Damien Miller
d352636553
- (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from
...
ralf.hack AT pipex.net; ok dtucker@
2004-01-23 14:16:26 +11:00
Tim Rice
c900128e55
[contrib/solaris/buildpkg.sh] Allow for the possibility of
...
/usr/local being a symbolic link. Fixes problem reported by Henry Grebler.
2004-01-22 16:10:03 -08:00
Darren Tucker
7fe8b72771
- (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
...
just HEIMDAL.
Currently this will make no difference, as only Heimdal (which defines KRB5
anyway) has libkafs, however a libkafs that works with MIT may become
available. In that case it will be used too.
2004-01-22 12:48:26 +11:00
Darren Tucker
1d3ca58705
- (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
...
GSSAPI detection, libs and includes. ok djm@
2004-01-22 12:05:34 +11:00
Damien Miller
f4da3bb6ca
- deraadt@cvs.openbsd.org 2004/01/11 21:55:06
...
[sshpty.c]
for pty opening, only use the openpty() path. the other stuff only needs
to be in openssh-p; markus ok
- (djm) [openbsd-compat/bsd-openpty.c] Rework old sshpty.c code into an
openpty() replacement
2004-01-21 17:07:16 +11:00
Damien Miller
e4f5a82d6e
- djm@cvs.openbsd.org 2004/01/21 03:07:59
...
[sftp.c]
initialise infile in main, rather than statically - from portable
2004-01-21 14:11:05 +11:00
Damien Miller
fb1310eded
- markus@cvs.openbsd.org 2004/01/19 21:25:15
...
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2004-01-21 11:02:50 +11:00
Damien Miller
a04ad496f6
- markus@cvs.openbsd.org 2004/01/19 09:24:21
...
[channels.c]
fake consumption for half closed channels since the peer is waiting for
window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
2004-01-21 11:02:09 +11:00
Damien Miller
f84fed6f71
- markus@cvs.openbsd.org 2004/01/13 19:45:15
...
[compress.c]
cast for portability; millert@
2004-01-21 11:01:23 +11:00
Damien Miller
8f341f8b8b
- markus@cvs.openbsd.org 2004/01/13 19:23:15
...
[compress.c session.c]
-Wall; ok henning
2004-01-21 11:00:46 +11:00
Damien Miller
86a396857d
- jmc@cvs.openbsd.org 2004/01/13 12:17:33
...
[sftp.1]
remove unnecessary Ic's;
kill whitespace at EOL;
ok djm@
2004-01-21 11:00:04 +11:00
Damien Miller
44f75c14f6
- djm@cvs.openbsd.org 2004/01/13 09:25:05
...
[sftp-int.c sftp.1 sftp.c]
Tidy sftp batchmode handling, eliminate junk to stderr (bugzilla #754 ) and
enable use of "-b -" to accept batchfile from stdin; ok markus@
2004-01-21 10:58:47 +11:00
Darren Tucker
a8df9248ce
- (dtucker) [auth-pam.c] Add minor debugging.
2004-01-15 00:15:07 +11:00
Darren Tucker
7ae0962798
- (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add
...
test for case where cleanup has already run.
2004-01-14 23:07:56 +11:00
Darren Tucker
749bc95bd8
- (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
...
unexpectedly. with & ok djm@
2004-01-14 22:14:04 +11:00
Darren Tucker
1b27c8fbcb
- (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No
...
functional changes.
This is in preparation for a change to catch the authentication thread
exitting unexpectedly, to split functional and cosmetic changes.
2004-01-13 22:35:58 +11:00
Darren Tucker
fd0894adae
- (dtucker) [configure.ac] Remove extra (typo) comma.
2004-01-09 00:19:25 +11:00
Darren Tucker
0234e8607f
- (dtucker) [auth-pam.c defines.h] Bug #783 : move __unused to defines.h and
...
only define if not already. From des at freebsd.org.
2004-01-08 23:32:04 +11:00
Darren Tucker
409cb328c1
- (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
...
Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
2004-01-05 22:36:51 +11:00
Darren Tucker
e918318f2b
- (dtucker) [contrib/ssh-copy-id] Bug #781 : exit if ssh fails. Patch from
...
cjwatson at debian.org.
2004-01-05 08:16:34 +11:00
Damien Miller
0f47c53742
- (djm) OSX/Darwin put the PAM headers in a different place, detect this.
...
Report from jakob@
2004-01-02 18:01:30 +11:00
Damien Miller
c8ec16651e
- (djm) Remove useless DNS support configure summary message. from jakob@
2004-01-02 17:53:04 +11:00
Damien Miller
7a2ea78cc4
- (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report from
...
jakob@
2004-01-02 17:52:10 +11:00
Darren Tucker
2a6b029f99
- (dtucker) [configure.ac] Only test setresuid and setresgid if they exist.
2003-12-31 14:59:17 +11:00
Darren Tucker
ea2870619d
- dtucker@cvs.openbsd.org 2003/12/31 00:24:50
...
[auth2-passwd.c]
Ignore password change request during password auth (which we currently
don't support) and discard proposed new password. corrections/ok markus@
2003-12-31 11:43:24 +11:00
Darren Tucker
0b3b97512f
- millert@cvs.openbsd.org 2003/12/29 16:39:50
...
[sshd_config]
KeepAlive has been obsoleted, use TCPKeepAlive instead; markus@ OK
2003-12-31 11:38:32 +11:00
Darren Tucker
22ef508754
- jakob@cvs.openbsd.org 2003/12/23 16:12:10
...
[servconf.c servconf.h session.c sshd_config]
implement KerberosGetAFSToken server option. ok markus@, beck@
2003-12-31 11:37:34 +11:00
Darren Tucker
a32e19c637
- markus@cvs.openbsd.org 2003/12/22 20:29:55
...
[cipher-3des1.c]
EVP_CIPHER_CTX_cleanup() for the des contexts; pruiksma@freesurf.fr
2003-12-31 11:36:00 +11:00
Darren Tucker
06930c70ad
- djm@cvs.openbsd.org 2003/12/22 09:16:58
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
tidy up moduli generation debugging, add -v (verbose/debug) option to
ssh-keygen; ok markus@
2003-12-31 11:34:51 +11:00
Darren Tucker
3715be3cd3
- (dtucker) [defines.h] Bug #458 : Define SIZE_T_MAX as UINT_MAX if we
...
typedef size_t ourselves.
2003-12-19 10:58:43 +11:00
Darren Tucker
07705c788e
- (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactive
...
authentication. Partially fixes bug #423 . Feedback & ok djm@
Some background on why this is the way it is:
* Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so
we must call do_pam_account() to figure out if the password is expired.
* AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the
authentication thread and once from the main shell child, so we cache the
result, which must be passed from the authentication thread back to the
monitor.
2003-12-18 15:34:31 +11:00
Darren Tucker
454da0b3dc
- (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.
2003-12-18 12:52:19 +11:00
Ben Lindstrom
563eb99711
- (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we are
...
using a real 'signal()' (Noticed by a NeXT Compile)
2003-12-18 00:34:06 +00:00
Darren Tucker
e937be36c3
- (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645 : Check for
...
setres[ug]id() present but not implemented (eg some Linux/glibc
combinations).
2003-12-17 18:53:26 +11:00
Damien Miller
8975ddf11b
- markus@cvs.openbsd.org 2003/12/16 15:51:54
...
[dh.c]
use <= instead of < in dh_estimate; ok provos/hshoexer;
do not return < DH_GRP_MIN
2003-12-17 16:33:53 +11:00
Damien Miller
509b0107f0
- markus@cvs.openbsd.org 2003/12/16 15:49:51
...
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
2003-12-17 16:33:10 +11:00
Damien Miller
baafb981a4
- markus@cvs.openbsd.org 2003/12/14 12:37:21
...
[ssh_config.5]
we don't support GSS KEX; from Simon Wilkinson
2003-12-17 16:32:23 +11:00
Damien Miller
d696551443
- dtucker@cvs.openbsd.org 2003/12/09 23:45:32
...
[clientloop.c]
Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
2003-12-17 16:31:53 +11:00
Damien Miller
12c150e7e0
- markus@cvs.openbsd.org 2003/12/09 21:53:37
...
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
[ssh_config.5 sshconnect.c sshd.c sshd_config.5]
rename keepalive to tcpkeepalive; the old name causes too much
confusion; ok djm, dtucker; with help from jmc@
2003-12-17 16:31:10 +11:00
Damien Miller
9836cf8d71
- markus@cvs.openbsd.org 2003/12/09 17:30:05
...
[ssh.c]
don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 16:30:06 +11:00
Damien Miller
b9997192a7
- markus@cvs.openbsd.org 2003/12/09 17:29:04
...
[sshd.c]
fix -o and HUP; ok henning@
2003-12-17 16:29:22 +11:00
Damien Miller
b5820f40bf
20031217
...
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/12/09 15:28:43
[serverloop.c]
make ClientKeepAlive work for ssh -N, too (no login shell requested).
1) send a bogus channel request if we find a channel
2) send a bogus global request if we don't have a channel
ok + test beck@
2003-12-17 16:27:32 +11:00
Darren Tucker
5cd9d443ef
- dtucker@cvs.openbsd.org 2003/12/09 13:52:55
...
[moduli.c]
Prevent ssh-keygen -T from outputting moduli with a generator of 0, since
they can't be used for Diffie-Hellman. Assistance and ok djm@
2003-12-10 00:54:38 +11:00
Darren Tucker
a615314d3b
- (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.
2003-12-10 00:52:37 +11:00
Darren Tucker
1cbc444935
- djm@cvs.openbsd.org 2003/12/07 06:34:18
...
[moduli.c]
remove unused debugging #define templates
2003-12-09 19:19:38 +11:00
Darren Tucker
564f19e237
- markus@cvs.openbsd.org 2003/12/08 11:00:47
...
[kexgexc.c]
print requested group size in debug; ok djm
2003-12-09 19:18:07 +11:00
Darren Tucker
3175eb9a5a
- markus@cvs.openbsd.org 2003/12/02 17:01:15
...
[channels.c session.c ssh-agent.c ssh.h sshd.c]
use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 19:15:11 +11:00
Darren Tucker
1fb0425359
- markus@cvs.openbsd.org 2003/12/02 12:15:10
...
[progressmeter.c]
improvments from andreas@:
* saner speed estimate for transfers that takes less than a second by
rounding the time to 1 second.
* when the transfer is finished calculate the actual total speed
rather than the current speed which is given during the transfer
2003-12-09 19:07:13 +11:00
Darren Tucker
37afa9d9a4
- djm@cvs.openbsd.org 2003/11/26 21:44:29
...
[cipher-aes.c]
fix #ifdef before #define; ok markus@
(RCS ID sync only, Portable already had this)
2003-12-09 19:05:42 +11:00
Darren Tucker
4c56843e44
- matthieu@cvs.openbsd.org 2003/11/25 23:10:08
...
[ssh-add.1]
ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
2003-12-09 19:01:51 +11:00
Tim Rice
88368a3034
[configure.ac] Bug 770. Fix --without-rpath.
2003-12-08 12:35:59 -08:00
Damien Miller
3db2e4daf7
- (djm) Annotate OpenBSD-derived files in openbsd-compat/ with original
...
source file path (in OpenBSD tree).
2003-11-24 13:33:34 +11:00
Damien Miller
e0113ccc08
- dtucker@cvs.openbsd.org 2003/11/24 00:16:35
...
[ssh.1 ssh.c]
Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 13:10:09 +11:00
Damien Miller
a4b33dfb6d
- djm@cvs.openbsd.org 2003/11/23 23:18:45
...
[ssh-keygen.c]
consistency PATH_MAX -> MAXPATHLEN; ok markus@
(RCS ID sync only)
- djm@cvs.openbsd.org 2003/11/23 23:21:21
[scp.c]
from portable: rename clashing variable limit-> limit_rate; ok markus@
(RCS ID sync only)
2003-11-24 13:09:27 +11:00
Damien Miller
e00074a726
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/11/23 23:17:34
[ssh-keyscan.c]
from portable - use sysconf to detect fd limit; ok markus@
(tidy diff by adding SSH_SSFDMAX macro to defines.h)
2003-11-24 13:07:45 +11:00
Damien Miller
927f52783e
- (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
...
function and call it unconditionally
2003-11-24 12:57:25 +11:00
Damien Miller
5924ceb22d
- (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled code
2003-11-22 15:02:42 +11:00
Damien Miller
841b9f1aad
- (djm) [sftp-int.c] Remove duplicated code from bogus sync
2003-11-22 14:48:49 +11:00
Damien Miller
4da295c051
- (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patch
2003-11-22 14:39:04 +11:00
Darren Tucker
4e06a1d75d
- (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
...
Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
2003-11-22 14:25:15 +11:00
Darren Tucker
d76341616d
- (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
...
Move AIX specific password authentication code to port-aix.c, call
authenticate() until reenter flag is clear.
2003-11-22 14:16:56 +11:00
Darren Tucker
240fdfa909
- (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@
2003-11-22 14:10:02 +11:00
Damien Miller
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Damien Miller
8c5e91c03f
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/11/20 11:39:28
[progressmeter.c]
fix rounding errors; from andreas@
2003-11-21 23:09:10 +11:00
Damien Miller
f96d18362d
- djm@cvs.openbsd.org 2003/11/18 10:53:07
...
[monitor.c]
unbreak fake authloop for non-existent users (my screwup). Spotted and
tested by dtucker@; ok markus@
2003-11-18 22:01:48 +11:00
Damien Miller
4bb1dd3166
- (djm) OpenBSD CVS Sync
...
- dtucker@cvs.openbsd.org 2003/11/18 00:40:05
[serverloop.c]
Correct check for authctxt->valid. ok djm@
2003-11-18 22:01:25 +11:00
Darren Tucker
8a1624c42d
- (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@
2003-11-18 12:45:35 +11:00
Darren Tucker
18df00cc77
- (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
...
and use it for do_pam_session. Fixes problems like pam_motd not displaying
anything. ok djm@
2003-11-18 12:42:07 +11:00
Damien Miller
6aef38f5ac
- (djm) Fix early exit for root auth success when UsePAM=yes and
...
PermitRootLogin=no
2003-11-18 10:45:20 +11:00
Damien Miller
0425d40194
- markus@cvs.openbsd.org 2003/11/17 11:06:07
...
[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h sshconnect2.c ssh-gss.h]
replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
test + ok jakob.
2003-11-17 22:18:21 +11:00
Damien Miller
c756e9b56e
- (djm) Export environment variables from authentication subprocess to
...
parent. Part of Bug #717
2003-11-17 21:41:42 +11:00
Damien Miller
9bdba70350
- (djm) Bug #632 : Don't call pam_end indirectly from within kbd-int
...
conversation function
2003-11-17 21:27:55 +11:00
Damien Miller
51bf11fcc9
- djm@cvs.openbsd.org 2003/11/17 09:45:39
...
[msg.c msg.h sshconnect2.c ssh-keysign.c]
return error on msg send/receive failure (rather than fatal); ok markus@
2003-11-17 21:20:47 +11:00
Damien Miller
91c6aa4468
- markus@cvs.openbsd.org 2003/11/14 13:19:09
...
[sshconnect2.c]
cleanup and minor fixes for the client code; from Simon Wilkinson
2003-11-17 21:20:18 +11:00
Damien Miller
fe44847cb8
- jmc@cvs.openbsd.org 2003/11/12 20:14:51
...
[ssh_config.5]
make verb agree with subject, and kill some whitespace;
2003-11-17 21:19:49 +11:00
Damien Miller
150b55745b
- jakob@cvs.openbsd.org 2003/11/12 16:39:58
...
