tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,532 Commits 6 Branches 20 Tags 99 MiB
Commit Graph

4082 Commits

Author SHA1 Message Date
Damien Miller ca9ce95bdd correct bug number 2005-08-31 19:42:20 +10:00
Tim Rice eb456545fd - (tim) [configure.ac] Back out last change. It needs to be done differently. 2005-08-30 07:12:02 -07:00
Tim Rice 2016865b95 - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long 
password support to 7.x for now.
 2005-08-29 17:17:37 -07:00
Tim Rice 2291c00ab2 - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c 
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
   openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
   on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
   by tim@. Feedback and OK dtucker@
 2005-08-26 13:15:19 -07:00
Tim Rice 8cc2ad68cd - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@ 2005-08-23 17:18:21 -07:00
Tim Rice 3db1e3fc68 - (tim) [configure.ac ] Not all gcc's support -Wsign-compare 2005-08-23 17:11:26 -07:00
Darren Tucker 114572f7ee - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully- 
qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
   and "//foo" to be different.  Spotted by vinschen at redhat.com.
 2005-08-23 23:32:05 +10:00
Darren Tucker 93e7e8f345 - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for 
LynxOS, patch from Olli Savia (ops at iki.fi).  ok djm@
 2005-08-23 08:06:55 +10:00
Damien Miller 1d10976c16 - (djm) [ttymodes.c] bugzilla #1054: Fix encoding of _POSIX_VDISABLE, 
from Jacob Nevins; ok dtucker@
 2005-08-16 21:32:09 +10:00
Tim Rice c1819c831f - (tim) [configure.ac] corrections to libedit tests. Report and patches 
by skeleten AT shillest.net
 2005-08-15 17:48:40 -07:00
Tim Rice 027e8b10f5 - (tim) wrap el_end() in #ifdef USE_LIBEDIT 2005-08-15 14:52:50 -07:00
Damien Miller 0e2c102858 - jaredy@cvs.openbsd.org 2005/08/08 13:22:48 
[sftp.c]
     sftp prompt enhancements:
     - in non-interactive mode, do not print an empty prompt at the end
       before finishing
     - print newline after EOF in editline mode
     - call el_end() in editline mode
     ok dtucker djm
 2005-08-12 22:16:22 +10:00
Damien Miller 8e489484a1 oops, that last commit was: 
Report from Janusz Mucka; ok djm@
 2005-08-12 22:11:58 +10:00
Damien Miller 203c70579e - dtucker@cvs.openbsd.org 2005/08/06 10:03:12 
[servconf.c]
     Unbreak sshd ListenAddress for bare IPv6 addresses.
 2005-08-12 22:11:37 +10:00
Damien Miller 43f6db64ff - djm@cvs.openbsd.org 2005/07/30 02:03:47 
[readconf.c]
     listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
 2005-08-12 22:11:18 +10:00
Damien Miller be1045dc58 - djm@cvs.openbsd.org 2005/07/30 01:26:16 
[ssh.c]
     fix -D listen_host initialisation, so it picks up gateway_ports setting
     correctly
 2005-08-12 22:10:56 +10:00
Damien Miller b5c012577e - markus@cvs.openbsd.org 2005/07/28 17:36:22 
[packet.c]
     missing packet_init_compression(); from solar
 2005-08-12 22:10:28 +10:00
Darren Tucker 73f671a090 - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c] 
Sync current (thread-safe) version of realpath.c from OpenBSD (which is
   in turn based on FreeBSD's).  ok djm@
 2005-08-10 21:52:36 +10:00
Darren Tucker c7572b2661 - (dtucker) [configure.ac] Test libedit library and headers for compatibility. 
Report from skeleten AT shillest.net, ok djm@
 2005-08-10 20:34:15 +10:00
Tim Rice 8bc6b900ed - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@ 
Report by skeleten AT shillest.net
 2005-08-09 10:09:53 -07:00
Darren Tucker 9825697d3c - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the 
latter is specified in the standard.
 2005-08-03 15:36:21 +10:00
Darren Tucker 212cfc4b48 - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines 
individually and use a value less likely to collide with real values from
   netdb.h.  Fixes compile warnings on FreeBSD 5.3.  ok djm@
 2005-08-03 10:57:15 +10:00
Darren Tucker 7da23cb5d3 - (dtucker) [configure.ac] Add a --with-Werror option to configure for 
adding -Werror to CFLAGS when all of the configure tests are done. ok djm@
 2005-08-03 00:20:15 +10:00
Darren Tucker dd352b675b - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling 
with gcc.  ok djm@
 2005-08-02 17:21:29 +10:00
Darren Tucker 4085853915 - dtucker@cvs.openbsd.org 2005/07/27 10:39:03 
[scp.c hostfile.c sftp-client.c]
     Silence bogus -Wuninitialized warnings; ok djm@
 2005-08-02 17:07:07 +10:00
Damien Miller 9786e6e2a0 - markus@cvs.openbsd.org 2005/07/25 11:59:40 
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
     [sshconnect2.c sshd.c sshd_config sshd_config.5]
     add a new compression method that delays compression until the user
     has been authenticated successfully and set compression to 'delayed'
     for sshd.
     this breaks older openssh clients (< 3.5) if they insist on
     compression, so you have to re-enable compression in sshd_config.
     ok djm@
 2005-07-26 21:54:56 +10:00
Damien Miller 47655ee03a - (djm) OpenBSD CVS Sync 
- otto@cvs.openbsd.org 2005/07/19 15:32:26
     [auth-passwd.c]
     auth_usercheck(3) can return NULL, so check for that. Report from
     mpech@. ok markus@
 2005-07-26 21:54:11 +10:00
Darren Tucker ac1910f1a5 - (dtucker) [configure.ac] Update zlib warning message too, pointed out by 
tim@.
 2005-07-26 12:00:42 +10:00
Darren Tucker 41097edcf6 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096. 2005-07-25 15:24:21 +10:00
Damien Miller 04b65335a8 - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls 2005-07-17 17:53:31 +10:00
Damien Miller b6f72f5294 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c] 
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
 2005-07-17 17:26:43 +10:00
Damien Miller 0dc1bef12d - djm@cvs.openbsd.org 2005/07/17 07:17:55 
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces
 2005-07-17 17:22:45 +10:00
Damien Miller 2b9b045d93 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line 
- djm@cvs.openbsd.org 2005/07/17 06:49:04
     [channels.c channels.h session.c session.h]
     Fix a number of X11 forwarding channel leaks:
     1. Refuse multiple X11 forwarding requests on the same session
     2. Clean up all listeners after a single_connection X11 forward, not just
        the one that made the single connection
     3. Destroy X11 listeners when the session owning them goes away
     testing and ok dtucker@
 2005-07-17 17:19:24 +10:00
Damien Miller 37294fb630 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line 2005-07-17 17:18:49 +10:00
Damien Miller 94cf4c8448 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c] 
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
   in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
 2005-07-17 17:04:47 +10:00
Damien Miller 46d38de48b - djm@cvs.openbsd.org 2005/07/16 01:35:24 
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
 2005-07-17 17:02:09 +10:00
Darren Tucker 4f1adad4f6 - (dtucker) [auth-pam.c] Ensure that only one side of the authentication 
socketpair stays open on in both the monitor and PAM process.  Patch from
   Joerg Sonnenberger.
