summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-11-07 - eric@cvs.openbsd.org 2011/11/28 08:46:27Damien Miller
[moduli.5] fix formula ok djm@
2012-11-05 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms thatDarren Tucker
don't have it. Spotted by tim@.
2012-11-05 - (dtucker) [uidswap.c openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids and gids from uidswap.c to the compat library, which allows it to work with the new setresuid calls in auth2-pubkey. with tim@, ok djm@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 11:09:15Damien Miller
[auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] [sshd_config.5] Support multiple required authentication via an AuthenticationMethods option. This option lists one or more comma-separated lists of authentication method names. Successful completion of all the methods in any list is required for authentication to complete; feedback and ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 10:38:43Damien Miller
[auth2-pubkey.c sshd.c sshd_config.5] Remove default of AuthorizedCommandUser. Administrators are now expected to explicitly specify a user. feedback and ok markus@
2012-11-04 - OpenBSD CVS SyncDamien Miller
- jmc@cvs.openbsd.org 2012/10/31 08:04:50 [sshd_config.5] tweak previous;
2012-10-31 - djm@cvs.openbsd.org 2012/10/30 21:29:55Damien Miller
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] [sshd.c sshd_config sshd_config.5] new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
2012-10-31 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2012/10/05 12:34:39 [sftp.c] fix signed vs unsigned warning; feedback & ok: djm@
2012-10-18 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up inTim Rice
the generated file as intended.
2012-10-05 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom"Darren Tucker
2012-10-05 - [umac.c] Enforce allowed umac output sizes. From djm@.Darren Tucker
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/10 01:51:19Darren Tucker
[regress/multiplex.sh] use -Ocheck and waiting for completions by PID to make multiplexing test less racy and (hopefully) more reliable on slow hardware.
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/10 00:49:21Darren Tucker
[regress/multiplex.sh] Log -O cmd output to the log file and make logging consistent with the other tests. Test clean shutdown of an existing channel when testing "stop".
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/09 11:51:25Darren Tucker
[multiplex.sh] Add test for ssh -Ostop
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/06 04:11:07Darren Tucker
[regress/try-ciphers.sh] Restore missing space. (Id sync only).
2012-10-05 - [Makefile umac.c] Add special-case target to build umac128.o.Darren Tucker
2012-10-05remove stray '+' from syncDarren Tucker
2012-10-05 - markus@cvs.openbsd.org 2012/10/04 13:21:50Darren Tucker
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] add umac128 variant; ok djm@ at n2k12 (note: further Makefile work is required)
2012-10-05 - djm@cvs.openbsd.org 2012/10/02 07:07:45Darren Tucker
[ssh-keygen.c] fix -z option, broken in revision 1.215
2012-10-05 - naddy@cvs.openbsd.org 2012/10/01 13:59:51Darren Tucker
[monitor_wrap.c] pasto; ok djm@
2012-10-05 - jmc@cvs.openbsd.org 2012/09/26 16:12:13Darren Tucker
[ssh.1] last stage of rfc changes, using consistent Rs/Re blocks, and moving the references into a STANDARDS section;
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/21 10:55:04Darren Tucker
[sftp.c] Fix handling of filenames containing escaped globbing characters and escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/21 10:53:07Darren Tucker
[sftp.c] Fix improper handling of absolute paths when PWD is part of the completed path. Patch from Jean-Marc Robert via tech@, ok djm.
2012-10-05 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12Darren Tucker
[sftp.c] Add bounds check on sftp tab-completion. Part of a patch from from Jean-Marc Robert via tech@, ok djm
2012-10-05 - markus@cvs.openbsd.org 2012/09/17 13:04:11Darren Tucker
[packet.c] clear old keys on rekeing; ok djm
2012-10-05 - (dtucker) OpenBSD CVS SyncDarren Tucker
- djm@cvs.openbsd.org 2012/09/17 09:54:44 [sftp.c] an XXX for later
2012-09-17 - markus@cvs.openbsd.org 2012/09/14 16:51:34Darren Tucker
[sshconnect.c] remove unused variable
2012-09-17 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36Darren Tucker
[servconf.c] Fix comment line length
2012-09-07Fix author's name for RFC6594 SSHFP changeDarren Tucker
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21Darren Tucker
[clientloop.c] when muxmaster is run with -N, make it shut down gracefully when a client sends it "-O stop" rather than hanging around (bz#1985). ok djm@
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21Darren Tucker
[clientloop.c] Merge escape help text for ~v and ~V; ok djm@
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19Darren Tucker
[clientloop.c] Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@
2012-09-07 - jmc@cvs.openbsd.org 2012/09/06 13:57:42Darren Tucker
[ssh.1] missing letter in previous;
2012-09-07 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13Darren Tucker
[clientloop.c] Make the escape command help (~?) context sensitive so that only commands that will work in the current session are shown. ok markus@ (note: previous commit with this description was a mistake on my part while pulling changes from OpenBSD)
2012-09-07bz#2039: add acknowledgement of the original authors of the ECDSA SSHFP DNSDarren Tucker
work. From Ondřej Surý.
2012-09-06 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13Darren Tucker
[clientloop.c] Make the escape command help (~?) context sensitive so that only commands that will work in the current session are shown. ok markus@
2012-09-06 - dtucker@cvs.openbsd.org 2012/09/06 04:37:39Darren Tucker
[clientloop.c log.c ssh.1 log.h] Add ~v and ~V escape sequences to raise and lower the logging level respectively. Man page help from jmc, ok deraadt jmc
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:30:00Darren Tucker
[compat.c sshconnect.c] Send client banner immediately, rather than waiting for the server to move first for SSH protocol 2 connections (the default). Patch based on one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:25:58Darren Tucker
[ssh-keygen.c] print details of which host lines were deleted when using "ssh-keygen -R host"; ok markus@
2012-09-06 - djm@cvs.openbsd.org 2012/08/17 01:22:56Darren Tucker
[kex.c] add some comments about better handling first-KEX-follows notifications from the server. Nothing uses these right now. No binary change
2012-09-06 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45Darren Tucker
[clientloop.c clientloop.h mux.c] Force a clean shutdown of ControlMaster client sessions when the ~. escape sequence is used. This means that ~. should now work in mux clients even if the server is no longer responding. Found by tedu, ok djm.
2012-09-06 - jmc@cvs.openbsd.org 2012/08/15 18:25:50Darren Tucker
[ssh-keygen.1] a little more info on certificate validity; requested by Ross L Richardson, and provided by djm
2012-08-30 - (dtucker) [moduli] Import new moduli file.Darren Tucker
2012-08-29 - (djm) Release openssh-6.1Damien Miller
2012-08-28 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEANDarren Tucker
for compatibility with future mingw-w64 headers. Patch from vinschen at redhat com.
2012-08-22 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Update version numbers
2012-07-31 - markus@cvs.openbsd.org 2012/07/22 18:19:21Damien Miller
[version.h] openssh 6.1
2012-07-31 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21Damien Miller
[servconf.c] handle long comments in config files better. bz#2025, ok markus
2012-07-31fix truncated entryDamien Miller
2012-07-31 - djm@cvs.openbsd.org 2012/07/10 02:19:15Damien Miller
[servconf.c servconf.h sshd.c sshd_config] Turn on systrace sandboxing of pre-auth sshd by default for new installs by shipping a config that overrides the current UsePrivilegeSeparation=yes default. Make it easier to flip the default in the future by adding too.