| Age | Commit message (Collapse) | Author |
|---|
|
PAM via keyboard-interactive. Patch tested by the folks at Vintela.
|
|
|
|
process when sshd relies on ssh-random-helper. Should result in faster
logins on systems without a real random device or prngd. ok djm@
|
|
calls, since they can't possibly fail. ok djm@
|
|
duplicate call. ok djm@
|
|
shillest.net.
|
|
skeleten at shillest.net.
|
|
|
|
AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
|
|
Mike Frysinger.
|
|
- (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
|
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
|
|
|
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
Feedback and OK dtucker@
|
|
|
|
[version.h]
4.2
|
|
- djm@cvs.openbsd.org 2005/08/30 22:08:05
[gss-serv.c sshconnect2.c]
destroy credentials if krb5_kuserok() call fails. Stops credentials being
delegated to users who are not authorised for GSSAPIAuthentication when
GSSAPIDeletegateCredentials=yes and another authentication mechanism
succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by
simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@
|
|
|
|
|
|
password support to 7.x for now.
|
|
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
by tim@. Feedback and OK dtucker@
|
|
|
|
|
|
qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
and "//foo" to be different. Spotted by vinschen at redhat.com.
|
|
LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@
|
|
from Jacob Nevins; ok dtucker@
|
|
by skeleten AT shillest.net
|
|
|
|
[sftp.c]
sftp prompt enhancements:
- in non-interactive mode, do not print an empty prompt at the end
before finishing
- print newline after EOF in editline mode
- call el_end() in editline mode
ok dtucker djm
|
|
Report from Janusz Mucka; ok djm@
|
|
[servconf.c]
Unbreak sshd ListenAddress for bare IPv6 addresses.
|
|
[readconf.c]
listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
|
|
[ssh.c]
fix -D listen_host initialisation, so it picks up gateway_ports setting
correctly
|
|
[packet.c]
missing packet_init_compression(); from solar
|
|
Sync current (thread-safe) version of realpath.c from OpenBSD (which is
in turn based on FreeBSD's). ok djm@
|
|
Report from skeleten AT shillest.net, ok djm@
|
|
Report by skeleten AT shillest.net
|
|
latter is specified in the standard.
|
|
individually and use a value less likely to collide with real values from
netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@
|
|
adding -Werror to CFLAGS when all of the configure tests are done. ok djm@
|
|
with gcc. ok djm@
|
|
[scp.c hostfile.c sftp-client.c]
Silence bogus -Wuninitialized warnings; ok djm@
|
|
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
[sshconnect2.c sshd.c sshd_config sshd_config.5]
add a new compression method that delays compression until the user
has been authenticated successfully and set compression to 'delayed'
for sshd.
this breaks older openssh clients (< 3.5) if they insist on
compression, so you have to re-enable compression in sshd_config.
ok djm@
|
|
- otto@cvs.openbsd.org 2005/07/19 15:32:26
[auth-passwd.c]
auth_usercheck(3) can return NULL, so check for that. Report from
mpech@. ok markus@
|
|
tim@.
|
|
|
|
|
|
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
|
|
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
|
|
- djm@cvs.openbsd.org 2005/07/17 06:49:04
[channels.c channels.h session.c session.h]
Fix a number of X11 forwarding channel leaks:
1. Refuse multiple X11 forwarding requests on the same session
2. Clean up all listeners after a single_connection X11 forward, not just
the one that made the single connection
3. Destroy X11 listeners when the session owning them goes away
testing and ok dtucker@
|
