openssh-portable

Commit Graph

Author	SHA1	Message	Date
Damien Miller	5790b5910b	- djm@cvs.openbsd.org 2006/03/19 07:41:30 [sshconnect2.c] memory leaks detected by Coverity via elad AT netbsd.org; deraadt@ ok	2006-03-26 13:54:03 +11:00
Damien Miller	b0fb6872ed	- deraadt@cvs.openbsd.org 2006/03/19 18:51:18 [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die	2006-03-26 00:03:21 +11:00
Damien Miller	6645e7a70d	- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris	2006-03-15 14:42:54 +11:00
Damien Miller	a63128d1a8	- djm@cvs.openbsd.org 2006/03/07 09:07:40 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet	2006-03-15 12:08:28 +11:00
Damien Miller	f17883e6a0	- stevesk@cvs.openbsd.org 2006/02/20 17:02:44 [clientloop.c includes.h monitor.c progressmeter.c scp.c] [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c] move #include <signal.h> out of includes.h; ok markus@	2006-03-15 11:45:54 +11:00
Damien Miller	9cf6d077fb	- stevesk@cvs.openbsd.org 2006/02/10 01:44:27 [includes.h monitor.c readpass.c scp.c serverloop.c session.c^?] [sftp.c sshconnect.c sshconnect2.c sshd.c] move #include <sys/wait.h> out of includes.h; ok markus@	2006-03-15 11:29:24 +11:00
Damien Miller	2eb6340ddd	- stevesk@cvs.openbsd.org 2006/02/07 01:18:09 [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c] move #include <sys/queue.h> out of includes.h; ok markus@	2006-03-15 11:09:42 +11:00
Damien Miller	15d72a00a3	- stevesk@cvs.openbsd.org 2005/10/14 02:17:59 [ssh-keygen.c ssh.c sshconnect2.c] no trailing "\n" for log functions; ok djm@	2005-11-05 15:07:33 +11:00
Damien Miller	da9984fc3a	- (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2005/08/30 22:08:05 [gss-serv.c sshconnect2.c] destroy credentials if krb5_kuserok() call fails. Stops credentials being delegated to users who are not authorised for GSSAPIAuthentication when GSSAPIDeletegateCredentials=yes and another authentication mechanism succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@	2005-08-31 19:46:26 +10:00
Damien Miller	9786e6e2a0	- markus@cvs.openbsd.org 2005/07/25 11:59:40 [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c] [sshconnect2.c sshd.c sshd_config sshd_config.5] add a new compression method that delays compression until the user has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@	2005-07-26 21:54:56 +10:00
Damien Miller	0dc1bef12d	- djm@cvs.openbsd.org 2005/07/17 07:17:55 [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces	2005-07-17 17:22:45 +10:00
Damien Miller	eccb9de72a	- djm@cvs.openbsd.org 2005/06/17 02:44:33 [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] make this -Wsign-compare clean; ok avsm@ markus@ NB. auth1.c changes not committed yet (conflicts with uncommitted sync) NB2. more work may be needed to make portable Wsign-compare clean	2005-06-17 12:59:34 +10:00
Damien Miller	f675fc4948	- djm@cvs.openbsd.org 2004/06/13 12:53:24 [dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h] [ssh-keyscan.c sshconnect2.c sshd.c] implement diffie-hellman-group14-sha1 kex method (trivial extension to existing diffie-hellman-group1-sha1); ok markus@	2004-06-15 10:30:09 +10:00
Darren Tucker	e608ca2965	- djm@cvs.openbsd.org 2004/05/08 00:21:31 [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h kill a tiny header; ok deraadt@	2004-05-13 16:15:47 +10:00
Damien Miller	0b51a52a10	- (djm) OpenBSD CVS Sync - henning@cvs.openbsd.org 2004/04/08 16:08:21 [sshconnect2.c] swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do. ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@	2004-04-20 20:07:19 +10:00
Damien Miller	bd394c329b	- markus@cvs.openbsd.org 2004/03/05 10:53:58 [readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c] add IdentitiesOnly; ok djm@, pb@	2004-03-08 23:12:36 +11:00
Damien Miller	fb1310eded	- markus@cvs.openbsd.org 2004/01/19 21:25:15 [auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c] fix mem leaks; some fixes from Pete Flugstad; tested dtucker@	2004-01-21 11:02:50 +11:00
Damien Miller	787b2ec18c	more whitespace (tabs this time)	2003-11-21 23:56:47 +11:00
