Commit Graph

1381 Commits

Author SHA1 Message Date
Damien Miller 649d999b4b - (djm) Turn up warnings if gcc or egcs detected 2001-06-27 23:35:51 +10:00
Damien Miller b90416b7df - (djm) Sync with -current openbsd-compat/readpassphrase.c:
- djm@cvs.openbsd.org 2001/06/27 13:23:30
     typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@
2001-06-27 23:26:38 +10:00
Damien Miller b5b0af4d58 - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename
existing primes->moduli if it exists.
2001-06-27 21:52:32 +10:00
Damien Miller 407548b7ed - (djm) Rename sysconfdir/primes => sysconfdir/moduli 2001-06-27 17:07:16 +10:00
Damien Miller ec9868aa3c - (djm) Remove redundant and incorrect test for max auth attempts in
PAM kbdint code. Based on fix from Matthew Melvin
  <matthewm@webcentral.com.au>
2001-06-27 15:36:43 +10:00
Damien Miller 665af9cae7 - (djm) Reintroduce pam_session call for non-pty sessions. 2001-06-27 09:34:15 +10:00
Damien Miller c8a3868ed0 - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and
Solaris
2001-06-25 18:09:16 +10:00
Damien Miller 2d5ac08f13 -Wall 2001-06-25 17:07:59 +10:00
Ben Lindstrom 491bbb811a - markus@cvs.openbsd.org 2001/06/24 17:18:31
[ttymodes.c]
     passing modes works fine: debug2->3
2001-06-25 05:24:16 +00:00
Ben Lindstrom 126c56ad9e - markus@cvs.openbsd.org 2001/06/24 05:47:13
[sshconnect2.c]
     oops, missing format string
2001-06-25 05:22:53 +00:00
Ben Lindstrom 949974bbdb - markus@cvs.openbsd.org 2001/06/24 05:35:33
[readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
     switch to readpassphrase(3)
     2.7/8-stable needs readpassphrase.[ch] from libc
2001-06-25 05:20:31 +00:00
Ben Lindstrom f0c50293dd - markus@cvs.openbsd.org 2001/06/24 05:25:10
[auth-options.c match.c match.h]
     move ip+hostname check to match.c
2001-06-25 05:17:53 +00:00
Ben Lindstrom 0520945179 - markus@cvs.openbsd.org 2001/06/23 22:37:46
[sshconnect1.c]
     consistent with ssh2: skip key if empty passphrase is entered,
     retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
2001-06-25 05:16:02 +00:00
Ben Lindstrom 980978639c - markus@cvs.openbsd.org 2001/06/23 19:12:43
[sshd.c]
     pidfile/sigterm race; bbraun@synack.net
2001-06-25 05:10:20 +00:00
Ben Lindstrom 2464322d7e - itojun@cvs.openbsd.org 2001/06/23 17:48:18
[sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
     kill whitespace at EOL.
2001-06-25 05:08:11 +00:00
Ben Lindstrom e586c4ce3f - markus@cvs.openbsd.org 2001/06/23 17:05:22
[ssh-keygen.c]
     fix import for (broken?) ssh.com/f-secure private keys
     (i tested > 1000 RSA keys)
2001-06-25 05:04:58 +00:00
Ben Lindstrom bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom 34f91883a6 - markus@cvs.openbsd.org 2001/06/23 06:41:10
[ssh-keygen.c]
     try to decode ssh-3.0.0 private rsa keys
     (allow migration to openssh, not vice versa), 
2001-06-25 04:47:54 +00:00
Ben Lindstrom 90fd060bc8 - deraadt@cvs.openbsd.org 2001/06/23 05:57:09
[sftp.1 sftp-server.8 ssh-keygen.1]
     ok, tmac is now fixed
2001-06-25 04:45:33 +00:00
Ben Lindstrom 5363aee8bd - markus@cvs.openbsd.org 2001/06/23 05:26:02
[key.c]
     handle sigature of size 0 (some broken clients send this).
2001-06-25 04:42:20 +00:00
Ben Lindstrom a4789ef878 - markus@cvs.openbsd.org 2001/06/23 03:04:42
[auth2.c auth-rh-rsa.c]
     restore correct ignore_user_known_hosts logic.
2001-06-25 04:40:49 +00:00
Ben Lindstrom 3c798d4743 - markus@cvs.openbsd.org 2001/06/23 03:03:59
[sshd.8]
     draft-ietf-secsh-dh-group-exchange-01.txt
2001-06-25 04:39:22 +00:00
Ben Lindstrom d6481ea49a - markus@cvs.openbsd.org 2001/06/23 02:34:33
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
      sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
     get rid of known_hosts2, use it for hostkey lookup, but do not
     modify.
