Age | Commit message (Collapse) | Author |
|
- markus@cvs.openbsd.org 2004/08/16 08:17:01
[version.h]
3.9
|
|
|
|
to convince Solaris PAM to honour password complexity rules. ok djm@
|
|
|
|
|
|
openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-misc.c
openbsd-compat/bsd-misc.h openbsd-compat/openbsd-compat.h] Use smarter
closefrom() replacement from sudo; ok dtucker@
|
|
it does the right thing on all platforms. ok djm@
|
|
Plug AIX login recording into login_write so logins will be recorded for
all auth types.
|
|
prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@
|
|
Explicitly set umask for mkstemp; ok djm@
|
|
[servconf.c]
Fix line numbers off-by-one in error messages, from tortay at cc.in2p3.fr
ok markus@, djm@
|
|
[monitor_fdpass.c]
extra check for no message case; ok markus, deraadt, hshoexer, henning
|
|
[ssh-keygen.1]
kill whitespace at eol;
|
|
[ssh-keygen.1 ssh.1]
improve SSHFP documentation; ok deraadt@
|
|
[sshlogin.c]
typo in error message, spotted by moritz AT jodeit.org (Id sync only)
|
|
[authfd.c scp.c ssh-keyscan.c]
use atomicio instead of homegrown equivalents or read/write.
markus@ ok
|
|
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
some signed/unsigned int comparison cleanups; markus@ ok
|
|
redhat.com
|
|
messages generated before the postauth privsep split.
|
|
[sshlogin.c]
make store_lastlog_message() static to appease -Wall; ok markus
|
|
[sshlogin.c]
check that lseek went were we told it to; ok markus@
(Id sync only, but similar changes are needed in loginrec.c)
|
|
[sshd.c]
Don't try to close startup_pipe if it's not open; ok djm@
|
|
[servconf.c]
Fix minor leak; "looks right" deraadt@
|
|
[dh.c]
return group14 when no primes found - fixes hang on empty /etc/moduli;
ok markus@
|
|
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
sshconnect1.c]
more s/illegal/invalid/
|
|
[sshd.c]
call setsid() _before_ re-exec
|
|
|
|
[canohost.c]
bz#902: cache remote port so we don't fatal() in auth_log when remote
connection goes away quickly. from peak AT argo.troja.mff.cuni.cz;
ok markus@
|
|
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
|
|
[gss-serv-krb5.c]
fix function declaration
|
|
[auth1.c auth2.c]
bz#899: Don't display invalid usernames in setproctitle
|
|
- markus@cvs.openbsd.org 2004/07/21 08:56:12
[auth.c]
s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
miod, ...
|
|
that sshd is fixed to behave better; suggested by tim
|
|
peak AT argo.troja.mff.cuni.cz
|
|
to syslog; from peak AT argo.troja.mff.cuni.cz
|
|
Report by rac AT tenzing.org
|
|
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
|
|
ok dtucker@
|
|
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
Move "Last logged in at.." message generation to the monitor, right
before recording the new login. Fixes missing lastlog message when
/var/log/lastlog is not world-readable and incorrect datestamp when
multiple sessions are used (bz #463); much assistance & ok markus@
|
|
[ssh-keyscan.1]
Fix incorrect macro, .I -> .Em
From: Eric S. Raymond <esr at thyrsus dot com>
ok jmc@
|
|
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
|
|
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
|
|
the monitor to properly clean up the PAM thread (Debian bug #252676).
|
|
vinschen AT redhat.com
|
|
[scp.c]
Prevent scp from skipping the file following a double-error.
bz #863, ok markus@
|
|
[monitor_wrap.c]
Put s/key functions inside #ifdef SKEY same as monitor.c,
from des@freebsd via bz #330, ok markus@
|
|
[sshlogin.c] (RCSID sync only, the corresponding code is not in Portable)
Use '\0' not 0 for string; ok djm@, deraadt@
|
|
strube at physik3.gwdg.de a long time ago.
|
|
the same version. Handle the case where someone uses --with-privsep-user=
and the user name does not match the group name. ok dtucker@
|
|
to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@
|