Commit Graph

3370 Commits

Author SHA1 Message Date
Darren Tucker e061b1598a - (dtucker) [auth-pam.c] Use an invalid password for root if
PermitRootLogin != yes or the login is invalid, to prevent leaking
   information.  Based on Openwall's owl-always-auth patch.  ok djm@
2004-05-30 22:04:56 +10:00
Darren Tucker 450a158d7e - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874: Re-add PAM
support for PasswordAuthentication=yes.  ok djm@
2004-05-30 20:43:59 +10:00
Darren Tucker 0ffe638bbb - (dtucker) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec
contrib/README CREDITS INSTALL] Bug #873: Correct URLs for x11-ssh-askpass
   and Jim Knoble's email address , from Jim himself.
2004-05-27 09:59:31 +10:00
Darren Tucker 12984968fb - (dtucker) [sshd.c] Fix typo in comment. 2004-05-24 13:37:13 +10:00
Darren Tucker b53355eca5 - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread"
is terminated if the privsep slave exits during keyboard-interactive
   authentication.  ok djm@
2004-05-24 11:55:36 +10:00
Darren Tucker 89413dbafa - dtucker@cvs.openbsd.org 2004/05/23 23:59:53
[auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5]
     Add MaxAuthTries sshd config option; ok markus@
2004-05-24 10:36:23 +10:00
Darren Tucker e534e12127 - jmc@cvs.openbsd.org 2004/05/22 16:01:05
[ssh.1]
     kill whitespace at eol;
2004-05-24 10:35:14 +10:00
Darren Tucker 1973c88898 - djm@cvs.openbsd.org 2004/05/22 06:32:12
[clientloop.c ssh.1]
     use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
2004-05-24 10:34:36 +10:00
Darren Tucker e7066dfde3 - djm@cvs.openbsd.org 2004/05/21 11:33:11
[channels.c channels.h clientloop.c serverloop.c ssh.1]
     bz #756: add support for the cancel-tcpip-forward request for the server and
     the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
     ok markus@
2004-05-24 10:18:05 +10:00
Darren Tucker e4ab1157db - markus@cvs.openbsd.org 2004/05/21 08:43:03
[kex.h moduli.c tildexpand.c]
     add prototypes for -Wall; ok djm
2004-05-24 10:14:24 +10:00
Darren Tucker e167582947 - dtucker@cvs.openbsd.org 2004/05/20 10:58:05
[clientloop.c]
     Trivial type fix 0 -> '\0'; ok markus@
2004-05-24 10:13:07 +10:00
Darren Tucker cdf547afe4 - djm@cvs.openbsd.org 2004/05/19 12:17:33
[sftp-client.c sftp.c]
     gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while
     waiting for a command; ok markus@
2004-05-24 10:12:19 +10:00
Ben Lindstrom efec7c23b1 - (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle
old/broken/incomplete <sys/queue.h>.
2004-05-23 06:22:27 +00:00
Damien Miller b409718797 - (djm) [configure.ac] Warn if the system has no known way of figuring out
which user is on the other end of a Unix domain socket; ok dtucker@
2004-05-23 14:09:40 +10:00
Damien Miller 701d0514ee - (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
ok dtucker@
2004-05-23 11:47:58 +10:00
Darren Tucker 991d95f412 - (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR
-> HAVE_DECL_H_ERRNO.
2004-05-13 20:24:10 +10:00
Darren Tucker cc2685577b - (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR
is defined before using.
2004-05-13 20:10:38 +10:00
Darren Tucker b6db172a79 - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
readpass.h, grep says scard-opensc.c does too.  Replace with misc.h.
2004-05-13 17:29:35 +10:00
Darren Tucker 1dcff9a3a8 - (dtucker) [sshd.8] Bug #843: Add warning about PasswordAuthentication to
UsePAM section.  Parts from djm@ and jmc@.
2004-05-13 16:51:40 +10:00
Darren Tucker a86b453bb3 - dtucker@cvs.openbsd.org 2004/05/13 02:47:50
[ssh-agent.1]
     Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@
2004-05-13 16:45:46 +10:00
Darren Tucker 1f8311c836 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
     packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
     improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
Darren Tucker b42714e28b - djm@cvs.openbsd.org 2004/05/09 01:26:48
[kex.c]
     don't overwrite what we are trying to compute
2004-05-13 16:31:48 +10:00
Darren Tucker e14e005f41 - djm@cvs.openbsd.org 2004/05/09 01:19:28
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
     sshd.c] removed: mpaux.c mpaux.h
     kill some more tiny files; ok deraadt@
2004-05-13 16:30:44 +10:00
Darren Tucker 770fc01078 - djm@cvs.openbsd.org 2004/05/09 00:06:47
[moduli.c ssh-keygen.c] removed: moduli.h
     zap another tiny header; ok deraadt@
2004-05-13 16:24:32 +10:00
Darren Tucker e608ca2965 - djm@cvs.openbsd.org 2004/05/08 00:21:31
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
     sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
     kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
Darren Tucker 06f2bd8bde - deraadt@cvs.openbsd.org 2004/05/08 00:01:37
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
     tildexpand.c], removed: sshtty.h tildexpand.h
     make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
Darren Tucker dcf6ec48f6 - jmc@cvs.openbsd.org 2004/05/06 11:24:23
[ssh_config.5]
     typo from John Cosimano (PR 3770);
2004-05-13 13:03:56 +10:00
Darren Tucker 2e578f6292 - jmc@cvs.openbsd.org 2004/05/04 18:36:07
[scp.1]
     SendEnv here too;
2004-05-13 13:03:04 +10:00
Darren Tucker 8e968a596a - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in
libresolv, fixes problems detecting it on some platforms
   (eg Linux/x86-64).  From Kurt Roeckx via Debian, ok mouring@
2004-05-13 11:56:16 +10:00
Darren Tucker c0796d7676 - dtucker@cvs.openbsd.org 2004/05/02 23:17:51
[scp.1]
     ConnectionTimeout -> ConnectTimeout for scp.1 too.
