Damien Miller
1a81258f4e
- jmc@cvs.openbsd.org 2004/04/19 16:12:14
...
[ssh_config.5]
kill whitespace at eol;
2004-04-20 20:13:32 +10:00
Damien Miller
c970cb9052
- djm@cvs.openbsd.org 2004/04/19 13:02:40
...
[ssh.1 ssh_config.5]
document strict permission checks on ~/.ssh/config; prompted by,
with & ok jmc@
2004-04-20 20:12:53 +10:00
Damien Miller
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller
1824c071ab
- (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change
2004-04-20 20:10:46 +10:00
Damien Miller
0b51a52a10
- (djm) OpenBSD CVS Sync
...
- henning@cvs.openbsd.org 2004/04/08 16:08:21
[sshconnect2.c]
swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do.
ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
Darren Tucker
bddc2b0179
- markus@cvs.openbsd.org 2004/04/01 12:19:57
...
[scp.c]
limit trust between local and remote rcp/scp process,
noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 23:50:16 +10:00
Darren Tucker
d04121f0ab
- djm@cvs.openbsd.org 2004/03/31 21:58:47
...
[canohost.c]
don't skip ip options check when UseDNS=no; ok markus@ (ID sync only)
2004-04-19 22:16:53 +10:00
Darren Tucker
dca6a4dd88
- djm@cvs.openbsd.org 2004/03/30 12:41:56
...
[sftp-client.c]
sync comment with reality
2004-04-19 22:10:52 +10:00
Darren Tucker
0a74ae7c14
- dtucker@cvs.openbsd.org 2004/03/08 10:17:12
...
[regress/login-timeout.sh]
Missing OBJ, from tim@. ok markus@ (Already fixed, ID sync only)
2004-04-19 22:04:21 +10:00
Darren Tucker
9929d1f666
- dtucker@cvs.openbsd.org 2004/02/29 22:04:45
...
[regress/login-timeout.sh]
Use sudo when restarting daemon during test. ok markus@
2004-04-19 22:01:37 +10:00
Darren Tucker
17421e774a
Add people with several and/or large contributions
2004-04-18 21:56:23 +10:00
Damien Miller
2eb4236d86
- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
...
change of user context without a password, so relax auth method
restrictions; from vinschen AT redhat.com; ok dtucker@
2004-04-18 21:15:43 +10:00
Damien Miller
7f64afdc09
update relnotes URL for release
2004-04-18 20:32:56 +10:00
Darren Tucker
2a9bf4b3d3
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
...
authentication attempts. With & ok djm@
2004-04-18 11:00:26 +10:00
Tim Rice
fe6d5aa54b
- (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and
...
BROKEN_SETREGID for SCO OpenServer 3
2004-04-16 20:03:07 -07:00
Damien Miller
9c870f966a
- (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache
...
file using FILE: method, fixes problems on Mac OSX.
Patch from simon@sxw.org.uk ; ok dtucker@
2004-04-16 22:47:55 +10:00
Darren Tucker
c99a19b445
- (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
...
FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com
2004-04-16 17:58:28 +10:00
Darren Tucker
855ffbfc5a
Typo fix in comment
2004-04-16 09:22:40 +10:00
Damien Miller
0ac4500f37
- (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@
2004-04-14 20:14:26 +10:00
Darren Tucker
06a8cfe796
- (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly
...
4-arg, with compatibility for 3-arg versions. From djm@, ok me.
2004-04-14 17:24:30 +10:00
Darren Tucker
3b908f65b4
- (dtucker) [acconfig.h configure.ac defines.h] Bug #673 : check for 4-arg
...
skeychallenge(), eg on NetBSD. ok mouring@
2004-04-14 15:26:39 +10:00
Darren Tucker
96cc26b614
- (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning
...
from bug #701 (text from jfh at cise.ufl.edu).
2004-04-14 13:04:35 +10:00
Ben Lindstrom
036768e48c
- (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggested
...
limiting scope and dtucker@ agreed.
2004-04-08 16:12:30 +00:00
Darren Tucker
11f18294ab
- (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and
...
simplify loginrec.c. ok tim@
2004-04-08 16:16:06 +10:00
Ben Lindstrom
1b9f2a6b44
- (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headers
...
back and #undef TARGET_OS_MAC instead. (Bug report pending with Apple)
2004-04-08 05:11:03 +00:00
Darren Tucker
4d2f361f96
- (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating
...
pty name on Linux 2.6.x systems. Patch from jpe at eisenmenger.org.
