diff options
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 3428 |
1 files changed, 685 insertions, 2743 deletions
@@ -1,3 +1,688 @@ | |||
1 | 20110122 | ||
2 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add | ||
3 | RSA_get_default_method() for the benefit of openssl versions that don't | ||
4 | have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott, | ||
5 | ok djm@. | ||
6 | - OpenBSD CVS Sync | ||
7 | - djm@cvs.openbsd.org 2011/01/22 09:18:53 | ||
8 | [version.h] | ||
9 | crank to OpenSSH-5.7 | ||
10 | - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
11 | [contrib/suse/openssh.spec] update versions in docs and spec files. | ||
12 | - (djm) Release 5.7p1 | ||
13 | |||
14 | 20110119 | ||
15 | - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead | ||
16 | of RPM so build completes. Signatures were changed to .asc since 4.1p1. | ||
17 | - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to | ||
18 | 0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre- | ||
19 | release testing (random crashes and failure to load ECC keys). | ||
20 | ok dtucker@ | ||
21 | |||
22 | 20110117 | ||
23 | - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in | ||
24 | $PATH, fix cleanup of droppings; reported by openssh AT | ||
25 | roumenpetrov.info; ok dtucker@ | ||
26 | - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding | ||
27 | its unique snowflake of a gdb error to the ones we look for. | ||
28 | - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running | ||
29 | ssh-add to avoid $SUDO failures on Linux | ||
30 | - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new | ||
31 | Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback | ||
32 | to the old values. Feedback from vapier at gentoo org and djm, ok djm. | ||
33 | - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh] | ||
34 | [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are | ||
35 | disabled on platforms that do not support them; add a "config_defined()" | ||
36 | shell function that greps for defines in config.h and use them to decide | ||
37 | on feature tests. | ||
38 | Convert a couple of existing grep's over config.h to use the new function | ||
39 | Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent | ||
40 | backslash characters in filenames, enable it for Cygwin and use it to turn | ||
41 | of tests for quotes backslashes in sftp-glob.sh. | ||
42 | based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@ | ||
43 | - (tim) [regress/agent-getpeereid.sh] shell portability fix. | ||
44 | - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on | ||
45 | the tinderbox. | ||
46 | - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h | ||
47 | configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem | ||
48 | support, based on patches from Tomas Mraz and jchadima at redhat. | ||
49 | |||
50 | 20110116 | ||
51 | - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based | ||
52 | on configurations that don't have it. | ||
53 | - OpenBSD CVS Sync | ||
54 | - djm@cvs.openbsd.org 2011/01/16 11:50:05 | ||
55 | [clientloop.c] | ||
56 | Use atomicio when flushing protocol 1 std{out,err} buffers at | ||
57 | session close. This was a latent bug exposed by setting a SIGCHLD | ||
58 | handler and spotted by kevin.brott AT gmail.com; ok dtucker@ | ||
59 | - djm@cvs.openbsd.org 2011/01/16 11:50:36 | ||
60 | [sshconnect.c] | ||
61 | reset the SIGPIPE handler when forking to execute child processes; | ||
62 | ok dtucker@ | ||
63 | - djm@cvs.openbsd.org 2011/01/16 12:05:59 | ||
64 | [clientloop.c] | ||
65 | a couple more tweaks to the post-close protocol 1 stderr/stdout flush: | ||
66 | now that we use atomicio(), convert them from while loops to if statements | ||
67 | add test and cast to compile cleanly with -Wsigned | ||
68 | |||
69 | 20110114 | ||
70 | - OpenBSD CVS Sync | ||
71 | - djm@cvs.openbsd.org 2011/01/13 21:54:53 | ||
72 | [mux.c] | ||
73 | correct error messages; patch from bert.wesarg AT googlemail.com | ||
74 | - djm@cvs.openbsd.org 2011/01/13 21:55:25 | ||
75 | [PROTOCOL.mux] | ||
76 | correct protocol names and add a couple of missing protocol number | ||
77 | defines; patch from bert.wesarg AT googlemail.com | ||
78 | - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in | ||
79 | host-key-force target rather than a substitution that is replaced with a | ||
80 | comment so that the Makefile.in is still a syntactically valid Makefile | ||
81 | (useful to run the distprep target) | ||
82 | - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name. | ||
83 | - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some | ||
84 | ecdsa bits. | ||
85 | |||
86 | 20110113 | ||
87 | - (djm) [misc.c] include time.h for nanosleep() prototype | ||
88 | - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm | ||
89 | - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating | ||
90 | ecdsa keys. ok djm. | ||
91 | - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid | ||
92 | gcc warning on platforms where it defaults to int | ||
93 | - (djm) [regress/Makefile] add a few more generated files to the clean | ||
94 | target | ||
95 | - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad | ||
96 | #define that was causing diffie-hellman-group-exchange-sha256 to be | ||
97 | incorrectly disabled | ||
98 | - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256 | ||
99 | should not depend on ECC support | ||
100 | |||
101 | 20110112 | ||
102 | - OpenBSD CVS Sync | ||
103 | - nicm@cvs.openbsd.org 2010/10/08 21:48:42 | ||
104 | [openbsd-compat/glob.c] | ||
105 | Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit | ||
106 | from ARG_MAX to 64K. | ||
107 | Fixes glob-using programs (notably ftp) able to be triggered to hit | ||
108 | resource limits. | ||
109 | Idea from a similar NetBSD change, original problem reported by jasper@. | ||
110 | ok millert tedu jasper | ||
111 | - djm@cvs.openbsd.org 2011/01/12 01:53:14 | ||
112 | avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS | ||
113 | and sanity check arguments (these will be unnecessary when we switch | ||
114 | struct glob members from being type into to size_t in the future); | ||
115 | "looks ok" tedu@ feedback guenther@ | ||
116 | - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid | ||
117 | silly warnings on write() calls we don't care succeed or not. | ||
118 | - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler | ||
119 | flag tests that don't depend on gcc version at all; suggested by and | ||
120 | ok dtucker@ | ||
121 | |||
122 | 20110111 | ||
123 | - (tim) [regress/host-expand.sh] Fix for building outside of read only | ||
124 | source tree. | ||
125 | - (djm) [platform.c] Some missing includes that show up under -Werror | ||
126 | - OpenBSD CVS Sync | ||
127 | - djm@cvs.openbsd.org 2011/01/08 10:51:51 | ||
128 | [clientloop.c] | ||
129 | use host and not options.hostname, as the latter may have unescaped | ||
130 | substitution characters | ||
131 | - djm@cvs.openbsd.org 2011/01/11 06:06:09 | ||
132 | [sshlogin.c] | ||
133 | fd leak on error paths; from zinovik@ | ||
134 | NB. Id sync only; we use loginrec.c that was also audited and fixed | ||
135 | recently | ||
136 | - djm@cvs.openbsd.org 2011/01/11 06:13:10 | ||
137 | [clientloop.c ssh-keygen.c sshd.c] | ||
138 | some unsigned long long casts that make things a bit easier for | ||
139 | portable without resorting to dropping PRIu64 formats everywhere | ||
140 | |||
141 | 20110109 | ||
142 | - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by | ||
143 | openssh AT roumenpetrov.info | ||
144 | |||
145 | 20110108 | ||
146 | - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress | ||
147 | test on OSX and others. Reported by imorgan AT nas.nasa.gov | ||
148 | |||
149 | 20110107 | ||
150 | - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test | ||
151 | for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com | ||
152 | - djm@cvs.openbsd.org 2011/01/06 22:23:53 | ||
153 | [ssh.c] | ||
154 | unbreak %n expansion in LocalCommand; patch from bert.wesarg AT | ||
155 | googlemail.com; ok markus@ | ||
156 | - djm@cvs.openbsd.org 2011/01/06 22:23:02 | ||
157 | [clientloop.c] | ||
158 | when exiting due to ServerAliveTimeout, mention the hostname that caused | ||
159 | it (useful with backgrounded controlmaster) | ||
160 | - djm@cvs.openbsd.org 2011/01/06 22:46:21 | ||
161 | [regress/Makefile regress/host-expand.sh] | ||
162 | regress test for LocalCommand %n expansion from bert.wesarg AT | ||
163 | googlemail.com; ok markus@ | ||
164 | - djm@cvs.openbsd.org 2011/01/06 23:01:35 | ||
165 | [sshconnect.c] | ||
166 | reset SIGCHLD handler to SIG_DFL when execuring LocalCommand; | ||
167 | ok markus@ | ||
168 | |||
169 | 20110106 | ||
170 | - (djm) OpenBSD CVS Sync | ||
171 | - markus@cvs.openbsd.org 2010/12/08 22:46:03 | ||
172 | [scp.1 scp.c] | ||
173 | add a new -3 option to scp: Copies between two remote hosts are | ||
174 | transferred through the local host. Without this option the data | ||
175 | is copied directly between the two remote hosts. ok djm@ (bugzilla #1837) | ||
176 | - jmc@cvs.openbsd.org 2010/12/09 14:13:33 | ||
177 | [scp.1 scp.c] | ||
178 | scp.1: grammer fix | ||
179 | scp.c: add -3 to usage() | ||
180 | - markus@cvs.openbsd.org 2010/12/14 11:59:06 | ||
181 | [sshconnect.c] | ||
182 | don't mention key type in key-changed-warning, since we also print | ||
183 | this warning if a new key type appears. ok djm@ | ||
184 | - djm@cvs.openbsd.org 2010/12/15 00:49:27 | ||
185 | [readpass.c] | ||
186 | fix ControlMaster=ask regression | ||
187 | reset SIGCHLD handler before fork (and restore it after) so we don't miss | ||
188 | the the askpass child's exit status. Correct test for exit status/signal to | ||
189 | account for waitpid() failure; with claudio@ ok claudio@ markus@ | ||
190 | - djm@cvs.openbsd.org 2010/12/24 21:41:48 | ||
191 | [auth-options.c] | ||
192 | don't send the actual forced command in a debug message; ok markus deraadt | ||
193 | - otto@cvs.openbsd.org 2011/01/04 20:44:13 | ||
194 | [ssh-keyscan.c] | ||
195 | handle ecdsa-sha2 with various key lengths; hint and ok djm@ | ||
196 | |||
197 | 20110104 | ||
198 | - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage | ||
199 | formatter if it is present, followed by nroff and groff respectively. | ||
200 | Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports | ||
201 | in favour of mandoc). feedback and ok tim | ||
202 | |||
203 | 20110103 | ||
204 | - (djm) [Makefile.in] revert local hack I didn't intend to commit | ||
205 | |||
206 | 20110102 | ||
207 | - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker | ||
208 | - (djm) [configure.ac] Check whether libdes is needed when building | ||
209 | with Heimdal krb5 support. On OpenBSD this library no longer exists, | ||
210 | so linking it unconditionally causes a build failure; ok dtucker | ||
211 | |||
212 | 20101226 | ||
213 | - (dtucker) OpenBSD CVS Sync | ||
214 | - djm@cvs.openbsd.org 2010/12/08 04:02:47 | ||
215 | [ssh_config.5 sshd_config.5] | ||
216 | explain that IPQoS arguments are separated by whitespace; iirc requested | ||
217 | by jmc@ a while back | ||
218 | |||
219 | 20101205 | ||
220 | - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from | ||
221 | debugging. Spotted by djm. | ||
222 | - (dtucker) OpenBSD CVS Sync | ||
223 | - djm@cvs.openbsd.org 2010/12/03 23:49:26 | ||
224 | [schnorr.c] | ||
225 | check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao | ||
226 | (this code is still disabled, but apprently people are treating it as | ||
227 | a reference implementation) | ||
228 | - djm@cvs.openbsd.org 2010/12/03 23:55:27 | ||
229 | [auth-rsa.c] | ||
230 | move check for revoked keys to run earlier (in auth_rsa_key_allowed) | ||
231 | bz#1829; patch from ldv AT altlinux.org; ok markus@ | ||
232 | - djm@cvs.openbsd.org 2010/12/04 00:18:01 | ||
233 | [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c] | ||
234 | add a protocol extension to support a hard link operation. It is | ||
235 | available through the "ln" command in the client. The old "ln" | ||
236 | behaviour of creating a symlink is available using its "-s" option | ||
237 | or through the preexisting "symlink" command; based on a patch from | ||
238 | miklos AT szeredi.hu in bz#1555; ok markus@ | ||
239 | - djm@cvs.openbsd.org 2010/12/04 13:31:37 | ||
240 | [hostfile.c] | ||
241 | fix fd leak; spotted and ok dtucker | ||
242 | - djm@cvs.openbsd.org 2010/12/04 00:21:19 | ||
243 | [regress/sftp-cmds.sh] | ||
244 | adjust for hard-link support | ||
245 | - (dtucker) [regress/Makefile] Id sync. | ||
246 | |||
247 | 20101204 | ||
248 | - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range) | ||
249 | instead of (arc4random() % range) | ||
250 | - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add | ||
251 | shims for the new, non-deprecated OpenSSL key generation functions for | ||
252 | platforms that don't have the new interfaces. | ||
253 | |||
254 | 20101201 | ||
255 | - OpenBSD CVS Sync | ||
256 | - deraadt@cvs.openbsd.org 2010/11/20 05:12:38 | ||
257 | [auth2-pubkey.c] | ||
258 | clean up cases of ;; | ||
259 | - djm@cvs.openbsd.org 2010/11/21 01:01:13 | ||
260 | [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c] | ||
261 | honour $TMPDIR for client xauth and ssh-agent temporary directories; | ||
262 | feedback and ok markus@ | ||
263 | - djm@cvs.openbsd.org 2010/11/21 10:57:07 | ||
264 | [authfile.c] | ||
265 | Refactor internals of private key loading and saving to work on memory | ||
266 | buffers rather than directly on files. This will make a few things | ||
267 | easier to do in the future; ok markus@ | ||
268 | - djm@cvs.openbsd.org 2010/11/23 02:35:50 | ||
269 | [auth.c] | ||
270 | use strict_modes already passed as function argument over referencing | ||
271 | global options.strict_modes | ||
272 | - djm@cvs.openbsd.org 2010/11/23 23:57:24 | ||
273 | [clientloop.c] | ||
274 | avoid NULL deref on receiving a channel request on an unknown or invalid | ||
275 | channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@ | ||
276 | - djm@cvs.openbsd.org 2010/11/24 01:24:14 | ||
277 | [channels.c] | ||
278 | remove a debug() that pollutes stderr on client connecting to a server | ||
279 | in debug mode (channel_close_fds is called transitively from the session | ||
280 | code post-fork); bz#1719, ok dtucker | ||
281 | - djm@cvs.openbsd.org 2010/11/25 04:10:09 | ||
282 | [session.c] | ||
283 | replace close() loop for fds 3->64 with closefrom(); | ||
284 | ok markus deraadt dtucker | ||
285 | - djm@cvs.openbsd.org 2010/11/26 05:52:49 | ||
286 | [scp.c] | ||
287 | Pass through ssh command-line flags and options when doing remote-remote | ||
288 | transfers, e.g. to enable agent forwarding which is particularly useful | ||
289 | in this case; bz#1837 ok dtucker@ | ||
290 | - markus@cvs.openbsd.org 2010/11/29 18:57:04 | ||
291 | [authfile.c] | ||
292 | correctly load comment for encrypted rsa1 keys; | ||
293 | report/fix Joachim Schipper; ok djm@ | ||
294 | - djm@cvs.openbsd.org 2010/11/29 23:45:51 | ||
295 | [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c] | ||
296 | [sshconnect.h sshconnect2.c] | ||
297 | automatically order the hostkeys requested by the client based on | ||
298 | which hostkeys are already recorded in known_hosts. This avoids | ||
299 | hostkey warnings when connecting to servers with new ECDSA keys | ||
300 | that are preferred by default; with markus@ | ||
301 | |||
302 | 20101124 | ||
303 | - (dtucker) [platform.c session.c] Move the getluid call out of session.c and | ||
304 | into the platform-specific code Only affects SCO, tested by and ok tim@. | ||
305 | - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow | ||
306 | group read/write. ok dtucker@ | ||
307 | - (dtucker) [packet.c] Remove redundant local declaration of "int tos". | ||
308 | - (djm) [defines.h] Add IP DSCP defines | ||
309 | |||
310 | 20101122 | ||
311 | - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch | ||
312 | from vapier at gentoo org. | ||
313 | |||
314 | 20101120 | ||
315 | - OpenBSD CVS Sync | ||
316 | - djm@cvs.openbsd.org 2010/11/05 02:46:47 | ||
317 | [packet.c] | ||
318 | whitespace KNF | ||
319 | - djm@cvs.openbsd.org 2010/11/10 01:33:07 | ||
320 | [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c] | ||
321 | use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. | ||
322 | these have been around for years by this time. ok markus | ||
323 | - djm@cvs.openbsd.org 2010/11/13 23:27:51 | ||
324 | [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] | ||
325 | [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] | ||
326 | allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of | ||
327 | hardcoding lowdelay/throughput. | ||
328 | |||
329 | bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@ | ||
330 | - jmc@cvs.openbsd.org 2010/11/15 07:40:14 | ||
331 | [ssh_config.5] | ||
332 | libary -> library; | ||
333 | - jmc@cvs.openbsd.org 2010/11/18 15:01:00 | ||
334 | [scp.1 sftp.1 ssh.1 sshd_config.5] | ||
335 | add IPQoS to the various -o lists, and zap some trailing whitespace; | ||
336 | |||
337 | 20101111 | ||
338 | - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on | ||
339 | platforms that don't support ECC. Fixes some spurious warnings reported | ||
340 | by tim@ | ||
341 | |||
342 | 20101109 | ||
343 | - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin. | ||
344 | Feedback from dtucker@ | ||
345 | - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add | ||
346 | support for platforms missing isblank(). ok djm@ | ||
347 | |||
348 | 20101108 | ||
349 | - (tim) [regress/Makefile] Fixes to allow building/testing outside source | ||
350 | tree. | ||
351 | - (tim) [regress/kextype.sh] Shell portability fix. | ||
352 | |||
353 | 20101107 | ||
354 | - (dtucker) [platform.c] includes.h instead of defines.h so that we get | ||
355 | the correct typedefs. | ||
356 | |||
357 | 20101105 | ||
358 | - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of | ||
359 | int. Should fix bz#1817 cleanly; ok dtucker@ | ||
360 | - OpenBSD CVS Sync | ||
361 | - djm@cvs.openbsd.org 2010/09/22 12:26:05 | ||
362 | [regress/Makefile regress/kextype.sh] | ||
363 | regress test for each of the key exchange algorithms that we support | ||
364 | - djm@cvs.openbsd.org 2010/10/28 11:22:09 | ||
365 | [authfile.c key.c key.h ssh-keygen.c] | ||
366 | fix a possible NULL deref on loading a corrupt ECDH key | ||
367 | |||
368 | store ECDH group information in private keys files as "named groups" | ||
369 | rather than as a set of explicit group parameters (by setting | ||
370 | the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and | ||
371 | retrieves the group's OpenSSL NID that we need for various things. | ||
372 | - jmc@cvs.openbsd.org 2010/10/28 18:33:28 | ||
373 | [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] | ||
374 | knock out some "-*- nroff -*-" lines; | ||
375 | - djm@cvs.openbsd.org 2010/11/04 02:45:34 | ||
376 | [sftp-server.c] | ||
377 | umask should be parsed as octal. reported by candland AT xmission.com; | ||
378 | ok markus@ | ||
379 | - (dtucker) [configure.ac platform.{c,h} session.c | ||
380 | openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. | ||
381 | Patch from cory.erickson at csu mnscu edu with a bit of rework from me. | ||
382 | ok djm@ | ||
383 | - (dtucker) [platform.c platform.h session.c] Add a platform hook to run | ||
384 | after the user's groups are established and move the selinux calls into it. | ||
385 | - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into | ||
386 | platform.c | ||
387 | - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. | ||
388 | - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to | ||
389 | retain previous behavior. | ||
390 | - (dtucker) [platform.c session.c] Move the PAM credential establishment for | ||
391 | the LOGIN_CAP case into platform.c. | ||
392 | - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into | ||
393 | platform.c | ||
394 | - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c. | ||
395 | - (dtucker) [platform.c session.c] Move irix setusercontext fragment into | ||
396 | platform.c. | ||
397 | - (dtucker) [platform.c session.c] Move PAM credential establishment for the | ||
398 | non-LOGIN_CAP case into platform.c. | ||
399 | - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case | ||
400 | check into platform.c | ||
401 | - (dtucker) [regress/keytype.sh] Import new test. | ||
402 | - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh] | ||
403 | Import recent changes to regress/Makefile, pass a flag to enable ECC tests | ||
404 | from configure through to regress/Makefile and use it in the tests. | ||
405 | - (dtucker) [regress/kextype.sh] Add missing "test". | ||
406 | - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not | ||
407 | strictly correct since while ECC requires sha256 the reverse is not true | ||
408 | however it does prevent spurious test failures. | ||
409 | - (dtucker) [platform.c] Need servconf.h and extern options. | ||
410 | |||
411 | 20101025 | ||
412 | - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with | ||
413 | 1.12 to unbreak Solaris build. | ||
414 | ok djm@ | ||
415 | - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a | ||
416 | native one. | ||
417 | |||
418 | 20101024 | ||
419 | - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build. | ||
420 | - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms | ||
421 | which don't have ECC support in libcrypto. | ||
422 | - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms | ||
423 | which don't have ECC support in libcrypto. | ||
424 | - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't | ||
425 | have it. | ||
426 | - (dtucker) OpenBSD CVS Sync | ||
427 | - sthen@cvs.openbsd.org 2010/10/23 22:06:12 | ||
428 | [sftp.c] | ||
