Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							3dff176ed9 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2008/01/19 23:09:49  
						
						... 
						
						
						
						[readconf.c readconf.h sshconnect2.c]
     promote rekeylimit to a int64 so it can hold the maximum useful limit
     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@ 
						
						
					 
					
						2008-02-10 22:25:52 +11:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							f520ea1567 
							
						 
					 
					
						
						
							
							- jolan@cvs.openbsd.org 2007/05/17 23:53:41  
						
						... 
						
						
						
						[sshconnect2.c]
     djm owes me a vb and a tism cd for breaking ssh compilation 
						
						
					 
					
						2007-05-20 15:11:33 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							26c6662834 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2007/05/17 20:48:13  
						
						... 
						
						
						
						[sshconnect2.c]
     fall back to gethostname() when the outgoing connection is not
     on a socket, such as is the case when ProxyCommand is used.
     Gives hostbased auth an opportunity to work; bz#616, report
     and feedback stuart AT kaloram.com; ok markus@ 
						
						
					 
					
						2007-05-20 15:09:42 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							ded319cca2 
							
						 
					 
					
						
						
							
							- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]  
						
						... 
						
						
						
						[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org 
						
						
					 
					
						2006-09-01 15:38:36 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							2125887a94 
							
						 
					 
					
						
						
							
							- dtucker@cvs.openbsd.org 2006/08/30 00:06:51  
						
						... 
						
						
						
						[sshconnect2.c]
     Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
     where previously it weren't.  bz #1221 , found by Dean Kopesky, ok djm@ 
						
						
					 
					
						2006-08-30 11:08:33 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a1cb9f334b 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/08/18 13:54:54  
						
						... 
						
						
						
						[gss-genr.c ssh-gss.h sshconnect2.c]
     bz #1218  - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
     ok markus@ 
						
						
					 
					
						2006-08-19 00:33:34 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							d783435315 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2006/08/03 03:34:42  
						
						... 
						
						
						
						[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy") 
						
						
					 
					
						2006-08-05 12:39:39 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a7a73ee35d 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/08/01 23:22:48  
						
						... 
						
						
						
						[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h 
						
						
					 
					
						2006-08-05 11:37:59 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							e3476ed03b 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/22 20:48:23  
						
						... 
						
						
						
						[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h 
						
						
					 
					
						2006-07-24 14:13:33 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							1cdde6f536 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/20 15:26:15  
						
						... 
						
						
						
						[auth1.c serverloop.c session.c sshconnect2.c]
     missed some needed #include <unistd.h> when KERBEROS5=no; issue from
     massimo@cedoc.mo.it  
						
						
					 
					
						2006-07-24 14:07:35 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							3997249346 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/11 20:07:25  
						
						... 
						
						
						
						[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-07-12 22:22:46 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							2e5fe88ebe 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2006/06/08 14:45:49  
						
						... 
						
						
						
						[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm 
						
						
					 
					
						2006-06-13 13:10:00 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							6b4069ad56 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2006/06/06 10:20:20  
						
						... 
						
						
						
						[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm 
						
						
					 
					
						2006-06-13 13:05:15 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							e250a94e69 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/05/08 10:49:48  
						
						... 
						
						
						
						[sshconnect2.c]
     uint32_t -> u_int32_t (which we use everywhere else)
     (Id sync only - portable already had this) 
						
						
					 
					
						2006-06-13 12:59:53 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							232b76f9f8 
							
						 
					 
					
						
						
							
							- dtucker@cvs.openbsd.org 2006/04/25 08:02:27  
						
						... 
						
						
						
						[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186 , ok djm@ 
						
						
					 
					
						2006-05-06 17:41:51 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							57c30117c1 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/03/25 13:17:03  
						
						... 
						
						
						
						[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files 
						
						
					 
					
						2006-03-26 14:24:48 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							07d86bec5e 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/03/25 00:05:41  
						
						... 
						
						
						
						[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh
     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die
     feedback and ok deraadt@ 
						
						
					 
					
						2006-03-26 14:19:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							5790b5910b 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/03/19 07:41:30  
						
						... 
						
