Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
broken makefile
|
|
- (djm) Sync openbsd-compat with -current libc
|
|
|
|
|
|
pulls in modern socket prototypes and eliminates a number of compiler
warnings. see xopen_networking(7).
|
|
|
|
- djm@cvs.openbsd.org 2001/06/27 13:23:30
typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@
|
|
existing primes->moduli if it exists.
|
|
|
|
PAM kbdint code. Based on fix from Matthew Melvin
<matthewm@webcentral.com.au>
|
|
|
|
Solaris
|
|
|
|
[ttymodes.c]
passing modes works fine: debug2->3
|
|
[sshconnect2.c]
oops, missing format string
|
|
[readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
switch to readpassphrase(3)
2.7/8-stable needs readpassphrase.[ch] from libc
|
|
[auth-options.c match.c match.h]
move ip+hostname check to match.c
|
|
[sshconnect1.c]
consistent with ssh2: skip key if empty passphrase is entered,
retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
|
|
[sshd.c]
pidfile/sigterm race; bbraun@synack.net
|
|
[sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
kill whitespace at EOL.
|
|
[ssh-keygen.c]
fix import for (broken?) ssh.com/f-secure private keys
(i tested > 1000 RSA keys)
|
|
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
|
|
[ssh-keygen.c]
try to decode ssh-3.0.0 private rsa keys
(allow migration to openssh, not vice versa), #910
|
|
[sftp.1 sftp-server.8 ssh-keygen.1]
ok, tmac is now fixed
|
|
[key.c]
handle sigature of size 0 (some broken clients send this).
|
|
[auth2.c auth-rh-rsa.c]
restore correct ignore_user_known_hosts logic.
|
|
[sshd.8]
draft-ietf-secsh-dh-group-exchange-01.txt
|
|
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
get rid of known_hosts2, use it for hostkey lookup, but do not
modify.
|
|
[sftp.1 sftp-server.8 ssh-keygen.1]
join .%A entries; most by bk@rt.fm
|
|
[auth2.c auth.c auth.h auth-rh-rsa.c]
*known_hosts2 is obsolete for hostbased authentication and
only used for backward compat. merge ssh1/2 hostkey check
and move it to auth.c
|
|
[scp.c]
slightly better care
|
|
[ssh.c]
don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
|
|
[sftp-server.c]
allow long usernames/groups in readdir
|
|
[dh.c]
increase linebuffer to deal with larger moduli; use rewind instead of
close/open
|
|
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
ssh-keygen.1]
merge authorized_keys2 into authorized_keys.
authorized_keys2 is used for backward compat.
(just append authorized_keys2 to authorized_keys).
|
|
[sshd.8]
document /etc/moduli
|
|
[dh.c pathnames.h]
use /etc/moduli instead of /etc/primes, okay markus@
|
|
[ssh.1 sshd.8 ssh-keyscan.1]
o) .Sh AUTHOR -> .Sh AUTHORS;
o) remove unnecessary .Pp;
o) better -mdoc style;
o) typo;
o) sort SEE ALSO;
aaron@ ok
|
|
[session.c]
don't reset forced_command (we allow multiple login shells in
ssh2); dwd@bell-labs.com
|
|
|
|
[channels.c channels.h clientloop.c packet.c serverloop.c]
move from channel_stop_listening to channel_free_all,
call channel_free_all before calling waitpid() in serverloop.
fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
|
|
[session.c]
allocate and free at the same level.
|
|
[session.c sshd.8]
disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
|
|
[session.c]
cleanup forced command handling, from dwd@bell-labs.com
|
|
[misc.c]
copy pw_expire and pw_change, too.
|
|
[scp.c]
no stdio or exit() in signal handlers.
|