tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,263 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

364 Commits

Author SHA1 Message Date
Darren Tucker 4a2505445f - markus@cvs.openbsd.org 2003/10/02 10:41:59 
[sshd.c]
     print openssl version, too, several requests; ok henning/djm.
 2003-10-03 17:57:24 +10:00
Darren Tucker 8fca6b57b4 - markus@cvs.openbsd.org 2003/09/26 08:19:29 
[sshd.c]
     no need to set the listen sockets to non-block; ok deraadt@
 2003-10-02 16:18:22 +10:00
Darren Tucker 3e33cecf71 - markus@cvs.openbsd.org 2003/09/23 20:17:11 
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@
 2003-10-02 16:12:36 +10:00
Darren Tucker aaa56cb804 - markus@cvs.openbsd.org 2003/09/19 11:33:09 
[packet.c sshd.c]
     do not call packet_close on fatal; ok deraadt
 2003-09-22 21:13:59 +10:00
Damien Miller 1a0c0b9621 - markus@cvs.openbsd.org 2003/08/28 12:54:34 
[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
     [sshconnect1.c sshd.c sshd_config sshd_config.5]
     remove kerberos support from ssh1, since it has been replaced with GSSAPI;
     but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
 2003-09-02 22:51:17 +10:00
Ben Lindstrom 5ade9abc37 - (bal) redo how we handle 'mysignal()'. Move it to 
openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
   be our 'mysignal' by default.  OK djm@
 2003-08-25 01:16:21 +00:00
Damien Miller 59d3d5b8b4 - (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal 
-lbroken; ok dtucker
 2003-08-22 09:34:41 +10:00
Darren Tucker ec960f2c93 - markus@cvs.openbsd.org 2003/08/13 08:46:31 
[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
     ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
     remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
     fgsch@, miod@, henning@, jakob@ and others
 2003-08-13 20:37:05 +10:00
Darren Tucker 6aaa58c470 - (dtucker) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
 2003-08-02 22:24:49 +10:00
Darren Tucker e98dfa323e - markus@cvs.openbsd.org 2003/07/16 10:34:53 
[ssh.c sshd.c]
     don't exit on multiple -v or -d; ok deraadt@
 2003-07-19 19:54:31 +10:00
Darren Tucker fe0078ae49 - markus@cvs.openbsd.org 2003/07/14 12:36:37 
[sshd.c]
     remove undocumented -V option. would be only useful if openssh is used
     as ssh v1 server for ssh.com's ssh v2.
 2003-07-19 19:52:28 +10:00
Darren Tucker b9aa0a0baa - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] 
Convert aixloginmsg into platform-independant Buffer loginmsg.
 2003-07-08 22:59:59 +10:00
Darren Tucker 9f63f22aa0 - deraadt@cvs.openbsd.org 2003/06/28 16:23:06 
[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
     progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
     sshd.c]
     deal with typing of write vs read in atomicio
 2003-07-03 13:46:56 +10:00
Darren Tucker e53270481c - djm@cvs.openbsd.org 2003/06/28 07:48:10 
[sshd.c]
     report pidfile creation errors, based on patch from Roumen Petrov; ok markus@
 2003-07-03 13:40:44 +10:00
Darren Tucker 502d384b74 - markus@cvs.openbsd.org 2003/06/24 08:23:46 
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@, deraadt@, mouring@
 2003-06-28 12:38:01 +10:00
Damien Miller 0cbb9dea05 - (djm) Always use mysignal() for SIGALRM 2003-06-04 22:56:15 +10:00
Damien Miller 31b3a0a98f - djm@cvs.openbsd.org 2003/06/04 10:23:48 
[sshd.c]
     remove duplicated group-dropping code; ok markus@
 2003-06-04 20:32:12 +10:00
Damien Miller 61d3680aca - deraadt@cvs.openbsd.org 2003/05/29 16:58:45 
[sshd.c uidswap.c]
     seteuid and setegid; markus ok
 2003-06-02 19:09:48 +10:00
Damien Miller 5d5f054173 RCS ID sync 2003-06-02 19:08:25 +10:00
Damien Miller f2e3e9deba - (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may 
clobber
 2003-06-02 12:15:54 +10:00
Damien Miller 9155a681fd - djm@cvs.openbsd.org 2003/05/24 09:30:40 
[authfile.c monitor.c sftp-common.c sshpty.c]
     cast some types for printing; ok markus@

(missed a hunk)
 2003-05-26 21:34:36 +10:00
Damien Miller 7e1bbc55af - (djm) Remove IPv4 by default hack now that we can specify AF in config 2003-05-18 20:52:40 +10:00
Damien Miller 04cb536054 - (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv 
correctly)
 2003-05-15 21:29:10 +10:00
Damien Miller 4e448a31ae - (djm) Add new UsePAM configuration directive to allow runtime control 
over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
 2003-05-14 15:11:48 +10:00
Damien Miller 2372ace572 - markus@cvs.openbsd.org 2003/04/14 14:17:50 
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
 2003-05-14 13:42:23 +10:00
Damien Miller d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Darren Tucker c437cda328 - (dtucker) Bug #536: Test for and work around openpty/controlling tty 
problem on Linux (fixes "could not set controlling tty" errors).

