summaryrefslogtreecommitdiff
path: root/sshd.c
AgeCommit message (Collapse)Author
2005-11-05 - dtucker@cvs.openbsd.org 2005/10/30 08:29:29Damien Miller
[canohost.c sshd.c] Check for connections with IP options earlier and drop silently. ok djm@
2005-10-03 - djm@cvs.openbsd.org 2005/09/21 23:37:11Darren Tucker
[sshd.c] change label at markus@'s request
2005-10-03 - djm@cvs.openbsd.org 2005/09/19 11:47:09Darren Tucker
[sshd.c] stop connection abort on rekey with delayed compression enabled when post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
2005-10-03 - djm@cvs.openbsd.org 2005/09/13 23:40:07Darren Tucker
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c] ensure that stdio fds are attached; ok deraadt@
2005-09-27 - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'edDarren Tucker
process when sshd relies on ssh-random-helper. Should result in faster logins on systems without a real random device or prngd. ok djm@
2005-07-26 - markus@cvs.openbsd.org 2005/07/25 11:59:40Damien Miller
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c] [sshconnect2.c sshd.c sshd_config sshd_config.5] add a new compression method that delays compression until the user has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@
2005-07-17 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]Damien Miller
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
2005-06-17 - djm@cvs.openbsd.org 2005/06/17 02:44:33Damien Miller
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] make this -Wsign-compare clean; ok avsm@ markus@ NB. auth1.c changes not committed yet (conflicts with uncommitted sync) NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 - markus@cvs.openbsd.org 2005/06/16 08:00:00Damien Miller
[canohost.c channels.c sshd.c] don't exit if getpeername fails for forwarded ports; bugzilla #1054; ok djm
2005-05-26 - djm@cvs.openbsd.org 2005/04/06 09:43:59Damien Miller
[sshd.c] avoid harmless logspam by not performing setsockopt() on non-socket; ok markus@
2005-03-31 - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug inDarren Tucker
handling of password expiry messages returned by AIX's authentication routines, originally reported by robvdwal at sara.nl.
2005-03-06 - (dtucker) [session.c sshd.c] Bug #125 comment #49: Send disconnect auditDarren Tucker
events earlier, prevents mm_request_send errors reported by Matt Goebel.
2005-02-09 - dtucker@cvs.openbsd.org 2005/02/08 22:24:57Darren Tucker
[sshd.c] Provide reason in error message if getnameinfo fails; ok markus@
2005-02-08 - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.cDarren Tucker
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit defines and enums with SSH_ to prevent namespace collisions on some platforms (eg AIX).
2005-02-03 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.cDarren Tucker
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: (first stage) Add audit instrumentation to sshd, currently disabled by default. with suggestions from and djm@
2005-02-02 - (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to childDarren Tucker
the process. Since we also unset KRB5CCNAME at startup, if it's set after authentication it must have been set by the platform's native auth system. This was already done for AIX; this enables it for the general case.
2005-01-24 - otto@cvs.openbsd.org 2005/01/21 08:32:02Darren Tucker
[auth-passwd.c sshd.c] Warn in advance for password and account expiry; initialize loginmsg buffer earlier and clear it after privsep fork. ok and help dtucker@ markus@
2005-01-20 - dtucker@cvs.openbsd.org 2005/01/17 22:48:39Darren Tucker
[sshd.c] Make debugging output continue after reexec; ok djm@
2005-01-20 - djm@cvs.openbsd.org 2004/12/23 23:11:00Darren Tucker
[servconf.c servconf.h sshd.c sshd_config sshd_config.5] bz #898: support AddressFamily in sshd_config. from peak@argo.troja.mff.cuni.cz; ok deraadt@
2004-11-05 - djm@cvs.openbsd.org 2004/09/25 03:45:14Darren Tucker
[sshd.c] these printf args are no longer double; ok deraadt@ markus@
2004-11-05 - mickey@cvs.openbsd.org 2004/09/15 18:42:27Darren Tucker
[sshd.c] use less doubles in daemons; markus@ ok
2004-09-12 - (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocolDamien Miller
banner. Suggested by deraadt@, ok mouring@, dtucker@
2004-08-29 - djm@cvs.openbsd.org 2004/08/28 01:01:48Darren Tucker
[sshd.c] don't erroneously close stdin for !reexec case, from Dave Johnson; ok markus@
2004-08-12 - (dtucker) [sshd.c] Clear loginmsg in postauth monitor, prevents doublingDarren Tucker
messages generated before the postauth privsep split.
