a8ed44b79e
- (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More
...
systems may be added later.
2003-01-10 09:53:12 +11:00
13b2e55c36
[scp.c] make compilers without long long happy.
2003-01-08 20:09:30 -08:00
458c6bfa10
[auth.c] declare today at top of allowed_user() to keep older compilers happy.
2003-01-08 20:04:27 -08:00
d0d7a8b27b
[Makefile.in configure.ac] replace fixpath with sed script. Patch by Mo DeJong.
2003-01-08 17:22:59 -08:00
2047b3bdf6
- (djm) Update README to reflect AIX's status as a well supported platform.
...
From dtucker@zip.com.au
2003-01-08 23:28:40 +11:00
6342180b7f
- fgsch@cvs.openbsd.org 2003/01/07 23:42:54
...
[sftp.1]
add version; from Nils Nordman <nino at nforced dot com> via markus@.
markus@ ok
2003-01-08 14:05:23 +11:00
770b374a68
- djm@cvs.openbsd.org 2003/01/06 23:51:22
...
[sftp-client.c]
Fix "get -p" download to not add user-write perm. mindrot bug #426
reported by gfernandez@livevault.com ; ok markus@
2003-01-08 14:04:53 +11:00
275295eb41
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/01/01 18:08:52
[channels.c]
move big output buffer messages to debug2
2003-01-08 14:04:09 +11:00
e77c17ee4a
- (djm) Avoid redundant xstrdup/xfree in auth2-pam.c. From Solar via markus@
2003-01-08 12:37:03 +11:00
13dd03a0e2
- (djm) Sync openbsd-compat/ with OpenBSD -current
2003-01-08 11:16:48 +11:00
06817f9cd3
- (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted by
...
dtucker@zip.com.au . Reorder for clarity too.
2003-01-07 23:55:59 +11:00
f25c18d7e8
- (djm) Bug #178 : On AIX /etc/nologin wasnt't shown to users. Fix from
...
Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au
2003-01-07 17:38:58 +11:00
b93addb6d6
- (djm) Bug #111 : Run syslog and stderr logging through strnvis to eliminate
...
nasties. Report from peak@argo.troja.mff.cuni.cz
2003-01-07 17:04:18 +11:00
7df881d20e
- (djm) Bug #110 : bogus error messages in lastlog_get_entry(). Fix based
...
on one by peak@argo.troja.mff.cuni.cz
2003-01-07 16:46:58 +11:00
64004b5566
- (djm) Fix Bug #442 for PAM case
2003-01-07 16:15:20 +11:00
e832819cf7
- (djm) Bug #26 : Use local mkstemp() rather than glibc's silly one. Fixes
...
Can't pass KRB4 TGT passing. Fix from: jan.iven@cern.ch
2003-01-07 15:18:32 +11:00
48cb8aa935
- (djm) Bug #442 : Check for and deny access to accounts with locked
...
passwords. Patch from dtucker@zip.com.au
2003-01-07 12:19:32 +11:00
5e4471e45a
- (djm) Bug #401 : Work around Linux breakage with IPv6 mapped addresses.
...
Based on fix from yoshfuji@linux-ipv6.org
2003-01-07 10:51:23 +11:00
dfedbf8e5a
- (djm) Bug #446 : Set LOGIN env var to pw_name on AIX. Patch from
...
mii@ornl.gov
2003-01-03 14:52:53 +11:00
02e16ad95f
- (djm) Bug #460 : Filling utmp[x]->ut_addr_v6 if present. Patch from
...
cjwatson@debian.org
2003-01-03 14:42:27 +11:00
8aff5cbed7
- (djm) Bug #461 : ssh-copy-id fails with no arguments. Patch from
...
cjwatson@debian.org
2003-01-03 14:34:06 +11:00
678ee51ff3
- (stevesk) [session.c sshlogin.c sshlogin.h] complete portable
...
parts of pass addrlen with sockaddr * fix.
from Hajimu UMEMOTO <ume@FreeBSD.org>
2003-01-01 23:43:55 +00:00
1b96cfb975
- (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since
...
we already did s/msg_send/ssh_msg_send/
2002-12-23 02:58:17 +00:00
40b9503563
- markus@cvs.openbsd.org 2002/12/13 15:20:52
...
