]>
Commit | Line | Data |
---|---|---|
f1b0ecc3 | 1 | 20020122 |
2 | - (djm) autoconf hacking: | |
3 | - We don't support --without-zlib currently, so don't allow it. | |
4 | - Rework cryptographic random number support detection. We now detect | |
5 | whether OpenSSL seeds itself. If it does, then we don't bother with | |
6 | the ssh-rand-helper program. You can force the use of ssh-rand-helper | |
7 | using the --with-rand-helper configure argument | |
8 | - Simplify and clean up ssh-rand-helper configuration | |
9780116c | 9 | - Add OpenSSL sanity check: verify that header version matches version |
10 | reported by library | |
49d7ed32 | 11 | - (djm) Fix some bugs I introduced into ssh-rand-helper yesterday |
3dc93cd8 | 12 | - OpenBSD CVS Sync |
13 | - djm@cvs.openbsd.org 2001/12/21 08:52:22 | |
14 | [ssh-keygen.1 ssh-keygen.c] | |
15 | Remove default (rsa1) key type; ok markus@ | |
f9654cd7 | 16 | - djm@cvs.openbsd.org 2001/12/21 08:53:45 |
17 | [readpass.c] | |
18 | Avoid interruptable passphrase read; ok markus@ | |
f1b0ecc3 | 19 | |
40f64e6f | 20 | 20020121 |
21 | - (djm) Rework ssh-rand-helper: | |
22 | - Reduce quantity of ifdef code, in preparation for ssh_rand_conf | |
23 | - Always seed from system calls, even when doing PRNGd seeding | |
24 | - Tidy and comment #define knobs | |
25 | - Remove unused facility for multiple runs through command list | |
26 | - KNF, cleanup, update copyright | |
27 | ||
088cdc23 | 28 | 20020114 |
29 | - (djm) Bug #50 - make autoconf entropy path checks more robust | |
30 | ||
760b35a6 | 31 | 20020108 |
32 | - (djm) Merge Cygwin copy_environment with do_pam_environment, removing | |
33 | fixed env var size limit in the process. Report from Corinna Vinschen | |
34 | <vinschen@redhat.com> | |
5cbceb3f | 35 | - (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does |
36 | not depend on transition links. from Lutz Jaenicke. | |
760b35a6 | 37 | |
1d2a4613 | 38 | 20020106 |
39 | - (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u" | |
40 | for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u". | |
41 | ||
d93656c9 | 42 | 20020105 |
43 | - (bal) NCR requies use_pipes to operate correctly. | |
29525240 | 44 | - (stevesk) fix spurious ; from NCR change. |
d93656c9 | 45 | |
554e28b2 | 46 | 20020103 |
47 | - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from | |
48 | Roger Cornelius <rac@tenzing.org> | |
49 | ||
e9571a2c | 50 | 20011229 |
51 | - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen | |
52 | <vinschen@redhat.com> Could be abused to guess valid usernames | |
929fb284 | 53 | - (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen |
54 | <vinschen@redhat.com> | |
e9571a2c | 55 | |
760edf28 | 56 | 20011228 |
57 | - (djm) Remove recommendation to use GNU make, we should support most | |
58 | make programs. | |
59 | ||
7bec72bc | 60 | 20011225 |
61 | - (stevesk) [Makefile.in ssh-rand-helper.c] | |
62 | portable lib and __progname support for ssh-rand-helper; ok djm@ | |
63 | ||
b8291fa0 | 64 | 20011223 |
65 | - (bal) Removed contrib/chroot.diff and noted in contrib/README that it | |
66 | was not being maintained. | |
67 | ||
46058ce2 | 68 | 20011222 |
69 | - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from | |
70 | solar@openwall.com | |
71 | - (djm) Rework entropy code. If the OpenSSL PRNG is has not been | |
72 | internally seeded, execute a subprogram "ssh-rand-helper" to obtain | |
73 | some entropy for us. Rewrite the old in-process entropy collecter as | |
74 | an example ssh-rand-helper. | |
75 | - (djm) Always perform ssh_prng_cmds path lookups in configure, even if | |
76 | we don't end up using ssh_prng_cmds (so we always get a valid file) | |
77 | ||
5fb9865a | 78 | 20011221 |
79 | - (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X | |
80 | server. I have found this necessary to avoid server hangs with X input | |
81 | extensions (e.g. kinput2). Enable by setting the environment variable | |
82 | "GNOME_SSH_ASKPASS_NOGRAB" | |
805e659f | 83 | - OpenBSD CVS Sync |
84 | - stevesk@cvs.openbsd.org 2001/12/08 17:49:28 | |
85 | [channels.c pathnames.h] | |
86 | use only one path to X11 UNIX domain socket vs. an array of paths | |
87 | to try. report from djast@cs.toronto.edu. ok markus@ | |
2f293d43 | 88 | - markus@cvs.openbsd.org 2001/12/09 18:45:56 |
89 | [auth2.c auth2-chall.c auth.h] | |
90 | add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions, | |
91 | fixes memleak. | |
5e8948af | 92 | - stevesk@cvs.openbsd.org 2001/12/10 16:45:04 |
93 | [sshd.c] | |
94 | possible fd leak on error; ok markus@ | |
cdc95d6e | 95 | - markus@cvs.openbsd.org 2001/12/10 20:34:31 |
96 | [ssh-keyscan.c] | |
97 | check that server supports v1 for -t rsa1, report from wirth@dfki.de | |
fb396518 | 98 | - jakob@cvs.openbsd.org 2001/12/18 10:04:21 |
99 | [auth.h hostfile.c hostfile.h] | |
100 | remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@ | |
306feb91 | 101 | - jakob@cvs.openbsd.org 2001/12/18 10:05:15 |
102 | [auth2.c] | |
103 | log fingerprint on successful public key authentication; ok markus@ | |
46df736f | 104 | - jakob@cvs.openbsd.org 2001/12/18 10:06:24 |
105 | [auth-rsa.c] | |
106 | log fingerprint on successful public key authentication, simplify | |
107 | usage of key structs; ok markus@ | |
184eed6a | 108 | - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 |
109 | [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] | |
110 | [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] | |
111 | [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] | |
112 | [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] | |
113 | [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] | |
114 | [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] | |
115 | [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] | |
116 | [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] | |
117 | basic KNF done while i was looking for something else | |
a10be357 | 118 | - markus@cvs.openbsd.org 2001/12/19 16:09:39 |
119 | [serverloop.c] | |
120 | fix race between SIGCHLD and select with an additional pipe. writing | |
121 | to the pipe on SIGCHLD wakes up select(). using pselect() is not | |
122 | portable and siglongjmp() ugly. W. R. Stevens suggests similar solution. | |
123 | initial idea by pmenage@ensim.com; ok deraadt@, djm@ | |
6c0fa2b1 | 124 | - stevesk@cvs.openbsd.org 2001/12/19 17:16:13 |
125 | [authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c] | |
126 | change the buffer/packet interface to use void* vs. char*; ok markus@ | |
ac151b18 | 127 | - markus@cvs.openbsd.org 2001/12/20 16:37:29 |
128 | [channels.c channels.h session.c] | |
129 | setup x11 listen socket for just one connect if the client requests so. | |
130 | (v2 only, but the openssh client does not support this feature). | |
24ca6821 | 131 | - djm@cvs.openbsd.org 2001/12/20 22:50:24 |
132 | [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] | |
133 | [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] | |
134 | [sshconnect2.c] | |
135 | Conformance fix: we should send failing packet sequence number when | |
136 | responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by | |
137 | yakk@yakk.dot.net; ok markus@ | |
5fb9865a | 138 | |
c9d0ad9b | 139 | 20011219 |
140 | - (stevesk) OpenBSD CVS sync X11 localhost display | |
141 | - stevesk@cvs.openbsd.org 2001/11/29 14:10:51 | |
142 | [channels.h channels.c session.c] | |
143 | sshd X11 fake server will now listen on localhost by default: | |
144 | $ echo $DISPLAY | |
145 | localhost:12.0 | |
146 | $ netstat -an|grep 6012 | |
147 | tcp 0 0 127.0.0.1.6012 *.* LISTEN | |
148 | tcp6 0 0 ::1.6012 *.* LISTEN | |
149 | sshd_config gatewayports=yes can be used to revert back to the old | |
150 | behavior. will control this with another option later. ok markus@ | |
151 | - stevesk@cvs.openbsd.org 2001/12/19 08:43:11 | |
152 | [includes.h session.c] | |
153 | handle utsname.nodename case for FamilyLocal X authorization; ok markus@ | |
154 | ||
3f3ac025 | 155 | 20011207 |
156 | - (bal) PCRE no longer required. Banished from the source along with | |
157 | fake-regex.h | |
c20f63d3 | 158 | - (bal) OpenBSD CVS Sync |
159 | - stevesk@cvs.openbsd.org 2001/12/06 18:02:32 | |
160 | [channels.c sshconnect.c] | |
161 | shutdown(sock, SHUT_RDWR) not needed here; ok markus@ | |
74860245 | 162 | - stevesk@cvs.openbsd.org 2001/12/06 18:09:23 |
163 | [channels.c session.c] | |
164 | strncpy->strlcpy. remaining strncpy's are necessary. ok markus@ | |
d24631c9 | 165 | - stevesk@cvs.openbsd.org 2001/12/06 18:20:32 |
166 | [channels.c] | |
167 | disable nagle for X11 fake server and client TCPs. from netbsd. | |
168 | ok markus@ | |
3f3ac025 | 169 | |
170 | 20011206 | |
6056eb35 | 171 | - (bal) OpenBSD CVS Sync |
172 | - deraadt@cvs.openbsd.org 2001/11/14 20:45:08 | |
173 | [sshd.c] | |
174 | errno saving wrapping in a signal handler | |
0408c978 | 175 | - markus@cvs.openbsd.org 2001/11/16 12:46:13 |
176 | [ssh-keyscan.c] | |
177 | handle empty lines instead of dumping core; report from sha@sha-1.net | |
17a3011c | 178 | - stevesk@cvs.openbsd.org 2001/11/17 19:14:34 |
179 | [auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] | |
180 | enum/int type cleanup where it made sense to do so; ok markus@ | |
7ace8c3b | 181 | - markus@cvs.openbsd.org 2001/11/19 11:20:21 |
182 | [sshd.c] | |
183 | fd leak on HUP; ok stevesk@ | |
8666316a | 184 | - stevesk@cvs.openbsd.org 2001/11/19 18:40:46 |
185 | [ssh-agent.1] | |
186 | clarify/state that private keys are not exposed to clients using the | |
187 | agent; ok markus@ | |
44c2ab73 | 188 | - mpech@cvs.openbsd.org 2001/11/19 19:02:16 |
189 | [deattack.c radix.c] | |
190 | kill more registers | |
191 | millert@ ok | |
2f98d223 | 192 | - markus@cvs.openbsd.org 2001/11/21 15:51:24 |
193 | [key.c] | |
194 | mem leak | |
c840d0ad | 195 | - stevesk@cvs.openbsd.org 2001/11/21 18:49:14 |
196 | [ssh-keygen.1] | |
197 | more on passphrase construction; ok markus@ | |
f48e63c8 | 198 | - stevesk@cvs.openbsd.org 2001/11/22 05:27:29 |
199 | [ssh-keyscan.c] | |
200 | don't use "\n" in fatal() | |
7a934d1b | 201 | - markus@cvs.openbsd.org 2001/11/22 12:34:22 |
202 | [clientloop.c serverloop.c sshd.c] | |
203 | volatile sig_atomic_t | |
58d94604 | 204 | - stevesk@cvs.openbsd.org 2001/11/29 19:06:39 |
205 | [channels.h] | |
206 | remove dead function prototype; ok markus@ | |
2975f58d | 207 | - markus@cvs.openbsd.org 2001/11/29 22:08:48 |
208 | [auth-rsa.c] | |
209 | fix protocol error: send 'failed' message instead of a 2nd challenge | |
210 | (happens if the same key is in authorized_keys twice). | |
211 | reported Ralf_Meister@genua.de; ok djm@ | |
b48eeb07 | 212 | - stevesk@cvs.openbsd.org 2001/11/30 20:39:28 |
213 | [ssh.c] | |
214 | sscanf() length dependencies are clearer now; can also shrink proto | |
215 | and data if desired, but i have not done that. ok markus@ | |
2548961d | 216 | - markus@cvs.openbsd.org 2001/12/01 21:41:48 |
217 | [session.c sshd.8] | |
218 | don't pass user defined variables to /usr/bin/login | |
947b64c7 | 219 | - deraadt@cvs.openbsd.org 2001/12/02 02:08:32 |
220 | [sftp-common.c] | |
221 | zap }; | |
010f9726 | 222 | - itojun@cvs.openbsd.org 2001/12/05 03:50:01 |
223 | [clientloop.c serverloop.c sshd.c] | |
224 | deal with LP64 printf issue with sig_atomic_t. from thorpej | |
d5bb9418 | 225 | - itojun@cvs.openbsd.org 2001/12/05 03:56:39 |
226 | [auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c | |
227 | sshconnect2.c] | |
228 | make it compile with more strict prototype checking | |
6aacefa7 | 229 | - deraadt@cvs.openbsd.org 2001/12/05 10:06:12 |
230 | [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c | |
231 | key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c | |
232 | sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] | |
233 | minor KNF | |
663ebb32 | 234 | - markus@cvs.openbsd.org 2001/12/05 15:04:48 |
235 | [version.h] | |
236 | post 3.0.2 | |
6a92533a | 237 | - markus@cvs.openbsd.org 2001/12/05 16:54:51 |
238 | [compat.c match.c match.h] | |
239 | make theo and djm happy: bye bye regexp | |
2717fa0f | 240 | - markus@cvs.openbsd.org 2001/12/06 13:30:06 |
241 | [servconf.c servconf.h sshd.8 sshd.c] | |
242 | add -o to sshd, too. ok deraadt@ | |
243 | - (bal) Minor white space fix up in servconf.c | |
6056eb35 | 244 | |
ffb8d130 | 245 | 20011126 |
246 | - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, | |
247 | openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c] | |
248 | Allow SSHD to install as service under WIndows 9x/Me | |
249 | [configure.ac] Fix to allow linking against PCRE on Cygwin | |
250 | Patches by Corinna Vinschen <vinschen@redhat.com> | |
251 | ||
20716479 | 252 | 20011115 |
253 | - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian | |
254 | <djast@cs.toronto.edu> Fix from markus@ | |
e41f14ae | 255 | - (djm) Release 3.0.1p1 |
20716479 | 256 | |
9aba5a4d | 257 | 20011113 |
258 | - (djm) Fix early (and double) free of remote user when using Kerberos. | |
259 | Patch from Simon Wilkinson <simon@sxw.org.uk> | |
19e810f6 | 260 | - (djm) AIX login{success,failed} changes. Move loginsuccess call to |
261 | do_authenticated. Call loginfailed for protocol 2 failures > MAX like | |
262 | we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>, | |
263 | K.Wolkersdorfer@fz-juelich.de and others | |
ede8cea6 | 264 | - (djm) OpenBSD CVS Sync |
265 | - dugsong@cvs.openbsd.org 2001/11/11 18:47:10 | |
266 | [auth-krb5.c] | |
267 | fix krb5 authorization check. found by <jhawk@MIT.EDU>. from | |
268 | art@, deraadt@ ok | |
b0248360 | 269 | - markus@cvs.openbsd.org 2001/11/12 11:17:07 |
270 | [servconf.c] | |
271 | enable authorized_keys2 again. tested by fries@ | |
0bbf2240 | 272 | - markus@cvs.openbsd.org 2001/11/13 02:03:57 |
273 | [version.h] | |
274 | enter 3.0.1 | |
86b164b3 | 275 | - (djm) Bump RPM package versions |
9aba5a4d | 276 | |
3e4e3bc8 | 277 | 20011112 |
278 | - (djm) Makefile correctness fix from Mark D. Baushke <mdb@juniper.net> | |
d36ae718 | 279 | - (djm) Cygwin config patch from Corinna Vinschen <vinschen@redhat.com> |
9ae3f727 | 280 | - OpenBSD CVS Sync |
281 | - markus@cvs.openbsd.org 2001/10/24 08:41:41 | |
282 | [sshd.c] | |
283 | mention remote port in debug message | |
f103187f | 284 | - markus@cvs.openbsd.org 2001/10/24 08:41:20 |
285 | [ssh.c] | |
286 | remove unused | |
67b75437 | 287 | - markus@cvs.openbsd.org 2001/10/24 08:51:35 |
288 | [clientloop.c ssh.c] | |
289 | ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@ | |
c6940381 | 290 | - markus@cvs.openbsd.org 2001/10/24 19:57:40 |
291 | [clientloop.c] | |
292 | make ~& (backgrounding) work again for proto v1; add support ~& for v2, too | |
f564d016 | 293 | - markus@cvs.openbsd.org 2001/10/25 21:14:32 |
294 | [ssh-keygen.1 ssh-keygen.c] | |
295 | better docu for fingerprinting, ok deraadt@ | |
e8d59b4d | 296 | - markus@cvs.openbsd.org 2001/10/29 19:27:15 |
297 | [sshconnect2.c] | |
298 | hostbased: check for client hostkey before building chost | |
03cf595c | 299 | - markus@cvs.openbsd.org 2001/10/30 20:29:09 |
300 | [ssh.1] | |
301 | ssh.1 | |
b4b701be | 302 | - markus@cvs.openbsd.org 2001/11/07 16:03:17 |
303 | [packet.c packet.h sshconnect2.c] | |
304 | pad using the padding field from the ssh2 packet instead of sending | |
305 | extra ignore messages. tested against several other ssh servers. | |
10f22cd7 | 306 | - markus@cvs.openbsd.org 2001/11/07 21:40:21 |
307 | [ssh-rsa.c] | |
308 | ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported | |
abc4e9a7 | 309 | - markus@cvs.openbsd.org 2001/11/07 22:10:28 |
310 | [ssh-dss.c ssh-rsa.c] | |
311 | missing free and sync dss/rsa code. | |
713d61f7 | 312 | - markus@cvs.openbsd.org 2001/11/07 22:12:01 |
313 | [sshd.8] | |
314 | s/Keepalive/KeepAlive/; from openbsd@davidkrause.com | |
f98585b0 | 315 | - markus@cvs.openbsd.org 2001/11/07 22:41:51 |
316 | [auth2.c auth-rh-rsa.c] | |
317 | unused includes | |
27c47c0a | 318 | - markus@cvs.openbsd.org 2001/11/07 22:53:21 |
319 | [channels.h] | |
320 | crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com | |
56b551e2 | 321 | - markus@cvs.openbsd.org 2001/11/08 10:51:08 |
322 | [readpass.c] | |
323 | don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. | |
dd58cb5e | 324 | - markus@cvs.openbsd.org 2001/11/08 17:49:53 |
325 | [ssh.1] | |
326 | mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@ | |
fad3754c | 327 | - markus@cvs.openbsd.org 2001/11/08 20:02:24 |
328 | [auth.c] | |
329 | don't print ROOT in CAPS for the authentication messages, i.e. | |
330 | Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2 | |
331 | becomes | |
332 | Accepted publickey for root from 127.0.0.1 port 42734 ssh2 | |
b3ad8fe6 | 333 | - markus@cvs.openbsd.org 2001/11/09 18:59:23 |
334 | [clientloop.c serverloop.c] | |
335 | don't memset too much memory, ok millert@ | |
336 | original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com | |
ac28afd8 | 337 | - markus@cvs.openbsd.org 2001/11/10 13:19:45 |
338 | [sshd.c] | |
e15895cd | 339 | cleanup libwrap support (remove bogus comment, bogus close(), add |
340 | debug, etc). | |
5d4446bf | 341 | - markus@cvs.openbsd.org 2001/11/10 13:22:42 |
342 | [ssh-rsa.c] | |
343 | KNF (unexpand) | |
ec413a68 | 344 | - markus@cvs.openbsd.org 2001/11/10 13:37:20 |
345 | [packet.c] | |
346 | remove extra debug() | |
5df83e07 | 347 | - markus@cvs.openbsd.org 2001/11/11 13:02:31 |
348 | [servconf.c] | |
e15895cd | 349 | make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if |
350 | AuthorizedKeysFile is specified. | |
351 | - (djm) Reorder portable-specific server options so that they come first. | |
352 | This should help reduce diff collisions for new server options (as they | |
353 | will appear at the end) | |
3e4e3bc8 | 354 | |
78afd1dc | 355 | 20011109 |
356 | - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) | |
357 | if permit_empty_passwd == 0 so null password check cannot be bypassed. | |
358 | jayaraj@amritapuri.com OpenBSD bug 2168 | |
30f60c34 | 359 | - markus@cvs.openbsd.org 2001/11/09 19:08:35 |
360 | [sshd.c] | |
361 | remove extra trailing dot from log message; pilot@naughty.monkey.org | |
362 | ||
7c6d759d | 363 | 20011103 |
364 | - (tim) [ contrib/caldera/openssh.spec contrib/caldera/sshd.init] Updates | |
365 | from Raymund Will <ray@caldera.de> | |
366 | [acconfig.h configure.in] Clean up login checks. | |
367 | Problem reported by Jim Knoble <jmknoble@pobox.com> | |
368 | ||
369 | 20011101 | |
58389b85 | 370 | - (djm) Compat define for OpenSSL < 0.9.6 (No OPENSSL_free) |
371 | ||
548fd014 | 372 | 20011031 |
373 | - (djm) Unsmoke drugs: config files should be noreplace. | |
374 | ||
b013a983 | 375 | 20011030 |
376 | - (djm) Redhat RPM spec: remove noreplace from config files, allow IPv6 | |
377 | by default (can force IPv4 using --define "noipv6 1") | |
378 | ||
40d0f6b9 | 379 | 20011029 |
380 | - (tim) [TODO defines.h loginrec.c] Change the references to configure.in | |
381 | to configure.ac | |
382 | ||
9f214051 | 383 | 20011028 |
384 | - (djm) Avoid bug in Solaris PAM libs | |
7eb73cc1 | 385 | - (djm) Disconnect if no tty and PAM reports password expired |
9678565b | 386 | - (djm) Fix for PAM password changes being echoed (from stevesk) |
840ad55e | 387 | - (stevesk) Fix compile problem with PAM password change fix |
37a8edf7 | 388 | - (stevesk) README: zlib location is http://www.gzip.org/zlib/ |
9f214051 | 389 | |
c8c15bcb | 390 | 20011027 |
391 | - (tim) [configure.ac] Fixes for ReliantUNIX (don't use libucb) | |
392 | Patch by Robert Dahlem <Robert.Dahlem@siemens.com> | |
393 | ||
9e127e27 | 394 | 20011026 |
395 | - (bal) Set the correct current time in login_utmp_only(). Patch by | |
396 | Wayne Davison <wayned@users.sourceforge.net> | |
fd96c060 | 397 | - (tim) [scard/Makefile.in] Fix install: when building outside of source |
398 | tree and using --src=/full_path/to/openssh | |
399 | Patch by Mark D. Baushke <mdb@juniper.net> | |
9e127e27 | 400 | |
d321c94b | 401 | 20011025 |
402 | - (bal) Use VDISABLE if _POSIX_VDISABLE is set in readpassphrase.c. Patch | |
403 | by todd@ | |
5a162955 | 404 | - (tim) [configure.ac] Give path given in --with-xxx= for pcre,zlib, and |
405 | tcp-wrappers precedence over system libraries and includes. | |
406 | Report from Dave Dykstra <dwd@bell-labs.com> | |
d321c94b | 407 | |
95c88805 | 408 | 20011024 |
409 | - (bal) Should be 3.0p1 not 3.0p2. Corrected version.h already. | |
451dab40 | 410 | - (tim) configure.in -> configure.ac |
95c88805 | 411 | |
bc86d864 | 412 | 20011023 |
413 | - (bal) Updated version to 3.0p1 in preparing for release. | |
7f0a4ff1 | 414 | - (bal) Added 'PAM_TTY_KLUDGE' to Solaris platform. |
051809f6 | 415 | - (tim) [configure.in] Fix test for broken dirname. Based on patch from |
416 | Dave Dykstra <dwd@bell-labs.com>. Remove un-needed test for zlib.h. | |
417 | [contrib/caldera/openssh.spec, contrib/redhat/openssh.spec, | |
418 | contrib/suse/openssh.spec] Update version to match version.h | |
bc86d864 | 419 | |
ce49121d | 420 | 20011022 |
421 | - (djm) Fix fd leak in loginrec.c (ro fd to lastlog was left open). | |
422 | Report from Michal Zalewski <lcamtuf@coredump.cx> | |
423 | ||
98a7c37b | 424 | 20011021 |
425 | - (tim) [configure.in] Clean up library testing. Add optional PATH to | |
426 | --with-pcre, --with-zlib, and --with-tcp-wrappers. Based on | |
427 | patch by albert chin (china@thewrittenword.com) | |
428 | Re-arange AC_CHECK_HEADERS and AC_CHECK_FUNCS for eaiser reading | |
429 | of patches to configure.in. Replace obsolete AC_STRUCT_ST_BLKSIZE | |
430 | with AC_CHECK_MEMBERS. Add test for broken dirname() on | |
431 | Solaris 2.5.1 by Dan Astoorian <djast@cs.toronto.edu> | |
432 | [acconfig.h aclocal.m4 defines.h configure.in] Better socklen_t test. | |
433 | patch by albert chin (china@thewrittenword.com) | |
434 | [scp.c] Replace obsolete HAVE_ST_BLKSIZE with | |
435 | HAVE_STRUCT_STAT_ST_BLKSIZE. | |
436 | [Makefile.in] When running make in top level, always do make | |
437 | in openbsd-compat. patch by Dave Dykstra <dwd@bell-labs.com> | |
438 | ||
09a3bd6d | 439 | 20011019 |
440 | - (bal) Fixed up init.d symlink issue and piddir stuff. Patches by | |
441 | Zoran Milojevic <Zoran.Milojevic@SS8.com> and j.petersen@msh.de | |
442 | ||
418e724c | 443 | 20011012 |
444 | - (djm) OpenBSD CVS Sync | |
445 | - markus@cvs.openbsd.org 2001/10/10 22:18:47 | |
446 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
447 | [session.c session.h] | |
448 | try to keep channels open until an exit-status message is sent. | |
449 | don't kill the login shells if the shells stdin/out/err is closed. | |
450 | this should now work: | |
451 | ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ? | |
efcc9957 | 452 | - markus@cvs.openbsd.org 2001/10/11 13:45:21 |
453 | [session.c] | |
454 | delay detach of session if a channel gets closed but the child is | |
455 | still alive. however, release pty, since the fd's to the child are | |
456 | already closed. | |
fd6cfbaf | 457 | - markus@cvs.openbsd.org 2001/10/11 15:24:00 |
458 | [clientloop.c] | |
459 | clear select masks if we return before calling select(). | |
b0454d44 | 460 | - (djm) "make veryclean" fix from Tom Holroyd <tomh@po.crl.go.jp> |
aeabbb30 | 461 | - (djm) Clean some autoconf-2.52 junk when doing "make distclean" |
8140f2aa | 462 | - (djm) Cleanup sshpty.c a little |
6e464960 | 463 | - (bal) First wave of contrib/solaris/ package upgrades. Still more |
464 | work needs to be done, but it is a 190% better then the stuff we | |
465 | had before! | |
78c84f13 | 466 | - (bal) Minor bug fix in contrib/solaris/opensshd.in .. $etcdir was not |
467 | set right. | |
418e724c | 468 | |
c48c32c1 | 469 | 20011010 |
470 | - (djm) OpenBSD CVS Sync | |
471 | - markus@cvs.openbsd.org 2001/10/04 14:34:16 | |
472 | [key.c] | |
473 | call OPENSSL_free() for memory allocated by openssl; from chombier@mac.com | |
0c139bd1 | 474 | - markus@cvs.openbsd.org 2001/10/04 15:05:40 |
475 | [channels.c serverloop.c] | |
476 | comment out bogus conditions for selecting on connection_in | |
72176c0e | 477 | - markus@cvs.openbsd.org 2001/10/04 15:12:37 |
478 | [serverloop.c] | |
479 | client_alive_check cleanup | |
a2c92c4a | 480 | - markus@cvs.openbsd.org 2001/10/06 00:14:50 |
481 | [sshconnect.c] | |
482 | remove unused argument | |
05fd093c | 483 | - markus@cvs.openbsd.org 2001/10/06 00:36:42 |
484 | [session.c] | |
485 | fix typo in error message, sync with do_exec_nopty | |
01e9ef57 | 486 | - markus@cvs.openbsd.org 2001/10/06 11:18:19 |
487 | [sshconnect1.c sshconnect2.c sshconnect.c] | |
488 | unify hostkey check error messages, simplify prompt. | |
2cdccb44 | 489 | - markus@cvs.openbsd.org 2001/10/07 10:29:52 |
490 | [authfile.c] | |
491 | grammer; Matthew_Clarke@mindlink.bc.ca | |
639cb8ab | 492 | - markus@cvs.openbsd.org 2001/10/07 17:49:40 |
493 | [channels.c channels.h] | |
494 | avoid possible FD_ISSET overflow for channels established | |
495 | during channnel_after_select() (used for dynamic channels). | |
f3964cb9 | 496 | - markus@cvs.openbsd.org 2001/10/08 11:48:57 |
497 | [channels.c] | |
498 | better debug | |
32af6a3f | 499 | - markus@cvs.openbsd.org 2001/10/08 16:15:47 |
500 | [sshconnect.c] | |
501 | use correct family for -b option | |
dab89049 | 502 | - markus@cvs.openbsd.org 2001/10/08 19:05:05 |
503 | [ssh.c sshconnect.c sshconnect.h ssh-keyscan.c] | |
504 | some more IPv4or6 cleanup | |
505 | - markus@cvs.openbsd.org 2001/10/09 10:12:08 | |
506 | [session.c] | |
507 | chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu | |
01855277 | 508 | - markus@cvs.openbsd.org 2001/10/09 19:32:49 |
509 | [session.c] | |
510 | stat subsystem command before calling do_exec, and return error to client. | |
9d1b2faa | 511 | - markus@cvs.openbsd.org 2001/10/09 19:51:18 |
512 | [serverloop.c] | |
513 | close all channels if the connection to the remote host has been closed, | |
514 | should fix sshd's hanging with WCHAN==wait | |
d5f24f94 | 515 | - markus@cvs.openbsd.org 2001/10/09 21:59:41 |
516 | [channels.c channels.h serverloop.c session.c session.h] | |
517 | simplify session close: no more delayed session_close, no more | |
518 | blocking wait() calls. | |
b6a71cd2 | 519 | - (bal) removed two unsed headers in openbsd-compat/bsd-misc.c |
8782141f | 520 | - (bal) seed_init() and seed_rng() required in ssh-keyscan.c |
c48c32c1 | 521 | |
46dfe5ef | 522 | 20011007 |
523 | - (bal) ssh-copy-id corrected permissions for .ssh/ and authorized_keys. | |
524 | Prompted by Matthew Vernon <matthew@sel.cam.ac.uk> | |
525 | ||
822593d4 | 526 | 20011005 |
527 | - (bal) AES works under Cray, no more hack. | |
528 | ||
63fa6b6c | 529 | 20011004 |
530 | - (bal) nchan2.ms resync. BSD License applied. | |
531 | ||
c8a62153 | 532 | 20011003 |
533 | - (bal) CVS ID fix up in version.h | |
b6350327 | 534 | - (bal) OpenBSD CVS Sync: |
535 | - markus@cvs.openbsd.org 2001/09/27 11:58:16 | |
536 | [compress.c] | |
537 | mem leak; chombier@mac.com | |
538 | - markus@cvs.openbsd.org 2001/09/27 11:59:37 | |
539 | [packet.c] | |
540 | missing called=1; chombier@mac.com | |
aa8003d6 | 541 | - markus@cvs.openbsd.org 2001/09/27 15:31:17 |
542 | [auth2.c auth2-chall.c sshconnect1.c] | |
543 | typos; from solar | |
5b263aae | 544 | - camield@cvs.openbsd.org 2001/09/27 17:53:24 |
545 | [sshd.8] | |
546 | don't talk about compile-time options | |
547 | ok markus@ | |
e99a518a | 548 | - djm@cvs.openbsd.org 2001/09/28 12:07:09 |
549 | [ssh-keygen.c] | |
550 | bzero private key after loading to smartcard; ok markus@ | |
f67792f2 | 551 | - markus@cvs.openbsd.org 2001/09/28 15:46:29 |
552 | [ssh.c] | |
553 | bug: read user config first; report kaukasoi@elektroni.ee.tut.fi | |
5720c10e | 554 | - markus@cvs.openbsd.org 2001/10/01 08:06:28 |
555 | [scp.c] | |
556 | skip filenames containing \n; report jdamery@chiark.greenend.org.uk | |
557 | and matthew@debian.org | |
5e4a7219 | 558 | - markus@cvs.openbsd.org 2001/10/01 21:38:53 |
559 | [channels.c channels.h ssh.c sshd.c] | |
560 | remove ugliness; vp@drexel.edu via angelos | |
8bbc048a | 561 | - markus@cvs.openbsd.org 2001/10/01 21:51:16 |
562 | [readconf.c readconf.h ssh.1 sshconnect.c] | |
563 | add NoHostAuthenticationForLocalhost; note that the hostkey is | |
564 | now check for localhost, too. | |
e0543e42 | 565 | - djm@cvs.openbsd.org 2001/10/02 08:38:50 |
566 | [ssh-add.c] | |
567 | return non-zero exit code on error; ok markus@ | |
e4d7f734 | 568 | - stevesk@cvs.openbsd.org 2001/10/02 22:56:09 |
569 | [sshd.c] | |
570 | #include "channels.h" for channel_set_af() | |
76fbdd47 | 571 | - markus@cvs.openbsd.org 2001/10/03 10:01:20 |
572 | [auth.c] | |
573 | use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp | |
c8a62153 | 574 | |
d9d47a26 | 575 | 20011001 |
576 | - (stevesk) loginrec.c: fix type conversion problems exposed when using | |
577 | 64-bit off_t. | |
578 | ||
d8d6c87e | 579 | 20010929 |
580 | - (bal) move reading 'config.h' up higher. Patch by albert chin | |
581 | <china@thewrittenword.com) | |
582 | ||
fc1fc39e | 583 | 20010928 |
584 | - (djm) OpenBSD CVS sync: | |
585 | - djm@cvs.openbsd.org 2001/09/28 09:49:31 | |
586 | [scard.c] | |
587 | Fix segv when smartcard communication error occurs during key load. | |
588 | ok markus@ | |
e3d5570b | 589 | - (djm) Update spec files for new x11-askpass |
fc1fc39e | 590 | |
8a9ac95d | 591 | 20010927 |
592 | - (stevesk) session.c: declare do_pre_login() before use | |
593 | wayned@users.sourceforge.net | |
594 | ||
aa9f6a6e | 595 | 20010925 |
596 | - (djm) Pull in auth-krb5.c from OpenBSD CVS. NB. it is not currently used. | |
168edd95 | 597 | - (djm) Sync $sysconfdir/moduli |
948fd8b9 | 598 | - (djm) Add AC_SYS_LARGEFILE configure test |
4f9d80ee | 599 | - (djm) Avoid bad and unportable sprintf usage in compat code |
aa9f6a6e | 600 | |
57dade33 | 601 | 20010923 |
602 | - (bal) updated ssh.c to mirror minor getopts 'extern int' formating done | |
603 | by stevesk@ | |
927c3e15 | 604 | - (bal) Removed 'extern int optopt;' since it is dead wood. |
8ead88d3 | 605 | - (bal) Updated all *.specs for 2.9.9p1 and updated version.h |
57dade33 | 606 | |
8ab12eb4 | 607 | 20010923 |
608 | - (bal) OpenBSD CVS Sync | |
609 | - markus@cvs.openbsd.org 2001/09/23 11:09:13 | |
610 | [authfile.c] | |
611 | relax permission check for private key files. | |
157fc8e1 | 612 | - markus@cvs.openbsd.org 2001/09/23 09:58:13 |
613 | [LICENCE] | |
614 | new rijndael implementation | |
8ab12eb4 | 615 | |
64bdafe1 | 616 | 20010920 |
617 | - (tim) [scard/Makefile.in] Don't strip the Java binary | |
4a38efad | 618 | - (stevesk) sun_len, SUN_LEN() configure stuff no longer required |
fc7eca52 | 619 | - (bal) OpenBSD CVS Sync |
620 | - stevesk@cvs.openbsd.org 2001/09/20 00:15:54 | |
621 | [sshd.8] | |
622 | fix ClientAliveCountMax | |
ddcfed57 | 623 | - markus@cvs.openbsd.org 2001/09/20 13:46:48 |
624 | [auth2.c] | |
625 | key_read returns now -1 or 1 | |
bcdb96c2 | 626 | - markus@cvs.openbsd.org 2001/09/20 13:50:40 |
627 | [compat.c compat.h ssh.c] | |
628 | bug compat: request a dummy channel for -N (no shell) sessions + | |
629 | cleanup; vinschen@redhat.com | |
4a778de1 | 630 | - mouring@cvs.openbsd.org 2001/09/20 20:57:51 |
631 | [sshd_config] | |
632 | CheckMail removed. OKed stevesk@ | |
64bdafe1 | 633 | |
4cdbc654 | 634 | 20010919 |
35c69348 | 635 | - (bal) OpenBSD Sync |
4cdbc654 | 636 | - markus@cvs.openbsd.org 2001/09/19 10:08:51 |
637 | [sshd.8] | |
638 | command=xxx applies to subsystem now, too | |
cb8c7bad | 639 | - markus@cvs.openbsd.org 2001/09/19 13:23:29 |
640 | [key.c] | |
641 | key_read() now returns -1 on type mismatch, too | |
e1c5bfaf | 642 | - stevesk@cvs.openbsd.org 2001/09/19 19:24:19 |
643 | [readconf.c readconf.h scp.c sftp.c ssh.1] | |
644 | add ClearAllForwardings ssh option and set it in scp and sftp; ok | |
645 | markus@ | |
f34f05d5 | 646 | - stevesk@cvs.openbsd.org 2001/09/19 19:35:30 |
647 | [authfd.c] | |
648 | use sizeof addr vs. SUN_LEN(addr) for sockaddr_un. Stevens | |
649 | blesses this and we do it this way elsewhere. this helps in | |
650 | portable because not all systems have SUN_LEN() and | |
651 | sockaddr_un.sun_len. ok markus@ | |
2043936f | 652 | - stevesk@cvs.openbsd.org 2001/09/19 21:04:53 |
653 | [sshd.8] | |
654 | missing -t in usage | |
368bae7d | 655 | - stevesk@cvs.openbsd.org 2001/09/19 21:41:57 |
656 | [sshd.8] | |
657 | don't advertise -V in usage; ok markus@ | |
35c69348 | 658 | - (bal) openbsd-compat/vis.[ch] is dead wood. Removed. |
4cdbc654 | 659 | |
d0b19c95 | 660 | 20010918 |
46a831dd | 661 | - (djm) Configure support for smartcards. Based on Ben's work. |
fef4ea6b | 662 | - (djm) Revert setgroups call, it causes problems on OS-X |
46a831dd | 663 | - (djm) Avoid warning on BSDgetopt |
93816ec8 | 664 | - (djm) More makefile infrastructre for smartcard support, also based |
665 | on Ben's work | |
4b255446 | 666 | - (djm) Specify --datadir in RPM spec files so smartcard applet gets |
667 | put somewhere sane. Add Ssh.bin to manifest. | |
69c94072 | 668 | - (djm) Make smartcard support conditional in Redhat RPM spec |
1a77481c | 669 | - (bal) LICENCE update. Has not been done in a while. |
f49df8e9 | 670 | - (stevesk) nchan.c: we use X/Open Sockets on HP-UX now so shutdown(2) |
671 | returns ENOTCONN vs. EINVAL for socket not connected; remove EINVAL | |
672 | check. ok Lutz Jaenicke | |
35c69348 | 673 | - (bal) OpenBSD CVS Sync |
f1278af7 | 674 | - stevesk@cvs.openbsd.org 2001/09/17 17:57:57 |
675 | [scp.1 scp.c sftp.1 sftp.c] | |
676 | add -Fssh_config option; ok markus@ | |
cf54363d | 677 | - stevesk@cvs.openbsd.org 2001/09/17 19:27:15 |
678 | [kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c] | |
679 | u_char*/char* cleanup; ok markus | |
4e842b5e | 680 | - markus@cvs.openbsd.org 2001/09/17 20:22:14 |
681 | [scard.c] | |
682 | never keep a connection to the smartcard open. | |
683 | allows ssh-keygen -D U while the agent is running; report from | |
684 | jakob@ | |
e3c1c3e6 | 685 | - stevesk@cvs.openbsd.org 2001/09/17 20:38:09 |
686 | [sftp.1 sftp.c] | |
687 | cleanup and document -1, -s and -S; ok markus@ | |
f7436b8c | 688 | - markus@cvs.openbsd.org 2001/09/17 20:50:22 |
689 | [key.c ssh-keygen.c] | |
690 | better error handling if you try to export a bad key to ssh.com | |
a5f82435 | 691 | - markus@cvs.openbsd.org 2001/09/17 20:52:47 |
692 | [channels.c channels.h clientloop.c] | |
693 | try to fix agent-forwarding-backconnection-bug, as seen on HPUX, | |
694 | for example; with Lutz.Jaenicke@aet.TU-Cottbus.DE, | |
780a9951 | 695 | - markus@cvs.openbsd.org 2001/09/17 21:04:02 |
696 | [channels.c serverloop.c] | |
697 | don't send fake dummy packets on CR (\r) | |
698 | bugreport from yyua@cs.sfu.ca via solar@@openwall.com | |
b6761a3e | 699 | - markus@cvs.openbsd.org 2001/09/17 21:09:47 |
700 | [compat.c] | |
701 | more versions suffering the SSH_BUG_DEBUG bug; | |
702 | 3.0.x reported by dbutts@maddog.storability.com | |
edaeb835 | 703 | - stevesk@cvs.openbsd.org 2001/09/17 23:56:07 |
704 | [scp.1] | |
705 | missing -B in usage string | |
d0b19c95 | 706 | |
d31a32a4 | 707 | 20010917 |
708 | - (djm) x11-ssh-askpass-1.2.4 in RPM spec, revert workarounds | |
cb547f98 | 709 | - (tim) [includes.h openbsd-compat/getopt.c openbsd-compat/getopt.h] |
710 | rename getopt() to BSDgetopt() to keep form conflicting with | |
711 | system getopt(). | |
712 | [Makefile.in configure.in] disable filepriv until I can add | |
713 | missing procpriv calls. | |
d31a32a4 | 714 | |
95d00a03 | 715 | 20010916 |
716 | - (djm) Workaround XFree breakage in RPM spec file | |
6fcf67f7 | 717 | - (bal) OpenBSD CVS Sync |
718 | - markus@cvs.openbsd.org 2001/09/16 14:46:54 | |
719 | [session.c] | |
720 | calls krb_afslog() after setting $HOME; mattiasa@e.kth.se; fixes | |
721 | pr 1943b | |
95d00a03 | 722 | |
0e0144b7 | 723 | 20010915 |
724 | - (djm) Make do_pre_login static to avoid prototype #ifdef hell | |
0fd6c7a9 | 725 | - (djm) Sync scard/ stuff |
23c098ba | 726 | - (djm) Redhat spec file cleanups from Pekka Savola <pekkas@netcore.fi> and |
727 | Redhat | |
94a29edc | 728 | - (djm) Redhat initscript config sanity checking from Pekka Savola |
729 | <pekkas@netcore.fi> | |
e72ff812 | 730 | - (djm) Clear supplemental groups at sshd start to prevent them from |
731 | being propogated to random PAM modules. Based on patch from Redhat via | |
732 | Pekka Savola <pekkas@netcore.fi> | |
a2cb4268 | 733 | - (djm) Make sure rijndael.c picks config.h |
734 | - (djm) Ensure that u_char gets defined | |
0e0144b7 | 735 | |
dcf29cf8 | 736 | 20010914 |
737 | - (bal) OpenBSD CVS Sync | |
738 | - markus@cvs.openbsd.org 2001/09/13 | |
739 | [rijndael.c rijndael.h] | |
740 | missing $OpenBSD | |
fd022eed | 741 | - markus@cvs.openbsd.org 2001/09/14 |
742 | [session.c] | |
743 | command=xxx overwrites subsystems, too | |
9658ecbc | 744 | - markus@cvs.openbsd.org 2001/09/14 |
745 | [sshd.c] | |
746 | typo | |
fd022eed | 747 | |
88c3bfe0 | 748 | 20010913 |
749 | - (bal) OpenBSD CVS Sync | |
750 | - markus@cvs.openbsd.org 2001/08/23 11:31:59 | |
751 | [cipher.c cipher.h] | |
752 | switch to the optimised AES reference code from | |
753 | http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip | |
754 | ||
5c53a31e | 755 | 20010912 |
756 | - (bal) OpenBSD CVS Sync | |
757 | - jakob@cvs.openbsd.org 2001/08/16 19:18:34 | |
758 | [servconf.c servconf.h session.c sshd.8] | |
759 | deprecate CheckMail. ok markus@ | |
54bf768d | 760 | - stevesk@cvs.openbsd.org 2001/08/16 20:14:57 |
761 | [ssh.1 sshd.8] | |
762 | document case sensitivity for ssh, sshd and key file | |
763 | options and arguments; ok markus@ | |
6d7b3036 | 764 | - stevesk@cvs.openbsd.org 2001/08/17 18:59:47 |
765 | [servconf.h] | |
766 | typo in comment | |
ae897d7c | 767 | - stevesk@cvs.openbsd.org 2001/08/21 21:47:42 |
768 | [ssh.1 sshd.8] | |
769 | minor typos and cleanup | |
c78e5800 | 770 | - stevesk@cvs.openbsd.org 2001/08/22 16:21:21 |
771 | [ssh.1] | |
772 | hostname not optional; ok markus@ | |
9495bfc5 | 773 | - stevesk@cvs.openbsd.org 2001/08/22 16:30:02 |
774 | [sshd.8] | |
775 | no rexd; ok markus@ | |
29999e54 | 776 | - stevesk@cvs.openbsd.org 2001/08/22 17:45:16 |
777 | [ssh.1] | |
778 | document cipher des for protocol 1; ok deraadt@ | |
8fbc356d | 779 | - camield@cvs.openbsd.org 2001/08/23 17:59:31 |
780 | [sshd.c] | |
781 | end request with 0, not NULL | |
782 | ok markus@ | |
d866473d | 783 | - stevesk@cvs.openbsd.org 2001/08/23 18:02:48 |
784 | [ssh-agent.1] | |
785 | fix usage; ok markus@ | |
75304f85 | 786 | - stevesk@cvs.openbsd.org 2001/08/23 18:08:59 |
787 | [ssh-add.1 ssh-keyscan.1] | |
788 | minor cleanup | |
b7f79e7a | 789 | - danh@cvs.openbsd.org 2001/08/27 22:02:13 |
790 | [ssh-keyscan.c] | |
791 | fix memory fault if non-existent filename is given to the -f option | |
792 | ok markus@ | |
14e4a15f | 793 | - markus@cvs.openbsd.org 2001/08/28 09:51:26 |
794 | [readconf.c] | |
795 | don't set DynamicForward unless Host matches | |
e591b98a | 796 | - markus@cvs.openbsd.org 2001/08/28 15:39:48 |
797 | [ssh.1 ssh.c] | |
798 | allow: ssh -F configfile host | |
46660a9e | 799 | - markus@cvs.openbsd.org 2001/08/29 20:44:03 |
800 | [scp.c] | |
801 | clear the malloc'd buffer, otherwise source() will leak malloc'd | |
802 | memory; ok theo@ | |
e675b851 | 803 | - stevesk@cvs.openbsd.org 2001/08/29 23:02:21 |
804 | [sshd.8] | |
805 | add text about -u0 preventing DNS requests; ok markus@ | |
4c780c2a | 806 | - stevesk@cvs.openbsd.org 2001/08/29 23:13:10 |
807 | [ssh.1 ssh.c] | |
808 | document -D and DynamicForward; ok markus@ | |
d2e3df16 | 809 | - stevesk@cvs.openbsd.org 2001/08/29 23:27:23 |
810 | [ssh.c] | |
811 | validate ports for -L/-R; ok markus@ | |
70068acc | 812 | - stevesk@cvs.openbsd.org 2001/08/29 23:39:40 |
813 | [ssh.1 sshd.8] | |
814 | additional documentation for GatewayPorts; ok markus@ | |
ad3e169f | 815 | - naddy@cvs.openbsd.org 2001/08/30 15:42:36 |
816 | [ssh.1] | |
817 | add -D to synopsis line; ok markus@ | |
3a8aabf0 | 818 | - stevesk@cvs.openbsd.org 2001/08/30 16:04:35 |
819 | [readconf.c ssh.1] | |
820 | validate ports for LocalForward/RemoteForward. | |
821 | add host/port alternative syntax for IPv6 (like -L/-R). | |
822 | ok markus@ | |
ed787d14 | 823 | - stevesk@cvs.openbsd.org 2001/08/30 20:36:34 |
824 | [auth-options.c sshd.8] | |
825 | validate ports for permitopen key file option. add host/port | |
826 | alternative syntax for IPv6. ok markus@ | |
4278ff63 | 827 | - markus@cvs.openbsd.org 2001/08/30 22:22:32 |
828 | [ssh-keyscan.c] | |
829 | do not pass pointers to longjmp; fix from wayne@blorf.net | |
6b759005 | 830 | - markus@cvs.openbsd.org 2001/08/31 11:46:39 |
831 | [sshconnect2.c] | |
93111dfa | 832 | disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST |
833 | messages | |
834 | - stevesk@cvs.openbsd.org 2001/09/03 20:58:33 | |
835 | [readconf.c readconf.h ssh.c] | |
836 | fatal() for nonexistent -Fssh_config. ok markus@ | |
91789042 | 837 | - deraadt@cvs.openbsd.org 2001/09/05 06:23:07 |
838 | [scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1] | |
839 | avoid first person in manual pages | |
3a222388 | 840 | - stevesk@cvs.openbsd.org 2001/09/12 18:18:25 |
841 | [scp.c] | |
842 | don't forward agent for non third-party copies; ok markus@ | |
5c53a31e | 843 | |
c6ed03bd | 844 | 20010815 |
845 | - (bal) Fixed stray code in readconf.c that went in by mistake. | |
65e683bd | 846 | - OpenBSD CVS Sync |
847 | - markus@cvs.openbsd.org 2001/08/07 10:37:46 | |
848 | [authfd.c authfd.h] | |
849 | extended failure messages from galb@vandyke.com | |
c7f89f1f | 850 | - deraadt@cvs.openbsd.org 2001/08/08 07:16:58 |
851 | [scp.1] | |
852 | when describing the -o option, give -o Protocol=1 as the specific example | |
853 | since we are SICK AND TIRED of clueless people who cannot have difficulty | |
854 | thinking on their own. | |
f2f1bedd | 855 | - markus@cvs.openbsd.org 2001/08/08 18:20:15 |
856 | [uidswap.c] | |
857 | permanently_set_uid is a noop if user is not privilegued; | |
858 | fixes bug on solaris; from sbi@uchicago.edu | |
58df8789 | 859 | - markus@cvs.openbsd.org 2001/08/08 21:34:19 |
860 | [uidswap.c] | |
861 | undo last change; does not work for sshd | |
c3abff07 | 862 | - jakob@cvs.openbsd.org 2001/08/11 22:51:27 |
863 | [ssh.c tildexpand.c] | |
864 | fix more paths beginning with "//"; <bradshaw@staff.crosswalk.com>. | |
865 | ok markus@ | |
4fa5a4db | 866 | - stevesk@cvs.openbsd.org 2001/08/13 23:38:54 |
867 | [scp.c] | |
868 | don't need main prototype (also sync with rcp); ok markus@ | |
68874d2b | 869 | - markus@cvs.openbsd.org 2001/08/14 09:23:02 |
870 | [sftp.1 sftp-int.c] | |
871 | "bye"; hk63a@netscape.net | |
38539909 | 872 | - stevesk@cvs.openbsd.org 2001/08/14 17:54:29 |
873 | [scp.1 sftp.1 ssh.1] | |
874 | consistent documentation and example of ``-o ssh_option'' for sftp and | |
875 | scp; document keyword=argument for ssh. | |
41cb4569 | 876 | - (bal) QNX resync. OK tim@ |
c6ed03bd | 877 | |
3454ff55 | 878 | 20010814 |
879 | - (stevesk) sshpty.c, cray.[ch]: whitespace, formatting and cleanup | |
880 | for some #ifdef _CRAY code; ok wendyp@cray.com | |
5bd6962b | 881 | - (stevesk) sshpty.c: return 0 on error in cray pty code; |
882 | ok wendyp@cray.com | |
4809bc4c | 883 | - (stevesk) bsd-cray.c: utmp strings are not C strings |
8280a5ae | 884 | - (stevesk) bsd-cray.c: more cleanup; ok wendyp@cray.com |
3454ff55 | 885 | |
d89a02d4 | 886 | 20010812 |
887 | - (djm) Fix detection of long long int support. Based on patch from | |
888 | Michael Stone <mstone@cs.loyola.edu>. ok stevesk, tim | |
889 | ||
7ef909d3 | 890 | 20010808 |
891 | - (bal) Minor correction to inet_ntop.h. _BSD_RRESVPORT_H should be | |
892 | _BSD_INET_NTOP_H. Pointed out by Mark Miller <markm@swoon.net> | |
893 | ||
a704dd54 | 894 | 20010807 |
895 | - (tim) [configure.in sshconnect.c openbsd-compat/Makefile.in | |
896 | openbsd-compat/openbsd-compat.h ] Add inet_ntop.c inet_ntop.h back | |
897 | in. Needed for sshconnect.c | |
898 | [sshconnect.c] fix INET6_ADDRSTRLEN for non IPv6 machines | |
899 | [configure.in] make tests with missing libraries fail | |
900 | patch by Wendy Palm <wendyp@cray.com> | |
901 | Added openbsd-compat/bsd-cray.h. Selective patches from | |
902 | William L. Jones <jones@mail.utexas.edu> | |
903 | ||
4f7893dc | 904 | 20010806 |
905 | - OpenBSD CVS Sync | |
