1. 05 Aug, 2006 9 commits
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 · d7834353
      Damien Miller authored
           [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
           [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
           [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
           [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
           [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
           [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
           [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
           [serverloop.c session.c session.h sftp-client.c sftp-common.c]
           [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
           [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
           [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
           [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
           almost entirely get rid of the culture of ".h files that include .h files"
           ok djm, sort of ok stevesk
           makes the pain stop in one easy step
           NB. portable commit contains everything *except* removing includes.h, as
           that will take a fair bit more work as we move headers that are required
           for portability workarounds to defines.h. (also, this step wasn't "easy")
      d7834353
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/08/01 23:36:12 · 4dec5d75
      Damien Miller authored
           [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
           clean extra spaces
      4dec5d75
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/08/01 23:22:48 · a7a73ee3
      Damien Miller authored
           [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
           [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
           [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
           [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
           [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
           [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
           [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
           [uuencode.h xmalloc.c]
           move #include <stdio.h> out of includes.h
      a7a73ee3
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/08/01 11:34:36 · da828395
      Damien Miller authored
           [sshconnect.c]
           Allow fallback to known_hosts entries without port qualifiers for
           non-standard ports too, so that all existing known_hosts entries will be
           recognised.  Requested by, feedback and ok markus@
      da828395
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/30 20:15:19 · 1a5b4041
      Damien Miller authored
           [atomicio.h]
           order includes to KNF
      1a5b4041
    • Damien Miller's avatar
      - jmc@cvs.openbsd.org 2006/07/27 08:00:50 · 858bb7dc
      Damien Miller authored
           [ssh_config.5]
           avoid confusing wording in HashKnownHosts:
           originally spotted by alan amesbury;
           ok deraadt
      858bb7dc
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/26 13:57:17 · e7a1e5cf
      Damien Miller authored
           [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
           [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
           [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
           [sshconnect1.c sshd.c xmalloc.c]
           move #include <stdlib.h> out of includes.h
      e7a1e5cf
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/26 02:35:17 · 8dbffe79
      Damien Miller authored
           [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
           [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
           [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
           [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
           [uidswap.c xmalloc.c]
           move #include <sys/param.h> out of includes.h
      8dbffe79
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/25 02:59:21 · 9aec9194
      Damien Miller authored
           [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
           [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
           move #include <sys/time.h> out of includes.h
      9aec9194
  2. 04 Aug, 2006 3 commits
  3. 02 Aug, 2006 1 commit
  4. 25 Jul, 2006 1 commit
  5. 24 Jul, 2006 26 commits
    • Darren Tucker's avatar
      28e9ad1b
    • Darren Tucker's avatar
      - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including · 22c58b02
      Darren Tucker authored
         system headers before defines.h will cause conflicting definitions.
      22c58b02
    • Damien Miller's avatar
      - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh] · 7b1877c8
      Damien Miller authored
         [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh]
         Sync regress tests to -current; include dtucker@'s new cfgmatch and
         forcecommand tests. Add cipher-speed.sh test (not linked in yet)
      7b1877c8
    • Damien Miller's avatar
      - (djm) [Makefile.in] · 24f2a42e
      Damien Miller authored
         Remove generated openbsd-compat/regress/Makefile in distclean target
      24f2a42e
    • Damien Miller's avatar
      - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c] · 62da44f0
      Damien Miller authored
         [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
         [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
         [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
         [openbsd-compat/rresvport.c]
         These look to need string.h and/or unistd.h (based on a grep for function
         names)
      62da44f0
    • Damien Miller's avatar
      - (djm) [session.c] · ad5ecbf0
      Damien Miller authored
         fix compile error with -Werror -Wall: 'path' is only used in
         do_setup_env() if HAVE_LOGIN_CAP is not defined
      ad5ecbf0
    • Damien Miller's avatar
      - (djm) [uuencode.c] · 874bc488
      Damien Miller authored
         Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on
         some platforms
      874bc488
    • Damien Miller's avatar
      - (djm) [openbsd-compat/glob.c] · 8b373baf
      Damien Miller authored
         Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles
         on OpenBSD (or other platforms with a decent glob implementation) with
