c486d88bf8
- markus@cvs.openbsd.org 2001/04/10 12:15:23
...
[channels.c]
debug cleanup
2001-04-11 16:08:34 +00:00
18a82ac029
- itojun@cvs.openbsd.org 2001/04/10 09:13:22
...
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
document id_rsa{.pub,}. markus ok
2001-04-11 15:59:35 +00:00
b392151685
- markus@cvs.openbsd.org 2001/04/10 07:46:58
...
[channels.c]
cleanup socks4 handling
2001-04-11 15:57:50 +00:00
1a598a4597
- stevesk@cvs.openbsd.org 2001/04/09 18:00:15
...
[sshd.8]
ListenAddress mandoc from aaron@
2001-04-10 02:48:50 +00:00
12de61680e
- markus@cvs.openbsd.org 2001/04/09 15:19:49
...
[ssh-add.1]
ssh-add retries the last passphrase...
2001-04-10 02:46:54 +00:00
ee61794620
- markus@cvs.openbsd.org 2001/04/09 15:12:23
...
[ssh-add.c]
passphrase caching: ssh-add tries last passphrase, clears passphrase if
not successful and after last try.
based on discussions with espie@, jakob@, ... and code from jakob@ and
wolfgang@wsrcc.com
2001-04-10 02:45:32 +00:00
8ffeacfb2d
- stevesk@cvs.openbsd.org 2001/04/09 00:42:05
...
[sftp.1]
spelling
2001-04-10 02:43:57 +00:00
4b3564e6f2
- stevesk@cvs.openbsd.org 2001/04/08 23:28:27
...
[sshd.8]
spelling
2001-04-10 02:41:56 +00:00
9492484a27
- deraadt@cvs.openbsd.org 2001/04/08 20:52:55
...
[sftp.c]
do not modify an actual argv[] entry
2001-04-10 02:40:17 +00:00
cb17e99fae
- (stevesk) use setresgid() for setegid() if needed
2001-04-09 14:50:52 +00:00
393d2f782d
- (stevesk) configure.in: typo
2001-04-08 22:50:43 +00:00
f52373f732
- markus@cvs.openbsd.org 2001/04/08 11:24:33
...
[uidswap.c]
KNF
2001-04-08 18:38:04 +00:00
3bb4f9da73
- markus@cvs.openbsd.org 2001/04/07 08:55:18
...
[buffer.c channels.c channels.h readconf.c ssh.c]
allow the ssh client act as a SOCKS4 proxy (dynamic local
portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
netscape use localhost:1080 as a socks proxy.
2001-04-08 18:30:26 +00:00
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
d344763643
- markus@cvs.openbsd.org 2001/04/08 11:27:33
...
[clientloop.c]
leave_raw_mode if ssh2 "session" is closed
2001-04-08 18:07:22 +00:00
d5730a8b85
- markus@cvs.openbsd.org 2001/04/08 13:03:00
...
[ssh-add.c]
init pointers with NULL, thanks to danimal@danimal.org
2001-04-08 18:04:36 +00:00
49e57a871a
- stevesk@cvs.openbsd.org 2001/04/08 16:01:36
...
[sshd.8]
document ListenAddress addr:port
2001-04-08 18:02:43 +00:00
c510af40e3
- stevesk@cvs.openbsd.org 2001/04/06 22:25:25
...
[servconf.c]
in addition to:
ListenAddress host|ipv4_addr|ipv6_addr
permit:
ListenAddress [host|ipv4_addr|ipv6_addr]:port
ListenAddress host|ipv4_addr:port
sshd.8 updates coming. ok markus@
2001-04-07 17:25:48 +00:00
ab0cedc587
- stevesk@cvs.openbsd.org 2001/04/06 22:12:47
...
[hostfile.c]
unused; typo in comment
2001-04-07 17:23:43 +00:00
d47cf4d53c
- deraadt@cvs.openbsd.org 2001/04/06 16:46:59
...
[scp.c]
remove trailing / from source paths; fixes pr#1756
2001-04-07 01:14:38 +00:00
e34ab4c04e
- markus@cvs.openbsd.org 2001/04/05 23:39:20
...
[serverloop.c]
keep the ssh session even if there is no active channel.
this is more in line with the protocol spec and makes
ssh -N -L 1234:server:110 host
more useful.
based on discussion with <mats@mindbright.se> long time ago
and recent mail from <res@shore.net>
2001-04-07 01:12:11 +00:00
8248d116c4
- (bal) CVS ID Resync of version.h
2001-04-07 01:08:46 +00:00
be48f2b4b1
- (stevesk) Makefile.in: log.o is in libssh.a
2001-04-06 01:58:37 +00:00
4c3f77dd3b
- markus@cvs.openbsd.org 2001/04/05 21:05:24
...
