Darren Tucker
33bc334a8b
- (dtucker) [loginrec.h] Bug #952 : Increase size of username field to 128
...
bytes to prevent errors from login_init_entry() when the username is
exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
2005-01-20 22:07:29 +11:00
Darren Tucker
d5bfa8f9d8
Oops, did not intend to commit this yet
2005-01-20 13:29:51 +11:00
Darren Tucker
d231186fd0
- djm@cvs.openbsd.org 2004/12/22 02:13:19
...
[cipher-ctr.c cipher.c]
remove fallback AES support for old OpenSSL, as OpenBSD has had it for
many years now; ok deraadt@
(Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 13:27:56 +11:00
Darren Tucker
36a3d60347
- (dtucker) [auth-pam.c] Bug #971 : Prevent leaking information about user
...
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
2005-01-20 12:43:38 +11:00
Darren Tucker
611649ebf0
- dtucker@cvs.openbsd.org 2005/01/19 13:11:47
...
[auth-bsdauth.c auth2-chall.c]
Have keyboard-interactive code call the drivers even for responses for
invalid logins. This allows the drivers themselves to decide how to
handle them and prevent leaking information where possible. Existing
behaviour for bsdauth is maintained by checking authctxt->valid in the
bsdauth driver. Note that any third-party kbdint drivers will now need
to be able to handle responses for invalid logins. ok markus@
2005-01-20 11:05:34 +11:00
Darren Tucker
ea7c8127ce
- dtucker@cvs.openbsd.org 2005/01/17 22:48:39
...
[sshd.c]
Make debugging output continue after reexec; ok djm@
2005-01-20 11:03:08 +11:00
Darren Tucker
f0e792ec1c
- dtucker@cvs.openbsd.org 2005/01/17 03:25:46
...
[moduli.c]
Correct spelling: SCHNOOR->SCHNORR; ok djm@
2005-01-20 11:02:26 +11:00
Darren Tucker
b3509014ce
- jmc@cvs.openbsd.org 2005/01/08 00:41:19
...
[sshd_config.5]
`login'(n) -> `log in'(v);
2005-01-20 11:01:46 +11:00
Darren Tucker
b2161e37f5
- markus@cvs.openbsd.org 2005/01/05 08:51:32
...
[sshconnect.c]
remove dead code, log connect() failures with level error, ok djm@
2005-01-20 11:00:46 +11:00
Darren Tucker
0f38323222
- djm@cvs.openbsd.org 2004/12/23 23:11:00
...
[servconf.c servconf.h sshd.c sshd_config sshd_config.5]
bz #898 : support AddressFamily in sshd_config. from
peak@argo.troja.mff.cuni.cz ; ok deraadt@
2005-01-20 10:57:56 +11:00
Darren Tucker
7cfeecf670
- markus@cvs.openbsd.org 2004/12/23 17:38:07
...
[ssh-keygen.c]
leak; from mpech
2005-01-20 10:56:31 +11:00
Darren Tucker
172a5e8cb8
- markus@cvs.openbsd.org 2004/12/23 17:35:48
...
[session.c]
check for NULL; from mpech
2005-01-20 10:55:46 +11:00
Darren Tucker
24c710e498
- (dtucker) [survey.sh.in] Remove any blank lines from the output of
...
ccver-v and ccver-V.
2005-01-18 12:45:42 +11:00
Darren Tucker
72c025d9f0
- (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] Implement
...
"make survey" and "make send-survey". This will provide data on the
configure parameters, platform and platform features to the development
team, which will allow (among other things) better targetting of testing.
It's entirely voluntary and is off be default. ok djm@
2005-01-18 12:05:18 +11:00
Darren Tucker
5caa78b1b7
- (dtucker) [regress/rekey.sh] Touch datafile before filling with dd, since
...
on some wacky platforms (eg old AIXes), dd will refuse to create an output
file if it doesn't exist.
2004-12-20 12:35:42 +11:00
Darren Tucker
8686ed7508
- (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if reading
...
from prngd is enabled at compile time but fails at run time, eg because
prngd is not running. Note that if you have prngd running when OpenSSH is
built, OpenSSL will consider itself internally seeded and rand-helper won't
be built at all unless explicitly enabled via --with-rand-helper. ok djm@
2004-12-20 12:05:08 +11:00
Darren Tucker
442a383418
- (dtucker) [contrib/findssh.sh] Clean up on interrupt; from
...
amarendra.godbole at ge com.
