summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2007-09-17 - gilles@cvs.openbsd.org 2007/09/11 15:47:17Damien Miller
[session.c ssh-keygen.c sshlogin.c] use strcspn to properly overwrite '\n' in fgets returned buffer ok pyr@, ray@, millert@, moritz@, chl@
2007-09-17 - stevesk@cvs.openbsd.org 2007/09/11 04:36:29Damien Miller
[sshpty.c] sort #include NB. RCS ID sync only
2007-09-17 - sobrado@cvs.openbsd.org 2007/09/09 11:38:01Damien Miller
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c] sort synopsis and options in ssh-agent(1); usage is lowercase ok jmc@
2007-09-17 - djm@cvs.openbsd.org 2007/09/04 11:15:56Damien Miller
[ssh.c sshconnect.c sshconnect.h] make ssh(1)'s ConnectTimeout option apply to both the TCP connection and SSH banner exchange (previously it just covered the TCP connection). This allows callers of ssh(1) to better detect and deal with stuck servers that accept a TCP connection but don't progress the protocol, and also makes ConnectTimeout useful for connections via a ProxyCommand; feedback and "looks ok" markus@
2007-09-17 - djm@cvs.openbsd.org 2007/09/04 03:21:03Damien Miller
[clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h] [monitor_wrap.c ssh.c] make file descriptor passing code return an error rather than call fatal() when it encounters problems, and use this to make session multiplexing masters survive slaves failing to pass all stdio FDs; ok markus@
2007-09-17 - djm@cvs.openbsd.org 2007/08/23 03:23:26Damien Miller
[sshconnect.c] Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
2007-09-17 - djm@cvs.openbsd.org 2007/08/23 03:22:16Damien Miller
[auth2-none.c sshd_config sshd_config.5] Support "Banner=none" to disable displaying of the pre-login banner; ok dtucker@ deraadt@
2007-09-17 - djm@cvs.openbsd.org 2007/08/23 03:06:10Damien Miller
[auth.h] login_cap.h doesn't belong here NB. RCS ID sync only for portable
2007-09-17 - djm@cvs.openbsd.org 2007/08/23 02:55:51Damien Miller
[auth-passwd.c auth.c session.c] missed include bits from last commit NB. RCS ID sync only for portable
2007-09-17 - djm@cvs.openbsd.org 2007/08/23 02:49:43Damien Miller
[auth-passwd.c auth.c session.c] unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@ NB. RCS ID sync only for portable
2007-09-14 - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.Darren Tucker
Patch from Jan.Pechanec at sun com.
2007-09-10 - (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because weTim Rice
did a AC_CHECK_FUNCS within the AC_CHECK_LIB test.
2007-09-10 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358: AlwaysDarren Tucker
return 0 on successful test. From David.Leonard at quest com.
2007-09-04don't say it twiceDamien Miller
2007-09-04credit Jan PechanecDamien Miller
2007-09-04Mention Jan PechanecDarren Tucker
2007-08-17 - (dtucker) [INSTALL] Link to tcpwrappers.Darren Tucker
2007-08-17 - (dtucker) [INSTALL] Give PAM its own heading.Darren Tucker
2007-08-17 - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.Darren Tucker
2007-08-17 - (dtucker) [INSTALL] Group the parts describing random options and PAMDarren Tucker
implementations together which is hopefully more coherent.
2007-08-17typoDarren Tucker
2007-08-17 - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote lockedDarren Tucker
accounts and that's what the code looks for, so make man page and code agree. Pointed out by Roumen Petrov.
2007-08-16 - (dtucker) [session.c] Call PAM cleanup functions for unauthenticatedDarren Tucker
connections too. Based on a patch from Sandro Wefel, with & ok djm@
2007-08-15 - stevesk@cvs.openbsd.org 2007/08/15 12:13:41Darren Tucker
[ssh_config.5] tun device forwarding now honours ExitOnForwardFailure; ok markus@
2007-08-15 - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.specDarren Tucker
contrib/suse/openssh.spec] Crank version.
