summaryrefslogtreecommitdiff
path: root/monitor.c
AgeCommit message (Collapse)Author
2003-05-14 - markus@cvs.openbsd.org 2003/05/14 02:15:47Damien Miller
[auth2.c monitor.c sshconnect2.c auth2-krb5.c] implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@ server interops with commercial client; ok jakob@ djm@
2003-05-14 - (djm) RCSID sync w/ OpenBSDDamien Miller
2003-05-10 - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge withDamien Miller
proper challenge-response module
2003-04-29 - (djm) Add back radix.o (used by AFS support), after it went missing fromDamien Miller
Makefile many moons ago - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer - (djm) Fix blibpath specification for AIX/gcc - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
2003-04-09*** empty log message ***Damien Miller
2003-04-09 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/04/02 09:48:07 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] reapply rekeying chage, tested by henning@, ok djm@
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:10:23Damien Miller
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] rekeying bugfixes and automatic rekeying: * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying - markus@cvs.openbsd.org 2003/04/01 10:22:21 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] backout rekeying changes (for 3.6.1)
2003-03-24 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/03/23 19:02:00 [monitor.c] unbreak rekeying for privsep; ok millert@
2003-03-10- (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/03/05 22:33:43 [channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c] [sftp-server.c ssh-add.c sshconnect2.c] fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
2003-02-24 - markus@cvs.openbsd.org 2003/02/16 17:30:33Damien Miller
[monitor.c monitor_wrap.c] fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@
2003-02-24 - markus@cvs.openbsd.org 2003/02/04 09:33:22Damien Miller
[monitor.c monitor_wrap.c] skey/bsdauth: use 0 to indicate failure instead of -1, because the buffer API only supports unsigned ints.
2002-11-09 - markus@cvs.openbsd.org 2002/11/05 19:45:20Ben Lindstrom
[monitor.c] handle overflows for size_t larger than u_int; siw@goneko.de, bug #425
2002-09-27 - markus@cvs.openbsd.org 2002/09/26 11:38:43Damien Miller
[auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h] krb4 + privsep; ok dugsong@, deraadt@
2002-09-25 - markus@cvs.openbsd.org 2002/09/24 08:46:04Damien Miller
[monitor.c] only call kerberos code for authctxt->valid
2002-09-25 - markus@cvs.openbsd.org 2002/09/23 22:11:05Damien Miller
[monitor.c] only call auth_krb5 if kerberos is enabled; ok deraadt@
2002-09-12 - markus@cvs.openbsd.org 2002/09/09 14:54:15Damien Miller
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c] signed vs unsigned from -pedantic; ok henning@
2002-09-12 - itojun@cvs.openbsd.org 2002/09/09 06:48:06Damien Miller
[auth1.c auth.h auth-krb5.c monitor.c monitor.h] [monitor_wrap.c monitor_wrap.h] kerberos support for privsep. confirmed to work by lha@stacken.kth.se patch from markus
2002-09-04 - stevesk@cvs.openbsd.org 2002/08/29 15:57:25Damien Miller
[monitor.c session.c sshlogin.c sshlogin.h] pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org> NOTE: there are also p-specific parts to this patch. ok markus@
2002-08-20 - millert@cvs.openbsd.org 2002/08/02 14:43:15Ben Lindstrom
[monitor.c monitor_mm.c] Change mm_zalloc() sanity checks to be more in line with what we do in calloc() and add a check to monitor_mm.c. OK provos@ and markus@
2002-07-23 - stevesk@cvs.openbsd.org 2002/07/22 17:32:56Ben Lindstrom
[monitor.c] u_int here; ok provos@
2002-07-04 - deraadt@cvs.openbsd.org 2002/06/27 10:35:47Ben Lindstrom
[auth2-none.c monitor.c sftp-client.c] use xfree()
2002-07-04 - deraadt@cvs.openbsd.org 2002/06/27 09:08:00Ben Lindstrom
[monitor.c] improve mm_zalloc check; markus ok
2002-06-27 - deraadt@cvs.openbsd.org 2002/06/26 14:49:36Ben Lindstrom
[monitor.c] correct %u
2002-06-26 - deraadt@cvs.openbsd.org 2002/06/26 13:20:57Damien Miller
[monitor.c] be careful in mm_zalloc
2002-06-25 - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAMKevin Steves
2002-06-23 - stevesk@cvs.openbsd.org 2002/06/22 23:09:51Ben Lindstrom
[monitor.c] save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@
2002-06-21 - djm@cvs.openbsd.org 2002/06/21 05:50:51Damien Miller
[monitor.c] Don't initialise compression buffers when compression=no in sshd_config; ok Niels@
2002-06-21 - markus@cvs.openbsd.org 2002/06/19 18:01:00Ben Lindstrom
[cipher.c monitor.c monitor_wrap.c packet.c packet.h] make the monitor sync the transfer ssh1 session key; transfer keycontext only for RC4 (this is still depends on EVP implementation details and is broken).
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 23:05:49Ben Lindstrom
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c] __FUNCTION__ -> __func__ NOTE: This includes all portable references also.
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 19:53:40Ben Lindstrom
[monitor.c] save the session id (hash) for ssh2 (it will be passed with the initial sign request) and verify that this value is used during authentication; ok provos@
2002-06-06 - markus@cvs.openbsd.org 2002/06/04 19:42:35Ben Lindstrom
[monitor.c] only allow enabled authentication methods; ok provos@
2002-05-15 - mouring@cvs.openbsd.org 2002/05/15 15:47:49Ben Lindstrom
[kex.c monitor.c monitor_wrap.c sshd.c] 'monitor' variable clashes with at least one lame platform (NeXT). i Renamed to 'pmonitor'. provos@ - (bal) Fixed up PAM case. I think.
2002-05-13 - (djm) Bug #231: UsePrivilegeSeparation turns off Banner.Damien Miller
2002-05-08 - (djm) Unbreak PAM auth for protocol 1. Report from Pekka SavolaDamien Miller
<pekkas@netcore.fi>
2002-04-23 - (djm) Make privsep work with PAM (still experimental)Damien Miller
2002-04-10 - (stevesk) [configure.ac monitor.c] HAVE_SOCKETPAIRKevin Steves
2002-04-02 - markus@cvs.openbsd.org 2002/03/30 18:51:15Ben Lindstrom
[monitor.c serverloop.c sftp-int.c sftp.c sshd.c] check waitpid for EINTR; based on patch from peter@ifm.liu.se
2002-04-01 - (stevesk) [monitor.c] PAM should work again; will *not* work withKevin Steves
UsePrivilegeSeparation=yes.
2002-03-27 - mouring@cvs.openbsd.org 2002/03/27 11:45:42Ben Lindstrom
[monitor.c] monitor_allowed_key() returns int instead of pointer. ok markus@
2002-03-26 - stevesk@cvs.openbsd.org 2002/03/24 23:20:00Ben Lindstrom
[monitor.c] remove "\n" from fatal()
2002-03-22 - (stevesk) [monitor.c monitor_wrap.c] #ifdef HAVE_PW_CLASS_IN_PASSWDKevin Steves
2002-03-22 - provos@cvs.openbsd.org 2002/03/18 17:50:31Ben Lindstrom
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-03-13revert more of my stupidityDamien Miller
2002-03-13Import of Niels Provos' 20020312 ssh-complete.diffDamien Miller
PAM, Cygwin and OSF SIA will not work for sure