Also renames STREAMS_PUSH_ACQUIRES_CTTY to the more generic SSHD_ACQUIRES_CTTY
and moves the Solaris-specific comments to configure.ac.
 2003-05-10 17:05:46 +10:00
Damien Miller 996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Damien Miller 933cc8fb9c - (djm) Bug #245: TTY problems on Solaris. Fix by stevesk@ and 
dtucker@zip.com.au
 2003-03-10 11:38:10 +11:00
Damien Miller 8e7fb33523 - markus@cvs.openbsd.org 2003/02/16 17:09:57 
[kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c]
     split kex into client and server code, no need to link
     server code into the client; ok provos@
 2003-02-24 12:03:03 +11:00
Damien Miller 180fc5b236 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/01/27 17:06:31
     [sshd.c]
     more specific error message when /var/empty has wrong permissions;
     bug #46, map@appgate.com; ok henning@, provos@, stevesk@
 2003-02-24 11:50:18 +11:00
Damien Miller a8ed44b79e - (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More 
systems may be added later.
 2003-01-10 09:53:12 +11:00
Ben Lindstrom c2faa4a504 - markus@cvs.openbsd.org 2002/11/07 16:28:47 
[sshd.c]
     log to stderr if -ie is given, bug #414, prj@po.cwru.edu
 2002-11-09 15:50:03 +00:00
Damien Miller e9264973ad - (djm) OpenBSD CVS Sync 
- mickey@cvs.openbsd.org 2002/09/27 10:42:09
     [compat.c compat.h sshd.c]
     add a generic match for a prober, such as sie big brother;
     idea from stevesk@; markus@ ok
 2002-09-30 11:59:21 +10:00
Damien Miller d27a76de65 - markus@cvs.openbsd.org 2002/09/25 15:19:02 
[sshd.c]
     typo; pilot@monkey.org
 2002-09-27 13:22:31 +10:00
Tim Rice 81ed518b9b Cray fixes (bug 367) based on patch from Wendy Palm @ cray. 
This does not include the deattack.c fixes.
 2002-09-25 17:38:46 -07:00
Damien Miller e1383cee9d - stevesk@cvs.openbsd.org 2002/09/13 19:23:09 
[channels.c sshconnect.c sshd.c]
     remove use of SO_LINGER, it should not be needed. error check
     SO_REUSEADDR. fixup comments. ok markus@
 2002-09-19 11:49:37 +10:00
Ben Lindstrom 41daec7538 - stevesk@cvs.openbsd.org 2002/07/23 16:03:10 
[sshd.c]
     utmp_len is unsigned; display error consistent with other options.
     ok markus@
 2002-07-23 21:15:13 +00:00
Ben Lindstrom 264ee307a8 - markus@cvs.openbsd.org 2002/07/19 15:43:33 
[log.c log.h session.c sshd.c]
     remove fatal cleanups after fork; based on discussions with and code
     from solar.
 2002-07-23 21:01:56 +00:00
Ben Lindstrom 232ccf7754 - (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync 
with Cray (mostly #ifdef renaming).  Patch by wendyp@cray.com.
