Commit Graph

4389 Commits

Author SHA1 Message Date
Damien Miller
4bbacb706b - djm@cvs.openbsd.org 2005/10/30 04:01:03
[ssh-keyscan.c]
     make ssh-keygen discard junk from server before SSH- ident, spotted by
     dave AT cirt.net; ok dtucker@
2005-11-05 15:12:28 +11:00
Damien Miller
b3bfbb7355 - djm@cvs.openbsd.org 2005/10/30 01:23:19
[ssh_config.5]
     mention control socket fallback behaviour, reported by
     tryponraj AT gmail.com
2005-11-05 15:11:48 +11:00
Damien Miller
319550a52b - stevesk@cvs.openbsd.org 2005/10/17 14:13:35
[dns.c dns.h]
     more cleanups; ok jakob@
2005-11-05 15:11:15 +11:00
Damien Miller
7e8795d308 - stevesk@cvs.openbsd.org 2005/10/17 14:01:28
[dns.c]
     remove #ifdef LWRES; ok jakob@
2005-11-05 15:10:42 +11:00
Damien Miller
6571249074 - stevesk@cvs.openbsd.org 2005/10/17 13:45:05
[dns.c]
     fix memory leaks from 2 sources:
         1) key_fingerprint_raw()
         2) malloc in dns_read_rdata()
     ok jakob@
2005-11-05 15:09:27 +11:00
Damien Miller
c1af1d5f40 - stevesk@cvs.openbsd.org 2005/10/15 15:28:12
[sshconnect.c]
     make external definition static; ok deraadt@
2005-11-05 15:08:57 +11:00
Damien Miller
0a0176e9f3 - stevesk@cvs.openbsd.org 2005/10/14 02:29:37
[channels.c clientloop.c]
     free()->xfree(); ok djm@
2005-11-05 15:07:59 +11:00
Damien Miller
15d72a00a3 - stevesk@cvs.openbsd.org 2005/10/14 02:17:59
[ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
Damien Miller
6fd6defbce - stevesk@cvs.openbsd.org 2005/10/13 22:24:31
[auth2-gss.c gss-genr.c gss-serv.c monitor.c]
     KNF; ok djm@
2005-11-05 15:07:05 +11:00
Damien Miller
20afc24363 - stevesk@cvs.openbsd.org 2005/10/13 19:13:41
[dns.c]
     unneeded #include, unused declaration, little knf; ok deraadt@
2005-11-05 15:06:38 +11:00
Damien Miller
5f916c8f6c - stevesk@cvs.openbsd.org 2005/10/13 19:08:08
[gss-serv-krb5.c gss-serv.c]
     unused declarations; ok deraadt@
     (id sync only for gss-serv-krb5.c)
2005-11-05 15:05:28 +11:00
Damien Miller
9fac263639 - stevesk@cvs.openbsd.org 2005/10/13 14:20:37
[gss-serv.c]
     spelling in comments
2005-11-05 15:03:48 +11:00
Damien Miller
5434eb2a69 - stevesk@cvs.openbsd.org 2005/10/13 14:03:01
[auth2-gss.c gss-genr.c gss-serv.c]
     remove unneeded #includes; ok markus@
2005-11-05 15:03:24 +11:00
Damien Miller
5e7fd076f5 - djm@cvs.openbsd.org 2005/10/11 23:37:37
[channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@
2005-11-05 14:53:39 +11:00
Damien Miller
39eda6eb6a - djm@cvs.openbsd.org 2005/10/10 10:23:08
[channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-11-05 14:52:50 +11:00
Damien Miller
3f54a9f5b7 - (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
2005-11-05 14:52:18 +11:00
Darren Tucker
d32e293c04 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
   via FreeBSD.
2005-11-02 09:07:31 +11:00
Darren Tucker
42308a4374 - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@
2005-10-30 15:31:55 +11:00
Damien Miller
88edf6255b - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
   files from imorgan AT nas.nasa.gov
2005-10-30 11:55:45 +11:00
Darren Tucker
a841dceb4c - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
prompt.  Patch from vinschen at redhat.com.
2005-10-25 18:55:00 +10:00
Darren Tucker
e737455430 - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
understand "%lld", even though the compiler has "long long", so handle
   it as a special case.  Patch tested by mcaskill.scott at epa.gov.

