6cffb9a8cd
- markus@cvs.openbsd.org 2002/08/12 10:46:35
...
[ssh-agent.c]
make ssh-agent setgid, disallow ptrace.
(note: change not yet made in Makefile)
2002-09-04 16:20:26 +10:00
3962119c8a
- (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign
...
it to ULONG_MAX.
2002-08-21 02:54:11 +00:00
479b476af6
- stevesk@cvs.openbsd.org 2002/08/17 23:55:01
...
[ssh_config.5]
ordered list here
2002-08-20 19:04:51 +00:00
3541f18e10
- stevesk@cvs.openbsd.org 2002/08/17 23:07:14
...
[ssh.1]
ForwardAgent has defaulted to no for over 2 years; be more clear here.
2002-08-20 19:03:20 +00:00
bd9bf38b00
- stevesk@cvs.openbsd.org 2002/08/12 17:30:35
...
[ssh.1 sshd.8 sshd_config.5]
more PermitUserEnvironment; ok markus@
2002-08-20 18:54:20 +00:00
15b6120e63
- stevesk@cvs.openbsd.org 2002/08/09 17:41:12
...
[sshd_config.5]
proxy vs. fake display
2002-08-20 18:44:24 +00:00
1f8cf4f4fb
- stevesk@cvs.openbsd.org 2002/08/09 17:21:42
...
[sshd_config.5]
use Op for mdoc conformance; from esr@golux.thyrsus.com
ok aaron@
2002-08-20 18:43:27 +00:00
d4ee3497ca
- stevesk@cvs.openbsd.org 2002/08/08 23:54:52
...
[auth.c]
typo in comment
2002-08-20 18:42:13 +00:00
e143f61b6f
- aaron@cvs.openbsd.org 2002/08/08 13:50:23
...
[sshconnect1.c]
Use & to test if bits are set, not &&; markus@ ok.
2002-08-20 18:41:15 +00:00
0deb5d958a
- markus@cvs.openbsd.org 2002/08/02 22:20:30
...
[ssh-rsa.c]
replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
for authentication; ok deraadt/djm
2002-08-20 18:40:03 +00:00
0e50d846b3
- markus@cvs.openbsd.org 2002/08/02 21:23:41
...
[ssh-rsa.c]
diff is u_int (2x); ok deraadt/provos
2002-08-20 18:39:14 +00:00
dc7adf2670
- marc@cvs.openbsd.org 2002/08/02 16:00:07
...
[ssh.1 sshd.8]
note that .ssh/environment is only read when
allowed (PermitUserEnvironment in sshd_config).
OK markus@
2002-08-20 18:38:02 +00:00
0a4f7542da
- millert@cvs.openbsd.org 2002/08/02 14:43:15
...
[monitor.c monitor_mm.c]
Change mm_zalloc() sanity checks to be more in line with what
we do in calloc() and add a check to monitor_mm.c.
OK provos@ and markus@
2002-08-20 18:36:25 +00:00
d730b78071
[configure.ac] Display OpenSSL header/library version.
...
Patch by dtucker@zip.com.au
2002-08-13 18:52:10 -07:00
5d860f02ca
- markus@cvs.openbsd.org 2002/07/30 17:03:55
...
[auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
add PermitUserEnvironment (off by default!); from dot@dotat.at ;
ok provos, deraadt
2002-08-01 01:28:38 +00:00
4b99be899c
- markus@cvs.openbsd.org 2002/07/29 18:57:30
...
[sshconnect.c]
print file:line
2002-08-01 01:26:29 +00:00
8d631e8515
- mouring@cvs.openbsd.org 2002/07/25 01:16:59
...
[sftp.c]
FallBackToRsh does not exist anywhere else. Remove it from here.
OK deraadt.
2002-08-01 01:25:00 +00:00
3ed6640532
- markus@cvs.openbsd.org 2002/07/24 16:11:18
...
[hostfile.c hostfile.h sshconnect.c]
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
2002-08-01 01:21:56 +00:00
18d2b5d399
- (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
2002-07-30 19:32:07 +00:00
4bdb547ff4
- (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned
...
char arg.
2002-07-28 20:42:23 +00:00
e7dbdf7ff8
- (stevesk) [CREDITS] solar
2002-07-28 20:31:18 +00:00
6a998ebfa9
- (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
2002-07-28 20:24:07 +00:00
a7609f548f
- (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/
2002-07-25 14:40:22 +10:00
6d8d78827e
- (djm) Remove some cruft from INSTALL
2002-07-25 14:36:24 +10:00
1fa330cf35
- stevesk@cvs.openbsd.org 2002/07/15 17:15:31
...
