Darren Tucker
627337d95b
- (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
...
back so we disable the IPv6 tests if we don't have it.
2010-04-10 22:58:01 +10:00
Darren Tucker
261d93a5cf
- (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732 : enable
...
utmpx support on FreeBSD where possible. Patch from Ed Schouten, ok djm@
2010-04-09 18:13:27 +10:00
Darren Tucker
c4ccb12ee4
- (dtucker) [configure.ac] Bug #1744 : use pkg-config for libedit flags if we
...
have it and the path is not provided to --with-libedit. Based on a patch
from Iain Morgan.
2010-04-09 14:04:35 +10:00
Darren Tucker
537d4dcfa0
- (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
...
ones. Based on a patch from Roumen Petrov.
2010-04-09 13:35:23 +10:00
Darren Tucker
ce3754bbf3
- dtucker@cvs.openbsd.org 2010/03/26 01:06:13
...
[ssh_config.5]
Reformat default value of PreferredAuthentications entry (current
formatting implies ", " is acceptable as a separator, which it's not.
ok djm@
2010-03-26 12:09:13 +11:00
Damien Miller
9c60f24f01
- djm@cvs.openbsd.org 2010/03/26 00:26:58
...
[ssh.1]
mention that -S none disables connection sharing; from Colin Watson
2010-03-26 11:28:35 +11:00
Damien Miller
df08341060
- (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys;
...
bz#1723 patch from Adeodato Simó via Colin Watson; ok dtucker@
2010-03-26 11:18:27 +11:00
Darren Tucker
ffd1eaadb0
- (dtucker) Bug #1725 : explicitly link libX11 into gnome-ssh-askpass2 using
...
pkg-config, patch from Colin Watson. Needed for newer linkers (ie gold).
2010-03-26 11:16:39 +11:00
Damien Miller
6480c63b75
- (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721
...
ok dtucker@
2010-03-26 11:09:44 +11:00
Damien Miller
8b90642fcf
- (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
...
set up SELinux execution context before chroot() call. From Russell
Coker via Colin watson; bz#1726 ok dtucker@
2010-03-26 11:04:09 +11:00
Damien Miller
44451d0af8
- djm@cvs.openbsd.org 2010/03/25 23:38:28
...
[servconf.c]
from portable: getcwd(NULL, 0) doesn't work on all platforms, so
use a stack buffer; ok dtucker@
2010-03-26 10:40:04 +11:00
Darren Tucker
a83d90fbab
- (dtucker) [configure.ac] Bug #1741 : Add section for Haiku, patch originally
...
by Ingo Weinhold via Scott McCreary, ok djm@
2010-03-26 10:27:33 +11:00
Damien Miller
7d09b8f8d9
- (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
...
for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
2010-03-26 08:52:02 +11:00
Darren Tucker
62131dc6e2
- (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
...
containing the services file explicitely case-insensitive. This allows to
tweak the Windows services file reliably. Patch from vinschen at redhat.
2010-03-24 13:03:32 +11:00
Damien Miller
b086d4ac70
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
[contrib/suse/openssh.spec] Crank version numbers
2010-03-22 06:11:55 +11:00
Damien Miller
13a9f7247a
- djm@cvs.openbsd.org 2010/03/16 16:36:49
...
[version.h]
crank version to openssh-5.5 since we have a few fixes since 5.4;
requested deraadt@ kettenis@
2010-03-22 05:59:22 +11:00
Damien Miller
33334b27bc
- stevesk@cvs.openbsd.org 2010/03/16 15:46:52
...
[auth-options.c]
spelling in error message. ok djm kettenis
2010-03-22 05:59:02 +11:00
Damien Miller
1cfbfaf4a0
- stevesk@cvs.openbsd.org 2010/03/15 19:40:02
...
[key.c key.h ssh-keygen.c]
also print certificate type (user or host) for ssh-keygen -L
ok djm kettenis
2010-03-22 05:58:24 +11:00
Damien Miller
5a5d94b12f
- jmc@cvs.openbsd.org 2010/03/13 23:38:13
...
[ssh-keygen.1]
fix a formatting error (args need quoted); noted by stevesk
2010-03-22 05:57:49 +11:00
Damien Miller
1b61a2825e
- djm@cvs.openbsd.org 2010/03/13 21:45:46
...
[ssh-keygen.1]
Certificates are named *-cert.pub, not *_cert.pub; committing a diff
from stevesk@ ok me
2010-03-22 05:55:06 +11:00
Damien Miller
8ddc71c13d
- djm@cvs.openbsd.org 2010/03/13 21:10:38
...
[clientloop.c]
protocol conformance fix: send language tag when disconnecting normally;
spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
2010-03-22 05:54:02 +11:00
Damien Miller
4a5f0d325b
- markus@cvs.openbsd.org 2010/03/12 11:37:40
...
[servconf.c]
do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
free() (not xfree()) the buffer returned by getcwd()
2010-03-22 05:53:04 +11:00
Damien Miller
c4cb47bc53
- djm@cvs.openbsd.org 2010/03/12 01:06:25
...
[servconf.c]
unbreak AuthorizedKeys option with a $HOME-relative path; reported by
vinschen AT redhat.com, ok dtucker@
2010-03-22 05:52:26 +11:00
Damien Miller
e513a91195
- djm@cvs.openbsd.org 2010/03/10 23:27:17
...
