summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2002-06-11 - markus@cvs.openbsd.org 2002/06/11 04:14:26Ben Lindstrom
[ssh.c sshconnect.c sshconnect.h] no longer use uidswap.[ch] from the ssh client run less code with euid==0 if ssh is installed setuid root just switch the euid, don't switch the complete set of groups (this is only needed by sshd). ok provos@
2002-06-11 - markus@cvs.openbsd.org 2002/06/10 22:28:41Ben Lindstrom
[channels.c channels.h session.c] move creation of agent socket to session.c; no need for uidswapping in channel.c.
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 21:21:10Ben Lindstrom
[ssh_config] update defaults for RhostsRSAAuthentication and RhostsAuthentication here too (all options commented out with default value).
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 17:45:20Ben Lindstrom
[readconf.c ssh.1] change RhostsRSAAuthentication and RhostsAuthentication default to no since ssh is no longer setuid root by default; ok markus@
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 17:36:23Ben Lindstrom
[ssh-add.1 ssh-add.c] use convtime() to parse and validate key lifetime. can now use '-t 2h' etc. ok markus@ provos@
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 16:56:30Ben Lindstrom
[ssh-keysign.8] merge in stuff from my man page; ok markus@
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 16:53:06Ben Lindstrom
[auth-rsa.c ssh-rsa.c] display minimum RSA modulus in error(); ok markus@
2002-06-11 - itojun@cvs.openbsd.org 2002/06/09 22:17:21Ben Lindstrom
[sshconnect.c] pass salen to sockaddr_ntop so that we are happy on linux/solaris
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/09 22:15:15Ben Lindstrom
[ssh.1] update for no setuid root and ssh-keysign; ok deraadt@
2002-06-11 - (bal) ssh-agent.c RCSD fix (|unexpand already done)Ben Lindstrom
2002-06-09 - (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,Ben Lindstrom
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand independant of them)
2002-06-09 - markus@cvs.openbsd.org 2002/06/09 04:33:27Ben Lindstrom
[sshconnect.c] abort() - > fatal()
2002-06-09 - itojun@cvs.openbsd.org 2002/06/08 21:15:27Ben Lindstrom
[sshconnect.c] always use getnameinfo. (diag message only)
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 12:46:14Ben Lindstrom
[readconf.c] silently ignore deprecated options, since FallBackToRsh might be passed by remote scp commands.
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 12:36:53Ben Lindstrom
[scp.c] remove FallBackToRsh
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:41:18Ben Lindstrom
[ssh_config] remove FallBackToRsh/UseRsh
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:40:01Ben Lindstrom
[readconf.c] just warn about Deprecated options for now
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:17:01Ben Lindstrom
[readconf.c readconf.h ssh.1 ssh.c] deprecate FallBackToRsh and UseRsh; patch from djm@
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:07:09Ben Lindstrom
[ssh-keysign.c] only accept 20 byte session ids
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:07:56Ben Lindstrom
[ssh.c] nuke ptrace comment
2002-06-07 - (bal) Removed --{enable/disable}-suid-sshBen Lindstrom
this was mistakenly commited with the __progname fix to ssh-keysign.
2002-06-07 - (bal) use 'LOGIN_PROGRAM' not '/usr/bin/login' in session.c patch byBen Lindstrom
Bertrand.Velle@apogee-com.fr
2002-06-07 - (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.auBen Lindstrom
2002-06-07 - (bal) Reverse logic, use __func__ first since it's C99Ben Lindstrom
2002-06-07 - (bal) ssh-keysign should build and install correctly now. Phase twoBen Lindstrom
would be to clean out any dead wood and disable ssh setuid on install.
2002-06-07 - (bal) Refixed auth2.c. It was never fully commited while spliting outBen Lindstrom
authentication to different files.
2002-06-07 - (bal) monitor_mm.c typos.Ben Lindstrom
2002-06-07- (bal) Forgot to add msg.c Makefile.in.Ben Lindstrom
2002-06-07 - (bal) Missed msg.[ch] in merge. Required for ssh-keysign.Ben Lindstrom
2002-06-06 - markus@cvs.openbsd.org 2002/06/06 17:30:11Ben Lindstrom
[sftp-server.c] use get_int() macro (hide iqueue)
2002-06-06 - markus@cvs.openbsd.org 2002/06/06 17:12:44Ben Lindstrom
[sftp-server.c] discard remaining bytes of current request; ok provos@
2002-06-06 - stevesk@cvs.openbsd.org 2002/06/06 01:09:41Ben Lindstrom
[monitor.h] no trailing comma in enum; china@thewrittenword.com
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 21:55:44Ben Lindstrom
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c] ssh-add -t life, Set lifetime (in seconds) when adding identities; ok provos@
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 20:56:39Ben Lindstrom
[ssh-add.c] add -x/-X to usage
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 19:57:12Ben Lindstrom
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c] ssh-add -x for lock and -X for unlocking the agent. todo: encrypt private keys with locked...
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 16:48:54Ben Lindstrom
[ssh-agent.c] copy current request into an extra buffer and just flush this request on errors, ok provos@
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 16:08:07Ben Lindstrom
[ssh-agent.1 ssh-agent.c] '-a bind_address' binds the agent to user-specified unix-domain socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 - markus@cvs.openbsd.org 2002/06/05 16:08:07Ben Lindstrom
[ssh-agent.1 ssh-agent.c] '-a bind_address' binds the agent to user-specified unix-domain socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 23:05:49Ben Lindstrom
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c] __FUNCTION__ -> __func__ NOTE: This includes all portable references also.
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 23:02:06Ben Lindstrom
[packet.c] remove __FUNCTION__
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 19:53:40Ben Lindstrom
[monitor.c] save the session id (hash) for ssh2 (it will be passed with the initial sign request) and verify that this value is used during authentication; ok provos@
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 19:42:35Ben Lindstrom
[monitor.c] only allow enabled authentication methods; ok provos@
2002-06-06 - deraadt@cvs.openbsd.org 2002/06/03 12:04:07Ben Lindstrom
[ssh.h] compatiblity -> compatibility decriptor -> descriptor authentciated -> authenticated transmition -> transmission
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 13:20:50Ben Lindstrom
[ssh-rsa.c] pad received signature with leading zeros, because RSA_verify expects a signature of RSA_size. the drafts says the signature is transmitted unpadded (e.g. putty does not pad), reported by anakin@pobox.com
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 13:16:48Ben Lindstrom
[key.c] add comment: key_verify returns 1 for a correct signature, 0 for an incorrect signature and -1 on error.
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 11:35:15Ben Lindstrom
[auth.h auth2.c] move Authmethod definitons to per-method file. NOTE: The rest of this patch is with the import of the auth2-*.c files.
2002-06-06 - markus@cvs.openbsd.org 2002/05/31 10:30:33Ben Lindstrom
[sshconnect2.c] extent ssh-keysign protocol: pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@
2002-06-06 - markus@cvs.openbsd.org 2002/05/30 08:07:31Ben Lindstrom
[cipher.c] use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of our own implementation. allow use of AES hardware via libcrypto, ok deraadt@
2002-06-06 - markus@cvs.openbsd.org 2002/05/29 11:21:57Ben Lindstrom
[sshd.c] don't start if privsep is enabled and SSH_PRIVSEP_USER or _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
2002-06-06 - stevesk@cvs.openbsd.org 2002/05/29 03:06:30Ben Lindstrom
[ssh.1 sshd.8] spelling