Darren Tucker
e061b1598a
- (dtucker) [auth-pam.c] Use an invalid password for root if
...
PermitRootLogin != yes or the login is invalid, to prevent leaking
information. Based on Openwall's owl-always-auth patch. ok djm@
2004-05-30 22:04:56 +10:00
Darren Tucker
450a158d7e
- (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874 : Re-add PAM
...
support for PasswordAuthentication=yes. ok djm@
2004-05-30 20:43:59 +10:00
Darren Tucker
0ffe638bbb
- (dtucker) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec
...
contrib/README CREDITS INSTALL] Bug #873 : Correct URLs for x11-ssh-askpass
and Jim Knoble's email address , from Jim himself.
2004-05-27 09:59:31 +10:00
Darren Tucker
12984968fb
- (dtucker) [sshd.c] Fix typo in comment.
2004-05-24 13:37:13 +10:00
Darren Tucker
b53355eca5
- (dtucker) [auth-pam.c] Bug #839 : Ensure that pam authentication "thread"
...
is terminated if the privsep slave exits during keyboard-interactive
authentication. ok djm@
2004-05-24 11:55:36 +10:00
Darren Tucker
89413dbafa
- dtucker@cvs.openbsd.org 2004/05/23 23:59:53
...
[auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5]
Add MaxAuthTries sshd config option; ok markus@
2004-05-24 10:36:23 +10:00
Darren Tucker
e534e12127
- jmc@cvs.openbsd.org 2004/05/22 16:01:05
...
[ssh.1]
kill whitespace at eol;
2004-05-24 10:35:14 +10:00
Darren Tucker
1973c88898
- djm@cvs.openbsd.org 2004/05/22 06:32:12
...
[clientloop.c ssh.1]
use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
2004-05-24 10:34:36 +10:00
Darren Tucker
e7066dfde3
- djm@cvs.openbsd.org 2004/05/21 11:33:11
...
[channels.c channels.h clientloop.c serverloop.c ssh.1]
bz #756 : add support for the cancel-tcpip-forward request for the server and
the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
ok markus@
2004-05-24 10:18:05 +10:00
Darren Tucker
e4ab1157db
- markus@cvs.openbsd.org 2004/05/21 08:43:03
...
[kex.h moduli.c tildexpand.c]
add prototypes for -Wall; ok djm
2004-05-24 10:14:24 +10:00
Darren Tucker
e167582947
- dtucker@cvs.openbsd.org 2004/05/20 10:58:05
...
[clientloop.c]
Trivial type fix 0 -> '\0'; ok markus@
2004-05-24 10:13:07 +10:00
Darren Tucker
cdf547afe4
- djm@cvs.openbsd.org 2004/05/19 12:17:33
...
[sftp-client.c sftp.c]
gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while
waiting for a command; ok markus@
2004-05-24 10:12:19 +10:00
Ben Lindstrom
efec7c23b1
- (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle
...
old/broken/incomplete <sys/queue.h>.
2004-05-23 06:22:27 +00:00
Damien Miller
b409718797
- (djm) [configure.ac] Warn if the system has no known way of figuring out
...
which user is on the other end of a Unix domain socket; ok dtucker@
2004-05-23 14:09:40 +10:00
Damien Miller
701d0514ee
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
...
ok dtucker@
2004-05-23 11:47:58 +10:00
Darren Tucker
991d95f412
- (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR
...
-> HAVE_DECL_H_ERRNO.
2004-05-13 20:24:10 +10:00
Darren Tucker
cc2685577b
- (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR
...
is defined before using.
2004-05-13 20:10:38 +10:00
Darren Tucker
b6db172a79
- (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
...
readpass.h, grep says scard-opensc.c does too. Replace with misc.h.
2004-05-13 17:29:35 +10:00
Darren Tucker
1dcff9a3a8
- (dtucker) [sshd.8] Bug #843 : Add warning about PasswordAuthentication to
...
UsePAM section. Parts from djm@ and jmc@.
2004-05-13 16:51:40 +10:00
Darren Tucker
a86b453bb3
- dtucker@cvs.openbsd.org 2004/05/13 02:47:50
...
[ssh-agent.1]
Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@
2004-05-13 16:45:46 +10:00
Darren Tucker
1f8311c836
- deraadt@cvs.openbsd.org 2004/05/11 19:01:43
...
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
Darren Tucker
b42714e28b
- djm@cvs.openbsd.org 2004/05/09 01:26:48
...
[kex.c]
don't overwrite what we are trying to compute
2004-05-13 16:31:48 +10:00
Darren Tucker
e14e005f41
- djm@cvs.openbsd.org 2004/05/09 01:19:28
...
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
sshd.c] removed: mpaux.c mpaux.h
kill some more tiny files; ok deraadt@
2004-05-13 16:30:44 +10:00
Darren Tucker
770fc01078
- djm@cvs.openbsd.org 2004/05/09 00:06:47
...