 2005-07-16 11:33:06 +10:00
Darren Tucker 4a42257b06 - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the 
compiler doesn't understand it to prevent warnings.  If any mainstream
   compiler versions acquire it we can test for those versions.  Based on
   discussion with djm@.
 2005-07-14 17:22:11 +10:00
Darren Tucker 8e2eb308d0 - dtucker@cvs.openbsd.org 2005/07/14 04:00:43 
[misc.h]
     use __sentinel__ attribute; ok deraadt@ djm@ markus@
 2005-07-14 17:07:21 +10:00
Darren Tucker 6c71d20d76 - jmc@cvs.openbsd.org 2005/07/08 12:53:10 
[ssh_config.5]
     new sentence, new line;
 2005-07-14 17:06:50 +10:00
Darren Tucker 89f4d47e66 - dtucker@cvs.openbsd.org 2005/07/08 10:20:41 
[ssh_config.5]
     change BindAddress to match recent ssh -b change; prompted by markus@
 2005-07-14 17:06:21 +10:00
Darren Tucker ce377c3ff1 - markus@cvs.openbsd.org 2005/07/08 09:41:33 
[channels.h]
     race when efd gets closed while there is still buffered data:
     change CHANNEL_EFD_OUTPUT_ACTIVE()
        1) c->efd must always be valid AND
        2a) no EOF has been seen OR
        2b) there is buffered data
     report, initial fix and testing Chuck Cranor
 2005-07-14 17:05:51 +10:00
Darren Tucker bee73d5ce0 - dtucker@cvs.openbsd.org 2005/07/08 09:26:18 
[misc.c]
     Make comment match code; ok djm@
 2005-07-14 17:05:02 +10:00
Darren Tucker a5cf85584c - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 
[ssh.1]
     clarify meaning of ssh -b ; with & ok jmc@
 2005-07-14 17:04:18 +10:00
Darren Tucker 893c602ef0 - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove 
calls to krb5_init_ets, which has not been required since krb-1.1.x and
   most Kerberos versions no longer export in their public API.  From sxw
   at inf.ed.ac.uk, ok djm@
 2005-07-07 20:33:36 +10:00
Darren Tucker a83f2612c2 - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno 
in the case where the buffer is insufficient, so always return ENOMEM.
   Also pointed out by sxw at inf.ed.ac.uk.
 2005-07-07 20:09:35 +10:00
Darren Tucker a916d143a1 - [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for the MIT 
Kerberos code path into a common function and expand mkstemp template to be
   consistent with the rest of OpenSSH.  From sxw at inf.ed.ac.uk, ok djm@
 2005-07-07 11:50:20 +10:00
Damien Miller f92c0794ec - markus@cvs.openbsd.org 2005/07/04 14:04:11 
[channels.c]
     don't forget to set x11_saved_display
 2005-07-06 09:45:26 +10:00
Damien Miller fd94fbaf56 - jmc@cvs.openbsd.org 2005/07/04 11:29:51 
[ssh_config.5]
     fix Xr and a little grammar;
 2005-07-06 09:44:59 +10:00
Damien Miller 1339002e8b - djm@cvs.openbsd.org 2005/07/04 00:58:43 
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@ "put it in" deraadt@
 2005-07-06 09:44:19 +10:00
Damien Miller a7270309fc - markus@cvs.openbsd.org 2005/07/01 13:19:47 
[channels.c]
     don't free() if getaddrinfo() fails; report mpech@
 2005-07-06 09:36:05 +10:00
Damien Miller dba6354c05 wrap 2005-06-26 08:56:48 +10:00
Damien Miller 7c71cc738c - djm@cvs.openbsd.org 2005/06/25 22:47:49 
[ssh.c]
     do the default port filling code a few lines earlier, so it really
     does fix %p
 2005-06-26 08:56:31 +10:00
Damien Miller 8f74c8fc32 - djm@cvs.openbsd.org 2005/06/18 04:30:36 
[ssh.c ssh_config.5]
     allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
 2005-06-26 08:56:03 +10:00
Damien Miller 9651fe690a - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2005/06/17 22:53:47
     [ssh.c sshconnect.c]
     Fix ControlPath's %p expanding to "0" for a default port,
     spotted dwmw2 AT infradead.org; ok markus@
 2005-06-26 08:55:25 +10:00
Damien Miller 52c8afeec5 - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable, 
tested and fixes tim@
 2005-06-19 10:19:43 +10:00
Damien Miller 06221f1527 - djm@cvs.openbsd.org 2005/06/17 02:44:33 
[auth1.c] make this -Wsign-compare clean; ok avsm@ markus@
 2005-06-19 07:36:10 +10:00
Damien Miller 6abf57ccbf - djm@cvs.openbsd.org 2005/05/20 12:57:01; 
[auth1.c] split protocol 1 auth methods into separate functions, makes
   authloop much more readable; fixes and ok markus@ (portable ok &
   polish dtucker@)
 2005-06-19 07:31:37 +10:00
Darren Tucker f0bd352429 - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h 
openbsd-compat/openssl-compat.c] only include openssl compat stuff where
   it's needed as it can cause conflicts elsewhere (eg xcrypt.c).  Found by
   and ok tim@
----------------------------------------------------------------------
automatically CVS: CVS: Committing in .  CVS: CVS: Modified Files:
----------------------------------------------------------------------
 2005-06-17 21:15:20 +10:00
Damien Miller eccb9de72a - djm@cvs.openbsd.org 2005/06/17 02:44:33 
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@ markus@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
 2005-06-17 12:59:34 +10:00
Damien Miller 677257fe07 - markus@cvs.openbsd.org 2005/06/16 08:00:00 
[canohost.c channels.c sshd.c]
     don't exit if getpeername fails for forwarded ports; bugzilla #1054;
     ok djm
 2005-06-17 12:55:03 +10:00
Damien Miller 17e7ed0e75 - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@
 2005-06-17 12:54:33 +10:00
Damien Miller 46f55d3665 - dtucker@cvs.openbsd.org 2005/06/09 13:43:49 
[cipher.c]
     Correctly initialize end of array sentinel; ok djm@
     (Id sync only, change already in portable)
 2005-06-16 13:21:17 +10:00
Damien Miller d14b1e731c - djm@cvs.openbsd.org 2005/06/08 11:25:09 
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add ControlMaster=auto/autoask options to support opportunistic
     multiplexing; tested avsm@ and jakob@, ok markus@
 2005-06-16 13:19:41 +10:00
Damien Miller ac7ef6a736 - djm@cvs.openbsd.org 2005/06/08 03:50:00 
[ssh-keygen.1 ssh-keygen.c sshd.8]
     increase default rsa/dsa key length from 1024 to 2048 bits;
