summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 11:09:17Ben Lindstrom
[clientloop.c compat.c compat.h] add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:42:57Ben Lindstrom
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c sshconnect2.c sshd.c] fix whitespace: unexpand + trailing spaces.
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:39:48Ben Lindstrom
[version.h] temporary version 2.5.4 (supports rekeying). this is not an official release.
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:39:03Ben Lindstrom
[compress.c compress.h packet.c] reset compress state per direction when rekeying.
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:00:06Ben Lindstrom
[compat.c] 2.3.x does old GEX, too; report jakob@
2001-04-05 - (stevesk) logintest.c: fix for systems without __prognameKevin Steves
2001-04-05 - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removesKevin Steves
BROKEN_VHANGUP
2001-04-05 - markus@cvs.openbsd.org 2001/04/04 23:09:18Ben Lindstrom
[dh.c kex.c packet.c] clear+free keys,iv for rekeying. + fix DH mem leaks. ok niels@
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 22:04:35Ben Lindstrom
[kex.c kexgex.c serverloop.c] parse full kexinit packet. make server-side more robust, too.
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 20:32:56Ben Lindstrom
[auth2.c] we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 20:25:38Ben Lindstrom
[channels.c channels.h clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] more robust rekeying don't send channel data after rekeying is started.
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 15:50:55Ben Lindstrom
[compat.c] f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 14:34:58Ben Lindstrom
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] enable server side rekeying + some rekey related clientup. todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 09:48:35Ben Lindstrom
[kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c] don't sent multiple kexinit-requests. send newkeys, block while waiting for newkeys. fix comments.
2001-04-04 - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync.Ben Lindstrom
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 00:06:54Ben Lindstrom
[clientloop.c sshconnect2.c] enable client rekeying (1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
2001-04-04 - markus@cvs.openbsd.org 2001/04/03 23:32:12Ben Lindstrom
[kex.c kex.h packet.c sshconnect2.c sshd.c] undo parts of recent my changes: main part of keyexchange does not need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
2001-04-04 - todd@cvs.openbsd.org 2001/04/03 21:19:38Ben Lindstrom
[ssh_config] id_rsa1/2 -> id_rsa; ok markus@
2001-04-04 - markus@cvs.openbsd.org 2001/04/03 19:53:29Ben Lindstrom
[dh.c dh.h kex.c kex.h sshconnect2.c sshd.c] move kex to kex*.c, used dispatch_set() callbacks for kex. should make rekeying easier.
2001-04-04 - stevesk@cvs.openbsd.org 2001/04/03 13:56:11Ben Lindstrom
[sftp-glob.c ssh-agent.c ssh-keygen.c] free() -> xfree()
2001-04-04 - deraadt@cvs.openbsd.org 2001/04/02 17:32:23Ben Lindstrom
[ssh-agent.1] grammar; slade@shore.net
2001-04-03 - (stevesk) nchan.c: remove ostate checks and add EINVAL toKevin Steves
shutdown(SHUT_RD) error() bypass for HP-UX.
2001-04-02 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23Ben Lindstrom
[readconf.c servconf.c] correct comment; ok markus@
2001-04-02 - stevesk@cvs.openbsd.org 2001/04/02 14:15:31Ben Lindstrom
[sshd.8] typo; ok markus@
2001-04-02 - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_HKevin Steves
2001-04-02 - (stevesk) log.c openbsd sync; missing newlinesKevin Steves
2001-03-30Fixup makefile after mergeDamien Miller
2001-03-30 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2001/03/29 23:42:01 [sshd.c] Protocol 1 key regeneration log => verbose, some KNF; ok markus@
2001-03-30 - OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2001/03/29 21:17:40 [dh.c dh.h kex.c kex.h] prepare for rekeying: move DH code to dh.c
2001-03-30 - OpenBSD CVS SyncDamien Miller
- stevesk@cvs.openbsd.org 2001/03/29 21:06:21 [sshconnect2.c sshd.c] need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
2001-03-30 - OpenBSD CVS SyncDamien Miller
- provos@cvs.openbsd.org 2001/03/29 14:24:59 [sshconnect2.c] use recommended defaults
2001-03-30 - OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2001/03/28 22:43:31 [auth.h auth2.c auth2-chall.c] check auth_root_allowed for kbd-int auth, too.
2001-03-30 - OpenBSD CVS SyncDamien Miller
- provos@cvs.openbsd.org 2001/03/28 22:04:57 [dh.c] more sanity checking on primes file
2001-03-30 - (djm) OpenBSD CVS SyncDamien Miller
- provos@cvs.openbsd.org 2001/03/28 21:59:41 [kex.c kex.h sshconnect2.c sshd.c] forgot to include min and max params in hash, okay markus@
2001-03-30 - (djm) Another openbsd-compat/glob.c syncDamien Miller
2001-03-29 - markus@cvs.openbsd.org 2001/03/28 20:50:45Ben Lindstrom
[sshd.c] call refuse() before close(); from olemx@ans.pl
2001-03-29 - stevesk@cvs.openbsd.org 2001/03/28 20:04:38Ben Lindstrom
[scp.c] usage more like rcp and add missing -B to usage; ok markus@
2001-03-29 - stevesk@cvs.openbsd.org 2001/03/28 19:56:23Ben Lindstrom
[scp.c] start to sync scp closer to rcp; ok markus@
2001-03-29 - provos@cvs.openbsd.org 2001/03/27 17:46:50Ben Lindstrom
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@
2001-03-29 - markus@cvs.openbsd.org 2001/03/27 10:57:00Ben Lindstrom
[compat.c compat.h ssh-rsa.c] some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 signatures in SSH protocol 2, ok djm@
2001-03-29 - markus@cvs.openbsd.org 2001/03/27 10:34:08Ben Lindstrom
[ssh-rsa.c sshd.c] use EVP_get_digestbynid, reorder some calls and fix missing free.
2001-03-29 - markus@cvs.openbsd.org 2001/03/26 23:23:24Ben Lindstrom
[rsa.c rsa.h ssh-agent.c ssh-keygen.c] try to read private f-secure ssh v2 rsa keys.
2001-03-29 - markus@cvs.openbsd.org 2001/03/26 23:12:42Ben Lindstrom
[authfile.c] KNF
2001-03-29 - stevesk@cvs.openbsd.org 2001/03/26 15:47:59Ben Lindstrom
[ssh.1] document more defaults; misc. cleanup. ok markus@
2001-03-28 - (djm) Sync openbsd-compat/glob.cDamien Miller
2001-03-28 - (djm) Rework krbIV tests to get us closer to building on Redhat. StillDamien Miller
doesn't work because of conflicts between krbIV's and OpenSSL's des.h
2001-03-28 - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggestedDamien Miller
fix from Philippe Levan <levan@epix.net>
2001-03-28 - (djm) Reorder tests and library inclusion for Krb4/AFS to try toDamien Miller
resolve linking conflicts with libcrypto. Report and suggested fix from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2001-03-27 - (djm) Reestablish PAM credentials (which can be supplemental groupDamien Miller
memberships) after initgroups() blows them away. Report and suggested fix from Nalin Dahyabhai <nalin@redhat.com>
2001-03-27more detail about krb4/-lcrypto conflictsDamien Miller