[scp.c]
1) include stalling time in total time
2) truncate filenames to 45 instead of 20 characters
3) print rate instead of progress bar, no more stars
4) scale output to tty width
based on a patch from Niels; ok fries@ lebel@ fgs@ millert@
2002-12-23 02:53:08 +00:00
1d568f9fce
- markus@cvs.openbsd.org 2002/12/13 10:03:15
...
[channels.c misc.c sshconnect2.c]
cleanup debug messages, more useful information for the client user.
2002-12-23 02:44:36 +00:00
faa1ea8c20
- markus@cvs.openbsd.org 2002/12/10 19:47:14
...
[packet.c]
static
2002-12-23 02:42:52 +00:00
a743398d04
- markus@cvs.openbsd.org 2002/12/10 19:26:50
...
[packet.c]
move tos handling to packet_set_tos; ok provos/henning/deraadt
2002-12-23 02:41:41 +00:00
46767607e2
- markus@cvs.openbsd.org 2002/12/10 08:56:00
...
[session.c]
Make sure $SHELL points to the shell from the password file, even if shell
is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@
2002-12-23 02:26:08 +00:00
b9fa691819
- millert@cvs.openbsd.org 2002/12/09 16:50:30
...
[ssh.c]
Avoid setting optind to 0 as GNU getopt treats that like we do optreset.
markus@ OK
2002-12-23 02:24:54 +00:00
d576781829
- djm@cvs.openbsd.org 2002/12/06 05:20:02
...
[sftp.1]
Fix cut'n'paste error, spotted by matthias.riese@b-novative.de ; ok deraadt@
2002-12-23 02:23:37 +00:00
418e078378
- markus@cvs.openbsd.org 2002/12/05 11:08:35
...
[scp.c]
use roundup() similar to rcp/util.c and avoid problems with strange
filesystem block sizes, noted by tjr@freebsd.org ; ok djm@
2002-12-23 02:22:09 +00:00
611797ed15
- stevesk@cvs.openbsd.org 2002/12/04 04:36:47
...
[session.c]
remove xauth entries before add; PR 2994 from janjaap@stack.nl .
ok markus@
2002-12-23 02:15:57 +00:00
c276c1208e
- markus@cvs.openbsd.org 2002/11/27 17:53:35
...
[scp.c sftp.c ssh.c]
allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp;
http://bugzilla.mindrot.org/show_bug.cgi?id=447 ; ok mouring@, millert@
2002-12-23 02:14:51 +00:00
acaac975ca
- stevesk@cvs.openbsd.org 2002/11/26 02:38:54
...
[canohost.c]
KNF, comment and error message repair; ok markus@
2002-12-23 02:13:37 +00:00
9394d2fc0a
- stevesk@cvs.openbsd.org 2002/11/26 02:35:30
...
[ssh-keygen.1]
remove outdated statement; ok markus@ deraadt@
2002-12-23 02:11:54 +00:00
e7ee7fe602
- wcobb@cvs.openbsd.org 2002/11/26 00:45:03
...
[scp.c ssh-keygen.c]
Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default.
ok markus@
2002-12-23 02:11:02 +00:00
2594d9a06b
- stevesk@cvs.openbsd.org 2002/11/24 21:46:24
...
[ssh-keysign.8]
typo: "the the"
2002-12-23 02:09:59 +00:00
604dc72890
- markus@cvs.openbsd.org 2002/11/21 23:04:33
...
[ssh.c]
debug->debug2
2002-12-23 02:08:57 +00:00
93576d9538
- deraadt@cvs.openbsd.org 2002/11/21 23:03:51
...
[auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c
sshconnect.c]
KNF
2002-12-23 02:06:19 +00:00
064496feaa
- markus@cvs.openbsd.org 2002/11/21 22:45:31
...
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
debug->debug2, unify debug messages
2002-12-23 02:04:22 +00:00
1f53083fc4
- markus@cvs.openbsd.org 2002/11/21 22:22:50
...
[dh.c]
debug->debug2
2002-12-23 02:03:02 +00:00
f49dbff61d
- markus@cvs.openbsd.org 2002/11/18 16:43:44
...
[clientloop.c]
don't overwrite SIG{INT,QUIT,TERM} handler if set to SIG_IGN;
e.g. if ssh is used for backup; report Joerg Schilling; ok millert@
2002-12-23 02:01:55 +00:00
44adb8fed9
- fgsch@cvs.openbsd.org 2002/11/15 10:03:09
...
[authfile.c]
lseek(2) may return -1 when getting the public/private key lenght.
Simplify the code and check for errors using fstat(2).
