andre
2ff7b5d028
Added new login recording code
...
Added test program for login code (make logintest)
2000-06-03 14:57:40 +00:00
Damien Miller
fda78d9bd0
- HPUX and Configure fixes from Lutz Jaenicke
...
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- Use mkinstalldirs script to make directories instead of non-portable
"install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-20 15:33:44 +10:00
Damien Miller
615f939ebb
- Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
...
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
2000-05-17 22:53:33 +10:00
Damien Miller
dcb6ecd1b3
- OpenBSD CVS update:
...
- markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
draft-ietf-secsh-architecture-05.txt
[ssh.1]
document ssh -T -N (ssh2 only)
[channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
enable nonblocking IO for sshd w/ proto 1, too; split out common code
[aux.c]
missing include
2000-05-17 22:34:22 +10:00
Damien Miller
8d1fd57a97
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
...
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Fixes erroneous printing of debug messages to syslog
- Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
optionally run 'ent' to measure command entropy
2000-05-17 21:34:07 +10:00
Damien Miller
95fe91bd84
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
...
<misiek@pld.org.pl>
2000-05-13 12:31:22 +10:00
Damien Miller
16e519cb9c
- Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
2000-05-09 14:28:55 +10:00
Damien Miller
58e579bcd9
- Generate DSA host keys during "make key" or RPM installs
2000-05-08 00:05:31 +10:00
Damien Miller
e247cc402b
- Remove references to SSLeay.
...
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 12:03:14 +10:00
Damien Miller
0437b33e54
- Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
...
gathering commands from a text file
2000-05-02 09:56:41 +10:00
Damien Miller
eba71bab9b
- Merge big update to OpenSSH-2.0 from OpenBSD CVS
...
[README.openssh2]
- interop w/ F-secure windows client
- sync documentation
- ssh_host_dsa_key not ssh_dsa_key
[auth-rsa.c]
- missing fclose
[auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
[readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
[sshd.c uuencode.c uuencode.h authfile.h]
- add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
for trading keys with the real and the original SSH, directly from the
people who invented the SSH protocol.
[auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
[sshconnect1.c sshconnect2.c]
- split auth/sshconnect in one file per protocol version
[sshconnect2.c]
- remove debug
[uuencode.c]
- add trailing =
[version.h]
- OpenSSH-2.0
[ssh-keygen.1 ssh-keygen.c]
- add -R flag: exit code indicates if RSA is alive
[sshd.c]
- remove unused
silent if -Q is specified
[ssh.h]
- host key becomes /etc/ssh_host_dsa_key
[readconf.c servconf.c ]
- ssh/sshd default to proto 1 and 2
[uuencode.c]
- remove debug
[auth2.c ssh-keygen.c sshconnect2.c sshd.c]
- xfree DSA blobs
[auth2.c serverloop.c session.c]
- cleanup logging for sshd/2, respect PasswordAuth no
[sshconnect2.c]
- less debug, respect .ssh/config
[README.openssh2 channels.c channels.h]
- clientloop.c session.c ssh.c
- support for x11-fwding, client+server
2000-04-29 23:57:08 +10:00
Damien Miller
74a333bbe1
- Generate manpages before make install not at the end of make all
...
- Don't seed the rng quite so often
- Always reseed rng when requested
2000-04-04 15:04:09 +10:00
Damien Miller
33b13568b5
- OpenBSD CVS update:
...
- [packet.h packet.c]
ssh2 packet format
- [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
[channels.h channels.c]
channel layer support for ssh2
- [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
DSA, keyexchange, algorithm agreement for ssh2
2000-04-04 14:38:59 +10:00
Damien Miller
040f3831fc
- Wrote entropy collection routines for systems that lack /dev/random
...
and EGD
2000-04-03 14:50:43 +10:00
Damien Miller
b38eff8e4f
- Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
...
- [auth.c session.c sshd.c auth.h]
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
- [bufaux.c bufaux.h]
support ssh2 bignums
- [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
[readconf.c ssh.c ssh.h serverloop.c]
replace big switch() with function tables (prepare for ssh2)
- [ssh2.h]
ssh2 message type codes
- [sshd.8]
reorder Xr to avoid cutting
- [serverloop.c]
close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
- [channels.c]
missing close
allow bigger packets
- [cipher.c cipher.h]
support ssh2 ciphers
- [compress.c]
cleanup, less code
- [dispatch.c dispatch.h]
function tables for different message types
- [log-server.c]
do not log() if debuggin to stderr
rename a cpp symbol, to avoid param.h collision
- [mpaux.c]
KNF
- [nchan.c]
sync w/ channels.c
2000-04-01 11:09:21 +10:00
Damien Miller
450a7a1ff4
- OpenBSD CVS update
...
