Commit Graph

4112 Commits

Author SHA1 Message Date
Damien Miller f8c5546290 - jmc@cvs.openbsd.org 2005/03/01 14:55:23
[ssh_config.5]
     do not mark up punctuation;
     whitespace;
2005-03-02 12:03:05 +11:00
Damien Miller 36bf7dd184 - jmc@cvs.openbsd.org 2005/03/01 14:47:58
[ssh.1]
     remove some unneccesary macros;
     do not mark up punctuation;
2005-03-02 12:02:47 +11:00
Damien Miller 4b42d7f195 - djm@cvs.openbsd.org 2005/03/01 10:42:49
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
     add tools for managing known_hosts files with hashed hostnames, including
     hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 21:48:35 +11:00
Damien Miller db7b8171ee - djm@cvs.openbsd.org 2005/03/01 10:41:28
[ssh-keyscan.1 ssh-keyscan.c]
     option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@
2005-03-01 21:48:03 +11:00
Damien Miller e1776155d1 - djm@cvs.openbsd.org 2005/03/01 10:40:27
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
     [sshconnect.c sshd.8]
     add support for hashing host names and addresses added to known_hosts
     files, to improve privacy of which hosts user have been visiting; ok
     markus@ deraadt@
2005-03-01 21:47:37 +11:00
Damien Miller f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Damien Miller 1717fd422f - djm@cvs.openbsd.org 2005/02/28 00:54:10
[ssh_config.5]
     bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
     orion AT cora.nwra.com; ok markus@
2005-03-01 21:17:31 +11:00
Damien Miller 70a908ec89 - jmc@cvs.openbsd.org 2005/02/25 10:55:13
[sshd.8]
     add /etc/motd and $HOME/.hushlogin to FILES;
     from michael knudsen;
2005-03-01 21:17:09 +11:00
Damien Miller 64e8d44fbd - djm@cvs.openbsd.org 2005/02/20 22:59:06
[sftp.c]
     turn on ssh batch mode when in sftp batch mode, patch from
     jdmossh AT nand.net;
     ok markus@
2005-03-01 21:16:47 +11:00
Damien Miller 9b8073e1e0 - djm@cvs.openbsd.org 2005/02/18 03:05:53
[canohost.c]
     better error messages for getnameinfo failures; ok dtucker@
2005-03-01 21:16:18 +11:00
Damien Miller 3eb48b6245 - otto@cvs.openbsd.org 2005/02/16 09:56:44
[ssh.c]
     Better diagnostic if an identity file is not accesible. ok markus@ djm@
2005-03-01 21:15:46 +11:00
Darren Tucker dc8fc62103 - (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
binaries without the config files.  Primarily useful for packaging.
   Patch from phil at usc.edu.  ok djm@
2005-02-26 10:12:38 +11:00
Darren Tucker 3804903a09 - (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
   more.  Patch from vinschen at redhat.com.
2005-02-26 10:07:37 +11:00
Darren Tucker 34233830a1 - (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c]
Remove two obsolete Cygwin #ifdefs.  Patch from vinschen at redhat.com.
2005-02-26 10:04:28 +11:00
Damien Miller 848b993639 - (djm) [configure.ac] in_addr_t test needs sys/types.h too 2005-02-24 12:12:34 +11:00
Darren Tucker 2ea9b18918 - (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from
vinschen at redhat.com.
2005-02-22 17:57:13 +11:00
Darren Tucker 04cfbe04aa - (dtucker) [configure.ac] Missing comma in AIX section, somehow causes
unrelated platforms to be configured incorrectly.
2005-02-20 23:27:11 +11:00
Darren Tucker 8fe0794511 - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support.  Configure
   --with-audit=bsm to enable.  Patch originally from Sun Microsystems,
   parts by John R. Jackson.  ok djm@
2005-02-20 21:08:00 +11:00
Darren Tucker d9f88915a2 - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support.  Configure
   --with-audit=bsm to enable.  Patch originally from Sun Microsystems,
   parts by John R. Jackson.  ok djm@
2005-02-20 21:01:48 +11:00
Darren Tucker 3c774c52f3 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
compiler warnings on AIX.
2005-02-16 22:49:31 +11:00
Darren Tucker c97b01af62 - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic
authentication early enough to be available to PAM session modules when
   privsep=yes.  Patch from deengert at anl.gov, ok'ed in principle by Sam
   Hartman and similar to Debian's ssh-krb5 package.
2005-02-16 16:47:37 +11:00
Darren Tucker ca6e7a7e8b - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant
Unix; prevents problems relating to the location of -lresolv in the
   link order.