Problem reported by Mauricio Sanchez, markus@ ok.
2002-12-23 02:00:23 +00:00
ab1c12a11c
- (djm) PERL-free fixpaths from stuge-openssh-unix-dev@cdy.org
2002-12-05 20:59:33 +11:00
1c9e688548
[configure.ac] fix STDPATH test for IRIX. First reported by advax@triumf.ca.
...
This type of solution tested by <herb@sgi.com>
2002-11-22 13:29:01 -08:00
be2396458e
[configure.ac] remove unused variables no_libsocket and no_libnsl
2002-11-13 15:55:55 -08:00
748fcf9881
[contrib/solaris/opensshd.in] add umask 022 so sshd.pid is not world writable.
2002-11-13 15:50:04 -08:00
f5397c081d
- (bal) AIX does not log login attempts for unknown users (bug #432 ).
...
patch by dtucker@zip.com.au
2002-11-09 16:11:10 +00:00
224313cdae
- (bal) Update ssh-host-config and minor rewrite of bsd-cygwin_util.c
...
ntsec now default if cygwin version beginning w/ version 56. Patch
by Corinna Vinschen <vinschen@redhat.com>
2002-11-09 15:59:27 +00:00
007eb912ea
- markus@cvs.openbsd.org 2002/11/07 22:35:38
...
[scp.c]
check exit status from ssh, and exit(1) if ssh fails; bug#369;
binder@arago.de
2002-11-09 15:54:08 +00:00
b6df73b06a
- markus@cvs.openbsd.org 2002/11/07 22:08:07
...
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
because HostbasedAuthentication might be enabled based on the
target host and ssh-keysign(8) does not know the remote hostname
and not trust ssh(1) about the hostname, so we add a new option
EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
2002-11-09 15:52:31 +00:00
c2faa4a504
- markus@cvs.openbsd.org 2002/11/07 16:28:47
...
[sshd.c]
log to stderr if -ie is given, bug #414 , prj@po.cwru.edu
2002-11-09 15:50:03 +00:00
8e879cf691
- markus@cvs.openbsd.org 2002/11/05 20:10:37
...
[sftp-client.c]
typo; GaryF@livevault.com
2002-11-09 15:48:49 +00:00
41ee2b0d77
- markus@cvs.openbsd.org 2002/11/05 19:45:20
...
[monitor.c]
handle overflows for size_t larger than u_int; siw@goneko.de , bug #425
2002-11-09 15:47:47 +00:00
9bda7ae4c6
- markus@cvs.openbsd.org 2002/11/04 10:09:51
...
[packet.c]
log before send disconnect; ok djm@
2002-11-09 15:46:24 +00:00
485075e8fa
- markus@cvs.openbsd.org 2002/11/04 10:07:53
...
[auth.c]
don't compare against pw_home if realpath fails for pw_home (seen
on AFS); ok djm@
2002-11-09 15:45:12 +00:00
ee844912c9
- markus@cvs.openbsd.org 2002/10/23 10:40:16
...
[bufaux.c]
%u for u_int
2002-11-09 15:43:23 +00:00
0cc2a47674
- markus@cvs.openbsd.org 2002/10/23 10:32:13
...
[packet.c]
use %u for u_int
2002-11-09 15:41:39 +00:00
0851381bf7
- itojun@cvs.openbsd.org 2002/10/16 14:31:48
...
[sftp-common.c]
64bit pedant. %llu is "unsigned long long". markus ok
2002-11-09 15:40:34 +00:00
885929cd31
fix changelog
2002-10-21 20:26:16 +10:00
7b3f58cbcd
- (djm) Bug #317 : FreeBSD needs libutil.h for openpty() Report from
...
dirk.meyer@dinoex.sub.org
2002-10-21 10:50:25 +10:00
5a5da88c59
- (djm) Kill ssh-rand-helper children on timeout, patch from
...
dtucker@zip.com.au
2002-10-21 10:13:35 +10:00
3e0064781b
- (bal) More advanced strsep test by Darren Tucker <dtucker@zip.com.au>
2002-10-16 00:24:03 +00:00
97e38d8667
20021015
...
- (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.
2002-10-16 00:13:52 +00:00
94f628f0ab
[contrib/caldera/openssh.spec] make ssh-agent setgid nobody
2002-10-15 13:16:55 -07:00
dc3c757f57
- (bal) Disable post-authentication Privsep for OSF/1. It conflicts with
...
SIA.
2002-10-04 23:54:54 +00:00
901119beab
- (djm) Bug #406 : s/msg_send/ssh_msg_send/ for Mac OS X 1.2
2002-10-04 11:10:04 +10:00
510d51300e
- (djm) Bump RPM spec version numbers
2002-10-03 11:56:58 +10:00
7156fc7da6
- markus@cvs.openbsd.org 2002/10/01 13:24:50
...
[version.h]
OpenSSH 3.5
2002-10-03 11:55:37 +10:00
af9de38c43
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/10/01 20:34:12
[ssh-agent.c]
allow root to access the agent, since there is no protection from root.
2002-10-03 11:54:35 +10:00
d8769625fb
- stevesk@cvs.openbsd.org 2002/09/27 15:46:21
...
[ssh.1]
clarify compression level protocol 1 only; ok markus@ deraadt@
2002-09-30 12:00:55 +10:00
e9264973ad
- (djm) OpenBSD CVS Sync
...
- mickey@cvs.openbsd.org 2002/09/27 10:42:09
[compat.c compat.h sshd.c]
add a generic match for a prober, such as sie big brother;
idea from stevesk@; markus@ ok
2002-09-30 11:59:21 +10:00
50f6123eef
- (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, tweak README
2002-09-30 10:40:39 +10:00
d94e549ea8
- markus@cvs.openbsd.org 2002/09/26 11:38:43
...
[auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h]
krb4 + privsep; ok dugsong@, deraadt@
2002-09-27 13:25:58 +10:00
d27a76de65
- markus@cvs.openbsd.org 2002/09/25 15:19:02
...
[sshd.c]
typo; pilot@monkey.org
2002-09-27 13:22:31 +10:00
d681d2602c
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/09/25 11:17:16
[sshd_config]
sync LoginGraceTime with default
2002-09-27 13:21:57 +10:00
81ed518b9b
Cray fixes (bug 367) based on patch from Wendy Palm @ cray.
...
This does not include the deattack.c fixes.
2002-09-25 17:38:46 -07:00
164725f40e
l) Fix issue where successfull login does not clear failure counts
...
in AIX. Patch by dtucker@zip.com.au ok by djm
2002-09-25 23:14:14 +00:00
dcbb6c2dc9
- todd@cvs.openbsd.org 2002/09/24 20:59:44
...
[sshd.8]
tweak the example $HOME/.ssh/rc script to not show on any cmdline the
sensitive data it handles. This fixes bug # 402 as reported by
kolya@mit.edu (Nickolai Zeldovich).
ok markus@ and stevesk@
2002-09-25 12:20:52 +10:00
ef73f50a12
- markus@cvs.openbsd.org 2002/09/24 08:46:04
...
[monitor.c]
only call kerberos code for authctxt->valid
2002-09-25 12:20:17 +10:00
7db40c9e2e
- markus@cvs.openbsd.org 2002/09/23 22:11:05
...
[monitor.c]
only call auth_krb5 if kerberos is enabled; ok deraadt@
2002-09-25 12:19:39 +10:00
b2f844dc51
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/23 20:46:27
[canohost.c]
change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for
non-sockets; fixes a problem passing NULL to snprintf(). ok markus@
2002-09-25 12:19:08 +10:00
2c961cecb0
[configure.ac] s/return/exit/ patch by dtucker@zip.com.au
...
From autoconf guidelines:
"Test programs should exit, not return, from main, because on some
systems (old Suns, at least) the argument to return in main is ignored."
2002-09-23 16:54:10 -07:00
6f0a188857
- stevesk@cvs.openbsd.org 2002/09/20 18:41:29
...
[auth.c]
log illegal user here for missing privsep case (ssh2).
this is executed in the monitor. ok markus@
2002-09-22 01:26:51 +10:00
16aed05578
- stevesk@cvs.openbsd.org 2002/09/19 16:03:15
...
[serverloop.c]
log IP address also; ok markus@
2002-09-22 01:26:27 +10:00
2138d152b2
- markus@cvs.openbsd.org 2002/09/19 15:51:23
...
[ssh-add.c]
typo; cd@kalkatraz.de
2002-09-22 01:26:00 +10:00
a0e4559d72
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/19 14:53:14
[compat.c]
2002-09-22 01:25:35 +10:00
8c4e18a6ec
- djm@cvs.openbsd.org 2002/09/19 01:58:18
...
