diff options
author | Colin Watson <cjwatson@debian.org> | 2015-08-19 17:00:17 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2015-08-19 17:40:32 +0100 |
commit | 927d0032b865f05679d3cc052bc13cb0e6490283 (patch) | |
tree | 69f782deb79182f26069ff41e9539f17e6e44912 /ChangeLog | |
parent | d35c65e77ab6a6a95fefa2c852827ba08e507f0b (diff) | |
parent | 810eecd6b2e03770f21e46b5cb8ce8c7fcd46da8 (diff) |
New upstream release (6.9p1).
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 2713 |
1 files changed, 1532 insertions, 1181 deletions
@@ -1,3 +1,1535 @@ | |||
1 | commit 7de4b03a6e4071d454b72927ffaf52949fa34545 | ||
2 | Author: djm@openbsd.org <djm@openbsd.org> | ||
3 | Date: Wed Jul 1 02:32:17 2015 +0000 | ||
4 | |||
5 | upstream commit | ||
6 | |||
7 | twiddle; (this commit marks the openssh-6.9 release) | ||
8 | |||
9 | Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234 | ||
10 | |||
11 | commit 1bf477d3cdf1a864646d59820878783d42357a1d | ||
12 | Author: djm@openbsd.org <djm@openbsd.org> | ||
13 | Date: Wed Jul 1 02:26:31 2015 +0000 | ||
14 | |||
15 | upstream commit | ||
16 | |||
17 | better refuse ForwardX11Trusted=no connections attempted | ||
18 | after ForwardX11Timeout expires; reported by Jann Horn | ||
19 | |||
20 | Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21 | ||
21 | |||
22 | commit 47aa7a0f8551b471fcae0447c1d78464f6dba869 | ||
23 | Author: djm@openbsd.org <djm@openbsd.org> | ||
24 | Date: Wed Jul 1 01:56:13 2015 +0000 | ||
25 | |||
26 | upstream commit | ||
27 | |||
28 | put back default PermitRootLogin=no | ||
29 | |||
30 | Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728 | ||
31 | |||
32 | commit 984b064fe2a23733733262f88d2e1b2a1a501662 | ||
33 | Author: djm@openbsd.org <djm@openbsd.org> | ||
34 | Date: Wed Jul 1 01:55:13 2015 +0000 | ||
35 | |||
36 | upstream commit | ||
37 | |||
38 | openssh-6.9 | ||
39 | |||
40 | Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45 | ||
41 | |||
42 | commit d921082ed670f516652eeba50705e1e9f6325346 | ||
43 | Author: djm@openbsd.org <djm@openbsd.org> | ||
44 | Date: Wed Jul 1 01:55:00 2015 +0000 | ||
45 | |||
46 | upstream commit | ||
47 | |||
48 | reset default PermitRootLogin to 'yes' (momentarily, for | ||
49 | release) | ||
50 | |||
51 | Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24 | ||
52 | |||
53 | commit 66295e0e1ba860e527f191b6325d2d77dec4dbce | ||
54 | Author: Damien Miller <djm@mindrot.org> | ||
55 | Date: Wed Jul 1 11:49:12 2015 +1000 | ||
56 | |||
57 | crank version numbers for release | ||
58 | |||
59 | commit 37035c07d4f26bb1fbe000d2acf78efdb008681d | ||
60 | Author: Damien Miller <djm@mindrot.org> | ||
61 | Date: Wed Jul 1 10:49:37 2015 +1000 | ||
62 | |||
63 | s/--with-ssh1/--without-ssh1/ | ||
64 | |||
65 | commit 629df770dbadc2accfbe1c81b3f31f876d0acd84 | ||
66 | Author: djm@openbsd.org <djm@openbsd.org> | ||
67 | Date: Tue Jun 30 05:25:07 2015 +0000 | ||
68 | |||
69 | upstream commit | ||
70 | |||
71 | fatal() when a remote window update causes the window | ||
72 | value to overflow. Reported by Georg Wicherski, ok markus@ | ||
73 | |||
74 | Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351 | ||
75 | |||
76 | commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2 | ||
77 | Author: djm@openbsd.org <djm@openbsd.org> | ||
78 | Date: Tue Jun 30 05:23:25 2015 +0000 | ||
79 | |||
80 | upstream commit | ||
81 | |||
82 | Fix math error in remote window calculations that causes | ||
83 | eventual stalls for datagram channels. Reported by Georg Wicherski, ok | ||
84 | markus@ | ||
85 | |||
86 | Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab | ||
87 | |||
88 | commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889 | ||
89 | Author: Damien Miller <djm@mindrot.org> | ||
90 | Date: Tue Jun 30 16:05:40 2015 +1000 | ||
91 | |||
92 | skip IPv6-related portions on hosts without IPv6 | ||
93 | |||
94 | with Tim Rice | ||
95 | |||
96 | commit 512caddf590857af6aa12218461b5c0441028cf5 | ||
97 | Author: djm@openbsd.org <djm@openbsd.org> | ||
98 | Date: Mon Jun 29 22:35:12 2015 +0000 | ||
99 | |||
100 | upstream commit | ||
101 | |||
102 | add getpid to sandbox, reachable by grace_alarm_handler | ||
103 | |||
104 | reported by Jakub Jelen; bz#2419 | ||
105 | |||
106 | Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8 | ||
107 | |||
108 | commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93 | ||
109 | Author: djm@openbsd.org <djm@openbsd.org> | ||
110 | Date: Fri Jun 26 05:13:20 2015 +0000 | ||
111 | |||
112 | upstream commit | ||
113 | |||
114 | Fix \-escaping bug that caused forward path parsing to skip | ||
115 | two characters and skip past the end of the string. | ||
116 | |||
117 | Based on patch by Salvador Fandino; ok dtucker@ | ||
118 | |||
119 | Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd | ||
120 | |||
121 | commit bc20205c91c9920361d12b15d253d4997dba494a | ||
122 | Author: Damien Miller <djm@mindrot.org> | ||
123 | Date: Thu Jun 25 09:51:39 2015 +1000 | ||
124 | |||
125 | add missing pselect6 | ||
126 | |||
127 | patch from Jakub Jelen | ||
128 | |||
129 | commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a | ||
130 | Author: djm@openbsd.org <djm@openbsd.org> | ||
131 | Date: Wed Jun 24 23:47:23 2015 +0000 | ||
132 | |||
133 | upstream commit | ||
134 | |||
135 | correct test to sshkey_sign(); spotted by Albert S. | ||
136 | |||
137 | Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933 | ||
138 | |||
139 | commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3 | ||
140 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
141 | Date: Wed Jun 24 01:49:19 2015 +0000 | ||
142 | |||
143 | upstream commit | ||
144 | |||
145 | Revert previous commit. We still want to call setgroups | ||
146 | in the case where there are zero groups to remove any that we might otherwise | ||
147 | inherit (as pointed out by grawity at gmail.com) and since the 2nd argument | ||
148 | to setgroups is always a static global it's always valid to dereference in | ||
149 | this case. ok deraadt@ djm@ | ||
150 | |||
151 | Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 | ||
152 | |||
153 | commit 882f8bf94f79528caa65b0ba71c185d705bb7195 | ||
154 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
155 | Date: Wed Jun 24 01:49:19 2015 +0000 | ||
156 | |||
157 | upstream commit | ||
158 | |||
159 | Revert previous commit. We still want to call setgroups in | ||
160 | the case where there are zero groups to remove any that we might otherwise | ||
161 | inherit (as pointed out by grawity at gmail.com) and since the 2nd argument | ||
162 | to setgroups is always a static global it's always valid to dereference in | ||
163 | this case. ok deraadt@ djm@ | ||
164 | |||
165 | Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 | ||
166 | |||
167 | commit 9488538a726951e82b3a4374f3c558d72c80a89b | ||
168 | Author: djm@openbsd.org <djm@openbsd.org> | ||
169 | Date: Mon Jun 22 23:42:16 2015 +0000 | ||
170 | |||
171 | upstream commit | ||
172 | |||
173 | Don't count successful partial authentication as failures | ||
174 | in monitor; this may have caused the monitor to refuse multiple | ||
175 | authentications that would otherwise have successfully completed; ok markus@ | ||
176 | |||
177 | Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3 | ||
178 | |||
179 | commit 63b78d003bd8ca111a736e6cea6333da50f5f09b | ||
180 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
181 | Date: Mon Jun 22 12:29:57 2015 +0000 | ||
182 | |||
183 | upstream commit | ||
184 | |||
185 | Don't call setgroups if we have zero groups; there's no | ||
186 | guarantee that it won't try to deref the pointer. Based on a patch from mail | ||
187 | at quitesimple.org, ok djm deraadt | ||
188 | |||
189 | Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1 | ||
190 | |||
191 | commit 5c15e22c691c79a47747bcf5490126656f97cecd | ||
192 | Author: Damien Miller <djm@mindrot.org> | ||
193 | Date: Thu Jun 18 15:07:56 2015 +1000 | ||
194 | |||
195 | fix syntax error | ||
196 | |||
197 | commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403 | ||
198 | Author: jsing@openbsd.org <jsing@openbsd.org> | ||
199 | Date: Mon Jun 15 18:44:22 2015 +0000 | ||
200 | |||
201 | upstream commit | ||
202 | |||
203 | If AuthorizedPrincipalsCommand is specified, however | ||
204 | AuthorizedPrincipalsFile is not (or is set to "none"), authentication will | ||
205 | potentially fail due to key_cert_check_authority() failing to locate a | ||
206 | principal that matches the username, even though an authorized principal has | ||
207 | already been matched in the output of the subprocess. Fix this by using the | ||
208 | same logic to determine if pw->pw_name should be passed, as is used to | ||
209 | determine if a authorized principal must be matched earlier on. | ||
210 | |||
211 | ok djm@ | ||
212 | |||
213 | Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d | ||
214 | |||
215 | commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905 | ||
216 | Author: jsing@openbsd.org <jsing@openbsd.org> | ||
217 | Date: Mon Jun 15 18:42:19 2015 +0000 | ||
218 | |||
219 | upstream commit | ||
220 | |||
221 | Make the arguments to match_principals_command() similar | ||
222 | to match_principals_file(), by changing the last argument a struct | ||
223 | sshkey_cert * and dereferencing key->cert in the caller. | ||
224 | |||
225 | No functional change. | ||
226 | |||
227 | ok djm@ | ||
228 | |||
229 | Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c | ||
230 | |||
231 | commit 97e2e1596c202a4693468378b16b2353fd2d6c5e | ||
232 | Author: Damien Miller <djm@mindrot.org> | ||
233 | Date: Wed Jun 17 14:36:54 2015 +1000 | ||
234 | |||
235 | trivial optimisation for seccomp-bpf | ||
236 | |||
237 | When doing arg inspection and the syscall doesn't match, skip | ||
238 | past the instruction that reloads the syscall into the accumulator, | ||
239 | since the accumulator hasn't been modified at this point. | ||
240 | |||
241 | commit 99f33d7304893bd9fa04d227cb6e870171cded19 | ||
242 | Author: Damien Miller <djm@mindrot.org> | ||
243 | Date: Wed Jun 17 10:50:51 2015 +1000 | ||
244 | |||
245 | aarch64 support for seccomp-bpf sandbox | ||
246 | |||
247 | Also resort and tidy syscall list. Based on patches by Jakub Jelen | ||
248 | bz#2361; ok dtucker@ | ||
249 | |||
250 | commit 4ef702e1244633c1025ec7cfe044b9ab267097bf | ||
251 | Author: djm@openbsd.org <djm@openbsd.org> | ||
252 | Date: Mon Jun 15 01:32:50 2015 +0000 | ||
253 | |||
254 | upstream commit | ||
255 | |||
256 | return failure on RSA signature error; reported by Albert S | ||
257 | |||
258 | Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa | ||
259 | |||
260 | commit a170f22baf18af0b1acf2788b8b715605f41a1f9 | ||
261 | Author: Tim Rice <tim@multitalents.net> | ||
262 | Date: Tue Jun 9 22:41:13 2015 -0700 | ||
263 | |||
264 | Fix t12 rules for out of tree builds. | ||
265 | |||
266 | commit ec04dc4a5515c913121bc04ed261857e68fa5c18 | ||
267 | Author: millert@openbsd.org <millert@openbsd.org> | ||
268 | Date: Fri Jun 5 15:13:13 2015 +0000 | ||
269 | |||
270 | upstream commit | ||
271 | |||
272 | For "ssh -L 12345:/tmp/sock" don't fail with "No forward host | ||
273 | name." (we have a path, not a host name). Based on a diff from Jared | ||
274 | Yanovich. OK djm@ | ||
275 | |||
276 | Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f | ||
277 | |||
278 | commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6 | ||
279 | Author: djm@openbsd.org <djm@openbsd.org> | ||
280 | Date: Fri Jun 5 03:44:14 2015 +0000 | ||
281 | |||
282 | upstream commit | ||
283 | |||
284 | typo: accidental repetition; bz#2386 | ||
285 | |||
286 | Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b | ||
287 | |||
288 | commit adfb24c69d1b6f5e758db200866c711e25a2ba73 | ||
289 | Author: Darren Tucker <dtucker@zip.com.au> | ||
290 | Date: Fri Jun 5 14:51:40 2015 +1000 | ||
291 | |||
292 | Add Linux powerpc64le and powerpcle entries. | ||
293 | |||
294 | Stopgap to resolve bz#2409 because we are so close to release and will | ||
295 | update config.guess and friends shortly after the release. ok djm@ | ||
296 | |||
297 | commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da | ||
298 | Merge: 6397eed d2480bc | ||
299 | Author: Tim Rice <tim@multitalents.net> | ||
300 | Date: Wed Jun 3 21:43:13 2015 -0700 | ||
301 | |||
302 | Merge branch 'master' of git.mindrot.org:/var/git/openssh | ||
303 | |||
304 | commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc | ||
305 | Author: Tim Rice <tim@multitalents.net> | ||
306 | Date: Wed Jun 3 21:41:11 2015 -0700 | ||
307 | |||
308 | Remove unneeded backslashes. Patch from Ángel González | ||
309 | |||
310 | commit d2480bcac1caf31b03068de877a47d6e1027bf6d | ||
311 | Author: Darren Tucker <dtucker@zip.com.au> | ||
312 | Date: Thu Jun 4 14:10:55 2015 +1000 | ||
313 | |||
314 | Remove redundant include of stdarg.h. bz#2410 | ||
315 | |||
316 | commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb | ||
317 | Author: djm@openbsd.org <djm@openbsd.org> | ||
318 | Date: Tue Jun 2 09:10:40 2015 +0000 | ||
319 | |||
320 | upstream commit | ||
321 | |||
322 | mention CheckHostIP adding addresses to known_hosts; | ||
323 | bz#1993; ok dtucker@ | ||
324 | |||
325 | Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7 | ||
326 | |||
327 | commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818 | ||
328 | Author: Darren Tucker <dtucker@zip.com.au> | ||
329 | Date: Tue Jun 2 20:15:26 2015 +1000 | ||
330 | |||
331 | Replace strcpy with strlcpy. | ||
332 | |||
333 | ok djm, sanity check by Corinna Vinschen. | ||
334 | |||
335 | commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143 | ||
336 | Author: Damien Miller <djm@mindrot.org> | ||
337 | Date: Fri May 29 18:27:21 2015 +1000 | ||
338 | |||
339 | skip, rather than fatal when run without SUDO set | ||
340 | |||
341 | commit 599f01142a376645b15cbc9349d7e8975e1cf245 | ||
342 | Author: Damien Miller <djm@mindrot.org> | ||
343 | Date: Fri May 29 18:03:15 2015 +1000 | ||
344 | |||
345 | fix merge botch that left ",," in KEX algs | ||
346 | |||
347 | commit 0c2a81dfc21822f2423edd30751e5ec53467b347 | ||
348 | Author: Damien Miller <djm@mindrot.org> | ||
349 | Date: Fri May 29 17:08:28 2015 +1000 | ||
350 | |||
351 | re-enable SSH protocol 1 at compile time | ||
352 | |||
353 | commit db438f9285d64282d3ac9e8c0944f59f037c0151 | ||
