summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2007-08-17 - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.Darren Tucker
2007-08-17 - (dtucker) [INSTALL] Group the parts describing random options and PAMDarren Tucker
implementations together which is hopefully more coherent.
2007-08-17typoDarren Tucker
2007-08-17 - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote lockedDarren Tucker
accounts and that's what the code looks for, so make man page and code agree. Pointed out by Roumen Petrov.
2007-08-16 - (dtucker) [session.c] Call PAM cleanup functions for unauthenticatedDarren Tucker
connections too. Based on a patch from Sandro Wefel, with & ok djm@
2007-08-15 - stevesk@cvs.openbsd.org 2007/08/15 12:13:41Darren Tucker
[ssh_config.5] tun device forwarding now honours ExitOnForwardFailure; ok markus@
2007-08-15 - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.specDarren Tucker
contrib/suse/openssh.spec] Crank version.
2007-08-15 - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.Darren Tucker
ok djm@
2007-08-15 - markus@cvs.openbsd.org 2007/08/15 08:16:49Darren Tucker
[version.h] openssh 4.7
2007-08-15 - markus@cvs.openbsd.org 2007/08/15 08:14:46Darren Tucker
[clientloop.c] do NOT fall back to the trused x11 cookie if generation of an untrusted cookie fails; from security-alert at sun.com; ok dtucker
2007-08-13 - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is alwaysDarren Tucker
called with PAM_ESTABLISH_CRED at least once, which resolves a problem with pam_dhkeys. Patch from David Leonard, ok djm@
2007-08-10 - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From.Darren Tucker
Matt Kraai, ok djm@.
2007-08-10 - (dtucker) [auth-pam.c] Use sigdie here too. ok djm@Darren Tucker
2007-08-09Credit Bernhard Simon who also reported this.Darren Tucker
2007-08-09 - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren'tDarren Tucker
used anywhere and are a potential source of warnings.
2007-08-09 - (dtucker) [README.platform] Document the interaction between PermitRootLoginDarren Tucker
and the AIX native login restrictions.
2007-08-09 - (dtucker) [openbsd-compat/port-aix.c] Comment typo.Darren Tucker
2007-08-08 - djm@cvs.openbsd.org 2007/08/07 07:32:53Damien Miller
[clientloop.c clientloop.h ssh.c] bz#1232: ensure that any specified LocalCommand is executed after the tunnel device is opened. Also, make failures to open a tunnel device fatal when ExitOnForwardFailure is active. Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 - sobrado@cvs.openbsd.org 2007/08/06 19:16:06Damien Miller
[scp.1 scp.c] the ellipsis is not an optional argument; while here, sync the usage and synopsis of commands lots of good ideas by jmc@ ok jmc@
2007-08-08 - ray@cvs.openbsd.org 2007/07/12 05:48:05Damien Miller
[key.c] Delint: remove some unreachable statements, from Bret Lambert. OK markus@ and dtucker@.
2007-07-24 - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|Tim Rice
2007-07-24 - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)Tim Rice
files are installed.
2007-07-24 - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.Tim Rice
Report/patch by David.Leonard AT quest.com
2007-07-24 - (tim) [openssh.xml.in] make FMRI match what package scripts use.Tim Rice
2007-06-28 - (djm) bz#1325: Fix SELinux in permissive mode where it wouldDamien Miller
incorrectly fatal() on errors. patch from cjwatson AT debian.org; ok dtucker
2007-06-25 - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h] Add an implementation of poll() built on top of select(2). Code from OpenNTPD with changes suggested by djm. ok djm@
2007-06-25 - dtucker@cvs.openbsd.org 2007/06/25 12:02:27Darren Tucker
[atomicio.c] Include <poll.h> like the man page says rather than <sys/poll.h>. ok djm@
2007-06-25 - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to matchDarren Tucker
atomicio.
