Age | Commit message (Collapse) | Author |
|
- sftp(1): add support for resuming partial downloads using the "reget"
command and on the sftp commandline or on the "get" commandline using
the "-a" (append) option (closes: #158590).
- ssh(1): add an "IgnoreUnknown" configuration option to selectively
suppress errors arising from unknown configuration directives (closes:
#436052).
- sftp(1): update progressmeter when data is acknowledged, not when it's
sent (partially addresses #708372).
- ssh(1): do not fatally exit when attempting to cleanup multiplexing-
created channels that are incompletely opened (closes: #651357).
|
|
|
|
until we have configure support.
|
|
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
start to use them in the future.
|
|
for building with older Heimdal versions. ok djm.
|
|
platforms that don't have multibyte character support (specifically,
mblen).
|
|
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
with the equivalent calls to free.
|
|
using openssl's DES_crpyt function on platorms that don't have a native
one, eg Android. Based on a patch from Nathan Osman.
|
|
implementation of endgrent for platforms that don't have it (eg Android).
Loosely based on a patch from Nathan Osman, ok djm
|
|
|
|
- Only warn for missing identity files that were explicitly specified
(closes: #708275).
- Fix bug in contributed contrib/ssh-copy-id script that could result in
"rm *" being called on mktemp failure (closes: #708419).
|
|
|
|
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
|
|
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
in to use it when we're using our own getopt.
|
|
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
portability code to getopt_long.c and switch over Makefile and the ugly
hack in modpipe.c. Fixes bz#1448.
|
|
portability changes yet.
|
|
getopt.c. Preprocessed source is identical other than line numbers.
|
|
- Add support for multiple required authentication in SSH protocol 2 via
an AuthenticationMethods option (closes: #195716).
- Fix Sophie Germain formula in moduli(5) (closes: #698612).
- Update ssh-copy-id to Phil Hands' greatly revised version (closes:
#99785, #322228, #620428; LP: #518883, #835901, #1074798).
|
|
|
|
to avoid conflicting definitions of __int64, adding the required bits.
Patch from Corinna Vinschen.
(pulled from HEAD but kept the ChangeLog date as it was)
|
|
to avoid conflicting definitions of __int64, adding the required bits.
Patch from Corinna Vinschen.
|
|
[openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
so mark it as broken. Patch from des AT des.no
|
|
Add a usleep replacement for platforms that lack it; ok dtucker
|
|
an argument. Pointed out by djm.
|
|
group strto* function prototypes together.
|
|
openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
platforms that don't have it.
|
|
|
|
Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
|
|
[Makefile.in acss.c acss.h cipher-acss.c cipher.c]
[openbsd-compat/openssl-compat.h]
remove ACSS, now that it is gone from libcrypto too
|
|
libcrypto that lacks EVP_CIPHER_CTX_ctrl
|
|
__attribute__ on return values and work around if necessary. ok djm@
|
|
version.
|
|
Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
prototypes for openssl-1.0.0-fips.
|
|
Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
cipher compat code to openssl-compat.h
|
|
TAILQ_FOREACH_SAFE needed for upcoming changes.
|
|
openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids
and gids from uidswap.c to the compat library, which allows it to work with
the new setresuid calls in auth2-pubkey. with tim@, ok djm@
|
|
- Enable pre-auth sandboxing by default for new installs.
- Allow "PermitOpen none" to refuse all port-forwarding requests
(closes: #543683).
|
|
|
|
for compatibility with future mingw-w64 headers. Patch from vinschen at
redhat com.
|
|
platforms that don't have it. "looks good" tim@
|
|
pointer deref in the client when built with LDNS and using DNSSEC with a
CNAME. Patch from gregdlg+mr at hochet info.
|
|
- Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections
(closes: #643312, #650512).
- Add a new privilege separation sandbox implementation for Linux's new
seccomp sandbox, automatically enabled on platforms that support it.
(Note: privilege separation sandboxing is still experimental.)
|
|
|
|
assumptions when building on Cygwin; patch from Corinna Vinschen
|
|
systems where sshd is run in te wrong context. Patch from Sven
Vermeulen; ok dtucker@
|
|
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
ok dtucker@
|
|
preserved Cygwin environment variables; from Corinna Vinschen
|
|
null implementation of HMAC_CTX_init for the benefit of old versions
of OpenSSL that don't have it.
|
|
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
|
|
|