Commit Graph

3752 Commits

Author SHA1 Message Date
Damien Miller 1a81258f4e - jmc@cvs.openbsd.org 2004/04/19 16:12:14
[ssh_config.5]
     kill whitespace at eol;
2004-04-20 20:13:32 +10:00
Damien Miller c970cb9052 - djm@cvs.openbsd.org 2004/04/19 13:02:40
[ssh.1 ssh_config.5]
     document strict permission checks on ~/.ssh/config; prompted by,
     with & ok jmc@
2004-04-20 20:12:53 +10:00
Damien Miller 57a4476a69 - djm@cvs.openbsd.org 2004/04/18 23:10:26
[readconf.c readconf.h ssh-keysign.c ssh.c]
     perform strict ownership and modes checks for ~/.ssh/config files,
     as these can be used to execute arbitrary programs; ok markus@
     NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller 1824c071ab - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change 2004-04-20 20:10:46 +10:00
Damien Miller 0b51a52a10 - (djm) OpenBSD CVS Sync
- henning@cvs.openbsd.org 2004/04/08 16:08:21
     [sshconnect2.c]
     swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD     and NetBSD do.
     ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
Darren Tucker bddc2b0179 - markus@cvs.openbsd.org 2004/04/01 12:19:57
[scp.c]
     limit trust between local and remote rcp/scp process,
     noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 23:50:16 +10:00
Darren Tucker d04121f0ab - djm@cvs.openbsd.org 2004/03/31 21:58:47
[canohost.c]
     don't skip ip options check when UseDNS=no; ok markus@ (ID sync only)
2004-04-19 22:16:53 +10:00
Darren Tucker dca6a4dd88 - djm@cvs.openbsd.org 2004/03/30 12:41:56
[sftp-client.c]
     sync comment with reality
2004-04-19 22:10:52 +10:00
Darren Tucker 0a74ae7c14 - dtucker@cvs.openbsd.org 2004/03/08 10:17:12
[regress/login-timeout.sh]
     Missing OBJ, from tim@.  ok markus@ (Already fixed, ID sync only)
2004-04-19 22:04:21 +10:00
Darren Tucker 9929d1f666 - dtucker@cvs.openbsd.org 2004/02/29 22:04:45
[regress/login-timeout.sh]
     Use sudo when restarting daemon during test.  ok markus@
2004-04-19 22:01:37 +10:00
Darren Tucker 17421e774a Add people with several and/or large contributions 2004-04-18 21:56:23 +10:00
Damien Miller 2eb4236d86 - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
change of user context without a password, so relax auth method
   restrictions; from vinschen AT redhat.com; ok dtucker@
2004-04-18 21:15:43 +10:00
Damien Miller 7f64afdc09 update relnotes URL for release 2004-04-18 20:32:56 +10:00
Darren Tucker 2a9bf4b3d3 - (dtucker) [auth-pam.c] Log username and source host for failed PAM
authentication attempts.  With & ok djm@
2004-04-18 11:00:26 +10:00
Tim Rice fe6d5aa54b - (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and
BROKEN_SETREGID for SCO OpenServer 3
2004-04-16 20:03:07 -07:00
Damien Miller 9c870f966a - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache
file using FILE: method, fixes problems on Mac OSX.
   Patch from simon@sxw.org.uk; ok dtucker@
2004-04-16 22:47:55 +10:00
Darren Tucker c99a19b445 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
FAT/NTFS does not permit quotes in filenames.  From vinschen at redhat.com
2004-04-16 17:58:28 +10:00
Darren Tucker 855ffbfc5a Typo fix in comment 2004-04-16 09:22:40 +10:00
Damien Miller 0ac4500f37 - (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@ 2004-04-14 20:14:26 +10:00
Darren Tucker 06a8cfe796 - (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly
4-arg, with compatibility for 3-arg versions.  From djm@, ok me.
2004-04-14 17:24:30 +10:00
Darren Tucker 3b908f65b4 - (dtucker) [acconfig.h configure.ac defines.h] Bug #673: check for 4-arg
skeychallenge(), eg on NetBSD.  ok mouring@
2004-04-14 15:26:39 +10:00
Darren Tucker 96cc26b614 - (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning
from bug #701 (text from jfh at cise.ufl.edu).
2004-04-14 13:04:35 +10:00
Ben Lindstrom 036768e48c - (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggested
limiting scope and dtucker@ agreed.
2004-04-08 16:12:30 +00:00
Darren Tucker 11f18294ab - (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and
simplify loginrec.c.  ok tim@
2004-04-08 16:16:06 +10:00
Ben Lindstrom 1b9f2a6b44 - (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headers
back and #undef TARGET_OS_MAC instead.  (Bug report pending with Apple)
2004-04-08 05:11:03 +00:00
Darren Tucker 4d2f361f96 - (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating
pty name on Linux 2.6.x systems.  Patch from jpe at eisenmenger.org.