						
						
						[sshconnect2.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@ ok 
						
						
					 
					
						2006-03-26 13:54:03 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							b0fb6872ed 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2006/03/19 18:51:18  
						
						... 
						
						
						
						[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die 
						
						
					 
					
						2006-03-26 00:03:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							6645e7a70d 
							
						 
					 
					
						
						
							
							- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]  
						
						... 
						
						
						
						[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris 
						
						
					 
					
						2006-03-15 14:42:54 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a63128d1a8 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/03/07 09:07:40  
						
						... 
						
						
						
						[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     Implement the diffie-hellman-group-exchange-sha256 key exchange method
     using the SHA256 code in libc (and wrapper to make it into an OpenSSL
     EVP), interop tested against CVS PuTTY
     NB. no portability bits committed yet 
						
						
					 
					
						2006-03-15 12:08:28 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							f17883e6a0 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/02/20 17:02:44  
						
						... 
						
						
						
						[clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-03-15 11:45:54 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							9cf6d077fb 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/02/10 01:44:27  
						
						... 
						
						
						
						[includes.h monitor.c readpass.c scp.c serverloop.c session.c^?]
     [sftp.c sshconnect.c sshconnect2.c sshd.c]
     move #include <sys/wait.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-03-15 11:29:24 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							2eb6340ddd 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/02/07 01:18:09  
						
						... 
						
						
						
						[includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
     move #include <sys/queue.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-03-15 11:09:42 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							15d72a00a3 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2005/10/14 02:17:59  
						
						... 
						
						
						
						[ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@ 
						
						
					 
					
						2005-11-05 15:07:33 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							da9984fc3a 
							
						 
					 
					
						
						
							
							- (djm) OpenBSD CVS Sync  
						
						... 
						
						
						
						- djm@cvs.openbsd.org  2005/08/30 22:08:05
     [gss-serv.c sshconnect2.c]
     destroy credentials if krb5_kuserok() call fails. Stops credentials being
     delegated to users who are not authorised for GSSAPIAuthentication when
     GSSAPIDeletegateCredentials=yes and another authentication mechanism
     succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by
     simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@ 
						
						
					 
					
						2005-08-31 19:46:26 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							9786e6e2a0 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2005/07/25 11:59:40  
						
						... 
						
						
						
						[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
     [sshconnect2.c sshd.c sshd_config sshd_config.5]
     add a new compression method that delays compression until the user
     has been authenticated successfully and set compression to 'delayed'
     for sshd.
     this breaks older openssh clients (< 3.5) if they insist on
     compression, so you have to re-enable compression in sshd_config.
     ok djm@ 
						
						
					 
					
						2005-07-26 21:54:56 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							0dc1bef12d 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2005/07/17 07:17:55  
						
						... 
						
						
						
						[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces 
						
						
					 
					
						2005-07-17 17:22:45 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							eccb9de72a 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2005/06/17 02:44:33  
						
						... 
						
						
						
						[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@ markus@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean 
						
						
					 
					
						2005-06-17 12:59:34 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							f675fc4948 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2004/06/13 12:53:24  
						
						... 
						
						
						
						[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
     [ssh-keyscan.c sshconnect2.c sshd.c]
     implement diffie-hellman-group14-sha1 kex method (trivial extension to
     existing diffie-hellman-group1-sha1); ok markus@ 
						
						
					 
					
						2004-06-15 10:30:09 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							e608ca2965 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2004/05/08 00:21:31  
						
						... 
						
						
						
						[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
     sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
     kill a tiny header; ok deraadt@ 
						
						
					 
					
						2004-05-13 16:15:47 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							0b51a52a10 
							
						 
					 
					
						
						
							
							- (djm) OpenBSD CVS Sync  
						
						... 
						
						
						
						- henning@cvs.openbsd.org  2004/04/08 16:08:21
     [sshconnect2.c]
     swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD     and NetBSD do.
     ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@ 
						
						
					 
					
						2004-04-20 20:07:19 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							bd394c329b 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2004/03/05 10:53:58  
						
						... 
						
						
						
						[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
     add IdentitiesOnly; ok djm@, pb@ 
						
						
					 
					
						2004-03-08 23:12:36 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							fb1310eded 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2004/01/19 21:25:15  
						
						... 
						
