summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2002-01-22 - deraadt@cvs.openbsd.org 2001/12/24 07:29:43Damien Miller
[ssh-add.c] try all listed keys.. how did this get broken? (oops - that was me)
2002-01-22 - markus@cvs.openbsd.org 2001/12/21 12:17:33Damien Miller
[serverloop.c] remove ifdef for USE_PIPES since fdin != fdout; ok djm@
2002-01-22 - djm@cvs.openbsd.org 2001/12/21 10:06:43Damien Miller
[ssh-add.1 ssh-add.c] Try all standard key files (id_rsa, id_dsa, identity) when invoked with no arguments; ok markus@
2002-01-22 - djm@cvs.openbsd.org 2001/12/21 08:53:45Damien Miller
[readpass.c] Avoid interruptable passphrase read; ok markus@
2002-01-22 - djm@cvs.openbsd.org 2001/12/21 08:52:22Damien Miller
[ssh-keygen.1 ssh-keygen.c] Remove default (rsa1) key type; ok markus@
2002-01-22moreDamien Miller
2002-01-22 - (djm) autoconf hacking:Damien Miller
- Add OpenSSL sanity check: verify that header version matches version reported by library
2002-01-22 - (djm) Fix some bugs I introduced into ssh-rand-helper yesterdayDamien Miller
2002-01-22 - (djm) autoconf hacking:Damien Miller
- We don't support --without-zlib currently, so don't allow it. - Rework cryptographic random number support detection. We now detect whether OpenSSL seeds itself. If it does, then we don't bother with the ssh-rand-helper program. You can force the use of ssh-rand-helper using the --with-rand-helper configure argument - Simplify and clean up ssh-rand-helper configuration
2002-01-21 - (djm) Rework ssh-rand-helper:Damien Miller
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf - Always seed from system calls, even when doing PRNGd seeding - Tidy and comment #define knobs - Remove unused facility for multiple runs through command list - KNF, cleanup, update copyright
2002-01-14 - (djm) Bug #50 - make autoconf entropy path checks more robustDamien Miller
2002-01-08 - (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. doesKevin Steves
not depend on transition links. from Lutz Jaenicke.
2002-01-08 - (djm) Merge Cygwin copy_environment with do_pam_environment, removingDamien Miller
fixed env var size limit in the process. Report from Corinna Vinschen <vinschen@redhat.com>
2002-01-06 - (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u"Kevin Steves
for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
2002-01-05 - (stevesk) fix spurious ; from NCR change.Kevin Steves
2002-01-05 - (bal) NCR requies use_pipes to operate correctly.Ben Lindstrom
2002-01-03 - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch fromDamien Miller
Roger Cornelius <rac@tenzing.org>
2001-12-31test openssh-commits listDamien Miller
2001-12-31testing againDamien Miller
2001-12-29Tweak cvsignore filesDamien Miller
2001-12-29 - (djm) Typo in contrib/cygwin/README Fix from Corinna VinschenDamien Miller
<vinschen@redhat.com>
2001-12-29 - (djm) Apply Cygwin pointer deref fix from Corinna VinschenDamien Miller
<vinschen@redhat.com> Could be abused to guess valid usernames
2001-12-28 - (djm) Remove recommendation to use GNU make, we should support mostDamien Miller
make programs.
2001-12-25 - (stevesk) [Makefile.in ssh-rand-helper.c]Kevin Steves
portable lib and __progname support for ssh-rand-helper; ok djm@
2001-12-24HARUYAMA Seigo has changed addressDamien Miller
2001-12-24 - (bal) Removed contrib/chroot.diff and noted in contrib/README that itBen Lindstrom
was not being maintained.
2001-12-24 - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch fromDamien Miller
solar@openwall.com - (djm) Rework entropy code. If the OpenSSL PRNG is has not been internally seeded, execute a subprogram "ssh-rand-helper" to obtain some entropy for us. Rewrite the old in-process entropy collecter as an example ssh-rand-helper. - (djm) Always perform ssh_prng_cmds path lookups in configure, even if we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-21 - djm@cvs.openbsd.org 2001/12/20 22:50:24Damien Miller
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] [sshconnect2.c] Conformance fix: we should send failing packet sequence number when responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@
2001-12-21 - markus@cvs.openbsd.org 2001/12/20 16:37:29Damien Miller
[channels.c channels.h session.c] setup x11 listen socket for just one connect if the client requests so. (v2 only, but the openssh client does not support this feature).
