1f335fb8d8
- (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
...
- (djm) Added password expiry checking (no password change support)
2000-06-26 11:31:33 +10:00
c0fd17fdca
- OpenBSD CVS update
...
- provos@cvs.openbsd.org 2000/06/25 14:17:58
[channels.c]
correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
2000-06-26 10:22:53 +10:00
8dd33fd1d5
- Better fix to aclocal tests from Garrick James <garrick@james.net>
2000-06-26 10:20:19 +10:00
bf7f466206
- OpenBSD CVS Updates:
...
- markus@cvs.openbsd.org 2000/06/22 10:32:27
[sshd.c]
missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
- djm@cvs.openbsd.org 2000/06/22 17:55:00
[auth-krb4.c key.c radix.c uuencode.c]
Missing CVS idents; ok markus
2000-06-23 10:16:38 +10:00
b54b40ef06
- (djm) Use sa_family_t in prototype for rresvport_af. Patch from
...
Svante Signell <svante.signell@telia.com>
- (djm) Autoconf logic to define sa_family_t if it is missing
2000-06-23 08:23:34 +10:00
6536c7d3c9
- OpenBSD CVS Updates:
...
- markus@cvs.openbsd.org 2000/06/18 18:50:11
[auth2.c compat.c compat.h sshconnect2.c]
make userauth+pubkey interop with ssh.com-2.2.0
- markus@cvs.openbsd.org 2000/06/18 20:56:17
[dsa.c]
mem leak + be more paranoid in dsa_verify.
- markus@cvs.openbsd.org 2000/06/18 21:29:50
[key.c]
cleanup fingerprinting, less hardcoded sizes
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
[buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
[kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
[nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
- markus@cvs.openbsd.org 2000/06/21 10:46:10
sshconnect2.c missing free; nuke old comment
2000-06-22 21:32:31 +10:00
099f505f95
- (djm) Automatically generate host key during "make install". Suggested
...
by Gary E. Miller <gem@rellim.com>
- (djm) Paranoia before kill() system call
2000-06-22 20:57:11 +10:00
2f02295d31
typo
2000-06-20 13:50:01 +10:00
edb82929fa
- (djm) Replace use of '-o' and '-a' logical operators in configure tests
...
with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
2000-06-20 13:25:52 +10:00
0f91b4e3a1
- (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
2000-06-18 15:43:25 +10:00
f6d9e22189
- OpenBSD CVS updates:
...
- deraadt@cvs.openbsd.org 2000/06/17 09:58:46
[channels.c]
everyone says "nix it" (remove protocol 2 debugging message)
- markus@cvs.openbsd.org 2000/06/17 13:24:34
[sshconnect.c]
allow extended server banners
- markus@cvs.openbsd.org 2000/06/17 14:30:10
[sshconnect.c]
missing atomicio, typo
- jakob@cvs.openbsd.org 2000/06/17 16:52:34
[servconf.c servconf.h session.c sshd.8 sshd_config]
add support for ssh v2 subsystems. ok markus@.
- deraadt@cvs.openbsd.org 2000/06/17 18:57:48
[readconf.c servconf.c]
include = in WHITESPACE; markus ok
- markus@cvs.openbsd.org 2000/06/17 19:09:10
[auth2.c]
implement bug compatibility with ssh-2.0.13 pubkey, server side
- markus@cvs.openbsd.org 2000/06/17 21:00:28
[compat.c]
initial support for ssh.com's 2.2.0
- markus@cvs.openbsd.org 2000/06/17 21:16:09
[scp.c]
typo
- markus@cvs.openbsd.org 2000/06/17 22:05:02
[auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
split auth-rsa option parsing into auth-options
add options support to authorized_keys2
- markus@cvs.openbsd.org 2000/06/17 22:42:54
[session.c]
typo
2000-06-18 14:50:44 +10:00
7b22d65034
- (djm) Add summary of configure options to end of ./configure run
...
- (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Michael Stone <mstone@cs.loyola.edu>
- (djm) rusage is a privileged operation on some Unices (incl.
Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
- (djm) Avoid PAM failures when running without a TTY. Report from
Martin Petrak <petrak@spsknm.schools.sk>
- (djm) Include sys/types.h when including netinet/in.h in configure tests.
Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
2000-06-18 14:07:04 +10:00
1a13225d87
- (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
...
<P.S.S.Camp@ukc.ac.uk>
2000-06-13 21:23:17 +10:00
a66626b2d5
- (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
...
- Platform define for SCO 3.x which breaks on /dev/ptmx
- Detect and try to fix missing MAXPATHLEN
2000-06-13 18:57:53 +10:00
35ad6bee4b
- (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
...
- Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
def'd
- Set AIX to use preformatted manpages
2000-06-12 22:41:27 +00:00
c29de955f4
- (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
2000-06-12 23:04:18 +10:00
e69f18cbff
- (djm) Glob manpages in RPM spec files to catch compressed files
...
- (djm) Full license in auth-pam.c
2000-06-12 16:38:54 +10:00
d900e45faa
- (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
2000-06-10 16:51:33 +10:00
c601a7596f
- (djm) Minor doc tweaks
2000-06-10 08:33:38 +10:00
a1cb64484e
- (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
...
(in favour of utmpx) on Solaris 8
2000-06-09 11:58:35 +10:00
14c12cb000
- (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
...
list of commands (by default). Removed verbose debugging (by default).
- (djm) Increased command entropy estimates and default entropy collection
timeout
2000-06-07 22:20:23 +10:00
d5bf307f7b
- (djm) Remove duplicate headers from loginrec.c
2000-06-07 21:32:13 +10:00
9e11089afb
- (djm) Don't add /usr/local/lib to library search path on Irix
2000-06-07 21:05:46 +10:00
5314ae7855
- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
...
<zack@wolery.cumb.org>
2000-06-07 20:08:19 +10:00
d3a185709d
- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
...
<tibbs@math.uh.edu>
- (djm) OpenBSD CVS updates:
- todd@cvs.openbsd.org
[sshconnect2.c]
teach protocol v2 to count login failures properly and also enable an
explanation of why the password prompt comes up again like v1; this is NOT
crypto
- markus@cvs.openbsd.org
[readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
xauth_location support; pr 1234
[readconf.c sshconnect2.c]
typo, unused
[session.c]
allow use_login only for login sessions, otherwise remote commands are
execed with uid==0
[sshd.8]
document UseLogin better
[version.h]
OpenSSH 2.1.1
[auth-rsa.c]
fix match_hostname() logic for auth-rsa: deny access if we have a
negative match or no match at all
[channels.c hostfile.c match.c]
don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
kris@FreeBSD.org
2000-06-07 19:55:44 +10:00
e37bfc19f7
- (djm) Added --with-cflags, --with-ldflags and --with-libs options to
...
configure.
2000-06-05 09:37:43 +10:00
a86c7eccbf
Added missed info for 20000603 login code update
...
Noted 20000604 updates
2000-06-04 17:00:15 +00:00
2994e0891b
- Configure tweaking for new login code on Irix 5.3
2000-06-04 15:51:47 +10:00
1c77392bce
- Rewrote bsd-login to use proper utmp API if available. Major cleanup
...
of fallback DIY code.
2000-05-31 13:57:18 +10:00
1ea8ac7b90
- Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
...
update credits
2000-05-31 11:24:34 +10:00
2f6a0ad191
- Cleanup of auth.c, login.c and fake-*
...
- Cleanup of auth-pam.c, save and print "account expired" error messages
2000-05-31 11:20:11 +10:00
03934f2eef
doc
2000-05-30 14:01:10 +10:00
b1715dc0cf
- OpenBSD CVS updates:
...
- markus@cvs.openbsd.org
[session.c]
make x11-fwd work w/ localhost (xauth add host/unix:11)
[cipher.c compat.c readconf.c servconf.c]
check strtok() != NULL; ok niels@
[key.c]
fix key_read() for uuencoded keys w/o '='
[serverloop.c]
group ssh1 vs. ssh2 in serverloop
[kex.c kex.h myproposal.h sshconnect2.c sshd.c]
split kexinit/kexdh, factor out common code
[readconf.c ssh.1 ssh.c]
forwardagent defaults to no, add ssh -A
- theo@cvs.openbsd.org
[session.c]
just some line shortening
2000-05-30 13:44:51 +10:00
c252e2efa1
- Fix buffer overrun in login.c for systems which use syslen in utmpx.
