summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2009-03-07 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions.
2009-03-07 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if itDarren Tucker
exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS has a /dev/random).
2009-03-06 - djm@cvs.openbsd.org 2009/03/05 07:18:19Damien Miller
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] [sshconnect2.c] refactor the (disabled) Schnorr proof code to make it a little more generally useful
2009-03-06 - djm@cvs.openbsd.org 2009/03/05 11:30:50Damien Miller
[uuencode.c] document what these functions do so I don't ever have to recuse into b64_pton/ntop to remember their return values
2009-03-06 - djm@cvs.openbsd.org 2009/03/05 07:18:19Damien Miller
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] [sshconnect2.c] refactor the (disabled) Schnorr proof code to make it a little more generally useful
2009-02-23 - (djm) Release openssh-5.2p1Damien Miller
2009-02-23 - (djm) [README] update for 5.2Damien Miller
2009-02-23trimDamien Miller
2009-02-23 - djm@cvs.openbsd.org 2009/02/23 00:06:15Damien Miller
[version.h] openssh-5.2
2009-02-23 - djm@cvs.openbsd.org 2009/02/22 23:59:25Damien Miller
[sshd_config.5] missing period
2009-02-23 - djm@cvs.openbsd.org 2009/02/22 23:50:57Damien Miller
[ssh_config.5 sshd_config.5] don't advertise experimental options
2009-02-22 - (djm) OpenBSD CVS SyncDamien Miller
- tobias@cvs.openbsd.org 2009/02/21 19:32:04 [misc.c sftp-server-main.c ssh-keygen.c] Added missing newlines in error messages. ok dtucker
2009-02-21 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Prepare for 5.2p1
2009-02-21 - djm@cvs.openbsd.org 2009/02/18 04:31:21Damien Miller
[schnorr.c] signature should hash over the entire group, not just the generator (this is still disabled code)
2009-02-21 - djm@cvs.openbsd.org 2009/02/17 01:28:32Damien Miller
[ssh_config] sync with revised default ciphers; pointed out by dkrause@
2009-02-16 - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolarisDamien Miller
systems; patch from Aurelien Jarno via rmh AT aybabtu.com
2009-02-16 - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]Damien Miller
[regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled interop tests from FATAL error to a warning. Allows some interop tests to proceed if others are missing necessary prerequisites.
2009-02-14 - djm@cvs.openbsd.org 2009/02/14 06:35:49Damien Miller
[PROTOCOL] mention that eow and no-more-sessions extensions are sent only to OpenSSH peers
2009-02-14 - markus@cvs.openbsd.org 2009/02/13 11:50:21Damien Miller
[packet.c] check for enc !=NULL in packet_start_discard
2009-02-14 - jmc@cvs.openbsd.org 2009/02/12 07:34:20Damien Miller
[ssh_config.5] kill trailing whitespace;
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:46:17Damien Miller
[ssh_config.5] document RemoteForward usage with 0 listen port
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:44:25Damien Miller
[ssh.1] consistency: Dq => Ql
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:42:09Damien Miller
[ssh.1] document -R0:... usage
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:26:22Damien Miller
[monitor.c] some paranoia: check that the serialised key is really KEY_RSA before diddling its internals
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:16:01Damien Miller
[serverloop.c] tighten check for -R0:... forwarding: only allow dynamic allocation if want_reply is set in the packet
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:00:56Damien Miller
[canohost.c canohost.h channels.c channels.h clientloop.c readconf.c] [readconf.h serverloop.c ssh.c] support remote port forwarding with a zero listen port (-R0:...) to dyamically allocate a listen port at runtime (this is actually specified in rfc4254); bz#1003 ok markus@
2009-02-14 - dtucker@cvs.openbsd.org 2009/02/02 11:15:14Damien Miller
[sftp.c] Initialize a few variables to prevent spurious "may be used uninitialized" warnings from newer gcc's. ok djm@
2009-02-12 - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX.Damien Miller
OSX provides a getlastlogxbyname function that automates the reading of a lastlog file. Also, the pututxline function will update lastlog so there is no need for loginrec.c to do it explicitly. Collapse some overly verbose code while I'm in there.
2009-02-12 - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagicallyDamien Miller
set ownership and modes, so avoid explicitly setting them
2009-02-01 - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed inDarren Tucker
channels.c too, so move the definition for non-IP6 platforms to defines.h where it can be shared.
