RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2025-02-01 06:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,998 Commits 69 Branches 157 Tags 27 MiB
6d0d6fbfdf
Commit Graph

4537 Commits

Author SHA1 Message Date
Darren Tucker
e0e4aad1fd - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably 
others).
 2006-07-11 19:01:51 +10:00
Darren Tucker
44c828fe29 - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c 
openbsd-compat/daemon.c] Add includes needed by open(2).  Conditionally
   include paths.h.  Fixes build error on Solaris.
 2006-07-11 18:00:06 +10:00
Darren Tucker
4e880e632b - (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h> 
for struct sockaddr on platforms that use the fake-rfc stuff.
 2006-07-11 00:20:51 +10:00
Darren Tucker
da34553561 - dtucker@cvs.openbsd.org 2006/07/10 12:46:51 
[misc.c misc.h sshd.8 sshconnect.c]
     Add port identifier to known_hosts for non-default ports, based originally
     on a patch from Devin Nate in bz#910.
     For any connection using the default port or using a HostKeyAlias the
     format is unchanged, otherwise the host name or address is enclosed
     within square brackets in the same format as sshd's ListenAddress.
     Tested by many, ok markus@.
 2006-07-10 23:04:19 +10:00
Damien Miller
0f07707267 - djm@cvs.openbsd.org 2006/07/10 12:08:08 
[channels.c]
     fix misparsing of SOCKS 5 packets that could result in a crash;
     reported by mk@ ok markus@
 2006-07-10 22:21:02 +10:00
Damien Miller
3d1a9f4d5d - djm@cvs.openbsd.org 2006/07/10 12:03:20 
[scp.c]
     duplicate argv at the start of main() because it gets modified later;
     pointed out by deraadt@ ok markus@
 2006-07-10 22:19:53 +10:00
Damien Miller
a1738e4c65 - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c] 
[openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h
 2006-07-10 21:33:04 +10:00
Damien Miller
6444fe996b - djm@cvs.openbsd.org 2006/07/10 11:25:53 
[sftp-server.c]
     don't log variables that aren't yet set
 2006-07-10 21:31:27 +10:00
Damien Miller
c718c743c1 - djm@cvs.openbsd.org 2006/07/10 11:24:54 
[sftp-server.c]
     remove optind - it isn't used here
 2006-07-10 21:31:00 +10:00
Damien Miller
211838d8e2 - stevesk@cvs.openbsd.org 2006/07/09 15:27:59 
[ssh-add.c]
     use O_RDONLY vs. 0 in open(); no binary change
 2006-07-10 21:14:00 +10:00
Damien Miller
57cf638577 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11 
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
 2006-07-10 21:13:46 +10:00
Damien Miller
194a1cb018 - stevesk@cvs.openbsd.org 2006/07/08 23:30:06 
[log.c]
     move user includes after /usr/include files
 2006-07-10 21:09:22 +10:00
Damien Miller
e33b60343b - stevesk@cvs.openbsd.org 2006/07/08 21:48:53 
[monitor.c session.c]
     missed these from last commit:
     move #include <sys/socket.h> out of includes.h
 2006-07-10 21:08:34 +10:00
Damien Miller
e3b60b524e - stevesk@cvs.openbsd.org 2006/07/08 21:47:12 
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
 2006-07-10 21:08:03 +10:00
Damien Miller
58059aef05 - stevesk@cvs.openbsd.org 2006/07/06 17:36:37 
[monitor_wrap.h]
     typo in comment
 2006-07-10 20:53:45 +10:00
Damien Miller
69996104fe - stevesk@cvs.openbsd.org 2006/07/06 16:22:39 
[ssh-keygen.c]
     move #include "dns.h" up
 2006-07-10 20:53:31 +10:00
Damien Miller
9f2abc47eb - stevesk@cvs.openbsd.org 2006/07/06 16:03:53 
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@
 2006-07-10 20:53:08 +10:00
Damien Miller
fef95ad816 - djm@cvs.openbsd.org 2006/07/06 10:47:57 
[sftp-server.8 sftp-server.c]
     add commandline options to enable logging of transactions; ok markus@
 2006-07-10 20:46:55 +10:00
Damien Miller
917f9b6b6e - djm@cvs.openbsd.org 2006/07/06 10:47:05 
[servconf.c servconf.h session.c sshd_config.5]
     support arguments to Subsystem commands; ok markus@
 2006-07-10 20:36:47 +10:00
Damien Miller
8ec8c3e98a - stevesk@cvs.openbsd.org 2006/07/05 02:42:09 
[canohost.c hostfile.c includes.h misc.c packet.c readconf.c]
     [serverloop.c sshconnect.c uuencode.c]
     move #include <netinet/in.h> out of includes.h; ok deraadt@
     (also ssh-rand-helper.c logintest.c loginrec.c)
 2006-07-10 20:35:38 +10:00
Damien Miller
efc04e70b8 - stevesk@cvs.openbsd.org 2006/07/03 17:59:32 
[channels.c includes.h]
     move #include <arpa/inet.h> out of includes.h; old ok djm@
     (portable needed session.c too)
 2006-07-10 20:26:27 +10:00
Damien Miller
b757677d02 - stevesk@cvs.openbsd.org 2006/07/03 08:54:20 
[includes.h ssh.c sshconnect.c sshd.c]
     move #include "version.h" out of includes.h; ok markus@
 2006-07-10 20:23:39 +10:00
Damien Miller
57e8ad3f5e - stevesk@cvs.openbsd.org 2006/07/02 23:01:55 
[clientloop.c ssh.1]
     use -KR[bind_address:]port here; ok djm@
 2006-07-10 20:20:52 +10:00
Damien Miller
427a1d57bb - stevesk@cvs.openbsd.org 2006/07/02 22:45:59 
[groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c]
     move #include <grp.h> out of includes.h
     (portable needed uidswap.c too)
 2006-07-10 20:20:33 +10:00
