summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-10-05 - jmc@cvs.openbsd.org 2012/09/26 16:12:13Darren Tucker
[ssh.1] last stage of rfc changes, using consistent Rs/Re blocks, and moving the references into a STANDARDS section;
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/21 10:55:04Darren Tucker
[sftp.c] Fix handling of filenames containing escaped globbing characters and escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/21 10:53:07Darren Tucker
[sftp.c] Fix improper handling of absolute paths when PWD is part of the completed path. Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12Darren Tucker
[sftp.c] Add bounds check on sftp tab-completion. Part of a patch from from Jean-Marc Robert via tech@, ok djm
2012-10-05 - markus@cvs.openbsd.org 2012/09/17 13:04:11Darren Tucker
[packet.c] clear old keys on rekeing; ok djm
2012-10-05 - (dtucker) OpenBSD CVS SyncDarren Tucker
- djm@cvs.openbsd.org 2012/09/17 09:54:44 [sftp.c] an XXX for later
2012-09-17 - markus@cvs.openbsd.org 2012/09/14 16:51:34Darren Tucker
[sshconnect.c] remove unused variable
2012-09-17 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36Darren Tucker
[servconf.c] Fix comment line length
2012-09-07Fix author's name for RFC6594 SSHFP changeDarren Tucker
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21Darren Tucker
[clientloop.c] when muxmaster is run with -N, make it shut down gracefully when a client sends it "-O stop" rather than hanging around (bz#1985). ok djm@
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21Darren Tucker
[clientloop.c] Merge escape help text for ~v and ~V; ok djm@
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19Darren Tucker
[clientloop.c] Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@
2012-09-07 - jmc@cvs.openbsd.org 2012/09/06 13:57:42Darren Tucker
[ssh.1] missing letter in previous;
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13Darren Tucker
[clientloop.c] Make the escape command help (~?) context sensitive so that only commands that will work in the current session are shown. ok markus@ (note: previous commit with this description was a mistake on my part while pulling changes from OpenBSD)
2012-09-07bz#2039: add acknowledgement of the original authors of the ECDSA SSHFP DNSDarren Tucker
work. From Ondřej Surý.
2012-09-06 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13Darren Tucker
[clientloop.c] Make the escape command help (~?) context sensitive so that only commands that will work in the current session are shown. ok markus@
2012-09-06 - dtucker@cvs.openbsd.org 2012/09/06 04:37:39Darren Tucker
[clientloop.c log.c ssh.1 log.h] Add ~v and ~V escape sequences to raise and lower the logging level respectively. Man page help from jmc, ok deraadt jmc
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:30:00Darren Tucker
[compat.c sshconnect.c] Send client banner immediately, rather than waiting for the server to move first for SSH protocol 2 connections (the default). Patch based on one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:25:58Darren Tucker
[ssh-keygen.c] print details of which host lines were deleted when using "ssh-keygen -R host"; ok markus@
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:22:56Darren Tucker
[kex.c] add some comments about better handling first-KEX-follows notifications from the server. Nothing uses these right now. No binary change
2012-09-06 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45Darren Tucker
[clientloop.c clientloop.h mux.c] Force a clean shutdown of ControlMaster client sessions when the ~. escape sequence is used. This means that ~. should now work in mux clients even if the server is no longer responding. Found by tedu, ok djm.
2012-09-06 - jmc@cvs.openbsd.org 2012/08/15 18:25:50Darren Tucker
[ssh-keygen.1] a little more info on certificate validity; requested by Ross L Richardson, and provided by djm
2012-08-30 - (dtucker) [moduli] Import new moduli file.Darren Tucker
2012-08-29 - (djm) Release openssh-6.1Damien Miller
2012-08-28 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEANDarren Tucker
for compatibility with future mingw-w64 headers. Patch from vinschen at redhat com.
2012-08-22 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Update version numbers
2012-07-31 - markus@cvs.openbsd.org 2012/07/22 18:19:21Damien Miller
[version.h] openssh 6.1
2012-07-31 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21Damien Miller
[servconf.c] handle long comments in config files better. bz#2025, ok markus
2012-07-31fix truncated entryDamien Miller
2012-07-31 - djm@cvs.openbsd.org 2012/07/10 02:19:15Damien Miller
[servconf.c servconf.h sshd.c sshd_config] Turn on systrace sandboxing of pre-auth sshd by default for new installs by shipping a config that overrides the current UsePrivilegeSeparation=yes default. Make it easier to flip the default in the future by adding too.
2012-07-31 - jmc@cvs.openbsd.org 2012/07/06 06:38:03Damien Miller
[ssh-keygen.c] missing full stop in usage();
2012-07-20Import regened moduli file.Darren Tucker
2012-07-06 - djm@cvs.openbsd.org 2012/07/06 01:47:38Damien Miller
[ssh.c] move setting of tty_flag to after config parsing so RequestTTY options are correctly picked up. bz#1995 patch from przemoc AT gmail.com; ok dtucker@
2012-07-06 - djm@cvs.openbsd.org 2012/07/06 01:37:21Damien Miller
[mux.c] fix memory leak of passed-in environment variables and connection context when new session message is malformed; bz#2003 from Bert.Wesarg AT googlemail.com
2012-07-06 - dtucker@cvs.openbsd.org 2012/07/06 00:41:59Damien Miller
[moduli.c ssh-keygen.1 ssh-keygen.c] Add options to specify starting line number and number of lines to process when screening moduli candidates. This allows processing of different parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
2012-07-06 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has noDamien Miller
unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT esperi.org.uk; ok dtucker@
2012-07-06 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter isDamien Miller
not available. Allows use of sshd compiled on host with a filter-capable kernel on hosts that lack the support. bz#2011 ok dtucker@
2012-07-04 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf forDarren Tucker
platforms that don't have it. "looks good" tim@
2012-07-03 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or notDarren Tucker
setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its benefit is minor, so it's not worth disabling the sandbox if it doesn't work.
2012-07-03 - (dtucker) [configure.ac] Detect platforms that can't use select(2) withDarren Tucker
setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
2012-07-03 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.Darren Tucker
2012-07-03 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]Darren Tucker
Move cygwin detection to test-exec and use to skip reexec test on cygwin.
2012-07-03 - dtucker@cvs.openbsd.org 2012/07/02 14:37:06Darren Tucker
[regress/connect-privsep.sh] remove exit from end of test since it prevents reporting failure
2012-07-02 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26Darren Tucker
[ssh-pkcs11-helper.c sftp-client.c] fix a couple of "assigned but not used" warnings. ok markus@
2012-07-02 - dtucker@cvs.openbsd.org 2012/07/02 08:50:03Darren Tucker
[ssh.c] set interactive ToS for forwarded X11 sessions. ok djm@
2012-07-02 - markus@cvs.openbsd.org 2012/06/30 14:35:09Darren Tucker
[sandbox-systrace.c sshd.c] fix a during the load of the sandbox policies (child can still make the read-syscall and wait forever for systrace-answers) by replacing the read/write synchronisation with SIGSTOP/SIGCONT; report and help hshoexer@; ok djm@, dtucker@
2012-07-02 - naddy@cvs.openbsd.org 2012/06/29 13:57:25Darren Tucker
[ssh_config.5 sshd_config.5] match the documented MAC order of preference to the actual one; ok dtucker@
2012-06-30 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't haveDarren Tucker
the required functions in libcrypto.
2012-06-30 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile errorDarren Tucker
2012-06-30 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45Darren Tucker
[regress/try-ciphers.sh regress/cipher-speed.sh] Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus