![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.133, Wed Jul 11 18:53:29 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: HEAD
Changes since 1.132: +1 -1 lines
FILE REMOVED
remove legacy key emulation layer; ok djm@
Revision 1.132 / (download) - annotate - [select for diffs], Mon Dec 18 02:25:15 2017 UTC (6 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.131: +1 -16 lines
Diff to previous 1.131 (colored)
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
Revision 1.131 / (download) - annotate - [select for diffs], Tue May 30 14:16:41 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.130: +1 -176 lines
Diff to previous 1.130 (colored)
remove unused wrapper functions from key.[ch]; ok djm@
Revision 1.130 / (download) - annotate - [select for diffs], Mon May 2 09:36:42 2016 UTC (8 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored)
support SHA256 and SHA512 RSA signatures in certificates; ok markus@
Revision 1.129 / (download) - annotate - [select for diffs], Fri Dec 4 16:41:28 2015 UTC (8 years, 5 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.128: +3 -3 lines
Diff to previous 1.128 (colored)
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)
based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt;
with & ok djm@
Revision 1.128 / (download) - annotate - [select for diffs], Fri Jul 3 03:43:18 2015 UTC (8 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.127: +3 -3 lines
Diff to previous 1.127 (colored)
delete support for legacy v00 certificates; "sure" markus@ dtucker@
Revision 1.127 / (download) - annotate - [select for diffs], Wed Jan 28 22:36:00 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.126: +1 -18 lines
Diff to previous 1.126 (colored)
update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
Revision 1.126 / (download) - annotate - [select for diffs], Tue Jan 20 23:14:00 2015 UTC (9 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
Revision 1.125 / (download) - annotate - [select for diffs], Thu Jan 8 10:14:08 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.124: +2 -23 lines
Diff to previous 1.124 (colored)
deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
Revision 1.124 / (download) - annotate - [select for diffs], Sun Dec 21 22:27:56 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.123: +3 -4 lines
Diff to previous 1.123 (colored)
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
Revision 1.123 / (download) - annotate - [select for diffs], Thu Dec 4 20:47:36 2014 UTC (9 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.122: +1 -15 lines
Diff to previous 1.122 (colored)
key_in_file() wrapper is no longer used
Revision 1.122 / (download) - annotate - [select for diffs], Tue Jul 22 01:18:50 2014 UTC (9 years, 9 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.121: +5 -2 lines
Diff to previous 1.121 (colored)
Prevent spam from key_load_private_pem during hostbased auth. ok djm@
Revision 1.121 / (download) - annotate - [select for diffs], Thu Jul 17 00:12:03 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.120: +5 -3 lines
Diff to previous 1.120 (colored)
silence "incorrect passphrase" error spam; reported and ok dtucker@
Revision 1.120 / (download) - annotate - [select for diffs], Wed Jul 9 03:02:15 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.119: +11 -6 lines
Diff to previous 1.119 (colored)
downgrade more error() to debug() to better match what old authfile.c did; suppresses spurious errors with hostbased authentication enabled
Revision 1.119 / (download) - annotate - [select for diffs], Mon Jun 30 12:54:39 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.118: +3 -2 lines
Diff to previous 1.118 (colored)
suppress spurious error message when loading key with a passphrase; reported by kettenis@ ok markus@
Revision 1.118 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.117: +283 -2431 lines
Diff to previous 1.117 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.117 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
Changes since 1.116: +97 -23 lines
Diff to previous 1.116 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.116 / (download) - annotate - [select for diffs], Sun Feb 2 03:44:31 2014 UTC (10 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.115: +6 -6 lines
Diff to previous 1.115 (colored)
convert memset of potentially-private data to explicit_bzero()
Revision 1.115 / (download) - annotate - [select for diffs], Thu Jan 9 23:20:00 2014 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.114: +20 -20 lines
Diff to previous 1.114 (colored)
Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
Revision 1.114 / (download) - annotate - [select for diffs], Sun Dec 29 04:20:04 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.113: +17 -7 lines
Diff to previous 1.113 (colored)
to make sure we don't omit any key types as valid CA keys again, factor the valid key type check into a key_type_is_valid_ca() function
Revision 1.113 / (download) - annotate - [select for diffs], Sun Dec 29 02:49:52 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)
correct comment for key_drop_cert()
Revision 1.112 / (download) - annotate - [select for diffs], Sun Dec 29 02:37:04 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.111: +2 -2 lines
Diff to previous 1.111 (colored)
correct comment for key_to_certified()
Revision 1.111 / (download) - annotate - [select for diffs], Sun Dec 29 02:28:10 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.110: +3 -2 lines
Diff to previous 1.110 (colored)
allow ed25519 keys to appear as certificate authorities
Revision 1.110 / (download) - annotate - [select for diffs], Sat Dec 7 00:19:15 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.109: +2 -1 lines
Diff to previous 1.109 (colored)
set k->cert = NULL after freeing it
Revision 1.109 / (download) - annotate - [select for diffs], Fri Dec 6 13:39:49 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.108: +169 -25 lines
Diff to previous 1.108 (colored)
support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
Revision 1.108 / (download) - annotate - [select for diffs], Fri Dec 6 13:34:54 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.107: +2 -1 lines
Diff to previous 1.107 (colored)
new private key format, bcrypt as KDF by default; details in PROTOCOL.key; feedback and lots help from djm; ok djm@
Revision 1.107 / (download) - annotate - [select for diffs], Fri Dec 6 13:30:08 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.106: +184 -1 lines
Diff to previous 1.106 (colored)
move private key (de)serialization to key.c; ok djm
Revision 1.106 / (download) - annotate - [select for diffs], Mon Dec 2 03:09:22 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.105: +5 -1 lines
Diff to previous 1.105 (colored)
make key_to_blob() return a NULL blob on failure; part of bz#2175 from Loganaden Velvindron @ AfriNIC
Revision 1.105 / (download) - annotate - [select for diffs], Tue Oct 29 09:42:11 2013 UTC (10 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.104: +29 -16 lines
Diff to previous 1.104 (colored)
fix potential stack exhaustion caused by nested certificates; report by Mateusz Kocielski; ok dtucker@ markus@
Revision 1.104 / (download) - annotate - [select for diffs], Sun May 19 02:42:42 2013 UTC (11 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.103: +2 -2 lines
Diff to previous 1.103 (colored)
Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@
Revision 1.103 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.102: +24 -33 lines
Diff to previous 1.102 (colored)
bye, bye xfree(); ok markus@
Revision 1.102 / (download) - annotate - [select for diffs], Fri May 10 04:08:01 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.101: +2 -1 lines
Diff to previous 1.101 (colored)
memleak in cert_free(), wasn't actually freeing the struct; bz#2096 from shm AT digitalsun.pl
Revision 1.101 / (download) - annotate - [select for diffs], Fri Apr 19 01:06:50 2013 UTC (11 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.100: +97 -116 lines
Diff to previous 1.100 (colored)
add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
Revision 1.100 / (download) - annotate - [select for diffs], Thu Jan 17 23:00:01 2013 UTC (11 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.99: +25 -15 lines
Diff to previous 1.99 (colored)
add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
Revision 1.99 / (download) - annotate - [select for diffs], Wed May 23 03:28:28 2012 UTC (11 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.98: +4 -1 lines
Diff to previous 1.98 (colored)
add support for RFC6594 SSHFP DNS records for ECDSA key types. patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
Revision 1.98 / (download) - annotate - [select for diffs], Tue Oct 18 04:58:26 2011 UTC (12 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.97: +1 -6 lines
Diff to previous 1.97 (colored)
remove explict search for \0 in packet strings, this job is now done implicitly by buffer_get_cstring; ok markus
Revision 1.97 / (download) - annotate - [select for diffs], Tue May 17 07:13:31 2011 UTC (13 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.96: +4 -1 lines
Diff to previous 1.96 (colored)
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
Revision 1.96 / (download) - annotate - [select for diffs], Fri Feb 4 00:44:21 2011 UTC (13 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.95: +3 -4 lines
Diff to previous 1.95 (colored)
fix uninitialised nonce variable; reported by Mateusz Kocielski
Revision 1.95 / (download) - annotate - [select for diffs], Wed Nov 10 01:33:07 2010 UTC (13 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.94: +17 -9 lines
Diff to previous 1.94 (colored)
use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. these have been around for years by this time. ok markus
Revision 1.94 / (download) - annotate - [select for diffs], Thu Oct 28 11:22:09 2010 UTC (13 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.93: +22 -9 lines
Diff to previous 1.93 (colored)
fix a possible NULL deref on loading a corrupt ECDH key store ECDH group information in private keys files as "named groups" rather than as a set of explicit group parameters (by setting the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and retrieves the group's OpenSSL NID that we need for various things.
Revision 1.93 / (download) - annotate - [select for diffs], Thu Sep 9 10:45:45 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.92: +35 -12 lines
Diff to previous 1.92 (colored)
ECDH/ECDSA compliance fix: these methods vary the hash function they use (SHA256/384/512) depending on the length of the curve in use. The previous code incorrectly used SHA256 in all cases. This fix will cause authentication failure when using 384 or 521-bit curve keys if one peer hasn't been upgraded and the other has. (256-bit curve keys work ok). In particular you may need to specify HostkeyAlgorithms when connecting to a server that has not been upgraded from an upgraded client. ok naddy@
Revision 1.92 / (download) - annotate - [select for diffs], Tue Aug 31 11:54:45 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.91: +526 -15 lines
Diff to previous 1.91 (colored)
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Revision 1.91 / (download) - annotate - [select for diffs], Tue Aug 31 09:58:37 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.90: +4 -9 lines
Diff to previous 1.90 (colored)
Add buffer_get_cstring() and related functions that verify that the string extracted from the buffer contains no embedded \0 characters* This prevents random (possibly malicious) crap from being appended to strings where it would not be noticed if the string is used with a string(3) function. Use the new API in a few sensitive places. * actually, we allow a single one at the end of the string for now because we don't know how many deployed implementations get this wrong, but don't count on this to remain indefinitely.
Revision 1.90 / (download) - annotate - [select for diffs], Tue Jul 13 23:13:16 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)
s/timing_safe_cmp/timingsafe_bcmp/g
Revision 1.89 / (download) - annotate - [select for diffs], Tue Jul 13 11:52:06 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.88: +3 -2 lines
Diff to previous 1.88 (colored)
implement a timing_safe_cmp() function to compare memory without leaking timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
Revision 1.88 / (download) - annotate - [select for diffs], Fri May 7 11:30:29 2010 UTC (14 years ago) by djm
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
add some optional indirection to matching of principal names listed in certificates. Currently, a certificate must include the a user's name to be accepted for authentication. This change adds the ability to specify a list of certificate principal names that are acceptable. When authenticating using a CA trusted through ~/.ssh/authorized_keys, this adds a new principals="name1[,name2,...]" key option. For CAs listed through sshd_config's TrustedCAKeys option, a new config option "AuthorizedPrincipalsFile" specifies a per-user file containing the list of acceptable names. If either option is absent, the current behaviour of requiring the username to appear in principals continues to apply. These options are useful for role accounts, disjoint account namespaces and "user@realm"-style naming policies in certificates. feedback and ok markus@
Revision 1.87 / (download) - annotate - [select for diffs], Fri Apr 16 01:47:26 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.86: +146 -31 lines
Diff to previous 1.86 (colored)
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
Revision 1.86 / (download) - annotate - [select for diffs], Mon Mar 15 19:40:02 2010 UTC (14 years, 2 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.85: +14 -1 lines
Diff to previous 1.85 (colored)
also print certificate type (user or host) for ssh-keygen -L ok djm kettenis
Revision 1.85 / (download) - annotate - [select for diffs], Thu Mar 4 01:44:57 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.84: +3 -3 lines
Diff to previous 1.84 (colored)
use buffer_get_string_ptr_ret() where we are checking the return value explicitly instead of the fatal()-causing buffer_get_string_ptr()
Revision 1.84 / (download) - annotate - [select for diffs], Wed Mar 3 01:44:36 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.83: +23 -13 lines
Diff to previous 1.83 (colored)
reject strings with embedded ASCII nul chars in certificate key IDs, principal names and constraints
Revision 1.83 / (download) - annotate - [select for diffs], Fri Feb 26 20:29:54 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.82: +561 -34 lines
Diff to previous 1.82 (colored)
Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
Revision 1.82 / (download) - annotate - [select for diffs], Wed Jan 13 01:10:56 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.81: +7 -1 lines
Diff to previous 1.81 (colored)
Ignore and log any Protocol 1 keys where the claimed size is not equal to the actual size. Noted by Derek Martin, ok djm@
Revision 1.81 / (download) - annotate - [select for diffs], Fri Dec 11 18:16:33 2009 UTC (14 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)
switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537 for the RSA public exponent; discussed with provos; ok djm@
Revision 1.80 / (download) - annotate - [select for diffs], Fri Oct 10 05:00:12 2008 UTC (15 years, 7 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)
typo in error message; ok djm@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Jul 25 07:05:16 2008 UTC (15 years, 9 months ago) by grunk
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.78: +3 -2 lines
