Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-12-05 | - djm@cvs.openbsd.org 2010/12/04 00:21:19 | Darren Tucker | |
[regress/sftp-cmds.sh] adjust for hard-link support | |||
2010-12-05 | - (dtucker) [regress/Makefile] Id sync. | Darren Tucker | |
2010-12-05 | - djm@cvs.openbsd.org 2010/12/04 13:31:37 | Darren Tucker | |
[hostfile.c] fix fd leak; spotted and ok dtucker | |||
2010-12-05 | - djm@cvs.openbsd.org 2010/12/04 00:18:01 | Darren Tucker | |
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c] add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command; based on a patch from miklos AT szeredi.hu in bz#1555; ok markus@ | |||
2010-12-05 | - djm@cvs.openbsd.org 2010/12/03 23:55:27 | Darren Tucker | |
[auth-rsa.c] move check for revoked keys to run earlier (in auth_rsa_key_allowed) bz#1829; patch from ldv AT altlinux.org; ok markus@ | |||
2010-12-05 | - (dtucker) OpenBSD CVS Sync | Darren Tucker | |
- djm@cvs.openbsd.org 2010/12/03 23:49:26 [schnorr.c] check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao (this code is still disabled, but apprently people are treating it as a reference implementation) | |||
2010-12-05 | - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from | Darren Tucker | |
debugging. Spotted by djm. | |||
2010-12-04 | - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add | Darren Tucker | |
shims for the new, non-deprecated OpenSSL key generation functions for platforms that don't have the new interfaces. | |||
2010-12-03 | - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range) | Damien Miller | |
instead of (arc4random() % range) | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/29 23:45:51 | Damien Miller | |
[auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c] [sshconnect.h sshconnect2.c] automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@ | |||
2010-12-01 | - markus@cvs.openbsd.org 2010/11/29 18:57:04 | Damien Miller | |
[authfile.c] correctly load comment for encrypted rsa1 keys; report/fix Joachim Schipper; ok djm@ | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/26 05:52:49 | Damien Miller | |
[scp.c] Pass through ssh command-line flags and options when doing remote-remote transfers, e.g. to enable agent forwarding which is particularly useful in this case; bz#1837 ok dtucker@ | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/25 04:10:09 | Damien Miller | |
[session.c] replace close() loop for fds 3->64 with closefrom(); ok markus deraadt dtucker | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/24 01:24:14 | Damien Miller | |
[channels.c] remove a debug() that pollutes stderr on client connecting to a server in debug mode (channel_close_fds is called transitively from the session code post-fork); bz#1719, ok dtucker | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/23 23:57:24 | Damien Miller | |
[clientloop.c] avoid NULL deref on receiving a channel request on an unknown or invalid channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@ | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/23 02:35:50 | Damien Miller | |
[auth.c] use strict_modes already passed as function argument over referencing global options.strict_modes | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/21 10:57:07 | Damien Miller | |
[authfile.c] Refactor internals of private key loading and saving to work on memory buffers rather than directly on files. This will make a few things easier to do in the future; ok markus@ | |||
2010-12-01 | - djm@cvs.openbsd.org 2010/11/21 01:01:13 | Damien Miller | |
[clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c] honour $TMPDIR for client xauth and ssh-agent temporary directories; feedback and ok markus@ | |||
2010-12-01 | - OpenBSD CVS Sync | Damien Miller | |
- deraadt@cvs.openbsd.org 2010/11/20 05:12:38 [auth2-pubkey.c] clean up cases of ;; | |||
2010-11-24 | - (djm) [defines.h] Add IP DSCP defines | Damien Miller | |
2010-11-24 | - (dtucker) [packet.c] Remove redundant local declaration of "int tos". | Darren Tucker | |
2010-11-24 | - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow | Damien Miller | |
group read/write. ok dtucker@ | |||
2010-11-24 | - (dtucker) [platform.c session.c] Move the getluid call out of session.c and | Darren Tucker | |
into the platform-specific code Only affects SCO, tested by and ok tim@. | |||
2010-11-22 | - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch | Darren Tucker | |
from vapier at gentoo org. | |||
2010-11-20 | - jmc@cvs.openbsd.org 2010/11/18 15:01:00 | Damien Miller | |
[scp.1 sftp.1 ssh.1 sshd_config.5] add IPQoS to the various -o lists, and zap some trailing whitespace; | |||
2010-11-20 | - jmc@cvs.openbsd.org 2010/11/15 07:40:14 | Damien Miller | |
[ssh_config.5] libary -> library; | |||
2010-11-20 | - djm@cvs.openbsd.org 2010/11/13 23:27:51 | Damien Miller | |
[clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@ | |||
2010-11-20 | - djm@cvs.openbsd.org 2010/11/10 01:33:07 | Damien Miller | |
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c] use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. these have been around for years by this time. ok markus | |||
2010-11-20 | - djm@cvs.openbsd.org 2010/11/05 02:46:47 | Damien Miller | |
[packet.c] whitespace KNF | |||
2010-11-11 | - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on | Damien Miller | |
platforms that don't support ECC. Fixes some spurious warnings reported by tim@ | |||
2010-11-08 | - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add | Tim Rice | |
support for platforms missing isblank(). ok djm@ | |||
2010-11-08 | - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin. | Tim Rice | |
Feedback from dtucker@ | |||
2010-11-07 | - (tim) [regress/kextype.sh] Shell portability fix. | Tim Rice | |
2010-11-07 | - (tim) [regress/Makefile] Fixes to allow building/testing outside source | Tim Rice | |
tree. | |||
2010-11-07 | - (dtucker) [platform.c] includes.h instead of defines.h so that we get | Darren Tucker | |
the correct typedefs. | |||
2010-11-05 | - (dtucker) [platform.c] Need servconf.h and extern options. | Darren Tucker | |
2010-11-05 | - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not | Darren Tucker | |
strictly correct since while ECC requires sha256 the reverse is not true however it does prevent spurious test failures. | |||
2010-11-05 | - (dtucker) [regress/kextype.sh] Add missing "test". | Darren Tucker | |
2010-11-05 | - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh] | Darren Tucker | |
Import recent changes to regress/Makefile, pass a flag to enable ECC tests from configure through to regress/Makefile and use it in the tests. | |||
2010-11-05 | - (dtucker) [regress/keytype.sh] Import new test. | Darren Tucker | |
2010-11-05 | - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case | Darren Tucker | |
check into platform.c | |||
2010-11-05 | - (dtucker) [platform.c session.c] Move PAM credential establishment for the | Darren Tucker | |
non-LOGIN_CAP case into platform.c. | |||
2010-11-05 | - (dtucker) [platform.c session.c] Move irix setusercontext fragment into | Darren Tucker | |
platform.c. | |||
2010-11-05 | - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. | Darren Tucker | |
2010-11-05 | - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into | Darren Tucker | |
platform.c | |||
2010-11-05 | - (dtucker) [platform.c session.c] Move the PAM credential establishment for | Darren Tucker | |
the LOGIN_CAP case into platform.c. | |||
2010-11-05 | - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to | Darren Tucker | |
retain previous behavior. | |||
2010-11-05 | - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. | Darren Tucker | |
2010-11-05 | - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into | Darren Tucker | |
platform.c | |||
2010-11-05 | - (dtucker) [platform.c platform.h session.c] Add a platform hook to run | Darren Tucker | |
after the user's groups are established and move the selinux calls into it. |