2004-05-03 09:19:03 +10:00
Darren Tucker 3d5cbb7761 - dtucker@cvs.openbsd.org 2004/05/02 23:02:17
[sftp.1]
     ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@
2004-05-03 09:13:15 +10:00
Darren Tucker edae0ec12a - dtucker@cvs.openbsd.org 2004/05/02 11:57:52
[ssh.1]
     ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
     Debian.  ok djm@
2004-05-02 22:15:52 +10:00
Darren Tucker 097e1e9a97 - dtucker@cvs.openbsd.org 2004/05/02 11:54:31
[sshd.8]
     Man page grammar fix (bz #858), from damerell at chiark.greenend.org.uk
     via Debian; ok djm@
2004-05-02 22:15:08 +10:00
Darren Tucker 7a6c06620e - jmc@cvs.openbsd.org 2004/04/28 07:13:42
[sftp.1 ssh.1]
     add SendEnv to -o list;
2004-05-02 22:14:03 +10:00
Darren Tucker b2a601cc99 - jmc@cvs.openbsd.org 2004/04/28 07:02:56
[sshd_config.5]
     remove unnecessary .Pp;
2004-05-02 22:13:20 +10:00
Darren Tucker 1e0c9bf9fb - djm@cvs.openbsd.org 2004/04/28 05:17:10
[ssh_config.5 sshd_config.5]
     manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
2004-05-02 22:12:48 +10:00
Darren Tucker 46bc075474 - djm@cvs.openbsd.org 2004/04/27 09:46:37
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
     ssh_config.5 sshd_config.5]
     bz #815: implement ability to pass specified environment variables from
     the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
Darren Tucker 47abce45b2 - djm@cvs.openbsd.org 2004/04/22 11:56:57
[moduli.c]
     Bugzilla #850: Sophie Germain is the correct name of the French
     mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@c-s.fr
2004-05-02 22:09:00 +10:00
Darren Tucker 7749c5163b - (dtucker) [README.platform] List prereqs for building on Cygwin. 2004-04-23 18:57:13 +10:00
Darren Tucker 5bb140019c - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno
as extern int if not already declared.  Fixes compile errors on old SCO
   platforms.  ok tim@
2004-04-23 18:53:10 +10:00
Damien Miller 752e4e603f - (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@ 2004-04-21 12:29:13 +10:00
Damien Miller 5561e0b73d - (djm) [configure.ac] Check whether libroken is required when building
with Heimdal
2004-04-20 20:28:55 +10:00
Damien Miller 50bec89baf rewrap 2004-04-20 20:20:40 +10:00
Damien Miller 914420fe74 - djm@cvs.openbsd.org 2004/04/19 21:51:49
[ssh.c]
     fix idiot typo that i introduced in my last commit;
     spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
Damien Miller 1a81258f4e - jmc@cvs.openbsd.org 2004/04/19 16:12:14
[ssh_config.5]
     kill whitespace at eol;
2004-04-20 20:13:32 +10:00
Damien Miller c970cb9052 - djm@cvs.openbsd.org 2004/04/19 13:02:40
[ssh.1 ssh_config.5]
     document strict permission checks on ~/.ssh/config; prompted by,
     with & ok jmc@
2004-04-20 20:12:53 +10:00
Damien Miller 57a4476a69 - djm@cvs.openbsd.org 2004/04/18 23:10:26
[readconf.c readconf.h ssh-keysign.c ssh.c]
     perform strict ownership and modes checks for ~/.ssh/config files,
     as these can be used to execute arbitrary programs; ok markus@
     NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller 1824c071ab - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change 2004-04-20 20:10:46 +10:00
Damien Miller 0b51a52a10 - (djm) OpenBSD CVS Sync
- henning@cvs.openbsd.org 2004/04/08 16:08:21
     [sshconnect2.c]
     swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD     and NetBSD do.
     ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
Darren Tucker bddc2b0179 - markus@cvs.openbsd.org 2004/04/01 12:19:57
[scp.c]
     limit trust between local and remote rcp/scp process,
     noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 23:50:16 +10:00