![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.161 / (download) - annotate - [select for diffs], Fri May 17 00:30:23 2024 UTC (3 hours, 12 minutes ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.160: +7 -97 lines
Diff to previous 1.160 (colored)
Start the process of splitting sshd into separate binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out.
Revision 1.160 / (download) - annotate - [select for diffs], Sun Mar 5 05:34:09 2023 UTC (14 months, 1 week ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.159: +1 -2 lines
Diff to previous 1.159 (colored)
Remove unused compat.h includes. We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it.
Revision 1.159 / (download) - annotate - [select for diffs], Fri Dec 9 00:17:40 2022 UTC (17 months, 1 week ago) by dtucker
Branch: MAIN
Changes since 1.158: +5 -6 lines
Diff to previous 1.158 (colored)
Add some server debugging for hostbased auth. auth_debug_add queues messages about the auth process which is sent to the client after successful authentication. This also sends those to the server debug log to aid in debugging. From bz#3507, ok djm@
Revision 1.158 / (download) - annotate - [select for diffs], Fri Jun 3 04:47:21 2022 UTC (23 months, 2 weeks ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.157: +1 -57 lines
Diff to previous 1.157 (colored)
move auth_openprincipals() and auth_openkeyfile() over to auth2-pubkeyfile.c too; they make more sense there.
Revision 1.157 / (download) - annotate - [select for diffs], Fri May 27 05:02:46 2022 UTC (23 months, 3 weeks ago) by djm
Branch: MAIN
Changes since 1.156: +1 -93 lines
Diff to previous 1.156 (colored)
split the low-level file handling functions out from auth2-pubkey.c Put them in a new auth2-pubkeyfile.c to make it easier to refer to them (e.g. in unit/fuzz tests) without having to refer to everything else pubkey auth brings in. ok dtucker@
Revision 1.156 / (download) - annotate - [select for diffs], Fri May 27 05:01:25 2022 UTC (23 months, 3 weeks ago) by djm
Branch: MAIN
Changes since 1.155: +4 -6 lines
Diff to previous 1.155 (colored)
refactor authorized_keys/principals handling remove "struct ssh *" from arguments - this was only used to pass the remote host/address. These can be passed in instead and the resulting code is less tightly coupled to ssh_api.[ch] ok dtucker@
Revision 1.155 / (download) - annotate - [select for diffs], Tue Apr 26 07:41:44 2022 UTC (2 years ago) by dtucker
Branch: MAIN
Changes since 1.154: +3 -2 lines
Diff to previous 1.154 (colored)
Check sshauthopt_new() for NULL. bz#3425, from tessgauthier at microsoft.com. ok djm@
Revision 1.154 / (download) - annotate - [select for diffs], Wed Feb 23 11:17:10 2022 UTC (2 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.153: +13 -3 lines
Diff to previous 1.153 (colored)
randomise the password used in fakepw
Revision 1.147.4.1 / (download) - annotate - [select for diffs], Sun Sep 26 14:04:53 2021 UTC (2 years, 7 months ago) by deraadt
Branch: OPENBSD_6_8
Changes since 1.147: +7 -1 lines
Diff to previous 1.147 (colored) next main 1.148 (colored)
need initgroups() before setresgid(); reported by anton@, ok deraadt@ this is 6.8 errata 030: sshd(8) failed to clear supplemental groups when executing an AuthorizedUsersCommand or AuthorizedPrincipalsCommand helper program.
Revision 1.153 / (download) - annotate - [select for diffs], Mon Jul 5 00:50:25 2021 UTC (2 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.152: +2 -4 lines
Diff to previous 1.152 (colored)
Remove comment referencing now-removed RhostsRSAAuthentication. ok djm@
Revision 1.152 / (download) - annotate - [select for diffs], Sat Apr 3 06:18:40 2021 UTC (3 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.151: +2 -2 lines
Diff to previous 1.151 (colored)
highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on continuation lines. Prompted by GHPR#185
Revision 1.151 / (download) - annotate - [select for diffs], Tue Dec 22 00:12:22 2020 UTC (3 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.150: +1 -153 lines
Diff to previous 1.150 (colored)
move subprocess() from auth.c to misc.c make privilege dropping optional but allow it via callbacks (to avoid need to link uidswap.c everywhere) add some other flags (keep environment, disable strict path safety check) that make this more useful for client-side use. feedback & ok markus@
Revision 1.150 / (download) - annotate - [select for diffs], Sun Dec 20 23:36:51 2020 UTC (3 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.149: +3 -3 lines
Diff to previous 1.149 (colored)
load_hostkeys()/hostkeys_foreach() variants for FILE* Add load_hostkeys_file() and hostkeys_foreach_file() that accept a FILE* argument instead of opening the file directly. Original load_hostkeys() and hostkeys_foreach() are implemented using these new interfaces. Add a u_int note field to the hostkey_entry and hostkey_foreach_line structs that is passed directly from the load_hostkeys() and hostkeys_foreach() call. This is a lightweight way to annotate results between different invocations of load_hostkeys(). ok markus@
Revision 1.149 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:01 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.148: +18 -20 lines
Diff to previous 1.148 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.148 / (download) - annotate - [select for diffs], Fri Oct 16 13:26:13 2020 UTC (3 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.147: +5 -1 lines
Diff to previous 1.147 (colored)
LogVerbose keyword for ssh and sshd Allows forcing maximum debug logging by file/function/line pattern- lists. ok markus@
Revision 1.147 / (download) - annotate - [select for diffs], Thu Aug 27 01:07:09 2020 UTC (3 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE
Branch point for: OPENBSD_6_8
Changes since 1.146: +5 -4 lines
Diff to previous 1.146 (colored)
