Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-09-14 | releasing version 1:4.2p1-1 | Colin Watson | |
2005-09-14 | * Set X11Forwarding to yes in the default sshd_config (new installs only). | Colin Watson | |
At least when X11UseLocalhost is turned on, which is the default, the security risks of using X11 forwarding are risks to the client, not to the server (closes: #320104). | |||
2005-09-14 | * openssh-client and openssh-server conflict with pre-split ssh to avoid | Colin Watson | |
problems when ssh is left un-upgraded (closes: #324695). | |||
2005-09-14 | Flesh out changelog for upstream changes in 4.2p1. | Colin Watson | |
2005-09-14 | * debian/rules: Resynchronise CFLAGS with that generated by configure. | Colin Watson | |
2005-09-14 | Merge 4.2p1 to the trunk. | Colin Watson | |
2005-09-14 | Import OpenSSH 4.2p1. | Colin Watson | |
2005-09-02 | releasing version 1:4.1p1-7 | Colin Watson | |
2005-09-02 | * Policy version 3.6.2: no changes required. | Colin Watson | |
2005-09-02 | * Fix XSIish uses of 'test' in openssh-server.preinst. | Colin Watson | |
2005-09-02 | * Add GNU/kFreeBSD support (thanks, Aurelien Jarno; closes: #318113). | Colin Watson | |
2005-09-02 | * Work around the ssh-askpass alternative somehow ending up in manual mode | Colin Watson | |
pointing to the obsolete /usr/lib/ssh/gnome-ssh-askpass. | |||
2005-09-01 | - (djm) Update RPM spec file versions | Damien Miller | |
2005-08-31 | - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c | Tim Rice | |
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd(). Feedback and OK dtucker@ | |||
2005-09-01 | - (dtucker) [README] Update release note URL to 4.2 | Darren Tucker | |
2005-08-31 | - markus@cvs.openbsd.org 2005/08/31 09:28:42 | Damien Miller | |
[version.h] 4.2 | |||
2005-08-31 | - (djm) OpenBSD CVS Sync | Damien Miller | |
- djm@cvs.openbsd.org 2005/08/30 22:08:05 [gss-serv.c sshconnect2.c] destroy credentials if krb5_kuserok() call fails. Stops credentials being delegated to users who are not authorised for GSSAPIAuthentication when GSSAPIDeletegateCredentials=yes and another authentication mechanism succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@ | |||
2005-08-31 | correct bug number | Damien Miller | |
2005-08-30 | - (tim) [configure.ac] Back out last change. It needs to be done differently. | Tim Rice | |
2005-08-29 | - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long | Tim Rice | |
password support to 7.x for now. | |||
2005-08-26 | - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c | Tim Rice | |
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char) on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing by tim@. Feedback and OK dtucker@ | |||
2005-08-23 | - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@ | Tim Rice | |
2005-08-23 | - (tim) [configure.ac ] Not all gcc's support -Wsign-compare | Tim Rice | |
2005-08-23 | - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully- | Darren Tucker | |
qualified sshd pathname since some systems (eg Cygwin) may consider "/foo" and "//foo" to be different. Spotted by vinschen at redhat.com. | |||
2005-08-23 | - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for | Darren Tucker | |
LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@ | |||
2005-08-16 | - (djm) [ttymodes.c] bugzilla #1054: Fix encoding of _POSIX_VDISABLE, | Damien Miller | |
from Jacob Nevins; ok dtucker@ | |||
2005-08-15 | - (tim) [configure.ac] corrections to libedit tests. Report and patches | Tim Rice | |
by skeleten AT shillest.net | |||
2005-08-15 | - (tim) wrap el_end() in #ifdef USE_LIBEDIT | Tim Rice | |
2005-08-12 | - jaredy@cvs.openbsd.org 2005/08/08 13:22:48 | Damien Miller | |
[sftp.c] sftp prompt enhancements: - in non-interactive mode, do not print an empty prompt at the end before finishing - print newline after EOF in editline mode - call el_end() in editline mode ok dtucker djm | |||
2005-08-12 | oops, that last commit was: | Damien Miller | |
Report from Janusz Mucka; ok djm@ | |||
2005-08-12 | - dtucker@cvs.openbsd.org 2005/08/06 10:03:12 | Damien Miller | |
[servconf.c] Unbreak sshd ListenAddress for bare IPv6 addresses. | |||
2005-08-12 | - djm@cvs.openbsd.org 2005/07/30 02:03:47 | Damien Miller | |
[readconf.c] listen_hosts initialisation here too; spotted greg AT y2005.nest.cx | |||
2005-08-12 | - djm@cvs.openbsd.org 2005/07/30 01:26:16 | Damien Miller | |
[ssh.c] fix -D listen_host initialisation, so it picks up gateway_ports setting correctly | |||
2005-08-12 | - markus@cvs.openbsd.org 2005/07/28 17:36:22 | Damien Miller | |
[packet.c] missing packet_init_compression(); from solar | |||
2005-08-10 | - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c] | Darren Tucker | |
Sync current (thread-safe) version of realpath.c from OpenBSD (which is in turn based on FreeBSD's). ok djm@ | |||
2005-08-10 | - (dtucker) [configure.ac] Test libedit library and headers for compatibility. | Darren Tucker | |
Report from skeleten AT shillest.net, ok djm@ | |||
2005-08-09 | - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@ | Tim Rice | |
Report by skeleten AT shillest.net | |||
2005-08-03 | - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the | Darren Tucker | |
latter is specified in the standard. | |||
2005-08-03 | - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines | Darren Tucker | |
individually and use a value less likely to collide with real values from netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@ | |||
2005-08-03 | - (dtucker) [configure.ac] Add a --with-Werror option to configure for | Darren Tucker | |
adding -Werror to CFLAGS when all of the configure tests are done. ok djm@ | |||
2005-08-02 | - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling | Darren Tucker | |
with gcc. ok djm@ | |||
2005-08-02 | - dtucker@cvs.openbsd.org 2005/07/27 10:39:03 | Darren Tucker | |
[scp.c hostfile.c sftp-client.c] Silence bogus -Wuninitialized warnings; ok djm@ | |||
2005-07-26 | - markus@cvs.openbsd.org 2005/07/25 11:59:40 | Damien Miller | |
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c] [sshconnect2.c sshd.c sshd_config sshd_config.5] add a new compression method that delays compression until the user has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@ | |||
2005-07-26 | - (djm) OpenBSD CVS Sync | Damien Miller | |
- otto@cvs.openbsd.org 2005/07/19 15:32:26 [auth-passwd.c] auth_usercheck(3) can return NULL, so check for that. Report from mpech@. ok markus@ | |||
2005-07-26 | - (dtucker) [configure.ac] Update zlib warning message too, pointed out by | Darren Tucker | |
tim@. | |||
2005-07-25 | - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096. | Darren Tucker | |
2005-07-17 | - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls | Damien Miller | |
2005-07-17 | -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c] | Damien Miller | |
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too | |||
2005-07-17 | - djm@cvs.openbsd.org 2005/07/17 07:17:55 | Damien Miller | |
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces | |||
2005-07-17 | - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line | Damien Miller | |
- djm@cvs.openbsd.org 2005/07/17 06:49:04 [channels.c channels.h session.c session.h] Fix a number of X11 forwarding channel leaks: 1. Refuse multiple X11 forwarding requests on the same session 2. Clean up all listeners after a single_connection X11 forward, not just the one that made the single connection 3. Destroy X11 listeners when the session owning them goes away testing and ok dtucker@ |