openssh.git -

Age	Commit message (Collapse)	Author
2010-11-05	- (dtucker) [regress/kextype.sh] Add missing "test".	Darren Tucker

2010-11-05	- (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]	Darren Tucker
	Import recent changes to regress/Makefile, pass a flag to enable ECC tests from configure through to regress/Makefile and use it in the tests.
2010-11-05	- (dtucker) [regress/keytype.sh] Import new test.	Darren Tucker

2010-11-05	- (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case	Darren Tucker
	check into platform.c
2010-11-05	- (dtucker) [platform.c session.c] Move PAM credential establishment for the	Darren Tucker
	non-LOGIN_CAP case into platform.c.
2010-11-05	- (dtucker) [platform.c session.c] Move irix setusercontext fragment into	Darren Tucker
	platform.c.
2010-11-05	- (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c.	Darren Tucker

2010-11-05	- (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into	Darren Tucker
	platform.c
2010-11-05	- (dtucker) [platform.c session.c] Move the PAM credential establishment for	Darren Tucker
	the LOGIN_CAP case into platform.c.
2010-11-05	- (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to	Darren Tucker
	retain previous behavior.
2010-11-05	- (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.	Darren Tucker

2010-11-05	- (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into	Darren Tucker
	platform.c
2010-11-05	- (dtucker) [platform.c platform.h session.c] Add a platform hook to run	Darren Tucker
	after the user's groups are established and move the selinux calls into it.
2010-11-05	- (dtucker) [configure.ac platform.{c,h} session.c	Darren Tucker
	openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@
2010-11-05	- (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of	Damien Miller
	int. Should fix bz#1817 cleanly; ok dtucker@
2010-11-05	- djm@cvs.openbsd.org 2010/11/04 02:45:34	Damien Miller
	[sftp-server.c] umask should be parsed as octal. reported by candland AT xmission.com; ok markus@
2010-11-05	- jmc@cvs.openbsd.org 2010/10/28 18:33:28	Damien Miller
	[scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] knock out some "-- nroff --" lines;
2010-11-05	- djm@cvs.openbsd.org 2010/10/28 11:22:09	Damien Miller
	[authfile.c key.c key.h ssh-keygen.c] fix a possible NULL deref on loading a corrupt ECDH key store ECDH group information in private keys files as "named groups" rather than as a set of explicit group parameters (by setting the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and retrieves the group's OpenSSL NID that we need for various things.
2010-11-05	- djm@cvs.openbsd.org 2010/09/22 12:26:05	Damien Miller
	[regress/Makefile regress/kextype.sh] regress test for each of the key exchange algorithms that we support
2010-10-25	- (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a	Darren Tucker
	native one.
2010-10-24	- (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with	Tim Rice
	1.12 to unbreak Solaris build. ok djm@
2010-10-24	- (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't	Darren Tucker
	have it.
2010-10-24	- (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms	Darren Tucker
	which don't have ECC support in libcrypto.
2010-10-24	- (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms	Darren Tucker
	which don't have ECC support in libcrypto.
2010-10-24	- sthen@cvs.openbsd.org 2010/10/23 22:06:12	Darren Tucker
	[sftp.c] escape '[' in filename tab-completion; fix a type while there. ok djm@
2010-10-24	- (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.	Darren Tucker

2010-10-21	- djm@cvs.openbsd.org 2010/08/31 12:24:09	Damien Miller
	[regress/cert-hostkey.sh regress/cert-userkey.sh] tests for ECDSA certificates
2010-10-21	- OpenBSD CVS Sync	Damien Miller
	- dtucker@cvs.openbsd.org 2010/10/12 02:22:24 [mux.c] Typo in confirmation message. bz#1827, patch from imorgan at nas nasa gov
2010-10-12	- (djm) [sshconnect.c] Need signal.h for prototype for kill(2)	Damien Miller