support for requiring user verified FIDO keys in sshd This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@
Revision 1.146 / (download) - annotate - [select for diffs], Fri Jan 31 22:42:45 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.145: +3 -2 lines
Diff to previous 1.145 (colored)
Add a sshd_config "Include" directive to allow inclusion of files. This has sensible semantics wrt Match blocks and accepts glob(3) patterns to specify the included files. Based on patch by Jakub Jelen in bz2468; feedback and ok markus@
Revision 1.145 / (download) - annotate - [select for diffs], Thu Jan 23 07:10:22 2020 UTC (4 years, 3 months ago) by dtucker
Branch: MAIN
Changes since 1.144: +2 -2 lines
Diff to previous 1.144 (colored)
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
Revision 1.144 / (download) - annotate - [select for diffs], Mon Dec 16 13:58:53 2019 UTC (4 years, 5 months ago) by tobhe
Branch: MAIN
Changes since 1.143: +7 -7 lines
Diff to previous 1.143 (colored)
strdup may return NULL if memory allocation fails. Use the safer xstrdup which fatals on allocation failures. ok markus@
Revision 1.143 / (download) - annotate - [select for diffs], Mon Nov 25 00:54:23 2019 UTC (4 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.142: +4 -3 lines
Diff to previous 1.142 (colored)
add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus
Revision 1.142 / (download) - annotate - [select for diffs], Wed Oct 16 06:05:39 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored)
potential NULL dereference for revoked hostkeys; reported by krishnaiah bommu
Revision 1.141 / (download) - annotate - [select for diffs], Wed Oct 2 00:42:30 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.140: +1 -2 lines
Diff to previous 1.140 (colored)
remove some duplicate #includes
Revision 1.140 / (download) - annotate - [select for diffs], Fri Sep 6 04:53:27 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.139: +2 -1 lines
Diff to previous 1.139 (colored)
lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly
Revision 1.139 / (download) - annotate - [select for diffs], Fri Jun 28 13:35:04 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.138: +8 -8 lines
Diff to previous 1.138 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.138 / (download) - annotate - [select for diffs], Sat Jan 19 21:41:18 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.137: +10 -16 lines
Diff to previous 1.137 (colored)
convert auth.c to new packet API with & ok markus@
Revision 1.137 / (download) - annotate - [select for diffs], Sat Jan 19 21:37:48 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.136: +3 -2 lines
Diff to previous 1.136 (colored)
convert servconf.c to new packet API with & ok markus@
Revision 1.136 / (download) - annotate - [select for diffs], Sat Jan 19 21:31:32 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.135: +4 -1 lines
Diff to previous 1.135 (colored)
begin landing remaining refactoring of packet parsing API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@
Revision 1.135 / (download) - annotate - [select for diffs], Thu Jan 17 04:20:53 2019 UTC (5 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.134: +2 -1 lines
Diff to previous 1.134 (colored)
include time.h for time(3)/nanosleep(2); from Ian McKellar
Revision 1.134 / (download) - annotate - [select for diffs], Fri Nov 16 03:26:01 2018 UTC (5 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.133: +3 -3 lines
Diff to previous 1.133 (colored)
use path_absolute() for pathname checks; from Manoj Ampalam
Revision 1.133 / (download) - annotate - [select for diffs], Wed Sep 12 01:19:12 2018 UTC (5 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.132: +13 -9 lines
Diff to previous 1.132 (colored)
log certificate fingerprint in authentication success/failure message (previously we logged only key ID and CA key fingerprint). ok markus@
Revision 1.132 / (download) - annotate - [select for diffs], Wed Jul 11 08:19:35 2018 UTC (5 years, 10 months ago) by martijn
Branch: MAIN
Changes since 1.131: +2 -2 lines
Diff to previous 1.131 (colored)
s/wuth/with/ in comment
Revision 1.131 / (download) - annotate - [select for diffs], Mon Jul 9 21:35:50 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.130: +21 -18 lines
Diff to previous 1.130 (colored)
sshd: switch authentication to sshbuf API; ok djm@
Revision 1.130 / (download) - annotate - [select for diffs], Wed Jun 6 18:23:32 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.129: +12 -3 lines
Diff to previous 1.129 (colored)
permitlisten option for authorized_keys; ok markus@
Revision 1.129 / (download) - annotate - [select for diffs], Fri Jun 1 03:33:53 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.128: +5 -3 lines
Diff to previous 1.128 (colored)
make UID available as a %-expansion everywhere that the username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@
Revision 1.128 / (download) - annotate - [select for diffs], Fri May 25 07:11:01 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.127: +2 -1 lines
Diff to previous 1.127 (colored)
Do not ban PTY allocation when a sshd session is restricted because the user password is expired as it breaks password change dialog. regression in openssh-7.7 reported by Daniel Wagner
Revision 1.127 / (download) - annotate - [select for diffs], Mon Mar 12 00:52:01 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.126: +23 -5 lines
Diff to previous 1.126 (colored)
add valid-before="[time]" authorized_keys option. A simple way of giving a key an expiry date. ok markus@
Revision 1.126 / (download) - annotate - [select for diffs], Sat Mar 3 03:15:51 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.125: +175 -5 lines
Diff to previous 1.125 (colored)
switch over to the new authorized_keys options API and remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@
Revision 1.125 / (download) - annotate - [select for diffs], Mon Jan 8 15:21:49 2018 UTC (6 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.124: +154 -1 lines
