tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,234 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

2837 Commits

Author SHA1 Message Date
Damien Miller 76b5c8a83a - (djm) Bug #589 - scard-opensc: load only keys with a private keys 
Patch from larsch@trustcenter.de
 2003-06-05 19:19:35 +10:00
Damien Miller f49078dfdf - (djm) Bug #588 - Add scard-opensc.o back to Makefile.in 
Patch from larsch@trustcenter.de
 2003-06-05 18:53:42 +10:00
Damien Miller c28e38d23a - (djm) Merge all the openbsd/fake-* into fake-rfc2553.[ch] 2003-06-05 18:52:47 +10:00
Damien Miller b95bb7f9b1 - (djm) Don't use xmalloc() or pull in toplevel headers in fake-* code 2003-06-05 10:04:12 +10:00
Damien Miller 5fe46a45c8 - (djm) Implement paranoid priv dropping checks, based on: 
"SetUID demystified" - Hao Chen, David Wagner and Drew Dean
   Proceedings of USENIX Security Symposium 2002
 2003-06-05 09:53:31 +10:00
Damien Miller 10eac0cf8f - (djm) Support AI_NUMERICHOST in fake-getaddrinfo.c. Needed for recent 
canohost.c changes.
 2003-06-05 09:48:32 +10:00
Damien Miller 0cbb9dea05 - (djm) Always use mysignal() for SIGALRM 2003-06-04 22:56:15 +10:00
Damien Miller cc685c1cbe - djm@cvs.openbsd.org 2003/06/04 12:41:22 
[sftp.c]
     kill ssh process on receipt of signal; ok markus@
 2003-06-04 22:51:38 +10:00
Damien Miller b69aaa8db7 - djm@cvs.openbsd.org 2003/06/04 12:40:39 
[scp.c]
     kill ssh process upon receipt of signal, bz #241.
     based on patch from esb AT hawaii.edu; ok markus@
 2003-06-04 22:51:24 +10:00
Damien Miller 65d1f5765f - djm@cvs.openbsd.org 2003/06/04 12:18:49 
[scp.c]
     ansify; ok markus@
 2003-06-04 22:51:08 +10:00
Damien Miller 9fc7c699af - djm@cvs.openbsd.org 2003/06/04 12:03:59 
[serverloop.c]
     remove bitrotten commet; ok markus@
 2003-06-04 22:50:54 +10:00
Damien Miller 4c322482bb - (djm) Update to fix of bug #584: lock card before return. 
From larsch@trustcenter.de
 2003-06-04 22:12:17 +10:00
Damien Miller 31b3a0a98f - djm@cvs.openbsd.org 2003/06/04 10:23:48 
[sshd.c]
     remove duplicated group-dropping code; ok markus@
 2003-06-04 20:32:12 +10:00
Damien Miller 941ac459ce - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2003/06/04 08:25:18
     [sshconnect.c]
     disable challenge/response and keyboard-interactive auth methods
     upon hostkey mismatch. based on patch from fcusack AT fcusack.com.
     bz #580; ok markus@
 2003-06-04 20:31:53 +10:00
Damien Miller 2527f5755a - (djm) Bug #584: scard-opensc.c doesn't work without PIN. Patch from 
larsch@trustcenter.de; ok markus@
 2003-06-04 19:22:06 +10:00
Damien Miller 485397c48d - (djm) Bug #577 - wrong flag in scard-opensc.c sc_private_decrypt. 
ok markus@
 2003-06-04 19:15:10 +10:00
Damien Miller 865173ee03 - (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from 
simon@sxw.org.uk (Also matches a change in OpenBSD a while ago)
 2003-06-04 19:06:59 +10:00
Damien Miller d311c4e54b change "No more 4-term BSD licenses in our tree" to 
"No more 4-term BSD licenses in linked code"

mdoc2man.pl is 4-term BSDL
 2003-06-03 13:09:16 +10:00
Damien Miller dafb12ed28 a - millert@cvs.openbsd.org 2003/06/03 02:56:16 
[scp.c]
     Remove the advertising clause in the UCB license which Berkeley
     rescinded 22 July 1999.  Proofed by myself and Theo.
