Commit Graph

2524 Commits

Author SHA1 Message Date
Ben Lindstrom
61d328acf9 - markus@cvs.openbsd.org 2002/06/05 21:55:44
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -t life,  Set lifetime (in seconds) when adding identities;
     ok provos@
2002-06-06 21:54:57 +00:00
Ben Lindstrom
163f3b8f6b - markus@cvs.openbsd.org 2002/06/05 20:56:39
[ssh-add.c]
     add -x/-X to usage
2002-06-06 21:53:11 +00:00
Ben Lindstrom
2f71704b42 - markus@cvs.openbsd.org 2002/06/05 19:57:12
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -x for lock and -X for unlocking the agent.
     todo: encrypt private keys with locked...
2002-06-06 21:52:03 +00:00
Ben Lindstrom
21d1ed8303 - markus@cvs.openbsd.org 2002/06/05 16:48:54
[ssh-agent.c]
     copy current request into an extra buffer and just flush this
     request on errors, ok provos@
2002-06-06 21:48:57 +00:00
Ben Lindstrom
b7788f3ebe - markus@cvs.openbsd.org 2002/06/05 16:08:07
[ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:08 +00:00
Ben Lindstrom
22fa01cdea - markus@cvs.openbsd.org 2002/06/05 16:08:07
[ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:07 +00:00
Ben Lindstrom
7d9c38f37a - markus@cvs.openbsd.org 2002/06/04 23:05:49
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
     __FUNCTION__ -> __func__

NOTE: This includes all portable references also.
2002-06-06 21:40:51 +00:00
Ben Lindstrom
3dca4f55f2 - markus@cvs.openbsd.org 2002/06/04 23:02:06
[packet.c]
     remove __FUNCTION__
2002-06-06 20:59:25 +00:00
Ben Lindstrom
f67e07711f - markus@cvs.openbsd.org 2002/06/04 19:53:40
[monitor.c]
     save the session id (hash) for ssh2 (it will be passed with the
     initial sign request) and verify that this value is used during
     authentication; ok provos@
2002-06-06 20:58:19 +00:00
Ben Lindstrom
dcf6bfbfbd - markus@cvs.openbsd.org 2002/06/04 19:42:35
[monitor.c]
     only allow enabled authentication methods; ok provos@
2002-06-06 20:57:17 +00:00
Ben Lindstrom
2e14bc71e6 - deraadt@cvs.openbsd.org 2002/06/03 12:04:07
[ssh.h]
     compatiblity -> compatibility
     decriptor -> descriptor
     authentciated -> authenticated
     transmition -> transmission
2002-06-06 20:56:07 +00:00
Ben Lindstrom
ceae9d1c33 - markus@cvs.openbsd.org 2002/05/31 13:20:50
[ssh-rsa.c]
     pad received signature with leading zeros, because RSA_verify expects
     a signature of RSA_size. the drafts says the signature is transmitted
     unpadded (e.g. putty does not pad), reported by anakin@pobox.com
2002-06-06 20:55:04 +00:00
Ben Lindstrom
01fff0c9d4 - markus@cvs.openbsd.org 2002/05/31 13:16:48
[key.c]
     add comment:
     key_verify returns 1 for a correct signature, 0 for an incorrect signature
     and -1 on error.
2002-06-06 20:54:07 +00:00
Ben Lindstrom
511bb24c5b - markus@cvs.openbsd.org 2002/05/31 11:35:15
[auth.h auth2.c]
     move Authmethod definitons to per-method file.

NOTE: The rest of this patch is with the import of the auth2-*.c files.
2002-06-06 20:52:37 +00:00
Ben Lindstrom
cec2ea8d02 - markus@cvs.openbsd.org 2002/05/31 10:30:33
[sshconnect2.c]
     extent ssh-keysign protocol:
     pass # of socket-fd to ssh-keysign, keysign verfies locally used
     ip-address using this socket-fd, restricts fake local hostnames
     to actual local hostnames; ok stevesk@
2002-06-06 20:51:04 +00:00
Ben Lindstrom
f088f4374a - markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c]
     use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
     our own implementation. allow use of AES hardware via libcrypto,
     ok deraadt@
2002-06-06 20:50:07 +00:00
Ben Lindstrom
a26ea63f8a - markus@cvs.openbsd.org 2002/05/29 11:21:57
[sshd.c]
     don't start if privsep is enabled and SSH_PRIVSEP_USER or
     _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
2002-06-06 20:46:25 +00:00
Ben Lindstrom
20abb75f53 - stevesk@cvs.openbsd.org 2002/05/29 03:06:30
[ssh.1 sshd.8]
     spelling
2002-06-06 20:45:33 +00:00
Ben Lindstrom
10d9936413 - stevesk@cvs.openbsd.org 2002/05/28 21:24:00
[uidswap.c]
     use correct function name in fatal()

[See the patch above, I saw it before apply the next patch. <sigh>]
2002-06-06 20:44:06 +00:00
Ben Lindstrom
ca8943e6de - (bal) Corrected debug() in uidswap.c to match upstream. 2002-06-06 20:42:04 +00:00
Ben Lindstrom
abff1dd050 - stevesk@cvs.openbsd.org 2002/05/28 17:28:02
[uidswap.c]
     format spec change/casts and some KNF; ok markus@
2002-06-06 20:38:49 +00:00
Ben Lindstrom
105ccbe192 - stevesk@cvs.openbsd.org 2002/05/28 16:45:27
[monitor_mm.c]
     print strerror(errno) on mmap/munmap error; ok markus@
2002-06-06 20:33:06 +00:00
Ben Lindstrom
033a49c7cc - stevesk@cvs.openbsd.org 2002/05/26 20:35:10
[ssh.1]
     sort ChallengeResponseAuthentication; ok markus@
2002-06-06 20:30:28 +00:00
Ben Lindstrom
855bf3ac3c - markus@cvs.openbsd.org 2002/05/25 18:51:07
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
      auth2-passwd.c auth2-pubkey.c Makefile.in]
     split auth2.c into one file per method; ok provos@/deraadt@

