* Defining the SHA-1 hash for Secret Key Packet.
* Defining the -a and -g option.
* Catching up to 2440bis-05.
* Implementing User_Attribute_Packet.
* Implementing features and revocation_target.
* Removing macros to avoid side-effects.
installs the binaries directly in /usr and places the manpages and example
files in the correct hier(7) locations. We don't register installation in
this case because the package database can't handle it. We deal with the
ssh config files and directories as follows:
NetBSD-1.5.* use /etc/ssh_config, /etc/sshd_config
NetBSD-1.6 use /etc/ssh/ssh_config, /etc/ssh/sshd_config
We also emit a warning in the MESSAGE file that /etc/ssh.conf and
/etc/sshd.conf should be renamed in order to keep using them. Lastly,
there is a new target "tarball" to generate a tarball of the installed
files that might be used to install quickly on many machines, though it
may be only of limited utility.
These changes are only active if UPDATE_INTREE_OPENSSH is defined.
Note: it was already as part of CONFIGURE_ENV value, this change only makes
it more "readable" IMHO.
Remove explicit addition of PKG_SYSCONFDIR to BUILD_DEFS in a couple of
Makefiles.
20020626
- (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/06/23 21:34:07
[channels.c]
tcode is u_int
- markus@cvs.openbsd.org 2002/06/24 13:12:23
[ssh-agent.1]
the socket name contains ssh-agent's ppid; via mpech@ from form@
- markus@cvs.openbsd.org 2002/06/24 14:33:27
[channels.c channels.h clientloop.c serverloop.c]
move channel counter to u_int
- markus@cvs.openbsd.org 2002/06/24 14:55:38
[authfile.c kex.c ssh-agent.c]
cat to (void) when output from buffer_get_X is ignored
- itojun@cvs.openbsd.org 2002/06/24 15:49:22
[msg.c]
printf type pedant
- deraadt@cvs.openbsd.org 2002/06/24 17:57:20
[sftp-server.c sshpty.c]
explicit (u_int) for uid and gid
- markus@cvs.openbsd.org 2002/06/25 16:22:42
[authfd.c]
unnecessary cast
- markus@cvs.openbsd.org 2002/06/25 18:51:04
[sshd.c]
lightweight do_setusercontext after chroot()
- (bal) Updated AIX package build. Patch by dtucker@zip.com.au
- (tim) [Makefile.in] fix test on installing ssh-rand-helper.8
- (bal) added back in error check for mmap(). I screwed up, Pointed
out by stevesk@
- (tim) [README.privsep] UnixWare tip no longer needed.
- (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP,
but it all damned lies.
- (stevesk) [README.privsep] more for sshd pseudo-account.
- (tim) [contrib/caldera/openssh.spec] add support for privsep
- (djm) setlogin needs pgid==pid on BSD/OS; from itojun@
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/06/26 08:53:12
[bufaux.c]
limit size of BNs to 8KB; ok provos/deraadt
- markus@cvs.openbsd.org 2002/06/26 08:54:18
[buffer.c]
limit append to 1MB and buffers to 10MB
- markus@cvs.openbsd.org 2002/06/26 08:55:02
[channels.c]
limit # of channels to 10000
- markus@cvs.openbsd.org 2002/06/26 08:58:26
[session.c]
limit # of env vars to 1000; ok deraadt/djm
- deraadt@cvs.openbsd.org 2002/06/26 13:20:57
[monitor.c]
be careful in mm_zalloc
- deraadt@cvs.openbsd.org 2002/06/26 13:49:26
[session.c]
disclose less information from environment files; based on input
from djm, and dschultz@uclink.Berkeley.EDU
- markus@cvs.openbsd.org 2002/06/26 13:55:37
[auth2-chall.c]
make sure # of response matches # of queries, fixes int overflow;
from ISS
- markus@cvs.openbsd.org 2002/06/26 13:56:27
[version.h]
3.4
- (djm) Require krb5 devel for RPM build w/ KrbV
- (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai
<nalin@redhat.com>
- (djm) Update spec files for release
- (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS
- (djm) Release 3.4p1
20020625
- (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh
- (stevesk) [README.privsep] minor updates
- (djm) Create privsep directory and warn if privsep user is missing
during make install
- (bal) Started list of PrivSep issues in TODO
- (bal) if mmap() is substandard, don't allow compression on server side.
