djm [Thu, 26 May 2005 02:02:14 +0000 (02:02 +0000)]
- djm@cvs.openbsd.org 2005/04/09 04:32:54
[misc.c misc.h tildexpand.c Makefile.in]
replace tilde_expand_filename with a simpler implementation, ahead of
more whacking; ok deraadt@
djm [Thu, 26 May 2005 02:01:22 +0000 (02:01 +0000)]
- dtucker@cvs.openbsd.org 2005/04/06 12:26:06
[ssh.c]
Fix debug call for port forwards; patch from pete at seebeyond.com,
ok djm@ (ID sync only - change already in portable)
dtucker [Wed, 25 May 2005 09:42:10 +0000 (09:42 +0000)]
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory
allocation when retrieving core Windows environment. Add CYGWIN variable
to propagated variables. Patch from vinschen at redhat.com, ok djm@
dtucker [Wed, 25 May 2005 06:18:09 +0000 (06:18 +0000)]
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
USE_POSIX_THREADS will now generate an error so we don't silently change
behaviour. ok djm@
dtucker [Tue, 3 May 2005 09:05:32 +0000 (09:05 +0000)]
- (dtucker) [canohost.c] normalise socket addresses returned by
get_remote_hostname(). This means that IPv4 addresses in log messages
on IPv6 enabled machines will no longer be prefixed by "::ffff:" and
AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style
addresses only for 4-in-6 mapped connections, regardless of whether
or not the machine is IPv6 enabled. ok djm@
- (dtucker) [regress/multiplex.sh] Put control socket in /tmp so running
"make tests" works even if you'r building on a filesystem that doesn't
support sockets. From deengert at anl.gov, ok djm@
- (dtucker) [regress/multiplex.sh] Use "kill -0 $pid" to check for the
existence of a process since it's more portable. Found by jbasney at
ncsa.uiuc.edu; ok tim@
- (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
UseLogin is set as PAM is not used to establish credentials in that
case. Found by Michael Selvesteen, ok djm@
dtucker [Thu, 31 Mar 2005 11:39:25 +0000 (11:39 +0000)]
- (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
handling of password expiry messages returned by AIX's authentication
routines, originally reported by robvdwal at sara.nl.
dtucker [Thu, 31 Mar 2005 11:31:10 +0000 (11:31 +0000)]
- jmc@cvs.openbsd.org 2005/03/16 11:10:38
[ssh_config.5]
get the syntax right for {Local,Remote}Forward;
based on a diff from markus;
problem report from ponraj;
ok dtucker@ markus@ deraadt@
dtucker [Tue, 29 Mar 2005 13:24:12 +0000 (13:24 +0000)]
- (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're
interested in which is much faster in large (eg LDAP or NIS) environments.
Patch from dleonard at vintela.com.
dtucker [Sun, 20 Mar 2005 22:58:07 +0000 (22:58 +0000)]
- (dtucker) [configure.ac] Make configure error out if the user specifies
--with-libedit but the required libs can't be found, rather than silently
ignoring and continuing. ok tim@
dtucker [Sun, 20 Mar 2005 22:55:17 +0000 (22:55 +0000)]
- (dtucker) [configure.ac] Prevent configure --with-zlib from adding -Iyes
and -Lyes to CFLAGS and LIBS. Pointed out by peter at slagheap.net,
with & ok tim@
dtucker [Mon, 14 Mar 2005 12:17:27 +0000 (12:17 +0000)]
- dtucker@cvs.openbsd.org 2005/03/14 11:44:42
[auth.c]
Populate host for log message for logins denied by AllowUsers and
DenyUsers (bz #999); ok markus@
dtucker [Mon, 14 Mar 2005 12:02:46 +0000 (12:02 +0000)]
20050312
- (dtucker) [regress/test-exec.sh] DEBUG can cause problems where debug
output ends up in the client's output, causing regress failures. Found
by Corinna Vinschen.
(got 4.0 branch and HEAD slightly askew, this is to resync)
dtucker [Mon, 14 Mar 2005 11:58:40 +0000 (11:58 +0000)]
- dtucker@cvs.openbsd.org 2005/03/10 10:15:02
[readconf.c]
Check listen addresses for null, prevents xfree from dying during
ClearAllForwardings (bz #996). From Craig Leres, ok markus@
dtucker [Sun, 13 Mar 2005 10:20:18 +0000 (10:20 +0000)]
- (dtucker) [contrib/cygwin/ssh-host-config] Makes the query for the
localized name of the local administrators group more reliable. From
vinschen at redhat.com.
dtucker [Mon, 7 Mar 2005 07:33:02 +0000 (07:33 +0000)]
- dtucker@cvs.openbsd.org 2005/02/27 11:33:30
[multiplex.sh test-exec.sh sshd-log-wrapper.sh]
Add optional capability to log output from regress commands; ok markus@
Use with: make TEST_SSH_LOGFILE=/tmp/regress.log
djm [Wed, 2 Mar 2005 01:05:06 +0000 (01:05 +0000)]
- jmc@cvs.openbsd.org 2005/03/01 18:15:56
[ssh-keygen.1]
sort options (no attempt made at synopsis clean up though);
spelling (occurance -> occurrence);
use prompt before examples;
grammar;
djm [Tue, 1 Mar 2005 10:48:35 +0000 (10:48 +0000)]
- djm@cvs.openbsd.org 2005/03/01 10:42:49
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
djm [Tue, 1 Mar 2005 10:47:37 +0000 (10:47 +0000)]
- djm@cvs.openbsd.org 2005/03/01 10:40:27
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@