[auth2-pubkey.c]
correct certificate logging and make it more consistent between
authorized_keys and TrustedCAKeys; ok markus@
2010-03-22 05:51:21 +11:00
Damien Miller
77497e1318
- jmc@cvs.openbsd.org 2010/03/10 07:40:35
...
[ssh-keygen.1]
typos; from Ross Richardson
closes prs 6334 and 6335
2010-03-22 05:50:51 +11:00
Damien Miller
c59e2443d3
- jmc@cvs.openbsd.org 2010/03/08 09:41:27
...
[ssh-keygen.1]
sort the list of constraints (to -O); ok djm
2010-03-22 05:50:31 +11:00
Damien Miller
1f574b2546
- (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
...
ssh-pkcs11-helper to repair static builds (we do the same for
ssh-keyscan). Reported by felix-mindrot AT fefe.de
2010-03-14 08:41:34 +11:00
Damien Miller
47f9a4106a
- (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
...
compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
AT fefe.de
2010-03-14 08:37:49 +11:00
Tim Rice
4e0cea82dd
- (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install
...
on a Cygwin installation. Patch from Corinna Vinschen.
2010-03-11 22:35:19 -08:00
Tim Rice
ded8fa0bc9
- (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
...
Patch from Corinna Vinschen.
2010-03-11 22:32:02 -08:00
Tim Rice
2bde3eec69
- (tim) [openssh/Makefile.in] Now that scard is gone, no need to
...
make $(datadir)
2010-03-11 22:18:13 -08:00
Tim Rice
fa233ba73b
- (tim) [contrib/suse/openssh.spec] crank version number here too.
...
report by imorgan AT nas.nasa.gov
2010-03-10 16:12:02 -08:00
Darren Tucker
c9fe39b1a4
- (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO
...
so setting it in CFLAGS correctly skips IPv6 tests.
2010-03-09 20:42:30 +11:00
Damien Miller
081c976e1c
- djm@cvs.openbsd.org 2010/03/08 00:28:55
...
[ssh-keygen.1]
document permit-agent-forwarding certificate constraint; patch from
stevesk@
2010-03-08 11:30:00 +11:00
Damien Miller
958678726c
- (djm) Release OpenSSH-5.4p1
2010-03-08 09:50:17 +11:00
Damien Miller
6bf31786cf
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
...
crank version numbers
2010-03-08 09:41:02 +11:00
Damien Miller
3e1ee491f3
- djm@cvs.openbsd.org 2010/03/07 22:16:01
...
[ssh-keygen.c]
make internal strptime string match strftime format;
suggested by vinschen AT redhat.com and markus@
2010-03-08 09:24:11 +11:00
Damien Miller
b3bc331e09
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2010/03/07 22:01:32
[version.h]
openssh-5.4
2010-03-08 09:03:33 +11:00
Darren Tucker
cd70e1b813
- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
...
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
2010-03-07 23:05:17 +11:00
Darren Tucker
ac0c4c9c1d
- (dtucker) [session.c] Also initialize creds to NULL for handing to
...
setpcred.
2010-03-07 13:32:16 +11:00
Darren Tucker
c738e6c646
- (dtucker) [session.c] Bug #1567 : move setpcred call to before chroot and
...
do not set real uid, since that's needed for the chroot, and will be set
by permanently_set_uid.
2010-03-07 13:21:12 +11:00
Darren Tucker
b3d20a3ff0
- (dtucker) [auth.c] Bug #1710 : call setauthdb on AIX before getpwuid so that
...
it gets the passwd struct from the LAM that knows about the user which is
not necessarily the default. Patch from Alexandre Letourneau.
2010-03-07 11:56:59 +11:00
Damien Miller
5059d8d7e6
- djm@cvs.openbsd.org 2010/03/05 10:28:21
...
[ssh-add.1 ssh.1 ssh_config.5]
mention loading of certificate files from [private]-cert.pub when
they are present; feedback and ok jmc@
2010-03-05 21:31:11 +11:00
Damien Miller
922b541329
- jmc@cvs.openbsd.org 2010/03/05 08:31:20
...
[ssh.1]
document certificate authentication; help/ok djm
2010-03-05 21:30:54 +11:00
Damien Miller
98339054f9
- jmc@cvs.openbsd.org 2010/03/05 06:50:35
...
[ssh.1 sshd.8]
tweak previous;
2010-03-05 21:30:35 +11:00
Damien Miller
9527f228ae
- (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@
2010-03-05 15:04:35 +11:00
Damien Miller
b068d0ad6d
- djm@cvs.openbsd.org 2010/03/05 02:58:11
...
[auth.c]
make the warning for a revoked key louder and more noticable
2010-03-05 14:03:03 +11:00
Damien Miller
48b6021721
- (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
...
on some platforms
2010-03-05 11:40:19 +11:00
Damien Miller
689b872842
- djm@cvs.openbsd.org 2010/03/04 23:27:25
...
[auth-options.c ssh-keygen.c]
"force-command" is not spelled "forced-command"; spotted by
imorgan AT nas.nasa.gov
2010-03-05 10:42:24 +11:00
Damien Miller
a7dab8bfe5
- djm@cvs.openbsd.org 2010/03/04 23:19:29
...
[ssh.1 sshd.8]
move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
format section and rework it a bit; requested by jmc@
2010-03-05 10:42:05 +11:00