Diff to previous 1.124 (colored)
move subprocess() so scp/sftp do not need uidswap.o; ok djm@
Revision 1.124 / (download) - annotate - [select for diffs], Tue Sep 12 06:32:07 2017 UTC (6 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.123: +2 -1 lines
Diff to previous 1.123 (colored)
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@
Revision 1.123 / (download) - annotate - [select for diffs], Fri Aug 18 05:36:45 2017 UTC (6 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.122: +2 -95 lines
Diff to previous 1.122 (colored)
Move several subprocess-related functions from various locations to misc.c. Extend subprocess() to offer a little more control over stdio disposition. feedback & ok dtucker@
Revision 1.122 / (download) - annotate - [select for diffs], Sat Jun 24 06:34:38 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.121: +46 -20 lines
Diff to previous 1.121 (colored)
refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@
Revision 1.121 / (download) - annotate - [select for diffs], Tue May 30 08:52:19 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.120: +3 -3 lines
Diff to previous 1.120 (colored)
switch from Key typedef with struct sshkey; ok djm@
Revision 1.120 / (download) - annotate - [select for diffs], Wed May 17 01:24:17 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.119: +2 -1 lines
Diff to previous 1.119 (colored)
allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717
Revision 1.119 / (download) - annotate - [select for diffs], Thu Dec 15 21:29:05 2016 UTC (7 years, 5 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.118: +3 -2 lines
Diff to previous 1.118 (colored)
Add missing braces in DenyUsers code. Patch from zev at bewilderbeest.net, ok deraadt@
Revision 1.118 / (download) - annotate - [select for diffs], Tue Nov 8 22:04:34 2016 UTC (7 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.117: +2 -2 lines
Diff to previous 1.117 (colored)
unbreak DenyUsers; reported by henning@
Revision 1.117 / (download) - annotate - [select for diffs], Sun Nov 6 05:46:37 2016 UTC (7 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.116: +16 -6 lines
Diff to previous 1.116 (colored)
Validate address ranges for AllowUser/DenyUsers at configuration load time and refuse to accept bad ones. It was previously possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and these would always match. Thanks to Laurence Parry for a detailed bug report. ok markus (for a previous diff version)
Revision 1.116 / (download) - annotate - [select for diffs], Sat Aug 13 17:47:41 2016 UTC (7 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.115: +4 -6 lines
Diff to previous 1.115 (colored)
remove ssh1 server code; ok djm@
Revision 1.115 / (download) - annotate - [select for diffs], Wed Jun 15 00:40:40 2016 UTC (7 years, 11 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.114: +3 -4 lines
Diff to previous 1.114 (colored)
Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message about forward and reverse DNS not matching. We haven't supported IP-based auth methods for a very long time so it's now misleading. part of bz#2585, ok markus@
Revision 1.114 / (download) - annotate - [select for diffs], Mon Mar 7 19:02:43 2016 UTC (8 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.113: +131 -10 lines
Diff to previous 1.113 (colored)
refactor canohost.c: move functions that cache results closer to the places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@
Revision 1.112.4.1 / (download) - annotate - [select for diffs], Sun Aug 30 13:13:44 2015 UTC (8 years, 8 months ago) by jasper
Branch: OPENBSD_5_8
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored) next main 1.113 (colored)
MFC, original commit by djm@ "fix inverted logic that broke PermitRootLogin; reported by Mantas Mikulenas; ok markus@"
Revision 1.113 / (download) - annotate - [select for diffs], Fri Aug 21 03:42:19 2015 UTC (8 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)
fix inverted logic that broke PermitRootLogin; reported by Mantas Mikulenas; ok markus@
Revision 1.112 / (download) - annotate - [select for diffs], Thu Aug 6 14:53:21 2015 UTC (8 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE
Branch point for: OPENBSD_5_8
Changes since 1.111: +4 -2 lines
Diff to previous 1.111 (colored)
add prohibit-password as a synonymn for without-password, since the without-password is causing too many questions. Harden it to ban all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from djm, ok markus
Revision 1.111 / (download) - annotate - [select for diffs], Fri May 1 04:17:51 2015 UTC (9 years ago) by djm
Branch: MAIN
Changes since 1.110: +2 -3 lines
Diff to previous 1.110 (colored)
make handling of AuthorizedPrincipalsFile=none more consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@
Revision 1.110 / (download) - annotate - [select for diffs], Wed Feb 25 17:29:38 2015 UTC (9 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.109: +3 -2 lines
Diff to previous 1.109 (colored)
don't leak validity of user in "too many authentication failures" disconnect message; reported by Sebastian Reitenbach
Revision 1.109 / (download) - annotate - [select for diffs], Tue Jan 20 23:14:00 2015 UTC (9 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.108: +4 -4 lines
Diff to previous 1.108 (colored)
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
Revision 1.108 / (download) - annotate - [select for diffs], Sun Dec 21 22:27:56 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.107: +3 -2 lines
Diff to previous 1.107 (colored)
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
Revision 1.107 / (download) - annotate - [select for diffs], Thu Dec 4 02:24:32 2014 UTC (9 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.106: +29 -33 lines
Diff to previous 1.106 (colored)
add RevokedHostKeys option for the client Allow textfile or KRL-based revocation of hostkeys.
