summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-01-13 - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. NoDarren Tucker
functional changes. This is in preparation for a change to catch the authentication thread exitting unexpectedly, to split functional and cosmetic changes.
2004-01-09 - (dtucker) [configure.ac] Remove extra (typo) comma.Darren Tucker
2004-01-08 - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h andDarren Tucker
only define if not already. From des at freebsd.org.
2004-01-05 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]Darren Tucker
Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
2004-01-05 - (dtucker) [contrib/ssh-copy-id] Bug #781: exit if ssh fails. Patch fromDarren Tucker
cjwatson at debian.org.
2004-01-02 - (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report fromDamien Miller
jakob@
2004-01-02 - (djm) OSX/Darwin put the PAM headers in a different place, detect this.Damien Miller
Report from jakob@
2004-01-02 - (djm) Remove useless DNS support configure summary message. from jakob@Damien Miller
2004-01-02 - (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report fromDamien Miller
jakob@
2003-12-31 - (dtucker) [configure.ac] Only test setresuid and setresgid if they exist.Darren Tucker
2003-12-31 - dtucker@cvs.openbsd.org 2003/12/31 00:24:50Darren Tucker
[auth2-passwd.c] Ignore password change request during password auth (which we currently don't support) and discard proposed new password. corrections/ok markus@
2003-12-31 - millert@cvs.openbsd.org 2003/12/29 16:39:50Darren Tucker
[sshd_config] KeepAlive has been obsoleted, use TCPKeepAlive instead; markus@ OK
2003-12-31 - jakob@cvs.openbsd.org 2003/12/23 16:12:10Darren Tucker
[servconf.c servconf.h session.c sshd_config] implement KerberosGetAFSToken server option. ok markus@, beck@
2003-12-31 - markus@cvs.openbsd.org 2003/12/22 20:29:55Darren Tucker
[cipher-3des1.c] EVP_CIPHER_CTX_cleanup() for the des contexts; pruiksma@freesurf.fr
2003-12-31 - djm@cvs.openbsd.org 2003/12/22 09:16:58Darren Tucker
[moduli.c ssh-keygen.1 ssh-keygen.c] tidy up moduli generation debugging, add -v (verbose/debug) option to ssh-keygen; ok markus@
2003-12-19 - (dtucker) [defines.h] Bug #458: Define SIZE_T_MAX as UINT_MAX if weDarren Tucker
typedef size_t ourselves.
2003-12-18Enable commented-out "if (compat20)" test. (Should not have been committed.)Darren Tucker
2003-12-18 - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactiveDarren Tucker
authentication. Partially fixes bug #423. Feedback & ok djm@ Some background on why this is the way it is: * Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so we must call do_pam_account() to figure out if the password is expired. * AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the authentication thread and once from the main shell child, so we cache the result, which must be passed from the authentication thread back to the monitor.
2003-12-18 - (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.Darren Tucker
2003-12-18 - (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we areBen Lindstrom
using a real 'signal()' (Noticed by a NeXT Compile)
2003-12-17 - (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645: Check forDarren Tucker
setres[ug]id() present but not implemented (eg some Linux/glibc combinations).
2003-12-17 - markus@cvs.openbsd.org 2003/12/16 15:51:54Damien Miller
[dh.c] use <= instead of < in dh_estimate; ok provos/hshoexer; do not return < DH_GRP_MIN
2003-12-17 - markus@cvs.openbsd.org 2003/12/16 15:49:51Damien Miller
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1] [ssh.c ssh_config.5] application layer keep alive (ServerAliveInterval ServerAliveCountMax) for ssh(1), similar to the sshd(8) option; ok beck@; with help from jmc and dtucker@
2003-12-17 - markus@cvs.openbsd.org 2003/12/14 12:37:21Damien Miller
[ssh_config.5] we don't support GSS KEX; from Simon Wilkinson
2003-12-17 - dtucker@cvs.openbsd.org 2003/12/09 23:45:32Damien Miller
[clientloop.c] Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 21:53:37Damien Miller
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1] [ssh_config.5 sshconnect.c sshd.c sshd_config.5] rename keepalive to tcpkeepalive; the old name causes too much confusion; ok djm, dtucker; with help from jmc@
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 17:30:05Damien Miller
[ssh.c] don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 17:29:04Damien Miller
[sshd.c] fix -o and HUP; ok henning@
2003-12-1720031217Damien Miller
- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/12/09 15:28:43 [serverloop.c] make ClientKeepAlive work for ssh -N, too (no login shell requested). 1) send a bogus channel request if we find a channel 2) send a bogus global request if we don't have a channel ok + test beck@
2003-12-10 - dtucker@cvs.openbsd.org 2003/12/09 13:52:55Darren Tucker
[moduli.c] Prevent ssh-keygen -T from outputting moduli with a generator of 0, since they can't be used for Diffie-Hellman. Assistance and ok djm@
2003-12-10 - (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.Darren Tucker
2003-12-09 - djm@cvs.openbsd.org 2003/12/07 06:34:18Darren Tucker
[moduli.c] remove unused debugging #define templates
2003-12-09 - markus@cvs.openbsd.org 2003/12/08 11:00:47Darren Tucker
[kexgexc.c] print requested group size in debug; ok djm
2003-12-09 - markus@cvs.openbsd.org 2003/12/02 17:01:15Darren Tucker
[channels.c session.c ssh-agent.c ssh.h sshd.c] use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 - markus@cvs.openbsd.org 2003/12/02 12:15:10Darren Tucker
[progressmeter.c] improvments from andreas@: * saner speed estimate for transfers that takes less than a second by rounding the time to 1 second. * when the transfer is finished calculate the actual total speed rather than the current speed which is given during the transfer
2003-12-09 - djm@cvs.openbsd.org 2003/11/26 21:44:29Darren Tucker
[cipher-aes.c] fix #ifdef before #define; ok markus@ (RCS ID sync only, Portable already had this)
2003-12-09 - matthieu@cvs.openbsd.org 2003/11/25 23:10:08Darren Tucker
[ssh-add.1] ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
2003-12-08[configure.ac] Bug 770. Fix --without-rpath.Tim Rice
2003-11-24 - (djm) Annotate OpenBSD-derived files in openbsd-compat/ with originalDamien Miller
source file path (in OpenBSD tree).
2003-11-24 - dtucker@cvs.openbsd.org 2003/11/24 00:16:35Damien Miller
[ssh.1 ssh.c] Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 - djm@cvs.openbsd.org 2003/11/23 23:18:45Damien Miller
[ssh-keygen.c] consistency PATH_MAX -> MAXPATHLEN; ok markus@ (RCS ID sync only) - djm@cvs.openbsd.org 2003/11/23 23:21:21 [scp.c] from portable: rename clashing variable limit-> limit_rate; ok markus@ (RCS ID sync only)
2003-11-24 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2003/11/23 23:17:34 [ssh-keyscan.c] from portable - use sysconf to detect fd limit; ok markus@ (tidy diff by adding SSH_SSFDMAX macro to defines.h)
2003-11-24 - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its ownDamien Miller
function and call it unconditionally
2003-11-22 - (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled codeDamien Miller
2003-11-22 - (djm) [sftp-int.c] Remove duplicated code from bogus syncDamien Miller
2003-11-22sync whitespace - no code changeDamien Miller
2003-11-22 - (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patchDamien Miller
2003-11-22Minor sync w/OpenBSDDarren Tucker
2003-11-22 - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.Darren Tucker
Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
2003-11-22 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]Darren Tucker
Move AIX specific password authentication code to port-aix.c, call authenticate() until reenter flag is clear.