430c6a1552
- markus@cvs.openbsd.org 2004/06/22 03:12:13
...
[regress/envpass.sh regress/multiplex.sh]
more portable env passing tests
2004-06-22 13:38:56 +10:00
e35bf12eeb
- (bal) [auth-passwd.c auth1.c] Clean up unused variables.
2004-06-22 03:37:11 +00:00
59bf4a9bd4
- (dtucker) [defines.h] Define __dead if not already defined.
2004-06-22 13:27:16 +10:00
5e4e272e8d
Missing ChangeLog entry for previous
2004-06-22 13:26:00 +10:00
9a52645566
- djm@cvs.openbsd.org 2004/06/22 01:16:39
...
[sftp.c]
don't show .files by default in ls, add -a option to turn them back on;
ok markus
2004-06-22 13:09:55 +10:00
15ca6e8842
- djm@cvs.openbsd.org 2004/06/21 22:41:31
...
[sftp.1]
document sort options
2004-06-22 13:08:21 +10:00
a4e9ffa653
- djm@cvs.openbsd.org 2004/06/21 22:30:45
...
[sftp.c]
prefix ls option flags with LS_
2004-06-22 13:07:58 +10:00
b9123453d0
- djm@cvs.openbsd.org 2004/06/21 22:04:50
...
[sftp.c]
introduce sorting for ls, same options as /bin/ls; ok markus@
2004-06-22 13:06:45 +10:00
efa62f98a1
- djm@cvs.openbsd.org 2004/06/21 22:02:58
...
[log.h]
mark fatal and cleanup exit as __dead; ok markus@
2004-06-22 12:57:44 +10:00
723e945b55
- djm@cvs.openbsd.org 2004/06/21 17:53:03
...
[session.c]
fix fd leak for multiple subsystem connections; with markus@
2004-06-22 12:57:08 +10:00
3f9fdc7121
- avsm@cvs.openbsd.org 2004/06/21 17:36:31
...
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
b357afc0a0
- djm@cvs.openbsd.org 2004/06/20 19:28:12
...
[sftp.1]
mention new -n flag
2004-06-22 12:31:23 +10:00
b215c5d8fe
- djm@cvs.openbsd.org 2004/06/20 18:53:39
...
[sftp.c]
make "ls -l" listings print user/group names, add "ls -n" to show uid/gid
(like /bin/ls); idea & ok markus@
2004-06-22 12:30:53 +10:00
365433f883
- djm@cvs.openbsd.org 2004/06/20 17:36:59
...
[ssh.c]
filter passed env vars at slave in connection sharing case; ok markus@
2004-06-22 12:29:23 +10:00
f7ba8f67b7
(tim) [configure.ac Makefile.in] Only change TEST_SHELL on broken platforms.
...
OK dtucker@
2004-06-20 10:37:32 -07:00
5af9db9e0c
- (tim) [configure.ac buildpkg.sh.in contrib/solaris/README] move opensshd
...
init script to top level directory.
2004-06-19 19:31:06 -07:00
17db1c47cf
- (dtucker) [auth-pam.c] Don't use PAM namespace for
...
pam_password_change_required either.
2004-06-19 12:54:38 +10:00
3bbd878c2e
- djm@cvs.openbsd.org 2004/06/18 11:11:54
...
[channels.c clientloop.c]
Don't explode in clientloop when we receive a bogus channel id, but
also don't generate them to begin with; ok markus@
2004-06-18 22:23:22 +10:00
b8ea24868f
- markus@cvs.openbsd.org 2004/06/18 10:55:43
...
[ssh.1 ssh.c]
trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm
2004-06-18 22:21:55 +10:00
0809e233a4
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/18 10:40:19
[ssh.c]
delay signal handler setup until we have finished talking to the master.
allow interrupting of setup (e.g. if master is stuck); ok markus@
2004-06-18 22:20:57 +10:00
6288dc14fc
- dtucker@cvs.openbsd.org 2004/06/18 06:15:51
...
[multiplex.sh]
Use -S for scp/sftp to force the use of the ssh being tested.
ok djm@,markus@
2004-06-18 16:25:35 +10:00
bd12f1741e
- dtucker@cvs.openbsd.org 2004/06/18 06:13:25
...
[sftp.c]
Use execvp instead of execv so sftp -S ssh works. "makes sense" markus@
2004-06-18 16:23:43 +10:00
ba5c592126
- djm@cvs.openbsd.org 2004/06/17 23:56:57
...
[ssh.1 ssh.c]
sync usage() and SYNPOSIS with connection sharing changes
2004-06-18 16:22:39 +10:00
13fbe57722
- (dtucker) [regress/README.regress] Add detail on how to run a single
...
test from the top-level Makefile.
2004-06-18 14:14:43 +10:00
e826a8c9d9
- djm@cvs.openbsd.org 2004/06/17 14:53:27
...
[regress/multiplex.sh]
shared connection env passing regress test
2004-06-18 01:23:03 +10:00
23f0770a1b
- djm@cvs.openbsd.org 2004/06/17 15:10:14
...
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
2004-06-18 01:19:03 +10:00
3756dcee24
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/17 14:52:48
[clientloop.c clientloop.h ssh.c]
support environment passing over shared connections; ok markus@
2004-06-18 01:17:29 +10:00
a9972e19e9
- (dtucker) [regress/multiplex.sh] Increase sleep time to 120 sec (60 is not
...
enough for slow systems, especially if they don't have a kernel RNG).
2004-06-17 17:01:21 +10:00
10e7f1929b
- (dtucker) [regress/multiplex.sh] add EXEEXT for those platforms that need
...
it.
2004-06-17 16:36:27 +10:00
3e86fc4e99
- dtucker@cvs.openbsd.org 2004/06/17 06:19:06
...
[regress/multiplex.sh]
Add small description of failing test to failure message; ok djm@
2004-06-17 16:34:02 +10:00
ffaa6a5f01
- dtucker@cvs.openbsd.org 2004/06/17 06:00:05
...
[regress/multiplex.sh]
Use DATA and COPY for test data rather than hard-coded paths; ok djm@
2004-06-17 16:32:45 +10:00
ddea13d74d
- dtucker@cvs.openbsd.org 2004/06/17 05:51:59
...
[regress/multiplex.sh]
Remove datafile between and after tests, kill sshd rather than wait;
ok djm@
2004-06-17 16:27:43 +10:00
8a2f1b3537
- (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some
...
platforms), so test if diff understands it. Pointed out by tim@, ok djm@
2004-06-17 15:18:32 +10:00
af16154b00
Add missing regress.
2004-06-16 23:24:19 +10:00
5711dca4a6
- dtucker@cvs.openbsd.org 2004/06/16 13:16:40
...
[multiplex.sh]
Silence multiplex sftp and scp tests. ok markus@
2004-06-16 23:23:50 +10:00
6f0e35b566
- dtucker@cvs.openbsd.org 2004/06/16 13:15:09
...
[regress/scp.sh]
Make scp -r tests use diff -rN not cmp (which won't do dirs. ok markus@
2004-06-16 23:22:37 +10:00
7a06f62b6a
- (dtucker) [regress/README.regress]
...
Add $TEST_SHELL to readme.
2004-06-16 21:08:32 +10:00
0e6868e2c4
- (dtucker) [regress/test-exec.sh]
...
Move Portable-only StrictModes to top of list to make syncs easier.
2004-06-16 20:36:16 +10:00
9fe95da3ea
Add missing regress/envpass.sh
2004-06-16 20:33:55 +10:00
a40395663c
- djm@cvs.openbsd.org 2004/06/13 15:16:54
...
[regress/test-exec.sh]
remove duplicate setting of $SCP; spotted by markus@
2004-06-16 20:31:18 +10:00
e7d0583f36
- djm@cvs.openbsd.org 2004/06/13 15:04:08
...
[regress/Makefile regress/test-exec.sh, added regress/multiplex.sh]
regress test for client multiplexing; ok markus@
2004-06-16 20:22:22 +10:00
50433a9243
- dtucker@cvs.openbsd.org 2004/06/13 13:51:02
...
