summaryrefslogtreecommitdiff
path: root/compat.c
AgeCommit message (Collapse)Author
2008-11-03 - markus@cvs.openbsd.org 2008/09/11 14:22:37Damien Miller
[compat.c compat.h nchan.c ssh.c] only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
2007-01-05 - djm@cvs.openbsd.org 2006/12/12 03:58:42Damien Miller
[channels.c compat.c compat.h] bz #1019: some ssh.com versions apparently can't cope with the remote port forwarding bind_address being a hostname, so send them an address for cases where they are not explicitly specified (wildcard or localhost bind). reported by daveroth AT acm.org; ok dtucker@ deraadt@
2006-08-05 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42Damien Miller
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything *except* removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17Damien Miller
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c] [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c] [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c] [sshconnect1.c sshd.c xmalloc.c] move #include <stdlib.h> out of includes.h
2006-07-24 - stevesk@cvs.openbsd.org 2006/07/22 20:48:23Damien Miller
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] move #include <string.h> out of includes.h
2006-03-26 - djm@cvs.openbsd.org 2006/03/25 13:17:03Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
2005-03-01 - djm@cvs.openbsd.org 2005/03/01 10:09:52Damien Miller
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h] [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5] [sshd_config.5] bz#413: allow optional specification of bind address for port forwardings. Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports.
2003-11-03 - markus@cvs.openbsd.org 2003/11/02 11:01:03Darren Tucker
[auth2-gss.c compat.c compat.h sshconnect2.c] remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
2003-09-02 - markus@cvs.openbsd.org 2003/08/29 10:03:15Damien Miller
[compat.c compat.h] SSH_BUG_K5USER is unused; ok henning@
2003-08-26 - markus@cvs.openbsd.org 2003/08/22 10:56:09Darren Tucker
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.
2003-05-14 - (djm) RCSID sync w/ OpenBSDDamien Miller
2003-04-09*** empty log message ***Damien Miller
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:31:26Damien Miller
[compat.c compat.h kex.c] bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; tested by ho@ and myself
2002-09-30 - (djm) OpenBSD CVS SyncDamien Miller
- mickey@cvs.openbsd.org 2002/09/27 10:42:09 [compat.c compat.h sshd.c] add a generic match for a prober, such as sie big brother; idea from stevesk@; markus@ ok
2002-09-22 - (djm) OpenBSD CVS SyncDamien Miller
- stevesk@cvs.openbsd.org 2002/09/19 14:53:14 [compat.c]
2002-04-10 - markus@cvs.openbsd.org 2002/04/10 08:21:47Ben Lindstrom
[auth1.c compat.c compat.h] strip '@' from username only for KerbV and known broken clients, bug #204 Don't mind me.. I just commited a changelog with no patch. <sigh>
2002-03-26 - markus@cvs.openbsd.org 2002/03/25 21:13:51Ben Lindstrom
[channels.c channels.h compat.c compat.h nchan.c] don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
2002-03-07 - markus@cvs.openbsd.org 2002/03/06 00:24:39Damien Miller
[compat.c] compat.c
2002-03-07 - markus@cvs.openbsd.org 2002/03/06 00:23:27Damien Miller
[compat.c dh.c] undo
2002-03-07 - OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2002/03/06 00:20:54 [compat.c dh.c] compat.c
2002-01-22 - markus@cvs.openbsd.org 2002/01/21 22:30:12Damien Miller
[cipher.c compat.c myproposal.h] remove "rijndael-*", just use "aes-" since this how rijndael is called in the drafts; ok stevesk@
2002-01-22 - markus@cvs.openbsd.org 2002/01/13 17:57:37Damien Miller
[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c] use buffer API and avoid static strings of fixed size; ok provos@/mouring@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - markus@cvs.openbsd.org 2001/12/05 16:54:51Ben Lindstrom
[compat.c match.c match.h] make theo and djm happy: bye bye regexp
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
2001-09-20 - markus@cvs.openbsd.org 2001/09/20 13:50:40Ben Lindstrom
[compat.c compat.h ssh.c] bug compat: request a dummy channel for -N (no shell) sessions + cleanup; vinschen@redhat.com
2001-09-18 - markus@cvs.openbsd.org 2001/09/17 21:09:47Ben Lindstrom
[compat.c] more versions suffering the SSH_BUG_DEBUG bug; 3.0.x reported by dbutts@maddog.storability.com
2001-07-04 - markus@cvs.openbsd.org 2001/06/25 08:25:41Ben Lindstrom
[channels.c channels.h cipher.c clientloop.c compat.c compat.h hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] update copyright for 2001
2001-04-30 - markus@cvs.openbsd.org 2001/04/30 16:02:49Ben Lindstrom
[compat.c] ssh-2.0.10 has the weak-key-bug, too.
2001-04-30 - markus@cvs.openbsd.org 2001/04/30 15:50:46Ben Lindstrom
[compat.c compat.h kex.c] allow interop with weaker key generation used by ssh-2.0.x, x < 10
2001-04-29 - markus@cvs.openbsd.org 2001/04/29 19:16:52Ben Lindstrom
[channels.c clientloop.c compat.c compat.h serverloop.c] more ssh.com-2.0.x bug-compat; from per@appgate.com
2001-04-19 - markus@cvs.openbsd.org 2001/04/18 23:43:26Ben Lindstrom
[auth2.c compat.c sshconnect2.c] more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now (however the 2.1.0 server seems to work only if debug is enabled...)
