c9b6eabb49
- deraadt@cvs.openbsd.org 2001/03/06 15:10:42
...
[sftp.1]
order things
2001-03-07 01:29:17 +00:00
562c26bccf
- deraadt@cvs.openbsd.org 2001/03/06 06:11:44
...
[sftp-int.c sftp.1 sftp.c]
sftp -b batchfile; mouring@etoh.eviladmin.org
2001-03-07 01:26:48 +00:00
e21c4adaac
- deraadt@cvs.openbsd.org 2001/03/06 06:11:18
...
[ssh-keyscan.c]
appease gcc
2001-03-07 01:23:30 +00:00
ebc882757b
- millert@cvs.openbsd.org 2001/03/06 01:08:27
...
[clientloop.c]
If read() fails with EINTR deal with it the same way we treat EAGAIN
2001-03-06 03:34:40 +00:00
884a4aca88
- millert@cvs.openbsd.org 2001/03/06 01:06:03
...
[ssh-keyscan.c]
Don't assume we wil get the version string all in one read().
deraadt@ OK'd
2001-03-06 03:33:04 +00:00
b3144e58e7
- deraadt@cvs.openbsd.org 2001/03/06 00:33:04
...
[authfd.c cli.c ssh-agent.c]
EINTR/EAGAIN handling is required in more cases
2001-03-06 03:31:34 +00:00
be6a5a6dfe
- stevesk@cvs.openbsd.org 2001/03/05 17:58:22
...
[dh.c]
spelling
2001-03-06 01:13:06 +00:00
1e62174af1
- stevesk@cvs.openbsd.org 2001/03/05 17:40:48
...
[ssh.1]
more ssh_known_hosts2 documentation; ok markus@
2001-03-06 01:10:53 +00:00
4c4f05e096
- markus@cvs.openbsd.org 2001/03/05 17:17:21
...
[kex.c kex.h sshconnect2.c sshd.c]
generate a 2*need size (~300 instead of 1024/2048) random private
exponent during the DH key agreement. according to Niels (the great
german advisor) this is safe since /etc/primes contains strong
primes only.
References:
P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
agreement with short exponents, In Advances in Cryptology
- EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
2001-03-06 01:09:20 +00:00
c78a187b17
- deraadt@cvs.openbsd.org 2001/03/05 16:07:15
...
[sshd.8]
detail default hmac setup too
2001-03-06 01:06:58 +00:00
ec26fb1667
- deraadt@cvs.openbsd.org 2001/03/05 15:56:16
...
[myproposal.h ssh.1]
switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
provos & markus ok
2001-03-06 01:05:23 +00:00
35f1f4e2b8
- stevesk@cvs.openbsd.org 2001/03/05 15:44:51
...
[servconf.c]
sync error message; ok markus@
2001-03-06 01:02:41 +00:00
ff8b4940ab
- deraadt@cvs.openbsd.org 2001/03/05 14:28:47
...
[sshd.8]
alpha order; jcs@rt.fm
2001-03-06 01:00:03 +00:00
12888d1fc8
- (stevesk) sftp.c: handle __progname
2001-03-05 19:50:57 +00:00
935aa24bf4
- (stevesk) OpenBSD sync:
...
- deraadt@cvs.openbsd.org 2001/03/05 08:37:27
[ssh-keyscan.c]
skip inlining, why bother
2001-03-05 19:46:37 +00:00
30246a8f2b
- (djm) Fix up LOG_AUTHPRIV for systems that have it
2001-03-05 21:23:31 +11:00
2d9bfb17be
- (bal) Fix up logging since it changed. removed log-*.c
2001-03-05 08:16:54 +00:00
0f68db4e9e
- (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
2001-03-05 07:57:09 +00:00
fd2e05b95e
- deraadt@cvs.openbsd.org 2001/03/04 18:21:28
...
[sshd.8]
list SSH2 ciphers
2001-03-05 07:48:45 +00:00
6df8ef4196
- millert@cvs.openbsd.org 2001/03/04 17:42:28
...
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
ssh.c sshconnect.c sshd.c]
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.
2001-03-05 07:47:23 +00:00
fafea18d68
- stevesk@cvs.openbsd.org 2001/03/04 12:54:04
...
[sshd.8]
spelling
2001-03-05 07:43:27 +00:00
d9cae22d1a
- stevesk@cvs.openbsd.org 2001/03/04 11:16:06
...
[servconf.c sshd.8]
kill obsolete RandomSeed; ok markus@ deraadt@
2001-03-05 07:42:03 +00:00
323c98f4a7
- stevesk@cvs.openbsd.org 2001/03/04 11:04:41
...
