| Age | Commit message (Collapse) | Author |
|---|
|
[clientloop.c]
fix connection crash when sending break (~B) on ControlPersist'd session;
ok dtucker@
|
|
[sshd_config]
Remove commented-out kerberos/gssapi config options from sample config,
kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
various people; ok deraadt@
ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
|
|
[ssh-keygen.c sshconnect1.c sshd.c]
All the instances of arc4random_stir() are bogus, since arc4random()
does this itself, inside itself, and has for a very long time.. Actually,
this was probably reducing the entropy available.
ok djm
ID SYNC ONLY for portable; we don't trust other arc4random implementations
to do this right.
|
|
[sftp.c]
make ^w match ksh behaviour (delete previous word instead of entire line)
|
|
[ssh-keygen.c]
improve batch processing a bit by making use of the quite flag a bit
more often and exit with a non zero code if asked to find a hostname
in a known_hosts file and it wasn't there;
originally from reyk@, ok djm
|
|
[sshd.c]
Stir PRNG after post-accept fork. The child gets a different PRNG state
anyway via rexec and explicit privsep reseeds, but it's good to be sure.
ok markus@
|
|
|
|
until we have configure support.
|
|
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
start to use them in the future.
|
|
[ssh.1 ssh_config.5]
some proxyusefdpass tweaks;
|
|
[readconf.c readconf.h ssh_config.5 sshconnect.c]
Add a ssh_config ProxyUseFDPass option that supports the use of
ProxyCommands that establish a connection and then pass a connected
file descriptor back to ssh(1). This allows the ProxyCommand to exit
rather than have to shuffle data back and forth and enables ssh to use
getpeername, etc. to obtain address information just like it does with
regular directly-connected sockets. ok markus@
|
|
[scp.1 ssh.1]
some Bx/Ox conversion;
From: Jan Stary
|
|
[ssh-keygen.c]
another of the same typo
|
|
[ssh-keygen.c]
typo in error message; from Stephan Rickauer
|
|
[sftp.c]
enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
matching ksh's relatively recent change.
|
|
[sftp-client.c]
two problems found by a to-be-committed regress test: 1) msg_id was not
being initialised so was starting at a random value from the heap
(harmless, but confusing). 2) some error conditions were not being
propagated back to the caller
|
|
[sftp.c]
do getopt parsing for all sftp commands (with an empty optstring for
commands without arguments) to ensure consistent behaviour
|
|
[sftp-client.c sftp-client.h sftp.c]
add a "-l" flag for the rename command to force it to use the silly
standard SSH_FXP_RENAME command instead of the POSIX-rename- like
posix-rename@openssh.com extension.
intended for use in regress tests, so no documentation.
|
|
[sftp.c]
fix two year old regression: symlinking a file would incorrectly
canonicalise the target path. bz#2129 report from delphij AT freebsd.org
|
|
[sftp.1 sftp.c]
sort -a;
|
|
[servconf.c]
add cast to avoid format warning; from portable
|
|
[sftp.1]
document top-level -a option (the -a option to 'get' was already
documented)
|
|
[sftp.c]
fix some whitespace at EOL
make list of commands an enum rather than a long list of defines
add -a to usage()
|
|
removal. The "make clean" removes modpipe which is built by the top-level
directory before running the tests. Spotted by tim@
|
|
mistakenly included in the previous commit.
|
|
CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the
CLOCK_MONOTONIC define but don't actually support it. Found and tested
by Kevin Brott, ok djm.
|
|
since some platforms (eg really old FreeBSD) don't have it. Instead,
run "make clean" before a complete regress run. ok djm.
|
|
for building with older Heimdal versions. ok djm.
|
|
|
|
blocking connecting socket will clear any stored errno that might
otherwise have been retrievable via getsockopt(). A hack to limit writes
to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
it in an #ifdef. Diagnosis and patch from Ivo Raisr.
|
|
|
|
|
|
Solaris and UnixWare. Feedback and OK djm@
|
|
[contrib/suse/openssh.spec] Update version numbers
|
|
[regress/sftp-cmds.sh regress/test-exec.sh]
unbreak sftp-cmds for renamed test data (s/ls/data/)
|
|
[regress/forwarding.sh]
Add test for forward config parsing
|
|
[regress/test-exec.sh]
use ssh and sshd as testdata since it needs to be >256k for the rekey test
|
|
[version.h]
openssh-6.3 for release
|
|
[sftp-client.c sftp-client.h sftp.1 sftp.c]
sftp support for resuming partial downloads; patch mostly by Loganaden
Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
|
|
[ssh.c]
daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure
it is fully detached from its controlling terminal. based on debugging
|
|
[umac.h]
oops, forgot to commit corresponding header change;
spotted by jsg and jasper
|
|
[umac.c]
make MAC key, data to be hashed and nonce for final hash const;
checked with -Wcast-qual
|
|
[krl.c]
fix verification error in (as-yet usused) KRL signature checking path
|
|
[auth-krb5.c gss-serv-krb5.c gss-serv.c]
fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
|
|
[ssh-agent.c]
call cleanup_handler on SIGINT when in debug mode to ensure sockets
are cleaned up on manual exit; bz#2120
|
|
[ssh-keygen.c ssh.c]
More useful error message on missing current user in /etc/passwd
|
|
[umac.c]
use a union to ensure correct alignment; ok deraadt
|
|
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
[servconf.h session.c sshd.c sshd_config.5]
add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
ok djm@
|
|
[ssh.1]
be more exact wrt perms for ~/.ssh/config; bz#2078
|
|
[scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8]
use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@
|