429 | escape '[' in filename tab-completion; fix a type while there. | ||
430 | ok djm@ | ||
431 | |||
432 | 20101021 | ||
433 | - OpenBSD CVS Sync | ||
434 | - dtucker@cvs.openbsd.org 2010/10/12 02:22:24 | ||
435 | [mux.c] | ||
436 | Typo in confirmation message. bz#1827, patch from imorgan at | ||
437 | nas nasa gov | ||
438 | - djm@cvs.openbsd.org 2010/08/31 12:24:09 | ||
439 | [regress/cert-hostkey.sh regress/cert-userkey.sh] | ||
440 | tests for ECDSA certificates | ||
441 | |||
442 | 20101011 | ||
443 | - (djm) [canohost.c] Zero a4 instead of addr to better match type. | ||
444 | bz#1825, reported by foo AT mailinator.com | ||
445 | - (djm) [sshconnect.c] Need signal.h for prototype for kill(2) | ||
446 | |||
447 | 20101011 | ||
448 | - (djm) [configure.ac] Use = instead of == in shell tests. Patch from | ||
449 | dr AT vasco.com | ||
450 | |||
451 | 20101007 | ||
452 | - (djm) [ssh-agent.c] Fix type for curve name. | ||
453 | - (djm) OpenBSD CVS Sync | ||
454 | - matthew@cvs.openbsd.org 2010/09/24 13:33:00 | ||
455 | [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h] | ||
456 | [openbsd-compat/timingsafe_bcmp.c] | ||
457 | Add timingsafe_bcmp(3) to libc, mention that it's already in the | ||
458 | kernel in kern(9), and remove it from OpenSSH. | ||
459 | ok deraadt@, djm@ | ||
460 | NB. re-added under openbsd-compat/ for portable OpenSSH | ||
461 | - djm@cvs.openbsd.org 2010/09/25 09:30:16 | ||
462 | [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h] | ||
463 | make use of new glob(3) GLOB_KEEPSTAT extension to save extra server | ||
464 | rountrips to fetch per-file stat(2) information. | ||
465 | NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to | ||
466 | match. | ||
467 | - djm@cvs.openbsd.org 2010/09/26 22:26:33 | ||
468 | [sftp.c] | ||
469 | when performing an "ls" in columnated (short) mode, only call | ||
470 | ioctl(TIOCGWINSZ) once to get the window width instead of per- | ||
471 | filename | ||
472 | - djm@cvs.openbsd.org 2010/09/30 11:04:51 | ||
473 | [servconf.c] | ||
474 | prevent free() of string in .rodata when overriding AuthorizedKeys in | ||
475 | a Match block; patch from rein AT basefarm.no | ||
476 | - djm@cvs.openbsd.org 2010/10/01 23:05:32 | ||
477 | [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h] | ||
478 | adapt to API changes in openssl-1.0.0a | ||
479 | NB. contains compat code to select correct API for older OpenSSL | ||
480 | - djm@cvs.openbsd.org 2010/10/05 05:13:18 | ||
481 | [sftp.c sshconnect.c] | ||
482 | use default shell /bin/sh if $SHELL is ""; ok markus@ | ||
483 | - djm@cvs.openbsd.org 2010/10/06 06:39:28 | ||
484 | [clientloop.c ssh.c sshconnect.c sshconnect.h] | ||
485 | kill proxy command on fatal() (we already kill it on clean exit); | ||
486 | ok markus@ | ||
487 | - djm@cvs.openbsd.org 2010/10/06 21:10:21 | ||
488 | [sshconnect.c] | ||
489 | swapped args to kill(2) | ||
490 | - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code. | ||
491 | - (djm) [cipher-acss.c] Add missing header. | ||
492 | - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp | ||
493 | |||
494 | 20100924 | ||
495 | - (djm) OpenBSD CVS Sync | ||
496 | - naddy@cvs.openbsd.org 2010/09/10 15:19:29 | ||
497 | [ssh-keygen.1] | ||
498 | * mention ECDSA in more places | ||
499 | * less repetition in FILES section | ||
500 | * SSHv1 keys are still encrypted with 3DES | ||
501 | help and ok jmc@ | ||
502 | - djm@cvs.openbsd.org 2010/09/11 21:44:20 | ||
503 | [ssh.1] | ||
504 | mention RFC 5656 for ECC stuff | ||
505 | - jmc@cvs.openbsd.org 2010/09/19 21:30:05 | ||
506 | [sftp.1] | ||
507 | more wacky macro fixing; | ||
508 | - djm@cvs.openbsd.org 2010/09/20 04:41:47 | ||
509 | [ssh.c] | ||
510 | install a SIGCHLD handler to reap expiried child process; ok markus@ | ||
511 | - djm@cvs.openbsd.org 2010/09/20 04:50:53 | ||
512 | [jpake.c schnorr.c] | ||
513 | check that received values are smaller than the group size in the | ||
514 | disabled and unfinished J-PAKE code. | ||
515 | avoids catastrophic security failure found by Sebastien Martini | ||
516 | - djm@cvs.openbsd.org 2010/09/20 04:54:07 | ||
517 | [jpake.c] | ||
518 | missing #include | ||
519 | - djm@cvs.openbsd.org 2010/09/20 07:19:27 | ||
520 | [mux.c] | ||
521 | "atomically" create the listening mux socket by binding it on a temorary | ||
522 | name and then linking it into position after listen() has succeeded. | ||
523 | this allows the mux clients to determine that the server socket is | ||
524 | either ready or stale without races. stale server sockets are now | ||
525 | automatically removed | ||
526 | ok deraadt | ||
527 | - djm@cvs.openbsd.org 2010/09/22 05:01:30 | ||
528 | [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h] | ||
529 | [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5] | ||
530 | add a KexAlgorithms knob to the client and server configuration to allow | ||
531 | selection of which key exchange methods are used by ssh(1) and sshd(8) | ||
532 | and their order of preference. | ||
533 | ok markus@ | ||
534 | - jmc@cvs.openbsd.org 2010/09/22 08:30:08 | ||
535 | [ssh.1 ssh_config.5] | ||
536 | ssh.1: add kexalgorithms to the -o list | ||
537 | ssh_config.5: format the kexalgorithms in a more consistent | ||
538 | (prettier!) way | ||
539 | ok djm | ||
540 | - djm@cvs.openbsd.org 2010/09/22 22:58:51 | ||
541 | [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c] | ||
542 | [sftp-client.h sftp.1 sftp.c] | ||
543 | add an option per-read/write callback to atomicio | ||
544 | |||
545 | factor out bandwidth limiting code from scp(1) into a generic bandwidth | ||
546 | limiter that can be attached using the atomicio callback mechanism | ||
547 | |||
548 | add a bandwidth limit option to sftp(1) using the above | ||
549 | "very nice" markus@ | ||
550 | - jmc@cvs.openbsd.org 2010/09/23 13:34:43 | ||
551 | [sftp.c] | ||
552 | add [-l limit] to usage(); | ||
553 | - jmc@cvs.openbsd.org 2010/09/23 13:36:46 | ||
554 | [scp.1 sftp.1] | ||
555 | add KexAlgorithms to the -o list; | ||
556 | |||
557 | 20100910 | ||
558 | - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact | ||
559 | return code since it can apparently return -1 under some conditions. From | ||
560 | openssh bugs werbittewas de, ok djm@ | ||
561 | - OpenBSD CVS Sync | ||
562 | - djm@cvs.openbsd.org 2010/08/31 12:33:38 | ||
563 | [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] | ||
564 | reintroduce commit from tedu@, which I pulled out for release | ||
565 | engineering: | ||
566 | OpenSSL_add_all_algorithms is the name of the function we have a | ||
567 | man page for, so use that. ok djm | ||
568 | - jmc@cvs.openbsd.org 2010/08/31 17:40:54 | ||
569 | [ssh-agent.1] | ||
570 | fix some macro abuse; | ||
571 | - jmc@cvs.openbsd.org 2010/08/31 21:14:58 | ||
572 | [ssh.1] | ||
573 | small text tweak to accommodate previous; | ||
574 | - naddy@cvs.openbsd.org 2010/09/01 15:21:35 | ||
575 | [servconf.c] | ||
576 | pick up ECDSA host key by default; ok djm@ | ||
577 | - markus@cvs.openbsd.org 2010/09/02 16:07:25 | ||
578 | [ssh-keygen.c] | ||
579 | permit -b 256, 384 or 521 as key size for ECDSA; ok djm@ | ||
580 | - markus@cvs.openbsd.org 2010/09/02 16:08:39 | ||
581 | [ssh.c] | ||
582 | unbreak ControlPersist=yes for ControlMaster=yes; ok djm@ | ||
583 | - naddy@cvs.openbsd.org 2010/09/02 17:21:50 | ||
584 | [ssh-keygen.c] | ||
585 | Switch ECDSA default key size to 256 bits, which according to RFC5656 | ||
586 | should still be better than our current RSA-2048 default. | ||
587 | ok djm@, markus@ | ||
588 | - jmc@cvs.openbsd.org 2010/09/03 11:09:29 | ||
589 | [scp.1] | ||
590 | add an EXIT STATUS section for /usr/bin; | ||
591 | - jmc@cvs.openbsd.org 2010/09/04 09:38:34 | ||
592 | [ssh-add.1 ssh.1] | ||
593 | two more EXIT STATUS sections; | ||
594 | - naddy@cvs.openbsd.org 2010/09/06 17:10:19 | ||
595 | [sshd_config] | ||
596 | add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste | ||
597 | <mattieu.b@gmail.com> | ||
598 | ok deraadt@ | ||
599 | - djm@cvs.openbsd.org 2010/09/08 03:54:36 | ||
600 | [authfile.c] | ||
601 | typo | ||
602 | - deraadt@cvs.openbsd.org 2010/09/08 04:13:31 | ||
603 | [compress.c] | ||
604 | work around name-space collisions some buggy compilers (looking at you | ||
605 | gcc, at least in earlier versions, but this does not forgive your current | ||
606 | transgressions) seen between zlib and openssl | ||
607 | ok djm | ||
608 | - djm@cvs.openbsd.org 2010/09/09 10:45:45 | ||
609 | [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c] | ||
610 | ECDH/ECDSA compliance fix: these methods vary the hash function they use | ||
611 | (SHA256/384/512) depending on the length of the curve in use. The previous | ||
612 | code incorrectly used SHA256 in all cases. | ||
613 | |||
614 | This fix will cause authentication failure when using 384 or 521-bit curve | ||
615 | keys if one peer hasn't been upgraded and the other has. (256-bit curve | ||
616 | keys work ok). In particular you may need to specify HostkeyAlgorithms | ||
617 | when connecting to a server that has not been upgraded from an upgraded | ||
618 | client. | ||
619 | |||
620 | ok naddy@ | ||
621 | - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c] | ||
622 | [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c] | ||
623 | [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on | ||
624 | platforms that don't have the requisite OpenSSL support. ok dtucker@ | ||
625 | - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs | ||
626 | for missing headers and compiler warnings. | ||
627 | |||
628 | 20100831 | ||
629 | - OpenBSD CVS Sync | ||
630 | - jmc@cvs.openbsd.org 2010/08/08 19:36:30 | ||
631 | [ssh-keysign.8 ssh.1 sshd.8] | ||
632 | use the same template for all FILES sections; i.e. -compact/.Pp where we | ||
633 | have multiple items, and .Pa for path names; | ||
634 | - tedu@cvs.openbsd.org 2010/08/12 23:34:39 | ||
635 | [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] | ||
636 | OpenSSL_add_all_algorithms is the name of the function we have a man page | ||
637 | for, so use that. ok djm | ||
638 | - djm@cvs.openbsd.org 2010/08/16 04:06:06 | ||
639 | [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] | ||
640 | backout previous temporarily; discussed with deraadt@ | ||
641 | - djm@cvs.openbsd.org 2010/08/31 09:58:37 | ||
642 | [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c] | ||
643 | [packet.h ssh-dss.c ssh-rsa.c] | ||
644 | Add buffer_get_cstring() and related functions that verify that the | ||
645 | string extracted from the buffer contains no embedded \0 characters* | ||
646 | This prevents random (possibly malicious) crap from being appended to | ||
647 | strings where it would not be noticed if the string is used with | ||
648 | a string(3) function. | ||
649 | |||
650 | Use the new API in a few sensitive places. | ||
651 | |||
652 | * actually, we allow a single one at the end of the string for now because | ||
653 | we don't know how many deployed implementations get this wrong, but don't | ||
654 | count on this to remain indefinitely. | ||
655 | - djm@cvs.openbsd.org 2010/08/31 11:54:45 | ||
656 | [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c] | ||
657 | [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c] | ||
658 | [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c] | ||
659 | [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c] | ||
660 | [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h] | ||
661 | [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5] | ||
662 | [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] | ||
663 | Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and | ||
664 | host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer | ||
665 | better performance than plain DH and DSA at the same equivalent symmetric | ||
666 | key length, as well as much shorter keys. | ||
667 | |||
668 | Only the mandatory sections of RFC5656 are implemented, specifically the | ||
669 | three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and | ||
670 | ECDSA. Point compression (optional in RFC5656 is NOT implemented). | ||
671 | |||
672 | Certificate host and user keys using the new ECDSA key types are supported. | ||
673 | |||
674 | Note that this code has not been tested for interoperability and may be | ||
675 | subject to change. | ||
676 | |||
677 | feedback and ok markus@ | ||
678 | - (djm) [Makefile.in] Add new ECC files | ||
679 | - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include | ||
680 | includes.h | ||
681 | |||
682 | 20100827 | ||
683 | - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated, | ||
684 | remove. Patch from martynas at venck us | ||
685 | |||
1 | 20100823 | 686 | 20100823 |
2 | - (djm) Release OpenSSH-5.6p1 | 687 | - (djm) Release OpenSSH-5.6p1 |
3 | 688 | ||
@@ -517,2746 +1202,3 @@ | |||
517 | 1202 | ||
518 | ok markus@ | 1203 | ok markus@ |
519 | 1204 | ||
520 | 20100410 | ||
521 | - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo | ||
522 | back so we disable the IPv6 tests if we don't have it. | ||
523 | |||
524 | 20100409 | ||
525 | - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong | ||
526 | ones. Based on a patch from Roumen Petrov. | ||
527 | - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we | ||
528 | have it and the path is not provided to --with-libedit. Based on a patch | ||
529 | from Iain Morgan. | ||
530 | - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable | ||
531 | utmpx support on FreeBSD where possible. Patch from Ed Schouten, ok djm@ | ||
532 | |||
533 | 20100326 | ||
534 | - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection | ||
535 | for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson | ||
536 | - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally | ||
537 | by Ingo Weinhold via Scott McCreary, ok djm@ | ||
538 | - (djm) OpenBSD CVS Sync | ||
539 | - djm@cvs.openbsd.org 2010/03/25 23:38:28 | ||
540 | [servconf.c] | ||
541 | from portable: getcwd(NULL, 0) doesn't work on all platforms, so | ||
542 | use a stack buffer; ok dtucker@ | ||
543 | - djm@cvs.openbsd.org 2010/03/26 00:26:58 | ||
544 | [ssh.1] | ||
545 | mention that -S none disables connection sharing; from Colin Watson | ||
546 | - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms - | ||
547 | set up SELinux execution context before chroot() call. From Russell | ||
548 | Coker via Colin watson; bz#1726 ok dtucker@ | ||
549 | - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721 | ||
550 | ok dtucker@ | ||
551 | - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using | ||
552 | pkg-config, patch from Colin Watson. Needed for newer linkers (ie gold). | ||
553 | - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys; | ||
554 | bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ | ||
555 | - (dtucker) OpenBSD CVS Sync | ||
556 | - dtucker@cvs.openbsd.org 2010/03/26 01:06:13 | ||
557 | [ssh_config.5] | ||
558 | Reformat default value of PreferredAuthentications entry (current | ||
559 | formatting implies ", " is acceptable as a separator, which it's not. | ||
560 | ok djm@ | ||
561 | |||
562 | 20100324 | ||
563 | - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory | ||
564 | containing the services file explicitely case-insensitive. This allows to | ||
565 | tweak the Windows services file reliably. Patch from vinschen at redhat. | ||
566 | |||
567 | 20100321 | ||
568 | - (djm) OpenBSD CVS Sync | ||
569 | - jmc@cvs.openbsd.org 2010/03/08 09:41:27 | ||
570 | [ssh-keygen.1] | ||
571 | sort the list of constraints (to -O); ok djm | ||
572 | - jmc@cvs.openbsd.org 2010/03/10 07:40:35 | ||
573 | [ssh-keygen.1] | ||
574 | typos; from Ross Richardson | ||
575 | closes prs 6334 and 6335 | ||
576 | - djm@cvs.openbsd.org 2010/03/10 23:27:17 | ||
577 | [auth2-pubkey.c] | ||
578 | correct certificate logging and make it more consistent between | ||
579 | authorized_keys and TrustedCAKeys; ok markus@ | ||
580 | - djm@cvs.openbsd.org 2010/03/12 01:06:25 | ||
581 | [servconf.c] | ||
582 | unbreak AuthorizedKeys option with a $HOME-relative path; reported by | ||
583 | vinschen AT redhat.com, ok dtucker@ | ||
584 | - markus@cvs.openbsd.org 2010/03/12 11:37:40 | ||
585 | [servconf.c] | ||
586 | do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths | ||
587 | free() (not xfree()) the buffer returned by getcwd() | ||
588 | - djm@cvs.openbsd.org 2010/03/13 21:10:38 | ||
589 | [clientloop.c] | ||
590 | protocol conformance fix: send language tag when disconnecting normally; | ||
591 | spotted by 1.41421 AT gmail.com, ok markus@ deraadt@ | ||
592 | - djm@cvs.openbsd.org 2010/03/13 21:45:46 | ||
593 | [ssh-keygen.1] | ||
594 | Certificates are named *-cert.pub, not *_cert.pub; committing a diff | ||
595 | from stevesk@ ok me | ||
596 | - jmc@cvs.openbsd.org 2010/03/13 23:38:13 | ||
597 | [ssh-keygen.1] | ||
598 | fix a formatting error (args need quoted); noted by stevesk | ||
599 | - stevesk@cvs.openbsd.org 2010/03/15 19:40:02 | ||
600 | [key.c key.h ssh-keygen.c] | ||
601 | also print certificate type (user or host) for ssh-keygen -L | ||
602 | ok djm kettenis | ||
603 | - stevesk@cvs.openbsd.org 2010/03/16 15:46:52 | ||
604 | [auth-options.c] | ||
605 | spelling in error message. ok djm kettenis | ||
606 | - djm@cvs.openbsd.org 2010/03/16 16:36:49 | ||
607 | [version.h] | ||
608 | crank version to openssh-5.5 since we have a few fixes since 5.4; | ||
609 | requested deraadt@ kettenis@ | ||
610 | - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
611 | [contrib/suse/openssh.spec] Crank version numbers | ||
612 | |||
613 | 20100314 | ||
614 | - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix | ||
615 | compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot | ||
616 | AT fefe.de | ||
617 | - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for | ||
618 | ssh-pkcs11-helper to repair static builds (we do the same for | ||
619 | ssh-keyscan). Reported by felix-mindrot AT fefe.de | ||
620 | |||
621 | 20100312 | ||
622 | - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir) | ||
623 | - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets. | ||
624 | Patch from Corinna Vinschen. | ||
625 | - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install | ||
626 | on a Cygwin installation. Patch from Corinna Vinschen. | ||
627 | |||
628 | 20100311 | ||
629 | - (tim) [contrib/suse/openssh.spec] crank version number here too. | ||
630 | report by imorgan AT nas.nasa.gov | ||
631 | |||
632 | 20100309 | ||
633 | - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO | ||
634 | so setting it in CFLAGS correctly skips IPv6 tests. | ||
635 | |||
636 | 20100308 | ||
637 | - (djm) OpenBSD CVS Sync | ||
638 | - djm@cvs.openbsd.org 2010/03/07 22:16:01 | ||
639 | [ssh-keygen.c] | ||
640 | make internal strptime string match strftime format; | ||
641 | suggested by vinschen AT redhat.com and markus@ | ||
642 | - djm@cvs.openbsd.org 2010/03/08 00:28:55 | ||
643 | [ssh-keygen.1] | ||
644 | document permit-agent-forwarding certificate constraint; patch from | ||
645 | stevesk@ | ||
646 | - djm@cvs.openbsd.org 2010/03/07 22:01:32 | ||
647 | [version.h] | ||
648 | openssh-5.4 | ||
649 | - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
650 | crank version numbers | ||
651 | - (djm) Release OpenSSH-5.4p1 | ||
652 | |||
653 | 20100307 | ||
654 | - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that | ||
655 | it gets the passwd struct from the LAM that knows about the user which is | ||
656 | not necessarily the default. Patch from Alexandre Letourneau. | ||
657 | - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and | ||
658 | do not set real uid, since that's needed for the chroot, and will be set | ||
659 | by permanently_set_uid. | ||
660 | - (dtucker) [session.c] Also initialize creds to NULL for handing to | ||
661 | setpcred. | ||
662 | - (dtucker) OpenBSD CVS Sync | ||
663 | - dtucker@cvs.openbsd.org 2010/03/07 11:57:13 | ||
664 | [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] | ||
665 | Hold authentication debug messages until after successful authentication. | ||
666 | Fixes an info leak of environment variables specified in authorized_keys, | ||
667 | reported by Jacob Appelbaum. ok djm@ | ||
668 | |||
669 | 20100305 | ||
670 | - OpenBSD CVS Sync | ||
671 | - jmc@cvs.openbsd.org 2010/03/04 12:51:25 | ||
672 | [ssh.1 sshd_config.5] | ||
673 | tweak previous; | ||
674 | - djm@cvs.openbsd.org 2010/03/04 20:35:08 | ||
675 | [ssh-keygen.1 ssh-keygen.c] | ||
676 | Add a -L flag to print the contents of a certificate; ok markus@ | ||
677 | - jmc@cvs.openbsd.org 2010/03/04 22:52:40 | ||
678 | [ssh-keygen.1] | ||
679 | fix Bk/Ek; | ||
680 | - djm@cvs.openbsd.org 2010/03/04 23:17:25 | ||
681 | [sshd_config.5] | ||
682 | missing word; spotted by jmc@ | ||
683 | - djm@cvs.openbsd.org 2010/03/04 23:19:29 | ||
684 | [ssh.1 sshd.8] | ||
685 | move section on CA and revoked keys from ssh.1 to sshd.8's known hosts | ||
686 | format section and rework it a bit; requested by jmc@ | ||
687 | - djm@cvs.openbsd.org 2010/03/04 23:27:25 | ||
688 | [auth-options.c ssh-keygen.c] | ||
689 | "force-command" is not spelled "forced-command"; spotted by | ||
690 | imorgan AT nas.nasa.gov | ||
691 | - djm@cvs.openbsd.org 2010/03/05 02:58:11 | ||
692 | [auth.c] | ||
693 | make the warning for a revoked key louder and more noticable | ||
694 | - jmc@cvs.openbsd.org 2010/03/05 06:50:35 | ||
695 | [ssh.1 sshd.8] | ||
696 | tweak previous; | ||
697 | - jmc@cvs.openbsd.org 2010/03/05 08:31:20 | ||
698 | [ssh.1] | ||
699 | document certificate authentication; help/ok djm | ||
700 | - djm@cvs.openbsd.org 2010/03/05 10:28:21 | ||
701 | [ssh-add.1 ssh.1 ssh_config.5] | ||
702 | mention loading of certificate files from [private]-cert.pub when | ||
703 | they are present; feedback and ok jmc@ | ||
704 | - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older | ||
705 | compilers. OK djm@ | ||
