Commit Graph

3515 Commits

Author SHA1 Message Date
Damien Miller
51bf11fcc9 - djm@cvs.openbsd.org 2003/11/17 09:45:39
[msg.c msg.h sshconnect2.c ssh-keysign.c]
     return error on msg send/receive failure (rather than fatal); ok markus@
2003-11-17 21:20:47 +11:00
Damien Miller
91c6aa4468 - markus@cvs.openbsd.org 2003/11/14 13:19:09
[sshconnect2.c]
     cleanup and minor fixes for the client code; from Simon Wilkinson
2003-11-17 21:20:18 +11:00
Damien Miller
fe44847cb8 - jmc@cvs.openbsd.org 2003/11/12 20:14:51
[ssh_config.5]
     make verb agree with subject, and kill some whitespace;
2003-11-17 21:19:49 +11:00
Damien Miller
150b55745b - jakob@cvs.openbsd.org 2003/11/12 16:39:58
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
     update SSHFP validation. ok markus@
2003-11-17 21:19:29 +11:00
Damien Miller
c1f2792bd0 - dtucker@cvs.openbsd.org 2003/11/12 10:12:15
[scp.c]
     When called with -q, pass -q to ssh; suppresses SSH2 banner.  ok markus@
2003-11-17 21:19:05 +11:00
Damien Miller
f58b58ced1 - jakob@cvs.openbsd.org 2003/11/10 16:23:41
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
     [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
     [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
     constify. ok markus@ & djm@
2003-11-17 21:18:23 +11:00
Damien Miller
939cd38122 - jmc@cvs.openbsd.org 2003/11/08 19:17:29
[sftp-int.c]
     typos from Jonathon Gray;
2003-11-17 21:17:24 +11:00
Damien Miller
a9fcd3ada2 - jakob@cvs.openbsd.org 2003/11/08 16:02:40
[auth1.c]
     remove unused variable (pw). ok djm@
     (id sync only - still used in portable)
2003-11-17 21:16:55 +11:00
Damien Miller
3e3b5145e5 - djm@cvs.openbsd.org 2003/11/04 08:54:09
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
     [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
     [session.c]
     standardise arguments to auth methods - they should all take authctxt.
     check authctxt->valid rather then pw != NULL; ok markus@
2003-11-17 21:13:40 +11:00
Damien Miller
8f746ec970 - jakob@cvs.openbsd.org 2003/11/03 09:37:32
[sshconnect.c]
     do not free static type pointer in warn_changed_key()
2003-11-17 21:11:15 +11:00
Damien Miller
5a38897dbb - jakob@cvs.openbsd.org 2003/11/03 09:09:41
[sshconnect.c]
     move changed key warning into warn_changed_key(). ok markus@
2003-11-17 21:10:47 +11:00
Damien Miller
3e8f41e6ac - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2003/11/03 09:03:37
     [auth-chall.c]
     make this a little more idiot-proof; ok markus@
     (includes portable-specific changes)
2003-11-17 21:09:50 +11:00
Darren Tucker
203c40b513 - (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
HP-UX, skip test on AIX.
2003-11-15 12:13:16 +11:00
Darren Tucker
ae52b7ca59 - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
PAM_ERROR_MSG messages.
2003-11-13 19:52:31 +11:00
Darren Tucker
798ca84d60 - (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
contrib/cygwin).  Major update from vinschen at redhat.com.
   - Makefile provides a `cygwin-postinstall' target to run right after
     `make install'.
   - Better support for Windows 2003 Server.
   - Try to get permissions as correct as possible.
   - New command line options to allow full automated host configuration.
   - Create configs from skeletons in /etc/defaults/etc.
   - Use /bin/bash, allows reading user input with readline support.
   - Remove really old configs from /usr/local.
2003-11-13 11:28:49 +11:00
Darren Tucker
0947ddff72 - (dtucker) [auth-pam.c] Append newlines to lines output by the
pam_chauthtok_conv().
2003-11-13 11:21:31 +11:00
Damien Miller
418a386f2b - (djm) Clarify UsePAM consequences a little more 2003-11-06 20:27:51 +11:00
Darren Tucker
be8a771af1 - (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid. 2003-11-03 22:52:52 +11:00
Darren Tucker
655a5e0987 - markus@cvs.openbsd.org 2003/11/02 11:01:03
[auth2-gss.c compat.c compat.h sshconnect2.c]
     remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
2003-11-03 20:09:03 +11:00
Darren Tucker
6db8f936ae - markus@cvs.openbsd.org 2003/10/28 09:08:06
[misc.c]
     error->debug for getsockopt+TCP_NODELAY; several requests
2003-11-03 20:07:14 +11:00
Darren Tucker
56afe145e0 - avsm@cvs.openbsd.org 2003/10/26 16:57:43
[sshconnect2.c]
     rename 'supported' static var in userauth_gssapi() to 'gss_supported'
     to avoid shadowing the global version.  markus@ ok
2003-11-03 20:06:14 +11:00
Darren Tucker
8cc39788cb - markus@cvs.openbsd.org 2003/10/21 09:50:06
[auth2-gss.c]
     make sure the doid is larger than 2
2003-11-03 20:05:03 +11:00
Darren Tucker
a47c9bcda6 - markus@cvs.openbsd.org 2003/10/15 09:48:45
[monitor_wrap.c]
     check pmonitor != NULL
2003-11-03 20:03:25 +11:00
Darren Tucker
7c582db74b - (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services
are created correctly with CRLF line terminations.  Patch from vinschen at
   redhat.com.
2003-11-03 18:59:29 +11:00
Darren Tucker
2bdacad70c Remove OBJ, shouldn't be there 2003-10-21 23:12:37 +10:00
Darren Tucker
ea4c670eb8 - (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
make agent setgid during test.
2003-10-21 22:27:08 +10:00
Darren Tucker
0d37b5ca7b - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
directly.  Noted by Darren.Moffat at sun.com.
2003-10-21 12:41:14 +10:00
Darren Tucker
9568ad96ad - (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
MD5 passwords even if PAM support is enabled.  From steev at detritus.net.
2003-10-17 16:32:11 +10:00
Tim Rice
6b1f8a3cf5 [regress/banner.sh] portability fix. 2003-10-15 09:22:39 -07:00
Darren Tucker
c6020651ba - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode. 2003-10-15 17:48:20 +10:00
Darren Tucker
b8b4d0bbbe Fix comments to reflect recent change. 2003-10-15 17:22:37 +10:00
Darren Tucker
5f88d3440e - (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c
openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
   compiled in but disabled in config.
2003-10-15 16:57:57 +10:00
Darren Tucker
072a7b178c - markus@cvs.openbsd.org 2003/10/14 19:54:39
[session.c ssh-agent.c]
     10X for mkdtemp; djm@
2003-10-15 16:10:25 +10:00
Darren Tucker
64b77bcb4b - jakob@cvs.openbsd.org 2003/10/14 19:43:23
[README.dns]
     update