     ok markus@ deraadt@
 2005-06-16 13:19:06 +10:00
Damien Miller 6476cad9bb - djm@cvs.openbsd.org 2005/06/06 11:20:36 
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
     introduce a generic %foo expansion function. replace existing % expansion
     and add expansion to ControlPath; ok markus@
 2005-06-16 13:18:34 +10:00
Damien Miller 05656967b1 - (djm) OpenBSD CVS Sync 
- jaredy@cvs.openbsd.org 2005/06/07 13:25:23
     [progressmeter.c]
     catch SIGWINCH and resize progress meter accordingly; ok markus dtucker
 2005-06-16 13:18:04 +10:00
Darren Tucker 488d602618 typo 2005-06-09 23:40:39 +10:00
Darren Tucker a55ec77013 - (dtucker) [cipher.c openbsd-compat/Makefile.in 
openbsd-compat/openbsd-compat.{c,h} openbsd-compat/openssl-compat.h]
   Move compatibility code for supporting older OpenSSL versions to the
   compat layer.  Suggested by and "no objection" djm@
 2005-06-09 21:45:10 +10:00
Darren Tucker 431f022263 - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX: 
in today's episode we attempt to coax it from limits.h where it may be
   hiding, failing that we take the DIY approach.  Tested by tim@
 2005-06-07 17:53:40 +10:00
Darren Tucker 6a45f3dab4 - (dtucker) [configure.ac] Point configure's reporting address at the 
openssh-unix-dev list.  ok tim@ djm@
 2005-06-03 19:33:10 +10:00
Darren Tucker 67b3703da3 - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't 
defined, and check that it helps before keeping it in CFLAGS.  Some old
   gcc's don't set an error code when encountering an unknown value in -std.
   Found and tested by tim@.
 2005-06-03 17:58:31 +10:00
Tim Rice fcc7ff1de8 - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h. 
Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms
   to skip builtin standard includes tests. (first AC_CHECK_HEADERS test
   must be run on all platforms) Add missing ;; to case statement. OK dtucker@
 2005-06-02 20:28:29 -07:00
Tim Rice 4dbacffe7b - (tim) [configure.ac] set TEST_SHELL for OpenServer 6 2005-06-01 20:09:28 -07:00
Tim Rice 5f7075800a - (tim) [config.guess config.sub] Update to '2005-05-27' version. 2005-06-01 19:57:45 -07:00
Darren Tucker 0814d3136f - djm@cvs.openbsd.org 2005/05/27 08:30:37 
[ssh.c]
     fix -O for cases where no ControlPath has been specified or socket at
     ControlPath is not contactable; spotted by and ok avsm@
 2005-06-01 23:08:51 +10:00
Darren Tucker 2db8ae671e - dtucker@cvs.openbsd.org 2005/05/26 09:08:12 
[ssh-keygen.c]
     uint32_t -> u_int32_t for consistency; ok djm@
 2005-06-01 23:02:25 +10:00
Darren Tucker fc4f2dd347 - avsm@cvs.openbsd.org 2005/05/26 02:08:05 
[scp.c]
     If copying multiple files to a target file (which normally fails, as it
     must be a target directory), kill the spawned ssh child before exiting.
     This stops it trying to authenticate and spewing lots of output.
     deraadt@ ok
 2005-06-01 23:01:12 +10:00
Darren Tucker 81eb5d5e10 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c] 
Add strtoll to the compat library, from OpenBSD.
 2005-06-01 21:39:33 +10:00
Darren Tucker d886e1ca2c - (dtucker) [configure.ac] Look for _getshort and _getlong in 
arpa/nameser.h.
 2005-06-01 18:57:45 +10:00
Darren Tucker f5615962c0 - (dtucker) [mdoc2man.awk] Teach it to understand .Ox. 2005-05-31 16:59:16 +10:00
Darren Tucker 11fb0f290f - (dtucker) [contrib/aix/pam.conf] Correct comments. From davidl at 
vintela.com.
 2005-05-31 16:51:07 +10:00
Darren Tucker f9fea65ba9 - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message, 
spotted by tim@.
 2005-05-29 10:54:27 +10:00
Darren Tucker 6b2fe31def - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there. 2005-05-29 10:32:47 +10:00
Darren Tucker 782727ac61 20050529 
- (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
   argument to passwdexpired to be initialized to NULL.  Suggested by tim@
   While at it, initialize the other arguments to auth functions in case they
   ever acquire this behaviour.
 2005-05-29 10:28:48 +10:00
Darren Tucker 5d72a40d67 - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as 
per the autoconf man page.  Configure should always define them but it
   doesn't hurt to check.
 2005-05-28 20:28:39 +10:00
Darren Tucker fd33328a25 - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor 
version-specific variations as required.
 2005-05-28 18:31:42 +10:00
Darren Tucker 7d2171b2cd - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for 
its presence before doing AC_FUNC_GETPGRP.
 2005-05-28 16:57:00 +10:00
Darren Tucker 390b6d5dbf - (dtucker) [configure.ac] strsep() may be defined in string.h, so check 
for its presence and include it in the strsep check.
 2005-05-28 16:54:36 +10:00
Darren Tucker 0c9653f57e - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have 
one entry per line to make it easier to merge changes.  ok djm@
 2005-05-28 15:58:14 +10:00
Darren Tucker 2be1cbb7be - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c 
openbsd-compat/bsd-misc.c] Add support for Ultrix.  No, that's not a typo.
   Required changes from Bernhard Simon, integrated by me.  ok djm@
 2005-05-27 21:13:40 +10:00
Damien Miller 287b459194 - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by 
David Leach; ok dtucker@
 2005-05-27 19:36:56 +10:00
Damien Miller de3cb0a3dc - (djm) [configure.ac openbsd-compat/Makefile.in] 
[openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
         Add strtonum(3) from OpenBSD libc, new code needs it.
         Unfortunately Linux forces us to do a bizarre dance with compiler
         options to get LLONG_MIN/MAX; Spotted by and ok dtucker@
 2005-05-26 20:48:25 +10:00
Darren Tucker 84ce9b455d - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide 
templates for _getshort and _getlong if missing to prevent compiler warnings
   on Linux.