354 | Author: djm@openbsd.org <djm@openbsd.org> | ||
355 | Date: Fri May 29 03:05:13 2015 +0000 | ||
356 | |||
357 | upstream commit | ||
358 | |||
359 | make this work without SUDO set; ok dtucker@ | ||
360 | |||
361 | Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715 | ||
362 | |||
363 | commit 1d9a2e2849c9864fe75daabf433436341c968e14 | ||
364 | Author: djm@openbsd.org <djm@openbsd.org> | ||
365 | Date: Thu May 28 07:37:31 2015 +0000 | ||
366 | |||
367 | upstream commit | ||
368 | |||
369 | wrap all moduli-related code in #ifdef WITH_OPENSSL. | ||
370 | based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@ | ||
371 | |||
372 | Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf | ||
373 | |||
374 | commit 496aeb25bc2d6c434171292e4714771b594bd00e | ||
375 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
376 | Date: Thu May 28 05:41:29 2015 +0000 | ||
377 | |||
378 | upstream commit | ||
379 | |||
380 | Increase the allowed length of the known host file name | ||
381 | in the log message to be consistent with other cases. Part of bz#1993, ok | ||
382 | deraadt. | ||
383 | |||
384 | Upstream-ID: a9e97567be49f25daf286721450968251ff78397 | ||
385 | |||
386 | commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14 | ||
387 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
388 | Date: Thu May 28 05:09:45 2015 +0000 | ||
389 | |||
390 | upstream commit | ||
391 | |||
392 | Fix typo (keywork->keyword) | ||
393 | |||
394 | Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534 | ||
395 | |||
396 | commit 9cc6842493fbf23025ccc1edab064869640d3bec | ||
397 | Author: djm@openbsd.org <djm@openbsd.org> | ||
398 | Date: Thu May 28 04:50:53 2015 +0000 | ||
399 | |||
400 | upstream commit | ||
401 | |||
402 | add error message on ftruncate failure; bz#2176 | ||
403 | |||
404 | Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf | ||
405 | |||
406 | commit d1958793a0072c22be26d136dbda5ae263e717a0 | ||
407 | Author: djm@openbsd.org <djm@openbsd.org> | ||
408 | Date: Thu May 28 04:40:13 2015 +0000 | ||
409 | |||
410 | upstream commit | ||
411 | |||
412 | make ssh-keygen default to ed25519 keys when compiled | ||
413 | without OpenSSL; bz#2388, ok dtucker@ | ||
414 | |||
415 | Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71 | ||
416 | |||
417 | commit 3ecde664c9fc5fb3667aedf9e6671462600f6496 | ||
418 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
419 | Date: Wed May 27 23:51:10 2015 +0000 | ||
420 | |||
421 | upstream commit | ||
422 | |||
423 | Reorder client proposal to prefer | ||
424 | diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1. ok djm@ | ||
425 | |||
426 | Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058 | ||
427 | |||
428 | commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68 | ||
429 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
430 | Date: Wed May 27 23:39:18 2015 +0000 | ||
431 | |||
432 | upstream commit | ||
433 | |||
434 | Add a stronger (4k bit) fallback group that sshd can use | ||
435 | when the moduli file is missing or broken, sourced from RFC3526. bz#2302, ok | ||
436 | markus@ (earlier version), djm@ | ||
437 | |||
438 | Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4 | ||
439 | |||
440 | commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a | ||
441 | Author: Darren Tucker <dtucker@zip.com.au> | ||
442 | Date: Thu May 28 10:03:40 2015 +1000 | ||
443 | |||
444 | New moduli file from OpenBSD, removing 1k groups. | ||
445 | |||
446 | Remove 1k bit groups. ok deraadt@, markus@ | ||
447 | |||
448 | commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea | ||
449 | Author: djm@openbsd.org <djm@openbsd.org> | ||
450 | Date: Wed May 27 05:15:02 2015 +0000 | ||
451 | |||
452 | upstream commit | ||
453 | |||
454 | support PKCS#11 devices with external PIN entry devices | ||
455 | bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@ | ||
456 | |||
457 | Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d | ||
458 | |||
459 | commit b282fec1aa05246ed3482270eb70fc3ec5f39a00 | ||
460 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
461 | Date: Tue May 26 23:23:40 2015 +0000 | ||
462 | |||
463 | upstream commit | ||
464 | |||
465 | Cap DH-GEX group size at 4kbits for Cisco implementations. | ||
466 | Some of them will choke when asked for preferred sizes >4k instead of | ||
467 | returning the 4k group that they do have. bz#2209, ok djm@ | ||
468 | |||
469 | Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d | ||
470 | |||
471 | commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e | ||
472 | Author: djm@openbsd.org <djm@openbsd.org> | ||
473 | Date: Sun May 24 23:39:16 2015 +0000 | ||
474 | |||
475 | upstream commit | ||
476 | |||
477 | add missing 'c' option to getopt(), case statement was | ||
478 | already there; from Felix Bolte | ||
479 | |||
480 | Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081 | ||
481 | |||
482 | commit 64a89ec07660abba4d0da7c0095b7371c98bab62 | ||
483 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
484 | Date: Sat May 23 14:28:37 2015 +0000 | ||
485 | |||
486 | upstream commit | ||
487 | |||
488 | fix a memory leak in an error path ok markus@ dtucker@ | ||
489 | |||
490 | Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598 | ||
491 | |||
492 | commit f948737449257d2cb83ffcfe7275eb79b677fd4a | ||
493 | Author: djm@openbsd.org <djm@openbsd.org> | ||
494 | Date: Fri May 22 05:28:45 2015 +0000 | ||
495 | |||
496 | upstream commit | ||
497 | |||
498 | mention ssh-keygen -E for comparing legacy MD5 | ||
499 | fingerprints; bz#2332 | ||
500 | |||
501 | Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859 | ||
502 | |||
503 | commit 0882332616e4f0272c31cc47bf2018f9cb258a4e | ||
504 | Author: djm@openbsd.org <djm@openbsd.org> | ||
505 | Date: Fri May 22 04:45:52 2015 +0000 | ||
506 | |||
507 | upstream commit | ||
508 | |||
509 | Reorder EscapeChar option parsing to avoid a single-byte | ||
510 | out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@ | ||
511 | |||
512 | Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060 | ||
513 | |||
514 | commit d7c31da4d42c115843edee2074d7d501f8804420 | ||
515 | Author: djm@openbsd.org <djm@openbsd.org> | ||
516 | Date: Fri May 22 03:50:02 2015 +0000 | ||
517 | |||
518 | upstream commit | ||
519 | |||
520 | add knob to relax GSSAPI host credential check for | ||
521 | multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker | ||
522 | (kerberos/GSSAPI is not compiled by default on OpenBSD) | ||
523 | |||
524 | Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d | ||
525 | |||
526 | commit aa72196a00be6e0b666215edcffbc10af234cb0e | ||
527 | Author: Darren Tucker <dtucker@zip.com.au> | ||
528 | Date: Fri May 22 17:49:46 2015 +1000 | ||
529 | |||
530 | Include signal.h for sig_atomic_t, used by kex.h. | ||
531 | |||
532 | bz#2402, from tomas.kuthan at oracle com. | ||
533 | |||
534 | commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a | ||
535 | Author: Darren Tucker <dtucker@zip.com.au> | ||
536 | Date: Fri May 22 12:47:24 2015 +1000 | ||
537 | |||
538 | Import updated moduli file from OpenBSD. | ||
539 | |||
540 | commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9 | ||
541 | Author: djm@openbsd.org <djm@openbsd.org> | ||
542 | Date: Thu May 21 12:01:19 2015 +0000 | ||
543 | |||
544 | upstream commit | ||
545 | |||
546 | Support "ssh-keygen -lF hostname" to find search known_hosts | ||
547 | and print key hashes. Already advertised by ssh-keygen(1), but not delivered | ||
548 | by code; ok dtucker@ | ||
549 | |||
550 | Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387 | ||
551 | |||
552 | commit e97201feca10b5196da35819ae516d0b87cf3a50 | ||
553 | Author: Damien Miller <djm@mindrot.org> | ||
554 | Date: Thu May 21 17:55:15 2015 +1000 | ||
555 | |||
556 | conditionalise util.h inclusion | ||
557 | |||
558 | commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0 | ||
559 | Author: djm@openbsd.org <djm@openbsd.org> | ||
560 | Date: Thu May 21 06:44:25 2015 +0000 | ||
561 | |||
562 | upstream commit | ||
563 | |||
564 | regress test for AuthorizedPrincipalsCommand | ||
565 | |||
566 | Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219 | ||
567 | |||
568 | commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1 | ||
569 | Author: djm@openbsd.org <djm@openbsd.org> | ||
570 | Date: Thu May 21 06:40:02 2015 +0000 | ||
571 | |||
572 | upstream commit | ||
573 | |||
574 | regress test for AuthorizedKeysCommand arguments | ||
575 | |||
576 | Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12 | ||
577 | |||
578 | commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1 | ||
579 | Author: djm@openbsd.org <djm@openbsd.org> | ||
580 | Date: Thu May 21 06:43:30 2015 +0000 | ||
581 | |||
582 | upstream commit | ||
583 | |||
584 | add AuthorizedPrincipalsCommand that allows getting | ||
585 | authorized_principals from a subprocess rather than a file, which is quite | ||
586 | useful in deployments with large userbases | ||
587 | |||
588 | feedback and ok markus@ | ||
589 | |||
590 | Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6 | ||
591 | |||
592 | commit 24232a3e5ab467678a86aa67968bbb915caffed4 | ||
593 | Author: djm@openbsd.org <djm@openbsd.org> | ||
594 | Date: Thu May 21 06:38:35 2015 +0000 | ||
595 | |||
596 | upstream commit | ||
597 | |||
598 | support arguments to AuthorizedKeysCommand | ||
599 | |||
600 | bz#2081 loosely based on patch by Sami Hartikainen | ||
601 | feedback and ok markus@ | ||
602 | |||
603 | Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7 | ||
604 | |||
605 | commit d80fbe41a57c72420c87a628444da16d09d66ca7 | ||
606 | Author: djm@openbsd.org <djm@openbsd.org> | ||
607 | Date: Thu May 21 04:55:51 2015 +0000 | ||
608 | |||
609 | upstream commit | ||
610 | |||
611 | refactor: split base64 encoding of pubkey into its own | ||
612 | sshkey_to_base64() function and out of sshkey_write(); ok markus@ | ||
613 | |||
614 | Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a | ||
615 | |||
616 | commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5 | ||
617 | Author: deraadt@openbsd.org <deraadt@openbsd.org> | ||
618 | Date: Mon May 18 15:06:05 2015 +0000 | ||
619 | |||
620 | upstream commit | ||
621 | |||
622 | getentropy() and sendsyslog() have been around long | ||
623 | enough. openssh-portable may want the #ifdef's but not base. discussed with | ||
624 | djm few weeks back | ||
625 | |||
626 | Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926 | ||
627 | |||
628 | commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e | ||
629 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
630 | Date: Fri May 15 05:44:21 2015 +0000 | ||
631 | |||
632 | upstream commit | ||
633 | |||
634 | Use a salted hash of the lock passphrase instead of plain | ||
635 | text and do constant-time comparisons of it. Should prevent leaking any | ||
636 | information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s | ||
637 | incrementing delay for each failed unlock attempt up to 10s. ok markus@ | ||
638 | (earlier version), djm@ | ||
639 | |||
640 | Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f | ||
641 | |||
642 | commit d028d5d3a697c71b21e4066d8672cacab3caa0a8 | ||
643 | Author: Damien Miller <djm@mindrot.org> | ||
644 | Date: Tue May 5 19:10:58 2015 +1000 | ||
645 | |||
646 | upstream commit | ||
647 | |||
648 | - tedu@cvs.openbsd.org 2015/01/12 03:20:04 | ||
649 | [bcrypt_pbkdf.c] | ||
650 | rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, | ||
651 | nor are they the same size. | ||
652 | |||
653 | commit f6391d4e59b058984163ab28f4e317e7a72478f1 | ||
654 | Author: Damien Miller <djm@mindrot.org> | ||
655 | Date: Tue May 5 19:10:23 2015 +1000 | ||
656 | |||
657 | upstream commit | ||
658 | |||
659 | - deraadt@cvs.openbsd.org 2015/01/08 00:30:07 | ||
660 | [bcrypt_pbkdf.c] | ||
661 | declare a local version of MIN(), call it MINIMUM() | ||
662 | |||
663 | commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f | ||
664 | Author: Damien Miller <djm@mindrot.org> | ||
665 | Date: Tue May 5 19:09:46 2015 +1000 | ||
666 | |||
667 | upstream commit | ||
668 | |||
669 | - djm@cvs.openbsd.org 2014/12/30 01:41:43 | ||
670 | [bcrypt_pbkdf.c] | ||
671 | typo in comment: ouput => output | ||
672 | |||
673 | commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2 | ||
674 | Author: djm@openbsd.org <djm@openbsd.org> | ||
675 | Date: Mon May 4 06:10:48 2015 +0000 | ||
676 | |||
677 | upstream commit | ||
678 | |||
679 | Remove pattern length argument from match_pattern_list(), we | ||
680 | only ever use it for strlen(pattern). | ||
681 | |||
682 | Prompted by hanno AT hboeck.de pointing an out-of-bound read | ||
683 | error caused by an incorrect pattern length found using AFL | ||
684 | and his own tools. | ||
685 | |||
686 | ok markus@ | ||
687 | |||
688 | commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4 | ||
689 | Author: djm@openbsd.org <djm@openbsd.org> | ||
690 | Date: Fri May 1 07:10:01 2015 +0000 | ||
691 | |||
692 | upstream commit | ||
693 | |||
694 | refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() | ||
695 | to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. | ||
696 | |||
697 | Improves error messages on TCP connection resets. bz#2257 | ||
698 | |||
699 | ok dtucker@ | ||
700 | |||
701 | commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d | ||
702 | Author: djm@openbsd.org <djm@openbsd.org> | ||
703 | Date: Fri May 1 07:08:08 2015 +0000 | ||
704 | |||
705 | upstream commit | ||
706 | |||
707 | a couple of parse targets were missing activep checks, | ||
708 | causing them to be misapplied in match context; bz#2272 diagnosis and | ||
709 | original patch from Sami Hartikainen ok dtucker@ | ||
710 | |||
711 | commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a | ||
712 | Author: djm@openbsd.org <djm@openbsd.org> | ||
713 | Date: Fri May 1 04:17:51 2015 +0000 | ||
714 | |||
715 | upstream commit | ||
716 | |||
717 | make handling of AuthorizedPrincipalsFile=none more | ||
718 | consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@ | ||
719 | |||
720 | commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7 | ||
721 | Author: djm@openbsd.org <djm@openbsd.org> | ||
722 | Date: Fri May 1 04:03:20 2015 +0000 | ||
723 | |||
724 | upstream commit | ||
725 | |||
726 | remove failed remote forwards established by muliplexing | ||
727 | from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok | ||
728 | dtucker@ | ||
729 | |||
730 | commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792 | ||
731 | Author: djm@openbsd.org <djm@openbsd.org> | ||
732 | Date: Fri May 1 04:01:58 2015 +0000 | ||
733 | |||
734 | upstream commit | ||
735 | |||
736 | reduce stderr spam when using ssh -S /path/mux -O forward | ||
737 | -R 0:... ok dtucker@ | ||
738 | |||
739 | commit 179be0f5e62f1f492462571944e45a3da660d82b | ||
740 | Author: djm@openbsd.org <djm@openbsd.org> | ||
741 | Date: Fri May 1 03:23:51 2015 +0000 | ||
742 | |||
743 | upstream commit | ||
744 | |||
745 | prevent authorized_keys options picked up on public key | ||
746 | tests without a corresponding private key authentication being applied to | ||
747 | other authentication methods. Reported by halex@, ok markus@ | ||
748 | |||
749 | commit a42d67be65b719a430b7fcaba2a4e4118382723a | ||
750 | Author: djm@openbsd.org <djm@openbsd.org> | ||
751 | Date: Fri May 1 03:20:54 2015 +0000 | ||
752 | |||
753 | upstream commit | ||
754 | |||
755 | Don't make parsing of authorized_keys' environment= | ||
756 | option conditional on PermitUserEnv - always parse it, but only use the | ||
757 | result if the option is enabled. This prevents the syntax of authorized_keys | ||
758 | changing depending on which sshd_config options were enabled. | ||
759 | |||
760 | bz#2329; based on patch from coladict AT gmail.com, ok dtucker@ | ||
761 | |||
762 | commit e661a86353e11592c7ed6a847e19a83609f49e77 | ||
763 | Author: djm@openbsd.org <djm@openbsd.org> | ||
764 | Date: Mon May 4 06:10:48 2015 +0000 | ||
765 | |||
766 | upstream commit | ||
767 | |||
768 | Remove pattern length argument from match_pattern_list(), we | ||
769 | only ever use it for strlen(pattern). | ||
770 | |||
771 | Prompted by hanno AT hboeck.de pointing an out-of-bound read | ||
772 | error caused by an incorrect pattern length found using AFL | ||
773 | and his own tools. | ||
774 | |||
775 | ok markus@ | ||
776 | |||
777 | commit 0ef1de742be2ee4b10381193fe90730925b7f027 | ||
778 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
779 | Date: Thu Apr 23 05:01:19 2015 +0000 | ||
780 | |||
781 | upstream commit | ||
782 | |||
783 | Add a simple regression test for sshd's configuration | ||
784 | parser. Right now, all it does is run the output of sshd -T back through | ||
785 | itself and ensure the output is valid and invariant. | ||
786 | |||
787 | commit 368f83c793275faa2c52f60eaa9bdac155c4254b | ||
788 | Author: djm@openbsd.org <djm@openbsd.org> | ||
789 | Date: Wed Apr 22 01:38:36 2015 +0000 | ||
790 | |||
791 | upstream commit | ||
792 | |||
793 | use correct key for nested certificate test | ||
794 | |||
795 | commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a | ||
796 | Author: djm@openbsd.org <djm@openbsd.org> | ||
797 | Date: Fri May 1 07:11:47 2015 +0000 | ||
798 | |||
799 | upstream commit | ||
800 | |||
801 | mention that the user's shell from /etc/passwd is used | ||
802 | for commands too; bz#1459 ok dtucker@ | ||
803 | |||
804 | commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf | ||
805 | Author: djm@openbsd.org <djm@openbsd.org> | ||
806 | Date: Fri May 8 07:29:00 2015 +0000 | ||
807 | |||
808 | upstream commit | ||
809 | |||
810 | whitespace | ||
811 | |||
812 | Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519 | ||
813 | |||
814 | commit 8377d5008ad260048192e1e56ad7d15a56d103dd | ||
815 | Author: djm@openbsd.org <djm@openbsd.org> | ||
816 | Date: Fri May 8 07:26:13 2015 +0000 | ||
817 | |||
818 | upstream commit | ||
819 | |||
820 | whitespace at EOL | ||
821 | |||
822 | Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554 | ||
823 | |||
824 | commit c28a3436fa8737709ea88e4437f8f23a6ab50359 | ||
825 | Author: djm@openbsd.org <djm@openbsd.org> | ||
826 | Date: Fri May 8 06:45:13 2015 +0000 | ||
827 | |||
828 | upstream commit | ||
829 | |||
830 | moar whitespace at eol | ||
831 | |||
832 | Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515 | ||
833 | |||
834 | commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb | ||
835 | Author: djm@openbsd.org <djm@openbsd.org> | ||
836 | Date: Fri May 8 06:41:56 2015 +0000 | ||
837 | |||
838 | upstream commit | ||
839 | |||
840 | whitespace at EOL | ||
841 | |||
842 | Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c | ||
843 | |||
844 | commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712 | ||
845 | Author: djm@openbsd.org <djm@openbsd.org> | ||
846 | Date: Fri May 8 03:56:51 2015 +0000 | ||
847 | |||
848 | upstream commit | ||
849 | |||
850 | whitespace at EOL | ||
851 | |||
852 | commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa | ||
853 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
854 | Date: Mon May 4 01:47:53 2015 +0000 | ||
855 | |||
856 | upstream commit | ||
857 | |||
858 | Use diff w/out -u for better portability | ||
859 | |||
860 | commit 297060f42d5189a4065ea1b6f0afdf6371fb0507 | ||
861 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
862 | Date: Fri May 8 03:25:07 2015 +0000 | ||
863 | |||
864 | upstream commit | ||
865 | |||
866 | Use xcalloc for permitted_adm_opens instead of xmalloc to | ||
867 | ensure it's zeroed. Fixes post-auth crash with permitopen=none. bz#2355, ok | ||
868 | djm@ | ||
869 | |||
870 | commit 63ebf019be863b2d90492a85e248cf55a6e87403 | ||
871 | Author: djm@openbsd.org <djm@openbsd.org> | ||
872 | Date: Fri May 8 03:17:49 2015 +0000 | ||
873 | |||
874 | upstream commit | ||
875 | |||
876 | don't choke on new-format private keys encrypted with an | ||
877 | AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@ | ||
878 | |||
879 | commit f8484dac678ab3098ae522a5f03bb2530f822987 | ||
880 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
881 | Date: Wed May 6 05:45:17 2015 +0000 | ||
882 | |||
883 | upstream commit | ||
884 | |||
885 | Clarify pseudo-terminal request behaviour and use | ||
886 | "pseudo-terminal" consistently. bz#1716, ok jmc@ "I like it" deraadt@. | ||
887 | |||
888 | commit ea139507bef8bad26e86ed99a42c7233ad115c38 | ||
889 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
890 | Date: Wed May 6 04:07:18 2015 +0000 | ||
891 | |||
892 | upstream commit | ||
893 | |||
894 | Blacklist DH-GEX for specific PuTTY versions known to | ||
895 | send non-RFC4419 DH-GEX messages rather than all versions of PuTTY. | ||
896 | According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX | ||
897 | messages. ok djm@ | ||
898 | |||
899 | commit b58234f00ee3872eb84f6e9e572a9a34e902e36e | ||
900 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
901 | Date: Tue May 5 10:17:49 2015 +0000 | ||
902 | |||
903 | upstream commit | ||
904 | |||
905 | WinSCP doesn't implement RFC4419 DH-GEX so flag it so we | ||
906 | don't offer that KEX method. ok markus@ | ||
907 | |||
908 | commit d5b1507a207253b39e810e91e68f9598691b7a29 | ||
909 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
910 | Date: Tue May 5 02:48:17 2015 +0000 | ||
911 | |||
912 | upstream commit | ||
913 | |||
914 | use the sizeof the struct not the sizeof a pointer to the | ||
915 | struct in ssh_digest_start() | ||
916 | |||
917 | This file is only used if ssh is built with OPENSSL=no | ||
918 | |||
919 | ok markus@ | ||
920 | |||
921 | commit a647b9b8e616c231594b2710c925d31b1b8afea3 | ||
922 | Author: Darren Tucker <dtucker@zip.com.au> | ||
923 | Date: Fri May 8 11:07:27 2015 +1000 | ||
924 | |||
925 | Put brackets around mblen() compat constant. | ||
926 | |||
927 | This might help with the reported problem cross compiling for Android | ||
928 | ("error: expected identifier or '(' before numeric constant") but | ||
929 | shouldn't hurt in any case. | ||
930 | |||
931 | commit d1680d36e17244d9af3843aeb5025cb8e40d6c07 | ||
932 | Author: Darren Tucker <dtucker@zip.com.au> | ||
933 | Date: Thu Apr 30 09:18:11 2015 +1000 | ||
934 | |||
935 | xrealloc -> xreallocarray in portable code too. | ||
936 | |||
937 | commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e | ||
938 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
939 | Date: Wed Apr 29 03:48:56 2015 +0000 | ||
940 | |||
941 | upstream commit | ||
942 | |||
943 | Allow ListenAddress, Port and AddressFamily in any | ||
944 | order. bz#68, ok djm@, jmc@ (for the man page bit). | ||
945 | |||
946 | commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f | ||
947 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
948 | Date: Tue Apr 28 13:47:38 2015 +0000 | ||
949 | |||
950 | upstream commit | ||
951 | |||
952 | enviroment -> environment: apologies to darren for not | ||
953 | spotting that first time round... | ||
954 | |||
955 | commit 43beea053db191cac47c2cd8d3dc1930158aff1a | ||
956 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
957 | Date: Tue Apr 28 10:25:15 2015 +0000 | ||
958 | |||
959 | upstream commit | ||
960 | |||
961 | Fix typo in previous | ||
962 | |||
963 | commit 85b96ef41374f3ddc9139581f87da09b2cd9199e | ||
964 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
965 | Date: Tue Apr 28 10:17:58 2015 +0000 | ||
966 | |||
967 | upstream commit | ||
968 | |||
969 | Document that the TERM environment variable is not | ||
970 | subject to SendEnv and AcceptEnv. bz#2386, based loosely on a patch from | ||
971 | jjelen at redhat, help and ok jmc@ | ||
972 | |||
973 | commit 88a7c598a94ff53f76df228eeaae238d2d467565 | ||
974 | Author: djm@openbsd.org <djm@openbsd.org> | ||
975 | Date: Mon Apr 27 21:42:48 2015 +0000 | ||
976 | |||
977 | upstream commit | ||
978 | |||
979 | Make sshd default to PermitRootLogin=no; ok deraadt@ | ||
980 | rpe@ | ||
981 | |||
982 | commit 734226b4480a6c736096c729fcf6f391400599c7 | ||
983 | Author: djm@openbsd.org <djm@openbsd.org> | ||
984 | Date: Mon Apr 27 01:52:30 2015 +0000 | ||
985 | |||
986 | upstream commit | ||
987 | |||
988 | fix compilation with OPENSSL=no; ok dtucker@ | ||
989 | |||
990 | commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6 | ||
991 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
992 | Date: Mon Apr 27 00:37:53 2015 +0000 | ||
993 | |||
994 | upstream commit | ||
995 | |||
996 | Include stdio.h for FILE (used in sshkey.h) so it | ||
997 | compiles with OPENSSL=no. | ||
998 | |||
999 | commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda | ||
1000 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1001 | Date: Mon Apr 27 00:21:21 2015 +0000 | ||
1002 | |||
1003 | upstream commit | ||
1004 | |||
1005 | allow "sshd -f none" to skip reading the config file, | ||
1006 | much like "ssh -F none" does. ok dtucker | ||
1007 | |||
1008 | commit b7ca276fca316c952f0b90f5adb1448c8481eedc | ||
1009 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1010 | Date: Fri Apr 24 06:26:49 2015 +0000 | ||
1011 | |||
1012 | upstream commit | ||
1013 | |||
1014 | combine -Dd onto one line and update usage(); | ||
1015 | |||
1016 | commit 2ea974630d7017e4c7666d14d9dc939707613e96 | ||
1017 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1018 | Date: Fri Apr 24 05:26:44 2015 +0000 | ||
1019 | |||
1020 | upstream commit | ||
1021 | |||
1022 | add ssh-agent -D to leave ssh-agent in foreground | ||
1023 | without enabling debug mode; bz#2381 ok dtucker@ | ||
1024 | |||
1025 | commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7 | ||
1026 | Author: deraadt@openbsd.org <deraadt@openbsd.org> | ||
1027 | Date: Fri Apr 24 01:36:24 2015 +0000 | ||
1028 | |||
1029 | upstream commit | ||
1030 | |||
1031 | 2*len -> use xreallocarray() ok djm | ||
1032 | |||
1033 | commit 657a5fbc0d0aff309079ff8fb386f17e964963c2 | ||
1034 | Author: deraadt@openbsd.org <deraadt@openbsd.org> | ||
1035 | Date: Fri Apr 24 01:36:00 2015 +0000 | ||
1036 | |||
1037 | upstream commit | ||
1038 | |||
1039 | rename xrealloc() to xreallocarray() since it follows | ||
1040 | that form. ok djm | ||
1041 | |||
1042 | commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa | ||
1043 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1044 | Date: Thu Apr 23 04:59:10 2015 +0000 | ||
1045 | |||
1046 | upstream commit | ||
1047 | |||
1048 | Two small fixes for sshd -T: ListenAddress'es are added | ||
1049 | to a list head so reverse the order when printing them to ensure the | ||
1050 | behaviour remains the same, and print StreamLocalBindMask as octal with | ||
1051 | leading zero. ok deraadt@ | ||
1052 | |||
1053 | commit bd902b8473e1168f19378d5d0ae68d0c203525df | ||
1054 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1055 | Date: Thu Apr 23 04:53:53 2015 +0000 | ||
1056 | |||
1057 | upstream commit | ||
1058 | |||
1059 | Check for and reject missing arguments for | ||
1060 | VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com, | ||
1061 | ok djm@ | ||
1062 | |||
1063 | commit ca42c1758575e592239de1d5755140e054b91a0d | ||
1064 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1065 | Date: Wed Apr 22 01:24:01 2015 +0000 | ||
1066 | |||
1067 | upstream commit | ||
1068 | |||
1069 | unknown certificate extensions are non-fatal, so don't | ||
1070 | fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok | ||
1071 | dtucker@ | ||
1072 | |||
1073 | commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8 | ||
1074 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
1075 | Date: Tue Apr 21 07:01:00 2015 +0000 | ||
1076 | |||
1077 | upstream commit | ||
1078 | |||
1079 | Add back a backslash removed in rev 1.42 so | ||
1080 | KEX_SERVER_ENCRYPT will include aes again. | ||
1081 | |||
1082 | ok deraadt@ | ||
1083 | |||
1084 | commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c | ||
1085 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1086 | Date: Fri Apr 17 13:32:09 2015 +0000 | ||
1087 | |||
1088 | upstream commit | ||
1089 | |||
1090 | s/recommended/required/ that private keys be og-r this | ||
1091 | wording change was made a while ago but got accidentally reverted | ||
1092 | |||
1093 | commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df | ||
1094 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1095 | Date: Fri Apr 17 13:25:52 2015 +0000 | ||
1096 | |||
1097 | upstream commit | ||
1098 | |||
1099 | don't try to cleanup NULL KEX proposals in | ||
1100 | kex_prop_free(); found by Jukka Taimisto and Markus Hietava | ||
1101 | |||
1102 | commit 3038a191872d2882052306098c1810d14835e704 | ||
1103 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1104 | Date: Fri Apr 17 13:19:22 2015 +0000 | ||
