]>
Commit | Line | Data |
---|---|---|
1be697b6 | 1 | 20030124 |
2 | - (djm) OpenBSD CVS Sync | |
3 | - jmc@cvs.openbsd.org 2003/01/23 08:58:47 | |
4 | [sshd_config.5] | |
5 | typos; ok millert@ | |
c4087616 | 6 | - markus@cvs.openbsd.org 2003/01/23 13:50:27 |
7 | [authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c] | |
8 | ssh-add -c, prompt user for confirmation (using ssh-askpass) when | |
9 | private agent key is used; with djm@; test by dugsong@, djm@; | |
10 | ok deraadt@ | |
6ea3c52a | 11 | - markus@cvs.openbsd.org 2003/01/23 14:01:53 |
12 | [scp.c] | |
13 | bandwidth limitation patch (scp -l) from niels@; ok todd@, deraadt@ | |
e6b15f23 | 14 | - markus@cvs.openbsd.org 2003/01/23 14:06:15 |
15 | [scp.1 scp.c] | |
16 | scp -12; Sam Smith and others; ok provos@, deraadt@ | |
c7578bb6 | 17 | - (djm) Add TIMEVAL_TO_TIMESPEC macros |
1be697b6 | 18 | |
0df3cb2b | 19 | 20030123 |
20 | - (djm) OpenBSD CVS Sync | |
21 | - djm@cvs.openbsd.org 2003/01/23 00:03:00 | |
22 | [auth1.c] | |
23 | Don't log TIS auth response; "get rid of it" - markus@ | |
24 | ||
494b267f | 25 | 20030122 |
26 | - (djm) OpenBSD CVS Sync | |
27 | - marc@cvs.openbsd.org 2003/01/21 18:14:36 | |
28 | [ssh-agent.1 ssh-agent.c] | |
29 | Add a -t life option to ssh-agent that set the default lifetime. | |
30 | The default can still be overriden by using -t in ssh-add. | |
31 | OK markus@ | |
882a3870 | 32 | - (djm) Reorganise PAM & SIA password handling to eliminate some common code |
8582624b | 33 | - (djm) Sync regress with OpenBSD -current |
494b267f | 34 | |
877c5ea2 | 35 | 20030120 |
36 | - (djm) Fix compilation for NetBSD from dtucker@zip.com.au | |
115dc20f | 37 | - (tim) [progressmeter.c] make compilers without long long happy. |
21710e39 | 38 | - (tim) [configure.ac] Add -belf to build ELF binaries on OpenServer 5 when |
39 | using cc. (gcc already did) | |
877c5ea2 | 40 | |
5ed5468f | 41 | 20030118 |
42 | - (djm) Revert fix for Bug #442 for now. | |
43 | ||
9e2b44f5 | 44 | 20030117 |
45 | - (djm) Bug #470: Detect strnvis, not strvis in configure. | |
46 | From d_wllms@lanl.gov | |
47 | ||
280806cf | 48 | 20030116 |
49 | - (djm) OpenBSD CVS Sync | |
50 | - djm@cvs.openbsd.org 2003/01/16 03:41:55 | |
51 | [sftp-int.c] | |
52 | explicitly use first glob result | |
53 | ||
33364f27 | 54 | 20030114 |
55 | - (djm) OpenBSD CVS Sync | |
56 | - fgsch@cvs.openbsd.org 2003/01/10 23:23:24 | |
57 | [sftp-int.c] | |
58 | typo; from Nils Nordman <nino at nforced dot com>. | |
083d2e97 | 59 | - markus@cvs.openbsd.org 2003/01/11 18:29:43 |
60 | [log.c] | |
61 | set fatal_cleanups to NULL in fatal_remove_all_cleanups(); | |
62 | dtucker@zip.com.au | |
b7fd001f | 63 | - markus@cvs.openbsd.org 2003/01/12 16:57:02 |
64 | [progressmeter.c] | |
65 | allow WARNINGS=yes; ok djm@ | |
c1e07c81 | 66 | - djm@cvs.openbsd.org 2003/01/13 11:04:04 |
67 | [sftp-int.c] | |
68 | make cmds[] array static to avoid conflict with BSDI libc. | |
209d3126 | 69 | mindrot bug #466. Fix from mdev@idg.nl; ok markus@ |
538840a2 | 70 | - djm@cvs.openbsd.org 2003/01/14 10:58:00 |
71 | [sftp-client.c sftp-int.c] | |
72 | Don't try to upload or download non-regular files. Report from | |
73 | apoloval@pantuflo.escet.urjc.es; ok markus@ | |
33364f27 | 74 | |
75 | 20030113 | |
e80fb2a0 | 76 | - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type |
77 | detection to configure.ac. Prompted by stevesk@ | |
65a4b4af | 78 | - (djm) Bug #467: Add a --disable-strip option to turn off stripping of |
79 | installed binaries. From mdev@idg.nl | |
e80fb2a0 | 80 | |
d0104542 | 81 | 20030110 |
82 | - (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More | |
83 | systems may be added later. | |
9a36208d | 84 | - (djm) OpenBSD CVS Sync |
85 | - djm@cvs.openbsd.org 2003/01/08 23:53:26 | |
86 | [sftp.1 sftp.c sftp-int.c sftp-int.h] | |
87 | Cleanup error handling for batchmode | |
88 | Allow blank lines and comments in input | |
89 | Ability to suppress abort on error in batchmode ("-put blah") | |
90 | Fixes mindrot bug #452; markus@ ok | |
b65c3807 | 91 | - fgsch@cvs.openbsd.org 2003/01/10 08:19:07 |
c9c38b73 | 92 | [scp.c sftp.1 sftp.c sftp-client.c sftp-int.c progressmeter.c] |
93 | [progressmeter.h] | |
b65c3807 | 94 | sftp progress meter support. |
95 | original diffs by Nils Nordman <nino at nforced dot com> via | |
96 | markus@, merged to -current by me, djm@ ok. | |
bf0bf24b | 97 | - djm@cvs.openbsd.org 2003/01/10 08:48:15 |
98 | [sftp-client.c] | |
99 | Simplify and avoid redundancy in packet send and receive | |
100 | functions; ok fgs@ | |
25a6efd8 | 101 | - djm@cvs.openbsd.org 2003/01/10 10:29:35 |
102 | [scp.c] | |
103 | Don't ftruncate after write error, creating sparse files of | |
104 | incorrect length | |
105 | mindrot bug #403, reported by rusr@cup.hp.com; ok markus@ | |
4940c411 | 106 | - djm@cvs.openbsd.org 2003/01/10 10:32:54 |
107 | [channels.c] | |
108 | hush socket() errors, except last. Fixes mindrot bug #408; ok markus@ | |
d0104542 | 109 | |
7bb526ce | 110 | 20030108 |
111 | - (djm) Sync openbsd-compat/ with OpenBSD -current | |
93c63b8d | 112 | - (djm) Avoid redundant xstrdup/xfree in auth2-pam.c. From Solar via markus@ |
faa483fa | 113 | - (djm) OpenBSD CVS Sync |
114 | - markus@cvs.openbsd.org 2003/01/01 18:08:52 | |
115 | [channels.c] | |
116 | move big output buffer messages to debug2 | |
bfd934b9 | 117 | - djm@cvs.openbsd.org 2003/01/06 23:51:22 |
118 | [sftp-client.c] | |
119 | Fix "get -p" download to not add user-write perm. mindrot bug #426 | |
120 | reported by gfernandez@livevault.com; ok markus@ | |
048ff12c | 121 | - fgsch@cvs.openbsd.org 2003/01/07 23:42:54 |
122 | [sftp.1] | |
123 | add version; from Nils Nordman <nino at nforced dot com> via markus@. | |
124 | markus@ ok | |
c9c462e4 | 125 | - (djm) Update README to reflect AIX's status as a well supported platform. |
126 | From dtucker@zip.com.au | |
c3690df3 | 127 | - (tim) [Makefile.in configure.ac] replace fixpath with sed script. Patch |
a2144d93 | 128 | by Mo DeJong. |
ad0279ff | 129 | - (tim) [auth.c] declare today at top of allowed_user() to keep |
130 | older compilers happy. | |
a2144d93 | 131 | - (tim) [scp.c] make compilers without long long happy. |
7bb526ce | 132 | |
e7ccd20d | 133 | 20030107 |
134 | - (djm) Bug #401: Work around Linux breakage with IPv6 mapped addresses. | |
135 | Based on fix from yoshfuji@linux-ipv6.org | |
e2ef2342 | 136 | - (djm) Bug #442: Check for and deny access to accounts with locked |
137 | passwords. Patch from dtucker@zip.com.au | |
