openssh-portable

Commit Graph

Author	SHA1	Message	Date
Darren Tucker	3c78c5ed2f	- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c] Change AFS symbol to USE_AFS to prevent namespace collisions, do not include kafs.h unless necessary. From deengert at anl.gov. For consistency, all of the libkafs bits are now inside "#if defined(KRB5) && defined(USE_AFS)".	2004-01-23 22:03:10 +11:00
Darren Tucker	409cb328c1	- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c] Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@	2004-01-05 22:36:51 +11:00
Darren Tucker	22ef508754	- jakob@cvs.openbsd.org 2003/12/23 16:12:10 [servconf.c servconf.h session.c sshd_config] implement KerberosGetAFSToken server option. ok markus@, beck@	2003-12-31 11:37:34 +11:00
Damien Miller	12c150e7e0	- markus@cvs.openbsd.org 2003/12/09 21:53:37 [readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1] [ssh_config.5 sshconnect.c sshd.c sshd_config.5] rename keepalive to tcpkeepalive; the old name causes too much confusion; ok djm, dtucker; with help from jmc@	2003-12-17 16:31:10 +11:00
Darren Tucker	a49d36e7b9	- markus@cvs.openbsd.org 2003/09/29 20:19:57 [servconf.c sshd_config] GSSAPICleanupCreds -> GSSAPICleanupCredentials	2003-10-02 16:20:54 +10:00
Damien Miller	5c3a55846a	- (djm) Sync with V_3_7 branch: - (djm) Fix SSH1 challenge kludge - (djm) Bug #671: Fix builds on OpenBSD - (djm) Bug #676: Fix PAM stack corruption - (djm) Fix bad free() in PAM code - (djm) Don't call pam_end before pam_init - (djm) Enable build with old OpenSSL again - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	2003-09-23 22:12:38 +10:00
Damien Miller	fb10e9abe8	- markus@cvs.openbsd.org 2003/09/01 18:15:50 [readconf.c readconf.h servconf.c servconf.h ssh.c] remove unused kerberos code; ok henning@	2003-09-02 22:58:22 +10:00
Damien Miller	1a0c0b9621	- markus@cvs.openbsd.org 2003/08/28 12:54:34 [auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5] [sshconnect1.c sshd.c sshd_config sshd_config.5] remove kerberos support from ssh1, since it has been replaced with GSSAPI; but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...	2003-09-02 22:51:17 +10:00
Darren Tucker	0efd155c3c	- markus@cvs.openbsd.org 2003/08/22 10:56:09 [auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.	2003-08-26 11:49:55 +10:00
Damien Miller	30912f7259	- (djm) Bug #629 : Mark ssh_config option "pamauthenticationviakbdint" as deprecated. Remove mention from README.privsep. Patch from aet AT cc.hut.fi	2003-08-26 10:48:14 +10:00
Darren Tucker	ec960f2c93	- markus@cvs.openbsd.org 2003/08/13 08:46:31 [auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5] remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@, fgsch@, miod@, henning@, jakob@ and others	2003-08-13 20:37:05 +10:00
Darren Tucker	6aaa58c470	- (dtucker) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/07/22 13:35:22 [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h] remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1); test+ok henning@ - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support. - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files. I hope I got this right....	2003-08-02 22:24:49 +10:00
Damien Miller	865173ee03	- (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from simon@sxw.org.uk (Also matches a change in OpenBSD a while ago)	2003-06-04 19:06:59 +10:00
