Age | Commit message (Collapse) | Author |
|
openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
compiled in but disabled in config.
|
|
[session.c ssh-agent.c]
10X for mkdtemp; djm@
|
|
[README.dns]
update
Resynced with OpenBSD too: DNSFP support is now always compiled in
so the configure support (and documentation thereof) can go away.
|
|
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
include SSHFP lookup code (not enabled by default). ok markus@
|
|
[scp.1 sftp.1]
don't refer to options related to forwarding; ok jmc@
|
|
[ssh_config.5]
note that EnableSSHKeySign should be in the non-hostspecific section;
remove unnecessary .Pp;
ok markus@
|
|
[monitor_wrap.c]
return NULL for missing banner; ok djm@
|
|
[sshconnect2.c]
search keys in reverse order; fixes #684
|
|
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
|
|
[readconf.c ssh_config.5]
default GSS API to no in client, too; ok jakob, deraadt@
|
|
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
scp and sftp: add options list and sort options. options list requested
by deraadt@
sshd: use same format as ssh
ssh: remove wrong option from list
sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
ok deraadt@ markus@
|
|
|
|
|
|
[regress/sftp-cmds.sh]
more sftp quoting regress tests; ok markus
|
|
[regress/Makefile regress/banner.sh]
Test SSH2 banner. ok markus@
|
|
[sshconnect2.c]
set ptr to NULL after free
|
|
[sftp-int.c]
sftp quoting fix from admorten AT umich.edu; ok markus@
|
|
[sshconnect2.c]
Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707.
ok markus@
|
|
Reliant Unix. Based on patch from Robert.Dahlem at siemens.com.
|
|
on Reliant Unix. Patch from Robert.Dahlem at siemens.com.
|
|
Bug #670: add strtoul() to openbsd-compat for platforms lacking it. ok djm@
|
|
run-time switch, always build --with-md5-passwords.
|
|
|
|
cleanup functions. With & ok djm@
|
|
|
|
|
|
[ssh-gss.h]
missing $OpenBSD:; dtucker
|
|
[sshd.c]
print openssl version, too, several requests; ok henning/djm.
|
|
Based on patches by Matthias Koeppe and Thomas Baden. ok djm@
|
|
|
|
--with-pam. ok djm@
|
|
[servconf.c sshd_config]
GSSAPICleanupCreds -> GSSAPICleanupCredentials
|
|
[ssh.1]
- add list of options to -o and .Xr ssh_config(5)
- some other cleanup
requested by deraadt@;
ok deraadt@ markus@
|
|
[sshd.c]
no need to set the listen sockets to non-block; ok deraadt@
|
|
[channels.c channels.h clientloop.c]
move client only agent code to clientloop.c
|
|
[progressmeter.c]
don't print trailing \0; bug #709; Robert.Dahlem@siemens.com
ok millert/deraadt@
|
|
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
|
|
|
|
|
|
DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam. Patch from
michael_steffens at hp.com, ok djm@
|
|
|
|
|
|
- (djm) Fix SSH1 challenge kludge
- (djm) Bug #671: Fix builds on OpenBSD
- (djm) Bug #676: Fix PAM stack corruption
- (djm) Fix bad free() in PAM code
- (djm) Don't call pam_end before pam_init
- (djm) Enable build with old OpenSSL again
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
|
|
|
on #unixhelp@efnet
|
|
[clientloop.c sshtty.c sshtty.h]
remove fatal callbacks from client code; ok deraadt
|
|
[scp.c]
error handling for remote-remote copy; #638; report Harald Koenig;
ok millert, fgs, henning, deraadt
|
|
[packet.c sshd.c]
do not call packet_close on fatal; ok deraadt
|
|
[channels.c]
do not call channel_free_all on fatal; ok deraadt
|
|
[ssh-keyscan.c]
avoid fatal_cleanup, just call exit(); ok deraadt
|