 2002-07-22 23:34:25 +00:00
Tim Rice 9dd30817ef [acconfig.h configure.ac sshd.c] s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/ 2002-07-07 13:43:36 -07:00
Ben Lindstrom a962c2fb35 - deraadt@cvs.openbsd.org 2002/06/30 21:59:45 
[auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
      monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
      sshconnect2.c sshd.c]
     minor KNF
 2002-07-04 00:14:17 +00:00
Ben Lindstrom 5a9d0eaba6 - deraadt@cvs.openbsd.org 2002/06/30 21:54:16 
[auth2.c session.c sshd.c]
     lint asks that we use names that do not overlap
 2002-07-04 00:12:53 +00:00
Ben Lindstrom 810af968b8 - deraadt@cvs.openbsd.org 2002/06/28 23:05:06 
[sshd.c]
     gidset[2] -> gidset[1]; markus ok
 2002-07-04 00:11:40 +00:00
Ben Lindstrom fbbfa8422f - deraadt@cvs.openbsd.org 2002/06/28 10:08:25 
[sshd.c]
     range check -u option at invocation
 2002-07-04 00:10:34 +00:00
Ben Lindstrom 596273516c - (bal) Cygwin uid0 fix by vinschen@redhat.com 2002-06-27 18:02:21 +00:00
Ben Lindstrom fbcc3f71f2 - markus@cvs.openbsd.org 2002/06/25 18:51:04 
[sshd.c]
     lightweight do_setusercontext after chroot()
 2002-06-25 23:24:18 +00:00
Tim Rice 8eff319298 [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus 
for Cygwin, Cray, & SCO
 2002-06-25 15:35:15 -07:00
Ben Lindstrom 822b634099 - deraadt@cvs.openbsd.org 2002/06/23 10:29:52 
[ssh-agent.c sshd.c]
     some minor KNF and %u
 2002-06-23 21:38:49 +00:00
Ben Lindstrom 5c3855210e - deraadt@cvs.openbsd.org 2002/06/23 03:30:58 
[scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
      sshpty.c]
     various KNF and %d for unsigned
 2002-06-23 21:23:20 +00:00
Ben Lindstrom 57f08005d3 - stevesk@cvs.openbsd.org 2002/06/22 20:05:27 
[sshd.c]
     don't call setsid() if debugging or run from inetd; no "Operation not
     permitted" errors now; ok millert@ markus@
 2002-06-23 00:37:10 +00:00
Ben Lindstrom 2dfacb3d40 - stevesk@cvs.openbsd.org 2002/06/22 16:40:19 
[sshd.c]
     check /var/empty owner mode; ok provos@
 2002-06-23 00:33:47 +00:00
Ben Lindstrom 23e0f667f8 - markus@cvs.openbsd.org 2002/06/20 23:05:56 
[servconf.c servconf.h session.c sshd.c]
     allow Compression=yes/no in sshd_config
 2002-06-21 01:09:47 +00:00
Ben Lindstrom 837461bf9a - (bal) Build noop setgroups() for cygwin to clean up code (For other 
platforms without the setgroups() requirement, you MUST define
   SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com
 2002-06-12 16:57:14 +00:00
Ben Lindstrom ce0f634270 - mpech@cvs.openbsd.org 2002/06/11 05:46:20 
[auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
     pid_t cleanup. Markus need this now to keep hacking.
     markus@, millert@ ok
 2002-06-11 16:42:49 +00:00
Ben Lindstrom a26ea63f8a - markus@cvs.openbsd.org 2002/05/29 11:21:57 
[sshd.c]
     don't start if privsep is enabled and SSH_PRIVSEP_USER or
     _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
 2002-06-06 20:46:25 +00:00
Ben Lindstrom f666fec2d5 - deraadt@cvs.openbsd.org 2002/05/22 23:18:25 
[ssh.c sshd.c]
     spelling; abishoff@arc.nasa.gov
 2002-06-06 19:51:58 +00:00
Kevin Steves bc5bb55755 - (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups() 2002-05-21 17:59:13 +00:00
Kevin Steves c5041acef3 - (stevesk) [sshd.c] bug 245; disable setsid() for now 2002-05-21 17:50:21 +00:00
Ben Lindstrom 7339b2a278 - mouring@cvs.openbsd.org 2002/05/15 15:47:49 
[kex.c monitor.c monitor_wrap.c sshd.c]
     'monitor' variable clashes with at least one lame platform (NeXT).  i
     Renamed to 'pmonitor'.  provos@
 - (bal) Fixed up PAM case.  I think.
 2002-05-15 16:25:01 +00:00
Ben Lindstrom 17401b6b77 - millert@cvs.openbsd.org 2002/05/13 15:53:19 
[sshd.c]
     Call setsid() in the child after sshd accepts the connection and forks.
     This is needed for privsep which calls setlogin() when it changes uids.
