22 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
itojun
|
2b0a2788f2 | ssh-add.1 was fixed in master repository | ||
itojun
|
fa2e849edf |
upgrade to 2.3.0p1. XXX pathname for ssh-askpass?
20001106 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs - (djm) Manually fix up missed diff hunks (mainly RCS idents) - (djm) Remove UPGRADING document in favour of a link to the better maintained FAQ on www.openssh.com - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola <pekkas@netcore.fi> - (djm) Don't need X11-askpass in RPM spec file if building without it from Pekka Savola <pekkas@netcore.fi> - (djm) Release 2.3.0p1 20001105 - (bal) Sync with OpenBSD: - markus@cvs.openbsd.org 2000/10/31 9:31:58 [compat.c] handle all old openssh versions - markus@cvs.openbsd.org 2000/10/31 13:1853 [deattack.c] so that large packets do not wrap "n"; from netbsd - (bal) rijndel.c - fix up RCSID to match OpenBSD tree - (bal) auth2-skey.c - Checked in. Missing from portable tree. - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and setsid() into more common files - (stevesk) pty.c: use __hpux to identify HP-UX. - (bal) Missed auth-skey.o in Makefile.in and minor correction to bsd-waitpid.c 20001029 - (stevesk) Fix typo in auth.c: USE_PAM not PAM - (stevesk) Create contrib/cygwin/ directory; patch from Corinna Vinschen <vinschen@redhat.com> - (bal) Resolved more $xno and $xyes issues in configure.in - (bal) next-posix.h - spelling and forgot a prototype 20001028 - (djm) fix select hack in serverloop.c from Philippe WILLEM <Philippe.WILLEM@urssaf.fr> - (djm) Fix mangled AIXAUTHENTICATE code - (djm) authctxt->pw may be NULL. Fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> - (djm) Sync with OpenBSD: - markus@cvs.openbsd.org 2000/10/16 15:46:32 [ssh.1] fixes from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/10/17 14:28:11 [atomicio.c] return number of characters processed; ok deraadt@ - markus@cvs.openbsd.org 2000/10/18 12:04:02 [atomicio.c] undo - markus@cvs.openbsd.org 2000/10/18 12:23:02 [scp.c] replace atomicio(read,...) with read(); ok deraadt@ - markus@cvs.openbsd.org 2000/10/18 12:42:00 [session.c] restore old record login behaviour - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 [auth-skey.c] fmt string problem in unused code - provos@cvs.openbsd.org 2000/10/19 10:45:16 [sshconnect2.c] don't reference freed memory. okay deraadt@ - markus@cvs.openbsd.org 2000/10/21 11:04:23 [canohost.c] typo, eramore@era-t.ericsson.se; ok niels@ - markus@cvs.openbsd.org 2000/10/23 13:31:55 [cipher.c] non-alignment dependent swap_bytes(); from simonb@wasabisystems.com/netbsd - markus@cvs.openbsd.org 2000/10/26 12:38:28 [compat.c] add older vandyke products - markus@cvs.openbsd.org 2000/10/27 01:32:19 [channels.c channels.h clientloop.c serverloop.c session.c] [ssh.c util.c] enable non-blocking IO on channels, and tty's (except for the client ttys). 20001027 - (djm) Increase REKEY_BYTES to 2^24 for arc4random 20001025 - (djm) Added WARNING.RNG file and modified configure to ask users of the builtin entropy code to read it. - (djm) Prefer builtin regex to PCRE. - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. - (bal) Apply fixes to configure.in pointed out by Pavel Roskin <proski@gnu.org> 20001020 - (djm) Don't define _REENTRANT for SNI/Reliant Unix - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation is more correct then current version. 20001018 - (stevesk) Add initial support for setproctitle(). Current support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. - (stevesk) Add egd startup scripts to contrib/hpux/ 20001017 - (djm) Add -lregex to cywin libs from Corinna Vinschen <vinschen@cygnus.com> - (djm) Don't rely on atomicio's retval to determine length of askpass supplied passphrase. Problem report from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> - (bal) Changed from GNU rx to PCRE on suggestion from djm. - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki <nakaji@tutrp.tut.ac.jp> 20001016 - (djm) Sync with OpenBSD: - markus@cvs.openbsd.org 2000/10/14 04:01:15 [cipher.c] debug3 - markus@cvs.openbsd.org 2000/10/14 04:07:23 [scp.c] remove spaces from arguments; from djm@mindrot.org - markus@cvs.openbsd.org 2000/10/14 06:09:46 [ssh.1] Cipher is for SSH-1 only - markus@cvs.openbsd.org 2000/10/14 06:12:09 [servconf.c servconf.h serverloop.c session.c sshd.8] AllowTcpForwarding; from naddy@ - markus@cvs.openbsd.org 2000/10/14 06:16:56 [auth2.c compat.c compat.h sshconnect2.c version.h] OpenSSH_2.3; note that is is not complete, but the version number needs to be changed for interoperability reasons - markus@cvs.openbsd.org 2000/10/14 06:19:45 [auth-rsa.c] do not send RSA challenge if key is not allowed by key-options; from eivind@ThinkSec.com - markus@cvs.openbsd.org 2000/10/15 08:14:01 [rijndael.c session.c] typos; from stevesk@sweden.hp.com - markus@cvs.openbsd.org 2000/10/15 08:18:31 [rijndael.c] typo - (djm) Copy manpages back over from OpenBSD - too tedious to wade through diffs - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola <pekkas@netcore.fi> - (djm) Update version in Redhat spec file - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the Redhat 7.0 spec file - (djm) Make inability to read/write PRNG seedfile non-fatal 20001015 - (djm) Fix ssh2 hang on background processes at logout. 