706 | - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure | ||
707 | on some platforms | ||
708 | - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@ | ||
709 | |||
710 | 20100304 | ||
711 | - (djm) [ssh-keygen.c] Use correct local variable, instead of | ||
712 | maybe-undefined global "optarg" | ||
713 | - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq | ||
714 | on XFree86-devel with neutral /usr/include/X11/Xlib.h; | ||
715 | imorgan AT nas.nasa.gov in bz#1731 | ||
716 | - (djm) [.cvsignore] Ignore ssh-pkcs11-helper | ||
717 | - (djm) [regress/Makefile] Cleanup sshd_proxy_orig | ||
718 | - OpenBSD CVS Sync | ||
719 | - djm@cvs.openbsd.org 2010/03/03 01:44:36 | ||
720 | [auth-options.c key.c] | ||
721 | reject strings with embedded ASCII nul chars in certificate key IDs, | ||
722 | principal names and constraints | ||
723 | - djm@cvs.openbsd.org 2010/03/03 22:49:50 | ||
724 | [sshd.8] | ||
725 | the authorized_keys option for CA keys is "cert-authority", not | ||
726 | "from=cert-authority". spotted by imorgan AT nas.nasa.gov | ||
727 | - djm@cvs.openbsd.org 2010/03/03 22:50:40 | ||
728 | [PROTOCOL.certkeys] | ||
729 | s/similar same/similar/; from imorgan AT nas.nasa.gov | ||
730 | - djm@cvs.openbsd.org 2010/03/04 01:44:57 | ||
731 | [key.c] | ||
732 | use buffer_get_string_ptr_ret() where we are checking the return | ||
733 | value explicitly instead of the fatal()-causing buffer_get_string_ptr() | ||
734 | - djm@cvs.openbsd.org 2010/03/04 10:36:03 | ||
735 | [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c] | ||
736 | [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h] | ||
737 | [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5] | ||
738 | Add a TrustedUserCAKeys option to sshd_config to specify CA keys that | ||
739 | are trusted to authenticate users (in addition than doing it per-user | ||
740 | in authorized_keys). | ||
741 | |||
742 | Add a RevokedKeys option to sshd_config and a @revoked marker to | ||
743 | known_hosts to allow keys to me revoked and banned for user or host | ||
744 | authentication. | ||
745 | |||
746 | feedback and ok markus@ | ||
747 | - djm@cvs.openbsd.org 2010/03/03 00:47:23 | ||
748 | [regress/cert-hostkey.sh regress/cert-userkey.sh] | ||
749 | add an extra test to ensure that authentication with the wrong | ||
750 | certificate fails as it should (and it does) | ||
751 | - djm@cvs.openbsd.org 2010/03/04 10:38:23 | ||
752 | [regress/cert-hostkey.sh regress/cert-userkey.sh] | ||
753 | additional regression tests for revoked keys and TrustedUserCAKeys | ||
754 | |||
755 | 20100303 | ||
756 | - (djm) [PROTOCOL.certkeys] Add RCS Ident | ||
757 | - OpenBSD CVS Sync | ||
758 | - jmc@cvs.openbsd.org 2010/02/26 22:09:28 | ||
759 | [ssh-keygen.1 ssh.1 sshd.8] | ||
760 | tweak previous; | ||
761 | - otto@cvs.openbsd.org 2010/03/01 11:07:06 | ||
762 | [ssh-add.c] | ||
763 | zap what seems to be a left-over debug message; ok markus@ | ||
764 | - djm@cvs.openbsd.org 2010/03/02 23:20:57 | ||
765 | [ssh-keygen.c] | ||
766 | POSIX strptime is stricter than OpenBSD's so do a little dance to | ||
767 | appease it. | ||
768 | - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too | ||
769 | |||
770 | 20100302 | ||
771 | - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from | ||
772 | http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22 | ||
773 | respectively). | ||
774 | |||
775 | 20100301 | ||
776 | - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace | ||
777 | "echo -n" with "echon" for portability. | ||
778 | - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM | ||
779 | adjust log at verbose only, since according to cjwatson in bug #1470 | ||
780 | some virtualization platforms don't allow writes. | ||
781 | |||
782 | 20100228 | ||
783 | - (djm) [auth.c] On Cygwin, refuse usernames that have differences in | ||
784 | case from that matched in the system password database. On this | ||
785 | platform, passwords are stored case-insensitively, but sshd requires | ||
786 | exact case matching for Match blocks in sshd_config(5). Based on | ||
787 | a patch from vinschen AT redhat.com. | ||
788 | - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions | ||
789 | to make older compilers (gcc 2.95) happy. | ||
790 | |||
791 | 20100227 | ||
792 | - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded | ||
793 | - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment | ||
794 | variables copied into sshd child processes. From vinschen AT redhat.com | ||
795 | |||
796 | 20100226 | ||
797 | - OpenBSD CVS Sync | ||
798 | - djm@cvs.openbsd.org 2010/02/26 20:29:54 | ||
799 | [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c] | ||
800 | [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c] | ||
801 | [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c] | ||
802 | [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c] | ||
803 | [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c] | ||
804 | [sshconnect2.c sshd.8 sshd.c sshd_config.5] | ||
805 | Add support for certificate key types for users and hosts. | ||
806 | |||
807 | OpenSSH certificate key types are not X.509 certificates, but a much | ||
808 | simpler format that encodes a public key, identity information and | ||
809 | some validity constraints and signs it with a CA key. CA keys are | ||
810 | regular SSH keys. This certificate style avoids the attack surface | ||
811 | of X.509 certificates and is very easy to deploy. | ||
812 | |||
813 | Certified host keys allow automatic acceptance of new host keys | ||
814 | when a CA certificate is marked as trusted in ~/.ssh/known_hosts. | ||
815 | see VERIFYING HOST KEYS in ssh(1) for details. | ||
816 | |||
817 | Certified user keys allow authentication of users when the signing | ||
818 | CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS | ||
819 | FILE FORMAT" in sshd(8) for details. | ||
820 | |||
821 | Certificates are minted using ssh-keygen(1), documentation is in | ||
822 | the "CERTIFICATES" section of that manpage. | ||
823 | |||
824 | Documentation on the format of certificates is in the file | ||
825 | PROTOCOL.certkeys | ||
826 | |||
827 | feedback and ok markus@ | ||
828 | - djm@cvs.openbsd.org 2010/02/26 20:33:21 | ||
829 | [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh] | ||
830 | regression tests for certified keys | ||
831 | |||
832 | 20100224 | ||
833 | - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] | ||
834 | [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable | ||
835 | - (djm) OpenBSD CVS Sync | ||
836 | - djm@cvs.openbsd.org 2010/02/11 20:37:47 | ||
837 | [pathnames.h] | ||
838 | correct comment | ||
839 | - dtucker@cvs.openbsd.org 2009/11/09 04:20:04 | ||
840 | [regress/Makefile] | ||
841 | add regression test for ssh-keygen pubkey conversions | ||
842 | - dtucker@cvs.openbsd.org 2010/01/11 02:53:44 | ||
843 | [regress/forwarding.sh] | ||
844 | regress test for stdio forwarding | ||
845 | - djm@cvs.openbsd.org 2010/02/09 04:57:36 | ||
846 | [regress/addrmatch.sh] | ||
847 | clean up droppings | ||
848 | - djm@cvs.openbsd.org 2010/02/09 06:29:02 | ||
849 | [regress/Makefile] | ||
850 | turn on all the malloc(3) checking options when running regression | ||
851 | tests. this has caught a few bugs for me in the past; ok dtucker@ | ||
852 | - djm@cvs.openbsd.org 2010/02/24 06:21:56 | ||
853 | [regress/test-exec.sh] | ||
854 | wait for sshd to fully stop in cleanup() function; avoids races in tests | ||
855 | that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@ | ||
856 | - markus@cvs.openbsd.org 2010/02/08 10:52:47 | ||
857 | [regress/agent-pkcs11.sh] | ||
858 | test for PKCS#11 support (currently disabled) | ||
859 | - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper | ||
860 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
861 | [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage | ||
862 | |||
863 | 20100212 | ||
864 | - (djm) OpenBSD CVS Sync | ||
865 | - djm@cvs.openbsd.org 2010/02/02 22:49:34 | ||
866 | [bufaux.c] | ||
867 | make buffer_get_string_ret() really non-fatal in all cases (it was | ||
868 | using buffer_get_int(), which could fatal() on buffer empty); | ||
869 | ok markus dtucker | ||
870 | - markus@cvs.openbsd.org 2010/02/08 10:50:20 | ||
871 | [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c] | ||
872 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5] | ||
873 | replace our obsolete smartcard code with PKCS#11. | ||
874 | ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf | ||
875 | ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 | ||
876 | provider (shared library) while ssh-agent(1) delegates PKCS#11 to | ||
877 | a forked a ssh-pkcs11-helper process. | ||
878 | PKCS#11 is currently a compile time option. | ||
879 | feedback and ok djm@; inspired by patches from Alon Bar-Lev | ||
880 | - jmc@cvs.openbsd.org 2010/02/08 22:03:05 | ||
881 | [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c] | ||
882 | tweak previous; ok markus | ||
883 | - djm@cvs.openbsd.org 2010/02/09 00:50:36 | ||
884 | [ssh-agent.c] | ||
885 | fallout from PKCS#11: unbreak -D | ||
886 | - djm@cvs.openbsd.org 2010/02/09 00:50:59 | ||
887 | [ssh-keygen.c] | ||
888 | fix -Wall | ||
889 | - djm@cvs.openbsd.org 2010/02/09 03:56:28 | ||
890 | [buffer.c buffer.h] | ||
891 | constify the arguments to buffer_len, buffer_ptr and buffer_dump | ||
892 | - djm@cvs.openbsd.org 2010/02/09 06:18:46 | ||
893 | [auth.c] | ||
894 | unbreak ChrootDirectory+internal-sftp by skipping check for executable | ||
895 | shell when chrooting; reported by danh AT wzrd.com; ok dtucker@ | ||
896 | - markus@cvs.openbsd.org 2010/02/10 23:20:38 | ||
897 | [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5] | ||
898 | pkcs#11 is no longer optional; improve wording; ok jmc@ | ||
899 | - jmc@cvs.openbsd.org 2010/02/11 13:23:29 | ||
900 | [ssh.1] | ||
901 | libarary -> library; | ||
902 | - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c] | ||
903 | [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java] | ||
904 | Remove obsolete smartcard support | ||
905 | - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] | ||
906 | Make it compile on OSX | ||
907 | - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] | ||
908 | Use ssh_get_progname to fill __progname | ||
909 | - (djm) [configure.ac] Enable PKCS#11 support only when we find a working | ||
910 | dlopen() | ||
911 | |||
912 | 20100210 | ||
913 | - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for | ||
914 | getseuserbyname; patch from calebcase AT gmail.com via | ||
915 | cjwatson AT debian.org | ||
916 | |||
917 | 20100202 | ||
918 | - (djm) OpenBSD CVS Sync | ||
919 | - djm@cvs.openbsd.org 2010/01/30 21:08:33 | ||
920 | [sshd.8] | ||
921 | debug output goes to stderr, not "the system log"; ok markus dtucker | ||
922 | - djm@cvs.openbsd.org 2010/01/30 21:12:08 | ||
923 | [channels.c] | ||
924 | fake local addr:port when stdio fowarding as some servers (Tectia at | ||
925 | least) validate that they are well-formed; | ||
926 | reported by imorgan AT nas.nasa.gov | ||
927 | ok dtucker | ||
928 | |||
929 | 20100130 | ||
930 | - (djm) OpenBSD CVS Sync | ||
931 | - djm@cvs.openbsd.org 2010/01/28 00:21:18 | ||
932 | [clientloop.c] | ||
933 | downgrade an error() to a debug() - this particular case can be hit in | ||
934 | normal operation for certain sequences of mux slave vs session closure | ||
935 | and is harmless | ||
936 | - djm@cvs.openbsd.org 2010/01/29 00:20:41 | ||
937 | [sshd.c] | ||
938 | set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com | ||
939 | ok dtucker@ | ||
940 | - djm@cvs.openbsd.org 2010/01/29 20:16:17 | ||
941 | [mux.c] | ||
942 | kill correct channel (was killing already-dead mux channel, not | ||
943 | its session channel) | ||
944 | - djm@cvs.openbsd.org 2010/01/30 02:54:53 | ||
945 | [mux.c] | ||
946 | don't mark channel as read failed if it is already closing; suppresses | ||
947 | harmless error messages when connecting to SSH.COM Tectia server | ||
948 | report by imorgan AT nas.nasa.gov | ||
949 | |||
950 | 20100129 | ||
951 | - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config() | ||
952 | after registering the hardware engines, which causes the openssl.cnf file to | ||
953 | be processed. See OpenSSL's man page for OPENSSL_config(3) for details. | ||
954 | Patch from Solomon Peachy, ok djm@. | ||
955 | |||
956 | 20100128 | ||
957 | - (djm) OpenBSD CVS Sync | ||
958 | - djm@cvs.openbsd.org 2010/01/26 02:15:20 | ||
959 | [mux.c] | ||
960 | -Wuninitialized and remove a // comment; from portable | ||
961 | (Id sync only) | ||
962 | - djm@cvs.openbsd.org 2010/01/27 13:26:17 | ||
963 | [mux.c] | ||
964 | fix bug introduced in mux rewrite: | ||
965 | |||
966 | In a mux master, when a socket to a mux slave closes before its server | ||
967 | session (as may occur when the slave has been signalled), gracefully | ||
968 | close the server session rather than deleting its channel immediately. | ||
969 | A server may have more messages on that channel to send (e.g. an exit | ||
970 | message) that will fatal() the client if they are sent to a channel that | ||
971 | has been prematurely deleted. | ||
972 | |||
973 | spotted by imorgan AT nas.nasa.gov | ||
974 | - djm@cvs.openbsd.org 2010/01/27 19:21:39 | ||
975 | [sftp.c] | ||
976 | add missing "p" flag to getopt optstring; | ||
977 | bz#1704 from imorgan AT nas.nasa.gov | ||
978 | |||
979 | 20100126 | ||
980 | - (djm) OpenBSD CVS Sync | ||
981 | - tedu@cvs.openbsd.org 2010/01/17 21:49:09 | ||
982 | [ssh-agent.1] | ||
983 | Correct and clarify ssh-add's password asking behavior. | ||
984 | Improved text dtucker and ok jmc | ||
985 | - dtucker@cvs.openbsd.org 2010/01/18 01:50:27 | ||
986 | [roaming_client.c] | ||
987 | s/long long unsigned/unsigned long long/, from tim via portable | ||
988 | (Id sync only, change already in portable) | ||
989 | - djm@cvs.openbsd.org 2010/01/26 01:28:35 | ||
990 | [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c] | ||
991 | rewrite ssh(1) multiplexing code to a more sensible protocol. | ||
992 | |||
993 | The new multiplexing code uses channels for the listener and | ||
994 | accepted control sockets to make the mux master non-blocking, so | ||
995 | no stalls when processing messages from a slave. | ||
996 | |||
997 | avoid use of fatal() in mux master protocol parsing so an errant slave | ||
998 | process cannot take down a running master. | ||
999 | |||
1000 | implement requesting of port-forwards over multiplexed sessions. Any | ||
1001 | port forwards requested by the slave are added to those the master has | ||
1002 | established. | ||
1003 | |||
1004 | add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. | ||
1005 | |||
1006 | document master/slave mux protocol so that other tools can use it to | ||
1007 | control a running ssh(1). Note: there are no guarantees that this | ||
1008 | protocol won't be incompatibly changed (though it is versioned). | ||
1009 | |||
1010 | feedback Salvador Fandino, dtucker@ | ||
1011 | channel changes ok markus@ | ||
1012 | |||
1013 | 20100122 | ||
1014 | - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of | ||
1015 | socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size | ||
1016 | in Cygwin to 65535. Patch from Corinna Vinschen. | ||
1017 | |||
1018 | 20100117 | ||
1019 | - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too. | ||
1020 | - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions | ||
1021 | snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf(). | ||
1022 | |||
1023 | 20100116 | ||
1024 | - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h | ||
1025 | so we correctly detect whether or not we have a native user_from_uid. | ||
1026 | - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid | ||
1027 | and group_from_gid. | ||
1028 | - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by | ||
1029 | Tim. | ||
1030 | - (dtucker) OpenBSD CVS Sync | ||
1031 | - markus@cvs.openbsd.org 2010/01/15 09:24:23 | ||
1032 | [sftp-common.c] | ||
1033 | unused | ||
1034 | - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused | ||
1035 | variable warnings. | ||
1036 | - (dtucker) [openbsd-compat/openbsd-compat.h] Typo. | ||
1037 | - (tim) [regress/portnum.sh] Shell portability fix. | ||
1038 | - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native | ||
1039 | getaddrinfo() is too old and limited for addr_pton() in addrmatch.c. | ||
1040 | - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we | ||
1041 | use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/ | ||
1042 | to keep USL compilers happy. | ||
1043 | |||
1044 | 20100115 | ||
1045 | - (dtucker) OpenBSD CVS Sync | ||
1046 | - jmc@cvs.openbsd.org 2010/01/13 12:48:34 | ||
1047 | [sftp.1 sftp.c] | ||
1048 | sftp.1: put ls -h in the right place | ||
1049 | sftp.c: as above, plus add -p to get/put, and shorten their arg names | ||
1050 | to keep the help usage nicely aligned | ||
1051 | ok djm | ||
1052 | - djm@cvs.openbsd.org 2010/01/13 23:47:26 | ||
1053 | [auth.c] | ||
1054 | when using ChrootDirectory, make sure we test for the existence of the | ||
1055 | user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; | ||
1056 | ok dtucker | ||
1057 | - dtucker@cvs.openbsd.org 2010/01/14 23:41:49 | ||
1058 | [sftp-common.c] | ||
1059 | use user_from{uid,gid} to lookup up ids since it keeps a small cache. | ||
1060 | ok djm | ||
1061 | - guenther@cvs.openbsd.org 2010/01/15 00:05:22 | ||
1062 | [sftp.c] | ||
1063 | Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp | ||
1064 | inherited SIGTERM as ignored it will still be able to kill the ssh it | ||
1065 | starts. | ||
1066 | ok dtucker@ | ||
1067 | - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no | ||
1068 | changes yet but there will be some to come). | ||
1069 | - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability | ||
1070 | for pwcache. Also, added caching of negative hits. | ||
1071 | |||
1072 | 20100114 | ||
1073 | - (djm) [platform.h] Add missing prototype for | ||
1074 | platform_krb5_get_principal_name | ||
1075 | |||
1076 | 20100113 | ||
1077 | - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs. | ||
1078 | - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18: | ||
1079 | missing restore of SIGTTOU and some whitespace. | ||
1080 | - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21. | ||
1081 | - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22. | ||
1082 | Fixes bz #1590, where sometimes you could not interrupt a connection while | ||
1083 | ssh was prompting for a passphrase or password. | ||
1084 | - (dtucker) OpenBSD CVS Sync | ||
1085 | - dtucker@cvs.openbsd.org 2010/01/13 00:19:04 | ||
1086 | [sshconnect.c auth.c] | ||
1087 | Fix a couple of typos/mispellings in comments | ||
1088 | - dtucker@cvs.openbsd.org 2010/01/13 01:10:56 | ||
1089 | [key.c] | ||
1090 | Ignore and log any Protocol 1 keys where the claimed size is not equal to | ||
1091 | the actual size. Noted by Derek Martin, ok djm@ | ||
1092 | - dtucker@cvs.openbsd.org 2010/01/13 01:20:20 | ||
1093 | [canohost.c ssh-keysign.c sshconnect2.c] | ||
1094 | Make HostBased authentication work with a ProxyCommand. bz #1569, patch | ||
1095 | from imorgan at nas nasa gov, ok djm@ | ||
1096 | - djm@cvs.openbsd.org 2010/01/13 01:40:16 | ||
1097 | [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h] | ||
1098 | support '-h' (human-readable units) for sftp's ls command, just like | ||
1099 | ls(1); ok dtucker@ | ||
1100 | - djm@cvs.openbsd.org 2010/01/13 03:48:13 | ||
1101 | [servconf.c servconf.h sshd.c] | ||
1102 | avoid run-time failures when specifying hostkeys via a relative | ||
1103 | path by prepending the cwd in these cases; bz#1290; ok dtucker@ | ||
1104 | - djm@cvs.openbsd.org 2010/01/13 04:10:50 | ||
1105 | [sftp.c] | ||
1106 | don't append a space after inserting a completion of a directory (i.e. | ||
1107 | a path ending in '/') for a slightly better user experience; ok dtucker@ | ||
1108 | - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef. | ||
1109 | - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. | ||
1110 | feedback and ok dtucker@ | ||
1111 | |||
1112 | 20100112 | ||
1113 | - (dtucker) OpenBSD CVS Sync | ||
1114 | - dtucker@cvs.openbsd.org 2010/01/11 01:39:46 | ||
1115 | [ssh_config channels.c ssh.1 channels.h ssh.c] | ||
1116 | Add a 'netcat mode' (ssh -W). This connects stdio on the client to a | ||
1117 | single port forward on the server. This allows, for example, using ssh as | ||
1118 | a ProxyCommand to route connections via intermediate servers. | ||
1119 | bz #1618, man page help from jmc@, ok markus@ | ||
1120 | - dtucker@cvs.openbsd.org 2010/01/11 04:46:45 | ||
1121 | [authfile.c sshconnect2.c] | ||
1122 | Do not prompt for a passphrase if we fail to open a keyfile, and log the | ||
1123 | reason the open failed to debug. | ||
1124 | bz #1693, found by tj AT castaglia org, ok djm@ | ||
1125 | - djm@cvs.openbsd.org 2010/01/11 10:51:07 | ||
1126 | [ssh-keygen.c] | ||
1127 | when converting keys, truncate key comments at 72 chars as per RFC4716; | ||
1128 | bz#1630 reported by tj AT castaglia.org; ok markus@ | ||
1129 | - dtucker@cvs.openbsd.org 2010/01/12 00:16:47 | ||
1130 | [authfile.c] | ||
1131 | Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. | ||
1132 | Patch from joachim joachimschipper nl. | ||
1133 | - djm@cvs.openbsd.org 2010/01/12 00:58:25 | ||
1134 | [monitor_fdpass.c] | ||
1135 | avoid spinning when fd passing on nonblocking sockets by calling poll() | ||
1136 | in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@ | ||
1137 | - djm@cvs.openbsd.org 2010/01/12 00:59:29 | ||
1138 | [roaming_common.c] | ||
1139 | delete with extreme prejudice a debug() that fired with every keypress; | ||
1140 | ok dtucker deraadt | ||
1141 | - dtucker@cvs.openbsd.org 2010/01/12 01:31:05 | ||
1142 | [session.c] | ||
1143 | Do not allow logins if /etc/nologin exists but is not readable by the user | ||
1144 | logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@ | ||
1145 | - djm@cvs.openbsd.org 2010/01/12 01:36:08 | ||
1146 | [buffer.h bufaux.c] | ||
1147 | add a buffer_get_string_ptr_ret() that does the same as | ||
1148 | buffer_get_string_ptr() but does not fatal() on error; ok dtucker@ | ||
1149 | - dtucker@cvs.openbsd.org 2010/01/12 08:33:17 | ||
1150 | [session.c] | ||
1151 | Add explicit stat so we reliably detect nologin with bad perms. | ||
1152 | ok djm markus | ||
1153 | |||
1154 | 20100110 | ||
1155 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] | ||
1156 | Remove hacks add for RoutingDomain in preparation for its removal. | ||
1157 | - (dtucker) OpenBSD CVS Sync | ||
1158 | - dtucker@cvs.openbsd.org 2010/01/09 23:04:13 | ||
1159 | [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h | ||
1160 | ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c | ||
1161 | readconf.h scp.1 sftp.1 ssh_config.5 misc.h] | ||
1162 | Remove RoutingDomain from ssh since it's now not needed. It can be | ||
1163 | replaced with "route exec" or "nc -V" as a proxycommand. "route exec" | ||
1164 | also ensures that trafic such as DNS lookups stays withing the specified | ||
1165 | routingdomain. For example (from reyk): | ||
1166 | # route -T 2 exec /usr/sbin/sshd | ||
1167 | or inherited from the parent process | ||
1168 | $ route -T 2 exec sh | ||
1169 | $ ssh 10.1.2.3 | ||
1170 | ok deraadt@ markus@ stevesk@ reyk@ | ||
1171 | - dtucker@cvs.openbsd.org 2010/01/10 03:51:17 | ||
1172 | [servconf.c] | ||
1173 | Add ChrootDirectory to sshd.c test-mode output | ||
1174 | - dtucker@cvs.openbsd.org 2010/01/10 07:15:56 | ||
1175 | [auth.c] | ||
1176 | Output a debug if we can't open an existing keyfile. bz#1694, ok djm@ | ||
1177 | |||
1178 | 20100109 | ||
1179 | - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't | ||
1180 | have it. | ||
1181 | - (dtucker) [defines.h] define PRIu64 for platforms that don't have it. | ||
1182 | - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef. | ||
1183 | - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name | ||
1184 | when using utmpx. Patch from Ed Schouten. | ||
1185 | - (dtucker) OpenBSD CVS Sync | ||
1186 | - djm@cvs.openbsd.org 2010/01/09 00:20:26 | ||
1187 | [sftp-server.c sftp-server.8] | ||
1188 | add a 'read-only' mode to sftp-server(8) that disables open in write mode | ||
1189 | and all other fs-modifying protocol methods. bz#430 ok dtucker@ | ||
1190 | - djm@cvs.openbsd.org 2010/01/09 00:57:10 | ||
1191 | [PROTOCOL] | ||
1192 | tweak language | ||
1193 | - jmc@cvs.openbsd.org 2010/01/09 03:36:00 | ||
1194 | [sftp-server.8] | ||
1195 | bad place to forget a comma... | ||
1196 | - djm@cvs.openbsd.org 2010/01/09 05:04:24 | ||
1197 | [mux.c sshpty.h clientloop.c sshtty.c] | ||
1198 | quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we | ||
1199 | usually don't actually have a tty to read/set; bz#1686 ok dtucker@ | ||
1200 | - dtucker@cvs.openbsd.org 2010/01/09 05:17:00 | ||
1201 | [roaming_client.c] | ||
1202 | Remove a PRIu64 format string that snuck in with roaming. ok djm@ | ||
1203 | - dtucker@cvs.openbsd.org 2010/01/09 11:13:02 | ||
1204 | [sftp.c] | ||
1205 | Prevent sftp from derefing a null pointer when given a "-" without a | ||
1206 | command. Also, allow whitespace to follow a "-". bz#1691, path from | ||
1207 | Colin Watson via Debian. ok djm@ deraadt@ | ||
1208 | - dtucker@cvs.openbsd.org 2010/01/09 11:17:56 | ||
1209 | [sshd.c] | ||
1210 | Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs | ||
1211 | itself. Prevents two HUPs in quick succession from resulting in sshd | ||
1212 | dying. bz#1692, patch from Colin Watson via Ubuntu. | ||
1213 | - (dtucker) [defines.h] Remove now-undeeded PRIu64 define. | ||
1214 | |||
1215 | 20100108 | ||
1216 | - (dtucker) OpenBSD CVS Sync | ||
1217 | - andreas@cvs.openbsd.org 2009/10/24 11:11:58 | ||
1218 | [roaming.h] | ||
1219 | Declarations needed for upcoming changes. | ||
1220 | ok markus@ | ||
1221 | - andreas@cvs.openbsd.org 2009/10/24 11:13:54 | ||
1222 | [sshconnect2.c kex.h kex.c] | ||
1223 | Let the client detect if the server supports roaming by looking | ||
1224 | for the resume@appgate.com kex algorithm. | ||
1225 | ok markus@ | ||
1226 | - andreas@cvs.openbsd.org 2009/10/24 11:15:29 | ||
1227 | [clientloop.c] | ||
1228 | client_loop() must detect if the session has been suspended and resumed, | ||
1229 | and take appropriate action in that case. | ||
1230 | From Martin Forssen, maf at appgate dot com | ||
1231 | - andreas@cvs.openbsd.org 2009/10/24 11:19:17 | ||
1232 | [ssh2.h] | ||
1233 | Define the KEX messages used when resuming a suspended connection. | ||
1234 | ok markus@ | ||
1235 | - andreas@cvs.openbsd.org 2009/10/24 11:22:37 | ||
1236 | [roaming_common.c] | ||
1237 | Do the actual suspend/resume in the client. This won't be useful until | ||
1238 | the server side supports roaming. | ||
1239 | Most code from Martin Forssen, maf at appgate dot com. Some changes by | ||
1240 | me and markus@ | ||
1241 | ok markus@ | ||
1242 | - andreas@cvs.openbsd.org 2009/10/24 11:23:42 | ||
1243 | [ssh.c] | ||
1244 | Request roaming to be enabled if UseRoaming is true and the server | ||
1245 | supports it. | ||
1246 | ok markus@ | ||
1247 | - reyk@cvs.openbsd.org 2009/10/28 16:38:18 | ||
1248 | [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c | ||
1249 | channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1 | ||
1250 | sftp.1 sshd_config.5 readconf.c ssh.c misc.c] | ||
1251 | Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan. | ||
1252 | ok markus@ | ||
1253 | - jmc@cvs.openbsd.org 2009/10/28 21:45:08 | ||
1254 | [sshd_config.5 sftp.1] | ||
1255 | tweak previous; | ||
1256 | - djm@cvs.openbsd.org 2009/11/10 02:56:22 | ||
1257 | [ssh_config.5] | ||
1258 | explain the constraints on LocalCommand some more so people don't | ||
1259 | try to abuse it. | ||
1260 | - djm@cvs.openbsd.org 2009/11/10 02:58:56 | ||
1261 | [sshd_config.5] | ||
1262 | clarify that StrictModes does not apply to ChrootDirectory. Permissions | ||
1263 | and ownership are always checked when chrooting. bz#1532 | ||
1264 | - dtucker@cvs.openbsd.org 2009/11/10 04:30:45 | ||
1265 | [sshconnect2.c channels.c sshconnect.c] | ||
1266 | Set close-on-exec on various descriptors so they don't get leaked to | ||
1267 | child processes. bz #1643, patch from jchadima at redhat, ok deraadt. | ||
1268 | - markus@cvs.openbsd.org 2009/11/11 21:37:03 | ||
1269 | [channels.c channels.h] | ||
1270 | fix race condition in x11/agent channel allocation: don't read after | ||
1271 | the end of the select read/write fdset and make sure a reused FD | ||
1272 | is not touched before the pre-handlers are called. | ||
1273 | with and ok djm@ | ||
1274 | - djm@cvs.openbsd.org 2009/11/17 05:31:44 | ||
1275 | [clientloop.c] | ||
1276 | fix incorrect exit status when multiplexing and channel ID 0 is recycled | ||
1277 | bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker | ||
1278 | - djm@cvs.openbsd.org 2009/11/19 23:39:50 | ||
1279 | [session.c] | ||
1280 | bz#1606: error when an attempt is made to connect to a server | ||
1281 | with ForceCommand=internal-sftp with a shell session (i.e. not a | ||
1282 | subsystem session). Avoids stuck client when attempting to ssh to such a | ||
1283 | service. ok dtucker@ | ||
1284 | - dtucker@cvs.openbsd.org 2009/11/20 00:15:41 | ||
1285 | [session.c] | ||
1286 | Warn but do not fail if stat()ing the subsystem binary fails. This helps | ||
1287 | with chrootdirectory+forcecommand=sftp-server and restricted shells. | ||
1288 | bz #1599, ok djm. | ||
1289 | - djm@cvs.openbsd.org 2009/11/20 00:54:01 | ||
1290 | [sftp.c] | ||
1291 | bz#1588 change "Connecting to host..." message to "Connected to host." | ||
1292 | and delay it until after the sftp protocol connection has been established. | ||
1293 | Avoids confusing sequence of messages when the underlying ssh connection | ||
1294 | experiences problems. ok dtucker@ | ||
1295 | - dtucker@cvs.openbsd.org 2009/11/20 00:59:36 | ||
1296 | [sshconnect2.c] | ||
1297 | Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@ | ||
1298 | - djm@cvs.openbsd.org 2009/11/20 03:24:07 | ||
1299 | [misc.c] | ||
1300 | correct off-by-one in percent_expand(): we would fatal() when trying | ||
1301 | to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually | ||
1302 | work. Note that nothing in OpenSSH actually uses close to this limit at | ||
1303 | present. bz#1607 from Jan.Pechanec AT Sun.COM | ||
1304 | - halex@cvs.openbsd.org 2009/11/22 13:18:00 | ||
1305 | [sftp.c] | ||
1306 | make passing of zero-length arguments to ssh safe by | ||
1307 | passing "-<switch>" "<value>" rather than "-<switch><value>" | ||
1308 | ok dtucker@, guenther@, djm@ | ||
1309 | - dtucker@cvs.openbsd.org 2009/12/06 23:41:15 | ||
1310 | [sshconnect2.c] | ||
1311 | zap unused variable and strlen; from Steve McClellan, ok djm | ||
1312 | - djm@cvs.openbsd.org 2009/12/06 23:53:45 | ||
1313 | [roaming_common.c] | ||
1314 | use socklen_t for getsockopt optlen parameter; reported by | ||
1315 | Steve.McClellan AT radisys.com, ok dtucker@ | ||
1316 | - dtucker@cvs.openbsd.org 2009/12/06 23:53:54 | ||
1317 | [sftp.c] | ||
1318 | fix potential divide-by-zero in sftp's "df" output when talking to a server | ||
1319 | that reports zero files on the filesystem (Unix filesystems always have at | ||
1320 | least the root inode). From Steve McClellan at radisys, ok djm@ | ||
1321 | - markus@cvs.openbsd.org 2009/12/11 18:16:33 | ||
1322 | [key.c] | ||
1323 | switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537 | ||
1324 | for the RSA public exponent; discussed with provos; ok djm@ | ||
1325 | - guenther@cvs.openbsd.org 2009/12/20 07:28:36 | ||
1326 | [ssh.c sftp.c scp.c] | ||
1327 | When passing user-controlled options with arguments to other programs, | ||
1328 | pass the option and option argument as separate argv entries and | ||
1329 | not smashed into one (e.g., as -l foo and not -lfoo). Also, always | ||
1330 | pass a "--" argument to stop option parsing, so that a positional | ||
1331 | argument that starts with a '-' isn't treated as an option. This | ||
1332 | fixes some error cases as well as the handling of hostnames and | ||
1333 | filenames that start with a '-'. | ||
1334 | Based on a diff by halex@ | ||
1335 | ok halex@ djm@ deraadt@ | ||
1336 | - djm@cvs.openbsd.org 2009/12/20 23:20:40 | ||
1337 | [PROTOCOL] | ||
1338 | fix an incorrect magic number and typo in PROTOCOL; bz#1688 | ||
1339 | report and fix from ueno AT unixuser.org | ||
1340 | - stevesk@cvs.openbsd.org 2009/12/25 19:40:21 | ||
1341 | [readconf.c servconf.c misc.h ssh-keyscan.c misc.c] | ||
1342 | validate routing domain is in range 0-RT_TABLEID_MAX. | ||
1343 | 'Looks right' deraadt@ | ||
1344 | - stevesk@cvs.openbsd.org 2009/12/29 16:38:41 | ||
1345 | [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1] | ||
1346 | Rename RDomain config option to RoutingDomain to be more clear and | ||
1347 | consistent with other options. | ||
1348 | NOTE: if you currently use RDomain in the ssh client or server config, | ||
1349 | or ssh/sshd -o, you must update to use RoutingDomain. | ||
1350 | ok markus@ djm@ | ||
1351 | - jmc@cvs.openbsd.org 2009/12/29 18:03:32 | ||
1352 | [sshd_config.5 ssh_config.5] | ||
1353 | sort previous; | ||
1354 | - dtucker@cvs.openbsd.org 2010/01/04 01:45:30 | ||
1355 | [sshconnect2.c] | ||
1356 | Don't escape backslashes in the SSH2 banner. bz#1533, patch from | ||
1357 | Michal Gorny via Gentoo. | ||
1358 | - djm@cvs.openbsd.org 2010/01/04 02:03:57 | ||
1359 | [sftp.c] | ||
1360 | Implement tab-completion of commands, local and remote filenames for sftp. | ||
1361 | Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009 | ||
1362 | Google Summer of Code) and polished to a fine sheen by myself again. | ||
1363 | It should deal more-or-less correctly with the ikky corner-cases presented | ||
1364 | by quoted filenames, but the UI could still be slightly improved. | ||
1365 | In particular, it is quite slow for remote completion on large directories. | ||
1366 | bz#200; ok markus@ | ||
1367 | - djm@cvs.openbsd.org 2010/01/04 02:25:15 | ||
1368 | [sftp-server.c] | ||
1369 | bz#1566 don't unnecessarily dup() in and out fds for sftp-server; | ||
1370 | ok markus@ | ||
1371 | - dtucker@cvs.openbsd.org 2010/01/08 21:50:49 | ||
1372 | [sftp.c] | ||
1373 | Fix two warnings: possibly used unitialized and use a nul byte instead of | ||
1374 | NULL pointer. ok djm@ | ||
1375 | - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new | ||
1376 | files for roaming and add to Makefile. | ||
1377 | - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines. | ||
1378 | - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that | ||
1379 | don't have libedit. | ||
1380 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make | ||
1381 | RoutingDomain an unsupported option on platforms that don't have it. | ||
1382 | - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote | ||
1383 | too. | ||
1384 | - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to | ||
1385 | be created. | ||
1386 | - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more | ||
1387 | to eliminate an unused variable warning. | ||
1388 | - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types. | ||
1389 | |||
1390 | 20091226 | ||
1391 | - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1 | ||
1392 | Gzip all man pages. Patch from Corinna Vinschen. | ||
1393 | |||
1394 | 20091221 | ||
1395 | - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}] | ||
1396 | Bug #1583: Use system's kerberos principal name on AIX if it's available. | ||
1397 | Based on a patch from and tested by Miguel Sanders | ||
1398 | |||
1399 | 20091208 | ||
1400 | - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux, | ||
1401 | based on a patch from Vaclav Ovsik and Colin Watson. ok djm. | ||
1402 | |||
1403 | 20091207 | ||
1404 | - (dtucker) Bug #1160: use pkg-config for opensc config if it's available. | ||
1405 | Tested by Martin Paljak. | ||
1406 | - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass. | ||
1407 | |||
1408 | 20091121 | ||
1409 | - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it. | ||
1410 | Bug 1628. OK dtucker@ | ||
1411 | |||
1412 | 20091120 | ||
1413 | - (djm) [ssh-rand-helper.c] Print error and usage() when passed command- | ||
1414 | line arguments as none are supported. Exit when passed unrecognised | ||
1415 | commandline flags. bz#1568 from gson AT araneus.fi | ||
1416 | |||
1417 | 20091118 | ||
1418 | - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to | ||
1419 | set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify | ||
1420 | setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only() | ||
1421 | bz#1648, report and fix from jan.kratochvil AT redhat.com | ||
1422 | - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal. | ||
1423 | bz#1645, patch from jchadima AT redhat.com | ||
1424 | |||
1425 | 20091107 | ||
1426 | - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private | ||
1427 | keys when built with OpenSSL versions that don't do AES. | ||
1428 | |||
1429 | 20091105 | ||
1430 | - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with | ||
1431 | older versions of OpenSSL. | ||
1432 | |||
1433 | 20091024 | ||
1434 | - (dtucker) OpenBSD CVS Sync | ||
1435 | - djm@cvs.openbsd.org 2009/10/11 23:03:15 | ||
1436 | [hostfile.c] | ||
1437 | mention the host name that we are looking for in check_host_in_hostfile() | ||
1438 | - sobrado@cvs.openbsd.org 2009/10/17 12:10:39 | ||
1439 | [sftp-server.c] | ||
1440 | sort flags. | ||
1441 | - sobrado@cvs.openbsd.org 2009/10/22 12:35:53 | ||
1442 | [ssh.1 ssh-agent.1 ssh-add.1] | ||
1443 | use the UNIX-related macros (.At and .Ux) where appropriate. | ||
1444 | ok jmc@ | ||
1445 | - sobrado@cvs.openbsd.org 2009/10/22 15:02:12 | ||
1446 | [ssh-agent.1 ssh-add.1 ssh.1] | ||
1447 | write UNIX-domain in a more consistent way; while here, replace a | ||
1448 | few remaining ".Tn UNIX" macros with ".Ux" ones. | ||
1449 | pointed out by ratchov@, thanks! | ||
1450 | ok jmc@ | ||
1451 | - djm@cvs.openbsd.org 2009/10/22 22:26:13 | ||
1452 | [authfile.c] | ||
1453 | switch from 3DES to AES-128 for encryption of passphrase-protected | ||
1454 | SSH protocol 2 private keys; ok several | ||
1455 | - djm@cvs.openbsd.org 2009/10/23 01:57:11 | ||
1456 | [sshconnect2.c] | ||
1457 | disallow a hostile server from checking jpake auth by sending an | ||
1458 | out-of-sequence success message. (doesn't affect code enabled by default) | ||
1459 | - dtucker@cvs.openbsd.org 2009/10/24 00:48:34 | ||
1460 | [ssh-keygen.1] | ||
1461 | ssh-keygen now uses AES-128 for private keys | ||
1462 | - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro. | ||
1463 | - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux | ||
1464 | is enabled set the security context to "sftpd_t" before running the | ||
1465 | internal sftp server Based on a patch from jchadima at redhat. | ||
1466 | |||
1467 | 20091011 | ||
1468 | - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for | ||
1469 | dirent d_type and DTTOIF as we've switched OpenBSD to the more portable | ||
1470 | lstat. | ||
1471 | - (dtucker) OpenBSD CVS Sync | ||
1472 | - markus@cvs.openbsd.org 2009/10/08 14:03:41 | ||
1473 | [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5] | ||
1474 | disable protocol 1 by default (after a transition period of about 10 years) | ||
1475 | ok deraadt | ||
1476 | - jmc@cvs.openbsd.org 2009/10/08 20:42:12 | ||
1477 | [sshd_config.5 ssh_config.5 sshd.8 ssh.1] | ||
1478 | some tweaks now that protocol 1 is not offered by default; ok markus | ||
1479 | - dtucker@cvs.openbsd.org 2009/10/11 10:41:26 | ||
1480 | [sftp-client.c] | ||
1481 | d_type isn't portable so use lstat to get dirent modes. Suggested by and | ||
1482 | "looks sane" deraadt@ | ||
1483 | - markus@cvs.openbsd.org 2009/10/08 18:04:27 | ||
1484 | [regress/test-exec.sh] | ||
1485 | re-enable protocol v1 for the tests. | ||
1486 | |||
1487 | 20091007 | ||
1488 | - (dtucker) OpenBSD CVS Sync | ||
1489 | - djm@cvs.openbsd.org 2009/08/12 00:13:00 | ||
1490 | [sftp.c sftp.1] | ||
1491 | support most of scp(1)'s commandline arguments in sftp(1), as a first | ||
1492 | step towards making sftp(1) a drop-in replacement for scp(1). | ||
1493 | One conflicting option (-P) has not been changed, pending further | ||
1494 | discussion. | ||
1495 | Patch from carlosvsilvapt@gmail.com as part of his work in the | ||
1496 | Google Summer of Code | ||
1497 | - jmc@cvs.openbsd.org 2009/08/12 06:31:42 | ||
1498 | [sftp.1] | ||
1499 | sort options; | ||
1500 | - djm@cvs.openbsd.org 2009/08/13 01:11:19 | ||
1501 | [sftp.1 sftp.c] | ||
1502 | Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path", | ||
1503 | add "-P port" to match scp(1). Fortunately, the -P option is only really | ||
1504 | used by our regression scripts. | ||
1505 | part of larger patch from carlosvsilvapt@gmail.com for his Google Summer | ||
1506 | of Code work; ok deraadt markus | ||
1507 | - jmc@cvs.openbsd.org 2009/08/13 13:39:54 | ||
1508 | [sftp.1 sftp.c] | ||
1509 | sync synopsis and usage(); | ||
1510 | - djm@cvs.openbsd.org 2009/08/14 18:17:49 | ||
1511 | [sftp-client.c] | ||
1512 | make the "get_handle: ..." error messages vaguely useful by allowing | ||
1513 | callers to specify their own error message strings. | ||
1514 | - fgsch@cvs.openbsd.org 2009/08/15 18:56:34 | ||
1515 | [auth.h] | ||
1516 | remove unused define. markus@ ok. | ||
1517 | (Id sync only, Portable still uses this.) | ||
1518 | - dtucker@cvs.openbsd.org 2009/08/16 23:29:26 | ||
1519 | [sshd_config.5] | ||
1520 | Add PubkeyAuthentication to the list allowed in a Match block (bz #1577) | ||
1521 | - djm@cvs.openbsd.org 2009/08/18 18:36:21 | ||
1522 | [sftp-client.h sftp.1 sftp-client.c sftp.c] | ||
1523 | recursive transfer support for get/put and on the commandline | ||
1524 | work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code | ||
1525 | with some tweaks by me; "go for it" deraadt@ | ||
1526 | - djm@cvs.openbsd.org 2009/08/18 21:15:59 | ||
1527 | [sftp.1] | ||
1528 | fix "get" command usage, spotted by jmc@ | ||
1529 | - jmc@cvs.openbsd.org 2009/08/19 04:56:03 | ||
1530 | [sftp.1] | ||
1531 | ether -> either; | ||
1532 | - dtucker@cvs.openbsd.org 2009/08/20 23:54:28 | ||
1533 | [mux.c] | ||
1534 | subsystem_flag is defined in ssh.c so it's extern; ok djm | ||
1535 | - djm@cvs.openbsd.org 2009/08/27 17:28:52 | ||
1536 | [sftp-server.c] | ||
1537 | allow setting an explicit umask on the commandline to override whatever | ||
1538 | default the user has. bz#1229; ok dtucker@ deraadt@ markus@ | ||
1539 | - djm@cvs.openbsd.org 2009/08/27 17:33:49 | ||
1540 | [ssh-keygen.c] | ||
1541 | force use of correct hash function for random-art signature display | ||
1542 | as it was inheriting the wrong one when bubblebabble signatures were | ||
1543 | activated; bz#1611 report and patch from fwojcik+openssh AT besh.com; | ||
1544 | ok markus@ | ||
1545 | - djm@cvs.openbsd.org 2009/08/27 17:43:00 | ||
1546 | [sftp-server.8] | ||
1547 | allow setting an explicit umask on the commandline to override whatever | ||
1548 | default the user has. bz#1229; ok dtucker@ deraadt@ markus@ | ||
1549 | - djm@cvs.openbsd.org 2009/08/27 17:44:52 | ||
1550 | [authfd.c ssh-add.c authfd.h] | ||
1551 | Do not fall back to adding keys without contraints (ssh-add -c / -t ...) | ||
1552 | when the agent refuses the constrained add request. This was a useful | ||
1553 | migration measure back in 2002 when constraints were new, but just | ||
1554 | adds risk now. | ||
1555 | bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@ | ||
1556 | - djm@cvs.openbsd.org 2009/08/31 20:56:02 | ||
1557 | [sftp-server.c] | ||