...
patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
2000-05-30 13:12:46 +10:00
be260a0f0d
- Define atexit for old Solaris
2000-05-30 12:57:46 +10:00
7b63b0f66e
- Doc cleanup
2000-05-20 15:41:26 +10:00
fda78d9bd0
- HPUX and Configure fixes from Lutz Jaenicke
...
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- Use mkinstalldirs script to make directories instead of non-portable
"install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-20 15:33:44 +10:00
dfc83f42eb
- SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
2000-05-20 15:02:59 +10:00
ad1bc5f986
- Don't touch utmp if USE_UTMPX defined
2000-05-20 14:53:09 +10:00
d999ae26b7
- Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
2000-05-20 12:49:31 +10:00
ef7df54073
- Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
...
- OpenBSD CVS updates:
- markus@cvs.openbsd.org
[sshconnect.c]
copy only ai_addrlen bytes; misiek@pld.org.pl
[auth.c]
accept an empty shell in authentication; bug reported by
chris@tinker.ucr.edu
[serverloop.c]
we don't have stderr for interactive terminal sessions (fcntl errors)
2000-05-19 00:03:23 +10:00
3b512e18dc
- Detect OpenSSL seperatly from RSA
...
- Better test for RSA (more compatible with RSAref). Based on work by
Ed Eden <ede370@stl.rural.usda.gov>
2000-05-17 23:29:18 +10:00
c4be7ce669
- RSAless operation patch from kevin_oconnor@standardandpoors.com
2000-05-17 23:02:03 +10:00
615f939ebb
- Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
...
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
2000-05-17 22:53:33 +10:00
dcb6ecd1b3
- OpenBSD CVS update:
...
- markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
draft-ietf-secsh-architecture-05.txt
[ssh.1]
document ssh -T -N (ssh2 only)
[channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
enable nonblocking IO for sshd w/ proto 1, too; split out common code
[aux.c]
missing include
2000-05-17 22:34:22 +10:00
0e65eed58a
- Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
2000-05-17 22:16:05 +10:00
f3c6cf1383
- Avoid WCOREDUMP complation errors for systems that lack it
...
- Avoid SIGCHLD warnings from entropy commands
2000-05-17 22:08:29 +10:00
d2c208a2d3
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
2000-05-17 22:00:02 +10:00
8d1fd57a97
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
...
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Fixes erroneous printing of debug messages to syslog
- Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
optionally run 'ent' to measure command entropy
2000-05-17 21:34:07 +10:00
95fe91bd84
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
...
<misiek@pld.org.pl>
2000-05-13 12:31:22 +10:00
accfeb3afe
- Fix for prng_seed permissions checking from Lutz Jaenicke
...
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-11 19:10:58 +10:00
95e8963429
idoh
2000-05-09 15:28:50 +10:00
54057c2b9b
- Doc updates
2000-05-09 15:03:37 +10:00
16e519cb9c
- Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
2000-05-09 14:28:55 +10:00
30c3d42930
- OpenBSD CVS update
...
- markus@cvs.openbsd.org
[cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
[ssh.h sshconnect1.c sshconnect2.c sshd.8]
- complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
- hugh@cvs.openbsd.org
[ssh.1]
- zap typo
[ssh-keygen.1]
- One last nit fix. (markus approved)
[sshd.8]
- some markus certified spelling adjustments
- markus@cvs.openbsd.org
[auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
[sshconnect2.c ]
- bug compat w/ ssh-2.0.13 x11, split out bugs
[nchan.c]
- no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
[ssh-keygen.c]
- handle escapes in real and original key format, ok millert@
[version.h]
- OpenSSH-2.1
2000-05-09 11:02:59 +10:00
61e50f10c2
- Configure caching and cleanup patch from Andre Lucas'
...
<andre.lucas@dial.pipex.com>
2000-05-08 20:49:37 +10:00
6d48871faf
- OpenBSD CVS update
...
