+20020609
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/08 05:07:56
+ [ssh.c]
+ nuke ptrace comment
+ - markus@cvs.openbsd.org 2002/06/08 05:07:09
+ [ssh-keysign.c]
+ only accept 20 byte session ids
+ - markus@cvs.openbsd.org 2002/06/08 05:17:01
+ [readconf.c readconf.h ssh.1 ssh.c]
+ deprecate FallBackToRsh and UseRsh; patch from djm@
+ - markus@cvs.openbsd.org 2002/06/08 05:40:01
+ [readconf.c]
+ just warn about Deprecated options for now
+ - markus@cvs.openbsd.org 2002/06/08 05:41:18
+ [ssh_config]
+ remove FallBackToRsh/UseRsh
+ - markus@cvs.openbsd.org 2002/06/08 12:36:53
+ [scp.c]
+ remove FallBackToRsh
+
+20020607
+ - (bal) Removed --{enable/disable}-suid-ssh
+ - (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.au
+ - (bal) use 'LOGIN_PROGRAM' not '/usr/bin/login' in session.c patch by
+ Bertrand.Velle@apogee-com.fr
+
20020606
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:56:38
- markus@cvs.openbsd.org 2002/05/23 19:39:34
[ssh.c]
add comment about ssh-keysign
+ - markus@cvs.openbsd.org 2002/05/24 08:45:14
+ [sshconnect2.c]
+ stat ssh-keysign first, print error if stat fails;
+ some debug->error; fix comment
+ - markus@cvs.openbsd.org 2002/05/25 08:50:39
+ [sshconnect2.c]
+ execlp->execl; from stevesk
+ - markus@cvs.openbsd.org 2002/05/25 18:51:07
+ [auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
+ auth2-passwd.c auth2-pubkey.c Makefile.in]
+ split auth2.c into one file per method; ok provos@/deraadt@
+ - stevesk@cvs.openbsd.org 2002/05/26 20:35:10
+ [ssh.1]
+ sort ChallengeResponseAuthentication; ok markus@
+ - stevesk@cvs.openbsd.org 2002/05/28 16:45:27
+ [monitor_mm.c]
+ print strerror(errno) on mmap/munmap error; ok markus@
+ - stevesk@cvs.openbsd.org 2002/05/28 17:28:02
+ [uidswap.c]
+ format spec change/casts and some KNF; ok markus@
+ - stevesk@cvs.openbsd.org 2002/05/28 21:24:00
+ [uidswap.c]
+ use correct function name in fatal()
+ - stevesk@cvs.openbsd.org 2002/05/29 03:06:30
+ [ssh.1 sshd.8]
+ spelling
+ - markus@cvs.openbsd.org 2002/05/29 11:21:57
+ [sshd.c]
+ don't start if privsep is enabled and SSH_PRIVSEP_USER or
+ _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
+ - markus@cvs.openbsd.org 2002/05/30 08:07:31
+ [cipher.c]
+ use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
+ our own implementation. allow use of AES hardware via libcrypto,
+ ok deraadt@
+ - markus@cvs.openbsd.org 2002/05/31 10:30:33
+ [sshconnect2.c]
+ extent ssh-keysign protocol:
+ pass # of socket-fd to ssh-keysign, keysign verfies locally used
+ ip-address using this socket-fd, restricts fake local hostnames
+ to actual local hostnames; ok stevesk@
+ - markus@cvs.openbsd.org 2002/05/31 11:35:15
+ [auth.h auth2.c]
+ move Authmethod definitons to per-method file.
+ - markus@cvs.openbsd.org 2002/05/31 13:16:48
+ [key.c]
+ add comment:
+ key_verify returns 1 for a correct signature, 0 for an incorrect signature
+ and -1 on error.
+ - markus@cvs.openbsd.org 2002/05/31 13:20:50
+ [ssh-rsa.c]
+ pad received signature with leading zeros, because RSA_verify expects
+ a signature of RSA_size. the drafts says the signature is transmitted
+ unpadded (e.g. putty does not pad), reported by anakin@pobox.com
+ - deraadt@cvs.openbsd.org 2002/06/03 12:04:07
+ [ssh.h]
+ compatiblity -> compatibility
+ decriptor -> descriptor
+ authentciated -> authenticated
+ transmition -> transmission
+ - markus@cvs.openbsd.org 2002/06/04 19:42:35
+ [monitor.c]
+ only allow enabled authentication methods; ok provos@
+ - markus@cvs.openbsd.org 2002/06/04 19:53:40
+ [monitor.c]
+ save the session id (hash) for ssh2 (it will be passed with the
+ initial sign request) and verify that this value is used during
+ authentication; ok provos@
+ - markus@cvs.openbsd.org 2002/06/04 23:02:06
+ [packet.c]
+ remove __FUNCTION__
+ - markus@cvs.openbsd.org 2002/06/04 23:05:49
+ [cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
+ __FUNCTION__ -> __func__
+ - markus@cvs.openbsd.org 2002/06/05 16:08:07
+ [ssh-agent.1 ssh-agent.c]
+ '-a bind_address' binds the agent to user-specified unix-domain
+ socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
+ - markus@cvs.openbsd.org 2002/06/05 16:08:07
+ [ssh-agent.1 ssh-agent.c]
+ '-a bind_address' binds the agent to user-specified unix-domain
+ socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
+ - markus@cvs.openbsd.org 2002/06/05 16:48:54
+ [ssh-agent.c]
+ copy current request into an extra buffer and just flush this
+ request on errors, ok provos@
+ - markus@cvs.openbsd.org 2002/06/05 19:57:12
+ [authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
+ ssh-add -x for lock and -X for unlocking the agent.
+ todo: encrypt private keys with locked...
+ - markus@cvs.openbsd.org 2002/06/05 20:56:39
+ [ssh-add.c]
+ add -x/-X to usage
+ - markus@cvs.openbsd.org 2002/06/05 21:55:44
+ [authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
+ ssh-add -t life, Set lifetime (in seconds) when adding identities;
+ ok provos@
+ - stevesk@cvs.openbsd.org 2002/06/06 01:09:41
+ [monitor.h]
+ no trailing comma in enum; china@thewrittenword.com
+ - markus@cvs.openbsd.org 2002/06/06 17:12:44
+ [sftp-server.c]
+ discard remaining bytes of current request; ok provos@
+ - markus@cvs.openbsd.org 2002/06/06 17:30:11
+ [sftp-server.c]
+ use get_int() macro (hide iqueue)
+ - (bal) Missed msg.[ch] in merge. Required for ssh-keysign.
+ - (bal) Forgot to add msg.c Makefile.in.
+ - (bal) monitor_mm.c typos.
+ - (bal) Refixed auth2.c. It was never fully commited while spliting out
+ authentication to different files.
+ - (bal) ssh-keysign should build and install correctly now. Phase two
+ would be to clean out any dead wood and disable ssh setuid on install.
+ - (bal) Reverse logic, use __func__ first since it's C99
20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
andersk / openssh.git / blobdiff