summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2003-12-18 - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactiveDarren Tucker
authentication. Partially fixes bug #423. Feedback & ok djm@ Some background on why this is the way it is: * Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so we must call do_pam_account() to figure out if the password is expired. * AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the authentication thread and once from the main shell child, so we cache the result, which must be passed from the authentication thread back to the monitor.
2003-12-18 - (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.Darren Tucker
2003-12-18 - (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we areBen Lindstrom
using a real 'signal()' (Noticed by a NeXT Compile)
2003-12-17 - (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645: Check forDarren Tucker
setres[ug]id() present but not implemented (eg some Linux/glibc combinations).
2003-12-17 - markus@cvs.openbsd.org 2003/12/16 15:51:54Damien Miller
[dh.c] use <= instead of < in dh_estimate; ok provos/hshoexer; do not return < DH_GRP_MIN
2003-12-17 - markus@cvs.openbsd.org 2003/12/16 15:49:51Damien Miller
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1] [ssh.c ssh_config.5] application layer keep alive (ServerAliveInterval ServerAliveCountMax) for ssh(1), similar to the sshd(8) option; ok beck@; with help from jmc and dtucker@
2003-12-17 - markus@cvs.openbsd.org 2003/12/14 12:37:21Damien Miller
[ssh_config.5] we don't support GSS KEX; from Simon Wilkinson
2003-12-17 - dtucker@cvs.openbsd.org 2003/12/09 23:45:32Damien Miller
[clientloop.c] Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 21:53:37Damien Miller
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1] [ssh_config.5 sshconnect.c sshd.c sshd_config.5] rename keepalive to tcpkeepalive; the old name causes too much confusion; ok djm, dtucker; with help from jmc@
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 17:30:05Damien Miller
[ssh.c] don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 17:29:04Damien Miller
[sshd.c] fix -o and HUP; ok henning@
2003-12-1720031217Damien Miller
- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/12/09 15:28:43 [serverloop.c] make ClientKeepAlive work for ssh -N, too (no login shell requested). 1) send a bogus channel request if we find a channel 2) send a bogus global request if we don't have a channel ok + test beck@
2003-12-10 - dtucker@cvs.openbsd.org 2003/12/09 13:52:55Darren Tucker
[moduli.c] Prevent ssh-keygen -T from outputting moduli with a generator of 0, since they can't be used for Diffie-Hellman. Assistance and ok djm@
2003-12-10 - (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.Darren Tucker
2003-12-09 - djm@cvs.openbsd.org 2003/12/07 06:34:18Darren Tucker
[moduli.c] remove unused debugging #define templates
2003-12-09 - markus@cvs.openbsd.org 2003/12/08 11:00:47Darren Tucker
[kexgexc.c] print requested group size in debug; ok djm
2003-12-09 - markus@cvs.openbsd.org 2003/12/02 17:01:15Darren Tucker
[channels.c session.c ssh-agent.c ssh.h sshd.c] use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 - markus@cvs.openbsd.org 2003/12/02 12:15:10Darren Tucker
[progressmeter.c] improvments from andreas@: * saner speed estimate for transfers that takes less than a second by rounding the time to 1 second. * when the transfer is finished calculate the actual total speed rather than the current speed which is given during the transfer
2003-12-09 - djm@cvs.openbsd.org 2003/11/26 21:44:29Darren Tucker
[cipher-aes.c] fix #ifdef before #define; ok markus@ (RCS ID sync only, Portable already had this)
2003-12-09 - matthieu@cvs.openbsd.org 2003/11/25 23:10:08Darren Tucker
[ssh-add.1] ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
2003-12-08[configure.ac] Bug 770. Fix --without-rpath.Tim Rice
2003-11-24 - (djm) Annotate OpenBSD-derived files in openbsd-compat/ with originalDamien Miller
source file path (in OpenBSD tree).
