RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2025-02-24 09:46:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
543 Commits 69 Branches 158 Tags 28 MiB
b8c656e744
Commit Graph

351 Commits

Author SHA1 Message Date
Damien Miller
c4be7ce669 - RSAless operation patch from kevin_oconnor@standardandpoors.com 2000-05-17 23:02:03 +10:00
Damien Miller
615f939ebb - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> 
- INSTALL typo and URL fix
  - Makefile fix
  - Solaris fixes
 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
   <ksakai@kso.netwk.ntt-at.co.jp>
 2000-05-17 22:53:33 +10:00
Damien Miller
dcb6ecd1b3 - OpenBSD CVS update: 
- markus@cvs.openbsd.org
    [ssh.c]
    fix usage()
    [ssh2.h]
    draft-ietf-secsh-architecture-05.txt
    [ssh.1]
    document ssh -T -N (ssh2 only)
    [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
    enable nonblocking IO for sshd w/ proto 1, too; split out common code
    [aux.c]
    missing include
 2000-05-17 22:34:22 +10:00
Damien Miller
0e65eed58a - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> 2000-05-17 22:16:05 +10:00
Damien Miller
f3c6cf1383 - Avoid WCOREDUMP complation errors for systems that lack it 
- Avoid SIGCHLD warnings from entropy commands
 2000-05-17 22:08:29 +10:00
Damien Miller
d2c208a2d3 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix 2000-05-17 22:00:02 +10:00
Damien Miller
8d1fd57a97 - Fix from Andre Lucas <andre.lucas@dial.pipex.com> 
- Fixes command line printing segfaults (spotter: Bladt Norbert)
  - Fixes erroneous printing of debug messages to syslog
  - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
  - Gives useful error message if PRNG initialisation fails
  - Reduced ssh startup delay
  - Measures cumulative command time rather than the time between reads
	 after select()
  - 'fixprogs' perl script to eliminate non-working entropy commands, and
	 optionally run 'ent' to measure command entropy
 2000-05-17 21:34:07 +10:00
Damien Miller
95fe91bd84 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz 
<misiek@pld.org.pl>
 2000-05-13 12:31:22 +10:00
Damien Miller
accfeb3afe - Fix for prng_seed permissions checking from Lutz Jaenicke 
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-05-11 19:10:58 +10:00
Damien Miller
95e8963429 idoh 2000-05-09 15:28:50 +10:00
Damien Miller
54057c2b9b - Doc updates 2000-05-09 15:03:37 +10:00
Damien Miller
16e519cb9c - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a 2000-05-09 14:28:55 +10:00
Damien Miller
30c3d42930 - OpenBSD CVS update 
- markus@cvs.openbsd.org
    [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
    [ssh.h sshconnect1.c sshconnect2.c sshd.8]
    - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
  - hugh@cvs.openbsd.org
    [ssh.1]
    - zap typo
    [ssh-keygen.1]
    - One last nit fix. (markus approved)
    [sshd.8]
    - some markus certified spelling adjustments
  - markus@cvs.openbsd.org
    [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
    [sshconnect2.c ]
    - bug compat w/ ssh-2.0.13 x11, split out bugs
    [nchan.c]
    - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
    [ssh-keygen.c]
    - handle escapes in real and original key format, ok millert@
    [version.h]
    - OpenSSH-2.1
 2000-05-09 11:02:59 +10:00
Damien Miller
61e50f10c2 - Configure caching and cleanup patch from Andre Lucas' 
<andre.lucas@dial.pipex.com>
 2000-05-08 20:49:37 +10:00
Damien Miller
6d48871faf - OpenBSD CVS update 
- markus@cvs.openbsd.org
    [clientloop.c sshconnect2.c]
    - make x11-fwd interop w/ ssh-2.0.13
    [README.openssh2]
    - interop w/ SecureFX
 - Release 2.0.0beta2
 2000-05-08 13:44:52 +10:00
Damien Miller
58e579bcd9 - Generate DSA host keys during "make key" or RPM installs 2000-05-08 00:05:31 +10:00
Damien Miller
e247cc402b - Remove references to SSLeay. 
- Big OpenBSD CVS update
  - markus@cvs.openbsd.org
    [clientloop.c]
    - typo
    [session.c]
    - update proctitle on pty alloc/dealloc, e.g. w/ windows client
    [session.c]
    - update proctitle for proto 1, too
    [channels.h nchan.c serverloop.c session.c sshd.c]
    - use c-style comments
  - deraadt@cvs.openbsd.org
    [scp.c]
    - more atomicio
  - markus@cvs.openbsd.org
    [channels.c]
    - set O_NONBLOCK
    [ssh.1]
    - update AUTHOR
    [readconf.c ssh-keygen.c ssh.h]
    - default DSA key file ~/.ssh/id_dsa
    [clientloop.c]
    - typo, rm verbose debug
  - deraadt@cvs.openbsd.org
    [ssh-keygen.1]
    - document DSA use of ssh-keygen
    [sshd.8]
    - a start at describing what i understand of the DSA side
    [ssh-keygen.1]
    - document -X and -x
    [ssh-keygen.c]
    - simplify usage
  - markus@cvs.openbsd.org
    [sshd.8]
    - there is no rhosts_dsa
    [ssh-keygen.1]
    - document -y, update -X,-x
    [nchan.c]
    - fix close for non-open ssh1 channels
    [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
    - s/DsaKey/HostDSAKey/, document option
    [sshconnect2.c]
    - respect number_of_password_prompts
    [channels.c channels.h servconf.c servconf.h session.c sshd.8]
    - GatewayPorts for sshd, ok deraadt@
    [ssh-add.1 ssh-agent.1 ssh.1]
    - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
    [ssh.1]
    - more info on proto 2
    [sshd.8]
    - sync AUTHOR w/ ssh.1
    [key.c key.h sshconnect.c]
    - print key type when talking about host keys
    [packet.c]
    - clear padding in ssh2
    [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
    - replace broken uuencode w/ libc b64_ntop
    [auth2.c]
    - log failure before sending the reply
    [key.c radix.c uuencode.c]
    - remote trailing comments before calling __b64_pton
    [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
    [sshconnect2.c sshd.8]
    - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
 2000-05-07 12:03:14 +10:00
Damien Miller
0437b33e54 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy 
gathering commands from a text file
 2000-05-02 09:56:41 +10:00
Damien Miller
6f83b8e34d - OpenBSD CVS update 
[channels.c]
   - init all fds, close all fds.
   [sshconnect2.c]
   - check whether file exists before asking for passphrase
   [servconf.c servconf.h sshd.8 sshd.c]
   - PidFile, pr 1210
   [channels.c]
   - EINTR
   [channels.c]
   - unbreak, ok niels@
   [sshd.c]
   - unlink pid file, ok niels@
   [auth2.c]
   - Add missing #ifdefs; ok - markus
 2000-05-02 09:23:45 +10:00
Damien Miller
63560f9bfc Prepare for 2.0.0beta1 2000-05-02 09:06:04 +10:00
Damien Miller
fc0b11b5aa - Irix portability fixes - don't include netinet headers more than once 
- Make sure we don't save PRNG seed more than once
 2000-05-02 00:03:55 +10:00
Damien Miller
7c0042629e - Deprecate perl-tk askpass. 2000-05-01 22:57:46 +10:00
Damien Miller
1cead2c02c - Add some missing ifdefs to auth2.c 2000-05-01 22:55:23 +10:00
Damien Miller
0e489dc5ae - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering 
<gd@hilb1.medat.de>
 2000-05-01 22:53:53 +10:00
Damien Miller
35dabd0398 [scp.c] 
- fix very rare EAGAIN/EINTR issues; based on work by djm
   [packet.c]
   - less debug, rm unused
   [auth2.c]
   - disable kerb,s/key in ssh2
   [sshd.8]
   - Minor tweaks and typo fixes.
