]>
andersk Git - openssh.git/log
dtucker [Fri, 23 Apr 2004 08:53:10 +0000 (08:53 +0000)]
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno
as extern int if not already declared. Fixes compile errors on old SCO
platforms. ok tim@
djm [Wed, 21 Apr 2004 02:29:13 +0000 (02:29 +0000)]
- (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@
djm [Tue, 20 Apr 2004 10:28:55 +0000 (10:28 +0000)]
- (djm) [configure.ac] Check whether libroken is required when building
with Heimdal
djm [Tue, 20 Apr 2004 10:20:40 +0000 (10:20 +0000)]
rewrap
djm [Tue, 20 Apr 2004 10:14:07 +0000 (10:14 +0000)]
- djm@cvs.openbsd.org 2004/04/19 21:51:49
[ssh.c]
fix idiot typo that i introduced in my last commit;
spotted by cschneid AT cschneid.com
djm [Tue, 20 Apr 2004 10:13:32 +0000 (10:13 +0000)]
- jmc@cvs.openbsd.org 2004/04/19 16:12:14
[ssh_config.5]
kill whitespace at eol;
djm [Tue, 20 Apr 2004 10:12:53 +0000 (10:12 +0000)]
- djm@cvs.openbsd.org 2004/04/19 13:02:40
[ssh.1 ssh_config.5]
document strict permission checks on ~/.ssh/config; prompted by,
with & ok jmc@
djm [Tue, 20 Apr 2004 10:11:57 +0000 (10:11 +0000)]
- djm@cvs.openbsd.org 2004/04/18 23:10:26
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
djm [Tue, 20 Apr 2004 10:10:46 +0000 (10:10 +0000)]
- (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for above change
djm [Tue, 20 Apr 2004 10:07:19 +0000 (10:07 +0000)]
- (djm) OpenBSD CVS Sync
- henning@cvs.openbsd.org 2004/04/08 16:08:21
[sshconnect2.c]
swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do.
ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
dtucker [Mon, 19 Apr 2004 13:50:16 +0000 (13:50 +0000)]
- markus@cvs.openbsd.org 2004/04/01 12:19:57
[scp.c]
limit trust between local and remote rcp/scp process,
noticed by lcamtuf; ok deraadt@, djm@
dtucker [Mon, 19 Apr 2004 12:16:53 +0000 (12:16 +0000)]
- djm@cvs.openbsd.org 2004/03/31 21:58:47
[canohost.c]
don't skip ip options check when UseDNS=no; ok markus@ (ID sync only)
dtucker [Mon, 19 Apr 2004 12:10:52 +0000 (12:10 +0000)]
- djm@cvs.openbsd.org 2004/03/30 12:41:56
[sftp-client.c]
sync comment with reality
dtucker [Mon, 19 Apr 2004 12:04:21 +0000 (12:04 +0000)]
- dtucker@cvs.openbsd.org 2004/03/08 10:17:12
[regress/login-timeout.sh]
Missing OBJ, from tim@. ok markus@ (Already fixed, ID sync only)
dtucker [Mon, 19 Apr 2004 12:01:37 +0000 (12:01 +0000)]
- dtucker@cvs.openbsd.org 2004/02/29 22:04:45
[regress/login-timeout.sh]
Use sudo when restarting daemon during test. ok markus@
dtucker [Sun, 18 Apr 2004 11:56:23 +0000 (11:56 +0000)]
Add people with several and/or large contributions
djm [Sun, 18 Apr 2004 11:15:43 +0000 (11:15 +0000)]
- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
change of user context without a password, so relax auth method
restrictions; from vinschen AT redhat.com; ok dtucker@
djm [Sun, 18 Apr 2004 10:32:56 +0000 (10:32 +0000)]
update relnotes URL for release
dtucker [Sun, 18 Apr 2004 01:00:26 +0000 (01:00 +0000)]
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
authentication attempts. With & ok djm@
tim [Sat, 17 Apr 2004 03:03:07 +0000 (03:03 +0000)]
- (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and
BROKEN_SETREGID for SCO OpenServer 3
djm [Fri, 16 Apr 2004 12:47:55 +0000 (12:47 +0000)]
- (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache
file using FILE: method, fixes problems on Mac OSX.
