summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 23:13:01Damien Miller
[version.h] crank now, release later
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 01:22:11Damien Miller
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5] Add new SHA256 and SHA512 based HMAC modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt Patch from mdb AT juniper.net; feedback and ok markus@
2011-08-06 - markus@cvs.openbsd.org 2011/08/01 19:18:15Damien Miller
[gss-serv.c] prevent post-auth resource exhaustion (int overflow leading to 4GB malloc); report Adam Zabrock; ok djm@, deraadt@
2011-08-06 - djm@cvs.openbsd.org 2011/07/29 14:42:45Damien Miller
[sandbox-systrace.c] fail open(2) with EPERM rather than SIGKILLing the whole process. libc will call open() to do strerror() when NLS is enabled; feedback and ok markus@
2011-08-06 - tedu@cvs.openbsd.org 2011/07/06 18:09:21Damien Miller
[authfd.c] bzero the agent address. the kernel was for a while very cranky about these things. evne though that's fixed, always good to initialize memory. ok deraadt djm
2011-08-06 - djm@cvs.openbsd.org 2011/06/23 23:35:42Damien Miller
[monitor.c] ignore EINTR errors from poll()
2011-07-29releasing version 1:5.8p1-7Colin Watson
2011-07-29Use 'dpkg-vendor --derives-from Ubuntu' to detect Ubuntu systems ratherColin Watson
than 'lsb_release -is' so that Ubuntu derivatives behave the same way as Ubuntu itself.
2011-07-29Only recommend ssh-import-id when built on Ubuntu (closes: #635887).Colin Watson
2011-07-28releasing version 1:5.8p1-6Colin Watson
2011-07-28* Merge from Ubuntu (Dustin Kirkland):Colin Watson
- openssh-server Recommends: ssh-import-id (no-op in Debian since that package doesn't exist there, but this reduces the Ubuntu delta).
2011-07-28Quieten logs when multiple from= restrictions are used in differentColin Watson
authorized_keys lines for the same key; it's still not ideal, but at least you'll only get one log entry per key (closes: #630606).
2011-07-28openssh-client and openssh-server Suggests: monkeysphere.Colin Watson
2011-07-24releasing version 1:5.8p1-5Colin Watson
2011-07-17* Backport from upstream:Colin Watson
- Make hostbased auth with ECDSA keys work correctly (closes: #633368).
2011-06-27 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox forDamien Miller
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/23 09:34:13Damien Miller
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c] [sandbox-null.c] rename sandbox.h => ssh-sandbox.h to make things easier for portable
2011-06-23 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't supportDamien Miller
setrlimit(2)
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 22:08:42Damien Miller
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c] hook up a channel confirm callback to warn the user then requested X11 forwarding was refused by the server; ok markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 21:57:01Damien Miller
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c] [sandbox-systrace.c sandbox.h configure.ac Makefile.in] introduce sandboxing of the pre-auth privsep child using systrace(4). This introduces a new "UsePrivilegeSeparation=sandbox" option for sshd_config that applies mandatory restrictions on the syscalls the privsep child can perform. This prevents a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. The sandbox is implemented using systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option. UsePrivilegeSeparation=sandbox will become the default in the future so please start testing it now. feedback dtucker@; ok markus@
2011-06-23 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2011/06/22 21:47:28 [servconf.c] reuse the multistate option arrays to pretty-print options for "sshd -T"
2011-06-20 - djm@cvs.openbsd.org 2011/06/17 21:57:25Damien Miller
[clientloop.c] setproctitle for a mux master that has been gracefully stopped; bz#1911 from Bert.Wesarg AT googlemail.com
2011-06-20 - djm@cvs.openbsd.org 2011/06/17 21:47:35Damien Miller
[servconf.c] factor out multi-choice option parsing into a parse_multistate label and some support structures; ok dtucker@
2011-06-20 - djm@cvs.openbsd.org 2011/06/17 21:46:16Damien Miller
[sftp-server.c] the protocol version should be unsigned; bz#1913 reported by mb AT smartftp.com
2011-06-20 - djm@cvs.openbsd.org 2011/06/17 21:44:31Damien Miller
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c] make the pre-auth privsep slave log via a socketpair shared with the monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
2011-06-20 - markus@cvs.openbsd.org 2011/06/14 22:49:18Damien Miller
[authfile.c] make sure key_parse_public/private_rsa1() no longer consumes its input buffer. fixes ssh-add for passphrase-protected ssh1-keys; noted by naddy@; ok djm@
2011-06-20 - djm@cvs.openbsd.org 2011/06/04 00:10:26Damien Miller
[ssh_config.5] explain IdentifyFile's semantics a little better, prompted by bz#1898 ok dtucker jmc
2011-06-02 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.Tim Rice
2011-06-03 - dtucker@cvs.openbsd.org 2011/06/03 00:29:52Darren Tucker
[regress/dynamic-forward.sh] Retry establishing the port forwarding after a small delay, should make the tests less flaky when the previous test is slow to shut down and free up the port.
