Age | Commit message (Collapse) | Author |
|
revs 1.7 - 1.9.
|
|
unnecessary prototype.
|
|
OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
"register").
|
|
resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
ok dtucker@
|
|
|
|
[bufaux.c]
Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
cs.stanford.edu; ok dtucker@
|
|
[kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
remove hardcoded hash lengths in key exchange code, allowing
implementation of KEX methods with different hashes (e.g. SHA-256);
ok markus@ dtucker@ stevesk@
|
|
[canohost.c]
Cache reverse lookups with and without DNS separately; ok markus@
|
|
[ssh-keygen.1]
grammar;
|
|
[serverloop.c]
make sure we clean up wtmp, etc. file when we receive a SIGTERM,
SIGINT or SIGQUIT when running without privilege separation (the
normal privsep case is already OK). Patch mainly by dtucker@ and
senthilkumar_sen AT hotpop.com; ok dtucker@
|
|
[ssh-keygen.1 ssh-keygen.c]
generate a protocol 2 RSA key by default
|
|
[sftp.c]
Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@
|
|
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
|
|
[ssh_config.5]
remove trailing whitespace;
|
|
[canohost.c sshd.c]
Check for connections with IP options earlier and drop silently. ok djm@
|
|
[ssh.c]
fix misleading debug message; ok dtucker@
|
|
[ssh-keyscan.c]
make ssh-keygen discard junk from server before SSH- ident, spotted by
dave AT cirt.net; ok dtucker@
|
|
[ssh_config.5]
mention control socket fallback behaviour, reported by
tryponraj AT gmail.com
|
|
[dns.c dns.h]
more cleanups; ok jakob@
|
|
[dns.c]
remove #ifdef LWRES; ok jakob@
|
|
[dns.c]
fix memory leaks from 2 sources:
1) key_fingerprint_raw()
2) malloc in dns_read_rdata()
ok jakob@
|
|
[sshconnect.c]
make external definition static; ok deraadt@
|
|
[channels.c clientloop.c]
free()->xfree(); ok djm@
|
|
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
|
|
[auth2-gss.c gss-genr.c gss-serv.c monitor.c]
KNF; ok djm@
|
|
[dns.c]
unneeded #include, unused declaration, little knf; ok deraadt@
|
|
[gss-serv-krb5.c gss-serv.c]
unused declarations; ok deraadt@
(id sync only for gss-serv-krb5.c)
|
|
[gss-serv.c]
spelling in comments
|
|
[auth2-gss.c gss-genr.c gss-serv.c]
remove unneeded #includes; ok markus@
|
|
[channels.c]
bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
bind() failure when a previous connection's listeners are in TIME_WAIT,
reported by plattner AT inf.ethz.ch; ok dtucker@
|
|
[channels.c channels.h clientloop.c serverloop.c session.c]
fix regression I introduced in 4.2: X11 forwardings initiated after
a session has exited (e.g. "(sleep 5; xterm) &") would not start.
bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
|
|
- markus@cvs.openbsd.org 2005/10/07 11:13:57
[ssh-keygen.c]
change DSA default back to 1024, as it's defined for 1024 bits only
and this causes interop problems with other clients. moreover,
in order to improve the security of DSA you need to change more
components of DSA key generation (e.g. the internal SHA1 hash);
ok deraadt
|
|
Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
via FreeBSD.
|
|
enabled, instead allow PAM to handle it. Note that on platforms using PAM,
the pam_nologin module should be added to sshd's session stack in order to
maintain exising behaviour. Based on patch and discussion from t8m at
centrum.cz, ok djm@
|
|
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
files from imorgan AT nas.nasa.gov
|
|
prompt. Patch from vinschen at redhat.com.
|
|
understand "%lld", even though the compiler has "long long", so handle
it as a special case. Patch tested by mcaskill.scott at epa.gov.
(actually was included in previous commit)
|
|
sizeof(long long) checks, to make fixing bug #1104 easier (no changes
yet).
|
|
/etc/default/login report and testing from aabaker at iee.org, corrections
from tim@.
|
|
versions from OpenBSD. ok djm@
|
|
|
|
brian.smith at agilent com.
|
|
|
|
"*LOCKED*" string) for FreeBSD. Patch jeremie at le-hen.org and
senthilkumar_sen at hotpop.com.
|
|
is required in the system path for the multiplex test to work.
|
|
[canohost.c]
Relocate check_ip_options call to prevent logging of garbage for
connections with IP options set. bz#1092 from David Leonard,
"looks good" deraadt@
|
|
[ssh-keyscan.1]
deploy .An -nosplit; ok jmc
|
|
[sshd.c]
change label at markus@'s request
|
|
[sshd_config.5]
aquire -> acquire, from stevesk@
|
|
[ssh.1]
spelling nit from stevesk@
|