Patch from simon@sxw.org.uk; ok dtucker@
dtucker [Fri, 16 Apr 2004 07:58:28 +0000 (07:58 +0000)]
- (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com
dtucker [Thu, 15 Apr 2004 23:22:40 +0000 (23:22 +0000)]
Typo fix in comment
djm [Wed, 14 Apr 2004 10:14:26 +0000 (10:14 +0000)]
- (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@
dtucker [Wed, 14 Apr 2004 07:24:30 +0000 (07:24 +0000)]
- (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly
4-arg, with compatibility for 3-arg versions. From djm@, ok me.
dtucker [Wed, 14 Apr 2004 05:26:39 +0000 (05:26 +0000)]
- (dtucker) [acconfig.h configure.ac defines.h] Bug #673: check for 4-arg
skeychallenge(), eg on NetBSD. ok mouring@
dtucker [Wed, 14 Apr 2004 03:04:35 +0000 (03:04 +0000)]
- (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning
from bug #701 (text from jfh at cise.ufl.edu).
mouring [Thu, 8 Apr 2004 16:12:30 +0000 (16:12 +0000)]
- (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggested
limiting scope and dtucker@ agreed.
dtucker [Thu, 8 Apr 2004 06:16:06 +0000 (06:16 +0000)]
- (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and
simplify loginrec.c. ok tim@
mouring [Thu, 8 Apr 2004 05:11:03 +0000 (05:11 +0000)]
- (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headers
back and #undef TARGET_OS_MAC instead. (Bug report pending with Apple)
dtucker [Thu, 8 Apr 2004 00:57:05 +0000 (00:57 +0000)]
- (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating
pty name on Linux 2.6.x systems. Patch from jpe at eisenmenger.org.
mouring [Wed, 7 Apr 2004 04:16:11 +0000 (04:16 +0000)]
- (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see
if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X)
are starting to restrict it as internal since it is not needed by
developers any more. (Patch based on Apple tree)
- (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since
krb5 on MacOS/X conflicts. There may be a better solution, but this will
work for now.
dtucker [Tue, 6 Apr 2004 22:04:09 +0000 (22:04 +0000)]
- (dtucker) [session.c] Flush stdout after displaying loginmsg. From
f_mohr at yahoo.de.
dtucker [Tue, 6 Apr 2004 11:41:51 +0000 (11:41 +0000)]
Oops, leftover from testing
dtucker [Tue, 6 Apr 2004 11:39:02 +0000 (11:39 +0000)]
- (dtucker) [configure.ac] Bug #816, #748 (again): Attempt to detect
broken getaddrinfo and friends on HP-UX. ok djm@
dtucker [Tue, 6 Apr 2004 11:31:12 +0000 (11:31 +0000)]
- (dtucker) [acconfig.h configure.ac defines.h] Bug #820: don't use
updwtmpx() on IRIX since it seems to clobber utmp. ok djm@
djm [Wed, 31 Mar 2004 05:17:54 +0000 (05:17 +0000)]
- (djm) Bug #825: Fix ip_options_check() for mapped IPv4/IPv6 connection;
with & ok dtucker@
dtucker [Tue, 30 Mar 2004 10:57:57 +0000 (10:57 +0000)]
- (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
to reduce potential confusion with the one in sshd.c. ok djm@
dtucker [Tue, 30 Mar 2004 04:03:45 +0000 (04:03 +0000)]
- (dtucker) [configure.ac] Bug #811: Use "!" for LOCKED_PASSWD_PREFIX on
Linuxes, since that's what many use. ok djm@
dtucker [Sat, 27 Mar 2004 05:44:21 +0000 (05:44 +0000)]
- (dtucker) [session.c] Bug #817: Clear loginmsg after fork to prevent