2003-11-24 - dtucker@cvs.openbsd.org 2003/11/24 00:16:35Damien Miller
[ssh.1 ssh.c] Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 - djm@cvs.openbsd.org 2003/11/23 23:18:45Damien Miller
[ssh-keygen.c] consistency PATH_MAX -> MAXPATHLEN; ok markus@ (RCS ID sync only) - djm@cvs.openbsd.org 2003/11/23 23:21:21 [scp.c] from portable: rename clashing variable limit-> limit_rate; ok markus@ (RCS ID sync only)
2003-11-24 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2003/11/23 23:17:34 [ssh-keyscan.c] from portable - use sysconf to detect fd limit; ok markus@ (tidy diff by adding SSH_SSFDMAX macro to defines.h)
2003-11-24 - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its ownDamien Miller
function and call it unconditionally
2003-11-22 - (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled codeDamien Miller
2003-11-22 - (djm) [sftp-int.c] Remove duplicated code from bogus syncDamien Miller
2003-11-22 - (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patchDamien Miller
2003-11-22 - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.Darren Tucker
Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
2003-11-22 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]Darren Tucker
Move AIX specific password authentication code to port-aix.c, call authenticate() until reenter flag is clear.
2003-11-22 - (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@Darren Tucker
2003-11-21 - djm@cvs.openbsd.org 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
2003-11-21 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/11/20 11:39:28 [progressmeter.c] fix rounding errors; from andreas@
2003-11-18 - djm@cvs.openbsd.org 2003/11/18 10:53:07Damien Miller
[monitor.c] unbreak fake authloop for non-existent users (my screwup). Spotted and tested by dtucker@; ok markus@
2003-11-18 - (djm) OpenBSD CVS SyncDamien Miller
- dtucker@cvs.openbsd.org 2003/11/18 00:40:05 [serverloop.c] Correct check for authctxt->valid. ok djm@
2003-11-18 - (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@Darren Tucker
2003-11-18 - (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,Darren Tucker
and use it for do_pam_session. Fixes problems like pam_motd not displaying anything. ok djm@
2003-11-18 - (djm) Fix early exit for root auth success when UsePAM=yes andDamien Miller
PermitRootLogin=no
2003-11-17 - markus@cvs.openbsd.org 2003/11/17 11:06:07Damien Miller
[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h sshconnect2.c ssh-gss.h] replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob.
2003-11-17 - (djm) Export environment variables from authentication subprocess toDamien Miller
parent. Part of Bug #717
2003-11-17 - (djm) Bug #632: Don't call pam_end indirectly from within kbd-intDamien Miller
conversation function
2003-11-17 - djm@cvs.openbsd.org 2003/11/17 09:45:39Damien Miller
[msg.c msg.h sshconnect2.c ssh-keysign.c] return error on msg send/receive failure (rather than fatal); ok markus@
2003-11-17 - markus@cvs.openbsd.org 2003/11/14 13:19:09Damien Miller
[sshconnect2.c] cleanup and minor fixes for the client code; from Simon Wilkinson
2003-11-17 - jmc@cvs.openbsd.org 2003/11/12 20:14:51Damien Miller
[ssh_config.5] make verb agree with subject, and kill some whitespace;
2003-11-17 - jakob@cvs.openbsd.org 2003/11/12 16:39:58Damien Miller
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c] update SSHFP validation. ok markus@
2003-11-17 - dtucker@cvs.openbsd.org 2003/11/12 10:12:15Damien Miller
[scp.c] When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
2003-11-17 - jakob@cvs.openbsd.org 2003/11/10 16:23:41Damien Miller
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c] [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c] [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h] constify. ok markus@ & djm@
2003-11-17 - jmc@cvs.openbsd.org 2003/11/08 19:17:29Damien Miller
[sftp-int.c] typos from Jonathon Gray;
2003-11-17 - jakob@cvs.openbsd.org 2003/11/08 16:02:40Damien Miller
[auth1.c] remove unused variable (pw). ok djm@ (id sync only - still used in portable)