summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-05-17 - dtucker@cvs.openbsd.org 2013/04/22 07:23:08Darren Tucker
[multiplex.sh] Write mux master logs to regress.log instead of ssh.log to keep separate
2013-05-17 - djm@cvs.openbsd.org 2013/04/18 02:46:12Darren Tucker
[Makefile regress/sftp-chroot.sh] test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
2013-05-17 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03Darren Tucker
[regress/Makefile regress/rekey.sh regress/integrity.sh regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and save the output from any failing tests. If a test fails the debug output from ssh and sshd for the failing tests (and only the failing tests) should be available in failed-ssh{,d}.log.
2013-05-17 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22Darren Tucker
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh regress/multiplex.sh Makefile regress/cfgmatch.sh] Split the regress log into 3 parts: the debug output from ssh, the debug log from sshd and the output from the client command (ssh, scp or sftp). Somewhat functional now, will become more useful when ssh/sshd -E is added.
2013-05-17 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43Darren Tucker
[test-exec.sh] Only regenerate host keys if they don't exist or if ssh-keygen has changed since they were. Reduces test runtime by 5-30% depending on machine speed.
2013-05-17 - djm@cvs.openbsd.org 2013/03/07 00:20:34Darren Tucker
[regress/proxy-connect.sh] repeat test with a style appended to the username
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 10:44:06Darren Tucker
[servconf.c] remove another now-unused variable
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34Darren Tucker
[servconf.c readconf.c] remove now-unused variables
2013-05-16 - (dtucker) [configure.ac readconf.c servconf.cDarren Tucker
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31Darren Tucker
[readconf.c servconf.c] switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41Darren Tucker
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] Fix some "unused result" warnings found via clang and -portable. ok markus@
2013-05-16 - jmc@cvs.openbsd.org 2013/05/16 06:30:06Darren Tucker
[sshd_config.5] oops! avoid Xr to self;
2013-05-16 - jmc@cvs.openbsd.org 2013/05/16 06:28:45Darren Tucker
[ssh_config.5] put IgnoreUnknown in the right place;
2013-05-16 - djm@cvs.openbsd.org 2013/05/16 04:27:50Darren Tucker
[ssh_config.5 readconf.h readconf.c] add the ability to ignore specific unrecognised ssh_config options; bz#866; ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14Darren Tucker
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34Darren Tucker
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c ssh_config.5 packet.h] Add an optional second argument to RekeyLimit in the client to allow rekeying based on elapsed time in addition to amount of traffic. with djm@ jmc@, ok djm
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/10 10:13:50Darren Tucker
[ssh-pkcs11-helper.c] remove unused extern optarg. ok markus@
2013-05-16 - djm@cvs.openbsd.org 2013/05/10 04:08:01Darren Tucker
[key.c] memleak in cert_free(), wasn't actually freeing the struct; bz#2096 from shm AT digitalsun.pl
2013-05-16add missing attributionDarren Tucker
2013-05-16 - djm@cvs.openbsd.org 2013/05/10 03:40:07Darren Tucker
[sshconnect2.c] fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12Darren Tucker
[sftp-server.8] Reference the version of the sftp draft we actually implement. ok djm@
2013-05-16 - tedu@cvs.openbsd.org 2013/04/24 16:01:46Darren Tucker
[misc.c] remove extra parens noticed by nicm
2013-05-16 - tedu@cvs.openbsd.org 2013/04/23 17:49:45Darren Tucker
[misc.c] use xasprintf instead of a series of strlcats and strdup. ok djm
2013-05-16 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to beDamien Miller
executed if mktemp failed; bz#2105 ok dtucker@
2013-05-10 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test soDarren Tucker
we don't get a warning on compilers that *don't* support it. Add -Wno-unknown-warning-option. Move both to the start of the list for maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
2013-05-10 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when theDarren Tucker
underlying libraries support them.
2013-05-10- (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.cDarren Tucker
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb in to use it when we're using our own getopt.
2013-05-10 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.cDarren Tucker
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add portability code to getopt_long.c and switch over Makefile and the ugly hack in modpipe.c. Fixes bz#1448.
2013-05-10 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. NoDarren Tucker
portability changes yet.
2013-05-10 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes toDarren Tucker
getopt.c. Preprocessed source is identical other than line numbers.
2013-05-10 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compilerDarren Tucker
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18Damien Miller
[mux.c] typo in debug output: evitval->exitval
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 12:07:08Damien Miller
[kex.c] remove duplicated list entry pointed out by naddy@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 11:10:18Damien Miller
[ssh.c] add -Q to usage; reminded by jmc@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:06:50Damien Miller
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:03:01Damien Miller
[session.c] reintroduce 1.262 without the connection-killing bug: fatal() when ChrootDirectory specified by running without root privileges; ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:01:00Damien Miller
[ssh-keygen.c] fix some memory leaks; bz#2088 ok dtucker@
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:00:10Damien Miller
[sshd_config.5] document the requirment that the AuthorizedKeysCommand be owned by root; ok dtucker@ markus@
2013-04-23 - djm@cvs.openbsd.org 2013/04/18 02:16:07Damien Miller
[sftp.c] make "sftp -q" do what it says on the sticker: hush everything but errors;
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09Damien Miller
[session.c] revert rev 1.262; it fails because uid is already set here. ok djm@
2013-04-23 - djm@cvs.openbsd.org 2013/04/11 02:27:50Damien Miller
[packet.c] quiet disconnect notifications on the server from error() back to logit() if it is a normal client closure; bz#2057 ok+feedback dtucker@
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27Damien Miller
[sshd.8] clarify -e text. suggested by & ok jmc@
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33Damien Miller
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c] Add -E option to ssh and sshd to append debugging logs to a specified file instead of stderr or syslog. ok markus@, man page help jmc@
2013-04-23 - markus@cvs.openbsd.org 2013/04/06 16:07:00Damien Miller
[channels.c sshd.c] handle ECONNABORTED for accept(); ok deraadt some time ago...
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:58:51Damien Miller
[mux.c] cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too (in addition to ones already in OPEN); bz#2079, ok dtucker@
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:31:49Damien Miller
[pathnames.h] use the existing _PATH_SSH_USER_RC define to construct the other pathnames; bz#2077, ok dtucker@ (no binary change)
2013-04-23 - djm@cvs.openbsd.org 2013/04/05 00:14:00Damien Miller
[auth2-gss.c krl.c sshconnect2.c] hush some {unused, printf type} warnings
2013-04-23 - djm@cvs.openbsd.org 2013/03/08 06:32:58Damien Miller
[ssh.c] allow "ssh -f none ..." ok markus@
2013-04-23 - markus@cvs.openbsd.org 2013/03/07 19:27:25Damien Miller
[auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] add submethod support to AuthenticationMethods; ok and freedback djm@
2013-04-23 - djm@cvs.openbsd.org 2013/03/07 00:19:59Damien Miller
[auth2-pubkey.c monitor.c] reconstruct the original username that was sent by the client, which may have included a style (e.g. "root:skey") when checking public key signatures. Fixes public key and hostbased auth when the client specified a style; ok markus@