Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a5103f413b 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2014/02/02 03:44:32  
						
						... 
						
						
						
						[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
     [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
     [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
     [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
     [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c]
     convert memset of potentially-private data to explicit_bzero() 
						
						
					 
					
						2014-02-04 11:20:14 +11:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							a627d42e51 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2013/05/17 00:13:13  
						
						... 
						
						
						
						[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@ 
						
						
					 
					
						2013-06-02 07:31:17 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							106079c06d 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2010/12/15 00:49:27  
						
						... 
						
						
						
						[readpass.c]
     fix ControlMaster=ask regression
     reset SIGCHLD handler before fork (and restore it after) so we don't miss
     the the askpass child's exit status. Correct test for exit status/signal to
     account for waitpid() failure; with claudio@ ok claudio@ markus@ 
						
						
					 
					
						2011-01-06 22:43:44 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							d783435315 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2006/08/03 03:34:42  
						
						... 
						
						
						
						[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy") 
						
						
					 
					
						2006-08-05 12:39:39 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a7a73ee35d 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/08/01 23:22:48  
						
						... 
						
						
						
						[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h 
						
						
					 
					
						2006-08-05 11:37:59 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							e7a1e5cf63 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/26 13:57:17  
						
						... 
						
						
						
						[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h 
						
						
					 
					
						2006-08-05 11:34:19 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							e3476ed03b 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/22 20:48:23  
						
						... 
						
						
						
						[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h 
						
						
					 
					
						2006-07-24 14:13:33 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							e6b3b610ec 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/17 01:31:10  
						
						... 
						
						
						
						[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h 
						
						
					 
					
						2006-07-24 14:01:23 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							3997249346 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/11 20:07:25  
						
						... 
						
						
						
						[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-07-12 22:22:46 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							5d19626a04 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/10 16:37:36  
						
						... 
						
						
						
						[readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
     auth.c packet.c log.c]
     move #include <stdarg.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-07-12 22:15:16 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							57cf638577 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/07/09 15:15:11  
						
						... 
						
						
						
						[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h 
						
						
					 
					
						2006-07-10 21:13:46 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							2e5fe88ebe 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2006/06/08 14:45:49  
						
						... 
						
						
						
						[readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm 
						
						
					 
					
						2006-06-13 13:10:00 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							6b4069ad56 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2006/06/06 10:20:20  
						
						... 
						
						
						
						[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm 
						
						
					 
					
						2006-06-13 13:05:15 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							57c30117c1 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2006/03/25 13:17:03  
						
						... 
						
						
						
						[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files 
						
						
					 
					
						2006-03-26 14:24:48 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							b0fb6872ed 
							
						 
					 
					
						
						
							
							- deraadt@cvs.openbsd.org 2006/03/19 18:51:18  
						
						... 
						
						
						
						[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die 
						
						
					 
					
						2006-03-26 00:03:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							9cf6d077fb 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/02/10 01:44:27  
						
						... 
						
						
						
						[includes.h monitor.c readpass.c scp.c serverloop.c session.c^?]
     [sftp.c sshconnect.c sshconnect2.c sshd.c]
     move #include <sys/wait.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-03-15 11:29:24 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							a9263d065d 
							
						 
					 
					
						
						
							
							fix spacing of include  
						
						
						
						
					 
					
						2006-03-15 11:18:26 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							03e2003a23 
							
						 
					 
					
						
						
							
							- stevesk@cvs.openbsd.org 2006/02/08 12:15:27  
						
						... 
						
						
						
						[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
     [sshd.c sshpty.c]
     move #include <paths.h> out of includes.h; ok markus@ 
						
						
					 
					
						2006-03-15 11:16:59 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							d2ebd450f0 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2005/05/02 21:13:22  
						
						... 
						
						
						
						[readpass.c]
     missing {} 
						
						
					 
					
						2005-05-26 12:07:47 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							ddeb75294b 
							
						 
					 
					
						
						
							
							- dtucker@cvs.openbsd.org 2005/04/23 23:43:47  
						
						... 
						
						
						
						[readpass.c]
     Add debug message if read_passphrase can't open /dev/tty; bz #471 ;
     ok djm@ 
						
						
					 
					
						2005-05-26 12:05:28 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							ce327b62ac 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2004/10/29 22:53:56  
						
						... 
						
						
						
						[clientloop.c misc.h readpass.c ssh-agent.c]
     factor out common permission-asking code to separate function; ok markus@ 
						
						
					 
					
						2004-11-05 20:38:03 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							23f0770a1b 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2004/06/17 15:10:14  
						
						... 
						