2004-04-08 10:57:05 +10:00
Ben Lindstrom
a8104b5c92
- (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see
...
if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X)
are starting to restrict it as internal since it is not needed by
developers any more. (Patch based on Apple tree)
- (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since
krb5 on MacOS/X conflicts. There may be a better solution, but this will
work for now.
2004-04-07 04:16:11 +00:00
Darren Tucker
ac7c998a2d
- (dtucker) [session.c] Flush stdout after displaying loginmsg. From
...
f_mohr at yahoo.de.
2004-04-07 08:04:09 +10:00
Darren Tucker
3c7c83a554
Oops, leftover from testing
2004-04-06 21:41:51 +10:00
Darren Tucker
4398cf5927
- (dtucker) [configure.ac] Bug #816 , #748 (again): Attempt to detect
...
broken getaddrinfo and friends on HP-UX. ok djm@
2004-04-06 21:39:02 +10:00
Darren Tucker
8db9a0ffd8
- (dtucker) [acconfig.h configure.ac defines.h] Bug #820 : don't use
...
updwtmpx() on IRIX since it seems to clobber utmp. ok djm@
2004-04-06 21:31:12 +10:00
Damien Miller
ccea020574
- (djm) Bug #825 : Fix ip_options_check() for mapped IPv4/IPv6 connection;
...
with & ok dtucker@
2004-03-31 15:17:54 +10:00
Darren Tucker
17addf0463
- (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
...
to reduce potential confusion with the one in sshd.c. ok djm@
2004-03-30 20:57:57 +10:00
Darren Tucker
809031f6c4
- (dtucker) [configure.ac] Bug #811 : Use "!" for LOCKED_PASSWD_PREFIX on
...
Linuxes, since that's what many use. ok djm@
2004-03-30 14:03:45 +10:00
Darren Tucker
b385059346
- (dtucker) [session.c] Bug #817 : Clear loginmsg after fork to prevent
...
duplicate login messages for mutli-session logins. ok djm@
2004-03-27 16:44:21 +11:00
Damien Miller
154e8b82ef
- (djm) Crank RPM spec versions
2004-03-22 09:40:01 +11:00
Damien Miller
aed7cee49a
- markus@cvs.openbsd.org 2004/03/20 10:40:59
...
[version.h]
3.8.1
2004-03-22 09:39:09 +11:00
Damien Miller
0c889cd9e9
- markus@cvs.openbsd.org 2004/03/11 10:21:17
...
[ssh.c sshd.c]
ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
Damien Miller
b408786db9
- markus@cvs.openbsd.org 2004/03/11 08:36:26
...
[sshd.c]
trim usage; ok deraadt
2004-03-22 09:35:21 +11:00
Damien Miller
5095510e5f
- markus@cvs.openbsd.org 2004/03/10 09:45:06
...
[ssh.c]
trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
Damien Miller
3df755e441
- markus@cvs.openbsd.org 2004/03/09 22:11:05
...
[ssh.c]
increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
Damien Miller
bfba354261
- (djm) [sshd.c] Drop supplemental groups if started as root
2004-03-22 09:29:57 +11:00
Damien Miller
4fefe24c01
- (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker
2004-03-11 14:20:10 +11:00
Darren Tucker
7c991ab1e1
- (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812 : #undef getaddrinfo
...
before redefining it, silences warnings on Tru64.
2004-03-10 21:06:32 +11:00
Tim Rice
aa5383243d
- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal
2004-03-08 12:12:18 -08:00
Damien Miller
8448e66770
- dtucker@cvs.openbsd.org 2004/03/08 10:18:57
...
[sshd_config.5]
Document KerberosGetAFSToken; ok markus@
2004-03-08 23:13:15 +11:00
Damien Miller
3b51301a4b
- djm@cvs.openbsd.org 2004/03/08 09:38:05
...
[ssh-keyscan.c]
explicitly initialise remote_major and remote_minor.
from cjwatson AT debian.org; ok markus@
2004-03-08 23:13:00 +11:00
Damien Miller
bd394c329b
- markus@cvs.openbsd.org 2004/03/05 10:53:58
...
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
2004-03-08 23:12:36 +11:00
Damien Miller
c0f27d8782
- djm@cvs.openbsd.org 2004/03/03 09:31:20
...
[sftp.c]
Fix initialisation of progress meter; ok markus@
2004-03-08 23:12:19 +11:00
Damien Miller
9ba3069a8b
- djm@cvs.openbsd.org 2004/03/03 09:30:42
...
[sftp-client.c]
Don't print duplicate messages when progressmeter is off
Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 23:12:02 +11:00