- markus@cvs.openbsd.org
[clientloop.c sshconnect2.c]
- make x11-fwd interop w/ ssh-2.0.13
[README.openssh2]
- interop w/ SecureFX
- Release 2.0.0beta2
2000-05-08 13:44:52 +10:00
58e579bcd9
- Generate DSA host keys during "make key" or RPM installs
2000-05-08 00:05:31 +10:00
e247cc402b
- Remove references to SSLeay.
...
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 12:03:14 +10:00
0437b33e54
- Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
...
gathering commands from a text file
2000-05-02 09:56:41 +10:00
6f83b8e34d
- OpenBSD CVS update
...
[channels.c]
- init all fds, close all fds.
[sshconnect2.c]
- check whether file exists before asking for passphrase
[servconf.c servconf.h sshd.8 sshd.c]
- PidFile, pr 1210
[channels.c]
- EINTR
[channels.c]
- unbreak, ok niels@
[sshd.c]
- unlink pid file, ok niels@
[auth2.c]
- Add missing #ifdefs; ok - markus
2000-05-02 09:23:45 +10:00
63560f9bfc
Prepare for 2.0.0beta1
2000-05-02 09:06:04 +10:00
fc0b11b5aa
- Irix portability fixes - don't include netinet headers more than once
...
- Make sure we don't save PRNG seed more than once
2000-05-02 00:03:55 +10:00
7c0042629e
- Deprecate perl-tk askpass.
2000-05-01 22:57:46 +10:00
1cead2c02c
- Add some missing ifdefs to auth2.c
2000-05-01 22:55:23 +10:00
0e489dc5ae
- Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
...
<gd@hilb1.medat.de>
2000-05-01 22:53:53 +10:00
35dabd0398
[scp.c]
...
- fix very rare EAGAIN/EINTR issues; based on work by djm
[packet.c]
- less debug, rm unused
[auth2.c]
- disable kerb,s/key in ssh2
[sshd.8]
- Minor tweaks and typo fixes.
[ssh-keygen.c]
- Put -d into usage and reorder. markus ok.
2000-05-01 21:10:33 +10:00
70fb671d21
- Fixed __progname symbol collisions reported by Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-05-01 20:59:50 +10:00
e59ce627a4
- Include missing headers for OpenSSL tests. Fix from Phil Karn
...
<karn@ka9q.ampr.org>
2000-05-01 20:54:17 +10:00
7c8af4fca8
packet.c
...
send debug messages in SSH2 format
2000-05-01 08:24:07 +10:00
bd483e7690
- More OpenBSD updates:
...
[session.c]
- don't call chan_write_failed() if we are not writing
[auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
- keysize warnings error() -> log()
2000-04-30 10:00:53 +10:00
4018c1985d
- Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
...
patch.
- Adds timeout to entropy collection
- Disables slow entropy sources
- Load and save seed file
- Changed entropy seed code to user per-user seeds only (server seed is
saved in root's .ssh directory)
- Use atexit() and fatal cleanups to save seed on exit
2000-04-30 09:30:44 +10:00
1bead335d7
- Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
2000-04-30 00:47:29 +10:00
eba71bab9b
- Merge big update to OpenSSH-2.0 from OpenBSD CVS
...
[README.openssh2]
- interop w/ F-secure windows client
- sync documentation
- ssh_host_dsa_key not ssh_dsa_key
[auth-rsa.c]
- missing fclose
[auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
[readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
[sshd.c uuencode.c uuencode.h authfile.h]
- add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
for trading keys with the real and the original SSH, directly from the
people who invented the SSH protocol.
[auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
[sshconnect1.c sshconnect2.c]
- split auth/sshconnect in one file per protocol version
[sshconnect2.c]
- remove debug
[uuencode.c]
- add trailing =
[version.h]
- OpenSSH-2.0
[ssh-keygen.1 ssh-keygen.c]
- add -R flag: exit code indicates if RSA is alive
[sshd.c]
- remove unused
silent if -Q is specified
[ssh.h]
- host key becomes /etc/ssh_host_dsa_key
[readconf.c servconf.c ]
- ssh/sshd default to proto 1 and 2
[uuencode.c]
- remove debug
[auth2.c ssh-keygen.c sshconnect2.c sshd.c]
- xfree DSA blobs
[auth2.c serverloop.c session.c]
- cleanup logging for sshd/2, respect PasswordAuth no
[sshconnect2.c]
- less debug, respect .ssh/config
[README.openssh2 channels.c channels.h]
- clientloop.c session.c ssh.c
- support for x11-fwding, client+server
2000-04-29 23:57:08 +10:00
8117111a3c
- Define __progname in session.c if libc doesn't
...
- Remove indentation on autoconf #include statements to avoid bug in
DEC Tru64 compiler. Report and fix from David Del Piero
<David.DelPiero@qed.qld.gov.au>
2000-04-23 11:14:01 +10:00
a552faf564
- Merge fix from OpenBSD CVS
...
[ssh-agent.c]
- Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
via Debian bug #59926
2000-04-21 15:55:20 +10:00
f3a3fee942
- Debian bug #58031 - ssh_config lies about default cipher
2000-04-20 23:32:48 +10:00
cfabe86720
- Debian bug #55910 - remove references to ssl(8) manpages
2000-04-20 23:27:27 +10:00
d0cff3ecc4
- Merge fixes from Debian patch from Phil Hands <phil@hands.com>
...
- Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
- Use vhangup to clean up Linux ttys
- Force posix getopt processing on GNU libc systems
2000-04-20 23:12:58 +10:00
166fca8894
- Sync with OpenBSD CVS:
...
[clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
- pid_t
[session.c]
- remove bogus chan_read_failed. this could cause data
corruption (missing data) at end of a SSH2 session.
2000-04-20 07:42:21 +10:00
3ef692aa05
- Make fixpaths work with perl4, patch from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-04-20 07:33:24 +10:00
8bb73be04e
- OpenBSD CVS updates
...
[channels.c]
- fix pr 1196, listen_port and port_to_connect interchanged
[scp.c]
- after completion, replace the progress bar ETA counter with a final
elapsed time; my idea, aaron wrote the patch
[ssh_config sshd_config]
- show 'Protocol' as an example, ok markus@
[sshd.c]
- missing xfree()
- Add missing header to bsd-misc.c
2000-04-19 16:26:12 +10:00
5f05637b0e
- Reduce diff against OpenBSD source
...
- All OpenSSL includes are now unconditionally referenced as
openssl/foo.h
- Pick up formatting changes
- Other minor changed (typecasts, etc) that I missed
2000-04-16 12:31:48 +10:00
4af51306d9
- OpenBSD CVS updates.
...
[ssh.1 ssh.c]
- ssh -2
[auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
[session.c sshconnect.c]
- check payload for (illegal) extra data
[ALL]
- whitespace cleanup
2000-04-16 11:18:38 +10:00
22c772609a
- Merged OpenBSD updates to include paths.
2000-04-13 12:26:34 +10:00
e71eb91259
doc
2000-04-13 12:19:32 +10:00
78928793fb
- OpenBSD CVS updates:
...
- [channels.c]
repair x11-fwd
- [sshconnect.c]
fix passwd prompt for ssh2, less debugging output.
- [clientloop.c compat.c dsa.c kex.c sshd.c]
less debugging output
- [kex.c kex.h sshconnect.c sshd.c]
check for reasonable public DH values
- [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
[readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
add Cipher and Protocol options to ssh/sshd, e.g.:
ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
arcfour,3des-cbc'
- [sshd.c]
print 1.99 only if server supports both
2000-04-12 20:17:38 +10:00
efb4afe026
- More large OpenBSD CVS updates:
...
- [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
[session.h ssh.h sshd.c README.openssh2]
ssh2 server side, see README.openssh2; enable with 'sshd -2'
- [channels.c]
no adjust after close
- [sshd.c compat.c ]
interop w/ latest ssh.com windows client.
2000-04-12 18:45:05 +10:00
11e37f638d
- Only set define entropy collection macros if they are found
2000-04-08 18:23:30 +10:00
bc7c7cceea
- Avoid some compiler warnings in fake-get*.c
...
