summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-01-10 - (tim) [regress/host-expand.sh] Fix for building outside of read onlyTim Rice
source tree.
2011-01-09 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted byDamien Miller
openssh AT roumenpetrov.info
2011-01-08 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regressDamien Miller
test on OSX and others. Reported by imorgan AT nas.nasa.gov
2011-01-07 - djm@cvs.openbsd.org 2011/01/06 23:01:35Damien Miller
[sshconnect.c] reset SIGCHLD handler to SIG_DFL when execuring LocalCommand; ok markus@
2011-01-07 - djm@cvs.openbsd.org 2011/01/06 22:46:21Damien Miller
[regress/Makefile regress/host-expand.sh] regress test for LocalCommand %n expansion from bert.wesarg AT googlemail.com; ok markus@
2011-01-07 - djm@cvs.openbsd.org 2011/01/06 22:23:02Damien Miller
[clientloop.c] when exiting due to ServerAliveTimeout, mention the hostname that caused it (useful with backgrounded controlmaster)
2011-01-07 - djm@cvs.openbsd.org 2011/01/06 22:23:53Damien Miller
[ssh.c] unbreak %n expansion in LocalCommand; patch from bert.wesarg AT googlemail.com; ok markus@
2011-01-07 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell testDamien Miller
for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
2011-01-06 - otto@cvs.openbsd.org 2011/01/04 20:44:13Damien Miller
[ssh-keyscan.c] handle ecdsa-sha2 with various key lengths; hint and ok djm@
2011-01-06 - djm@cvs.openbsd.org 2010/12/24 21:41:48Damien Miller
[auth-options.c] don't send the actual forced command in a debug message; ok markus deraadt
2011-01-06 - djm@cvs.openbsd.org 2010/12/15 00:49:27Damien Miller
[readpass.c] fix ControlMaster=ask regression reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
2011-01-06 - markus@cvs.openbsd.org 2010/12/14 11:59:06Damien Miller
[sshconnect.c] don't mention key type in key-changed-warning, since we also print this warning if a new key type appears. ok djm@
2011-01-06 - jmc@cvs.openbsd.org 2010/12/09 14:13:33Damien Miller
[scp.1 scp.c] scp.1: grammer fix scp.c: add -3 to usage()
2011-01-06 - markus@cvs.openbsd.org 2010/12/08 22:46:03Damien Miller
[scp.1 scp.c] add a new -3 option to scp: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
2011-01-04 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpageDamien Miller
formatter if it is present, followed by nroff and groff respectively. Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports in favour of mandoc). feedback and ok tim
2011-01-03 - (djm) [Makefile.in] revert local hack I didn't intend to commitDamien Miller
2011-01-02 - (djm) [configure.ac] Check whether libdes is needed when buildingDamien Miller
with Heimdal krb5 support. On OpenBSD this library no longer exists, so linking it unconditionally causes a build failure; ok dtucker
2011-01-02 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtuckerDamien Miller
2010-12-26 - djm@cvs.openbsd.org 2010/12/08 04:02:47Damien Miller
[ssh_config.5 sshd_config.5] explain that IPQoS arguments are separated by whitespace; iirc requested by jmc@ a while back
2010-12-05Id syncDarren Tucker
2010-12-05 - djm@cvs.openbsd.org 2010/12/04 00:21:19Darren Tucker
[regress/sftp-cmds.sh] adjust for hard-link support
2010-12-05 - (dtucker) [regress/Makefile] Id sync.Darren Tucker
2010-12-05 - djm@cvs.openbsd.org 2010/12/04 13:31:37Darren Tucker
[hostfile.c] fix fd leak; spotted and ok dtucker
2010-12-05 - djm@cvs.openbsd.org 2010/12/04 00:18:01Darren Tucker
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c] add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command; based on a patch from miklos AT szeredi.hu in bz#1555; ok markus@
2010-12-05 - djm@cvs.openbsd.org 2010/12/03 23:55:27Darren Tucker
[auth-rsa.c] move check for revoked keys to run earlier (in auth_rsa_key_allowed) bz#1829; patch from ldv AT altlinux.org; ok markus@
2010-12-05 - (dtucker) OpenBSD CVS SyncDarren Tucker
- djm@cvs.openbsd.org 2010/12/03 23:49:26 [schnorr.c] check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao (this code is still disabled, but apprently people are treating it as a reference implementation)
2010-12-05 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover fromDarren Tucker
debugging. Spotted by djm.