Diff to previous 1.78 (colored)
In random art visualization, make sure to use the end marker only at the end. Initial diff by Dirk Loss, tweaks and ok djm@
Revision 1.78 / (download) - annotate - [select for diffs], Mon Jul 7 23:32:51 2008 UTC (15 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.77: +2 -1 lines
Diff to previous 1.77 (colored)
/*NOTREACHED*/ for lint warning: warning: function key_equal falls off bottom without returning value ok djm@
Revision 1.77 / (download) - annotate - [select for diffs], Wed Jun 25 11:13:43 2008 UTC (15 years, 10 months ago) by otto
Branch: MAIN
Changes since 1.76: +3 -3 lines
Diff to previous 1.76 (colored)
add key length to visual fingerprint; zap magical constants; ok grunk@ djm@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Jun 12 22:03:36 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.75: +2 -1 lines
Diff to previous 1.75 (colored)
add my copyright, ok djm@
Revision 1.75 / (download) - annotate - [select for diffs], Thu Jun 12 06:32:59 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.74: +6 -3 lines
Diff to previous 1.74 (colored)
We already mark the start of the worm, now also mark the end of the worm in our random art drawings. ok djm@
Revision 1.74 / (download) - annotate - [select for diffs], Thu Jun 12 05:42:46 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.73: +16 -8 lines
Diff to previous 1.73 (colored)
supply the key type (rsa1, rsa, dsa) as a caption in the frame of the random art. while there, stress the fact that the field base should at least be 8 characters for the pictures to make sense. comment and ok djm@
Revision 1.73 / (download) - annotate - [select for diffs], Thu Jun 12 00:13:13 2008 UTC (15 years, 11 months ago) by otto
Branch: MAIN
Changes since 1.72: +5 -5 lines
Diff to previous 1.72 (colored)
use an odd number of rows and columns and a separate start marker, looks better; ok grunk@
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jun 11 23:51:57 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.71: +5 -5 lines
Diff to previous 1.71 (colored)
#define statements that are not atoms need braces around them, else they will cause trouble in some cases. Also do a computation of -1 once, and not in a loop several times. spotted by otto@
Revision 1.71 / (download) - annotate - [select for diffs], Wed Jun 11 23:02:22 2008 UTC (15 years, 11 months ago) by otto
Branch: MAIN
Changes since 1.70: +7 -9 lines
Diff to previous 1.70 (colored)
simpler way of computing the augmentations; ok grunk@
Revision 1.70 / (download) - annotate - [select for diffs], Wed Jun 11 21:01:35 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.69: +104 -1 lines
Diff to previous 1.69 (colored)
Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the graphical hash visualization schemes known as "random art", and by Dan Kaminsky's musings on the subject during a BlackOp talk at the 23C3 in Berlin. Scientific publication (original paper): "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99) http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf The algorithm used here is a worm crawling over a discrete plane, leaving a trace (augmenting the field) everywhere it goes. Movement is taken from dgst_raw 2bit-wise. Bumping into walls makes the respective movement vector be ignored for this turn, thus switching to the other color of the chessboard. Graphs are not unambiguous for now, because circles in graphs can be walked in either direction. discussions with several people, help, corrections and ok markus@ djm@
Revision 1.69 / (download) - annotate - [select for diffs], Thu Jul 12 05:48:05 2007 UTC (16 years, 10 months ago) by ray
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.68: +1 -3 lines
Diff to previous 1.68 (colored)
Delint: remove some unreachable statements, from Bret Lambert. OK markus@ and dtucker@.
Revision 1.58.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 00:44:05 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.58.2.1: +9 -7 lines
Diff to previous 1.58.2.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)
upgrade to OpenSSH 4.5
Revision 1.67.4.1 / (download) - annotate - [select for diffs], Wed Nov 8 00:42:10 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_4_0
Changes since 1.67: +9 -7 lines
Diff to previous 1.67 (colored) next main 1.68 (colored)
upgrade to OpenSSH 4.5
Revision 1.58.4.2 / (download) - annotate - [select for diffs], Wed Nov 8 00:17:14 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.58.4.1: +9 -7 lines
Diff to previous 1.58.4.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)
upgrade to OpenSSH 4.5
Revision 1.68 / (download) - annotate - [select for diffs], Mon Nov 6 21:25:28 2006 UTC (17 years, 6 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.67: +9 -7 lines
Diff to previous 1.67 (colored)
add missing checks for openssl return codes; with & ok djm@
Revision 1.58.2.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.58: +14 -25 lines
Diff to previous 1.58 (colored)
upgrade to OpenSSH 4.4
Revision 1.58.4.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.58: +14 -25 lines
Diff to previous 1.58 (colored)
upgrade to OpenSSH 4.4
Revision 1.67 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:42 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE
Branch point for: OPENBSD_4_0
Changes since 1.66: +3 -3 lines
Diff to previous 1.66 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.66 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.65: +2 -1 lines
Diff to previous 1.65 (colored)
move #include <stdio.h> out of includes.h
Revision 1.65 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:23 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.64: +3 -1 lines
Diff to previous 1.64 (colored)
move #include <string.h> out of includes.h
Revision 1.64 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:02 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.63: +1 -0 lines
Diff to previous 1.63 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.63 / (download) - annotate - [select for diffs], Sat Mar 25 00:05:41 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.62: +4 -6 lines
Diff to previous 1.62 (colored)
introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
Revision 1.62 / (download) - annotate - [select for diffs], Mon Mar 20 17:13:16 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.61: +1 -1 lines
Diff to previous 1.61 (colored)
djm did a typo
Revision 1.61 / (download) - annotate - [select for diffs], Mon Mar 20 17:10:19 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.60: +2 -16 lines
Diff to previous 1.60 (colored)
in a switch (), break after return or goto is stupid
Revision 1.60 / (download) - annotate - [select for diffs], Mon Mar 20 11:38:46 2006 UTC (18 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.59: +2 -0 lines
Diff to previous 1.59 (colored)
(really) last of the Coverity diffs: avoid possible NULL deref in key_free. via elad AT netbsd.org; markus@ ok
Revision 1.59 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.58: +0 -1 lines
Diff to previous 1.58 (colored)
RCSID() can die
Revision 1.57.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:02 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored) next main 1.58 (colored)
upgrade to OpenSSH 4.2
Revision 1.56.2.2 / (download) - annotate - [select for diffs], Fri Sep 2 03:45:00 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.56.2.1: +2 -2 lines
Diff to previous 1.56.2.1 (colored) to branchpoint 1.56 (colored) next main 1.57 (colored)
upgrade to OpenSSH 4.2
Revision 1.58 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:32 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_9,
OPENBSD_3_8
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.55.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.55.2.1: +27 -11 lines
Diff to previous 1.55.2.1 (colored) to branchpoint 1.55 (colored) next main 1.56 (colored)
upgrade to OpenSSH 4.0
Revision 1.56.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.56: +27 -11 lines
Diff to previous 1.56 (colored)
upgrade to OpenSSH 4.0
Revision 1.57 / (download) - annotate - [select for diffs], Fri Oct 29 23:57:05 2004 UTC (19 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.56: +27 -11 lines
Diff to previous 1.56 (colored)
use new buffer API to avoid fatal errors on corrupt keys in authorized_keys files; ok markus@
Revision 1.54.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:31 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.54.2.1: +3 -3 lines
Diff to previous 1.54.2.1 (colored) to branchpoint 1.54 (colored) next main 1.55 (colored)
upgrade to OpenSSH 3.9
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:26 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
upgrade to OpenSSH 3.9
Revision 1.56 / (download) - annotate - [select for diffs], Wed Jul 28 09:40:29 2004 UTC (19 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
more s/illegal/invalid/
Revision 1.51.2.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.51.2.1: +21 -19 lines
Diff to previous 1.51.2.1 (colored) to branchpoint 1.51 (colored) next main 1.52 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.54.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:33 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.54: +21 -19 lines
Diff to previous 1.54 (colored)
upgrade to OpenSSH 3.8
Revision 1.55 / (download) - annotate - [select for diffs], Mon Nov 10 16:23:41 2003 UTC (20 years, 6 months ago) by jakob
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.54: +21 -19 lines
Diff to previous 1.54 (colored)
constify. ok markus@ & djm@
Revision 1.49.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:26 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.49.2.1: +7 -5 lines
Diff to previous 1.49.2.1 (colored) to branchpoint 1.49 (colored) next main 1.50 (colored)
upgrade to OpenSSH 3.7
Revision 1.51.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:43 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.51: +7 -5 lines
Diff to previous 1.51 (colored)
upgrade to OpenSSH 3.7
Revision 1.54 / (download) - annotate - [select for diffs], Wed Jul 9 13:58:19 2003 UTC (20 years, 10 months ago) by avsm
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.53: +4 -2 lines
Diff to previous 1.53 (colored)
minor tweak: when generating the hex fingerprint, give strlcat the full bound to the buffer, and add a comment below explaining why the zero-termination is one less than the bound. markus@ ok
Revision 1.53 / (download) - annotate - [select for diffs], Tue Jun 24 08:23:46 2003 UTC (20 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.52: +3 -3 lines
Diff to previous 1.52 (colored)
int -> u_int; ok djm@, deraadt@, mouring@