[clientloop.c ssh.c]
don't request a session for 'ssh -N', pointed out slade@shore.net
2001-04-05 23:37:36 +00:00
d7dd23ffed
- markus@cvs.openbsd.org 2001/04/05 21:02:46
...
[buffer.c]
better error message
2001-04-05 23:36:01 +00:00
11bd89936d
- markus@cvs.openbsd.org 2001/04/05 20:01:10
...
[clientloop.c]
for ~R print message if server does not support rekeying. (and fix ~R).
2001-04-05 23:34:29 +00:00
f15a386511
- stevesk@cvs.openbsd.org 2001/04/05 15:48:18
...
[canohost.c canohost.h session.c]
move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
2001-04-05 23:32:17 +00:00
f327235f65
- markus@cvs.openbsd.org 2001/04/05 15:45:43
...
[ssh.1]
ssh defaults to protocol v2; from quisar@quisar.ambre.net
2001-04-05 23:29:59 +00:00
a8baf36d41
- markus@cvs.openbsd.org 2001/04/05 11:09:17
...
[clientloop.c compat.c compat.h]
add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-04-05 23:28:36 +00:00
a3700050ec
- markus@cvs.openbsd.org 2001/04/05 10:42:57
...
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
sshconnect2.c sshd.c]
fix whitespace: unexpand + trailing spaces.
2001-04-05 23:26:32 +00:00
a6c20148f5
- markus@cvs.openbsd.org 2001/04/05 10:39:48
...
[version.h]
temporary version 2.5.4 (supports rekeying).
this is not an official release.
2001-04-05 23:22:25 +00:00
fb50cdfdb8
- markus@cvs.openbsd.org 2001/04/05 10:39:03
...
[compress.c compress.h packet.c]
reset compress state per direction when rekeying.
2001-04-05 23:20:46 +00:00
4f3ae4c550
- markus@cvs.openbsd.org 2001/04/05 10:00:06
...
[compat.c]
2.3.x does old GEX, too; report jakob@
2001-04-05 23:19:21 +00:00
ff8b4959d9
- (stevesk) logintest.c: fix for systems without __progname
2001-04-05 23:05:22 +00:00
86a52b3dc8
- (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes
...
BROKEN_VHANGUP
2001-04-05 17:15:08 +00:00
5ba23b39bf
- markus@cvs.openbsd.org 2001/04/04 23:09:18
...
[dh.c kex.c packet.c]
clear+free keys,iv for rekeying.
+ fix DH mem leaks. ok niels@
2001-04-05 02:05:21 +00:00
8e312f3db0
- markus@cvs.openbsd.org 2001/04/04 22:04:35
...
[kex.c kexgex.c serverloop.c]
parse full kexinit packet.
make server-side more robust, too.
2001-04-04 23:50:21 +00:00
0cae04005e
- markus@cvs.openbsd.org 2001/04/04 20:32:56
...
[auth2.c]
we don't care about missing bannerfiles; from tsoome@ut.ee , ok deraadt@
2001-04-04 23:47:52 +00:00
be2cc43c3a
- markus@cvs.openbsd.org 2001/04/04 20:25:38
...
[channels.c channels.h clientloop.c kex.c kex.h serverloop.c
sshconnect2.c sshd.c]
more robust rekeying
don't send channel data after rekeying is started.
2001-04-04 23:46:07 +00:00
78c261ab4a
- markus@cvs.openbsd.org 2001/04/04 15:50:55
...
[compat.c]
f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
2001-04-04 23:43:26 +00:00
8ac9106c3d
- markus@cvs.openbsd.org 2001/04/04 14:34:58
...
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
enable server side rekeying + some rekey related clientup.
todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04 17:57:54 +00:00
238abf6a14
- markus@cvs.openbsd.org 2001/04/04 09:48:35
...
[kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c]
don't sent multiple kexinit-requests.
send newkeys, block while waiting for newkeys.
fix comments.
2001-04-04 17:52:53 +00:00
22b19b43e4
- (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync.
2001-04-04 17:39:19 +00:00
f28f634a3a
- markus@cvs.openbsd.org 2001/04/04 00:06:54
...
[clientloop.c sshconnect2.c]
enable client rekeying
(1) force rekeying with ~R, or
(2) if the server requests rekeying.
works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
2001-04-04 02:03:04 +00:00
2d90e00309
- markus@cvs.openbsd.org 2001/04/03 23:32:12
...
[kex.c kex.h packet.c sshconnect2.c sshd.c]
undo parts of recent my changes: main part of keyexchange does not
need dispatch-callbacks, since application data is delayed until
the keyexchange completes (if i understand the drafts correctly).
add some infrastructure for re-keying.
2001-04-04 02:00:54 +00:00
9323d96479
- todd@cvs.openbsd.org 2001/04/03 21:19:38
...
