Commit Graph

5118 Commits

Author SHA1 Message Date
Damien Miller
9f74105289 - (djm) [ssh-rand-helper.8] manpage nits;
from dleonard AT vintela.com (bz#1529)
2007-01-22 12:44:53 +11:00
Darren Tucker
eae5fa1b58 - (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h
and multiple including it causes problems on old IRIXes.  (It snuck back
   in during a sync.)  Found (again) by Georg Schwarz.
2007-01-17 11:00:13 +11:00
Damien Miller
742cc1c194 - (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in return
value of snprintf replacement, similar to bugs in various libc
   implementations. This overflow is not exploitable in OpenSSH.
   While I'm fiddling with it, make it a fair bit faster by inlining the
   append-char routine; ok dtucker@
2007-01-14 21:20:30 +11:00
Darren Tucker
e67ac00b9b typo 2007-01-14 10:26:25 +11:00
Darren Tucker
9ac56e945b - (dtucker) [ssh-keygen.c] ac -> argv to match earlier sync. 2007-01-14 10:19:59 +11:00
Damien Miller
e2334d600b - stevesk@cvs.openbsd.org 2007/01/03 07:22:36
[sftp-server.c]
     spaces
2007-01-05 16:31:02 +11:00
Damien Miller
b6c85fcf37 - stevesk@cvs.openbsd.org 2007/01/03 04:09:15
[sftp.c]
     ARGSUSED for lint
2007-01-05 16:30:41 +11:00
Damien Miller
80163907ed - stevesk@cvs.openbsd.org 2007/01/03 03:01:40
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
     spaces
2007-01-05 16:30:16 +11:00
Damien Miller
6c7439f963 - stevesk@cvs.openbsd.org 2007/01/03 00:53:38
[ssh-keygen.c]
     remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan
2007-01-05 16:29:55 +11:00
Damien Miller
d94fc72bcd - jmc@cvs.openbsd.org 2007/01/02 09:57:25
[sshd_config.5]
     do not use lists for SYNOPSIS;
     from eric s. raymond via brad
2007-01-05 16:29:30 +11:00
Damien Miller
9fc6a56204 - dtucker@cvs.openbsd.org 2006/12/14 10:01:14
[servconf.c]
     Make "PermitOpen all" first-match within a block to match the way other
     options work.  ok markus@ djm@
2007-01-05 16:29:02 +11:00
Damien Miller
a29b95ec3a - dtucker@cvs.openbsd.org 2006/12/13 08:34:39
[servconf.c]
     Make PermitOpen work with multiple values like the man pages says.
     bz #1267 with details from peter at dmtz.com, with & ok djm@
2007-01-05 16:28:36 +11:00
Damien Miller
1ec462658e - djm@cvs.openbsd.org 2006/12/12 03:58:42
[channels.c compat.c compat.h]
     bz #1019: some ssh.com versions apparently can't cope with the
     remote port forwarding bind_address being a hostname, so send
     them an address for cases where they are not explicitly
     specified (wildcard or localhost bind).  reported by daveroth AT
     acm.org; ok dtucker@ deraadt@
2007-01-05 16:26:45 +11:00
Damien Miller
c0367fb0d2 - markus@cvs.openbsd.org 2006/12/11 21:25:46
[ssh-keygen.1 ssh.1]
     add rfc 4716 (public key format); ok jmc
2007-01-05 16:25:46 +11:00
Damien Miller
3ca8b77179 - ray@cvs.openbsd.org 2006/11/23 01:35:11
[misc.c sftp.c]
     Don't access buf[strlen(buf) - 1] for zero-length strings.
     ``ok by me'' djm@.
2007-01-05 16:24:47 +11:00
Damien Miller
df8b7db16e - (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2006/11/14 19:41:04
     [ssh-keygen.c]
     use argc and argv not some made up short form
2007-01-05 16:22:57 +11:00
Damien Miller
be6db83462 - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@ 2006-12-05 22:58:09 +11:00
Damien Miller
143c2ef1ce - (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would
occur if the server did not have the privsep user and an invalid user
   tried to login and both privsep and krb5 auth are disabled.
2006-12-05 09:08:54 +11:00
Darren Tucker
b0781f79db - markus@cvs.openbsd.org 2006/11/07 13:02:07
[dh.c]
     BN_hex2bn returns int; from dtucker@
2006-11-08 10:01:36 +11:00
Darren Tucker
14ea86391b - (dtucker) Release 4.5p1. 2006-11-07 23:27:34 +11:00
Darren Tucker
c2820c5822 - (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump
versions.
2006-11-07 23:25:45 +11:00
Darren Tucker
fbba735aa3 - markus@cvs.openbsd.org 2006/11/07 10:31:31
[monitor.c version.h]
     correctly check for bad signatures in the monitor, otherwise the monitor
     and the unpriv process can get out of sync. with dtucker@, ok djm@,
     dtucker@
2006-11-07 23:16:08 +11:00
Darren Tucker
0bc85579a9 - markus@cvs.openbsd.org 2006/11/06 21:25:28
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@
2006-11-07 23:14:41 +11:00
Darren Tucker
df0e438a2e - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
if we absolutely need it.  Pointed out by Corinna, ok djm@
2006-11-07 11:28:40 +11:00
Damien Miller
570c2ab1b6 - markus@cvs.openbsd.org 2006/10/31 16:33:12
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
     check DH_compute_key() for -1 even if it should not happen because of
     earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm
2006-11-05 05:32:02 +11:00
Damien Miller
3975ee2c3c - (djm) OpenBSD CVS Sync
- otto@cvs.openbsd.org 2006/10/28 18:08:10
     [ssh.1]
     correct/expand example of usage of -w; ok jmc@ stevesk@
2006-11-05 05:31:33 +11:00
Darren Tucker
4d13ecea54 - (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerr
events fatal in Solaris process contract support and tell it to signal
   only processes in the same process group when something happens.