						
						
						[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
     Add option for confirmation (ControlMaster=ask) via ssh-askpass before
     opening shared connections; ok markus@ 
						
						
					 
					
						2004-06-18 01:19:03 +10:00 
						 
				 
			
				
					
						
							
							
								Darren Tucker 
							
						 
					 
					
						
						
						
						
							
						
						
							e608ca2965 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2004/05/08 00:21:31  
						
						... 
						
						
						
						[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
     sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
     kill a tiny header; ok deraadt@ 
						
						
					 
					
						2004-05-13 16:15:47 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							6c71179f68 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2003/01/23 13:50:27  
						
						... 
						
						
						
						[authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -c, prompt user for confirmation (using ssh-askpass) when
     private agent key is used; with djm@; test by dugsong@, djm@;
     ok deraadt@ 
						
						
					 
					
						2003-01-24 11:36:23 +11:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							38a69e6b53 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2002/03/26 15:58:46  
						
						... 
						
						
						
						[readpass.c readpass.h sshconnect2.c]
     client side support for PASSWD_CHANGEREQ 
						
						
					 
					
						2002-03-27 17:28:46 +00:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							3606ee2938 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2002/02/13 00:39:15  
						
						... 
						
						
						
						[readpass.c]
     readpass.c is not longer from UCB, since we now use readpassphrase(3) 
						
						
					 
					
						2002-02-13 14:05:23 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							85830d1dc0 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2002/01/11 23:02:18  
						
						... 
						
						
						
						[readpass.c]
     use _PATH_TTY 
						
						
					 
					
						2002-01-22 23:24:51 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							f451e22e21 
							
						 
					 
					
						
						
							
							- djm@cvs.openbsd.org 2001/12/21 08:53:45  
						
						... 
						
						
						
						[readpass.c]
     Avoid interruptable passphrase read; ok markus@ 
						
						
					 
					
						2002-01-22 23:05:31 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							637b8ae2d4 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2001/11/08 10:51:08  
						
						... 
						
						
						
						[readpass.c]
     don't strdup too much data; from gotoh@taiyo.co.jp ; ok millert. 
						
						
					 
					
						2001-11-12 11:05:20 +11:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							ad77313f22 
							
						 
					 
					
						
						
							
							- OpenBSD CVS Sync  
						
						... 
						
						
						
						- stevesk@cvs.openbsd.org  2001/07/14 15:10:17
      [readpass.c sftp-client.c sftp-common.c sftp-glob.c]
      delete spurious #includes; ok deraadt@ markus@ 
						
						
					 
					
						2001-07-18 15:45:44 +00:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							07ab49ef71 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2001/07/10 21:49:12  
						
						... 
						
						
						
						[readpass.c]
     don't panic if fork or pipe fail (just return an empty passwd). 
						
						
					 
					
						2001-07-14 12:19:56 +10:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							4f42d8cda3 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2001/07/02 22:29:20  
						
						... 
						
						
						
						[readpass.c]
     do not return NULL, use "" instead. 
						
						
					 
					
						2001-07-04 05:19:27 +00:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							c8a3868ed0 
							
						 
					 
					
						
						
							
							- (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and  
						
						... 
						
						
						
						Solaris 
						
						
					 
					
						2001-06-25 18:09:16 +10:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							949974bbdb 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2001/06/24 05:35:33  
						
						... 
						
						
						
						[readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
     switch to readpassphrase(3)
     2.7/8-stable needs readpassphrase.[ch] from libc 
						
						
					 
					
						2001-06-25 05:20:31 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							bba81213b9 
							
						 
					 
					
						
						
							
							- itojun@cvs.openbsd.org 2001/06/23 15:12:20  
						
						... 
						
						
						
						[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers 
						
						
					 
					
						2001-06-25 05:01:22 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							f278613f5e 
							
						 
					 
					
						
						
							
							- (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h  
						
						
						
						
					 
					
						2001-05-06 18:01:43 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							6d849315ff 
							
						 
					 
					
						
						
							
							- mouring@cvs.openbsd.org 2001/05/02 01:25:39  
						
						... 
						
						
						
						[readpass.c]
     Put the 'const' back into ssh_askpass() function.  Pointed out
     by Mark Miller <markm@swoon.net>.  OK Markus 
						
						
					 
					
						2001-05-02 01:30:32 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							5eb97b6f3d 
							
						 
					 
					
						
						
							
							- markus@cvs.openbsd.org 2001/04/18 21:57:42  
						
						... 
						
						
						
						[readpass.c ssh-add.c]
     call askpass from ssh, too, based on work by roth@feep.net , ok deraadt 
						
						
					 
					
						2001-04-19 20:33:07 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							31ca54aa86 
							
						 
					 
					
						
						
							
							- itojun@cvs.openbsd.org 2001/02/08 19:30:52  
						
						... 
						
