Commit Graph

20 Commits

Author SHA1 Message Date
Damien Miller
f9b625c36e - (djm) Fix pam sprintf fix
- (djm) Cleanup entropy collection code a little more. Split initialisation
   from seeding, perform intialisation immediatly at start, be careful with
   uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
2000-07-09 22:42:32 +10:00
Damien Miller
6536c7d3c9 - OpenBSD CVS Updates:
- markus@cvs.openbsd.org  2000/06/18 18:50:11
     [auth2.c compat.c compat.h sshconnect2.c]
     make userauth+pubkey interop with ssh.com-2.2.0
   - markus@cvs.openbsd.org  2000/06/18 20:56:17
     [dsa.c]
     mem leak + be more paranoid in dsa_verify.
   - markus@cvs.openbsd.org  2000/06/18 21:29:50
     [key.c]
     cleanup fingerprinting, less hardcoded sizes
   - markus@cvs.openbsd.org  2000/06/19 19:39:45
     [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
     [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
     [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
     [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
     [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
     [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
     [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
     OpenBSD tag
   - markus@cvs.openbsd.org  2000/06/21 10:46:10
     sshconnect2.c missing free; nuke old comment
2000-06-22 21:32:31 +10:00
Damien Miller
70fb671d21 - Fixed __progname symbol collisions reported by Andre Lucas
<andre.lucas@dial.pipex.com>
2000-05-01 20:59:50 +10:00
Damien Miller
eba71bab9b - Merge big update to OpenSSH-2.0 from OpenBSD CVS
[README.openssh2]
   - interop w/ F-secure windows client
   - sync documentation
   - ssh_host_dsa_key not ssh_dsa_key
   [auth-rsa.c]
   - missing fclose
   [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
   [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
   [sshd.c uuencode.c uuencode.h authfile.h]
   - add DSA pubkey auth and other SSH2 fixes.  use ssh-keygen -[xX]
     for trading keys with the real and the original SSH, directly from the
     people who invented the SSH protocol.
   [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
   [sshconnect1.c sshconnect2.c]
   - split auth/sshconnect in one file per protocol version
   [sshconnect2.c]
   - remove debug
   [uuencode.c]
   - add trailing =
   [version.h]
   - OpenSSH-2.0
   [ssh-keygen.1 ssh-keygen.c]
   - add -R flag: exit code indicates if RSA is alive
   [sshd.c]
   - remove unused
     silent if -Q is specified
   [ssh.h]
   - host key becomes /etc/ssh_host_dsa_key
   [readconf.c servconf.c ]
   - ssh/sshd default to proto 1 and 2
   [uuencode.c]
   - remove debug
   [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
   - xfree DSA blobs
   [auth2.c serverloop.c session.c]
   - cleanup logging for sshd/2, respect PasswordAuth no
   [sshconnect2.c]
   - less debug, respect .ssh/config
   [README.openssh2 channels.c channels.h]
   - clientloop.c session.c ssh.c
   - support for x11-fwding, client+server
2000-04-29 23:57:08 +10:00
Damien Miller
aae6c614da - Merged OpenBSD CVS changes:
- [auth-krb4.c auth-passwd.c auth-skey.c ssh.
     move skey-auth from auth-passwd.c to auth-s
   - [auth-rsa.c]
     warn only about mismatch if key is _used_
     warn about keysize-mismatch with log() not
     channels.c readconf.c readconf.h ssh.c ssh.
     ports are u_short
   - [hostfile.c]
     indent, shorter warning
   - [nchan.c]
     use error() for internal errors
   - [packet.c]
     set loglevel for SSH_MSG_DISCONNECT to log(
     serverloop.c
     indent
   - [ssh-add.1 ssh-add.c ssh.h]
     document , reasonable default
   - [ssh.1]
     CheckHostIP is not available for connects v
   - [sshconnect.c]
     typo
     easier to read client code for passwd and s
     turn of checkhostip for proxy connects, sin
1999-12-06 11:47:28 +11:00
Damien Miller
d8087f62d6 - Added BSD compatible install program and autoconf test, thanks to
Niels Kristian Bech Jensen <nkbj@image.dk>
 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
1999-11-25 12:31:26 +11:00
Damien Miller
5428f646ad - More reformatting merged from OpenBSD CVS
- Merged OpenBSD CVS changes:
   - [channels.c]
     report from mrwizard@psu.edu via djm@ibs.com.au
   - [channels.c]
     set SO_REUSEADDR and SO_LINGER for forwarded ports.
     chip@valinux.com via damien@ibs.com.au
   - [nchan.c]
     it's not an error() if shutdown_write failes in nchan.