     Without this, there is a race where the login name of an existing
     connection, as returned by getlogin(), may be changed to the privsep
     user (sshd).  markus@ OK
 2002-05-15 16:17:56 +00:00
Damien Miller 87aea25f1a - (djm) Try to drop supplemental groups at daemon startup. Patch from 
RedHat
 2002-05-10 12:20:24 +10:00
Kevin Steves 0ea1d9d1f2 - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26 
support.  bug #184.  most from dcole@keysoftsys.com.
 2002-04-25 18:17:04 +00:00
Damien Miller 0150c65830 - djm@cvs.openbsd.org 2002/04/23 22:16:29 
[sshd.c]
     Improve error message; ok markus@ stevesk@
 2002-04-24 09:49:09 +10:00
Ben Lindstrom 47fd8112b5 - markus@cvs.openbsd.org 2002/03/30 18:51:15 
[monitor.c serverloop.c sftp-int.c sftp.c sshd.c]
     check waitpid for EINTR; based on patch from peter@ifm.liu.se
 2002-04-02 20:48:19 +00:00
Ben Lindstrom f90f58d846 - stevesk@cvs.openbsd.org 2002/03/23 20:57:26 
[sshd.c]
     setproctitle() after preauth child; ok markus@
 2002-03-26 01:53:03 +00:00
Ben Lindstrom 943481cc77 - markus@cvs.openbsd.org 2002/03/21 21:23:34 
[sshd.c]
     add privsep_preauth() and remove 1 goto; ok provos@
 2002-03-22 03:43:46 +00:00
Ben Lindstrom 1ee9ec32a3 - markus@cvs.openbsd.org 2002/03/21 10:21:20 
[ssh-add.c]
     ignore errors for nonexisting default keys in ssh-add,
     fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
 2002-03-22 03:14:45 +00:00
Ben Lindstrom c743134191 - stevesk@cvs.openbsd.org 2002/03/20 19:12:25 
[servconf.c servconf.h ssh.h sshd.c]
     for unprivileged user, group do:
     pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw).  ok provos@
 2002-03-22 03:11:49 +00:00
Ben Lindstrom 6328ab3989 - markus@cvs.openbsd.org 2002/03/19 10:49:35 
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
      sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
      ttymodes.c]
     KNF whitespace
 2002-03-22 02:54:23 +00:00
Ben Lindstrom 08105192fd - markus@cvs.openbsd.org 2002/03/19 10:35:39 
[auth-options.c auth.h session.c session.h sshd.c]
     clean up prototypes
 2002-03-22 02:50:06 +00:00
Ben Lindstrom 7a7edf77ed - stevesk@cvs.openbsd.org 2002/03/19 03:03:43 
[pathnames.h servconf.c servconf.h sshd.c]
     _PATH_PRIVSEP_CHROOT_DIR; ok provos@
 2002-03-22 02:42:37 +00:00
Ben Lindstrom 7a2073c50b - provos@cvs.openbsd.org 2002/03/18 17:50:31 
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
      auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
      session.h servconf.h serverloop.c session.c sshd.c]
     integrate privilege separated openssh; its turned off by default for now.
     work done by me and markus@

applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =)  Later project!
 2002-03-22 02:30:41 +00:00
Ben Lindstrom 73ab9ba45d - provos@cvs.openbsd.org 2002/03/18 01:12:14 
[auth.h auth1.c auth2.c sshd.c]
     have the authentication functions return the authentication context
     and then do_authenticated; okay millert@
 2002-03-22 01:27:35 +00:00
Ben Lindstrom abcb145b38 - markus@cvs.openbsd.org 2002/03/14 16:38:26 
[sshd.c]
     split out ssh1 session key decryption; ok provos@
 2002-03-22 01:10:21 +00:00
Damien Miller 3a5b023330 Stupid djm commits experimental code to head instead of branch 
revert
 2002-03-13 13:19:42 +11:00
Damien Miller 646e7cf3d7 Import of Niels Provos' 20020312 ssh-complete.diff 
PAM, Cygwin and OSF SIA will not work for sure
 2002-03-13 12:47:54 +11:00
Ben Lindstrom 733a2351f5 - stevesk@cvs.openbsd.org 2002/02/27 21:23:13 
[canohost.c channels.c packet.c sshd.c]
     remove unneeded casts in [gs]etsockopt(); ok markus@
 2002-03-05 01:31:28 +00:00
Ben Lindstrom 13c5d3b370 - stevesk@cvs.openbsd.org 2002/02/24 16:09:52 
[sshd.c]
     use u_char* here; ok markus@
 2002-02-26 18:00:48 +00:00
Damien Miller 6a47f30c55 - markus@cvs.openbsd.org 2002/02/11 16:19:39 
[sshd.c]
     include md5.h not hmac.h
 2002-02-13 13:55:06 +11:00
Damien Miller 654c03fd06 - markus@cvs.openbsd.org 2002/02/11 16:17:55 
[sshd.c]
     do not complain about port > 1024 if rhosts-auth is disabled
 2002-02-13 13:54:44 +11:00
Damien Miller 5aa5d78e40 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2002/02/04 12:15:25
     [sshd.c]
     add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
     fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
 2002-02-08 22:01:54 +11:00
Damien Miller 0e3b87279c - markus@cvs.openbsd.org 2002/01/13 17:57:37 
[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
     use buffer API and avoid static strings of fixed size; ok provos@/mouring@
 2002-01-22 23:26:38 +11:00
Damien Miller dff5099f13 - markus@cvs.openbsd.org 2001/12/28 14:50:54 
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
     packet_read* no longer return the packet length, since it's not used.