2001-06-25 04:37:41 +00:00
Ben Lindstrom b710f788f1 - deraadt@cvs.openbsd.org 2001/06/23 02:33:05
[sftp.1 sftp-server.8 ssh-keygen.1]
     join .%A entries; most by bk@rt.fm
2001-06-25 04:32:38 +00:00
Ben Lindstrom 83647ce474 - markus@cvs.openbsd.org 2001/06/23 00:20:57
[auth2.c auth.c auth.h auth-rh-rsa.c]
     *known_hosts2 is obsolete for hostbased authentication and
     only used for backward compat. merge ssh1/2 hostkey check
     and move it to auth.c
2001-06-25 04:30:16 +00:00
Ben Lindstrom 7d5ed3a07b - deraadt@cvs.openbsd.org 2001/06/23 00:16:16
[scp.c]
     slightly better care
2001-06-25 04:28:30 +00:00
Ben Lindstrom 6ab6486273 - markus@cvs.openbsd.org 2001/06/22 23:35:21
[ssh.c]
     don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
2001-06-25 04:26:55 +00:00
Ben Lindstrom 488d8805f3 - markus@cvs.openbsd.org 2001/06/22 22:21:20
[sftp-server.c]
     allow long usernames/groups in readdir
2001-06-25 04:24:49 +00:00
Ben Lindstrom af7388046d - provos@cvs.openbsd.org 2001/06/22 21:57:59
[dh.c]
     increase linebuffer to deal with larger moduli; use rewind instead of
     close/open
2001-06-25 04:18:59 +00:00
Ben Lindstrom f96704d4ef - markus@cvs.openbsd.org 2001/06/22 21:55:49
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
      ssh-keygen.1]
     merge authorized_keys2 into authorized_keys.
     authorized_keys2 is used for backward compat.
     (just append authorized_keys2 to authorized_keys).
2001-06-25 04:17:12 +00:00
Ben Lindstrom ae1c51c208 - provos@cvs.openbsd.org 2001/06/22 21:28:53
[sshd.8]
     document /etc/moduli
2001-06-25 04:14:59 +00:00
Ben Lindstrom 93a29e046e - provos@cvs.openbsd.org 2001/06/22 21:27:08
[dh.c pathnames.h]
     use /etc/moduli instead of /etc/primes, okay markus@
2001-06-25 04:13:25 +00:00
Ben Lindstrom d2bf0d64d9 - mpech@cvs.openbsd.org 2001/06/22 10:17:51
[ssh.1 sshd.8 ssh-keyscan.1]
     o) .Sh AUTHOR -> .Sh AUTHORS;
     o) remove unnecessary .Pp;
     o) better -mdoc style;
     o) typo;
     o) sort SEE ALSO;

     aaron@ ok
2001-06-25 04:10:54 +00:00
Ben Lindstrom 07094e52e7 - markus@cvs.openbsd.org 2001/06/21 21:08:25
[session.c]
      don't reset forced_command (we allow multiple login shells in
      ssh2); dwd@bell-labs.com
2001-06-25 03:59:43 +00:00
Kevin Steves 824569537f - (stevesk) handle systems without pw_expire and pw_change. 2001-06-22 21:14:18 +00:00
Ben Lindstrom 601e43638e - markus@cvs.openbsd.org 2001/06/20 13:56:39
[channels.c channels.h clientloop.c packet.c serverloop.c]
     move from channel_stop_listening to channel_free_all,
     call channel_free_all before calling waitpid() in serverloop.
     fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
2001-06-21 03:19:23 +00:00
Ben Lindstrom 0a7ca6c7ba - markus@cvs.openbsd.org 2001/06/19 15:40:45
[session.c]
     allocate and free at the same level.
2001-06-21 03:17:42 +00:00
Ben Lindstrom 699776e9ec - markus@cvs.openbsd.org 2001/06/19 14:09:45
[session.c sshd.8]
     disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
2001-06-21 03:14:49 +00:00
Ben Lindstrom c85ab8afab - markus@cvs.openbsd.org 2001/06/19 12:34:09
[session.c]
     cleanup forced command handling, from dwd@bell-labs.com
2001-06-21 03:13:10 +00:00
Ben Lindstrom 3af4d4634f - markus@cvs.openbsd.org 2001/06/16 08:58:34
[misc.c]
     copy pw_expire and pw_change, too.
