]>
Commit | Line | Data |
---|---|---|
f86b0eef | 1 | 20020922 |
2 | - (djm) OpenBSD CVS Sync | |
3 | - stevesk@cvs.openbsd.org 2002/09/19 14:53:14 | |
4 | [compat.c] | |
5 | ||
792e7d2d | 6 | 20020919 |
7 | - (djm) OpenBSD CVS Sync | |
8 | - stevesk@cvs.openbsd.org 2002/09/12 19:11:52 | |
9 | [ssh-agent.c] | |
10 | %u for uid print; ok markus@ | |
da0561eb | 11 | - stevesk@cvs.openbsd.org 2002/09/12 19:50:36 |
12 | [session.c ssh.1] | |
13 | add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384. ok markus@ | |
facfd613 | 14 | - stevesk@cvs.openbsd.org 2002/09/13 19:23:09 |
15 | [channels.c sshconnect.c sshd.c] | |
16 | remove use of SO_LINGER, it should not be needed. error check | |
17 | SO_REUSEADDR. fixup comments. ok markus@ | |
8bd4e2ae | 18 | - stevesk@cvs.openbsd.org 2002/09/16 19:55:33 |
19 | [session.c] | |
20 | log when _PATH_NOLOGIN exists; ok markus@ | |
e6fe1bab | 21 | - stevesk@cvs.openbsd.org 2002/09/16 20:12:11 |
22 | [sshd_config.5] | |
23 | more details on X11Forwarding security issues and threats; ok markus@ | |
f1dcc34e | 24 | - stevesk@cvs.openbsd.org 2002/09/16 22:03:13 |
25 | [sshd.8] | |
26 | reference moduli(5) in FILES /etc/moduli. | |
5c0d0e90 | 27 | - itojun@cvs.openbsd.org 2002/09/17 07:47:02 |
28 | [channels.c] | |
29 | don't quit while creating X11 listening socket. | |
30 | http://mail-index.netbsd.org/current-users/2002/09/16/0005.html | |
31 | got from portable. markus ok | |
6939bbd4 | 32 | - djm@cvs.openbsd.org 2002/09/19 01:58:18 |
33 | [ssh.c sshconnect.c] | |
34 | bugzilla.mindrot.org #223 - ProxyCommands don't exit. | |
35 | Patch from dtucker@zip.com.au; ok markus@ | |
792e7d2d | 36 | |
4f3834e8 | 37 | 20020912 |
eee2215e | 38 | - (djm) Made GNOME askpass programs return non-zero if cancel button is |
39 | pressed. | |
10a560d4 | 40 | - (djm) Added getpeereid() replacement. Properly implemented for systems |
41 | with SO_PEERCRED support. Faked for systems which lack it. | |
9fd2a215 | 42 | - (djm) Sync sys/tree.h with OpenBSD -current. Rename tree.h and |
43 | fake-queue.h to sys-tree.h and sys-queue.h | |
4f3834e8 | 44 | - (djm) OpenBSD CVS Sync |
45 | - markus@cvs.openbsd.org 2002/09/08 20:24:08 | |
46 | [hostfile.h] | |
47 | no comma at end of enumerator list | |
696f6bef | 48 | - itojun@cvs.openbsd.org 2002/09/09 06:48:06 |
49 | [auth1.c auth.h auth-krb5.c monitor.c monitor.h] | |
50 | [monitor_wrap.c monitor_wrap.h] | |
51 | kerberos support for privsep. confirmed to work by lha@stacken.kth.se | |
52 | patch from markus | |
661e45a0 | 53 | - markus@cvs.openbsd.org 2002/09/09 14:54:15 |
54 | [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c] | |
55 | signed vs unsigned from -pedantic; ok henning@ | |
87f4111f | 56 | - markus@cvs.openbsd.org 2002/09/10 20:24:47 |
57 | [ssh-agent.c] | |
58 | check the euid of the connecting process with getpeereid(2); | |
59 | ok provos deraadt stevesk | |
07d688d5 | 60 | - stevesk@cvs.openbsd.org 2002/09/11 17:55:03 |
61 | [ssh.1] | |
62 | add agent and X11 forwarding warning text from ssh_config.5; ok markus@ | |
8b10e20e | 63 | - stevesk@cvs.openbsd.org 2002/09/11 18:27:26 |
64 | [authfd.c authfd.h ssh.c] | |
65 | don't connect to agent to test for presence if we've previously | |
66 | connected; ok markus@ | |
00b3ad3e | 67 | - djm@cvs.openbsd.org 2002/09/11 22:41:50 |
68 | [sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h] | |
69 | [sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c] | |
70 | support for short/long listings and globbing in "ls"; ok markus@ | |
be0cd512 | 71 | - djm@cvs.openbsd.org 2002/09/12 00:13:06 |
72 | [sftp-int.c] | |
73 | zap unused var introduced in last commit | |
4f3834e8 | 74 | |
ac8802eb | 75 | 20020911 |
76 | - (djm) Sync openbsd-compat with OpenBSD -current | |
77 | ||
e2e36358 | 78 | 20020910 |
79 | - (djm) Bug #365: Read /.ssh/environment properly under CygWin. | |
80 | Patch from Mark Bradshaw <bradshaw@staff.crosswalk.com> | |
35c4faf5 | 81 | - (djm) Bug #138: Make protocol 1 blowfish work with old OpenSSL. |
82 | Patch from Robert Halubek <rob@adso.com.pl> | |
e2e36358 | 83 | |
3445ca02 | 84 | 20020905 |
85 | - (djm) OpenBSD CVS Sync | |
86 | - stevesk@cvs.openbsd.org 2002/09/04 18:52:42 | |
87 | [servconf.c sshd.8 sshd_config.5] | |
88 | default LoginGraceTime to 2m; 1m may be too short for slow systems. | |
89 | ok markus@ | |
cbecf1ed | 90 | - (djm) Merge openssh-TODO.patch from Redhat (null) beta |
c4ee4c60 | 91 | - (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from |
92 | Nalin Dahyabhai <nalin@redhat.com> | |
3c1dff28 | 93 | - (djm) Add support for building gtk2 password requestor from Redhat beta |
3445ca02 | 94 | |
954640a4 | 95 | 20020903 |
33e2e066 | 96 | - (djm) Patch from itojun@ for Darwin OS: test getaddrinfo, reorder libcrypt |
e18b7d35 | 97 | - (djm) Fix Redhat RPM build dependancy test |
954640a4 | 98 | - (djm) OpenBSD CVS Sync |
99 | - markus@cvs.openbsd.org 2002/08/12 10:46:35 | |
100 | [ssh-agent.c] | |
101 | make ssh-agent setgid, disallow ptrace. | |
755c4339 | 102 | - espie@cvs.openbsd.org 2002/08/21 11:20:59 |
103 | [sshd.8] | |
104 | `RSA' updated to refer to `public key', where it matters. | |
105 | okay markus@ | |
6e0fbda1 | 106 | - stevesk@cvs.openbsd.org 2002/08/21 19:38:06 |
107 | [servconf.c sshd.8 sshd_config sshd_config.5] | |
108 | change LoginGraceTime default to 1 minute; ok mouring@ markus@ | |
00e41835 | 109 | - stevesk@cvs.openbsd.org 2002/08/21 20:10:28 |
110 | [ssh-agent.c] | |
111 | raise listen backlog; ok markus@ | |
c1a4eef1 | 112 | - stevesk@cvs.openbsd.org 2002/08/22 19:27:53 |
113 | [ssh-agent.c] | |
114 | use common close function; ok markus@ | |
1d77f8cb | 115 | - stevesk@cvs.openbsd.org 2002/08/22 19:38:42 |
116 | [clientloop.c] | |
117 | format with current EscapeChar; bugzilla #388 from wknox@mitre.org. | |
118 | ok markus@ | |
f34ec885 | 119 | - stevesk@cvs.openbsd.org 2002/08/22 20:57:19 |
120 | [ssh-agent.c] | |
121 | shutdown(SHUT_RDWR) not needed before close here; ok markus@ | |
848bf884 | 122 | - markus@cvs.openbsd.org 2002/08/22 21:33:58 |
123 | [auth1.c auth2.c] | |
124 | auth_root_allowed() is handled by the monitor in the privsep case, | |
125 | so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325 | |
6c723e7c | 126 | - markus@cvs.openbsd.org 2002/08/22 21:45:41 |
127 | [session.c] | |
128 | send signal name (not signal number) in "exit-signal" message; noticed | |
129 | by galb@vandyke.com | |
b41baf4d | 130 | - stevesk@cvs.openbsd.org 2002/08/27 17:13:56 |
131 | [ssh-rsa.c] | |
132 | RSA_public_decrypt() returns -1 on error so len must be signed; | |
133 | ok markus@ | |
dbcdea68 | 134 | - stevesk@cvs.openbsd.org 2002/08/27 17:18:40 |
135 | [ssh_config.5] | |
136 | some warning text for ForwardAgent and ForwardX11; ok markus@ | |
ba1566dd | 137 | - stevesk@cvs.openbsd.org 2002/08/29 15:57:25 |
138 | [monitor.c session.c sshlogin.c sshlogin.h] | |
139 | pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org> | |
140 | NOTE: there are also p-specific parts to this patch. ok markus@ | |
e59404d1 | 141 | - stevesk@cvs.openbsd.org 2002/08/29 16:02:54 |
142 | [ssh.1 ssh.c] | |
143 | deprecate -P as UsePrivilegedPort defaults to no now; ok markus@ | |
878b8992 | 144 | - stevesk@cvs.openbsd.org 2002/08/29 16:09:02 |
145 | [ssh_config.5] | |
146 | more on UsePrivilegedPort and setuid root; ok markus@ | |
9f324470 | 147 | - stevesk@cvs.openbsd.org 2002/08/29 19:49:42 |
148 | [ssh.c] | |
149 | shrink initial privilege bracket for setuid case; ok markus@ | |
57ff5eeb | 150 | - stevesk@cvs.openbsd.org 2002/08/29 22:54:10 |
151 | [ssh_config.5 sshd_config.5] | |
152 | state XAuthLocation is a full pathname | |
954640a4 | 153 | |
b85698ab | 154 | 20020820 |
155 | - OpenBSD CVS Sync | |
156 | - millert@cvs.openbsd.org 2002/08/02 14:43:15 | |
157 | [monitor.c monitor_mm.c] | |
158 | Change mm_zalloc() sanity checks to be more in line with what | |
159 | we do in calloc() and add a check to monitor_mm.c. | |
160 | OK provos@ and markus@ | |
6a342527 | 161 | - marc@cvs.openbsd.org 2002/08/02 16:00:07 |
162 | [ssh.1 sshd.8] | |
163 | note that .ssh/environment is only read when | |
164 | allowed (PermitUserEnvironment in sshd_config). | |
165 | OK markus@ | |
4004c2ac | 166 | - markus@cvs.openbsd.org 2002/08/02 21:23:41 |
167 | [ssh-rsa.c] | |
168 | diff is u_int (2x); ok deraadt/provos | |
0caf874a | 169 | - markus@cvs.openbsd.org 2002/08/02 22:20:30 |
170 | [ssh-rsa.c] | |
171 | replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser | |
172 | for authentication; ok deraadt/djm | |
75cf7563 | 173 | - aaron@cvs.openbsd.org 2002/08/08 13:50:23 |
174 | [sshconnect1.c] | |
175 | Use & to test if bits are set, not &&; markus@ ok. | |
d6097023 | 176 | - stevesk@cvs.openbsd.org 2002/08/08 23:54:52 |
177 | [auth.c] | |
178 | typo in comment | |
36535ee6 | 179 | - stevesk@cvs.openbsd.org 2002/08/09 17:21:42 |
180 | [sshd_config.5] | |
181 | use Op for mdoc conformance; from esr@golux.thyrsus.com | |
182 | ok aaron@ | |
b3641662 | 183 | - stevesk@cvs.openbsd.org 2002/08/09 17:41:12 |
184 | [sshd_config.5] | |
185 | proxy vs. fake display | |
35453849 | 186 | - stevesk@cvs.openbsd.org 2002/08/12 17:30:35 |
187 | [ssh.1 sshd.8 sshd_config.5] | |
188 | more PermitUserEnvironment; ok markus@ | |
24794905 | 189 | - stevesk@cvs.openbsd.org 2002/08/17 23:07:14 |
190 | [ssh.1] | |
191 | ForwardAgent has defaulted to no for over 2 years; be more clear here. | |
4dcbbeea | 192 | - stevesk@cvs.openbsd.org 2002/08/17 23:55:01 |
193 | [ssh_config.5] | |
194 | ordered list here | |
7d3b91a6 | 195 | - (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign |
196 | it to ULONG_MAX. | |
b85698ab | 197 | |
cd018561 | 198 | 20020813 |
199 | - (tim) [configure.ac] Display OpenSSL header/library version. | |
200 | Patch by dtucker@zip.com.au | |
201 | ||
8a48a7ef | 202 | 20020731 |
203 | - (bal) OpenBSD CVS Sync | |
204 | - markus@cvs.openbsd.org 2002/07/24 16:11:18 | |
205 | [hostfile.c hostfile.h sshconnect.c] | |
206 | print out all known keys for a host if we get a unknown host key, | |
207 | see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 | |
208 | ||
209 | the ssharp mitm tool attacks users in a similar way, so i'd like to | |
210 | pointed out again: | |
211 | A MITM attack is always possible if the ssh client prints: | |
212 | The authenticity of host 'bla' can't be established. | |
213 | (protocol version 2 with pubkey authentication allows you to detect | |
214 | MITM attacks) | |
5cb5518b | 215 | - mouring@cvs.openbsd.org 2002/07/25 01:16:59 |
216 | [sftp.c] | |
217 | FallBackToRsh does not exist anywhere else. Remove it from here. | |
218 | OK deraadt. | |
567a05bf | 219 | - markus@cvs.openbsd.org 2002/07/29 18:57:30 |
220 | [sshconnect.c] | |
221 | print file:line | |
f00bab84 | 222 | - markus@cvs.openbsd.org 2002/07/30 17:03:55 |
223 | [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5] | |
224 | add PermitUserEnvironment (off by default!); from dot@dotat.at; | |
225 | ok provos, deraadt | |
8a48a7ef | 226 | |
13979d47 | 227 | 20020730 |
228 | - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de | |
229 | ||
d228d9dd | 230 | 20020728 |
231 | - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar | |
16c4a972 | 232 | - (stevesk) [CREDITS] solar |
75131bbd | 233 | - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned |
234 | char arg. | |
d228d9dd | 235 | |
d40af5fa | 236 | 20020725 |
237 | - (djm) Remove some cruft from INSTALL | |
d91b4743 | 238 | - (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/ |
d40af5fa | 239 | |
56b54901 | 240 | 20020723 |
241 | - (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger. | |
918ffb0b | 242 | - (bal) sync ID w/ ssh-agent.c |
516f0d7d | 243 | - (bal) OpenBSD Sync |
244 | - markus@cvs.openbsd.org 2002/07/19 15:43:33 | |
245 | [log.c log.h session.c sshd.c] | |
246 | remove fatal cleanups after fork; based on discussions with and code | |
247 | from solar. | |
5d185586 | 248 | - stevesk@cvs.openbsd.org 2002/07/19 17:42:40 |
249 | [ssh.c] | |
250 | display a warning from ssh when XAuthLocation does not exist or xauth | |
251 | returned no authentication data. ok markus@ | |
30998af1 | 252 | - stevesk@cvs.openbsd.org 2002/07/21 18:32:20 |
253 | [auth-options.c] | |
254 | unneeded includes | |
dbc728ff | 255 | - stevesk@cvs.openbsd.org 2002/07/21 18:34:43 |
256 | [auth-options.h] | |
257 | remove invalid comment | |
97686bf9 | 258 | - markus@cvs.openbsd.org 2002/07/22 11:03:06 |
259 | [session.c] | |
260 | fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors; | |
d341742a | 261 | - stevesk@cvs.openbsd.org 2002/07/22 17:32:56 |
262 | [monitor.c] | |
263 | u_int here; ok provos@ | |
67f04db1 | 264 | - stevesk@cvs.openbsd.org 2002/07/23 16:03:10 |
265 | [sshd.c] | |
266 | utmp_len is unsigned; display error consistent with other options. | |
267 | ok markus@ | |
0df3a240 | 268 | - stevesk@cvs.openbsd.org 2002/07/15 17:15:31 |
269 | [uidswap.c] | |
270 | little more debugging; ok markus@ | |
d341742a | 271 | |
21c2c5cd | 272 | 20020722 |
273 | - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk | |
a93bd14c | 274 | - (stevesk) [xmmap.c] missing prototype for fatal() |
ccbb983c | 275 | - (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync |
276 | with Cray (mostly #ifdef renaming). Patch by wendyp@cray.com. | |
d262b7f2 | 277 | - (bal) [configure.ac] Missing ;; from cray patch. |
30eab01d | 278 | - (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines |
279 | into it's own header. | |
ee48c949 | 280 | - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be |
281 | freed by the caller; add free_pam_environment() and use it. | |
1d3f4ae7 | 282 | - (stevesk) [auth-pam.c] typo in comment |
21c2c5cd | 283 | |
b992432e | 284 | 20020721 |
285 | - (stevesk) [auth-pam.c] merge cosmetic changes from solar's | |
286 | openssh-3.4p1-owl-password-changing.diff | |
277f55cf | 287 | - (stevesk) [auth-pam.c] merge rest of solar's PAM patch; |
288 | PAM_NEW_AUTHTOK_REQD remains in #if 0 for now. | |
f7808a93 | 289 | - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch |
290 | warning on pam_conv struct conversation function. | |
337dde6b | 291 | - (stevesk) [auth-pam.h] license |
8565f28e | 292 | - (stevesk) [auth-pam.h] unneeded include |
e9b2c23d | 293 | - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h |
b992432e | 294 | |
ce88d9df | 295 | 20020720 |
296 | - (stevesk) [ssh-keygen.c] bug #231: always init/seed_rng(). | |
297 | ||
4379c0e5 | 298 | 20020719 |
299 | - (tim) [contrib/solaris/buildpkg.sh] create privsep user/group if needed. | |
300 | Patch by dtucker@zip.com.au | |
f75ca46d | 301 | - (tim) [configure.ac] test for libxnet on HP. Patch by dtucker@zip.com.au |
4379c0e5 | 302 | |
45491100 | 303 | 20020718 |
304 | - (tim) [defines.h] Bug 313 patch by dirk.meyer@dinoex.sub.org | |
305 | - (tim) [monitor_mm.c] add missing declaration for xmmap(). Reported | |
306 | by ayamura@ayamura.org | |
1cbbe6c8 | 307 | - (tim) [configure.ac] Bug 267 rework int64_t test. |
5749e709 | 308 | - (tim) [includes.h] Bug 267 add stdint.h |
45491100 | 309 | |
dd3943d0 | 310 | 20020717 |
311 | - (bal) aixbff package updated by dtucker@zip.com.au | |
2bf42e4a | 312 | - (tim) [configure.ac] change how we do paths in AC_PATH_PROGS tests |
313 | for autoconf 2.53. Based on a patch by jrj@purdue.edu | |
dd3943d0 | 314 | |
8fc47887 | 315 | 20020716 |
316 | - (tim) [contrib/solaris/opensshd.in] Only kill sshd if .pid file found | |
317 | ||
c750d869 | 318 | 20020715 |
319 | - (bal) OpenBSD CVS Sync | |
320 | - itojun@cvs.openbsd.org 2002/07/12 13:29:09 | |
321 | [sshconnect.c] | |
322 | print connect failure during debugging mode. | |
a2f883ce | 323 | - markus@cvs.openbsd.org 2002/07/12 15:50:17 |
324 | [cipher.c] | |
325 | EVP_CIPH_CUSTOM_IV for our own rijndael | |
2d199535 | 326 | - (bal) Remove unused tty defined in do_setusercontext() pointed out by |
327 | dtucker@zip.com.au plus a a more KNF since I am near it. | |
846be3f4 | 328 | - (bal) Privsep user creation support in Solaris buildpkg.sh by |
329 | dtucker@zip.com.au | |
c750d869 | 330 | |
798c5808 | 331 | 20020714 |
332 | - (tim) [Makefile.in] replace "id sshd" with "sshd -t" | |
4165b82e | 333 | - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c |
334 | openbsd-compat/Makefile.in] support compression on platforms that | |
335 | have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c | |
336 | Based on patch from nalin@redhat.com of code extracted from Owl's package | |
5fd8087a | 337 | - (tim) [ssh_prng_cmds.in] Bug 323 arp -n flag doesn't exist under Solaris. |
338 | report by chris@by-design.net | |
fdebdd4f | 339 | - (tim) [loginrec.c] Bug 347: Fix typo (WTMPX_FILE) report by rodney@bond.net |
d80063fe | 340 | - (tim) [loginrec.c] Bug 348: add missing found = 1; to wtmpx_islogin() |
341 | report by rodney@bond.net | |
798c5808 | 342 | |
6b2a3595 | 343 | 20020712 |
344 | - (tim) [Makefile.in] quiet down install-files: and check-user: | |
3085601b | 345 | - (tim) [configure.ac] remove unused filepriv line |
6b2a3595 | 346 | |
249f9903 | 347 | 20020710 |
348 | - (tim) [contrib/cygwin/ssh-host-config] explicitely sets the permissions | |
349 | on /var/empty to 755 Patch by vinschen@redhat.com | |
6f901f8e | 350 | - (bal) OpenBSD CVS Sync |
351 | - itojun@cvs.openbsd.org 2002/07/09 11:56:50 | |
352 | [sshconnect.c] | |
353 | silently try next address on connect(2). markus ok | |
59c825e1 | 354 | - itojun@cvs.openbsd.org 2002/07/09 11:56:27 |
355 | [canohost.c] | |
356 | suppress log on reverse lookup failiure, as there's no real value in | |
357 | doing so. | |
358 | markus ok | |
aab5431b | 359 | - itojun@cvs.openbsd.org 2002/07/09 12:04:02 |
360 | [sshconnect.c] | |
361 | ed static function (less warnings) | |
94ad46d1 | 362 | - stevesk@cvs.openbsd.org 2002/07/09 17:46:25 |
363 | [sshd_config.5] | |
364 | clarify no preference ordering in protocol list; ok markus@ | |
9bd68577 | 365 | - itojun@cvs.openbsd.org 2002/07/10 10:28:15 |
366 | [sshconnect.c] | |
367 | bark if all connection attempt fails. | |
09683edf | 368 | - deraadt@cvs.openbsd.org 2002/07/10 17:53:54 |
369 | [rijndael.c] | |
370 | use right sizeof in memcpy; markus ok | |
249f9903 | 371 | |
e6f15ed1 | 372 | 20020709 |
373 | - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms | |
374 | lacking that concept can share it. Patch by vinschen@redhat.com | |
375 | ||
4f9d6706 | 376 | 20020708 |
377 | - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to | |
378 | work in a jumpstart environment. patch by kbrint@rufus.net | |
b451e27b | 379 | - (tim) [Makefile.in] workaround for broken pakadd on some systems. |
cda1ebcb | 380 | - (tim) [configure.ac] fix libc89 utimes test. Mention default path for |
381 | --with-privsep-path= | |
4f9d6706 | 382 | |
ac74561e | 383 | 20020707 |
384 | - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH) | |
94d8258b | 385 | - (tim) [acconfig.h configure.ac sshd.c] |
386 | s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/ | |
d41f8eed | 387 | - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes |
388 | patch from vinschen@redhat.com | |
0b832146 | 389 | - (bal) [realpath.c] Updated with OpenBSD tree. |
da2499f5 | 390 | - (bal) OpenBSD CVS Sync |
391 | - deraadt@cvs.openbsd.org 2002/07/04 04:15:33 | |
392 | [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c] | |
393 | patch memory leaks; grendel@zeitbombe.org | |
e1feb9bf | 394 | - deraadt@cvs.openbsd.org 2002/07/04 08:12:15 |
395 | [channels.c packet.c] | |
396 | blah blah minor nothing as i read and re-read and re-read... | |
eb9f2fab | 397 | - markus@cvs.openbsd.org 2002/07/04 10:41:47 |
398 | [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c] | |
399 | don't allocate, copy, and discard if there is not interested in the data; | |
400 | ok deraadt@ | |
4394a17f | 401 | - deraadt@cvs.openbsd.org 2002/07/06 01:00:49 |
402 | [log.c] | |
403 | KNF | |
50d2fbbc | 404 | - deraadt@cvs.openbsd.org 2002/07/06 01:01:26 |
405 | [ssh-keyscan.c] | |
406 | KNF, realloc fix, and clean usage | |
12a3f2c3 | 407 | - stevesk@cvs.openbsd.org 2002/07/06 17:47:58 |
408 | [ssh-keyscan.c] | |
409 | unused variable | |
41545cb6 | 410 | - (bal) Minor KNF on ssh-keyscan.c |
ac74561e | 411 | |
0764e748 | 412 | 20020705 |
413 | - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs. | |
414 | Reported by Darren Tucker <dtucker@zip.com.au> | |
e12659f4 | 415 | - (tim) [contrib/cygwin/ssh-host-config] double slash corrction |
416 | from vinschen@redhat.com | |
0764e748 | 417 | |
64c0ce80 | 418 | 20020704 |
419 | - (bal) Limit data to TTY for AIX only (Newer versions can't handle the | |
420 | faster data rate) Bug #124 | |
375c1dee | 421 | - (bal) glob.c defines TILDE and AIX also defines it. #undef it first. |
422 | bug #265 | |
ff2de800 | 423 | - (bal) One too many nulls in ports-aix.c |
64c0ce80 | 424 | |
d2f95449 | 425 | 20020703 |
426 | - (bal) Updated contrib/cygwin/ patch by vinschen@redhat.com | |
619a6aff | 427 | - (bal) minor correction to utimes() replacement. Patch by |
428 | onoe@sm.sony.co.jp | |
f11fe301 | 429 | - OpenBSD CVS Sync |
430 | - markus@cvs.openbsd.org 2002/06/27 08:49:44 | |
431 | [dh.c ssh-keyscan.c sshconnect.c] | |
432 | more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@ | |
181d6635 | 433 | - deraadt@cvs.openbsd.org 2002/06/27 09:08:00 |
434 | [monitor.c] | |
435 | improve mm_zalloc check; markus ok | |
30e37ee6 | 436 | - deraadt@cvs.openbsd.org 2002/06/27 10:35:47 |
437 | [auth2-none.c monitor.c sftp-client.c] | |
438 | use xfree() | |
c8f94200 | 439 | - stevesk@cvs.openbsd.org 2002/06/27 19:49:08 |
440 | [ssh-keyscan.c] | |
441 | use convtime(); ok markus@ | |
a64d3560 | 442 | - millert@cvs.openbsd.org 2002/06/28 01:49:31 |
443 | [monitor_mm.c] | |
444 | tree(3) wants an int return value for its compare functions and | |
445 | the difference between two pointers is not an int. Just do the | |
446 | safest thing and store the result in a long and then return 0, | |
447 | -1, or 1 based on that result. | |
405a0d43 | 448 | - deraadt@cvs.openbsd.org 2002/06/28 01:50:37 |
449 | [monitor_wrap.c] | |
450 | use ssize_t | |
4efd85b2 | 451 | - deraadt@cvs.openbsd.org 2002/06/28 10:08:25 |
452 | [sshd.c] | |
453 | range check -u option at invocation | |
6ded293b | 454 | - deraadt@cvs.openbsd.org 2002/06/28 23:05:06 |
455 | [sshd.c] | |
456 | gidset[2] -> gidset[1]; markus ok | |
7fdc56c5 | 457 | - deraadt@cvs.openbsd.org 2002/06/30 21:54:16 |
458 | [auth2.c session.c sshd.c] | |
459 | lint asks that we use names that do not overlap | |
343288b8 | 460 | - deraadt@cvs.openbsd.org 2002/06/30 21:59:45 |
461 | [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c | |
462 | monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c | |
463 | sshconnect2.c sshd.c] | |
464 | minor KNF | |
7d60d74c | 465 | - deraadt@cvs.openbsd.org 2002/07/01 16:15:25 |
466 | [msg.c] | |
467 | %u | |
713f6cd9 | 468 | - markus@cvs.openbsd.org 2002/07/01 19:48:46 |
469 | [sshconnect2.c] | |
470 | for compression=yes, we fallback to no-compression if the server does | |
471 | not support compression, vice versa for compression=no. ok mouring@ | |
261189cc | 472 | - markus@cvs.openbsd.org 2002/07/03 09:55:38 |
473 | [ssh-keysign.c] | |
474 | use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) | |
475 | in order to avoid a possible Kocher timing attack pointed out by Charles | |
476 | Hannum; ok provos@ | |
60cd0a97 | 477 | - markus@cvs.openbsd.org 2002/07/03 14:21:05 |
478 | [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] | |
479 | re-enable ssh-keysign's sbit, but make ssh-keysign read | |
480 | /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled | |
481 | globally. based on discussions with deraadt, itojun and sommerfeld; | |
482 | ok itojun@ | |
56fd97d7 | 483 | - (bal) Failed password attempts don't increment counter on AIX. Bug #145 |
e8aa0a5c | 484 | - (bal) Missed Makefile.in change. keysign needs readconf.o |
0ba40daa | 485 | - (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess. |
56fd97d7 | 486 | |
b2f295dc | 487 | 20020702 |
488 | - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & | |
489 | friends consistently. Spotted by Solar Designer <solar@openwall.com> | |
490 | ||
3c3e878a | 491 | 20020629 |
492 | - (bal) fix to auth2-pam.c to swap fatal() arguments, A bit of style | |
493 | clean up while I'm near it. | |
494 | ||
811ee370 | 495 | 20020628 |
496 | - (stevesk) [sshd_config] PAMAuthenticationViaKbdInt no; commented | |
497 | options should contain default value. from solar. | |
b9b82dab | 498 | - (bal) Cygwin uid0 fix by vinschen@redhat.com |
17962c40 | 499 | - (bal) s/config.h/includes.h/ in openbsd-compat/ for *.c. Otherwise wise |
500 | have issues of our fixes not propogating right (ie bcopy instead of | |
501 | memmove). OK tim | |
4fa4fb00 | 502 | - (bal) FreeBSD needs <sys/types.h> to detect if mmap() is supported. |
503 | Bug #303 | |
811ee370 | 504 | |
ce88d9df | 505 | 20020627 |
d1ff09ba | 506 | - OpenBSD CVS Sync |
507 | - deraadt@cvs.openbsd.org 2002/06/26 14:49:36 | |
508 | [monitor.c] | |
509 | correct %u | |
63b5f1a1 | 510 | - deraadt@cvs.openbsd.org 2002/06/26 14:50:04 |
511 | [monitor_fdpass.c] | |
512 | use ssize_t for recvmsg() and sendmsg() return | |
1431a900 | 513 | - markus@cvs.openbsd.org 2002/06/26 14:51:33 |
514 | [ssh-add.c] | |
515 | fix exit code for -X/-x | |
bb0640b2 | 516 | - deraadt@cvs.openbsd.org 2002/06/26 15:00:32 |
517 | [monitor_wrap.c] | |
518 | more %u | |
20e79e98 | 519 | - markus@cvs.openbsd.org 2002/06/26 22:27:32 |
520 | [ssh-keysign.c] | |
521 | bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu | |
d1ff09ba | 522 | |
4bfa8bb6 | 523 | 20020626 |
524 | - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM | |
a594fa74 | 525 | - (bal) OpenBSD CVS Sync |
526 | - markus@cvs.openbsd.org 2002/06/23 21:34:07 | |
527 | [channels.c] | |
528 | tcode is u_int | |
38501509 | 529 | - markus@cvs.openbsd.org 2002/06/24 13:12:23 |
530 | [ssh-agent.1] | |
531 | the socket name contains ssh-agent's ppid; via mpech@ from form@ | |
f91d9a89 | 532 | - markus@cvs.openbsd.org 2002/06/24 14:33:27 |
533 | [channels.c channels.h clientloop.c serverloop.c] | |
534 | move channel counter to u_int | |
1169c3df | 535 | - markus@cvs.openbsd.org 2002/06/24 14:55:38 |
536 | [authfile.c kex.c ssh-agent.c] | |
537 | cat to (void) when output from buffer_get_X is ignored | |
09915dc1 | 538 | - itojun@cvs.openbsd.org 2002/06/24 15:49:22 |
539 | [msg.c] | |
540 | printf type pedant | |
d0a1c5d1 | 541 | - deraadt@cvs.openbsd.org 2002/06/24 17:57:20 |
542 | [sftp-server.c sshpty.c] | |
543 | explicit (u_int) for uid and gid | |
6c69a6a9 | 544 | - markus@cvs.openbsd.org 2002/06/25 16:22:42 |
545 | [authfd.c] | |
546 | unnecessary cast | |
87809a1f | 547 | - markus@cvs.openbsd.org 2002/06/25 18:51:04 |
548 | [sshd.c] | |
549 | lightweight do_setusercontext after chroot() | |
924681ee | 550 | - (bal) Updated AIX package build. Patch by dtucker@zip.com.au |
46c8ebb3 | 551 | - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8 |
78beb77d | 552 | - (bal) added back in error check for mmap(). I screwed up, Pointed |
553 | out by stevesk@ | |
f2d9a1f8 | 554 | - (tim) [README.privsep] UnixWare tip no longer needed. |
88cb875c | 555 | - (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP, |
556 | but it all damned lies. | |
0d0270e6 | 557 | - (stevesk) [README.privsep] more for sshd pseudo-account. |
8029e7fc | 558 | - (tim) [contrib/caldera/openssh.spec] add support for privsep |
8695f9f7 | 559 | - (djm) setlogin needs pgid==pid on BSD/OS; from itojun@ |
b29fe4ea | 560 | - (djm) OpenBSD CVS Sync |
561 | - markus@cvs.openbsd.org 2002/06/26 08:53:12 | |
562 | [bufaux.c] | |
563 | limit size of BNs to 8KB; ok provos/deraadt | |
22d62d31 | 564 | - markus@cvs.openbsd.org 2002/06/26 08:54:18 |
565 | [buffer.c] | |
566 | limit append to 1MB and buffers to 10MB | |
5df8c731 | 567 | - markus@cvs.openbsd.org 2002/06/26 08:55:02 |
568 | [channels.c] | |
569 | limit # of channels to 10000 | |
87f18810 | 570 | - markus@cvs.openbsd.org 2002/06/26 08:58:26 |
571 | [session.c] | |
572 | limit # of env vars to 1000; ok deraadt/djm | |
2f095a0e | 573 | - deraadt@cvs.openbsd.org 2002/06/26 13:20:57 |
574 | [monitor.c] | |
575 | be careful in mm_zalloc | |
66087567 | 576 | - deraadt@cvs.openbsd.org 2002/06/26 13:49:26 |
577 | [session.c] | |
578 | disclose less information from environment files; based on input | |
579 | from djm, and dschultz@uclink.Berkeley.EDU | |
477edc5d | 580 | - markus@cvs.openbsd.org 2002/06/26 13:55:37 |
581 | [auth2-chall.c] | |
582 | make sure # of response matches # of queries, fixes int overflow; | |
583 | from ISS | |
03b14b6f | 584 | - markus@cvs.openbsd.org 2002/06/26 13:56:27 |
585 | [version.h] | |
586 | 3.4 | |
9c696d0d | 587 | - (djm) Require krb5 devel for RPM build w/ KrbV |
c4186be7 | 588 | - (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai |
589 | <nalin@redhat.com> | |
1e7bc74c | 590 | - (djm) Update spec files for release |
49b53b03 | 591 | - (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS |
03b14b6f | 592 | - (djm) Release 3.4p1 |
6519cfd6 | 593 | - (tim) [contrib/caldera/openssh.spec] remove 2 configure options I put in |
594 | by mistake | |
4bfa8bb6 | 595 | |
ef1ac12b | 596 | 20020625 |
597 | - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh | |
1a44c6f7 | 598 | - (stevesk) [README.privsep] minor updates |
fd3cbf67 | 599 | - (djm) Create privsep directory and warn if privsep user is missing |
600 | during make install | |
702b2855 | 601 | - (bal) Started list of PrivSep issues in TODO |
1c6249af | 602 | - (bal) if mmap() is substandard, don't allow compression on server side. |
603 | Post 'event' we will add more options. | |
cbaa3d44 | 604 | - (tim) [contrib/caldera/openssh.spec] Sync with Caldera |
e2bc41f9 | 605 | - (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by |
606 | dtucker@zip.com.au | |
d170feb1 | 607 | - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus |
608 | for Cygwin, Cray, & SCO | |
ef1ac12b | 609 | |
d5803314 | 610 | 20020624 |
611 | - OpenBSD CVS Sync | |
612 | - deraadt@cvs.openbsd.org 2002/06/23 03:25:50 | |
613 | [tildexpand.c] | |
614 | KNF | |
3ddc795d | 615 | - deraadt@cvs.openbsd.org 2002/06/23 03:26:19 |
616 | [cipher.c key.c] | |
617 | KNF | |
d6133f43 | 618 | - deraadt@cvs.openbsd.org 2002/06/23 03:30:58 |
619 | [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c | |
620 | sshpty.c] | |
621 | various KNF and %d for unsigned | |
9906a836 | 622 | - deraadt@cvs.openbsd.org 2002/06/23 09:30:14 |
623 | [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c | |
624 | sftp.c] | |
625 | bunch of u_int vs int stuff | |
512df038 | 626 | - deraadt@cvs.openbsd.org 2002/06/23 09:39:55 |
627 | [ssh-keygen.c] | |
628 | u_int stuff | |
7528d467 | 629 | - deraadt@cvs.openbsd.org 2002/06/23 09:46:51 |
630 | [bufaux.c servconf.c] | |
631 | minor KNF. things the fingers do while you read | |
e424e241 | 632 | - deraadt@cvs.openbsd.org 2002/06/23 10:29:52 |
633 | [ssh-agent.c sshd.c] | |
634 | some minor KNF and %u | |
7138ebd9 | 635 | - deraadt@cvs.openbsd.org 2002/06/23 20:39:45 |
636 | [session.c] | |
637 | compression_level is u_int | |
f09ce20a | 638 | - deraadt@cvs.openbsd.org 2002/06/23 21:06:13 |
639 | [sshpty.c] | |
640 | KNF | |
57f228e8 | 641 | - deraadt@cvs.openbsd.org 2002/06/23 21:06:41 |
642 | [channels.c channels.h session.c session.h] | |
643 | display, screen, row, col, xpixel, ypixel are u_int; markus ok | |
0bc50167 | 644 | - deraadt@cvs.openbsd.org 2002/06/23 21:10:02 |
645 | [packet.c] | |
646 | packet_get_int() returns unsigned for reason & seqnr | |
57f228e8 | 647 | - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col, |
648 | xpixel are u_int. | |
649 | ||
d5803314 | 650 | |
58177c0a | 651 | 20020623 |
652 | - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX. | |
dc43acd2 | 653 | - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset. |
ef3912be | 654 | - (bal) add extern char *getopt. Based on report by dtucker@zip.com.au |
a8bbdc75 | 655 | - OpenBSD CVS Sync |
656 | - stevesk@cvs.openbsd.org 2002/06/22 02:00:29 | |
657 | [ssh.h] | |
658 | correct comment | |
1ae02182 | 659 | - stevesk@cvs.openbsd.org 2002/06/22 02:40:23 |
660 | [ssh.1] | |
661 | section 5 not 4 for ssh_config | |
b2843ec6 | 662 | - naddy@cvs.openbsd.org 2002/06/22 11:51:39 |
663 | [ssh.1] | |
664 | typo | |
75653d3e | 665 | - stevesk@cvs.openbsd.org 2002/06/22 16:32:54 |
666 | [sshd.8] | |
667 | add /var/empty in FILES section | |
a56313d7 | 668 | - stevesk@cvs.openbsd.org 2002/06/22 16:40:19 |
669 | [sshd.c] | |
670 | check /var/empty owner mode; ok provos@ | |
e4e83d70 | 671 | - stevesk@cvs.openbsd.org 2002/06/22 16:41:57 |
672 | [scp.1] | |
673 | typo | |
baa08b92 | 674 | - stevesk@cvs.openbsd.org 2002/06/22 16:45:29 |
675 | [ssh-agent.1 sshd.8 sshd_config.5] | |
676 | use process ID vs. pid/PID/process identifier | |
c28876e9 | 677 | - stevesk@cvs.openbsd.org 2002/06/22 20:05:27 |
678 | [sshd.c] | |
679 | don't call setsid() if debugging or run from inetd; no "Operation not | |
680 | permitted" errors now; ok millert@ markus@ | |
d17ef027 | 681 | - stevesk@cvs.openbsd.org 2002/06/22 23:09:51 |
682 | [monitor.c] | |
683 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | |
684 | ok provos@ | |
58177c0a | 685 | |
0b202697 | 686 | $Id$ |