tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,584 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

4132 Commits

Author SHA1 Message Date
Darren Tucker 0d0e8f0173 - (dtucker) OpenBSD CVS Sync 
- reyk@cvs.openbsd.org 2005/12/13 15:03:02
     [serverloop.c]
     if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
 2005-12-20 16:08:42 +11:00
Darren Tucker 129d0bb6a6 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac 
openbsd-compat/openssl-compat.h] Check for and work around broken AES
   ciphers >128bit on (some) Solaris 10 systems.  ok djm@
 2005-12-19 17:40:40 +11:00
Darren Tucker d40c66cf3f - (dtucker) [configure.ac openbsd-compat/bsd-snprintf.c] Bug #1133: Our 
snprintf replacement can have a conflicting declaration in HP-UX's system
   headers (const vs. no const) so we now check for and work around it.  Patch
   from the dynamic duo of David Leonard and Ted Percival.
 2005-12-17 22:32:03 +11:00
Darren Tucker 98cfc4ce9d - (dtucker) [defines.h] HP-UX system headers define "YES" and "NO" which 
scp.c also uses, so undef them here.
 2005-12-17 22:04:08 +11:00
Darren Tucker 3154358d66 - dtucker@cvs.openbsd.org 2005/12/30 04:36:39 
[regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@
 2005-12-14 15:39:20 +11:00
Damien Miller 62a31c9fd0 - (djm) [misc.c] Disable tunnel code for non-OpenBSD (for now), enable 
again by providing a sys_tun_open() function for your platform and
   setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match
   OpenBSD's tunnel protocol, which prepends the address family to the
   packet
 2005-12-13 20:44:13 +11:00
Damien Miller d47c62a714 - markus@cvs.openbsd.org 2005/12/12 13:46:18 
[channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@
 2005-12-13 19:33:57 +11:00
Damien Miller 7746c391b1 - jmc@cvs.openbsd.org 2005/12/08 21:37:50 
[ssh_config.5]
     new sentence, new line;
 2005-12-13 19:33:37 +11:00
Damien Miller 7b58e80036 - reyk@cvs.openbsd.org 2005/12/08 18:34:11 
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
     [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
     two changes to the new ssh tunnel support. this breaks compatibility
     with the initial commit but is required for a portable approach.
     - make the tunnel id u_int and platform friendly, use predefined types.
     - support configuration of layer 2 (ethernet) or layer 3
     (point-to-point, default) modes. configuration is done using the
     Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
     restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
     in sshd_config(5).
     ok djm@, man page bits by jmc@
 2005-12-13 19:33:19 +11:00
Damien Miller 957d4e430e - jmc@cvs.openbsd.org 2005/12/08 15:06:29 
[ssh_config.5]
     keep options in order;
 2005-12-13 19:30:45 +11:00
Damien Miller 4b2319fb85 - jmc@cvs.openbsd.org 2005/12/08 14:59:44 
[ssh.1 ssh_config.5]
     make `!command' a little clearer;
     ok reyk
 2005-12-13 19:30:27 +11:00
Damien Miller f0c8c15322 - jmc@cvs.openbsd.org 2005/12/07 10:52:13 
[ssh.1]
     - avoid line split in SYNOPSIS
     - add args to -w
     - kill trailing whitespace
 2005-12-13 19:29:58 +11:00
Damien Miller aeb31d6120 - djm@cvs.openbsd.org 2005/12/07 03:52:22 
[clientloop.c]
     reyk forgot to compile with -Werror (missing header)
 2005-12-13 19:29:36 +11:00
Damien Miller d27b947178 - reyk@cvs.openbsd.org 2005/12/06 22:38:28 
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.

     ok djm@, markus@, jmc@ (manpages), tested and discussed with others
 2005-12-13 19:29:02 +11:00
Damien Miller 6dbdb6afee - jmc@cvs.openbsd.org 2005/11/30 11:45:20 
[ssh.1]
     avoid ambiguities in describing TZ;
     ok djm@
 2005-12-13 19:25:43 +11:00
Damien Miller c94ebbc723 - (djm) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2005/11/30 11:18:27
     [ssh.1]
     timezone -> time zone
 2005-12-13 19:25:21 +11:00
Damien Miller 7677be5d6c - (djm) [envpass.sh] Remove regress script that was accidentally committed 
in top level directory and not noticed for over a year :)
 2005-12-01 12:51:59 +11:00
Tim Rice 46259d86a2 - (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string) 
for UnixWare.
