Commit Graph

314 Commits

Author SHA1 Message Date
Damien Miller 942da039d2 - (djm) OpenBSD CVS changes:
- markus@cvs.openbsd.org  2000/07/22 03:14:37
     [servconf.c servconf.h sshd.8 sshd.c sshd_config]
     random early drop; ok theo, niels
   - deraadt@cvs.openbsd.org 2000/07/26 11:46:51
     [ssh.1]
     typo
   - deraadt@cvs.openbsd.org 2000/08/01 11:46:11
     [sshd.8]
     many fixes from pepper@mail.reppep.com
   - provos@cvs.openbsd.org  2000/08/01 13:01:42
     [Makefile.in util.c aux.c]
     rename aux.c to util.c to help with cygwin port
   - deraadt@cvs.openbsd.org 2000/08/02 00:23:31
     [authfd.c]
     correct sun_len; Alexander@Leidinger.net
   - provos@cvs.openbsd.org  2000/08/02 10:27:17
     [readconf.c sshd.8]
     disable kerberos authentication by default
   - provos@cvs.openbsd.org  2000/08/02 11:27:05
     [sshd.8 readconf.c auth-krb4.c]
     disallow kerberos authentication if we can't verify the TGT; from
     dugsong@
     kerberos authentication is on by default only if you have a srvtab.
   - markus@cvs.openbsd.org  2000/08/04 14:30:07
     [auth.c]
     unused
   - markus@cvs.openbsd.org  2000/08/04 14:30:35
     [sshd_config]
     MaxStartups
   - markus@cvs.openbsd.org  2000/08/15 13:20:46
     [authfd.c]
     cleanup; ok niels@
   - markus@cvs.openbsd.org  2000/08/17 14:05:10
     [session.c]
     cleanup login(1)-like jobs, no duplicate utmp entries
   - markus@cvs.openbsd.org  2000/08/17 14:06:34
     [session.c sshd.8 sshd.c]
      sshd -u len, similar to telnetd
2000-08-18 13:59:06 +10:00
Damien Miller 11fa2cc383 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
- (djm) Fix strerror replacement for old SunOS. Based on patch from
   Charles Levert <charles@comm.polymtl.ca>
 - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
   implementation.
2000-08-16 10:35:58 +10:00
Damien Miller e477ef6529 - (djm) Don't seek in directory based lastlogs
- (djm) Fix --with-ipaddr-display configure option test. Patch from
   Jarno Huuskonen <jhuuskon@messi.uku.fi>
2000-08-15 10:21:17 +10:00
Damien Miller 348c9b7a95 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> 2000-08-15 10:01:22 +10:00
Damien Miller 36ccb5c4f3 - (djm) utmp direct write & SunOS 4 patch from Charles Levert
<charles@comm.polymtl.ca>
2000-08-09 16:34:27 +10:00
Damien Miller ecbb26d3d4 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
- Include floatingpoint.h for entropy.c
   - strerror replacement
2000-07-15 14:59:14 +10:00
Damien Miller b2dc28e9c8 - (djm) Remove libsocket from ReliantUnix link list (avoids warning).
Patch from Udo Schweigert <ust@cert.siemens.de>
2000-07-12 09:18:33 +10:00
Damien Miller 3077fb9e6b - (djm) Add strsep function from OpenBSD libc for systems that lack it 2000-07-11 21:34:34 +10:00
Damien Miller 3b9734c700 - (djm) Added bsd-inet_aton and configure support for NeXT 2000-07-11 14:54:22 +10:00
Damien Miller 2ae714f44a - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> 2000-07-11 09:29:50 +10:00
Damien Miller 5fc8565d20 - (djm) AIX getuserattr() session initialisation from Tom Bertelson
<tbert@abac.com>
2000-07-09 23:53:07 +10:00
Damien Miller 31abc9addb - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
Including sigaction() et al. replacements
2000-07-09 23:26:27 +10:00
Damien Miller 4e99720563 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from
Kevin Steves <stevesk@sweden.hp.com>
2000-07-09 21:21:52 +10:00
Damien Miller 90dcc0590d - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-07-08 10:17:40 +10:00
Damien Miller cb170cb225 - (djm) Added check for broken snprintf() functions which do not correctly
terminate output string and attempt to use replacement.
2000-07-01 16:52:55 +10:00
Damien Miller 8e81ed3081 - (djm) Login fixes from Tom Bertelson <tbert@abac.com> 2000-07-01 13:17:42 +10:00
Damien Miller b8c656e744 - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
support. Enable using "USE_SIA=1 ./configure [options]"
2000-06-28 15:22:41 +10:00
Damien Miller 91606b17d2 - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
Irix 6.x array sessions, project id's, and system audit trail id.
2000-06-28 08:22:29 +10:00
Damien Miller 1f335fb8d8 - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
- (djm) Added password expiry checking (no password change support)
2000-06-26 11:31:33 +10:00
Damien Miller b54b40ef06 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
Svante Signell <svante.signell@telia.com>
 - (djm) Autoconf logic to define sa_family_t if it is missing
2000-06-23 08:23:34 +10:00
Damien Miller edb82929fa - (djm) Replace use of '-o' and '-a' logical operators in configure tests
with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
   to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
2000-06-20 13:25:52 +10:00
andre 43ca7e200a Line up 'configure --help' output 2000-06-19 08:23:46 +00:00
Damien Miller 0f91b4e3a1 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support 2000-06-18 15:43:25 +10:00
Damien Miller 7b22d65034 - (djm) Add summary of configure options to end of ./configure run
- (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
   Michael Stone <mstone@cs.loyola.edu>
 - (djm) rusage is a privileged operation on some Unices (incl.
   Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
 - (djm) Avoid PAM failures when running without a TTY. Report from
   Martin Petrak <petrak@spsknm.schools.sk>
 - (djm) Include sys/types.h when including netinet/in.h in configure tests.
   Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
2000-06-18 14:07:04 +10:00
Damien Miller 1a13225d87 - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
<P.S.S.Camp@ukc.ac.uk>
2000-06-13 21:23:17 +10:00
Damien Miller a66626b2d5 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
- Platform define for SCO 3.x which breaks on /dev/ptmx
  - Detect and try to fix missing MAXPATHLEN
2000-06-13 18:57:53 +10:00
andre 45cad51c70 Stop lastlog detection setting DISABLE_LASTLOG - this flag means
'never even try to get the last login time', whereas we want to try to
use wtmp/wtmpx unless told otherwise. See loginrec.c:getlast_entry().
2000-06-12 23:27:31 +00:00
andre e441aa3e21 Added catman defines for AIX (Tom Bertelson <tbert@abac.com>)
Fixed errant comma (Tom Bertelson <tbert@abac.com>)
2000-06-12 22:34:38 +00:00
Damien Miller c29de955f4 - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> 2000-06-12 23:04:18 +10:00
Damien Miller a1cb64484e - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
(in favour of utmpx) on Solaris 8
2000-06-09 11:58:35 +10:00
Damien Miller 14c12cb000 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
list of commands (by default). Removed verbose debugging (by default).
 - (djm) Increased command entropy estimates and default entropy collection
   timeout
2000-06-07 22:20:23 +10:00
Damien Miller 9e11089afb - (djm) Don't add /usr/local/lib to library search path on Irix 2000-06-07 21:05:46 +10:00
Damien Miller e37bfc19f7 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
configure.
2000-06-05 09:37:43 +10:00
Damien Miller 2994e0891b - Configure tweaking for new login code on Irix 5.3 2000-06-04 15:51:47 +10:00
andre 60f3c983cc Disable lastlog for AIX, as it's handled by the OS as part of the login
message
2000-06-03 16:18:19 +00:00
andre 2ff7b5d028 Added new login recording code
Added test program for login code (make logintest)
2000-06-03 14:57:40 +00:00
Damien Miller 1c77392bce - Rewrote bsd-login to use proper utmp API if available. Major cleanup
of fallback DIY code.
2000-05-31 13:57:18 +10:00
Damien Miller be260a0f0d - Define atexit for old Solaris 2000-05-30 12:57:46 +10:00
Damien Miller fda78d9bd0 - HPUX and Configure fixes from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
 - Use mkinstalldirs script to make directories instead of non-portable
   "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-20 15:33:44 +10:00
Damien Miller dfc83f42eb - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> 2000-05-20 15:02:59 +10:00
Damien Miller ad1bc5f986 - Don't touch utmp if USE_UTMPX defined 2000-05-20 14:53:09 +10:00
Damien Miller 3b512e18dc - Detect OpenSSL seperatly from RSA
- Better test for RSA (more compatible with RSAref). Based on work by
   Ed Eden <ede370@stl.rural.usda.gov>
2000-05-17 23:29:18 +10:00
Damien Miller 615f939ebb - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
- INSTALL typo and URL fix
  - Makefile fix
  - Solaris fixes
 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
   <ksakai@kso.netwk.ntt-at.co.jp>
2000-05-17 22:53:33 +10:00
Damien Miller 0e65eed58a - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> 2000-05-17 22:16:05 +10:00
Damien Miller d2c208a2d3 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix 2000-05-17 22:00:02 +10:00
Damien Miller 8d1fd57a97 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
- Fixes command line printing segfaults (spotter: Bladt Norbert)
  - Fixes erroneous printing of debug messages to syslog
  - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
  - Gives useful error message if PRNG initialisation fails
  - Reduced ssh startup delay
  - Measures cumulative command time rather than the time between reads
	 after select()
  - 'fixprogs' perl script to eliminate non-working entropy commands, and
	 optionally run 'ent' to measure command entropy
2000-05-17 21:34:07 +10:00
Damien Miller 61e50f10c2 - Configure caching and cleanup patch from Andre Lucas'
<andre.lucas@dial.pipex.com>
2000-05-08 20:49:37 +10:00
Damien Miller e247cc402b - Remove references to SSLeay.