[ssh_config]
id_rsa1/2 -> id_rsa; ok markus@
2001-04-04 01:58:48 +00:00
20d7c7b02c
- markus@cvs.openbsd.org 2001/04/03 19:53:29
...
[dh.c dh.h kex.c kex.h sshconnect2.c sshd.c]
move kex to kex*.c, used dispatch_set() callbacks for kex. should
make rekeying easier.
2001-04-04 01:56:17 +00:00
86ebcb6cf5
- stevesk@cvs.openbsd.org 2001/04/03 13:56:11
...
[sftp-glob.c ssh-agent.c ssh-keygen.c]
free() -> xfree()
2001-04-04 01:53:20 +00:00
0d3e8fafa4
- deraadt@cvs.openbsd.org 2001/04/02 17:32:23
...
[ssh-agent.1]
grammar; slade@shore.net
2001-04-04 01:51:25 +00:00
efe5fd811b
- (stevesk) nchan.c: remove ostate checks and add EINVAL to
...
shutdown(SHUT_RD) error() bypass for HP-UX.
2001-04-03 13:02:48 +00:00
3704c2612a
- stevesk@cvs.openbsd.org 2001/04/02 14:20:23
...
[readconf.c servconf.c]
correct comment; ok markus@
2001-04-02 18:20:03 +00:00
55b99e35c7
- stevesk@cvs.openbsd.org 2001/04/02 14:15:31
...
[sshd.8]
typo; ok markus@
2001-04-02 18:18:21 +00:00
6189e1905c
- (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H
2001-04-02 14:02:55 +00:00
edcd5762e2
- (stevesk) log.c openbsd sync; missing newlines
2001-04-02 13:45:00 +00:00
ff75ac4d68
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2001/03/29 23:42:01
[sshd.c]
Protocol 1 key regeneration log => verbose, some KNF; ok markus@
2001-03-30 10:50:32 +10:00
9709f90684
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/29 21:17:40
[dh.c dh.h kex.c kex.h]
prepare for rekeying: move DH code to dh.c
2001-03-30 10:50:10 +10:00
a0ff466d80
- OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2001/03/29 21:06:21
[sshconnect2.c sshd.c]
need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
2001-03-30 10:49:35 +10:00
653ae11c4a
- OpenBSD CVS Sync
...
- provos@cvs.openbsd.org 2001/03/29 14:24:59
[sshconnect2.c]
use recommended defaults
2001-03-30 10:49:05 +10:00
5d57e50730
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/28 22:43:31
[auth.h auth2.c auth2-chall.c]
check auth_root_allowed for kbd-int auth, too.
2001-03-30 10:48:31 +10:00
23e526e271
- OpenBSD CVS Sync
...
- provos@cvs.openbsd.org 2001/03/28 22:04:57
[dh.c]
more sanity checking on primes file
2001-03-30 10:47:43 +10:00
2557bfc5d7
- (djm) OpenBSD CVS Sync
...
- provos@cvs.openbsd.org 2001/03/28 21:59:41
[kex.c kex.h sshconnect2.c sshd.c]
forgot to include min and max params in hash, okay markus@
2001-03-30 10:47:14 +10:00
d8f72ca6d5
- (djm) Another openbsd-compat/glob.c sync
2001-03-30 10:23:17 +10:00
7de696e798
- markus@cvs.openbsd.org 2001/03/28 20:50:45
...
[sshd.c]
call refuse() before close(); from olemx@ans.pl
2001-03-29 00:45:12 +00:00
ff2618c80f
- stevesk@cvs.openbsd.org 2001/03/28 20:04:38
...
[scp.c]
usage more like rcp and add missing -B to usage; ok markus@
2001-03-29 00:43:54 +00:00
bd47226987
- stevesk@cvs.openbsd.org 2001/03/28 19:56:23
...
[scp.c]
start to sync scp closer to rcp; ok markus@
2001-03-29 00:39:55 +00:00
df221391e6
- provos@cvs.openbsd.org 2001/03/27 17:46:50
...
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
make dh group exchange more flexible, allow min and max group size,
okay markus@, deraadt@
2001-03-29 00:36:16 +00:00
60a4381f1a
- markus@cvs.openbsd.org 2001/03/27 10:57:00
...
[compat.c compat.h ssh-rsa.c]
some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5
signatures in SSH protocol 2, ok djm@
2001-03-29 00:32:56 +00:00
425fb02f20
- markus@cvs.openbsd.org 2001/03/27 10:34:08
...
[ssh-rsa.c sshd.c]
use EVP_get_digestbynid, reorder some calls and fix missing free.
2001-03-29 00:31:20 +00:00
d09fcf5f6e
- markus@cvs.openbsd.org 2001/03/26 23:23:24
...
