path: root/compat.h
AgeCommit message (Collapse)Author
2001-07-04 - 2001/06/26 17:27:25Ben Lindstrom
[authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h compat.h compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h tildexpand.h uidswap.h uuencode.h xmalloc.h] remove comments from .h, since they are cut&paste from the .c files and out of sync
2001-07-04 - 2001/06/26 06:32:58Ben Lindstrom
[atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h compat.h compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h radix.h readconf.h readpass.h rsa.h] prototype pedant. not very creative... - () -> (void) - no variable names
2001-07-04 - 2001/06/25 08:25:41Ben Lindstrom
[channels.c channels.h cipher.c clientloop.c compat.c compat.h hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] update copyright for 2001
2001-04-30 - 2001/04/30 15:50:46Ben Lindstrom
[compat.c compat.h kex.c] allow interop with weaker key generation used by ssh-2.0.x, x < 10
2001-04-29 - 2001/04/29 19:16:52Ben Lindstrom
[channels.c clientloop.c compat.c compat.h serverloop.c] more bug-compat; from
2001-04-12 - 2001/04/12 19:15:26Ben Lindstrom
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-05 - 2001/04/05 11:09:17Ben Lindstrom
[clientloop.c compat.c compat.h] add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-03-29 - 2001/03/27 17:46:50Ben Lindstrom
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@
2001-03-29 - 2001/03/27 10:57:00Ben Lindstrom
[compat.c compat.h ssh-rsa.c] some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 signatures in SSH protocol 2, ok djm@
2001-03-24 - 2001/03/23 11:04:07Ben Lindstrom
[compat.c compat.h sshconnect2.c sshd.c] Compat for OpenSSH with broken Rijndael/AES. ok markus@
2001-03-19 - 2001/03/18 23:30:55Damien Miller
[compat.c compat.h sshd.c] specifically version match on ssh scanners. do not log scan information to the console
2001-03-10 - 2001/03/10 15:31:00Ben Lindstrom
[compat.c compat.h sshconnect.c] all known netscreen ssh versions, and older versions of OSU ssh cannot handle password padding (newer OSU is fixed)
2001-03-09 - 2001/03/08 21:42:33Ben Lindstrom
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c] implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key -> no need to do enter passphrase or do expensive sign operations if the server does not accept key).
2001-02-19 - OpenBSD CVS Sync:Damien Miller
- 2001/02/17 08:24:40 [sftp.1] typo - 2001/02/17 16:28:58 [ssh.c] cleanup -V output; noted by millert - 2001/02/17 16:48:48 [sshd.8] it's the OpenSSH one - 2001/02/18 11:33:54 [dispatch.c] typo, SSH2_MSG_KEXINIT, from - 2001/02/19 02:53:32 [compat.c compat.h serverloop.c] ssh-1.2.{18-22} has broken handling of ignore messages; report from itojun@ - 2001/02/19 03:35:23 [version.h] OpenSSH_2.5.1 adds bug compat with 1.2.{18-22} - 2001/02/19 03:36:25 [scp.c] np is changed by recursion;
2001-01-09 - (bal) OpenBSD SyncBen Lindstrom
- 2001/01/08 22:29:05 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8 sshd_config version.h] implement option 'Banner /etc/' for ssh2, move version to 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner is enabled). - 2001/01/08 22:03:23 [channels.c ssh-keyscan.c] O_NDELAY -> O_NONBLOCK; thanks - 2001/01/08 21:55:41 [sshconnect1.c] more cleanups and fixes from 1) try_agent_authentication() for loop will overwrite key just allocated with key_new(); don't alloc 2) call ssh_close_authentication_connection() before exit try_agent_authentication() 3) free mem on bad passphrase in try_rsa_authentication() - 2001/01/08 21:48:17 [kex.c] missing free; thanks
2000-12-0720001207Ben Lindstrom
- (bal) OpenSSH CVS updates: - 2000/12/06 22:58:14 [compat.c compat.h packet.c] disable debug messages for 2.0.1x, 2.1.0
2000-12-0320001204Ben Lindstrom
- (bal) More C functions defined in NeXT that are unaccessable without defining -POSIX. - (bal) OpenBSD CVS updates: - 2000/12/03 11:29:04 [compat.c] remove fallback to SSH_BUG_HMAC now that the drafts are updated - 2000/12/03 11:27:55 [compat.c] correctly match "2.1.0.pl2 SSH" etc; from - 2000/12/03 11:15:03 [auth2.c compat.c compat.h sshconnect2.c] support f-secure/ 2.0.12; ok niels@
2000-10-16 - (djm) Sync with OpenBSD:Damien Miller