70e7d0b0 | 138 | - (djm) Bug #26: Use local mkstemp() rather than glibc's silly one. Fixes |
139 | Can't pass KRB4 TGT passing. Fix from: jan.iven@cern.ch | |
93a9a35a | 140 | - (djm) Fix Bug #442 for PAM case |
ed05a983 | 141 | - (djm) Bug #110: bogus error messages in lastlog_get_entry(). Fix based |
142 | on one by peak@argo.troja.mff.cuni.cz | |
63cada0a | 143 | - (djm) Bug #111: Run syslog and stderr logging through strnvis to eliminate |
144 | nasties. Report from peak@argo.troja.mff.cuni.cz | |
99f4fb69 | 145 | - (djm) Bug #178: On AIX /etc/nologin wasnt't shown to users. Fix from |
146 | Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au | |
b57c8e20 | 147 | - (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted by |
148 | dtucker@zip.com.au. Reorder for clarity too. | |
e7ccd20d | 149 | |
9300be60 | 150 | 20030103 |
151 | - (djm) Bug #461: ssh-copy-id fails with no arguments. Patch from | |
152 | cjwatson@debian.org | |
9746ee4b | 153 | - (djm) Bug #460: Filling utmp[x]->ut_addr_v6 if present. Patch from |
154 | cjwatson@debian.org | |
17ed08c5 | 155 | - (djm) Bug #446: Set LOGIN env var to pw_name on AIX. Patch from |
156 | mii@ornl.gov | |
157 | ||
d4ac26ed | 158 | 20030101 |
159 | - (stevesk) [session.c sshlogin.c sshlogin.h] complete portable | |
160 | parts of pass addrlen with sockaddr * fix. | |
161 | from Hajimu UMEMOTO <ume@FreeBSD.org> | |
162 | ||
378d9956 | 163 | 20021222 |
164 | - (bal) OpenBSD CVS Sync | |
165 | - fgsch@cvs.openbsd.org 2002/11/15 10:03:09 | |
166 | [authfile.c] | |
167 | lseek(2) may return -1 when getting the public/private key lenght. | |
168 | Simplify the code and check for errors using fstat(2). | |
169 | ||
170 | Problem reported by Mauricio Sanchez, markus@ ok. | |
3c93c917 | 171 | - markus@cvs.openbsd.org 2002/11/18 16:43:44 |
172 | [clientloop.c] | |
173 | don't overwrite SIG{INT,QUIT,TERM} handler if set to SIG_IGN; | |
174 | e.g. if ssh is used for backup; report Joerg Schilling; ok millert@ | |
35efb24c | 175 | - markus@cvs.openbsd.org 2002/11/21 22:22:50 |
176 | [dh.c] | |
177 | debug->debug2 | |
a77673cc | 178 | - markus@cvs.openbsd.org 2002/11/21 22:45:31 |
179 | [cipher.c kex.c packet.c sshconnect.c sshconnect2.c] | |
180 | debug->debug2, unify debug messages | |
b77a87e5 | 181 | - deraadt@cvs.openbsd.org 2002/11/21 23:03:51 |
182 | [auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c | |
183 | sshconnect.c] | |
184 | KNF | |
556f1c05 | 185 | - markus@cvs.openbsd.org 2002/11/21 23:04:33 |
83bbc162 | 186 | [ssh.c] |
187 | debug->debug2 | |
556f1c05 | 188 | - stevesk@cvs.openbsd.org 2002/11/24 21:46:24 |
eef52fa7 | 189 | [ssh-keysign.8] |
190 | typo: "the the" | |
6d58d81e | 191 | - wcobb@cvs.openbsd.org 2002/11/26 00:45:03 |
192 | [scp.c ssh-keygen.c] | |
193 | Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default. | |
194 | ok markus@ | |
556f1c05 | 195 | - stevesk@cvs.openbsd.org 2002/11/26 02:35:30 |
63baa058 | 196 | [ssh-keygen.1] |
197 | remove outdated statement; ok markus@ deraadt@ | |
649bb60b | 198 | - stevesk@cvs.openbsd.org 2002/11/26 02:38:54 |
199 | [canohost.c] | |
200 | KNF, comment and error message repair; ok markus@ | |
15748b4d | 201 | - markus@cvs.openbsd.org 2002/11/27 17:53:35 |
202 | [scp.c sftp.c ssh.c] | |
203 | allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp; | |
204 | http://bugzilla.mindrot.org/show_bug.cgi?id=447; ok mouring@, millert@ | |
fe661d8f | 205 | - stevesk@cvs.openbsd.org 2002/12/04 04:36:47 |
206 | [session.c] | |
207 | remove xauth entries before add; PR 2994 from janjaap@stack.nl. | |
208 | ok markus@ | |
a0a14bcd | 209 | - markus@cvs.openbsd.org 2002/12/05 11:08:35 |
210 | [scp.c] | |
211 | use roundup() similar to rcp/util.c and avoid problems with strange | |
212 | filesystem block sizes, noted by tjr@freebsd.org; ok djm@ | |
556f1c05 | 213 | - djm@cvs.openbsd.org 2002/12/06 05:20:02 |
2ea16b0b | 214 | [sftp.1] |
215 | Fix cut'n'paste error, spotted by matthias.riese@b-novative.de; ok deraadt@ | |
978ebf99 | 216 | - millert@cvs.openbsd.org 2002/12/09 16:50:30 |
217 | [ssh.c] | |
218 | Avoid setting optind to 0 as GNU getopt treats that like we do optreset. | |
219 | markus@ OK | |
32214c88 | 220 | - markus@cvs.openbsd.org 2002/12/10 08:56:00 |
221 | [session.c] | |
222 | Make sure $SHELL points to the shell from the password file, even if shell | |
223 | is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@ | |
48f636b2 | 224 | - markus@cvs.openbsd.org 2002/12/10 19:26:50 |
225 | [packet.c] | |
226 | move tos handling to packet_set_tos; ok provos/henning/deraadt | |
9e637910 | 227 | - markus@cvs.openbsd.org 2002/12/10 19:47:14 |
228 | [packet.c] | |
229 | static | |
6226a8f8 | 230 | - markus@cvs.openbsd.org 2002/12/13 10:03:15 |
231 | [channels.c misc.c sshconnect2.c] | |
232 | cleanup debug messages, more useful information for the client user. | |
556f1c05 | 233 | - markus@cvs.openbsd.org 2002/12/13 15:20:52 |
234 | [scp.c] | |
235 | 1) include stalling time in total time | |
236 | 2) truncate filenames to 45 instead of 20 characters | |
237 | 3) print rate instead of progress bar, no more stars | |
238 | 4) scale output to tty width | |
239 | based on a patch from Niels; ok fries@ lebel@ fgs@ millert@ | |
3075ac59 | 240 | - (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since |
241 | we already did s/msg_send/ssh_msg_send/ | |
378d9956 | 242 | |
a76550cf | 243 | 20021205 |
244 | - (djm) PERL-free fixpaths from stuge-openssh-unix-dev@cdy.org | |
245 | ||
d9a4e55b | 246 | 20021122 |
247 | - (tim) [configure.ac] fix STDPATH test for IRIX. First reported by | |
248 | advax@triumf.ca. This type of solution tested by <herb@sgi.com> | |
249 | ||
f825dbf4 | 250 | 20021113 |
251 | - (tim) [configure.ac] remove unused variables no_libsocket and no_libnsl | |
252 | ||
17d429bb | 253 | 20021111 |
254 | - (tim) [contrib/solaris/opensshd.in] add umask 022 so sshd.pid is | |
255 | not world writable. | |
256 | ||
c9826b28 | 257 | 20021109 |
258 | - (bal) OpenBSD CVS Sync | |
259 | - itojun@cvs.openbsd.org 2002/10/16 14:31:48 | |
260 | [sftp-common.c] | |
261 | 64bit pedant. %llu is "unsigned long long". markus ok | |
2fe3c2db | 262 | - markus@cvs.openbsd.org 2002/10/23 10:32:13 |
263 | [packet.c] | |
264 | use %u for u_int | |
358b576b | 265 | - markus@cvs.openbsd.org 2002/10/23 10:40:16 |
266 | [bufaux.c] | |
267 | %u for u_int | |
f6f02456 | 268 | - markus@cvs.openbsd.org 2002/11/04 10:07:53 |
269 | [auth.c] | |
270 | don't compare against pw_home if realpath fails for pw_home (seen | |
271 | on AFS); ok djm@ | |