1558 | check correct variable for error message, spotted by martynas@ | ||
1559 | - djm@cvs.openbsd.org 2009/08/31 21:01:29 | ||
1560 | [sftp-server.8] | ||
1561 | document -e and -h; prodded by jmc@ | ||
1562 | - djm@cvs.openbsd.org 2009/09/01 14:43:17 | ||
1563 | [ssh-agent.c] | ||
1564 | fix a race condition in ssh-agent that could result in a wedged or | ||
1565 | spinning agent: don't read off the end of the allocated fd_sets, and | ||
1566 | don't issue blocking read/write on agent sockets - just fall back to | ||
1567 | select() on retriable read/write errors. bz#1633 reported and tested | ||
1568 | by "noodle10000 AT googlemail.com"; ok dtucker@ markus@ | ||
1569 | - grunk@cvs.openbsd.org 2009/10/01 11:37:33 | ||
1570 | [dh.c] | ||
1571 | fix a cast | ||
1572 | ok djm@ markus@ | ||
1573 | - djm@cvs.openbsd.org 2009/10/06 04:46:40 | ||
1574 | [session.c] | ||
1575 | bz#1596: fflush(NULL) before exec() to ensure that everying (motd | ||
1576 | in particular) has made it out before the streams go away. | ||
1577 | - djm@cvs.openbsd.org 2008/12/07 22:17:48 | ||
1578 | [regress/addrmatch.sh] | ||
1579 | match string "passwordauthentication" only at start of line, not anywhere | ||
1580 | in sshd -T output | ||
1581 | - dtucker@cvs.openbsd.org 2009/05/05 07:51:36 | ||
1582 | [regress/multiplex.sh] | ||
1583 | Always specify ssh_config for multiplex tests: prevents breakage caused | ||
1584 | by options in ~/.ssh/config. From Dan Peterson. | ||
1585 | - djm@cvs.openbsd.org 2009/08/13 00:57:17 | ||
1586 | [regress/Makefile] | ||
1587 | regression test for port number parsing. written as part of the a2port | ||
1588 | change that went into 5.2 but I forgot to commit it at the time... | ||
1589 | - djm@cvs.openbsd.org 2009/08/13 01:11:55 | ||
1590 | [regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh | ||
1591 | regress/sftp-cmds.sh regres/sftp-glob.sh] | ||
1592 | date: 2009/08/13 01:11:19; author: djm; state: Exp; lines: +10 -7 | ||
1593 | Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path", | ||
1594 | add "-P port" to match scp(1). Fortunately, the -P option is only really | ||
1595 | used by our regression scripts. | ||
1596 | part of larger patch from carlosvsilvapt@gmail.com for his Google Summer | ||
1597 | of Code work; ok deraadt markus | ||
1598 | - djm@cvs.openbsd.org 2009/08/20 18:43:07 | ||
1599 | [regress/ssh-com-sftp.sh] | ||
1600 | fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos | ||
1601 | Silva for Google Summer of Code | ||
1602 | - dtucker@cvs.openbsd.org 2009/10/06 23:51:49 | ||
1603 | [regress/ssh2putty.sh] | ||
1604 | Add OpenBSD tag to make syncs easier | ||
1605 | - (dtucker) [regress/portnum.sh] Import new test. | ||
1606 | - (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at | ||
1607 | least dragonflybsd. | ||
1608 | - (dtucker) d_type is not mandated by POSIX, so add fallback code using | ||
1609 | stat(), needed on at least cygwin. | ||
1610 | |||
1611 | 20091002 | ||
1612 | - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps. | ||
1613 | spotted by des AT des.no | ||
1614 | |||
1615 | 20090926 | ||
1616 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
1617 | [contrib/suse/openssh.spec] Update for release | ||
1618 | - (djm) [README] update relnotes URL | ||
1619 | - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere | ||
1620 | - (djm) Release 5.3p1 | ||
1621 | |||
1622 | 20090911 | ||
1623 | - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X | ||
1624 | 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch | ||
1625 | from jbasney at ncsa uiuc edu. | ||
1626 | |||
1627 | 20090908 | ||
1628 | - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port | ||
1629 | (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@ | ||
1630 | |||
1631 | 20090901 | ||
1632 | - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for | ||
1633 | krb5-config if it's not in the location specified by --with-kerberos5. | ||
1634 | Patch from jchadima at redhat. | ||
1635 | |||
1636 | 20090829 | ||
1637 | - (dtucker) [README.platform] Add text about development packages, based on | ||
1638 | text from Chris Pepper in bug #1631. | ||
1639 | |||
1640 | 20090828 | ||
1641 | - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently | ||
1642 | causes problems in some Tru64 configurations. | ||
1643 | - (djm) [sshd_config.5] downgrade mention of login.conf to be an example | ||
1644 | and mention PAM as another provider for ChallengeResponseAuthentication; | ||
1645 | bz#1408; ok dtucker@ | ||
1646 | - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when | ||
1647 | attempting atomic rename(); ok dtucker@ | ||
1648 | - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables | ||
1649 | in argv, so pass them in the environment; ok dtucker@ | ||
1650 | - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on | ||
1651 | the pty master on Solaris, since it never succeeds and can hang if large | ||
1652 | amounts of data is sent to the slave (eg a copy-paste). Based on a patch | ||
1653 | originally from Doke Scott, ok djm@ | ||
1654 | - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer | ||
1655 | size a compile-time option and set it to 64k on Cygwin, since Corinna | ||
1656 | reports that it makes a significant difference to performance. ok djm@ | ||
1657 | - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry. | ||
1658 | |||
1659 | 20090820 | ||
1660 | - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not | ||
1661 | using it since the type conflicts can cause problems on FreeBSD. Patch | ||
1662 | from Jonathan Chen. | ||
1663 | - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move | ||
1664 | the setpcred call on AIX to immediately before the permanently_set_uid(). | ||
1665 | Ensures that we still have privileges when we call chroot and | ||
1666 | pam_open_sesson. Based on a patch from David Leonard. | ||
1667 | |||
1668 | 20090817 | ||
1669 | - (dtucker) [configure.ac] Check for headers before libraries for openssl an | ||
1670 | zlib, which should make the errors slightly more meaningful on platforms | ||
1671 | where there's separate "-devel" packages for those. | ||
1672 | - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make | ||
1673 | PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders. | ||
1674 | |||
1675 | 20090729 | ||
1676 | - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error | ||
1677 | function. Patch from Corinna Vinschen. | ||
1678 | |||
1679 | 20090713 | ||
1680 | - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it | ||
1681 | fits into 16 bits to work around a bug in glibc's resolver where it masks | ||
1682 | off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob. | ||
1683 | |||
1684 | 20090712 | ||
1685 | - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, | ||
1686 | prevents configure complaining on older BSDs. | ||
1687 | - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch | ||
1688 | from Corinna Vinschen. | ||
1689 | - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on | ||
1690 | logout to after the session close. Patch from Anicka Bernathova, | ||
1691 | originally from Andreas Schwab via Novelll ok djm. | ||
1692 | |||
1693 | 20090707 | ||
1694 | - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated | ||
1695 | scripts and fix usage of eval. Patch from Corinna Vinschen. | ||
1696 | |||
1697 | 20090705 | ||
1698 | - (dtucker) OpenBSD CVS Sync | ||
1699 | - andreas@cvs.openbsd.org 2009/06/27 09:29:06 | ||
1700 | [packet.h packet.c] | ||
1701 | packet_bacup_state() and packet_restore_state() will be used to | ||
1702 | temporarily save the current state ren resuming a suspended connection. | ||
1703 | ok markus@ | ||
1704 | - andreas@cvs.openbsd.org 2009/06/27 09:32:43 | ||
1705 | [roaming_common.c roaming.h] | ||
1706 | It may be necessary to retransmit some data when resuming, so add it | ||
1707 | to a buffer when roaming is enabled. | ||
1708 | Most of this code was written by Martin Forssen, maf at appgate dot com. | ||
1709 | ok markus@ | ||
1710 | - andreas@cvs.openbsd.org 2009/06/27 09:35:06 | ||
1711 | [readconf.h readconf.c] | ||
1712 | Add client option UseRoaming. It doesn't do anything yet but will | ||
1713 | control whether the client tries to use roaming if enabled on the | ||
1714 | server. From Martin Forssen. | ||
1715 | ok markus@ | ||
1716 | - markus@cvs.openbsd.org 2009/06/30 14:54:40 | ||
1717 | [version.h] | ||
1718 | crank version; ok deraadt | ||
1719 | - dtucker@cvs.openbsd.org 2009/07/02 02:11:47 | ||
1720 | [ssh.c] | ||
1721 | allow for long home dir paths (bz #1615). ok deraadt | ||
1722 | (based in part on a patch from jchadima at redhat) | ||
1723 | - stevesk@cvs.openbsd.org 2009/07/05 19:28:33 | ||
1724 | [clientloop.c] | ||
1725 | only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@ | ||
1726 | ok deraadt@ markus@ | ||
1727 | |||
1728 | 20090622 | ||
1729 | - (dtucker) OpenBSD CVS Sync | ||
1730 | - dtucker@cvs.openbsd.org 2009/06/22 05:39:28 | ||
1731 | [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c] | ||
1732 | alphabetize includes; reduces diff vs portable and style(9). | ||
1733 | ok stevesk djm | ||
1734 | (Id sync only; these were already in order in -portable) | ||
1735 | |||
1736 | 20090621 | ||
1737 | - (dtucker) OpenBSD CVS Sync | ||
1738 | - markus@cvs.openbsd.org 2009/03/17 21:37:00 | ||
1739 | [ssh.c] | ||
1740 | pass correct argv[0] to openlog(); ok djm@ | ||
1741 | - jmc@cvs.openbsd.org 2009/03/19 15:15:09 | ||
1742 | [ssh.1] | ||
1743 | for "Ciphers", just point the reader to the keyword in ssh_config(5), just | ||
1744 | as we do for "MACs": this stops us getting out of sync when the lists | ||
1745 | change; | ||
1746 | fixes documentation/6102, submitted by Peter J. Philipp | ||
1747 | alternative fix proposed by djm | ||
1748 | ok markus | ||
1749 | - tobias@cvs.openbsd.org 2009/03/23 08:31:19 | ||
1750 | [ssh-agent.c] | ||
1751 | Fixed a possible out-of-bounds memory access if the environment variable | ||
1752 | SHELL is shorter than 3 characters. | ||
1753 | with input by and ok dtucker | ||
1754 | - tobias@cvs.openbsd.org 2009/03/23 19:38:04 | ||
1755 | [ssh-agent.c] | ||
1756 | My previous commit didn't fix the problem at all, so stick at my first | ||
1757 | version of the fix presented to dtucker. | ||
1758 | Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). | ||
1759 | ok dtucker | ||
1760 | - sobrado@cvs.openbsd.org 2009/03/26 08:38:39 | ||
1761 | [sftp-server.8 sshd.8 ssh-agent.1] | ||
1762 | fix a few typographical errors found by spell(1). | ||
1763 | ok dtucker@, jmc@ | ||
1764 | - stevesk@cvs.openbsd.org 2009/04/13 19:07:44 | ||
1765 | [sshd_config.5] | ||
1766 | fix possessive; ok djm@ | ||
1767 | - stevesk@cvs.openbsd.org 2009/04/14 16:33:42 | ||
1768 | [sftp-server.c] | ||
1769 | remove unused option character from getopt() optstring; ok markus@ | ||
1770 | - jj@cvs.openbsd.org 2009/04/14 21:10:54 | ||
1771 | [servconf.c] | ||
1772 | Fixed a few the-the misspellings in comments. Skipped a bunch in | ||
1773 | binutils,gcc and so on. ok jmc@ | ||
1774 | - stevesk@cvs.openbsd.org 2009/04/17 19:23:06 | ||
1775 | [session.c] | ||
1776 | use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; | ||
1777 | ok djm@ markus@ | ||
1778 | - stevesk@cvs.openbsd.org 2009/04/17 19:40:17 | ||
1779 | [sshd_config.5] | ||
1780 | clarify that even internal-sftp needs /dev/log for logging to work; ok | ||
1781 | markus@ | ||
1782 | - jmc@cvs.openbsd.org 2009/04/18 18:39:10 | ||
1783 | [sshd_config.5] | ||
1784 | tweak previous; ok stevesk | ||
1785 | - stevesk@cvs.openbsd.org 2009/04/21 15:13:17 | ||
1786 | [sshd_config.5] | ||
1787 | clarify we cd to user's home after chroot; ok markus@ on | ||
1788 | earlier version; tweaks and ok jmc@ | ||
1789 | - andreas@cvs.openbsd.org 2009/05/25 06:48:01 | ||
1790 | [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c | ||
1791 | monitor.c] | ||
1792 | Put the globals in packet.c into a struct and don't access it directly | ||
1793 | from other files. No functional changes. | ||
1794 | ok markus@ djm@ | ||
1795 | - andreas@cvs.openbsd.org 2009/05/27 06:31:25 | ||
1796 | [canohost.h canohost.c] | ||
1797 | Add clear_cached_addr(), needed for upcoming changes allowing the peer | ||
1798 | address to change. | ||
1799 | ok markus@ | ||
1800 | - andreas@cvs.openbsd.org 2009/05/27 06:33:39 | ||
1801 | [clientloop.c] | ||
1802 | Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger | ||
1803 | change from Martin Forssen, maf at appgate dot com. | ||
1804 | ok markus@ | ||
1805 | - andreas@cvs.openbsd.org 2009/05/27 06:34:36 | ||
1806 | [kex.c kex.h] | ||
1807 | Move the KEX_COOKIE_LEN define to kex.h | ||
1808 | ok markus@ | ||
1809 | - andreas@cvs.openbsd.org 2009/05/27 06:36:07 | ||
1810 | [packet.h packet.c] | ||
1811 | Add packet_put_int64() and packet_get_int64(), part of a larger change | ||
1812 | from Martin Forssen. | ||
1813 | ok markus@ | ||
1814 | - andreas@cvs.openbsd.org 2009/05/27 06:38:16 | ||
1815 | [sshconnect.h sshconnect.c] | ||
1816 | Un-static ssh_exchange_identification(), part of a larger change from | ||
1817 | Martin Forssen and needed for upcoming changes. | ||
1818 | ok markus@ | ||
1819 | - andreas@cvs.openbsd.org 2009/05/28 16:50:16 | ||
1820 | [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c | ||
1821 | monitor.c Added roaming.h roaming_common.c roaming_dummy.c] | ||
1822 | Keep track of number of bytes read and written. Needed for upcoming | ||
1823 | changes. Most code from Martin Forssen, maf at appgate dot com. | ||
1824 | ok markus@ | ||
1825 | Also, applied appropriate changes to Makefile.in | ||
1826 | - andreas@cvs.openbsd.org 2009/06/12 20:43:22 | ||
1827 | [monitor.c packet.c] | ||
1828 | Fix warnings found by chl@ and djm@ and change roaming_atomicio's | ||
1829 | return type to match atomicio's | ||
1830 | Diff from djm@, ok markus@ | ||
1831 | - andreas@cvs.openbsd.org 2009/06/12 20:58:32 | ||
1832 | [packet.c] | ||
1833 | Move some more statics into session_state | ||
1834 | ok markus@ djm@ | ||
1835 | - dtucker@cvs.openbsd.org 2009/06/21 07:37:15 | ||
1836 | [kexdhs.c kexgexs.c] | ||
1837 | abort if key_sign fails, preventing possible null deref. Based on report | ||
1838 | from Paolo Ganci, ok markus@ djm@ | ||
1839 | - dtucker@cvs.openbsd.org 2009/06/21 09:04:03 | ||
1840 | [roaming.h roaming_common.c roaming_dummy.c] | ||
1841 | Add tags for the benefit of the sync scripts | ||
1842 | Also: pull in the changes for 1.1->1.2 missed in the previous sync. | ||
1843 | - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and | ||
1844 | header-order changes to reduce diff vs OpenBSD. | ||
1845 | - (dtucker) [servconf.c sshd.c] More whitespace sync. | ||
1846 | - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include <inttypes.h> in | ||
1847 | ifdef. | ||
1848 | |||
1849 | 20090616 | ||
1850 | - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t | ||
1851 | is a struct with a __val member. Fixes build on, eg, Redhat 6.2. | ||
1852 | |||
1853 | 20090504 | ||
1854 | - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include | ||
1855 | variable declarations. Should prevent unused warnings anywhere it's set | ||
1856 | (only Crays as far as I can tell) and be a no-op everywhere else. | ||
1857 | |||
1858 | 20090318 | ||
1859 | - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem | ||
1860 | that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005. | ||
1861 | Based on patch from vinschen at redhat com. | ||
1862 | |||
1863 | 20090308 | ||
1864 | - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c | ||
1865 | auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} | ||
1866 | openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old | ||
1867 | version of Cygwin. Patch from vinschen at redhat com. | ||
1868 | |||
1869 | 20090307 | ||
1870 | - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it | ||
1871 | exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS | ||
1872 | has a /dev/random). | ||
1873 | - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add | ||
1874 | EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c | ||
1875 | to use them. Allows building with older OpenSSL versions. | ||
1876 | - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. | ||
1877 | - (dtucker) [configure.ac] Missing comma in type list. | ||
1878 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] | ||
1879 | EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg | ||
1880 | in openssl 0.9.6) so add an explicit test for it. | ||
1881 | |||
1882 | 20090306 | ||
1883 | - (djm) OpenBSD CVS Sync | ||
1884 | - djm@cvs.openbsd.org 2009/03/05 07:18:19 | ||
1885 | [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] | ||
1886 | [sshconnect2.c] | ||
1887 | refactor the (disabled) Schnorr proof code to make it a little more | ||
1888 | generally useful | ||
1889 | - djm@cvs.openbsd.org 2009/03/05 11:30:50 | ||
1890 | [uuencode.c] | ||
1891 | document what these functions do so I don't ever have to recuse into | ||
1892 | b64_pton/ntop to remember their return values | ||
1893 | |||
1894 | 20090223 | ||
1895 | - (djm) OpenBSD CVS Sync | ||
1896 | - djm@cvs.openbsd.org 2009/02/22 23:50:57 | ||
1897 | [ssh_config.5 sshd_config.5] | ||
1898 | don't advertise experimental options | ||
1899 | - djm@cvs.openbsd.org 2009/02/22 23:59:25 | ||
1900 | [sshd_config.5] | ||
1901 | missing period | ||
1902 | - djm@cvs.openbsd.org 2009/02/23 00:06:15 | ||
1903 | [version.h] | ||
1904 | openssh-5.2 | ||
1905 | - (djm) [README] update for 5.2 | ||
1906 | - (djm) Release openssh-5.2p1 | ||
1907 | |||
1908 | 20090222 | ||
1909 | - (djm) OpenBSD CVS Sync | ||
1910 | - tobias@cvs.openbsd.org 2009/02/21 19:32:04 | ||
1911 | [misc.c sftp-server-main.c ssh-keygen.c] | ||
1912 | Added missing newlines in error messages. | ||
1913 | ok dtucker | ||
1914 | |||
1915 | 20090221 | ||
1916 | - (djm) OpenBSD CVS Sync | ||
1917 | - djm@cvs.openbsd.org 2009/02/17 01:28:32 | ||
1918 | [ssh_config] | ||
1919 | sync with revised default ciphers; pointed out by dkrause@ | ||
1920 | - djm@cvs.openbsd.org 2009/02/18 04:31:21 | ||
1921 | [schnorr.c] | ||
1922 | signature should hash over the entire group, not just the generator | ||
1923 | (this is still disabled code) | ||
1924 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
1925 | [contrib/suse/openssh.spec] Prepare for 5.2p1 | ||
1926 | |||
1927 | 20090216 | ||
1928 | - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh] | ||
1929 | [regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled | ||
1930 | interop tests from FATAL error to a warning. Allows some interop | ||
1931 | tests to proceed if others are missing necessary prerequisites. | ||
1932 | - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolaris | ||
1933 | systems; patch from Aurelien Jarno via rmh AT aybabtu.com | ||
1934 | |||
1935 | 20090214 | ||
1936 | - (djm) OpenBSD CVS Sync | ||
1937 | - dtucker@cvs.openbsd.org 2009/02/02 11:15:14 | ||
1938 | [sftp.c] | ||
1939 | Initialize a few variables to prevent spurious "may be used | ||
1940 | uninitialized" warnings from newer gcc's. ok djm@ | ||
1941 | - djm@cvs.openbsd.org 2009/02/12 03:00:56 | ||
1942 | [canohost.c canohost.h channels.c channels.h clientloop.c readconf.c] | ||
1943 | [readconf.h serverloop.c ssh.c] | ||
1944 | support remote port forwarding with a zero listen port (-R0:...) to | ||
1945 | dyamically allocate a listen port at runtime (this is actually | ||
1946 | specified in rfc4254); bz#1003 ok markus@ | ||
1947 | - djm@cvs.openbsd.org 2009/02/12 03:16:01 | ||
1948 | [serverloop.c] | ||
1949 | tighten check for -R0:... forwarding: only allow dynamic allocation | ||
1950 | if want_reply is set in the packet | ||
1951 | - djm@cvs.openbsd.org 2009/02/12 03:26:22 | ||
1952 | [monitor.c] | ||
1953 | some paranoia: check that the serialised key is really KEY_RSA before | ||
1954 | diddling its internals | ||
1955 | - djm@cvs.openbsd.org 2009/02/12 03:42:09 | ||
1956 | [ssh.1] | ||
1957 | document -R0:... usage | ||
1958 | - djm@cvs.openbsd.org 2009/02/12 03:44:25 | ||
1959 | [ssh.1] | ||
1960 | consistency: Dq => Ql | ||
1961 | - djm@cvs.openbsd.org 2009/02/12 03:46:17 | ||
1962 | [ssh_config.5] | ||
1963 | document RemoteForward usage with 0 listen port | ||
1964 | - jmc@cvs.openbsd.org 2009/02/12 07:34:20 | ||
1965 | [ssh_config.5] | ||
1966 | kill trailing whitespace; | ||
1967 | - markus@cvs.openbsd.org 2009/02/13 11:50:21 | ||
1968 | [packet.c] | ||
1969 | check for enc !=NULL in packet_start_discard | ||
1970 | - djm@cvs.openbsd.org 2009/02/14 06:35:49 | ||
1971 | [PROTOCOL] | ||
1972 | mention that eow and no-more-sessions extensions are sent only to | ||
1973 | OpenSSH peers | ||
1974 | |||
1975 | 20090212 | ||
1976 | - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically | ||
1977 | set ownership and modes, so avoid explicitly setting them | ||
1978 | - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX. | ||
1979 | OSX provides a getlastlogxbyname function that automates the reading of | ||
1980 | a lastlog file. Also, the pututxline function will update lastlog so | ||
1981 | there is no need for loginrec.c to do it explicitly. Collapse some | ||
1982 | overly verbose code while I'm in there. | ||
1983 | |||
1984 | 20090201 | ||
1985 | - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed in | ||
1986 | channels.c too, so move the definition for non-IP6 platforms to defines.h | ||
1987 | where it can be shared. | ||
1988 | |||
1989 | 20090129 | ||
1990 | - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen. | ||
1991 | If the CYGWIN environment variable is empty, the installer script | ||
1992 | should not install the service with an empty CYGWIN variable, but | ||
1993 | rather without setting CYGWNI entirely. | ||
1994 | - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes. | ||
1995 | |||
1996 | 20090128 | ||