2007-08-15 - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.Darren Tucker
ok djm@
2007-08-15 - markus@cvs.openbsd.org 2007/08/15 08:16:49Darren Tucker
[version.h] openssh 4.7
2007-08-15 - markus@cvs.openbsd.org 2007/08/15 08:14:46Darren Tucker
[clientloop.c] do NOT fall back to the trused x11 cookie if generation of an untrusted cookie fails; from security-alert at sun.com; ok dtucker
2007-08-13 - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is alwaysDarren Tucker
called with PAM_ESTABLISH_CRED at least once, which resolves a problem with pam_dhkeys. Patch from David Leonard, ok djm@
2007-08-10 - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From.Darren Tucker
Matt Kraai, ok djm@.
2007-08-10 - (dtucker) [auth-pam.c] Use sigdie here too. ok djm@Darren Tucker
2007-08-09Credit Bernhard Simon who also reported this.Darren Tucker
2007-08-09 - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren'tDarren Tucker
used anywhere and are a potential source of warnings.
2007-08-09 - (dtucker) [README.platform] Document the interaction between PermitRootLoginDarren Tucker
and the AIX native login restrictions.
2007-08-09 - (dtucker) [openbsd-compat/port-aix.c] Comment typo.Darren Tucker
2007-08-08 - djm@cvs.openbsd.org 2007/08/07 07:32:53Damien Miller
[clientloop.c clientloop.h ssh.c] bz#1232: ensure that any specified LocalCommand is executed after the tunnel device is opened. Also, make failures to open a tunnel device fatal when ExitOnForwardFailure is active. Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 - sobrado@cvs.openbsd.org 2007/08/06 19:16:06Damien Miller
[scp.1 scp.c] the ellipsis is not an optional argument; while here, sync the usage and synopsis of commands lots of good ideas by jmc@ ok jmc@
2007-08-08 - ray@cvs.openbsd.org 2007/07/12 05:48:05Damien Miller
[key.c] Delint: remove some unreachable statements, from Bret Lambert. OK markus@ and dtucker@.
2007-07-24 - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|Tim Rice
2007-07-24 - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)Tim Rice
files are installed.
2007-07-24 - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.Tim Rice
Report/patch by David.Leonard AT quest.com
2007-07-24 - (tim) [openssh.xml.in] make FMRI match what package scripts use.Tim Rice
2007-06-28 - (djm) bz#1325: Fix SELinux in permissive mode where it wouldDamien Miller
incorrectly fatal() on errors. patch from cjwatson AT debian.org; ok dtucker
2007-06-25 - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h] Add an implementation of poll() built on top of select(2). Code from OpenNTPD with changes suggested by djm. ok djm@
2007-06-25 - dtucker@cvs.openbsd.org 2007/06/25 12:02:27Darren Tucker
[atomicio.c] Include <poll.h> like the man page says rather than <sys/poll.h>. ok djm@
2007-06-25 - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to matchDarren Tucker
atomicio.
2007-06-25 - dtucker@cvs.openbsd.org 2007/06/25 08:20:03Darren Tucker
[channels.c] Correct test for window updates every three packets; prevents sending window updates for every single packet. ok markus@
2007-06-25 - djm@cvs.openbsd.org 2007/06/19 02:04:43Darren Tucker
[atomicio.c] if the fd passed to atomicio/atomiciov() is non blocking, then poll() to avoid a spin if it is not yet ready for reading/writing; ok dtucker@
2007-06-25 - djm@cvs.openbsd.org 2007/06/14 22:48:05Darren Tucker
[ssh.c] when waiting for the multiplex exit status, read until the master end writes an entire int of data *and* closes the client_fd; fixes mux regression spotted by dtucker, ok dtucker@
2007-06-25 - djm@cvs.openbsd.org 2007/06/14 21:43:25Darren Tucker
[ssh.c] handle EINTR when waiting for mux exit status properly