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au ; ok markus@
2002-09-19 12:05:02 +10:00
9b037b837a
- itojun@cvs.openbsd.org 2002/09/17 07:47:02
...
[channels.c]
don't quit while creating X11 listening socket.
http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
got from portable. markus ok
2002-09-19 11:54:54 +10:00
86247e2798
- stevesk@cvs.openbsd.org 2002/09/16 22:03:13
...
[sshd.8]
reference moduli(5) in FILES /etc/moduli.
2002-09-19 11:51:53 +10:00
101c4a7bc9
- stevesk@cvs.openbsd.org 2002/09/16 20:12:11
...
[sshd_config.5]
more details on X11Forwarding security issues and threats; ok markus@
2002-09-19 11:51:21 +10:00
a6eb2b7f8e
- stevesk@cvs.openbsd.org 2002/09/16 19:55:33
...
[session.c]
log when _PATH_NOLOGIN exists; ok markus@
2002-09-19 11:50:48 +10:00
e1383cee9d
- stevesk@cvs.openbsd.org 2002/09/13 19:23:09
...
[channels.c sshconnect.c sshd.c]
remove use of SO_LINGER, it should not be needed. error check
SO_REUSEADDR. fixup comments. ok markus@
2002-09-19 11:49:37 +10:00
f37e246f85
- stevesk@cvs.openbsd.org 2002/09/12 19:50:36
...
[session.c ssh.1]
add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384 . ok markus@
2002-09-19 11:47:55 +10:00
db30b12d7b
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/12 19:11:52
[ssh-agent.c]
%u for uid print; ok markus@
2002-09-19 11:46:58 +10:00
10f3085137
- (djm) Made GNOME askpass programs return non-zero if cancel button is
...
pressed.
2002-09-12 14:49:00 +10:00
1d87176749
trim from 3.3p1 back (look in CVS for the full changelog)
2002-09-12 10:45:32 +10:00
9b481510bb
- (djm) Sync sys/tree.h with OpenBSD -current. Rename tree.h and
...
fake-queue.h to sys-tree.h and sys-queue.h
2002-09-12 10:43:29 +10:00
622accfdb7
- djm@cvs.openbsd.org 2002/09/12 00:13:06
...
[sftp-int.c]
zap unused var introduced in last commit
2002-09-12 10:34:13 +10:00
771721fa31
- (djm) Added getpeereid() replacement. Properly implemented for systems
...
with SO_PEERCRED support. Faked for systems which lack it.
2002-09-12 10:32:59 +10:00
e1a4981707
- djm@cvs.openbsd.org 2002/09/11 22:41:50
...
[sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h]
[sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c]
support for short/long listings and globbing in "ls"; ok markus@
2002-09-12 09:54:25 +10:00
789e95dbe9
- stevesk@cvs.openbsd.org 2002/09/11 18:27:26
...
[authfd.c authfd.h ssh.c]
don't connect to agent to test for presence if we've previously
connected; ok markus@
2002-09-12 09:52:46 +10:00
b5fdfaae13
- stevesk@cvs.openbsd.org 2002/09/11 17:55:03
...
[ssh.1]
add agent and X11 forwarding warning text from ssh_config.5; ok markus@
2002-09-12 09:52:03 +10:00
538f1819d8
- markus@cvs.openbsd.org 2002/09/10 20:24:47
...
[ssh-agent.c]
check the euid of the connecting process with getpeereid(2);
ok provos deraadt stevesk
2002-09-12 09:51:10 +10:00
a10f56151b
- markus@cvs.openbsd.org 2002/09/09 14:54:15
...
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
signed vs unsigned from -pedantic; ok henning@
2002-09-12 09:49:15 +10:00
25162f2518
- itojun@cvs.openbsd.org 2002/09/09 06:48:06
...
[auth1.c auth.h auth-krb5.c monitor.c monitor.h]
[monitor_wrap.c monitor_wrap.h]
kerberos support for privsep. confirmed to work by lha@stacken.kth.se
patch from markus
2002-09-12 09:47:29 +10:00
4d53d39b07
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/09/08 20:24:08
[hostfile.h]
no comma at end of enumerator list
2002-09-12 09:43:56 +10:00
71eb0c1550
- (djm) Sync openbsd-compat with OpenBSD -current
2002-09-11 10:29:11 +10:00
c34e03e471
- (djm) Bug #138 : Make protocol 1 blowfish work with old OpenSSL.
...