1105 | |||
1106 | upstream commit | ||
1107 | |||
1108 | use error/logit/fatal instead of fprintf(stderr, ...) | ||
1109 | and exit(0), fix a few errors that were being printed to stdout instead of | ||
1110 | stderr and a few non-errors that were going to stderr instead of stdout | ||
1111 | bz#2325; ok dtucker | ||
1112 | |||
1113 | commit a58be33cb6cd24441fa7e634db0e5babdd56f07f | ||
1114 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1115 | Date: Fri Apr 17 13:16:48 2015 +0000 | ||
1116 | |||
1117 | upstream commit | ||
1118 | |||
1119 | debug log missing DISPLAY environment when X11 | ||
1120 | forwarding requested; bz#1682 ok dtucker@ | ||
1121 | |||
1122 | commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474 | ||
1123 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1124 | Date: Fri Apr 17 04:32:31 2015 +0000 | ||
1125 | |||
1126 | upstream commit | ||
1127 | |||
1128 | don't call record_login() in monitor when UseLogin is | ||
1129 | enabled; bz#278 reported by drk AT sgi.com; ok dtucker | ||
1130 | |||
1131 | commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd | ||
1132 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1133 | Date: Fri Apr 17 04:12:35 2015 +0000 | ||
1134 | |||
1135 | upstream commit | ||
1136 | |||
1137 | Add some missing options to sshd -T and fix the output | ||
1138 | of VersionAddendum HostCertificate. bz#2346, patch from jjelen at redhat | ||
1139 | com, ok djm. | ||
1140 | |||
1141 | commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441 | ||
1142 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1143 | Date: Thu Apr 16 23:25:50 2015 +0000 | ||
1144 | |||
1145 | upstream commit | ||
1146 | |||
1147 | Document "none" for PidFile XAuthLocation | ||
1148 | TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@ | ||
1149 | |||
1150 | commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed | ||
1151 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1152 | Date: Wed Apr 15 23:23:25 2015 +0000 | ||
1153 | |||
1154 | upstream commit | ||
1155 | |||
1156 | Plug leak of address passed to logging. bz#2373, patch | ||
1157 | from jjelen at redhat, ok markus@ | ||
1158 | |||
1159 | commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291 | ||
1160 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1161 | Date: Tue Apr 14 04:17:03 2015 +0000 | ||
1162 | |||
1163 | upstream commit | ||
1164 | |||
1165 | Output remote username in debug output since with Host | ||
1166 | and Match it's not always obvious what it will be. bz#2368, ok djm@ | ||
1167 | |||
1168 | commit 70860b6d07461906730632f9758ff1b7c98c695a | ||
1169 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1170 | Date: Fri Apr 17 10:56:13 2015 +1000 | ||
1171 | |||
1172 | Format UsePAM setting when using sshd -T. | ||
1173 | |||
1174 | Part of bz#2346, patch from jjelen at redhat com. | ||
1175 | |||
1176 | commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814 | ||
1177 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1178 | Date: Fri Apr 17 10:40:23 2015 +1000 | ||
1179 | |||
1180 | Wrap endian.h include inside ifdef (bz#2370). | ||
1181 | |||
1182 | commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b | ||
1183 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1184 | Date: Fri Apr 17 09:39:58 2015 +1000 | ||
1185 | |||
1186 | Look for '${host}-ar' before 'ar'. | ||
1187 | |||
1188 | This changes configure.ac to look for '${host}-ar' as set by | ||
1189 | AC_CANONICAL_HOST before looking for the unprefixed 'ar'. | ||
1190 | Useful when cross-compiling when all your binutils are prefixed. | ||
1191 | |||
1192 | Patch from moben at exherbo org via astrand at lysator liu se and | ||
1193 | bz#2352. | ||
1194 | |||
1195 | commit 673a1c16ad078d41558247ce739fe812c960acc8 | ||
1196 | Author: Damien Miller <djm@google.com> | ||
1197 | Date: Thu Apr 16 11:40:20 2015 +1000 | ||
1198 | |||
1199 | remove dependency on arpa/telnet.h | ||
1200 | |||
1201 | commit 202d443eeda1829d336595a3cfc07827e49f45ed | ||
1202 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1203 | Date: Wed Apr 15 15:59:49 2015 +1000 | ||
1204 | |||
1205 | Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits. | ||
1206 | |||
1207 | commit 597986493412c499f2bc2209420cb195f97b3668 | ||
1208 | Author: Damien Miller <djm@google.com> | ||
1209 | Date: Thu Apr 9 10:14:48 2015 +1000 | ||
1210 | |||
1211 | platform's with openpty don't need pty_release | ||
1212 | |||
1213 | commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0 | ||
1214 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1215 | Date: Mon Apr 13 02:04:08 2015 +0000 | ||
1216 | |||
1217 | upstream commit | ||
1218 | |||
1219 | deprecate ancient, pre-RFC4419 and undocumented | ||
1220 | SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems | ||
1221 | reasonable" dtucker@ | ||
1222 | |||
1223 | commit d8f391caef62378463a0e6b36f940170dadfe605 | ||
1224 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1225 | Date: Fri Apr 10 05:16:50 2015 +0000 | ||
1226 | |||
1227 | upstream commit | ||
1228 | |||
1229 | Don't send hostkey advertisments | ||
1230 | (hostkeys-00@openssh.com) to current versions of Tera Term as they can't | ||
1231 | handle them. Newer versions should be OK. Patch from Bryan Drewery and | ||
1232 | IWAMOTO Kouichi, ok djm@ | ||
1233 | |||
1234 | commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636 | ||
1235 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1236 | Date: Fri Apr 10 00:08:55 2015 +0000 | ||
1237 | |||
1238 | upstream commit | ||
1239 | |||
1240 | include port number if a non-default one has been | ||
1241 | specified; based on patch from Michael Handler | ||
1242 | |||
1243 | commit 4492a4f222da4cf1e8eab12689196322e27b08c4 | ||
1244 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1245 | Date: Tue Apr 7 23:00:42 2015 +0000 | ||
1246 | |||
1247 | upstream commit | ||
1248 | |||
1249 | treat Protocol=1,2|2,1 as Protocol=2 when compiled | ||
1250 | without SSH1 support; ok dtucker@ millert@ | ||
1251 | |||
1252 | commit c265e2e6e932efc6d86f6cc885dea33637a67564 | ||
1253 | Author: miod@openbsd.org <miod@openbsd.org> | ||
1254 | Date: Sun Apr 5 15:43:43 2015 +0000 | ||
1255 | |||
1256 | upstream commit | ||
1257 | |||
1258 | Do not use int for sig_atomic_t; spotted by | ||
1259 | christos@netbsd; ok markus@ | ||
1260 | |||
1261 | commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc | ||
1262 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1263 | Date: Tue Apr 7 10:48:04 2015 +1000 | ||
1264 | |||
1265 | Use do{}while(0) for no-op functions. | ||
1266 | |||
1267 | From FreeBSD. | ||
1268 | |||
1269 | commit bb99844abae2b6447272f79e7fa84134802eb4df | ||
1270 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1271 | Date: Tue Apr 7 10:47:15 2015 +1000 | ||
1272 | |||
1273 | Wrap blf.h include in ifdef. From FreeBSD. | ||
1274 | |||
1275 | commit d9b9b43656091cf0ad55c122f08fadb07dad0abd | ||
1276 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1277 | Date: Tue Apr 7 09:10:00 2015 +1000 | ||
1278 | |||
1279 | Fix misspellings of regress CONFOPTS env variables. | ||
1280 | |||
1281 | Patch from Bryan Drewery. | ||
1282 | |||
1283 | commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156 | ||
1284 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1285 | Date: Fri Apr 3 22:17:27 2015 +0000 | ||
1286 | |||
1287 | upstream commit | ||
1288 | |||
1289 | correct return value in pubkey parsing, spotted by Ben Hawkes | ||
1290 | ok markus@ | ||
1291 | |||
1292 | commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f | ||
1293 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1294 | Date: Tue Mar 31 22:59:01 2015 +0000 | ||
1295 | |||
1296 | upstream commit | ||
1297 | |||
1298 | adapt to recent hostfile.c change: when parsing | ||
1299 | known_hosts without fully parsing the keys therein, hostkeys_foreach() will | ||
1300 | now correctly identify KEY_RSA1 keys; ok markus@ miod@ | ||
1301 | |||
1302 | commit 9e1777a0d1c706714b055811c12ab8cc21033e4a | ||
1303 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1304 | Date: Tue Mar 24 20:19:15 2015 +0000 | ||
1305 | |||
1306 | upstream commit | ||
1307 | |||
1308 | use ${SSH} for -Q instead of installed ssh | ||
1309 | |||
1310 | commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57 | ||
1311 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1312 | Date: Mon Mar 16 22:46:14 2015 +0000 | ||
1313 | |||
1314 | upstream commit | ||
1315 | |||
1316 | make CLEANFILES clean up more of the tests' droppings | ||
1317 | |||
1318 | commit 398f9ef192d820b67beba01ec234d66faca65775 | ||
1319 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1320 | Date: Tue Mar 31 22:57:06 2015 +0000 | ||
1321 | |||
1322 | upstream commit | ||
1323 | |||
1324 | downgrade error() for known_hosts parse errors to debug() | ||
1325 | to quiet warnings from ssh1 keys present when compiled !ssh1. | ||
1326 | |||
1327 | also identify ssh1 keys when scanning, even when compiled !ssh1 | ||
1328 | |||
1329 | ok markus@ miod@ | ||
1330 | |||
1331 | commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9 | ||
1332 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1333 | Date: Tue Mar 31 22:55:50 2015 +0000 | ||
1334 | |||
1335 | upstream commit | ||
1336 | |||
1337 | fd leak for !ssh1 case; found by unittests; ok markus@ | ||
1338 | |||
1339 | commit c9a0805a6280681901c270755a7cd630d7c5280e | ||
1340 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1341 | Date: Tue Mar 31 22:55:24 2015 +0000 | ||
1342 | |||
1343 | upstream commit | ||
1344 | |||
1345 | don't fatal when a !ssh1 sshd is reexeced from a w/ssh1 | ||
1346 | listener; reported by miod@; ok miod@ markus@ | ||
1347 | |||
1348 | commit 704d8c88988cae38fb755a6243b119731d223222 | ||
1349 | Author: tobias@openbsd.org <tobias@openbsd.org> | ||
1350 | Date: Tue Mar 31 11:06:49 2015 +0000 | ||
1351 | |||
1352 | upstream commit | ||
1353 | |||
1354 | Comments are only supported for RSA1 keys. If a user | ||
1355 | tried to add one and entered his passphrase, explicitly clear it before exit. | ||
1356 | This is done in all other error paths, too. | ||
1357 | |||
1358 | ok djm | ||
1359 | |||
1360 | commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9 | ||
1361 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1362 | Date: Mon Mar 30 18:28:37 2015 +0000 | ||
1363 | |||
1364 | upstream commit | ||
1365 | |||
1366 | ssh-askpass(1) is the default, overridden by SSH_ASKPASS; | ||
1367 | diff originally from jiri b; | ||
1368 | |||
1369 | commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00 | ||
1370 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1371 | Date: Mon Mar 30 00:00:29 2015 +0000 | ||
1372 | |||
1373 | upstream commit | ||
1374 | |||
1375 | fix uninitialised memory read when parsing a config file | ||
1376 | consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok | ||
1377 | dtucker | ||
1378 | |||
1379 | commit fecede00a76fbb33a349f5121c0b2f9fbc04a777 | ||
1380 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1381 | Date: Thu Mar 26 19:32:19 2015 +0000 | ||
1382 | |||
1383 | upstream commit | ||
1384 | |||
1385 | sigp and lenp are not optional in ssh_agent_sign(); ok | ||
1386 | djm@ | ||
1387 | |||
1388 | commit 1b0ef3813244c78669e6d4d54c624f600945327d | ||
1389 | Author: naddy@openbsd.org <naddy@openbsd.org> | ||
1390 | Date: Thu Mar 26 12:32:38 2015 +0000 | ||
1391 | |||
1392 | upstream commit | ||
1393 | |||
1394 | don't try to load .ssh/identity by default if SSH1 is | ||
1395 | disabled; ok markus@ | ||
1396 | |||
1397 | commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31 | ||
1398 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1399 | Date: Thu Mar 26 07:00:04 2015 +0000 | ||
1400 | |||
1401 | upstream commit | ||
1402 | |||
1403 | ban all-zero curve25519 keys as recommended by latest | ||
1404 | CFRG curves draft; ok markus | ||
1405 | |||
1406 | commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c | ||
1407 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1408 | Date: Thu Mar 26 06:59:28 2015 +0000 | ||
1409 | |||
1410 | upstream commit | ||
1411 | |||
1412 | relax bits needed check to allow | ||
1413 | diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was | ||
1414 | selected as symmetric cipher; ok markus | ||
1415 | |||
1416 | commit 47842f71e31da130555353c1d57a1e5a8937f1c0 | ||
1417 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1418 | Date: Wed Mar 25 19:29:58 2015 +0000 | ||
1419 | |||
1420 | upstream commit | ||
1421 | |||
1422 | ignore v1 errors on ssh-add -D; only try v2 keys on | ||
1423 | -l/-L (unless WITH_SSH1) ok djm@ | ||
1424 | |||
1425 | commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6 | ||
1426 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1427 | Date: Wed Mar 25 19:21:48 2015 +0000 | ||
1428 | |||
1429 | upstream commit | ||
1430 | |||
1431 | unbreak ssh_agent_sign (lenp vs *lenp) | ||
1432 | |||
1433 | commit 4daeb67181054f2a377677fac919ee8f9ed3490e | ||
1434 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1435 | Date: Tue Mar 24 20:10:08 2015 +0000 | ||
1436 | |||
1437 | upstream commit | ||
1438 | |||
1439 | don't leak 'setp' on error; noted by Nicholas Lemonias; | ||
1440 | ok djm@ | ||
1441 | |||
1442 | commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5 | ||
1443 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1444 | Date: Tue Mar 24 20:09:11 2015 +0000 | ||
1445 | |||
1446 | upstream commit | ||
1447 | |||
1448 | consistent check for NULL as noted by Nicholas | ||
1449 | Lemonias; ok djm@ | ||
1450 | |||
1451 | commit df100be51354e447d9345cf1ec22e6013c0eed50 | ||
1452 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1453 | Date: Tue Mar 24 20:03:44 2015 +0000 | ||
1454 | |||
1455 | upstream commit | ||
1456 | |||
1457 | correct fmt-string for size_t as noted by Nicholas | ||
1458 | Lemonias; ok djm@ | ||
1459 | |||
1460 | commit a22b9ef21285e81775732436f7c84a27bd3f71e0 | ||
1461 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1462 | Date: Tue Mar 24 09:17:21 2015 +0000 | ||
1463 | |||
1464 | upstream commit | ||
1465 | |||
1466 | promote chacha20-poly1305@openssh.com to be the default | ||
1467 | cipher; ok markus | ||
1468 | |||
1469 | commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5 | ||
1470 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1471 | Date: Tue Mar 24 01:29:19 2015 +0000 | ||
