summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-07-25 - djm@cvs.openbsd.org 2013/06/21 02:26:26Damien Miller
[regress/sftp-cmds.sh regress/test-exec.sh] unbreak sftp-cmds for renamed test data (s/ls/data/)
2013-07-25 - dtucker@cvs.openbsd.org 2013/06/10 21:56:43Damien Miller
[regress/forwarding.sh] Add test for forward config parsing
2013-07-25 - dtucker@cvs.openbsd.org 2013/05/30 20:12:32Damien Miller
[regress/test-exec.sh] use ssh and sshd as testdata since it needs to be >256k for the rekey test
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:57:37Damien Miller
[version.h] openssh-6.3 for release
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:56:52Damien Miller
[sftp-client.c sftp-client.h sftp.1 sftp.c] sftp support for resuming partial downloads; patch mostly by Loganaden Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:29:10Damien Miller
[ssh.c] daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure it is fully detached from its controlling terminal. based on debugging
2013-07-25 - djm@cvs.openbsd.org 2013/07/22 12:20:02Damien Miller
[umac.h] oops, forgot to commit corresponding header change; spotted by jsg and jasper
2013-07-25 - djm@cvs.openbsd.org 2013/07/22 05:00:17Damien Miller
[umac.c] make MAC key, data to be hashed and nonce for final hash const; checked with -Wcast-qual
2013-07-25 - djm@cvs.openbsd.org 2013/07/20 22:20:42Damien Miller
[krl.c] fix verification error in (as-yet usused) KRL signature checking path
2013-07-20 - djm@cvs.openbsd.org 2013/07/20 01:55:13Damien Miller
[auth-krb5.c gss-serv-krb5.c gss-serv.c] fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
2013-07-20 - djm@cvs.openbsd.org 2013/07/20 01:50:20Damien Miller
[ssh-agent.c] call cleanup_handler on SIGINT when in debug mode to ensure sockets are cleaned up on manual exit; bz#2120
2013-07-20 - djm@cvs.openbsd.org 2013/07/20 01:44:37Damien Miller
[ssh-keygen.c ssh.c] More useful error message on missing current user in /etc/passwd
2013-07-20 - djm@cvs.openbsd.org 2013/07/20 01:43:46Damien Miller
[umac.c] use a union to ensure correct alignment; ok deraadt
2013-07-20 - markus@cvs.openbsd.org 2013/07/19 07:37:48Damien Miller
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] [servconf.h session.c sshd.c sshd_config.5] add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
2013-07-18 - djm@cvs.openbsd.org 2013/07/18 01:12:26Damien Miller
[ssh.1] be more exact wrt perms for ~/.ssh/config; bz#2078
2013-07-18 - schwarze@cvs.openbsd.org 2013/07/16 00:07:52Damien Miller
[scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@
2013-07-18 - djm@cvs.openbsd.org 2013/07/12 05:48:55Damien Miller
[ssh.c] set TCP nodelay for connections started with -N; bz#2124 ok dtucker@
2013-07-18 - djm@cvs.openbsd.org 2013/07/12 05:42:03Damien Miller
[ssh-keygen.c] do_print_resource_record() can never be called with a NULL filename, so don't attempt (and bungle) asking for one if it has not been specified bz#2127 ok dtucker@
2013-07-18 - djm@cvs.openbsd.org 2013/07/12 00:43:50Damien Miller
[misc.c] in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when errno == 0. Avoids confusing error message in some broken resolver cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
2013-07-18 - djm@cvs.openbsd.org 2013/07/12 00:20:00Damien Miller
[sftp.c ssh-keygen.c ssh-pkcs11.c] fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2013-07-18 - djm@cvs.openbsd.org 2013/07/12 00:19:59Damien Miller
[auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2013-07-18 - markus@cvs.openbsd.org 2013/07/02 12:31:43Damien Miller
[dh.c] remove extra whitespace
2013-07-18 - jmc@cvs.openbsd.org 2013/06/27 14:05:37Damien Miller
[ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] do not use Sx for sections outwith the man page - ingo informs me that stuff like html will render with broken links; issue reported by Eric S. Raymond, via djm
2013-07-18 - djm@cvs.openbsd.org 2013/06/22 06:31:57Damien Miller
[scp.c] improved time_t overflow check suggested by guenther@
2013-07-18 - djm@cvs.openbsd.org 2013/06/21 05:43:10Damien Miller
[scp.c] make this -Wsign-compare clean after time_t conversion
2013-07-18 - djm@cvs.openbsd.org 2013/06/21 05:42:32Damien Miller
[dh.c] sprinkle in some error() to explain moduli(5) parse failures
2013-07-18 - djm@cvs.openbsd.org 2013/06/21 00:37:49Damien Miller
[ssh_config.5] explicitly mention that IdentitiesOnly can be used with IdentityFile to control which keys are offered from an agent.
