Tim Rice
aa5383243d
- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal
2004-03-08 12:12:18 -08:00
Damien Miller
8448e66770
- dtucker@cvs.openbsd.org 2004/03/08 10:18:57
...
[sshd_config.5]
Document KerberosGetAFSToken; ok markus@
2004-03-08 23:13:15 +11:00
Damien Miller
3b51301a4b
- djm@cvs.openbsd.org 2004/03/08 09:38:05
...
[ssh-keyscan.c]
explicitly initialise remote_major and remote_minor.
from cjwatson AT debian.org; ok markus@
2004-03-08 23:13:00 +11:00
Damien Miller
bd394c329b
- markus@cvs.openbsd.org 2004/03/05 10:53:58
...
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
2004-03-08 23:12:36 +11:00
Damien Miller
c0f27d8782
- djm@cvs.openbsd.org 2004/03/03 09:31:20
...
[sftp.c]
Fix initialisation of progress meter; ok markus@
2004-03-08 23:12:19 +11:00
Damien Miller
9ba3069a8b
- djm@cvs.openbsd.org 2004/03/03 09:30:42
...
[sftp-client.c]
Don't print duplicate messages when progressmeter is off
Spotted by job317 AT mailvault.com; ok markus@
2004-03-08 23:12:02 +11:00
Damien Miller
57aae982be
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2004/03/03 06:47:52
[sshd.c]
change proctiltle after accept(2); ok henning, deraadt, djm
2004-03-08 23:11:25 +11:00
Darren Tucker
dbf7a74ee5
- (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
...
monitor_wrap.h] Bug #808 : Ensure force_pwchange is correctly initialized
even if keyboard-interactive is not used by the client. Prevents segfaults
in some cases where the user's password is expired (note this is not
considered a security exposure). ok djm@
2004-03-08 23:04:06 +11:00
Darren Tucker
86c093d289
- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
...
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being
inherited by the child. ok djm@
2004-03-08 22:59:03 +11:00
Darren Tucker
112aaac0ce
- (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some
...
platforms (eg SCO, HP-UX) with logging in the wrong TZ.
2004-03-08 22:13:12 +11:00
Tim Rice
f45eff21dc
- (tim) [regress/login-timeout.sh] fix building outside of source tree.
2004-03-07 10:40:01 -08:00
Darren Tucker
91bf45c597
- (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.h
...
openbsd-compat/xcrypt.c] Bug #802 : Fix build error on Tru64 when
configured --with-osfsia. ok djm@
2004-03-04 22:59:36 +11:00
Darren Tucker
b9b6021667
- (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,
...
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 20:03:54 +11:00
Darren Tucker
4b385d4bc0
- (dtucker) [auth-pam.c] Don't try to export PAM when compiled with
...
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
2004-03-04 19:54:10 +11:00
Darren Tucker
6e26bf15ee
wrong year
2004-03-04 19:47:29 +11:00
Damien Miller
6c4914afcc
- (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agent
...
ok dtucker
2004-03-03 11:08:59 +11:00
Tim Rice
ad4a188e46
- (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188
2004-02-29 15:53:37 -08:00
Darren Tucker
b099d855d3
- (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if we
...
built with openssl < 0.9.7)
2004-02-29 21:30:05 +11:00
Darren Tucker
9468ba33a1
- dtucker@cvs.openbsd.org 2004/02/28 13:44:45
...
[regress/try-ciphers.sh]
Test acss too; ok markus@
2004-02-29 20:38:26 +11:00
Darren Tucker
68b184c75d
- dtucker@cvs.openbsd.org 2004/02/28 12:16:57
...
[regress/dynamic-forward.sh]
Make dynamic-forward understand nc's new output. ok markus@
2004-02-29 20:37:06 +11:00
Darren Tucker
437a5f035b
- markus@cvs.openbsd.org 2004/02/24 17:06:52
...
[regress/ssh-com-client.sh regress/ssh-com-keygen.sh
regress/ssh-com-sftp.sh regress/ssh-com.sh]
test against recent ssh.com releases
2004-02-29 20:33:51 +11:00
Darren Tucker
03c907a22b
- markus@cvs.openbsd.org 2004/02/24 16:56:30
...
[regress/test-exec.sh]
allow arguments in ${TEST_SSH_XXX}
2004-02-29 20:31:08 +11:00
Darren Tucker
017fd61a92
- dtucker@cvs.openbsd.org 2004/02/17 08:23:20
...
[regress/Makefile regress/login-timeout.sh]
Add regression test for LoginGraceTime; ok markus@
2004-02-29 20:30:17 +11:00
Darren Tucker
effc84ce5b
- dtucker@cvs.openbsd.org 2004/02/27 22:49:27
...