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
update SSHFP validation. ok markus@
2003-11-17 21:19:29 +11:00
Damien Miller
c1f2792bd0
- dtucker@cvs.openbsd.org 2003/11/12 10:12:15
...
[scp.c]
When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
2003-11-17 21:19:05 +11:00
Damien Miller
f58b58ced1
- jakob@cvs.openbsd.org 2003/11/10 16:23:41
...
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
[key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
[ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
constify. ok markus@ & djm@
2003-11-17 21:18:23 +11:00
Damien Miller
939cd38122
- jmc@cvs.openbsd.org 2003/11/08 19:17:29
...
[sftp-int.c]
typos from Jonathon Gray;
2003-11-17 21:17:24 +11:00
Damien Miller
a9fcd3ada2
- jakob@cvs.openbsd.org 2003/11/08 16:02:40
...
[auth1.c]
remove unused variable (pw). ok djm@
(id sync only - still used in portable)
2003-11-17 21:16:55 +11:00
Damien Miller
3e3b5145e5
- djm@cvs.openbsd.org 2003/11/04 08:54:09
...
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
[auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
[session.c]
standardise arguments to auth methods - they should all take authctxt.
check authctxt->valid rather then pw != NULL; ok markus@
2003-11-17 21:13:40 +11:00
Damien Miller
8f746ec970
- jakob@cvs.openbsd.org 2003/11/03 09:37:32
...
[sshconnect.c]
do not free static type pointer in warn_changed_key()
2003-11-17 21:11:15 +11:00
Damien Miller
5a38897dbb
- jakob@cvs.openbsd.org 2003/11/03 09:09:41
...
[sshconnect.c]
move changed key warning into warn_changed_key(). ok markus@
2003-11-17 21:10:47 +11:00
Damien Miller
3e8f41e6ac
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/11/03 09:03:37
[auth-chall.c]
make this a little more idiot-proof; ok markus@
(includes portable-specific changes)
2003-11-17 21:09:50 +11:00
Darren Tucker
203c40b513
- (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
...
HP-UX, skip test on AIX.
2003-11-15 12:13:16 +11:00
Darren Tucker
ae52b7ca59
- (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
...
PAM_ERROR_MSG messages.
2003-11-13 19:52:31 +11:00
Darren Tucker
798ca84d60
- (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
...
contrib/cygwin). Major update from vinschen at redhat.com.
- Makefile provides a `cygwin-postinstall' target to run right after
`make install'.
- Better support for Windows 2003 Server.
- Try to get permissions as correct as possible.
- New command line options to allow full automated host configuration.
- Create configs from skeletons in /etc/defaults/etc.
- Use /bin/bash, allows reading user input with readline support.
- Remove really old configs from /usr/local.
2003-11-13 11:28:49 +11:00
Darren Tucker
0947ddff72
- (dtucker) [auth-pam.c] Append newlines to lines output by the
...
pam_chauthtok_conv().
2003-11-13 11:21:31 +11:00
Damien Miller
418a386f2b
- (djm) Clarify UsePAM consequences a little more
2003-11-06 20:27:51 +11:00
Darren Tucker
be8a771af1
- (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid.
2003-11-03 22:52:52 +11:00
Darren Tucker
655a5e0987
- markus@cvs.openbsd.org 2003/11/02 11:01:03
...
[auth2-gss.c compat.c compat.h sshconnect2.c]
remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
2003-11-03 20:09:03 +11:00
Darren Tucker
6db8f936ae
- markus@cvs.openbsd.org 2003/10/28 09:08:06
...
[misc.c]
error->debug for getsockopt+TCP_NODELAY; several requests
2003-11-03 20:07:14 +11:00
Darren Tucker
56afe145e0
- avsm@cvs.openbsd.org 2003/10/26 16:57:43
...
[sshconnect2.c]
rename 'supported' static var in userauth_gssapi() to 'gss_supported'
to avoid shadowing the global version. markus@ ok
2003-11-03 20:06:14 +11:00
Darren Tucker
8cc39788cb
- markus@cvs.openbsd.org 2003/10/21 09:50:06
...
