Age | Commit message (Collapse) | Author |
|
[key.c]
typo in error message; ok djm@
|
|
[scp.c]
spelling in comment; ok djm@
|
|
[ssh.c]
add -y to usage();
|
|
[servconf.c sshd_config.5]
support setting PermitEmptyPasswords in a Match block
requested in PR3891; ok dtucker@
|
|
[ssh.1 ssh.c]
Add -y option to force logging via syslog rather than stderr.
Useful for daemonised ssh connection (ssh -f). Patch originally from
and ok'd by markus@
|
|
[sshconnect2.c]
Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
function.
spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
and (as is fairly typical) did not report the problem to us. But this fix
is correct.
ok djm
|
|
[sshd.8]
do not give an example of how to chmod files: we can presume the user
knows that. removes an ambiguity in the permission of authorized_keys;
ok deraadt
|
|
[session.c]
Convert an unchecked strdup to xstrdup. OK deraadt@
|
|
[compat.c compat.h nchan.c ssh.c]
only send eow and no-more-sessions requests to openssh 5 and newer;
fixes interop problems with broken ssh v2 implementations; ok djm@
|
|
[kex.c]
OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our
replacement anymore
(ID sync only for portable - we still need this)
|
|
[session.c]
allow ForceCommand internal-sftp with arguments. based on patch from
michael.barabanov AT gmail.com; ok markus@
|
|
[ssh_config.5]
whitepsace -> whitespace. From Matthew Clarke via bugs@.
|
|
[sshconnect2.c]
don't allocate space for empty banners; report t8m at centrum.cz;
ok deraadt
|
|
[key.c]
In random art visualization, make sure to use the end marker only at the
end. Initial diff by Dirk Loss, tweaks and ok djm@
|
|
[ssh_config]
Add VisualHostKey to example file, ok djm@
|
|
[ssh-keygen.1]
Add "ssh-keygen -F -l" to synopsis (displays fingerprint from
known_hosts). ok djm@
|
|
http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16
respectively).
|
|
larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd). Patch
from Nicholas Marriott.
|
|
has been compiled in); report from nix-corp AT esperi.org.uk
ok dtucker@
|
|
[servconf.c]
do not try to print options that have been compile-time disabled
in config test mode (sshd -T); report from nix-corp AT esperi.org.uk
ok dtucker@
|
|
|
|
[contrib/suse/openssh.spec] Update version number in README and RPM specs
|
|
[version.h]
openssh-5.1
|
|
[sftp-server.8]
no need for .Pp before or after .Sh;
|
|
|
|
code, replace with equivalent cygwin library call. Patch from vinschen
at redhat.comi, ok djm@.
|
|
[auth2-hostbased.c]
strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
report and patch from res AT qoxp.net (bz#1200); ok markus@
|
|
[sshconnect2.c]
strnvis preauth banner; pointed out by mpf@ ok markus@
|
|
[channels.c]
this loop index should be automatic, not static
|
|
[clientloop.c]
rename variable first_gc -> last_gc (since it is actually the last
in the list).
|
|
[sftp.1]
number of pipelined requests is now 64;
prodded by Iain.Morgan AT nasa.gov
|
|
return EAI_FAMILY when trying to lookup unsupported address family;
from vinschen AT redhat.com
|
|
[contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
Revamped and simplified Cygwin ssh-host-config script that uses
unified csih configuration tool. Requires recent Cygwin.
Patch from vinschen AT redhat.com
|
|
[sftp-server.8]
mention requirement for /dev/log inside chroot when using sftp-server
with ChrootDirectory
|
|
reported by cristian.ionescu-idbohrn AT axis.com
|
|
prototype; reported by cristian.ionescu-idbohrn AT axis.com
|
|
avoid clash with sin(3) function; reported by
cristian.ionescu-idbohrn AT axis.com
|
|
[sftp.c]
increase number of piplelined requests so they properly fill the
(recently increased) channel window. prompted by rapier AT psc.edu;
ok markus@
|
|
[channels.c]
use struct sockaddr_storage instead of struct sockaddr for accept(2)
address argument. from visibilis AT yahoo.com in bz#1485; ok markus@
|
|
[ssh-keygen.c]
Change "ssh-keygen -F [host] -l" to not display random art unless
-v is also specified, making it consistent with the manual and other
uses of -l.
ok grunk@
|
|
[scp.1]
better description for -i flag:
s/RSA authentication/public key authentication/
|
|
- djm@cvs.openbsd.org 2008/07/12 04:52:50
[channels.c]
unbreak; move clearing of cctx struct to before first use
reported by dkrause@
|
|
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
sync v1 and v2 traffic accounting; add it to sshd, too;
ok djm@, dtucker@
|
|
[channels.c]
missing bzero; from mickey; ok djm@
|
|
[key.c]
/*NOTREACHED*/ for lint warning:
warning: function key_equal falls off bottom without returning value
ok djm@
|
|
[ttymodes.c]
we don't need arg after the debug3() was removed. from lint.
ok djm@
|
|
|
|
|
|
account check failure path. The vulnerable format buffer is supplied
from PAM and should not contain attacker-supplied data.
|
|
|