20001014 - (bal) Add support for realpath and getcwd for platforms with broken or missing realpath implementations for sftp-server. - (bal) Corrected mistake in INSTALL in regards to GNU rx library - (bal) Add support for GNU rx library for those lacking regexp support - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth - (djm) Revert SSH2 serverloop hack, will find a better way. - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch from Martin Johansson <fatbob@acc.umu.se> - (djm) Big OpenBSD sync: - markus@cvs.openbsd.org 2000/09/30 10:27:44 [log.c] allow loglevel debug - markus@cvs.openbsd.org 2000/10/03 11:59:57 [packet.c] hmac->mac - markus@cvs.openbsd.org 2000/10/03 12:03:03 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] move fake-auth from auth1.c to individual auth methods, disables s/key in debug-msg - markus@cvs.openbsd.org 2000/10/03 12:16:48 ssh.c do not resolve canonname, i have no idea why this was added oin ossh - markus@cvs.openbsd.org 2000/10/09 15:30:44 ssh-keygen.1 ssh-keygen.c -X now reads private ssh.com DSA keys, too. - markus@cvs.openbsd.org 2000/10/09 15:32:34 auth-options.c clear options on every call. - markus@cvs.openbsd.org 2000/10/09 15:51:00 authfd.c authfd.h interop with ssh-agent2, from <res@shore.net> - markus@cvs.openbsd.org 2000/10/10 14:20:45 compat.c use rexexp for version string matching - provos@cvs.openbsd.org 2000/10/10 22:02:18 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] First rough implementation of the diffie-hellman group exchange. The client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company. - markus@cvs.openbsd.org 2000/10/11 13:59:52 [auth-rsa.c auth2.c] clear auth options unless auth sucessfull - markus@cvs.openbsd.org 2000/10/11 14:00:27 [auth-options.h] clear auth options unless auth sucessfull - markus@cvs.openbsd.org 2000/10/11 14:03:27 [scp.1 scp.c] support 'scp -o' with help from mouring@pconline.com - markus@cvs.openbsd.org 2000/10/11 14:11:35 [dh.c] Wall - markus@cvs.openbsd.org 2000/10/11 14:14:40 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me - markus@cvs.openbsd.org 2000/10/11 14:27:24 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] [sshconnect2.c sshd.c] new cipher framework - markus@cvs.openbsd.org 2000/10/11 14:45:21 [cipher.c] remove DES - markus@cvs.openbsd.org 2000/10/12 03:59:20 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] enable DES in SSH-1 clients only - markus@cvs.openbsd.org 2000/10/12 08:21:13 [kex.h packet.c] remove unused - markus@cvs.openbsd.org 2000/10/13 12:34:46 [sshd.c] Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se - markus@cvs.openbsd.org 2000/10/13 12:59:15 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] rijndael/aes support - markus@cvs.openbsd.org 2000/10/13 13:10:54 [sshd.8] more info about -V - markus@cvs.openbsd.org 2000/10/13 13:12:02 [myproposal.h] prefer no compression - (djm) Fix scp user@host handling - (djm) Don't clobber ssh_prng_cmds on install - (stevesk) Include config.h in rijndael.c so we define intXX_t and u_intXX_t types on all platforms. - (stevesk) rijndael.c: cleanup missing declaration warnings. - (stevesk) ~/.hushlogin shouldn't cause required password change to be bypassed. - (stevesk) Display correct path to ssh-askpass in configure output. Report from Lutz Jaenicke. 20001007 - (stevesk) Print PAM return value in PAM log messages to aid with debugging. - (stevesk) Fix detection of pw_class struct member in configure; patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> 20001002 - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> - (djm) Add host system and CC to end-of-configure report. Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 20000931 - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> 20000930 - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> - (djm) Support in bsd-snprintf.c for long long conversions from Ben Lindstrom <mouring@pconline.com> - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with very short lived X connections. Bug report from Tobias Oetiker <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> - (djm) Add recent InitScripts as a RPM dependancy for openssh-server patch from Pekka Savola <pekkas@netcore.fi> - (djm) Forgot to cvs add LICENSE file - (djm) Add LICENSE to RPM spec files - (djm) CVS OpenBSD sync: - markus@cvs.openbsd.org 2000/09/26 13:59:59 [clientloop.c] use debug2 - markus@cvs.openbsd.org 2000/09/27 15:41:34 [auth2.c sshconnect2.c] use key_type() - markus@cvs.openbsd.org 2000/09/28 12:03:18 [channels.c] debug -> debug2 cleanup - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis <Alain.St-Denis@ec.gc.ca> - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. Problem was caused by interrupted read in ssh-add. Report from Donald J. Barry <don@astro.cornell.edu> 20000929 - (djm) Fix SSH2 not terminating until all background tasks done problem. - (djm) Another off-by-one fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, tidy necessary differences. Use Markus' new debugN() in entropy.c - (djm) Merged big SCO portability patch from Tim Rice <tim@multitalents.net> 20000926 - (djm) Update X11-askpass to 1.0.2 in RPM spec file - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> 20000924 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> - (djm) A bit more cleanup - created cygwin_util.h - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller <markm@swoon.net> 20000923 - (djm) Fix address logging in utmp from Kevin Steves <stevesk@sweden.hp.com> - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> - (djm) Seperate tests for int64_t and u_int64_t types - (djm) Tweak password expiry checking at suggestion of Kevin Steves <stevesk@sweden.hp.com> - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from Michael Stone <mstone@cs.loyola.edu> - (djm) OpenBSD CVS sync: - markus@cvs.openbsd.org 2000/09/17 09:38:59 [sshconnect2.c sshd.c] fix DEBUG_KEXDH - markus@cvs.openbsd.org 2000/09/17 09:52:51 [sshconnect.c] yes no; ok niels@ - markus@cvs.openbsd.org 2000/09/21 04:55:11 [sshd.8] typo - markus@cvs.openbsd.org 2000/09/21 05:03:54 [serverloop.c] typo - markus@cvs.openbsd.org 2000/09/21 05:11:42 scp.c utime() to utimes(); mouring@pconline.com - markus@cvs.openbsd.org 2000/09/21 05:25:08 sshconnect2.c change login logic in ssh2, allows plugin of other auth methods - markus@cvs.openbsd.org 2000/09/21 05:25:35 [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] [serverloop.c] add context to dispatch_run - markus@cvs.openbsd.org 2000/09/21 05:07:52 authfd.c authfd.h ssh-agent.c bug compat for old ssh.com software 20000920 - (djm) Fix bad path substitution. Report from Andrew Miner <asminer@cs.iastate.edu> 20000916 - (djm) Fix SSL search order from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. Patch from Larry Jones <larry.jones@sdrc.com> - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM password change patch. - (djm) Bring licenses on my stuff in line with OpenBSD's - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from Kevin Steves <stevesk@sweden.hp.com> - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> - (djm) Re-enable int64_t types - we need them for sftp - (djm) Use libexecdir from configure , rather than libexecdir/ssh - (djm) Update Redhat SPEC file accordingly - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter <Dirk.DeWachter@rug.ac.be> - (djm) Fixprogs and entropy list fixes from Larry Jones <larry.jones@sdrc.com> - (djm) Fix for SuSE spec file from Takashi YOSHIDA <tyoshida@gemini.rc.kyushu-u.ac.jp> - (djm) Merge OpenBSD changes: - markus@cvs.openbsd.org 2000/09/05 02:59:57 [session.c] print hostname (not hushlogin) - markus@cvs.openbsd.org 2000/09/05 13:18:48 [authfile.c ssh-add.c] enable ssh-add -d for DSA keys - markus@cvs.openbsd.org 2000/09/05 13:20:49 [sftp-server.c] cleanup - markus@cvs.openbsd.org 2000/09/06 03:46:41 [authfile.h] prototype - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 [ALL] cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate. - markus@cvs.openbsd.org 2000/09/07 14:40:30 [channels.c channels.h clientloop.c serverloop.c ssh.c] cleanup window and packet sizes for ssh2 flow control; ok niels - markus@cvs.openbsd.org 2000/09/07 14:53:00 [scp.c] typo - markus@cvs.openbsd.org 2000/09/07 15:13:37 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] [pty.c readconf.c] some more Copyright fixes - markus@cvs.openbsd.org 2000/09/08 03:02:51 [README.openssh2] bye bye - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 [LICENCE cipher.c] a few more comments about it being ARC4 not RC4 - markus@cvs.openbsd.org 2000/09/12 14:53:11 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] multiple debug levels - markus@cvs.openbsd.org 2000/09/14 14:25:15 [clientloop.c] typo - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 [ssh-agent.c] check return value for setenv(3) for failure, and deal appropriately 20000913 - (djm) Fix server not exiting with jobs in background. 20000905 - (djm) Import OpenBSD CVS changes - markus@cvs.openbsd.org 2000/08/31 15:52:24 [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] implement a SFTP server. interops with sftp2, scp2 and the windows client from ssh.com - markus@cvs.openbsd.org 2000/08/31 15:56:03 [README.openssh2] sync - markus@cvs.openbsd.org 2000/08/31 16:05:42 [session.c] Wall - markus@cvs.openbsd.org 2000/08/31 16:09:34 [authfd.c ssh-agent.c] add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 [scp.1 scp.c] cleanup and fix -S support; stevesk@sweden.hp.com - markus@cvs.openbsd.org 2000/09/01 16:29:32 [sftp-server.c] portability fixes - markus@cvs.openbsd.org 2000/09/01 16:32:41 [sftp-server.c] fix cast; mouring@pconline.com - itojun@cvs.openbsd.org 2000/09/03 09:23:28 [ssh-add.1 ssh.1] add missing .El against .Bl. - markus@cvs.openbsd.org 2000/09/04 13:03:41 [session.c] missing close; ok theo - markus@cvs.openbsd.org 2000/09/04 13:07:21 [session.c] fix get_last_login_time order; from andre@van-veen.de - markus@cvs.openbsd.org 2000/09/04 13:10:09 [sftp-server.c] more cast fixes; from mouring@pconline.com - markus@cvs.openbsd.org 2000/09/04 13:06:04 [session.c] set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net - (djm) Cleanup after import. Fix sftp-server compilation, Makefile - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> 20000903 - (djm) Fix Redhat init script 20000901 - (djm) Pick up Jim's new X11-askpass - (djm) Release 2.2.0p1 |
||
itojun
|
a9234d4232 | allow build with login.conf support enabled. PR11150. | ||
itojun
|
07fdf71656 |
inhibit login_cap support, as the code does not have fallback case
(the code rejects all login attempts if there's no login_cap entry). |
||
itojun
|
138be48fdc |
upgrade to 2.2.0p1.
--- 20000901 - (djm) Pick up Jim's new X11-askpass - (djm) Release 2.2.0p1 20000831 - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox <acox@cv.telegroup.com> - (djm) Pick up new version (2.2.0) from OpenBSD CVS 20000830 - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> - (djm) Periodically rekey arc4random - (djm) Clean up diff against OpenBSD. - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves <stevesk@sweden.hp.com> - (djm) Quieten the pam delete credentials error message - (djm) Fix printing of $DISPLAY hack if set by system type. Report from Kevin Steves <stevesk@sweden.hp.com> - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> - (djm) Fix doh in bsd-arc4random.c 20000829 - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and Garrick James <garrick@james.net> - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from Bastian Trompetter <btrompetter@firemail.de> - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> - More OpenBSD updates: - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 [scp.c] off_t in sink, to fix files > 2GB, i think, test is still running ;-) - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 [session.c] Wall - markus@cvs.openbsd.org 2000/08/26 04:33:43 [compat.c] ssh.com-2.3.0 - markus@cvs.openbsd.org 2000/08/27 12:18:05 [compat.c] compatibility with future ssh.com versions - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] print uid/gid as unsigned - markus@cvs.openbsd.org 2000/08/28 13:51:00 [ssh.c] enable -n and -f for ssh2 - markus@cvs.openbsd.org 2000/08/28 14:19:53 [ssh.c] allow combination of -N and -f - markus@cvs.openbsd.org 2000/08/28 14:20:56 [util.c] util.c - markus@cvs.openbsd.org 2000/08/28 14:22:02 [util.c] undo - markus@cvs.openbsd.org 2000/08/28 14:23:38 [util.c] don't complain if setting NONBLOCK fails with ENODEV 20000823 - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 Avoids "scp never exits" problem. Reports from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA <kajiyama@grad.sccs.chukyo-u.ac.jp> - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers - (djm) Add local version to version.h - (djm) Don't reseed arc4random everytime it is used - (djm) OpenBSD CVS updates: - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 [ssh.c] accept remsh as a valid name as well; roman@buildpoint.com - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 [deattack.c crc32.c packet.c] rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to libz crc32 function yet, because it has ugly "long"'s in it; oneill@cs.sfu.ca - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 [scp.1 scp.c] -S prog support; tv@debian.org - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 [scp.c] knf - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 [log-client.c] shorten - markus@cvs.openbsd.org 2000/08/19 12:48:11 [channels.c channels.h clientloop.c ssh.c ssh.h] support for ~. in ssh2 - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 [crc32.h] proper prototype - markus@cvs.openbsd.org 2000/08/19 15:34:44 [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] [fingerprint.c fingerprint.h] add SSH2/DSA support to the agent and some other DSA related cleanups. (note that we cannot talk to ssh.com's ssh2 agents) - markus@cvs.openbsd.org 2000/08/19 15:55:52 [channels.c channels.h clientloop.c] more ~ support for ssh2 - markus@cvs.openbsd.org 2000/08/19 16:21:19 [clientloop.c] oops - millert@cvs.openbsd.org 2000/08/20 12:25:53 [session.c] We have to stash the result of get_remote_name_or_ip() before we close our socket or getpeername() will get EBADF and the process will exit. Only a problem for "UseLogin yes". - millert@cvs.openbsd.org 2000/08/20 12:30:59 [session.c] Only check /etc/nologin if "UseLogin no" since login(1) may have its own policy on determining who is allowed to login when /etc/nologin is present. Also use the _PATH_NOLOGIN define. - millert@cvs.openbsd.org 2000/08/20 12:42:43 [auth1.c auth2.c session.c ssh.c] Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class. - millert@cvs.openbsd.org 2000/08/21 10:23:31 [session.c] Fix incorrect PATH setting; noted by Markus. 20000818 - (djm) OpenBSD CVS changes: - markus@cvs.openbsd.org 2000/07/22 03:14:37 [servconf.c servconf.h sshd.8 sshd.c sshd_config] random early drop; ok theo, niels - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 [ssh.1] typo - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 [sshd.8] many fixes from pepper@mail.reppep.com - provos@cvs.openbsd.org 2000/08/01 13:01:42 [Makefile.in util.c aux.c] rename aux.c to util.c to help with cygwin port - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 [authfd.c] correct sun_len; Alexander@Leidinger.net - provos@cvs.openbsd.org 2000/08/02 10:27:17 [readconf.c sshd.8] disable kerberos authentication by default - provos@cvs.openbsd.org 2000/08/02 11:27:05 [sshd.8 readconf.c auth-krb4.c] disallow kerberos authentication if we can't verify the TGT; from dugsong@ kerberos authentication is on by default only if you have a srvtab. - markus@cvs.openbsd.org 2000/08/04 14:30:07 [auth.c] unused - markus@cvs.openbsd.org 2000/08/04 14:30:35 [sshd_config] MaxStartups - markus@cvs.openbsd.org 2000/08/15 13:20:46 [authfd.c] cleanup; ok niels@ - markus@cvs.openbsd.org 2000/08/17 14:05:10 [session.c] cleanup login(1)-like jobs, no duplicate utmp entries - markus@cvs.openbsd.org 2000/08/17 14:06:34 [session.c sshd.8 sshd.c] sshd -u len, similar to telnetd - (djm) Lastlog was not getting closed after writing login entry - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> 20000816 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) - (djm) Fix strerror replacement for old SunOS. Based on patch from Charles Levert <charles@comm.polymtl.ca> - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 implementation. - (djm) SUN_LEN macro for systems which lack it 20000815 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> - (djm) Avoid failures on Irix when ssh is not setuid. Fix from Michael Stone <mstone@cs.loyola.edu> - (djm) Don't seek in directory based lastlogs - (djm) Fix --with-ipaddr-display configure option test. Patch from Jarno Huuskonen <jhuuskon@messi.uku.fi> - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> 20000813 - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from Fabrice bacchella <fabrice.bacchella@marchfirst.fr> 20000809 - (djm) Define AIX hard limits if headers don't. Report from Bill Painter <william.t.painter@lmco.com> - (djm) utmp direct write & SunOS 4 patch from Charles Levert <charles@comm.polymtl.ca> 20000808 - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install time, spec file cleanup. 20000807 - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke - (djm) Suppress error messages on channel close shutdown() failurs works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> - (djm) Add some more entropy collection commands from Lutz Jaenicke 20000725 - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF 20000721 - (djm) OpenBSD CVS updates: - markus@cvs.openbsd.org 2000/07/16 02:27:22 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c] make ssh-add accept dsa keys (the agent does not) - djm@cvs.openbsd.org 2000/07/17 19:25:02 [sshd.c] Another closing of stdin; ok deraadt - markus@cvs.openbsd.org 2000/07/19 18:33:12 [dsa.c] missing free, reorder - markus@cvs.openbsd.org 2000/07/20 16:23:14 [ssh-keygen.1] document input and output files 20000720 - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> 20000716 - (djm) Release 2.1.1p4 |
||
jlam
|
368af1e917 |
When looking for -lcrypto, test linking with:
-lcrypto NetBSD-1.5* -lcrypto -lrsaref OpenSSL and USE_RSAREF2=NO -lcrypto -lRSAglue -lrsaref OpenSSL and USE_RSAREF2=YES and use the first set of libraries which work. Closes the following PRs: 9820, 10268, 10681. |
||
jlam
|
62ac2ba2c3 |
Set location of ssh-askpass to be ${X11PREFIX}/bin/ssh-askpass.
Closes PR#10774. |
||
jlam
|
1693b89d3f |
Update openssh to 2.1.1p4.
