Commit Graph

3085 Commits

Author SHA1 Message Date
Darren Tucker ea4c670eb8 - (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
make agent setgid during test.
2003-10-21 22:27:08 +10:00
Darren Tucker 0d37b5ca7b - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
directly.  Noted by Darren.Moffat at sun.com.
2003-10-21 12:41:14 +10:00
Darren Tucker 9568ad96ad - (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
MD5 passwords even if PAM support is enabled.  From steev at detritus.net.
2003-10-17 16:32:11 +10:00
Tim Rice 6b1f8a3cf5 [regress/banner.sh] portability fix. 2003-10-15 09:22:39 -07:00
Darren Tucker c6020651ba - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode. 2003-10-15 17:48:20 +10:00
Darren Tucker 5f88d3440e - (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c
openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
   compiled in but disabled in config.
2003-10-15 16:57:57 +10:00
Darren Tucker 072a7b178c - markus@cvs.openbsd.org 2003/10/14 19:54:39
[session.c ssh-agent.c]
     10X for mkdtemp; djm@
2003-10-15 16:10:25 +10:00
Darren Tucker 64b77bcb4b - jakob@cvs.openbsd.org 2003/10/14 19:43:23
[README.dns]
     update

Resynced with OpenBSD too: DNSFP support is now always compiled in
so the configure support (and documentation thereof) can go away.
2003-10-15 16:07:53 +10:00
Darren Tucker dda19d63ff - jakob@cvs.openbsd.org 2003/10/14 19:42:10
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
     include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
Darren Tucker b370ca9313 - markus@cvs.openbsd.org 2003/10/13 08:22:25
[scp.1 sftp.1]
     don't refer to options related to forwarding; ok jmc@
2003-10-15 15:59:26 +10:00
Darren Tucker f132c67e8e - jmc@cvs.openbsd.org 2003/10/12 13:12:13
[ssh_config.5]
     note that EnableSSHKeySign should be in the non-hostspecific section;
     remove unnecessary .Pp;
     ok markus@
2003-10-15 15:58:18 +10:00
Darren Tucker 7eb3de0dfb - markus@cvs.openbsd.org 2003/10/11 11:36:23
[monitor_wrap.c]
     return NULL for missing banner; ok djm@
2003-10-15 15:56:58 +10:00
Darren Tucker d05b601895 - markus@cvs.openbsd.org 2003/10/11 08:26:43
[sshconnect2.c]
     search keys in reverse order; fixes #684
2003-10-15 15:55:59 +10:00
Darren Tucker 0a118da00e - markus@cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Darren Tucker a044f47679 - markus@cvs.openbsd.org 2003/10/08 15:21:24
[readconf.c ssh_config.5]
     default GSS API to no in client, too; ok jakob, deraadt@
2003-10-15 15:52:03 +10:00
Darren Tucker 1f20394e92 - jmc@cvs.openbsd.org 2003/10/08 08:27:36
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
     scp and sftp: add options list and sort options. options list requested
     by deraadt@
     sshd: use same format as ssh
     ssh: remove wrong option from list
     sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
     ok deraadt@ markus@
2003-10-15 15:50:42 +10:00
Darren Tucker 6c0c0705e3 - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ 2003-10-09 14:13:53 +10:00
Darren Tucker 0240ff786e - djm@cvs.openbsd.org 2003/10/07 07:04:52
[regress/sftp-cmds.sh]
     more sftp quoting regress tests; ok markus
2003-10-08 17:52:10 +10:00
Darren Tucker dc001a5ee3 - dtucker@cvs.openbsd.org 2003/10/07 01:52:13
[regress/Makefile regress/banner.sh]
     Test SSH2 banner.  ok markus@
2003-10-08 17:47:19 +10:00
Darren Tucker 796448276c - deraadt@cvs.openbsd.org 2003/10/07 21:58:28
[sshconnect2.c]
     set ptr to NULL after free
2003-10-08 17:37:58 +10:00
Darren Tucker 64dbccc2a5 - djm@cvs.openbsd.org 2003/10/07 07:04:16
[sftp-int.c]
     sftp quoting fix from admorten AT umich.edu; ok markus@
2003-10-08 17:34:38 +10:00
Darren Tucker 046dff2a07 - dtucker@cvs.openbsd.org 2003/10/07 01:47:27
[sshconnect2.c]
     Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707.
     ok markus@
2003-10-08 17:32:02 +10:00
Darren Tucker 89df7a3eca - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on
Reliant Unix.  Based on patch from Robert.Dahlem at siemens.com.
2003-10-07 20:35:57 +10:00
Darren Tucker 3b2a06c0d7 - (dtucker) [configure.ac] Bug #715: Set BROKEN_SETREUID and BROKEN_SETREGID