2001-06-21 03:11:27 +00:00
Ben Lindstrom 738f51e3df - markus@cvs.openbsd.org 2001/06/16 08:57:35
[scp.c]
     no stdio or exit() in signal handlers.
2001-06-21 03:08:58 +00:00
Ben Lindstrom 83417a86da - markus@cvs.openbsd.org 2001/06/16 08:50:39
[channels.h]
     bad //-style comment; thx to stevev@darkwing.uoregon.edu
2001-06-21 03:07:27 +00:00
Ben Lindstrom 352b1c2130 - markus@cvs.openbsd.org 2001/06/16 08:49:38
[misc.c]
     typo; dunlap@apl.washington.edu
2001-06-21 03:04:37 +00:00
Kevin Steves 805cf5a788 - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now 2001-06-15 04:23:12 +00:00
Kevin Steves 974fb9cf2f - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL
around grantpt().
2001-06-15 00:04:23 +00:00
Ben Lindstrom 7a83722577 - OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/06/13 09:10:31
     [session.c]
     typo, use pid not s->pid, mstone@cs.loyola.edu
2001-06-13 19:23:32 +00:00
Ben Lindstrom c51ae1bdaa - markus@cvs.openbsd.org 2001/06/12 21:30:57
[session.c]
     unused
2001-06-13 04:43:52 +00:00
Ben Lindstrom 2bcdf064d8 - markus@cvs.openbsd.org 2001/06/12 21:21:29
[session.c]
     remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
     we do already trust $HOME/.ssh
     you can use .ssh/sshrc and .ssh/environment if you want to customize
     the location of the xauth cookies
2001-06-13 04:41:41 +00:00
Ben Lindstrom 16d45b3952 - markus@cvs.openbsd.org 2001/06/12 16:11:26
[packet.c]
     do not log() packet_set_maxsize
2001-06-13 04:39:18 +00:00
Ben Lindstrom 49c126044d - markus@cvs.openbsd.org 2001/06/12 16:10:38
[session.c]
     merge ssh1/ssh2 tty msg parse and alloc code
2001-06-13 04:37:36 +00:00
Ben Lindstrom 7eaf8e4e26 - markus@cvs.openbsd.org 2001/06/12 10:58:29
[session.c]
     merge session_free into session_close()
     merge pty_cleanup_proc into session_pty_cleanup()
2001-06-13 04:35:43 +00:00
Ben Lindstrom 34a996877e - markus@cvs.openbsd.org 2001/06/11 16:04:38
[sshd.8]
     typo; bdubreuil@crrel.usace.army.mil
2001-06-12 00:23:12 +00:00
Ben Lindstrom 88259fbbc5 - markus@cvs.openbsd.org 2001/06/11 10:18:24
[session.c]
     reset pointer to NULL after xfree(); report from solar@openwall.com
2001-06-12 00:21:34 +00:00
Ben Lindstrom 0a0c3a63d0 - scp.c ID update (upstream synced vfsprintf() from us) 2001-06-12 00:15:57 +00:00
Ben Lindstrom 16c1bd6d09 - markus@cvs.openbsd.org 2001/06/10 11:29:20
[dispatch.c]
     we support rekeying
     protocol errors are fatal.
2001-06-12 00:12:56 +00:00
Ben Lindstrom 0b35572596 - (bal) Fixed Makefile.in so that 'configure; make install' works. 2001-06-10 17:43:35 +00:00
Ben Lindstrom d7d7da12ec - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t
types.  Patch by Jan IVEN <Jan.Iven@cern.ch>
2001-06-10 17:35:45 +00:00
Ben Lindstrom 68c3ce1075 - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller
<markm@swoon.net>
2001-06-10 17:24:51 +00:00
Ben Lindstrom d1aed9c057 - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c 2001-06-10 00:41:18 +00:00
Ben Lindstrom 9841b0a1ac - (bal) --with-catman should be --with-mantype patch by Dave
Dykstra <dwd@bell-labs.com>
2001-06-09 02:26:58 +00:00
Ben Lindstrom b30768f504 - (bal) ANSIify strmode() 2001-06-09 02:22:16 +00:00
Ben Lindstrom 23fec14710 - (bal) configure.in fix for Tru64 (forgeting to reset $LIB) 2001-06-09 02:16:28 +00:00
Ben Lindstrom 1bf11f6af7 - markus@cvs.openbsd.org 2001/06/08 15:25:40
[includes.h pathnames.h readconf.c servconf.c]
     move the path for xauth to pathnames.h
2001-06-09 01:48:01 +00:00
Ben Lindstrom 4d3f227699 - markus@cvs.openbsd.org 2001/06/07 22:25:02
[session.c]
     don't overwrite errno
     delay deletion of the xauth cookie
2001-06-09 01:44:07 +00:00
Ben Lindstrom 664408d2a7 - markus@cvs.openbsd.org 2001/06/07 20:23:05
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
      sshconnect.c sshconnect1.c]
     use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
Ben Lindstrom 9d0c06667e - markus@cvs.openbsd.org 2001/06/07 19:57:53
[auth2.c]
     style is used for bsdauth.
