Damien Miller
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller
f91ee4c3de
- djm@cvs.openbsd.org 2005/03/01 10:09:52
...
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Darren Tucker
655a5e0987
- markus@cvs.openbsd.org 2003/11/02 11:01:03
...
[auth2-gss.c compat.c compat.h sshconnect2.c]
remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
2003-11-03 20:09:03 +11:00
Damien Miller
7630ee2fa6
- markus@cvs.openbsd.org 2003/08/29 10:03:15
...
[compat.c compat.h]
SSH_BUG_K5USER is unused; ok henning@
2003-09-02 22:52:00 +10:00
Darren Tucker
0efd155c3c
- markus@cvs.openbsd.org 2003/08/22 10:56:09
...
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
support GSS API user authentication; patches from Simon Wilkinson,
stripped down and tested by Jakob and myself.
2003-08-26 11:49:55 +10:00
Damien Miller
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
Damien Miller
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
Damien Miller
d32090426b
- markus@cvs.openbsd.org 2003/04/01 10:31:26
...
[compat.c compat.h kex.c]
bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
tested by ho@ and myself
2003-04-01 21:44:37 +10:00
Damien Miller
e9264973ad
- (djm) OpenBSD CVS Sync
...
- mickey@cvs.openbsd.org 2002/09/27 10:42:09
[compat.c compat.h sshd.c]
add a generic match for a prober, such as sie big brother;
idea from stevesk@; markus@ ok
2002-09-30 11:59:21 +10:00
Damien Miller
a0e4559d72
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/19 14:53:14
[compat.c]
2002-09-22 01:25:35 +10:00
Ben Lindstrom
c822638794
- markus@cvs.openbsd.org 2002/04/10 08:21:47
...
[auth1.c compat.c compat.h]
strip '@' from username only for KerbV and known broken clients, bug #204
Don't mind me.. I just commited a changelog with no patch. <sigh>
2002-04-10 16:22:09 +00:00
Ben Lindstrom
cf15944c23
- markus@cvs.openbsd.org 2002/03/25 21:13:51
...
[channels.c channels.h compat.c compat.h nchan.c]
don't send stderr data after EOF, accept this from older known (broken)
sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
2002-03-26 03:26:24 +00:00
Damien Miller
4e431d4b8e
- markus@cvs.openbsd.org 2002/03/06 00:24:39
...
[compat.c]
compat.c
2002-03-07 12:59:02 +11:00
Damien Miller
6d6c5d202f
- markus@cvs.openbsd.org 2002/03/06 00:23:27
...
[compat.c dh.c]
undo
2002-03-07 12:58:42 +11:00
Damien Miller
6ba693f70e
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/03/06 00:20:54
[compat.c dh.c]
compat.c
2002-03-07 12:58:24 +11:00
Damien Miller
914bef437e
- markus@cvs.openbsd.org 2002/01/21 22:30:12
...
[cipher.c compat.c myproposal.h]
remove "rijndael-*", just use "aes-" since this how rijndael is called
in the drafts; ok stevesk@
2002-01-22 23:34:35 +11:00
Damien Miller
0e3b87279c
- markus@cvs.openbsd.org 2002/01/13 17:57:37
...
[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
use buffer API and avoid static strings of fixed size; ok provos@/mouring@
2002-01-22 23:26:38 +11:00
Damien Miller
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom
9eab262f1c
- markus@cvs.openbsd.org 2001/12/05 16:54:51
...
[compat.c match.c match.h]
make theo and djm happy: bye bye regexp
2001-12-06 18:06:05 +00:00
Ben Lindstrom
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
Ben Lindstrom
f558cf6580
- markus@cvs.openbsd.org 2001/09/20 13:50:40
...
[compat.c compat.h ssh.c]
bug compat: request a dummy channel for -N (no shell) sessions +
cleanup; vinschen@redhat.com
2001-09-20 23:13:49 +00:00
Ben Lindstrom
3b4d42c240
- markus@cvs.openbsd.org 2001/09/17 21:09:47
...