2009-01-29 - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes.Tim Rice
2009-01-29 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.Tim Rice
If the CYGWIN environment variable is empty, the installer script should not install the service with an empty CYGWIN variable, but rather without setting CYGWNI entirely.
2009-01-28 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.Tim Rice
Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x. The information given for the setting of the CYGWIN environment variable is wrong for both releases so I just removed it, together with the unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting.
2009-01-28Add ufw integration (thanks, Didier Roche; seeColin Watson
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages; LP: #261884).
2009-01-28 - markus@cvs.openbsd.org 2009/01/26 09:58:15Damien Miller
[cipher.c cipher.h packet.c] Work around the CPNI-957037 Plaintext Recovery Attack by always reading 256K of data on packet size or HMAC errors (in CBC mode only). Help, feedback and ok djm@ Feedback from Martin Albrecht and Paterson Kenny
2009-01-28 - naddy@cvs.openbsd.org 2009/01/24 17:10:22Damien Miller
[ssh_config.5 sshd_config.5] sync list of preferred ciphers; ok djm@
2009-01-28 - djm@cvs.openbsd.org 2009/01/23 07:58:11Damien Miller
[myproposal.h] prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC modes; ok markus@
2009-01-28 - djm@cvs.openbsd.org 2009/01/22 10:09:16Damien Miller
[auth-options.c] another chunk of a2port() diff that got away. wtfdjm??
2009-01-28 - djm@cvs.openbsd.org 2009/01/22 10:02:34Damien Miller
[clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h] [serverloop.c ssh-keyscan.c ssh.c sshd.c] make a2port() return -1 when it encounters an invalid port number rather than 0, which it will now treat as valid (needed for future work) adjust current consumers of a2port() to check its return value is <= 0, which in turn required some things to be converted from u_short => int make use of int vs. u_short consistent in some other places too feedback & ok markus@
2009-01-28 - djm@cvs.openbsd.org 2009/01/22 09:49:57Damien Miller
[channels.c] oops! I committed the wrong version of the Channel->path diff, it was missing some tweaks suggested by stevesk@
2009-01-28 - djm@cvs.openbsd.org 2009/01/22 09:46:01Damien Miller
[channels.c channels.h session.c] make Channel->path an allocated string, saving a few bytes here and there and fixing bz#1380 in the process; ok markus@
2009-01-28 - stevesk@cvs.openbsd.org 2009/01/15 17:38:43Damien Miller
[readconf.c] 1) use obsolete instead of alias for consistency 2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is so move the comment. 3) reorder so like options are together ok djm@
2009-01-28 - djm@cvs.openbsd.org 2009/01/14 01:38:06Damien Miller
[channels.c] support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482; "looks ok" markus@
2009-01-28 - djm@cvs.openbsd.org 2009/01/01 21:17:36Damien Miller
[kexgexs.c] fix hash calculation for KEXGEX: hash over the original client-supplied values and not the sanity checked versions that we acutally use; bz#1540 reported by john.smith AT arrows.demon.co.uk ok markus@
2009-01-28 - djm@cvs.openbsd.org 2009/01/01 21:14:35Damien Miller
[channels.c] call channel destroy callbacks on receipt of open failure messages. fixes client hangs when connecting to a server that has MaxSessions=0 set spotted by imorgan AT nas.nasa.gov; ok markus@
2009-01-28 - okan@cvs.openbsd.org 2008/12/30 00:46:56Damien Miller
[sshd_config.5] add AllowAgentForwarding to available Match keywords list ok djm
2009-01-28 - stevesk@cvs.openbsd.org 2008/12/29 02:23:26Damien Miller
[pathnames.h] no need to escape single quotes in comments
2009-01-28 - stevesk@cvs.openbsd.org 2008/12/29 01:12:36Damien Miller
[ssh-keyscan.1] fix example, default key type is rsa for 3+ years; from frederic.perrin@resel.fr
2009-01-28 - stevesk@cvs.openbsd.org 2008/12/10 03:55:20Damien Miller
[addrmatch.c] o cannot be NULL here but use xfree() to be consistent; ok djm@
2009-01-28 - stevesk@cvs.openbsd.org 2008/12/09 22:37:33Damien Miller
[clientloop.c] fix typo in error message