Commit Graph

54 Commits

Author SHA1 Message Date
Damien Miller
0b8e9006d8 - (djm) Tidy and trim TODO 2003-05-18 21:44:07 +10:00
Damien Miller
4790772cda more 2003-01-13 10:00:34 +11:00
Damien Miller
a8ed44b79e - (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More
systems may be added later.
2003-01-10 09:53:12 +11:00
Damien Miller
539983800d - (djm) Merge openssh-TODO.patch from Redhat (null) beta 2002-09-05 16:32:02 +10:00
Ben Lindstrom
b129be657c 20020626
- (bal) moved aix_usrinfo() and noted not setting real TTY.  Patch by
   dtucker@zip.com.au
2002-06-25 17:12:26 +00:00
Ben Lindstrom
acfef05161 More privsep notes 2002-06-25 14:14:30 +00:00
Ben Lindstrom
2f0de48681 More notes for Privsep issues. 2002-06-25 14:01:55 +00:00
Ben Lindstrom
aa83b984ca - (bal) Started list of PrivSep issues in TODO 2002-06-25 02:28:22 +00:00
Damien Miller
c68d43335f more 2002-01-22 22:26:20 +11:00
Tim Rice
b89e694b4c [TODO defines.h loginrec.c] Change the references to configure.in
to configure.ac
2001-10-29 18:50:39 -08:00
Ben Lindstrom
7c23540fff Cleaned out dead entries. 2001-10-08 02:53:55 +00:00
Damien Miller
fdbcb5d9ab Possible sia cleanup opportunity 2001-09-25 13:01:49 +10:00
Ben Lindstrom
d9e0824b43 - (bal) Starting the Unicossmk merger. File merged TODO, configure.in,
myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in.
	 Added openbsd-compat/bsd-cray.c.  Rest will be merged after
	 approval.  Selective patches from William L. Jones
	 <jones@mail.utexas.edu>
2001-07-22 19:32:00 +00:00
Kevin Steves
805cf5a788 - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now 2001-06-15 04:23:12 +00:00
Damien Miller
771bbac733 more detail about krb4/-lcrypto conflicts 2001-03-27 16:10:22 +10:00
Damien Miller
883631b73a todo 2001-03-21 11:12:55 +11:00
Kevin Steves
55fb9a9064 64-bit builds on HP-UX 11.X 2001-03-19 14:58:47 +00:00
Damien Miller
dd97de766c more 2001-03-05 23:33:24 +11:00
Ben Lindstrom
63015fdb0b Removed 'build out of tree' line since it does. =) 2001-02-17 01:04:37 +00:00
Ben Lindstrom
6c92dab9a1 - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and
I did a base KNF over the whe whole file to make it more acceptable.
   (backed out of original patch and removed it from ChangeLog)

This has been a long time coming.  If we decide that we need VARARGS support
we should do it at a higher level, since no where else do we support VARARGS
in the code base.
2001-02-13 02:18:50 +00:00
Ben Lindstrom
5d8520ab76 - (bal) added NeXT work around for bsd-snprintf.c in bsd-nextstep.h.
- (bal) added TODO item to clean up and sort out 'varargs' from 'stdargs'
2001-02-12 15:57:18 +00:00
Damien Miller
e9cf357a99 - (djm) Add CVS Id's to files that we have missed 2001-02-09 12:55:35 +11:00
Damien Miller
b8b8ecf87d Add replace test -S 2001-02-08 10:47:43 +11:00
Ben Lindstrom
4d408d3ae7 * Remove HP/UX ssh2 signal comment.
* Added Todo item to verify groupaccess truly works under NeXTStep before
  enabling it since it is enclosed around POSIX wrappers.
2001-02-06 04:03:33 +00:00
Damien Miller
3380426358 NB: big update - may break stuff. Please test!
- (djm) OpenBSD CVS sync:
   - markus@cvs.openbsd.org  2001/02/03 03:08:38
     [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
     [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
     [sshd_config]
     make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
   - markus@cvs.openbsd.org  2001/02/03 03:19:51
     [ssh.1 sshd.8 sshd_config]
     Skey is now called ChallengeResponse
   - markus@cvs.openbsd.org  2001/02/03 03:43:09
     [sshd.8]
     use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
     channel. note from Erik.Anggard@cygate.se (pr/1659)
   - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
     [ssh.1]
     typos; ok markus@
   - djm@cvs.openbsd.org     2001/02/04 04:11:56
     [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
     [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
     Basic interactive sftp client; ok theo@
 - (djm) Update RPM specs for new sftp binary
 - (djm) Update several bits for new optional reverse lookup stuff. I
   think I got them all.
2001-02-04 23:20:18 +11:00
Ben Lindstrom
00fef50cbc Updated to do and removed entry for the reordering non-openbsd code. 2001-02-01 00:44:48 +00:00
Ben Lindstrom
48b2f73005 Updated TODO to reflect that sftp-server should be fixed to support
32bits int if 64bits don't exist.
2001-01-08 06:20:38 +00:00
Ben Lindstrom
42717bf8ff 20001229
- (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
   Kurz <shorty@debain.org>