[rsa.c rsa.h ssh-agent.c ssh-keygen.c]
try to read private f-secure ssh v2 rsa keys.
2001-03-29 00:29:54 +00:00
c111660896
- markus@cvs.openbsd.org 2001/03/26 23:12:42
...
[authfile.c]
KNF
2001-03-29 00:28:37 +00:00
89b0bd66e2
- stevesk@cvs.openbsd.org 2001/03/26 15:47:59
...
[ssh.1]
document more defaults; misc. cleanup. ok markus@
2001-03-29 00:27:11 +00:00
b68af624a9
- (djm) Sync openbsd-compat/glob.c
2001-03-28 21:05:26 +10:00
9834474151
- (djm) Rework krbIV tests to get us closer to building on Redhat. Still
...
doesn't work because of conflicts between krbIV's and OpenSSL's des.h
2001-03-28 14:37:06 +10:00
18bb473eb0
- (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested
...
fix from Philippe Levan <levan@epix.net>
2001-03-28 14:35:30 +10:00
c79bc0d75b
- (djm) Reorder tests and library inclusion for Krb4/AFS to try to
...
resolve linking conflicts with libcrypto. Report and suggested fix
from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2001-03-28 13:03:42 +10:00
f9e9300947
- (djm) Reestablish PAM credentials (which can be supplemental group
...
memberships) after initgroups() blows them away. Report and suggested
fix from Nalin Dahyabhai <nalin@redhat.com>
2001-03-27 16:12:24 +10:00
d0fca423fc
- markus@cvs.openbsd.org 2001/03/26 08:07:09
...
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
2001-03-26 13:44:06 +00:00
7bfff36ca3
- stevesk@cvs.openbsd.org 2001/03/25 13:16:11
...
[servconf.c servconf.h session.c sshd.8 sshd_config]
PrintLastLog option; from chip@valinux.com with some minor
changes by me. ok markus@
2001-03-26 05:45:53 +00:00
6029432ec5
- djm@cvs.openbsd.org 2001/03/25 00:01:34
...
[session.c]
shorten; ok markus@
2001-03-26 05:38:25 +00:00
9531825dd0
- Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz
...
Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2001-03-26 05:35:33 +00:00
8ca935655e
- Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID)
2001-03-26 05:32:16 +00:00
b44fe0617d
- (djm) Pull out our own SIGPIPE hacks
2001-03-24 15:39:38 +11:00
de71cda078
- markus@cvs.openbsd.org 2001/03/23 14:28:32
...
[session.c sshd.c]
ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
2001-03-24 00:43:26 +00:00
7527f8b52d
- markus@cvs.openbsd.org 2001/03/23 13:10:57
...
[sftp-int.c]
fix put, upload to _absolute_ path, ok djm@
2001-03-24 00:39:12 +00:00
9e2057cb34
- markus@cvs.openbsd.org 2001/03/23 12:02:49
...
[auth1.c]
authctxt is now passed to do_authenticated
2001-03-24 00:37:59 +00:00
c8530c7f5c
- djm@cvs.openbsd.org 2001/03/23 11:04:07
...
[compat.c compat.h sshconnect2.c sshd.c]
Compat for OpenSSH with broken Rijndael/AES. ok markus@
2001-03-24 00:35:19 +00:00
b94f8b2bcb
- Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>.
2001-03-24 00:20:56 +00:00
69d8c077d4
- deraadt@cvs.openbsd.org 2001/03/22 20:22:55
...
[sshd.c]
do not place linefeeds in buffer
2001-03-22 22:45:33 +00:00
d9267454ca
- markus@cvs.openbsd.org 2001/03/21 21:06:30
...
[session.c]
missing init; from mib@unimelb.edu.au
2001-03-22 02:06:57 +00:00
f1107f5ede
- jakob@cvs.openbsd.org 2001/03/21 14:20:45
...
[ssh-keygen.c]
add -B flag to usage
2001-03-22 02:05:32 +00:00
57f82e260b
- (bal) scp.c CVS ID resync
2001-03-22 02:04:08 +00:00
b31783d547
- markus@cvs.openbsd.org 2001/03/21 11:43:45
...
[auth1.c auth2.c session.c session.h]
merge common ssh v1/2 code
2001-03-22 02:02:12 +00:00
fc9b07de19
- markus@cvs.openbsd.org 2001/03/20 19:21:21
...
[session.c]
remove unused arg
2001-03-22 01:27:23 +00:00
b4c961d822
- markus@cvs.openbsd.org 2001/03/20 19:21:21
...