2004-08-12 - dtucker@cvs.openbsd.org 2004/08/11 11:50:09Darren Tucker
[sshd.c] Don't try to close startup_pipe if it's not open; ok djm@
2004-08-12 - markus@cvs.openbsd.org 2004/07/28 08:56:22Darren Tucker
[sshd.c] call setsid() _before_ re-exec
2004-08-12 - (dtucker) [sshd.c] Remove duplicate variable imported during sync.Darren Tucker
2004-07-17 - dtucker@cvs.openbsd.org 2004/07/17 05:31:41Darren Tucker
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c] Move "Last logged in at.." message generation to the monitor, right before recording the new login. Fixes missing lastlog message when /var/log/lastlog is not world-readable and incorrect datestamp when multiple sessions are used (bz #463); much assistance & ok markus@
2004-07-17 - deraadt@cvs.openbsd.org 2004/07/11 17:48:47Darren Tucker
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h sshd.c ttymodes.h] spaces
2004-07-17 - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.cDarren Tucker
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-06-30 - avsm@cvs.openbsd.org 2004/06/26 20:07:16Damien Miller
[sshd.c] initialise some fd variables to -1, djm@ ok
2004-06-26 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2004/06/25 18:43:36 [sshd.c] fix broken fd handling in the re-exec fallback path, particularly when /dev/crypto is in use; ok deraadt@ markus@
2004-06-25 - (dtucker) [sshd.c] add line missing from reexec sync.Darren Tucker
2004-06-25 - djm@cvs.openbsd.org 2004/06/25 01:16:09Darren Tucker
[sshd.c] only perform tcp wrappers checks when the incoming connection is on a socket. silences useless warnings from regress tests that use proxycommand="sshd -i". prompted by david@ ok markus@
2004-06-25 - djm@cvs.openbsd.org 2004/06/24 19:30:54Darren Tucker
[servconf.c servconf.h sshd.c] re-exec sshd on accept(); initial work, final debugging and ok markus@
2004-06-15 - djm@cvs.openbsd.org 2004/06/14 01:44:39Damien Miller
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c] [sshd.c] set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
2004-06-15 - djm@cvs.openbsd.org 2004/06/13 12:53:24Damien Miller
[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h] [ssh-keyscan.c sshconnect2.c sshd.c] implement diffie-hellman-group14-sha1 kex method (trivial extension to existing diffie-hellman-group1-sha1); ok markus@
2004-05-24 - (dtucker) [sshd.c] Fix typo in comment.Darren Tucker
2004-05-13 - djm@cvs.openbsd.org 2004/05/09 01:19:28Darren Tucker
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c sshd.c] removed: mpaux.c mpaux.h kill some more tiny files; ok deraadt@
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 10:21:17Damien Miller
[ssh.c sshd.c] ssh, sshd: sync version output, ok djm
2004-03-22 - markus@cvs.openbsd.org 2004/03/11 08:36:26Damien Miller
[sshd.c] trim usage; ok deraadt
2004-03-22- (djm) [sshd.c] Drop supplemental groups if started as rootDamien Miller
2004-03-08 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2004/03/03 06:47:52 [sshd.c] change proctiltle after accept(2); ok henning, deraadt, djm
2004-03-08 - (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.hDarren Tucker
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being inherited by the child. ok djm@
2004-03-08 - (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on someDarren Tucker
platforms (eg SCO, HP-UX) with logging in the wrong TZ.
2004-02-29 - djm@cvs.openbsd.org 2004/02/25 00:22:45Darren Tucker
[sshd.c] typo in comment
2004-02-24 - markus@cvs.openbsd.org 2004/02/23 12:02:33Darren Tucker
[sshd.c] backout revision 1.279; set listen socket to non-block; ok henning.
2004-02-06 - dtucker@cvs.openbsd.org 2004/02/05 05:37:17Darren Tucker
[monitor.c sshd.c] Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
2004-02-06 - (dtucker) [sshd.c] Bug #757: Clear child's environment to preventDarren Tucker
accidentally inheriting from root's environment. ok djm@
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 21:53:37Damien Miller
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1] [ssh_config.5 sshconnect.c sshd.c sshd_config.5] rename keepalive to tcpkeepalive; the old name causes too much confusion; ok djm, dtucker; with help from jmc@