2011-06-03 - dtucker@cvs.openbsd.org 2011/05/31 02:03:34Darren Tucker
[regress/dynamic-forward.sh] work around startup and teardown races; caught by deraadt
2011-06-03 - dtucker@cvs.openbsd.org 2011/05/31 02:01:58Darren Tucker
[regress/dynamic-forward.sh] back out revs 1.6 and 1.5 since it's not reliable
2011-06-03 - dtucker@cvs.openbsd.org 2011/06/03 01:37:40Darren Tucker
[ssh-agent.c] Check current parent process ID against saved one to determine if the parent has exited, rather than attempting to send a zero signal, since the latter won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn Gillmor, ok djm@
2011-06-03 - (djm) [configure.ac] enable setproctitle emulation for OS XDamien Miller
2011-06-03 - djm@cvs.openbsd.org 2011/06/03 00:54:38Damien Miller
[ssh.c] bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg AT googlemail.com; ok dtucker@ NB. includes additional portability code to enable setproctitle emulation on platforms that don't support it.
2011-06-03add missing changelog entryDarren Tucker
2011-06-03Remove the !HAVE_SOCKETPAIR case. We use socketpair unconditionally in otherDarren Tucker
places and the survey data we have does not show any systems that use it. "nuke it" djm@
2011-06-02 - (tim) [configure.ac defines.h] Run test program to detect system mailTim Rice
directory. Add --with-maildir option to override. Fixed OpenServer 6 getting it wrong. Fixed many systems having MAIL=/var/mail//username ok dtucker
2011-06-03 - (dtucker) [README version.h contrib/caldera/openssh.specDarren Tucker
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version bumps from the 5.8p2 branch into HEAD. ok djm.
2011-05-30update README.source tooColin Watson
2011-05-30Update Vcs-* fields for Alioth changes.Colin Watson
2011-05-29 - djm@cvs.openbsd.org 2011/05/23 03:31:31Damien Miller
[regress/cfgmatch.sh] include testing of multiple/overridden AuthorizedKeysFiles refactor to simply daemon start/stop and get rid of racy constructs
2011-05-29 - djm@cvs.openbsd.org 2011/05/24 07:15:47Damien Miller
[readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c] Remove undocumented legacy options UserKnownHostsFile2 and GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile accept multiple paths per line and making their defaults include known_hosts2; ok markus
2011-05-29 - djm@cvs.openbsd.org 2011/05/23 07:24:57Damien Miller
[authfile.c] read in key comments for v.2 keys (though note that these are not passed over the agent protocol); bz#439, based on patch from binder AT arago.de; ok markus@
2011-05-29 - jmc@cvs.openbsd.org 2011/05/23 07:10:21Damien Miller
[sshd.8 sshd_config.5] tweak previous; ok djm
2011-05-29 - djm@cvs.openbsd.org 2011/05/23 03:52:55Damien Miller
[sshconnect.c] remove extra newline
2011-05-29 - djm@cvs.openbsd.org 2011/05/23 03:33:38Damien Miller
[auth.c] make secure_filename() spam debug logs less
2011-05-29OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2011/05/23 03:30:07 [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5] allow AuthorizedKeysFile to specify multiple files, separated by spaces. Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
2011-05-20 - dtucker@cvs.openbsd.org 2011/05/20 06:32:30Damien Miller
[dynamic-forward.sh] fix dumb error in dynamic-forward test
2011-05-20 - dtucker@cvs.openbsd.org 2011/05/20 05:19:50Damien Miller
[dynamic-forward.sh] Prevent races in dynamic forwarding test; ok djm
2011-05-20 - djm@cvs.openbsd.org 2011/05/20 02:43:36Damien Miller
[cert-hostkey.sh] another attempt to generate a v00 ECDSA key that broke the test ID sync only - portable already had this somehow