65366a8c76
- stevesk@cvs.openbsd.org 2001/11/17 19:14:34
...
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
2001-12-06 16:32:47 +00:00
e49d0966b5
- (djm) AIX login{success,failed} changes. Move loginsuccess call to
...
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
2001-11-13 23:46:18 +11:00
6fd5b391f0
- markus@cvs.openbsd.org 2001/11/07 22:41:51
...
[auth2.c auth-rh-rsa.c]
unused includes
2001-11-12 11:04:28 +11:00
bdfb4df08c
- markus@cvs.openbsd.org 2001/09/27 15:31:17
...
[auth2.c auth2-chall.c sshconnect1.c]
typos; from solar
2001-10-03 17:12:43 +00:00
1bc3bdb1c2
- markus@cvs.openbsd.org 2001/09/20 13:46:48
...
[auth2.c]
key_read returns now -1 or 1
2001-09-20 23:11:26 +00:00
940fb86c9a
- stevesk@cvs.openbsd.org 2001/07/23 18:14:58
...
[auth2.c auth-rsa.c]
use %lu; ok markus@
2001-08-06 21:01:49 +00:00
90279d80f5
- markus@cvs.openbsd.org 2001/06/26 05:50:11
...
[auth2.c]
new interface for secure_filename()
2001-07-04 03:56:56 +00:00
7907382299
- stevesk@cvs.openbsd.org 2001/06/25 20:26:37
...
[auth2.c sshconnect2.c]
prototype cleanup; ok markus@
2001-07-04 03:42:30 +00:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
a4789ef878
- markus@cvs.openbsd.org 2001/06/23 03:04:42
...
[auth2.c auth-rh-rsa.c]
restore correct ignore_user_known_hosts logic.
2001-06-25 04:40:49 +00:00
83647ce474
- markus@cvs.openbsd.org 2001/06/23 00:20:57
...
[auth2.c auth.c auth.h auth-rh-rsa.c]
*known_hosts2 is obsolete for hostbased authentication and
only used for backward compat. merge ssh1/2 hostkey check
and move it to auth.c
2001-06-25 04:30:16 +00:00
f96704d4ef
- markus@cvs.openbsd.org 2001/06/22 21:55:49
...
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
ssh-keygen.1]
merge authorized_keys2 into authorized_keys.
authorized_keys2 is used for backward compat.
(just append authorized_keys2 to authorized_keys).
2001-06-25 04:17:12 +00:00
9d0c06667e
- markus@cvs.openbsd.org 2001/06/07 19:57:53
...
[auth2.c]
style is used for bsdauth.
disconnect on user/service change (ietf-drafts)
2001-06-09 01:40:00 +00:00
c763767f18
[NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
...
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
2001-06-09 00:36:26 +00:00
cd4349f969
- markus@cvs.openbsd.org 2001/05/30 23:31:14
...
[auth2.c]
merge
2001-06-09 00:23:17 +00:00
e6455aee8f
[NOTE: File split is was not done in Portabl Tree]
...
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
bfb3a0e973
- markus@cvs.openbsd.org 2001/05/20 17:20:36
...
[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
sshd_config]
configurable authorized_keys{,2} location; originally from peter@;
ok djm@
2001-06-05 20:25:05 +00:00
551ea37576
- markus@cvs.openbsd.org 2001/05/18 14:13:29
...
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
improved kbd-interactive support. work by per@appgate.com and me
2001-06-05 18:56:16 +00:00
f815442116
- (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt'
...
(default: off), implies KbdInteractiveAuthentication. Suggestion from
markus@
2001-04-25 22:44:14 +10:00
3f36496e33
- markus@cvs.openbsd.org 2001/04/19 00:05:11
...
[auth2.c]
use local variable, no function call needed.
(btw, hostbased works now with ssh.com >= 2.0.13)
2001-04-19 20:50:07 +00:00
671388f233
- markus@cvs.openbsd.org 2001/04/18 23:43:26
...
[auth2.c compat.c sshconnect2.c]
more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
(however the 2.1.0 server seems to work only if debug is enabled...)
2001-04-19 20:40:45 +00:00
4aa603c150
- markus@cvs.openbsd.org 2001/04/18 22:48:26
...
[auth2.c]
no longer const
2001-04-19 20:38:06 +00:00
2bffd6fd1b
- markus@cvs.openbsd.org 2001/04/18 22:03:45
...
[auth2.c sshconnect2.c]
use FDQN with trailing dot in the hostbased auth packets, ok deraadt@
2001-04-19 20:35:40 +00:00
5eabda303a
- markus@cvs.openbsd.org 2001/04/12 19:15:26
...
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-12 23:34:34 +00:00
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
0cae04005e
- markus@cvs.openbsd.org 2001/04/04 20:32:56
...
[auth2.c]
we don't care about missing bannerfiles; from tsoome@ut.ee , ok deraadt@
2001-04-04 23:47:52 +00:00
5d57e50730
- OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/03/28 22:43:31
[auth.h auth2.c auth2-chall.c]
check auth_root_allowed for kbd-int auth, too.
2001-03-30 10:48:31 +10:00
b31783d547
- markus@cvs.openbsd.org 2001/03/21 11:43:45
...
[auth1.c auth2.c session.c session.h]
merge common ssh v1/2 code
2001-03-22 02:02:12 +00:00
eebc4a2ed3
- (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
...
resync
2001-03-22 01:22:03 +00:00
b54873ad24
- markus@cvs.openbsd.org 2001/03/11 13:25:36
...
