-cmds.sh]
unbreak lls command and add a regress test that would have caught the
breakage; spotted by mouring@
NB. sftp code change already committed.
2008-03-12 23:59:43 +11:00
d666d8e5d4
- jmc@cvs.openbsd.org 2007/11/25 15:35:09
...
[regress/agent-getpeereid.sh regress/agent.sh]
more existant -> existent, from Martynas Venckus;
pfctl changes: ok henning
ssh changes: ok deraadt
2008-03-12 23:58:55 +11:00
a5e584274d
- dtucker@cvs.openbsd.org 2007/10/29 06:57:13
...
[regress/Makefile regress/localcommand.sh]
Add simple regress test for LocalCommand; ok djm@
2008-03-12 23:58:05 +11:00
1e42689ad5
fix log date
2008-03-11 23:01:44 +11:00
52358d6df3
- (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926 : Move
...
pam_open_session and pam_close_session into the privsep monitor, which
will ensure that pam_session_close is called as root. Patch from Tomas
Mraz.
2008-03-11 22:58:25 +11:00
fe1cf97ee8
- (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
...
platforms where gcc understands the option but it's not supported (and
thus generates a warning).
2008-03-09 22:50:50 +11:00
7643e3397d
- (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347 : Use platform's
...
equivalent of LLONG_MAX for the compat regression tests, which makes them
run on AIX and HP-UX. Patch from David Leonard.
2008-03-09 17:10:09 +11:00
16ba6a8ea2
- (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
...
implementation. It's not needed to fix bug #1081 and breaks the build
on some AIX configurations.
2008-03-09 16:36:55 +11:00
b7918afddf
- (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
...
always work for all platforms and versions, so test what we can and
add a configure flag to turn it of if needed. ok djm@
2008-03-09 11:34:23 +11:00
68d293859e
- (tim) [regress/sftp-glob.sh] Shell portability fix.
2008-03-07 19:00:33 -08:00
a79bb8ec5e
- deraadt@cvs.openbsd.org 2008/03/04 21:15:42
...
[version.h]
crank version; from djm
2008-03-07 18:35:47 +11:00
c0c53c3114
- deraadt@cvs.openbsd.org 2008/03/02 18:19:35
...
[monitor_fdpass.c]
use a union to ensure alignment of the cmsg (pay attention: various other
parts of the tree need this treatment too); ok djm
2008-03-07 18:35:26 +11:00
7c29661471
- djm@cvs.openbsd.org 2008/02/27 20:21:15
...
[sftp-server.c]
add an extension method "posix-rename@openssh.com" to perform POSIX atomic
rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
ok dtucker@ markus@
2008-03-07 18:33:53 +11:00
58226f6068
- dtucker@cvs.openbsd.org 2008/02/22 20:44:02
...
[clientloop.c packet.c packet.h serverloop.c]
Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
keepalive timer (bz #1307 ). ok markus@
2008-03-07 18:33:30 +11:00
7cb2b56b1c
- djm@cvs.openbsd.org 2008/02/22 05:58:56
...
[session.c]
closefrom() call was too early, delay it until just before we execute
the user's rc files (if any).
2008-03-07 18:33:12 +11:00
767087b8ec
- markus@cvs.openbsd.org 2008/02/20 15:25:26
...
[session.c]
correct boolean encoding for coredump; der Mouse via dugsong
2008-03-07 18:32:42 +11:00
2ee0c43f98
- mbalmer@cvs.openbsd.org 2008/02/14 13:10:31
...
[sshd.c]
When started in configuration test mode (-t) do not check that sshd is
being started with an absolute path.
ok djm
2008-03-07 18:31:47 +11:00
76e95daad1
- djm@cvs.openbsd.org 2008/02/13 22:38:17
...
[servconf.h session.c sshd.c]
rekey arc4random and OpenSSL RNG in postauth child
closefrom fds > 2 before shell/command execution
ok markus@
2008-03-07 18:31:24 +11:00
757a38a43b
- jmc@cvs.openbsd.org 2008/02/11 07:58:28
...
[ssh.1 sshd.8 sshd_config.5]
bump Mdocdate for pages committed in "febuary", necessary because
of a typo in rcs.c;
2008-03-07 18:27:58 +11:00
54e859f63d
- (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect
...
either, so use our own.
2008-03-02 21:52:27 +11:00
baf7c3d33a
- (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From
...
Debian patch via bernd AT openbsd.org
2008-02-29 22:53:40 +11:00
ccb13eedd7
- (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H.
2008-02-29 15:07:01 +11:00
7ec8733247
- (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
...
configure (and there's not much point, as openssh won't work without it)
so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
built in. Remove HAVE_SELECT so we can build on platforms without poll.
2008-02-29 13:57:47 +11:00
1f1e17bd61
- (dtucker) [sshd.c] Bug #1042 : make log messages for tcpwrappers use the
...
same SyslogFacility as the rest of sshd. Patch from William Knox,
ok djm@.
2008-02-28 23:20:48 +11:00
0f26b1386a
- (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081 : Implement
...
getgrouplist via getgrset on AIX, rather than iterating over getgrent.
This allows, eg, Match and AllowGroups directives to work with NIS and
LDAP groups.
2008-02-28 23:16:04 +11:00
3d295a6cf0
- (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
...
compat glue into openssl-compat.h.
2008-02-28 19:22:04 +11:00
bfaaf960a0
- (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
...
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
header to after OpenSSL headers, since some versions of OpenSSL have
SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
e1c4c54211
- (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes
...
linking problems on AIX with gcc 4.1.x.
2008-02-28 15:01:13 +11:00
935e20a3f0
- (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437 : reshuffle
...
headers so ./configure --with-ssl-engine actually works. Patch from
Ian Lister.