Damien Miller	a8e06cef35	- djm@cvs.openbsd.org 2003/11/21 11:57:03 [everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)	2003-11-21 23:48:55 +11:00
Damien Miller	0425d40194	- markus@cvs.openbsd.org 2003/11/17 11:06:07 [auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h sshconnect2.c ssh-gss.h] replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob.	2003-11-17 22:18:21 +11:00
Damien Miller	51bf11fcc9	- djm@cvs.openbsd.org 2003/11/17 09:45:39 [msg.c msg.h sshconnect2.c ssh-keysign.c] return error on msg send/receive failure (rather than fatal); ok markus@	2003-11-17 21:20:47 +11:00
Damien Miller	91c6aa4468	- markus@cvs.openbsd.org 2003/11/14 13:19:09 [sshconnect2.c] cleanup and minor fixes for the client code; from Simon Wilkinson	2003-11-17 21:20:18 +11:00
Darren Tucker	655a5e0987	- markus@cvs.openbsd.org 2003/11/02 11:01:03 [auth2-gss.c compat.c compat.h sshconnect2.c] remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk	2003-11-03 20:09:03 +11:00
Darren Tucker	56afe145e0	- avsm@cvs.openbsd.org 2003/10/26 16:57:43 [sshconnect2.c] rename 'supported' static var in userauth_gssapi() to 'gss_supported' to avoid shadowing the global version. markus@ ok	2003-11-03 20:06:14 +11:00
Darren Tucker	d05b601895	- markus@cvs.openbsd.org 2003/10/11 08:26:43 [sshconnect2.c] search keys in reverse order; fixes #684	2003-10-15 15:55:59 +10:00
Darren Tucker	796448276c	- deraadt@cvs.openbsd.org 2003/10/07 21:58:28 [sshconnect2.c] set ptr to NULL after free	2003-10-08 17:37:58 +10:00
Darren Tucker	046dff2a07	- dtucker@cvs.openbsd.org 2003/10/07 01:47:27 [sshconnect2.c] Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707. ok markus@	2003-10-08 17:32:02 +10:00
Darren Tucker	08bbb2f69d	- djm@cvs.openbsd.org 2003/08/25 10:33:33 [sshconnect2.c] fprintf->logit to silence login banner with "ssh -q"; ok markus@	2003-08-26 12:14:05 +10:00
Darren Tucker	600ad8de76	- deraadt@cvs.openbsd.org 2003/08/24 17:36:52 [monitor.c monitor_wrap.c sshconnect2.c] 64 bit cleanups; markus ok	2003-08-26 12:10:48 +10:00
Darren Tucker	be1a901f99	- markus@cvs.openbsd.org 2003/08/22 13:20:03 [sshconnect2.c] remove support for "kerberos-2@ssh.com"	2003-08-26 12:04:31 +10:00
Darren Tucker	49aaf4ad52	- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.	2003-08-26 11:58:16 +10:00
Darren Tucker	0efd155c3c	- markus@cvs.openbsd.org 2003/08/22 10:56:09 [auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.	2003-08-26 11:49:55 +10:00
Darren Tucker	502d384b74	- markus@cvs.openbsd.org 2003/06/24 08:23:46 [auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c] int -> u_int; ok djm@, deraadt@, mouring@	2003-06-28 12:38:01 +10:00
Damien Miller	f842fcb296	- markus@cvs.openbsd.org 2003/05/15 00:28:28 [sshconnect2.c] cleanup unregister of per-method packet handlers; ok djm@	2003-05-15 12:01:28 +10:00
Damien Miller	4d99519535	- (djm) Avoid KrbV leak for MIT Kerberos	2003-05-14 19:23:56 +10:00
Damien Miller	9c617693c2	- (djm) Make portable build with MIT krb5 (some issues remain)	2003-05-14 14:31:11 +10:00
Damien Miller	3ab496b3dd	- markus@cvs.openbsd.org 2003/05/14 02:15:47 [auth2.c monitor.c sshconnect2.c auth2-krb5.c] implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@ server interops with commercial client; ok jakob@ djm@	2003-05-14 13:47:37 +10:00
Damien Miller	280ecfb6e4	- markus@cvs.openbsd.org 2003/05/12 16:55:37 [sshconnect2.c] for pubkey authentication try the user keys in the following order: 1. agent keys that are found in the config file 2. other agent keys 3. keys that are only listed in the config file this helps when an agent has many keys, where the server might close the connection before the correct key is used. report & ok pb@	2003-05-14 13:46:00 +10:00
Damien Miller	d558092522	- (djm) RCSID sync w/ OpenBSD	2003-05-14 13:40:06 +10:00
Damien Miller	996acd2476	* empty log message *	2003-04-09 20:59:48 +10:00
Damien Miller	a5539d2698	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/04/02 09:48:07 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] reapply rekeying chage, tested by henning@, ok djm@	2003-04-09 20:50:06 +10:00
