Age | Commit message (Collapse) | Author |
|
|
|
|
|
qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
and "//foo" to be different. Spotted by vinschen at redhat.com.
|
|
LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@
|
|
from Jacob Nevins; ok dtucker@
|
|
by skeleten AT shillest.net
|
|
|
|
[sftp.c]
sftp prompt enhancements:
- in non-interactive mode, do not print an empty prompt at the end
before finishing
- print newline after EOF in editline mode
- call el_end() in editline mode
ok dtucker djm
|
|
Report from Janusz Mucka; ok djm@
|
|
[servconf.c]
Unbreak sshd ListenAddress for bare IPv6 addresses.
|
|
[readconf.c]
listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
|
|
[ssh.c]
fix -D listen_host initialisation, so it picks up gateway_ports setting
correctly
|
|
[packet.c]
missing packet_init_compression(); from solar
|
|
Sync current (thread-safe) version of realpath.c from OpenBSD (which is
in turn based on FreeBSD's). ok djm@
|
|
Report from skeleten AT shillest.net, ok djm@
|
|
Report by skeleten AT shillest.net
|
|
latter is specified in the standard.
|
|
individually and use a value less likely to collide with real values from
netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@
|
|
adding -Werror to CFLAGS when all of the configure tests are done. ok djm@
|
|
with gcc. ok djm@
|
|
[scp.c hostfile.c sftp-client.c]
Silence bogus -Wuninitialized warnings; ok djm@
|
|
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
[sshconnect2.c sshd.c sshd_config sshd_config.5]
add a new compression method that delays compression until the user
has been authenticated successfully and set compression to 'delayed'
for sshd.
this breaks older openssh clients (< 3.5) if they insist on
compression, so you have to re-enable compression in sshd_config.
ok djm@
|
|
- otto@cvs.openbsd.org 2005/07/19 15:32:26
[auth-passwd.c]
auth_usercheck(3) can return NULL, so check for that. Report from
mpech@. ok markus@
|
|
tim@.
|
|
|
|
|
|
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
|
|
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
|
|
- djm@cvs.openbsd.org 2005/07/17 06:49:04
[channels.c channels.h session.c session.h]
Fix a number of X11 forwarding channel leaks:
1. Refuse multiple X11 forwarding requests on the same session
2. Clean up all listeners after a single_connection X11 forward, not just
the one that made the single connection
3. Destroy X11 listeners when the session owning them goes away
testing and ok dtucker@
|
|
|
|
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
|
|
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
[sshconnect.c]
spacing
|
|
socketpair stays open on in both the monitor and PAM process. Patch from
Joerg Sonnenberger.
|
|
compiler doesn't understand it to prevent warnings. If any mainstream
compiler versions acquire it we can test for those versions. Based on
discussion with djm@.
|
|
[misc.h]
use __sentinel__ attribute; ok deraadt@ djm@ markus@
|
|
[ssh_config.5]
new sentence, new line;
|
|
[ssh_config.5]
change BindAddress to match recent ssh -b change; prompted by markus@
|
|
[channels.h]
race when efd gets closed while there is still buffered data:
change CHANNEL_EFD_OUTPUT_ACTIVE()
1) c->efd must always be valid AND
2a) no EOF has been seen OR
2b) there is buffered data
report, initial fix and testing Chuck Cranor
|
|
[misc.c]
Make comment match code; ok djm@
|
|
[ssh.1]
clarify meaning of ssh -b ; with & ok jmc@
|
|
/etc/ssh/ssh_host_key itself (closes: #312312).
|
|
|
|
calls to krb5_init_ets, which has not been required since krb-1.1.x and
most Kerberos versions no longer export in their public API. From sxw
at inf.ed.ac.uk, ok djm@
|
|
|
|
in the case where the buffer is insufficient, so always return ENOMEM.
Also pointed out by sxw at inf.ed.ac.uk.
|
|
openssh-server got recompiled with the wrong options during 'debian/rules
install' (closes: #317088, #317238, #317241).
|
|
Kerberos code path into a common function and expand mkstemp template to be
consistent with the rest of OpenSSH. From sxw at inf.ed.ac.uk, ok djm@
|
|
[channels.c]
don't forget to set x11_saved_display
|
|
[ssh_config.5]
fix Xr and a little grammar;
|
|
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
|