Damien Miller [Sun, 18 Dec 2011 23:51:39 +0000 (10:51 +1100)]
- djm@cvs.openbsd.org 2011/12/02 00:43:57
[mac.c]
fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
HMAC_init (this change in policy seems insane to me)
ok dtucker@
Damien Miller [Fri, 25 Nov 2011 02:53:48 +0000 (13:53 +1100)]
- oga@cvs.openbsd.org 2011/11/16 12:24:28
[sftp.c]
Don't leak list in complete_cmd_parse if there are no commands found.
Discovered when I was ``borrowing'' this code for something else.
ok djm@
Darren Tucker [Fri, 4 Nov 2011 00:25:24 +0000 (11:25 +1100)]
- (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
with some rework from myself and djm. ok djm.
Darren Tucker [Thu, 3 Nov 2011 23:54:22 +0000 (10:54 +1100)]
- djm@cvs.openbsd.org 2011/10/24 02:10:46
[ssh.c]
bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
was incorrectly requesting the forward in both the control master and
slave. skip requesting it in the master to fix. ok markus@
Damien Miller [Tue, 18 Oct 2011 05:06:14 +0000 (16:06 +1100)]
- djm@cvs.openbsd.org 2011/10/18 04:58:26
[auth-options.c key.c]
remove explict search for \0 in packet strings, this job is now done
implicitly by buffer_get_cstring; ok markus
Darren Tucker [Sun, 2 Oct 2011 07:59:03 +0000 (18:59 +1100)]
- markus@cvs.openbsd.org 2011/09/23 07:45:05
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h]
unbreak remote portforwarding with dynamic allocated listen ports:
1) send the actual listen port in the open message (instead of 0).
this allows multiple forwardings with a dynamic listen port
2) update the matching permit-open entry, so we can identify where
to connect to
report: den at skbkontur.ru and P. Szczygielski
feedback and ok djm@
Darren Tucker [Sun, 2 Oct 2011 07:57:35 +0000 (18:57 +1100)]
- dtucker@cvs.openbsd.org 2011/09/23 00:22:04
[channels.c auth-options.c servconf.c channels.h sshd.8]
Add wildcard support to PermitOpen, allowing things like "PermitOpen
localhost:*". bz #1857, ok djm markus.
Damien Miller [Fri, 23 Sep 2011 01:13:00 +0000 (11:13 +1000)]
- (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
marker. The upstream API has changed (function and structure names)
enough to put it out of sync with other providers of this interface.
Damien Miller [Fri, 23 Sep 2011 00:47:29 +0000 (10:47 +1000)]
- millert@cvs.openbsd.org 2008/08/21 16:54:44
[mktemp.c]
Remove useless code, the kernel will set errno appropriately if an
element in the path does not exist. OK deraadt@ pvalchev@
Damien Miller [Fri, 23 Sep 2011 00:42:02 +0000 (10:42 +1000)]
- tobias@cvs.openbsd.org 2007/10/21 11:09:30
[mktemp.c]
Comment fix about time consumption of _gettemp.
FreeBSD did this in revision 1.20.
