Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-05-12 | - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older | Damien Miller | |
libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't already. ok dtucker@ | |||
2010-03-26 | - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection | Damien Miller | |
for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson | |||
2010-03-01 | - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM | Darren Tucker | |
adjust log at verbose only, since according to cjwatson in bug #1470 some virtualization platforms don't allow writes. | |||
2010-02-28 | - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment | Damien Miller | |
variables copied into sshd child processes. From vinschen AT redhat.com | |||
2010-01-29 | - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config() | Darren Tucker | |
after registering the hardware engines, which causes the openssl.cnf file to be processed. See OpenSSL's man page for OPENSSL_config(3) for details. Patch from Solomon Peachy, ok djm@. | |||
2010-01-16 | - (dtucker) [openbsd-compat/openbsd-compat.h] Typo. | Darren Tucker | |
2010-01-16 | - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused | Darren Tucker | |
variable warnings. | |||
2010-01-16 | - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by | Darren Tucker | |
Tim. | |||
2010-01-16 | - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid | Darren Tucker | |
and group_from_gid. | |||
2010-01-16 | - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h | Darren Tucker | |
so we correctly detect whether or not we have a native user_from_uid. | |||
2010-01-15 | - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability | Darren Tucker | |
for pwcache. Also, added caching of negative hits. | |||
2010-01-15 | - (dtucker) [openbsd-compat.c/pwcache.c] Pull in pwcache.c from OpenBSD (no | Darren Tucker | |
changes yet but there will be some to come). | |||
2010-01-13 | - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22. | Darren Tucker | |
Fixes bz #1590, where sometimes you could not interrupt a connection while ssh was prompting for a passphrase or password. | |||
2010-01-13 | - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21. | Darren Tucker | |
2010-01-13 | - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's ↵ | Darren Tucker | |
r1.18: missing restore of SIGTTOU and some whitespace. | |||
2009-12-21 | - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}] | Darren Tucker | |
Bug #1583: Use system's kerberos principal name on AIX if it's available. Based on a patch from and tested by Miguel Sanders. | |||
2009-12-08 | - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux, | Darren Tucker | |
based on a patch from Vaclav Ovsik and Colin Watson. ok djm. | |||
2009-10-24 | - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux | Darren Tucker | |
is enabled set the security context to "sftpd_t" before running the internal sftp server Based on a patch from jchadima at redhat. | |||
2009-08-20 | - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move | Darren Tucker | |
the setpcred call on AIX to immediately before the permanently_set_uid(). Ensures that we still have privileges when we call chroot and pam_open_sesson. Based on a patch from David Leonard. | |||
2009-08-17 | - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make | Darren Tucker | |
PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders. | |||
2009-07-13 | - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it | Darren Tucker | |
fits into 16 bits to work around a bug in glibc's resolver where it masks off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob. | |||
2009-03-08 | - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c | Darren Tucker | |
auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old version of Cygwin. Patch from vinschen at redhat com. | |||
2009-03-07 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] | Darren Tucker | |
EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg in openssl 0.9.6) so add an explicit test for it. | |||
2009-03-07 | - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add | Darren Tucker | |
EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions. | |||
2009-02-16 | - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh] | Damien Miller | |
[regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled interop tests from FATAL error to a warning. Allows some interop tests to proceed if others are missing necessary prerequisites. | |||
2009-01-07 | - (tim) [configure.ac defines.h openbsd-compat/port-uw.c | Tim Rice | |
openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI. OK djm@ dtucker@ | |||
2008-08-30 | - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs | Darren Tucker | |
larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd). Patch from Nicholas Marriott. | |||
2008-07-17 | - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Remove long-unneeded compat | Darren Tucker | |
code, replace with equivalent cygwin library call. Patch from vinschen at redhat.comi, ok djm@. | |||
2008-07-14 | - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h] | Damien Miller | |
return EAI_FAMILY when trying to lookup unsupported address family; from vinschen AT redhat.com | |||
2008-07-14 | - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close() | Damien Miller | |
prototype; reported by cristian.ionescu-idbohrn AT axis.com | |||
2008-07-14 | - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to | Damien Miller | |
avoid clash with sin(3) function; reported by cristian.ionescu-idbohrn AT axis.com | |||
2008-06-15 | - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction | Damien Miller | |
replacement code; patch from ighighi AT gmail.com in bz#1240; ok dtucker | |||
2008-06-13 | - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent | Darren Tucker | |
compiler warnings on some platforms. Based on a discussion with otto@ | |||
2008-06-10 | - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6 | Darren Tucker | |
since the new CIDR code in addmatch.c references it. | |||
2008-06-09 | - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c | Darren Tucker | |
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and fstatvfs and remove #defines around statvfs code. ok djm@ | |||
2008-06-04 | - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias | Damien Miller | |
in arc4random_uniform with upper_bound in (2^30,2*31). Note that OpenSSH did not make requests with upper bounds in this range. | |||
2008-05-20 | - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in] | Damien Miller | |
[openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h] Fix compilation on Linux, including pulling in fmt_scaled(3) implementation from OpenBSD's libutil. | |||
2008-05-19 | - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h | Damien Miller | |
2008-05-19 | - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes | Damien Miller | |
2008-05-19 | - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c] | Damien Miller | |
[configure.ac] Implement arc4random_buf(), import implementation of arc4random_uniform() from OpenBSD | |||
2008-05-16 | - (djm) Force string arguments to replacement setproctitle() though | Damien Miller | |
strnvis first. Ok dtucker@ | |||
2008-04-04 | - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile- | Damien Miller | |
time warnings on LynxOS. Patch from ops AT iki.fi | |||
2008-03-27 | - (dtucker) Cache selinux status earlier so we know if it's enabled after a | Darren Tucker | |
chroot. Allows ChrootDirectory to work with selinux support compiled in but not enabled. Using it with selinux enabled will require some selinux support inside the chroot. "looks sane" djm@ | |||
2008-03-09 | - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's | Darren Tucker | |
equivalent of LLONG_MAX for the compat regression tests, which makes them run on AIX and HP-UX. Patch from David Leonard. | |||
2008-03-09 | - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups | Darren Tucker | |
implementation. It's not needed to fix bug #1081 and breaks the build on some AIX configurations. | |||
2008-02-29 | - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in | Darren Tucker | |
configure (and there's not much point, as openssh won't work without it) so HAVE_SELECT is not defined and the poll(2) compat code doesn't get built in. Remove HAVE_SELECT so we can build on platforms without poll. | |||
2008-02-28 | - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement | Darren Tucker | |
getgrouplist via getgrset on AIX, rather than iterating over getgrent. This allows, eg, Match and AllowGroups directives to work with NIS and LDAP groups. | |||
2008-02-28 | - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL | Darren Tucker | |
compat glue into openssl-compat.h. | |||
2008-02-28 | - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c | Darren Tucker | |
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat header to after OpenSSL headers, since some versions of OpenSSL have SSLeay_add_all_algorithms as a macro already. | |||
2008-02-25 | - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle | Darren Tucker | |
headers so ./configure --with-ssl-engine actually works. Patch from Ian Lister. |