262ff170fb
- (djm) Added 'distprep' make target to simplify packaging
2000-06-28 08:24:49 +10:00
91606b17d2
- (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
...
Irix 6.x array sessions, project id's, and system audit trail id.
2000-06-28 08:22:29 +10:00
53c5d467c3
- (djm) Fixes to lastlog code for Irix
...
- (djm) Use atomicio in loginrec
2000-06-28 00:50:50 +10:00
dd47aa21fa
- (djm) Formatting
2000-06-27 11:18:27 +10:00
f8af08d7cb
- (djm) Fixes to login code - not setting li->uid, cleanups
2000-06-27 09:40:06 +10:00
0800647391
Fix fixed egd code
2000-06-26 13:55:31 +10:00
6468125052
- (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
...
based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-06-26 13:01:33 +10:00
1f335fb8d8
- (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
...
- (djm) Added password expiry checking (no password change support)
2000-06-26 11:31:33 +10:00
c0fd17fdca
- OpenBSD CVS update
...
- provos@cvs.openbsd.org 2000/06/25 14:17:58
[channels.c]
correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
2000-06-26 10:22:53 +10:00
8dd33fd1d5
- Better fix to aclocal tests from Garrick James <garrick@james.net>
2000-06-26 10:20:19 +10:00
bf7f466206
- OpenBSD CVS Updates:
...
- markus@cvs.openbsd.org 2000/06/22 10:32:27
[sshd.c]
missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
- djm@cvs.openbsd.org 2000/06/22 17:55:00
[auth-krb4.c key.c radix.c uuencode.c]
Missing CVS idents; ok markus
2000-06-23 10:16:38 +10:00
b54b40ef06
- (djm) Use sa_family_t in prototype for rresvport_af. Patch from
...
Svante Signell <svante.signell@telia.com>
- (djm) Autoconf logic to define sa_family_t if it is missing
2000-06-23 08:23:34 +10:00
6536c7d3c9
- OpenBSD CVS Updates:
...
- markus@cvs.openbsd.org 2000/06/18 18:50:11
[auth2.c compat.c compat.h sshconnect2.c]
make userauth+pubkey interop with ssh.com-2.2.0
- markus@cvs.openbsd.org 2000/06/18 20:56:17
[dsa.c]
mem leak + be more paranoid in dsa_verify.
- markus@cvs.openbsd.org 2000/06/18 21:29:50
[key.c]
cleanup fingerprinting, less hardcoded sizes
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
[buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
[kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
[nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
- markus@cvs.openbsd.org 2000/06/21 10:46:10
sshconnect2.c missing free; nuke old comment
2000-06-22 21:32:31 +10:00
099f505f95
- (djm) Automatically generate host key during "make install". Suggested
...
by Gary E. Miller <gem@rellim.com>
- (djm) Paranoia before kill() system call
2000-06-22 20:57:11 +10:00
2f02295d31
typo
2000-06-20 13:50:01 +10:00
edb82929fa
- (djm) Replace use of '-o' and '-a' logical operators in configure tests
...
with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
2000-06-20 13:25:52 +10:00
0f91b4e3a1
- (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
2000-06-18 15:43:25 +10:00
f6d9e22189
- OpenBSD CVS updates:
...
- deraadt@cvs.openbsd.org 2000/06/17 09:58:46
[channels.c]
everyone says "nix it" (remove protocol 2 debugging message)
- markus@cvs.openbsd.org 2000/06/17 13:24:34
[sshconnect.c]
allow extended server banners
- markus@cvs.openbsd.org 2000/06/17 14:30:10
[sshconnect.c]
missing atomicio, typo
- jakob@cvs.openbsd.org 2000/06/17 16:52:34
[servconf.c servconf.h session.c sshd.8 sshd_config]
add support for ssh v2 subsystems. ok markus@.
- deraadt@cvs.openbsd.org 2000/06/17 18:57:48
[readconf.c servconf.c]
include = in WHITESPACE; markus ok
- markus@cvs.openbsd.org 2000/06/17 19:09:10
[auth2.c]
implement bug compatibility with ssh-2.0.13 pubkey, server side
- markus@cvs.openbsd.org 2000/06/17 21:00:28
[compat.c]
initial support for ssh.com's 2.2.0
- markus@cvs.openbsd.org 2000/06/17 21:16:09
[scp.c]
typo
- markus@cvs.openbsd.org 2000/06/17 22:05:02
[auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
split auth-rsa option parsing into auth-options
add options support to authorized_keys2
- markus@cvs.openbsd.org 2000/06/17 22:42:54
[session.c]
typo
2000-06-18 14:50:44 +10:00
7b22d65034
- (djm) Add summary of configure options to end of ./configure run
...
- (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Michael Stone <mstone@cs.loyola.edu>
- (djm) rusage is a privileged operation on some Unices (incl.
Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
- (djm) Avoid PAM failures when running without a TTY. Report from
Martin Petrak <petrak@spsknm.schools.sk>
- (djm) Include sys/types.h when including netinet/in.h in configure tests.
Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
2000-06-18 14:07:04 +10:00
1a13225d87
- (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
...
<P.S.S.Camp@ukc.ac.uk>
2000-06-13 21:23:17 +10:00
a66626b2d5
- (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
...
- Platform define for SCO 3.x which breaks on /dev/ptmx
- Detect and try to fix missing MAXPATHLEN
2000-06-13 18:57:53 +10:00
35ad6bee4b
- (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
...
- Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
def'd
- Set AIX to use preformatted manpages
2000-06-12 22:41:27 +00:00
c29de955f4
- (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
2000-06-12 23:04:18 +10:00
e69f18cbff
- (djm) Glob manpages in RPM spec files to catch compressed files
...
- (djm) Full license in auth-pam.c
2000-06-12 16:38:54 +10:00
d900e45faa
- (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
2000-06-10 16:51:33 +10:00
c601a7596f
- (djm) Minor doc tweaks
2000-06-10 08:33:38 +10:00
a1cb64484e
- (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
...
(in favour of utmpx) on Solaris 8
2000-06-09 11:58:35 +10:00
14c12cb000
- (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
...
list of commands (by default). Removed verbose debugging (by default).
