summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-04-20 - djm@cvs.openbsd.org 2004/04/19 13:02:40Damien Miller
[ssh.1 ssh_config.5] document strict permission checks on ~/.ssh/config; prompted by, with & ok jmc@
2004-04-20 - djm@cvs.openbsd.org 2004/04/18 23:10:26Damien Miller
[readconf.c readconf.h ssh-keysign.c ssh.c] perform strict ownership and modes checks for ~/.ssh/config files, as these can be used to execute arbitrary programs; ok markus@ NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above changeDamien Miller
2004-04-20 - (djm) OpenBSD CVS SyncDamien Miller
- henning@cvs.openbsd.org 2004/04/08 16:08:21 [sshconnect2.c] swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do. ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-19 - markus@cvs.openbsd.org 2004/04/01 12:19:57Darren Tucker
[scp.c] limit trust between local and remote rcp/scp process, noticed by lcamtuf; ok deraadt@, djm@
2004-04-19 - djm@cvs.openbsd.org 2004/03/31 21:58:47Darren Tucker
[canohost.c] don't skip ip options check when UseDNS=no; ok markus@ (ID sync only)
2004-04-19 - djm@cvs.openbsd.org 2004/03/30 12:41:56Darren Tucker
[sftp-client.c] sync comment with reality
2004-04-19 - dtucker@cvs.openbsd.org 2004/03/08 10:17:12Darren Tucker
[regress/login-timeout.sh] Missing OBJ, from tim@. ok markus@ (Already fixed, ID sync only)
2004-04-19 - dtucker@cvs.openbsd.org 2004/02/29 22:04:45Darren Tucker
[regress/login-timeout.sh] Use sudo when restarting daemon during test. ok markus@
2004-04-18Add people with several and/or large contributionsDarren Tucker
2004-04-18 - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allowDamien Miller
change of user context without a password, so relax auth method restrictions; from vinschen AT redhat.com; ok dtucker@
2004-04-18update relnotes URL for releaseDamien Miller
2004-04-18 - (dtucker) [auth-pam.c] Log username and source host for failed PAMDarren Tucker
authentication attempts. With & ok djm@
2004-04-16 - (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID andTim Rice
BROKEN_SETREGID for SCO OpenServer 3
2004-04-16 - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccacheDamien Miller
file using FILE: method, fixes problems on Mac OSX. Patch from simon@sxw.org.uk; ok dtucker@
2004-04-16 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, sinceDarren Tucker
FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com
2004-04-16Typo fix in commentDarren Tucker
2004-04-14 - (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@Damien Miller
2004-04-14 - (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitlyDarren Tucker
4-arg, with compatibility for 3-arg versions. From djm@, ok me.
2004-04-14 - (dtucker) [acconfig.h configure.ac defines.h] Bug #673: check for 4-argDarren Tucker
skeychallenge(), eg on NetBSD. ok mouring@
2004-04-14 - (dtucker) [sshd_config.5] Add PermitRootLogin without-password warningDarren Tucker
from bug #701 (text from jfh at cise.ufl.edu).
2004-04-08 - (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggestedBen Lindstrom
limiting scope and dtucker@ agreed.
2004-04-08 - (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined andDarren Tucker
simplify loginrec.c. ok tim@
2004-04-08 - (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headersBen Lindstrom
back and #undef TARGET_OS_MAC instead. (Bug report pending with Apple)
2004-04-08 - (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncatingDarren Tucker
pty name on Linux 2.6.x systems. Patch from jpe at eisenmenger.org.
2004-04-07 - (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to seeBen Lindstrom
if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X) are starting to restrict it as internal since it is not needed by developers any more. (Patch based on Apple tree) - (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since krb5 on MacOS/X conflicts. There may be a better solution, but this will work for now.
2004-04-07 - (dtucker) [session.c] Flush stdout after displaying loginmsg. FromDarren Tucker
f_mohr at yahoo.de.
2004-04-06Oops, leftover from testingDarren Tucker
2004-04-06 - (dtucker) [configure.ac] Bug #816, #748 (again): Attempt to detectDarren Tucker
broken getaddrinfo and friends on HP-UX. ok djm@
2004-04-06 - (dtucker) [acconfig.h configure.ac defines.h] Bug #820: don't useDarren Tucker
updwtmpx() on IRIX since it seems to clobber utmp. ok djm@
2004-03-31 - (djm) Bug #825: Fix ip_options_check() for mapped IPv4/IPv6 connection;Damien Miller
with & ok dtucker@
2004-03-30 - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.cDarren Tucker
to reduce potential confusion with the one in sshd.c. ok djm@
2004-03-30 - (dtucker) [configure.ac] Bug #811: Use "!" for LOCKED_PASSWD_PREFIX onDarren Tucker
Linuxes, since that's what many use. ok djm@
2004-03-27 - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to preventDarren Tucker
duplicate login messages for mutli-session logins. ok djm@
2004-03-22 - (djm) Crank RPM spec versionsDamien Miller
2004-03-22 - markus@cvs.openbsd.org 2004/03/20 10:40:59Damien Miller
[version.h] 3.8.1
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 10:21:17Damien Miller
[ssh.c sshd.c] ssh, sshd: sync version output, ok djm
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 08:36:26Damien Miller
[sshd.c] trim usage; ok deraadt
2004-03-22 - markus@cvs.openbsd.org 2004/03/10 09:45:06Damien Miller
[ssh.c] trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 - markus@cvs.openbsd.org 2004/03/09 22:11:05Damien Miller
[ssh.c] increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22- (djm) [sshd.c] Drop supplemental groups if started as rootDamien Miller
2004-03-11 - (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtuckerDamien Miller
2004-03-10 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfoDarren Tucker
before redefining it, silences warnings on Tru64.
2004-03-08 - (tim) [regress/README.regress] Document ssh-rand-helper issue. ok balTim Rice
2004-03-08 - dtucker@cvs.openbsd.org 2004/03/08 10:18:57Damien Miller
[sshd_config.5] Document KerberosGetAFSToken; ok markus@
2004-03-08 - djm@cvs.openbsd.org 2004/03/08 09:38:05Damien Miller
[ssh-keyscan.c] explicitly initialise remote_major and remote_minor. from cjwatson AT debian.org; ok markus@
2004-03-08 - markus@cvs.openbsd.org 2004/03/05 10:53:58Damien Miller
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c] add IdentitiesOnly; ok djm@, pb@
2004-03-08 - djm@cvs.openbsd.org 2004/03/03 09:31:20Damien Miller
[sftp.c] Fix initialisation of progress meter; ok markus@
2004-03-08 - djm@cvs.openbsd.org 2004/03/03 09:30:42Damien Miller
[sftp-client.c] Don't print duplicate messages when progressmeter is off Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2004/03/03 06:47:52 [sshd.c] change proctiltle after accept(2); ok henning, deraadt, djm