| Age | Commit message (Collapse) | Author |
|---|
|
[rekey.sh]
Add test for time-based rekeying
|
|
[modpipe.c]
sync some portability changes from portable OpenSSH (id sync only)
|
|
[multiplex.sh]
Add tests for -Oforward and -Ocancel for local and remote forwards
|
|
[multiplex.sh]
Write mux master logs to regress.log instead of ssh.log to keep separate
|
|
[Makefile regress/sftp-chroot.sh]
test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
|
|
[regress/Makefile regress/rekey.sh regress/integrity.sh
regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
save the output from any failing tests. If a test fails the debug output
from ssh and sshd for the failing tests (and only the failing tests) should
be available in failed-ssh{,d}.log.
|
|
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
regress/multiplex.sh Makefile regress/cfgmatch.sh]
Split the regress log into 3 parts: the debug output from ssh, the debug
log from sshd and the output from the client command (ssh, scp or sftp).
Somewhat functional now, will become more useful when ssh/sshd -E is added.
|
|
[test-exec.sh]
Only regenerate host keys if they don't exist or if ssh-keygen has changed
since they were. Reduces test runtime by 5-30% depending on machine
speed.
|
|
[regress/proxy-connect.sh]
repeat test with a style appended to the username
|
|
|
|
[servconf.c]
remove another now-unused variable
|
|
[servconf.c readconf.c]
remove now-unused variables
|
|
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
|
|
[readconf.c servconf.c]
switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@
|
|
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
Fix some "unused result" warnings found via clang and -portable.
ok markus@
|
|
[sshd_config.5]
oops! avoid Xr to self;
|
|
[ssh_config.5]
put IgnoreUnknown in the right place;
|
|
[ssh_config.5 readconf.h readconf.c]
add the ability to ignore specific unrecognised ssh_config options;
bz#866; ok markus@
|
|
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
|
|
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
ssh_config.5 packet.h]
Add an optional second argument to RekeyLimit in the client to allow
rekeying based on elapsed time in addition to amount of traffic.
with djm@ jmc@, ok djm
|
|
[ssh-pkcs11-helper.c]
remove unused extern optarg. ok markus@
|
|
[key.c]
memleak in cert_free(), wasn't actually freeing the struct;
bz#2096 from shm AT digitalsun.pl
|
|
|
|
[sshconnect2.c]
fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
|
|
[sftp-server.8]
Reference the version of the sftp draft we actually implement. ok djm@
|
|
[misc.c]
remove extra parens noticed by nicm
|
|
[misc.c]
use xasprintf instead of a series of strlcats and strdup. ok djm
|
|
|
|
executed if mktemp failed; bz#2105 ok dtucker@
|
|
executed if mktemp failed; bz#2105 ok dtucker@
|
|
we don't get a warning on compilers that *don't* support it. Add
-Wno-unknown-warning-option. Move both to the start of the list for
maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
|
|
underlying libraries support them.
|
|
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
in to use it when we're using our own getopt.
|
|
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
portability code to getopt_long.c and switch over Makefile and the ugly
hack in modpipe.c. Fixes bz#1448.
|
|
|
|
[contrib/suse/openssh.spec] Crank version numbers for release.
|
|
portability changes yet.
|
|
getopt.c. Preprocessed source is identical other than line numbers.
|
|
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
|
|
[packet.c]
quiet disconnect notifications on the server from error() back to logit()
if it is a normal client closure; bz#2057 ok+feedback dtucker@
|
|
|
|
[mux.c]
typo in debug output: evitval->exitval
|
|
[kex.c]
remove duplicated list entry pointed out by naddy@
|
|
[ssh.c]
add -Q to usage; reminded by jmc@
|
|
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
[key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
add the ability to query supported ciphers, MACs, key type and KEX
algorithms to ssh. Includes some refactoring of KEX and key type handling
to be table-driven; ok markus@
|
|
[session.c]
reintroduce 1.262 without the connection-killing bug:
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
|
|
[ssh-keygen.c]
fix some memory leaks; bz#2088 ok dtucker@
|
|
[sshd_config.5]
document the requirment that the AuthorizedKeysCommand be owned by root;
ok dtucker@ markus@
|
|
[sftp.c]
make "sftp -q" do what it says on the sticker: hush everything but errors;
|
|
[session.c]
revert rev 1.262; it fails because uid is already set here. ok djm@
|