Damien Miller
5d3ac7f7ee - stevesk@cvs.openbsd.org 2006/07/02 18:36:47 
[gss-serv-krb5.c gss-serv.c]
     no "servconf.h" needed here
     (gss-serv-krb5.c change not applied, portable needs the server options)
 2006-07-10 20:17:55 +10:00
Damien Miller
991dba43e1 - stevesk@cvs.openbsd.org 2006/07/02 17:12:58 
[ssh.1 ssh.c ssh_config.5 sshd_config.5]
     more details and clarity for tun(4) device forwarding; ok and help
     jmc@
 2006-07-10 20:16:27 +10:00
Damien Miller
43020951ad - djm@cvs.openbsd.org 2006/06/26 10:36:15 
[clientloop.c]
     mention optional bind_address in runtime port forwarding setup
     command-line help. patch from santhi.amirta AT gmail.com
 2006-07-10 20:16:12 +10:00
Damien Miller
1e88ea6556 - OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2006/06/14 10:50:42
     [sshconnect.c]
     limit the number of pre-banner characters we will accept; ok markus@
 2006-07-10 20:15:56 +10:00
Darren Tucker
e34c96aea1 - (dtucker) [INSTALL] New autoconf version: 2.60. 2006-07-10 12:55:24 +10:00
Darren Tucker
f32f55259c - (dtucker) [INSTALL] A bit more info on autoconf. 2006-07-06 19:12:08 +10:00
Darren Tucker
bdc121279f - (dtucker) [configure.ac] Try AIX blibpath test in different order when 
compiling with gcc.  gcc 4.1.x will accept (but ignore) -b flags so
   configure would not select the correct libpath linker flags.
 2006-07-06 11:56:25 +10:00
Damien Miller
365e18db51 whitespace 2006-07-05 22:48:07 +10:00
Damien Miller
ee9ee9175c whitespace 2006-07-05 22:47:21 +10:00
Darren Tucker
daf6ff4312 - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the 
target already exists.
 2006-07-05 21:35:48 +10:00
Darren Tucker
db4c54bed1 - (dtucker) [INSTALL] Bug #1202: Note when autoconf is required and which 
version.
 2006-06-30 16:20:58 +10:00
Darren Tucker
7243f9db60 - (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it, 
prevents warnings on platforms where _res is in the system headers.
 2006-06-30 11:47:49 +10:00
Darren Tucker
66c32d5caa - (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf 
declaration too.  Patch from russ at sludge.net.
 2006-06-30 10:51:32 +10:00
Darren Tucker
8b272ab09b - (dtucker) [configure.ac] Bug #1203: Add missing '[', which causes problems 
with autoconf 2.60.  Patch from vapier at gentoo.org.
 2006-06-27 11:20:28 +10:00
Darren Tucker
144e8d60cd - (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys 
only, otherwise sshd can hang exiting non-interactive sessions.
 2006-06-25 08:25:25 +10:00
Darren Tucker
03890e44cd - (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug 
#1102 workaround.
 2006-06-24 16:58:45 +10:00
Darren Tucker
0249f93c4d - (dtucker) [configure.ac] Bug #1193: Define PASSWD_NEEDS_USERNAME on Solaris. 
Works around limitation in Solaris' passwd program for changing passwords
   where the username is longer than 8 characters.  ok djm@
 2006-06-24 12:10:07 +10:00
Darren Tucker
9afe115f0a - (dtucker) [channels.c configure.ac serverloop.c] Bug #1102: Around AIX 
4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
   on the pty slave as zero-length reads on the pty master, which sshd
   interprets as the descriptor closing.  Since most things don't do zero
   length writes this rarely matters, but occasionally it happens, and when
   it does the SSH pty session appears to hang, so we add a special case for
   this condition.  ok djm@
 2006-06-23 21:24:12 +10:00
Darren Tucker
3eb4834489 - (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add 
tunnel support for Mac OS X/Darwin via a third-party tun driver.  Patch
   from reyk@, tested by anil@
 2006-06-23 21:05:12 +10:00
Damien Miller
643460803f - (djm) [getput.h] This file has been replaced by functions in misc.c 2006-06-13 13:15:54 +10:00
Damien Miller
a6680a4e35 - djm@cvs.openbsd.org 2006/06/13 01:18:36 
[ssh-agent.c]
     always use a format string, even when printing a constant
   - djm@cvs.openbsd.org 2006/06/13 02:17:07
     [ssh-agent.c]
     revert; i am on drugs. spotted by alexander AT beard.se
 2006-06-13 13:10:18 +10:00
Damien Miller
2e5fe88ebe - markus@cvs.openbsd.org 2006/06/08 14:45:49 
[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm
 2006-06-13 13:10:00 +10:00
Damien Miller
6b4069ad56 - markus@cvs.openbsd.org 2006/06/06 10:20:20 
[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm
 2006-06-13 13:05:15 +10:00
Damien Miller
eb13e556e5 - markus@cvs.openbsd.org 2006/06/01 09:21:48 
[sshd.c]
     call get_remote_ipaddr() early; fixes logging after client disconnects;
     report mpf@; ok dtucker@
 2006-06-13 13:03:53 +10:00
Damien Miller
7b1e757b28 - mk@cvs.openbsd.org 2006/05/30 11:46:38 
[ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
 2006-06-13 13:03:34 +10:00
Damien Miller
fbc94c857a - jmc@cvs.openbsd.org 2006/05/29 16:13:23 
[ssh.1]
     add GSSAPI to the list of authentication methods supported;
 2006-06-13 13:03:16 +10:00
Damien Miller
3c6ed7bbd5 - jmc@cvs.openbsd.org 2006/05/29 16:10:03 
[ssh_config.5]
     oops - previous was too long; split the list of auths up