Revision 1.52 / (download) - annotate - [select for diffs], Wed May 14 18:16:20 2003 UTC (21 years ago) by jakob
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)
add experimental support for verifying hos keys using DNS as described in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
Revision 1.43.2.3 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:17 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.43.2.2: +3 -5 lines
Diff to previous 1.43.2.2 (colored) to branchpoint 1.43 (colored) next main 1.44 (colored)
Merge OpenSSH 3.6.1
Revision 1.49.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:13 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.49: +3 -5 lines
Diff to previous 1.49 (colored)
Update to OpenSSH 3.6
Revision 1.51 / (download) - annotate - [select for diffs], Wed Feb 12 09:33:04 2003 UTC (21 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.50: +1 -3 lines
Diff to previous 1.50 (colored)
merge ssh-dss.h ssh-rsa.h into key.h; ok deraadt@
Revision 1.50 / (download) - annotate - [select for diffs], Tue Feb 4 09:32:08 2003 UTC (21 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
better debug3 message
Revision 1.33.2.5 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:06 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.33.2.4: +15 -15 lines
Diff to previous 1.33.2.4 (colored) to branchpoint 1.33 (colored) next main 1.34 (colored)
Update to OpenSSH 3.5
Revision 1.43.2.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:52 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.43.2.1: +15 -15 lines
Diff to previous 1.43.2.1 (colored) to branchpoint 1.43 (colored)
Update to OpenSSH 3.5
Revision 1.49 / (download) - annotate - [select for diffs], Mon Sep 9 14:54:14 2002 UTC (21 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.48: +3 -2 lines
Diff to previous 1.48 (colored)
signed vs unsigned from -pedantic; ok henning@
Revision 1.48 / (download) - annotate - [select for diffs], Thu Jul 4 10:41:47 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.47: +7 -10 lines
Diff to previous 1.47 (colored)
don't allocate, copy, and discard if there is not interested in the data; ok deraadt@
Revision 1.47 / (download) - annotate - [select for diffs], Thu Jul 4 04:15:33 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.46: +3 -1 lines
Diff to previous 1.46 (colored)
patch memory leaks; grendel@zeitbombe.org
Revision 1.46 / (download) - annotate - [select for diffs], Sun Jun 30 21:59:45 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.45: +7 -7 lines
Diff to previous 1.45 (colored)
minor KNF
Revision 1.33.2.4 / (download) - annotate - [select for diffs], Wed Jun 26 18:22:35 2002 UTC (21 years, 10 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.33.2.3: +8 -2 lines
Diff to previous 1.33.2.3 (colored) to branchpoint 1.33 (colored)
There was an update to OpenSSH 3.4, and people rejoiced.
Revision 1.43.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:38 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.43: +12 -2 lines
Diff to previous 1.43 (colored)
Pull in OpenSSH-3.4
Revision 1.45 / (download) - annotate - [select for diffs], Sun Jun 23 03:26:19 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.44: +8 -2 lines
Diff to previous 1.44 (colored)
KNF
Revision 1.33.2.3 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:17 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.33.2.2: +5 -1 lines
Diff to previous 1.33.2.2 (colored) to branchpoint 1.33 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.25.2.4 / (download) - annotate - [select for diffs], Sun Jun 2 22:56:10 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.25.2.3: +44 -1 lines
Diff to previous 1.25.2.3 (colored) to branchpoint 1.25 (colored) next main 1.26 (colored)
Upgrade to OpenSSH 3.2.3. Except for improbable compilation error fixes, this should be the last commit made to the 2.9-STABLE branche. Have fun upgrading.
Revision 1.44 / (download) - annotate - [select for diffs], Fri May 31 13:16:48 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.43: +5 -1 lines
Diff to previous 1.43 (colored)
add comment: key_verify returns 1 for a correct signature, 0 for an incorrect signature and -1 on error. CVS ----------------------------------------------------------------------
Revision 1.33.2.2 / (download) - annotate - [select for diffs], Fri May 17 00:03:23 2002 UTC (22 years ago) by miod
Branch: OPENBSD_3_0
Changes since 1.33.2.1: +44 -1 lines
Diff to previous 1.33.2.1 (colored) to branchpoint 1.33 (colored)
Update OpenSSH to version 3.2.2.
Revision 1.43 / (download) - annotate - [select for diffs], Tue Mar 19 10:49:35 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
KNF whitespace
Revision 1.42 / (download) - annotate - [select for diffs], Mon Mar 18 17:23:31 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.41: +44 -1 lines
Diff to previous 1.41 (colored)
add key_demote() for ssh-privsep
Revision 1.25.2.3 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:44 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.25.2.2: +64 -49 lines
Diff to previous 1.25.2.2 (colored) to branchpoint 1.25 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.11.2.7 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:42 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.11.2.6: +65 -50 lines
Diff to previous 1.11.2.6 (colored) to branchpoint 1.11 (colored) next main 1.12 (colored)
Merge OpenSSH 3.1.
