summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2001-01-17 - (djm) Avoid warning in PAM code by making read_passphrase arguments constDamien Miller
2001-01-17 - (djm) Make PAM support optional, enable with --with-pamDamien Miller
- (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which provides a crypt() of its own) - (djm) Avoid a warning in bsd-bindresvport.c - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This can cause weird segfaults errors on Solaris
2001-01-17- (djm) Only write random seed file at exitDamien Miller
2001-01-15 - (bal) utimes() support via utime() interface on machine that lack utimes().Ben Lindstrom
2001-01-1520010115Ben Lindstrom
- (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
2001-01-14 - (stevesk) complete:Kevin Steves
- markus@cvs.openbsd.org 2001/01/13 11:56:48 [auth.c sshd.8] support supplementary group in {Allow,Deny}Groups from stevesk@pobox.com
2001-01-14 - (stevesk) initial work for OpenBSD "support supplementary group inKevin Steves
{Allow,Deny}Groups" patch: - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c) - add bsd-getgrouplist.h - new files groupaccess.[ch] - build but don't use yet (need to merge auth.c changes)
2001-01-1120010112Ben Lindstrom
- (bal) OpenBSD Sync - markus@cvs.openbsd.org 2001/01/10 22:56:22 [bufaux.h bufaux.c sftp-server.c sftp.h getput.h] cleanup sftp-server implementation: add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT parse SSH2_FILEXFER_ATTR_EXTENDED send SSH2_FX_EOF if readdir returns no more entries reply to SSH2_FXP_EXTENDED message use #defines from the draft move #definations to sftp.h more info: http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt - markus@cvs.openbsd.org 2001/01/10 19:43:20 [sshd.c] XXX - generate_empheral_server_key() is not safe against races, because it calls log() - markus@cvs.openbsd.org 2001/01/09 21:19:50 [packet.c] allow TCP_NDELAY for ipv6; from netbsd via itojun@
2001-01-1020010110Damien Miller
- (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from Bladt Norbert <Norbert.Bladt@adi.ch>
2001-01-09 - (stevesk) defines.h: remove spurious ``;''Kevin Steves
2001-01-09 - (stevesk) sshd_config: syncKevin Steves
2001-01-09Real remove of the news4-posix.h .. Too bad I can't do the sameBen Lindstrom
to next-posix.h yet.
2001-01-09 - (bal) Detect if clock_t structure exists, if not define it.Ben Lindstrom
- (bal) Detect if O_NONBLOCK exists, if not define it. - (bal) removed news4-posix.h (now empty) - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t' instead of 'int'
2001-01-09 - (bal) OpenBSD SyncBen Lindstrom
- markus@cvs.openbsd.org 2001/01/08 22:29:05 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8 sshd_config version.h] implement option 'Banner /etc/issue.net' for ssh2, move version to 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner is enabled). - markus@cvs.openbsd.org 2001/01/08 22:03:23 [channels.c ssh-keyscan.c] O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/08 21:55:41 [sshconnect1.c] more cleanups and fixes from stevesk@pobox.com: 1) try_agent_authentication() for loop will overwrite key just allocated with key_new(); don't alloc 2) call ssh_close_authentication_connection() before exit try_agent_authentication() 3) free mem on bad passphrase in try_rsa_authentication() - markus@cvs.openbsd.org 2001/01/08 21:48:17 [kex.c] missing free; thanks stevesk@pobox.com
2001-01-08 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATEKevin Steves
code.
2001-01-0820010109Ben Lindstrom
- (bal) Resync CVS ID of cli.c
2001-01-08Updated TODO to reflect that sftp-server should be fixed to supportBen Lindstrom
32bits int if 64bits don't exist.
