Age | Commit message (Collapse) | Author |
|
[auth2.c]
log fingerprint on successful public key authentication; ok markus@
|
|
[auth.h hostfile.c hostfile.h]
remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
|
|
[ssh-keyscan.c]
check that server supports v1 for -t rsa1, report from wirth@dfki.de
|
|
[sshd.c]
possible fd leak on error; ok markus@
|
|
[auth2.c auth2-chall.c auth.h]
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
fixes memleak.
|
|
[channels.c pathnames.h]
use only one path to X11 UNIX domain socket vs. an array of paths
to try. report from djast@cs.toronto.edu. ok markus@
|
|
server. I have found this necessary to avoid server hangs with X input
extensions (e.g. kinput2). Enable by setting the environment variable
"GNOME_SSH_ASKPASS_NOGRAB"
|
|
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
|
|
[channels.c]
disable nagle for X11 fake server and client TCPs. from netbsd.
ok markus@
|
|
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
|
|
[channels.c sshconnect.c]
shutdown(sock, SHUT_RDWR) not needed here; ok markus@
|
|
fake-regex.h
|
|
[servconf.c servconf.h sshd.8 sshd.c]
add -o to sshd, too. ok deraadt@
- (bal) Minor white space fix up in servconf.c
|
|
[compat.c match.c match.h]
make theo and djm happy: bye bye regexp
|
|
[version.h]
post 3.0.2
|
|
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
|
|
[auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
sshconnect2.c]
make it compile with more strict prototype checking
|
|
[clientloop.c serverloop.c sshd.c]
deal with LP64 printf issue with sig_atomic_t. from thorpej
|
|
[sftp-common.c]
zap };
|
|
[session.c sshd.8]
don't pass user defined variables to /usr/bin/login
|
|
[ssh.c]
sscanf() length dependencies are clearer now; can also shrink proto
and data if desired, but i have not done that. ok markus@
|
|
[auth-rsa.c]
fix protocol error: send 'failed' message instead of a 2nd challenge
(happens if the same key is in authorized_keys twice).
reported Ralf_Meister@genua.de; ok djm@
|
|
[channels.h]
remove dead function prototype; ok markus@
|
|
[clientloop.c serverloop.c sshd.c]
volatile sig_atomic_t
|
|
[ssh-keyscan.c]
don't use "\n" in fatal()
|
|
[ssh-keygen.1]
more on passphrase construction; ok markus@
|
|
[key.c]
mem leak
|
|
[deattack.c radix.c]
kill more registers
millert@ ok
|
|
[ssh-agent.1]
clarify/state that private keys are not exposed to clients using the
agent; ok markus@
|
|
[sshd.c]
fd leak on HUP; ok stevesk@
|
|
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
|
|
[ssh-keyscan.c]
handle empty lines instead of dumping core; report from sha@sha-1.net
|
|
[sshd.c]
errno saving wrapping in a signal handler
|
|
openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c]
Allow SSHD to install as service under WIndows 9x/Me
[configure.ac] Fix to allow linking against PCRE on Cygwin
Patches by Corinna Vinschen <vinschen@redhat.com>
|
|
|
|
<djast@cs.toronto.edu> Fix from markus@
|
|
|
|
[version.h]
enter 3.0.1
|
|
[servconf.c]
enable authorized_keys2 again. tested by fries@
|
|
- dugsong@cvs.openbsd.org 2001/11/11 18:47:10
[auth-krb5.c]
fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
art@, deraadt@ ok
|
|
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
|
|
Patch from Simon Wilkinson <simon@sxw.org.uk>
|
|
This should help reduce diff collisions for new server options (as they
will appear at the end)
|
|
[servconf.c]
make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.
|
|
[packet.c]
remove extra debug()
|
|
[ssh-rsa.c]
KNF (unexpand)
|
|
[sshd.c]
cleanup libwrap support (remove bogus comment, bogus close(), add debug, etc).
|
|
[sshd.c]
remove extra trailing dot from log message; pilot@naughty.monkey.org
|
|
[clientloop.c serverloop.c]
don't memset too much memory, ok millert@
original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
|
|
[auth.c]
don't print ROOT in CAPS for the authentication messages, i.e.
Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2
becomes
Accepted publickey for root from 127.0.0.1 port 42734 ssh2
|