Revision 1.106 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.105: +2 -2 lines
Diff to previous 1.105 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.105 / (download) - annotate - [select for diffs], Thu Jul 3 11:16:55 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.104: +14 -1 lines
Diff to previous 1.104 (colored)
make the "Too many authentication failures" message include the user, source address, port and protocol in a format similar to the authentication success / failure messages; bz#2199, ok dtucker
Revision 1.104 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
Changes since 1.103: +5 -1 lines
Diff to previous 1.103 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.103 / (download) - annotate - [select for diffs], Sun May 19 02:42:42 2013 UTC (11 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.102: +26 -4 lines
Diff to previous 1.102 (colored)
Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@
Revision 1.102 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.101: +8 -8 lines
Diff to previous 1.101 (colored)
bye, bye xfree(); ok markus@
Revision 1.101 / (download) - annotate - [select for diffs], Wed Feb 6 00:22:21 2013 UTC (11 years, 3 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)
Fix comment, from jfree.e1 at gmail
Revision 1.100 / (download) - annotate - [select for diffs], Thu Jan 17 23:00:01 2013 UTC (11 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.99: +13 -2 lines
Diff to previous 1.99 (colored)
add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
Revision 1.99 / (download) - annotate - [select for diffs], Fri Dec 14 05:26:43 2012 UTC (11 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.98: +2 -3 lines
Diff to previous 1.98 (colored)
use correct string in error message; from rustybsd at gmx.fr
Revision 1.98 / (download) - annotate - [select for diffs], Sun Dec 2 20:34:09 2012 UTC (11 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.97: +8 -4 lines
Diff to previous 1.97 (colored)
Fixes logging of partial authentication when privsep is enabled Previously, we recorded "Failed xxx" since we reset authenticated before calling auth_log() in auth2.c. This adds an explcit "Partial" state. Add a "submethod" to auth_log() to report which submethod is used for keyboard-interactive. Fix multiple authentication when one of the methods is keyboard-interactive. ok markus@
Revision 1.97 / (download) - annotate - [select for diffs], Tue Oct 30 21:29:54 2012 UTC (11 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.96: +38 -15 lines
Diff to previous 1.96 (colored)
new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
Revision 1.96 / (download) - annotate - [select for diffs], Sun May 13 01:42:32 2012 UTC (12 years ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.95: +4 -3 lines
Diff to previous 1.95 (colored)
Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests to match. Feedback and ok djm@ markus@.
Revision 1.95 / (download) - annotate - [select for diffs], Wed Apr 11 13:17:54 2012 UTC (12 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.94: +3 -2 lines
Diff to previous 1.94 (colored)
Support "none" as an argument for AuthorizedPrincipalsFile to indicate no file should be read.
Revision 1.94 / (download) - annotate - [select for diffs], Mon May 23 03:33:38 2011 UTC (12 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.93: +3 -6 lines
Diff to previous 1.93 (colored)
make secure_filename() spam debug logs less
Revision 1.93 / (download) - annotate - [select for diffs], Mon May 23 03:30:07 2011 UTC (12 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.92: +2 -8 lines
Diff to previous 1.92 (colored)
allow AuthorizedKeysFile to specify multiple files, separated by spaces. Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
Revision 1.92 / (download) - annotate - [select for diffs], Wed May 11 04:47:06 2011 UTC (13 years ago) by djm
Branch: MAIN
Changes since 1.91: +1 -7 lines
Diff to previous 1.91 (colored)
remove support for authorized_keys2; it is a relic from the early days of protocol v.2 support and has been undocumented for many years; ok markus@
Revision 1.91 / (download) - annotate - [select for diffs], Mon Nov 29 23:45:51 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.90: +18 -12 lines
Diff to previous 1.90 (colored)
automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
Revision 1.90 / (download) - annotate - [select for diffs], Tue Nov 23 02:35:50 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)
use strict_modes already passed as function argument over referencing global options.strict_modes
Revision 1.89 / (download) - annotate - [select for diffs], Wed Aug 4 05:42:47 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)
enable certificates for hostbased authentication, from Iain Morgan; "looks ok" markus@
Revision 1.88 / (download) - annotate - [select for diffs], Tue Jun 22 04:49:47 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.87: +4 -1 lines
Diff to previous 1.87 (colored)
queue auth debug messages for bad ownership or permissions on the user's keyfiles. These messages will be sent after the user has successfully authenticated (where our client will display them with LogLevel=debug). bz#1554; ok dtucker@
Revision 1.87 / (download) - annotate - [select for diffs], Fri May 7 11:30:29 2010 UTC (14 years ago) by djm
Branch: MAIN
Changes since 1.86: +30 -11 lines
Diff to previous 1.86 (colored)
add some optional indirection to matching of principal names listed in certificates. Currently, a certificate must include the a user's name to be accepted for authentication. This change adds the ability to specify a list of certificate principal names that are acceptable. When authenticating using a CA trusted through ~/.ssh/authorized_keys, this adds a new principals="name1[,name2,...]" key option. For CAs listed through sshd_config's TrustedCAKeys option, a new config option "AuthorizedPrincipalsFile" specifies a per-user file containing the list of acceptable names. If either option is absent, the current behaviour of requiring the username to appear in principals continues to apply. These options are useful for role accounts, disjoint account namespaces and "user@realm"-style naming policies in certificates. feedback and ok markus@
Revision 1.86 / (download) - annotate - [select for diffs], Fri Mar 5 02:58:11 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.85: +3 -2 lines
Diff to previous 1.85 (colored)
make the warning for a revoked key louder and more noticable
Revision 1.85 / (download) - annotate - [select for diffs], Thu Mar 4 10:36:03 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.84: +30 -1 lines
Diff to previous 1.84 (colored)
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
Revision 1.84 / (download) - annotate - [select for diffs], Tue Feb 9 06:18:46 2010 UTC (14 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.83: +21 -36 lines
Diff to previous 1.83 (colored)
unbreak ChrootDirectory+internal-sftp by skipping check for executable shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
Revision 1.83 / (download) - annotate - [select for diffs], Wed Jan 13 23:47:26 2010 UTC (14 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.82: +23 -3 lines
Diff to previous 1.82 (colored)
when using ChrootDirectory, make sure we test for the existence of the user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; ok dtucker
Revision 1.82 / (download) - annotate - [select for diffs], Wed Jan 13 00:19:04 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)
Fix a couple of typos/mispellings in comments
Revision 1.81 / (download) - annotate - [select for diffs], Sun Jan 10 07:15:56 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.80: +6 -2 lines
Diff to previous 1.80 (colored)
Output a debug if we can't open an existing keyfile. bz#1694, ok djm@
Revision 1.80 / (download) - annotate - [select for diffs], Tue Nov 4 07:58:09 2008 UTC (15 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.79: +2 -1 lines
