Darren Tucker
e9b3ad73ba
- (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] Add
...
null implementation of HMAC_CTX_init for the benefit of old versions
of OpenSSL that don't have it.
2012-01-17 14:03:34 +11:00
Damien Miller
8ed4de8f1d
- djm@cvs.openbsd.org 2011/12/07 05:44:38
...
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
fix some harmless and/or unreachable int overflows;
reported Xi Wang, ok markus@
2011-12-19 10:52:50 +11:00
Damien Miller
913ddff40d
- djm@cvs.openbsd.org 2011/12/04 23:16:12
...
[mux.c]
revert:
> revision 1.32
> date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
> fix bz#1948: ssh -f doesn't fork for multiplexed connection.
> ok dtucker@
it interacts badly with ControlPersist
2011-12-19 10:52:21 +11:00
Damien Miller
d0e582c6da
- djm@cvs.openbsd.org 2011/12/02 00:43:57
...
[mac.c]
fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
HMAC_init (this change in policy seems insane to me)
ok dtucker@
2011-12-19 10:51:39 +11:00
Damien Miller
5360dff2a0
- djm@cvs.openbsd.org 2011/12/02 00:41:56
...
[mux.c]
fix bz#1948: ssh -f doesn't fork for multiplexed connection.
ok dtucker@
2011-12-19 10:51:11 +11:00
Damien Miller
47d8115e53
- oga@cvs.openbsd.org 2011/11/16 12:24:28
...
[sftp.c]
Don't leak list in complete_cmd_parse if there are no commands found.
Discovered when I was ``borrowing'' this code for something else.
ok djm@
2011-11-25 13:53:48 +11:00
Darren Tucker
4a725ef6a5
- (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@
2011-11-21 16:38:48 +11:00
Darren Tucker
aa3cbd1b5b
- (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
...
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
2011-11-04 11:25:24 +11:00
Darren Tucker
be4032ba1e
- dtucker@cvs.openbsd.org 011/11/04 00:09:39
...
[moduli]
regenerated moduli file; ok deraadt
2011-11-04 11:16:06 +11:00
Darren Tucker
9c5d553d58
- djm@cvs.openbsd.org 2011/10/24 02:13:13
...
[session.c]
bz#1859: send tty break to pty master instead of (probably already
closed) slave side; "looks good" markus@
2011-11-04 10:55:24 +11:00
Darren Tucker
2d6665d944
- djm@cvs.openbsd.org 2011/10/24 02:10:46
...
[ssh.c]
bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
was incorrectly requesting the forward in both the control master and
slave. skip requesting it in the master to fix. ok markus@
2011-11-04 10:54:22 +11:00
Darren Tucker
8a057953d2
- djm@cvs.openbsd.org 2011/10/19 10:39:48
...
[umac.c]
typo in comment; patch from Michael W. Bombardieri
2011-11-04 10:53:31 +11:00
Darren Tucker
9ee09cfce6
- djm@cvs.openbsd.org 2011/10/19 00:06:10
...
[moduli.c]
s/tmpfile/tmp/ to make this -Wshadow clean
2011-11-04 10:52:43 +11:00
Darren Tucker
e68cf84ac8
- djm@cvs.openbsd.org 2011/10/18 23:37:42
...
[ssh-add.c]
add -k to usage(); reminded by jmc@
2011-11-04 10:51:51 +11:00
Darren Tucker
45c66d7ad4
- djm@cvs.openbsd.org 2011/10/18 05:15:28
...
[ssh.c]
ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
2011-11-04 10:50:40 +11:00
Darren Tucker
9f157abbb6
- (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
...
fails. Patch from Corinna Vinschen.
2011-10-25 09:37:57 +11:00
Damien Miller
8f4279e4ab
- djm@cvs.openbsd.org 2011/10/18 05:00:48
...
[ssh-add.1 ssh-add.c]
new "ssh-add -k" option to load plain keys (skipping certificates);
"looks ok" markus@
2011-10-18 16:06:33 +11:00
Damien Miller
c51a5ab2c6
- djm@cvs.openbsd.org 2011/10/18 04:58:26
...
