| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
When I converted the morphology to YAML I did a little cleanup of
the command lines, to make them more aesthetically pleasing.
In the process of doing this I changed how some options were quoted,
and did not notice that I had changed an argument with an interpolation.
Reviewed-by: Lars Wirzenius
|
|\
| |
| |
| | |
Reviewed-by: Lars Wirzenius <lars.wirzenius@codethink.co.uk>
|
| | |
|
|/ |
|
|\
| |
| |
| |
| |
| | |
git://git.baserock.org/delta/openssh into baserock/morph
Reviewed by Lars Wirzenius
|
|/ |
|
|
|
|
|
| |
ssh wants a private directory, if it is readable to anyone but
the user that owns it then it fails, so fix these permissions.
|
| |
|
|
|
|
|
| |
This reverts commit 4e8a8f4557fddc7fd93420644ed52ce2b4d86f95.
systemd is not fully integrated yet, removing this is premature
|
|
|
|
| |
sh is conventionally installed in /bin, which is also where we put it
|
| |
|
|
|
|
|
|
|
|
|
| |
It may be more sensible to add these to openssh's build system
rather than substituting and installing them manually, but it
requires less alteration of upstream sources.
The unit file also doesn't make use of socket activation, so boot
times will be suboptimal.
|
|
|
|
|
|
|
|
|
|
|
| |
configure fails because it can't find a source of random numbers
this happens because it checks if openssl does it or some other
source of entropy exist.
The check fails because /dev/u?random does not exist.
ssh does allow the script to assume ssl works if cross compiling,
so it is probably safe to force the assumption
OPENSSL_SEEDS_ITSELF is not set to anything but yes, so if passed
through the environment it should survive to where it is tested.
|
|
|
|
|
| |
For some reason run-parts from busybox does not recognize
it if it ends in .init
|
| |
|
|
|
|
|
| |
ssh still needs some more configuration to be functional
The host keys need to be generated at some point
|
| |
|
| |
|
|
|
|
| |
to work. Spotted by Angel Gonzalez
|
|
|
|
| |
it actually works.
|
|
|
|
|
| |
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
ok dtucker@
|
|
|
|
| |
preserved Cygwin environment variables; from Corinna Vinschen
|
|
|
|
|
| |
[version.h]
move from 6.0-beta to 6.0
|
|
|
|
|
| |
[packet.c packet.h]
packet_read_poll() is not used anymore.
|
|
|
|
|
| |
[authfile.c]
memleak in key_load_file(); from Jan Klemkow
|
|
|
|
|
|
| |
[packet.c]
do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
ok dtucker@, djm@
|
|
|
|
|
|
|
| |
[clientloop.c]
Ensure that $DISPLAY contains only valid characters before using it to
extract xauth data so that it can't be used to play local shell
metacharacter games. Report from r00t_ati at ihteam.net, ok markus.
|
|
|
|
|
|
|
| |
[ssh-pkcs11-client.c]
Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
While there, be sure to buffer_clear() between send_msg() and recv_msg().
ok markus@
|
|
|
|
|
|
| |
[ssh-ecdsa.c]
Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
ok markus@
|
|
|
|
|
| |
[mux.c]
fix double-free in new session handler
|
|
|
|
|
| |
[monitor.c]
memleak on error path
|
|
|
|
| |
that don't support ECC. Patch from Phil Oleson
|
|
|
|
|
| |
null implementation of HMAC_CTX_init for the benefit of old versions
of OpenSSL that don't have it.
|
|
|
|
|
|
| |
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
fix some harmless and/or unreachable int overflows;
reported Xi Wang, ok markus@
|
|
|
|
|
|
|
|
|
|
| |
[mux.c]
revert:
> revision 1.32
> date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
> fix bz#1948: ssh -f doesn't fork for multiplexed connection.
> ok dtucker@
it interacts badly with ControlPersist
|
|
|
|
|
|
|
| |
[mac.c]
fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
HMAC_init (this change in policy seems insane to me)
ok dtucker@
|
|
|
|
|
|
| |
[mux.c]
fix bz#1948: ssh -f doesn't fork for multiplexed connection.
ok dtucker@
|
|
|
|
|
|
|
| |
[sftp.c]
Don't leak list in complete_cmd_parse if there are no commands found.
Discovered when I was ``borrowing'' this code for something else.
ok djm@
|
| |
|
|
|
|
|
|
|
| |
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
|
|
|
|
|
| |
[moduli]
regenerated moduli file; ok deraadt
|
|
|
|
|
|
| |
[session.c]
bz#1859: send tty break to pty master instead of (probably already
closed) slave side; "looks good" markus@
|
|
|
|
|
|
|
| |
[ssh.c]
bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
was incorrectly requesting the forward in both the control master and
slave. skip requesting it in the master to fix. ok markus@
|
|
|
|
|
| |
[umac.c]
typo in comment; patch from Michael W. Bombardieri
|
|
|
|
|
| |
[moduli.c]
s/tmpfile/tmp/ to make this -Wshadow clean
|
|
|
|
|
| |
[ssh-add.c]
add -k to usage(); reminded by jmc@
|
|
|
|
|
| |
[ssh.c]
ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
|
|
|
|
| |
fails. Patch from Corinna Vinschen.
|
|
|
|
|
|
| |
[ssh-add.1 ssh-add.c]
new "ssh-add -k" option to load plain keys (skipping certificates);
"looks ok" markus@
|
|
|
|
|
|
| |
[auth-options.c key.c]
remove explict search for \0 in packet strings, this job is now done
implicitly by buffer_get_cstring; ok markus
|