Post 'event' we will add more options.
- (tim) [contrib/caldera/openssh.spec] Sync with Caldera
- (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by
dtucker@zip.com.au
- (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus
for Cygwin, Cray, & SCO
20020624
- OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2002/06/23 03:25:50
[tildexpand.c]
KNF
- deraadt@cvs.openbsd.org 2002/06/23 03:26:19
[cipher.c key.c]
KNF
- deraadt@cvs.openbsd.org 2002/06/23 03:30:58
[scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
sshpty.c]
various KNF and %d for unsigned
- deraadt@cvs.openbsd.org 2002/06/23 09:30:14
[sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c
sftp.c]
bunch of u_int vs int stuff
- deraadt@cvs.openbsd.org 2002/06/23 09:39:55
[ssh-keygen.c]
u_int stuff
- deraadt@cvs.openbsd.org 2002/06/23 09:46:51
[bufaux.c servconf.c]
minor KNF. things the fingers do while you read
- deraadt@cvs.openbsd.org 2002/06/23 10:29:52
[ssh-agent.c sshd.c]
some minor KNF and %u
- deraadt@cvs.openbsd.org 2002/06/23 20:39:45
[session.c]
compression_level is u_int
- deraadt@cvs.openbsd.org 2002/06/23 21:06:13
[sshpty.c]
KNF
- deraadt@cvs.openbsd.org 2002/06/23 21:06:41
[channels.c channels.h session.c session.h]
display, screen, row, col, xpixel, ypixel are u_int; markus ok
- deraadt@cvs.openbsd.org 2002/06/23 21:10:02
[packet.c]
packet_get_int() returns unsigned for reason & seqnr
- (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
xpixel are u_int.
20020623
- (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX.
- (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset.
- (bal) add extern char *getopt. Based on report by dtucker@zip.com.au
- OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2002/06/22 02:00:29
[ssh.h]
correct comment
- stevesk@cvs.openbsd.org 2002/06/22 02:40:23
[ssh.1]
section 5 not 4 for ssh_config
- naddy@cvs.openbsd.org 2002/06/22 11:51:39
[ssh.1]
typo
- stevesk@cvs.openbsd.org 2002/06/22 16:32:54
[sshd.8]
add /var/empty in FILES section
- stevesk@cvs.openbsd.org 2002/06/22 16:40:19
[sshd.c]
check /var/empty owner mode; ok provos@
- stevesk@cvs.openbsd.org 2002/06/22 16:41:57
[scp.1]
typo
- stevesk@cvs.openbsd.org 2002/06/22 16:45:29
[ssh-agent.1 sshd.8 sshd_config.5]
use process ID vs. pid/PID/process identifier
- stevesk@cvs.openbsd.org 2002/06/22 20:05:27
[sshd.c]
don't call setsid() if debugging or run from inetd; no "Operation not
permitted" errors now; ok millert@ markus@
- stevesk@cvs.openbsd.org 2002/06/22 23:09:51
[monitor.c]
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
Remove `-p' from mkdir arguments, it is already part of ${MKDIR}.
While here substitute a couple of ${PREFIX} by `%D' in
`@exec ${MKDIR} ...' lines and add a couple of missing `%D' in such lines too!
(the following change may include pre-3.2.3p1 change)
20020622
- (djm) Update README.privsep; spotted by fries@
- (djm) Release 3.3p1
20020621
- (djm) Sync:
- djm@cvs.openbsd.org 2002/06/21 05:50:51
[monitor.c]
Don't initialise compression buffers when compression=no in sshd_config;
ok Niels@
- ID sync for auth-passwd.c
- (djm) Warn and disable compression on platforms which can't handle both
useprivilegeseparation=yes and compression=yes
- (djm) contrib/redhat/openssh.spec hacking:
- Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
- Add new {ssh,sshd}_config.5 manpages
- Add new ssh-keysign program and remove setuid from ssh client
20020620
- (bal) Fixed AIX environment handling, use setpcred() instead of existing
code. (Bugzilla Bug 261)
- (bal) OpenBSD CVS Sync
- todd@cvs.openbsd.org 2002/06/14 21:35:00
[monitor_wrap.c]
spelling; from Brian Poole <raj@cerias.purdue.edu>
- markus@cvs.openbsd.org 2002/06/15 00:01:36
[authfd.c authfd.h ssh-add.c ssh-agent.c]
break agent key lifetime protocol and allow other contraints for key
usage.
- markus@cvs.openbsd.org 2002/06/15 00:07:38
[authfd.c authfd.h ssh-add.c ssh-agent.c]
fix stupid typo
- markus@cvs.openbsd.org 2002/06/15 01:27:48
[authfd.c authfd.h ssh-add.c ssh-agent.c]
remove the CONSTRAIN_IDENTITY messages and introduce a new
ADD_ID message with contraints instead. contraints can be
only added together with the private key.
- itojun@cvs.openbsd.org 2002/06/16 21:30:58
[ssh-keyscan.c]
use TAILQ_xx macro. from lukem@netbsd. markus ok
- deraadt@cvs.openbsd.org 2002/06/17 06:05:56
[scp.c]
make usage like man page
- deraadt@cvs.openbsd.org 2002/06/19 00:27:55
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
- markus@cvs.openbsd.org 2002/06/19 18:01:00
[cipher.c monitor.c monitor_wrap.c packet.c packet.h]
make the monitor sync the transfer ssh1 session key;
transfer keycontext only for RC4 (this is still depends on EVP
implementation details and is broken).
- stevesk@cvs.openbsd.org 2002/06/20 19:56:07
[ssh.1 sshd.8]
move configuration file options from ssh.1/sshd.8 to
ssh_config.5/sshd_config.5; ok deraadt@ millert@
- stevesk@cvs.openbsd.org 2002/06/20 20:00:05
[scp.1 sftp.1]
ssh_config(5)
- stevesk@cvs.openbsd.org 2002/06/20 20:03:34
[ssh_config sshd_config]
refer to config file man page
- markus@cvs.openbsd.org 2002/06/20 23:05:56
[servconf.c servconf.h session.c sshd.c]
allow Compression=yes/no in sshd_config
- markus@cvs.openbsd.org 2002/06/20 23:37:12
[sshd_config]
add Compression
- stevesk@cvs.openbsd.org 2002/05/25 20:40:08
[LICENCE]
missed Per Allansson (auth2-chall.c)
- (bal) Cygwin special handling of empty passwords wrong. Patch by
vinschen@redhat.com
- (bal) Missed integrating ssh_config.5 and sshd_config.5
- (bal) Still more Makefile.in updates for ssh{d}_config.5
20020613
- (bal) typo of setgroup for cygwin. Patch by vinschen@redhat.com
20020612
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/06/11 23:03:54
[ssh.c]
remove unused cruft.
- markus@cvs.openbsd.org 2002/06/12 01:09:52
[ssh.c]
ssh_connect returns 0 on success
- (bal) Build noop setgroups() for cygwin to clean up code (For other
platforms without the setgroups() requirement, you MUST define
SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com
- (bal) Some platforms don't have ONLCR (Notable Mint)
20020611
- (bal) ssh-agent.c RCSD fix (|unexpand already done)
- (bal) OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2002/06/09 22:15:15
[ssh.1]
update for no setuid root and ssh-keysign; ok deraadt@
- itojun@cvs.openbsd.org 2002/06/09 22:17:21
[sshconnect.c]
pass salen to sockaddr_ntop so that we are happy on linux/solaris
- stevesk@cvs.openbsd.org 2002/06/10 16:53:06
[auth-rsa.c ssh-rsa.c]
display minimum RSA modulus in error(); ok markus@
- stevesk@cvs.openbsd.org 2002/06/10 16:56:30
[ssh-keysign.8]
merge in stuff from my man page; ok markus@
- stevesk@cvs.openbsd.org 2002/06/10 17:36:23
[ssh-add.1 ssh-add.c]
use convtime() to parse and validate key lifetime. can now
use '-t 2h' etc. ok markus@ provos@
- stevesk@cvs.openbsd.org 2002/06/10 17:45:20
[readconf.c ssh.1]
change RhostsRSAAuthentication and RhostsAuthentication default to no
since ssh is no longer setuid root by default; ok markus@
- stevesk@cvs.openbsd.org 2002/06/10 21:21:10
[ssh_config]
update defaults for RhostsRSAAuthentication and RhostsAuthentication
here too (all options commented out with default value).
- markus@cvs.openbsd.org 2002/06/10 22:28:41
[channels.c channels.h session.c]
move creation of agent socket to session.c; no need for uidswapping
in channel.c.
- markus@cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
- mpech@cvs.openbsd.org 2002/06/11 05:46:20
[auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
pid_t cleanup. Markus need this now to keep hacking.
markus@, millert@ ok
- itojun@cvs.openbsd.org 2002/06/11 08:11:45
[canohost.c]
use "ntop" only after initialized
- (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
vinschen@redhat.com
20020609
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/06/08 05:07:56
[ssh.c]
nuke ptrace comment
- markus@cvs.openbsd.org 2002/06/08 05:07:09
[ssh-keysign.c]
only accept 20 byte session ids
- markus@cvs.openbsd.org 2002/06/08 05:17:01
[readconf.c readconf.h ssh.1 ssh.c]
deprecate FallBackToRsh and UseRsh; patch from djm@
- markus@cvs.openbsd.org 2002/06/08 05:40:01
[readconf.c]
just warn about Deprecated options for now
- markus@cvs.openbsd.org 2002/06/08 05:41:18
[ssh_config]
remove FallBackToRsh/UseRsh
- markus@cvs.openbsd.org 2002/06/08 12:36:53
[scp.c]
remove FallBackToRsh
- markus@cvs.openbsd.org 2002/06/08 12:46:14
[readconf.c]
silently ignore deprecated options, since FallBackToRsh might be passed
by remote scp commands.
- itojun@cvs.openbsd.org 2002/06/08 21:15:27
[sshconnect.c]
always use getnameinfo. (diag message only)
- markus@cvs.openbsd.org 2002/06/09 04:33:27
[sshconnect.c]
abort() - > fatal()
- (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
independant of them)
20020607
- (bal) Removed --{enable/disable}-suid-ssh
- (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.au
- (bal) use 'LOGIN_PROGRAM' not '/usr/bin/login' in session.c patch by
Bertrand.Velle@apogee-com.fr
20020606
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:56:38
[servconf.c sshd.8 sshd_config]
re-enable privsep and disable setuid for post-3.2.2
- markus@cvs.openbsd.org 2002/05/16 22:02:50
[cipher.c kex.h mac.c]
fix warnings (openssl 0.9.7 requires const)
- stevesk@cvs.openbsd.org 2002/05/16 22:09:59
[session.c ssh.c]
don't limit xauth pathlen on client side and longer print length on
server when debug; ok markus@
- deraadt@cvs.openbsd.org 2002/05/19 20:54:52
[log.h]
extra commas in enum not 100% portable
- deraadt@cvs.openbsd.org 2002/05/22 23:18:25
[ssh.c sshd.c]
spelling; abishoff@arc.nasa.gov
- markus@cvs.openbsd.org 2002/05/23 19:24:30
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
- markus@cvs.openbsd.org 2002/05/23 19:39:34
[ssh.c]
add comment about ssh-keysign
- markus@cvs.openbsd.org 2002/05/24 08:45:14
[sshconnect2.c]
stat ssh-keysign first, print error if stat fails;
some debug->error; fix comment
- markus@cvs.openbsd.org 2002/05/25 08:50:39
[sshconnect2.c]
execlp->execl; from stevesk
- markus@cvs.openbsd.org 2002/05/25 18:51:07
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
auth2-passwd.c auth2-pubkey.c Makefile.in]
split auth2.c into one file per method; ok provos@/deraadt@
- stevesk@cvs.openbsd.org 2002/05/26 20:35:10
[ssh.1]
sort ChallengeResponseAuthentication; ok markus@
- stevesk@cvs.openbsd.org 2002/05/28 16:45:27
[monitor_mm.c]
print strerror(errno) on mmap/munmap error; ok markus@
- stevesk@cvs.openbsd.org 2002/05/28 17:28:02
[uidswap.c]
format spec change/casts and some KNF; ok markus@
- stevesk@cvs.openbsd.org 2002/05/28 21:24:00
[uidswap.c]
use correct function name in fatal()
- stevesk@cvs.openbsd.org 2002/05/29 03:06:30
[ssh.1 sshd.8]
spelling
- markus@cvs.openbsd.org 2002/05/29 11:21:57
[sshd.c]
don't start if privsep is enabled and SSH_PRIVSEP_USER or
_PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
- markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c]
use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
our own implementation. allow use of AES hardware via libcrypto,
ok deraadt@
- markus@cvs.openbsd.org 2002/05/31 10:30:33
[sshconnect2.c]
extent ssh-keysign protocol:
pass # of socket-fd to ssh-keysign, keysign verfies locally used
ip-address using this socket-fd, restricts fake local hostnames
to actual local hostnames; ok stevesk@
- markus@cvs.openbsd.org 2002/05/31 11:35:15
[auth.h auth2.c]
move Authmethod definitons to per-method file.
- markus@cvs.openbsd.org 2002/05/31 13:16:48
[key.c]
add comment:
key_verify returns 1 for a correct signature, 0 for an incorrect signature
and -1 on error.
- markus@cvs.openbsd.org 2002/05/31 13:20:50
[ssh-rsa.c]
pad received signature with leading zeros, because RSA_verify expects
a signature of RSA_size. the drafts says the signature is transmitted
unpadded (e.g. putty does not pad), reported by anakin@pobox.com
- deraadt@cvs.openbsd.org 2002/06/03 12:04:07
[ssh.h]
compatiblity -> compatibility
decriptor -> descriptor
authentciated -> authenticated
transmition -> transmission
- markus@cvs.openbsd.org 2002/06/04 19:42:35
[monitor.c]
only allow enabled authentication methods; ok provos@
- markus@cvs.openbsd.org 2002/06/04 19:53:40
[monitor.c]
save the session id (hash) for ssh2 (it will be passed with the
initial sign request) and verify that this value is used during
authentication; ok provos@
- markus@cvs.openbsd.org 2002/06/04 23:02:06
[packet.c]
remove __FUNCTION__
- markus@cvs.openbsd.org 2002/06/04 23:05:49
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
__FUNCTION__ -> __func__
- markus@cvs.openbsd.org 2002/06/05 16:08:07
[ssh-agent.1 ssh-agent.c]
'-a bind_address' binds the agent to user-specified unix-domain
socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
- markus@cvs.openbsd.org 2002/06/05 16:08:07
[ssh-agent.1 ssh-agent.c]
'-a bind_address' binds the agent to user-specified unix-domain
socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
- markus@cvs.openbsd.org 2002/06/05 16:48:54
[ssh-agent.c]
copy current request into an extra buffer and just flush this
request on errors, ok provos@
- markus@cvs.openbsd.org 2002/06/05 19:57:12
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
ssh-add -x for lock and -X for unlocking the agent.
todo: encrypt private keys with locked...
- markus@cvs.openbsd.org 2002/06/05 20:56:39
[ssh-add.c]
add -x/-X to usage
- markus@cvs.openbsd.org 2002/06/05 21:55:44
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
ssh-add -t life, Set lifetime (in seconds) when adding identities;
ok provos@
- stevesk@cvs.openbsd.org 2002/06/06 01:09:41
[monitor.h]
no trailing comma in enum; china@thewrittenword.com
- markus@cvs.openbsd.org 2002/06/06 17:12:44
[sftp-server.c]
discard remaining bytes of current request; ok provos@
- markus@cvs.openbsd.org 2002/06/06 17:30:11
[sftp-server.c]
use get_int() macro (hide iqueue)
- (bal) Missed msg.[ch] in merge. Required for ssh-keysign.
- (bal) Forgot to add msg.c Makefile.in.
- (bal) monitor_mm.c typos.
- (bal) Refixed auth2.c. It was never fully commited while spliting out
authentication to different files.
- (bal) ssh-keysign should build and install correctly now. Phase two
would be to clean out any dead wood and disable ssh setuid on install.