OK deraadt@, krw@
Damien Miller [Fri, 23 Sep 2011 00:40:50 +0000 (10:40 +1000)]
- (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
want this longhand version)
Damien Miller [Fri, 23 Sep 2011 00:38:11 +0000 (10:38 +1000)]
- millert@cvs.openbsd.org 2006/05/05 15:27:38
[openbsd-compat/strlcpy.c]
Convert do {} while loop -> while {} for clarity. No binary change
on most architectures. From Oliver Smith. OK deraadt@ and henning@
Damien Miller [Fri, 23 Sep 2011 00:38:01 +0000 (10:38 +1000)]
- millert@cvs.openbsd.org 2006/05/05 15:27:38
[strlcpy.c]
Convert do {} while loop -> while {} for clarity. No binary change
on most architectures. From Oliver Smith. OK deraadt@ and henning@
Damien Miller [Thu, 22 Sep 2011 11:43:06 +0000 (21:43 +1000)]
- djm@cvs.openbsd.org 2011/09/22 06:29:03
[sftp.c]
don't let remote_glob() implicitly sort its results in do_globbed_ls() -
in all likelihood, they will be resorted anyway
Damien Miller [Thu, 22 Sep 2011 11:39:48 +0000 (21:39 +1000)]
- markus@cvs.openbsd.org 2011/09/10 22:26:34
[channels.c channels.h clientloop.c ssh.1]
support cancellation of local/dynamic forwardings from ~C commandline;
ok & feedback djm@
Damien Miller [Thu, 22 Sep 2011 11:38:52 +0000 (21:38 +1000)]
- djm@cvs.openbsd.org 2011/09/09 22:46:44
[channels.c channels.h clientloop.h mux.c ssh.c]
support for cancelling local and remote port forwards via the multiplex
socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
the cancellation of the specified forwardings; ok markus@
Damien Miller [Thu, 22 Sep 2011 11:38:00 +0000 (21:38 +1000)]
- djm@cvs.openbsd.org 2011/09/09 22:37:01
[scp.c]
suppress adding '--' to remote commandlines when the first argument
does not start with '-'. saves breakage on some difficult-to-upgrade
embedded/router platforms; feedback & ok dtucker ok markus
Damien Miller [Thu, 22 Sep 2011 11:37:13 +0000 (21:37 +1000)]
- djm@cvs.openbsd.org 2011/09/09 00:43:00
[ssh_config.5 sshd_config.5]
fix typo in IPQoS parsing: there is no "AF14" class, but there is
an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Miller [Thu, 22 Sep 2011 11:34:35 +0000 (21:34 +1000)]
- djm@cvs.openbsd.org 2011/09/05 05:59:08
[misc.c]
fix typo in IPQoS parsing: there is no "AF14" class, but there is
an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Miller [Thu, 22 Sep 2011 11:34:15 +0000 (21:34 +1000)]
- djm@cvs.openbsd.org 2011/09/05 05:56:13
[scp.1 sftp.1]
mention ControlPersist and KbdInteractiveAuthentication in the -o
verbiage in these pages too (prompted by jmc@)
Damien Miller [Thu, 22 Sep 2011 11:33:53 +0000 (21:33 +1000)]
- djm@cvs.openbsd.org 2011/08/26 01:45:15
[ssh.1]
Add some missing ssh_config(5) options that can be used in ssh(1)'s
-o argument. Patch from duclare AT guu.fi
Damien Miller [Thu, 22 Sep 2011 11:22:21 +0000 (21:22 +1000)]
- djm@cvs.openbsd.org 2011/09/22 06:27:29
[glob.c]
fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
applied only to the gl_pathv vector and not the corresponding gl_statv
array. reported in OpenSSH bz#1935; feedback and okay matthew@
Damien Miller [Thu, 22 Sep 2011 11:21:48 +0000 (21:21 +1000)]
- stsp@cvs.openbsd.org 2011/09/20 10:18:46
[glob.c]
In glob(3), limit recursion during matching attempts. Similar to
fnmatch fix. Also collapse consecutive '*' (from NetBSD).
ok miod deraadt
Damien Miller [Thu, 22 Sep 2011 11:20:21 +0000 (21:20 +1000)]
- pyr@cvs.openbsd.org 2011/05/12 07:15:10
[openbsd-compat/glob.c]
When the max number of items for a directory has reached GLOB_LIMIT_READDIR
an error is returned but closedir() is not called.
spotted and fix provided by Frank Denis obsd-tech@pureftpd.org
ok otto@, millert@
Darren Tucker [Sun, 4 Sep 2011 09:59:26 +0000 (19:59 +1000)]
- (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen support.
