Damien Miller
f8c5546290
- jmc@cvs.openbsd.org 2005/03/01 14:55:23
...
[ssh_config.5]
do not mark up punctuation;
whitespace;
2005-03-02 12:03:05 +11:00
Damien Miller
36bf7dd184
- jmc@cvs.openbsd.org 2005/03/01 14:47:58
...
[ssh.1]
remove some unneccesary macros;
do not mark up punctuation;
2005-03-02 12:02:47 +11:00
Damien Miller
4b42d7f195
- djm@cvs.openbsd.org 2005/03/01 10:42:49
...
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 21:48:35 +11:00
Damien Miller
db7b8171ee
- djm@cvs.openbsd.org 2005/03/01 10:41:28
...
[ssh-keyscan.1 ssh-keyscan.c]
option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@
2005-03-01 21:48:03 +11:00
Damien Miller
e1776155d1
- djm@cvs.openbsd.org 2005/03/01 10:40:27
...
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@
2005-03-01 21:47:37 +11:00
Damien Miller
f91ee4c3de
- djm@cvs.openbsd.org 2005/03/01 10:09:52
...
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Damien Miller
1717fd422f
- djm@cvs.openbsd.org 2005/02/28 00:54:10
...
[ssh_config.5]
bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
orion AT cora.nwra.com; ok markus@
2005-03-01 21:17:31 +11:00
Damien Miller
70a908ec89
- jmc@cvs.openbsd.org 2005/02/25 10:55:13
...
[sshd.8]
add /etc/motd and $HOME/.hushlogin to FILES;
from michael knudsen;
2005-03-01 21:17:09 +11:00
Damien Miller
64e8d44fbd
- djm@cvs.openbsd.org 2005/02/20 22:59:06
...
[sftp.c]
turn on ssh batch mode when in sftp batch mode, patch from
jdmossh AT nand.net;
ok markus@
2005-03-01 21:16:47 +11:00
Damien Miller
9b8073e1e0
- djm@cvs.openbsd.org 2005/02/18 03:05:53
...
[canohost.c]
better error messages for getnameinfo failures; ok dtucker@
2005-03-01 21:16:18 +11:00
Damien Miller
3eb48b6245
- otto@cvs.openbsd.org 2005/02/16 09:56:44
...
[ssh.c]
Better diagnostic if an identity file is not accesible. ok markus@ djm@
2005-03-01 21:15:46 +11:00
Darren Tucker
dc8fc62103
- (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
...
binaries without the config files. Primarily useful for packaging.
Patch from phil at usc.edu. ok djm@
2005-02-26 10:12:38 +11:00
Darren Tucker
3804903a09
- (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
...
Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
more. Patch from vinschen at redhat.com.
2005-02-26 10:07:37 +11:00
Darren Tucker
34233830a1
- (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c]
...
Remove two obsolete Cygwin #ifdefs. Patch from vinschen at redhat.com.
2005-02-26 10:04:28 +11:00
Damien Miller
848b993639
- (djm) [configure.ac] in_addr_t test needs sys/types.h too
2005-02-24 12:12:34 +11:00
Darren Tucker
2ea9b18918
- (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from
...
vinschen at redhat.com.
2005-02-22 17:57:13 +11:00
Darren Tucker
04cfbe04aa
- (dtucker) [configure.ac] Missing comma in AIX section, somehow causes
...
unrelated platforms to be configured incorrectly.
2005-02-20 23:27:11 +11:00
Darren Tucker
8fe0794511
- (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
...
defines.h] Bug #125 : Add *EXPERIMENTAL* BSM audit support. Configure
--with-audit=bsm to enable. Patch originally from Sun Microsystems,
parts by John R. Jackson. ok djm@
2005-02-20 21:08:00 +11:00
Darren Tucker
d9f88915a2
- (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
...
defines.h] Bug #125 : Add *EXPERIMENTAL* BSM audit support. Configure
--with-audit=bsm to enable. Patch originally from Sun Microsystems,
parts by John R. Jackson. ok djm@
2005-02-20 21:01:48 +11:00
Darren Tucker
3c774c52f3
- (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
...
compiler warnings on AIX.
2005-02-16 22:49:31 +11:00
Darren Tucker
c97b01af62
- (dtucker) [session.c] Bug #918 : store credentials from gssapi-with-mic
...
authentication early enough to be available to PAM session modules when
privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam
Hartman and similar to Debian's ssh-krb5 package.
2005-02-16 16:47:37 +11:00
Darren Tucker
ca6e7a7e8b
- (dtucker) [configure.ac] Bug #893 : check for libresolv early on Reliant
...
Unix; prevents problems relating to the location of -lresolv in the
link order.
2005-02-16 16:19:17 +11:00
Darren Tucker
a91f5ee618
- (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined
...
by the system headers.
2005-02-16 14:20:06 +11:00
Darren Tucker
7a8619aebb
Document the path to seed_rng better
2005-02-16 13:32:30 +11:00
Darren Tucker
7b48d25527
- (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called
...
via mkstemp in some configurations. ok djm@
2005-02-16 13:20:07 +11:00
Damien Miller
ed462d9a45
write seed to temporary file and atomically rename into place; ok dtucker@
2005-02-16 13:02:45 +11:00
Damien Miller
66df70c97d
knf: function names at start of line
2005-02-16 13:01:28 +11:00
Darren Tucker
e13eace522
IPv6 works on AIX5.1ML7 too.
2005-02-15 22:44:05 +11:00
Darren Tucker
a39f83eeee
- (dtucker) [loginrec.c] Add missing #include.
2005-02-15 22:19:28 +11:00
Darren Tucker
691d5235ca
- (dtucker) [README.platform auth.c configure.ac loginrec.c
...
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835 : enable IPv6
on AIX where possible (see README.platform for details) and work around
a misfeature of AIX's getnameinfo. ok djm@
2005-02-15 21:45:57 +11:00
Darren Tucker
f04c361675
- (dtucker) [config.sh.in] Collect oslevel -r too.
2005-02-15 21:26:32 +11:00
Darren Tucker
15af68f767
- (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too.
2005-02-11 18:32:13 +11:00
Darren Tucker
1b6f2291e4
- (dtucker) [configure.ac] Tidy up configure --help output.
2005-02-11 16:11:49 +11:00
Darren Tucker
2f9573df71
- (dtucker) [configure.ac] Bug #919 : Provide visible feedback for the
...
--disable-etc-default-login configure option.
2005-02-10 22:28:54 +11:00
Darren Tucker
33370e0287
- (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
...
the username to be passed to the passwd command when changing expired
passwords. ok djm@
2005-02-09 22:17:28 +11:00
Darren Tucker
c7e38d59e9
- (dtucker) [configure.ac] Bug #854 : prepend pwd to relative --with-ssl-dir
...
paths. ok djm@
2005-02-09 22:12:30 +11:00
Darren Tucker
92170a8626
- (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
...
disable_forwarding() from compat library. Prevent linker errrors trying
to resolve it for binaries other than sshd. ok djm@
2005-02-09 17:08:23 +11:00
Darren Tucker
96d4710e38
- dtucker@cvs.openbsd.org 2005/02/08 22:24:57
...
[sshd.c]
Provide reason in error message if getnameinfo fails; ok markus@
2005-02-09 09:53:48 +11:00
Darren Tucker
5b53026f71
- dtucker@cvs.openbsd.org 2005/01/30 11:18:08
...
[monitor.c]
Make code match intent; ok djm@
2005-02-09 09:52:17 +11:00
Darren Tucker
43d8e28763
- jmc@cvs.openbsd.org 2005/01/28 18:14:09
...
[ssh_config.5]
wording;
ok markus@
2005-02-09 09:51:08 +11:00
Darren Tucker
79a7acfebd
- jmc@cvs.openbsd.org 2005/01/28 15:05:43
...
[ssh_config.5]
grammar;
2005-02-09 09:48:57 +11:00
Darren Tucker
3f166dfcb5
- dtucker@cvs.openbsd.org 2005/01/28 09:45:53
...
[ssh_config]
Make it clear that the example entries in ssh_config are only some of the
commonly-used options and refer the user to ssh_config(5) for more
details; ok djm@
2005-02-09 09:46:47 +11:00
Darren Tucker
2e0cf0dca2
- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
...
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
defines and enums with SSH_ to prevent namespace collisions on some
platforms (eg AIX).
2005-02-08 21:52:47 +11:00
Darren Tucker
b4d3012d2e
- (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings.
2005-02-08 21:06:55 +11:00
Darren Tucker
feb6f7f244
- (dtucker) [regress/test-exec.sh] Bug #912 : Set _POSIX2_VERSION for the
...
regress tests so newer versions of GNU head(1) behave themselves. Patch
by djm, so ok me.
2005-02-08 20:17:17 +11:00
Darren Tucker
40d9a63788
- (dtucker) [auth.c] Fix parens in audit log check.
2005-02-04 15:19:44 +11:00
Darren Tucker
598ba7b5e2
- (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too.
2005-02-04 15:05:08 +11:00
Darren Tucker
6dce99142b
typo
2005-02-03 15:07:37 +11:00
Darren Tucker
b15931ae5b
- (dtucker) [added audit.c audit.h] Bug #125 : (first stage) Add audit
...
instrumentation to sshd, currently disabled by default. with suggestions
from and djm@
2005-02-03 00:37:14 +11:00
Darren Tucker
269a1ea1c8
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
...
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125 :
(first stage) Add audit instrumentation to sshd, currently disabled by
default. with suggestions from and djm@
2005-02-03 00:20:53 +11:00