						
						
						sync with netbsd tree changes.
     - more strict prototypes, include necessary headers
     - use paths.h/pathnames.h decls
     - size_t typecase to int -> u_long 
						
						
					 
					
						2001-02-09 02:11:24 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Lindstrom 
							
						 
					 
					
						
						
						
						
							
						
						
							226cfa0378 
							
						 
					 
					
						
						
							
							Hopefully things did not get mixed around too much.  It compiles under  
						
						... 
						
						
						
						Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org  2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org  2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org  2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org  2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org  2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org  2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com 
   - stevesk@cvs.openbsd.org  2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org  2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net 
   - djm@cvs.openbsd.org  2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org  2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org  2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org  2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19. 
						
						
					 
					
						2001-01-22 05:34:40 +00:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							92e78f8c64 
							
						 
					 
					
						
						
							
							- (djm) Avoid warning in PAM code by making read_passphrase arguments const  
						
						
						
						
					 
					
						2001-01-17 11:10:48 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							874d77bb13 
							
						 
					 
					
						
						
							
							- (djm) Big OpenBSD sync:  
						
						... 
						
						
						
						- markus@cvs.openbsd.org   2000/09/30 10:27:44
     [log.c]
     allow loglevel debug
   - markus@cvs.openbsd.org   2000/10/03 11:59:57
     [packet.c]
     hmac->mac
   - markus@cvs.openbsd.org   2000/10/03 12:03:03
     [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
     move fake-auth from auth1.c to individual auth methods, disables s/key in
     debug-msg
   - markus@cvs.openbsd.org   2000/10/03 12:16:48
     ssh.c
     do not resolve canonname, i have no idea why this was added oin ossh
   - markus@cvs.openbsd.org   2000/10/09 15:30:44
     ssh-keygen.1 ssh-keygen.c
     -X now reads private ssh.com DSA keys, too.
   - markus@cvs.openbsd.org   2000/10/09 15:32:34
     auth-options.c
     clear options on every call.
   - markus@cvs.openbsd.org   2000/10/09 15:51:00
     authfd.c authfd.h
     interop with ssh-agent2, from <res@shore.net>
   - markus@cvs.openbsd.org   2000/10/10 14:20:45
     compat.c
     use rexexp for version string matching
   - provos@cvs.openbsd.org   2000/10/10 22:02:18
     [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
     First rough implementation of the diffie-hellman group exchange.  The
     client can ask the server for bigger groups to perform the diffie-hellman
     in, thus increasing the attack complexity when using ciphers with longer
     keys.  University of Windsor provided network, T the company.
   - markus@cvs.openbsd.org   2000/10/11 13:59:52
     [auth-rsa.c auth2.c]
     clear auth options unless auth sucessfull
   - markus@cvs.openbsd.org   2000/10/11 14:00:27
     [auth-options.h]
     clear auth options unless auth sucessfull
   - markus@cvs.openbsd.org   2000/10/11 14:03:27
     [scp.1 scp.c]
     support 'scp -o' with help from mouring@pconline.com 
   - markus@cvs.openbsd.org   2000/10/11 14:11:35
     [dh.c]
     Wall
   - markus@cvs.openbsd.org   2000/10/11 14:14:40
     [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
     [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
     add support for s/key (kbd-interactive) to ssh2, based on work by
     mkiernan@avantgo.com  and me
   - markus@cvs.openbsd.org   2000/10/11 14:27:24
     [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
     [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
     [sshconnect2.c sshd.c]
     new cipher framework
   - markus@cvs.openbsd.org   2000/10/11 14:45:21
     [cipher.c]
     remove DES
   - markus@cvs.openbsd.org   2000/10/12 03:59:20
     [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
     enable DES in SSH-1 clients only
   - markus@cvs.openbsd.org   2000/10/12 08:21:13
     [kex.h packet.c]
     remove unused
   - markus@cvs.openbsd.org   2000/10/13 12:34:46
     [sshd.c]
     Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se 
   - markus@cvs.openbsd.org   2000/10/13 12:59:15
     [cipher.c cipher.h myproposal.h  rijndael.c rijndael.h]
     rijndael/aes support
   - markus@cvs.openbsd.org   2000/10/13 13:10:54
     [sshd.8]
     more info about -V
   - markus@cvs.openbsd.org   2000/10/13 13:12:02
     [myproposal.h]
     prefer no compression 
						
						
					 
					
						2000-10-14 16:23:11 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							6536c7d3c9 
							
						 
					 
					
						
						
							
							- OpenBSD CVS Updates:  
						
						... 
						