2001-04-12 - markus@cvs.openbsd.org 2001/04/12 19:15:26Ben Lindstrom
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 11:09:17Ben Lindstrom
[clientloop.c compat.c compat.h] add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:00:06Ben Lindstrom
[compat.c] 2.3.x does old GEX, too; report jakob@
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 15:50:55Ben Lindstrom
[compat.c] f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
2001-03-29 - provos@cvs.openbsd.org 2001/03/27 17:46:50Ben Lindstrom
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@
2001-03-29 - markus@cvs.openbsd.org 2001/03/27 10:57:00Ben Lindstrom
[compat.c compat.h ssh-rsa.c] some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 signatures in SSH protocol 2, ok djm@
2001-03-24 - djm@cvs.openbsd.org 2001/03/23 11:04:07Ben Lindstrom
[compat.c compat.h sshconnect2.c sshd.c] Compat for OpenSSH with broken Rijndael/AES. ok markus@
2001-03-19 - deraadt@cvs.openbsd.org 2001/03/18 23:30:55Damien Miller
[compat.c compat.h sshd.c] specifically version match on ssh scanners. do not log scan information to the console
2001-03-17 - tim@mindrot.org 2001/03/17 18:45:25 [compat.c]Tim Rice
openbsd-compat/fake-regex.h
2001-03-10 - deraadt@cvs.openbsd.org 2001/03/10 15:31:00Ben Lindstrom
[compat.c compat.h sshconnect.c] all known netscreen ssh versions, and older versions of OSU ssh cannot handle password padding (newer OSU is fixed)
2001-03-09 - markus@cvs.openbsd.org 2001/03/08 21:42:33Ben Lindstrom
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c] implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key -> no need to do enter passphrase or do expensive sign operations if the server does not accept key).
2001-03-05 - markus@cvs.openbsd.org 2001/02/27 11:00:11Ben Lindstrom
[compat.c] support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
2001-02-19 - OpenBSD CVS Sync:Damien Miller
- reinhard@cvs.openbsd.org 2001/02/17 08:24:40 [sftp.1] typo - deraadt@cvs.openbsd.org 2001/02/17 16:28:58 [ssh.c] cleanup -V output; noted by millert - deraadt@cvs.openbsd.org 2001/02/17 16:48:48 [sshd.8] it's the OpenSSH one - markus@cvs.openbsd.org 2001/02/18 11:33:54 [dispatch.c] typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi - markus@cvs.openbsd.org 2001/02/19 02:53:32 [compat.c compat.h serverloop.c] ssh-1.2.{18-22} has broken handling of ignore messages; report from itojun@ - markus@cvs.openbsd.org 2001/02/19 03:35:23 [version.h] OpenSSH_2.5.1 adds bug compat with 1.2.{18-22} - deraadt@cvs.openbsd.org 2001/02/19 03:36:25 [scp.c] np is changed by recursion; vinschen@redhat.com
2001-02-16#error no longer required, dealt with in configure.in now.Ben Lindstrom
2001-02-11 - (stevesk) compat.c: more friendly cpp errorKevin Steves
2001-02-05RCSIDKevin Steves
2001-01-22Hopefully things did not get mixed around too much. It compiles underBen Lindstrom
Linux and works. So that is at least a good sign. =) 20010122 - (bal) OpenBSD Resync - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus [servconf.c ssh.h sshd.c] only auth-chall.c needs #ifdef SKEY - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c packet.c pathname.h readconf.c scp.c servconf.c serverloop.c session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h ssh1.h sshconnect1.c sshd.c ttymodes.c] move ssh1 definitions to ssh1.h, pathnames to pathnames.h - markus@cvs.openbsd.org 2001/01/19 16:48:14 [sshd.8] fix typo; from stevesk@ - markus@cvs.openbsd.org 2001/01/19 16:50:58 [ssh-dss.c] clear and free digest, make consistent with other code (use dlen); from stevesk@ - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus [auth-options.c auth-options.h auth-rsa.c auth2.c] pass the filename to auth_parse_options() - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 [readconf.c] fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 [sshconnect2.c] dh_new_group() does not return NULL. ok markus@ - markus@cvs.openbsd.org 2001/01/20 21:33:42 [ssh-add.c] do not loop forever if askpass does not exist; from andrew@pimlott.ne.mediaone.net - djm@cvs.openbsd.org 2001/01/20 23:00:56 [servconf.c] Check for NULL return from strdelim; ok markus - djm@cvs.openbsd.org 2001/01/20 23:02:07 [readconf.c] KNF; ok markus - jakob@cvs.openbsd.org 2001/01/21 9:00:33 [ssh-keygen.1] remove -R flag; ok markus@ - markus@cvs.openbsd.org 2001/01/21 19:05:40 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c cipher.c cli.c clientloop.c clientloop.h compat.c compress.c deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c key.c key.h log-client.c log-server.c log.c log.h login.c login.h match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h ttysmodes.c uidswap.c xmalloc.c] split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch] - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve conflict when compiling for non-kerb install - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes on 1/19.