 2002-01-22 23:16:32 +11:00
Damien Miller d432ccf740 - markus@cvs.openbsd.org 2001/12/28 13:57:33 
[auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
     packet_get_bignum* no longer returns a size
 2002-01-22 23:14:44 +11:00
Damien Miller 48b03fc546 - markus@cvs.openbsd.org 2001/12/27 20:39:58 
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
 2002-01-22 23:11:40 +11:00
Damien Miller 66823cddbe - markus@cvs.openbsd.org 2001/12/27 20:39:58 
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
 2002-01-22 23:11:38 +11:00
Damien Miller da7551677b - markus@cvs.openbsd.org 2001/12/27 18:22:16 
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
     call fatal() for openssl allocation failures
 2002-01-22 23:09:22 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
 2001-12-21 14:45:46 +11:00
Damien Miller 72c336def6 - stevesk@cvs.openbsd.org 2001/12/10 16:45:04 
[sshd.c]
     possible fd leak on error; ok markus@
 2001-12-21 12:44:28 +11:00
Ben Lindstrom ade03f6bad - markus@cvs.openbsd.org 2001/12/06 13:30:06 
[servconf.c servconf.h sshd.8 sshd.c]
     add -o to sshd, too. ok deraadt@
 - (bal) Minor white space fix up in servconf.c
 2001-12-06 18:22:17 +00:00
Ben Lindstrom 1c37c6a518 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12 
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
      key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
      sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
     minor KNF
 2001-12-06 18:00:18 +00:00
Ben Lindstrom f8f065bc75 - itojun@cvs.openbsd.org 2001/12/05 03:50:01 
[clientloop.c serverloop.c sshd.c]
     deal with LP64 printf issue with sig_atomic_t.  from thorpej
 2001-12-06 17:52:16 +00:00
Ben Lindstrom 5e71c54b8c - markus@cvs.openbsd.org 2001/11/22 12:34:22 
[clientloop.c serverloop.c sshd.c]
     volatile sig_atomic_t
 2001-12-06 16:48:14 +00:00
Ben Lindstrom d84df989db - markus@cvs.openbsd.org 2001/11/19 11:20:21 
[sshd.c]
     fd leak on HUP; ok stevesk@
 2001-12-06 16:35:40 +00:00
Ben Lindstrom 0795848def - deraadt@cvs.openbsd.org 2001/11/14 20:45:08 
[sshd.c]
     errno saving wrapping in a signal handler
 2001-12-06 16:19:01 +00:00
Damien Miller 6a4a4b9290 - markus@cvs.openbsd.org 2001/11/10 13:19:45 
[sshd.c]
     cleanup libwrap support (remove bogus comment, bogus close(), add debug, etc).
