Commit Graph

5709 Commits

Author SHA1 Message Date
Darren Tucker
3b59dfa161 - jj@cvs.openbsd.org 2009/04/14 21:10:54
[servconf.c]
     Fixed a few the-the misspellings in comments. Skipped a bunch in
     binutils,gcc and so on. ok jmc@
2009-06-21 17:54:47 +10:00
Darren Tucker
b62f1a856d - stevesk@cvs.openbsd.org 2009/04/14 16:33:42
[sftp-server.c]
     remove unused option character from getopt() optstring; ok markus@
2009-06-21 17:53:48 +10:00
Darren Tucker
af501cfce4 - stevesk@cvs.openbsd.org 2009/04/13 19:07:44
[sshd_config.5]
     fix possessive; ok djm@
2009-06-21 17:53:04 +10:00
Darren Tucker
5837b51aec - sobrado@cvs.openbsd.org 2009/03/26 08:38:39
[sftp-server.8 sshd.8 ssh-agent.1]
     fix a few typographical errors found by spell(1).
     ok dtucker@, jmc@
2009-06-21 17:52:27 +10:00
Darren Tucker
9013323644 - tobias@cvs.openbsd.org 2009/03/23 19:38:04
[ssh-agent.c]
     My previous commit didn't fix the problem at all, so stick at my first
     version of the fix presented to dtucker.
     Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
     ok dtucker
2009-06-21 17:50:15 +10:00
Darren Tucker
a0964504e1 - tobias@cvs.openbsd.org 2009/03/23 08:31:19
[ssh-agent.c]
     Fixed a possible out-of-bounds memory access if the environment variable
     SHELL is shorter than 3 characters.
     with input by and ok dtucker
2009-06-21 17:49:36 +10:00
Darren Tucker
3a6a51f387 - jmc@cvs.openbsd.org 2009/03/19 15:15:09
[ssh.1]
     for "Ciphers", just point the reader to the keyword in ssh_config(5), just
     as we do for "MACs": this stops us getting out of sync when the lists
     change;
     fixes documentation/6102, submitted by Peter J. Philipp
     alternative fix proposed by djm
     ok markus
2009-06-21 17:48:52 +10:00
Darren Tucker
72efd74d2f - (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2009/03/17 21:37:00
     [ssh.c]
     pass correct argv[0] to openlog(); ok djm@
2009-06-21 17:48:00 +10:00
Darren Tucker
3278062bf3 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t
is a struct with a __val member.  Fixes build on, eg, Redhat 6.2.
2009-06-16 16:11:02 +10:00
Darren Tucker
a422d9756e - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include
variable declarations.  Should prevent unused warnings anywhere it's set
   (only Crays as far as I can tell) and be a no-op everywhere else.
2009-05-04 12:52:47 +10:00
Tim Rice
a74000eb9e - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem
that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
   Based on patch from vinschen at redhat com.
2009-03-18 11:25:02 -07:00
Darren Tucker
9d86e5d570 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
   openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
   version of Cygwin.  Patch from vinschen at redhat com.
2009-03-08 11:40:27 +11:00
Darren Tucker
3e7e15f1bd - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]
EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
   in openssl 0.9.6) so add an explicit test for it.
2009-03-07 22:22:35 +11:00
Darren Tucker
30ed668de0 - (dtucker) [configure.ac] Missing comma in type list. 2009-03-07 18:06:22 +11:00
Darren Tucker
ccfee05882 - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. 2009-03-07 12:32:22 +11:00
Darren Tucker
8aae6ff0d9 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add
EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
   to use them.  Allows building with older OpenSSL versions.
2009-03-07 12:01:47 +11:00
Darren Tucker
558d6ca949 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it
exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
   has a /dev/random).
2009-03-07 10:22:10 +11:00
Damien Miller
60ccbf2f2f - djm@cvs.openbsd.org 2009/03/05 07:18:19
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
2009-03-06 01:03:30 +11:00
Damien Miller
447e387872 - djm@cvs.openbsd.org 2009/03/05 11:30:50
[uuencode.c]
     document what these functions do so I don't ever have to recuse into
     b64_pton/ntop to remember their return values
2009-03-06 00:58:39 +11:00
Damien Miller
cee8523314 - djm@cvs.openbsd.org 2009/03/05 07:18:19
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
2009-03-06 00:58:22 +11:00
Damien Miller
faec50b554 - (djm) Release openssh-5.2p1 2009-02-23 11:12:29 +11:00
Damien Miller
5d0d530c8c - (djm) [README] update for 5.2 2009-02-23 11:11:57 +11:00
Damien Miller
09d19045b8 trim 2009-02-23 11:11:12 +11:00
Damien Miller
582ca6b171 - djm@cvs.openbsd.org 2009/02/23 00:06:15
[version.h]
     openssh-5.2
2009-02-23 11:09:25 +11:00
Damien Miller
0296ae85ec - djm@cvs.openbsd.org 2009/02/22 23:59:25
[sshd_config.5]
     missing period
2009-02-23 11:00:24 +11:00
Damien Miller
1991384764 - djm@cvs.openbsd.org 2009/02/22 23:50:57
[ssh_config.5 sshd_config.5]
     don't advertise experimental options
2009-02-23 10:53:58 +11:00
Damien Miller
9eab9564d5 - (djm) OpenBSD CVS Sync
- tobias@cvs.openbsd.org 2009/02/21 19:32:04
     [misc.c sftp-server-main.c ssh-keygen.c]
     Added missing newlines in error messages.