Patch from Robert Halubek <rob@adso.com.pl>
2002-09-10 22:26:17 +10:00
e9994cb4d7
- (djm) Bug #365 : Read /.ssh/environment properly under CygWin.
...
Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com>
2002-09-10 21:43:53 +10:00
005d4560ed
- (djm) Add support for building gtk2 password requestor from Redhat beta
2002-09-05 16:53:20 +10:00
44d5b60336
- (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from
...
Nalin Dahyabhai <nalin@redhat.com>
2002-09-05 16:46:24 +10:00
539983800d
- (djm) Merge openssh-TODO.patch from Redhat (null) beta
2002-09-05 16:32:02 +10:00
c13486300d
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/04 18:52:42
[servconf.c sshd.8 sshd_config.5]
default LoginGraceTime to 2m; 1m may be too short for slow systems.
ok markus@
2002-09-05 14:35:14 +10:00
fc93d4bd31
- (djm) Patch from itojun@ for Darwin OS: test getaddrinfo, reorder libcrypt
2002-09-04 23:26:29 +10:00
6b09792a55
- (djm) Fix Redhat RPM build dependancy test
2002-09-04 17:19:04 +10:00
05913badf3
- stevesk@cvs.openbsd.org 2002/08/29 22:54:10
...
[ssh_config.5 sshd_config.5]
state XAuthLocation is a full pathname
2002-09-04 16:51:03 +10:00
50b9a60082
- stevesk@cvs.openbsd.org 2002/08/29 19:49:42
...
[ssh.c]
shrink initial privilege bracket for setuid case; ok markus@
2002-09-04 16:50:06 +10:00
9b1dacdf2c
- stevesk@cvs.openbsd.org 2002/08/29 16:09:02
...
[ssh_config.5]
more on UsePrivilegedPort and setuid root; ok markus@
2002-09-04 16:47:35 +10:00
147bba3453
- stevesk@cvs.openbsd.org 2002/08/29 16:02:54
...
[ssh.1 ssh.c]
deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
2002-09-04 16:46:06 +10:00
ebc2306629
- stevesk@cvs.openbsd.org 2002/08/29 15:57:25
...
[monitor.c session.c sshlogin.c sshlogin.h]
pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org>
NOTE: there are also p-specific parts to this patch. ok markus@
2002-09-04 16:45:09 +10:00
af65304a3c
- stevesk@cvs.openbsd.org 2002/08/27 17:18:40
...
[ssh_config.5]
some warning text for ForwardAgent and ForwardX11; ok markus@
2002-09-04 16:40:37 +10:00
f7c2391d83
- stevesk@cvs.openbsd.org 2002/08/27 17:13:56
...
[ssh-rsa.c]
RSA_public_decrypt() returns -1 on error so len must be signed;
ok markus@
2002-09-04 16:39:48 +10:00
5a80bba86f
- markus@cvs.openbsd.org 2002/08/22 21:45:41
...
[session.c]
send signal name (not signal number) in "exit-signal" message; noticed
by galb@vandyke.com
2002-09-04 16:39:02 +10:00
de6f2de8ad
- markus@cvs.openbsd.org 2002/08/22 21:33:58
...
[auth1.c auth2.c]
auth_root_allowed() is handled by the monitor in the privsep case,
so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325
2002-09-04 16:37:26 +10:00
061d5b144f
- stevesk@cvs.openbsd.org 2002/08/22 20:57:19
...
[ssh-agent.c]
shutdown(SHUT_RDWR) not needed before close here; ok markus@
2002-09-04 16:33:31 +10:00
066928648b
- stevesk@cvs.openbsd.org 2002/08/22 19:38:42
...
[clientloop.c]
format with current EscapeChar; bugzilla #388 from wknox@mitre.org .
ok markus@
2002-09-04 16:32:10 +10:00
58f3486c74
- stevesk@cvs.openbsd.org 2002/08/22 19:27:53
...
[ssh-agent.c]
use common close function; ok markus@
2002-09-04 16:31:21 +10:00
4efdfff6ba
- stevesk@cvs.openbsd.org 2002/08/21 20:10:28
...
[ssh-agent.c]
raise listen backlog; ok markus@
2002-09-04 16:28:18 +10:00
f771ab75f0
- stevesk@cvs.openbsd.org 2002/08/21 19:38:06
...