[session.c]
remove unused arg
2001-03-22 01:25:37 +00:00
6b77643fd5
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/20 19:10:16
[readconf.c]
default to SSH protocol version 2
2001-03-22 01:24:04 +00:00
eebc4a2ed3
- (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
...
resync
2001-03-22 01:22:03 +00:00
ebf3d51c96
- (bal) version.c CVS ID resync
2001-03-22 01:08:39 +00:00
bebd8be67b
- (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de>
2001-03-22 11:58:15 +11:00
b69407dd7a
- (djm) Correctly handle SIA and AIX when no tty present. Spotted and
...
suggested fix from Mike Battersby <mib@unimelb.edu.au>
2001-03-21 16:13:03 +11:00
4b4e2d31d6
- (djm) Generate config files before build
2001-03-21 13:13:40 +11:00
ec7e1b1d0f
- (djm) Don't loop forever when changing password via PAM. Patch
...
from Solar Designer <solar@openwall.com>
2001-03-21 13:01:35 +11:00
2e9adb27e9
- (djm) Make sure pam_retval is initialised on call to pam_end. Patch
...
from Solar Designer <solar@openwall.com>
2001-03-21 12:16:24 +11:00
be08176963
- (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
...
VanDevender <stevev@darkwing.uoregon.edu>
2001-03-21 11:11:57 +11:00
d9d5ba2bbd
add get_arg_max(). Use sysconf() if ARG_MAX is not defined.
2001-03-19 20:46:50 -08:00
d14d7021a1
change S_ISLNK macro to work for UnixWare 2.03
2001-03-19 18:31:44 -08:00
82e7ae5bce
- (djm) Update RPM spec version
...
- (djm) Release 2.5.2p1
2001-03-20 09:30:50 +11:00
41be73b663
- markus@cvs.openbsd.org 2001/03/19 17:12:10
...
[version.h]
version 2.5.2
2001-03-20 09:16:34 +11:00
e7cf07c927
- markus@cvs.openbsd.org 2001/03/19 17:07:23
...
[auth.c readconf.c]
undo /etc/shell and proto 2,1 change for openssh-2.5.2
2001-03-20 09:15:57 +11:00
9911f12083
- (bal) Oops. Missed globc.h change (OpenBSD CVS).
2001-03-19 21:29:30 +00:00
11c78f8119
- (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS).
2001-03-19 19:00:09 +00:00
a77d641cea
- (bal) glob.c update to added GLOB_LIMITS.
2001-03-19 18:58:13 +00:00
aad56ce545
- (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX
2001-03-19 13:42:21 +00:00
1e42f30c4c
- djm@cvs.openbsd.org 2001/03/19 05:49:52
...
[ssh.1]
document PreferredAuthentications option; ok markus@
2001-03-19 23:59:11 +11:00
a243fde477
- djm@cvs.openbsd.org 2001/03/19 12:10:17
...
[sshd.8]
Document permitopen authorized_keys option; ok markus@
2001-03-19 23:16:08 +11:00
c2c5d9fd3b
- djm@cvs.openbsd.org 2001/03/19 12:10:17
...
[sshd.8]
Document permitopen authorized_keys option; ok markus@
2001-03-19 23:16:08 +11:00
27dbe6f37e
- deraadt@cvs.openbsd.org 2001/03/18 23:30:55
...
[compat.c compat.h sshd.c]
specifically version match on ssh scanners. do not log scan
information to the console
2001-03-19 22:36:20 +11:00
cafff19105
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2001/03/19 03:52:51
[sftp-client.c]
Report ssh connection closing correctly; ok deraadt@
2001-03-19 22:29:46 +11:00
03017ba638
- (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS*
2001-03-19 03:12:25 +00:00
8feff4542e
- (bal) Small fix to scp. %lu vs %ld
2001-03-19 03:09:40 +00:00
6cabb6fd6c
- Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix
...
stuff. Change suggested by Mark Miller <markm@swoon.net>
2001-03-19 03:01:56 +00:00
d19a75abd0
move HAVE_LONG_LONG_INT where it works
2001-03-18 18:27:26 -08:00
ffd0e10b9c
- (djm) Make scp work on systems without 64-bit ints
2001-03-19 12:45:02 +11:00
2d70f98220
- markus@cvs.openbsd.org 2001/03/18 12:07:52
...
[auth-options.c]
ignore permitopen="host:port" if AllowTcpForwarding==no
2001-03-19 00:13:46 +00:00
9de61e8c59
- (djm) Add getusershell() functions from OpenBSD CVS
2001-03-19 10:09:27 +11:00
60bc517356
- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
...
do it implicitly.
2001-03-19 09:38:15 +11:00
b399be4436
- tim@mindrot.org 2001/03/17 18:45:25 [compat.c]
...
openbsd-compat/fake-regex.h
2001-03-17 18:43:16 -08:00
d69191bb4e
- markus@cvs.openbsd.org 2001/03/17 17:27:59
...
[auth.c]
check /etc/shells, too
2001-03-17 23:13:27 +00:00
fea7278d90
- (bal) Fixed scp type casing issue which causes "scp: protocol error:
...
size not delimited" fatal errors when tranfering.