1472 | |||
1473 | upstream commit | ||
1474 | |||
1475 | Compile-time disable SSH protocol 1. You can turn it | ||
1476 | back on using the Makefile.inc knob if you need it to talk to ancient | ||
1477 | devices. | ||
1478 | |||
1479 | commit 53097b2022154edf96b4e8526af5666f979503f7 | ||
1480 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1481 | Date: Tue Mar 24 01:11:12 2015 +0000 | ||
1482 | |||
1483 | upstream commit | ||
1484 | |||
1485 | fix double-negative error message "ssh1 is not | ||
1486 | unsupported" | ||
1487 | |||
1488 | commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9 | ||
1489 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1490 | Date: Mon Mar 23 06:06:38 2015 +0000 | ||
1491 | |||
1492 | upstream commit | ||
1493 | |||
1494 | for ssh-keygen -A, don't try (and fail) to generate ssh | ||
1495 | v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled | ||
1496 | without OpenSSL based on patch by Mike Frysinger; bz#2369 | ||
1497 | |||
1498 | commit 725fd22a8c41db7de73a638539a5157b7e4424ae | ||
1499 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1500 | Date: Wed Mar 18 01:44:21 2015 +0000 | ||
1501 | |||
1502 | upstream commit | ||
1503 | |||
1504 | KRL support doesn't need OpenSSL anymore, remove #ifdefs | ||
1505 | from around call | ||
1506 | |||
1507 | commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7 | ||
1508 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1509 | Date: Mon Mar 16 11:09:52 2015 +0000 | ||
1510 | |||
1511 | upstream commit | ||
1512 | |||
1513 | #if 0 some more arrays used only for decrypting (we don't | ||
1514 | use since we only need encrypt for AES-CTR) | ||
1515 | |||
1516 | commit 1cb3016635898d287e9d58b50c430995652d5358 | ||
1517 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
1518 | Date: Wed Mar 11 00:48:39 2015 +0000 | ||
1519 | |||
1520 | upstream commit | ||
1521 | |||
1522 | add back the changes from rev 1.206, djm reverted this by | ||
1523 | mistake in rev 1.207 | ||
1524 | |||
1525 | commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697 | ||
1526 | Author: Damien Miller <djm@mindrot.org> | ||
1527 | Date: Fri Mar 20 09:11:59 2015 +1100 | ||
1528 | |||
1529 | remove error() accidentally inserted for debugging | ||
1530 | |||
1531 | pointed out by Christian Hesse | ||
1532 | |||
1 | commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb | 1533 | commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb |
2 | Author: Tim Rice <tim@multitalents.net> | 1534 | Author: Tim Rice <tim@multitalents.net> |
3 | Date: Mon Mar 16 22:49:20 2015 -0700 | 1535 | Date: Mon Mar 16 22:49:20 2015 -0700 |
@@ -7401,1184 +8933,3 @@ Date: Tue Jul 2 20:06:46 2013 +1000 | |||
7401 | the Cygwin README file (which hasn't been updated for ages), drop | 8933 | the Cygwin README file (which hasn't been updated for ages), drop |
7402 | unsupported OSes from the ssh-host-config help text, and drop an | 8934 | unsupported OSes from the ssh-host-config help text, and drop an |
7403 | unneeded option from ssh-user-config. Patch from vinschen at redhat com. | 8935 | unneeded option from ssh-user-config. Patch from vinschen at redhat com. |
7404 | |||
7405 | commit b8ae92d08b91beaef34232c6ef34b9941473fdd6 | ||
7406 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7407 | Date: Tue Jun 11 12:10:02 2013 +1000 | ||
7408 | |||
7409 | - (dtucker) [myproposal.h] Make the conditional algorithm support consistent | ||
7410 | and add some comments so it's clear what goes where. | ||
7411 | |||
7412 | commit 97b62f41adcb0dcbeff142d0540793a7ea17c910 | ||
7413 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7414 | Date: Tue Jun 11 11:47:24 2013 +1000 | ||
7415 | |||
7416 | - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have | ||
7417 | the required OpenSSL support. Patch from naddy at freebsd. | ||
7418 | |||
7419 | commit 6d8bd57448b45b42809da32857d7804444349ee7 | ||
7420 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7421 | Date: Tue Jun 11 11:26:10 2013 +1000 | ||
7422 | |||
7423 | - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported | ||
7424 | algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. | ||
7425 | |||
7426 | commit 36187093ea0b2d2240c043417b8949611687e105 | ||
7427 | Author: Damien Miller <djm@mindrot.org> | ||
7428 | Date: Mon Jun 10 13:07:11 2013 +1000 | ||
7429 | |||
7430 | - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 | ||
7431 | [channels.c channels.h clientloop.c] | ||
7432 | Add an "ABANDONED" channel state and use for mux sessions that are | ||
7433 | disconnected via the ~. escape sequence. Channels in this state will | ||
7434 | be able to close if the server responds, but do not count as active channels. | ||
7435 | This means that if you ~. all of the mux clients when using ControlPersist | ||
7436 | on a broken network, the backgrounded mux master will exit when the | ||
7437 | Control Persist time expires rather than hanging around indefinitely. | ||
7438 | bz#1917, also reported and tested by tedu@. ok djm@ markus@. | ||
7439 | |||
7440 | commit ae133d4b31af05bb232d797419f498f3ae7e9f2d | ||
7441 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7442 | Date: Thu Jun 6 08:30:20 2013 +1000 | ||
7443 | |||
7444 | - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for | ||
7445 | platforms that don't have multibyte character support (specifically, | ||
7446 | mblen). | ||
7447 | |||
7448 | commit 408eaf3ab716096f8faf30f091bd54a2c7a17a09 | ||
7449 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7450 | Date: Thu Jun 6 08:22:46 2013 +1000 | ||
7451 | |||
7452 | - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 | ||
7453 | [readconf.c] | ||
7454 | plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm | ||
7455 | |||
7456 | commit e52a260f16888ca75390f97de4606943e61785e8 | ||
7457 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7458 | Date: Thu Jun 6 08:22:05 2013 +1000 | ||
7459 | |||
7460 | - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 | ||
7461 | [sshconnect2.c] | ||
7462 | Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm | ||
7463 | |||
7464 | commit 0cca17fa1819d3a0ba06a6db41ab3eaa8d769587 | ||
7465 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7466 | Date: Thu Jun 6 08:21:14 2013 +1000 | ||
7467 | |||
7468 | - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 | ||
7469 | [sshd.c] | ||
7470 | When running sshd -D, close stderr unless we have explicitly requesting | ||
7471 | logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch | ||
7472 | so, err, ok dtucker. | ||
7473 | |||
7474 | commit 746e9067bd9b3501876e1c86f38f3c510a12f895 | ||
7475 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7476 | Date: Thu Jun 6 08:20:13 2013 +1000 | ||
7477 | |||
7478 | - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 | ||
7479 | [mux.c] | ||
7480 | fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, | ||
7481 | ok djm | ||
7482 | |||
7483 | commit ea64721275a81c4788af36294d94bf4f74012e06 | ||
7484 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7485 | Date: Thu Jun 6 08:19:09 2013 +1000 | ||
7486 | |||
7487 | - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 | ||
7488 | [sftp.c] | ||
7489 | Make sftp's libedit interface marginally multibyte aware by building up | ||
7490 | the quoted string by character instead of by byte. Prevents failures | ||
7491 | when linked against a libedit built with wide character support (bz#1990). | ||
7492 | "looks ok" djm | ||
7493 | |||
7494 | commit 194454d7a8f8cb8ac55f2b9d0199ef9445788bee | ||
7495 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7496 | Date: Thu Jun 6 08:16:04 2013 +1000 | ||
7497 | |||
7498 | - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 | ||
7499 | [scp.c] | ||
7500 | use MAXPATHLEN for buffer size instead of fixed value. ok markus | ||
7501 | |||
7502 | commit 4ac66af091cf6db5a42c18e43738ca9c41e338e5 | ||
7503 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7504 | Date: Thu Jun 6 08:12:37 2013 +1000 | ||
7505 | |||
7506 | - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 | ||
7507 | [mac.c] | ||
7508 | force the MAC output to be 64-bit aligned so umac won't see unaligned | ||
7509 | accesses on strict-alignment architectures. bz#2101, patch from | ||
7510 | tomas.kuthan at oracle.com, ok djm@ | ||
7511 | |||
7512 | commit ea8342c248ad6c0a4fe1a70de133f954973bd2b2 | ||
7513 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7514 | Date: Thu Jun 6 08:11:40 2013 +1000 | ||
7515 | |||
7516 | - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 | ||
7517 | [clientloop.h clientloop.c mux.c] | ||
7518 | No need for the mux cleanup callback to be visible so restore it to static | ||
7519 | and call it through the detach_user function pointer. ok djm@ | ||
7520 | |||
7521 | commit 5d12b8f05d79ba89d0807910a664fa80f6f3bf8c | ||
7522 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7523 | Date: Thu Jun 6 08:09:10 2013 +1000 | ||
7524 | |||
7525 | - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 | ||
7526 | [channels.h] | ||
7527 | typo in comment | ||
7528 | |||
7529 | commit dc62edbf121c41e8b5270904091039450206d98a | ||
7530 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7531 | Date: Thu Jun 6 05:12:35 2013 +1000 | ||
7532 | |||
7533 | - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building | ||
7534 | modpipe in case there's anything in there we need. | ||
7535 | |||
7536 | commit 2a22873cd869679415104bc9f6bb154811ee604c | ||
7537 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7538 | Date: Thu Jun 6 01:59:13 2013 +1000 | ||
7539 | |||
7540 | - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the | ||
7541 | forwarding test is extremely slow copying data on some machines so switch | ||
7542 | back to copying the much smaller ls binary until we can figure out why | ||
7543 | this is. | ||
7544 | |||
7545 | commit b4e00949f01176cd4fae3e0cef5ffa8dea379042 | ||
7546 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7547 | Date: Wed Jun 5 22:48:44 2013 +1000 | ||
7548 | |||
7549 | - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. | ||
7550 | Patch from cjwatson at debian. | ||
7551 | |||
7552 | commit 2ea9eb77a7fcab3190564ef5a6a5377a600aa391 | ||
7553 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7554 | Date: Wed Jun 5 15:04:00 2013 +1000 | ||
7555 | |||
7556 | - (dtucker) Enable sha256 kex methods based on the presence of the necessary | ||
7557 | functions, not from the openssl version. | ||
7558 | |||
7559 | commit 16cac190ebb9b5612cccea63a7c22ac33bc9a07a | ||
7560 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7561 | Date: Tue Jun 4 12:55:24 2013 +1000 | ||
7562 | |||
7563 | - (dtucker) [configure.ac] Some other platforms need sys/types.h before | ||
7564 | sys/socket.h. | ||
7565 | |||
7566 | commit 0b43ffe143a5843703c3755fa040b8684fb04134 | ||
7567 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7568 | Date: Mon Jun 3 09:30:44 2013 +1000 | ||
7569 | |||
7570 | - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. | ||
7571 | |||
7572 | commit 3f3064c82238c486706471d300217d73dd0f125e | ||
7573 | Author: Tim Rice <tim@multitalents.net> | ||
7574 | Date: Sun Jun 2 15:13:09 2013 -0700 | ||
7575 | |||
7576 | - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker | ||
7577 | |||
7578 | commit 01ec0af301f60fefdd0079647f13ef9abadd2db5 | ||
7579 | Author: Tim Rice <tim@multitalents.net> | ||
7580 | Date: Sun Jun 2 14:31:27 2013 -0700 | ||
7581 | |||
7582 | - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. | ||
7583 | feedback and ok dtucker | ||
7584 | |||
7585 | commit 5ab9b63468100757479534edeb53f788a61fe08b | ||
7586 | Author: Tim Rice <tim@multitalents.net> | ||
7587 | Date: Sun Jun 2 14:05:48 2013 -0700 | ||
7588 | |||
7589 | - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we | ||
7590 | need a shell that can handle "[ file1 -nt file2 ]". Rather than keep | ||
7591 | dealing with shell portability issues in regression tests, we let | ||
7592 | configure find us a capable shell on those platforms with an old /bin/sh. | ||
7593 | |||
7594 | commit 898ac935e56a7ac5d8b686c590fdb8b7aca27e59 | ||
7595 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7596 | Date: Mon Jun 3 02:03:25 2013 +1000 | ||
7597 | |||
7598 | - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. | ||
7599 | Patch from Nathan Osman. | ||
7600 | |||
7601 | commit ef4901c3eb98c7ab1342c3cd8f2638da1f4b0678 | ||
7602 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7603 | Date: Mon Jun 3 01:59:13 2013 +1000 | ||
7604 | |||
7605 | - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms | ||
7606 | to prevent noise from configure. Patch from Nathan Osman. | ||
7607 | |||
7608 | commit 073f795bc1c7728c320e5982c0d417376b0907f5 | ||
7609 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7610 | Date: Sun Jun 2 23:47:11 2013 +1000 | ||
7611 | |||
7612 | - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 | ||
7613 | [ssh-agent.c] | ||
7614 | Make parent_alive_interval time_t to avoid signed/unsigned comparison | ||
7615 | |||
7616 | commit 00e1abb1ebe13ab24e812f68715f46e65e7c5271 | ||
7617 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7618 | Date: Sun Jun 2 23:46:24 2013 +1000 | ||
7619 | |||
7620 | - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 | ||
7621 | [progressmeter.c] | ||
7622 | Add misc.h for monotime prototype. (id sync only) | ||
7623 | |||
7624 | commit 86211d1738695e63b2a68f0c3a4f60e1a9d9bda3 | ||
7625 | Author: Tim Rice <tim@multitalents.net> | ||
7626 | Date: Sat Jun 1 18:38:23 2013 -0700 | ||
7627 | |||
7628 | 20130602 | ||
7629 | - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy | ||
7630 | linking regress/modpipe. | ||
7631 | |||
7632 | commit e9887d1c37940b9d6c72d55cfad7a40de4c6e28d | ||
7633 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7634 | Date: Sun Jun 2 09:17:09 2013 +1000 | ||
7635 | |||
7636 | - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. | ||
7637 | |||
7638 | commit 65cf74079a2d563c4ede649116a13ca78c8cc2a4 | ||
7639 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7640 | Date: Sun Jun 2 09:11:19 2013 +1000 | ||
7641 | |||
7642 | fix typo | ||
7643 | |||
7644 | commit c9a1991b95a4c9f04f9dcef299a8110d2ec80d3e | ||
7645 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7646 | Date: Sun Jun 2 08:37:05 2013 +1000 | ||
7647 | |||
7648 | - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 | ||
7649 | [sftp-client.c] | ||
7650 | Update progressmeter when data is acked, not when it's sent. bz#2108, from | ||
7651 | Debian via Colin Watson, ok djm@ | ||
7652 | |||
7653 | commit a710891659202c82545e84725d4e5cd77aef567c | ||
7654 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7655 | Date: Sun Jun 2 08:18:31 2013 +1000 | ||
7656 | |||
7657 | - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall | ||
7658 | back to time(NULL) if we can't find it anywhere. | ||
7659 | |||
7660 | commit f60845fde29cead9d75e812db1c04916b4c58ffd | ||
7661 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7662 | Date: Sun Jun 2 08:07:31 2013 +1000 | ||
7663 | |||
7664 | - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c | ||
7665 | groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c | ||
7666 | sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c | ||
7667 | openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c | ||
7668 | openbsd-compat/port-linux.c] Replace portable-specific instances of xfree | ||
7669 | with the equivalent calls to free. | ||
7670 | |||
7671 | commit 12f6533215c0a36ab29d11ff52a853fce45573b4 | ||
7672 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7673 | Date: Sun Jun 2 08:01:24 2013 +1000 | ||
7674 | |||
7675 | Remove stray '+' accidentally introduced in sync | ||
7676 | |||
7677 | commit 3750fce6ac6b287f62584ac55a4406df95c71b92 | ||
7678 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7679 | Date: Sun Jun 2 07:52:21 2013 +1000 | ||
7680 | |||
7681 | - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 | ||
7682 | [scp.c sftp-client.c] | ||
7683 | Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch | ||
7684 | from Nathan Osman via bz#2113. ok deraadt. | ||
7685 | |||
7686 | (note: corrected bug number from 2085) | ||
7687 | |||
7688 | commit b759c9c2efebe7b416ab81093ca8eb17836b6933 | ||
7689 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7690 | Date: Sun Jun 2 07:46:16 2013 +1000 | ||
7691 | |||
7692 | - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 | ||
7693 | [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c | ||
7694 | channels.c sandbox-systrace.c] | ||
7695 | Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like | ||
7696 | keepalives and rekeying will work properly over clock steps. Suggested by | ||
7697 | markus@, "looks good" djm@. | ||
7698 | |||
7699 | commit 55119253c64808b0d3b2ab5d2bc67ee9dac3430b | ||
7700 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7701 | Date: Sun Jun 2 07:43:59 2013 +1000 | ||
7702 | |||
7703 | - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 | ||
7704 | [ssh-agent.c] | ||
7705 | Use time_t where appropriate. ok djm | ||
7706 | |||
7707 | commit 0acca3797d53d958d240c69a5f222f2aa8444858 | ||
7708 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7709 | Date: Sun Jun 2 07:41:51 2013 +1000 | ||
7710 | |||
7711 | - djm@cvs.openbsd.org 2013/05/19 02:42:42 | ||
7712 | [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] | ||
7713 | Standardise logging of supplemental information during userauth. Keys | ||
7714 | and ruser is now logged in the auth success/failure message alongside | ||
7715 | the local username, remote host/port and protocol in use. Certificates | ||
7716 | contents and CA are logged too. | ||
7717 | Pushing all logging onto a single line simplifies log analysis as it is | ||
7718 | no longer necessary to relate information scattered across multiple log | ||
7719 | entries. "I like it" markus@ | ||
7720 | |||
7721 | commit 74836ae0fabcc1a76b9d9eacd1629c88a054b2d0 | ||
7722 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7723 | Date: Sun Jun 2 07:32:00 2013 +1000 | ||
7724 | |||
7725 | - djm@cvs.openbsd.org 2013/05/19 02:38:28 | ||
7726 | [auth2-pubkey.c] | ||
7727 | fix failure to recognise cert-authority keys if a key of a different type | ||
7728 | appeared in authorized_keys before it; ok markus@ | ||
7729 | |||
7730 | commit a627d42e51ffa71e014d7b2d2c07118122fd3ec3 | ||
7731 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7732 | Date: Sun Jun 2 07:31:17 2013 +1000 | ||
7733 | |||
7734 | - djm@cvs.openbsd.org 2013/05/17 00:13:13 | ||
7735 | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c | ||
7736 | ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c | ||
7737 | gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c | ||
7738 | auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c | ||
7739 | servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c | ||
7740 | auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c | ||
7741 | sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c | ||
7742 | kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c | ||
7743 | kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c | ||
7744 | monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c | ||
7745 | ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c | ||
7746 | sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c | ||
7747 | ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c | ||
7748 | dns.c packet.c readpass.c authfd.c moduli.c] | ||
7749 | bye, bye xfree(); ok markus@ | ||
7750 | |||
7751 | commit c7aad0058c957afeb26a3f703e8cb0eddeb62365 | ||
7752 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7753 | Date: Sun Jun 2 07:18:47 2013 +1000 | ||
7754 | |||
7755 | - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS | ||
7756 | rather than trying to enumerate the plaforms that don't have them. | ||
7757 | Based on a patch from Nathan Osman, with help from tim@. | ||
7758 | |||
7759 | commit c0c3373216801797053e123b5f62d35bf41b3611 | ||
7760 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7761 | Date: Sun Jun 2 06:28:03 2013 +1000 | ||
7762 | |||
7763 | - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to | ||
7764 | using openssl's DES_crpyt function on platorms that don't have a native | ||
7765 | one, eg Android. Based on a patch from Nathan Osman. | ||
7766 | |||
7767 | commit efdf5342143a887013a1daae583167dadf6752a7 | ||
7768 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7769 | Date: Thu May 30 08:29:08 2013 +1000 | ||
7770 | |||
7771 | - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null | ||
7772 | implementation of endgrent for platforms that don't have it (eg Android). | ||
7773 | Loosely based on a patch from Nathan Osman, ok djm | ||
7774 | |||
7775 | commit 9b42d327380e5cd04efde6fb70e1535fecedf0d7 | ||
7776 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7777 | Date: Fri May 17 20:48:59 2013 +1000 | ||
7778 | |||
7779 | - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 | ||
7780 | [regress/scp.sh] | ||
7781 | use a file extention that's not special on some platforms. from portable | ||
7782 | (id sync only) | ||
7783 | |||
7784 | commit 0a404b0ed79ba45ccaf7ed5528a8f5004c3698cb | ||
7785 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7786 | Date: Fri May 17 20:47:29 2013 +1000 | ||
7787 | |||
7788 | - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 | ||
7789 | [regress/portnum.sh] | ||
7790 | use a more portable negated if structure. from portable (id sync only) | ||
7791 | |||
7792 | commit 62ee222e6f3f5ee288434f58b5136ae3d56f5164 | ||
7793 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7794 | Date: Fri May 17 20:46:00 2013 +1000 | ||
7795 | |||
7796 | - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 | ||
7797 | [regress/agent-getpeereid.sh] | ||
7798 | don't redirect stdout from sudo. from portable (id sync only) | ||
7799 | |||
7800 | commit 00478d30cb4bcc18dc1ced8144d16b03cdf790f6 | ||
7801 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7802 | Date: Fri May 17 20:45:06 2013 +1000 | ||
7803 | |||
7804 | - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 | ||
7805 | [regress/test-exec.sh] | ||
7806 | wait a bit longer for startup and use case for absolute path. | ||
7807 | from portable (id sync only) | ||
7808 | |||
7809 | commit 98989eb95eef0aefed7e9fb4e65c2f625be946f6 | ||
7810 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7811 | Date: Fri May 17 20:44:09 2013 +1000 | ||
7812 | |||
7813 | - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 | ||
7814 | [regress/sftp.sh] | ||
7815 | only compare copied data if sftp succeeds. from portable (id sync only) | ||
7816 | |||
7817 | commit 438f60eb9a5f7cd40bb242cfec865e4fde71b07c | ||
7818 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7819 | Date: Fri May 17 20:43:13 2013 +1000 | ||
7820 | |||
7821 | - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 | ||
7822 | [regress/sftp-badcmds.sh] | ||
7823 | remove unused BATCH variable. (id sync only) | ||
7824 | |||
7825 | commit 1466bd25a8d1ff7ae455a795d2d7d52dc17d2938 | ||
7826 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7827 | Date: Fri May 17 20:42:05 2013 +1000 | ||
7828 | |||
7829 | - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 | ||
7830 | [localcommand.sh] | ||
7831 | use backticks for portability. (id sync only) | ||
7832 | |||
7833 | commit 05b5e518c9969d63471f2ccfd85b1de6e724d30b | ||
7834 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7835 | Date: Fri May 17 20:41:07 2013 +1000 | ||
7836 | |||
7837 | - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 | ||
7838 | [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] | ||
7839 | Use SUDO when cat'ing pid files and running the sshd log wrapper so that | ||
7840 | it works with a restrictive umask and the pid files are not world readable. | ||
7841 | Changes from -portable. (id sync only) | ||
7842 | |||
7843 | commit dd669173f93ea8c8397e0af758eaf13ab4f1c591 | ||
7844 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7845 | Date: Fri May 17 20:39:57 2013 +1000 | ||
7846 | |||
7847 | - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 | ||
7848 | [regress/try-ciphers.sh] | ||
7849 | use expr for math to keep diffs vs portable down | ||
7850 | (id sync only) | ||
7851 | |||
7852 | commit 044f32f4c6fd342f9f5949bb0ca77624c0db4494 | ||
7853 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7854 | Date: Fri May 17 20:12:57 2013 +1000 | ||
7855 | |||
7856 | - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by | ||
7857 | rev 1.6 which calls wait. | ||
7858 | |||
7859 | commit 9cc8ff7b63f175661c8807006f6d2649d56ac402 | ||
7860 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7861 | Date: Fri May 17 20:01:52 2013 +1000 | ||
7862 | |||
7863 | - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. | ||
7864 | |||
7865 | commit f8d5b3451726530a864b172c556c311370c244e1 | ||
7866 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7867 | Date: Fri May 17 19:53:25 2013 +1000 | ||
7868 | |||
7869 | - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 | ||
7870 | helper function to the portable part of test-exec.sh. | ||
7871 | |||
7872 | commit 6f66981ed3c6bb83b937959f329323975e356c33 | ||
7873 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7874 | Date: Fri May 17 19:28:51 2013 +1000 | ||
7875 | |||
7876 | - (dtucker) [regress/test-exec.sh] Move the portable-specific functions | ||
7877 | together and add a couple of missing lines from openbsd. | ||
7878 | |||
7879 | commit 5f1a89a3b67264f4aa83e057cd4f74fd60b9ffa4 | ||
7880 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7881 | Date: Fri May 17 19:17:58 2013 +1000 | ||
7882 | |||
7883 | - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] | ||
7884 | Move the jot helper function to portable-specific part of test-exec.sh. | ||
7885 | |||
7886 | commit 96457a54d05dea81f34ecb4e059d2f8b98382b85 | ||
7887 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7888 | Date: Fri May 17 19:03:38 2013 +1000 | ||
7889 | |||
7890 | - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. | ||
7891 | |||
7892 | commit 7f193236594e8328ad133ea05eded31f837b45b5 | ||
7893 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7894 | Date: Fri May 17 19:02:28 2013 +1000 | ||
7895 | |||
7896 | - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. | ||
7897 | |||
7898 | commit 8654dd2d737800d09e7730b3dfc2a54411f4cf90 | ||
7899 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7900 | Date: Fri May 17 16:03:48 2013 +1000 | ||
7901 | |||
7902 | - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. | ||
7903 | |||
7904 | commit 59d928d3b47e8298f4a8b4b3fb37fb8c8ce1b098 | ||
7905 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7906 | Date: Fri May 17 15:32:29 2013 +1000 | ||
7907 | |||
7908 | - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 | ||
7909 | [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh | ||
7910 | regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh | ||
7911 | regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh | ||
7912 | regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh | ||
7913 | regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh | ||
7914 | regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh | ||
7915 | regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh | ||
7916 | regress/multiplex.sh] | ||
7917 | Move the setting of DATA and COPY into test-exec.sh | ||
7918 | |||
7919 | commit 34035be27b7ddd84706fe95c39d37cba7d5c9572 | ||
7920 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7921 | Date: Fri May 17 14:47:51 2013 +1000 | ||
7922 | |||
7923 | - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 | ||
7924 | [regress/integrity.sh] | ||
7925 | don't print output from ssh before getting it (it's available in ssh.log) | ||
7926 | |||
7927 | commit b8b96b0aa634d440feba4331c80ae4de9dda2081 | ||
7928 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7929 | Date: Fri May 17 14:46:20 2013 +1000 | ||
7930 | |||
7931 | - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 | ||
7932 | [regress/agent-timeout.sh] | ||
7933 | Pull back some portability changes from -portable: | ||
7934 | - TIMEOUT is a read-only variable in some shells | ||
7935 | - not all greps have -q so redirect to /dev/null instead. | ||
7936 | (ID sync only) | ||
7937 | |||
7938 | commit a40d97ff46831c9081a6a4472036689360847fb1 | ||
7939 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7940 | Date: Fri May 17 14:44:53 2013 +1000 | ||
7941 | |||
7942 | sync missing ID | ||
7943 | |||
7944 | commit 56347efe796a0506e846621ae65562b978e45f1d | ||
7945 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7946 | Date: Fri May 17 13:28:36 2013 +1000 | ||
