Kevin Steves
9443508b96
- (stevesk) [Makefile.in ssh-rand-helper.c]
...
portable lib and __progname support for ssh-rand-helper; ok djm@
2001-12-25 04:32:58 +00:00
Ben Lindstrom
2ad31ee68a
- (bal) Removed contrib/chroot.diff and noted in contrib/README that it
...
was not being maintained.
2001-12-24 02:59:19 +00:00
Damien Miller
62116dcc0a
- (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
...
solar@openwall.com
- (djm) Rework entropy code. If the OpenSSL PRNG is has not been
internally seeded, execute a subprogram "ssh-rand-helper" to obtain
some entropy for us. Rewrite the old in-process entropy collecter as
an example ssh-rand-helper.
- (djm) Always perform ssh_prng_cmds path lookups in configure, even if
we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-24 01:41:47 +11:00
Damien Miller
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
Damien Miller
e737856350
- markus@cvs.openbsd.org 2001/12/20 16:37:29
...
[channels.c channels.h session.c]
setup x11 listen socket for just one connect if the client requests so.
(v2 only, but the openssh client does not support this feature).
2001-12-21 14:58:35 +11:00
Damien Miller
5a6b4fe225
- stevesk@cvs.openbsd.org 2001/12/19 17:16:13
...
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
Damien Miller
f6681a3a96
- markus@cvs.openbsd.org 2001/12/19 16:09:39
...
[serverloop.c]
fix race between SIGCHLD and select with an additional pipe. writing
to the pipe on SIGCHLD wakes up select(). using pselect() is not
portable and siglongjmp() ugly. W. R. Stevens suggests similar solution.
initial idea by pmenage@ensim.com ; ok deraadt@, djm@
2001-12-21 14:53:11 +11:00
Damien Miller
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Damien Miller
89681214ca
- jakob@cvs.openbsd.org 2001/12/18 10:06:24
...
[auth-rsa.c]
log fingerprint on successful public key authentication, simplify usage of key structs; ok markus@
2001-12-21 12:52:39 +11:00
Damien Miller
da9edcabf8
- jakob@cvs.openbsd.org 2001/12/18 10:05:15
...
[auth2.c]
log fingerprint on successful public key authentication; ok markus@
2001-12-21 12:48:54 +11:00
Damien Miller
5b2aea9494
- jakob@cvs.openbsd.org 2001/12/18 10:04:21
...
[auth.h hostfile.c hostfile.h]
remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
2001-12-21 12:47:09 +11:00
Damien Miller
83c02ef623
- markus@cvs.openbsd.org 2001/12/10 20:34:31
...
[ssh-keyscan.c]
check that server supports v1 for -t rsa1, report from wirth@dfki.de
2001-12-21 12:45:43 +11:00
Damien Miller
72c336def6
- stevesk@cvs.openbsd.org 2001/12/10 16:45:04
...
[sshd.c]
possible fd leak on error; ok markus@
2001-12-21 12:44:28 +11:00
Damien Miller
ee11625d43
- markus@cvs.openbsd.org 2001/12/09 18:45:56
...
[auth2.c auth2-chall.c auth.h]
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
fixes memleak.
2001-12-21 12:42:34 +11:00
Damien Miller
3afe375fd2
- stevesk@cvs.openbsd.org 2001/12/08 17:49:28
...
[channels.c pathnames.h]
use only one path to X11 UNIX domain socket vs. an array of paths
to try. report from djast@cs.toronto.edu . ok markus@
2001-12-21 12:39:51 +11:00
Damien Miller
faf2f6483a
- (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X
...
server. I have found this necessary to avoid server hangs with X input
extensions (e.g. kinput2). Enable by setting the environment variable
"GNOME_SSH_ASKPASS_NOGRAB"
2001-12-21 10:28:07 +11:00
Kevin Steves
366298c696
- (stevesk) OpenBSD CVS sync X11 localhost display
...
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-19 17:58:01 +00:00
Ben Lindstrom
73f57be500
- stevesk@cvs.openbsd.org 2001/12/06 18:20:32
...
[channels.c]
disable nagle for X11 fake server and client TCPs. from netbsd.
ok markus@
2001-12-07 17:28:34 +00:00
Ben Lindstrom
ccd8d07b3c
- stevesk@cvs.openbsd.org 2001/12/06 18:09:23
...
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
2001-12-07 17:26:48 +00:00
Ben Lindstrom
e181a4d294
- stevesk@cvs.openbsd.org 2001/12/06 18:02:32
...
[channels.c sshconnect.c]
shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
Ben Lindstrom
c97b1affc5
- (bal) PCRE no longer required. Banished from the source along with
...
fake-regex.h
2001-12-07 17:20:47 +00:00
Ben Lindstrom
ade03f6bad
- markus@cvs.openbsd.org 2001/12/06 13:30:06
...
[servconf.c servconf.h sshd.8 sshd.c]
add -o to sshd, too. ok deraadt@
- (bal) Minor white space fix up in servconf.c
2001-12-06 18:22:17 +00:00
Ben Lindstrom
9eab262f1c
- markus@cvs.openbsd.org 2001/12/05 16:54:51
...
[compat.c match.c match.h]
make theo and djm happy: bye bye regexp
2001-12-06 18:06:05 +00:00
Ben Lindstrom
ff4a14f809
- markus@cvs.openbsd.org 2001/12/05 15:04:48
...
[version.h]
post 3.0.2
2001-12-06 18:02:59 +00:00
Ben Lindstrom
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
Ben Lindstrom
3c36bb29ca
- itojun@cvs.openbsd.org 2001/12/05 03:56:39
...
[auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
sshconnect2.c]
make it compile with more strict prototype checking
2001-12-06 17:55:26 +00:00
Ben Lindstrom
f8f065bc75
- itojun@cvs.openbsd.org 2001/12/05 03:50:01
...
[clientloop.c serverloop.c sshd.c]
deal with LP64 printf issue with sig_atomic_t. from thorpej
2001-12-06 17:52:16 +00:00
Ben Lindstrom
d05487d1db
- deraadt@cvs.openbsd.org 2001/12/02 02:08:32
...
[sftp-common.c]
zap };
2001-12-06 17:50:03 +00:00
Ben Lindstrom
38b951cdb2
- markus@cvs.openbsd.org 2001/12/01 21:41:48
...
[session.c sshd.8]
don't pass user defined variables to /usr/bin/login
2001-12-06 17:47:47 +00:00
Ben Lindstrom
4a4bd719ea
- stevesk@cvs.openbsd.org 2001/11/30 20:39:28
...
[ssh.c]
sscanf() length dependencies are clearer now; can also shrink proto
and data if desired, but i have not done that. ok markus@
2001-12-06 17:45:19 +00:00
Ben Lindstrom
57fe5b592c
- markus@cvs.openbsd.org 2001/11/29 22:08:48
...
[auth-rsa.c]
fix protocol error: send 'failed' message instead of a 2nd challenge
(happens if the same key is in authorized_keys twice).
reported Ralf_Meister@genua.de ; ok djm@
2001-12-06 17:41:25 +00:00
Ben Lindstrom
623e4a0b1a
- stevesk@cvs.openbsd.org 2001/11/29 19:06:39
...
[channels.h]
remove dead function prototype; ok markus@
2001-12-06 16:49:57 +00:00
Ben Lindstrom
5e71c54b8c
- markus@cvs.openbsd.org 2001/11/22 12:34:22
...
[clientloop.c serverloop.c sshd.c]
volatile sig_atomic_t
2001-12-06 16:48:14 +00:00
Ben Lindstrom
28c603bf43
- stevesk@cvs.openbsd.org 2001/11/22 05:27:29
...
[ssh-keyscan.c]
don't use "\n" in fatal()
2001-12-06 16:45:10 +00:00
Ben Lindstrom
4e366d5048
- stevesk@cvs.openbsd.org 2001/11/21 18:49:14
...
[ssh-keygen.1]
more on passphrase construction; ok markus@
2001-12-06 16:43:21 +00:00
Ben Lindstrom
4cbc181983
- markus@cvs.openbsd.org 2001/11/21 15:51:24
...
[key.c]
mem leak
2001-12-06 16:41:41 +00:00
Ben Lindstrom
70a290c5f7
- mpech@cvs.openbsd.org 2001/11/19 19:02:16
...
[deattack.c radix.c]
kill more registers
millert@ ok
2001-12-06 16:39:56 +00:00
Ben Lindstrom
11f790bbb1
- stevesk@cvs.openbsd.org 2001/11/19 18:40:46
...
[ssh-agent.1]
clarify/state that private keys are not exposed to clients using the
agent; ok markus@
2001-12-06 16:37:51 +00:00
Ben Lindstrom
d84df989db
- markus@cvs.openbsd.org 2001/11/19 11:20:21
...
[sshd.c]
fd leak on HUP; ok stevesk@
2001-12-06 16:35:40 +00:00
Ben Lindstrom
65366a8c76
- stevesk@cvs.openbsd.org 2001/11/17 19:14:34
...
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
2001-12-06 16:32:47 +00:00
Ben Lindstrom
eaffb9d6b6
- markus@cvs.openbsd.org 2001/11/16 12:46:13
...
[ssh-keyscan.c]
handle empty lines instead of dumping core; report from sha@sha-1.net
2001-12-06 16:28:19 +00:00
Ben Lindstrom
0795848def
- deraadt@cvs.openbsd.org 2001/11/14 20:45:08
...
[sshd.c]
errno saving wrapping in a signal handler
2001-12-06 16:19:01 +00:00
Tim Rice
fe1d100ffd
[contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
...
openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c]
Allow SSHD to install as service under WIndows 9x/Me
[configure.ac] Fix to allow linking against PCRE on Cygwin
Patches by Corinna Vinschen <vinschen@redhat.com>
2001-11-26 17:19:43 -08:00
Damien Miller
f7c6f95682
Release
2001-11-15 23:16:50 +11:00
Damien Miller
efdc1f179d
- (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian
...
<djast@cs.toronto.edu> Fix from markus@
2001-11-15 08:40:45 +11:00
Damien Miller
353f608740
- (djm) Bump RPM package versions
2001-11-14 00:05:57 +11:00
Damien Miller
c3070c8fe0
- markus@cvs.openbsd.org 2001/11/13 02:03:57
...
[version.h]
enter 3.0.1
2001-11-14 00:05:29 +11:00
Damien Miller
527366ccba
- markus@cvs.openbsd.org 2001/11/12 11:17:07
...
[servconf.c]
enable authorized_keys2 again. tested by fries@
2001-11-14 00:03:14 +11:00
Damien Miller
61b05cfdda
- (djm) OpenBSD CVS Sync
...
- dugsong@cvs.openbsd.org 2001/11/11 18:47:10
[auth-krb5.c]
fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
art@, deraadt@ ok
2001-11-14 00:02:10 +11:00
Damien Miller
e49d0966b5
- (djm) AIX login{success,failed} changes. Move loginsuccess call to
...
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
2001-11-13 23:46:18 +11:00