20001228
 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
   header.  Patch by Tim Rice <tim@multitalents.net>
 - Updated TODO w/ known HP/UX issue
 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
   bad reference to 'NeXT including it else were' on the #ifdef version.
2000-12-28 15:46:20 +00:00
Ben Lindstrom
28bfc0da69 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
Suggested by Wilfredo Sanchez <wsanchez@apple.com>
2000-12-18 19:58:57 +00:00
Damien Miller
b84815880e - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
PAM authentication using KbdInteractive.
 - (djm) Added another TODO
2000-12-03 11:51:51 +11:00
Ben Lindstrom
c72745afa9 20001203
- (bal) OpenBSD CVS updates:
  - markus@cvs.openbsd.org 2000/11/30 22:54:31
    [channels.c]
    debug->warn if tried to do -R style fwd w/o client requesting this;
    ok neils@
  - markus@cvs.openbsd.org 2000/11/29 20:39:17
    [cipher.c]
    des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
  - markus@cvs.openbsd.org 2000/11/30 18:33:05
    [ssh-agent.c]
    agents must not dump core, ok niels@
  - markus@cvs.openbsd.org 2000/11/30 07:04:02
    [ssh.1]
    T is for both protocols
  - markus@cvs.openbsd.org 2000/12/01 00:00:51
    [ssh.1]
    typo; from green@FreeBSD.org
  - markus@cvs.openbsd.org 2000/11/30 07:02:35
    [ssh.c]
    check -T before isatty()
  - provos@cvs.openbsd.org 2000/11/29 13:51:27
    [sshconnect.c]
    show IP address and hostname when new key is encountered. okay markus@
  - markus@cvs.openbsd.org 2000/11/30 22:53:35
    [sshconnect.c]
    disable agent/x11/port fwding if hostkey has changed; ok niels@
  - marksu@cvs.openbsd.org 2000/11/29 21:11:59
    [sshd.c]
    sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
    from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
2000-12-02 19:03:54 +00:00
Ben Lindstrom
a15e39b05f Added in Linux's select issue to TODO. Which may have to do with the
shell/sshd not sending a -TERM/-HUP to the grandchildren at the right
time in the exiting process.
2000-12-02 04:58:57 +00:00
Ben Lindstrom
75214f9c19 20001202
- (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
   <mstone@cs.loyola.edu>