2010-12-04 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
shims for the new, non-deprecated OpenSSL key generation functions for platforms that don't have the new interfaces.
2010-12-03 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)Damien Miller
instead of (arc4random() % range)
2010-12-01 - djm@cvs.openbsd.org 2010/11/29 23:45:51Damien Miller
[auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c] [sshconnect.h sshconnect2.c] automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
2010-12-01 - markus@cvs.openbsd.org 2010/11/29 18:57:04Damien Miller
[authfile.c] correctly load comment for encrypted rsa1 keys; report/fix Joachim Schipper; ok djm@
2010-12-01 - djm@cvs.openbsd.org 2010/11/26 05:52:49Damien Miller
[scp.c] Pass through ssh command-line flags and options when doing remote-remote transfers, e.g. to enable agent forwarding which is particularly useful in this case; bz#1837 ok dtucker@
2010-12-01 - djm@cvs.openbsd.org 2010/11/25 04:10:09Damien Miller
[session.c] replace close() loop for fds 3->64 with closefrom(); ok markus deraadt dtucker
2010-12-01 - djm@cvs.openbsd.org 2010/11/24 01:24:14Damien Miller
[channels.c] remove a debug() that pollutes stderr on client connecting to a server in debug mode (channel_close_fds is called transitively from the session code post-fork); bz#1719, ok dtucker
2010-12-01 - djm@cvs.openbsd.org 2010/11/23 23:57:24Damien Miller
[clientloop.c] avoid NULL deref on receiving a channel request on an unknown or invalid channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
2010-12-01 - djm@cvs.openbsd.org 2010/11/23 02:35:50Damien Miller
[auth.c] use strict_modes already passed as function argument over referencing global options.strict_modes
2010-12-01 - djm@cvs.openbsd.org 2010/11/21 10:57:07Damien Miller
[authfile.c] Refactor internals of private key loading and saving to work on memory buffers rather than directly on files. This will make a few things easier to do in the future; ok markus@
2010-12-01 - djm@cvs.openbsd.org 2010/11/21 01:01:13Damien Miller
[clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c] honour $TMPDIR for client xauth and ssh-agent temporary directories; feedback and ok markus@
2010-12-01 - OpenBSD CVS SyncDamien Miller
- deraadt@cvs.openbsd.org 2010/11/20 05:12:38 [auth2-pubkey.c] clean up cases of ;;
2010-11-24 - (djm) [defines.h] Add IP DSCP definesDamien Miller
2010-11-24 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".Darren Tucker
2010-11-24 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allowDamien Miller
group read/write. ok dtucker@
2010-11-24 - (dtucker) [platform.c session.c] Move the getluid call out of session.c andDarren Tucker
into the platform-specific code Only affects SCO, tested by and ok tim@.
2010-11-22 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patchDarren Tucker
from vapier at gentoo org.
2010-11-20 - jmc@cvs.openbsd.org 2010/11/18 15:01:00Damien Miller
[scp.1 sftp.1 ssh.1 sshd_config.5] add IPQoS to the various -o lists, and zap some trailing whitespace;
2010-11-20 - jmc@cvs.openbsd.org 2010/11/15 07:40:14Damien Miller
[ssh_config.5] libary -> library;
2010-11-20 - djm@cvs.openbsd.org 2010/11/13 23:27:51Damien Miller
[clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
2010-11-20 - djm@cvs.openbsd.org 2010/11/10 01:33:07Damien Miller
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c] use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. these have been around for years by this time. ok markus
2010-11-20 - djm@cvs.openbsd.org 2010/11/05 02:46:47Damien Miller
[packet.c] whitespace KNF
2010-11-11 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys onDamien Miller
platforms that don't support ECC. Fixes some spurious warnings reported by tim@