[sshd.8]
small cleanup and clarify for PermitRootLogin; ok markus@
2001-03-05 07:40:40 +00:00
3d73a34931
- stevesk@cvs.openbsd.org 2001/03/04 10:57:53
...
[ssh.c]
add -m to usage; ok markus@
2001-03-05 07:39:01 +00:00
9c5324422e
- (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
2001-03-05 07:33:14 +00:00
b1131e9329
- markus@cvs.openbsd.org 2001/03/04 00:03:59
...
[channels.c]
debug1->2
2001-03-05 07:27:13 +00:00
8a432f5fe0
- markus@cvs.openbsd.org 2001/03/03 23:59:34
...
[log.c ssh.c]
log*.c -> log.c
2001-03-05 07:24:46 +00:00
46d6e09099
- markus@cvs.openbsd.org 2001/03/03 23:52:22
...
[sftp.c]
clean up arg processing. based on work by Christophe_Moret@hp.com
2001-03-05 07:10:47 +00:00
1addabd491
- deraadt@cvs.openbsd.org 2001/03/03 22:07:50
...
[sftp-server.c]
KNF
2001-03-05 07:09:11 +00:00
cb978aa057
- millert@cvs.openbsd.org 2001/03/03 21:41:07
...
[packet.c]
Dynamically allocate fd_set; deraadt@ OK
2001-03-05 07:07:49 +00:00
cb80bdf6d5
- millert@cvs.openbsd.org 2001/03/03 21:40:30
...
[sftp-server.c]
Dynamically allocate fd_set; deraadt@ OK
2001-03-05 07:06:12 +00:00
c1e0421cb4
- millert@cvs.openbsd.org 2001/03/03 21:19:41
...
[ssh-keyscan.c]
Dynamically allocate read_wait and its copies. Since maxfd is
based on resource limits it is often (usually?) larger than FD_SETSIZE.
2001-03-05 07:04:38 +00:00
d20b855bc6
- deraadt@cvs.openbsd.org 2001/03/03 06:53:12
...
[ssh-keyscan.c]
standard theo sweep
2001-03-05 07:01:18 +00:00
92a2e38f8e
- deraadt@cvs.openbsd.org 2001/03/02 18:54:31
...
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
make copyright lines the same format
2001-03-05 06:59:27 +00:00
d7f5b517d5
- deraadt@cvs.openbsd.org 2001/03/02 09:42:49
...
[sshd.8]
doc the dsa/rsa key pair files
2001-03-05 06:57:23 +00:00
49a098d1b2
- deraadt@cvs.openbsd.org 2001/03/02 06:21:01
...
[sshd.8]
explain SIGHUP better
2001-03-05 06:55:18 +00:00
4040fe10a9
- markus@cvs.openbsd.org 2001/03/01 22:46:37
...
[ssh.c]
don't truncate remote ssh-2 commands; from mkubita@securities.cz
use min, not max for logging, fixes overflow.
2001-03-05 06:52:57 +00:00
b22c2b86af
- deraadt@cvs.openbsd.org 2001/03/01 03:38:33
...
[cli.c cli.h rijndael.h ssh-keyscan.1]
copyright notices on all source files
2001-03-05 06:50:47 +00:00
204e48851a
- deraadt@cvs.openbsd.org 2001/03/01 02:45:10
...
[auth-rsa.c auth2.c deattack.c packet.c]
KNF
2001-03-05 06:47:00 +00:00
0ab2a01079
- deraadt@cvs.openbsd.org 2001/03/01 02:29:04
...
[ssh.c]
shorten usage by a line
2001-03-05 06:45:21 +00:00
cf0da4067b
- (bal) CVS ID touch up on uuencode.c
2001-03-05 06:42:58 +00:00
66e5ecc6b2
- (bal) CVS ID touch up on sftp-int.c
2001-03-05 06:35:29 +00:00
afd3475ddf
- deraadt@cvs.openbsd.org 2001/03/01 02:11:25
...
[authfd.c]
split line so that p will have an easier time next time around
2001-03-05 06:33:23 +00:00
b40204bf22
- markus@cvs.openbsd.org 2001/02/28 21:31:32
...
[channels.c]
typo
2001-03-05 06:29:44 +00:00
e229b25a9e
- markus@cvs.openbsd.org 2001/02/28 21:27:48
...
[channels.c packet.c packet.h serverloop.c]
use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
use random content in ignore messages.
2001-03-05 06:28:06 +00:00
941ac82e16
- markus@cvs.openbsd.org 2001/02/28 21:21:41
...