- (bal) Reverse logic, use __func__ first since it's C99
20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now).
20020527
- (tim) [configure.ac.orig monitor_fdpass.c] Enahnce msghdr tests to address
build problem on Irix reported by Dave Love <d.love@dl.ac.uk>. Back out
last monitor_fdpass.c changes that are no longer needed with new tests.
Patch tested on Irix by Jan-Frode Myklebust <janfrode@parallab.uib.no>
20020522
- (djm) Fix spelling mistakes, spotted by Solar Designer i
<solar@openwall.com>
- Sync scard/ (not sure when it drifted)
- (djm) OpenBSD CVS Sync:
[auth.c]
Fix typo/thinko. Pass in as to auth_approval(), not NULL.
Closes PR 2659.
- Crank version
- Crank RPM spec versions
20020521
- (stevesk) [sshd.c] bug 245; disable setsid() for now
- (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups()
20020517
- (tim) [configure.ac] remove extra MD5_MSG="no" line.
20020515
- (bal) CVS ID fix up on auth-passwd.c
- (bal) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2002/05/07 19:54:36
[ssh.h]
use ssh uid
- deraadt@cvs.openbsd.org 2002/05/08 21:06:34
[ssh.h]
move to sshd.sshd instead
- stevesk@cvs.openbsd.org 2002/05/11 20:24:48
[ssh.h]
typo in comment
- itojun@cvs.openbsd.org 2002/05/13 02:37:39
[auth-skey.c auth2.c]
less warnings. skey_{respond,query} are public (in auth.h)
- markus@cvs.openbsd.org 2002/05/13 20:44:58
[auth-options.c auth.c auth.h]
move the packet_send_debug handling from auth-options.c to auth.c;
ok provos@
- millert@cvs.openbsd.org 2002/05/13 15:53:19
[sshd.c]
Call setsid() in the child after sshd accepts the connection and forks.
This is needed for privsep which calls setlogin() when it changes uids.
Without this, there is a race where the login name of an existing
connection, as returned by getlogin(), may be changed to the privsep
user (sshd). markus@ OK
- markus@cvs.openbsd.org 2002/05/13 21:26:49
[auth-rhosts.c]
handle debug messages during rhosts-rsa and hostbased authentication;
ok provos@
- mouring@cvs.openbsd.org 2002/05/15 15:47:49
[kex.c monitor.c monitor_wrap.c sshd.c]
'monitor' variable clashes with at least one lame platform (NeXT). i
Renamed to 'pmonitor'. provos@
- deraadt@cvs.openbsd.org 2002/05/04 02:39:35
[servconf.c sshd.8 sshd_config]
enable privsep by default; provos ok
- millert@cvs.openbsd.org 2002/05/06 23:34:33
[ssh.1 sshd.8]
Kill/adjust r(login|exec)d? references now that those are no longer in
the tree.
- markus@cvs.openbsd.org 2002/05/15 21:02:53
[servconf.c sshd.8 sshd_config]
disable privsep and enable setuid for the 3.2.2 release
- (bal) Fixed up PAM case. I think.
- (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:05:29
[version.h]
enter OpenSSH_3.2.2
- (bal) Caldara, Suse, and Redhat openssh.specs updated.
Provided in PR 17326 by ISIHARA,Takanori (ishit@pluto.dti.ne.jp),
slightly modified by myself.
Arirang is a powerful webserver security scanner.
The following features are supported:
- Operating System Detect(used by NetCraft)
- webserver type scan
- CVE compatible(only NT, some Unix)
- flexible scan rule databases
- multiple hosts scan and multiple hosts webserver type scan.
- http port
- wide network(ip range) scan
- wide network webserver type scan
- patch information.(completed patch info-NT)
- http request injection.
- virtual host scan
- fast scan(used a Processes)
- recv flags
which the basesrc USE_KERBEROS variable. Discussed on packages@
This fixes PR#17182 from Takahiro Kambe. The problem was pointed out by
FUKAUMI Naoki on a Japanese NetBSD mailing list.
Changes since 1.15 :
- applied patch to fix CTX_set_default_passwd_cb() contributed
by Timo Kujala <timo.kujala@@intellitel_.com>, --Sampo
- similar patch by Chris Ridd <chris.ridd@messagingdirect.com>
- applied patch to add various API functions by mikem@open.com_.au
- 5.005_03 compat fix for Handle.pm from Jim Mintha <jim@@ic._uva.nl>
- further fixes for Net::SSLeay::Handle from jbowlin@@_linklint.org
- improved README.Win32 and added RECIPE.Win32 from
Hermann Kelley <hkelley@@secmon._com>
component for Gnome. Provided in PR 16341 by Julio Merino
(jmmv@hispabsd.org).
Seahorse is a GNOME front-end for GnuGP. It can be used for signing,
encrypting, verifying and decrypting text and files. The text can be
taken from the clipboard, or written directly in the little editor it
has. Seahorse is also a keymanager, which can be used to edit almost
all the properties of the keys stored in your keyrings.
Seahorse currently consists of two projects. Along with Seahorse
itself, a bonobo component called Seahorse-bonobo is being developed.
This bonobo component will serve as a backend to Seahorse, as the most
gnupg common functions are being implemented in it.
- a defect in the BSD_AUTH access control handling for
OpenBSD and BSD/OS systems:
Under certain conditions, on systems using YP with netgroups
in the password database, it is possible that sshd does ACL
checks for the requested user name but uses the password
database entry of a different user for authentication. This
means that denied users might authenticate successfully while
permitted users could be locked out (OpenBSD PR 2659).
- login/tty problems on Solaris (bug #245)
- build problems on Cygwin systems
Security Changes:
=================
- fixed buffer overflow in Kerberos/AFS token passing
- fixed overflow in Kerberos client code
- sshd no longer auto-enables Kerberos/AFS
- experimental support for privilege separation,
see UsePrivilegeSeparation in sshd(8) and
http://www.citi.umich.edu/u/provos/ssh/privsep.html
for more information.
- only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger
Other Changes:
==============
- improved smartcard support (including support for OpenSC, see www.opensc.org)
- improved Kerberos support (including support for MIT-Kerberos V)
- fixed stderr handling in protocol v2
- client reports failure if -R style TCP forwarding fails in protocol v2
- support configuration of TCP forwarding during interactive sessions (~C)
- improved support for older sftp servers
- improved support for importing old DSA keys (from ssh.com software).
- client side suport for PASSWD_CHANGEREQ in protocol v2
- fixed waitpid race conditions
- record correct lastlogin time
More synchronization with tweaks Jarkko have done to the
bleadperl test suite. This time various EBCDIC hacks.
Outside PERL_CORE the md5-aaa.t test loaded the wrong version of
the module (and would fail if no previous Digest::MD5 was installed).
One more test suite update from Jarkko to sync it
even better with bleadperl.
Changes #12954 and #16173 from bleadperl. Documentation typo fix
and some signed/unsigned mismatches that Microsoft's C compiler
complained about.
The EBCDIC-aware md5-aaa.t from bleadperl.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
Changes since 2.4.18:
- Corrected nasty bug in init code
- Corrected problems in Makefiles
- Minor bug fixes
- Corrected bug in mcrypt_module_open()
- Cleanups in the code.
* Secret keys are now stored and exported in a new format which
uses SHA-1 for integrity checks. This format renders the
Rosa/Klima attack useless. Other OpenPGP implementations might
not yet support this, so the option --simple-sk-checksum creates
the old vulnerable format.
* The default cipher algorithm for encryption is now CAST5,
default hash algorithm is SHA-1. This will give us better
interoperability with other OpenPGP implementations.
* Symmetric encrypted messages now use a fixed file size if
possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
6, and 7. Note this was only an issue with RFC-1991 style
symmetric messages.
* Photographic user ID support. This uses an external program to
view the images.
* Enhanced keyserver support via keyserver "plugins". GnuPG comes
with plugins for the NAI LDAP keyserver as well as the HKP email
keyserver. It retains internal support for the HKP HTTP
keyserver.
* Nonrevocable signatures are now supported. If a user signs a
key nonrevocably, this signature cannot be taken back so be
careful!
* Multiple signature classes are usable when signing a key to
specify how carefully the key information (fingerprint, photo
ID, etc) was checked.