- Big OpenBSD CVS update
  - markus@cvs.openbsd.org
    [clientloop.c]
    - typo
    [session.c]
    - update proctitle on pty alloc/dealloc, e.g. w/ windows client
    [session.c]
    - update proctitle for proto 1, too
    [channels.h nchan.c serverloop.c session.c sshd.c]
    - use c-style comments
  - deraadt@cvs.openbsd.org
    [scp.c]
    - more atomicio
  - markus@cvs.openbsd.org
    [channels.c]
    - set O_NONBLOCK
    [ssh.1]
    - update AUTHOR
    [readconf.c ssh-keygen.c ssh.h]
    - default DSA key file ~/.ssh/id_dsa
    [clientloop.c]
    - typo, rm verbose debug
  - deraadt@cvs.openbsd.org
    [ssh-keygen.1]
    - document DSA use of ssh-keygen
    [sshd.8]
    - a start at describing what i understand of the DSA side
    [ssh-keygen.1]
    - document -X and -x
    [ssh-keygen.c]
    - simplify usage
  - markus@cvs.openbsd.org
    [sshd.8]
    - there is no rhosts_dsa
    [ssh-keygen.1]
    - document -y, update -X,-x
    [nchan.c]
    - fix close for non-open ssh1 channels
    [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
    - s/DsaKey/HostDSAKey/, document option
    [sshconnect2.c]
    - respect number_of_password_prompts
    [channels.c channels.h servconf.c servconf.h session.c sshd.8]
    - GatewayPorts for sshd, ok deraadt@
    [ssh-add.1 ssh-agent.1 ssh.1]
    - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
    [ssh.1]
    - more info on proto 2
    [sshd.8]
    - sync AUTHOR w/ ssh.1
    [key.c key.h sshconnect.c]
    - print key type when talking about host keys
    [packet.c]
    - clear padding in ssh2
    [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
    - replace broken uuencode w/ libc b64_ntop
    [auth2.c]
    - log failure before sending the reply
    [key.c radix.c uuencode.c]
    - remote trailing comments before calling __b64_pton
    [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
    [sshconnect2.c sshd.8]
    - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 12:03:14 +10:00
Damien Miller 0437b33e54 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
gathering commands from a text file
2000-05-02 09:56:41 +10:00
Damien Miller fc0b11b5aa - Irix portability fixes - don't include netinet headers more than once
- Make sure we don't save PRNG seed more than once
2000-05-02 00:03:55 +10:00
Damien Miller e59ce627a4 - Include missing headers for OpenSSL tests. Fix from Phil Karn
<karn@ka9q.ampr.org>
2000-05-01 20:54:17 +10:00
Damien Miller 4018c1985d - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
patch.
   - Adds timeout to entropy collection
   - Disables slow entropy sources
   - Load and save seed file
 - Changed entropy seed code to user per-user seeds only (server seed is
   saved in root's .ssh directory)
 - Use atexit() and fatal cleanups to save seed on exit
2000-04-30 09:30:44 +10:00
Damien Miller 1bead335d7 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> 2000-04-30 00:47:29 +10:00
Damien Miller 8117111a3c - Define __progname in session.c if libc doesn't
- Remove indentation on autoconf #include statements to avoid bug in
   DEC Tru64 compiler. Report and fix from David Del Piero
   <David.DelPiero@qed.qld.gov.au>
2000-04-23 11:14:01 +10:00
Damien Miller d0cff3ecc4 - Merge fixes from Debian patch from Phil Hands <phil@hands.com>
- Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
  - Use vhangup to clean up Linux ttys
  - Force posix getopt processing on GNU libc systems
2000-04-20 23:12:58 +10:00
Damien Miller 5f05637b0e - Reduce diff against OpenBSD source
- All OpenSSL includes are now unconditionally referenced as
     openssl/foo.h
   - Pick up formatting changes
   - Other minor changed (typecasts, etc) that I missed
2000-04-16 12:31:48 +10:00
Damien Miller 11e37f638d - Only set define entropy collection macros if they are found 2000-04-08 18:23:30 +10:00
Damien Miller 193ba88dd6 - Add tests for RAND_add function when searching for OpenSSL 2000-04-04 10:21:09 +10:00
Damien Miller 70494d18ee - Disable tests and typedefs for 64 bit types. They are currently unused. 2000-04-03 15:57:06 +10:00
Damien Miller 040f3831fc - Wrote entropy collection routines for systems that lack /dev/random
and EGD
2000-04-03 14:50:43 +10:00
Damien Miller a208e57269 Test RSA_private_decrypt when searching for OpenSSL 2000-03-26 12:07:15 +10:00
Damien Miller d6121d2972 - Checks for 64 bit int types. Problem report from Mats Fredholm
<matsf@init.se>
2000-03-17 23:26:46 +11:00
Damien Miller 29ea30d956 - Clarified --with-default-path option.
