summaryrefslogtreecommitdiff
path: root/usr.bin
AgeCommit message (Collapse)Author
2008-05-13Change a mktemp(3) to mkstemp(3), preventing a race condition.Ray Lai
Improve error checking. OK okan@
2008-05-13Remove #if 0 code that has been unused for nearly a decade (andRay Lai
probably doesn't compile, since the types for some variables have changed from long to char *). OK millert@
2008-05-12Ensure nh_result lies on a 64-bit boundary (fixes warnings observedPeter Valchev
on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
2008-05-11If "cvs admin" encountered an entry in CVS/Entries for a file which has noTobias Stoeckmann
(longer an) RCS file in CVSROOT, both -- GNU cvs and OpenCVS -- segfaulted. ok joris
2008-05-11Memory leak in rcs_delta_stats plugged.Tobias Stoeckmann
ok joris
2008-05-10properly free suffixes.Joris Vink
OK tobias@
2008-05-10OpenRCS only handled a max of 128 arguments on command line + RCSINIT,Tobias Stoeckmann
which was a bogus limit. Spotted by naddy. horribly prodded by and ok joris
2008-05-09unbreakMarkus Friedl
ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
2008-05-09error-fd race: don't enable the error fd in the select bitmaskMarkus Friedl
for channels with both in- and output closed, since the channel will go away before we call select(); report, lots of debugging help and ok djm@
2008-05-09re-add the USE_PIPES code and enable it.Markus Friedl
without pipes shutdown-read from the sshd does not trigger a SIGPIPE when the forked program does a write. ok djm@
2008-05-09dingo stole my diff hunkDamien Miller
2008-05-09tidy up session multiplexing code, moving it into its own file andDamien Miller
making the function names more consistent - making ssh.c and clientloop.c a fair bit more readable. ok markus@
2008-05-09some Xr for tcpbench(1) and tcpdrop(8);Jason McIntyre
2008-05-09tweak previous; ok djmJason McIntyre
2008-05-09try SO_BINDANY for -s, but do not insist; ok bob, reykMarkus Friedl
2008-05-09add tcpbench to buildTheo de Raadt
2008-05-09s/bench/tcpbench/ in usage(); spotted by schellekens.dries AT gmail.comDamien Miller
2008-05-09Try additional addresses when connecting to a port forward destinationDamien Miller
whose DNS name resolves to more than one address. The previous behaviour was to try the first address and give up. Reported by stig AT venaas.com in bz#343 great feedback and ok markus@
2008-05-09import tcpbench, a small TCP benchmarking tool that can also sampleDamien Miller
relevant kernel variables via kvm(3) ok dlg@ deraadt@
2008-05-08Use new channel status confirmation callback system to properly dealDamien Miller
with "important" channel requests that fail, in particular command exec, shell and subsystem requests. Previously we would optimistically assume that the requests would always succeed, which could cause hangs if they did not (e.g. when the server runs out of fds) or were unimplemented by the server (bz #1384) Also, properly report failing multiplex channel requests via the mux client stderr (subject to LogLevel in the mux master) - better than silently failing. most bits ok markus@ (as part of a larger diff)
2008-05-08Make the maximum number of sessions run-time controllable viaDamien Miller
a sshd_config MaxSessions knob. This is useful for disabling login/shell/subsystem access while leaving port-forwarding working (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or simply increasing the number of allows multiplexed sessions. Because some bozos are sure to configure MaxSessions in excess of the number of available file descriptors in sshd (which, at peak, might be as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds on error paths, and make it fail gracefully on out-of-fd conditions - sending channel errors instead of than exiting with fatal(). bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com ok markus@
2008-05-08Implement a channel success/failure status confirmation callbackDamien Miller
mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff)
2008-05-08Sync netstat show.c with route show.c to gain mpls support and to show theClaudio Jeker
routing priority. hai norby@
2008-05-08make -f mpls work. OK norby@Claudio Jeker
2008-05-08avoid extra malloc/copy/free when receiving data over the net;Markus Friedl
~10% speedup for localhost-scp; ok djm@
2008-05-08Receiving carp packets for unknown vhid's is not really an error.Marco Pfatschbacher
Change the wording accordingly. OK markus@, dlg@
2008-05-08Update file to 4.21.Charles Longeau
tested by ian@ sthen@ OK ian@, "move ahead with it" deraadt@
2008-05-08replace "/usr/sbin/sendmail" with _PATH_SENDMAILCharles Longeau
no binary change found by Daniel Dickman <didickman at gmail.com> ok ray@
2008-05-07correct duration by taking the pre-gap into account; ok by many.Federico G. Schwindt
2008-05-07sort;Jason McIntyre
2008-05-07push the sshd_config bits in, spotted by ajacoutot@Pierre-Yves Ritschard
2008-05-07Enable the AllowAgentForwarding option in sshd_config (global and matchPierre-Yves Ritschard
context), to specify if agents should be permitted on the server. As the man page states: ``Note that disabling Agent forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders.'' ok djm@, ok and a mild frown markus@
2008-05-06- put the description of -O in the right placeJason McIntyre
- shorten the argument names to -IO
2008-05-06We have to check if server_argc is 1 instead of lesser than 0 to see ifTobias Stoeckmann
an Argumentx directive has been sent to server without prior Argument. ok joris, xsa
2008-05-06allow setting of TCP send/receive buffer sizes; ok markus@Damien Miller
2008-05-01In the main loop, do not call wait() if there is no child process yet;Miod Vallat
misinterpreting the ``returned'' status could lead to segfauts, as reported by ``Filth'' (hygdrasil, gmail dot com) ok deraadt@
2008-04-30add two missing prototypes.Federico G. Schwindt
2008-04-30default to rsa (protocol 2) keys, instead of rsa1 keys; spotted byDamien Miller
larsnooden AT openoffice.org
2008-04-29garbage collect two unused fields in struct mm_master; ok markus@Otto Moerbeek
2008-04-28plug three leaks, one reported and fixed by Andreas Gunnarsson in PR 5802,Otto Moerbeek
the others by myself
2008-04-27o if no argument is passed to cddbinfo, treat it as 0 in order to printFederico G. Schwindt
the list in case of multiple/inexact matches o if the argument to cddb is invalid, do not exit, just print and error and ignore the command espie@ ok.
2008-04-27Add section n for Tcl/Tk related pages.Deanna Phillips
ok jmc@, no objections espie@
2008-04-27Correct English.Joel Sing
ok jmc@
2008-04-26use correct printf format for size_t (debug only code)Otto Moerbeek
2008-04-26Duplicate envstr and free it on error instead of allocating forRay Lai
each argument and freeing each argument on error. OK joris, tobias
2008-04-25update the example: using "play.block_size" instead of "blocksize" is nowAlexandre Ratchov
the recommended way to set the play block size ok jakemsr
2008-04-25display count of playback frame errors (underruns) in play.errors like weJacob Meuser
do with record.errors for recording (overruns). ok ratchov
2008-04-25-a flag is deprecated, remove it from an example.Jacob Meuser
ok ratchov
2008-04-24Prevent overflow of cmd_argv if RCS_INIT and command line argumentsTobias Stoeckmann
exceed buffer size (diff based on OpenCVS code). ok ray, xsa
2008-04-24Use a fixed string in case of vasprintf() error instead of relying onTobias Stoeckmann
strerror(). Although our vasprintf() sets errno, we cannot rely on it on other systems. ok ray (who spotted this issue), xsa