| Age | Commit message (Collapse) | Author |
|---|
|
- Enable pre-auth sandboxing by default for new installs.
- Allow "PermitOpen none" to refuse all port-forwarding requests
(closes: #543683).
|
|
|
|
for compatibility with future mingw-w64 headers. Patch from vinschen at
redhat com.
|
|
platforms that don't have it. "looks good" tim@
|
|
pointer deref in the client when built with LDNS and using DNSSEC with a
CNAME. Patch from gregdlg+mr at hochet info.
|
|
- Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections
(closes: #643312, #650512).
- Add a new privilege separation sandbox implementation for Linux's new
seccomp sandbox, automatically enabled on platforms that support it.
(Note: privilege separation sandboxing is still experimental.)
|
|
|
|
assumptions when building on Cygwin; patch from Corinna Vinschen
|
|
systems where sshd is run in te wrong context. Patch from Sven
Vermeulen; ok dtucker@
|
|
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
ok dtucker@
|
|
preserved Cygwin environment variables; from Corinna Vinschen
|
|
null implementation of HMAC_CTX_init for the benefit of old versions
of OpenSSL that don't have it.
|
|
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
|
|
|
|
openbsd-compat/strnlen.c] Add strnlen to the compat library.
|
|
of static __findenv() function from upstream setenv.c
|
|
[openbsd-compat/inet_ntop.c]
fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
|
|
marker. The upstream API has changed (function and structure names)
enough to put it out of sync with other providers of this interface.
|
|
The file was totally rewritten between what we had in tree and -current.
|
|
[mktemp.c]
Remove useless code, the kernel will set errno appropriately if an
element in the path does not exist. OK deraadt@ pvalchev@
|
|
[mktemp.c]
use arc4random_uniform(); ok djm millert
|
|
upstream version is YPified and we don't want this
|
|
[mktemp.c]
Comment fix about time consumption of _gettemp.
FreeBSD did this in revision 1.20.
OK deraadt@, krw@
|
|
longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
want this longhand version)
|
|
[openbsd-compat/strlcpy.c]
Convert do {} while loop -> while {} for clarity. No binary change
on most architectures. From Oliver Smith. OK deraadt@ and henning@
|
|
[glob.c]
fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
applied only to the gl_pathv vector and not the corresponding gl_statv
array. reported in OpenSSH bz#1935; feedback and okay matthew@
|
|
[glob.c]
In glob(3), limit recursion during matching attempts. Similar to
fnmatch fix. Also collapse consecutive '*' (from NetBSD).
ok miod deraadt
|
|
[openbsd-compat/glob.c]
When the max number of items for a directory has reached GLOB_LIMIT_READDIR
an error is returned but closedir() is not called.
spotted and fix provided by Frank Denis obsd-tech@pureftpd.org
ok otto@, millert@
|
|
- Introduce sandboxing of the pre-auth privsep child using an optional
sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
mandatory restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
- The pre-authentication sshd(8) privilege separation slave process now
logs via a socket shared with the master process, avoiding the need to
maintain /dev/log inside the chroot (closes: #75043, #429243,
#599240).
- ssh(1) now warns when a server refuses X11 forwarding (closes:
#504757).
- sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
separated by whitespace (closes: #76312). The authorized_keys2
fallback is deprecated but documented (closes: #560156).
- ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
ToS/DSCP (closes: #498297).
- ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
- < /path/to/key" (closes: #229124).
- Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
- Say "required" rather than "recommended" in unprotected-private-key
warning (LP: #663455).
|
|
|
|
to switch SELinux context away from unconfined_t, based on patch from
Jan Chadima; bz#1919 ok dtucker@
|
|
binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
|
|
change error by reporting old and new context names Patch from
jchadima at redhat.
|
|
--with-ssl-engine which was broken with the change from deprecated
SSLeay_add_all_algorithms(). ok djm
|
|
for closefrom() in test code. Report from Dan Wallis via Gentoo.
|
|
selinux code. Patch from Leonardo Chiquitto.
|
|
- Fix stack information leak in legacy certificate signing
(http://www.openssh.com/txt/legacy-cert.adv).
|
|
|
|
- (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
before attempting setfscreatecon(). Check whether matchpathcon()
succeeded before using its result. Patch from cjwatson AT debian.org;
bz#1851
|
|
20110125
- (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
port-linux.c to avoid compilation errors. Add -lselinux to ssh when
building with SELinux support to avoid linking failure; report from
amk AT spamfence.net; ok dtucker
|
|
before attempting setfscreatecon(). Check whether matchpathcon()
succeeded before using its result. Patch from cjwatson AT debian.org;
bz#1851
|
|
(LP: #708571).
|
|
SELinux build fix.
|
|
|
|
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
port-linux.c to avoid compilation errors. Add -lselinux to ssh when
building with SELinux support to avoid linking failure; report from
amk AT spamfence.net; ok dtucker
|
|
- Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA
offer better performance than plain DH and DSA at the same equivalent
symmetric key length, as well as much shorter keys.
- sftp(1)/sftp-server(8): add a protocol extension to support a hard
link operation. It is available through the "ln" command in the
client. The old "ln" behaviour of creating a symlink is available
using its "-s" option or through the preexisting "symlink" command.
- scp(1): Add a new -3 option to scp: Copies between two remote hosts
are transferred through the local host (closes: #508613).
- ssh(1): "atomically" create the listening mux socket by binding it on
a temporary name and then linking it into position after listen() has
succeeded. This allows the mux clients to determine that the server
socket is either ready or stale without races (closes: #454784).
Stale server sockets are now automatically removed (closes: #523250).
- ssh(1): install a SIGCHLD handler to reap expired child process
(closes: #594687).
- ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
temporary directories (closes: #357469, although only if you arrange
for ssh-agent to actually see $TMPDIR since the setgid bit will cause
it to be stripped off).
|
|
|
|
RSA_get_default_method() for the benefit of openssl versions that don't
have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott,
ok djm@.
|
|
the tinderbox.
|
|
Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
to the old values. Feedback from vapier at gentoo org and djm, ok djm.
|
