| Age | Commit message (Collapse) | Author |
|---|
|
- (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
tree (mainly positioning)
- (bal) OpenSSH CVS Update
- markus@cvs.openbsd.org 2001/01/02 20:41:02
[packet.c]
log remote ip on disconnect; PR 1600 from jcs@rt.fm
- markus@cvs.openbsd.org 2001/01/02 20:50:56
[sshconnect.c]
strict_host_key_checking for host_status != HOST_CHANGED &&
ip_status == HOST_CHANGED
|
|
- (bal) OpenBSD CVS Update
- markus@cvs.openbsd.org 2001/01/01 14:52:49
[scp.c]
use shared fatal(); from stevesk@pobox.com
|
|
|
|
- (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS.
for multiple reasons.
|
|
- markus@cvs.openbsd.org 2000/12/29 22:19:13
[channels.c]
missing xfree; from vaughan99@yahoo.com
|
|
don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
|
|
Suggested by Christian Kurz <shorty@debain.org>
|
|
- (bal) OpenBSD CVS Update
- markus@cvs.openbsd.org 2000/12/28 18:58:30
[ssh-keygen.c]
enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
- (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
|
|
fix merge.
|
|
- markus@cvs.openbsd.org 2000/12/28 14:25:51
[auth.h auth2.c]
count authentication failures only
- markus@cvs.openbsd.org 2000/12/28 14:25:03
[sshconnect.c]
fingerprint for MITM attacks, too.
- markus@cvs.openbsd.org 2000/12/28 12:03:57
[sshd.8 sshd.c]
document -D
- markus@cvs.openbsd.org 2000/12/27 14:19:21
[serverloop.c]
less chatty
- markus@cvs.openbsd.org 2000/12/27 12:34
[auth1.c sshconnect2.c sshd.c]
typo
- markus@cvs.openbsd.org 2000/12/27 12:30:19
[readconf.c readconf.h ssh.1 sshconnect.c]
new option: HostKeyAlias: allow the user to record the host key
under a different name. This is useful for ssh tunneling over
forwarded connections or if you run multiple sshd's on different
ports on the same machine.
- markus@cvs.openbsd.org 2000/12/27 11:51:53
[ssh.1 ssh.c]
multiple -t force pty allocation, document ORIGINAL_COMMAND
- markus@cvs.openbsd.org 2000/12/27 11:41:31
[sshd.8]
update for ssh-2
|
|
- (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
Kurz <shorty@debain.org>
20001228
- (bal) SCO patch to not include <sys/queue.h> since it's unrelated
header. Patch by Tim Rice <tim@multitalents.net>
- Updated TODO w/ known HP/UX issue
- (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
bad reference to 'NeXT including it else were' on the #ifdef version.
|
|
|
|
- (bal) Patch to add libutil.h to loginrec.c only if the platform has
libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
|
|
the info in COPYING.Ylonen has been moved to the start of each
SSH1-derived file and README.Ylonen is well out of date.
|
|
systems.
- (bal) Fixed NeXT's lack of CPPFLAGS honoring.
- (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
'RLIMIT_NOFILE'
|
|
|
|
- (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Takumi Yamane <yamtak@b-session.com>
- (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
by Corinna Vinschen <vinschen@redhat.com>
|
|
- (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
if a change to config.h has occurred. Suggested by Gert Doering
<gert@greenie.muc.de>
- (bal) OpenBSD CVS Update:
- markus@cvs.openbsd.org 2000/12/22 16:49:40
[ssh-keygen.c]
fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
|
|
And I think I have all the bits right from the OpenBSD tree.
20001222
- Updated RCSID for pty.c
- (bal) OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/12/21 15:10:16
[auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
- markus@cvs.openbsd.org 2000/12/20 19:26:56
[authfile.c]
allow ssh -i userkey for root
- markus@cvs.openbsd.org 2000/12/20 19:37:21
[authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
fix prototypes; from stevesk@pobox.com
- markus@cvs.openbsd.org 2000/12/20 19:32:08
[sshd.c]
init pointer to NULL; report from Jan.Ivan@cern.ch
- markus@cvs.openbsd.org 2000/12/19 23:17:54
[auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
unsigned' with u_char.
|
|
- markus@cvs.openbsd.org 2000/12/19 15:43:45
[authfile.c channels.c sftp-server.c ssh-agent.c]
remove() -> unlink() for consistency
- markus@cvs.openbsd.org 2000/12/19 15:48:09
[ssh-keyscan.c]
replace <ssl/x.h> with <openssl/x.h>
- markus@cvs.openbsd.org 2000/12/17 02:33:40
[uidswap.c]
typo; from wsanchez@apple.com
|
|
and Linux-PAM. Based on report and fix from Andrew Morgan
<morgan@transmeta.com>
|
|
Suggested by Wilfredo Sanchez <wsanchez@apple.com>
|
|
|
|
- markus@cvs.openbsd.org 2000/12/16 02:53:57
[scp.c]
allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
- markus@cvs.openbsd.org 2000/12/16 02:39:57
[scp.c]
unused; from stevesk@pobox.com
|
|
- markus@cvs.openbsd.org 2000/01/24 22:11:20
[scp.c]
allow '.' in usernames; from jedgar@fxp.org
|
|
[kex.c kex.h sshconnect2.c sshd.c]
compute diffie-hellman in parallel between server and client. okay markus@
|
|
[scp.c]
when copying 0-sized files, do not re-print ETA time at completion
|
|
[sshd.c]
source port < 1024 is no longer required for rhosts-rsa since it
adds no additional security.
- markus@cvs.openbsd.org 2000/12/12 16:11:49
[ssh.1 ssh.c]
rhosts-rsa is no longer automagically disabled if ssh is not privileged.
UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
these changes should not change the visible default behaviour of the ssh client.
|
|
- markus@cvs.openbsd.org 2000/12/13 16:26:53
[ssh-keyscan.c]
fatal already adds \n; from stevesk@pobox.com
- markus@cvs.openbsd.org 2000/12/13 16:25:44
[ssh-agent.c]
remove redundant spaces; from stevesk@pobox.com
- ho@cvs.openbsd.org 2000/12/12 15:50:21
[pty.c]
When failing to set tty owner and mode on a read-only filesystem, don't
abort if the tty already has correct owner and reasonably sane modes.
Example; permit 'root' to login to a firewall with read-only root fs.
(markus@ ok)
- deraadt@cvs.openbsd.org 2000/12/13 06:36:05
[pty.c]
KNF
|
|
- markus@cvs.openbsd.org 2000/12/12 15:30:02
[ssh-keyscan.c ssh.c sshd.c]
consistently use __progname; from stevesk@pobox.com
|
|
from Andreas M. Kirchwitz <amk@krell.zikzak.de>
|
|
- markus@cvs.openbsd.org 2000/12/10 17:01:53
[sshconnect1.c]
always request new challenge for skey/tis-auth, fixes interop with
other implementations; report from roth@feep.net
|
|
- (bal) Applied patch to include ssh-keyscan into Redhat's package, and
patch to install ssh-keyscan manpage. Patch by Pekka Savola
<pekka@netcore.fi>
|
|
- provos@cvs.openbsd.org 2000/12/09 23:51:11
[compat.c]
remove unnecessary '\n'
|
|
- (bal) OpenBSD CVS updates
- markus@cvs.openbsd.org 2000/12/09 13:41:51
[cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
undo rijndael changes
- markus@cvs.openbsd.org 2000/12/09 13:48:31
[rijndael.c]
fix byte order bug w/o introducing new implementation
- markus@cvs.openbsd.org 2000/12/09 14:08:27
[sftp-server.c]
"" -> "." for realpath; from vinschen@redhat.com
- markus@cvs.openbsd.org 2000/12/09 14:06:54
[ssh-agent.c]
extern int optind; from stevesk@sweden.hp.com
|
|
- (bal) OpenSSH CVS updates:
- djm@cvs.openbsd.org 2000/12/07 4:24:59
[ssh.1]
Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
|
|
[rijndael.c]
unexpand(1)
- markus@cvs.openbsd.org 2000/12/06 23:05:43
[cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
new rijndael implementation. fixes endian bugs
|
|
- (bal) OpenSSH CVS updates:
- markus@cvs.openbsd.org 2000/12/06 22:58:14
[compat.c compat.h packet.c]
disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
|
|
- markus@cvs.openbsd.org 2000/12/06 19:57:48
[ssh-keyscan.c]
err(3) -> internal error(), from stevesk@sweden.hp.com
|
|
have it (used in ssh-keyscan).
|
|
- (bal) OpenSSH CVS updates:
- markus@cvs.openbsd.org 2000/12/05 20:34:09
[channels.c channels.h clientloop.c serverloop.c]
async connects for -R/-L; ok deraadt@
- todd@cvs.openssh.org 2000/12/05 16:47:28
[sshd.c]
tweak comment to reflect real location of pid file; ok provos@
|
|
|
|
- (bal) OpenSSH CVS updates:
- markus@cvs.openbsd.org 2000/12/04 19:24:02
[ssh-keyscan.c ssh-keyscan.1]
David Maziere's ssh-keyscan, ok niels@
- (bal) Updated Makefile.in to include ssh-keyscan that was just added
to the recent OpenBSD source tree.
|
|
- (bal) More C functions defined in NeXT that are unaccessable without
defining -POSIX.
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/12/03 11:29:04
[compat.c]
remove fallback to SSH_BUG_HMAC now that the drafts are updated
- markus@cvs.openbsd.org 2000/12/03 11:27:55
[compat.c]
correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
- markus@cvs.openbsd.org 2000/12/03 11:15:03
[auth2.c compat.c compat.h sshconnect2.c]
support f-secure/ssh.com 2.0.12; ok niels@
|
|
PAM authentication using KbdInteractive.
- (djm) Added another TODO
|
|
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/11/30 22:54:31
[channels.c]
debug->warn if tried to do -R style fwd w/o client requesting this;
ok neils@
- markus@cvs.openbsd.org 2000/11/29 20:39:17
[cipher.c]
des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
- markus@cvs.openbsd.org 2000/11/30 18:33:05
[ssh-agent.c]
agents must not dump core, ok niels@
- markus@cvs.openbsd.org 2000/11/30 07:04:02
[ssh.1]
T is for both protocols
- markus@cvs.openbsd.org 2000/12/01 00:00:51
[ssh.1]
typo; from green@FreeBSD.org
- markus@cvs.openbsd.org 2000/11/30 07:02:35
[ssh.c]
check -T before isatty()
- provos@cvs.openbsd.org 2000/11/29 13:51:27
[sshconnect.c]
show IP address and hostname when new key is encountered. okay markus@
- markus@cvs.openbsd.org 2000/11/30 22:53:35
[sshconnect.c]
disable agent/x11/port fwding if hostkey has changed; ok niels@
- marksu@cvs.openbsd.org 2000/11/29 21:11:59
[sshd.c]
sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
|
|
- (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
- (bal) Irix need some sort of mansubdir, patch by Michael Stone
<mstone@cs.loyola.edu>
Also removed a finished entry in TODO, and changed my address in the
CREDITS file to match my new home address.
|
|
if there are background children with open fds.
|
|
|
|
more manpage paths in fixpaths calls
- (djm) Also add xauth path at Pekka's suggestion.
|