- Added -blibpath handling for AIX to work around stupid runtime linking.
   Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
   <jmknoble@pobox.com>
2000-03-17 10:54:15 +11:00
Damien Miller 166bd448c9 - Propogate LD through to Makefile 2000-03-16 10:48:25 +11:00
Damien Miller 08c788a9b3 - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
Hesprich <dghespri@sprintparanet.com>
2000-03-16 07:52:29 +11:00
Damien Miller 856799ba27 - Configure fix from Bratislav ILICH <bilic@zepter.ru> 2000-03-15 21:18:10 +11:00
Damien Miller 8b1c22b775 - Created contrib/ subdirectory. Included helpers from Phil Hands'
Debian package, README file and chroot patch from Ricardo Cerqueira
   <rmcc@clix.pt>
 - Moved gnome-ssh-askpass.c to contrib directory and reomved config
   option.
 - Slight cleanup to doc files
2000-03-15 12:13:01 +11:00
Damien Miller a1ad4802ff - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
problems with gcc/Solaris.
2000-03-15 10:04:54 +11:00
Damien Miller 086b171730 *** empty log message *** 2000-03-14 14:52:19 +11:00
Damien Miller db819595d3 - Include /usr/local/include and /usr/local/lib for systems that don't
do it themselves
 - -R/usr/local/lib for Solaris
 - Fix RSAref detection
 - Fix IN6_IS_ADDR_V4MAPPED macro
2000-03-14 13:44:01 +11:00
Damien Miller 7bcb089ef7 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> 2000-03-11 20:45:40 +11:00
Damien Miller d58b3abe0e More config fixes 2000-03-11 20:05:11 +11:00
Damien Miller b85dcad762 - Detect RSAref 2000-03-11 11:37:00 +11:00
Damien Miller 8f975b6a18 - Removed warning workaround for Linux and devpts filesystems (no longer
required after OpenBSD updates)
2000-03-09 22:31:13 +11:00
Damien Miller 1a07ebd4d8 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> 2000-03-08 09:03:44 +11:00
Damien Miller 65165f8d83 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
Mate Wierdl <mw@moni.msci.memphis.edu>
2000-03-05 17:02:45 +11:00
Damien Miller 9fb07e4b8b - Check for getpagesize in libucb.a if not found in libc. Fix for old
Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
2000-03-05 16:22:59 +11:00
Damien Miller fac99cd12a - Explicitly seed OpenSSL's PRNG before checking rsa_alive() 2000-03-05 16:10:45 +11:00
Damien Miller 204ad074e5 - Warning was valid - possible race condition on PTYs. Avoided using
platform-specific code.
 - Document some common problems
2000-03-02 23:56:12 +11:00
Damien Miller a22ba0152c - Big cleanup of autoconf code
- Rearranged to be a little more logical
   - Added -R option for Solaris
   - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
     to detect library and header location _and_ ensure library has proper
     RSA support built in (this is a problem with OpenSSL 0.9.5).
2000-03-02 23:09:20 +11:00
Damien Miller 36143d7851 - Removed SOCKS code. Will support through a ProxyCommand. 2000-02-07 13:20:26 +11:00
Damien Miller 0c0e4bfe3c - Add --with-ssl-dir option 2000-02-03 13:58:51 +11:00
Damien Miller c85f9b4851 - Added note in UPGRADING re interop with commercial SSH using idea.
Report from Jim Knoble <jmknoble@pobox.com>
 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp
   <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-29 10:20:21 +11:00
Damien Miller 27f4c78698 - NeXT keeps it lastlog in /usr/adm. Report from
mouring@newton.pconline.com
2000-01-27 18:22:13 +11:00
Damien Miller 0e1cf7caa7 - Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
 - New URL for x11-ssh-askpass.
2000-01-26 12:15:30 +11:00
Damien Miller 1fa154bb1e - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
2000-01-23 10:32:03 +11:00
Damien Miller 0727893340 - Make IPv4 use the default in RPM packages
- Irix uses preformatted manpages
2000-01-22 14:05:37 +11:00
Damien Miller 670a4b8554 - Merge preformatted manpage patch from Andre Lucas
<andre.lucas@dial.pipex.com>
2000-01-22 13:53:11 +11:00
Damien Miller ee1c0b3d3b - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
Christos Zoulas <christos@netbsd.org>
2000-01-21 00:18:15 +11:00
Damien Miller eca71f84cb - Don't use getaddrinfo on AIX 2000-01-20 22:38:27 +11:00
Damien Miller 7d80e3484b - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
addresses using getaddrinfo(). Added a configure switch to make the
   default lookup mode AF_INET
2000-01-19 14:36:49 +11:00
Damien Miller eaf9994f7e - SCO compile fixes from Gary E. Miller <gem@rellim.com> 2000-01-19 13:45:07 +11:00
Damien Miller e0f4574cd0 - Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
2000-01-18 09:12:06 +11:00
Damien Miller dbd250f8ab - Fixed --with-pid-dir option 2000-01-18 08:57:14 +11:00
Damien Miller b13c73e385 - Substitute PID directory in sshd.8. Suggestion from Andrew
Stribblehill <a.d.stribblehill@durham.ac.uk>
2000-01-17 22:02:17 +11:00
Damien Miller 6640995be8 - Patch from Christos Zoulas <christos@zoulas.com>
- Try $prefix first when looking for OpenSSL.
   - Include sys/types.h when including sys/socket.h in test programs
2000-01-17 21:40:06 +11:00
Damien Miller d426ed6e51 - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
<jhuuskon@hytti.uku.fi>
2000-01-17 19:22:36 +11:00
Damien Miller 834171ebca - Revert __snprintf -> snprintf aliasing. Apparently Solaris
__snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
2000-01-17 09:59:41 +11:00
Damien Miller 62a52ef08d - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
- Fixed broken bugfix for /dev/ptmx on Linux systems which lack
   openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
2000-01-16 23:03:56 +11:00
Damien Miller 5eed6a2d71 - Renamed --with-xauth-path to --with-xauth
- Added --with-pid-dir option
 - Released 1.2.1pre26
2000-01-16 12:05:18 +11:00
Damien Miller b29ea913cd - Add --with-xauth-path configure directive and explicit test for
/usr/openwin/bin/xauth for Solaris systems. Report from Anders
   Nordby <anders@fix.no>
 - Fix incorrect detection of /dev/ptmx on Linux systems that lack
   openpty. Report from John Seifarth <john@waw.be>
 - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
   sys/types.h. Fixes problems on SCO, report from Gary E. Miller
   <gem@rellim.com>
 - Use __snprintf and __vnsprintf if they are found where snprintf and
   vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
   and others.
2000-01-15 14:12:03 +11:00
Damien Miller 34132e54cb - Merged OpenBSD IPv6 patch:
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
     [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
     [hostfile.c sshd_config]
     ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
     features: sshd allows multiple ListenAddress and Port options. note
     that libwrap is not IPv6-ready. (based on patches from
     fujiwara@rcac.tdi.co.jp)
   - [ssh.c canohost.c]
     more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
     from itojun@
   - [channels.c]
     listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
   - [packet.h]
     allow auth-kerberos for IPv4 only
   - [scp.1 sshd.8 servconf.h scp.c]
     document -4, -6, and 'ssh -L 2022/::1/22'
   - [ssh.c]
     'ssh @host' is illegal (null user name), from
     karsten@gedankenpolizei.de
   - [sshconnect.c]
     better error message
   - [sshd.c]
     allow auth-kerberos for IPv4 only
 - Big IPv6 merge:
   - Cleanup overrun in sockaddr copying on RHL 6.1
   - Replacements for getaddrinfo, getnameinfo, etc based on versions
     from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
   - Replacement for missing structures on systems that lack IPv6
   - record_login needed to know about AF_INET6 addresses
   - Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
Damien Miller 75b1d106d7 - Solaris build fix from Gary E. Miller <gem@rellim.com> 2000-01-07 14:01:41 +11:00
Damien Miller 105b7f073a - Better KrbIV / AFS detection, based on patch from:
Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-07 08:45:55 +11:00
Damien Miller 1808f38e04 - Fixed annoying DES corruption problem. libcrypt has been
overriding symbols in libcrypto. Removed libcrypt and crypt.h
   altogether (libcrypto includes its own crypt(1) replacement)
 - Added platform-specific rules for Irix 6.x. Included warning that
   they are untested.