 2006-06-13 13:01:41 +10:00
Damien Miller
81a38928eb - dtucker@cvs.openbsd.org 2006/05/29 12:56:33 
[ssh_config]
     Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in sample
     ssh_config.  ok markus@
 2006-06-13 13:01:09 +10:00
Damien Miller
658f945538 - dtucker@cvs.openbsd.org 2006/05/29 12:54:08 
[ssh_config.5]
     Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
 2006-06-13 13:00:55 +10:00
Damien Miller
ad6b14d274 - miod@cvs.openbsd.org 2006/05/18 21:27:25 
[kexdhc.c kexgexc.c]
     paramter -> parameter
 2006-06-13 13:00:41 +10:00
Damien Miller
40b5985fe0 - markus@cvs.openbsd.org 2006/05/17 12:43:34 
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
 2006-06-13 13:00:25 +10:00
Damien Miller
24fd8ddd61 - markus@cvs.openbsd.org 2006/05/16 09:00:00 
[clientloop.c]
     missing free; from Kylene Hall
 2006-06-13 13:00:09 +10:00
Damien Miller
e250a94e69 - djm@cvs.openbsd.org 2006/05/08 10:49:48 
[sshconnect2.c]
     uint32_t -> u_int32_t (which we use everywhere else)
     (Id sync only - portable already had this)
 2006-06-13 12:59:53 +10:00
Darren Tucker
f14b2aa672 - (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor 
and slave, we can remove the special-case handling in the audit hook in
   auth_log.
 2006-05-21 18:26:40 +10:00
Darren Tucker
f58b29d515 - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file 
pointer leak.  From kjhall at us.ibm.com, found by coverity.
 2006-05-17 22:24:56 +10:00
Darren Tucker
73373877db typo 2006-05-15 17:24:25 +10:00
Darren Tucker
2c77b7f1c1 - (dtucker) [auth-pam.c] Bug #1188: pass result of do_pam_account back and 
do not allow kbdint again after the PAM account check fails.  ok djm@
 2006-05-15 17:22:33 +10:00
Darren Tucker
cefd8bb36d - (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative 
default.  Patch originally from tim@, ok djm
 2006-05-15 17:17:29 +10:00
Darren Tucker
13c539a4dc - (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of 
_res, prevents problems on some platforms that have _res as a global but
   don't have getrrsetbyname(), eg IRIX 5.3.  Found and tested by
   georg.schwarz at freenet.de, ok djm@.
 2006-05-15 17:15:56 +10:00
Darren Tucker
43ff44e7db - dtucker@cvs.openbsd.org 2006/05/06 08:35:40 
[auth-krb5.c]
     Add $OpenBSD$ in comment here too
 2006-05-06 18:40:53 +10:00
Darren Tucker
f779f672eb - djm@cvs.openbsd.org 2006/04/01 05:37:46 
[OVERVIEW]
     $OpenBSD$ in here too
 2006-05-06 17:48:48 +10:00
Darren Tucker
31cde6828d - djm@cvs.openbsd.org 2006/05/04 14:55:23 
[dh.c]
     tighter DH exponent checks here too; feedback and ok markus@
 2006-05-06 17:43:33 +10:00
Darren Tucker
232b76f9f8 - dtucker@cvs.openbsd.org 2006/04/25 08:02:27 
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186, ok djm@
 2006-05-06 17:41:51 +10:00
Darren Tucker
d8093e49bf - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c 
session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@
 2006-05-04 16:24:34 +10:00
Darren Tucker
596d33801f - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h 
and double including it on IRIX 5.3 causes problems.  From Georg Schwarz,
   "no objections" tim@
 2006-05-03 19:01:09 +10:00
Damien Miller
7b50b2030b missing file 2006-04-23 12:31:27 +10:00
Damien Miller
2bdd1c117c - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get 
sig_atomic_t
 2006-04-23 12:28:53 +10:00
Damien Miller
08d4b0ca5d - stevesk@cvs.openbsd.org 2006/04/22 18:29:33 
[crc32.c]
     remove extra spaces
 2006-04-23 12:12:24 +10:00
Damien Miller
2282c6e305 - djm@cvs.openbsd.org 2006/04/22 04:06:51 
[uidswap.c]
     use setres[ug]id() to permanently revoke privileges; ok deraadt@
     (ID Sync only - portable already uses setres[ug]id() whenever possible)
 2006-04-23 12:11:57 +10:00
Damien Miller
525a0b090f - djm@cvs.openbsd.org 2006/04/20 21:53:44 
[includes.h session.c sftp.c]
     Switch from using pipes to socketpairs for communication between
     sftp/scp and ssh, and between sshd and its subprocesses. This saves
     a file descriptor per session and apparently makes userland ppp over
     ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this
     decision on a per-platform basis)
 2006-04-23 12:10:49 +10:00
Damien Miller
56e5e6ad11 - markus@cvs.openbsd.org 2006/04/20 09:47:59 
[sshconnect.c]
     simplify; ok djm@
 2006-04-23 12:08:59 +10:00
Damien Miller
97c91f688f - djm@cvs.openbsd.org 2006/04/20 09:27:09 
[auth.h clientloop.c dispatch.c dispatch.h kex.h]
     replace the last non-sig_atomic_t flag used in a signal handler with a
     sig_atomic_t, unfortunately with some knock-on effects in other (non-
     signal) contexts in which it is used; ok markus@
 2006-04-23 12:08:37 +10:00
Damien Miller
58629fad82 - dtucker@cvs.openbsd.org 2006/04/18 10:44:28 
[bufaux.c bufbn.c]
     Move Buffer bignum functions into their own file, bufbn.c. This means
     that sftp and sftp-server (which use the Buffer functions in bufaux.c
     but not the bignum ones) no longer need to be linked with libcrypto.
