Should have added with this sync:
- djm@cvs.openbsd.org 2003/07/28 09:49:56
[ssh-keygen.1 ssh-keygen.c]
Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
Based on code from Phil Karn, William Allen Simpson and Niels Provos.
ok markus@, thanks jmc@
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
add experimental support for verifying hos keys using DNS as described
in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
ok markus@ and henning@
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
[scp.c sftp.1 sftp.c sftp-client.c sftp-int.c]
sftp progress meter support.
original diffs by Nils Nordman <nino at nforced dot com> via
markus@, merged to -current by me, djm@ ok.
With "ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin" you wild end up with
lrwxrwxrwx 1 root sys 4 Jul 8 18:43 slogin -> /ssh
after the package was installed.
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
auth2-passwd.c auth2-pubkey.c Makefile.in]
split auth2.c into one file per method; ok provos@/deraadt@
NOTE: Merged back noticable cygwin and pam stuff. May need review to
ensure I did not miss anything.
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney)
Bug 45 [configure.ac] modify skey test to work around conflict with autoconf
reported by nolan@naic.edu (Michael Nolan)
patch by Pekka Savola <pekkas@netcore.fi>
Bug 74 [configure.ac defines.h] add sig_atomic_t test
reported by dwd@bell-labs.com (Dave Dykstra)
Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com
[configure.ac Makefile.in] link libwrap only with sshd
based on patch by Maciej W. Rozycki <macro@ds2.pg.gda.pl>
Bug 123 link libpam only with sshd
reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky)
[configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7
[acconfig.h] remove unused HAVE_REGCOMP
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
solar@openwall.com
- (djm) Rework entropy code. If the OpenSSL PRNG is has not been
internally seeded, execute a subprogram "ssh-rand-helper" to obtain
some entropy for us. Rewrite the old in-process entropy collecter as
an example ssh-rand-helper.
- (djm) Always perform ssh_prng_cmds path lookups in configure, even if
we don't end up using ssh_prng_cmds (so we always get a valid file)
Darren Tucker
Damien Miller
Ben Lindstrom
Tim Rice
Kevin Steves