 2005-05-26 20:12:15 +10:00
Darren Tucker f08bdb5a7e - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux: 
warning: dereferencing type-punned pointer will break strict-aliasing rules
  warning: passing arg 3 of `pam_get_item' from incompatible pointer type
  The type-punned pointer fix is based on a patch from SuSE's rpm.  ok djm@
 2005-05-26 19:59:48 +10:00
Darren Tucker d98dce6929 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on 
Cygwin.
 2005-05-26 13:43:57 +10:00
Damien Miller b253cc4213 - avsm@cvs.openbsd.org 2005/05/24 17:32:44 
[atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
     [ssh-keyscan.c sshconnect.c]
     Switch atomicio to use a simpler interface; it now returns a size_t
     (containing number of bytes read/written), and indicates error by
     returning 0.  EOF is signalled by errno==EPIPE.
     Typical use now becomes:

     if (atomicio(read, ..., len) != len)
             err(1,"read");

     ok deraadt@, cloder@, djm@
 2005-05-26 12:23:44 +10:00
Damien Miller 02e754f1f0 - avsm@cvs.openbsd.org 2005/05/24 02:05:09 
[ssh-keygen.c]
     some style nits from dmiller@, and use a fatal() instead of a printf()/exit
 2005-05-26 12:19:39 +10:00
Damien Miller 3710f278ae - djm@cvs.openbsd.org 2005/05/23 23:32:46 
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
     add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
     ok markus@
 2005-05-26 12:19:17 +10:00
Damien Miller b089fb5fe1 - avsm@cvs.openbsd.org 2005/05/23 22:44:01 
[moduli.c ssh-keygen.c]
     - removes signed/unsigned comparisons in moduli generation
     - use strtonum instead of atoi where its easier
     - check some strlcpy overflow and fatal instead of truncate
 2005-05-26 12:16:18 +10:00
Damien Miller dfec2941ac - jmc@cvs.openbsd.org 2005/05/20 11:23:32 
[ssh_config.5]
     oops - article and spacing;
 2005-05-26 12:14:32 +10:00
Damien Miller ebcfedce85 - djm@cvs.openbsd.org 2005/05/20 10:50:55 
[ssh_config.5]
     give a ProxyCommand example using nc(1), with and ok jmc@
 2005-05-26 12:13:56 +10:00
Damien Miller 459735a0c6 - djm@cvs.openbsd.org 2005/05/19 02:42:26 
[includes.h]
     fix cast, from grunk AT pestilenz.org
 2005-05-26 12:13:42 +10:00
Damien Miller 06b75ad56b - djm@cvs.openbsd.org 2005/05/19 02:40:52 
[sshd_config]
     whitespace nit, from grunk AT pestilenz.org
 2005-05-26 12:12:37 +10:00
Damien Miller 1594ad5a78 - djm@cvs.openbsd.org 2005/05/19 02:39:55 
[sshd_config.5]
     sort config options, from grunk AT pestilenz.org; ok jmc@
 2005-05-26 12:12:19 +10:00
Damien Miller 17b23d8657 - markus@cvs.openbsd.org 2005/05/16 15:30:51 
[readconf.c servconf.c]
     check return value from strdelim() for NULL (AddressFamily); mpech
 2005-05-26 12:11:56 +10:00
Damien Miller 538c9b71ec - djm@cvs.openbsd.org 2005/05/10 10:30:43 
[ssh.c]
     report real errors on fallback from ControlMaster=no to normal connect
 2005-05-26 12:11:28 +10:00
Damien Miller 924c25a64e - djm@cvs.openbsd.org 2005/05/10 10:28:11 
[ssh.c]
     print nice error message for EADDRINUSE as well (ID sync only)
 2005-05-26 12:09:32 +10:00
Damien Miller d2ebd450f0 - markus@cvs.openbsd.org 2005/05/02 21:13:22 
[readpass.c]
     missing {}
 2005-05-26 12:07:47 +10:00
Damien Miller 41bfc29ea5 - moritz@cvs.openbsd.org 2005/04/28 10:17:56 
[progressmeter.c ssh-keyscan.c]
     add snprintf checks. ok djm@ markus@
 2005-05-26 12:07:32 +10:00
Damien Miller dadfd4dd38 - jakob@cvs.openbsd.org 2005/04/26 13:08:37 
[ssh.c ssh_config.5]
     fallback gracefully if client cannot connect to ControlPath. ok djm@
 2005-05-26 12:07:13 +10:00
Damien Miller ac7a0059e2 - jmc@cvs.openbsd.org 2005/04/26 12:59:02 
[sftp-client.h]
     spelling correction in comment from wiz@netbsd;
 2005-05-26 12:05:49 +10:00
Damien Miller ddeb75294b - dtucker@cvs.openbsd.org 2005/04/23 23:43:47 
[readpass.c]
     Add debug message if read_passphrase can't open /dev/tty; bz #471;
     ok djm@
 2005-05-26 12:05:28 +10:00
Damien Miller ddee575b98 - djm@cvs.openbsd.org 2005/04/21 11:47:19 
[ssh.c]
     don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
     ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@
 2005-05-26 12:05:05 +10:00
Damien Miller 167ea5d026 - djm@cvs.openbsd.org 2005/04/21 06:17:50 
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@
 2005-05-26 12:04:02 +10:00
Damien Miller a31c929f36 - jakob@cvs.openbsd.org 2005/04/20 10:05:45 
[dns.c]
     do not try to look up SSHFP for numerical hostname. ok djm@
 2005-05-26 12:03:31 +10:00
Damien Miller 3dc967e17b - jmc@cvs.openbsd.org 2005/04/14 12:30:30 
[ssh.1]
     arg to -b is an address, not if_name;
     ok markus@
 2005-05-26 12:03:15 +10:00
Damien Miller 5fd38c0ed9 - djm@cvs.openbsd.org 2005/04/09 04:32:54 
[misc.c misc.h tildexpand.c Makefile.in]
     replace tilde_expand_filename with a simpler implementation, ahead of
     more whacking; ok deraadt@
 2005-05-26 12:02:14 +10:00
Damien Miller 1b0de9a041 - dtucker@cvs.openbsd.org 2005/04/06 12:26:06 
[ssh.c]
     Fix debug call for port forwards; patch from pete at seebeyond.com,
     ok djm@ (ID sync only - change already in portable)
 2005-05-26 12:01:22 +10:00
Damien Miller 4f1d6b2c11 - djm@cvs.openbsd.org 2005/04/06 09:43:59 
[sshd.c]
     avoid harmless logspam by not performing setsockopt() on non-socket;
     ok markus@
 2005-05-26 11:59:32 +10:00
Damien Miller 9278ffaf71 - (djm) OpenBSD CVS Sync 
- otto@cvs.openbsd.org 2005/04/05 13:45:31
     [ssh-keygen.c]
 2005-05-26 11:59:06 +10:00
Damien Miller 2c04deb888 - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not 
been used for a while
 2005-05-26 11:35:37 +10:00
Damien Miller 6b6d5be591 - Release 4.1p1 2005-05-26 11:34:36 +10:00
Darren Tucker ae8c91ec07 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory 
allocation when retrieving core Windows environment.  Add CYGWIN variable
   to propagated variables.  Patch from vinschen at redhat.com, ok djm@
 2005-05-25 19:42:10 +10:00
Darren Tucker 328118aa79 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message 
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
   idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK.  Attempting to use
   USE_POSIX_THREADS will now generate an error so we don't silently change
   behaviour.  ok djm@
 2005-05-25 16:18:09 +10:00
Damien Miller 4d8f560c39 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Update spec file versions to 4.1p1
 2005-05-25 14:43:47 +10:00
Damien Miller df548bc310 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure 
terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz;
   "looks ok" dtucker@
 2005-05-24 15:54:27 +10:00
Tim Rice b58bd0327e 20050512 
- (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script
   hard link section. Bug 1038.