     ok markus@
 2006-04-23 12:08:19 +10:00
Damien Miller
b5ea7e7c03 - djm@cvs.openbsd.org 2006/04/16 07:59:00 
[atomicio.c]
     reorder sanity test so that it cannot dereference past the end of the
     iov array; well spotted canacar@!
 2006-04-23 12:06:49 +10:00
Damien Miller
58ca98bfe1 - djm@cvs.openbsd.org 2006/04/16 00:54:10 
[sftp-client.c]
     avoid making a tiny 4-byte write to send the packet length of sftp
     commands, which would result in a separate tiny packet on the wire by
     using atomiciov(writev, ...) to write the length and the command in one
     pass; ok deraadt@
 2006-04-23 12:06:35 +10:00
Damien Miller
6aa139c41f - djm@cvs.openbsd.org 2006/04/16 00:52:55 
[atomicio.c atomicio.h]
     introduce atomiciov() function that wraps readv/writev to retry
     interrupted transfers like atomicio() does for read/write;
     feedback deraadt@ dtucker@ stevesk@ ok deraadt@
 2006-04-23 12:06:20 +10:00
Damien Miller
499a0d5ada - djm@cvs.openbsd.org 2006/04/16 00:48:52 
[buffer.c buffer.h channels.c]
     Fix condition where we could exit with a fatal error when an input
     buffer became too large and the remote end had advertised a big window.
     The problem was a mismatch in the backoff math between the channels code
     and the buffer code, so make a buffer_check_alloc() function that the
     channels code can use to propsectivly check whether an incremental
     allocation will succeed.  bz #1131, debugged with the assistance of
     cove AT wildpackets.com; ok dtucker@ deraadt@
 2006-04-23 12:06:03 +10:00
Damien Miller
63e437f053 - djm@cvs.openbsd.org 2006/04/03 07:10:38 
[gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@
 2006-04-23 12:05:46 +10:00
Damien Miller
603e68f1a2 - dtucker@cvs.openbsd.org 2006/04/02 08:34:52 
[ssh-keysign.c]
     sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
 2006-04-23 12:05:32 +10:00
Damien Miller
7a656f7922 - djm@cvs.openbsd.org 2006/04/01 05:50:29 
[scp.c]
     xasprintification; ok deraadt@
 2006-04-23 12:04:46 +10:00
Damien Miller
07aa132a5e - (djm) OpenBSD CVS Sync 
- deraadt@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
 2006-04-23 12:04:27 +10:00
Damien Miller
73b42d2bb0 - (djm) [Makefile.in configure.ac session.c sshpty.c] 
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@
 2006-04-22 21:26:08 +10:00
Damien Miller
2eaf37d899 - (djm) Reorder IP options check so that it isn't broken by 
mapped addresses; bz #1179 reported by markw wtech-llc.com;
   ok dtucker@
 2006-04-18 15:13:16 +10:00
Damien Miller
dfc6183f13 - djm@cvs.openbsd.org 2006/03/31 09:13:56 
[ssh_config.5]
     remote user escape is %r not %h; spotted by jmc@
 2006-03-31 23:14:57 +11:00
Damien Miller
c6437cf00a - jmc@cvs.openbsd.org 2006/03/31 09:09:30 
[ssh_config.5]
     kill trailing whitespace;
 2006-03-31 23:14:41 +11:00
Damien Miller
7a8f5b330d - dtucker@cvs.openbsd.org 2006/03/30 11:40:21 
[auth.c monitor.c]
     Prevent duplicate log messages when privsep=yes; ok djm@
 2006-03-31 23:14:23 +11:00
Damien Miller
e23209f434 - dtucker@cvs.openbsd.org 2006/03/30 11:05:17 
[ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@
 2006-03-31 23:13:35 +11:00
Damien Miller
6b1d53c2b0 - djm@cvs.openbsd.org 2006/03/30 10:41:25 
[ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
 2006-03-31 23:13:21 +11:00
Damien Miller
3f9418893e - djm@cvs.openbsd.org 2006/03/30 09:58:16 
[authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
     [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
     replace {GET,PUT}_XXBIT macros with functionally similar functions,
     silencing a heap of lint warnings. also allows them to use
     __bounded__ checking which can't be applied to macros; requested
     by and feedback from deraadt@
 2006-03-31 23:13:02 +11:00
Damien Miller
d79b424e8a - djm@cvs.openbsd.org 2006/03/30 09:41:25 
[channels.c]
     ARGSUSED for dispatch table-driven functions
 2006-03-31 23:11:44 +11:00
Damien Miller
89c3fe4a9e - deraadt@cvs.openbsd.org 2006/03/28 01:53:43 
[ssh-agent.c]
     use strtonum() to parse the pid from the file, and range check it
     better; ok djm
 2006-03-31 23:11:28 +11:00
Damien Miller
57c4e875f8 - deraadt@cvs.openbsd.org 2006/03/28 01:52:28 
[channels.c]
     do not accept unreasonable X ports numbers; ok djm
 2006-03-31 23:11:07 +11:00
Damien Miller
ddd63ab1d0 - deraadt@cvs.openbsd.org 2006/03/28 00:12:31 
