| Age | Commit message (Collapse) | Author |
|---|
|
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
|
|
[sftp.c]
"abormally" is a perfectly cromulent word, but "abnormally" is better
|
|
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
[sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
[uidswap.c]
change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
to xrealloc(p, new_nmemb, new_itemsize).
realloc is particularly prone to integer overflows because it is
almost always allocating "n * size" bytes, so this is a far safer
API; ok deraadt@
|
|
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
|
|
[ttymodes.c]
spacing
|
|
[channels.c fatal.c kex.c packet.c serverloop.c]
spacing
|
|
[canohost.c match.c ssh.c sshconnect.c]
be strict with tolower() casting
|
|
[dns.c]
cast xstrdup to propert u_char *
|
|
[channels.c]
x11_fake_data is only ever used as u_char *
|
|
[monitor.c]
spacing
|
|
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
|
|
[auth1.c auth2.c sshd.c]
sprinkle some ARGSUSED for table driven functions (which sometimes
must ignore their args)
|
|
|
|
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
|
|
[ssh-rsa.c]
in a switch (), break after return or goto is stupid
|
|
[key.c]
djm did a typo
|
|
[auth.c key.c misc.c packet.c ssh-add.c]
in a switch (), break after return or goto is stupid
|
|
[key.c]
(really) last of the Coverity diffs: avoid possible NULL deref in
key_free. via elad AT netbsd.org; markus@ ok
|
|
[monitor.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
that should be all of them now
|
|
[authfile.c]
whoever thought that break after return was a good idea needs to
get their head examimed
|
|
[ssh.c]
spacing
|
|
[ssh-keyscan.c]
please lint
|
|
[clientloop.c progressmeter.c serverloop.c sshd.c]
ARGSUSED for signal handlers
|
|
[kex.c kex.h monitor.c myproposal.h session.c]
spacing
|
|
[auth1.c authfd.c channels.c]
spacing
|
|
[servconf.c]
Correct strdelim null test; ok djm@
|
|
[sshconnect2.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
|
|
[dh.c readconf.c servconf.c]
potential NULL pointer dereferences detected by Coverity
via elad AT netbsd.org; ok deraadt@
|
|
[hostfile.c]
FILE* leak detected by Coverity via elad AT netbsd.org;
ok deraadt@
|
|
[sftp.c]
more memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
|
|
[serverloop.c]
memory leaks detected by Coverity via elad AT netbsd.org;
ok deraadt@ dtucker@
|
|
[authfd.c]
unreachanble statement, found by lint
|
|
[authfd.c]
another unreachable found by lint
|
|
[scp.c]
Try to display errormessage even if remout == -1
ok djm@, markus@
|
|
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
[ssh-keygen.c]
if no key file are given when printing the DNS host record, use the
host key file(s) as default. ok djm@
|
|
remove IV support from the CRC attack detector, OpenSSH has never used
it - it only applied to IDEA-CFB, which we don't support.
prompted by NetBSD Coverity report via elad AT netbsd.org;
feedback markus@ "nuke it" deraadt@
|
|
[ssh.1]
simplify SSHFP example; ok jmc@
|
|
[dns.c]
cast xstrdup to propert u_char *
|
|
[session.h]
annoying spacing fixes getting in the way of real diffs
|
|
[monitor_wrap.h sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
|
|
[gss-serv.c]
last lot of GSSAPI related leaks detected by Coverity via
elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
|
|
[gss-genr.c]
more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
|
|
[auth2-gss.c]
GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
|
|
[kex.h myproposal.h]
spacing
|
|
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
|
|
[ssh.1]
Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
that OpenSSH supports
|
|
a LLONG rather than a long. Fixes scp'ing of large files on platforms
with missing/broken snprintfs. Patch from e.borovac at bom.gov.au.
|
|
elad AT NetBSD.org
|
|
OpenSSL; ok tim
|
|
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
|
