Age | Commit message (Collapse) | Author |
|
[sshd.c]
setproctitle() after preauth child; ok markus@
|
|
|
|
it can be removed. only used on solaris. will no longer compile with
privsep shuffling.
|
|
|
|
|
|
platforms may need this--I'm not sure. mmap() issues will need to be
addressed further.
|
|
is missing CMSG_LEN() and CMSG_SPACE() macros.
|
|
|
|
descriptor passing
|
|
|
|
|
|
|
|
[clientloop.c]
remove unused, sync w/ cmdline patch in my tree.
|
|
[authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
Add PIN-protection for secret key.
|
|
[scard.c scard.h ssh-keygen.c]
Add PIN-protection for secret key.
|
|
[sshd.c]
add privsep_preauth() and remove 1 goto; ok provos@
|
|
[sshd_config]
add privsep (off)
|
|
[scard.c]
In sc_put_key(), sc_reader_id should be id.
|
|
[clientloop.c]
remove unused
|
|
[scard.c]
remove const
|
|
[scard.c]
make compile w/ openssl 0.9.7
|
|
[clientloop.c ssh.1]
add built-in command line for adding new port forwardings on the fly.
based on a patch from brian wellington. ok markus@.
|
|
[ssh-add.c]
ignore errors for nonexisting default keys in ssh-add,
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
Last patch was SUPPOSE to be:
- stevesk@cvs.openbsd.org 2002/03/20 21:08:08
[sshd.c]
strerror() on chdir() fail; ok provos@
But it got co-mingled. <sigh> Flog me at will.
|
|
[ssh-add.c]
ignore errors for nonexisting default keys in ssh-add,
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
|
|
[servconf.c servconf.h ssh.h sshd.c]
for unprivileged user, group do:
pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
|
|
[auth.c]
check for NULL; from provos@
|
|
[auth.c auth1.c auth2.c]
make getpwnamallow() allways call pwcopy()
|
|
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
|
|
[auth-options.c auth.h session.c session.h sshd.c]
clean up prototypes
|
|
[sftp-int.c]
use xfree() after xstrdup().
markus@ ok
|
|
[sshd.8]
Banner has no default.
|
|
[pathnames.h servconf.c servconf.h sshd.c]
_PATH_PRIVSEP_CHROOT_DIR; ok provos@
|
|
[servconf.c]
UnprivUser/UnprivGroup usable now--specify numeric user/group; ok
provos@
|
|
[sshd.8]
document UsePrivilegeSeparation
|
|
[sshd.8]
credits for privsep
|
|
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
|
|
[compress.c]
export compression streams for ssh-privsep
|
|
[bufaux.c bufaux.h]
buffer_skip_string and extra sanity checking; needed by ssh-privsep
|
|
[key.c key.h]
add key_demote() for ssh-privsep
|
|
[packet.c packet.h]
export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep
|
|
[cipher.c cipher.h]
export/import cipher states; needed by ssh-privsep
|
|
[auth.c session.c]
move auth_approval into getpwnamallow with help from millert@
|
|
[auth-krb4.c]
set client to NULL after xfree(), from Rolf Braun
<rbraun+ssh@andrew.cmu.edu>
|
|
[auth.h auth1.c auth2.c sshd.c]
have the authentication functions return the authentication context
and then do_authenticated; okay millert@
|
|
[auth.c auth.h auth1.c auth2.c]
getpwnamallow returns struct passwd * only if user valid; okay markus@
|
|
[auth-krb5.c]
BSD license. from Daniel Kouril via Dug Song. ok markus@
|
|
[auth-rh-rsa.c auth.h]
split auth_rhosts_rsa(), ok provos@
|
|
[compress.c]
skip inflateEnd if inflate fails; ok provos@
|
|
[auth.c]
fix file type checking (use S_ISREG). ok by markus
|
|
[auth-rh-rsa.c auth-rsa.c auth.h]
split auth_rsa() for better readability and privsep; ok provos@
|