tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,357 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

65 Commits

Author SHA1 Message Date
Damien Miller 8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21 
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
 2014-07-02 15:28:02 +10:00
Darren Tucker 316fac6f18 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} 
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
   Move the OpenSSL header/library version test into its own function and add
   tests for it. Fix it to allow fix version upgrades (but not downgrades).
   Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
   ok djm@ chl@
 2014-06-17 23:06:07 +10:00
Damien Miller 4d55734c16 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running 
openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@
 2012-03-30 11:34:27 +11:00
Damien Miller f22019bdbf - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac] 
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@ for testing on affected platforms.
 2011-05-05 13:48:37 +10:00
Damien Miller ff22df538e - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid 
gcc warning on platforms where it defaults to int
 2011-01-13 21:05:27 +11:00
Darren Tucker a8d51ee307 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include 
string.h to prevent warnings, from vapier at gentoo.org.
 2007-03-13 07:35:38 +11:00
Darren Tucker 23dd658e57 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error 
on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.
 2006-09-28 19:40:20 +10:00
Damien Miller ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] 
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 2006-09-01 15:38:36 +10:00
Darren Tucker ecf28ba7aa - (dtucker) [entropy.c] Needs unistd.h too. 2006-08-05 15:50:20 +10:00
Damien Miller 4cbfe8ebeb - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c] 
remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
 2006-08-05 12:49:30 +10:00
Darren Tucker e0e4aad1fd - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably 
others).
 2006-07-11 19:01:51 +10:00
Damien Miller b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
 2006-03-26 00:03:21 +11:00
Darren Tucker d82cbcb9da - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. 2006-03-16 07:21:35 +11:00
Darren Tucker 46e7ba5d53 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency 2005-09-28 08:26:30 +10:00
Darren Tucker c6f8219e0d - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed 
process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@
 2005-09-27 22:46:32 +10:00
Darren Tucker f1377bdeed - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid 
calls, since they can't possibly fail.  ok djm@
 2005-09-27 19:50:25 +10:00
Damien Miller b6f72f5294 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c] 
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
 2005-07-17 17:26:43 +10:00
Damien Miller 787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03 
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
 2003-11-21 23:48:55 +11:00
Ben Lindstrom 5ade9abc37 - (bal) redo how we handle 'mysignal()'. Move it to 
openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
   be our 'mysignal' by default.  OK djm@
 2003-08-25 01:16:21 +00:00
Damien Miller c46b6bc4f7 - (djm) A few type mismatch fixes from Bug #565 2003-05-16 15:51:44 +10:00
Ben Lindstrom 5a6abdae0f unexpand 2002-06-09 19:41:48 +00:00
Tim Rice f02dccc0dc [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0). 
entropy.c needs seteuid(getuid()) for the setuid(original_uid) to succeed.
Patch by gert@greenie.muc.de. This fixes one part of Bug 208
 2002-04-21 11:26:10 -07:00
Damien Miller a370f4dcc6 - (djm) Avoid SIGCHLD breakage when run from rsync. Fix from 
Sturle Sunde <sturle.sunde@usit.uio.no>
 2002-04-18 22:53:22 +10:00
Kevin Steves 581930735a - (stevesk) entropy.c: typo in debug message 2002-03-11 00:16:34 +00:00
Damien Miller 6c21c51c48 - (djm) autoconf hacking: 
- We don't support --without-zlib currently, so don't allow it.
   - Rework cryptographic random number support detection. We now detect
     whether OpenSSL seeds itself. If it does, then we don't bother with
     the ssh-rand-helper program. You can force the use of ssh-rand-helper
     using the --with-rand-helper configure argument
   - Simplify and clean up ssh-rand-helper configuration
 2002-01-22 21:57:53 +11:00
Damien Miller 62116dcc0a - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from 
solar@openwall.com
 - (djm) Rework entropy code. If the OpenSSL PRNG is has not been
   internally seeded, execute a subprogram "ssh-rand-helper" to obtain
   some entropy for us. Rewrite the old in-process entropy collecter as
   an example ssh-rand-helper.
 - (djm) Always perform ssh_prng_cmds path lookups in configure, even if
   we don't end up using ssh_prng_cmds (so we always get a valid file)
 2001-12-24 01:41:47 +11:00
Damien Miller 2ab5924d1f - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on 
a fast UltraSPARC.
 2001-08-06 16:51:49 +10:00
Damien Miller 79b332dd67 - (djm) Fix a few warnings the above turned up 2001-06-27 23:36:08 +10:00
Damien Miller 60bc517356 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to 
do it implicitly.
 2001-03-19 09:38:15 +11:00
Damien Miller d0ccb989c2 - Allow PRNGd entropy collection from localhost TCP socket. Replace 
"--with-egd-pool" configure option with "--with-prngd-socket" and
   "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
   <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2001-03-04 00:29:20 +11:00
Damien Miller 3456d32a92 avoid warning 2001-02-27 11:00:52 +11:00
Damien Miller 248131ae99 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller 
<markm@swoon.net>
 2001-02-27 09:47:16 +11:00
Damien Miller 767c7fc27c - (djm) fatal() on OpenSSL version mismatch 2001-02-27 09:20:57 +11:00
Damien Miller fbd884a80d - (djm) Fix up POSIX saved uid support. Report from Mark Miller 
<markm@swoon.net>
 - (djm) Search for -lcrypt on FreeBSD too
 2001-02-27 08:39:07 +11:00
Damien Miller bb7c976202 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics. 
Based on patch from Tim Rice <tim@multitalents.net>
 2001-02-26 20:49:58 +11:00
Kevin Steves 4679f5b94f - (stevesk) entropy.c: typo; should be SIGPIPE 2001-02-18 11:34:32 +00:00
Damien Miller a1072a8e37 - (djm) Move entropy.c over to mysignal() 2001-02-18 15:28:11 +11:00
Damien Miller b3ffc5f1d4 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from 
Todd C. Miller <Todd.Miller@courtesan.com>
 2001-02-18 12:44:29 +11:00
Kevin Steves ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
 2001-02-05 12:42:17 +00:00
Ben Lindstrom cb577331b4 20010123 
- (bal) regexp.h typo in configure.in.  Should have been regex.h
 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
 2001-01-22 21:06:19 +00:00
Ben Lindstrom 226cfa0378 Hopefully things did not get mixed around too much. It compiles under 
Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.
 2001-01-22 05:34:40 +00:00
Damien Miller 21de450853 - (djm) Only write random seed file at exit 2001-01-17 09:37:15 +11:00
Damien Miller d592b63296 give up privs when reading seed file 2000-11-25 10:09:32 +11:00
Damien Miller 52dc96b717 - (djm) Make inability to read/write PRNG seedfile non-fatal 2000-10-16 20:13:43 +11:00
Damien Miller cb5e44a440 - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, 
tidy necessary differences. Use Markus' new debugN() in entropy.c
 2000-09-29 12:12:36 +11:00
Damien Miller 9d5705a4b3 - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM 
password change patch.
 - (djm) Bring licenses on my stuff in line with OpenBSD's
 2000-09-16 16:09:27 +11:00
Damien Miller ecbb26d3d4 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> 
- Include floatingpoint.h for entropy.c
   - strerror replacement
 2000-07-15 14:59:14 +10:00
Damien Miller f9b625c36e - (djm) Fix pam sprintf fix 
- (djm) Cleanup entropy collection code a little more. Split initialisation
   from seeding, perform intialisation immediatly at start, be careful with
   uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
 2000-07-09 22:42:32 +10:00
Damien Miller 0800647391 Fix fixed egd code 2000-06-26 13:55:31 +10:00