summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-01-29 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()Darren Tucker
after registering the hardware engines, which causes the openssl.cnf file to be processed. See OpenSSL's man page for OPENSSL_config(3) for details. Patch from Solomon Peachy, ok djm@.
2010-01-28 - djm@cvs.openbsd.org 2010/01/27 19:21:39Damien Miller
[sftp.c] add missing "p" flag to getopt optstring; bz#1704 from imorgan AT nas.nasa.gov
2010-01-28 - djm@cvs.openbsd.org 2010/01/27 13:26:17Damien Miller
[mux.c] fix bug introduced in mux rewrite: In a mux master, when a socket to a mux slave closes before its server session (as may occur when the slave has been signalled), gracefully close the server session rather than deleting its channel immediately. A server may have more messages on that channel to send (e.g. an exit message) that will fatal() the client if they are sent to a channel that has been prematurely deleted. spotted by imorgan AT nas.nasa.gov
2010-01-28 - djm@cvs.openbsd.org 2010/01/26 02:15:20Damien Miller
[mux.c] -Wuninitialized and remove a // comment; from portable (Id sync only)
2010-01-26 - djm@cvs.openbsd.org 2010/01/26 01:28:35Damien Miller
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c] rewrite ssh(1) multiplexing code to a more sensible protocol. The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave. avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master. implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established. add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned). feedback Salvador Fandino, dtucker@ channel changes ok markus@
2010-01-26 - dtucker@cvs.openbsd.org 2010/01/18 01:50:27Damien Miller
[roaming_client.c] s/long long unsigned/unsigned long long/, from tim via portable (Id sync only, change already in portable)
2010-01-26 - tedu@cvs.openbsd.org 2010/01/17 21:49:09Damien Miller
[ssh-agent.1] Correct and clarify ssh-add's password asking behavior. Improved text dtucker and ok jmc
2010-01-22 - (tim) [configure.ac] Due to constraints in Windows Sockets in terms ofTim Rice
socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size in Cygwin to 65535. Patch from Corinna Vinschen.
2010-01-17Reword comment in last commit for additional clearity.Tim Rice
2010-01-17 - (tim) [configure.ac] Use the C99-conforming functions snprintf() andTim Rice
vsnprintf() named _xsnprintf() and _xvsnprintf() on SVR5 systems.
2010-01-17 - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.Tim Rice
2010-01-17Oops, forgot to document second change to roaming_client.cTim Rice
s/long long unsigned/unsigned long long/ to keep USL compilers happy.
2010-01-16 - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable soTim Rice
we use "openbsd-compat/sys-queue.h"
2010-01-16 - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The nativeTim Rice
getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
2010-01-16 - (tim) [regress/portnum.sh] Shell portability fix.Tim Rice
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.Darren Tucker
2010-01-16 - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unusedDarren Tucker
variable warnings.
2010-01-16 - markus@cvs.openbsd.org 2010/01/15 09:24:23Darren Tucker
[sftp-common.c] unused
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted byDarren Tucker
Tim.
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uidDarren Tucker
and group_from_gid.
2010-01-16 - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.hDarren Tucker
so we correctly detect whether or not we have a native user_from_uid.
2010-01-15typoDarren Tucker
2010-01-15 - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} PortabilityDarren Tucker
for pwcache. Also, added caching of negative hits.
2010-01-15 - (dtucker) [openbsd-compat.c/pwcache.c] Pull in pwcache.c from OpenBSD (noDarren Tucker
changes yet but there will be some to come).
