03bab2861e
- (bal) Reverse logic, use __func__ first since it's C99
2002-06-07 03:19:35 +00:00
db41d2390c
- (bal) ssh-keysign should build and install correctly now. Phase two
...
would be to clean out any dead wood and disable ssh setuid on install.
2002-06-07 03:11:38 +00:00
b85ab30a6e
- (bal) Refixed auth2.c. It was never fully commited while spliting out
...
authentication to different files.
2002-06-07 02:05:25 +00:00
4eeccc79f6
- (bal) monitor_mm.c typos.
2002-06-07 01:57:25 +00:00
88d26ed408
- (bal) Forgot to add msg.c Makefile.in.
2002-06-07 01:53:59 +00:00
a93f12f396
- (bal) Missed msg.[ch] in merge. Required for ssh-keysign.
2002-06-07 01:51:06 +00:00
937df1d630
- markus@cvs.openbsd.org 2002/06/06 17:30:11
...
[sftp-server.c]
use get_int() macro (hide iqueue)
2002-06-06 21:58:35 +00:00
2c14047ada
- markus@cvs.openbsd.org 2002/06/06 17:12:44
...
[sftp-server.c]
discard remaining bytes of current request; ok provos@
2002-06-06 21:57:54 +00:00
d9d6ab6372
- stevesk@cvs.openbsd.org 2002/06/06 01:09:41
...
[monitor.h]
no trailing comma in enum; china@thewrittenword.com
2002-06-06 21:57:01 +00:00
61d328acf9
- markus@cvs.openbsd.org 2002/06/05 21:55:44
...
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
ssh-add -t life, Set lifetime (in seconds) when adding identities;
ok provos@
2002-06-06 21:54:57 +00:00
163f3b8f6b
- markus@cvs.openbsd.org 2002/06/05 20:56:39
...
[ssh-add.c]
add -x/-X to usage
2002-06-06 21:53:11 +00:00
2f71704b42
- markus@cvs.openbsd.org 2002/06/05 19:57:12
...
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
ssh-add -x for lock and -X for unlocking the agent.
todo: encrypt private keys with locked...
2002-06-06 21:52:03 +00:00
21d1ed8303
- markus@cvs.openbsd.org 2002/06/05 16:48:54
...
[ssh-agent.c]
copy current request into an extra buffer and just flush this
request on errors, ok provos@
2002-06-06 21:48:57 +00:00
b7788f3ebe
- markus@cvs.openbsd.org 2002/06/05 16:08:07
...
[ssh-agent.1 ssh-agent.c]
'-a bind_address' binds the agent to user-specified unix-domain
socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:08 +00:00
22fa01cdea
- markus@cvs.openbsd.org 2002/06/05 16:08:07
...
[ssh-agent.1 ssh-agent.c]
'-a bind_address' binds the agent to user-specified unix-domain
socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:07 +00:00
7d9c38f37a
- markus@cvs.openbsd.org 2002/06/04 23:05:49
...
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
__FUNCTION__ -> __func__
NOTE: This includes all portable references also.
2002-06-06 21:40:51 +00:00
3dca4f55f2
- markus@cvs.openbsd.org 2002/06/04 23:02:06
...
[packet.c]
remove __FUNCTION__
2002-06-06 20:59:25 +00:00
f67e07711f
- markus@cvs.openbsd.org 2002/06/04 19:53:40
...
[monitor.c]
save the session id (hash) for ssh2 (it will be passed with the
initial sign request) and verify that this value is used during
authentication; ok provos@
2002-06-06 20:58:19 +00:00
dcf6bfbfbd
- markus@cvs.openbsd.org 2002/06/04 19:42:35
...
[monitor.c]
only allow enabled authentication methods; ok provos@
2002-06-06 20:57:17 +00:00
2e14bc71e6
- deraadt@cvs.openbsd.org 2002/06/03 12:04:07
...
[ssh.h]
compatiblity -> compatibility
decriptor -> descriptor
authentciated -> authenticated
transmition -> transmission
2002-06-06 20:56:07 +00:00
ceae9d1c33
- markus@cvs.openbsd.org 2002/05/31 13:20:50
...
[ssh-rsa.c]
pad received signature with leading zeros, because RSA_verify expects
a signature of RSA_size. the drafts says the signature is transmitted
unpadded (e.g. putty does not pad), reported by anakin@pobox.com
2002-06-06 20:55:04 +00:00
01fff0c9d4
- markus@cvs.openbsd.org 2002/05/31 13:16:48
...
[key.c]
add comment:
key_verify returns 1 for a correct signature, 0 for an incorrect signature
and -1 on error.
2002-06-06 20:54:07 +00:00
511bb24c5b
- markus@cvs.openbsd.org 2002/05/31 11:35:15
...
[auth.h auth2.c]
move Authmethod definitons to per-method file.
NOTE: The rest of this patch is with the import of the auth2-*.c files.
2002-06-06 20:52:37 +00:00
cec2ea8d02
- markus@cvs.openbsd.org 2002/05/31 10:30:33
...
[sshconnect2.c]
extent ssh-keysign protocol:
pass # of socket-fd to ssh-keysign, keysign verfies locally used
ip-address using this socket-fd, restricts fake local hostnames
to actual local hostnames; ok stevesk@
2002-06-06 20:51:04 +00:00
f088f4374a
- markus@cvs.openbsd.org 2002/05/30 08:07:31
...
[cipher.c]
use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
our own implementation. allow use of AES hardware via libcrypto,
ok deraadt@
2002-06-06 20:50:07 +00:00
a26ea63f8a
- markus@cvs.openbsd.org 2002/05/29 11:21:57
...
[sshd.c]
don't start if privsep is enabled and SSH_PRIVSEP_USER or
_PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
2002-06-06 20:46:25 +00:00
20abb75f53
- stevesk@cvs.openbsd.org 2002/05/29 03:06:30
...
[ssh.1 sshd.8]
spelling
2002-06-06 20:45:33 +00:00
10d9936413
- stevesk@cvs.openbsd.org 2002/05/28 21:24:00
...
[uidswap.c]
use correct function name in fatal()
[See the patch above, I saw it before apply the next patch. <sigh>]
2002-06-06 20:44:06 +00:00
ca8943e6de
- (bal) Corrected debug() in uidswap.c to match upstream.
2002-06-06 20:42:04 +00:00
abff1dd050
- stevesk@cvs.openbsd.org 2002/05/28 17:28:02
...
[uidswap.c]
format spec change/casts and some KNF; ok markus@
2002-06-06 20:38:49 +00:00
105ccbe192
- stevesk@cvs.openbsd.org 2002/05/28 16:45:27
...
[monitor_mm.c]
print strerror(errno) on mmap/munmap error; ok markus@
2002-06-06 20:33:06 +00:00
033a49c7cc
- stevesk@cvs.openbsd.org 2002/05/26 20:35:10
...
[ssh.1]
sort ChallengeResponseAuthentication; ok markus@
2002-06-06 20:30:28 +00:00
855bf3ac3c
- markus@cvs.openbsd.org 2002/05/25 18:51:07
...
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
auth2-passwd.c auth2-pubkey.c Makefile.in]
split auth2.c into one file per method; ok provos@/deraadt@
NOTE: Merged back noticable cygwin and pam stuff. May need review to
ensure I did not miss anything.
2002-06-06 20:27:55 +00:00
4887da222b
- markus@cvs.openbsd.org 2002/05/25 08:50:39
...
[sshconnect2.c]
execlp->execl; from stevesk
2002-06-06 20:05:57 +00:00
5206b951c6
- markus@cvs.openbsd.org 2002/05/24 08:45:14
...
[sshconnect2.c]
stat ssh-keysign first, print error if stat fails;
some debug->error; fix comment
2002-06-06 19:59:29 +00:00
9e5bb579f9
- markus@cvs.openbsd.org 2002/05/23 19:39:34
...
[ssh.c]
add comment about ssh-keysign
2002-06-06 19:58:27 +00:00
1bad256822
- markus@cvs.openbsd.org 2002/05/23 19:24:30
...
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 19:57:33 +00:00
f666fec2d5
- deraadt@cvs.openbsd.org 2002/05/22 23:18:25
...
[ssh.c sshd.c]
spelling; abishoff@arc.nasa.gov
2002-06-06 19:51:58 +00:00
38ed63d759
- deraadt@cvs.openbsd.org 2002/05/19 20:54:52
...
[log.h]
extra commas in enum not 100% portable
2002-06-06 19:51:06 +00:00
fac7769f64
- stevesk@cvs.openbsd.org 2002/05/16 22:09:59
...
[session.c ssh.c]
don't limit xauth pathlen on client side and longer print length on
server when debug; ok markus@
2002-06-06 19:49:54 +00:00
6a24641365
- markus@cvs.openbsd.org 2002/05/16 22:02:50
...
[cipher.c kex.h mac.c]
fix warnings (openssl 0.9.7 requires const)
2002-06-06 19:48:16 +00:00
fb62a69488
- markus@cvs.openbsd.org 2002/05/15 21:56:38
...
[servconf.c sshd.8 sshd_config]
re-enable privsep and disable setuid for post-3.2.2
2002-06-06 19:47:11 +00:00
df75dd21f5
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
...
setsockopt from debug to error for now).
2002-06-04 20:52:19 +00:00
28bbb0c458
[configure.ac.orig monitor_fdpass.c] Enahnce msghdr tests to address
...
build problem on Irix reported by Dave Love <d.love@dl.ac.uk>. Back out
last monitor_fdpass.c changes that are no longer needed with new tests.
Patch tested on Irix by Jan-Frode Myklebust <janfrode@parallab.uib.no>
2002-05-27 17:37:32 -07:00
8ce8296fd0
sync scard/
2002-05-22 14:24:01 +10:00
23dc10ddac
crank rpm spec versions
2002-05-22 14:14:54 +10:00
667fb25f47
Crank version
...
(also missed changelog message)
2002-05-22 14:14:00 +10:00
74cc5bb851
fix spelling mistakes spotted by Solar Designer <solar@openwall.com>
2002-05-22 11:02:15 +10:00
bc5bb55755
- (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups()
2002-05-21 17:59:13 +00:00
c5041acef3
- (stevesk) [sshd.c] bug 245; disable setsid() for now
2002-05-21 17:50:21 +00:00
9de793cc6c
[configure.ac] remove extra MD5_MSG="no" line.
2002-05-17 08:59:22 -07:00
4e67d38a7e
- (bal) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/05/15 21:05:29
[version.h]
enter OpenSSH_3.2.2
- (bal) Caldara, Suse, and Redhat openssh.specs updated.
2002-05-15 21:50:14 +00:00
c5c15dde32
- markus@cvs.openbsd.org 2002/05/15 21:02:53
...
[servconf.c sshd.8 sshd_config]
disable privsep and enable setuid for the 3.2.2 release
2002-05-15 21:37:34 +00:00
c57bbf158d
- millert@cvs.openbsd.org 2002/05/06 23:34:33
...
[ssh.1 sshd.8]
Kill/adjust r(login|exec)d? references now that those are no longer in
the tree.
2002-05-15 21:36:45 +00:00
bb2ce36d4d
- deraadt@cvs.openbsd.org 2002/05/04 02:39:35
...
[servconf.c sshd.8 sshd_config]
enable privsep by default; provos ok
(historical)
2002-05-15 21:35:43 +00:00
2b70e5603f
- (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy.
2002-05-15 16:39:51 +00:00
7339b2a278
- mouring@cvs.openbsd.org 2002/05/15 15:47:49
...
[kex.c monitor.c monitor_wrap.c sshd.c]
'monitor' variable clashes with at least one lame platform (NeXT). i
Renamed to 'pmonitor'. provos@
- (bal) Fixed up PAM case. I think.
2002-05-15 16:25:01 +00:00
bdde330d2f
- markus@cvs.openbsd.org 2002/05/13 21:26:49
...
[auth-rhosts.c]
handle debug messages during rhosts-rsa and hostbased authentication;
ok provos@
2002-05-15 16:19:37 +00:00
17401b6b77
- millert@cvs.openbsd.org 2002/05/13 15:53:19
...
[sshd.c]
Call setsid() in the child after sshd accepts the connection and forks.
This is needed for privsep which calls setlogin() when it changes uids.
Without this, there is a race where the login name of an existing
connection, as returned by getlogin(), may be changed to the privsep
user (sshd). markus@ OK
2002-05-15 16:17:56 +00:00
a574cda45b
- markus@cvs.openbsd.org 2002/05/13 20:44:58
...
[auth-options.c auth.c auth.h]
move the packet_send_debug handling from auth-options.c to auth.c;
ok provos@
2002-05-15 16:16:14 +00:00
58d4dafeb1
- itojun@cvs.openbsd.org 2002/05/13 02:37:39
...
[auth-skey.c auth2.c]
less warnings. skey_{respond,query} are public (in auth.h)
2002-05-15 16:14:36 +00:00
966bfdae6b
- stevesk@cvs.openbsd.org 2002/05/11 20:24:48
...
[ssh.h]
typo in comment
2002-05-15 16:09:57 +00:00
973be0083b
- deraadt@cvs.openbsd.org 2002/05/08 21:06:34
...
[ssh.h]
move to sshd.sshd instead
2002-05-15 16:08:48 +00:00
1650ba3f57
- deraadt@cvs.openbsd.org 2002/05/07 19:54:36
...
[ssh.h]
use ssh uid
2002-05-15 16:07:11 +00:00
beecf74e2b
- (bal) CVS ID fix up on auth-passwd.c
2002-05-15 15:59:17 +00:00
860e929fa2
wrap
2002-05-15 10:12:29 +10:00
ee5e3b2d8a
wrap
2002-05-15 10:08:17 +10:00
8dd6febf73
update version.