2004-04-08 10:57:05 +10:00
Ben Lindstrom a8104b5c92 - (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see
if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X)
   are starting to restrict it as internal since it is not needed by
    developers any more. (Patch based on Apple tree)
- (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since
    krb5 on MacOS/X conflicts.  There may be a better solution, but this will
    work for now.
2004-04-07 04:16:11 +00:00
Darren Tucker ac7c998a2d - (dtucker) [session.c] Flush stdout after displaying loginmsg. From
f_mohr at yahoo.de.
2004-04-07 08:04:09 +10:00
Darren Tucker 3c7c83a554 Oops, leftover from testing 2004-04-06 21:41:51 +10:00
Darren Tucker 4398cf5927 - (dtucker) [configure.ac] Bug #816, #748 (again): Attempt to detect
broken getaddrinfo and friends on HP-UX.  ok djm@
2004-04-06 21:39:02 +10:00
Darren Tucker 8db9a0ffd8 - (dtucker) [acconfig.h configure.ac defines.h] Bug #820: don't use
updwtmpx() on IRIX since it seems to clobber utmp.  ok djm@
2004-04-06 21:31:12 +10:00
Damien Miller ccea020574 - (djm) Bug #825: Fix ip_options_check() for mapped IPv4/IPv6 connection;
with & ok dtucker@
2004-03-31 15:17:54 +10:00
Darren Tucker 17addf0463 - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
to reduce potential confusion with the one in sshd.c.  ok djm@
2004-03-30 20:57:57 +10:00
Darren Tucker 809031f6c4 - (dtucker) [configure.ac] Bug #811: Use "!" for LOCKED_PASSWD_PREFIX on
Linuxes, since that's what many use.  ok djm@
2004-03-30 14:03:45 +10:00
Darren Tucker b385059346 - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to prevent
duplicate login messages for mutli-session logins.  ok djm@
2004-03-27 16:44:21 +11:00
Damien Miller 154e8b82ef - (djm) Crank RPM spec versions 2004-03-22 09:40:01 +11:00
Damien Miller aed7cee49a - markus@cvs.openbsd.org 2004/03/20 10:40:59
[version.h]
     3.8.1
2004-03-22 09:39:09 +11:00
Damien Miller 0c889cd9e9 - markus@cvs.openbsd.org 2004/03/11 10:21:17
[ssh.c sshd.c]
     ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
Damien Miller b408786db9 - markus@cvs.openbsd.org 2004/03/11 08:36:26
[sshd.c]
     trim usage; ok deraadt
2004-03-22 09:35:21 +11:00
Damien Miller 5095510e5f - markus@cvs.openbsd.org 2004/03/10 09:45:06
[ssh.c]
     trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
Damien Miller 3df755e441 - markus@cvs.openbsd.org 2004/03/09 22:11:05
[ssh.c]
     increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
Damien Miller bfba354261 - (djm) [sshd.c] Drop supplemental groups if started as root 2004-03-22 09:29:57 +11:00
Damien Miller 4fefe24c01 - (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker 2004-03-11 14:20:10 +11:00
Darren Tucker 7c991ab1e1 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfo
before redefining it, silences warnings on Tru64.
2004-03-10 21:06:32 +11:00
Tim Rice aa5383243d - (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal 2004-03-08 12:12:18 -08:00
Damien Miller 8448e66770 - dtucker@cvs.openbsd.org 2004/03/08 10:18:57
[sshd_config.5]
     Document KerberosGetAFSToken;  ok markus@
2004-03-08 23:13:15 +11:00
Damien Miller 3b51301a4b - djm@cvs.openbsd.org 2004/03/08 09:38:05
[ssh-keyscan.c]
     explicitly initialise remote_major and remote_minor.
     from cjwatson AT debian.org; ok markus@
2004-03-08 23:13:00 +11:00
Damien Miller bd394c329b - markus@cvs.openbsd.org 2004/03/05 10:53:58
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
     add IdentitiesOnly; ok djm@, pb@
2004-03-08 23:12:36 +11:00
Damien Miller c0f27d8782 - djm@cvs.openbsd.org 2004/03/03 09:31:20
[sftp.c]
     Fix initialisation of progress meter; ok markus@
2004-03-08 23:12:19 +11:00
Damien Miller 9ba3069a8b - djm@cvs.openbsd.org 2004/03/03 09:30:42
[sftp-client.c]
     Don't print duplicate messages when progressmeter is off
     Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 23:12:02 +11:00