1f062ca339
- (djm) [sshd.c] Fix warning/API abuse; ok dtucker@
2006-09-17 14:04:46 +10:00
5965ae13e0
- (dtucker) [monitor.c] Correctly handle auditing of single commands when
...
using Protocol 1. From jhb at freebsd.
2006-09-17 12:00:13 +10:00
54e1b2291c
- (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
...
process so that any logging it does is with the right timezone. From
Scott Strickler, ok djm@.
2006-09-17 11:57:46 +10:00
dd1f9b307e
- (djm) Add openssh.xml to .cvsignore and sort it
2006-09-17 08:05:03 +10:00
3c9c1fbd21
- djm@cvs.openbsd.org 2006/09/16 19:53:37
...
[deattack.c deattack.h packet.c]
limit maximum work performed by the CRC compensation attack detector,
problem reported by Tavis Ormandy, Google Security Team;
ok markus@ deraadt@
2006-09-17 06:08:53 +10:00
223897a01a
- (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]
...
Support SMF in Solaris Packages if enabled by configure. Patch from
Chad Mynhier, tested by dtucker@
2006-09-12 21:54:10 +10:00
5d8a9acef0
- (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. Noted
...
by Pekka Savola.
2006-09-11 20:46:13 +10:00
57b2920ad8
- (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.
2006-09-10 20:25:51 +10:00
f376669328
- (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.
2006-09-10 13:24:18 +10:00
733a292c11
- (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@
2006-09-09 20:41:25 +10:00
19a66dbf4f
- (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
2006-09-09 20:34:15 +10:00
08432d54fa
- (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
2006-09-09 15:59:43 +10:00
6d0d6fbfdf
- (dtucker) [configure.ac] The BSM header test needs time.h in some cases.
2006-09-09 01:05:21 +10:00
17da530d60
- (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch
...
from Chris Adams.
2006-09-08 09:54:41 +10:00
89f59cea1c
- (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better
...
chance of winning.
2006-09-08 00:03:05 +10:00
f19bbc3883
- (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.
2006-09-07 22:57:53 +10:00
b8f00193d8
- (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6
2006-09-06 18:11:29 -07:00
6433df036e
- (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
...
be used to drop privilege to; fixes Solaris GSSAPI crash reported by
Magnus Abrante; suggestion and feedback dtucker@
NB. this change will require that the privilege separation user must
exist on all the time, not just when UsePrivilegeSeparation=yes
2006-09-07 10:36:43 +10:00
6e1033318c
- (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.
2006-09-05 19:25:19 +10:00
e1fe09968d
- (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.
2006-09-05 07:53:38 +10:00
3e0891093a
- (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native
...
updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius,
ok djm@
2006-09-04 22:37:41 +10:00
ed0b59218e
- (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
...
declaration of writev(2) and declare it ourselves if necessary. Makes
the atomiciov() calls build on really old systems. ok djm@
2006-09-03 22:44:49 +10:00
46aa3e0ce1
- (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
...
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
for hton* and ntoh* macros. Required on (at least) HP-UX since we define
_XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-09-02 15:32:40 +10:00
25fa0ee693
- (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.
2006-09-02 12:38:56 +10:00
9fdeb66f67
- (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] Crank
...
versions.
2006-09-01 21:32:53 +10:00
096faecdea
- (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly
...
test for GLOB_NOMATCH and use our glob functions if it's not found.
Stops sftp from segfaulting when attempting to get a nonexistent file on
Cygwin (previous versions of OpenSSH didn't use the native glob). Partly
from and tested by Corinna Vinschen.
2006-09-01 20:29:10 +10:00
0646ca6be8
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
...
warnings for binary_open and binary_close. Patch from Corinna Vinschen.
2006-09-01 19:29:01 +10:00
607aede26c
- (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]
...
[openbsd-compat/rresvport.c] Some more headers: netinet/in.h
sys/socket.h and unistd.h in various places
2006-09-01 15:48:19 +10:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
288cbbd59e
- (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege
...
while setting up the ssh service account. Patch from Corinna Vinschen.
2006-08-31 11:28:49 +10:00
1b06dc30ad
- (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
...
[platform.c platform.h sshd.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
[openbsd-compat/port-solaris.h] Add support for Solaris process
contracts, enabled with --use-solaris-contracts. Patch from Chad
Mynhier, tweaked by dtucker@ and myself; ok dtucker@
2006-08-31 03:24:41 +10:00
26d4e19caa
- (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207 : always call
...
loginsuccess on AIX immediately after authentication to clear the failed
login count. Previously this would only happen when an interactive
session starts (ie when a pty is allocated) but this means that accounts
that have primarily non-interactive sessions (eg scp's) may gradually
accumulate enough failures to lock out an account. This change may have
a side effect of creating two audit records, one with a tty of "ssh"
corresponding to the authentication and one with the allocated pty per
interactive session.
2006-08-30 22:33:09 +10:00
8ff1da81ec
- (djm) [openbsd-compat/xcrypt.c] needs unistd.h
2006-08-30 17:52:03 +10:00
6ba5740941
- djm@cvs.openbsd.org 2006/08/30 00:14:37
...
[version.h]
crank to 4.4
2006-08-30 11:09:01 +10:00
2125887a94
- dtucker@cvs.openbsd.org 2006/08/30 00:06:51
...
[sshconnect2.c]
Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
where previously it weren't. bz #1221 , found by Dean Kopesky, ok djm@
2006-08-30 11:08:33 +10:00
76758b6423
- dtucker@cvs.openbsd.org 2006/08/29 12:02:30
...
[gss-genr.c]
Work around a problem in Heimdal that occurs when KRB5CCNAME file is
missing, by checking whether or not kerberos allocated us a context
before attempting to free it. Patch from Simon Wilkinson, tested by
biorn@, ok djm@
2006-08-30 11:08:04 +10:00
d5fe0baa73
- djm@cvs.openbsd.org 2006/08/29 10:40:19
...
[channels.c session.c]
normalise some inconsistent (but harmless) NULL pointer checks
spotted by the Stanford SATURN tool, via Isil Dillig;
ok markus@ deraadt@
2006-08-30 11:07:39 +10:00
5d43d49014
- dtucker@cvs.openbsd.org 2006/08/21 08:15:57
...
[sshd.8]
Add more detail about what permissions are and aren't accepted for
authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
2006-08-30 11:07:00 +10:00
b594f38bae
- (djm) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2006/08/21 08:14:01
[sshd_config.5]
Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@,
ok jmc@ djm@
2006-08-30 11:06:34 +10:00
9162028887
- (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
...
unused variable warning when we have a broken or missing mmap(2).
Now with 100% more diff!
2006-08-24 19:58:36 +10:00
e83a83c7be
- (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
...
unused variable warning when we have a broken or missing mmap(2).
2006-08-24 19:55:41 +10:00
c1abe8e3e8
- (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.
2006-08-24 19:53:40 +10:00
f80f5ec81b
- (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).
2006-08-24 19:52:30 +10:00
450d2af2a3
- (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)
...
on POSIX systems.
2006-08-24 19:45:33 +10:00
e086955531
- (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on
...
older systems.
2006-08-24 19:43:16 +10:00
fe408b4826
- (dtucker) [openbsd-compat/basename.c] Include errno.h.
2006-08-24 19:41:03 +10:00
12259d9680
- (dtucker) [Makefile.in] Bug #1177 : fix incorrect path for sshrc in
...
Makefile. Patch from santhi.amirta at gmail, ok djm.
2006-08-22 22:24:10 +10:00
0eb810015f
- (dtucker) [configure.ac] Remove errant "-".
2006-08-20 21:43:19 +10:00
639bbe8bfe
- (dtucker) [configure.ac] Bug #1181 : Explicitly test to see if OpenSSL
...
(0.9.8a and presumably newer) requires -ldl to successfully link.
2006-08-20 20:17:53 +10:00
3e6bde483d
- (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
...
fixing bug #1181 . No changes yet.
2006-08-20 20:03:50 +10:00
Damien Miller
Darren Tucker
Tim Rice