Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow | Damien Miller | 2010-11-24 | 2 | -1/+3 |
| | | | | group read/write. ok dtucker@ | ||||
* | - (dtucker) [platform.c session.c] Move the getluid call out of session.c and | Darren Tucker | 2010-11-24 | 3 | -7/+13 |
| | | | | into the platform-specific code Only affects SCO, tested by and ok tim@. | ||||
* | - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch | Darren Tucker | 2010-11-22 | 2 | -1/+6 |
| | | | | from vapier at gentoo org. | ||||
* | - jmc@cvs.openbsd.org 2010/11/18 15:01:00 | Damien Miller | 2010-11-20 | 5 | -9/+15 |
| | | | | | [scp.1 sftp.1 ssh.1 sshd_config.5] add IPQoS to the various -o lists, and zap some trailing whitespace; | ||||
* | - jmc@cvs.openbsd.org 2010/11/15 07:40:14 | Damien Miller | 2010-11-20 | 2 | -3/+6 |
| | | | | | [ssh_config.5] libary -> library; | ||||
* | - djm@cvs.openbsd.org 2010/11/13 23:27:51 | Damien Miller | 2010-11-20 | 14 | -27/+230 |
| | | | | | | | | | [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@ | ||||
* | - djm@cvs.openbsd.org 2010/11/10 01:33:07 | Damien Miller | 2010-11-20 | 7 | -17/+37 |
| | | | | | | [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c] use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. these have been around for years by this time. ok markus | ||||
* | - djm@cvs.openbsd.org 2010/11/05 02:46:47 | Damien Miller | 2010-11-20 | 2 | -11/+16 |
| | | | | | [packet.c] whitespace KNF | ||||
* | - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on | Damien Miller | 2010-11-11 | 4 | -0/+11 |
| | | | | | platforms that don't support ECC. Fixes some spurious warnings reported by tim@ | ||||
* | - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add | Tim Rice | 2010-11-08 | 4 | -3/+27 |
| | | | | support for platforms missing isblank(). ok djm@ | ||||
* | - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin. | Tim Rice | 2010-11-08 | 2 | -1/+9 |
| | | | | Feedback from dtucker@ | ||||
* | - (tim) [regress/kextype.sh] Shell portability fix. | Tim Rice | 2010-11-07 | 2 | -2/+3 |
| | |||||
* | - (tim) [regress/Makefile] Fixes to allow building/testing outside source | Tim Rice | 2010-11-07 | 2 | -9/+13 |
| | | | | tree. | ||||
* | - (dtucker) [platform.c] includes.h instead of defines.h so that we get | Darren Tucker | 2010-11-07 | 2 | -2/+6 |
| | | | | the correct typedefs. | ||||
* | - (dtucker) [platform.c] Need servconf.h and extern options. | Darren Tucker | 2010-11-05 | 2 | -1/+8 |
| | |||||
* | - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not | Darren Tucker | 2010-11-05 | 2 | -1/+4 |
| | | | | | strictly correct since while ECC requires sha256 the reverse is not true however it does prevent spurious test failures. | ||||
* | - (dtucker) [regress/kextype.sh] Add missing "test". | Darren Tucker | 2010-11-05 | 2 | -1/+2 |
| | |||||
* | - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh] | Darren Tucker | 2010-11-05 | 7 | -8/+44 |
| | | | | | Import recent changes to regress/Makefile, pass a flag to enable ECC tests from configure through to regress/Makefile and use it in the tests. | ||||
* | - (dtucker) [regress/keytype.sh] Import new test. | Darren Tucker | 2010-11-05 | 2 | -0/+49 |
| | |||||
* | - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case | Darren Tucker | 2010-11-05 | 4 | -6/+22 |
| | | | | check into platform.c | ||||
* | - (dtucker) [platform.c session.c] Move PAM credential establishment for the | Darren Tucker | 2010-11-05 | 3 | -11/+14 |
| | | | | non-LOGIN_CAP case into platform.c. | ||||
* | - (dtucker) [platform.c session.c] Move irix setusercontext fragment into | Darren Tucker | 2010-11-05 | 3 | -5/+9 |
| | | | | platform.c. | ||||
* | - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. | Darren Tucker | 2010-11-05 | 3 | -4/+6 |
| | |||||
* | - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into | Darren Tucker | 2010-11-05 | 3 | -6/+9 |
| | | | | platform.c | ||||
* | - (dtucker) [platform.c session.c] Move the PAM credential establishment for | Darren Tucker | 2010-11-05 | 3 | -6/+17 |
| | | | | the LOGIN_CAP case into platform.c. | ||||
* | - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to | Darren Tucker | 2010-11-05 | 2 | -2/+5 |
