RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2025-01-03 08:12:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,937 Commits 69 Branches 157 Tags 27 MiB
356b61f365
Commit Graph

7937 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dtucker@openbsd.org
0ef1de742b upstream commit 
Add a simple regression test for sshd's configuration
 parser.  Right now, all it does is run the output of sshd -T back through
 itself and ensure the output is valid and invariant.
 2015-05-10 11:35:16 +10:00
djm@openbsd.org
368f83c793 upstream commit 
use correct key for nested certificate test
 2015-05-10 11:35:12 +10:00
djm@openbsd.org
8d4d1bfddb upstream commit 
mention that the user's shell from /etc/passwd is used
 for commands too; bz#1459 ok dtucker@
 2015-05-10 11:35:07 +10:00
djm@openbsd.org
5ab283d001 upstream commit 
whitespace

Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
 2015-05-08 17:32:13 +10:00
djm@openbsd.org
8377d5008a upstream commit 
whitespace at EOL

Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
 2015-05-08 17:28:28 +10:00
djm@openbsd.org
c28a3436fa upstream commit 
moar whitespace at eol

Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515
 2015-05-08 16:46:01 +10:00
djm@openbsd.org
2b64c49046 upstream commit 
whitespace at EOL

Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c
 2015-05-08 16:44:11 +10:00
djm@openbsd.org
4e636cf201 upstream commit 
whitespace at EOL
 2015-05-08 13:58:06 +10:00
dtucker@openbsd.org
38b8272f82 upstream commit 
Use diff w/out -u for better portability
 2015-05-08 13:33:00 +10:00
dtucker@openbsd.org
297060f42d upstream commit 
Use xcalloc for permitted_adm_opens instead of xmalloc to
 ensure it's zeroed. Fixes post-auth crash with permitopen=none.  bz#2355, ok
 djm@
 2015-05-08 13:32:59 +10:00
djm@openbsd.org
63ebf019be upstream commit 
don't choke on new-format private keys encrypted with an
 AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@
 2015-05-08 13:32:58 +10:00
dtucker@openbsd.org
f8484dac67 upstream commit 
Clarify pseudo-terminal request behaviour and use
 "pseudo-terminal" consistently.  bz#1716, ok jmc@ "I like it" deraadt@.
 2015-05-08 13:32:58 +10:00
dtucker@openbsd.org
ea139507be upstream commit 
Blacklist DH-GEX for specific PuTTY versions known to
 send non-RFC4419 DH-GEX messages rather than all versions of PuTTY.
 According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX
 messages.  ok djm@
 2015-05-08 13:32:57 +10:00
dtucker@openbsd.org
b58234f00e upstream commit 
WinSCP doesn't implement RFC4419 DH-GEX so flag it so we
 don't offer that KEX method.  ok markus@
 2015-05-08 13:32:56 +10:00
jsg@openbsd.org
d5b1507a20 upstream commit 
use the sizeof the struct not the sizeof a pointer to the
 struct in ssh_digest_start()

This file is only used if ssh is built with OPENSSL=no

ok markus@
 2015-05-08 13:32:55 +10:00
Darren Tucker
a647b9b8e6 Put brackets around mblen() compat constant. 
This might help with the reported problem cross compiling for Android
("error: expected identifier or '(' before numeric constant") but
shouldn't hurt in any case.
 2015-05-08 11:07:27 +10:00
Darren Tucker
d1680d36e1 xrealloc -> xreallocarray in portable code too. 2015-04-30 09:18:11 +10:00
dtucker@openbsd.org
531a57a389 upstream commit 
Allow ListenAddress, Port and AddressFamily in any
 order.  bz#68, ok djm@, jmc@ (for the man page bit).
 2015-04-29 18:20:32 +10:00
jmc@openbsd.org
c1d5bcf1aa upstream commit 
enviroment -> environment: apologies to darren for not
 spotting that first time round...
 2015-04-29 18:20:14 +10:00
dtucker@openbsd.org
43beea053d upstream commit 
Fix typo in previous
 2015-04-29 18:20:13 +10:00
dtucker@openbsd.org
85b96ef413 upstream commit 
Document that the TERM environment variable is not
 subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
 jjelen at redhat, help and ok jmc@
 2015-04-29 18:20:13 +10:00
djm@openbsd.org
88a7c598a9 upstream commit 
Make sshd default to PermitRootLogin=no; ok deraadt@
 rpe@
 2015-04-29 18:20:12 +10:00
djm@openbsd.org
734226b448 upstream commit 
fix compilation with OPENSSL=no; ok dtucker@
 2015-04-29 18:19:05 +10:00
dtucker@openbsd.org
a4b9d2ce1e upstream commit 
Include stdio.h for FILE (used in sshkey.h) so it
 compiles with OPENSSL=no.
 2015-04-29 18:15:52 +10:00
djm@openbsd.org
dbcc652f4c upstream commit 
allow "sshd -f none" to skip reading the config file,
 much like "ssh -F none" does. ok dtucker
 2015-04-29 18:15:39 +10:00
jmc@openbsd.org
b7ca276fca upstream commit 
combine -Dd onto one line and update usage();
 2015-04-29 18:15:38 +10:00
djm@openbsd.org
2ea974630d upstream commit 
add ssh-agent -D to leave ssh-agent in foreground
 without enabling debug mode; bz#2381 ok dtucker@
 2015-04-29 18:15:38 +10:00
deraadt@openbsd.org
8ac2ffd7aa upstream commit 
2*len -> use xreallocarray() ok djm
 2015-04-29 18:15:24 +10:00
deraadt@openbsd.org
657a5fbc0d upstream commit 
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
 2015-04-29 18:15:23 +10:00
dtucker@openbsd.org
1108ae242f upstream commit 
Two small fixes for sshd -T: ListenAddress'es are added
 to a list head so reverse the order when printing them to ensure the
 behaviour remains the same, and print StreamLocalBindMask as octal with
 leading zero.  ok deraadt@
 2015-04-29 18:14:36 +10:00
dtucker@openbsd.org
bd902b8473 upstream commit 
Check for and reject missing arguments for
 VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com,
 ok djm@
 2015-04-29 18:14:23 +10:00
djm@openbsd.org
ca42c17585 upstream commit 
unknown certificate extensions are non-fatal, so don't
 fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok
 dtucker@
 2015-04-29 18:14:22 +10:00
jsg@openbsd.org
39bfbf7caa upstream commit 
Add back a backslash removed in rev 1.42 so
 KEX_SERVER_ENCRYPT will include aes again.

