RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2025-01-01 07:12:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,070 Commits 69 Branches 157 Tags 27 MiB
07889c7592
Commit Graph

8070 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dtucker@openbsd.org
531a57a389 upstream commit 
Allow ListenAddress, Port and AddressFamily in any
 order.  bz#68, ok djm@, jmc@ (for the man page bit).
 2015-04-29 18:20:32 +10:00
jmc@openbsd.org
c1d5bcf1aa upstream commit 
enviroment -> environment: apologies to darren for not
 spotting that first time round...
 2015-04-29 18:20:14 +10:00
dtucker@openbsd.org
43beea053d upstream commit 
Fix typo in previous
 2015-04-29 18:20:13 +10:00
dtucker@openbsd.org
85b96ef413 upstream commit 
Document that the TERM environment variable is not
 subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
 jjelen at redhat, help and ok jmc@
 2015-04-29 18:20:13 +10:00
djm@openbsd.org
88a7c598a9 upstream commit 
Make sshd default to PermitRootLogin=no; ok deraadt@
 rpe@
 2015-04-29 18:20:12 +10:00
djm@openbsd.org
734226b448 upstream commit 
fix compilation with OPENSSL=no; ok dtucker@
 2015-04-29 18:19:05 +10:00
dtucker@openbsd.org
a4b9d2ce1e upstream commit 
Include stdio.h for FILE (used in sshkey.h) so it
 compiles with OPENSSL=no.
 2015-04-29 18:15:52 +10:00
djm@openbsd.org
dbcc652f4c upstream commit 
allow "sshd -f none" to skip reading the config file,
 much like "ssh -F none" does. ok dtucker
 2015-04-29 18:15:39 +10:00
jmc@openbsd.org
b7ca276fca upstream commit 
combine -Dd onto one line and update usage();
 2015-04-29 18:15:38 +10:00
djm@openbsd.org
2ea974630d upstream commit 
add ssh-agent -D to leave ssh-agent in foreground
 without enabling debug mode; bz#2381 ok dtucker@
 2015-04-29 18:15:38 +10:00
deraadt@openbsd.org
8ac2ffd7aa upstream commit 
2*len -> use xreallocarray() ok djm
 2015-04-29 18:15:24 +10:00
deraadt@openbsd.org
657a5fbc0d upstream commit 
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
 2015-04-29 18:15:23 +10:00
dtucker@openbsd.org
1108ae242f upstream commit 
Two small fixes for sshd -T: ListenAddress'es are added
 to a list head so reverse the order when printing them to ensure the
 behaviour remains the same, and print StreamLocalBindMask as octal with
 leading zero.  ok deraadt@
 2015-04-29 18:14:36 +10:00
dtucker@openbsd.org
bd902b8473 upstream commit 
Check for and reject missing arguments for
 VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com,
 ok djm@
 2015-04-29 18:14:23 +10:00
djm@openbsd.org
ca42c17585 upstream commit 
unknown certificate extensions are non-fatal, so don't
 fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok
 dtucker@
 2015-04-29 18:14:22 +10:00
jsg@openbsd.org
39bfbf7caa upstream commit 
Add back a backslash removed in rev 1.42 so
 KEX_SERVER_ENCRYPT will include aes again.

ok deraadt@
 2015-04-29 18:14:21 +10:00
djm@openbsd.org
6b0d576bb8 upstream commit 
s/recommended/required/ that private keys be og-r this
 wording change was made a while ago but got accidentally reverted
 2015-04-29 18:14:21 +10:00
djm@openbsd.org
44a8e7ce6f upstream commit 
don't try to cleanup NULL KEX proposals in
 kex_prop_free(); found by Jukka Taimisto and Markus Hietava
 2015-04-29 18:14:20 +10:00
djm@openbsd.org
3038a19187 upstream commit 
use error/logit/fatal instead of fprintf(stderr, ...)
 and exit(0), fix a few errors that were being printed to stdout instead of
 stderr and a few non-errors that were going to stderr instead of stdout
 bz#2325; ok dtucker
 2015-04-29 18:14:20 +10:00
djm@openbsd.org
a58be33cb6 upstream commit 
debug log missing DISPLAY environment when X11
 forwarding requested; bz#1682 ok dtucker@
 2015-04-29 18:13:35 +10:00
djm@openbsd.org
17d4d9d9fb upstream commit 
don't call record_login() in monitor when UseLogin is
 enabled; bz#278 reported by drk AT sgi.com; ok dtucker
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
40132ff87b upstream commit 
Add some missing options to sshd -T and fix the output
 of VersionAddendum HostCertificate.  bz#2346, patch from jjelen at redhat
 com, ok djm.
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
6cc7cfa936 upstream commit 
Document "none" for PidFile XAuthLocation
 TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
15fdfc9b1c upstream commit 
Plug leak of address passed to logging.  bz#2373, patch
 from jjelen at redhat, ok markus@
 2015-04-29 18:13:33 +10:00
dtucker@openbsd.org
bb2289e2a4 upstream commit 
Output remote username in debug output since with Host
 and Match it's not always obvious what it will be.  bz#2368, ok djm@
 2015-04-29 18:13:07 +10:00
Darren Tucker
70860b6d07 Format UsePAM setting when using sshd -T. 
Part of bz#2346, patch from jjelen at redhat com.
 2015-04-17 10:56:13 +10:00
Darren Tucker
ee15d9c9f0 Wrap endian.h include inside ifdef (bz#2370). 2015-04-17 10:40:23 +10:00
Darren Tucker
408f4c2ad4 Look for '${host}-ar' before 'ar'. 
This changes configure.ac to look for '${host}-ar' as set by
AC_CANONICAL_HOST before looking for the unprefixed 'ar'.
Useful when cross-compiling when all your binutils are prefixed.