Resynced with OpenBSD too: DNSFP support is now always compiled in
so the configure support (and documentation thereof) can go away.
2003-10-15 16:07:53 +10:00
Darren Tucker
dda19d63ff - jakob@cvs.openbsd.org 2003/10/14 19:42:10
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
     include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
Darren Tucker
b370ca9313 - markus@cvs.openbsd.org 2003/10/13 08:22:25
[scp.1 sftp.1]
     don't refer to options related to forwarding; ok jmc@
2003-10-15 15:59:26 +10:00
Darren Tucker
f132c67e8e - jmc@cvs.openbsd.org 2003/10/12 13:12:13
[ssh_config.5]
     note that EnableSSHKeySign should be in the non-hostspecific section;
     remove unnecessary .Pp;
     ok markus@
2003-10-15 15:58:18 +10:00
Darren Tucker
7eb3de0dfb - markus@cvs.openbsd.org 2003/10/11 11:36:23
[monitor_wrap.c]
     return NULL for missing banner; ok djm@
2003-10-15 15:56:58 +10:00
Darren Tucker
d05b601895 - markus@cvs.openbsd.org 2003/10/11 08:26:43
[sshconnect2.c]
     search keys in reverse order; fixes #684
2003-10-15 15:55:59 +10:00
Darren Tucker
0a118da00e - markus@cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Darren Tucker
a044f47679 - markus@cvs.openbsd.org 2003/10/08 15:21:24
[readconf.c ssh_config.5]
     default GSS API to no in client, too; ok jakob, deraadt@
2003-10-15 15:52:03 +10:00
Darren Tucker
1f20394e92 - jmc@cvs.openbsd.org 2003/10/08 08:27:36
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
     scp and sftp: add options list and sort options. options list requested
     by deraadt@
     sshd: use same format as ssh
     ssh: remove wrong option from list
     sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
     ok deraadt@ markus@
2003-10-15 15:50:42 +10:00
Darren Tucker
439ce0daf9 Add FALLTHROUGH comment 2003-10-09 14:20:15 +10:00
Darren Tucker
6c0c0705e3 - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ 2003-10-09 14:13:53 +10:00
Darren Tucker
0240ff786e - djm@cvs.openbsd.org 2003/10/07 07:04:52
[regress/sftp-cmds.sh]
     more sftp quoting regress tests; ok markus
2003-10-08 17:52:10 +10:00
Darren Tucker
dc001a5ee3 - dtucker@cvs.openbsd.org 2003/10/07 01:52:13
[regress/Makefile regress/banner.sh]
     Test SSH2 banner.  ok markus@
2003-10-08 17:47:19 +10:00
Darren Tucker
796448276c - deraadt@cvs.openbsd.org 2003/10/07 21:58:28
[sshconnect2.c]
     set ptr to NULL after free
2003-10-08 17:37:58 +10:00
Darren Tucker
64dbccc2a5 - djm@cvs.openbsd.org 2003/10/07 07:04:16
[sftp-int.c]
     sftp quoting fix from admorten AT umich.edu; ok markus@
2003-10-08 17:34:38 +10:00
Darren Tucker
046dff2a07 - dtucker@cvs.openbsd.org 2003/10/07 01:47:27
[sshconnect2.c]
     Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707.
     ok markus@
2003-10-08 17:32:02 +10:00
Darren Tucker
89df7a3eca - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on
Reliant Unix.  Based on patch from Robert.Dahlem at siemens.com.
2003-10-07 20:35:57 +10:00