						
						
						- markus@cvs.openbsd.org   2000/06/18 18:50:11
     [auth2.c compat.c compat.h sshconnect2.c]
     make userauth+pubkey interop with ssh.com-2.2.0
   - markus@cvs.openbsd.org   2000/06/18 20:56:17
     [dsa.c]
     mem leak + be more paranoid in dsa_verify.
   - markus@cvs.openbsd.org   2000/06/18 21:29:50
     [key.c]
     cleanup fingerprinting, less hardcoded sizes
   - markus@cvs.openbsd.org   2000/06/19 19:39:45
     [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
     [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
     [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
     [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
     [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
     [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
     [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
     OpenBSD tag
   - markus@cvs.openbsd.org   2000/06/21 10:46:10
     sshconnect2.c missing free; nuke old comment 
						
						
					 
					
						2000-06-22 21:32:31 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							4af51306d9 
							
						 
					 
					
						
						
							
							- OpenBSD CVS updates.  
						
						... 
						
						
						
						[ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   - whitespace cleanup 
						
						
					 
					
						2000-04-16 11:18:38 +10:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							f052aaf9f6 
							
						 
					 
					
						
						
							
							- OpenBSD CVS updates:  
						
						... 
						
						
						
						- [packet.c]
     use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
     from Holger.Trapp@Informatik.TU-Chemnitz.DE 
   - [sshd.c]
     log with level log() not fatal() if peer behaves badly.
   - [readpass.c]
     instead of blocking SIGINT, catch it ourselves, so that we can clean
     the tty modes up and kill ourselves -- instead of our process group
     leader (scp, cvs, ...) going away and leaving us in noecho mode.
     people with cbreak shells never even noticed.. 
						
						
					 
					
						2000-01-22 19:47:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							50945fa861 
							
						 
					 
					
						
						
							
							- OpenBSD CVS updates:  
						
						... 
						
						
						
						- [readpass.c]
     avoid stdio; based on work by markus, millert, and I
   - [sshd.c]
     make sure the client selects a supported cipher
   - [sshd.c]
     fix sighup handling.  accept would just restart and daemon handled
     sighup only after the next connection was accepted. use poll on
     listen sock now.
   - [sshd.c]
     make that a fatal 
						
						
					 
					
						1999-12-09 10:31:37 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							5428f646ad 
							
						 
					 
					
						
						
							
							- More reformatting merged from OpenBSD CVS  
						
						... 
						
						
						
						- Merged OpenBSD CVS changes:
   - [channels.c]
     report from mrwizard@psu.edu  via djm@ibs.com.au 
   - [channels.c]
     set SO_REUSEADDR and SO_LINGER for forwarded ports.
     chip@valinux.com  via damien@ibs.com.au 
   - [nchan.c]
     it's not an error() if shutdown_write failes in nchan.
   - [readconf.c]
     remove dead #ifdef-0-code
   - [readconf.c servconf.c]
     strcasecmp instead of tolower
   - [scp.c]
     progress meter overflow fix from damien@ibs.com.au 
   - [ssh-add.1 ssh-add.c]
     SSH_ASKPASS support
   - [ssh.1 ssh.c]
     postpone fork_after_authentication until command execution,
     request/patch from jahakala@cc.jyu.fi  via damien@ibs.com.au 
     plus: use daemon() for backgrounding 
						
						
					 
					
						1999-11-25 11:54:57 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							95def09838 
							
						 
					 
					
						
						
							
							- Merged very large OpenBSD source code reformat  
						
						... 
						
						
						
						- OpenBSD CVS updates
   - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
     [ssh.h sshd.8 sshd.c]
     syslog changes:
     * Unified Logmessage for all auth-types, for success and for failed
     * Standard connections get only ONE line in the LOG when level==LOG:
       Auth-attempts are logged only, if authentication is:
          a) successfull or
          b) with passwd or
          c) we had more than AUTH_FAIL_LOG failues
     * many log() became verbose()
     * old behaviour with level=VERBOSE
   - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
     tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
     messages. allows use of s/key in windows (ttssh, securecrt) and
     ssh-1.2.27 clients without 'ssh -v', ok: niels@
   - [sshd.8]
     -V, for fallback to openssh in SSH2 compatibility mode
   - [sshd.c]
     fix sigchld race; cjc5@po.cwru.edu  
						
						
					 
					
						1999-11-25 00:26:21 +11:00 
						 
				 
			
				
					
						
							
							
								Damien Miller 
							
						 
					 
					
						
						
						
						
							
						
						
							d4a8b7e34d 
							
						 
					 
					
						
						
							
							Initial revision  
						
						
						
						
					 
					
						1999-10-27 13:42:43 +10:00