[uidswap.c]
little more debugging; ok markus@
2002-07-23 21:29:49 +00:00
41daec7538
- stevesk@cvs.openbsd.org 2002/07/23 16:03:10
...
[sshd.c]
utmp_len is unsigned; display error consistent with other options.
ok markus@
2002-07-23 21:15:13 +00:00
7cea16bad5
- stevesk@cvs.openbsd.org 2002/07/22 17:32:56
...
[monitor.c]
u_int here; ok provos@
2002-07-23 21:13:40 +00:00
b9051ec9a4
- markus@cvs.openbsd.org 2002/07/22 11:03:06
...
[session.c]
fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors;
2002-07-23 21:11:09 +00:00
3cc4450d54
- stevesk@cvs.openbsd.org 2002/07/21 18:34:43
...
[auth-options.h]
remove invalid comment
2002-07-23 21:07:45 +00:00
218a07dfb4
- stevesk@cvs.openbsd.org 2002/07/21 18:32:20
...
[auth-options.c]
unneeded includes
2002-07-23 21:06:45 +00:00
82ec9836b2
- (bal) sync ID w/ ssh-agent.c
2002-07-23 21:05:17 +00:00
ee8d52d008
- stevesk@cvs.openbsd.org 2002/07/19 17:42:40
...
[ssh.c]
display a warning from ssh when XAuthLocation does not exist or xauth
returned no authentication data. ok markus@
2002-07-23 21:03:02 +00:00
264ee307a8
- markus@cvs.openbsd.org 2002/07/19 15:43:33
...
[log.c log.h session.c sshd.c]
remove fatal cleanups after fork; based on discussions with and code
from solar.
2002-07-23 21:01:56 +00:00
6f52b3e399
- (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger.
2002-07-23 21:00:17 +00:00
6fa740ba84
- (stevesk) [auth-pam.c] typo in comment
2002-07-23 00:51:53 +00:00
38b050a0f5
- (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
...
freed by the caller; add free_pam_environment() and use it.
2002-07-23 00:44:07 +00:00
446d886fa5
- (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines
...
into it's own header.
2002-07-23 00:03:33 +00:00
762104ede0
- (bal) [configure.ac] Missing ;; from cray patch.
2002-07-23 00:00:05 +00:00
232ccf7754
- (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync
...
with Cray (mostly #ifdef renaming). Patch by wendyp@cray.com .
2002-07-22 23:34:25 +00:00
066e1ab8a3
- (stevesk) [xmmap.c] missing prototype for fatal()
2002-07-22 16:20:29 +00:00
beb5f3304b
- (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk
2002-07-22 15:28:53 +00:00
287077eaf2
- (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h
2002-07-21 23:59:39 +00:00
21e04eb2be
- (stevesk) [auth-pam.h] unneeded include
2002-07-21 23:20:07 +00:00
7ba4970498
- (stevesk) [auth-pam.h] license
2002-07-21 23:16:00 +00:00
3429a1bf60
- (stevesk) [auth-pam.c] cast to avoid initialization type mismatch
...
warning on pam_conv struct conversation function.
2002-07-21 22:49:47 +00:00
63007d42ee
- (stevesk) [auth-pam.c] merge rest of solar's PAM patch;
...
PAM_NEW_AUTHTOK_REQD remains in #if 0 for now.
2002-07-21 17:57:01 +00:00
6cdecd0892
- (stevesk) [auth-pam.c] merge cosmetic changes from solar's
...
openssh-3.4p1-owl-password-changing.diff
2002-07-21 17:26:54 +00:00
3a8819102c
- (stevesk) [ssh-keygen.c] bug #231 : always init/seed_rng().
2002-07-20 19:05:40 +00:00
f028f1e460
[configure.ac] test for libxnet on HP. Patch by dtucker@zip.com.au
2002-07-19 12:41:10 -07:00
f1a1001f0e
[contrib/solaris/buildpkg.sh] create privsep user/group if needed.
...
Patch by dtucker@zip.com.au
2002-07-19 11:57:57 -07:00
eae876e8ae
[includes.h] Bug 267 add stdint.h
2002-07-18 11:49:32 -07:00
907881ec8e
[configure.ac] Bug 267 rework int64_t test.