 2005-05-12 10:32:19 -07:00
Darren Tucker fa2211d93d - (dtucker) [contrib/cygwin/ssh-host-config] Add a test and warning for a 
user-mode mounts in Cygwin installation.  Patch from vinschen at redhat.com.
 2005-05-09 23:48:17 +10:00
Damien Miller 4f10e25684 - (djm) [ssh.c] some systems return EADDRINUSE on a bind to an already-used 
unix domain socket, so catch that too; from jakob@ ok dtucker@
 2005-05-04 15:33:09 +10:00
Darren Tucker 5b115d4401 - (dtucker) [canohost.c] normalise socket addresses returned by 
get_remote_hostname().  This means that IPv4 addresses in log messages
   on IPv6 enabled machines will no longer be prefixed by "::ffff:" and
   AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style
   addresses only for 4-in-6 mapped connections, regardless of whether
   or not the machine is IPv6 enabled.  ok djm@
 2005-05-03 19:05:32 +10:00
Darren Tucker 149da8577e typo 2005-04-25 17:03:29 +10:00
Darren Tucker af342556b9 - (dtucker) [regress/multiplex.sh] Put control socket in /tmp so running 
"make tests" works even if you'r building on a filesystem that doesn't
   support sockets.  From deengert at anl.gov, ok djm@
 2005-04-25 17:01:26 +10:00
Darren Tucker bf2b398327 - (dtucker) [regress/multiplex.sh] Remove cleanup call since test-exec.sh 
will clean up anyway.  From tim@
 2005-04-25 14:49:48 +10:00
Darren Tucker faefd2e73d - (dtucker) [regress/multiplex.sh] Use "kill -0 $pid" to check for the 
existence of a process since it's more portable.  Found by jbasney at
   ncsa.uiuc.edu; ok tim@
 2005-04-25 14:48:22 +10:00
Darren Tucker 2f0b5c4869 - (dtucker) [INSTALL configure.ac] Make zlib version check test for 1.1.4 or 
1.2.1.2 or higher.  With tim@, ok djm@
 2005-04-24 17:52:22 +10:00
Tim Rice 4149ebc0db - (tim) [config.guess] Add support for OpenServer 6. 2005-04-23 18:17:29 -07:00
Darren Tucker 48554152b9 - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if 
UseLogin is set as PAM is not used to establish credentials in that
   case.  Found by Michael Selvesteen, ok djm@
 2005-04-21 19:50:55 +10:00
Darren Tucker 8d158c9937 - (dtucker) [INSTALL] Fix s/key text too. 2005-04-19 15:40:51 +10:00
Darren Tucker ad1e5e286c - (dtucker) [INSTALL] Put the s/key text and URL back together. 2005-04-19 15:31:49 +10:00
Darren Tucker d9c88138f7 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation 
requirements.  Pointed out by Bengt Svensson.
 2005-04-19 12:21:21 +10:00
Tim Rice 2f97b8b088 - (tim) [configure.ac] UnixWare needs PASSWD_NEEDS_USERNAME 2005-04-11 19:00:18 -07:00
Darren Tucker 0f5eeff23d - (dtucker) [auth-passwd.c auth-sia.h] Remove duplicate definitions of 
sys_auth_passwd, pointed out by cmadams at hiwaay.net.
 2005-04-05 21:00:47 +10:00
Darren Tucker 00cadb8c35 - (dtucker) [auth-sia.c] Constify sys_auth_passwd, fixes build error on 
Tru64.  Patch from cmadams at hiwaay.net.
 2005-04-05 20:58:37 +10:00
Darren Tucker 9d2562cf20 - (dtucker) [configure.ac] Define HAVE_SO_PEERCRED if we have it. ok djm@ 2005-04-05 19:22:45 +10:00
Darren Tucker 69152291e7 - (dtucker) [monitor.c] Don't free buffers in audit functions, monitor_read 
will free as needed.  ok tim@ djm@
 2005-04-03 12:44:23 +10:00
Damien Miller 4942de5719 - djm@cvs.openbsd.org 2005/04/02 12:41:16 
[scp.c]
     since ssh has xstrdup, use it instead of strdup+test. unbreaks -Werror
     build
 2005-04-03 10:16:39 +10:00
Damien Miller 3dae15c611 - deraadt@cvs.openbsd.org 2005/03/31 18:39:21 
[scp.c]
     copy argv[] element instead of smashing the one that ps will see; ok otto
 2005-04-03 10:16:11 +10:00
Darren Tucker de0de39082 - (dtucker) [monitor.c] Remaining part of fix for bug #1006. 2005-03-31 23:52:04 +10:00
Darren Tucker 73ba43798a - (dtucker) [ssh.c] Prevent null pointer deref in port forwarding debug 
message on some platforms.  Patch from pete at seebeyond.com via djm.
 2005-03-31 21:51:54 +10:00
Darren Tucker f3bb434177 - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in 
handling of password expiry messages returned by AIX's authentication
   routines, originally reported by robvdwal at sara.nl.
 2005-03-31 21:39:25 +10:00
Darren Tucker 83d5a9866d - jmc@cvs.openbsd.org 2005/03/18 17:05:00 
[sshd_config.5]
     typo;
 2005-03-31 21:33:50 +10:00
Darren Tucker 1f04ca240d - markus@cvs.openbsd.org 2005/03/16 21:17:39 
[version.h]
     4.1
 2005-03-31 21:31:54 +10:00
Darren Tucker 5ede2ad8a7 - jmc@cvs.openbsd.org 2005/03/16 11:10:38 
[ssh_config.5]
     get the syntax right for {Local,Remote}Forward;
     based on a diff from markus;
     problem report from ponraj;
     ok dtucker@ markus@ deraadt@
 2005-03-31 21:31:10 +10:00
Darren Tucker 6e1defdc5a - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're 
interested in which is much faster in large (eg LDAP or NIS) environments.