Diff to previous 1.79 (colored)
need unistd.h for close() prototype
Revision 1.79 / (download) - annotate - [select for diffs], Wed Jul 2 12:03:51 2008 UTC (15 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.78: +43 -2 lines
Diff to previous 1.78 (colored)
Merge duplicate host key file checks, based in part on a patch from Rob Holland via bz #1348 . Also checks for non-regular files during protocol 1 RSA auth. ok djm@
Revision 1.78 / (download) - annotate - [select for diffs], Fri Sep 21 08:15:29 2007 UTC (16 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.77: +1 -5 lines
Diff to previous 1.77 (colored)
unifdef -DBSD_AUTH unifdef -USKEY These options have been in use for some years; ok markus@ "no objection" millert@
Revision 1.77 / (download) - annotate - [select for diffs], Thu Aug 23 02:55:51 2007 UTC (16 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.76: +2 -1 lines
Diff to previous 1.76 (colored)
missed include bits from last commit
Revision 1.76 / (download) - annotate - [select for diffs], Thu Aug 23 02:49:43 2007 UTC (16 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.75: +1 -5 lines
Diff to previous 1.75 (colored)
unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@
Revision 1.60.2.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.60: +29 -13 lines
Diff to previous 1.60 (colored) next main 1.61 (colored)
upgrade to OpenSSH 4.4
Revision 1.62.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.62: +26 -14 lines
Diff to previous 1.62 (colored) next main 1.63 (colored)
upgrade to OpenSSH 4.4
Revision 1.75 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:41 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.74: +7 -6 lines
Diff to previous 1.74 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.74 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)
move #include <stdio.h> out of includes.h
Revision 1.73 / (download) - annotate - [select for diffs], Wed Jul 26 02:35:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.72: +2 -1 lines
Diff to previous 1.72 (colored)
move #include <sys/param.h> out of includes.h
Revision 1.72 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:22 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
move #include <string.h> out of includes.h
Revision 1.71 / (download) - annotate - [select for diffs], Wed Jul 12 11:34:58 2006 UTC (17 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.70: +4 -1 lines
Diff to previous 1.70 (colored)
Add support for conditional directives to sshd_config via a "Match" keyword,
which works similarly to the "Host" directive in ssh_config.
Lines after a Match line override the default set in the main section
if the condition on the Match line is true, eg
AllowTcpForwarding yes
Match User anoncvs
AllowTcpForwarding no
will allow port forwarding by all users except "anoncvs".
Currently only a very small subset of directives are supported.
ok djm@
Revision 1.70 / (download) - annotate - [select for diffs], Tue Jul 11 20:07:25 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
move #include <errno.h> out of includes.h; ok markus@
Revision 1.69 / (download) - annotate - [select for diffs], Mon Jul 10 16:37:36 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)
move #include <stdarg.h> out of includes.h; ok markus@
Revision 1.68 / (download) - annotate - [select for diffs], Thu Jul 6 16:03:53 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.67: +2 -1 lines
Diff to previous 1.67 (colored)
move #include <pwd.h> out of includes.h; ok markus@
Revision 1.67 / (download) - annotate - [select for diffs], Thu Mar 30 11:40:21 2006 UTC (18 years, 1 month ago) by dtucker
Branch: MAIN
Changes since 1.66: +6 -1 lines
Diff to previous 1.66 (colored)
Prevent duplicate log messages when privsep=yes; ok djm@
Revision 1.66 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:01 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.65: +1 -0 lines
Diff to previous 1.65 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.65 / (download) - annotate - [select for diffs], Sat Mar 25 00:05:41 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.64: +5 -7 lines
Diff to previous 1.64 (colored)
introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
Revision 1.64 / (download) - annotate - [select for diffs], Mon Mar 20 17:10:19 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.63: +0 -1 lines
Diff to previous 1.63 (colored)
in a switch (), break after return or goto is stupid
Revision 1.63 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.62: +0 -1 lines
Diff to previous 1.62 (colored)
RCSID() can die
Revision 1.62 / (download) - annotate - [select for diffs], Mon Feb 20 17:19:53 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.61: +4 -1 lines
Diff to previous 1.61 (colored)
move #include <sys/stat.h> out of includes.h; ok markus@
Revision 1.61 / (download) - annotate - [select for diffs], Wed Feb 8 12:15:27 2006 UTC (18 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.60: +2 -1 lines
Diff to previous 1.60 (colored)
move #include <paths.h> out of includes.h; ok markus@
Revision 1.58.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:39:52 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.58: +19 -42 lines
Diff to previous 1.58 (colored) next main 1.59 (colored)
upgrade to OpenSSH 4.2
Revision 1.56.2.3 / (download) - annotate - [select for diffs], Fri Sep 2 03:44:59 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.56.2.2: +19 -42 lines
Diff to previous 1.56.2.2 (colored) to branchpoint 1.56 (colored) next main 1.57 (colored)
upgrade to OpenSSH 4.2
Revision 1.60 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:32 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.59 / (download) - annotate - [select for diffs], Mon Jun 6 11:20:36 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.58: +18 -41 lines
Diff to previous 1.58 (colored)
introduce a generic %foo expansion function. replace existing % expansion and add expansion to ControlPath; ok markus@
Revision 1.56.2.2 / (download) - annotate - [select for diffs], Sun Jun 5 02:22:39 2005 UTC (18 years, 11 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.56.2.1: +3 -2 lines
Diff to previous 1.56.2.1 (colored) to branchpoint 1.56 (colored)
upgrade to OpenSSH 4.1
Revision 1.58 / (download) - annotate - [select for diffs], Mon Mar 14 11:44:42 2005 UTC (19 years, 2 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.57: +3 -2 lines
Diff to previous 1.57 (colored)
Populate host for log message for logins denied by AllowUsers and DenyUsers. (bz #999); ok markus@
Revision 1.51.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.51.2.1: +14 -11 lines
Diff to previous 1.51.2.1 (colored) to branchpoint 1.51 (colored) next main 1.52 (colored)
upgrade to OpenSSH 4.0
Revision 1.56.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.56: +14 -11 lines
Diff to previous 1.56 (colored)
upgrade to OpenSSH 4.0
Revision 1.57 / (download) - annotate - [select for diffs], Sat Jan 22 08:17:59 2005 UTC (19 years, 3 months ago) by dtucker
Branch: MAIN
Changes since 1.56: +14 -11 lines
Diff to previous 1.56 (colored)
Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups. bz #909, ok djm@
Revision 1.49.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:30 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.49.2.1: +6 -7 lines
Diff to previous 1.49.2.1 (colored) to branchpoint 1.49 (colored) next main 1.50 (colored)
upgrade to OpenSSH 3.9
Revision 1.51.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:26 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.51: +6 -7 lines
Diff to previous 1.51 (colored)
upgrade to OpenSSH 3.9
Revision 1.56 / (download) - annotate - [select for diffs], Wed Jul 28 09:40:29 2004 UTC (19 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)
more s/illegal/invalid/
Revision 1.55 / (download) - annotate - [select for diffs], Wed Jul 21 08:56:12 2004 UTC (19 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas, miod, ...
Revision 1.54 / (download) - annotate - [select for diffs], Sun May 23 23:59:53 2004 UTC (19 years, 11 months ago) by dtucker
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Add MaxAuthTries sshd config option; ok markus@
Revision 1.53 / (download) - annotate - [select for diffs], Tue May 11 19:01:43 2004 UTC (20 years ago) by deraadt
Branch: MAIN
Changes since 1.52: +3 -3 lines
Diff to previous 1.52 (colored)
improve some code lint did not like; djm millert ok
Revision 1.52 / (download) - annotate - [select for diffs], Sat May 8 00:01:37 2004 UTC (20 years ago) by deraadt
Branch: MAIN
Changes since 1.51: +1 -2 lines
Diff to previous 1.51 (colored)
make two tiny header files go away; djm ok
Revision 1.46.2.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.46.2.1: +2 -10 lines
Diff to previous 1.46.2.1 (colored) to branchpoint 1.46 (colored) next main 1.47 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.49.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:32 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.49: +2 -10 lines
Diff to previous 1.49 (colored)
upgrade to OpenSSH 3.8
Revision 1.51 / (download) - annotate - [select for diffs], Fri Nov 21 11:57:02 2003 UTC (20 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)
unexpand and delete whitespace at EOL; ok markus@
Revision 1.50 / (download) - annotate - [select for diffs], Tue Sep 23 20:17:11 2003 UTC (20 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.49: +1 -9 lines
Diff to previous 1.49 (colored)
replace fatal_cleanup() and linked list of fatal callbacks with static cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
Revision 1.45.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:24 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.45.2.1: +33 -14 lines
Diff to previous 1.45.2.1 (colored) to branchpoint 1.45 (colored) next main 1.46 (colored)
upgrade to OpenSSH 3.7
Revision 1.46.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:42 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.46: +33 -14 lines
Diff to previous 1.46 (colored)
upgrade to OpenSSH 3.7
Revision 1.49 / (download) - annotate - [select for diffs], Tue Aug 26 09:58:43 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.48: +20 -1 lines
Diff to previous 1.48 (colored)
fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jun 2 09:17:34 2003 UTC (20 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Apr 8 20:21:28 2003 UTC (21 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.46: +13 -13 lines
Diff to previous 1.46 (colored)
rename log() into logit() to avoid name conflict. markus ok, from netbsd
Revision 1.41.2.5 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:16 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.41.2.4: +5 -7 lines
Diff to previous 1.41.2.4 (colored) to branchpoint 1.41 (colored) next main 1.42 (colored)
Merge OpenSSH 3.6.1
Revision 1.45.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:13 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.45: +5 -7 lines
Diff to previous 1.45 (colored)
Update to OpenSSH 3.6
Revision 1.46 / (download) - annotate - [select for diffs], Mon Nov 4 10:07:53 2002 UTC (21 years, 6 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.45: +5 -7 lines
Diff to previous 1.45 (colored)
don't compare against pw_home if realpath fails for pw_home (seen on AFS); ok djm@
Revision 1.28.2.5 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:06 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.28.2.4: +8 -3 lines
Diff to previous 1.28.2.4 (colored) to branchpoint 1.28 (colored) next main 1.29 (colored)
Update to OpenSSH 3.5
Revision 1.41.2.4 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:51 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.41.2.3: +8 -3 lines
Diff to previous 1.41.2.3 (colored) to branchpoint 1.41 (colored)
Update to OpenSSH 3.5
Revision 1.45 / (download) - annotate - [select for diffs], Fri Sep 20 18:41:29 2002 UTC (21 years, 8 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.44: +7 -2 lines
Diff to previous 1.44 (colored)
log illegal user here for missing privsep case (ssh2). this is executed in the monitor. ok markus@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Aug 8 23:54:52 2002 UTC (21 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
typo in comment
Revision 1.41.2.3 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:37 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.41.2.2: +0 -0 lines
Diff to previous 1.41.2.2 (colored) to branchpoint 1.41 (colored)
Pull in OpenSSH-3.4
Revision 1.21.2.5 / (download) - annotate - [select for diffs], Sun Jun 2 22:56:09 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.21.2.4: +88 -6 lines
Diff to previous 1.21.2.4 (colored) to branchpoint 1.21 (colored) next main 1.22 (colored)
Upgrade to OpenSSH 3.2.3. Except for improbable compilation error fixes, this should be the last commit made to the 2.9-STABLE branche. Have fun upgrading.
Revision 1.28.2.4 / (download) - annotate - [select for diffs], Sun Jun 2 22:36:55 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.28.2.3: +2 -2 lines
Diff to previous 1.28.2.3 (colored) to branchpoint 1.28 (colored)
That long-delayed OpenSSH 3.2.3 update.
