Darren Tucker
34620d6f71
- dtucker@cvs.openbsd.org 2004/08/23 14:29:23
...
[ssh-keysign.c]
Remove duplicate getuid(), suggested by & ok markus@
2004-08-29 16:32:59 +10:00
Darren Tucker
27a8f6b056
- dtucker@cvs.openbsd.org 2004/08/23 14:26:38
...
[ssh-keysign.c ssh.c]
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
change in Portable; ok markus@ (CVS ID sync only)
2004-08-29 16:31:28 +10:00
Darren Tucker
25f60a7ee7
- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
...
it does the right thing on all platforms. ok djm@
2004-08-15 17:23:34 +10:00
Darren Tucker
ba6de952a0
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
...
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
Damien Miller
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller
fb1310eded
- markus@cvs.openbsd.org 2004/01/19 21:25:15
...
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2004-01-21 11:02:50 +11:00
Damien Miller
51bf11fcc9
- djm@cvs.openbsd.org 2003/11/17 09:45:39
...
[msg.c msg.h sshconnect2.c ssh-keysign.c]
return error on msg send/receive failure (rather than fatal); ok markus@
2003-11-17 21:20:47 +11:00
Darren Tucker
0a4f04b5b2
- djm@cvs.openbsd.org 2003/07/03 08:09:06
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
fix AddressFamily option in config file, from brent@graveland.net ;
ok markus@
2003-07-03 20:37:47 +10:00
Damien Miller
20a8f97b03
- djm@cvs.openbsd.org 2003/05/16 03:27:12
...
[readconf.c ssh_config ssh_config.5 ssh-keysign.c]
add AddressFamily option to ssh_config (like -4, -6 on commandline).
Portable bug #534 ; ok markus@
2003-05-18 20:50:30 +10:00
Damien Miller
703ced55bb
- markus@cvs.openbsd.org 2003/04/02 14:36:26
...
[ssh-keysign.c]
potential segfault if KEY_UNSPEC; cjwatson@debian.org ; bug #526
2003-04-09 20:50:26 +10:00
Damien Miller
ed33d3b4d2
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/03/13 11:42:19
[authfile.c ssh-keysign.c]
move RSA_blinding_on to generic key load method
2003-03-15 11:36:18 +11:00
Ben Lindstrom
1b96cfb975
- (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since
...
we already did s/msg_send/ssh_msg_send/
2002-12-23 02:58:17 +00:00
Ben Lindstrom
b6df73b06a
- markus@cvs.openbsd.org 2002/11/07 22:08:07
...
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
because HostbasedAuthentication might be enabled based on the
target host and ssh-keysign(8) does not know the remote hostname
and not trust ssh(1) about the hostname, so we add a new option
EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
2002-11-09 15:52:31 +00:00
Damien Miller
901119beab
- (djm) Bug #406 : s/msg_send/ssh_msg_send/ for Mac OS X 1.2
2002-10-04 11:10:04 +10:00
Ben Lindstrom
5d35a2f582
- markus@cvs.openbsd.org 2002/07/03 14:21:05
...
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
re-enable ssh-keysign's sbit, but make ssh-keysign read
/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
globally. based on discussions with deraadt, itojun and sommerfeld;
ok itojun@
2002-07-04 00:19:40 +00:00
Ben Lindstrom
43ce2c86a8
- markus@cvs.openbsd.org 2002/07/03 09:55:38
...
[ssh-keysign.c]
use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
in order to avoid a possible Kocher timing attack pointed out by Charles
Hannum; ok provos@
2002-07-04 00:17:33 +00:00
Ben Lindstrom
fe275982e3
- markus@cvs.openbsd.org 2002/06/26 22:27:32
...
[ssh-keysign.c]
bug #304 , xfree(data) called to early; openssh@sigint.cs.purdue.edu
2002-06-27 00:25:07 +00:00
Ben Lindstrom
cb72e4f6d2
- deraadt@cvs.openbsd.org 2002/06/19 00:27:55
...
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
Ben Lindstrom
a20715788d
- markus@cvs.openbsd.org 2002/06/08 05:07:09
...
[ssh-keysign.c]
only accept 20 byte session ids
2002-06-09 20:01:48 +00:00
Ben Lindstrom
5a6abdae0f
unexpand
2002-06-09 19:41:48 +00:00
Ben Lindstrom
3545352dc4
- (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.au
2002-06-07 14:37:00 +00:00
Ben Lindstrom
db41d2390c
- (bal) ssh-keysign should build and install correctly now. Phase two
...
would be to clean out any dead wood and disable ssh setuid on install.
2002-06-07 03:11:38 +00:00
Ben Lindstrom
1bad256822
- markus@cvs.openbsd.org 2002/05/23 19:24:30
...
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 19:57:33 +00:00