   Patch from dleonard at vintela.com.
 2005-03-29 23:24:12 +10:00
Darren Tucker e66519d942 - (dtucker) [configure.ac openbsd-compat/port-aix.h] Prevent redefinitions 
of setauthdb on AIX 5.3, reported by anders.liljegren at its.uu.se.
 2005-03-21 22:46:34 +11:00
Darren Tucker 1df61452ea - (dtucker) [configure.ac] Make configure error out if the user specifies 
--with-libedit but the required libs can't be found, rather than silently
   ignoring and continuing.  ok tim@
 2005-03-21 09:58:07 +11:00
Darren Tucker 86a5f8dd0a - (dtucker) [configure.ac] Prevent configure --with-zlib from adding -Iyes 
and -Lyes to CFLAGS and LIBS.  Pointed out by peter at slagheap.net,
   with & ok tim@
 2005-03-21 09:55:17 +11:00
Tim Rice eae17cc80e - (tim) [configure.ac] remove trailing white space. 2005-03-17 16:52:20 -08:00
Tim Rice 35cc69dcb4 - (tim) [configure.ac] make some configure options a little more error proof. 2005-03-17 16:44:25 -08:00
Tim Rice 8bb561b500 - (tim) [configure.ac] portability changes on test statements. Some shells 
have problems with -a operator.
 2005-03-17 16:23:19 -08:00
Tim Rice 12ee8e241e - (tim) [configure.ac] Bug 998. Make path for --with-opensc optional. 
Make --without-opensc work.
 2005-03-17 13:37:04 -08:00
Tim Rice c3939e22fd - (tim) [contrib/caldera/openssh.spec] links in rc?.d were getting trashed 
with a rpm -F
 2005-03-14 17:24:51 -08:00
Darren Tucker c53c3a423c credit patch author 2005-03-14 23:24:43 +11:00
Darren Tucker 11327cc5d7 - markus@cvs.openbsd.org 2005/03/14 11:46:56 
[buffer.c buffer.h channels.c]
     limit input buffer size for channels; bugzilla #896; with and ok dtucker@
 2005-03-14 23:22:25 +11:00
Darren Tucker a8f553df53 - dtucker@cvs.openbsd.org 2005/03/14 11:44:42 
[auth.c]
     Populate host for log message for logins denied by AllowUsers and
     DenyUsers (bz #999); ok markus@
 2005-03-14 23:17:27 +11:00
Darren Tucker da1adbc2cc - dtucker@cvs.openbsd.org 2005/03/14 10:09:03 
[ssh-keygen.1]
     Correct description of -H (bz #997);  ok markus@, punctuation jmc@
 2005-03-14 23:15:58 +11:00
Darren Tucker 1adc2bd8d7 - jmc@cvs.openbsd.org 2005/03/12 11:55:03 
[ssh_config.5]
     escape `.' at eol to avoid double spacing issues;
 2005-03-14 23:14:20 +11:00
Darren Tucker 9f438a9d63 - markus@cvs.openbsd.org 2005/03/11 14:59:06 
[ssh-keygen.c]
     typo, missing \n; mpech
 2005-03-14 23:09:18 +11:00
Darren Tucker 90b9e02230 - deraadt@cvs.openbsd.org 2005/03/10 22:40:38 
[auth-options.c]
     spacing
 2005-03-14 23:08:50 +11:00
Darren Tucker 47eede77ed - deraadt@cvs.openbsd.org 2005/03/10 22:01:05 
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
 2005-03-14 23:08:12 +11:00
Darren Tucker f899e6a526 20050312 
- (dtucker) [regress/test-exec.sh] DEBUG can cause problems where debug
   output ends up in the client's output, causing regress failures.  Found
   by Corinna Vinschen.

(got 4.0 branch and HEAD slightly askew, this is to resync)
 2005-03-14 23:02:46 +11:00
Darren Tucker 1d55ca748d - dtucker@cvs.openbsd.org 2005/03/10 10:15:02 
[readconf.c]
     Check listen addresses for null, prevents xfree from dying during
     ClearAllForwardings (bz #996).  From  Craig Leres, ok markus@
 2005-03-14 22:58:40 +11:00
Darren Tucker a21380b70e - (dtucker) [contrib/cygwin/ssh-host-config] Makes the query for the 
localized name of the local administrators group more reliable.  From
   vinschen at redhat.com.
 2005-03-13 21:20:18 +11:00
Darren Tucker 835903da7b - (djm) [log.c] Fix dumb syntax error; ok dtucker@ 
(pulled from 4.0 branch).
 2005-03-09 20:12:47 +11:00
Damien Miller aa1dba62b0 - (djm) Release OpenSSH 4.0p1 2005-03-09 11:03:08 +11:00
Damien Miller 6f632bf2aa - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
[contrib/suse/openssh.spec] Update spec file versions
 2005-03-09 11:02:41 +11:00
Damien Miller aca8626cf7 - djm@cvs.openbsd.org 2005/03/08 23:49:48 
[version.h]
     OpenSSH 4.0
 2005-03-09 11:00:42 +11:00
Damien Miller b096ac4674 - jmc@cvs.openbsd.org 2005/03/07 23:41:54 
[ssh.1 ssh_config.5]
     more macro simplification;
 2005-03-09 11:00:05 +11:00
Darren Tucker 50c7db92d6 - (dtucker) [regress/test-exec.sh] Set BIN_SH=xpg4 on OSF1/Digital Unix/Tru64 
so that regress tests behave.  From Chris Adams.
 2005-03-09 10:02:55 +11:00
Tim Rice c390c8dc68 - (tim) [configure.ac] SCO 3.2v4.2 no longer supported. This platform is 
too old and too broken.
