dc8fc62103
- (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
...
binaries without the config files. Primarily useful for packaging.
Patch from phil at usc.edu. ok djm@
2005-02-26 10:12:38 +11:00
3804903a09
- (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
...
Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
more. Patch from vinschen at redhat.com.
2005-02-26 10:07:37 +11:00
34233830a1
- (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c]
...
Remove two obsolete Cygwin #ifdefs. Patch from vinschen at redhat.com.
2005-02-26 10:04:28 +11:00
848b993639
- (djm) [configure.ac] in_addr_t test needs sys/types.h too
2005-02-24 12:12:34 +11:00
2ea9b18918
- (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from
...
vinschen at redhat.com.
2005-02-22 17:57:13 +11:00
04cfbe04aa
- (dtucker) [configure.ac] Missing comma in AIX section, somehow causes
...
unrelated platforms to be configured incorrectly.
2005-02-20 23:27:11 +11:00
d9f88915a2
- (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
...
defines.h] Bug #125 : Add *EXPERIMENTAL* BSM audit support. Configure
--with-audit=bsm to enable. Patch originally from Sun Microsystems,
parts by John R. Jackson. ok djm@
2005-02-20 21:01:48 +11:00
3c774c52f3
- (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
...
compiler warnings on AIX.
2005-02-16 22:49:31 +11:00
c97b01af62
- (dtucker) [session.c] Bug #918 : store credentials from gssapi-with-mic
...
authentication early enough to be available to PAM session modules when
privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam
Hartman and similar to Debian's ssh-krb5 package.
2005-02-16 16:47:37 +11:00
ca6e7a7e8b
- (dtucker) [configure.ac] Bug #893 : check for libresolv early on Reliant
...
Unix; prevents problems relating to the location of -lresolv in the
link order.
2005-02-16 16:19:17 +11:00
a91f5ee618
- (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined
...
by the system headers.
2005-02-16 14:20:06 +11:00
7b48d25527
- (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called
...
via mkstemp in some configurations. ok djm@
2005-02-16 13:20:07 +11:00
ed462d9a45
write seed to temporary file and atomically rename into place; ok dtucker@
2005-02-16 13:02:45 +11:00
a39f83eeee
- (dtucker) [loginrec.c] Add missing #include.
2005-02-15 22:19:28 +11:00
691d5235ca
- (dtucker) [README.platform auth.c configure.ac loginrec.c
...
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835 : enable IPv6
on AIX where possible (see README.platform for details) and work around
a misfeature of AIX's getnameinfo. ok djm@
2005-02-15 21:45:57 +11:00
f04c361675
- (dtucker) [config.sh.in] Collect oslevel -r too.
2005-02-15 21:26:32 +11:00
15af68f767
- (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too.
2005-02-11 18:32:13 +11:00
1b6f2291e4
- (dtucker) [configure.ac] Tidy up configure --help output.
2005-02-11 16:11:49 +11:00
2f9573df71
- (dtucker) [configure.ac] Bug #919 : Provide visible feedback for the
...
--disable-etc-default-login configure option.
2005-02-10 22:28:54 +11:00
33370e0287
- (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
...
the username to be passed to the passwd command when changing expired
passwords. ok djm@
2005-02-09 22:17:28 +11:00
c7e38d59e9
- (dtucker) [configure.ac] Bug #854 : prepend pwd to relative --with-ssl-dir
...
paths. ok djm@
2005-02-09 22:12:30 +11:00
92170a8626
- (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
...
disable_forwarding() from compat library. Prevent linker errrors trying
to resolve it for binaries other than sshd. ok djm@
2005-02-09 17:08:23 +11:00
96d4710e38
- dtucker@cvs.openbsd.org 2005/02/08 22:24:57
...
[sshd.c]
Provide reason in error message if getnameinfo fails; ok markus@
2005-02-09 09:53:48 +11:00
5b53026f71
- dtucker@cvs.openbsd.org 2005/01/30 11:18:08
...
[monitor.c]
Make code match intent; ok djm@
2005-02-09 09:52:17 +11:00
43d8e28763
- jmc@cvs.openbsd.org 2005/01/28 18:14:09
...
[ssh_config.5]
wording;
ok markus@
2005-02-09 09:51:08 +11:00
79a7acfebd
- jmc@cvs.openbsd.org 2005/01/28 15:05:43
...
[ssh_config.5]
grammar;
2005-02-09 09:48:57 +11:00
3f166dfcb5
- dtucker@cvs.openbsd.org 2005/01/28 09:45:53
...
[ssh_config]
Make it clear that the example entries in ssh_config are only some of the
commonly-used options and refer the user to ssh_config(5) for more
details; ok djm@
2005-02-09 09:46:47 +11:00
2e0cf0dca2
- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
...
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
defines and enums with SSH_ to prevent namespace collisions on some
platforms (eg AIX).