[compat.c]
more versions suffering the SSH_BUG_DEBUG bug;
3.0.x reported by dbutts@maddog.storability.com
2001-09-18 05:55:10 +00:00
Ben Lindstrom
4469723325
- markus@cvs.openbsd.org 2001/06/25 08:25:41
...
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
update copyright for 2001
2001-07-04 03:32:30 +00:00
Ben Lindstrom
aebd0b66fd
- markus@cvs.openbsd.org 2001/04/30 16:02:49
...
[compat.c]
ssh-2.0.10 has the weak-key-bug, too.
2001-04-30 23:09:45 +00:00
Ben Lindstrom
8c96392255
- markus@cvs.openbsd.org 2001/04/30 15:50:46
...
[compat.c compat.h kex.c]
allow interop with weaker key generation used by ssh-2.0.x, x < 10
2001-04-30 23:06:57 +00:00
Ben Lindstrom
f343674d5e
- markus@cvs.openbsd.org 2001/04/29 19:16:52
...
[channels.c clientloop.c compat.c compat.h serverloop.c]
more ssh.com-2.0.x bug-compat; from per@appgate.com
2001-04-29 19:52:00 +00:00
Ben Lindstrom
671388f233
- markus@cvs.openbsd.org 2001/04/18 23:43:26
...
[auth2.c compat.c sshconnect2.c]
more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
(however the 2.1.0 server seems to work only if debug is enabled...)
2001-04-19 20:40:45 +00:00
Ben Lindstrom
5eabda303a
- markus@cvs.openbsd.org 2001/04/12 19:15:26
...
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-12 23:34:34 +00:00
Ben Lindstrom
a8baf36d41
- markus@cvs.openbsd.org 2001/04/05 11:09:17
...
[clientloop.c compat.c compat.h]
add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-04-05 23:28:36 +00:00
Ben Lindstrom
4f3ae4c550
- markus@cvs.openbsd.org 2001/04/05 10:00:06
...
[compat.c]
2.3.x does old GEX, too; report jakob@
2001-04-05 23:19:21 +00:00
Ben Lindstrom
78c261ab4a
- markus@cvs.openbsd.org 2001/04/04 15:50:55
...
[compat.c]
f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
2001-04-04 23:43:26 +00:00
Ben Lindstrom
df221391e6
- provos@cvs.openbsd.org 2001/03/27 17:46:50
...
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
make dh group exchange more flexible, allow min and max group size,
okay markus@, deraadt@
2001-03-29 00:36:16 +00:00
Ben Lindstrom
60a4381f1a
- markus@cvs.openbsd.org 2001/03/27 10:57:00
...
[compat.c compat.h ssh-rsa.c]
some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5
signatures in SSH protocol 2, ok djm@
2001-03-29 00:32:56 +00:00
Ben Lindstrom
c8530c7f5c
- djm@cvs.openbsd.org 2001/03/23 11:04:07
...
[compat.c compat.h sshconnect2.c sshd.c]
Compat for OpenSSH with broken Rijndael/AES. ok markus@
2001-03-24 00:35:19 +00:00
Damien Miller
27dbe6f37e
- deraadt@cvs.openbsd.org 2001/03/18 23:30:55
...
[compat.c compat.h sshd.c]
specifically version match on ssh scanners. do not log scan
information to the console
2001-03-19 22:36:20 +11:00
Tim Rice
b399be4436
- tim@mindrot.org 2001/03/17 18:45:25 [compat.c]
...
openbsd-compat/fake-regex.h
2001-03-17 18:43:16 -08:00
Ben Lindstrom
d20d0f3e27
- deraadt@cvs.openbsd.org 2001/03/10 15:31:00
...
[compat.c compat.h sshconnect.c]
all known netscreen ssh versions, and older versions of OSU ssh cannot
handle password padding (newer OSU is fixed)
2001-03-10 17:22:20 +00:00
Ben Lindstrom
266dfdfd62
- markus@cvs.openbsd.org 2001/03/08 21:42:33
...
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
no need to do enter passphrase or do expensive sign operations if the
server does not accept key).
2001-03-09 00:12:22 +00:00
Ben Lindstrom
5de86cc736
- markus@cvs.openbsd.org 2001/02/27 11:00:11
...