         -Werror
      8b373baf
    • Damien Miller's avatar
      - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] · b8fe89c4
      Damien Miller authored
         [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
         [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
         [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
         [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
         [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
         [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
         [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
         [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
         [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
         make the portable tree compile again - sprinkle unistd.h and string.h
         back in. Don't redefine __unused, as it turned out to be used in
         headers on Linux, and replace its use in auth-pam.c with ARGSUSED
      b8fe89c4
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/23 01:11:05 · d8337c5e
      Damien Miller authored
           [auth.h dispatch.c kex.h sftp-client.c]
           #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>
           move
      d8337c5e
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 · e3476ed0
      Damien Miller authored
           [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
           [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
           [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
           [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
           [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
           [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
           [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
           move #include <string.h> out of includes.h
      e3476ed0
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/22 19:08:54 · 5598b4f1
      Damien Miller authored
           [includes.h moduli.c progressmeter.c scp.c sftp-common.c]
           [sftp-server.c ssh-agent.c sshlogin.c]
           move #include <time.h> out of includes.h
      5598b4f1
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/21 21:26:55 · ee0d0db7
      Damien Miller authored
           [progressmeter.c]
           ARGSUSED for signal handler
      ee0d0db7
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/21 21:13:30 · 8473dd85
      Damien Miller authored
           [channels.c]
           more ARGSUSED (lint) for dispatch table-driven functions; ok djm@
      8473dd85
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/21 12:43:36 · a765cf4b
      Damien Miller authored
           [channels.c channels.h servconf.c servconf.h sshd_config.5]
           Make PermitOpen take a list of permitted ports and act more like most
           other keywords (ie the first match is the effective setting). This
           also makes it easier to override a previously set PermitOpen. ok djm@
      a765cf4b
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/20 15:26:15 · 1cdde6f5
      Damien Miller authored
           [auth1.c serverloop.c session.c sshconnect2.c]
           missed some needed #include <unistd.h> when KERBEROS5=no; issue from
           massimo@cedoc.mo.it
      1cdde6f5
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/19 13:07:10 · e275443f
      Damien Miller authored
           [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
           Add ForceCommand keyword to sshd_config, equivalent to the "command="
           key option, man page entry and example in sshd_config.
           Feedback & ok djm@, man page corrections & ok jmc@
      e275443f
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/19 08:56:41 · d1de9950
      Damien Miller authored
           [servconf.c sshd_config.5]
           Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to
           Match.  ok djm@
      d1de9950
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/18 22:27:55 · f757d22e
      Damien Miller authored
           [dh.c]
           remove unneeded includes; ok djm@
      f757d22e
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/18 08:22:23 · 8c23403b
      Damien Miller authored
           [sshd_config.5]
           Clarify description of Match, with minor correction from jmc@
      8c23403b
    • Damien Miller's avatar
      - jmc@cvs.openbsd.org 2006/07/18 08:03:09 · 393821ad
      Damien Miller authored
           [ssh-agent.1 sshd_config.5]
           mark up angle brackets;
      393821ad
    • Damien Miller's avatar
      - jmc@cvs.openbsd.org 2006/07/18 07:56:28 · 22d47abb
      Damien Miller authored
           [scp.1]
           replace DIAGNOSTICS with .Ex;
      22d47abb
    • Damien Miller's avatar
      - jmc@cvs.openbsd.org 2006/07/18 07:50:40 · 65bc2c40
      Damien Miller authored
           [sshd_config.5]
           tweak; ok dtucker
      65bc2c40
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/17 12:06:00 · 9b439df1
      Damien Miller authored
           [channels.c channels.h servconf.c sshd_config.5]
           Add PermitOpen directive to sshd_config which is equivalent to the
           "permitopen" key option.  Allows server admin to allow TCP port
           forwarding only two specific host/port pairs.  Useful when combined
           with Match.
           If permitopen is used in both sshd_config and a key option, both
           must allow a given connection before it will be permitted.
           Note that users can still use external forwarders such as netcat,
           so to be those must be controlled too for the limits to be effective.
           Feedback & ok djm@, man page corrections & ok jmc@.
      9b439df1
    • Damien Miller's avatar
      - dtucker@cvs.openbsd.org 2006/07/17 12:02:24 · 98299261
      Damien Miller authored
           [auth-options.c]
           Use '\0' rather than 0 to terminates strings; ok djm@
      98299261
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/17 01:31:10 · e6b3b610
      Damien Miller authored
           [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
           [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
           [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
           [sshconnect.c sshlogin.c sshpty.c uidswap.c]
           move #include <unistd.h> out of includes.h
      e6b3b610