![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.91, Sat Aug 13 17:47:41 2016 UTC (7 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: HEAD
Changes since 1.90: +1 -1 lines
FILE REMOVED
remove ssh1 server code; ok djm@
Revision 1.90 / (download) - annotate - [select for diffs], Wed Jan 28 22:36:00 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.89: +4 -3 lines
Diff to previous 1.89 (colored)
update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
Revision 1.89 / (download) - annotate - [select for diffs], Sun Dec 21 22:27:56 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.88: +3 -2 lines
Diff to previous 1.88 (colored)
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
Revision 1.88 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.87 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.86: +3 -2 lines
Diff to previous 1.86 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.86 / (download) - annotate - [select for diffs], Mon Jan 27 19:18:54 2014 UTC (10 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.85: +13 -9 lines
Diff to previous 1.85 (colored)
replace openssl MD5 with our ssh_digest_*; ok djm@
Revision 1.85 / (download) - annotate - [select for diffs], Fri Jul 12 00:19:58 2013 UTC (10 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.84: +3 -4 lines
Diff to previous 1.84 (colored)
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
Revision 1.84 / (download) - annotate - [select for diffs], Fri Jun 21 00:34:49 2013 UTC (10 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.83: +2 -2 lines
Diff to previous 1.83 (colored)
for hostbased authentication, print the client host and user on the auth success/failure line; bz#2064, ok dtucker@
Revision 1.83 / (download) - annotate - [select for diffs], Sun May 19 02:42:42 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.82: +8 -8 lines
Diff to previous 1.82 (colored)
Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@
Revision 1.82 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.81: +3 -3 lines
Diff to previous 1.81 (colored)
bye, bye xfree(); ok markus@
Revision 1.81 / (download) - annotate - [select for diffs], Tue Oct 30 21:29:54 2012 UTC (11 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.80: +3 -1 lines
Diff to previous 1.80 (colored)
new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
Revision 1.80 / (download) - annotate - [select for diffs], Mon May 23 03:30:07 2011 UTC (12 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.79: +39 -31 lines
Diff to previous 1.79 (colored)
allow AuthorizedKeysFile to specify multiple files, separated by spaces. Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Dec 3 23:55:27 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.78: +5 -4 lines
Diff to previous 1.78 (colored)
move check for revoked keys to run earlier (in auth_rsa_key_allowed) bz#1829; patch from ldv AT altlinux.org; ok markus@
Revision 1.78 / (download) - annotate - [select for diffs], Tue Jul 13 23:13:16 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)
s/timing_safe_cmp/timingsafe_bcmp/g
Revision 1.77 / (download) - annotate - [select for diffs], Tue Jul 13 11:52:06 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)
implement a timing_safe_cmp() function to compare memory without leaking timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
Revision 1.76 / (download) - annotate - [select for diffs], Tue May 11 02:58:04 2010 UTC (14 years ago) by djm
Branch: MAIN
Changes since 1.75: +3 -2 lines
Diff to previous 1.75 (colored)
don't accept certificates marked as "cert-authority" here; ok markus@
Revision 1.75 / (download) - annotate - [select for diffs], Fri Apr 16 01:47:26 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
Revision 1.74 / (download) - annotate - [select for diffs], Thu Mar 4 10:36:03 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.73: +4 -1 lines
Diff to previous 1.73 (colored)
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
Revision 1.73 / (download) - annotate - [select for diffs], Wed Jul 2 12:03:51 2008 UTC (15 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.72: +2 -21 lines
Diff to previous 1.72 (colored)
Merge duplicate host key file checks, based in part on a patch from Rob Holland via bz #1348 . Also checks for non-regular files during protocol 1 RSA auth. ok djm@
Revision 1.63.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 00:44:05 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.63.2.1: +6 -4 lines
Diff to previous 1.63.2.1 (colored) to branchpoint 1.63 (colored) next main 1.64 (colored)
upgrade to OpenSSH 4.5
Revision 1.71.4.1 / (download) - annotate - [select for diffs], Wed Nov 8 00:42:10 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_4_0
Changes since 1.71: +6 -4 lines
Diff to previous 1.71 (colored) next main 1.72 (colored)
upgrade to OpenSSH 4.5
Revision 1.64.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 00:17:14 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.64.2.1: +6 -4 lines
Diff to previous 1.64.2.1 (colored) to branchpoint 1.64 (colored) next main 1.65 (colored)
upgrade to OpenSSH 4.5
Revision 1.72 / (download) - annotate - [select for diffs], Mon Nov 6 21:25:27 2006 UTC (17 years, 6 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.71: +6 -4 lines
Diff to previous 1.71 (colored)
add missing checks for openssl return codes; with & ok djm@
Revision 1.63.2.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.63: +15 -5 lines
Diff to previous 1.63 (colored)
upgrade to OpenSSH 4.4
Revision 1.64.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.64: +13 -6 lines
Diff to previous 1.64 (colored)
upgrade to OpenSSH 4.4
Revision 1.71 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:41 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE
Branch point for: OPENBSD_4_0
Changes since 1.70: +8 -5 lines
Diff to previous 1.70 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.70 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
move #include <stdio.h> out of includes.h
Revision 1.69 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:22 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)
move #include <string.h> out of includes.h
Revision 1.68 / (download) - annotate - [select for diffs], Thu Jul 6 16:03:53 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.67: +3 -1 lines
Diff to previous 1.67 (colored)
move #include <pwd.h> out of includes.h; ok markus@
Revision 1.67 / (download) - annotate - [select for diffs], Sat Mar 25 18:29:35 2006 UTC (18 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
needed casts (always will be needed)
Revision 1.66 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:01 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.65: +1 -0 lines
Diff to previous 1.65 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.65 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.64: +0 -1 lines
Diff to previous 1.64 (colored)
RCSID() can die
Revision 1.64 / (download) - annotate - [select for diffs], Mon Feb 20 17:19:53 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.63: +4 -1 lines
Diff to previous 1.63 (colored)
move #include <sys/stat.h> out of includes.h; ok markus@
Revision 1.62.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:39:52 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.62: +4 -2 lines
Diff to previous 1.62 (colored) next main 1.63 (colored)
upgrade to OpenSSH 4.2
Revision 1.60.2.2 / (download) - annotate - [select for diffs], Fri Sep 2 03:44:59 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.60.2.1: +4 -2 lines
Diff to previous 1.60.2.1 (colored) to branchpoint 1.60 (colored) next main 1.61 (colored)
upgrade to OpenSSH 4.2
Revision 1.63 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:32 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.62: +4 -2 lines
Diff to previous 1.62 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.58.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.58.2.1: +5 -6 lines
Diff to previous 1.58.2.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)
upgrade to OpenSSH 4.0
Revision 1.60.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.60: +5 -6 lines
Diff to previous 1.60 (colored)
upgrade to OpenSSH 4.0
Revision 1.62 / (download) - annotate - [select for diffs], Sat Dec 11 01:48:56 2004 UTC (19 years, 5 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.61: +2 -1 lines
Diff to previous 1.61 (colored)
Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@
Revision 1.61 / (download) - annotate - [select for diffs], Mon Dec 6 11:41:03 2004 UTC (19 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.60: +4 -6 lines
Diff to previous 1.60 (colored)
Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@
Revision 1.57.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:30 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.57.2.1: +5 -6 lines
Diff to previous 1.57.2.1 (colored) to branchpoint 1.57 (colored) next main 1.58 (colored)
upgrade to OpenSSH 3.9
Revision 1.58.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:25 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.58: +5 -6 lines
Diff to previous 1.58 (colored)
upgrade to OpenSSH 3.9
Revision 1.60 / (download) - annotate - [select for diffs], Mon Jun 21 17:36:31 2004 UTC (19 years, 10 months ago) by avsm
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.59: +5 -5 lines
Diff to previous 1.59 (colored)
make ssh -Wshadow clean, no functional changes markus@ ok
Revision 1.59 / (download) - annotate - [select for diffs], Sun May 9 01:19:27 2004 UTC (20 years ago) by djm
Branch: MAIN
Changes since 1.58: +1 -2 lines
Diff to previous 1.58 (colored)
kill some more tiny files; ok deraadt@
Revision 1.56.4.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.56.4.1: +4 -3 lines
Diff to previous 1.56.4.1 (colored) to branchpoint 1.56 (colored) next main 1.57 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.57.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:32 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.57: +4 -3 lines
Diff to previous 1.57 (colored)
upgrade to OpenSSH 3.8
Revision 1.58 / (download) - annotate - [select for diffs], Tue Nov 4 08:54:09 2003 UTC (20 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.57: +4 -3 lines
Diff to previous 1.57 (colored)
standardise arguments to auth methods - they should all take authctxt. check authctxt->valid rather then pw != NULL; ok markus@
Revision 1.56.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:24 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.56: +3 -3 lines
Diff to previous 1.56 (colored) next main 1.57 (colored)
upgrade to OpenSSH 3.7
Revision 1.56.4.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:42 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.56: +3 -3 lines
Diff to previous 1.56 (colored)
upgrade to OpenSSH 3.7
Revision 1.57 / (download) - annotate - [select for diffs], Tue Apr 8 20:21:28 2003 UTC (21 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.56: +3 -3 lines
Diff to previous 1.56 (colored)
rename log() into logit() to avoid name conflict. markus ok, from netbsd
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:37 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored) next main 1.56 (colored)
Pull in OpenSSH-3.4
Revision 1.44.2.3 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:16 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.44.2.2: +3 -3 lines
Diff to previous 1.44.2.2 (colored) to branchpoint 1.44 (colored) next main 1.45 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.56 / (download) - annotate - [select for diffs], Mon Jun 10 16:53:06 2002 UTC (21 years, 11 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_3,
OPENBSD_3_2
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
display minimum RSA modulus in error(); ok markus@
Revision 1.40.2.3 / (download) - annotate - [select for diffs], Sun Jun 2 22:56:09 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.40.2.2: +125 -84 lines
Diff to previous 1.40.2.2 (colored) to branchpoint 1.40 (colored) next main 1.41 (colored)
Upgrade to OpenSSH 3.2.3. Except for improbable compilation error fixes, this should be the last commit made to the 2.9-STABLE branche. Have fun upgrading.
Revision 1.44.2.2 / (download) - annotate - [select for diffs], Fri May 17 00:03:23 2002 UTC (22 years ago) by miod
Branch: OPENBSD_3_0
Changes since 1.44.2.1: +125 -84 lines
Diff to previous 1.44.2.1 (colored) to branchpoint 1.44 (colored)
Update OpenSSH to version 3.2.2.
Revision 1.55 / (download) - annotate - [select for diffs], Fri Mar 29 19:18:33 2002 UTC (22 years, 1 month ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.54: +3 -2 lines
Diff to previous 1.54 (colored)
make RSA modulus minimum #define; ok markus@
Revision 1.54 / (download) - annotate - [select for diffs], Tue Mar 26 23:13:03 2002 UTC (22 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.53: +8 -1 lines
Diff to previous 1.53 (colored)
disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
Revision 1.53 / (download) - annotate - [select for diffs], Mon Mar 25 09:21:13 2002 UTC (22 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.52: +4 -4 lines
Diff to previous 1.52 (colored)
return 0 (not NULL); tomh@po.crl.go.jp
Revision 1.52 / (download) - annotate - [select for diffs], Mon Mar 18 17:50:31 2002 UTC (22 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.51: +8 -7 lines
Diff to previous 1.51 (colored)
integrate privilege separated openssh; its turned off by default for now. work done by me and markus@
Revision 1.51 / (download) - annotate - [select for diffs], Thu Mar 14 16:56:33 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.50: +117 -85 lines
Diff to previous 1.50 (colored)
split auth_rsa() for better readability and privsep; ok provos@
Revision 1.40.2.2 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:43 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.40.2.1: +31 -18 lines
Diff to previous 1.40.2.1 (colored) to branchpoint 1.40 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.32.2.6 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:41 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.32.2.5: +31 -18 lines
Diff to previous 1.32.2.5 (colored) to branchpoint 1.32 (colored) next main 1.33 (colored)
Merge OpenSSH 3.1.
Revision 1.44.2.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.44: +31 -18 lines
Diff to previous 1.44 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.50 / (download) - annotate - [select for diffs], Fri Dec 28 14:50:54 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
packet_read* no longer return the packet length, since it's not used.
Revision 1.49 / (download) - annotate - [select for diffs], Fri Dec 28 12:14:27 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)
s/packet_done/packet_check_eom/ (end-of-message); ok djm@
Revision 1.48 / (download) - annotate - [select for diffs], Thu Dec 27 20:39:58 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
get rid of packet_integrity_check, use packet_done() instead.
Revision 1.47 / (download) - annotate - [select for diffs], Thu Dec 27 18:22:16 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.46: +7 -4 lines
Diff to previous 1.46 (colored)
call fatal() for openssl allocation failures
Revision 1.46 / (download) - annotate - [select for diffs], Tue Dec 18 10:06:24 2001 UTC (22 years, 5 months ago) by jakob
Branch: MAIN
Changes since 1.45: +17 -11 lines
Diff to previous 1.45 (colored)
log fingerprint on successful public key authentication, simplify usage of key structs; ok markus@
Revision 1.45 / (download) - annotate - [select for diffs], Thu Nov 29 22:08:48 2001 UTC (22 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.44: +6 -2 lines
Diff to previous 1.44 (colored)
fix protocol error: send 'failed' message instead of a 2nd challenge (happens if the same key is in authorized_keys twice). reported Ralf_Meister@genua.de; ok djm@
Revision 1.40.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.40: +17 -43 lines
Diff to previous 1.40 (colored)
Pull in OpenSSH-2.9.9
Revision 1.32.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:41 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.32.2.4: +17 -43 lines
Diff to previous 1.32.2.4 (colored) to branchpoint 1.32 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.44 / (download) - annotate - [select for diffs], Mon Jul 23 18:14:58 2001 UTC (22 years, 9 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
use %lu; ok markus@
Revision 1.43 / (download) - annotate - [select for diffs], Mon Jun 25 17:54:47 2001 UTC (22 years, 10 months ago) by provos
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
terminate secure_filename checking after checking homedir. that way it works on AFS. okay markus@
Revision 1.42 / (download) - annotate - [select for diffs], Fri Jun 22 21:55:48 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.41: +2 -4 lines
Diff to previous 1.41 (colored)
merge authorized_keys2 into authorized_keys. authorized_keys2 is used for backward compat. (just append authorized_keys2 to authorized_keys).
Revision 1.41 / (download) - annotate - [select for diffs], Sun May 20 17:20:35 2001 UTC (23 years ago) by markus
Branch: MAIN
Changes since 1.40: +15 -39 lines
Diff to previous 1.40 (colored)
configurable authorized_keys{,2} location; originally from peter@; ok djm@
Revision 1.32.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:25 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.32.2.3: +2 -2 lines
Diff to previous 1.32.2.3 (colored) to branchpoint 1.32 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.40 / (download) - annotate - [select for diffs], Fri Apr 6 21:00:07 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
Revision 1.32.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:22 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.32.2.2: +3 -3 lines
Diff to previous 1.32.2.2 (colored) to branchpoint 1.32 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.23.2.5 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:33 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.23.2.4: +3 -3 lines
Diff to previous 1.23.2.4 (colored) to branchpoint 1.23 (colored) next main 1.24 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.23.2.4 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:07 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.23.2.3: +26 -24 lines
Diff to previous 1.23.2.3 (colored) to branchpoint 1.23 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.39 / (download) - annotate - [select for diffs], Thu Mar 1 02:45:10 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.38: +3 -3 lines
Diff to previous 1.38 (colored)
KNF
Revision 1.32.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:18:36 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.32.2.1: +0 -0 lines
Diff to previous 1.32.2.1 (colored) to branchpoint 1.32 (colored)
Pull in OpenSSH-2.5.1
Revision 1.32.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:12:52 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.32: +26 -24 lines
Diff to previous 1.32 (colored)
Pull in OpenSSH 2.5.0
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:42 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.37: +7 -7 lines
