djm@openbsd.org
fc30256136
upstream commit
...
mux-related manual tweaks
mention ControlPersist=0 is the same as ControlPersist=yes
recommend that ControlPath sockets be placed in a og-w directory
2014-11-11 09:27:17 +11:00
Damien Miller
0e4cff5f35
Prepare scripts for next Cygwin release
...
Makes the Cygwin-specific ssh-user-config script independent of the
existence of /etc/passwd. The next Cygwin release will allow to
generate passwd and group entries from the Windows account DBs, so the
scripts have to adapt.
from Corinna Vinschen
2014-11-05 11:01:31 +11:00
Damien Miller
7d0ba53366
include version number in OpenSSL-too-old error
2014-10-30 10:45:41 +11:00
lteo@openbsd.org
3bcb92e04d
upstream commit
...
Remove unnecessary include: netinet/in_systm.h is not needed
by these programs.
NB. skipped for portable
ok deraadt@ millert@
2014-10-27 16:34:52 +11:00
djm@openbsd.org
6fdcaeb995
upstream commit
...
whitespace
2014-10-20 14:41:44 +11:00
daniel@openbsd.org
165bc87862
upstream commit
...
plug a memory leak; from Maxime Villard.
ok djm@
2014-10-20 14:40:06 +11:00
jmc@openbsd.org
b1ba15f388
upstream commit
...
tweak previous;
2014-10-20 14:40:05 +11:00
djm@openbsd.org
259a02ebdf
upstream commit
...
whitespace
2014-10-13 14:36:06 +11:00
djm@openbsd.org
957fbceb0f
upstream commit
...
Tweak config reparsing with host canonicalisation
Make the second pass through the config files always run when
hostname canonicalisation is enabled.
Add a "Match canonical" criteria that allows ssh_config Match
blocks to trigger only in the second config pass.
Add a -G option to ssh that causes it to parse its configuration
and dump the result to stdout, similar to "sshd -T"
Allow ssh_config Port options set in the second config parse
phase to be applied (they were being ignored).
bz#2267 bz#2286; ok markus
2014-10-13 11:41:48 +11:00
djm@openbsd.org
5c0dafd38b
upstream commit
...
another -Wpointer-sign from clang
2014-10-13 11:39:23 +11:00
djm@openbsd.org
bb005dc815
upstream commit
...
fix a few -Wpointer-sign warnings from clang
2014-10-13 11:39:18 +11:00
djm@openbsd.org
3cc1fbb4fb
upstream commit
...
parse cert sections using nested buffers to reduce
copies; ok markus
2014-10-13 11:39:11 +11:00
djm@openbsd.org
4a45922aeb
upstream commit
...
correct options in usage(); from mancha1 AT zoho.com
2014-10-13 11:39:02 +11:00
djm@openbsd.org
48dffd5beb
upstream commit
...
mention permissions on tun(4) devices in PermitTunnel
documentation; bz#2273
2014-10-13 11:38:46 +11:00
djm@openbsd.org
a5883d4ecc
upstream commit
...
tighten permissions on pty when the "tty" group does
not exist; pointed out by Corinna Vinschen; ok markus
2014-10-13 11:38:36 +11:00
sobrado@openbsd.org
180bcb406b
upstream commit
...
typo.
2014-10-13 11:37:56 +11:00
sobrado@openbsd.org
f70b22bcdd
upstream commit
...
improve capitalization for the Ed25519 public-key
signature system.
ok djm@
2014-10-13 11:37:32 +11:00
doug@openbsd.org
7df8818409
upstream commit
...
Free resources on error in mkstemp and fdopen
ok djm@
2014-10-13 11:37:21 +11:00
deraadt@openbsd.org
40ba4c9733
upstream commit
...
djm how did you make a typo like that...
2014-10-13 11:37:14 +11:00
djm@openbsd.org
57d378ec92
upstream commit
...
When dumping the server configuration (sshd -T), print
correct KEX, MAC and cipher defaults. Spotted by Iain Morgan
2014-10-13 11:36:04 +11:00
djm@openbsd.org
7ff880ede5
upstream commit
...
~-expand lcd paths
2014-10-13 11:35:49 +11:00
Damien Miller
4460a7ad0c
remove duplicated KEX_DH1 entry
2014-10-12 12:35:48 +11:00
Damien Miller
c9b8426a61
remove ChangeLog file
...
