Commit Graph

3477 Commits

Author SHA1 Message Date
Darren Tucker
d05b601895 - markus@cvs.openbsd.org 2003/10/11 08:26:43
[sshconnect2.c]
     search keys in reverse order; fixes #684
2003-10-15 15:55:59 +10:00
Darren Tucker
0a118da00e - markus@cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Darren Tucker
a044f47679 - markus@cvs.openbsd.org 2003/10/08 15:21:24
[readconf.c ssh_config.5]
     default GSS API to no in client, too; ok jakob, deraadt@
2003-10-15 15:52:03 +10:00
Darren Tucker
1f20394e92 - jmc@cvs.openbsd.org 2003/10/08 08:27:36
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
     scp and sftp: add options list and sort options. options list requested
     by deraadt@
     sshd: use same format as ssh
     ssh: remove wrong option from list
     sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
     ok deraadt@ markus@
2003-10-15 15:50:42 +10:00
Darren Tucker
439ce0daf9 Add FALLTHROUGH comment 2003-10-09 14:20:15 +10:00
Darren Tucker
6c0c0705e3 - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ 2003-10-09 14:13:53 +10:00
Darren Tucker
0240ff786e - djm@cvs.openbsd.org 2003/10/07 07:04:52
[regress/sftp-cmds.sh]
     more sftp quoting regress tests; ok markus
2003-10-08 17:52:10 +10:00
Darren Tucker
dc001a5ee3 - dtucker@cvs.openbsd.org 2003/10/07 01:52:13
[regress/Makefile regress/banner.sh]
     Test SSH2 banner.  ok markus@
2003-10-08 17:47:19 +10:00
Darren Tucker
796448276c - deraadt@cvs.openbsd.org 2003/10/07 21:58:28
[sshconnect2.c]
     set ptr to NULL after free
2003-10-08 17:37:58 +10:00
Darren Tucker
64dbccc2a5 - djm@cvs.openbsd.org 2003/10/07 07:04:16
[sftp-int.c]
     sftp quoting fix from admorten AT umich.edu; ok markus@
2003-10-08 17:34:38 +10:00
Darren Tucker
046dff2a07 - dtucker@cvs.openbsd.org 2003/10/07 01:47:27
[sshconnect2.c]
     Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707.
     ok markus@
2003-10-08 17:32:02 +10:00
Darren Tucker
89df7a3eca - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on
Reliant Unix.  Based on patch from Robert.Dahlem at siemens.com.
2003-10-07 20:35:57 +10:00
Darren Tucker
3b2a06c0d7 - (dtucker) [configure.ac] Bug #715: Set BROKEN_SETREUID and BROKEN_SETREGID
on Reliant Unix.  Patch from Robert.Dahlem at siemens.com.
2003-10-07 18:37:11 +10:00
Darren Tucker
2e8c0cc752 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c]
Bug #670: add strtoul() to openbsd-compat for platforms lacking it.  ok djm@
2003-10-07 17:49:56 +10:00
Darren Tucker
dfe6d914b7 - (dtucker) [contrib/redhat/openssh.spec] Bug #714: Now that UsePAM is a
run-time switch, always build --with-md5-passwords.
2003-10-07 17:40:56 +10:00
Darren Tucker
f4bf5d086a So people know who to blame... 2003-10-07 11:31:22 +10:00
Darren Tucker
8846a07639 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
cleanup functions.  With & ok djm@
2003-10-07 11:30:15 +10:00
Damien Miller
6f1f611a52 - (djm) Delete autom4te.cache after autoreconf 2003-10-07 10:18:22 +10:00
Tim Rice
30aa44cf0a [contrib/caldera/openssh.spec] Remove obsolete --with-ipv4-default option. 2003-10-03 22:30:23 -07:00
Darren Tucker
e3ca82e06c - markus@cvs.openbsd.org 2003/10/02 08:26:53
[ssh-gss.h]
     missing $OpenBSD:; dtucker
2003-10-03 18:02:30 +10:00
Darren Tucker
4a2505445f - markus@cvs.openbsd.org 2003/10/02 10:41:59
[sshd.c]
     print openssl version, too, several requests; ok henning/djm.
2003-10-03 17:57:24 +10:00
Darren Tucker
f391ba6730 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
Based on patches by Matthias Koeppe and Thomas Baden.  ok djm@
2003-10-02 20:07:09 +10:00
Darren Tucker
7596d6866f - (dtucker) [ssh-gss.h] Prototype change missed in sync. 2003-10-02 17:32:30 +10:00
Darren Tucker
0ccb59b85c - (dtucker) [configure.ac] Don't set DISABLE_SHADOW when configuring
--with-pam.  ok djm@
2003-10-02 16:26:34 +10:00
Darren Tucker
a49d36e7b9 - markus@cvs.openbsd.org 2003/09/29 20:19:57
[servconf.c sshd_config]
     GSSAPICleanupCreds -> GSSAPICleanupCredentials
2003-10-02 16:20:54 +10:00
Darren Tucker
6177695c0b - jmc@cvs.openbsd.org 2003/09/29 11:40:51
[ssh.1]
     - add list of options to -o and .Xr ssh_config(5)
     - some other cleanup
     requested by deraadt@;
     ok deraadt@ markus@
2003-10-02 16:19:47 +10:00
Darren Tucker
8fca6b57b4 - markus@cvs.openbsd.org 2003/09/26 08:19:29
[sshd.c]
     no need to set the listen sockets to non-block; ok deraadt@
2003-10-02 16:18:22 +10:00
Darren Tucker
5dcdd219fb - markus@cvs.openbsd.org 2003/09/23 20:41:11
[channels.c channels.h clientloop.c]
     move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
Darren Tucker
6cc310bd5f - markus@cvs.openbsd.org 2003/09/23 20:18:52
[progressmeter.c]
     don't print trailing \0; bug #709; Robert.Dahlem@siemens.com
     ok millert/deraadt@
2003-10-02 16:15:15 +10:00
Darren Tucker
3e33cecf71 - markus@cvs.openbsd.org 2003/09/23 20:17:11
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
Ben Lindstrom
b210aa2cfa - (bal) Fix issues in openbsd-compat/realpath.c 2003-09-30 23:49:06 +00:00
Tim Rice
d4d1815cae [sshd_config] UsePAM defaults to no. 2003-09-25 19:04:34 -07:00
Darren Tucker
b88fcc755d - (dtucker) [configure.ac openbsd-compat/xcrypt.c] Bug #633: Remove
DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam.  Patch from
   michael_steffens at hp.com, ok djm@
2003-09-25 20:18:33 +10:00
Darren Tucker
beaf6790e1 - (dtucker) [configure.ac] IRIX5 needs the same setre[ug]id defines as IRIX6. 2003-09-24 20:03:48 +10:00
Damien Miller
dbb104791b - (djm) Update version.h and spec files for HEAD 2003-09-24 08:30:18 +10:00
Damien Miller
5c3a55846a - (djm) Sync with V_3_7 branch:
- (djm) Fix SSH1 challenge kludge
   - (djm) Bug #671: Fix builds on OpenBSD
   - (djm) Bug #676: Fix PAM stack corruption
   - (djm) Fix bad free() in PAM code
   - (djm) Don't call pam_end before pam_init
   - (djm) Enable build with old OpenSSL again
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2003-09-23 22:12:38 +10:00
Tim Rice
7ff4e6dbe5 [configure.ac] add --disable-etc-default-login option. ok djm 2003-09-22 19:50:14 -07:00
Ben Lindstrom
da4d9cf4bf - (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by john
on #unixhelp@efnet
2003-09-22 15:36:15 +00:00
Darren Tucker
9a2c4cddad - markus@cvs.openbsd.org 2003/09/19 17:43:35
[clientloop.c sshtty.c sshtty.h]
     remove fatal callbacks from client code; ok deraadt
2003-09-22 21:16:05 +10:00
Darren Tucker
8654d16f0f - markus@cvs.openbsd.org 2003/09/19 17:40:20
[scp.c]
     error handling for remote-remote copy; #638; report Harald Koenig;
     ok millert, fgs, henning, deraadt
2003-09-22 21:14:55 +10:00
Darren Tucker
aaa56cb804 - markus@cvs.openbsd.org 2003/09/19 11:33:09
[packet.c sshd.c]
     do not call packet_close on fatal; ok deraadt
2003-09-22 21:13:59 +10:00
Darren Tucker
3dbff2a93b - markus@cvs.openbsd.org 2003/09/19 11:31:33
[channels.c]
     do not call channel_free_all on fatal; ok deraadt
2003-09-22 21:12:56 +10:00
Darren Tucker
3d32622171 - markus@cvs.openbsd.org 2003/09/19 11:30:39
[ssh-keyscan.c]
     avoid fatal_cleanup, just call exit(); ok deraadt
2003-09-22 21:11:20 +10:00
Darren Tucker
6fa8abd58b - markus@cvs.openbsd.org 2003/09/19 11:29:40
[ssh-agent.c]
     provide a ssh-agent specific fatal() function; ok deraadt
2003-09-22 21:10:21 +10:00
Darren Tucker
631a4a9b3e - markus@cvs.openbsd.org 2003/09/19 09:03:00
[buffer.c]
     sign fix in buffer_dump; Jedi/Sector One; pr 3473
2003-09-22 21:08:21 +10:00
Darren Tucker
a8151da5fe - markus@cvs.openbsd.org 2003/09/19 09:02:02
[packet.c]
     buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
2003-09-22 21:06:46 +10:00
Darren Tucker
c0815c927e - miod@cvs.openbsd.org 2003/09/18 13:02:21
[authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
     A few signedness fixes for harmless situations; markus@ ok
2003-09-22 21:05:50 +10:00
Darren Tucker
fb16b2411e - markus@cvs.openbsd.org 2003/09/18 08:49:45
[deattack.c misc.c session.c ssh-agent.c]
     more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
     ok millert@
2003-09-22 21:04:23 +10:00
Darren Tucker
d1d41b3181 - markus@cvs.openbsd.org 2003/09/18 07:56:05
[authfile.c]
     missing  buffer_free(&encrypted); #662; zardoz at users.sf.net
2003-09-22 21:01:27 +10:00
Darren Tucker
d2730d39a1 - markus@cvs.openbsd.org 2003/09/18 07:54:48
[buffer.c]
     protect against double free; #660;  zardoz at users.sf.net
2003-09-22 21:00:19 +10:00