Damien Miller	2dc074ef4b	- markus@cvs.openbsd.org 2003/04/01 10:10:23 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] rekeying bugfixes and automatic rekeying: * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying - markus@cvs.openbsd.org 2003/04/01 10:22:21 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] backout rekeying changes (for 3.6.1)	2003-04-01 21:43:39 +10:00
Damien Miller	0011138d47	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/03/05 22:33:43 [channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c] [sftp-server.c ssh-add.c sshconnect2.c] fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@	2003-03-10 11:21:17 +11:00
Damien Miller	8e7fb33523	- markus@cvs.openbsd.org 2003/02/16 17:09:57 [kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c] split kex into client and server code, no need to link server code into the client; ok provos@	2003-02-24 12:03:03 +11:00
Ben Lindstrom	1b96cfb975	- (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since we already did s/msg_send/ssh_msg_send/	2002-12-23 02:58:17 +00:00
Ben Lindstrom	1d568f9fce	- markus@cvs.openbsd.org 2002/12/13 10:03:15 [channels.c misc.c sshconnect2.c] cleanup debug messages, more useful information for the client user.	2002-12-23 02:44:36 +00:00
Ben Lindstrom	064496feaa	- markus@cvs.openbsd.org 2002/11/21 22:45:31 [cipher.c kex.c packet.c sshconnect.c sshconnect2.c] debug->debug2, unify debug messages	2002-12-23 02:04:22 +00:00
Damien Miller	901119beab	- (djm) Bug #406 : s/msg_send/ssh_msg_send/ for Mac OS X 1.2	2002-10-04 11:10:04 +10:00
Ben Lindstrom	343010ad50	- markus@cvs.openbsd.org 2002/07/01 19:48:46 [sshconnect2.c] for compression=yes, we fallback to no-compression if the server does not support compression, vice versa for compression=no. ok mouring@	2002-07-04 00:16:25 +00:00
Ben Lindstrom	a962c2fb35	- deraadt@cvs.openbsd.org 2002/06/30 21:59:45 [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c sshconnect2.c sshd.c] minor KNF	2002-07-04 00:14:17 +00:00
Ben Lindstrom	5c3855210e	- deraadt@cvs.openbsd.org 2002/06/23 03:30:58 [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c sshpty.c] various KNF and %d for unsigned	2002-06-23 21:23:20 +00:00
Ben Lindstrom	cb72e4f6d2	- deraadt@cvs.openbsd.org 2002/06/19 00:27:55 [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....	2002-06-21 00:41:51 +00:00
Ben Lindstrom	cec2ea8d02	- markus@cvs.openbsd.org 2002/05/31 10:30:33 [sshconnect2.c] extent ssh-keysign protocol: pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@	2002-06-06 20:51:04 +00:00
Ben Lindstrom	4887da222b	- markus@cvs.openbsd.org 2002/05/25 08:50:39 [sshconnect2.c] execlp->execl; from stevesk	2002-06-06 20:05:57 +00:00
Ben Lindstrom	5206b951c6	- markus@cvs.openbsd.org 2002/05/24 08:45:14 [sshconnect2.c] stat ssh-keysign first, print error if stat fails; some debug->error; fix comment	2002-06-06 19:59:29 +00:00
Ben Lindstrom	1bad256822	- markus@cvs.openbsd.org 2002/05/23 19:24:30 [authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.	2002-06-06 19:57:33 +00:00
Tim Rice	c85496222b	[sshconnect2.c] change uint32_t to u_int32_t	2002-03-31 12:49:38 -08:00
Ben Lindstrom	38a69e6b53	- markus@cvs.openbsd.org 2002/03/26 15:58:46 [readpass.c readpass.h sshconnect2.c] client side support for PASSWD_CHANGEREQ	2002-03-27 17:28:46 +00:00
Ben Lindstrom	6328ab3989	- markus@cvs.openbsd.org 2002/03/19 10:49:35 [auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c ttymodes.c] KNF whitespace	2002-03-22 02:54:23 +00:00
Ben Lindstrom	c58ab02e45	- markus@cvs.openbsd.org 2002/02/25 16:33:27 [ssh-keygen.c sshconnect2.c uuencode.c uuencode.h] more u_* fixes	2002-02-26 18:15:09 +00:00
Ben Lindstrom	90fd814f90	- markus@cvs.openbsd.org 2002/02/24 19:14:59 [auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c] signed vs. unsigned: make size arguments u_int, ok stevesk@	2002-02-26 18:09:42 +00:00