906 | - markus@cvs.openbsd.org 2001/07/22 21:32:27 | |
907 | [sshpty.c] | |
908 | update comment | |
0aea6c59 | 909 | - pvalchev@cvs.openbsd.org 2001/07/22 21:32:42 |
910 | [ssh.1] | |
911 | There is no option "Compress", point to "Compression" instead; ok | |
912 | markus | |
10a2cbef | 913 | - markus@cvs.openbsd.org 2001/07/22 22:04:19 |
914 | [readconf.c ssh.1] | |
915 | enable challenge-response auth by default; ok millert@ | |
248bad82 | 916 | - markus@cvs.openbsd.org 2001/07/22 22:24:16 |
917 | [sshd.8] | |
918 | Xr login.conf | |
9f37c0af | 919 | - markus@cvs.openbsd.org 2001/07/23 09:06:28 |
920 | [sshconnect2.c] | |
921 | reorder default sequence of userauth methods to match ssh behaviour: | |
922 | hostbased,publickey,keyboard-interactive,password | |
29c440a0 | 923 | - markus@cvs.openbsd.org 2001/07/23 12:47:05 |
924 | [ssh.1] | |
925 | sync PreferredAuthentications | |
7fd9477e | 926 | - aaron@cvs.openbsd.org 2001/07/23 14:14:18 |
927 | [ssh-keygen.1] | |
928 | Fix typo. | |
1bdee08c | 929 | - stevesk@cvs.openbsd.org 2001/07/23 18:14:58 |
930 | [auth2.c auth-rsa.c] | |
931 | use %lu; ok markus@ | |
bac2ef55 | 932 | - stevesk@cvs.openbsd.org 2001/07/23 18:21:46 |
933 | [xmalloc.c] | |
934 | no zero size xstrdup() error; ok markus@ | |
55684f0c | 935 | - markus@cvs.openbsd.org 2001/07/25 11:59:35 |
936 | [scard.c] | |
937 | typo in comment | |
ce773142 | 938 | - markus@cvs.openbsd.org 2001/07/25 14:35:18 |
939 | [readconf.c ssh.1 ssh.c sshconnect.c] | |
940 | cleanup connect(); connection_attempts 4 -> 1; from | |
941 | eivind@freebsd.org | |
f87f09aa | 942 | - stevesk@cvs.openbsd.org 2001/07/26 17:18:22 |
943 | [sshd.8 sshd.c] | |
944 | add -t option to test configuration file and keys; pekkas@netcore.fi | |
945 | ok markus@ | |
c42158fe | 946 | - rees@cvs.openbsd.org 2001/07/26 20:04:27 |
947 | [scard.c ssh-keygen.c] | |
948 | Inquire Cyberflex class for 0xf0 cards | |
949 | change aid to conform to 7816-5 | |
950 | remove gratuitous fid selects | |
2e23cde0 | 951 | - millert@cvs.openbsd.org 2001/07/27 14:50:45 |
952 | [ssh.c] | |
953 | If smart card support is compiled in and a smart card is being used | |
954 | for authentication, make it the first method used. markus@ OK | |
0b2988ca | 955 | - deraadt@cvs.openbsd.org 2001/07/27 17:26:16 |
956 | [scp.c] | |
957 | shorten lines | |
7f19f8bb | 958 | - markus@cvs.openbsd.org 2001/07/28 09:21:15 |
959 | [sshd.8] | |
960 | cleanup some RSA vs DSA vs SSH1 vs SSH2 notes | |
79a6cb5c | 961 | - mouring@cvs.openbsd.org 2001/07/29 17:02:46 |
962 | [scp.1] | |
963 | Clarified -o option in scp.1 OKed by Markus@ | |
0b595937 | 964 | - jakob@cvs.openbsd.org 2001/07/30 16:06:07 |
965 | [scard.c scard.h] | |
966 | better errorcodes from sc_*; ok markus@ | |
d6192346 | 967 | - stevesk@cvs.openbsd.org 2001/07/30 16:23:30 |
968 | [rijndael.c rijndael.h] | |
969 | new BSD-style license: | |
970 | Brian Gladman <brg@gladman.plus.com>: | |
971 | >I have updated my code at: | |
972 | >http://fp.gladman.plus.com/cryptography_technology/rijndael/index.htm | |
973 | >with a copyright notice as follows: | |
974 | >[...] | |
975 | >I am not sure which version of my old code you are using but I am | |
976 | >happy for the notice above to be substituted for my existing copyright | |
977 | >intent if this meets your purpose. | |
71b7a18e | 978 | - jakob@cvs.openbsd.org 2001/07/31 08:41:10 |
979 | [scard.c] | |
980 | do not complain about missing smartcards. ok markus@ | |
eea098a3 | 981 | - jakob@cvs.openbsd.org 2001/07/31 09:28:44 |
982 | [readconf.c readconf.h ssh.1 ssh.c] | |
983 | add 'SmartcardDevice' client option to specify which smartcard device | |
984 | is used to access a smartcard used for storing the user's private RSA | |
985 | key. ok markus@. | |
88690211 | 986 | - jakob@cvs.openbsd.org 2001/07/31 12:42:50 |
987 | [sftp-int.c sftp-server.c] | |
988 | avoid paths beginning with "//"; <vinschen@redhat.com> | |
989 | ok markus@ | |
2251e099 | 990 | - jakob@cvs.openbsd.org 2001/07/31 12:53:34 |
991 | [scard.c] | |
992 | close smartcard connection if card is missing | |
9ff6f66f | 993 | - markus@cvs.openbsd.org 2001/08/01 22:03:33 |
994 | [authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c | |
995 | ssh-agent.c ssh.c] | |
996 | use strings instead of ints for smartcard reader ids | |
1930af48 | 997 | - markus@cvs.openbsd.org 2001/08/01 22:16:45 |
998 | [ssh.1 sshd.8] | |
999 | refer to current ietf drafts for protocol v2 | |
4f831fd7 | 1000 | - markus@cvs.openbsd.org 2001/08/01 23:33:09 |
1001 | [ssh-keygen.c] | |
1002 | allow uploading RSA keys for non-default AUT0 (sha1 over passphrase | |
1003 | like sectok). | |
1a23ac2c | 1004 | - markus@cvs.openbsd.org 2001/08/01 23:38:45 |
05b7537a | 1005 | [scard.c ssh.c] |
1006 | support finish rsa keys. | |
1007 | free public keys after login -> call finish -> close smartcard. | |
93a56445 | 1008 | - markus@cvs.openbsd.org 2001/08/02 00:10:17 |
1009 | [ssh-keygen.c] | |
1010 | add -D readerid option (download, i.e. print public RSA key to stdout). | |
1011 | check for card present when uploading keys. | |
1012 | use strings instead of ints for smartcard reader ids, too. | |
285d2b15 | 1013 | - jakob@cvs.openbsd.org 2001/08/02 08:58:35 |
1014 | [ssh-keygen.c] | |
1015 | change -u (upload smartcard key) to -U. ok markus@ | |
58153e34 | 1016 | - jakob@cvs.openbsd.org 2001/08/02 15:06:52 |
1017 | [ssh-keygen.c] | |
1018 | more verbose usage(). ok markus@ | |
f0d6bdcf | 1019 | - jakob@cvs.openbsd.org 2001/08/02 15:07:23 |
1020 | [ssh-keygen.1] | |
1021 | document smartcard upload/download. ok markus@ | |
315dfb04 | 1022 | - jakob@cvs.openbsd.org 2001/08/02 15:32:10 |
1023 | [ssh.c] | |
1024 | add smartcard to usage(). ok markus@ | |
3e984472 | 1025 | - jakob@cvs.openbsd.org 2001/08/02 15:43:57 |
1026 | [ssh-agent.c ssh.c ssh-keygen.c] | |
1027 | add /* SMARTCARD */ to #else/#endif. ok markus@ | |
1a23ac2c | 1028 | - jakob@cvs.openbsd.org 2001/08/02 16:14:05 |
dd2495cb | 1029 | [scard.c ssh-agent.c ssh.c ssh-keygen.c] |
1030 | clean up some /* SMARTCARD */. ok markus@ | |
0f6d5acf | 1031 | - mpech@cvs.openbsd.org 2001/08/02 18:37:35 |
1032 | [ssh-keyscan.1] | |
1033 | o) .Sh AUTHOR -> .Sh AUTHORS; | |
1034 | o) .Sh EXAMPLE -> .Sh EXAMPLES; | |
1035 | o) Delete .Sh OPTIONS. Text moved to .Sh DESCRIPTION; | |
1036 | ||
1037 | millert@ ok | |
5a26334c | 1038 | - jakob@cvs.openbsd.org 2001/08/03 10:31:19 |
1039 | [ssh-add.1] | |
1040 | document smartcard options. ok markus@ | |
33e766d2 | 1041 | - jakob@cvs.openbsd.org 2001/08/03 10:31:30 |
1042 | [ssh-add.c ssh-agent.c ssh-keyscan.c] | |
1043 | improve usage(). ok markus@ | |
5061072f | 1044 | - markus@cvs.openbsd.org 2001/08/05 23:18:20 |
1045 | [ssh-keyscan.1 ssh-keyscan.c] | |
1046 | ssh 2 support; from wayned@users.sourceforge.net | |
578954b1 | 1047 | - markus@cvs.openbsd.org 2001/08/05 23:29:58 |
1048 | [ssh-keyscan.c] | |
1049 | make -t dsa work with commercial servers, too | |
cddb9003 | 1050 | - stevesk@cvs.openbsd.org 2001/08/06 19:47:05 |
1051 | [scp.c] | |
1052 | use alarm vs. setitimer for portable; ok markus@ | |
94796c10 | 1053 | - (bal) ssh-keyscan double -lssh hack due to seed_rng(). |
1a23ac2c | 1054 | - (bal) Second around of UNICOS patches. A few other things left. |
1055 | Patches by William L. Jones <jones@mail.utexas.edu> | |
4f7893dc | 1056 | |
29a47408 | 1057 | 20010803 |
1058 | - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on | |
1059 | a fast UltraSPARC. | |
1060 | ||
42ad0eec | 1061 | 20010726 |
1062 | - (stevesk) use mysignal() in protocol 1 loop now that the SIGCHLD | |
1063 | handler has converged. | |
1064 | ||
aa7dbcdd | 1065 | 20010725 |
1066 | - (bal) Added 'install-nokeys' to Makefile to assist package builders. | |
1067 | ||
0b7d19eb | 1068 | 20010724 |
1069 | - (bal) 4711 not 04711 for ssh binary. | |
1070 | ||
ca5c7d6a | 1071 | 20010722 |
1072 | - (bal) Starting the Unicossmk merger. File merged TODO, configure.in, | |
1073 | myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in. | |
1074 | Added openbsd-compat/bsd-cray.c. Rest will be merged after | |
1075 | approval. Selective patches from William L. Jones | |
1076 | <jones@mail.utexas.edu> | |
7458aff1 | 1077 | - OpenBSD CVS Sync |
1078 | - markus@cvs.openbsd.org 2001/07/18 21:10:43 | |
1079 | [sshpty.c] | |
1080 | pr #1946, allow sshd if /dev is readonly | |
ec9f3450 | 1081 | - stevesk@cvs.openbsd.org 2001/07/18 21:40:40 |
1082 | [ssh-agent.c] | |
1083 | chdir("/") from bbraun@synack.net; ok markus@ | |
5bef3c35 | 1084 | - stevesk@cvs.openbsd.org 2001/07/19 00:41:44 |
1085 | [ssh.1] | |
1086 | escape chars are below now | |
7efa8482 | 1087 | - markus@cvs.openbsd.org 2001/07/20 14:46:11 |
1088 | [ssh-agent.c] | |
1089 | do not exit() from signal handlers; ok deraadt@ | |
491f5f7b | 1090 | - stevesk@cvs.openbsd.org 2001/07/20 18:41:51 |
1091 | [ssh.1] | |
1092 | "the" command line | |
ca5c7d6a | 1093 | |
979b0a64 | 1094 | 20010719 |
1095 | - (tim) [configure.in] put inet_aton back in AC_CHECK_FUNCS. | |
1096 | report from Mark Miller <markm@swoon.net> | |
1097 | ||
6e69a45d | 1098 | 20010718 |
1099 | - OpenBSD CVS Sync | |
2c5b1791 | 1100 | - stevesk@cvs.openbsd.org 2001/07/14 15:10:17 |
1101 | [readpass.c sftp-client.c sftp-common.c sftp-glob.c] | |
1102 | delete spurious #includes; ok deraadt@ markus@ | |
68fa858a | 1103 | - markus@cvs.openbsd.org 2001/07/15 16:17:08 |
2c5b1791 | 1104 | [serverloop.c] |
1105 | schedule client alive for ssh2 only, greg@cheers.bungi.com | |
2c71dfc1 | 1106 | - stevesk@cvs.openbsd.org 2001/07/15 16:57:21 |
1107 | [ssh-agent.1] | |
1108 | -d will not fork; ok markus@ | |
d1fc1b88 | 1109 | - stevesk@cvs.openbsd.org 2001/07/15 16:58:29 |
68fa858a | 1110 | [ssh-agent.c] |
d1fc1b88 | 1111 | typo in usage; ok markus@ |
68fa858a | 1112 | - markus@cvs.openbsd.org 2001/07/17 20:48:42 |
1113 | [ssh-agent.c] | |
e364646f | 1114 | update maxfd if maxfd is closed; report from jmcelroy@dtgnet.com |
68fa858a | 1115 | - markus@cvs.openbsd.org 2001/07/17 21:04:58 |
1116 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
489aa2e9 | 1117 | keep track of both maxfd and the size of the malloc'ed fdsets. |
1118 | update maxfd if maxfd gets closed. | |
c3941fa6 | 1119 | - mouring@cvs.openbsd.org 2001/07/18 16:45:52 |
1120 | [scp.c] | |
1121 | Missing -o in scp usage() | |
68fa858a | 1122 | - (bal) Cleaned up trailing spaces in ChangeLog. |
31fb6aaf | 1123 | - (bal) Allow sshd to switch user context without password for Cygwin. |
1124 | Patch by Corinna Vinschen <vinschen@redhat.com> | |
41fcc457 | 1125 | - (bal) Updated cygwin README and ssh-host-config. Patch by |
ad0cc858 | 1126 | Corinna Vinschen <vinschen@redhat.com> |
6e69a45d | 1127 | |
39c98ef7 | 1128 | 20010715 |
1129 | - (bal) Set "BROKEN_GETADDRINFO" for darwin platform. Reported by | |
1130 | Josh Larios <jdlarios@cac.washington.edu> | |
c14e6239 | 1131 | - (tim) put openssh/openbsd-compat/inet_aton.[ch] back in. |
1132 | needed by openbsd-compat/fake-getaddrinfo.c | |
68fa858a | 1133 | |
6800f427 | 1134 | 20010714 |
1135 | - (stevesk) change getopt() declaration | |
763a1a18 | 1136 | - (stevesk) configure.in: use ll suffix for long long constant |
1137 | in snprintf() test | |
6800f427 | 1138 | |
453b4bd0 | 1139 | 20010713 |
68fa858a | 1140 | - (djm) Enable /etc/nologin check on PAM systems, as some lack the |
1141 | pam_nologin module. Report from William Yodlowsky | |
453b4bd0 | 1142 | <bsd@openbsd.rutgers.edu> |
9912296f | 1143 | - (djm) Revert dirname fix, a better one is on its way. |
1ee482c5 | 1144 | - OpenBSD CVS Sync |
1145 | - markus@cvs.openbsd.org 2001/07/04 22:47:19 | |
1146 | [ssh-agent.c] | |
1147 | ignore SIGPIPE when debugging, too | |
878b5225 | 1148 | - markus@cvs.openbsd.org 2001/07/04 23:13:10 |
1149 | [scard.c scard.h ssh-agent.c] | |
1150 | handle card removal more gracefully, add sc_close() to scard.h | |
77261db4 | 1151 | - markus@cvs.openbsd.org 2001/07/04 23:39:07 |
1152 | [ssh-agent.c] | |
1153 | for smartcards remove both RSA1/2 keys | |
a0e0f486 | 1154 | - markus@cvs.openbsd.org 2001/07/04 23:49:27 |
1155 | [ssh-agent.c] | |
1156 | handle mutiple adds of the same smartcard key | |
62bb2c8f | 1157 | - espie@cvs.openbsd.org 2001/07/05 11:43:33 |
1158 | [sftp-glob.c] | |
1159 | Directly cast to the right type. Ok markus@ | |
1160 | - stevesk@cvs.openbsd.org 2001/07/05 20:32:47 | |
1161 | [sshconnect1.c] | |
1162 | statement after label; ok dugsong@ | |
97de229c | 1163 | - stevesk@cvs.openbsd.org 2001/07/08 15:23:38 |
1164 | [servconf.c] | |
1165 | fix ``MaxStartups max''; ok markus@ | |
f5a1a01a | 1166 | - fgsch@cvs.openbsd.org 2001/07/09 05:58:47 |
1167 | [ssh.c] | |
1168 | Use getopt(3); markus@ ok. | |
ed916b28 | 1169 | - deraadt@cvs.openbsd.org 2001/07/09 07:04:53 |
1170 | [session.c sftp-int.c] | |
1171 | correct type on last arg to execl(); nordin@cse.ogi.edu | |
333b5ba7 | 1172 | - markus@cvs.openbsd.org 2001/07/10 21:49:12 |
1173 | [readpass.c] | |
1174 | don't panic if fork or pipe fail (just return an empty passwd). | |
46d738cd | 1175 | - itojun@cvs.openbsd.org 2001/07/11 00:24:53 |
1176 | [servconf.c] | |
68fa858a | 1177 | make it compilable in all 4 combination of KRB4/KRB5 settings. |
46d738cd | 1178 | dugsong ok |
1179 | XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and | |
1180 | -I/usr/include/kerberosV? | |
afd501f9 | 1181 | - markus@cvs.openbsd.org 2001/07/11 16:29:59 |
1182 | [ssh.c] | |
1183 | sort options string, fix -p, add -k | |
1184 | - markus@cvs.openbsd.org 2001/07/11 18:26:15 | |
1185 | [auth.c] | |
1186 | no need to call dirname(pw->pw_dir). | |
1187 | note that dirname(3) modifies its argument on some systems. | |
82d95536 | 1188 | - (djm) Reorder Makefile.in so clean targets work a little better when |
1189 | run directly from Makefile.in | |
1812a662 | 1190 | - (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension. |
453b4bd0 | 1191 | |
85b08d98 | 1192 | 20010711 |
68fa858a | 1193 | - (djm) dirname(3) may modify its argument on glibc and other systems. |
85b08d98 | 1194 | Patch from markus@, spotted by Tom Holroyd <tomh@po.crl.go.jp> |
1195 | ||
a96070d4 | 1196 | 20010704 |
1197 | - OpenBSD CVS Sync | |
1198 | - markus@cvs.openbsd.org 2001/06/25 08:25:41 | |
68fa858a | 1199 | [channels.c channels.h cipher.c clientloop.c compat.c compat.h |
1200 | hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c | |
a96070d4 | 1201 | session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] |
1202 | update copyright for 2001 | |
8a497b11 | 1203 | - markus@cvs.openbsd.org 2001/06/25 17:18:27 |
1204 | [ssh-keygen.1] | |
68fa858a | 1205 | sshd(8) will never read the private keys, but ssh(1) does; |
8a497b11 | 1206 | hugh@mimosa.com |
6978866a | 1207 | - provos@cvs.openbsd.org 2001/06/25 17:54:47 |
1208 | [auth.c auth.h auth-rsa.c] | |
68fa858a | 1209 | terminate secure_filename checking after checking homedir. that way |
ffb215be | 1210 | it works on AFS. okay markus@ |
1211 | - stevesk@cvs.openbsd.org 2001/06/25 20:26:37 | |
1212 | [auth2.c sshconnect2.c] | |
1213 | prototype cleanup; ok markus@ | |
2b30154a | 1214 | - markus@cvs.openbsd.org 2001/06/26 02:47:07 |
1215 | [ssh-keygen.c] | |
1216 | allow loading a private RSA key to a cyberflex card. | |
ffdb5d70 | 1217 | - markus@cvs.openbsd.org 2001/06/26 04:07:06 |
1218 | [ssh-agent.1 ssh-agent.c] | |
1219 | add debug flag | |
983def13 | 1220 | - markus@cvs.openbsd.org 2001/06/26 04:59:59 |
1221 | [authfd.c authfd.h ssh-add.c] | |
1222 | initial support for smartcards in the agent | |
f7e5ac7b | 1223 | - markus@cvs.openbsd.org 2001/06/26 05:07:43 |
1224 | [ssh-agent.c] | |
1225 | update usage | |
2b5fe3b8 | 1226 | - markus@cvs.openbsd.org 2001/06/26 05:33:34 |
1227 | [ssh-agent.c] | |
1228 | more smartcard support. | |
543baeea | 1229 | - mpech@cvs.openbsd.org 2001/06/26 05:48:07 |
1230 | [sshd.8] | |
1231 | remove unnecessary .Pp between .It; | |
1232 | millert@ ok | |
0c9664c2 | 1233 | - markus@cvs.openbsd.org 2001/06/26 05:50:11 |
1234 | [auth2.c] | |
1235 | new interface for secure_filename() | |
2a1e4639 | 1236 | - itojun@cvs.openbsd.org 2001/06/26 06:32:58 |
68fa858a | 1237 | [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h |
1238 | buffer.h canohost.h channels.h cipher.h clientloop.h compat.h | |
1239 | compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h | |
1240 | hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h | |
2a1e4639 | 1241 | radix.h readconf.h readpass.h rsa.h] |
1242 | prototype pedant. not very creative... | |
1243 | - () -> (void) | |
1244 | - no variable names | |
1c06a9ca | 1245 | - itojun@cvs.openbsd.org 2001/06/26 06:33:07 |
68fa858a | 1246 | [servconf.h serverloop.h session.h sftp-client.h sftp-common.h |
1247 | sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h | |
1c06a9ca | 1248 | ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h] |
1249 | prototype pedant. not very creative... | |
1250 | - () -> (void) | |
1251 | - no variable names | |
ced49be2 | 1252 | - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 |
68fa858a | 1253 | [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h |
ced49be2 | 1254 | servconf.c servconf.h session.c sshconnect1.c sshd.c] |
68fa858a | 1255 | Kerberos v5 support for SSH1, mostly from Assar Westerlund |
ced49be2 | 1256 | <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok |
3474b2b4 | 1257 | - markus@cvs.openbsd.org 2001/06/26 17:25:34 |
1258 | [ssh.1] | |
1259 | document SSH_ASKPASS; fubob@MIT.EDU | |
255cabd9 | 1260 | - markus@cvs.openbsd.org 2001/06/26 17:27:25 |
68fa858a | 1261 | [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h |
1262 | canohost.h channels.h cipher.h clientloop.h compat.h compress.h | |
1263 | crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h | |
1264 | hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h | |
1265 | packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h | |
1266 | session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h | |
1267 | sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h | |
255cabd9 | 1268 | tildexpand.h uidswap.h uuencode.h xmalloc.h] |
1269 | remove comments from .h, since they are cut&paste from the .c files | |
1270 | and out of sync | |
83f46621 | 1271 | - dugsong@cvs.openbsd.org 2001/06/26 17:41:49 |
1272 | [servconf.c] | |
1273 | #include <kafs.h> | |
57156994 | 1274 | - markus@cvs.openbsd.org 2001/06/26 20:14:11 |
1275 | [key.c key.h ssh.c sshconnect1.c sshconnect2.c] | |
1276 | add smartcard support to the client, too (now you can use both | |
1277 | the agent and the client). | |
1278 | - markus@cvs.openbsd.org 2001/06/27 02:12:54 | |
1279 | [serverloop.c serverloop.h session.c session.h] | |
1280 | quick hack to make ssh2 work again. | |
80f8f24f | 1281 | - markus@cvs.openbsd.org 2001/06/27 04:48:53 |
1282 | [auth.c match.c sshd.8] | |
1283 | tridge@samba.org | |
d0bfe096 | 1284 | - markus@cvs.openbsd.org 2001/06/27 05:35:42 |
1285 | [ssh-keygen.c] | |
1286 | use cyberflex_inq_class to inquire class. | |
2b63e803 | 1287 | - markus@cvs.openbsd.org 2001/06/27 05:42:25 |
1288 | [rsa.c rsa.h ssh-agent.c ssh-keygen.c] | |
1289 | s/generate_additional_parameters/rsa_generate_additional_parameters/ | |
1290 | http://www.humppa.com/ | |
34e02b83 | 1291 | - markus@cvs.openbsd.org 2001/06/27 06:26:36 |
1292 | [ssh-add.c] | |
1293 | convert to getopt(3) | |
d3260e12 | 1294 | - stevesk@cvs.openbsd.org 2001/06/28 19:57:35 |
1295 | [ssh-keygen.c] | |
1296 | '\0' terminated data[] is ok; ok markus@ | |
49ccba9c | 1297 | - markus@cvs.openbsd.org 2001/06/29 07:06:34 |
1298 | [ssh-keygen.c] | |
1299 | new error handling for cyberflex_* | |
542d70b8 | 1300 | - markus@cvs.openbsd.org 2001/06/29 07:11:01 |
1301 | [ssh-keygen.c] | |
1302 | initialize early | |
eea46d13 | 1303 | - stevesk@cvs.openbsd.org 2001/06/29 18:38:44 |
1304 | [clientloop.c] | |
1305 | sync function definition with declaration; ok markus@ | |
8ab2cb35 | 1306 | - stevesk@cvs.openbsd.org 2001/06/29 18:40:28 |
1307 | [channels.c] | |
1308 | use socklen_t for getsockopt arg #5; ok markus@ | |
b3f8a79c | 1309 | - stevesk@cvs.openbsd.org 2001/06/30 18:08:40 |
1310 | [channels.c channels.h clientloop.c] | |
1311 | adress -> address; ok markus@ | |
5b5d170c | 1312 | - markus@cvs.openbsd.org 2001/07/02 13:59:15 |
1313 | [serverloop.c session.c session.h] | |
68fa858a | 1314 | wait until !session_have_children(); bugreport from |
5b5d170c | 1315 | Lutz.Jaenicke@aet.TU-Cottbus.DE |
613021ac | 1316 | - markus@cvs.openbsd.org 2001/07/02 22:29:20 |
1317 | [readpass.c] | |
1318 | do not return NULL, use "" instead. | |
666248da | 1319 | - markus@cvs.openbsd.org 2001/07/02 22:40:18 |
1320 | [ssh-keygen.c] | |
1321 | update for sectok.h interface changes. | |
3cf2be58 | 1322 | - markus@cvs.openbsd.org 2001/07/02 22:52:57 |
1323 | [channels.c channels.h serverloop.c] | |
1324 | improve cleanup/exit logic in ssh2: | |
1325 | stop listening to channels, detach channel users (e.g. sessions). | |
1326 | wait for children (i.e. dying sessions), send exit messages, | |
1327 | cleanup all channels. | |
637b033d | 1328 | - (bal) forget a few new files in sync up. |
06be7c3b | 1329 | - (bal) Makefile fix up requires scard.c |
ac96ca42 | 1330 | - (stevesk) sync misc.h |
9c328529 | 1331 | - (stevesk) more sync for session.c |
4f1f4d8d | 1332 | - (stevesk) sync servconf.h (comments) |
afb9165e | 1333 | - (tim) [contrib/caldera/openssh.spec] sync with Caldera |
d9e3d19f | 1334 | - (tim) [openbsd-compat/dirname.h] Remove ^M causing some compilers to |
1335 | issue warning (line 1: tokens ignored at end of directive line) | |
1336 | - (tim) [sshconnect1.c] give the compiler something to do for success: | |
1337 | if KRB5 and AFS are not defined | |
1338 | (ERROR: "sshconnect1.c", line 1274: Syntax error before or at: }) | |
637b033d | 1339 | |
aa8d09da | 1340 | 20010629 |
1341 | - (bal) Removed net_aton() since we don't use it any more | |
64c4b8d7 | 1342 | - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c. |
7af3215a | 1343 | - (bal) Updated zlib's home. Thanks to David Howe <DaveHowe@gmx.co.uk>. |
16adf618 | 1344 | - (stevesk) remove _REENTRANT #define |
16995a2c | 1345 | - (stevesk) session.c: use u_int for envsize |
6a26f353 | 1346 | - (stevesk) remove cli.[ch] |
aa8d09da | 1347 | |
f11065cb | 1348 | 20010628 |
1349 | - (djm) Sync openbsd-compat with -current libc | |
68fa858a | 1350 | - (djm) Fix from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> for my |
050df9db | 1351 | broken makefile |
07608451 | 1352 | - (bal) Removed strtok_r() and inet_ntop() since they are no longer used. |
1353 | - (bal) Remove getusershell() since it's no longer used. | |
f11065cb | 1354 | |
78220944 | 1355 | 20010627 |
1356 | - (djm) Reintroduce pam_session call for non-pty sessions. | |
68fa858a | 1357 | - (djm) Remove redundant and incorrect test for max auth attempts in |
1358 | PAM kbdint code. Based on fix from Matthew Melvin | |
763dfdf0 | 1359 | <matthewm@webcentral.com.au> |
f0194608 | 1360 | - (djm) Rename sysconfdir/primes => sysconfdir/moduli |
68fa858a | 1361 | - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename |
ff4955c9 | 1362 | existing primes->moduli if it exists. |
0eb1a22d | 1363 | - (djm) Sync with -current openbsd-compat/readpassphrase.c: |
1364 | - djm@cvs.openbsd.org 2001/06/27 13:23:30 | |
1365 | typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@ | |
5ed2bb5b | 1366 | - (djm) Turn up warnings if gcc or egcs detected |
b8fea62d | 1367 | - (stevesk) for HP-UX 11.X use X/Open socket interface; |
1368 | pulls in modern socket prototypes and eliminates a number of compiler | |
1369 | warnings. see xopen_networking(7). | |
fef01705 | 1370 | - (stevesk) fix x11 forwarding from _PATH_XAUTH change |
28564873 | 1371 | - (stevesk) use X/Open socket interface for HP-UX 10.X also |
78220944 | 1372 | |
e16f4ac8 | 1373 | 20010625 |
0cd000dd | 1374 | - OpenBSD CVS Sync |
bc233fdf | 1375 | - markus@cvs.openbsd.org 2001/06/21 21:08:25 |
1376 | [session.c] | |
1377 | don't reset forced_command (we allow multiple login shells in | |
1378 | ssh2); dwd@bell-labs.com | |
a5a2da3b | 1379 | - mpech@cvs.openbsd.org 2001/06/22 10:17:51 |
1380 | [ssh.1 sshd.8 ssh-keyscan.1] | |
1381 | o) .Sh AUTHOR -> .Sh AUTHORS; | |
1382 | o) remove unnecessary .Pp; | |
1383 | o) better -mdoc style; | |
1384 | o) typo; | |
1385 | o) sort SEE ALSO; | |
a5a2da3b | 1386 | aaron@ ok |
e2854364 | 1387 | - provos@cvs.openbsd.org 2001/06/22 21:27:08 |
1388 | [dh.c pathnames.h] | |
1389 | use /etc/moduli instead of /etc/primes, okay markus@ | |
e2432638 | 1390 | - provos@cvs.openbsd.org 2001/06/22 21:28:53 |
1391 | [sshd.8] | |
1392 | document /etc/moduli | |
96a7b0cc | 1393 | - markus@cvs.openbsd.org 2001/06/22 21:55:49 |
68fa858a | 1394 | [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config |
96a7b0cc | 1395 | ssh-keygen.1] |
1396 | merge authorized_keys2 into authorized_keys. | |
1397 | authorized_keys2 is used for backward compat. | |
1398 | (just append authorized_keys2 to authorized_keys). | |
826676b3 | 1399 | - provos@cvs.openbsd.org 2001/06/22 21:57:59 |
1400 | [dh.c] | |
1401 | increase linebuffer to deal with larger moduli; use rewind instead of | |
1402 | close/open | |
bc233fdf | 1403 | - markus@cvs.openbsd.org 2001/06/22 22:21:20 |
1404 | [sftp-server.c] | |
1405 | allow long usernames/groups in readdir | |
a599bd06 | 1406 | - markus@cvs.openbsd.org 2001/06/22 23:35:21 |
2e000c58 | 1407 | [ssh.c] |
1408 | don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@ | |
cb220a93 | 1409 | - deraadt@cvs.openbsd.org 2001/06/23 00:16:16 |
1410 | [scp.c] | |
1411 | slightly better care | |
d0c8ca5c | 1412 | - markus@cvs.openbsd.org 2001/06/23 00:20:57 |
1413 | [auth2.c auth.c auth.h auth-rh-rsa.c] | |
1414 | *known_hosts2 is obsolete for hostbased authentication and | |
1415 | only used for backward compat. merge ssh1/2 hostkey check | |
1416 | and move it to auth.c | |
e16f4ac8 | 1417 | - deraadt@cvs.openbsd.org 2001/06/23 02:33:05 |
1418 | [sftp.1 sftp-server.8 ssh-keygen.1] | |
1419 | join .%A entries; most by bk@rt.fm | |
f49bc4f7 | 1420 | - markus@cvs.openbsd.org 2001/06/23 02:34:33 |
68fa858a | 1421 | [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 |
f49bc4f7 | 1422 | sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] |
68fa858a | 1423 | get rid of known_hosts2, use it for hostkey lookup, but do not |
f49bc4f7 | 1424 | modify. |
7d747e89 | 1425 | - markus@cvs.openbsd.org 2001/06/23 03:03:59 |
1426 | [sshd.8] | |
1427 | draft-ietf-secsh-dh-group-exchange-01.txt | |
73473230 | 1428 | - markus@cvs.openbsd.org 2001/06/23 03:04:42 |
1429 | [auth2.c auth-rh-rsa.c] | |
1430 | restore correct ignore_user_known_hosts logic. | |
c10d042a | 1431 | - markus@cvs.openbsd.org 2001/06/23 05:26:02 |
1432 | [key.c] | |
1433 | handle sigature of size 0 (some broken clients send this). | |
7b518233 | 1434 | - deraadt@cvs.openbsd.org 2001/06/23 05:57:09 |
1435 | [sftp.1 sftp-server.8 ssh-keygen.1] | |
1436 | ok, tmac is now fixed | |
2e0becb6 | 1437 | - markus@cvs.openbsd.org 2001/06/23 06:41:10 |
1438 | [ssh-keygen.c] | |
1439 | try to decode ssh-3.0.0 private rsa keys | |
1440 | (allow migration to openssh, not vice versa), #910 | |
396c147e | 1441 | - itojun@cvs.openbsd.org 2001/06/23 15:12:20 |
68fa858a | 1442 | [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c |
1443 | canohost.c channels.c cipher.c clientloop.c deattack.c dh.c | |
1444 | hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c | |
1445 | readpass.c scp.c servconf.c serverloop.c session.c sftp.c | |
1446 | sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c | |
1447 | ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c | |
396c147e | 1448 | ssh-keygen.c ssh-keyscan.c] |
68fa858a | 1449 | more strict prototypes. raise warning level in Makefile.inc. |
396c147e | 1450 | markus ok'ed |
1451 | TODO; cleanup headers | |
a599bd06 | 1452 | - markus@cvs.openbsd.org 2001/06/23 17:05:22 |
1453 | [ssh-keygen.c] | |
1454 | fix import for (broken?) ssh.com/f-secure private keys | |
1455 | (i tested > 1000 RSA keys) | |
3730bb22 | 1456 | - itojun@cvs.openbsd.org 2001/06/23 17:48:18 |
1457 | [sftp.1 ssh.1 sshd.8 ssh-keyscan.1] | |
1458 | kill whitespace at EOL. | |
3aca00a3 | 1459 | - markus@cvs.openbsd.org 2001/06/23 19:12:43 |
1460 | [sshd.c] | |
1461 | pidfile/sigterm race; bbraun@synack.net | |
ce404659 | 1462 | - markus@cvs.openbsd.org 2001/06/23 22:37:46 |
1463 | [sshconnect1.c] | |
1464 | consistent with ssh2: skip key if empty passphrase is entered, | |
1465 | retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@ | |
2cee8a25 | 1466 | - markus@cvs.openbsd.org 2001/06/24 05:25:10 |
1467 | [auth-options.c match.c match.h] | |
1468 | move ip+hostname check to match.c | |
1843a425 | 1469 | - markus@cvs.openbsd.org 2001/06/24 05:35:33 |
1470 | [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c] | |
1471 | switch to readpassphrase(3) | |
1472 | 2.7/8-stable needs readpassphrase.[ch] from libc | |
80097c54 | 1473 | - markus@cvs.openbsd.org 2001/06/24 05:47:13 |
1474 | [sshconnect2.c] | |
1475 | oops, missing format string | |
b4e7177c | 1476 | - markus@cvs.openbsd.org 2001/06/24 17:18:31 |
1477 | [ttymodes.c] | |
1478 | passing modes works fine: debug2->3 | |
ab88181c | 1479 | - (djm) -Wall fix for session.c |
3159d49a | 1480 | - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and |
1481 | Solaris | |
0cd000dd | 1482 | |
7751d4eb | 1483 | 20010622 |
1484 | - (stevesk) handle systems without pw_expire and pw_change. | |
1485 | ||
e04e7a19 | 1486 | 20010621 |
1487 | - OpenBSD CVS Sync | |
1488 | - markus@cvs.openbsd.org 2001/06/16 08:49:38 | |
1489 | [misc.c] | |
1490 | typo; dunlap@apl.washington.edu | |
c03175c6 | 1491 | - markus@cvs.openbsd.org 2001/06/16 08:50:39 |
1492 | [channels.h] | |
1493 | bad //-style comment; thx to stevev@darkwing.uoregon.edu | |
08c260ea | 1494 | - markus@cvs.openbsd.org 2001/06/16 08:57:35 |
1495 | [scp.c] | |
1496 | no stdio or exit() in signal handlers. | |
c4d49b85 | 1497 | - markus@cvs.openbsd.org 2001/06/16 08:58:34 |
1498 | [misc.c] | |
1499 | copy pw_expire and pw_change, too. | |
dac6753b | 1500 | - markus@cvs.openbsd.org 2001/06/19 12:34:09 |
1501 | [session.c] | |
1502 | cleanup forced command handling, from dwd@bell-labs.com | |
ff027d84 | 1503 | - markus@cvs.openbsd.org 2001/06/19 14:09:45 |
1504 | [session.c sshd.8] | |
1505 | disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com | |
c95add71 | 1506 | - markus@cvs.openbsd.org 2001/06/19 15:40:45 |
1507 | [session.c] | |
1508 | allocate and free at the same level. | |
d6746a0b | 1509 | - markus@cvs.openbsd.org 2001/06/20 13:56:39 |
1510 | [channels.c channels.h clientloop.c packet.c serverloop.c] | |
1511 | move from channel_stop_listening to channel_free_all, | |
1512 | call channel_free_all before calling waitpid() in serverloop. | |
1513 | fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE | |
e04e7a19 | 1514 | |
5ad9f968 | 1515 | 20010615 |
1516 | - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL | |
1517 | around grantpt(). | |
f7940aa9 | 1518 | - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now |
5ad9f968 | 1519 | |
eb26141e | 1520 | 20010614 |
1521 | - OpenBSD CVS Sync | |
1522 | - markus@cvs.openbsd.org 2001/06/13 09:10:31 | |
1523 | [session.c] | |
1524 | typo, use pid not s->pid, mstone@cs.loyola.edu | |
1525 | ||
86066315 | 1526 | 20010613 |
eb26141e | 1527 | - OpenBSD CVS Sync |
86066315 | 1528 | - markus@cvs.openbsd.org 2001/06/12 10:58:29 |
1529 | [session.c] | |
1530 | merge session_free into session_close() | |
1531 | merge pty_cleanup_proc into session_pty_cleanup() | |
653d5f86 | 1532 | - markus@cvs.openbsd.org 2001/06/12 16:10:38 |
1533 | [session.c] | |
1534 | merge ssh1/ssh2 tty msg parse and alloc code | |
76735fe3 | 1535 | - markus@cvs.openbsd.org 2001/06/12 16:11:26 |
1536 | [packet.c] | |
1537 | do not log() packet_set_maxsize | |
b44de2b1 | 1538 | - markus@cvs.openbsd.org 2001/06/12 21:21:29 |
1539 | [session.c] | |
1540 | remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since | |
1541 | we do already trust $HOME/.ssh | |
1542 | you can use .ssh/sshrc and .ssh/environment if you want to customize | |
1543 | the location of the xauth cookies | |
7a313633 | 1544 | - markus@cvs.openbsd.org 2001/06/12 21:30:57 |
1545 | [session.c] | |
1546 | unused | |
86066315 | 1547 | |
2c9d881a | 1548 | 20010612 |
38296b32 | 1549 | - scp.c ID update (upstream synced vfsprintf() from us) |
1550 | - OpenBSD CVS Sync | |
2c9d881a | 1551 | - markus@cvs.openbsd.org 2001/06/10 11:29:20 |
1552 | [dispatch.c] | |
1553 | we support rekeying | |
1554 | protocol errors are fatal. | |
1500bcdd | 1555 | - markus@cvs.openbsd.org 2001/06/11 10:18:24 |
1556 | [session.c] | |
1557 | reset pointer to NULL after xfree(); report from solar@openwall.com | |
f740438e | 1558 | - markus@cvs.openbsd.org 2001/06/11 16:04:38 |
1559 | [sshd.8] | |
1560 | typo; bdubreuil@crrel.usace.army.mil | |
2c9d881a | 1561 | |
b4d02860 | 1562 | 20010611 |
68fa858a | 1563 | - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller |
1564 | <markm@swoon.net> | |
224cbdcc | 1565 | - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t |
68fa858a | 1566 | types. Patch by Jan IVEN <Jan.Iven@cern.ch> |
0bb724ce | 1567 | - (bal) Fixed Makefile.in so that 'configure; make install' works. |
b4d02860 | 1568 | |
bf093080 | 1569 | 20010610 |
1570 | - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c | |
1571 | ||
e697bda7 | 1572 | 20010609 |
1573 | - OpenBSD CVS Sync | |
1574 | - markus@cvs.openbsd.org 2001/05/30 12:55:13 | |
68fa858a | 1575 | [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c |
e697bda7 | 1576 | packet.c serverloop.c session.c ssh.c ssh1.h] |
1577 | channel layer cleanup: merge header files and split .c files | |
36e1f6a1 | 1578 | - markus@cvs.openbsd.org 2001/05/30 15:20:10 |
1579 | [ssh.c] | |
1580 | merge functions, simplify. | |
a5efa1bb | 1581 | - markus@cvs.openbsd.org 2001/05/31 10:30:17 |
68fa858a | 1582 | [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c |
a5efa1bb | 1583 | packet.c serverloop.c session.c ssh.c] |
68fa858a | 1584 | undo the .c file split, just merge the header and keep the cvs |
a5efa1bb | 1585 | history |
68fa858a | 1586 | - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged |
8e7895b8 | 1587 | out of ssh Attic) |
68fa858a | 1588 | - (bal) Ooops.. nchan.c (and remove nchan.h) resync from OpenBSD ssh |
a98da4aa | 1589 | Attic. |
1590 | - OpenBSD CVS Sync | |
1591 | - markus@cvs.openbsd.org 2001/05/31 13:08:04 | |
1592 | [sshd_config] | |
1593 | group options and add some more comments | |
e4f7282d | 1594 | - markus@cvs.openbsd.org 2001/06/03 14:55:39 |
1595 | [channels.c channels.h session.c] | |
68fa858a | 1596 | use fatal_register_cleanup instead of atexit, sync with x11 authdir |
e4f7282d | 1597 | handling |
e5b71e99 | 1598 | - markus@cvs.openbsd.org 2001/06/03 19:36:44 |
1599 | [ssh-keygen.1] | |
1600 | 1-2 bits of entrophy per character (not per word), ok stevesk@ | |
4fc334a2 | 1601 | - markus@cvs.openbsd.org 2001/06/03 19:38:42 |
1602 | [scp.c] | |
1603 | pass -v to ssh; from slade@shore.net | |
f5e69c65 | 1604 | - markus@cvs.openbsd.org 2001/06/03 20:06:11 |
1605 | [auth2-chall.c] | |
68fa858a | 1606 | the challenge response device decides how to handle non-existing |
f5e69c65 | 1607 | users. |
1608 | -> fake challenges for skey and cryptocard | |
f0f32b8e | 1609 | - markus@cvs.openbsd.org 2001/06/04 21:59:43 |
1610 | [channels.c channels.h session.c] | |
68fa858a | 1611 | switch uid when cleaning up tmp files and sockets; reported by |
f0f32b8e | 1612 | zen-parse@gmx.net on bugtraq |
c9130033 | 1613 | - markus@cvs.openbsd.org 2001/06/04 23:07:21 |
1614 | [clientloop.c serverloop.c sshd.c] | |
68fa858a | 1615 | set flags in the signal handlers, do real work in the main loop, |
c9130033 | 1616 | ok provos@ |
8dcd9d5c | 1617 | - markus@cvs.openbsd.org 2001/06/04 23:16:16 |
1618 | [session.c] | |
1619 | merge ssh1/2 x11-fwd setup, create listener after tmp-dir | |
aa144206 | 1620 | - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39 |
1621 | [ssh-keyscan.1 ssh-keyscan.c] | |
1622 | License clarification from David Mazieres, ok deraadt@ | |
750c256a | 1623 | - markus@cvs.openbsd.org 2001/06/05 10:24:32 |
1624 | [channels.c] | |
1625 | don't delete the auth socket in channel_stop_listening() | |
1626 | auth_sock_cleanup_proc() will take care of this. | |
fc2a1d28 | 1627 | - markus@cvs.openbsd.org 2001/06/05 16:46:19 |
1628 | [session.c] | |
1629 | let session_close() delete the pty. deny x11fwd if xauthfile is set. | |
d87596b0 | 1630 | - markus@cvs.openbsd.org 2001/06/06 23:13:54 |
1631 | [ssh-dss.c ssh-rsa.c] | |
1632 | cleanup, remove old code | |
edf9ae81 | 1633 | - markus@cvs.openbsd.org 2001/06/06 23:19:35 |
1634 | [ssh-add.c] | |
1635 | remove debug message; Darren.Moffat@eng.sun.com | |
2a6a054e | 1636 | - markus@cvs.openbsd.org 2001/06/07 19:57:53 |
1637 | [auth2.c] | |
1638 | style is used for bsdauth. | |
1639 | disconnect on user/service change (ietf-drafts) | |
449c5ba5 | 1640 | - markus@cvs.openbsd.org 2001/06/07 20:23:05 |
68fa858a | 1641 | [authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c |
449c5ba5 | 1642 | sshconnect.c sshconnect1.c] |
1643 | use xxx_put_cstring() | |
e6abba31 | 1644 | - markus@cvs.openbsd.org 2001/06/07 22:25:02 |
1645 | [session.c] | |
1646 | don't overwrite errno | |
1647 | delay deletion of the xauth cookie | |
fd9ede94 | 1648 | - markus@cvs.openbsd.org 2001/06/08 15:25:40 |
1649 | [includes.h pathnames.h readconf.c servconf.c] | |
1650 | move the path for xauth to pathnames.h | |
0abe778b | 1651 | - (bal) configure.in fix for Tru64 (forgeting to reset $LIB) |
83c17f20 | 1652 | - (bal) ANSIify strmode() |
68fa858a | 1653 | - (bal) --with-catman should be --with-mantype patch by Dave |
1654 | Dykstra <dwd@bell-labs.com> | |
fd9ede94 | 1655 | |
4869a96f | 1656 | 20010606 |
e697bda7 | 1657 | - OpenBSD CVS Sync |
68fa858a | 1658 | - markus@cvs.openbsd.org 2001/05/17 21:34:15 |
e697bda7 | 1659 | [ssh.1] |
68fa858a | 1660 | no spaces in PreferredAuthentications; |
5ba55ada | 1661 | meixner@rbg.informatik.tu-darmstadt.de |
1662 | - markus@cvs.openbsd.org 2001/05/18 14:13:29 | |
68fa858a | 1663 | [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c |
5ba55ada | 1664 | readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] |
1665 | improved kbd-interactive support. work by per@appgate.com and me | |
bc03d5aa | 1666 | - djm@cvs.openbsd.org 2001/05/19 00:36:40 |
1667 | [session.c] | |
1668 | Disable X11 forwarding if xauth binary is not found. Patch from Nalin | |
1669 | Dahyabhai <nalin@redhat.com>; ok markus@ | |
68fa858a | 1670 | - markus@cvs.openbsd.org 2001/05/19 16:05:41 |
1671 | [scp.c] | |
3e4fc5f9 | 1672 | ftruncate() instead of open()+O_TRUNC like rcp.c does |
68fa858a | 1673 | allows scp /path/to/file localhost:/path/to/file |
1674 | - markus@cvs.openbsd.org 2001/05/19 16:08:43 | |
1675 | [sshd.8] | |
a18395da | 1676 | sort options; Matthew.Stier@fnc.fujitsu.com |
68fa858a | 1677 | - markus@cvs.openbsd.org 2001/05/19 16:32:16 |
1678 | [ssh.1 sshconnect2.c] | |
1679 | change preferredauthentication order to | |
1680 | publickey,hostbased,password,keyboard-interactive | |
3398dda9 | 1681 | document that hostbased defaults to no, document order |
47bf6266 | 1682 | - markus@cvs.openbsd.org 2001/05/19 16:46:19 |
68fa858a | 1683 | [ssh.1 sshd.8] |
1684 | document MACs defaults with .Dq | |
1685 | - stevesk@cvs.openbsd.org 2001/05/19 19:43:57 | |
1686 | [misc.c misc.h servconf.c sshd.8 sshd.c] | |
1687 | sshd command-line arguments and configuration file options that | |
1688 | specify time may be expressed using a sequence of the form: | |
e2b1fb42 | 1689 | time[qualifier], where time is a positive integer value and qualifier |
68fa858a | 1690 | is one of the following: |
1691 | <none>,s,m,h,d,w | |
1692 | Examples: | |
1693 | 600 600 seconds (10 minutes) | |
1694 | 10m 10 minutes | |
1695 | 1h30m 1 hour 30 minutes (90 minutes) | |
1696 | ok markus@ | |
7e8c18e9 | 1697 | - stevesk@cvs.openbsd.org 2001/05/19 19:57:09 |
68fa858a | 1698 | [channels.c] |
1699 | typo in error message | |
e697bda7 | 1700 | - markus@cvs.openbsd.org 2001/05/20 17:20:36 |
c8445989 | 1701 | [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 |
1702 | sshd_config] | |
68fa858a | 1703 | configurable authorized_keys{,2} location; originally from peter@; |
1704 | ok djm@ | |
1ddf764b | 1705 | - markus@cvs.openbsd.org 2001/05/24 11:12:42 |
68fa858a | 1706 | [auth.c] |
1707 | fix comment; from jakob@ | |
1708 | - stevesk@cvs.openbsd.org 2001/05/24 18:57:53 | |
1709 | [clientloop.c readconf.c ssh.c ssh.h] | |
4bf9c10e | 1710 | don't perform escape processing when ``EscapeChar none''; ok markus@ |
abe0fb9f | 1711 | - markus@cvs.openbsd.org 2001/05/25 14:37:32 |
68fa858a | 1712 | [ssh-keygen.c] |
1713 | use -P for -e and -y, too. | |
63cd7dd0 | 1714 | - markus@cvs.openbsd.org 2001/05/28 08:04:39 |
68fa858a | 1715 | [ssh.c] |
1716 | fix usage() | |
1717 | - markus@cvs.openbsd.org 2001/05/28 10:08:55 | |
1718 | [authfile.c] | |
eb2e1595 | 1719 | key_load_private: set comment to filename for PEM keys |
2cf27bc4 | 1720 | - markus@cvs.openbsd.org 2001/05/28 22:51:11 |
68fa858a | 1721 | [cipher.c cipher.h] |
1722 | simpler 3des for ssh1 | |
1723 | - markus@cvs.openbsd.org 2001/05/28 23:14:49 | |
1724 | [channels.c channels.h nchan.c] | |
6fd8622b | 1725 | undo broken channel fix and try a different one. there |
68fa858a | 1726 | should be still some select errors... |
1727 | - markus@cvs.openbsd.org 2001/05/28 23:25:24 | |
1728 | [channels.c] | |
1729 | cleanup, typo | |
08dcb5d7 | 1730 | - markus@cvs.openbsd.org 2001/05/28 23:58:35 |
68fa858a | 1731 | [packet.c packet.h sshconnect.c sshd.c] |
1732 | remove some lines, simplify. | |
a10bdd7c | 1733 | - markus@cvs.openbsd.org 2001/05/29 12:31:27 |
68fa858a | 1734 | [authfile.c] |
1735 | typo | |
5ba55ada | 1736 | |
5cde8062 | 1737 | 20010528 |
1738 | - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c | |
1739 | Patch by Corinna Vinschen <vinschen@redhat.com> | |
1740 | ||
362df52e | 1741 | 20010517 |
1742 | - OpenBSD CVS Sync | |
1743 | - markus@cvs.openbsd.org 2001/05/12 19:53:13 | |
1744 | [sftp-server.c] | |
1745 | readlink does not NULL-terminate; mhe@home.se | |
6efa3d14 | 1746 | - deraadt@cvs.openbsd.org 2001/05/15 22:04:01 |
1747 | [ssh.1] | |
1748 | X11 forwarding details improved | |
70ea8327 | 1749 | - markus@cvs.openbsd.org 2001/05/16 20:51:57 |
1750 | [authfile.c] | |
1751 | return comments for private pem files, too; report from nolan@naic.edu | |
24b6b45f | 1752 | - markus@cvs.openbsd.org 2001/05/16 21:53:53 |
1753 | [clientloop.c] | |
1754 | check for open sessions before we call select(); fixes the x11 client | |
1755 | bug reported by bowman@math.ualberta.ca | |
7231bd47 | 1756 | - markus@cvs.openbsd.org 2001/05/16 22:09:21 |
1757 | [channels.c nchan.c] | |
1758 | more select() error fixes (don't set rfd/wfd to -1). | |
7043a38d | 1759 | - (bal) Enabled USE_PIPES for Cygwin on Corinna Vinschen <vinschen@redhat.com> |
68fa858a | 1760 | - (bal) Corrected on_exit() emulation via atexit(). |
362df52e | 1761 | |
89aa792b | 1762 | 20010512 |
1763 | - OpenBSD CVS Sync | |
1764 | - markus@cvs.openbsd.org 2001/05/11 14:59:56 | |
1765 | [clientloop.c misc.c misc.h] | |
1766 | add unset_nonblock for stdout/err flushing in client_loop(). | |
286e38f7 | 1767 | - (bal) Patch to partial sync up contrib/solaris/ packaging software. |
1768 | Patch by pete <ninjaz@webexpress.com> | |
89aa792b | 1769 | |
97430469 | 1770 | 20010511 |
1771 | - OpenBSD CVS Sync | |
1772 | - markus@cvs.openbsd.org 2001/05/09 22:51:57 | |
1773 | [channels.c] | |
1774 | fix -R for protocol 2, noticed by greg@nest.cx. | |
1775 | bug was introduced with experimental dynamic forwarding. | |
a16092bb | 1776 | - markus@cvs.openbsd.org 2001/05/09 23:01:31 |
1777 | [rijndael.h] | |
1778 | fix prototype; J.S.Peatfield@damtp.cam.ac.uk | |
97430469 | 1779 | |
588f4ed0 | 1780 | 20010509 |
1781 | - OpenBSD CVS Sync | |
1782 | - markus@cvs.openbsd.org 2001/05/06 21:23:31 | |
1783 | [cli.c] | |
1784 | cli_read() fails to catch SIGINT + overflow; from obdb@zzlevo.net | |
d18e0850 | 1785 | - markus@cvs.openbsd.org 2001/05/08 19:17:31 |
a01a10dd | 1786 | [channels.c serverloop.c clientloop.c] |
d18e0850 | 1787 | adds correct error reporting to async connect()s |
68fa858a | 1788 | fixes the server-discards-data-before-connected-bug found by |
d18e0850 | 1789 | onoe@sm.sony.co.jp |
8a624ebf | 1790 | - mouring@cvs.openbsd.org 2001/05/08 19:45:25 |
1791 | [misc.c misc.h scp.c sftp.c] | |
1792 | Use addargs() in sftp plus some clean up of addargs(). OK Markus | |
1b02d786 | 1793 | - markus@cvs.openbsd.org 2001/05/06 21:45:14 |
1794 | [clientloop.c] | |
68fa858a | 1795 | use atomicio for flushing stdout/stderr bufs. thanks to |
1b02d786 | 1796 | jbw@izanami.cee.hw.ac.uk |
010980f6 | 1797 | - markus@cvs.openbsd.org 2001/05/08 22:48:07 |
1798 | [atomicio.c] | |
1799 | no need for xmalloc.h, thanks to espie@ | |
68fa858a | 1800 | - (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison |
7e2d5fa4 | 1801 | <wayne@blorf.net> |
99c8ddac | 1802 | - (bal) ./configure support to disable SIA on OSF1. Patch by |
1803 | Chris Adams <cmadams@hiwaay.net> | |
68fa858a | 1804 | - (bal) Updates from the Sony NEWS-OS platform by NAKAJI Hiroyuki |
b81c369b | 1805 | <nakaji@tutrp.tut.ac.jp> |
588f4ed0 | 1806 | |
7b22534a | 1807 | 20010508 |
68fa858a | 1808 | - (bal) Fixed configure test for USE_SIA. |
7b22534a | 1809 | |
94539b2a | 1810 | 20010506 |
1811 | - (djm) Update config.guess and config.sub with latest versions (from | |
1812 | ftp://ftp.gnu.org/gnu/config/) to allow configure on ia64-hpux. | |
1813 | Suggested by Jason Mader <jason@ncac.gwu.edu> | |
96c63318 | 1814 | - (bal) White Space and #ifdef sync with OpenBSD |
044b0662 | 1815 | - (bal) Add 'seed_rng()' to ssh-add.c |
9e9bd8c0 | 1816 | - (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h |
cf7ff074 | 1817 | - OpenBSD CVS Sync |
1818 | - stevesk@cvs.openbsd.org 2001/05/05 13:42:52 | |
1819 | [sftp.1 ssh-add.1 ssh-keygen.1] | |
1820 | typos, grammar | |
94539b2a | 1821 | |
98143cfc | 1822 | 20010505 |
1823 | - OpenBSD CVS Sync | |
1824 | - stevesk@cvs.openbsd.org 2001/05/04 14:21:56 | |
1825 | [ssh.1 sshd.8] | |
1826 | typos | |
5b9601c8 | 1827 | - markus@cvs.openbsd.org 2001/05/04 14:34:34 |
1828 | [channels.c] | |
94539b2a | 1829 | channel_new() reallocs channels[], we cannot use Channel *c after |
1830 | calling channel_new(), XXX fix this in the future... | |
719fc62f | 1831 | - markus@cvs.openbsd.org 2001/05/04 23:47:34 |
1832 | [channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c] | |
68fa858a | 1833 | move to Channel **channels (instead of Channel *channels), fixes realloc |
1834 | problems. channel_new now returns a Channel *, favour Channel * over | |
719fc62f | 1835 | channel id. remove old channel_allocate interface. |
98143cfc | 1836 | |
f92fee1f | 1837 | 20010504 |
1838 | - OpenBSD CVS Sync | |
1839 | - stevesk@cvs.openbsd.org 2001/05/03 15:07:39 | |
1840 | [channels.c] | |
1841 | typo in debug() string | |
503e7e5b | 1842 | - markus@cvs.openbsd.org 2001/05/03 15:45:15 |
1843 | [session.c] | |
1844 | exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au | |
c98cab9b | 1845 | - stevesk@cvs.openbsd.org 2001/05/03 21:43:01 |
1846 | [servconf.c] | |
1847 | remove "\n" from fatal() | |
1fcde3fe | 1848 | - mouring@cvs.openbsd.org 2001/05/03 23:09:53 |
1849 | [misc.c misc.h scp.c sftp.c] | |
1850 | Move colon() and cleanhost() to misc.c where I should I have put it in | |
1851 | the first place | |
044aa419 | 1852 | - (bal) Updated Cygwin README by Corinna Vinschen <vinschen@redhat.com> |
c7ccfd39 | 1853 | - (bal) Avoid socket file security issues in ssh-agent for Cygwin. |
1854 | Patch by Egor Duda <deo@logos-m.ru> | |
f92fee1f | 1855 | |
065604bb | 1856 | 20010503 |
1857 | - OpenBSD CVS Sync | |
1858 | - markus@cvs.openbsd.org 2001/05/02 16:41:20 | |
1859 | [ssh-add.c] | |
1860 | fix prompt for ssh-add. | |
1861 | ||
742ee8f2 | 1862 | 20010502 |
1863 | - OpenBSD CVS Sync | |
1864 | - mouring@cvs.openbsd.org 2001/05/02 01:25:39 | |
1865 | [readpass.c] | |
1866 | Put the 'const' back into ssh_askpass() function. Pointed out | |
1867 | by Mark Miller <markm@swoon.net>. OK Markus | |
1868 | ||
3435f5a6 | 1869 | 20010501 |
1870 | - OpenBSD CVS Sync | |
1871 | - markus@cvs.openbsd.org 2001/04/30 11:18:52 | |
1872 | [readconf.c readconf.h ssh.1 ssh.c sshconnect.c] | |
1873 | implement 'ssh -b bind_address' like 'telnet -b' | |
eef7adcb | 1874 | - markus@cvs.openbsd.org 2001/04/30 15:50:46 |
1875 | [compat.c compat.h kex.c] | |
1876 | allow interop with weaker key generation used by ssh-2.0.x, x < 10 | |
ec430473 | 1877 | - markus@cvs.openbsd.org 2001/04/30 16:02:49 |
1878 | [compat.c] | |
1879 | ssh-2.0.10 has the weak-key-bug, too. | |
3ca6cc45 | 1880 | - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1 |
3435f5a6 | 1881 | |
e8171bff | 1882 | 20010430 |
39aefe7b | 1883 | - OpenBSD CVS Sync |
1884 | - markus@cvs.openbsd.org 2001/04/29 18:32:52 | |
1885 | [serverloop.c] | |
1886 | fix whitespace | |
fbe90f7b | 1887 | - markus@cvs.openbsd.org 2001/04/29 19:16:52 |
1888 | [channels.c clientloop.c compat.c compat.h serverloop.c] | |
1889 | more ssh.com-2.0.x bug-compat; from per@appgate.com | |
e8171bff | 1890 | - (tim) New version of mdoc2man.pl from Mark D. Roth <roth+openssh@feep.net> |
0b47e48f | 1891 | - (djm) Add .cvsignore files, suggested by Wayne Davison <wayne@blorf.net> |
39aefe7b | 1892 | |
baf8c81a | 1893 | 20010429 |
1894 | - (bal) Updated INSTALL. PCRE moved to a new place. | |
e878ffe1 | 1895 | - (djm) Release OpenSSH-2.9p1 |
baf8c81a | 1896 | |
0096ac62 | 1897 | 20010427 |
1898 | - (bal) Fixed uidswap.c so it should work on non-posix complient systems. | |
1899 | patch based on 2.5.2 version by djm. | |
95595a77 | 1900 | - (bal) Build manpages and config files once unless changed. Patch by |
1901 | Carson Gaspar <carson@taltos.org> | |
68fa858a | 1902 | - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna |
4a2df58f | 1903 | Vinschen <vinschen@redhat.com> |
5ef815d7 | 1904 | - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by |
1905 | Pekka Savola <pekkas@netcore.fi> | |
68fa858a | 1906 | - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen |
229be2df | 1907 | <vinschen@redhat.com> |
cc3ccfdc | 1908 | - (bal) version.h synced, RPM specs updated for 2.9 |
b1e2a48c | 1909 | - (tim) update contrib/caldera files with what Caldera is using. |
1910 | <sps@caldera.de> | |
0096ac62 | 1911 | |
b587c165 | 1912 | 20010425 |
1913 | - OpenBSD CVS Sync | |
1914 | - markus@cvs.openbsd.org 2001/04/23 21:57:07 | |
1915 | [ssh-keygen.1 ssh-keygen.c] | |
1916 | allow public key for -e, too | |
012bc0e1 | 1917 | - markus@cvs.openbsd.org 2001/04/23 22:14:13 |
1918 | [ssh-keygen.c] | |
1919 | remove debug | |
f8252c48 | 1920 | - (bal) Whitespace resync w/ OpenBSD for uidswap.c |
10f72868 | 1921 | - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt' |
68fa858a | 1922 | (default: off), implies KbdInteractiveAuthentication. Suggestion from |
10f72868 | 1923 | markus@ |
c2d059b5 | 1924 | - (djm) Include crypt.h if available in auth-passwd.c |
533875af | 1925 | - tim@mindrot.org 2001/04/25 21:38:01 [configure.in] |
1926 | man page detection fixes for SCO | |
b587c165 | 1927 | |
da89cf4d | 1928 | 20010424 |
1929 | - OpenBSD CVS Sync | |
1930 | - markus@cvs.openbsd.org 2001/04/22 23:58:36 | |
1931 | [ssh-keygen.1 ssh.1 sshd.8] | |
1932 | document hostbased and other cleanup | |
5e29aeaf | 1933 | - (stevesk) start_pam() doesn't use DNS now for sshd -u0. |
3cc990d7 | 1934 | - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD |
68fa858a | 1935 | - (bal) sys/queue.h is bogus for NCR platform. Patch by Daniel Carroll |
d8e76a0a | 1936 | <dan@mesastate.edu> |
3644dc25 | 1937 | - (bal) Fixed contrib/postinstall.in. Patch by wsanders@wsanders.net |
da89cf4d | 1938 | |
a3626e12 | 1939 | 20010422 |
1940 | - OpenBSD CVS Sync | |
1941 | - markus@cvs.openbsd.org 2001/04/20 16:32:22 | |
1942 | [uidswap.c] | |
1943 | set non-privileged gid before uid; tholo@ and deraadt@ | |
1a726b04 | 1944 | - mouring@cvs.openbsd.org 2001/04/21 00:55:57 |
1945 | [sftp.1] | |
1946 | Spelling | |
67b964a1 | 1947 | - djm@cvs.openbsd.org 2001/04/22 08:13:30 |
1948 | [ssh.1] | |
1949 | typos spotted by stevesk@; ok deraadt@ | |
ba917921 | 1950 | - markus@cvs.openbsd.org 2001/04/22 12:34:05 |
1951 | [scp.c] | |
1952 | scp > 2GB; niles@scyld.com; ok deraadt@, djm@ | |
5deceabb | 1953 | - markus@cvs.openbsd.org 2001/04/22 13:25:37 |
1954 | [ssh-keygen.1 ssh-keygen.c] | |
1955 | rename arguments -x -> -e (export key), -X -> -i (import key) | |
1956 | xref draft-ietf-secsh-publickeyfile-01.txt | |
2cad6cef | 1957 | - markus@cvs.openbsd.org 2001/04/22 13:32:27 |
1958 | [sftp-server.8 sftp.1 ssh.1 sshd.8] | |
1959 | xref draft-ietf-secsh-* | |
bcaa828e | 1960 | - markus@cvs.openbsd.org 2001/04/22 13:41:02 |
1961 | [ssh-keygen.1 ssh-keygen.c] | |
1962 | style, noted by stevesk; sort flags in usage | |
a3626e12 | 1963 | |
df841692 | 1964 | 20010421 |
1965 | - OpenBSD CVS Sync | |
1966 | - djm@cvs.openbsd.org 2001/04/20 07:17:51 | |
1967 | [clientloop.c ssh.1] | |
1968 | Split out and improve escape character documentation, mention ~R in | |
1969 | ~? help text; ok markus@ | |
0e7e0abe | 1970 | - Update RPM spec files for CVS version.h |
1ddee76b | 1971 | - (stevesk) set the default PAM service name to __progname instead |
1972 | of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net> | |
4b28be2c | 1973 | - (stevesk) document PAM service name change in INSTALL |
13dd877b | 1974 | - tim@mindrot.org 2001/04/21 14:25:57 [Makefile.in configure.in] |
1975 | fix perl test, fix nroff test, fix Makefile to build outside source tree | |
df841692 | 1976 | |
05cc0c99 | 1977 | 20010420 |
68fa858a | 1978 | - OpenBSD CVS Sync |
05cc0c99 | 1979 | - ian@cvs.openbsd.org 2001/04/18 16:21:05 |
68fa858a | 1980 | [ssh-keyscan.1] |
1981 | Fix typo reported in PR/1779 | |
1982 | - markus@cvs.openbsd.org 2001/04/18 21:57:42 | |
1983 | [readpass.c ssh-add.c] | |
561e5254 | 1984 | call askpass from ssh, too, based on work by roth@feep.net, ok deraadt |
68fa858a | 1985 | - markus@cvs.openbsd.org 2001/04/18 22:03:45 |
1986 | [auth2.c sshconnect2.c] | |
f98c3421 | 1987 | use FDQN with trailing dot in the hostbased auth packets, ok deraadt@ |
57a5edd8 | 1988 | - markus@cvs.openbsd.org 2001/04/18 22:48:26 |
68fa858a | 1989 | [auth2.c] |
1990 | no longer const | |
1991 | - markus@cvs.openbsd.org 2001/04/18 23:43:26 | |
1992 | [auth2.c compat.c sshconnect2.c] | |
1993 | more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now | |
8dddf799 | 1994 | (however the 2.1.0 server seems to work only if debug is enabled...) |
ae88ea7e | 1995 | - markus@cvs.openbsd.org 2001/04/18 23:44:51 |
68fa858a | 1996 | [authfile.c] |
1997 | error->debug; noted by fries@ | |
1998 | - markus@cvs.openbsd.org 2001/04/19 00:05:11 | |
1999 | [auth2.c] | |
2000 | use local variable, no function call needed. | |
5cf13595 | 2001 | (btw, hostbased works now with ssh.com >= 2.0.13) |
431a2493 | 2002 | - (bal) Put scp-common.h back into scp.c (it exists in the upstream |
2003 | tree) pointed out by Tom Holroyd <tomh@po.crl.go.jp> | |
05cc0c99 | 2004 | |
e78e738a | 2005 | 20010418 |
68fa858a | 2006 | - OpenBSD CVS Sync |
e78e738a | 2007 | - markus@cvs.openbsd.org 2001/04/17 19:34:25 |
3a83b819 | 2008 | [session.c] |
2009 | move auth_approval to do_authenticated(). | |
2010 | do_child(): nuke hostkeys from memory | |
2011 | don't source .ssh/rc for subsystems. | |
2012 | - markus@cvs.openbsd.org 2001/04/18 14:15:00 | |
2013 | [canohost.c] | |
2014 | debug->debug3 | |
ce2af031 | 2015 | - (bal) renabled 'catman-do:' and fixed it. So now catman pages should |
2016 | be working again. | |
e0c4d3ac | 2017 | - (bal) Makfile day... Cleaned up multiple mantype support (Patch by |
2018 | Mark D. Roth <roth+openssh@feep.net>), and fixed PIDDIR support. | |
3a83b819 | 2019 | |
8c6b78e4 | 2020 | 20010417 |
2021 | - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in | |
6d165a89 | 2022 | and temporary commented out 'catman-do:' since it is broken. Patches |
8c6b78e4 | 2023 | for the first two by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a88b7b57 | 2024 | - OpenBSD CVS Sync |
53b8fe68 | 2025 | - deraadt@cvs.openbsd.org 2001/04/16 08:26:04 |
2026 | [key.c] | |
2027 | better safe than sorry in later mods; yongari@kt-is.co.kr | |
2028 | - markus@cvs.openbsd.org 2001/04/17 08:14:01 | |
2029 | [sshconnect1.c] | |
2030 | check for key!=NULL, thanks to costa | |
2031 | - markus@cvs.openbsd.org 2001/04/17 09:52:48 | |
2032 | [clientloop.c] | |
cf6bc93c | 2033 | handle EINTR/EAGAIN on read; ok deraadt@ |
53b8fe68 | 2034 | - markus@cvs.openbsd.org 2001/04/17 10:53:26 |
2035 | [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c] | |
e961a8f9 | 2036 | add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@ |
53b8fe68 | 2037 | - markus@cvs.openbsd.org 2001/04/17 12:55:04 |
2038 | [channels.c ssh.c] | |
2039 | undo socks5 and https support since they are not really used and | |
2040 | only bloat ssh. remove -D from usage(), since '-D' is experimental. | |
2041 | ||
e4664c3e | 2042 | 20010416 |
2043 | - OpenBSD CVS Sync | |
2044 | - stevesk@cvs.openbsd.org 2001/04/15 01:35:22 | |
2045 | [ttymodes.c] | |
2046 | fix comments | |
ec1f12d3 | 2047 | - markus@cvs.openbsd.org 2001/04/15 08:43:47 |
2048 | [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] | |
2049 | some unused variable and typos; from tomh@po.crl.go.jp | |
58cfa257 | 2050 | - markus@cvs.openbsd.org 2001/04/15 16:58:03 |
2051 | [authfile.c ssh-keygen.c sshd.c] | |
2052 | don't use errno for key_{load,save}_private; discussion w/ solar@openwall | |
e968270c | 2053 | - markus@cvs.openbsd.org 2001/04/15 17:16:00 |
2054 | [clientloop.c] | |
2055 | set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@ | |
2056 | should fix some of the blocking problems for rsync over SSH-1 | |
84fc17bf | 2057 | - stevesk@cvs.openbsd.org 2001/04/15 19:41:21 |
2058 | [sshd.8] | |
2059 | some ClientAlive cleanup; ok markus@ | |
b7c70970 | 2060 | - stevesk@cvs.openbsd.org 2001/04/15 21:28:35 |
2061 | [readconf.c servconf.c] | |
2062 | use fatal() or error() vs. fprintf(); ok markus@ | |
5d97cfbf | 2063 | - (djm) Convert mandoc manpages to man automatically. Patch from Mark D. |
2064 | Roth <roth+openssh@feep.net> | |
6023325e | 2065 | - (bal) CVS ID fix up and slight manpage fix from OpenBSD tree. |
47b53518 | 2066 | - (djm) OpenBSD CVS Sync |
2067 | - mouring@cvs.openbsd.org 2001/04/16 02:31:44 | |
2068 | [scp.c sftp.c] | |
2069 | IPv6 support for sftp (which I bungled in my last patch) which is | |
2070 | borrowed from scp.c. Thanks to Markus@ for pointing it out. | |
764291b3 | 2071 | - deraadt@cvs.openbsd.org 2001/04/16 08:05:34 |
2072 | [xmalloc.c] | |
2073 | xrealloc dealing with ptr == nULL; mouring | |
f2c2fd71 | 2074 | - djm@cvs.openbsd.org 2001/04/16 08:19:31 |
2075 | [session.c] | |
68fa858a | 2076 | Split motd and hushlogin checks into seperate functions, helps for |
f2c2fd71 | 2077 | portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@ |
68fa858a | 2078 | - Fix OSF SIA support displaying too much information for quiet |
2079 | logins and logins where access was denied by SIA. Patch from Chris Adams | |
c96a4aaf | 2080 | <cmadams@hiwaay.net> |
e4664c3e | 2081 | |
f03228b1 | 2082 | 20010415 |
2083 | - OpenBSD CVS Sync | |
2084 | - deraadt@cvs.openbsd.org 2001/04/14 04:31:01 | |
2085 | [ssh-add.c] | |
2086 | do not double free | |
9cf972fa | 2087 | - markus@cvs.openbsd.org 2001/04/14 16:17:14 |
2088 | [channels.c] | |
2089 | remove some channels that are not appropriate for keepalive. | |
eae942e2 | 2090 | - markus@cvs.openbsd.org 2001/04/14 16:27:57 |
2091 | [ssh-add.c] | |
2092 | use clear_pass instead of xfree() | |
30dcc918 | 2093 | - stevesk@cvs.openbsd.org 2001/04/14 16:33:20 |
2094 | [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h] | |
2095 | protocol 2 tty modes support; ok markus@ | |
36967a16 | 2096 | - stevesk@cvs.openbsd.org 2001/04/14 17:04:42 |
2097 | [scp.c] | |
2098 | 'T' handling rcp/scp sync; ok markus@ | |
e4664c3e | 2099 | - Missed sshtty.[ch] in Sync. |
f03228b1 | 2100 | |
e400a640 | 2101 | 20010414 |
2102 | - Sync with OpenBSD glob.c, strlcat.c and vis.c changes | |
68fa858a | 2103 | - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen |
fe56c12b | 2104 | <vinschen@redhat.com> |
3ffc6336 | 2105 | - OpenBSD CVS Sync |
2106 | - beck@cvs.openbsd.org 2001/04/13 22:46:54 | |
2107 | [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8] | |
2108 | Add options ClientAliveInterval and ClientAliveCountMax to sshd. | |
2109 | This gives the ability to do a "keepalive" via the encrypted channel | |
2110 | which can't be spoofed (unlike TCP keepalives). Useful for when you want | |
2111 | to use ssh connections to authenticate people for something, and know | |
2112 | relatively quickly when they are no longer authenticated. Disabled | |
2113 | by default (of course). ok markus@ | |
e400a640 | 2114 | |
cc44f691 | 2115 | 20010413 |
68fa858a | 2116 | - OpenBSD CVS Sync |
2117 | - markus@cvs.openbsd.org 2001/04/12 14:29:09 | |
2118 | [ssh.c] | |
2119 | show debug output during option processing, report from | |
cc44f691 | 2120 | pekkas@netcore.fi |
8002af61 | 2121 | - markus@cvs.openbsd.org 2001/04/12 19:15:26 |
68fa858a | 2122 | [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h |
2123 | compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h | |
2124 | servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c | |
8002af61 | 2125 | sshconnect2.c sshd_config] |
2126 | implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) | |
2127 | similar to RhostRSAAuthentication unless you enable (the experimental) | |
2128 | HostbasedUsesNameFromPacketOnly option. please test. :) | |
0140e66a | 2129 | - markus@cvs.openbsd.org 2001/04/12 19:39:27 |
2130 | [readconf.c] | |
2131 | typo | |
2d2a2c65 | 2132 | - stevesk@cvs.openbsd.org 2001/04/12 20:09:38 |
2133 | [misc.c misc.h readconf.c servconf.c ssh.c sshd.c] | |
2134 | robust port validation; ok markus@ jakob@ | |
edeeab1e | 2135 | - mouring@cvs.openbsd.org 2001/04/12 23:17:54 |
2136 | [sftp-int.c sftp-int.h sftp.1 sftp.c] | |
2137 | Add support for: | |
2138 | sftp [user@]host[:file [file]] - Fetch remote file(s) | |
2139 | sftp [user@]host[:dir[/]] - Start in remote dir/ | |
2140 | OK deraadt@ | |
57aa8961 | 2141 | - stevesk@cvs.openbsd.org 2001/04/13 01:26:17 |
2142 | [ssh.c] | |
2143 | missing \n in error message | |
96f8b59f | 2144 | - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others) |
2145 | lack it. | |
cc44f691 | 2146 | |
28b9cb4d | 2147 | 20010412 |
68fa858a | 2148 | - OpenBSD CVS Sync |
28b9cb4d | 2149 | - markus@cvs.openbsd.org 2001/04/10 07:46:58 |
68fa858a | 2150 | [channels.c] |
2151 | cleanup socks4 handling | |
2152 | - itojun@cvs.openbsd.org 2001/04/10 09:13:22 | |
c0ecc314 | 2153 | [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
68fa858a | 2154 | document id_rsa{.pub,}. markus ok |
070adba2 | 2155 | - markus@cvs.openbsd.org 2001/04/10 12:15:23 |
68fa858a | 2156 | [channels.c] |
2157 | debug cleanup | |
45a2e669 | 2158 | - djm@cvs.openbsd.org 2001/04/11 07:06:22 |
2159 | [sftp-int.c] | |
2160 | 'mget' and 'mput' aliases; ok markus@ | |
6031af8d | 2161 | - markus@cvs.openbsd.org 2001/04/11 10:59:01 |
2162 | [ssh.c] | |
2163 | use strtol() for ports, thanks jakob@ | |
6683b40f | 2164 | - markus@cvs.openbsd.org 2001/04/11 13:56:13 |
2165 | [channels.c ssh.c] | |
2166 | https-connect and socks5 support. i feel so bad. | |
ff14faf1 | 2167 | - lebel@cvs.openbsd.org 2001/04/11 16:25:30 |
2168 | [sshd.8 sshd.c] | |
2169 | implement the -e option into sshd: | |
2170 | -e When this option is specified, sshd will send the output to the | |
2171 | standard error instead of the system log. | |
2172 | markus@ OK. | |
28b9cb4d | 2173 | |
0a85ab61 | 2174 | 20010410 |
2175 | - OpenBSD CVS Sync | |
2176 | - deraadt@cvs.openbsd.org 2001/04/08 20:52:55 | |
2177 | [sftp.c] | |
2178 | do not modify an actual argv[] entry | |
b2ae83b8 | 2179 | - stevesk@cvs.openbsd.org 2001/04/08 23:28:27 |
2180 | [sshd.8] | |
2181 | spelling | |
317611b5 | 2182 | - stevesk@cvs.openbsd.org 2001/04/09 00:42:05 |
2183 | [sftp.1] | |
2184 | spelling | |
a8666d84 | 2185 | - markus@cvs.openbsd.org 2001/04/09 15:12:23 |
2186 | [ssh-add.c] | |
2187 | passphrase caching: ssh-add tries last passphrase, clears passphrase if | |
2188 | not successful and after last try. | |
2189 | based on discussions with espie@, jakob@, ... and code from jakob@ and | |
2190 | wolfgang@wsrcc.com | |
49ae4185 | 2191 | - markus@cvs.openbsd.org 2001/04/09 15:19:49 |
2192 | [ssh-add.1] | |
2193 | ssh-add retries the last passphrase... | |
b8a297f1 | 2194 | - stevesk@cvs.openbsd.org 2001/04/09 18:00:15 |
2195 | [sshd.8] | |
2196 | ListenAddress mandoc from aaron@ | |
0a85ab61 | 2197 | |
6e9944b8 | 2198 | 20010409 |
febd3f8e | 2199 | - (stevesk) use setresgid() for setegid() if needed |
26de7942 | 2200 | - (stevesk) configure.in: typo |
6e9944b8 | 2201 | - OpenBSD CVS Sync |
2202 | - stevesk@cvs.openbsd.org 2001/04/08 16:01:36 | |
2203 | [sshd.8] | |
2204 | document ListenAddress addr:port | |
d64050ef | 2205 | - markus@cvs.openbsd.org 2001/04/08 13:03:00 |
2206 | [ssh-add.c] | |
2207 | init pointers with NULL, thanks to danimal@danimal.org | |
d0a4c20b | 2208 | - markus@cvs.openbsd.org 2001/04/08 11:27:33 |
2209 | [clientloop.c] | |
2210 | leave_raw_mode if ssh2 "session" is closed | |
63bd8c36 | 2211 | - markus@cvs.openbsd.org 2001/04/06 21:00:17 |
2212 | [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c | |
2213 | ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] | |
2214 | do gid/groups-swap in addition to uid-swap, should help if /home/group | |
2215 | is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks | |
2216 | to olar@openwall.com is comments. we had many requests for this. | |
0490e609 | 2217 | - markus@cvs.openbsd.org 2001/04/07 08:55:18 |
2218 | [buffer.c channels.c channels.h readconf.c ssh.c] | |
68fa858a | 2219 | allow the ssh client act as a SOCKS4 proxy (dynamic local |
2220 | portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me. | |
2221 | thanks to Dan for this great patch: use 'ssh -D 1080 host' and make | |
0490e609 | 2222 | netscape use localhost:1080 as a socks proxy. |
d98d029a | 2223 | - markus@cvs.openbsd.org 2001/04/08 11:24:33 |
2224 | [uidswap.c] | |
2225 | KNF | |
6e9944b8 | 2226 | |
d9d49fdb | 2227 | 20010408 |
2228 | - OpenBSD CVS Sync | |
2229 | - stevesk@cvs.openbsd.org 2001/04/06 22:12:47 | |
2230 | [hostfile.c] | |
2231 | unused; typo in comment | |
d11c1288 | 2232 | - stevesk@cvs.openbsd.org 2001/04/06 22:25:25 |
2233 | [servconf.c] | |
2234 | in addition to: | |
2235 | ListenAddress host|ipv4_addr|ipv6_addr | |
2236 | permit: | |
2237 | ListenAddress [host|ipv4_addr|ipv6_addr]:port | |
2238 | ListenAddress host|ipv4_addr:port | |
2239 | sshd.8 updates coming. ok markus@ | |
d9d49fdb | 2240 | |
613fc910 | 2241 | 20010407 |
2242 | - (bal) CVS ID Resync of version.h | |
cc94bd38 | 2243 | - OpenBSD CVS Sync |
2244 | - markus@cvs.openbsd.org 2001/04/05 23:39:20 | |
2245 | [serverloop.c] | |
2246 | keep the ssh session even if there is no active channel. | |
2247 | this is more in line with the protocol spec and makes | |
2248 | ssh -N -L 1234:server:110 host | |
2249 | more useful. | |
2250 | based on discussion with <mats@mindbright.se> long time ago | |
2251 | and recent mail from <res@shore.net> | |
0fc791ba | 2252 | - deraadt@cvs.openbsd.org 2001/04/06 16:46:59 |
2253 | [scp.c] | |
2254 | remove trailing / from source paths; fixes pr#1756 | |
68fa858a | 2255 | |
63f7e231 | 2256 | 20010406 |
2257 | - (stevesk) logintest.c: fix for systems without __progname | |
72170131 | 2258 | - (stevesk) Makefile.in: log.o is in libssh.a |
d8a2f554 | 2259 | - OpenBSD CVS Sync |
2260 | - markus@cvs.openbsd.org 2001/04/05 10:00:06 | |
2261 | [compat.c] | |
2262 | 2.3.x does old GEX, too; report jakob@ | |
6ba22c93 | 2263 | - markus@cvs.openbsd.org 2001/04/05 10:39:03 |
2264 | [compress.c compress.h packet.c] | |
2265 | reset compress state per direction when rekeying. | |
3667ba79 | 2266 | - markus@cvs.openbsd.org 2001/04/05 10:39:48 |
2267 | [version.h] | |
2268 | temporary version 2.5.4 (supports rekeying). | |
2269 | this is not an official release. | |
cd332296 | 2270 | - markus@cvs.openbsd.org 2001/04/05 10:42:57 |
68fa858a | 2271 | [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c |
2272 | mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c | |
2273 | sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c | |
cd332296 | 2274 | sshconnect2.c sshd.c] |
2275 | fix whitespace: unexpand + trailing spaces. | |
255cfda1 | 2276 | - markus@cvs.openbsd.org 2001/04/05 11:09:17 |
2277 | [clientloop.c compat.c compat.h] | |
2278 | add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions. | |
b4a19d21 | 2279 | - markus@cvs.openbsd.org 2001/04/05 15:45:43 |
2280 | [ssh.1] | |
2281 | ssh defaults to protocol v2; from quisar@quisar.ambre.net | |
46e3af7f | 2282 | - stevesk@cvs.openbsd.org 2001/04/05 15:48:18 |
2283 | [canohost.c canohost.h session.c] | |
2284 | move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@ | |
54506d2e | 2285 | - markus@cvs.openbsd.org 2001/04/05 20:01:10 |
2286 | [clientloop.c] | |
2287 | for ~R print message if server does not support rekeying. (and fix ~R). | |
b37caf1a | 2288 | - markus@cvs.openbsd.org 2001/04/05 21:02:46 |
2289 | [buffer.c] | |
2290 | better error message | |
eb0dd41f | 2291 | - markus@cvs.openbsd.org 2001/04/05 21:05:24 |
2292 | [clientloop.c ssh.c] | |
2293 | don't request a session for 'ssh -N', pointed out slade@shore.net | |
63f7e231 | 2294 | |
d8ee838b | 2295 | 20010405 |
68fa858a | 2296 | - OpenBSD CVS Sync |
2297 | - markus@cvs.openbsd.org 2001/04/04 09:48:35 | |
d8ee838b | 2298 | [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c] |
68fa858a | 2299 | don't sent multiple kexinit-requests. |
2300 | send newkeys, block while waiting for newkeys. | |
2301 | fix comments. | |
2302 | - markus@cvs.openbsd.org 2001/04/04 14:34:58 | |
2303 | [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] | |
2304 | enable server side rekeying + some rekey related clientup. | |
7a37c112 | 2305 | todo: we should not send any non-KEX messages after we send KEXINIT |
5adb303f | 2306 | - markus@cvs.openbsd.org 2001/04/04 15:50:55 |
2307 | [compat.c] | |
2308 | f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov | |
c422989b | 2309 | - markus@cvs.openbsd.org 2001/04/04 20:25:38 |
68fa858a | 2310 | [channels.c channels.h clientloop.c kex.c kex.h serverloop.c |
c422989b | 2311 | sshconnect2.c sshd.c] |
2312 | more robust rekeying | |
2313 | don't send channel data after rekeying is started. | |
0715ec6c | 2314 | - markus@cvs.openbsd.org 2001/04/04 20:32:56 |
2315 | [auth2.c] | |
2316 | we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ | |
bbb4cc1b | 2317 | - markus@cvs.openbsd.org 2001/04/04 22:04:35 |
2318 | [kex.c kexgex.c serverloop.c] | |
2319 | parse full kexinit packet. | |
2320 | make server-side more robust, too. | |
a7ca6275 | 2321 | - markus@cvs.openbsd.org 2001/04/04 23:09:18 |
2322 | [dh.c kex.c packet.c] | |
2323 | clear+free keys,iv for rekeying. | |
2324 | + fix DH mem leaks. ok niels@ | |
86c9e193 | 2325 | - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes |
2326 | BROKEN_VHANGUP | |
d8ee838b | 2327 | |
9d451c5a | 2328 | 20010404 |
2329 | - OpenBSD CVS Sync | |
2330 | - deraadt@cvs.openbsd.org 2001/04/02 17:32:23 | |
2331 | [ssh-agent.1] | |
2332 | grammar; slade@shore.net | |
894c5fa6 | 2333 | - stevesk@cvs.openbsd.org 2001/04/03 13:56:11 |
2334 | [sftp-glob.c ssh-agent.c ssh-keygen.c] | |
2335 | free() -> xfree() | |
a5c9ffdb | 2336 | - markus@cvs.openbsd.org 2001/04/03 19:53:29 |
2337 | [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c] | |
2338 | move kex to kex*.c, used dispatch_set() callbacks for kex. should | |
2339 | make rekeying easier. | |
3463ff28 | 2340 | - todd@cvs.openbsd.org 2001/04/03 21:19:38 |
2341 | [ssh_config] | |
2342 | id_rsa1/2 -> id_rsa; ok markus@ | |
d1ac6175 | 2343 | - markus@cvs.openbsd.org 2001/04/03 23:32:12 |
2344 | [kex.c kex.h packet.c sshconnect2.c sshd.c] | |
2345 | undo parts of recent my changes: main part of keyexchange does not | |
2346 | need dispatch-callbacks, since application data is delayed until | |
2347 | the keyexchange completes (if i understand the drafts correctly). | |
2348 | add some infrastructure for re-keying. | |
e092ce67 | 2349 | - markus@cvs.openbsd.org 2001/04/04 00:06:54 |
2350 | [clientloop.c sshconnect2.c] | |
2351 | enable client rekeying | |
2352 | (1) force rekeying with ~R, or | |
2353 | (2) if the server requests rekeying. | |
2354 | works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0 | |
0bc35151 | 2355 | - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync. |
9d451c5a | 2356 | |
672f212f | 2357 | 20010403 |
2358 | - OpenBSD CVS Sync | |
2359 | - stevesk@cvs.openbsd.org 2001/04/02 14:15:31 | |
2360 | [sshd.8] | |
2361 | typo; ok markus@ | |
6be9a5e8 | 2362 | - stevesk@cvs.openbsd.org 2001/04/02 14:20:23 |
2363 | [readconf.c servconf.c] | |
2364 | correct comment; ok markus@ | |
fe39c3df | 2365 | - (stevesk) nchan.c: remove ostate checks and add EINVAL to |
2366 | shutdown(SHUT_RD) error() bypass for HP-UX. | |
672f212f | 2367 | |
0be033ea | 2368 | 20010402 |
2369 | - (stevesk) log.c openbsd sync; missing newlines | |
5d9e4c8d | 2370 | - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H |
0be033ea | 2371 | |
b7a2a476 | 2372 | 20010330 |
2373 | - (djm) Another openbsd-compat/glob.c sync | |
4047d868 | 2374 | - (djm) OpenBSD CVS Sync |
2375 | - provos@cvs.openbsd.org 2001/03/28 21:59:41 | |
2376 | [kex.c kex.h sshconnect2.c sshd.c] | |
2377 | forgot to include min and max params in hash, okay markus@ | |
c8682232 | 2378 | - provos@cvs.openbsd.org 2001/03/28 22:04:57 |
2379 | [dh.c] | |
2380 | more sanity checking on primes file | |
d9cd3575 | 2381 | - markus@cvs.openbsd.org 2001/03/28 22:43:31 |
2382 | [auth.h auth2.c auth2-chall.c] | |
2383 | check auth_root_allowed for kbd-int auth, too. | |
86b878d5 | 2384 | - provos@cvs.openbsd.org 2001/03/29 14:24:59 |
2385 | [sshconnect2.c] | |
2386 | use recommended defaults | |
1ad64a93 | 2387 | - stevesk@cvs.openbsd.org 2001/03/29 21:06:21 |
2388 | [sshconnect2.c sshd.c] | |
2389 | need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@ | |
03b8f8be | 2390 | - markus@cvs.openbsd.org 2001/03/29 21:17:40 |
2391 | [dh.c dh.h kex.c kex.h] | |
2392 | prepare for rekeying: move DH code to dh.c | |
76ca7b01 | 2393 | - djm@cvs.openbsd.org 2001/03/29 23:42:01 |
2394 | [sshd.c] | |
2395 | Protocol 1 key regeneration log => verbose, some KNF; ok markus@ | |
b7a2a476 | 2396 | |
01ce749f | 2397 | 20010329 |
2398 | - OpenBSD CVS Sync | |
2399 | - stevesk@cvs.openbsd.org 2001/03/26 15:47:59 | |
2400 | [ssh.1] | |
2401 | document more defaults; misc. cleanup. ok markus@ | |
569807fb | 2402 | - markus@cvs.openbsd.org 2001/03/26 23:12:42 |
2403 | [authfile.c] | |
2404 | KNF | |
457fc0c6 | 2405 | - markus@cvs.openbsd.org 2001/03/26 23:23:24 |
2406 | [rsa.c rsa.h ssh-agent.c ssh-keygen.c] | |
2407 | try to read private f-secure ssh v2 rsa keys. | |
1a92bd7e | 2408 | - markus@cvs.openbsd.org 2001/03/27 10:34:08 |
2409 | [ssh-rsa.c sshd.c] | |
2410 | use EVP_get_digestbynid, reorder some calls and fix missing free. | |
a4da628b | 2411 | - markus@cvs.openbsd.org 2001/03/27 10:57:00 |
2412 | [compat.c compat.h ssh-rsa.c] | |
2413 | some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 | |
2414 | signatures in SSH protocol 2, ok djm@ | |
db1cd2f3 | 2415 | - provos@cvs.openbsd.org 2001/03/27 17:46:50 |
2416 | [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] | |
2417 | make dh group exchange more flexible, allow min and max group size, | |
2418 | okay markus@, deraadt@ | |
e5ff6ecf | 2419 | - stevesk@cvs.openbsd.org 2001/03/28 19:56:23 |
2420 | [scp.c] | |
2421 | start to sync scp closer to rcp; ok markus@ | |
03cb2621 | 2422 | - stevesk@cvs.openbsd.org 2001/03/28 20:04:38 |
2423 | [scp.c] | |
2424 | usage more like rcp and add missing -B to usage; ok markus@ | |
563834bb | 2425 | - markus@cvs.openbsd.org 2001/03/28 20:50:45 |
2426 | [sshd.c] | |
2427 | call refuse() before close(); from olemx@ans.pl | |
01ce749f | 2428 | |
b5b68128 | 2429 | 20010328 |
68fa858a | 2430 | - (djm) Reorder tests and library inclusion for Krb4/AFS to try to |
2431 | resolve linking conflicts with libcrypto. Report and suggested fix | |
b5b68128 | 2432 | from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> |
edbe6722 | 2433 | - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested |
2434 | fix from Philippe Levan <levan@epix.net> | |
cccfea16 | 2435 | - (djm) Rework krbIV tests to get us closer to building on Redhat. Still |
2436 | doesn't work because of conflicts between krbIV's and OpenSSL's des.h | |
8d0cc79b | 2437 | - (djm) Sync openbsd-compat/glob.c |
b5b68128 | 2438 | |
0c90b590 | 2439 | 20010327 |
2440 | - Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID) | |
68fa858a | 2441 | - Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz |
60a8683f | 2442 | Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
690d0d7f | 2443 | - OpenBSD CVS Sync |
2444 | - djm@cvs.openbsd.org 2001/03/25 00:01:34 | |
2445 | [session.c] | |
2446 | shorten; ok markus@ | |
4f4648f9 | 2447 | - stevesk@cvs.openbsd.org 2001/03/25 13:16:11 |
2448 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
2449 | PrintLastLog option; from chip@valinux.com with some minor | |
2450 | changes by me. ok markus@ | |
9afbfcfa | 2451 | - markus@cvs.openbsd.org 2001/03/26 08:07:09 |
68fa858a | 2452 | [authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c |
9afbfcfa | 2453 | sshconnect.h sshconnect1.c sshconnect2.c sshd.c] |
2454 | simpler key load/save interface, see authfile.h | |
68fa858a | 2455 | - (djm) Reestablish PAM credentials (which can be supplemental group |
9afbfcfa | 2456 | memberships) after initgroups() blows them away. Report and suggested |
2457 | fix from Nalin Dahyabhai <nalin@redhat.com> | |
0c90b590 | 2458 | |
b567a40c | 2459 | 20010324 |
2460 | - Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>. | |
80cd07ae | 2461 | - OpenBSD CVS Sync |
2462 | - djm@cvs.openbsd.org 2001/03/23 11:04:07 | |
2463 | [compat.c compat.h sshconnect2.c sshd.c] | |
2464 | Compat for OpenSSH with broken Rijndael/AES. ok markus@ | |
7af9f7f8 | 2465 | - markus@cvs.openbsd.org 2001/03/23 12:02:49 |
2466 | [auth1.c] | |
2467 | authctxt is now passed to do_authenticated | |
e285053e | 2468 | - markus@cvs.openbsd.org 2001/03/23 13:10:57 |
2469 | [sftp-int.c] | |
2470 | fix put, upload to _absolute_ path, ok djm@ | |
1d3c30db | 2471 | - markus@cvs.openbsd.org 2001/03/23 14:28:32 |
2472 | [session.c sshd.c] | |
2473 | ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@ | |
8ca3f6dc | 2474 | - (djm) Pull out our own SIGPIPE hacks |
b567a40c | 2475 | |
8a169574 | 2476 | 20010323 |
68fa858a | 2477 | - OpenBSD CVS Sync |
8a169574 | 2478 | - deraadt@cvs.openbsd.org 2001/03/22 20:22:55 |
68fa858a | 2479 | [sshd.c] |
2480 | do not place linefeeds in buffer | |
8a169574 | 2481 | |
ee110bfb | 2482 | 20010322 |
2483 | - (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de> | |
289ba62e | 2484 | - (bal) version.c CVS ID resync |
a5b09902 | 2485 | - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID |
2486 | resync | |
ae7242ef | 2487 | - (bal) scp.c CVS ID resync |
3e587cc3 | 2488 | - OpenBSD CVS Sync |
2489 | - markus@cvs.openbsd.org 2001/03/20 19:10:16 | |
2490 | [readconf.c] | |
2491 | default to SSH protocol version 2 | |
e5d7a405 | 2492 | - markus@cvs.openbsd.org 2001/03/20 19:21:21 |
2493 | [session.c] | |
2494 | remove unused arg | |
39f7530f | 2495 | - markus@cvs.openbsd.org 2001/03/20 19:21:21 |
2496 | [session.c] | |
2497 | remove unused arg | |
bb5639fe | 2498 | - markus@cvs.openbsd.org 2001/03/21 11:43:45 |
2499 | [auth1.c auth2.c session.c session.h] | |
2500 | merge common ssh v1/2 code | |
5e7cb456 | 2501 | - jakob@cvs.openbsd.org 2001/03/21 14:20:45 |
2502 | [ssh-keygen.c] | |
2503 | add -B flag to usage | |
ca4df544 | 2504 | - markus@cvs.openbsd.org 2001/03/21 21:06:30 |
2505 | [session.c] | |
2506 | missing init; from mib@unimelb.edu.au | |
ee110bfb | 2507 | |
f5f6020e | 2508 | 20010321 |
68fa858a | 2509 | - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve |
f5f6020e | 2510 | VanDevender <stevev@darkwing.uoregon.edu> |
37eadb90 | 2511 | - (djm) Make sure pam_retval is initialised on call to pam_end. Patch |
2512 | from Solar Designer <solar@openwall.com> | |
0a3700ee | 2513 | - (djm) Don't loop forever when changing password via PAM. Patch |
2514 | from Solar Designer <solar@openwall.com> | |
0c13ffa2 | 2515 | - (djm) Generate config files before build |
7a7101ec | 2516 | - (djm) Correctly handle SIA and AIX when no tty present. Spotted and |
2517 | suggested fix from Mike Battersby <mib@unimelb.edu.au> | |
f5f6020e | 2518 | |
8d539493 | 2519 | 20010320 |
01022caf | 2520 | - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS). |
2521 | - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS). | |
1620233b | 2522 | - (bal) Oops. Missed globc.h change (OpenBSD CVS). |
614dee3a | 2523 | - (djm) OpenBSD CVS Sync |
2524 | - markus@cvs.openbsd.org 2001/03/19 17:07:23 | |
2525 | [auth.c readconf.c] | |
2526 | undo /etc/shell and proto 2,1 change for openssh-2.5.2 | |
3dd16786 | 2527 | - markus@cvs.openbsd.org 2001/03/19 17:12:10 |
2528 | [version.h] | |
2529 | version 2.5.2 | |
ea44783f | 2530 | - (djm) Update RPM spec version |
2531 | - (djm) Release 2.5.2p1 | |
3743cc2f | 2532 | - tim@mindrot.org 2001/03/19 18:33:47 [defines.h] |
2533 | change S_ISLNK macro to work for UnixWare 2.03 | |
9887f269 | 2534 | - tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c] |
2535 | add get_arg_max(). Use sysconf() if ARG_MAX is not defined | |
8d539493 | 2536 | |
e339aa53 | 2537 | 20010319 |
68fa858a | 2538 | - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to |
e339aa53 | 2539 | do it implicitly. |
7cdb79d4 | 2540 | - (djm) Add getusershell() functions from OpenBSD CVS |
b1ed8313 | 2541 | - OpenBSD CVS Sync |
2542 | - markus@cvs.openbsd.org 2001/03/18 12:07:52 | |
2543 | [auth-options.c] | |
2544 | ignore permitopen="host:port" if AllowTcpForwarding==no | |
f8f230bf | 2545 | - (djm) Make scp work on systems without 64-bit ints |
2538ecf1 | 2546 | - tim@mindrot.org 2001/03/18 18:28:39 [defines.h] |
2547 | move HAVE_LONG_LONG_INT where it works | |
d1581d5f | 2548 | - (bal) Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix |
107628c0 | 2549 | stuff. Change suggested by Mark Miller <markm@swoon.net> |
d1581d5f | 2550 | - (bal) Small fix to scp. %lu vs %ld |
68fa858a | 2551 | - (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS* |
bb6da70f | 2552 | - (djm) OpenBSD CVS Sync |
2553 | - djm@cvs.openbsd.org 2001/03/19 03:52:51 | |
2554 | [sftp-client.c] | |
2555 | Report ssh connection closing correctly; ok deraadt@ | |
3a1c54d4 | 2556 | - deraadt@cvs.openbsd.org 2001/03/18 23:30:55 |
2557 | [compat.c compat.h sshd.c] | |
68fa858a | 2558 | specifically version match on ssh scanners. do not log scan |
3a1c54d4 | 2559 | information to the console |
dc504afd | 2560 | - djm@cvs.openbsd.org 2001/03/19 12:10:17 |
db4d3098 | 2561 | [sshd.8] |
dc504afd | 2562 | Document permitopen authorized_keys option; ok markus@ |
babd91d4 | 2563 | - djm@cvs.openbsd.org 2001/03/19 05:49:52 |
2564 | [ssh.1] | |
2565 | document PreferredAuthentications option; ok markus@ | |
05c64611 | 2566 | - (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX |
e339aa53 | 2567 | |
ec0ad9c2 | 2568 | 20010318 |
68fa858a | 2569 | - (bal) Fixed scp type casing issue which causes "scp: protocol error: |
ec0ad9c2 | 2570 | size not delimited" fatal errors when tranfering. |
5cc8d4ad | 2571 | - OpenBSD CVS Sync |
2572 | - markus@cvs.openbsd.org 2001/03/17 17:27:59 | |
2573 | [auth.c] | |
2574 | check /etc/shells, too | |
7411201c | 2575 | - tim@mindrot.org 2001/03/17 18:45:25 [compat.c] |
2576 | openbsd-compat/fake-regex.h | |
ec0ad9c2 | 2577 | |
8a968c25 | 2578 | 20010317 |
68fa858a | 2579 | - Support usrinfo() on AIX. Based on patch from Gert Doering |
8a968c25 | 2580 | <gert@greenie.muc.de> |
bf1d27bd | 2581 | - OpenBSD CVS Sync |
2582 | - markus@cvs.openbsd.org 2001/03/15 15:05:59 | |
2583 | [scp.c] | |
2584 | use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi | |
56b3e9ce | 2585 | - markus@cvs.openbsd.org 2001/03/15 22:07:08 |
2586 | [session.c] | |
2587 | pass Session to do_child + KNF | |
d50d9b63 | 2588 | - djm@cvs.openbsd.org 2001/03/16 08:16:18 |
2589 | [sftp-client.c sftp-client.h sftp-glob.c sftp-int.c] | |
2590 | Revise globbing for get/put to be more shell-like. In particular, | |
2591 | "get/put file* directory/" now works. ok markus@ | |
f55d1b5f | 2592 | - markus@cvs.openbsd.org 2001/03/16 09:55:53 |
2593 | [sftp-int.c] | |
2594 | fix memset and whitespace | |
6a8496e4 | 2595 | - markus@cvs.openbsd.org 2001/03/16 13:44:24 |
2596 | [sftp-int.c] | |
2597 | discourage strcat/strcpy | |
01794848 | 2598 | - markus@cvs.openbsd.org 2001/03/16 19:06:30 |
2599 | [auth-options.c channels.c channels.h serverloop.c session.c] | |
2600 | implement "permitopen" key option, restricts -L style forwarding to | |
2601 | to specified host:port pairs. based on work by harlan@genua.de | |
68fa858a | 2602 | - Check for gl_matchc support in glob_t and fall back to the |
40849fdb | 2603 | openbsd-compat/glob.[ch] support if it does not exist. |
8a968c25 | 2604 | |
4cb5d598 | 2605 | 20010315 |
2606 | - OpenBSD CVS Sync | |
2607 | - markus@cvs.openbsd.org 2001/03/14 08:57:14 | |
2608 | [sftp-client.c] | |
2609 | Wall | |
85cf5827 | 2610 | - markus@cvs.openbsd.org 2001/03/14 15:15:58 |
2611 | [sftp-int.c] | |
2612 | add version command | |
61b3a2bc | 2613 | - deraadt@cvs.openbsd.org 2001/03/14 22:50:25 |
2614 | [sftp-server.c] | |
2615 | note no getopt() | |
51e2fc8f | 2616 | - (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h" |
68fa858a | 2617 | - (bal) Cygwin README change by Corinna Vinschen <vinschen@redhat.com> |
4cb5d598 | 2618 | |
acc9d6d7 | 2619 | 20010314 |
2620 | - OpenBSD CVS Sync | |
85cf5827 | 2621 | - markus@cvs.openbsd.org 2001/03/13 17:34:42 |
2622 | [auth-options.c] | |
2623 | missing xfree, deny key on parse error; ok stevesk@ | |
2624 | - djm@cvs.openbsd.org 2001/03/13 22:42:54 | |
2625 | [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c] | |
2626 | sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@ | |
84ceda19 | 2627 | - (bal) Fix strerror() in bsd-misc.c |
2628 | - (djm) Add replacement glob() from OpenBSD libc if the system glob is | |
2629 | missing or lacks the GLOB_ALTDIRFUNC extension | |
68fa858a | 2630 | - (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers |
84ceda19 | 2631 | relatively. Avoids conflict between glob.h and /usr/include/glob.h |
acc9d6d7 | 2632 | |
22138a36 | 2633 | 20010313 |
2634 | - OpenBSD CVS Sync | |
2635 | - markus@cvs.openbsd.org 2001/03/12 22:02:02 | |
2636 | [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c] | |
2637 | remove old key_fingerprint interface, s/_ex// | |
2638 | ||
539af7f5 | 2639 | 20010312 |
2640 | - OpenBSD CVS Sync | |
2641 | - markus@cvs.openbsd.org 2001/03/11 13:25:36 | |
2642 | [auth2.c key.c] | |
2643 | debug | |
301e8e5b | 2644 | - jakob@cvs.openbsd.org 2001/03/11 15:03:16 |
2645 | [key.c key.h] | |
2646 | add improved fingerprint functions. based on work by Carsten | |
2647 | Raskgaard <cara@int.tele.dk> and modified by me. ok markus@. | |
954f0550 | 2648 | - jakob@cvs.openbsd.org 2001/03/11 15:04:16 |
2649 | [ssh-keygen.1 ssh-keygen.c] | |
2650 | print both md5, sha1 and bubblebabble fingerprints when using | |
2651 | ssh-keygen -l -v. ok markus@. | |
08345971 | 2652 | - jakob@cvs.openbsd.org 2001/03/11 15:13:09 |
2653 | [key.c] | |
2654 | cleanup & shorten some var names key_fingerprint_bubblebabble. | |
64b1aa3b | 2655 | - deraadt@cvs.openbsd.org 2001/03/11 16:39:03 |
2656 | [ssh-keygen.c] | |
2657 | KNF, and SHA1 binary output is just creeping featurism | |
733cf7f4 | 2658 | - tim@mindrot.org 2001/03/11 17:29:32 [configure.in] |
2659 | test if snprintf() supports %ll | |
2660 | add /dev to search path for PRNGD/EGD socket | |
2661 | fix my mistake in USER_PATH test program | |
79c9ac1b | 2662 | - OpenBSD CVS Sync |
2663 | - markus@cvs.openbsd.org 2001/03/11 18:29:51 | |
2664 | [key.c] | |
2665 | style+cleanup | |
aaf45d87 | 2666 | - markus@cvs.openbsd.org 2001/03/11 22:33:24 |
2667 | [ssh-keygen.1 ssh-keygen.c] | |
2668 | remove -v again. use -B instead for bubblebabble. make -B consistent | |
2669 | with -l and make -B work with /path/to/known_hosts. ok deraadt@ | |
a0322342 | 2670 | - (djm) Bump portable version number for generating test RPMs |
94dd09e3 | 2671 | - (djm) Add "static_openssl" RPM build option, remove rsh build dependency |
68fa858a | 2672 | - (bal) Reorder includes in Makefile. |
539af7f5 | 2673 | |
d156519a | 2674 | 20010311 |
2675 | - OpenBSD CVS Sync | |
2676 | - markus@cvs.openbsd.org 2001/03/10 12:48:27 | |
2677 | [sshconnect2.c] | |
2678 | ignore nonexisting private keys; report rjmooney@mediaone.net | |
5e36d59c | 2679 | - deraadt@cvs.openbsd.org 2001/03/10 12:53:51 |
2680 | [readconf.c ssh_config] | |
2681 | default to SSH2, now that m68k runs fast | |
2f778758 | 2682 | - stevesk@cvs.openbsd.org 2001/03/10 15:02:05 |
2683 | [ttymodes.c ttymodes.h] | |
2684 | remove unused sgtty macros; ok markus@ | |
99c415db | 2685 | - deraadt@cvs.openbsd.org 2001/03/10 15:31:00 |
2686 | [compat.c compat.h sshconnect.c] | |
2687 | all known netscreen ssh versions, and older versions of OSU ssh cannot | |
2688 | handle password padding (newer OSU is fixed) | |
456fce50 | 2689 | - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config] |
2690 | make sure $bindir is in USER_PATH so scp will work | |
cab80f75 | 2691 | - OpenBSD CVS Sync |
2692 | - markus@cvs.openbsd.org 2001/03/10 17:51:04 | |
2693 | [kex.c match.c match.h readconf.c readconf.h sshconnect2.c] | |
2694 | add PreferredAuthentications | |
d156519a | 2695 | |
1c9a907f | 2696 | 20010310 |
2697 | - OpenBSD CVS Sync | |
2698 | - deraadt@cvs.openbsd.org 2001/03/09 03:14:39 | |
2699 | [ssh-keygen.c] | |
68fa858a | 2700 | create *.pub files with umask 0644, so that you can mv them to |
1c9a907f | 2701 | authorized_keys |
cb7bd922 | 2702 | - deraadt@cvs.openbsd.org 2001/03/09 12:30:29 |
2703 | [sshd.c] | |
2704 | typo; slade@shore.net | |
61cf0e38 | 2705 | - Removed log.o from sftp client. Not needed. |
1c9a907f | 2706 | |
385590e4 | 2707 | 20010309 |
2708 | - OpenBSD CVS Sync | |
2709 | - stevesk@cvs.openbsd.org 2001/03/08 18:47:12 | |
2710 | [auth1.c] | |
2711 | unused; ok markus@ | |
acf06a60 | 2712 | - stevesk@cvs.openbsd.org 2001/03/08 20:44:48 |
2713 | [sftp.1] | |
2714 | spelling, cleanup; ok deraadt@ | |
fee56204 | 2715 | - markus@cvs.openbsd.org 2001/03/08 21:42:33 |
2716 | [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c] | |
2717 | implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key -> | |
2718 | no need to do enter passphrase or do expensive sign operations if the | |
2719 | server does not accept key). | |
385590e4 | 2720 | |
3a7fe5ba | 2721 | 20010308 |
2722 | - OpenBSD CVS Sync | |
d5ebca2b | 2723 | - djm@cvs.openbsd.org 2001/03/07 10:11:23 |
2724 | [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h] | |
2725 | Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling | |
2726 | functions and small protocol change. | |
2727 | - markus@cvs.openbsd.org 2001/03/08 00:15:48 | |
2728 | [readconf.c ssh.1] | |
2729 | turn off useprivilegedports by default. only rhost-auth needs | |
2730 | this. older sshd's may need this, too. | |
097ca118 | 2731 | - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H; |
2732 | Dirk Markwardt <D.Markwardt@tu-bs.de> | |
3a7fe5ba | 2733 | |
3251b439 | 2734 | 20010307 |
2735 | - (bal) OpenBSD CVS Sync | |
2736 | - deraadt@cvs.openbsd.org 2001/03/06 06:11:18 | |
2737 | [ssh-keyscan.c] | |
2738 | appease gcc | |
a5ec8a3d | 2739 | - deraadt@cvs.openbsd.org 2001/03/06 06:11:44 |
2740 | [sftp-int.c sftp.1 sftp.c] | |
2741 | sftp -b batchfile; mouring@etoh.eviladmin.org | |
17910dce | 2742 | - deraadt@cvs.openbsd.org 2001/03/06 15:10:42 |
2743 | [sftp.1] | |
2744 | order things | |
2c86906e | 2745 | - deraadt@cvs.openbsd.org 2001/03/07 01:19:06 |
2746 | [ssh.1 sshd.8] | |
2747 | the name "secure shell" is boring, noone ever uses it | |
7daf8515 | 2748 | - deraadt@cvs.openbsd.org 2001/03/07 04:05:58 |
2749 | [ssh.1] | |
2750 | removed dated comment | |
f52798a4 | 2751 | - Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com> |
3251b439 | 2752 | |
657297ff | 2753 | 20010306 |
2754 | - (bal) OpenBSD CVS Sync | |
2755 | - deraadt@cvs.openbsd.org 2001/03/05 14:28:47 | |
2756 | [sshd.8] | |
2757 | alpha order; jcs@rt.fm | |
7c8f2a26 | 2758 | - stevesk@cvs.openbsd.org 2001/03/05 15:44:51 |
2759 | [servconf.c] | |
2760 | sync error message; ok markus@ | |
f2ba0775 | 2761 | - deraadt@cvs.openbsd.org 2001/03/05 15:56:16 |
2762 | [myproposal.h ssh.1] | |
2763 | switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster; | |
2764 | provos & markus ok | |
7a6c39a3 | 2765 | - deraadt@cvs.openbsd.org 2001/03/05 16:07:15 |
2766 | [sshd.8] | |
2767 | detail default hmac setup too | |
7de5b06b | 2768 | - markus@cvs.openbsd.org 2001/03/05 17:17:21 |
2769 | [kex.c kex.h sshconnect2.c sshd.c] | |
2770 | generate a 2*need size (~300 instead of 1024/2048) random private | |
2771 | exponent during the DH key agreement. according to Niels (the great | |
2772 | german advisor) this is safe since /etc/primes contains strong | |
2773 | primes only. | |
2774 | ||
2775 | References: | |
2776 | P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key | |
2777 | agreement with short exponents, In Advances in Cryptology | |
2778 | - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343. | |
a5df12e9 | 2779 | - stevesk@cvs.openbsd.org 2001/03/05 17:40:48 |
2780 | [ssh.1] | |
2781 | more ssh_known_hosts2 documentation; ok markus@ | |
0b2190ee | 2782 | - stevesk@cvs.openbsd.org 2001/03/05 17:58:22 |
2783 | [dh.c] | |
2784 | spelling | |
bbc62e59 | 2785 | - deraadt@cvs.openbsd.org 2001/03/06 00:33:04 |
2786 | [authfd.c cli.c ssh-agent.c] | |
2787 | EINTR/EAGAIN handling is required in more cases | |
c16c7f20 | 2788 | - millert@cvs.openbsd.org 2001/03/06 01:06:03 |
2789 | [ssh-keyscan.c] | |
2790 | Don't assume we wil get the version string all in one read(). | |
2791 | deraadt@ OK'd | |
09cb311c | 2792 | - millert@cvs.openbsd.org 2001/03/06 01:08:27 |
2793 | [clientloop.c] | |
2794 | If read() fails with EINTR deal with it the same way we treat EAGAIN | |
657297ff | 2795 | |
1a2936c4 | 2796 | 20010305 |
2797 | - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch] | |
68fa858a | 2798 | - (bal) CVS ID touch up on sftp-int.c |
e77df335 | 2799 | - (bal) CVS ID touch up on uuencode.c |
6cca9fde | 2800 | - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c |
778f6940 | 2801 | - (bal) OpenBSD CVS Sync |
dcb971e1 | 2802 | - deraadt@cvs.openbsd.org 2001/02/17 23:48:48 |
2803 | [sshd.8] | |
2804 | it's the OpenSSH one | |
778f6940 | 2805 | - deraadt@cvs.openbsd.org 2001/02/21 07:37:04 |
2806 | [ssh-keyscan.c] | |
2807 | inline -> __inline__, and some indent | |
81333640 | 2808 | - deraadt@cvs.openbsd.org 2001/02/21 09:05:54 |
2809 | [authfile.c] | |
2810 | improve fd handling | |
79ddf6db | 2811 | - deraadt@cvs.openbsd.org 2001/02/21 09:12:56 |
2812 | [sftp-server.c] | |
2813 | careful with & and &&; markus ok | |
96ee8386 | 2814 | - stevesk@cvs.openbsd.org 2001/02/21 21:14:04 |
2815 | [ssh.c] | |
2816 | -i supports DSA identities now; ok markus@ | |
0c126dc9 | 2817 | - deraadt@cvs.openbsd.org 2001/02/22 04:29:37 |
2818 | [servconf.c] | |
2819 | grammar; slade@shore.net | |
ed2166d8 | 2820 | - deraadt@cvs.openbsd.org 2001/02/22 06:43:55 |
2821 | [ssh-keygen.1 ssh-keygen.c] | |
2822 | document -d, and -t defaults to rsa1 | |
b07ae1e9 | 2823 | - deraadt@cvs.openbsd.org 2001/02/22 08:03:51 |
2824 | [ssh-keygen.1 ssh-keygen.c] | |
2825 | bye bye -d | |
e2fccec3 | 2826 | - deraadt@cvs.openbsd.org 2001/02/22 18:09:06 |
2827 | [sshd_config] | |
2828 | activate RSA 2 key | |
e91c60f2 | 2829 | - markus@cvs.openbsd.org 2001/02/22 21:57:27 |
2830 | [ssh.1 sshd.8] | |
2831 | typos/grammar from matt@anzen.com | |
3b1a83df | 2832 | - markus@cvs.openbsd.org 2001/02/22 21:59:44 |
2833 | [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c] | |
2834 | use pwcopy in ssh.c, too | |
19d57054 | 2835 | - markus@cvs.openbsd.org 2001/02/23 15:34:53 |
2836 | [serverloop.c] | |
2837 | debug2->3 | |
00be5382 | 2838 | - markus@cvs.openbsd.org 2001/02/23 18:15:13 |
2839 | [sshd.c] | |
2840 | the random session key depends now on the session_key_int | |
2841 | sent by the 'attacker' | |
2842 | dig1 = md5(cookie|session_key_int); | |
2843 | dig2 = md5(dig1|cookie|session_key_int); | |
2844 | fake_session_key = dig1|dig2; | |
2845 | this change is caused by a mail from anakin@pobox.com | |
2846 | patch based on discussions with my german advisor niels@openbsd.org | |
ec63b02d | 2847 | - deraadt@cvs.openbsd.org 2001/02/24 10:37:55 |
2848 | [readconf.c] | |
2849 | look for id_rsa by default, before id_dsa | |
582038fb | 2850 | - deraadt@cvs.openbsd.org 2001/02/24 10:37:26 |
2851 | [sshd_config] | |
2852 | ssh2 rsa key before dsa key | |
6e18cb71 | 2853 | - markus@cvs.openbsd.org 2001/02/27 10:35:27 |
2854 | [packet.c] | |
2855 | fix random padding | |
1b5dfeb2 | 2856 | - markus@cvs.openbsd.org 2001/02/27 11:00:11 |
2857 | [compat.c] | |
2858 | support SSH-2.0-2.1 ; from Christophe_Moret@hp.com | |
4ab21f86 | 2859 | - deraadt@cvs.openbsd.org 2001/02/28 05:34:28 |
2860 | [misc.c] | |
2861 | pull in protos | |
167b3512 | 2862 | - deraadt@cvs.openbsd.org 2001/02/28 05:36:28 |
2863 | [sftp.c] | |
2864 | do not kill the subprocess on termination (we will see if this helps | |
2865 | things or hurts things) | |
7e8911cd | 2866 | - markus@cvs.openbsd.org 2001/02/28 08:45:39 |
2867 | [clientloop.c] | |
2868 | fix byte counts for ssh protocol v1 | |
ee55dacf | 2869 | - markus@cvs.openbsd.org 2001/02/28 08:54:55 |
2870 | [channels.c nchan.c nchan.h] | |
2871 | make sure remote stderr does not get truncated. | |
2872 | remove closed fd's from the select mask. | |
a6215e53 | 2873 | - markus@cvs.openbsd.org 2001/02/28 09:57:07 |
2874 | [packet.c packet.h sshconnect2.c] | |
2875 | in ssh protocol v2 use ignore messages for padding (instead of | |
2876 | trailing \0). | |
94dfb550 | 2877 | - markus@cvs.openbsd.org 2001/02/28 12:55:07 |
2878 | [channels.c] | |
2879 | unify debug messages | |
5649fbbe | 2880 | - deraadt@cvs.openbsd.org 2001/02/28 17:52:54 |
2881 | [misc.c] | |
2882 | for completeness, copy pw_gecos too | |
0572fe75 | 2883 | - markus@cvs.openbsd.org 2001/02/28 21:21:41 |
2884 | [sshd.c] | |
2885 | generate a fake session id, too | |
95ce5599 | 2886 | - markus@cvs.openbsd.org 2001/02/28 21:27:48 |
2887 | [channels.c packet.c packet.h serverloop.c] | |
2888 | use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message | |
2889 | use random content in ignore messages. | |
355724fc | 2890 | - markus@cvs.openbsd.org 2001/02/28 21:31:32 |
2891 | [channels.c] | |
2892 | typo | |
c3f7d267 | 2893 | - deraadt@cvs.openbsd.org 2001/03/01 02:11:25 |
2894 | [authfd.c] | |
2895 | split line so that p will have an easier time next time around | |
a01a5f30 | 2896 | - deraadt@cvs.openbsd.org 2001/03/01 02:29:04 |
2897 | [ssh.c] | |
2898 | shorten usage by a line | |
12bf85ed | 2899 | - deraadt@cvs.openbsd.org 2001/03/01 02:45:10 |
2900 | [auth-rsa.c auth2.c deattack.c packet.c] | |
2901 | KNF | |
4371658c | 2902 | - deraadt@cvs.openbsd.org 2001/03/01 03:38:33 |
2903 | [cli.c cli.h rijndael.h ssh-keyscan.1] | |
2904 | copyright notices on all source files | |
ce91d6f8 | 2905 | - markus@cvs.openbsd.org 2001/03/01 22:46:37 |
2906 | [ssh.c] | |
2907 | don't truncate remote ssh-2 commands; from mkubita@securities.cz | |
2908 | use min, not max for logging, fixes overflow. | |
409edaba | 2909 | - deraadt@cvs.openbsd.org 2001/03/02 06:21:01 |
2910 | [sshd.8] | |
2911 | explain SIGHUP better | |
b8dc87d3 | 2912 | - deraadt@cvs.openbsd.org 2001/03/02 09:42:49 |
2913 | [sshd.8] | |
2914 | doc the dsa/rsa key pair files | |
f3c7c613 | 2915 | - deraadt@cvs.openbsd.org 2001/03/02 18:54:31 |
2916 | [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h | |
2917 | scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c | |
2918 | ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8] | |
2919 | make copyright lines the same format | |
2671b47f | 2920 | - deraadt@cvs.openbsd.org 2001/03/03 06:53:12 |
2921 | [ssh-keyscan.c] | |
2922 | standard theo sweep | |
ff7fee59 | 2923 | - millert@cvs.openbsd.org 2001/03/03 21:19:41 |
2924 | [ssh-keyscan.c] | |
2925 | Dynamically allocate read_wait and its copies. Since maxfd is | |
2926 | based on resource limits it is often (usually?) larger than FD_SETSIZE. | |
c8d75031 | 2927 | - millert@cvs.openbsd.org 2001/03/03 21:40:30 |
2928 | [sftp-server.c] | |
2929 | Dynamically allocate fd_set; deraadt@ OK | |
20e04e90 | 2930 | - millert@cvs.openbsd.org 2001/03/03 21:41:07 |
2931 | [packet.c] | |
2932 | Dynamically allocate fd_set; deraadt@ OK | |
dce9bac5 | 2933 | - deraadt@cvs.openbsd.org 2001/03/03 22:07:50 |
2934 | [sftp-server.c] | |
2935 | KNF | |
c630ce76 | 2936 | - markus@cvs.openbsd.org 2001/03/03 23:52:22 |
2937 | [sftp.c] | |
2938 | clean up arg processing. based on work by Christophe_Moret@hp.com | |
20244695 | 2939 | - markus@cvs.openbsd.org 2001/03/03 23:59:34 |
2940 | [log.c ssh.c] | |
2941 | log*.c -> log.c | |
61f8a1d1 | 2942 | - markus@cvs.openbsd.org 2001/03/04 00:03:59 |
2943 | [channels.c] | |
2944 | debug1->2 | |
38967add | 2945 | - stevesk@cvs.openbsd.org 2001/03/04 10:57:53 |
2946 | [ssh.c] | |
2947 | add -m to usage; ok markus@ | |
46f23b8d | 2948 | - stevesk@cvs.openbsd.org 2001/03/04 11:04:41 |
2949 | [sshd.8] | |
2950 | small cleanup and clarify for PermitRootLogin; ok markus@ | |
9c81df4c | 2951 | - stevesk@cvs.openbsd.org 2001/03/04 11:16:06 |
2952 | [servconf.c sshd.8] | |
2953 | kill obsolete RandomSeed; ok markus@ deraadt@ | |
f5429434 | 2954 | - stevesk@cvs.openbsd.org 2001/03/04 12:54:04 |
2955 | [sshd.8] | |
2956 | spelling | |
54b974dc | 2957 | - millert@cvs.openbsd.org 2001/03/04 17:42:28 |
2958 | [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c | |
2959 | ssh.c sshconnect.c sshd.c] | |
2960 | log functions should not be passed strings that end in newline as they | |
2961 | get passed on to syslog() and when logging to stderr, do_log() appends | |
2962 | its own newline. | |
51c251f0 | 2963 | - deraadt@cvs.openbsd.org 2001/03/04 18:21:28 |
2964 | [sshd.8] | |
2965 | list SSH2 ciphers | |
2605addd | 2966 | - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy() |
164c80dc | 2967 | - (bal) Fix up logging since it changed. removed log-*.c |
cc3067d6 | 2968 | - (djm) Fix up LOG_AUTHPRIV for systems that have it |
70a052c7 | 2969 | - (stevesk) OpenBSD sync: |
2970 | - deraadt@cvs.openbsd.org 2001/03/05 08:37:27 | |
2971 | [ssh-keyscan.c] | |
2972 | skip inlining, why bother | |
5152d46f | 2973 | - (stevesk) sftp.c: handle __progname |
1a2936c4 | 2974 | |
40edd7ef | 2975 | 20010304 |
2976 | - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. | |
889fbcd3 | 2977 | - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and |
2978 | give Mark Roth credit for mdoc2man.pl | |
40edd7ef | 2979 | |
9817de5f | 2980 | 20010303 |
40edd7ef | 2981 | - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better. |
2982 | - (djm) Document PAM ChallengeResponseAuthentication in sshd.8 | |
2983 | - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config | |
2984 | - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace | |
68fa858a | 2985 | "--with-egd-pool" configure option with "--with-prngd-socket" and |
9bdd5929 | 2986 | "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke |
2987 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
9817de5f | 2988 | |
20cad736 | 2989 | 20010301 |
68fa858a | 2990 | - (djm) Properly add -lcrypt if needed. |
5f404be3 | 2991 | - (djm) Force standard PAM conversation function in a few more places. |
68fa858a | 2992 | Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai |
5f404be3 | 2993 | <nalin@redhat.com> |
68fa858a | 2994 | - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen |
480eb294 | 2995 | <vinschen@redhat.com> |
ad1f4a20 | 2996 | - (djm) Released 2.5.1p2 |
20cad736 | 2997 | |
cf0c5df5 | 2998 | 20010228 |
2999 | - (djm) Detect endianness in configure and use it in rijndael.c. Fixes | |
3000 | "Bad packet length" bugs. | |
68fa858a | 3001 | - (djm) Fully revert PAM session patch (again). All PAM session init is |
403f5a8e | 3002 | now done before the final fork(). |
065ef9b1 | 3003 | - (djm) EGD detection patch from Tim Rice <tim@multitalents.net> |
d9b1f19a | 3004 | - (djm) Remove /tmp from EGD socket search list |
cf0c5df5 | 3005 | |
86b416a7 | 3006 | 20010227 |
68fa858a | 3007 | - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen |
51fb577a | 3008 | <vinschen@redhat.com> |
2af09193 | 3009 | - (bal) OpenBSD Sync |
3010 | - markus@cvs.openbsd.org 2001/02/23 15:37:45 | |
3011 | [session.c] | |
3012 | handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients | |
68fa858a | 3013 | - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble |
a892c46e | 3014 | <jmknoble@jmknoble.cx> |
68fa858a | 3015 | - (djm) Fix up POSIX saved uid support. Report from Mark Miller |
f4e9a0e1 | 3016 | <markm@swoon.net> |
3017 | - (djm) Search for -lcrypt on FreeBSD too | |
c7c72446 | 3018 | - (djm) fatal() on OpenSSL version mismatch |
27cf96de | 3019 | - (djm) Move PAM init to after fork for non-Solaris derived PAMs |
d5c4c52e | 3020 | - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller |
3021 | <markm@swoon.net> | |
4bc6dd70 | 3022 | - (djm) Fix PAM fix |
4236bde4 | 3023 | - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This |
3024 | change is being made as 2.5.x configfiles are not back-compatible with | |
64e0e67e | 3025 | 2.3.x. |
3026 | - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller | |
3027 | <markm@swoon.net> | |
68fa858a | 3028 | - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice |
a29d3f1c | 3029 | <tim@multitalents.net> |
68fa858a | 3030 | - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice |
a29d3f1c | 3031 | <tim@multitalents.net> |
51fb577a | 3032 | |
4925395f | 3033 | 20010226 |
3034 | - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again. | |
68fa858a | 3035 | - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics. |
e9a13ac1 | 3036 | Based on patch from Tim Rice <tim@multitalents.net> |
4925395f | 3037 | |
1eb4ec64 | 3038 | 20010225 |
3039 | - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile | |
3040 | Patch from Adrian Ho <lexfiend@usa.net> | |
490cad94 | 3041 | - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every |
3042 | platform defines u_int64_t as being that. | |
1eb4ec64 | 3043 | |
a738c3b0 | 3044 | 20010224 |
68fa858a | 3045 | - (bal) Missed part of the UNIX sockets patch. Patch by Corinna |
a738c3b0 | 3046 | Vinschen <vinschen@redhat.com> |
3047 | - (bal) Reorder where 'strftime' is detected to resolve linking | |
3048 | issues on SCO. Patch by Tim Rice <tim@multitalents.net> | |
3049 | ||
8fd97cc4 | 3050 | 20010224 |
3051 | - (bal) pam_stack fix to correctly detect between RH7 and older RHs. | |
3052 | Patch by Pekka Savola <pekkas@netcore.fi> | |
8f0b3553 | 3053 | - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with |
3054 | some platforms. | |
3d114925 | 3055 | - (bal) Generalize lack of UNIX sockets since this also effects Cray |
3056 | not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com> | |
8fd97cc4 | 3057 | |
14a49e44 | 3058 | 20010223 |
3059 | - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell | |
3060 | <tell@telltronics.org> | |
cb291102 | 3061 | - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL |
3062 | that it was compiled against. Patch by Pekka Savola <pekkas@netcore.fi> | |
68fa858a | 3063 | - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice |
5a67331c | 3064 | <tim@multitalents.net> |
14a49e44 | 3065 | |
68fa858a | 3066 | 20010222 |
73d6d7fa | 3067 | - (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com> |
ca742b3b | 3068 | - (bal) Added mdoc2man.pl from Mark Roth <roth@feep.net> |
3069 | - (bal) Removed reference to liblogin from contrib/README. It was | |
3070 | integrated into OpenSSH a long while ago. | |
2a81eb9f | 3071 | - (stevesk) remove erroneous #ifdef sgi code. |
3072 | Michael Stone <mstone@cs.loyola.edu> | |
73d6d7fa | 3073 | |
fbf305f1 | 3074 | 20010221 |
3075 | - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform. | |
68fa858a | 3076 | - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice |
9dd3bc84 | 3077 | <tim@multitalents.net> |
1fe61b2e | 3078 | - (bal) Reverted out of 2001/02/15 patch by djm below because it |
3079 | breaks Solaris. | |
3080 | - (djm) Move PAM session setup back to before setuid to user. | |
3081 | fixes problems on Solaris-drived PAMs. | |
266140a8 | 3082 | - (stevesk) session.c: back out to where we were before: |
68fa858a | 3083 | - (djm) Move PAM session initialisation until after fork in sshd. Patch |
266140a8 | 3084 | from Nalin Dahyabhai <nalin@redhat.com> |
9dd3bc84 | 3085 | |
8b3319f4 | 3086 | 20010220 |
3087 | - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and | |
3088 | getcwd.c. | |
c2b544a5 | 3089 | - (bal) OpenBSD CVS Sync: |
3090 | - deraadt@cvs.openbsd.org 2001/02/19 23:09:05 | |
3091 | [sshd.c] | |
3092 | clarify message to make it not mention "ident" | |
8b3319f4 | 3093 | |
1729c161 | 3094 | 20010219 |
3095 | - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and | |
3096 | pty.[ch] -> sshpty.[ch] | |
d6f13fbb | 3097 | - (djm) Rework search for OpenSSL location. Skip directories which don't |
3098 | exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO | |
3099 | with its limit of 6 -L options. | |
0476625f | 3100 | - OpenBSD CVS Sync: |
3101 | - reinhard@cvs.openbsd.org 2001/02/17 08:24:40 | |
3102 | [sftp.1] | |
3103 | typo | |
3104 | - deraadt@cvs.openbsd.org 2001/02/17 16:28:58 | |
3105 | [ssh.c] | |
3106 | cleanup -V output; noted by millert | |
3107 | - deraadt@cvs.openbsd.org 2001/02/17 16:48:48 | |
3108 | [sshd.8] | |
3109 | it's the OpenSSH one | |
3110 | - markus@cvs.openbsd.org 2001/02/18 11:33:54 | |
3111 | [dispatch.c] | |
3112 | typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi | |
3113 | - markus@cvs.openbsd.org 2001/02/19 02:53:32 | |
3114 | [compat.c compat.h serverloop.c] | |
3115 | ssh-1.2.{18-22} has broken handling of ignore messages; report from | |
3116 | itojun@ | |
3117 | - markus@cvs.openbsd.org 2001/02/19 03:35:23 | |
3118 | [version.h] | |
3119 | OpenSSH_2.5.1 adds bug compat with 1.2.{18-22} | |
3120 | - deraadt@cvs.openbsd.org 2001/02/19 03:36:25 | |
3121 | [scp.c] | |
3122 | np is changed by recursion; vinschen@redhat.com | |
3123 | - Update versions in RPM spec files | |
3124 | - Release 2.5.1p1 | |
1729c161 | 3125 | |
663fd560 | 3126 | 20010218 |
68fa858a | 3127 | - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice |
3128 | <tim@multitalents.net> | |
25cd3375 | 3129 | - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by |
3130 | stevesk | |
68fa858a | 3131 | - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen |
58e7f038 | 3132 | <vinschen@redhat.com> and myself. |
32ced054 | 3133 | - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz |
3134 | Miskiewicz <misiek@pld.ORG.PL> | |
6a951840 | 3135 | - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from |
3136 | Todd C. Miller <Todd.Miller@courtesan.com> | |
68fa858a | 3137 | - (djm) Use ttyname() to determine name of tty returned by openpty() |
3138 | rather then risking overflow. Patch from Marek Michalkiewicz | |
b82f1310 | 3139 | <marekm@amelek.gda.pl> |
68fa858a | 3140 | - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in. |
bdf80b2c | 3141 | Patch from Marek Michalkiewicz <marekm@amelek.gda.pl> |
af8fda37 | 3142 | - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi> |
68fa858a | 3143 | - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for |
df538d55 | 3144 | SunOS) |
68fa858a | 3145 | - (djm) SCO needs librpc for libwrap. Patch from Tim Rice |
f61d6b17 | 3146 | <tim@multitalents.net> |
dfef7e7e | 3147 | - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling. |
36a358ca | 3148 | - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler. |
68fa858a | 3149 | - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for |
d54d99a3 | 3150 | SIGALRM. |
e1a023df | 3151 | - (djm) Move entropy.c over to mysignal() |
68fa858a | 3152 | - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has |
3153 | a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C. | |
667beaa9 | 3154 | Miller <Todd.Miller@courtesan.com> |
ecdde3d8 | 3155 | - (djm) Update RPM spec files for 2.5.0p1 |
51ee9048 | 3156 | - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie |
3157 | enable with --with-bsd-auth. | |
2adddc78 | 3158 | - (stevesk) entropy.c: typo; should be SIGPIPE |
663fd560 | 3159 | |
0b1728c5 | 3160 | 20010217 |
3161 | - (bal) OpenBSD Sync: | |
3162 | - markus@cvs.openbsd.org 2001/02/16 13:38:18 | |
68fa858a | 3163 | [channel.c] |
3164 | remove debug | |
c8b058b4 | 3165 | - markus@cvs.openbsd.org 2001/02/16 14:03:43 |
3166 | [session.c] | |
3167 | proper payload-length check for x11 w/o screen-number | |
0b1728c5 | 3168 | |
b41d8d4d | 3169 | 20010216 |
3170 | - (bal) added '--with-prce' to allow overriding of system regex when | |
3171 | required (tested by David Dulek <ddulek@fastenal.com>) | |
d6fdb079 | 3172 | - (bal) Added DG/UX case and set that they have a broken IPTOS. |
278588d8 | 3173 | - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net> |
3174 | Fixes linking on SCO. | |
68fa858a | 3175 | - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from |
0ceb21d6 | 3176 | Nalin Dahyabhai <nalin@redhat.com> |
3177 | - (djm) BSD license for gnome-ssh-askpass (was X11) | |
3178 | - (djm) KNF on gnome-ssh-askpass | |
ed6553e2 | 3179 | - (djm) USE_PIPES for a few more sysv platforms |
3180 | - (djm) Cleanup configure.in a little | |
3181 | - (djm) Ask users to check config.log when we can't find necessary libs | |
aca75d94 | 3182 | - (djm) Set "login ID" on systems with setluid. Only enabled for SCO |
3183 | OpenServer for now. Based on patch from svaughan <svaughan@asterion.com> | |
0ae4fe1d | 3184 | - (djm) OpenBSD CVS: |
3185 | - markus@cvs.openbsd.org 2001/02/15 16:19:59 | |
3186 | [channels.c channels.h serverloop.c sshconnect.c sshconnect.h] | |
3187 | [sshconnect1.c sshconnect2.c] | |
3188 | genericize password padding function for SSH1 and SSH2. | |
3189 | add stylized echo to 2, too. | |
3190 | - (djm) Add roundup() macro to defines.h | |
9535dddf | 3191 | - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD; |
3192 | needed on Unixware 2.x. | |
b41d8d4d | 3193 | |
0086bfaf | 3194 | 20010215 |
68fa858a | 3195 | - (djm) Move PAM session setup back to before setuid to user. Fixes |
0086bfaf | 3196 | problems on Solaris-derived PAMs. |
e11aab29 | 3197 | - (djm) Clean up PAM namespace. Suggested by Darren Moffat |
3198 | <Darren.Moffat@eng.sun.com> | |
9e3c31f7 | 3199 | - (bal) Sync w/ OpenSSH for new release |
3200 | - markus@cvs.openbsd.org 2001/02/12 12:45:06 | |
3201 | [sshconnect1.c] | |
3202 | fix xmalloc(0), ok dugsong@ | |
b2552997 | 3203 | - markus@cvs.openbsd.org 2001/02/11 12:59:25 |
3204 | [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c | |
3205 | sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c] | |
3206 | 1) clean up the MAC support for SSH-2 | |
3207 | 2) allow you to specify the MAC with 'ssh -m' | |
3208 | 3) or the 'MACs' keyword in ssh(d)_config | |
3209 | 4) add hmac-{md5,sha1}-96 | |
3210 | ok stevesk@, provos@ | |
15853e93 | 3211 | - markus@cvs.openbsd.org 2001/02/12 16:16:23 |
3212 | [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h | |
3213 | ssh-keygen.c sshd.8] | |
3214 | PermitRootLogin={yes,without-password,forced-commands-only,no} | |
3215 | (before this change, root could login even if PermitRootLogin==no) | |
7cc4cf0a | 3216 | - deraadt@cvs.openbsd.org 2001/02/12 22:56:09 |
fd193ca4 | 3217 | [clientloop.c packet.c ssh-keyscan.c] |
3218 | deal with EAGAIN/EINTR selects which were skipped | |
7cc4cf0a | 3219 | - markus@cvs.openssh.org 2001/02/13 22:49:40 |
3220 | [auth1.c auth2.c] | |
3221 | setproctitle(user) only if getpwnam succeeds | |
3222 | - markus@cvs.openbsd.org 2001/02/12 23:26:20 | |
3223 | [sshd.c] | |
3224 | missing memset; from solar@openwall.com | |
3225 | - stevesk@cvs.openbsd.org 2001/02/12 20:53:33 | |
3226 | [sftp-int.c] | |
3227 | lumask now works with 1 numeric arg; ok markus@, djm@ | |
3228 | - djm@cvs.openbsd.org 2001/02/14 9:46:03 | |
3229 | [sftp-client.c sftp-int.c sftp.1] | |
3230 | Fix and document 'preserve modes & times' option ('-p' flag in sftp); | |
3231 | ok markus@ | |
0b16bb01 | 3232 | - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN. |
3233 | - (djm) Move to Jim's 1.2.0 X11 askpass program | |
62da27dd | 3234 | - (stevesk) OpenBSD sync: |
3235 | - deraadt@cvs.openbsd.org 2001/02/15 01:38:04 | |
3236 | [serverloop.c] | |
3237 | indent | |
0b16bb01 | 3238 | |
1c2d0a13 | 3239 | 20010214 |
3240 | - (djm) Don't try to close PAM session or delete credentials if the | |
68fa858a | 3241 | session has not been open or credentials not set. Based on patch from |
1c2d0a13 | 3242 | Andrew Bartlett <abartlet@pcug.org.au> |
68fa858a | 3243 | - (djm) Move PAM session initialisation until after fork in sshd. Patch |
0ab1bcba | 3244 | from Nalin Dahyabhai <nalin@redhat.com> |
958e5ae4 | 3245 | - (bal) Missing function prototype in bsd-snprintf.c patch by |
3246 | Mark Miller <markm@swoon.net> | |
b7ccb051 | 3247 | - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams |
3248 | <cmadams@hiwaay.net> with a little modification and KNF. | |
815800e1 | 3249 | - (stevesk) fix for SIA patch, misplaced session_setup_sia() |
1c2d0a13 | 3250 | |
0610439b | 3251 | 20010213 |
84eb157c | 3252 | - (djm) Only test -S potential EGD sockets if they exist and are readable. |
f1312c76 | 3253 | - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and |
3254 | I did a base KNF over the whe whole file to make it more acceptable. | |
3255 | (backed out of original patch and removed it from ChangeLog) | |
01f13020 | 3256 | - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by |
3257 | Tim Rice <tim@multitalents.net> | |
8d60e965 | 3258 | - (stevesk) auth1.c: fix PAM passwordless check. |
0610439b | 3259 | |
894a4851 | 3260 | 20010212 |
68fa858a | 3261 | - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1", |
3262 | --define "skip_gnome_askpass 1", --define "rh7 1" and make the | |
3263 | implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from | |
894a4851 | 3264 | Pekka Savola <pekkas@netcore.fi> |
782d6a0d | 3265 | - (djm) Clean up PCRE text in INSTALL |
68fa858a | 3266 | - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby |
77db6c3f | 3267 | <mib@unimelb.edu.au> |
6f68f28a | 3268 | - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com> |
01a7bc9a | 3269 | - (stevesk) session.c: remove debugging code. |
894a4851 | 3270 | |
abf1f107 | 3271 | 20010211 |
3272 | - (bal) OpenBSD Sync | |
3273 | - markus@cvs.openbsd.org 2001/02/07 22:35:46 | |
3274 | [auth1.c auth2.c sshd.c] | |
3275 | move k_setpag() to a central place; ok dugsong@ | |
c845316f | 3276 | - markus@cvs.openbsd.org 2001/02/10 12:52:02 |
3277 | [auth2.c] | |
3278 | offer passwd before s/key | |
e6fa162e | 3279 | - markus@cvs.openbsd.org 2001/02/8 22:37:10 |
3280 | [canohost.c] | |
3281 | remove last call to sprintf; ok deraadt@ | |
0ab4b0f0 | 3282 | - markus@cvs.openbsd.org 2001/02/10 1:33:32 |
3283 | [canohost.c] | |
3284 | add debug message, since sshd blocks here if DNS is not available | |
7f8ea238 | 3285 | - markus@cvs.openbsd.org 2001/02/10 12:44:02 |
3286 | [cli.c] | |
3287 | don't call vis() for \r | |
5c470997 | 3288 | - danh@cvs.openbsd.org 2001/02/10 0:12:43 |
3289 | [scp.c] | |
3290 | revert a small change to allow -r option to work again; ok deraadt@ | |
3291 | - danh@cvs.openbsd.org 2001/02/10 15:14:11 | |
3292 | [scp.c] | |
3293 | fix memory leak; ok markus@ | |
a0e6fead | 3294 | - djm@cvs.openbsd.org 2001/02/10 0:45:52 |
3295 | [scp.1] | |
3296 | Mention that you can quote pathnames with spaces in them | |
b3106440 | 3297 | - markus@cvs.openbsd.org 2001/02/10 1:46:28 |
3298 | [ssh.c] | |
3299 | remove mapping of argv[0] -> hostname | |
f72e01a5 | 3300 | - markus@cvs.openbsd.org 2001/02/06 22:26:17 |
3301 | [sshconnect2.c] | |
3302 | do not ask for passphrase in batch mode; report from ejb@ql.org | |
3303 | - itojun@cvs.opebsd.org 2001/02/08 10:47:05 | |
5d1d11d1 | 3304 | [sshconnect.c sshconnect1.c sshconnect2.c] |
68fa858a | 3305 | %.30s is too short for IPv6 numeric address. use %.128s for now. |
f72e01a5 | 3306 | markus ok |
3307 | - markus@cvs.openbsd.org 2001/02/09 12:28:35 | |
3308 | [sshconnect2.c] | |
3309 | do not free twice, thanks to /etc/malloc.conf | |
3310 | - markus@cvs.openbsd.org 2001/02/09 17:10:53 | |
3311 | [sshconnect2.c] | |
3312 | partial success: debug->log; "Permission denied" if no more auth methods | |
3313 | - markus@cvs.openbsd.org 2001/02/10 12:09:21 | |
3314 | [sshconnect2.c] | |
3315 | remove some lines | |
e0b2cf6b | 3316 | - markus@cvs.openbsd.org 2001/02/09 13:38:07 |
3317 | [auth-options.c] | |
3318 | reset options if no option is given; from han.holl@prismant.nl | |
ca910e13 | 3319 | - markus@cvs.openbsd.org 2001/02/08 21:58:28 |
3320 | [channels.c] | |
3321 | nuke sprintf, ok deraadt@ | |
3322 | - markus@cvs.openbsd.org 2001/02/08 21:58:28 | |
3323 | [channels.c] | |
3324 | nuke sprintf, ok deraadt@ | |
affa8be4 | 3325 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 |
3326 | [clientloop.h] | |
3327 | remove confusing callback code | |
d2c46e77 | 3328 | - deraadt@cvs.openbsd.org 2001/02/08 14:39:36 |
3329 | [readconf.c] | |
3330 | snprintf | |
cc8aca8a | 3331 | - itojun@cvs.openbsd.org 2001/02/08 19:30:52 |
3332 | sync with netbsd tree changes. | |
3333 | - more strict prototypes, include necessary headers | |
3334 | - use paths.h/pathnames.h decls | |
3335 | - size_t typecase to int -> u_long | |
5be2ec5e | 3336 | - itojun@cvs.openbsd.org 2001/02/07 18:04:50 |
3337 | [ssh-keyscan.c] | |
3338 | fix size_t -> int cast (use u_long). markus ok | |
3339 | - markus@cvs.openbsd.org 2001/02/07 22:43:16 | |
3340 | [ssh-keyscan.c] | |
3341 | s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com | |
3342 | - itojun@cvs.openbsd.org 2001/02/09 9:04:59 | |
3343 | [ssh-keyscan.c] | |
68fa858a | 3344 | do not assume malloc() returns zero-filled region. found by |
5be2ec5e | 3345 | malloc.conf=AJ. |
f21032a6 | 3346 | - markus@cvs.openbsd.org 2001/02/08 22:35:30 |
3347 | [sshconnect.c] | |
68fa858a | 3348 | don't connect if batch_mode is true and stricthostkeychecking set to |
f21032a6 | 3349 | 'ask' |
7bbcc167 | 3350 | - djm@cvs.openbsd.org 2001/02/04 21:26:07 |
3351 | [sshd_config] | |
3352 | type: ok markus@ | |
3353 | - deraadt@cvs.openbsd.org 2001/02/06 22:07:50 | |
3354 | [sshd_config] | |
3355 | enable sftp-server by default | |
a2e6d17d | 3356 | - deraadt 2001/02/07 8:57:26 |
3357 | [xmalloc.c] | |
3358 | deal with new ANSI malloc stuff | |
3359 | - markus@cvs.openbsd.org 2001/02/07 16:46:08 | |
3360 | [xmalloc.c] | |
3361 | typo in fatal() | |
3362 | - itojun@cvs.openbsd.org 2001/02/07 18:04:50 | |
3363 | [xmalloc.c] | |
3364 | fix size_t -> int cast (use u_long). markus ok | |
4ef922e3 | 3365 | - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong |
3366 | [serverloop.c sshconnect1.c] | |
68fa858a | 3367 | mitigate SSH1 traffic analysis - from Solar Designer |
4ef922e3 | 3368 | <solar@openwall.com>, ok provos@ |
68fa858a | 3369 | - (bal) fixed sftp-client.c. Return 'status' instead of '0' |
ca910e13 | 3370 | (from the OpenBSD tree) |
6b442913 | 3371 | - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD |
27df9d4a | 3372 | - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync) |
17321afe | 3373 | - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace. |
f98d56f0 | 3374 | - (bal) A bit more whitespace cleanup |
68fa858a | 3375 | - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett |
e275684f | 3376 | <abartlet@pcug.org.au> |
b27e97b1 | 3377 | - (stevesk) misc.c: ssh.h not needed. |
38a316c0 | 3378 | - (stevesk) compat.c: more friendly cpp error |
94f38e16 | 3379 | - (stevesk) OpenBSD sync: |
3380 | - stevesk@cvs.openbsd.org 2001/02/11 06:15:57 | |
3381 | [LICENSE] | |
3382 | typos and small cleanup; ok deraadt@ | |
abf1f107 | 3383 | |
0426a3b4 | 3384 | 20010210 |
3385 | - (djm) Sync sftp and scp stuff from OpenBSD: | |
3386 | - djm@cvs.openbsd.org 2001/02/07 03:55:13 | |
3387 | [sftp-client.c] | |
3388 | Don't free handles before we are done with them. Based on work from | |
3389 | Corinna Vinschen <vinschen@redhat.com>. ok markus@ | |
3390 | - djm@cvs.openbsd.org 2001/02/06 22:32:53 | |
3391 | [sftp.1] | |
3392 | Punctuation fix from Pekka Savola <pekkas@netcore.fi> | |
3393 | - deraadt@cvs.openbsd.org 2001/02/07 04:07:29 | |
3394 | [sftp.1] | |
3395 | pretty up significantly | |
3396 | - itojun@cvs.openbsd.org 2001/02/07 06:49:42 | |
3397 | [sftp.1] | |
3398 | .Bl-.El mismatch. markus ok | |
3399 | - djm@cvs.openbsd.org 2001/02/07 06:12:30 | |
3400 | [sftp-int.c] | |
3401 | Check that target is a directory before doing ls; ok markus@ | |
3402 | - itojun@cvs.openbsd.org 2001/02/07 11:01:18 | |
3403 | [scp.c sftp-client.c sftp-server.c] | |
3404 | unsigned long long -> %llu, not %qu. markus ok | |
3405 | - stevesk@cvs.openbsd.org 2001/02/07 11:10:39 | |
3406 | [sftp.1 sftp-int.c] | |
3407 | more man page cleanup and sync of help text with man page; ok markus@ | |
3408 | - markus@cvs.openbsd.org 2001/02/07 14:58:34 | |
3409 | [sftp-client.c] | |
3410 | older servers reply with SSH2_FXP_NAME + count==0 instead of EOF | |
3411 | - djm@cvs.openbsd.org 2001/02/07 15:27:19 | |
3412 | [sftp.c] | |
3413 | Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov | |
3414 | <roumen.petrov@skalasoft.com> | |
3415 | - stevesk@cvs.openbsd.org 2001/02/07 15:36:04 | |
3416 | [sftp-int.c] | |
3417 | portable; ok markus@ | |
3418 | - stevesk@cvs.openbsd.org 2001/02/07 15:55:47 | |
3419 | [sftp-int.c] | |
3420 | lowercase cmds[].c also; ok markus@ | |
3421 | - markus@cvs.openbsd.org 2001/02/07 17:04:52 | |
3422 | [pathnames.h sftp.c] | |
3423 | allow sftp over ssh protocol 1; ok djm@ | |
3424 | - deraadt@cvs.openbsd.org 2001/02/08 07:38:55 | |
3425 | [scp.c] | |
3426 | memory leak fix, and snprintf throughout | |
3427 | - deraadt@cvs.openbsd.org 2001/02/08 08:02:02 | |
3428 | [sftp-int.c] | |
3429 | plug a memory leak | |
3430 | - stevesk@cvs.openbsd.org 2001/02/08 10:11:23 | |
3431 | [session.c sftp-client.c] | |
3432 | %i -> %d | |
3433 | - stevesk@cvs.openbsd.org 2001/02/08 10:57:59 | |
3434 | [sftp-int.c] | |
3435 | typo | |
3436 | - stevesk@cvs.openbsd.org 2001/02/08 15:28:07 | |
3437 | [sftp-int.c pathnames.h] | |
3438 | _PATH_LS; ok markus@ | |
3439 | - djm@cvs.openbsd.org 2001/02/09 04:46:25 | |
3440 | [sftp-int.c] | |
3441 | Check for NULL attribs for chown, chmod & chgrp operations, only send | |
3442 | relevant attribs back to server; ok markus@ | |
96b64eb0 | 3443 | - djm@cvs.openbsd.org 2001/02/06 15:05:25 |
3444 | [sftp.c] | |
3445 | Use getopt to process commandline arguments | |
3446 | - djm@cvs.openbsd.org 2001/02/06 15:06:21 | |
3447 | [sftp.c ] | |
3448 | Wait for ssh subprocess at exit | |
3449 | - djm@cvs.openbsd.org 2001/02/06 15:18:16 | |
3450 | [sftp-int.c] | |
3451 | stat target for remote chdir before doing chdir | |
3452 | - djm@cvs.openbsd.org 2001/02/06 15:32:54 | |
3453 | [sftp.1] | |
3454 | Punctuation fix from Pekka Savola <pekkas@netcore.fi> | |
3455 | - provos@cvs.openbsd.org 2001/02/05 22:22:02 | |
3456 | [sftp-int.c] | |
3457 | cleanup get_pathname, fix pwd after failed cd. okay djm@ | |
0426a3b4 | 3458 | - (djm) Update makefile.in for _PATH_SFTP_SERVER |
c9f5e42e | 3459 | - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree) |
0426a3b4 | 3460 | |
6d1e1d2b | 3461 | 20010209 |
68fa858a | 3462 | - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney |
6d1e1d2b | 3463 | <rjmooney@mediaone.net> |
bb0c1991 | 3464 | - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the |
68fa858a | 3465 | main tree while porting forward. Pointed out by Lutz Jaenicke |
bb0c1991 | 3466 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
f902d909 | 3467 | - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke |
3468 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
25f4c264 | 3469 | - (stevesk) OpenBSD sync: |
3470 | - markus@cvs.openbsd.org 2001/02/08 11:20:01 | |
3471 | [auth2.c] | |
3472 | strict checking | |
3473 | - markus@cvs.openbsd.org 2001/02/08 11:15:22 | |
3474 | [version.h] | |
3475 | update to 2.3.2 | |
3476 | - markus@cvs.openbsd.org 2001/02/08 11:12:30 | |
3477 | [auth2.c] | |
3478 | fix typo | |
72b3f75d | 3479 | - (djm) Update spec files |
0ed28836 | 3480 | - (bal) OpenBSD sync: |
3481 | - deraadt@cvs.openbsd.org 2001/02/08 14:38:54 | |
3482 | [scp.c] | |
3483 | memory leak fix, and snprintf throughout | |
1fc8ccdf | 3484 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 |
3485 | [clientloop.c] | |
3486 | remove confusing callback code | |
0b202697 | 3487 | - (djm) Add CVS Id's to files that we have missed |
5ca51e19 | 3488 | - (bal) OpenBSD Sync (more): |
3489 | - itojun@cvs.openbsd.org 2001/02/08 19:30:52 | |
3490 | sync with netbsd tree changes. | |
3491 | - more strict prototypes, include necessary headers | |
3492 | - use paths.h/pathnames.h decls | |
3493 | - size_t typecase to int -> u_long | |
1f3bf5aa | 3494 | - markus@cvs.openbsd.org 2001/02/06 22:07:42 |
3495 | [ssh.c] | |
3496 | fatal() if subsystem fails | |
3497 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 | |
3498 | [ssh.c] | |
3499 | remove confusing callback code | |
3500 | - jakob@cvs.openbsd.org 2001/02/06 23:03:24 | |
3501 | [ssh.c] | |
3502 | add -1 option (force protocol version 1). ok markus@ | |
3503 | - jakob@cvs.openbsd.org 2001/02/06 23:06:21 | |
3504 | [ssh.c] | |
3505 | reorder -{1,2,4,6} options. ok markus@ | |
e6aa01b4 | 3506 | - (bal) Missing 'const' in readpass.h |
9c5a8165 | 3507 | - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =) |
3508 | - djm@cvs.openbsd.org 2001/02/06 23:30:28 | |
3509 | [sftp-client.c] | |
3510 | replace arc4random with counter for request ids; ok markus@ | |
68fa858a | 3511 | - (djm) Define _PATH_TTY for systems that don't. Report from Lutz |
bc79ed5c | 3512 | Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
6d1e1d2b | 3513 | |
6a25c04c | 3514 | 20010208 |
3515 | - (djm) Don't delete external askpass program in make uninstall target. | |
3516 | Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com> | |
6958bd37 | 3517 | - (djm) Fix linking of sftp, don't need arc4random any more. |
3518 | - (djm) Try to use shell that supports "test -S" for EGD socket search. | |
3519 | Based on patch from Tim Rice <tim@multitalents.net> | |
6a25c04c | 3520 | |
547519f0 | 3521 | 20010207 |
bee0a37e | 3522 | - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs |
3523 | seem lose track of it while in openbsd-compat/ (two confirmed reports) | |
5c377b3b | 3524 | - (djm) Much KNF on PAM code |
547519f0 | 3525 | - (djm) Revise auth-pam.c conversation function to be a little more |
3526 | readable. | |
5c377b3b | 3527 | - (djm) Revise kbd-int PAM conversation function to fold all text messages |
3528 | to before first prompt. Fixes hangs if last pam_message did not require | |
3529 | a reply. | |
3530 | - (djm) Fix password changing when using PAM kbd-int authentication | |
bee0a37e | 3531 | |
547519f0 | 3532 | 20010205 |
2b87da3b | 3533 | - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms |
99286dc8 | 3534 | that don't have NGROUPS_MAX. |
57559587 | 3535 | - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> |
2b87da3b | 3536 | - (stevesk) OpenBSD sync: |
3537 | - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 | |
3538 | [many files; did this manually to our top-level source dir] | |
3539 | unexpand and remove end-of-line whitespace; ok markus@ | |
408ba72f | 3540 | - stevesk@cvs.openbsd.org 2001/02/04 15:21:19 |
3541 | [sftp-server.c] | |
3542 | SSH2_FILEXFER_ATTR_UIDGID support; ok markus@ | |
ec2a033a | 3543 | - deraadt@cvs.openbsd.org 2001/02/04 17:02:32 |
3544 | [sftp-int.c] | |
3545 | ? == help | |
3546 | - deraadt@cvs.openbsd.org 2001/02/04 16:47:46 | |
3547 | [sftp-int.c] | |
3548 | sort commands, so that abbreviations work as expected | |
3549 | - stevesk@cvs.openbsd.org 2001/02/04 15:17:52 | |
3550 | [sftp-int.c] | |
3551 | debugging sftp: precedence and missing break. chmod, chown, chgrp | |
3552 | seem to be working now. | |
3553 | - markus@cvs.openbsd.org 2001/02/04 14:41:21 | |
3554 | [sftp-int.c] | |
3555 | use base 8 for umask/chmod | |
3556 | - markus@cvs.openbsd.org 2001/02/04 11:11:54 | |
3557 | [sftp-int.c] | |
3558 | fix LCD | |
c44559d2 | 3559 | - markus@cvs.openbsd.org 2001/02/04 08:10:44 |
3560 | [ssh.1] | |
3561 | typo; dpo@club-internet.fr | |
a5930351 | 3562 | - stevesk@cvs.openbsd.org 2001/02/04 06:30:12 |
3563 | [auth2.c authfd.c packet.c] | |
3564 | remove duplicate #include's; ok markus@ | |
6a416424 | 3565 | - deraadt@cvs.openbsd.org 2001/02/04 16:56:23 |
3566 | [scp.c sshd.c] | |
3567 | alpha happiness | |
3568 | - stevesk@cvs.openbsd.org 2001/02/04 15:12:17 | |
3569 | [sshd.c] | |
3570 | precedence; ok markus@ | |
02a024dd | 3571 | - deraadt@cvs.openbsd.org 2001/02/04 08:14:15 |
6a416424 | 3572 | [ssh.c sshd.c] |
3573 | make the alpha happy | |
02a024dd | 3574 | - markus@cvs.openbsd.org 2001/01/31 13:37:24 |
3575 | [channels.c channels.h serverloop.c ssh.c] | |
68fa858a | 3576 | do not disconnect if local port forwarding fails, e.g. if port is |
547519f0 | 3577 | already in use |
02a024dd | 3578 | - markus@cvs.openbsd.org 2001/02/01 14:58:09 |
3579 | [channels.c] | |
3580 | use ipaddr in channel messages, ietf-secsh wants this | |
3581 | - markus@cvs.openbsd.org 2001/01/31 12:26:20 | |
3582 | [channels.c] | |
68fa858a | 3583 | ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE |
547519f0 | 3584 | messages; bug report from edmundo@rano.org |
a741554f | 3585 | - markus@cvs.openbsd.org 2001/01/31 13:48:09 |
3586 | [sshconnect2.c] | |
3587 | unused | |
9378f292 | 3588 | - deraadt@cvs.openbsd.org 2001/02/04 08:23:08 |
3589 | [sftp-client.c sftp-server.c] | |
3590 | make gcc on the alpha even happier | |
1fc243d1 | 3591 | |
547519f0 | 3592 | 20010204 |
781a0585 | 3593 | - (bal) I think this is the last of the bsd-*.h that don't belong. |
634e0b53 | 3594 | - (bal) Minor Makefile fix |
f0f14bea | 3595 | - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done |
61e96248 | 3596 | right. |
78987b57 | 3597 | - (bal) Changed order of LIB="" in -with-skey due to library resolving. |
166e4f2a | 3598 | - (bal) next-posix.h changed to bsd-nextstep.h |
61e96248 | 3599 | - (djm) OpenBSD CVS sync: |
3600 | - markus@cvs.openbsd.org 2001/02/03 03:08:38 | |
3601 | [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c] | |
3602 | [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8] | |
3603 | [sshd_config] | |
3604 | make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@ | |
3605 | - markus@cvs.openbsd.org 2001/02/03 03:19:51 | |
3606 | [ssh.1 sshd.8 sshd_config] | |
3607 | Skey is now called ChallengeResponse | |
3608 | - markus@cvs.openbsd.org 2001/02/03 03:43:09 | |
3609 | [sshd.8] | |
3610 | use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean | |
3611 | channel. note from Erik.Anggard@cygate.se (pr/1659) | |
3612 | - stevesk@cvs.openbsd.org 2001/02/03 10:03:06 | |
3613 | [ssh.1] | |
3614 | typos; ok markus@ | |
3615 | - djm@cvs.openbsd.org 2001/02/04 04:11:56 | |
3616 | [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h] | |
3617 | [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c] | |
3618 | Basic interactive sftp client; ok theo@ | |
3619 | - (djm) Update RPM specs for new sftp binary | |
68fa858a | 3620 | - (djm) Update several bits for new optional reverse lookup stuff. I |
61e96248 | 3621 | think I got them all. |
8b061486 | 3622 | - (djm) Makefile.in fixes |
1aa00dcb | 3623 | - (stevesk) add mysignal() wrapper and use it for the protocol 2 |
3624 | SIGCHLD handler. | |
408ba72f | 3625 | - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@ |
781a0585 | 3626 | |
547519f0 | 3627 | 20010203 |
63fe0529 | 3628 | - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com> |
bf3db92d | 3629 | - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD |
3630 | based file) to ensure #include space does not get confused. | |
f78888c7 | 3631 | - (bal) Minor Makefile.in tweak. dirname may not exist on some |
3632 | platforms so builds fail. (NeXT being a well known one) | |
63fe0529 | 3633 | |
547519f0 | 3634 | 20010202 |
61e96248 | 3635 | - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen |
c85a87f2 | 3636 | <vinschen@redhat.com> |
71301416 | 3637 | - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms |
3638 | that use 'gmake'. Patch by Tim Rice <tim@multitalents.net> | |
c85a87f2 | 3639 | |
547519f0 | 3640 | 20010201 |
ad5075bd | 3641 | - (bal) Minor fix to Makefile to stop rebuilding executables if no |
3642 | changes have occured to any of the supporting code. Patch by | |
3643 | Roumen Petrov <roumen.petrov@skalasoft.com> | |
3644 | ||
9c8dbb1b | 3645 | 20010131 |
37845585 | 3646 | - (djm) OpenBSD CVS Sync: |
3647 | - djm@cvs.openbsd.org 2001/01/30 15:48:53 | |
3648 | [sshconnect.c] | |
3649 | Make warning message a little more consistent. ok markus@ | |
8c89dd2b | 3650 | - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from |
3651 | Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com> | |
3652 | respectively. | |
c59dc6bd | 3653 | - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain |
3654 | passwords. | |
9c8dbb1b | 3655 | - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to |
3656 | openbsd-compat/. And resolve all ./configure and Makefile.in issues | |
3657 | assocated. | |
37845585 | 3658 | |
9c8dbb1b | 3659 | 20010130 |
39929cdb | 3660 | - (djm) OpenBSD CVS Sync: |
3661 | - markus@cvs.openbsd.org 2001/01/29 09:55:37 | |
3662 | [channels.c channels.h clientloop.c serverloop.c] | |
3663 | fix select overflow; ok deraadt@ and stevesk@ | |
865ac82e | 3664 | - markus@cvs.openbsd.org 2001/01/29 12:42:35 |
3665 | [canohost.c canohost.h channels.c clientloop.c] | |
3666 | add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS | |
46aa2d1f | 3667 | - markus@cvs.openbsd.org 2001/01/29 12:47:32 |
3668 | [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c] | |
3669 | handle rsa_private_decrypt failures; helps against the Bleichenbacher | |
3670 | pkcs#1 attack | |
ae810de7 | 3671 | - djm@cvs.openbsd.org 2001/01/29 05:36:11 |
3672 | [ssh.1 ssh.c] | |
3673 | Allow invocation of sybsystem by commandline (-s); ok markus@ | |
83bc57f9 | 3674 | - (stevesk) configure.in: remove duplicate PROG_LS |
39929cdb | 3675 | |
9c8dbb1b | 3676 | 20010129 |
f29ef605 | 3677 | - (stevesk) sftp-server.c: use %lld vs. %qd |
3678 | ||
cb9da0fc | 3679 | 20010128 |
3680 | - (bal) Put USE_PIPES back into sco3.2v5 | |
23c2a7a5 | 3681 | - (bal) OpenBSD Sync |
9bd5b720 | 3682 | - markus@cvs.openbsd.org 2001/01/28 10:15:34 |
3683 | [dispatch.c] | |
3684 | re-keying is not supported; ok deraadt@ | |
5fb622e4 | 3685 | - markus@cvs.openbsd.org 2001/01/28 10:24:04 |
7f5c4295 | 3686 | [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
5fb622e4 | 3687 | cleanup AUTHORS sections |
9bd5b720 | 3688 | - markus@cvs.openbsd.org 2001/01/28 10:37:26 |
ab60252b | 3689 | [sshd.c sshd.8] |
9bd5b720 | 3690 | remove -Q, no longer needed |
3691 | - stevesk@cvs.openbsd.org 2001/01/28 20:36:16 | |
a877488a | 3692 | [readconf.c ssh.1] |
9bd5b720 | 3693 | ``StrictHostKeyChecking ask'' documentation and small cleanup. |
3694 | ok markus@ | |
6f37606e | 3695 | - stevesk@cvs.openbsd.org 2001/01/28 20:43:25 |
61e96248 | 3696 | [sshd.8] |
6f37606e | 3697 | spelling. ok markus@ |
95f4ccfb | 3698 | - stevesk@cvs.openbsd.org 2001/01/28 20:53:21 |
3699 | [xmalloc.c] | |
3700 | use size_t for strlen() return. ok markus@ | |
6f37606e | 3701 | - stevesk@cvs.openbsd.org 2001/01/28 22:27:05 |
3702 | [authfile.c] | |
3703 | spelling. use sizeof vs. strlen(). ok markus@ | |
9bd5b720 | 3704 | - niklas@cvs.openbsd.org 2001/01/29 1:59:14 |
23c2a7a5 | 3705 | [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h |
3706 | groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h | |
3707 | key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h | |
3708 | radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1 | |
3709 | ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config | |
3710 | sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h] | |
3711 | $OpenBSD$ | |
b0e305c9 | 3712 | - (bal) Minor auth2.c resync. Whitespace and moving of an #include. |
cb9da0fc | 3713 | |
c9606e03 | 3714 | 20010126 |
61e96248 | 3715 | - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen |
c9606e03 | 3716 | Petrov <roumen.petrov@skalasoft.com> |
2f4b2e38 | 3717 | - (bal) OpenBSD Sync |
3718 | - deraadt@cvs.openbsd.org 2001/01/25 8:06:33 | |
3719 | [ssh-agent.c] | |
3720 | call _exit() in signal handler | |
c9606e03 | 3721 | |
d7d5f0b2 | 3722 | 20010125 |
3723 | - (djm) Sync bsd-* support files: | |
3724 | - deraadt@cvs.openbsd.org 2000/01/26 03:43:20 | |
3725 | [rresvport.c bindresvport.c] | |
61e96248 | 3726 | new bindresvport() semantics that itojun, shin, jean-luc and i have |
d7d5f0b2 | 3727 | agreed on, which will be happy for the future. bindresvport_sa() for |
3728 | sockaddr *, too. docs later.. | |
3729 | - deraadt@cvs.openbsd.org 2000/01/24 02:24:21 | |
3730 | [bindresvport.c] | |
61e96248 | 3731 | in bindresvport(), if sin is non-NULL, example sin->sin_family for |
d7d5f0b2 | 3732 | the actual family being processed |
e1dd3a7a | 3733 | - (djm) Mention PRNGd in documentation, it is nicer than EGD |
3734 | - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf | |
8080699b | 3735 | - (bal) AC_FUNC_STRFTIME added to autoconf |
4ccb01d6 | 3736 | - (bal) OpenBSD Resync |
3737 | - stevesk@cvs.openbsd.org 2001/01/24 21:03:50 | |
3738 | [channels.c] | |
3739 | missing freeaddrinfo(); ok markus@ | |
d7d5f0b2 | 3740 | |
556eb464 | 3741 | 20010124 |
3742 | - (bal) OpenBSD Resync | |
3743 | - markus@cvs.openbsd.org 2001/01/23 10:45:10 | |
3744 | [ssh.h] | |
61e96248 | 3745 | nuke comment |
1aecda34 | 3746 | - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net> |
3747 | - (bal) #ifdef around S_IFSOCK if platform does not support it. | |
3748 | patch by Tim Rice <tim@multitalents.net> | |
3749 | - (bal) fake-regex.h cleanup based on Tim Rice's patch. | |
c33f0b36 | 3750 | - (stevesk) sftp-server.c: fix chmod() mode mask |
556eb464 | 3751 | |
effa6591 | 3752 | 20010123 |
3753 | - (bal) regexp.h typo in configure.in. Should have been regex.h | |
3754 | - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@ | |
61e96248 | 3755 | - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT |
53a24016 | 3756 | - (bal) OpenBSD Resync |
3757 | - markus@cvs.openbsd.org 2001/01/22 8:15:00 | |
3758 | [auth-krb4.c sshconnect1.c] | |
3759 | only AFS needs radix.[ch] | |
3760 | - markus@cvs.openbsd.org 2001/01/22 8:32:53 | |
3761 | [auth2.c] | |
3762 | no need to include; from mouring@etoh.eviladmin.org | |
3763 | - stevesk@cvs.openbsd.org 2001/01/22 16:55:21 | |
3764 | [key.c] | |
3765 | free() -> xfree(); ok markus@ | |
3766 | - stevesk@cvs.openbsd.org 2001/01/22 17:22:28 | |
3767 | [sshconnect2.c sshd.c] | |
3768 | fix memory leaks in SSH2 key exchange; ok markus@ | |
d464095c | 3769 | - markus@cvs.openbsd.org 2001/01/22 23:06:39 |
3770 | [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h | |
3771 | sshconnect1.c sshconnect2.c sshd.c] | |
3772 | rename skey -> challenge response. | |
3773 | auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled. | |
53a24016 | 3774 | |
effa6591 | 3775 | |
42f11eb2 | 3776 | 20010122 |
3777 | - (bal) OpenBSD Resync | |
3778 | - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus | |
3779 | [servconf.c ssh.h sshd.c] | |
3780 | only auth-chall.c needs #ifdef SKEY | |
3781 | - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus | |
3782 | [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c | |
3783 | auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c | |
3784 | packet.c pathname.h readconf.c scp.c servconf.c serverloop.c | |
3785 | session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h | |
3786 | ssh1.h sshconnect1.c sshd.c ttymodes.c] | |
3787 | move ssh1 definitions to ssh1.h, pathnames to pathnames.h | |
3788 | - markus@cvs.openbsd.org 2001/01/19 16:48:14 | |
3789 | [sshd.8] | |
3790 | fix typo; from stevesk@ | |
3791 | - markus@cvs.openbsd.org 2001/01/19 16:50:58 | |
3792 | [ssh-dss.c] | |
61e96248 | 3793 | clear and free digest, make consistent with other code (use dlen); from |
42f11eb2 | 3794 | stevesk@ |
3795 | - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus | |
3796 | [auth-options.c auth-options.h auth-rsa.c auth2.c] | |
3797 | pass the filename to auth_parse_options() | |
61e96248 | 3798 | - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 |
42f11eb2 | 3799 | [readconf.c] |
3800 | fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com | |
3801 | - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 | |
3802 | [sshconnect2.c] | |
3803 | dh_new_group() does not return NULL. ok markus@ | |
3804 | - markus@cvs.openbsd.org 2001/01/20 21:33:42 | |
3805 | [ssh-add.c] | |
61e96248 | 3806 | do not loop forever if askpass does not exist; from |
42f11eb2 | 3807 | andrew@pimlott.ne.mediaone.net |
3808 | - djm@cvs.openbsd.org 2001/01/20 23:00:56 | |
3809 | [servconf.c] | |
3810 | Check for NULL return from strdelim; ok markus | |
3811 | - djm@cvs.openbsd.org 2001/01/20 23:02:07 | |
3812 | [readconf.c] | |
3813 | KNF; ok markus | |
3814 | - jakob@cvs.openbsd.org 2001/01/21 9:00:33 | |
3815 | [ssh-keygen.1] | |
3816 | remove -R flag; ok markus@ | |
3817 | - markus@cvs.openbsd.org 2001/01/21 19:05:40 | |
3818 | [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c | |
3819 | auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c | |
3820 | auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c | |
3821 | bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c | |
3822 | cipher.c cli.c clientloop.c clientloop.h compat.c compress.c | |
3823 | deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c | |
3824 | key.c key.h log-client.c log-server.c log.c log.h login.c login.h | |
3825 | match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c | |
3826 | readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h | |
3827 | session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c | |
61e96248 | 3828 | ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h |
42f11eb2 | 3829 | sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h |
3830 | ttysmodes.c uidswap.c xmalloc.c] | |
61e96248 | 3831 | split ssh.h and try to cleanup the #include mess. remove unnecessary |
42f11eb2 | 3832 | #includes. rename util.[ch] -> misc.[ch] |
3833 | - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree | |
61e96248 | 3834 | - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve |
42f11eb2 | 3835 | conflict when compiling for non-kerb install |
3836 | - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes | |
3837 | on 1/19. | |
3838 | ||
6005a40c | 3839 | 20010120 |
3840 | - (bal) OpenBSD Resync | |
3841 | - markus@cvs.openbsd.org 2001/01/19 12:45:26 | |
3842 | [ssh-chall.c servconf.c servconf.h ssh.h sshd.c] | |
3843 | only auth-chall.c needs #ifdef SKEY | |
47af6577 | 3844 | - (bal) Slight auth2-pam.c clean up. |
3845 | - (bal) Includes a fake-regexp.h to be only used if regcomp() is found, | |
3846 | but no 'regexp.h' found (SCO OpenServer 3 lacks the header). | |
6005a40c | 3847 | |
922e6493 | 3848 | 20010119 |
3849 | - (djm) Update versions in RPM specfiles | |
59c97189 | 3850 | - (bal) OpenBSD Resync |
3851 | - markus@cvs.openbsd.org 2001/01/18 16:20:21 | |
3852 | [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h | |
3853 | sshd.8 sshd.c] | |
61e96248 | 3854 | log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many |
59c97189 | 3855 | systems |
3856 | - markus@cvs.openbsd.org 2001/01/18 16:59:59 | |
3857 | [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c | |
3858 | session.h sshconnect1.c] | |
3859 | 1) removes fake skey from sshd, since this will be much | |
3860 | harder with /usr/libexec/auth/login_XXX | |
3861 | 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) | |
3862 | 3) make addition of BSD_AUTH and other challenge reponse methods | |
3863 | easier. | |
3864 | - markus@cvs.openbsd.org 2001/01/18 17:12:43 | |
3865 | [auth-chall.c auth2-chall.c] | |
3866 | rename *-skey.c *-chall.c since the files are not skey specific | |
04fc7a67 | 3867 | - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) |
3868 | to fix NULL pointer deref and fake authloop breakage in PAM code. | |
f4ebf0e8 | 3869 | - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com> |
3c418020 | 3870 | - (bal) Minor cygwin patch to auth1.c. Suggested by djm. |
61e96248 | 3871 | |
b5c334cc | 3872 | 20010118 |
3873 | - (bal) Super Sized OpenBSD Resync | |
3874 | - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus | |
3875 | [sshd.c] | |
3876 | maxfd+1 | |
3877 | - markus@cvs.openbsd.org 2001/01/13 17:59:18 | |
3878 | [ssh-keygen.1] | |
3879 | small ssh-keygen manpage cleanup; stevesk@pobox.com | |
3880 | - markus@cvs.openbsd.org 2001/01/13 18:03:07 | |
3881 | [scp.c ssh-keygen.c sshd.c] | |
3882 | getopt() returns -1 not EOF; stevesk@pobox.com | |
3883 | - markus@cvs.openbsd.org 2001/01/13 18:06:54 | |
3884 | [ssh-keyscan.c] | |
3885 | use SSH_DEFAULT_PORT; from stevesk@pobox.com | |
3886 | - markus@cvs.openbsd.org 2001/01/13 18:12:47 | |
3887 | [ssh-keyscan.c] | |
3888 | free() -> xfree(); fix memory leak; from stevesk@pobox.com | |
3889 | - markus@cvs.openbsd.org 2001/01/13 18:14:13 | |
3890 | [ssh-add.c] | |
3891 | typo, from stevesk@sweden.hp.com | |
3892 | - markus@cvs.openbsd.org 2001/01/13 18:32:50 | |
61e96248 | 3893 | [packet.c session.c ssh.c sshconnect.c sshd.c] |
b5c334cc | 3894 | split out keepalive from packet_interactive (from dale@accentre.com) |
3895 | set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too. | |
3896 | - markus@cvs.openbsd.org 2001/01/13 18:36:45 | |
3897 | [packet.c packet.h] | |
3898 | reorder, typo | |
3899 | - markus@cvs.openbsd.org 2001/01/13 18:38:00 | |
3900 | [auth-options.c] | |
3901 | fix comment | |
3902 | - markus@cvs.openbsd.org 2001/01/13 18:43:31 | |
3903 | [session.c] | |
3904 | Wall | |
61e96248 | 3905 | - markus@cvs.openbsd.org 2001/01/13 19:14:08 |
b5c334cc | 3906 | [clientloop.h clientloop.c ssh.c] |
3907 | move callback to headerfile | |
3908 | - markus@cvs.openbsd.org 2001/01/15 21:40:10 | |
3909 | [ssh.c] | |
3910 | use log() instead of stderr | |
3911 | - markus@cvs.openbsd.org 2001/01/15 21:43:51 | |
3912 | [dh.c] | |
3913 | use error() not stderr! | |
3914 | - markus@cvs.openbsd.org 2001/01/15 21:45:29 | |
3915 | [sftp-server.c] | |
3916 | rename must fail if newpath exists, debug off by default | |
3917 | - markus@cvs.openbsd.org 2001/01/15 21:46:38 | |
3918 | [sftp-server.c] | |
3919 | readable long listing for sftp-server, ok deraadt@ | |
3920 | - markus@cvs.openbsd.org 2001/01/16 19:20:06 | |
3921 | [key.c ssh-rsa.c] | |
61e96248 | 3922 | make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from |
3923 | galb@vandyke.com. note that you have to delete older ssh2-rsa keys, | |
3924 | since they are in the wrong format, too. they must be removed from | |
b5c334cc | 3925 | .ssh/authorized_keys2 and .ssh/known_hosts2, etc. |
61e96248 | 3926 | (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP |
3927 | .ssh/authorized_keys2) additionally, we now check that | |
b5c334cc | 3928 | BN_num_bits(rsa->n) >= 768. |
3929 | - markus@cvs.openbsd.org 2001/01/16 20:54:27 | |
3930 | [sftp-server.c] | |
3931 | remove some statics. simpler handles; idea from nisse@lysator.liu.se | |
3932 | - deraadt@cvs.openbsd.org 2001/01/16 23:58:08 | |
3933 | [bufaux.c radix.c sshconnect.h sshconnect1.c] | |
3934 | indent | |
3935 | - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may | |
3936 | be missing such feature. | |
3937 | ||
61e96248 | 3938 | |
52ce34a2 | 3939 | 20010117 |
3940 | - (djm) Only write random seed file at exit | |
717057b6 | 3941 | - (djm) Make PAM support optional, enable with --with-pam |
61e96248 | 3942 | - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which |
717057b6 | 3943 | provides a crypt() of its own) |
3944 | - (djm) Avoid a warning in bsd-bindresvport.c | |
3945 | - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This | |
61e96248 | 3946 | can cause weird segfaults errors on Solaris |
8694a1ce | 3947 | - (djm) Avoid warning in PAM code by making read_passphrase arguments const |
d748039d | 3948 | - (djm) Add --with-pam to RPM spec files |
52ce34a2 | 3949 | |
2fd3c144 | 3950 | 20010115 |
3951 | - (bal) sftp-server.c change to use chmod() if fchmod() does not exist. | |
89c7e31c | 3952 | - (bal) utimes() support via utime() interface on machine that lack utimes(). |
2fd3c144 | 3953 | |
63b68889 | 3954 | 20010114 |
3955 | - (stevesk) initial work for OpenBSD "support supplementary group in | |
3956 | {Allow,Deny}Groups" patch: | |
3957 | - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c) | |
3958 | - add bsd-getgrouplist.h | |
3959 | - new files groupaccess.[ch] | |
3960 | - build but don't use yet (need to merge auth.c changes) | |
c6a69271 | 3961 | - (stevesk) complete: |
3962 | - markus@cvs.openbsd.org 2001/01/13 11:56:48 | |
3963 | [auth.c sshd.8] | |
3964 | support supplementary group in {Allow,Deny}Groups | |
3965 | from stevesk@pobox.com | |
61e96248 | 3966 | |
f546c780 | 3967 | 20010112 |
3968 | - (bal) OpenBSD Sync | |
3969 | - markus@cvs.openbsd.org 2001/01/10 22:56:22 | |
3970 | [bufaux.h bufaux.c sftp-server.c sftp.h getput.h] | |
3971 | cleanup sftp-server implementation: | |
547519f0 | 3972 | add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT |
3973 | parse SSH2_FILEXFER_ATTR_EXTENDED | |
3974 | send SSH2_FX_EOF if readdir returns no more entries | |
3975 | reply to SSH2_FXP_EXTENDED message | |
3976 | use #defines from the draft | |
3977 | move #definations to sftp.h | |
f546c780 | 3978 | more info: |
61e96248 | 3979 | http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt |
f546c780 | 3980 | - markus@cvs.openbsd.org 2001/01/10 19:43:20 |
3981 | [sshd.c] | |
3982 | XXX - generate_empheral_server_key() is not safe against races, | |
61e96248 | 3983 | because it calls log() |
f546c780 | 3984 | - markus@cvs.openbsd.org 2001/01/09 21:19:50 |
3985 | [packet.c] | |
3986 | allow TCP_NDELAY for ipv6; from netbsd via itojun@ | |
3987 | ||
9548d6c8 | 3988 | 20010110 |
3989 | - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from | |
3990 | Bladt Norbert <Norbert.Bladt@adi.ch> | |
3991 | ||
af972861 | 3992 | 20010109 |
3993 | - (bal) Resync CVS ID of cli.c | |
4b80e97b | 3994 | - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE |
3995 | code. | |
eea39c02 | 3996 | - (bal) OpenBSD Sync |
3997 | - markus@cvs.openbsd.org 2001/01/08 22:29:05 | |
3998 | [auth2.c compat.c compat.h servconf.c servconf.h sshd.8 | |
3999 | sshd_config version.h] | |
4000 | implement option 'Banner /etc/issue.net' for ssh2, move version to | |
4001 | 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner | |
4002 | is enabled). | |
4003 | - markus@cvs.openbsd.org 2001/01/08 22:03:23 | |
4004 | [channels.c ssh-keyscan.c] | |
4005 | O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com | |
4006 | - markus@cvs.openbsd.org 2001/01/08 21:55:41 | |
4007 | [sshconnect1.c] | |
4008 | more cleanups and fixes from stevesk@pobox.com: | |
4009 | 1) try_agent_authentication() for loop will overwrite key just | |
4010 | allocated with key_new(); don't alloc | |
4011 | 2) call ssh_close_authentication_connection() before exit | |
4012 | try_agent_authentication() | |
4013 | 3) free mem on bad passphrase in try_rsa_authentication() | |
4014 | - markus@cvs.openbsd.org 2001/01/08 21:48:17 | |
4015 | [kex.c] | |
4016 | missing free; thanks stevesk@pobox.com | |
f1c4659d | 4017 | - (bal) Detect if clock_t structure exists, if not define it. |
4018 | - (bal) Detect if O_NONBLOCK exists, if not define it. | |
4019 | - (bal) removed news4-posix.h (now empty) | |
4020 | - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t' | |
4021 | instead of 'int' | |
adc83ebf | 4022 | - (stevesk) sshd_config: sync |
4f771a33 | 4023 | - (stevesk) defines.h: remove spurious ``;'' |
af972861 | 4024 | |
bbcf899f | 4025 | 20010108 |
4026 | - (bal) Fixed another typo in cli.c | |
4027 | - (bal) OpenBSD Sync | |
4028 | - markus@cvs.openbsd.org 2001/01/07 21:26:55 | |
4029 | [cli.c] | |
4030 | typo | |
4031 | - markus@cvs.openbsd.org 2001/01/07 21:26:55 | |
4032 | [cli.c] | |
4033 | missing free, stevesk@pobox.com | |
4034 | - markus@cvs.openbsd.org 2001/01/07 19:06:25 | |
4035 | [auth1.c] | |
4036 | missing free, stevesk@pobox.com | |
4037 | - markus@cvs.openbsd.org 2001/01/07 11:28:04 | |
4038 | [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 | |
4039 | ssh.h sshd.8 sshd.c] | |
4040 | rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE | |
4041 | syslog priority changes: | |
4042 | fatal() LOG_ERR -> LOG_CRIT | |
4043 | log() LOG_INFO -> LOG_NOTICE | |
b8c37305 | 4044 | - Updated TODO |
bbcf899f | 4045 | |
9616313f | 4046 | 20010107 |
4047 | - (bal) OpenBSD Sync | |
4048 | - markus@cvs.openbsd.org 2001/01/06 11:23:27 | |
4049 | [ssh-rsa.c] | |
4050 | remove unused | |
4051 | - itojun@cvs.openbsd.org 2001/01/05 08:23:29 | |
4052 | [ssh-keyscan.1] | |
4053 | missing .El | |
4054 | - markus@cvs.openbsd.org 2001/01/04 22:41:03 | |
4055 | [session.c sshconnect.c] | |
4056 | consistent use of _PATH_BSHELL; from stevesk@pobox.com | |
4057 | - djm@cvs.openbsd.org 2001/01/04 22:35:32 | |
4058 | [ssh.1 sshd.8] | |
4059 | Mention AES as available SSH2 Cipher; ok markus | |
4060 | - markus@cvs.openbsd.org 2001/01/04 22:25:58 | |
4061 | [sshd.c] | |
4062 | sync usage()/man with defaults; from stevesk@pobox.com | |
4063 | - markus@cvs.openbsd.org 2001/01/04 22:21:26 | |
4064 | [sshconnect2.c] | |
4065 | handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server | |
4066 | that prints a banner (e.g. /etc/issue.net) | |
61e96248 | 4067 | |
1877dc0c | 4068 | 20010105 |
4069 | - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net> | |
5a64a938 | 4070 | - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove() |
1877dc0c | 4071 | |
488c06c8 | 4072 | 20010104 |
4073 | - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on | |
4074 | work by Chris Vaughan <vaughan99@yahoo.com> | |
4075 | ||
7c49df64 | 4076 | 20010103 |
4077 | - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD | |
4078 | tree (mainly positioning) | |
4079 | - (bal) OpenSSH CVS Update | |
4080 | - markus@cvs.openbsd.org 2001/01/02 20:41:02 | |
4081 | [packet.c] | |
4082 | log remote ip on disconnect; PR 1600 from jcs@rt.fm | |
4083 | - markus@cvs.openbsd.org 2001/01/02 20:50:56 | |
4084 | [sshconnect.c] | |
61e96248 | 4085 | strict_host_key_checking for host_status != HOST_CHANGED && |
7c49df64 | 4086 | ip_status == HOST_CHANGED |
61e96248 | 4087 | - (bal) authfile.c: Synced CVS ID tag |
2c523de9 | 4088 | - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net> |
4089 | - (bal) Disable sftp-server if no 64bit int support exists. Based on | |
4090 | patch by Tim Rice <tim@multitalents.net> | |
4091 | - (bal) Makefile.in changes to uninstall: target to remove sftp-server | |
4092 | and sftp-server.8 manpage. | |
7c49df64 | 4093 | |
a421e945 | 4094 | 20010102 |
4095 | - (bal) OpenBSD CVS Update | |
4096 | - markus@cvs.openbsd.org 2001/01/01 14:52:49 | |
4097 | [scp.c] | |
4098 | use shared fatal(); from stevesk@pobox.com | |
4099 | ||
0efc80a7 | 4100 | 20001231 |
4101 | - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS. | |
4102 | for multiple reasons. | |
b1335fdf | 4103 | - (bal) Reverted out of a partial NeXT patch. |
0efc80a7 | 4104 | |
efcae5b1 | 4105 | 20001230 |
4106 | - (bal) OpenBSD CVS Update | |
4107 | - markus@cvs.openbsd.org 2000/12/28 18:58:30 | |
4108 | [ssh-keygen.c] | |
4109 | enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2} | |
b148018f | 4110 | - markus@cvs.openbsd.org 2000/12/29 22:19:13 |
4111 | [channels.c] | |
4112 | missing xfree; from vaughan99@yahoo.com | |
efcae5b1 | 4113 | - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c |
03a14cc9 | 4114 | - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination. |
34665bf7 | 4115 | Suggested by Christian Kurz <shorty@debian.org> |
cb6dabf4 | 4116 | - (bal) Add in '.c.o' section to Makefile.in to address make programs that |
61e96248 | 4117 | don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke |
cb6dabf4 | 4118 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
0dd78cd8 | 4119 | |
4120 | 20001229 | |
61e96248 | 4121 | - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian |
34665bf7 | 4122 | Kurz <shorty@debian.org> |
8abcdba4 | 4123 | - (bal) OpenBSD CVS Update |
4124 | - markus@cvs.openbsd.org 2000/12/28 14:25:51 | |
4125 | [auth.h auth2.c] | |
4126 | count authentication failures only | |
4127 | - markus@cvs.openbsd.org 2000/12/28 14:25:03 | |
4128 | [sshconnect.c] | |
4129 | fingerprint for MITM attacks, too. | |
4130 | - markus@cvs.openbsd.org 2000/12/28 12:03:57 | |
4131 | [sshd.8 sshd.c] | |
4132 | document -D | |
4133 | - markus@cvs.openbsd.org 2000/12/27 14:19:21 | |
4134 | [serverloop.c] | |
4135 | less chatty | |
4136 | - markus@cvs.openbsd.org 2000/12/27 12:34 | |
4137 | [auth1.c sshconnect2.c sshd.c] | |
4138 | typo | |
4139 | - markus@cvs.openbsd.org 2000/12/27 12:30:19 | |
4140 | [readconf.c readconf.h ssh.1 sshconnect.c] | |
4141 | new option: HostKeyAlias: allow the user to record the host key | |
4142 | under a different name. This is useful for ssh tunneling over | |
4143 | forwarded connections or if you run multiple sshd's on different | |
4144 | ports on the same machine. | |
4145 | - markus@cvs.openbsd.org 2000/12/27 11:51:53 | |
4146 | [ssh.1 ssh.c] | |
4147 | multiple -t force pty allocation, document ORIGINAL_COMMAND | |
4148 | - markus@cvs.openbsd.org 2000/12/27 11:41:31 | |
4149 | [sshd.8] | |
4150 | update for ssh-2 | |
c52c7082 | 4151 | - (stevesk) compress.[ch] sync with openbsd; missed in prototype |
4152 | fix merge. | |
0dd78cd8 | 4153 | |
8f523d67 | 4154 | 20001228 |
4155 | - (bal) Patch to add libutil.h to loginrec.c only if the platform has | |
4156 | libutil.h. Suggested by Pekka Savola <pekka@netcore.fi> | |
9fb76616 | 4157 | - (djm) Update to new x11-askpass in RPM spec |
0dd78cd8 | 4158 | - (bal) SCO patch to not include <sys/queue.h> since it's unrelated |
4159 | header. Patch by Tim Rice <tim@multitalents.net> | |
4160 | - Updated TODO w/ known HP/UX issue | |
4161 | - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the | |
4162 | bad reference to 'NeXT including it else were' on the #ifdef version. | |
8f523d67 | 4163 | |
b03bd394 | 4164 | 20001227 |
61e96248 | 4165 | - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by |
b03bd394 | 4166 | Takumi Yamane <yamtak@b-session.com> |
4167 | - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch | |
8f523d67 | 4168 | by Corinna Vinschen <vinschen@redhat.com> |
4169 | - (djm) Fix catman-do target for non-bash | |
61e96248 | 4170 | - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by |
8f523d67 | 4171 | Takumi Yamane <yamtak@b-session.com> |
4172 | - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch | |
b03bd394 | 4173 | by Corinna Vinschen <vinschen@redhat.com> |
13991f8e | 4174 | - (djm) Fix catman-do target for non-bash |
61e96248 | 4175 | - (bal) Fixed NeXT's lack of CPPFLAGS honoring. |
4176 | - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/ | |
f318b98b | 4177 | 'RLIMIT_NOFILE' |
61e96248 | 4178 | - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree, |
4179 | the info in COPYING.Ylonen has been moved to the start of each | |
3bdf55b1 | 4180 | SSH1-derived file and README.Ylonen is well out of date. |
b03bd394 | 4181 | |
8d88011e | 4182 | 20001223 |
4183 | - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects | |
4184 | if a change to config.h has occurred. Suggested by Gert Doering | |
4185 | <gert@greenie.muc.de> | |
4186 | - (bal) OpenBSD CVS Update: | |
4187 | - markus@cvs.openbsd.org 2000/12/22 16:49:40 | |
4188 | [ssh-keygen.c] | |
4189 | fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com | |
4190 | ||
1e3b8b07 | 4191 | 20001222 |
4192 | - Updated RCSID for pty.c | |
4193 | - (bal) OpenBSD CVS Updates: | |
4194 | - markus@cvs.openbsd.org 2000/12/21 15:10:16 | |
4195 | [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] | |
4196 | print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ | |
4197 | - markus@cvs.openbsd.org 2000/12/20 19:26:56 | |
4198 | [authfile.c] | |
4199 | allow ssh -i userkey for root | |
4200 | - markus@cvs.openbsd.org 2000/12/20 19:37:21 | |
4201 | [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] | |
4202 | fix prototypes; from stevesk@pobox.com | |
4203 | - markus@cvs.openbsd.org 2000/12/20 19:32:08 | |
4204 | [sshd.c] | |
4205 | init pointer to NULL; report from Jan.Ivan@cern.ch | |
4206 | - markus@cvs.openbsd.org 2000/12/19 23:17:54 | |
4207 | [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c | |
4208 | auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c | |
4209 | bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c | |
4210 | crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h | |
4211 | key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c | |
4212 | packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h | |
4213 | serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h | |
4214 | ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c | |
4215 | uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] | |
4216 | replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char | |
4217 | unsigned' with u_char. | |
4218 | ||
67b0facb | 4219 | 20001221 |
4220 | - (stevesk) OpenBSD CVS updates: | |
4221 | - markus@cvs.openbsd.org 2000/12/19 15:43:45 | |
4222 | [authfile.c channels.c sftp-server.c ssh-agent.c] | |
4223 | remove() -> unlink() for consistency | |
4224 | - markus@cvs.openbsd.org 2000/12/19 15:48:09 | |
4225 | [ssh-keyscan.c] | |
4226 | replace <ssl/x.h> with <openssl/x.h> | |
4227 | - markus@cvs.openbsd.org 2000/12/17 02:33:40 | |
4228 | [uidswap.c] | |
4229 | typo; from wsanchez@apple.com | |
61e96248 | 4230 | |
adeebd37 | 4231 | 20001220 |
61e96248 | 4232 | - (djm) Workaround PAM inconsistencies between Solaris derived PAM code |
adeebd37 | 4233 | and Linux-PAM. Based on report and fix from Andrew Morgan |
4234 | <morgan@transmeta.com> | |
4235 | ||
f072c47a | 4236 | 20001218 |
4237 | - (stevesk) rsa.c: entropy.h not needed. | |
0c2fb82f | 4238 | - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile. |
4239 | Suggested by Wilfredo Sanchez <wsanchez@apple.com> | |
f072c47a | 4240 | |
731c1541 | 4241 | 20001216 |
4242 | - (stevesk) OpenBSD CVS updates: | |
4243 | - markus@cvs.openbsd.org 2000/12/16 02:53:57 | |
4244 | [scp.c] | |
4245 | allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE | |
4246 | - markus@cvs.openbsd.org 2000/12/16 02:39:57 | |
4247 | [scp.c] | |
4248 | unused; from stevesk@pobox.com | |
4249 | ||
227e8e86 | 4250 | 20001215 |
9853409f | 4251 | - (stevesk) Old OpenBSD patch wasn't completely applied: |
4252 | - markus@cvs.openbsd.org 2000/01/24 22:11:20 | |
4253 | [scp.c] | |
4254 | allow '.' in usernames; from jedgar@fxp.org | |
227e8e86 | 4255 | - (stevesk) OpenBSD CVS updates: |
4256 | - markus@cvs.openbsd.org 2000/12/13 16:26:53 | |
4257 | [ssh-keyscan.c] | |
4258 | fatal already adds \n; from stevesk@pobox.com | |
4259 | - markus@cvs.openbsd.org 2000/12/13 16:25:44 | |
4260 | [ssh-agent.c] | |
4261 | remove redundant spaces; from stevesk@pobox.com | |
4262 | - ho@cvs.openbsd.org 2000/12/12 15:50:21 | |
4263 | [pty.c] | |
4264 | When failing to set tty owner and mode on a read-only filesystem, don't | |
4265 | abort if the tty already has correct owner and reasonably sane modes. | |
4266 | Example; permit 'root' to login to a firewall with read-only root fs. | |
4267 | (markus@ ok) | |
4268 | - deraadt@cvs.openbsd.org 2000/12/13 06:36:05 | |
4269 | [pty.c] | |
4270 | KNF | |
6ffc9c88 | 4271 | - markus@cvs.openbsd.org 2000/12/12 14:45:21 |
4272 | [sshd.c] | |
4273 | source port < 1024 is no longer required for rhosts-rsa since it | |
4274 | adds no additional security. | |
4275 | - markus@cvs.openbsd.org 2000/12/12 16:11:49 | |
4276 | [ssh.1 ssh.c] | |
4277 | rhosts-rsa is no longer automagically disabled if ssh is not privileged. | |
4278 | UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers. | |
4279 | these changes should not change the visible default behaviour of the ssh client. | |
71c0d06a | 4280 | - deraadt@cvs.openbsd.org 2000/12/11 10:27:33 |
4281 | [scp.c] | |
4282 | when copying 0-sized files, do not re-print ETA time at completion | |
3e1caa83 | 4283 | - provos@cvs.openbsd.org 2000/12/15 10:30:15 |
4284 | [kex.c kex.h sshconnect2.c sshd.c] | |
4285 | compute diffie-hellman in parallel between server and client. okay markus@ | |
227e8e86 | 4286 | |
6c935fbd | 4287 | 20001213 |
4288 | - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report | |
4289 | from Andreas M. Kirchwitz <amk@krell.zikzak.de> | |
227e8e86 | 4290 | - (stevesk) OpenBSD CVS update: |
1fe6a48f | 4291 | - markus@cvs.openbsd.org 2000/12/12 15:30:02 |
4292 | [ssh-keyscan.c ssh.c sshd.c] | |
61e96248 | 4293 | consistently use __progname; from stevesk@pobox.com |
6c935fbd | 4294 | |
367d1840 | 4295 | 20001211 |
4296 | - (bal) Applied patch to include ssh-keyscan into Redhat's package, and | |
4297 | patch to install ssh-keyscan manpage. Patch by Pekka Savola | |
4298 | <pekka@netcore.fi> | |
e3a70753 | 4299 | - (bal) OpenbSD CVS update |
4300 | - markus@cvs.openbsd.org 2000/12/10 17:01:53 | |
4301 | [sshconnect1.c] | |
4302 | always request new challenge for skey/tis-auth, fixes interop with | |
4303 | other implementations; report from roth@feep.net | |
367d1840 | 4304 | |
6b523bae | 4305 | 20001210 |
4306 | - (bal) OpenBSD CVS updates | |
61e96248 | 4307 | - markus@cvs.openbsd.org 2000/12/09 13:41:51 |
6b523bae | 4308 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] |
4309 | undo rijndael changes | |
61e96248 | 4310 | - markus@cvs.openbsd.org 2000/12/09 13:48:31 |
6b523bae | 4311 | [rijndael.c] |
4312 | fix byte order bug w/o introducing new implementation | |
61e96248 | 4313 | - markus@cvs.openbsd.org 2000/12/09 14:08:27 |
6b523bae | 4314 | [sftp-server.c] |
4315 | "" -> "." for realpath; from vinschen@redhat.com | |
61e96248 | 4316 | - markus@cvs.openbsd.org 2000/12/09 14:06:54 |
6b523bae | 4317 | [ssh-agent.c] |
4318 | extern int optind; from stevesk@sweden.hp.com | |
13af0aa2 | 4319 | - provos@cvs.openbsd.org 2000/12/09 23:51:11 |
4320 | [compat.c] | |
4321 | remove unnecessary '\n' | |
6b523bae | 4322 | |
ce9c0b75 | 4323 | 20001209 |
6b523bae | 4324 | - (bal) OpenBSD CVS updates: |
61e96248 | 4325 | - djm@cvs.openbsd.org 2000/12/07 4:24:59 |
ce9c0b75 | 4326 | [ssh.1] |
4327 | Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo | |
4328 | ||
f72fc97f | 4329 | 20001207 |
6b523bae | 4330 | - (bal) OpenBSD CVS updates: |
61e96248 | 4331 | - markus@cvs.openbsd.org 2000/12/06 22:58:14 |
f72fc97f | 4332 | [compat.c compat.h packet.c] |
4333 | disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0 | |
dfe89252 | 4334 | - markus@cvs.openbsd.org 2000/12/06 23:10:39 |
4335 | [rijndael.c] | |
4336 | unexpand(1) | |
61e96248 | 4337 | - markus@cvs.openbsd.org 2000/12/06 23:05:43 |
dfe89252 | 4338 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] |
4339 | new rijndael implementation. fixes endian bugs | |
f72fc97f | 4340 | |
97fb6912 | 4341 | 20001206 |
6b523bae | 4342 | - (bal) OpenBSD CVS updates: |
97fb6912 | 4343 | - markus@cvs.openbsd.org 2000/12/05 20:34:09 |
4344 | [channels.c channels.h clientloop.c serverloop.c] | |
4345 | async connects for -R/-L; ok deraadt@ | |
4346 | - todd@cvs.openssh.org 2000/12/05 16:47:28 | |
4347 | [sshd.c] | |
4348 | tweak comment to reflect real location of pid file; ok provos@ | |
bf5f69f7 | 4349 | - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't |
4350 | have it (used in ssh-keyscan). | |
227e8e86 | 4351 | - (stevesk) OpenBSD CVS update: |
f20255cb | 4352 | - markus@cvs.openbsd.org 2000/12/06 19:57:48 |
4353 | [ssh-keyscan.c] | |
4354 | err(3) -> internal error(), from stevesk@sweden.hp.com | |
97fb6912 | 4355 | |
f6fdbddf | 4356 | 20001205 |
6b523bae | 4357 | - (bal) OpenBSD CVS updates: |
f6fdbddf | 4358 | - markus@cvs.openbsd.org 2000/12/04 19:24:02 |
4359 | [ssh-keyscan.c ssh-keyscan.1] | |
4360 | David Maziere's ssh-keyscan, ok niels@ | |
4361 | - (bal) Updated Makefile.in to include ssh-keyscan that was just added | |
4362 | to the recent OpenBSD source tree. | |
835d2104 | 4363 | - (stevesk) fix typos in contrib/hpux/README |
f6fdbddf | 4364 | |
cbc5abf9 | 4365 | 20001204 |
4366 | - (bal) More C functions defined in NeXT that are unaccessable without | |
61e96248 | 4367 | defining -POSIX. |
4368 | - (bal) OpenBSD CVS updates: | |
4369 | - markus@cvs.openbsd.org 2000/12/03 11:29:04 | |
cbc5abf9 | 4370 | [compat.c] |
4371 | remove fallback to SSH_BUG_HMAC now that the drafts are updated | |
4372 | - markus@cvs.openbsd.org 2000/12/03 11:27:55 | |
4373 | [compat.c] | |
61e96248 | 4374 | correctly match "2.1.0.pl2 SSH" etc; from |
97fb6912 | 4375 | pekkas@netcore.fi/bugzilla.redhat |
cbc5abf9 | 4376 | - markus@cvs.openbsd.org 2000/12/03 11:15:03 |
4377 | [auth2.c compat.c compat.h sshconnect2.c] | |
4378 | support f-secure/ssh.com 2.0.12; ok niels@ | |
4379 | ||
0b6fbf03 | 4380 | 20001203 |
cbc5abf9 | 4381 | - (bal) OpenBSD CVS updates: |
0b6fbf03 | 4382 | - markus@cvs.openbsd.org 2000/11/30 22:54:31 |
4383 | [channels.c] | |
61e96248 | 4384 | debug->warn if tried to do -R style fwd w/o client requesting this; |
0b6fbf03 | 4385 | ok neils@ |
4386 | - markus@cvs.openbsd.org 2000/11/29 20:39:17 | |
4387 | [cipher.c] | |
4388 | des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV | |
4389 | - markus@cvs.openbsd.org 2000/11/30 18:33:05 | |
4390 | [ssh-agent.c] | |
4391 | agents must not dump core, ok niels@ | |
61e96248 | 4392 | - markus@cvs.openbsd.org 2000/11/30 07:04:02 |
0b6fbf03 | 4393 | [ssh.1] |
4394 | T is for both protocols | |
4395 | - markus@cvs.openbsd.org 2000/12/01 00:00:51 | |
4396 | [ssh.1] | |
4397 | typo; from green@FreeBSD.org | |
4398 | - markus@cvs.openbsd.org 2000/11/30 07:02:35 | |
4399 | [ssh.c] | |
4400 | check -T before isatty() | |
4401 | - provos@cvs.openbsd.org 2000/11/29 13:51:27 | |
4402 | [sshconnect.c] | |
61e96248 | 4403 | show IP address and hostname when new key is encountered. okay markus@ |
0b6fbf03 | 4404 | - markus@cvs.openbsd.org 2000/11/30 22:53:35 |
4405 | [sshconnect.c] | |
4406 | disable agent/x11/port fwding if hostkey has changed; ok niels@ | |
4407 | - marksu@cvs.openbsd.org 2000/11/29 21:11:59 | |
4408 | [sshd.c] | |
4409 | sshd -D, startup w/o deamon(), for monitoring scripts or inittab; | |
4410 | from handler@sub-rosa.com and eric@urbanrange.com; ok niels@ | |
8c9fe09e | 4411 | - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable |
4412 | PAM authentication using KbdInteractive. | |
4413 | - (djm) Added another TODO | |
0b6fbf03 | 4414 | |
90f4078a | 4415 | 20001202 |
4416 | - (bal) Backed out of part of Alain St-Denis' loginrec.c patch. | |
61e96248 | 4417 | - (bal) Irix need some sort of mansubdir, patch by Michael Stone |
90f4078a | 4418 | <mstone@cs.loyola.edu> |
4419 | ||
dcef6523 | 4420 | 20001129 |
7062c40f | 4421 | - (djm) Back out all the serverloop.c hacks. sshd will now hang again |
4422 | if there are background children with open fds. | |
c193d002 | 4423 | - (djm) bsd-rresvport.c bzero -> memset |
61e96248 | 4424 | - (djm) Don't fail in defines.h on absence of 64 bit types (we will |
c193d002 | 4425 | still fail during compilation of sftp-server). |
4426 | - (djm) Fail if ar is not found during configure | |
c523303b | 4427 | - (djm) OpenBSD CVS updates: |
4428 | - provos@cvs.openbsd.org 2000/11/22 08:38:31 | |
4429 | [sshd.8] | |
4430 | talk about /etc/primes, okay markus@ | |
4431 | - markus@cvs.openbsd.org 2000/11/23 14:03:48 | |
4432 | [ssh.c sshconnect1.c sshconnect2.c] | |
4433 | complain about invalid ciphers for ssh1/ssh2, fall back to reasonable | |
4434 | defaults | |
4435 | - markus@cvs.openbsd.org 2000/11/25 09:42:53 | |
4436 | [sshconnect1.c] | |
4437 | reorder check for illegal ciphers, bugreport from espie@ | |
4438 | - markus@cvs.openbsd.org 2000/11/25 10:19:34 | |
4439 | [ssh-keygen.c ssh.h] | |
4440 | print keytype when generating a key. | |
4441 | reasonable defaults for RSA1/RSA/DSA keys. | |
b3ec54b4 | 4442 | - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few |
4443 | more manpage paths in fixpaths calls | |
4444 | - (djm) Also add xauth path at Pekka's suggestion. | |
57ce3f00 | 4445 | - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility |
dcef6523 | 4446 | |
e879a080 | 4447 | 20001125 |
4448 | - (djm) Give up privs when reading seed file | |
4449 | ||
d343d900 | 4450 | 20001123 |
4451 | - (bal) Merge OpenBSD changes: | |
4452 | - markus@cvs.openbsd.org 2000/11/15 22:31:36 | |
4453 | [auth-options.c] | |
61e96248 | 4454 | case insensitive key options; from stevesk@sweeden.hp.com |
d343d900 | 4455 | - markus@cvs.openbsd.org 2000/11/16 17:55:43 |
4456 | [dh.c] | |
4457 | do not use perror() in sshd, after child is forked() | |
4458 | - markus@cvs.openbsd.org 2000/11/14 23:42:40 | |
4459 | [auth-rsa.c] | |
4460 | parse option only if key matches; fix some confusing seen by the client | |
4461 | - markus@cvs.openbsd.org 2000/11/14 23:44:19 | |
4462 | [session.c] | |
4463 | check no_agent_forward_flag for ssh-2, too | |
4464 | - markus@cvs.openbsd.org 2000/11/15 | |
4465 | [ssh-agent.1] | |
4466 | reorder SYNOPSIS; typo, use .It | |
4467 | - markus@cvs.openbsd.org 2000/11/14 23:48:55 | |
4468 | [ssh-agent.c] | |
4469 | do not reorder keys if a key is removed | |
4470 | - markus@cvs.openbsd.org 2000/11/15 19:58:08 | |
4471 | [ssh.c] | |
61e96248 | 4472 | just ignore non existing user keys |
d343d900 | 4473 | - millert@cvs.openbsd.org 200/11/15 20:24:43 |
4474 | [ssh-keygen.c] | |
4475 | Add missing \n at end of error message. | |
4476 | ||
0b49a754 | 4477 | 20001122 |
4478 | - (bal) Minor patch to ensure platforms lacking IRIX job limit supports | |
4479 | are compilable. | |
4480 | - (bal) Updated TODO as of 11/18/2000 with known things to resolve. | |
4481 | ||
fab2e5d3 | 4482 | 20001117 |
4483 | - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It | |
4484 | has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com> | |
61e96248 | 4485 | - (stevesk) Reworked progname support. |
260d427b | 4486 | - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by |
4487 | Shinichi Maruyama <marya@st.jip.co.jp> | |
fab2e5d3 | 4488 | |
c2207f11 | 4489 | 20001116 |
4490 | - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO | |
4491 | releases. | |
4492 | - (bal) Make builds work outside of source tree. Patch by Mark D. Roth | |
4493 | <roth@feep.net> | |
4494 | ||
3d398e04 | 4495 | 20001113 |
61e96248 | 4496 | - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to |
3d398e04 | 4497 | contrib/README |
fa08c86b | 4498 | - (djm) Merge OpenBSD changes: |
4499 | - markus@cvs.openbsd.org 2000/11/06 16:04:56 | |
4500 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
4501 | [session.c ssh.c] | |
4502 | agent forwarding and -R for ssh2, based on work from | |
4503 | jhuuskon@messi.uku.fi | |
4504 | - markus@cvs.openbsd.org 2000/11/06 16:13:27 | |
4505 | [ssh.c sshconnect.c sshd.c] | |
4506 | do not disabled rhosts(rsa) if server port > 1024; from | |
4507 | pekkas@netcore.fi | |
4508 | - markus@cvs.openbsd.org 2000/11/06 16:16:35 | |
4509 | [sshconnect.c] | |
4510 | downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net | |
4511 | - markus@cvs.openbsd.org 2000/11/09 18:04:40 | |
4512 | [auth1.c] | |
4513 | typo; from mouring@pconline.com | |
4514 | - markus@cvs.openbsd.org 2000/11/12 12:03:28 | |
4515 | [ssh-agent.c] | |
4516 | off-by-one when removing a key from the agent | |
4517 | - markus@cvs.openbsd.org 2000/11/12 12:50:39 | |
4518 | [auth-rh-rsa.c auth2.c authfd.c authfd.h] | |
4519 | [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] | |
4520 | [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] | |
4521 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] | |
4522 | [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] | |
61e96248 | 4523 | [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] |
fa08c86b | 4524 | add support for RSA to SSH2. please test. |
4525 | there are now 3 types of keys: RSA1 is used by ssh-1 only, | |
4526 | RSA and DSA are used by SSH2. | |
4527 | you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA | |
4528 | keys for SSH2 and use the RSA keys for hostkeys or for user keys. | |
4529 | SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. | |
4530 | - (djm) Fix up Makefile and Redhat init script to create RSA host keys | |
f001465f | 4531 | - (djm) Change to interim version |
5733a41a | 4532 | - (djm) Fix RPM spec file stupidity |
6fff1ac4 | 4533 | - (djm) fixpaths to DSA and RSA keys too |
3d398e04 | 4534 | |
d287c664 | 4535 | 20001112 |
4536 | - (bal) SCO Patch to add needed libraries for configure.in. Patch by | |
4537 | Phillips Porch <root@theporch.com> | |
3d398e04 | 4538 | - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker |
4539 | <dcp@sgi.com> | |
a3bf38d0 | 4540 | - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to |
4541 | failed ioctl(TIOCSCTTY) call. | |
d287c664 | 4542 | |
3c4d4fef | 4543 | 20001111 |
4544 | - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and | |
4545 | packaging files | |
35325fd4 | 4546 | - (djm) Fix new Makefile.in warnings |
61e96248 | 4547 | - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are |
4548 | promoted to type int. Report and fix from Dan Astoorian | |
027bf205 | 4549 | <djast@cs.toronto.edu> |
61e96248 | 4550 | - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get |
e3291159 | 4551 | it wrong. Report from Bennett Todd <bet@rahul.net> |
3c4d4fef | 4552 | |
3e366738 | 4553 | 20001110 |
4554 | - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c | |
4555 | - (bal) Changed from --with-skey to --with-skey=PATH in configure.in | |
4556 | - (bal) Added in check to verify S/Key library is being detected in | |
4557 | configure.in | |
61e96248 | 4558 | - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif. |
3e366738 | 4559 | Patch by Mark Miller <markm@swoon.net> |
4560 | - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined | |
61e96248 | 4561 | to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net> |
3e366738 | 4562 | - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs |
4563 | ||
373998a4 | 4564 | 20001107 |
e506ee73 | 4565 | - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by |
4566 | Mark Miller <markm@swoon.net> | |
373998a4 | 4567 | - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by |
4568 | Jarno Huuskonen <jhuuskon@messi.uku.fi> | |
e506ee73 | 4569 | - (bal) fixpaths fixed to stop it from quitely failing. Patch by |
4570 | Mark D. Roth <roth@feep.net> | |
373998a4 | 4571 | |
ac89998a | 4572 | 20001106 |
4573 | - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs | |
6c09e23c | 4574 | - (djm) Manually fix up missed diff hunks (mainly RCS idents) |
61e96248 | 4575 | - (djm) Remove UPGRADING document in favour of a link to the better |
d6846e6a | 4576 | maintained FAQ on www.openssh.com |
73bd30fe | 4577 | - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola |
4578 | <pekkas@netcore.fi> | |
4579 | - (djm) Don't need X11-askpass in RPM spec file if building without it | |
4580 | from Pekka Savola <pekkas@netcore.fi> | |
c215ba3b | 4581 | - (djm) Release 2.3.0p1 |
97b378bf | 4582 | - (bal) typo in configure.in in regards to --with-ldflags from Marko |
4583 | Asplund <aspa@kronodoc.fi> | |
4584 | - (bal) fixed next-posix.h. Forgot prototype of getppid(). | |
68f189a9 | 4585 | |
b850ecd9 | 4586 | 20001105 |
4587 | - (bal) Sync with OpenBSD: | |
4588 | - markus@cvs.openbsd.org 2000/10/31 9:31:58 | |
4589 | [compat.c] | |
4590 | handle all old openssh versions | |
4591 | - markus@cvs.openbsd.org 2000/10/31 13:1853 | |
4592 | [deattack.c] | |
4593 | so that large packets do not wrap "n"; from netbsd | |
4594 | - (bal) rijndel.c - fix up RCSID to match OpenBSD tree | |
a30ce26d | 4595 | - (bal) auth2-skey.c - Checked in. Missing from portable tree. |
4596 | - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and | |
4597 | setsid() into more common files | |
96054e6f | 4598 | - (stevesk) pty.c: use __hpux to identify HP-UX. |
d0127657 | 4599 | - (bal) Missed auth-skey.o in Makefile.in and minor correction to |
4600 | bsd-waitpid.c | |
b850ecd9 | 4601 | |
75b90ced | 4602 | 20001029 |
4603 | - (stevesk) Fix typo in auth.c: USE_PAM not PAM | |
95273555 | 4604 | - (stevesk) Create contrib/cygwin/ directory; patch from |
4605 | Corinna Vinschen <vinschen@redhat.com> | |
e9e4a1c7 | 4606 | - (bal) Resolved more $xno and $xyes issues in configure.in |
fd5f0295 | 4607 | - (bal) next-posix.h - spelling and forgot a prototype |
75b90ced | 4608 | |
344f2b94 | 4609 | 20001028 |
61e96248 | 4610 | - (djm) fix select hack in serverloop.c from Philippe WILLEM |
344f2b94 | 4611 | <Philippe.WILLEM@urssaf.fr> |
240ae474 | 4612 | - (djm) Fix mangled AIXAUTHENTICATE code |
61e96248 | 4613 | - (djm) authctxt->pw may be NULL. Fix from Markus Friedl |
606ea390 | 4614 | <markus.friedl@informatik.uni-erlangen.de> |
a22aff1f | 4615 | - (djm) Sync with OpenBSD: |
4616 | - markus@cvs.openbsd.org 2000/10/16 15:46:32 | |
4617 | [ssh.1] | |
4618 | fixes from pekkas@netcore.fi | |
4619 | - markus@cvs.openbsd.org 2000/10/17 14:28:11 | |
4620 | [atomicio.c] | |
4621 | return number of characters processed; ok deraadt@ | |
4622 | - markus@cvs.openbsd.org 2000/10/18 12:04:02 | |
4623 | [atomicio.c] | |
4624 | undo | |
4625 | - markus@cvs.openbsd.org 2000/10/18 12:23:02 | |
4626 | [scp.c] | |
4627 | replace atomicio(read,...) with read(); ok deraadt@ | |
4628 | - markus@cvs.openbsd.org 2000/10/18 12:42:00 | |
4629 | [session.c] | |
4630 | restore old record login behaviour | |
4631 | - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 | |
4632 | [auth-skey.c] | |
4633 | fmt string problem in unused code | |
4634 | - provos@cvs.openbsd.org 2000/10/19 10:45:16 | |
4635 | [sshconnect2.c] | |
4636 | don't reference freed memory. okay deraadt@ | |
4637 | - markus@cvs.openbsd.org 2000/10/21 11:04:23 | |
4638 | [canohost.c] | |
4639 | typo, eramore@era-t.ericsson.se; ok niels@ | |
4640 | - markus@cvs.openbsd.org 2000/10/23 13:31:55 | |
4641 | [cipher.c] | |
4642 | non-alignment dependent swap_bytes(); from | |
4643 | simonb@wasabisystems.com/netbsd | |
4644 | - markus@cvs.openbsd.org 2000/10/26 12:38:28 | |
4645 | [compat.c] | |
4646 | add older vandyke products | |
4647 | - markus@cvs.openbsd.org 2000/10/27 01:32:19 | |
4648 | [channels.c channels.h clientloop.c serverloop.c session.c] | |
4649 | [ssh.c util.c] | |
61e96248 | 4650 | enable non-blocking IO on channels, and tty's (except for the |
a22aff1f | 4651 | client ttys). |
344f2b94 | 4652 | |
ddc49b5c | 4653 | 20001027 |
4654 | - (djm) Increase REKEY_BYTES to 2^24 for arc4random | |
4655 | ||
48e7916f | 4656 | 20001025 |
4657 | - (djm) Added WARNING.RNG file and modified configure to ask users of the | |
4658 | builtin entropy code to read it. | |
4659 | - (djm) Prefer builtin regex to PCRE. | |
00937921 | 4660 | - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. |
4661 | - (bal) Apply fixes to configure.in pointed out by Pavel Roskin | |
4662 | <proski@gnu.org> | |
48e7916f | 4663 | |
8dcda1e3 | 4664 | 20001020 |
4665 | - (djm) Don't define _REENTRANT for SNI/Reliant Unix | |
07bee9a7 | 4666 | - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation |
4667 | is more correct then current version. | |
8dcda1e3 | 4668 | |
f5af5cd5 | 4669 | 20001018 |
4670 | - (stevesk) Add initial support for setproctitle(). Current | |
4671 | support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. | |
134fd7f6 | 4672 | - (stevesk) Add egd startup scripts to contrib/hpux/ |
f5af5cd5 | 4673 | |
2f31bdd6 | 4674 | 20001017 |
4675 | - (djm) Add -lregex to cywin libs from Corinna Vinschen | |
4676 | <vinschen@cygnus.com> | |
ba7a3f40 | 4677 | - (djm) Don't rely on atomicio's retval to determine length of askpass |
4678 | supplied passphrase. Problem report from Lutz Jaenicke | |
4679 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
66d6c27e | 4680 | - (bal) Changed from GNU rx to PCRE on suggestion from djm. |
61e96248 | 4681 | - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki |
66d6c27e | 4682 | <nakaji@tutrp.tut.ac.jp> |
2f31bdd6 | 4683 | |
33de75a3 | 4684 | 20001016 |
4685 | - (djm) Sync with OpenBSD: | |
4686 | - markus@cvs.openbsd.org 2000/10/14 04:01:15 | |
4687 | [cipher.c] | |
4688 | debug3 | |
4689 | - markus@cvs.openbsd.org 2000/10/14 04:07:23 | |
4690 | [scp.c] | |
4691 | remove spaces from arguments; from djm@mindrot.org | |
4692 | - markus@cvs.openbsd.org 2000/10/14 06:09:46 | |
4693 | [ssh.1] | |
4694 | Cipher is for SSH-1 only | |
4695 | - markus@cvs.openbsd.org 2000/10/14 06:12:09 | |
4696 | [servconf.c servconf.h serverloop.c session.c sshd.8] | |
4697 | AllowTcpForwarding; from naddy@ | |
4698 | - markus@cvs.openbsd.org 2000/10/14 06:16:56 | |
4699 | [auth2.c compat.c compat.h sshconnect2.c version.h] | |
61e96248 | 4700 | OpenSSH_2.3; note that is is not complete, but the version number |
33de75a3 | 4701 | needs to be changed for interoperability reasons |
4702 | - markus@cvs.openbsd.org 2000/10/14 06:19:45 | |
4703 | [auth-rsa.c] | |
4704 | do not send RSA challenge if key is not allowed by key-options; from | |
4705 | eivind@ThinkSec.com | |
4706 | - markus@cvs.openbsd.org 2000/10/15 08:14:01 | |
4707 | [rijndael.c session.c] | |
4708 | typos; from stevesk@sweden.hp.com | |
4709 | - markus@cvs.openbsd.org 2000/10/15 08:18:31 | |
4710 | [rijndael.c] | |
4711 | typo | |
61e96248 | 4712 | - (djm) Copy manpages back over from OpenBSD - too tedious to wade |
30d8b039 | 4713 | through diffs |
61e96248 | 4714 | - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola |
30d8b039 | 4715 | <pekkas@netcore.fi> |
aa0289fe | 4716 | - (djm) Update version in Redhat spec file |
61e96248 | 4717 | - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the |
aa0289fe | 4718 | Redhat 7.0 spec file |
5b2d4b75 | 4719 | - (djm) Make inability to read/write PRNG seedfile non-fatal |
4720 | ||
33de75a3 | 4721 | |
4d670c24 | 4722 | 20001015 |
4723 | - (djm) Fix ssh2 hang on background processes at logout. | |
4724 | ||
71dfaf1c | 4725 | 20001014 |
443172c4 | 4726 | - (bal) Add support for realpath and getcwd for platforms with broken |
4727 | or missing realpath implementations for sftp-server. | |
4728 | - (bal) Corrected mistake in INSTALL in regards to GNU rx library | |
61e96248 | 4729 | - (bal) Add support for GNU rx library for those lacking regexp support |
71dfaf1c | 4730 | - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth |
02323c45 | 4731 | - (djm) Revert SSH2 serverloop hack, will find a better way. |
4ee81249 | 4732 | - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch |
4733 | from Martin Johansson <fatbob@acc.umu.se> | |
94ec8c6b | 4734 | - (djm) Big OpenBSD sync: |
4735 | - markus@cvs.openbsd.org 2000/09/30 10:27:44 | |
4736 | [log.c] | |
4737 | allow loglevel debug | |
4738 | - markus@cvs.openbsd.org 2000/10/03 11:59:57 | |
4739 | [packet.c] | |
4740 | hmac->mac | |
4741 | - markus@cvs.openbsd.org 2000/10/03 12:03:03 | |
4742 | [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] | |
4743 | move fake-auth from auth1.c to individual auth methods, disables s/key in | |
4744 | debug-msg | |
4745 | - markus@cvs.openbsd.org 2000/10/03 12:16:48 | |
4746 | ssh.c | |
4747 | do not resolve canonname, i have no idea why this was added oin ossh | |
4748 | - markus@cvs.openbsd.org 2000/10/09 15:30:44 | |
4749 | ssh-keygen.1 ssh-keygen.c | |
4750 | -X now reads private ssh.com DSA keys, too. | |
4751 | - markus@cvs.openbsd.org 2000/10/09 15:32:34 | |
4752 | auth-options.c | |
4753 | clear options on every call. | |
4754 | - markus@cvs.openbsd.org 2000/10/09 15:51:00 | |
4755 | authfd.c authfd.h | |
4756 | interop with ssh-agent2, from <res@shore.net> | |
4757 | - markus@cvs.openbsd.org 2000/10/10 14:20:45 | |
4758 | compat.c | |
4759 | use rexexp for version string matching | |
4760 | - provos@cvs.openbsd.org 2000/10/10 22:02:18 | |
4761 | [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] | |
4762 | First rough implementation of the diffie-hellman group exchange. The | |
4763 | client can ask the server for bigger groups to perform the diffie-hellman | |
4764 | in, thus increasing the attack complexity when using ciphers with longer | |
4765 | keys. University of Windsor provided network, T the company. | |
4766 | - markus@cvs.openbsd.org 2000/10/11 13:59:52 | |
4767 | [auth-rsa.c auth2.c] | |
4768 | clear auth options unless auth sucessfull | |
4769 | - markus@cvs.openbsd.org 2000/10/11 14:00:27 | |
4770 | [auth-options.h] | |
4771 | clear auth options unless auth sucessfull | |
4772 | - markus@cvs.openbsd.org 2000/10/11 14:03:27 | |
4773 | [scp.1 scp.c] | |
4774 | support 'scp -o' with help from mouring@pconline.com | |
4775 | - markus@cvs.openbsd.org 2000/10/11 14:11:35 | |
4776 | [dh.c] | |
4777 | Wall | |
4778 | - markus@cvs.openbsd.org 2000/10/11 14:14:40 | |
4779 | [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] | |
4780 | [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] | |
4781 | add support for s/key (kbd-interactive) to ssh2, based on work by | |
4782 | mkiernan@avantgo.com and me | |
4783 | - markus@cvs.openbsd.org 2000/10/11 14:27:24 | |
4784 | [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] | |
4785 | [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] | |
4786 | [sshconnect2.c sshd.c] | |
4787 | new cipher framework | |
4788 | - markus@cvs.openbsd.org 2000/10/11 14:45:21 | |
4789 | [cipher.c] | |
4790 | remove DES | |
4791 | - markus@cvs.openbsd.org 2000/10/12 03:59:20 | |
4792 | [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] | |
4793 | enable DES in SSH-1 clients only | |
4794 | - markus@cvs.openbsd.org 2000/10/12 08:21:13 | |
4795 | [kex.h packet.c] | |
4796 | remove unused | |
4797 | - markus@cvs.openbsd.org 2000/10/13 12:34:46 | |
4798 | [sshd.c] | |
4799 | Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se | |
4800 | - markus@cvs.openbsd.org 2000/10/13 12:59:15 | |
4801 | [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] | |
4802 | rijndael/aes support | |
4803 | - markus@cvs.openbsd.org 2000/10/13 13:10:54 | |
4804 | [sshd.8] | |
4805 | more info about -V | |
4806 | - markus@cvs.openbsd.org 2000/10/13 13:12:02 | |
4807 | [myproposal.h] | |
4808 | prefer no compression | |
3ed32516 | 4809 | - (djm) Fix scp user@host handling |
4810 | - (djm) Don't clobber ssh_prng_cmds on install | |
6bcf7caa | 4811 | - (stevesk) Include config.h in rijndael.c so we define intXX_t and |
4812 | u_intXX_t types on all platforms. | |
9ea53ba5 | 4813 | - (stevesk) rijndael.c: cleanup missing declaration warnings. |
2919e060 | 4814 | - (stevesk) ~/.hushlogin shouldn't cause required password change to |
4815 | be bypassed. | |
f5665f6f | 4816 | - (stevesk) Display correct path to ssh-askpass in configure output. |
4817 | Report from Lutz Jaenicke. | |
71dfaf1c | 4818 | |
ebd782f7 | 4819 | 20001007 |
4820 | - (stevesk) Print PAM return value in PAM log messages to aid | |
4821 | with debugging. | |
97994d32 | 4822 | - (stevesk) Fix detection of pw_class struct member in configure; |
4823 | patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> | |
4824 | ||
47a134c1 | 4825 | 20001002 |
4826 | - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> | |
4827 | - (djm) Add host system and CC to end-of-configure report. Suggested by | |
4828 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
4829 | ||
7322ef0e | 4830 | 20000931 |
4831 | - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> | |
4832 | ||
6ac7829a | 4833 | 20000930 |
b6490dcb | 4834 | - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> |
61e96248 | 4835 | - (djm) Support in bsd-snprintf.c for long long conversions from |
772bd898 | 4836 | Ben Lindstrom <mouring@pconline.com> |
4837 | - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> | |
857040fb | 4838 | - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with |
61e96248 | 4839 | very short lived X connections. Bug report from Tobias Oetiker |
857040fb | 4840 | <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> |
bd2d7f6a | 4841 | - (djm) Add recent InitScripts as a RPM dependancy for openssh-server |
4842 | patch from Pekka Savola <pekkas@netcore.fi> | |
58665035 | 4843 | - (djm) Forgot to cvs add LICENSE file |
dc2901a0 | 4844 | - (djm) Add LICENSE to RPM spec files |
de273eef | 4845 | - (djm) CVS OpenBSD sync: |
4846 | - markus@cvs.openbsd.org 2000/09/26 13:59:59 | |
4847 | [clientloop.c] | |
4848 | use debug2 | |
4849 | - markus@cvs.openbsd.org 2000/09/27 15:41:34 | |
4850 | [auth2.c sshconnect2.c] | |
4851 | use key_type() | |
4852 | - markus@cvs.openbsd.org 2000/09/28 12:03:18 | |
4853 | [channels.c] | |
4854 | debug -> debug2 cleanup | |
61e96248 | 4855 | - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only |
2a7d529a | 4856 | strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis |
4857 | <Alain.St-Denis@ec.gc.ca> | |
61e96248 | 4858 | - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. |
4859 | Problem was caused by interrupted read in ssh-add. Report from Donald | |
2a7d529a | 4860 | J. Barry <don@astro.cornell.edu> |
6ac7829a | 4861 | |
c5d85828 | 4862 | 20000929 |
4863 | - (djm) Fix SSH2 not terminating until all background tasks done problem. | |
61e96248 | 4864 | - (djm) Another off-by-one fix from Pavel Kankovsky |
4865 | <peak@argo.troja.mff.cuni.cz> | |
22d89d24 | 4866 | - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, |
4867 | tidy necessary differences. Use Markus' new debugN() in entropy.c | |
61e96248 | 4868 | - (djm) Merged big SCO portability patch from Tim Rice |
77bb0bca | 4869 | <tim@multitalents.net> |
c5d85828 | 4870 | |
6fd7f731 | 4871 | 20000926 |
4872 | - (djm) Update X11-askpass to 1.0.2 in RPM spec file | |
c5ae7384 | 4873 | - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX |
61e96248 | 4874 | - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. |
4875 | Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> | |
6fd7f731 | 4876 | |
2f125ca1 | 4877 | 20000924 |
4878 | - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> | |
4879 | - (djm) A bit more cleanup - created cygwin_util.h | |
bcdaaeab | 4880 | - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller |
4881 | <markm@swoon.net> | |
2f125ca1 | 4882 | |
764d4113 | 4883 | 20000923 |
61e96248 | 4884 | - (djm) Fix address logging in utmp from Kevin Steves |
764d4113 | 4885 | <stevesk@sweden.hp.com> |
777319db | 4886 | - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> |
bd590612 | 4887 | - (djm) Seperate tests for int64_t and u_int64_t types |
61e96248 | 4888 | - (djm) Tweak password expiry checking at suggestion of Kevin Steves |
37c1c46d | 4889 | <stevesk@sweden.hp.com> |
e79b44e1 | 4890 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
61e96248 | 4891 | - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from |
e2144f11 | 4892 | Michael Stone <mstone@cs.loyola.edu> |
188adeb2 | 4893 | - (djm) OpenBSD CVS sync: |
4894 | - markus@cvs.openbsd.org 2000/09/17 09:38:59 | |
4895 | [sshconnect2.c sshd.c] | |
4896 | fix DEBUG_KEXDH | |
4897 | - markus@cvs.openbsd.org 2000/09/17 09:52:51 | |
4898 | [sshconnect.c] | |
4899 | yes no; ok niels@ | |
4900 | - markus@cvs.openbsd.org 2000/09/21 04:55:11 | |
4901 | [sshd.8] | |
4902 | typo | |
4903 | - markus@cvs.openbsd.org 2000/09/21 05:03:54 | |
4904 | [serverloop.c] | |
4905 | typo | |
4906 | - markus@cvs.openbsd.org 2000/09/21 05:11:42 | |
4907 | scp.c | |
4908 | utime() to utimes(); mouring@pconline.com | |
4909 | - markus@cvs.openbsd.org 2000/09/21 05:25:08 | |
4910 | sshconnect2.c | |
4911 | change login logic in ssh2, allows plugin of other auth methods | |
4912 | - markus@cvs.openbsd.org 2000/09/21 05:25:35 | |
4913 | [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] | |
4914 | [serverloop.c] | |
4915 | add context to dispatch_run | |
4916 | - markus@cvs.openbsd.org 2000/09/21 05:07:52 | |
4917 | authfd.c authfd.h ssh-agent.c | |
4918 | bug compat for old ssh.com software | |
764d4113 | 4919 | |
7f377177 | 4920 | 20000920 |
4921 | - (djm) Fix bad path substitution. Report from Andrew Miner | |
4922 | <asminer@cs.iastate.edu> | |
4923 | ||
bcbf86ec | 4924 | 20000916 |
61e96248 | 4925 | - (djm) Fix SSL search order from Lutz Jaenicke |
7950bf97 | 4926 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
19ece6d2 | 4927 | - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> |
9cd45ea4 | 4928 | - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> |
995edaac | 4929 | - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. |
4930 | Patch from Larry Jones <larry.jones@sdrc.com> | |
61e96248 | 4931 | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM |
ad55cd03 | 4932 | password change patch. |
4933 | - (djm) Bring licenses on my stuff in line with OpenBSD's | |
0bbfbdeb | 4934 | - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from |
4935 | Kevin Steves <stevesk@sweden.hp.com> | |
7f8f5e00 | 4936 | - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> |
4937 | - (djm) Re-enable int64_t types - we need them for sftp | |
4938 | - (djm) Use libexecdir from configure , rather than libexecdir/ssh | |
4939 | - (djm) Update Redhat SPEC file accordingly | |
4940 | - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files | |
4941 | - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch | |
61e96248 | 4942 | - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter |
7f8f5e00 | 4943 | <Dirk.DeWachter@rug.ac.be> |
61e96248 | 4944 | - (djm) Fixprogs and entropy list fixes from Larry Jones |
7f8f5e00 | 4945 | <larry.jones@sdrc.com> |
4946 | - (djm) Fix for SuSE spec file from Takashi YOSHIDA | |
4947 | <tyoshida@gemini.rc.kyushu-u.ac.jp> | |
bcbf86ec | 4948 | - (djm) Merge OpenBSD changes: |
4949 | - markus@cvs.openbsd.org 2000/09/05 02:59:57 | |
4950 | [session.c] | |
4951 | print hostname (not hushlogin) | |
4952 | - markus@cvs.openbsd.org 2000/09/05 13:18:48 | |
4953 | [authfile.c ssh-add.c] | |
4954 | enable ssh-add -d for DSA keys | |
4955 | - markus@cvs.openbsd.org 2000/09/05 13:20:49 | |
4956 | [sftp-server.c] | |
4957 | cleanup | |
4958 | - markus@cvs.openbsd.org 2000/09/06 03:46:41 | |
4959 | [authfile.h] | |
4960 | prototype | |
4961 | - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 | |
4962 | [ALL] | |
61e96248 | 4963 | cleanup copyright notices on all files. I have attempted to be |
4964 | accurate with the details. everything is now under Tatu's licence | |
4965 | (which I copied from his readme), and/or the core-sdi bsd-ish thing | |
4966 | for deattack, or various openbsd developers under a 2-term bsd | |
bcbf86ec | 4967 | licence. We're not changing any rules, just being accurate. |
4968 | - markus@cvs.openbsd.org 2000/09/07 14:40:30 | |
4969 | [channels.c channels.h clientloop.c serverloop.c ssh.c] | |
4970 | cleanup window and packet sizes for ssh2 flow control; ok niels | |
4971 | - markus@cvs.openbsd.org 2000/09/07 14:53:00 | |
4972 | [scp.c] | |
4973 | typo | |
4974 | - markus@cvs.openbsd.org 2000/09/07 15:13:37 | |
4975 | [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] | |
4976 | [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] | |
4977 | [pty.c readconf.c] | |
4978 | some more Copyright fixes | |
4979 | - markus@cvs.openbsd.org 2000/09/08 03:02:51 | |
4980 | [README.openssh2] | |
4981 | bye bye | |
4982 | - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 | |
4983 | [LICENCE cipher.c] | |
4984 | a few more comments about it being ARC4 not RC4 | |
4985 | - markus@cvs.openbsd.org 2000/09/12 14:53:11 | |
4986 | [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] | |
4987 | multiple debug levels | |
4988 | - markus@cvs.openbsd.org 2000/09/14 14:25:15 | |
4989 | [clientloop.c] | |
4990 | typo | |
4991 | - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 | |
4992 | [ssh-agent.c] | |
4993 | check return value for setenv(3) for failure, and deal appropriately | |
4994 | ||
deb8d717 | 4995 | 20000913 |
4996 | - (djm) Fix server not exiting with jobs in background. | |
4997 | ||
b5e300c2 | 4998 | 20000905 |
4999 | - (djm) Import OpenBSD CVS changes | |
5000 | - markus@cvs.openbsd.org 2000/08/31 15:52:24 | |
5001 | [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] | |
5002 | implement a SFTP server. interops with sftp2, scp2 and the windows | |
5003 | client from ssh.com | |
5004 | - markus@cvs.openbsd.org 2000/08/31 15:56:03 | |
5005 | [README.openssh2] | |
5006 | sync | |
5007 | - markus@cvs.openbsd.org 2000/08/31 16:05:42 | |
5008 | [session.c] | |
5009 | Wall | |
5010 | - markus@cvs.openbsd.org 2000/08/31 16:09:34 | |
5011 | [authfd.c ssh-agent.c] | |
5012 | add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions | |
5013 | - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 | |
5014 | [scp.1 scp.c] | |
5015 | cleanup and fix -S support; stevesk@sweden.hp.com | |
5016 | - markus@cvs.openbsd.org 2000/09/01 16:29:32 | |
5017 | [sftp-server.c] | |
5018 | portability fixes | |
5019 | - markus@cvs.openbsd.org 2000/09/01 16:32:41 | |
5020 | [sftp-server.c] | |
5021 | fix cast; mouring@pconline.com | |
5022 | - itojun@cvs.openbsd.org 2000/09/03 09:23:28 | |
5023 | [ssh-add.1 ssh.1] | |
5024 | add missing .El against .Bl. | |
5025 | - markus@cvs.openbsd.org 2000/09/04 13:03:41 | |
5026 | [session.c] | |
5027 | missing close; ok theo | |
5028 | - markus@cvs.openbsd.org 2000/09/04 13:07:21 | |
5029 | [session.c] | |
5030 | fix get_last_login_time order; from andre@van-veen.de | |
5031 | - markus@cvs.openbsd.org 2000/09/04 13:10:09 | |
5032 | [sftp-server.c] | |
5033 | more cast fixes; from mouring@pconline.com | |
5034 | - markus@cvs.openbsd.org 2000/09/04 13:06:04 | |
5035 | [session.c] | |
5036 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | |
5037 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | |
3c62e7eb | 5038 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> |
5039 | ||
1e61f54a | 5040 | 20000903 |
5041 | - (djm) Fix Redhat init script | |
5042 | ||
c80876b4 | 5043 | 20000901 |
5044 | - (djm) Pick up Jim's new X11-askpass | |
5045 | - (djm) Release 2.2.0p1 | |
5046 | ||
8b4a0d08 | 5047 | 20000831 |
bcbf86ec | 5048 | - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox |
8b4a0d08 | 5049 | <acox@cv.telegroup.com> |
b817711d | 5050 | - (djm) Pick up new version (2.2.0) from OpenBSD CVS |
8b4a0d08 | 5051 | |
0b65b628 | 5052 | 20000830 |
5053 | - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> | |
10fa00c8 | 5054 | - (djm) Periodically rekey arc4random |
5055 | - (djm) Clean up diff against OpenBSD. | |
bcbf86ec | 5056 | - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves |
2b10f47a | 5057 | <stevesk@sweden.hp.com> |
b33a2e6e | 5058 | - (djm) Quieten the pam delete credentials error message |
44839801 | 5059 | - (djm) Fix printing of $DISPLAY hack if set by system type. Report from |
5060 | Kevin Steves <stevesk@sweden.hp.com> | |
84a770d1 | 5061 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
7efa2776 | 5062 | - (djm) Fix doh in bsd-arc4random.c |
0b65b628 | 5063 | |
9aaf9be4 | 5064 | 20000829 |
bcbf86ec | 5065 | - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert |
5066 | Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and | |
9aaf9be4 | 5067 | Garrick James <garrick@james.net> |
b5f90139 | 5068 | - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from |
5069 | Bastian Trompetter <btrompetter@firemail.de> | |
698d107e | 5070 | - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> |
14a9a859 | 5071 | - More OpenBSD updates: |
5072 | - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 | |
5073 | [scp.c] | |
5074 | off_t in sink, to fix files > 2GB, i think, test is still running ;-) | |
5075 | - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 | |
5076 | [session.c] | |
5077 | Wall | |
5078 | - markus@cvs.openbsd.org 2000/08/26 04:33:43 | |
5079 | [compat.c] | |
5080 | ssh.com-2.3.0 | |
5081 | - markus@cvs.openbsd.org 2000/08/27 12:18:05 | |
5082 | [compat.c] | |
5083 | compatibility with future ssh.com versions | |
5084 | - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 | |
5085 | [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] | |
5086 | print uid/gid as unsigned | |
5087 | - markus@cvs.openbsd.org 2000/08/28 13:51:00 | |
5088 | [ssh.c] | |
5089 | enable -n and -f for ssh2 | |
5090 | - markus@cvs.openbsd.org 2000/08/28 14:19:53 | |
5091 | [ssh.c] | |
5092 | allow combination of -N and -f | |
5093 | - markus@cvs.openbsd.org 2000/08/28 14:20:56 | |
5094 | [util.c] | |
5095 | util.c | |
5096 | - markus@cvs.openbsd.org 2000/08/28 14:22:02 | |
5097 | [util.c] | |
5098 | undo | |
5099 | - markus@cvs.openbsd.org 2000/08/28 14:23:38 | |
5100 | [util.c] | |
5101 | don't complain if setting NONBLOCK fails with ENODEV | |
9aaf9be4 | 5102 | |
137d7b6c | 5103 | 20000823 |
5104 | - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 | |
bcbf86ec | 5105 | Avoids "scp never exits" problem. Reports from Lutz Jaenicke |
5106 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA | |
137d7b6c | 5107 | <kajiyama@grad.sccs.chukyo-u.ac.jp> |
2e73a022 | 5108 | - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers |
da40ab4d | 5109 | - (djm) Add local version to version.h |
ea788c22 | 5110 | - (djm) Don't reseed arc4random everytime it is used |
2e73a022 | 5111 | - (djm) OpenBSD CVS updates: |
5112 | - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 | |
5113 | [ssh.c] | |
5114 | accept remsh as a valid name as well; roman@buildpoint.com | |
5115 | - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 | |
5116 | [deattack.c crc32.c packet.c] | |
5117 | rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to | |
5118 | libz crc32 function yet, because it has ugly "long"'s in it; | |
5119 | oneill@cs.sfu.ca | |
5120 | - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 | |
5121 | [scp.1 scp.c] | |
5122 | -S prog support; tv@debian.org | |
5123 | - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 | |
5124 | [scp.c] | |
5125 | knf | |
5126 | - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 | |
5127 | [log-client.c] | |
5128 | shorten | |
5129 | - markus@cvs.openbsd.org 2000/08/19 12:48:11 | |
5130 | [channels.c channels.h clientloop.c ssh.c ssh.h] | |
5131 | support for ~. in ssh2 | |
5132 | - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 | |
5133 | [crc32.h] | |
5134 | proper prototype | |
5135 | - markus@cvs.openbsd.org 2000/08/19 15:34:44 | |
bcbf86ec | 5136 | [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] |
5137 | [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] | |
2e73a022 | 5138 | [fingerprint.c fingerprint.h] |
5139 | add SSH2/DSA support to the agent and some other DSA related cleanups. | |
5140 | (note that we cannot talk to ssh.com's ssh2 agents) | |
5141 | - markus@cvs.openbsd.org 2000/08/19 15:55:52 | |
5142 | [channels.c channels.h clientloop.c] | |
5143 | more ~ support for ssh2 | |
5144 | - markus@cvs.openbsd.org 2000/08/19 16:21:19 | |
5145 | [clientloop.c] | |
5146 | oops | |
5147 | - millert@cvs.openbsd.org 2000/08/20 12:25:53 | |
5148 | [session.c] | |
5149 | We have to stash the result of get_remote_name_or_ip() before we | |
5150 | close our socket or getpeername() will get EBADF and the process | |
5151 | will exit. Only a problem for "UseLogin yes". | |
5152 | - millert@cvs.openbsd.org 2000/08/20 12:30:59 | |
5153 | [session.c] | |
5154 | Only check /etc/nologin if "UseLogin no" since login(1) may have its | |
5155 | own policy on determining who is allowed to login when /etc/nologin | |
5156 | is present. Also use the _PATH_NOLOGIN define. | |
5157 | - millert@cvs.openbsd.org 2000/08/20 12:42:43 | |
5158 | [auth1.c auth2.c session.c ssh.c] | |
5159 | Add calls to setusercontext() and login_get*(). We basically call | |
5160 | setusercontext() in most places where previously we did a setlogin(). | |
5161 | Add default login.conf file and put root in the "daemon" login class. | |
5162 | - millert@cvs.openbsd.org 2000/08/21 10:23:31 | |
5163 | [session.c] | |
5164 | Fix incorrect PATH setting; noted by Markus. | |
137d7b6c | 5165 | |
c345cf9d | 5166 | 20000818 |
5167 | - (djm) OpenBSD CVS changes: | |
5168 | - markus@cvs.openbsd.org 2000/07/22 03:14:37 | |
5169 | [servconf.c servconf.h sshd.8 sshd.c sshd_config] | |
5170 | random early drop; ok theo, niels | |
5171 | - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 | |
5172 | [ssh.1] | |
5173 | typo | |
5174 | - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 | |
5175 | [sshd.8] | |
5176 | many fixes from pepper@mail.reppep.com | |
5177 | - provos@cvs.openbsd.org 2000/08/01 13:01:42 | |
5178 | [Makefile.in util.c aux.c] | |
5179 | rename aux.c to util.c to help with cygwin port | |
5180 | - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 | |
5181 | [authfd.c] | |
5182 | correct sun_len; Alexander@Leidinger.net | |
5183 | - provos@cvs.openbsd.org 2000/08/02 10:27:17 | |
5184 | [readconf.c sshd.8] | |
5185 | disable kerberos authentication by default | |
5186 | - provos@cvs.openbsd.org 2000/08/02 11:27:05 | |
5187 | [sshd.8 readconf.c auth-krb4.c] | |
5188 | disallow kerberos authentication if we can't verify the TGT; from | |
5189 | dugsong@ | |
5190 | kerberos authentication is on by default only if you have a srvtab. | |
5191 | - markus@cvs.openbsd.org 2000/08/04 14:30:07 | |
5192 | [auth.c] | |
5193 | unused | |
5194 | - markus@cvs.openbsd.org 2000/08/04 14:30:35 | |
5195 | [sshd_config] | |
5196 | MaxStartups | |
5197 | - markus@cvs.openbsd.org 2000/08/15 13:20:46 | |
5198 | [authfd.c] | |
5199 | cleanup; ok niels@ | |
5200 | - markus@cvs.openbsd.org 2000/08/17 14:05:10 | |
5201 | [session.c] | |
5202 | cleanup login(1)-like jobs, no duplicate utmp entries | |
5203 | - markus@cvs.openbsd.org 2000/08/17 14:06:34 | |
5204 | [session.c sshd.8 sshd.c] | |
5205 | sshd -u len, similar to telnetd | |
1a022229 | 5206 | - (djm) Lastlog was not getting closed after writing login entry |
39987cc0 | 5207 | - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> |
c345cf9d | 5208 | |
416ed5a7 | 5209 | 20000816 |
5210 | - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) | |
bcbf86ec | 5211 | - (djm) Fix strerror replacement for old SunOS. Based on patch from |
416ed5a7 | 5212 | Charles Levert <charles@comm.polymtl.ca> |
bcbf86ec | 5213 | - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 |
416ed5a7 | 5214 | implementation. |
ba606eb2 | 5215 | - (djm) SUN_LEN macro for systems which lack it |
416ed5a7 | 5216 | |
dbaa2e87 | 5217 | 20000815 |
5218 | - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> | |
cd352c82 | 5219 | - (djm) Avoid failures on Irix when ssh is not setuid. Fix from |
5220 | Michael Stone <mstone@cs.loyola.edu> | |
d93a7e5a | 5221 | - (djm) Don't seek in directory based lastlogs |
bcbf86ec | 5222 | - (djm) Fix --with-ipaddr-display configure option test. Patch from |
d93a7e5a | 5223 | Jarno Huuskonen <jhuuskon@messi.uku.fi> |
2a2cb9e7 | 5224 | - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> |
dbaa2e87 | 5225 | |
6c33bf70 | 5226 | 20000813 |
5227 | - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from | |
5228 | Fabrice bacchella <fabrice.bacchella@marchfirst.fr> | |
5229 | ||
3fcce26c | 5230 | 20000809 |
bcbf86ec | 5231 | - (djm) Define AIX hard limits if headers don't. Report from |
3fcce26c | 5232 | Bill Painter <william.t.painter@lmco.com> |
bcbf86ec | 5233 | - (djm) utmp direct write & SunOS 4 patch from Charles Levert |
32eec038 | 5234 | <charles@comm.polymtl.ca> |
3fcce26c | 5235 | |
71d43804 | 5236 | 20000808 |
5237 | - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install | |
5238 | time, spec file cleanup. | |
5239 | ||
f9bcea07 | 5240 | 20000807 |
378f2232 | 5241 | - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke |
47670e77 | 5242 | - (djm) Suppress error messages on channel close shutdown() failurs |
5243 | works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> | |
378f2232 | 5244 | - (djm) Add some more entropy collection commands from Lutz Jaenicke |
f9bcea07 | 5245 | |
bcf89935 | 5246 | 20000725 |
5247 | - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF | |
5248 | ||
4c8722d9 | 5249 | 20000721 |
5250 | - (djm) OpenBSD CVS updates: | |
5251 | - markus@cvs.openbsd.org 2000/07/16 02:27:22 | |
5252 | [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] | |
5253 | [sshconnect1.c sshconnect2.c] | |
5254 | make ssh-add accept dsa keys (the agent does not) | |
5255 | - djm@cvs.openbsd.org 2000/07/17 19:25:02 | |
5256 | [sshd.c] | |
5257 | Another closing of stdin; ok deraadt | |
5258 | - markus@cvs.openbsd.org 2000/07/19 18:33:12 | |
5259 | [dsa.c] | |
5260 | missing free, reorder | |
5261 | - markus@cvs.openbsd.org 2000/07/20 16:23:14 | |
5262 | [ssh-keygen.1] | |
5263 | document input and output files | |
5264 | ||
240777b8 | 5265 | 20000720 |
4c8722d9 | 5266 | - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> |
240777b8 | 5267 | |
3c7def32 | 5268 | 20000716 |
4c8722d9 | 5269 | - (djm) Release 2.1.1p4 |
3c7def32 | 5270 | |
819b676f | 5271 | 20000715 |
704b1659 | 5272 | - (djm) OpenBSD CVS updates |
5273 | - provos@cvs.openbsd.org 2000/07/13 16:53:22 | |
5274 | [aux.c readconf.c servconf.c ssh.h] | |
5275 | allow multiple whitespace but only one '=' between tokens, bug report from | |
5276 | Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |
5277 | - provos@cvs.openbsd.org 2000/07/13 17:14:09 | |
5278 | [clientloop.c] | |
5279 | typo; todd@fries.net | |
5280 | - provos@cvs.openbsd.org 2000/07/13 17:19:31 | |
5281 | [scp.c] | |
5282 | close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> | |
5283 | - markus@cvs.openbsd.org 2000/07/14 16:59:46 | |
5284 | [readconf.c servconf.c] | |
5285 | allow leading whitespace. ok niels | |
5286 | - djm@cvs.openbsd.org 2000/07/14 22:01:38 | |
5287 | [ssh-keygen.c ssh.c] | |
5288 | Always create ~/.ssh with mode 700; ok Markus | |
819b676f | 5289 | - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> |
5290 | - Include floatingpoint.h for entropy.c | |
5291 | - strerror replacement | |
704b1659 | 5292 | |
3f7a7e4a | 5293 | 20000712 |
c37fb3c1 | 5294 | - (djm) Remove -lresolve for Reliant Unix |
3f7a7e4a | 5295 | - (djm) OpenBSD CVS Updates: |
5296 | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 | |
5297 | [session.c sshd.c ] | |
5298 | make MaxStartups code still work with -d; djm | |
5299 | - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 | |
5300 | [readconf.c ssh_config] | |
5301 | disable FallBackToRsh by default | |
c37fb3c1 | 5302 | - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from |
5303 | Ben Lindstrom <mouring@pconline.com> | |
1e970014 | 5304 | - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM |
5305 | spec file. | |
dcb36e5d | 5306 | - (djm) Released 2.1.1p3 |
3f7a7e4a | 5307 | |
56118702 | 5308 | 20000711 |
5309 | - (djm) Fixup for AIX getuserattr() support from Tom Bertelson | |
5310 | <tbert@abac.com> | |
132dd316 | 5311 | - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> |
bcbf86ec | 5312 | - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom |
c99e5056 | 5313 | <mouring@pconline.com> |
bcbf86ec | 5314 | - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report |
dc2a6d09 | 5315 | from Jim Watt <jimw@peisj.pebio.com> |
2d9a148e | 5316 | - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known |
5317 | to compile on more platforms (incl NeXT). | |
cc6f2c4c | 5318 | - (djm) Added bsd-inet_aton and configure support for NeXT |
aae19451 | 5319 | - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> |
089fbbd2 | 5320 | - (djm) OpenBSD CVS updates: |
5321 | - markus@cvs.openbsd.org 2000/06/26 03:22:29 | |
5322 | [authfd.c] | |
5323 | cleanup, less cut&paste | |
5324 | - markus@cvs.openbsd.org 2000/06/26 15:59:19 | |
5325 | [servconf.c servconf.h session.c sshd.8 sshd.c] | |
bcbf86ec | 5326 | MaxStartups: limit number of unauthenticated connections, work by |
089fbbd2 | 5327 | theo and me |
5328 | - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 | |
5329 | [session.c] | |
5330 | use no_x11_forwarding_flag correctly; provos ok | |
5331 | - provos@cvs.openbsd.org 2000/07/05 15:35:57 | |
5332 | [sshd.c] | |
5333 | typo | |
5334 | - aaron@cvs.openbsd.org 2000/07/05 22:06:58 | |
5335 | [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] | |
bcbf86ec | 5336 | Insert more missing .El directives. Our troff really should identify |
089fbbd2 | 5337 | these and spit out a warning. |
5338 | - todd@cvs.openbsd.org 2000/07/06 21:55:04 | |
5339 | [auth-rsa.c auth2.c ssh-keygen.c] | |
5340 | clean code is good code | |
5341 | - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 | |
5342 | [serverloop.c] | |
5343 | sense of port forwarding flag test was backwards | |
5344 | - provos@cvs.openbsd.org 2000/07/08 17:17:31 | |
5345 | [compat.c readconf.c] | |
5346 | replace strtok with strsep; from David Young <dyoung@onthejob.net> | |
5347 | - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 | |
5348 | [auth.h] | |
5349 | KNF | |
5350 | - ho@cvs.openbsd.org 2000/07/08 19:27:33 | |
5351 | [compat.c readconf.c] | |
5352 | Better conditions for strsep() ending. | |
5353 | - ho@cvs.openbsd.org 2000/07/10 10:27:05 | |
5354 | [readconf.c] | |
5355 | Get the correct message on errors. (niels@ ok) | |
5356 | - ho@cvs.openbsd.org 2000/07/10 10:30:25 | |
5357 | [cipher.c kex.c servconf.c] | |
5358 | strtok() --> strsep(). (niels@ ok) | |
5540ea9b | 5359 | - (djm) Fix problem with debug mode and MaxStartups |
eb37534b | 5360 | - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM |
5361 | builds) | |
229f64ee | 5362 | - (djm) Add strsep function from OpenBSD libc for systems that lack it |
56118702 | 5363 | |
a8545c6c | 5364 | 20000709 |
5365 | - (djm) Only enable PAM_TTY kludge for Linux. Problem report from | |
5366 | Kevin Steves <stevesk@sweden.hp.com> | |
ec90a7d6 | 5367 | - (djm) Match prototype and function declaration for rresvport_af. |
5368 | Problem report from Niklas Edmundsson <nikke@ing.umu.se> | |
bcbf86ec | 5369 | - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM |
732e8ac5 | 5370 | builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> |
37f1df94 | 5371 | - (djm) Replace ut_name with ut_user. Patch from Jim Watt |
5372 | <jimw@peisj.pebio.com> | |
264dce47 | 5373 | - (djm) Fix pam sprintf fix |
5374 | - (djm) Cleanup entropy collection code a little more. Split initialisation | |
5375 | from seeding, perform intialisation immediatly at start, be careful with | |
5376 | uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> | |
5bf9cfe9 | 5377 | - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> |
5378 | Including sigaction() et al. replacements | |
bcbf86ec | 5379 | - (djm) AIX getuserattr() session initialisation from Tom Bertelson |
eeec075f | 5380 | <tbert@abac.com> |
a8545c6c | 5381 | |
e2902a5b | 5382 | 20000708 |
bcbf86ec | 5383 | - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from |
e2902a5b | 5384 | Aaron Hopkins <aaron@die.net> |
7a33f831 | 5385 | - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from |
5386 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
bcbf86ec | 5387 | - (djm) Fixed undefined variables for OSF SIA. Report from |
b3f162ba | 5388 | Baars, Henk <Hendrik.Baars@nl.origin-it.com> |
bcbf86ec | 5389 | - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c |
b28e4a3b | 5390 | Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> |
bcbf86ec | 5391 | - (djm) Don't use inet_addr. |
e2902a5b | 5392 | |
5637650d | 5393 | 20000702 |
5394 | - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> | |
27494968 | 5395 | - (djm) Stop shadow expiry checking from preventing logins with NIS. Based |
5396 | on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | |
a4070484 | 5397 | - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from |
5398 | Chris, the Young One <cky@pobox.com> | |
bcbf86ec | 5399 | - (djm) Fix scp progress meter on really wide terminals. Based on patch |
88726b31 | 5400 | from James H. Cloos Jr. <cloos@jhcloos.com> |
5637650d | 5401 | |
388e9f9f | 5402 | 20000701 |
5403 | - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> | |
daaff4d5 | 5404 | - (djm) Login fixes from Tom Bertelson <tbert@abac.com> |
82258d68 | 5405 | - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen |
5406 | <vinschen@cygnus.com> | |
30228d7c | 5407 | - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM |
2647ae26 | 5408 | - (djm) Added check for broken snprintf() functions which do not correctly |
5409 | terminate output string and attempt to use replacement. | |
46158300 | 5410 | - (djm) Released 2.1.1p2 |
388e9f9f | 5411 | |
9f32ceb4 | 5412 | 20000628 |
5413 | - (djm) Fixes to lastlog code for Irix | |
5414 | - (djm) Use atomicio in loginrec | |
3206bb3b | 5415 | - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for |
5416 | Irix 6.x array sessions, project id's, and system audit trail id. | |
9e0c3e1f | 5417 | - (djm) Added 'distprep' make target to simplify packaging |
bcbf86ec | 5418 | - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA |
4d33e531 | 5419 | support. Enable using "USE_SIA=1 ./configure [options]" |
61e96248 | 5420 | |
d8caae24 | 5421 | 20000627 |
5422 | - (djm) Fixes to login code - not setting li->uid, cleanups | |
a05a70ab | 5423 | - (djm) Formatting |
d8caae24 | 5424 | |
fe30cc2e | 5425 | 20000626 |
3e98362e | 5426 | - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> |
4cb5ffa0 | 5427 | - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> |
5428 | - (djm) Added password expiry checking (no password change support) | |
be0b9bb7 | 5429 | - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK |
5430 | based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
b5b3f75d | 5431 | - (djm) Fix fixed EGD code. |
3e98362e | 5432 | - OpenBSD CVS update |
5433 | - provos@cvs.openbsd.org 2000/06/25 14:17:58 | |
5434 | [channels.c] | |
5435 | correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> | |
5436 | ||
1c04b088 | 5437 | 20000623 |
bcbf86ec | 5438 | - (djm) Use sa_family_t in prototype for rresvport_af. Patch from |
1c04b088 | 5439 | Svante Signell <svante.signell@telia.com> |
5440 | - (djm) Autoconf logic to define sa_family_t if it is missing | |
e5a0294f | 5441 | - OpenBSD CVS Updates: |
5442 | - markus@cvs.openbsd.org 2000/06/22 10:32:27 | |
5443 | [sshd.c] | |
5444 | missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL | |
5445 | - djm@cvs.openbsd.org 2000/06/22 17:55:00 | |
5446 | [auth-krb4.c key.c radix.c uuencode.c] | |
5447 | Missing CVS idents; ok markus | |
1c04b088 | 5448 | |
f528fdf2 | 5449 | 20000622 |
5450 | - (djm) Automatically generate host key during "make install". Suggested | |
5451 | by Gary E. Miller <gem@rellim.com> | |
5452 | - (djm) Paranoia before kill() system call | |
74fc9186 | 5453 | - OpenBSD CVS Updates: |
5454 | - markus@cvs.openbsd.org 2000/06/18 18:50:11 | |
5455 | [auth2.c compat.c compat.h sshconnect2.c] | |
5456 | make userauth+pubkey interop with ssh.com-2.2.0 | |
5457 | - markus@cvs.openbsd.org 2000/06/18 20:56:17 | |
5458 | [dsa.c] | |
5459 | mem leak + be more paranoid in dsa_verify. | |
5460 | - markus@cvs.openbsd.org 2000/06/18 21:29:50 | |
5461 | [key.c] | |
5462 | cleanup fingerprinting, less hardcoded sizes | |
5463 | - markus@cvs.openbsd.org 2000/06/19 19:39:45 | |
5464 | [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | |
5465 | [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] | |
bcbf86ec | 5466 | [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] |
74fc9186 | 5467 | [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] |
5468 | [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] | |
bcbf86ec | 5469 | [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] |
5470 | [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] | |
74fc9186 | 5471 | [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] |
5472 | [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] | |
5473 | OpenBSD tag | |
5474 | - markus@cvs.openbsd.org 2000/06/21 10:46:10 | |
5475 | sshconnect2.c missing free; nuke old comment | |
f528fdf2 | 5476 | |
e5fe9a1f | 5477 | 20000620 |
5478 | - (djm) Replace use of '-o' and '-a' logical operators in configure tests | |
986a22ec | 5479 | with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx> |
e5fe9a1f | 5480 | to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> |
c03aced4 | 5481 | - (djm) Typo in loginrec.c |
e5fe9a1f | 5482 | |
cbd7492e | 5483 | 20000618 |
5484 | - (djm) Add summary of configure options to end of ./configure run | |
bcbf86ec | 5485 | - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from |
cbd7492e | 5486 | Michael Stone <mstone@cs.loyola.edu> |
bcbf86ec | 5487 | - (djm) rusage is a privileged operation on some Unices (incl. |
cbd7492e | 5488 | Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> |
bcbf86ec | 5489 | - (djm) Avoid PAM failures when running without a TTY. Report from |
cbd7492e | 5490 | Martin Petrak <petrak@spsknm.schools.sk> |
5491 | - (djm) Include sys/types.h when including netinet/in.h in configure tests. | |
5492 | Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> | |
729bfe59 | 5493 | - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support |
38c295d6 | 5494 | - OpenBSD CVS updates: |
5495 | - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 | |
5496 | [channels.c] | |
5497 | everyone says "nix it" (remove protocol 2 debugging message) | |
5498 | - markus@cvs.openbsd.org 2000/06/17 13:24:34 | |
5499 | [sshconnect.c] | |
5500 | allow extended server banners | |
5501 | - markus@cvs.openbsd.org 2000/06/17 14:30:10 | |
5502 | [sshconnect.c] | |
5503 | missing atomicio, typo | |
5504 | - jakob@cvs.openbsd.org 2000/06/17 16:52:34 | |
5505 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
5506 | add support for ssh v2 subsystems. ok markus@. | |
5507 | - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 | |
5508 | [readconf.c servconf.c] | |
5509 | include = in WHITESPACE; markus ok | |
5510 | - markus@cvs.openbsd.org 2000/06/17 19:09:10 | |
5511 | [auth2.c] | |
5512 | implement bug compatibility with ssh-2.0.13 pubkey, server side | |
5513 | - markus@cvs.openbsd.org 2000/06/17 21:00:28 | |
5514 | [compat.c] | |
5515 | initial support for ssh.com's 2.2.0 | |
5516 | - markus@cvs.openbsd.org 2000/06/17 21:16:09 | |
5517 | [scp.c] | |
5518 | typo | |
5519 | - markus@cvs.openbsd.org 2000/06/17 22:05:02 | |
5520 | [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] | |
5521 | split auth-rsa option parsing into auth-options | |
5522 | add options support to authorized_keys2 | |
5523 | - markus@cvs.openbsd.org 2000/06/17 22:42:54 | |
5524 | [session.c] | |
5525 | typo | |
cbd7492e | 5526 | |
509b1f88 | 5527 | 20000613 |
5528 | - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: | |
5529 | - Platform define for SCO 3.x which breaks on /dev/ptmx | |
5530 | - Detect and try to fix missing MAXPATHLEN | |
a4d05724 | 5531 | - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp |
5532 | <P.S.S.Camp@ukc.ac.uk> | |
509b1f88 | 5533 | |
09564242 | 5534 | 20000612 |
5535 | - (djm) Glob manpages in RPM spec files to catch compressed files | |
5536 | - (djm) Full license in auth-pam.c | |
08ae384f | 5537 | - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
383207f7 | 5538 | - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: |
5539 | - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is | |
5540 | def'd | |
5541 | - Set AIX to use preformatted manpages | |
61e96248 | 5542 | |
74b224a0 | 5543 | 20000610 |
5544 | - (djm) Minor doc tweaks | |
217ab55e | 5545 | - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> |
74b224a0 | 5546 | |
32c80420 | 5547 | 20000609 |
5548 | - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage | |
5549 | (in favour of utmpx) on Solaris 8 | |
5550 | ||
fa649821 | 5551 | 20000606 |
48c99b2c | 5552 | - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through |
5553 | list of commands (by default). Removed verbose debugging (by default). | |
bcbf86ec | 5554 | - (djm) Increased command entropy estimates and default entropy collection |
48c99b2c | 5555 | timeout |
f988dce5 | 5556 | - (djm) Remove duplicate headers from loginrec.c |
c5fa2eb0 | 5557 | - (djm) Don't add /usr/local/lib to library search path on Irix |
bcbf86ec | 5558 | - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III |
fa649821 | 5559 | <tibbs@math.uh.edu> |
1e83f2a2 | 5560 | - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg |
5561 | <zack@wolery.cumb.org> | |
fa649821 | 5562 | - (djm) OpenBSD CVS updates: |
5563 | - todd@cvs.openbsd.org | |
5564 | [sshconnect2.c] | |
5565 | teach protocol v2 to count login failures properly and also enable an | |
5566 | explanation of why the password prompt comes up again like v1; this is NOT | |
5567 | crypto | |
61e96248 | 5568 | - markus@cvs.openbsd.org |
fa649821 | 5569 | [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] |
5570 | xauth_location support; pr 1234 | |
5571 | [readconf.c sshconnect2.c] | |
5572 | typo, unused | |
5573 | [session.c] | |
5574 | allow use_login only for login sessions, otherwise remote commands are | |
5575 | execed with uid==0 | |
5576 | [sshd.8] | |
5577 | document UseLogin better | |
5578 | [version.h] | |
5579 | OpenSSH 2.1.1 | |
5580 | [auth-rsa.c] | |
bcbf86ec | 5581 | fix match_hostname() logic for auth-rsa: deny access if we have a |
fa649821 | 5582 | negative match or no match at all |
5583 | [channels.c hostfile.c match.c] | |
bcbf86ec | 5584 | don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via |
fa649821 | 5585 | kris@FreeBSD.org |
5586 | ||
8e7b16f8 | 5587 | 20000606 |
bcbf86ec | 5588 | - (djm) Added --with-cflags, --with-ldflags and --with-libs options to |
8e7b16f8 | 5589 | configure. |
5590 | ||
d7c0f3d5 | 5591 | 20000604 |
5592 | - Configure tweaking for new login code on Irix 5.3 | |
2d6c411f | 5593 | - (andre) login code changes based on djm feedback |
d7c0f3d5 | 5594 | |
2d6c411f | 5595 | 20000603 |
5596 | - (andre) New login code | |
5597 | - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c | |
5598 | - Add loginrec.[ch], logintest.c and autoconf code | |
61e96248 | 5599 | |
5daf7064 | 5600 | 20000531 |
5601 | - Cleanup of auth.c, login.c and fake-* | |
5602 | - Cleanup of auth-pam.c, save and print "account expired" error messages | |
e5662474 | 5603 | - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> |
69134b9b | 5604 | - Rewrote bsd-login to use proper utmp API if available. Major cleanup |
5605 | of fallback DIY code. | |
5daf7064 | 5606 | |
b9f446d1 | 5607 | 20000530 |
5608 | - Define atexit for old Solaris | |
b02ebca1 | 5609 | - Fix buffer overrun in login.c for systems which use syslen in utmpx. |
5610 | patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp> | |
71276795 | 5611 | - OpenBSD CVS updates: |
5612 | - markus@cvs.openbsd.org | |
5613 | [session.c] | |
5614 | make x11-fwd work w/ localhost (xauth add host/unix:11) | |
5615 | [cipher.c compat.c readconf.c servconf.c] | |
5616 | check strtok() != NULL; ok niels@ | |
5617 | [key.c] | |
5618 | fix key_read() for uuencoded keys w/o '=' | |
5619 | [serverloop.c] | |
5620 | group ssh1 vs. ssh2 in serverloop | |
5621 | [kex.c kex.h myproposal.h sshconnect2.c sshd.c] | |
5622 | split kexinit/kexdh, factor out common code | |
5623 | [readconf.c ssh.1 ssh.c] | |
5624 | forwardagent defaults to no, add ssh -A | |
5625 | - theo@cvs.openbsd.org | |
5626 | [session.c] | |
5627 | just some line shortening | |
60688ef9 | 5628 | - Released 2.1.0p3 |
b9f446d1 | 5629 | |
29611d9c | 5630 | 20000520 |
5631 | - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
25422c70 | 5632 | - Don't touch utmp if USE_UTMPX defined |
a423beaf | 5633 | - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> |
fc1e8bf4 | 5634 | - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com> |
bcbf86ec | 5635 | - HPUX and Configure fixes from Lutz Jaenicke |
fc1e8bf4 | 5636 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
bcbf86ec | 5637 | - Use mkinstalldirs script to make directories instead of non-portable |
fc1e8bf4 | 5638 | "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a905808d | 5639 | - Doc cleanup |
29611d9c | 5640 | |
301e9b01 | 5641 | 20000518 |
5642 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | |
5643 | - OpenBSD CVS updates: | |
5644 | - markus@cvs.openbsd.org | |
5645 | [sshconnect.c] | |
5646 | copy only ai_addrlen bytes; misiek@pld.org.pl | |
5647 | [auth.c] | |
bcbf86ec | 5648 | accept an empty shell in authentication; bug reported by |
301e9b01 | 5649 | chris@tinker.ucr.edu |
5650 | [serverloop.c] | |
5651 | we don't have stderr for interactive terminal sessions (fcntl errors) | |
5652 | ||
ad85db64 | 5653 | 20000517 |
5654 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | |
5655 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | |
5656 | - Fixes erroneous printing of debug messages to syslog | |
5657 | - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) | |
5658 | - Gives useful error message if PRNG initialisation fails | |
5659 | - Reduced ssh startup delay | |
5660 | - Measures cumulative command time rather than the time between reads | |
704b1659 | 5661 | after select() |
ad85db64 | 5662 | - 'fixprogs' perl script to eliminate non-working entropy commands, and |
704b1659 | 5663 | optionally run 'ent' to measure command entropy |
c1ef8333 | 5664 | - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix |
a64009ad | 5665 | - Avoid WCOREDUMP complation errors for systems that lack it |
bcbf86ec | 5666 | - Avoid SIGCHLD warnings from entropy commands |
28c1d5ce | 5667 | - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> |
0e73cc53 | 5668 | - OpenBSD CVS update: |
bcbf86ec | 5669 | - markus@cvs.openbsd.org |
0e73cc53 | 5670 | [ssh.c] |
5671 | fix usage() | |
5672 | [ssh2.h] | |
5673 | draft-ietf-secsh-architecture-05.txt | |
5674 | [ssh.1] | |
5675 | document ssh -T -N (ssh2 only) | |
5676 | [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] | |
5677 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | |
5678 | [aux.c] | |
5679 | missing include | |
c04f75f1 | 5680 | - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
5681 | - INSTALL typo and URL fix | |
5682 | - Makefile fix | |
5683 | - Solaris fixes | |
bcbf86ec | 5684 | - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka |
c04f75f1 | 5685 | <ksakai@kso.netwk.ntt-at.co.jp> |
afa5ee68 | 5686 | - RSAless operation patch from kevin_oconnor@standardandpoors.com |
d45e3d76 | 5687 | - Detect OpenSSL seperatly from RSA |
bcbf86ec | 5688 | - Better test for RSA (more compatible with RSAref). Based on work by |
d45e3d76 | 5689 | Ed Eden <ede370@stl.rural.usda.gov> |
ad85db64 | 5690 | |
3d1a1654 | 5691 | 20000513 |
bcbf86ec | 5692 | - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz |
3d1a1654 | 5693 | <misiek@pld.org.pl> |
5694 | ||
d02a3a00 | 5695 | 20000511 |
bcbf86ec | 5696 | - Fix for prng_seed permissions checking from Lutz Jaenicke |
d02a3a00 | 5697 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
3d1a1654 | 5698 | - "make host-key" fix for Irix |
d02a3a00 | 5699 | |
d0c832f3 | 5700 | 20000509 |
5701 | - OpenBSD CVS update | |
5702 | - markus@cvs.openbsd.org | |
5703 | [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] | |
5704 | [ssh.h sshconnect1.c sshconnect2.c sshd.8] | |
5705 | - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | |
5706 | - hugh@cvs.openbsd.org | |
5707 | [ssh.1] | |
5708 | - zap typo | |
5709 | [ssh-keygen.1] | |
5710 | - One last nit fix. (markus approved) | |
5711 | [sshd.8] | |
5712 | - some markus certified spelling adjustments | |
5713 | - markus@cvs.openbsd.org | |
5714 | [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] | |
5715 | [sshconnect2.c ] | |
5716 | - bug compat w/ ssh-2.0.13 x11, split out bugs | |
5717 | [nchan.c] | |
5718 | - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ | |
5719 | [ssh-keygen.c] | |
5720 | - handle escapes in real and original key format, ok millert@ | |
5721 | [version.h] | |
5722 | - OpenSSH-2.1 | |
3dc1102e | 5723 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
e93ee87a | 5724 | - Doc updates |
bcbf86ec | 5725 | - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported |
21e5304a | 5726 | by Andre Lucas <andre.lucas@dial.pipex.com> |
d0c832f3 | 5727 | |
ebdeb9a8 | 5728 | 20000508 |
5729 | - Makefile and RPM spec fixes | |
5730 | - Generate DSA host keys during "make key" or RPM installs | |
f6cde515 | 5731 | - OpenBSD CVS update |
5732 | - markus@cvs.openbsd.org | |
5733 | [clientloop.c sshconnect2.c] | |
5734 | - make x11-fwd interop w/ ssh-2.0.13 | |
5735 | [README.openssh2] | |
5736 | - interop w/ SecureFX | |
5737 | - Release 2.0.0beta2 | |
ebdeb9a8 | 5738 | |
bcbf86ec | 5739 | - Configure caching and cleanup patch from Andre Lucas' |
58d100bf | 5740 | <andre.lucas@dial.pipex.com> |
5741 | ||
1d1ffb87 | 5742 | 20000507 |
5743 | - Remove references to SSLeay. | |
5744 | - Big OpenBSD CVS update | |
5745 | - markus@cvs.openbsd.org | |
5746 | [clientloop.c] | |
5747 | - typo | |
5748 | [session.c] | |
5749 | - update proctitle on pty alloc/dealloc, e.g. w/ windows client | |
5750 | [session.c] | |
5751 | - update proctitle for proto 1, too | |
5752 | [channels.h nchan.c serverloop.c session.c sshd.c] | |
5753 | - use c-style comments | |
5754 | - deraadt@cvs.openbsd.org | |
5755 | [scp.c] | |
5756 | - more atomicio | |
bcbf86ec | 5757 | - markus@cvs.openbsd.org |
1d1ffb87 | 5758 | [channels.c] |
5759 | - set O_NONBLOCK | |
5760 | [ssh.1] | |
5761 | - update AUTHOR | |
5762 | [readconf.c ssh-keygen.c ssh.h] | |
5763 | - default DSA key file ~/.ssh/id_dsa | |
5764 | [clientloop.c] | |
5765 | - typo, rm verbose debug | |
5766 | - deraadt@cvs.openbsd.org | |
5767 | [ssh-keygen.1] | |
5768 | - document DSA use of ssh-keygen | |
5769 | [sshd.8] | |
5770 | - a start at describing what i understand of the DSA side | |
5771 | [ssh-keygen.1] | |
5772 | - document -X and -x | |
5773 | [ssh-keygen.c] | |
5774 | - simplify usage | |
bcbf86ec | 5775 | - markus@cvs.openbsd.org |
1d1ffb87 | 5776 | [sshd.8] |
5777 | - there is no rhosts_dsa | |
5778 | [ssh-keygen.1] | |
5779 | - document -y, update -X,-x | |
5780 | [nchan.c] | |
5781 | - fix close for non-open ssh1 channels | |
5782 | [servconf.c servconf.h ssh.h sshd.8 sshd.c ] | |
5783 | - s/DsaKey/HostDSAKey/, document option | |
5784 | [sshconnect2.c] | |
5785 | - respect number_of_password_prompts | |
5786 | [channels.c channels.h servconf.c servconf.h session.c sshd.8] | |
5787 | - GatewayPorts for sshd, ok deraadt@ | |
5788 | [ssh-add.1 ssh-agent.1 ssh.1] | |
5789 | - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 | |
5790 | [ssh.1] | |
5791 | - more info on proto 2 | |
5792 | [sshd.8] | |
5793 | - sync AUTHOR w/ ssh.1 | |
5794 | [key.c key.h sshconnect.c] | |
5795 | - print key type when talking about host keys | |
5796 | [packet.c] | |
5797 | - clear padding in ssh2 | |
5798 | [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] | |
5799 | - replace broken uuencode w/ libc b64_ntop | |
5800 | [auth2.c] | |
5801 | - log failure before sending the reply | |
5802 | [key.c radix.c uuencode.c] | |
5803 | - remote trailing comments before calling __b64_pton | |
5804 | [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] | |
5805 | [sshconnect2.c sshd.8] | |
5806 | - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 | |
5807 | - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) | |
5808 | ||
1a11e1ae | 5809 | 20000502 |
0fbe8c74 | 5810 | - OpenBSD CVS update |
5811 | [channels.c] | |
5812 | - init all fds, close all fds. | |
5813 | [sshconnect2.c] | |
5814 | - check whether file exists before asking for passphrase | |
5815 | [servconf.c servconf.h sshd.8 sshd.c] | |
5816 | - PidFile, pr 1210 | |
5817 | [channels.c] | |
5818 | - EINTR | |
5819 | [channels.c] | |
5820 | - unbreak, ok niels@ | |
5821 | [sshd.c] | |
5822 | - unlink pid file, ok niels@ | |
5823 | [auth2.c] | |
5824 | - Add missing #ifdefs; ok - markus | |
bcbf86ec | 5825 | - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy |
d3083fbd | 5826 | gathering commands from a text file |
1a11e1ae | 5827 | - Release 2.0.0beta1 |
5828 | ||
c4bc58eb | 5829 | 20000501 |
5830 | - OpenBSD CVS update | |
5831 | [packet.c] | |
5832 | - send debug messages in SSH2 format | |
3189621b | 5833 | [scp.c] |
5834 | - fix very rare EAGAIN/EINTR issues; based on work by djm | |
5835 | [packet.c] | |
5836 | - less debug, rm unused | |
5837 | [auth2.c] | |
5838 | - disable kerb,s/key in ssh2 | |
5839 | [sshd.8] | |
5840 | - Minor tweaks and typo fixes. | |
5841 | [ssh-keygen.c] | |
5842 | - Put -d into usage and reorder. markus ok. | |
bcbf86ec | 5843 | - Include missing headers for OpenSSL tests. Fix from Phil Karn |
44fb55e9 | 5844 | <karn@ka9q.ampr.org> |
bcbf86ec | 5845 | - Fixed __progname symbol collisions reported by Andre Lucas |
3fd95d9a | 5846 | <andre.lucas@dial.pipex.com> |
0d5f7abc | 5847 | - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering |
5848 | <gd@hilb1.medat.de> | |
8cb940db | 5849 | - Add some missing ifdefs to auth2.c |
8af50c98 | 5850 | - Deprecate perl-tk askpass. |
52bcc044 | 5851 | - Irix portability fixes - don't include netinet headers more than once |
5852 | - Make sure we don't save PRNG seed more than once | |
c4bc58eb | 5853 | |
2b763e31 | 5854 | 20000430 |
5855 | - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> | |
b7a87eea | 5856 | - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection |
5857 | patch. | |
5858 | - Adds timeout to entropy collection | |
5859 | - Disables slow entropy sources | |
5860 | - Load and save seed file | |
bcbf86ec | 5861 | - Changed entropy seed code to user per-user seeds only (server seed is |
b7a87eea | 5862 | saved in root's .ssh directory) |
5863 | - Use atexit() and fatal cleanups to save seed on exit | |
0b242b12 | 5864 | - More OpenBSD updates: |
5865 | [session.c] | |
5866 | - don't call chan_write_failed() if we are not writing | |
5867 | [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] | |
5868 | - keysize warnings error() -> log() | |
2b763e31 | 5869 | |
a306f2dd | 5870 | 20000429 |
5871 | - Merge big update to OpenSSH-2.0 from OpenBSD CVS | |
5872 | [README.openssh2] | |
5873 | - interop w/ F-secure windows client | |
5874 | - sync documentation | |
5875 | - ssh_host_dsa_key not ssh_dsa_key | |
5876 | [auth-rsa.c] | |
5877 | - missing fclose | |
5878 | [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] | |
5879 | [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] | |
5880 | [sshd.c uuencode.c uuencode.h authfile.h] | |
5881 | - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | |
5882 | for trading keys with the real and the original SSH, directly from the | |
5883 | people who invented the SSH protocol. | |
5884 | [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] | |
5885 | [sshconnect1.c sshconnect2.c] | |
5886 | - split auth/sshconnect in one file per protocol version | |
5887 | [sshconnect2.c] | |
5888 | - remove debug | |
5889 | [uuencode.c] | |
5890 | - add trailing = | |
5891 | [version.h] | |
5892 | - OpenSSH-2.0 | |
5893 | [ssh-keygen.1 ssh-keygen.c] | |
5894 | - add -R flag: exit code indicates if RSA is alive | |
5895 | [sshd.c] | |
5896 | - remove unused | |
5897 | silent if -Q is specified | |
5898 | [ssh.h] | |
5899 | - host key becomes /etc/ssh_host_dsa_key | |
5900 | [readconf.c servconf.c ] | |
5901 | - ssh/sshd default to proto 1 and 2 | |
5902 | [uuencode.c] | |
5903 | - remove debug | |
5904 | [auth2.c ssh-keygen.c sshconnect2.c sshd.c] | |
5905 | - xfree DSA blobs | |
5906 | [auth2.c serverloop.c session.c] | |
5907 | - cleanup logging for sshd/2, respect PasswordAuth no | |
5908 | [sshconnect2.c] | |
5909 | - less debug, respect .ssh/config | |
5910 | [README.openssh2 channels.c channels.h] | |
bcbf86ec | 5911 | - clientloop.c session.c ssh.c |
a306f2dd | 5912 | - support for x11-fwding, client+server |
5913 | ||
0ac7199f | 5914 | 20000421 |
5915 | - Merge fix from OpenBSD CVS | |
5916 | [ssh-agent.c] | |
5917 | - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de> | |
5918 | via Debian bug #59926 | |
18ba2aab | 5919 | - Define __progname in session.c if libc doesn't |
5920 | - Remove indentation on autoconf #include statements to avoid bug in | |
bcbf86ec | 5921 | DEC Tru64 compiler. Report and fix from David Del Piero |
18ba2aab | 5922 | <David.DelPiero@qed.qld.gov.au> |
0ac7199f | 5923 | |
e1b37056 | 5924 | 20000420 |
bcbf86ec | 5925 | - Make fixpaths work with perl4, patch from Andre Lucas |
e1b37056 | 5926 | <andre.lucas@dial.pipex.com> |
9da5c3c9 | 5927 | - Sync with OpenBSD CVS: |
5928 | [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] | |
5929 | - pid_t | |
5930 | [session.c] | |
5931 | - remove bogus chan_read_failed. this could cause data | |
5932 | corruption (missing data) at end of a SSH2 session. | |
4e577b89 | 5933 | - Merge fixes from Debian patch from Phil Hands <phil@hands.com> |
5934 | - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) | |
5935 | - Use vhangup to clean up Linux ttys | |
5936 | - Force posix getopt processing on GNU libc systems | |
371ecff9 | 5937 | - Debian bug #55910 - remove references to ssl(8) manpages |
247f1a89 | 5938 | - Debian bug #58031 - ssh_config lies about default cipher |
e1b37056 | 5939 | |
d6f24e45 | 5940 | 20000419 |
5941 | - OpenBSD CVS updates | |
5942 | [channels.c] | |
5943 | - fix pr 1196, listen_port and port_to_connect interchanged | |
5944 | [scp.c] | |
bcbf86ec | 5945 | - after completion, replace the progress bar ETA counter with a final |
d6f24e45 | 5946 | elapsed time; my idea, aaron wrote the patch |
5947 | [ssh_config sshd_config] | |
5948 | - show 'Protocol' as an example, ok markus@ | |
5949 | [sshd.c] | |
5950 | - missing xfree() | |
5951 | - Add missing header to bsd-misc.c | |
5952 | ||
35484284 | 5953 | 20000416 |
5954 | - Reduce diff against OpenBSD source | |
bcbf86ec | 5955 | - All OpenSSL includes are now unconditionally referenced as |
35484284 | 5956 | openssl/foo.h |
5957 | - Pick up formatting changes | |
5958 | - Other minor changed (typecasts, etc) that I missed | |
5959 | ||
6ae2364d | 5960 | 20000415 |
5961 | - OpenBSD CVS updates. | |
5962 | [ssh.1 ssh.c] | |
5963 | - ssh -2 | |
5964 | [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] | |
5965 | [session.c sshconnect.c] | |
5966 | - check payload for (illegal) extra data | |
5967 | [ALL] | |
5968 | whitespace cleanup | |
5969 | ||
c323ac76 | 5970 | 20000413 |
5971 | - INSTALL doc updates | |
f54651ce | 5972 | - Merged OpenBSD updates to include paths. |
bcbf86ec | 5973 | |
a8be9f80 | 5974 | 20000412 |
5975 | - OpenBSD CVS updates: | |
5976 | - [channels.c] | |
5977 | repair x11-fwd | |
5978 | - [sshconnect.c] | |
5979 | fix passwd prompt for ssh2, less debugging output. | |
5980 | - [clientloop.c compat.c dsa.c kex.c sshd.c] | |
5981 | less debugging output | |
5982 | - [kex.c kex.h sshconnect.c sshd.c] | |
5983 | check for reasonable public DH values | |
5984 | - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] | |
5985 | [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] | |
5986 | add Cipher and Protocol options to ssh/sshd, e.g.: | |
5987 | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers | |
5988 | arcfour,3des-cbc' | |
5989 | - [sshd.c] | |
5990 | print 1.99 only if server supports both | |
5991 | ||
18e92801 | 5992 | 20000408 |
5993 | - Avoid some compiler warnings in fake-get*.c | |
5994 | - Add IPTOS macros for systems which lack them | |
9d98aaf6 | 5995 | - Only set define entropy collection macros if they are found |
e78a59f5 | 5996 | - More large OpenBSD CVS updates: |
5997 | - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] | |
5998 | [session.h ssh.h sshd.c README.openssh2] | |
5999 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | |
6000 | - [channels.c] | |
6001 | no adjust after close | |
6002 | - [sshd.c compat.c ] | |
6003 | interop w/ latest ssh.com windows client. | |
61e96248 | 6004 | |
8ce64345 | 6005 | 20000406 |
6006 | - OpenBSD CVS update: | |
6007 | - [channels.c] | |
6008 | close efd on eof | |
6009 | - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] | |
6010 | ssh2 client implementation, interops w/ ssh.com and lsh servers. | |
6011 | - [sshconnect.c] | |
6012 | missing free. | |
6013 | - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] | |
6014 | remove unused argument, split cipher_mask() | |
6015 | - [clientloop.c] | |
6016 | re-order: group ssh1 vs. ssh2 | |
6017 | - Make Redhat spec require openssl >= 0.9.5a | |
6018 | ||
e7627112 | 6019 | 20000404 |
6020 | - Add tests for RAND_add function when searching for OpenSSL | |
7e7327a1 | 6021 | - OpenBSD CVS update: |
6022 | - [packet.h packet.c] | |
6023 | ssh2 packet format | |
6024 | - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] | |
6025 | [channels.h channels.c] | |
6026 | channel layer support for ssh2 | |
6027 | - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] | |
6028 | DSA, keyexchange, algorithm agreement for ssh2 | |
6c081128 | 6029 | - Generate manpages before make install not at the end of make all |
6030 | - Don't seed the rng quite so often | |
6031 | - Always reseed rng when requested | |
e7627112 | 6032 | |
bfc9a610 | 6033 | 20000403 |
6034 | - Wrote entropy collection routines for systems that lack /dev/random | |
6035 | and EGD | |
837c30b8 | 6036 | - Disable tests and typedefs for 64 bit types. They are currently unused. |
bfc9a610 | 6037 | |
7368a6c8 | 6038 | 20000401 |
6039 | - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) | |
6040 | - [auth.c session.c sshd.c auth.h] | |
6041 | split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal | |
6042 | - [bufaux.c bufaux.h] | |
6043 | support ssh2 bignums | |
6044 | - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] | |
6045 | [readconf.c ssh.c ssh.h serverloop.c] | |
6046 | replace big switch() with function tables (prepare for ssh2) | |
6047 | - [ssh2.h] | |
6048 | ssh2 message type codes | |
6049 | - [sshd.8] | |
6050 | reorder Xr to avoid cutting | |
6051 | - [serverloop.c] | |
6052 | close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ | |
6053 | - [channels.c] | |
6054 | missing close | |
6055 | allow bigger packets | |
6056 | - [cipher.c cipher.h] | |
6057 | support ssh2 ciphers | |
6058 | - [compress.c] | |
6059 | cleanup, less code | |
6060 | - [dispatch.c dispatch.h] | |
6061 | function tables for different message types | |
6062 | - [log-server.c] | |
6063 | do not log() if debuggin to stderr | |
6064 | rename a cpp symbol, to avoid param.h collision | |
6065 | - [mpaux.c] | |
6066 | KNF | |
6067 | - [nchan.c] | |
6068 | sync w/ channels.c | |
6069 | ||
f5238bee | 6070 | 20000326 |
6071 | - Better tests for OpenSSL w/ RSAref | |
bcbf86ec | 6072 | - Added replacement setenv() function from OpenBSD libc. Suggested by |
f5238bee | 6073 | Ben Lindstrom <mouring@pconline.com> |
4fe2af09 | 6074 | - OpenBSD CVS update |
6075 | - [auth-krb4.c] | |
6076 | -Wall | |
6077 | - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] | |
6078 | [match.h ssh.c ssh.h sshconnect.c sshd.c] | |
6079 | initial support for DSA keys. ok deraadt@, niels@ | |
6080 | - [cipher.c cipher.h] | |
6081 | remove unused cipher_attack_detected code | |
6082 | - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] | |
6083 | Fix some formatting problems I missed before. | |
6084 | - [ssh.1 sshd.8] | |
6085 | fix spelling errors, From: FreeBSD | |
6086 | - [ssh.c] | |
6087 | switch to raw mode only if he _get_ a pty (not if we _want_ a pty). | |
f5238bee | 6088 | |
0024a081 | 6089 | 20000324 |
6090 | - Released 1.2.3 | |
6091 | ||
bd499f9e | 6092 | 20000317 |
6093 | - Clarified --with-default-path option. | |
6094 | - Added -blibpath handling for AIX to work around stupid runtime linking. | |
6095 | Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble | |
986a22ec | 6096 | <jmknoble@jmknoble.cx> |
474b5fef | 6097 | - Checks for 64 bit int types. Problem report from Mats Fredholm |
6098 | <matsf@init.se> | |
610cd5c6 | 6099 | - OpenBSD CVS updates: |
bcbf86ec | 6100 | - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] |
610cd5c6 | 6101 | [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] |
6102 | [sshd.c] | |
6103 | pedantic: signed vs. unsigned, void*-arithm, etc | |
6104 | - [ssh.1 sshd.8] | |
6105 | Various cleanups and standardizations. | |
bcbf86ec | 6106 | - Runtime error fix for HPUX from Otmar Stahl |
be48d23c | 6107 | <O.Stahl@lsw.uni-heidelberg.de> |
bd499f9e | 6108 | |
4696775a | 6109 | 20000316 |
bcbf86ec | 6110 | - Fixed configure not passing LDFLAGS to Solaris. Report from David G. |
4696775a | 6111 | Hesprich <dghespri@sprintparanet.com> |
d423d822 | 6112 | - Propogate LD through to Makefile |
b7a9ce47 | 6113 | - Doc cleanups |
2ba2a610 | 6114 | - Added blurb about "scp: command not found" errors to UPGRADING |
4696775a | 6115 | |
cb0b7ea4 | 6116 | 20000315 |
6117 | - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list | |
6118 | problems with gcc/Solaris. | |
bcbf86ec | 6119 | - Don't free argument to putenv() after use (in setenv() replacement). |
db55a3ea | 6120 | Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> |
bcbf86ec | 6121 | - Created contrib/ subdirectory. Included helpers from Phil Hands' |
13652e52 | 6122 | Debian package, README file and chroot patch from Ricardo Cerqueira |
6123 | <rmcc@clix.pt> | |
bcbf86ec | 6124 | - Moved gnome-ssh-askpass.c to contrib directory and removed config |
13652e52 | 6125 | option. |
6126 | - Slight cleanup to doc files | |
b14b2ae7 | 6127 | - Configure fix from Bratislav ILICH <bilic@zepter.ru> |
cb0b7ea4 | 6128 | |
a8ed9fd9 | 6129 | 20000314 |
bcbf86ec | 6130 | - Include macro for IN6_IS_ADDR_V4MAPPED. Report from |
a8ed9fd9 | 6131 | peter@frontierflying.com |
84afc958 | 6132 | - Include /usr/local/include and /usr/local/lib for systems that don't |
6133 | do it themselves | |
6134 | - -R/usr/local/lib for Solaris | |
6135 | - Fix RSAref detection | |
6136 | - Fix IN6_IS_ADDR_V4MAPPED macro | |
a8ed9fd9 | 6137 | |
bcf36c78 | 6138 | 20000311 |
6139 | - Detect RSAref | |
43e48848 | 6140 | - OpenBSD CVS change |
6141 | [sshd.c] | |
6142 | - disallow guessing of root password | |
867dbf40 | 6143 | - More configure fixes |
80faa19f | 6144 | - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> |
bcf36c78 | 6145 | |
c8d54615 | 6146 | 20000309 |
6147 | - OpenBSD CVS updates to v1.2.3 | |
704b1659 | 6148 | [ssh.h atomicio.c] |
6149 | - int atomicio -> ssize_t (for alpha). ok deraadt@ | |
6150 | [auth-rsa.c] | |
6151 | - delay MD5 computation until client sends response, free() early, cleanup. | |
6152 | [cipher.c] | |
6153 | - void* -> unsigned char*, ok niels@ | |
6154 | [hostfile.c] | |
6155 | - remove unused variable 'len'. fix comments. | |
6156 | - remove unused variable | |
6157 | [log-client.c log-server.c] | |
6158 | - rename a cpp symbol, to avoid param.h collision | |
6159 | [packet.c] | |
6160 | - missing xfree() | |
6161 | - getsockname() requires initialized tolen; andy@guildsoftware.com | |
6162 | - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
6163 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
6164 | [pty.c pty.h] | |
bcbf86ec | 6165 | - register cleanup for pty earlier. move code for pty-owner handling to |
c8d54615 | 6166 | pty.c ok provos@, dugsong@ |
704b1659 | 6167 | [readconf.c] |
6168 | - turn off x11-fwd for the client, too. | |
6169 | [rsa.c] | |
6170 | - PKCS#1 padding | |
6171 | [scp.c] | |
6172 | - allow '.' in usernames; from jedgar@fxp.org | |
6173 | [servconf.c] | |
6174 | - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de | |
6175 | - sync with sshd_config | |
6176 | [ssh-keygen.c] | |
6177 | - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ | |
6178 | [ssh.1] | |
6179 | - Change invalid 'CHAT' loglevel to 'VERBOSE' | |
6180 | [ssh.c] | |
6181 | - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp | |
6182 | - turn off x11-fwd for the client, too. | |
6183 | [sshconnect.c] | |
6184 | - missing xfree() | |
6185 | - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. | |
6186 | - read error vs. "Connection closed by remote host" | |
6187 | [sshd.8] | |
6188 | - ie. -> i.e., | |
6189 | - do not link to a commercial page.. | |
6190 | - sync with sshd_config | |
6191 | [sshd.c] | |
6192 | - no need for poll.h; from bright@wintelcom.net | |
6193 | - log with level log() not fatal() if peer behaves badly. | |
6194 | - don't panic if client behaves strange. ok deraadt@ | |
6195 | - make no-port-forwarding for RSA keys deny both -L and -R style fwding | |
6196 | - delay close() of pty until the pty has been chowned back to root | |
6197 | - oops, fix comment, too. | |
6198 | - missing xfree() | |
6199 | - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. | |
6200 | (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) | |
bcbf86ec | 6201 | - register cleanup for pty earlier. move code for pty-owner handling to |
704b1659 | 6202 | pty.c ok provos@, dugsong@ |
6203 | - create x11 cookie file | |
6204 | - fix pr 1113, fclose() -> pclose(), todo: remote popen() | |
6205 | - version 1.2.3 | |
c8d54615 | 6206 | - Cleaned up |
bcbf86ec | 6207 | - Removed warning workaround for Linux and devpts filesystems (no longer |
d8223847 | 6208 | required after OpenBSD updates) |
c8d54615 | 6209 | |
07055445 | 6210 | 20000308 |
6211 | - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> | |
6212 | ||
6213 | 20000307 | |
6214 | - Released 1.2.2p1 | |
6215 | ||
9c8c3fc6 | 6216 | 20000305 |
6217 | - Fix DEC compile fix | |
54096dcc | 6218 | - Explicitly seed OpenSSL's PRNG before checking rsa_alive() |
aa6bd60a | 6219 | - Check for getpagesize in libucb.a if not found in libc. Fix for old |
6220 | Solaris from Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 6221 | - Check for libwrap if --with-tcp-wrappers option specified. Suggestion |
9fc7867e | 6222 | Mate Wierdl <mw@moni.msci.memphis.edu> |
9c8c3fc6 | 6223 | |
6bf4d066 | 6224 | 20000303 |
6225 | - Added "make host-key" target, Suggestion from Dominik Brettnacher | |
6226 | <domi@saargate.de> | |
bcbf86ec | 6227 | - Don't permanently fail on bind() if getaddrinfo has more choices left for |
16218745 | 6228 | us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz |
6229 | Miskiewicz <misiek@pld.org.pl> | |
22fa590f | 6230 | - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> |
6231 | - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au> | |
6bf4d066 | 6232 | |
a0391976 | 6233 | 20000302 |
6234 | - Big cleanup of autoconf code | |
6235 | - Rearranged to be a little more logical | |
6236 | - Added -R option for Solaris | |
6237 | - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program | |
6238 | to detect library and header location _and_ ensure library has proper | |
6239 | RSA support built in (this is a problem with OpenSSL 0.9.5). | |
817175bc | 6240 | - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de |
0a1718dc | 6241 | - Avoid warning message with Unix98 ptys |
bcbf86ec | 6242 | - Warning was valid - possible race condition on PTYs. Avoided using |
3276571c | 6243 | platform-specific code. |
6244 | - Document some common problems | |
bcbf86ec | 6245 | - Allow root access to any key. Patch from |
81eef326 | 6246 | markus.friedl@informatik.uni-erlangen.de |
a0391976 | 6247 | |
f55afe71 | 6248 | 20000207 |
6249 | - Removed SOCKS code. Will support through a ProxyCommand. | |
6250 | ||
d07d1c58 | 6251 | 20000203 |
6252 | - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu | |
d581b7ae | 6253 | - Add --with-ssl-dir option |
d07d1c58 | 6254 | |
9d5f374b | 6255 | 20000202 |
bcbf86ec | 6256 | - Fix lastlog code for directory based lastlogs. Fix from Josh Durham |
9d5f374b | 6257 | <jmd@aoe.vt.edu> |
6b1f3fdb | 6258 | - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 6259 | - Added URLs to Japanese translations of documents by HARUYAMA Seigo |
6b1f3fdb | 6260 | <haruyama@nt.phys.s.u-tokyo.ac.jp> |
9d5f374b | 6261 | |
bc8c2601 | 6262 | 20000201 |
6263 | - Use socket pairs by default (instead of pipes). Prevents race condition | |
6264 | on several (buggy) OSs. Report and fix from tridge@linuxcare.com | |
6265 | ||
69c76614 | 6266 | 20000127 |
6267 | - Seed OpenSSL's random number generator before generating RSA keypairs | |
6268 | - Split random collector into seperate file | |
aaf2abd7 | 6269 | - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> |
69c76614 | 6270 | |
f9507c24 | 6271 | 20000126 |
6272 | - Released 1.2.2 stable | |
6273 | ||
bcbf86ec | 6274 | - NeXT keeps it lastlog in /usr/adm. Report from |
f9507c24 | 6275 | mouring@newton.pconline.com |
bcbf86ec | 6276 | - Added note in UPGRADING re interop with commercial SSH using idea. |
986a22ec | 6277 | Report from Jim Knoble <jmknoble@jmknoble.cx> |
587120ad | 6278 | - Fix linking order for Kerberos/AFS. Fix from Holget Trapp |
6279 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
f9507c24 | 6280 | |
bfae20ad | 6281 | 20000125 |
bcbf86ec | 6282 | - Fix NULL pointer dereference in login.c. Fix from Andre Lucas |
bfae20ad | 6283 | <andre.lucas@dial.pipex.com> |
07b0cb78 | 6284 | - Reorder PAM initialisation so it does not mess up lastlog. Reported |
6285 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 6286 | - Use preformatted manpages on SCO, report from Gary E. Miller |
9755cbdb | 6287 | <gem@rellim.com> |
6288 | - New URL for x11-ssh-askpass. | |
bcbf86ec | 6289 | - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble |
986a22ec | 6290 | <jmknoble@jmknoble.cx> |
bcbf86ec | 6291 | - Added 'DESTDIR' option to Makefile to ease package building. Patch from |
986a22ec | 6292 | Jim Knoble <jmknoble@jmknoble.cx> |
ff8ecdb8 | 6293 | - Updated RPM spec files to use DESTDIR |
bfae20ad | 6294 | |
bb58aa4b | 6295 | 20000124 |
6296 | - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number | |
6297 | increment) | |
6298 | ||
d45317d8 | 6299 | 20000123 |
6300 | - OpenBSD CVS: | |
6301 | - [packet.c] | |
6302 | getsockname() requires initialized tolen; andy@guildsoftware.com | |
bcbf86ec | 6303 | - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin |
4c40f834 | 6304 | <drankin@bohemians.lexington.ky.us> |
12aa90af | 6305 | - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> |
d45317d8 | 6306 | |
e844f761 | 6307 | 20000122 |
6308 | - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor | |
6309 | <bent@clark.net> | |
c54a6257 | 6310 | - Merge preformatted manpage patch from Andre Lucas |
6311 | <andre.lucas@dial.pipex.com> | |
8eb34e02 | 6312 | - Make IPv4 use the default in RPM packages |
6313 | - Irix uses preformatted manpages | |
1e64903d | 6314 | - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp |
6315 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
9bc5ddfe | 6316 | - OpenBSD CVS updates: |
6317 | - [packet.c] | |
6318 | use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
6319 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
6320 | - [sshd.c] | |
6321 | log with level log() not fatal() if peer behaves badly. | |
6322 | - [readpass.c] | |
bcbf86ec | 6323 | instead of blocking SIGINT, catch it ourselves, so that we can clean |
6324 | the tty modes up and kill ourselves -- instead of our process group | |
61e96248 | 6325 | leader (scp, cvs, ...) going away and leaving us in noecho mode. |
9bc5ddfe | 6326 | people with cbreak shells never even noticed.. |
399d9d44 | 6327 | - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
6328 | ie. -> i.e., | |
e844f761 | 6329 | |
4c8ef3fb | 6330 | 20000120 |
6331 | - Don't use getaddrinfo on AIX | |
7b2ea3a1 | 6332 | - Update to latest OpenBSD CVS: |
6333 | - [auth-rsa.c] | |
6334 | - fix user/1056, sshd keeps restrictions; dbt@meat.net | |
6335 | - [sshconnect.c] | |
6336 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
6337 | - destroy keys earlier | |
bcbf86ec | 6338 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 6339 | ok: provos@ |
7b2ea3a1 | 6340 | - [sshd.c] |
6341 | - no need for poll.h; from bright@wintelcom.net | |
6342 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
bcbf86ec | 6343 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 6344 | ok: provos@ |
f3bba493 | 6345 | - Big manpage and config file cleanup from Andre Lucas |
6346 | <andre.lucas@dial.pipex.com> | |
5f4fdfae | 6347 | - Re-added latest (unmodified) OpenBSD manpages |
47f9a56a | 6348 | - Doc updates |
d468fc76 | 6349 | - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and |
6350 | Christos Zoulas <christos@netbsd.org> | |
4c8ef3fb | 6351 | |
082bbfb3 | 6352 | 20000119 |
20af321f | 6353 | - SCO compile fixes from Gary E. Miller <gem@rellim.com> |
082bbfb3 | 6354 | - Compile fix from Darren_Hall@progressive.com |
59e76f33 | 6355 | - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC |
6356 | addresses using getaddrinfo(). Added a configure switch to make the | |
6357 | default lookup mode AF_INET | |
082bbfb3 | 6358 | |
a63a7f37 | 6359 | 20000118 |
6360 | - Fixed --with-pid-dir option | |
51a6baf8 | 6361 | - Makefile fix from Gary E. Miller <gem@rellim.com> |
61e96248 | 6362 | - Compile fix for HPUX and Solaris from Andre Lucas |
976f7e19 | 6363 | <andre.lucas@dial.pipex.com> |
a63a7f37 | 6364 | |
f914c7fb | 6365 | 20000117 |
6366 | - Clean up bsd-bindresvport.c. Use arc4random() for picking initial | |
6367 | port, ignore EINVAL errors (Linux) when searching for free port. | |
bcbf86ec | 6368 | - Revert __snprintf -> snprintf aliasing. Apparently Solaris |
de93b046 | 6369 | __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org> |
9b363e1c | 6370 | - Document location of Redhat PAM file in INSTALL. |
bcbf86ec | 6371 | - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 |
6372 | INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to | |
f4a7cf29 | 6373 | deliver (no IPv6 kernel support) |
80a44451 | 6374 | - Released 1.2.1pre27 |
f914c7fb | 6375 | |
f4a7cf29 | 6376 | - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) |
bcbf86ec | 6377 | - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen |
cf8ad170 | 6378 | <jhuuskon@hytti.uku.fi> |
bcbf86ec | 6379 | - Fix hang on logout if processes are still using the pty. Needs |
691a8a9f | 6380 | further testing. |
5957fd29 | 6381 | - Patch from Christos Zoulas <christos@zoulas.com> |
6382 | - Try $prefix first when looking for OpenSSL. | |
6383 | - Include sys/types.h when including sys/socket.h in test programs | |
bcbf86ec | 6384 | - Substitute PID directory in sshd.8. Suggestion from Andrew |
19d9ac2a | 6385 | Stribblehill <a.d.stribblehill@durham.ac.uk> |
f4a7cf29 | 6386 | |
47e45e44 | 6387 | 20000116 |
6388 | - Renamed --with-xauth-path to --with-xauth | |
6389 | - Added --with-pid-dir option | |
6390 | - Released 1.2.1pre26 | |
6391 | ||
a82ef8ae | 6392 | - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
bcbf86ec | 6393 | - Fixed broken bugfix for /dev/ptmx on Linux systems which lack |
66be05a1 | 6394 | openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
a82ef8ae | 6395 | |
5cdfe03f | 6396 | 20000115 |
6397 | - Add --with-xauth-path configure directive and explicit test for | |
bcbf86ec | 6398 | /usr/openwin/bin/xauth for Solaris systems. Report from Anders |
5cdfe03f | 6399 | Nordby <anders@fix.no> |
bcbf86ec | 6400 | - Fix incorrect detection of /dev/ptmx on Linux systems that lack |
5cdfe03f | 6401 | openpty. Report from John Seifarth <john@waw.be> |
6402 | - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in | |
bcbf86ec | 6403 | sys/types.h. Fixes problems on SCO, report from Gary E. Miller |
5cdfe03f | 6404 | <gem@rellim.com> |
6405 | - Use __snprintf and __vnsprintf if they are found where snprintf and | |
6406 | vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net> | |
6407 | and others. | |
6408 | ||
48e671d5 | 6409 | 20000114 |
6410 | - Merged OpenBSD IPv6 patch: | |
6411 | - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] | |
6412 | [scp.c packet.h packet.c login.c log.c canohost.c channels.c] | |
6413 | [hostfile.c sshd_config] | |
6414 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new | |
bcbf86ec | 6415 | features: sshd allows multiple ListenAddress and Port options. note |
6416 | that libwrap is not IPv6-ready. (based on patches from | |
48e671d5 | 6417 | fujiwara@rcac.tdi.co.jp) |
6418 | - [ssh.c canohost.c] | |
bcbf86ec | 6419 | more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, |
48e671d5 | 6420 | from itojun@ |
6421 | - [channels.c] | |
6422 | listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) | |
6423 | - [packet.h] | |
6424 | allow auth-kerberos for IPv4 only | |
6425 | - [scp.1 sshd.8 servconf.h scp.c] | |
6426 | document -4, -6, and 'ssh -L 2022/::1/22' | |
6427 | - [ssh.c] | |
bcbf86ec | 6428 | 'ssh @host' is illegal (null user name), from |
48e671d5 | 6429 | karsten@gedankenpolizei.de |
6430 | - [sshconnect.c] | |
6431 | better error message | |
6432 | - [sshd.c] | |
6433 | allow auth-kerberos for IPv4 only | |
6434 | - Big IPv6 merge: | |
6435 | - Cleanup overrun in sockaddr copying on RHL 6.1 | |
6436 | - Replacements for getaddrinfo, getnameinfo, etc based on versions | |
6437 | from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> | |
6438 | - Replacement for missing structures on systems that lack IPv6 | |
6439 | - record_login needed to know about AF_INET6 addresses | |
6440 | - Borrowed more code from OpenBSD: rresvport_af and requisites | |
6441 | ||
2598df62 | 6442 | 20000110 |
6443 | - Fixes to auth-skey to enable it to use the standard OpenSSL libraries | |
6444 | ||
b8a0310d | 6445 | 20000107 |
6446 | - New config.sub and config.guess to fix problems on SCO. Supplied | |
6447 | by Gary E. Miller <gem@rellim.com> | |
b6a98a85 | 6448 | - SCO build fix from Gary E. Miller <gem@rellim.com> |
2598df62 | 6449 | - Released 1.2.1pre25 |
b8a0310d | 6450 | |
dfb95100 | 6451 | 20000106 |
6452 | - Documentation update & cleanup | |
6453 | - Better KrbIV / AFS detection, based on patch from: | |
6454 | Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
6455 | ||
b9795b89 | 6456 | 20000105 |
bcbf86ec | 6457 | - Fixed annoying DES corruption problem. libcrypt has been |
b9795b89 | 6458 | overriding symbols in libcrypto. Removed libcrypt and crypt.h |
6459 | altogether (libcrypto includes its own crypt(1) replacement) | |
6460 | - Added platform-specific rules for Irix 6.x. Included warning that | |
6461 | they are untested. | |
6462 | ||
a1ec4d79 | 6463 | 20000103 |
6464 | - Add explicit make rules for files proccessed by fixpaths. | |
61e96248 | 6465 | - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori |
a1ec4d79 | 6466 | <tnh@kondara.org> |
bcbf86ec | 6467 | - Removed "nullok" directive from default PAM configuration files. |
6468 | Added information on enabling EmptyPasswords on openssh+PAM in | |
607d73e6 | 6469 | UPGRADING file. |
e02735bb | 6470 | - OpenBSD CVS updates |
6471 | - [ssh-agent.c] | |
bcbf86ec | 6472 | cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and |
e02735bb | 6473 | dgaudet@arctic.org |
6474 | - [sshconnect.c] | |
6475 | compare correct version for 1.3 compat mode | |
a1ec4d79 | 6476 | |
93c7f644 | 6477 | 20000102 |
6478 | - Prevent multiple inclusion of config.h and defines.h. Suggested | |
6479 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
6480 | - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet | |
6481 | <dgaudet@arctic.org> | |
6482 | ||
76b8607f | 6483 | 19991231 |
bcbf86ec | 6484 | - Fix password support on systems with a mixture of shadowed and |
6485 | non-shadowed passwords (e.g. NIS). Report and fix from | |
76b8607f | 6486 | HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 6487 | - Fix broken autoconf typedef detection. Report from Marc G. |
723221b5 | 6488 | Fournier <marc.fournier@acadiau.ca> |
b92964b7 | 6489 | - Fix occasional crash on LinuxPPC. Patch from Franz Sirl |
6490 | <Franz.Sirl-kernel@lauterbach.com> | |
bcbf86ec | 6491 | - Prevent typedefs from being compiled more than once. Report from |
a6ddc88b | 6492 | Marc G. Fournier <marc.fournier@acadiau.ca> |
4811cc0b | 6493 | - Fill in ut_utaddr utmp field. Report from Benjamin Charron |
6494 | <iretd@bigfoot.com> | |
bcbf86ec | 6495 | - Really fix broken default path. Fix from Jim Knoble |
986a22ec | 6496 | <jmknoble@jmknoble.cx> |
ae3a3d31 | 6497 | - Remove test for quad_t. No longer needed. |
76a8e733 | 6498 | - Released 1.2.1pre24 |
6499 | ||
6500 | - Added support for directory-based lastlogs | |
6501 | - Really fix typedefs, patch from Ben Taylor <bent@clark.net> | |
76b8607f | 6502 | |
13f825f4 | 6503 | 19991230 |
6504 | - OpenBSD CVS updates: | |
6505 | - [auth-passwd.c] | |
6506 | check for NULL 1st | |
bcbf86ec | 6507 | - Removed most of the pam code into its own file auth-pam.[ch]. This |
a5c9cd31 | 6508 | cleaned up sshd.c up significantly. |
bcbf86ec | 6509 | - PAM authentication was incorrectly interpreting |
76b8607f | 6510 | "PermitRootLogin without-password". Report from Matthias Andree |
6511 | <ma@dt.e-technik.uni-dortmund.de | |
a5c9cd31 | 6512 | - Several other cleanups |
0bc5b6fb | 6513 | - Merged Dante SOCKS support patch from David Rankin |
6514 | <drankin@bohemians.lexington.ky.us> | |
6515 | - Updated documentation with ./configure options | |
76b8607f | 6516 | - Released 1.2.1pre23 |
13f825f4 | 6517 | |
c73a0cb5 | 6518 | 19991229 |
bcbf86ec | 6519 | - Applied another NetBSD portability patch from David Rankin |
c73a0cb5 | 6520 | <drankin@bohemians.lexington.ky.us> |
6521 | - Fix --with-default-path option. | |
bcbf86ec | 6522 | - Autodetect perl, patch from David Rankin |
a0f84251 | 6523 | <drankin@bohemians.lexington.ky.us> |
bcbf86ec | 6524 | - Print whether OpenSSH was compiled with RSARef, patch from |
0a2ff95d | 6525 | Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu> |
bcbf86ec | 6526 | - Calls to pam_setcred, patch from Nalin Dahyabhai |
f91bacbd | 6527 | <nalin@thermo.stat.ncsu.edu> |
e3a93db0 | 6528 | - Detect missing size_t and typedef it. |
5ab44a92 | 6529 | - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] |
6530 | - Minor Makefile cleaning | |
c73a0cb5 | 6531 | |
b6019d68 | 6532 | 19991228 |
6533 | - Replacement for getpagesize() for systems which lack it | |
bcbf86ec | 6534 | - NetBSD login.c compile fix from David Rankin |
70e0115b | 6535 | <drankin@bohemians.lexington.ky.us> |
6536 | - Fully set ut_tv if present in utmp or utmpx | |
d94aa2ae | 6537 | - Portability fixes for Irix 5.3 (now compiles OK!) |
6538 | - autoconf and other misc cleanups | |
ea1970a3 | 6539 | - Merged AIX patch from Darren Hall <dhall@virage.org> |
6540 | - Cleaned up defines.h | |
fa9a2dd6 | 6541 | - Released 1.2.1pre22 |
b6019d68 | 6542 | |
d2dcff5f | 6543 | 19991227 |
6544 | - Automatically correct paths in manpages and configuration files. Patch | |
6545 | and script from Andre Lucas <andre.lucas@dial.pipex.com> | |
6546 | - Removed credits from README to CREDITS file, updated. | |
cb807f40 | 6547 | - Added --with-default-path to specify custom path for server |
6548 | - Removed #ifdef trickery from acconfig.h into defines.h | |
36a5b38e | 6549 | - PAM bugfix. PermitEmptyPassword was being ignored. |
6550 | - Fixed PAM config files to allow empty passwords if server does. | |
6551 | - Explained spurious PAM auth warning workaround in UPGRADING | |
21feb5fa | 6552 | - Use last few chars of tty line as ut_id |
5a7794be | 6553 | - New SuSE RPM spec file from Chris Saia <csaia@wtower.com> |
00e6dd70 | 6554 | - OpenBSD CVS updates: |
6555 | - [packet.h auth-rhosts.c] | |
6556 | check format string for packet_disconnect and packet_send_debug, too | |
6557 | - [channels.c] | |
6558 | use packet_get_maxsize for channels. consistence. | |
d2dcff5f | 6559 | |
f74efc8d | 6560 | 19991226 |
6561 | - Enabled utmpx support by default for Solaris | |
6562 | - Cleanup sshd.c PAM a little more | |
986a22ec | 6563 | - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx> |
bc7ea646 | 6564 | X11 ssh-askpass program. |
20c43d8c | 6565 | - Disable logging of PAM success and failures, PAM is verbose enough. |
bcbf86ec | 6566 | Unfortunatly there is currently no way to disable auth failure |
6567 | messages. Mention this in UPGRADING file and sent message to PAM | |
20c43d8c | 6568 | developers |
83b7f649 | 6569 | - OpenBSD CVS update: |
6570 | - [ssh-keygen.1 ssh.1] | |
bcbf86ec | 6571 | remove ref to .ssh/random_seed, mention .ssh/environment in |
83b7f649 | 6572 | .Sh FILES, too |
72251cb6 | 6573 | - Released 1.2.1pre21 |
bcbf86ec | 6574 | - Fixed implicit '.' in default path, report from Jim Knoble |
986a22ec | 6575 | <jmknoble@jmknoble.cx> |
6576 | - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx> | |
f74efc8d | 6577 | |
f498ed15 | 6578 | 19991225 |
6579 | - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> | |
6580 | - Cleanup of auth-passwd.c for shadow and MD5 passwords | |
6581 | - Cleanup and bugfix of PAM authentication code | |
f74efc8d | 6582 | - Released 1.2.1pre20 |
6583 | ||
6584 | - Merged fixes from Ben Taylor <bent@clark.net> | |
6585 | - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> | |
6586 | - Disabled logging of PAM password authentication failures when password | |
6587 | is empty. (e.g start of authentication loop). Reported by Naz | |
6588 | <96na@eng.cam.ac.uk>) | |
f498ed15 | 6589 | |
6590 | 19991223 | |
bcbf86ec | 6591 | - Merged later HPUX patch from Andre Lucas |
f498ed15 | 6592 | <andre.lucas@dial.pipex.com> |
6593 | - Above patch included better utmpx support from Ben Taylor | |
f74efc8d | 6594 | <bent@clark.net> |
f498ed15 | 6595 | |
eef6f7e9 | 6596 | 19991222 |
bcbf86ec | 6597 | - Fix undefined fd_set type in ssh.h from Povl H. Pedersen |
eef6f7e9 | 6598 | <pope@netguide.dk> |
ae28776a | 6599 | - Fix login.c breakage on systems which lack ut_host in struct |
6600 | utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com> | |
eef6f7e9 | 6601 | |
a7effaac | 6602 | 19991221 |
bcbf86ec | 6603 | - Integration of large HPUX patch from Andre Lucas |
6604 | <andre.lucas@dial.pipex.com>. Integrating it had a few other | |
a7effaac | 6605 | benefits: |
6606 | - Ability to disable shadow passwords at configure time | |
6607 | - Ability to disable lastlog support at configure time | |
6608 | - Support for IP address in $DISPLAY | |
ae2f7af7 | 6609 | - OpenBSD CVS update: |
6610 | - [sshconnect.c] | |
6611 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | |
59dd7a31 | 6612 | - Fix DISABLE_SHADOW support |
6613 | - Allow MD5 passwords even if shadow passwords are disabled | |
16034de9 | 6614 | - Release 1.2.1pre19 |
a7effaac | 6615 | |
3f1d9bcd | 6616 | 19991218 |
bcbf86ec | 6617 | - Redhat init script patch from Chun-Chung Chen |
3f1d9bcd | 6618 | <cjj@u.washington.edu> |
7e1c2490 | 6619 | - Avoid breakage on systems without IPv6 headers |
3f1d9bcd | 6620 | |
60d804c8 | 6621 | 19991216 |
bcbf86ec | 6622 | - Makefile changes for Solaris from Peter Kocks |
60d804c8 | 6623 | <peter.kocks@baygate.com> |
89cafde6 | 6624 | - Minor updates to docs |
6625 | - Merged OpenBSD CVS changes: | |
6626 | - [authfd.c ssh-agent.c] | |
6627 | keysize warnings talk about identity files | |
6628 | - [packet.c] | |
6629 | "Connection closed by x.x.x.x": fatal() -> log() | |
bcbf86ec | 6630 | - Correctly handle empty passwords in shadow file. Patch from: |
c9d323f0 | 6631 | "Chris, the Young One" <cky@pobox.com> |
6632 | - Released 1.2.1pre18 | |
60d804c8 | 6633 | |
7dc6fc6d | 6634 | 19991215 |
6635 | - Integrated patchs from Juergen Keil <jk@tools.de> | |
6636 | - Avoid void* pointer arithmatic | |
6637 | - Use LDFLAGS correctly | |
68227e6d | 6638 | - Fix SIGIO error in scp |
6639 | - Simplify status line printing in scp | |
61e96248 | 6640 | - Added better test for inline functions compiler support from |
906a2515 | 6641 | Darren_Hall@progressive.com |
7dc6fc6d | 6642 | |
95f1eccc | 6643 | 19991214 |
6644 | - OpenBSD CVS Changes | |
6645 | - [canohost.c] | |
bcbf86ec | 6646 | fix get_remote_port() and friends for sshd -i; |
95f1eccc | 6647 | Holger.Trapp@Informatik.TU-Chemnitz.DE |
6648 | - [mpaux.c] | |
6649 | make code simpler. no need for memcpy. niels@ ok | |
6650 | - [pty.c] | |
6651 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | |
6652 | fix proto; markus | |
6653 | - [ssh.1] | |
6654 | typo; mark.baushke@solipsa.com | |
6655 | - [channels.c ssh.c ssh.h sshd.c] | |
6656 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | |
6657 | - [sshconnect.c] | |
6658 | move checking of hostkey into own function. | |
6659 | - [version.h] | |
6660 | OpenSSH-1.2.1 | |
884bcb37 | 6661 | - Clean up broken includes in pty.c |
7303768f | 6662 | - Some older systems don't have poll.h, they use sys/poll.h instead |
6663 | - Doc updates | |
95f1eccc | 6664 | |
847e8865 | 6665 | 19991211 |
bcbf86ec | 6666 | - Fix compilation on systems with AFS. Reported by |
847e8865 | 6667 | aloomis@glue.umd.edu |
bcbf86ec | 6668 | - Fix installation on Solaris. Reported by |
847e8865 | 6669 | Gordon Rowell <gordonr@gormand.com.au> |
6670 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | |
6671 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
6672 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | |
6673 | - Compile fix from David Agraz <dagraz@jahoopa.com> | |
6674 | - Avoid compiler warning in bsd-snprintf.c | |
bcbf86ec | 6675 | - Added pam_limits.so to default PAM config. Suggested by |
986a22ec | 6676 | Jim Knoble <jmknoble@jmknoble.cx> |
847e8865 | 6677 | |
8946db53 | 6678 | 19991209 |
6679 | - Import of patch from Ben Taylor <bent@clark.net>: | |
6680 | - Improved PAM support | |
6681 | - "uninstall" rule for Makefile | |
6682 | - utmpx support | |
6683 | - Should fix PAM problems on Solaris | |
2d86a6cc | 6684 | - OpenBSD CVS updates: |
6685 | - [readpass.c] | |
6686 | avoid stdio; based on work by markus, millert, and I | |
6687 | - [sshd.c] | |
6688 | make sure the client selects a supported cipher | |
6689 | - [sshd.c] | |
bcbf86ec | 6690 | fix sighup handling. accept would just restart and daemon handled |
6691 | sighup only after the next connection was accepted. use poll on | |
2d86a6cc | 6692 | listen sock now. |
6693 | - [sshd.c] | |
6694 | make that a fatal | |
87e91331 | 6695 | - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us> |
6696 | to fix libwrap support on NetBSD | |
5001b9e4 | 6697 | - Released 1.2pre17 |
8946db53 | 6698 | |
6d8c4ea4 | 6699 | 19991208 |
bcbf86ec | 6700 | - Compile fix for Solaris with /dev/ptmx from |
6d8c4ea4 | 6701 | David Agraz <dagraz@jahoopa.com> |
6702 | ||
4285816a | 6703 | 19991207 |
986a22ec | 6704 | - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx> |
4285816a | 6705 | fixes compatability with 4.x and 5.x |
db28aeb5 | 6706 | - Fixed default SSH_ASKPASS |
bcbf86ec | 6707 | - Fix PAM account and session being called multiple times. Problem |
d465f2ca | 6708 | reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> |
a408af76 | 6709 | - Merged more OpenBSD changes: |
6710 | - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] | |
bcbf86ec | 6711 | move atomicio into it's own file. wrap all socket write()s which |
a408af76 | 6712 | were doing write(sock, buf, len) != len, with atomicio() calls. |
6713 | - [auth-skey.c] | |
6714 | fd leak | |
6715 | - [authfile.c] | |
6716 | properly name fd variable | |
6717 | - [channels.c] | |
6718 | display great hatred towards strcpy | |
6719 | - [pty.c pty.h sshd.c] | |
6720 | use openpty() if it exists (it does on BSD4_4) | |
6721 | - [tildexpand.c] | |
6722 | check for ~ expansion past MAXPATHLEN | |
6723 | - Modified helper.c to use new atomicio function. | |
6724 | - Reformat Makefile a little | |
6725 | - Moved RC4 routines from rc4.[ch] into helper.c | |
6726 | - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) | |
9983a8ca | 6727 | - Updated SuSE spec from Chris Saia <csaia@wtower.com> |
6728 | - Tweaked Redhat spec | |
9158d92f | 6729 | - Clean up bad imports of a few files (forgot -kb) |
6730 | - Released 1.2pre16 | |
4285816a | 6731 | |
9c7b6dfd | 6732 | 19991204 |
6733 | - Small cleanup of PAM code in sshd.c | |
57112b5a | 6734 | - Merged OpenBSD CVS changes: |
6735 | - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] | |
6736 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | |
6737 | - [auth-rsa.c] | |
6738 | warn only about mismatch if key is _used_ | |
6739 | warn about keysize-mismatch with log() not error() | |
6740 | channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c | |
6741 | ports are u_short | |
6742 | - [hostfile.c] | |
6743 | indent, shorter warning | |
6744 | - [nchan.c] | |
6745 | use error() for internal errors | |
6746 | - [packet.c] | |
6747 | set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() | |
6748 | serverloop.c | |
6749 | indent | |
6750 | - [ssh-add.1 ssh-add.c ssh.h] | |
6751 | document $SSH_ASKPASS, reasonable default | |
6752 | - [ssh.1] | |
6753 | CheckHostIP is not available for connects via proxy command | |
6754 | - [sshconnect.c] | |
6755 | typo | |
6756 | easier to read client code for passwd and skey auth | |
6757 | turn of checkhostip for proxy connects, since we don't know the remote ip | |
9c7b6dfd | 6758 | |
dad3b556 | 6759 | 19991126 |
6760 | - Add definition for __P() | |
6761 | - Added [v]snprintf() replacement for systems that lack it | |
6762 | ||
0ce43ae4 | 6763 | 19991125 |
6764 | - More reformatting merged from OpenBSD CVS | |
6765 | - Merged OpenBSD CVS changes: | |
6766 | - [channels.c] | |
6767 | fix packet_integrity_check() for !have_hostname_in_open. | |
6768 | report from mrwizard@psu.edu via djm@ibs.com.au | |
6769 | - [channels.c] | |
6770 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
6771 | chip@valinux.com via damien@ibs.com.au | |
6772 | - [nchan.c] | |
6773 | it's not an error() if shutdown_write failes in nchan. | |
6774 | - [readconf.c] | |
6775 | remove dead #ifdef-0-code | |
6776 | - [readconf.c servconf.c] | |
6777 | strcasecmp instead of tolower | |
6778 | - [scp.c] | |
6779 | progress meter overflow fix from damien@ibs.com.au | |
6780 | - [ssh-add.1 ssh-add.c] | |
6781 | SSH_ASKPASS support | |
6782 | - [ssh.1 ssh.c] | |
6783 | postpone fork_after_authentication until command execution, | |
6784 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
6785 | plus: use daemon() for backgrounding | |
cf8dd513 | 6786 | - Added BSD compatible install program and autoconf test, thanks to |
6787 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
6788 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
09041313 | 6789 | - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> |
3dbefdb8 | 6790 | - Release 1.2pre15 |
0ce43ae4 | 6791 | |
5260325f | 6792 | 19991124 |
6793 | - Merged very large OpenBSD source code reformat | |
6794 | - OpenBSD CVS updates | |
6795 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
6796 | [ssh.h sshd.8 sshd.c] | |
6797 | syslog changes: | |
6798 | * Unified Logmessage for all auth-types, for success and for failed | |
6799 | * Standard connections get only ONE line in the LOG when level==LOG: | |
6800 | Auth-attempts are logged only, if authentication is: | |
6801 | a) successfull or | |
6802 | b) with passwd or | |
6803 | c) we had more than AUTH_FAIL_LOG failues | |
6804 | * many log() became verbose() | |
6805 | * old behaviour with level=VERBOSE | |
6806 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
6807 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
6808 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
6809 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
6810 | - [sshd.8] | |
6811 | -V, for fallback to openssh in SSH2 compatibility mode | |
6812 | - [sshd.c] | |
6813 | fix sigchld race; cjc5@po.cwru.edu | |
6814 | ||
4655fe80 | 6815 | 19991123 |
6816 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 6817 | - Restructured package-related files under packages/* |
4655fe80 | 6818 | - Added generic PAM config |
8b241e50 | 6819 | - Numerous little Solaris fixes |
9c08d6ce | 6820 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 6821 | |
60bed5fd | 6822 | 19991122 |
6823 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 6824 | - OpenBSD CVS Changes |
bcbf86ec | 6825 | - [ssh-keygen.c] |
6826 | don't create ~/.ssh only if the user wants to store the private | |
6827 | key there. show fingerprint instead of public-key after | |
2f2cc3f9 | 6828 | keygeneration. ok niels@ |
b09a984b | 6829 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 6830 | - Added timersub() macro |
b09a984b | 6831 | - Tidy RCSIDs of bsd-*.c |
bcbf86ec | 6832 | - Added autoconf test and macro to deal with old PAM libraries |
96ad4350 | 6833 | pam_strerror definition (one arg vs two). |
530f1889 | 6834 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
bcbf86ec | 6835 | - Retry /dev/urandom reads interrupted by signal (report from |
530f1889 | 6836 | Robert Hardy <rhardy@webcon.net>) |
1647c2b5 | 6837 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 6838 | - Only display public key comment when presenting ssh-askpass dialog |
6839 | - Released 1.2pre14 | |
60bed5fd | 6840 | |
bcbf86ec | 6841 | - Configure, Make and changelog corrections from Tudor Bosman |
2ddcfdf3 | 6842 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> |
6843 | ||
9d6b7add | 6844 | 19991121 |
2f2cc3f9 | 6845 | - OpenBSD CVS Changes: |
60bed5fd | 6846 | - [channels.c] |
6847 | make this compile, bad markus | |
6848 | - [log.c readconf.c servconf.c ssh.h] | |
6849 | bugfix: loglevels are per host in clientconfig, | |
6850 | factor out common log-level parsing code. | |
6851 | - [servconf.c] | |
6852 | remove unused index (-Wall) | |
6853 | - [ssh-agent.c] | |
6854 | only one 'extern char *__progname' | |
6855 | - [sshd.8] | |
6856 | document SIGHUP, -Q to synopsis | |
6857 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
6858 | [channels.c clientloop.c] | |
6859 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
6860 | [hope this time my ISP stays alive during commit] | |
6861 | - [OVERVIEW README] typos; green@freebsd | |
6862 | - [ssh-keygen.c] | |
6863 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
6864 | exit if writing the key fails (no infinit loop) | |
6865 | print usage() everytime we get bad options | |
6866 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
6867 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
61e96248 | 6868 | |
2b942fe0 | 6869 | 19991120 |
bcbf86ec | 6870 | - Merged more Solaris support from Marc G. Fournier |
2b942fe0 | 6871 | <marc.fournier@acadiau.ca> |
6872 | - Wrote autoconf tests for integer bit-types | |
6873 | - Fixed enabling kerberos support | |
bcbf86ec | 6874 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
13c36c4c | 6875 | handling. |
2b942fe0 | 6876 | |
06479889 | 6877 | 19991119 |
6878 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 6879 | - Merged OpenBSD CVS changes |
6880 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
6881 | more %d vs. %s in fmt-strings | |
6882 | - [authfd.c] | |
6883 | Integers should not be printed with %s | |
7b1cc56c | 6884 | - EGD uses a socket, not a named pipe. Duh. |
6885 | - Fix includes in fingerprint.c | |
29dbde15 | 6886 | - Fix scp progress bar bug again. |
bcbf86ec | 6887 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 6888 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 6889 | - Added autoconf option to enable Kerberos 4 support (untested) |
6890 | - Added autoconf option to enable AFS support (untested) | |
6891 | - Added autoconf option to enable S/Key support (untested) | |
6892 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 6893 | - Renamed BSD helper function files to bsd-* |
bcbf86ec | 6894 | - Added tests for login and daemon and enable OpenBSD replacements for |
caf3bc51 | 6895 | when they are absent. |
6896 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 6897 | |
2bd61362 | 6898 | 19991118 |
6899 | - Merged OpenBSD CVS changes | |
6900 | - [scp.c] foregroundproc() in scp | |
6901 | - [sshconnect.h] include fingerprint.h | |
bcbf86ec | 6902 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging |
2bd61362 | 6903 | changes. |
0c16a097 | 6904 | - [ssh.1] Spell my name right. |
2bd61362 | 6905 | - Added openssh.com info to README |
6906 | ||
f095fcc7 | 6907 | 19991117 |
6908 | - Merged OpenBSD CVS changes | |
6909 | - [ChangeLog.Ylonen] noone needs this anymore | |
6910 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
bcbf86ec | 6911 | - [hostfile.c] |
6912 | in known_hosts key lookup the entry for the bits does not need | |
6913 | to match, all the information is contained in n and e. This | |
6914 | solves the problem with buggy servers announcing the wrong | |
f095fcc7 | 6915 | modulus length. markus and me. |
bcbf86ec | 6916 | - [serverloop.c] |
6917 | bugfix: check for space if child has terminated, from: | |
f095fcc7 | 6918 | iedowse@maths.tcd.ie |
6919 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
6920 | [fingerprint.c fingerprint.h] | |
6921 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
6922 | - [ssh-agent.1] typo | |
6923 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
bcbf86ec | 6924 | - [sshd.c] |
f095fcc7 | 6925 | force logging to stderr while loading private key file |
6926 | (lost while converting to new log-levels) | |
6927 | ||
4d195447 | 6928 | 19991116 |
6929 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
6930 | - Merged OpenBSD CVS changes: | |
6931 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
6932 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
6933 | the keysize of rsa-parameter 'n' is passed implizit, | |
6934 | a few more checks and warnings about 'pretended' keysizes. | |
6935 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
6936 | remove support for cipher RC4 | |
6937 | - [ssh.c] | |
6938 | a note for legay systems about secuity issues with permanently_set_uid(), | |
6939 | the private hostkey and ptrace() | |
6940 | - [sshconnect.c] | |
6941 | more detailed messages about adding and checking hostkeys | |
6942 | ||
dad9a31e | 6943 | 19991115 |
6944 | - Merged OpenBSD CVS changes: | |
bcbf86ec | 6945 | - [ssh-add.c] change passphrase loop logic and remove ref to |
dad9a31e | 6946 | $DISPLAY, ok niels |
6947 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
bcbf86ec | 6948 | modular. |
dad9a31e | 6949 | - Revised autoconf support for enabling/disabling askpass support. |
e7c0f9d5 | 6950 | - Merged more OpenBSD CVS changes: |
704b1659 | 6951 | [auth-krb4.c] |
6952 | - disconnect if getpeername() fails | |
6953 | - missing xfree(*client) | |
6954 | [canohost.c] | |
6955 | - disconnect if getpeername() fails | |
6956 | - fix comment: we _do_ disconnect if ip-options are set | |
6957 | [sshd.c] | |
6958 | - disconnect if getpeername() fails | |
6959 | - move checking of remote port to central place | |
6960 | [auth-rhosts.c] move checking of remote port to central place | |
6961 | [log-server.c] avoid extra fd per sshd, from millert@ | |
6962 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
6963 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
6964 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
6965 | [sshconnect.c] disconnect if getpeername() fails | |
e7c0f9d5 | 6966 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. |
c75a1a66 | 6967 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 6968 | - Merged more Solaris compability from Marc G. Fournier |
6969 | <marc.fournier@acadiau.ca> | |
6970 | - Wrote autoconf tests for __progname symbol | |
986a22ec | 6971 | - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx> |
0c372277 | 6972 | - Released 1.2pre12 |
6973 | ||
6974 | - Another OpenBSD CVS update: | |
6975 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 6976 | |
92da7197 | 6977 | 19991114 |
6978 | - Solaris compilation fixes (still imcomplete) | |
6979 | ||
94f7bb9e | 6980 | 19991113 |
dd092f97 | 6981 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
6982 | - Don't install config files if they already exist | |
6983 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 6984 | - Removed redundant inclusions of config.h |
e9c75a39 | 6985 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 6986 | - Merged OpenBSD CVS changes: |
6987 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
bcbf86ec | 6988 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t |
94f7bb9e | 6989 | totalsize, ok niels,aaron |
bcbf86ec | 6990 | - Delay fork (-f option) in ssh until after port forwarded connections |
94f7bb9e | 6991 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> |
b2344d54 | 6992 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
6993 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 6994 | - Tidied default config file some more |
6995 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
6996 | if executed from inside a ssh login. | |
94f7bb9e | 6997 | |
e35c1dc2 | 6998 | 19991112 |
6999 | - Merged changes from OpenBSD CVS | |
7000 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 7001 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
bcbf86ec | 7002 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok |
b4748e2f | 7003 | deraadt,millert |
7004 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 7005 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
7006 | - Released 1.2pre10 | |
e35c1dc2 | 7007 | |
8bc7973f | 7008 | - Added INSTALL documentation |
6fa724bc | 7009 | - Merged yet more changes from OpenBSD CVS |
7010 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
7011 | [ssh.c ssh.h sshconnect.c sshd.c] | |
7012 | make all access to options via 'extern Options options' | |
7013 | and 'extern ServerOptions options' respectively; | |
7014 | options are no longer passed as arguments: | |
7015 | * make options handling more consistent | |
7016 | * remove #include "readconf.h" from ssh.h | |
7017 | * readconf.h is only included if necessary | |
7018 | - [mpaux.c] clear temp buffer | |
7019 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 7020 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 7021 | - Fix nasty division-by-zero error in scp.c |
7022 | - Released 1.2pre11 | |
8bc7973f | 7023 | |
4cca272e | 7024 | 19991111 |
7025 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 7026 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 7027 | - Merged OpenBSD CVS changes: |
7028 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
7029 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
7030 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
bcbf86ec | 7031 | - Fix integer overflow which was messing up scp's progress bar for large |
3f1d9bcd | 7032 | file transfers. Fix submitted to OpenBSD developers. Report and fix |
7033 | from Kees Cook <cook@cpoint.net> | |
6a17f9c2 | 7034 | - Merged more OpenBSD CVS changes: |
bcbf86ec | 7035 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() |
6a17f9c2 | 7036 | + krb-cleanup cleanup |
7037 | - [clientloop.c log-client.c log-server.c ] | |
7038 | [readconf.c readconf.h servconf.c servconf.h ] | |
7039 | [ssh.1 ssh.c ssh.h sshd.8] | |
7040 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
7041 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 7042 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
7043 | allow session_key_int != sizeof(session_key) | |
7044 | [this should fix the pre-assert-removal-core-files] | |
7045 | - Updated default config file to use new LogLevel option and to improve | |
7046 | readability | |
7047 | ||
f370266e | 7048 | 19991110 |
67d68e3a | 7049 | - Merged several minor fixes: |
f370266e | 7050 | - ssh-agent commandline parsing |
7051 | - RPM spec file now installs ssh setuid root | |
7052 | - Makefile creates libdir | |
4cca272e | 7053 | - Merged beginnings of Solaris compability from Marc G. Fournier |
7054 | <marc.fournier@acadiau.ca> | |
f370266e | 7055 | |
d4f11b59 | 7056 | 19991109 |
7057 | - Autodetection of SSL/Crypto library location via autoconf | |
7058 | - Fixed location of ssh-askpass to follow autoconf | |
7059 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
7060 | - Autodetection of RSAref library for US users | |
7061 | - Minor doc updates | |
560557bb | 7062 | - Merged OpenBSD CVS changes: |
7063 | - [rsa.c] bugfix: use correct size for memset() | |
7064 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 7065 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 7066 | - RPM build now creates subpackages |
aa51e7cc | 7067 | - Released 1.2pre9 |
d4f11b59 | 7068 | |
e1a9c08d | 7069 | 19991108 |
7070 | - Removed debian/ directory. This is now being maintained separately. | |
7071 | - Added symlinks for slogin in RPM spec file | |
7072 | - Fixed permissions on manpages in RPM spec file | |
7073 | - Added references to required libraries in README file | |
7074 | - Removed config.h.in from CVS | |
7075 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
7076 | - Made PAM and requisite libdl optional | |
7077 | - Removed lots of unnecessary checks from autoconf | |
7078 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
7079 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
7080 | - Added TODO file | |
7081 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
7082 | - Added ssh-askpass program | |
7083 | - Added ssh-askpass support to ssh-add.c | |
7084 | - Create symlinks for slogin on install | |
7085 | - Fix "distclean" target in makefile | |
7086 | - Added example for ssh-agent to manpage | |
7087 | - Added support for PAM_TEXT_INFO messages | |
7088 | - Disable internal /etc/nologin support if PAM enabled | |
7089 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 7090 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 7091 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
7092 | failures | |
e1a9c08d | 7093 | - [sshd.c] remove unused argument. ok dugsong |
7094 | - [sshd.c] typo | |
7095 | - [rsa.c] clear buffers used for encryption. ok: niels | |
7096 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 7097 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 7098 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 7099 | - Released 1.2pre8 |
e1a9c08d | 7100 | |
3028328e | 7101 | 19991102 |
7102 | - Merged change from OpenBSD CVS | |
7103 | - One-line cleanup in sshd.c | |
7104 | ||
474832c5 | 7105 | 19991030 |
7106 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 7107 | - Merged latest updates for OpenBSD CVS: |
7108 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
7109 | - ssh-agent.c - call setsid() regardless of argv[] | |
7110 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
7111 | - Documentation cleanups | |
7112 | - Renamed README -> README.Ylonen | |
7113 | - Renamed README.openssh ->README | |
474832c5 | 7114 | |
339660f6 | 7115 | 19991029 |
7116 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
7117 | - Incorporated latest changes from OpenBSD's CVS | |
7118 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
7119 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 7120 | - Make distclean now removed configure script |
7121 | - Improved PAM logging | |
7122 | - Added some debug() calls for PAM | |
4ecd19ea | 7123 | - Removed redundant subdirectories |
bcbf86ec | 7124 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for |
4ecd19ea | 7125 | building on Debian. |
242588e6 | 7126 | - Fixed off-by-one error in PAM env patch |
7127 | - Released 1.2pre6 | |
339660f6 | 7128 | |
5881cd60 | 7129 | 19991028 |
7130 | - Further PAM enhancements. | |
7131 | - Much cleaner | |
7132 | - Now uses account and session modules for all logins. | |
7133 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
7134 | - Build fixes | |
7135 | - Autoconf | |
7136 | - Change binary names to open* | |
7137 | - Fixed autoconf script to detect PAM on RH6.1 | |
7138 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 7139 | - Released 1.2pre4 |
fca82d2e | 7140 | |
7141 | - Imported latest OpenBSD CVS code | |
7142 | - Updated README.openssh | |
93f04616 | 7143 | - Released 1.2pre5 |
fca82d2e | 7144 | |
5881cd60 | 7145 | 19991027 |
7146 | - Adapted PAM patch. | |
7147 | - Released 1.0pre2 | |
7148 | ||
7149 | - Excised my buggy replacements for strlcpy and mkdtemp | |
7150 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
7151 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
7152 | - Picked up correct version number from OpenBSD | |
7153 | - Added sshd.pam PAM configuration file | |
7154 | - Added sshd.init Redhat init script | |
7155 | - Added openssh.spec RPM spec file | |
7156 | - Released 1.2pre3 | |
7157 | ||
7158 | 19991026 | |
7159 | - Fixed include paths of OpenSSL functions | |
7160 | - Use OpenSSL MD5 routines | |
7161 | - Imported RC4 code from nanocrypt | |
7162 | - Wrote replacements for OpenBSD arc4random* functions | |
7163 | - Wrote replacements for strlcpy and mkdtemp | |
7164 | - Released 1.0pre1 | |
0b202697 | 7165 | |
7166 | $Id$ |