 2003-06-03 13:06:18 +10:00
Darren Tucker eb28cbc399 - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping. 2003-06-03 12:45:27 +10:00
Damien Miller 048d88d5aa trim prior to 3.6p1 2003-06-03 12:43:14 +10:00
Damien Miller 329638e49c - (djm) Sync openbsd-compat with OpenBSD CVS. 
- No more 4-term BSD licenses in our tree
 2003-06-03 12:12:50 +10:00
Damien Miller 3a961dc0d3 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/06/02 09:17:34
     [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
     [canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
     [sshd_config.5]
     deprecate VerifyReverseMapping since it's dangerous if combined
     with IP based access control as noted by Mike Harding; replace with
     a UseDNS option, UseDNS is on by default and includes the
     VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
     ok deraadt@, djm@
 - (djm) Fix portable-specific uses of verify_reverse_mapping too
 2003-06-03 10:25:48 +10:00
Damien Miller 35276253a6 - (djm) Replace setproctitle replacement with code derived from 
UCB sendmail
 2003-06-03 10:14:28 +10:00
Damien Miller eacbb4fcc1 - jakob@cvs.openbsd.org 2003/06/02 08:31:10 
[ssh_config.5]
     VerifyHostKeyDNS is v2 only. ok markus@
 2003-06-02 19:10:41 +10:00
Damien Miller 61d3680aca - deraadt@cvs.openbsd.org 2003/05/29 16:58:45 
[sshd.c uidswap.c]
     seteuid and setegid; markus ok
 2003-06-02 19:09:48 +10:00
Damien Miller ab2db41b61 - djm@cvs.openbsd.org 2003/05/26 12:54:40 
[sshconnect.c]
     fix format strings; ok markus@
 2003-06-02 19:09:13 +10:00
Damien Miller f46844214d - (djm) Sync license on openbsd-compat/bindresvport.c with OpenBSD CVS 2003-06-02 18:59:08 +10:00
Damien Miller dcc8312a19 - (djm) Fix use of macro before #define in cipher-aes.c 2003-06-02 18:57:59 +10:00
Damien Miller dba5950820 - (djm) Remove "noip6" option from RedHat spec file. This may now be 
set at runtime using AddressFamily option.
 2003-06-02 17:43:19 +10:00
Tim Rice 237ca4ab08 openbsd-compat/xmmap.[ch] License clarifications. Add missing CVS ID. 2003-06-01 19:25:27 -07:00
Damien Miller f2e3e9deba - (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may 
clobber
 2003-06-02 12:15:54 +10:00
Damien Miller f3bff94957 - (djm) Fix segv from bad reordering in auth-pam.c 2003-06-02 12:13:40 +10:00
Darren Tucker 2972d6c045 - (dtucker) Define SSHD_ACQUIRES_CTTY for NCR MP-RAS and Reliant Unix. 
I'm pretty sure these are required.  I also want to add -D_XOPEN_SOURCE=1
-D_XOPEN_SOURCE_EXTENDED=1 to CPPFLAGS for MP-RAS but I haven't had confirmation
that it will not break anything else.
