summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-06-05 - (dtucker) Enable sha256 kex methods based on the presence of the necessaryDarren Tucker
functions, not from the openssl version.
2013-06-04 - (dtucker) [configure.ac] Some other platforms need sys/types.h beforeDarren Tucker
sys/socket.h.
2013-06-03 - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h.Darren Tucker
2013-06-02 - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtuckerTim Rice
2013-06-02 - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr.Tim Rice
feedback and ok dtucker
2013-06-02 - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh weTim Rice
need a shell that can handle "[ file1 -nt file2 ]". Rather than keep dealing with shell portability issues in regression tests, we let configure find us a capable shell on those platforms with an old /bin/sh.
2013-06-03 - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android.Darren Tucker
Patch from Nathan Osman.
2013-06-03 - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platformsDarren Tucker
to prevent noise from configure. Patch from Nathan Osman.
2013-06-02 - dtucker@cvs.openbsd.org 2013/06/02 13:35:58Darren Tucker
[ssh-agent.c] Make parent_alive_interval time_t to avoid signed/unsigned comparison
2013-06-02 - dtucker@cvs.openbsd.org 2013/06/02 13:33:05Darren Tucker
[progressmeter.c] Add misc.h for monotime prototype. (id sync only)
2013-06-0120130602Tim Rice
- (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy linking regress/modpipe.
2013-06-02 - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday.Darren Tucker
2013-06-02fix typoDarren Tucker
2013-06-02 - dtucker@cvs.openbsd.org 2013/06/01 22:34:50Darren Tucker
[sftp-client.c] Update progressmeter when data is acked, not when it's sent. bz#2108, from Debian via Colin Watson, ok djm@
2013-06-02 - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fallDarren Tucker
back to time(NULL) if we can't find it anywhere.
2013-06-02 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.cDarren Tucker
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c openbsd-compat/port-linux.c] Replace portable-specific instances of xfree with the equivalent calls to free.
2013-06-02Remove stray '+' accidentally introduced in syncDarren Tucker
2013-06-02 - dtucker@cvs.openbsd.org 2013/06/01 20:59:25Darren Tucker
[scp.c sftp-client.c] Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch from Nathan Osman via bz#2113. ok deraadt. (note: corrected bug number from 2085)
2013-06-02 - dtucker@cvs.openbsd.org 2013/06/01 13:15:52Darren Tucker
[ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c channels.c sandbox-systrace.c] Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
2013-06-02 - dtucker@cvs.openbsd.org 2013/05/31 12:28:10Darren Tucker
[ssh-agent.c] Use time_t where appropriate. ok djm
2013-06-02 - djm@cvs.openbsd.org 2013/05/19 02:42:42Darren Tucker
[auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@
2013-06-02 - djm@cvs.openbsd.org 2013/05/19 02:38:28Darren Tucker
[auth2-pubkey.c] fix failure to recognise cert-authority keys if a key of a different type appeared in authorized_keys before it; ok markus@
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2013-06-02 - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITSDarren Tucker
rather than trying to enumerate the plaforms that don't have them. Based on a patch from Nathan Osman, with help from tim@.
2013-06-02 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back toDarren Tucker
using openssl's DES_crpyt function on platorms that don't have a native one, eg Android. Based on a patch from Nathan Osman.
2013-05-30 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a nullDarren Tucker
implementation of endgrent for platforms that don't have it (eg Android). Loosely based on a patch from Nathan Osman, ok djm
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:35:43Darren Tucker
[regress/scp.sh] use a file extention that's not special on some platforms. from portable (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:34:30Darren Tucker
[regress/portnum.sh] use a more portable negated if structure. from portable (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:33:09Darren Tucker
[regress/agent-getpeereid.sh] don't redirect stdout from sudo. from portable (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:30:07Darren Tucker
[regress/test-exec.sh] wait a bit longer for startup and use case for absolute path. from portable (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:28:11Darren Tucker
[regress/sftp.sh] only compare copied data if sftp succeeds. from portable (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:26:26Darren Tucker
[regress/sftp-badcmds.sh] remove unused BATCH variable. (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:24:48Darren Tucker
[localcommand.sh] use backticks for portability. (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:23:52Darren Tucker
[regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] Use SUDO when cat'ing pid files and running the sshd log wrapper so that it works with a restrictive umask and the pid files are not world readable. Changes from -portable. (id sync only)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 10:16:26Darren Tucker
[regress/try-ciphers.sh] use expr for math to keep diffs vs portable down (id sync only)
2013-05-17 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete byDarren Tucker
rev 1.6 which calls wait.
2013-05-17 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script.Darren Tucker
2013-05-17 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5Darren Tucker
helper function to the portable part of test-exec.sh.
2013-05-17 - (dtucker) [regress/test-exec.sh] Move the portable-specific functionsDarren Tucker
together and add a couple of missing lines from openbsd.
2013-05-17 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]Darren Tucker
Move the jot helper function to portable-specific part of test-exec.sh.
2013-05-17 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd.Darren Tucker
2013-05-17 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd.Darren Tucker
2013-05-17 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.Darren Tucker
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 04:29:14Darren Tucker
[regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh regress/multiplex.sh] Move the setting of DATA and COPY into test-exec.sh
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 01:32:11Darren Tucker
[regress/integrity.sh] don't print output from ssh before getting it (it's available in ssh.log)
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 01:16:09Darren Tucker
[regress/agent-timeout.sh] Pull back some portability changes from -portable: - TIMEOUT is a read-only variable in some shells - not all greps have -q so redirect to /dev/null instead. (ID sync only)
2013-05-17sync missing IDDarren Tucker
2013-05-17 - dtucker@cvs.openbsd.org 2013/05/17 00:37:40Darren Tucker
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh regress/ssh-com.sh] replace 'echo -n' with 'printf' since it's more portable also remove "echon" hack.
2013-05-17 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchangeDarren Tucker
methods. When the openssl version doesn't support ECDH then next one on the list is DH group exchange, but that causes a bit more traffic which can mean that the tests flip bits in the initial exchange rather than the MACed traffic and we get different errors to what the tests look for.
2013-05-17 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used itDarren Tucker
in portable and it's long gone in openbsd.