summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog22
-rw-r--r--session.c6
-rw-r--r--ssh-keyscan.11
-rw-r--r--ssh-rsa.c5
-rw-r--r--ssh.14
-rw-r--r--sshconnect.c2
-rw-r--r--sshconnect2.c18
-rw-r--r--sshd.84
-rw-r--r--sshd.c4
9 files changed, 50 insertions, 16 deletions
diff --git a/ChangeLog b/ChangeLog
index 8d6bea18..e754c900 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+20010107
+ - (bal) OpenBSD Sync
+ - markus@cvs.openbsd.org 2001/01/06 11:23:27
+ [ssh-rsa.c]
+ remove unused
+ - itojun@cvs.openbsd.org 2001/01/05 08:23:29
+ [ssh-keyscan.1]
+ missing .El
+ - markus@cvs.openbsd.org 2001/01/04 22:41:03
+ [session.c sshconnect.c]
+ consistent use of _PATH_BSHELL; from stevesk@pobox.com
+ - djm@cvs.openbsd.org 2001/01/04 22:35:32
+ [ssh.1 sshd.8]
+ Mention AES as available SSH2 Cipher; ok markus
+ - markus@cvs.openbsd.org 2001/01/04 22:25:58
+ [sshd.c]
+ sync usage()/man with defaults; from stevesk@pobox.com
+ - markus@cvs.openbsd.org 2001/01/04 22:21:26
+ [sshconnect2.c]
+ handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
+ that prints a banner (e.g. /etc/issue.net)
+
20010105
- (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
- (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()
diff --git a/session.c b/session.c
index a376aa96..74f5fe25 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.45 2000/12/19 23:17:58 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.46 2001/01/04 22:41:03 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -1336,7 +1336,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
if (!options.use_login) {
if (stat(SSH_USER_RC, &st) >= 0) {
if (debug_flag)
- fprintf(stderr, "Running "_PATH_BSHELL" %s\n", SSH_USER_RC);
+ fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, SSH_USER_RC);
f = popen(_PATH_BSHELL " " SSH_USER_RC, "w");
if (f) {
@@ -1347,7 +1347,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
fprintf(stderr, "Could not run %s\n", SSH_USER_RC);
} else if (stat(SSH_SYSTEM_RC, &st) >= 0) {
if (debug_flag)
- fprintf(stderr, "Running "_PATH_BSHELL" %s\n", SSH_SYSTEM_RC);
+ fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, SSH_SYSTEM_RC);
f = popen(_PATH_BSHELL " " SSH_SYSTEM_RC, "w");
if (f) {
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1
index efd6e744..31bae33c 100644
--- a/ssh-keyscan.1
+++ b/ssh-keyscan.1
@@ -56,6 +56,7 @@ is supplied instead of a filename,
will read hosts or
.Pa addrlist namelist
pairs from the standard input.
+.El
.Sh EXAMPLES
.Pp
Print the host key for machine
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 0f44051b..aab9168e 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.2 2000/12/19 23:17:58 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.3 2001/01/06 11:23:27 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -37,9 +37,6 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.2 2000/12/19 23:17:58 markus Exp $");
#include "key.h"
-#define INTBLOB_LEN 20
-#define SIGBLOB_LEN (2*INTBLOB_LEN)
-
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
ssh_rsa_sign(
diff --git a/ssh.1 b/ssh.1
index 40cb6dfa..f25c2998 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.74 2000/12/27 12:30:20 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.75 2001/01/04 22:35:32 djm Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
@@ -664,7 +664,7 @@ Specifies the ciphers allowed for protocol version 2
in order of preference.
Multiple ciphers must be comma-separated.
The default is
-.Dq 3des-cbc,blowfish-cbc,cast128-cbc,arcfour .
+.Dq 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc .
.It Cm Compression
Specifies whether to use compression.
The argument must be
diff --git a/sshconnect.c b/sshconnect.c
index 2102bef6..f3244d35 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.88 2001/01/02 20:50:56 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.89 2001/01/04 22:41:03 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dsa.h>
diff --git a/sshconnect2.c b/sshconnect2.c
index 34d72818..8321c9eb 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.34 2000/12/27 12:34:50 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.35 2001/01/04 22:21:26 markus Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -467,6 +467,7 @@ struct Authmethod {
void input_userauth_success(int type, int plen, void *ctxt);
void input_userauth_failure(int type, int plen, void *ctxt);
+void input_userauth_banner(int type, int plen, void *ctxt);
void input_userauth_error(int type, int plen, void *ctxt);
void input_userauth_info_req(int type, int plen, void *ctxt);
@@ -543,6 +544,7 @@ ssh_userauth2(const char *server_user, char *host)
dispatch_init(&input_userauth_error);
dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure);
+ dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner);
dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */
if (authctxt.agent != NULL)
@@ -553,7 +555,19 @@ ssh_userauth2(const char *server_user, char *host)
void
input_userauth_error(int type, int plen, void *ctxt)
{
- fatal("input_userauth_error: bad message during authentication");
+ fatal("input_userauth_error: bad message during authentication: "
+ "type %d", type);
+}
+void
+input_userauth_banner(int type, int plen, void *ctxt)
+{
+ char *msg, *lang;
+ debug3("input_userauth_banner");
+ msg = packet_get_string(NULL);
+ lang = packet_get_string(NULL);
+ fprintf(stderr, "%s", msg);
+ xfree(msg);
+ xfree(lang);
}
void
input_userauth_success(int type, int plen, void *ctxt)
diff --git a/sshd.8 b/sshd.8
index b2ff9a3e..75406781 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.76 2000/12/28 12:03:57 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.78 2001/01/04 22:35:32 djm Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -337,7 +337,7 @@ By default login is allowed regardless of the user name.
Specifies the ciphers allowed for protocol version 2.
Multiple ciphers must be comma-separated.
The default is
-.Dq 3des-cbc,blowfish-cbc,arcfour,cast128-cbc .
+.Dq 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc .
.It Cm CheckMail
Specifies whether
.Nm
diff --git a/sshd.c b/sshd.c
index dade6564..9b309b89 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.144 2000/12/28 12:03:58 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.145 2001/01/04 22:25:58 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -657,7 +657,7 @@ main(int ac, char **av)
fprintf(stderr, " -q Quiet (no logging)\n");
fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
- fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n");
+ fprintf(stderr, " -g seconds Grace period for authentication (default: 600)\n");
fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n");
fprintf(stderr, " -h file File from which to read host key (default: %s)\n",
HOST_KEY_FILE);