2001-03-17 18:07:46 +00:00
45b14dbddc
- Check for gl_matchc support in glob_t and fall back to the
...
openbsd-compat/glob.[ch] support if it does not exist.
2001-03-17 01:15:38 +00:00
7bb8b49596
- markus@cvs.openbsd.org 2001/03/16 19:06:30
...
[auth-options.c channels.c channels.h serverloop.c session.c]
implement "permitopen" key option, restricts -L style forwarding to
to specified host:port pairs. based on work by harlan@genua.de
2001-03-17 00:47:54 +00:00
cf00df6344
- markus@cvs.openbsd.org 2001/03/16 13:44:24
...
[sftp-int.c]
discourage strcat/strcpy
2001-03-17 00:37:31 +00:00
5df2ffaeac
- markus@cvs.openbsd.org 2001/03/16 09:55:53
...
[sftp-int.c]
fix memset and whitespace
2001-03-17 00:36:17 +00:00
c8d1c30c31
- djm@cvs.openbsd.org 2001/03/16 08:16:18
...
[sftp-client.c sftp-client.h sftp-glob.c sftp-int.c]
Revise globbing for get/put to be more shell-like. In particular,
"get/put file* directory/" now works. ok markus@
2001-03-17 00:34:46 +00:00
86fe8686b9
- markus@cvs.openbsd.org 2001/03/15 22:07:08
...
[session.c]
pass Session to do_child + KNF
2001-03-17 00:32:57 +00:00
a4c57666b9
- markus@cvs.openbsd.org 2001/03/15 15:05:59
...
[scp.c]
use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi
2001-03-17 00:10:20 +00:00
168a700cc6
- Support usrinfo() on AIX. Based on patch from Gert Doering
...
<gert@greenie.muc.de>
2001-03-17 10:29:50 +11:00
c7f4ccd52c
- deraadt@cvs.openbsd.org 2001/03/14 22:50:25
...
[sftp-server.c]
note no getopt()
2001-03-15 00:09:15 +00:00
de2273f951
- (bal) Cygwin README change by Corinna Vinschen <vinschen@redhat.com>
2001-03-14 21:30:18 +00:00
f78682d24a
- markus@cvs.openbsd.org 2001/03/14 15:15:58
...
[sftp-int.c]
add version command
2001-03-14 21:26:27 +00:00
54f15b6b6f
- (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h"
2001-03-14 18:37:13 +00:00
025df4a1b4
- markus@cvs.openbsd.org 2001/03/14 08:57:14
...
[sftp-client.c]
Wall
2001-03-14 15:16:34 +00:00
3c02768950
- (djm) Add replacement glob() from OpenBSD libc if the system glob is
...
missing or lacks the GLOB_ALTDIRFUNC extension
- (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers
relatively. Avoids conflict between glob.h and /usr/include/glob.h
2001-03-14 11:39:45 +11:00
46e55aaabc
- Fix strerror() in bsd-misc.c
2001-03-13 23:38:20 +00:00
4870afd7c7
- djm@cvs.openbsd.org 2001/03/13 22:42:54
...
[sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@
2001-03-14 10:27:09 +11:00
056ddf7af3
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/13 17:34:42
[auth-options.c]
missing xfree, deny key on parse error; ok stevesk@
2001-03-14 10:15:20 +11:00
cfccef96a3
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/12 22:02:02
[key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
remove old key_fingerprint interface, s/_ex//
2001-03-13 04:57:58 +00:00
9ae2bb6790
- (bal) Reorder includes in Makefile.
2001-03-12 05:16:18 +00:00
3e292fab40
- (djm) Add "static_openssl" RPM build option, remove rsh build dependency
2001-03-12 14:47:30 +11:00
547c276203
- (djm) Bump portable version number for generating test RPMs
2001-03-12 14:23:52 +11:00
8fd372b194
- markus@cvs.openbsd.org 2001/03/11 22:33:24
...
[ssh-keygen.1 ssh-keygen.c]
remove -v again. use -B instead for bubblebabble. make -B consistent
with -l and make -B work with /path/to/known_hosts. ok deraadt@
2001-03-12 03:02:17 +00:00
f0b4853d86
- markus@cvs.openbsd.org 2001/03/11 18:29:51
...
[key.c]
style+cleanup
2001-03-12 02:59:31 +00:00
bee3f2224c
test if snprintf() supports %ll
...
add /dev to search path for PRNGD/EGD socket
fix my mistake in USER_PATH test program
2001-03-11 17:32:12 -08:00
ca0bf57f2f
- deraadt@cvs.openbsd.org 2001/03/11 16:39:03
...
