summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2005-01-20 - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128Darren Tucker
bytes to prevent errors from login_init_entry() when the username is exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
2005-01-20Oops, did not intend to commit this yetDarren Tucker
2005-01-20 - djm@cvs.openbsd.org 2004/12/22 02:13:19Darren Tucker
[cipher-ctr.c cipher.c] remove fallback AES support for old OpenSSL, as OpenBSD has had it for many years now; ok deraadt@ (Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about userDarren Tucker
existence via keyboard-interactive/pam, in conjunction with previous auth2-chall.c change; with Colin Watson and djm.
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/19 13:11:47Darren Tucker
[auth-bsdauth.c auth2-chall.c] Have keyboard-interactive code call the drivers even for responses for invalid logins. This allows the drivers themselves to decide how to handle them and prevent leaking information where possible. Existing behaviour for bsdauth is maintained by checking authctxt->valid in the bsdauth driver. Note that any third-party kbdint drivers will now need to be able to handle responses for invalid logins. ok markus@
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/17 22:48:39Darren Tucker
[sshd.c] Make debugging output continue after reexec; ok djm@
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/17 03:25:46Darren Tucker
[moduli.c] Correct spelling: SCHNOOR->SCHNORR; ok djm@
2005-01-20 - jmc@cvs.openbsd.org 2005/01/08 00:41:19Darren Tucker
[sshd_config.5] `login'(n) -> `log in'(v);
2005-01-20 - markus@cvs.openbsd.org 2005/01/05 08:51:32Darren Tucker
[sshconnect.c] remove dead code, log connect() failures with level error, ok djm@
2005-01-20 - djm@cvs.openbsd.org 2004/12/23 23:11:00Darren Tucker
[servconf.c servconf.h sshd.c sshd_config sshd_config.5] bz #898: support AddressFamily in sshd_config. from peak@argo.troja.mff.cuni.cz; ok deraadt@
2005-01-20 - markus@cvs.openbsd.org 2004/12/23 17:38:07Darren Tucker
[ssh-keygen.c] leak; from mpech
2005-01-20 - markus@cvs.openbsd.org 2004/12/23 17:35:48Darren Tucker
[session.c] check for NULL; from mpech
2005-01-18 - (dtucker) [survey.sh.in] Remove any blank lines from the output ofDarren Tucker
ccver-v and ccver-V.
2005-01-18 - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] ImplementDarren Tucker
"make survey" and "make send-survey". This will provide data on the configure parameters, platform and platform features to the development team, which will allow (among other things) better targetting of testing. It's entirely voluntary and is off be default. ok djm@
2004-12-20 - (dtucker) [regress/rekey.sh] Touch datafile before filling with dd, sinceDarren Tucker
on some wacky platforms (eg old AIXes), dd will refuse to create an output file if it doesn't exist.
2004-12-20 - (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if readingDarren Tucker
from prngd is enabled at compile time but fails at run time, eg because prngd is not running. Note that if you have prngd running when OpenSSH is built, OpenSSL will consider itself internally seeded and rand-helper won't be built at all unless explicitly enabled via --with-rand-helper. ok djm@
2004-12-13 - (dtucker) [contrib/findssh.sh] Clean up on interrupt; fromDarren Tucker
amarendra.godbole at ge com.
2004-12-11 - dtucker@cvs.openbsd.org 2004/12/11 01:48:56Darren Tucker
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@
2004-12-11 - fgsch@cvs.openbsd.org 2004/12/10 03:10:42Darren Tucker
[sftp.c] - fix globbed ls for paths the same lenght as the globbed path when we have a unique matching. - fix globbed ls in case of a directory when we have a unique matching. - as a side effect, if the path does not exist error (used to silently ignore). - don't do extra do_lstat() if we only have one matching file. djm@ ok
2004-12-11 - (dtucker) OpenBSD CVS SyncDarren Tucker
- markus@cvs.openbsd.org 2004/12/06 16:00:43 [bufaux.c] use 0x00 not \0 since buf[] is a bignum
2004-12-08[configure.ac] Comment some non obvious platforms in the target-specificTim Rice
case statement. Suggested and OK by dtucker@
2004-12-07 - (dtucker) [regress/scp.sh] Use portable-friendly $DIFFOPTs in new test.Darren Tucker
2004-12-06 - dtucker@cvs.openbsd.org 2004/12/06 10:49:56Darren Tucker
[test-exec.sh] Check if TEST_SSH_SSHD is a full path to sshd before searching; ok markus@
2004-12-06 - dtucker@cvs.openbsd.org 2004/11/25 09:39:27Darren Tucker
[test-exec.sh] Remove obsolete RhostsAuthentication from test config; ok markus@
2004-12-06 - djm@cvs.openbsd.org 2004/11/07 00:32:41Darren Tucker
[multiplex.sh] regression tests for new multiplex commands
2004-12-06 - djm@cvs.openbsd.org 2004/10/29 23:59:22Darren Tucker
[Makefile added brokenkeys.sh] regression test for handling of corrupt keys in authorized_keys file
2004-12-06 - djm@cvs.openbsd.org 2004/10/08 02:01:50Darren Tucker
[reexec.sh] shrink and tidy; ok dtucker@
2004-12-06 - david@cvs.openbsd.org 2004/07/09 19:45:43Darren Tucker
[Makefile] add a missing CLEANFILES used in the re-exec test
2004-12-06 - dtucker@cvs.openbsd.org 2004/07/08 12:59:35Darren Tucker
[scp.sh] Regress test for bz #863 (scp double-error), requires $SUDO. ok markus@
2004-12-06 - djm@cvs.openbsd.org 2004/06/26 06:16:07Darren Tucker
[reexec.sh] don't change the name of the copied sshd for the reexec fallback test, makes life simpler for portable
2004-12-06Resync IdsDarren Tucker
2004-12-06 - dtucker@cvs.openbsd.org 2004/12/06 11:41:03Darren Tucker
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@
2004-12-06 - jaredy@cvs.openbsd.org 2004/12/05 23:55:07Darren Tucker
[sftp.1] - explain that patterns can be used as arguments in get/put/ls/etc commands (prodded by Michael Knudsen) - describe ls flags as a list - other minor improvements ok jmc, djm
2004-12-06 - djm@cvs.openbsd.org 2004/11/29 07:41:24Darren Tucker
[sftp-client.h sftp.c] Some small fixes from moritz@jodeit.org. ok deraadt@
2004-12-06 - jmc@cvs.openbsd.org 2004/11/29 00:05:17Darren Tucker
[sftp.1] missing full stop;
2004-12-06 - (dtucker) OpenBSD CVS SyncDarren Tucker
- markus@cvs.openbsd.org 2004/11/25 22:22:14 [sftp-client.c sftp.c] leak; from mpech
2004-12-06 - (dtucker) [TODO WARNING.RNG] Update to reflect current reality. ok djm@Darren Tucker
2004-12-03 - (dtucker) [auth1.c auth2.c] If the user successfully authenticates but isDarren Tucker
subsequently denied by the PAM auth stack, send the PAM message to the user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2). ok djm@
2004-12-03 - jmc@cvs.openbsd.org 2004/11/07 17:57:30Darren Tucker
[ssh.c] usage(): - add -O - sync -S w/ manpage - remove -h
2004-12-03 - (dtucker) OpenBSD CVS SyncDarren Tucker
- jmc@cvs.openbsd.org 2004/11/07 17:42:36 [ssh.1] options sort, and whitespace;
2004-11-07 - (dtucker) [INSTALL Makefile.in configure.ac] Add --with-libedit configureDarren Tucker
option and supporting makefile bits and documentation.
2004-11-07 - djm@cvs.openbsd.org 2004/11/07 00:01:46Darren Tucker
[clientloop.c clientloop.h ssh.1 ssh.c] add basic control of a running multiplex master connection; including the ability to check its status and request it to exit; ok markus@
2004-11-07 - djm@cvs.openbsd.org 2004/11/05 12:19:56Darren Tucker
[sftp.c] command editing and history support via libedit; ok markus@ thanks to hshoexer@ and many testers on tech@ too
2004-11-05 - djm@cvs.openbsd.org 2004/10/29 23:57:05Darren Tucker
[key.c] use new buffer API to avoid fatal errors on corrupt keys in authorized_keys files; ok markus@
2004-11-05 - djm@cvs.openbsd.org 2004/10/29 23:56:17Darren Tucker
[bufaux.c bufaux.h buffer.c buffer.h] introduce a new buffer API that returns an error rather than fatal()ing when presented with bad data; ok markus@
2004-11-05 - djm@cvs.openbsd.org 2004/10/29 22:53:56Darren Tucker
[clientloop.c misc.h readpass.c ssh-agent.c] factor out common permission-asking code to separate function; ok markus@
2004-11-05 - djm@cvs.openbsd.org 2004/10/29 21:47:15Darren Tucker
[channels.c channels.h clientloop.c] fix some window size change bugs for multiplexed connections: windows sizes were not being updated if they had changed after ~^Z suspends and SIGWINCH was not being processed unless the first connection had requested a tty; ok markus
2004-11-05 - markus@cvs.openbsd.org 2004/10/20 11:48:53Darren Tucker
[packet.c ssh1.h] disconnect for invalid (out of range) message types.
2004-11-05 - djm@cvs.openbsd.org 2004/10/07 10:12:36Darren Tucker
[ssh-agent.c] don't unlink agent socket when bind() fails, spotted by rich AT rich-paul.net, ok markus@
2004-11-05 - djm@cvs.openbsd.org 2004/10/07 10:10:24Darren Tucker
[scp.1 sftp.1 ssh.1 ssh_config.5] document KbdInteractiveDevices; ok markus@