summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add the standard environment variable passing to sshbaserock/tiagogomes/armv8l64baserock/morphTiago Gomes2015-02-112-1/+5
| | | | | | Conflicts: ssh_config sshd_config
* openssh: add systemd service filesRichard Maw2015-02-112-0/+35
| | | | | | | | | | | | It may be more sensible to add these to openssh's build system rather than substituting and installing them manually, but it requires less alteration of upstream sources. The unit file also doesn't make use of socket activation, so boot times will be suboptimal. Conflicts: openssh.morph
* establish V_6_7 branchV_6_7_P1V_6_7Damien Miller2014-10-071-0/+1
|
* - (djm) Release OpenSSH-6.7Damien Miller2014-10-071-0/+3
|
* - (djm) [sshd_config.5] typo; from Iain MorganDamien Miller2014-10-032-1/+4
|
* - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]Damien Miller2014-10-014-3/+53
| | | | | | [openbsd-compat/openbsd-compat.h] Kludge around bad glibc _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; ok dtucker@
* - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;Damien Miller2014-09-102-0/+8
| | | | patch from Felix von Leitner; ok dtucker
* 20140908Darren Tucker2014-09-092-4/+7
| | | | - (dtucker) [INSTALL] Update info about egd. ok djm@
* - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNGDamien Miller2014-09-042-1/+4
|
* - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading toDamien Miller2014-09-032-32/+2
| | | | permissions/ACLs; from Corinna Vinschen
* - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h andDamien Miller2014-09-033-11/+16
| | | | conditionalise to avoid duplicate definition.
* - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@Damien Miller2014-08-302-3/+4
|
* - (djm) [openbsd-compat/openssl-compat.h] add include guardDamien Miller2014-08-302-5/+10
|
* - (djm) [misc.c] Missing newline between functionsDamien Miller2014-08-302-0/+2
|
* - (djm) [openbsd-compat/openssl-compat.h] addDamien Miller2014-08-302-2/+13
| | | | OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
* - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()Damien Miller2014-08-273-5/+30
| | | | | | using memset_s() where possible; improve fallback to indirect bzero via a volatile pointer to give it more of a chance to avoid being optimised away.
* - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauthDamien Miller2014-08-273-4/+5
| | | | monitor, not preauth; bz#2263
* - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]Damien Miller2014-08-277-7/+29
| | | | | | | | | [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h on !ECC OpenSSL systems
* - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,Damien Miller2014-08-262-10/+17
| | | | update OpenSSL version requirement.
* - (djm) [bufec.c] Skip this file on !ECC OpenSSLDamien Miller2014-08-262-1/+7
|
* - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but notDamien Miller2014-08-242-2/+6
| | | | PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
* - (djm) [configure.ac] We now require a working vsnprintf everywhere (notDamien Miller2014-08-232-12/+21
| | | | | just for systems that lack asprintf); check for it always and extend test to catch more brokenness. Fixes builds on Solaris <= 9
* - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode onDamien Miller2014-08-232-0/+8
| | | | lastlog writing on platforms with high UIDs; bz#2263
* - (djm) [configure.ac] double braces to appease autoconfDamien Miller2014-08-222-3/+4
|
* - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/Damien Miller2014-08-222-2/+4
| | | | definition mismatch) and warning for broken/missing snprintf case.
* - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECCDamien Miller2014-08-222-1/+4
|
* - (djm) [configure.ac] include leading zero characters in OpenSSL versionDamien Miller2014-08-222-4/+8
| | | | number; fixes test for unsupported versions
* - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems thatDamien Miller2014-08-212-0/+15
| | | | don't set __progname. Diagnosed by Tom Christensen.
* - (djm) [key.h] Fix ifdefs for no-ECC OpenSSLDamien Miller2014-08-212-2/+3
|
* - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.Damien Miller2014-08-212-3/+6
|
* - (djm) [contrib/cygwin/README] Correct build instructions; from CorinnaDamien Miller2014-08-202-1/+2
|
* - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECCDamien Miller2014-08-202-14/+25
|
* - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather thanDamien Miller2014-08-202-2/+4
| | | | -L/-l; fixes linking problems on some platforms
* - (djm) [configure.ac] Check OpenSSL version is supported at configure time;Damien Miller2014-08-202-3/+15
| | | | suggested by Kevin Brott
* - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]Damien Miller2014-08-196-21/+6
| | | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions of TCP wrappers.
* - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIGDamien Miller2014-08-192-0/+2
|
* - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.Damien Miller2014-08-192-5/+12
|
* - (djm) [myproposal.h] Make curve25519 KEX dependent onDamien Miller2014-08-191-1/+1
| | | | HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
* - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna VinschenDamien Miller2014-08-192-4/+11
|
* - (djm) [README contrib/caldera/openssh.spec]Damien Miller2014-08-105-6/+10
| | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
* - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociateDamien Miller2014-08-012-2/+4
| | | | nc from stdin, it's more portable
* - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdinDamien Miller2014-08-012-2/+4
| | | | is closed; avoid regress failures when stdin is /dev/null
* - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We needDamien Miller2014-08-012-4/+12
| | | | a better solution, but this will have to do for now.
* - schwarze@cvs.openbsd.org 2014/07/28 15:40:08Damien Miller2014-07-303-9/+14
| | | | | | | [sftp-server.8 sshd_config.5] some systems no longer need /dev/log; issue noticed by jirib; ok deraadt
* - dtucker@cvs.openbsd.org 2014/07/25 21:22:03Damien Miller2014-07-302-1/+8
| | | | | | | | [ssh-agent.c] Clear buffer used for handling messages. This prevents keys being left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
* - OpenBSD CVS SyncDamien Miller2014-07-302-5/+14
| | | | | | - millert@cvs.openbsd.org 2014/07/24 22:57:10 [ssh.1] Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
* - (djm) [regress/multiplex.sh] restore incorrectly deleted line;Damien Miller2014-07-252-1/+5
| | | | pointed out by Christian Hesse
* - dtucker@cvs.openbsd.org 2014/07/22 23:35:38Darren Tucker2014-07-2375-217/+222
| | | | | | [regress/unittests/sshkey/testdata/*] Regenerate test keys with certs signed with ed25519 instead of ecdsa. These can be used in -portable on platforms that don't support ECDSA.
* - dtucker@cvs.openbsd.org 2014/07/22 23:57:40Darren Tucker2014-07-232-0/+4
| | | | | [regress/unittests/sshkey/mktestdata.sh] Add $OpenBSD tag to make syncs easier
* - dtucker@cvs.openbsd.org 2014/07/22 23:23:22Darren Tucker2014-07-232-3/+7
| | | | | | [regress/unittests/sshkey/mktestdata.sh] Sign test certs with ed25519 instead of ecdsa so that they'll work in -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
View Lorry Controller Status