| Age | Commit message (Collapse) | Author |
|---|
|
configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
support, based on patches from Tomas Mraz and jchadima at redhat.
|
|
the tinderbox.
|
|
|
|
[regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
disabled on platforms that do not support them; add a "config_defined()"
shell function that greps for defines in config.h and use them to decide
on feature tests.
Convert a couple of existing grep's over config.h to use the new function
Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
backslash characters in filenames, enable it for Cygwin and use it to turn
of tests for quotes backslashes in sftp-glob.sh.
based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
|
|
Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
to the old values. Feedback from vapier at gentoo org and djm, ok djm.
|
|
ssh-add to avoid $SUDO failures on Linux
|
|
its unique snowflake of a gdb error to the ones we look for.
|
|
$PATH, fix cleanup of droppings; reported by openssh AT
roumenpetrov.info; ok dtucker@
|
|
[clientloop.c]
a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
now that we use atomicio(), convert them from while loops to if statements
add test and cast to compile cleanly with -Wsigned
|
|
[sshconnect.c]
reset the SIGPIPE handler when forking to execute child processes;
ok dtucker@
|
|
[clientloop.c]
Use atomicio when flushing protocol 1 std{out,err} buffers at
session close. This was a latent bug exposed by setting a SIGCHLD
handler and spotted by kevin.brott AT gmail.com; ok dtucker@
|
|
on configurations that don't have it.
|
|
|
|
ecdsa bits.
|
|
|
|
host-key-force target rather than a substitution that is replaced with a
comment so that the Makefile.in is still a syntactically valid Makefile
(useful to run the distprep target)
|
|
[PROTOCOL.mux]
correct protocol names and add a couple of missing protocol number
defines; patch from bert.wesarg AT googlemail.com
|
|
[mux.c]
correct error messages; patch from bert.wesarg AT googlemail.com
|
|
should not depend on ECC support
|
|
#define that was causing diffie-hellman-group-exchange-sha256 to be
incorrectly disabled
|
|
target
|
|
gcc warning on platforms where it defaults to int
|
|
ecdsa keys. ok djm.
|
|
|
|
|
|
flag tests that don't depend on gcc version at all; suggested by and
ok dtucker@
|
|
silly warnings on write() calls we don't care succeed or not.
|
|
avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
and sanity check arguments (these will be unnecessary when we switch
struct glob members from being type into to size_t in the future);
"looks ok" tedu@ feedback guenther@
|
|
[openbsd-compat/glob.c]
Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
from ARG_MAX to 64K.
Fixes glob-using programs (notably ftp) able to be triggered to hit
resource limits.
Idea from a similar NetBSD change, original problem reported by jasper@.
ok millert tedu jasper
|
|
[clientloop.c ssh-keygen.c sshd.c]
some unsigned long long casts that make things a bit easier for
portable without resorting to dropping PRIu64 formats everywhere
|
|
[sshlogin.c]
fd leak on error paths; from zinovik@
NB. Id sync only; we use loginrec.c that was also audited and fixed
recently
|
|
[clientloop.c]
use host and not options.hostname, as the latter may have unescaped
substitution characters
|
|
|
|
source tree.
|
|
openssh AT roumenpetrov.info
|
|
test on OSX and others. Reported by imorgan AT nas.nasa.gov
|
|
[sshconnect.c]
reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
ok markus@
|
|
[regress/Makefile regress/host-expand.sh]
regress test for LocalCommand %n expansion from bert.wesarg AT
googlemail.com; ok markus@
|
|
[clientloop.c]
when exiting due to ServerAliveTimeout, mention the hostname that caused
it (useful with backgrounded controlmaster)
|
|
[ssh.c]
unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
googlemail.com; ok markus@
|
|
for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
|
|
[ssh-keyscan.c]
handle ecdsa-sha2 with various key lengths; hint and ok djm@
|
|
[auth-options.c]
don't send the actual forced command in a debug message; ok markus deraadt
|
|
[readpass.c]
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss
the the askpass child's exit status. Correct test for exit status/signal to
account for waitpid() failure; with claudio@ ok claudio@ markus@
|
|
[sshconnect.c]
don't mention key type in key-changed-warning, since we also print
this warning if a new key type appears. ok djm@
|
|
[scp.1 scp.c]
scp.1: grammer fix
scp.c: add -3 to usage()
|
|
[scp.1 scp.c]
add a new -3 option to scp: Copies between two remote hosts are
transferred through the local host. Without this option the data
is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
|
|
formatter if it is present, followed by nroff and groff respectively.
Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
in favour of mandoc). feedback and ok tim
|
|
|
|
with Heimdal krb5 support. On OpenBSD this library no longer exists,
so linking it unconditionally causes a build failure; ok dtucker
|
