da7551677b
- markus@cvs.openbsd.org 2001/12/27 18:22:16
...
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
call fatal() for openssl allocation failures
2002-01-22 23:09:22 +11:00
154dda73a8
- markus@cvs.openbsd.org 2001/12/27 18:10:29
...
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
2002-01-22 23:08:16 +11:00
aef7a095c8
- markus@cvs.openbsd.org 2001/12/25 18:53:00
...
[auth1.c]
be more carefull on allocation
2002-01-22 23:07:52 +11:00
503761ac45
- markus@cvs.openbsd.org 2001/12/25 18:49:56
...
[key.c]
be more careful on allocation
2002-01-22 23:07:21 +11:00
a055c25d05
- deraadt@cvs.openbsd.org 2001/12/24 07:29:43
...
[ssh-add.c]
try all listed keys.. how did this get broken?
(oops - that was me)
2002-01-22 23:07:01 +11:00
7c31809c4a
- markus@cvs.openbsd.org 2001/12/21 12:17:33
...
[serverloop.c]
remove ifdef for USE_PIPES since fdin != fdout; ok djm@
2002-01-22 23:06:22 +11:00
6e1057c2d7
- djm@cvs.openbsd.org 2001/12/21 10:06:43
...
[ssh-add.1 ssh-add.c]
Try all standard key files (id_rsa, id_dsa, identity) when invoked with
no arguments; ok markus@
2002-01-22 23:05:59 +11:00
f451e22e21
- djm@cvs.openbsd.org 2001/12/21 08:53:45
...
[readpass.c]
Avoid interruptable passphrase read; ok markus@
2002-01-22 23:05:31 +11:00
a41c8b15bd
- djm@cvs.openbsd.org 2001/12/21 08:52:22
...
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
2002-01-22 23:05:08 +11:00
c68d43335f
more
2002-01-22 22:26:20 +11:00
ec932376b7
- (djm) autoconf hacking:
...
- Add OpenSSL sanity check: verify that header version matches version
reported by library
2002-01-22 22:16:03 +11:00
c46cc5445d
- (djm) Fix some bugs I introduced into ssh-rand-helper yesterday
2002-01-22 21:58:27 +11:00
6c21c51c48
- (djm) autoconf hacking:
...
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
2002-01-22 21:57:53 +11:00
7b10ef4877
- (djm) Rework ssh-rand-helper:
...
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf
- Always seed from system calls, even when doing PRNGd seeding
- Tidy and comment #define knobs
- Remove unused facility for multiple runs through command list
- KNF, cleanup, update copyright
2002-01-21 23:44:12 +11:00
a234451a70
- (djm) Bug #50 - make autoconf entropy path checks more robust
2002-01-14 19:01:03 +11:00
2f8f6e3b1c
- (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does
...
not depend on transition links. from Lutz Jaenicke.
2002-01-08 21:59:06 +00:00
bb9ffc18ca
- (djm) Merge Cygwin copy_environment with do_pam_environment, removing
...
fixed env var size limit in the process. Report from Corinna Vinschen
<vinschen@redhat.com>
2002-01-08 10:59:32 +11:00
f49a1191c7
- (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u"
...
for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
2002-01-06 02:32:57 +00:00
0bd4b34c9b
- (stevesk) fix spurious ; from NCR change.
2002-01-05 23:24:27 +00:00
381d8d9d89
- (bal) NCR requies use_pipes to operate correctly.
2002-01-05 17:15:30 +00:00
f9661094e5
- (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from
...
Roger Cornelius <rac@tenzing.org>
2002-01-03 10:30:56 +11:00
b65a93d3a6
test openssh-commits list
2001-12-31 11:59:53 +11:00
bc5239bd62
testing again
2001-12-31 11:55:59 +11:00
31a5302aa9
Tweak cvsignore files
2001-12-29 18:00:08 +11:00
6a568f3ca9
- (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen
...
<vinschen@redhat.com>
2001-12-29 14:10:09 +11:00
0dea79d6b6
- (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
...
<vinschen@redhat.com> Could be abused to guess valid usernames
2001-12-29 14:08:28 +11:00
6cb127fc14
- (djm) Remove recommendation to use GNU make, we should support most
...
make programs.