[regress/Makefile regress/test-exec.sh, added regress/scp-ssh-wrapper.sh
regress/scp.sh]
Add scp regression test; with & ok markus@
2004-06-16 20:15:59 +10:00
4c37ef08ab
- djm@cvs.openbsd.org 2004/04/27 09:47:30
...
[regress/Makefile regress/test-exec.sh, added regress/envpass.sh]
regress test for environment passing, SendEnv & AcceptEnv options;
ok markus@
2004-06-16 20:08:56 +10:00
a7ea546f1b
- (dtucker) [openbsd-compat/port-aix.c] Expand whitespace -> tabs. No
...
code changes.
2004-06-16 12:01:15 +10:00
03e66f650c
- djm@cvs.openbsd.org 2004/06/15 05:45:04
...
[clientloop.c]
missed one unset_nonblock; spotted by Tim Rice
2004-06-15 15:47:51 +10:00
51cee0892f
fix typo
2004-06-14 21:25:33 -07:00
07b6ff12c4
- (djm) [ssh.c] Use separate var for address length
2004-06-15 11:14:45 +10:00
5e6f4db085
- (djm) Fix Makefile.in for connection sharing changes
2004-06-15 10:44:40 +10:00
232711f6db
- djm@cvs.openbsd.org 2004/06/14 01:44:39
...
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
[sshd.c]
set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
2004-06-15 10:35:30 +10:00
0e220dbfbc
- djm@cvs.openbsd.org 2004/06/13 15:03:02
...
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
[readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
implement session multiplexing in the client (the server has supported
this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
05202ffe21
- dtucker@cvs.openbsd.org 2004/06/13 14:01:42
...
[ssh.1 ssh_config.5 sshd_config.5]
List supported ciphers in man pages, tidy up ssh -c;
"looks fine" jmc@, ok markus@
2004-06-15 10:30:39 +10:00
f675fc4948
- djm@cvs.openbsd.org 2004/06/13 12:53:24
...
[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
[ssh-keyscan.c sshconnect2.c sshd.c]
implement diffie-hellman-group14-sha1 kex method (trivial extension to
existing diffie-hellman-group1-sha1); ok markus@
2004-06-15 10:30:09 +10:00
7cf17eb78c
- pedro@cvs.openbsd.org 2004/06/03 12:22:20
...
[sftp-client.c sftp.c]
initialize pointers, ok markus@
2004-06-15 10:28:56 +10:00
16ea6494b6
- dtucker@cvs.openbsd.org 2004/06/01 14:20:45
...
[auth2-chall.c]
Remove redundant #include; ok markus@
2004-06-15 10:28:24 +10:00
3379385060
- dtucker@cvs.openbsd.org 2004/05/27 00:50:13
...
[readconf.c]
Kill dead code after fatal(); ok djm@
2004-06-15 10:27:55 +10:00
3e4dffb140
- markus@cvs.openbsd.org 2004/05/26 23:02:39
...
[channels.c]
missing freeaddrinfo; Andrey Matveev
2004-06-15 10:27:15 +10:00
350327c042
- djm@cvs.openbsd.org 2004/05/26 08:59:57
...
[sftp.c]
exit -> _exit in forked child on error; from andrushock AT korovino.net
2004-06-15 10:24:13 +10:00
94befab9dd
- (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.
...
ok djm@
2004-06-03 14:53:12 +10:00
26314f6354
- (djm) [auth-pam.c] Add copyright for local changes
2004-06-01 11:28:20 +10:00
2d2b9f706f
[buildpkg.sh.in] Last minute fix didn't make it in the .in file. :-(
2004-05-30 21:48:40 -07:00
6f1f758cca
- (tim) [configure.ac Makefile.in] Add support for "make package" ok djm@
...
- (tim) [buildpkg.sh.in] New file. A more flexible version of
contrib/solaris/buildpkg.sh used for "make package".
2004-05-30 21:38:51 -07:00
e061b1598a
- (dtucker) [auth-pam.c] Use an invalid password for root if
...
PermitRootLogin != yes or the login is invalid, to prevent leaking
information. Based on Openwall's owl-always-auth patch. ok djm@
2004-05-30 22:04:56 +10:00
450a158d7e
- (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874 : Re-add PAM
...
support for PasswordAuthentication=yes. ok djm@
2004-05-30 20:43:59 +10:00
0ffe638bbb
- (dtucker) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec
...
contrib/README CREDITS INSTALL] Bug #873 : Correct URLs for x11-ssh-askpass
and Jim Knoble's email address , from Jim himself.
2004-05-27 09:59:31 +10:00
12984968fb
- (dtucker) [sshd.c] Fix typo in comment.
2004-05-24 13:37:13 +10:00
b53355eca5
- (dtucker) [auth-pam.c] Bug #839 : Ensure that pam authentication "thread"
...
is terminated if the privsep slave exits during keyboard-interactive
authentication. ok djm@
2004-05-24 11:55:36 +10:00
89413dbafa
- dtucker@cvs.openbsd.org 2004/05/23 23:59:53
...
[auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5]
Add MaxAuthTries sshd config option; ok markus@
2004-05-24 10:36:23 +10:00
e534e12127
- jmc@cvs.openbsd.org 2004/05/22 16:01:05
...
[ssh.1]
kill whitespace at eol;
2004-05-24 10:35:14 +10:00
1973c88898
- djm@cvs.openbsd.org 2004/05/22 06:32:12
...
[clientloop.c ssh.1]
use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
2004-05-24 10:34:36 +10:00
e7066dfde3
- djm@cvs.openbsd.org 2004/05/21 11:33:11
...
[channels.c channels.h clientloop.c serverloop.c ssh.1]
bz #756 : add support for the cancel-tcpip-forward request for the server and
the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
ok markus@
2004-05-24 10:18:05 +10:00
e4ab1157db
- markus@cvs.openbsd.org 2004/05/21 08:43:03
...
[kex.h moduli.c tildexpand.c]
add prototypes for -Wall; ok djm
2004-05-24 10:14:24 +10:00
e167582947
- dtucker@cvs.openbsd.org 2004/05/20 10:58:05
...
[clientloop.c]
Trivial type fix 0 -> '\0'; ok markus@
2004-05-24 10:13:07 +10:00
cdf547afe4
- djm@cvs.openbsd.org 2004/05/19 12:17:33
...
[sftp-client.c sftp.c]
gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while
waiting for a command; ok markus@
2004-05-24 10:12:19 +10:00
efec7c23b1
- (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle
...
old/broken/incomplete <sys/queue.h>.
2004-05-23 06:22:27 +00:00
b409718797
- (djm) [configure.ac] Warn if the system has no known way of figuring out
...
which user is on the other end of a Unix domain socket; ok dtucker@
2004-05-23 14:09:40 +10:00
701d0514ee
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
...
ok dtucker@
2004-05-23 11:47:58 +10:00
991d95f412
- (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR
...
-> HAVE_DECL_H_ERRNO.
2004-05-13 20:24:10 +10:00
cc2685577b
- (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR
...
is defined before using.
2004-05-13 20:10:38 +10:00
b6db172a79
- (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
...
readpass.h, grep says scard-opensc.c does too. Replace with misc.h.
2004-05-13 17:29:35 +10:00
1dcff9a3a8
- (dtucker) [sshd.8] Bug #843 : Add warning about PasswordAuthentication to
...
UsePAM section. Parts from djm@ and jmc@.
2004-05-13 16:51:40 +10:00
a86b453bb3
- dtucker@cvs.openbsd.org 2004/05/13 02:47:50
...
[ssh-agent.1]
Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@
2004-05-13 16:45:46 +10:00
1f8311c836
- deraadt@cvs.openbsd.org 2004/05/11 19:01:43
...
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
b42714e28b
- djm@cvs.openbsd.org 2004/05/09 01:26:48
...
[kex.c]
don't overwrite what we are trying to compute
2004-05-13 16:31:48 +10:00
e14e005f41
- djm@cvs.openbsd.org 2004/05/09 01:19:28
...
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
sshd.c] removed: mpaux.c mpaux.h
kill some more tiny files; ok deraadt@
2004-05-13 16:30:44 +10:00
770fc01078
- djm@cvs.openbsd.org 2004/05/09 00:06:47
...
[moduli.c ssh-keygen.c] removed: moduli.h
zap another tiny header; ok deraadt@
2004-05-13 16:24:32 +10:00
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
06f2bd8bde
- deraadt@cvs.openbsd.org 2004/05/08 00:01:37
...