2008-02-25 21:13:47 +11:00
acada07b52
- (dtucker) [configure.ac audit-bsm.c] Bug #1420 : Add a local implementation
...
of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD). Help and testing from csjp at FreeBSD org, vgiffin at apple com. ok djm@
2008-02-25 21:05:04 +11:00
2c2ac033c1
- (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
...
since it now conflicts with the helper function in misc.c. From
vinschen AT redhat.com.
2008-02-25 20:21:20 +11:00
2e9b8db4ea
20080224
...
- (tim) [contrib/cygwin/ssh-host-config]
Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
Check more thoroughly that it's possible to create the /var/empty directory.
Patch by vinschen AT redhat.com
2008-02-25 20:18:31 +11:00
54e3773ccb
- djm@cvs.openbsd.org 2008/02/10 10:54:29
...
[servconf.c session.c]
delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
home, rather than the user who starts sshd (probably root)
2008-02-10 22:48:55 +11:00
cdb6e65175
- djm@cvs.openbsd.org 2008/02/10 09:55:37
...
[sshd_config.5]
mantion that "internal-sftp" is useful with ForceCommand too
2008-02-10 22:47:24 +11:00
520e61552a
- mcbride@cvs.openbsd.org 2008/02/09 12:15:43
...
[ssh.1 sshd.8]
Document the correct permissions for the ~/.ssh/ directory.
ok jmc
2008-02-10 22:46:22 +11:00
dfc24258a7
- markus@cvs.openbsd.org 2008/02/04 21:53:00
...
[session.c sftp-server.c sftp.h]
link sftp-server into sshd; feedback and ok djm@
2008-02-10 22:29:40 +11:00
b508faa006
- jmc@cvs.openbsd.org 2008/01/31 20:06:50
...
[scp.1]
explain how to handle local file names containing colons;
requested by Tamas TEVESZ
ok dtucker
2008-02-10 22:28:45 +11:00
5ed3d575f9
- dtucker@cvs.openbsd.org 2008/01/23 01:56:54
...
[clientloop.c packet.c serverloop.c]
Revert the change for bz #1307 as it causes connection aborts if an IGNORE
packet arrives while we're waiting in packet_read_expect (and possibly
elsewhere).
2008-02-10 22:27:47 +11:00
acdf25b31f
- djm@cvs.openbsd.org 2008/01/21 19:20:17
...
[sftp-client.c]
when a remote write error occurs during an upload, ensure that ACKs for
all issued requests are properly drained. patch from t8m AT centrum.cz
2008-02-10 22:27:24 +11:00
3397d0e0c5
- djm@cvs.openbsd.org 2008/01/21 17:24:30
...
[sftp-server.c]
Remove the fixed 100 handle limit in sftp-server and allocate as many
as we have available file descriptors. Patch from miklos AT szeredi.hu;
ok dtucker@ markus@
2008-02-10 22:26:51 +11:00
aec5cf8a30
- djm@cvs.openbsd.org 2008/01/20 00:38:30
...
[sftp.c]
When uploading, correctly handle the case of an unquoted filename with
glob metacharacters that match a file exactly but not as a glob, e.g. a
file called "[abcd]". report and test cases from duncan2nd AT gmx.de
2008-02-10 22:26:24 +11:00
3dff176ed9
- djm@cvs.openbsd.org 2008/01/19 23:09:49
...
[readconf.c readconf.h sshconnect2.c]
promote rekeylimit to a int64 so it can hold the maximum useful limit
of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
2008-02-10 22:25:52 +11:00
3de49f8951
- djm@cvs.openbsd.org 2008/01/19 23:02:40
...
[channels.c]
When we added support for specified bind addresses for port forwards, we
added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
this for -L port forwards that causes the client to listen on both v4
and v6 addresses when connected to a server with this quirk, despite
having set 0.0.0.0 as a bind_address.
report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
2008-02-10 22:25:24 +11:00
cb2fbb2407
- djm@cvs.openbsd.org 2008/01/19 22:37:19
...
[ssh-keygen.c]
unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 22:24:55 +11:00
a8796f3fcc
- djm@cvs.openbsd.org 2008/01/19 22:22:58
...
[ssh-keygen.c]
when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
hash just the specified hostname and not the entire hostspec from the
keyfile. It may be of the form "hostname,ipaddr", which would lead to
a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 22:24:30 +11:00
6b0c818568
- djm@cvs.openbsd.org 2008/01/19 22:04:57
...
[sftp-client.c]
fix remote handle leak in do_download() local file open error path;
report and fix from sworley AT chkno.net
2008-02-10 22:23:41 +11:00
d39a3cffc9
- djm@cvs.openbsd.org 2008/01/19 20:51:26
...
[ssh.c]
ignore SIGPIPE in multiplex client mode - we can receive this if the
server runs out of fds on us midway. Report and patch from
gregory_shively AT fanniemae.com
2008-02-10 22:23:18 +11:00
b82f5dd17d
- djm@cvs.openbsd.org 2008/01/19 20:48:53
...
[clientloop.c]
fd leak on session multiplexing error path. Report and patch from
gregory_shively AT fanniemae.com
2008-02-10 22:22:53 +11:00
eb602474fc
- djm@cvs.openbsd.org 2008/01/19 19:13:28
...
[ssh.1]
satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
some commandline parsing warnings go unconditionally to stdout).
2008-02-10 22:21:28 +11:00
cfe23d34e4
- chl@cvs.openbsd.org 2008/01/11 07:22:28
...
