788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
39eda6eb6a
- djm@cvs.openbsd.org 2005/10/10 10:23:08
...
[channels.c channels.h clientloop.c serverloop.c session.c]
fix regression I introduced in 4.2: X11 forwardings initiated after
a session has exited (e.g. "(sleep 5; xterm) &") would not start.
bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-11-05 14:52:50 +11:00
42308a4374
- (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
...
enabled, instead allow PAM to handle it. Note that on platforms using PAM,
the pam_nologin module should be added to sshd's session stack in order to
maintain exising behaviour. Based on patch and discussion from t8m at
centrum.cz, ok djm@
2005-10-30 15:31:55 +11:00
66fd217e8e
- (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
...
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
Feedback and OK dtucker@
2005-08-31 09:59:49 -07:00
2291c00ab2
- (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c
...
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
by tim@. Feedback and OK dtucker@
2005-08-26 13:15:19 -07:00
9786e6e2a0
- markus@cvs.openbsd.org 2005/07/25 11:59:40
...
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
[sshconnect2.c sshd.c sshd_config sshd_config.5]
add a new compression method that delays compression until the user
has been authenticated successfully and set compression to 'delayed'
for sshd.
this breaks older openssh clients (< 3.5) if they insist on
compression, so you have to re-enable compression in sshd_config.
ok djm@
2005-07-26 21:54:56 +10:00
0dc1bef12d
- djm@cvs.openbsd.org 2005/07/17 07:17:55
...
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
2b9b045d93
- (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
...
- djm@cvs.openbsd.org 2005/07/17 06:49:04
[channels.c channels.h session.c session.h]
Fix a number of X11 forwarding channel leaks:
1. Refuse multiple X11 forwarding requests on the same session
2. Clean up all listeners after a single_connection X11 forward, not just
the one that made the single connection
3. Destroy X11 listeners when the session owning them goes away
testing and ok dtucker@
2005-07-17 17:19:24 +10:00
46d38de48b
- djm@cvs.openbsd.org 2005/07/16 01:35:24
...
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
[sshconnect.c]
spacing
2005-07-17 17:02:09 +10:00
eccb9de72a
- djm@cvs.openbsd.org 2005/06/17 02:44:33
...
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
[bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
[kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
[servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
[ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
make this -Wsign-compare clean; ok avsm@ markus@
NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
7dff869dd9
tiny KNF nit
2005-05-26 11:34:51 +10:00
48554152b9
- (dtucker) [session.c] Bug #1024 : Don't check pam_session_is_open if
...
UseLogin is set as PAM is not used to establish credentials in that
case. Found by Michael Selvesteen, ok djm@
2005-04-21 19:50:55 +10:00
2b59a6dad6
- (dtucker) [session.c sshd.c] Bug #125 comment #49 : Send disconnect audit
...
events earlier, prevents mm_request_send errors reported by Matt Goebel.
2005-03-06 22:38:51 +11:00
c97b01af62
- (dtucker) [session.c] Bug #918 : store credentials from gssapi-with-mic
...
authentication early enough to be available to PAM session modules when
privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam
Hartman and similar to Debian's ssh-krb5 package.
2005-02-16 16:47:37 +11:00
33370e0287
- (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
...
the username to be passed to the passwd command when changing expired
passwords. ok djm@
2005-02-09 22:17:28 +11:00
2e0cf0dca2
- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
...
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
defines and enums with SSH_ to prevent namespace collisions on some
platforms (eg AIX).
2005-02-08 21:52:47 +11:00
269a1ea1c8
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
...
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125 :
(first stage) Add audit instrumentation to sshd, currently disabled by
default. with suggestions from and djm@
2005-02-03 00:20:53 +11:00
9dc6c7dbec
- (dtucker) [session.c sshd.c] Bug #445 : Propogate KRB5CCNAME if set to child
...
the process. Since we also unset KRB5CCNAME at startup, if it's set after
authentication it must have been set by the platform's native auth system.
This was already done for AIX; this enables it for the general case.
2005-02-02 18:30:33 +11:00
172a5e8cb8
- markus@cvs.openbsd.org 2004/12/23 17:35:48
...
[session.c]
check for NULL; from mpech
2005-01-20 10:55:46 +11:00
a2a3ed0010
- (dtucker) [session.c] Bug #927 : make .hushlogin silent again. ok djm@
2004-09-11 23:09:53 +10:00
69687f4b65
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890 : Send output from
...
failing PAM session modules to user then exit, similar to the way
/etc/nologin is handled. ok djm@
2004-09-11 22:17:26 +10:00
14c372d49d
- (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915 : only
...
copy required environment variables on Cygwin. Patch from vinschen at
redhat.com, ok djm@
2004-08-30 20:42:08 +10:00
5cb30ad2ec
- markus@cvs.openbsd.org 2004/07/28 09:40:29
...
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
sshconnect1.c]
more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
0999174755
- dtucker@cvs.openbsd.org 2004/07/17 05:31:41
...
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
Move "Last logged in at.." message generation to the monitor, right
before recording the new login. Fixes missing lastlog message when
/var/log/lastlog is not world-readable and incorrect datestamp when
multiple sessions are used (bz #463 ); much assistance & ok markus@
2004-07-17 17:05:14 +10:00
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
0a44d1ecf3
- (dtucker) [session.c] Call display_loginmsg again after do_pam_session.
...
Ensures messages from PAM modules are displayed when privsep=no.
Note: I did not want to just move display_loginmsg since that would change
existing behaviour (order of expiry warnings, "Last Login", motd) to less
like the native tools.
2004-07-01 09:48:29 +10:00
a6b1d169e6
- djm@cvs.openbsd.org 2004/06/30 08:36:59
...
[session.c]
unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
2004-06-30 22:41:07 +10:00
723e945b55
- djm@cvs.openbsd.org 2004/06/21 17:53:03
...
[session.c]
fix fd leak for multiple subsystem connections; with markus@
2004-06-22 12:57:08 +10:00
1f8311c836
- deraadt@cvs.openbsd.org 2004/05/11 19:01:43
...
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
e14e005f41
- djm@cvs.openbsd.org 2004/05/09 01:19:28
...
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
sshd.c] removed: mpaux.c mpaux.h
kill some more tiny files; ok deraadt@
2004-05-13 16:30:44 +10:00
46bc075474
- djm@cvs.openbsd.org 2004/04/27 09:46:37
...
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815 : implement ability to pass specified environment variables from
the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
9c870f966a
- (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache
...
file using FILE: method, fixes problems on Mac OSX.
Patch from simon@sxw.org.uk ; ok dtucker@
2004-04-16 22:47:55 +10:00
ac7c998a2d
- (dtucker) [session.c] Flush stdout after displaying loginmsg. From
...
f_mohr at yahoo.de.
2004-04-07 08:04:09 +10:00
b385059346
- (dtucker) [session.c] Bug #817 : Clear loginmsg after fork to prevent
...
duplicate login messages for mutli-session logins. ok djm@
2004-03-27 16:44:21 +11:00
1825f26d21
- (dtucker) [session.c] Bug #789 : Only make setcred call for !privsep in the
...
non-interactive path. ok djm@
2004-02-24 00:01:27 +11:00
1921ed9f96
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14 : Use do_pwchange to
...
change expired PAM passwords for SSHv1 connections without privsep.
pam_chauthtok is still used when privsep is disabled. ok djm@
2004-02-10 13:23:28 +11:00
23bc8d0bff
- markus@cvs.openbsd.org 2004/01/30 09:48:57
...
[auth-passwd.c auth.h pathnames.h session.c]
support for password change; ok dtucker@
(set password-dead=1w in login.conf to use this).
In -Portable, this is currently only platforms using bsdauth.
2004-02-06 16:24:31 +11:00
ef3a4a208c
- (dtucker) [session.c] Bug #789 : Do not call do_pam_setcred as a non-root
...
user, since some modules might fail due to lack of privilege. ok djm@
2004-02-06 15:30:50 +11:00
3c78c5ed2f
- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
...
Change AFS symbol to USE_AFS to prevent namespace collisions, do not
include kafs.h unless necessary. From deengert at anl.gov.
For consistency, all of the libkafs bits are now inside "#if defined(KRB5)
&& defined(USE_AFS)".
2004-01-23 22:03:10 +11:00
d352636553
- (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from
...
ralf.hack AT pipex.net; ok dtucker@
2004-01-23 14:16:26 +11:00
7fe8b72771
- (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
...
just HEIMDAL.
Currently this will make no difference, as only Heimdal (which defines KRB5
anyway) has libkafs, however a libkafs that works with MIT may become
available. In that case it will be used too.
2004-01-22 12:48:26 +11:00
8f341f8b8b
- markus@cvs.openbsd.org 2004/01/13 19:23:15
...
[compress.c session.c]
-Wall; ok henning
2004-01-21 11:00:46 +11:00
409cb328c1
- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
...
Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
2004-01-05 22:36:51 +11:00
22ef508754
- jakob@cvs.openbsd.org 2003/12/23 16:12:10
...
[servconf.c servconf.h session.c sshd_config]
implement KerberosGetAFSToken server option. ok markus@, beck@
2003-12-31 11:37:34 +11:00
3175eb9a5a
- markus@cvs.openbsd.org 2003/12/02 17:01:15
...
[channels.c session.c ssh-agent.c ssh.h sshd.c]
use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 19:15:11 +11:00
ce34674a9f
sync whitespace - no code change
2003-11-22 14:41:58 +11:00
787b2ec18c
more whitespace (tabs this time)
2003-11-21 23:56:47 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
c756e9b56e
- (djm) Export environment variables from authentication subprocess to
...
parent. Part of Bug #717
2003-11-17 21:41:42 +11:00
3e3b5145e5
- djm@cvs.openbsd.org 2003/11/04 08:54:09
...
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
[auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
[session.c]
standardise arguments to auth methods - they should all take authctxt.
check authctxt->valid rather then pw != NULL; ok markus@
2003-11-17 21:13:40 +11:00
072a7b178c
- markus@cvs.openbsd.org 2003/10/14 19:54:39
...
[session.c ssh-agent.c]
10X for mkdtemp; djm@
2003-10-15 16:10:25 +10:00
8846a07639
- (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
...
cleanup functions. With & ok djm@
2003-10-07 11:30:15 +10:00
f391ba6730
- (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
...
Based on patches by Matthias Koeppe and Thomas Baden. ok djm@
2003-10-02 20:07:09 +10:00
3e33cecf71
- markus@cvs.openbsd.org 2003/09/23 20:17:11
...
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
fb16b2411e
- markus@cvs.openbsd.org 2003/09/18 08:49:45
...
[deattack.c misc.c session.c ssh-agent.c]
more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
ok millert@
2003-09-22 21:04:23 +10:00
c11b1e8420
- (dtucker) [session.c] Bug #643 : Fix size_t -> u_int and fix null deref
...
when /etc/default/login doesn't exist or isn't readable. Fixes from
jparsons-lists at saffron.net and georg.oppenberg at deu mci com.
2003-09-19 20:56:51 +10:00
e1a790d0d1
- (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252 : Retrieve
...
PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it
(eg Solaris, Reliant Unix). Patch from Robert.Dahlem at siemens.com. ok djm@
2003-09-16 11:52:19 +10:00
341c6e687c
- (djm) Bug #423 : reorder setting of PAM_TTY and calling of PAM session
...
management (now done in do_setusercontext). Largely from
michael_steffens AT hp.com
2003-09-02 23:18:52 +10:00
324948b320
- markus@cvs.openbsd.org 2003/08/31 13:29:05
...
[session.c]
call ssh_gssapi_storecreds conditionally from do_exec();
with sxw@inf.ed.ac.uk
2003-09-02 22:55:45 +10:00
1a0c0b9621
- markus@cvs.openbsd.org 2003/08/28 12:54:34
...
[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
[sshconnect1.c sshd.c sshd_config sshd_config.5]
remove kerberos support from ssh1, since it has been replaced with GSSAPI;
but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
2003-09-02 22:51:17 +10:00
49aaf4ad52
- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
...
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
2003-08-26 11:58:16 +10:00
0efd155c3c
- markus@cvs.openbsd.org 2003/08/22 10:56:09
...
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
support GSS API user authentication; patches from Simon Wilkinson,
stripped down and tested by Jakob and myself.
2003-08-26 11:49:55 +10:00
1f499fd368
- (djm) Bug #564 : Perform PAM account checks for all authentications when
...
UsePAM=yes; ok dtucker
2003-08-25 13:08:49 +10:00
3bdbd848ea
- markus@cvs.openbsd.org 2003/08/13 08:33:02
...
[session.c]
use more portable tcsendbreak(3) and ignore break_length;
ok deraadt, millert
2003-08-13 20:31:05 +10:00
d85efee437
- (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge.
2003-08-13 20:28:14 +10:00
80649c5fa6
- (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move Cygwin
...
specific defines and includes to bsd-cygwin_util.h. Fixes build error too.
2003-08-07 16:28:16 +10:00
b9d3f41ceb
- (dtucker) [session.c] Have session_break_req not attempt to send a break
...
if TIOCSBRK and TIOCCBRK are not defined (eg Cygwin).
2003-08-07 13:24:24 +10:00
6aaa58c470
- (dtucker) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/07/22 13:35:22
[auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
test+ok henning@
- (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
- (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
I hope I got this right....
2003-08-02 22:24:49 +10:00
b9aa0a0baa
- (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
...
Convert aixloginmsg into platform-independant Buffer loginmsg.
2003-07-08 22:59:59 +10:00
793e817d49
- (dtucker) Check return value of setpcred().
2003-07-08 21:01:04 +10:00
a0c0b63112
- (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
...
Include AIX headers for authentication functions and make calls match
prototypes. Test for and handle 3-args and 4-arg variants of loginfailed.
2003-07-08 20:52:12 +10:00
3a961dc0d3
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/06/02 09:17:34
[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
[sshd_config.5]
deprecate VerifyReverseMapping since it's dangerous if combined
with IP based access control as noted by Mike Harding; replace with
a UseDNS option, UseDNS is on by default and includes the
VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
ok deraadt@, djm@
- (djm) Fix portable-specific uses of verify_reverse_mapping too
2003-06-03 10:25:48 +10:00
54c459866e
- markus@cvs.openbsd.org 2003/05/14 22:24:42
...
[clientloop.c session.c ssh.1]
allow to send a BREAK to the remote system; ok various
2003-05-15 10:20:13 +10:00
4e448a31ae
- (djm) Add new UsePAM configuration directive to allow runtime control
...
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
2003-05-14 15:11:48 +10:00
b1ca8bb159
- markus@cvs.openbsd.org 2003/05/11 20:30:25
...
[channels.c clientloop.c serverloop.c session.c ssh.c]
make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
c8c548d248
- (bal) Disable Privsep for Tru64 after pre-authentication due to issues
...
with SIA. Also, clean up of tru64 support patch by Chris Adams
<cmadams@hiwaay.net>
2003-03-21 01:18:09 +00:00
0011138d47
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/03/05 22:33:43
[channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c]
[sftp-server.c ssh-add.c sshconnect2.c]
fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
2003-03-10 11:21:17 +11:00
1a3ccb07c5
- (djm) Bug #494 : Allow multiple accounts on Windows 9x/Me;
...
From vinschen@redhat.com
2003-02-24 13:04:01 +11:00
97f39ae810
- markus@cvs.openbsd.org 2003/02/06 09:26:23
...
[session.c]
missing call to setproctitle() after authentication; ok provos@
2003-02-24 11:57:01 +11:00
a8ed44b79e
- (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More
...
systems may be added later.
2003-01-10 09:53:12 +11:00
f25c18d7e8
- (djm) Bug #178 : On AIX /etc/nologin wasnt't shown to users. Fix from
...
Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au
2003-01-07 17:38:58 +11:00
dfedbf8e5a
- (djm) Bug #446 : Set LOGIN env var to pw_name on AIX. Patch from
...
mii@ornl.gov
2003-01-03 14:52:53 +11:00
678ee51ff3
- (stevesk) [session.c sshlogin.c sshlogin.h] complete portable
...
parts of pass addrlen with sockaddr * fix.
from Hajimu UMEMOTO <ume@FreeBSD.org>
2003-01-01 23:43:55 +00:00
46767607e2
- markus@cvs.openbsd.org 2002/12/10 08:56:00
...
[session.c]
Make sure $SHELL points to the shell from the password file, even if shell
is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@
2002-12-23 02:26:08 +00:00
611797ed15
- stevesk@cvs.openbsd.org 2002/12/04 04:36:47
...
[session.c]
remove xauth entries before add; PR 2994 from janjaap@stack.nl .
ok markus@
2002-12-23 02:15:57 +00:00
81ed518b9b
Cray fixes (bug 367) based on patch from Wendy Palm @ cray.
...
This does not include the deattack.c fixes.
2002-09-25 17:38:46 -07:00
164725f40e
l) Fix issue where successfull login does not clear failure counts
...
in AIX. Patch by dtucker@zip.com.au ok by djm
2002-09-25 23:14:14 +00:00
a6eb2b7f8e
- stevesk@cvs.openbsd.org 2002/09/16 19:55:33
...
[session.c]
log when _PATH_NOLOGIN exists; ok markus@
2002-09-19 11:50:48 +10:00
f37e246f85
- stevesk@cvs.openbsd.org 2002/09/12 19:50:36
...
[session.c ssh.1]
add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384 . ok markus@
2002-09-19 11:47:55 +10:00
e9994cb4d7
- (djm) Bug #365 : Read /.ssh/environment properly under CygWin.
...
Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com>
2002-09-10 21:43:53 +10:00
ebc2306629
- stevesk@cvs.openbsd.org 2002/08/29 15:57:25
...
[monitor.c session.c sshlogin.c sshlogin.h]
pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org>
NOTE: there are also p-specific parts to this patch. ok markus@
2002-09-04 16:45:09 +10:00
5a80bba86f
- markus@cvs.openbsd.org 2002/08/22 21:45:41
...
[session.c]
send signal name (not signal number) in "exit-signal" message; noticed
by galb@vandyke.com
2002-09-04 16:39:02 +10:00
5d860f02ca
- markus@cvs.openbsd.org 2002/07/30 17:03:55
...
[auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
add PermitUserEnvironment (off by default!); from dot@dotat.at ;
ok provos, deraadt
2002-08-01 01:28:38 +00:00
b9051ec9a4
- markus@cvs.openbsd.org 2002/07/22 11:03:06
...
[session.c]
fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors;
2002-07-23 21:11:09 +00:00
264ee307a8
- markus@cvs.openbsd.org 2002/07/19 15:43:33
...
[log.c log.h session.c sshd.c]
remove fatal cleanups after fork; based on discussions with and code
from solar.
2002-07-23 21:01:56 +00:00
38b050a0f5
- (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
...
freed by the caller; add free_pam_environment() and use it.
2002-07-23 00:44:07 +00:00
938b828566
- (bal) Remove unused tty defined in do_setusercontext() pointed out by
...
dtucker@zip.com.au plus a a more KNF since I am near it.
2002-07-15 17:58:34 +00:00
51b2488aad
- (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess.
2002-07-04 03:08:40 +00:00
5a9d0eaba6
- deraadt@cvs.openbsd.org 2002/06/30 21:54:16
...
[auth2.c session.c sshd.c]
lint asks that we use names that do not overlap
2002-07-04 00:12:53 +00:00
990070a8c5
- deraadt@cvs.openbsd.org 2002/06/26 13:49:26
...
[session.c]
disclose less information from environment files; based on input
from djm, and dschultz@uclink.Berkeley.EDU
2002-06-26 23:51:06 +10:00
a0796cad4a
- markus@cvs.openbsd.org 2002/06/26 08:58:26
...
[session.c]
limit # of env vars to 1000; ok deraadt/djm
2002-06-26 19:15:07 +10:00
f18cd162d3
- (djm) setlogin needs pgid==pid on BSD/OS; from itojun@
2002-06-26 19:12:59 +10:00
b129be657c
20020626
...
- (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by
dtucker@zip.com.au
2002-06-25 17:12:26 +00:00
a9d2c89fc5
- deraadt@cvs.openbsd.org 2002/06/23 21:06:41
...
[channels.c channels.h session.c session.h]
display, screen, row, col, xpixel, ypixel are u_int; markus ok
- (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
xpixel are u_int.
2002-06-23 21:48:28 +00:00
e23f4a3d28
- deraadt@cvs.openbsd.org 2002/06/23 20:39:45
...
[session.c]
compression_level is u_int
2002-06-23 21:40:16 +00:00
23e0f667f8
- markus@cvs.openbsd.org 2002/06/20 23:05:56
...
[servconf.c servconf.h session.c sshd.c]
allow Compression=yes/no in sshd_config
2002-06-21 01:09:47 +00:00
f0bfa839bd
- (bal) Fixed AIX environment handling, use setpcred() instead of existing
...
code. (Bugzilla Bug 261)
2002-06-21 00:01:18 +00:00
ce0f634270
- mpech@cvs.openbsd.org 2002/06/11 05:46:20
...
[auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
pid_t cleanup. Markus need this now to keep hacking.
markus@, millert@ ok
2002-06-11 16:42:49 +00:00
8bb6f36c8f
- markus@cvs.openbsd.org 2002/06/10 22:28:41
...
[channels.c channels.h session.c]
move creation of agent socket to session.c; no need for uidswapping
in channel.c.
2002-06-11 15:59:02 +00:00
5a6abdae0f
unexpand
2002-06-09 19:41:48 +00:00
378a417389
- (bal) use 'LOGIN_PROGRAM' not '/usr/bin/login' in session.c patch by
...
Bertrand.Velle@apogee-com.fr
2002-06-07 14:49:56 +00:00
fac7769f64
- stevesk@cvs.openbsd.org 2002/05/16 22:09:59
...
[session.c ssh.c]
don't limit xauth pathlen on client side and longer print length on
server when debug; ok markus@
2002-06-06 19:49:54 +00:00
a18bbd398e
- (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
...
the superuser receives.
2002-05-13 10:48:57 +10:00
5feaaefaf2
- (stevesk) [acconfig.h configure.ac session.c] LOGIN_NO_ENDOPT for HP-UX
2002-04-23 20:45:55 +00:00
c447fee9f1
- markus@cvs.openbsd.org 2002/03/29 18:59:32
...
[session.c session.h]
retrieve last login time before the pty is allocated, store per session
2002-04-02 20:35:35 +00:00
2bf56e2dba
- markus@cvs.openbsd.org 2002/03/28 15:34:51
...
[session.c]
do not call record_login twice (for use_privsep)
2002-04-02 20:32:46 +00:00
b4799a31a5
- (stevesk) [session.c] disable LOGIN_NEEDS_TERM until we are sure
...
it can be removed. only used on solaris. will no longer compile with
privsep shuffling.
2002-03-24 23:19:54 +00:00
6328ab3989
- markus@cvs.openbsd.org 2002/03/19 10:49:35
...
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
2002-03-22 02:54:23 +00:00
08105192fd
- markus@cvs.openbsd.org 2002/03/19 10:35:39
...
[auth-options.c auth.h session.c session.h sshd.c]
clean up prototypes
2002-03-22 02:50:06 +00:00
7a2073c50b
- provos@cvs.openbsd.org 2002/03/18 17:50:31
...
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-03-22 02:30:41 +00:00
b481e1323e
- provos@cvs.openbsd.org 2002/03/18 03:41:08
...
[auth.c session.c]
move auth_approval into getpwnamallow with help from millert@
2002-03-22 01:35:47 +00:00
3a5b023330
Stupid djm commits experimental code to head instead of branch
...
revert
2002-03-13 13:19:42 +11:00
646e7cf3d7
Import of Niels Provos' 20020312 ssh-complete.diff
...
PAM, Cygwin and OSF SIA will not work for sure
2002-03-13 12:47:54 +11:00
c004135b72
- (bal) Last AIX patch. Moved aix_usrinfo() outside of do_setuserconext()
...
since we need more session information than provided by that function.
2002-02-25 15:48:02 +00:00
e06ae4a4bc
[loginrec.c session.c sshlogin.c sshlogin.h] Bug 84
...
patch by wknox@mitre.org (William Knox).
[sshlogin.h] declare record_utmp_only for session.c
2002-02-24 17:56:46 -08:00
839ac4f8aa
- (bal) Part two.. Drop unused AIX header, fix up missing char *cp. All
...
that is left is handling aix_usrinfo().
2002-02-24 20:42:46 +00:00
3107efc12a
- (bal) Minor session.c for cygwin. mispelt 'is_winnt' variable.
2002-02-21 15:37:02 +00:00
e37f63ffa0
- markus@cvs.openbsd.org 2002/02/16 00:51:44
...
[session.c]
typo
- (bal) CVS ID sync since the last two patches were merged mistakenly
2002-02-19 21:58:19 +00:00
4e97e85c03
- (bal) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/02/15 23:11:26
[session.c]
split do_child(), ok mouring@
Compiles under Redhat 7.2.. I cannot give any promises.. but I spent a
good hour and half ensure all the right bits are in the right spots.. and
it does seem to help out quite a bit for readiblity.
2002-02-19 21:50:43 +00:00
a9c039cf04
- (bal) Migrated AIX getuserattr and usrinfo code to
...
openbsd-compat/port-aix.[c] to improve readilbity of do_child() and
simplify our diffs against upstream source.
2002-02-19 20:27:55 +00:00
f095a85882
- (bal) Migrate IRIX jobs/projects/audit/etc code to
...
openbsd-compat/port-irix.[ch] to improve readiblity of do_child()
2002-02-19 20:02:48 +00:00
19a5945105
- markus@cvs.openbsd.org 2002/02/14 23:28:00
...
[channels.h session.c ssh.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
2002-02-19 15:20:57 +11:00
05eda437a6
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2002/02/09 17:37:34
[pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1]
move ssh config files to /etc/ssh
- (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match
2002-02-10 18:32:28 +11:00
f3dcf1fc88
- markus@cvs.openbsd.org 2002/02/06 14:37:22
...
[session.c]
minor KNF
2002-02-08 22:06:48 +11:00
f3451a2181
- (djm) Cleanup after sync:
...
- :%s/reverse_mapping_check/verify_reverse_mapping/g
2002-02-05 12:40:46 +11:00
c7ef63dd41
- markus@cvs.openbsd.org 2002/02/03 17:53:25
...
[auth1.c serverloop.c session.c session.h]
don't use channel_input_channel_request and callback
use new server_input_channel_req() instead:
server_input_channel_req does generic request parsing on server side
session_input_channel_req handles just session specific things now
ok djm@
2002-02-05 12:21:42 +11:00
5fab4b9b1d
- markus@cvs.openbsd.org 2002/01/29 22:46:41
...
[session.c]
don't depend on servconf.c; ok djm@
2002-02-05 12:15:07 +11:00
baa0870852
- stevesk@cvs.openbsd.org 2002/01/29 16:29:02
...
[session.c]
limit subsystem length in log; ok markus@
2002-02-05 12:14:10 +11:00
c5d8635d6a
- markus@cvs.openbsd.org 2002/01/29 14:32:03
...
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config]
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
2002-02-05 12:13:41 +11:00
95c249ff47
- stevesk@cvs.openbsd.org 2002/01/27 14:57:46
...
[channels.c servconf.c servconf.h session.c sshd.8 sshd_config]
add X11UseLocalhost; ok markus@
2002-02-05 12:11:34 +11:00
512bccbb5a
- stevesk@cvs.openbsd.org 2002/01/26 16:44:22
...
[includes.h session.c]
revert code to add x11 localhost display authorization entry for
hostname/unix:d and uts.nodename/unix:d if nodename was different than
hostname. just add entry for unix:d instead. ok markus@
2002-02-05 12:11:02 +11:00
dff5099f13
- markus@cvs.openbsd.org 2001/12/28 14:50:54
...
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
48b03fc546
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
66823cddbe
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
bb9ffc18ca
- (djm) Merge Cygwin copy_environment with do_pam_environment, removing
...
fixed env var size limit in the process. Report from Corinna Vinschen
<vinschen@redhat.com>
2002-01-08 10:59:32 +11:00
e737856350
- markus@cvs.openbsd.org 2001/12/20 16:37:29
...
[channels.c channels.h session.c]
setup x11 listen socket for just one connect if the client requests so.
(v2 only, but the openssh client does not support this feature).
2001-12-21 14:58:35 +11:00
8db9a84310
Sync RCSIDs from Kevin's already committed patch
2001-12-21 14:51:28 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
366298c696
- (stevesk) OpenBSD CVS sync X11 localhost display
...
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-19 17:58:01 +00:00
ccd8d07b3c
- stevesk@cvs.openbsd.org 2001/12/06 18:09:23
...
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
2001-12-07 17:26:48 +00:00
38b951cdb2
- markus@cvs.openbsd.org 2001/12/01 21:41:48
...
[session.c sshd.8]
don't pass user defined variables to /usr/bin/login
2001-12-06 17:47:47 +00:00
e49d0966b5
- (djm) AIX login{success,failed} changes. Move loginsuccess call to
...
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
2001-11-13 23:46:18 +11:00
c3aa3dd70c
- (djm) Disconnect if no tty and PAM reports password expired
2001-10-28 22:34:52 +11:00
0585d51a52
- markus@cvs.openbsd.org 2001/10/11 13:45:21
...
[session.c]
delay detach of session if a channel gets closed but the child is
still alive. however, release pty, since the fd's to the child are
already closed.
2001-10-12 11:35:50 +10:00
3ec2759ad4
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/10/10 22:18:47
[channels.c channels.h clientloop.c nchan.c serverloop.c]
[session.c session.h]
try to keep channels open until an exit-status message is sent.
don't kill the login shells if the shells stdin/out/err is closed.
this should now work:
ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
2001-10-12 11:35:04 +10:00
52b77beb65
- markus@cvs.openbsd.org 2001/10/09 21:59:41
...
[channels.c channels.h serverloop.c session.c session.h]
simplify session close: no more delayed session_close, no more blocking wait() calls.
2001-10-10 15:14:37 +10:00
ae45246696
- markus@cvs.openbsd.org 2001/10/09 19:32:49
...
[session.c]
stat subsystem command before calling do_exec, and return error to client.
2001-10-10 15:08:06 +10:00
139d4cd908
- markus@cvs.openbsd.org 2001/10/09 10:12:08
...
[session.c]
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 15:07:44 +10:00
9c75142917
- markus@cvs.openbsd.org 2001/10/06 00:36:42
...
[session.c]
fix typo in error message, sync with do_exec_nopty
2001-10-10 15:02:46 +10:00
a0957d6898
- (stevesk) session.c: declare do_pre_login() before use
...
wayned@users.sourceforge.net
2001-09-27 19:50:26 +00:00
37e41c9019
- markus@cvs.openbsd.org 2001/09/16 14:46:54
...
[session.c]
calls krb_afslog() after setting $HOME; mattiasa@e.kth.se ; fixes
pr 1943b
2001-09-16 22:17:15 +00:00
599d8eba16
- (djm) Make do_pre_login static to avoid prototype #ifdef hell
2001-09-15 12:25:53 +10:00
b09f6b5b02
- markus@cvs.openbsd.org 2001/09/14
...
[session.c]
command=xxx overwrites subsystems, too
2001-09-14 23:12:07 +00:00
91e9868e4f
- jakob@cvs.openbsd.org 2001/08/16 19:18:34
...
[servconf.c servconf.h session.c sshd.8]
deprecate CheckMail. ok markus@
2001-09-12 16:32:14 +00:00
efb1edfc7f
- deraadt@cvs.openbsd.org 2001/07/09 07:04:53
...
[session.c sftp-int.c]
correct type on last arg to execl(); nordin@cse.ogi.edu
2001-07-14 12:19:36 +10:00
c62f1fc3ff
- (djm) Enable /etc/nologin check on PAM systems, as some lack the
...
pam_nologin module. Report from William Yodlowsky
<bsd@openbsd.rutgers.edu>
2001-07-14 11:54:05 +10:00
8f63caa197
- (stevesk) more sync for session.c
2001-07-04 18:23:02 +00:00
4983d5ebd5
- markus@cvs.openbsd.org 2001/07/02 13:59:15
...
[serverloop.c session.c session.h]
wait until !session_have_children(); bugreport from
Lutz.Jaenicke@aet.TU-Cottbus.DE
2001-07-04 05:17:40 +00:00
bddd551e11
- markus@cvs.openbsd.org 2001/06/27 02:12:54
...
[serverloop.c serverloop.h session.c session.h]
quick hack to make ssh2 work again.
2001-07-04 04:53:53 +00:00
ec95ed9b4c
- dugsong@cvs.openbsd.org 2001/06/26 16:15:25
...
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
servconf.c servconf.h session.c sshconnect1.c sshd.c]
Kerberos v5 support for SSH1, mostly from Assar Westerlund
<assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
2001-07-04 04:21:14 +00:00
4469723325
- markus@cvs.openbsd.org 2001/06/25 08:25:41
...
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
update copyright for 2001
2001-07-04 03:32:30 +00:00
9b26f96c12
- (stevesk) session.c: use u_int for envsize
2001-06-29 17:52:17 +00:00
665af9cae7
- (djm) Reintroduce pam_session call for non-pty sessions.
2001-06-27 09:34:15 +10:00
2d5ac08f13
-Wall
2001-06-25 17:07:59 +10:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
07094e52e7
- markus@cvs.openbsd.org 2001/06/21 21:08:25
...
[session.c]
don't reset forced_command (we allow multiple login shells in
ssh2); dwd@bell-labs.com
2001-06-25 03:59:43 +00:00
0a7ca6c7ba
- markus@cvs.openbsd.org 2001/06/19 15:40:45
...
[session.c]
allocate and free at the same level.
2001-06-21 03:17:42 +00:00
699776e9ec
- markus@cvs.openbsd.org 2001/06/19 14:09:45
...
[session.c sshd.8]
disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
2001-06-21 03:14:49 +00:00
c85ab8afab
- markus@cvs.openbsd.org 2001/06/19 12:34:09
...
[session.c]
cleanup forced command handling, from dwd@bell-labs.com
2001-06-21 03:13:10 +00:00
7a83722577
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/06/13 09:10:31
[session.c]
typo, use pid not s->pid, mstone@cs.loyola.edu
2001-06-13 19:23:32 +00:00
c51ae1bdaa
- markus@cvs.openbsd.org 2001/06/12 21:30:57
...
[session.c]
unused
2001-06-13 04:43:52 +00:00
2bcdf064d8
- markus@cvs.openbsd.org 2001/06/12 21:21:29
...
[session.c]
remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
we do already trust $HOME/.ssh
you can use .ssh/sshrc and .ssh/environment if you want to customize
the location of the xauth cookies
2001-06-13 04:41:41 +00:00
49c126044d
- markus@cvs.openbsd.org 2001/06/12 16:10:38
...
[session.c]
merge ssh1/ssh2 tty msg parse and alloc code
2001-06-13 04:37:36 +00:00
7eaf8e4e26
- markus@cvs.openbsd.org 2001/06/12 10:58:29
...
[session.c]
merge session_free into session_close()
merge pty_cleanup_proc into session_pty_cleanup()
2001-06-13 04:35:43 +00:00
88259fbbc5
- markus@cvs.openbsd.org 2001/06/11 10:18:24
...
[session.c]
reset pointer to NULL after xfree(); report from solar@openwall.com
2001-06-12 00:21:34 +00:00
4d3f227699
- markus@cvs.openbsd.org 2001/06/07 22:25:02
...
[session.c]
don't overwrite errno
delay deletion of the xauth cookie
2001-06-09 01:44:07 +00:00
cb3929d1d9
- markus@cvs.openbsd.org 2001/06/05 16:46:19
...
[session.c]
let session_close() delete the pty. deny x11fwd if xauthfile is set.
2001-06-09 01:34:15 +00:00
768176b240
- markus@cvs.openbsd.org 2001/06/04 23:16:16
...
[session.c]
merge ssh1/2 x11-fwd setup, create listener after tmp-dir
2001-06-09 01:29:12 +00:00
983c098311
- markus@cvs.openbsd.org 2001/06/04 21:59:43
...
[channels.c channels.h session.c]
switch uid when cleaning up tmp files and sockets; reported by
zen-parse@gmx.net on bugtraq
2001-06-09 01:20:06 +00:00
838394ca26
- markus@cvs.openbsd.org 2001/06/03 14:55:39
...
[channels.c channels.h session.c]
use fatal_register_cleanup instead of atexit, sync with x11 authdir
handling
2001-06-09 01:11:59 +00:00
c763767f18
[NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
...
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
2001-06-09 00:36:26 +00:00
e6455aee8f
[NOTE: File split is was not done in Portabl Tree]
...
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
7d68fbf4c5
- djm@cvs.openbsd.org 2001/05/19 00:36:40
...
[session.c]
Disable X11 forwarding if xauth binary is not found. Patch from Nalin
Dahyabhai <nalin@redhat.com>; ok markus@
2001-06-05 19:29:20 +00:00
97c677d4f0
- (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison
...
<wayne@blorf.net>
2001-05-08 20:33:05 +00:00
5428bea574
- (bal) White Space and #ifdef sync with OpenBSD
2001-05-06 02:53:25 +00:00
60402fd42a
- markus@cvs.openbsd.org 2001/05/03 15:45:15
...
[session.c]
exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au
2001-05-03 22:37:26 +00:00
005dd22c97
- markus@cvs.openbsd.org 2001/04/17 19:34:25
...
[session.c]
move auth_approval to do_authenticated().
do_child(): nuke hostkeys from memory
don't source .ssh/rc for subsystems.
2001-04-18 15:29:33 +00:00
364a9bd9ce
- Fix OSF SIA support displaying too much information for quiet
...
logins and logins where access was denied by SIA. Patch from Chris Adams
<cmadams@hiwaay.net>
2001-04-16 18:37:05 +10:00
cf205e8f35
- djm@cvs.openbsd.org 2001/04/16 08:19:31
...
[session.c]
Split motd and hushlogin checks into seperate functions, helps for
portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@
2001-04-16 18:29:15 +10:00
ae8e2d30db
- stevesk@cvs.openbsd.org 2001/04/14 16:33:20
...
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
protocol 2 tty modes support; ok markus@
2001-04-14 23:13:02 +00:00
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
f15a386511
- stevesk@cvs.openbsd.org 2001/04/05 15:48:18
...
[canohost.c canohost.h session.c]
move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
2001-04-05 23:32:17 +00:00
f9e9300947
- (djm) Reestablish PAM credentials (which can be supplemental group
...
memberships) after initgroups() blows them away. Report and suggested
fix from Nalin Dahyabhai <nalin@redhat.com>
2001-03-27 16:12:24 +10:00
7bfff36ca3
- stevesk@cvs.openbsd.org 2001/03/25 13:16:11
...
[servconf.c servconf.h session.c sshd.8 sshd_config]
PrintLastLog option; from chip@valinux.com with some minor
changes by me. ok markus@
2001-03-26 05:45:53 +00:00
6029432ec5
- djm@cvs.openbsd.org 2001/03/25 00:01:34
...
[session.c]
shorten; ok markus@
2001-03-26 05:38:25 +00:00
b44fe0617d
- (djm) Pull out our own SIGPIPE hacks
2001-03-24 15:39:38 +11:00
de71cda078
- markus@cvs.openbsd.org 2001/03/23 14:28:32
...
[session.c sshd.c]
ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
2001-03-24 00:43:26 +00:00
d9267454ca
- markus@cvs.openbsd.org 2001/03/21 21:06:30
...
[session.c]
missing init; from mib@unimelb.edu.au
2001-03-22 02:06:57 +00:00
b31783d547
- markus@cvs.openbsd.org 2001/03/21 11:43:45
...
[auth1.c auth2.c session.c session.h]
merge common ssh v1/2 code
2001-03-22 02:02:12 +00:00
fc9b07de19
- markus@cvs.openbsd.org 2001/03/20 19:21:21
...
[session.c]
remove unused arg
2001-03-22 01:27:23 +00:00
b4c961d822
- markus@cvs.openbsd.org 2001/03/20 19:21:21
...
[session.c]
remove unused arg
2001-03-22 01:25:37 +00:00
eebc4a2ed3
- (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
...
resync
2001-03-22 01:22:03 +00:00
bebd8be67b
- (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de>
2001-03-22 11:58:15 +11:00
b69407dd7a
- (djm) Correctly handle SIA and AIX when no tty present. Spotted and
...
suggested fix from Mike Battersby <mib@unimelb.edu.au>
2001-03-21 16:13:03 +11:00
be08176963
- (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
...
VanDevender <stevev@darkwing.uoregon.edu>
2001-03-21 11:11:57 +11:00
7bb8b49596
- markus@cvs.openbsd.org 2001/03/16 19:06:30
...
[auth-options.c channels.c channels.h serverloop.c session.c]
implement "permitopen" key option, restricts -L style forwarding to
to specified host:port pairs. based on work by harlan@genua.de
2001-03-17 00:47:54 +00:00
86fe8686b9
- markus@cvs.openbsd.org 2001/03/15 22:07:08
...
[session.c]
pass Session to do_child + KNF
2001-03-17 00:32:57 +00:00
168a700cc6
- Support usrinfo() on AIX. Based on patch from Gert Doering
...
<gert@greenie.muc.de>
2001-03-17 10:29:50 +11:00
9c5324422e
- (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
2001-03-05 07:33:14 +00:00
92a2e38f8e
- deraadt@cvs.openbsd.org 2001/03/02 18:54:31
...
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
make copyright lines the same format
2001-03-05 06:59:27 +00:00
c594633b49
- (djm) Fully revert PAM session patch. All PAM session init is now done
...
before the final fork().
2001-02-28 11:46:11 +11:00
7bd1c6262b
- (djm) Fix PAM fix
2001-02-27 10:48:01 +11:00
5a7613186b
- (djm) Move PAM init to after fork for non-Solaris derived PAMs
2001-02-27 09:28:23 +11:00
7603b2d244
- markus@cvs.openbsd.org 2001/02/23 15:37:45
...
[session.c]
handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
2001-02-26 20:13:32 +00:00
38e60935bb
- (bal) Generalize lack of UNIX sockets since this also effects Cray
...
not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com>
2001-02-24 00:55:04 +00:00
e1bd29bc9e
- (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com>
2001-02-21 20:00:28 +00:00
ff793a27b8
- (stevesk) session.c: back out to where we were before:
...
- (djm) Move PAM session initialisation until after fork in sshd. Patch
from Nalin Dahyabhai <nalin@redhat.com>
2001-02-21 16:36:51 +00:00
94bce40720
- (bal) Reverted out of 2001/02/15 patch by djm below because it
...
breaks Solaris.
- (djm) Move PAM session setup back to before setuid to user.
fixes problems on Solaris-drived PAMs.
2001-02-21 05:53:33 +00:00
d95c09cc83
- (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
...
pty.[ch] -> sshpty.[ch]
2001-02-18 19:13:33 +00:00
60396b060b
- (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
...
enable with --with-bsd-auth.
2001-02-18 17:01:00 +11:00
8dcdeb8421
- markus@cvs.openbsd.org 2001/02/16 14:03:43
...
[session.c]
proper payload-length check for x11 w/o screen-number
2001-02-16 16:02:14 +00:00
217f567187
- (djm) Set "login ID" on systems with setluid. Only enabled for SCO
...
OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
2001-02-16 12:12:41 +11:00
646aa60b41
- (djm) Clean up PAM namespace. Suggested by Darren Moffat
...
<Darren.Moffat@eng.sun.com>
2001-02-15 11:51:32 +11:00
e8b5b04521
- (djm) Move PAM session setup back to before setuid to user. Fixes
...
problems on Solaris-derived PAMs.
2001-02-15 11:32:15 +11:00
7fafa5ccbe
- (stevesk) fix for SIA patch, misplaced session_setup_sia()
2001-02-13 18:45:00 +00:00
92ddb7d6f0
- (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
...
<cmadams@hiwaay.net> with a little modification and KNF.
2001-02-14 01:25:23 +11:00
6b4146ad73
- (djm) Move PAM session initialisation until after fork in sshd. Patch
...
from Nalin Dahyabhai <nalin@redhat.com>
2001-02-14 00:45:51 +11:00
7f982bf6c9
- (stevesk) session.c: remove debugging code.
2001-02-12 15:07:52 +00:00
43cdef3ba5
missed session.c part of:
...
- stevesk@cvs.openbsd.org 2001/02/08 10:11:23
[session.c sftp-client.c]
%i -> %d
2001-02-11 14:12:08 +00:00
31ca54aa86
- itojun@cvs.openbsd.org 2001/02/08 19:30:52
...
sync with netbsd tree changes.
- more strict prototypes, include necessary headers
- use paths.h/pathnames.h decls
- size_t typecase to int -> u_long
2001-02-09 02:11:24 +00:00
ef4eea9bad
- stevesk@cvs.openbsd.org 2001/02/04 08:32:27
...
[many files; did this manually to our top-level source dir]
unexpand and remove end-of-line whitespace; ok markus@
2001-02-05 12:42:17 +00:00
3380426358
NB: big update - may break stuff. Please test!
...
- (djm) OpenBSD CVS sync:
- markus@cvs.openbsd.org 2001/02/03 03:08:38
[auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
[canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
[sshd_config]
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
- markus@cvs.openbsd.org 2001/02/03 03:19:51
[ssh.1 sshd.8 sshd_config]
Skey is now called ChallengeResponse
- markus@cvs.openbsd.org 2001/02/03 03:43:09
[sshd.8]
use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
channel. note from Erik.Anggard@cygate.se (pr/1659)
- stevesk@cvs.openbsd.org 2001/02/03 10:03:06
[ssh.1]
typos; ok markus@
- djm@cvs.openbsd.org 2001/02/04 04:11:56
[scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
[sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
Basic interactive sftp client; ok theo@
- (djm) Update RPM specs for new sftp binary
- (djm) Update several bits for new optional reverse lookup stuff. I
think I got them all.
2001-02-04 23:20:18 +11:00
226cfa0378
Hopefully things did not get mixed around too much. It compiles under
...
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
2001-01-22 05:34:40 +00:00
b100ec9542
- (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
...
Also removed some of the 'ISSUES' comments that have been verified by djm.
2001-01-19 05:37:32 +00:00
db65e8fded
Please grep through the source and look for 'ISSUE' comments and verify
...
that I was able to get all the portable bits in the right location. As for
the SKEY comment there is an email out to Markus as to how it should be
resolved. Until then I just #ifdef SKEY/#endif out the whole block.
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/18 16:20:21
[log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
sshd.8 sshd.c]
log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
systems
- markus@cvs.openbsd.org 2001/01/18 16:59:59
[auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
session.h sshconnect1.c]
1) removes fake skey from sshd, since this will be much
harder with /usr/libexec/auth/login_XXX
2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
3) make addition of BSD_AUTH and other challenge reponse methods
easier.
- markus@cvs.openbsd.org 2001/01/18 17:12:43
[auth-chall.c auth2-chall.c]
rename *-skey.c *-chall.c since the files are not skey specific
2001-01-19 04:26:52 +00:00
bf555ba621
NOTE: This update changes the RSA key generation. *NEW RSA KEYS
...
NEED TO BE GENERATED* =) Refer to to entry "2001/01/16 19:20:06"
for more details.
20010118
- (bal) Super Sized OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
[sshd.c]
maxfd+1
- markus@cvs.openbsd.org 2001/01/13 17:59:18
[ssh-keygen.1]
small ssh-keygen manpage cleanup; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:03:07
[scp.c ssh-keygen.c sshd.c]
getopt() returns -1 not EOF; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:06:54
[ssh-keyscan.c]
use SSH_DEFAULT_PORT; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:12:47
[ssh-keyscan.c]
free() -> xfree(); fix memory leak; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:14:13
[ssh-add.c]
typo, from stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2001/01/13 18:32:50
[packet.c session.c ssh.c sshconnect.c sshd.c]
split out keepalive from packet_interactive (from dale@accentre.com )
set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
- markus@cvs.openbsd.org 2001/01/13 18:36:45
[packet.c packet.h]
reorder, typo
- markus@cvs.openbsd.org 2001/01/13 18:38:00
[auth-options.c]
fix comment
- markus@cvs.openbsd.org 2001/01/13 18:43:31
[session.c]
Wall
- markus@cvs.openbsd.org 2001/01/13 19:14:08
[clientloop.h clientloop.c ssh.c]
move callback to headerfile
- markus@cvs.openbsd.org 2001/01/15 21:40:10
[ssh.c]
use log() instead of stderr
- markus@cvs.openbsd.org 2001/01/15 21:43:51
[dh.c]
use error() not stderr!
- markus@cvs.openbsd.org 2001/01/15 21:45:29
[sftp-server.c]
rename must fail if newpath exists, debug off by default
- markus@cvs.openbsd.org 2001/01/15 21:46:38
[sftp-server.c]
readable long listing for sftp-server, ok deraadt@
- markus@cvs.openbsd.org 2001/01/16 19:20:06
[key.c ssh-rsa.c]
make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
galb@vandyke.com . note that you have to delete older ssh2-rsa keys,
since they are in the wrong format, too. they must be removed from
.ssh/authorized_keys2 and .ssh/known_hosts2, etc.
(cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
.ssh/authorized_keys2) additionally, we now check that
BN_num_bits(rsa->n) >= 768.
- markus@cvs.openbsd.org 2001/01/16 20:54:27
[sftp-server.c]
remove some statics. simpler handles; idea from nisse@lysator.liu.se
- deraadt@cvs.openbsd.org 2001/01/16 23:58:08
[bufaux.c radix.c sshconnect.h sshconnect1.c]
indent
- (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
be missing such feature.
2001-01-18 02:04:35 +00:00
d26dcf3371
20010107
...
- (bal) OpenBSD Sync
- markus@cvs.openbsd.org 2001/01/06 11:23:27
[ssh-rsa.c]
remove unused
- itojun@cvs.openbsd.org 2001/01/05 08:23:29
[ssh-keyscan.1]
missing .El
- markus@cvs.openbsd.org 2001/01/04 22:41:03
[session.c sshconnect.c]
consistent use of _PATH_BSHELL; from stevesk@pobox.com
- djm@cvs.openbsd.org 2001/01/04 22:35:32
[ssh.1 sshd.8]
Mention AES as available SSH2 Cipher; ok markus
- markus@cvs.openbsd.org 2001/01/04 22:25:58
[sshd.c]
sync usage()/man with defaults; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/04 22:21:26
[sshconnect2.c]
handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
that prints a banner (e.g. /etc/issue.net)
2001-01-06 15:18:16 +00:00
46c162204b
One way to massive patch. <sigh> It compiles and works under Linux..
...
And I think I have all the bits right from the OpenBSD tree.
20001222
- Updated RCSID for pty.c
- (bal) OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/12/21 15:10:16
[auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
- markus@cvs.openbsd.org 2000/12/20 19:26:56
[authfile.c]
allow ssh -i userkey for root
- markus@cvs.openbsd.org 2000/12/20 19:37:21
[authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
fix prototypes; from stevesk@pobox.com
- markus@cvs.openbsd.org 2000/12/20 19:32:08
[sshd.c]
init pointer to NULL; report from Jan.Ivan@cern.ch
- markus@cvs.openbsd.org 2000/12/19 23:17:54
[auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
unsigned' with u_char.
2000-12-22 01:43:59 +00:00
Damien Miller
Darren Tucker
Tim Rice
Ben Lindstrom
Kevin Steves