- (djm) Increased command entropy estimates and default entropy collection
timeout
2000-06-07 22:20:23 +10:00
d5bf307f7b
- (djm) Remove duplicate headers from loginrec.c
2000-06-07 21:32:13 +10:00
9e11089afb
- (djm) Don't add /usr/local/lib to library search path on Irix
2000-06-07 21:05:46 +10:00
5314ae7855
- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
...
<zack@wolery.cumb.org>
2000-06-07 20:08:19 +10:00
d3a185709d
- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
...
<tibbs@math.uh.edu>
- (djm) OpenBSD CVS updates:
- todd@cvs.openbsd.org
[sshconnect2.c]
teach protocol v2 to count login failures properly and also enable an
explanation of why the password prompt comes up again like v1; this is NOT
crypto
- markus@cvs.openbsd.org
[readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
xauth_location support; pr 1234
[readconf.c sshconnect2.c]
typo, unused
[session.c]
allow use_login only for login sessions, otherwise remote commands are
execed with uid==0
[sshd.8]
document UseLogin better
[version.h]
OpenSSH 2.1.1
[auth-rsa.c]
fix match_hostname() logic for auth-rsa: deny access if we have a
negative match or no match at all
[channels.c hostfile.c match.c]
don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
kris@FreeBSD.org
2000-06-07 19:55:44 +10:00
e37bfc19f7
- (djm) Added --with-cflags, --with-ldflags and --with-libs options to
...
configure.
2000-06-05 09:37:43 +10:00
a86c7eccbf
Added missed info for 20000603 login code update
...
Noted 20000604 updates
2000-06-04 17:00:15 +00:00
2994e0891b
- Configure tweaking for new login code on Irix 5.3
2000-06-04 15:51:47 +10:00
1c77392bce
- Rewrote bsd-login to use proper utmp API if available. Major cleanup
...
of fallback DIY code.
2000-05-31 13:57:18 +10:00
1ea8ac7b90
- Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
...
update credits
2000-05-31 11:24:34 +10:00
2f6a0ad191
- Cleanup of auth.c, login.c and fake-*
...
- Cleanup of auth-pam.c, save and print "account expired" error messages
2000-05-31 11:20:11 +10:00
03934f2eef
doc
2000-05-30 14:01:10 +10:00
b1715dc0cf
- OpenBSD CVS updates:
...
- markus@cvs.openbsd.org
[session.c]
make x11-fwd work w/ localhost (xauth add host/unix:11)
[cipher.c compat.c readconf.c servconf.c]
check strtok() != NULL; ok niels@
[key.c]
fix key_read() for uuencoded keys w/o '='
[serverloop.c]
group ssh1 vs. ssh2 in serverloop
[kex.c kex.h myproposal.h sshconnect2.c sshd.c]
split kexinit/kexdh, factor out common code
[readconf.c ssh.1 ssh.c]
forwardagent defaults to no, add ssh -A
- theo@cvs.openbsd.org
[session.c]
just some line shortening
2000-05-30 13:44:51 +10:00
c252e2efa1
- Fix buffer overrun in login.c for systems which use syslen in utmpx.
...
patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
2000-05-30 13:12:46 +10:00
be260a0f0d
- Define atexit for old Solaris
2000-05-30 12:57:46 +10:00
7b63b0f66e
- Doc cleanup
2000-05-20 15:41:26 +10:00
fda78d9bd0
- HPUX and Configure fixes from Lutz Jaenicke
...
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- Use mkinstalldirs script to make directories instead of non-portable
"install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-20 15:33:44 +10:00
dfc83f42eb
- SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
2000-05-20 15:02:59 +10:00
ad1bc5f986
- Don't touch utmp if USE_UTMPX defined
2000-05-20 14:53:09 +10:00
d999ae26b7
- Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
2000-05-20 12:49:31 +10:00
ef7df54073
- Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
...
- OpenBSD CVS updates:
- markus@cvs.openbsd.org
[sshconnect.c]
copy only ai_addrlen bytes; misiek@pld.org.pl
[auth.c]
accept an empty shell in authentication; bug reported by
chris@tinker.ucr.edu
[serverloop.c]
we don't have stderr for interactive terminal sessions (fcntl errors)
2000-05-19 00:03:23 +10:00
3b512e18dc
- Detect OpenSSL seperatly from RSA
...
- Better test for RSA (more compatible with RSAref). Based on work by
Ed Eden <ede370@stl.rural.usda.gov>
2000-05-17 23:29:18 +10:00
c4be7ce669
- RSAless operation patch from kevin_oconnor@standardandpoors.com
2000-05-17 23:02:03 +10:00
615f939ebb
- Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
...
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
2000-05-17 22:53:33 +10:00
dcb6ecd1b3
- OpenBSD CVS update:
...
- markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
draft-ietf-secsh-architecture-05.txt
[ssh.1]
document ssh -T -N (ssh2 only)
[channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
enable nonblocking IO for sshd w/ proto 1, too; split out common code
[aux.c]
missing include
2000-05-17 22:34:22 +10:00
0e65eed58a
- Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
2000-05-17 22:16:05 +10:00
f3c6cf1383
- Avoid WCOREDUMP complation errors for systems that lack it
...
- Avoid SIGCHLD warnings from entropy commands
2000-05-17 22:08:29 +10:00
d2c208a2d3
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
2000-05-17 22:00:02 +10:00
8d1fd57a97
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
...
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Fixes erroneous printing of debug messages to syslog
- Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
optionally run 'ent' to measure command entropy
2000-05-17 21:34:07 +10:00
95fe91bd84
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
...
<misiek@pld.org.pl>
2000-05-13 12:31:22 +10:00
accfeb3afe
- Fix for prng_seed permissions checking from Lutz Jaenicke
...
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-05-11 19:10:58 +10:00
95e8963429
idoh
2000-05-09 15:28:50 +10:00
54057c2b9b
- Doc updates
2000-05-09 15:03:37 +10:00
16e519cb9c
- Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
2000-05-09 14:28:55 +10:00
30c3d42930
- OpenBSD CVS update
...
- markus@cvs.openbsd.org
[cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
[ssh.h sshconnect1.c sshconnect2.c sshd.8]
- complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
- hugh@cvs.openbsd.org
[ssh.1]
- zap typo
[ssh-keygen.1]
- One last nit fix. (markus approved)
[sshd.8]
- some markus certified spelling adjustments
- markus@cvs.openbsd.org
[auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
[sshconnect2.c ]
- bug compat w/ ssh-2.0.13 x11, split out bugs
[nchan.c]
- no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
[ssh-keygen.c]
- handle escapes in real and original key format, ok millert@
[version.h]
- OpenSSH-2.1
2000-05-09 11:02:59 +10:00
61e50f10c2
- Configure caching and cleanup patch from Andre Lucas'
...
<andre.lucas@dial.pipex.com>
2000-05-08 20:49:37 +10:00
6d48871faf
- OpenBSD CVS update
...
- markus@cvs.openbsd.org
[clientloop.c sshconnect2.c]
- make x11-fwd interop w/ ssh-2.0.13
[README.openssh2]
- interop w/ SecureFX
- Release 2.0.0beta2
2000-05-08 13:44:52 +10:00
58e579bcd9
- Generate DSA host keys during "make key" or RPM installs
2000-05-08 00:05:31 +10:00
e247cc402b
- Remove references to SSLeay.
...
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 12:03:14 +10:00
0437b33e54
- Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
...
gathering commands from a text file
2000-05-02 09:56:41 +10:00
6f83b8e34d
- OpenBSD CVS update
...
[channels.c]
- init all fds, close all fds.
[sshconnect2.c]
- check whether file exists before asking for passphrase
[servconf.c servconf.h sshd.8 sshd.c]
- PidFile, pr 1210
[channels.c]
- EINTR
[channels.c]
- unbreak, ok niels@
[sshd.c]
- unlink pid file, ok niels@
[auth2.c]
- Add missing #ifdefs; ok - markus
2000-05-02 09:23:45 +10:00
63560f9bfc
Prepare for 2.0.0beta1
2000-05-02 09:06:04 +10:00
fc0b11b5aa
- Irix portability fixes - don't include netinet headers more than once
...
- Make sure we don't save PRNG seed more than once
2000-05-02 00:03:55 +10:00
7c0042629e
- Deprecate perl-tk askpass.
2000-05-01 22:57:46 +10:00
1cead2c02c
- Add some missing ifdefs to auth2.c
2000-05-01 22:55:23 +10:00
0e489dc5ae
- Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
...
<gd@hilb1.medat.de>
2000-05-01 22:53:53 +10:00
35dabd0398
[scp.c]
...
- fix very rare EAGAIN/EINTR issues; based on work by djm
[packet.c]
- less debug, rm unused
[auth2.c]
- disable kerb,s/key in ssh2
[sshd.8]
- Minor tweaks and typo fixes.
[ssh-keygen.c]
- Put -d into usage and reorder. markus ok.
2000-05-01 21:10:33 +10:00
70fb671d21
- Fixed __progname symbol collisions reported by Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-05-01 20:59:50 +10:00
e59ce627a4
- Include missing headers for OpenSSL tests. Fix from Phil Karn
...
<karn@ka9q.ampr.org>
2000-05-01 20:54:17 +10:00
7c8af4fca8
packet.c
...
send debug messages in SSH2 format
2000-05-01 08:24:07 +10:00
bd483e7690
- More OpenBSD updates:
...
[session.c]
- don't call chan_write_failed() if we are not writing
[auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
- keysize warnings error() -> log()
2000-04-30 10:00:53 +10:00
4018c1985d
- Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
...
patch.
- Adds timeout to entropy collection
- Disables slow entropy sources
- Load and save seed file
- Changed entropy seed code to user per-user seeds only (server seed is
saved in root's .ssh directory)
- Use atexit() and fatal cleanups to save seed on exit
2000-04-30 09:30:44 +10:00
1bead335d7
- Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
2000-04-30 00:47:29 +10:00
eba71bab9b
- Merge big update to OpenSSH-2.0 from OpenBSD CVS
...
[README.openssh2]
- interop w/ F-secure windows client
- sync documentation
- ssh_host_dsa_key not ssh_dsa_key
[auth-rsa.c]
- missing fclose
[auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
[readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
[sshd.c uuencode.c uuencode.h authfile.h]
- add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
for trading keys with the real and the original SSH, directly from the
people who invented the SSH protocol.
[auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
[sshconnect1.c sshconnect2.c]
- split auth/sshconnect in one file per protocol version
[sshconnect2.c]
- remove debug
[uuencode.c]
- add trailing =
[version.h]
- OpenSSH-2.0
[ssh-keygen.1 ssh-keygen.c]
- add -R flag: exit code indicates if RSA is alive
[sshd.c]
- remove unused
silent if -Q is specified
[ssh.h]
- host key becomes /etc/ssh_host_dsa_key
[readconf.c servconf.c ]
- ssh/sshd default to proto 1 and 2
[uuencode.c]
- remove debug
[auth2.c ssh-keygen.c sshconnect2.c sshd.c]
- xfree DSA blobs
[auth2.c serverloop.c session.c]
- cleanup logging for sshd/2, respect PasswordAuth no
[sshconnect2.c]
- less debug, respect .ssh/config
[README.openssh2 channels.c channels.h]
- clientloop.c session.c ssh.c
- support for x11-fwding, client+server
2000-04-29 23:57:08 +10:00
8117111a3c
- Define __progname in session.c if libc doesn't
...
- Remove indentation on autoconf #include statements to avoid bug in
DEC Tru64 compiler. Report and fix from David Del Piero
<David.DelPiero@qed.qld.gov.au>
2000-04-23 11:14:01 +10:00
a552faf564
- Merge fix from OpenBSD CVS
...
[ssh-agent.c]
- Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
via Debian bug #59926
2000-04-21 15:55:20 +10:00
f3a3fee942
- Debian bug #58031 - ssh_config lies about default cipher
2000-04-20 23:32:48 +10:00
cfabe86720
- Debian bug #55910 - remove references to ssl(8) manpages
2000-04-20 23:27:27 +10:00
d0cff3ecc4
- Merge fixes from Debian patch from Phil Hands <phil@hands.com>
...
- Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
- Use vhangup to clean up Linux ttys
- Force posix getopt processing on GNU libc systems
2000-04-20 23:12:58 +10:00
166fca8894
- Sync with OpenBSD CVS:
...
[clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
- pid_t
[session.c]
- remove bogus chan_read_failed. this could cause data
corruption (missing data) at end of a SSH2 session.