[auth2-gss.c]
make sure the doid is larger than 2
2003-11-03 20:05:03 +11:00
Darren Tucker
a47c9bcda6
- markus@cvs.openbsd.org 2003/10/15 09:48:45
...
[monitor_wrap.c]
check pmonitor != NULL
2003-11-03 20:03:25 +11:00
Darren Tucker
7c582db74b
- (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services
...
are created correctly with CRLF line terminations. Patch from vinschen at
redhat.com.
2003-11-03 18:59:29 +11:00
Darren Tucker
ea4c670eb8
- (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
...
make agent setgid during test.
2003-10-21 22:27:08 +10:00
Darren Tucker
0d37b5ca7b
- (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
...
directly. Noted by Darren.Moffat at sun.com.
2003-10-21 12:41:14 +10:00
Darren Tucker
9568ad96ad
- (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
...
MD5 passwords even if PAM support is enabled. From steev at detritus.net.
2003-10-17 16:32:11 +10:00
Tim Rice
6b1f8a3cf5
[regress/banner.sh] portability fix.
2003-10-15 09:22:39 -07:00
Darren Tucker
c6020651ba
- (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode.
2003-10-15 17:48:20 +10:00
Darren Tucker
5f88d3440e
- (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c
...
openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
compiled in but disabled in config.
2003-10-15 16:57:57 +10:00
Darren Tucker
072a7b178c
- markus@cvs.openbsd.org 2003/10/14 19:54:39
...
[session.c ssh-agent.c]
10X for mkdtemp; djm@
2003-10-15 16:10:25 +10:00
Darren Tucker
64b77bcb4b
- jakob@cvs.openbsd.org 2003/10/14 19:43:23
...
[README.dns]
update
Resynced with OpenBSD too: DNSFP support is now always compiled in
so the configure support (and documentation thereof) can go away.
2003-10-15 16:07:53 +10:00
Darren Tucker
dda19d63ff
- jakob@cvs.openbsd.org 2003/10/14 19:42:10
...
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
Darren Tucker
b370ca9313
- markus@cvs.openbsd.org 2003/10/13 08:22:25
...
[scp.1 sftp.1]
don't refer to options related to forwarding; ok jmc@
2003-10-15 15:59:26 +10:00
Darren Tucker
f132c67e8e
- jmc@cvs.openbsd.org 2003/10/12 13:12:13
...
[ssh_config.5]
note that EnableSSHKeySign should be in the non-hostspecific section;
remove unnecessary .Pp;
ok markus@
2003-10-15 15:58:18 +10:00
Darren Tucker
7eb3de0dfb
- markus@cvs.openbsd.org 2003/10/11 11:36:23
...
[monitor_wrap.c]
return NULL for missing banner; ok djm@
2003-10-15 15:56:58 +10:00
Darren Tucker
d05b601895
- markus@cvs.openbsd.org 2003/10/11 08:26:43
...
[sshconnect2.c]
search keys in reverse order; fixes #684
2003-10-15 15:55:59 +10:00
Darren Tucker
0a118da00e
- markus@cvs.openbsd.org 2003/10/11 08:24:08
...
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Darren Tucker
a044f47679
- markus@cvs.openbsd.org 2003/10/08 15:21:24
...
[readconf.c ssh_config.5]
default GSS API to no in client, too; ok jakob, deraadt@
2003-10-15 15:52:03 +10:00
Darren Tucker
1f20394e92
- jmc@cvs.openbsd.org 2003/10/08 08:27:36
...
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
scp and sftp: add options list and sort options. options list requested
by deraadt@
sshd: use same format as ssh
ssh: remove wrong option from list
sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
ok deraadt@ markus@
2003-10-15 15:50:42 +10:00
Darren Tucker
6c0c0705e3
- (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@
2003-10-09 14:13:53 +10:00
Darren Tucker
0240ff786e
- djm@cvs.openbsd.org 2003/10/07 07:04:52
...
