damien [Mon, 22 Nov 1999 02:22:29 +0000 (02:22 +0000)]
- OpenBSD CVS Changes
- [ssh-keygen.c]
don't create ~/.ssh only if the user wants to store the private
key there. show fingerprint instead of public-key after
keygeneration. ok niels@
damien [Sun, 21 Nov 1999 02:23:52 +0000 (02:23 +0000)]
- OpenBSD CVS Changes
- [channels.c]
make this compile, bad markus
- [log.c readconf.c servconf.c ssh.h]
bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.
- [servconf.c]
remove unused index (-Wall)
- [ssh-agent.c]
only one 'extern char *__progname'
- [sshd.8]
document SIGHUP, -Q to synopsis
- [sshconnect.c serverloop.c sshd.c packet.c packet.h]
[channels.c clientloop.c]
SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
[hope this time my ISP stays alive during commit]
damien [Sat, 20 Nov 1999 01:18:40 +0000 (01:18 +0000)]
- Merged more Solaris support from Marc G. Fournier
<marc.fournier@acadiau.ca>
- Wrote autoconf tests for integer bit-types
- Fixed enabling kerberos support
damien [Fri, 19 Nov 1999 02:03:25 +0000 (02:03 +0000)]
- Added autoconf option to enable Kerberos 4 support (untested)
- Added autoconf option to enable AFS support (untested)
- Added autoconf option to enable S/Key support (untested)
- Added autoconf option to enable TCP wrappers support (compiles OK)
damien [Thu, 18 Nov 1999 21:25:48 +0000 (21:25 +0000)]
- Merged OpenBSD CVS changes
- [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
more %d vs. %s in fmt-strings
- [authfd.c]
Integers should not be printed with %s
damien [Wed, 17 Nov 1999 22:28:11 +0000 (22:28 +0000)]
- Merged OpenBSD CVS changes
- [scp.c] foregroundproc() in scp
- [sshconnect.h] include fingerprint.h
- [sshd.c] bugfix: the log() for passwd-auth escaped during logging
changes.
- Added openssh.com info to README
damien [Wed, 17 Nov 1999 06:29:08 +0000 (06:29 +0000)]
- Merged OpenBSD CVS changes
- [ChangeLog.Ylonen] noone needs this anymore
- [authfd.c] close-on-exec for auth-socket, ok deraadt
- [hostfile.c]
in known_hosts key lookup the entry for the bits does not need
to match, all the information is contained in n and e. This
solves the problem with buggy servers announcing the wrong
modulus length. markus and me.
- [serverloop.c]
bugfix: check for space if child has terminated, from:
iedowse@maths.tcd.ie
- [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
[fingerprint.c fingerprint.h]
rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
- [ssh-agent.1] typo
- [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
- [sshd.c]
force logging to stderr while loading private key file
(lost while converting to new log-levels)
damien [Tue, 16 Nov 1999 02:37:16 +0000 (02:37 +0000)]
- Merged OpenBSD CVS changes:
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
[mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
the keysize of rsa-parameter 'n' is passed implizit,
a few more checks and warnings about 'pretended' keysizes.
- [cipher.c cipher.h packet.c packet.h sshd.c]
remove support for cipher RC4
- [ssh.c]
a note for legay systems about secuity issues with permanently_set_uid(),
the private hostkey and ptrace()
- [sshconnect.c]
more detailed messages about adding and checking hostkeys
damien [Mon, 15 Nov 1999 04:25:10 +0000 (04:25 +0000)]
- Merged more OpenBSD CVS changes:
[auth-krb4.c]
- disconnect if getpeername() fails
- missing xfree(*client)
[canohost.c]
- disconnect if getpeername() fails
- fix comment: we _do_ disconnect if ip-options are set
[sshd.c]
- disconnect if getpeername() fails
- move checking of remote port to central place
[auth-rhosts.c] move checking of remote port to central place
[log-server.c] avoid extra fd per sshd, from millert@
[readconf.c] print _all_ bad config-options in ssh(1), too
[readconf.h] print _all_ bad config-options in ssh(1), too
[ssh.c] print _all_ bad config-options in ssh(1), too
[sshconnect.c] disconnect if getpeername() fails
- OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
damien [Mon, 15 Nov 1999 03:25:30 +0000 (03:25 +0000)]
- Merged OpenBSD CVS changes:
- [ssh-add.c] change passphrase loop logic and remove ref to
$DISPLAY, ok niels
- Changed to ssh-add.c broke askpass support. Revised it to be a little more
modular.
- Revised autoconf support for enabling/disabling askpass support.
damien [Sat, 13 Nov 1999 02:22:46 +0000 (02:22 +0000)]
- Merged OpenBSD CVS changes:
- [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
- [scp.c] fix overflow reported by damien@ibs.com.au: off_t
totalsize, ok niels,aaron
damien [Fri, 12 Nov 1999 04:19:27 +0000 (04:19 +0000)]
- Merged yet more changes from OpenBSD CVS
- [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
[ssh.c ssh.h sshconnect.c sshd.c]
make all access to options via 'extern Options options'
and 'extern ServerOptions options' respectively;
options are no longer passed as arguments:
* make options handling more consistent
* remove #include "readconf.h" from ssh.h
* readconf.h is only included if necessary
- [mpaux.c] clear temp buffer
- [servconf.c] print _all_ bad options found in configfile
damien [Fri, 12 Nov 1999 00:33:04 +0000 (00:33 +0000)]
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
- [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
deraadt,millert
- Brought default sshd_config more in line with OpenBSDs
damien [Thu, 11 Nov 1999 00:43:13 +0000 (00:43 +0000)]
- [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
damien [Wed, 10 Nov 1999 23:40:23 +0000 (23:40 +0000)]
- Added (untested) Entropy Gathering Daemon (EGD) support
- Merged several minor fixed:
- ssh-agent commandline parsing
- RPM spec file now installs ssh setuid root
- Makefile creates libdir
- Merged beginnings of Solaris compability from Marc G. Fournier
<marc.fournier@acadiau.ca>
damien [Mon, 8 Nov 1999 23:28:04 +0000 (23:28 +0000)]
- Autodetection of SSL/Crypto library location via autoconf
- Fixed location of ssh-askpass to follow autoconf
- Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
- Autodetection of RSAref library for US users
- Minor doc updates
damien [Mon, 8 Nov 1999 04:30:59 +0000 (04:30 +0000)]
Lots of changes:
- Removed lots of unnecessary checks from autoconf
- Added support and autoconf test for openpty() function (Unix98 pty support)
- Fix for scp not finding ssh if not installed as /usr/bin/ssh
- Added TODO file
- Merged parts of Debian patch From Phil Hands <phil@hands.com>:
- Added ssh-askpass program
- Added ssh-askpass support to ssh-add.c
- Create symlinks for slogin on install
- Fix "distclean" target in makefile
- Added example for ssh-agent to manpage
- Added support for PAM_TEXT_INFO messages
- Disable internal /etc/nologin support if PAM enabled
- Merged latest OpenBSD CVS changes:
- [sshd.c] don't send fail-msg but disconnect if too many authentication
failures
- [sshd.c] replace assert() with error, fatal or packet_disconnect
- [sshd.c] remove unused argument. ok dugsong
- [sshd.c] typo
- [rsa.c] clear buffers used for encryption. ok: niels
- [rsa.c] replace assert() with error, fatal or packet_disconnect
- Fixed coredump after merge of OpenBSD rsa.c patch