 2005-11-28 18:40:34 -08:00
Darren Tucker 3af2ac56a2 - dtucker@cvs.openbsd.org 2005/11/29 02:04:55 
[ssh-keygen.c]
     Populate default key sizes before checking them; from & ok tim@
 2005-11-29 13:10:24 +11:00
Tim Rice 660c3405f9 - (tim) [ssh-keygen.c] Move DSA length test after setting default when 
bits == 0.
 2005-11-28 17:45:32 -08:00
Darren Tucker ac0c8a533d - (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use 
_GNU_SOURCE instead.  Patch from t8m at centrum.cz.
 2005-11-28 22:28:59 +11:00
Darren Tucker 3a4634f674 - dtucker@cvs.openbsd.org 2005/11/28 06:02:56 
[ssh-agent.1]
     Update agent socket path templates to reflect reality, correct xref for
     time formats.  bz#1121, patch from openssh at roumenpetrov.info, ok djm@
 2005-11-28 17:05:40 +11:00
Darren Tucker 9f647335d2 [ssh-keygen.1 ssh-keygen.c] 
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@, grudging ok deraadt@.
 2005-11-28 16:41:46 +11:00
Darren Tucker b1a8777f3a - (dtucker) [regress/yes-head.sh] Work around breakage caused by some 
versions of GNU head.  Based on patch from zappaman at buraphalinux.org
 2005-11-28 16:41:03 +11:00
Darren Tucker 91d25a0c45 - (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer, 
when they're available) need the real UID set otherwise pam_chauthtok will
   set ADMCHG after changing the password, forcing the user to change it
   again immediately.
 2005-11-26 22:24:09 +11:00
Darren Tucker e0be30426a - (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for 
snprintf formats, fixes warnings on some 64 bit platforms.  Patch from
   shaw at vranix.com, ok djm@
 2005-11-25 14:44:55 +11:00
Darren Tucker 58e298d11b - (dtucker) [configure.ac] Apply tim's fix for older systems where the 
resolver state in resolv.h is "state" not "__res_state".  With slight
   modification by me to also work on old AIXes.  ok djm@
 2005-11-25 13:14:58 +11:00
Darren Tucker faec5ca73f - (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so 
many and use them only once.  Speeds up testing on older/slower hardware.
 2005-11-24 23:18:54 +11:00
Darren Tucker 79d09fad52 - (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument 
order in Reliant Unix block.  Patch from johane at lysator.liu.se.
 2005-11-24 22:34:54 +11:00
Damien Miller 57f3915b55 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c 
openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an
   asprintf() implementation, after syncing our {v,}snprintf() implementation
   with some extra fixes from Samba's version. With help and debugging from
   dtucker and tim; ok dtucker@
 2005-11-24 19:58:19 +11:00
Darren Tucker efc17470e0 - (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch 
from shaw at vranix.com.
 2005-11-22 19:55:13 +11:00
Darren Tucker 593bae7e10 - dtucker@cvs.openbsd.org 2005/11/22 03:36:03 
[hostfile.c]
     Correct format/arguments to debug call; spotted by shaw at vranix.com
     ok djm@
 2005-11-22 19:43:26 +11:00
Darren Tucker f4732f6475 - dtucker@cvs.openbsd.org 2005/11/21 09:42:10 
[auth-krb5.c]
     Perform Kerberos calls even for invalid users to prevent leaking
     information about account validity.  bz #975, patch originally from
     Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@, biorn@,
     ok markus@
 2005-11-22 19:42:42 +11:00
Darren Tucker e8400da9d5 - millert@cvs.openbsd.org 2005/11/15 11:59:54 
[includes.h]
     Include sys/queue.h explicitly instead of assuming some other header
     will pull it in.  At the moment it gets pulled in by sys/select.h
     (which ssh has no business including) via event.h.  OK markus@
     (ID sync only in -portable)
 2005-11-22 19:41:33 +11:00
Darren Tucker 33f86bc284 - deraadt@cvs.openbsd.org 2005/11/12 18:38:15 
[scp.c]
     avoid close(-1), as in rcp; ok cloder
 2005-11-22 19:38:06 +11:00
Darren Tucker b736d8d829 - deraadt@cvs.openbsd.org 2005/11/12 18:37:59 
[ssh-add.c]
     space
 2005-11-22 19:37:08 +11:00
Darren Tucker 4123636471 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what 
is going on.