duplicate login messages for mutli-session logins. ok djm@
djm [Sun, 21 Mar 2004 22:40:01 +0000 (22:40 +0000)]
- (djm) Crank RPM spec versions
djm [Sun, 21 Mar 2004 22:39:09 +0000 (22:39 +0000)]
- markus@cvs.openbsd.org 2004/03/20 10:40:59
[version.h]
3.8.1
djm [Sun, 21 Mar 2004 22:36:00 +0000 (22:36 +0000)]
- markus@cvs.openbsd.org 2004/03/11 10:21:17
[ssh.c sshd.c]
ssh, sshd: sync version output, ok djm
djm [Sun, 21 Mar 2004 22:35:21 +0000 (22:35 +0000)]
- markus@cvs.openbsd.org 2004/03/11 08:36:26
[sshd.c]
trim usage; ok deraadt
djm [Sun, 21 Mar 2004 22:34:58 +0000 (22:34 +0000)]
- markus@cvs.openbsd.org 2004/03/10 09:45:06
[ssh.c]
trim usage to match ssh(1) and look more like unix. ok djm@
djm [Sun, 21 Mar 2004 22:34:26 +0000 (22:34 +0000)]
- markus@cvs.openbsd.org 2004/03/09 22:11:05
[ssh.c]
increase x11 cookie lifetime to 20 minutes; ok djm
djm [Sun, 21 Mar 2004 22:29:57 +0000 (22:29 +0000)]
- (djm) [sshd.c] Drop supplemental groups if started as root
djm [Thu, 11 Mar 2004 03:20:10 +0000 (03:20 +0000)]
- (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker
dtucker [Wed, 10 Mar 2004 10:06:32 +0000 (10:06 +0000)]
- (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfo
before redefining it, silences warnings on Tru64.
tim [Mon, 8 Mar 2004 20:12:18 +0000 (20:12 +0000)]
- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal
djm [Mon, 8 Mar 2004 12:13:15 +0000 (12:13 +0000)]
- dtucker@cvs.openbsd.org 2004/03/08 10:18:57
[sshd_config.5]
Document KerberosGetAFSToken; ok markus@
djm [Mon, 8 Mar 2004 12:13:00 +0000 (12:13 +0000)]
- djm@cvs.openbsd.org 2004/03/08 09:38:05
[ssh-keyscan.c]
explicitly initialise remote_major and remote_minor.
from cjwatson AT debian.org; ok markus@
djm [Mon, 8 Mar 2004 12:12:36 +0000 (12:12 +0000)]
- markus@cvs.openbsd.org 2004/03/05 10:53:58
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
djm [Mon, 8 Mar 2004 12:12:19 +0000 (12:12 +0000)]
- djm@cvs.openbsd.org 2004/03/03 09:31:20
[sftp.c]
Fix initialisation of progress meter; ok markus@
djm [Mon, 8 Mar 2004 12:12:02 +0000 (12:12 +0000)]
- djm@cvs.openbsd.org 2004/03/03 09:30:42
[sftp-client.c]
Don't print duplicate messages when progressmeter is off
Spotted by job317 AT mailvault.com; ok markus@
djm [Mon, 8 Mar 2004 12:11:25 +0000 (12:11 +0000)]
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2004/03/03 06:47:52
[sshd.c]
change proctiltle after accept(2); ok henning, deraadt, djm
dtucker [Mon, 8 Mar 2004 12:04:06 +0000 (12:04 +0000)]
- (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized
even if keyboard-interactive is not used by the client. Prevents segfaults
in some cases where the user's password is expired (note this is not
considered a security exposure). ok djm@
dtucker [Mon, 8 Mar 2004 11:59:03 +0000 (11:59 +0000)]
- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being
inherited by the child. ok djm@
dtucker [Mon, 8 Mar 2004 11:13:12 +0000 (11:13 +0000)]
- (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some
platforms (eg SCO, HP-UX) with logging in the wrong TZ.
tim [Sun, 7 Mar 2004 18:40:01 +0000 (18:40 +0000)]
- (tim) [regress/login-timeout.sh] fix building outside of source tree.