2000-04-20 07:42:21 +10:00
3ef692aa05
- Make fixpaths work with perl4, patch from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-04-20 07:33:24 +10:00
8bb73be04e
- OpenBSD CVS updates
...
[channels.c]
- fix pr 1196, listen_port and port_to_connect interchanged
[scp.c]
- after completion, replace the progress bar ETA counter with a final
elapsed time; my idea, aaron wrote the patch
[ssh_config sshd_config]
- show 'Protocol' as an example, ok markus@
[sshd.c]
- missing xfree()
- Add missing header to bsd-misc.c
2000-04-19 16:26:12 +10:00
5f05637b0e
- Reduce diff against OpenBSD source
...
- All OpenSSL includes are now unconditionally referenced as
openssl/foo.h
- Pick up formatting changes
- Other minor changed (typecasts, etc) that I missed
2000-04-16 12:31:48 +10:00
4af51306d9
- OpenBSD CVS updates.
...
[ssh.1 ssh.c]
- ssh -2
[auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
[session.c sshconnect.c]
- check payload for (illegal) extra data
[ALL]
- whitespace cleanup
2000-04-16 11:18:38 +10:00
22c772609a
- Merged OpenBSD updates to include paths.
2000-04-13 12:26:34 +10:00
e71eb91259
doc
2000-04-13 12:19:32 +10:00
78928793fb
- OpenBSD CVS updates:
...
- [channels.c]
repair x11-fwd
- [sshconnect.c]
fix passwd prompt for ssh2, less debugging output.
- [clientloop.c compat.c dsa.c kex.c sshd.c]
less debugging output
- [kex.c kex.h sshconnect.c sshd.c]
check for reasonable public DH values
- [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
[readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
add Cipher and Protocol options to ssh/sshd, e.g.:
ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
arcfour,3des-cbc'
- [sshd.c]
print 1.99 only if server supports both
2000-04-12 20:17:38 +10:00
efb4afe026
- More large OpenBSD CVS updates:
...
- [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
[session.h ssh.h sshd.c README.openssh2]
ssh2 server side, see README.openssh2; enable with 'sshd -2'
- [channels.c]
no adjust after close
- [sshd.c compat.c ]
interop w/ latest ssh.com windows client.
2000-04-12 18:45:05 +10:00
11e37f638d
- Only set define entropy collection macros if they are found
2000-04-08 18:23:30 +10:00
bc7c7cceea
- Avoid some compiler warnings in fake-get*.c
...
- Add IPTOS macros for systems which lack them
2000-04-08 17:48:56 +10:00
1383bd8eb9
- OpenBSD CVS update:
...
- [channels.c]
close efd on eof
- [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
ssh2 client implementation, interops w/ ssh.com and lsh servers.
- [sshconnect.c]
missing free.
- [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
remove unused argument, split cipher_mask()
- [clientloop.c]
re-order: group ssh1 vs. ssh2
- Make Redhat spec require openssl >= 0.9.5a
2000-04-06 12:32:37 +10:00
74a333bbe1
- Generate manpages before make install not at the end of make all
...
- Don't seed the rng quite so often
- Always reseed rng when requested
2000-04-04 15:04:09 +10:00
33b13568b5
- OpenBSD CVS update:
...
- [packet.h packet.c]
ssh2 packet format
- [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
[channels.h channels.c]
channel layer support for ssh2
- [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
DSA, keyexchange, algorithm agreement for ssh2
2000-04-04 14:38:59 +10:00
193ba88dd6
- Add tests for RAND_add function when searching for OpenSSL
2000-04-04 10:21:09 +10:00
70494d18ee
- Disable tests and typedefs for 64 bit types. They are currently unused.
2000-04-03 15:57:06 +10:00
040f3831fc
- Wrote entropy collection routines for systems that lack /dev/random
...
and EGD
2000-04-03 14:50:43 +10:00
b38eff8e4f
- Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
...
- [auth.c session.c sshd.c auth.h]
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
- [bufaux.c bufaux.h]
support ssh2 bignums
- [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
[readconf.c ssh.c ssh.h serverloop.c]
replace big switch() with function tables (prepare for ssh2)
- [ssh2.h]
ssh2 message type codes
- [sshd.8]
reorder Xr to avoid cutting
- [serverloop.c]
close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
- [channels.c]
missing close
allow bigger packets
- [cipher.c cipher.h]
support ssh2 ciphers
- [compress.c]
cleanup, less code
- [dispatch.c dispatch.h]
function tables for different message types
- [log-server.c]
do not log() if debuggin to stderr
rename a cpp symbol, to avoid param.h collision
- [mpaux.c]
KNF
- [nchan.c]
sync w/ channels.c
2000-04-01 11:09:21 +10:00
450a7a1ff4
- OpenBSD CVS update
...
- [auth-krb4.c]
-Wall
- [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
[match.h ssh.c ssh.h sshconnect.c sshd.c]
initial support for DSA keys. ok deraadt@, niels@
- [cipher.c cipher.h]
remove unused cipher_attack_detected code
- [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Fix some formatting problems I missed before.
- [ssh.1 sshd.8]
fix spelling errors, From: FreeBSD
- [ssh.c]
switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
2000-03-26 13:04:51 +10:00
2c9279fa66
- Better tests for OpenSSL w/ RSAref
...
- Added replacement setenv() function from OpenBSD libc. Suggested by
Ben Lindstrom <mouring@pconline.com>
2000-03-26 12:12:34 +10:00
63a46cc4f5
version
2000-03-24 09:24:33 +11:00
e37ac5ae17
- Runtime error fix for HPUX from Otmar Stahl
...
<O.Stahl@lsw.uni-heidelberg.de>
2000-03-17 23:58:59 +11:00
7684ee17ee
- OpenBSD CVS updates:
...
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
[packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
[sshd.c]
pedantic: signed vs. unsigned, void*-arithm, etc
- [ssh.1 sshd.8]
Various cleanups and standardizations.
2000-03-17 23:40:15 +11:00
d6121d2972
- Checks for 64 bit int types. Problem report from Mats Fredholm
...
<matsf@init.se>
2000-03-17 23:26:46 +11:00
29ea30d956
- Clarified --with-default-path option.
...
- Added -blibpath handling for AIX to work around stupid runtime linking.
Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
<jmknoble@pobox.com>
2000-03-17 10:54:15 +11:00
ca9a49cd0b
- Added blurb about "scp: command not found" errors to UPGRADING
2000-03-16 12:23:13 +11:00
9687322c03
spello
2000-03-16 12:07:43 +11:00
fd26368068
- Doc cleanups
2000-03-16 11:51:09 +11:00
166bd448c9
- Propogate LD through to Makefile
2000-03-16 10:48:25 +11:00
08c788a9b3
- Fixed configure not passing LDFLAGS to Solaris. Report from David G.
...
Hesprich <dghespri@sprintparanet.com>
2000-03-16 07:52:29 +11:00
856799ba27
- Configure fix from Bratislav ILICH <bilic@zepter.ru>
2000-03-15 21:18:10 +11:00
8b1c22b775
- Created contrib/ subdirectory. Included helpers from Phil Hands'
...
Debian package, README file and chroot patch from Ricardo Cerqueira
<rmcc@clix.pt>
- Moved gnome-ssh-askpass.c to contrib directory and reomved config
option.
- Slight cleanup to doc files
2000-03-15 12:13:01 +11:00
f09b07a971
- Don't free argument to putenv() after use (in setenv() replacement).
...
Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
2000-03-15 11:23:48 +11:00
a1ad4802ff
- Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
...
problems with gcc/Solaris.
2000-03-15 10:04:54 +11:00
db819595d3
- Include /usr/local/include and /usr/local/lib for systems that don't
...
do it themselves
- -R/usr/local/lib for Solaris
- Fix RSAref detection
- Fix IN6_IS_ADDR_V4MAPPED macro
2000-03-14 13:44:01 +11:00
1c67c9969c
- Include macro for IN6_IS_ADDR_V4MAPPED. Report from
...
peter@frontierflying.com
2000-03-14 10:16:34 +11:00
7bcb089ef7
- IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
2000-03-11 20:45:40 +11:00
d58b3abe0e
More config fixes
2000-03-11 20:05:11 +11:00
02491e9632
- OpenBSD CVS change
...
[sshd.c]
- disallow guessing of root password
2000-03-11 11:58:28 +11:00
b85dcad762
- Detect RSAref
2000-03-11 11:37:00 +11:00
8f975b6a18
- Removed warning workaround for Linux and devpts filesystems (no longer
...
required after OpenBSD updates)
2000-03-09 22:31:13 +11:00
98c7ad60ec
- OpenBSD CVS updates to v1.2.3
...
[ssh.h atomicio.c]
- int atomicio -> ssize_t (for alpha). ok deraadt@
[auth-rsa.c]
- delay MD5 computation until client sends response, free() early, cleanup.
[cipher.c]
- void* -> unsigned char*, ok niels@
[hostfile.c]
- remove unused variable 'len'. fix comments.
- remove unused variable
[log-client.c log-server.c]
- rename a cpp symbol, to avoid param.h collision
[packet.c]
- missing xfree()
- getsockname() requires initialized tolen; andy@guildsoftware.com
- use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
[pty.c pty.h]
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
[readconf.c]
- turn off x11-fwd for the client, too.
[rsa.c]
- PKCS#1 padding
[scp.c]
- allow '.' in usernames; from jedgar@fxp.org
[servconf.c]
- typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
- sync with sshd_config
[ssh-keygen.c]
- enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
[ssh.1]
- Change invalid 'CHAT' loglevel to 'VERBOSE'
[ssh.c]
- suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
- turn off x11-fwd for the client, too.
[sshconnect.c]
- missing xfree()
- retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp .
- read error vs. "Connection closed by remote host"
[sshd.8]
- ie. -> i.e.,
- do not link to a commercial page..
- sync with sshd_config
[sshd.c]
- no need for poll.h; from bright@wintelcom.net
- log with level log() not fatal() if peer behaves badly.
- don't panic if client behaves strange. ok deraadt@
- make no-port-forwarding for RSA keys deny both -L and -R style fwding
- delay close() of pty until the pty has been chowned back to root
- oops, fix comment, too.
- missing xfree()
- move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907 , too.
(http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907 )
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
- create x11 cookie file
- fix pr 1113, fclose() -> pclose(), todo: remote popen()
- version 1.2.3
- Cleaned up
2000-03-09 21:27:49 +11:00
1a07ebd4d8
- Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
2000-03-08 09:03:44 +11:00
65165f8d83
- Check for libwrap if --with-tcp-wrappers option specified. Suggestion
...
Mate Wierdl <mw@moni.msci.memphis.edu>
2000-03-05 17:02:45 +11:00
9fb07e4b8b
- Check for getpagesize in libucb.a if not found in libc. Fix for old
...
Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
2000-03-05 16:22:59 +11:00
fac99cd12a
- Explicitly seed OpenSSL's PRNG before checking rsa_alive()
2000-03-05 16:10:45 +11:00
01bedb83b1
- Fix DEC compile fix
2000-03-05 16:10:03 +11:00
00d4bb117a
- DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
...
- Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
2000-03-03 22:48:49 +11:00
3c7eeb2af5
- Don't permanently fail on bind() if getaddrinfo has more choices left for
...
us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
Miskiewicz <misiek@pld.org.pl>
2000-03-03 22:35:33 +11:00
4095f894dc
- Added "make host-key" target, Suggestion from Dominik Brettnacher
...
<domi@saargate.de>
2000-03-03 22:13:52 +11:00
2453d01611
- Allow root access to any key. Patch from
...
markus.friedl@informatik.uni-erlangen.de
2000-03-02 23:57:18 +11:00
204ad074e5
- Warning was valid - possible race condition on PTYs. Avoided using
...
platform-specific code.
- Document some common problems
2000-03-02 23:56:12 +11:00
c4cea3e5c7
- Avoid warning message with Unix98 ptys
2000-03-02 23:31:50 +11:00
c7d8dbbb0d
- Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
2000-03-02 23:30:53 +11:00
a22ba0152c
- Big cleanup of autoconf code
...
- Rearranged to be a little more logical
- Added -R option for Solaris
- Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
to detect library and header location _and_ ensure library has proper
RSA support built in (this is a problem with OpenSSL 0.9.5).
2000-03-02 23:09:20 +11:00
36143d7851
- Removed SOCKS code. Will support through a ProxyCommand.