[README.tun ssh.c]
     spacing
 2006-03-31 23:10:51 +11:00
Damien Miller
2b5a0de903 - djm@cvs.openbsd.org 2006/03/27 23:15:46 
[sftp.c]
     always use a format string for addargs; spotted by mouring@
 2006-03-31 23:10:31 +11:00
Damien Miller
5a73c1a34d - deraadt@cvs.openbsd.org 2006/03/27 13:03:54 
[dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
 2006-03-31 23:09:41 +11:00
Damien Miller
da380becc6 - OpenBSD CVS Sync 
- deraadt@cvs.openbsd.org 2006/03/27 01:21:18
     [xmalloc.c]
     we can do the size & nmemb check before the integer overflow check;
     evol
 2006-03-31 23:09:17 +11:00
Damien Miller
b3cdc220c4 - deraadt@cvs.openbsd.org 2006/03/26 01:31:48 
[uuencode.c]
     typo
 2006-03-26 14:30:33 +11:00
Damien Miller
51096383e9 - djm@cvs.openbsd.org 2006/03/25 22:22:43 
[atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
     [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
     [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
     [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
     [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
     [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
     [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
     [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
     [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
     [ttymodes.h uidswap.h uuencode.h xmalloc.h]
     standardise spacing in $OpenBSD$ tags; requested by deraadt@
 2006-03-26 14:30:00 +11:00
Damien Miller
e3b21a5f59 - deraadt@cvs.openbsd.org 2006/03/25 18:58:10 
[channels.c]
     delete cast not required
 2006-03-26 14:29:06 +11:00
Damien Miller
a0fdce9a47 - deraadt@cvs.openbsd.org 2006/03/25 18:56:55 
[bufaux.c channels.c packet.c]
     remove (char *) casts to a function that accepts void * for the arg
 2006-03-26 14:28:50 +11:00
Damien Miller
08d61505d7 - deraadt@cvs.openbsd.org 2006/03/25 18:43:30 
[channels.c]
     use strtonum() instead of atoi() [limit X screens to 400, sorry]
 2006-03-26 14:28:32 +11:00
Damien Miller
1c13bd8d79 - deraadt@cvs.openbsd.org 2006/03/25 18:41:45 
[ssh-agent.c]
     mark two more signal handlers ARGSUSED
 2006-03-26 14:28:14 +11:00
Damien Miller
5f340065fc - deraadt@cvs.openbsd.org 2006/03/25 18:40:14 
[ssh-keygen.c]
     cast strtonum() result to right type
 2006-03-26 14:27:57 +11:00
Damien Miller
a1690d08b4 - deraadt@cvs.openbsd.org 2006/03/25 18:36:15 
[sshlogin.c sshlogin.h]
     nicer size_t and time_t types
 2006-03-26 14:27:35 +11:00
Damien Miller
90fdfaf69c - deraadt@cvs.openbsd.org 2006/03/25 18:30:55 
[clientloop.c serverloop.c]
     spacing
 2006-03-26 14:25:37 +11:00
Damien Miller
8ba29fe72d - deraadt@cvs.openbsd.org 2006/03/25 18:29:35 
[auth-rsa.c authfd.c packet.c]
     needed casts (always will be needed)
 2006-03-26 14:25:19 +11:00
Damien Miller
48c4ed2b78 oops, rewrap 2006-03-26 14:25:05 +11:00
Damien Miller
57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03 
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
 2006-03-26 14:24:48 +11:00
Damien Miller
55b04f1d77 - djm@cvs.openbsd.org 2006/03/25 01:30:23 
[sftp.c]
     "abormally" is a perfectly cromulent word, but "abnormally" is better
 2006-03-26 14:23:17 +11:00
Damien Miller
36812092ec - djm@cvs.openbsd.org 2006/03/25 01:13:23 
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer
     API; ok deraadt@
 2006-03-26 14:22:47 +11:00
Damien Miller
07d86bec5e - djm@cvs.openbsd.org 2006/03/25 00:05:41 
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@
 2006-03-26 14:19:21 +11:00
Damien Miller
a5a2859275 - deraadt@cvs.openbsd.org 2006/03/20 21:11:53 
[ttymodes.c]
     spacing
 2006-03-26 14:10:34 +11:00
Damien Miller
4f7becb44f - deraadt@cvs.openbsd.org 2006/03/20 18:48:34 
[channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
 2006-03-26 14:10:14 +11:00
Damien Miller
1d2b6706ba - deraadt@cvs.openbsd.org 2006/03/20 18:42:27 
[canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
 2006-03-26 14:09:54 +11:00
Damien Miller
1ff7c642ee - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 
[dns.c]
     cast xstrdup to propert u_char *
 2006-03-26 14:09:09 +11:00
Damien Miller
4ae97f1885 - deraadt@cvs.openbsd.org 2006/03/20 18:35:12 
[channels.c]
     x11_fake_data is only ever used as u_char *
 2006-03-26 14:08:10 +11:00
Damien Miller
9f3bd53acd - deraadt@cvs.openbsd.org 2006/03/20 18:27:50 
[monitor.c]
     spacing
 2006-03-26 14:07:52 +11:00
Damien Miller
9096740f6c - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
 2006-03-26 14:07:26 +11:00
Damien Miller
91d4b12fcb - deraadt@cvs.openbsd.org 2006/03/20 18:17:20 
[auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes
     must ignore their args)
 2006-03-26 14:05:20 +11:00
Damien Miller
1b81a49f86 rewrap 2006-03-26 14:05:02 +11:00
Damien Miller
71a7367130 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
 2006-03-26 14:04:36 +11:00
Damien Miller
6d39bcf898 - deraadt@cvs.openbsd.org 2006/03/20 17:17:23 
[ssh-rsa.c]
     in a switch (), break after return or goto is stupid
 2006-03-26 14:03:21 +11:00
Damien Miller
bbaad7772a - deraadt@cvs.openbsd.org 2006/03/20 17:13:16 
[key.c]
     djm did a typo
 2006-03-26 14:03:03 +11:00
Damien Miller
69b7203e6f - deraadt@cvs.openbsd.org 2006/03/20 17:10:19 
[auth.c key.c misc.c packet.c ssh-add.c]
     in a switch (), break after return or goto is stupid
 2006-03-26 14:02:35 +11:00
Damien Miller
429fcc23db - djm@cvs.openbsd.org 2006/03/20 11:38:46 
[key.c]
     (really) last of the Coverity diffs: avoid possible NULL deref in
     key_free. via elad AT netbsd.org; markus@ ok
 2006-03-26 14:02:16 +11:00
Damien Miller
96937bd914 - djm@cvs.openbsd.org 2006/03/20 04:09:44 
[monitor.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@ ok
     that should be all of them now
 2006-03-26 14:01:54 +11:00
Damien Miller
3305f5591f - deraadt@cvs.openbsd.org 2006/03/19 18:59:09 
[authfile.c]
     whoever thought that break after return was a good idea needs to
     get their head examimed
 2006-03-26 14:00:31 +11:00
Damien Miller
4662d3492f - deraadt@cvs.openbsd.org 2006/03/19 18:59:30 
[ssh.c]
     spacing
 2006-03-26 13:59:59 +11:00
Damien Miller
3bbaba6075 - deraadt@cvs.openbsd.org 2006/03/19 18:59:49 
[ssh-keyscan.c]
     please lint
 2006-03-26 13:59:38 +11:00
Damien Miller
f0b15dfc52 - deraadt@cvs.openbsd.org 2006/03/19 18:56:41 
[clientloop.c progressmeter.c serverloop.c sshd.c]
     ARGSUSED for signal handlers
 2006-03-26 13:59:20 +11:00
Damien Miller
c91e556d8a - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 
[kex.c kex.h monitor.c myproposal.h session.c]
     spacing
 2006-03-26 13:58:55 +11:00
Damien Miller
d62f2ca376 - deraadt@cvs.openbsd.org 2006/03/19 18:52:11 
[auth1.c authfd.c channels.c]
     spacing
 2006-03-26 13:57:41 +11:00
Damien Miller
78f16cb07b - dtucker@cvs.openbsd.org 2006/03/19 11:51:52 
[servconf.c]
     Correct strdelim null test; ok djm@
 2006-03-26 13:54:37 +11:00
Damien Miller
5790b5910b - djm@cvs.openbsd.org 2006/03/19 07:41:30 
[sshconnect2.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@ ok
 2006-03-26 13:54:03 +11:00
Damien Miller
928b23684a - djm@cvs.openbsd.org 2006/03/19 02:24:05 
[dh.c readconf.c servconf.c]
     potential NULL pointer dereferences detected by Coverity
     via elad AT netbsd.org; ok deraadt@
 2006-03-26 13:53:32 +11:00
Damien Miller
6db780e259 - djm@cvs.openbsd.org 2006/03/19 02:23:26 
[hostfile.c]
     FILE* leak detected by Coverity via elad AT netbsd.org;
     ok deraadt@
 2006-03-26 13:52:20 +11:00
Damien Miller
e0b90a6766 - djm@cvs.openbsd.org 2006/03/19 02:22:56 
[sftp.c]
     more memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@ ok
 2006-03-26 13:51:44 +11:00
Damien Miller
6f98a1fea7 - djm@cvs.openbsd.org 2006/03/19 02:22:32 
[serverloop.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     ok deraadt@ dtucker@
 2006-03-26 13:51:08 +11:00
Damien Miller
304a940889 - djm@cvs.openbsd.org 2006/03/17 22:31:11 
[authfd.c]
     unreachanble statement, found by lint
 2006-03-26 13:50:37 +11:00
Damien Miller
5b83232b48 - djm@cvs.openbsd.org 2006/03/17 22:31:50 
[authfd.c]
     another unreachable found by lint
 2006-03-26 13:50:14 +11:00
Damien Miller
745570cd79 - biorn@cvs.openbsd.org 2006/03/16 10:31:45 
[scp.c]
     Try to display errormessage even if remout == -1
     ok djm@, markus@
 2006-03-26 13:49:43 +11:00
Damien Miller
cb314828eb - OpenBSD CVS Sync 
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
     [ssh-keygen.c]
     if no key file are given when printing the DNS host record, use the
     host key file(s) as default. ok djm@
 2006-03-26 13:48:01 +11:00
Damien Miller
2dbbf8e9fc [deattack.c deattack.h] 
remove IV support from the CRC attack detector, OpenSSH has never used
     it - it only applied to IDEA-CFB, which we don't support.