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
tildexpand.c], removed: sshtty.h tildexpand.h
make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
dcf6ec48f6
- jmc@cvs.openbsd.org 2004/05/06 11:24:23
...
[ssh_config.5]
typo from John Cosimano (PR 3770);
2004-05-13 13:03:56 +10:00
2e578f6292
- jmc@cvs.openbsd.org 2004/05/04 18:36:07
...
[scp.1]
SendEnv here too;
2004-05-13 13:03:04 +10:00
8e968a596a
- (dtucker) [configure.ac] Bug #867 : Additional tests for res_query in
...
libresolv, fixes problems detecting it on some platforms
(eg Linux/x86-64). From Kurt Roeckx via Debian, ok mouring@
2004-05-13 11:56:16 +10:00
c0796d7676
- dtucker@cvs.openbsd.org 2004/05/02 23:17:51
...
[scp.1]
ConnectionTimeout -> ConnectTimeout for scp.1 too.
2004-05-03 09:19:03 +10:00
3d5cbb7761
- dtucker@cvs.openbsd.org 2004/05/02 23:02:17
...
[sftp.1]
ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@
2004-05-03 09:13:15 +10:00
edae0ec12a
- dtucker@cvs.openbsd.org 2004/05/02 11:57:52
...
[ssh.1]
ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
Debian. ok djm@
2004-05-02 22:15:52 +10:00
097e1e9a97
- dtucker@cvs.openbsd.org 2004/05/02 11:54:31
...
[sshd.8]
Man page grammar fix (bz #858 ), from damerell at chiark.greenend.org.uk
via Debian; ok djm@
2004-05-02 22:15:08 +10:00
7a6c06620e
- jmc@cvs.openbsd.org 2004/04/28 07:13:42
...
[sftp.1 ssh.1]
add SendEnv to -o list;
2004-05-02 22:14:03 +10:00
b2a601cc99
- jmc@cvs.openbsd.org 2004/04/28 07:02:56
...
[sshd_config.5]
remove unnecessary .Pp;
2004-05-02 22:13:20 +10:00
1e0c9bf9fb
- djm@cvs.openbsd.org 2004/04/28 05:17:10
...
[ssh_config.5 sshd_config.5]
manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
2004-05-02 22:12:48 +10:00
46bc075474
- djm@cvs.openbsd.org 2004/04/27 09:46:37
...
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815 : implement ability to pass specified environment variables from
the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
47abce45b2
- djm@cvs.openbsd.org 2004/04/22 11:56:57
...
[moduli.c]
Bugzilla #850 : Sophie Germain is the correct name of the French
mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@c-s.fr
2004-05-02 22:09:00 +10:00
7749c5163b
- (dtucker) [README.platform] List prereqs for building on Cygwin.
2004-04-23 18:57:13 +10:00
5bb140019c
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno
...
as extern int if not already declared. Fixes compile errors on old SCO
platforms. ok tim@
2004-04-23 18:53:10 +10:00
752e4e603f
- (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@
2004-04-21 12:29:13 +10:00
5561e0b73d
- (djm) [configure.ac] Check whether libroken is required when building
...
with Heimdal
2004-04-20 20:28:55 +10:00
50bec89baf
rewrap
2004-04-20 20:20:40 +10:00
914420fe74
- djm@cvs.openbsd.org 2004/04/19 21:51:49
...
[ssh.c]
fix idiot typo that i introduced in my last commit;
spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
1a81258f4e
- jmc@cvs.openbsd.org 2004/04/19 16:12:14
...
[ssh_config.5]
kill whitespace at eol;
2004-04-20 20:13:32 +10:00
c970cb9052
- djm@cvs.openbsd.org 2004/04/19 13:02:40
...
[ssh.1 ssh_config.5]
document strict permission checks on ~/.ssh/config; prompted by,
with & ok jmc@
2004-04-20 20:12:53 +10:00
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
1824c071ab
- (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change
2004-04-20 20:10:46 +10:00
0b51a52a10
- (djm) OpenBSD CVS Sync
...
- henning@cvs.openbsd.org 2004/04/08 16:08:21
[sshconnect2.c]
swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do.
ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
bddc2b0179
- markus@cvs.openbsd.org 2004/04/01 12:19:57
...
[scp.c]
limit trust between local and remote rcp/scp process,
noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 23:50:16 +10:00
d04121f0ab
- djm@cvs.openbsd.org 2004/03/31 21:58:47
...
[canohost.c]
don't skip ip options check when UseDNS=no; ok markus@ (ID sync only)
2004-04-19 22:16:53 +10:00
dca6a4dd88
- djm@cvs.openbsd.org 2004/03/30 12:41:56
...
[sftp-client.c]
sync comment with reality
2004-04-19 22:10:52 +10:00
0a74ae7c14
- dtucker@cvs.openbsd.org 2004/03/08 10:17:12
...
[regress/login-timeout.sh]
Missing OBJ, from tim@. ok markus@ (Already fixed, ID sync only)
2004-04-19 22:04:21 +10:00
9929d1f666
- dtucker@cvs.openbsd.org 2004/02/29 22:04:45
...
[regress/login-timeout.sh]
Use sudo when restarting daemon during test. ok markus@
2004-04-19 22:01:37 +10:00
2eb4236d86
- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
...
change of user context without a password, so relax auth method
restrictions; from vinschen AT redhat.com; ok dtucker@
2004-04-18 21:15:43 +10:00
2a9bf4b3d3
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
...
authentication attempts. With & ok djm@
2004-04-18 11:00:26 +10:00
fe6d5aa54b
- (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and
...
BROKEN_SETREGID for SCO OpenServer 3
2004-04-16 20:03:07 -07:00
9c870f966a
- (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache
...
file using FILE: method, fixes problems on Mac OSX.
Patch from simon@sxw.org.uk ; ok dtucker@
2004-04-16 22:47:55 +10:00
c99a19b445
- (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
...
FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com
2004-04-16 17:58:28 +10:00
0ac4500f37
- (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@
2004-04-14 20:14:26 +10:00
06a8cfe796
- (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly
...
4-arg, with compatibility for 3-arg versions. From djm@, ok me.
2004-04-14 17:24:30 +10:00
3b908f65b4
- (dtucker) [acconfig.h configure.ac defines.h] Bug #673 : check for 4-arg
...
skeychallenge(), eg on NetBSD. ok mouring@
2004-04-14 15:26:39 +10:00
96cc26b614
- (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning
...
from bug #701 (text from jfh at cise.ufl.edu).
2004-04-14 13:04:35 +10:00
036768e48c
- (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggested
...
limiting scope and dtucker@ agreed.
2004-04-08 16:12:30 +00:00
11f18294ab
- (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and
...
simplify loginrec.c. ok tim@
2004-04-08 16:16:06 +10:00
1b9f2a6b44
- (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headers
...
back and #undef TARGET_OS_MAC instead. (Bug report pending with Apple)
2004-04-08 05:11:03 +00:00
4d2f361f96
- (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating
...
pty name on Linux 2.6.x systems. Patch from jpe at eisenmenger.org.
2004-04-08 10:57:05 +10:00
a8104b5c92
- (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see
...
if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X)
are starting to restrict it as internal since it is not needed by
developers any more. (Patch based on Apple tree)
- (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since
krb5 on MacOS/X conflicts. There may be a better solution, but this will
work for now.
2004-04-07 04:16:11 +00:00
ac7c998a2d
- (dtucker) [session.c] Flush stdout after displaying loginmsg. From
...
f_mohr at yahoo.de.
2004-04-07 08:04:09 +10:00
4398cf5927
- (dtucker) [configure.ac] Bug #816 , #748 (again): Attempt to detect
...
broken getaddrinfo and friends on HP-UX. ok djm@
2004-04-06 21:39:02 +10:00
8db9a0ffd8
- (dtucker) [acconfig.h configure.ac defines.h] Bug #820 : don't use
...
updwtmpx() on IRIX since it seems to clobber utmp. ok djm@
2004-04-06 21:31:12 +10:00
ccea020574
- (djm) Bug #825 : Fix ip_options_check() for mapped IPv4/IPv6 connection;
...
with & ok dtucker@
2004-03-31 15:17:54 +10:00
17addf0463
- (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
...
to reduce potential confusion with the one in sshd.c. ok djm@
2004-03-30 20:57:57 +10:00
809031f6c4
- (dtucker) [configure.ac] Bug #811 : Use "!" for LOCKED_PASSWD_PREFIX on
...