 2005-03-07 01:21:37 -08:00
Darren Tucker 4b9ac3319e - (dtucker) [regress/test-exec.sh] Put SUDO in the right place. 2005-03-07 19:15:06 +11:00
Darren Tucker 5d909f0773 - djm@cvs.openbsd.org 2005/03/04 08:48:46 
[Makefile envpass.sh]
     regress test for SendEnv config parsing bug; ok dtucker@
 2005-03-07 18:35:34 +11:00
Darren Tucker 894823ec69 - djm@cvs.openbsd.org 2005/02/27 23:13:36 
[login-timeout.sh]
     avoid nameservice lookups in regress test; ok dtucker@
 2005-03-07 18:34:04 +11:00
Darren Tucker a0f3ba71a0 - dtucker@cvs.openbsd.org 2005/02/27 11:33:30 
[multiplex.sh test-exec.sh sshd-log-wrapper.sh]
     Add optional capability to log output from regress commands; ok markus@
     Use with: make TEST_SSH_LOGFILE=/tmp/regress.log
 2005-03-07 18:33:02 +11:00
Darren Tucker b712fccc18 - david@cvs.openbsd.org 2005/01/14 04:21:18 
[Makefile test-exec.sh]
     pass the SUDO make variable to the individual sh tests; ok dtucker@ markus@
 2005-03-07 18:27:28 +11:00
Darren Tucker 68f7213a2c - fgsch@cvs.openbsd.org 2004/12/10 01:31:30 
[Makefile sftp-glob.sh]
     some globbing regress; prompted and ok djm@
 2005-03-07 18:25:53 +11:00
Darren Tucker 1c56ef6ac3 - (dtucker) OpenBSD CVS Sync (regress/) 
- fgsch@cvs.openbsd.org 2004/12/10 01:31:30
     [Makefile]
     some globbing regress; prompted and ok djm@
 2005-03-07 17:36:18 +11:00
Darren Tucker 0d0966934e - (dtucker) [configure.ac] Disable gettext search when configuring with 
BSM audit support for the time being.  ok djm@
 2005-03-07 17:34:45 +11:00
Darren Tucker 2b59a6dad6 - (dtucker) [session.c sshd.c] Bug #125 comment #49: Send disconnect audit 
events earlier, prevents mm_request_send errors reported by Matt Goebel.
 2005-03-06 22:38:51 +11:00
Darren Tucker 3745e2bb62 - (dtucker) [monitor.c] Bug #125 comment #47: fix errors returned by monitor 
when attempting to audit disconnect events.  Reported by Phil Dibowitz.
 2005-03-06 22:31:35 +11:00
Damien Miller f8e7accd01 - djm@cvs.openbsd.org 2005/03/04 08:48:06 
[readconf.c]
     fix SendEnv config parsing bug found by Roumen Petrov; ok dtucker@
 2005-03-05 11:22:50 +11:00
Damien Miller b022b23584 - jmc@cvs.openbsd.org 2005/03/02 11:45:01 
[ssh.1]
     missing word;
 2005-03-05 11:22:36 +11:00
Damien Miller 7ffa367a93 - (djm) [contrib/cygwin/README] Improve Cygwin build documentation. Patch 
from vinschen at redhat.com
 2005-03-05 11:20:40 +11:00
Tim Rice f8f3016f9e - (tim) [regress/agent-ptrace.sh] add another possible gdb error. 2005-03-02 21:49:56 -08:00
Damien Miller 947219e6e6 - djm@cvs.openbsd.org 2005/03/02 02:21:07 
[ssh.1]
     bz#987: mention ForwardX11Trusted in ssh.1,
     reported by andrew.benham AT thus.net; ok deraadt@
 2005-03-02 13:22:30 +11:00
Damien Miller 89eac8010a - djm@cvs.openbsd.org 2005/03/02 01:27:41 
[ssh-keygen.c]
     ignore hostnames with metachars when hashing; ok deraadt@
 2005-03-02 12:33:04 +11:00
Damien Miller 1227d4c93c - djm@cvs.openbsd.org 2005/03/02 01:00:06 
[sshconnect.c]
     fix addition of new hashed hostnames when CheckHostIP=yes;
     found and ok dtucker@
 2005-03-02 12:06:51 +11:00
Damien Miller 265d309ebc - jmc@cvs.openbsd.org 2005/03/01 18:15:56 
[ssh-keygen.1]
     sort options (no attempt made at synopsis clean up though);
     spelling (occurance -> occurrence);
     use prompt before examples;
     grammar;
 2005-03-02 12:05:06 +11:00
Damien Miller 792c01749a - jmc@cvs.openbsd.org 2005/03/01 17:32:19 
[ssh-add.1]
     sort options;
 2005-03-02 12:04:50 +11:00
Damien Miller 02faeceb56 - jmc@cvs.openbsd.org 2005/03/01 17:22:06 
[ssh.c]
     sync usage() w/ man SYNOPSIS;
     ok markus@
 2005-03-02 12:04:32 +11:00
Damien Miller 27e9c5125e - jmc@cvs.openbsd.org 2005/03/01 17:19:35 
[scp.1 sftp.1]
     add HashKnownHosts to -o list;
     ok markus@
 2005-03-02 12:04:16 +11:00
Damien Miller 9a2fdbd0d6 - jmc@cvs.openbsd.org 2005/03/01 15:47:14 
[ssh-keyscan.1 ssh-keyscan.c]
     sort options and sync usage();
 2005-03-02 12:04:01 +11:00
Damien Miller 4c9c6fdcfe - jmc@cvs.openbsd.org 2005/03/01 15:05:00 
[ssh-keygen.1]
     whitespace;
 2005-03-02 12:03:43 +11:00
Damien Miller 718fd4b9b8 - jmc@cvs.openbsd.org 2005/03/01 14:59:49 
[sshd.8]
     new sentence, new line;
     whitespace;
 2005-03-02 12:03:23 +11:00
Damien Miller f8c5546290 - jmc@cvs.openbsd.org 2005/03/01 14:55:23 
[ssh_config.5]
     do not mark up punctuation;
     whitespace;
 2005-03-02 12:03:05 +11:00
Damien Miller 36bf7dd184 - jmc@cvs.openbsd.org 2005/03/01 14:47:58 
[ssh.1]
     remove some unneccesary macros;
     do not mark up punctuation;
 2005-03-02 12:02:47 +11:00
Damien Miller 4b42d7f195 - djm@cvs.openbsd.org 2005/03/01 10:42:49 
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
     add tools for managing known_hosts files with hashed hostnames, including
     hashing existing files and deleting hosts by name; ok markus@ deraadt@
 2005-03-01 21:48:35 +11:00
Damien Miller db7b8171ee - djm@cvs.openbsd.org 2005/03/01 10:41:28 
[ssh-keyscan.1 ssh-keyscan.c]
     option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@
 2005-03-01 21:48:03 +11:00
Damien Miller e1776155d1 - djm@cvs.openbsd.org 2005/03/01 10:40:27 
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
     [sshconnect.c sshd.8]
     add support for hashing host names and addresses added to known_hosts
     files, to improve privacy of which hosts user have been visiting; ok
     markus@ deraadt@
 2005-03-01 21:47:37 +11:00
Damien Miller f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52 
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
 2005-03-01 21:24:33 +11:00
Damien Miller 1717fd422f - djm@cvs.openbsd.org 2005/02/28 00:54:10 
[ssh_config.5]
     bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
     orion AT cora.nwra.com; ok markus@
 2005-03-01 21:17:31 +11:00
Damien Miller 70a908ec89 - jmc@cvs.openbsd.org 2005/02/25 10:55:13 
[sshd.8]
     add /etc/motd and $HOME/.hushlogin to FILES;
     from michael knudsen;
 2005-03-01 21:17:09 +11:00
Damien Miller 64e8d44fbd - djm@cvs.openbsd.org 2005/02/20 22:59:06 
[sftp.c]
     turn on ssh batch mode when in sftp batch mode, patch from
     jdmossh AT nand.net;
     ok markus@
 2005-03-01 21:16:47 +11:00
Damien Miller 9b8073e1e0 - djm@cvs.openbsd.org 2005/02/18 03:05:53 
[canohost.c]
     better error messages for getnameinfo failures; ok dtucker@
 2005-03-01 21:16:18 +11:00
Damien Miller 3eb48b6245 - otto@cvs.openbsd.org 2005/02/16 09:56:44 
[ssh.c]
     Better diagnostic if an identity file is not accesible. ok markus@ djm@
 2005-03-01 21:15:46 +11:00
Darren Tucker dc8fc62103 - (dtucker) [Makefile.in] Add a install-nosysconf target for installing the 
binaries without the config files.  Primarily useful for packaging.