- Add IPTOS macros for systems which lack them
2000-04-08 17:48:56 +10:00
1383bd8eb9
- OpenBSD CVS update:
...
- [channels.c]
close efd on eof
- [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
ssh2 client implementation, interops w/ ssh.com and lsh servers.
- [sshconnect.c]
missing free.
- [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
remove unused argument, split cipher_mask()
- [clientloop.c]
re-order: group ssh1 vs. ssh2
- Make Redhat spec require openssl >= 0.9.5a
2000-04-06 12:32:37 +10:00
74a333bbe1
- Generate manpages before make install not at the end of make all
...
- Don't seed the rng quite so often
- Always reseed rng when requested
2000-04-04 15:04:09 +10:00
33b13568b5
- OpenBSD CVS update:
...
- [packet.h packet.c]
ssh2 packet format
- [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
[channels.h channels.c]
channel layer support for ssh2
- [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
DSA, keyexchange, algorithm agreement for ssh2
2000-04-04 14:38:59 +10:00
193ba88dd6
- Add tests for RAND_add function when searching for OpenSSL
2000-04-04 10:21:09 +10:00
70494d18ee
- Disable tests and typedefs for 64 bit types. They are currently unused.
2000-04-03 15:57:06 +10:00
040f3831fc
- Wrote entropy collection routines for systems that lack /dev/random
...
and EGD
2000-04-03 14:50:43 +10:00
b38eff8e4f
- Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
...
- [auth.c session.c sshd.c auth.h]
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
- [bufaux.c bufaux.h]
support ssh2 bignums
- [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
[readconf.c ssh.c ssh.h serverloop.c]
replace big switch() with function tables (prepare for ssh2)
- [ssh2.h]
ssh2 message type codes
- [sshd.8]
reorder Xr to avoid cutting
- [serverloop.c]
close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
- [channels.c]
missing close
allow bigger packets
- [cipher.c cipher.h]
support ssh2 ciphers
- [compress.c]
cleanup, less code
- [dispatch.c dispatch.h]
function tables for different message types
- [log-server.c]
do not log() if debuggin to stderr
rename a cpp symbol, to avoid param.h collision
- [mpaux.c]
KNF
- [nchan.c]
sync w/ channels.c
2000-04-01 11:09:21 +10:00
450a7a1ff4
- OpenBSD CVS update
...
- [auth-krb4.c]
-Wall
- [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
[match.h ssh.c ssh.h sshconnect.c sshd.c]
initial support for DSA keys. ok deraadt@, niels@
- [cipher.c cipher.h]
remove unused cipher_attack_detected code
- [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Fix some formatting problems I missed before.
- [ssh.1 sshd.8]
fix spelling errors, From: FreeBSD
- [ssh.c]
switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
2000-03-26 13:04:51 +10:00
2c9279fa66
- Better tests for OpenSSL w/ RSAref
...
- Added replacement setenv() function from OpenBSD libc. Suggested by
Ben Lindstrom <mouring@pconline.com>
2000-03-26 12:12:34 +10:00
63a46cc4f5
version
2000-03-24 09:24:33 +11:00
e37ac5ae17
- Runtime error fix for HPUX from Otmar Stahl
...
<O.Stahl@lsw.uni-heidelberg.de>
2000-03-17 23:58:59 +11:00
7684ee17ee
- OpenBSD CVS updates:
...
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
[packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
[sshd.c]
pedantic: signed vs. unsigned, void*-arithm, etc
- [ssh.1 sshd.8]
Various cleanups and standardizations.
2000-03-17 23:40:15 +11:00
d6121d2972
- Checks for 64 bit int types. Problem report from Mats Fredholm
...
<matsf@init.se>
2000-03-17 23:26:46 +11:00
29ea30d956
- Clarified --with-default-path option.
...
- Added -blibpath handling for AIX to work around stupid runtime linking.
Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
<jmknoble@pobox.com>
2000-03-17 10:54:15 +11:00
ca9a49cd0b
- Added blurb about "scp: command not found" errors to UPGRADING
2000-03-16 12:23:13 +11:00
9687322c03
spello
2000-03-16 12:07:43 +11:00
fd26368068
- Doc cleanups
2000-03-16 11:51:09 +11:00
166bd448c9
- Propogate LD through to Makefile
2000-03-16 10:48:25 +11:00
08c788a9b3
- Fixed configure not passing LDFLAGS to Solaris. Report from David G.