Package changes: * Factor out common post-install code from PLIST and package Makefile into files/INSTALL. * Enhance files/sshd.sh to handle start/stop/restart/status. * Check for usable installed version of OpenSSL. This bit possibly closes the following PRs: 10404, 10501, 10593 Changes from 2.1.1p3: * allow multiple whitespace but only one '=' between tokens * close can fail on AFS * allow leading whitespace in configuration files * Always create ~/.ssh with mode 700 |
||
itojun
|
55320f2ae8 |
update to 2.1.1p3.
depend on openssl >= 0.9.5. see PR 10593. --- 2.1.1p2 -> 2.1.1p3 20000712 - (djm) Remove -lresolve for Reliant Unix - (djm) OpenBSD CVS Updates: - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 [session.c sshd.c ] make MaxStartups code still work with -d; djm - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 [readconf.c ssh_config] disable FallBackToRsh by default - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from Ben Lindstrom <mouring@pconline.com> - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM spec file. - (djm) Released 2.1.1p3 20000711 - (djm) Fixup for AIX getuserattr() support from Tom Bertelson <tbert@abac.com> - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom <mouring@pconline.com> - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report from Jim Watt <jimw@peisj.pebio.com> - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known to compile on more platforms (incl NeXT). - (djm) Added bsd-inet_aton and configure support for NeXT - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> - (djm) OpenBSD CVS updates: - markus@cvs.openbsd.org 2000/06/26 03:22:29 [authfd.c] cleanup, less cut&paste - markus@cvs.openbsd.org 2000/06/26 15:59:19 [servconf.c servconf.h session.c sshd.8 sshd.c] MaxStartups: limit number of unauthenticated connections, work by theo and me - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 [session.c] use no_x11_forwarding_flag correctly; provos ok - provos@cvs.openbsd.org 2000/07/05 15:35:57 [sshd.c] typo - aaron@cvs.openbsd.org 2000/07/05 22:06:58 [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] Insert more missing .El directives. Our troff really should identify these and spit out a warning. - todd@cvs.openbsd.org 2000/07/06 21:55:04 [auth-rsa.c auth2.c ssh-keygen.c] clean code is good code - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 [serverloop.c] sense of port forwarding flag test was backwards - provos@cvs.openbsd.org 2000/07/08 17:17:31 [compat.c readconf.c] replace strtok with strsep; from David Young <dyoung@onthejob.net> - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 [auth.h] KNF - ho@cvs.openbsd.org 2000/07/08 19:27:33 [compat.c readconf.c] Better conditions for strsep() ending. - ho@cvs.openbsd.org 2000/07/10 10:27:05 [readconf.c] Get the correct message on errors. (niels@ ok) - ho@cvs.openbsd.org 2000/07/10 10:30:25 [cipher.c kex.c servconf.c] strtok() --> strsep(). (niels@ ok) - (djm) Fix problem with debug mode and MaxStartups - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM builds) - (djm) Add strsep function from OpenBSD libc for systems that lack it 20000709 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from Kevin Steves <stevesk@sweden.hp.com> - (djm) Match prototype and function declaration for rresvport_af. Problem report from Niklas Edmundsson <nikke@ing.umu.se> - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> - (djm) Replace ut_name with ut_user. Patch from Jim Watt <jimw@peisj.pebio.com> - (djm) Fix pam sprintf fix - (djm) Cleanup entropy collection code a little more. Split initialisation from seeding, perform intialisation immediatly at start, be careful with uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> Including sigaction() et al. replacements - (djm) AIX getuserattr() session initialisation from Tom Bertelson <tbert@abac.com> 20000708 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from Aaron Hopkins <aaron@die.net> - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> - (djm) Fixed undefined variables for OSF SIA. Report from Baars, Henk <Hendrik.Baars@nl.origin-it.com> - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> - (djm) Don't use inet_addr. 20000702 - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> - (djm) Stop shadow expiry checking from preventing logins with NIS. Based on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from Chris, the Young One <cky@pobox.com> - (djm) Fix scp progress meter on really wide terminals. Based on patch from James H. Cloos Jr. <cloos@jhcloos.com> 20000701 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> - (djm) Login fixes from Tom Bertelson <tbert@abac.com> - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen <vinschen@cygnus.com> - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM - (djm) Added check for broken snprintf() functions which do not correctly terminate output string and attempt to use replacement. - (djm) Released 2.1.1p2 |
||
elric
|
75f6a86787 |
Added a patch file to take care of a LP64 bug, -1 != -1U. Actually when
using inet_addr(3) failure is indicated by INADDR_NONE... Addresses: pkg/10526 |
||
itojun
|
6c21f8259c |
in default sshd_config, listen to all address families available
(listens to IPv4 and IPv6 for GENERIC kernel) |
||
itojun
|
9f36490b37 |
upgrade fro 2.1.1p1 to 2.1.1p2.
