daaa450051
- dtucker@cvs.openbsd.org 2010/01/13 01:20:20
...
[canohost.c ssh-keysign.c sshconnect2.c]
Make HostBased authentication work with a ProxyCommand. bz #1569 , patch
from imorgan at nas nasa gov, ok djm@
2010-01-13 22:43:33 +11:00
d4c86b1325
- dtucker@cvs.openbsd.org 2010/01/11 04:46:45
...
[authfile.c sshconnect2.c]
Do not prompt for a passphrase if we fail to open a keyfile, and log the
reason the open failed to debug.
bz #1693 , found by tj AT castaglia org, ok djm@
2010-01-12 19:41:22 +11:00
0c348f5b9e
- dtucker@cvs.openbsd.org 2010/01/04 01:45:30
...
[sshconnect2.c]
Don't escape backslashes in the SSH2 banner. bz#1533, patch from
Michal Gorny via Gentoo.
2010-01-08 18:58:05 +11:00
5246df47a4
- dtucker@cvs.openbsd.org 2009/12/06 23:41:15
...
[sshconnect2.c]
zap unused variable and strlen; from Steve McClellan, ok djm
2010-01-08 18:50:46 +11:00
ab79169e29
- dtucker@cvs.openbsd.org 2009/11/20 00:59:36
...
[sshconnect2.c]
Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@
2010-01-08 18:48:02 +11:00
6e7fe1c01b
- dtucker@cvs.openbsd.org 2009/11/10 04:30:45
...
[sshconnect2.c channels.c sshconnect.c]
Set close-on-exec on various descriptors so they don't get leaked to
child processes. bz #1643 , patch from jchadima at redhat, ok deraadt.
2010-01-08 17:07:22 +11:00
36331b5d6c
- andreas@cvs.openbsd.org 2009/10/24 11:13:54
...
[sshconnect2.c kex.h kex.c]
Let the client detect if the server supports roaming by looking
for the resume@appgate.com kex algorithm.
ok markus@
2010-01-08 16:50:41 +11:00
2f29a8caba
- djm@cvs.openbsd.org 2009/10/23 01:57:11
...
[sshconnect2.c]
disallow a hostile server from checking jpake auth by sending an
out-of-sequence success message. (doesn't affect code enabled by default)
2009-10-24 11:47:58 +11:00
cee8523314
- djm@cvs.openbsd.org 2009/03/05 07:18:19
...
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
[sshconnect2.c]
refactor the (disabled) Schnorr proof code to make it a little more
generally useful
2009-03-06 00:58:22 +11:00
01ed2272a1
- djm@cvs.openbsd.org 2008/11/04 08:22:13
...
[auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
[readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
[sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
[Makefile.in]
Add support for an experimental zero-knowledge password authentication
method using the J-PAKE protocol described in F. Hao, P. Ryan,
"Password Authenticated Key Exchange by Juggling", 16th Workshop on
Security Protocols, Cambridge, April 2008.
This method allows password-based authentication without exposing
the password to the server. Instead, the client and server exchange
cryptographic proofs to demonstrate of knowledge of the password while
revealing nothing useful to an attacker or compromised endpoint.
This is experimental, work-in-progress code and is presently
compiled-time disabled (turn on -DJPAKE in Makefile.inc).
"just commit it. It isn't too intrusive." deraadt@
2008-11-05 16:20:46 +11:00
f7475d7e97
- djm@cvs.openbsd.org 2008/11/01 04:50:08
...
[sshconnect2.c]
sprinkle ARGSUSED on dispatch handlers
nuke stale unusued prototype
2008-11-03 19:26:18 +11:00
c4d1b36cc2
aadt@cvs.openbsd.org 2008/10/03 23:56:28
...
[sshconnect2.c]
Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
function.
spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
and (as is fairly typical) did not report the problem to us. But this fix
is correct.
ok djm
2008-11-03 19:22:09 +11:00
c674d580dc
- markus@cvs.openbsd.org 2008/07/31 14:48:28
...
[sshconnect2.c]
don't allocate space for empty banners; report t8m at centrum.cz;
ok deraadt
2008-11-03 19:16:57 +11:00
2e28d8622d
- (djm) [sshconnect2.c] vis.h isn't available everywhere
2008-07-17 19:15:43 +10:00
7ba0ca7f6f
- djm@cvs.openbsd.org 2008/07/17 08:48:00
...
[sshconnect2.c]
strnvis preauth banner; pointed out by mpf@ ok markus@
2008-07-17 18:57:06 +10:00
3dff176ed9
- djm@cvs.openbsd.org 2008/01/19 23:09:49
...
[readconf.c readconf.h sshconnect2.c]
promote rekeylimit to a int64 so it can hold the maximum useful limit
of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
2008-02-10 22:25:52 +11:00
f520ea1567
- jolan@cvs.openbsd.org 2007/05/17 23:53:41
...
[sshconnect2.c]
djm owes me a vb and a tism cd for breaking ssh compilation
2007-05-20 15:11:33 +10:00
26c6662834
- djm@cvs.openbsd.org 2007/05/17 20:48:13
...
[sshconnect2.c]
fall back to gethostname() when the outgoing connection is not
on a socket, such as is the case when ProxyCommand is used.
Gives hostbased auth an opportunity to work; bz#616, report
and feedback stuart AT kaloram.com; ok markus@
2007-05-20 15:09:42 +10:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
2125887a94
- dtucker@cvs.openbsd.org 2006/08/30 00:06:51
...