 2005-11-20 14:09:59 +11:00
Darren Tucker cb6ecdea6c - (dtucker) [regress/reconfigure.sh] Fix potential race in the reconfigure 
test: if sshd takes too long to reconfigure the subsequent connection will
   fail.  Zap pidfile before HUPing sshd which will rewrite it when it's ready.
 2005-11-12 21:30:07 +11:00
Darren Tucker 5bfe1687dd - (dtucker) [configure.ac] Remove duplicate utimes() check. ok djm@ 2005-11-12 18:42:36 +11:00
Darren Tucker 3f9545ee67 - (dtucker) [configure.ac] Use "$AWK" instead of "awk" in gcc version test. 2005-11-12 15:20:52 +11:00
Darren Tucker 5a0bdf770c - (dtucker) [openbsd-compat/{realpath.c,stroll.c,rresvport.c}] $OpenBSD tag. 2005-11-12 14:28:05 +11:00
Darren Tucker 7cb2a78ae2 - (dtucker) [openbsd-compat/realpath.c] Sync $OpenBSD tag. 2005-11-12 14:14:52 +11:00
Darren Tucker 16fd99c727 - (dtucker) [openbsd-compat/getrrsetbyname.c] Restore Portable-specific 
ifdef lost during sync.  Spotted by tim@.
 2005-11-12 14:06:29 +11:00
Darren Tucker f032435de7 - (dtucker) [configure.ac] Try to get the gcc version number in a way that 
doesn't change between versions, and use a safer default.
 2005-11-10 21:30:36 +11:00
Darren Tucker 9d30d13922 - (dtucker) [openbsd-compat/sigact.h] Update from OpenBSD 1.2 -> 1.3. 
Id and copyright sync only, there were no substantial changes we need.
 2005-11-10 19:43:48 +11:00
Darren Tucker 581203438f typo 2005-11-10 19:31:37 +11:00
Darren Tucker ce1cb1f160 - (dtucker) [openbsd-compat/bsd-closefrom.c openbsd-compat/base64.c] 
-Wall fixes from djm.
 2005-11-10 19:31:08 +11:00
Darren Tucker 30d6974124 - (dtucker) [openbsd-compat/sigact.c] Update from OpenBSD 1.3 -> 1.4. 
Id and copyright sync only, there were no substantial changes we need.
 2005-11-10 19:29:12 +11:00
Darren Tucker fe80d7a068 - (dtucker) [openbsd-compat/bindresvport.c] Update from OpenBSD 1.16 -> 1.17. 2005-11-10 17:54:46 +11:00
Darren Tucker 6f15c07ce3 - (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker. 2005-11-10 17:52:08 +11:00
Darren Tucker 91b34dc183 - (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8. 2005-11-10 17:42:40 +11:00
Darren Tucker ffcd0ecf6b - (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19. 2005-11-10 17:37:02 +11:00
Darren Tucker 8f0d8f8ea2 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13. 2005-11-10 17:33:00 +11:00
Darren Tucker 4e8c2490bb - (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6. 2005-11-10 17:28:35 +11:00
Darren Tucker b10b497682 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6. 2005-11-10 17:27:25 +11:00
Darren Tucker 2864039a7c - (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7. 2005-11-10 17:25:26 +11:00
Darren Tucker de9d623960 - (dtucker) [openbsd-compat/inet_nto.c] Update from OpenBSD 1.4 -> 1.6. 2005-11-10 17:23:54 +11:00
Darren Tucker c7e05d679a - (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9. 2005-11-10 17:21:21 +11:00
Darren Tucker 0a149d19d3 - (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up 
with OpenBSD code since we don't support platforms without fstat any more.