2000-02-07 13:20:26 +11:00
0c0e4bfe3c
- Add --with-ssl-dir option
2000-02-03 13:58:51 +11:00
1852246d30
- Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
2000-02-03 01:07:07 +11:00
1787252789
- Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
...
- Added URLs to Japanese translations of documents by HARUYAMA Seigo
<haruyama@nt.phys.s.u-tokyo.ac.jp>
2000-02-02 20:56:20 +11:00
6552758bae
- Fix lastlog code for directory based lastlogs. Fix from Josh Durham
...
<jmd@aoe.vt.edu>
2000-02-02 19:17:40 +11:00
9e53f35a6a
- Use socket pairs by default (instead of pipes). Prevents race condition
...
on several (buggy) OSs. Report and fix from tridge@linuxcare.com
2000-02-01 23:05:30 +11:00
6034fdfd1f
- Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-29 20:55:09 +11:00
f07390e90d
- Seed OpenSSL's random number generator before generating RSA keypairs
...
- Split random collector into seperate file
2000-01-29 20:40:22 +11:00
c85f9b4851
- Added note in UPGRADING re interop with commercial SSH using idea.
...
Report from Jim Knoble <jmknoble@pobox.com>
- Fix linking order for Kerberos/AFS. Fix from Holget Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-29 10:20:21 +11:00
27f4c78698
- NeXT keeps it lastlog in /usr/adm. Report from
...
mouring@newton.pconline.com
2000-01-27 18:22:13 +11:00
7d7c60d6e7
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
...
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
2000-01-26 14:37:48 +11:00
6d84493c8b
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
...
<jmknoble@pobox.com>
2000-01-26 12:17:50 +11:00
0e1cf7caa7
- Use preformatted manpages on SCO, report from Gary E. Miller
...
<gem@rellim.com>
- New URL for x11-ssh-askpass.
2000-01-26 12:15:30 +11:00
fa51a83f54
- Reorder PAM initialisation so it does not mess up lastlog. Reported
...
by Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-26 11:07:22 +11:00
d89c24b57e
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-01-26 11:04:48 +11:00
68cee109e8
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
...
increment)
2000-01-24 17:02:27 +11:00
def0dc9bcc
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-23 20:18:35 +11:00
1fa154bb1e
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
...
<drankin@bohemians.lexington.ky.us>
2000-01-23 10:32:03 +11:00
6fe375dee4
- OpenBSD CVS:
...
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
2000-01-23 09:38:00 +11:00
1453785bb4
- OpenBSD CVS updates:
...
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
2000-01-22 19:57:40 +11:00
f052aaf9f6
- OpenBSD CVS updates:
...
- [packet.c]
use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
instead of blocking SIGINT, catch it ourselves, so that we can clean
the tty modes up and kill ourselves -- instead of our process group
leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
2000-01-22 19:47:21 +11:00
8dbbe6e546
- Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
...
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-22 18:17:42 +11:00
0727893340
- Make IPv4 use the default in RPM packages
...
- Irix uses preformatted manpages
2000-01-22 14:05:37 +11:00
670a4b8554
- Merge preformatted manpage patch from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-01-22 13:53:11 +11:00
91427007bc
- Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
...
<bent@clark.net>
2000-01-22 13:25:13 +11:00
ee1c0b3d3b
- NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
...
Christos Zoulas <christos@netbsd.org>
2000-01-21 00:18:15 +11:00
eab2ce0236
- Doc updates
2000-01-20 23:58:22 +11:00
886c63a2c5
- Big manpage and config file cleanup from Andre Lucas
...
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
2000-01-20 23:13:36 +11:00
88b86e40d6
- Big manpage and config file cleanup from Andre Lucas
...
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
2000-01-20 23:13:35 +11:00
396691ad5d
- Update to latest OpenBSD CVS:
...
- [auth-rsa.c]
- fix user/1056, sshd keeps restrictions; dbt@meat.net
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- split key exchange (kex) and user authentication (user-auth), ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth), ok: provos@
2000-01-20 22:44:08 +11:00
eca71f84cb
- Don't use getaddrinfo on AIX
2000-01-20 22:38:27 +11:00
7d80e3484b
- Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
...
addresses using getaddrinfo(). Added a configure switch to make the
default lookup mode AF_INET
2000-01-19 14:36:49 +11:00
eaf9994f7e
- SCO compile fixes from Gary E. Miller <gem@rellim.com>
2000-01-19 13:45:07 +11:00
9550a24e01
- Compile fix from Darren_Hall@progressive.com
2000-01-19 10:41:23 +11:00
e0f4574cd0
- Compile fix for HPUX and Solaris from Andre Lucas
...
<andre.lucas@dial.pipex.com>
2000-01-18 09:12:06 +11:00
ca673b3d03
- Makefile fix from Gary E. Miller <gem@rellim.com>
2000-01-18 09:01:27 +11:00
dbd250f8ab
- Fixed --with-pid-dir option
2000-01-18 08:57:14 +11:00
b13c73e385
- Substitute PID directory in sshd.8. Suggestion from Andrew
...
Stribblehill <a.d.stribblehill@durham.ac.uk>
2000-01-17 22:02:17 +11:00
6640995be8
- Patch from Christos Zoulas <christos@zoulas.com>
...
- Try $prefix first when looking for OpenSSL.
- Include sys/types.h when including sys/socket.h in test programs
2000-01-17 21:40:06 +11:00
b284b546c0
- Fix hang on logout if processes are still using the pty. Needs
...
further testing.
2000-01-17 20:55:18 +11:00
d426ed6e51
- Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
...
<jhuuskon@hytti.uku.fi>
2000-01-17 19:22:36 +11:00
19fe9c7fd8
- Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
2000-01-17 15:23:01 +11:00
e219273f93
- Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
...
INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
deliver (no IPv6 kernel kernel support)
- Released 1.2.1pre27
2000-01-17 13:22:55 +11:00
f693d3b07e
- Document location of Redhat PAM file in INSTALL.
2000-01-17 11:56:27 +11:00
834171ebca
- Revert __snprintf -> snprintf aliasing. Apparently Solaris
...
__snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
2000-01-17 09:59:41 +11:00
b9b94a74e6
- Clean up bsd-bindresvport.c. Use arc4random() for picking initial
...
port, ignore EINVAL errors (Linux) when searching for free port.
2000-01-17 09:52:46 +11:00
62a52ef08d
- Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
...
