summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2006-09-21 - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixesDarren Tucker
build error on Ultrix. From Bernhard Simon.
2006-09-21 - markus@cvs.openbsd.org 2006/09/19 21:14:08Darren Tucker
[packet.c] client NULL deref on protocol error; Tavis Ormandy, Google Security Team
2006-09-21 - otto@cvs.openbsd.org 2006/09/19 05:52:23Darren Tucker
[sftp.c] Use S_IS* macros insted of masking with S_IF* flags. The latter may have multiple bits set, which lead to surprising results. Spotted by Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@
2006-09-18 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.Darren Tucker
Prevents macro redefinition warnings of "RDONLY".
2006-09-18 - (dtucker) [configure.ac] On AIX, check to see if the compiler will allowDarren Tucker
macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags. Allows build out of the box with older VAC and XLC compilers. Found by David Bronder and Bernhard Simon.
2006-09-17 - (dtucker) [INSTALL] Add info about audit support.Darren Tucker
2006-09-17 - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@Damien Miller
2006-09-17 - (dtucker) [monitor.c] Correctly handle auditing of single commands whenDarren Tucker
using Protocol 1. From jhb at freebsd.
2006-09-17 - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM authDarren Tucker
process so that any logging it does is with the right timezone. From Scott Strickler, ok djm@.
2006-09-17 - (djm) Add openssh.xml to .cvsignore and sort itDamien Miller
2006-09-17 - djm@cvs.openbsd.org 2006/09/16 19:53:37Damien Miller
[deattack.c deattack.h packet.c] limit maximum work performed by the CRC compensation attack detector, problem reported by Tavis Ormandy, Google Security Team; ok markus@ deraadt@
2006-09-12 - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]Damien Miller
Support SMF in Solaris Packages if enabled by configure. Patch from Chad Mynhier, tested by dtucker@
2006-09-11 - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. NotedDarren Tucker
by Pekka Savola.
2006-09-10 - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.Darren Tucker
2006-09-10 - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.Darren Tucker
2006-09-09 - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@Darren Tucker
2006-09-09 - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.Darren Tucker
2006-09-09 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.Darren Tucker
2006-09-09 - (dtucker) [configure.ac] The BSM header test needs time.h in some cases.Darren Tucker
2006-09-08 - (dtucker) [auth-sia.c] Add includes required for build on Tru64. PatchDarren Tucker
from Chris Adams.
2006-09-08 - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a betterDarren Tucker
chance of winning.
2006-09-07 - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.Darren Tucker
2006-09-06 - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6Tim Rice
2006-09-07 - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it canDamien Miller
be used to drop privilege to; fixes Solaris GSSAPI crash reported by Magnus Abrante; suggestion and feedback dtucker@ NB. this change will require that the privilege separation user must exist on all the time, not just when UsePrivilegeSeparation=yes
2006-09-05 - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.Darren Tucker
2006-09-05 - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.Darren Tucker
2006-09-04 - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the nativeDarren Tucker
updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius, ok djm@
2006-09-03 - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check forDarren Tucker
declaration of writev(2) and declare it ourselves if necessary. Makes the atomiciov() calls build on really old systems. ok djm@
2006-09-02 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.cDarren Tucker
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> for hton* and ntoh* macros. Required on (at least) HP-UX since we define _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-09-02 - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.Darren Tucker
2006-09-01 - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] CrankDarren Tucker
versions.
2006-09-01 - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] ExplicitlyDarren Tucker
test for GLOB_NOMATCH and use our glob functions if it's not found. Stops sftp from segfaulting when attempting to get a nonexistent file on Cygwin (previous versions of OpenSSH didn't use the native glob). Partly from and tested by Corinna Vinschen.
2006-09-01 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declarationDarren Tucker
warnings for binary_open and binary_close. Patch from Corinna Vinschen.
2006-09-01 - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]Damien Miller
[openbsd-compat/rresvport.c] Some more headers: netinet/in.h sys/socket.h and unistd.h in various places
2006-09-01 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]Damien Miller
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c rc4.diff] [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] [openbsd-compat/port-uw.c] Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; compile problems reported by rac AT tenzing.org
2006-08-31 - (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilegeDarren Tucker
while setting up the ssh service account. Patch from Corinna Vinschen.
2006-08-31 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]Damien Miller
[platform.c platform.h sshd.c openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c] [openbsd-compat/port-solaris.h] Add support for Solaris process contracts, enabled with --use-solaris-contracts. Patch from Chad Mynhier, tweaked by dtucker@ and myself; ok dtucker@
2006-08-30 - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always callDarren Tucker
loginsuccess on AIX immediately after authentication to clear the failed login count. Previously this would only happen when an interactive session starts (ie when a pty is allocated) but this means that accounts that have primarily non-interactive sessions (eg scp's) may gradually accumulate enough failures to lock out an account. This change may have a side effect of creating two audit records, one with a tty of "ssh" corresponding to the authentication and one with the allocated pty per interactive session.
2006-08-30 - (djm) [openbsd-compat/xcrypt.c] needs unistd.hDamien Miller
2006-08-30 - djm@cvs.openbsd.org 2006/08/30 00:14:37Damien Miller
[version.h] crank to 4.4
2006-08-30 - dtucker@cvs.openbsd.org 2006/08/30 00:06:51Damien Miller
[sshconnect2.c] Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL where previously it weren't. bz #1221, found by Dean Kopesky, ok djm@
2006-08-30 - dtucker@cvs.openbsd.org 2006/08/29 12:02:30Damien Miller
[gss-genr.c] Work around a problem in Heimdal that occurs when KRB5CCNAME file is missing, by checking whether or not kerberos allocated us a context before attempting to free it. Patch from Simon Wilkinson, tested by biorn@, ok djm@
2006-08-30 - djm@cvs.openbsd.org 2006/08/29 10:40:19Damien Miller
[channels.c session.c] normalise some inconsistent (but harmless) NULL pointer checks spotted by the Stanford SATURN tool, via Isil Dillig; ok markus@ deraadt@
2006-08-30 - dtucker@cvs.openbsd.org 2006/08/21 08:15:57Damien Miller
[sshd.8] Add more detail about what permissions are and aren't accepted for authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
2006-08-30 - (djm) OpenBSD CVS SyncDamien Miller
- dtucker@cvs.openbsd.org 2006/08/21 08:14:01 [sshd_config.5] Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, ok jmc@ djm@
2006-08-24 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to preventDarren Tucker
unused variable warning when we have a broken or missing mmap(2). Now with 100% more diff!
2006-08-24 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to preventDarren Tucker
unused variable warning when we have a broken or missing mmap(2).
2006-08-24 - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.Darren Tucker
2006-08-24 - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).Darren Tucker
2006-08-24 - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)Darren Tucker
on POSIX systems.