     disconnect on user/service change (ietf-drafts)
2001-06-09 01:40:00 +00:00
Ben Lindstrom 5acb5d03ed - markus@cvs.openbsd.org 2001/06/06 23:19:35
[ssh-add.c]
     remove debug message; Darren.Moffat@eng.sun.com
2001-06-09 01:38:24 +00:00
Ben Lindstrom c66d436f60 - markus@cvs.openbsd.org 2001/06/06 23:13:54
[ssh-dss.c ssh-rsa.c]
     cleanup, remove old code
2001-06-09 01:36:21 +00:00
Ben Lindstrom cb3929d1d9 - markus@cvs.openbsd.org 2001/06/05 16:46:19
[session.c]
     let session_close() delete the pty.  deny x11fwd if xauthfile is set.
2001-06-09 01:34:15 +00:00
Ben Lindstrom df4981bc31 - markus@cvs.openbsd.org 2001/06/05 10:24:32
[channels.c]
     don't delete the auth socket in channel_stop_listening()
     auth_sock_cleanup_proc() will take care of this.
2001-06-09 01:32:29 +00:00
Ben Lindstrom a238f6e834 - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39
[ssh-keyscan.1 ssh-keyscan.c]
     License clarification from David Mazieres, ok deraadt@
2001-06-09 01:30:39 +00:00
Ben Lindstrom 768176b240 - markus@cvs.openbsd.org 2001/06/04 23:16:16
[session.c]
     merge ssh1/2 x11-fwd setup, create listener after tmp-dir
2001-06-09 01:29:12 +00:00
Ben Lindstrom ec46e0b5fd - markus@cvs.openbsd.org 2001/06/04 23:07:21
[clientloop.c serverloop.c sshd.c]
     set flags in the signal handlers, do real work in the main loop,
     ok provos@
2001-06-09 01:27:31 +00:00
Ben Lindstrom 983c098311 - markus@cvs.openbsd.org 2001/06/04 21:59:43
[channels.c channels.h session.c]
     switch uid when cleaning up tmp files and sockets; reported by
     zen-parse@gmx.net on bugtraq
2001-06-09 01:20:06 +00:00
Ben Lindstrom 742e89ec5d - markus@cvs.openbsd.org 2001/06/03 20:06:11
[auth2-chall.c]
     the challenge response device decides how to handle non-existing
     users.
     -> fake challenges for skey and cryptocard
2001-06-09 01:17:23 +00:00
Ben Lindstrom 9cc9464613 - markus@cvs.openbsd.org 2001/06/03 19:38:42
[scp.c]
     pass -v to ssh; from slade@shore.net
2001-06-09 01:15:11 +00:00
Ben Lindstrom 2a097a4543 - markus@cvs.openbsd.org 2001/06/03 19:36:44
[ssh-keygen.1]
     1-2 bits of entrophy per character (not per word), ok stevesk@
2001-06-09 01:13:40 +00:00
Ben Lindstrom 838394ca26 - markus@cvs.openbsd.org 2001/06/03 14:55:39
[channels.c channels.h session.c]
     use fatal_register_cleanup instead of atexit, sync with x11 authdir
     handling
2001-06-09 01:11:59 +00:00
Ben Lindstrom c4b7225b8d - markus@cvs.openbsd.org 2001/05/31 13:08:04
[sshd_config]
     group options and add some more comments
2001-06-09 01:09:51 +00:00
Ben Lindstrom 3b670d09a8 - (bal) Ooops.. nchan.c resync from OpenBSD ssh Attic. 2001-06-09 00:57:39 +00:00
Ben Lindstrom a6fc91e86e - (bal) nchan.c CVS ID Update. 2001-06-09 00:44:44 +00:00
Ben Lindstrom e9c999137a - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged
out of ssh Attic)
2001-06-09 00:41:05 +00:00
Ben Lindstrom c763767f18 [NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
pain will be over.]