2002-05-14 09:03:46 -07:00
fd6fd24a71
remove reference to UnixWare 7 and OpenUNIX 8
...
from PAM-enabled pragraph. UnixWare has no PAM.
2002-05-13 20:50:38 -07:00
1e28c9e6ba
20020514
...
[sshpty.c] set tty modes when allocating old style bsd ptys to
match what newer style ptys have when allocated. Based on a patch by
Roger Cornelius <rac@tenzing.org>
[README.privsep] UnixWare 7 and OpenUNIX 8 work.
2002-05-13 17:07:18 -07:00
f8defa2327
- (stevesk) [README.privsep] PAM+privsep works with Solaris 8.
2002-05-13 23:31:09 +00:00
05720356d6
- (djm) Add INSTALL warning about SSH protocol 1 blowfish w/ OpenSSL < 0.9.6
2002-05-13 15:22:21 +10:00
f71d2a5d44
- (djm) Bug #234 : missing readpassphrase declaration and defines
2002-05-13 15:14:08 +10:00
0228155f06
- (stevesk) add initial README.privsep
2002-05-13 03:57:04 +00:00
c81e12976e
- (stevesk) [configure.ac] nicer message: --with-privsep-user=user
2002-05-13 03:51:40 +00:00
b7cb96934e
- (djm) Update RPM spec file: different superuser path, use
...
/var/empty/sshd for privsep
2002-05-13 13:26:57 +10:00
f58c672f0e
- (djm) Add --with-privsep-path configure option
2002-05-13 13:15:42 +10:00
5ad9fd9820
- (djm) Bug #231 : UsePrivilegeSeparation turns off Banner.
2002-05-13 11:07:41 +10:00
a18bbd398e
- (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
...
the superuser receives.
2002-05-13 10:48:57 +10:00
802b956868
fix for systems that have both HAVE_ACCRIGHTS_IN_MSGHDR and
...
HAVE_CONTROL_IN_MSGHDR. Ie. sys/socket.h has #define msg_accrights msg_control
2002-05-11 15:30:04 -07:00
aef7371fe4
applied a rework of djm's OpenSSL search cleanup patch.
...
Now only searches system and /usr/local/ssl (OpenSSL's default install path)
Others must use --with-ssl-dir=....
2002-05-11 13:17:42 -07:00
f98fb721a0
- (stevesk) [auth.c] Shadow account and expiration cleanup. Now
...
check for root forced expire. Still don't check for inactive.
2002-05-10 15:48:52 +00:00
0b47814b43
- (bal) Back all the way out of auth-passwd.c changes. Breaks too many
...
things that don't set pw->pw_passwd.
2002-05-10 02:40:15 +00:00
87aea25f1a
- (djm) Try to drop supplemental groups at daemon startup. Patch from
...
RedHat
2002-05-10 12:20:24 +10:00
cfe4a89eef
- (djm) Rework RedHat RPM files. Based on spec from Nalin
...
Dahyabhai <nalin@redhat.com> and patches from
Pekka Savola <pekkas@netcore.fi>
2002-05-10 12:19:23 +10:00
a7a5d6d1b5
Unbreak make -f Makefile.in distprep
2002-05-09 07:05:59 -07:00
ffc868ff83
- (djm) Disable PAM kbd-int auth if privsep is turned on (it doesn't work)
2002-05-09 15:59:13 +10:00
0502a471e0
set SHELL in Makefile in case someone makes from a non bourne compatable shell
2002-05-08 16:04:14 -07:00
63cf84199d
fix logic on when seed_rng() is called.
...
Report by Chris Maxwell <maxwell@cs.dal.ca>
2002-05-08 15:57:18 -07:00
4bd2a19890
Add truncate() emulation to address Bug 208
2002-05-07 19:51:31 -07:00
f762a4bea5
- (djm) Don't reinitialise PAM credentials before we have started PAM.
...
Report from Pekka Savola <pekkas@netcore.fi>
2002-05-08 12:27:55 +10:00
a33501bb5f
- (djm) Unbreak PAM auth for protocol 1. Report from Pekka Savola
...
<pekkas@netcore.fi>
2002-05-08 12:24:42 +10:00
52910ddc66
- (djm) Unbreak auth-passwd.c for PAM and SIA
2002-05-08 12:18:26 +10:00
532bbdb99b
- (bal) Fixed auth-passwd.c to resolve PermitEmptyPassword issue
2002-05-06 23:06:08 +00:00
804357ace9
- (djm) Fix readpassphase compilation for systems which have it
2002-05-01 22:00:22 +10:00
38cd435892
- (djm) Import OpenBSD regression tests. Requires BSD make to run
2002-05-01 13:17:33 +10:00
2f09289e74
[contrib/caldera/openssh.spec] update fixUP to reflect changes in sshd_config.
...
[contrib/cygwin/README] remove reference to regex.
patch from Corinna Vinschen <vinschen@redhat.com>
2002-04-29 20:53:12 -07:00
aa100c546c
- (djm) Bug #180 : Set ToS bits on IPv4-in-IPv6 mapped addresses. Based on
...
patch from openssh@misc.tecq.org
2002-04-26 16:54:34 +10:00
ae9d5af0de
- (djm) Disable PAM password expiry until a complete fix for bug #188 exists
2002-04-26 11:27:24 +10:00
13ce922cc6
- (djm) Bug #137 , #209 : fix make problems for scard/Ssh.bin, do uudecode
...
during distprep only
2002-04-26 11:25:40 +10:00
0ea1d9d1f2
- (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26
...
support. bug #184 . most from dcole@keysoftsys.com .
2002-04-25 18:17:04 +00:00
30e494fbca
- (stevesk) [defines.h] remove USE_TIMEVAL; unused
2002-04-25 17:56:07 +00:00
0150c65830
- djm@cvs.openbsd.org 2002/04/23 22:16:29
...
[sshd.c]
Improve error message; ok markus@ stevesk@
2002-04-24 09:49:09 +10:00
11ec28176e
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/04/23 12:54:10
[version.h]
3.2.1
2002-04-24 09:48:14 +10:00
5feaaefaf2
- (stevesk) [acconfig.h configure.ac session.c] LOGIN_NO_ENDOPT for HP-UX
2002-04-23 20:45:55 +00:00
03df6cd83c
- (stevesk) [acconfig.h] NEED_IN_SYSTM_H unused
2002-04-23 20:11:13 +00:00
78cf8c377f
- markus@cvs.openbsd.org 2002/04/23 12:58:26
...
[radix.c]
send complete ticket; semerad@ss1000.ms.mff.cuni.cz
2002-04-23 16:41:12 +02:00
f75fcc61f4
wrap an out of control line
2002-04-23 23:32:38 +10:00
fa2bb69d16
- (djm) Bug #206 - blibpath isn't always needed for AIX ld, avoid
...
sizeof(long long int) == 4 breakage. Patch from Matthew Clarke
<Matthew_Clarke@mindlink.bc.ca>
2002-04-23 23:22:25 +10:00
f1b9d11a3e
- (djm) Bug #214 : Fix utmp for Irix (don't strip "tty"). Patch from
...
Kevin Taylor <no@nowhere.org> (??) via Philipp Grau
<phgrau@zedat.fu-berlin.de>
2002-04-23 23:09:19 +10:00
d77facda1a
- (djm) Bug #213 : Simplify CMSG_ALIGN macros to avoid symbol clashes.
...
Reported by Doug Manton <dmanton@emea.att.com>
2002-04-23 22:59:51 +10:00
f5fea44ae3
- (djm) Define BROKEN_REALPATH for AIX, patch from
...
Antti Tapaninen <aet@cc.hut.fi>
2002-04-23 22:52:45 +10:00
654a4ef969
- (djm) Redhat spec enables KrbV by default
2002-04-23 21:17:17 +10:00
0b3894d5b5
- (djm) Update RPM spec file versions
2002-04-23 21:15:31 +10:00
ef7c11de6e
- (djm) Trim ChangeLog to include only post-3.1 changes
2002-04-23 21:13:32 +10:00
2797f7f03a
- markus@cvs.openbsd.org 2002/04/22 21:04:52
...
[channels.c clientloop.c clientloop.h ssh.c]
request reply (success/failure) for -R style fwd in protocol v2,
depends on ordered replies.
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215 ; ok provos@
2002-04-23 21:09:44 +10:00
d7de14b6ad
- markus@cvs.openbsd.org 2002/04/22 16:16:53
...
[servconf.c sshd.8 sshd_config]
do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@
2002-04-23 21:04:51 +10:00
635fe98a7f
- markus@cvs.openbsd.org 2002/04/22 06:15:47
...
[radix.c]
fix check for overflow
2002-04-23 21:00:33 +10:00
f61c01506f
- stevesk@cvs.openbsd.org 2002/04/21 16:25:06
...
[sshconnect1.c]
spelling in error message; ok markus@
2002-04-23 20:56:02 +10:00
7a8558d3ea
- stevesk@cvs.openbsd.org 2002/04/21 16:19:27
...
[sshd.8 sshd_config]
document default AFSTokenPassing no; ok deraadt@
2002-04-23 20:51:15 +10:00
bad0e0162f
- markus@cvs.openbsd.org 2002/04/20 09:17:19
...
[radix.c]
rewrite using the buffer_* API, fixes overflow; ok deraadt@
2002-04-23 20:46:56 +10:00
3b23566a5b
- markus@cvs.openbsd.org 2002/04/20 09:14:58
...
[bufaux.c bufaux.h]
add buffer_{get,put}_short
2002-04-23 20:42:36 +10:00
7941855f09
- (djm) Make privsep work with PAM (still experimental)
2002-04-23 20:28:48 +10:00
594a71b9b9
- (djm) Bug #222 : Fix tests for getaddrinfo on OSF/1. Spotted by
...
Robert Urban <urban@spielwiese.de>
2002-04-23 20:22:59 +10:00
f02dccc0dc
[entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0).
...
entropy.c needs seteuid(getuid()) for the setuid(original_uid) to succeed.
Patch by gert@greenie.muc.de . This fixes one part of Bug 208
2002-04-21 11:26:10 -07:00
a370f4dcc6
- (djm) Avoid SIGCHLD breakage when run from rsync. Fix from
...
Sturle Sunde <sturle.sunde@usit.uio.no>
2002-04-18 22:53:22 +10:00
43a1c13e0f
[configure.ac] Issue warning on --with-default-path=/some_path
...
if LOGIN_CAP is enabled. Report & testing by Tuc <tuc@ttsg.com>
2002-04-17 21:19:14 -07:00
5efd71038d
- (djm) Fix .Nm in mdoc2man.pl from pspencer@fields.utoronto.ca
2002-04-17 12:30:45 +10:00
bd63874d4b
- (djm) Tell users to configure /dev/random support into OpenSSL in INSTALL
2002-04-17 12:22:58 +10:00
66480f188e
[configure.ac] add tests for recvmsg and sendmsg.
...
[monitor_fdpass.c] add checks for HAVE_SENDMSG and HAVE_RECVMSG for
systems that HAVE_ACCRIGHTS_IN_MSGHDR but no recvmsg or sendmsg.
2002-04-15 21:10:09 -07:00
eb3630205a
- (stevesk) bsd-cygwin_util.[ch] BSD license from Corinna Vinschen
2002-04-15 22:00:51 +00:00
8be24f3846
- (djm) Unbreak "make install". Fix from Darren Tucker <dtucker@zip.com.au>
2002-04-15 13:23:59 +10:00
49411ff8a7
- (djm) Random number collection doc fixes from Ben
2002-04-14 23:16:04 +10:00
32e4818015
- (djm) ssh-rand-helper improvements
...
- Add commandline debugging options
- Don't write binary data if stdout is a tty (use hex instead)
- Give it a manpage
2002-04-14 19:27:12 +10:00
fd4c9eee25
- (djm) Add KrbV support patch from Simon Wilkinson <simon@sxw.org.uk>
2002-04-13 11:04:40 +10:00
927dfd2d7e
- (bal) disable privsep if no MAP_ANON. We can re-enable it
...
after the release when we can do more testing.
2002-04-12 18:51:22 +00:00
c42f7cfd16
- (bal) Mistaken in Cygwin scripts for ssh starting. Patch by
...
Corinna Vinschen <vinschen@redhat.com>
2002-04-12 17:44:13 +00:00
ae49fe64ca
[configure.ac] add <sys/types.h> to msghdr tests.
...
Change -L to -h on testing for /bin being symbolic link
2002-04-12 10:26:21 -07:00
19fa9b544f
- (stevesk) [auth-sia.[ch]] add BSD license from Chris Adams
2002-04-12 15:36:07 +00:00
813f0452ed
[acconfig.h defines.h includes.h] put includes in includes.h and
...
defines in defines.h [rijndael.c openbsd-compat/fake-socket.h
openbsd-compat/inet_aton.c] include "includes.h" instead of "config.h"
ok stevesk@
2002-04-11 20:35:39 -07:00
0c283d8444
- (stevesk) [auth-sia.c] cleanup
2002-04-11 20:39:40 +00:00
fe6ca54ac2
- (stevesk) [configure.ac monitor.c] HAVE_SOCKETPAIR
2002-04-10 22:04:54 +00:00
027e4de24f
- markus@cvs.openbsd.org 2002/04/10 08:56:01
...
[version.h]
OpenSSH_3.2
- Added p1 to idenify Portable release version.
2002-04-10 16:26:20 +00:00
b5115eaf80
- markus@cvs.openbsd.org 2002/04/10 08:21:47
...