     prompted by NetBSD Coverity report via elad AT netbsd.org;
     feedback markus@ "nuke it" deraadt@
 2006-03-26 00:11:46 +11:00
Damien Miller
a1b3d636ab - jakob@cvs.openbsd.org 2006/03/22 21:16:24 
[ssh.1]
     simplify SSHFP example; ok jmc@
 2006-03-26 00:07:02 +11:00
Damien Miller
5996294a95 - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 
[dns.c]
     cast xstrdup to propert u_char *
 2006-03-26 00:06:48 +11:00
Damien Miller
1345e617da - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 
[session.h]
     annoying spacing fixes getting in the way of real diffs
 2006-03-26 00:06:32 +11:00
Damien Miller
ed3986a004 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 
[monitor_wrap.h sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
 2006-03-26 00:06:14 +11:00
Damien Miller
91a2d9746a - djm@cvs.openbsd.org 2006/03/20 04:08:18 
[gss-serv.c]
     last lot of GSSAPI related leaks detected by Coverity via
     elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
 2006-03-26 00:05:44 +11:00
Damien Miller
a66cf68dd7 - djm@cvs.openbsd.org 2006/03/20 04:07:49 
[gss-genr.c]
     more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@ ok
 2006-03-26 00:05:23 +11:00
Damien Miller
f23c09670a - djm@cvs.openbsd.org 2006/03/20 04:07:22 
[auth2-gss.c]
     GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@ ok
 2006-03-26 00:04:53 +11:00
Damien Miller
51b4f82123 - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 
[kex.h myproposal.h]
     spacing
 2006-03-26 00:04:32 +11:00
Damien Miller
b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
 2006-03-26 00:03:21 +11:00
Damien Miller
3e96d74274 - djm@cvs.openbsd.org 2006/03/16 04:24:42 
[ssh.1]
     Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
     that OpenSSH supports
 2006-03-25 23:39:29 +11:00
Darren Tucker
9834cab32e - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take 
a LLONG rather than a long.  Fixes scp'ing of large files on platforms
   with missing/broken snprintfs.  Patch from e.borovac at bom.gov.au.
 2006-03-19 00:07:07 +11:00
Damien Miller
66f9eb65ff - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via 
elad AT NetBSD.org
 2006-03-18 23:04:49 +11:00
Damien Miller
b309203ce0 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old 
OpenSSL; ok tim
 2006-03-16 18:22:18 +11:00
Tim Rice
425a6886f9 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable 
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
 2006-03-15 20:17:05 -08:00
Darren Tucker
c495301bf8 - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in 
/usr/include/crypto.  Hint from djm@.
 2006-03-16 08:14:34 +11:00
Darren Tucker
d82cbcb9da - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. 2006-03-16 07:21:35 +11:00
Darren Tucker
8bb9e2c900 - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD. 2006-03-15 22:28:17 +11:00
Darren Tucker
dc6118e127 - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs 
sys/ioctl.h for struct winsize.
 2006-03-15 22:25:54 +11:00
Damien Miller
b0024914c9 - (djm) [includes.h] Put back paths.h, it is needed in defines.h 2006-03-15 21:48:54 +11:00
Darren Tucker
486d95e6f7 - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE 2006-03-15 21:31:39 +11:00
Tim Rice
4b23f7c660 - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some 
includes removed from includes.h
 2006-03-14 22:09:50 -08:00
Tim Rice
7a4cf232c9 - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:" 
warnings.