   - [readconf.c]
     remove dead #ifdef-0-code
   - [readconf.c servconf.c]
     strcasecmp instead of tolower
   - [scp.c]
     progress meter overflow fix from damien@ibs.com.au
   - [ssh-add.1 ssh-add.c]
     SSH_ASKPASS support
   - [ssh.1 ssh.c]
     postpone fork_after_authentication until command execution,
     request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
     plus: use daemon() for backgrounding
1999-11-25 11:54:57 +11:00
Damien Miller
95def09838 - Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
   - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
     [ssh.h sshd.8 sshd.c]
     syslog changes:
     * Unified Logmessage for all auth-types, for success and for failed
     * Standard connections get only ONE line in the LOG when level==LOG:
       Auth-attempts are logged only, if authentication is:
          a) successfull or
          b) with passwd or
          c) we had more than AUTH_FAIL_LOG failues
     * many log() became verbose()
     * old behaviour with level=VERBOSE
   - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
     tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
     messages. allows use of s/key in windows (ttssh, securecrt) and
     ssh-1.2.27 clients without 'ssh -v', ok: niels@
   - [sshd.8]
     -V, for fallback to openssh in SSH2 compatibility mode
   - [sshd.c]
     fix sigchld race; cjc5@po.cwru.edu
1999-11-25 00:26:21 +11:00
Damien Miller
3744b51918 - Numerous little Solaris fixes 1999-11-23 11:24:32 +11:00
Damien Miller
d733c91bf3 Only display comment for ssh-askpass 1999-11-22 18:11:23 +11:00
Damien Miller
10f6f6ba9e - Merged OpenBSD CVS changes
- [ChangeLog.Ylonen] noone needs this anymore
   - [authfd.c] close-on-exec for auth-socket, ok deraadt
   - [hostfile.c]
     in known_hosts key lookup the entry for the bits does not need
     to match, all the information is contained in n and e. This
     solves the problem with buggy servers announcing the wrong
     modulus length.  markus and me.
   - [serverloop.c]
     bugfix: check for space if child has terminated, from:
     iedowse@maths.tcd.ie
   - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
     [fingerprint.c fingerprint.h]
     rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
   - [ssh-agent.1] typo
   - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
   - [sshd.c]
     force logging to stderr while loading private key file
     (lost while converting to new log-levels)
1999-11-17 17:29:08 +11:00
Damien Miller
7e8e820153 - Merged OpenBSD CVS changes:
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
     [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
     the keysize of rsa-parameter 'n' is passed implizit,
     a few more checks and warnings about 'pretended' keysizes.
   - [cipher.c cipher.h packet.c packet.h sshd.c]
     remove support for cipher RC4
   - [ssh.c]
     a note for legay systems about secuity issues with permanently_set_uid(),
     the private hostkey and ptrace()
   - [sshconnect.c]
     more detailed messages about adding and checking hostkeys
1999-11-16 13:37:16 +11:00
Damien Miller
3f905872b0 - Merged more Solaris compability from Marc G. Fournier
<marc.fournier@acadiau.ca>
 - Wrote autoconf tests for __progname symbol
1999-11-15 17:10:57 +11:00
Damien Miller
d05a247953 - Merged OpenBSD CVS changes:
- [ssh-add.c] change passphrase loop logic and remove ref to
     $DISPLAY, ok niels
 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
   modular.
 - Revised autoconf support for enabling/disabling askpass support.
1999-11-15 14:25:30 +11:00
Damien Miller
3d1b22c150 - Make ssh-askpass support optional through autoconf 1999-11-12 15:46:08 +11:00
Damien Miller
c7b38ceed6 - Autodetection of SSL/Crypto library location via autoconf
- Fixed location of ssh-askpass to follow autoconf
 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
 - Autodetection of RSAref library for US users
 - Minor doc updates
1999-11-09 10:28:04 +11:00
Damien Miller
fd7c911f09 Merged OpenBSD CVS changes that go away 1999-11-08 16:15:55 +11:00
Damien Miller
356a0b004a Lots of changes:
- Removed lots of unnecessary checks from autoconf
 - Added support and autoconf test for openpty() function (Unix98 pty support)
 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
 - Added TODO file
 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
   - Added ssh-askpass program
   - Added ssh-askpass support to ssh-add.c
   - Create symlinks for slogin on install
   - Fix "distclean" target in makefile
   - Added example for ssh-agent to manpage
   - Added support for PAM_TEXT_INFO messages
   - Disable internal /etc/nologin support if PAM enabled
 - Merged latest OpenBSD CVS changes:
   - [sshd.c] don't send fail-msg but disconnect if too many authentication
     failures
   - [sshd.c] replace assert() with error, fatal or packet_disconnect
   - [sshd.c] remove unused argument. ok dugsong
   - [sshd.c] typo
   - [rsa.c] clear buffers used for encryption. ok: niels
   - [rsa.c] replace assert() with error, fatal or packet_disconnect
 - Fixed coredump after merge of OpenBSD rsa.c patch
1999-11-08 15:30:59 +11:00
Damien Miller
01ab4a25c8 Merged latest OpenBSD changes. 1999-10-28 15:23:30 +10:00
Damien Miller
d4a8b7e34d Initial revision 1999-10-27 13:42:43 +10:00