Commit logs will be generated from git at release time.
2014-10-09 10:34:06 +11:00
Damien Miller
81d18ff7c9
delete contrib/caldera directory
2014-10-07 21:24:25 +11:00
Damien Miller
0ec9e87d36
test commit
2014-10-07 19:57:27 +11:00
Damien Miller
8fb65a4456
- (djm) Release OpenSSH-6.7
2014-10-07 09:21:49 +11:00
Damien Miller
e8c9f2602c
- (djm) [sshd_config.5] typo; from Iain Morgan
2014-10-03 09:24:56 +10:00
Damien Miller
703b98a267
- (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
...
[openbsd-compat/openbsd-compat.h] Kludge around bad glibc
_FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
ok dtucker@
2014-10-01 09:43:07 +10:00
Damien Miller
0fa0ed061b
- (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
...
patch from Felix von Leitner; ok dtucker
2014-09-10 08:15:34 +10:00
Darren Tucker
ad7d23d461
20140908
...
- (dtucker) [INSTALL] Update info about egd. ok djm@
2014-09-09 12:23:10 +10:00
Damien Miller
2a8699f37c
- (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
2014-09-04 03:46:05 +10:00
Damien Miller
44988defb1
- (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
...
permissions/ACLs; from Corinna Vinschen
2014-09-03 05:35:32 +10:00
Damien Miller
23f269562b
- (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
...
conditionalise to avoid duplicate definition.
2014-09-03 05:33:25 +10:00
Damien Miller
41c8de2c00
- (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
2014-08-30 16:23:06 +10:00
Damien Miller
d7c81e216a
- (djm) [openbsd-compat/openssl-compat.h] add include guard
2014-08-30 04:18:28 +10:00
Damien Miller
4687802dda
- (djm) [misc.c] Missing newline between functions
2014-08-30 03:29:19 +10:00
Damien Miller
51c77e2922
- (djm) [openbsd-compat/openssl-compat.h] add
...
OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
2014-08-30 02:30:30 +10:00
Damien Miller
3d673d103b
- (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
...
using memset_s() where possible; improve fallback to indirect bzero
via a volatile pointer to give it more of a chance to avoid being
optimised away.
2014-08-27 06:32:01 +10:00
Damien Miller
146218ac11
- (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
...
monitor, not preauth; bz#2263
2014-08-27 04:11:55 +10:00
Damien Miller
1b215c098b
- (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
...
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshkey/common.c]
[regress/unittests/sshkey/test_file.c]
[regress/unittests/sshkey/test_fuzz.c]
[regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
on !ECC OpenSSL systems
2014-08-27 04:04:40 +10:00
Damien Miller
ad013944af
- (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
...
update OpenSSL version requirement.
2014-08-26 09:27:28 +10:00
Damien Miller
ed126de8ee
- (djm) [bufec.c] Skip this file on !ECC OpenSSL
2014-08-26 08:37:47 +10:00
Damien Miller
9c1dede005
- (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
...
PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
2014-08-24 03:01:06 +10:00
Damien Miller
d244a5816f
- (djm) [configure.ac] We now require a working vsnprintf everywhere (not
...
just for systems that lack asprintf); check for it always and extend
test to catch more brokenness. Fixes builds on Solaris <= 9
2014-08-23 17:06:49 +10:00
Damien Miller
4cec036362
- (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
...
lastlog writing on platforms with high UIDs; bz#2263
2014-08-23 03:11:09 +10:00
Damien Miller
394a60f259
- (djm) [configure.ac] double braces to appease autoconf
2014-08-22 18:06:20 +10:00
Damien Miller
4d69aeabd6
- (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
...
definition mismatch) and warning for broken/missing snprintf case.
2014-08-22 17:48:27 +10:00
Damien Miller
0c11f1ac36
- (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
2014-08-22 17:36:56 +10:00
Damien Miller
6d62784b89
- (djm) [configure.ac] include leading zero characters in OpenSSL version
...
number; fixes test for unsupported versions
2014-08-22 17:36:19 +10:00
Damien Miller
4f1ff1ed78
- (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
...
don't set __progname. Diagnosed by Tom Christensen.
2014-08-21 15:54:50 +10:00