summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-09-23 - millert@cvs.openbsd.org 2006/05/05 15:27:38Damien Miller
[strlcpy.c] Convert do {} while loop -> while {} for clarity. No binary change on most architectures. From Oliver Smith. OK deraadt@ and henning@
2011-09-22 - djm@cvs.openbsd.org 2011/09/22 06:29:03Damien Miller
[sftp.c] don't let remote_glob() implicitly sort its results in do_globbed_ls() - in all likelihood, they will be resorted anyway
2011-09-22 - markus@cvs.openbsd.org 2011/09/12 08:46:15Damien Miller
[sftp-client.c] fix leak in do_lsreaddir(); ok djm
2011-09-22 - markus@cvs.openbsd.org 2011/09/11 16:07:26Damien Miller
[sftp-client.c] fix leaks in do_hardlink() and do_readlink(); bz#1921 from Loganaden Velvindron
2011-09-22 - okan@cvs.openbsd.org 2011/09/11 06:59:05Damien Miller
[ssh.1] document new -O cancel command; ok djm@
2011-09-22 - markus@cvs.openbsd.org 2011/09/10 22:26:34Damien Miller
[channels.c channels.h clientloop.c ssh.1] support cancellation of local/dynamic forwardings from ~C commandline; ok & feedback djm@
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 22:46:44Damien Miller
[channels.c channels.h clientloop.h mux.c ssh.c] support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings; ok markus@
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 22:38:21Damien Miller
[sshd.c] kill the preauth privsep child on fatal errors in the monitor; ok markus@
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 22:37:01Damien Miller
[scp.c] suppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms; feedback & ok dtucker ok markus
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 00:44:07Damien Miller
[PROTOCOL.mux] MUX_C_CLOSE_FWD includes forward type in message (though it isn't implemented anyway)
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 00:43:00Damien Miller
[ssh_config.5 sshd_config.5] fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
2011-09-22 - deraadt@cvs.openbsd.org 2011/09/07 02:18:31Damien Miller
[ssh-keygen.1] typo (they vs the) found by Lawrence Teo
2011-09-22 - jmc@cvs.openbsd.org 2011/09/05 07:01:44Damien Miller
[scp.1] knock out a useless Ns;
2011-09-22 - djm@cvs.openbsd.org 2011/09/05 05:59:08Damien Miller
[misc.c] fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
2011-09-22 - djm@cvs.openbsd.org 2011/09/05 05:56:13Damien Miller
[scp.1 sftp.1] mention ControlPersist and KbdInteractiveAuthentication in the -o verbiage in these pages too (prompted by jmc@)
2011-09-22 - djm@cvs.openbsd.org 2011/08/26 01:45:15Damien Miller
[ssh.1] Add some missing ssh_config(5) options that can be used in ssh(1)'s -o argument. Patch from duclare AT guu.fi
2011-09-22 - djm@cvs.openbsd.org 2011/09/22 06:27:29Damien Miller
[glob.c] fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being applied only to the gl_pathv vector and not the corresponding gl_statv array. reported in OpenSSH bz#1935; feedback and okay matthew@
2011-09-22 - stsp@cvs.openbsd.org 2011/09/20 10:18:46Damien Miller
[glob.c] In glob(3), limit recursion during matching attempts. Similar to fnmatch fix. Also collapse consecutive '*' (from NetBSD). ok miod deraadt
2011-09-22 - pyr@cvs.openbsd.org 2011/05/12 07:15:10Damien Miller
[openbsd-compat/glob.c] When the max number of items for a directory has reached GLOB_LIMIT_READDIR an error is returned but closedir() is not called. spotted and fix provided by Frank Denis obsd-tech@pureftpd.org ok otto@, millert@
2011-09-09 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng. FromDarren Tucker
Colin Watson.