[auth-options.c key.c]
remove explict search for \0 in packet strings, this job is now done
implicitly by buffer_get_cstring; ok markus
2011-10-18 16:06:14 +11:00
Damien Miller
91f3eaec88
- stsp@cvs.openbsd.org 2011/10/16 15:51:39
...
[moduli.c]
add missing includes to unbreak tree; fix from rpointel
2011-10-18 16:05:55 +11:00
Damien Miller
927d82bc6a
- jmc@cvs.openbsd.org 2011/10/16 15:02:41
...
[ssh-keygen.c]
put -K in the right place (usage());
2011-10-18 16:05:38 +11:00
Damien Miller
390d0561fc
- dtucker@cvs.openbsd.org 2011/10/16 11:02:46
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add optional checkpoints for moduli screening. feedback & ok deraadt
2011-10-18 16:05:19 +11:00
Damien Miller
d3e6990c4c
- djm@cvs.openbsd.org 2011/10/04 14:17:32
...
[sftp-glob.c]
silence error spam for "ls */foo" in directory with files; bz#1683
2011-10-18 16:04:57 +11:00
Darren Tucker
2e13560ff5
- djm@cvs.openbsd.org 2011/09/30 21:22:49
...
[sshd.c]
fix inverted test that caused logspam; spotted by henning@
2011-10-02 19:10:13 +11:00
Darren Tucker
95125e5f43
ChangeLog entry for sshd.c rev 1.409
2011-10-02 19:09:07 +11:00
Darren Tucker
af1a60ec4f
- djm@cvs.openbsd.org 2011/09/25 05:44:47
...
[auth2-pubkey.c]
improve the AuthorizedPrincipalsFile debug log message to include
file and line number
2011-10-02 18:59:59 +11:00
Darren Tucker
68afb8c5f2
- markus@cvs.openbsd.org 2011/09/23 07:45:05
...
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h]
unbreak remote portforwarding with dynamic allocated listen ports:
1) send the actual listen port in the open message (instead of 0).
this allows multiple forwardings with a dynamic listen port
2) update the matching permit-open entry, so we can identify where
to connect to
report: den at skbkontur.ru and P. Szczygielski
feedback and ok djm@
2011-10-02 18:59:03 +11:00
Darren Tucker
1338b9e067
- dtucker@cvs.openbsd.org 2011/09/23 00:22:04
...
[channels.c auth-options.c servconf.c channels.h sshd.8]
Add wildcard support to PermitOpen, allowing things like "PermitOpen
localhost:*". bz #1857 , ok djm markus.
2011-10-02 18:57:35 +11:00
Darren Tucker
036876cd7d
- (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm
2011-10-01 18:46:12 +10:00
Darren Tucker
b54f50e5d0
- (dtucker) [configure.ac openbsd-compat/Makefile.in
...
openbsd-compat/strnlen.c] Add strnlen to the compat library.
2011-09-29 23:17:18 +10:00
Damien Miller
5ffe1c4b43
- (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
...
from des AT des.no
2011-09-29 11:11:51 +10:00
Damien Miller
d1a74580f8
- (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
...
of static __findenv() function from upstream setenv.c
2011-09-23 11:26:34 +10:00
Damien Miller
3e6fe87ef9
- otto@cvs.openbsd.org 2008/12/09 19:38:38
...
[openbsd-compat/inet_ntop.c]
fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
2011-09-23 11:16:09 +10:00
Damien Miller
64efe9671d
- (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
...
marker. The upstream API has changed (function and structure names)
enough to put it out of sync with other providers of this interface.
2011-09-23 11:13:00 +10:00
Damien Miller
4888671343
- (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
...
The file was totally rewritten between what we had in tree and -current.
2011-09-23 10:56:29 +10:00
Damien Miller
3a359b3228
- millert@cvs.openbsd.org 2008/08/21 16:54:44
...