     ok dtucker
2009-02-22 08:47:02 +11:00
Damien Miller
7691e5fa44 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Prepare for 5.2p1
2009-02-21 18:03:04 +11:00
Damien Miller
25918381ad - djm@cvs.openbsd.org 2009/02/18 04:31:21
[schnorr.c]
     signature should hash over the entire group, not just the generator
     (this is still disabled code)
2009-02-21 12:45:18 +11:00
Damien Miller
e8001d4820 - djm@cvs.openbsd.org 2009/02/17 01:28:32
[ssh_config]
     sync with revised default ciphers; pointed out by dkrause@
2009-02-21 12:45:02 +11:00
Damien Miller
9055172d03 - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolaris
systems; patch from Aurelien Jarno via rmh AT aybabtu.com
2009-02-16 15:37:03 +11:00
Damien Miller
3f94aaf38c - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]
[regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled
   interop tests from FATAL error to a warning. Allows some interop
   tests to proceed if others are missing necessary prerequisites.
2009-02-16 15:21:39 +11:00
Damien Miller
6385e758df - djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL]
     mention that eow and no-more-sessions extensions are sent only to
     OpenSSH peers
2009-02-14 18:00:52 +11:00
Damien Miller
61433bec80 - markus@cvs.openbsd.org 2009/02/13 11:50:21
[packet.c]
     check for enc !=NULL in packet_start_discard
2009-02-14 16:35:01 +11:00
Damien Miller
e379e10837 - jmc@cvs.openbsd.org 2009/02/12 07:34:20
[ssh_config.5]
     kill trailing whitespace;
2009-02-14 16:34:39 +11:00
Damien Miller
85c6d8a991 - djm@cvs.openbsd.org 2009/02/12 03:46:17
[ssh_config.5]
     document RemoteForward usage with 0 listen port
2009-02-14 16:34:21 +11:00
Damien Miller
65fa4cab4c - djm@cvs.openbsd.org 2009/02/12 03:44:25
[ssh.1]
     consistency: Dq => Ql
2009-02-14 16:34:05 +11:00
Damien Miller
e2f4cc5016 - djm@cvs.openbsd.org 2009/02/12 03:42:09
[ssh.1]
     document -R0:... usage
2009-02-14 16:33:49 +11:00
Damien Miller
923e8bb7dc - djm@cvs.openbsd.org 2009/02/12 03:26:22
[monitor.c]
     some paranoia: check that the serialised key is really KEY_RSA before
     diddling its internals
2009-02-14 16:33:31 +11:00
Damien Miller
330d58587f - djm@cvs.openbsd.org 2009/02/12 03:16:01
[serverloop.c]
     tighten check for -R0:... forwarding: only allow dynamic allocation
     if want_reply is set in the packet
2009-02-14 16:33:09 +11:00
Damien Miller
4bf648f776 - djm@cvs.openbsd.org 2009/02/12 03:00:56
[canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
     [readconf.h serverloop.c ssh.c]
     support remote port forwarding with a zero listen port (-R0:...) to
     dyamically allocate a listen port at runtime (this is actually
     specified in rfc4254); bz#1003 ok markus@
2009-02-14 16:28:21 +11:00
Damien Miller
fdd66fc750 - dtucker@cvs.openbsd.org 2009/02/02 11:15:14
[sftp.c]
     Initialize a few variables to prevent spurious "may be used
     uninitialized" warnings from newer gcc's.  ok djm@
2009-02-14 16:26:19 +11:00
Damien Miller
20e231f9f8 - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX.
OSX provides a getlastlogxbyname function that automates the reading of
   a lastlog file. Also, the pututxline function will update lastlog so
   there is no need for loginrec.c to do it explicitly. Collapse some
   overly verbose code while I'm in there.
2009-02-12 13:12:21 +11:00
Damien Miller
2de762456e - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
set ownership and modes, so avoid explicitly setting them
2009-02-12 12:19:20 +11:00
Darren Tucker
642ebe5b51 - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed in
channels.c too, so move the definition for non-IP6 platforms to defines.h
   where it can be shared.
2009-02-01 22:19:54 +11:00
Tim Rice
0d8f2f3afa - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes. 2009-01-29 12:40:30 -08:00
Tim Rice
6a32534968 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
If the CYGWIN environment variable is empty, the installer script
   should not install the service with an empty CYGWIN variable, but
   rather without setting CYGWNI entirely.
2009-01-29 12:30:01 -08:00
Tim Rice
ca3692d1a9 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x.
   The information given for the setting of the CYGWIN environment variable
   is wrong for both releases so I just removed it, together with the
   unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting.
2009-01-28 12:50:04 -08:00
Damien Miller
13ae44ce58 - markus@cvs.openbsd.org 2009/01/26 09:58:15
[cipher.c cipher.h packet.c]
     Work around the CPNI-957037 Plaintext Recovery Attack by always
     reading 256K of data on packet size or HMAC errors (in CBC mode only).
     Help, feedback and ok djm@
     Feedback from Martin Albrecht and Paterson Kenny
2009-01-28 16:38:41 +11:00
Damien Miller
9aa72ba57a - naddy@cvs.openbsd.org 2009/01/24 17:10:22
[ssh_config.5 sshd_config.5]
     sync list of preferred ciphers; ok djm@
2009-01-28 16:34:00 +11:00