2005-02-08 21:52:47 +11:00
b4d3012d2e
- (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings.
2005-02-08 21:06:55 +11:00
feb6f7f244
- (dtucker) [regress/test-exec.sh] Bug #912 : Set _POSIX2_VERSION for the
...
regress tests so newer versions of GNU head(1) behave themselves. Patch
by djm, so ok me.
2005-02-08 20:17:17 +11:00
40d9a63788
- (dtucker) [auth.c] Fix parens in audit log check.
2005-02-04 15:19:44 +11:00
598ba7b5e2
- (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too.
2005-02-04 15:05:08 +11:00
6dce99142b
typo
2005-02-03 15:07:37 +11:00
269a1ea1c8
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
...
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125 :
(first stage) Add audit instrumentation to sshd, currently disabled by
default. with suggestions from and djm@
2005-02-03 00:20:53 +11:00
2fba993080
- (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c]
...
Bug #974 : Teach sshd to write failed login records to btmp for failed auth
attempts (currently only for password, kbdint and C/R, only on Linux and
HP-UX), based on code from login.c from util-linux. With ashok_kovai at
hotmail.com, ok djm@
2005-02-02 23:30:24 +11:00
9dc6c7dbec
- (dtucker) [session.c sshd.c] Bug #445 : Propogate KRB5CCNAME if set to child
...
the process. Since we also unset KRB5CCNAME at startup, if it's set after
authentication it must have been set by the platform's native auth system.
This was already done for AIX; this enables it for the general case.
2005-02-02 18:30:33 +11:00
42d9dc75ed
- (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]
...
Make record_failed_login() call provide hostname rather than having the
implementations having to do lookups themselves. Only affects AIX and
UNICOS (the latter only uses the "user" parameter anyway). ok djm@
2005-02-02 17:10:11 +11:00
ad7646a59a
- (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpath
...
rev 1.11 from OpenBSD and make it use fchdir if available. ok djm@
2005-02-02 10:43:59 +11:00
9dca099aec
- (dtucker) [sshd_config.5] Bug #701 : remove warning about
...
keyboard-interactive since this is no longer the case.
2005-02-01 19:16:45 +11:00
9b5495d23e
- (dtucker) [log.c] Bug #973 : force log_init() to open syslog, since on some
...
platforms syslog will revert to its default values. This may result in
messages from external libraries (eg libwrap) being sent to a different
facility.
2005-02-01 17:35:09 +11:00
218f178cb2
- dtucker@cvs.openbsd.org 2005/01/24 11:47:13
...
[auth-passwd.c]
#if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@
2005-01-24 22:50:47 +11:00
1b7223c005
- dtucker@cvs.openbsd.org 2005/01/24 10:29:06
...
[moduli]
Import new moduli; requested by deraadt@ a week ago
2005-01-24 22:00:40 +11:00
ba66df81a3
- dtucker@cvs.openbsd.org 2005/01/24 10:22:06
...
[scp.c sftp.c]
Have scp and sftp wait for the spawned ssh to exit before they exit
themselves. This prevents ssh from being unable to restore terminal
modes (not normally a problem on OpenBSD but common with -Portable
on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950);
ok djm@ markus@
2005-01-24 21:57:40 +11:00
660db78af2
- djm@cvs.openbsd.org 2005/01/23 10:18:12
...
[cipher.c]
config option "Ciphers" should be case-sensitive; ok dtucker@
2005-01-24 21:57:11 +11:00
094cd0ba02
- dtucker@cvs.openbsd.org 2005/01/22 08:17:59
...
[auth.c]
Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and
DenyGroups. bz #909 , ok djm@
2005-01-24 21:56:48 +11:00
5c14c73429
- otto@cvs.openbsd.org 2005/01/21 08:32:02
...
[auth-passwd.c sshd.c]
Warn in advance for password and account expiry; initialize loginmsg
buffer earlier and clear it after privsep fork. ok and help dtucker@
markus@
2005-01-24 21:55:49 +11:00
3c66080aa2
- (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936 : Remove pam from
...
the list of available kbdint devices if UsePAM=no. ok djm@
2005-01-20 22:20:50 +11:00
33bc334a8b
- (dtucker) [loginrec.h] Bug #952 : Increase size of username field to 128
...
bytes to prevent errors from login_init_entry() when the username is
exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
2005-01-20 22:07:29 +11:00
d231186fd0
- djm@cvs.openbsd.org 2004/12/22 02:13:19
...
[cipher-ctr.c cipher.c]
remove fallback AES support for old OpenSSL, as OpenBSD has had it for
many years now; ok deraadt@
(Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 13:27:56 +11:00
36a3d60347
- (dtucker) [auth-pam.c] Bug #971 : Prevent leaking information about user
...
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
2005-01-20 12:43:38 +11:00
Darren Tucker
Damien Miller