Linuxes, since that's what many use. ok djm@
2004-03-30 14:03:45 +10:00
b385059346
- (dtucker) [session.c] Bug #817 : Clear loginmsg after fork to prevent
...
duplicate login messages for mutli-session logins. ok djm@
2004-03-27 16:44:21 +11:00
154e8b82ef
- (djm) Crank RPM spec versions
2004-03-22 09:40:01 +11:00
aed7cee49a
- markus@cvs.openbsd.org 2004/03/20 10:40:59
...
[version.h]
3.8.1
2004-03-22 09:39:09 +11:00
0c889cd9e9
- markus@cvs.openbsd.org 2004/03/11 10:21:17
...
[ssh.c sshd.c]
ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
b408786db9
- markus@cvs.openbsd.org 2004/03/11 08:36:26
...
[sshd.c]
trim usage; ok deraadt
2004-03-22 09:35:21 +11:00
5095510e5f
- markus@cvs.openbsd.org 2004/03/10 09:45:06
...
[ssh.c]
trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
3df755e441
- markus@cvs.openbsd.org 2004/03/09 22:11:05
...
[ssh.c]
increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
bfba354261
- (djm) [sshd.c] Drop supplemental groups if started as root
2004-03-22 09:29:57 +11:00
4fefe24c01
- (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker
2004-03-11 14:20:10 +11:00
7c991ab1e1
- (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812 : #undef getaddrinfo
...
before redefining it, silences warnings on Tru64.
2004-03-10 21:06:32 +11:00
aa5383243d
- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal
2004-03-08 12:12:18 -08:00
8448e66770
- dtucker@cvs.openbsd.org 2004/03/08 10:18:57
...
[sshd_config.5]
Document KerberosGetAFSToken; ok markus@
2004-03-08 23:13:15 +11:00
3b51301a4b
- djm@cvs.openbsd.org 2004/03/08 09:38:05
...
[ssh-keyscan.c]
explicitly initialise remote_major and remote_minor.
from cjwatson AT debian.org; ok markus@
2004-03-08 23:13:00 +11:00
bd394c329b
- markus@cvs.openbsd.org 2004/03/05 10:53:58
...
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
2004-03-08 23:12:36 +11:00
c0f27d8782
- djm@cvs.openbsd.org 2004/03/03 09:31:20
...
[sftp.c]
Fix initialisation of progress meter; ok markus@
2004-03-08 23:12:19 +11:00
9ba3069a8b
- djm@cvs.openbsd.org 2004/03/03 09:30:42
...
[sftp-client.c]
Don't print duplicate messages when progressmeter is off
Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 23:12:02 +11:00
57aae982be
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2004/03/03 06:47:52
[sshd.c]
change proctiltle after accept(2); ok henning, deraadt, djm
2004-03-08 23:11:25 +11:00
dbf7a74ee5
- (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
...
monitor_wrap.h] Bug #808 : Ensure force_pwchange is correctly initialized
even if keyboard-interactive is not used by the client. Prevents segfaults
in some cases where the user's password is expired (note this is not
considered a security exposure). ok djm@
2004-03-08 23:04:06 +11:00
112aaac0ce
- (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some
...
platforms (eg SCO, HP-UX) with logging in the wrong TZ.
2004-03-08 22:13:12 +11:00
f45eff21dc
- (tim) [regress/login-timeout.sh] fix building outside of source tree.
2004-03-07 10:40:01 -08:00
91bf45c597
- (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.h
...
openbsd-compat/xcrypt.c] Bug #802 : Fix build error on Tru64 when
configured --with-osfsia. ok djm@
2004-03-04 22:59:36 +11:00
b9b6021667
- (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,
...
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 20:03:54 +11:00
4b385d4bc0
- (dtucker) [auth-pam.c] Don't try to export PAM when compiled with
...
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
2004-03-04 19:54:10 +11:00
6e26bf15ee
wrong year
2004-03-04 19:47:29 +11:00
6c4914afcc
- (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agent
...
ok dtucker
2004-03-03 11:08:59 +11:00
ad4a188e46
- (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188
2004-02-29 15:53:37 -08:00
b099d855d3
- (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if we
...
built with openssl < 0.9.7)
2004-02-29 21:30:05 +11:00
9468ba33a1
- dtucker@cvs.openbsd.org 2004/02/28 13:44:45
...
[regress/try-ciphers.sh]
Test acss too; ok markus@
2004-02-29 20:38:26 +11:00
68b184c75d
- dtucker@cvs.openbsd.org 2004/02/28 12:16:57
...
[regress/dynamic-forward.sh]
Make dynamic-forward understand nc's new output. ok markus@
2004-02-29 20:37:06 +11:00
437a5f035b
- markus@cvs.openbsd.org 2004/02/24 17:06:52
...
[regress/ssh-com-client.sh regress/ssh-com-keygen.sh
regress/ssh-com-sftp.sh regress/ssh-com.sh]
test against recent ssh.com releases
2004-02-29 20:33:51 +11:00
03c907a22b
- markus@cvs.openbsd.org 2004/02/24 16:56:30
...
[regress/test-exec.sh]
allow arguments in ${TEST_SSH_XXX}
2004-02-29 20:31:08 +11:00
017fd61a92
- dtucker@cvs.openbsd.org 2004/02/17 08:23:20
...
[regress/Makefile regress/login-timeout.sh]
Add regression test for LoginGraceTime; ok markus@
2004-02-29 20:30:17 +11:00
effc84ce5b
- dtucker@cvs.openbsd.org 2004/02/27 22:49:27
...
[dh.c]
Reset bit counter at the right time, fixes debug output in the case where
the DH group is rejected. ok markus@
2004-02-29 20:15:08 +11:00
c56c7ef592
- dtucker@cvs.openbsd.org 2004/02/27 22:44:56
...
[dh.c]
Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone
ever uses one. ok markus@
2004-02-29 20:13:34 +11:00
fc113c97a3
- dtucker@cvs.openbsd.org 2004/02/27 22:42:47
...
[dh.c]
Prevent sshd from sending DH groups with a primitive generator of zero or
one, even if they are listed in /etc/moduli. ok markus@
2004-02-29 20:12:33 +11:00
d592048c36
- djm@cvs.openbsd.org 2004/02/25 00:22:45
...
[sshd.c]
typo in comment
2004-02-29 20:11:30 +11:00
78ffe26501
- (bal) KNF our sshlogin.c even if the code looks nothing like upstream
...
code due to diversity issues.
2004-02-27 03:01:19 +00:00
124055dd3b
- (djm) Don't specify path to PAM modules in Redhat sshd.pam; from Fedora
2004-02-25 10:57:45 +11:00
d891395a09
- (djm) Trim ChangeLog
2004-02-25 10:56:31 +11:00
3342470472
- (djm) Release 3.8p1
2004-02-24 17:13:28 +11:00
e8c898a54f
[configure.ac] SCO3 needs -lcrypt_i for -lprot
2004-02-23 21:47:04 -08:00
149543e56d
- (dtucker) {README.platform] Add platform-specific notes.
2004-02-24 16:14:41 +11:00
5ce131f2b6
- (dtucker) [README] Add pointer to release notes. ok djm@
2004-02-24 16:13:24 +11:00
9fc475f0c3
- (djm) Crank RPM spec versions
2004-02-24 16:00:02 +11:00
18959006c0
[openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy. ok djm@
2004-02-23 20:51:06 -08:00
2359aa985d
- (dtucker) [uidswap.c] Minor KNF. ok djm@
2004-02-24 13:17:30 +11:00
a811d9a9a1
- (djm) [groupaccess.c uidswap.c] Bug #787 : Size group arrays at runtime
...
using sysconf() if available Based on patches from
holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
2004-02-24 13:05:11 +11:00
8a4e4f8779
Add missing ok
2004-02-24 10:58:10 +11:00
0d27ed1c19
- (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found
...
with krb5-config, hunt down gssapi.h and friends. Based partially on patch
from deengert at anl.gov.