[auth1.c compat.c compat.h]
strip '@' from username only for KerbV and known broken clients, bug #204
2002-04-10 16:17:34 +00:00
6939b233d0
- (stevesk) [auth-sia.c] compile fix Chris Adams <cmadams@hiwaay.net>
2002-04-10 16:09:51 +00:00
34b7320a9d
- (bal) Minor OpenSC updates. Fix up header locations and update
...
README.smartcard provided by Juha Yrjölä <jyrjola@cc.hut.fi>
2002-04-08 18:37:07 +00:00
265c9d00c3
- (stevesk) wrap munmap() with HAVE_MMAP also.
2002-04-07 22:36:49 +00:00
7ff911216b
- (stevesk) --with-privsep-user; default sshd
2002-04-07 19:22:54 +00:00
b1184bbf29
- (stevesk) remove configure support for poll.h; it was removed
...
from sshd.c a long time ago.
2002-04-07 18:12:03 +00:00
86b9fe6a77
- (stevesk) HAVE_MMAP and HAVE_SYS_MMAN_H and use them in
...
monitor_mm.c
2002-04-07 17:08:53 +00:00
c3c825575c
- (stevesk) [monitor_fdpass.c] fatal() for UsePrivilegeSeparation=yes
...
and no fd passing support.
2002-04-07 16:39:12 +00:00
a44e0351ee
- (stevesk) HAVE_CONTROL_IN_MSGHDR; not used right now.
...
Future: we may want to test if fd passing works correctly.
2002-04-07 16:18:03 +00:00
fdee8ef0ac
- (bal) We no longer use atexit()/xatexit()/on_exit()
2002-04-06 23:52:02 +00:00
0318801591
- (bal) Quiet down configure.ac if /bin/test does not exist.
2002-04-06 20:30:07 +00:00
8ff2a8d2c2
- (bal) Revered out of runtime IRIX runtime detection of joblimits. Code is
...
incomplete.
2002-04-06 18:58:31 +00:00
de3895d580
- mouring@cvs.openbsd.org 2002/04/06 18:24:09
...
[scp.c]
Fixes potental double // within path.
http://bugzilla.mindrot.org/show_bug.cgi?id=76
2002-04-06 18:29:59 +00:00
8d6017566c
- (bal) Slight update to OpenSC support. Better version checking. patch
...
by Juha Yrjölä <jyrjola@cc.hut.fi>
2002-04-06 18:19:38 +00:00
06e9515eb8
- djm@cvs.openbsd.org 2002/04/06 00:30:08
...
[sftp-client.c]
Fix occasional corruption on upload due to bad reuse of request id, spotted
by chombier@mac.com ; ok markus@
2002-04-06 04:16:45 +00:00
dc0594cc54
- (bal) Added MAP_FAILED to allow AIX and Trusted HP to compile.
2002-04-06 04:11:28 +00:00
12db56ba2f
- (djm) Typo in Suse SPEC file. Fix from Carsten Grohmann
...
<carsten.grohmann@dr-baldeweg.de>
2002-04-06 11:12:52 +10:00
a11e270115
- stevesk@cvs.openbsd.org 2002/04/05 20:56:21
...
[sshd.8]
clarify sshrc some and handle X11UseLocalhost=yes; ok markus@
2002-04-05 22:18:48 +00:00
924144e650
- (bal) Too many <sys/queue.h> issues. Remove all workarounds and
...
using internal version only.
2002-04-05 20:23:35 +00:00
a42694fa25
- (bal) Patch for OpenSC SmartCard library; ok markus@; patch by
...
Juha Yrjölä <jyrjola@cc.hut.fi>
- (bal) Minor documentation update to reflect smartcard library
support changes.
2002-04-05 16:11:45 +00:00
8a725a843d
- markus@cvs.openbsd.org 2002/04/03 09:26:11
...
[cipher.c myproposal.h]
re-add rijndael-cbc@lysator.liu.se for MacSSH; ash@lab.poc.net
2002-04-04 22:10:38 +00:00
e683e76439
- (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h
...
auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm.
2002-04-04 19:02:28 +00:00
af40bc6a72
- (bal) mispelling in uidswap.c (portable only)
2002-04-03 03:36:54 +00:00
07739fe305
- markus@cvs.openbsd.org 2002/04/02 20:11:38
...
[ssh-rsa.c]
ignore SSH_BUG_SIGBLOB for ssh-rsa; #187
2002-04-03 03:03:04 +00:00
2f3d52a2d6
- markus@cvs.openbsd.org 2002/04/02 17:37:48
...
[sftp.c]
always call log_init()
2002-04-02 21:06:18 +00:00
eecdf23531
- markus@cvs.openbsd.org 2002/04/02 11:49:39
...
[ssh-agent.c]
check $SHELL for -k and -d, too;
http://bugzilla.mindrot.org/show_bug.cgi?id=199
2002-04-02 21:03:51 +00:00
f26ff5b9d8
- markus@cvs.openbsd.org 2002/04/01 22:07:17
...
[sftp-client.c]
fallback to stat if server does not support lstat
2002-04-02 21:00:31 +00:00
a1d8114044
- markus@cvs.openbsd.org 2002/04/01 22:02:16
...
[sftp-client.c]
20480 is an upper limit for older server
2002-04-02 20:58:11 +00:00
1e259bb0bf
- (bal) CVS ID sync of uidswap.c
2002-04-02 20:53:39 +00:00
47fd8112b5
- markus@cvs.openbsd.org 2002/03/30 18:51:15
...
[monitor.c serverloop.c sftp-int.c sftp.c sshd.c]
check waitpid for EINTR; based on patch from peter@ifm.liu.se
2002-04-02 20:48:19 +00:00
03f3932829
- stevesk@cvs.openbsd.org 2002/03/29 19:18:33
...
[auth-rsa.c ssh-rsa.c ssh.h]
make RSA modulus minimum #define; ok markus@
2002-04-02 20:43:11 +00:00
0d0be02a29
- stevesk@cvs.openbsd.org 2002/03/29 19:16:22
...
[sshd.8]
RSA key modulus size minimum 768; ok markus@
2002-04-02 20:39:29 +00:00
c447fee9f1
- markus@cvs.openbsd.org 2002/03/29 18:59:32
...
[session.c session.h]
retrieve last login time before the pty is allocated, store per session
2002-04-02 20:35:35 +00:00
2bf56e2dba
- markus@cvs.openbsd.org 2002/03/28 15:34:51
...
[session.c]
do not call record_login twice (for use_privsep)
2002-04-02 20:32:46 +00:00
155b981494
- markus@cvs.openbsd.org 2002/03/27 22:21:45
...
[ssh-keygen.c]
try to import keys with extra trailing === (seen with ssh.com < 2.0.12)
2002-04-02 20:26:26 +00:00
cdb66e0e82
- (bal) Hand Sync of scp.c (reverted to upstream code)
...
- deraadt@cvs.openbsd.org 2002/03/30 17:45:46
[scp.c]
stretch banners
2002-04-02 20:17:43 +00:00
38c4a28a7e
- (stevesk) [auth1.c] fix password auth for protocol 1 when
...
!USE_PAM && !HAVE_OSF_SIA; merge issue.
2002-04-02 03:24:56 +00:00
bd1901b7dc
- (stevesk) [monitor.c] PAM should work again; will *not* work with
...
UsePrivilegeSeparation=yes.
2002-04-01 18:04:35 +00:00
c85496222b
[sshconnect2.c] change uint32_t to u_int32_t
2002-03-31 12:49:38 -08:00
49e457c43b
[configure.ac] use /bin/test -L to work around broken builtin on Solaris 8
2002-03-31 11:23:06 -08:00
117b06dec9
- (stevesk) [configure.ac] remove header check for sys/ttcompat.h
...
bug 167
2002-03-30 17:55:21 +00:00
b57a4bf93f
- mouring@cvs.openbsd.org 2002/03/27 11:45:42
...
[monitor.c]
monitor_allowed_key() returns int instead of pointer. ok markus@
2002-03-27 18:00:59 +00:00
599717246c
- markus@cvs.openbsd.org 2002/03/26 23:14:51
...
[kex.c]
generate a new cookie for each SSH2_MSG_KEXINIT message we send out
2002-03-27 17:42:57 +00:00
e1f9e324e9
- markus@cvs.openbsd.org 2002/03/26 23:13:03
...
[auth-rsa.c]
disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
2002-03-27 17:38:43 +00:00
57686a82a5
- markus@cvs.openbsd.org 2002/03/26 22:50:39
...
[channels.h]
CHANNEL_EFD_OUTPUT_ACTIVE is false for CHAN_CLOSE_RCVD, too
2002-03-27 17:36:41 +00:00
43a5e2f70e
- rees@cvs.openbsd.org 2002/03/26 18:46:59
...
[scard.c]
try_AUT0 in read_pubkey too, for those paranoid few who want to acl 'sh'
2002-03-27 17:33:17 +00:00
38a69e6b53
- markus@cvs.openbsd.org 2002/03/26 15:58:46
...
[readpass.c readpass.h sshconnect2.c]
client side support for PASSWD_CHANGEREQ
2002-03-27 17:28:46 +00:00
cd8bbce80b
- markus@cvs.openbsd.org 2002/03/26 15:23:40
...
[bufaux.c]
do not talk about packets in bufaux
2002-03-27 17:23:44 +00:00
eb041dca1f
- markus@cvs.openbsd.org 2002/03/26 11:37:05
...
[ssh.c]
update Copyright
2002-03-27 17:20:38 +00:00
f181384a6b
- markus@cvs.openbsd.org 2002/03/26 11:34:49
...
[ssh.1 sshd.8]
update to recent drafts
2002-03-27 17:18:31 +00:00
53f1830d6a
- (bal) 'pw' should be 'authctxt->pw' in auth1.c spotted by
...
kent@lysator.liu.se
2002-03-27 16:50:03 +00:00
28364ecf45
- stevesk@cvs.openbsd.org 2002/03/26 03:24:01
...
[monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h]
$OpenBSD$
2002-03-26 03:42:20 +00:00
cf15944c23
- markus@cvs.openbsd.org 2002/03/25 21:13:51
...
[channels.c channels.h compat.c compat.h nchan.c]
don't send stderr data after EOF, accept this from older known (broken)
sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
2002-03-26 03:26:24 +00:00
4f054607f0
- markus@cvs.openbsd.org 2002/03/25 21:04:02
...
[ssh.c]
simplify num_identity_files handling
2002-03-26 03:23:00 +00:00
c861547f34
- stevesk@cvs.openbsd.org 2002/03/25 20:12:10
...
[monitor_mm.c monitor_wrap.c]
ssize_t args use "%ld" and cast to (long)
size_t args use "%lu" and cast to (u_long)
ok markus@ and thanks millert@
2002-03-26 03:20:45 +00:00
0936a5bb72
- markus@cvs.openbsd.org 2002/03/25 17:34:27
...
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
5facb2bbc4
- markus@cvs.openbsd.org 2002/03/25 09:25:06
...
[auth-rh-rsa.c]
rm bogus comment
2002-03-26 03:08:47 +00:00
f6d367b91a
- markus@cvs.openbsd.org 2002/03/25 09:21:13
...
[auth-rsa.c]
return 0 (not NULL); tomh@po.crl.go.jp
2002-03-26 02:59:31 +00:00
2e9d866608
- stevesk@cvs.openbsd.org 2002/03/24 23:20:00
...
[monitor.c]
remove "\n" from fatal()
2002-03-26 02:49:34 +00:00
c2c6cbc527
- markus@cvs.openbsd.org 2002/03/24 18:05:29
...
[scard.c]
we need to figure out AUT0 for sc_private_encrypt, too
2002-03-26 02:44:44 +00:00
31ee7aeb15
- stevesk@cvs.openbsd.org 2002/03/24 17:53:16
...
[monitor_fdpass.c]
minor cleanup and more error checking; ok markus@
2002-03-26 02:36:29 +00:00
fcad1c92c9
- stevesk@cvs.openbsd.org 2002/03/24 17:27:03
...
[kexgex.c]
typo; ok markus@
2002-03-26 02:20:06 +00:00
8b08d8115d
- markus@cvs.openbsd.org 2002/03/24 16:01:13
...
[packet.c]
debug->debug3 for extra padding
2002-03-26 02:09:41 +00:00
3dc40f997b
- markus@cvs.openbsd.org 2002/03/24 16:00:27
...
[serverloop.c]
remove unused debug
2002-03-26 02:01:30 +00:00
f90f58d846
- stevesk@cvs.openbsd.org 2002/03/23 20:57:26
...
[sshd.c]
setproctitle() after preauth child; ok markus@
2002-03-26 01:53:03 +00:00
6205a18f55
- (stevesk) import OpenBSD <sys/tree.h> as "openbsd-compat/tree.h"
2002-03-26 00:12:49 +00:00
b4799a31a5
- (stevesk) [session.c] disable LOGIN_NEEDS_TERM until we are sure
...
it can be removed. only used on solaris. will no longer compile with
privsep shuffling.
2002-03-24 23:19:54 +00:00
4408c2098f
- (stevesk) [LICENCE] OpenBSD sync
2002-03-23 02:20:07 +00:00
f29a6539c0
[cipher.c] fix problem with OpenBSD sync
2002-03-22 13:27:40 -08:00
4435a55a4b
- (stevesk) [defines.h] #define MAP_ANON MAP_ANONYMOUS for HP-UX; other
...
platforms may need this--I'm not sure. mmap() issues will need to be
addressed further.
2002-03-22 21:08:03 +00:00
219bef12c6
- (stevesk) [defines.h] hp-ux 11 has ancillary data style fd passing, but
...
is missing CMSG_LEN() and CMSG_SPACE() macros.