2004-12-13 18:08:32 +11:00
Darren Tucker
f0f90989fa
- dtucker@cvs.openbsd.org 2004/12/11 01:48:56
...
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h]
Fix debug call in error path of authorized_keys processing and fix related
warnings; ok djm@
2004-12-11 13:39:50 +11:00
Darren Tucker
596dcfa21f
- fgsch@cvs.openbsd.org 2004/12/10 03:10:42
...
[sftp.c]
- fix globbed ls for paths the same lenght as the globbed path when
we have a unique matching.
- fix globbed ls in case of a directory when we have a unique matching.
- as a side effect, if the path does not exist error (used to silently
ignore).
- don't do extra do_lstat() if we only have one matching file.
djm@ ok
2004-12-11 13:37:22 +11:00
Darren Tucker
56c9598e5e
- (dtucker) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2004/12/06 16:00:43
[bufaux.c]
use 0x00 not \0 since buf[] is a bignum
2004-12-11 13:34:56 +11:00
Tim Rice
0f83d2907c
[configure.ac] Comment some non obvious platforms in the target-specific
...
case statement. Suggested and OK by dtucker@
2004-12-08 18:29:58 -08:00
Darren Tucker
641b34c72b
- (dtucker) [regress/scp.sh] Use portable-friendly $DIFFOPTs in new test.
2004-12-07 11:26:15 +11:00
Darren Tucker
d028fea13a
- dtucker@cvs.openbsd.org 2004/12/06 10:49:56
...
[test-exec.sh]
Check if TEST_SSH_SSHD is a full path to sshd before searching; ok markus@
2004-12-06 23:16:29 +11:00
Darren Tucker
cc0603d4b6
- dtucker@cvs.openbsd.org 2004/11/25 09:39:27
...
[test-exec.sh]
Remove obsolete RhostsAuthentication from test config; ok markus@
2004-12-06 23:13:50 +11:00
Darren Tucker
79ec66e980
- djm@cvs.openbsd.org 2004/11/07 00:32:41
...
[multiplex.sh]
regression tests for new multiplex commands
2004-12-06 23:12:15 +11:00
Darren Tucker
124f58ecba
- djm@cvs.openbsd.org 2004/10/29 23:59:22
...
[Makefile added brokenkeys.sh]
regression test for handling of corrupt keys in authorized_keys file
2004-12-06 23:07:37 +11:00
Darren Tucker
71b5643598
- djm@cvs.openbsd.org 2004/10/08 02:01:50
...
[reexec.sh]
shrink and tidy; ok dtucker@
2004-12-06 23:05:52 +11:00
Darren Tucker
3206e57e93
- david@cvs.openbsd.org 2004/07/09 19:45:43
...
[Makefile]
add a missing CLEANFILES used in the re-exec test
2004-12-06 23:04:57 +11:00
Darren Tucker
ccf0779185
- dtucker@cvs.openbsd.org 2004/07/08 12:59:35
...
[scp.sh]
Regress test for bz #863 (scp double-error), requires $SUDO. ok markus@
2004-12-06 23:03:27 +11:00
Darren Tucker
a372960fa9
- djm@cvs.openbsd.org 2004/06/26 06:16:07
...
[reexec.sh]
don't change the name of the copied sshd for the reexec fallback test,
makes life simpler for portable
2004-12-06 23:00:27 +11:00
Darren Tucker
c0dc1c9bfa
Resync Ids
2004-12-06 22:58:11 +11:00
Darren Tucker
22cc741096
- dtucker@cvs.openbsd.org 2004/12/06 11:41:03
...
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8]
Discard over-length authorized_keys entries rather than complaining when
they don't decode. bz #884 , with & ok djm@
2004-12-06 22:47:41 +11:00
Darren Tucker
16e254d179
- jaredy@cvs.openbsd.org 2004/12/05 23:55:07
...
[sftp.1]
- explain that patterns can be used as arguments in get/put/ls/etc
commands (prodded by Michael Knudsen)
- describe ls flags as a list
- other minor improvements
ok jmc, djm
2004-12-06 22:46:45 +11:00
Darren Tucker
e2f189a841
- djm@cvs.openbsd.org 2004/11/29 07:41:24
...
