src - OpenBSD base system

Age	Commit message (Collapse)	Author
2008-02-22	closefrom() call was too early, delay it until just before we execute	Damien Miller
	the user's rc files (if any).
2008-02-20	correct boolean encoding for coredump; der Mouse via dugsong	Markus Friedl

2008-02-14	When started in configuration test mode (-t) do not check that sshd is	Marc Balmer
	being started with an absolute path. ok djm
2008-02-13	rekey arc4random and OpenSSL RNG in postauth child	Damien Miller
	closefrom fds > 2 before shell/command execution ok markus@
2008-02-11	bump Mdocdate for pages committed in "febuary", necessary because	Jason McIntyre
	of a typo in rcs.c;
2008-02-10	delay ~ expansion for ChrootDirectory so it expands to the logged-in user's	Damien Miller
	home, rather than the user who starts sshd (probably root)
2008-02-10	mantion that "internal-sftp" is useful with ForceCommand too	Damien Miller

2008-02-09	Document the correct permissions for the ~/.ssh/ directory.	Ryan Thomas McBride
	ok jmc
2008-02-09	missing `)';	Jason McIntyre

2008-02-08	add sshd_config ChrootDirectory option to chroot(2) users to a directory and	Damien Miller
	tweak internal sftp server to work with it (no special files in chroot required). ok markus@
2008-02-04	link sftp-server into sshd; feedback and ok djm@	Markus Friedl

2008-01-31	explain how to handle local file names containing colons;	Jason McIntyre
	requested by Tamas TEVESZ ok dtucker
2008-01-23	Revert the change for bz #1307 as it causes connection aborts if an IGNORE	Darren Tucker
	packet arrives while we're waiting in packet_read_expect (and possibly elsewhere).
2008-01-21	when a remote write error occurs during an upload, ensure that ACKs for all	Damien Miller
	issued requests are properly drained. patch from t8m AT centrum.cz
2008-01-21	Remove the fixed 100 handle limit in sftp-server and allocate as many	Damien Miller
	as we have available file descriptors. Patch from miklos AT szeredi.hu; ok dtucker@ markus@
2008-01-20	When uploading, correctly handle the case of an unquoted filename with	Damien Miller
	glob metacharacters that match a file exactly but not as a glob, e.g. a file called "[abcd]". report and test cases from duncan2nd AT gmx.de
2008-01-19	promote rekeylimit to a int64 so it can hold the maximum useful limit	Damien Miller
	of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
2008-01-19	When we added support for specified bind addresses for port forwards, we	Damien Miller
	added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of this for -L port forwards that causes the client to listen on both v4 and v6 addresses when connected to a server with this quirk, despite having set 0.0.0.0 as a bind_address. report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
2008-01-19	unbreak line numbering (broken in revision 1.164), fix error message	Damien Miller

2008-01-19	when hashing individual hosts (ssh-keygen -Hf hostname), make sure we	Damien Miller
	hash just the specified hostname and not the entire hostspec from the keyfile. It may be of the form "hostname,ipaddr", which would lead to a hash that never matches. report and fix from jp AT devnull.cz
2008-01-19	fix remote handle leak in do_download() local file open error path;	Damien Miller
	report and fix from sworley AT chkno.net
2008-01-19	ignore SIGPIPE in multiplex client mode - we can receive this if the	Damien Miller
	server runs out of fds on us midway. Report and patch from gregory_shively AT fanniemae.com
2008-01-19	fd leak on session multiplexing error path. Report and patch from	Damien Miller
	gregory_shively AT fanniemae.com
2008-01-19	scp -q implies ssh -q for the underlying connection, it doesn't just	Damien Miller
	hush the progress meter
2008-01-19	satisfy the pedants: -q does not suppress all diagnostic messages (e.g.	Damien Miller
	some commandline parsing warnings go unconditionally to stdout).
2008-01-11	disable unused functions	Charles Longeau
	initially from tobias@, but disabled them by placing them in "#ifdef notyet" which was asked by djm@ ok djm@ tobias@
2008-01-01	Allow PermitRootLogin in a Match block. Allows for, eg, permitting root	Darren Tucker
	only from the local network. ok markus@, man page bit ok jmc@
2008-01-01	If scp -p encounters a pre-epoch timestamp, use the epoch which is	Darren Tucker
	as close as we can get given that it's used unsigned. Add a little debugging while there. bz #828, ok djm@
2008-01-01	spaces -> tabs from my previous commit	Darren Tucker

2007-12-31	When in inetd mode, have sshd generate a Protocol 1 ephemeral server	Darren Tucker
	key only for connections where the client chooses Protocol 1 as opposed to when it's enabled in the server's config. Speeds up Protocol 2 connections to inetd-mode servers that also allow Protocol 1. bz #440, based on a patch from bruno at wolff.to, ok markus@
2007-12-31	Prevent strict-aliasing warnings on newer gcc versions. bz #1355, patch	Darren Tucker
	from Dmitry V. Levin, ok djm@
2007-12-28	Use the correct packet maximum sizes for remote port and agent forwarding.	Darren Tucker
	Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@.
2007-12-28	Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the	Darren Tucker
	ServerAlive and ClientAlive timers. Prevents dropping a connection when these are enabled but the peer does not support our keepalives. bz #1307, ok djm@.
2007-12-27	Add a small helper function to consistently handle the EAI_SYSTEM error	Darren Tucker
	code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417. ok markus@ stevesk@
2007-12-12	unbreak lls command and add a regress test that would have caught the	Damien Miller
	breakage; spotted by mouring@
2007-11-03	avoid errno trashing in signal handler; ok dtucker	Theo de Raadt

2007-11-03	Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@	Darren Tucker

2007-11-03	bz #1377: getpwuid results were being clobbered by another getpw* call	Theo de Raadt
	inside tilde_expand_filename(); save the data we need carefully ok djm
2007-11-03	fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;	Damien Miller
	ok dtucker@
2007-10-29	clean up after previous macro removal;	Jason McIntyre

2007-10-29	Make LocalCommand work for Protocol 1 too; ok djm@	Darren Tucker

2007-10-29	ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@	Darren Tucker

2007-10-29	Send config block back to slave for invalid users too so options	Darren Tucker
	set by a Match block (eg Banner) behave the same for non-existent users. Found by and ok djm@
2007-10-29	Plug tiny mem leaks in ControlPath and ProxyCommand option processing; ok djm@	Darren Tucker

2007-10-29	Allow build without -DGSSAPI; ok deraadt@	Darren Tucker

2007-10-24	factor out network read/write into an atomicio()-like function, and use it	Damien Miller
	to handle short reads, apply bandwidth limits and update counters. make network IO non-blocking, so a small trickle of reads/writes has a chance of updating the progress meter; bz #799 ok dtucker@
2007-10-24	rework argument splitting and parsing to cope correctly with common shell	Damien Miller
	escapes and make handling of escaped characters consistent with sh(1) and between sftp commands (especially between ones that glob their arguments and ones that don't). parse command flags using getopt(3) rather than hand-rolled parsers. ok dtucker@
2007-10-22	make sure that both the local and remote port are correct when	Markus Friedl
	parsing -L; Jan Pechanec (bz #1378)
2007-10-02	handles zero-sized strings that fgets can return	Charles Longeau
	properly removes trailing newline removes an unused variable correctly counts line number "looks ok" ray@ markus@
2007-09-29	Remove unused prototype. ok djm@	Darren Tucker