summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 23:02:40Damien Miller
[channels.c] When we added support for specified bind addresses for port forwards, we added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of this for -L port forwards that causes the client to listen on both v4 and v6 addresses when connected to a server with this quirk, despite having set 0.0.0.0 as a bind_address. report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 22:37:19Damien Miller
[ssh-keygen.c] unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 22:22:58Damien Miller
[ssh-keygen.c] when hashing individual hosts (ssh-keygen -Hf hostname), make sure we hash just the specified hostname and not the entire hostspec from the keyfile. It may be of the form "hostname,ipaddr", which would lead to a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 22:04:57Damien Miller
[sftp-client.c] fix remote handle leak in do_download() local file open error path; report and fix from sworley AT chkno.net
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 20:51:26Damien Miller
[ssh.c] ignore SIGPIPE in multiplex client mode - we can receive this if the server runs out of fds on us midway. Report and patch from gregory_shively AT fanniemae.com
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 20:48:53Damien Miller
[clientloop.c] fd leak on session multiplexing error path. Report and patch from gregory_shively AT fanniemae.com
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 19:25:50Damien Miller
[scp.1] scp -q implies ssh -q for the underlying connection, it doesn't just hush the progress meter
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 19:13:28Damien Miller
[ssh.1] satisfy the pedants: -q does not suppress all diagnostic messages (e.g. some commandline parsing warnings go unconditionally to stdout).
2008-02-10 - chl@cvs.openbsd.org 2008/01/11 07:22:28Damien Miller
[sftp-client.c sftp-client.h] disable unused functions initially from tobias@, but disabled them by placing them in "#ifdef notyet" which was asked by djm@ ok djm@ tobias@
2008-01-20 - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch fromDamien Miller
tsr2600 AT gmail.com
2008-01-20 - (djm) Silence noice from expr in ssh-copy-id; patch fromDamien Miller
mikel AT mikelward.com
2008-01-02 - (dtucker) [configure.ac] Fix message for -fstack-protector-all test.Darren Tucker
2008-01-02 - dtucker@cvs.openbsd.org 2008/01/01 08:51:20Darren Tucker
[moduli] Updated moduli file; ok djm@
2008-01-01 - dtucker@cvs.openbsd.org 2008/01/01 09:27:33Darren Tucker
[sshd_config.5 servconf.c] Allow PermitRootLogin in a Match block. Allows for, eg, permitting root only from the local network. ok markus@, man page bit ok jmc@
2008-01-01Add missing ChangeLog entriesDarren Tucker
2008-01-01 - dtucker@cvs.openbsd.org 2008/01/01 09:06:39Darren Tucker
[scp.c] If scp -p encounters a pre-epoch timestamp, use the epoch which is as close as we can get given that it's used unsigned. Add a little debugging while there. bz #828, ok djm@
2008-01-01 - dtucker@cvs.openbsd.org 2008/01/01 08:47:04Darren Tucker
[misc.c] spaces -> tabs from my previous commit
2008-01-01 - dtucker@cvs.openbsd.org 2007/12/31 15:27:04Darren Tucker
[sshd.c] When in inetd mode, have sshd generate a Protocol 1 ephemeral server key only for connections where the client chooses Protocol 1 as opposed to when it's enabled in the server's config. Speeds up Protocol 2 connections to inetd-mode servers that also allow Protocol 1. bz #440, based on a patch from bruno at wolff.to, ok markus@
2008-01-01 - (dtucker) OpenBSD CVS SyncDarren Tucker
- dtucker@cvs.openbsd.org 2007/12/31 10:41:31 [readconf.c servconf.c] Prevent strict-aliasing warnings on newer gcc versions. bz #1355, patch from Dmitry V. Levin, ok djm@
2007-12-31 - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use ofDarren Tucker
builtin glob implementation on Mac OS X. Based on a patch from vgiffin at apple.
2007-12-29 - dtucker@cvs.openbsd.org 2007/12/28 22:34:47Darren Tucker
[clientloop.c] Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@.
2007-12-29 - dtucker@cvs.openbsd.org 2007/12/28 15:32:24Darren Tucker
[clientloop.c serverloop.c packet.c] Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the ServerAlive and ClientAlive timers. Prevents dropping a connection when these are enabled but the peer does not support our keepalives. bz #1307, ok djm@.
