Граф коммитов

33 Коммитов

Автор SHA1 Сообщение Дата
Damien Miller 6536c7d3c9 - OpenBSD CVS Updates:
- markus@cvs.openbsd.org  2000/06/18 18:50:11
     [auth2.c compat.c compat.h sshconnect2.c]
     make userauth+pubkey interop with ssh.com-2.2.0
   - markus@cvs.openbsd.org  2000/06/18 20:56:17
     [dsa.c]
     mem leak + be more paranoid in dsa_verify.
   - markus@cvs.openbsd.org  2000/06/18 21:29:50
     [key.c]
     cleanup fingerprinting, less hardcoded sizes
   - markus@cvs.openbsd.org  2000/06/19 19:39:45
     [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
     [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
     [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
     [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
     [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
     [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
     [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
     OpenBSD tag
   - markus@cvs.openbsd.org  2000/06/21 10:46:10
     sshconnect2.c missing free; nuke old comment
2000-06-22 21:32:31 +10:00
andre 61e67250dc Many changes to new login code based on Damien's feedback:
- Removed many redundant accessor/mutator methods as they're not necesary
   in OpenSSH
- Added proper credits for OpenBSD code in loginrec.c
- Changed function definitions to the OpenBSD style
- Removed spurious 'L' prefix in line filename abbreviation for ut_line
- Added some documentation in loginrec.c
- Changed lastlog access function names
- Removed #include lines in mid-file loginrec.c
- loginrec.h, login.c and logintest.c changed to reflect new interface
- Added TODO note for ttyslot() replacement
2000-06-04 17:07:49 +00:00
andre 2ff7b5d028 Added new login recording code
Added test program for login code (make logintest)
2000-06-03 14:57:40 +00:00
Damien Miller 1c77392bce - Rewrote bsd-login to use proper utmp API if available. Major cleanup
of fallback DIY code.
2000-05-31 13:57:18 +10:00
Damien Miller 2f6a0ad191 - Cleanup of auth.c, login.c and fake-*
- Cleanup of auth-pam.c, save and print "account expired" error messages
2000-05-31 11:20:11 +10:00
Damien Miller c252e2efa1 - Fix buffer overrun in login.c for systems which use syslen in utmpx.
patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
2000-05-30 13:12:46 +10:00
Damien Miller d2c208a2d3 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix 2000-05-17 22:00:02 +10:00
Damien Miller 8d1fd57a97 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
- Fixes command line printing segfaults (spotter: Bladt Norbert)
  - Fixes erroneous printing of debug messages to syslog
  - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
  - Gives useful error message if PRNG initialisation fails
  - Reduced ssh startup delay
  - Measures cumulative command time rather than the time between reads
	 after select()
  - 'fixprogs' perl script to eliminate non-working entropy commands, and
	 optionally run 'ent' to measure command entropy
2000-05-17 21:34:07 +10:00
Damien Miller 0e489dc5ae - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
<gd@hilb1.medat.de>
2000-05-01 22:53:53 +10:00
Damien Miller 166fca8894 - Sync with OpenBSD CVS:
[clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
  - pid_t
  [session.c]
  - remove bogus chan_read_failed. this could cause data
    corruption (missing data) at end of a SSH2 session.
2000-04-20 07:42:21 +10:00
Damien Miller 4af51306d9 - OpenBSD CVS updates.
[ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   - whitespace cleanup
2000-04-16 11:18:38 +10:00
Damien Miller 6552758bae - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
<jmd@aoe.vt.edu>
2000-02-02 19:17:40 +11:00
Damien Miller 6034fdfd1f - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> 2000-01-29 20:55:09 +11:00
Damien Miller d89c24b57e - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
2000-01-26 11:04:48 +11:00
Damien Miller def0dc9bcc - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> 2000-01-23 20:18:35 +11:00
Damien Miller 34132e54cb - Merged OpenBSD IPv6 patch:
- [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
     [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
     [hostfile.c sshd_config]
     ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
     features: sshd allows multiple ListenAddress and Port options. note
     that libwrap is not IPv6-ready. (based on patches from
     fujiwara@rcac.tdi.co.jp)
   - [ssh.c canohost.c]
     more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
     from itojun@
   - [channels.c]
     listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
   - [packet.h]
     allow auth-kerberos for IPv4 only
   - [scp.1 sshd.8 servconf.h scp.c]
     document -4, -6, and 'ssh -L 2022/::1/22'
   - [ssh.c]
     'ssh @host' is illegal (null user name), from
     karsten@gedankenpolizei.de
   - [sshconnect.c]
     better error message
   - [sshd.c]
     allow auth-kerberos for IPv4 only
 - Big IPv6 merge:
   - Cleanup overrun in sockaddr copying on RHL 6.1
   - Replacements for getaddrinfo, getnameinfo, etc based on versions
     from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
   - Replacement for missing structures on systems that lack IPv6
   - record_login needed to know about AF_INET6 addresses
   - Borrowed more code from OpenBSD: rresvport_af and requisites
2000-01-14 15:45:46 +11:00
Damien Miller 6b85a7ffa6 - Added support for directory-based lastlogs
- Really fix typedefs, patch from Ben Taylor <bent@clark.net>
 - Prevent multiple inclusion of config.h and defines.h. Suggested
   by Andre Lucas <andre.lucas@dial.pipex.com>
2000-01-02 11:45:33 +11:00
Damien Miller 3131d8bc71 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
<iretd@bigfoot.com>
1999-12-31 09:42:24 +11:00
Damien Miller 9550a76c37 - Applied another NetBSD portability patch from David Rankin
<drankin@bohemians.lexington.ky.us>
 - Fix --with-default-path option.
1999-12-29 02:32:22 +11:00
Damien Miller 4ff2b9bf42 - NetBSD login.c compile fix from David Rankin
<drankin@bohemians.lexington.ky.us>
 - Fully set ut_tv if present in utmp or utmpx
1999-12-28 10:41:12 +11:00
Damien Miller e12762437c - Use last few chars of tty line as ut_id 1999-12-27 11:33:56 +11:00
Damien Miller 32b3cf2c96 19991226
- Enabled utmpx support by default for Solaris
 - Cleanup sshd.c PAM a little more

