| Age | Commit message (Collapse) | Author |
|---|
|
feedback and ok dtucker
|
|
need a shell that can handle "[ file1 -nt file2 ]". Rather than keep
dealing with shell portability issues in regression tests, we let
configure find us a capable shell on those platforms with an old /bin/sh.
|
|
Patch from Nathan Osman.
|
|
to prevent noise from configure. Patch from Nathan Osman.
|
|
[ssh-agent.c]
Make parent_alive_interval time_t to avoid signed/unsigned comparison
|
|
[progressmeter.c]
Add misc.h for monotime prototype. (id sync only)
|
|
- (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy
linking regress/modpipe.
|
|
|
|
|
|
[sftp-client.c]
Update progressmeter when data is acked, not when it's sent. bz#2108, from
Debian via Colin Watson, ok djm@
|
|
back to time(NULL) if we can't find it anywhere.
|
|
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
with the equivalent calls to free.
|
|
|
|
[scp.c sftp-client.c]
Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch
from Nathan Osman via bz#2113. ok deraadt.
(note: corrected bug number from 2085)
|
|
[ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c
channels.c sandbox-systrace.c]
Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like
keepalives and rekeying will work properly over clock steps. Suggested by
markus@, "looks good" djm@.
|
|
[ssh-agent.c]
Use time_t where appropriate. ok djm
|
|
[auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
Standardise logging of supplemental information during userauth. Keys
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. Certificates
contents and CA are logged too.
Pushing all logging onto a single line simplifies log analysis as it is
no longer necessary to relate information scattered across multiple log
entries. "I like it" markus@
|
|
[auth2-pubkey.c]
fix failure to recognise cert-authority keys if a key of a different type
appeared in authorized_keys before it; ok markus@
|
|
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
|
|
rather than trying to enumerate the plaforms that don't have them.
Based on a patch from Nathan Osman, with help from tim@.
|
|
using openssl's DES_crpyt function on platorms that don't have a native
one, eg Android. Based on a patch from Nathan Osman.
|
|
implementation of endgrent for platforms that don't have it (eg Android).
Loosely based on a patch from Nathan Osman, ok djm
|
|
[regress/scp.sh]
use a file extention that's not special on some platforms. from portable
(id sync only)
|
|
[regress/portnum.sh]
use a more portable negated if structure. from portable (id sync only)
|
|
[regress/agent-getpeereid.sh]
don't redirect stdout from sudo. from portable (id sync only)
|
|
[regress/test-exec.sh]
wait a bit longer for startup and use case for absolute path.
from portable (id sync only)
|
|
[regress/sftp.sh]
only compare copied data if sftp succeeds. from portable (id sync only)
|
|
[regress/sftp-badcmds.sh]
remove unused BATCH variable. (id sync only)
|
|
[localcommand.sh]
use backticks for portability. (id sync only)
|
|
[regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
Use SUDO when cat'ing pid files and running the sshd log wrapper so that
it works with a restrictive umask and the pid files are not world readable.
Changes from -portable. (id sync only)
|
|
[regress/try-ciphers.sh]
use expr for math to keep diffs vs portable down
(id sync only)
|
|
rev 1.6 which calls wait.
|
|
|
|
helper function to the portable part of test-exec.sh.
|
|
together and add a couple of missing lines from openbsd.
|
|
Move the jot helper function to portable-specific part of test-exec.sh.
|
|
|
|
|
|
|
|
[regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
regress/multiplex.sh]
Move the setting of DATA and COPY into test-exec.sh
|
|
[regress/integrity.sh]
don't print output from ssh before getting it (it's available in ssh.log)
|
|
[regress/agent-timeout.sh]
Pull back some portability changes from -portable:
- TIMEOUT is a read-only variable in some shells
- not all greps have -q so redirect to /dev/null instead.
(ID sync only)
|
|
|
|
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
regress/ssh-com.sh]
replace 'echo -n' with 'printf' since it's more portable
also remove "echon" hack.
|
|
methods. When the openssl version doesn't support ECDH then next one on
the list is DH group exchange, but that causes a bit more traffic which can
mean that the tests flip bits in the initial exchange rather than the MACed
traffic and we get different errors to what the tests look for.
|
|
in portable and it's long gone in openbsd.
|
|
[regress/rekey.sh]
add tests for RekeyLimit parsing
|
|
[regress/rekey.sh]
add server-side rekey test
|
|
[regress/rekey.sh]
test rekeying when there's no data being transferred
|
|
[rekey.sh]
Add test for time-based rekeying
|