[sftp-client.c sftp-client.h]
disable unused functions
initially from tobias@, but disabled them by placing them in
"#ifdef notyet" which was asked by djm@
ok djm@ tobias@
2008-02-10 22:20:44 +11:00
49d2a2826a
- (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from
...
tsr2600 AT gmail.com
2008-01-20 08:56:00 +11:00
e27220eb5b
- (djm) Silence noice from expr in ssh-copy-id; patch from
...
mikel AT mikelward.com
2008-01-20 05:52:04 +11:00
d4827ab50c
- (dtucker) [configure.ac] Fix message for -fstack-protector-all test.
2008-01-02 18:08:45 +11:00
40da29a04c
- dtucker@cvs.openbsd.org 2008/01/01 08:51:20
...
[moduli]
Updated moduli file; ok djm@
2008-01-02 00:09:16 +11:00
15f94271be
- dtucker@cvs.openbsd.org 2008/01/01 09:27:33
...
[sshd_config.5 servconf.c]
Allow PermitRootLogin in a Match block. Allows for, eg, permitting root
only from the local network. ok markus@, man page bit ok jmc@
2008-01-01 20:36:56 +11:00
4629f93b12
Add missing ChangeLog entries
2008-01-01 20:36:25 +11:00
5891116cb3
- dtucker@cvs.openbsd.org 2007/12/31 15:27:04
...
[sshd.c]
When in inetd mode, have sshd generate a Protocol 1 ephemeral server
key only for connections where the client chooses Protocol 1 as opposed
to when it's enabled in the server's config. Speeds up Protocol 2
connections to inetd-mode servers that also allow Protocol 1. bz #440 ,
based on a patch from bruno at wolff.to, ok markus@
2008-01-01 20:33:09 +11:00
1e44c5ded3
- (dtucker) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2007/12/31 10:41:31
[readconf.c servconf.c]
Prevent strict-aliasing warnings on newer gcc versions. bz #1355 , patch
from Dmitry V. Levin, ok djm@
2008-01-01 20:32:26 +11:00
528d6fa10a
- (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407 : force use of
...
builtin glob implementation on Mac OS X. Based on a patch from
vgiffin at apple.
2007-12-31 21:29:26 +11:00
5baa170d77
- dtucker@cvs.openbsd.org 2007/12/28 22:34:47
...
[clientloop.c]
Use the correct packet maximum sizes for remote port and agent forwarding.
Prevents the server from killing the connection if too much data is queued
and an excessively large packet gets sent. bz #1360 , ok djm@.
2007-12-29 09:37:10 +11:00
d6725f04e2
- dtucker@cvs.openbsd.org 2007/12/28 15:32:24
...
[clientloop.c serverloop.c packet.c]
Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
ServerAlive and ClientAlive timers. Prevents dropping a connection
when these are enabled but the peer does not support our keepalives.
bz #1307 , ok djm@.
2007-12-29 02:45:07 +11:00
4abde771b7
- dtucker@cvs.openbsd.org 2007/12/27 14:22:08
...
[servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
sshd.c]
Add a small helper function to consistently handle the EAI_SYSTEM error
code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417 .
ok markus@ stevesk@
2007-12-29 02:43:51 +11:00
88b976f214
- djm@cvs.openbsd.org 2007/12/12 05:04:03
...
[sftp.c]
unbreak lls command and add a regress test that would have caught the
breakage; spotted by mouring@
2007-12-29 02:40:43 +11:00
06321f5d1d
- deraadt@cvs.openbsd.org 2007/11/03 02:03:49
...
[ssh.c]
avoid errno trashing in signal handler; ok dtucker
2007-12-02 23:22:52 +11:00
e143f062ba
- dtucker@cvs.openbsd.org 2007/11/03 02:00:32
...
[ssh.c]
Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@
2007-12-02 23:21:16 +11:00
b4fbbc6850
- deraadt@cvs.openbsd.org 2007/11/03 01:24:06
...
[ssh.c]
bz #1377 : getpwuid results were being clobbered by another getpw* call
inside tilde_expand_filename(); save the data we need carefully
ok djm
2007-12-02 23:16:32 +11:00
23ae8ca948
- djm@cvs.openbsd.org 2007/11/03 00:36:14
...
[clientloop.c]
fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
ok dtucker@
2007-12-02 23:12:30 +11:00
63b31cb943
- jmc@cvs.openbsd.org 2007/10/29 07:48:19
...
[ssh_config.5]
clean up after previous macro removal;
2007-12-02 23:09:30 +11:00
b776c856aa
- dtucker@cvs.openbsd.org 2007/10/29 06:54:50
...
[ssh.c]
Make LocalCommand work for Protocol 1 too; ok djm@
2007-12-02 23:06:35 +11:00
a93cadd3d4
- dtucker@cvs.openbsd.org 2007/10/29 06:51:59
...
[ssh_config.5]
ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@
2007-12-02 23:05:09 +11:00
2f8b3d9855
- dtucker@cvs.openbsd.org 2007/10/29 04:08:08
...
[monitor_wrap.c monitor.c]
Send config block back to slave for invalid users too so options
set by a Match block (eg Banner) behave the same for non-existent
users. Found by and ok djm@
2007-12-02 23:02:15 +11:00
32e42c74a5
- dtucker@cvs.openbsd.org 2007/10/29 01:55:04
...
[ssh.c]
Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
ok djm@
2007-12-02 23:01:03 +11:00
541dab2db4
- dtucker@cvs.openbsd.org 2007/10/29 00:52:45
...
[auth2-gss.c]
Allow build without -DGSSAPI; ok deraadt@
(Id sync only, Portable already has the ifdefs)
2007-12-02 22:59:45 +11:00
e566230cb0
- (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
...
leftover debug code.