For the MIT Kerberos bug against krb5-config related to this see:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=2240
2004-02-24 10:37:33 +11:00
a6ea420c38
- markus@cvs.openbsd.org 2004/02/23 15:16:46
...
[version.h]
enter 3.8
2004-02-24 09:24:01 +11:00
0acc92a93c
- markus@cvs.openbsd.org 2004/02/23 15:12:46
...
[bufaux.c]
encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka
and drop support for negative BNs; ok otto@
2004-02-24 09:21:41 +11:00
efa3706f05
- markus@cvs.openbsd.org 2004/02/23 12:02:33
...
[sshd.c]
backout revision 1.279; set listen socket to non-block; ok henning.
2004-02-24 09:20:29 +11:00
37bd3663bf
- markus@cvs.openbsd.org 2004/02/19 21:15:04
...
[sftp-server.c]
switch to new license.template
2004-02-24 09:19:15 +11:00
1825f26d21
- (dtucker) [session.c] Bug #789 : Only make setcred call for !privsep in the
...
non-interactive path. ok djm@
2004-02-24 00:01:27 +11:00
e828d0c75b
Add missed ChangeLog entries for previous commits...
2004-02-22 11:55:07 +11:00
15ee748f28
- (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
...
to auth-shadow.c, no functional change. ok djm@
2004-02-22 09:43:15 +11:00
2e45cb0fb4
- (djm) [openbsd-compat/setproctitle.c] fix comments; from grange@
2004-02-20 20:37:44 +11:00
051b0acbbc
- (djm) [log.c] Tighten openlog_r tests
2004-02-18 22:59:43 +11:00
82c78b3b9d
- (djm) [log.c] Correct use of HAVE_OPENLOG_R
2004-02-18 15:42:31 +11:00
05a75b6e5b
- jmc@cvs.openbsd.org 2004/02/17 19:35:21
...
[sshd_config.5]
remove cruft left over from RhostsAuthentication removal;
ok markus@
2004-02-18 14:31:23 +11:00
20e1fabace
- djm@cvs.openbsd.org 2004/02/17 11:03:08
...
[sftp.c]
sftp.c and sftp-int.c, together at last; ok markus@
2004-02-18 14:30:55 +11:00
d7d46bb606
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/02/17 07:17:29
[sftp-glob.c sftp.c]
Remove useless headers; ok deraadt@
2004-02-18 14:11:13 +11:00
a22897df06
- (dtucker) [configure.ac] Handle case where krb5-config --libs returns a
...
path with a "-" in it. From Sergio.Gelato at astro.su.se.
2004-02-18 11:21:12 +11:00
5cf8ef735c
- (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for
...
display after login. Should fix problems like pam_motd not displaying
anything, noticed by cjwatson at debian.org. ok djm@
2004-02-17 23:20:07 +11:00
ba53b839d3
- (dtucker) [auth-pam.c] Tidy up PAM debugging. ok djm@
2004-02-17 20:46:59 +11:00
34255b9f4c
- (djm) Bug #698 : Specify FILE: for KRB5CCNAME; patch from
...
stadal@suse.cz and simon@sxw.org.uk
2004-02-17 20:33:52 +11:00
4e60ed74a6
- djm@cvs.openbsd.org 2004/02/17 05:39:51
...
[sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
[sftp-int.h sftp.c]
switch to license.template for code written by me (belated, I know...)
2004-02-17 17:07:59 +11:00
98225c2950
- (djm) Simplify the license on code I have written. No code changes.
2004-02-17 16:49:41 +11:00
3d5352e156
[configure.ac] Make sure -lcrypto is before -lsocket for sco3. ok mouring@
2004-02-12 09:27:21 -08:00
9ad7e0e805
[Makefile.in regress/sftp-badcmds.sh regress/test-exec.sh]
...
Portablity fixes. Data sftp transfers needs to be world readable. Some
older shells hang on while loops when doing sh -n some_script. OK dtucker@
2004-02-12 07:17:10 -08:00
43fa557ce2
[configure.ac] Fix comment to match code changes in ver 1.117
2004-02-11 14:46:40 -08:00
cee6d4cf5a
- (dtucker) [auth-passwd.c auth-shadow.c] Only enable shadow expiry check
...
if HAS_SHADOW_EXPIRY is set.
2004-02-11 18:48:52 +11:00
13a707b60d
- (dtucker) [configure.ac] Bug #345 : Do not disable utmp on HP-UX 10.x.
...
ok djm@
2004-02-10 17:15:05 +11:00
c28b88a314
- (dtucker) [configure.ac loginrec.c] Bug #464 : Use updwtmpx on platforms
...
that support it. from & ok mouring@
2004-02-10 16:49:35 +11:00
cfea2063e5
- (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Move
...
include from port-aix.h to port-aix.c and remove unnecessary function
definition. Fixes build errors on AIX.
#include'ing auth.h in port-aix.h causes conflicting definitions of Authctxt
in sshconnect2.c. Sigh.
2004-02-10 15:27:34 +11:00
1921ed9f96
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14 : Use do_pwchange to
...
change expired PAM passwords for SSHv1 connections without privsep.
pam_chauthtok is still used when privsep is disabled. ok djm@
2004-02-10 13:23:28 +11:00
ffae532076
- (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #563 : Prepend ssh_ to compat
...
functions to avoid conflicts with Heimdal's libroken. ok djm@
2004-02-10 13:05:40 +11:00
9df3defdbb
- (dtucker) [LICENCE Makefile.in auth-passwd.c auth-shadow.c auth.c auth.h
...
defines.h] Bug #14 : Use do_pwchange to support password expiry and force
change for platforms using /etc/shadow. ok djm@
2004-02-10 13:01:14 +11:00
e3dba82dd4
- (dtucker) [auth-passwd.c auth.h openbsd-compat/port-aix.c
...
openbsd-compat/port-aix.h] Bug #14 : Use do_pwchange to support AIX's
native password expiry.
2004-02-10 12:50:19 +11:00
693f8a8aae
- (dtucker) [cipher.c] enable AES counter modes with OpenSSL 0.9.5.
...
ok djm@, markus@
2004-02-07 12:29:39 +11:00
fc57f71fb1
- dtucker@cvs.openbsd.org 2004/02/06 23:41:13
...
[cipher-ctr.c]
Use EVP_CIPHER_CTX_key_length for key length. ok markus@
(This will fix builds with OpenSSL 0.9.5)
2004-02-07 10:41:48 +11:00
074593538a
- (dtucker) [configure.ac includes.h] Include <sys/stream.h> if present,
...
required on Solaris 2.5.1 for queue_t, which is used by <sys/ptms.h>.
2004-02-06 21:29:41 +11:00
7f73a4955d
- markus@cvs.openbsd.org 2004/02/05 15:33:33
...
[progressmeter.c]
fix ETA for > 4GB; bugzilla #791 ; ok henning@ deraadt@
2004-02-06 16:41:37 +11:00
a8be9e23d2
- dtucker@cvs.openbsd.org 2004/02/05 05:37:17
...
[monitor.c sshd.c]
Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
2004-02-06 16:40:27 +11:00
23bc8d0bff
- markus@cvs.openbsd.org 2004/01/30 09:48:57
...
[auth-passwd.c auth.h pathnames.h session.c]
support for password change; ok dtucker@
(set password-dead=1w in login.conf to use this).
In -Portable, this is currently only platforms using bsdauth.
2004-02-06 16:24:31 +11:00
819d4526ca
Add bug no.
2004-02-06 16:18:47 +11:00
e45674ae80
- (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Restore
...
previous authdb setting after auth calls. Fixes problems with setpcred
failing on accounts that use AFS or NIS password registries.
2004-02-06 16:17:51 +11:00
ecc9d46dc5
- (dtucker) [sshd.c] Bug #757 : Clear child's environment to prevent
...
accidentally inheriting from root's environment. ok djm@
2004-02-06 16:04:08 +11:00
f58fb7e727
- (dtucker) [configure.ac] Bug #748 : Always define BROKEN_GETADDRINFO
...
for HP-UX 11.11. If there are known-good configs where this is not
required, please report them. ok djm@
2004-02-06 15:59:06 +11:00
ef3a4a208c
- (dtucker) [session.c] Bug #789 : Do not call do_pam_setcred as a non-root
...
user, since some modules might fail due to lack of privilege. ok djm@
2004-02-06 15:30:50 +11:00
6977fe742b
- (dtucker) [cipher-acss.c cipher.c] Enable acss only if building with
...
