summaryrefslogtreecommitdiff
path: root/sshconnect.c
AgeCommit message (Collapse)Author
2000-01-20 - Update to latest OpenBSD CVS:Damien Miller
- [auth-rsa.c] - fix user/1056, sshd keeps restrictions; dbt@meat.net - [sshconnect.c] - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - destroy keys earlier - split key exchange (kex) and user authentication (user-auth), ok: provos@ - [sshd.c] - no need for poll.h; from bright@wintelcom.net - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - split key exchange (kex) and user authentication (user-auth), ok: provos@
2000-01-19 - SCO compile fixes from Gary E. Miller <gem@rellim.com>Damien Miller
2000-01-14 - Merged OpenBSD IPv6 patch:Damien Miller
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] [scp.c packet.h packet.c login.c log.c canohost.c channels.c] [hostfile.c sshd_config] ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features: sshd allows multiple ListenAddress and Port options. note that libwrap is not IPv6-ready. (based on patches from fujiwara@rcac.tdi.co.jp) - [ssh.c canohost.c] more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, from itojun@ - [channels.c] listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) - [packet.h] allow auth-kerberos for IPv4 only - [scp.1 sshd.8 servconf.h scp.c] document -4, -6, and 'ssh -L 2022/::1/22' - [ssh.c] 'ssh @host' is illegal (null user name), from karsten@gedankenpolizei.de - [sshconnect.c] better error message - [sshd.c] allow auth-kerberos for IPv4 only - Big IPv6 merge: - Cleanup overrun in sockaddr copying on RHL 6.1 - Replacements for getaddrinfo, getnameinfo, etc based on versions from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> - Replacement for missing structures on systems that lack IPv6 - record_login needed to know about AF_INET6 addresses - Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-03 - OpenBSD CVS updatesDamien Miller
- [ssh-agent.c] cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and dgaudet@arctic.org - [sshconnect.c] compare correct version for 1.3 compat mode
1999-12-21 - OpenBSD CVS update:Damien Miller
- [sshconnect.c] say "REMOTE HOST IDENTIFICATION HAS CHANGED"
1999-12-14 - OpenBSD CVS ChangesDamien Miller
- [canohost.c] fix get_remote_port() and friends for sshd -i; Holger.Trapp@Informatik.TU-Chemnitz.DE - [mpaux.c] make code simpler. no need for memcpy. niels@ ok - [pty.c] namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org fix proto; markus - [ssh.1] typo; mark.baushke@solipsa.com - [channels.c ssh.c ssh.h sshd.c] type conflict for 'extern Type *options' in channels.c; dot@dotat.at - [sshconnect.c] move checking of hostkey into own function. - [version.h] OpenSSH-1.2.1
1999-12-07 - Merged more OpenBSD changes:Damien Miller
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] move atomicio into it's own file. wrap all socket write()s which were doing write(sock, buf, len) != len, with atomicio() calls. - [auth-skey.c] fd leak - [authfile.c] properly name fd variable - [channels.c] display great hatred towards strcpy - [pty.c pty.h sshd.c] use openpty() if it exists (it does on BSD4_4) - [tildexpand.c] check for ~ expansion past MAXPATHLEN - Modified helper.c to use new atomicio function. - Reformat Makefile a little - Moved RC4 routines from rc4.[ch] into helper.c - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
1999-12-06 - Merged OpenBSD CVS changes:Damien Miller
- [auth-krb4.c auth-passwd.c auth-skey.c ssh. move skey-auth from auth-passwd.c to auth-s - [auth-rsa.c] warn only about mismatch if key is _used_ warn about keysize-mismatch with log() not channels.c readconf.c readconf.h ssh.c ssh. ports are u_short - [hostfile.c] indent, shorter warning - [nchan.c] use error() for internal errors - [packet.c] set loglevel for SSH_MSG_DISCONNECT to log( serverloop.c indent - [ssh-add.1 ssh-add.c ssh.h] document , reasonable default - [ssh.1] CheckHostIP is not available for connects v - [sshconnect.c] typo easier to read client code for passwd and s turn of checkhostip for proxy connects, sin
1999-11-25 - More reformatting merged from OpenBSD CVSDamien Miller
- Merged OpenBSD CVS changes: - [channels.c] report from mrwizard@psu.edu via djm@ibs.com.au - [channels.c] set SO_REUSEADDR and SO_LINGER for forwarded ports. chip@valinux.com via damien@ibs.com.au - [nchan.c] it's not an error() if shutdown_write failes in nchan. - [readconf.c] remove dead #ifdef-0-code - [readconf.c servconf.c] strcasecmp instead of tolower - [scp.c] progress meter overflow fix from damien@ibs.com.au - [ssh-add.1 ssh-add.c] SSH_ASKPASS support - [ssh.1 ssh.c] postpone fork_after_authentication until command execution, request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au plus: use daemon() for backgrounding
