+20080712
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2008/07/12 04:52:50
+ [channels.c]
+ unbreak; move clearing of cctx struct to before first use
+ reported by dkrause@
+
+20080711
+ - (djm) OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2008/07/07 00:31:41
+ [ttymodes.c]
+ we don't need arg after the debug3() was removed. from lint.
+ ok djm@
+ - stevesk@cvs.openbsd.org 2008/07/07 23:32:51
+ [key.c]
+ /*NOTREACHED*/ for lint warning:
+ warning: function key_equal falls off bottom without returning value
+ ok djm@
+ - markus@cvs.openbsd.org 2008/07/10 18:05:58
+ [channels.c]
+ missing bzero; from mickey; ok djm@
+ - markus@cvs.openbsd.org 2008/07/10 18:08:11
+ [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
+ sync v1 and v2 traffic accounting; add it to sshd, too;
+ ok djm@, dtucker@
+
+20080709
+ - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
+ - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
+ account check failure path. The vulnerable format buffer is supplied
+ from PAM and should not contain attacker-supplied data.
+ - (djm) [auth.c] Missing unistd.h for close()
+ - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x
+
+20080705
+ - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
+ passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
+ hotpop.com, w/ dtucker@
+ - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
+ Tru64. readv doesn't seem to be a comparable object there.
+ bz#1386, patch from dtucker@ ok me
+ - (djm) [Makefile.in] Pass though pass to conch for interop tests
+ - (djm) [configure.ac] unbreak: remove extra closing brace
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2008/07/04 23:08:25
+ [packet.c]
+ handle EINTR in packet_write_poll()l ok dtucker@
+ - djm@cvs.openbsd.org 2008/07/04 23:30:16
+ [auth1.c auth2.c]
+ Make protocol 1 MaxAuthTries logic match protocol 2's.
+ Do not treat the first protocol 2 authentication attempt as
+ a failure IFF it is for method "none".
+ Makes MaxAuthTries' user-visible behaviour identical for
+ protocol 1 vs 2.
+ ok dtucker@
+ - djm@cvs.openbsd.org 2008/07/05 05:16:01
+ [PROTOCOL]
+ grammar
+
20080704
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/07/02 13:30:34
- dtucker@cvs.openbsd.org 2008/07/04 03:47:02
[monitor.c]
Make debug a little clearer. ok djm@
+ - djm@cvs.openbsd.org 2008/06/30 08:07:34
+ [regress/key-options.sh]
+ shell portability: use "=" instead of "==" in test(1) expressions,
+ double-quote string with backslash escaped /
+ - djm@cvs.openbsd.org 2008/06/30 10:31:11
+ [regress/{putty-transfer,putty-kex,putty-ciphers}.sh]
+ remove "set -e" left over from debugging
+ - djm@cvs.openbsd.org 2008/06/30 10:43:03
+ [regress/conch-ciphers.sh]
+ explicitly disable conch options that could interfere with the test
- (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
returns EXDEV. Patch from Mike Garrison, ok djm@
+ - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
+ [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
+ [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
+ some platforms (HP nonstop) it is a distinct errno;
+ bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
20080702
- (dtucker) OpenBSD CVS Sync