summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2005-02-02 - (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpathDarren Tucker
rev 1.11 from OpenBSD and make it use fchdir if available. ok djm@
2005-02-01 - (dtucker) [sshd_config.5] Bug #701: remove warning aboutDarren Tucker
keyboard-interactive since this is no longer the case.
2005-02-01 - (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on someDarren Tucker
platforms syslog will revert to its default values. This may result in messages from external libraries (eg libwrap) being sent to a different facility.
2005-01-24 - dtucker@cvs.openbsd.org 2005/01/24 11:47:13Darren Tucker
[auth-passwd.c] #if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@
2005-01-24 - dtucker@cvs.openbsd.org 2005/01/24 10:29:06Darren Tucker
[moduli] Import new moduli; requested by deraadt@ a week ago
2005-01-24 - dtucker@cvs.openbsd.org 2005/01/24 10:22:06Darren Tucker
[scp.c sftp.c] Have scp and sftp wait for the spawned ssh to exit before they exit themselves. This prevents ssh from being unable to restore terminal modes (not normally a problem on OpenBSD but common with -Portable on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950); ok djm@ markus@
2005-01-24 - djm@cvs.openbsd.org 2005/01/23 10:18:12Darren Tucker
[cipher.c] config option "Ciphers" should be case-sensitive; ok dtucker@
2005-01-24 - dtucker@cvs.openbsd.org 2005/01/22 08:17:59Darren Tucker
[auth.c] Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups. bz #909, ok djm@
2005-01-24 - otto@cvs.openbsd.org 2005/01/21 08:32:02Darren Tucker
[auth-passwd.c sshd.c] Warn in advance for password and account expiry; initialize loginmsg buffer earlier and clear it after privsep fork. ok and help dtucker@ markus@
2005-01-20 - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam fromDarren Tucker
the list of available kbdint devices if UsePAM=no. ok djm@
2005-01-20 - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128Darren Tucker
bytes to prevent errors from login_init_entry() when the username is exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
2005-01-20Oops, did not intend to commit this yetDarren Tucker
2005-01-20 - djm@cvs.openbsd.org 2004/12/22 02:13:19Darren Tucker
[cipher-ctr.c cipher.c] remove fallback AES support for old OpenSSL, as OpenBSD has had it for many years now; ok deraadt@ (Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about userDarren Tucker
existence via keyboard-interactive/pam, in conjunction with previous auth2-chall.c change; with Colin Watson and djm.
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/19 13:11:47Darren Tucker
[auth-bsdauth.c auth2-chall.c] Have keyboard-interactive code call the drivers even for responses for invalid logins. This allows the drivers themselves to decide how to handle them and prevent leaking information where possible. Existing behaviour for bsdauth is maintained by checking authctxt->valid in the bsdauth driver. Note that any third-party kbdint drivers will now need to be able to handle responses for invalid logins. ok markus@
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/17 22:48:39Darren Tucker
[sshd.c] Make debugging output continue after reexec; ok djm@
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/17 03:25:46Darren Tucker
[moduli.c] Correct spelling: SCHNOOR->SCHNORR; ok djm@
2005-01-20 - jmc@cvs.openbsd.org 2005/01/08 00:41:19Darren Tucker
[sshd_config.5] `login'(n) -> `log in'(v);
2005-01-20 - markus@cvs.openbsd.org 2005/01/05 08:51:32Darren Tucker
[sshconnect.c] remove dead code, log connect() failures with level error, ok djm@
2005-01-20 - djm@cvs.openbsd.org 2004/12/23 23:11:00Darren Tucker
[servconf.c servconf.h sshd.c sshd_config sshd_config.5] bz #898: support AddressFamily in sshd_config. from peak@argo.troja.mff.cuni.cz; ok deraadt@
2005-01-20 - markus@cvs.openbsd.org 2004/12/23 17:38:07Darren Tucker
[ssh-keygen.c] leak; from mpech
2005-01-20 - markus@cvs.openbsd.org 2004/12/23 17:35:48Darren Tucker
[session.c] check for NULL; from mpech
2005-01-18 - (dtucker) [survey.sh.in] Remove any blank lines from the output ofDarren Tucker
ccver-v and ccver-V.
