1. 16 Sep, 2006 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/09/16 19:53:37 · 3c9c1fbd
      Damien Miller authored
           [deattack.c deattack.h packet.c]
           limit maximum work performed by the CRC compensation attack detector,
           problem reported by Tavis Ormandy, Google Security Team;
           ok markus@ deraadt@
      3c9c1fbd
  2. 05 Aug, 2006 1 commit
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 · d7834353
      Damien Miller authored
           [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
           [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
           [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
           [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
           [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
           [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
           [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
           [serverloop.c session.c session.h sftp-client.c sftp-common.c]
           [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
           [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
           [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
           [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
           almost entirely get rid of the culture of ".h files that include .h files"
           ok djm, sort of ok stevesk
           makes the pain stop in one easy step
           NB. portable commit contains everything *except* removing includes.h, as
           that will take a fair bit more work as we move headers that are required
           for portability workarounds to defines.h. (also, this step wasn't "easy")
      d7834353
  3. 24 Jul, 2006 1 commit
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 · e3476ed0
      Damien Miller authored
           [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
           [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
           [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
           [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
           [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
           [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
           [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
           move #include <string.h> out of includes.h
      e3476ed0
  4. 31 Mar, 2006 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/30 09:58:16 · 3f941889
      Damien Miller authored
           [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
           [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
           replace {GET,PUT}_XXBIT macros with functionally similar functions,
           silencing a heap of lint warnings. also allows them to use
           __bounded__ checking which can't be applied to macros; requested
           by and feedback from deraadt@
      3f941889
  5. 26 Mar, 2006 3 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 13:17:03 · 57c30117
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
           [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
           [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
           [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
           [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
           [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
           [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
           [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
           [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
           [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c]
           Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
           Theo nuked - our scripts to sync -portable need them in the files
      57c30117
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 01:13:23 · 36812092
      Damien Miller authored
           [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
           [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
           [uidswap.c]
           change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
           to xrealloc(p, new_nmemb, new_itemsize).
      
           realloc is particularly prone to integer overflows because it is
           almost always allocating "n * size" bytes, so this is a far safer
           API; ok deraadt@
      36812092
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 00:05:41 · 07d86bec
      Damien Miller authored
           [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
           [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
           [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
           [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
           [xmalloc.c xmalloc.h]
           introduce xcalloc() and xasprintf() failure-checked allocations
           functions and use them throughout openssh
      
           xcalloc is particularly important because malloc(nmemb * size) is a
           dangerous idiom (subject to integer overflow) and it is time for it
           to die
      
           feedback and ok deraadt@
      07d86bec
  6. 25 Mar, 2006 2 commits
    • Damien Miller's avatar
      [deattack.c deattack.h] · 2dbbf8e9
      Damien Miller authored
           remove IV support from the CRC attack detector, OpenSSH has never used
           it - it only applied to IDEA-CFB, which we don't support.
           prompted by NetBSD Coverity report via elad AT netbsd.org;
           feedback markus@ "nuke it" deraadt@
      2dbbf8e9
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 · b0fb6872
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
           [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
           [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
           [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
           [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
           [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
           [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
           [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
           [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
           [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
           [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
           [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
           [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
           [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
           [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
           [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
           [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
           RCSID() can die
      b0fb6872
  7. 15 Mar, 2006 1 commit
  8. 22 Sep, 2003 1 commit
  9. 05 Mar, 2002 1 commit
    • Ben Lindstrom's avatar
      - stevesk@cvs.openbsd.org 2002/03/04 17:27:39 · 05764b92
      Ben Lindstrom authored
           [auth-krb5.c auth-options.h auth.h authfd.h authfile.h bufaux.h buffer.h
            channels.h cipher.h compat.h compress.h crc32.h deattack.c getput.h
            groupaccess.c misc.c mpaux.h packet.h readconf.h rsa.h scard.h
            servconf.h ssh-agent.c ssh.h ssh2.h sshpty.h sshtty.c ttymodes.h
            uuencode.c xmalloc.h]
           $OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; add
           missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c
           files.  ok markus@
      05764b92
  10. 21 Dec, 2001 1 commit
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 · 9f0f5c64
      Damien Miller authored
           [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
           [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
           [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
           [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
           [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
           [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
           [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
           [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
           basic KNF done while i was looking for something else
      9f0f5c64
  11. 06 Dec, 2001 2 commits
  12. 25 Jun, 2001 1 commit
    • Ben Lindstrom's avatar
      - itojun@cvs.openbsd.org 2001/06/23 15:12:20 · bba81213
      Ben Lindstrom authored
           [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
            canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
            hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
            readpass.c scp.c servconf.c serverloop.c session.c sftp.c
            sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
            ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
            ssh-keygen.c ssh-keyscan.c]
           more strict prototypes.  raise warning level in Makefile.inc.
           markus ok'ed
           TODO; cleanup headers
      bba81213
  13. 05 Mar, 2001 1 commit
  14. 22 Jan, 2001 1 commit
    • Ben Lindstrom's avatar
      Hopefully things did not get mixed around too much. It compiles under · 226cfa03
      Ben Lindstrom authored
      Linux and works.  So that is at least a good sign. =)
      20010122
       - (bal) OpenBSD Resync
         - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
           [servconf.c ssh.h sshd.c]
           only auth-chall.c needs #ifdef SKEY
         - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
           [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
            auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
            packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
            session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
            ssh1.h sshconnect1.c sshd.c ttymodes.c]
           move ssh1 definitions to ssh1.h, pathnames to pathnames.h
         - markus@cvs.openbsd.org 2001/01/19 16:48:14
           [sshd.8]
           fix typo; from stevesk@
         - markus@cvs.openbsd.org 2001/01/19 16:50:58
           [ssh-dss.c]
           clear and free digest, make consistent with other code (use dlen); from
           stevesk@
         - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
           [auth-options.c auth-options.h auth-rsa.c auth2.c]
           pass the filename to auth_parse_options()
         - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
           [readconf.c]
           fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
         - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
           [sshconnect2.c]
           dh_new_group() does not return NULL.  ok markus@
         - markus@cvs.openbsd.org 2001/01/20 21:33:42
           [ssh-add.c]
           do not loop forever if askpass does not exist; from
           andrew@pimlott.ne.mediaone.net
         - djm@cvs.openbsd.org 2001/01/20 23:00:56
           [servconf.c]
           Check for NULL return from strdelim; ok markus
         - djm@cvs.openbsd.org 2001/01/20 23:02:07
           [readconf.c]
           KNF; ok markus
         - jakob@cvs.openbsd.org 2001/01/21 9:00:33
           [ssh-keygen.1]
           remove -R flag; ok markus@
         - markus@cvs.openbsd.org 2001/01/21 19:05:40
           [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
            auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
            auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
            bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
            cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
            deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
            key.c key.h log-client.c log-server.c log.c log.h login.c login.h
            match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
            readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
            session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
            ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
            sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
            ttysmodes.c uidswap.c xmalloc.c]
           split ssh.h and try to cleanup the #include mess. remove unnecessary
           #includes.  rename util.[ch] -> misc.[ch]
       - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
       - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
         conflict when compiling for non-kerb install
       - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
         on 1/19.
      226cfa03
  15. 22 Dec, 2000 1 commit
    • Ben Lindstrom's avatar
      One way to massive patch. <sigh> It compiles and works under Linux.. · 46c16220
      Ben Lindstrom authored
      And I think I have all the bits right from the OpenBSD tree.
      20001222
       - Updated RCSID for pty.c
       - (bal) OpenBSD CVS Updates:
        - markus@cvs.openbsd.org 2000/12/21 15:10:16
          [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
          print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
        - markus@cvs.openbsd.org 2000/12/20 19:26:56
          [authfile.c]
          allow ssh -i userkey for root
        - markus@cvs.openbsd.org 2000/12/20 19:37:21
          [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
          fix prototypes; from stevesk@pobox.com
        - markus@cvs.openbsd.org 2000/12/20 19:32:08
          [sshd.c]
          init pointer to NULL; report from Jan.Ivan@cern.ch
        - markus@cvs.openbsd.org 2000/12/19 23:17:54
          [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
           auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
           bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
           crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
           key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
           packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
           serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
           ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h  uuencode.c
           uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
          replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
          unsigned' with u_char.
      46c16220
  16. 05 Nov, 2000 1 commit
    • Ben Lindstrom's avatar
      - (bal) Sync with OpenBSD: · f2de06ba
      Ben Lindstrom authored
         - markus@cvs.openbsd.org 2000/10/31 9:31:58
           [compat.c]
           handle all old openssh versions
         - markus@cvs.openbsd.org 2000/10/31 13:1853
           [deattack.c]
           so that large packets do not wrap "n"; from netbsd
       - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
      f2de06ba
  17. 16 Sep, 2000 1 commit
    • Damien Miller's avatar
      - (djm) Merge OpenBSD changes: · e4340be5
      Damien Miller authored
         - markus@cvs.openbsd.org  2000/09/05 02:59:57
           [session.c]
           print hostname (not hushlogin)
         - markus@cvs.openbsd.org  2000/09/05 13:18:48
           [authfile.c ssh-add.c]
           enable ssh-add -d for DSA keys
         - markus@cvs.openbsd.org  2000/09/05 13:20:49
           [sftp-server.c]
           cleanup
         - markus@cvs.openbsd.org  2000/09/06 03:46:41
           [authfile.h]
           prototype
         - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
           [ALL]
           cleanup copyright notices on all files.  I have attempted to be
           accurate with the details.  everything is now under Tatu's licence
           (which I copied from his readme), and/or the core-sdi bsd-ish thing
           for deattack, or various openbsd developers under a 2-term bsd
           licence.  We're not changing any rules, just being accurate.
         - markus@cvs.openbsd.org  2000/09/07 14:40:30
           [channels.c channels.h clientloop.c serverloop.c ssh.c]
           cleanup window and packet sizes for ssh2 flow control; ok niels
         - markus@cvs.openbsd.org  2000/09/07 14:53:00
           [scp.c]
           typo
         - markus@cvs.openbsd.org  2000/09/07 15:13:37
           [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
           [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
           [pty.c readconf.c]
           some more Copyright fixes
         - markus@cvs.openbsd.org  2000/09/08 03:02:51
           [README.openssh2]
           bye bye
         - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
           [LICENCE cipher.c]
           a few more comments about it being ARC4 not RC4
         - markus@cvs.openbsd.org  2000/09/12 14:53:11
           [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
           multiple debug levels
         - markus@cvs.openbsd.org  2000/09/14 14:25:15
           [clientloop.c]
           typo
         - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
           [ssh-agent.c]
           check return value for setenv(3) for failure, and deal appropriately
      e4340be5
  18. 23 Aug, 2000 1 commit
    • Damien Miller's avatar
      - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers · ad833b3e
      Damien Miller authored
       - (djm) OpenBSD CVS updates:
         - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
           [ssh.c]
           accept remsh as a valid name as well; roman@buildpoint.com
         - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
           [deattack.c crc32.c packet.c]
           rename crc32() to ssh_crc32() to avoid zlib name clash.  do not move to
           libz crc32 function yet, because it has ugly "long"'s in it;
           oneill@cs.sfu.ca
         - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
           [scp.1 scp.c]
           -S prog support; tv@debian.org
         - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
           [scp.c]
           knf
         - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
           [log-client.c]
           shorten
         - markus@cvs.openbsd.org  2000/08/19 12:48:11
           [channels.c channels.h clientloop.c ssh.c ssh.h]
           support for ~. in ssh2
         - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
           [crc32.h]
           proper prototype
         - markus@cvs.openbsd.org  2000/08/19 15:34:44
           [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
           [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
           [fingerprint.c fingerprint.h]
           add SSH2/DSA support to the agent and some other DSA related cleanups.
           (note that we cannot talk to ssh.com's ssh2 agents)
         - markus@cvs.openbsd.org  2000/08/19 15:55:52
           [channels.c channels.h clientloop.c]
           more ~ support for ssh2
         - markus@cvs.openbsd.org  2000/08/19 16:21:19
           [clientloop.c]
           oops
         - millert@cvs.openbsd.org 2000/08/20 12:25:53
           [session.c]
           We have to stash the result of get_remote_name_or_ip() before we
           close our socket or getpeername() will get EBADF and the process
           will exit.  Only a problem for "UseLogin yes".
         - millert@cvs.openbsd.org 2000/08/20 12:30:59
           [session.c]
           Only check /etc/nologin if "UseLogin no" since login(1) may have its
           own policy on determining who is allowed to login when /etc/nologin
           is present.  Also use the _PATH_NOLOGIN define.
         - millert@cvs.openbsd.org 2000/08/20 12:42:43
           [auth1.c auth2.c session.c ssh.c]
           Add calls to setusercontext() and login_get*().  We basically call
           setusercontext() in most places where previously we did a setlogin().
           Add default login.conf file and put root in the "daemon" login class.
         - millert@cvs.openbsd.org 2000/08/21 10:23:31
           [session.c]
           Fix incorrect PATH setting; noted by Markus.
      ad833b3e
  19. 22 Jun, 2000 1 commit
    • Damien Miller's avatar
      - OpenBSD CVS Updates: · 6536c7d3
      Damien Miller authored
         - markus@cvs.openbsd.org  2000/06/18 18:50:11
           [auth2.c compat.c compat.h sshconnect2.c]
           make userauth+pubkey interop with ssh.com-2.2.0
         - markus@cvs.openbsd.org  2000/06/18 20:56:17
           [dsa.c]
           mem leak + be more paranoid in dsa_verify.
         - markus@cvs.openbsd.org  2000/06/18 21:29:50
           [key.c]
           cleanup fingerprinting, less hardcoded sizes
         - markus@cvs.openbsd.org  2000/06/19 19:39:45
           [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
           [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
           [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
           [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
           [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
           [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
           [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
           OpenBSD tag
         - markus@cvs.openbsd.org  2000/06/21 10:46:10
           sshconnect2.c missing free; nuke old comment
      6536c7d3
  20. 24 Nov, 1999 1 commit
    • Damien Miller's avatar
      - Merged very large OpenBSD source code reformat · 95def098
      Damien Miller authored
       - OpenBSD CVS updates
         - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
           [ssh.h sshd.8 sshd.c]
           syslog changes:
           * Unified Logmessage for all auth-types, for success and for failed
           * Standard connections get only ONE line in the LOG when level==LOG:
             Auth-attempts are logged only, if authentication is:
                a) successfull or
                b) with passwd or
                c) we had more than AUTH_FAIL_LOG failues
           * many log() became verbose()
           * old behaviour with level=VERBOSE
         - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
           tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
           messages. allows use of s/key in windows (ttssh, securecrt) and
           ssh-1.2.27 clients without 'ssh -v', ok: niels@
         - [sshd.8]
           -V, for fallback to openssh in SSH2 compatibility mode
         - [sshd.c]
           fix sigchld race; cjc5@po.cwru.edu
      95def098
  21. 08 Nov, 1999 1 commit
  22. 27 Oct, 1999 1 commit