dtucker [Fri, 3 Dec 2004 03:33:47 +0000 (03:33 +0000)]
- (dtucker) [auth1.c auth2.c] If the user successfully authenticates but is
subsequently denied by the PAM auth stack, send the PAM message to the
user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2).
ok djm@
dtucker [Sun, 7 Nov 2004 09:06:19 +0000 (09:06 +0000)]
- djm@cvs.openbsd.org 2004/11/07 00:01:46
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
dtucker [Sun, 7 Nov 2004 09:04:10 +0000 (09:04 +0000)]
- djm@cvs.openbsd.org 2004/11/05 12:19:56
[sftp.c]
command editing and history support via libedit; ok markus@
thanks to hshoexer@ and many testers on tech@ too
dtucker [Fri, 5 Nov 2004 09:41:24 +0000 (09:41 +0000)]
- djm@cvs.openbsd.org 2004/10/29 23:56:17
[bufaux.c bufaux.h buffer.c buffer.h]
introduce a new buffer API that returns an error rather than fatal()ing
when presented with bad data; ok markus@
dtucker [Fri, 5 Nov 2004 09:38:03 +0000 (09:38 +0000)]
- djm@cvs.openbsd.org 2004/10/29 22:53:56
[clientloop.c misc.h readpass.c ssh-agent.c]
factor out common permission-asking code to separate function; ok markus@
dtucker [Fri, 5 Nov 2004 09:35:44 +0000 (09:35 +0000)]
- djm@cvs.openbsd.org 2004/10/29 21:47:15
[channels.c channels.h clientloop.c]
fix some window size change bugs for multiplexed connections: windows sizes
were not being updated if they had changed after ~^Z suspends and SIGWINCH
was not being processed unless the first connection had requested a tty;
ok markus
dtucker [Fri, 5 Nov 2004 09:06:59 +0000 (09:06 +0000)]
- jaredy@cvs.openbsd.org 2004/09/15 03:25:41
[sshd_config.5]
mention PrintLastLog only prints last login time for interactive
sessions, like PrintMotd mentions.
From Michael Knudsen, with wording changed slightly to match the
PrintMotd description.
ok djm
dtucker [Fri, 5 Nov 2004 09:05:32 +0000 (09:05 +0000)]
- deraadt@cvs.openbsd.org 2004/09/15 00:46:01
[ssh.c]
/* fallthrough */ is something a programmer understands. But
/* FALLTHROUGH */ is also understood by lint, so that is better.
dtucker [Fri, 5 Nov 2004 09:01:03 +0000 (09:01 +0000)]
- jmc@cvs.openbsd.org 2004/08/30 21:22:49
[ssh-add.1 ssh.1]
.Xsession -> .xsession;
originally from a pr from f at obiit dot org, but missed by myself;
ok markus@ matthieu@
dtucker [Tue, 2 Nov 2004 09:30:54 +0000 (09:30 +0000)]
- (dtucker) [configure.ac includes.h] Bug #947: Fix compile error on HP-UX
10.x by testing for conflicts in shadow.h and undef'ing _INCLUDE__STDC__
only if a conflict is detected.
- (dtucker) [configure.ac] Bug #321: Add cross-compile support to configure.
Parts by chua at ayrnetworks.com, astrand at lysator.liu.se and me. ok djm@
- (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c]
Bug #892: Send messages from failing PAM account modules to the client via
SSH2_MSG_USERAUTH_BANNER messages. Note that this will not happen with
SSH2 kbdint authentication, which need to be dealt with separately. ok djm@
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from
failing PAM session modules to user then exit, similar to the way
/etc/nologin is handled. ok djm@
dtucker [Mon, 30 Aug 2004 10:42:08 +0000 (10:42 +0000)]
- (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915: only
copy required environment variables on Cygwin. Patch from vinschen at
redhat.com, ok djm@
dtucker [Sun, 29 Aug 2004 11:43:33 +0000 (11:43 +0000)]
- (dtucker) [openbsd-compat/port-aix.c] Bug #712: Explicitly check for
accounts with authentication configs that sshd can't support (ie
SYSTEM=NONE and AUTH1=something).
dtucker [Sun, 29 Aug 2004 09:39:09 +0000 (09:39 +0000)]
- (dtucker) [regress/scp.sh] Make this work on Cygwin too, which doesn't like
files ending in .exe that aren't binaries; patch from vinschen at redhat.com.
dtucker [Sun, 29 Aug 2004 07:14:31 +0000 (07:14 +0000)]
- (dtucker) [regress/dynamic-forward.sh] Allow time for connections to be torn
down, needed on some platforms, should be harmless on others. Patch from
jason at devrandom.org.
dtucker [Sun, 29 Aug 2004 06:31:28 +0000 (06:31 +0000)]
- dtucker@cvs.openbsd.org 2004/08/23 14:26:38
[ssh-keysign.c ssh.c]
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
change in Portable; ok markus@ (CVS ID sync only)
dtucker [Sun, 29 Aug 2004 06:12:29 +0000 (06:12 +0000)]
- (dtucker) [openbsd-compat/getrrsetbyname.c] Prevent getrrsetbyname from
failing with NOMEMORY if no sigs are returned and malloc(0) returns NULL.
From Martin.Kraemer at Fujitsu-Siemens.com; ok djm@
dtucker [Sat, 14 Aug 2004 14:09:11 +0000 (14:09 +0000)]
- (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Plug AIX login recording into login_write so logins will be recorded for
all auth types.
dtucker [Thu, 12 Aug 2004 12:49:00 +0000 (12:49 +0000)]
- djm@cvs.openbsd.org 2004/08/11 11:59:22
[sshlogin.c]
check that lseek went were we told it to; ok markus@
(Id sync only, but similar changes are needed in loginrec.c)