2002-03-22 20:53:32 +00:00
205cc1ef46
- (stevesk) [auth2.c] merge cleanup/sync
2002-03-22 20:43:05 +00:00
1adb120779
- (stevesk) [monitor_fdpass.c] support for access rights style file
...
descriptor passing
2002-03-22 19:32:53 +00:00
4846f4ab69
- (stevesk) configure and cpp __FUNCTION__ gymnastics to handle nielsisms
2002-03-22 18:19:53 +00:00
7e147607f5
- (stevesk) [monitor.c monitor_wrap.c] #ifdef HAVE_PW_CLASS_IN_PASSWD
2002-03-22 18:07:17 +00:00
939c9db9b1
- (stevesk) HAVE_ACCRIGHTS_IN_MSGHDR configure support
2002-03-22 17:23:25 +00:00
681d932634
- markus@cvs.openbsd.org 2002/03/21 23:07:37
...
[clientloop.c]
remove unused, sync w/ cmdline patch in my tree.
2002-03-22 03:53:00 +00:00
ba72d30aa5
- rees@cvs.openbsd.org 2002/03/21 22:44:05
...
[authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
Add PIN-protection for secret key.
2002-03-22 03:51:06 +00:00
266ec63eb3
- rees@cvs.openbsd.org 2002/03/21 21:54:34
...
[scard.c scard.h ssh-keygen.c]
Add PIN-protection for secret key.
2002-03-22 03:47:38 +00:00
943481cc77
- markus@cvs.openbsd.org 2002/03/21 21:23:34
...
[sshd.c]
add privsep_preauth() and remove 1 goto; ok provos@
2002-03-22 03:43:46 +00:00
fa1336ff47
- markus@cvs.openbsd.org 2002/03/21 20:51:12
...
[sshd_config]
add privsep (off)
2002-03-22 03:40:58 +00:00
818659a163
- rees@cvs.openbsd.org 2002/03/21 18:08:15
...
[scard.c]
In sc_put_key(), sc_reader_id should be id.
2002-03-22 03:38:35 +00:00
eda98a728d
- markus@cvs.openbsd.org 2002/03/21 16:58:13
...
[clientloop.c]
remove unused
2002-03-22 03:35:48 +00:00
70e3ad8231
- markus@cvs.openbsd.org 2002/03/21 16:57:15
...
[scard.c]
remove const
2002-03-22 03:33:43 +00:00
0b675b1659
- markus@cvs.openbsd.org 2002/03/21 16:38:06
...
[scard.c]
make compile w/ openssl 0.9.7
2002-03-22 03:28:11 +00:00
5589f4b55f
- jakob@cvs.openbsd.org 2002/03/21 15:17:26
...
[clientloop.c ssh.1]
add built-in command line for adding new port forwardings on the fly.
based on a patch from brian wellington. ok markus@.
2002-03-22 03:24:32 +00:00
58b391b1bd
- markus@cvs.openbsd.org 2002/03/21 10:21:20
...
[ssh-add.c]
ignore errors for nonexisting default keys in ssh-add,
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
Last patch was SUPPOSE to be:
- stevesk@cvs.openbsd.org 2002/03/20 21:08:08
[sshd.c]
strerror() on chdir() fail; ok provos@
But it got co-mingled. <sigh> Flog me at will.
2002-03-22 03:21:16 +00:00
1ee9ec32a3
- markus@cvs.openbsd.org 2002/03/21 10:21:20
...
[ssh-add.c]
ignore errors for nonexisting default keys in ssh-add,
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
2002-03-22 03:14:45 +00:00
c743134191
- stevesk@cvs.openbsd.org 2002/03/20 19:12:25
...
[servconf.c servconf.h ssh.h sshd.c]
for unprivileged user, group do:
pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
2002-03-22 03:11:49 +00:00
f34e4eb6c7
- markus@cvs.openbsd.org 2002/03/19 15:31:47
...
[auth.c]
check for NULL; from provos@
2002-03-22 03:08:30 +00:00
7ebb635d81
- markus@cvs.openbsd.org 2002/03/19 14:27:39
...
[auth.c auth1.c auth2.c]
make getpwnamallow() allways call pwcopy()
2002-03-22 03:04:08 +00:00
6328ab3989
- markus@cvs.openbsd.org 2002/03/19 10:49:35
...
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
2002-03-22 02:54:23 +00:00
08105192fd
- markus@cvs.openbsd.org 2002/03/19 10:35:39
...
[auth-options.c auth.h session.c session.h sshd.c]
clean up prototypes
2002-03-22 02:50:06 +00:00
cb1f60efb5
- mpech@cvs.openbsd.org 2002/03/19 06:32:56
...
[sftp-int.c]
use xfree() after xstrdup().
markus@ ok
2002-03-22 02:47:28 +00:00
85520a6705
- stevesk@cvs.openbsd.org 2002/03/19 05:23:08
...
[sshd.8]
Banner has no default.
2002-03-22 02:44:40 +00:00
7a7edf77ed
- stevesk@cvs.openbsd.org 2002/03/19 03:03:43
...
[pathnames.h servconf.c servconf.h sshd.c]
_PATH_PRIVSEP_CHROOT_DIR; ok provos@
2002-03-22 02:42:37 +00:00
01426a67c8
- stevesk@cvs.openbsd.org 2002/03/18 23:52:51
...
[servconf.c]
UnprivUser/UnprivGroup usable now--specify numeric user/group; ok
provos@
2002-03-22 02:40:03 +00:00
191c8e5eb9
- provos@cvs.openbsd.org 2002/03/18 17:59:09
...
[sshd.8]
document UsePrivilegeSeparation
2002-03-22 02:37:50 +00:00
000dda5373
- provos@cvs.openbsd.org 2002/03/18 17:53:08
...
[sshd.8]
credits for privsep
2002-03-22 02:33:12 +00:00
7a2073c50b
- provos@cvs.openbsd.org 2002/03/18 17:50:31
...
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-03-22 02:30:41 +00:00
0f345f5ee1
- provos@cvs.openbsd.org 2002/03/18 17:31:54
...
[compress.c]
export compression streams for ssh-privsep
2002-03-22 01:51:24 +00:00
88aa1b4527
- provos@cvs.openbsd.org 2002/03/18 17:25:29
...
[bufaux.c bufaux.h]
buffer_skip_string and extra sanity checking; needed by ssh-privsep
2002-03-22 01:47:52 +00:00
a674e8df80
- markus@cvs.openbsd.org 2002/03/18 17:23:31
...
[key.c key.h]
add key_demote() for ssh-privsep
2002-03-22 01:45:53 +00:00
f6027d3407
- markus@cvs.openbsd.org 2002/03/18 17:16:38
...
[packet.c packet.h]
export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep
2002-03-22 01:42:04 +00:00
212facacde
- markus@cvs.openbsd.org 2002/03/18 17:13:15
...
[cipher.c cipher.h]
export/import cipher states; needed by ssh-privsep
2002-03-22 01:39:44 +00:00
b481e1323e
- provos@cvs.openbsd.org 2002/03/18 03:41:08
...
[auth.c session.c]
move auth_approval into getpwnamallow with help from millert@
2002-03-22 01:35:47 +00:00
abf3144064
- dugsong@cvs.openbsd.org 2002/03/18 01:30:10
...
[auth-krb4.c]
set client to NULL after xfree(), from Rolf Braun
<rbraun+ssh@andrew.cmu.edu>
2002-03-22 01:30:40 +00:00
73ab9ba45d
- provos@cvs.openbsd.org 2002/03/18 01:12:14
...
[auth.h auth1.c auth2.c sshd.c]
have the authentication functions return the authentication context
and then do_authenticated; okay millert@
2002-03-22 01:27:35 +00:00
2ae18f40a7
- provos@cvs.openbsd.org 2002/03/17 20:25:56
...
[auth.c auth.h auth1.c auth2.c]
getpwnamallow returns struct passwd * only if user valid; okay markus@
2002-03-22 01:24:38 +00:00
eacc71b558
- stevesk@cvs.openbsd.org 2002/03/16 17:41:25
...
[auth-krb5.c]
BSD license. from Daniel Kouril via Dug Song. ok markus@
2002-03-22 01:22:27 +00:00
186b7da2d7
- markus@cvs.openbsd.org 2002/03/16 17:22:09
...
[auth-rh-rsa.c auth.h]
split auth_rhosts_rsa(), ok provos@
2002-03-22 01:20:32 +00:00
ce398b2278
- markus@cvs.openbsd.org 2002/03/16 11:24:53
...
[compress.c]
skip inflateEnd if inflate fails; ok provos@
2002-03-22 01:17:52 +00:00
b61e6df9f3
- itojun@cvs.openbsd.org 2002/03/15 11:00:38
...
[auth.c]
fix file type checking (use S_ISREG). ok by markus
2002-03-22 01:15:33 +00:00
9c8aefe750
- markus@cvs.openbsd.org 2002/03/14 16:56:33
...
[auth-rh-rsa.c auth-rsa.c auth.h]
split auth_rsa() for better readability and privsep; ok provos@
2002-03-22 01:12:58 +00:00
abcb145b38
- markus@cvs.openbsd.org 2002/03/14 16:38:26
...
[sshd.c]
split out ssh1 session key decryption; ok provos@
2002-03-22 01:10:21 +00:00
5c15958230
- markus@cvs.openbsd.org 2002/03/14 15:24:27
...
[sshconnect1.c]
don't trust size sent by (rogue) server; noted by s.esser@e-matters.de
2002-03-22 01:08:07 +00:00
83b79e48df
- itojun@cvs.openbsd.org 2002/03/11 03:19:53
...
[sftp-client.c]
indent
2002-03-22 01:05:27 +00:00
eb50545365
- itojun@cvs.openbsd.org 2002/03/11 03:18:49
...
[sftp-client.c]
correct type mismatches (u_int64_t != unsigned long long)
2002-03-22 01:03:15 +00:00
d45f28c116
- itojun@cvs.openbsd.org 2002/03/08 06:10:16
...
[sftp-client.c]
printf type mismatch
2002-03-22 01:00:57 +00:00
3a4234699e
[contrib/aix/buildbff.sh contrib/aix/inventory.sh] AIX package
...
build fixes. Patch by Darren Tucker <dtucker@zip.com.au>
[contrib/solaris/buildpkg.sh] add missing dirs to SYSTEM_DIR. Have
postinstall check for $piddir and add if necessary.
2002-03-17 14:05:24 -08:00
88f2ab5efb
[configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
...
warn if directory doesn not exist. Put system directories in front of
PATH for finding entorpy commands.
2002-03-17 12:17:34 -08:00
29bdd2c9bc
[contrib/solaris/buildpkg.sh, contrib/solaris/README] Updated to
...
build on all platforms that support SVR4 style package tools. Now runs
from build dir. Parts are based on patches from Antonio Navarro, and
Darren Tucker.
2002-03-11 20:55:53 -08:00
4a10d2e90b
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
2002-03-11 22:53:29 +11:00
581930735a
- (stevesk) entropy.c: typo in debug message
2002-03-11 00:16:34 +00:00
c7375ac466
- (djm) Add Markus' patch for compat wih OpenSSL < 0.9.6.
...
Known issue: Blowfish for SSH1 does not work
2002-03-11 10:51:17 +11:00
ff8f94c3e6
- (djm) Revert bits of Markus' OpenSSL compat patch which was accidentally
...
committed.
2002-03-11 10:48:53 +11:00
784e234c19
- (bal) Test for IRIX JOBS support at runtime. Patch provided
...
by David Kaelbling <drk@sgi.com>
2002-03-08 03:50:57 +00:00
7577fd83c1
- (bal) Add in check for rpc/types.h since it is needed on
...
some platforms for INADDR_LOOPBACK. We should retest
SCO 3 to see if this fixes their problem also.
2002-03-08 03:11:07 +00:00
dc16354aaa
- (bal) Updated INSTALL to reflect 0.9.6 OpenSSL requirement
2002-03-07 17:49:39 +00:00
6e96c88c16
- (djm) Update RPM spec files with new version number
2002-03-07 13:04:37 +11:00
3fd2872407
- markus@cvs.openbsd.org 2002/03/06 00:25:55
...
[version.h]
OpenSSH_3.1
2002-03-07 13:02:19 +11:00
4e431d4b8e
- markus@cvs.openbsd.org 2002/03/06 00:24:39
...
[compat.c]
compat.c
2002-03-07 12:59:02 +11:00
6d6c5d202f
- markus@cvs.openbsd.org 2002/03/06 00:23:27
...
[compat.c dh.c]
undo
2002-03-07 12:58:42 +11:00
6ba693f70e
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/03/06 00:20:54
[compat.c dh.c]
compat.c
2002-03-07 12:58:24 +11:00
664b243ae4
- stevesk@cvs.openbsd.org 2002/03/02 09:34:42
...
[LICENCE]
correct copyright dates for scp license; ok markus@
2002-03-05 18:03:10 +00:00
01e7fa13b4
- (bal) Added contrib/aix/ to support BFF package generation provided
...
by Darren Tucker <dtucker@zip.com.au>
2002-03-05 03:38:35 +00:00
795488785e
- markus@cvs.openbsd.org 2002/03/04 19:37:58
...
[channels.c]
off by one; thanks to joost@pine.nl
2002-03-05 01:57:44 +00:00
6b28c35a04
- stevesk@cvs.openbsd.org 2002/03/04 18:30:23
...
[ssh-keyscan.c]
handle connection close during read of protocol version string.
fixes erroneous "bad greeting". ok markus@
2002-03-05 01:54:52 +00:00
05764b9286
- stevesk@cvs.openbsd.org 2002/03/04 17:27:39
...