...
Hesprich <dghespri@sprintparanet.com>
2000-03-16 07:52:29 +11:00
856799ba27
- Configure fix from Bratislav ILICH <bilic@zepter.ru>
2000-03-15 21:18:10 +11:00
8b1c22b775
- Created contrib/ subdirectory. Included helpers from Phil Hands'
...
Debian package, README file and chroot patch from Ricardo Cerqueira
<rmcc@clix.pt>
- Moved gnome-ssh-askpass.c to contrib directory and reomved config
option.
- Slight cleanup to doc files
2000-03-15 12:13:01 +11:00
f09b07a971
- Don't free argument to putenv() after use (in setenv() replacement).
...
Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
2000-03-15 11:23:48 +11:00
a1ad4802ff
- Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
...
problems with gcc/Solaris.
2000-03-15 10:04:54 +11:00
db819595d3
- Include /usr/local/include and /usr/local/lib for systems that don't
...
do it themselves
- -R/usr/local/lib for Solaris
- Fix RSAref detection
- Fix IN6_IS_ADDR_V4MAPPED macro
2000-03-14 13:44:01 +11:00
1c67c9969c
- Include macro for IN6_IS_ADDR_V4MAPPED. Report from
...
peter@frontierflying.com
2000-03-14 10:16:34 +11:00
7bcb089ef7
- IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
2000-03-11 20:45:40 +11:00
d58b3abe0e
More config fixes
2000-03-11 20:05:11 +11:00
02491e9632
- OpenBSD CVS change
...
[sshd.c]
- disallow guessing of root password
2000-03-11 11:58:28 +11:00
b85dcad762
- Detect RSAref
2000-03-11 11:37:00 +11:00
8f975b6a18
- Removed warning workaround for Linux and devpts filesystems (no longer
...
required after OpenBSD updates)
2000-03-09 22:31:13 +11:00
98c7ad60ec
- OpenBSD CVS updates to v1.2.3
...
[ssh.h atomicio.c]
- int atomicio -> ssize_t (for alpha). ok deraadt@
[auth-rsa.c]
- delay MD5 computation until client sends response, free() early, cleanup.
[cipher.c]
- void* -> unsigned char*, ok niels@
[hostfile.c]
- remove unused variable 'len'. fix comments.
- remove unused variable
[log-client.c log-server.c]
- rename a cpp symbol, to avoid param.h collision
[packet.c]
- missing xfree()
- getsockname() requires initialized tolen; andy@guildsoftware.com
- use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
[pty.c pty.h]
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
[readconf.c]
- turn off x11-fwd for the client, too.
[rsa.c]
- PKCS#1 padding
[scp.c]
- allow '.' in usernames; from jedgar@fxp.org
[servconf.c]
- typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
- sync with sshd_config
[ssh-keygen.c]
- enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
[ssh.1]
- Change invalid 'CHAT' loglevel to 'VERBOSE'
[ssh.c]
- suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
- turn off x11-fwd for the client, too.
[sshconnect.c]
- missing xfree()
- retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp .
- read error vs. "Connection closed by remote host"
[sshd.8]
- ie. -> i.e.,
- do not link to a commercial page..
- sync with sshd_config
[sshd.c]
- no need for poll.h; from bright@wintelcom.net
- log with level log() not fatal() if peer behaves badly.
- don't panic if client behaves strange. ok deraadt@
- make no-port-forwarding for RSA keys deny both -L and -R style fwding
- delay close() of pty until the pty has been chowned back to root
- oops, fix comment, too.
- missing xfree()
- move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907 , too.
(http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907 )
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
- create x11 cookie file
- fix pr 1113, fclose() -> pclose(), todo: remote popen()
- version 1.2.3
- Cleaned up
2000-03-09 21:27:49 +11:00
1a07ebd4d8
- Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
2000-03-08 09:03:44 +11:00
65165f8d83
- Check for libwrap if --with-tcp-wrappers option specified. Suggestion
...
