summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-05-16 - jmc@cvs.openbsd.org 2013/05/16 06:28:45Darren Tucker
[ssh_config.5] put IgnoreUnknown in the right place;
2013-05-16 - djm@cvs.openbsd.org 2013/05/16 04:27:50Darren Tucker
[ssh_config.5 readconf.h readconf.c] add the ability to ignore specific unrecognised ssh_config options; bz#866; ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14Darren Tucker
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34Darren Tucker
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c ssh_config.5 packet.h] Add an optional second argument to RekeyLimit in the client to allow rekeying based on elapsed time in addition to amount of traffic. with djm@ jmc@, ok djm
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/10 10:13:50Darren Tucker
[ssh-pkcs11-helper.c] remove unused extern optarg. ok markus@
2013-05-16 - djm@cvs.openbsd.org 2013/05/10 04:08:01Darren Tucker
[key.c] memleak in cert_free(), wasn't actually freeing the struct; bz#2096 from shm AT digitalsun.pl
2013-05-16add missing attributionDarren Tucker
2013-05-16 - djm@cvs.openbsd.org 2013/05/10 03:40:07Darren Tucker
[sshconnect2.c] fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12Darren Tucker
[sftp-server.8] Reference the version of the sftp draft we actually implement. ok djm@
2013-05-16 - tedu@cvs.openbsd.org 2013/04/24 16:01:46Darren Tucker
[misc.c] remove extra parens noticed by nicm
2013-05-16 - tedu@cvs.openbsd.org 2013/04/23 17:49:45Darren Tucker
[misc.c] use xasprintf instead of a series of strlcats and strdup. ok djm
2013-05-16 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to beDamien Miller
executed if mktemp failed; bz#2105 ok dtucker@
2013-05-10 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test soDarren Tucker
we don't get a warning on compilers that *don't* support it. Add -Wno-unknown-warning-option. Move both to the start of the list for maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
2013-05-10 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when theDarren Tucker
underlying libraries support them.
2013-05-10- (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.cDarren Tucker
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb in to use it when we're using our own getopt.
2013-05-10 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.cDarren Tucker
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add portability code to getopt_long.c and switch over Makefile and the ugly hack in modpipe.c. Fixes bz#1448.
2013-05-10 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. NoDarren Tucker
portability changes yet.
2013-05-10 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes toDarren Tucker
getopt.c. Preprocessed source is identical other than line numbers.
2013-05-10 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compilerDarren Tucker
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18Damien Miller
[mux.c] typo in debug output: evitval->exitval
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 12:07:08Damien Miller
[kex.c] remove duplicated list entry pointed out by naddy@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 11:10:18Damien Miller
[ssh.c] add -Q to usage; reminded by jmc@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:06:50Damien Miller
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:03:01Damien Miller
[session.c] reintroduce 1.262 without the connection-killing bug: fatal() when ChrootDirectory specified by running without root privileges; ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:01:00Damien Miller
[ssh-keygen.c] fix some memory leaks; bz#2088 ok dtucker@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:00:10Damien Miller
[sshd_config.5] document the requirment that the AuthorizedKeysCommand be owned by root; ok dtucker@ markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/18 02:16:07Damien Miller
[sftp.c] make "sftp -q" do what it says on the sticker: hush everything but errors;
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09Damien Miller
[session.c] revert rev 1.262; it fails because uid is already set here. ok djm@
2013-04-23 - djm@cvs.openbsd.org 2013/04/11 02:27:50Damien Miller
[packet.c] quiet disconnect notifications on the server from error() back to logit() if it is a normal client closure; bz#2057 ok+feedback dtucker@
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27Damien Miller
[sshd.8] clarify -e text. suggested by & ok jmc@
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33Damien Miller
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c] Add -E option to ssh and sshd to append debugging logs to a specified file instead of stderr or syslog. ok markus@, man page help jmc@
2013-04-23 - markus@cvs.openbsd.org 2013/04/06 16:07:00Damien Miller
[channels.c sshd.c] handle ECONNABORTED for accept(); ok deraadt some time ago...
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:58:51Damien Miller
[mux.c] cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too (in addition to ones already in OPEN); bz#2079, ok dtucker@
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:31:49Damien Miller
[pathnames.h] use the existing _PATH_SSH_USER_RC define to construct the other pathnames; bz#2077, ok dtucker@ (no binary change)
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:14:00Damien Miller
[auth2-gss.c krl.c sshconnect2.c] hush some {unused, printf type} warnings
2013-04-23 - djm@cvs.openbsd.org 2013/03/08 06:32:58Damien Miller
[ssh.c] allow "ssh -f none ..." ok markus@
2013-04-23 - markus@cvs.openbsd.org 2013/03/07 19:27:25Damien Miller
[auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] add submethod support to AuthenticationMethods; ok and freedback djm@
2013-04-23 - djm@cvs.openbsd.org 2013/03/07 00:19:59Damien Miller
[auth2-pubkey.c monitor.c] reconstruct the original username that was sent by the client, which may have included a style (e.g. "root:skey") when checking public key signatures. Fixes public key and hostbased auth when the client specified a style; ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/03/06 23:36:53Damien Miller
[readconf.c] g/c unused variable (-Wunused)
2013-04-23 - djm@cvs.openbsd.org 2013/03/06 23:35:23Damien Miller
[session.c] fatal() when ChrootDirectory specified by running without root privileges; ok markus@
2013-04-23 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2013/03/05 20:16:09 [sshconnect2.c] reset pubkey order on partial success; ok djm@
2013-04-23 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] SupportDamien Miller
platforms, such as Android, that lack struct passwd.pw_gecos. Report and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
2013-04-18 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings fromDarren Tucker
unused argument warnings (in particular, -fno-builtin-memset) from clang.
2013-04-18 - (djm) [config.guess config.sub] Update to last versions before they switchDamien Miller
to GPL3. ok dtucker@
2013-04-05 - djm@cvs.openbsd.org 2013/02/22 22:09:01Darren Tucker
[ssh.c] Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier version)
2013-04-05 - markus@cvs.openbsd.org 2013/02/22 19:13:56Darren Tucker
[sshconnect.c] support ProxyCommand=- (stdin/out already point to the proxy); ok djm@
2013-04-05 - dtucker@cvs.openbsd.org 2013/02/22 04:45:09Darren Tucker
[ssh.c readconf.c readconf.h] Don't complain if IdentityFiles specified in system-wide configs are missing. ok djm, deraadt
2013-04-05 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47Darren Tucker
[krl.c] Remove bogus include. ok djm (id sync only)
2013-04-05 - dtucker@cvs.openbsd.org 2013/02/17 23:16:57Darren Tucker
[readconf.c ssh.c readconf.h sshconnect2.c] Keep track of which IndentityFile options were manually supplied and which were default options, and don't warn if the latter are missing. ok markus@
2013-04-01 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.hDarren Tucker
to avoid conflicting definitions of __int64, adding the required bits. Patch from Corinna Vinschen.