1997 | - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen. | ||
1998 | Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x. | ||
1999 | The information given for the setting of the CYGWIN environment variable | ||
2000 | is wrong for both releases so I just removed it, together with the | ||
2001 | unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting. | ||
2002 | |||
2003 | 20081228 | ||
2004 | - (djm) OpenBSD CVS Sync | ||
2005 | - stevesk@cvs.openbsd.org 2008/12/09 03:20:42 | ||
2006 | [channels.c servconf.c] | ||
2007 | channel_print_adm_permitted_opens() should deal with all the printing | ||
2008 | for that config option. suggested by markus@; ok markus@ djm@ | ||
2009 | dtucker@ | ||
2010 | - djm@cvs.openbsd.org 2008/12/09 04:32:22 | ||
2011 | [auth2-chall.c] | ||
2012 | replace by-hand string building with xasprinf(); ok deraadt@ | ||
2013 | - sobrado@cvs.openbsd.org 2008/12/09 15:35:00 | ||
2014 | [sftp.1 sftp.c] | ||
2015 | update for the synopses displayed by the 'help' command, there are a | ||
2016 | few missing flags; add 'bye' to the output of 'help'; sorting and spacing. | ||
2017 | jmc@ suggested replacing .Oo/.Oc with a single .Op macro. | ||
2018 | ok jmc@ | ||
2019 | - stevesk@cvs.openbsd.org 2008/12/09 22:37:33 | ||
2020 | [clientloop.c] | ||
2021 | fix typo in error message | ||
2022 | - stevesk@cvs.openbsd.org 2008/12/10 03:55:20 | ||
2023 | [addrmatch.c] | ||
2024 | o cannot be NULL here but use xfree() to be consistent; ok djm@ | ||
2025 | - stevesk@cvs.openbsd.org 2008/12/29 01:12:36 | ||
2026 | [ssh-keyscan.1] | ||
2027 | fix example, default key type is rsa for 3+ years; from | ||
2028 | frederic.perrin@resel.fr | ||
2029 | - stevesk@cvs.openbsd.org 2008/12/29 02:23:26 | ||
2030 | [pathnames.h] | ||
2031 | no need to escape single quotes in comments | ||
2032 | - okan@cvs.openbsd.org 2008/12/30 00:46:56 | ||
2033 | [sshd_config.5] | ||
2034 | add AllowAgentForwarding to available Match keywords list | ||
2035 | ok djm | ||
2036 | - djm@cvs.openbsd.org 2009/01/01 21:14:35 | ||
2037 | [channels.c] | ||
2038 | call channel destroy callbacks on receipt of open failure messages. | ||
2039 | fixes client hangs when connecting to a server that has MaxSessions=0 | ||
2040 | set spotted by imorgan AT nas.nasa.gov; ok markus@ | ||
2041 | - djm@cvs.openbsd.org 2009/01/01 21:17:36 | ||
2042 | [kexgexs.c] | ||
2043 | fix hash calculation for KEXGEX: hash over the original client-supplied | ||
2044 | values and not the sanity checked versions that we acutally use; | ||
2045 | bz#1540 reported by john.smith AT arrows.demon.co.uk | ||
2046 | ok markus@ | ||
2047 | - djm@cvs.openbsd.org 2009/01/14 01:38:06 | ||
2048 | [channels.c] | ||
2049 | support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482; | ||
2050 | "looks ok" markus@ | ||
2051 | - stevesk@cvs.openbsd.org 2009/01/15 17:38:43 | ||
2052 | [readconf.c] | ||
2053 | 1) use obsolete instead of alias for consistency | ||
2054 | 2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is | ||
2055 | so move the comment. | ||
2056 | 3) reorder so like options are together | ||
2057 | ok djm@ | ||
2058 | - djm@cvs.openbsd.org 2009/01/22 09:46:01 | ||
2059 | [channels.c channels.h session.c] | ||
2060 | make Channel->path an allocated string, saving a few bytes here and | ||
2061 | there and fixing bz#1380 in the process; ok markus@ | ||
2062 | - djm@cvs.openbsd.org 2009/01/22 09:49:57 | ||
2063 | [channels.c] | ||
2064 | oops! I committed the wrong version of the Channel->path diff, | ||
2065 | it was missing some tweaks suggested by stevesk@ | ||
2066 | - djm@cvs.openbsd.org 2009/01/22 10:02:34 | ||
2067 | [clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h] | ||
2068 | [serverloop.c ssh-keyscan.c ssh.c sshd.c] | ||
2069 | make a2port() return -1 when it encounters an invalid port number | ||
2070 | rather than 0, which it will now treat as valid (needed for future work) | ||
2071 | adjust current consumers of a2port() to check its return value is <= 0, | ||
2072 | which in turn required some things to be converted from u_short => int | ||
2073 | make use of int vs. u_short consistent in some other places too | ||
2074 | feedback & ok markus@ | ||
2075 | - djm@cvs.openbsd.org 2009/01/22 10:09:16 | ||
2076 | [auth-options.c] | ||
2077 | another chunk of a2port() diff that got away. wtfdjm?? | ||
2078 | - djm@cvs.openbsd.org 2009/01/23 07:58:11 | ||
2079 | [myproposal.h] | ||
2080 | prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC | ||
2081 | modes; ok markus@ | ||
2082 | - naddy@cvs.openbsd.org 2009/01/24 17:10:22 | ||
2083 | [ssh_config.5 sshd_config.5] | ||
2084 | sync list of preferred ciphers; ok djm@ | ||
2085 | - markus@cvs.openbsd.org 2009/01/26 09:58:15 | ||
2086 | [cipher.c cipher.h packet.c] | ||
2087 | Work around the CPNI-957037 Plaintext Recovery Attack by always | ||
2088 | reading 256K of data on packet size or HMAC errors (in CBC mode only). | ||
2089 | Help, feedback and ok djm@ | ||
2090 | Feedback from Martin Albrecht and Paterson Kenny | ||
2091 | |||
2092 | 20090107 | ||
2093 | - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X. | ||
2094 | Patch based on one from vgiffin AT apple.com; ok dtucker@ | ||
2095 | - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via | ||
2096 | launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked; | ||
2097 | ok dtucker@ | ||
2098 | - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make | ||
2099 | ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity" | ||
2100 | key). Patch from cjwatson AT debian.org | ||
2101 | |||
2102 | 20090107 | ||
2103 | - (tim) [configure.ac defines.h openbsd-compat/port-uw.c | ||
2104 | openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI. | ||
2105 | OK djm@ dtucker@ | ||
2106 | - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section. | ||
2107 | OpenServer 6 doesn't need libcrypt. | ||
2108 | |||
2109 | 20081209 | ||
2110 | - (djm) OpenBSD CVS Sync | ||
2111 | - djm@cvs.openbsd.org 2008/12/09 02:38:18 | ||
2112 | [clientloop.c] | ||
2113 | The ~C escape handler does not work correctly for multiplexed sessions - | ||
2114 | it opens a commandline on the master session, instead of on the slave | ||
2115 | that requested it. Disable it on slave sessions until such time as it | ||
2116 | is fixed; bz#1543 report from Adrian Bridgett via Colin Watson | ||
2117 | ok markus@ | ||
2118 | - djm@cvs.openbsd.org 2008/12/09 02:39:59 | ||
2119 | [sftp.c] | ||
2120 | Deal correctly with failures in remote stat() operation in sftp, | ||
2121 | correcting fail-on-error behaviour in batchmode. bz#1541 report and | ||
2122 | fix from anedvedicky AT gmail.com; ok markus@ | ||
2123 | - djm@cvs.openbsd.org 2008/12/09 02:58:16 | ||
2124 | [readconf.c] | ||
2125 | don't leave junk (free'd) pointers around in Forward *fwd argument on | ||
2126 | failure; avoids double-free in ~C -L handler when given an invalid | ||
2127 | forwarding specification; bz#1539 report from adejong AT debian.org | ||
2128 | via Colin Watson; ok markus@ dtucker@ | ||
2129 | - djm@cvs.openbsd.org 2008/12/09 03:02:37 | ||
2130 | [sftp.1 sftp.c] | ||
2131 | correct sftp(1) and corresponding usage syntax; | ||
2132 | bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@ | ||
2133 | |||
2134 | 20081208 | ||
2135 | - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually | ||
2136 | use some stack in main(). | ||
2137 | Report and suggested fix from vapier AT gentoo.org | ||
2138 | - (djm) OpenBSD CVS Sync | ||
2139 | - markus@cvs.openbsd.org 2008/12/02 19:01:07 | ||
2140 | [clientloop.c] | ||
2141 | we have to use the recipient's channel number (RFC 4254) for | ||
2142 | SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages, | ||
2143 | otherwise we trigger 'Non-public channel' error messages on sshd | ||
2144 | systems with clientkeepalive enabled; noticed by sturm; ok djm; | ||
2145 | - markus@cvs.openbsd.org 2008/12/02 19:08:59 | ||
2146 | [serverloop.c] | ||
2147 | backout 1.149, since it's not necessary and openssh clients send | ||
2148 | broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@ | ||
2149 | - markus@cvs.openbsd.org 2008/12/02 19:09:38 | ||
2150 | [channels.c] | ||
2151 | s/remote_id/id/ to be more consistent with other code; ok djm@ | ||
2152 | |||
2153 | 20081201 | ||
2154 | - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files | ||
2155 | and tweak the is-sshd-running check in ssh-host-config. Patch from | ||
2156 | vinschen at redhat com. | ||
2157 | - (dtucker) OpenBSD CVS Sync | ||
2158 | - markus@cvs.openbsd.org 2008/11/21 15:47:38 | ||
2159 | [packet.c] | ||
2160 | packet_disconnect() on padding error, too. should reduce the success | ||
2161 | probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18 | ||
2162 | ok djm@ | ||
2163 | - dtucker@cvs.openbsd.org 2008/11/30 11:59:26 | ||
2164 | [monitor_fdpass.c] | ||
2165 | Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@ | ||
2166 | |||
2167 | 20081123 | ||
2168 | - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some | ||
2169 | declarations, removing an unnecessary union member and adding whitespace. | ||
2170 | cmsgbuf.tmp thing spotted by des at des no, ok djm some time ago. | ||
2171 | |||
2172 | 20081118 | ||
2173 | - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id | ||
2174 | member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and | ||
2175 | feedback by djm@ | ||
2176 | |||
2177 | 20081111 | ||
2178 | - (dtucker) OpenBSD CVS Sync | ||
2179 | - jmc@cvs.openbsd.org 2008/11/05 11:22:54 | ||
2180 | [servconf.c] | ||
2181 | passord -> password; | ||
2182 | fixes user/5975 from Rene Maroufi | ||
2183 | - stevesk@cvs.openbsd.org 2008/11/07 00:42:12 | ||
2184 | [ssh-keygen.c] | ||
2185 | spelling/typo in comment | ||
2186 | - stevesk@cvs.openbsd.org 2008/11/07 18:50:18 | ||
2187 | [nchan.c] | ||
2188 | add space to some log/debug messages for readability; ok djm@ markus@ | ||
2189 | - dtucker@cvs.openbsd.org 2008/11/07 23:34:48 | ||
2190 | [auth2-jpake.c] | ||
2191 | Move JPAKE define to make life easier for portable. ok djm@ | ||
2192 | - tobias@cvs.openbsd.org 2008/11/09 12:34:47 | ||
2193 | [session.c ssh.1] | ||
2194 | typo fixed (overriden -> overridden) | ||
2195 | ok espie, jmc | ||
2196 | - stevesk@cvs.openbsd.org 2008/11/11 02:58:09 | ||
2197 | [servconf.c] | ||
2198 | USE_AFS not referenced so remove #ifdef. fixes sshd -T not printing | ||
2199 | kerberosgetafstoken. ok dtucker@ | ||
2200 | (Id sync only, we still want the ifdef in portable) | ||
2201 | - stevesk@cvs.openbsd.org 2008/11/11 03:55:11 | ||
2202 | [channels.c] | ||
2203 | for sshd -T print 'permitopen any' vs. 'permitopen' for case of no | ||
2204 | permitopen's; ok and input dtucker@ | ||
2205 | - djm@cvs.openbsd.org 2008/11/10 02:06:35 | ||
2206 | [regress/putty-ciphers.sh] | ||
2207 | PuTTY supports AES CTR modes, so interop test against them too | ||
2208 | |||
2209 | 20081105 | ||
2210 | - OpenBSD CVS Sync | ||
2211 | - djm@cvs.openbsd.org 2008/11/03 08:59:41 | ||
2212 | [servconf.c] | ||
2213 | include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov | ||
2214 | - djm@cvs.openbsd.org 2008/11/04 07:58:09 | ||
2215 | [auth.c] | ||
2216 | need unistd.h for close() prototype | ||
2217 | (ID sync only) | ||
2218 | - djm@cvs.openbsd.org 2008/11/04 08:22:13 | ||
2219 | [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h] | ||
2220 | [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5] | ||
2221 | [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c] | ||
2222 | [Makefile.in] | ||
2223 | Add support for an experimental zero-knowledge password authentication | ||
2224 | method using the J-PAKE protocol described in F. Hao, P. Ryan, | ||
2225 | "Password Authenticated Key Exchange by Juggling", 16th Workshop on | ||
2226 | Security Protocols, Cambridge, April 2008. | ||
2227 | |||
2228 | This method allows password-based authentication without exposing | ||
2229 | the password to the server. Instead, the client and server exchange | ||
2230 | cryptographic proofs to demonstrate of knowledge of the password while | ||
2231 | revealing nothing useful to an attacker or compromised endpoint. | ||
2232 | |||
2233 | This is experimental, work-in-progress code and is presently | ||
2234 | compiled-time disabled (turn on -DJPAKE in Makefile.inc). | ||
2235 | |||
2236 | "just commit it. It isn't too intrusive." deraadt@ | ||
2237 | - stevesk@cvs.openbsd.org 2008/11/04 19:18:00 | ||
2238 | [readconf.c] | ||
2239 | because parse_forward() is now used to parse all forward types (DLR), | ||
2240 | and it malloc's space for host variables, we don't need to malloc | ||
2241 | here. fixes small memory leaks. | ||
2242 | |||
2243 | previously dynamic forwards were not parsed in parse_forward() and | ||
2244 | space was not malloc'd in that case. | ||
2245 | |||
2246 | ok djm@ | ||
2247 | - stevesk@cvs.openbsd.org 2008/11/05 03:23:09 | ||
2248 | [clientloop.c ssh.1] | ||
2249 | add dynamic forward escape command line; ok djm@ | ||
2250 | |||
2251 | 20081103 | ||
2252 | - OpenBSD CVS Sync | ||
2253 | - sthen@cvs.openbsd.org 2008/07/24 23:55:30 | ||
2254 | [ssh-keygen.1] | ||
2255 | Add "ssh-keygen -F -l" to synopsis (displays fingerprint from | ||
2256 | known_hosts). ok djm@ | ||
2257 | - grunk@cvs.openbsd.org 2008/07/25 06:56:35 | ||
2258 | [ssh_config] | ||
2259 | Add VisualHostKey to example file, ok djm@ | ||
2260 | - grunk@cvs.openbsd.org 2008/07/25 07:05:16 | ||
2261 | [key.c] | ||
2262 | In random art visualization, make sure to use the end marker only at the | ||
2263 | end. Initial diff by Dirk Loss, tweaks and ok djm@ | ||
2264 | - markus@cvs.openbsd.org 2008/07/31 14:48:28 | ||
2265 | [sshconnect2.c] | ||
2266 | don't allocate space for empty banners; report t8m at centrum.cz; | ||
2267 | ok deraadt | ||
2268 | - krw@cvs.openbsd.org 2008/08/02 04:29:51 | ||
2269 | [ssh_config.5] | ||
2270 | whitepsace -> whitespace. From Matthew Clarke via bugs@. | ||
2271 | - djm@cvs.openbsd.org 2008/08/21 04:09:57 | ||
2272 | [session.c] | ||
2273 | allow ForceCommand internal-sftp with arguments. based on patch from | ||
2274 | michael.barabanov AT gmail.com; ok markus@ | ||
2275 | - djm@cvs.openbsd.org 2008/09/06 12:24:13 | ||
2276 | [kex.c] | ||
2277 | OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our | ||
2278 | replacement anymore | ||
2279 | (ID sync only for portable - we still need this) | ||
2280 | - markus@cvs.openbsd.org 2008/09/11 14:22:37 | ||
2281 | [compat.c compat.h nchan.c ssh.c] | ||
2282 | only send eow and no-more-sessions requests to openssh 5 and newer; | ||
2283 | fixes interop problems with broken ssh v2 implementations; ok djm@ | ||
2284 | - millert@cvs.openbsd.org 2008/10/02 14:39:35 | ||
2285 | [session.c] | ||
2286 | Convert an unchecked strdup to xstrdup. OK deraadt@ | ||
2287 | - jmc@cvs.openbsd.org 2008/10/03 13:08:12 | ||
2288 | [sshd.8] | ||
2289 | do not give an example of how to chmod files: we can presume the user | ||
2290 | knows that. removes an ambiguity in the permission of authorized_keys; | ||
2291 | ok deraadt | ||
2292 | - deraadt@cvs.openbsd.org 2008/10/03 23:56:28 | ||
2293 | [sshconnect2.c] | ||
2294 | Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the | ||
2295 | function. | ||
2296 | spotted by des@freebsd, who commited an incorrect fix to the freebsd tree | ||
2297 | and (as is fairly typical) did not report the problem to us. But this fix | ||
2298 | is correct. | ||
2299 | ok djm | ||
2300 | - djm@cvs.openbsd.org 2008/10/08 23:34:03 | ||
2301 | [ssh.1 ssh.c] | ||
2302 | Add -y option to force logging via syslog rather than stderr. | ||
2303 | Useful for daemonised ssh connection (ssh -f). Patch originally from | ||
2304 | and ok'd by markus@ | ||
2305 | - djm@cvs.openbsd.org 2008/10/09 03:50:54 | ||
2306 | [servconf.c sshd_config.5] | ||
2307 | support setting PermitEmptyPasswords in a Match block | ||
2308 | requested in PR3891; ok dtucker@ | ||
2309 | - jmc@cvs.openbsd.org 2008/10/09 06:54:22 | ||
2310 | [ssh.c] | ||
2311 | add -y to usage(); | ||
2312 | - stevesk@cvs.openbsd.org 2008/10/10 04:55:16 | ||
2313 | [scp.c] | ||
2314 | spelling in comment; ok djm@ | ||
2315 | - stevesk@cvs.openbsd.org 2008/10/10 05:00:12 | ||
2316 | [key.c] | ||
2317 | typo in error message; ok djm@ | ||
2318 | - stevesk@cvs.openbsd.org 2008/10/10 16:43:27 | ||
2319 | [ssh_config.5] | ||
2320 | use 'Privileged ports can be forwarded only when logging in as root on | ||
2321 | the remote machine.' for RemoteForward just like ssh.1 -R. | ||
2322 | ok djm@ jmc@ | ||
2323 | - stevesk@cvs.openbsd.org 2008/10/14 18:11:33 | ||
2324 | [sshconnect.c] | ||
2325 | use #define ROQUIET here; no binary change. ok dtucker@ | ||
2326 | - stevesk@cvs.openbsd.org 2008/10/17 18:36:24 | ||
2327 | [ssh_config.5] | ||
2328 | correct and clarify VisualHostKey; ok jmc@ | ||
2329 | - stevesk@cvs.openbsd.org 2008/10/30 19:31:16 | ||
2330 | [clientloop.c sshd.c] | ||
2331 | don't need to #include "monitor_fdpass.h" | ||
2332 | - stevesk@cvs.openbsd.org 2008/10/31 15:05:34 | ||
2333 | [dispatch.c] | ||
2334 | remove unused #define DISPATCH_MIN; ok markus@ | ||
2335 | - djm@cvs.openbsd.org 2008/11/01 04:50:08 | ||
2336 | [sshconnect2.c] | ||
2337 | sprinkle ARGSUSED on dispatch handlers | ||
2338 | nuke stale unusued prototype | ||
2339 | - stevesk@cvs.openbsd.org 2008/11/01 06:43:33 | ||
2340 | [channels.c] | ||
2341 | fix some typos in log messages; ok djm@ | ||
2342 | - sobrado@cvs.openbsd.org 2008/11/01 11:14:36 | ||
2343 | [ssh-keyscan.1 ssh-keyscan.c] | ||
2344 | the ellipsis is not an optional argument; while here, improve spacing. | ||
2345 | - stevesk@cvs.openbsd.org 2008/11/01 17:40:33 | ||
2346 | [clientloop.c readconf.c readconf.h ssh.c] | ||
2347 | merge dynamic forward parsing into parse_forward(); | ||
2348 | 'i think this is OK' djm@ | ||
2349 | - stevesk@cvs.openbsd.org 2008/11/02 00:16:16 | ||
2350 | [ttymodes.c] | ||
2351 | protocol 2 tty modes support is now 7.5 years old so remove these | ||
2352 | debug3()s; ok deraadt@ | ||
2353 | - stevesk@cvs.openbsd.org 2008/11/03 01:07:02 | ||
2354 | [readconf.c] | ||
2355 | remove valueless comment | ||
2356 | - stevesk@cvs.openbsd.org 2008/11/03 02:44:41 | ||
2357 | [readconf.c] | ||
2358 | fix comment | ||
2359 | - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd] | ||
2360 | Make example scripts generate keys with default sizes rather than fixed, | ||
2361 | non-default 1024 bits; patch from imorgan AT nas.nasa.gov | ||
2362 | - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam] | ||
2363 | [contrib/redhat/sshd.pam] Move pam_nologin to account group from | ||
2364 | incorrect auth group in example files; | ||
2365 | patch from imorgan AT nas.nasa.gov | ||
2366 | |||
2367 | 20080906 | ||
2368 | - (dtucker) [config.guess config.sub] Update to latest versions from | ||
2369 | http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16 | ||
2370 | respectively). | ||
2371 | |||
2372 | 20080830 | ||
2373 | - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs | ||
2374 | larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd). Patch | ||
2375 | from Nicholas Marriott. | ||
2376 | |||
2377 | 20080721 | ||
2378 | - (djm) OpenBSD CVS Sync | ||
2379 | - djm@cvs.openbsd.org 2008/07/23 07:36:55 | ||
2380 | [servconf.c] | ||
2381 | do not try to print options that have been compile-time disabled | ||
2382 | in config test mode (sshd -T); report from nix-corp AT esperi.org.uk | ||
2383 | ok dtucker@ | ||
2384 | - (djm) [servconf.c] Print UsePAM option in config test mode (when it | ||
2385 | has been compiled in); report from nix-corp AT esperi.org.uk | ||
2386 | ok dtucker@ | ||
2387 | |||
2388 | 20080721 | ||
2389 | - (djm) OpenBSD CVS Sync | ||
2390 | - jmc@cvs.openbsd.org 2008/07/18 22:51:01 | ||
2391 | [sftp-server.8] | ||
2392 | no need for .Pp before or after .Sh; | ||
2393 | - djm@cvs.openbsd.org 2008/07/21 08:19:07 | ||
2394 | [version.h] | ||
2395 | openssh-5.1 | ||
2396 | - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
2397 | [contrib/suse/openssh.spec] Update version number in README and RPM specs | ||
2398 | - (djm) Release OpenSSH-5.1 | ||
2399 | |||
2400 | 20080717 | ||
2401 | - (djm) OpenBSD CVS Sync | ||
2402 | - djm@cvs.openbsd.org 2008/07/17 08:48:00 | ||
2403 | [sshconnect2.c] | ||
2404 | strnvis preauth banner; pointed out by mpf@ ok markus@ | ||
2405 | - djm@cvs.openbsd.org 2008/07/17 08:51:07 | ||
2406 | [auth2-hostbased.c] | ||
2407 | strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes | ||
2408 | report and patch from res AT qoxp.net (bz#1200); ok markus@ | ||
2409 | - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Remove long-unneeded compat | ||
2410 | code, replace with equivalent cygwin library call. Patch from vinschen | ||
2411 | at redhat.com, ok djm@. | ||
2412 | - (djm) [sshconnect2.c] vis.h isn't available everywhere | ||
2413 | |||
2414 | 20080716 | ||
2415 | - OpenBSD CVS Sync | ||
2416 | - djm@cvs.openbsd.org 2008/07/15 02:23:14 | ||
2417 | [sftp.1] | ||
2418 | number of pipelined requests is now 64; | ||
2419 | prodded by Iain.Morgan AT nasa.gov | ||
2420 | - djm@cvs.openbsd.org 2008/07/16 11:51:14 | ||
2421 | [clientloop.c] | ||
2422 | rename variable first_gc -> last_gc (since it is actually the last | ||
2423 | in the list). | ||
2424 | - djm@cvs.openbsd.org 2008/07/16 11:52:19 | ||
2425 | [channels.c] | ||
2426 | this loop index should be automatic, not static | ||
2427 | |||
2428 | 20080714 | ||
2429 | - (djm) OpenBSD CVS Sync | ||
2430 | - sthen@cvs.openbsd.org 2008/07/13 21:22:52 | ||
2431 | [ssh-keygen.c] | ||
2432 | Change "ssh-keygen -F [host] -l" to not display random art unless | ||
2433 | -v is also specified, making it consistent with the manual and other | ||
2434 | uses of -l. | ||
2435 | ok grunk@ | ||
2436 | - djm@cvs.openbsd.org 2008/07/13 22:13:07 | ||
2437 | [channels.c] | ||
2438 | use struct sockaddr_storage instead of struct sockaddr for accept(2) | ||
2439 | address argument. from visibilis AT yahoo.com in bz#1485; ok markus@ | ||
2440 | - djm@cvs.openbsd.org 2008/07/13 22:16:03 | ||
2441 | [sftp.c] | ||
2442 | increase number of piplelined requests so they properly fill the | ||
2443 | (recently increased) channel window. prompted by rapier AT psc.edu; | ||
2444 | ok markus@ | ||
2445 | - djm@cvs.openbsd.org 2008/07/14 01:55:56 | ||
2446 | [sftp-server.8] | ||
2447 | mention requirement for /dev/log inside chroot when using sftp-server | ||
2448 | with ChrootDirectory | ||
2449 | - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to | ||
2450 | avoid clash with sin(3) function; reported by | ||
2451 | cristian.ionescu-idbohrn AT axis.com | ||
2452 | - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close() | ||
2453 | prototype; reported by cristian.ionescu-idbohrn AT axis.com | ||
2454 | - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash; | ||
2455 | reported by cristian.ionescu-idbohrn AT axis.com | ||
2456 | - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config] | ||
2457 | [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd] | ||
2458 | Revamped and simplified Cygwin ssh-host-config script that uses | ||
2459 | unified csih configuration tool. Requires recent Cygwin. | ||
2460 | Patch from vinschen AT redhat.com | ||
2461 | |||
2462 | 20080712 | ||
2463 | - (djm) OpenBSD CVS Sync | ||
2464 | - djm@cvs.openbsd.org 2008/07/12 04:52:50 | ||
2465 | [channels.c] | ||
2466 | unbreak; move clearing of cctx struct to before first use | ||
2467 | reported by dkrause@ | ||
2468 | - djm@cvs.openbsd.org 2008/07/12 05:33:41 | ||
2469 | [scp.1] | ||
2470 | better description for -i flag: | ||
2471 | s/RSA authentication/public key authentication/ | ||
2472 | - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h] | ||
2473 | return EAI_FAMILY when trying to lookup unsupported address family; | ||
2474 | from vinschen AT redhat.com | ||
2475 | |||
2476 | 20080711 | ||
2477 | - (djm) OpenBSD CVS Sync | ||
2478 | - stevesk@cvs.openbsd.org 2008/07/07 00:31:41 | ||
2479 | [ttymodes.c] | ||
2480 | we don't need arg after the debug3() was removed. from lint. | ||
2481 | ok djm@ | ||
2482 | - stevesk@cvs.openbsd.org 2008/07/07 23:32:51 | ||
2483 | [key.c] | ||
2484 | /*NOTREACHED*/ for lint warning: | ||
2485 | warning: function key_equal falls off bottom without returning value | ||
2486 | ok djm@ | ||
2487 | - markus@cvs.openbsd.org 2008/07/10 18:05:58 | ||
2488 | [channels.c] | ||
2489 | missing bzero; from mickey; ok djm@ | ||
2490 | - markus@cvs.openbsd.org 2008/07/10 18:08:11 | ||
2491 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c] | ||
2492 | sync v1 and v2 traffic accounting; add it to sshd, too; | ||
2493 | ok djm@, dtucker@ | ||
2494 | |||
2495 | 20080709 | ||
2496 | - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass | ||
2497 | - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM | ||
2498 | account check failure path. The vulnerable format buffer is supplied | ||
2499 | from PAM and should not contain attacker-supplied data. | ||
2500 | - (djm) [auth.c] Missing unistd.h for close() | ||
2501 | - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x | ||
2502 | |||
2503 | 20080705 | ||
2504 | - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed | ||
2505 | passwords disabled. bz#1083 report & patch from senthilkumar_sen AT | ||
2506 | hotpop.com, w/ dtucker@ | ||
2507 | - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for | ||
2508 | Tru64. readv doesn't seem to be a comparable object there. | ||
2509 | bz#1386, patch from dtucker@ ok me | ||
2510 | - (djm) [Makefile.in] Pass though pass to conch for interop tests | ||
2511 | - (djm) [configure.ac] unbreak: remove extra closing brace | ||
2512 | - (djm) OpenBSD CVS Sync | ||
2513 | - djm@cvs.openbsd.org 2008/07/04 23:08:25 | ||
2514 | [packet.c] | ||
2515 | handle EINTR in packet_write_poll()l ok dtucker@ | ||
2516 | - djm@cvs.openbsd.org 2008/07/04 23:30:16 | ||
2517 | [auth1.c auth2.c] | ||
2518 | Make protocol 1 MaxAuthTries logic match protocol 2's. | ||
2519 | Do not treat the first protocol 2 authentication attempt as | ||
2520 | a failure IFF it is for method "none". | ||
2521 | Makes MaxAuthTries' user-visible behaviour identical for | ||
2522 | protocol 1 vs 2. | ||
2523 | ok dtucker@ | ||
2524 | - djm@cvs.openbsd.org 2008/07/05 05:16:01 | ||
2525 | [PROTOCOL] | ||
2526 | grammar | ||
2527 | |||
2528 | 20080704 | ||
2529 | - (dtucker) OpenBSD CVS Sync | ||
2530 | - djm@cvs.openbsd.org 2008/07/02 13:30:34 | ||
2531 | [auth2.c] | ||
2532 | really really remove the freebie "none" auth try for protocol 2 | ||
2533 | - djm@cvs.openbsd.org 2008/07/02 13:47:39 | ||
2534 | [ssh.1 ssh.c] | ||
2535 | When forking after authentication ("ssh -f") with ExitOnForwardFailure | ||
2536 | enabled, delay the fork until after replies for any -R forwards have | ||
2537 | been seen. Allows for robust detection of -R forward failure when | ||
2538 | using -f (similar to bz#92); ok dtucker@ | ||
2539 | - otto@cvs.openbsd.org 2008/07/03 21:46:58 | ||
2540 | [auth2-pubkey.c] | ||
2541 | avoid nasty double free; ok dtucker@ djm@ | ||
2542 | - djm@cvs.openbsd.org 2008/07/04 03:44:59 | ||
2543 | [servconf.c groupaccess.h groupaccess.c] | ||
2544 | support negation of groups in "Match group" block (bz#1315); ok dtucker@ | ||
2545 | - dtucker@cvs.openbsd.org 2008/07/04 03:47:02 | ||
2546 | [monitor.c] | ||
2547 | Make debug a little clearer. ok djm@ | ||
2548 | - djm@cvs.openbsd.org 2008/06/30 08:07:34 | ||
2549 | [regress/key-options.sh] | ||
2550 | shell portability: use "=" instead of "==" in test(1) expressions, | ||
2551 | double-quote string with backslash escaped / | ||
2552 | - djm@cvs.openbsd.org 2008/06/30 10:31:11 | ||
2553 | [regress/{putty-transfer,putty-kex,putty-ciphers}.sh] | ||
2554 | remove "set -e" left over from debugging | ||
2555 | - djm@cvs.openbsd.org 2008/06/30 10:43:03 | ||
2556 | [regress/conch-ciphers.sh] | ||
2557 | explicitly disable conch options that could interfere with the test | ||
2558 | - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link | ||
2559 | returns EXDEV. Patch from Mike Garrison, ok djm@ | ||
2560 | - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h] | ||
2561 | [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c] | ||
2562 | [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on | ||
2563 | some platforms (HP nonstop) it is a distinct errno; | ||
2564 | bz#1467 reported by sconeu AT yahoo.com; ok dtucker@ | ||
2565 | |||
2566 | 20080702 | ||
2567 | - (dtucker) OpenBSD CVS Sync | ||
2568 | - djm@cvs.openbsd.org 2008/06/30 08:05:59 | ||
2569 | [PROTOCOL.agent] | ||
2570 | typo: s/constraint_date/constraint_data/ | ||
2571 | - djm@cvs.openbsd.org 2008/06/30 12:15:39 | ||
2572 | [serverloop.c] | ||
2573 | only pass channel requests on session channels through to the session | ||
2574 | channel handler, avoiding spurious log messages; ok! markus@ | ||
2575 | - djm@cvs.openbsd.org 2008/06/30 12:16:02 | ||
2576 | [nchan.c] | ||
2577 | only send eow@openssh.com notifications for session channels; ok! markus@ | ||
2578 | - djm@cvs.openbsd.org 2008/06/30 12:18:34 | ||
2579 | [PROTOCOL] | ||
2580 | clarify that eow@openssh.com is only sent on session channels | ||
2581 | - dtucker@cvs.openbsd.org 2008/07/01 07:20:52 | ||
2582 | [sshconnect.c] | ||
2583 | Check ExitOnForwardFailure if forwardings are disabled due to a failed | ||
2584 | host key check. ok djm@ | ||
2585 | - dtucker@cvs.openbsd.org 2008/07/01 07:24:22 | ||
2586 | [sshconnect.c sshd.c] | ||
2587 | Send CR LF during protocol banner exchanges, but only for Protocol 2 only, | ||
2588 | in order to comply with RFC 4253. bz #1443, ok djm@ | ||
2589 | - stevesk@cvs.openbsd.org 2008/07/01 23:12:47 | ||
2590 | [PROTOCOL.agent] | ||
2591 | fix some typos; ok djm@ | ||
2592 | - djm@cvs.openbsd.org 2008/07/02 02:24:18 | ||
2593 | [sshd_config sshd_config.5 sshd.8 servconf.c] | ||
2594 | increase default size of ssh protocol 1 ephemeral key from 768 to 1024 | ||
2595 | bits; prodded by & ok dtucker@ ok deraadt@ | ||
2596 | - dtucker@cvs.openbsd.org 2008/07/02 12:03:51 | ||
2597 | [auth-rsa.c auth.c auth2-pubkey.c auth.h] | ||
2598 | Merge duplicate host key file checks, based in part on a patch from Rob | ||
2599 | Holland via bz #1348 . Also checks for non-regular files during protocol | ||
2600 | 1 RSA auth. ok djm@ | ||
2601 | - djm@cvs.openbsd.org 2008/07/02 12:36:39 | ||
2602 | [auth2-none.c auth2.c] | ||
2603 | Make protocol 2 MaxAuthTries behaviour a little more sensible: | ||
2604 | Check whether client has exceeded MaxAuthTries before running | ||
2605 | an authentication method and skip it if they have, previously it | ||
2606 | would always allow one try (for "none" auth). | ||
2607 | Preincrement failure count before post-auth test - previously this | ||
2608 | checked and postincremented, also to allow one "none" try. | ||
2609 | Together, these two changes always count the "none" auth method | ||
2610 | which could be skipped by a malicious client (e.g. an SSH worm) | ||
2611 | to get an extra attempt at a real auth method. They also make | ||
2612 | MaxAuthTries=0 a useful way to block users entirely (esp. in a | ||
2613 | sshd_config Match block). | ||
2614 | Also, move sending of any preauth banner from "none" auth method | ||
2615 | to the first call to input_userauth_request(), so worms that skip | ||
2616 | the "none" method get to see it too. | ||
2617 | |||
2618 | 20080630 | ||
2619 | - (djm) OpenBSD CVS Sync | ||
2620 | - dtucker@cvs.openbsd.org 2008/06/10 23:13:43 | ||
2621 | [regress/Makefile regress/key-options.sh] | ||
2622 | Add regress test for key options. ok djm@ | ||
2623 | - dtucker@cvs.openbsd.org 2008/06/11 23:11:40 | ||
2624 | [regress/Makefile] | ||
2625 | Don't run cipher-speed test by default; mistakenly enabled by me | ||
2626 | - djm@cvs.openbsd.org 2008/06/28 13:57:25 | ||
2627 | [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh] | ||
2628 | very basic regress test against Twisted Conch in "make interop" | ||
2629 | target (conch is available in ports/devel/py-twisted/conch); | ||
2630 | ok markus@ | ||
2631 | - (djm) [regress/Makefile] search for conch by path, like we do putty | ||
2632 | |||
2633 | 20080629 | ||
2634 | - (djm) OpenBSD CVS Sync | ||
2635 | - martynas@cvs.openbsd.org 2008/06/21 07:46:46 | ||
2636 | [sftp.c] | ||
2637 | use optopt to get invalid flag, instead of return value of getopt, | ||
2638 | which is always '?'; ok djm@ | ||
2639 | - otto@cvs.openbsd.org 2008/06/25 11:13:43 | ||
2640 | [key.c] | ||
2641 | add key length to visual fingerprint; zap magical constants; | ||
2642 | ok grunk@ djm@ | ||
2643 | - djm@cvs.openbsd.org 2008/06/26 06:10:09 | ||
2644 | [sftp-client.c sftp-server.c] | ||
2645 | allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky | ||
2646 | bits. Note that this only affects explicit setting of modes (e.g. via | ||
2647 | sftp(1)'s chmod command) and not file transfers. (bz#1310) | ||
2648 | ok deraadt@ at c2k8 | ||
2649 | - djm@cvs.openbsd.org 2008/06/26 09:19:40 | ||
2650 | [dh.c dh.h moduli.c] | ||
2651 | when loading moduli from /etc/moduli in sshd(8), check that they | ||
2652 | are of the expected "safe prime" structure and have had | ||
2653 | appropriate primality tests performed; | ||
2654 | feedback and ok dtucker@ | ||
2655 | - grunk@cvs.openbsd.org 2008/06/26 11:46:31 | ||
2656 | [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c] | ||
2657 | Move SSH Fingerprint Visualization away from sharing the config option | ||
2658 | CheckHostIP to an own config option named VisualHostKey. | ||
2659 | While there, fix the behaviour that ssh would draw a random art picture | ||
2660 | on every newly seen host even when the option was not enabled. | ||
2661 | prodded by deraadt@, discussions, | ||
2662 | help and ok markus@ djm@ dtucker@ | ||
2663 | - jmc@cvs.openbsd.org 2008/06/26 21:11:46 | ||
2664 | [ssh.1] | ||
2665 | add VisualHostKey to the list of options listed in -o; | ||
2666 | - djm@cvs.openbsd.org 2008/06/28 07:25:07 | ||
2667 | [PROTOCOL] | ||
2668 | spelling fixes | ||
2669 | - djm@cvs.openbsd.org 2008/06/28 13:58:23 | ||
2670 | [ssh-agent.c] | ||
2671 | refuse to add a key that has unknown constraints specified; | ||
2672 | ok markus | ||
2673 | - djm@cvs.openbsd.org 2008/06/28 14:05:15 | ||
2674 | [ssh-agent.c] | ||
2675 | reset global compat flag after processing a protocol 2 signature | ||
2676 | request with the legacy DSA encoding flag set; ok markus | ||
2677 | - djm@cvs.openbsd.org 2008/06/28 14:08:30 | ||
2678 | [PROTOCOL PROTOCOL.agent] | ||
2679 | document the protocol used by ssh-agent; "looks ok" markus@ | ||
2680 | |||
2681 | 20080628 | ||
2682 | - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec] | ||
2683 | RFC.nroff lacks a license, remove it (it is long gone in OpenBSD). | ||
2684 | |||
2685 | 20080626 | ||
2686 | - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD. | ||
2687 | (bz#1372) | ||
2688 | - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
2689 | [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files. | ||
2690 | |||
2691 | 20080616 | ||
2692 | - (dtucker) OpenBSD CVS Sync | ||
2693 | - dtucker@cvs.openbsd.org 2008/06/16 13:22:53 | ||
2694 | [session.c channels.c] | ||
2695 | Rename the isatty argument to is_tty so we don't shadow | ||
2696 | isatty(3). ok markus@ | ||
2697 | - (dtucker) [channels.c] isatty -> is_tty here too. | ||
2698 | |||
2699 | 20080615 | ||
2700 | - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc. | ||
2701 | - OpenBSD CVS Sync | ||
2702 | - dtucker@cvs.openbsd.org 2008/06/14 15:49:48 | ||
2703 | [sshd.c] | ||
2704 | wrap long line at 80 chars | ||
2705 | - dtucker@cvs.openbsd.org 2008/06/14 17:07:11 | ||
2706 | [sshd.c] | ||
2707 | ensure default umask disallows at least group and world write; ok djm@ | ||
2708 | - djm@cvs.openbsd.org 2008/06/14 18:33:43 | ||
2709 | [session.c] | ||
2710 | suppress the warning message from chdir(homedir) failures | ||
2711 | when chrooted (bz#1461); ok dtucker | ||
2712 | - dtucker@cvs.openbsd.org 2008/06/14 19:42:10 | ||
2713 | [scp.1] | ||
2714 | Mention that scp follows symlinks during -r. bz #1466, | ||
2715 | from nectar at apple | ||
2716 | - dtucker@cvs.openbsd.org 2008/06/15 16:55:38 | ||
2717 | [sshd_config.5] | ||
2718 | MaxSessions is allowed in a Match block too | ||
2719 | - dtucker@cvs.openbsd.org 2008/06/15 16:58:40 | ||
2720 | [servconf.c sshd_config.5] | ||
2721 | Allow MaxAuthTries within a Match block. ok djm@ | ||
2722 | - djm@cvs.openbsd.org 2008/06/15 20:06:26 | ||
2723 | [channels.c channels.h session.c] | ||
2724 | don't call isatty() on a pty master, instead pass a flag down to | ||
2725 | channel_set_fds() indicating that te fds refer to a tty. Fixes a | ||
2726 | hang on exit on Solaris (bz#1463) in portable but is actually | ||
2727 | a generic bug; ok dtucker deraadt markus | ||
2728 | |||
2729 | 20080614 | ||
2730 | - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction | ||
2731 | replacement code; patch from ighighi AT gmail.com in bz#1240; | ||
2732 | ok dtucker | ||
2733 | |||
2734 | 20080613 | ||
2735 | - (dtucker) OpenBSD CVS Sync | ||
2736 | - deraadt@cvs.openbsd.org 2008/06/13 09:44:36 | ||
2737 | [packet.c] | ||
2738 | compile on older gcc; no decl after code | ||
2739 | - dtucker@cvs.openbsd.org 2008/06/13 13:56:59 | ||
2740 | [monitor.c] | ||
2741 | Clear key options in the monitor on failed authentication, prevents | ||
2742 | applying additional restrictions to non-pubkey authentications in | ||
2743 | the case where pubkey fails but another method subsequently succeeds. | ||
2744 | bz #1472, found by Colin Watson, ok markus@ djm@ | ||
2745 | - dtucker@cvs.openbsd.org 2008/06/13 14:18:51 | ||
2746 | [auth2-pubkey.c auth-rhosts.c] | ||
2747 | Include unistd.h for close(), prevents warnings in -portable | ||
2748 | - dtucker@cvs.openbsd.org 2008/06/13 17:21:20 | ||
2749 | [mux.c] | ||
2750 | Friendlier error messages for mux fallback. ok djm@ | ||
2751 | - dtucker@cvs.openbsd.org 2008/06/13 18:55:22 | ||
2752 | [scp.c] | ||
2753 | Prevent -Wsign-compare warnings on LP64 systems. bz #1192, ok deraadt@ | ||
2754 | - grunk@cvs.openbsd.org 2008/06/13 20:13:26 | ||
2755 | [ssh.1] | ||
2756 | Explain the use of SSH fpr visualization using random art, and cite the | ||
2757 | original scientific paper inspiring that technique. | ||
2758 | Much help with English and nroff by jmc@, thanks. | ||
2759 | - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which | ||
2760 | despite its name doesn't seem to implement all of GSSAPI. Patch from | ||
2761 | Jan Engelhardt, sanity checked by Simon Wilkinson. | ||
2762 | |||
2763 | 20080612 | ||
2764 | - (dtucker) OpenBSD CVS Sync | ||
2765 | - jmc@cvs.openbsd.org 2008/06/11 07:30:37 | ||
2766 | [sshd.8] | ||
2767 | kill trailing whitespace; | ||
2768 | - grunk@cvs.openbsd.org 2008/06/11 21:01:35 | ||
2769 | [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c | ||
2770 | sshconnect.c] | ||
2771 | Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the | ||
2772 | graphical hash visualization schemes known as "random art", and by | ||
2773 | Dan Kaminsky's musings on the subject during a BlackOp talk at the | ||
2774 | 23C3 in Berlin. | ||
2775 | Scientific publication (original paper): | ||
2776 | "Hash Visualization: a New Technique to improve Real-World Security", | ||
2777 | Perrig A. and Song D., 1999, International Workshop on Cryptographic | ||
2778 | Techniques and E-Commerce (CrypTEC '99) | ||
2779 | http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf | ||
2780 | The algorithm used here is a worm crawling over a discrete plane, | ||
2781 | leaving a trace (augmenting the field) everywhere it goes. | ||
2782 | Movement is taken from dgst_raw 2bit-wise. Bumping into walls | ||
2783 | makes the respective movement vector be ignored for this turn, | ||
2784 | thus switching to the other color of the chessboard. | ||
2785 | Graphs are not unambiguous for now, because circles in graphs can be | ||
2786 | walked in either direction. | ||
2787 | discussions with several people, | ||
2788 | help, corrections and ok markus@ djm@ | ||
2789 | - grunk@cvs.openbsd.org 2008/06/11 21:38:25 | ||
2790 | [ssh-keygen.c] | ||
2791 | ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub | ||
2792 | would not display you the random art as intended, spotted by canacar@ | ||
2793 | - grunk@cvs.openbsd.org 2008/06/11 22:20:46 | ||
2794 | [ssh-keygen.c ssh-keygen.1] | ||
2795 | ssh-keygen would write fingerprints to STDOUT, and random art to STDERR, | ||
2796 | that is not how it was envisioned. | ||
2797 | Also correct manpage saying that -v is needed along with -l for it to work. | ||
2798 | spotted by naddy@ | ||
2799 | - otto@cvs.openbsd.org 2008/06/11 23:02:22 | ||
2800 | [key.c] | ||
2801 | simpler way of computing the augmentations; ok grunk@ | ||
2802 | - grunk@cvs.openbsd.org 2008/06/11 23:03:56 | ||
2803 | [ssh_config.5] | ||
2804 | CheckHostIP set to ``fingerprint'' will display both hex and random art | ||
2805 | spotted by naddy@ | ||
2806 | - grunk@cvs.openbsd.org 2008/06/11 23:51:57 | ||
2807 | [key.c] | ||
2808 | #define statements that are not atoms need braces around them, else they | ||
2809 | will cause trouble in some cases. | ||
2810 | Also do a computation of -1 once, and not in a loop several times. | ||
2811 | spotted by otto@ | ||
2812 | - dtucker@cvs.openbsd.org 2008/06/12 00:03:49 | ||
2813 | [dns.c canohost.c sshconnect.c] | ||
2814 | Do not pass "0" strings as ports to getaddrinfo because the lookups | ||
2815 | can slow things down and we never use the service info anyway. bz | ||
2816 | #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok | ||
2817 | deraadt@ djm@ | ||
2818 | djm belives that the reason for the "0" strings is to ensure that | ||
2819 | it's not possible to call getaddrinfo with both host and port being | ||
2820 | NULL. In the case of canohost.c host is a local array. In the | ||
2821 | case of sshconnect.c, it's checked for null immediately before use. | ||
2822 | In dns.c it ultimately comes from ssh.c:main() and is guaranteed to | ||
2823 | be non-null but it's not obvious, so I added a warning message in | ||
2824 | case it is ever passed a null. | ||
2825 | - grunk@cvs.openbsd.org 2008/06/12 00:13:55 | ||
2826 | [sshconnect.c] | ||
2827 | Make ssh print the random art also when ssh'ing to a host using IP only. | ||
2828 | spotted by naddy@, ok and help djm@ dtucker@ | ||
2829 | - otto@cvs.openbsd.org 2008/06/12 00:13:13 | ||
2830 | [key.c] | ||
2831 | use an odd number of rows and columns and a separate start marker, looks | ||
2832 | better; ok grunk@ | ||
2833 | - djm@cvs.openbsd.org 2008/06/12 03:40:52 | ||
2834 | [clientloop.h mux.c channels.c clientloop.c channels.h] | ||
2835 | Enable ~ escapes for multiplex slave sessions; give each channel | ||
2836 | its own escape state and hook the escape filters up to muxed | ||
2837 | channels. bz #1331 | ||
2838 | Mux slaves do not currently support the ~^Z and ~& escapes. | ||
2839 | NB. this change cranks the mux protocol version, so a new ssh | ||
2840 | mux client will not be able to connect to a running old ssh | ||
2841 | mux master. | ||
2842 | ok dtucker@ | ||
2843 | - djm@cvs.openbsd.org 2008/06/12 04:06:00 | ||
2844 | [clientloop.h ssh.c clientloop.c] | ||
2845 | maintain an ordered queue of outstanding global requests that we | ||
2846 | expect replies to, similar to the per-channel confirmation queue. | ||
2847 | Use this queue to verify success or failure for remote forward | ||
2848 | establishment in a race free way. | ||
2849 | ok dtucker@ | ||
2850 | - djm@cvs.openbsd.org 2008/06/12 04:17:47 | ||
2851 | [clientloop.c] | ||
2852 | thall shalt not code past the eightieth column | ||
2853 | - djm@cvs.openbsd.org 2008/06/12 04:24:06 | ||
2854 | [ssh.c] | ||
