summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2013-10-10 - dtucker@cvs.openbsd.org 2013/10/08 11:42:13Darren Tucker
[dh.c dh.h] Increase the size of the Diffie-Hellman groups requested for a each symmetric key size. New values from NIST Special Publication 800-57 with the upper limit specified by RFC4419. Pointed out by Peter Backes, ok djm@.
2013-10-10 - djm@cvs.openbsd.org 2013/09/19 01:26:29Darren Tucker
[sshconnect.c] bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from swp AT swp.pp.ru; ok dtucker@
2013-10-10 - djm@cvs.openbsd.org 2013/09/19 01:24:46Darren Tucker
[channels.c] bz#1297 - tell the client (via packet_send_debug) when their preferred listen address has been overridden by the server's GatewayPorts; ok dtucker@
2013-10-10 - djm@cvs.openbsd.org 2013/09/19 00:49:12Darren Tucker
[sftp-client.c] fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
2013-10-10 - djm@cvs.openbsd.org 2013/09/19 00:24:52Darren Tucker
[progressmeter.c] store the initial file offset so the progress meter doesn't freak out when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@
2013-10-10 - sthen@cvs.openbsd.org 2013/09/16 11:35:43Darren Tucker
[ssh_config] Remove gssapi config parts from ssh_config, as was already done for sshd_config. Req by/ok ajacoutot@ ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
2013-10-09 - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]Damien Miller
[openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, tested tim@
2013-10-09 - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] PullDamien Miller
in OpenBSD implementation of arc4random, shortly to replace the existing bsd-arc4random.c
2013-10-09correct incorrect years in datestamps; from desDamien Miller
2013-09-22 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adjDarren Tucker
setting when handling SIGHUP to maintain behaviour over retart. Patch from Matthew Ife.
2013-09-18 - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.Darren Tucker
2013-09-14 - djm@cvs.openbsd.org 2013/09/13 06:54:34Damien Miller
[channels.c] avoid unaligned access in code that reused a buffer to send a struct in_addr in a reply; simpler just use use buffer_put_int(); from portable; spotted by and ok dtucker@
2013-09-14 - djm@cvs.openbsd.org 2013/09/12 01:41:12Damien Miller
[clientloop.c] fix connection crash when sending break (~B) on ControlPersist'd session; ok dtucker@
2013-09-14 - sthen@cvs.openbsd.org 2013/09/07 13:53:11Damien Miller
[sshd_config] Remove commented-out kerberos/gssapi config options from sample config, kerberos support is currently not enabled in ssh in OpenBSD. Discussed with various people; ok deraadt@ ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
2013-09-14 - deraadt@cvs.openbsd.org 2013/09/02 22:00:34Damien Miller
[ssh-keygen.c sshconnect1.c sshd.c] All the instances of arc4random_stir() are bogus, since arc4random() does this itself, inside itself, and has for a very long time.. Actually, this was probably reducing the entropy available. ok djm ID SYNC ONLY for portable; we don't trust other arc4random implementations to do this right.
2013-09-14 - djm@cvs.openbsd.org 2013/08/31 00:13:54Damien Miller
[sftp.c] make ^w match ksh behaviour (delete previous word instead of entire line)
2013-09-14 - mikeb@cvs.openbsd.org 2013/08/28 12:34:27Damien Miller
[ssh-keygen.c] improve batch processing a bit by making use of the quite flag a bit more often and exit with a non zero code if asked to find a hostname in a known_hosts file and it wasn't there; originally from reyk@, ok djm
2013-09-14 - djm@cvs.openbsd.org 2013/08/22 19:02:21Damien Miller
[sshd.c] Stir PRNG after post-accept fork. The child gets a different PRNG state anyway via rexec and explicit privsep reseeds, but it's good to be sure. ok markus@
2013-09-14add marker for 6.3p1 release at the point of the last included changeDamien Miller
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bitsDamien Miller
until we have configure support.
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code theDamien Miller
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we start to use them in the future.