[sshconnect2.c]
Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
where previously it weren't. bz #1221 , found by Dean Kopesky, ok djm@
2006-08-30 11:08:33 +10:00
a1cb9f334b
- djm@cvs.openbsd.org 2006/08/18 13:54:54
...
[gss-genr.c ssh-gss.h sshconnect2.c]
bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
ok markus@
2006-08-19 00:33:34 +10:00
d783435315
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42
...
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
[auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
[buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
[groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
[key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
[monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
[readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
[serverloop.c session.c session.h sftp-client.c sftp-common.c]
[sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
[ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
[uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
[loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step
NB. portable commit contains everything *except* removing includes.h, as
that will take a fair bit more work as we move headers that are required
for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
a7a73ee35d
- stevesk@cvs.openbsd.org 2006/08/01 23:22:48
...
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
[auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
[channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
[kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
[monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
[servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
[uuencode.h xmalloc.c]
move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
e3476ed03b
- stevesk@cvs.openbsd.org 2006/07/22 20:48:23
...
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
[auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
[authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
[cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
[compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
[includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
[progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
1cdde6f536
- stevesk@cvs.openbsd.org 2006/07/20 15:26:15
...
[auth1.c serverloop.c session.c sshconnect2.c]
missed some needed #include <unistd.h> when KERBEROS5=no; issue from
massimo@cedoc.mo.it
2006-07-24 14:07:35 +10:00
3997249346
- stevesk@cvs.openbsd.org 2006/07/11 20:07:25
...
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
2e5fe88ebe
- markus@cvs.openbsd.org 2006/06/08 14:45:49
...
[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
do not set the gid, noted by solar; ok djm
2006-06-13 13:10:00 +10:00
6b4069ad56
- markus@cvs.openbsd.org 2006/06/06 10:20:20
...
[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
replace remaining setuid() calls with permanently_set_uid() and
check seteuid() return values; report Marcus Meissner; ok dtucker djm
2006-06-13 13:05:15 +10:00
e250a94e69
- djm@cvs.openbsd.org 2006/05/08 10:49:48
...
[sshconnect2.c]
uint32_t -> u_int32_t (which we use everywhere else)
(Id sync only - portable already had this)
2006-06-13 12:59:53 +10:00
232b76f9f8
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
...
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186 , ok djm@
2006-05-06 17:41:51 +10:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
5790b5910b
- djm@cvs.openbsd.org 2006/03/19 07:41:30
...
[sshconnect2.c]
memory leaks detected by Coverity via elad AT netbsd.org;
deraadt@ ok
2006-03-26 13:54:03 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
a63128d1a8
- djm@cvs.openbsd.org 2006/03/07 09:07:40
...
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
Implement the diffie-hellman-group-exchange-sha256 key exchange method
using the SHA256 code in libc (and wrapper to make it into an OpenSSL
EVP), interop tested against CVS PuTTY
NB. no portability bits committed yet
2006-03-15 12:08:28 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
9cf6d077fb
- stevesk@cvs.openbsd.org 2006/02/10 01:44:27
...
[includes.h monitor.c readpass.c scp.c serverloop.c session.c^?]
[sftp.c sshconnect.c sshconnect2.c sshd.c]
move #include <sys/wait.h> out of includes.h; ok markus@
2006-03-15 11:29:24 +11:00
2eb6340ddd
- stevesk@cvs.openbsd.org 2006/02/07 01:18:09
...
[includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
move #include <sys/queue.h> out of includes.h; ok markus@
2006-03-15 11:09:42 +11:00
15d72a00a3
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
...
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
da9984fc3a
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/08/30 22:08:05
[gss-serv.c sshconnect2.c]
destroy credentials if krb5_kuserok() call fails. Stops credentials being
delegated to users who are not authorised for GSSAPIAuthentication when
GSSAPIDeletegateCredentials=yes and another authentication mechanism
succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by
simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@
2005-08-31 19:46:26 +10:00
9786e6e2a0
- markus@cvs.openbsd.org 2005/07/25 11:59:40
...
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
[sshconnect2.c sshd.c sshd_config sshd_config.5]
add a new compression method that delays compression until the user
has been authenticated successfully and set compression to 'delayed'
for sshd.
this breaks older openssh clients (< 3.5) if they insist on
compression, so you have to re-enable compression in sshd_config.
ok djm@
2005-07-26 21:54:56 +10:00
0dc1bef12d
- djm@cvs.openbsd.org 2005/07/17 07:17:55
...
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
eccb9de72a
- djm@cvs.openbsd.org 2005/06/17 02:44:33
...
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
[bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
[kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
[servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
[ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
make this -Wsign-compare clean; ok avsm@ markus@
NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
f675fc4948
- djm@cvs.openbsd.org 2004/06/13 12:53:24
...
[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
[ssh-keyscan.c sshconnect2.c sshd.c]
implement diffie-hellman-group14-sha1 kex method (trivial extension to
existing diffie-hellman-group1-sha1); ok markus@
2004-06-15 10:30:09 +10:00
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
0b51a52a10
- (djm) OpenBSD CVS Sync
...
- henning@cvs.openbsd.org 2004/04/08 16:08:21
[sshconnect2.c]
swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD and NetBSD do.
ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@
2004-04-20 20:07:19 +10:00
bd394c329b
- markus@cvs.openbsd.org 2004/03/05 10:53:58
...
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
2004-03-08 23:12:36 +11:00
fb1310eded
- markus@cvs.openbsd.org 2004/01/19 21:25:15
...
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2004-01-21 11:02:50 +11:00
787b2ec18c
more whitespace (tabs this time)
2003-11-21 23:56:47 +11:00
Darren Tucker
Damien Miller