Damien Miller
b5fdfaae13
- stevesk@cvs.openbsd.org 2002/09/11 17:55:03
...
[ssh.1]
add agent and X11 forwarding warning text from ssh_config.5; ok markus@
2002-09-12 09:52:03 +10:00
Damien Miller
538f1819d8
- markus@cvs.openbsd.org 2002/09/10 20:24:47
...
[ssh-agent.c]
check the euid of the connecting process with getpeereid(2);
ok provos deraadt stevesk
2002-09-12 09:51:10 +10:00
Damien Miller
a10f56151b
- markus@cvs.openbsd.org 2002/09/09 14:54:15
...
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
signed vs unsigned from -pedantic; ok henning@
2002-09-12 09:49:15 +10:00
Damien Miller
25162f2518
- itojun@cvs.openbsd.org 2002/09/09 06:48:06
...
[auth1.c auth.h auth-krb5.c monitor.c monitor.h]
[monitor_wrap.c monitor_wrap.h]
kerberos support for privsep. confirmed to work by lha@stacken.kth.se
patch from markus
2002-09-12 09:47:29 +10:00
Damien Miller
4d53d39b07
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2002/09/08 20:24:08
[hostfile.h]
no comma at end of enumerator list
2002-09-12 09:43:56 +10:00
Damien Miller
71eb0c1550
- (djm) Sync openbsd-compat with OpenBSD -current
2002-09-11 10:29:11 +10:00
Damien Miller
c34e03e471
- (djm) Bug #138 : Make protocol 1 blowfish work with old OpenSSL.
...
Patch from Robert Halubek <rob@adso.com.pl>
2002-09-10 22:26:17 +10:00
Damien Miller
e9994cb4d7
- (djm) Bug #365 : Read /.ssh/environment properly under CygWin.
...
Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com>
2002-09-10 21:43:53 +10:00
Damien Miller
005d4560ed
- (djm) Add support for building gtk2 password requestor from Redhat beta
2002-09-05 16:53:20 +10:00
Damien Miller
44d5b60336
- (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from
...
Nalin Dahyabhai <nalin@redhat.com>
2002-09-05 16:46:24 +10:00
Damien Miller
539983800d
- (djm) Merge openssh-TODO.patch from Redhat (null) beta
2002-09-05 16:32:02 +10:00
Damien Miller
c13486300d
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2002/09/04 18:52:42
[servconf.c sshd.8 sshd_config.5]
default LoginGraceTime to 2m; 1m may be too short for slow systems.
ok markus@
2002-09-05 14:35:14 +10:00
Damien Miller
fc93d4bd31
- (djm) Patch from itojun@ for Darwin OS: test getaddrinfo, reorder libcrypt
2002-09-04 23:26:29 +10:00
Damien Miller
6b09792a55
- (djm) Fix Redhat RPM build dependancy test
2002-09-04 17:19:04 +10:00
Damien Miller
05913badf3
- stevesk@cvs.openbsd.org 2002/08/29 22:54:10
...
[ssh_config.5 sshd_config.5]
state XAuthLocation is a full pathname
2002-09-04 16:51:03 +10:00
Damien Miller
50b9a60082
- stevesk@cvs.openbsd.org 2002/08/29 19:49:42
...
[ssh.c]
shrink initial privilege bracket for setuid case; ok markus@
2002-09-04 16:50:06 +10:00
Damien Miller
9b1dacdf2c
- stevesk@cvs.openbsd.org 2002/08/29 16:09:02
...
[ssh_config.5]
more on UsePrivilegedPort and setuid root; ok markus@
2002-09-04 16:47:35 +10:00
Damien Miller
147bba3453
- stevesk@cvs.openbsd.org 2002/08/29 16:02:54
...
[ssh.1 ssh.c]
deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
2002-09-04 16:46:06 +10:00
Damien Miller
ebc2306629
- stevesk@cvs.openbsd.org 2002/08/29 15:57:25
...
[monitor.c session.c sshlogin.c sshlogin.h]
pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org>
NOTE: there are also p-specific parts to this patch. ok markus@
2002-09-04 16:45:09 +10:00
Damien Miller
af65304a3c
- stevesk@cvs.openbsd.org 2002/08/27 17:18:40
...
[ssh_config.5]
some warning text for ForwardAgent and ForwardX11; ok markus@
2002-09-04 16:40:37 +10:00
Damien Miller
f7c2391d83
- stevesk@cvs.openbsd.org 2002/08/27 17:13:56
...
[ssh-rsa.c]
RSA_public_decrypt() returns -1 on error so len must be signed;
ok markus@
2002-09-04 16:39:48 +10:00
Damien Miller
5a80bba86f
- markus@cvs.openbsd.org 2002/08/22 21:45:41
...
[session.c]
send signal name (not signal number) in "exit-signal" message; noticed
by galb@vandyke.com
2002-09-04 16:39:02 +10:00
Damien Miller
de6f2de8ad
- markus@cvs.openbsd.org 2002/08/22 21:33:58
...
[auth1.c auth2.c]
auth_root_allowed() is handled by the monitor in the privsep case,
so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325
2002-09-04 16:37:26 +10:00
Damien Miller
061d5b144f
- stevesk@cvs.openbsd.org 2002/08/22 20:57:19
...
[ssh-agent.c]
shutdown(SHUT_RDWR) not needed before close here; ok markus@
2002-09-04 16:33:31 +10:00
Damien Miller
066928648b
- stevesk@cvs.openbsd.org 2002/08/22 19:38:42
...
[clientloop.c]
format with current EscapeChar; bugzilla #388 from wknox@mitre.org .
ok markus@
2002-09-04 16:32:10 +10:00
Damien Miller
58f3486c74
- stevesk@cvs.openbsd.org 2002/08/22 19:27:53
...