2000-01-06 12:03:12 +11:00
Damien Miller 6b85a7ffa6 - Added support for directory-based lastlogs
- Really fix typedefs, patch from Ben Taylor <bent@clark.net>
 - Prevent multiple inclusion of config.h and defines.h. Suggested
   by Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-02 11:45:33 +11:00
Damien Miller aa7b64d98a - Remove test for quad_t. No longer needed. 1999-12-31 09:55:34 +11:00
Damien Miller e7f626c8f1 - Really fix broken default path. Fix from Jim Knoble
<jmknoble@pobox.com>
1999-12-31 09:49:44 +11:00
Damien Miller 3131d8bc71 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
<iretd@bigfoot.com>
1999-12-31 09:42:24 +11:00
Damien Miller f3e8be87eb - Fix broken autoconf typedef detection. Report from Marc G.
Fournier <marc.fournier@acadiau.ca>
1999-12-31 08:59:04 +11:00
Damien Miller 8bdeee25f8 - Merged Dante SOCKS support patch from David Rankin
<drankin@bohemians.lexington.ky.us>
 - Updated documentation with ./configure options
1999-12-30 15:50:54 +11:00
Damien Miller 9505851f31 - Detect missing size_t and typedef it. 1999-12-29 10:36:45 +11:00
Damien Miller d00d1611e4 - Print whether OpenSSH was compiled with RSARef, patch from
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
1999-12-29 10:17:09 +11:00
Damien Miller e79334a2b0 - Autodetect perl, patch from David Rankin
<drankin@bohemians.lexington.ky.us>
1999-12-29 10:03:37 +11:00
Damien Miller 9550a76c37 - Applied another NetBSD portability patch from David Rankin
<drankin@bohemians.lexington.ky.us>
 - Fix --with-default-path option.
1999-12-29 02:32:22 +11:00
Damien Miller 74d0d4a3d9 - Merged AIX patch from Darren Hall <dhall@virage.org>
- Cleaned up defines.h
1999-12-29 02:24:35 +11:00
Damien Miller beb4ba5a68 - Portability fixes for Irix 5.3 (now compiles OK!)
- autoconf and other misc cleanups
1999-12-28 15:09:35 +11:00
Damien Miller 4ff2b9bf42 - NetBSD login.c compile fix from David Rankin
<drankin@bohemians.lexington.ky.us>
 - Fully set ut_tv if present in utmp or utmpx
1999-12-28 10:41:12 +11:00
Damien Miller 13bc0be2b6 - Replacement for getpagesize() for systems which lack it 1999-12-28 10:19:16 +11:00
Damien Miller 5a3e68382d - Added --with-default-path to specify custom path for server
- Removed #ifdef trickery from acconfig.h into defines.h
1999-12-27 09:48:56 +11:00
Damien Miller 32b3cf2c96 19991226
- Enabled utmpx support by default for Solaris
 - Cleanup sshd.c PAM a little more

19991225
 - Merged fixes from Ben Taylor <bent@clark.net>
 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
 - Disabled logging of PAM password authentication failures when password
   is empty. (e.g start of authentication loop). Reported by Naz
   <96na@eng.cam.ac.uk>)
1999-12-26 10:21:48 +11:00
Damien Miller 2e1b082dfb - Prepare for 1.2.1pre20
19991225
 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
 - Cleanup of auth-passwd.c for shadow and MD5 passwords
 - Cleanup and bugfix of PAM authentication code

19991223
 - Merged later HPUX patch from Andre Lucas
   <andre.lucas@dial.pipex.com>
 - Above patch included better utmpx support from Ben Taylor
   <bent@clark.net>:
1999-12-25 10:11:29 +11:00
Damien Miller 76112de734 - Integration of large HPUX patch from Andre Lucas
<andre.lucas@dial.pipex.com>. Integrating it had a few other
   benefits:
   - Ability to disable shadow passwords at configure time
   - Ability to disable lastlog support at configure time
   - Support for IP address in $DISPLAY
1999-12-21 11:18:08 +11:00
Damien Miller 368cf64d5c Made utmpx optional 1999-12-21 09:51:36 +11:00
Damien Miller 3b9d5e993a - Added better test for inline functions compiler support from
Darren_Hall@progressive.com
1999-12-15 09:34:31 +11:00
Damien Miller 84093e9d74 - Integrated patchs from Juergen Keil <jk@tools.de>
- Avoid void* pointer arithmatic
   - Use LDFLAGS correctly
1999-12-15 09:06:28 +11:00
Damien Miller 6ae00d6c96 - Some older systems don't have poll.h, they use sys/poll.h instead
- Doc updates
1999-12-14 15:43:03 +11:00
Damien Miller c6b3bbe2b9 - Fix compilation on systems with AFS. Reported by
aloomis@glue.umd.edu
 - Fix installation on Solaris. Reported by
   Gordon Rowell <gordonr@gormand.com.au>
 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
   patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
 - Compile fix from David Agraz <dagraz@jahoopa.com>
 - Avoid compiler warning in bsd-snprintf.c
 - Added pam_limits.so to default PAM config. Suggested by
   Jim Knoble <jmknoble@pobox.com>
1999-12-13 08:27:33 +11:00
Damien Miller d7f6615e78 - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
to fix libwrap support on NetBSD
1999-12-09 10:48:58 +11:00
Damien Miller bf1c9b2012 - Import of patch from Ben Taylor <bent@clark.net>:
- Improved PAM support
   - "uninstall" rule for Makefile
   - utmpx support
   - Should fix PAM problems on Solaris
1999-12-09 10:16:54 +11:00
Damien Miller fce1648681 - Compile fix for Solaris with /dev/ptmx from
David Agraz <dagraz@jahoopa.com>
1999-12-08 08:53:52 +11:00
Damien Miller 037a0dc083 - Merged more OpenBSD changes:
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
     move atomicio into it's own file.  wrap all socket write()s which
     were doing write(sock, buf, len) != len, with atomicio() calls.
   - [auth-skey.c]
     fd leak
   - [authfile.c]
     properly name fd variable
   - [channels.c]
     display great hatred towards strcpy
   - [pty.c pty.h sshd.c]
     use openpty() if it exists (it does on BSD4_4)
   - [tildexpand.c]
     check for ~ expansion past MAXPATHLEN
 - Modified helper.c to use new atomicio function.
 - Reformat Makefile a little
 - Moved RC4 routines from rc4.[ch] into helper.c
 - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
1999-12-07 15:38:31 +11:00
Damien Miller 42b81ffe7d - Add definition for __P()
- Added [v]snprintf() replacement for systems that lack it
1999-11-26 12:21:24 +11:00
Damien Miller 98ac007ad9 Removed old with-askpass option 1999-11-25 13:19:55 +11:00
Damien Miller 063fdf8275 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> 1999-11-25 13:08:31 +11:00
Damien Miller d8087f62d6 - Added BSD compatible install program and autoconf test, thanks to
Niels Kristian Bech Jensen <nkbj@image.dk>
 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
1999-11-25 12:31:26 +11:00
Damien Miller 95def09838 - Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
   - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
     [ssh.h sshd.8 sshd.c]
     syslog changes:
     * Unified Logmessage for all auth-types, for success and for failed
     * Standard connections get only ONE line in the LOG when level==LOG:
       Auth-attempts are logged only, if authentication is:
          a) successfull or
          b) with passwd or
          c) we had more than AUTH_FAIL_LOG failues
     * many log() became verbose()
     * old behaviour with level=VERBOSE
   - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
     tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
     messages. allows use of s/key in windows (ttssh, securecrt) and
     ssh-1.2.27 clients without 'ssh -v', ok: niels@
   - [sshd.8]
     -V, for fallback to openssh in SSH2 compatibility mode
   - [sshd.c]
     fix sigchld race; cjc5@po.cwru.edu
1999-11-25 00:26:21 +11:00
Damien Miller 3744b51918 - Numerous little Solaris fixes 1999-11-23 11:24:32 +11:00
Damien Miller f7c0f82cee - Configure, Make and changelog corrections from Tudor Bosman
<tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
1999-11-22 22:31:49 +11:00
Damien Miller d770252d3a - Added a setenv replacement for systems which lack it 1999-11-22 16:11:05 +11:00
Damien Miller 859cec0250 - Added autoconf test and macro to deal with old PAM libraries
pam_strerror definition (one arg vs two).
1999-11-22 14:27:24 +11:00
Damien Miller b3ca3aa12f - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
- Added timersum() macro
 - Tidy RCSIDs of bsd-*.c
1999-11-22 13:57:07 +11:00
Damien Miller c6398efcba - Merged more Solaris support from Marc G. Fournier
<marc.fournier@acadiau.ca>
 - Wrote autoconf tests for integer bit-types
 - Fixed enabling kerberos support
1999-11-20 12:18:40 +11:00
Damien Miller 36fb30f6dd Die if lastlog not found 1999-11-19 19:14:04 +11:00
Damien Miller dd1c7baf1a - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> 1999-11-19 15:53:20 +11:00
Damien Miller 04f801456a - Renamed BSD helper function files to bsd-*
- Added tests for login and daemon and OpenBSD replacements for when they
   are absent.