   Based on information from andrew.benham at thus.net and similar to
   a patch from Chad Mynhier.  ok djm@
2006-11-01 10:28:49 +11:00
Damien Miller
796c6c693d - (djm) [auth.c] gc some dead code 2006-10-28 01:10:15 +10:00
Tim Rice
bcf8be356f - (tim) [Makefile.in scard/Makefile.in] Add datarootdir= lines to keep
autoconf 2.60 from complaining.
2006-10-23 14:44:47 -07:00
Damien Miller
50455890f3 - djm@cvs.openbsd.org 2006/10/22 02:25:50
[sftp-client.c]
     cancel progress meter when upload write fails; ok deraadt@
2006-10-24 03:03:02 +10:00
Damien Miller
985a4485f5 - markus@cvs.openbsd.org 2006/10/11 12:38:03
[clientloop.c serverloop.c]
     exit instead of doing a blocking tcp send if we detect a client/server
     timeout, since the tcp sendqueue might be already full (of alive
     requests); ok dtucker, report mpf
2006-10-24 03:02:41 +10:00
Damien Miller
f4bcd10c4c - markus@cvs.openbsd.org 2006/10/10 10:12:45
[sshconnect.c]
     sleep before retrying (not after) since sleep changes errno; fixes
     pr 5250; rad@twig.com; ok dtucker djm
2006-10-24 03:02:23 +10:00
Damien Miller
990b1a80b5 - djm@cvs.openbsd.org 2006/10/09 23:36:11
[session.c]
     xmalloc -> xcalloc that was missed previously, from portable
     (NB. Id sync only for portable, obviously)
2006-10-24 03:01:56 +10:00
Damien Miller
952dce6593 - djm@cvs.openbsd.org 2006/10/06 02:29:19
[ssh-agent.c ssh-keyscan.c ssh.c]
     sys/resource.h needs sys/time.h; prompted by brad@
     (NB. Id sync only for portable)
2006-10-24 03:01:16 +10:00
Damien Miller
e7658a50f0 - (djm) OpenBSD CVS Sync
- ray@cvs.openbsd.org 2006/09/30 17:48:22
     [sftp.c]
     Clear errno before calling the strtol functions.
     From Paul Stoeber <x0001 at x dot de1 dot cc>.
     OK deraadt@.
2006-10-24 03:00:12 +10:00
Darren Tucker
78802f0af3 - (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warnings
on older versions of OS X.  ok djm@
2006-10-18 22:51:31 +10:00
Darren Tucker
ffe88e15af - ray@cvs.openbsd.org 2006/09/25 04:55:38
[ssh-keyscan.1 ssh.1]
     Change "a SSH" to "an SSH".  Hurray, I'm not the only one who
     pronounces "SSH" as "ess-ess-aich".
     OK jmc@ and stevesk@.
2006-10-18 07:53:06 +10:00
Darren Tucker
a43c005825 - (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macros
on older (2.0) Linuxes.  Based on patch from thmo-13 at gmx de.
2006-10-16 19:49:12 +10:00
Tim Rice
77674b1efa - (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).
Allow setting alternate awk in openssh-config.local.
2006-10-06 18:49:36 -07:00
Darren Tucker
adc947d5a5 - (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing for
SELinux functions so they're detected correctly.  Patch from pebenito at
   gentoo.org.
2006-10-07 09:07:20 +10:00
Tim Rice
09f1093a29 20061006
- (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris.
   Differentiate between OpenServer 5 and OpenServer 6
2006-10-06 14:58:38 -07:00
Tim Rice
1cfab23b7f - (tim) [configure.ac] Move CHECK_HEADERS test before platform specific
section so additional platform specific CHECK_HEADER tests will work
   correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no
   Feedback and "seems like a good idea" dtucker@
2006-10-03 09:34:35 -07:00
Darren Tucker
47bda1ff83 - (dtucker) [audit-bsm.c] Include errno.h. Pointed out by des at des.no. 2006-10-01 08:09:50 +10:00
Darren Tucker
5e8381ee86 - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engine
support.  Patch from andrew.benham at thus net.
2006-09-29 20:16:51 +10:00
Darren Tucker
23dd658e57 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.
2006-09-28 19:40:20 +10:00
Darren Tucker
b4b2f9a6c9 Marker for 4.4p1 release 2006-09-28 19:08:32 +10:00
Darren Tucker
25bd3c0612 - (dtucker) [sftp-server.8] Resync; spotted by djm@ 2006-09-26 20:14:28 +10:00
Darren Tucker
822d3a6fc1 - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not
referenced any more.  ok djm@
2006-09-26 18:59:34 +10:00
Darren Tucker
f2ae7bf4a8 Trim ChangeLog Prior to 4.2p1 2006-09-26 18:57:28 +10:00
Tim Rice
983b35b281 20060924
- (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added
   to rev 1.308) to work around broken gcc 2.x header file.
2006-09-24 12:08:59 -07:00