[regress/sftp-cmds.sh]
more sftp quoting regress tests; ok markus
2003-10-08 17:52:10 +10:00
Darren Tucker
dc001a5ee3
- dtucker@cvs.openbsd.org 2003/10/07 01:52:13
...
[regress/Makefile regress/banner.sh]
Test SSH2 banner. ok markus@
2003-10-08 17:47:19 +10:00
Darren Tucker
796448276c
- deraadt@cvs.openbsd.org 2003/10/07 21:58:28
...
[sshconnect2.c]
set ptr to NULL after free
2003-10-08 17:37:58 +10:00
Darren Tucker
64dbccc2a5
- djm@cvs.openbsd.org 2003/10/07 07:04:16
...
[sftp-int.c]
sftp quoting fix from admorten AT umich.edu; ok markus@
2003-10-08 17:34:38 +10:00
Darren Tucker
046dff2a07
- dtucker@cvs.openbsd.org 2003/10/07 01:47:27
...
[sshconnect2.c]
Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707 .
ok markus@
2003-10-08 17:32:02 +10:00
Darren Tucker
89df7a3eca
- (dtucker) [configure.ac] Bug #710 : Check for dlsym() in libdl on
...
Reliant Unix. Based on patch from Robert.Dahlem at siemens.com.
2003-10-07 20:35:57 +10:00
Darren Tucker
3b2a06c0d7
- (dtucker) [configure.ac] Bug #715 : Set BROKEN_SETREUID and BROKEN_SETREGID
...
on Reliant Unix. Patch from Robert.Dahlem at siemens.com.
2003-10-07 18:37:11 +10:00
Darren Tucker
2e8c0cc752
- (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c]
...
Bug #670 : add strtoul() to openbsd-compat for platforms lacking it. ok djm@
2003-10-07 17:49:56 +10:00
Darren Tucker
dfe6d914b7
- (dtucker) [contrib/redhat/openssh.spec] Bug #714 : Now that UsePAM is a
...
run-time switch, always build --with-md5-passwords.
2003-10-07 17:40:56 +10:00
Darren Tucker
f4bf5d086a
So people know who to blame...
2003-10-07 11:31:22 +10:00
Darren Tucker
8846a07639
- (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
...
cleanup functions. With & ok djm@
2003-10-07 11:30:15 +10:00
Damien Miller
6f1f611a52
- (djm) Delete autom4te.cache after autoreconf
2003-10-07 10:18:22 +10:00
Tim Rice
30aa44cf0a
[contrib/caldera/openssh.spec] Remove obsolete --with-ipv4-default option.
2003-10-03 22:30:23 -07:00
Darren Tucker
e3ca82e06c
- markus@cvs.openbsd.org 2003/10/02 08:26:53
...
[ssh-gss.h]
missing $OpenBSD:; dtucker
2003-10-03 18:02:30 +10:00
Darren Tucker
4a2505445f
- markus@cvs.openbsd.org 2003/10/02 10:41:59
...
[sshd.c]
print openssl version, too, several requests; ok henning/djm.
2003-10-03 17:57:24 +10:00
Darren Tucker
f391ba6730
- (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
...
Based on patches by Matthias Koeppe and Thomas Baden. ok djm@
2003-10-02 20:07:09 +10:00
Darren Tucker
7596d6866f
- (dtucker) [ssh-gss.h] Prototype change missed in sync.
2003-10-02 17:32:30 +10:00
Darren Tucker
0ccb59b85c
- (dtucker) [configure.ac] Don't set DISABLE_SHADOW when configuring
...
--with-pam. ok djm@
2003-10-02 16:26:34 +10:00
Darren Tucker
a49d36e7b9
- markus@cvs.openbsd.org 2003/09/29 20:19:57
...
[servconf.c sshd_config]
GSSAPICleanupCreds -> GSSAPICleanupCredentials
2003-10-02 16:20:54 +10:00
Darren Tucker
6177695c0b
- jmc@cvs.openbsd.org 2003/09/29 11:40:51
...