[sshd.c]
generate a fake session id, too
2001-03-05 06:25:23 +00:00
4030442d77
- deraadt@cvs.openbsd.org 2001/02/28 17:52:54
...
[misc.c]
for completeness, copy pw_gecos too
2001-03-05 06:22:01 +00:00
cc74df79d7
- markus@cvs.openbsd.org 2001/02/28 12:55:07
...
[channels.c]
unify debug messages
2001-03-05 06:20:14 +00:00
5699c5f9ac
- markus@cvs.openbsd.org 2001/02/28 09:57:07
...
[packet.c packet.h sshconnect2.c]
in ssh protocol v2 use ignore messages for padding (instead of
trailing \0).
2001-03-05 06:17:49 +00:00
7fbd455c78
- markus@cvs.openbsd.org 2001/02/28 08:54:55
...
[channels.c nchan.c nchan.h]
make sure remote stderr does not get truncated.
remove closed fd's from the select mask.
2001-03-05 06:16:11 +00:00
e9613cf16d
- markus@cvs.openbsd.org 2001/02/28 08:45:39
...
[clientloop.c]
fix byte counts for ssh protocol v1
2001-03-05 06:14:02 +00:00
ec19a40b94
- deraadt@cvs.openbsd.org 2001/02/28 05:36:28
...
[sftp.c]
do not kill the subprocess on termination (we will see if this helps
things or hurts things)
2001-03-05 06:12:01 +00:00
069090128c
- deraadt@cvs.openbsd.org 2001/02/28 05:34:28
...
[misc.c]
pull in protos
2001-03-05 06:09:31 +00:00
5de86cc736
- markus@cvs.openbsd.org 2001/02/27 11:00:11
...
[compat.c]
support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
2001-03-05 06:08:19 +00:00
6a5cde0eb7
- markus@cvs.openbsd.org 2001/02/27 10:35:27
...
[packet.c]
fix random padding
2001-03-05 06:07:00 +00:00
4b00c8b40b
- deraadt@cvs.openbsd.org 2001/02/24 10:37:26
...
[sshd_config]
ssh2 rsa key before dsa key
2001-03-05 06:05:35 +00:00
b00d4fb142
- deraadt@cvs.openbsd.org 2001/02/24 10:37:55
...
[readconf.c]
look for id_rsa by default, before id_dsa
2001-03-05 06:03:03 +00:00
eb648a749b
- markus@cvs.openbsd.org 2001/02/23 18:15:13
...
[sshd.c]
the random session key depends now on the session_key_int
sent by the 'attacker'
dig1 = md5(cookie|session_key_int);
dig2 = md5(dig1|cookie|session_key_int);
fake_session_key = dig1|dig2;
this change is caused by a mail from anakin@pobox.com
patch based on discussions with my german advisor niels@openbsd.org
2001-03-05 06:00:29 +00:00
f4c73112d0
- markus@cvs.openbsd.org 2001/02/23 15:34:53
...
[serverloop.c]
debug2->3
2001-03-05 05:58:23 +00:00
086cf214cf
- markus@cvs.openbsd.org 2001/02/22 21:59:44
...
[auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
use pwcopy in ssh.c, too
2001-03-05 05:56:40 +00:00
ebd888d919
- markus@cvs.openbsd.org 2001/02/22 21:57:27
...
[ssh.1 sshd.8]
typos/grammar from matt@anzen.com
2001-03-05 05:49:29 +00:00
531a445c3a
- deraadt@cvs.openbsd.org 2001/02/22 18:09:06
...
[sshd_config]
activate RSA 2 key
2001-03-05 05:17:18 +00:00
7ab5117367
- deraadt@cvs.openbsd.org 2001/02/22 08:03:51
...
[ssh-keygen.1 ssh-keygen.c]
bye bye -d
2001-03-05 05:13:38 +00:00
b7c9232da1
- deraadt@cvs.openbsd.org 2001/02/22 06:43:55
...
[ssh-keygen.1 ssh-keygen.c]
document -d, and -t defaults to rsa1
2001-03-05 05:10:52 +00:00
33a3cc30eb
- deraadt@cvs.openbsd.org 2001/02/22 04:29:37
...
[servconf.c]
grammar; slade@shore.net
2001-03-05 05:07:52 +00:00
87af95b3e7
- stevesk@cvs.openbsd.org 2001/02/21 21:14:04
...
[ssh.c]
-i supports DSA identities now; ok markus@
2001-03-05 05:04:57 +00:00
36592518dd
- deraadt@cvs.openbsd.org 2001/02/21 09:12:56
...
