| Age | Commit message (Collapse) | Author |
|---|
|
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
regress/ssh-com.sh]
replace 'echo -n' with 'printf' since it's more portable
also remove "echon" hack.
|
|
methods. When the openssl version doesn't support ECDH then next one on
the list is DH group exchange, but that causes a bit more traffic which can
mean that the tests flip bits in the initial exchange rather than the MACed
traffic and we get different errors to what the tests look for.
|
|
in portable and it's long gone in openbsd.
|
|
[regress/rekey.sh]
add tests for RekeyLimit parsing
|
|
[regress/rekey.sh]
add server-side rekey test
|
|
[regress/rekey.sh]
test rekeying when there's no data being transferred
|
|
[rekey.sh]
Add test for time-based rekeying
|
|
[modpipe.c]
sync some portability changes from portable OpenSSH (id sync only)
|
|
[multiplex.sh]
Add tests for -Oforward and -Ocancel for local and remote forwards
|
|
[multiplex.sh]
Write mux master logs to regress.log instead of ssh.log to keep separate
|
|
[Makefile regress/sftp-chroot.sh]
test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
|
|
[regress/Makefile regress/rekey.sh regress/integrity.sh
regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
save the output from any failing tests. If a test fails the debug output
from ssh and sshd for the failing tests (and only the failing tests) should
be available in failed-ssh{,d}.log.
|
|
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
regress/multiplex.sh Makefile regress/cfgmatch.sh]
Split the regress log into 3 parts: the debug output from ssh, the debug
log from sshd and the output from the client command (ssh, scp or sftp).
Somewhat functional now, will become more useful when ssh/sshd -E is added.
|
|
[test-exec.sh]
Only regenerate host keys if they don't exist or if ssh-keygen has changed
since they were. Reduces test runtime by 5-30% depending on machine
speed.
|
|
[regress/proxy-connect.sh]
repeat test with a style appended to the username
|
|
[servconf.c]
remove another now-unused variable
|
|
[servconf.c readconf.c]
remove now-unused variables
|
|
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
|
|
[readconf.c servconf.c]
switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@
|
|
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
Fix some "unused result" warnings found via clang and -portable.
ok markus@
|
|
[sshd_config.5]
oops! avoid Xr to self;
|
|
[ssh_config.5]
put IgnoreUnknown in the right place;
|
|
[ssh_config.5 readconf.h readconf.c]
add the ability to ignore specific unrecognised ssh_config options;
bz#866; ok markus@
|
|
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
|
|
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
ssh_config.5 packet.h]
Add an optional second argument to RekeyLimit in the client to allow
rekeying based on elapsed time in addition to amount of traffic.
with djm@ jmc@, ok djm
|
|
[ssh-pkcs11-helper.c]
remove unused extern optarg. ok markus@
|
|
[key.c]
memleak in cert_free(), wasn't actually freeing the struct;
bz#2096 from shm AT digitalsun.pl
|
|
|
|
[sshconnect2.c]
fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
|
|
[sftp-server.8]
Reference the version of the sftp draft we actually implement. ok djm@
|
|
[misc.c]
remove extra parens noticed by nicm
|
|
[misc.c]
use xasprintf instead of a series of strlcats and strdup. ok djm
|
|
executed if mktemp failed; bz#2105 ok dtucker@
|
|
we don't get a warning on compilers that *don't* support it. Add
-Wno-unknown-warning-option. Move both to the start of the list for
maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
|
|
underlying libraries support them.
|
|
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
in to use it when we're using our own getopt.
|
|
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
portability code to getopt_long.c and switch over Makefile and the ugly
hack in modpipe.c. Fixes bz#1448.
|
|
portability changes yet.
|
|
getopt.c. Preprocessed source is identical other than line numbers.
|
|
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
|
|
[mux.c]
typo in debug output: evitval->exitval
|
|
[kex.c]
remove duplicated list entry pointed out by naddy@
|
|
[ssh.c]
add -Q to usage; reminded by jmc@
|
|
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
[key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
add the ability to query supported ciphers, MACs, key type and KEX
algorithms to ssh. Includes some refactoring of KEX and key type handling
to be table-driven; ok markus@
|
|
[session.c]
reintroduce 1.262 without the connection-killing bug:
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
|
|
[ssh-keygen.c]
fix some memory leaks; bz#2088 ok dtucker@
|
|
[sshd_config.5]
document the requirment that the AuthorizedKeysCommand be owned by root;
ok dtucker@ markus@
|
|
[sftp.c]
make "sftp -q" do what it says on the sticker: hush everything but errors;
|
|
[session.c]
revert rev 1.262; it fails because uid is already set here. ok djm@
|
|
[packet.c]
quiet disconnect notifications on the server from error() back to logit()
if it is a normal client closure; bz#2057 ok+feedback dtucker@
|
