Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add the standard environment variable passing to sshbaserock/tiagogomes/armv8l64baserock/morph | Tiago Gomes | 2015-02-11 | 2 | -1/+5 |
| | | | | | | Conflicts: ssh_config sshd_config | ||||
* | openssh: add systemd service files | Richard Maw | 2015-02-11 | 2 | -0/+35 |
| | | | | | | | | | | | | It may be more sensible to add these to openssh's build system rather than substituting and installing them manually, but it requires less alteration of upstream sources. The unit file also doesn't make use of socket activation, so boot times will be suboptimal. Conflicts: openssh.morph | ||||
* | establish V_6_7 branchV_6_7_P1V_6_7 | Damien Miller | 2014-10-07 | 1 | -0/+1 |
| | |||||
* | - (djm) Release OpenSSH-6.7 | Damien Miller | 2014-10-07 | 1 | -0/+3 |
| | |||||
* | - (djm) [sshd_config.5] typo; from Iain Morgan | Damien Miller | 2014-10-03 | 2 | -1/+4 |
| | |||||
* | - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c] | Damien Miller | 2014-10-01 | 4 | -3/+53 |
| | | | | | | [openbsd-compat/openbsd-compat.h] Kludge around bad glibc _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; ok dtucker@ | ||||
* | - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; | Damien Miller | 2014-09-10 | 2 | -0/+8 |
| | | | | patch from Felix von Leitner; ok dtucker | ||||
* | 20140908 | Darren Tucker | 2014-09-09 | 2 | -4/+7 |
| | | | | - (dtucker) [INSTALL] Update info about egd. ok djm@ | ||||
* | - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG | Damien Miller | 2014-09-04 | 2 | -1/+4 |
| | |||||
* | - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to | Damien Miller | 2014-09-03 | 2 | -32/+2 |
| | | | | permissions/ACLs; from Corinna Vinschen | ||||
* | - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and | Damien Miller | 2014-09-03 | 3 | -11/+16 |
| | | | | conditionalise to avoid duplicate definition. | ||||
* | - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@ | Damien Miller | 2014-08-30 | 2 | -3/+4 |
| | |||||
* | - (djm) [openbsd-compat/openssl-compat.h] add include guard | Damien Miller | 2014-08-30 | 2 | -5/+10 |
| | |||||
* | - (djm) [misc.c] Missing newline between functions | Damien Miller | 2014-08-30 | 2 | -0/+2 |
| | |||||
* | - (djm) [openbsd-compat/openssl-compat.h] add | Damien Miller | 2014-08-30 | 2 | -2/+13 |
| | | | | OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them | ||||
* | - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() | Damien Miller | 2014-08-27 | 3 | -5/+30 |
| | | | | | | using memset_s() where possible; improve fallback to indirect bzero via a volatile pointer to give it more of a chance to avoid being optimised away. | ||||
* | - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth | Damien Miller | 2014-08-27 | 3 | -4/+5 |
| | | | | monitor, not preauth; bz#2263 | ||||
* | - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] | Damien Miller | 2014-08-27 | 7 | -7/+29 |
| | | | | | | | | | [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h on !ECC OpenSSL systems | ||||
* | - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL, | Damien Miller | 2014-08-26 | 2 | -10/+17 |
| | | | | update OpenSSL version requirement. | ||||
* | - (djm) [bufec.c] Skip this file on !ECC OpenSSL | Damien Miller | 2014-08-26 | 2 | -1/+7 |
| | |||||
* | - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not | Damien Miller | 2014-08-24 | 2 | -2/+6 |
| | | | | PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen | ||||
* | - (djm) [configure.ac] We now require a working vsnprintf everywhere (not | Damien Miller | 2014-08-23 | 2 | -12/+21 |
| | | | | | just for systems that lack asprintf); check for it always and extend test to catch more brokenness. Fixes builds on Solaris <= 9 | ||||
* | - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on | Damien Miller | 2014-08-23 | 2 | -0/+8 |
| | | | | lastlog writing on platforms with high UIDs; bz#2263 | ||||
* | - (djm) [configure.ac] double braces to appease autoconf | Damien Miller | 2014-08-22 | 2 | -3/+4 |
| | |||||
* | - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/ | Damien Miller | 2014-08-22 | 2 | -2/+4 |
| | | | | definition mismatch) and warning for broken/missing snprintf case. | ||||
* | - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC | Damien Miller | 2014-08-22 | 2 | -1/+4 |
| | |||||
* | - (djm) [configure.ac] include leading zero characters in OpenSSL version | Damien Miller | 2014-08-22 | 2 | -4/+8 |
| | | | | number; fixes test for unsupported versions | ||||
* | - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that | Damien Miller | 2014-08-21 | 2 | -0/+15 |
| | | | | don't set __progname. Diagnosed by Tom Christensen. | ||||
* | - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL | Damien Miller | 2014-08-21 | 2 | -2/+3 |
| | |||||
* | - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. | Damien Miller | 2014-08-21 | 2 | -3/+6 |
| | |||||
* | - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna | Damien Miller | 2014-08-20 | 2 | -1/+2 |
| | |||||
* | - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC | Damien Miller | 2014-08-20 | 2 | -14/+25 |
| | |||||
* | - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than | Damien Miller | 2014-08-20 | 2 | -2/+4 |
| | | | | -L/-l; fixes linking problems on some platforms | ||||
* | - (djm) [configure.ac] Check OpenSSL version is supported at configure time; | Damien Miller | 2014-08-20 | 2 | -3/+15 |
| | | | | suggested by Kevin Brott | ||||
* | - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] | Damien Miller | 2014-08-19 | 6 | -21/+6 |
| | | | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions of TCP wrappers. | ||||
* | - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG | Damien Miller | 2014-08-19 | 2 | -0/+2 |
| | |||||
* | - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. | Damien Miller | 2014-08-19 | 2 | -5/+12 |
| | |||||
* | - (djm) [myproposal.h] Make curve25519 KEX dependent on | Damien Miller | 2014-08-19 | 1 | -1/+1 |
| | | | | HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC. | ||||
* | - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen | Damien Miller | 2014-08-19 | 2 | -4/+11 |
| | |||||
* | - (djm) [README contrib/caldera/openssh.spec] | Damien Miller | 2014-08-10 | 5 | -6/+10 |
| | | | | [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions | ||||
* | - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate | Damien Miller | 2014-08-01 | 2 | -2/+4 |
| | | | | nc from stdin, it's more portable | ||||
* | - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin | Damien Miller | 2014-08-01 | 2 | -2/+4 |
| | | | | is closed; avoid regress failures when stdin is /dev/null | ||||
* | - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need | Damien Miller | 2014-08-01 | 2 | -4/+12 |
| | | | | a better solution, but this will have to do for now. | ||||
* | - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 | Damien Miller | 2014-07-30 | 3 | -9/+14 |
| | | | | | | | [sftp-server.8 sshd_config.5] some systems no longer need /dev/log; issue noticed by jirib; ok deraadt | ||||
* | - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 | Damien Miller | 2014-07-30 | 2 | -1/+8 |
| | | | | | | | | [ssh-agent.c] Clear buffer used for handling messages. This prevents keys being left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt | ||||
* | - OpenBSD CVS Sync | Damien Miller | 2014-07-30 | 2 | -5/+14 |
| | | | | | | - millert@cvs.openbsd.org 2014/07/24 22:57:10 [ssh.1] Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ | ||||
* | - (djm) [regress/multiplex.sh] restore incorrectly deleted line; | Damien Miller | 2014-07-25 | 2 | -1/+5 |
| | | | | pointed out by Christian Hesse | ||||
* | - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 | Darren Tucker | 2014-07-23 | 75 | -217/+222 |
| | | | | | | [regress/unittests/sshkey/testdata/*] Regenerate test keys with certs signed with ed25519 instead of ecdsa. These can be used in -portable on platforms that don't support ECDSA. | ||||
* | - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 | Darren Tucker | 2014-07-23 | 2 | -0/+4 |
| | | | | | [regress/unittests/sshkey/mktestdata.sh] Add $OpenBSD tag to make syncs easier | ||||
* | - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 | Darren Tucker | 2014-07-23 | 2 | -3/+7 |
| | | | | | | [regress/unittests/sshkey/mktestdata.sh] Sign test certs with ed25519 instead of ecdsa so that they'll work in -portable on platforms that don't have ECDSA in their OpenSSL. ok djm |