Age | Commit message (Collapse) | Author |
|
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
|
|
[gss-serv-krb5.c]
fix function declaration
|
|
[auth1.c auth2.c]
bz#899: Don't display invalid usernames in setproctitle
|
|
- markus@cvs.openbsd.org 2004/07/21 08:56:12
[auth.c]
s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
miod, ...
|
|
that sshd is fixed to behave better; suggested by tim
|
|
peak AT argo.troja.mff.cuni.cz
|
|
to syslog; from peak AT argo.troja.mff.cuni.cz
|
|
Report by rac AT tenzing.org
|
|
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
|
|
ok dtucker@
|
|
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
Move "Last logged in at.." message generation to the monitor, right
before recording the new login. Fixes missing lastlog message when
/var/log/lastlog is not world-readable and incorrect datestamp when
multiple sessions are used (bz #463); much assistance & ok markus@
|
|
[ssh-keyscan.1]
Fix incorrect macro, .I -> .Em
From: Eric S. Raymond <esr at thyrsus dot com>
ok jmc@
|
|
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
|
|
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
|
|
the monitor to properly clean up the PAM thread (Debian bug #252676).
|
|
vinschen AT redhat.com
|
|
[scp.c]
Prevent scp from skipping the file following a double-error.
bz #863, ok markus@
|
|
[monitor_wrap.c]
Put s/key functions inside #ifdef SKEY same as monitor.c,
from des@freebsd via bz #330, ok markus@
|
|
[sshlogin.c] (RCSID sync only, the corresponding code is not in Portable)
Use '\0' not 0 for string; ok djm@, deraadt@
|
|
strube at physik3.gwdg.de a long time ago.
|
|
the same version. Handle the case where someone uses --with-privsep-user=
and the user name does not match the group name. ok dtucker@
|
|
to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@
|
|
warnings on compliant platforms. From paul.a.bolton at bt.com. ok djm@
|
|
Ensures messages from PAM modules are displayed when privsep=no.
Note: I did not want to just move display_loginmsg since that would change
existing behaviour (order of expiry warnings, "Last Login", motd) to less
like the native tools.
|
|
[session.c]
unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
|
|
[sshd.c]
initialise some fd variables to -1, djm@ ok
|
|
[sshd_config.5]
new sentence, new line;
|
|
[ssh_config.5]
punctuation and grammar fixes. also, keep the options in order.
|
|
- jmc@cvs.openbsd.org 2004/06/26 09:03:21
[ssh.1]
- remove double word
- rearrange .Bk to keep SYNOPSIS nice
- -M before -m in options description
|
|
appdata_ptr to the conversation function. ok djm@
By rights we should free the messages too, but if this happens then one
of the modules has already proven itself to be buggy so can we trust
the messages?
|
|
|
|
rename handling for Linux which returns EPERM for link() on (at least some)
filesystems that do not support hard links. sftp-server will fall back to
stat+rename() in such cases.
|
|
|
|
|
|
|
|
[sftp.c]
bz #875: fix bad escape char error message; reported by f_mohr AT yahoo.de
|
|
- djm@cvs.openbsd.org 2004/06/25 18:43:36
[sshd.c]
fix broken fd handling in the re-exec fallback path, particularly when
/dev/crypto is in use; ok deraadt@ markus@
|
|
[sftp-server.c]
Fall back to stat+rename if filesystem doesn't doesn't support hard
links. bz#823, ok djm@
|
|
|
|
Add closefrom() for platforms that don't have it.
(might need some tuning later, but I want to be able to test reexec).
|
|
[regress/test-exec.sh]
clean reexec-specific junk out of text-exec.sh and simplify; idea markus@
|
|
[regress/Makefile regress/test-exec.sh, added regress/reexec.sh]
regress test for re-exec corner cases
|
|
[sshd.c]
only perform tcp wrappers checks when the incoming connection is on a
socket. silences useless warnings from regress tests that use
proxycommand="sshd -i". prompted by david@ ok markus@
|
|
[servconf.c servconf.h sshd.c]
re-exec sshd on accept(); initial work, final debugging and ok markus@
|
|
[ssh.c]
Fix counting in master/slave when passing environment variables; ok djm@
|
|
[rijndael.c]
-Wshadow fix up s/encrypt/do_encrypt/. OK djm@, markus@
|
|
reference to "findssl.sh"
Also corrected my ChangeLog entries since I placed them in the wrong place.
|
|
|
|
Move loginrestrictions test to port-aix.c, replace with a generic hook.
|
|
|