src - OpenBSD base system

Age	Commit message (Collapse)	Author
2010-01-18	s/long long unsigned/unsigned long long/, from tim via portable	Darren Tucker

2010-01-17	Correct and clarify ssh-add's password asking behavior.	Ted Unangst
	Improved text dtucker and ok jmc
2010-01-15	unused	Markus Friedl

2010-01-15	Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp	Philip Guenthe
	inherited SIGTERM as ignored it will still be able to kill the ssh it starts. ok dtucker@
2010-01-14	use user_from{uid,gid} to lookup up ids since it keeps a small cache. ok djm	Darren Tucker

2010-01-13	when using ChrootDirectory, make sure we test for the existence of the	Damien Miller
	user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; ok dtucker
2010-01-13	sftp.1: put ls -h in the right place	Jason McIntyre
	sftp.c: as above, plus add -p to get/put, and shorten their arg names to keep the help usage nicely aligned ok djm
2010-01-13	don't append a space after inserting a completion of a directory (i.e.	Damien Miller
	a path ending in '/') for a slightly better user experience; ok dtucker@
2010-01-13	avoid run-time failures when specifying hostkeys via a relative	Damien Miller
	path by prepending the cwd in these cases; bz#1290; ok dtucker@
2010-01-13	support '-h' (human-readable units) for sftp's ls command, just like	Damien Miller
	ls(1); ok dtucker@
2010-01-13	Make HostBased authentication work with a ProxyCommand. bz #1569, patch	Darren Tucker
	from imorgan at nas nasa gov, ok djm@
2010-01-13	Ignore and log any Protocol 1 keys where the claimed size is not equal to	Darren Tucker
	the actual size. Noted by Derek Martin, ok djm@
2010-01-13	Fix a couple of typos/mispellings in comments	Darren Tucker

2010-01-12	Add explicit stat so we reliably detect nologin with bad perms. ok djm markus	Darren Tucker

2010-01-12	add a buffer_get_string_ptr_ret() that does the same as	Damien Miller
	buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
2010-01-12	Do not allow logins if /etc/nologin exists but is not readable by the user	Darren Tucker
	logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
2010-01-12	delete with extreme prejudice a debug() that fired with every keypress;	Damien Miller
	ok dtucker deraadt
2010-01-12	avoid spinning when fd passing on nonblocking sockets by calling poll()	Damien Miller
	in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
2010-01-12	Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.	Darren Tucker
	Patch from joachim joachimschipper nl.
2010-01-11	when converting keys, truncate key comments at 72 chars as per RFC4716;	Damien Miller
	bz#1630 reported by tj AT castaglia.org; ok markus@
2010-01-11	Do not prompt for a passphrase if we fail to open a keyfile, and log the	Darren Tucker
	reason the open failed to debug. bz #1693, found by tj AT castaglia org, ok djm@
2010-01-11	Add a 'netcat mode' (ssh -W). This connects stdio on the client to a single	Darren Tucker
	port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers. bz #1618, man page help from jmc@, ok markus@
2010-01-10	Output a debug if we can't open an existing keyfile. bz#1694, ok djm@	Darren Tucker

2010-01-10	Add ChrootDirectory to sshd.c test-mode output	Darren Tucker

2010-01-09	Remove RoutingDomain from ssh since it's now not needed. It can be replaced	Darren Tucker
	with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
2010-01-09	Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs	Darren Tucker
	itself. Prevents two HUPs in quick succession from resulting in sshd dying. bz#1692, patch from Colin Watson via Ubuntu.
2010-01-09	Prevent sftp from derefing a null pointer when given a "-" without a command.	Darren Tucker
	Also, allow whitespace to follow a "-". bz#1691, path from Colin Watson via Debian. ok djm@ deraadt@
2010-01-09	Remove a PRIu64 format string that snuck in with roaming. ok djm@	Darren Tucker

2010-01-09	quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we	Damien Miller
	usually don't actually have a tty to read/set; bz#1686 ok dtucker@
2010-01-09	bad place to forget a comma...	Jason McIntyre

2010-01-09	tweak language	Damien Miller

2010-01-09	add a 'read-only' mode to sftp-server(8) that disables open in write mode	Damien Miller
	and all other fs-modifying protocol methods. bz#430 ok dtucker@
2010-01-08	Fix two warnings: possibly used unitialized and use a nul byte instead of	Darren Tucker
	NULL pointer. ok djm@
2010-01-04	bz#1566 don't unnecessarily dup() in and out fds for sftp-server; ok markus@	Damien Miller

2010-01-04	Implement tab-completion of commands, local and remote filenames for sftp.	Damien Miller
	Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009 Google Summer of Code) and polished to a fine sheen by myself again. It should deal more-or-less correctly with the ikky corner-cases presented by quoted filenames, but the UI could still be slightly improved. In particular, it is quite slow for remote completion on large directories. bz#200; ok markus@
2010-01-04	Don't escape backslashes in the SSH2 banner. bz#1533, patch from	Darren Tucker
	Michal Gorny via Gentoo.
2009-12-29	sort previous;	Jason McIntyre

2009-12-29	Rename RDomain config option to RoutingDomain to be more clear and	Kevin Steves
	consistent with other options. NOTE: if you currently use RDomain in the ssh client or server config, or ssh/sshd -o, you must update to use RoutingDomain. ok markus@ djm@
2009-12-25	validate routing domain is in range 0-RT_TABLEID_MAX.	Kevin Steves
	'Looks right' deraadt@
2009-12-20	fix an incorrect magic number and typo in PROTOCOL; bz#1688	Damien Miller
	report and fix from ueno AT unixuser.org
2009-12-20	When passing user-controlled options with arguments to other programs,	Philip Guenthe
	pass the option and option argument as separate argv entries and not smashed into one (e.g., as -l foo and not -lfoo). Also, always pass a "--" argument to stop option parsing, so that a positional argument that starts with a '-' isn't treated as an option. This fixes some error cases as well as the handling of hostnames and filenames that start with a '-'. Based on a diff by halex@ ok halex@ djm@ deraadt@
2009-12-19	try to clarify ChrootDirectory pathname argument a bit; resulting from	Kevin Steves
	a question on openssh-unix-dev. ok jmc@
2009-12-11	switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537	Markus Friedl
	for the RSA public exponent; discussed with provos; ok djm@
2009-12-06	fix potential divide-by-zero in sftp's "df" output when talking to a server	Darren Tucker
	that reports zero files on the filesystem (Unix filesystems always have at least the root inode). From Steve McClellan at radisys, ok djm@
2009-12-06	use socklen_t for getsockopt optlen parameter; reported by	Damien Miller
	Steve.McClellan AT radisys.com, ok dtucker@
2009-12-06	zap unused variable and strlen; from Steve McClellan, ok djm	Darren Tucker

2009-11-22	make passing of zero-length arguments to ssh safe by	Alexander Hall
	passing "-<switch>" "<value>" rather than "-<switch><value>" ok dtucker@, guenther@, djm@
2009-11-20	correct off-by-one in percent_expand(): we would fatal() when trying	Damien Miller
	to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually work. Note that nothing in OpenSSH actually uses close to this limit at present. bz#1607 from Jan.Pechanec AT Sun.COM
2009-11-20	Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@	Darren Tucker

2009-11-20	bz#1588 change "Connecting to host..." message to "Connected to host."	Damien Miller
	and delay it until after the sftp protocol connection has been established. Avoids confusing sequence of messages when the underlying ssh connection experiences problems. ok dtucker@