summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-03-05Pick up upstream fix for OpenSSH bug #808, a segfault:Colin Watson
revision 1.97 date: 2004/03/04 09:03:54; author: dtucker; state: Exp; lines: +2 -1 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread, prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 - (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.hDarren Tucker
openbsd-compat/xcrypt.c] Bug #802: Fix build error on Tru64 when configured --with-osfsia. ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,Darren Tucker
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled withDarren Tucker
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
2004-03-04wrong yearDarren Tucker
2004-03-03 - (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agentDamien Miller
ok dtucker
2004-03-01Since PAM session modules are run as root, we can turn pam_limits back onColin Watson
by default, and it no longer spits out "Operation not permitted" to syslog (closes: #171673).
2004-03-01According to Darren Tucker, password expiry has been fixed.Colin Watson
2004-03-01Merge 3.8p1 to the trunk. This builds and runs, but I haven't tested itColin Watson
extensively yet. ProtocolKeepAlives is now just a compatibility alias for ServerAliveInterval.
2004-03-01Import OpenSSH 3.8p1.Colin Watson
2004-02-29 - (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188Tim Rice
2004-02-29 - (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if weDarren Tucker
built with openssl < 0.9.7)
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/28 13:44:45Darren Tucker
[regress/try-ciphers.sh] Test acss too; ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/28 12:16:57Darren Tucker
[regress/dynamic-forward.sh] Make dynamic-forward understand nc's new output. ok markus@
2004-02-29 - markus@cvs.openbsd.org 2004/02/24 17:06:52Darren Tucker
[regress/ssh-com-client.sh regress/ssh-com-keygen.sh regress/ssh-com-sftp.sh regress/ssh-com.sh] test against recent ssh.com releases
2004-02-29 - markus@cvs.openbsd.org 2004/02/24 16:56:30Darren Tucker
[regress/test-exec.sh] allow arguments in ${TEST_SSH_XXX}
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/17 08:23:20Darren Tucker
[regress/Makefile regress/login-timeout.sh] Add regression test for LoginGraceTime; ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/27 22:49:27Darren Tucker
[dh.c] Reset bit counter at the right time, fixes debug output in the case where the DH group is rejected. ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/27 22:44:56Darren Tucker
[dh.c] Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone ever uses one. ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/27 22:42:47Darren Tucker
[dh.c] Prevent sshd from sending DH groups with a primitive generator of zero or one, even if they are listed in /etc/moduli. ok markus@
2004-02-29 - djm@cvs.openbsd.org 2004/02/25 00:22:45Darren Tucker
[sshd.c] typo in comment
2004-02-27 - (bal) KNF our sshlogin.c even if the code looks nothing like upstreamBen Lindstrom
code due to diversity issues.
2004-02-25 - (djm) Don't specify path to PAM modules in Redhat sshd.pam; from FedoraDamien Miller
2004-02-25 - (djm) Trim ChangeLogDamien Miller
2004-02-24 - (djm) Release 3.8p1Damien Miller
2004-02-23[configure.ac] SCO3 needs -lcrypt_i for -lprotTim Rice
2004-02-24 - (dtucker) {README.platform] Add platform-specific notes.Darren Tucker
2004-02-24 - (dtucker) [README] Add pointer to release notes. ok djm@Darren Tucker
2004-02-24 - (djm) Crank RPM spec versionsDamien Miller
2004-02-23[openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy. ok djm@Tim Rice
2004-02-24 - (dtucker) [uidswap.c] Minor KNF. ok djm@Darren Tucker
2004-02-24 - (djm) [groupaccess.c uidswap.c] Bug #787: Size group arrays at runtimeDamien Miller
using sysconf() if available Based on patches from holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
2004-02-24Add missing okDarren Tucker
2004-02-24 - (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when foundDarren Tucker
with krb5-config, hunt down gssapi.h and friends. Based partially on patch from deengert at anl.gov. For the MIT Kerberos bug against krb5-config related to this see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=2240
2004-02-24 - markus@cvs.openbsd.org 2004/02/23 15:16:46Darren Tucker
[version.h] enter 3.8
2004-02-24 - markus@cvs.openbsd.org 2004/02/23 15:12:46Darren Tucker
[bufaux.c] encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka and drop support for negative BNs; ok otto@
2004-02-24 - markus@cvs.openbsd.org 2004/02/23 12:02:33Darren Tucker
[sshd.c] backout revision 1.279; set listen socket to non-block; ok henning.
2004-02-24 - markus@cvs.openbsd.org 2004/02/19 21:15:04Darren Tucker
[sftp-server.c] switch to new license.template
2004-02-24 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in theDarren Tucker
non-interactive path. ok djm@
2004-02-22Add yet more upstream bug closures.Colin Watson
2004-02-22Close "new version available" bug.Colin Watson
2004-02-22Add more upstream bug closures.Colin Watson
2004-02-22Add 'UsePAM yes' to /etc/ssh/sshd_config on upgrade from versions olderColin Watson
than this, to maintain the standard Debian sshd configuration. Comment out PAMAuthenticationViaKbdInt and RhostsAuthentication in sshd_config on upgrade. Neither option is supported any more.
2004-02-22I'm not sure where the need to define __FILE_OFFSET_BITS (as opposed toColin Watson
_FILE_OFFSET_BITS) came from, but it doesn't seem to be necessary any more. Remove it.
2004-02-22Backport a few more changes to auth-pam.c from upstream portable CVS. PAMColin Watson
session modules finally produce output!
2004-02-22Add missed ChangeLog entries for previous commits...Darren Tucker
2004-02-22 - (dtucker) [configure.ac] Apply krb5-config --libs fix to non-gssapi pathDarren Tucker
too.
2004-02-22 - (dtucker) [auth-passwd.c] Only check password expiry once. PreventsDarren Tucker
multiple warnings if a wrong password is entered.
2004-02-22 - (dtucker) [auth-shadow.c auth.h] Provide warnings of impending account orDarren Tucker
password expiry. ok djm@
2004-02-22 - (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry testDarren Tucker
to auth-shadow.c, no functional change. ok djm@