   [ssh-keygen.c]
   - Put -d into usage and reorder. markus ok.
 2000-05-01 21:10:33 +10:00
Damien Miller
70fb671d21 - Fixed __progname symbol collisions reported by Andre Lucas 
<andre.lucas@dial.pipex.com>
 2000-05-01 20:59:50 +10:00
Damien Miller
e59ce627a4 - Include missing headers for OpenSSL tests. Fix from Phil Karn 
<karn@ka9q.ampr.org>
 2000-05-01 20:54:17 +10:00
Damien Miller
7c8af4fca8 packet.c 
send debug messages in SSH2 format
 2000-05-01 08:24:07 +10:00
Damien Miller
bd483e7690 - More OpenBSD updates: 
[session.c]
   - don't call chan_write_failed() if we are not writing
   [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
   - keysize warnings error() -> log()
 2000-04-30 10:00:53 +10:00
Damien Miller
4018c1985d - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection 
patch.
   - Adds timeout to entropy collection
   - Disables slow entropy sources
   - Load and save seed file
 - Changed entropy seed code to user per-user seeds only (server seed is
   saved in root's .ssh directory)
 - Use atexit() and fatal cleanups to save seed on exit
 2000-04-30 09:30:44 +10:00
Damien Miller
1bead335d7 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> 2000-04-30 00:47:29 +10:00
Damien Miller
eba71bab9b - Merge big update to OpenSSH-2.0 from OpenBSD CVS 
[README.openssh2]
   - interop w/ F-secure windows client
   - sync documentation
   - ssh_host_dsa_key not ssh_dsa_key
   [auth-rsa.c]
   - missing fclose
   [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
   [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
   [sshd.c uuencode.c uuencode.h authfile.h]
   - add DSA pubkey auth and other SSH2 fixes.  use ssh-keygen -[xX]
     for trading keys with the real and the original SSH, directly from the
     people who invented the SSH protocol.
   [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
   [sshconnect1.c sshconnect2.c]
   - split auth/sshconnect in one file per protocol version
   [sshconnect2.c]
   - remove debug
   [uuencode.c]
   - add trailing =
   [version.h]
   - OpenSSH-2.0
   [ssh-keygen.1 ssh-keygen.c]
   - add -R flag: exit code indicates if RSA is alive
   [sshd.c]
   - remove unused
     silent if -Q is specified
   [ssh.h]
   - host key becomes /etc/ssh_host_dsa_key
   [readconf.c servconf.c ]
   - ssh/sshd default to proto 1 and 2
   [uuencode.c]
   - remove debug
   [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
   - xfree DSA blobs
   [auth2.c serverloop.c session.c]
   - cleanup logging for sshd/2, respect PasswordAuth no
   [sshconnect2.c]
   - less debug, respect .ssh/config
   [README.openssh2 channels.c channels.h]
   - clientloop.c session.c ssh.c
   - support for x11-fwding, client+server
 2000-04-29 23:57:08 +10:00
Damien Miller
8117111a3c - Define __progname in session.c if libc doesn't 
- Remove indentation on autoconf #include statements to avoid bug in
   DEC Tru64 compiler. Report and fix from David Del Piero
   <David.DelPiero@qed.qld.gov.au>
 2000-04-23 11:14:01 +10:00
Damien Miller
a552faf564 - Merge fix from OpenBSD CVS 
[ssh-agent.c]
  - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
    via Debian bug #59926
 2000-04-21 15:55:20 +10:00
Damien Miller
f3a3fee942 - Debian bug #58031 - ssh_config lies about default cipher 2000-04-20 23:32:48 +10:00
Damien Miller
cfabe86720 - Debian bug #55910 - remove references to ssl(8) manpages 2000-04-20 23:27:27 +10:00
Damien Miller
d0cff3ecc4 - Merge fixes from Debian patch from Phil Hands <phil@hands.com> 
- Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
  - Use vhangup to clean up Linux ttys
  - Force posix getopt processing on GNU libc systems
 2000-04-20 23:12:58 +10:00
Damien Miller
166fca8894 - Sync with OpenBSD CVS: 
[clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
  - pid_t
  [session.c]
  - remove bogus chan_read_failed. this could cause data
    corruption (missing data) at end of a SSH2 session.