Damien Miller [Mon, 29 Aug 2011 06:09:52 +0000 (16:09 +1000)]
- (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
to switch SELinux context away from unconfined_t, based on patch from
Jan Chadima; bz#1919 ok dtucker@
Damien Miller [Fri, 12 Aug 2011 01:22:47 +0000 (11:22 +1000)]
- (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
AT gmail.com; ok dtucker@
Darren Tucker [Fri, 12 Aug 2011 00:12:53 +0000 (10:12 +1000)]
- (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
change error by reporting old and new context names Patch from
jchadima at redhat.
Darren Tucker [Sun, 7 Aug 2011 13:10:11 +0000 (23:10 +1000)]
- sobrado@cvs.openbsd.org 2009/10/28 08:56:54
[moduli.5]
"Diffie-Hellman" is the usual spelling for the cryptographic protocol
first published by Whitfield Diffie and Martin Hellman in 1976.
ok jmc@
Damien Miller [Fri, 5 Aug 2011 20:17:30 +0000 (06:17 +1000)]
- djm@cvs.openbsd.org 2011/08/02 01:22:11
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
Add new SHA256 and SHA512 based HMAC modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
Patch from mdb AT juniper.net; feedback and ok markus@
Damien Miller [Fri, 5 Aug 2011 20:16:23 +0000 (06:16 +1000)]
- djm@cvs.openbsd.org 2011/07/29 14:42:45
[sandbox-systrace.c]
fail open(2) with EPERM rather than SIGKILLing the whole process. libc
will call open() to do strerror() when NLS is enabled;
feedback and ok markus@
Damien Miller [Fri, 5 Aug 2011 20:16:00 +0000 (06:16 +1000)]
- tedu@cvs.openbsd.org 2011/07/06 18:09:21
[authfd.c]
bzero the agent address. the kernel was for a while very cranky about
these things. evne though that's fixed, always good to initialize
memory. ok deraadt djm
Damien Miller [Thu, 23 Jun 2011 09:45:51 +0000 (19:45 +1000)]
- djm@cvs.openbsd.org 2011/06/23 09:34:13
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
[sandbox-null.c]
rename sandbox.h => ssh-sandbox.h to make things easier for portable
Damien Miller [Wed, 22 Jun 2011 22:31:57 +0000 (08:31 +1000)]
- djm@cvs.openbsd.org 2011/06/22 22:08:42
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
hook up a channel confirm callback to warn the user then requested X11
forwarding was refused by the server; ok markus@
Damien Miller [Wed, 22 Jun 2011 22:30:03 +0000 (08:30 +1000)]
- djm@cvs.openbsd.org 2011/06/22 21:57:01
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c]
[sandbox-systrace.c sandbox.h configure.ac Makefile.in]
introduce sandboxing of the pre-auth privsep child using systrace(4).
This introduces a new "UsePrivilegeSeparation=sandbox" option for
sshd_config that applies mandatory restrictions on the syscalls the
privsep child can perform. This prevents a compromised privsep child
from being used to attack other hosts (by opening sockets and proxying)
or probing local kernel attack surface.
The sandbox is implemented using systrace(4) in unsupervised "fast-path"
mode, where a list of permitted syscalls is supplied. Any syscall not
on the list results in SIGKILL being sent to the privsep child. Note
that this requires a kernel with the new SYSTR_POLICY_KILL option.
UsePrivilegeSeparation=sandbox will become the default in the future
so please start testing it now.
Damien Miller [Mon, 20 Jun 2011 04:43:31 +0000 (14:43 +1000)]
- djm@cvs.openbsd.org 2011/06/17 21:57:25
[clientloop.c]
setproctitle for a mux master that has been gracefully stopped;
bz#1911 from Bert.Wesarg AT googlemail.com
Damien Miller [Mon, 20 Jun 2011 04:43:11 +0000 (14:43 +1000)]
- djm@cvs.openbsd.org 2011/06/17 21:47:35
[servconf.c]
factor out multi-choice option parsing into a parse_multistate label
and some support structures; ok dtucker@
Damien Miller [Mon, 20 Jun 2011 04:42:23 +0000 (14:42 +1000)]
- djm@cvs.openbsd.org 2011/06/17 21:44:31
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
projects / thirdparty / openssh-portable.git / log