- Fixed broken bugfix for /dev/ptmx on Linux systems which lack
openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
2000-01-16 23:03:56 +11:00
8f92649441
- Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
2000-01-16 18:19:25 +11:00
5eed6a2d71
- Renamed --with-xauth-path to --with-xauth
...
- Added --with-pid-dir option
- Released 1.2.1pre26
2000-01-16 12:05:18 +11:00
b29ea913cd
- Add --with-xauth-path configure directive and explicit test for
...
/usr/openwin/bin/xauth for Solaris systems. Report from Anders
Nordby <anders@fix.no>
- Fix incorrect detection of /dev/ptmx on Linux systems that lack
openpty. Report from John Seifarth <john@waw.be>
- Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
sys/types.h. Fixes problems on SCO, report from Gary E. Miller
<gem@rellim.com>
- Use __snprintf and __vnsprintf if they are found where snprintf and
vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
and others.
2000-01-15 14:12:03 +11:00
34132e54cb
- Merged OpenBSD IPv6 patch:
...
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
[scp.c packet.h packet.c login.c log.c canohost.c channels.c]
[hostfile.c sshd_config]
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
features: sshd allows multiple ListenAddress and Port options. note
that libwrap is not IPv6-ready. (based on patches from
fujiwara@rcac.tdi.co.jp )
- [ssh.c canohost.c]
more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
from itojun@
- [channels.c]
listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
- [packet.h]
allow auth-kerberos for IPv4 only
- [scp.1 sshd.8 servconf.h scp.c]
document -4, -6, and 'ssh -L 2022/::1/22'
- [ssh.c]
'ssh @host' is illegal (null user name), from
karsten@gedankenpolizei.de
- [sshconnect.c]
better error message
- [sshd.c]
allow auth-kerberos for IPv4 only
- Big IPv6 merge:
- Cleanup overrun in sockaddr copying on RHL 6.1
- Replacements for getaddrinfo, getnameinfo, etc based on versions
from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
- Replacement for missing structures on systems that lack IPv6
- record_login needed to know about AF_INET6 addresses
- Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
25e4256ad4
- Fixes to auth-skey to enable it to use the standard OpenSSL libraries
2000-01-11 10:59:47 +11:00
fa824cbb7e
Fix typo
2000-01-07 18:51:27 +11:00
75b1d106d7
- Solaris build fix from Gary E. Miller <gem@rellim.com>
2000-01-07 14:01:41 +11:00
2edcda5d4c
- New config.sub and config.guess to fix problems on SCO. Supplied
...
by Gary E. Miller <gem@rellim.com>
2000-01-07 08:56:05 +11:00
105b7f073a
- Better KrbIV / AFS detection, based on patch from:
...
Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
2000-01-07 08:45:55 +11:00
1808f38e04
- Fixed annoying DES corruption problem. libcrypt has been
...
overriding symbols in libcrypto. Removed libcrypt and crypt.h
altogether (libcrypto includes its own crypt(1) replacement)
- Added platform-specific rules for Irix 6.x. Included warning that
they are untested.
2000-01-06 12:03:12 +11:00
62ab38ab9e
- OpenBSD CVS updates
...
- [ssh-agent.c]
cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
dgaudet@arctic.org
- [sshconnect.c]
compare correct version for 1.3 compat mode
2000-01-03 23:41:05 +11:00
e9c8f4dfdc
- Removed "nullok" directive from default PAM configuration files.
...
Added information on enabling EmptyPasswords on openssh+PAM in
UPGRADING file.
2000-01-03 20:00:52 +11:00
645c598d3c
- Add explicit make rules for files proccessed by fixpaths.
...
- Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
<tnh@kondara.org>
2000-01-03 14:42:09 +11:00
8beab01b49
- Run fixpaths before install. (Andre Lucas)
2000-01-02 11:52:49 +11:00
5121e3aaa6
- Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
...
<dgaudet@arctic.org>
2000-01-02 11:49:28 +11:00
6b85a7ffa6
- Added support for directory-based lastlogs
...
- Really fix typedefs, patch from Ben Taylor <bent@clark.net>
- Prevent multiple inclusion of config.h and defines.h. Suggested
by Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-02 11:45:33 +11:00
aa7b64d98a
- Remove test for quad_t. No longer needed.
1999-12-31 09:55:34 +11:00
e7f626c8f1
- Really fix broken default path. Fix from Jim Knoble
...
<jmknoble@pobox.com>
1999-12-31 09:49:44 +11:00
3131d8bc71
- Fill in ut_utaddr utmp field. Report from Benjamin Charron
...
<iretd@bigfoot.com>
1999-12-31 09:42:24 +11:00
b2532b3be4
- Prevent typedefs from being compiled more than once. Report from
...
Marc G. Fournier <marc.fournier@acadiau.ca>
1999-12-31 09:18:12 +11:00
03783f0477
- Fix occasional crash on LinuxPPC. Patch from Franz Sirl
...
<Franz.Sirl-kernel@lauterbach.com>
1999-12-31 09:16:40 +11:00
f3e8be87eb
- Fix broken autoconf typedef detection. Report from Marc G.
...
Fournier <marc.fournier@acadiau.ca>
1999-12-31 08:59:04 +11:00
8eb0fd6d6f
- Fix password support on systems with a mixture of shadowed and
...
non-shadowed passwords (e.g. NIS). Report and fix from
HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
1999-12-31 08:49:13 +11:00
8bdeee25f8
- Merged Dante SOCKS support patch from David Rankin
...
<drankin@bohemians.lexington.ky.us>
- Updated documentation with ./configure options
1999-12-30 15:50:54 +11:00
e72b7af17e
- Removed most of the pam code into its own file auth-pam.[ch]. This
...
cleaned up sshd.c up significantly.
- Several other cleanups
1999-12-30 15:08:44 +11:00
ece22a8312
- OpenBSD CVS updates:
...
- [auth-passwd.c]
check for NULL 1st
1999-12-30 09:48:15 +11:00
58ca7d8503
- Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
...
- Minor Makefile cleaning
1999-12-29 19:56:30 +11:00
06b472b124
*** empty log message ***
1999-12-29 19:47:06 +11:00
9505851f31
- Detect missing size_t and typedef it.
1999-12-29 10:36:45 +11:00
ac3a4b4a96
- Calls to pam_setcred, patch from Nalin Dahyabhai
...