Mate Wierdl <mw@moni.msci.memphis.edu>
2000-03-05 17:02:45 +11:00
9fb07e4b8b
- Check for getpagesize in libucb.a if not found in libc. Fix for old
...
Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
2000-03-05 16:22:59 +11:00
fac99cd12a
- Explicitly seed OpenSSL's PRNG before checking rsa_alive()
2000-03-05 16:10:45 +11:00
01bedb83b1
- Fix DEC compile fix
2000-03-05 16:10:03 +11:00
00d4bb117a
- DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
...
- Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
2000-03-03 22:48:49 +11:00
3c7eeb2af5
- Don't permanently fail on bind() if getaddrinfo has more choices left for
...
us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
Miskiewicz <misiek@pld.org.pl>
2000-03-03 22:35:33 +11:00
4095f894dc
- Added "make host-key" target, Suggestion from Dominik Brettnacher
...
<domi@saargate.de>
2000-03-03 22:13:52 +11:00
2453d01611
- Allow root access to any key. Patch from
...
markus.friedl@informatik.uni-erlangen.de
2000-03-02 23:57:18 +11:00
204ad074e5
- Warning was valid - possible race condition on PTYs. Avoided using
...
platform-specific code.
- Document some common problems
2000-03-02 23:56:12 +11:00
c4cea3e5c7
- Avoid warning message with Unix98 ptys
2000-03-02 23:31:50 +11:00
c7d8dbbb0d
- Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
2000-03-02 23:30:53 +11:00
a22ba0152c
- Big cleanup of autoconf code
...
- Rearranged to be a little more logical
- Added -R option for Solaris
- Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
to detect library and header location _and_ ensure library has proper
RSA support built in (this is a problem with OpenSSL 0.9.5).
2000-03-02 23:09:20 +11:00
36143d7851
- Removed SOCKS code. Will support through a ProxyCommand.
2000-02-07 13:20:26 +11:00
0c0e4bfe3c
- Add --with-ssl-dir option
2000-02-03 13:58:51 +11:00
1852246d30
- Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
2000-02-03 01:07:07 +11:00
1787252789
- Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
...
- Added URLs to Japanese translations of documents by HARUYAMA Seigo
<haruyama@nt.phys.s.u-tokyo.ac.jp>
2000-02-02 20:56:20 +11:00
6552758bae
- Fix lastlog code for directory based lastlogs. Fix from Josh Durham
...
<jmd@aoe.vt.edu>
2000-02-02 19:17:40 +11:00
9e53f35a6a
- Use socket pairs by default (instead of pipes). Prevents race condition
...
on several (buggy) OSs. Report and fix from tridge@linuxcare.com
2000-02-01 23:05:30 +11:00
6034fdfd1f
- Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-29 20:55:09 +11:00
f07390e90d
- Seed OpenSSL's random number generator before generating RSA keypairs
...
- Split random collector into seperate file
2000-01-29 20:40:22 +11:00
c85f9b4851
- Added note in UPGRADING re interop with commercial SSH using idea.
...
Report from Jim Knoble <jmknoble@pobox.com>
- Fix linking order for Kerberos/AFS. Fix from Holget Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-29 10:20:21 +11:00
27f4c78698
- NeXT keeps it lastlog in /usr/adm. Report from
...
mouring@newton.pconline.com
2000-01-27 18:22:13 +11:00
7d7c60d6e7
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
...
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
2000-01-26 14:37:48 +11:00
6d84493c8b
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
...
<jmknoble@pobox.com>
2000-01-26 12:17:50 +11:00
0e1cf7caa7
- Use preformatted manpages on SCO, report from Gary E. Miller
...
<gem@rellim.com>
- New URL for x11-ssh-askpass.
2000-01-26 12:15:30 +11:00
fa51a83f54
- Reorder PAM initialisation so it does not mess up lastlog. Reported
...
by Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-26 11:07:22 +11:00
d89c24b57e
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-01-26 11:04:48 +11:00
68cee109e8
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
...
increment)
2000-01-24 17:02:27 +11:00
Damien Miller
andre