dtucker [Mon, 7 Mar 2005 07:33:02 +0000 (07:33 +0000)]
- dtucker@cvs.openbsd.org 2005/02/27 11:33:30
[multiplex.sh test-exec.sh sshd-log-wrapper.sh]
Add optional capability to log output from regress commands; ok markus@
Use with: make TEST_SSH_LOGFILE=/tmp/regress.log
djm [Wed, 2 Mar 2005 01:05:06 +0000 (01:05 +0000)]
- jmc@cvs.openbsd.org 2005/03/01 18:15:56
[ssh-keygen.1]
sort options (no attempt made at synopsis clean up though);
spelling (occurance -> occurrence);
use prompt before examples;
grammar;
djm [Tue, 1 Mar 2005 10:48:35 +0000 (10:48 +0000)]
- djm@cvs.openbsd.org 2005/03/01 10:42:49
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
djm [Tue, 1 Mar 2005 10:47:37 +0000 (10:47 +0000)]
- djm@cvs.openbsd.org 2005/03/01 10:40:27
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@
djm [Tue, 1 Mar 2005 10:24:33 +0000 (10:24 +0000)]
- djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
djm [Tue, 1 Mar 2005 10:17:31 +0000 (10:17 +0000)]
- djm@cvs.openbsd.org 2005/02/28 00:54:10
[ssh_config.5]
bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
orion AT cora.nwra.com; ok markus@
dtucker [Fri, 25 Feb 2005 23:12:38 +0000 (23:12 +0000)]
- (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
binaries without the config files. Primarily useful for packaging.
Patch from phil at usc.edu. ok djm@
dtucker [Fri, 25 Feb 2005 23:07:37 +0000 (23:07 +0000)]
- (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
more. Patch from vinschen at redhat.com.
dtucker [Sun, 20 Feb 2005 10:01:48 +0000 (10:01 +0000)]
- (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support. Configure
--with-audit=bsm to enable. Patch originally from Sun Microsystems,
parts by John R. Jackson. ok djm@
dtucker [Wed, 16 Feb 2005 05:47:37 +0000 (05:47 +0000)]
- (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic
authentication early enough to be available to PAM session modules when
privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam
Hartman and similar to Debian's ssh-krb5 package.
dtucker [Wed, 16 Feb 2005 05:19:17 +0000 (05:19 +0000)]
- (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant
Unix; prevents problems relating to the location of -lresolv in the
link order.
dtucker [Tue, 15 Feb 2005 10:45:57 +0000 (10:45 +0000)]
- (dtucker) [README.platform auth.c configure.ac loginrec.c
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
on AIX where possible (see README.platform for details) and work around
a misfeature of AIX's getnameinfo. ok djm@
dtucker [Wed, 9 Feb 2005 11:17:28 +0000 (11:17 +0000)]
- (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
the username to be passed to the passwd command when changing expired
passwords. ok djm@
dtucker [Wed, 9 Feb 2005 06:08:23 +0000 (06:08 +0000)]
- (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
disable_forwarding() from compat library. Prevent linker errrors trying
to resolve it for binaries other than sshd. ok djm@
dtucker [Tue, 8 Feb 2005 22:46:47 +0000 (22:46 +0000)]
- dtucker@cvs.openbsd.org 2005/01/28 09:45:53
[ssh_config]
Make it clear that the example entries in ssh_config are only some of the
commonly-used options and refer the user to ssh_config(5) for more
details; ok djm@
dtucker [Tue, 8 Feb 2005 10:52:47 +0000 (10:52 +0000)]
- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
defines and enums with SSH_ to prevent namespace collisions on some
platforms (eg AIX).
dtucker [Tue, 8 Feb 2005 09:17:17 +0000 (09:17 +0000)]
- (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the
regress tests so newer versions of GNU head(1) behave themselves. Patch
by djm, so ok me.
dtucker [Wed, 2 Feb 2005 13:37:14 +0000 (13:37 +0000)]
- (dtucker) [added audit.c audit.h] Bug #125: (first stage) Add audit
instrumentation to sshd, currently disabled by default. with suggestions
from and djm@
dtucker [Wed, 2 Feb 2005 12:30:24 +0000 (12:30 +0000)]
- (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c]
Bug #974: Teach sshd to write failed login records to btmp for failed auth
attempts (currently only for password, kbdint and C/R, only on Linux and
HP-UX), based on code from login.c from util-linux. With ashok_kovai at
hotmail.com, ok djm@
dtucker [Wed, 2 Feb 2005 07:30:33 +0000 (07:30 +0000)]
- (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to child
the process. Since we also unset KRB5CCNAME at startup, if it's set after
authentication it must have been set by the platform's native auth system.
This was already done for AIX; this enables it for the general case.
dtucker [Wed, 2 Feb 2005 06:10:11 +0000 (06:10 +0000)]
- (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]
Make record_failed_login() call provide hostname rather than having the
implementations having to do lookups themselves. Only affects AIX and
UNICOS (the latter only uses the "user" parameter anyway). ok djm@
dtucker [Tue, 1 Feb 2005 06:35:09 +0000 (06:35 +0000)]
- (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on some
platforms syslog will revert to its default values. This may result in
messages from external libraries (eg libwrap) being sent to a different
facility.
dtucker [Mon, 24 Jan 2005 10:57:40 +0000 (10:57 +0000)]
- dtucker@cvs.openbsd.org 2005/01/24 10:22:06
[scp.c sftp.c]
Have scp and sftp wait for the spawned ssh to exit before they exit
themselves. This prevents ssh from being unable to restore terminal
modes (not normally a problem on OpenBSD but common with -Portable
on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950);
ok djm@ markus@
dtucker [Mon, 24 Jan 2005 10:56:48 +0000 (10:56 +0000)]
- dtucker@cvs.openbsd.org 2005/01/22 08:17:59
[auth.c]
Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and
DenyGroups. bz #909, ok djm@
dtucker [Mon, 24 Jan 2005 10:55:49 +0000 (10:55 +0000)]
- otto@cvs.openbsd.org 2005/01/21 08:32:02
[auth-passwd.c sshd.c]
Warn in advance for password and account expiry; initialize loginmsg
buffer earlier and clear it after privsep fork. ok and help dtucker@
markus@
dtucker [Thu, 20 Jan 2005 11:07:29 +0000 (11:07 +0000)]
- (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128
bytes to prevent errors from login_init_entry() when the username is
exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@
dtucker [Thu, 20 Jan 2005 02:27:56 +0000 (02:27 +0000)]
- djm@cvs.openbsd.org 2004/12/22 02:13:19
[cipher-ctr.c cipher.c]
remove fallback AES support for old OpenSSL, as OpenBSD has had it for
many years now; ok deraadt@
(Id sync only: Portable will continue to support older OpenSSLs)
dtucker [Thu, 20 Jan 2005 01:43:38 +0000 (01:43 +0000)]
- (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
dtucker [Thu, 20 Jan 2005 00:05:34 +0000 (00:05 +0000)]
- dtucker@cvs.openbsd.org 2005/01/19 13:11:47
[auth-bsdauth.c auth2-chall.c]
Have keyboard-interactive code call the drivers even for responses for
invalid logins. This allows the drivers themselves to decide how to
handle them and prevent leaking information where possible. Existing
behaviour for bsdauth is maintained by checking authctxt->valid in the
bsdauth driver. Note that any third-party kbdint drivers will now need
to be able to handle responses for invalid logins. ok markus@