summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2006-03-26 - OpenBSD CVS SyncDamien Miller
- jakob@cvs.openbsd.org 2006/03/15 08:46:44 [ssh-keygen.c] if no key file are given when printing the DNS host record, use the host key file(s) as default. ok djm@
2006-03-26 [deattack.c deattack.h]Damien Miller
remove IV support from the CRC attack detector, OpenSSH has never used it - it only applied to IDEA-CFB, which we don't support. prompted by NetBSD Coverity report via elad AT netbsd.org; feedback markus@ "nuke it" deraadt@
2006-03-26 - jakob@cvs.openbsd.org 2006/03/22 21:16:24Damien Miller
[ssh.1] simplify SSHFP example; ok jmc@
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/20 18:41:43Damien Miller
[dns.c] cast xstrdup to propert u_char *
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/20 18:26:55Damien Miller
[session.h] annoying spacing fixes getting in the way of real diffs
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02Damien Miller
[monitor_wrap.h sshpty.h] sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 - djm@cvs.openbsd.org 2006/03/20 04:08:18Damien Miller
[gss-serv.c] last lot of GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 - djm@cvs.openbsd.org 2006/03/20 04:07:49Damien Miller
[gss-genr.c] more GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 - djm@cvs.openbsd.org 2006/03/20 04:07:22Damien Miller
[auth2-gss.c] GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:53:12Damien Miller
[kex.h myproposal.h] spacing
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
2006-03-25 - djm@cvs.openbsd.org 2006/03/16 04:24:42Damien Miller
[ssh.1] Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs that OpenSSH supports
2006-03-19 - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() takeDarren Tucker
a LLONG rather than a long. Fixes scp'ing of large files on platforms with missing/broken snprintfs. Patch from e.borovac at bom.gov.au.
2006-03-18- (djm) [auth-pam.c] Fix memleak in error path, from Coverity viaDamien Miller
elad AT NetBSD.org
2006-03-16 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on oldDamien Miller
OpenSSL; ok tim
2006-03-15 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] DisableTim Rice
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
2006-03-16 - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h inDarren Tucker
/usr/include/crypto. Hint from djm@.
2006-03-16 - (dtucker) [entropy.c] Add headers for WIFEXITED and friends.Darren Tucker
2006-03-15 - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.Darren Tucker
2006-03-15 - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needsDarren Tucker
sys/ioctl.h for struct winsize.
2006-03-15 - (djm) [includes.h] Put back paths.h, it is needed in defines.hDamien Miller
2006-03-15 - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILEDarren Tucker
2006-03-14 - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in someTim Rice
includes removed from includes.h
2006-03-14 - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"Tim Rice
warnings.
2006-03-15 - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]Damien Miller
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris
2006-03-15 - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment outDamien Miller
SHA384, which we don't need and doesn't compile without tweaks
2006-03-15 - (djm) [ssh-agent.c] Restore dropped stat.hDamien Miller
2006-03-15 - (djm) [ssh-rand-helper.c] Needs a bunch of headersDamien Miller
2006-03-15 - (djm) [openbsd-compat/sha2.h] Avoid include macro clash withDamien Miller
system sha2.h
2006-03-15 - (djm) [loginrec.c] Need stat.hDamien Miller
2006-03-15 - (djm) [regress/.cvsignore] Ignore Makefile hereDamien Miller
2006-03-15 - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if presentDamien Miller
2006-03-15 - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added filesDamien Miller
2006-03-15 - (djm) [includes.h] Restore accidentally dropped netinet/in.hDamien Miller
2006-03-15 - (djm) [configure.ac defines.h kex.c md-sha256.c]Damien Miller
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present
2006-03-15 - djm@cvs.openbsd.org 2006/03/07 09:07:40Damien Miller
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet
2006-03-15 - markus@cvs.openbsd.org 2006/03/14 16:32:48Damien Miller
[ssh_config.5 sshd_config.5] *AliveCountMax applies to protcol v2 only; ok dtucker, djm
2006-03-15 - djm@cvs.openbsd.org 2006/03/14 00:15:39Damien Miller
[canohost.c] log the originating address and not just the name when a reverse mapping check fails, requested by linux AT linuon.com
2006-03-15 - dtucker@cvs.openbsd.org 2006/03/13 10:26:52Damien Miller
[authfile.c authfile.h ssh-add.c] Make ssh-add check file permissions before attempting to load private key files multiple times; it will fail anyway and this prevents confusing multiple prompts and warnings. mindrot #1138, ok djm@
2006-03-15 - dtucker@cvs.openbsd.org 2006/03/13 10:14:29Damien Miller
[misc.c ssh_config.5 sshd_config.5] Allow config directives to contain whitespace by surrounding them by double quotes. mindrot #482, man page help from jmc@, ok djm@
2006-03-15 - dtucker@cvs.openbsd.org 2006/03/13 08:43:16Damien Miller
[ssh-keygen.c] Make ssh-keygen handle CR and CRLF line termination when converting IETF format keys, in adition to vanilla LF. mindrot #1157, tested by Chris Pepper, ok djm@
2006-03-15 - dtucker@cvs.openbsd.org 2006/03/13 08:33:00Damien Miller
[packet.c] Set TCP_NODELAY for all connections not just "interactive" ones. Fixes poor performance and protocol stalls under some network conditions (mindrot bugs #556 and #981). Patch originally from markus@, ok djm@
2006-03-15 - djm@cvs.openbsd.org 2006/03/13 08:16:00Damien Miller
[sshd.c] don't log that we are listening on a socket before the listen() call actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@
2006-03-15 - djm@cvs.openbsd.org 2006/03/12 04:23:07Damien Miller
[ssh.c] knf nit
2006-03-15 - djm@cvs.openbsd.org 2006/03/04 04:12:58Damien Miller
[serverloop.c] move a debug() outside of a signal handler; ok markus@ a little while back
2006-03-15 - djm@cvs.openbsd.org 2006/02/28 01:10:21Damien Miller
[session.c] fix logout recording when privilege separation is disabled, analysis and patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@ NB. ID sync only - patch already in portable
2006-03-15 - jmc@cvs.openbsd.org 2006/02/26 18:03:10Damien Miller
[ssh_config.5] comma;
2006-03-15 - jmc@cvs.openbsd.org 2006/02/26 18:01:13Damien Miller
[sshd_config.5] subsection is pointless here;
2006-03-15 - jmc@cvs.openbsd.org 2006/02/26 17:17:18Damien Miller
[ssh_config.5] move PATTERNS to the end of the main body; requested by dtucker
2006-03-15 - jmc@cvs.openbsd.org 2006/02/25 12:28:34Damien Miller
[sshd_config.5] document the order in which allow/deny directives are processed; help/ok dtucker