[servconf.c sshd.8 sshd_config sshd_config.5]
change LoginGraceTime default to 1 minute; ok mouring@ markus@
2002-09-04 16:25:52 +10:00
b83df8d505
- espie@cvs.openbsd.org 2002/08/21 11:20:59
...
[sshd.8]
`RSA' updated to refer to `public key', where it matters.
okay markus@
2002-09-04 16:24:55 +10:00
6cffb9a8cd
- markus@cvs.openbsd.org 2002/08/12 10:46:35
...
[ssh-agent.c]
make ssh-agent setgid, disallow ptrace.
(note: change not yet made in Makefile)
2002-09-04 16:20:26 +10:00
3962119c8a
- (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign
...
it to ULONG_MAX.
2002-08-21 02:54:11 +00:00
479b476af6
- stevesk@cvs.openbsd.org 2002/08/17 23:55:01
...
[ssh_config.5]
ordered list here
2002-08-20 19:04:51 +00:00
3541f18e10
- stevesk@cvs.openbsd.org 2002/08/17 23:07:14
...
[ssh.1]
ForwardAgent has defaulted to no for over 2 years; be more clear here.
2002-08-20 19:03:20 +00:00
bd9bf38b00
- stevesk@cvs.openbsd.org 2002/08/12 17:30:35
...
[ssh.1 sshd.8 sshd_config.5]
more PermitUserEnvironment; ok markus@
2002-08-20 18:54:20 +00:00
15b6120e63
- stevesk@cvs.openbsd.org 2002/08/09 17:41:12
...
[sshd_config.5]
proxy vs. fake display
2002-08-20 18:44:24 +00:00
1f8cf4f4fb
- stevesk@cvs.openbsd.org 2002/08/09 17:21:42
...
[sshd_config.5]
use Op for mdoc conformance; from esr@golux.thyrsus.com
ok aaron@
2002-08-20 18:43:27 +00:00
d4ee3497ca
- stevesk@cvs.openbsd.org 2002/08/08 23:54:52
...
[auth.c]
typo in comment
2002-08-20 18:42:13 +00:00
e143f61b6f
- aaron@cvs.openbsd.org 2002/08/08 13:50:23
...
[sshconnect1.c]
Use & to test if bits are set, not &&; markus@ ok.
2002-08-20 18:41:15 +00:00
0deb5d958a
- markus@cvs.openbsd.org 2002/08/02 22:20:30
...
[ssh-rsa.c]
replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
for authentication; ok deraadt/djm
2002-08-20 18:40:03 +00:00
0e50d846b3
- markus@cvs.openbsd.org 2002/08/02 21:23:41
...
[ssh-rsa.c]
diff is u_int (2x); ok deraadt/provos
2002-08-20 18:39:14 +00:00
dc7adf2670
- marc@cvs.openbsd.org 2002/08/02 16:00:07
...
[ssh.1 sshd.8]
note that .ssh/environment is only read when
allowed (PermitUserEnvironment in sshd_config).
OK markus@
2002-08-20 18:38:02 +00:00
0a4f7542da
- millert@cvs.openbsd.org 2002/08/02 14:43:15
...
[monitor.c monitor_mm.c]
Change mm_zalloc() sanity checks to be more in line with what
we do in calloc() and add a check to monitor_mm.c.
OK provos@ and markus@
2002-08-20 18:36:25 +00:00
d730b78071
[configure.ac] Display OpenSSL header/library version.
...
Patch by dtucker@zip.com.au
2002-08-13 18:52:10 -07:00
5d860f02ca
- markus@cvs.openbsd.org 2002/07/30 17:03:55
...
[auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
add PermitUserEnvironment (off by default!); from dot@dotat.at ;
ok provos, deraadt
2002-08-01 01:28:38 +00:00
4b99be899c
- markus@cvs.openbsd.org 2002/07/29 18:57:30
...
[sshconnect.c]
print file:line
2002-08-01 01:26:29 +00:00
8d631e8515
- mouring@cvs.openbsd.org 2002/07/25 01:16:59
...
[sftp.c]
FallBackToRsh does not exist anywhere else. Remove it from here.
OK deraadt.
2002-08-01 01:25:00 +00:00
3ed6640532
- markus@cvs.openbsd.org 2002/07/24 16:11:18
...
[hostfile.c hostfile.h sshconnect.c]
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
2002-08-01 01:21:56 +00:00
18d2b5d399
- (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
2002-07-30 19:32:07 +00:00
Damien Miller
Tim Rice
Kevin Steves
Ben Lindstrom