Also removed a finished entry in TODO, and changed my address in the
CREDITS file to match my new home address.
2000-12-01 21:19:51 +00:00
Ben Lindstrom
4a1d91646d 20001122
- (bal) Minor patch to ensure platforms lacking IRIX job limit supports
   are compilable.
 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
2000-11-21 10:45:31 +00:00
Ben Lindstrom
ca1c2a0bac Add support for GNU rx library for those lacking regexp support 2000-10-14 21:33:19 +00:00
Damien Miller
e5192fafbf - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> 2000-08-29 14:30:37 +11:00
Damien Miller
ad833b3e65 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
- (djm) OpenBSD CVS updates:
   - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
     [ssh.c]
     accept remsh as a valid name as well; roman@buildpoint.com
   - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
     [deattack.c crc32.c packet.c]
     rename crc32() to ssh_crc32() to avoid zlib name clash.  do not move to
     libz crc32 function yet, because it has ugly "long"'s in it;
     oneill@cs.sfu.ca
   - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
     [scp.1 scp.c]
     -S prog support; tv@debian.org
   - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
     [scp.c]
     knf
   - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
     [log-client.c]
     shorten
   - markus@cvs.openbsd.org  2000/08/19 12:48:11
     [channels.c channels.h clientloop.c ssh.c ssh.h]
     support for ~. in ssh2
   - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
     [crc32.h]
     proper prototype
   - markus@cvs.openbsd.org  2000/08/19 15:34:44
     [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
     [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
     [fingerprint.c fingerprint.h]
     add SSH2/DSA support to the agent and some other DSA related cleanups.
     (note that we cannot talk to ssh.com's ssh2 agents)
   - markus@cvs.openbsd.org  2000/08/19 15:55:52
     [channels.c channels.h clientloop.c]
     more ~ support for ssh2
   - markus@cvs.openbsd.org  2000/08/19 16:21:19
     [clientloop.c]
     oops
   - millert@cvs.openbsd.org 2000/08/20 12:25:53
     [session.c]
     We have to stash the result of get_remote_name_or_ip() before we
     close our socket or getpeername() will get EBADF and the process
     will exit.  Only a problem for "UseLogin yes".
   - millert@cvs.openbsd.org 2000/08/20 12:30:59
     [session.c]
     Only check /etc/nologin if "UseLogin no" since login(1) may have its
     own policy on determining who is allowed to login when /etc/nologin
     is present.  Also use the _PATH_NOLOGIN define.
   - millert@cvs.openbsd.org 2000/08/20 12:42:43
     [auth1.c auth2.c session.c ssh.c]
     Add calls to setusercontext() and login_get*().  We basically call
     setusercontext() in most places where previously we did a setlogin().
     Add default login.conf file and put root in the "daemon" login class.
   - millert@cvs.openbsd.org 2000/08/21 10:23:31
     [session.c]
     Fix incorrect PATH setting; noted by Markus.
2000-08-23 10:46:23 +10:00
Damien Miller
bc33bd44a2 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> 2000-07-11 14:59:08 +10:00
Damien Miller
31abc9addb - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
Including sigaction() et al. replacements
2000-07-09 23:26:27 +10:00
Damien Miller
e340f73b53 Removed an old entry 2000-06-03 21:59:32 +10:00
Damien Miller
16e519cb9c - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a 2000-05-09 14:28:55 +10:00
Damien Miller
73a26627f2 todo 2000-04-06 12:36:06 +10:00
Damien Miller
a22ba0152c - Big cleanup of autoconf code
- Rearranged to be a little more logical
   - Added -R option for Solaris
   - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
     to detect library and header location _and_ ensure library has proper
     RSA support built in (this is a problem with OpenSSL 0.9.5).
2000-03-02 23:09:20 +11:00
Damien Miller
0e1cf7caa7 - Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
 - New URL for x11-ssh-askpass.
2000-01-26 12:15:30 +11:00
Damien Miller
b284b546c0 - Fix hang on logout if processes are still using the pty. Needs
further testing.
2000-01-17 20:55:18 +11:00
Damien Miller
34132e54cb - Merged OpenBSD IPv6 patch:
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
     [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
     [hostfile.c sshd_config]
     ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
     features: sshd allows multiple ListenAddress and Port options. note
     that libwrap is not IPv6-ready. (based on patches from
     fujiwara@rcac.tdi.co.jp)
   - [ssh.c canohost.c]
     more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
     from itojun@
   - [channels.c]
     listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
   - [packet.h]
     allow auth-kerberos for IPv4 only
   - [scp.1 sshd.8 servconf.h scp.c]
     document -4, -6, and 'ssh -L 2022/::1/22'
   - [ssh.c]
     'ssh @host' is illegal (null user name), from
     karsten@gedankenpolizei.de
   - [sshconnect.c]
     better error message
   - [sshd.c]
     allow auth-kerberos for IPv4 only
 - Big IPv6 merge:
   - Cleanup overrun in sockaddr copying on RHL 6.1
   - Replacements for getaddrinfo, getnameinfo, etc based on versions
     from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
   - Replacement for missing structures on systems that lack IPv6
   - record_login needed to know about AF_INET6 addresses
   - Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
Damien Miller
7cfd3e6fb6 Prepare for pre24 1999-12-31 10:04:19 +11:00
Damien Miller
3131d8bc71 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
<iretd@bigfoot.com>
1999-12-31 09:42:24 +11:00
Damien Miller
beb4ba5a68 - Portability fixes for Irix 5.3 (now compiles OK!)
- autoconf and other misc cleanups
1999-12-28 15:09:35 +11:00
Damien Miller
373d2917a8 - PAM bugfix. PermitEmptyPassword was being ignored.
- Fixed PAM config files to allow empty passwords if server does.
 - Explained spurious PAM auth warning workaround in UPGRADING
1999-12-27 10:45:54 +11:00