openssh-portable

Commit Graph

Author	SHA1	Message	Date
Damien Miller	9f2abc47eb	- stevesk@cvs.openbsd.org 2006/07/06 16:03:53 [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c] [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c] [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c] [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c] [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c] [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c] [uidswap.h] move #include <pwd.h> out of includes.h; ok markus@	2006-07-10 20:53:08 +10:00
Damien Miller	603e68f1a2	- dtucker@cvs.openbsd.org 2006/04/02 08:34:52 [ssh-keysign.c] sessionid can be 32 bytes now too when sha256 kex is used; ok djm@	2006-04-23 12:05:32 +10:00
Damien Miller	57c30117c1	- djm@cvs.openbsd.org 2006/03/25 13:17:03 [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files	2006-03-26 14:24:48 +11:00
Damien Miller	b0fb6872ed	- deraadt@cvs.openbsd.org 2006/03/19 18:51:18 [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die	2006-03-26 00:03:21 +11:00
Damien Miller	6645e7a70d	- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris	2006-03-15 14:42:54 +11:00
Damien Miller	03e2003a23	- stevesk@cvs.openbsd.org 2006/02/08 12:15:27 [auth.c clientloop.c includes.h misc.c monitor.c readpass.c] [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c] [sshd.c sshpty.c] move #include <paths.h> out of includes.h; ok markus@	2006-03-15 11:16:59 +11:00
Darren Tucker	ce321d8a30	- djm@cvs.openbsd.org 2005/09/13 23:40:07 [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c] ensure that stdio fds are attached; ok deraadt@	2005-10-03 18:11:24 +10:00
Darren Tucker	34620d6f71	- dtucker@cvs.openbsd.org 2004/08/23 14:29:23 [ssh-keysign.c] Remove duplicate getuid(), suggested by & ok markus@	2004-08-29 16:32:59 +10:00
Darren Tucker	27a8f6b056	- dtucker@cvs.openbsd.org 2004/08/23 14:26:38 [ssh-keysign.c ssh.c] Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches change in Portable; ok markus@ (CVS ID sync only)	2004-08-29 16:31:28 +10:00
Darren Tucker	25f60a7ee7	- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since it does the right thing on all platforms. ok djm@	2004-08-15 17:23:34 +10:00
Darren Tucker	ba6de952a0	- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces diff vs OpenBSD; ok mouring@, tested by tim@ too.	2004-07-17 14:07:42 +10:00
Damien Miller	57a4476a69	- djm@cvs.openbsd.org 2004/04/18 23:10:26 [readconf.c readconf.h ssh-keysign.c ssh.c] perform strict ownership and modes checks for ~/.ssh/config files, as these can be used to execute arbitrary programs; ok markus@ NB. ssh will now exit when it detects a config with poor permissions	2004-04-20 20:11:57 +10:00
Damien Miller	fb1310eded	- markus@cvs.openbsd.org 2004/01/19 21:25:15 [auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c] fix mem leaks; some fixes from Pete Flugstad; tested dtucker@	2004-01-21 11:02:50 +11:00
Damien Miller	51bf11fcc9	- djm@cvs.openbsd.org 2003/11/17 09:45:39 [msg.c msg.h sshconnect2.c ssh-keysign.c] return error on msg send/receive failure (rather than fatal); ok markus@	2003-11-17 21:20:47 +11:00
Darren Tucker	0a4f04b5b2	- djm@cvs.openbsd.org 2003/07/03 08:09:06 [readconf.c readconf.h ssh-keysign.c ssh.c] fix AddressFamily option in config file, from brent@graveland.net; ok markus@	2003-07-03 20:37:47 +10:00
Damien Miller	20a8f97b03	- djm@cvs.openbsd.org 2003/05/16 03:27:12 [readconf.c ssh_config ssh_config.5 ssh-keysign.c] add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@	2003-05-18 20:50:30 +10:00
Damien Miller	703ced55bb	- markus@cvs.openbsd.org 2003/04/02 14:36:26 [ssh-keysign.c] potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526	2003-04-09 20:50:26 +10:00
Damien Miller	ed33d3b4d2	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/03/13 11:42:19 [authfile.c ssh-keysign.c] move RSA_blinding_on to generic key load method	2003-03-15 11:36:18 +11:00
Ben Lindstrom	1b96cfb975	- (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since we already did s/msg_send/ssh_msg_send/	2002-12-23 02:58:17 +00:00
Ben Lindstrom	b6df73b06a	- markus@cvs.openbsd.org 2002/11/07 22:08:07 [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de	2002-11-09 15:52:31 +00:00
Damien Miller	901119beab	- (djm) Bug #406 : s/msg_send/ssh_msg_send/ for Mac OS X 1.2	2002-10-04 11:10:04 +10:00
Ben Lindstrom	5d35a2f582	- markus@cvs.openbsd.org 2002/07/03 14:21:05 [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@	2002-07-04 00:19:40 +00:00
Ben Lindstrom	43ce2c86a8	- markus@cvs.openbsd.org 2002/07/03 09:55:38 [ssh-keysign.c] use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) in order to avoid a possible Kocher timing attack pointed out by Charles Hannum; ok provos@	2002-07-04 00:17:33 +00:00
Ben Lindstrom	fe275982e3	- markus@cvs.openbsd.org 2002/06/26 22:27:32 [ssh-keysign.c] bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu	2002-06-27 00:25:07 +00:00
Ben Lindstrom	cb72e4f6d2	- deraadt@cvs.openbsd.org 2002/06/19 00:27:55 [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....	2002-06-21 00:41:51 +00:00
Ben Lindstrom	a20715788d	- markus@cvs.openbsd.org 2002/06/08 05:07:09 [ssh-keysign.c] only accept 20 byte session ids	2002-06-09 20:01:48 +00:00
Ben Lindstrom	5a6abdae0f	unexpand	2002-06-09 19:41:48 +00:00
Ben Lindstrom	3545352dc4	- (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.au	2002-06-07 14:37:00 +00:00
Ben Lindstrom	db41d2390c	- (bal) ssh-keysign should build and install correctly now. Phase two would be to clean out any dead wood and disable ssh setuid on install.	2002-06-07 03:11:38 +00:00
Ben Lindstrom	1bad256822	- markus@cvs.openbsd.org 2002/05/23 19:24:30 [authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.	2002-06-06 19:57:33 +00:00

30 Commits