19991225
 - Merged fixes from Ben Taylor <bent@clark.net>
 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
 - Disabled logging of PAM password authentication failures when password
   is empty. (e.g start of authentication loop). Reported by Naz
   <96na@eng.cam.ac.uk>)
1999-12-26 10:21:48 +11:00
Damien Miller 2e1b082dfb - Prepare for 1.2.1pre20
19991225
 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
 - Cleanup of auth-passwd.c for shadow and MD5 passwords
 - Cleanup and bugfix of PAM authentication code

19991223
 - Merged later HPUX patch from Andre Lucas
   <andre.lucas@dial.pipex.com>
 - Above patch included better utmpx support from Ben Taylor
   <bent@clark.net>:
1999-12-25 10:11:29 +11:00
Damien Miller 1b0c228ec4 - Fix login.c breakage on systems which lack ut_host in struct
utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
1999-12-22 16:09:48 +11:00
Damien Miller ca9fbb6eac Fix broken macros 1999-12-21 21:30:56 +11:00
Damien Miller 76112de734 - Integration of large HPUX patch from Andre Lucas
<andre.lucas@dial.pipex.com>. Integrating it had a few other
   benefits:
   - Ability to disable shadow passwords at configure time
   - Ability to disable lastlog support at configure time
   - Support for IP address in $DISPLAY
1999-12-21 11:18:08 +11:00
Damien Miller 368cf64d5c Made utmpx optional 1999-12-21 09:51:36 +11:00
Damien Miller bf1c9b2012 - Import of patch from Ben Taylor <bent@clark.net>:
- Improved PAM support
   - "uninstall" rule for Makefile
   - utmpx support
   - Should fix PAM problems on Solaris
1999-12-09 10:16:54 +11:00
Damien Miller 063fdf8275 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> 1999-11-25 13:08:31 +11:00
Damien Miller 5428f646ad - More reformatting merged from OpenBSD CVS
- Merged OpenBSD CVS changes:
   - [channels.c]
     report from mrwizard@psu.edu via djm@ibs.com.au
   - [channels.c]
     set SO_REUSEADDR and SO_LINGER for forwarded ports.
     chip@valinux.com via damien@ibs.com.au
   - [nchan.c]
     it's not an error() if shutdown_write failes in nchan.
   - [readconf.c]
     remove dead #ifdef-0-code
   - [readconf.c servconf.c]
     strcasecmp instead of tolower
   - [scp.c]
     progress meter overflow fix from damien@ibs.com.au
   - [ssh-add.1 ssh-add.c]
     SSH_ASKPASS support
   - [ssh.1 ssh.c]
     postpone fork_after_authentication until command execution,
     request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
     plus: use daemon() for backgrounding
1999-11-25 11:54:57 +11:00
Damien Miller 95def09838 - Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
   - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
     [ssh.h sshd.8 sshd.c]
     syslog changes:
     * Unified Logmessage for all auth-types, for success and for failed
     * Standard connections get only ONE line in the LOG when level==LOG:
       Auth-attempts are logged only, if authentication is:
          a) successfull or
          b) with passwd or
          c) we had more than AUTH_FAIL_LOG failues
     * many log() became verbose()
     * old behaviour with level=VERBOSE
   - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
     tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
     messages. allows use of s/key in windows (ttssh, securecrt) and
     ssh-1.2.27 clients without 'ssh -v', ok: niels@
   - [sshd.8]
     -V, for fallback to openssh in SSH2 compatibility mode
   - [sshd.c]
     fix sigchld race; cjc5@po.cwru.edu
1999-11-25 00:26:21 +11:00
Damien Miller ab18c412e6 - Added (untested) Entropy Gathering Daemon (EGD) support
- Merged several minor fixed:
   - ssh-agent commandline parsing
   - RPM spec file now installs ssh setuid root
   - Makefile creates libdir
   - Merged beginnings of Solaris compability from Marc G. Fournier
     <marc.fournier@acadiau.ca>
1999-11-11 10:40:23 +11:00
Damien Miller d4a8b7e34d Initial revision 1999-10-27 13:42:43 +10:00