summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 10:21:17Damien Miller
[ssh.c sshd.c] ssh, sshd: sync version output, ok djm
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 08:36:26Damien Miller
[sshd.c] trim usage; ok deraadt
2004-03-22 - markus@cvs.openbsd.org 2004/03/10 09:45:06Damien Miller
[ssh.c] trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 - markus@cvs.openbsd.org 2004/03/09 22:11:05Damien Miller
[ssh.c] increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22- (djm) [sshd.c] Drop supplemental groups if started as rootDamien Miller
2004-03-11 - (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtuckerDamien Miller
2004-03-10Finish 1:3.8p1-2.Colin Watson
2004-03-10 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfoDarren Tucker
before redefining it, silences warnings on Tru64.
2004-03-10Turn off the new ForwardX11Trusted by default, returning to the semanticsColin Watson
of 3.7 and earlier, since it seems immature and causes far too many problems with existing setups. See README.Debian for details (closes: #237021).
2004-03-08 - (tim) [regress/README.regress] Document ssh-rand-helper issue. ok balTim Rice
2004-03-08Disable PasswordAuthentication for new installations (closes: #236810).Colin Watson
2004-03-08 - dtucker@cvs.openbsd.org 2004/03/08 10:18:57Damien Miller
[sshd_config.5] Document KerberosGetAFSToken; ok markus@
2004-03-08 - djm@cvs.openbsd.org 2004/03/08 09:38:05Damien Miller
[ssh-keyscan.c] explicitly initialise remote_major and remote_minor. from cjwatson AT debian.org; ok markus@
2004-03-08 - markus@cvs.openbsd.org 2004/03/05 10:53:58Damien Miller
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c] add IdentitiesOnly; ok djm@, pb@
2004-03-08 - djm@cvs.openbsd.org 2004/03/03 09:31:20Damien Miller
[sftp.c] Fix initialisation of progress meter; ok markus@
2004-03-08 - djm@cvs.openbsd.org 2004/03/03 09:30:42Damien Miller
[sftp-client.c] Don't print duplicate messages when progressmeter is off Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2004/03/03 06:47:52 [sshd.c] change proctiltle after accept(2); ok henning, deraadt, djm
2004-03-08 - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.cDarren Tucker
monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized even if keyboard-interactive is not used by the client. Prevents segfaults in some cases where the user's password is expired (note this is not considered a security exposure). ok djm@
2004-03-08 - (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.hDarren Tucker
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being inherited by the child. ok djm@
2004-03-08 - (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on someDarren Tucker
platforms (eg SCO, HP-UX) with logging in the wrong TZ.
2004-03-07 - (tim) [regress/login-timeout.sh] fix building outside of source tree.Tim Rice
2004-03-06Finish 1:3.8p1-1.Colin Watson
2004-03-06Add Greek debconf template translation (thanks, Konstantinos Margaritis;Colin Watson
closes: #232843).
2004-03-06Add Italian debconf template translation (thanks, Renato Gini;Colin Watson
closes: #234777).
2004-03-06Privilege separation and PAM are now properly supported together, so removeColin Watson
both debconf questions related to them and simply set it unconditionally in newly generated sshd_config files (closes: #228838).
2004-03-06Fix up details of configuration upgrading a bit, including a warningColin Watson
message.
2004-03-05Remove README.Debian warnings about privsep not working properly with PAM.Colin Watson
2004-03-05Really pick up upstream fix for OpenSSH bug #808, a segfault. The previousColin Watson
auth-pam.c change was in fact a different bug.
2004-03-05Implement SSH1 support for ServerAliveInterval using SSH_MSG_IGNORE. AsColin Watson
documented in ssh_config(5), it's not as good as the SSH2 version.
2004-03-05Remove a few line breaks that were awkwardly placed and just made it harderColin Watson
to grep for things.
2004-03-05Update config.guess and config.sub from autotools-dev 20040105.1.Colin Watson
2004-03-05Pick up upstream fix for OpenSSH bug #808, a segfault:Colin Watson
revision 1.97 date: 2004/03/04 09:03:54; author: dtucker; state: Exp; lines: +2 -1 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread, prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 - (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.hDarren Tucker
openbsd-compat/xcrypt.c] Bug #802: Fix build error on Tru64 when configured --with-osfsia. ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,Darren Tucker
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled withDarren Tucker
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
2004-03-04wrong yearDarren Tucker
2004-03-03 - (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agentDamien Miller
ok dtucker
2004-03-01Since PAM session modules are run as root, we can turn pam_limits back onColin Watson
by default, and it no longer spits out "Operation not permitted" to syslog (closes: #171673).
2004-03-01According to Darren Tucker, password expiry has been fixed.Colin Watson
2004-03-01Merge 3.8p1 to the trunk. This builds and runs, but I haven't tested itColin Watson
extensively yet. ProtocolKeepAlives is now just a compatibility alias for ServerAliveInterval.
2004-03-01Import OpenSSH 3.8p1.Colin Watson
2004-02-29 - (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188Tim Rice
2004-02-29 - (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if weDarren Tucker
built with openssl < 0.9.7)
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/28 13:44:45Darren Tucker
[regress/try-ciphers.sh] Test acss too; ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/28 12:16:57Darren Tucker
[regress/dynamic-forward.sh] Make dynamic-forward understand nc's new output. ok markus@
2004-02-29 - markus@cvs.openbsd.org 2004/02/24 17:06:52Darren Tucker
[regress/ssh-com-client.sh regress/ssh-com-keygen.sh regress/ssh-com-sftp.sh regress/ssh-com.sh] test against recent ssh.com releases
2004-02-29 - markus@cvs.openbsd.org 2004/02/24 16:56:30Darren Tucker
[regress/test-exec.sh] allow arguments in ${TEST_SSH_XXX}
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/17 08:23:20Darren Tucker
[regress/Makefile regress/login-timeout.sh] Add regression test for LoginGraceTime; ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/27 22:49:27Darren Tucker
[dh.c] Reset bit counter at the right time, fixes debug output in the case where the DH group is rejected. ok markus@
2004-02-29 - dtucker@cvs.openbsd.org 2004/02/27 22:44:56Darren Tucker
[dh.c] Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone ever uses one. ok markus@