[dh.c]
Reset bit counter at the right time, fixes debug output in the case where
the DH group is rejected. ok markus@
2004-02-29 20:15:08 +11:00
Darren Tucker
c56c7ef592
- dtucker@cvs.openbsd.org 2004/02/27 22:44:56
...
[dh.c]
Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone
ever uses one. ok markus@
2004-02-29 20:13:34 +11:00
Darren Tucker
fc113c97a3
- dtucker@cvs.openbsd.org 2004/02/27 22:42:47
...
[dh.c]
Prevent sshd from sending DH groups with a primitive generator of zero or
one, even if they are listed in /etc/moduli. ok markus@
2004-02-29 20:12:33 +11:00
Darren Tucker
d592048c36
- djm@cvs.openbsd.org 2004/02/25 00:22:45
...
[sshd.c]
typo in comment
2004-02-29 20:11:30 +11:00
Ben Lindstrom
78ffe26501
- (bal) KNF our sshlogin.c even if the code looks nothing like upstream
...
code due to diversity issues.
2004-02-27 03:01:19 +00:00
Damien Miller
124055dd3b
- (djm) Don't specify path to PAM modules in Redhat sshd.pam; from Fedora
2004-02-25 10:57:45 +11:00
Damien Miller
d891395a09
- (djm) Trim ChangeLog
2004-02-25 10:56:31 +11:00
Damien Miller
3342470472
- (djm) Release 3.8p1
2004-02-24 17:13:28 +11:00
Tim Rice
e8c898a54f
[configure.ac] SCO3 needs -lcrypt_i for -lprot
2004-02-23 21:47:04 -08:00
Darren Tucker
149543e56d
- (dtucker) {README.platform] Add platform-specific notes.
2004-02-24 16:14:41 +11:00
Darren Tucker
5ce131f2b6
- (dtucker) [README] Add pointer to release notes. ok djm@
2004-02-24 16:13:24 +11:00
Damien Miller
9fc475f0c3
- (djm) Crank RPM spec versions
2004-02-24 16:00:02 +11:00
Tim Rice
18959006c0
[openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy. ok djm@
2004-02-23 20:51:06 -08:00
Darren Tucker
2359aa985d
- (dtucker) [uidswap.c] Minor KNF. ok djm@
2004-02-24 13:17:30 +11:00
Damien Miller
a811d9a9a1
- (djm) [groupaccess.c uidswap.c] Bug #787 : Size group arrays at runtime
...
using sysconf() if available Based on patches from
holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
2004-02-24 13:05:11 +11:00
Darren Tucker
8a4e4f8779
Add missing ok
2004-02-24 10:58:10 +11:00
Darren Tucker
0d27ed1c19
- (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found
...
with krb5-config, hunt down gssapi.h and friends. Based partially on patch
from deengert at anl.gov.
For the MIT Kerberos bug against krb5-config related to this see:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=2240
2004-02-24 10:37:33 +11:00
Darren Tucker
a6ea420c38
- markus@cvs.openbsd.org 2004/02/23 15:16:46
...
[version.h]
enter 3.8
2004-02-24 09:24:01 +11:00
Darren Tucker
0acc92a93c
- markus@cvs.openbsd.org 2004/02/23 15:12:46
...
[bufaux.c]
encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka
and drop support for negative BNs; ok otto@
2004-02-24 09:21:41 +11:00
Darren Tucker
efa3706f05
- markus@cvs.openbsd.org 2004/02/23 12:02:33
...
[sshd.c]
backout revision 1.279; set listen socket to non-block; ok henning.
2004-02-24 09:20:29 +11:00
Darren Tucker
37bd3663bf
- markus@cvs.openbsd.org 2004/02/19 21:15:04
...
[sftp-server.c]
switch to new license.template
2004-02-24 09:19:15 +11:00
Darren Tucker
1825f26d21
- (dtucker) [session.c] Bug #789 : Only make setcred call for !privsep in the
...
non-interactive path. ok djm@
2004-02-24 00:01:27 +11:00
Darren Tucker
e828d0c75b
Add missed ChangeLog entries for previous commits...
2004-02-22 11:55:07 +11:00
Darren Tucker
31e0e8b997
- (dtucker) [configure.ac] Apply krb5-config --libs fix to non-gssapi path
...
too.
2004-02-22 11:37:48 +11:00
Darren Tucker
b4dc6c23a5
- (dtucker) [auth-passwd.c] Only check password expiry once. Prevents
...
multiple warnings if a wrong password is entered.
2004-02-22 10:23:35 +11:00
Darren Tucker
aa0aecad99
- (dtucker) [auth-shadow.c auth.h] Provide warnings of impending account or
...
password expiry. ok djm@
2004-02-22 10:22:05 +11:00
Darren Tucker
15ee748f28
- (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
...
to auth-shadow.c, no functional change. ok djm@
2004-02-22 09:43:15 +11:00