Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Commits

CVS: fuyu.mindrot.org: openssh

  

 
OpenSSH commits RSS feed   Index | Next | Previous | View Threaded


djm at fuyu

Jun 19, 2011, 9:42 PM

Post #1 of 12 (1133 views)
Permalink
CVS: fuyu.mindrot.org: openssh
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:42:23

Modified files:
. : ChangeLog log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c

Log message:
- djm [at] cvs 2011/06/17 21:44:31
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Diff commands:
cvs -nQq rdiff -u -r1.5903 -r1.5904 openssh/ChangeLog
cvs -nQq rdiff -u -r1.54 -r1.55 openssh/log.c
cvs -nQq rdiff -u -r1.21 -r1.22 openssh/log.h
cvs -nQq rdiff -u -r1.148 -r1.149 openssh/monitor.c
cvs -nQq rdiff -u -r1.22 -r1.23 openssh/monitor.h
cvs -nQq rdiff -u -r1.88 -r1.89 openssh/monitor_wrap.c
cvs -nQq rdiff -u -r1.29 -r1.30 openssh/monitor_wrap.h
cvs -nQq rdiff -u -r1.404 -r1.405 openssh/sshd.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5903;r2=1.5904&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/log.c?r1=1.54;r2=1.55&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/log.h?r1=1.21;r2=1.22&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/monitor.c?r1=1.148;r2=1.149&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/monitor.h?r1=1.22;r2=1.23&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/monitor_wrap.c?r1=1.88;r2=1.89&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/monitor_wrap.h?r1=1.29;r2=1.30&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshd.c?r1=1.404;r2=1.405&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 19, 2011, 9:22 PM

Post #2 of 12 (1109 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:22:54

Modified files:
. : ChangeLog ssh_config.5

Log message:
- djm [at] cvs 2011/06/04 00:10:26
[ssh_config.5]
explain IdentifyFile's semantics a little better, prompted by bz#1898
ok dtucker jmc

Diff commands:
cvs -nQq rdiff -u -r1.5901 -r1.5902 openssh/ChangeLog
cvs -nQq rdiff -u -r1.151 -r1.152 openssh/ssh_config.5

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5901;r2=1.5902&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh_config.5?r1=1.151;r2=1.152&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 19, 2011, 9:23 PM

Post #3 of 12 (1106 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:23:28

Modified files:
. : ChangeLog authfile.c

Log message:
- markus [at] cvs 2011/06/14 22:49:18
[authfile.c]
make sure key_parse_public/private_rsa1() no longer consumes its input
buffer. fixes ssh-add for passphrase-protected ssh1-keys;
noted by naddy@; ok djm@

Diff commands:
cvs -nQq rdiff -u -r1.5902 -r1.5903 openssh/ChangeLog
cvs -nQq rdiff -u -r1.95 -r1.96 openssh/authfile.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5902;r2=1.5903&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/authfile.c?r1=1.95;r2=1.96&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 19, 2011, 9:42 PM

Post #4 of 12 (1109 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:42:52

Modified files:
. : ChangeLog sftp-server.c

Log message:
- djm [at] cvs 2011/06/17 21:46:16
[sftp-server.c]
the protocol version should be unsigned; bz#1913 reported by mb AT
smartftp.com

Diff commands:
cvs -nQq rdiff -u -r1.5904 -r1.5905 openssh/ChangeLog
cvs -nQq rdiff -u -r1.110 -r1.111 openssh/sftp-server.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5904;r2=1.5905&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sftp-server.c?r1=1.110;r2=1.111&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 19, 2011, 9:43 PM

Post #5 of 12 (1103 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:43:11

Modified files:
. : ChangeLog servconf.c

Log message:
- djm [at] cvs 2011/06/17 21:47:35
[servconf.c]
factor out multi-choice option parsing into a parse_multistate label
and some support structures; ok dtucker@

Diff commands:
cvs -nQq rdiff -u -r1.5905 -r1.5906 openssh/ChangeLog
cvs -nQq rdiff -u -r1.216 -r1.217 openssh/servconf.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5905;r2=1.5906&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/servconf.c?r1=1.216;r2=1.217&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 19, 2011, 9:43 PM

Post #6 of 12 (1105 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/20 14:43:32

Modified files:
. : ChangeLog clientloop.c

Log message:
- djm [at] cvs 2011/06/17 21:57:25
[clientloop.c]
setproctitle for a mux master that has been gracefully stopped;
bz#1911 from Bert.Wesarg AT googlemail.com

Diff commands:
cvs -nQq rdiff -u -r1.5906 -r1.5907 openssh/ChangeLog
cvs -nQq rdiff -u -r1.223 -r1.224 openssh/clientloop.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5906;r2=1.5907&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/clientloop.c?r1=1.223;r2=1.224&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 22, 2011, 3:20 PM

Post #7 of 12 (1098 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/23 08:20:32

Modified files:
. : ChangeLog servconf.c

Log message:
- OpenBSD CVS Sync
- djm [at] cvs 2011/06/22 21:47:28
[servconf.c]
reuse the multistate option arrays to pretty-print options for "sshd -T"

Diff commands:
cvs -nQq rdiff -u -r1.5907 -r1.5908 openssh/ChangeLog
cvs -nQq rdiff -u -r1.217 -r1.218 openssh/servconf.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5907;r2=1.5908&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/servconf.c?r1=1.217;r2=1.218&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 22, 2011, 3:30 PM

Post #8 of 12 (1103 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/23 08:30:03

Modified files:
. : ChangeLog Makefile.in configure.ac servconf.c servconf.h sshd.c sshd_config.5
Added files:
. : sandbox-rlimit.c sandbox-systrace.c sandbox.h

Log message:
- djm [at] cvs 2011/06/22 21:57:01
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c]
[sandbox-systrace.c sandbox.h configure.ac Makefile.in]
introduce sandboxing of the pre-auth privsep child using systrace(4).