 2005-11-10 17:15:06 +11:00
Darren Tucker 31ba53e333 - (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14. 2005-11-10 17:11:29 +11:00
Darren Tucker 50a221ba7a - (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9. 2005-11-10 17:03:22 +11:00
Darren Tucker 6524d4f161 - (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25. 2005-11-10 17:02:21 +11:00
Darren Tucker d76b4c74f8 - (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5. 2005-11-10 16:58:47 +11:00
Darren Tucker dbb631cebe - (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18. 2005-11-10 16:56:28 +11:00
Darren Tucker f5ebfe9f68 - (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7. 2005-11-10 16:48:10 +11:00
Darren Tucker f976e6f883 - (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5. 
Removal of rcsid.
 2005-11-10 16:46:26 +11:00
Darren Tucker ad1dada0b4 - (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14. 
Removal of rcsid, will no longer strlcpy parts of the string.
 2005-11-10 16:42:51 +11:00
Darren Tucker 09471d8a1f - (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7. 
Removal of rcsid, "whiteout" inode type.
 2005-11-10 16:38:54 +11:00
Darren Tucker 925d1de3fb - (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker. 2005-11-10 16:31:55 +11:00
Darren Tucker 5224566303 - (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10. 2005-11-10 16:26:17 +11:00
Darren Tucker 7f24a0e647 - (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to 
after the copyright notices.  Having them at the top next to the CVSIDs
   guarantees a conflict for each and every sync.
 2005-11-10 16:18:56 +11:00
Darren Tucker 80c0d7eb88 - (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal 
of "register").
 2005-11-10 16:05:37 +11:00
Darren Tucker e5a2b5288d - (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI 
prototypes, removal of "register").
 2005-11-10 15:56:44 +11:00
Darren Tucker b0288098c9 - (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+ 
since they're not useful right now.  Patch from djm@.
 2005-11-10 14:46:48 +11:00
Darren Tucker 618db97fe1 - (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path. 
Patch from djm@.
 2005-11-10 14:43:11 +11:00
Darren Tucker 063ba7455f - (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c 
revs 1.7 - 1.9.
 2005-11-10 10:38:45 +11:00
Darren Tucker 32b531067d - (dtucker) [openbsd-compat/getenv.c] Make __findenv static, remove 
unnecessary prototype.
 2005-11-10 10:13:06 +11:00
Darren Tucker b8c89d14bb - (dtucker) [openbsd-compat/getenv.c] Merge changes for __findenv from 
OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
   "register").
 2005-11-10 10:10:10 +11:00
Damien Miller 9b59ada7ca - (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version, 
resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
   ok dtucker@
 2005-11-05 16:56:52 +11:00
Darren Tucker 3a38c5a856 - (dtucker) [README.platform] Add PAM section. 2005-11-05 16:28:35 +11:00
Damien Miller 5fd8b02b44 - djm@cvs.openbsd.org 2005/11/05 05:01:15 
[bufaux.c]
     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
     cs.stanford.edu; ok dtucker@
 2005-11-05 16:04:36 +11:00
Damien Miller 19bb3a57f8 - djm@cvs.openbsd.org 2005/11/04 05:15:59 
[kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
     remove hardcoded hash lengths in key exchange code, allowing
     implementation of KEX methods with different hashes (e.g. SHA-256);
     ok markus@ dtucker@ stevesk@
 2005-11-05 15:19:35 +11:00
Damien Miller 24ecf61261 - dtucker@cvs.openbsd.org 2005/11/03 13:38:29 
[canohost.c]
     Cache reverse lookups with and without DNS separately; ok markus@
 2005-11-05 15:16:52 +11:00
Damien Miller 83d0d39d0e - jmc@cvs.openbsd.org 2005/10/31 19:55:25 
[ssh-keygen.1]
     grammar;
 2005-11-05 15:16:27 +11:00
Damien Miller c7e2d3fa10 - djm@cvs.openbsd.org 2005/10/31 11:48:29 
