Age | Commit message (Collapse) | Author |
|
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
|
|
[packet.c]
Set TCP_NODELAY for all connections not just "interactive" ones. Fixes
poor performance and protocol stalls under some network conditions (mindrot
bugs #556 and #981). Patch originally from markus@, ok djm@
|
|
[includes.h packet.c]
move #include <netinet/in_systm.h> and <netinet/ip.h> out of
includes.h; ok markus@
|
|
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
|
|
[packet.c]
missing packet_init_compression(); from solar
|
|
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
[sshconnect2.c sshd.c sshd_config sshd_config.5]
add a new compression method that delays compression until the user
has been authenticated successfully and set compression to 'delayed'
for sshd.
this breaks older openssh clients (< 3.5) if they insist on
compression, so you have to re-enable compression in sshd_config.
ok djm@
|
|
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
[bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
[kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
[servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
[ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
make this -Wsign-compare clean; ok avsm@ markus@
NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
NB2. more work may be needed to make portable Wsign-compare clean
|
|
[packet.c ssh1.h]
disconnect for invalid (out of range) message types.
|
|
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
|
|
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
[sshd.c]
set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
|
|
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
improve some code lint did not like; djm millert ok
|
|
|
|
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
|
|
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
|
|
[packet.c sshd.c]
do not call packet_close on fatal; ok deraadt
|
|
[packet.c]
buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
|
|
[packet.c]
the 2^(blocksize*2) rekeying limit is too expensive for 3DES,
blowfish, etc, so enforce a 1GB limit for small blocksizes.
|
|
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
int -> u_int; ok djm@, deraadt@, mouring@
|
|
[packet.c progressmeter.c]
mostly ansi cleanup; pval ok
|
|
|
|
furrier@iglou.com
|
|
[*.c *.h]
rename log() into logit() to avoid name conflict. markus ok, from
netbsd
- (djm) XXX - Performed locally using:
"perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h"
- (djm) Fix up missing include for packet.c
|
|
|
|
- markus@cvs.openbsd.org 2003/04/02 09:48:07
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
reapply rekeying chage, tested by henning@, ok djm@
|
|
packet_set_tos() function call. bug #527
|
|
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
|
|
[packet.c]
static
|
|
[packet.c]
move tos handling to packet_set_tos; ok provos/henning/deraadt
|
|
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
debug->debug2, unify debug messages
|
|
[packet.c]
log before send disconnect; ok djm@
|
|
[packet.c]
use %u for u_int
|
|
[channels.c packet.c]
blah blah minor nothing as i read and re-read and re-read...
|
|
[packet.c]
packet_get_int() returns unsigned for reason & seqnr
|
|
[cipher.c monitor.c monitor_wrap.c packet.c packet.h]
make the monitor sync the transfer ssh1 session key;
transfer keycontext only for RC4 (this is still depends on EVP
implementation details and is broken).
|
|
[packet.c]
remove __FUNCTION__
|
|
patch from openssh@misc.tecq.org
|
|
[packet.c]
debug->debug3 for extra padding
|
|
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
|
|
[packet.c packet.h]
export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep
|
|
revert
|
|
PAM, Cygwin and OSF SIA will not work for sure
|
|
[canohost.c channels.c packet.c sshd.c]
remove unneeded casts in [gs]etsockopt(); ok markus@
|
|
[packet.c]
make 'cp' unsigned and merge with 'ucp'; ok stevesk@
|
|
[authfile.c cipher.c cipher.h kex.c kex.h packet.c]
hide some more implementation details of cipher.[ch] and prepares for move
to EVP, ok deraadt@
|
|
[packet.c]
need misc.h for set_nodelay()
|
|
- stevesk@cvs.openbsd.org 2002/01/24 21:09:25
[channels.c misc.c misc.h packet.c]
add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning).
no nagle changes just yet; ok djm@ markus@
|
|
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@
|
|
[packet.c]
handle received SSH2_MSG_UNIMPLEMENTED messages; ok djm@
|
|
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
|
|
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
|