| Age | Commit message (Collapse) | Author |
|---|
|
(closes: #141979).
|
|
configuration files to match (closes: #87900, #151321).
|
|
|
|
PasswordAuthentication by default, since it now supports PAM and apparently
works better with a non-threaded sshd.
|
|
(closes: #295757, #308868, and possibly others; may open other bugs).
Use PAM password authentication to avoid #278394. In future I may
provide two sets of binaries built with and without this option, since
it seems I can't win.
|
|
|
|
|
|
|
|
|
|
|
|
spotted by tim@.
|
|
|
|
- (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
argument to passwdexpired to be initialized to NULL. Suggested by tim@
While at it, initialize the other arguments to auth functions in case they
ever acquire this behaviour.
|
|
per the autoconf man page. Configure should always define them but it
doesn't hurt to check.
|
|
version-specific variations as required.
|
|
its presence before doing AC_FUNC_GETPGRP.
|
|
for its presence and include it in the strsep check.
|
|
|
|
one entry per line to make it easier to merge changes. ok djm@
|
|
openbsd-compat/bsd-misc.c] Add support for Ultrix. No, that's not a typo.
Required changes from Bernhard Simon, integrated by me. ok djm@
|
|
David Leach; ok dtucker@
|
|
|
|
|
|
[openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
Add strtonum(3) from OpenBSD libc, new code needs it.
Unfortunately Linux forces us to do a bizarre dance with compiler
options to get LLONG_MIN/MAX; Spotted by and ok dtucker@
|
|
|
|
templates for _getshort and _getlong if missing to prevent compiler warnings
on Linux.
|
|
warning: dereferencing type-punned pointer will break strict-aliasing rules
warning: passing arg 3 of `pam_get_item' from incompatible pointer type
The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
|
|
Cygwin.
|
|
[atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
[ssh-keyscan.c sshconnect.c]
Switch atomicio to use a simpler interface; it now returns a size_t
(containing number of bytes read/written), and indicates error by
returning 0. EOF is signalled by errno==EPIPE.
Typical use now becomes:
if (atomicio(read, ..., len) != len)
err(1,"read");
ok deraadt@, cloder@, djm@
|
|
[ssh-keygen.c]
some style nits from dmiller@, and use a fatal() instead of a printf()/exit
|
|
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
ok markus@
|
|
[moduli.c ssh-keygen.c]
- removes signed/unsigned comparisons in moduli generation
- use strtonum instead of atoi where its easier
- check some strlcpy overflow and fatal instead of truncate
|
|
[ssh_config.5]
oops - article and spacing;
|
|
[ssh_config.5]
give a ProxyCommand example using nc(1), with and ok jmc@
|
|
[includes.h]
fix cast, from grunk AT pestilenz.org
|
|
[sshd_config]
whitespace nit, from grunk AT pestilenz.org
|
|
[sshd_config.5]
sort config options, from grunk AT pestilenz.org; ok jmc@
|
|
[readconf.c servconf.c]
check return value from strdelim() for NULL (AddressFamily); mpech
|
|
[ssh.c]
report real errors on fallback from ControlMaster=no to normal connect
|
|
[ssh.c]
print nice error message for EADDRINUSE as well (ID sync only)
|
|
[readpass.c]
missing {}
|
|
[progressmeter.c ssh-keyscan.c]
add snprintf checks. ok djm@ markus@
|
|
[ssh.c ssh_config.5]
fallback gracefully if client cannot connect to ControlPath. ok djm@
|
|
[sftp-client.h]
spelling correction in comment from wiz@netbsd;
|
|
[readpass.c]
Add debug message if read_passphrase can't open /dev/tty; bz #471;
ok djm@
|
|
[ssh.c]
don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
[sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
variable, so don't say that we do (bz #623); ok deraadt@
|
|
[dns.c]
do not try to look up SSHFP for numerical hostname. ok djm@
|
|
[ssh.1]
arg to -b is an address, not if_name;
ok markus@
|
|
[misc.c misc.h tildexpand.c Makefile.in]
replace tilde_expand_filename with a simpler implementation, ahead of
more whacking; ok deraadt@
|