 2000-04-20 07:42:21 +10:00
Damien Miller
3ef692aa05 - Make fixpaths work with perl4, patch from Andre Lucas 
<andre.lucas@dial.pipex.com>
 2000-04-20 07:33:24 +10:00
Damien Miller
8bb73be04e - OpenBSD CVS updates 
[channels.c]
   - fix pr 1196, listen_port and port_to_connect interchanged
   [scp.c]
   - after completion, replace the progress bar ETA counter with a final
     elapsed time; my idea, aaron wrote the patch
   [ssh_config sshd_config]
   - show 'Protocol' as an example, ok markus@
   [sshd.c]
   - missing xfree()
 - Add missing header to bsd-misc.c
 2000-04-19 16:26:12 +10:00
Damien Miller
5f05637b0e - Reduce diff against OpenBSD source 
- All OpenSSL includes are now unconditionally referenced as
     openssl/foo.h
   - Pick up formatting changes
   - Other minor changed (typecasts, etc) that I missed
 2000-04-16 12:31:48 +10:00
Damien Miller
4af51306d9 - OpenBSD CVS updates. 
[ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   - whitespace cleanup
 2000-04-16 11:18:38 +10:00
Damien Miller
22c772609a - Merged OpenBSD updates to include paths. 2000-04-13 12:26:34 +10:00
Damien Miller
e71eb91259 doc 2000-04-13 12:19:32 +10:00
Damien Miller
78928793fb - OpenBSD CVS updates: 
- [channels.c]
     repair x11-fwd
   - [sshconnect.c]
     fix passwd prompt for ssh2, less debugging output.
   - [clientloop.c compat.c dsa.c kex.c sshd.c]
     less debugging output
   - [kex.c kex.h sshconnect.c sshd.c]
     check for reasonable public DH values
   - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
     [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
     add Cipher and Protocol options to ssh/sshd, e.g.:
     ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
     arcfour,3des-cbc'
   - [sshd.c]
     print 1.99 only if server supports both
 2000-04-12 20:17:38 +10:00
Damien Miller
efb4afe026 - More large OpenBSD CVS updates: 
- [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
     [session.h ssh.h sshd.c README.openssh2]
     ssh2 server side, see README.openssh2; enable with 'sshd -2'
   - [channels.c]
     no adjust after close
   - [sshd.c compat.c ]
     interop w/ latest ssh.com windows client.
 2000-04-12 18:45:05 +10:00
Damien Miller
11e37f638d - Only set define entropy collection macros if they are found 2000-04-08 18:23:30 +10:00
Damien Miller
bc7c7cceea - Avoid some compiler warnings in fake-get*.c 
- Add IPTOS macros for systems which lack them
 2000-04-08 17:48:56 +10:00
Damien Miller
1383bd8eb9 - OpenBSD CVS update: 
- [channels.c]
     close efd on eof
   - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
     ssh2 client implementation, interops w/ ssh.com and lsh servers.
   - [sshconnect.c]
     missing free.
   - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
     remove unused argument, split cipher_mask()
   - [clientloop.c]
     re-order: group ssh1 vs. ssh2
 - Make Redhat spec require openssl >= 0.9.5a
 2000-04-06 12:32:37 +10:00
Damien Miller
74a333bbe1 - Generate manpages before make install not at the end of make all 
- Don't seed the rng quite so often
 - Always reseed rng when requested
 2000-04-04 15:04:09 +10:00
Damien Miller
33b13568b5 - OpenBSD CVS update: 
- [packet.h packet.c]
     ssh2 packet format
   - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
     [channels.h channels.c]
     channel layer support for ssh2
   - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
     DSA, keyexchange, algorithm agreement for ssh2
 2000-04-04 14:38:59 +10:00
Damien Miller
193ba88dd6 - Add tests for RAND_add function when searching for OpenSSL 2000-04-04 10:21:09 +10:00
Damien Miller
70494d18ee - Disable tests and typedefs for 64 bit types. They are currently unused. 2000-04-03 15:57:06 +10:00
Damien Miller
040f3831fc - Wrote entropy collection routines for systems that lack /dev/random 
and EGD
 2000-04-03 14:50:43 +10:00
Damien Miller
b38eff8e4f - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) 
- [auth.c session.c sshd.c auth.h]
     split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
   - [bufaux.c bufaux.h]
     support ssh2 bignums
   - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
     [readconf.c ssh.c ssh.h serverloop.c]
     replace big switch() with function tables (prepare for ssh2)
   - [ssh2.h]
     ssh2 message type codes
   - [sshd.8]
     reorder Xr to avoid cutting
   - [serverloop.c]
     close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
   - [channels.c]
     missing close
     allow bigger packets
   - [cipher.c cipher.h]
     support ssh2 ciphers
   - [compress.c]
     cleanup, less code
   - [dispatch.c dispatch.h]
     function tables for different message types
   - [log-server.c]
     do not log() if debuggin to stderr
     rename a cpp symbol, to avoid param.h collision
   - [mpaux.c]
     KNF
   - [nchan.c]
     sync w/ channels.c
 2000-04-01 11:09:21 +10:00
Damien Miller
450a7a1ff4 - OpenBSD CVS update 
- [auth-krb4.c]
     -Wall
   - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
     [match.h ssh.c ssh.h sshconnect.c sshd.c]
     initial support for DSA keys. ok deraadt@, niels@
   - [cipher.c cipher.h]
     remove unused cipher_attack_detected code
   - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     Fix some formatting problems I missed before.
   - [ssh.1 sshd.8]
     fix spelling errors, From: FreeBSD
   - [ssh.c]
     switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
 2000-03-26 13:04:51 +10:00
Damien Miller
2c9279fa66 - Better tests for OpenSSL w/ RSAref 
- Added replacement setenv() function from OpenBSD libc. Suggested by
   Ben Lindstrom <mouring@pconline.com>
 2000-03-26 12:12:34 +10:00
Damien Miller
63a46cc4f5 version 2000-03-24 09:24:33 +11:00
Damien Miller
e37ac5ae17 - Runtime error fix for HPUX from Otmar Stahl 
<O.Stahl@lsw.uni-heidelberg.de>
 2000-03-17 23:58:59 +11:00
Damien Miller
7684ee17ee - OpenBSD CVS updates: 
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
     [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     [sshd.c]
     pedantic: signed vs. unsigned, void*-arithm, etc
   - [ssh.1 sshd.8]
     Various cleanups and standardizations.
 2000-03-17 23:40:15 +11:00
Damien Miller
d6121d2972 - Checks for 64 bit int types. Problem report from Mats Fredholm 
<matsf@init.se>
 2000-03-17 23:26:46 +11:00
Damien Miller
29ea30d956 - Clarified --with-default-path option. 
- Added -blibpath handling for AIX to work around stupid runtime linking.
   Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
   <jmknoble@pobox.com>
 2000-03-17 10:54:15 +11:00
Damien Miller
ca9a49cd0b - Added blurb about "scp: command not found" errors to UPGRADING 2000-03-16 12:23:13 +11:00
Damien Miller
9687322c03 spello 2000-03-16 12:07:43 +11:00
Damien Miller
fd26368068 - Doc cleanups 2000-03-16 11:51:09 +11:00
Damien Miller
166bd448c9 - Propogate LD through to Makefile 2000-03-16 10:48:25 +11:00
Damien Miller
08c788a9b3 - Fixed configure not passing LDFLAGS to Solaris. Report from David G. 
Hesprich <dghespri@sprintparanet.com>
 2000-03-16 07:52:29 +11:00
Damien Miller
856799ba27 - Configure fix from Bratislav ILICH <bilic@zepter.ru> 2000-03-15 21:18:10 +11:00
Damien Miller
8b1c22b775 - Created contrib/ subdirectory. Included helpers from Phil Hands' 
Debian package, README file and chroot patch from Ricardo Cerqueira
   <rmcc@clix.pt>
 - Moved gnome-ssh-askpass.c to contrib directory and reomved config
   option.
 - Slight cleanup to doc files
 2000-03-15 12:13:01 +11:00
Damien Miller
f09b07a971 - Don't free argument to putenv() after use (in setenv() replacement). 
Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
 2000-03-15 11:23:48 +11:00
Damien Miller
a1ad4802ff - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list 
problems with gcc/Solaris.
 2000-03-15 10:04:54 +11:00
Damien Miller
db819595d3 - Include /usr/local/include and /usr/local/lib for systems that don't 
do it themselves
 - -R/usr/local/lib for Solaris
 - Fix RSAref detection
 - Fix IN6_IS_ADDR_V4MAPPED macro
 2000-03-14 13:44:01 +11:00
Damien Miller
1c67c9969c - Include macro for IN6_IS_ADDR_V4MAPPED. Report from 
peter@frontierflying.com
 2000-03-14 10:16:34 +11:00
Damien Miller
7bcb089ef7 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> 2000-03-11 20:45:40 +11:00
Damien Miller
d58b3abe0e More config fixes 2000-03-11 20:05:11 +11:00
Damien Miller
02491e9632 - OpenBSD CVS change 
[sshd.c]
    - disallow guessing of root password
 2000-03-11 11:58:28 +11:00
Damien Miller
b85dcad762 - Detect RSAref 2000-03-11 11:37:00 +11:00
Damien Miller
8f975b6a18 - Removed warning workaround for Linux and devpts filesystems (no longer 
required after OpenBSD updates)
 2000-03-09 22:31:13 +11:00
Damien Miller
98c7ad60ec - OpenBSD CVS updates to v1.2.3 
[ssh.h atomicio.c]
	 - int atomicio -> ssize_t (for alpha). ok deraadt@
	[auth-rsa.c]
	 - delay MD5 computation until client sends response, free() early, cleanup.
	[cipher.c]
	 - void* -> unsigned char*, ok niels@
	[hostfile.c]
	 - remove unused variable 'len'. fix comments.
	 - remove unused variable
	[log-client.c log-server.c]
	 - rename a cpp symbol, to avoid param.h collision
	[packet.c]
	 - missing xfree()
	 - getsockname() requires initialized tolen; andy@guildsoftware.com
	 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
	from Holger.Trapp@Informatik.TU-Chemnitz.DE
	[pty.c pty.h]
	 - register cleanup for pty earlier. move code for pty-owner handling to
   	pty.c ok provos@, dugsong@
	[readconf.c]
	 - turn off x11-fwd for the client, too.
	[rsa.c]
	 - PKCS#1 padding
	[scp.c]
	 - allow '.' in usernames; from jedgar@fxp.org
	[servconf.c]
	 - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
	 - sync with sshd_config
	[ssh-keygen.c]
	 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
	[ssh.1]
	 - Change invalid 'CHAT' loglevel to 'VERBOSE'
	[ssh.c]
	 - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
	 - turn off x11-fwd for the client, too.
	[sshconnect.c]
	 - missing xfree()
	 - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
	 - read error vs. "Connection closed by remote host"
	[sshd.8]
	 - ie. -> i.e.,
	 - do not link to a commercial page..
	 - sync with sshd_config
	[sshd.c]
	 - no need for poll.h; from bright@wintelcom.net
	 - log with level log() not fatal() if peer behaves badly.