2ccb7bde | 272 | - markus@cvs.openbsd.org 2002/11/04 10:09:51 |
273 | [packet.c] | |
274 | log before send disconnect; ok djm@ | |
39e71188 | 275 | - markus@cvs.openbsd.org 2002/11/05 19:45:20 |
276 | [monitor.c] | |
277 | handle overflows for size_t larger than u_int; siw@goneko.de, bug #425 | |
9db1a8e9 | 278 | - markus@cvs.openbsd.org 2002/11/05 20:10:37 |
279 | [sftp-client.c] | |
280 | typo; GaryF@livevault.com | |
51efad8c | 281 | - markus@cvs.openbsd.org 2002/11/07 16:28:47 |
282 | [sshd.c] | |
283 | log to stderr if -ie is given, bug #414, prj@po.cwru.edu | |
cc46e2ee | 284 | - markus@cvs.openbsd.org 2002/11/07 22:08:07 |
285 | [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] | |
286 | we cannot use HostbasedAuthentication for enabling ssh-keysign(8), | |
287 | because HostbasedAuthentication might be enabled based on the | |
288 | target host and ssh-keysign(8) does not know the remote hostname | |
289 | and not trust ssh(1) about the hostname, so we add a new option | |
290 | EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de | |
252d1a24 | 291 | - markus@cvs.openbsd.org 2002/11/07 22:35:38 |
292 | [scp.c] | |
293 | check exit status from ssh, and exit(1) if ssh fails; bug#369; | |
294 | binder@arago.de | |
f00addc9 | 295 | - (bal) Update ssh-host-config and minor rewrite of bsd-cygwin_util.c |
296 | ntsec now default if cygwin version beginning w/ version 56. Patch | |
297 | by Corinna Vinschen <vinschen@redhat.com> | |
819d3f09 | 298 | - (bal) AIX does not log login attempts for unknown users (bug #432). |
299 | patch by dtucker@zip.com.au | |
c9826b28 | 300 | |
4e6f1c4f | 301 | 20021021 |
f0e27f3d | 302 | - (djm) Bug #400: Kill ssh-rand-helper children on timeout, patch from |
303 | dtucker@zip.com.au | |
cacd2e7a | 304 | - (djm) Bug #317: FreeBSD needs libutil.h for openpty() Report from |
305 | dirk.meyer@dinoex.sub.org | |
4e6f1c4f | 306 | |
f3e87063 | 307 | 20021015 |
308 | - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root. | |
08412d26 | 309 | - (bal) More advanced strsep test by Darren Tucker <dtucker@zip.com.au> |
f3e87063 | 310 | |
57872969 | 311 | 20021015 |
312 | - (tim) [contrib/caldera/openssh.spec] make ssh-agent setgid nobody | |
313 | ||
6af8f131 | 314 | 20021004 |
315 | - (bal) Disable post-authentication Privsep for OSF/1. It conflicts with | |
316 | SIA. | |
317 | ||
e139021d | 318 | 20021003 |
319 | - (djm) OpenBSD CVS Sync | |
320 | - markus@cvs.openbsd.org 2002/10/01 20:34:12 | |
321 | [ssh-agent.c] | |
322 | allow root to access the agent, since there is no protection from root. | |
886cd2bb | 323 | - markus@cvs.openbsd.org 2002/10/01 13:24:50 |
324 | [version.h] | |
325 | OpenSSH 3.5 | |
0855868a | 326 | - (djm) Bump RPM spec version numbers |
e987fdbe | 327 | - (djm) Bug #406: s/msg_send/ssh_msg_send/ for Mac OS X 1.2 |
e139021d | 328 | |
1d677676 | 329 | 20020930 |
9a87e2ac | 330 | - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, |
331 | tweak README | |
332 | - (djm) OpenBSD CVS Sync | |
333 | - mickey@cvs.openbsd.org 2002/09/27 10:42:09 | |
334 | [compat.c compat.h sshd.c] | |
335 | add a generic match for a prober, such as sie big brother; | |
336 | idea from stevesk@; markus@ ok | |
05960cf0 | 337 | - stevesk@cvs.openbsd.org 2002/09/27 15:46:21 |
338 | [ssh.1] | |
339 | clarify compression level protocol 1 only; ok markus@ deraadt@ | |
1d677676 | 340 | |
0d3d0e82 | 341 | 20020927 |
342 | - (djm) OpenBSD CVS Sync | |
343 | - markus@cvs.openbsd.org 2002/09/25 11:17:16 | |
344 | [sshd_config] | |
345 | sync LoginGraceTime with default | |
26b9a3d2 | 346 | - markus@cvs.openbsd.org 2002/09/25 15:19:02 |
347 | [sshd.c] | |
348 | typo; pilot@monkey.org | |
2db9d8aa | 349 | - markus@cvs.openbsd.org 2002/09/26 11:38:43 |
350 | [auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c] | |
351 | [monitor_wrap.h] | |
352 | krb4 + privsep; ok dugsong@, deraadt@ | |
0d3d0e82 | 353 | |
b7c4a4cc | 354 | 20020925 |
355 | - (bal) Fix issue where successfull login does not clear failure counts | |
356 | in AIX. Patch by dtucker@zip.com.au ok by djm | |
ef51930f | 357 | - (tim) Cray fixes (bug 367) based on patch from Wendy Palm @ cray. |
358 | This does not include the deattack.c fixes. | |
b7c4a4cc | 359 | |
99443922 | 360 | 20020923 |
361 | - (djm) OpenBSD CVS Sync | |
362 | - stevesk@cvs.openbsd.org 2002/09/23 20:46:27 | |
363 | [canohost.c] | |
364 | change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for | |
365 | non-sockets; fixes a problem passing NULL to snprintf(). ok markus@ | |
0082ad34 | 366 | - markus@cvs.openbsd.org 2002/09/23 22:11:05 |
367 | [monitor.c] | |
368 | only call auth_krb5 if kerberos is enabled; ok deraadt@ | |
4741e3a6 | 369 | - markus@cvs.openbsd.org 2002/09/24 08:46:04 |
370 | [monitor.c] | |
371 | only call kerberos code for authctxt->valid | |
cb11b555 | 372 | - todd@cvs.openbsd.org 2002/09/24 20:59:44 |
373 | [sshd.8] | |
374 | tweak the example $HOME/.ssh/rc script to not show on any cmdline the | |
375 | sensitive data it handles. This fixes bug # 402 as reported by | |
376 | kolya@mit.edu (Nickolai Zeldovich). | |
377 | ok markus@ and stevesk@ | |
99443922 | 378 | |
aec4cb4f | 379 | 20020923 |
380 | - (tim) [configure.ac] s/return/exit/ patch by dtucker@zip.com.au | |
381 | ||
f86b0eef | 382 | 20020922 |
383 | - (djm) OpenBSD CVS Sync | |
384 | - stevesk@cvs.openbsd.org 2002/09/19 14:53:14 | |
385 | [compat.c] | |
c7724abb | 386 | - markus@cvs.openbsd.org 2002/09/19 15:51:23 |
387 | [ssh-add.c] | |
388 | typo; cd@kalkatraz.de | |
00e842d8 | 389 | - stevesk@cvs.openbsd.org 2002/09/19 16:03:15 |
390 | [serverloop.c] | |
391 | log IP address also; ok markus@ | |
c2802d92 | 392 | - stevesk@cvs.openbsd.org 2002/09/20 18:41:29 |
393 | [auth.c] | |
394 | log illegal user here for missing privsep case (ssh2). | |
395 | this is executed in the monitor. ok markus@ | |
f86b0eef | 396 | |
792e7d2d | 397 | 20020919 |
398 | - (djm) OpenBSD CVS Sync | |
399 | - stevesk@cvs.openbsd.org 2002/09/12 19:11:52 | |
400 | [ssh-agent.c] | |
401 | %u for uid print; ok markus@ | |
da0561eb | 402 | - stevesk@cvs.openbsd.org 2002/09/12 19:50:36 |
403 | [session.c ssh.1] | |
404 | add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384. ok markus@ | |
facfd613 | 405 | - stevesk@cvs.openbsd.org 2002/09/13 19:23:09 |
406 | [channels.c sshconnect.c sshd.c] | |
407 | remove use of SO_LINGER, it should not be needed. error check | |
408 | SO_REUSEADDR. fixup comments. ok markus@ | |
8bd4e2ae | 409 | - stevesk@cvs.openbsd.org 2002/09/16 19:55:33 |
410 | [session.c] | |
411 | log when _PATH_NOLOGIN exists; ok markus@ | |
e6fe1bab | 412 | - stevesk@cvs.openbsd.org 2002/09/16 20:12:11 |
413 | [sshd_config.5] | |
414 | more details on X11Forwarding security issues and threats; ok markus@ | |
f1dcc34e | 415 | - stevesk@cvs.openbsd.org 2002/09/16 22:03:13 |
416 | [sshd.8] | |
417 | reference moduli(5) in FILES /etc/moduli. | |
5c0d0e90 | 418 | - itojun@cvs.openbsd.org 2002/09/17 07:47:02 |
419 | [channels.c] | |
420 | don't quit while creating X11 listening socket. | |
421 | http://mail-index.netbsd.org/current-users/2002/09/16/0005.html | |
422 | got from portable. markus ok | |
6939bbd4 | 423 | - djm@cvs.openbsd.org 2002/09/19 01:58:18 |
424 | [ssh.c sshconnect.c] | |
425 | bugzilla.mindrot.org #223 - ProxyCommands don't exit. | |
426 | Patch from dtucker@zip.com.au; ok markus@ | |
792e7d2d | 427 | |
4f3834e8 | 428 | 20020912 |
eee2215e | 429 | - (djm) Made GNOME askpass programs return non-zero if cancel button is |
430 | pressed. | |
10a560d4 | 431 | - (djm) Added getpeereid() replacement. Properly implemented for systems |
432 | with SO_PEERCRED support. Faked for systems which lack it. | |
9fd2a215 | 433 | - (djm) Sync sys/tree.h with OpenBSD -current. Rename tree.h and |
434 | fake-queue.h to sys-tree.h and sys-queue.h | |
4f3834e8 | 435 | - (djm) OpenBSD CVS Sync |
436 | - markus@cvs.openbsd.org 2002/09/08 20:24:08 | |
437 | [hostfile.h] | |
438 | no comma at end of enumerator list | |
696f6bef | 439 | - itojun@cvs.openbsd.org 2002/09/09 06:48:06 |
440 | [auth1.c auth.h auth-krb5.c monitor.c monitor.h] | |
441 | [monitor_wrap.c monitor_wrap.h] | |
442 | kerberos support for privsep. confirmed to work by lha@stacken.kth.se | |
443 | patch from markus | |
661e45a0 | 444 | - markus@cvs.openbsd.org 2002/09/09 14:54:15 |
445 | [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c] | |
446 | signed vs unsigned from -pedantic; ok henning@ | |
87f4111f | 447 | - markus@cvs.openbsd.org 2002/09/10 20:24:47 |
448 | [ssh-agent.c] | |
449 | check the euid of the connecting process with getpeereid(2); | |
450 | ok provos deraadt stevesk | |
07d688d5 | 451 | - stevesk@cvs.openbsd.org 2002/09/11 17:55:03 |
452 | [ssh.1] | |
453 | add agent and X11 forwarding warning text from ssh_config.5; ok markus@ | |
8b10e20e | 454 | - stevesk@cvs.openbsd.org 2002/09/11 18:27:26 |
455 | [authfd.c authfd.h ssh.c] | |
456 | don't connect to agent to test for presence if we've previously | |
457 | connected; ok markus@ | |
00b3ad3e | 458 | - djm@cvs.openbsd.org 2002/09/11 22:41:50 |
459 | [sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h] | |
460 | [sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c] | |
461 | support for short/long listings and globbing in "ls"; ok markus@ | |
be0cd512 | 462 | - djm@cvs.openbsd.org 2002/09/12 00:13:06 |
463 | [sftp-int.c] | |
464 | zap unused var introduced in last commit | |
4f3834e8 | 465 | |
ac8802eb | 466 | 20020911 |
467 | - (djm) Sync openbsd-compat with OpenBSD -current | |
468 | ||
e2e36358 | 469 | 20020910 |
470 | - (djm) Bug #365: Read /.ssh/environment properly under CygWin. | |
471 | Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com> | |
35c4faf5 | 472 | - (djm) Bug #138: Make protocol 1 blowfish work with old OpenSSL. |
473 | Patch from Robert Halubek <rob@adso.com.pl> | |
e2e36358 | 474 | |
3445ca02 | 475 | 20020905 |
476 | - (djm) OpenBSD CVS Sync | |
477 | - stevesk@cvs.openbsd.org 2002/09/04 18:52:42 | |
478 | [servconf.c sshd.8 sshd_config.5] | |
479 | default LoginGraceTime to 2m; 1m may be too short for slow systems. | |
480 | ok markus@ | |
cbecf1ed | 481 | - (djm) Merge openssh-TODO.patch from Redhat (null) beta |
c4ee4c60 | 482 | - (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from |
483 | Nalin Dahyabhai <nalin@redhat.com> | |
3c1dff28 | 484 | - (djm) Add support for building gtk2 password requestor from Redhat beta |
3445ca02 | 485 | |
954640a4 | 486 | 20020903 |
33e2e066 | 487 | - (djm) Patch from itojun@ for Darwin OS: test getaddrinfo, reorder libcrypt |
e18b7d35 | 488 | - (djm) Fix Redhat RPM build dependancy test |
954640a4 | 489 | - (djm) OpenBSD CVS Sync |
490 | - markus@cvs.openbsd.org 2002/08/12 10:46:35 | |
491 | [ssh-agent.c] | |
492 | make ssh-agent setgid, disallow ptrace. | |
755c4339 | 493 | - espie@cvs.openbsd.org 2002/08/21 11:20:59 |
494 | [sshd.8] | |
495 | `RSA' updated to refer to `public key', where it matters. | |
496 | okay markus@ | |
6e0fbda1 | 497 | - stevesk@cvs.openbsd.org 2002/08/21 19:38:06 |
498 | [servconf.c sshd.8 sshd_config sshd_config.5] | |
499 | change LoginGraceTime default to 1 minute; ok mouring@ markus@ | |
00e41835 | 500 | - stevesk@cvs.openbsd.org 2002/08/21 20:10:28 |
501 | [ssh-agent.c] | |
502 | raise listen backlog; ok markus@ | |
c1a4eef1 | 503 | - stevesk@cvs.openbsd.org 2002/08/22 19:27:53 |
504 | [ssh-agent.c] | |
505 | use common close function; ok markus@ | |
1d77f8cb | 506 | - stevesk@cvs.openbsd.org 2002/08/22 19:38:42 |
507 | [clientloop.c] | |
508 | format with current EscapeChar; bugzilla #388 from wknox@mitre.org. | |
509 | ok markus@ | |
f34ec885 | 510 | - stevesk@cvs.openbsd.org 2002/08/22 20:57:19 |
511 | [ssh-agent.c] | |
512 | shutdown(SHUT_RDWR) not needed before close here; ok markus@ | |
848bf884 | 513 | - markus@cvs.openbsd.org 2002/08/22 21:33:58 |
514 | [auth1.c auth2.c] | |
515 | auth_root_allowed() is handled by the monitor in the privsep case, | |
516 | so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325 | |
6c723e7c | 517 | - markus@cvs.openbsd.org 2002/08/22 21:45:41 |
518 | [session.c] | |
519 | send signal name (not signal number) in "exit-signal" message; noticed | |
520 | by galb@vandyke.com | |
b41baf4d | 521 | - stevesk@cvs.openbsd.org 2002/08/27 17:13:56 |
522 | [ssh-rsa.c] | |
523 | RSA_public_decrypt() returns -1 on error so len must be signed; | |
524 | ok markus@ | |
dbcdea68 | 525 | - stevesk@cvs.openbsd.org 2002/08/27 17:18:40 |
526 | [ssh_config.5] | |
527 | some warning text for ForwardAgent and ForwardX11; ok markus@ | |
ba1566dd | 528 | - stevesk@cvs.openbsd.org 2002/08/29 15:57:25 |
529 | [monitor.c session.c sshlogin.c sshlogin.h] | |
530 | pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org> | |
531 | NOTE: there are also p-specific parts to this patch. ok markus@ | |
e59404d1 | 532 | - stevesk@cvs.openbsd.org 2002/08/29 16:02:54 |
533 | [ssh.1 ssh.c] | |
534 | deprecate -P as UsePrivilegedPort defaults to no now; ok markus@ | |
878b8992 | 535 | - stevesk@cvs.openbsd.org 2002/08/29 16:09:02 |
536 | [ssh_config.5] | |
537 | more on UsePrivilegedPort and setuid root; ok markus@ | |
9f324470 | 538 | - stevesk@cvs.openbsd.org 2002/08/29 19:49:42 |
539 | [ssh.c] | |
540 | shrink initial privilege bracket for setuid case; ok markus@ | |
57ff5eeb | 541 | - stevesk@cvs.openbsd.org 2002/08/29 22:54:10 |
542 | [ssh_config.5 sshd_config.5] | |
543 | state XAuthLocation is a full pathname | |
954640a4 | 544 | |
b85698ab | 545 | 20020820 |
546 | - OpenBSD CVS Sync | |
547 | - millert@cvs.openbsd.org 2002/08/02 14:43:15 | |
548 | [monitor.c monitor_mm.c] | |
549 | Change mm_zalloc() sanity checks to be more in line with what | |
550 | we do in calloc() and add a check to monitor_mm.c. | |
551 | OK provos@ and markus@ | |
6a342527 | 552 | - marc@cvs.openbsd.org 2002/08/02 16:00:07 |
553 | [ssh.1 sshd.8] | |
554 | note that .ssh/environment is only read when | |
555 | allowed (PermitUserEnvironment in sshd_config). | |
556 | OK markus@ | |
4004c2ac | 557 | - markus@cvs.openbsd.org 2002/08/02 21:23:41 |
558 | [ssh-rsa.c] | |
559 | diff is u_int (2x); ok deraadt/provos | |
0caf874a | 560 | - markus@cvs.openbsd.org 2002/08/02 22:20:30 |
561 | [ssh-rsa.c] | |
562 | replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser | |
563 | for authentication; ok deraadt/djm | |
75cf7563 | 564 | - aaron@cvs.openbsd.org 2002/08/08 13:50:23 |
565 | [sshconnect1.c] | |
566 | Use & to test if bits are set, not &&; markus@ ok. | |
d6097023 | 567 | - stevesk@cvs.openbsd.org 2002/08/08 23:54:52 |
568 | [auth.c] | |
569 | typo in comment | |
36535ee6 | 570 | - stevesk@cvs.openbsd.org 2002/08/09 17:21:42 |
571 | [sshd_config.5] | |
572 | use Op for mdoc conformance; from esr@golux.thyrsus.com | |
573 | ok aaron@ | |
b3641662 | 574 | - stevesk@cvs.openbsd.org 2002/08/09 17:41:12 |
575 | [sshd_config.5] | |
576 | proxy vs. fake display | |
35453849 | 577 | - stevesk@cvs.openbsd.org 2002/08/12 17:30:35 |
578 | [ssh.1 sshd.8 sshd_config.5] | |
579 | more PermitUserEnvironment; ok markus@ | |
24794905 | 580 | - stevesk@cvs.openbsd.org 2002/08/17 23:07:14 |
581 | [ssh.1] | |
582 | ForwardAgent has defaulted to no for over 2 years; be more clear here. | |
4dcbbeea | 583 | - stevesk@cvs.openbsd.org 2002/08/17 23:55:01 |
584 | [ssh_config.5] | |
585 | ordered list here | |
7d3b91a6 | 586 | - (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign |
587 | it to ULONG_MAX. | |
b85698ab | 588 | |
cd018561 | 589 | 20020813 |
590 | - (tim) [configure.ac] Display OpenSSL header/library version. | |
591 | Patch by dtucker@zip.com.au | |
592 | ||
8a48a7ef | 593 | 20020731 |
594 | - (bal) OpenBSD CVS Sync | |
595 | - markus@cvs.openbsd.org 2002/07/24 16:11:18 | |
596 | [hostfile.c hostfile.h sshconnect.c] | |
597 | print out all known keys for a host if we get a unknown host key, | |
598 | see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 | |
599 | ||
600 | the ssharp mitm tool attacks users in a similar way, so i'd like to | |
601 | pointed out again: | |
602 | A MITM attack is always possible if the ssh client prints: | |
603 | The authenticity of host 'bla' can't be established. | |
604 | (protocol version 2 with pubkey authentication allows you to detect | |
605 | MITM attacks) | |
5cb5518b | 606 | - mouring@cvs.openbsd.org 2002/07/25 01:16:59 |
607 | [sftp.c] | |
608 | FallBackToRsh does not exist anywhere else. Remove it from here. | |
609 | OK deraadt. | |
567a05bf | 610 | - markus@cvs.openbsd.org 2002/07/29 18:57:30 |
611 | [sshconnect.c] | |
612 | print file:line | |
f00bab84 | 613 | - markus@cvs.openbsd.org 2002/07/30 17:03:55 |
614 | [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5] | |
615 | add PermitUserEnvironment (off by default!); from dot@dotat.at; | |
616 | ok provos, deraadt | |
8a48a7ef | 617 | |
13979d47 | 618 | 20020730 |
619 | - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de | |
620 | ||
d228d9dd | 621 | 20020728 |
622 | - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar | |
16c4a972 | 623 | - (stevesk) [CREDITS] solar |
75131bbd | 624 | - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned |
625 | char arg. | |
d228d9dd | 626 | |
d40af5fa | 627 | 20020725 |
628 | - (djm) Remove some cruft from INSTALL | |
d91b4743 | 629 | - (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/ |
d40af5fa | 630 | |
56b54901 | 631 | 20020723 |
632 | - (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger. | |
918ffb0b | 633 | - (bal) sync ID w/ ssh-agent.c |
516f0d7d | 634 | - (bal) OpenBSD Sync |
635 | - markus@cvs.openbsd.org 2002/07/19 15:43:33 | |
636 | [log.c log.h session.c sshd.c] | |
637 | remove fatal cleanups after fork; based on discussions with and code | |
638 | from solar. | |
5d185586 | 639 | - stevesk@cvs.openbsd.org 2002/07/19 17:42:40 |
640 | [ssh.c] | |
641 | display a warning from ssh when XAuthLocation does not exist or xauth | |
642 | returned no authentication data. ok markus@ | |
30998af1 | 643 | - stevesk@cvs.openbsd.org 2002/07/21 18:32:20 |
644 | [auth-options.c] | |
645 | unneeded includes | |
dbc728ff | 646 | - stevesk@cvs.openbsd.org 2002/07/21 18:34:43 |
647 | [auth-options.h] | |
648 | remove invalid comment | |
97686bf9 | 649 | - markus@cvs.openbsd.org 2002/07/22 11:03:06 |
650 | [session.c] | |
651 | fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors; | |
d341742a | 652 | - stevesk@cvs.openbsd.org 2002/07/22 17:32:56 |
653 | [monitor.c] | |
654 | u_int here; ok provos@ | |
67f04db1 | 655 | - stevesk@cvs.openbsd.org 2002/07/23 16:03:10 |
656 | [sshd.c] | |
657 | utmp_len is unsigned; display error consistent with other options. | |
658 | ok markus@ | |
0df3a240 | 659 | - stevesk@cvs.openbsd.org 2002/07/15 17:15:31 |
660 | [uidswap.c] | |
661 | little more debugging; ok markus@ | |
d341742a | 662 | |
21c2c5cd | 663 | 20020722 |
664 | - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk | |
a93bd14c | 665 | - (stevesk) [xmmap.c] missing prototype for fatal() |
ccbb983c | 666 | - (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync |
667 | with Cray (mostly #ifdef renaming). Patch by wendyp@cray.com. | |
d262b7f2 | 668 | - (bal) [configure.ac] Missing ;; from cray patch. |
30eab01d | 669 | - (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines |
670 | into it's own header. | |
ee48c949 | 671 | - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be |
672 | freed by the caller; add free_pam_environment() and use it. | |
1d3f4ae7 | 673 | - (stevesk) [auth-pam.c] typo in comment |
21c2c5cd | 674 | |
b992432e | 675 | 20020721 |
676 | - (stevesk) [auth-pam.c] merge cosmetic changes from solar's | |
677 | openssh-3.4p1-owl-password-changing.diff | |
277f55cf | 678 | - (stevesk) [auth-pam.c] merge rest of solar's PAM patch; |
679 | PAM_NEW_AUTHTOK_REQD remains in #if 0 for now. | |
f7808a93 | 680 | - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch |
681 | warning on pam_conv struct conversation function. | |
337dde6b | 682 | - (stevesk) [auth-pam.h] license |
8565f28e | 683 | - (stevesk) [auth-pam.h] unneeded include |
e9b2c23d | 684 | - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h |
b992432e | 685 | |
ce88d9df | 686 | 20020720 |
687 | - (stevesk) [ssh-keygen.c] bug #231: always init/seed_rng(). | |
688 | ||
4379c0e5 | 689 | 20020719 |
690 | - (tim) [contrib/solaris/buildpkg.sh] create privsep user/group if needed. | |
691 | Patch by dtucker@zip.com.au | |
f75ca46d | 692 | - (tim) [configure.ac] test for libxnet on HP. Patch by dtucker@zip.com.au |
4379c0e5 | 693 | |
45491100 | 694 | 20020718 |
695 | - (tim) [defines.h] Bug 313 patch by dirk.meyer@dinoex.sub.org | |
696 | - (tim) [monitor_mm.c] add missing declaration for xmmap(). Reported | |
697 | by ayamura@ayamura.org | |
1cbbe6c8 | 698 | - (tim) [configure.ac] Bug 267 rework int64_t test. |
5749e709 | 699 | - (tim) [includes.h] Bug 267 add stdint.h |
45491100 | 700 | |
dd3943d0 | 701 | 20020717 |
702 | - (bal) aixbff package updated by dtucker@zip.com.au | |
2bf42e4a | 703 | - (tim) [configure.ac] change how we do paths in AC_PATH_PROGS tests |
704 | for autoconf 2.53. Based on a patch by jrj@purdue.edu | |
dd3943d0 | 705 | |
8fc47887 | 706 | 20020716 |
707 | - (tim) [contrib/solaris/opensshd.in] Only kill sshd if .pid file found | |
708 | ||
c750d869 | 709 | 20020715 |
710 | - (bal) OpenBSD CVS Sync | |
711 | - itojun@cvs.openbsd.org 2002/07/12 13:29:09 | |
712 | [sshconnect.c] | |
713 | print connect failure during debugging mode. | |
a2f883ce | 714 | - markus@cvs.openbsd.org 2002/07/12 15:50:17 |
715 | [cipher.c] | |
716 | EVP_CIPH_CUSTOM_IV for our own rijndael | |
2d199535 | 717 | - (bal) Remove unused tty defined in do_setusercontext() pointed out by |
718 | dtucker@zip.com.au plus a a more KNF since I am near it. | |
846be3f4 | 719 | - (bal) Privsep user creation support in Solaris buildpkg.sh by |
720 | dtucker@zip.com.au | |
c750d869 | 721 | |
798c5808 | 722 | 20020714 |
723 | - (tim) [Makefile.in] replace "id sshd" with "sshd -t" | |
4165b82e | 724 | - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c |
725 | openbsd-compat/Makefile.in] support compression on platforms that | |
726 | have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c | |
727 | Based on patch from nalin@redhat.com of code extracted from Owl's package | |
5fd8087a | 728 | - (tim) [ssh_prng_cmds.in] Bug 323 arp -n flag doesn't exist under Solaris. |
729 | report by chris@by-design.net | |
fdebdd4f | 730 | - (tim) [loginrec.c] Bug 347: Fix typo (WTMPX_FILE) report by rodney@bond.net |
d80063fe | 731 | - (tim) [loginrec.c] Bug 348: add missing found = 1; to wtmpx_islogin() |
732 | report by rodney@bond.net | |
798c5808 | 733 | |
6b2a3595 | 734 | 20020712 |
735 | - (tim) [Makefile.in] quiet down install-files: and check-user: | |
3085601b | 736 | - (tim) [configure.ac] remove unused filepriv line |
6b2a3595 | 737 | |
249f9903 | 738 | 20020710 |
739 | - (tim) [contrib/cygwin/ssh-host-config] explicitely sets the permissions | |
740 | on /var/empty to 755 Patch by vinschen@redhat.com | |
6f901f8e | 741 | - (bal) OpenBSD CVS Sync |
742 | - itojun@cvs.openbsd.org 2002/07/09 11:56:50 | |
743 | [sshconnect.c] | |
744 | silently try next address on connect(2). markus ok | |
59c825e1 | 745 | - itojun@cvs.openbsd.org 2002/07/09 11:56:27 |
746 | [canohost.c] | |
747 | suppress log on reverse lookup failiure, as there's no real value in | |
748 | doing so. | |
749 | markus ok | |
aab5431b | 750 | - itojun@cvs.openbsd.org 2002/07/09 12:04:02 |
751 | [sshconnect.c] | |
752 | ed static function (less warnings) | |
94ad46d1 | 753 | - stevesk@cvs.openbsd.org 2002/07/09 17:46:25 |
754 | [sshd_config.5] | |
755 | clarify no preference ordering in protocol list; ok markus@ | |
9bd68577 | 756 | - itojun@cvs.openbsd.org 2002/07/10 10:28:15 |
757 | [sshconnect.c] | |
758 | bark if all connection attempt fails. | |
09683edf | 759 | - deraadt@cvs.openbsd.org 2002/07/10 17:53:54 |
760 | [rijndael.c] | |
761 | use right sizeof in memcpy; markus ok | |
249f9903 | 762 | |
e6f15ed1 | 763 | 20020709 |
764 | - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms | |
765 | lacking that concept can share it. Patch by vinschen@redhat.com | |
766 | ||
4f9d6706 | 767 | 20020708 |
768 | - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to | |
769 | work in a jumpstart environment. patch by kbrint@rufus.net | |
b451e27b | 770 | - (tim) [Makefile.in] workaround for broken pakadd on some systems. |
cda1ebcb | 771 | - (tim) [configure.ac] fix libc89 utimes test. Mention default path for |
772 | --with-privsep-path= | |
4f9d6706 | 773 | |
ac74561e | 774 | 20020707 |
775 | - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH) | |
94d8258b | 776 | - (tim) [acconfig.h configure.ac sshd.c] |
777 | s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/ | |
d41f8eed | 778 | - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes |
779 | patch from vinschen@redhat.com | |
0b832146 | 780 | - (bal) [realpath.c] Updated with OpenBSD tree. |
da2499f5 | 781 | - (bal) OpenBSD CVS Sync |
782 | - deraadt@cvs.openbsd.org 2002/07/04 04:15:33 | |
783 | [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c] | |
784 | patch memory leaks; grendel@zeitbombe.org | |
e1feb9bf | 785 | - deraadt@cvs.openbsd.org 2002/07/04 08:12:15 |
786 | [channels.c packet.c] | |
787 | blah blah minor nothing as i read and re-read and re-read... | |
eb9f2fab | 788 | - markus@cvs.openbsd.org 2002/07/04 10:41:47 |
789 | [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c] | |
790 | don't allocate, copy, and discard if there is not interested in the data; | |
791 | ok deraadt@ | |
4394a17f | 792 | - deraadt@cvs.openbsd.org 2002/07/06 01:00:49 |
793 | [log.c] | |
794 | KNF | |
50d2fbbc | 795 | - deraadt@cvs.openbsd.org 2002/07/06 01:01:26 |
796 | [ssh-keyscan.c] | |
797 | KNF, realloc fix, and clean usage | |
12a3f2c3 | 798 | - stevesk@cvs.openbsd.org 2002/07/06 17:47:58 |
799 | [ssh-keyscan.c] | |
800 | unused variable | |
41545cb6 | 801 | - (bal) Minor KNF on ssh-keyscan.c |
ac74561e | 802 | |
0764e748 | 803 | 20020705 |
804 | - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs. | |
805 | Reported by Darren Tucker <dtucker@zip.com.au> | |
e12659f4 | 806 | - (tim) [contrib/cygwin/ssh-host-config] double slash corrction |
807 | from vinschen@redhat.com | |
0764e748 | 808 | |
64c0ce80 | 809 | 20020704 |
810 | - (bal) Limit data to TTY for AIX only (Newer versions can't handle the | |
811 | faster data rate) Bug #124 | |
375c1dee | 812 | - (bal) glob.c defines TILDE and AIX also defines it. #undef it first. |
813 | bug #265 | |
ff2de800 | 814 | - (bal) One too many nulls in ports-aix.c |
64c0ce80 | 815 | |
d2f95449 | 816 | 20020703 |
817 | - (bal) Updated contrib/cygwin/ patch by vinschen@redhat.com | |
619a6aff | 818 | - (bal) minor correction to utimes() replacement. Patch by |
819 | onoe@sm.sony.co.jp | |
f11fe301 | 820 | - OpenBSD CVS Sync |
821 | - markus@cvs.openbsd.org 2002/06/27 08:49:44 | |
822 | [dh.c ssh-keyscan.c sshconnect.c] | |
823 | more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@ | |
181d6635 | 824 | - deraadt@cvs.openbsd.org 2002/06/27 09:08:00 |
825 | [monitor.c] | |
826 | improve mm_zalloc check; markus ok | |
30e37ee6 | 827 | - deraadt@cvs.openbsd.org 2002/06/27 10:35:47 |
828 | [auth2-none.c monitor.c sftp-client.c] | |
829 | use xfree() | |
c8f94200 | 830 | - stevesk@cvs.openbsd.org 2002/06/27 19:49:08 |
831 | [ssh-keyscan.c] | |
832 | use convtime(); ok markus@ | |
a64d3560 | 833 | - millert@cvs.openbsd.org 2002/06/28 01:49:31 |
834 | [monitor_mm.c] | |
835 | tree(3) wants an int return value for its compare functions and | |
836 | the difference between two pointers is not an int. Just do the | |
837 | safest thing and store the result in a long and then return 0, | |
838 | -1, or 1 based on that result. | |
405a0d43 | 839 | - deraadt@cvs.openbsd.org 2002/06/28 01:50:37 |
840 | [monitor_wrap.c] | |
841 | use ssize_t | |
4efd85b2 | 842 | - deraadt@cvs.openbsd.org 2002/06/28 10:08:25 |
843 | [sshd.c] | |
844 | range check -u option at invocation | |
6ded293b | 845 | - deraadt@cvs.openbsd.org 2002/06/28 23:05:06 |
846 | [sshd.c] | |
847 | gidset[2] -> gidset[1]; markus ok | |
7fdc56c5 | 848 | - deraadt@cvs.openbsd.org 2002/06/30 21:54:16 |
849 | [auth2.c session.c sshd.c] | |
850 | lint asks that we use names that do not overlap | |
343288b8 | 851 | - deraadt@cvs.openbsd.org 2002/06/30 21:59:45 |
852 | [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c | |
853 | monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c | |
854 | sshconnect2.c sshd.c] | |
855 | minor KNF | |
7d60d74c | 856 | - deraadt@cvs.openbsd.org 2002/07/01 16:15:25 |
857 | [msg.c] | |
858 | %u | |
713f6cd9 | 859 | - markus@cvs.openbsd.org 2002/07/01 19:48:46 |
860 | [sshconnect2.c] | |
861 | for compression=yes, we fallback to no-compression if the server does | |
862 | not support compression, vice versa for compression=no. ok mouring@ | |
261189cc | 863 | - markus@cvs.openbsd.org 2002/07/03 09:55:38 |
864 | [ssh-keysign.c] | |
865 | use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) | |
866 | in order to avoid a possible Kocher timing attack pointed out by Charles | |
867 | Hannum; ok provos@ | |
60cd0a97 | 868 | - markus@cvs.openbsd.org 2002/07/03 14:21:05 |
869 | [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] | |
870 | re-enable ssh-keysign's sbit, but make ssh-keysign read | |
871 | /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled | |
872 | globally. based on discussions with deraadt, itojun and sommerfeld; | |
873 | ok itojun@ | |
56fd97d7 | 874 | - (bal) Failed password attempts don't increment counter on AIX. Bug #145 |
e8aa0a5c | 875 | - (bal) Missed Makefile.in change. keysign needs readconf.o |
0ba40daa | 876 | - (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess. |
56fd97d7 | 877 | |
b2f295dc | 878 | 20020702 |
879 | - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & | |
880 | friends consistently. Spotted by Solar Designer <solar@openwall.com> | |
881 | ||
3c3e878a | 882 | 20020629 |
883 | - (bal) fix to auth2-pam.c to swap fatal() arguments, A bit of style | |
884 | clean up while I'm near it. | |
885 | ||
811ee370 | 886 | 20020628 |
887 | - (stevesk) [sshd_config] PAMAuthenticationViaKbdInt no; commented | |
888 | options should contain default value. from solar. | |
b9b82dab | 889 | - (bal) Cygwin uid0 fix by vinschen@redhat.com |
17962c40 | 890 | - (bal) s/config.h/includes.h/ in openbsd-compat/ for *.c. Otherwise wise |
891 | have issues of our fixes not propogating right (ie bcopy instead of | |
892 | memmove). OK tim | |
4fa4fb00 | 893 | - (bal) FreeBSD needs <sys/types.h> to detect if mmap() is supported. |
894 | Bug #303 | |
811ee370 | 895 | |
ce88d9df | 896 | 20020627 |
d1ff09ba | 897 | - OpenBSD CVS Sync |
898 | - deraadt@cvs.openbsd.org 2002/06/26 14:49:36 | |
899 | [monitor.c] | |
900 | correct %u | |
63b5f1a1 | 901 | - deraadt@cvs.openbsd.org 2002/06/26 14:50:04 |
902 | [monitor_fdpass.c] | |
903 | use ssize_t for recvmsg() and sendmsg() return | |
1431a900 | 904 | - markus@cvs.openbsd.org 2002/06/26 14:51:33 |
905 | [ssh-add.c] | |
906 | fix exit code for -X/-x | |
bb0640b2 | 907 | - deraadt@cvs.openbsd.org 2002/06/26 15:00:32 |
908 | [monitor_wrap.c] | |
909 | more %u | |
20e79e98 | 910 | - markus@cvs.openbsd.org 2002/06/26 22:27:32 |
911 | [ssh-keysign.c] | |
912 | bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu | |
d1ff09ba | 913 | |
4bfa8bb6 | 914 | 20020626 |
915 | - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM | |
a594fa74 | 916 | - (bal) OpenBSD CVS Sync |
917 | - markus@cvs.openbsd.org 2002/06/23 21:34:07 | |
918 | [channels.c] | |
919 | tcode is u_int | |
38501509 | 920 | - markus@cvs.openbsd.org 2002/06/24 13:12:23 |
921 | [ssh-agent.1] | |
922 | the socket name contains ssh-agent's ppid; via mpech@ from form@ | |
f91d9a89 | 923 | - markus@cvs.openbsd.org 2002/06/24 14:33:27 |
924 | [channels.c channels.h clientloop.c serverloop.c] | |
925 | move channel counter to u_int | |
1169c3df | 926 | - markus@cvs.openbsd.org 2002/06/24 14:55:38 |
927 | [authfile.c kex.c ssh-agent.c] | |
928 | cat to (void) when output from buffer_get_X is ignored | |
09915dc1 | 929 | - itojun@cvs.openbsd.org 2002/06/24 15:49:22 |
930 | [msg.c] | |
931 | printf type pedant | |
d0a1c5d1 | 932 | - deraadt@cvs.openbsd.org 2002/06/24 17:57:20 |
933 | [sftp-server.c sshpty.c] | |
934 | explicit (u_int) for uid and gid | |
6c69a6a9 | 935 | - markus@cvs.openbsd.org 2002/06/25 16:22:42 |
936 | [authfd.c] | |
937 | unnecessary cast | |
87809a1f | 938 | - markus@cvs.openbsd.org 2002/06/25 18:51:04 |
939 | [sshd.c] | |
940 | lightweight do_setusercontext after chroot() | |
924681ee | 941 | - (bal) Updated AIX package build. Patch by dtucker@zip.com.au |
46c8ebb3 | 942 | - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8 |
78beb77d | 943 | - (bal) added back in error check for mmap(). I screwed up, Pointed |
944 | out by stevesk@ | |
f2d9a1f8 | 945 | - (tim) [README.privsep] UnixWare tip no longer needed. |
88cb875c | 946 | - (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP, |
947 | but it all damned lies. | |
0d0270e6 | 948 | - (stevesk) [README.privsep] more for sshd pseudo-account. |
8029e7fc | 949 | - (tim) [contrib/caldera/openssh.spec] add support for privsep |
8695f9f7 | 950 | - (djm) setlogin needs pgid==pid on BSD/OS; from itojun@ |
b29fe4ea | 951 | - (djm) OpenBSD CVS Sync |
952 | - markus@cvs.openbsd.org 2002/06/26 08:53:12 | |
953 | [bufaux.c] | |
954 | limit size of BNs to 8KB; ok provos/deraadt | |
22d62d31 | 955 | - markus@cvs.openbsd.org 2002/06/26 08:54:18 |
956 | [buffer.c] | |
957 | limit append to 1MB and buffers to 10MB | |
5df8c731 | 958 | - markus@cvs.openbsd.org 2002/06/26 08:55:02 |
959 | [channels.c] | |
960 | limit # of channels to 10000 | |
87f18810 | 961 | - markus@cvs.openbsd.org 2002/06/26 08:58:26 |
962 | [session.c] | |
963 | limit # of env vars to 1000; ok deraadt/djm | |
2f095a0e | 964 | - deraadt@cvs.openbsd.org 2002/06/26 13:20:57 |
965 | [monitor.c] | |
966 | be careful in mm_zalloc | |
66087567 | 967 | - deraadt@cvs.openbsd.org 2002/06/26 13:49:26 |
968 | [session.c] | |
969 | disclose less information from environment files; based on input | |
970 | from djm, and dschultz@uclink.Berkeley.EDU | |
477edc5d | 971 | - markus@cvs.openbsd.org 2002/06/26 13:55:37 |
972 | [auth2-chall.c] | |
973 | make sure # of response matches # of queries, fixes int overflow; | |
974 | from ISS | |
03b14b6f | 975 | - markus@cvs.openbsd.org 2002/06/26 13:56:27 |
976 | [version.h] | |
977 | 3.4 | |
9c696d0d | 978 | - (djm) Require krb5 devel for RPM build w/ KrbV |
c4186be7 | 979 | - (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai |
980 | <nalin@redhat.com> | |
1e7bc74c | 981 | - (djm) Update spec files for release |
49b53b03 | 982 | - (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS |
03b14b6f | 983 | - (djm) Release 3.4p1 |
6519cfd6 | 984 | - (tim) [contrib/caldera/openssh.spec] remove 2 configure options I put in |
985 | by mistake | |
4bfa8bb6 | 986 | |
ef1ac12b | 987 | 20020625 |
988 | - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh | |
1a44c6f7 | 989 | - (stevesk) [README.privsep] minor updates |
fd3cbf67 | 990 | - (djm) Create privsep directory and warn if privsep user is missing |
991 | during make install | |
702b2855 | 992 | - (bal) Started list of PrivSep issues in TODO |
1c6249af | 993 | - (bal) if mmap() is substandard, don't allow compression on server side. |
994 | Post 'event' we will add more options. | |
cbaa3d44 | 995 | - (tim) [contrib/caldera/openssh.spec] Sync with Caldera |
e2bc41f9 | 996 | - (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by |
997 | dtucker@zip.com.au | |
d170feb1 | 998 | - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus |
999 | for Cygwin, Cray, & SCO | |
ef1ac12b | 1000 | |
d5803314 | 1001 | 20020624 |
1002 | - OpenBSD CVS Sync | |
1003 | - deraadt@cvs.openbsd.org 2002/06/23 03:25:50 | |
1004 | [tildexpand.c] | |
1005 | KNF | |
3ddc795d | 1006 | - deraadt@cvs.openbsd.org 2002/06/23 03:26:19 |
1007 | [cipher.c key.c] | |
1008 | KNF | |
d6133f43 | 1009 | - deraadt@cvs.openbsd.org 2002/06/23 03:30:58 |
1010 | [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c | |
1011 | sshpty.c] | |
1012 | various KNF and %d for unsigned | |
9906a836 | 1013 | - deraadt@cvs.openbsd.org 2002/06/23 09:30:14 |
1014 | [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c | |
1015 | sftp.c] | |
1016 | bunch of u_int vs int stuff | |
512df038 | 1017 | - deraadt@cvs.openbsd.org 2002/06/23 09:39:55 |
1018 | [ssh-keygen.c] | |
1019 | u_int stuff | |
7528d467 | 1020 | - deraadt@cvs.openbsd.org 2002/06/23 09:46:51 |
1021 | [bufaux.c servconf.c] | |
1022 | minor KNF. things the fingers do while you read | |
e424e241 | 1023 | - deraadt@cvs.openbsd.org 2002/06/23 10:29:52 |
1024 | [ssh-agent.c sshd.c] | |
1025 | some minor KNF and %u | |
7138ebd9 | 1026 | - deraadt@cvs.openbsd.org 2002/06/23 20:39:45 |
1027 | [session.c] | |
1028 | compression_level is u_int | |
f09ce20a | 1029 | - deraadt@cvs.openbsd.org 2002/06/23 21:06:13 |
1030 | [sshpty.c] | |
1031 | KNF | |
57f228e8 | 1032 | - deraadt@cvs.openbsd.org 2002/06/23 21:06:41 |
1033 | [channels.c channels.h session.c session.h] | |
1034 | display, screen, row, col, xpixel, ypixel are u_int; markus ok | |
0bc50167 | 1035 | - deraadt@cvs.openbsd.org 2002/06/23 21:10:02 |
1036 | [packet.c] | |
1037 | packet_get_int() returns unsigned for reason & seqnr | |
57f228e8 | 1038 | - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col, |
1039 | xpixel are u_int. | |
1040 | ||
d5803314 | 1041 | |
58177c0a | 1042 | 20020623 |
1043 | - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX. | |
dc43acd2 | 1044 | - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset. |
ef3912be | 1045 | - (bal) add extern char *getopt. Based on report by dtucker@zip.com.au |
a8bbdc75 | 1046 | - OpenBSD CVS Sync |
1047 | - stevesk@cvs.openbsd.org 2002/06/22 02:00:29 | |
1048 | [ssh.h] | |
1049 | correct comment | |
1ae02182 | 1050 | - stevesk@cvs.openbsd.org 2002/06/22 02:40:23 |
1051 | [ssh.1] | |
1052 | section 5 not 4 for ssh_config | |
b2843ec6 | 1053 | - naddy@cvs.openbsd.org 2002/06/22 11:51:39 |
1054 | [ssh.1] | |
1055 | typo | |
75653d3e | 1056 | - stevesk@cvs.openbsd.org 2002/06/22 16:32:54 |
1057 | [sshd.8] | |
1058 | add /var/empty in FILES section | |
a56313d7 | 1059 | - stevesk@cvs.openbsd.org 2002/06/22 16:40:19 |
1060 | [sshd.c] | |
1061 | check /var/empty owner mode; ok provos@ | |
e4e83d70 | 1062 | - stevesk@cvs.openbsd.org 2002/06/22 16:41:57 |
1063 | [scp.1] | |
1064 | typo | |
baa08b92 | 1065 | - stevesk@cvs.openbsd.org 2002/06/22 16:45:29 |
1066 | [ssh-agent.1 sshd.8 sshd_config.5] | |
1067 | use process ID vs. pid/PID/process identifier | |
c28876e9 | 1068 | - stevesk@cvs.openbsd.org 2002/06/22 20:05:27 |
1069 | [sshd.c] | |
1070 | don't call setsid() if debugging or run from inetd; no "Operation not | |
1071 | permitted" errors now; ok millert@ markus@ | |
d17ef027 | 1072 | - stevesk@cvs.openbsd.org 2002/06/22 23:09:51 |
1073 | [monitor.c] | |
1074 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | |
1075 | ok provos@ | |
58177c0a | 1076 | |
0b202697 | 1077 | $Id$ |