Age | Commit message (Collapse) | Author |
|
- markus@cvs.openbsd.org 2003/11/20 11:39:28
[progressmeter.c]
fix rounding errors; from andreas@
|
|
[monitor.c]
unbreak fake authloop for non-existent users (my screwup). Spotted and
tested by dtucker@; ok markus@
|
|
- dtucker@cvs.openbsd.org 2003/11/18 00:40:05
[serverloop.c]
Correct check for authctxt->valid. ok djm@
|
|
|
|
and use it for do_pam_session. Fixes problems like pam_motd not displaying
anything. ok djm@
|
|
PermitRootLogin=no
|
|
[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h sshconnect2.c ssh-gss.h]
replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
test + ok jakob.
|
|
parent. Part of Bug #717
|
|
conversation function
|
|
[msg.c msg.h sshconnect2.c ssh-keysign.c]
return error on msg send/receive failure (rather than fatal); ok markus@
|
|
[sshconnect2.c]
cleanup and minor fixes for the client code; from Simon Wilkinson
|
|
[ssh_config.5]
make verb agree with subject, and kill some whitespace;
|
|
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
update SSHFP validation. ok markus@
|
|
[scp.c]
When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
|
|
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
[key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
[ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
constify. ok markus@ & djm@
|
|
[sftp-int.c]
typos from Jonathon Gray;
|
|
[auth1.c]
remove unused variable (pw). ok djm@
(id sync only - still used in portable)
|
|
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
[auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
[session.c]
standardise arguments to auth methods - they should all take authctxt.
check authctxt->valid rather then pw != NULL; ok markus@
|
|
[sshconnect.c]
do not free static type pointer in warn_changed_key()
|
|
[sshconnect.c]
move changed key warning into warn_changed_key(). ok markus@
|
|
- djm@cvs.openbsd.org 2003/11/03 09:03:37
[auth-chall.c]
make this a little more idiot-proof; ok markus@
(includes portable-specific changes)
|
|
HP-UX, skip test on AIX.
|
|
PAM_ERROR_MSG messages.
|
|
contrib/cygwin). Major update from vinschen at redhat.com.
- Makefile provides a `cygwin-postinstall' target to run right after
`make install'.
- Better support for Windows 2003 Server.
- Try to get permissions as correct as possible.
- New command line options to allow full automated host configuration.
- Create configs from skeletons in /etc/defaults/etc.
- Use /bin/bash, allows reading user input with readline support.
- Remove really old configs from /usr/local.
|
|
pam_chauthtok_conv().
|
|
|
|
|
|
[auth2-gss.c compat.c compat.h sshconnect2.c]
remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
|
|
[misc.c]
error->debug for getsockopt+TCP_NODELAY; several requests
|
|
[sshconnect2.c]
rename 'supported' static var in userauth_gssapi() to 'gss_supported'
to avoid shadowing the global version. markus@ ok
|
|
[auth2-gss.c]
make sure the doid is larger than 2
|
|
[monitor_wrap.c]
check pmonitor != NULL
|
|
are created correctly with CRLF line terminations. Patch from vinschen at
redhat.com.
|
|
|
|
make agent setgid during test.
|
|
directly. Noted by Darren.Moffat at sun.com.
|
|
MD5 passwords even if PAM support is enabled. From steev at detritus.net.
|
|
|
|
|
|
|
|
openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
compiled in but disabled in config.
|
|
[session.c ssh-agent.c]
10X for mkdtemp; djm@
|
|
[README.dns]
update
Resynced with OpenBSD too: DNSFP support is now always compiled in
so the configure support (and documentation thereof) can go away.
|
|
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
include SSHFP lookup code (not enabled by default). ok markus@
|
|
[scp.1 sftp.1]
don't refer to options related to forwarding; ok jmc@
|
|
[ssh_config.5]
note that EnableSSHKeySign should be in the non-hostspecific section;
remove unnecessary .Pp;
ok markus@
|
|
[monitor_wrap.c]
return NULL for missing banner; ok djm@
|
|
[sshconnect2.c]
search keys in reverse order; fixes #684
|
|
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
|
|
[readconf.c ssh_config.5]
default GSS API to no in client, too; ok jakob, deraadt@
|