 2003-05-30 17:43:42 +10:00
Darren Tucker 3cb84e5ec8 - (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at 
roumenpetrov.info
 2003-05-30 16:58:22 +10:00
Damien Miller a6a7c19dcb - (djm) Avoid auth2-chall.c warning when compiling without 
PAM, BSD_AUTH and SKEY
 2003-05-26 21:36:13 +10:00
Damien Miller 04bd8b0bcc - djm@cvs.openbsd.org 2003/05/24 09:30:40 
[authfile.c monitor.c sftp-common.c sshpty.c]
     cast some types for printing; ok markus@
 2003-05-25 14:38:33 +10:00
Damien Miller c11fe255ab - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2003/05/24 09:02:22
     [log.c]
     pass logged data through strnvis; ok markus
 2003-05-25 14:38:02 +10:00
Darren Tucker 6014578b90 - (dtucker) Correct --osfsia in INSTALL. Patch by skeleten at shillest.net 2003-05-24 11:41:16 +10:00
Damien Miller 08293fa435 - djm@cvs.openbsd.org 2003/05/23 08:29:30 
[sshconnect.c]
     fix leak; ok markus@
 2003-05-23 18:44:41 +10:00
Damien Miller fbf486b4a6 - jmc@cvs.openbsd.org 2003/05/20 12:09:31 
[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
     new sentence, new line
 2003-05-23 18:44:23 +10:00
Damien Miller 5067792a72 - (djm) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2003/05/20 12:03:35
     [sftp.1]
     - new sentence, new line
     - added .Xr's
     - typos
     ok djm@
 2003-05-23 18:44:04 +10:00
Damien Miller d419bdae77 - (djm) Use VIS_SAFE on logged strings rather than default strnvis 
encoding (which encodes many more characters)
 2003-05-23 18:43:40 +10:00
Damien Miller 1340ec297b - (djm) Configure logic to detect syslog_r and friends 2003-05-20 09:24:42 +10:00
Damien Miller 74a3442d10 - deraadt@cvs.openbsd.org 2003/05/18 23:22:01 
[log.c]
     use syslog_r() in a signal handler called place; markus ok
 2003-05-20 09:24:17 +10:00
Damien Miller eb0e969a4f - (djm) Sync auth-pam.h with what we actually implement 2003-05-19 11:28:44 +10:00
Damien Miller 5b5ca19ef0 - (djm) KNF on auth-sia.[ch] 2003-05-19 00:50:02 +10:00
Damien Miller e7fb103192 - (djm) KNF on md5crypt.c 2003-05-19 00:46:46 +10:00
Damien Miller 317412502b - (djm) Big KNF on openbsd-compat/ 2003-05-19 00:13:38 +10:00
Damien Miller e323df6c48 - (djm) Sync openbsd-compat/ with OpenBSD CVS head 2003-05-18 22:24:09 +10:00
Damien Miller 0b8e9006d8 - (djm) Tidy and trim TODO 2003-05-18 21:44:07 +10:00
Damien Miller f5399c24dc - markus@cvs.openbsd.org 2003/05/17 04:27:52 
[cipher.c cipher-ctr.c myproposal.h]
     experimental support for aes-ctr modes from
     http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
     ok djm@
 2003-05-18 20:53:59 +10:00
Damien Miller a9825785e8 - itojun@cvs.openbsd.org 2003/05/17 03:25:58 
[auth-rhosts.c]
     just in case, put numbers to sscanf %s arg.
 2003-05-18 20:53:10 +10:00
Damien Miller 7e1bbc55af - (djm) Remove IPv4 by default hack now that we can specify AF in config 2003-05-18 20:52:40 +10:00
Damien Miller 20a8f97b03 - djm@cvs.openbsd.org 2003/05/16 03:27:12 
[readconf.c ssh_config ssh_config.5 ssh-keysign.c]
     add AddressFamily option to ssh_config (like -4, -6 on commandline).