[serverloop.c]
     make sure we clean up wtmp, etc. file when we receive a SIGTERM,
     SIGINT or SIGQUIT when running without privilege separation (the
     normal privsep case is already OK). Patch mainly by dtucker@ and
     senthilkumar_sen AT hotpop.com; ok dtucker@
 2005-11-05 15:16:12 +11:00
Damien Miller f14be5ce03 - djm@cvs.openbsd.org 2005/10/31 11:12:49 
[ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
 2005-11-05 15:15:49 +11:00
Damien Miller 653b93be5d - dtucker@cvs.openbsd.org 2005/10/31 06:15:04 
[sftp.c]
     Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@
 2005-11-05 15:15:23 +11:00
Damien Miller 788f212aed - djm@cvs.openbsd.org 2005/10/30 08:52:18 
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
 2005-11-05 15:14:59 +11:00
Damien Miller 713de76f66 - jmc@cvs.openbsd.org 2005/10/30 08:43:47 
[ssh_config.5]
     remove trailing whitespace;
 2005-11-05 15:13:49 +11:00
Damien Miller 4d3fd54c91 - dtucker@cvs.openbsd.org 2005/10/30 08:29:29 
[canohost.c sshd.c]
     Check for connections with IP options earlier and drop silently.  ok djm@
 2005-11-05 15:13:24 +11:00
Damien Miller aa3bb10940 - djm@cvs.openbsd.org 2005/10/30 04:03:24 
[ssh.c]
     fix misleading debug message; ok dtucker@
 2005-11-05 15:12:59 +11:00
Damien Miller 4bbacb706b - djm@cvs.openbsd.org 2005/10/30 04:01:03 
[ssh-keyscan.c]
     make ssh-keygen discard junk from server before SSH- ident, spotted by
     dave AT cirt.net; ok dtucker@
 2005-11-05 15:12:28 +11:00
Damien Miller b3bfbb7355 - djm@cvs.openbsd.org 2005/10/30 01:23:19 
[ssh_config.5]
     mention control socket fallback behaviour, reported by
     tryponraj AT gmail.com
 2005-11-05 15:11:48 +11:00
Damien Miller 319550a52b - stevesk@cvs.openbsd.org 2005/10/17 14:13:35 
[dns.c dns.h]
     more cleanups; ok jakob@
 2005-11-05 15:11:15 +11:00
Damien Miller 7e8795d308 - stevesk@cvs.openbsd.org 2005/10/17 14:01:28 
[dns.c]
     remove #ifdef LWRES; ok jakob@
 2005-11-05 15:10:42 +11:00
Damien Miller c1af1d5f40 - stevesk@cvs.openbsd.org 2005/10/15 15:28:12 
[sshconnect.c]
     make external definition static; ok deraadt@
 2005-11-05 15:08:57 +11:00
Damien Miller 0a0176e9f3 - stevesk@cvs.openbsd.org 2005/10/14 02:29:37 
[channels.c clientloop.c]
     free()->xfree(); ok djm@
 2005-11-05 15:07:59 +11:00
Damien Miller 15d72a00a3 - stevesk@cvs.openbsd.org 2005/10/14 02:17:59 
[ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@
 2005-11-05 15:07:33 +11:00
Damien Miller 6fd6defbce - stevesk@cvs.openbsd.org 2005/10/13 22:24:31 
[auth2-gss.c gss-genr.c gss-serv.c monitor.c]
     KNF; ok djm@
 2005-11-05 15:07:05 +11:00
Damien Miller 20afc24363 - stevesk@cvs.openbsd.org 2005/10/13 19:13:41 
[dns.c]
     unneeded #include, unused declaration, little knf; ok deraadt@
 2005-11-05 15:06:38 +11:00
Damien Miller 5f916c8f6c - stevesk@cvs.openbsd.org 2005/10/13 19:08:08 
[gss-serv-krb5.c gss-serv.c]
     unused declarations; ok deraadt@
     (id sync only for gss-serv-krb5.c)
 2005-11-05 15:05:28 +11:00
Damien Miller 9fac263639 - stevesk@cvs.openbsd.org 2005/10/13 14:20:37 
[gss-serv.c]
     spelling in comments
 2005-11-05 15:03:48 +11:00
Damien Miller 5434eb2a69 - stevesk@cvs.openbsd.org 2005/10/13 14:03:01 
[auth2-gss.c gss-genr.c gss-serv.c]
     remove unneeded #includes; ok markus@
 2005-11-05 15:03:24 +11:00
Damien Miller 5e7fd076f5 - djm@cvs.openbsd.org 2005/10/11 23:37:37 
[channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@
 2005-11-05 14:53:39 +11:00
Damien Miller 39eda6eb6a - djm@cvs.openbsd.org 2005/10/10 10:23:08 
[channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
 2005-11-05 14:52:50 +11:00
Damien Miller 3f54a9f5b7 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
 2005-11-05 14:52:18 +11:00
Darren Tucker d32e293c04 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup(). 
Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
   via FreeBSD.
 2005-11-02 09:07:31 +11:00
Darren Tucker 42308a4374 - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is 
enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@
 2005-10-30 15:31:55 +11:00
Damien Miller 88edf6255b - (djm) [contrib/suse/openssh.spec contrib/suse/rc. 
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
   files from imorgan AT nas.nasa.gov
 2005-10-30 11:55:45 +11:00
Darren Tucker a841dceb4c - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no 
prompt.  Patch from vinschen at redhat.com.
 2005-10-25 18:55:00 +10:00
Darren Tucker e737455430 - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't 
understand "%lld", even though the compiler has "long long", so handle
   it as a special case.  Patch tested by mcaskill.scott at epa.gov.

(actually was included in previous commit)
 2005-10-25 18:52:31 +10:00
Darren Tucker 537f1ed7df - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the 
sizeof(long long) checks, to make fixing bug #1104 easier (no changes
   yet).
 2005-10-25 18:38:33 +10:00
Darren Tucker 314d89e050 - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling. 
/etc/default/login report and testing from aabaker at iee.org, corrections
   from tim@.
 2005-10-17 23:29:23 +10:00
Darren Tucker 9ac1a65acb - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current 
versions from OpenBSD.  ok djm@
 2005-10-09 11:40:03 +10:00
Damien Miller e04ec6fdfd - (djm) [configure.ac] missing 'test' call for -with-Werror test 2005-10-08 16:21:19 +10:00
Darren Tucker 1e6616bb14 - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from 
brian.smith at agilent com.
 2005-10-08 12:07:01 +10:00
Darren Tucker b18f15100a - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended 
"*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
   senthilkumar_sen at hotpop.com.
 2005-10-05 23:02:16 +10:00
Darren Tucker 1f85dc7034 - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp 
is required in the system path for the multiplex test to work.
 2005-10-03 20:14:18 +10:00
Darren Tucker b0b12296f9 - dtucker@cvs.openbsd.org 2005/10/03 07:44:42 
[canohost.c]
     Relocate check_ip_options call to prevent logging of garbage for
     connections with IP options set.  bz#1092 from David Leonard,
     "looks good" deraadt@
 2005-10-03 18:23:44 +10:00
Darren Tucker 28e8e59b35 - jaredy@cvs.openbsd.org 2005/09/30 20:34:26 
[ssh-keyscan.1]
     deploy .An -nosplit; ok jmc
 2005-10-03 18:20:28 +10:00
Darren Tucker 45b0142643 - djm@cvs.openbsd.org 2005/09/21 23:37:11 
[sshd.c]
     change label at markus@'s request
 2005-10-03 18:20:00 +10:00
Darren Tucker e2dd2d5baa - djm@cvs.openbsd.org 2005/09/21 23:36:54 
[sshd_config.5]
     aquire -> acquire, from stevesk@
 2005-10-03 18:19:06 +10:00
Darren Tucker 1e4308e6fa - djm@cvs.openbsd.org 2005/09/19 23:31:31 
[ssh.1]
     spelling nit from stevesk@
 2005-10-03 18:18:40 +10:00
Darren Tucker 895d698515 - jmc@cvs.openbsd.org 2005/09/19 15:42:44 
[ssh.c]
     update -D usage here too;
 2005-10-03 18:18:05 +10:00
Darren Tucker 05d4dfe38f - jmc@cvs.openbsd.org 2005/09/19 15:38:27 
[ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
 2005-10-03 18:17:38 +10:00
Darren Tucker 8813bbbca9 - djm@cvs.openbsd.org 2005/09/19 11:48:10 
[gss-serv.c]
     typo
 2005-10-03 18:17:02 +10:00
Darren Tucker a2cdbda2de - djm@cvs.openbsd.org 2005/09/19 11:47:09 
[sshd.c]
     stop connection abort on rekey with delayed compression enabled when
     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
 2005-10-03 18:16:02 +10:00
Darren Tucker c8d6421a64 - djm@cvs.openbsd.org 2005/09/19 11:37:34 
[ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