[auth-krb5.c auth-options.h auth.h authfd.h authfile.h bufaux.h buffer.h
channels.h cipher.h compat.h compress.h crc32.h deattack.c getput.h
groupaccess.c misc.c mpaux.h packet.h readconf.h rsa.h scard.h
servconf.h ssh-agent.c ssh.h ssh2.h sshpty.h sshtty.c ttymodes.h
uuencode.c xmalloc.h]
$OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; add
missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c
files. ok markus@
2002-03-05 01:53:02 +00:00
84fcb312ff
- markus@cvs.openbsd.org 2002/03/04 13:10:46
...
[misc.c]
error-> debug, because O_NONBLOCK for /dev/null causes too many different
errnos; ok stevesk@, deraadt@
unused include
2002-03-05 01:48:09 +00:00
d96c8b3b56
- markus@cvs.openbsd.org 2002/03/04 12:43:06
...
[auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
unused include
2002-03-05 01:45:56 +00:00
3fb5d00ffd
- markus@cvs.openbsd.org 2002/03/01 13:12:10
...
[auth.c match.c match.h]
undo the 'delay hostname lookup' change
match.c must not use compress.c (via canonhost.c/packet.c)
thanks to wilfried@
2002-03-05 01:42:42 +00:00
6ef9ec6b6b
- stevesk@cvs.openbsd.org 2002/02/28 20:56:00
...
[auth.c]
log user not allowed details, from dwd@bell-labs.com ; ok markus@
2002-03-05 01:40:37 +00:00
ea03db9dbb
- stevesk@cvs.openbsd.org 2002/02/28 20:46:10
...
[sshd.8]
-u0 DNS for user@host
2002-03-05 01:38:57 +00:00
778bf55d89
- stevesk@cvs.openbsd.org 2002/02/28 20:36:42
...
[sshd.8]
DenyUsers allows user@host pattern also
2002-03-05 01:37:12 +00:00
916d83d208
- stevesk@cvs.openbsd.org 2002/02/28 19:36:28
...
[auth.c match.c match.h]
delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers
for sshd -u0; ok markus@
2002-03-05 01:35:23 +00:00
80cb27dd7c
- markus@cvs.openbsd.org 2002/02/28 15:46:33
...
[authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c]
add some const EVP_MD for openssl-0.9.7
2002-03-05 01:33:36 +00:00
733a2351f5
- stevesk@cvs.openbsd.org 2002/02/27 21:23:13
...
[canohost.c channels.c packet.c sshd.c]
remove unneeded casts in [gs]etsockopt(); ok markus@
2002-03-05 01:31:28 +00:00
e86de51afb
- stevesk@cvs.openbsd.org 2002/02/26 20:03:51
...
[misc.c]
use socklen_t
2002-03-05 01:28:14 +00:00
3612bda7fd
- deraadt@cvs.openbsd.org 2002/02/26 19:06:43
...
[sftp.1]
no, look closely. the comma was highlighted. split .Ic even more
2002-03-05 01:26:38 +00:00
a48f3681f4
- mouring@cvs.openbsd.org 2002/02/26 19:04:37
...
[sftp.1]
> Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
Last Ic on the first line should not have a space between it and the final
comma.
2002-03-05 01:24:52 +00:00
a54f61c1c0
- deraadt@cvs.openbsd.org 2002/02/26 18:52:32
...
[sftp.1]
Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
2002-03-05 01:23:13 +00:00
200a5c0581
correction to sig_atomic_t test
2002-02-26 22:12:34 -08:00
7d2d1f1e67
correction to Bug 123 fix
2002-02-26 22:05:11 -08:00
88c0cd8596
- (bal) Imported missing fatal.c and fixed up Makefile.in
2002-02-26 19:24:21 +00:00
c58ab02e45
- markus@cvs.openbsd.org 2002/02/25 16:33:27
...
[ssh-keygen.c sshconnect2.c uuencode.c uuencode.h]
more u_* fixes
2002-02-26 18:15:09 +00:00
1ebd7a5342
- stevesk@cvs.openbsd.org 2002/02/24 19:59:42
...
[channels.c misc.c]
disable Nagle in connect_to() and channel_post_port_listener() (port
forwarding endpoints). the intention is to preserve the on-the-wire
appearance to applications at either end; the applications can then
enable TCP_NODELAY according to their requirements. ok markus@
2002-02-26 18:12:51 +00:00
90fd814f90
- markus@cvs.openbsd.org 2002/02/24 19:14:59
...
[auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h
ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
signed vs. unsigned: make size arguments u_int, ok stevesk@
2002-02-26 18:09:42 +00:00
e45a2cb2b7
- markus@cvs.openbsd.org 2002/02/24 18:31:09
...
[uuencode.c]
typo in comment
2002-02-26 18:07:26 +00:00
4a7714a43a
- markus@cvs.openbsd.org 2002/02/24 16:58:32
...
[packet.c]
make 'cp' unsigned and merge with 'ucp'; ok stevesk@
2002-02-26 18:04:38 +00:00
021fcd3a36
- markus@cvs.openbsd.org 2002/02/24 16:57:19
...
[sftp-client.c]
early close(), missing free; ok stevesk@
2002-02-26 18:02:43 +00:00
13c5d3b370
- stevesk@cvs.openbsd.org 2002/02/24 16:09:52
...
[sshd.c]
use u_char* here; ok markus@
2002-02-26 18:00:48 +00:00
14519086e4
- markus@cvs.openbsd.org 2002/02/23 17:59:02
...
[kex.c kexdh.c kexgex.c]
don't allow garbage after payload.
2002-02-26 17:58:29 +00:00
9c8edc96fc
- markus@cvs.openbsd.org 2002/02/22 12:20:34
...
[log.c log.h ssh-keyscan.c]
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@
2002-02-26 17:52:14 +00:00
351e919690
- (bal) Update sshd_config CVSID
2002-02-26 17:49:55 +00:00
b855028ff6
- markus@cvs.openbsd.org 2002/02/15 23:54:10
...
[auth-krb5.c]
krb5_get_err_text() does not like context==NULL; he@nordu.net via google;
ok provos@
2002-02-26 17:46:11 +00:00
a2b9607a86
- (stevesk) openbsd-compat/base64.h: typo in comment
2002-02-26 16:59:58 +00:00
4cec93faed
Bug 12 [configure.ac] add sys/bitypes.h to int64_t tests
...
based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney)
Bug 45 [configure.ac] modify skey test to work around conflict with autoconf
reported by nolan@naic.edu (Michael Nolan)
patch by Pekka Savola <pekkas@netcore.fi>
Bug 74 [configure.ac defines.h] add sig_atomic_t test
reported by dwd@bell-labs.com (Dave Dykstra)
Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com
[configure.ac Makefile.in] link libwrap only with sshd
based on patch by Maciej W. Rozycki <macro@ds2.pg.gda.pl>
Bug 123 link libpam only with sshd
reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky)
[configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7
[acconfig.h] remove unused HAVE_REGCOMP
2002-02-26 08:40:48 -08:00
c004135b72
- (bal) Last AIX patch. Moved aix_usrinfo() outside of do_setuserconext()
...
since we need more session information than provided by that function.
2002-02-25 15:48:02 +00:00
e06ae4a4bc
[loginrec.c session.c sshlogin.c sshlogin.h] Bug 84
...
patch by wknox@mitre.org (William Knox).
[sshlogin.h] declare record_utmp_only for session.c
2002-02-24 17:56:46 -08:00
839ac4f8aa
- (bal) Part two.. Drop unused AIX header, fix up missing char *cp. All
...
that is left is handling aix_usrinfo().
2002-02-24 20:42:46 +00:00
127398c6ec
- (bal) Drop Session *s usage in ports-aix.[ch] and pass just what we
...
need to do the jobs (AIX still does not fully compile, but that is
coming).
2002-02-24 20:25:46 +00:00
3107efc12a
- (bal) Minor session.c for cygwin. mispelt 'is_winnt' variable.
2002-02-21 15:37:02 +00:00
e37f63ffa0
- markus@cvs.openbsd.org 2002/02/16 00:51:44
...
[session.c]
typo
- (bal) CVS ID sync since the last two patches were merged mistakenly
2002-02-19 21:58:19 +00:00
4e97e85c03
- (bal) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/02/15 23:11:26
[session.c]
split do_child(), ok mouring@
Compiles under Redhat 7.2.. I cannot give any promises.. but I spent a
good hour and half ensure all the right bits are in the right spots.. and
it does seem to help out quite a bit for readiblity.
2002-02-19 21:50:43 +00:00
a9c039cf04
- (bal) Migrated AIX getuserattr and usrinfo code to
...
openbsd-compat/port-aix.[c] to improve readilbity of do_child() and
simplify our diffs against upstream source.
2002-02-19 20:27:55 +00:00
f095a85882
- (bal) Migrate IRIX jobs/projects/audit/etc code to
...
openbsd-compat/port-irix.[ch] to improve readiblity of do_child()
2002-02-19 20:02:48 +00:00
95ca7e9f1f
- deraadt@cvs.openbsd.org 2002/02/19 02:50:59
...
[sshd_config]
stategy is not an english word
2002-02-19 15:29:02 +11:00
85221b2818
- markus@cvs.openbsd.org 2002/02/18 17:55:20
...
[ssh.1]
-q: Fatal errors are _not_ displayed.
2002-02-19 15:27:23 +11:00
21cf4e0628
- markus@cvs.openbsd.org 2002/02/18 13:05:32
...
[cipher.c cipher.h]
switch to EVP, ok djm@ deraadt@
2002-02-19 15:26:42 +11:00
a93c6d87ef
- millert@cvs.openbsd.org 2002/02/17 19:42:32
...
[auth.h]
Manual cleanup of remaining userland __P use (excluding packages
maintained outside the tree)
2002-02-19 15:25:29 +11:00
b046211483
- millert@cvs.openbsd.org 2002/02/16 21:27:53
...
[auth.h]
Part one of userland __P removal. Done with a simple regexp with
some minor hand editing to make comments line up correctly. Another
pass is forthcoming that handles the cases that could not be done
automatically.
2002-02-19 15:24:43 +11:00
993dd55094
- stevesk@cvs.openbsd.org 2002/02/16 20:40:08
...
[ssh-keygen.c]
default to rsa keyfile path for non key generation operations where
keyfile not specified. fixes core dump in those cases. ok markus@
2002-02-19 15:22:47 +11:00
55fafa09f2
- stevesk@cvs.openbsd.org 2002/02/16 14:53:37
...
[ssh-keygen.1]
-t required now for key generation
2002-02-19 15:22:07 +11:00
963f6b25e2
- markus@cvs.openbsd.org 2002/02/14 23:41:01
...
[authfile.c cipher.c cipher.h kex.c kex.h packet.c]
hide some more implementation details of cipher.[ch] and prepares for move
to EVP, ok deraadt@
2002-02-19 15:21:23 +11:00
19a5945105
- markus@cvs.openbsd.org 2002/02/14 23:28:00
...
[channels.h session.c ssh.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
2002-02-19 15:20:57 +11:00
2aa0c1995c
- markus@cvs.openbsd.org 2002/02/14 23:27:59
...
[channels.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
2002-02-19 15:20:08 +11:00
7af3d10588
- mpech@cvs.openbsd.org 2002/02/13 08:33:47
...
[ssh-keyscan.1]
When you give command examples and etc., in a manual page prefix them with: $ command
or
# command
2002-02-19 15:19:42 +11:00
92c1fc41fe
newer config.guess from ftp://ftp.gnu.org/gnu/config/config.guess
2002-02-18 15:18:56 -08:00
72476d4b24
- (djm) Bug #114 - not starting PAM for SSH protocol 1 invalid users
2002-02-14 20:39:49 +11:00
d054b07cc9
- (djm) Don't use system sys/queue.h on AIX. Report from gert@greenie.muc.de
2002-02-14 08:44:04 +11:00
57e3fa8c95
Add rpc/rpc.h for INADDR_LOOPBACK on SCO OSR3
2002-02-13 10:14:52 -08:00
150c8b5578
- (djm) Bug #106 : Add --without-rpath configure option. Patch from
...
Nicolas.Williams@ubsw.com
2002-02-13 23:06:56 +11:00
8e3bdca1da
- (djm) Sync openbsd-compat with OpenBSD CVS too
2002-02-13 16:00:15 +11:00
3db5f530d0
- djm@cvs.openbsd.org 2002/02/13 00:59:23
...
[sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp.h]
[sftp-int.c sftp-int.h]
API cleanup and backwards compat for filexfer v.0 servers; ok markus@
2002-02-13 14:10:32 +11:00
3606ee2938
- markus@cvs.openbsd.org 2002/02/13 00:39:15
...
[readpass.c]
readpass.c is not longer from UCB, since we now use readpassphrase(3)
2002-02-13 14:05:23 +11:00
00c9217558
- markus@cvs.openbsd.org 2002/02/13 00:28:13
...
[sftp-server.c]
handle SSH2_FILEXFER_ATTR_SIZE in SSH2_FXP_(F)SETSTAT; ok djm@
2002-02-13 14:05:00 +11:00
5873dfd829
- djm@cvs.openbsd.org 2002/02/12 12:44:46
...
[sftp-client.c]
Let overlapped upload path handle servers which reorder ACKs. This may be
permitted by the protocol spec; ok markus@
2002-02-13 14:04:37 +11:00
16a133339a
- djm@cvs.openbsd.org 2002/02/12 12:32:27
...
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Perform multiple overlapping read/write requests in file transfer. Mostly
done by Tobias Ringstrom <tori@ringstrom.mine.nu>; ok markus@
2002-02-13 14:03:56 +11:00
afc7a5d774
- markus@cvs.openbsd.org 2002/02/11 16:21:42
...
[match.c]
support up to 40 algorithms per proposal
2002-02-13 13:55:30 +11:00
6a47f30c55
- markus@cvs.openbsd.org 2002/02/11 16:19:39
...