<nalin@thermo.stat.ncsu.edu>
1999-12-29 10:25:40 +11:00
d00d1611e4
- Print whether OpenSSH was compiled with RSARef, patch from
...
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
1999-12-29 10:17:09 +11:00
e79334a2b0
- Autodetect perl, patch from David Rankin
...
<drankin@bohemians.lexington.ky.us>
1999-12-29 10:03:37 +11:00
9550a76c37
- Applied another NetBSD portability patch from David Rankin
...
<drankin@bohemians.lexington.ky.us>
- Fix --with-default-path option.
1999-12-29 02:32:22 +11:00
74d0d4a3d9
- Merged AIX patch from Darren Hall <dhall@virage.org>
...
- Cleaned up defines.h
1999-12-29 02:24:35 +11:00
beb4ba5a68
- Portability fixes for Irix 5.3 (now compiles OK!)
...
- autoconf and other misc cleanups
1999-12-28 15:09:35 +11:00
4ff2b9bf42
- NetBSD login.c compile fix from David Rankin
...
<drankin@bohemians.lexington.ky.us>
- Fully set ut_tv if present in utmp or utmpx
1999-12-28 10:41:12 +11:00
13bc0be2b6
- Replacement for getpagesize() for systems which lack it
1999-12-28 10:19:16 +11:00
68e45de53b
- OpenBSD CVS updates:
...
- [packet.h auth-rhosts.c]
check format string for packet_disconnect and packet_send_debug, too
- [channels.c]
use packet_get_maxsize for channels. consistence.
1999-12-27 23:54:55 +11:00
6a5d4d61bd
*** empty log message ***
1999-12-27 16:46:17 +11:00
e12762437c
- Use last few chars of tty line as ut_id
1999-12-27 11:33:56 +11:00
373d2917a8
- PAM bugfix. PermitEmptyPassword was being ignored.
...
- Fixed PAM config files to allow empty passwords if server does.
- Explained spurious PAM auth warning workaround in UPGRADING
1999-12-27 10:45:54 +11:00
5a3e68382d
- Added --with-default-path to specify custom path for server
...
- Removed #ifdef trickery from acconfig.h into defines.h
1999-12-27 09:48:56 +11:00
c0d7390398
- Automatically correct paths in manpages and configuration files. Patch
...
and script from Andre Lucas <andre.lucas@dial.pipex.com>
- Removed credits from README to CREDITS file, updated.
1999-12-27 09:23:58 +11:00
aae1093640
- Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com>
1999-12-26 19:38:17 +11:00
9673b2b59a
- Fixed implicit '.' in default path, report from Jim Knoble
...
<jmknoble@pobox.com>
1999-12-26 19:10:30 +11:00
4f0fa56b5d
- OpenBSD CVS update:
...
- [ssh-keygen.1 ssh.1]
remove ref to .ssh/random_seed, mention .ssh/environment in
.Sh FILES, too
1999-12-26 14:24:41 +11:00
d49621ea53
- Disable logging of PAM success and failures, PAM is verbose enough.
...
Unfortunatly there is currently no way to disable auth failure
messages. Mention this in UPGRADING file and sent message to PAM
developers
1999-12-26 14:04:33 +11:00
47707dbda3
Doh! RPM doesn't support conditional building
1999-12-26 12:46:46 +11:00
3688440c4d
- Revised RPM package to include Jim Knoble's <jmknoble@pobox.com>
...
X11 ssh-askpass program.
- Revised RPM package to use conditional building of gnome and X11
askpass packages.
1999-12-26 12:26:21 +11:00
32b3cf2c96
19991226
...
- Enabled utmpx support by default for Solaris
- Cleanup sshd.c PAM a little more
19991225
- Merged fixes from Ben Taylor <bent@clark.net>
- Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
- Disabled logging of PAM password authentication failures when password
is empty. (e.g start of authentication loop). Reported by Naz
<96na@eng.cam.ac.uk>)
1999-12-26 10:21:48 +11:00
2e1b082dfb
- Prepare for 1.2.1pre20
...
19991225
- More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
- Cleanup of auth-passwd.c for shadow and MD5 passwords
- Cleanup and bugfix of PAM authentication code
19991223
- Merged later HPUX patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Above patch included better utmpx support from Ben Taylor
<bent@clark.net>:
1999-12-25 10:11:29 +11:00
1b0c228ec4
- Fix login.c breakage on systems which lack ut_host in struct
...
utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
1999-12-22 16:09:48 +11:00
365199d8a5
- Fix undefined fd_set type in ssh.h from Povl H. Pedersen
...
<pope@netguide.dk>
1999-12-22 00:12:38 +11:00
e8852919f9
Prepare for 1.2.1pre19
1999-12-21 22:50:50 +11:00
cb7e5f9ae1
- Fix DISABLE_SHADOW support
...
- Allow MD5 passwords even if shadow passwords are disabled
1999-12-21 21:03:09 +11:00
f039badd72
- OpenBSD CVS update:
...
- [sshconnect.c]
say "REMOTE HOST IDENTIFICATION HAS CHANGED"
1999-12-21 20:57:20 +11:00
76112de734
- Integration of large HPUX patch from Andre Lucas
...
<andre.lucas@dial.pipex.com>. Integrating it had a few other
benefits:
- Ability to disable shadow passwords at configure time
- Ability to disable lastlog support at configure time
- Support for IP address in $DISPLAY
1999-12-21 11:18:08 +11:00
fdb7caf293
Avoid breakage on systems lacking IPv6 headers
1999-12-18 20:57:40 +11:00
c4c647fb94
- Redhat init script patch from Chun-Chung Chen
...
<cjj@u.washington.edu>
1999-12-18 20:54:52 +11:00
8f9d5073d8
- Correctly handle empty passwords in shadow file. Patch from:
...
"Chris, the Young One" <cky@pobox.com>
1999-12-16 15:10:45 +11:00
5e7c10eedb
- Merged OpenBSD CVS changes:
...
- [authfd.c ssh-agent.c]
keysize warnings talk about identity files
- [packet.c]
"Connection closed by x.x.x.x": fatal() -> log()
1999-12-16 13:18:04 +11:00
ab8a4da003
Doc updates
1999-12-16 13:05:30 +11:00
Damien Miller
andre