 2001-11-12 11:07:11 +11:00
Damien Miller e4a0ff4748 - markus@cvs.openbsd.org 2001/11/09 19:08:35 
[sshd.c]
     remove extra trailing dot from log message; pilot@naughty.monkey.org
 2001-11-12 11:06:54 +11:00
Damien Miller 00b61645eb - markus@cvs.openbsd.org 2001/10/24 08:41:41 
[sshd.c]
     mention remote port in debug message
 2001-11-12 10:51:23 +11:00
Ben Lindstrom 1bae404457 - stevesk@cvs.openbsd.org 2001/10/02 22:56:09 
[sshd.c]
     #include "channels.h" for channel_set_af()
 2001-10-03 17:46:39 +00:00
Ben Lindstrom 908afed17f - markus@cvs.openbsd.org 2001/10/01 21:38:53 
[channels.c channels.h ssh.c sshd.c]
     remove ugliness; vp@drexel.edu via angelos
 2001-10-03 17:34:59 +00:00
Damien Miller ffbe69890d - (djm) Revert setgroups call, it causes problems on OS-X 2001-09-18 14:03:03 +10:00
Damien Miller ebf989e601 - (djm) Clear supplemental groups at sshd start to prevent them from 
being propogated to random PAM modules. Based on patch from Redhat via
   Pekka Savola <pekkas@netcore.fi>
 2001-09-15 21:12:49 +10:00
Ben Lindstrom ce89dacda8 - camield@cvs.openbsd.org 2001/08/23 17:59:31 
[sshd.c]
     end request with 0, not NULL
     ok markus@
 2001-09-12 16:58:04 +00:00
Ben Lindstrom 6db66ff387 - (bal) Second around of UNICOS patches. A few other things left. 
Patches by William L. Jones <jones@mail.utexas.edu>
 2001-08-06 23:29:16 +00:00
Ben Lindstrom 794325ac7a - stevesk@cvs.openbsd.org 2001/07/26 17:18:22 
[sshd.8 sshd.c]
     add -t option to test configuration file and keys; pekkas@netcore.fi
     ok markus@
 2001-08-06 21:09:07 +00:00
Ben Lindstrom ec95ed9b4c - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
      servconf.c servconf.h session.c sshconnect1.c sshd.c]
     Kerberos v5 support for SSH1, mostly from Assar Westerlund
     <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
 2001-07-04 04:21:14 +00:00
Ben Lindstrom 980978639c - markus@cvs.openbsd.org 2001/06/23 19:12:43 
[sshd.c]
     pidfile/sigterm race; bbraun@synack.net
 2001-06-25 05:10:20 +00:00
Ben Lindstrom bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20 
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
 2001-06-25 05:01:22 +00:00
Ben Lindstrom ec46e0b5fd - markus@cvs.openbsd.org 2001/06/04 23:07:21 
[clientloop.c serverloop.c sshd.c]
     set flags in the signal handlers, do real work in the main loop,
     ok provos@
 2001-06-09 01:27:31 +00:00
Ben Lindstrom 80c6d77085 - markus@cvs.openbsd.org 2001/05/28 23:58:35 
[packet.c packet.h sshconnect.c sshd.c]
     remove some lines, simplify.
 2001-06-05 21:09:18 +00:00
Ben Lindstrom 1bda4c835e - stevesk@cvs.openbsd.org 2001/05/19 19:43:57 
[misc.c misc.h servconf.c sshd.8 sshd.c]
     sshd command-line arguments and configuration file options that
     specify time may be expressed using a sequence of the form:
     time[qualifier], where time is a positive integer value and qualifier
     is one of the following:
         <none>,s,m,h,d,w
     Examples:
         600     600 seconds (10 minutes)
         10m     10 minutes
         1h30m   1 hour 30 minutes (90 minutes)
     ok markus@
 2001-06-05 19:59:08 +00:00
Ben Lindstrom 551ea37576 - markus@cvs.openbsd.org 2001/05/18 14:13:29 
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
      readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
     improved kbd-interactive support. work by per@appgate.com and me
 2001-06-05 18:56:16 +00:00
Ben Lindstrom 15f33866a6 - markus@cvs.openbsd.org 2001/04/15 16:58:03 
[authfile.c ssh-keygen.c sshd.c]
     don't use errno for key_{load,save}_private; discussion w/ solar@openwall
 2001-04-16 02:00:02 +00:00
Ben Lindstrom 206941fdd8 - markus@cvs.openbsd.org 2001/04/15 08:43:47 
[dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
     some unused variable and typos; from tomh@po.crl.go.jp
 2001-04-15 14:27:16 +00:00
Ben Lindstrom 19066a112b - stevesk@cvs.openbsd.org 2001/04/12 20:09:38 
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
     robust port validation; ok markus@ jakob@
 2001-04-12 23:39:26 +00:00
Ben Lindstrom 9fce9f02e8 - lebel@cvs.openbsd.org 2001/04/11 16:25:30 
[sshd.8 sshd.c]
     implement the -e option into sshd:
      -e      When this option is specified, sshd will send the output to the
              standard error instead of the system log.
     markus@ OK.