2001-01-0820010108Ben Lindstrom
- (bal) Fixed another typo in cli.c - (bal) OpenBSD Sync - markus@cvs.openbsd.org 2001/01/07 21:26:55 [cli.c] typo - markus@cvs.openbsd.org 2001/01/07 21:26:55 [cli.c] missing free, stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/07 19:06:25 [auth1.c] missing free, stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/07 11:28:04 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h sshd.8 sshd.c] rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE syslog priority changes: fatal() LOG_ERR -> LOG_CRIT log() LOG_INFO -> LOG_NOTICE
2001-01-07complete sshd -g manpage default mergeKevin Steves
2001-01-07complete _PATH_BSHELL mergeKevin Steves
2001-01-0620010107Ben Lindstrom
- (bal) OpenBSD Sync - markus@cvs.openbsd.org 2001/01/06 11:23:27 [ssh-rsa.c] remove unused - itojun@cvs.openbsd.org 2001/01/05 08:23:29 [ssh-keyscan.1] missing .El - markus@cvs.openbsd.org 2001/01/04 22:41:03 [session.c sshconnect.c] consistent use of _PATH_BSHELL; from stevesk@pobox.com - djm@cvs.openbsd.org 2001/01/04 22:35:32 [ssh.1 sshd.8] Mention AES as available SSH2 Cipher; ok markus - markus@cvs.openbsd.org 2001/01/04 22:25:58 [sshd.c] sync usage()/man with defaults; from stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/04 22:21:26 [sshconnect2.c] handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server that prints a banner (e.g. /etc/issue.net)
2001-01-05 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()Ben Lindstrom
2001-01-0420010105Ben Lindstrom
- (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
2001-01-05Jim Knoble has changed his email addressDamien Miller
2001-01-04 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based onDamien Miller
work by Chris Vaughan <vaughan99@yahoo.com>
2001-01-03 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>Ben Lindstrom
- (bal) Disable sftp-server if no 64bit int support exists. Based on patch by Tim Rice <tim@multitalents.net> - (bal) Makefile.in changes to uninstall: target to remove sftp-server and sftp-server.8 manpage.
2001-01-03 - (bal) authfile.c: Synced CVS ID tagBen Lindstrom
2001-01-0320010103Ben Lindstrom
- (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD tree (mainly positioning) - (bal) OpenSSH CVS Update - markus@cvs.openbsd.org 2001/01/02 20:41:02 [packet.c] log remote ip on disconnect; PR 1600 from jcs@rt.fm - markus@cvs.openbsd.org 2001/01/02 20:50:56 [sshconnect.c] strict_host_key_checking for host_status != HOST_CHANGED && ip_status == HOST_CHANGED
2001-01-0220010102Ben Lindstrom
- (bal) OpenBSD CVS Update - markus@cvs.openbsd.org 2001/01/01 14:52:49 [scp.c] use shared fatal(); from stevesk@pobox.com
2000-12-31 - (bal) Reverted out of a partial NeXT patch.Ben Lindstrom
2000-12-3120001231Ben Lindstrom
- (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS. for multiple reasons.
2000-12-30<Whistle> Umm.. Made a minor mistake put -o instead of -c in .c.o section.Ben Lindstrom
Wonder why I did not catch it during the test compile on TWO different platforms!
2000-12-30 - (bal) OpenBSD CVS UpdateBen Lindstrom
- markus@cvs.openbsd.org 2000/12/29 22:19:13 [channels.c] missing xfree; from vaughan99@yahoo.com
2000-12-29 - (bal) Add in '.c.o' section to Makefile.in to address make programs thatBen Lindstrom
don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-12-29 - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination.Ben Lindstrom
Suggested by Christian Kurz <shorty@debain.org>
2000-12-29whitespace sync with openbsdKevin Steves
2000-12-29whitespace sync with openbsdKevin Steves
2000-12-2920001230Ben Lindstrom
- (bal) OpenBSD CVS Update - markus@cvs.openbsd.org 2000/12/28 18:58:30 [ssh-keygen.c] enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2} - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
2000-12-28 - (stevesk) compress.[ch] sync with openbsd; missed in prototypeKevin Steves
fix merge.