2013-08-21 - jmc@cvs.openbsd.org 2013/08/20 06:56:07Damien Miller
[ssh.1 ssh_config.5] some proxyusefdpass tweaks;
2013-08-21 - djm@cvs.openbsd.org 2013/08/20 00:11:38Damien Miller
[readconf.c readconf.h ssh_config.5 sshconnect.c] Add a ssh_config ProxyUseFDPass option that supports the use of ProxyCommands that establish a connection and then pass a connected file descriptor back to ssh(1). This allows the ProxyCommand to exit rather than have to shuffle data back and forth and enables ssh to use getpeername, etc. to obtain address information just like it does with regular directly-connected sockets. ok markus@
2013-08-21 - jmc@cvs.openbsd.org 2013/08/14 08:39:27Damien Miller
[scp.1 ssh.1] some Bx/Ox conversion; From: Jan Stary
2013-08-21 - djm@cvs.openbsd.org 2013/08/13 18:33:08Damien Miller
[ssh-keygen.c] another of the same typo
2013-08-21 - djm@cvs.openbsd.org 2013/08/13 18:32:08Damien Miller
[ssh-keygen.c] typo in error message; from Stephan Rickauer
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:56:42Damien Miller
[sftp.c] enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; matching ksh's relatively recent change.
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:39:13Damien Miller
[sftp-client.c] two problems found by a to-be-committed regress test: 1) msg_id was not being initialised so was starting at a random value from the heap (harmless, but confusing). 2) some error conditions were not being propagated back to the caller
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:37:25Damien Miller
[sftp.c] do getopt parsing for all sftp commands (with an empty optstring for commands without arguments) to ensure consistent behaviour
2013-08-21 - djm@cvs.openbsd.org 2013/08/08 05:04:03Damien Miller
[sftp-client.c sftp-client.h sftp.c] add a "-l" flag for the rename command to force it to use the silly standard SSH_FXP_RENAME command instead of the POSIX-rename- like posix-rename@openssh.com extension. intended for use in regress tests, so no documentation.
2013-08-21 - djm@cvs.openbsd.org 2013/08/08 04:52:04Damien Miller
[sftp.c] fix two year old regression: symlinking a file would incorrectly canonicalise the target path. bz#2129 report from delphij AT freebsd.org
2013-08-21 - jmc@cvs.openbsd.org 2013/08/07 06:24:51Damien Miller
[sftp.1 sftp.c] sort -a;
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:06:01Damien Miller
[servconf.c] add cast to avoid format warning; from portable
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:05:01Damien Miller
[sftp.1] document top-level -a option (the -a option to 'get' was already documented)
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:03:49Damien Miller
[sftp.c] fix some whitespace at EOL make list of commands an enum rather than a long list of defines add -a to usage()
2013-08-08 - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -ntDarren Tucker
removal. The "make clean" removes modpipe which is built by the top-level directory before running the tests. Spotted by tim@
2013-08-08 - (dtucker) [misc.c] Remove define added for fallback testing that wasDarren Tucker
mistakenly included in the previous commit.
2013-08-08 - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(Darren Tucker
CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the CLOCK_MONOTONIC define but don't actually support it. Found and tested by Kevin Brott, ok djm.
2013-08-08 - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -ntDarren Tucker
since some platforms (eg really old FreeBSD) don't have it. Instead, run "make clean" before a complete regress run. ok djm.
2013-08-04 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add supportDarren Tucker
for building with older Heimdal versions. ok djm.
2013-08-01 - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134Damien Miller
2013-08-01 - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-Damien Miller
blocking connecting socket will clear any stored errno that might otherwise have been retrievable via getsockopt(). A hack to limit writes to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap it in an #ifdef. Diagnosis and patch from Ivo Raisr.
2013-07-25more correct comment for last commitTim Rice
2013-07-25 - (tim) [regress/forwarding.sh] Fix for building outside read only source tree.Tim Rice
2013-07-25 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers onTim Rice
Solaris and UnixWare. Feedback and OK djm@
2013-07-25 - djm@cvs.openbsd.org 2013/06/21 02:26:26Damien Miller
[regress/sftp-cmds.sh regress/test-exec.sh] unbreak sftp-cmds for renamed test data (s/ls/data/)
2013-07-25 - dtucker@cvs.openbsd.org 2013/06/10 21:56:43Damien Miller
[regress/forwarding.sh] Add test for forward config parsing
2013-07-25 - dtucker@cvs.openbsd.org 2013/05/30 20:12:32Damien Miller
[regress/test-exec.sh] use ssh and sshd as testdata since it needs to be >256k for the rekey test
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:57:37Damien Miller
[version.h] openssh-6.3 for release
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:56:52Damien Miller
[sftp-client.c sftp-client.h sftp.1 sftp.c] sftp support for resuming partial downloads; patch mostly by Loganaden Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@