7947 | |||
7948 | - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 | ||
7949 | [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh | ||
7950 | regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh | ||
7951 | regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh | ||
7952 | regress/ssh-com.sh] | ||
7953 | replace 'echo -n' with 'printf' since it's more portable | ||
7954 | also remove "echon" hack. | ||
7955 | |||
7956 | commit 91af05c5167fe0aa5bd41d2e4a83757d9f627c18 | ||
7957 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7958 | Date: Fri May 17 13:16:59 2013 +1000 | ||
7959 | |||
7960 | - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange | ||
7961 | methods. When the openssl version doesn't support ECDH then next one on | ||
7962 | the list is DH group exchange, but that causes a bit more traffic which can | ||
7963 | mean that the tests flip bits in the initial exchange rather than the MACed | ||
7964 | traffic and we get different errors to what the tests look for. | ||
7965 | |||
7966 | commit 6e1e60c3c2e16c32bb7ca0876caaa6182a4e4b2c | ||
7967 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7968 | Date: Fri May 17 11:23:41 2013 +1000 | ||
7969 | |||
7970 | - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it | ||
7971 | in portable and it's long gone in openbsd. | ||
7972 | |||
7973 | commit 982b0cbc4c2b5ea14725f4b339393cdf343dd0fe | ||
7974 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7975 | Date: Fri May 17 09:45:12 2013 +1000 | ||
7976 | |||
7977 | - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 | ||
7978 | [regress/rekey.sh] | ||
7979 | add tests for RekeyLimit parsing | ||
7980 | |||
7981 | commit 14490fe7b0f45b1b19f8a3dc10eb3d214f27f5bd | ||
7982 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7983 | Date: Fri May 17 09:44:20 2013 +1000 | ||
7984 | |||
7985 | - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 | ||
7986 | [regress/rekey.sh] | ||
7987 | add server-side rekey test | ||
7988 | |||
7989 | commit c31c8729c15f83fba14ef9da0d66bda6215ff69a | ||
7990 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7991 | Date: Fri May 17 09:43:33 2013 +1000 | ||
7992 | |||
7993 | - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 | ||
7994 | [regress/rekey.sh] | ||
7995 | test rekeying when there's no data being transferred | ||
7996 | |||
7997 | commit a8a62fcc46c19997797846197a6256ed9a777a47 | ||
7998 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7999 | Date: Fri May 17 09:42:34 2013 +1000 | ||
8000 | |||
8001 | - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 | ||
8002 | [rekey.sh] | ||
8003 | Add test for time-based rekeying | ||
8004 | |||
8005 | commit 5e95173715d516e6014485e2b6def1fb3db84036 | ||
8006 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8007 | Date: Fri May 17 09:41:33 2013 +1000 | ||
8008 | |||
8009 | - djm@cvs.openbsd.org 2013/05/10 03:46:14 | ||
8010 | [modpipe.c] | ||
8011 | sync some portability changes from portable OpenSSH (id sync only) | ||
8012 | |||
8013 | commit a4df65b9fc68a555a7d8781700475fb03ed6e694 | ||
8014 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8015 | Date: Fri May 17 09:37:31 2013 +1000 | ||
8016 | |||
8017 | - dtucker@cvs.openbsd.org 2013/04/22 07:28:53 | ||
8018 | [multiplex.sh] | ||
8019 | Add tests for -Oforward and -Ocancel for local and remote forwards | ||
8020 | |||
8021 | commit 40aaff7e4bcb05b05e3d24938b6d34885be817da | ||
8022 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8023 | Date: Fri May 17 09:36:20 2013 +1000 | ||
8024 | |||
8025 | - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 | ||
8026 | [multiplex.sh] | ||
8027 | Write mux master logs to regress.log instead of ssh.log to keep separate | ||
8028 | |||
8029 | commit f3568fc62b73b50a0a3c8447e4a00f4892cab25e | ||
8030 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8031 | Date: Fri May 17 09:35:26 2013 +1000 | ||
8032 | |||
8033 | - djm@cvs.openbsd.org 2013/04/18 02:46:12 | ||
8034 | [Makefile regress/sftp-chroot.sh] | ||
8035 | test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ | ||
8036 | |||
8037 | commit dfea3bcdd7c980c2335402464b7dd8d8721e426d | ||
8038 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8039 | Date: Fri May 17 09:31:39 2013 +1000 | ||
8040 | |||
8041 | - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 | ||
8042 | [regress/Makefile regress/rekey.sh regress/integrity.sh | ||
8043 | regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] | ||
8044 | use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and | ||
8045 | save the output from any failing tests. If a test fails the debug output | ||
8046 | from ssh and sshd for the failing tests (and only the failing tests) should | ||
8047 | be available in failed-ssh{,d}.log. | ||
8048 | |||
8049 | commit 75129025a2d504b630d1718fef0da002f5662f63 | ||
8050 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8051 | Date: Fri May 17 09:19:10 2013 +1000 | ||
8052 | |||
8053 | - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 | ||
8054 | [regress/rekey.sh regress/test-exec.sh regress/integrity.sh | ||
8055 | regress/multiplex.sh Makefile regress/cfgmatch.sh] | ||
8056 | Split the regress log into 3 parts: the debug output from ssh, the debug | ||
8057 | log from sshd and the output from the client command (ssh, scp or sftp). | ||
8058 | Somewhat functional now, will become more useful when ssh/sshd -E is added. | ||
8059 | |||
8060 | commit 7c8b1e72331293b4707dc6f7f68a69e975a3fa70 | ||
8061 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8062 | Date: Fri May 17 09:10:20 2013 +1000 | ||
8063 | |||
8064 | - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 | ||
8065 | [test-exec.sh] | ||
8066 | Only regenerate host keys if they don't exist or if ssh-keygen has changed | ||
8067 | since they were. Reduces test runtime by 5-30% depending on machine | ||
8068 | speed. | ||
8069 | |||
8070 | commit 712de4d1100963b11bc618472f95ce36bf7e2ae3 | ||
8071 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8072 | Date: Fri May 17 09:07:12 2013 +1000 | ||
8073 | |||
8074 | - djm@cvs.openbsd.org 2013/03/07 00:20:34 | ||
8075 | [regress/proxy-connect.sh] | ||
8076 | repeat test with a style appended to the username | ||
8077 | |||
8078 | commit 09c0f0325b2f538de9a1073e03b8ef26dece4c16 | ||
8079 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8080 | Date: Thu May 16 20:48:57 2013 +1000 | ||
8081 | |||
8082 | - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 | ||
8083 | [servconf.c] | ||
8084 | remove another now-unused variable | ||
8085 | |||
8086 | commit 9113d0c2381202412c912a20c8083ab7d6824ec9 | ||
8087 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8088 | Date: Thu May 16 20:48:14 2013 +1000 | ||
8089 | |||
8090 | - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 | ||
8091 | [servconf.c readconf.c] | ||
8092 | remove now-unused variables | ||
8093 | |||
8094 | commit e194ba4111ffd47cd1f4c8be1ddc8a4cb673d005 | ||
8095 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8096 | Date: Thu May 16 20:47:31 2013 +1000 | ||
8097 | |||
8098 | - (dtucker) [configure.ac readconf.c servconf.c | ||
8099 | openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. | ||
8100 | |||
8101 | commit b7ee8521448100e5b268111ff90feb017e657e44 | ||
8102 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8103 | Date: Thu May 16 20:33:10 2013 +1000 | ||
8104 | |||
8105 | - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 | ||
8106 | [readconf.c servconf.c] | ||
8107 | switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ | ||
8108 | |||
8109 | commit dbee308253931f8c1aeebf781d7e7730ff6a0dc1 | ||
8110 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8111 | Date: Thu May 16 20:32:29 2013 +1000 | ||
8112 | |||
8113 | - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 | ||
8114 | [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] | ||
8115 | Fix some "unused result" warnings found via clang and -portable. | ||
8116 | ok markus@ | ||
8117 | |||
8118 | commit 64d22946d664dad8165f1fae9e78b53831ed728d | ||
8119 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8120 | Date: Thu May 16 20:31:29 2013 +1000 | ||
8121 | |||
8122 | - jmc@cvs.openbsd.org 2013/05/16 06:30:06 | ||
8123 | [sshd_config.5] | ||
8124 | oops! avoid Xr to self; | ||
8125 | |||
8126 | commit 63e0df2b936770baadc8844617b99e5174b476d0 | ||
8127 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8128 | Date: Thu May 16 20:30:31 2013 +1000 | ||
8129 | |||
8130 | - jmc@cvs.openbsd.org 2013/05/16 06:28:45 | ||
8131 | [ssh_config.5] | ||
8132 | put IgnoreUnknown in the right place; | ||
8133 | |||
8134 | commit 0763698f71efef8b3f8460c5700758359219eb7c | ||
8135 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8136 | Date: Thu May 16 20:30:03 2013 +1000 | ||
8137 | |||
8138 | - djm@cvs.openbsd.org 2013/05/16 04:27:50 | ||
8139 | [ssh_config.5 readconf.h readconf.c] | ||
8140 | add the ability to ignore specific unrecognised ssh_config options; | ||
8141 | bz#866; ok markus@ | ||
8142 | |||
8143 | commit 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 | ||
8144 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8145 | Date: Thu May 16 20:29:28 2013 +1000 | ||
8146 | |||
8147 | - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 | ||
8148 | [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config | ||
8149 | sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing | ||
8150 | rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man | ||
8151 | page. | ||
8152 | |||
8153 | commit c53c2af173cf67fd1c26f98e7900299b1b65b6ec | ||
8154 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8155 | Date: Thu May 16 20:28:16 2013 +1000 | ||
8156 | |||
8157 | - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 | ||
8158 | [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c | ||
8159 | ssh_config.5 packet.h] | ||
8160 | Add an optional second argument to RekeyLimit in the client to allow | ||
8161 | rekeying based on elapsed time in addition to amount of traffic. | ||
8162 | with djm@ jmc@, ok djm | ||
8163 | |||
8164 | commit 64c6fceecd27e1739040b42de8f3759454260b39 | ||
8165 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8166 | Date: Thu May 16 20:27:14 2013 +1000 | ||
8167 | |||
8168 | - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 | ||
8169 | [ssh-pkcs11-helper.c] | ||
8170 | remove unused extern optarg. ok markus@ | ||
8171 | |||
8172 | commit caf00109346e4ab6bb495b0e22bc5b1e7ee22f26 | ||
8173 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8174 | Date: Thu May 16 20:26:18 2013 +1000 | ||
8175 | |||
8176 | - djm@cvs.openbsd.org 2013/05/10 04:08:01 | ||
8177 | [key.c] | ||
8178 | memleak in cert_free(), wasn't actually freeing the struct; | ||
8179 | bz#2096 from shm AT digitalsun.pl | ||
8180 | |||
8181 | commit 7e831edbf7a1b0b9aeeb08328b9fceafaad1bf22 | ||
8182 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8183 | Date: Thu May 16 20:25:40 2013 +1000 | ||
8184 | |||
8185 | add missing attribution | ||
8186 | |||
8187 | commit 54da6be320495604ddf65d10ac4cc8cf7849c533 | ||
8188 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8189 | Date: Thu May 16 20:25:04 2013 +1000 | ||
8190 | |||
8191 | - djm@cvs.openbsd.org 2013/05/10 03:40:07 | ||
8192 | [sshconnect2.c] | ||
8193 | fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from | ||
8194 | |||
8195 | commit 5d8b702d95c0dfc338726fecfbb709695afd1377 | ||
8196 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8197 | Date: Thu May 16 20:24:23 2013 +1000 | ||
8198 | |||
8199 | - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 | ||
8200 | [sftp-server.8] | ||
8201 | Reference the version of the sftp draft we actually implement. ok djm@ | ||
8202 | |||
8203 | commit 026d9db3fbe311b5a7e98d62472cb666aa559648 | ||
8204 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8205 | Date: Thu May 16 20:23:52 2013 +1000 | ||
8206 | |||
8207 | - tedu@cvs.openbsd.org 2013/04/24 16:01:46 | ||
8208 | [misc.c] | ||
8209 | remove extra parens noticed by nicm | ||
8210 | |||
8211 | commit 2ca51bf140ef2c2409fd220778529dc17c11d8fa | ||
8212 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8213 | Date: Thu May 16 20:22:46 2013 +1000 | ||
8214 | |||
8215 | - tedu@cvs.openbsd.org 2013/04/23 17:49:45 | ||
8216 | [misc.c] | ||
8217 | use xasprintf instead of a series of strlcats and strdup. ok djm | ||
8218 | |||
8219 | commit 6aa3eacc5e5f39702b6dd5b27970d9fd97bc2383 | ||
8220 | Author: Damien Miller <djm@mindrot.org> | ||
8221 | Date: Thu May 16 11:10:17 2013 +1000 | ||
8222 | |||
8223 | - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be | ||
8224 | executed if mktemp failed; bz#2105 ok dtucker@ | ||
8225 | |||
8226 | commit c54e3e0741a27119b3badd8ff92b1988b7e9bd50 | ||
8227 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8228 | Date: Fri May 10 18:53:14 2013 +1000 | ||
8229 | |||
8230 | - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so | ||
8231 | we don't get a warning on compilers that *don't* support it. Add | ||
8232 | -Wno-unknown-warning-option. Move both to the start of the list for | ||
8233 | maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. | ||
8234 | |||
8235 | commit a75d247a18a5099c60226395354eb252c097ac86 | ||
8236 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8237 | Date: Fri May 10 18:11:55 2013 +1000 | ||
8238 | |||
8239 | - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the | ||
8240 | underlying libraries support them. | ||
8241 | |||
8242 | commit 0abfb559e3f79d1f217773510d7626c3722aa3c1 | ||
8243 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8244 | Date: Fri May 10 18:08:49 2013 +1000 | ||
8245 | |||
8246 | - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c | ||
8247 | openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb | ||
8248 | in to use it when we're using our own getopt. | ||
8249 | |||
8250 | commit ccfdfceacb7e23d1479ed4cc91976c5ac6e23c56 | ||
8251 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8252 | Date: Fri May 10 16:28:55 2013 +1000 | ||
8253 | |||
8254 | - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c | ||
8255 | openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add | ||
8256 | portability code to getopt_long.c and switch over Makefile and the ugly | ||
8257 | hack in modpipe.c. Fixes bz#1448. | ||
8258 | |||
8259 | commit 39332020078aa8fd4fc28e00b336438dc64b0f5a | ||
8260 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8261 | Date: Fri May 10 15:38:11 2013 +1000 | ||
8262 | |||
8263 | - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No | ||
8264 | portability changes yet. | ||
8265 | |||
8266 | commit 35b2fe99bee4f332d1c1efa49107cdb3c67da07a | ||
8267 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8268 | Date: Fri May 10 15:35:26 2013 +1000 | ||
8269 | |||
8270 | - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to | ||
8271 | getopt.c. Preprocessed source is identical other than line numbers. | ||
8272 | |||
8273 | commit abbc7a7c02e45787d023f50a30f62d7a3e14fe9e | ||
8274 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8275 | Date: Fri May 10 13:54:23 2013 +1000 | ||
8276 | |||
8277 | - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler | ||
8278 | supports it. Mentioned by Colin Watson in bz#2100, ok djm. | ||
8279 | |||
8280 | commit bc02f163f6e882d390abfb925b47b41e13ae523b | ||
8281 | Author: Damien Miller <djm@mindrot.org> | ||
8282 | Date: Tue Apr 23 19:25:49 2013 +1000 | ||
8283 | |||
8284 | - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 | ||
8285 | [mux.c] | ||
8286 | typo in debug output: evitval->exitval | ||
8287 | |||
8288 | commit f8b894e31dc3530c7eb6d0a378848260d54f74c4 | ||
8289 | Author: Damien Miller <djm@mindrot.org> | ||
8290 | Date: Tue Apr 23 19:25:29 2013 +1000 | ||
8291 | |||
8292 | - djm@cvs.openbsd.org 2013/04/19 12:07:08 | ||
8293 | [kex.c] | ||
8294 | remove duplicated list entry pointed out by naddy@ | ||
8295 | |||
8296 | commit 34bd20a1e53b63ceb01f06c1654d9112e6784b0a | ||
8297 | Author: Damien Miller <djm@mindrot.org> | ||
8298 | Date: Tue Apr 23 19:25:00 2013 +1000 | ||
8299 | |||
8300 | - djm@cvs.openbsd.org 2013/04/19 11:10:18 | ||
8301 | [ssh.c] | ||
8302 | add -Q to usage; reminded by jmc@ | ||
8303 | |||
8304 | commit ea11119eee3c5e2429b1f5f8688b25b028fa991a | ||
8305 | Author: Damien Miller <djm@mindrot.org> | ||
8306 | Date: Tue Apr 23 19:24:32 2013 +1000 | ||
8307 | |||
8308 | - djm@cvs.openbsd.org 2013/04/19 01:06:50 | ||
8309 | [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] | ||
8310 | [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] | ||
8311 | add the ability to query supported ciphers, MACs, key type and KEX | ||
8312 | algorithms to ssh. Includes some refactoring of KEX and key type handling | ||
8313 | to be table-driven; ok markus@ | ||
8314 | |||
8315 | commit a56086b9903b62c1c4fdedf01b68338fe4dc90e4 | ||
8316 | Author: Damien Miller <djm@mindrot.org> | ||
8317 | Date: Tue Apr 23 15:24:18 2013 +1000 | ||
8318 | |||
8319 | - djm@cvs.openbsd.org 2013/04/19 01:03:01 | ||
8320 | [session.c] | ||
8321 | reintroduce 1.262 without the connection-killing bug: | ||
8322 | fatal() when ChrootDirectory specified by running without root privileges; | ||
8323 | ok markus@ | ||
8324 | |||
8325 | commit 0d6771b4648889ae5bc4235f9e3fc6cd82b710bd | ||
8326 | Author: Damien Miller <djm@mindrot.org> | ||
8327 | Date: Tue Apr 23 15:23:24 2013 +1000 | ||
8328 | |||
8329 | - djm@cvs.openbsd.org 2013/04/19 01:01:00 | ||
8330 | [ssh-keygen.c] | ||
8331 | fix some memory leaks; bz#2088 ok dtucker@ | ||
8332 | |||
8333 | commit 467b00c38ba244f9966466e57a89d003f3afb159 | ||
8334 | Author: Damien Miller <djm@mindrot.org> | ||
8335 | Date: Tue Apr 23 15:23:07 2013 +1000 | ||
8336 | |||
8337 | - djm@cvs.openbsd.org 2013/04/19 01:00:10 | ||
8338 | [sshd_config.5] | ||
8339 | document the requirment that the AuthorizedKeysCommand be owned by root; | ||
8340 | ok dtucker@ markus@ | ||
8341 | |||
8342 | commit 9303e6527bb5ca7630c765f28624702c212bfd6c | ||
8343 | Author: Damien Miller <djm@mindrot.org> | ||
8344 | Date: Tue Apr 23 15:22:40 2013 +1000 | ||
8345 | |||
8346 | - djm@cvs.openbsd.org 2013/04/18 02:16:07 | ||
8347 | [sftp.c] | ||
8348 | make "sftp -q" do what it says on the sticker: hush everything but errors; | ||
8349 | |||
8350 | commit f1a02aea35504e8bef2ed9eef6f9ddeab12bacb3 | ||
8351 | Author: Damien Miller <djm@mindrot.org> | ||
8352 | Date: Tue Apr 23 15:22:13 2013 +1000 | ||
8353 | |||
8354 | - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 | ||
8355 | [session.c] | ||
8356 | revert rev 1.262; it fails because uid is already set here. ok djm@ | ||
8357 | |||
8358 | commit d5edefd27a30768cc7a4817302e964b6cb2f9be7 | ||
8359 | Author: Damien Miller <djm@mindrot.org> | ||
8360 | Date: Tue Apr 23 15:21:39 2013 +1000 | ||
8361 | |||
8362 | - djm@cvs.openbsd.org 2013/04/11 02:27:50 | ||
8363 | [packet.c] | ||
8364 | quiet disconnect notifications on the server from error() back to logit() | ||
8365 | if it is a normal client closure; bz#2057 ok+feedback dtucker@ | ||
8366 | |||
8367 | commit 6901032b05291fc5d2bd4067fc47904de3506fda | ||
8368 | Author: Damien Miller <djm@mindrot.org> | ||
8369 | Date: Tue Apr 23 15:21:24 2013 +1000 | ||
8370 | |||
8371 | - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 | ||
8372 | [sshd.8] | ||
8373 | clarify -e text. suggested by & ok jmc@ | ||
8374 | |||
8375 | commit 03d4d7e60b16f913c75382e32e136ddfa8d6485f | ||
8376 | Author: Damien Miller <djm@mindrot.org> | ||
8377 | Date: Tue Apr 23 15:21:06 2013 +1000 | ||
8378 | |||
8379 | - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 | ||
8380 | [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] | ||
8381 | Add -E option to ssh and sshd to append debugging logs to a specified file | ||
8382 | instead of stderr or syslog. ok markus@, man page help jmc@ | ||
8383 | |||
8384 | commit 37f1c08473b1ef2a188ee178ce2e11e841f88563 | ||
8385 | Author: Damien Miller <djm@mindrot.org> | ||
8386 | Date: Tue Apr 23 15:20:43 2013 +1000 | ||
8387 | |||
8388 | - markus@cvs.openbsd.org 2013/04/06 16:07:00 | ||
8389 | [channels.c sshd.c] | ||
8390 | handle ECONNABORTED for accept(); ok deraadt some time ago... | ||
8391 | |||
8392 | commit 172859cff7df9fd8a29a1f0a4de568f644bbda50 | ||
8393 | Author: Damien Miller <djm@mindrot.org> | ||
8394 | Date: Tue Apr 23 15:19:27 2013 +1000 | ||
8395 | |||
8396 | - djm@cvs.openbsd.org 2013/04/05 00:58:51 | ||
8397 | [mux.c] | ||
8398 | cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too | ||
8399 | (in addition to ones already in OPEN); bz#2079, ok dtucker@ | ||
8400 | |||
8401 | commit 9f12b5dcd5f7772e633fb2786c63bfcbea1f1aea | ||
8402 | Author: Damien Miller <djm@mindrot.org> | ||
8403 | Date: Tue Apr 23 15:19:11 2013 +1000 | ||
8404 | |||
8405 | - djm@cvs.openbsd.org 2013/04/05 00:31:49 | ||
8406 | [pathnames.h] | ||
8407 | use the existing _PATH_SSH_USER_RC define to construct the other | ||
8408 | pathnames; bz#2077, ok dtucker@ (no binary change) | ||
8409 | |||
8410 | commit d677ad14ff7efedf21745ee1694058350e758e18 | ||
8411 | Author: Damien Miller <djm@mindrot.org> | ||
8412 | Date: Tue Apr 23 15:18:51 2013 +1000 | ||
8413 | |||
8414 | - djm@cvs.openbsd.org 2013/04/05 00:14:00 | ||
8415 | [auth2-gss.c krl.c sshconnect2.c] | ||
8416 | hush some {unused, printf type} warnings | ||
8417 | |||
8418 | commit 508b6c3d3b95c8ec078fd4801368597ab29b2db9 | ||
8419 | Author: Damien Miller <djm@mindrot.org> | ||
8420 | Date: Tue Apr 23 15:18:28 2013 +1000 | ||
8421 | |||
8422 | - djm@cvs.openbsd.org 2013/03/08 06:32:58 | ||
8423 | [ssh.c] | ||
8424 | allow "ssh -f none ..." ok markus@ | ||
8425 | |||
8426 | commit 91a55f28f35431f9000b95815c343b5a18fda712 | ||
8427 | Author: Damien Miller <djm@mindrot.org> | ||
8428 | Date: Tue Apr 23 15:18:10 2013 +1000 | ||
8429 | |||
8430 | - markus@cvs.openbsd.org 2013/03/07 19:27:25 | ||
8431 | [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] | ||
8432 | add submethod support to AuthenticationMethods; ok and freedback djm@ | ||
8433 | |||
8434 | commit 4ce189d9108c62090a0dd5dea973d175328440db | ||
8435 | Author: Damien Miller <djm@mindrot.org> | ||
8436 | Date: Tue Apr 23 15:17:52 2013 +1000 | ||
8437 | |||
8438 | - djm@cvs.openbsd.org 2013/03/07 00:19:59 | ||
8439 | [auth2-pubkey.c monitor.c] | ||
8440 | reconstruct the original username that was sent by the client, which may | ||
8441 | have included a style (e.g. "root:skey") when checking public key | ||
8442 | signatures. Fixes public key and hostbased auth when the client specified | ||
8443 | a style; ok markus@ | ||
8444 | |||
8445 | commit 5cbec4c25954b184e43bf3d3ac09e65eb474f5f9 | ||
8446 | Author: Damien Miller <djm@mindrot.org> | ||
8447 | Date: Tue Apr 23 15:17:12 2013 +1000 | ||
8448 | |||
8449 | - djm@cvs.openbsd.org 2013/03/06 23:36:53 | ||
8450 | [readconf.c] | ||
8451 | g/c unused variable (-Wunused) | ||
8452 | |||
8453 | commit 998cc56b65682d490c9bbf5977dceb1aa84a0233 | ||
8454 | Author: Damien Miller <djm@mindrot.org> | ||
8455 | Date: Tue Apr 23 15:16:43 2013 +1000 | ||
8456 | |||
8457 | - djm@cvs.openbsd.org 2013/03/06 23:35:23 | ||
8458 | [session.c] | ||
8459 | fatal() when ChrootDirectory specified by running without root privileges; | ||
8460 | ok markus@ | ||
8461 | |||
8462 | commit 62e9c4f9b6027620f9091a2f43328e057bdb33f1 | ||
8463 | Author: Damien Miller <djm@mindrot.org> | ||
8464 | Date: Tue Apr 23 15:15:49 2013 +1000 | ||
8465 | |||
8466 | - (djm) OpenBSD CVS Sync | ||
8467 | - markus@cvs.openbsd.org 2013/03/05 20:16:09 | ||
8468 | [sshconnect2.c] | ||
8469 | reset pubkey order on partial success; ok djm@ | ||
8470 | |||
8471 | commit 6332da2ae88db623d7da8070dd807efa26d9dfe8 | ||
8472 | Author: Damien Miller <djm@mindrot.org> | ||
8473 | Date: Tue Apr 23 14:25:52 2013 +1000 | ||
8474 | |||
8475 | - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support | ||
8476 | platforms, such as Android, that lack struct passwd.pw_gecos. Report | ||
8477 | and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ | ||
8478 | |||
8479 | commit ce1c9574fcfaf753a062276867335c1e237f725c | ||
8480 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8481 | Date: Thu Apr 18 21:36:19 2013 +1000 | ||
8482 | |||
8483 | - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from | ||
8484 | unused argument warnings (in particular, -fno-builtin-memset) from clang. | ||
8485 | |||
8486 | commit bc68f2451b836e6a3fa65df8774a8b1f10049ded | ||
8487 | Author: Damien Miller <djm@mindrot.org> | ||
8488 | Date: Thu Apr 18 11:26:25 2013 +1000 | ||
8489 | |||
8490 | - (djm) [config.guess config.sub] Update to last versions before they switch | ||
8491 | to GPL3. ok dtucker@ | ||
8492 | |||
8493 | commit 15fd19c4c9943cf02bc6f462d52c86ee6a8f422e | ||
8494 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8495 | Date: Fri Apr 5 11:22:26 2013 +1100 | ||
8496 | |||
8497 | - djm@cvs.openbsd.org 2013/02/22 22:09:01 | ||
8498 | [ssh.c] | ||
8499 | Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier | ||
8500 | version) | ||
8501 | |||
8502 | commit 5d1d9541a7c83963cd887b6b36e25b46463a05d4 | ||
8503 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8504 | Date: Fri Apr 5 11:20:00 2013 +1100 | ||
8505 | |||
8506 | - markus@cvs.openbsd.org 2013/02/22 19:13:56 | ||
8507 | [sshconnect.c] | ||
8508 | support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ | ||
8509 | |||
8510 | commit aefa3682431f59cf1ad9a0f624114b135135aa44 | ||
8511 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8512 | Date: Fri Apr 5 11:18:35 2013 +1100 | ||
8513 | |||
8514 | - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 | ||
8515 | [ssh.c readconf.c readconf.h] | ||
8516 | Don't complain if IdentityFiles specified in system-wide configs are | ||
8517 | missing. ok djm, deraadt | ||
8518 | |||
8519 | commit f3c38142435622d056582e851579d8647a233c7f | ||
8520 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8521 | Date: Fri Apr 5 11:16:52 2013 +1100 | ||
8522 | |||
8523 | - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 | ||
8524 | [krl.c] | ||
8525 | Remove bogus include. ok djm | ||
8526 | (id sync only) | ||
8527 | |||
8528 | commit 1910478c2d2c3d0e1edacaeff21ed388d70759e9 | ||
8529 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8530 | Date: Fri Apr 5 11:13:08 2013 +1100 | ||
8531 | |||
8532 | - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 | ||
8533 | [readconf.c ssh.c readconf.h sshconnect2.c] | ||
8534 | Keep track of which IndentityFile options were manually supplied and which | ||
8535 | were default options, and don't warn if the latter are missing. | ||
8536 | ok markus@ | ||
8537 | |||
8538 | commit c9627cdbc65b25da943f24e6a953da899f08eefc | ||
8539 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8540 | Date: Mon Apr 1 12:40:48 2013 +1100 | ||
8541 | |||
8542 | - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h | ||
8543 | to avoid conflicting definitions of __int64, adding the required bits. | ||
8544 | Patch from Corinna Vinschen. | ||
8545 | |||
8546 | commit 75db01d2ce29a85f8e5a2aff2011446896cf3f8a | ||
8547 | Author: Tim Rice <tim@multitalents.net> | ||
8548 | Date: Fri Mar 22 10:14:32 2013 -0700 | ||
8549 | |||
8550 | - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. | ||
8551 | |||
8552 | commit 221b4b2436ac78a65c3b775c25ccd396a1fed208 | ||
8553 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8554 | Date: Fri Mar 22 12:51:09 2013 +1100 | ||
8555 | |||
8556 | - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before | ||
8557 | defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. | ||
8558 | |||
8559 | commit c8a0f27c6d761d1335d13ed84d773e9ddf1d95c8 | ||
8560 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8561 | Date: Fri Mar 22 12:49:14 2013 +1100 | ||
8562 | |||
8563 | - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. | ||
8564 | |||
8565 | commit eed8dc261018aea4d6b8606ca3addc9f8cf9ed1e | ||
8566 | Author: Damien Miller <djm@mindrot.org> | ||
8567 | Date: Fri Mar 22 10:25:22 2013 +1100 | ||
8568 | |||
8569 | - (djm) Release 6.2p1 | ||
8570 | |||
8571 | commit 83efe7c86168cc07b8e6cc6df6b54f7ace3b64a3 | ||
8572 | Author: Damien Miller <djm@mindrot.org> | ||
8573 | Date: Fri Mar 22 10:17:36 2013 +1100 | ||
8574 | |||
8575 | - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil | ||
8576 | Hands' greatly revised version. | ||
8577 | |||
8578 | commit 63b4bcd04e1c57b77eabb4e4d359508a4b2af685 | ||
8579 | Author: Damien Miller <djm@mindrot.org> | ||
8580 | Date: Wed Mar 20 12:55:14 2013 +1100 | ||
8581 | |||
8582 | - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] | ||
8583 | [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's | ||
8584 | so mark it as broken. Patch from des AT des.no | ||