ok deraadt@
 2015-04-29 18:14:21 +10:00
djm@openbsd.org
6b0d576bb8 upstream commit 
s/recommended/required/ that private keys be og-r this
 wording change was made a while ago but got accidentally reverted
 2015-04-29 18:14:21 +10:00
djm@openbsd.org
44a8e7ce6f upstream commit 
don't try to cleanup NULL KEX proposals in
 kex_prop_free(); found by Jukka Taimisto and Markus Hietava
 2015-04-29 18:14:20 +10:00
djm@openbsd.org
3038a19187 upstream commit 
use error/logit/fatal instead of fprintf(stderr, ...)
 and exit(0), fix a few errors that were being printed to stdout instead of
 stderr and a few non-errors that were going to stderr instead of stdout
 bz#2325; ok dtucker
 2015-04-29 18:14:20 +10:00
djm@openbsd.org
a58be33cb6 upstream commit 
debug log missing DISPLAY environment when X11
 forwarding requested; bz#1682 ok dtucker@
 2015-04-29 18:13:35 +10:00
djm@openbsd.org
17d4d9d9fb upstream commit 
don't call record_login() in monitor when UseLogin is
 enabled; bz#278 reported by drk AT sgi.com; ok dtucker
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
40132ff87b upstream commit 
Add some missing options to sshd -T and fix the output
 of VersionAddendum HostCertificate.  bz#2346, patch from jjelen at redhat
 com, ok djm.
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
6cc7cfa936 upstream commit 
Document "none" for PidFile XAuthLocation
 TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
 2015-04-29 18:13:34 +10:00
dtucker@openbsd.org
15fdfc9b1c upstream commit 
Plug leak of address passed to logging.  bz#2373, patch
 from jjelen at redhat, ok markus@
 2015-04-29 18:13:33 +10:00
dtucker@openbsd.org
bb2289e2a4 upstream commit 
Output remote username in debug output since with Host
 and Match it's not always obvious what it will be.  bz#2368, ok djm@
 2015-04-29 18:13:07 +10:00
Darren Tucker
70860b6d07 Format UsePAM setting when using sshd -T. 
Part of bz#2346, patch from jjelen at redhat com.
 2015-04-17 10:56:13 +10:00
Darren Tucker
ee15d9c9f0 Wrap endian.h include inside ifdef (bz#2370). 2015-04-17 10:40:23 +10:00
Darren Tucker
408f4c2ad4 Look for '${host}-ar' before 'ar'. 
This changes configure.ac to look for '${host}-ar' as set by
AC_CANONICAL_HOST before looking for the unprefixed 'ar'.
Useful when cross-compiling when all your binutils are prefixed.

Patch from moben at exherbo org via astrand at lysator liu se and
bz#2352.
 2015-04-17 09:39:58 +10:00
Damien Miller
673a1c16ad remove dependency on arpa/telnet.h 2015-04-16 11:40:35 +10:00
Darren Tucker
202d443eed Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits. 2015-04-15 15:59:49 +10:00
Damien Miller
5979864934 platform's with openpty don't need pty_release 2015-04-13 14:40:17 +10:00
djm@openbsd.org
318be28cda upstream commit 
deprecate ancient, pre-RFC4419 and undocumented
 SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems
 reasonable" dtucker@
 2015-04-13 14:37:20 +10:00
dtucker@openbsd.org
d8f391caef upstream commit 
Don't send hostkey advertisments
 (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
 handle them.  Newer versions should be OK.  Patch from Bryan Drewery and
 IWAMOTO Kouichi, ok djm@
 2015-04-13 14:37:19 +10:00