- 2000/10/14 04:01:15 [cipher.c] debug3 - 2000/10/14 04:07:23 [scp.c] remove spaces from arguments; from - 2000/10/14 06:09:46 [ssh.1] Cipher is for SSH-1 only - 2000/10/14 06:12:09 [servconf.c servconf.h serverloop.c session.c sshd.8] AllowTcpForwarding; from naddy@ - 2000/10/14 06:16:56 [auth2.c compat.c compat.h sshconnect2.c version.h] OpenSSH_2.3; note that is is not complete, but the version number needs to be changed for interoperability reasons - 2000/10/14 06:19:45 [auth-rsa.c] do not send RSA challenge if key is not allowed by key-options; from - 2000/10/15 08:14:01 [rijndael.c session.c] typos; from - 2000/10/15 08:18:31 [rijndael.c] typo - Copy manpages back over from OpenBSD - too tedious to wade through diffs
2000-09-16 - (djm) Merge OpenBSD changes:Damien Miller
- 2000/09/05 02:59:57 [session.c] print hostname (not hushlogin) - 2000/09/05 13:18:48 [authfile.c ssh-add.c] enable ssh-add -d for DSA keys - 2000/09/05 13:20:49 [sftp-server.c] cleanup - 2000/09/06 03:46:41 [authfile.h] prototype - 2000/09/07 14:27:56 [ALL] cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate. - 2000/09/07 14:40:30 [channels.c channels.h clientloop.c serverloop.c ssh.c] cleanup window and packet sizes for ssh2 flow control; ok niels - 2000/09/07 14:53:00 [scp.c] typo - 2000/09/07 15:13:37 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] [pty.c readconf.c] some more Copyright fixes - 2000/09/08 03:02:51 [README.openssh2] bye bye - 2000/09/11 18:38:33 [LICENCE cipher.c] a few more comments about it being ARC4 not RC4 - 2000/09/12 14:53:11 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] multiple debug levels - 2000/09/14 14:25:15 [clientloop.c] typo - 2000/09/15 01:13:51 [ssh-agent.c] check return value for setenv(3) for failure, and deal appropriately
2000-06-22 - OpenBSD CVS Updates:Damien Miller
- 2000/06/18 18:50:11 [auth2.c compat.c compat.h sshconnect2.c] make userauth+pubkey interop with - 2000/06/18 20:56:17 [dsa.c] mem leak + be more paranoid in dsa_verify. - 2000/06/18 21:29:50 [key.c] cleanup fingerprinting, less hardcoded sizes - 2000/06/19 19:39:45 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] OpenBSD tag - 2000/06/21 10:46:10 sshconnect2.c missing free; nuke old comment
2000-05-09 - OpenBSD CVS updateDamien Miller
- [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] [ssh.h sshconnect1.c sshconnect2.c sshd.8] - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) - [ssh.1] - zap typo [ssh-keygen.1] - One last nit fix. (markus approved) [sshd.8] - some markus certified spelling adjustments - [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] [sshconnect2.c ] - bug compat w/ ssh-2.0.13 x11, split out bugs [nchan.c] - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ [ssh-keygen.c] - handle escapes in real and original key format, ok millert@ [version.h] - OpenSSH-2.1
2000-04-12 - OpenBSD CVS updates:Damien Miller
- [channels.c] repair x11-fwd - [sshconnect.c] fix passwd prompt for ssh2, less debugging output. - [clientloop.c compat.c dsa.c kex.c sshd.c] less debugging output - [kex.c kex.h sshconnect.c sshd.c] check for reasonable public DH values - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] add Cipher and Protocol options to ssh/sshd, e.g.: ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc' - [sshd.c] print 1.99 only if server supports both
2000-04-04 - OpenBSD CVS update:Damien Miller
- [packet.h packet.c] ssh2 packet format - [packet.h packet.c nchan.h compat.h compat.c] [channels.h channels.c] channel layer support for ssh2 - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] DSA, keyexchange, algorithm agreement for ssh2
1999-11-25 - More reformatting merged from OpenBSD CVSDamien Miller
- Merged OpenBSD CVS changes: - [channels.c] report from via - [channels.c] set SO_REUSEADDR and SO_LINGER for forwarded ports. via - [nchan.c] it's not an error() if shutdown_write failes in nchan. - [readconf.c] remove dead #ifdef-0-code - [readconf.c servconf.c] strcasecmp instead of tolower - [scp.c] progress meter overflow fix from - [ssh-add.1 ssh-add.c] SSH_ASKPASS support - [ssh.1 ssh.c] postpone fork_after_authentication until command execution, request/patch from via plus: use daemon() for backgrounding
1999-11-25 - Merged very large OpenBSD source code reformatDamien Miller
- OpenBSD CVS updates - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] [ssh.h sshd.8 sshd.c] syslog changes: * Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE messages. allows use of s/key in windows (ttssh, securecrt) and ssh-1.2.27 clients without 'ssh -v', ok: niels@ - [sshd.8] -V, for fallback to openssh in SSH2 compatibility mode - [sshd.c] fix sigchld race;
1999-10-27Initial revisionDamien Miller