     Portable bug #534; ok markus@
 2003-05-18 20:50:30 +10:00
Damien Miller 25d9342f04 - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in 
recent merge
 2003-05-18 20:45:47 +10:00
Ben Lindstrom 4c9e9ab165 - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD) 2003-05-18 01:22:43 +00:00
Damien Miller e27c6cc3ad - (djm) Guard free_pam_environment against NULL argument. Works around 
HP/UX PAM problems debugged by dtucker
 2003-05-16 18:21:01 +10:00
Damien Miller c46b6bc4f7 - (djm) A few type mismatch fixes from Bug #565 2003-05-16 15:51:44 +10:00
Damien Miller 6ac2c48a19 - (djm) Add warning for UsePAM when built without PAM support 2003-05-16 11:42:35 +10:00
Damien Miller b78d5eb6c5 - djm@cvs.openbsd.org 2003/05/15 14:55:25 
[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
     add a ConnectTimeout option to ssh, based on patch from
     Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
 2003-05-16 11:39:04 +10:00
Damien Miller 99b4b88aba - markus@cvs.openbsd.org 2003/05/15 14:09:21 
[auth2-krb5.c]
     fix 64bit issue; report itojun@
 2003-05-16 11:38:46 +10:00
Damien Miller f9b3feb847 - jakob@cvs.openbsd.org 2003/05/15 14:02:47 
[readconf.c servconf.c]
     warn for unsupported config option. ok markus@
 2003-05-16 11:38:32 +10:00
Damien Miller 6e80c36e2a - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2003/05/15 13:52:10
     [ssh.c]
     Make "ssh -V" print the OpenSSL version in a human readable form. Patch
     from Craig Leres (mindrot at ee.lbl.gov); ok markus@
 2003-05-16 11:38:00 +10:00
Darren Tucker 5d0ccf3b24 - (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK 2003-05-15 21:42:59 +10:00
Damien Miller eff041d19e - (djm) Bug #444: Wrong paths after reconfigure 2003-05-15 21:33:46 +10:00
Damien Miller 04cb536054 - (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv 
correctly)
 2003-05-15 21:29:10 +10:00
Damien Miller b10f1cd878 - (djm) Only build getrrsetbyname replacement when using --with-dns 2003-05-15 20:55:27 +10:00
Damien Miller 46a7b40d1e - markus@cvs.openbsd.org 2003/05/15 04:08:41 
[ssh.1]
     ~B is ssh2 only
 2003-05-15 14:17:28 +10:00
Damien Miller 156cbe8c67 - (djm) Enable UsePAM when built --with-pam 2003-05-15 14:16:41 +10:00
Damien Miller d248b5bd1b - jakob@cvs.openbsd.org 2003/05/15 04:08:44 
[readconf.c servconf.c]
     disable kerberos when not supported. ok markus@
 2003-05-15 14:15:23 +10:00
Damien Miller ffda4cb218 - (djm) Avoid uuencode.c warnings 2003-05-15 13:57:51 +10:00
Damien Miller 34bb56743a - mouring@cvs.openbsd.org 2003/05/15 03:43:59 
[sftp-int.c sftp.c]
     Teach ls how to display multiple column display and allow users
     to return to single column format via 'ls -1'.  OK @djm
 2003-05-15 13:49:58 +10:00
Damien Miller 19c8f2b310 - mouring@cvs.openbsd.org 2003/05/15 03:43:59 
[sftp-int.c]
     Teach ls how to display multiple column display and allow users
     to return to single column format via 'ls -1'.  OK @djm
 2003-05-15 13:49:21 +10:00
Damien Miller 4962ed6ab4 - mouring@cvs.openbsd.org 2003/05/15 03:39:07 
[sftp-int.c]
     Make put/get (globed and nonglobed) code more consistant. OK djm@
 2003-05-15 13:48:59 +10:00
Damien Miller ed12a26f0d - djm@cvs.openbsd.org 2003/05/15 03:10:52 
[ssh-keygen.c]
     avoid warning; ok jakob@
 2003-05-15 13:37:43 +10:00
Damien Miller 3a3261ff99 - markus@cvs.openbsd.org 2003/05/15 03:08:29 
[cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
     split out custom EVP ciphers
 2003-05-15 13:37:19 +10:00
Damien Miller b0622653ba - jakob@cvs.openbsd.org 2003/05/15 02:27:15 
[dns.c]
     add missing freerrset
 2003-05-15 13:27:28 +10:00
Damien Miller 5975cf12c3 - (djm) Adapt README.dns for portable 2003-05-15 13:23:36 +10:00
Damien Miller a47f526dd7 - (djm) Tidy Makefile clean targets 2003-05-15 13:23:07 +10:00