2002-07-18 11:44:50 -07:00
76645849d3
[monitor_mm.c] add missing declaration for xmmap(). Reported
...
by ayamura@ayamura.org
2002-07-18 11:34:29 -07:00
b8b23047f8
[defines.h] Bug 313 patch by dirk.meyer@dinoex.sub.org
2002-07-18 09:31:51 -07:00
e22be3b11e
[configure.ac] change how we do paths in AC_PATH_PROGS tests
...
for autoconf 2.53. Based on a patch by jrj@purdue.edu
2002-07-17 19:20:07 -07:00
2faabf3d79
- (bal) aixbff package updated by dtucker@zip.com.au
2002-07-18 01:04:50 +00:00
ffaf445371
[contrib/solaris/opensshd.in] Only kill sshd if .pid file found
2002-07-16 14:24:38 -07:00
104c3feb69
- (bal) Privsep user creation support in Solaris buildpkg.sh by
...
dtucker@zip.com.au
2002-07-15 18:49:20 +00:00
938b828566
- (bal) Remove unused tty defined in do_setusercontext() pointed out by
...
dtucker@zip.com.au plus a a more KNF since I am near it.
2002-07-15 17:58:34 +00:00
c491b0def1
- markus@cvs.openbsd.org 2002/07/12 15:50:17
...
[cipher.c]
EVP_CIPH_CUSTOM_IV for our own rijndael
2002-07-15 17:52:49 +00:00
728aa7e18c
- itojun@cvs.openbsd.org 2002/07/12 13:29:09
...
[sshconnect.c]
print connect failure during debugging mode.
2002-07-15 17:48:11 +00:00
370e0bac16
[loginrec.c] Bug 348: add missing found = 1; to wtmpx_islogin()
...
report by rodney@bond.net
2002-07-14 15:50:51 -07:00
cdb82946b6
[loginrec.c] Bug 347: Fix typo (WTMPX_FILE) report by rodney@bond.net
2002-07-14 15:33:20 -07:00
a091159884
[ssh_prng_cmds.in] Bug 323 arp -n flag doesn't exist under Solaris.
...
report by chris@by-design.net
2002-07-14 14:43:57 -07:00
40017b0e7a
(bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
...
openbsd-compat/Makefile.in] support compression on platforms that
have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
Based on patch from nalin@redhat.com of code extracted from Owl's package
2002-07-14 13:36:49 -07:00
952101952f
[Makefile.in] replace "id sshd" with "sshd -t"
2002-07-14 10:02:20 -07:00
4796a291f1
[configure.ac] remove unused filepriv line
2002-07-12 18:11:24 -07:00
1363b3c987
[Makefile.in] quiet down install-files: and check-user:
2002-07-12 09:04:06 -07:00
6f893880cc
- deraadt@cvs.openbsd.org 2002/07/10 17:53:54
...
[rijndael.c]
use right sizeof in memcpy; markus ok
2002-07-11 04:01:29 +00:00
a6cd75c49e
- itojun@cvs.openbsd.org 2002/07/10 10:28:15
...
[sshconnect.c]
bark if all connection attempt fails.
2002-07-11 04:00:19 +00:00
9c44554a41
- stevesk@cvs.openbsd.org 2002/07/09 17:46:25
...
[sshd_config.5]
clarify no preference ordering in protocol list; ok markus@
2002-07-11 03:59:18 +00:00
ba8df7d76d
- itojun@cvs.openbsd.org 2002/07/09 12:04:02
...
[sshconnect.c]
ed static function (less warnings)
2002-07-11 03:58:11 +00:00
e982773d2a
- itojun@cvs.openbsd.org 2002/07/09 11:56:27
...
[canohost.c]
suppress log on reverse lookup failiure, as there's no real value in
doing so.
markus ok
2002-07-11 03:56:46 +00:00
efee05958c
- itojun@cvs.openbsd.org 2002/07/09 11:56:50
...
[sshconnect.c]
silently try next address on connect(2). markus ok
2002-07-11 03:54:43 +00:00
6827395b07
[contrib/cygwin/ssh-host-config] explicitely sets the permissions
...
on /var/empty to 755 Patch by vinschen@redhat.com
2002-07-10 07:40:11 -07:00
99a4e14fe0
- (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
...
lacking that concept can share it. Patch by vinschen@redhat.com
2002-07-09 14:06:40 +00:00
cbb9066d2d
[configure.ac] fix libc89 utimes test. Mention default path for
...
