Age | Commit message (Collapse) | Author |
|
rev 1.11 from OpenBSD and make it use fchdir if available. ok djm@
|
|
keyboard-interactive since this is no longer the case.
|
|
platforms syslog will revert to its default values. This may result in
messages from external libraries (eg libwrap) being sent to a different
facility.
|
|
[auth-passwd.c]
#if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@
|
|
[moduli]
Import new moduli; requested by deraadt@ a week ago
|
|
[scp.c sftp.c]
Have scp and sftp wait for the spawned ssh to exit before they exit
themselves. This prevents ssh from being unable to restore terminal
modes (not normally a problem on OpenBSD but common with -Portable
on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950);
ok djm@ markus@
|
|
[cipher.c]
config option "Ciphers" should be case-sensitive; ok dtucker@
|
|
[auth.c]
Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and
DenyGroups. bz #909, ok djm@
|
|
[auth-passwd.c sshd.c]
Warn in advance for password and account expiry; initialize loginmsg
buffer earlier and clear it after privsep fork. ok and help dtucker@
markus@
|
|
the list of available kbdint devices if UsePAM=no. ok djm@
|
|
bytes to prevent errors from login_init_entry() when the username is
exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
|
|
|
|
[cipher-ctr.c cipher.c]
remove fallback AES support for old OpenSSL, as OpenBSD has had it for
many years now; ok deraadt@
(Id sync only: Portable will continue to support older OpenSSLs)
|
|
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
|
|
[auth-bsdauth.c auth2-chall.c]
Have keyboard-interactive code call the drivers even for responses for
invalid logins. This allows the drivers themselves to decide how to
handle them and prevent leaking information where possible. Existing
behaviour for bsdauth is maintained by checking authctxt->valid in the
bsdauth driver. Note that any third-party kbdint drivers will now need
to be able to handle responses for invalid logins. ok markus@
|
|
[sshd.c]
Make debugging output continue after reexec; ok djm@
|
|
[moduli.c]
Correct spelling: SCHNOOR->SCHNORR; ok djm@
|
|
[sshd_config.5]
`login'(n) -> `log in'(v);
|
|
[sshconnect.c]
remove dead code, log connect() failures with level error, ok djm@
|
|
[servconf.c servconf.h sshd.c sshd_config sshd_config.5]
bz #898: support AddressFamily in sshd_config. from
peak@argo.troja.mff.cuni.cz; ok deraadt@
|
|
[ssh-keygen.c]
leak; from mpech
|
|
[session.c]
check for NULL; from mpech
|
|
ccver-v and ccver-V.
|
|
"make survey" and "make send-survey". This will provide data on the
configure parameters, platform and platform features to the development
team, which will allow (among other things) better targetting of testing.
It's entirely voluntary and is off be default. ok djm@
|
|
|
|
|
|
|
|
installs (closes: #289573).
|
|
|
|
|
|
|
|
|
|
to be sufficient and more useful (closes: #162996).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
accept them to the server by default in new installs, although not on
upgrade (closes: #264024).
|
|
|
|
|
|
|
|
cvs up -jV_3_8_1_P1-8 -jbranch-V_3_8_1_P1-4-client-server-split
branch-V_3_8_1_P1-4-client-server-split is now closed. For further
development for sarge (Debian version 3.8.1p1-8.sarge.4, CVS tag
V_3_8_1_P1-8_sarge_4), use branch-V_3_8_1_P1-8_sarge_4-sarge.
|
|
on some wacky platforms (eg old AIXes), dd will refuse to create an output
file if it doesn't exist.
|
|
from prngd is enabled at compile time but fails at run time, eg because
prngd is not running. Note that if you have prngd running when OpenSSH is
built, OpenSSL will consider itself internally seeded and rand-helper won't
be built at all unless explicitly enabled via --with-rand-helper. ok djm@
|
|
amarendra.godbole at ge com.
|
|
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h]
Fix debug call in error path of authorized_keys processing and fix related
warnings; ok djm@
|
|
[sftp.c]
- fix globbed ls for paths the same lenght as the globbed path when
we have a unique matching.
- fix globbed ls in case of a directory when we have a unique matching.
- as a side effect, if the path does not exist error (used to silently
ignore).
- don't do extra do_lstat() if we only have one matching file.
djm@ ok
|
|
- markus@cvs.openbsd.org 2004/12/06 16:00:43
[bufaux.c]
use 0x00 not \0 since buf[] is a bignum
|