openssh.git -

Age	Commit message (Collapse)	Author
2014-08-26	- (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,	Damien Miller
	update OpenSSL version requirement.
2014-08-26	- (djm) [bufec.c] Skip this file on !ECC OpenSSL	Damien Miller

2014-08-24	- (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not	Damien Miller
	PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
2014-08-23	- (djm) [configure.ac] We now require a working vsnprintf everywhere (not	Damien Miller
	just for systems that lack asprintf); check for it always and extend test to catch more brokenness. Fixes builds on Solaris <= 9
2014-08-23	- (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on	Damien Miller
	lastlog writing on platforms with high UIDs; bz#2263
2014-08-22	- (djm) [configure.ac] double braces to appease autoconf	Damien Miller

2014-08-22	- (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/	Damien Miller
	definition mismatch) and warning for broken/missing snprintf case.
2014-08-22	- (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC	Damien Miller

2014-08-22	- (djm) [configure.ac] include leading zero characters in OpenSSL version	Damien Miller
	number; fixes test for unsupported versions
2014-08-21	- (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that	Damien Miller
	don't set __progname. Diagnosed by Tom Christensen.
2014-08-21	- (djm) [key.h] Fix ifdefs for no-ECC OpenSSL	Damien Miller

2014-08-21	- (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.	Damien Miller

2014-08-20	- (djm) [contrib/cygwin/README] Correct build instructions; from Corinna	Damien Miller

2014-08-20	- (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC	Damien Miller

2014-08-20	- (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than	Damien Miller
	-L/-l; fixes linking problems on some platforms
2014-08-20	- (djm) [configure.ac] Check OpenSSL version is supported at configure time;	Damien Miller
	suggested by Kevin Brott
2014-08-19	- (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]	Damien Miller
	[contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions of TCP wrappers.
2014-08-19	- (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG	Damien Miller

2014-08-19	- (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.	Damien Miller

2014-08-19	- (djm) [myproposal.h] Make curve25519 KEX dependent on	Damien Miller
	HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
2014-08-19	- (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen	Damien Miller

2014-08-10	- (djm) [README contrib/caldera/openssh.spec]	Damien Miller
	[contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
2014-08-01	- (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate	Damien Miller
	nc from stdin, it's more portable
2014-08-01	- (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin	Damien Miller
	is closed; avoid regress failures when stdin is /dev/null
2014-08-01	- (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need	Damien Miller
	a better solution, but this will have to do for now.
2014-07-30	- schwarze@cvs.openbsd.org 2014/07/28 15:40:08	Damien Miller
	[sftp-server.8 sshd_config.5] some systems no longer need /dev/log; issue noticed by jirib; ok deraadt
2014-07-30	- dtucker@cvs.openbsd.org 2014/07/25 21:22:03	Damien Miller
	[ssh-agent.c] Clear buffer used for handling messages. This prevents keys being left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
2014-07-30	- OpenBSD CVS Sync	Damien Miller
	- millert@cvs.openbsd.org 2014/07/24 22:57:10 [ssh.1] Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
2014-07-25	- (djm) [regress/multiplex.sh] restore incorrectly deleted line;	Damien Miller
	pointed out by Christian Hesse
2014-07-23	- dtucker@cvs.openbsd.org 2014/07/22 23:35:38	Darren Tucker
	[regress/unittests/sshkey/testdata/*] Regenerate test keys with certs signed with ed25519 instead of ecdsa. These can be used in -portable on platforms that don't support ECDSA.
2014-07-23	- dtucker@cvs.openbsd.org 2014/07/22 23:57:40	Darren Tucker
	[regress/unittests/sshkey/mktestdata.sh] Add $OpenBSD tag to make syncs easier
2014-07-23	- dtucker@cvs.openbsd.org 2014/07/22 23:23:22	Darren Tucker
	[regress/unittests/sshkey/mktestdata.sh] Sign test certs with ed25519 instead of ecdsa so that they'll work in -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
2014-07-23	- djm@cvs.openbsd.org 2014/07/22 01:32:12	Darren Tucker
	[regress/multiplex.sh] change the test for still-open Unix domain sockets to be robust against nc implementations that produce error messages. from -portable (Id sync only)
2014-07-23	- guenther@cvs.openbsd.org 2014/07/22 07:13:42	Darren Tucker
	[umac.c] Convert from <sys/endian.h> to the shiney new <endian.h> ok dtucker@, who also confirmed that -portable handles this already (ID sync only, includes.h pulls in endian.h if available.)
2014-07-23	- dtucker@cvs.openbsd.org 2014/07/22 01:18:50	Darren Tucker
	[key.c] Prevent spam from key_load_private_pem during hostbased auth. ok djm@
2014-07-23	- (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-	Darren Tucker
	specific tests inside OPENSSL_HAS_ECC.
2014-07-22	- (djm) [regress/multiplex.sh] change the test for still-open Unix	Damien Miller
	domain sockets to be robust against nc implementations that produce error messages.
2014-07-22	- (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;	Damien Miller
	put it back
2014-07-22	- (dtucker) [sshkey.c] ifdef out unused variable when compiling without	Darren Tucker
	OPENSSL_HAS_ECC.
2014-07-21	- (djm) [regress/multiplex.sh] Not all netcat accept the -N option.	Damien Miller

2014-07-21	- millert@cvs.openbsd.org 2014/07/15 15:54:15	Damien Miller
	[forwarding.sh multiplex.sh] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
2014-07-21	- (dtucker) [regress/unittests/sshkey/	Darren Tucker
	{common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in ifdefs.
2014-07-21	- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits	Darren Tucker
	needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
2014-07-18	- (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used	Tim Rice
	in servconf.h.
2014-07-19	- (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.	Darren Tucker

2014-07-19	- (dtucker) [Makefile.in] Add a t-exec target to run just the executable	Darren Tucker
	tests.
2014-07-19	- (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used	Darren Tucker
	in servconf.h.
2014-07-18	- djm@cvs.openbsd.org 2014/07/18 02:46:01	Damien Miller
	[ssh-agent.c] restore umask around listener socket creation (dropped in streamlocal patch merge)
2014-07-18	- djm@cvs.openbsd.org 2014/07/17 07:22:19	Damien Miller
	[mux.c ssh.c] reflect stdio-forward ("ssh -W host:port ...") failures in exit status. previously we were always returning 0. bz#2255 reported by Brendan Germain; ok dtucker
2014-07-18	- djm@cvs.openbsd.org 2014/07/17 00:12:03	Damien Miller
	[key.c] silence "incorrect passphrase" error spam; reported and ok dtucker@