dtucker [Thu, 21 Aug 2003 08:23:13 +0000 (08:23 +0000)]
- (dtucker) [configure.ac] Bug #536: Test for and work around openpty/
controlling tty problem on Linux (fixes "could not set controlling tty"
errors).
dtucker [Thu, 21 Aug 2003 07:08:43 +0000 (07:08 +0000)]
- (dtucker) [defines.h] Bug #336: Add CMSG_DATA and CMSG_FIRSTHDR macros if
not already defined (eg Linux with some versions of libc5), based on those
from OpenBSD.
dtucker [Thu, 21 Aug 2003 06:16:21 +0000 (06:16 +0000)]
- (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before
searching libraries for it. Fixes build errors on NCR MP-RAS.
- (dtucker) [configure.ac] Define STREAMS_PUSH_ACQUIRES_CTTY for NCR MP-RAS
and Reliant Unix. Fixes "can't set controlling tty errors".
- (djm) Add back radix.o (used by AFS support), after it went missing from
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
- itojun@cvs.openbsd.org 2003/04/08 20:21:29
[*.c *.h]
rename log() into logit() to avoid name conflict. markus ok, from
netbsd
- (djm) XXX - Performed locally using:
"perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h"
- (djm) Fix up missing include for packet.c
- millert@cvs.openbsd.org 2003/04/07 21:58:05
[progressmeter.c]
The UCB copyright here is incorrect. This code did not originate
at UCB, it was written by Luke Mewburn. Updated the copyright at
the author's request. markus@ OK
- itojun@cvs.openbsd.org 2003/04/03 07:25:27
[progressmeter.c]
$OpenBSD$
- itojun@cvs.openbsd.org 2003/04/03 10:17:35
[progressmeter.c]
remove $OpenBSD$, as other *.c does not have it.
- markus@cvs.openbsd.org 2003/04/01 10:10:23
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
djm [Wed, 26 Mar 2003 05:01:11 +0000 (05:01 +0000)]
- (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2003/03/26 04:02:51
[sftp-server.c]
one last fix to the tree: race fix broke stuff; pr 3169;
srp@srparish.net, help from djm
mouring [Fri, 21 Mar 2003 01:18:09 +0000 (01:18 +0000)]
- (bal) Disable Privsep for Tru64 after pre-authentication due to issues
with SIA. Also, clean up of tru64 support patch by Chris Adams
<cmadams@hiwaay.net>
djm [Sat, 15 Mar 2003 00:37:09 +0000 (00:37 +0000)]
- markus@cvs.openbsd.org 2003/03/13 11:44:50
[ssh-agent.c]
ssh-agent is similar to ssh-keysign (allows other processes to use
private rsa keys). however, it gets key over socket and not from
a file, so we have to do blinding here as well.
djm [Mon, 24 Feb 2003 01:03:03 +0000 (01:03 +0000)]
- markus@cvs.openbsd.org 2003/02/16 17:09:57
[kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c]
split kex into client and server code, no need to link
server code into the client; ok provos@
djm [Mon, 24 Feb 2003 00:55:46 +0000 (00:55 +0000)]
- markus@cvs.openbsd.org 2003/02/04 09:33:22
[monitor.c monitor_wrap.c]
skey/bsdauth: use 0 to indicate failure instead of -1, because
the buffer API only supports unsigned ints.
djm [Mon, 24 Feb 2003 00:53:32 +0000 (00:53 +0000)]
- markus@cvs.openbsd.org 2003/02/02 10:56:08
[kex.c]
add support for key exchange guesses; based on work by
avraham.fraenkel@commatch.com; fixes bug #148; ok deraadt@
djm [Mon, 24 Feb 2003 00:52:58 +0000 (00:52 +0000)]
- markus@cvs.openbsd.org 2003/02/02 10:51:13
[scp.c]
call okname() only when using system(3) for remote-remote copy;
fixes bugs #483, #472; ok deraadt@, mouring@
djm [Mon, 24 Feb 2003 00:48:22 +0000 (00:48 +0000)]
- (djm) Tweak gnome-ssh-askpass2:
- Retry kb and mouse grab a couple of times, so passphrase dialog doesn't
immediately fail if you are doing something else when it appears (e.g.
dragging a window)
- Perform server grab after we have the keyboard and/or pointer to avoid
races.
djm [Fri, 24 Jan 2003 00:36:23 +0000 (00:36 +0000)]
- markus@cvs.openbsd.org 2003/01/23 13:50:27
[authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c]
ssh-add -c, prompt user for confirmation (using ssh-askpass) when
private agent key is used; with djm@; test by dugsong@, djm@;
ok deraadt@