2001-12-28 09:57:33 +11:00
9443508b96
- (stevesk) [Makefile.in ssh-rand-helper.c]
...
portable lib and __progname support for ssh-rand-helper; ok djm@
2001-12-25 04:32:58 +00:00
b063f01dd5
HARUYAMA Seigo has changed address
2001-12-24 14:17:21 +11:00
2ad31ee68a
- (bal) Removed contrib/chroot.diff and noted in contrib/README that it
...
was not being maintained.
2001-12-24 02:59:19 +00:00
62116dcc0a
- (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
...
solar@openwall.com
- (djm) Rework entropy code. If the OpenSSL PRNG is has not been
internally seeded, execute a subprogram "ssh-rand-helper" to obtain
some entropy for us. Rewrite the old in-process entropy collecter as
an example ssh-rand-helper.
- (djm) Always perform ssh_prng_cmds path lookups in configure, even if
we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-24 01:41:47 +11:00
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
e737856350
- markus@cvs.openbsd.org 2001/12/20 16:37:29
...
[channels.c channels.h session.c]
setup x11 listen socket for just one connect if the client requests so.
(v2 only, but the openssh client does not support this feature).
2001-12-21 14:58:35 +11:00
5a6b4fe225
- stevesk@cvs.openbsd.org 2001/12/19 17:16:13
...
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
f6681a3a96
- markus@cvs.openbsd.org 2001/12/19 16:09:39
...
[serverloop.c]
fix race between SIGCHLD and select with an additional pipe. writing
to the pipe on SIGCHLD wakes up select(). using pselect() is not
portable and siglongjmp() ugly. W. R. Stevens suggests similar solution.
initial idea by pmenage@ensim.com ; ok deraadt@, djm@
2001-12-21 14:53:11 +11:00
8db9a84310
Sync RCSIDs from Kevin's already committed patch
2001-12-21 14:51:28 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
89681214ca
- jakob@cvs.openbsd.org 2001/12/18 10:06:24
...
[auth-rsa.c]
log fingerprint on successful public key authentication, simplify usage of key structs; ok markus@
2001-12-21 12:52:39 +11:00
da9edcabf8
- jakob@cvs.openbsd.org 2001/12/18 10:05:15
...
[auth2.c]
log fingerprint on successful public key authentication; ok markus@
2001-12-21 12:48:54 +11:00
5b2aea9494
- jakob@cvs.openbsd.org 2001/12/18 10:04:21
...
[auth.h hostfile.c hostfile.h]
remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
2001-12-21 12:47:09 +11:00
83c02ef623
- markus@cvs.openbsd.org 2001/12/10 20:34:31
...
[ssh-keyscan.c]
check that server supports v1 for -t rsa1, report from wirth@dfki.de
2001-12-21 12:45:43 +11:00
72c336def6
- stevesk@cvs.openbsd.org 2001/12/10 16:45:04
...
[sshd.c]
possible fd leak on error; ok markus@
2001-12-21 12:44:28 +11:00
ee11625d43
- markus@cvs.openbsd.org 2001/12/09 18:45:56
...
[auth2.c auth2-chall.c auth.h]
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
fixes memleak.
2001-12-21 12:42:34 +11:00
3afe375fd2
- stevesk@cvs.openbsd.org 2001/12/08 17:49:28
...
[channels.c pathnames.h]
use only one path to X11 UNIX domain socket vs. an array of paths
to try. report from djast@cs.toronto.edu . ok markus@
2001-12-21 12:39:51 +11:00
faf2f6483a
- (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X
...
server. I have found this necessary to avoid server hangs with X input
extensions (e.g. kinput2). Enable by setting the environment variable
"GNOME_SSH_ASKPASS_NOGRAB"
2001-12-21 10:28:07 +11:00
366298c696
- (stevesk) OpenBSD CVS sync X11 localhost display
...
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-19 17:58:01 +00:00
73f57be500
- stevesk@cvs.openbsd.org 2001/12/06 18:20:32
...
[channels.c]
disable nagle for X11 fake server and client TCPs. from netbsd.
ok markus@
2001-12-07 17:28:34 +00:00
ccd8d07b3c
- stevesk@cvs.openbsd.org 2001/12/06 18:09:23
...
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
2001-12-07 17:26:48 +00:00
e181a4d294
- stevesk@cvs.openbsd.org 2001/12/06 18:02:32
...
[channels.c sshconnect.c]
shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
c97b1affc5
- (bal) PCRE no longer required. Banished from the source along with
...
fake-regex.h
2001-12-07 17:20:47 +00:00
Damien Miller
Kevin Steves
Ben Lindstrom