Commit Graph

2706 Commits

Author SHA1 Message Date
Damien Miller 2aa0ab463f - jakob@cvs.openbsd.org 2003/05/15 01:48:10
[readconf.c readconf.h servconf.c servconf.h]
     always parse kerberos options. ok djm@ markus@
 - (djm) Always parse UsePAM
2003-05-15 12:05:28 +10:00
Damien Miller f842fcb296 - markus@cvs.openbsd.org 2003/05/15 00:28:28
[sshconnect2.c]
     cleanup unregister of per-method packet handlers; ok djm@
2003-05-15 12:01:28 +10:00
Damien Miller 7abe09bf86 - (djm) Configure glue for DNS support (code doesn't work in portable yet) 2003-05-15 10:53:49 +10:00
Damien Miller 54c459866e - markus@cvs.openbsd.org 2003/05/14 22:24:42
[clientloop.c session.c ssh.1]
     allow to send a BREAK to the remote system; ok various
2003-05-15 10:20:13 +10:00
Damien Miller 37876e913a - jakob@cvs.openbsd.org 2003/05/14 18:16:20
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
     [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
     add experimental support for verifying hos keys using DNS as described
     in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
     ok markus@ and henning@
2003-05-15 10:19:46 +10:00
Damien Miller abbae980e7 - (djm) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2003/05/14 13:11:56
     [ssh-agent.1]
     setup -> set up;
     from wiz@netbsd
2003-05-15 10:16:21 +10:00
Damien Miller 1ea7166019 - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability 2003-05-14 22:33:58 +10:00
Darren Tucker abef5628e8 - (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@ 2003-05-14 21:48:51 +10:00
Damien Miller be64d43d01 - markus@cvs.openbsd.org 2003/05/14 08:57:49
[monitor.c]
     http://bugzilla.mindrot.org/show_bug.cgi?id=560
     Privsep child continues to run after monitor killed.
     Pass monitor signals through to child; Darren Tucker
2003-05-14 19:31:12 +10:00
Damien Miller d6ead282db - jmc@cvs.openbsd.org 2003/05/14 08:25:39
[sftp.1]
     - better formatting in SYNOPSIS
     - whitespace at EOL
     ok djm@
2003-05-14 19:30:38 +10:00
Damien Miller 4d99519535 - (djm) Avoid KrbV leak for MIT Kerberos 2003-05-14 19:23:56 +10:00
Damien Miller 9d507dac1f - (djm) Die screaming if start_pam() is called when UsePAM=no 2003-05-14 15:31:12 +10:00
Damien Miller 4e448a31ae - (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
2003-05-14 15:11:48 +10:00
Damien Miller 9c617693c2 - (djm) Make portable build with MIT krb5 (some issues remain) 2003-05-14 14:31:11 +10:00
Damien Miller 3ab496b3dd - markus@cvs.openbsd.org 2003/05/14 02:15:47
[auth2.c monitor.c sshconnect2.c auth2-krb5.c]
     implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
     server interops with commercial client; ok jakob@ djm@
2003-05-14 13:47:37 +10:00
Damien Miller fb7508edc8 - djm@cvs.openbsd.org 2003/05/14 01:00:44
[sftp.1]
     emphasise the batchmode functionality and make reference to pubkey auth,
     both of which are FAQs; ok markus@
2003-05-14 13:47:07 +10:00
Damien Miller 935063553a - markus@cvs.openbsd.org 2003/05/12 18:35:18
[ssh-keyscan.1]
     typo: DSA keys are of type ssh-dss; Brian Poole
2003-05-14 13:46:33 +10:00
Damien Miller 280ecfb6e4 - markus@cvs.openbsd.org 2003/05/12 16:55:37
[sshconnect2.c]
     for pubkey authentication try the user keys in the following order:
        1. agent keys that are found in the config file
        2. other agent keys
        3. keys that are only listed in the config file
     this helps when an agent has many keys, where the server might
     close the connection before the correct key is used. report & ok pb@
2003-05-14 13:46:00 +10:00
Damien Miller b1ca8bb159 - markus@cvs.openbsd.org 2003/05/11 20:30:25
[channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
Damien Miller db2747259c - markus@cvs.openbsd.org 2003/05/11 16:56:48
[authfile.c ssh-keygen.c]
     change key_load_public to try to read a public from:
     rsa1 private or rsa1 public and ssh2 keys.
     this makes ssh-keygen -e fail for ssh1 keys more gracefully
     for example; report from itojun (netbsd pr 20550).
2003-05-14 13:45:22 +10:00
Damien Miller 3155432cd9 - david@cvs.openbsd.org 2003/04/30 20:41:07
[sshd.8]
     fix invalid .Pf macro usage introduced in previous commit
     ok jmc@ mouring@
2003-05-14 13:44:58 +10:00
Damien Miller 049245d260 - mouring@cvs.openbsd.org 2003/04/30 01:16:20
[sshd.8 sshd_config.5]
     Escape ?, * and ! in .Ql for nroff compatibility.  OpenSSH Portable
     Bug #550 and * escaping suggested by jmc@.
2003-05-14 13:44:42 +10:00
Damien Miller ea5ade28fb - deraadt@cvs.openbsd.org 2003/04/26 04:29:49
[ssh-keyscan.c]
     -t in usage(); rogier@quaak.org
2003-05-14 13:43:53 +10:00
Damien Miller 8ce778a9f0 - markus@cvs.openbsd.org 2003/04/16 14:35:27
[auth.h]
     document struct Authctxt; with solar
2003-05-14 13:43:25 +10:00
Damien Miller 2372ace572 - markus@cvs.openbsd.org 2003/04/14 14:17:50
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 13:42:23 +10:00
Damien Miller 44e72a764f - naddy@cvs.openbsd.org 2003/04/12 11:40:15
[ssh.1]
     document -V switch, fix wording; ok markus@
2003-05-14 13:42:08 +10:00
Damien Miller ef095ce00a - markus@cvs.openbsd.org 2003/04/12 10:15:36
[misc.c]
     debug->debug2
2003-05-14 13:41:39 +10:00
Damien Miller a201bb3f8a - markus@cvs.openbsd.org 2003/04/12 10:13:57
[cipher.c]
     hide cipher details; ok djm@
2003-05-14 13:41:23 +10:00
Damien Miller c652cac5f7 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2003/04/09 12:00:37
     [readconf.c]
     strip trailing whitespace from config lines before parsing.
     Fixes bz 528; ok markus@
2003-05-14 13:40:54 +10:00
Damien Miller d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Damien Miller 1a27a1ee8c - (djm) Bug #117: Don't lie to PAM about username 2003-05-14 10:27:09 +10:00
Damien Miller 75d3b05c57 - (djm) Redhat spec: Don't install profile.d scripts when not
building with GNOME/GTK askpass (patch from bet@rahul.net)
2003-05-12 18:15:49 +10:00
Damien Miller 0d8b792931 - (djm) 2-clause license on loginrec.c, with permission from
andre@ae-35.com
2003-05-10 23:42:12 +10:00
Damien Miller 4f9f42a9bb - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with
proper challenge-response module
2003-05-10 19:28:02 +10:00
Darren Tucker c437cda328 - (dtucker) Bug #536: Test for and work around openpty/controlling tty
problem on Linux (fixes "could not set controlling tty" errors).