OpenSSL >= 0.9.7. ok djm@
2004-02-06 15:26:10 +11:00
9976246dfd
- (dtucker) [acss.c acss.h] Fix $Id tags.
2004-02-06 15:22:43 +11:00
2df334380b
- (dtucker) [configure.ac openbsd-compat/bsd-cray.c openbsd-compat/bsd-cray.h]
...
Bug #775 : Cray fixes from wendy at cray.com
2004-01-30 14:34:21 +11:00
dcc736b7de
- (dtucker) [configure.ac] Add --without-zlib-version-check. Feedback from
...
tim@, ok several
2004-01-30 14:20:59 +11:00
46662bfc21
- djm@cvs.openbsd.org 2004/01/13 09:49:06
...
[sftp-batch.sh]
don't delete thyself when running without obj/ ; ok markus@
2004-01-30 13:02:55 +11:00
633f3e0dd0
- jmc@cvs.openbsd.org 2003/11/07 10:16:44
...
[ssh-com.sh]
adress -> address, and a few more; all from Jonathon Gray;
2004-01-30 13:00:29 +11:00
22991ba2e2
- dtucker@cvs.openbsd.org 2003/10/11 11:49:49
...
[Makefile banner.sh]
Test missing banner file, suppression of banner with ssh -q, check return
code from ssh. ok markus@
2004-01-30 12:58:51 +11:00
77970695de
- (dtucker) [moduli] Import new moduli file from OpenBSD.
2004-01-28 15:44:04 +11:00
4f9f6794c5
- (dtucker) [regress/README.regress] Add tcpwrappers issue, noted by tim@
2004-01-28 12:26:14 +11:00
ec69203e45
- djm@cvs.openbsd.org 2004/01/27 10:08:10
...
[sftp.c]
reorder parsing so user:skey@host:file works (bugzilla #777 )
patch from admorten AT umich.edu; ok markus@
2004-01-27 21:22:00 +11:00
f6723f08e0
- djm@cvs.openbsd.org 2004/01/25 03:49:09
...
[sshconnect.c]
reset nonblocking flag after ConnectTimeout > 0 connect; (bugzilla #785 )
from jclonguet AT free.fr; ok millert@
2004-01-27 21:21:27 +11:00
b2d1c2b3b8
- hshoexer@cvs.openbsd.org 2004/01/23 19:26:33
...
[cipher.c]
rename acss@opebsd.org to acss@openssh.org
ok deraadt@
2004-01-27 21:20:59 +11:00
b21be84471
- mouring@cvs.openbsd.org 2004/01/23 17:57:48
...
[sftp-int.c]
Fix issue pointed out with ls not handling large directories
with embeded paths correctly. OK damien@
2004-01-27 21:20:11 +11:00
4f0fe684da
- (djm) OpenBSD CVS Sync
...
- hshoexer@cvs.openbsd.org 2004/01/23 17:06:03
[cipher.c]
enable acss for ssh
ok deraadt@ markus@
- (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS
if libcrypto lacks it
2004-01-27 21:19:21 +11:00
01326ebada
[defines.h openbsd-compat/getrrsetbyname.h] Move defines for HFIXEDSZ
...
and T_SIG to getrrsetbyname.h
2004-01-26 21:40:35 -08:00
2597bfd1fb
[configure.ac includes.h] add <sys/ptms.h> for grantpt() and friends.
2004-01-26 19:03:39 -08:00
ba1c2b82c4
[defines.h] Add defines for HFIXEDSZ and T_SIG
2004-01-26 16:02:17 -08:00
eafd8e9c55
20040126
...
[regress/test-exec.sh] RhostsAuthentication is deprecated.
2004-01-26 14:10:10 -08:00
3084a6198c
Typo in regress/README.regress
2004-01-26 09:37:09 -08:00
6814411b3e
- (djm) Typo in openbsd-compat/bsd-openpty.c; from wendyp AT cray.com
2004-01-24 13:50:39 +11:00
fcb6220da0
[configure.ac] Remove hard coded -L/usr/local/lib and
...
-I/usr/local/include. Users can do LDFLAGS="-L/usr/local/lib" \
CPPFLAGS="-I/usr/local/include" ./configure if needed.
2004-01-23 18:35:16 -08:00
3c78c5ed2f
- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
...
Change AFS symbol to USE_AFS to prevent namespace collisions, do not
include kafs.h unless necessary. From deengert at anl.gov.
For consistency, all of the libkafs bits are now inside "#if defined(KRB5)
&& defined(USE_AFS)".
2004-01-23 22:03:10 +11:00
6369958301
- (dtucker) [contrib/cygwin/README] Document new ssh-host-config options.
...
Patch from vinschen at redhat.com.
2004-01-23 21:35:44 +11:00
2dcd2393f4
- (dtucker) [configure.ac] Bug #788 : Test for zlib.h presence and for
...
zlib >= 1.1.4. Partly from jbasney at ncsa.uiuc.edu. ok djm@
2004-01-23 17:13:33 +11:00
84938141d4
- (djm) Bug #776 : Update contrib/redhat/openssh.spec to dynamically detect
...
Kerberos location (and thus work with Fedora Core 1);
from jason AT devrandom.org
2004-01-23 16:30:03 +11:00
d352636553
- (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from
...
ralf.hack AT pipex.net; ok dtucker@
2004-01-23 14:16:26 +11:00
c900128e55
[contrib/solaris/buildpkg.sh] Allow for the possibility of
...
/usr/local being a symbolic link. Fixes problem reported by Henry Grebler.
2004-01-22 16:10:03 -08:00
7fe8b72771
- (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
...
just HEIMDAL.
Currently this will make no difference, as only Heimdal (which defines KRB5
anyway) has libkafs, however a libkafs that works with MIT may become
available. In that case it will be used too.
2004-01-22 12:48:26 +11:00
1d3ca58705
- (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
...
GSSAPI detection, libs and includes. ok djm@
2004-01-22 12:05:34 +11:00
f4da3bb6ca
- deraadt@cvs.openbsd.org 2004/01/11 21:55:06
...
[sshpty.c]
for pty opening, only use the openpty() path. the other stuff only needs
to be in openssh-p; markus ok
- (djm) [openbsd-compat/bsd-openpty.c] Rework old sshpty.c code into an
openpty() replacement
2004-01-21 17:07:16 +11:00
e4f5a82d6e
- djm@cvs.openbsd.org 2004/01/21 03:07:59
...
[sftp.c]
initialise infile in main, rather than statically - from portable
2004-01-21 14:11:05 +11:00
fb1310eded
- markus@cvs.openbsd.org 2004/01/19 21:25:15
...
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2004-01-21 11:02:50 +11:00
a04ad496f6
- markus@cvs.openbsd.org 2004/01/19 09:24:21
...
[channels.c]
fake consumption for half closed channels since the peer is waiting for
window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
2004-01-21 11:02:09 +11:00
f84fed6f71
- markus@cvs.openbsd.org 2004/01/13 19:45:15
...
[compress.c]
cast for portability; millert@
2004-01-21 11:01:23 +11:00
8f341f8b8b
- markus@cvs.openbsd.org 2004/01/13 19:23:15
...
[compress.c session.c]
-Wall; ok henning
2004-01-21 11:00:46 +11:00
86a396857d
- jmc@cvs.openbsd.org 2004/01/13 12:17:33
...
[sftp.1]
remove unnecessary Ic's;
kill whitespace at EOL;
ok djm@
2004-01-21 11:00:04 +11:00
44f75c14f6
- djm@cvs.openbsd.org 2004/01/13 09:25:05
...
[sftp-int.c sftp.1 sftp.c]
Tidy sftp batchmode handling, eliminate junk to stderr (bugzilla #754 ) and
enable use of "-b -" to accept batchfile from stdin; ok markus@
2004-01-21 10:58:47 +11:00
a8df9248ce
- (dtucker) [auth-pam.c] Add minor debugging.
