dtucker [Sun, 29 May 2005 00:28:48 +0000 (00:28 +0000)]
20050529
- (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
argument to passwdexpired to be initialized to NULL. Suggested by tim@
While at it, initialize the other arguments to auth functions in case they
ever acquire this behaviour.
dtucker [Sat, 28 May 2005 10:28:39 +0000 (10:28 +0000)]
- (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as
per the autoconf man page. Configure should always define them but it
doesn't hurt to check.
dtucker [Fri, 27 May 2005 11:13:40 +0000 (11:13 +0000)]
- (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c
openbsd-compat/bsd-misc.c] Add support for Ultrix. No, that's not a typo.
Required changes from Bernhard Simon, integrated by me. ok djm@
djm [Thu, 26 May 2005 10:48:25 +0000 (10:48 +0000)]
- (djm) [configure.ac openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
Add strtonum(3) from OpenBSD libc, new code needs it.
Unfortunately Linux forces us to do a bizarre dance with compiler
options to get LLONG_MIN/MAX; Spotted by and ok dtucker@
dtucker [Thu, 26 May 2005 10:12:15 +0000 (10:12 +0000)]
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide
templates for _getshort and _getlong if missing to prevent compiler warnings
on Linux.
dtucker [Thu, 26 May 2005 09:59:48 +0000 (09:59 +0000)]
- (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:
warning: dereferencing type-punned pointer will break strict-aliasing rules
warning: passing arg 3 of `pam_get_item' from incompatible pointer type
The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
djm [Thu, 26 May 2005 02:23:44 +0000 (02:23 +0000)]
- avsm@cvs.openbsd.org 2005/05/24 17:32:44
[atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
[ssh-keyscan.c sshconnect.c]
Switch atomicio to use a simpler interface; it now returns a size_t
(containing number of bytes read/written), and indicates error by
returning 0. EOF is signalled by errno==EPIPE.
Typical use now becomes:
if (atomicio(read, ..., len) != len)
err(1,"read");
djm [Thu, 26 May 2005 02:16:18 +0000 (02:16 +0000)]
- avsm@cvs.openbsd.org 2005/05/23 22:44:01
[moduli.c ssh-keygen.c]
- removes signed/unsigned comparisons in moduli generation
- use strtonum instead of atoi where its easier
- check some strlcpy overflow and fatal instead of truncate
djm [Thu, 26 May 2005 02:05:05 +0000 (02:05 +0000)]
- djm@cvs.openbsd.org 2005/04/21 11:47:19
[ssh.c]
don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@
djm [Thu, 26 May 2005 02:04:02 +0000 (02:04 +0000)]
- djm@cvs.openbsd.org 2005/04/21 06:17:50
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
[sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
variable, so don't say that we do (bz #623); ok deraadt@
djm [Thu, 26 May 2005 02:02:14 +0000 (02:02 +0000)]
- djm@cvs.openbsd.org 2005/04/09 04:32:54
[misc.c misc.h tildexpand.c Makefile.in]
replace tilde_expand_filename with a simpler implementation, ahead of
more whacking; ok deraadt@
djm [Thu, 26 May 2005 02:01:22 +0000 (02:01 +0000)]
- dtucker@cvs.openbsd.org 2005/04/06 12:26:06
[ssh.c]
Fix debug call for port forwards; patch from pete at seebeyond.com,
ok djm@ (ID sync only - change already in portable)
dtucker [Wed, 25 May 2005 09:42:10 +0000 (09:42 +0000)]
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory
allocation when retrieving core Windows environment. Add CYGWIN variable
to propagated variables. Patch from vinschen at redhat.com, ok djm@
dtucker [Wed, 25 May 2005 06:18:09 +0000 (06:18 +0000)]
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
USE_POSIX_THREADS will now generate an error so we don't silently change
behaviour. ok djm@
dtucker [Tue, 3 May 2005 09:05:32 +0000 (09:05 +0000)]
- (dtucker) [canohost.c] normalise socket addresses returned by
get_remote_hostname(). This means that IPv4 addresses in log messages
on IPv6 enabled machines will no longer be prefixed by "::ffff:" and
AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style
addresses only for 4-in-6 mapped connections, regardless of whether
or not the machine is IPv6 enabled. ok djm@
- (dtucker) [regress/multiplex.sh] Put control socket in /tmp so running
"make tests" works even if you'r building on a filesystem that doesn't
support sockets. From deengert at anl.gov, ok djm@
- (dtucker) [regress/multiplex.sh] Use "kill -0 $pid" to check for the
existence of a process since it's more portable. Found by jbasney at
ncsa.uiuc.edu; ok tim@
- (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
UseLogin is set as PAM is not used to establish credentials in that
case. Found by Michael Selvesteen, ok djm@
dtucker [Thu, 31 Mar 2005 11:39:25 +0000 (11:39 +0000)]
- (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
handling of password expiry messages returned by AIX's authentication
routines, originally reported by robvdwal at sara.nl.
dtucker [Thu, 31 Mar 2005 11:31:10 +0000 (11:31 +0000)]
- jmc@cvs.openbsd.org 2005/03/16 11:10:38
[ssh_config.5]
get the syntax right for {Local,Remote}Forward;
based on a diff from markus;
problem report from ponraj;
ok dtucker@ markus@ deraadt@
dtucker [Tue, 29 Mar 2005 13:24:12 +0000 (13:24 +0000)]
- (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're
interested in which is much faster in large (eg LDAP or NIS) environments.
Patch from dleonard at vintela.com.
dtucker [Sun, 20 Mar 2005 22:58:07 +0000 (22:58 +0000)]
- (dtucker) [configure.ac] Make configure error out if the user specifies
--with-libedit but the required libs can't be found, rather than silently
ignoring and continuing. ok tim@
dtucker [Sun, 20 Mar 2005 22:55:17 +0000 (22:55 +0000)]
- (dtucker) [configure.ac] Prevent configure --with-zlib from adding -Iyes
and -Lyes to CFLAGS and LIBS. Pointed out by peter at slagheap.net,
with & ok tim@
dtucker [Mon, 14 Mar 2005 12:17:27 +0000 (12:17 +0000)]
- dtucker@cvs.openbsd.org 2005/03/14 11:44:42
[auth.c]
Populate host for log message for logins denied by AllowUsers and
DenyUsers (bz #999); ok markus@
dtucker [Mon, 14 Mar 2005 12:02:46 +0000 (12:02 +0000)]
20050312
- (dtucker) [regress/test-exec.sh] DEBUG can cause problems where debug
output ends up in the client's output, causing regress failures. Found
by Corinna Vinschen.
(got 4.0 branch and HEAD slightly askew, this is to resync)
dtucker [Mon, 14 Mar 2005 11:58:40 +0000 (11:58 +0000)]
- dtucker@cvs.openbsd.org 2005/03/10 10:15:02
[readconf.c]
Check listen addresses for null, prevents xfree from dying during
ClearAllForwardings (bz #996). From Craig Leres, ok markus@
dtucker [Sun, 13 Mar 2005 10:20:18 +0000 (10:20 +0000)]
- (dtucker) [contrib/cygwin/ssh-host-config] Makes the query for the
localized name of the local administrators group more reliable. From
vinschen at redhat.com.