Age | Commit message (Collapse) | Author |
|
|
|
[version.h]
3.6.1
|
|
[compat.c compat.h kex.c]
bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
tested by ho@ and myself
|
|
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
|
|
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
[scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
[ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
- killed whitespace
- new sentence new line
- .Bk for arguments
ok markus@
|
|
|
|
- deraadt@cvs.openbsd.org 2003/03/26 04:02:51
[sftp-server.c]
one last fix to the tree: race fix broke stuff; pr 3169;
srp@srparish.net, help from djm
|
|
Arnd Bergmann <arndb@de.ibm.com>
|
|
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
|
|
- markus@cvs.openbsd.org 2003/03/23 19:02:00
[monitor.c]
unbreak rekeying for privsep; ok millert@
|
|
|
|
with SIA. Also, clean up of tru64 support patch by Chris Adams
<cmadams@hiwaay.net>
|
|
guessing rules)
|
|
|
|
|
|
|
|
|
|
[version.h]
enter 3.6
|
|
- markus@cvs.openbsd.org 2003/03/17 10:38:38
[progressmeter.c]
don't print \n if backgrounded; from ho@
|
|
add nanosleep(). testing/corrections by Darren Tucker <dtucker@zip.com.au>
|
|
Steve G <linux_4ever@yahoo.com>
|
|
[ssh-agent.c]
ssh-agent is similar to ssh-keysign (allows other processes to use
private rsa keys). however, it gets key over socket and not from
a file, so we have to do blinding here as well.
|
|
- markus@cvs.openbsd.org 2003/03/13 11:42:19
[authfile.c ssh-keysign.c]
move RSA_blinding_on to generic key load method
|
|
|
|
|
|
dtucker@zip.com.au
|
|
CLOUSEAU
|
|
- markus@cvs.openbsd.org 2003/03/05 22:33:43
[channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c]
[sftp-server.c ssh-add.c sshconnect2.c]
fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
|
|
|
|
|
|
tinderbox
|
|
|
|
From vinschen@redhat.com
|
|
|
|
|
|
fix from dtucker@zip.com.au
|
|
|
|
[auth-krb4.c]
...sizeof(&adat.session) is not good here.
henning@, deraadt@, millert@
|
|
[servconf.c]
print sshd_config filename in debug2 mode.
|
|
[monitor.c monitor_wrap.c]
fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@
|
|
[kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c]
split kex into client and server code, no need to link
server code into the client; ok provos@
|
|
[crc32.c crc32.h]
replace crc32.c with a BSD licensed version; noted by David Turner
|
|
[key.c key.h ssh-dss.c ssh-rsa.c]
merge ssh-dss.h ssh-rsa.h into key.h; ok deraadt@
|
|
[ssh-add.1]
xref sshd_config.5 (not sshd.8); mark@summersault.com; bug #490
|
|
[auth1.c auth2.c]
undo broken fix for #387, fixes #486
|
|
[sftp-server.c]
fix races in rename/symlink; from Tony Finch; ok djm@
|
|
[ssh.c ssh_config.5]
support 'ProxyCommand none'; bugzilla #433; binder@arago.de; ok djm@
|
|
[session.c]
missing call to setproctitle() after authentication; ok provos@
|
|
[readconf.c]
simplify ProxyCommand parsing, remove strcat/xrealloc; ok henning@, djm@
|
|
[monitor.c monitor_wrap.c]
skey/bsdauth: use 0 to indicate failure instead of -1, because
the buffer API only supports unsigned ints.
|