#
92912e37 |
| 14-May-2003 |
markus <markus@openbsd.org> |
http://bugzilla.mindrot.org/show_bug.cgi?id=560 Privsep child continues to run after monitor killed. Pass monitor signals through to child; Darren Tucker
|
#
819e6435 |
| 14-May-2003 |
markus <markus@openbsd.org> |
implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@ server interops with commercial client; ok jakob@ djm@
|
#
7e56a8a6 |
| 08-Apr-2003 |
itojun <itojun@openbsd.org> |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
#
be896bcf |
| 02-Apr-2003 |
markus <markus@openbsd.org> |
reapply rekeying chage, tested by henning@, ok djm@
|
#
31dc91d9 |
| 01-Apr-2003 |
markus <markus@openbsd.org> |
backout rekeying changes (for 3.6.1)
|
#
3eb3a5f4 |
| 01-Apr-2003 |
markus <markus@openbsd.org> |
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying
show more ...
|
#
f2a7fedf |
| 23-Mar-2003 |
markus <markus@openbsd.org> |
unbreak rekeying for privsep; ok millert@
|
#
ce850b03 |
| 05-Mar-2003 |
markus <markus@openbsd.org> |
fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
|
#
8ea0413e |
| 16-Feb-2003 |
markus <markus@openbsd.org> |
fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@
|
#
e39a5278 |
| 04-Feb-2003 |
markus <markus@openbsd.org> |
skey/bsdauth: use 0 to indicate failure instead of -1, because the buffer API only supports unsigned ints.
|
#
a5128fe7 |
| 05-Nov-2002 |
markus <markus@openbsd.org> |
handle overflows for size_t larger than u_int; siw@goneko.de, bug #425
|
#
0e51a5e0 |
| 26-Sep-2002 |
markus <markus@openbsd.org> |
krb4 + privsep; ok dugsong@, deraadt@
|
#
f6045d83 |
| 24-Sep-2002 |
markus <markus@openbsd.org> |
only call kerberos code for authctxt->valid
|
#
7ab27864 |
| 23-Sep-2002 |
markus <markus@openbsd.org> |
only call auth_krb5 if kerberos is enabled; ok deraadt@
|
#
a0952d72 |
| 09-Sep-2002 |
markus <markus@openbsd.org> |
signed vs unsigned from -pedantic; ok henning@
|
#
eedb1b6e |
| 09-Sep-2002 |
itojun <itojun@openbsd.org> |
kerberos support for privsep. confirmed to work by lha@stacken.kth.se patch from markus
|
#
e1f868d9 |
| 29-Aug-2002 |
stevesk <stevesk@openbsd.org> |
pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org> NOTE: there are also p-specific parts to this patch. ok markus@
|
#
1216dad0 |
| 02-Aug-2002 |
millert <millert@openbsd.org> |
Change mm_zalloc() sanity checks to be more in line with what we do in calloc() and add a check to monitor_mm.c. OK provos@ and markus@
|
#
dfc58d41 |
| 22-Jul-2002 |
stevesk <stevesk@openbsd.org> |
u_int here; ok provos@
|
#
44e05e87 |
| 27-Jun-2002 |
deraadt <deraadt@openbsd.org> |
use xfree()
|
#
b05eea9a |
| 27-Jun-2002 |
deraadt <deraadt@openbsd.org> |
improve mm_zalloc check; markus ok
|
#
6db12276 |
| 26-Jun-2002 |
deraadt <deraadt@openbsd.org> |
correct %u
|
#
5e60a1f3 |
| 26-Jun-2002 |
deraadt <deraadt@openbsd.org> |
be careful in mm_zalloc
|
#
58deecd9 |
| 22-Jun-2002 |
stevesk <stevesk@openbsd.org> |
save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@
|
#
00984f4c |
| 21-Jun-2002 |
djm <djm@openbsd.org> |
Don't initialise compression buffers when compression=no in sshd_config; ok Niels@
|