2007-06-25 - dtucker@cvs.openbsd.org 2007/06/25 08:20:03Darren Tucker
[channels.c] Correct test for window updates every three packets; prevents sending window updates for every single packet. ok markus@
2007-06-25 - djm@cvs.openbsd.org 2007/06/19 02:04:43Darren Tucker
[atomicio.c] if the fd passed to atomicio/atomiciov() is non blocking, then poll() to avoid a spin if it is not yet ready for reading/writing; ok dtucker@
2007-06-25 - djm@cvs.openbsd.org 2007/06/14 22:48:05Darren Tucker
[ssh.c] when waiting for the multiplex exit status, read until the master end writes an entire int of data *and* closes the client_fd; fixes mux regression spotted by dtucker, ok dtucker@
2007-06-25 - djm@cvs.openbsd.org 2007/06/14 21:43:25Darren Tucker
[ssh.c] handle EINTR when waiting for mux exit status properly
2007-06-25 - djm@cvs.openbsd.org 2007/06/13 00:21:27Darren Tucker
[scp.c] don't ftruncate() non-regular files; bz#1236 reported by wood AT xmission.com; ok dtucker@
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definitionDarren Tucker
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the subsequent <0.9.7 test.
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAELDarren Tucker
sections. Fixes builds with early OpenSSL 0.9.6 versions.
2007-06-14 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move theDarren Tucker
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be shared with umac.c. Allows building with OpenSSL 0.9.5 again including umac support. With tim@ djm@, ok djm.
2007-06-13 - dtucker@cvs.openbsd.org 2007/06/12 13:54:28Darren Tucker
[scp.c] Encode filename with strnvis if the name contains a newline (which can't be represented in the scp protocol), from bz #891. ok markus@
2007-06-13 - jmc@cvs.openbsd.org 2007/06/12 13:43:55Darren Tucker
[ssh.1] add -K to SYNOPSIS;
2007-06-13 - jmc@cvs.openbsd.org 2007/06/12 13:41:03Darren Tucker
[ssh-add.1] identies -> identities;
2007-06-12 - dtucker@cvs.openbsd.org 2007/06/12 11:56:15Darren Tucker
[gss-genr.c] Pass GSS OID to gss_display_status to provide better information in error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 11:45:27Darren Tucker
[ssh.c] improved exit message from multiplex slave sessions; bz #1262 reported by alexandre.nunes AT gmail.com; ok dtucker@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 11:15:17Darren Tucker
[ssh.c ssh.1] Add "-K" flag for ssh to set GSSAPIAuthentication=yes and GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI) and is useful for hosts with /home on Kerberised NFS; bz #1312 patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 11:11:08Darren Tucker
[ssh.c] fix slave exit value when a control master goes away without passing the full exit status by ensuring that the slave reads a full int. bz#1261 reported by frekko AT gmail.com; ok markus@ dtucker@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 08:24:20Darren Tucker
[scp.c] make scp try to skip FIFOs rather than blocking when nothing is listening. depends on the platform supporting sane O_NONBLOCK semantics for open on FIFOs (apparently POSIX does not mandate this), which OpenBSD does. bz #856; report by cjwatson AT debian.org; ok markus@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 08:20:00Darren Tucker
[ssh-gss.h gss-serv.c gss-genr.c] relocate server-only GSSAPI code from libssh to server; bz #1225 patch from simon AT sxw.org.uk; ok markus@ dtucker@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 07:41:00Darren Tucker
[ssh-add.1] better document ssh-add's -d option (delete identies from agent), bz#1224 new text based on some provided by andrewmc-debian AT celt.dias.ie; ok dtucker@
2007-06-12 - markus@cvs.openbsd.org 2007/06/11 09:14:00Darren Tucker
[channels.h] increase default channel windows; ok djm
2007-06-11 - markus@cvs.openbsd.org 2007/06/11 08:04:44Damien Miller
[channels.c] send 'window adjust' messages every tree packets and do not wait until 50% of the window is consumed. ok djm dtucker
2007-06-11 - (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H. ShouldDarren Tucker
prevent warnings about redefinitions of various things in paths.h. Spotted by cartmanltd at hotmail.com.
2007-06-11 - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"Darren Tucker
argument to nanosleep may be NULL. Currently this never happens in OpenSSH, but check anyway in case this changes or the code gets used elsewhere.