 2001-04-11 23:10:09 +00:00
Ben Lindstrom a3700050ec - markus@cvs.openbsd.org 2001/04/05 10:42:57 
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
      mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
      sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
      sshconnect2.c sshd.c]
     fix whitespace: unexpand + trailing spaces.
 2001-04-05 23:26:32 +00:00
Ben Lindstrom be2cc43c3a - markus@cvs.openbsd.org 2001/04/04 20:25:38 
[channels.c channels.h clientloop.c kex.c kex.h serverloop.c
      sshconnect2.c sshd.c]
     more robust rekeying
     don't send channel data after rekeying is started.
 2001-04-04 23:46:07 +00:00
Ben Lindstrom 8ac9106c3d - markus@cvs.openbsd.org 2001/04/04 14:34:58 
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
     enable server side rekeying + some rekey related clientup.
     todo: we should not send any non-KEX messages after we send KEXINIT
 2001-04-04 17:57:54 +00:00
Ben Lindstrom 238abf6a14 - markus@cvs.openbsd.org 2001/04/04 09:48:35 
[kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c]
     don't sent multiple kexinit-requests.
     send newkeys, block while waiting for newkeys.
     fix comments.
 2001-04-04 17:52:53 +00:00
Ben Lindstrom 2d90e00309 - markus@cvs.openbsd.org 2001/04/03 23:32:12 
[kex.c kex.h packet.c sshconnect2.c sshd.c]
     undo parts of recent my changes: main part of keyexchange does not
     need dispatch-callbacks, since application data is delayed until
     the keyexchange completes (if i understand the drafts correctly).
     add some infrastructure for re-keying.
 2001-04-04 02:00:54 +00:00
Ben Lindstrom 20d7c7b02c - markus@cvs.openbsd.org 2001/04/03 19:53:29 
[dh.c dh.h kex.c kex.h sshconnect2.c sshd.c]
     move kex to kex*.c, used dispatch_set() callbacks for kex. should
     make rekeying easier.
 2001-04-04 01:56:17 +00:00
Damien Miller ff75ac4d68 - OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2001/03/29 23:42:01
     [sshd.c]
     Protocol 1 key regeneration log => verbose, some KNF; ok markus@
 2001-03-30 10:50:32 +10:00
Damien Miller a0ff466d80 - OpenBSD CVS Sync 
- stevesk@cvs.openbsd.org 2001/03/29 21:06:21
     [sshconnect2.c sshd.c]
     need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
 2001-03-30 10:49:35 +10:00
Damien Miller 2557bfc5d7 - (djm) OpenBSD CVS Sync 
- provos@cvs.openbsd.org 2001/03/28 21:59:41
     [kex.c kex.h sshconnect2.c sshd.c]
     forgot to include min and max params in hash, okay markus@
 2001-03-30 10:47:14 +10:00
Ben Lindstrom 7de696e798 - markus@cvs.openbsd.org 2001/03/28 20:50:45 
[sshd.c]
     call refuse() before close(); from olemx@ans.pl
 2001-03-29 00:45:12 +00:00
Ben Lindstrom df221391e6 - provos@cvs.openbsd.org 2001/03/27 17:46:50 
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
     make dh group exchange more flexible, allow min and max group size,
     okay markus@, deraadt@
 2001-03-29 00:36:16 +00:00
Ben Lindstrom 425fb02f20 - markus@cvs.openbsd.org 2001/03/27 10:34:08 
[ssh-rsa.c sshd.c]
     use EVP_get_digestbynid, reorder some calls and fix missing free.
 2001-03-29 00:31:20 +00:00
Ben Lindstrom d0fca423fc - markus@cvs.openbsd.org 2001/03/26 08:07:09 
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
      sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
     simpler key load/save interface, see authfile.h
 2001-03-26 13:44:06 +00:00
Ben Lindstrom de71cda078 - markus@cvs.openbsd.org 2001/03/23 14:28:32 
[session.c sshd.c]
     ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
 2001-03-24 00:43:26 +00:00
Ben Lindstrom c8530c7f5c - djm@cvs.openbsd.org 2001/03/23 11:04:07 
[compat.c compat.h sshconnect2.c sshd.c]
     Compat for OpenSSH with broken Rijndael/AES. ok markus@
 2001-03-24 00:35:19 +00:00
Ben Lindstrom 69d8c077d4 - deraadt@cvs.openbsd.org 2001/03/22 20:22:55 
[sshd.c]
     do not place linefeeds in buffer
 2001-03-22 22:45:33 +00:00
Damien Miller 27dbe6f37e - deraadt@cvs.openbsd.org 2001/03/18 23:30:55 
[compat.c compat.h sshd.c]
     specifically version match on ssh scanners.  do not log scan
     information to the console
 2001-03-19 22:36:20 +11:00
Damien Miller 60bc517356 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to 
do it implicitly.
