summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 19:42:35Ben Lindstrom
[monitor.c] only allow enabled authentication methods; ok provos@
2002-06-06 - deraadt@cvs.openbsd.org 2002/06/03 12:04:07Ben Lindstrom
[ssh.h] compatiblity -> compatibility decriptor -> descriptor authentciated -> authenticated transmition -> transmission
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 13:20:50Ben Lindstrom
[ssh-rsa.c] pad received signature with leading zeros, because RSA_verify expects a signature of RSA_size. the drafts says the signature is transmitted unpadded (e.g. putty does not pad), reported by anakin@pobox.com
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 13:16:48Ben Lindstrom
[key.c] add comment: key_verify returns 1 for a correct signature, 0 for an incorrect signature and -1 on error.
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 11:35:15Ben Lindstrom
[auth.h auth2.c] move Authmethod definitons to per-method file. NOTE: The rest of this patch is with the import of the auth2-*.c files.
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 10:30:33Ben Lindstrom
[sshconnect2.c] extent ssh-keysign protocol: pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@
2002-06-06 - markus@cvs.openbsd.org 2002/05/30 08:07:31Ben Lindstrom
[cipher.c] use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of our own implementation. allow use of AES hardware via libcrypto, ok deraadt@
2002-06-06 - markus@cvs.openbsd.org 2002/05/29 11:21:57Ben Lindstrom
[sshd.c] don't start if privsep is enabled and SSH_PRIVSEP_USER or _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/29 03:06:30Ben Lindstrom
[ssh.1 sshd.8] spelling
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/28 21:24:00Ben Lindstrom
[uidswap.c] use correct function name in fatal() [See the patch above, I saw it before apply the next patch. <sigh>]
2002-06-06 - (bal) Corrected debug() in uidswap.c to match upstream.Ben Lindstrom
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/28 17:28:02Ben Lindstrom
[uidswap.c] format spec change/casts and some KNF; ok markus@
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/28 16:45:27Ben Lindstrom
[monitor_mm.c] print strerror(errno) on mmap/munmap error; ok markus@
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/26 20:35:10Ben Lindstrom
[ssh.1] sort ChallengeResponseAuthentication; ok markus@
2002-06-06 - markus@cvs.openbsd.org 2002/05/25 18:51:07Ben Lindstrom
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c Makefile.in] split auth2.c into one file per method; ok provos@/deraadt@ NOTE: Merged back noticable cygwin and pam stuff. May need review to ensure I did not miss anything.
2002-06-06 - markus@cvs.openbsd.org 2002/05/25 08:50:39Ben Lindstrom
[sshconnect2.c] execlp->execl; from stevesk
2002-06-06 - markus@cvs.openbsd.org 2002/05/24 08:45:14Ben Lindstrom
[sshconnect2.c] stat ssh-keysign first, print error if stat fails; some debug->error; fix comment
2002-06-06 - markus@cvs.openbsd.org 2002/05/23 19:39:34Ben Lindstrom
[ssh.c] add comment about ssh-keysign
2002-06-06 - markus@cvs.openbsd.org 2002/05/23 19:24:30Ben Lindstrom
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 - deraadt@cvs.openbsd.org 2002/05/22 23:18:25Ben Lindstrom
[ssh.c sshd.c] spelling; abishoff@arc.nasa.gov
2002-06-06 - deraadt@cvs.openbsd.org 2002/05/19 20:54:52Ben Lindstrom
[log.h] extra commas in enum not 100% portable
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/16 22:09:59Ben Lindstrom
[session.c ssh.c] don't limit xauth pathlen on client side and longer print length on server when debug; ok markus@
2002-06-06 - markus@cvs.openbsd.org 2002/05/16 22:02:50Ben Lindstrom
[cipher.c kex.h mac.c] fix warnings (openssl 0.9.7 requires const)
2002-06-06 - markus@cvs.openbsd.org 2002/05/15 21:56:38Ben Lindstrom
[servconf.c sshd.8 sshd_config] re-enable privsep and disable setuid for post-3.2.2
2002-06-04 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changedKevin Steves
setsockopt from debug to error for now).
2002-05-27[configure.ac.orig monitor_fdpass.c] Enahnce msghdr tests to addressTim Rice
build problem on Irix reported by Dave Love <d.love@dl.ac.uk>. Back out last monitor_fdpass.c changes that are no longer needed with new tests. Patch tested on Irix by Jan-Frode Myklebust <janfrode@parallab.uib.no>
2002-05-22unbreak (aaarrrgggh - stupid vi)Damien Miller
2002-05-22sync scard/Damien Miller
2002-05-22crank rpm spec versionsDamien Miller
2002-05-22Crank versionDamien Miller
(also missed changelog message)
2002-05-22rcsid syncDamien Miller
2002-05-22 fix spelling mistakes spotted by Solar Designer <solar@openwall.com>Damien Miller
2002-05-21 - (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups()Kevin Steves
2002-05-21 - (stevesk) [sshd.c] bug 245; disable setsid() for nowKevin Steves
2002-05-17[configure.ac] remove extra MD5_MSG="no" line.Tim Rice
2002-05-16p1Damien Miller
2002-05-15 - (bal) OpenBSD CVS SyncBen Lindstrom
- markus@cvs.openbsd.org 2002/05/15 21:05:29 [version.h] enter OpenSSH_3.2.2 - (bal) Caldara, Suse, and Redhat openssh.specs updated.
2002-05-15 - markus@cvs.openbsd.org 2002/05/15 21:02:53Ben Lindstrom
[servconf.c sshd.8 sshd_config] disable privsep and enable setuid for the 3.2.2 release
2002-05-15 - millert@cvs.openbsd.org 2002/05/06 23:34:33Ben Lindstrom
[ssh.1 sshd.8] Kill/adjust r(login|exec)d? references now that those are no longer in the tree.
2002-05-15 - deraadt@cvs.openbsd.org 2002/05/04 02:39:35Ben Lindstrom
[servconf.c sshd.8 sshd_config] enable privsep by default; provos ok (historical)
2002-05-15 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy.Ben Lindstrom
2002-05-15 - mouring@cvs.openbsd.org 2002/05/15 15:47:49Ben Lindstrom
[kex.c monitor.c monitor_wrap.c sshd.c] 'monitor' variable clashes with at least one lame platform (NeXT). i Renamed to 'pmonitor'. provos@ - (bal) Fixed up PAM case. I think.
2002-05-15 - markus@cvs.openbsd.org 2002/05/13 21:26:49Ben Lindstrom
[auth-rhosts.c] handle debug messages during rhosts-rsa and hostbased authentication; ok provos@
2002-05-15 - millert@cvs.openbsd.org 2002/05/13 15:53:19Ben Lindstrom
[sshd.c] Call setsid() in the child after sshd accepts the connection and forks. This is needed for privsep which calls setlogin() when it changes uids. Without this, there is a race where the login name of an existing connection, as returned by getlogin(), may be changed to the privsep user (sshd). markus@ OK
2002-05-15 - markus@cvs.openbsd.org 2002/05/13 20:44:58Ben Lindstrom
[auth-options.c auth.c auth.h] move the packet_send_debug handling from auth-options.c to auth.c; ok provos@
2002-05-15 - itojun@cvs.openbsd.org 2002/05/13 02:37:39Ben Lindstrom
[auth-skey.c auth2.c] less warnings. skey_{respond,query} are public (in auth.h)
2002-05-15 - stevesk@cvs.openbsd.org 2002/05/11 20:24:48Ben Lindstrom
[ssh.h] typo in comment
2002-05-15 - deraadt@cvs.openbsd.org 2002/05/08 21:06:34Ben Lindstrom
[ssh.h] move to sshd.sshd instead
2002-05-15 - deraadt@cvs.openbsd.org 2002/05/07 19:54:36Ben Lindstrom
[ssh.h] use ssh uid
2002-05-15 - (bal) CVS ID fix up on auth-passwd.cBen Lindstrom