2001-12-21 - stevesk@cvs.openbsd.org 2001/12/19 17:16:13Damien Miller
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c] change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 - markus@cvs.openbsd.org 2001/12/19 16:09:39Damien Miller
[serverloop.c] fix race between SIGCHLD and select with an additional pipe. writing to the pipe on SIGCHLD wakes up select(). using pselect() is not portable and siglongjmp() ugly. W. R. Stevens suggests similar solution. initial idea by pmenage@ensim.com; ok deraadt@, djm@
2001-12-21Sync RCSIDs from Kevin's already committed patchDamien Miller
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-21 - jakob@cvs.openbsd.org 2001/12/18 10:06:24Damien Miller
[auth-rsa.c] log fingerprint on successful public key authentication, simplify usage of key structs; ok markus@
2001-12-21 - jakob@cvs.openbsd.org 2001/12/18 10:05:15Damien Miller
[auth2.c] log fingerprint on successful public key authentication; ok markus@
2001-12-21 - jakob@cvs.openbsd.org 2001/12/18 10:04:21Damien Miller
[auth.h hostfile.c hostfile.h] remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
2001-12-21 - markus@cvs.openbsd.org 2001/12/10 20:34:31Damien Miller
[ssh-keyscan.c] check that server supports v1 for -t rsa1, report from wirth@dfki.de
2001-12-21 - stevesk@cvs.openbsd.org 2001/12/10 16:45:04Damien Miller
[sshd.c] possible fd leak on error; ok markus@
2001-12-21 - markus@cvs.openbsd.org 2001/12/09 18:45:56Damien Miller
[auth2.c auth2-chall.c auth.h] add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions, fixes memleak.
2001-12-21 - stevesk@cvs.openbsd.org 2001/12/08 17:49:28Damien Miller
[channels.c pathnames.h] use only one path to X11 UNIX domain socket vs. an array of paths to try. report from djast@cs.toronto.edu. ok markus@
2001-12-21 - (djm) Add option to gnome-ssh-askpass to stop it from grabbing the XDamien Miller
server. I have found this necessary to avoid server hangs with X input extensions (e.g. kinput2). Enable by setting the environment variable "GNOME_SSH_ASKPASS_NOGRAB"
2001-12-19 - (stevesk) OpenBSD CVS sync X11 localhost displayKevin Steves
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51 [channels.h channels.c session.c] sshd X11 fake server will now listen on localhost by default: $ echo $DISPLAY localhost:12.0 $ netstat -an|grep 6012 tcp 0 0 127.0.0.1.6012 *.* LISTEN tcp6 0 0 ::1.6012 *.* LISTEN sshd_config gatewayports=yes can be used to revert back to the old behavior. will control this with another option later. ok markus@ - stevesk@cvs.openbsd.org 2001/12/19 08:43:11 [includes.h session.c] handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-07 - stevesk@cvs.openbsd.org 2001/12/06 18:20:32Ben Lindstrom
[channels.c] disable nagle for X11 fake server and client TCPs. from netbsd. ok markus@
2001-12-07 - stevesk@cvs.openbsd.org 2001/12/06 18:09:23Ben Lindstrom
[channels.c session.c] strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
2001-12-07 - stevesk@cvs.openbsd.org 2001/12/06 18:02:32Ben Lindstrom
[channels.c sshconnect.c] shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 - (bal) PCRE no longer required. Banished from the source along withBen Lindstrom
fake-regex.h
2001-12-06 - markus@cvs.openbsd.org 2001/12/06 13:30:06Ben Lindstrom
[servconf.c servconf.h sshd.8 sshd.c] add -o to sshd, too. ok deraadt@ - (bal) Minor white space fix up in servconf.c
2001-12-06 - markus@cvs.openbsd.org 2001/12/05 16:54:51Ben Lindstrom
[compat.c match.c match.h] make theo and djm happy: bye bye regexp
2001-12-06 - markus@cvs.openbsd.org 2001/12/05 15:04:48Ben Lindstrom
[version.h] post 3.0.2
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF