Age | Commit message (Collapse) | Author |
|
- markus@cvs.openbsd.org 2002/10/01 20:34:12
[ssh-agent.c]
allow root to access the agent, since there is no protection from root.
|
|
[ssh.1]
clarify compression level protocol 1 only; ok markus@ deraadt@
|
|
- mickey@cvs.openbsd.org 2002/09/27 10:42:09
[compat.c compat.h sshd.c]
add a generic match for a prober, such as sie big brother;
idea from stevesk@; markus@ ok
|
|
|
|
|
|
|
|
|
|
|
|
[auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c]
[monitor_wrap.h]
krb4 + privsep; ok dugsong@, deraadt@
|
|
[sshd.c]
typo; pilot@monkey.org
|
|
- markus@cvs.openbsd.org 2002/09/25 11:17:16
[sshd_config]
sync LoginGraceTime with default
|
|
This does not include the deattack.c fixes.
|
|
in AIX. Patch by dtucker@zip.com.au ok by djm
|
|
[sshd.8]
tweak the example $HOME/.ssh/rc script to not show on any cmdline the
sensitive data it handles. This fixes bug # 402 as reported by
kolya@mit.edu (Nickolai Zeldovich).
ok markus@ and stevesk@
|
|
[monitor.c]
only call kerberos code for authctxt->valid
|
|
[monitor.c]
only call auth_krb5 if kerberos is enabled; ok deraadt@
|
|
- stevesk@cvs.openbsd.org 2002/09/23 20:46:27
[canohost.c]
change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for
non-sockets; fixes a problem passing NULL to snprintf(). ok markus@
|
|
From autoconf guidelines:
"Test programs should exit, not return, from main, because on some
systems (old Suns, at least) the argument to return in main is ignored."
|
|
[auth.c]
log illegal user here for missing privsep case (ssh2).
this is executed in the monitor. ok markus@
|
|
[serverloop.c]
log IP address also; ok markus@
|
|
[ssh-add.c]
typo; cd@kalkatraz.de
|
|
- stevesk@cvs.openbsd.org 2002/09/19 14:53:14
[compat.c]
|
|
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au; ok markus@
|
|
[channels.c]
don't quit while creating X11 listening socket.
http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
got from portable. markus ok
|
|
[sshd.8]
reference moduli(5) in FILES /etc/moduli.
|
|
[sshd_config.5]
more details on X11Forwarding security issues and threats; ok markus@
|
|
[session.c]
log when _PATH_NOLOGIN exists; ok markus@
|
|
[channels.c sshconnect.c sshd.c]
remove use of SO_LINGER, it should not be needed. error check
SO_REUSEADDR. fixup comments. ok markus@
|
|
[session.c ssh.1]
add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384. ok markus@
|
|
- stevesk@cvs.openbsd.org 2002/09/12 19:11:52
[ssh-agent.c]
%u for uid print; ok markus@
|
|
pressed.
|
|
|
|
fake-queue.h to sys-tree.h and sys-queue.h
|
|
[sftp-int.c]
zap unused var introduced in last commit
|
|
with SO_PEERCRED support. Faked for systems which lack it.
|
|
[sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h]
[sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c]
support for short/long listings and globbing in "ls"; ok markus@
|
|
[authfd.c authfd.h ssh.c]
don't connect to agent to test for presence if we've previously
connected; ok markus@
|
|
[ssh.1]
add agent and X11 forwarding warning text from ssh_config.5; ok markus@
|
|
[ssh-agent.c]
check the euid of the connecting process with getpeereid(2);
ok provos deraadt stevesk
|
|
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
signed vs unsigned from -pedantic; ok henning@
|
|
[auth1.c auth.h auth-krb5.c monitor.c monitor.h]
[monitor_wrap.c monitor_wrap.h]
kerberos support for privsep. confirmed to work by lha@stacken.kth.se
patch from markus
|
|
- markus@cvs.openbsd.org 2002/09/08 20:24:08
[hostfile.h]
no comma at end of enumerator list
|
|
|
|
Patch from Robert Halubek <rob@adso.com.pl>
|
|
Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com>
|
|
|
|
Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
- stevesk@cvs.openbsd.org 2002/09/04 18:52:42
[servconf.c sshd.8 sshd_config.5]
default LoginGraceTime to 2m; 1m may be too short for slow systems.
ok markus@
|
|
|