2000-12-28 - (bal) OpenBSD CVS UpdateBen Lindstrom
- markus@cvs.openbsd.org 2000/12/28 14:25:51 [auth.h auth2.c] count authentication failures only - markus@cvs.openbsd.org 2000/12/28 14:25:03 [sshconnect.c] fingerprint for MITM attacks, too. - markus@cvs.openbsd.org 2000/12/28 12:03:57 [sshd.8 sshd.c] document -D - markus@cvs.openbsd.org 2000/12/27 14:19:21 [serverloop.c] less chatty - markus@cvs.openbsd.org 2000/12/27 12:34 [auth1.c sshconnect2.c sshd.c] typo - markus@cvs.openbsd.org 2000/12/27 12:30:19 [readconf.c readconf.h ssh.1 sshconnect.c] new option: HostKeyAlias: allow the user to record the host key under a different name. This is useful for ssh tunneling over forwarded connections or if you run multiple sshd's on different ports on the same machine. - markus@cvs.openbsd.org 2000/12/27 11:51:53 [ssh.1 ssh.c] multiple -t force pty allocation, document ORIGINAL_COMMAND - markus@cvs.openbsd.org 2000/12/27 11:41:31 [sshd.8] update for ssh-2
2000-12-2820001229Ben Lindstrom
- (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian Kurz <shorty@debain.org> 20001228 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated header. Patch by Tim Rice <tim@multitalents.net> - Updated TODO w/ known HP/UX issue - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the bad reference to 'NeXT including it else were' on the #ifdef version.
2000-12-28Update to new x11-askpass in RPM specDamien Miller
2000-12-2820001228Ben Lindstrom
- (bal) Patch to add libutil.h to loginrec.c only if the platform has libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
2000-12-27 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,Damien Miller
the info in COPYING.Ylonen has been moved to the start of each SSH1-derived file and README.Ylonen is well out of date.
2000-12-27This should bring NeXTStep back into the family of supported operatingBen Lindstrom
systems. - (bal) Fixed NeXT's lack of CPPFLAGS honoring. - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/ 'RLIMIT_NOFILE'
2000-12-27 - (djm) Fix catman-do target for non-bashDamien Miller
2000-12-2720001227Ben Lindstrom
- (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by Takumi Yamane <yamtak@b-session.com> - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch by Corinna Vinschen <vinschen@redhat.com>
2000-12-2220001223Ben Lindstrom
- (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects if a change to config.h has occurred. Suggested by Gert Doering <gert@greenie.muc.de> - (bal) OpenBSD CVS Update: - markus@cvs.openbsd.org 2000/12/22 16:49:40 [ssh-keygen.c] fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
2000-12-22One way to massive patch. <sigh> It compiles and works under Linux..Ben Lindstrom
And I think I have all the bits right from the OpenBSD tree. 20001222 - Updated RCSID for pty.c - (bal) OpenBSD CVS Updates: - markus@cvs.openbsd.org 2000/12/21 15:10:16 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ - markus@cvs.openbsd.org 2000/12/20 19:26:56 [authfile.c] allow ssh -i userkey for root - markus@cvs.openbsd.org 2000/12/20 19:37:21 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] fix prototypes; from stevesk@pobox.com - markus@cvs.openbsd.org 2000/12/20 19:32:08 [sshd.c] init pointer to NULL; report from Jan.Ivan@cern.ch - markus@cvs.openbsd.org 2000/12/19 23:17:54 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char unsigned' with u_char.
2000-12-21 - (stevesk) OpenBSD CVS updates:Kevin Steves
- markus@cvs.openbsd.org 2000/12/19 15:43:45 [authfile.c channels.c sftp-server.c ssh-agent.c] remove() -> unlink() for consistency - markus@cvs.openbsd.org 2000/12/19 15:48:09 [ssh-keyscan.c] replace <ssl/x.h> with <openssl/x.h> - markus@cvs.openbsd.org 2000/12/17 02:33:40 [uidswap.c] typo; from wsanchez@apple.com