[sftp-server.c]
careful with & and &&; markus ok
2001-03-05 05:02:08 +00:00
b257cca769
- deraadt@cvs.openbsd.org 2001/02/21 09:05:54
...
[authfile.c]
improve fd handling
2001-03-05 04:59:27 +00:00
b0a4cd8f91
- deraadt@cvs.openbsd.org 2001/02/21 07:37:04
...
[ssh-keyscan.c]
inline -> __inline__, and some indent
2001-03-05 04:54:49 +00:00
53992c7cd5
- deraadt@cvs.openbsd.org 2001/02/17 23:48:48
...
[sshd.8]
it's the OpenSSH one
2001-03-05 04:47:55 +00:00
6ed8c043de
- (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
2001-03-05 03:53:02 +00:00
cfb9370a3a
- (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
...
give Mark Roth credit for mdoc2man.pl
2001-03-03 21:43:19 +00:00
59a5f9bd69
- (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
2001-03-03 21:37:50 +00:00
d0ccb989c2
- Allow PRNGd entropy collection from localhost TCP socket. Replace
...
"--with-egd-pool" configure option with "--with-prngd-socket" and
"--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
2001-03-04 00:29:20 +11:00
1d66c1602e
- Document PAM ChallengeResponseAuthentication in sshd.8
...
- Disable and comment ChallengeResponseAuthentication in sshd_config
2001-03-04 00:16:20 +11:00
459ac4b688
- Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
2001-03-03 20:00:36 +11:00
9de5f05857
- (djm) Released 2.5.1p2
2001-03-01 11:09:42 +11:00
b5b6218537
- (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
...
<vinschen@redhat.com>
2001-03-01 09:48:13 +11:00
882c2eed97
- (djm) Force standard PAM conversation function in a few more places.
...
Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
<nalin@redhat.com>
2001-03-01 09:18:57 +11:00
95aa2d60ea
- (djm) Properly add -lcrypt if needed.
2001-03-01 09:16:11 +11:00
e854662d54
- (djm) Remove /tmp from EGD socket search list
2001-02-28 12:51:18 +11:00
3d8ae61b87
- (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
2001-02-28 12:49:38 +11:00
efb7179815
- (djm) Fully revert PAM session patch (again). All PAM session init is
...
now done before the final fork().
2001-02-28 11:48:06 +11:00
c594633b49
- (djm) Fully revert PAM session patch. All PAM session init is now done
...
before the final fork().
2001-02-28 11:46:11 +11:00
4df5c76c2b
- (djm) Detect endianness in configure and use it in rijndael.c. Fixes
...
"Bad packet length" bugs.
2001-02-28 08:14:22 +11:00
6007f19483
doh
2001-02-27 14:42:58 +11:00
0bcf9eacdf
- (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
...
<markm@swoon.net>
2001-02-27 14:03:30 +11:00
9b40580d76
- (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
...
change is being made as 2.5.x configfiles are not back-compatible with
2.3.x.
2001-02-27 10:53:00 +11:00
7bd1c6262b
- (djm) Fix PAM fix
2001-02-27 10:48:01 +11:00
248131ae99
- (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
...
<markm@swoon.net>
2001-02-27 09:47:16 +11:00
5a7613186b
- (djm) Move PAM init to after fork for non-Solaris derived PAMs
2001-02-27 09:28:23 +11:00
767c7fc27c
- (djm) fatal() on OpenSSL version mismatch
2001-02-27 09:20:57 +11:00
dd784b2c00
Second Ooops... =) I started with the wrong date.
2001-02-26 22:11:59 +00:00
255cae0be0
doh
2001-02-27 09:05:38 +11:00
fbd884a80d
- (djm) Fix up POSIX saved uid support. Report from Mark Miller
...
<markm@swoon.net>
- (djm) Search for -lcrypt on FreeBSD too
2001-02-27 08:39:07 +11:00
0c100870ac
- (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
...
<jmknoble@jmknoble.cx>
2001-02-26 20:38:53 +00:00
7603b2d244
- markus@cvs.openbsd.org 2001/02/23 15:37:45
...
[session.c]
handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
2001-02-26 20:13:32 +00:00
10b9bf95c0
- (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
...
<vinschen@redhat.com>
2001-02-26 20:04:45 +00:00
bb7c976202
- (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
...
Based on patch from Tim Rice <tim@multitalents.net>
2001-02-26 20:49:58 +11:00
63941f9631
- (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
2001-02-25 23:20:40 +00:00
Ben Lindstrom
Kevin Steves
Damien Miller