Patch from moben at exherbo org via astrand at lysator liu se and
bz#2352.
 2015-04-17 09:39:58 +10:00
Damien Miller
673a1c16ad remove dependency on arpa/telnet.h 2015-04-16 11:40:35 +10:00
Darren Tucker
202d443eed Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits. 2015-04-15 15:59:49 +10:00
Damien Miller
5979864934 platform's with openpty don't need pty_release 2015-04-13 14:40:17 +10:00
djm@openbsd.org
318be28cda upstream commit 
deprecate ancient, pre-RFC4419 and undocumented
 SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems
 reasonable" dtucker@
 2015-04-13 14:37:20 +10:00
dtucker@openbsd.org
d8f391caef upstream commit 
Don't send hostkey advertisments
 (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
 handle them.  Newer versions should be OK.  Patch from Bryan Drewery and
 IWAMOTO Kouichi, ok djm@
 2015-04-13 14:37:19 +10:00
djm@openbsd.org
2c2cfe1a1c upstream commit 
include port number if a non-default one has been
 specified; based on patch from Michael Handler
 2015-04-13 14:37:18 +10:00
djm@openbsd.org
4492a4f222 upstream commit 
treat Protocol=1,2|2,1 as Protocol=2 when compiled
 without SSH1 support; ok dtucker@ millert@
 2015-04-13 14:37:17 +10:00
miod@openbsd.org
c265e2e6e9 upstream commit 
Do not use int for sig_atomic_t; spotted by
 christos@netbsd; ok markus@
 2015-04-13 14:37:17 +10:00
Darren Tucker
e7bf3a5eda Use do{}while(0) for no-op functions. 
From FreeBSD.
 2015-04-07 10:48:04 +10:00
Darren Tucker
bb99844aba Wrap blf.h include in ifdef. From FreeBSD. 2015-04-07 10:47:15 +10:00
Darren Tucker
d9b9b43656 Fix misspellings of regress CONFOPTS env variables. 
Patch from Bryan Drewery.
 2015-04-07 09:10:00 +10:00
djm@openbsd.org
3f4ea3c9ab upstream commit 
correct return value in pubkey parsing, spotted by Ben Hawkes
 ok markus@
 2015-04-04 09:18:26 +11:00
djm@openbsd.org
7da2be0cb9 upstream commit 
adapt to recent hostfile.c change: when parsing
 known_hosts without fully parsing the keys therein, hostkeys_foreach() will
 now correctly identify KEY_RSA1 keys; ok markus@ miod@
 2015-04-01 10:03:05 +11:00
markus@openbsd.org
9e1777a0d1 upstream commit 
use ${SSH} for -Q instead of installed ssh
 2015-04-01 10:02:56 +11:00
djm@openbsd.org
ce1b358ea4 upstream commit 
make CLEANFILES clean up more of the tests' droppings
 2015-04-01 10:02:01 +11:00
djm@openbsd.org
398f9ef192 upstream commit 
downgrade error() for known_hosts parse errors to debug()
 to quiet warnings from ssh1 keys present when compiled !ssh1.

also identify ssh1 keys when scanning, even when compiled !ssh1

ok markus@ miod@
 2015-04-01 10:00:46 +11:00
djm@openbsd.org
9a47ab8003 upstream commit 
fd leak for !ssh1 case; found by unittests; ok markus@
 2015-04-01 10:00:46 +11:00
djm@openbsd.org
c9a0805a62 upstream commit 
don't fatal when a !ssh1 sshd is reexeced from a w/ssh1
 listener; reported by miod@; ok miod@ markus@
 2015-04-01 10:00:45 +11:00
tobias@openbsd.org
704d8c8898 upstream commit 
Comments are only supported for RSA1 keys. If a user
 tried to add one and entered his passphrase, explicitly clear it before exit.
 This is done in all other error paths, too.

ok djm
 2015-04-01 10:00:27 +11:00
jmc@openbsd.org
78de1673c0 upstream commit 
ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
 diff originally from jiri b;
 2015-04-01 10:00:27 +11:00
djm@openbsd.org
26e0bcf766 upstream commit 
fix uninitialised memory read when parsing a config file
 consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok
 dtucker
 2015-03-30 11:01:08 +11:00
markus@openbsd.org
fecede00a7 upstream commit 
sigp and lenp are not optional in ssh_agent_sign(); ok
 djm@
 2015-03-27 12:02:38 +11:00