--- recent changelogs 20000701 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> - (djm) Login fixes from Tom Bertelson <tbert@abac.com> - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen <vinschen@cygnus.com> - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM - (djm) Added check for broken snprintf() functions which do not correctly terminate output string and attempt to use replacement. - (djm) Released 2.1.1p2 20000628 - (djm) Fixes to lastlog code for Irix - (djm) Use atomicio in loginrec - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for Irix 6.x array sessions, project id's, and system audit trail id. - (djm) Added 'distprep' make target to simplify packaging - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA support. Enable using "USE_SIA=1 ./configure [options]" 20000627 - (djm) Fixes to login code - not setting li->uid, cleanups - (djm) Formatting 20000626 - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> - (djm) Added password expiry checking (no password change support) - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> - (djm) Fix fixed EGD code. - OpenBSD CVS update - provos@cvs.openbsd.org 2000/06/25 14:17:58 [channels.c] correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> 20000623 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from Svante Signell <svante.signell@telia.com> - (djm) Autoconf logic to define sa_family_t if it is missing - OpenBSD CVS Updates: - markus@cvs.openbsd.org 2000/06/22 10:32:27 [sshd.c] missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL - djm@cvs.openbsd.org 2000/06/22 17:55:00 [auth-krb4.c key.c radix.c uuencode.c] Missing CVS idents; ok markus 20000622 - (djm) Automatically generate host key during "make install". Suggested by Gary E. Miller <gem@rellim.com> - (djm) Paranoia before kill() system call - OpenBSD CVS Updates: - markus@cvs.openbsd.org 2000/06/18 18:50:11 [auth2.c compat.c compat.h sshconnect2.c] make userauth+pubkey interop with ssh.com-2.2.0 - markus@cvs.openbsd.org 2000/06/18 20:56:17 [dsa.c] mem leak + be more paranoid in dsa_verify. - markus@cvs.openbsd.org 2000/06/18 21:29:50 [key.c] cleanup fingerprinting, less hardcoded sizes - markus@cvs.openbsd.org 2000/06/19 19:39:45 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] OpenBSD tag - markus@cvs.openbsd.org 2000/06/21 10:46:10 sshconnect2.c missing free; nuke old comment 20000620 - (djm) Replace use of '-o' and '-a' logical operators in configure tests with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx> to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> - (djm) Typo in loginrec.c 20000618 - (djm) Add summary of configure options to end of ./configure run - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from Michael Stone <mstone@cs.loyola.edu> - (djm) rusage is a privileged operation on some Unices (incl. Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> - (djm) Avoid PAM failures when running without a TTY. Report from Martin Petrak <petrak@spsknm.schools.sk> - (djm) Include sys/types.h when including netinet/in.h in configure tests. Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support - OpenBSD CVS updates: - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 [channels.c] everyone says "nix it" (remove protocol 2 debugging message) - markus@cvs.openbsd.org 2000/06/17 13:24:34 [sshconnect.c] allow extended server banners - markus@cvs.openbsd.org 2000/06/17 14:30:10 [sshconnect.c] missing atomicio, typo - jakob@cvs.openbsd.org 2000/06/17 16:52:34 [servconf.c servconf.h session.c sshd.8 sshd_config] add support for ssh v2 subsystems. ok markus@. - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 [readconf.c servconf.c] include = in WHITESPACE; markus ok - markus@cvs.openbsd.org 2000/06/17 19:09:10 [auth2.c] implement bug compatibility with ssh-2.0.13 pubkey, server side - markus@cvs.openbsd.org 2000/06/17 21:00:28 [compat.c] initial support for ssh.com's 2.2.0 - markus@cvs.openbsd.org 2000/06/17 21:16:09 [scp.c] typo - markus@cvs.openbsd.org 2000/06/17 22:05:02 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] split auth-rsa option parsing into auth-options add options support to authorized_keys2 - markus@cvs.openbsd.org 2000/06/17 22:42:54 [session.c] typo 20000613 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: - Platform define for SCO 3.x which breaks on /dev/ptmx - Detect and try to fix missing MAXPATHLEN - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp <P.S.S.Camp@ukc.ac.uk> 20000612 - (djm) Glob manpages in RPM spec files to catch compressed files - (djm) Full license in auth-pam.c - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is def'd - Set AIX to use preformatted manpages 20000610 - (djm) Minor doc tweaks - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> 20000609 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage (in favour of utmpx) on Solaris 8 20000606 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through list of commands (by default). Removed verbose debugging (by default). - (djm) Increased command entropy estimates and default entropy collection timeout - (djm) Remove duplicate headers from loginrec.c - (djm) Don't add /usr/local/lib to library search path on Irix - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III <tibbs@math.uh.edu> - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg <zack@wolery.cumb.org> - (djm) OpenBSD CVS updates: - todd@cvs.openbsd.org [sshconnect2.c] teach protocol v2 to count login failures properly and also enable an explanation of why the password prompt comes up again like v1; this is NOT crypto - markus@cvs.openbsd.org [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] xauth_location support; pr 1234 [readconf.c sshconnect2.c] typo, unused [session.c] allow use_login only for login sessions, otherwise remote commands are execed with uid==0 [sshd.8] document UseLogin better [version.h] OpenSSH 2.1.1 [auth-rsa.c] fix match_hostname() logic for auth-rsa: deny access if we have a negative match or no match at all [channels.c hostfile.c match.c] don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via kris@FreeBSD.org |
||
itojun
|
6053a5f9c5 |
upgrade to 2.1.1p1 from portable openssh distribution.