NOTE: Merged back noticable cygwin and pam stuff.  May need review to
ensure I did not miss anything.
2002-06-06 20:27:55 +00:00
Ben Lindstrom
4887da222b - markus@cvs.openbsd.org 2002/05/25 08:50:39
[sshconnect2.c]
     execlp->execl; from stevesk
2002-06-06 20:05:57 +00:00
Ben Lindstrom
5206b951c6 - markus@cvs.openbsd.org 2002/05/24 08:45:14
[sshconnect2.c]
     stat ssh-keysign first, print error if stat fails;
     some debug->error; fix comment
2002-06-06 19:59:29 +00:00
Ben Lindstrom
9e5bb579f9 - markus@cvs.openbsd.org 2002/05/23 19:39:34
[ssh.c]
     add comment about ssh-keysign
2002-06-06 19:58:27 +00:00
Ben Lindstrom
1bad256822 - markus@cvs.openbsd.org 2002/05/23 19:24:30
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
     add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
     authentication in protocol v2 (needs to access the hostkeys).

Note: Makefile.in untested.  Will test after merge is finished.
2002-06-06 19:57:33 +00:00
Ben Lindstrom
f666fec2d5 - deraadt@cvs.openbsd.org 2002/05/22 23:18:25
[ssh.c sshd.c]
     spelling; abishoff@arc.nasa.gov
2002-06-06 19:51:58 +00:00
Ben Lindstrom
38ed63d759 - deraadt@cvs.openbsd.org 2002/05/19 20:54:52
[log.h]
     extra commas in enum not 100% portable
2002-06-06 19:51:06 +00:00
Ben Lindstrom
fac7769f64 - stevesk@cvs.openbsd.org 2002/05/16 22:09:59
[session.c ssh.c]
     don't limit xauth pathlen on client side and longer print length on
     server when debug; ok markus@
2002-06-06 19:49:54 +00:00
Ben Lindstrom
6a24641365 - markus@cvs.openbsd.org 2002/05/16 22:02:50
[cipher.c kex.h mac.c]
     fix warnings (openssl 0.9.7 requires const)
2002-06-06 19:48:16 +00:00
Ben Lindstrom
fb62a69488 - markus@cvs.openbsd.org 2002/05/15 21:56:38
[servconf.c sshd.8 sshd_config]
     re-enable privsep and disable setuid for post-3.2.2
2002-06-06 19:47:11 +00:00
Kevin Steves
df75dd21f5 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now).
2002-06-04 20:52:19 +00:00
Tim Rice
28bbb0c458 [configure.ac.orig monitor_fdpass.c] Enahnce msghdr tests to address
build problem on Irix reported by Dave Love <d.love@dl.ac.uk>. Back out
last monitor_fdpass.c changes that are no longer needed with new tests.
Patch tested on Irix by Jan-Frode Myklebust <janfrode@parallab.uib.no>
2002-05-27 17:37:32 -07:00
Damien Miller
116e6dfaad unbreak (aaarrrgggh - stupid vi) 2002-05-22 15:06:28 +10:00
Damien Miller
8ce8296fd0 sync scard/ 2002-05-22 14:24:01 +10:00
Damien Miller
23dc10ddac crank rpm spec versions 2002-05-22 14:14:54 +10:00
Damien Miller
667fb25f47 Crank version
(also missed changelog message)
2002-05-22 14:14:00 +10:00
Damien Miller
13e35a0ea2 rcsid sync 2002-05-22 14:04:11 +10:00
Damien Miller
74cc5bb851 fix spelling mistakes spotted by Solar Designer <solar@openwall.com> 2002-05-22 11:02:15 +10:00
Kevin Steves
bc5bb55755 - (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups() 2002-05-21 17:59:13 +00:00
Kevin Steves
c5041acef3 - (stevesk) [sshd.c] bug 245; disable setsid() for now 2002-05-21 17:50:21 +00:00
Tim Rice
9de793cc6c [configure.ac] remove extra MD5_MSG="no" line. 2002-05-17 08:59:22 -07:00
Damien Miller
8ae0d8c185 p1 2002-05-16 09:25:38 +10:00
Ben Lindstrom
4e67d38a7e - (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:05:29
     [version.h]
     enter OpenSSH_3.2.2
 - (bal) Caldara, Suse, and Redhat openssh.specs updated.
2002-05-15 21:50:14 +00:00
Ben Lindstrom
c5c15dde32 - markus@cvs.openbsd.org 2002/05/15 21:02:53
[servconf.c sshd.8 sshd_config]
     disable privsep and enable setuid for the 3.2.2 release
2002-05-15 21:37:34 +00:00
Ben Lindstrom
c57bbf158d - millert@cvs.openbsd.org 2002/05/06 23:34:33
[ssh.1 sshd.8]
     Kill/adjust r(login|exec)d? references now that those are no longer in
     the tree.
2002-05-15 21:36:45 +00:00
Ben Lindstrom
bb2ce36d4d - deraadt@cvs.openbsd.org 2002/05/04 02:39:35
[servconf.c sshd.8 sshd_config]
     enable privsep by default; provos ok
(historical)
2002-05-15 21:35:43 +00:00
Ben Lindstrom
2b70e5603f - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy. 2002-05-15 16:39:51 +00:00