| | | | | retain previous behavior. | ||||
* | - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. | Darren Tucker | 2010-11-05 | 3 | -4/+6 |
| | |||||
* | - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into | Darren Tucker | 2010-11-05 | 3 | -19/+21 |
| | | | | platform.c | ||||
* | - (dtucker) [platform.c platform.h session.c] Add a platform hook to run | Darren Tucker | 2010-11-05 | 4 | -10/+27 |
| | | | | after the user's groups are established and move the selinux calls into it. | ||||
* | - (dtucker) [configure.ac platform.{c,h} session.c | Darren Tucker | 2010-11-05 | 7 | -6/+71 |
| | | | | | | openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@ | ||||
* | - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of | Damien Miller | 2010-11-05 | 3 | -12/+15 |
| | | | | int. Should fix bz#1817 cleanly; ok dtucker@ | ||||
* | - djm@cvs.openbsd.org 2010/11/04 02:45:34 | Damien Miller | 2010-11-05 | 2 | -8/+12 |
| | | | | | | [sftp-server.c] umask should be parsed as octal. reported by candland AT xmission.com; ok markus@ | ||||
* | - jmc@cvs.openbsd.org 2010/10/28 18:33:28 | Damien Miller | 2010-11-05 | 8 | -23/+17 |
| | | | | | [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] knock out some "-*- nroff -*-" lines; | ||||
* | - djm@cvs.openbsd.org 2010/10/28 11:22:09 | Damien Miller | 2010-11-05 | 5 | -23/+39 |
| | | | | | | | | | | [authfile.c key.c key.h ssh-keygen.c] fix a possible NULL deref on loading a corrupt ECDH key store ECDH group information in private keys files as "named groups" rather than as a set of explicit group parameters (by setting the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and retrieves the group's OpenSSL NID that we need for various things. | ||||
* | - djm@cvs.openbsd.org 2010/09/22 12:26:05 | Damien Miller | 2010-11-05 | 3 | -2/+35 |
| | | | | | [regress/Makefile regress/kextype.sh] regress test for each of the key exchange algorithms that we support | ||||
* | - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a | Darren Tucker | 2010-10-25 | 2 | -5/+7 |
| | | | | native one. | ||||
* | - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with | Tim Rice | 2010-10-24 | 2 | -1/+5 |
| | | | | | 1.12 to unbreak Solaris build. ok djm@ | ||||
* | - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't | Darren Tucker | 2010-10-24 | 2 | -1/+7 |
| | | | | have it. | ||||
* | - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms | Darren Tucker | 2010-10-24 | 2 | -4/+13 |
| | | | | which don't have ECC support in libcrypto. | ||||
* | - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms | Darren Tucker | 2010-10-24 | 2 | -6/+15 |
| | | | | which don't have ECC support in libcrypto. | ||||
* | - sthen@cvs.openbsd.org 2010/10/23 22:06:12 | Darren Tucker | 2010-10-24 | 2 | -2/+8 |
| | | | | | | [sftp.c] escape '[' in filename tab-completion; fix a type while there. ok djm@ | ||||
* | - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build. | Darren Tucker | 2010-10-24 | 2 | -1/+4 |
| | |||||
* | - djm@cvs.openbsd.org 2010/08/31 12:24:09 | Damien Miller | 2010-10-21 | 3 | -13/+32 |
| | | | | | [regress/cert-hostkey.sh regress/cert-userkey.sh] tests for ECDSA certificates | ||||
* | - OpenBSD CVS Sync | Damien Miller | 2010-10-21 | 2 | -2/+9 |
| | | | | | | - dtucker@cvs.openbsd.org 2010/10/12 02:22:24 [mux.c] Typo in confirmation message. bz#1827, patch from imorgan at nas nasa gov | ||||
* | - (djm) [sshconnect.c] Need signal.h for prototype for kill(2) | Damien Miller | 2010-10-12 | 2 | -0/+2 |
| | |||||
* | - (djm) [canohost.c] Zero a4 instead of addr to better match type. | Damien Miller | 2010-10-12 | 2 | -1/+5 |
| | | | | bz#1825, reported by foo AT mailinator.com | ||||
* | - (djm) [configure.ac] Use = instead of == in shell tests. Patch from | Damien Miller | 2010-10-11 | 2 | -3/+7 |
| | | | | dr AT vasco.com | ||||
* | - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp | Damien Miller | 2010-10-07 | 2 | -2/+3 |
| | |||||
* | - (djm) [cipher-acss.c] Add missing header. | Damien Miller | 2010-10-07 | 2 | -0/+2 |
| | |||||
* | - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code. | Damien Miller | 2010-10-07 | 2 | -1/+2 |
| |