2855 | thal shalt not code past the eightieth column | ||
2856 | - djm@cvs.openbsd.org 2008/06/12 05:15:41 | ||
2857 | [PROTOCOL] | ||
2858 | document tun@openssh.com forwarding method | ||
2859 | - djm@cvs.openbsd.org 2008/06/12 05:32:30 | ||
2860 | [mux.c] | ||
2861 | some more TODO for me | ||
2862 | - grunk@cvs.openbsd.org 2008/06/12 05:42:46 | ||
2863 | [key.c] | ||
2864 | supply the key type (rsa1, rsa, dsa) as a caption in the frame of the | ||
2865 | random art. while there, stress the fact that the field base should at | ||
2866 | least be 8 characters for the pictures to make sense. | ||
2867 | comment and ok djm@ | ||
2868 | - grunk@cvs.openbsd.org 2008/06/12 06:32:59 | ||
2869 | [key.c] | ||
2870 | We already mark the start of the worm, now also mark the end of the worm | ||
2871 | in our random art drawings. | ||
2872 | ok djm@ | ||
2873 | - djm@cvs.openbsd.org 2008/06/12 15:19:17 | ||
2874 | [clientloop.h channels.h clientloop.c channels.c mux.c] | ||
2875 | The multiplexing escape char handler commit last night introduced a | ||
2876 | small memory leak per session; plug it. | ||
2877 | - dtucker@cvs.openbsd.org 2008/06/12 16:35:31 | ||
2878 | [ssh_config.5 ssh.c] | ||
2879 | keyword expansion for localcommand. ok djm@ | ||
2880 | - jmc@cvs.openbsd.org 2008/06/12 19:10:09 | ||
2881 | [ssh_config.5 ssh-keygen.1] | ||
2882 | tweak the ascii art text; ok grunk | ||
2883 | - dtucker@cvs.openbsd.org 2008/06/12 20:38:28 | ||
2884 | [sshd.c sshconnect.c packet.h misc.c misc.h packet.c] | ||
2885 | Make keepalive timeouts apply while waiting for a packet, particularly | ||
2886 | during key renegotiation (bz #1363). With djm and Matt Day, ok djm@ | ||
2887 | - djm@cvs.openbsd.org 2008/06/12 20:47:04 | ||
2888 | [sftp-client.c] | ||
2889 | print extension revisions for extensions that we understand | ||
2890 | - djm@cvs.openbsd.org 2008/06/12 21:06:25 | ||
2891 | [clientloop.c] | ||
2892 | I was coalescing expected global request confirmation replies at | ||
2893 | the wrong end of the queue - fix; prompted by markus@ | ||
2894 | - grunk@cvs.openbsd.org 2008/06/12 21:14:46 | ||
2895 | [ssh-keygen.c] | ||
2896 | make ssh-keygen -lf show the key type just as ssh-add -l would do it | ||
2897 | ok djm@ markus@ | ||
2898 | - grunk@cvs.openbsd.org 2008/06/12 22:03:36 | ||
2899 | [key.c] | ||
2900 | add my copyright, ok djm@ | ||
2901 | - ian@cvs.openbsd.org 2008/06/12 23:24:58 | ||
2902 | [sshconnect.c] | ||
2903 | tweak wording in message, ok deraadt@ jmc@ | ||
2904 | - dtucker@cvs.openbsd.org 2008/06/13 00:12:02 | ||
2905 | [sftp.h log.h] | ||
2906 | replace __dead with __attribute__((noreturn)), makes things | ||
2907 | a little easier to port. Also, add it to sigdie(). ok djm@ | ||
2908 | - djm@cvs.openbsd.org 2008/06/13 00:16:49 | ||
2909 | [mux.c] | ||
2910 | fall back to creating a new TCP connection on most multiplexing errors | ||
2911 | (socket connect fail, invalid version, refused permittion, corrupted | ||
2912 | messages, etc.); bz #1329 ok dtucker@ | ||
2913 | - dtucker@cvs.openbsd.org 2008/06/13 00:47:53 | ||
2914 | [mux.c] | ||
2915 | upcast size_t to u_long to match format arg; ok djm@ | ||
2916 | - dtucker@cvs.openbsd.org 2008/06/13 00:51:47 | ||
2917 | [mac.c] | ||
2918 | upcast another size_t to u_long to match format | ||
2919 | - dtucker@cvs.openbsd.org 2008/06/13 01:38:23 | ||
2920 | [misc.c] | ||
2921 | upcast uid to long with matching %ld, prevents warnings in portable | ||
2922 | - djm@cvs.openbsd.org 2008/06/13 04:40:22 | ||
2923 | [auth2-pubkey.c auth-rhosts.c] | ||
2924 | refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not | ||
2925 | regular files; report from Solar Designer via Colin Watson in bz#1471 | ||
2926 | ok dtucker@ deraadt | ||
2927 | - (dtucker) [clientloop.c serverloop.c] channel_register_filter now | ||
2928 | takes 2 more args. with djm@ | ||
2929 | - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch | ||
2930 | from Todd Vierling. | ||
2931 | - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA | ||
2932 | systems. Patch from R. Scott Bailey. | ||
2933 | - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used | ||
2934 | on big endian machines, so ifdef them for little-endian only to prevent | ||
2935 | unused function warnings on big-endians. | ||
2936 | - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent | ||
2937 | compiler warnings on some platforms. Based on a discussion with otto@ | ||
2938 | |||
2939 | 20080611 | ||
2940 | - (djm) [channels.c configure.ac] | ||
2941 | Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no) | ||
2942 | bz#1464; ok dtucker | ||
2943 | |||
2944 | 20080610 | ||
2945 | - (dtucker) OpenBSD CVS Sync | ||
2946 | - djm@cvs.openbsd.org 2008/06/10 03:57:27 | ||
2947 | [servconf.c match.h sshd_config.5] | ||
2948 | support CIDR address matching in sshd_config "Match address" blocks, with | ||
2949 | full support for negation and fall-back to classic wildcard matching. | ||
2950 | For example: | ||
2951 | Match address 192.0.2.0/24,3ffe:ffff::/32,!10.* | ||
2952 | PasswordAuthentication yes | ||
2953 | addrmatch.c code mostly lifted from flowd's addr.c | ||
2954 | feedback and ok dtucker@ | ||
2955 | - djm@cvs.openbsd.org 2008/06/10 04:17:46 | ||
2956 | [sshd_config.5] | ||
2957 | better reference for pattern-list | ||
2958 | - dtucker@cvs.openbsd.org 2008/06/10 04:50:25 | ||
2959 | [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8] | ||
2960 | Add extended test mode (-T) and connection parameters for test mode (-C). | ||
2961 | -T causes sshd to write its effective configuration to stdout and exit. | ||
2962 | -C causes any relevant Match rules to be applied before output. The | ||
2963 | combination allows tesing of the parser and config files. ok deraadt djm | ||
2964 | - jmc@cvs.openbsd.org 2008/06/10 07:12:00 | ||
2965 | [sshd_config.5] | ||
2966 | tweak previous; | ||
2967 | - jmc@cvs.openbsd.org 2008/06/10 08:17:40 | ||
2968 | [sshd.8 sshd.c] | ||
2969 | - update usage() | ||
2970 | - fix SYNOPSIS, and sort options | ||
2971 | - some minor additional fixes | ||
2972 | - dtucker@cvs.openbsd.org 2008/06/09 18:06:32 | ||
2973 | [regress/test-exec.sh] | ||
2974 | Don't generate putty keys if we're not going to use them. ok djm | ||
2975 | - dtucker@cvs.openbsd.org 2008/06/10 05:23:32 | ||
2976 | [regress/addrmatch.sh regress/Makefile] | ||
2977 | Regress test for Match CIDR rules. ok djm@ | ||
2978 | - dtucker@cvs.openbsd.org 2008/06/10 15:21:41 | ||
2979 | [test-exec.sh] | ||
2980 | Use a more portable construct for checking if we're running a putty test | ||
2981 | - dtucker@cvs.openbsd.org 2008/06/10 15:28:49 | ||
2982 | [test-exec.sh] | ||
2983 | Add quotes | ||
2984 | - dtucker@cvs.openbsd.org 2008/06/10 18:21:24 | ||
2985 | [ssh_config.5] | ||
2986 | clarify that Host patterns are space-separated. ok deraadt | ||
2987 | - djm@cvs.openbsd.org 2008/06/10 22:15:23 | ||
2988 | [PROTOCOL ssh.c serverloop.c] | ||
2989 | Add a no-more-sessions@openssh.com global request extension that the | ||
2990 | client sends when it knows that it will never request another session | ||
2991 | (i.e. when session multiplexing is disabled). This allows a server to | ||
2992 | disallow further session requests and terminate the session. | ||
2993 | Why would a non-multiplexing client ever issue additional session | ||
2994 | requests? It could have been attacked with something like SSH'jack: | ||
2995 | http://www.storm.net.nz/projects/7 | ||
2996 | feedback & ok markus | ||
2997 | - djm@cvs.openbsd.org 2008/06/10 23:06:19 | ||
2998 | [auth-options.c match.c servconf.c addrmatch.c sshd.8] | ||
2999 | support CIDR address matching in .ssh/authorized_keys from="..." stanzas | ||
3000 | ok and extensive testing dtucker@ | ||
3001 | - dtucker@cvs.openbsd.org 2008/06/10 23:21:34 | ||
3002 | [bufaux.c] | ||
3003 | Use '\0' for a nul byte rather than unadorned 0. ok djm@ | ||
3004 | - dtucker@cvs.openbsd.org 2008/06/10 23:13:43 | ||
3005 | [Makefile regress/key-options.sh] | ||
3006 | Add regress test for key options. ok djm@ | ||
3007 | - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6 | ||
3008 | since the new CIDR code in addmatch.c references it. | ||
3009 | - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6 | ||
3010 | specific tests on platforms that don't do IPv6. | ||
3011 | - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well | ||
3012 | as environment. | ||
3013 | - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now. | ||
3014 | |||
3015 | 20080609 | ||
3016 | - (dtucker) OpenBSD CVS Sync | ||
3017 | - dtucker@cvs.openbsd.org 2008/06/08 17:04:41 | ||
3018 | [sftp-server.c] | ||
3019 | Add case for ENOSYS in errno_to_portable; ok deraadt | ||
3020 | - dtucker@cvs.openbsd.org 2008/06/08 20:15:29 | ||
3021 | [sftp.c sftp-client.c sftp-client.h] | ||
3022 | Have the sftp client store the statvfs replies in wire format, | ||
3023 | which prevents problems when the server's native sizes exceed the | ||
3024 | client's. | ||
3025 | Also extends the sizes of the remaining 32bit wire format to 64bit, | ||
3026 | they're specified as unsigned long in the standard. | ||
3027 | - dtucker@cvs.openbsd.org 2008/06/09 13:02:39 | ||
3028 | [sftp-server.c] | ||
3029 | Extend 32bit -> 64bit values for statvfs extension missed in previous | ||
3030 | commit. | ||
3031 | - dtucker@cvs.openbsd.org 2008/06/09 13:38:46 | ||
3032 | [PROTOCOL] | ||
3033 | Use a $OpenBSD tag so our scripts will sync changes. | ||
3034 | |||
3035 | 20080608 | ||
3036 | - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c | ||
3037 | openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h | ||
3038 | openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and | ||
3039 | fstatvfs and remove #defines around statvfs code. ok djm@ | ||
3040 | - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a | ||
3041 | macro to convert fsid to unsigned long for platforms where fsid is a | ||
3042 | 2-member array. | ||
3043 | |||
3044 | 20080607 | ||
3045 | - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H. | ||
3046 | - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c] | ||
3047 | Do not enable statvfs extensions on platforms that do not have statvfs. | ||
3048 | - (dtucker) OpenBSD CVS Sync | ||
3049 | - djm@cvs.openbsd.org 2008/05/19 06:14:02 | ||
3050 | [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@ | ||
3051 | - djm@cvs.openbsd.org 2008/05/19 15:45:07 | ||
3052 | [sshtty.c ttymodes.c sshpty.h] | ||
3053 | Fix sending tty modes when stdin is not a tty (bz#1199). Previously | ||
3054 | we would send the modes corresponding to a zeroed struct termios, | ||
3055 | whereas we should have been sending an empty list of modes. | ||
3056 | Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ | ||
3057 | - djm@cvs.openbsd.org 2008/05/19 15:46:31 | ||
3058 | [ssh-keygen.c] | ||
3059 | support -l (print fingerprint) in combination with -F (find host) to | ||
3060 | search for a host in ~/.ssh/known_hosts and display its fingerprint; | ||
3061 | ok markus@ | ||
3062 | - djm@cvs.openbsd.org 2008/05/19 20:53:52 | ||
3063 | [clientloop.c] | ||
3064 | unbreak tree by committing this bit that I missed from: | ||
3065 | Fix sending tty modes when stdin is not a tty (bz#1199). Previously | ||
3066 | we would send the modes corresponding to a zeroed struct termios, | ||
3067 | whereas we should have been sending an empty list of modes. | ||
3068 | Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ | ||
3069 | |||
3070 | 20080604 | ||
3071 | - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias | ||
3072 | in arc4random_uniform with upper_bound in (2^30,2*31). Note that | ||
3073 | OpenSSH did not make requests with upper bounds in this range. | ||
3074 | |||
3075 | 20080519 | ||
3076 | - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in] | ||
3077 | [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h] | ||
3078 | Fix compilation on Linux, including pulling in fmt_scaled(3) | ||
3079 | implementation from OpenBSD's libutil. | ||
3080 | |||
3081 | 20080518 | ||
3082 | - (djm) OpenBSD CVS Sync | ||
3083 | - djm@cvs.openbsd.org 2008/04/04 05:14:38 | ||
3084 | [sshd_config.5] | ||
3085 | ChrootDirectory is supported in Match blocks (in fact, it is most useful | ||
3086 | there). Spotted by Minstrel AT minstrel.org.uk | ||
3087 | - djm@cvs.openbsd.org 2008/04/04 06:44:26 | ||
3088 | [sshd_config.5] | ||
3089 | oops, some unrelated stuff crept into that commit - backout. | ||
3090 | spotted by jmc@ | ||
3091 | - djm@cvs.openbsd.org 2008/04/05 02:46:02 | ||
3092 | [sshd_config.5] | ||
3093 | HostbasedAuthentication is supported under Match too | ||
3094 | - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c] | ||
3095 | [configure.ac] Implement arc4random_buf(), import implementation of | ||
3096 | arc4random_uniform() from OpenBSD | ||
3097 | - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes | ||
3098 | - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h | ||
3099 | - (djm) OpenBSD CVS Sync | ||
3100 | - djm@cvs.openbsd.org 2008/04/13 00:22:17 | ||
3101 | [dh.c sshd.c] | ||
3102 | Use arc4random_buf() when requesting more than a single word of output | ||
3103 | Use arc4random_uniform() when the desired random number upper bound | ||
3104 | is not a power of two | ||
3105 | ok deraadt@ millert@ | ||
3106 | - djm@cvs.openbsd.org 2008/04/18 12:32:11 | ||
3107 | [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h] | ||
3108 | introduce sftp extension methods statvfs@openssh.com and | ||
3109 | fstatvfs@openssh.com that implement statvfs(2)-like operations, | ||
3110 | based on a patch from miklos AT szeredi.hu (bz#1399) | ||
3111 | also add a "df" command to the sftp client that uses the | ||
3112 | statvfs@openssh.com to produce a df(1)-like display of filesystem | ||
3113 | space and inode utilisation | ||
3114 | ok markus@ | ||
3115 | - jmc@cvs.openbsd.org 2008/04/18 17:15:47 | ||
3116 | [sftp.1] | ||
3117 | macro fixage; | ||
3118 | - djm@cvs.openbsd.org 2008/04/18 22:01:33 | ||
3119 | [session.c] | ||
3120 | remove unneccessary parentheses | ||
3121 | - otto@cvs.openbsd.org 2008/04/29 11:20:31 | ||
3122 | [monitor_mm.h] | ||
3123 | garbage collect two unused fields in struct mm_master; ok markus@ | ||
3124 | - djm@cvs.openbsd.org 2008/04/30 10:14:03 | ||
3125 | [ssh-keyscan.1 ssh-keyscan.c] | ||
3126 | default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by | ||
3127 | larsnooden AT openoffice.org | ||
3128 | - pyr@cvs.openbsd.org 2008/05/07 05:49:37 | ||
3129 | [servconf.c servconf.h session.c sshd_config.5] | ||
3130 | Enable the AllowAgentForwarding option in sshd_config (global and match | ||
3131 | context), to specify if agents should be permitted on the server. | ||
3132 | As the man page states: | ||
3133 | ``Note that disabling Agent forwarding does not improve security | ||
3134 | unless users are also denied shell access, as they can always install | ||
3135 | their own forwarders.'' | ||
3136 | ok djm@, ok and a mild frown markus@ | ||
3137 | - pyr@cvs.openbsd.org 2008/05/07 06:43:35 | ||
3138 | [sshd_config] | ||
3139 | push the sshd_config bits in, spotted by ajacoutot@ | ||
3140 | - jmc@cvs.openbsd.org 2008/05/07 08:00:14 | ||
3141 | [sshd_config.5] | ||
3142 | sort; | ||
3143 | - markus@cvs.openbsd.org 2008/05/08 06:59:01 | ||
3144 | [bufaux.c buffer.h channels.c packet.c packet.h] | ||
3145 | avoid extra malloc/copy/free when receiving data over the net; | ||
3146 | ~10% speedup for localhost-scp; ok djm@ | ||
3147 | - djm@cvs.openbsd.org 2008/05/08 12:02:23 | ||
3148 | [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c] | ||
3149 | [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c] | ||
3150 | [ssh.c sshd.c] | ||
3151 | Implement a channel success/failure status confirmation callback | ||
3152 | mechanism. Each channel maintains a queue of callbacks, which will | ||
3153 | be drained in order (RFC4253 guarantees confirm messages are not | ||
3154 | reordered within an channel). | ||
3155 | Also includes a abandonment callback to clean up if a channel is | ||
3156 | closed without sending confirmation messages. This probably | ||
3157 | shouldn't happen in compliant implementations, but it could be | ||
3158 | abused to leak memory. | ||
3159 | ok markus@ (as part of a larger diff) | ||
3160 | - djm@cvs.openbsd.org 2008/05/08 12:21:16 | ||
3161 | [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c] | ||
3162 | [sshd_config sshd_config.5] | ||
3163 | Make the maximum number of sessions run-time controllable via | ||
3164 | a sshd_config MaxSessions knob. This is useful for disabling | ||
3165 | login/shell/subsystem access while leaving port-forwarding working | ||
3166 | (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or | ||
3167 | simply increasing the number of allows multiplexed sessions. | ||
3168 | Because some bozos are sure to configure MaxSessions in excess of the | ||
3169 | number of available file descriptors in sshd (which, at peak, might be | ||
3170 | as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds | ||
3171 | on error paths, and make it fail gracefully on out-of-fd conditions - | ||
3172 | sending channel errors instead of than exiting with fatal(). | ||
3173 | bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com | ||
3174 | ok markus@ | ||
3175 | - djm@cvs.openbsd.org 2008/05/08 13:06:11 | ||
3176 | [clientloop.c clientloop.h ssh.c] | ||
3177 | Use new channel status confirmation callback system to properly deal | ||
3178 | with "important" channel requests that fail, in particular command exec, | ||
3179 | shell and subsystem requests. Previously we would optimistically assume | ||
3180 | that the requests would always succeed, which could cause hangs if they | ||
3181 | did not (e.g. when the server runs out of fds) or were unimplemented by | ||
3182 | the server (bz #1384) | ||
3183 | Also, properly report failing multiplex channel requests via the mux | ||
3184 | client stderr (subject to LogLevel in the mux master) - better than | ||
3185 | silently failing. | ||
3186 | most bits ok markus@ (as part of a larger diff) | ||
3187 | - djm@cvs.openbsd.org 2008/05/09 04:55:56 | ||
3188 | [channels.c channels.h clientloop.c serverloop.c] | ||
3189 | Try additional addresses when connecting to a port forward destination | ||
3190 | whose DNS name resolves to more than one address. The previous behaviour | ||
3191 | was to try the first address and give up. | ||
3192 | Reported by stig AT venaas.com in bz#343 | ||
3193 | great feedback and ok markus@ | ||
3194 | - djm@cvs.openbsd.org 2008/05/09 14:18:44 | ||
3195 | [clientloop.c clientloop.h ssh.c mux.c] | ||
3196 | tidy up session multiplexing code, moving it into its own file and | ||
3197 | making the function names more consistent - making ssh.c and | ||
3198 | clientloop.c a fair bit more readable. | ||
3199 | ok markus@ | ||
3200 | - djm@cvs.openbsd.org 2008/05/09 14:26:08 | ||
3201 | [ssh.c] | ||
3202 | dingo stole my diff hunk | ||
3203 | - markus@cvs.openbsd.org 2008/05/09 16:16:06 | ||
3204 | [session.c] | ||
3205 | re-add the USE_PIPES code and enable it. | ||
3206 | without pipes shutdown-read from the sshd does not trigger | ||
3207 | a SIGPIPE when the forked program does a write. | ||
3208 | ok djm@ | ||
3209 | (Id sync only, USE_PIPES never left portable OpenSSH) | ||
3210 | - markus@cvs.openbsd.org 2008/05/09 16:17:51 | ||
3211 | [channels.c] | ||
3212 | error-fd race: don't enable the error fd in the select bitmask | ||
3213 | for channels with both in- and output closed, since the channel | ||
3214 | will go away before we call select(); | ||
3215 | report, lots of debugging help and ok djm@ | ||
3216 | - markus@cvs.openbsd.org 2008/05/09 16:21:13 | ||
3217 | [channels.h clientloop.c nchan.c serverloop.c] | ||
3218 | unbreak | ||
3219 | ssh -2 localhost od /bin/ls | true | ||
3220 | ignoring SIGPIPE by adding a new channel message (EOW) that signals | ||
3221 | the peer that we're not interested in any data it might send. | ||
3222 | fixes bz #85; discussion, debugging and ok djm@ | ||
3223 | - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20 | ||
3224 | [umac.c] | ||
3225 | Ensure nh_result lies on a 64-bit boundary (fixes warnings observed | ||
3226 | on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@ | ||
3227 | - djm@cvs.openbsd.org 2008/05/15 23:52:24 | ||
3228 | [nchan2.ms] | ||
3229 | document eow message in ssh protocol 2 channel state machine; | ||
3230 | feedback and ok markus@ | ||
3231 | - djm@cvs.openbsd.org 2008/05/18 21:29:05 | ||
3232 | [sftp-server.c] | ||
3233 | comment extension announcement | ||
3234 | - djm@cvs.openbsd.org 2008/05/16 08:30:42 | ||
3235 | [PROTOCOL] | ||
3236 | document our protocol extensions and deviations; ok markus@ | ||
3237 | - djm@cvs.openbsd.org 2008/05/17 01:31:56 | ||
3238 | [PROTOCOL] | ||
3239 | grammar and correctness fixes from stevesk@ | ||
3240 | |||
3241 | 20080403 | ||
3242 | - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile- | ||
3243 | time warnings on LynxOS. Patch from ops AT iki.fi | ||
3244 | - (djm) Force string arguments to replacement setproctitle() though | ||
3245 | strnvis first. Ok dtucker@ | ||
3246 | |||
3247 | 20080403 | ||
3248 | - (djm) OpenBSD CVS sync: | ||
3249 | - markus@cvs.openbsd.org 2008/04/02 15:36:51 | ||
3250 | [channels.c] | ||
3251 | avoid possible hijacking of x11-forwarded connections (back out 1.183) | ||
3252 | CVE-2008-1483; ok djm@ | ||
3253 | - jmc@cvs.openbsd.org 2008/03/27 22:37:57 | ||
3254 | [sshd.8] | ||
3255 | remove trailing whitespace; | ||
3256 | - djm@cvs.openbsd.org 2008/04/03 09:50:14 | ||
3257 | [version.h] | ||
3258 | openssh-5.0 | ||
3259 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
3260 | [contrib/suse/openssh.spec] Crank version numbers in RPM spec files | ||
3261 | - (djm) [README] Update link to release notes | ||
3262 | - (djm) Release 5.0p1 | ||