Also renames STREAMS_PUSH_ACQUIRES_CTTY to the more generic SSHD_ACQUIRES_CTTY
and moves the Solaris-specific comments to configure.ac.
2003-05-10 17:05:46 +10:00
Darren Tucker e8831091c3 - (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than
"make install".  Patch by roth@feep.net.
2003-05-10 16:48:23 +10:00
Darren Tucker ac279284f6 Add bug# to ChangeLog. 2003-05-04 11:36:25 +10:00
Darren Tucker 70a08cd29d - (dtucker) Move #include of bsd-cygwin_util.h to openbsd-compat.h. Patch from
vinschen@redhat.com.
2003-05-04 10:41:20 +10:00
Darren Tucker 04cc5385b1 - (dtucker) Add missing "void" to record_failed_login in bsd-cray.c. Noted
by wendyp@cray.com.
2003-05-03 07:32:56 +10:00
Darren Tucker bd570d7a22 Added ok for record_failed_login() change 2003-05-02 23:50:09 +10:00
Darren Tucker 97363a8b24 - (dtucker) Move handling of bad password authentications into a platform
specific record_failed_login() function (affects AIX & Unicos).
2003-05-02 23:42:25 +10:00
Darren Tucker 3c01654deb - (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
privsep should now work.
2003-05-02 20:48:21 +10:00
Damien Miller eab4bae038 - (djm) Add back radix.o (used by AFS support), after it went missing from
Makefile many moons ago
 - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
 - (djm) Fix blibpath specification for AIX/gcc
 - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
2003-04-29 23:22:40 +10:00
Ben Lindstrom 0e7f4363f3 - (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit
hacked code.
2003-04-28 23:30:43 +00:00
Ben Lindstrom f50ad1fd04 - (bal) auth2.c same changed as above. 2003-04-27 18:44:31 +00:00
Ben Lindstrom 683036ee2c - (bal) auth1.c minor resync while looking at the code. 2003-04-27 18:41:30 +00:00
Ben Lindstrom 796b9a5495 - (bal) Since we don't support platforms lacking u_int_64. We may
as well clean out some of those evil #ifdefs
2003-04-27 18:01:37 +00:00
Ben Lindstrom 93b6b776ad - (bal) Bug #541: return; was dropped by mistake. Reported by
furrier@iglou.com
2003-04-27 17:55:33 +00:00
Damien Miller 2a3f20e397 - (djm) Fix missed log => logit occurance (reference by function pointer) 2003-04-09 21:12:00 +10:00
Damien Miller bf2a0174e3 - hin@cvs.openbsd.org 2003/04/09 08:23:52
[servconf.c]
     Don't include <krb.h> when compiling with Kerberos 5 support
2003-04-09 21:07:14 +10:00