- [auth-krb4.c]
-Wall
- [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
[match.h ssh.c ssh.h sshconnect.c sshd.c]
initial support for DSA keys. ok deraadt@, niels@
- [cipher.c cipher.h]
remove unused cipher_attack_detected code
- [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Fix some formatting problems I missed before.
- [ssh.1 sshd.8]
fix spelling errors, From: FreeBSD
- [ssh.c]
switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
2000-03-26 13:04:51 +10:00
Damien Miller
2c9279fa66
- Better tests for OpenSSL w/ RSAref
...
- Added replacement setenv() function from OpenBSD libc. Suggested by
Ben Lindstrom <mouring@pconline.com>
2000-03-26 12:12:34 +10:00
Damien Miller
166bd448c9
- Propogate LD through to Makefile
2000-03-16 10:48:25 +11:00
Damien Miller
8b1c22b775
- Created contrib/ subdirectory. Included helpers from Phil Hands'
...
Debian package, README file and chroot patch from Ricardo Cerqueira
<rmcc@clix.pt>
- Moved gnome-ssh-askpass.c to contrib directory and reomved config
option.
- Slight cleanup to doc files
2000-03-15 12:13:01 +11:00
Damien Miller
4095f894dc
- Added "make host-key" target, Suggestion from Dominik Brettnacher
...
<domi@saargate.de>
2000-03-03 22:13:52 +11:00
Damien Miller
f07390e90d
- Seed OpenSSL's random number generator before generating RSA keypairs
...
- Split random collector into seperate file
2000-01-29 20:40:22 +11:00
Damien Miller
3aa0fa4c7a
ssh should be setuid
2000-01-27 14:15:48 +11:00
Damien Miller
7d7c60d6e7
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
...
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
2000-01-26 14:37:48 +11:00
Damien Miller
6d84493c8b
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
...
<jmknoble@pobox.com>
2000-01-26 12:17:50 +11:00
Damien Miller
670a4b8554
- Merge preformatted manpage patch from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-01-22 13:53:11 +11:00
Damien Miller
886c63a2c5
- Big manpage and config file cleanup from Andre Lucas
...
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
2000-01-20 23:13:36 +11:00
Damien Miller
ca673b3d03
- Makefile fix from Gary E. Miller <gem@rellim.com>
2000-01-18 09:01:27 +11:00
Damien Miller
b13c73e385
- Substitute PID directory in sshd.8. Suggestion from Andrew
...
Stribblehill <a.d.stribblehill@durham.ac.uk>
2000-01-17 22:02:17 +11:00
Damien Miller
34132e54cb
- Merged OpenBSD IPv6 patch:
...
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
[scp.c packet.h packet.c login.c log.c canohost.c channels.c]
[hostfile.c sshd_config]
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
features: sshd allows multiple ListenAddress and Port options. note
that libwrap is not IPv6-ready. (based on patches from
fujiwara@rcac.tdi.co.jp )
- [ssh.c canohost.c]
more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
from itojun@
- [channels.c]
listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
- [packet.h]
allow auth-kerberos for IPv4 only
- [scp.1 sshd.8 servconf.h scp.c]
document -4, -6, and 'ssh -L 2022/::1/22'
- [ssh.c]
'ssh @host' is illegal (null user name), from
karsten@gedankenpolizei.de
- [sshconnect.c]
better error message
- [sshd.c]
allow auth-kerberos for IPv4 only
- Big IPv6 merge:
- Cleanup overrun in sockaddr copying on RHL 6.1
- Replacements for getaddrinfo, getnameinfo, etc based on versions
from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
- Replacement for missing structures on systems that lack IPv6
- record_login needed to know about AF_INET6 addresses
- Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
Damien Miller
105b7f073a
- Better KrbIV / AFS detection, based on patch from:
...
Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-07 08:45:55 +11:00
Damien Miller
645c598d3c
- Add explicit make rules for files proccessed by fixpaths.
...
- Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
<tnh@kondara.org>
2000-01-03 14:42:09 +11:00
Damien Miller
8beab01b49
- Run fixpaths before install. (Andre Lucas)
2000-01-02 11:52:49 +11:00
Damien Miller
e72b7af17e
- Removed most of the pam code into its own file auth-pam.[ch]. This
...
cleaned up sshd.c up significantly.
- Several other cleanups
1999-12-30 15:08:44 +11:00
Damien Miller
58ca7d8503
- Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
...
- Minor Makefile cleaning
1999-12-29 19:56:30 +11:00
Damien Miller
e79334a2b0
- Autodetect perl, patch from David Rankin
...
<drankin@bohemians.lexington.ky.us>
1999-12-29 10:03:37 +11:00
Damien Miller
beb4ba5a68
- Portability fixes for Irix 5.3 (now compiles OK!)
...
- autoconf and other misc cleanups
1999-12-28 15:09:35 +11:00
Damien Miller
c0d7390398
- Automatically correct paths in manpages and configuration files. Patch
...
and script from Andre Lucas <andre.lucas@dial.pipex.com>
- Removed credits from README to CREDITS file, updated.
1999-12-27 09:23:58 +11:00
Damien Miller
3688440c4d
- Revised RPM package to include Jim Knoble's <jmknoble@pobox.com>
...
X11 ssh-askpass program.
- Revised RPM package to use conditional building of gnome and X11
askpass packages.
1999-12-26 12:26:21 +11:00
Damien Miller
32b3cf2c96
19991226
...
- Enabled utmpx support by default for Solaris
- Cleanup sshd.c PAM a little more
19991225
- Merged fixes from Ben Taylor <bent@clark.net>
- Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
- Disabled logging of PAM password authentication failures when password
is empty. (e.g start of authentication loop). Reported by Naz
<96na@eng.cam.ac.uk>)
1999-12-26 10:21:48 +11:00
Damien Miller
18ccf85863
- Makefile changes for Solaris from Peter Kocks
...
<peter.kocks@baygate.com>
1999-12-16 13:06:18 +11:00
Damien Miller
11ba8d4e12
Make break
1999-12-15 16:42:45 +11:00
Damien Miller
36b339a906
- Clean up broken includes in pty.c
1999-12-14 10:54:47 +11:00
Damien Miller
c6b3bbe2b9
- Fix compilation on systems with AFS. Reported by
...
aloomis@glue.umd.edu
- Fix installation on Solaris. Reported by
Gordon Rowell <gordonr@gormand.com.au>
- Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com ,
patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
- Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
- Compile fix from David Agraz <dagraz@jahoopa.com>
- Avoid compiler warning in bsd-snprintf.c
- Added pam_limits.so to default PAM config. Suggested by
Jim Knoble <jmknoble@pobox.com>
1999-12-13 08:27:33 +11:00
Damien Miller
d7f6615e78
- Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
...
to fix libwrap support on NetBSD
1999-12-09 10:48:58 +11:00
Damien Miller
bf1c9b2012
- Import of patch from Ben Taylor <bent@clark.net>:
...
- Improved PAM support
- "uninstall" rule for Makefile
- utmpx support
- Should fix PAM problems on Solaris
1999-12-09 10:16:54 +11:00
Damien Miller
037a0dc083
- Merged more OpenBSD changes:
...
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
move atomicio into it's own file. wrap all socket write()s which
were doing write(sock, buf, len) != len, with atomicio() calls.
- [auth-skey.c]
fd leak
- [authfile.c]
properly name fd variable
- [channels.c]
display great hatred towards strcpy
- [pty.c pty.h sshd.c]
use openpty() if it exists (it does on BSD4_4)
- [tildexpand.c]
check for ~ expansion past MAXPATHLEN
- Modified helper.c to use new atomicio function.
- Reformat Makefile a little
- Moved RC4 routines from rc4.[ch] into helper.c
- Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
1999-12-07 15:38:31 +11:00
Damien Miller
3bc14dde05
Fixed default SSH_ASKPASS
1999-12-07 14:54:53 +11:00
Damien Miller
1f7833deba
Fix symlinks on Solaris
1999-11-30 09:47:52 +11:00
Damien Miller
42b81ffe7d
- Add definition for __P()
...
- Added [v]snprintf() replacement for systems that lack it
1999-11-26 12:21:24 +11:00
Damien Miller
f066d6e5b0
install fix
1999-11-25 13:40:22 +11:00