* --pgp2 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 2.x.
* --pgp6 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 6.x.
* Signatures may now be given an expiration date. When signing a
key with an expiration date, the user is prompted whether they
want their signature to expire at the same time.
* Revocation keys (designated revokers) are now supported if
present. There is currently no way to designate new keys as
designated revokers.
* Permissions on the .gnupg directory and its files are checked
for safety.
* --expert mode enables certain silly things such as signing a
revoked user id, expired key, or revoked key.
* Some fixes to build cleanly under Cygwin32.
* New tool gpgsplit to split OpenPGP data formats into packets.
* New option --preserve-permissions.
* Subkeys created in the future are not used for encryption or
signing unless the new option --ignore-valid-from is used.
* Revoked user-IDs are not listed unless signatures are listed too
or we are in verbose mode.
* There is no default comment string with ascii armors anymore
except for revocation certificates and --enarmor mode.
* The command "primary" in the edit menu can be used to change the
primary UID, "setpref" and "updpref" can be used to change the
preferences.
* Fixed the preference handling; since 1.0.5 they were erroneously
matched against against the latest user ID and not the given one.
* RSA key generation.
* It is now possible to sign and conventional encrypt a message (-cs).
* The MDC feature flag is supported and can be set by using
the "updpref" edit command.
* The status messages GOODSIG and BADSIG are now returning the primary
UID, encoded using %XX escaping (but with spaces left as spaces,
so that it should not break too much)
* Support for GDBM based keyrings has been removed.
* The entire keyring management has been revamped.
* The way signature stati are store has changed so that v3
signatures can be supported. To increase the speed of many
operations for existing keyrings you can use the new
--rebuild-keydb-caches command.
* The entire key validation process (trustdb) has been revamped.
See the man page entries for --update-trustdb, --check-trustdb
and --no-auto-check-trustdb.
* --trusted-keys is again obsolete, --edit can be used to set the
ownertrust of any key to ultimately trusted.
* A subkey is never used to sign keys.
* Read only keyrings are now handled as expected.
April 22, 2002
New releases of RATS and EGADS
RATS 1.4 and EGADS 0.9 have been released. In addition to bugfixes for
both RATS and EGADS, RATS 1.4 includes additional win32 functions in
the database.
- Fixed COMMENT
- Updated DESCR
Changes :
- The SvPVbyte in perl-5.6.1 is buggy. Use the one from 5.7.3
instead.
- Give warning if the function interface is used as instance
methods: $md5->md5_hex().
file descriptor leak fix.
null encryption algorithm key length fix (should use 0).
couple of null-pointer reference fixes.
set port # to 500 in ID payload (possible interop issue - spec is unclear).
correctly match address pair on informational exchange.
- fmt on DESCR
Changes :
- calling context_init twice destroyed global context. fix from
Jason Heiss <jheiss@ofb.net>.
- file handle tying interface implementation moved to a separate
class to prevent problems resulting from self-tying filehandles.
Harmon S. Nine <hnine@netarx.com>.
- docs/debugging.txt file added
- require Net::SSLeay v1.08
- preliminary support for non-blocking read/write
- socketToSSL() now respects context's SSL verify setting
reported by Uri Guttman <uri@stemsystems.com>.
- change my email address
Changes since p5-Net-SSLeay-1.13 :
- added code to Makefile.PL to verify that the same C compiler
is used for both perl and openssl
- added code to Makefile.PL to support aCC on HPUX. Detective
work contributed by Marko Asplund.
- added peer certificate support to hilevel API, inspired
by mock@@_obscurity.org
- added `use bytes' from Marcus Taylor <marcus@@semantico_.com>
This avoids unicode/utf8 (as may appear in some XML docs)
from fooling the length comuptations.
OK'd by martti and garbled.
Changelog:
04 Mar 2002; changed license from "GPL, v2 or later" to "GPL v2".
04 Mar 2002; added "keychain.cygwin" for Cygwin systems. It may be time to
follow this pattern and start building separate, optimized scripts for each
platform so they don't get too sluggish. Maybe I could use a C preprocessor
for this.
06 Dec 2001; several people: Solaris doesn't like '-e' comparisons; switched
to '-f'
