| Age | Commit message (Collapse) | Author |
|---|
|
- markus@cvs.openbsd.org 2004/12/06 16:00:43
[bufaux.c]
use 0x00 not \0 since buf[] is a bignum
|
|
case statement. Suggested and OK by dtucker@
|
|
|
|
[test-exec.sh]
Check if TEST_SSH_SSHD is a full path to sshd before searching; ok markus@
|
|
[test-exec.sh]
Remove obsolete RhostsAuthentication from test config; ok markus@
|
|
[multiplex.sh]
regression tests for new multiplex commands
|
|
[Makefile added brokenkeys.sh]
regression test for handling of corrupt keys in authorized_keys file
|
|
[reexec.sh]
shrink and tidy; ok dtucker@
|
|
[Makefile]
add a missing CLEANFILES used in the re-exec test
|
|
[scp.sh]
Regress test for bz #863 (scp double-error), requires $SUDO. ok markus@
|
|
[reexec.sh]
don't change the name of the copied sshd for the reexec fallback test,
makes life simpler for portable
|
|
|
|
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8]
Discard over-length authorized_keys entries rather than complaining when
they don't decode. bz #884, with & ok djm@
|
|
[sftp.1]
- explain that patterns can be used as arguments in get/put/ls/etc
commands (prodded by Michael Knudsen)
- describe ls flags as a list
- other minor improvements
ok jmc, djm
|
|
[sftp-client.h sftp.c]
Some small fixes from moritz@jodeit.org. ok deraadt@
|
|
[sftp.1]
missing full stop;
|
|
- markus@cvs.openbsd.org 2004/11/25 22:22:14
[sftp-client.c sftp.c]
leak; from mpech
|
|
|
|
subsequently denied by the PAM auth stack, send the PAM message to the
user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2).
ok djm@
|
|
[ssh.c]
usage():
- add -O
- sync -S w/ manpage
- remove -h
|
|
- jmc@cvs.openbsd.org 2004/11/07 17:42:36
[ssh.1]
options sort, and whitespace;
|
|
|
|
|
|
Make sure that there's a delay in PAM keyboard-interactive authentication
when PermitRootLogin is not set to yes and the correct root password is
entered (closes: #248747).
|
|
Fix timing information leak allowing discovery of invalid usernames in PAM
keyboard-interactive authentication (backported from a patch by Darren
Tucker; closes: #281595).
|
|
|
|
|
|
when PermitRootLogin is not set to yes and the correct root password is
entered (closes: #248747).
|
|
keyboard-interactive authentication (backported from a patch by Darren
Tucker; closes: #281595).
|
|
|
|
|
|
Correct README.Debian's ForwardX11Trusted description (closes: #280190).
|
|
Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
|
|
|
|
|
|
option and supporting makefile bits and documentation.
|
|
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
|
|
[sftp.c]
command editing and history support via libedit; ok markus@
thanks to hshoexer@ and many testers on tech@ too
|
|
[key.c]
use new buffer API to avoid fatal errors on corrupt keys in authorized_keys
files; ok markus@
|
|
[bufaux.c bufaux.h buffer.c buffer.h]
introduce a new buffer API that returns an error rather than fatal()ing
when presented with bad data; ok markus@
|
|
[clientloop.c misc.h readpass.c ssh-agent.c]
factor out common permission-asking code to separate function; ok markus@
|
|
[channels.c channels.h clientloop.c]
fix some window size change bugs for multiplexed connections: windows sizes
were not being updated if they had changed after ~^Z suspends and SIGWINCH
was not being processed unless the first connection had requested a tty;
ok markus
|
|
[packet.c ssh1.h]
disconnect for invalid (out of range) message types.
|
|
[ssh-agent.c]
don't unlink agent socket when bind() fails, spotted by rich AT
rich-paul.net, ok markus@
|
|
[scp.1 sftp.1 ssh.1 ssh_config.5]
document KbdInteractiveDevices; ok markus@
|
|
[sshd.c]
these printf args are no longer double; ok deraadt@ markus@
|
|
[ssh.c]
correctly honour -n in multiplex client mode; spotted by sturm@ ok markus@
|
|
[scp.c]
scratch that do { } while (0) wrapper in this case
|
|
[sshd.c]
use less doubles in daemons; markus@ ok
|
|
[sshd_config.5]
mention PrintLastLog only prints last login time for interactive
sessions, like PrintMotd mentions.
From Michael Knudsen, with wording changed slightly to match the
PrintMotd description.
ok djm
|