[auth2.c key.c]
debug
2001-03-11 20:01:55 +00:00
9c5324422e
- (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
2001-03-05 07:33:14 +00:00
204e48851a
- deraadt@cvs.openbsd.org 2001/03/01 02:45:10
...
[auth-rsa.c auth2.c deattack.c packet.c]
KNF
2001-03-05 06:47:00 +00:00
086cf214cf
- markus@cvs.openbsd.org 2001/02/22 21:59:44
...
[auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
use pwcopy in ssh.c, too
2001-03-05 05:56:40 +00:00
d95c09cc83
- (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
...
pty.[ch] -> sshpty.[ch]
2001-02-18 19:13:33 +00:00
60396b060b
- (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
...
enable with --with-bsd-auth.
2001-02-18 17:01:00 +11:00
c83de6db41
KNF
2001-02-16 14:17:59 +11:00
c1ba31fadc
- markus@cvs.openssh.org 2001/02/13 22:49:40
...
[auth1.c auth2.c]
setproctitle(user) only if getpwnam succeeds
2001-02-15 03:14:11 +00:00
d8a9021f36
- markus@cvs.openbsd.org 2001/02/12 16:16:23
...
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
ssh-keygen.c sshd.8]
PermitRootLogin={yes,without-password,forced-commands-only,no}
(before this change, root could login even if PermitRootLogin==no)
2001-02-15 03:08:27 +00:00
92ddb7d6f0
- (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
...
<cmadams@hiwaay.net> with a little modification and KNF.
2001-02-14 01:25:23 +11:00
d1f20ec368
- markus@cvs.openbsd.org 2001/02/10 12:52:02
...
[auth2.c]
offer passwd before s/key
2001-02-10 21:31:53 +00:00
f79aeffe3b
- markus@cvs.openbsd.org 2001/02/07 22:35:46
...
[auth1.c auth2.c sshd.c]
move k_setpag() to a central place; ok dugsong@
2001-02-10 21:27:11 +00:00
4abe4def70
- (stevesk) OpenBSD sync:
...
- markus@cvs.openbsd.org 2001/02/08 11:20:01
[auth2.c]
strict checking
- markus@cvs.openbsd.org 2001/02/08 11:15:22
[version.h]
update to 2.3.2
- markus@cvs.openbsd.org 2001/02/08 11:12:30
[auth2.c]
fix typo
2001-02-08 19:16:32 +00:00
0afcc9f942
- stevesk@cvs.openbsd.org 2001/02/04 06:30:12
...
[auth2.c authfd.c packet.c]
remove duplicate #include's; ok markus@
2001-02-05 13:57:36 +00:00
ef4eea9bad
- stevesk@cvs.openbsd.org 2001/02/04 08:32:27
...
[many files; did this manually to our top-level source dir]
unexpand and remove end-of-line whitespace; ok markus@
2001-02-05 12:42:17 +00:00
3380426358
NB: big update - may break stuff. Please test!
...
- (djm) OpenBSD CVS sync:
- markus@cvs.openbsd.org 2001/02/03 03:08:38
[auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
[canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
[sshd_config]
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
- markus@cvs.openbsd.org 2001/02/03 03:19:51
[ssh.1 sshd.8 sshd_config]
Skey is now called ChallengeResponse
- markus@cvs.openbsd.org 2001/02/03 03:43:09
[sshd.8]
use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
channel. note from Erik.Anggard@cygate.se (pr/1659)
- stevesk@cvs.openbsd.org 2001/02/03 10:03:06
[ssh.1]
typos; ok markus@
- djm@cvs.openbsd.org 2001/02/04 04:11:56
[scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
[sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
Basic interactive sftp client; ok theo@
- (djm) Update RPM specs for new sftp binary
- (djm) Update several bits for new optional reverse lookup stuff. I
think I got them all.
2001-02-04 23:20:18 +11:00
6d40c0f806
- (bal) Minor auth2.c resync. Whitespace and moving of an #include.
2001-01-29 09:02:24 +00:00
95fb2dde77
- markus@cvs.openbsd.org 2001/01/22 23:06:39
...
[auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
sshconnect1.c sshconnect2.c sshd.c]
rename skey -> challenge response.
auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
2001-01-23 03:12:10 +00:00
b1985f7279
- (bal) OpenBSD Resync
...
- markus@cvs.openbsd.org 2001/01/22 8:15:00
[auth-krb4.c sshconnect1.c]
only AFS needs radix.[ch]
- markus@cvs.openbsd.org 2001/01/22 8:32:53
[auth2.c]
no need to include; from mouring@etoh.eviladmin.org
- stevesk@cvs.openbsd.org 2001/01/22 16:55:21
[key.c]
free() -> xfree(); ok markus@
- stevesk@cvs.openbsd.org 2001/01/22 17:22:28
[sshconnect2.c sshd.c]
fix memory leaks in SSH2 key exchange; ok markus@
2001-01-23 00:19:15 +00:00
226cfa0378
Hopefully things did not get mixed around too much. It compiles under
...
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
2001-01-22 05:34:40 +00:00
22e22bf9ba
- (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
...
to fix NULL pointer deref and fake authloop breakage in PAM code.
2001-01-19 15:46:38 +11:00
Ben Lindstrom
Damien Miller
Kevin Steves