Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-02-20 | - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac | Darren Tucker | |
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support. Configure --with-audit=bsm to enable. Patch originally from Sun Microsystems, parts by John R. Jackson. ok djm@ | |||
2005-02-20 | - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac | Darren Tucker | |
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support. Configure --with-audit=bsm to enable. Patch originally from Sun Microsystems, parts by John R. Jackson. ok djm@ | |||
2005-02-18 | Finish 1:3.9p1-3. | Colin Watson | |
2005-02-18 | Add debian/watch file. | Colin Watson | |
2005-02-16 | - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more | Darren Tucker | |
compiler warnings on AIX. | |||
2005-02-16 | - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic | Darren Tucker | |
authentication early enough to be available to PAM session modules when privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam Hartman and similar to Debian's ssh-krb5 package. | |||
2005-02-16 | - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant | Darren Tucker | |
Unix; prevents problems relating to the location of -lresolv in the link order. | |||
2005-02-16 | - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined | Darren Tucker | |
by the system headers. | |||
2005-02-16 | Document the path to seed_rng better | Darren Tucker | |
2005-02-16 | - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called | Darren Tucker | |
via mkstemp in some configurations. ok djm@ | |||
2005-02-16 | write seed to temporary file and atomically rename into place; ok dtucker@ | Damien Miller | |
2005-02-16 | knf: function names at start of line | Damien Miller | |
2005-02-15 | IPv6 works on AIX5.1ML7 too. | Darren Tucker | |
2005-02-15 | - (dtucker) [loginrec.c] Add missing #include. | Darren Tucker | |
2005-02-15 | - (dtucker) [README.platform auth.c configure.ac loginrec.c | Darren Tucker | |
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6 on AIX where possible (see README.platform for details) and work around a misfeature of AIX's getnameinfo. ok djm@ | |||
2005-02-15 | - (dtucker) [config.sh.in] Collect oslevel -r too. | Darren Tucker | |
2005-02-11 | - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too. | Darren Tucker | |
2005-02-11 | - (dtucker) [configure.ac] Tidy up configure --help output. | Darren Tucker | |
2005-02-10 | - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the | Darren Tucker | |
--disable-etc-default-login configure option. | |||
2005-02-09 | - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require | Darren Tucker | |
the username to be passed to the passwd command when changing expired passwords. ok djm@ | |||
2005-02-09 | - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir | Darren Tucker | |
paths. ok djm@ | |||
2005-02-09 | - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call | Darren Tucker | |
disable_forwarding() from compat library. Prevent linker errrors trying to resolve it for binaries other than sshd. ok djm@ | |||
2005-02-09 | - dtucker@cvs.openbsd.org 2005/02/08 22:24:57 | Darren Tucker | |
[sshd.c] Provide reason in error message if getnameinfo fails; ok markus@ | |||
2005-02-09 | - dtucker@cvs.openbsd.org 2005/01/30 11:18:08 | Darren Tucker | |
[monitor.c] Make code match intent; ok djm@ | |||
2005-02-09 | - jmc@cvs.openbsd.org 2005/01/28 18:14:09 | Darren Tucker | |
[ssh_config.5] wording; ok markus@ | |||
2005-02-09 | - jmc@cvs.openbsd.org 2005/01/28 15:05:43 | Darren Tucker | |
[ssh_config.5] grammar; | |||
2005-02-09 | - dtucker@cvs.openbsd.org 2005/01/28 09:45:53 | Darren Tucker | |
[ssh_config] Make it clear that the example entries in ssh_config are only some of the commonly-used options and refer the user to ssh_config(5) for more details; ok djm@ | |||
2005-02-08 | - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c | Darren Tucker | |
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit defines and enums with SSH_ to prevent namespace collisions on some platforms (eg AIX). | |||
2005-02-08 | - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings. | Darren Tucker | |
2005-02-08 | - (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the | Darren Tucker | |
regress tests so newer versions of GNU head(1) behave themselves. Patch by djm, so ok me. | |||
2005-02-04 | - (dtucker) [auth.c] Fix parens in audit log check. | Darren Tucker | |
2005-02-04 | - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too. | Darren Tucker | |
2005-02-03 | typo | Darren Tucker | |
2005-02-03 | - (dtucker) [added audit.c audit.h] Bug #125: (first stage) Add audit | Darren Tucker | |
instrumentation to sshd, currently disabled by default. with suggestions from and djm@ | |||
2005-02-03 | - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c | Darren Tucker | |
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: (first stage) Add audit instrumentation to sshd, currently disabled by default. with suggestions from and djm@ | |||
2005-02-02 | - (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c] | Darren Tucker | |
Bug #974: Teach sshd to write failed login records to btmp for failed auth attempts (currently only for password, kbdint and C/R, only on Linux and HP-UX), based on code from login.c from util-linux. With ashok_kovai at hotmail.com, ok djm@ | |||
2005-02-02 | - (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to child | Darren Tucker | |
the process. Since we also unset KRB5CCNAME at startup, if it's set after authentication it must have been set by the platform's native auth system. This was already done for AIX; this enables it for the general case. | |||
2005-02-02 | - (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}] | Darren Tucker | |
Make record_failed_login() call provide hostname rather than having the implementations having to do lookups themselves. Only affects AIX and UNICOS (the latter only uses the "user" parameter anyway). ok djm@ | |||
2005-02-02 | - (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpath | Darren Tucker | |
rev 1.11 from OpenBSD and make it use fchdir if available. ok djm@ | |||
2005-02-01 | - (dtucker) [sshd_config.5] Bug #701: remove warning about | Darren Tucker | |
keyboard-interactive since this is no longer the case. | |||
2005-02-01 | - (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on some | Darren Tucker | |
platforms syslog will revert to its default values. This may result in messages from external libraries (eg libwrap) being sent to a different facility. | |||
2005-01-24 | - dtucker@cvs.openbsd.org 2005/01/24 11:47:13 | Darren Tucker | |
[auth-passwd.c] #if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@ | |||
2005-01-24 | - dtucker@cvs.openbsd.org 2005/01/24 10:29:06 | Darren Tucker | |
[moduli] Import new moduli; requested by deraadt@ a week ago | |||
2005-01-24 | - dtucker@cvs.openbsd.org 2005/01/24 10:22:06 | Darren Tucker | |
[scp.c sftp.c] Have scp and sftp wait for the spawned ssh to exit before they exit themselves. This prevents ssh from being unable to restore terminal modes (not normally a problem on OpenBSD but common with -Portable on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950); ok djm@ markus@ | |||
2005-01-24 | - djm@cvs.openbsd.org 2005/01/23 10:18:12 | Darren Tucker | |
[cipher.c] config option "Ciphers" should be case-sensitive; ok dtucker@ | |||
2005-01-24 | - dtucker@cvs.openbsd.org 2005/01/22 08:17:59 | Darren Tucker | |
[auth.c] Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups. bz #909, ok djm@ | |||
2005-01-24 | - otto@cvs.openbsd.org 2005/01/21 08:32:02 | Darren Tucker | |
[auth-passwd.c sshd.c] Warn in advance for password and account expiry; initialize loginmsg buffer earlier and clear it after privsep fork. ok and help dtucker@ markus@ | |||
2005-01-20 | - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam from | Darren Tucker | |
the list of available kbdint devices if UsePAM=no. ok djm@ | |||
2005-01-20 | - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128 | Darren Tucker | |
bytes to prevent errors from login_init_entry() when the username is exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@ | |||
2005-01-20 | Oops, did not intend to commit this yet | Darren Tucker | |