2011-09-07 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restoreconDamien Miller
2011-09-07 - (djm) [README version.h] Correct versionDamien Miller
2011-09-05 - (djm) Release OpenSSH-5.9Damien Miller
2011-09-05 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Update version numbers.
2011-09-04 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementationsDarren Tucker
ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen support.
2011-09-04 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatalDamien Miller
regress errors for the sandbox to warnings. ok tim dtucker
2011-08-29 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attemptingDamien Miller
to switch SELinux context away from unconfined_t, based on patch from Jan Chadima; bz#1919 ok dtucker@
2011-08-28 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.Darren Tucker
2011-08-17 - (tim) [configure.ac] Typo in error message spotted by Andy TsouladzeTim Rice
2011-08-17 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2Damien Miller
MAC tests for platforms that hack EVP_SHA2 support
2011-08-17 - djm@cvs.openbsd.org 2011/08/02 01:23:41Damien Miller
[regress/cipher-speed.sh regress/try-ciphers.sh] add SHA256/SHA512 based HMAC modes
2011-08-17 - markus@cvs.openbsd.org 2011/06/30 22:44:43Damien Miller
[connect-privsep.sh] test with sandbox enabled; ok djm@
2011-08-17 - dtucker@cvs.openbsd.org 2011/06/03 05:35:10Damien Miller
[regress/cfgmatch.sh] use OBJ to find test configs, patch from Tim Rice
2011-08-17 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted byDamien Miller
bisson AT archlinux.org
2011-08-17 - (djm) [configure.ac] error out if the host lacks the necessary bits forDamien Miller
an explicitly requested sandbox type
2011-08-17 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]Damien Miller
binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
2011-08-16 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs forTim Rice
OpenSSL 0.9.7. ok djm
2011-08-12 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to theDamien Miller
identify file contained whitespace. bz#1828 patch from gwenael.lambrouin AT gmail.com; ok dtucker@
2011-08-12 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]Damien Miller
[contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES init scrips from imorgan AT nas.nasa.gov
2011-08-12 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux contextDarren Tucker
change error by reporting old and new context names Patch from jchadima at redhat.
2011-08-07 - dtucker@cvs.openbsd.org 2011/08/07 12:55:30Darren Tucker
[sftp.1] typo, fix from Laurent Gautrot
2011-08-07 - jmc@cvs.openbsd.org 2010/10/14 20:41:28Darren Tucker
[moduli.5] probabalistic -> probabilistic; from naddy
2011-08-07 - sobrado@cvs.openbsd.org 2009/10/28 08:56:54Darren Tucker
[moduli.5] "Diffie-Hellman" is the usual spelling for the cryptographic protocol first published by Whitfield Diffie and Martin Hellman in 1976. ok jmc@
2011-08-07 - (dtucker) OpenBSD CVS SyncDarren Tucker
- jmc@cvs.openbsd.org 2008/06/26 06:59:39 [moduli.5] tweak previous;
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 23:15:03Damien Miller
[ssh.c] typo in comment
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 23:13:01Damien Miller
[version.h] crank now, release later
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 01:22:11Damien Miller
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5] Add new SHA256 and SHA512 based HMAC modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt Patch from mdb AT juniper.net; feedback and ok markus@
2011-08-06 - markus@cvs.openbsd.org 2011/08/01 19:18:15Damien Miller
[gss-serv.c] prevent post-auth resource exhaustion (int overflow leading to 4GB malloc); report Adam Zabrock; ok djm@, deraadt@
2011-08-06 - djm@cvs.openbsd.org 2011/07/29 14:42:45Damien Miller
[sandbox-systrace.c] fail open(2) with EPERM rather than SIGKILLing the whole process. libc will call open() to do strerror() when NLS is enabled; feedback and ok markus@
2011-08-06 - tedu@cvs.openbsd.org 2011/07/06 18:09:21Damien Miller
[authfd.c] bzero the agent address. the kernel was for a while very cranky about these things. evne though that's fixed, always good to initialize memory. ok deraadt djm