summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-01-09 - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user nameDarren Tucker
when using utmpx. Patch from Ed Schouten.
2010-01-09 - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.Darren Tucker
2010-01-09 - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.Darren Tucker
2010-01-09 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don'tDarren Tucker
have it.
2010-01-09 - dtucker@cvs.openbsd.org 2010/01/08 21:50:49Darren Tucker
[sftp.c] Fix two warnings: possibly used unitialized and use a nul byte instead of NULL pointer. ok djm@
2010-01-08 - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.Darren Tucker
2010-01-08 - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN moreDarren Tucker
to eliminate an unused variable warning.
2010-01-08 - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket toDarren Tucker
be created.
2010-01-08 - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remoteDarren Tucker
too.
2010-01-08 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] MakeDarren Tucker
RoutingDomain an unsupported option on platforms that don't have it.
2010-01-08 - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms thatDarren Tucker
don't have libedit.
2010-01-08 - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.Darren Tucker
2010-01-08 - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import newDarren Tucker
files for roaming and add to Makefile.
2010-01-08 - djm@cvs.openbsd.org 2010/01/04 02:25:15Darren Tucker
[sftp-server.c] bz#1566 don't unnecessarily dup() in and out fds for sftp-server; ok markus@
2010-01-08 - djm@cvs.openbsd.org 2010/01/04 02:03:57Darren Tucker
[sftp.c] Implement tab-completion of commands, local and remote filenames for sftp. Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009 Google Summer of Code) and polished to a fine sheen by myself again. It should deal more-or-less correctly with the ikky corner-cases presented by quoted filenames, but the UI could still be slightly improved. In particular, it is quite slow for remote completion on large directories. bz#200; ok markus@
2010-01-08 - dtucker@cvs.openbsd.org 2010/01/04 01:45:30Darren Tucker
[sshconnect2.c] Don't escape backslashes in the SSH2 banner. bz#1533, patch from Michal Gorny via Gentoo.
2010-01-08 - jmc@cvs.openbsd.org 2009/12/29 18:03:32Darren Tucker
[sshd_config.5 ssh_config.5] sort previous;
2010-01-08 - stevesk@cvs.openbsd.org 2009/12/29 16:38:41Darren Tucker
[sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1] Rename RDomain config option to RoutingDomain to be more clear and consistent with other options. NOTE: if you currently use RDomain in the ssh client or server config, or ssh/sshd -o, you must update to use RoutingDomain. ok markus@ djm@
2010-01-08 - stevesk@cvs.openbsd.org 2009/12/25 19:40:21Darren Tucker
[readconf.c servconf.c misc.h ssh-keyscan.c misc.c] validate routing domain is in range 0-RT_TABLEID_MAX. 'Looks right' deraadt@
2010-01-08 - djm@cvs.openbsd.org 2009/12/20 23:20:40Darren Tucker
[PROTOCOL] fix an incorrect magic number and typo in PROTOCOL; bz#1688 report and fix from ueno AT unixuser.org
2010-01-08 - guenther@cvs.openbsd.org 2009/12/20 07:28:36Darren Tucker
[ssh.c sftp.c scp.c] When passing user-controlled options with arguments to other programs, pass the option and option argument as separate argv entries and not smashed into one (e.g., as -l foo and not -lfoo). Also, always pass a "--" argument to stop option parsing, so that a positional argument that starts with a '-' isn't treated as an option. This fixes some error cases as well as the handling of hostnames and filenames that start with a '-'. Based on a diff by halex@ ok halex@ djm@ deraadt@
2010-01-08 - markus@cvs.openbsd.org 2009/12/11 18:16:33Darren Tucker
[key.c] switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537 for the RSA public exponent; discussed with provos; ok djm@
2010-01-08 - dtucker@cvs.openbsd.org 2009/12/06 23:53:54Darren Tucker
[sftp.c] fix potential divide-by-zero in sftp's "df" output when talking to a server that reports zero files on the filesystem (Unix filesystems always have at least the root inode). From Steve McClellan at radisys, ok djm@
2010-01-08 - djm@cvs.openbsd.org 2009/12/06 23:53:45Darren Tucker
[roaming_common.c] use socklen_t for getsockopt optlen parameter; reported by Steve.McClellan AT radisys.com, ok dtucker@
2010-01-08 - dtucker@cvs.openbsd.org 2009/12/06 23:41:15Darren Tucker
[sshconnect2.c] zap unused variable and strlen; from Steve McClellan, ok djm
2010-01-08 - halex@cvs.openbsd.org 2009/11/22 13:18:00Darren Tucker
[sftp.c] make passing of zero-length arguments to ssh safe by passing "-<switch>" "<value>" rather than "-<switch><value>" ok dtucker@, guenther@, djm@
2010-01-08 - djm@cvs.openbsd.org 2009/11/20 03:24:07Darren Tucker
[misc.c] correct off-by-one in percent_expand(): we would fatal() when trying to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually work. Note that nothing in OpenSSH actually uses close to this limit at present. bz#1607 from Jan.Pechanec AT Sun.COM
2010-01-08 - dtucker@cvs.openbsd.org 2009/11/20 00:59:36Darren Tucker
[sshconnect2.c] Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@
2010-01-08 - djm@cvs.openbsd.org 2009/11/20 00:54:01Darren Tucker
[sftp.c] bz#1588 change "Connecting to host..." message to "Connected to host." and delay it until after the sftp protocol connection has been established. Avoids confusing sequence of messages when the underlying ssh connection experiences problems. ok dtucker@
2010-01-08 - dtucker@cvs.openbsd.org 2009/11/20 00:15:41Darren Tucker
[session.c] Warn but do not fail if stat()ing the subsystem binary fails. This helps with chrootdirectory+forcecommand=sftp-server and restricted shells. bz #1599, ok djm.