This introduces a new "UsePrivilegeSeparation=sandbox" option for
sshd_config that applies mandatory restrictions on the syscalls the
privsep child can perform. This prevents a compromised privsep child
from being used to attack other hosts (by opening sockets and proxying)
or probing local kernel attack surface.

The sandbox is implemented using systrace(4) in unsupervised "fast-path"
mode, where a list of permitted syscalls is supplied. Any syscall not
on the list results in SIGKILL being sent to the privsep child. Note
that this requires a kernel with the new SYSTR_POLICY_KILL option.

UsePrivilegeSeparation=sandbox will become the default in the future
so please start testing it now.

feedback dtucker@; ok markus@

Diff commands:
cvs -nQq rdiff -u -r1.5908 -r1.5909 openssh/ChangeLog
cvs -nQq rdiff -u -r1.322 -r1.323 openssh/Makefile.in
cvs -nQq rdiff -u -r1.476 -r1.477 openssh/configure.ac
cvs -nQq rdiff -u -r1.218 -r1.219 openssh/servconf.c
cvs -nQq rdiff -u -r1.90 -r1.91 openssh/servconf.h
cvs -nQq rdiff -u -r1.405 -r1.406 openssh/sshd.c
cvs -nQq rdiff -u -r1.140 -r1.141 openssh/sshd_config.5

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5908;r2=1.5909&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/Makefile.in?r1=1.322;r2=1.323&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/configure.ac?r1=1.476;r2=1.477&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/servconf.c?r1=1.218;r2=1.219&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/servconf.h?r1=1.90;r2=1.91&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshd.c?r1=1.405;r2=1.406&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshd_config.5?r1=1.140;r2=1.141&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 22, 2011, 3:31 PM

Post #9 of 12 (1094 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/23 08:31:58

Modified files:
. : ChangeLog channels.c channels.h clientloop.c clientloop.h mux.c ssh.c

Log message:
- djm [at] cvs 2011/06/22 22:08:42
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
hook up a channel confirm callback to warn the user then requested X11
forwarding was refused by the server; ok markus@

Diff commands:
cvs -nQq rdiff -u -r1.5909 -r1.5910 openssh/ChangeLog
cvs -nQq rdiff -u -r1.301 -r1.302 openssh/channels.c
cvs -nQq rdiff -u -r1.97 -r1.98 openssh/channels.h
cvs -nQq rdiff -u -r1.224 -r1.225 openssh/clientloop.c
cvs -nQq rdiff -u -r1.27 -r1.28 openssh/clientloop.h
cvs -nQq rdiff -u -r1.30 -r1.31 openssh/mux.c
cvs -nQq rdiff -u -r1.358 -r1.359 openssh/ssh.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5909;r2=1.5910&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/channels.c?r1=1.301;r2=1.302&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/channels.h?r1=1.97;r2=1.98&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/clientloop.c?r1=1.224;r2=1.225&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/clientloop.h?r1=1.27;r2=1.28&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/mux.c?r1=1.30;r2=1.31&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh.c?r1=1.358;r2=1.359&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 23, 2011, 2:03 AM

Post #10 of 12 (1089 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/23 19:03:18

Modified files:
. : ChangeLog
Added files:
. : sandbox-null.c

Log message:
- (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
setrlimit(2)

Diff commands:
cvs -nQq rdiff -u -r1.5910 -r1.5911 openssh/ChangeLog

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5910;r2=1.5911&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 23, 2011, 2:45 AM

Post #11 of 12 (1099 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/23 19:45:52

Modified files:
. : ChangeLog sandbox-null.c sandbox-rlimit.c sandbox-systrace.c sshd.c
Added files:
. : ssh-sandbox.h
Removed files:
. : sandbox.h

Log message:
- djm [at] cvs 2011/06/23 09:34:13
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
[sandbox-null.c]
rename sandbox.h => ssh-sandbox.h to make things easier for portable

Diff commands:
cvs -nQq rdiff -u -r1.5911 -r1.5912 openssh/ChangeLog
cvs -nQq rdiff -u -r1.1 -r1.2 openssh/sandbox-null.c
cvs -nQq rdiff -u -r1.1 -r1.2 openssh/sandbox-rlimit.c
cvs -nQq rdiff -u -r1.1 -r1.2 openssh/sandbox-systrace.c
cvs -nQq rdiff -u -r1.406 -r1.407 openssh/sshd.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5911;r2=1.5912&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sandbox-null.c?r1=1.1;r2=1.2&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sandbox-rlimit.c?r1=1.1;r2=1.2&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sandbox-systrace.c?r1=1.1;r2=1.2&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshd.c?r1=1.406;r2=1.407&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits


djm at fuyu

Jun 26, 2011, 2:18 PM

Post #12 of 12 (1080 views)
Permalink
CVS: fuyu.mindrot.org: openssh [In reply to]
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm [at] fuyu 11/06/27 07:18:21

Modified files:
. : ChangeLog Makefile.in configure.ac
Added files:
. : sandbox-darwin.c

Log message:
- (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
markus@

Diff commands:
cvs -nQq rdiff -u -r1.5912 -r1.5913 openssh/ChangeLog
cvs -nQq rdiff -u -r1.323 -r1.324 openssh/Makefile.in
cvs -nQq rdiff -u -r1.477 -r1.478 openssh/configure.ac

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5912;r2=1.5913&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/Makefile.in?r1=1.323;r2=1.324&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/configure.ac?r1=1.477;r2=1.478&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.
_______________________________________________
openssh-commits mailing list
openssh-commits [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-commits

OpenSSH commits RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.