Revision 1.41.2.2 / (download) - annotate - [select for diffs], Sat May 18 04:50:37 2002 UTC (22 years ago) by jason
Branch: OPENBSD_3_1
Changes since 1.41.2.1: +2 -2 lines
Diff to previous 1.41.2.1 (colored) to branchpoint 1.41 (colored)
Update to OpenSSH-3.2.3
Revision 1.41.2.1 / (download) - annotate - [select for diffs], Sat May 18 04:12:10 2002 UTC (22 years ago) by jason
Branch: OPENBSD_3_1
Changes since 1.41: +47 -1 lines
Diff to previous 1.41 (colored)
Update to OpenSSH-3.2.2
Revision 1.43 / (download) - annotate - [select for diffs], Fri May 17 14:27:55 2002 UTC (22 years ago) by millert
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
Fix typo/thinko. Pass in as to auth_approval(), not NULL. Closes PR 2659.
Revision 1.28.2.3 / (download) - annotate - [select for diffs], Fri May 17 00:03:23 2002 UTC (22 years ago) by miod
Branch: OPENBSD_3_0
Changes since 1.28.2.2: +88 -6 lines
Diff to previous 1.28.2.2 (colored) to branchpoint 1.28 (colored)
Update OpenSSH to version 3.2.2.
Revision 1.42 / (download) - annotate - [select for diffs], Mon May 13 20:44:58 2002 UTC (22 years ago) by markus
Branch: MAIN
Changes since 1.41: +47 -1 lines
Diff to previous 1.41 (colored)
move the packet_send_debug handling from auth-options.c to auth.c; ok provos@
Revision 1.41 / (download) - annotate - [select for diffs], Tue Mar 19 15:31:47 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.40: +4 -2 lines
Diff to previous 1.40 (colored)
check for NULL; from provos@
Revision 1.40 / (download) - annotate - [select for diffs], Tue Mar 19 14:27:39 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.39: +3 -2 lines
Diff to previous 1.39 (colored)
make getpwnamallow() allways call pwcopy()
Revision 1.39 / (download) - annotate - [select for diffs], Tue Mar 19 10:49:35 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.38: +5 -5 lines
Diff to previous 1.38 (colored)
KNF whitespace
Revision 1.38 / (download) - annotate - [select for diffs], Mon Mar 18 03:41:08 2002 UTC (22 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.37: +23 -3 lines
Diff to previous 1.37 (colored)
move auth_approval into getpwnamallow with help from millert@
Revision 1.37 / (download) - annotate - [select for diffs], Sun Mar 17 20:25:56 2002 UTC (22 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.36: +13 -1 lines
Diff to previous 1.36 (colored)
getpwnamallow returns struct passwd * only if user valid; okay markus@
Revision 1.36 / (download) - annotate - [select for diffs], Fri Mar 15 11:00:38 2002 UTC (22 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.35: +3 -2 lines
Diff to previous 1.35 (colored)
fix file type checking (use S_ISREG). ok by markus
Revision 1.21.2.4 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:43 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.21.2.3: +32 -13 lines
Diff to previous 1.21.2.3 (colored) to branchpoint 1.21 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.11.2.8 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:41 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.11.2.7: +32 -13 lines
Diff to previous 1.11.2.7 (colored) to branchpoint 1.11 (colored) next main 1.12 (colored)
Merge OpenSSH 3.1.
Revision 1.28.2.2 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.28.2.1: +32 -13 lines
Diff to previous 1.28.2.1 (colored) to branchpoint 1.28 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.35 / (download) - annotate - [select for diffs], Fri Mar 1 13:12:10 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.34: +9 -3 lines
Diff to previous 1.34 (colored)
undo the 'delay hostname lookup' change match.c must not use compress.c (via canonhost.c/packet.c) thanks to wilfried@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Feb 28 20:56:00 2002 UTC (22 years, 2 months ago) by stevesk
Branch: MAIN
Changes since 1.33: +25 -6 lines
Diff to previous 1.33 (colored)
log user not allowed details, from dwd@bell-labs.com; ok markus@
Revision 1.33 / (download) - annotate - [select for diffs], Thu Feb 28 19:36:28 2002 UTC (22 years, 2 months ago) by stevesk
Branch: MAIN
Changes since 1.32: +3 -9 lines
Diff to previous 1.32 (colored)
delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers for sshd -u0; ok markus@
Revision 1.32 / (download) - annotate - [select for diffs], Tue Jan 29 14:32:03 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Dec 19 07:18:56 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +4 -4 lines
Diff to previous 1.30 (colored)
basic KNF done while i was looking for something else
Revision 1.30 / (download) - annotate - [select for diffs], Sat Nov 17 19:14:34 2001 UTC (22 years, 6 months ago) by stevesk
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
enum/int type cleanup where it made sense to do so; ok markus@
Revision 1.21.2.3 / (download) - annotate - [select for diffs], Thu Nov 15 22:51:15 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.21.2.2: +2 -2 lines
Diff to previous 1.21.2.2 (colored) to branchpoint 1.21 (colored)
Merge OpenSSH 3.0.1.
Revision 1.11.2.7 / (download) - annotate - [select for diffs], Thu Nov 15 22:50:30 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.11.2.6: +2 -2 lines
Diff to previous 1.11.2.6 (colored) to branchpoint 1.11 (colored)
Merge OpenSSH 3.0.1. This is likely to be the last commit to the 2.8-STABLE branch.