[ssh-keygen.c]
KNF, and SHA1 binary output is just creeping featurism
2001-03-11 20:08:29 +00:00
cbe3ad2f70
- jakob@cvs.openbsd.org 2001/03/11 15:13:09
...
[key.c]
cleanup & shorten some var names key_fingerprint_bubblebabble.
2001-03-11 20:06:59 +00:00
a8a73e62ed
- jakob@cvs.openbsd.org 2001/03/11 15:04:16
...
[ssh-keygen.1 ssh-keygen.c]
print both md5, sha1 and bubblebabble fingerprints when using
ssh-keygen -l -v. ok markus@.
2001-03-11 20:05:19 +00:00
96e8ea6a31
- jakob@cvs.openbsd.org 2001/03/11 15:03:16
...
[key.c key.h]
add improved fingerprint functions. based on work by Carsten
Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
2001-03-11 20:03:44 +00:00
b54873ad24
- markus@cvs.openbsd.org 2001/03/11 13:25:36
...
[auth2.c key.c]
debug
2001-03-11 20:01:55 +00:00
b9be60a722
- markus@cvs.openbsd.org 2001/03/10 17:51:04
...
[kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
add PreferredAuthentications
2001-03-11 01:49:19 +00:00
7f283fcc94
- tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config]
...
make sure $bindir is in USER_PATH so scp will work
2001-03-10 16:52:25 -08:00
d20d0f3e27
- deraadt@cvs.openbsd.org 2001/03/10 15:31:00
...
[compat.c compat.h sshconnect.c]
all known netscreen ssh versions, and older versions of OSU ssh cannot
handle password padding (newer OSU is fixed)
2001-03-10 17:22:20 +00:00
00261540be
- stevesk@cvs.openbsd.org 2001/03/10 15:02:05
...
[ttymodes.c ttymodes.h]
remove unused sgtty macros; ok markus@
2001-03-10 17:17:28 +00:00
068f3dce28
- deraadt@cvs.openbsd.org 2001/03/10 12:53:51
...
[readconf.c ssh_config]
default to SSH2, now that m68k runs fast
2001-03-10 17:15:39 +00:00
329782e3db
- markus@cvs.openbsd.org 2001/03/10 12:48:27
...
[sshconnect2.c]
ignore nonexisting private keys; report rjmooney@mediaone.net
2001-03-10 17:08:59 +00:00
5f5419a6a2
- Removed log.o from sftp client. Not needed.
2001-03-09 19:48:37 +00:00
ca42d5fb7f
- deraadt@cvs.openbsd.org 2001/03/09 12:30:29
...
[sshd.c]
typo; slade@shore.net
2001-03-09 18:25:32 +00:00
5fc6270fe9
- deraadt@cvs.openbsd.org 2001/03/09 03:14:39
...
[ssh-keygen.c]
create *.pub files with umask 0644, so that you can mv them to
authorized_keys
2001-03-09 18:19:24 +00:00
266dfdfd62
- markus@cvs.openbsd.org 2001/03/08 21:42:33
...
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
no need to do enter passphrase or do expensive sign operations if the
server does not accept key).
2001-03-09 00:12:22 +00:00
283cb821cd
- stevesk@cvs.openbsd.org 2001/03/08 20:44:48
...
[sftp.1]
spelling, cleanup; ok deraadt@
2001-03-09 00:09:02 +00:00
a038498797
- stevesk@cvs.openbsd.org 2001/03/08 18:47:12
...
[auth1.c]
unused; ok markus@
2001-03-08 20:37:22 +00:00
52dd46855d
- (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H;
...
Dirk Markwardt <D.Markwardt@tu-bs.de>
2001-03-08 18:26:57 +00:00
cebc858ca2
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/08 00:15:48
[readconf.c ssh.1]
turn off useprivilegedports by default. only rhost-auth needs
this. older sshd's may need this, too.
2001-03-08 03:39:10 +00:00
058316f0f1
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2001/03/07 10:11:23
[sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h]
Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling
functions and small protocol change.
2001-03-08 10:08:49 +11:00
8ac0a7ec44
- Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com>
2001-03-07 21:38:19 +11:00
b29e34d1e4
- deraadt@cvs.openbsd.org 2001/03/07 04:05:58
...
[ssh.1]
removed dated comment
2001-03-07 06:08:50 +00:00
d58eb5f50e
- deraadt@cvs.openbsd.org 2001/03/07 01:19:06
...
[ssh.1 sshd.8]
the name "secure shell" is boring, noone ever uses it
2001-03-07 06:07:22 +00:00
c9b6eabb49
- deraadt@cvs.openbsd.org 2001/03/06 15:10:42
...
[sftp.1]
order things
2001-03-07 01:29:17 +00:00
562c26bccf
- deraadt@cvs.openbsd.org 2001/03/06 06:11:44
...