--- changelog from 2.1.0p3: 20000609 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage (in favour of utmpx) on Solaris 8 20000606 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through list of commands (by default). Removed verbose debugging (by default). - (djm) Increased command entropy estimates and default entropy collection timeout - (djm) Remove duplicate headers from loginrec.c - (djm) Don't add /usr/local/lib to library search path on Irix - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III <tibbs@math.uh.edu> - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg <zack@wolery.cumb.org> - (djm) OpenBSD CVS updates: - todd@cvs.openbsd.org [sshconnect2.c] teach protocol v2 to count login failures properly and also enable an explanation of why the password prompt comes up again like v1; this is NOT crypto - markus@cvs.openbsd.org [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] xauth_location support; pr 1234 [readconf.c sshconnect2.c] typo, unused [session.c] allow use_login only for login sessions, otherwise remote commands are execed with uid==0 [sshd.8] document UseLogin better [version.h] OpenSSH 2.1.1 [auth-rsa.c] fix match_hostname() logic for auth-rsa: deny access if we have a negative match or no match at all [channels.c hostfile.c match.c] don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via kris@FreeBSD.org 20000606 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to configure. 20000604 - Configure tweaking for new login code on Irix 5.3 - (andre) login code changes based on djm feedback 20000603 - (andre) New login code - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c - Add loginrec.[ch], logintest.c and autoconf code 20000531 - Cleanup of auth.c, login.c and fake-* - Cleanup of auth-pam.c, save and print "account expired" error messages - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> - Rewrote bsd-login to use proper utmp API if available. Major cleanup of fallback DIY code. |
||
itojun
|
e1270396dd |
upgrade to 2.1.0p3.
there are too many changes to mention here. the biggest change would be the addition of SSH protocol version 2 (uses DSA). |
||
fredb
|
072659e456 | Fix one more nroff warning. | ||
fredb
|
be821492b2 | Fix some warnings from "nroff". | ||
fredb
|
1635def7ac | Defuzz patch. | ||
itojun
|
4b2cc61c24 | upgrade to 1.2.3. make it conflict with security/ssh6. | ||
itojun
|
8e32020ae3 |
fix compilation on IPv6-ready environment.
the reason of failure: openssh configure.in tries to include specwise incorrect header (netinet/in6.h), and checks for function availablility with too high warning level. |
||
hubertf
|
f94e39a671 |
Clean this up, sync with the ssh package, and update to
1.2.2 (fixing PR 9304 by David Rankin <drankin@bohemians.lexington.ky.us>. Changes: 20000125 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas <andre.lucas@dial.pipex.com> - Reorder PAM initialisation so it does not mess up lastlog. Reported by Andre Lucas <andre.lucas@dial.pipex.com> - Use preformatted manpages on SCO, report from Gary E. Miller <gem@rellim.com> - New URL for x11-ssh-askpass. - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble <jmknoble@pobox.com> - Added 'DESTDIR' option to Makefile to ease package building. Patch from Jim Knoble <jmknoble@pobox.com> - Updated RPM spec files to use DESTDIR 20000124 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number increment) 20000123 - OpenBSD CVS: - [packet.c] getsockname() requires initialized tolen; andy@guildsoftware.com - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin <drankin@bohemians.lexington.ky.us> - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> 20000122 - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor <bent@clark.net> - Merge preformatted manpage patch from Andre Lucas <andre.lucas@dial.pipex.com> - Make IPv4 use the default in RPM packages - Irix uses preformatted manpages - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> - OpenBSD CVS updates: - [packet.c] use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; from Holger.Trapp@Informatik.TU-Chemnitz.DE - [sshd.c] log with level log() not fatal() if peer behaves badly. - [readpass.c] instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed.. - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] ie. -> i.e., 20000120 - Don't use getaddrinfo on AIX - Update to latest OpenBSD CVS: - [auth-rsa.c] - fix user/1056, sshd keeps restrictions; dbt@meat.net - [sshconnect.c] - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - destroy keys earlier - split key exchange (kex) and user authentication (user-auth), ok: provos@ - [sshd.c] - no need for poll.h; from bright@wintelcom.net - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - split key exchange (kex) and user authentication (user-auth), ok: provos@ - [sshd.c] - no need for poll.h; from bright@wintelcom.net - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. - split key exchange (kex) and user authentication (user-auth), ok: provos@ - Big manpage and config file cleanup from Andre Lucas <andre.lucas@dial.pipex.com> - Re-added latest (unmodified) OpenBSD manpages - Doc updates - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and Christos Zoulas <christos@netbsd.org> 20000119 - SCO compile fixes from Gary E. Miller <gem@rellim.com> - Compile fix from Darren_Hall@progressive.com - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC addresses using getaddrinfo(). Added a configure switch to make the default lookup mode AF_INET 20000118 - Fixed --with-pid-dir option - Makefile fix from Gary E. Miller <gem@rellim.com> - Compile fix for HPUX and Solaris from Andre Lucas <andre.lucas@dial.pipex.com> |
||
christos
|
d7b13dd9b0 | make this work under current too. | ||
christos
|
bc7de9ae5c |
New openssh package [needs some cleanup]
- it is not enabled by default (need to think what to do with the ssh conflict) - only tested under 1.4.1 so far |