Age | Commit message (Collapse) | Author |
|
[channels.c nchan.c]
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
|
[channels.c]
merge channel_pre_open_15/channel_pre_open_20; ok provos@
|
|
[ssh-keygen.c]
append \n only for public keys
|
|
[ssh.1 sshd.8]
some missing and misplaced periods
|
|
[channels.c]
fix hanging x11 channels for rejected cookies (e.g. XAUTHORITY=/dev/null xbiff)
bug #36, based on patch from djast@cs.toronto.edu
|
|
[servconf.c sshd.8]
protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and
/etc/ssh_host_dsa_key like we have in sshd_config. ok markus@
|
|
[readconf.c servconf.c]
remove #ifdef _PATH_XAUTH/#endif; ok markus@
|
|
[ssh_config]
grammar in comment
|
|
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
|
|
[ssh.1 sshd.8]
document LogLevel DEBUG[123]; ok markus@
|
|
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
|
|
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
|
|
[bufaux.c bufaux.h packet.c]
buffer_get_bignum: int -> void
|
|
[auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
packet_get_bignum* no longer returns a size
|
|
- markus@cvs.openbsd.org 2001/12/28 12:14:27
[auth1.c auth2.c auth2-chall.c auth-rsa.c channels.c clientloop.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
s/packet_done/packet_check_eom/ (end-of-message); ok djm@
with 47 more patchsets to go, I am not going to back out all the files for
the sake of a commit message...
|
|
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
|
|
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
|
|
[auth1.c auth.h auth-rh-rsa.c]
auth_rhosts_rsa now accept generic keys.
|
|
[dh.c kexdh.c kexgex.c]
always use BN_clear_free instead of BN_free
|
|
[authfile.c]
missing include
|
|
[sshd.8]
clarify -p; ok markus@
|
|
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
call fatal() for openssl allocation failures
|
|
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
|
|
[auth1.c]
be more carefull on allocation
|
|
[key.c]
be more careful on allocation
|
|
[ssh-add.c]
try all listed keys.. how did this get broken?
(oops - that was me)
|
|
[serverloop.c]
remove ifdef for USE_PIPES since fdin != fdout; ok djm@
|
|
[ssh-add.1 ssh-add.c]
Try all standard key files (id_rsa, id_dsa, identity) when invoked with
no arguments; ok markus@
|
|
[readpass.c]
Avoid interruptable passphrase read; ok markus@
|
|
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
|
|
- Add OpenSSL sanity check: verify that header version matches version
reported by library
|
|
|
|
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
|
|
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf
- Always seed from system calls, even when doing PRNGd seeding
- Tidy and comment #define knobs
- Remove unused facility for multiple runs through command list
- KNF, cleanup, update copyright
|
|
|
|
not depend on transition links. from Lutz Jaenicke.
|
|
fixed env var size limit in the process. Report from Corinna Vinschen
<vinschen@redhat.com>
|
|
for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
|
|
|
|
|
|
Roger Cornelius <rac@tenzing.org>
|
|
|
|
|
|
<vinschen@redhat.com>
|
|
<vinschen@redhat.com> Could be abused to guess valid usernames
|
|
make programs.
|
|
portable lib and __progname support for ssh-rand-helper; ok djm@
|
|
was not being maintained.
|
|
solar@openwall.com
- (djm) Rework entropy code. If the OpenSSL PRNG is has not been
internally seeded, execute a subprogram "ssh-rand-helper" to obtain
some entropy for us. Rewrite the old in-process entropy collecter as
an example ssh-rand-helper.
- (djm) Always perform ssh_prng_cmds path lookups in configure, even if
we don't end up using ssh_prng_cmds (so we always get a valid file)
|
|
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net; ok markus@
|