1999-11-25 - Merged very large OpenBSD source code reformatDamien Miller
- OpenBSD CVS updates - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] [ssh.h sshd.8 sshd.c] syslog changes: * Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE messages. allows use of s/key in windows (ttssh, securecrt) and ssh-1.2.27 clients without 'ssh -v', ok: niels@ - [sshd.8] -V, for fallback to openssh in SSH2 compatibility mode - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
1999-11-21 - OpenBSD CVS ChangesDamien Miller
- [channels.c] make this compile, bad markus - [log.c readconf.c servconf.c ssh.h] bugfix: loglevels are per host in clientconfig, factor out common log-level parsing code. - [servconf.c] remove unused index (-Wall) - [ssh-agent.c] only one 'extern char *__progname' - [sshd.8] document SIGHUP, -Q to synopsis - [sshconnect.c serverloop.c sshd.c packet.c packet.h] [channels.c clientloop.c] SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ [hope this time my ISP stays alive during commit]
1999-11-19 - Merged OpenBSD CVS changesDamien Miller
- [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] more %d vs. %s in fmt-strings - [authfd.c] Integers should not be printed with %s
1999-11-18 - Merged OpenBSD CVS changesDamien Miller
- [scp.c] foregroundproc() in scp - [sshconnect.h] include fingerprint.h - [sshd.c] bugfix: the log() for passwd-auth escaped during logging changes. - Added openssh.com info to README
1999-11-17 - Merged OpenBSD CVS changesDamien Miller
- [ChangeLog.Ylonen] noone needs this anymore - [authfd.c] close-on-exec for auth-socket, ok deraadt - [hostfile.c] in known_hosts key lookup the entry for the bits does not need to match, all the information is contained in n and e. This solves the problem with buggy servers announcing the wrong modulus length. markus and me. - [serverloop.c] bugfix: check for space if child has terminated, from: iedowse@maths.tcd.ie - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] [fingerprint.c fingerprint.h] rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> - [ssh-agent.1] typo - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ - [sshd.c] force logging to stderr while loading private key file (lost while converting to new log-levels)
1999-11-16 - Merged OpenBSD CVS changes:Damien Miller
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] the keysize of rsa-parameter 'n' is passed implizit, a few more checks and warnings about 'pretended' keysizes. - [cipher.c cipher.h packet.c packet.h sshd.c] remove support for cipher RC4 - [ssh.c] a note for legay systems about secuity issues with permanently_set_uid(), the private hostkey and ptrace() - [sshconnect.c] more detailed messages about adding and checking hostkeys
1999-11-15 - Merged more OpenBSD CVS changes:Damien Miller
[auth-krb4.c] - disconnect if getpeername() fails - missing xfree(*client) [canohost.c] - disconnect if getpeername() fails - fix comment: we _do_ disconnect if ip-options are set [sshd.c] - disconnect if getpeername() fails - move checking of remote port to central place [auth-rhosts.c] move checking of remote port to central place [log-server.c] avoid extra fd per sshd, from millert@ [readconf.c] print _all_ bad config-options in ssh(1), too [readconf.h] print _all_ bad config-options in ssh(1), too [ssh.c] print _all_ bad config-options in ssh(1), too [sshconnect.c] disconnect if getpeername() fails - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
1999-11-13Remove redundant inclusion of config.hDamien Miller
1999-11-12 - Merged yet more changes from OpenBSD CVSDamien Miller
- [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] [ssh.c ssh.h sshconnect.c sshd.c] make all access to options via 'extern Options options' and 'extern ServerOptions options' respectively; options are no longer passed as arguments: * make options handling more consistent * remove #include "readconf.h" from ssh.h * readconf.h is only included if necessary - [mpaux.c] clear temp buffer - [servconf.c] print _all_ bad options found in configfile
1999-11-09 - Merged OpenBSD CVS changes:Damien Miller
- [rsa.c] bugfix: use correct size for memset() - [sshconnect.c] warn if announced size of modulus 'n' != real size
1999-11-08Merged OpenBSD CVS changes that go awayDamien Miller
1999-10-28Merged latest OpenBSD changes.Damien Miller
1999-10-28 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>Damien Miller
- Build fixes - Autoconf - Change binary names to open* - Fixed autoconf script to detect PAM on RH6.1 - Added tests for libpwdb, and OpenBSD functions to autoconf (not used yet)
1999-10-27Initial revisionDamien Miller