						
						
						[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
     fix mem leaks; some fixes from Pete Flugstad; tested dtucker@ 
						
						
					 
					
						2004-01-21 11:02:50 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							787b2ec18c 
							
						 
					 
					
						
						
							
							more whitespace (tabs this time)  
						
						
						
						
					 
					
						2003-11-21 23:56:47 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a8e06cef35 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2003/11/21 11:57:03  
						
						... 
						
						
						
						[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced) 
						
						
					 
					
						2003-11-21 23:48:55 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							0425d40194 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/11/17 11:06:07  
						
						... 
						
						
						
						[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h sshconnect2.c ssh-gss.h]
     replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
     test + ok jakob. 
						
						
					 
					
						2003-11-17 22:18:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							51bf11fcc9 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2003/11/17 09:45:39  
						
						... 
						
						
						
						[msg.c msg.h sshconnect2.c ssh-keysign.c]
     return error on msg send/receive failure (rather than fatal); ok markus@ 
						
						
					 
					
						2003-11-17 21:20:47 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							91c6aa4468 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/11/14 13:19:09  
						
						... 
						
						
						
						[sshconnect2.c]
     cleanup and minor fixes for the client code; from Simon Wilkinson 
						
						
					 
					
						2003-11-17 21:20:18 +11:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							655a5e0987 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/11/02 11:01:03  
						
						... 
						
						
						
						[auth2-gss.c compat.c compat.h sshconnect2.c]
     remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk  
						
						
					 
					
						2003-11-03 20:09:03 +11:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							56afe145e0 
							
						 
					 
					
						
						
							
							- avsm@cvs.openbsd.org 2003/10/26 16:57:43  
						
						... 
						
						
						
						[sshconnect2.c]
     rename 'supported' static var in userauth_gssapi() to 'gss_supported'
     to avoid shadowing the global version.  markus@ ok 
						
						
					 
					
						2003-11-03 20:06:14 +11:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							d05b601895 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/10/11 08:26:43  
						
						... 
						
						
						
						[sshconnect2.c]
     search keys in reverse order; fixes  #684  
						
						
					 
					
						2003-10-15 15:55:59 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							796448276c 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2003/10/07 21:58:28  
						
						... 
						
						
						
						[sshconnect2.c]
     set ptr to NULL after free 
						
						
					 
					
						2003-10-08 17:37:58 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							046dff2a07 
							
						 
					 
					
						
						
							
							- dtucker@cvs.openbsd.org 2003/10/07 01:47:27  
						
						... 
						
						
						
						[sshconnect2.c]
     Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668  & #707 .
     ok markus@ 
						
						
					 
					
						2003-10-08 17:32:02 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							08bbb2f69d 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2003/08/25 10:33:33  
						
						... 
						
						
						
						[sshconnect2.c]
     fprintf->logit to silence login banner with "ssh -q"; ok markus@ 
						
						
					 
					
						2003-08-26 12:14:05 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							600ad8de76 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2003/08/24 17:36:52  
						
						... 
						
						
						
						[monitor.c monitor_wrap.c sshconnect2.c]
     64 bit cleanups; markus ok 
						
						
					 
					
						2003-08-26 12:10:48 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							be1a901f99 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/08/22 13:20:03  
						
						... 
						
						
						
						[sshconnect2.c]
     remove support for "kerberos-2@ssh.com" 
						
						
					 
					
						2003-08-26 12:04:31 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							49aaf4ad52 
							
						 
					 
					
						
						
							
							- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h  
						
						... 
						
						
						
						configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
   sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson. 
						
						
					 
					
						2003-08-26 11:58:16 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							0efd155c3c 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/08/22 10:56:09  
						
						... 
						
						
						
						[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
     gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
     readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
     ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
     support GSS API user authentication; patches from Simon Wilkinson,
     stripped down and tested by Jakob and myself. 
						
						
					 
					
						2003-08-26 11:49:55 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							502d384b74 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/06/24 08:23:46  
						
						... 
						
						
						
						[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@, deraadt@, mouring@ 
						
						
					 
					
						2003-06-28 12:38:01 +10:00