| Age | Commit message (Collapse) | Author |
|---|
|
When building against an OpenSSL configured without ECC, don't include
those algos in CASignatureAlgorithms. ok djm@
|
|
to make things a little tidier for -portable.
OpenBSD-Commit-ID: 616379861be95619e5358768b7dee4793e2f3a75
|
|
the socket into fd3, so as to not mistakenly leak other fd forward
accidentally. ok djm
OpenBSD-Commit-ID: 24cc753f5aa2c6a7d0fbf62766adbc75cd785296
|
|
Part of a patch from Stephen Gregoratto <dev at sgregoratto dot me>.
OpenBSD-Commit-ID: 15501ed13c595f135e7610b1a5d8345ccdb513b7
|
|
be able to find out from where the request was comming.
Add the same logging for PermitListen violations which where not
logged at all.
Pointed out by Robert Kisteleki (robert AT ripe.net)
input markus
OK deraadt
OpenBSD-Commit-ID: 8a7d0f1b7175504c0d1dca8d9aca1588b66448c8
|
|
Clarify the language around prngd and egd.
|
|
|
|
Previously configure would not select the "doc" man page format if
mandoc was present but nroff was not. This checks for mandoc first
and removes a now-superflous AC_PATH_PROG. Based on a patch from
vehk at vehk.de and feedback from schwarze at usta.de.
|
|
left-justification in snmprintf. bz#3002, patch from velemas at gmail.com, ok
markus@.
OpenBSD-Commit-ID: 65d252b799be0cc8f68b6c47cece0a57bb00fea7
|
|
blueflash.cc, ok deraadt
OpenBSD-Commit-ID: dbe4db381603909482211ffdd2b48abd72169117
|
|
blueflash.cc, ok djm@
OpenBSD-Commit-ID: c54e9945d93c4ce28350d8b9fa8b71f744ef2b5a
|
|
blueflash.cc, ok djm
OpenBSD-Commit-ID: e3b34fc35cf12d33bde91ac03633210a3bc0f8b5
|
|
OpenBSD-Commit-ID: db6375fc302e3bdf07d96430c63c991b2c2bd3ff
|
|
from Markus Schmidt via openssh-unix-dev, ok markus@
OpenBSD-Commit-ID: 4c0f0f458e3da7807806b35e3eb5c1e8403c968a
|
|
sebastiaanlokhorst at gmail.com via bz#2997.
OpenBSD-Commit-ID: bdd62ff5d4d649d2147904e91bf7cefa82fe11e1
|
|
-C does not match, which allows it to work when sshd_config contains a Match
directive with or without -C. bz#2858, ok djm@
OpenBSD-Commit-ID: 1a701f0a33e3bc96753cfda2fe0b0378520b82eb
|
|
SSH1 protocol. Patch from yumkam at gmail.com, ok deraadt.
OpenBSD-Commit-ID: cceda5876c5ba6b4d8abcd52335329198cee3240
|
|
|
|
|
|
Patch from markus at blueflash.cc via openssh-unix-dev.
|
|
Check if STREAMS modules are already installed on pty before installing
since when compiling with XPG>=4 they will likely be installed already.
Prevents hangs and duplicate lines on the terminal. bz#2945 and bz#2998,
patch from djm@
|
|
|
|
A number of contrib/* files refer to the existing README so let's leave
it in place for release and add the new markdown version in parallel.
I'll get rid of README after release.
|
|
This reverts commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f.
|
|
Include basic build instructions and comments on commonly-used build-
time flags, links to the manual pages and other resources.
Now in Markdown format for better viewing on github, etc.
|
|
|
|
OpenBSD-Commit-ID: 5aafdf218679dab982fea20771afd643be9a127b
|
|
from Jakub Jelen
|
|
than just the function name and the error message
OpenBSD-Commit-ID: dd72d7eba2215fcb89be516c378f633ea5bcca9f
|
|
It's not needed, and is not available from the call site in loginrec.c
Should only affect AIX, spotted by Kevin Brott.
|
|
Spotted by Kevin Brott.
|
|
Should fix build on AIX 7.2.
|
|
|
|
|
|
The SoftHSM lives in Fedora in /usr/lib64/pkcs11/libsofthsm2.so
|
|
Fixes build on systems that don't have it (Solaris <=9) Found by
Tom G. Christensen.
|
|
- Cygwin supports non-DOS characters in filenames
- Cygwin does not support Windows XP anymore
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
that could cause connection to close incorrectly; Report and patch from Jakub
Jelen in bz#2757; ok dtucker@ markus@
OpenBSD-Commit-ID: 17229a8a65bd8e6c2080318ec2b7a61e1aede3fb
|
|
any" in a Match block overrides a more restrictive global default.
Spotted by jmc@, ok markus@
OpenBSD-Commit-ID: a90a4fe2ab81d0eeeb8fdfc21af81f7eabda6666
|
|
OpenBSD-Commit-ID: 106e853ae8a477e8385bc53824d3884a8159db07
|
|
sizes. "seems worthwhile" deraadt.
OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
|
|
the estimates from NIST Special Publication 800-57, 3k bits provides security
equivalent to 128 bits which is the smallest symmetric cipher we enable by
default. ok markus@ deraadt@
OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
|
|
OpenBSD-Commit-ID: 478a0567c83553a2aebf95d0f1bd67ac1b1253e4
|
|
OpenBSD-Commit-ID: d4bec27edefde636fb632b7f0b7c656b9c7b7f08
|
|
OpenBSD-Commit-ID: febce81cca72b71f70513fbee4ff52ca050f675c
|
|
ok djm@
|
|
Seteuid now creates user token using S4U. We don't create a token
from scratch anymore, so we don't need the "Create a process token"
privilege. The service can run under SYSTEM again...
...unless Cygwin is running on Windows Vista or Windows 7 in the
WOW64 32 bit emulation layer. It turns out that WOW64 on these systems
didn't implement MsV1_0 S4U Logon so we still need the fallback
to NtCreateToken for these systems.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
The latter checks for memory exhaustion and integer overflow and may be
at a less predictable place. Sanity check by vinschen at redhat.com, ok
djm@
|
|
Patch from vinschen at redhat.com, updated a little by me.
|
|
function. This is a no-op on OpenBSD but will make things easier in
-portable, eg on systems where these checks should be case-insensitive. ok
djm@
OpenBSD-Commit-ID: 8bc9c8d98670e23f8eaaaefe29c1f98e7ba0487e
|