dtucker [Thu, 4 Mar 2004 11:59:36 +0000 (11:59 +0000)]
- (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.h
openbsd-compat/xcrypt.c] Bug #802: Fix build error on Tru64 when
configured --with-osfsia. ok djm@
dtucker [Thu, 4 Mar 2004 09:03:54 +0000 (09:03 +0000)]
- (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,
prevent hanging during PAM keyboard-interactive authentications. ok djm@
dtucker [Thu, 4 Mar 2004 08:54:10 +0000 (08:54 +0000)]
- (dtucker) [auth-pam.c] Don't try to export PAM when compiled with
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
dtucker [Thu, 4 Mar 2004 08:47:29 +0000 (08:47 +0000)]
wrong year
djm [Wed, 3 Mar 2004 00:08:59 +0000 (00:08 +0000)]
- (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agent
ok dtucker
tim [Sun, 29 Feb 2004 23:53:37 +0000 (23:53 +0000)]
- (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188
dtucker [Sun, 29 Feb 2004 10:30:05 +0000 (10:30 +0000)]
- (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if we
built with openssl < 0.9.7)
dtucker [Sun, 29 Feb 2004 09:38:26 +0000 (09:38 +0000)]
- dtucker@cvs.openbsd.org 2004/02/28 13:44:45
[regress/try-ciphers.sh]
Test acss too; ok markus@
dtucker [Sun, 29 Feb 2004 09:37:06 +0000 (09:37 +0000)]
- dtucker@cvs.openbsd.org 2004/02/28 12:16:57
[regress/dynamic-forward.sh]
Make dynamic-forward understand nc's new output. ok markus@
dtucker [Sun, 29 Feb 2004 09:33:51 +0000 (09:33 +0000)]
- markus@cvs.openbsd.org 2004/02/24 17:06:52
[regress/ssh-com-client.sh regress/ssh-com-keygen.sh
regress/ssh-com-sftp.sh regress/ssh-com.sh]
test against recent ssh.com releases
dtucker [Sun, 29 Feb 2004 09:31:08 +0000 (09:31 +0000)]
- markus@cvs.openbsd.org 2004/02/24 16:56:30
[regress/test-exec.sh]
allow arguments in ${TEST_SSH_XXX}
dtucker [Sun, 29 Feb 2004 09:30:17 +0000 (09:30 +0000)]
- dtucker@cvs.openbsd.org 2004/02/17 08:23:20
[regress/Makefile regress/login-timeout.sh]
Add regression test for LoginGraceTime; ok markus@
dtucker [Sun, 29 Feb 2004 09:15:08 +0000 (09:15 +0000)]
- dtucker@cvs.openbsd.org 2004/02/27 22:49:27
[dh.c]
Reset bit counter at the right time, fixes debug output in the case where
the DH group is rejected. ok markus@
dtucker [Sun, 29 Feb 2004 09:13:34 +0000 (09:13 +0000)]
- dtucker@cvs.openbsd.org 2004/02/27 22:44:56
[dh.c]
Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone
ever uses one. ok markus@
dtucker [Sun, 29 Feb 2004 09:12:33 +0000 (09:12 +0000)]
- dtucker@cvs.openbsd.org 2004/02/27 22:42:47
[dh.c]
Prevent sshd from sending DH groups with a primitive generator of zero or
one, even if they are listed in /etc/moduli. ok markus@
dtucker [Sun, 29 Feb 2004 09:11:30 +0000 (09:11 +0000)]
- djm@cvs.openbsd.org 2004/02/25 00:22:45
[sshd.c]
typo in comment
mouring [Fri, 27 Feb 2004 03:01:19 +0000 (03:01 +0000)]
- (bal) KNF our sshlogin.c even if the code looks nothing like upstream
code due to diversity issues.
djm [Tue, 24 Feb 2004 23:57:45 +0000 (23:57 +0000)]
- (djm) Don't specify path to PAM modules in Redhat sshd.pam; from Fedora
djm [Tue, 24 Feb 2004 23:56:31 +0000 (23:56 +0000)]
- (djm) Trim ChangeLog
djm [Tue, 24 Feb 2004 06:13:28 +0000 (06:13 +0000)]
- (djm) Release 3.8p1
tim [Tue, 24 Feb 2004 05:47:04 +0000 (05:47 +0000)]
[configure.ac] SCO3 needs -lcrypt_i for -lprot
dtucker [Tue, 24 Feb 2004 05:14:41 +0000 (05:14 +0000)]
- (dtucker) {README.platform] Add platform-specific notes.
dtucker [Tue, 24 Feb 2004 05:13:24 +0000 (05:13 +0000)]
- (dtucker) [README] Add pointer to release notes. ok djm@
djm [Tue, 24 Feb 2004 05:00:02 +0000 (05:00 +0000)]
- (djm) Crank RPM spec versions
tim [Tue, 24 Feb 2004 04:51:06 +0000 (04:51 +0000)]
[openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy. ok djm@
dtucker [Tue, 24 Feb 2004 02:17:30 +0000 (02:17 +0000)]
- (dtucker) [uidswap.c] Minor KNF. ok djm@
djm [Tue, 24 Feb 2004 02:05:11 +0000 (02:05 +0000)]
- (djm) [groupaccess.c uidswap.c] Bug #787: Size group arrays at runtime
using sysconf() if available Based on patches from
holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
dtucker [Mon, 23 Feb 2004 23:58:10 +0000 (23:58 +0000)]
Add missing ok
dtucker [Mon, 23 Feb 2004 23:37:33 +0000 (23:37 +0000)]
- (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found
with krb5-config, hunt down gssapi.h and friends. Based partially on patch
from deengert at anl.gov.
For the MIT Kerberos bug against krb5-config related to this see:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=2240
dtucker [Mon, 23 Feb 2004 22:24:01 +0000 (22:24 +0000)]
- markus@cvs.openbsd.org 2004/02/23 15:16:46
[version.h]
enter 3.8
dtucker [Mon, 23 Feb 2004 22:21:41 +0000 (22:21 +0000)]
- markus@cvs.openbsd.org 2004/02/23 15:12:46
[bufaux.c]
encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka
and drop support for negative BNs; ok otto@
dtucker [Mon, 23 Feb 2004 22:20:29 +0000 (22:20 +0000)]
- markus@cvs.openbsd.org 2004/02/23 12:02:33
[sshd.c]
backout revision 1.279; set listen socket to non-block; ok henning.
dtucker [Mon, 23 Feb 2004 22:19:15 +0000 (22:19 +0000)]
- markus@cvs.openbsd.org 2004/02/19 21:15:04
[sftp-server.c]
switch to new license.template
dtucker [Mon, 23 Feb 2004 13:01:27 +0000 (13:01 +0000)]
- (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in the
non-interactive path. ok djm@
dtucker [Sun, 22 Feb 2004 00:55:07 +0000 (00:55 +0000)]
Add missed ChangeLog entries for previous commits...
dtucker [Sun, 22 Feb 2004 00:37:48 +0000 (00:37 +0000)]
- (dtucker) [configure.ac] Apply krb5-config --libs fix to non-gssapi path
too.
dtucker [Sat, 21 Feb 2004 23:23:35 +0000 (23:23 +0000)]
- (dtucker) [auth-passwd.c] Only check password expiry once. Prevents
multiple warnings if a wrong password is entered.
dtucker [Sat, 21 Feb 2004 23:22:05 +0000 (23:22 +0000)]
- (dtucker) [auth-shadow.c auth.h] Provide warnings of impending account or
password expiry. ok djm@
dtucker [Sat, 21 Feb 2004 22:43:15 +0000 (22:43 +0000)]
- (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
to auth-shadow.c, no functional change. ok djm@
djm [Fri, 20 Feb 2004 09:37:44 +0000 (09:37 +0000)]
- (djm) [openbsd-compat/setproctitle.c] fix comments; from grange@
This page took 0.219827 seconds and 4 git commands to generate.