Diff to previous 1.37 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.37 / (download) - annotate - [select for diffs], Sat Jan 20 17:34:25 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)
typo
Revision 1.36 / (download) - annotate - [select for diffs], Sat Jan 20 15:55:20 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.35: +5 -5 lines
Diff to previous 1.35 (colored)
pass the filename to auth_parse_options()
Revision 1.35 / (download) - annotate - [select for diffs], Fri Jan 19 15:55:10 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.34: +8 -6 lines
Diff to previous 1.34 (colored)
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
Revision 1.34 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:55 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.33: +6 -6 lines
Diff to previous 1.33 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.33 / (download) - annotate - [select for diffs], Tue Nov 14 23:42:40 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.32: +7 -7 lines
Diff to previous 1.32 (colored)
parse options only if key matches; fixes some confusing messages seen by the client
Revision 1.23.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:21 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.23.2.2: +24 -12 lines
Diff to previous 1.23.2.2 (colored) to branchpoint 1.23 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.32 / (download) - annotate - [select for diffs], Sat Oct 14 12:19:45 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.31: +9 -4 lines
Diff to previous 1.31 (colored)
do not send RSA challenge if key is not allowed by key-options; from eivind@ThinkSec.com
Revision 1.31 / (download) - annotate - [select for diffs], Wed Oct 11 19:59:52 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.30: +3 -1 lines
Diff to previous 1.30 (colored)
clear auth options unless auth sucessfull
Revision 1.30 / (download) - annotate - [select for diffs], Tue Oct 3 18:03:03 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.29: +9 -2 lines
Diff to previous 1.29 (colored)
move fake-auth from auth1.c to individual auth methods, disables s/key in debug-msg
Revision 1.29 / (download) - annotate - [select for diffs], Thu Sep 7 21:13:36 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.28: +1 -24 lines
Diff to previous 1.28 (colored)
some more Copyright fixes
Revision 1.28 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:49 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.27: +29 -8 lines
Diff to previous 1.27 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.23.2.2 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:17 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.23.2.1: +5 -198 lines
Diff to previous 1.23.2.1 (colored) to branchpoint 1.23 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jul 7 03:55:03 2000 UTC (23 years, 10 months ago) by todd
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)
clean code is good code
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jun 20 01:39:38 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.25: +1 -1 lines
Diff to previous 1.25 (colored)
OpenBSD tag
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jun 18 04:05:02 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.24: +3 -196 lines
Diff to previous 1.24 (colored)
split auth-rsa option parsing into auth-options add options support to authorized_keys2
Revision 1.23.2.1 / (download) - annotate - [select for diffs], Mon Jun 12 02:37:31 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.23: +13 -5 lines
Diff to previous 1.23 (colored)
lovin' CVS... update patch branch to OpenSSH-2.1.1
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jun 6 19:32:13 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.23: +13 -5 lines
Diff to previous 1.23 (colored)
fix match_hostname() logic for auth-rsa: deny access if we have a negative match or no match at all
Revision 1.23 / (download) - annotate - [select for diffs], Sat Apr 29 18:11:51 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.22: +1 -2 lines
Diff to previous 1.22 (colored)
keysize warnings error() -> log()
Revision 1.22 / (download) - annotate - [select for diffs], Wed Apr 26 20:48:42 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)
missing fclose
Revision 1.21 / (download) - annotate - [select for diffs], Fri Apr 14 10:30:29 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.20: +8 -8 lines
Diff to previous 1.20 (colored)
whitespace cleanup
Revision 1.20 / (download) - annotate - [select for diffs], Wed Apr 12 09:39:09 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
#include <ssl/foo.h> -> <openssh/foo.h>
Revision 1.19 / (download) - annotate - [select for diffs], Thu Mar 23 22:15:33 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.18: +15 -22 lines
Diff to previous 1.18 (colored)
initial support for DSA keys. ok deraadt@, niels@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Feb 11 10:59:11 2000 UTC (24 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.17: +12 -15 lines
Diff to previous 1.17 (colored)
delay MD5 computation until client sends response, free() early, cleanup.
Revision 1.17 / (download) - annotate - [select for diffs], Tue Jan 18 09:41:05 2000 UTC (24 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.16: +16 -1 lines
Diff to previous 1.16 (colored)
fix user/1056, sshd keeps restrictions; dbt@meat.net
Revision 1.16 / (download) - annotate - [select for diffs], Thu Dec 2 23:05:08 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored)
warn only about mismatch if key is _used_
Revision 1.15 / (download) - annotate - [select for diffs], Thu Dec 2 20:17:49 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.14: +4 -4 lines
Diff to previous 1.14 (colored)
warn about keysize-mismatch with log() not error()
Revision 1.14 / (download) - annotate - [select for diffs], Wed Nov 24 19:53:44 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.13: +55 -42 lines
Diff to previous 1.13 (colored)
KNF, final part 3
Revision 1.13 / (download) - annotate - [select for diffs], Wed Nov 24 00:26:00 1999 UTC (24 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.12: +16 -16 lines
Diff to previous 1.12 (colored)
much more KNF
Revision 1.12 / (download) - annotate - [select for diffs], Tue Nov 23 22:25:52 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.11: +372 -407 lines
Diff to previous 1.11 (colored)
KNF part 1
Revision 1.11 / (download) - annotate - [select for diffs], Mon Nov 22 21:02:38 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE
Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 18 14:00:48 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
more %d vs. %s in fmt-strings
Revision 1.9 / (download) - annotate - [select for diffs], Mon Nov 15 20:53:24 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.8: +15 -9 lines
Diff to previous 1.8 (colored)
the keysize of rsa-parameter 'n' is passed implizit, a few more checks and warnings about 'pretended' keysizes.
Revision 1.8 / (download) - annotate - [select for diffs], Thu Nov 11 23:36:52 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.7: +5 -3 lines
Diff to previous 1.7 (colored)
make all access to options via 'extern Options options' and 'extern ServerOptions options' respectively; options are no longer passed as arguments: * make options handling more consistent * remove #include "readconf.h" from ssh.h * readconf.h is only included if necessary
Revision 1.7 / (download) - annotate - [select for diffs], Tue Nov 2 19:42:34 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.6: +3 -2 lines
Diff to previous 1.6 (colored)
replace assert() with error, fatal or packet_disconnect
Revision 1.6 / (download) - annotate - [select for diffs], Wed Oct 27 16:37:45 1999 UTC (24 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.5: +6 -6 lines
Diff to previous 1.5 (colored)
use libssl md5 routines
Revision 1.5 / (download) - annotate - [select for diffs], Mon Oct 18 01:54:18 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
the session key is only the least significant 256-bits, mask the rest away
Revision 1.4 / (download) - annotate - [select for diffs], Mon Oct 11 20:00:35 1999 UTC (24 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.3: +45 -5 lines
Diff to previous 1.3 (colored)
make sure ~/.ssh/authorized_keys is not writable for group/world (sshd)
don't load private keys if they are group/world-{rwx} (ssh,sshd and ssh-add)
Revision 1.3 / (download) - annotate - [select for diffs], Thu Sep 30 17:08:51 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)
use libc md5
Revision 1.2 / (download) - annotate - [select for diffs], Wed Sep 29 21:14:15 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +3 -2 lines
Diff to previous 1.1 (colored)
numerous sprintf, strncpy, strcpy cleanups
Revision 1.1 / (download) - annotate - [select for diffs], Tue Sep 28 04:45:35 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
convert all uses of gmp to SSL bignum convert all used of rsa to SSL rsa functions remove all use of randomstate to OpenBSD arc4random() and arc4_stir() all this done at a long long night in Canada.