2010-01-15 - guenther@cvs.openbsd.org 2010/01/15 00:05:22Darren Tucker
[sftp.c] Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp inherited SIGTERM as ignored it will still be able to kill the ssh it starts. ok dtucker@
2010-01-15 - dtucker@cvs.openbsd.org 2010/01/14 23:41:49Darren Tucker
[sftp-common.c] use user_from{uid,gid} to lookup up ids since it keeps a small cache. ok djm
2010-01-15 - djm@cvs.openbsd.org 2010/01/13 23:47:26Darren Tucker
[auth.c] when using ChrootDirectory, make sure we test for the existence of the user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; ok dtucker
2010-01-15 - jmc@cvs.openbsd.org 2010/01/13 12:48:34Darren Tucker
[sftp.1 sftp.c] sftp.1: put ls -h in the right place sftp.c: as above, plus add -p to get/put, and shorten their arg names to keep the help usage nicely aligned ok djm
2010-01-14 - (djm) [platform.h] Add missing prototype forDamien Miller
platform_krb5_get_principal_name
2010-01-13 - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG.Tim Rice
feedback and ok dtucker@
2010-01-13 - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.Darren Tucker
2010-01-13 - djm@cvs.openbsd.org 2010/01/13 04:10:50Darren Tucker
[sftp.c] don't append a space after inserting a completion of a directory (i.e. a path ending in '/') for a slightly better user experience; ok dtucker@
2010-01-13 - djm@cvs.openbsd.org 2010/01/13 03:48:13Darren Tucker
[servconf.c servconf.h sshd.c] avoid run-time failures when specifying hostkeys via a relative path by prepending the cwd in these cases; bz#1290; ok dtucker@
2010-01-13 - djm@cvs.openbsd.org 2010/01/13 01:40:16Darren Tucker
[sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h] support '-h' (human-readable units) for sftp's ls command, just like ls(1); ok dtucker@
2010-01-13 - dtucker@cvs.openbsd.org 2010/01/13 01:20:20Darren Tucker
[canohost.c ssh-keysign.c sshconnect2.c] Make HostBased authentication work with a ProxyCommand. bz #1569, patch from imorgan at nas nasa gov, ok djm@
2010-01-13 - dtucker@cvs.openbsd.org 2010/01/13 01:10:56Darren Tucker
[key.c] Ignore and log any Protocol 1 keys where the claimed size is not equal to the actual size. Noted by Derek Martin, ok djm@
2010-01-13 - (dtucker) OpenBSD CVS SyncDarren Tucker
- dtucker@cvs.openbsd.org 2010/01/13 00:19:04 [sshconnect.c auth.c] Fix a couple of typos/mispellings in comments
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.Darren Tucker
Fixes bz #1590, where sometimes you could not interrupt a connection while ssh was prompting for a passphrase or password.
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.Darren Tucker
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's ↵Darren Tucker
r1.18: missing restore of SIGTTOU and some whitespace.
2010-01-13 - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.Darren Tucker
2010-01-12 - dtucker@cvs.openbsd.org 2010/01/12 08:33:17Darren Tucker
[session.c] Add explicit stat so we reliably detect nologin with bad perms. ok djm markus
2010-01-12 - djm@cvs.openbsd.org 2010/01/12 01:36:08Darren Tucker
[buffer.h bufaux.c] add a buffer_get_string_ptr_ret() that does the same as buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
2010-01-12 - dtucker@cvs.openbsd.org 2010/01/12 01:31:05Darren Tucker
[session.c] Do not allow logins if /etc/nologin exists but is not readable by the user logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
2010-01-12 - djm@cvs.openbsd.org 2010/01/12 00:59:29Darren Tucker
[roaming_common.c] delete with extreme prejudice a debug() that fired with every keypress; ok dtucker deraadt
2010-01-12 - djm@cvs.openbsd.org 2010/01/12 00:58:25Darren Tucker
[monitor_fdpass.c] avoid spinning when fd passing on nonblocking sockets by calling poll() in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
2010-01-12 - dtucker@cvs.openbsd.org 2010/01/12 00:16:47Darren Tucker
[authfile.c] Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. Patch from joachim joachimschipper nl.
2010-01-12 - djm@cvs.openbsd.org 2010/01/11 10:51:07Darren Tucker
[ssh-keygen.c] when converting keys, truncate key comments at 72 chars as per RFC4716; bz#1630 reported by tj AT castaglia.org; ok markus@
2010-01-12 - dtucker@cvs.openbsd.org 2010/01/11 04:46:45Darren Tucker
[authfile.c sshconnect2.c] Do not prompt for a passphrase if we fail to open a keyfile, and log the reason the open failed to debug. bz #1693, found by tj AT castaglia org, ok djm@
2010-01-12 - dtucker@cvs.openbsd.org 2010/01/11 01:39:46Darren Tucker
[ssh_config channels.c ssh.1 channels.h ssh.c] Add a 'netcat mode' (ssh -W). This connects stdio on the client to a single port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers. bz #1618, man page help from jmc@, ok markus@