Age | Commit message (Collapse) | Author |
|
[sshconnect.h sshconnect.c]
Un-static ssh_exchange_identification(), part of a larger change from
Martin Forssen and needed for upcoming changes.
ok markus@
|
|
[packet.h packet.c]
Add packet_put_int64() and packet_get_int64(), part of a larger change
from Martin Forssen.
|
|
[kex.c kex.h]
Move the KEX_COOKIE_LEN define to kex.h
ok markus@
|
|
[clientloop.c]
Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger
change from Martin Forssen, maf at appgate dot com.
ok markus@
|
|
[canohost.h canohost.c]
Add clear_cached_addr(), needed for upcoming changes allowing the peer
address to change.
ok markus@
|
|
[sshd_config.5]
clarify we cd to user's home after chroot; ok markus@ on
earlier version; tweaks and ok jmc@
|
|
[sshd_config.5]
tweak previous; ok stevesk
|
|
[sshd_config.5]
clarify that even internal-sftp needs /dev/log for logging to work; ok
markus@
|
|
[session.c]
use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server;
ok djm@ markus@
|
|
[servconf.c]
Fixed a few the-the misspellings in comments. Skipped a bunch in
binutils,gcc and so on. ok jmc@
|
|
[sftp-server.c]
remove unused option character from getopt() optstring; ok markus@
|
|
[sshd_config.5]
fix possessive; ok djm@
|
|
[sftp-server.8 sshd.8 ssh-agent.1]
fix a few typographical errors found by spell(1).
ok dtucker@, jmc@
|
|
[ssh-agent.c]
My previous commit didn't fix the problem at all, so stick at my first
version of the fix presented to dtucker.
Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
ok dtucker
|
|
[ssh-agent.c]
Fixed a possible out-of-bounds memory access if the environment variable
SHELL is shorter than 3 characters.
with input by and ok dtucker
|
|
[ssh.1]
for "Ciphers", just point the reader to the keyword in ssh_config(5), just
as we do for "MACs": this stops us getting out of sync when the lists
change;
fixes documentation/6102, submitted by Peter J. Philipp
alternative fix proposed by djm
ok markus
|
|
- markus@cvs.openbsd.org 2009/03/17 21:37:00
[ssh.c]
pass correct argv[0] to openlog(); ok djm@
|
|
is a struct with a __val member. Fixes build on, eg, Redhat 6.2.
|
|
variable declarations. Should prevent unused warnings anywhere it's set
(only Crays as far as I can tell) and be a no-op everywhere else.
|
|
that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
Based on patch from vinschen at redhat com.
|
|
auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
version of Cygwin. Patch from vinschen at redhat com.
|
|
EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
in openssl 0.9.6) so add an explicit test for it.
|
|
|
|
|
|
EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
to use them. Allows building with older OpenSSL versions.
|
|
exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
has a /dev/random).
|
|
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
[sshconnect2.c]
refactor the (disabled) Schnorr proof code to make it a little more
generally useful
|
|
[uuencode.c]
document what these functions do so I don't ever have to recuse into
b64_pton/ntop to remember their return values
|
|
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
[sshconnect2.c]
refactor the (disabled) Schnorr proof code to make it a little more
generally useful
|
|
|
|
|
|
|
|
[version.h]
openssh-5.2
|
|
[sshd_config.5]
missing period
|
|
[ssh_config.5 sshd_config.5]
don't advertise experimental options
|
|
- tobias@cvs.openbsd.org 2009/02/21 19:32:04
[misc.c sftp-server-main.c ssh-keygen.c]
Added missing newlines in error messages.
ok dtucker
|
|
[contrib/suse/openssh.spec] Prepare for 5.2p1
|
|
[schnorr.c]
signature should hash over the entire group, not just the generator
(this is still disabled code)
|
|
[ssh_config]
sync with revised default ciphers; pointed out by dkrause@
|
|
systems; patch from Aurelien Jarno via rmh AT aybabtu.com
|
|
[regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled
interop tests from FATAL error to a warning. Allows some interop
tests to proceed if others are missing necessary prerequisites.
|
|
[PROTOCOL]
mention that eow and no-more-sessions extensions are sent only to
OpenSSH peers
|
|
[packet.c]
check for enc !=NULL in packet_start_discard
|
|
[ssh_config.5]
kill trailing whitespace;
|
|
[ssh_config.5]
document RemoteForward usage with 0 listen port
|
|
[ssh.1]
consistency: Dq => Ql
|
|
[ssh.1]
document -R0:... usage
|
|
[monitor.c]
some paranoia: check that the serialised key is really KEY_RSA before
diddling its internals
|
|
[serverloop.c]
tighten check for -R0:... forwarding: only allow dynamic allocation
if want_reply is set in the packet
|
|
[canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
[readconf.h serverloop.c ssh.c]
support remote port forwarding with a zero listen port (-R0:...) to
dyamically allocate a listen port at runtime (this is actually
specified in rfc4254); bz#1003 ok markus@
|