2007-12-02 22:48:40 +11:00
319b3d9b00
- (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
...
gcc supports it. ok djm@
2007-12-02 21:02:22 +11:00
e6d1527949
- djm@cvs.openbsd.org 2007/10/29 23:49:41
...
[openbsd-compat/sys-tree.h]
remove extra backslash at the end of RB_PROTOTYPE, report from
Jan.Pechanec AT Sun.COM; ok deraadt@
2007-10-30 10:52:44 +11:00
0ff80a1b17
- millert@cvs.openbsd.org 2004/10/07 16:56:11
...
GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE
block.
(NB. mostly an RCS ID sync, as portable strips out the conditionals)
2007-10-26 16:48:13 +10:00
a95c0c224b
- otto@cvs.openbsd.org 2007/04/30 18:42:34
...
[openbsd-compat/sys-queue.h]
Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels.
Input and okays from krw@, millert@, otto@, deraadt@, miod@.
2007-10-26 16:46:31 +10:00
03c618afa3
- otto@cvs.openbsd.org 2005/11/25 08:06:25
...
[openbsd-compat/sys-queue.h]
Introduce debugging aid for queue macros. Disabled by default; but
developers are encouraged to run with this enabled.
ok krw@ fgsch@ deraadt@
2007-10-26 16:45:32 +10:00
300f95fccb
- otto@cvs.openbsd.org 2005/10/25 06:37:47
...
[openbsd-compat/sys-queue.h]
Some uvm problem is being exposed with the more strict macros.
Revert until we've found out what's causing the panics.
2007-10-26 16:44:27 +10:00
0b6a21d468
- otto@cvs.openbsd.org 2005/10/24 20:25:14
...
[openbsd-compat/sys-queue.h]
Partly backout. NOLIST, used in LISTs is probably interfering.
requested by deraadt@
2007-10-26 16:43:22 +10:00
9aeef6b50d
- otto@cvs.openbsd.org 2005/10/17 20:19:42
...
[openbsd-compat/sys-queue.h]
Performing certain operations on queue.h data structurs produced
funny results. An example is calling LIST_REMOVE on the same
element twice. This will not fail, but result in a data structure
referencing who knows what. Prevent these accidents by NULLing some
fields on remove and replace. This way, either a panic or segfault
will be produced on the faulty operation.
2007-10-26 16:42:18 +10:00
d129ecb0f9
- deraadt@cvs.openbsd.org 2005/02/25 13:29:30
...
[openbsd-compat/sys-queue.h]
minor white spacing
2007-10-26 16:41:14 +10:00
b99f5f714b
- grange@cvs.openbsd.org 2004/05/04 16:59:32
...
[openbsd-compat/sys-queue.h]
Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
ok millert krw deraadt
2007-10-26 16:40:20 +10:00
0afeae426c
- tdeval@cvs.openbsd.org 2004/11/24 18:10:42
...
[openbsd-compat/sys-tree.h]
typo
2007-10-26 16:39:05 +10:00
88aa4e3d61
- frantzen@@cvs.openbsd.org 2004/04/24 18:11:46
...
[openbsd-compat/tree.h]
sync to Niels Provos' version. avoid unused variable warning in
RB_NEXT()
2007-10-26 16:37:43 +10:00
2f715eeb5c
- jakob@cvs.openbsd.org 2007/10/11 18:36:41
...
[openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h]
use RRSIG instead of SIG for DNSSEC. ok djm@
2007-10-26 16:26:46 +10:00
1651f6c40e
- otto@cvs.openbsd.org 2006/10/21 09:55:03
...
[openbsd-compat/base64.c]
remove calls to abort(3) that can't happen anyway; from
<bret dot lambert at gmail.com>; ok millert@ deraadt@
2007-10-26 16:17:24 +10:00
a97529fa2e
- (djm) [openbsd-compat/bindresvport.c]
...
Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling
2007-10-26 16:16:09 +10:00
9ed5643491
- jakob@cvs.openbsd.org 2007/10/11 18:36:41
...
[openbsd-compat/getrrsetbyname.c]
use RRSIG instead of SIG for DNSSEC. ok djm@
2007-10-26 16:14:46 +10:00
9c51c8d81a
- deraadt@cvs.openbsd.org 2005/11/28 17:50:12
...
[openbsd-compat/glob.c]
unused arg in internal static API
2007-10-26 16:13:39 +10:00
89437edafd
- (djm) [regress/sftp-cmds.sh]
...
Use more restrictive glob to pick up test files from /bin - some platforms
ship broken symlinks there which could spoil the test.
2007-10-26 15:37:50 +10:00
da1e4bd3bf
- djm@cvs.openbsd.org 2007/10/26 05:30:01
...
[regress/sftp-glob.sh regress/test-exec.sh]
remove "echo -E" crap that I added in last commit and use printf(1) for
cases where we strictly require echo not to reprocess escape characters.
2007-10-26 15:35:54 +10:00
ce0e60ee57
- djm@cvs.openbsd.org 2007/10/24 03:32:35
...
[regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh]
comprehensive tests for sftp escaping its interaction with globbing;
ok dtucker@
2007-10-26 14:54:12 +10:00
47d7dc8530
- pvalchev@cvs.openbsd.org 2007/06/07 19:41:46
...
[regress/cipher-speed.sh regress/try-ciphers.sh]
test umac-64@openssh.com
ok djm@
2007-10-26 14:45:57 +10:00
80ba1300e2
- dtucker@cvs.openbsd.org 2006/12/13 08:36:36
...
[regress/cfgmatch.sh]
Additional test for multiple PermitOpen entries. ok djm@
2007-10-26 14:45:13 +10:00
99ad35352a
- markus@cvs.openbsd.org 2006/11/06 09:27:43
...