[sshd.c]
include md5.h not hmac.h
2002-02-13 13:55:06 +11:00
654c03fd06
- markus@cvs.openbsd.org 2002/02/11 16:17:55
...
[sshd.c]
do not complain about port > 1024 if rhosts-auth is disabled
2002-02-13 13:54:44 +11:00
2ce18dabf3
- markus@cvs.openbsd.org 2002/02/11 16:15:46
...
[sshconnect1.c]
include md5.h, not evp.h
2002-02-13 13:54:27 +11:00
bc27d4e987
- markus@cvs.openbsd.org 2002/02/11 16:10:15
...
[kex.c]
restore kexinit handler if we reset the dispatcher, this unbreaks rekeying
s/kex_clear_dispatch/kex_reset_dispatch/
2002-02-13 13:54:06 +11:00
afcc22542e
- deraadt@cvs.openbsd.org 2002/02/10 01:07:05
...
[readconf.h sshd.8]
more /etc/ssh; openbsd@davidkrause.com
2002-02-10 18:32:55 +11:00
05eda437a6
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2002/02/09 17:37:34
[pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1]
move ssh config files to /etc/ssh
- (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match
2002-02-10 18:32:28 +11:00
4860650842
- markus@cvs.openbsd.org 2002/02/07 09:35:39
...
[ssh.c]
remove bogus comments
2002-02-08 22:07:33 +11:00
699d003e3a
- markus@cvs.openbsd.org 2002/02/06 14:55:16
...
[channels.c clientloop.c serverloop.c ssh.c]
channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
f3dcf1fc88
- markus@cvs.openbsd.org 2002/02/06 14:37:22
...
[session.c]
minor KNF
2002-02-08 22:06:48 +11:00
025e01c7f0
- mpech@cvs.openbsd.org 2002/02/06 14:27:23
...
[sftp.c]
sync usage() with manual.
2002-02-08 22:06:29 +11:00
81b6e787a0
- markus@cvs.openbsd.org 2002/02/06 14:22:42
...
[sftp.1]
sort options; ok mpech@, stevesk@
2002-02-08 22:06:03 +11:00
a500cd608e
- markus@cvs.openbsd.org 2002/02/05 14:32:55
...
[channels.c channels.h ssh.c]
merge channel_request() into channel_request_start()
2002-02-08 22:04:26 +11:00
8829d3669d
- djm@cvs.openbsd.org 2002/02/05 00:00:46
...
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Add "-B" option to specify copy buffer length (default 32k); ok markus@
2002-02-08 22:04:05 +11:00
e8c9ed436a
- stevesk@cvs.openbsd.org 2002/02/04 20:41:16
...
[ssh-agent.1]
more sync for default ssh-add identities; ok markus@
2002-02-08 22:02:16 +11:00
5aa5d78e40
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/02/04 12:15:25
[sshd.c]
add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org ; ok djm@
2002-02-08 22:01:54 +11:00
f3451a2181
- (djm) Cleanup after sync:
...
- :%s/reverse_mapping_check/verify_reverse_mapping/g
2002-02-05 12:40:46 +11:00
cb8ea157b8
- djm@cvs.openbsd.org 2002/02/05 00:00:46
...
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Add "-B" option to specify copy buffer length (default 32k); ok markus@
2002-02-05 12:27:58 +11:00
d14ee1e29c
- djm@cvs.openbsd.org 2002/02/04 21:53:12
...
[sftp.1 sftp.c]
Add "-P" option to directly connect to a local sftp-server. Should be useful
for regression testing; ok markus@
2002-02-05 12:27:31 +11:00
ab57f35114
- stevesk@cvs.openbsd.org 2002/02/04 20:41:16
...
[ssh-add.1]
more sync for default ssh-add identities; ok markus@
2002-02-05 12:26:58 +11:00
fcd9320440
- markus@cvs.openbsd.org 2002/02/04 12:15:25
...
[log.c log.h readconf.c servconf.c]
add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org ; ok djm@
2002-02-05 12:26:34 +11:00
9b74bfc5be
- markus@cvs.openbsd.org 2002/02/04 11:58:10
...
[auth2.c]
cross checking of announced vs actual pktype in pubkey/hostbaed auth; ok stevesk@
2002-02-05 12:26:03 +11:00
4d4d53f399
- stevesk@cvs.openbsd.org 2002/02/04 00:53:39
...
[ssh-agent.c]
unneeded includes
2002-02-05 12:25:28 +11:00
d2b8f1657e
- stevesk@cvs.openbsd.org 2002/02/03 23:22:59
...
[ssh-agent.1]
ssh-add also adds $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa now.
2002-02-05 12:24:19 +11:00
9749c0c972
- stevesk@cvs.openbsd.org 2002/02/03 22:35:57
...
[ssh.1 sshd.8]
some KeepAlive cleanup/clarify; ok markus@
2002-02-05 12:23:58 +11:00
68f45983b2
- markus@cvs.openbsd.org 2002/02/03 17:59:23
...
[sshconnect2.c]
more cross checking if announced vs. used key type; ok stevesk@
2002-02-05 12:23:32 +11:00
67f0bc043c
- markus@cvs.openbsd.org 2002/02/03 17:58:21
...
[channels.c channels.h ssh.c]
generic callbacks are not really used, remove and
add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
ok djm@
2002-02-05 12:23:08 +11:00
50e884d125
- markus@cvs.openbsd.org 2002/02/03 17:55:55
...
[channels.c channels.h]
remove unused channel_input_channel_request
2002-02-05 12:22:08 +11:00
c7ef63dd41
- markus@cvs.openbsd.org 2002/02/03 17:53:25
...
[auth1.c serverloop.c session.c session.h]
don't use channel_input_channel_request and callback
use new server_input_channel_req() instead:
server_input_channel_req does generic request parsing on server side
session_input_channel_req handles just session specific things now
ok djm@
2002-02-05 12:21:42 +11:00
664d6b9a8e
- markus@cvs.openbsd.org 2002/01/31 15:00:05
...
[serverloop.c]
no need for WNOHANG; ok stevesk@
2002-02-05 12:20:16 +11:00
9ab47eeb22
- markus@cvs.openbsd.org 2002/01/31 13:35:11
...
[kexdh.c kexgex.c]
cross check announced key type and type from key blob
2002-02-05 12:19:52 +11:00
07a2d429b2
- markus@cvs.openbsd.org 2002/01/29 23:50:37
...
[scp.1 ssh.1]
mention exit status; ok stevesk@
2002-02-05 12:16:15 +11:00
5fab4b9b1d
- markus@cvs.openbsd.org 2002/01/29 22:46:41
...
[session.c]
don't depend on servconf.c; ok djm@
2002-02-05 12:15:07 +11:00
c313be2756
- markus@cvs.openbsd.org 2002/01/29 16:41:19
...
[ssh-add.1]
add DIAGNOSTICS; ok stevesk@
2002-02-05 12:14:41 +11:00
baa0870852
- stevesk@cvs.openbsd.org 2002/01/29 16:29:02
...
[session.c]
limit subsystem length in log; ok markus@
2002-02-05 12:14:10 +11:00
c5d8635d6a
- markus@cvs.openbsd.org 2002/01/29 14:32:03
...
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config]
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
2002-02-05 12:13:41 +11:00
43cba34b64
- markus@cvs.openbsd.org 2002/01/29 14:27:57
...
[ssh-add.c]
exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@
2002-02-05 12:12:49 +11:00
35b13d633b
- stevesk@cvs.openbsd.org 2002/01/27 18:08:17
...
[ssh.c]
handle simple case to identify FamilyLocal display; ok markus@
2002-02-05 12:12:09 +11:00
95c249ff47
- stevesk@cvs.openbsd.org 2002/01/27 14:57:46
...
[channels.c servconf.c servconf.h session.c sshd.8 sshd_config]
add X11UseLocalhost; ok markus@
2002-02-05 12:11:34 +11:00
512bccbb5a
- stevesk@cvs.openbsd.org 2002/01/26 16:44:22
...
[includes.h session.c]
revert code to add x11 localhost display authorization entry for
hostname/unix:d and uts.nodename/unix:d if nodename was different than
hostname. just add entry for unix:d instead. ok markus@
2002-02-05 12:11:02 +11:00
3672e4bc7a
- markus@cvs.openbsd.org 2002/01/25 22:07:40
...
[kex.c kexdh.c kexgex.c key.c mac.c]
use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
2002-02-05 11:54:07 +11:00
c516e928cd
- markus@cvs.openbsd.org 2002/01/25 21:42:11
...
[ssh-dss.c ssh-rsa.c]
use static EVP_MAX_MD_SIZE buffers for EVP_DigestFinal; ok stevesk@
don't use evp_md->md_size, it's not public.
2002-02-05 11:53:43 +11:00
3a8262ffcc
- markus@cvs.openbsd.org 2002/01/25 21:00:24
...
[sshconnect2.c]
unused include
2002-02-05 11:53:15 +11:00
4d007769bf
- stevesk@cvs.openbsd.org 2002/01/24 21:13:23
...
[packet.c]
need misc.h for set_nodelay()
2002-02-05 11:52:54 +11:00
398e1cfa23
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/01/24 21:09:25
[channels.c misc.c misc.h packet.c]
add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning).
no nagle changes just yet; ok djm@ markus@
2002-02-05 11:52:13 +11:00
1e2c600892
[configure.ac] fix logic on when ssh-rand-helper is installed.
...
[sshd_config] put back in line that tells what PATH was compiled into sshd.
2002-01-30 22:14:03 -08:00
8eb7141758
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
2002-01-30 09:37:06 +11:00
6677d419de
- (djm) Don't grab Xserver or pointer by default. x11-ssh-askpass doesn't
...
and grabbing can cause deadlocks with kinput2.
2002-01-25 00:59:25 +11:00
414642b26f
- (djm) Don't grab Xserver by default. x11-ssh-askpass doesn't and grabbing
...
can cause deadlocks with kinput2
2002-01-25 00:46:04 +11:00
020daf437b
- (stevesk) Makefile.in: bug #61 ; delete commented line for now.
2002-01-23 23:26:43 +00:00
fa9b641eb0
- (bal) reverted out of 5/2001 change to atexit(). I assume I
...
did it to handle SonyOS. If that is the case than we will
do a special case for them.
2002-01-23 06:54:30 +00:00
e996d72e02
- (djm) Use case statements in autoconf to clean up some tests
2002-01-23 11:20:59 +11:00
7dc8197f8b
- (stevesk) fix --with-zlib=
2002-01-22 21:59:31 +00:00
6385ba0228
- (djm) Fix non-standard shell syntax in autoconf. Patch from
...
Dave Dykstra <dwd@bell-labs.com>
2002-01-23 08:12:36 +11:00
ec52d7c093
- (djm) Use local sys/queue.h if necessary in ssh-agent.c
2002-01-22 23:52:17 +11:00
28e4d8f87b
- (djm) Recent Glibc includes an incompatible sys/queue.h. Treat it as
...
bogus in configure
2002-01-22 23:51:42 +11:00
1fc2343e35
- (djm) Make auth2-pam.c compile again after dispatch.h and packet.h
...
changes
2002-01-22 23:43:12 +11:00
4fbf08a8f0
- stevesk@cvs.openbsd.org 2002/01/22 02:52:41
...
[servconf.c]
typo in error message; from djast@cs.toronto.edu
2002-01-22 23:35:09 +11:00
73f1074272
- markus@cvs.openbsd.org 2002/01/21 23:27:10
...
[channels.c nchan.c]
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
2002-01-22 23:34:52 +11:00
914bef437e
- markus@cvs.openbsd.org 2002/01/21 22:30:12
...
[cipher.c compat.c myproposal.h]
remove "rijndael-*", just use "aes-" since this how rijndael is called
in the drafts; ok stevesk@
2002-01-22 23:34:35 +11:00
49d795c647
- markus@cvs.openbsd.org 2002/01/21 15:13:51
...
[sshconnect.c]
use read_passphrase+ECHO in confirm(), allows use of ssh-askpass
for hostkey confirm.
2002-01-22 23:34:12 +11:00
df64a682f1
- stevesk@cvs.openbsd.org 2002/01/18 20:46:34
...
[sshd.8]
clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from
allard@oceanpark.com ; ok markus@
2002-01-22 23:33:45 +11:00
4a8ed54361
- stevesk@cvs.openbsd.org 2002/01/18 18:14:17
...
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@
2002-01-22 23:33:31 +11:00
9c3f9505d9
- stevesk@cvs.openbsd.org 2002/01/18 17:14:16
...
[sshd.8]
correct Ciphers default; paola.mannaro@ubs.com
2002-01-22 23:33:15 +11:00
5488b7ec4e
- stevesk@cvs.openbsd.org 2002/01/17 04:27:37
...
[log.c]
casts to silence enum type warnings for bugzilla bug 37; ok markus@
2002-01-22 23:32:57 +11:00
c497e38ce6
- stevesk@cvs.openbsd.org 2002/01/16 17:55:33
...
[ssh_config]
correct some commented defaults. add Ciphers default. ok markus@
2002-01-22 23:32:39 +11:00
fae2386cc9
- stevesk@cvs.openbsd.org 2002/01/16 17:42:33
...
[ssh.1]
correct defaults for -i/IdentityFile; ok markus@
2002-01-22 23:32:26 +11:00
2bec5c1543
- stevesk@cvs.openbsd.org 2002/01/16 17:40:23
...
[sshd_config]
The stategy now used for options in the default sshd_config shipped
with OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options change a
default value. Subsystem is currently the only default option
changed. ok markus@
2002-01-22 23:32:07 +11:00
b16461ce45
- markus@cvs.openbsd.org 2002/01/16 13:17:51
...
