openssh - openssh

	Commit message (Collapse)	Author	Age	Files	Lines
*	- deraadt@cvs.openbsd.org 2013/11/20 20:54:10	Damien Miller	2013-11-21	6	-13/+16
\| \| \| \| \| \|	[canohost.c clientloop.c match.c readconf.c sftp.c] unsigned casts for ctype macros where neccessary ok guenther millert markus
*	- deraadt@cvs.openbsd.org 2013/11/20 20:53:10	Damien Miller	2013-11-21	2	-3/+7
\| \| \| \| \| \|	[scp.c] unsigned casts for ctype macros where neccessary ok guenther millert markus
*	- djm@cvs.openbsd.org 2013/11/20 02:19:01	Damien Miller	2013-11-21	2	-3/+8
\| \| \| \| \| \| \|	[sshd.c] delay closure of in/out fds until after "Bad protocol version identification..." message, as get_remote_ipaddr/get_remote_port require them open.
*	- markus@cvs.openbsd.org 2013/11/13 13:48:20	Damien Miller	2013-11-21	2	-2/+5
\| \| \| \| \|	[ssh-pkcs11.c] add missing braces found by pedro
*	- dtucker@cvs.openbsd.org 2013/11/08 11:15:19	Damien Miller	2013-11-21	8	-7/+20
\| \| \| \| \|	[bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] [uidswap.c] Include stdlib.h for free() as per the man page.
*	- (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by	Darren Tucker	2013-11-10	2	-3/+11
\| \| \| \|	querying the ones that are compiled in.
*	- (dtucker) [key.c] Check for the correct defines for NID_secp521r1.	Darren Tucker	2013-11-10	2	-2/+3
\|
*	- (dtucker) [configure.ac] Add missing "test".	Darren Tucker	2013-11-09	2	-3/+4
\|
*	- (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.	Darren Tucker	2013-11-09	2	-4/+5
\|
*	- (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of	Darren Tucker	2013-11-09	5	-21/+133
\| \| \| \| \| \|	NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the latter actually works before using it. Fedora (at least) has NID_secp521r1 that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
*	- dtucker@cvs.openbsd.org 2013/11/09 05:41:34	Darren Tucker	2013-11-09	3	-5/+32
\| \| \| \| \| \|	[regress/test-exec.sh regress/rekey.sh] Use smaller test data files to speed up tests. Grow test datafiles where necessary for a specific test.
*	- (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:	Darren Tucker	2013-11-08	2	-51/+6
\| \| \| \| \|	rather than testing and generating each key, call ssh-keygen -A. Patch from vinschen at redhat.com.
*	- (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform	Darren Tucker	2013-11-08	3	-4/+13
\| \| \| \| \|	and pass in TEST_ENV. Unknown options cause stderr to get polluted and the stderr-data test to fail.
*	- (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile	Darren Tucker	2013-11-08	2	-2/+7
\| \| \| \|	warnings.
*	- (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.	Darren Tucker	2013-11-08	2	-1/+5
\|
*	- (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have	Darren Tucker	2013-11-08	2	-0/+4
\| \| \| \|	EVP_sha256.
*	- (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of	Darren Tucker	2013-11-08	2	-3/+10
\| \| \| \| \|	arc4random_stir for platforms that have arc4random but don't have arc4random_stir (right now this is only OpenBSD -current).
*	- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]	Damien Miller	2013-11-08	5	-6/+8
\| \| \| \|	[contrib/suse/openssh.spec] Update version numbers following release.
*	- djm@cvs.openbsd.org 2013/11/08 01:38:11	Damien Miller	2013-11-08	2	-2/+5
\| \| \| \| \|	[version.h] openssh-6.4
*	- djm@cvs.openbsd.org 2013/11/08 00:39:15	Damien Miller	2013-11-08	14	-33/+39
\| \| \| \| \| \| \|	[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] [sftp-client.c sftp-glob.c] use calloc for all structure allocations; from markus@
*	- dtucker@cvs.openbsd.org 2013/11/07 11:58:27	Damien Miller	2013-11-08	9	-24/+32
\| \| \| \| \| \|	[cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] Output the effective values of Ciphers, MACs and KexAlgorithms when the default has not been overridden. ok markus@
*	- dtucker@cvs.openbsd.org 2013/11/08 01:06:14	Darren Tucker	2013-11-08	2	-3/+9
\| \| \| \| \|	[regress/rekey.sh] Rekey less frequently during tests to speed them up
*	- (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment	Darren Tucker	2013-11-07	3	-10/+8
\| \| \| \| \|	variable. It's no longer used now that we get the supported MACs from ssh -Q.
*	- dtucker@cvs.openbsd.org 2013/11/07 04:26:56	Darren Tucker	2013-11-07	2	-2/+5
\| \| \| \| \|	[regress/kextype.sh] trailing space
*	- dtucker@cvs.openbsd.org 2013/11/07 03:55:41	Darren Tucker	2013-11-07	2	-13/+5
\| \| \| \| \|	[regress/kextype.sh] Use ssh -Q to get kex types instead of a static list.
*	- dtucker@cvs.openbsd.org 2013/11/07 02:48:38	Darren Tucker	2013-11-07	4	-43/+11
\| \| \| \| \|	[regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] Use ssh -Q instead of hardcoding lists of ciphers or MACs.
*	- dtucker@cvs.openbsd.org 2013/11/07 01:12:51	Darren Tucker	2013-11-07	2	-48/+29
\| \| \| \| \|	[regress/rekey.sh] Factor out the data transfer rekey tests
*	- dtucker@cvs.openbsd.org 2013/11/07 00:12:05	Darren Tucker	2013-11-07	2	-9/+59
\| \| \| \| \| \|	[regress/rekey.sh] Test rekeying for every Cipher, MAC and KEX, plus test every KEX with the GCM ciphers.
*	- dtucker@cvs.openbsd.org 2013/11/04 12:27:42	Darren Tucker	2013-11-07	2	-3/+13
\| \| \| \| \|	[regress/rekey.sh] Test rekeying with all KexAlgorithms.
*	- markus@cvs.openbsd.org 2013/11/02 22:39:53	Darren Tucker	2013-11-07	2	-1/+5
\| \| \| \| \|	[regress/kextype.sh] add curve25519-sha256@libssh.org
*	- djm@cvs.openbsd.org 2013/10/09 23:44:14	Darren Tucker	2013-11-07	2	-1/+5
\| \| \| \| \|	[regress/Makefile] (ID sync only) regression test for sftp request white/blacklisting and readonly mode.
*	- djm@cvs.openbsd.org 2013/11/06 23:05:59	Damien Miller	2013-11-07	2	-1/+5
\| \| \| \| \| \|	[ssh-pkcs11.c] from portable: s/true/true_val/ to avoid name collisions on dump platforms RCSID sync only
*	- markus@cvs.openbsd.org 2013/11/06 16:52:11	Damien Miller	2013-11-07	2	-2/+5
\| \| \| \| \|	[monitor_wrap.c] fix rekeying for AES-GCM modes; ok deraadt
*	- markus@cvs.openbsd.org 2013/11/04 11:51:16	Damien Miller	2013-11-07	2	-1/+6
\| \| \| \| \| \|	[monitor.c] fix rekeying for KEX_C25519_SHA256; noted by dtucker@ RCSID sync only; I thought this was a merge botch and fixed it already
*	- (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms	Damien Miller	2013-11-07	3	-3/+15
\| \| \| \|	that lack it but have arc4random_uniform()
*	- (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these	Damien Miller	2013-11-07	3	-4/+3
\|
*	- (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff	Damien Miller	2013-11-07	5	-5/+10
\|
*	- (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)	Damien Miller	2013-11-07	2	-4/+13
\| \| \| \|	that got lost in recent merge.
*	- (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from	Damien Miller	2013-11-04	4	-0/+380
\| \| \| \|	KEX/curve25519 change
*	- djm@cvs.openbsd.org 2013/11/03 10:37:19	Damien Miller	2013-11-03	2	-3/+7
\| \| \| \| \| \|	[roaming_common.c] fix a couple of function definitions foo() -> foo(void) (-Wold-style-definition)
*	- markus@cvs.openbsd.org 2013/11/02 22:39:19	Damien Miller	2013-11-03	3	-4/+9
\| \| \| \| \|	[ssh_config.5 sshd_config.5] the default kex is now curve25519-sha256@libssh.org
*	- markus@cvs.openbsd.org 2013/11/02 22:34:01	Damien Miller	2013-11-03	2	-5/+4
\| \| \| \| \|	[auth-options.c] no need to include monitor_wrap.h and ssh-gss.h
*	- markus@cvs.openbsd.org 2013/11/02 22:24:24	Damien Miller	2013-11-03	3	-8/+5
\| \| \| \| \|	[kexdhs.c kexecdhs.c] no need to include ssh-gss.h
*	- markus@cvs.openbsd.org 2013/11/02 22:10:15	Damien Miller	2013-11-03	3	-5/+5
\| \| \| \| \|	[kexdhs.c kexecdhs.c] no need to include monitor_wrap.h
*	- markus@cvs.openbsd.org 2013/11/02 21:59:15	Damien Miller	2013-11-03	9	-8/+299
\| \| \| \| \| \|	[kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] use curve25519 for default key exchange (curve25519-sha256@libssh.org); initial patch from Aris Adamantiadis; ok djm@
*	- markus@cvs.openbsd.org 2013/11/02 20:03:54	Damien Miller	2013-11-03	2	-40/+108
\| \| \| \| \| \|	[ssh-pkcs11.c] support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; fixes bz#1908; based on patch from Laurent Barbe; ok djm
*	- (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t	Darren Tucker	2013-11-03	3	-3/+18
\| \| \| \|	for platforms that don't have them.
*	- (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd	Darren Tucker	2013-11-03	2	-1/+7
\| \| \| \|	vsnprintf. From eric at openbsd via chl@.
*	- (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.	Darren Tucker	2013-11-03	2	-0/+6
\| \| \| \| \|	From OpenSMTPD where it prevents "implicit declaration" warnings (it's a no-op in OpenSSH). From chl at openbsd.
*	- jmc@cvs.openbsd.org 2013/10/29 18:49:32	Damien Miller	2013-10-30	2	-2/+5
\| \| \| \| \|	[sshd_config.5] pty(4), not pty(7);