2004-01-15 00:15:07 +11:00
7ae0962798
- (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add
...
test for case where cleanup has already run.
2004-01-14 23:07:56 +11:00
749bc95bd8
- (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
...
unexpectedly. with & ok djm@
2004-01-14 22:14:04 +11:00
1b27c8fbcb
- (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No
...
functional changes.
This is in preparation for a change to catch the authentication thread
exitting unexpectedly, to split functional and cosmetic changes.
2004-01-13 22:35:58 +11:00
fd0894adae
- (dtucker) [configure.ac] Remove extra (typo) comma.
2004-01-09 00:19:25 +11:00
0234e8607f
- (dtucker) [auth-pam.c defines.h] Bug #783 : move __unused to defines.h and
...
only define if not already. From des at freebsd.org.
2004-01-08 23:32:04 +11:00
409cb328c1
- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
...
Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
2004-01-05 22:36:51 +11:00
e918318f2b
- (dtucker) [contrib/ssh-copy-id] Bug #781 : exit if ssh fails. Patch from
...
cjwatson at debian.org.
2004-01-05 08:16:34 +11:00
0f47c53742
- (djm) OSX/Darwin put the PAM headers in a different place, detect this.
...
Report from jakob@
2004-01-02 18:01:30 +11:00
c8ec16651e
- (djm) Remove useless DNS support configure summary message. from jakob@
2004-01-02 17:53:04 +11:00
7a2ea78cc4
- (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report from
...
jakob@
2004-01-02 17:52:10 +11:00
2a6b029f99
- (dtucker) [configure.ac] Only test setresuid and setresgid if they exist.
2003-12-31 14:59:17 +11:00
ea2870619d
- dtucker@cvs.openbsd.org 2003/12/31 00:24:50
...
[auth2-passwd.c]
Ignore password change request during password auth (which we currently
don't support) and discard proposed new password. corrections/ok markus@
2003-12-31 11:43:24 +11:00
0b3b97512f
- millert@cvs.openbsd.org 2003/12/29 16:39:50
...
[sshd_config]
KeepAlive has been obsoleted, use TCPKeepAlive instead; markus@ OK
2003-12-31 11:38:32 +11:00
22ef508754
- jakob@cvs.openbsd.org 2003/12/23 16:12:10
...
[servconf.c servconf.h session.c sshd_config]
implement KerberosGetAFSToken server option. ok markus@, beck@
2003-12-31 11:37:34 +11:00
a32e19c637
- markus@cvs.openbsd.org 2003/12/22 20:29:55
...
[cipher-3des1.c]
EVP_CIPHER_CTX_cleanup() for the des contexts; pruiksma@freesurf.fr
2003-12-31 11:36:00 +11:00
06930c70ad
- djm@cvs.openbsd.org 2003/12/22 09:16:58
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
tidy up moduli generation debugging, add -v (verbose/debug) option to
ssh-keygen; ok markus@
2003-12-31 11:34:51 +11:00
3715be3cd3
- (dtucker) [defines.h] Bug #458 : Define SIZE_T_MAX as UINT_MAX if we
...
typedef size_t ourselves.
2003-12-19 10:58:43 +11:00
07705c788e
- (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactive
...
authentication. Partially fixes bug #423 . Feedback & ok djm@
Some background on why this is the way it is:
* Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so
we must call do_pam_account() to figure out if the password is expired.
* AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the
authentication thread and once from the main shell child, so we cache the
result, which must be passed from the authentication thread back to the
monitor.
2003-12-18 15:34:31 +11:00
454da0b3dc
- (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.
2003-12-18 12:52:19 +11:00
563eb99711
- (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we are
...
using a real 'signal()' (Noticed by a NeXT Compile)
2003-12-18 00:34:06 +00:00
e937be36c3
- (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645 : Check for
...
setres[ug]id() present but not implemented (eg some Linux/glibc
combinations).
2003-12-17 18:53:26 +11:00
8975ddf11b
- markus@cvs.openbsd.org 2003/12/16 15:51:54
...
[dh.c]
use <= instead of < in dh_estimate; ok provos/hshoexer;
do not return < DH_GRP_MIN
2003-12-17 16:33:53 +11:00
509b0107f0
- markus@cvs.openbsd.org 2003/12/16 15:49:51
...
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
2003-12-17 16:33:10 +11:00
baafb981a4
- markus@cvs.openbsd.org 2003/12/14 12:37:21
...
[ssh_config.5]
we don't support GSS KEX; from Simon Wilkinson
2003-12-17 16:32:23 +11:00
d696551443
- dtucker@cvs.openbsd.org 2003/12/09 23:45:32
...
[clientloop.c]
Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
2003-12-17 16:31:53 +11:00
12c150e7e0
- markus@cvs.openbsd.org 2003/12/09 21:53:37
...
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
[ssh_config.5 sshconnect.c sshd.c sshd_config.5]
rename keepalive to tcpkeepalive; the old name causes too much
confusion; ok djm, dtucker; with help from jmc@
2003-12-17 16:31:10 +11:00
9836cf8d71
- markus@cvs.openbsd.org 2003/12/09 17:30:05
...
[ssh.c]
don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 16:30:06 +11:00
b9997192a7
- markus@cvs.openbsd.org 2003/12/09 17:29:04
...
[sshd.c]
fix -o and HUP; ok henning@
2003-12-17 16:29:22 +11:00
b5820f40bf
20031217
...
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/12/09 15:28:43
[serverloop.c]
make ClientKeepAlive work for ssh -N, too (no login shell requested).
1) send a bogus channel request if we find a channel
2) send a bogus global request if we don't have a channel
ok + test beck@
2003-12-17 16:27:32 +11:00
5cd9d443ef
- dtucker@cvs.openbsd.org 2003/12/09 13:52:55
...
[moduli.c]
Prevent ssh-keygen -T from outputting moduli with a generator of 0, since
they can't be used for Diffie-Hellman. Assistance and ok djm@
2003-12-10 00:54:38 +11:00
a615314d3b
- (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.
2003-12-10 00:52:37 +11:00
1cbc444935
- djm@cvs.openbsd.org 2003/12/07 06:34:18
...
[moduli.c]
remove unused debugging #define templates
2003-12-09 19:19:38 +11:00
564f19e237
- markus@cvs.openbsd.org 2003/12/08 11:00:47
...
[kexgexc.c]
print requested group size in debug; ok djm
2003-12-09 19:18:07 +11:00
3175eb9a5a
- markus@cvs.openbsd.org 2003/12/02 17:01:15
...
[channels.c session.c ssh-agent.c ssh.h sshd.c]
use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 19:15:11 +11:00
1fb0425359
- markus@cvs.openbsd.org 2003/12/02 12:15:10
...
[progressmeter.c]
improvments from andreas@:
* saner speed estimate for transfers that takes less than a second by
rounding the time to 1 second.
* when the transfer is finished calculate the actual total speed
rather than the current speed which is given during the transfer
2003-12-09 19:07:13 +11:00
37afa9d9a4
- djm@cvs.openbsd.org 2003/11/26 21:44:29
...
[cipher-aes.c]
fix #ifdef before #define; ok markus@
(RCS ID sync only, Portable already had this)
2003-12-09 19:05:42 +11:00
4c56843e44
- matthieu@cvs.openbsd.org 2003/11/25 23:10:08
...
[ssh-add.1]
ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
2003-12-09 19:01:51 +11:00
88368a3034
[configure.ac] Bug 770. Fix --without-rpath.
2003-12-08 12:35:59 -08:00
3db2e4daf7
- (djm) Annotate OpenBSD-derived files in openbsd-compat/ with original
...
source file path (in OpenBSD tree).
2003-11-24 13:33:34 +11:00
e0113ccc08
- dtucker@cvs.openbsd.org 2003/11/24 00:16:35
...
[ssh.1 ssh.c]
Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 13:10:09 +11:00
a4b33dfb6d
- djm@cvs.openbsd.org 2003/11/23 23:18:45
...