on Reliant Unix.  Patch from Robert.Dahlem at siemens.com.
2003-10-07 18:37:11 +10:00
Darren Tucker 2e8c0cc752 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c]
Bug #670: add strtoul() to openbsd-compat for platforms lacking it.  ok djm@
2003-10-07 17:49:56 +10:00
Darren Tucker dfe6d914b7 - (dtucker) [contrib/redhat/openssh.spec] Bug #714: Now that UsePAM is a
run-time switch, always build --with-md5-passwords.
2003-10-07 17:40:56 +10:00
Darren Tucker f4bf5d086a So people know who to blame... 2003-10-07 11:31:22 +10:00
Darren Tucker 8846a07639 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
cleanup functions.  With & ok djm@
2003-10-07 11:30:15 +10:00
Damien Miller 6f1f611a52 - (djm) Delete autom4te.cache after autoreconf 2003-10-07 10:18:22 +10:00
Tim Rice 30aa44cf0a [contrib/caldera/openssh.spec] Remove obsolete --with-ipv4-default option. 2003-10-03 22:30:23 -07:00
Darren Tucker e3ca82e06c - markus@cvs.openbsd.org 2003/10/02 08:26:53
[ssh-gss.h]
     missing $OpenBSD:; dtucker
2003-10-03 18:02:30 +10:00
Darren Tucker 4a2505445f - markus@cvs.openbsd.org 2003/10/02 10:41:59
[sshd.c]
     print openssl version, too, several requests; ok henning/djm.
2003-10-03 17:57:24 +10:00
Darren Tucker f391ba6730 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
Based on patches by Matthias Koeppe and Thomas Baden.  ok djm@
2003-10-02 20:07:09 +10:00
Darren Tucker 7596d6866f - (dtucker) [ssh-gss.h] Prototype change missed in sync. 2003-10-02 17:32:30 +10:00
Darren Tucker 0ccb59b85c - (dtucker) [configure.ac] Don't set DISABLE_SHADOW when configuring
--with-pam.  ok djm@
2003-10-02 16:26:34 +10:00
Darren Tucker a49d36e7b9 - markus@cvs.openbsd.org 2003/09/29 20:19:57
[servconf.c sshd_config]
     GSSAPICleanupCreds -> GSSAPICleanupCredentials
2003-10-02 16:20:54 +10:00
Darren Tucker 6177695c0b - jmc@cvs.openbsd.org 2003/09/29 11:40:51
[ssh.1]
     - add list of options to -o and .Xr ssh_config(5)
     - some other cleanup
     requested by deraadt@;
     ok deraadt@ markus@
2003-10-02 16:19:47 +10:00
Darren Tucker 8fca6b57b4 - markus@cvs.openbsd.org 2003/09/26 08:19:29
[sshd.c]
     no need to set the listen sockets to non-block; ok deraadt@
2003-10-02 16:18:22 +10:00
Darren Tucker 5dcdd219fb - markus@cvs.openbsd.org 2003/09/23 20:41:11
[channels.c channels.h clientloop.c]
     move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
Darren Tucker 6cc310bd5f - markus@cvs.openbsd.org 2003/09/23 20:18:52
[progressmeter.c]
     don't print trailing \0; bug #709; Robert.Dahlem@siemens.com
     ok millert/deraadt@
2003-10-02 16:15:15 +10:00
Darren Tucker 3e33cecf71 - markus@cvs.openbsd.org 2003/09/23 20:17:11
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
Ben Lindstrom b210aa2cfa - (bal) Fix issues in openbsd-compat/realpath.c 2003-09-30 23:49:06 +00:00
Tim Rice d4d1815cae [sshd_config] UsePAM defaults to no. 2003-09-25 19:04:34 -07:00
Darren Tucker b88fcc755d - (dtucker) [configure.ac openbsd-compat/xcrypt.c] Bug #633: Remove
DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam.  Patch from
   michael_steffens at hp.com, ok djm@
2003-09-25 20:18:33 +10:00
Darren Tucker beaf6790e1 - (dtucker) [configure.ac] IRIX5 needs the same setre[ug]id defines as IRIX6. 2003-09-24 20:03:48 +10:00
Damien Miller dbb104791b - (djm) Update version.h and spec files for HEAD 2003-09-24 08:30:18 +10:00
Damien Miller 5c3a55846a - (djm) Sync with V_3_7 branch:
- (djm) Fix SSH1 challenge kludge
   - (djm) Bug #671: Fix builds on OpenBSD
   - (djm) Bug #676: Fix PAM stack corruption
   - (djm) Fix bad free() in PAM code
   - (djm) Don't call pam_end before pam_init
   - (djm) Enable build with old OpenSSL again
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2003-09-23 22:12:38 +10:00
Tim Rice 7ff4e6dbe5 [configure.ac] add --disable-etc-default-login option. ok djm 2003-09-22 19:50:14 -07:00
Ben Lindstrom da4d9cf4bf - (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by john
on #unixhelp@efnet
2003-09-22 15:36:15 +00:00
Darren Tucker 9a2c4cddad - markus@cvs.openbsd.org 2003/09/19 17:43:35
[clientloop.c sshtty.c sshtty.h]
     remove fatal callbacks from client code; ok deraadt
2003-09-22 21:16:05 +10:00