Revision 1.33.2.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.33: +64 -49 lines
Diff to previous 1.33 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.41 / (download) - annotate - [select for diffs], Thu Feb 28 15:46:33 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
add some const EVP_MD for openssl-0.9.7
Revision 1.40 / (download) - annotate - [select for diffs], Sun Feb 24 19:14:59 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.39: +9 -10 lines
Diff to previous 1.39 (colored)
signed vs. unsigned: make size arguments u_int, ok stevesk@
Revision 1.39 / (download) - annotate - [select for diffs], Fri Jan 25 22:07:40 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.38: +6 -7 lines
Diff to previous 1.38 (colored)
use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
Revision 1.38 / (download) - annotate - [select for diffs], Thu Dec 27 18:22:16 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.37: +31 -21 lines
Diff to previous 1.37 (colored)
call fatal() for openssl allocation failures
Revision 1.37 / (download) - annotate - [select for diffs], Tue Dec 25 18:49:56 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.36: +6 -1 lines
Diff to previous 1.36 (colored)
be more careful on allocation
Revision 1.36 / (download) - annotate - [select for diffs], Wed Dec 19 07:18:56 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.35: +4 -4 lines
Diff to previous 1.35 (colored)
basic KNF done while i was looking for something else
Revision 1.35 / (download) - annotate - [select for diffs], Wed Dec 5 10:06:12 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.34: +14 -13 lines
Diff to previous 1.34 (colored)
minor KNF
Revision 1.34 / (download) - annotate - [select for diffs], Wed Nov 21 15:51:24 2001 UTC (22 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.33: +4 -3 lines
Diff to previous 1.33 (colored)
mem leak
Revision 1.25.2.2 / (download) - annotate - [select for diffs], Thu Nov 15 00:15:19 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.25.2.1: +2 -2 lines
Diff to previous 1.25.2.1 (colored) to branchpoint 1.25 (colored)
Merge OpenSSH 3.0
Revision 1.11.2.6 / (download) - annotate - [select for diffs], Thu Nov 15 00:14:59 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.11.2.5: +2 -2 lines
Diff to previous 1.11.2.5 (colored) to branchpoint 1.11 (colored)
Merge OpenSSH 3.0
Revision 1.33 / (download) - annotate - [select for diffs], Thu Oct 4 14:34:16 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
call OPENSSL_free() for memory allocated by openssl; from chombier@mac.com
Revision 1.25.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.25: +19 -14 lines
Diff to previous 1.25 (colored)
Pull in OpenSSH-2.9.9
Revision 1.11.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:42 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.11.2.4: +19 -14 lines
Diff to previous 1.11.2.4 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.32 / (download) - annotate - [select for diffs], Wed Sep 19 13:23:29 2001 UTC (22 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.31: +3 -3 lines
Diff to previous 1.31 (colored)
key_read() now returns -1 on type mismatch, too
Revision 1.31 / (download) - annotate - [select for diffs], Mon Sep 17 20:50:22 2001 UTC (22 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.30: +4 -3 lines
Diff to previous 1.30 (colored)
better error handling if you try to export a bad key to ssh.com
Revision 1.30 / (download) - annotate - [select for diffs], Mon Sep 17 19:27:15 2001 UTC (22 years, 8 months ago) by stevesk
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
u_char*/char* cleanup; ok markus@
Revision 1.29 / (download) - annotate - [select for diffs], Tue Jun 26 20:14:10 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.28: +2 -1 lines
Diff to previous 1.28 (colored)
add smartcard support to the client, too (now you can use both the agent and the client).
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jun 25 08:25:37 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
update copyright for 2001
Revision 1.27 / (download) - annotate - [select for diffs], Sat Jun 23 15:12:19 2001 UTC (22 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.26: +8 -8 lines
Diff to previous 1.26 (colored)
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jun 23 05:26:02 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.25: +4 -1 lines
Diff to previous 1.25 (colored)
handle sigature of size 0 (some broken clients send this).
Revision 1.11.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:30 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.3: +28 -6 lines
Diff to previous 1.11.2.3 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.25 / (download) - annotate - [select for diffs], Tue Apr 17 10:53:24 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.24: +23 -1 lines
Diff to previous 1.24 (colored)
add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
Revision 1.24 / (download) - annotate - [select for diffs], Mon Apr 16 08:26:04 2001 UTC (23 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
better safe than sorry in later mods; yongari@kt-is.co.kr
Revision 1.23 / (download) - annotate - [select for diffs], Thu Apr 5 10:42:50 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.22: +5 -5 lines
Diff to previous 1.22 (colored)
fix whitespace: unexpand + trailing spaces.