[ssh-keygen.c]
consistency PATH_MAX -> MAXPATHLEN; ok markus@
(RCS ID sync only)
- djm@cvs.openbsd.org 2003/11/23 23:21:21
[scp.c]
from portable: rename clashing variable limit-> limit_rate; ok markus@
(RCS ID sync only)
2003-11-24 13:09:27 +11:00
e00074a726
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/11/23 23:17:34
[ssh-keyscan.c]
from portable - use sysconf to detect fd limit; ok markus@
(tidy diff by adding SSH_SSFDMAX macro to defines.h)
2003-11-24 13:07:45 +11:00
927f52783e
- (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
...
function and call it unconditionally
2003-11-24 12:57:25 +11:00
5924ceb22d
- (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled code
2003-11-22 15:02:42 +11:00
841b9f1aad
- (djm) [sftp-int.c] Remove duplicated code from bogus sync
2003-11-22 14:48:49 +11:00
4da295c051
- (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patch
2003-11-22 14:39:04 +11:00
4e06a1d75d
- (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
...
Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
2003-11-22 14:25:15 +11:00
d76341616d
- (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
...
Move AIX specific password authentication code to port-aix.c, call
authenticate() until reenter flag is clear.
2003-11-22 14:16:56 +11:00
240fdfa909
- (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@
2003-11-22 14:10:02 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
8c5e91c03f
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/11/20 11:39:28
[progressmeter.c]
fix rounding errors; from andreas@
2003-11-21 23:09:10 +11:00
f96d18362d
- djm@cvs.openbsd.org 2003/11/18 10:53:07
...
[monitor.c]
unbreak fake authloop for non-existent users (my screwup). Spotted and
tested by dtucker@; ok markus@
2003-11-18 22:01:48 +11:00
4bb1dd3166
- (djm) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2003/11/18 00:40:05
[serverloop.c]
Correct check for authctxt->valid. ok djm@
2003-11-18 22:01:25 +11:00
8a1624c42d
- (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@
2003-11-18 12:45:35 +11:00
18df00cc77
- (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
...
and use it for do_pam_session. Fixes problems like pam_motd not displaying
anything. ok djm@
2003-11-18 12:42:07 +11:00
6aef38f5ac
- (djm) Fix early exit for root auth success when UsePAM=yes and
...
PermitRootLogin=no
2003-11-18 10:45:20 +11:00
0425d40194
- markus@cvs.openbsd.org 2003/11/17 11:06:07
...
[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h sshconnect2.c ssh-gss.h]
replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
test + ok jakob.
2003-11-17 22:18:21 +11:00
c756e9b56e
- (djm) Export environment variables from authentication subprocess to
...
parent. Part of Bug #717
2003-11-17 21:41:42 +11:00
9bdba70350
- (djm) Bug #632 : Don't call pam_end indirectly from within kbd-int
...
conversation function
2003-11-17 21:27:55 +11:00
51bf11fcc9
- djm@cvs.openbsd.org 2003/11/17 09:45:39
...
[msg.c msg.h sshconnect2.c ssh-keysign.c]
return error on msg send/receive failure (rather than fatal); ok markus@
2003-11-17 21:20:47 +11:00
91c6aa4468
- markus@cvs.openbsd.org 2003/11/14 13:19:09
...
[sshconnect2.c]
cleanup and minor fixes for the client code; from Simon Wilkinson
2003-11-17 21:20:18 +11:00
fe44847cb8
- jmc@cvs.openbsd.org 2003/11/12 20:14:51
...
[ssh_config.5]
make verb agree with subject, and kill some whitespace;
2003-11-17 21:19:49 +11:00
150b55745b
- jakob@cvs.openbsd.org 2003/11/12 16:39:58
...
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
update SSHFP validation. ok markus@
2003-11-17 21:19:29 +11:00
c1f2792bd0
- dtucker@cvs.openbsd.org 2003/11/12 10:12:15
...
[scp.c]
When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
2003-11-17 21:19:05 +11:00
f58b58ced1
- jakob@cvs.openbsd.org 2003/11/10 16:23:41
...
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
[key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
[ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
constify. ok markus@ & djm@
2003-11-17 21:18:23 +11:00
939cd38122
- jmc@cvs.openbsd.org 2003/11/08 19:17:29
...
[sftp-int.c]
typos from Jonathon Gray;
2003-11-17 21:17:24 +11:00
a9fcd3ada2
- jakob@cvs.openbsd.org 2003/11/08 16:02:40
...
[auth1.c]
remove unused variable (pw). ok djm@
(id sync only - still used in portable)
2003-11-17 21:16:55 +11:00
3e3b5145e5
- djm@cvs.openbsd.org 2003/11/04 08:54:09
...
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
[auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
[session.c]
standardise arguments to auth methods - they should all take authctxt.
check authctxt->valid rather then pw != NULL; ok markus@
2003-11-17 21:13:40 +11:00
8f746ec970
- jakob@cvs.openbsd.org 2003/11/03 09:37:32
...
[sshconnect.c]
do not free static type pointer in warn_changed_key()
2003-11-17 21:11:15 +11:00
5a38897dbb
- jakob@cvs.openbsd.org 2003/11/03 09:09:41
...
[sshconnect.c]
move changed key warning into warn_changed_key(). ok markus@
2003-11-17 21:10:47 +11:00
3e8f41e6ac
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/11/03 09:03:37
[auth-chall.c]
make this a little more idiot-proof; ok markus@
(includes portable-specific changes)
2003-11-17 21:09:50 +11:00
203c40b513
- (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
...
HP-UX, skip test on AIX.
2003-11-15 12:13:16 +11:00
ae52b7ca59
- (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
...
PAM_ERROR_MSG messages.
2003-11-13 19:52:31 +11:00
798ca84d60
- (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
...
contrib/cygwin). Major update from vinschen at redhat.com.
- Makefile provides a `cygwin-postinstall' target to run right after
`make install'.
- Better support for Windows 2003 Server.
- Try to get permissions as correct as possible.
- New command line options to allow full automated host configuration.
- Create configs from skeletons in /etc/defaults/etc.
- Use /bin/bash, allows reading user input with readline support.
- Remove really old configs from /usr/local.
2003-11-13 11:28:49 +11:00
0947ddff72
- (dtucker) [auth-pam.c] Append newlines to lines output by the
...
pam_chauthtok_conv().
2003-11-13 11:21:31 +11:00
418a386f2b
- (djm) Clarify UsePAM consequences a little more
2003-11-06 20:27:51 +11:00
be8a771af1
- (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid.
2003-11-03 22:52:52 +11:00
655a5e0987
- markus@cvs.openbsd.org 2003/11/02 11:01:03
...
[auth2-gss.c compat.c compat.h sshconnect2.c]
remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
2003-11-03 20:09:03 +11:00
6db8f936ae
- markus@cvs.openbsd.org 2003/10/28 09:08:06
...
[misc.c]
error->debug for getsockopt+TCP_NODELAY; several requests
2003-11-03 20:07:14 +11:00
56afe145e0
- avsm@cvs.openbsd.org 2003/10/26 16:57:43
...
[sshconnect2.c]
rename 'supported' static var in userauth_gssapi() to 'gss_supported'
to avoid shadowing the global version. markus@ ok
2003-11-03 20:06:14 +11:00
8cc39788cb
- markus@cvs.openbsd.org 2003/10/21 09:50:06
...
[auth2-gss.c]
make sure the doid is larger than 2
2003-11-03 20:05:03 +11:00
a47c9bcda6
- markus@cvs.openbsd.org 2003/10/15 09:48:45
...
[monitor_wrap.c]
check pmonitor != NULL
2003-11-03 20:03:25 +11:00
7c582db74b
- (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services
...
are created correctly with CRLF line terminations. Patch from vinschen at
redhat.com.
2003-11-03 18:59:29 +11:00
ea4c670eb8
- (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
...
make agent setgid during test.
2003-10-21 22:27:08 +10:00
0d37b5ca7b
- (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
...
directly. Noted by Darren.Moffat at sun.com.
2003-10-21 12:41:14 +10:00
9568ad96ad
- (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
...
MD5 passwords even if PAM support is enabled. From steev at detritus.net.
2003-10-17 16:32:11 +10:00
6b1f8a3cf5
[regress/banner.sh] portability fix.
2003-10-15 09:22:39 -07:00
Darren Tucker
Ben Lindstrom
Tim Rice
Damien Miller