summaryrefslogtreecommitdiff
path: root/openbsd-compat
AgeCommit message (Collapse)Author
2011-02-0420110128Damien Miller
- (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled before attempting setfscreatecon(). Check whether matchpathcon() succeeded before using its result. Patch from cjwatson AT debian.org; bz#1851
2011-02-04cherry-pickDamien Miller
20110125 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to port-linux.c to avoid compilation errors. Add -lselinux to ssh when building with SELinux support to avoid linking failure; report from amk AT spamfence.net; ok dtucker
2011-01-28 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabledDamien Miller
before attempting setfscreatecon(). Check whether matchpathcon() succeeded before using its result. Patch from cjwatson AT debian.org; bz#1851
2011-01-25 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.cDamien Miller
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to port-linux.c to avoid compilation errors. Add -lselinux to ssh when building with SELinux support to avoid linking failure; report from amk AT spamfence.net; ok dtucker
2011-01-22 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
RSA_get_default_method() for the benefit of openssl versions that don't have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott, ok djm@.
2011-01-17 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror onDarren Tucker
the tinderbox.
2011-01-17 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the newDarren Tucker
Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback to the old values. Feedback from vapier at gentoo org and djm, ok djm.
2011-01-12 - djm@cvs.openbsd.org 2011/01/12 01:53:14Damien Miller
avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS and sanity check arguments (these will be unnecessary when we switch struct glob members from being type into to size_t in the future); "looks ok" tedu@ feedback guenther@
2011-01-12 - nicm@cvs.openbsd.org 2010/10/08 21:48:42Damien Miller
[openbsd-compat/glob.c] Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit from ARG_MAX to 64K. Fixes glob-using programs (notably ftp) able to be triggered to hit resource limits. Idea from a similar NetBSD change, original problem reported by jasper@. ok millert tedu jasper
2010-12-05 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover fromDarren Tucker
debugging. Spotted by djm.
2010-12-04 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
shims for the new, non-deprecated OpenSSL key generation functions for platforms that don't have the new interfaces.
2010-12-03 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)Damien Miller
instead of (arc4random() % range)
2010-11-22 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patchDarren Tucker
from vapier at gentoo org.
2010-11-08 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] AddTim Rice
support for platforms missing isblank(). ok djm@
2010-11-05 - (dtucker) [configure.ac platform.{c,h} session.cDarren Tucker
openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@
2010-10-24 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came withTim Rice
1.12 to unbreak Solaris build. ok djm@
2010-10-07 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmpDamien Miller
2010-10-07 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.Damien Miller
2010-10-07 - djm@cvs.openbsd.org 2010/10/01 23:05:32Damien Miller
[cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h] adapt to API changes in openssl-1.0.0a NB. contains compat code to select correct API for older OpenSSL
2010-10-07sadly, two typos on one line is not my best recordDamien Miller
2010-10-07unbreak previousDamien Miller
2010-10-07 - djm@cvs.openbsd.org 2010/09/25 09:30:16Damien Miller
[sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h] make use of new glob(3) GLOB_KEEPSTAT extension to save extra server rountrips to fetch per-file stat(2) information. NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to match.
2010-10-07 - matthew@cvs.openbsd.org 2010/09/24 13:33:00Damien Miller
[misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h] [openbsd-compat/timingsafe_bcmp.c] Add timingsafe_bcmp(3) to libc, mention that it's already in the kernel in kern(9), and remove it from OpenSSH. ok deraadt@, djm@ NB. re-added under openbsd-compat/ for portable OpenSSH
2010-09-10 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exactDarren Tucker
return code since it can apparently return -1 under some conditions. From openssh bugs werbittewas de, ok djm@
2010-08-16 - (dtucker) [configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to the compat library which helps on platforms like old IRIX. Based on work by djm, tested by Tom Christensen.
2010-08-10 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it isDamien Miller
already set. Makes FreeBSD user openable tunnels useful; patch from richard.burakowski+ossh AT mrburak.net, ok dtucker@
2010-06-26 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needsTim Rice
key.h.
2010-05-12 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on olderDamien Miller
libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't already. ok dtucker@
2010-03-26 - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detectionDamien Miller
for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
2010-03-01 - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOMDarren Tucker
adjust log at verbose only, since according to cjwatson in bug #1470 some virtualization platforms don't allow writes.
2010-02-28 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environmentDamien Miller
variables copied into sshd child processes. From vinschen AT redhat.com
2010-01-29 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()Darren Tucker
after registering the hardware engines, which causes the openssl.cnf file to be processed. See OpenSSL's man page for OPENSSL_config(3) for details. Patch from Solomon Peachy, ok djm@.
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.Darren Tucker
2010-01-16 - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unusedDarren Tucker
variable warnings.
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted byDarren Tucker
Tim.
2010-01-16 - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uidDarren Tucker
and group_from_gid.
2010-01-16 - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.hDarren Tucker
so we correctly detect whether or not we have a native user_from_uid.
2010-01-15 - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} PortabilityDarren Tucker
for pwcache. Also, added caching of negative hits.
2010-01-15 - (dtucker) [openbsd-compat.c/pwcache.c] Pull in pwcache.c from OpenBSD (noDarren Tucker
changes yet but there will be some to come).
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.Darren Tucker
Fixes bz #1590, where sometimes you could not interrupt a connection while ssh was prompting for a passphrase or password.
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.Darren Tucker
2010-01-13 - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's ↵Darren Tucker
r1.18: missing restore of SIGTTOU and some whitespace.
2009-12-21 - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]Darren Tucker
Bug #1583: Use system's kerberos principal name on AIX if it's available. Based on a patch from and tested by Miguel Sanders.
2009-12-08 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,Darren Tucker
based on a patch from Vaclav Ovsik and Colin Watson. ok djm.
2009-10-24 - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinuxDarren Tucker
is enabled set the security context to "sftpd_t" before running the internal sftp server Based on a patch from jchadima at redhat.
2009-08-20 - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: moveDarren Tucker
the setpcred call on AIX to immediately before the permanently_set_uid(). Ensures that we still have privileges when we call chroot and pam_open_sesson. Based on a patch from David Leonard.
2009-08-17 - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: makeDarren Tucker
PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders.
2009-07-13 - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so itDarren Tucker
fits into 16 bits to work around a bug in glibc's resolver where it masks off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob.
2009-03-08 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.cDarren Tucker
auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old version of Cygwin. Patch from vinschen at redhat com.
2009-03-07 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]Darren Tucker
EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg in openssl 0.9.6) so add an explicit test for it.