 2006-03-14 21:04:18 -08:00
Damien Miller
6645e7a70d - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] 
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
 2006-03-15 14:42:54 +11:00
Damien Miller
34877d2e17 - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out 
SHA384, which we don't need and doesn't compile without tweaks
 2006-03-15 14:36:55 +11:00
Damien Miller
42fb06898e - (djm) [ssh-agent.c] Restore dropped stat.h 2006-03-15 14:03:06 +11:00
Damien Miller
3717cdac60 - (djm) [ssh-rand-helper.c] Needs a bunch of headers 2006-03-15 14:02:36 +11:00
Damien Miller
a623807860 - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with 
system sha2.h
 2006-03-15 14:02:01 +11:00
Damien Miller
627725281e - (djm) [loginrec.c] Need stat.h 2006-03-15 14:01:11 +11:00
Damien Miller
b3b4ba3fba - (djm) [regress/.cvsignore] Ignore Makefile here 2006-03-15 13:13:27 +11:00
Damien Miller
41e364bcfa - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present 2006-03-15 13:12:41 +11:00
Damien Miller
471e9b3ca6 - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files 2006-03-15 13:09:18 +11:00
Damien Miller
dcf4ca110e - (djm) [includes.h] Restore accidentally dropped netinet/in.h 2006-03-15 13:07:48 +11:00
Damien Miller
af87af165f - (djm) [configure.ac defines.h kex.c md-sha256.c] 
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
   [openbsd-compat/sha2.c] First stab at portability glue for SHA256
   KEX support, should work with libc SHA256 support or OpenSSL
   EVP_sha256 if present
 2006-03-15 13:02:28 +11:00
Damien Miller
a63128d1a8 - djm@cvs.openbsd.org 2006/03/07 09:07:40 
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     Implement the diffie-hellman-group-exchange-sha256 key exchange method
     using the SHA256 code in libc (and wrapper to make it into an OpenSSL
     EVP), interop tested against CVS PuTTY
     NB. no portability bits committed yet
 2006-03-15 12:08:28 +11:00
Damien Miller
cc3e8ba3c2 - markus@cvs.openbsd.org 2006/03/14 16:32:48 
[ssh_config.5 sshd_config.5]
     *AliveCountMax applies to protcol v2 only; ok dtucker, djm
 2006-03-15 12:06:55 +11:00
Damien Miller
de85a28825 - djm@cvs.openbsd.org 2006/03/14 00:15:39 
[canohost.c]
     log the originating address and not just the name when a reverse
     mapping check fails, requested by linux AT linuon.com
 2006-03-15 12:06:41 +11:00
Damien Miller
8275fade44 - dtucker@cvs.openbsd.org 2006/03/13 10:26:52 
[authfile.c authfile.h ssh-add.c]
     Make ssh-add check file permissions before attempting to load private
     key files multiple times; it will fail anyway and this prevents confusing
     multiple prompts and warnings.  mindrot #1138, ok djm@
 2006-03-15 12:06:23 +11:00
Damien Miller
306d118f72 - dtucker@cvs.openbsd.org 2006/03/13 10:14:29 
[misc.c ssh_config.5 sshd_config.5]
     Allow config directives to contain whitespace by surrounding them by double
     quotes.  mindrot #482, man page help from jmc@, ok djm@
 2006-03-15 12:05:59 +11:00
Damien Miller
8056a9d46a - dtucker@cvs.openbsd.org 2006/03/13 08:43:16 
[ssh-keygen.c]
     Make ssh-keygen handle CR and CRLF line termination when converting IETF
     format keys, in adition to vanilla LF.  mindrot #1157, tested by Chris
     Pepper, ok djm@
 2006-03-15 12:05:40 +11:00
Damien Miller
314dd4b2f3 - dtucker@cvs.openbsd.org 2006/03/13 08:33:00 
[packet.c]
     Set TCP_NODELAY for all connections not just "interactive" ones.  Fixes
     poor performance and protocol stalls under some network conditions (mindrot
     bugs #556 and #981). Patch originally from markus@, ok djm@
 2006-03-15 12:05:22 +11:00
Damien Miller
b24c2f8e33 - djm@cvs.openbsd.org 2006/03/13 08:16:00 
[sshd.c]
     don't log that we are listening on a socket before the listen() call
     actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@
 2006-03-15 12:04:36 +11:00
Damien Miller
2ecb6bd95d - djm@cvs.openbsd.org 2006/03/12 04:23:07 
[ssh.c]
     knf nit
 2006-03-15 12:03:53 +11:00
Damien Miller
ec04f360eb - djm@cvs.openbsd.org 2006/03/04 04:12:58 
[serverloop.c]
     move a debug() outside of a signal handler; ok markus@ a little while back
 2006-03-15 12:01:34 +11:00
Damien Miller
1cf76d97f9 - djm@cvs.openbsd.org 2006/02/28 01:10:21 
[session.c]
     fix logout recording when privilege separation is disabled, analysis and
     patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@
     NB. ID sync only - patch already in portable
 2006-03-15 12:01:14 +11:00
Damien Miller
4aea974a1d - jmc@cvs.openbsd.org 2006/02/26 18:03:10 
[ssh_config.5]
     comma;
 2006-03-15 11:59:39 +11:00
Damien Miller
e3beba231a - jmc@cvs.openbsd.org 2006/02/26 18:01:13 
[sshd_config.5]
     subsection is pointless here;
 2006-03-15 11:59:25 +11:00
Damien Miller
b5282c2f06 - jmc@cvs.openbsd.org 2006/02/26 17:17:18 
[ssh_config.5]
     move PATTERNS to the end of the main body; requested by dtucker
 2006-03-15 11:59:08 +11:00
Damien Miller
ac73e51390 - jmc@cvs.openbsd.org 2006/02/25 12:28:34 
[sshd_config.5]
     document the order in which allow/deny directives are processed;
     help/ok dtucker
 2006-03-15 11:58:49 +11:00
Damien Miller
d450f49d4a missed in commit message: 
help/ok dtucker
 2006-03-15 11:58:25 +11:00
Damien Miller
9cfbaecb64 - jmc@cvs.openbsd.org 2006/02/25 12:26:17 
[ssh_config.5]
     document the possible values for KbdInteractiveDevices;
 2006-03-15 11:57:55 +11:00
Damien Miller
f4f22b54c0 - jmc@cvs.openbsd.org 2006/02/24 23:51:17 
[sshd_config.5]
     oops - bits i missed;
 2006-03-15 11:57:25 +11:00
Damien Miller
5b0d63f894 - jmc@cvs.openbsd.org 2006/02/24 23:43:57 
[sshd_config.5]
     some grammar/wording fixes;
 2006-03-15 11:56:56 +11:00
Damien Miller
45ee2b91e6 - jmc@cvs.openbsd.org 2006/02/24 23:20:07 
[ssh_config.5]
     some grammar/wording fixes;
 2006-03-15 11:56:18 +11:00