2005-02-16 16:19:17 +11:00
Darren Tucker a91f5ee618 - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined
by the system headers.
2005-02-16 14:20:06 +11:00
Darren Tucker 7a8619aebb Document the path to seed_rng better 2005-02-16 13:32:30 +11:00
Darren Tucker 7b48d25527 - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called
via mkstemp in some configurations.  ok djm@
2005-02-16 13:20:07 +11:00
Damien Miller ed462d9a45 write seed to temporary file and atomically rename into place; ok dtucker@ 2005-02-16 13:02:45 +11:00
Damien Miller 66df70c97d knf: function names at start of line 2005-02-16 13:01:28 +11:00
Darren Tucker e13eace522 IPv6 works on AIX5.1ML7 too. 2005-02-15 22:44:05 +11:00
Darren Tucker a39f83eeee - (dtucker) [loginrec.c] Add missing #include. 2005-02-15 22:19:28 +11:00
Darren Tucker 691d5235ca - (dtucker) [README.platform auth.c configure.ac loginrec.c
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
   on AIX where possible (see README.platform for details) and work around
   a misfeature of AIX's getnameinfo.  ok djm@
2005-02-15 21:45:57 +11:00
Darren Tucker f04c361675 - (dtucker) [config.sh.in] Collect oslevel -r too. 2005-02-15 21:26:32 +11:00
Darren Tucker 15af68f767 - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too. 2005-02-11 18:32:13 +11:00
Darren Tucker 1b6f2291e4 - (dtucker) [configure.ac] Tidy up configure --help output. 2005-02-11 16:11:49 +11:00
Darren Tucker 2f9573df71 - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the
--disable-etc-default-login configure option.
2005-02-10 22:28:54 +11:00
Darren Tucker 33370e0287 - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
the username to be passed to the passwd command when changing expired
   passwords.  ok djm@
2005-02-09 22:17:28 +11:00
Darren Tucker c7e38d59e9 - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir
paths.  ok djm@
2005-02-09 22:12:30 +11:00
Darren Tucker 92170a8626 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
disable_forwarding() from compat library. Prevent linker errrors trying
   to resolve it for binaries other than sshd.  ok djm@
2005-02-09 17:08:23 +11:00
Darren Tucker 96d4710e38 - dtucker@cvs.openbsd.org 2005/02/08 22:24:57
[sshd.c]
     Provide reason in error message if getnameinfo fails; ok markus@
2005-02-09 09:53:48 +11:00
Darren Tucker 5b53026f71 - dtucker@cvs.openbsd.org 2005/01/30 11:18:08
[monitor.c]
     Make code match intent; ok djm@
2005-02-09 09:52:17 +11:00
Darren Tucker 43d8e28763 - jmc@cvs.openbsd.org 2005/01/28 18:14:09
[ssh_config.5]
     wording;
     ok markus@
2005-02-09 09:51:08 +11:00
Darren Tucker 79a7acfebd - jmc@cvs.openbsd.org 2005/01/28 15:05:43
[ssh_config.5]
     grammar;
2005-02-09 09:48:57 +11:00
Darren Tucker 3f166dfcb5 - dtucker@cvs.openbsd.org 2005/01/28 09:45:53
[ssh_config]
     Make it clear that the example entries in ssh_config are only some of the
     commonly-used options and refer the user to ssh_config(5) for more
     details; ok djm@
2005-02-09 09:46:47 +11:00
Darren Tucker 2e0cf0dca2 - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
   defines and enums with SSH_ to prevent namespace collisions on some
   platforms (eg AIX).
2005-02-08 21:52:47 +11:00
Darren Tucker b4d3012d2e - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings. 2005-02-08 21:06:55 +11:00
Darren Tucker feb6f7f244 - (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the
regress tests so newer versions of GNU head(1) behave themselves.  Patch
   by djm, so ok me.
2005-02-08 20:17:17 +11:00
Darren Tucker 40d9a63788 - (dtucker) [auth.c] Fix parens in audit log check. 2005-02-04 15:19:44 +11:00
Darren Tucker 598ba7b5e2 - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too. 2005-02-04 15:05:08 +11:00
Darren Tucker 6dce99142b typo 2005-02-03 15:07:37 +11:00
Darren Tucker b15931ae5b - (dtucker) [added audit.c audit.h] Bug #125: (first stage) Add audit
instrumentation to sshd, currently disabled by default.  with suggestions
   from and djm@
2005-02-03 00:37:14 +11:00
Darren Tucker 269a1ea1c8 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
   (first stage) Add audit instrumentation to sshd, currently disabled by
   default.  with suggestions from and djm@
2005-02-03 00:20:53 +11:00