(actually was included in previous commit)
2005-10-25 18:52:31 +10:00
Darren Tucker
537f1ed7df - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
sizeof(long long) checks, to make fixing bug #1104 easier (no changes
   yet).
2005-10-25 18:38:33 +10:00
Darren Tucker
314d89e050 - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
/etc/default/login report and testing from aabaker at iee.org, corrections
   from tim@.
2005-10-17 23:29:23 +10:00
Darren Tucker
9ac1a65acb - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
versions from OpenBSD.  ok djm@
2005-10-09 11:40:03 +10:00
Damien Miller
e04ec6fdfd - (djm) [configure.ac] missing 'test' call for -with-Werror test 2005-10-08 16:21:19 +10:00
Darren Tucker
1e6616bb14 - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
brian.smith at agilent com.
2005-10-08 12:07:01 +10:00
Darren Tucker
ac7e630b85 typo 2005-10-06 01:39:58 +10:00
Darren Tucker
b18f15100a - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
"*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
   senthilkumar_sen at hotpop.com.
2005-10-05 23:02:16 +10:00
Darren Tucker
1f85dc7034 - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
is required in the system path for the multiplex test to work.
2005-10-03 20:14:18 +10:00
Darren Tucker
b0b12296f9 - dtucker@cvs.openbsd.org 2005/10/03 07:44:42
[canohost.c]
     Relocate check_ip_options call to prevent logging of garbage for
     connections with IP options set.  bz#1092 from David Leonard,
     "looks good" deraadt@
2005-10-03 18:23:44 +10:00
Darren Tucker
28e8e59b35 - jaredy@cvs.openbsd.org 2005/09/30 20:34:26
[ssh-keyscan.1]
     deploy .An -nosplit; ok jmc
2005-10-03 18:20:28 +10:00
Darren Tucker
45b0142643 - djm@cvs.openbsd.org 2005/09/21 23:37:11
[sshd.c]
     change label at markus@'s request
2005-10-03 18:20:00 +10:00
Darren Tucker
e2dd2d5baa - djm@cvs.openbsd.org 2005/09/21 23:36:54
[sshd_config.5]
     aquire -> acquire, from stevesk@
2005-10-03 18:19:06 +10:00
Darren Tucker
1e4308e6fa - djm@cvs.openbsd.org 2005/09/19 23:31:31
[ssh.1]
     spelling nit from stevesk@
2005-10-03 18:18:40 +10:00
Darren Tucker
895d698515 - jmc@cvs.openbsd.org 2005/09/19 15:42:44
[ssh.c]
     update -D usage here too;
2005-10-03 18:18:05 +10:00
Darren Tucker
05d4dfe38f - jmc@cvs.openbsd.org 2005/09/19 15:38:27
[ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
2005-10-03 18:17:38 +10:00
Darren Tucker
8813bbbca9 - djm@cvs.openbsd.org 2005/09/19 11:48:10
[gss-serv.c]
     typo
2005-10-03 18:17:02 +10:00
Darren Tucker
a2cdbda2de - djm@cvs.openbsd.org 2005/09/19 11:47:09
[sshd.c]
     stop connection abort on rekey with delayed compression enabled when
     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
2005-10-03 18:16:02 +10:00
Darren Tucker
c8d6421a64 - djm@cvs.openbsd.org 2005/09/19 11:37:34
[ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
2005-10-03 18:13:42 +10:00
Darren Tucker
ce321d8a30 - djm@cvs.openbsd.org 2005/09/13 23:40:07
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
Darren Tucker
d89dbf29ff - markus@cvs.openbsd.org 2005/09/09 19:18:05
[clientloop.c]
     typo; from mark at mcs.vuw.ac.nz, bug #1082
2005-10-03 18:05:26 +10:00
Darren Tucker
d3d0fa1558 - markus@cvs.openbsd.org 2005/09/07 08:53:53
[channels.c]
     enforce chanid != NULL; ok djm
2005-10-03 18:03:05 +10:00
Darren Tucker
d4f04ae247 - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
child during PAM account check without clearing it.  This restores the
   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
   with help from several others.
2005-09-30 10:23:21 +10:00
Darren Tucker
6e4221129e - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
for strtoll.  Patch from o.flebbe at science-computing.de.
2005-09-30 09:55:49 +10:00
Darren Tucker
372c8fbe9b - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
introduced during sync.
2005-09-29 22:01:10 +10:00
Darren Tucker
7b1e695846 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
PAM via keyboard-interactive.  Patch tested by the folks at Vintela.
2005-09-28 22:33:27 +10:00
Darren Tucker
46e7ba5d53 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency 2005-09-28 08:26:30 +10:00
Darren Tucker
c6f8219e0d - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@
2005-09-27 22:46:32 +10:00
Darren Tucker
f1377bdeed - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
calls, since they can't possibly fail.  ok djm@
2005-09-27 19:50:25 +10:00
Darren Tucker
d3eff2bfa5 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
duplicate call.  ok djm@
2005-09-24 12:43:51 +10:00