   - markus@cvs.openbsd.org 2001/05/31 10:30:17
     [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
      packet.c serverloop.c session.c ssh.c]
     undo the .c file split, just merge the header and keep the cvs
     history
2001-06-09 00:36:26 +00:00
Ben Lindstrom 5ec2645a2d - markus@cvs.openbsd.org 2001/05/30 15:20:10
[ssh.c]
     merge functions, simplify.
2001-06-09 00:18:51 +00:00
Ben Lindstrom e6455aee8f [NOTE: File split is was not done in Portabl Tree]
- markus@cvs.openbsd.org 2001/05/30 12:55:13
     [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
      packet.c serverloop.c session.c ssh.c ssh1.h]
     channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
Ben Lindstrom 2d0356f7de - markus@cvs.openbsd.org 2001/05/29 12:31:27
[authfile.c]
     typo
2001-06-05 21:13:57 +00:00
Ben Lindstrom 80c6d77085 - markus@cvs.openbsd.org 2001/05/28 23:58:35
[packet.c packet.h sshconnect.c sshd.c]
     remove some lines, simplify.
2001-06-05 21:09:18 +00:00
Ben Lindstrom 4c247550ae - markus@cvs.openbsd.org 2001/05/28 23:25:24
[channels.c]
     cleanup, typo
2001-06-05 20:56:47 +00:00
Ben Lindstrom c0dee1a148 - markus@cvs.openbsd.org 2001/05/28 23:14:49
[channels.c channels.h nchan.c]
     undo broken channel fix and try a different one. there
     should be still some select errors...
2001-06-05 20:52:50 +00:00
Ben Lindstrom a3828d4812 - markus@cvs.openbsd.org 2001/05/28 22:51:11
[cipher.c cipher.h]
     simpler 3des for ssh1
2001-06-05 20:50:16 +00:00
Ben Lindstrom 322915d5e4 - markus@cvs.openbsd.org 2001/05/28 10:08:55
[authfile.c]
     key_load_private: set comment to filename for PEM keys
2001-06-05 20:46:32 +00:00
Ben Lindstrom 3b89c5ef89 - markus@cvs.openbsd.org 2001/05/28 08:04:39
[ssh.c]
     fix usage()
2001-06-05 20:44:16 +00:00
Ben Lindstrom d78ae766de - markus@cvs.openbsd.org 2001/05/25 14:37:32
[ssh-keygen.c]
     use -P for -e and -y, too.
2001-06-05 20:35:09 +00:00
Ben Lindstrom 2b1f71baee - stevesk@cvs.openbsd.org 2001/05/24 18:57:53
[clientloop.c readconf.c ssh.c ssh.h]
     don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 20:32:21 +00:00
Ben Lindstrom 60567ff890 - markus@cvs.openbsd.org 2001/05/24 11:12:42
[auth.c]
     fix comment; from jakob@
2001-06-05 20:27:53 +00:00
Ben Lindstrom bfb3a0e973 - markus@cvs.openbsd.org 2001/05/20 17:20:36
[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
      sshd_config]
     configurable authorized_keys{,2} location; originally from peter@;
     ok djm@
2001-06-05 20:25:05 +00:00
Ben Lindstrom e259544876 - stevesk@cvs.openbsd.org 2001/05/19 19:57:09
[channels.c]
     typo in error message
2001-06-05 20:01:39 +00:00
Ben Lindstrom 1bda4c835e - stevesk@cvs.openbsd.org 2001/05/19 19:43:57
[misc.c misc.h servconf.c sshd.8 sshd.c]
     sshd command-line arguments and configuration file options that
     specify time may be expressed using a sequence of the form:
     time[qualifier], where time is a positive integer value and qualifier
     is one of the following:
         <none>,s,m,h,d,w
     Examples:
         600     600 seconds (10 minutes)
         10m     10 minutes
         1h30m   1 hour 30 minutes (90 minutes)
     ok markus@
2001-06-05 19:59:08 +00:00
Ben Lindstrom bd0e2de8e5 - markus@cvs.openbsd.org 2001/05/19 16:46:19
[ssh.1 sshd.8]
     document MACs defaults with .Dq
2001-06-05 19:52:52 +00:00
Ben Lindstrom 1bfe29151b - markus@cvs.openbsd.org 2001/05/19 16:32:16
[ssh.1 sshconnect2.c]
     change preferredauthentication order to
        publickey,hostbased,password,keyboard-interactive
     document that hostbased defaults to no, document order
2001-06-05 19:37:25 +00:00