Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
(closes: #727622, LP: #1244272).
|
|
|
|
|
|
|
|
- sshd(8): fix a memory corruption problem triggered during rekeying
when an AES-GCM cipher is selected (closes: #729029). Full details
of the vulnerability are available at:
http://www.openssh.com/txt/gcmrekey.adv
|
|
|
|
|
|
|
|
[version.h]
openssh-6.4
|
|
[contrib/suse/openssh.spec] update version numbers
|
|
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
|
|
[monitor_wrap.c]
fix rekeying for AES-GCM modes; ok deraadt
|
|
- sftp(1): add support for resuming partial downloads using the "reget"
command and on the sftp commandline or on the "get" commandline using
the "-a" (append) option (closes: #158590).
- ssh(1): add an "IgnoreUnknown" configuration option to selectively
suppress errors arising from unknown configuration directives (closes:
#436052).
- sftp(1): update progressmeter when data is acknowledged, not when it's
sent (partially addresses #708372).
- ssh(1): do not fatally exit when attempting to cleanup multiplexing-
created channels that are incompletely opened (closes: #651357).
|
|
|
|
|
|
|
|
|
|
ok dtucker@
|
|
|
|
until we have configure support.
|
|
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
start to use them in the future.
|
|
[ssh.1 ssh_config.5]
some proxyusefdpass tweaks;
|
|
[readconf.c readconf.h ssh_config.5 sshconnect.c]
Add a ssh_config ProxyUseFDPass option that supports the use of
ProxyCommands that establish a connection and then pass a connected
file descriptor back to ssh(1). This allows the ProxyCommand to exit
rather than have to shuffle data back and forth and enables ssh to use
getpeername, etc. to obtain address information just like it does with
regular directly-connected sockets. ok markus@
|
|
[scp.1 ssh.1]
some Bx/Ox conversion;
From: Jan Stary
|
|
[ssh-keygen.c]
another of the same typo
|
|
[ssh-keygen.c]
typo in error message; from Stephan Rickauer
|
|
[sftp.c]
enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
matching ksh's relatively recent change.
|
|
[sftp-client.c]
two problems found by a to-be-committed regress test: 1) msg_id was not
being initialised so was starting at a random value from the heap
(harmless, but confusing). 2) some error conditions were not being
propagated back to the caller
|
|
[sftp.c]
do getopt parsing for all sftp commands (with an empty optstring for
commands without arguments) to ensure consistent behaviour
|
|
[sftp-client.c sftp-client.h sftp.c]
add a "-l" flag for the rename command to force it to use the silly
standard SSH_FXP_RENAME command instead of the POSIX-rename- like
posix-rename@openssh.com extension.
intended for use in regress tests, so no documentation.
|
|
[sftp.c]
fix two year old regression: symlinking a file would incorrectly
canonicalise the target path. bz#2129 report from delphij AT freebsd.org
|
|
[sftp.1 sftp.c]
sort -a;
|
|
[servconf.c]
add cast to avoid format warning; from portable
|
|
[sftp.1]
document top-level -a option (the -a option to 'get' was already
documented)
|
|
[sftp.c]
fix some whitespace at EOL
make list of commands an enum rather than a long list of defines
add -a to usage()
|
|
ready to accept connections (by raising SIGSTOP at that point and using
"expect stop").
|
|
removal. The "make clean" removes modpipe which is built by the top-level
directory before running the tests. Spotted by tim@
|
|
mistakenly included in the previous commit.
|
|
CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the
CLOCK_MONOTONIC define but don't actually support it. Found and tested
by Kevin Brott, ok djm.
|
|
since some platforms (eg really old FreeBSD) don't have it. Instead,
run "make clean" before a complete regress run. ok djm.
|
|
for building with older Heimdal versions. ok djm.
|
|
|
|
blocking connecting socket will clear any stored errno that might
otherwise have been retrievable via getsockopt(). A hack to limit writes
to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
it in an #ifdef. Diagnosis and patch from Ivo Raisr.
|
|
|
|
|
|
Solaris and UnixWare. Feedback and OK djm@
|
|
[contrib/suse/openssh.spec] Update version numbers
|