Damien Miller	3a961dc0d3	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/06/02 09:17:34 [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ - (djm) Fix portable-specific uses of verify_reverse_mapping too	2003-06-03 10:25:48 +10:00
Damien Miller	6ac2c48a19	- (djm) Add warning for UsePAM when built without PAM support	2003-05-16 11:42:35 +10:00
Damien Miller	f9b3feb847	- jakob@cvs.openbsd.org 2003/05/15 14:02:47 [readconf.c servconf.c] warn for unsupported config option. ok markus@	2003-05-16 11:38:32 +10:00
Damien Miller	156cbe8c67	- (djm) Enable UsePAM when built --with-pam	2003-05-15 14:16:41 +10:00
Damien Miller	d248b5bd1b	- jakob@cvs.openbsd.org 2003/05/15 04:08:44 [readconf.c servconf.c] disable kerberos when not supported. ok markus@	2003-05-15 14:15:23 +10:00
Damien Miller	2aa0ab463f	- jakob@cvs.openbsd.org 2003/05/15 01:48:10 [readconf.c readconf.h servconf.c servconf.h] always parse kerberos options. ok djm@ markus@ - (djm) Always parse UsePAM	2003-05-15 12:05:28 +10:00
Damien Miller	4e448a31ae	- (djm) Add new UsePAM configuration directive to allow runtime control over usage of PAM. This allows non-root use of sshd when built with --with-pam	2003-05-14 15:11:48 +10:00
Damien Miller	d558092522	- (djm) RCSID sync w/ OpenBSD	2003-05-14 13:40:06 +10:00
Damien Miller	996acd2476	* empty log message *	2003-04-09 20:59:48 +10:00
Damien Miller	9f82c8fa4f	- markus@cvs.openbsd.org 2003/02/21 09:05:53 [servconf.c] print sshd_config filename in debug2 mode.	2003-02-24 12:04:33 +11:00
Damien Miller	c13486300d	- (djm) OpenBSD CVS Sync - stevesk@cvs.openbsd.org 2002/09/04 18:52:42 [servconf.c sshd.8 sshd_config.5] default LoginGraceTime to 2m; 1m may be too short for slow systems. ok markus@	2002-09-05 14:35:14 +10:00
Damien Miller	f771ab75f0	- stevesk@cvs.openbsd.org 2002/08/21 19:38:06 [servconf.c sshd.8 sshd_config sshd_config.5] change LoginGraceTime default to 1 minute; ok mouring@ markus@	2002-09-04 16:25:52 +10:00
Ben Lindstrom	5d860f02ca	- markus@cvs.openbsd.org 2002/07/30 17:03:55 [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5] add PermitUserEnvironment (off by default!); from dot@dotat.at; ok provos, deraadt	2002-08-01 01:28:38 +00:00
Tim Rice	40017b0e7a	(bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c openbsd-compat/Makefile.in] support compression on platforms that have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c Based on patch from nalin@redhat.com of code extracted from Owl's package	2002-07-14 13:36:49 -07:00
Ben Lindstrom	6b0c96ab59	- (bal) if mmap() is substandard, don't allow compression on server side. Post 'event' we will add more options.	2002-06-25 03:22:03 +00:00
Ben Lindstrom	e135363422	- deraadt@cvs.openbsd.org 2002/06/23 09:46:51 [bufaux.c servconf.c] minor KNF. things the fingers do while you read	2002-06-23 21:29:23 +00:00
Damien Miller	4903eb4b74	- (djm) Warn and disable compression on platforms which can't handle both useprivilegeseparation=yes and compression=yes	2002-06-21 16:20:44 +10:00
Ben Lindstrom	23e0f667f8	- markus@cvs.openbsd.org 2002/06/20 23:05:56 [servconf.c servconf.h session.c sshd.c] allow Compression=yes/no in sshd_config	2002-06-21 01:09:47 +00:00