2005-01-18 - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] ImplementDarren Tucker
"make survey" and "make send-survey". This will provide data on the configure parameters, platform and platform features to the development team, which will allow (among other things) better targetting of testing. It's entirely voluntary and is off be default. ok djm@
2005-01-16Explain how to run sshd from inittab in README.Debian (closes: #147360).Colin Watson
2005-01-15Finish 1:3.9p1-2.Colin Watson
2005-01-15mention where new translations came fromColin Watson
2005-01-15Drop LoginGraceTime back to the upstream default of two minutes on newColin Watson
installs (closes: #289573).
2005-01-15Update PO-Revision-Date: and Last-Translator:.Colin Watson
2005-01-15Update Spanish debconf template translations (thanks, Santiago Erquicia).Colin Watson
2005-01-15Update Greek debconf template translation (thanks, Logiotatidis George).Colin Watson
2005-01-13Depend on debconf | debconf-2.0.Colin Watson
2005-01-11Remove pam_nologin from /etc/pam.d/ssh, as sshd's built-in support appearsColin Watson
to be sufficient and more useful (closes: #162996).
2005-01-04Finish 1:3.9p1-1.Colin Watson
2005-01-04oops, LC_*, not LC_ALLColin Watson
2005-01-04yet another bug fixedColin Watson
2005-01-04remove /usr/sbin from openssh-clientColin Watson
2005-01-04Expand on openssh-client package description (closes: #273831).Colin Watson
2005-01-04more fixed bugsColin Watson
2005-01-04Pass LANG and LC_* environment variables from the client by default, andColin Watson
accept them to the server by default in new installs, although not on upgrade (closes: #264024).
2005-01-04note some closed bugsColin Watson
2005-01-04Merge 3.9p1 to the trunk.Colin Watson
2005-01-04Import OpenSSH 3.9p1.Colin Watson
2005-01-04Merge from branch-V_3_8_1_P1-4-client-server-split:Colin Watson
cvs up -jV_3_8_1_P1-8 -jbranch-V_3_8_1_P1-4-client-server-split branch-V_3_8_1_P1-4-client-server-split is now closed. For further development for sarge (Debian version 3.8.1p1-8.sarge.4, CVS tag V_3_8_1_P1-8_sarge_4), use branch-V_3_8_1_P1-8_sarge_4-sarge.
2004-12-20 - (dtucker) [regress/rekey.sh] Touch datafile before filling with dd, sinceDarren Tucker
on some wacky platforms (eg old AIXes), dd will refuse to create an output file if it doesn't exist.
2004-12-20 - (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if readingDarren Tucker
from prngd is enabled at compile time but fails at run time, eg because prngd is not running. Note that if you have prngd running when OpenSSH is built, OpenSSL will consider itself internally seeded and rand-helper won't be built at all unless explicitly enabled via --with-rand-helper. ok djm@
2004-12-13 - (dtucker) [contrib/findssh.sh] Clean up on interrupt; fromDarren Tucker
amarendra.godbole at ge com.
2004-12-11 - dtucker@cvs.openbsd.org 2004/12/11 01:48:56Darren Tucker
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@
2004-12-11 - fgsch@cvs.openbsd.org 2004/12/10 03:10:42Darren Tucker
[sftp.c] - fix globbed ls for paths the same lenght as the globbed path when we have a unique matching. - fix globbed ls in case of a directory when we have a unique matching. - as a side effect, if the path does not exist error (used to silently ignore). - don't do extra do_lstat() if we only have one matching file. djm@ ok
2004-12-11 - (dtucker) OpenBSD CVS SyncDarren Tucker
- markus@cvs.openbsd.org 2004/12/06 16:00:43 [bufaux.c] use 0x00 not \0 since buf[] is a bignum