	 - don't panic if client behaves strange. ok deraadt@
	 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
	 - delay close() of pty until the pty has been chowned back to root
	 - oops, fix comment, too.
	 - missing xfree()
	 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
   	(http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
	 - register cleanup for pty earlier. move code for pty-owner handling to
      pty.c ok provos@, dugsong@
	 - create x11 cookie file
	 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
	 - version 1.2.3
 - Cleaned up
 2000-03-09 21:27:49 +11:00
Damien Miller
1a07ebd4d8 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> 2000-03-08 09:03:44 +11:00
Damien Miller
65165f8d83 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion 
Mate Wierdl <mw@moni.msci.memphis.edu>
 2000-03-05 17:02:45 +11:00
Damien Miller
9fb07e4b8b - Check for getpagesize in libucb.a if not found in libc. Fix for old 
Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
 2000-03-05 16:22:59 +11:00
Damien Miller
fac99cd12a - Explicitly seed OpenSSL's PRNG before checking rsa_alive() 2000-03-05 16:10:45 +11:00
Damien Miller
01bedb83b1 - Fix DEC compile fix 2000-03-05 16:10:03 +11:00
Damien Miller
00d4bb117a - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> 
- Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
 2000-03-03 22:48:49 +11:00
Damien Miller
3c7eeb2af5 - Don't permanently fail on bind() if getaddrinfo has more choices left for 
us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
   Miskiewicz <misiek@pld.org.pl>
 2000-03-03 22:35:33 +11:00
Damien Miller
4095f894dc - Added "make host-key" target, Suggestion from Dominik Brettnacher 
<domi@saargate.de>
 2000-03-03 22:13:52 +11:00
Damien Miller
2453d01611 - Allow root access to any key. Patch from 
markus.friedl@informatik.uni-erlangen.de
 2000-03-02 23:57:18 +11:00
Damien Miller
204ad074e5 - Warning was valid - possible race condition on PTYs. Avoided using 
platform-specific code.
 - Document some common problems
 2000-03-02 23:56:12 +11:00
Damien Miller
c4cea3e5c7 - Avoid warning message with Unix98 ptys 2000-03-02 23:31:50 +11:00
Damien Miller
c7d8dbbb0d - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de 2000-03-02 23:30:53 +11:00
Damien Miller
a22ba0152c - Big cleanup of autoconf code 
- Rearranged to be a little more logical
   - Added -R option for Solaris
   - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
     to detect library and header location _and_ ensure library has proper
     RSA support built in (this is a problem with OpenSSL 0.9.5).
 2000-03-02 23:09:20 +11:00
Damien Miller
36143d7851 - Removed SOCKS code. Will support through a ProxyCommand. 2000-02-07 13:20:26 +11:00
Damien Miller
0c0e4bfe3c - Add --with-ssl-dir option 2000-02-03 13:58:51 +11:00
Damien Miller
1852246d30 - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu 2000-02-03 01:07:07 +11:00
Damien Miller
1787252789 - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> 
- Added URLs to Japanese translations of documents by HARUYAMA Seigo
   <haruyama@nt.phys.s.u-tokyo.ac.jp>
 2000-02-02 20:56:20 +11:00
Damien Miller
6552758bae - Fix lastlog code for directory based lastlogs. Fix from Josh Durham 
<jmd@aoe.vt.edu>
 2000-02-02 19:17:40 +11:00
Damien Miller
9e53f35a6a - Use socket pairs by default (instead of pipes). Prevents race condition 
on several (buggy) OSs. Report and fix from tridge@linuxcare.com
 2000-02-01 23:05:30 +11:00
Damien Miller
6034fdfd1f - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> 2000-01-29 20:55:09 +11:00
Damien Miller
f07390e90d - Seed OpenSSL's random number generator before generating RSA keypairs 
- Split random collector into seperate file
 2000-01-29 20:40:22 +11:00