Revision 1.11.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:25 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.2: +117 -22 lines
Diff to previous 1.11.2.2 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.6.2.5 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:47 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.4: +117 -22 lines
Diff to previous 1.6.2.4 (colored) to branchpoint 1.6 (colored) next main 1.7 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.22 / (download) - annotate - [select for diffs], Mon Mar 12 22:02:01 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.21: +3 -15 lines
Diff to previous 1.21 (colored)
remove old key_fingerprint interface, s/_ex//
Revision 1.6.2.4 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:11 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.3: +362 -46 lines
Diff to previous 1.6.2.3 (colored) to branchpoint 1.6 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.21 / (download) - annotate - [select for diffs], Sun Mar 11 18:29:51 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.20: +14 -17 lines
Diff to previous 1.20 (colored)
style+cleanup
Revision 1.20 / (download) - annotate - [select for diffs], Sun Mar 11 15:13:09 2001 UTC (23 years, 2 months ago) by jakob
Branch: MAIN
Changes since 1.19: +24 -26 lines
Diff to previous 1.19 (colored)
cleanup & shorten some var names key_fingerprint_bubblebabble.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Mar 11 15:03:15 2001 UTC (23 years, 2 months ago) by jakob
Branch: MAIN
Changes since 1.18: +132 -20 lines
Diff to previous 1.18 (colored)
add improved fingerprint functions. based on work by Carsten Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Mar 11 13:25:36 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
debug
Revision 1.11.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:19:00 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.1: +0 -0 lines
Diff to previous 1.11.2.1 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.5.1
Revision 1.11.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:13:04 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11: +362 -46 lines
Diff to previous 1.11 (colored)
Pull in OpenSSH 2.5.0
Revision 1.17 / (download) - annotate - [select for diffs], Sun Feb 4 15:32:24 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.16: +14 -14 lines
Diff to previous 1.16 (colored)
unexpand and remove end-of-line whitespace; ok markus@
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jan 22 16:55:21 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
free() -> xfree(); ok markus@
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:50 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.14: +4 -6 lines
Diff to previous 1.14 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.14 / (download) - annotate - [select for diffs], Tue Jan 16 19:20:06 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from galb@vandyke.com. note that you have to delete older ssh2-rsa keys, since they are in the wrong format, too. they must be removed from .ssh/authorized_keys2 and .ssh/known_hosts2, etc. (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP .ssh/authorized_keys2) additionally, we now check that BN_num_bits(rsa->n) >= 768.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:56 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.12: +15 -15 lines
Diff to previous 1.12 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Nov 12 19:50:37 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.11: +353 -35 lines
Diff to previous 1.11 (colored)
add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
Revision 1.6.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:51 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.2: +11 -10 lines
Diff to previous 1.6.2.2 (colored) to branchpoint 1.6 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.11 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:51 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.10: +11 -10 lines
Diff to previous 1.10 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.6.2.2 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:20 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.1: +30 -11 lines
Diff to previous 1.6.2.1 (colored) to branchpoint 1.6 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.10 / (download) - annotate - [select for diffs], Sat Aug 19 21:34:43 2000 UTC (23 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.9: +13 -1 lines
Diff to previous 1.9 (colored)
add SSH2/DSA support to the agent and some other DSA related cleanups. (note that we cannot talk to ssh.com's ssh2 agents)
Revision 1.9 / (download) - annotate - [select for diffs], Thu Jun 22 23:55:00 2000 UTC (23 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.8: +2 -0 lines
Diff to previous 1.8 (colored)
Missing CVS idents; ok markus
Revision 1.8 / (download) - annotate - [select for diffs], Mon Jun 19 03:29:49 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.7: +16 -11 lines
Diff to previous 1.7 (colored)
cleanup fingerprinting, less hardcoded sizes
Revision 1.6.2.1 / (download) - annotate - [select for diffs], Mon Jun 12 02:37:34 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6: +11 -7 lines
Diff to previous 1.6 (colored)
lovin' CVS... update patch branch to OpenSSH-2.1.1
Revision 1.7 / (download) - annotate - [select for diffs], Wed May 24 18:26:47 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.6: +11 -7 lines
Diff to previous 1.6 (colored)
fix key_read() for uuencoded keys w/o '='
Revision 1.6 / (download) - annotate - [select for diffs], Fri May 5 18:53:42 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.5: +4 -0 lines
Diff to previous 1.5 (colored)
remote trailing comments before calling __b64_pton
Revision 1.5 / (download) - annotate - [select for diffs], Thu May 4 22:38:00 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.4: +5 -3 lines
Diff to previous 1.4 (colored)
replace broken uuencode w/ libc b64_ntop
Revision 1.4 / (download) - annotate - [select for diffs], Thu May 4 09:50:22 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.3: +13 -0 lines
Diff to previous 1.3 (colored)
print key type when talking about host keys
Revision 1.3 / (download) - annotate - [select for diffs], Wed Apr 26 20:56:29 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.2: +62 -45 lines
Diff to previous 1.2 (colored)
add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
Revision 1.2 / (download) - annotate - [select for diffs], Wed Apr 12 09:39:10 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.1: +3 -3 lines
Diff to previous 1.1 (colored)
#include <ssl/foo.h> -> <openssh/foo.h>
Revision 1.1 / (download) - annotate - [select for diffs], Thu Mar 23 22:15:33 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
initial support for DSA keys. ok deraadt@, niels@