[channels.c channels.h serverloop.c ssh.c]
wrapper for channel_setup_fwd_listener
2002-01-22 23:29:22 +11:00
b51ed39161
- markus@cvs.openbsd.org 2002/01/14 13:57:03
...
[channels.h nchan.c]
(c) 2002
2002-01-22 23:29:03 +11:00
5144df9261
- markus@cvs.openbsd.org 2002/01/14 13:55:55
...
[channels.c channels.h nchan.c]
remove function pointers for events, remove chan_init*; ok provos@
2002-01-22 23:28:45 +11:00
472d05716a
- markus@cvs.openbsd.org 2002/01/14 13:41:13
...
[nchan.c]
remove duplicated code; ok provos@
2002-01-22 23:28:28 +11:00
ebc11d3012
- markus@cvs.openbsd.org 2002/01/14 13:40:10
...
[nchan.c]
correct fn names for ssh2, do not switch from closed to closed; ok provos@
2002-01-22 23:28:13 +11:00
fcfc43b617
- markus@cvs.openbsd.org 2002/01/14 13:34:07
...
[nchan.c]
merge chan_[io]buf_empty[12]; ok provos@
2002-01-22 23:27:45 +11:00
abea8ee1c3
- markus@cvs.openbsd.org 2002/01/13 21:31:20
...
[channels.h nchan.c]
add chan_set_[io]state(), order states, state is now an u_int,
simplifies debugging messages; ok provos@
2002-01-22 23:27:11 +11:00
0e3b87279c
- markus@cvs.openbsd.org 2002/01/13 17:57:37
...
[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
use buffer API and avoid static strings of fixed size; ok provos@/mouring@
2002-01-22 23:26:38 +11:00
1a534ae97f
- provos@cvs.openbsd.org 2002/01/13 17:27:07
...
[ssh-agent.c]
change to use queue.h macros; okay markus@
2002-01-22 23:26:13 +11:00
df224031ca
- markus@cvs.openbsd.org 2002/01/12 13:10:29
...
[auth-skey.c]
undo local change
2002-01-22 23:25:46 +11:00
73f18346bc
- markus@cvs.openbsd.org 2002/01/11 23:26:30
...
[auth-skey.c]
use snprintf; mouring@
2002-01-22 23:25:30 +11:00
209ee4e368
- markus@cvs.openbsd.org 2002/01/11 23:02:51
...
[auth2-chall.c]
use snprintf; mouring@
2002-01-22 23:25:08 +11:00
85830d1dc0
- markus@cvs.openbsd.org 2002/01/11 23:02:18
...
[readpass.c]
use _PATH_TTY
2002-01-22 23:24:51 +11:00
a5ebe0c39d
- markus@cvs.openbsd.org 2002/01/11 20:14:11
...
[auth2-chall.c auth-skey.c]
use strlcpy not strlcat; mouring@
2002-01-22 23:24:33 +11:00
7d05339c70
- markus@cvs.openbsd.org 2002/01/11 13:39:36
...
[auth2.c dispatch.c dispatch.h kex.c]
a single dispatch_protocol_error() that sends a message of type 'UNIMPLEMENTED'
dispatch_range(): set handler for a ranges message types
use dispatch_protocol_ignore() for authentication requests after
successful authentication (the drafts requirement).
serverloop/clientloop now send a 'UNIMPLEMENTED' message instead of exiting.
2002-01-22 23:24:13 +11:00
84b8ab3eee
- markus@cvs.openbsd.org 2002/01/11 13:36:43
...
[ssh2.h]
add defines for msg type ranges
2002-01-22 23:23:41 +11:00
659811f7fc
- markus@cvs.openbsd.org 2002/01/11 10:31:05
...
[packet.c]
handle received SSH2_MSG_UNIMPLEMENTED messages; ok djm@
2002-01-22 23:23:11 +11:00
66ac6a43a8
- markus@cvs.openbsd.org 2002/01/10 12:47:59
...
[nchan.c]
more unused code (with channels.c:1.156)
2002-01-22 23:22:44 +11:00
4ce2595259
- markus@cvs.openbsd.org 2002/01/10 12:38:26
...
[nchan.c]
remove dead code (skip drain)
2002-01-22 23:22:20 +11:00
c3fa407073
- markus@cvs.openbsd.org 2002/01/10 11:24:04
...
[clientloop.c]
handle SSH2_MSG_GLOBAL_REQUEST (just reply with failure); ok djm@
2002-01-22 23:21:58 +11:00
056cf73d35
- markus@cvs.openbsd.org 2002/01/10 11:13:29
...
[serverloop.c]
skip client_alive_check until there are channels; ok beck@
2002-01-22 23:21:39 +11:00
76765c0b1a
- markus@cvs.openbsd.org 2002/01/09 17:26:35
...
[channels.c nchan.c]
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
2002-01-22 23:21:15 +11:00
de6987c2b9
- markus@cvs.openbsd.org 2002/01/09 17:16:00
...
[channels.c]
merge channel_pre_open_15/channel_pre_open_20; ok provos@
2002-01-22 23:20:40 +11:00
a1db12bac4
- markus@cvs.openbsd.org 2002/01/09 13:49:27
...
[ssh-keygen.c]
append \n only for public keys
2002-01-22 23:20:15 +11:00
70972eb388
- stevesk@cvs.openbsd.org 2002/01/05 21:51:56
...
[ssh.1 sshd.8]
some missing and misplaced periods
2002-01-22 23:19:55 +11:00
a90fc08b88
- markus@cvs.openbsd.org 2002/01/05 10:43:40
...
[channels.c]
fix hanging x11 channels for rejected cookies (e.g. XAUTHORITY=/dev/null xbiff)
bug #36 , based on patch from djast@cs.toronto.edu
2002-01-22 23:19:38 +11:00
7fc2373f17
- stevesk@cvs.openbsd.org 2002/01/04 18:14:16
...
[servconf.c sshd.8]
protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and
/etc/ssh_host_dsa_key like we have in sshd_config. ok markus@
2002-01-22 23:19:11 +11:00
f51b0e1a30
- stevesk@cvs.openbsd.org 2002/01/04 17:59:17
...
[readconf.c servconf.c]
remove #ifdef _PATH_XAUTH/#endif; ok markus@
2002-01-22 23:18:49 +11:00
56ccf41de2
- stevesk@cvs.openbsd.org 2002/01/03 04:11:08
...
[ssh_config]
grammar in comment
2002-01-22 23:18:32 +11:00
708d21c802
- stevesk@cvs.openbsd.org 2001/12/29 21:56:01
...
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
2002-01-22 23:18:15 +11:00
dc9e067614
- stevesk@cvs.openbsd.org 2001/12/28 22:37:48
...
[ssh.1 sshd.8]
document LogLevel DEBUG[123]; ok markus@
2002-01-22 23:17:51 +11:00
630d6f4479
- markus@cvs.openbsd.org 2001/12/28 15:06:00
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
dff5099f13
- markus@cvs.openbsd.org 2001/12/28 14:50:54
...
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
76e1e368b5
- markus@cvs.openbsd.org 2001/12/28 14:13:13
...
[bufaux.c bufaux.h packet.c]
buffer_get_bignum: int -> void
2002-01-22 23:15:57 +11:00
d432ccf740
- markus@cvs.openbsd.org 2001/12/28 13:57:33
...
[auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
packet_get_bignum* no longer returns a size
2002-01-22 23:14:44 +11:00
29f75f5c25
oops, that last commit was really:
...
- markus@cvs.openbsd.org 2001/12/28 12:14:27
[auth1.c auth2.c auth2-chall.c auth-rsa.c channels.c clientloop.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
s/packet_done/packet_check_eom/ (end-of-message); ok djm@
with 47 more patchsets to go, I am not going to back out all the files for
the sake of a commit message...
2002-01-22 23:14:10 +11:00
48b03fc546
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
66823cddbe
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
d221ca6cc9
- markus@cvs.openbsd.org 2001/12/27 19:54:53
...
[auth1.c auth.h auth-rh-rsa.c]
auth_rhosts_rsa now accept generic keys.
2002-01-22 23:11:00 +11:00
9ef95ddcaf
- markus@cvs.openbsd.org 2001/12/27 19:37:23
...
[dh.c kexdh.c kexgex.c]
always use BN_clear_free instead of BN_free
2002-01-22 23:10:33 +11:00
040b64f60a
- markus@cvs.openbsd.org 2001/12/27 18:26:13
...
[authfile.c]
missing include
2002-01-22 23:10:04 +11:00
7d1ded4972
- stevesk@cvs.openbsd.org 2001/12/27 18:22:53
...
[sshd.8]
clarify -p; ok markus@
2002-01-22 23:09:41 +11:00
da7551677b
- markus@cvs.openbsd.org 2001/12/27 18:22:16
...
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
call fatal() for openssl allocation failures
2002-01-22 23:09:22 +11:00
154dda73a8
- markus@cvs.openbsd.org 2001/12/27 18:10:29
...
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
2002-01-22 23:08:16 +11:00
aef7a095c8
- markus@cvs.openbsd.org 2001/12/25 18:53:00
...
[auth1.c]
be more carefull on allocation
2002-01-22 23:07:52 +11:00
503761ac45
- markus@cvs.openbsd.org 2001/12/25 18:49:56
...
[key.c]
be more careful on allocation
2002-01-22 23:07:21 +11:00
a055c25d05
- deraadt@cvs.openbsd.org 2001/12/24 07:29:43
...
[ssh-add.c]
try all listed keys.. how did this get broken?
(oops - that was me)
2002-01-22 23:07:01 +11:00
7c31809c4a
- markus@cvs.openbsd.org 2001/12/21 12:17:33
...
[serverloop.c]
remove ifdef for USE_PIPES since fdin != fdout; ok djm@
2002-01-22 23:06:22 +11:00
6e1057c2d7
- djm@cvs.openbsd.org 2001/12/21 10:06:43
...
[ssh-add.1 ssh-add.c]
Try all standard key files (id_rsa, id_dsa, identity) when invoked with
no arguments; ok markus@
2002-01-22 23:05:59 +11:00
f451e22e21
- djm@cvs.openbsd.org 2001/12/21 08:53:45
...
[readpass.c]
Avoid interruptable passphrase read; ok markus@
2002-01-22 23:05:31 +11:00
a41c8b15bd
- djm@cvs.openbsd.org 2001/12/21 08:52:22
...
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
2002-01-22 23:05:08 +11:00
ec932376b7
- (djm) autoconf hacking:
...
- Add OpenSSL sanity check: verify that header version matches version
reported by library
2002-01-22 22:16:03 +11:00
c46cc5445d
- (djm) Fix some bugs I introduced into ssh-rand-helper yesterday
2002-01-22 21:58:27 +11:00
6c21c51c48
- (djm) autoconf hacking:
...
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
2002-01-22 21:57:53 +11:00
7b10ef4877
- (djm) Rework ssh-rand-helper:
...
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf
- Always seed from system calls, even when doing PRNGd seeding
- Tidy and comment #define knobs
- Remove unused facility for multiple runs through command list
- KNF, cleanup, update copyright
2002-01-21 23:44:12 +11:00
a234451a70
- (djm) Bug #50 - make autoconf entropy path checks more robust
2002-01-14 19:01:03 +11:00
2f8f6e3b1c
- (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does
...
not depend on transition links. from Lutz Jaenicke.
2002-01-08 21:59:06 +00:00
bb9ffc18ca
- (djm) Merge Cygwin copy_environment with do_pam_environment, removing
...
fixed env var size limit in the process. Report from Corinna Vinschen
<vinschen@redhat.com>
2002-01-08 10:59:32 +11:00
f49a1191c7
- (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u"
...
for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
2002-01-06 02:32:57 +00:00
0bd4b34c9b
- (stevesk) fix spurious ; from NCR change.
2002-01-05 23:24:27 +00:00
381d8d9d89
- (bal) NCR requies use_pipes to operate correctly.
2002-01-05 17:15:30 +00:00
f9661094e5
- (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from
...
Roger Cornelius <rac@tenzing.org>
2002-01-03 10:30:56 +11:00
b65a93d3a6
test openssh-commits list
2001-12-31 11:59:53 +11:00
bc5239bd62
testing again
2001-12-31 11:55:59 +11:00
6a568f3ca9
- (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen
...
<vinschen@redhat.com>
2001-12-29 14:10:09 +11:00
0dea79d6b6
- (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
...
<vinschen@redhat.com> Could be abused to guess valid usernames
2001-12-29 14:08:28 +11:00
6cb127fc14
- (djm) Remove recommendation to use GNU make, we should support most
...
make programs.
2001-12-28 09:57:33 +11:00
9443508b96
- (stevesk) [Makefile.in ssh-rand-helper.c]
...
portable lib and __progname support for ssh-rand-helper; ok djm@
2001-12-25 04:32:58 +00:00
2ad31ee68a
- (bal) Removed contrib/chroot.diff and noted in contrib/README that it
...
was not being maintained.
2001-12-24 02:59:19 +00:00
62116dcc0a
- (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
...
solar@openwall.com
- (djm) Rework entropy code. If the OpenSSL PRNG is has not been
internally seeded, execute a subprogram "ssh-rand-helper" to obtain
some entropy for us. Rewrite the old in-process entropy collecter as
an example ssh-rand-helper.
- (djm) Always perform ssh_prng_cmds path lookups in configure, even if
we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-24 01:41:47 +11:00
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
e737856350
- markus@cvs.openbsd.org 2001/12/20 16:37:29
...
[channels.c channels.h session.c]
setup x11 listen socket for just one connect if the client requests so.
(v2 only, but the openssh client does not support this feature).
2001-12-21 14:58:35 +11:00
5a6b4fe225
- stevesk@cvs.openbsd.org 2001/12/19 17:16:13
...
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
f6681a3a96
- markus@cvs.openbsd.org 2001/12/19 16:09:39
...
[serverloop.c]
fix race between SIGCHLD and select with an additional pipe. writing
to the pipe on SIGCHLD wakes up select(). using pselect() is not
portable and siglongjmp() ugly. W. R. Stevens suggests similar solution.
initial idea by pmenage@ensim.com ; ok deraadt@, djm@
2001-12-21 14:53:11 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
89681214ca
- jakob@cvs.openbsd.org 2001/12/18 10:06:24
...
[auth-rsa.c]
log fingerprint on successful public key authentication, simplify usage of key structs; ok markus@
2001-12-21 12:52:39 +11:00
da9edcabf8
- jakob@cvs.openbsd.org 2001/12/18 10:05:15
...
[auth2.c]
log fingerprint on successful public key authentication; ok markus@
2001-12-21 12:48:54 +11:00
5b2aea9494
- jakob@cvs.openbsd.org 2001/12/18 10:04:21
...
[auth.h hostfile.c hostfile.h]
remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
2001-12-21 12:47:09 +11:00
83c02ef623
- markus@cvs.openbsd.org 2001/12/10 20:34:31
...
[ssh-keyscan.c]
check that server supports v1 for -t rsa1, report from wirth@dfki.de
2001-12-21 12:45:43 +11:00
72c336def6
- stevesk@cvs.openbsd.org 2001/12/10 16:45:04
...
[sshd.c]
possible fd leak on error; ok markus@
2001-12-21 12:44:28 +11:00
ee11625d43
- markus@cvs.openbsd.org 2001/12/09 18:45:56
...
[auth2.c auth2-chall.c auth.h]
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
fixes memleak.
2001-12-21 12:42:34 +11:00
3afe375fd2
- stevesk@cvs.openbsd.org 2001/12/08 17:49:28
...
[channels.c pathnames.h]
use only one path to X11 UNIX domain socket vs. an array of paths
to try. report from djast@cs.toronto.edu . ok markus@
2001-12-21 12:39:51 +11:00
faf2f6483a
- (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X
...
server. I have found this necessary to avoid server hangs with X input
extensions (e.g. kinput2). Enable by setting the environment variable
"GNOME_SSH_ASKPASS_NOGRAB"
2001-12-21 10:28:07 +11:00
366298c696
- (stevesk) OpenBSD CVS sync X11 localhost display
...
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-19 17:58:01 +00:00
73f57be500
- stevesk@cvs.openbsd.org 2001/12/06 18:20:32
...
[channels.c]
disable nagle for X11 fake server and client TCPs. from netbsd.
ok markus@
2001-12-07 17:28:34 +00:00
ccd8d07b3c
- stevesk@cvs.openbsd.org 2001/12/06 18:09:23
...
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
2001-12-07 17:26:48 +00:00
e181a4d294
- stevesk@cvs.openbsd.org 2001/12/06 18:02:32
...
[channels.c sshconnect.c]
shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
c97b1affc5
- (bal) PCRE no longer required. Banished from the source along with
...
fake-regex.h
2001-12-07 17:20:47 +00:00
ade03f6bad
- markus@cvs.openbsd.org 2001/12/06 13:30:06
...
[servconf.c servconf.h sshd.8 sshd.c]
add -o to sshd, too. ok deraadt@
- (bal) Minor white space fix up in servconf.c
2001-12-06 18:22:17 +00:00
9eab262f1c
- markus@cvs.openbsd.org 2001/12/05 16:54:51
...
[compat.c match.c match.h]
make theo and djm happy: bye bye regexp
2001-12-06 18:06:05 +00:00
ff4a14f809
- markus@cvs.openbsd.org 2001/12/05 15:04:48
...
[version.h]
post 3.0.2
2001-12-06 18:02:59 +00:00
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
3c36bb29ca
- itojun@cvs.openbsd.org 2001/12/05 03:56:39
...
[auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
sshconnect2.c]
make it compile with more strict prototype checking
2001-12-06 17:55:26 +00:00
f8f065bc75
- itojun@cvs.openbsd.org 2001/12/05 03:50:01
...
[clientloop.c serverloop.c sshd.c]
deal with LP64 printf issue with sig_atomic_t. from thorpej
2001-12-06 17:52:16 +00:00
d05487d1db
- deraadt@cvs.openbsd.org 2001/12/02 02:08:32
...
[sftp-common.c]
zap };
2001-12-06 17:50:03 +00:00
38b951cdb2
- markus@cvs.openbsd.org 2001/12/01 21:41:48
...
[session.c sshd.8]
don't pass user defined variables to /usr/bin/login
2001-12-06 17:47:47 +00:00
4a4bd719ea
- stevesk@cvs.openbsd.org 2001/11/30 20:39:28
...
[ssh.c]
sscanf() length dependencies are clearer now; can also shrink proto
and data if desired, but i have not done that. ok markus@
2001-12-06 17:45:19 +00:00
57fe5b592c
- markus@cvs.openbsd.org 2001/11/29 22:08:48
...
[auth-rsa.c]
fix protocol error: send 'failed' message instead of a 2nd challenge
(happens if the same key is in authorized_keys twice).
reported Ralf_Meister@genua.de ; ok djm@
2001-12-06 17:41:25 +00:00
623e4a0b1a
- stevesk@cvs.openbsd.org 2001/11/29 19:06:39
...
[channels.h]
remove dead function prototype; ok markus@
2001-12-06 16:49:57 +00:00
5e71c54b8c
- markus@cvs.openbsd.org 2001/11/22 12:34:22
...
[clientloop.c serverloop.c sshd.c]
volatile sig_atomic_t
2001-12-06 16:48:14 +00:00
28c603bf43
- stevesk@cvs.openbsd.org 2001/11/22 05:27:29
...
[ssh-keyscan.c]
don't use "\n" in fatal()
2001-12-06 16:45:10 +00:00
4e366d5048
- stevesk@cvs.openbsd.org 2001/11/21 18:49:14
...
[ssh-keygen.1]
more on passphrase construction; ok markus@
2001-12-06 16:43:21 +00:00
4cbc181983
- markus@cvs.openbsd.org 2001/11/21 15:51:24
...
[key.c]
mem leak
2001-12-06 16:41:41 +00:00
70a290c5f7
- mpech@cvs.openbsd.org 2001/11/19 19:02:16
...
[deattack.c radix.c]
kill more registers
millert@ ok
2001-12-06 16:39:56 +00:00
11f790bbb1
- stevesk@cvs.openbsd.org 2001/11/19 18:40:46
...
[ssh-agent.1]
clarify/state that private keys are not exposed to clients using the
agent; ok markus@
2001-12-06 16:37:51 +00:00
d84df989db
- markus@cvs.openbsd.org 2001/11/19 11:20:21
...
[sshd.c]
fd leak on HUP; ok stevesk@
2001-12-06 16:35:40 +00:00
65366a8c76
- stevesk@cvs.openbsd.org 2001/11/17 19:14:34
...
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
2001-12-06 16:32:47 +00:00
eaffb9d6b6
- markus@cvs.openbsd.org 2001/11/16 12:46:13
...
[ssh-keyscan.c]
handle empty lines instead of dumping core; report from sha@sha-1.net
2001-12-06 16:28:19 +00:00
0795848def
- deraadt@cvs.openbsd.org 2001/11/14 20:45:08
...
[sshd.c]
errno saving wrapping in a signal handler
2001-12-06 16:19:01 +00:00
fe1d100ffd
[contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
...
openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c]
Allow SSHD to install as service under WIndows 9x/Me
[configure.ac] Fix to allow linking against PCRE on Cygwin
Patches by Corinna Vinschen <vinschen@redhat.com>
2001-11-26 17:19:43 -08:00
f7c6f95682
Release
2001-11-15 23:16:50 +11:00
efdc1f179d
- (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian
...
<djast@cs.toronto.edu> Fix from markus@
2001-11-15 08:40:45 +11:00
353f608740
- (djm) Bump RPM package versions
2001-11-14 00:05:57 +11:00
c3070c8fe0
- markus@cvs.openbsd.org 2001/11/13 02:03:57
...
[version.h]
enter 3.0.1
2001-11-14 00:05:29 +11:00
527366ccba
- markus@cvs.openbsd.org 2001/11/12 11:17:07
...
[servconf.c]
enable authorized_keys2 again. tested by fries@
2001-11-14 00:03:14 +11:00
61b05cfdda
- (djm) OpenBSD CVS Sync
...
- dugsong@cvs.openbsd.org 2001/11/11 18:47:10
[auth-krb5.c]
fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
art@, deraadt@ ok
2001-11-14 00:02:10 +11:00
e49d0966b5
- (djm) AIX login{success,failed} changes. Move loginsuccess call to
...
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
2001-11-13 23:46:18 +11:00
056ca1eb47
- (djm) Fix early (and double) free of remote user when using Kerberos.
...
Patch from Simon Wilkinson <simon@sxw.org.uk>
2001-11-13 11:20:07 +11:00
726273e129
- (djm) Reorder portable-specific server options so that they come first.
...
This should help reduce diff collisions for new server options (as they
will appear at the end)
2001-11-12 11:40:11 +11:00
75413ac499
- markus@cvs.openbsd.org 2001/11/11 13:02:31
...
[servconf.c]
make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.
2001-11-12 11:14:35 +11:00
084b8d4ed7
- markus@cvs.openbsd.org 2001/11/10 13:37:20
...
[packet.c]
remove extra debug()
2001-11-12 11:07:58 +11:00
eacff8533e
- markus@cvs.openbsd.org 2001/11/10 13:22:42
...
[ssh-rsa.c]
KNF (unexpand)
2001-11-12 11:07:35 +11:00
6a4a4b9290
- markus@cvs.openbsd.org 2001/11/10 13:19:45
...
[sshd.c]
cleanup libwrap support (remove bogus comment, bogus close(), add debug, etc).
2001-11-12 11:07:11 +11:00
e4a0ff4748
- markus@cvs.openbsd.org 2001/11/09 19:08:35
...
[sshd.c]
remove extra trailing dot from log message; pilot@naughty.monkey.org
2001-11-12 11:06:54 +11:00
79faeff2c1
- markus@cvs.openbsd.org 2001/11/09 18:59:23
...
[clientloop.c serverloop.c]
don't memset too much memory, ok millert@
original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
2001-11-12 11:06:32 +11:00
f655207a46
- markus@cvs.openbsd.org 2001/11/08 20:02:24
...
[auth.c]
don't print ROOT in CAPS for the authentication messages, i.e.
Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2
becomes
Accepted publickey for root from 127.0.0.1 port 42734 ssh2
2001-11-12 11:06:06 +11:00
705499b248
- markus@cvs.openbsd.org 2001/11/08 17:49:53
...
[ssh.1]
mention setuid root requirements; noted by cnorris@csc.UVic.ca ; ok stevesk@
2001-11-12 11:05:38 +11:00
637b8ae2d4
- markus@cvs.openbsd.org 2001/11/08 10:51:08
...
[readpass.c]
don't strdup too much data; from gotoh@taiyo.co.jp ; ok millert.
2001-11-12 11:05:20 +11:00
36f8dd3ed6
- markus@cvs.openbsd.org 2001/11/07 22:53:21
...
[channels.h]
crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com
2001-11-12 11:04:54 +11:00
6fd5b391f0
- markus@cvs.openbsd.org 2001/11/07 22:41:51
...
[auth2.c auth-rh-rsa.c]
unused includes
2001-11-12 11:04:28 +11:00
60d8aafcb1
- markus@cvs.openbsd.org 2001/11/07 22:12:01
...
[sshd.8]
s/Keepalive/KeepAlive/; from openbsd@davidkrause.com
2001-11-12 11:04:05 +11:00
36e603db86
- markus@cvs.openbsd.org 2001/11/07 22:10:28
...
[ssh-dss.c ssh-rsa.c]
missing free and sync dss/rsa code.
2001-11-12 11:03:35 +11:00
9af8c3c226
- markus@cvs.openbsd.org 2001/11/07 21:40:21
...
[ssh-rsa.c]
ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
2001-11-12 11:03:16 +11:00
9f64390f41
- markus@cvs.openbsd.org 2001/11/07 16:03:17
...
[packet.c packet.h sshconnect2.c]
pad using the padding field from the ssh2 packet instead of sending
extra ignore messages. tested against several other ssh servers.
2001-11-12 11:02:52 +11:00
1f8dddc927
- markus@cvs.openbsd.org 2001/10/30 20:29:09
...
[ssh.1]
ssh.1
2001-11-12 11:02:25 +11:00
91c1847733
- markus@cvs.openbsd.org 2001/10/29 19:27:15
...
[sshconnect2.c]
hostbased: check for client hostkey before building chost
2001-11-12 11:02:03 +11:00
eb5fec6494
- markus@cvs.openbsd.org 2001/10/25 21:14:32
...
[ssh-keygen.1 ssh-keygen.c]
better docu for fingerprinting, ok deraadt@
2001-11-12 10:52:44 +11:00
96507ef535
- markus@cvs.openbsd.org 2001/10/24 19:57:40
...
[clientloop.c]
make ~& (backgrounding) work again for proto v1; add support ~& for v2, too
2001-11-12 10:52:25 +11:00
07cd5897f9
- markus@cvs.openbsd.org 2001/10/24 08:51:35
...
[clientloop.c ssh.c]
ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
2001-11-12 10:52:03 +11:00
595bb4f572
- markus@cvs.openbsd.org 2001/10/24 08:41:20
...
[ssh.c]
remove unused
2001-11-12 10:51:40 +11:00
Ben Lindstrom
Kevin Steves
Tim Rice
Damien Miller
Markus Friedl