Age | Commit message (Collapse) | Author |
|
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
some signed/unsigned int comparison cleanups; markus@ ok
|
|
redhat.com
|
|
messages generated before the postauth privsep split.
|
|
[sshlogin.c]
make store_lastlog_message() static to appease -Wall; ok markus
|
|
[sshlogin.c]
check that lseek went were we told it to; ok markus@
(Id sync only, but similar changes are needed in loginrec.c)
|
|
[sshd.c]
Don't try to close startup_pipe if it's not open; ok djm@
|
|
[servconf.c]
Fix minor leak; "looks right" deraadt@
|
|
[dh.c]
return group14 when no primes found - fixes hang on empty /etc/moduli;
ok markus@
|
|
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
sshconnect1.c]
more s/illegal/invalid/
|
|
[sshd.c]
call setsid() _before_ re-exec
|
|
|
|
[canohost.c]
bz#902: cache remote port so we don't fatal() in auth_log when remote
connection goes away quickly. from peak AT argo.troja.mff.cuni.cz;
ok markus@
|
|
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
|
|
[gss-serv-krb5.c]
fix function declaration
|
|
[auth1.c auth2.c]
bz#899: Don't display invalid usernames in setproctitle
|
|
- markus@cvs.openbsd.org 2004/07/21 08:56:12
[auth.c]
s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
miod, ...
|
|
that sshd is fixed to behave better; suggested by tim
|
|
peak AT argo.troja.mff.cuni.cz
|
|
to syslog; from peak AT argo.troja.mff.cuni.cz
|
|
Report by rac AT tenzing.org
|
|
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
|
|
ok dtucker@
|
|
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
Move "Last logged in at.." message generation to the monitor, right
before recording the new login. Fixes missing lastlog message when
/var/log/lastlog is not world-readable and incorrect datestamp when
multiple sessions are used (bz #463); much assistance & ok markus@
|
|
[ssh-keyscan.1]
Fix incorrect macro, .I -> .Em
From: Eric S. Raymond <esr at thyrsus dot com>
ok jmc@
|
|
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
|
|
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
|
|
the monitor to properly clean up the PAM thread (Debian bug #252676).
|
|
vinschen AT redhat.com
|
|
[scp.c]
Prevent scp from skipping the file following a double-error.
bz #863, ok markus@
|
|
[monitor_wrap.c]
Put s/key functions inside #ifdef SKEY same as monitor.c,
from des@freebsd via bz #330, ok markus@
|
|
[sshlogin.c] (RCSID sync only, the corresponding code is not in Portable)
Use '\0' not 0 for string; ok djm@, deraadt@
|
|
strube at physik3.gwdg.de a long time ago.
|
|
the same version. Handle the case where someone uses --with-privsep-user=
and the user name does not match the group name. ok dtucker@
|
|
to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@
|
|
warnings on compliant platforms. From paul.a.bolton at bt.com. ok djm@
|
|
Ensures messages from PAM modules are displayed when privsep=no.
Note: I did not want to just move display_loginmsg since that would change
existing behaviour (order of expiry warnings, "Last Login", motd) to less
like the native tools.
|
|
[session.c]
unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
|
|
[sshd.c]
initialise some fd variables to -1, djm@ ok
|
|
[sshd_config.5]
new sentence, new line;
|
|
[ssh_config.5]
punctuation and grammar fixes. also, keep the options in order.
|
|
- jmc@cvs.openbsd.org 2004/06/26 09:03:21
[ssh.1]
- remove double word
- rearrange .Bk to keep SYNOPSIS nice
- -M before -m in options description
|
|
appdata_ptr to the conversation function. ok djm@
By rights we should free the messages too, but if this happens then one
of the modules has already proven itself to be buggy so can we trust
the messages?
|
|
|
|
rename handling for Linux which returns EPERM for link() on (at least some)
filesystems that do not support hard links. sftp-server will fall back to
stat+rename() in such cases.
|
|
|
|
|
|
|
|
[sftp.c]
bz #875: fix bad escape char error message; reported by f_mohr AT yahoo.de
|
|
- djm@cvs.openbsd.org 2004/06/25 18:43:36
[sshd.c]
fix broken fd handling in the re-exec fallback path, particularly when
/dev/crypto is in use; ok deraadt@ markus@
|
|
[sftp-server.c]
Fall back to stat+rename if filesystem doesn't doesn't support hard
links. bz#823, ok djm@
|