Commit Graph

6346 Commits

Author SHA1 Message Date
Darren Tucker
a8a62fcc46 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35
[rekey.sh]
     Add test for time-based rekeying
2013-05-17 09:42:34 +10:00
Darren Tucker
5e95173715 - djm@cvs.openbsd.org 2013/05/10 03:46:14
[modpipe.c]
     sync some portability changes from portable OpenSSH (id sync only)
2013-05-17 09:41:33 +10:00
Darren Tucker
a4df65b9fc - dtucker@cvs.openbsd.org 2013/04/22 07:28:53
[multiplex.sh]
     Add tests for -Oforward and -Ocancel for local and remote forwards
2013-05-17 09:37:31 +10:00
Darren Tucker
40aaff7e4b - dtucker@cvs.openbsd.org 2013/04/22 07:23:08
[multiplex.sh]
     Write mux master logs to regress.log instead of ssh.log to keep separate
2013-05-17 09:36:20 +10:00
Darren Tucker
f3568fc62b - djm@cvs.openbsd.org 2013/04/18 02:46:12
[Makefile regress/sftp-chroot.sh]
     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
2013-05-17 09:35:26 +10:00
Darren Tucker
dfea3bcdd7 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03
[regress/Makefile regress/rekey.sh regress/integrity.sh
     regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
     use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
     save the output from any failing tests.  If a test fails the debug output
     from ssh and sshd for the failing tests (and only the failing tests) should
     be available in failed-ssh{,d}.log.
2013-05-17 09:31:39 +10:00
Darren Tucker
75129025a2 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
     regress/multiplex.sh Makefile regress/cfgmatch.sh]
     Split the regress log into 3 parts: the debug output from ssh, the debug
     log from sshd and the output from the client command (ssh, scp or sftp).
     Somewhat functional now, will become more useful when ssh/sshd -E is added.
2013-05-17 09:19:10 +10:00
Darren Tucker
7c8b1e7233 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43
[test-exec.sh]
     Only regenerate host keys if they don't exist or if ssh-keygen has changed
     since they were.  Reduces test runtime by 5-30% depending on machine
     speed.
2013-05-17 09:10:20 +10:00
Darren Tucker
712de4d110 - djm@cvs.openbsd.org 2013/03/07 00:20:34
[regress/proxy-connect.sh]
     repeat test with a style appended to the username
2013-05-17 09:07:12 +10:00
Darren Tucker
09c0f0325b - dtucker@cvs.openbsd.org 2013/05/16 10:44:06
[servconf.c]
     remove another now-unused variable
2013-05-16 20:48:57 +10:00
Darren Tucker
9113d0c238 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34
[servconf.c readconf.c]
     remove now-unused variables
2013-05-16 20:48:14 +10:00
Darren Tucker
e194ba4111 - (dtucker) [configure.ac readconf.c servconf.c
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2013-05-16 20:47:31 +10:00
Darren Tucker
b7ee852144 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31
[readconf.c servconf.c]
     switch RekeyLimit traffic volume parsing to scan_scaled.  ok djm@
2013-05-16 20:33:10 +10:00
Darren Tucker
dbee308253 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
     Fix some "unused result" warnings found via clang and -portable.
     ok markus@
2013-05-16 20:32:29 +10:00
Darren Tucker
64d22946d6 - jmc@cvs.openbsd.org 2013/05/16 06:30:06
[sshd_config.5]
     oops! avoid Xr to self;
2013-05-16 20:31:29 +10:00
Darren Tucker
63e0df2b93 - jmc@cvs.openbsd.org 2013/05/16 06:28:45
[ssh_config.5]
     put IgnoreUnknown in the right place;
2013-05-16 20:30:31 +10:00
Darren Tucker
0763698f71 - djm@cvs.openbsd.org 2013/05/16 04:27:50
[ssh_config.5 readconf.h readconf.c]
     add the ability to ignore specific unrecognised ssh_config options;
     bz#866; ok markus@
2013-05-16 20:30:03 +10:00
Darren Tucker
5f96f3b4be - dtucker@cvs.openbsd.org 2013/05/16 04:09:14
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
     sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
     rekeying based on traffic volume or time.  ok djm@, help & ok jmc@ for the man
     page.
2013-05-16 20:29:28 +10:00
Darren Tucker
c53c2af173 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
     ssh_config.5 packet.h]
     Add an optional second argument to RekeyLimit in the client to allow
     rekeying based on elapsed time in addition to amount of traffic.
     with djm@ jmc@, ok djm
2013-05-16 20:28:16 +10:00
Darren Tucker
64c6fceecd - dtucker@cvs.openbsd.org 2013/05/10 10:13:50
[ssh-pkcs11-helper.c]
     remove unused extern optarg.  ok markus@
2013-05-16 20:27:14 +10:00
Darren Tucker
caf0010934 - djm@cvs.openbsd.org 2013/05/10 04:08:01
[key.c]
     memleak in cert_free(), wasn't actually freeing the struct;
     bz#2096 from shm AT digitalsun.pl
2013-05-16 20:26:18 +10:00
Darren Tucker
7e831edbf7 add missing attribution 2013-05-16 20:25:40 +10:00
Darren Tucker
54da6be320 - djm@cvs.openbsd.org 2013/05/10 03:40:07
[sshconnect2.c]
     fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
2013-05-16 20:25:04 +10:00
Darren Tucker
5d8b702d95 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12
[sftp-server.8]
     Reference the version of the sftp draft we actually implement.  ok djm@
2013-05-16 20:24:23 +10:00
Darren Tucker
026d9db3fb - tedu@cvs.openbsd.org 2013/04/24 16:01:46
[misc.c]
     remove extra parens noticed by nicm
2013-05-16 20:23:52 +10:00
Darren Tucker
2ca51bf140 - tedu@cvs.openbsd.org 2013/04/23 17:49:45
[misc.c]
     use xasprintf instead of a series of strlcats and strdup. ok djm
2013-05-16 20:22:46 +10:00
Damien Miller
6aa3eacc5e - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
executed if mktemp failed; bz#2105 ok dtucker@
2013-05-16 11:10:17 +10:00
Darren Tucker
c54e3e0741 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so
we don't get a warning on compilers that *don't* support it.  Add
   -Wno-unknown-warning-option.  Move both to the start of the list for
   maximum noise suppression.  Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
2013-05-10 18:53:14 +10:00
Darren Tucker
a75d247a18 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the
underlying libraries support them.