--with-privsep-path=
2002-07-08 19:17:10 -07:00
2d0bf3dcfd
[Makefile.in] workaround for broken pakadd on some systems.
...
With "ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin" you wild end up with
lrwxrwxrwx 1 root sys 4 Jul 8 18:43 slogin -> /ssh
after the package was installed.
2002-07-08 19:10:05 -07:00
88177245cb
[openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to
...
work in a jumpstart environment. patch by kbrint@rufus.net
2002-07-08 19:02:10 -07:00
5c98db50bf
- (bal) Minor KNF on ssh-keyscan.c
...
This is really from Theo's patch. I missed it by looking at the wrong
function call.
2002-07-07 22:25:29 +00:00
6a9fbc96c0
- stevesk@cvs.openbsd.org 2002/07/06 17:47:58
...
[ssh-keyscan.c]
unused variable
2002-07-07 22:19:13 +00:00
965710f66e
- deraadt@cvs.openbsd.org 2002/07/06 01:01:26
...
[ssh-keyscan.c]
KNF, realloc fix, and clean usage
2002-07-07 22:17:22 +00:00
8e8ef2a3ff
- deraadt@cvs.openbsd.org 2002/07/06 01:00:49
...
[log.c]
KNF
2002-07-07 22:14:55 +00:00
2bf759cba5
- markus@cvs.openbsd.org 2002/07/04 10:41:47
...
[key.c monitor_wrap.c ssh-dss.c ssh-rsa.c]
don't allocate, copy, and discard if there is not interested in the data;
ok deraadt@
2002-07-07 22:13:31 +00:00
8b2eecdf9f
- deraadt@cvs.openbsd.org 2002/07/04 08:12:15
...
[channels.c packet.c]
blah blah minor nothing as i read and re-read and re-read...
2002-07-07 22:11:51 +00:00
c51b924a80
- deraadt@cvs.openbsd.org 2002/07/04 04:15:33
...
[key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c]
patch memory leaks; grendel@zeitbombe.org
2002-07-07 22:10:15 +00:00
8abe736dd7
- (bal) [realpath.c] Updated with OpenBSD tree.
2002-07-07 22:07:10 +00:00
e475a3cf3b
[contrib/cygwin/ssh-host-config] sshd account creation fixes
...
patch from vinschen@redhat.com
2002-07-07 14:07:46 -07:00
9dd30817ef
[acconfig.h configure.ac sshd.c] s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/
2002-07-07 13:43:36 -07:00
cc25206d31
[Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH)
2002-07-07 13:30:45 -07:00
b66e292912
[contrib/cygwin/ssh-host-config] double slash corrction
...
from vinschen@redhat.com
2002-07-05 16:22:32 -07:00
e958ed3624
[configure.ac] AIX 4.2.1 has authenticate() in libs.
...
Reported by Darren Tucker <dtucker@zip.com.au>
2002-07-05 07:12:33 -07:00
d00a1a1a03
- (bal) One too many nulls in ports-aix.c
2002-07-04 19:33:49 +00:00
604de56009
- (bal) glob.c defines TILDE and AIX also defines it. #undef it first.
...
bug #265
2002-07-04 18:20:51 +00:00
92ea0eadbe
- (bal) Limit data to TTY for AIX only (Newer versions can't handle the
...
faster data rate) Bug #124
2002-07-04 18:11:09 +00:00
51b2488aad
- (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess.
2002-07-04 03:08:40 +00:00
ee3a8e4abc
- (bal) Missed Makefile.in change. keysign needs readconf.o
2002-07-04 03:07:15 +00:00
e06eb68226
- (bal) Failed password attempts don't increment counter on AIX. Bug #145
2002-07-04 00:27:21 +00:00
5d35a2f582
- markus@cvs.openbsd.org 2002/07/03 14:21:05
...
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
re-enable ssh-keysign's sbit, but make ssh-keysign read
/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
globally. based on discussions with deraadt, itojun and sommerfeld;
ok itojun@
2002-07-04 00:19:40 +00:00
43ce2c86a8
- markus@cvs.openbsd.org 2002/07/03 09:55:38
...
[ssh-keysign.c]
use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
in order to avoid a possible Kocher timing attack pointed out by Charles
Hannum; ok provos@
2002-07-04 00:17:33 +00:00
Damien Miller
Ben Lindstrom
Tim Rice
Kevin Steves