   Patch from phil at usc.edu.  ok djm@
 2005-02-26 10:12:38 +11:00
Darren Tucker 3804903a09 - (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}] 
Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
   more.  Patch from vinschen at redhat.com.
 2005-02-26 10:07:37 +11:00
Darren Tucker 34233830a1 - (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c] 
Remove two obsolete Cygwin #ifdefs.  Patch from vinschen at redhat.com.
 2005-02-26 10:04:28 +11:00
Damien Miller 848b993639 - (djm) [configure.ac] in_addr_t test needs sys/types.h too 2005-02-24 12:12:34 +11:00
Darren Tucker 2ea9b18918 - (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from 
vinschen at redhat.com.
 2005-02-22 17:57:13 +11:00
Darren Tucker 04cfbe04aa - (dtucker) [configure.ac] Missing comma in AIX section, somehow causes 
unrelated platforms to be configured incorrectly.
 2005-02-20 23:27:11 +11:00
Darren Tucker d9f88915a2 - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac 
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support.  Configure
   --with-audit=bsm to enable.  Patch originally from Sun Microsystems,
   parts by John R. Jackson.  ok djm@
 2005-02-20 21:01:48 +11:00
Darren Tucker 3c774c52f3 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more 
compiler warnings on AIX.
 2005-02-16 22:49:31 +11:00
Darren Tucker c97b01af62 - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic 
authentication early enough to be available to PAM session modules when
   privsep=yes.  Patch from deengert at anl.gov, ok'ed in principle by Sam
   Hartman and similar to Debian's ssh-krb5 package.
 2005-02-16 16:47:37 +11:00
Darren Tucker ca6e7a7e8b - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant 
Unix; prevents problems relating to the location of -lresolv in the
   link order.
 2005-02-16 16:19:17 +11:00
Darren Tucker a91f5ee618 - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined 
by the system headers.
 2005-02-16 14:20:06 +11:00
Darren Tucker 7b48d25527 - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called 
via mkstemp in some configurations.  ok djm@
 2005-02-16 13:20:07 +11:00
Damien Miller ed462d9a45 write seed to temporary file and atomically rename into place; ok dtucker@ 2005-02-16 13:02:45 +11:00
Darren Tucker a39f83eeee - (dtucker) [loginrec.c] Add missing #include. 2005-02-15 22:19:28 +11:00
Darren Tucker 691d5235ca - (dtucker) [README.platform auth.c configure.ac loginrec.c 
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
   on AIX where possible (see README.platform for details) and work around
   a misfeature of AIX's getnameinfo.  ok djm@
 2005-02-15 21:45:57 +11:00
Darren Tucker f04c361675 - (dtucker) [config.sh.in] Collect oslevel -r too. 2005-02-15 21:26:32 +11:00
Darren Tucker 15af68f767 - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too. 2005-02-11 18:32:13 +11:00
Darren Tucker 1b6f2291e4 - (dtucker) [configure.ac] Tidy up configure --help output. 2005-02-11 16:11:49 +11:00
Darren Tucker 2f9573df71 - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the 
--disable-etc-default-login configure option.
 2005-02-10 22:28:54 +11:00
Darren Tucker 33370e0287 - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require 
the username to be passed to the passwd command when changing expired
   passwords.  ok djm@
 2005-02-09 22:17:28 +11:00
Darren Tucker c7e38d59e9 - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir 
paths.  ok djm@
 2005-02-09 22:12:30 +11:00
Darren Tucker 92170a8626 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call 
disable_forwarding() from compat library. Prevent linker errrors trying
   to resolve it for binaries other than sshd.  ok djm@
 2005-02-09 17:08:23 +11:00
Darren Tucker 96d4710e38 - dtucker@cvs.openbsd.org 2005/02/08 22:24:57 
[sshd.c]
     Provide reason in error message if getnameinfo fails; ok markus@
 2005-02-09 09:53:48 +11:00
Darren Tucker 5b53026f71 - dtucker@cvs.openbsd.org 2005/01/30 11:18:08 
[monitor.c]
     Make code match intent; ok djm@
 2005-02-09 09:52:17 +11:00
Darren Tucker 43d8e28763 - jmc@cvs.openbsd.org 2005/01/28 18:14:09 
[ssh_config.5]
     wording;
     ok markus@
 2005-02-09 09:51:08 +11:00
Darren Tucker 79a7acfebd - jmc@cvs.openbsd.org 2005/01/28 15:05:43 
[ssh_config.5]
     grammar;
 2005-02-09 09:48:57 +11:00
Darren Tucker 3f166dfcb5 - dtucker@cvs.openbsd.org 2005/01/28 09:45:53 
[ssh_config]
     Make it clear that the example entries in ssh_config are only some of the
     commonly-used options and refer the user to ssh_config(5) for more
     details; ok djm@
 2005-02-09 09:46:47 +11:00
Darren Tucker 2e0cf0dca2 - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c 
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
   defines and enums with SSH_ to prevent namespace collisions on some
   platforms (eg AIX).
 2005-02-08 21:52:47 +11:00
Darren Tucker b4d3012d2e - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings. 2005-02-08 21:06:55 +11:00
Darren Tucker feb6f7f244 - (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the 
regress tests so newer versions of GNU head(1) behave themselves.  Patch
   by djm, so ok me.
 2005-02-08 20:17:17 +11:00
Darren Tucker 40d9a63788 - (dtucker) [auth.c] Fix parens in audit log check. 2005-02-04 15:19:44 +11:00
Darren Tucker 598ba7b5e2 - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too. 2005-02-04 15:05:08 +11:00
Darren Tucker 6dce99142b typo 2005-02-03 15:07:37 +11:00
Darren Tucker 269a1ea1c8 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c 
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
   (first stage) Add audit instrumentation to sshd, currently disabled by
   default.  with suggestions from and djm@
 2005-02-03 00:20:53 +11:00