2010-10-12	- (djm) [canohost.c] Zero a4 instead of addr to better match type.	Damien Miller
	bz#1825, reported by foo AT mailinator.com
2010-10-11	- (djm) [configure.ac] Use = instead of == in shell tests. Patch from	Damien Miller
	dr AT vasco.com
2010-10-07	- (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp	Damien Miller

2010-10-07	- (djm) [cipher-acss.c] Add missing header.	Damien Miller

2010-10-07	- (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.	Damien Miller

2010-10-07	- djm@cvs.openbsd.org 2010/10/06 21:10:21	Damien Miller
	[sshconnect.c] swapped args to kill(2)
2010-10-07	- djm@cvs.openbsd.org 2010/10/06 06:39:28	Damien Miller
	[clientloop.c ssh.c sshconnect.c sshconnect.h] kill proxy command on fatal() (we already kill it on clean exit); ok markus@
2010-10-07	- djm@cvs.openbsd.org 2010/10/05 05:13:18	Damien Miller
	[sftp.c sshconnect.c] use default shell /bin/sh if $SHELL is ""; ok markus@
2010-10-07	- djm@cvs.openbsd.org 2010/10/01 23:05:32	Damien Miller
	[cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h] adapt to API changes in openssl-1.0.0a NB. contains compat code to select correct API for older OpenSSL
2010-10-07	- (djm) [ssh-agent.c] Fix type for curve name.	Damien Miller

2010-10-07	sadly, two typos on one line is not my best record	Damien Miller

2010-10-07	unbreak previous	Damien Miller

2010-10-07	- djm@cvs.openbsd.org 2010/09/30 11:04:51	Damien Miller
	[servconf.c] prevent free() of string in .rodata when overriding AuthorizedKeys in a Match block; patch from rein AT basefarm.no
2010-10-07	- djm@cvs.openbsd.org 2010/09/26 22:26:33	Damien Miller
	[sftp.c] when performing an "ls" in columnated (short) mode, only call ioctl(TIOCGWINSZ) once to get the window width instead of per- filename
2010-10-07	- djm@cvs.openbsd.org 2010/09/25 09:30:16	Damien Miller
	[sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h] make use of new glob(3) GLOB_KEEPSTAT extension to save extra server rountrips to fetch per-file stat(2) information. NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to match.
2010-10-07	- matthew@cvs.openbsd.org 2010/09/24 13:33:00	Damien Miller
	[misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h] [openbsd-compat/timingsafe_bcmp.c] Add timingsafe_bcmp(3) to libc, mention that it's already in the kernel in kern(9), and remove it from OpenSSH. ok deraadt@, djm@ NB. re-added under openbsd-compat/ for portable OpenSSH
2010-09-24	- jmc@cvs.openbsd.org 2010/09/23 13:36:46	Damien Miller
	[scp.1 sftp.1] add KexAlgorithms to the -o list;
2010-09-24	- jmc@cvs.openbsd.org 2010/09/23 13:34:43	Damien Miller
	[sftp.c] add [-l limit] to usage();
2010-09-24	- djm@cvs.openbsd.org 2010/09/22 22:58:51	Damien Miller
	[atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c] [sftp-client.h sftp.1 sftp.c] add an option per-read/write callback to atomicio factor out bandwidth limiting code from scp(1) into a generic bandwidth limiter that can be attached using the atomicio callback mechanism add a bandwidth limit option to sftp(1) using the above "very nice" markus@
2010-09-24	- jmc@cvs.openbsd.org 2010/09/22 08:30:08	Damien Miller
	[ssh.1 ssh_config.5] ssh.1: add kexalgorithms to the -o list ssh_config.5: format the kexalgorithms in a more consistent (prettier!) way ok djm
2010-09-24	- djm@cvs.openbsd.org 2010/09/22 05:01:30	Damien Miller
	[kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h] [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5] add a KexAlgorithms knob to the client and server configuration to allow selection of which key exchange methods are used by ssh(1) and sshd(8) and their order of preference. ok markus@