 2005-10-03 18:13:42 +10:00
Darren Tucker ce321d8a30 - djm@cvs.openbsd.org 2005/09/13 23:40:07 
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@
 2005-10-03 18:11:24 +10:00
Darren Tucker d89dbf29ff - markus@cvs.openbsd.org 2005/09/09 19:18:05 
[clientloop.c]
     typo; from mark at mcs.vuw.ac.nz, bug #1082
 2005-10-03 18:05:26 +10:00
Darren Tucker d3d0fa1558 - markus@cvs.openbsd.org 2005/09/07 08:53:53 
[channels.c]
     enforce chanid != NULL; ok djm
 2005-10-03 18:03:05 +10:00
Darren Tucker d4f04ae247 - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep 
child during PAM account check without clearing it.  This restores the
   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
   with help from several others.
 2005-09-30 10:23:21 +10:00
Darren Tucker 6e4221129e - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype 
for strtoll.  Patch from o.flebbe at science-computing.de.
 2005-09-30 09:55:49 +10:00
Darren Tucker 372c8fbe9b - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg 
introduced during sync.
 2005-09-29 22:01:10 +10:00
Darren Tucker 7b1e695846 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from 
PAM via keyboard-interactive.  Patch tested by the folks at Vintela.
 2005-09-28 22:33:27 +10:00
Darren Tucker 46e7ba5d53 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency 2005-09-28 08:26:30 +10:00
Darren Tucker c6f8219e0d - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed 
process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@
 2005-09-27 22:46:32 +10:00
Darren Tucker f1377bdeed - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid 
calls, since they can't possibly fail.  ok djm@
 2005-09-27 19:50:25 +10:00
Darren Tucker d3eff2bfa5 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove 
duplicate call.  ok djm@
 2005-09-24 12:43:51 +10:00
Darren Tucker 82171c6607 - (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at 
shillest.net.
 2005-09-22 20:19:54 +10:00
Darren Tucker c373a56343 - (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from 
skeleten at shillest.net.
 2005-09-22 20:15:08 +10:00
Tim Rice 542f62b9d2 remove acconfig.h 2005-09-19 09:36:55 -07:00
Tim Rice 7df8d39a5f - (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to 
AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
 2005-09-19 09:33:39 -07:00
Tim Rice fd9e9e3ba6 - (tim) [configure.ac] Bug 1078. Fix --without-kerberos5. Reported by 
Mike Frysinger.
 2005-09-12 17:36:10 -07:00
Tim Rice 64ead485ac - (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to 
OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
 2005-09-08 21:56:33 -07:00
Damien Miller c8ab8ceacb - (djm) Update RPM spec file versions 2005-09-01 19:10:48 +10:00
Tim Rice 66fd217e8e - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c 
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
   libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
   Feedback and OK dtucker@
 2005-08-31 09:59:49 -07:00
Darren Tucker d0a47cd243 - (dtucker) [README] Update release note URL to 4.2 2005-09-01 00:05:56 +10:00
Damien Miller ae37959bfb - markus@cvs.openbsd.org 2005/08/31 09:28:42 
[version.h]
     4.2
 2005-08-31 19:47:07 +10:00
Damien Miller da9984fc3a - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2005/08/30 22:08:05
     [gss-serv.c sshconnect2.c]
     destroy credentials if krb5_kuserok() call fails. Stops credentials being
     delegated to users who are not authorised for GSSAPIAuthentication when
     GSSAPIDeletegateCredentials=yes and another authentication mechanism
     succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by
     simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@
 2005-08-31 19:46:26 +10:00