2007-12-29 - dtucker@cvs.openbsd.org 2007/12/27 14:22:08Darren Tucker
[servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c sshd.c] Add a small helper function to consistently handle the EAI_SYSTEM error code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417. ok markus@ stevesk@
2007-12-29 - djm@cvs.openbsd.org 2007/12/12 05:04:03Darren Tucker
[sftp.c] unbreak lls command and add a regress test that would have caught the breakage; spotted by mouring@
2007-12-02 - deraadt@cvs.openbsd.org 2007/11/03 02:03:49Darren Tucker
[ssh.c] avoid errno trashing in signal handler; ok dtucker
2007-12-02 - dtucker@cvs.openbsd.org 2007/11/03 02:00:32Darren Tucker
[ssh.c] Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@
2007-12-02 - deraadt@cvs.openbsd.org 2007/11/03 01:24:06Darren Tucker
[ssh.c] bz #1377: getpwuid results were being clobbered by another getpw* call inside tilde_expand_filename(); save the data we need carefully ok djm
2007-12-02 - djm@cvs.openbsd.org 2007/11/03 00:36:14Darren Tucker
[clientloop.c] fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM; ok dtucker@
2007-12-02 - jmc@cvs.openbsd.org 2007/10/29 07:48:19Darren Tucker
[ssh_config.5] clean up after previous macro removal;
2007-12-02 - dtucker@cvs.openbsd.org 2007/10/29 06:54:50Darren Tucker
[ssh.c] Make LocalCommand work for Protocol 1 too; ok djm@
2007-12-02 - dtucker@cvs.openbsd.org 2007/10/29 06:51:59Darren Tucker
[ssh_config.5] ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@
2007-12-02 - dtucker@cvs.openbsd.org 2007/10/29 04:08:08Darren Tucker
[monitor_wrap.c monitor.c] Send config block back to slave for invalid users too so options set by a Match block (eg Banner) behave the same for non-existent users. Found by and ok djm@
2007-12-02 - dtucker@cvs.openbsd.org 2007/10/29 01:55:04Darren Tucker
[ssh.c] Plug tiny mem leaks in ControlPath and ProxyCommand option processing; ok djm@
2007-12-02 - dtucker@cvs.openbsd.org 2007/10/29 00:52:45Darren Tucker
[auth2-gss.c] Allow build without -DGSSAPI; ok deraadt@ (Id sync only, Portable already has the ifdefs)
2007-12-02 - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and removeDarren Tucker
leftover debug code.
2007-12-02 - (dtucker) [configure.ac] Enable -fstack-protector-all on systems whereDarren Tucker
gcc supports it. ok djm@
2007-10-30 - djm@cvs.openbsd.org 2007/10/29 23:49:41Damien Miller
[openbsd-compat/sys-tree.h] remove extra backslash at the end of RB_PROTOTYPE, report from Jan.Pechanec AT Sun.COM; ok deraadt@
2007-10-26 - millert@cvs.openbsd.org 2004/10/07 16:56:11Damien Miller
GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE block. (NB. mostly an RCS ID sync, as portable strips out the conditionals)
2007-10-26 - otto@cvs.openbsd.org 2007/04/30 18:42:34Damien Miller
[openbsd-compat/sys-queue.h] Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels. Input and okays from krw@, millert@, otto@, deraadt@, miod@.
2007-10-26 - otto@cvs.openbsd.org 2005/11/25 08:06:25Damien Miller
[openbsd-compat/sys-queue.h] Introduce debugging aid for queue macros. Disabled by default; but developers are encouraged to run with this enabled. ok krw@ fgsch@ deraadt@
2007-10-26 - otto@cvs.openbsd.org 2005/10/25 06:37:47Damien Miller
[openbsd-compat/sys-queue.h] Some uvm problem is being exposed with the more strict macros. Revert until we've found out what's causing the panics.
2007-10-26 - otto@cvs.openbsd.org 2005/10/24 20:25:14Damien Miller
[openbsd-compat/sys-queue.h] Partly backout. NOLIST, used in LISTs is probably interfering. requested by deraadt@
2007-10-26 - otto@cvs.openbsd.org 2005/10/17 20:19:42Damien Miller
[openbsd-compat/sys-queue.h] Performing certain operations on queue.h data structurs produced funny results. An example is calling LIST_REMOVE on the same element twice. This will not fail, but result in a data structure referencing who knows what. Prevent these accidents by NULLing some fields on remove and replace. This way, either a panic or segfault will be produced on the faulty operation.
2007-10-26 - deraadt@cvs.openbsd.org 2005/02/25 13:29:30Damien Miller
[openbsd-compat/sys-queue.h] minor white spacing
2007-10-26 - grange@cvs.openbsd.org 2004/05/04 16:59:32Damien Miller
[openbsd-compat/sys-queue.h] Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro. This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. ok millert krw deraadt
2007-10-26 - tdeval@cvs.openbsd.org 2004/11/24 18:10:42Damien Miller
[openbsd-compat/sys-tree.h] typo
2007-10-26 - frantzen@@cvs.openbsd.org 2004/04/24 18:11:46Damien Miller
[openbsd-compat/tree.h] sync to Niels Provos' version. avoid unused variable warning in RB_NEXT()
2007-10-26 - jakob@cvs.openbsd.org 2007/10/11 18:36:41Damien Miller
[openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h] use RRSIG instead of SIG for DNSSEC. ok djm@
2007-10-26 - otto@cvs.openbsd.org 2006/10/21 09:55:03Damien Miller
[openbsd-compat/base64.c] remove calls to abort(3) that can't happen anyway; from <bret dot lambert at gmail.com>; ok millert@ deraadt@
2007-10-26 - (djm) [openbsd-compat/bindresvport.c]Damien Miller
Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling