Commit Graph

38 Commits

Author SHA1 Message Date
Ben Lindstrom b5628647ad - (bal) Changed from GNU rx to PCRE on suggestion from djm.
- (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
   <nakaji@tutrp.tut.ac.jp>
2000-10-18 00:02:25 +00:00
Damien Miller 874d77bb13 - (djm) Big OpenBSD sync:
- markus@cvs.openbsd.org  2000/09/30 10:27:44
     [log.c]
     allow loglevel debug
   - markus@cvs.openbsd.org  2000/10/03 11:59:57
     [packet.c]
     hmac->mac
   - markus@cvs.openbsd.org  2000/10/03 12:03:03
     [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
     move fake-auth from auth1.c to individual auth methods, disables s/key in
     debug-msg
   - markus@cvs.openbsd.org  2000/10/03 12:16:48
     ssh.c
     do not resolve canonname, i have no idea why this was added oin ossh
   - markus@cvs.openbsd.org  2000/10/09 15:30:44
     ssh-keygen.1 ssh-keygen.c
     -X now reads private ssh.com DSA keys, too.
   - markus@cvs.openbsd.org  2000/10/09 15:32:34
     auth-options.c
     clear options on every call.
   - markus@cvs.openbsd.org  2000/10/09 15:51:00
     authfd.c authfd.h
     interop with ssh-agent2, from <res@shore.net>
   - markus@cvs.openbsd.org  2000/10/10 14:20:45
     compat.c
     use rexexp for version string matching
   - provos@cvs.openbsd.org  2000/10/10 22:02:18
     [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
     First rough implementation of the diffie-hellman group exchange.  The
     client can ask the server for bigger groups to perform the diffie-hellman
     in, thus increasing the attack complexity when using ciphers with longer
     keys.  University of Windsor provided network, T the company.
   - markus@cvs.openbsd.org  2000/10/11 13:59:52
     [auth-rsa.c auth2.c]
     clear auth options unless auth sucessfull
   - markus@cvs.openbsd.org  2000/10/11 14:00:27
     [auth-options.h]
     clear auth options unless auth sucessfull
   - markus@cvs.openbsd.org  2000/10/11 14:03:27
     [scp.1 scp.c]
     support 'scp -o' with help from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/10/11 14:11:35
     [dh.c]
     Wall
   - markus@cvs.openbsd.org  2000/10/11 14:14:40
     [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
     [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
     add support for s/key (kbd-interactive) to ssh2, based on work by
     mkiernan@avantgo.com and me
   - markus@cvs.openbsd.org  2000/10/11 14:27:24
     [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
     [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
     [sshconnect2.c sshd.c]
     new cipher framework
   - markus@cvs.openbsd.org  2000/10/11 14:45:21
     [cipher.c]
     remove DES
   - markus@cvs.openbsd.org  2000/10/12 03:59:20
     [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
     enable DES in SSH-1 clients only
   - markus@cvs.openbsd.org  2000/10/12 08:21:13
     [kex.h packet.c]
     remove unused
   - markus@cvs.openbsd.org  2000/10/13 12:34:46
     [sshd.c]
     Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
   - markus@cvs.openbsd.org  2000/10/13 12:59:15
     [cipher.c cipher.h myproposal.h  rijndael.c rijndael.h]
     rijndael/aes support
   - markus@cvs.openbsd.org  2000/10/13 13:10:54
     [sshd.8]
     more info about -V
   - markus@cvs.openbsd.org  2000/10/13 13:12:02
     [myproposal.h]
     prefer no compression
2000-10-14 16:23:11 +11:00
Damien Miller 78315eb6d6 - (djm) Merged big SCO portability patch from Tim Rice
<tim@multitalents.net>
2000-09-29 23:01:36 +11:00
Damien Miller 72c9a7e958 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
- (djm) A bit more cleanup - created cygwin_util.h
2000-09-24 11:10:13 +11:00
Damien Miller e4340be5b3 - (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org  2000/09/05 02:59:57
     [session.c]
     print hostname (not hushlogin)
   - markus@cvs.openbsd.org  2000/09/05 13:18:48
     [authfile.c ssh-add.c]
     enable ssh-add -d for DSA keys
   - markus@cvs.openbsd.org  2000/09/05 13:20:49
     [sftp-server.c]
     cleanup
   - markus@cvs.openbsd.org  2000/09/06 03:46:41
     [authfile.h]
     prototype
   - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
     [ALL]
     cleanup copyright notices on all files.  I have attempted to be
     accurate with the details.  everything is now under Tatu's licence
     (which I copied from his readme), and/or the core-sdi bsd-ish thing
     for deattack, or various openbsd developers under a 2-term bsd
     licence.  We're not changing any rules, just being accurate.
   - markus@cvs.openbsd.org  2000/09/07 14:40:30
     [channels.c channels.h clientloop.c serverloop.c ssh.c]
     cleanup window and packet sizes for ssh2 flow control; ok niels
   - markus@cvs.openbsd.org  2000/09/07 14:53:00
     [scp.c]
     typo
   - markus@cvs.openbsd.org  2000/09/07 15:13:37
     [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
     [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
     [pty.c readconf.c]
     some more Copyright fixes
   - markus@cvs.openbsd.org  2000/09/08 03:02:51
     [README.openssh2]
     bye bye
   - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
     [LICENCE cipher.c]
     a few more comments about it being ARC4 not RC4
   - markus@cvs.openbsd.org  2000/09/12 14:53:11
     [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
     multiple debug levels
   - markus@cvs.openbsd.org  2000/09/14 14:25:15
     [clientloop.c]
     typo
   - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
     [ssh-agent.c]
     check return value for setenv(3) for failure, and deal appropriately
2000-09-16 13:29:08 +11:00
Damien Miller bac2d8aa5e - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> 2000-09-05 16:13:06 +11:00
Damien Miller 3241fa15ea - (djm) SUN_LEN macro for systems which lack it 2000-08-18 14:59:59 +10:00
Damien Miller 348c9b7a95 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> 2000-08-15 10:01:22 +10:00
Damien Miller bc33bd44a2 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> 2000-07-11 14:59:08 +10:00
Damien Miller 0f91b4e3a1 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support 2000-06-18 15:43:25 +10:00
Damien Miller a66626b2d5 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
- Platform define for SCO 3.x which breaks on /dev/ptmx
  - Detect and try to fix missing MAXPATHLEN
2000-06-13 18:57:53 +10:00
Damien Miller 16e519cb9c - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a 2000-05-09 14:28:55 +10:00
Damien Miller e247cc402b - Remove references to SSLeay.
- Big OpenBSD CVS update
  - markus@cvs.openbsd.org
    [clientloop.c]
    - typo
    [session.c]
    - update proctitle on pty alloc/dealloc, e.g. w/ windows client
    [session.c]
    - update proctitle for proto 1, too
    [channels.h nchan.c serverloop.c session.c sshd.c]
    - use c-style comments
  - deraadt@cvs.openbsd.org
    [scp.c]
    - more atomicio
  - markus@cvs.openbsd.org
    [channels.c]
    - set O_NONBLOCK
    [ssh.1]
    - update AUTHOR
    [readconf.c ssh-keygen.c ssh.h]
    - default DSA key file ~/.ssh/id_dsa
    [clientloop.c]
    - typo, rm verbose debug
  - deraadt@cvs.openbsd.org
    [ssh-keygen.1]
    - document DSA use of ssh-keygen
    [sshd.8]
    - a start at describing what i understand of the DSA side
    [ssh-keygen.1]
    - document -X and -x
    [ssh-keygen.c]
    - simplify usage
  - markus@cvs.openbsd.org
    [sshd.8]
    - there is no rhosts_dsa
    [ssh-keygen.1]
    - document -y, update -X,-x
    [nchan.c]
    - fix close for non-open ssh1 channels
    [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
    - s/DsaKey/HostDSAKey/, document option
    [sshconnect2.c]
    - respect number_of_password_prompts
    [channels.c channels.h servconf.c servconf.h session.c sshd.8]
    - GatewayPorts for sshd, ok deraadt@
    [ssh-add.1 ssh-agent.1 ssh.1]
    - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
    [ssh.1]
    - more info on proto 2
    [sshd.8]
    - sync AUTHOR w/ ssh.1
    [key.c key.h sshconnect.c]
    - print key type when talking about host keys
    [packet.c]
    - clear padding in ssh2
    [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
    - replace broken uuencode w/ libc b64_ntop
    [auth2.c]
    - log failure before sending the reply
    [key.c radix.c uuencode.c]
    - remote trailing comments before calling __b64_pton
    [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
    [sshconnect2.c sshd.8]
    - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 12:03:14 +10:00
Damien Miller fc0b11b5aa - Irix portability fixes - don't include netinet headers more than once
- Make sure we don't save PRNG seed more than once
2000-05-02 00:03:55 +10:00
Damien Miller 5f05637b0e - Reduce diff against OpenBSD source
- All OpenSSL includes are now unconditionally referenced as
     openssl/foo.h
   - Pick up formatting changes
   - Other minor changed (typecasts, etc) that I missed
2000-04-16 12:31:48 +10:00
Damien Miller 4af51306d9 - OpenBSD CVS updates.
[ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   - whitespace cleanup
2000-04-16 11:18:38 +10:00
Damien Miller 9e53f35a6a - Use socket pairs by default (instead of pipes). Prevents race condition
on several (buggy) OSs. Report and fix from tridge@linuxcare.com
2000-02-01 23:05:30 +11:00
Damien Miller eaf9994f7e - SCO compile fixes from Gary E. Miller <gem@rellim.com> 2000-01-19 13:45:07 +11:00
Damien Miller 34132e54cb - Merged OpenBSD IPv6 patch:
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
     [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
     [hostfile.c sshd_config]
     ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
     features: sshd allows multiple ListenAddress and Port options. note
     that libwrap is not IPv6-ready. (based on patches from
     fujiwara@rcac.tdi.co.jp)
   - [ssh.c canohost.c]
     more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
     from itojun@
   - [channels.c]
     listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
   - [packet.h]
     allow auth-kerberos for IPv4 only
   - [scp.1 sshd.8 servconf.h scp.c]
     document -4, -6, and 'ssh -L 2022/::1/22'
   - [ssh.c]
     'ssh @host' is illegal (null user name), from
     karsten@gedankenpolizei.de
   - [sshconnect.c]
     better error message
   - [sshd.c]
     allow auth-kerberos for IPv4 only
 - Big IPv6 merge:
   - Cleanup overrun in sockaddr copying on RHL 6.1
   - Replacements for getaddrinfo, getnameinfo, etc based on versions
     from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
   - Replacement for missing structures on systems that lack IPv6
   - record_login needed to know about AF_INET6 addresses
   - Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
Damien Miller e72b7af17e - Removed most of the pam code into its own file auth-pam.[ch]. This
cleaned up sshd.c up significantly.
 - Several other cleanups
1999-12-30 15:08:44 +11:00
Damien Miller 58ca7d8503 - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
- Minor Makefile cleaning
1999-12-29 19:56:30 +11:00
Damien Miller beb4ba5a68 - Portability fixes for Irix 5.3 (now compiles OK!)
- autoconf and other misc cleanups
1999-12-28 15:09:35 +11:00
Damien Miller 2e1b082dfb - Prepare for 1.2.1pre20
19991225
 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
 - Cleanup of auth-passwd.c for shadow and MD5 passwords
 - Cleanup and bugfix of PAM authentication code

19991223
 - Merged later HPUX patch from Andre Lucas
   <andre.lucas@dial.pipex.com>
 - Above patch included better utmpx support from Ben Taylor
   <bent@clark.net>:
1999-12-25 10:11:29 +11:00
Damien Miller 76112de734 - Integration of large HPUX patch from Andre Lucas
<andre.lucas@dial.pipex.com>. Integrating it had a few other
   benefits:
   - Ability to disable shadow passwords at configure time
   - Ability to disable lastlog support at configure time
   - Support for IP address in $DISPLAY
1999-12-21 11:18:08 +11:00
Damien Miller c6b3bbe2b9 - Fix compilation on systems with AFS. Reported by
aloomis@glue.umd.edu
 - Fix installation on Solaris. Reported by
   Gordon Rowell <gordonr@gormand.com.au>
 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
   patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
 - Compile fix from David Agraz <dagraz@jahoopa.com>
 - Avoid compiler warning in bsd-snprintf.c
 - Added pam_limits.so to default PAM config. Suggested by
   Jim Knoble <jmknoble@pobox.com>
1999-12-13 08:27:33 +11:00
Damien Miller 42b81ffe7d - Add definition for __P()
- Added [v]snprintf() replacement for systems that lack it
1999-11-26 12:21:24 +11:00
Damien Miller 5428f646ad - More reformatting merged from OpenBSD CVS
- Merged OpenBSD CVS changes:
   - [channels.c]
     report from mrwizard@psu.edu via djm@ibs.com.au
   - [channels.c]
     set SO_REUSEADDR and SO_LINGER for forwarded ports.
     chip@valinux.com via damien@ibs.com.au
   - [nchan.c]
     it's not an error() if shutdown_write failes in nchan.