[regress/cfgmatch.sh]
fix quoting for non-(c)sh login shells.
2007-10-26 14:44:34 +10:00
fa66aa739f
- djm@cvs.openbsd.org 2006/08/29 09:44:00
...
[regress/sftp-cmds.sh]
clean up our mess
2007-10-26 14:43:50 +10:00
77d57b06a4
- djm@cvs.openbsd.org 2007/10/24 03:44:02
...
[scp.c]
factor out network read/write into an atomicio()-like function, and
use it to handle short reads, apply bandwidth limits and update
counters. make network IO non-blocking, so a small trickle of
reads/writes has a chance of updating the progress meter; bz #799
ok dtucker@
2007-10-26 14:28:01 +10:00
1cbc292bc0
- djm@cvs.openbsd.org 2007/10/24 03:30:02
...
[sftp.c]
rework argument splitting and parsing to cope correctly with common
shell escapes and make handling of escaped characters consistent
with sh(1) and between sftp commands (especially between ones that
glob their arguments and ones that don't).
parse command flags using getopt(3) rather than hand-rolled parsers.
ok dtucker@
2007-10-26 14:27:45 +10:00
5a4456c6a5
- markus@cvs.openbsd.org 2007/10/22 19:10:24
...
[readconf.c]
make sure that both the local and remote port are correct when
parsing -L; Jan Pechanec (bz #1378 )
2007-10-26 14:27:22 +10:00
3dddab3b95
- chl@cvs.openbsd.org 2007/10/02 17:49:58
...
[ssh-keygen.c]
handles zero-sized strings that fgets can return
properly removes trailing newline
removes an unused variable
correctly counts line number
"looks ok" ray@ markus@
2007-10-26 14:27:02 +10:00
0f4ed693d6
- chl@cvs.openbsd.org 2007/10/02 17:49:58
...
[ssh-keygen.c]
handles zero-sized strings that fgets can return
2007-10-26 14:26:32 +10:00
b8c9807628
- dtucker@cvs.openbsd.org 2007/09/29 00:25:51
...
[auth2.c]
Remove unused prototype. ok djm@
2007-10-26 14:26:15 +10:00
603077ab4c
- ray@cvs.openbsd.org 2007/09/27 00:15:57
...
[dh.c]
Don't return -1 on error in dh_pub_is_valid(), since it evaluates
to true.
Also fix a typo.
Initial diff from Matthew Dempsky, input from djm.
OK djm, markus.
2007-10-26 14:25:55 +10:00
4c7728c651
- canacar@cvs.openbsd.org 2007/09/25 23:48:57
...
[ssh-agent.c]
When adding a key that already exists, update the properties
(time, confirm, comment) instead of discarding them. ok djm@ markus@
2007-10-26 14:25:31 +10:00
733124b5dd
- djm@cvs.openbsd.org 2007/09/21 08:15:29
...
[auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
[monitor.c monitor_wrap.c]
unifdef -DBSD_AUTH
unifdef -USKEY
These options have been in use for some years;
ok markus@ "no objection" millert@
(NB. RCD ID sync only for portable)
2007-10-26 14:25:12 +10:00
cfb606cd5f
- djm@cvs.openbsd.org 2007/09/21 03:05:23
...
[ssh_config.5]
document KbdInteractiveAuthentication in ssh_config.5;
patch from dkg AT fifthhorseman.net
2007-10-26 14:24:48 +10:00
32a9dba66d
- stevesk@cvs.openbsd.org 2007/09/11 23:49:09
...
[sshpty.c]
remove #if defined block not needed; ok markus@ dtucker@
(NB. RCD ID sync only for portable)
2007-10-26 14:24:30 +10:00
bc1bd9dbe3
- (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6
...
so disable it for that platform. From bacon at cs nyu edu.
2007-09-27 07:03:20 +10:00
7c92a65a1d
- (dtucker) [configure.ac atomicio.c] Fall back to <sys/poll.h> if we don't
...
have <poll.h> (eq QNX). From bacon at cs nyu edu.
2007-09-27 07:00:09 +10:00
ed626b42cc
- (djm) [atomicio.c] Fix spin avoidance for platforms that define
...
EWOULDBLOCK; patch from ben AT psc.edu
2007-09-21 13:12:49 +10:00
6ebefac25a
- (tim) [defines.h] Fix regression in long password support on OpenServer 6.
...
Problem report and additional testing rac AT tenzing.org.
2007-09-17 08:32:32 -07:00
8b3fdfb6af
- djm@cvs.openbsd.org 2007/09/16 00:55:52
...
[sftp-client.c]
use off_t instead of u_int64_t for file offsets, matching what the
progressmeter code expects; bz #842
2007-09-17 16:12:03 +10:00
35e18dba89
- djm@cvs.openbsd.org 2007/09/13 04:39:04
...
[sftp-server.c]
fix incorrect test when setting syslog facility; from Jan Pechanec
2007-09-17 16:11:33 +10:00
83e04f2023
- stevesk@cvs.openbsd.org 2007/09/12 19:39:19
...
[umac.c]
use xmalloc() and xfree(); ok markus@ pvalchev@
2007-09-17 16:11:01 +10:00
1235cd387e
- stevesk@cvs.openbsd.org 2007/09/11 23:49:09
...
[sshpty.c]
remove #if defined block not needed; ok markus@ dtucker@
NB. RCS ID sync only
2007-09-17 16:10:21 +10:00
14b017d6f2
- gilles@cvs.openbsd.org 2007/09/11 15:47:17
...