2010-01-08 - djm@cvs.openbsd.org 2009/11/19 23:39:50Darren Tucker
[session.c] bz#1606: error when an attempt is made to connect to a server with ForceCommand=internal-sftp with a shell session (i.e. not a subsystem session). Avoids stuck client when attempting to ssh to such a service. ok dtucker@
2010-01-08 - djm@cvs.openbsd.org 2009/11/17 05:31:44Darren Tucker
[clientloop.c] fix incorrect exit status when multiplexing and channel ID 0 is recycled bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
2010-01-08 - markus@cvs.openbsd.org 2009/11/11 21:37:03Darren Tucker
[channels.c channels.h] fix race condition in x11/agent channel allocation: don't read after the end of the select read/write fdset and make sure a reused FD is not touched before the pre-handlers are called. with and ok djm@
2010-01-08 - dtucker@cvs.openbsd.org 2009/11/10 04:30:45Darren Tucker
[sshconnect2.c channels.c sshconnect.c] Set close-on-exec on various descriptors so they don't get leaked to child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
2010-01-08 - djm@cvs.openbsd.org 2009/11/10 02:58:56Darren Tucker
[sshd_config.5] clarify that StrictModes does not apply to ChrootDirectory. Permissions and ownership are always checked when chrooting. bz#1532
2010-01-08 - djm@cvs.openbsd.org 2009/11/10 02:56:22Darren Tucker
[ssh_config.5] explain the constraints on LocalCommand some more so people don't try to abuse it.
2010-01-08 - jmc@cvs.openbsd.org 2009/10/28 21:45:08Darren Tucker
[sshd_config.5 sftp.1] tweak previous;
2010-01-08 - reyk@cvs.openbsd.org 2009/10/28 16:38:18Darren Tucker
[ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1 sftp.1 sshd_config.5 readconf.c ssh.c misc.c] Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan. ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:23:42Darren Tucker
[ssh.c] Request roaming to be enabled if UseRoaming is true and the server supports it. ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:22:37Darren Tucker
[roaming_common.c] Do the actual suspend/resume in the client. This won't be useful until the server side supports roaming. Most code from Martin Forssen, maf at appgate dot com. Some changes by me and markus@ ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:19:17Darren Tucker
[ssh2.h] Define the KEX messages used when resuming a suspended connection. ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:15:29Darren Tucker
[clientloop.c] client_loop() must detect if the session has been suspended and resumed, and take appropriate action in that case. From Martin Forssen, maf at appgate dot com ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:13:54Darren Tucker
[sshconnect2.c kex.h kex.c] Let the client detect if the server supports roaming by looking for the resume@appgate.com kex algorithm. ok markus@
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:11:58Darren Tucker
[roaming.h] Declarations needed for upcoming changes. ok markus@
2009-12-26 - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1Tim Rice
Gzip all man pages. Patch from Corinna Vinschen.
2009-12-21 - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]Darren Tucker
Bug #1583: Use system's kerberos principal name on AIX if it's available. Based on a patch from and tested by Miguel Sanders.
2009-12-08 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,Darren Tucker
based on a patch from Vaclav Ovsik and Colin Watson. ok djm.
2009-12-07 - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.Darren Tucker
2009-12-07 - (dtucker) Bug #1160: use pkg-config for opensc config if it's available.Darren Tucker
Tested by Martin Paljak.
2009-11-20 - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.Tim Rice
Bug 1628. OK dtucker@