Damien Miller d9ec370ac3 - (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support) 2003-05-15 12:27:08 +10:00
Damien Miller 2aa0ab463f - jakob@cvs.openbsd.org 2003/05/15 01:48:10 
[readconf.c readconf.h servconf.c servconf.h]
     always parse kerberos options. ok djm@ markus@
 - (djm) Always parse UsePAM
 2003-05-15 12:05:28 +10:00
Damien Miller f842fcb296 - markus@cvs.openbsd.org 2003/05/15 00:28:28 
[sshconnect2.c]
     cleanup unregister of per-method packet handlers; ok djm@
 2003-05-15 12:01:28 +10:00
Damien Miller 7abe09bf86 - (djm) Configure glue for DNS support (code doesn't work in portable yet) 2003-05-15 10:53:49 +10:00
Damien Miller 54c459866e - markus@cvs.openbsd.org 2003/05/14 22:24:42 
[clientloop.c session.c ssh.1]
     allow to send a BREAK to the remote system; ok various
 2003-05-15 10:20:13 +10:00
Damien Miller 37876e913a - jakob@cvs.openbsd.org 2003/05/14 18:16:20 
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
     [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
     add experimental support for verifying hos keys using DNS as described
     in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
     ok markus@ and henning@
 2003-05-15 10:19:46 +10:00
Damien Miller abbae980e7 - (djm) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2003/05/14 13:11:56
     [ssh-agent.1]
     setup -> set up;
     from wiz@netbsd
 2003-05-15 10:16:21 +10:00
Damien Miller 1ea7166019 - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability 2003-05-14 22:33:58 +10:00
Darren Tucker abef5628e8 - (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@ 2003-05-14 21:48:51 +10:00
Damien Miller be64d43d01 - markus@cvs.openbsd.org 2003/05/14 08:57:49 
[monitor.c]
     http://bugzilla.mindrot.org/show_bug.cgi?id=560
     Privsep child continues to run after monitor killed.
     Pass monitor signals through to child; Darren Tucker
 2003-05-14 19:31:12 +10:00
Damien Miller d6ead282db - jmc@cvs.openbsd.org 2003/05/14 08:25:39 
[sftp.1]
     - better formatting in SYNOPSIS
     - whitespace at EOL
     ok djm@
 2003-05-14 19:30:38 +10:00
Damien Miller 4d99519535 - (djm) Avoid KrbV leak for MIT Kerberos 2003-05-14 19:23:56 +10:00
Damien Miller 9d507dac1f - (djm) Die screaming if start_pam() is called when UsePAM=no 2003-05-14 15:31:12 +10:00
Damien Miller 4e448a31ae - (djm) Add new UsePAM configuration directive to allow runtime control 
over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
 2003-05-14 15:11:48 +10:00
Damien Miller 9c617693c2 - (djm) Make portable build with MIT krb5 (some issues remain) 2003-05-14 14:31:11 +10:00
Damien Miller 3ab496b3dd - markus@cvs.openbsd.org 2003/05/14 02:15:47 
[auth2.c monitor.c sshconnect2.c auth2-krb5.c]
     implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
     server interops with commercial client; ok jakob@ djm@
 2003-05-14 13:47:37 +10:00
Damien Miller fb7508edc8 - djm@cvs.openbsd.org 2003/05/14 01:00:44 
[sftp.1]
     emphasise the batchmode functionality and make reference to pubkey auth,
     both of which are FAQs; ok markus@
 2003-05-14 13:47:07 +10:00
Damien Miller 935063553a - markus@cvs.openbsd.org 2003/05/12 18:35:18 
[ssh-keyscan.1]
     typo: DSA keys are of type ssh-dss; Brian Poole
 2003-05-14 13:46:33 +10:00
Damien Miller 280ecfb6e4 - markus@cvs.openbsd.org 2003/05/12 16:55:37 
[sshconnect2.c]
     for pubkey authentication try the user keys in the following order:
        1. agent keys that are found in the config file
        2. other agent keys
        3. keys that are only listed in the config file
     this helps when an agent has many keys, where the server might
     close the connection before the correct key is used. report & ok pb@
 2003-05-14 13:46:00 +10:00
Damien Miller b1ca8bb159 - markus@cvs.openbsd.org 2003/05/11 20:30:25 
[channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
 2003-05-14 13:45:42 +10:00