[ssh-agent.c]
use common close function; ok markus@
2002-09-04 16:31:21 +10:00
Damien Miller
4efdfff6ba
- stevesk@cvs.openbsd.org 2002/08/21 20:10:28
...
[ssh-agent.c]
raise listen backlog; ok markus@
2002-09-04 16:28:18 +10:00
Damien Miller
f771ab75f0
- stevesk@cvs.openbsd.org 2002/08/21 19:38:06
...
[servconf.c sshd.8 sshd_config sshd_config.5]
change LoginGraceTime default to 1 minute; ok mouring@ markus@
2002-09-04 16:25:52 +10:00
Damien Miller
b83df8d505
- espie@cvs.openbsd.org 2002/08/21 11:20:59
...
[sshd.8]
`RSA' updated to refer to `public key', where it matters.
okay markus@
2002-09-04 16:24:55 +10:00
Damien Miller
6cffb9a8cd
- markus@cvs.openbsd.org 2002/08/12 10:46:35
...
[ssh-agent.c]
make ssh-agent setgid, disallow ptrace.
(note: change not yet made in Makefile)
2002-09-04 16:20:26 +10:00
Ben Lindstrom
3962119c8a
- (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign
...
it to ULONG_MAX.
2002-08-21 02:54:11 +00:00
Ben Lindstrom
479b476af6
- stevesk@cvs.openbsd.org 2002/08/17 23:55:01
...
[ssh_config.5]
ordered list here
2002-08-20 19:04:51 +00:00
Ben Lindstrom
3541f18e10
- stevesk@cvs.openbsd.org 2002/08/17 23:07:14
...
[ssh.1]
ForwardAgent has defaulted to no for over 2 years; be more clear here.
2002-08-20 19:03:20 +00:00
Ben Lindstrom
bd9bf38b00
- stevesk@cvs.openbsd.org 2002/08/12 17:30:35
...
[ssh.1 sshd.8 sshd_config.5]
more PermitUserEnvironment; ok markus@
2002-08-20 18:54:20 +00:00
Ben Lindstrom
15b6120e63
- stevesk@cvs.openbsd.org 2002/08/09 17:41:12
...
[sshd_config.5]
proxy vs. fake display
2002-08-20 18:44:24 +00:00
Ben Lindstrom
1f8cf4f4fb
- stevesk@cvs.openbsd.org 2002/08/09 17:21:42
...
[sshd_config.5]
use Op for mdoc conformance; from esr@golux.thyrsus.com
ok aaron@
2002-08-20 18:43:27 +00:00
Ben Lindstrom
d4ee3497ca
- stevesk@cvs.openbsd.org 2002/08/08 23:54:52
...
[auth.c]
typo in comment
2002-08-20 18:42:13 +00:00
Ben Lindstrom
e143f61b6f
- aaron@cvs.openbsd.org 2002/08/08 13:50:23
...
[sshconnect1.c]
Use & to test if bits are set, not &&; markus@ ok.
2002-08-20 18:41:15 +00:00
Ben Lindstrom
0deb5d958a
- markus@cvs.openbsd.org 2002/08/02 22:20:30
...
[ssh-rsa.c]
replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
for authentication; ok deraadt/djm
2002-08-20 18:40:03 +00:00
Ben Lindstrom
0e50d846b3
- markus@cvs.openbsd.org 2002/08/02 21:23:41
...
[ssh-rsa.c]
diff is u_int (2x); ok deraadt/provos
2002-08-20 18:39:14 +00:00
Ben Lindstrom
dc7adf2670
- marc@cvs.openbsd.org 2002/08/02 16:00:07
...
[ssh.1 sshd.8]
note that .ssh/environment is only read when
allowed (PermitUserEnvironment in sshd_config).
OK markus@
2002-08-20 18:38:02 +00:00
Ben Lindstrom
0a4f7542da
- millert@cvs.openbsd.org 2002/08/02 14:43:15
...
[monitor.c monitor_mm.c]
Change mm_zalloc() sanity checks to be more in line with what
we do in calloc() and add a check to monitor_mm.c.
OK provos@ and markus@
2002-08-20 18:36:25 +00:00
Tim Rice
d730b78071
[configure.ac] Display OpenSSL header/library version.
...
Patch by dtucker@zip.com.au
2002-08-13 18:52:10 -07:00
Ben Lindstrom
5d860f02ca
- markus@cvs.openbsd.org 2002/07/30 17:03:55
...
[auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
add PermitUserEnvironment (off by default!); from dot@dotat.at ;
ok provos, deraadt
2002-08-01 01:28:38 +00:00
Ben Lindstrom
4b99be899c
- markus@cvs.openbsd.org 2002/07/29 18:57:30
...
[sshconnect.c]
print file:line
2002-08-01 01:26:29 +00:00
Ben Lindstrom
8d631e8515
- mouring@cvs.openbsd.org 2002/07/25 01:16:59
...
[sftp.c]
FallBackToRsh does not exist anywhere else. Remove it from here.
OK deraadt.
2002-08-01 01:25:00 +00:00
Ben Lindstrom
3ed6640532
- markus@cvs.openbsd.org 2002/07/24 16:11:18
...
[hostfile.c hostfile.h sshconnect.c]
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
2002-08-01 01:21:56 +00:00
Ben Lindstrom
18d2b5d399
- (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
2002-07-30 19:32:07 +00:00
Kevin Steves
4bdb547ff4
- (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned
...
char arg.
2002-07-28 20:42:23 +00:00
Kevin Steves
e7dbdf7ff8
- (stevesk) [CREDITS] solar
2002-07-28 20:31:18 +00:00