summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* establish V_6_7 branchV_6_7_P1V_6_7Damien Miller2014-10-071-0/+1
|
* - (djm) Release OpenSSH-6.7Damien Miller2014-10-071-0/+3
|
* - (djm) [sshd_config.5] typo; from Iain MorganDamien Miller2014-10-032-1/+4
|
* - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]Damien Miller2014-10-014-3/+53
| | | | | | [openbsd-compat/openbsd-compat.h] Kludge around bad glibc _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; ok dtucker@
* - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;Damien Miller2014-09-102-0/+8
| | | | patch from Felix von Leitner; ok dtucker
* 20140908Darren Tucker2014-09-092-4/+7
| | | | - (dtucker) [INSTALL] Update info about egd. ok djm@
* - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNGDamien Miller2014-09-042-1/+4
|
* - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading toDamien Miller2014-09-032-32/+2
| | | | permissions/ACLs; from Corinna Vinschen
* - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h andDamien Miller2014-09-033-11/+16
| | | | conditionalise to avoid duplicate definition.
* - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@Damien Miller2014-08-302-3/+4
|
* - (djm) [openbsd-compat/openssl-compat.h] add include guardDamien Miller2014-08-302-5/+10
|
* - (djm) [misc.c] Missing newline between functionsDamien Miller2014-08-302-0/+2
|
* - (djm) [openbsd-compat/openssl-compat.h] addDamien Miller2014-08-302-2/+13
| | | | OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
* - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()Damien Miller2014-08-273-5/+30
| | | | | | using memset_s() where possible; improve fallback to indirect bzero via a volatile pointer to give it more of a chance to avoid being optimised away.
* - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauthDamien Miller2014-08-273-4/+5
| | | | monitor, not preauth; bz#2263
* - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]Damien Miller2014-08-277-7/+29
| | | | | | | | | [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h on !ECC OpenSSL systems
* - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,Damien Miller2014-08-262-10/+17
| | | | update OpenSSL version requirement.
* - (djm) [bufec.c] Skip this file on !ECC OpenSSLDamien Miller2014-08-262-1/+7
|
* - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but notDamien Miller2014-08-242-2/+6
| | | | PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
* - (djm) [configure.ac] We now require a working vsnprintf everywhere (notDamien Miller2014-08-232-12/+21
| | | | | just for systems that lack asprintf); check for it always and extend test to catch more brokenness. Fixes builds on Solaris <= 9
* - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode onDamien Miller2014-08-232-0/+8
| | | | lastlog writing on platforms with high UIDs; bz#2263
* - (djm) [configure.ac] double braces to appease autoconfDamien Miller2014-08-222-3/+4
|
* - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/Damien Miller2014-08-222-2/+4
| | | | definition mismatch) and warning for broken/missing snprintf case.
* - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECCDamien Miller2014-08-222-1/+4
|
* - (djm) [configure.ac] include leading zero characters in OpenSSL versionDamien Miller2014-08-222-4/+8
| | | | number; fixes test for unsupported versions
* - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems thatDamien Miller2014-08-212-0/+15
| | | | don't set __progname. Diagnosed by Tom Christensen.
* - (djm) [key.h] Fix ifdefs for no-ECC OpenSSLDamien Miller2014-08-212-2/+3
|
* - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.Damien Miller2014-08-212-3/+6
|
* - (djm) [contrib/cygwin/README] Correct build instructions; from CorinnaDamien Miller2014-08-202-1/+2
|
* - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECCDamien Miller2014-08-202-14/+25
|
* - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather thanDamien Miller2014-08-202-2/+4
| | | | -L/-l; fixes linking problems on some platforms
* - (djm) [configure.ac] Check OpenSSL version is supported at configure time;Damien Miller2014-08-202-3/+15
| | | | suggested by Kevin Brott
* - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]Damien Miller2014-08-196-21/+6
| | | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions of TCP wrappers.
* - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIGDamien Miller2014-08-192-0/+2
|
* - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.Damien Miller2014-08-192-5/+12
|
* - (djm) [myproposal.h] Make curve25519 KEX dependent onDamien Miller2014-08-191-1/+1
| | | | HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
* - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna VinschenDamien Miller2014-08-192-4/+11
|
* - (djm) [README contrib/caldera/openssh.spec]Damien Miller2014-08-105-6/+10
| | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
* - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociateDamien Miller2014-08-012-2/+4
| | | | nc from stdin, it's more portable
* - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdinDamien Miller2014-08-012-2/+4
| | | | is closed; avoid regress failures when stdin is /dev/null
* - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We needDamien Miller2014-08-012-4/+12
| | | | a better solution, but this will have to do for now.
* - schwarze@cvs.openbsd.org 2014/07/28 15:40:08Damien Miller2014-07-303-9/+14
| | | | | | | [sftp-server.8 sshd_config.5] some systems no longer need /dev/log; issue noticed by jirib; ok deraadt
* - dtucker@cvs.openbsd.org 2014/07/25 21:22:03Damien Miller2014-07-302-1/+8
| | | | | | | | [ssh-agent.c] Clear buffer used for handling messages. This prevents keys being left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
* - OpenBSD CVS SyncDamien Miller2014-07-302-5/+14
| | | | | | - millert@cvs.openbsd.org 2014/07/24 22:57:10 [ssh.1] Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
* - (djm) [regress/multiplex.sh] restore incorrectly deleted line;Damien Miller2014-07-252-1/+5
| | | | pointed out by Christian Hesse
* - dtucker@cvs.openbsd.org 2014/07/22 23:35:38Darren Tucker2014-07-2375-217/+222
| | | | | | [regress/unittests/sshkey/testdata/*] Regenerate test keys with certs signed with ed25519 instead of ecdsa. These can be used in -portable on platforms that don't support ECDSA.
* - dtucker@cvs.openbsd.org 2014/07/22 23:57:40Darren Tucker2014-07-232-0/+4
| | | | | [regress/unittests/sshkey/mktestdata.sh] Add $OpenBSD tag to make syncs easier
* - dtucker@cvs.openbsd.org 2014/07/22 23:23:22Darren Tucker2014-07-232-3/+7
| | | | | | [regress/unittests/sshkey/mktestdata.sh] Sign test certs with ed25519 instead of ecdsa so that they'll work in -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
* - djm@cvs.openbsd.org 2014/07/22 01:32:12Darren Tucker2014-07-232-1/+6
| | | | | | | [regress/multiplex.sh] change the test for still-open Unix domain sockets to be robust against nc implementations that produce error messages. from -portable (Id sync only)
* - guenther@cvs.openbsd.org 2014/07/22 07:13:42Darren Tucker2014-07-232-1/+6
| | | | | | | [umac.c] Convert from <sys/endian.h> to the shiney new <endian.h> ok dtucker@, who also confirmed that -portable handles this already (ID sync only, includes.h pulls in endian.h if available.)
View Lorry Controller Status