1999-11-19 15:32:34 +11:00
Damien Miller 8029775b77 - Added autoconf option to enable Kerberos 4 support (untested)
- Added autoconf option to enable AFS support (untested)
 - Added autoconf option to enable S/Key support (untested)
 - Added autoconf option to enable TCP wrappers support (compiles OK)
1999-11-19 13:03:25 +11:00
Damien Miller 4874c79a3a - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> 1999-11-16 13:29:26 +11:00
Damien Miller 3f905872b0 - Merged more Solaris compability from Marc G. Fournier
<marc.fournier@acadiau.ca>
 - Wrote autoconf tests for __progname symbol
1999-11-15 17:10:57 +11:00
Damien Miller 3bd49ec5c4 - Various small cleanups to bring diff (against OpenBSD) size down. 1999-11-15 15:40:55 +11:00
Damien Miller cedfecc99e Further cleanup of askpass autoconf support, enable GNOME askpass option
only if askpass has first been enabled.
1999-11-15 14:36:53 +11:00
Damien Miller d05a247953 - Merged OpenBSD CVS changes:
- [ssh-add.c] change passphrase loop logic and remove ref to
     $DISPLAY, ok niels
 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
   modular.
 - Revised autoconf support for enabling/disabling askpass support.
1999-11-15 14:25:30 +11:00
Damien Miller 0a6e668ac6 Solaris compile fixes 1999-11-15 09:56:06 +11:00
Damien Miller 2cb210f0f7 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
- Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
1999-11-13 15:40:10 +11:00
Damien Miller 06e42932b2 askpass install fix 1999-11-12 16:36:21 +11:00
Damien Miller 3d1b22c150 - Make ssh-askpass support optional through autoconf 1999-11-12 15:46:08 +11:00
Damien Miller 776af5de4f - Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
1999-11-12 08:49:09 +11:00
Damien Miller a82feb3f9f Error message when SSL libs not found
Fix RANDOM_POOL
1999-11-11 11:04:17 +11:00
Damien Miller ab18c412e6 - Added (untested) Entropy Gathering Daemon (EGD) support
- Merged several minor fixed:
   - ssh-agent commandline parsing
   - RPM spec file now installs ssh setuid root
   - Makefile creates libdir
   - Merged beginnings of Solaris compability from Marc G. Fournier
     <marc.fournier@acadiau.ca>
1999-11-11 10:40:23 +11:00
Damien Miller e0d444c4ba Added GNOME passphrase requester support 1999-11-09 14:23:45 +11:00
Damien Miller c7b38ceed6 - Autodetection of SSL/Crypto library location via autoconf
- Fixed location of ssh-askpass to follow autoconf
 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
 - Autodetection of RSAref library for US users
 - Minor doc updates
1999-11-09 10:28:04 +11:00
Damien Miller 356a0b004a Lots of changes:
- Removed lots of unnecessary checks from autoconf
 - Added support and autoconf test for openpty() function (Unix98 pty support)
 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
 - Added TODO file
 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
   - Added ssh-askpass program
   - Added ssh-askpass support to ssh-add.c
   - Create symlinks for slogin on install
   - Fix "distclean" target in makefile
   - Added example for ssh-agent to manpage
   - Added support for PAM_TEXT_INFO messages
   - Disable internal /etc/nologin support if PAM enabled
 - Merged latest OpenBSD CVS changes:
   - [sshd.c] don't send fail-msg but disconnect if too many authentication
     failures
   - [sshd.c] replace assert() with error, fatal or packet_disconnect
   - [sshd.c] remove unused argument. ok dugsong
   - [sshd.c] typo
   - [rsa.c] clear buffers used for encryption. ok: niels
   - [rsa.c] replace assert() with error, fatal or packet_disconnect
 - Fixed coredump after merge of OpenBSD rsa.c patch
1999-11-08 15:30:59 +11:00
Damien Miller 65b3c13132 - Removed redundant subdirectories
- Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
   building on Debian.
1999-10-29 12:37:01 +10:00
Damien Miller 7f6ea0264d - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
- Build fixes
   - Autoconf
   - Change binary names to open*

 - Fixed autoconf script to detect PAM on RH6.1
 - Added tests for libpwdb, and OpenBSD functions to autoconf (not used yet)
1999-10-28 13:25:17 +10:00