2013-05-10 18:11:55 +10:00
Darren Tucker
0abfb559e3 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
  in to use it when we're using our own getopt.
2013-05-10 18:08:49 +10:00
Darren Tucker
ccfdfceacb - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
   portability code to getopt_long.c and switch over Makefile and the ugly
   hack in modpipe.c.  Fixes bz#1448.
2013-05-10 16:28:55 +10:00
Darren Tucker
3933202007 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No
portability changes yet.
2013-05-10 15:38:11 +10:00
Darren Tucker
35b2fe99be - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to
getopt.c.  Preprocessed source is identical other than line numbers.
2013-05-10 15:35:26 +10:00
Darren Tucker
abbc7a7c02 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
supports it.  Mentioned by Colin Watson in bz#2100, ok djm.
2013-05-10 13:54:23 +10:00
Damien Miller
bc02f163f6 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18
[mux.c]
     typo in debug output: evitval->exitval
2013-04-23 19:25:49 +10:00
Damien Miller
f8b894e31d - djm@cvs.openbsd.org 2013/04/19 12:07:08
[kex.c]
     remove duplicated list entry pointed out by naddy@
2013-04-23 19:25:29 +10:00
Damien Miller
34bd20a1e5 - djm@cvs.openbsd.org 2013/04/19 11:10:18
[ssh.c]
     add -Q to usage; reminded by jmc@
2013-04-23 19:25:00 +10:00
Damien Miller
ea11119eee - djm@cvs.openbsd.org 2013/04/19 01:06:50
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
     [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
     add the ability to query supported ciphers, MACs, key type and KEX
     algorithms to ssh. Includes some refactoring of KEX and key type handling
     to be table-driven; ok markus@
2013-04-23 19:24:32 +10:00
Damien Miller
a56086b990 - djm@cvs.openbsd.org 2013/04/19 01:03:01
[session.c]
     reintroduce 1.262 without the connection-killing bug:
     fatal() when ChrootDirectory specified by running without root privileges;
     ok markus@
2013-04-23 15:24:18 +10:00
Damien Miller
0d6771b464 - djm@cvs.openbsd.org 2013/04/19 01:01:00
[ssh-keygen.c]
     fix some memory leaks; bz#2088 ok dtucker@
2013-04-23 15:23:24 +10:00
Damien Miller
467b00c38b - djm@cvs.openbsd.org 2013/04/19 01:00:10
[sshd_config.5]
     document the requirment that the AuthorizedKeysCommand be owned by root;
     ok dtucker@ markus@
2013-04-23 15:23:07 +10:00
Damien Miller
9303e6527b - djm@cvs.openbsd.org 2013/04/18 02:16:07
[sftp.c]
     make "sftp -q" do what it says on the sticker: hush everything but errors;
2013-04-23 15:22:40 +10:00
Damien Miller
f1a02aea35 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09
[session.c]
     revert rev 1.262; it fails because uid is already set here.  ok djm@
2013-04-23 15:22:13 +10:00
Damien Miller
d5edefd27a - djm@cvs.openbsd.org 2013/04/11 02:27:50
[packet.c]
     quiet disconnect notifications on the server from error() back to logit()
     if it is a normal client closure; bz#2057 ok+feedback dtucker@
2013-04-23 15:21:39 +10:00
Damien Miller
6901032b05 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27
[sshd.8]
     clarify -e text. suggested by & ok jmc@
2013-04-23 15:21:24 +10:00
Damien Miller
03d4d7e60b - dtucker@cvs.openbsd.org 2013/04/07 02:10:33
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
     Add -E option to ssh and sshd to append debugging logs to a specified file
     instead of stderr or syslog.  ok markus@, man page help jmc@
2013-04-23 15:21:06 +10:00
Damien Miller
37f1c08473 - markus@cvs.openbsd.org 2013/04/06 16:07:00
[channels.c sshd.c]
     handle ECONNABORTED for accept(); ok deraadt some time ago...
2013-04-23 15:20:43 +10:00
Damien Miller
172859cff7 - djm@cvs.openbsd.org 2013/04/05 00:58:51
[mux.c]
     cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
     (in addition to ones already in OPEN); bz#2079, ok dtucker@
2013-04-23 15:19:27 +10:00
Damien Miller
9f12b5dcd5 - djm@cvs.openbsd.org 2013/04/05 00:31:49
[pathnames.h]
     use the existing _PATH_SSH_USER_RC define to construct the other
     pathnames; bz#2077, ok dtucker@ (no binary change)
2013-04-23 15:19:11 +10:00
Damien Miller
d677ad14ff - djm@cvs.openbsd.org 2013/04/05 00:14:00
[auth2-gss.c krl.c sshconnect2.c]
     hush some {unused, printf type} warnings
2013-04-23 15:18:51 +10:00