[moduli.c ssh-keygen.c] removed: moduli.h
zap another tiny header; ok deraadt@
2004-05-13 16:24:32 +10:00
Darren Tucker
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
Darren Tucker
06f2bd8bde
- deraadt@cvs.openbsd.org 2004/05/08 00:01:37
...
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
tildexpand.c], removed: sshtty.h tildexpand.h
make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
Darren Tucker
dcf6ec48f6
- jmc@cvs.openbsd.org 2004/05/06 11:24:23
...
[ssh_config.5]
typo from John Cosimano (PR 3770);
2004-05-13 13:03:56 +10:00
Darren Tucker
2e578f6292
- jmc@cvs.openbsd.org 2004/05/04 18:36:07
...
[scp.1]
SendEnv here too;
2004-05-13 13:03:04 +10:00
Darren Tucker
8e968a596a
- (dtucker) [configure.ac] Bug #867 : Additional tests for res_query in
...
libresolv, fixes problems detecting it on some platforms
(eg Linux/x86-64). From Kurt Roeckx via Debian, ok mouring@
2004-05-13 11:56:16 +10:00
Darren Tucker
c0796d7676
- dtucker@cvs.openbsd.org 2004/05/02 23:17:51
...
[scp.1]
ConnectionTimeout -> ConnectTimeout for scp.1 too.
2004-05-03 09:19:03 +10:00
Darren Tucker
3d5cbb7761
- dtucker@cvs.openbsd.org 2004/05/02 23:02:17
...
[sftp.1]
ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@
2004-05-03 09:13:15 +10:00
Darren Tucker
edae0ec12a
- dtucker@cvs.openbsd.org 2004/05/02 11:57:52
...
[ssh.1]
ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
Debian. ok djm@
2004-05-02 22:15:52 +10:00
Darren Tucker
097e1e9a97
- dtucker@cvs.openbsd.org 2004/05/02 11:54:31
...
[sshd.8]
Man page grammar fix (bz #858 ), from damerell at chiark.greenend.org.uk
via Debian; ok djm@
2004-05-02 22:15:08 +10:00
Darren Tucker
7a6c06620e
- jmc@cvs.openbsd.org 2004/04/28 07:13:42
...
[sftp.1 ssh.1]
add SendEnv to -o list;
2004-05-02 22:14:03 +10:00
Darren Tucker
b2a601cc99
- jmc@cvs.openbsd.org 2004/04/28 07:02:56
...
[sshd_config.5]
remove unnecessary .Pp;
2004-05-02 22:13:20 +10:00
Darren Tucker
1e0c9bf9fb
- djm@cvs.openbsd.org 2004/04/28 05:17:10
...
[ssh_config.5 sshd_config.5]
manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
2004-05-02 22:12:48 +10:00
Darren Tucker
46bc075474
- djm@cvs.openbsd.org 2004/04/27 09:46:37
...
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815 : implement ability to pass specified environment variables from
the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
Darren Tucker
47abce45b2
- djm@cvs.openbsd.org 2004/04/22 11:56:57
...
[moduli.c]
Bugzilla #850 : Sophie Germain is the correct name of the French
mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@c-s.fr
2004-05-02 22:09:00 +10:00
Darren Tucker
7749c5163b
- (dtucker) [README.platform] List prereqs for building on Cygwin.
2004-04-23 18:57:13 +10:00
Darren Tucker
5bb140019c
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno
...
as extern int if not already declared. Fixes compile errors on old SCO
platforms. ok tim@
2004-04-23 18:53:10 +10:00
Damien Miller
752e4e603f
- (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@
2004-04-21 12:29:13 +10:00
Damien Miller
5561e0b73d
- (djm) [configure.ac] Check whether libroken is required when building
...
with Heimdal
2004-04-20 20:28:55 +10:00
Damien Miller
50bec89baf
rewrap
2004-04-20 20:20:40 +10:00
Damien Miller
914420fe74
- djm@cvs.openbsd.org 2004/04/19 21:51:49
...
[ssh.c]
fix idiot typo that i introduced in my last commit;
spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
Damien Miller
1a81258f4e
- jmc@cvs.openbsd.org 2004/04/19 16:12:14
...
[ssh_config.5]
kill whitespace at eol;
2004-04-20 20:13:32 +10:00
Damien Miller
c970cb9052
- djm@cvs.openbsd.org 2004/04/19 13:02:40
...
[ssh.1 ssh_config.5]
document strict permission checks on ~/.ssh/config; prompted by,
with & ok jmc@
2004-04-20 20:12:53 +10:00
Damien Miller
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller
1824c071ab
- (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change
2004-04-20 20:10:46 +10:00
Damien Miller
0b51a52a10
- (djm) OpenBSD CVS Sync
...
- henning@cvs.openbsd.org 2004/04/08 16:08:21
[sshconnect2.c]
swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do.
ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
Darren Tucker
bddc2b0179
- markus@cvs.openbsd.org 2004/04/01 12:19:57
...
[scp.c]
limit trust between local and remote rcp/scp process,
noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 23:50:16 +10:00