Damien Miller	68f45983b2	- markus@cvs.openbsd.org 2002/02/03 17:59:23 [sshconnect2.c] more cross checking if announced vs. used key type; ok stevesk@	2002-02-05 12:23:32 +11:00
Damien Miller	3a8262ffcc	- markus@cvs.openbsd.org 2002/01/25 21:00:24 [sshconnect2.c] unused include	2002-02-05 11:53:15 +11:00
Damien Miller	0e3b87279c	- markus@cvs.openbsd.org 2002/01/13 17:57:37 [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c] use buffer API and avoid static strings of fixed size; ok provos@/mouring@	2002-01-22 23:26:38 +11:00
Damien Miller	630d6f4479	- markus@cvs.openbsd.org 2001/12/28 15:06:00 [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c] remove plen from the dispatch fn. it's no longer used.	2002-01-22 23:17:30 +11:00
Damien Miller	dff5099f13	- markus@cvs.openbsd.org 2001/12/28 14:50:54 [auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c] packet_read* no longer return the packet length, since it's not used.	2002-01-22 23:16:32 +11:00
Damien Miller	48b03fc546	- markus@cvs.openbsd.org 2001/12/27 20:39:58 [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead.	2002-01-22 23:11:40 +11:00
Damien Miller	278f907a2d	- djm@cvs.openbsd.org 2001/12/20 22:50:24 [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] [sshconnect2.c] Conformance fix: we should send failing packet sequence number when responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@	2001-12-21 15:00:19 +11:00
Damien Miller	9f0f5c64bc	- deraadt@cvs.openbsd.org 2001/12/19 07:18:56 [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else	2001-12-21 14:45:46 +11:00
Ben Lindstrom	1c37c6a518	- deraadt@cvs.openbsd.org 2001/12/05 10:06:12 [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF	2001-12-06 18:00:18 +00:00
Ben Lindstrom	3c36bb29ca	- itojun@cvs.openbsd.org 2001/12/05 03:56:39 [auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c sshconnect2.c] make it compile with more strict prototype checking	2001-12-06 17:55:26 +00:00
Damien Miller	9f64390f41	- markus@cvs.openbsd.org 2001/11/07 16:03:17 [packet.c packet.h sshconnect2.c] pad using the padding field from the ssh2 packet instead of sending extra ignore messages. tested against several other ssh servers.	2001-11-12 11:02:52 +11:00
Damien Miller	91c1847733	- markus@cvs.openbsd.org 2001/10/29 19:27:15 [sshconnect2.c] hostbased: check for client hostkey before building chost	2001-11-12 11:02:03 +11:00
Damien Miller	59d9fb9e55	- markus@cvs.openbsd.org 2001/10/06 11:18:19 [sshconnect1.c sshconnect2.c sshconnect.c] unify hostkey check error messages, simplify prompt.	2001-10-10 15:03:11 +10:00
Ben Lindstrom	7d19996201	- markus@cvs.openbsd.org 2001/08/31 11:46:39 [sshconnect2.c] disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST messages	2001-09-12 18:29:00 +00:00
Ben Lindstrom	45350e8374	- markus@cvs.openbsd.org 2001/07/23 09:06:28 [sshconnect2.c] reorder default sequence of userauth methods to match ssh behaviour: hostbased,publickey,keyboard-interactive,password	2001-08-06 20:57:11 +00:00
Ben Lindstrom	c5b680018b	- markus@cvs.openbsd.org 2001/06/26 20:14:11 [key.c key.h ssh.c sshconnect1.c sshconnect2.c] add smartcard support to the client, too (now you can use both the agent and the client).	2001-07-04 04:52:03 +00:00
Ben Lindstrom	7907382299	- stevesk@cvs.openbsd.org 2001/06/25 20:26:37 [auth2.c sshconnect2.c] prototype cleanup; ok markus@	2001-07-04 03:42:30 +00:00
Ben Lindstrom	126c56ad9e	- markus@cvs.openbsd.org 2001/06/24 05:47:13 [sshconnect2.c] oops, missing format string	2001-06-25 05:22:53 +00:00
Ben Lindstrom	949974bbdb	- markus@cvs.openbsd.org 2001/06/24 05:35:33 [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c] switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc	2001-06-25 05:20:31 +00:00
Ben Lindstrom	bba81213b9	- itojun@cvs.openbsd.org 2001/06/23 15:12:20 [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers	2001-06-25 05:01:22 +00:00
Ben Lindstrom	d6481ea49a	- markus@cvs.openbsd.org 2001/06/23 02:34:33 [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] get rid of known_hosts2, use it for hostkey lookup, but do not modify.	2001-06-25 04:37:41 +00:00