   - [readconf.c]
     remove dead #ifdef-0-code
   - [readconf.c servconf.c]
     strcasecmp instead of tolower
   - [scp.c]
     progress meter overflow fix from damien@ibs.com.au
   - [ssh-add.1 ssh-add.c]
     SSH_ASKPASS support
   - [ssh.1 ssh.c]
     postpone fork_after_authentication until command execution,
     request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
     plus: use daemon() for backgrounding
1999-11-25 11:54:57 +11:00
Damien Miller 95def09838 - Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
   - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
     [ssh.h sshd.8 sshd.c]
     syslog changes:
     * Unified Logmessage for all auth-types, for success and for failed
     * Standard connections get only ONE line in the LOG when level==LOG:
       Auth-attempts are logged only, if authentication is:
          a) successfull or
          b) with passwd or
          c) we had more than AUTH_FAIL_LOG failues
     * many log() became verbose()
     * old behaviour with level=VERBOSE
   - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
     tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
     messages. allows use of s/key in windows (ttssh, securecrt) and
     ssh-1.2.27 clients without 'ssh -v', ok: niels@
   - [sshd.8]
     -V, for fallback to openssh in SSH2 compatibility mode
   - [sshd.c]
     fix sigchld race; cjc5@po.cwru.edu
1999-11-25 00:26:21 +11:00
Damien Miller b3ca3aa12f - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
- Added timersum() macro
 - Tidy RCSIDs of bsd-*.c
1999-11-22 13:57:07 +11:00
Damien Miller 04f801456a - Renamed BSD helper function files to bsd-*
- Added tests for login and daemon and OpenBSD replacements for when they
   are absent.
1999-11-19 15:32:34 +11:00
Damien Miller 4874c79a3a - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> 1999-11-16 13:29:26 +11:00
Damien Miller 3bd49ec5c4 - Various small cleanups to bring diff (against OpenBSD) size down. 1999-11-15 15:40:55 +11:00
Damien Miller ab18c412e6 - Added (untested) Entropy Gathering Daemon (EGD) support
- Merged several minor fixed:
   - ssh-agent commandline parsing
   - RPM spec file now installs ssh setuid root
   - Makefile creates libdir
   - Merged beginnings of Solaris compability from Marc G. Fournier
     <marc.fournier@acadiau.ca>
1999-11-11 10:40:23 +11:00
Damien Miller 356a0b004a Lots of changes:
- Removed lots of unnecessary checks from autoconf
 - Added support and autoconf test for openpty() function (Unix98 pty support)
 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
 - Added TODO file
 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
   - Added ssh-askpass program
   - Added ssh-askpass support to ssh-add.c
   - Create symlinks for slogin on install
   - Fix "distclean" target in makefile
   - Added example for ssh-agent to manpage
   - Added support for PAM_TEXT_INFO messages
   - Disable internal /etc/nologin support if PAM enabled
 - Merged latest OpenBSD CVS changes:
   - [sshd.c] don't send fail-msg but disconnect if too many authentication
     failures
   - [sshd.c] replace assert() with error, fatal or packet_disconnect
   - [sshd.c] remove unused argument. ok dugsong
   - [sshd.c] typo
   - [rsa.c] clear buffers used for encryption. ok: niels
   - [rsa.c] replace assert() with error, fatal or packet_disconnect
 - Fixed coredump after merge of OpenBSD rsa.c patch
1999-11-08 15:30:59 +11:00
Damien Miller 062307657e Big rename ssh* -> openssh* 1999-10-28 14:03:14 +10:00
Damien Miller 332e67fde2 Attempt to clean up PAM code
Use PWDB getpw* functions if HAVE_PWDB defined

Minor other tidyups
1999-10-27 23:42:05 +10:00
Damien Miller 726a5b3be1 Added compatibility macros 1999-10-27 18:00:50 +10:00
Damien Miller d4a8b7e34d Initial revision 1999-10-27 13:42:43 +10:00