[compat.c]
support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
2001-03-05 06:08:19 +00:00
Damien Miller
225736c73a
- OpenBSD CVS Sync:
...
- reinhard@cvs.openbsd.org 2001/02/17 08:24:40
[sftp.1]
typo
- deraadt@cvs.openbsd.org 2001/02/17 16:28:58
[ssh.c]
cleanup -V output; noted by millert
- deraadt@cvs.openbsd.org 2001/02/17 16:48:48
[sshd.8]
it's the OpenSSH one
- markus@cvs.openbsd.org 2001/02/18 11:33:54
[dispatch.c]
typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
- markus@cvs.openbsd.org 2001/02/19 02:53:32
[compat.c compat.h serverloop.c]
ssh-1.2.{18-22} has broken handling of ignore messages; report from
itojun@
- markus@cvs.openbsd.org 2001/02/19 03:35:23
[version.h]
OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
- deraadt@cvs.openbsd.org 2001/02/19 03:36:25
[scp.c]
np is changed by recursion; vinschen@redhat.com
2001-02-19 21:51:08 +11:00
Ben Lindstrom
9646f3b3f9
#error no longer required, dealt with in configure.in now.
2001-02-16 03:36:46 +00:00
Kevin Steves
bcc862755d
- (stevesk) compat.c: more friendly cpp error
2001-02-11 18:49:23 +00:00
Kevin Steves
2b725a056a
RCSID
2001-02-05 18:16:28 +00:00
Ben Lindstrom
226cfa0378
Hopefully things did not get mixed around too much. It compiles under
...
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
2001-01-22 05:34:40 +00:00
Ben Lindstrom
401d58f361
- (bal) Slight auth2-pam.c clean up.
...
- (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
but no 'regexp.h' found (SCO OpenServer 3 lacks the header).
2001-01-19 17:11:43 +00:00
Ben Lindstrom
48bd7c118a
- (bal) OpenBSD Sync
...
- markus@cvs.openbsd.org 2001/01/08 22:29:05
[auth2.c compat.c compat.h servconf.c servconf.h sshd.8
sshd_config version.h]
implement option 'Banner /etc/issue.net' for ssh2, move version to
2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
is enabled).
- markus@cvs.openbsd.org 2001/01/08 22:03:23
[channels.c ssh-keyscan.c]
O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/08 21:55:41
[sshconnect1.c]
more cleanups and fixes from stevesk@pobox.com:
1) try_agent_authentication() for loop will overwrite key just
allocated with key_new(); don't alloc
2) call ssh_close_authentication_connection() before exit
try_agent_authentication()
3) free mem on bad passphrase in try_rsa_authentication()
- markus@cvs.openbsd.org 2001/01/08 21:48:17
[kex.c]
missing free; thanks stevesk@pobox.com
2001-01-09 00:35:42 +00:00
Kevin Steves
48d0d25722
type cpp comment
2000-12-15 23:05:57 +00:00
Ben Lindstrom
971c97317f
Another CVS sync w/ OpenBSD
...
- provos@cvs.openbsd.org 2000/12/09 23:51:11
[compat.c]
remove unnecessary '\n'
2000-12-10 02:01:50 +00:00
Ben Lindstrom
a14ee47f2e
20001207
...
- (bal) OpenSSH CVS updates:
- markus@cvs.openbsd.org 2000/12/06 22:58:14
[compat.c compat.h packet.c]
disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
2000-12-07 01:24:58 +00:00
Ben Lindstrom
d121f61370
20001204
...
- (bal) More C functions defined in NeXT that are unaccessable without
defining -POSIX.
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/12/03 11:29:04
[compat.c]
remove fallback to SSH_BUG_HMAC now that the drafts are updated
- markus@cvs.openbsd.org 2000/12/03 11:27:55
[compat.c]
correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
- markus@cvs.openbsd.org 2000/12/03 11:15:03
[auth2.c compat.c compat.h sshconnect2.c]
support f-secure/ssh.com 2.0.12; ok niels@
2000-12-03 17:00:47 +00:00