2013-07-18 - djm@cvs.openbsd.org 2013/06/21 00:34:49Damien Miller
[auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] for hostbased authentication, print the client host and user on the auth success/failure line; bz#2064, ok dtucker@
2013-07-18 - markus@cvs.openbsd.org 2013/06/20 19:15:06Damien Miller
[krl.c] don't leak the rdata blob on errors; ok djm@
2013-07-18 - guenther@cvs.openbsd.org 2013/06/17 04:48:42Damien Miller
[scp.c] Handle time_t values as long long's when formatting them and when parsing them from remote servers. Improve error checking in parsing of 'T' lines. ok dtucker@ deraadt@
2013-07-18 - dtucker@cvs.openbsd.org 2013/06/10 19:19:44Damien Miller
[readconf.c] revert 1.203 while we investigate crashes reported by okan@
2013-07-02 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-configDarren Tucker
contrib/cygwin/ssh-user-config] Modernizes and improve readability of the Cygwin README file (which hasn't been updated for ages), drop unsupported OSes from the ssh-host-config help text, and drop an unneeded option from ssh-user-config. Patch from vinschen at redhat com.
2013-06-11 - (dtucker) [myproposal.h] Make the conditional algorithm support consistentDarren Tucker
and add some comments so it's clear what goes where.
2013-06-11 - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't haveDarren Tucker
the required OpenSSL support. Patch from naddy at freebsd.
2013-06-11 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupportedDarren Tucker
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
2013-06-10 - dtucker@cvs.openbsd.org 2013/06/07 15:37:52Damien Miller
[channels.c channels.h clientloop.c] Add an "ABANDONED" channel state and use for mux sessions that are disconnected via the ~. escape sequence. Channels in this state will be able to close if the server responds, but do not count as active channels. This means that if you ~. all of the mux clients when using ControlPersist on a broken network, the backgrounded mux master will exit when the Control Persist time expires rather than hanging around indefinitely. bz#1917, also reported and tested by tedu@. ok djm@ markus@.
2013-06-06 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater forDarren Tucker
platforms that don't have multibyte character support (specifically, mblen).
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 22:00:28Darren Tucker
[readconf.c] plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 12:52:38Darren Tucker
[sshconnect2.c] Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 02:27:50Darren Tucker
[sshd.c] When running sshd -D, close stderr unless we have explicitly requesting logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch so, err, ok dtucker.
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 02:07:29Darren Tucker
[mux.c] fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, ok djm
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/04 20:42:36Darren Tucker
[sftp.c] Make sftp's libedit interface marginally multibyte aware by building up the quoted string by character instead of by byte. Prevents failures when linked against a libedit built with wide character support (bz#1990). "looks ok" djm
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/04 19:12:23Darren Tucker
[scp.c] use MAXPATHLEN for buffer size instead of fixed value. ok markus
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/03 00:03:18Darren Tucker
[mac.c] force the MAC output to be 64-bit aligned so umac won't see unaligned accesses on strict-alignment architectures. bz#2101, patch from tomas.kuthan at oracle.com, ok djm@
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/02 23:36:29Darren Tucker
[clientloop.h clientloop.c mux.c] No need for the mux cleanup callback to be visible so restore it to static and call it through the detach_user function pointer. ok djm@
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/02 21:01:51Darren Tucker
[channels.h] typo in comment
2013-06-06 - (dtucker) [Makefile.in] append $CFLAGS to compiler options when buildingDarren Tucker
modpipe in case there's anything in there we need.
2013-06-06 - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, theDarren Tucker
forwarding test is extremely slow copying data on some machines so switch back to copying the much smaller ls binary until we can figure out why this is.
2013-06-05 - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test.Darren Tucker
Patch from cjwatson at debian.
2013-06-05 - (dtucker) Enable sha256 kex methods based on the presence of the necessaryDarren Tucker
functions, not from the openssl version.