[session.c ssh-keygen.c sshlogin.c]
use strcspn to properly overwrite '\n' in fgets returned buffer
ok pyr@, ray@, millert@, moritz@, chl@
2007-09-17 16:09:15 +10:00
9c89c837cc
- stevesk@cvs.openbsd.org 2007/09/11 04:36:29
...
[sshpty.c]
sort #include
NB. RCS ID sync only
2007-09-17 16:07:32 +10:00
5cbe7ca18d
- sobrado@cvs.openbsd.org 2007/09/09 11:38:01
...
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
sort synopsis and options in ssh-agent(1); usage is lowercase
ok jmc@
2007-09-17 16:05:50 +10:00
67bd062b27
- djm@cvs.openbsd.org 2007/09/04 11:15:56
...
[ssh.c sshconnect.c sshconnect.h]
make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
SSH banner exchange (previously it just covered the TCP connection).
This allows callers of ssh(1) to better detect and deal with stuck servers
that accept a TCP connection but don't progress the protocol, and also
makes ConnectTimeout useful for connections via a ProxyCommand;
feedback and "looks ok" markus@
2007-09-17 12:06:57 +10:00
54fd7cf2db
- djm@cvs.openbsd.org 2007/09/04 03:21:03
...
[clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
[monitor_wrap.c ssh.c]
make file descriptor passing code return an error rather than call fatal()
when it encounters problems, and use this to make session multiplexing
masters survive slaves failing to pass all stdio FDs; ok markus@
2007-09-17 12:04:08 +10:00
1d824ab2e7
- djm@cvs.openbsd.org 2007/08/23 03:23:26
...
[sshconnect.c]
Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
2007-09-17 11:58:04 +10:00
4890e53977
- djm@cvs.openbsd.org 2007/08/23 03:22:16
...
[auth2-none.c sshd_config sshd_config.5]
Support "Banner=none" to disable displaying of the pre-login banner;
ok dtucker@ deraadt@
2007-09-17 11:57:38 +10:00
6f40204c44
- djm@cvs.openbsd.org 2007/08/23 03:06:10
...
[auth.h]
login_cap.h doesn't belong here
NB. RCS ID sync only for portable
2007-09-17 11:55:25 +10:00
6ef50134c2
- djm@cvs.openbsd.org 2007/08/23 02:55:51
...
[auth-passwd.c auth.c session.c]
missed include bits from last commit
NB. RCS ID sync only for portable
2007-09-17 11:54:24 +10:00
6572db28fd
- djm@cvs.openbsd.org 2007/08/23 02:49:43
...
[auth-passwd.c auth.c session.c]
unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@
NB. RCS ID sync only for portable
2007-09-17 11:52:59 +10:00
84287b831e
- (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.
...
Patch from Jan.Pechanec at sun com.
2007-09-14 10:04:15 +10:00
0eeaf127b5
- (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we
...
did a AC_CHECK_FUNCS within the AC_CHECK_LIB test.
2007-09-10 16:24:17 -07:00
e296d58dcf
- (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358 : Always
...
return 0 on successful test. From David.Leonard at quest com.
2007-09-10 13:20:14 +10:00
ac4ee1eb0f
don't say it twice
2007-09-04 16:49:39 +10:00
6c3d7035a1
credit Jan Pechanec
2007-09-04 14:26:32 +10:00
ef15482d87
Mention Jan Pechanec
2007-09-04 14:05:24 +10:00
fb206ded16
- (dtucker) [INSTALL] Link to tcpwrappers.
2007-08-17 22:52:05 +10:00
8ea84561c4
- (dtucker) [INSTALL] Give PAM its own heading.
2007-08-17 22:12:14 +10:00
ea43c49650
- (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.
2007-08-17 22:10:10 +10:00
1a32953e48
- (dtucker) [INSTALL] Group the parts describing random options and PAM
...
implementations together which is hopefully more coherent.
2007-08-17 22:03:09 +10:00
1a9176bf22
- (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked
...
accounts and that's what the code looks for, so make man page and code
agree. Pointed out by Roumen Petrov.
2007-08-17 09:42:32 +10:00
9142e1c66d
- (dtucker) [session.c] Call PAM cleanup functions for unauthenticated
...
connections too. Based on a patch from Sandro Wefel, with & ok djm@
2007-08-16 23:28:04 +10:00
fc5d188b34
- stevesk@cvs.openbsd.org 2007/08/15 12:13:41
...
[ssh_config.5]
tun device forwarding now honours ExitOnForwardFailure; ok markus@
2007-08-15 22:20:22 +10:00
9d81fdc664
- (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec
...
contrib/suse/openssh.spec] Crank version.
2007-08-15 19:22:20 +10:00
794f97026e
- (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.
...
ok djm@
2007-08-15 19:17:43 +10:00
69fe0e1398
- markus@cvs.openbsd.org 2007/08/15 08:16:49
...
[version.h]
openssh 4.7
2007-08-15 19:14:52 +10:00
513d13accd
- markus@cvs.openbsd.org 2007/08/15 08:14:46
...
[clientloop.c]
do NOT fall back to the trused x11 cookie if generation of an untrusted
cookie fails; from security-alert at sun.com; ok dtucker
2007-08-15 19:13:41 +10:00
2d9636471b
- (dtucker) [session.c] Bug #1339 : ensure that pam_setcred() is always
...
called with PAM_ESTABLISH_CRED at least once, which resolves a problem
with pam_dhkeys. Patch from David Leonard, ok djm@
2007-08-13 23:11:56 +10:00
8acb3b665b
- (dtucker) [configure.ac] Bug #1343 : Set DISABLE_FD_PASSING for QNX6. From.
...
Matt Kraai, ok djm@.
2007-08-10 14:36:12 +10:00
57d4ca9681
- (dtucker) [auth-pam.c] Use sigdie here too. ok djm@
2007-08-10 14:32:34 +10:00
7015e9667a
Credit Bernhard Simon who also reported this.
2007-08-09 15:03:23 +10:00
a5b6f72a52
- (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren't
...
used anywhere and are a potential source of warnings.
2007-08-09 14:37:52 +10:00
6f6b27d515
- (dtucker) [README.platform] Document the interaction between PermitRootLogin
...
and the AIX native login restrictions.
2007-08-09 14:31:53 +10:00
863cfa0e6f
- (dtucker) [openbsd-compat/port-aix.c] Comment typo.
2007-08-09 14:29:47 +10:00
b3ce9fec30
- djm@cvs.openbsd.org 2007/08/07 07:32:53
...
[clientloop.c clientloop.h ssh.c]
bz#1232: ensure that any specified LocalCommand is executed after the
tunnel device is opened. Also, make failures to open a tunnel device
fatal when ExitOnForwardFailure is active.
Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 14:32:41 +10:00
647d97b1ab
- sobrado@cvs.openbsd.org 2007/08/06 19:16:06
...
[scp.1 scp.c]
the ellipsis is not an optional argument; while here, sync the usage
and synopsis of commands
lots of good ideas by jmc@
ok jmc@
2007-08-08 14:29:58 +10:00
932040285f
- ray@cvs.openbsd.org 2007/07/12 05:48:05
...
[key.c]
Delint: remove some unreachable statements, from Bret Lambert.
OK markus@ and dtucker@.
2007-08-08 14:28:26 +10:00
cd22d30f32
- (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|
2007-07-24 21:40:59 -07:00
ffe3a8ec7e
- (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)
...
files are installed.
2007-07-24 21:16:07 -07:00
bf0212d1b7
- (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.
...
Report/patch by David.Leonard AT quest.com
2007-07-24 20:54:09 -07:00
947fd59f7a
- (tim) [openssh.xml.in] make FMRI match what package scripts use.
2007-07-24 13:13:42 -07:00
0d7b93473c
- (djm) bz#1325: Fix SELinux in permissive mode where it would
...
incorrectly fatal() on errors. patch from cjwatson AT debian.org;
ok dtucker
2007-06-28 08:48:02 +10:00
febf0f5668
- (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.in
...
openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h]
Add an implementation of poll() built on top of select(2). Code from
OpenNTPD with changes suggested by djm. ok djm@
2007-06-25 22:15:12 +10:00
dc4a779fbb
- dtucker@cvs.openbsd.org 2007/06/25 12:02:27
...
[atomicio.c]
Include <poll.h> like the man page says rather than <sys/poll.h>. ok djm@
2007-06-25 22:08:10 +10:00
9e223240ac
- (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to match
...
atomicio.
2007-06-25 19:06:53 +10:00
ae09cb8a71
- dtucker@cvs.openbsd.org 2007/06/25 08:20:03
...
[channels.c]
Correct test for window updates every three packets; prevents sending
window updates for every single packet. ok markus@
2007-06-25 19:04:46 +10:00
ab17f7d67b
- djm@cvs.openbsd.org 2007/06/19 02:04:43
...
[atomicio.c]
if the fd passed to atomicio/atomiciov() is non blocking, then poll() to
avoid a spin if it is not yet ready for reading/writing; ok dtucker@
2007-06-25 19:04:12 +10:00
132367f76f
- djm@cvs.openbsd.org 2007/06/14 22:48:05
...
[ssh.c]
when waiting for the multiplex exit status, read until the master end
writes an entire int of data *and* closes the client_fd; fixes mux
regression spotted by dtucker, ok dtucker@
2007-06-25 18:59:17 +10:00
d989adadd3
- djm@cvs.openbsd.org 2007/06/14 21:43:25
...
[ssh.c]
handle EINTR when waiting for mux exit status properly
2007-06-25 18:34:43 +10:00
067263e848
- djm@cvs.openbsd.org 2007/06/13 00:21:27
...
[scp.c]
don't ftruncate() non-regular files; bz#1236 reported by wood AT
xmission.com; ok dtucker@
2007-06-25 18:32:33 +10:00
7dae3d296e
- (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
...
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
subsequent <0.9.7 test.
2007-06-14 23:47:31 +10:00
a2ed75582f
- (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL
...
sections. Fixes builds with early OpenSSL 0.9.6 versions.
2007-06-14 23:38:39 +10:00
cb52017ad9
- (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
...
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
shared with umac.c. Allows building with OpenSSL 0.9.5 again including
umac support. With tim@ djm@, ok djm.
2007-06-14 23:21:32 +10:00
bed63112f5
- dtucker@cvs.openbsd.org 2007/06/12 13:54:28
...
[scp.c]
Encode filename with strnvis if the name contains a newline (which can't
be represented in the scp protocol), from bz #891 . ok markus@
2007-06-13 00:02:07 +10:00
0409e15078
- jmc@cvs.openbsd.org 2007/06/12 13:43:55
...
[ssh.1]
add -K to SYNOPSIS;
2007-06-13 00:00:58 +10:00
930cb0b718
- jmc@cvs.openbsd.org 2007/06/12 13:41:03
...
[ssh-add.1]
identies -> identities;
2007-06-13 00:00:27 +10:00
b1e128f75a
- dtucker@cvs.openbsd.org 2007/06/12 11:56:15
...
[gss-genr.c]
Pass GSS OID to gss_display_status to provide better information in
error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
2007-06-12 23:44:36 +10:00
2604749651
- djm@cvs.openbsd.org 2007/06/12 11:45:27
...
[ssh.c]
improved exit message from multiplex slave sessions; bz #1262
reported by alexandre.nunes AT gmail.com; ok dtucker@
2007-06-12 23:44:10 +10:00
415bddc1bd
- djm@cvs.openbsd.org 2007/06/12 11:15:17
...
[ssh.c ssh.1]
Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
and is useful for hosts with /home on Kerberised NFS; bz #1312
patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
2007-06-12 23:43:16 +10:00
2cbec749d7
- djm@cvs.openbsd.org 2007/06/12 11:11:08
...
[ssh.c]
fix slave exit value when a control master goes away without passing the
full exit status by ensuring that the slave reads a full int. bz#1261
reported by frekko AT gmail.com; ok markus@ dtucker@
2007-06-12 23:41:33 +10:00
43ce902449
- djm@cvs.openbsd.org 2007/06/12 08:24:20
...
[scp.c]
make scp try to skip FIFOs rather than blocking when nothing is listening.
depends on the platform supporting sane O_NONBLOCK semantics for open
on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
bz #856 ; report by cjwatson AT debian.org; ok markus@
2007-06-12 23:41:06 +10:00
8f6d0ed60e
- djm@cvs.openbsd.org 2007/06/12 08:20:00
...
[ssh-gss.h gss-serv.c gss-genr.c]
relocate server-only GSSAPI code from libssh to server; bz #1225
patch from simon AT sxw.org.uk; ok markus@ dtucker@
2007-06-12 23:40:39 +10:00
29a5707acc
- djm@cvs.openbsd.org 2007/06/12 07:41:00
...
[ssh-add.1]
better document ssh-add's -d option (delete identies from agent), bz#1224
new text based on some provided by andrewmc-debian AT celt.dias.ie;
ok dtucker@
2007-06-12 23:39:52 +10:00
395ecc2bde
- markus@cvs.openbsd.org 2007/06/11 09:14:00
...
[channels.h]
increase default channel windows; ok djm
2007-06-12 23:38:53 +10:00
3191a8e8ba
- markus@cvs.openbsd.org 2007/06/11 08:04:44
...
[channels.c]
send 'window adjust' messages every tree packets and do not wait
until 50% of the window is consumed. ok djm dtucker
2007-06-11 18:33:15 +10:00
725286e223
- (dtucker) [includes.h] Bug #1243 : HAVE_PATHS -> HAVE_PATHS_H. Should
...
prevent warnings about redefinitions of various things in paths.h.
Spotted by cartmanltd at hotmail.com.
2007-06-11 14:44:02 +10:00
1534fa41e0
- (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
...
argument to nanosleep may be NULL. Currently this never happens in OpenSSH,
but check anyway in case this changes or the code gets used elsewhere.
2007-06-11 14:34:53 +10:00
34a176995f
- (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
...
fallback to provided bit-swizzing functions
2007-06-11 14:15:42 +10:00
22b7b49331
- jmc@cvs.openbsd.org 2007/06/08 07:48:09
...
[sshd_config.5]
oops, here too: put the MAC list into a display, like we do for
ciphers, since groff has trouble with wide lines;
2007-06-11 14:07:12 +10:00
5e7c30bdf1
- jmc@cvs.openbsd.org 2007/06/08 07:43:46
...
[ssh_config.5]
put the MAC list into a display, like we do for ciphers,
since groff has trouble handling wide lines;
2007-06-11 14:06:32 +10:00
4de545a6fb
- pvalchev@cvs.openbsd.org 2007/06/08 04:40:40
...
[ssh_config]
Add a "MACs" line after "Ciphers" with the default MAC algorithms,
to ease people who want to tweak both (eg. for performance reasons).
ok deraadt@ djm@ dtucker@
2007-06-11 14:04:42 +10:00
e45796f7b4
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
...
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com ). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
2007-06-11 14:01:42 +10:00
835284b74c
- (djm) Bugzilla #1306 : silence spurious error messages from hang-on-exit
...
fix; tested by dtucker@ and jochen.kirn AT gmail.com
2007-06-11 13:03:16 +10:00
0c0dc49bd1
- (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs.
2007-06-05 20:01:16 +10:00
88bca0641d
- (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so
...
mindrot's cvs doesn't expand it on us.
2007-06-05 19:30:47 +10:00
51e5ab06d3
- (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that
...
OpenBSD's cvs now adds.
2007-06-05 19:16:59 +10:00
5f3d5be52f
- djm@cvs.openbsd.org 2007/06/05 06:52:37
...
[kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
Preserve MAC ctx between packets, saving 2xhash calls per-packet.
Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm
committing at his request)
2007-06-05 18:30:18 +10:00
7b21cb5bdc
- djm@cvs.openbsd.org 2007/06/02 09:04:58
...
[bufbn.c]
memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca
2007-06-05 18:29:35 +10:00
a394f9913c
- djm@cvs.openbsd.org 2007/05/31 23:34:29
...
[packet.c]
gc unreachable code; spotted by Tavis Ormandy
2007-06-05 18:28:20 +10:00
aa4d5eda10
- jmc@cvs.openbsd.org 2007/05/31 19:20:16
...
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
convert to new .Dd format;
(We will need to teach mdoc2man.awk to understand this too.)
2007-06-05 18:27:13 +10:00
0d0d195969
- djm@cvs.openbsd.org 2007/05/30 05:58:13
...
[kex.c]
tidy: KNF, ARGSUSED and u_int
2007-06-05 18:23:28 +10:00
4a40ae28c3
- djm@cvs.openbsd.org 2007/05/22 10:18:52
...
[sshd.c]
zap double include; from p_nowaczyk AT o2.pl
(not required in -portable, Id sync only)
2007-06-05 18:22:32 +10:00
Damien Miller
Darren Tucker
Tim Rice