[ssh.1]
- add list of options to -o and .Xr ssh_config(5)
- some other cleanup
requested by deraadt@;
ok deraadt@ markus@
2003-10-02 16:19:47 +10:00
Darren Tucker
8fca6b57b4
- markus@cvs.openbsd.org 2003/09/26 08:19:29
...
[sshd.c]
no need to set the listen sockets to non-block; ok deraadt@
2003-10-02 16:18:22 +10:00
Darren Tucker
5dcdd219fb
- markus@cvs.openbsd.org 2003/09/23 20:41:11
...
[channels.c channels.h clientloop.c]
move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
Darren Tucker
6cc310bd5f
- markus@cvs.openbsd.org 2003/09/23 20:18:52
...
[progressmeter.c]
don't print trailing \0; bug #709 ; Robert.Dahlem@siemens.com
ok millert/deraadt@
2003-10-02 16:15:15 +10:00
Darren Tucker
3e33cecf71
- markus@cvs.openbsd.org 2003/09/23 20:17:11
...
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
Ben Lindstrom
b210aa2cfa
- (bal) Fix issues in openbsd-compat/realpath.c
2003-09-30 23:49:06 +00:00
Tim Rice
d4d1815cae
[sshd_config] UsePAM defaults to no.
2003-09-25 19:04:34 -07:00
Darren Tucker
b88fcc755d
- (dtucker) [configure.ac openbsd-compat/xcrypt.c] Bug #633 : Remove
...
DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam. Patch from
michael_steffens at hp.com, ok djm@
2003-09-25 20:18:33 +10:00
Darren Tucker
beaf6790e1
- (dtucker) [configure.ac] IRIX5 needs the same setre[ug]id defines as IRIX6.
2003-09-24 20:03:48 +10:00
Damien Miller
dbb104791b
- (djm) Update version.h and spec files for HEAD
2003-09-24 08:30:18 +10:00
Damien Miller
5c3a55846a
- (djm) Sync with V_3_7 branch:
...
- (djm) Fix SSH1 challenge kludge
- (djm) Bug #671 : Fix builds on OpenBSD
- (djm) Bug #676 : Fix PAM stack corruption
- (djm) Fix bad free() in PAM code
- (djm) Don't call pam_end before pam_init
- (djm) Enable build with old OpenSSL again
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2003-09-23 22:12:38 +10:00
Tim Rice
7ff4e6dbe5
[configure.ac] add --disable-etc-default-login option. ok djm
2003-09-22 19:50:14 -07:00
Ben Lindstrom
da4d9cf4bf
- (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by john
...
on #unixhelp@efnet
2003-09-22 15:36:15 +00:00
Darren Tucker
9a2c4cddad
- markus@cvs.openbsd.org 2003/09/19 17:43:35
...
[clientloop.c sshtty.c sshtty.h]
remove fatal callbacks from client code; ok deraadt
2003-09-22 21:16:05 +10:00
Darren Tucker
8654d16f0f
- markus@cvs.openbsd.org 2003/09/19 17:40:20
...
[scp.c]
error handling for remote-remote copy; #638 ; report Harald Koenig;
ok millert, fgs, henning, deraadt
2003-09-22 21:14:55 +10:00
Darren Tucker
aaa56cb804
- markus@cvs.openbsd.org 2003/09/19 11:33:09
...
[packet.c sshd.c]
do not call packet_close on fatal; ok deraadt
2003-09-22 21:13:59 +10:00
Darren Tucker
3dbff2a93b
- markus@cvs.openbsd.org 2003/09/19 11:31:33
...
[channels.c]
do not call channel_free_all on fatal; ok deraadt
2003-09-22 21:12:56 +10:00
Darren Tucker
3d32622171
- markus@cvs.openbsd.org 2003/09/19 11:30:39
...
[ssh-keyscan.c]
avoid fatal_cleanup, just call exit(); ok deraadt
2003-09-22 21:11:20 +10:00