Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir:
cannot create directory:... File exists" during "make install".
Patch from eb at emlix.com.
Add monotime_ts and monotime_tv that return monotonic
timespec and timeval respectively. Replace calls to gettimeofday() in packet
timing with monotime_tv so that the callers will work over a clock step.
Should prevent integer overflow during clock steps reported by wangle6 at
huawei.com. "I like" markus@
OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a
Remove get_current_time() and replace with calls to
monotime_double() which uses CLOCK_MONOTONIC and works over clock steps. "I
like" markus@
OpenBSD-Commit-ID: 3ad2f7d2414e2cfcaef99877a7a5b0baf2242952
downgrade a couple more request parsing errors from
process-fatal to just returning failure, making them consistent with the
others that were already like that.
OpenBSD-Commit-ID: c111461f7a626690a2d53018ef26557b34652918
fix regression in 7.6: failure to parse a signature request
message shouldn't be fatal to the process, just the request. Reported by Ron
Frederick
OpenBSD-Commit-ID: e5d01b3819caa1a2ad51fc57d6ded43f48bbcc05
fix problem in configuration parsing when in config dump mode
(sshd -T) without providing a full connection specification (sshd -T -C ...)
spotted by bluhm@
OpenBSD-Commit-ID: 7125faf5740eaa9d3a2f25400a0bc85e94e28b8f
reuse parse_multistate for parse_flag (yes/no arguments).
Saves a few lines of code and makes the parser more consistent wrt case-
sensitivity. bz#2664 ok dtucker@
OpenBSD-Commit-ID: b2ad1b6086858d5db71c7b11e5a74dba6d60efef
allow certificate validity intervals that specify only a
start or stop time (we already support specifying both or neither)
OpenBSD-Commit-ID: 9be486545603c003030bdb5c467d1318b46b4e42
allow "cd" and "lcd" commands with no explicit path
argument. lcd will change to the local user's home directory as usual. cd
will change to the starting directory for session (because the protocol
offers no way to obtain the remote user's home directory). bz#2760 ok
dtucker@
OpenBSD-Commit-ID: 15333f5087cee8c1ed1330cac1bd0a3e6a767393
When doing a config test with sshd -T, only require the
attributes that are actually used in Match criteria rather than (an
incomplete list of) all criteria. ok djm@, man page help jmc@
OpenBSD-Commit-ID: b4e773c4212d3dea486d0259ae977551aab2c1fc
Private keys in PEM format have been encrypted by AES-128 for
a while (not 3DES). bz#2788 reported by Calum Mackay
OpenBSD-Commit-ID: bd33da7acbbb3c882f0a0ee56007a35ce0d8a11a
fix broken stdout in ControlPersist mode, introduced by me in
r1.467 and reported by Alf Schlichting
OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509
The configure script checks for getpagesize() and sets HAVE_GETPAGESIZE in
config.h, but bsd-getpagesize.c forgot to include includes.h (which
indirectly includes config.h) so the checks always fails, causing linker
issues when linking statically on systems with getpagesize().
Patch from Peter Korsgaard <peter at korsgaard.com>
Use printenv to test whether an SSH_USER_AUTH is set
instead of using $SSH_USER_AUTH. The latter won't work with csh which treats
unknown variables as an error when expanding them. OK markus@
OpenBSD-Regress-ID: f601e878dd8b71aa40381573dde3a8f567e6f2d1
tweak the uri text, specifically removing some markup to
make it a bit more readable;
issue reported by - and diff ok - millert
OpenBSD-Commit-ID: 8b56a20208040b2d0633536fd926e992de37ef3f
Previously portable OpenSSH has synced against a conversion of OpenBSD's
CVS repository made using the git cvsimport tool, but this has become
increasingly unreliable.
As of this commit, portable OpenSSH now tracks a conversion of the
OpenBSD CVS upstream made using the excellent cvs2gitdump tool from
YASUOKA Masahiko: https://github.com/yasuoka/cvs2gitdump
cvs2gitdump is considerably more reliable than gitcvsimport and the old
version of cvsps that it uses under the hood, and is the same tool used
to export the entire OpenBSD repository to git (so we know it can cope
with future growth).
These new conversions are mirrored at github, so interested parties can
match portable OpenSSH commits to their upstream counterparts.
https://github.com/djmdjm/openbsd-openssh-srchttps://github.com/djmdjm/openbsd-openssh-regress
An unfortunate side effect of switching upstreams is that we must have
a flag day, across which the upstream commit IDs will be inconsistent.
The old commit IDs are recorded with the tags "Upstream-ID" for main
directory commits and "Upstream-Regress-ID" for regress commits.
To make it clear that the commit IDs do not refer to the same
things, the new repository will instead use "OpenBSD-ID" and
"OpenBSD-Regress-ID" tags instead.
Apart from being a longwinded explanation of what is going on, this
commit message also serves to synchronise our tools with the state of
the tree, which happens to be:
OpenBSD-ID: 9c43a9968c7929613284ea18e9fb92e4e2a8e4c1
OpenBSD-Regress-ID: b33b385719420bf3bc57d664feda6f699c147fef
transfer ownership of stdout to the session channel by
dup2'ing /dev/null to fd 1. This allows propagation of remote stdout close to
the local side; reported by David Newall, ok markus@
Upstream-ID: 8d9ac18a11d89e6b0415f0cbf67b928ac67f0e79
add a "rdomain" criteria for the sshd_config Match
keyword to allow conditional configuration that depends on which rdomain(4) a
connection was recevied on. ok markus@
Upstream-ID: 27d8fd5a3f1bae18c9c6e533afdf99bff887a4fb
add sshd_config RDomain keyword to place sshd and the
subsequent user session (including the shell and any TCP/IP forwardings) into
the specified rdomain(4)
ok markus@
Upstream-ID: be2358e86346b5cacf20d90f59f980b87d1af0f5
Add optional rdomain qualifier to sshd_config's
ListenAddress option to allow listening on a different rdomain(4), e.g.
ListenAddress 0.0.0.0 rdomain 4
Upstream-ID: 24b6622c376feeed9e9be8b9605e593695ac9091