[mktemp.c]
Remove useless code, the kernel will set errno appropriately if an
element in the path does not exist. OK deraadt@ pvalchev@
2011-09-23 10:47:29 +10:00
Damien Miller
dc0e09b41c
- deraadt@cvs.openbsd.org 2008/07/22 21:47:45
...
[mktemp.c]
use arc4random_uniform(); ok djm millert
2011-09-23 10:46:48 +10:00
Damien Miller
cd92790fcb
- (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
...
upstream version is YPified and we don't want this
2011-09-23 10:44:03 +10:00
Damien Miller
834e820317
- tobias@cvs.openbsd.org 2007/10/21 11:09:30
...
[mktemp.c]
Comment fix about time consumption of _gettemp.
FreeBSD did this in revision 1.20.
OK deraadt@, krw@
2011-09-23 10:42:02 +10:00
Damien Miller
acdf3fbdba
- (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
...
longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
want this longhand version)
2011-09-23 10:40:50 +10:00
Damien Miller
add1e20802
- millert@cvs.openbsd.org 2006/05/05 15:27:38
...
[strlcpy.c]
Convert do {} while loop -> while {} for clarity. No binary change
on most architectures. From Oliver Smith. OK deraadt@ and henning@
2011-09-23 10:38:01 +10:00
Damien Miller
d7be70d052
- djm@cvs.openbsd.org 2011/09/22 06:29:03
...
[sftp.c]
don't let remote_glob() implicitly sort its results in do_globbed_ls() -
in all likelihood, they will be resorted anyway
2011-09-22 21:43:06 +10:00
Damien Miller
57c38ac7d5
- markus@cvs.openbsd.org 2011/09/12 08:46:15
...
[sftp-client.c]
fix leak in do_lsreaddir(); ok djm
2011-09-22 21:42:45 +10:00
Damien Miller
3decdba425
- markus@cvs.openbsd.org 2011/09/11 16:07:26
...
[sftp-client.c]
fix leaks in do_hardlink() and do_readlink(); bz#1921
from Loganaden Velvindron
2011-09-22 21:41:05 +10:00
Damien Miller
1bcbd0a9de
- okan@cvs.openbsd.org 2011/09/11 06:59:05
...
[ssh.1]
document new -O cancel command; ok djm@
2011-09-22 21:40:45 +10:00
Damien Miller
ff773644e6
- markus@cvs.openbsd.org 2011/09/10 22:26:34
...
[channels.c channels.h clientloop.c ssh.1]
support cancellation of local/dynamic forwardings from ~C commandline;
ok & feedback djm@
2011-09-22 21:39:48 +10:00
Damien Miller
f6dff7cd2f
- djm@cvs.openbsd.org 2011/09/09 22:46:44
...
[channels.c channels.h clientloop.h mux.c ssh.c]
support for cancelling local and remote port forwards via the multiplex
socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
the cancellation of the specified forwardings; ok markus@
2011-09-22 21:38:52 +10:00
Damien Miller
9ee2c606c1
- djm@cvs.openbsd.org 2011/09/09 22:38:21
...
[sshd.c]
kill the preauth privsep child on fatal errors in the monitor;
ok markus@
2011-09-22 21:38:30 +10:00
Damien Miller
0603d98b4e
- djm@cvs.openbsd.org 2011/09/09 22:37:01
...
[scp.c]
suppress adding '--' to remote commandlines when the first argument
does not start with '-'. saves breakage on some difficult-to-upgrade
embedded/router platforms; feedback & ok dtucker ok markus
2011-09-22 21:38:00 +10:00
Damien Miller
4cb855b070
- djm@cvs.openbsd.org 2011/09/09 00:44:07
...
[PROTOCOL.mux]
MUX_C_CLOSE_FWD includes forward type in message (though it isn't
implemented anyway)
2011-09-22 21:37:38 +10:00
Damien Miller
f6e758cdba
- djm@cvs.openbsd.org 2011/09/09 00:43:00
...
[ssh_config.5 sshd_config.5]
fix typo in IPQoS parsing: there is no "AF14" class, but there is
an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
2011-09-22 21:37:13 +10:00