[sftp-int.c sftp.1 sftp.c]
sftp -b batchfile; mouring@etoh.eviladmin.org
2001-03-07 01:26:48 +00:00
e21c4adaac
- deraadt@cvs.openbsd.org 2001/03/06 06:11:18
...
[ssh-keyscan.c]
appease gcc
2001-03-07 01:23:30 +00:00
ebc882757b
- millert@cvs.openbsd.org 2001/03/06 01:08:27
...
[clientloop.c]
If read() fails with EINTR deal with it the same way we treat EAGAIN
2001-03-06 03:34:40 +00:00
884a4aca88
- millert@cvs.openbsd.org 2001/03/06 01:06:03
...
[ssh-keyscan.c]
Don't assume we wil get the version string all in one read().
deraadt@ OK'd
2001-03-06 03:33:04 +00:00
b3144e58e7
- deraadt@cvs.openbsd.org 2001/03/06 00:33:04
...
[authfd.c cli.c ssh-agent.c]
EINTR/EAGAIN handling is required in more cases
2001-03-06 03:31:34 +00:00
be6a5a6dfe
- stevesk@cvs.openbsd.org 2001/03/05 17:58:22
...
[dh.c]
spelling
2001-03-06 01:13:06 +00:00
1e62174af1
- stevesk@cvs.openbsd.org 2001/03/05 17:40:48
...
[ssh.1]
more ssh_known_hosts2 documentation; ok markus@
2001-03-06 01:10:53 +00:00
4c4f05e096
- markus@cvs.openbsd.org 2001/03/05 17:17:21
...
[kex.c kex.h sshconnect2.c sshd.c]
generate a 2*need size (~300 instead of 1024/2048) random private
exponent during the DH key agreement. according to Niels (the great
german advisor) this is safe since /etc/primes contains strong
primes only.
References:
P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
agreement with short exponents, In Advances in Cryptology
- EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
2001-03-06 01:09:20 +00:00
c78a187b17
- deraadt@cvs.openbsd.org 2001/03/05 16:07:15
...
[sshd.8]
detail default hmac setup too
2001-03-06 01:06:58 +00:00
ec26fb1667
- deraadt@cvs.openbsd.org 2001/03/05 15:56:16
...
[myproposal.h ssh.1]
switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
provos & markus ok
2001-03-06 01:05:23 +00:00
35f1f4e2b8
- stevesk@cvs.openbsd.org 2001/03/05 15:44:51
...
[servconf.c]
sync error message; ok markus@
2001-03-06 01:02:41 +00:00
ff8b4940ab
- deraadt@cvs.openbsd.org 2001/03/05 14:28:47
...
[sshd.8]
alpha order; jcs@rt.fm
2001-03-06 01:00:03 +00:00
12888d1fc8
- (stevesk) sftp.c: handle __progname
2001-03-05 19:50:57 +00:00
935aa24bf4
- (stevesk) OpenBSD sync:
...
- deraadt@cvs.openbsd.org 2001/03/05 08:37:27
[ssh-keyscan.c]
skip inlining, why bother
2001-03-05 19:46:37 +00:00
30246a8f2b
- (djm) Fix up LOG_AUTHPRIV for systems that have it
2001-03-05 21:23:31 +11:00
2d9bfb17be
- (bal) Fix up logging since it changed. removed log-*.c
2001-03-05 08:16:54 +00:00
0f68db4e9e
- (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
2001-03-05 07:57:09 +00:00
fd2e05b95e
- deraadt@cvs.openbsd.org 2001/03/04 18:21:28
...
[sshd.8]
list SSH2 ciphers
2001-03-05 07:48:45 +00:00
6df8ef4196
- millert@cvs.openbsd.org 2001/03/04 17:42:28
...
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
ssh.c sshconnect.c sshd.c]
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.
2001-03-05 07:47:23 +00:00
fafea18d68
- stevesk@cvs.openbsd.org 2001/03/04 12:54:04
...
[sshd.8]
spelling
2001-03-05 07:43:27 +00:00
d9cae22d1a
- stevesk@cvs.openbsd.org 2001/03/04 11:16:06
...
[servconf.c sshd.8]
kill obsolete RandomSeed; ok markus@ deraadt@
2001-03-05 07:42:03 +00:00
323c98f4a7
- stevesk@cvs.openbsd.org 2001/03/04 11:04:41
...
[sshd.8]
small cleanup and clarify for PermitRootLogin; ok markus@
2001-03-05 07:40:40 +00:00
3d73a34931
- stevesk@cvs.openbsd.org 2001/03/04 10:57:53
...
[ssh.c]
add -m to usage; ok markus@
2001-03-05 07:39:01 +00:00
9c5324422e
- (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
2001-03-05 07:33:14 +00:00
Ben Lindstrom
Kevin Steves
Damien Miller
Tim Rice