Ben Lindstrom	fb62a69488	- markus@cvs.openbsd.org 2002/05/15 21:56:38 [servconf.c sshd.8 sshd_config] re-enable privsep and disable setuid for post-3.2.2	2002-06-06 19:47:11 +00:00
Ben Lindstrom	c5c15dde32	- markus@cvs.openbsd.org 2002/05/15 21:02:53 [servconf.c sshd.8 sshd_config] disable privsep and enable setuid for the 3.2.2 release	2002-05-15 21:37:34 +00:00
Ben Lindstrom	bb2ce36d4d	- deraadt@cvs.openbsd.org 2002/05/04 02:39:35 [servconf.c sshd.8 sshd_config] enable privsep by default; provos ok (historical)	2002-05-15 21:35:43 +00:00
Damien Miller	d7de14b6ad	- markus@cvs.openbsd.org 2002/04/22 16:16:53 [servconf.c sshd.8 sshd_config] do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@	2002-04-23 21:04:51 +10:00
Damien Miller	e4ccf100e0	- (djm) OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2002/04/20 09:02:03 [servconf.c] No, afs requires explicit enabling	2002-04-23 20:40:28 +10:00
Damien Miller	fd4c9eee25	- (djm) Add KrbV support patch from Simon Wilkinson <simon@sxw.org.uk>	2002-04-13 11:04:40 +10:00
Ben Lindstrom	c743134191	- stevesk@cvs.openbsd.org 2002/03/20 19:12:25 [servconf.c servconf.h ssh.h sshd.c] for unprivileged user, group do: pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@	2002-03-22 03:11:49 +00:00
Ben Lindstrom	7a7edf77ed	- stevesk@cvs.openbsd.org 2002/03/19 03:03:43 [pathnames.h servconf.c servconf.h sshd.c] _PATH_PRIVSEP_CHROOT_DIR; ok provos@	2002-03-22 02:42:37 +00:00
Ben Lindstrom	01426a67c8	- stevesk@cvs.openbsd.org 2002/03/18 23:52:51 [servconf.c] UnprivUser/UnprivGroup usable now--specify numeric user/group; ok provos@	2002-03-22 02:40:03 +00:00
Ben Lindstrom	7a2073c50b	- provos@cvs.openbsd.org 2002/03/18 17:50:31 [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!	2002-03-22 02:30:41 +00:00
Damien Miller	3a5b023330	Stupid djm commits experimental code to head instead of branch revert	2002-03-13 13:19:42 +11:00
Damien Miller	646e7cf3d7	Import of Niels Provos' 20020312 ssh-complete.diff PAM, Cygwin and OSF SIA will not work for sure	2002-03-13 12:47:54 +11:00
Damien Miller	fcd9320440	- markus@cvs.openbsd.org 2002/02/04 12:15:25 [log.c log.h readconf.c servconf.c] add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@	2002-02-05 12:26:34 +11:00
Damien Miller	c5d8635d6a	- markus@cvs.openbsd.org 2002/01/29 14:32:03 [auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config] s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@	2002-02-05 12:13:41 +11:00
Damien Miller	95c249ff47	- stevesk@cvs.openbsd.org 2002/01/27 14:57:46 [channels.c servconf.c servconf.h session.c sshd.8 sshd_config] add X11UseLocalhost; ok markus@	2002-02-05 12:11:34 +11:00
Damien Miller	4fbf08a8f0	- stevesk@cvs.openbsd.org 2002/01/22 02:52:41 [servconf.c] typo in error message; from djast@cs.toronto.edu	2002-01-22 23:35:09 +11:00
Damien Miller	7fc2373f17	- stevesk@cvs.openbsd.org 2002/01/04 18:14:16 [servconf.c sshd.8] protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and /etc/ssh_host_dsa_key like we have in sshd_config. ok markus@	2002-01-22 23:19:11 +11:00
Damien Miller	f51b0e1a30	- stevesk@cvs.openbsd.org 2002/01/04 17:59:17 [readconf.c servconf.c] remove #ifdef _PATH_XAUTH/#endif; ok markus@	2002-01-22 23:18:49 +11:00
Damien Miller	9f0f5c64bc	- deraadt@cvs.openbsd.org 2001/12/19 07:18:56 [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else	2001-12-21 14:45:46 +11:00

1 2 3

120 Commits