Ben Lindstrom	1bfe29151b	- markus@cvs.openbsd.org 2001/05/19 16:32:16 [ssh.1 sshconnect2.c] change preferredauthentication order to publickey,hostbased,password,keyboard-interactive document that hostbased defaults to no, document order	2001-06-05 19:37:25 +00:00
Ben Lindstrom	551ea37576	- markus@cvs.openbsd.org 2001/05/18 14:13:29 [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] improved kbd-interactive support. work by per@appgate.com and me	2001-06-05 18:56:16 +00:00
Ben Lindstrom	671388f233	- markus@cvs.openbsd.org 2001/04/18 23:43:26 [auth2.c compat.c sshconnect2.c] more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now (however the 2.1.0 server seems to work only if debug is enabled...)	2001-04-19 20:40:45 +00:00
Ben Lindstrom	2bffd6fd1b	- markus@cvs.openbsd.org 2001/04/18 22:03:45 [auth2.c sshconnect2.c] use FDQN with trailing dot in the hostbased auth packets, ok deraadt@	2001-04-19 20:35:40 +00:00
Ben Lindstrom	982dbbcfda	- markus@cvs.openbsd.org 2001/04/17 10:53:26 [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c] add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@	2001-04-17 18:11:36 +00:00
Ben Lindstrom	206941fdd8	- markus@cvs.openbsd.org 2001/04/15 08:43:47 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] some unused variable and typos; from tomh@po.crl.go.jp	2001-04-15 14:27:16 +00:00
Ben Lindstrom	5eabda303a	- markus@cvs.openbsd.org 2001/04/12 19:15:26 [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)	2001-04-12 23:34:34 +00:00
Ben Lindstrom	a3700050ec	- markus@cvs.openbsd.org 2001/04/05 10:42:57 [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c sshconnect2.c sshd.c] fix whitespace: unexpand + trailing spaces.	2001-04-05 23:26:32 +00:00
Ben Lindstrom	be2cc43c3a	- markus@cvs.openbsd.org 2001/04/04 20:25:38 [channels.c channels.h clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] more robust rekeying don't send channel data after rekeying is started.	2001-04-04 23:46:07 +00:00
Ben Lindstrom	8ac9106c3d	- markus@cvs.openbsd.org 2001/04/04 14:34:58 [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] enable server side rekeying + some rekey related clientup. todo: we should not send any non-KEX messages after we send KEXINIT	2001-04-04 17:57:54 +00:00
Ben Lindstrom	238abf6a14	- markus@cvs.openbsd.org 2001/04/04 09:48:35 [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c] don't sent multiple kexinit-requests. send newkeys, block while waiting for newkeys. fix comments.	2001-04-04 17:52:53 +00:00
Ben Lindstrom	f28f634a3a	- markus@cvs.openbsd.org 2001/04/04 00:06:54 [clientloop.c sshconnect2.c] enable client rekeying (1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0	2001-04-04 02:03:04 +00:00
Ben Lindstrom	2d90e00309	- markus@cvs.openbsd.org 2001/04/03 23:32:12 [kex.c kex.h packet.c sshconnect2.c sshd.c] undo parts of recent my changes: main part of keyexchange does not need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.	2001-04-04 02:00:54 +00:00
Ben Lindstrom	20d7c7b02c	- markus@cvs.openbsd.org 2001/04/03 19:53:29 [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c] move kex to kex*.c, used dispatch_set() callbacks for kex. should make rekeying easier.	2001-04-04 01:56:17 +00:00
Damien Miller	a0ff466d80	- OpenBSD CVS Sync - stevesk@cvs.openbsd.org 2001/03/29 21:06:21 [sshconnect2.c sshd.c] need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@	2001-03-30 10:49:35 +10:00
Damien Miller	653ae11c4a	- OpenBSD CVS Sync - provos@cvs.openbsd.org 2001/03/29 14:24:59 [sshconnect2.c] use recommended defaults	2001-03-30 10:49:05 +10:00
Damien Miller	2557bfc5d7	- (djm) OpenBSD CVS Sync - provos@cvs.openbsd.org 2001/03/28 21:59:41 [kex.c kex.h sshconnect2.c sshd.c] forgot to include min and max params in hash, okay markus@	2001-03-30 10:47:14 +10:00
Ben Lindstrom	df221391e6	- provos@cvs.openbsd.org 2001/03/27 17:46:50 [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@	2001-03-29 00:36:16 +00:00

1 2 3 4

189 Commits