 2001-03-19 09:38:15 +11:00
Ben Lindstrom ca42d5fb7f - deraadt@cvs.openbsd.org 2001/03/09 12:30:29 
[sshd.c]
     typo; slade@shore.net
 2001-03-09 18:25:32 +00:00
Ben Lindstrom 4c4f05e096 - markus@cvs.openbsd.org 2001/03/05 17:17:21 
[kex.c kex.h sshconnect2.c sshd.c]
     generate a 2*need size (~300 instead of 1024/2048) random private
     exponent during the DH key agreement. according to Niels (the great
     german advisor) this is safe since /etc/primes contains strong
     primes only.

     References:
             P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
             agreement with short exponents, In Advances in Cryptology
             - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
 2001-03-06 01:09:20 +00:00
Ben Lindstrom 6df8ef4196 - millert@cvs.openbsd.org 2001/03/04 17:42:28 
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
      ssh.c sshconnect.c sshd.c]
     log functions should not be passed strings that end in newline as they
     get passed on to syslog() and when logging to stderr, do_log() appends
     its own newline.
 2001-03-05 07:47:23 +00:00
Ben Lindstrom 9c5324422e - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c 2001-03-05 07:33:14 +00:00
Ben Lindstrom 941ac82e16 - markus@cvs.openbsd.org 2001/02/28 21:21:41 
[sshd.c]
     generate a fake session id, too
 2001-03-05 06:25:23 +00:00
Ben Lindstrom eb648a749b - markus@cvs.openbsd.org 2001/02/23 18:15:13 
[sshd.c]
     the random session key depends now on the session_key_int
     sent by the 'attacker'
             dig1 = md5(cookie|session_key_int);
             dig2 = md5(dig1|cookie|session_key_int);
             fake_session_key = dig1|dig2;
     this change is caused by a mail from anakin@pobox.com
     patch based on discussions with my german advisor niels@openbsd.org
 2001-03-05 06:00:29 +00:00
Ben Lindstrom a9a29e1bed - deraadt@cvs.openbsd.org 2001/02/19 23:09:05 
[sshd.c]
     clarify message to make it not mention "ident"
 2001-02-20 01:20:47 +00:00
Ben Lindstrom d95c09cc83 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and 
pty.[ch] -> sshpty.[ch]
 2001-02-18 19:13:33 +00:00
Damien Miller 0a4e27d583 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz 
Miskiewicz <misiek@pld.ORG.PL>
 2001-02-18 12:36:39 +11:00
Ben Lindstrom 5393f9360d - markus@cvs.openbsd.org 2001/02/12 23:26:20 
[sshd.c]
    missing memset; from solar@openwall.com
 2001-02-15 03:17:13 +00:00
Ben Lindstrom 06b33aa0e8 - markus@cvs.openbsd.org 2001/02/11 12:59:25 
[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@
 2001-02-15 03:01:59 +00:00
Ben Lindstrom f79aeffe3b - markus@cvs.openbsd.org 2001/02/07 22:35:46 
[auth1.c auth2.c sshd.c]
     move k_setpag() to a central place; ok dugsong@
 2001-02-10 21:27:11 +00:00
Ben Lindstrom 31ca54aa86 - itojun@cvs.openbsd.org 2001/02/08 19:30:52 
sync with netbsd tree changes.
     - more strict prototypes, include necessary headers
     - use paths.h/pathnames.h decls
     - size_t typecase to int -> u_long
 2001-02-09 02:11:24 +00:00
Kevin Steves adf74cdeca - deraadt@cvs.openbsd.org 2001/02/04 16:56:23 
[scp.c sshd.c]
     alpha happiness
   - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
     [sshd.c]
     precedence; ok markus@
    - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
     [ssh.c sshd.c]
     make the alpha happy
 2001-02-05 14:22:50 +00:00
Kevin Steves ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
 2001-02-05 12:42:17 +00:00