[sftp-client.h sftp.c]
Some small fixes from moritz@jodeit.org . ok deraadt@
2004-12-06 22:45:53 +11:00
Darren Tucker
0133a727ac
- jmc@cvs.openbsd.org 2004/11/29 00:05:17
...
[sftp.1]
missing full stop;
2004-12-06 22:44:32 +11:00
Darren Tucker
cd516efea1
- (dtucker) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2004/11/25 22:22:14
[sftp-client.c sftp.c]
leak; from mpech
2004-12-06 22:43:43 +11:00
Darren Tucker
ba2abb3699
- (dtucker) [TODO WARNING.RNG] Update to reflect current reality. ok djm@
2004-12-06 22:40:10 +11:00
Darren Tucker
c13866719f
- (dtucker) [auth1.c auth2.c] If the user successfully authenticates but is
...
subsequently denied by the PAM auth stack, send the PAM message to the
user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2).
ok djm@
2004-12-03 14:33:47 +11:00
Darren Tucker
9c6bf325c0
- jmc@cvs.openbsd.org 2004/11/07 17:57:30
...
[ssh.c]
usage():
- add -O
- sync -S w/ manpage
- remove -h
2004-12-03 14:10:19 +11:00
Darren Tucker
e04644c162
- (dtucker) OpenBSD CVS Sync
...
- jmc@cvs.openbsd.org 2004/11/07 17:42:36
[ssh.1]
options sort, and whitespace;
2004-12-03 14:08:45 +11:00
Darren Tucker
16bcc1c92e
- (dtucker) [INSTALL Makefile.in configure.ac] Add --with-libedit configure
...
option and supporting makefile bits and documentation.
2004-11-07 20:14:34 +11:00
Darren Tucker
7ebfc10884
- djm@cvs.openbsd.org 2004/11/07 00:01:46
...
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
2004-11-07 20:06:19 +11:00
Darren Tucker
2d963d8721
- djm@cvs.openbsd.org 2004/11/05 12:19:56
...
[sftp.c]
command editing and history support via libedit; ok markus@
thanks to hshoexer@ and many testers on tech@ too
2004-11-07 20:04:10 +11:00
Darren Tucker
08d04faf24
- djm@cvs.openbsd.org 2004/10/29 23:57:05
...
[key.c]
use new buffer API to avoid fatal errors on corrupt keys in authorized_keys
files; ok markus@
2004-11-05 20:42:28 +11:00
Darren Tucker
50dbe8314b
- djm@cvs.openbsd.org 2004/10/29 23:56:17
...
[bufaux.c bufaux.h buffer.c buffer.h]
introduce a new buffer API that returns an error rather than fatal()ing
when presented with bad data; ok markus@
2004-11-05 20:41:24 +11:00
Darren Tucker
ce327b62ac
- djm@cvs.openbsd.org 2004/10/29 22:53:56
...
[clientloop.c misc.h readpass.c ssh-agent.c]
factor out common permission-asking code to separate function; ok markus@
2004-11-05 20:38:03 +11:00
Darren Tucker
5d78de6283
- djm@cvs.openbsd.org 2004/10/29 21:47:15
...
[channels.c channels.h clientloop.c]
fix some window size change bugs for multiplexed connections: windows sizes
were not being updated if they had changed after ~^Z suspends and SIGWINCH
was not being processed unless the first connection had requested a tty;
ok markus
2004-11-05 20:35:44 +11:00
Darren Tucker
b2694f0e8a
- markus@cvs.openbsd.org 2004/10/20 11:48:53
...
[packet.c ssh1.h]
disconnect for invalid (out of range) message types.
2004-11-05 20:27:54 +11:00
Darren Tucker
1dee8683fb
- djm@cvs.openbsd.org 2004/10/07 10:12:36
...
[ssh-agent.c]
don't unlink agent socket when bind() fails, spotted by rich AT
rich-paul.net, ok markus@
2004-11-05 20:26:49 +11:00
Darren Tucker
636ca90247
- djm@cvs.openbsd.org 2004/10/07 10:10:24
...
[scp.1 sftp.1 ssh.1 ssh_config.5]
document KbdInteractiveDevices; ok markus@
2004-11-05 20:22:00 +11:00