Revision 1.21.2.2 / (download) - annotate - [select for diffs], Thu Nov 15 00:15:19 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.21.2.1: +8 -3 lines
Diff to previous 1.21.2.1 (colored) to branchpoint 1.21 (colored)
Merge OpenSSH 3.0
Revision 1.11.2.6 / (download) - annotate - [select for diffs], Thu Nov 15 00:14:59 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.11.2.5: +8 -3 lines
Diff to previous 1.11.2.5 (colored) to branchpoint 1.11 (colored)
Merge OpenSSH 3.0
Revision 1.28.2.1 / (download) - annotate - [select for diffs], Wed Nov 14 03:24:38 2001 UTC (22 years, 6 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
Pull in patches from current (Errata 002): Update to OpenSSH-3.0.1 via errata patch (Instead of using release tarball)
Revision 1.29 / (download) - annotate - [select for diffs], Thu Nov 8 20:02:24 2001 UTC (22 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
don't print ROOT in CAPS for the authentication messages, i.e. Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2 becomes Accepted publickey for root from 127.0.0.1 port 42734 ssh2
Revision 1.28 / (download) - annotate - [select for diffs], Wed Oct 3 10:01:20 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.27: +8 -3 lines
Diff to previous 1.27 (colored)
use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp
Revision 1.21.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.21: +193 -3 lines
Diff to previous 1.21 (colored)
Pull in OpenSSH-2.9.9
Revision 1.11.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:41 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.11.2.4: +193 -3 lines
Diff to previous 1.11.2.4 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.27 / (download) - annotate - [select for diffs], Wed Jul 11 18:26:15 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.26: +7 -10 lines
Diff to previous 1.26 (colored)
no need to call dirname(pw->pw_dir). note that dirname(3) modifies its argument on some systems.
Revision 1.26 / (download) - annotate - [select for diffs], Wed Jun 27 04:48:52 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.25: +11 -3 lines
Diff to previous 1.25 (colored)
tridge@samba.org
Revision 1.25 / (download) - annotate - [select for diffs], Mon Jun 25 17:54:48 2001 UTC (22 years, 10 months ago) by provos
Branch: MAIN
Changes since 1.24: +13 -2 lines
Diff to previous 1.24 (colored)
terminate secure_filename checking after checking homedir. that way it works on AFS. okay markus@
Revision 1.24 / (download) - annotate - [select for diffs], Sat Jun 23 00:20:57 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.23: +42 -1 lines
Diff to previous 1.23 (colored)
*known_hosts2 is obsolete for hostbased authentication and only used for backward compat. merge ssh1/2 hostkey check and move it to auth.c
Revision 1.23 / (download) - annotate - [select for diffs], Thu May 24 11:12:42 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)
fix comment; from jakob@
Revision 1.22 / (download) - annotate - [select for diffs], Sun May 20 17:20:35 2001 UTC (23 years ago) by markus
Branch: MAIN
Changes since 1.21: +134 -1 lines
Diff to previous 1.21 (colored)
configurable authorized_keys{,2} location; originally from peter@; ok djm@
Revision 1.11.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:26 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.3: +0 -0 lines
Diff to previous 1.11.2.3 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.11.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:22 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.2: +2 -17 lines
Diff to previous 1.11.2.2 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.6.2.5 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:34 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.4: +2 -17 lines
Diff to previous 1.6.2.4 (colored) to branchpoint 1.6 (colored) next main 1.7 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.21 / (download) - annotate - [select for diffs], Mon Mar 19 17:07:23 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.20: +1 -10 lines
Diff to previous 1.20 (colored)
undo /etc/shell and proto 2,1 change for openssh-2.5.2
Revision 1.20 / (download) - annotate - [select for diffs], Sat Mar 17 17:27:59 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.19: +11 -2 lines
Diff to previous 1.19 (colored)
check /etc/shells, too
Revision 1.6.2.4 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:07 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.3: +103 -56 lines
Diff to previous 1.6.2.3 (colored) to branchpoint 1.6 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.19 / (download) - annotate - [select for diffs], Fri Mar 2 18:54:31 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
make copyright lines the same format
Revision 1.18 / (download) - annotate - [select for diffs], Thu Feb 22 21:59:43 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.17: +1 -16 lines
Diff to previous 1.17 (colored)
use pwcopy in ssh.c, too
Revision 1.11.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:18:37 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11.2.1: +0 -0 lines
Diff to previous 1.11.2.1 (colored) to branchpoint 1.11 (colored)
Pull in OpenSSH-2.5.1
Revision 1.11.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:12:53 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.11: +103 -56 lines
Diff to previous 1.11 (colored)
Pull in OpenSSH 2.5.0
Revision 1.17 / (download) - annotate - [select for diffs], Mon Feb 12 16:16:23 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.16: +18 -11 lines
Diff to previous 1.16 (colored)
PermitRootLogin={yes,without-password,forced-commands-only,no}
(before this change, root could login even if PermitRootLogin==no)
Revision 1.16 / (download) - annotate - [select for diffs], Sun Feb 4 15:32:22 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.15: +4 -4 lines
Diff to previous 1.15 (colored)
unexpand and remove end-of-line whitespace; ok markus@
Revision 1.15 / (download) - annotate - [select for diffs], Sat Feb 3 10:08:37 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
Revision 1.14 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:43 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.13: +4 -4 lines
Diff to previous 1.13 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jan 18 16:59:59 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.12: +72 -22 lines
Diff to previous 1.12 (colored)
1) removes fake skey from sshd, since this will be much harder with /usr/libexec/auth/login_XXX 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) 3) make addition of BSD_AUTH and other challenge reponse methods easier.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Jan 13 18:56:48 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.11: +23 -33 lines
Diff to previous 1.11 (colored)
support supplementary group in {Allow,Deny}Groups
from stevesk@pobox.com
Revision 1.6.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:22 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.2: +29 -3 lines
Diff to previous 1.6.2.2 (colored) to branchpoint 1.6 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.11 / (download) - annotate - [select for diffs], Wed Oct 11 20:27:23 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.10: +1 -2 lines
Diff to previous 1.10 (colored)
new cipher framework
Revision 1.10 / (download) - annotate - [select for diffs], Thu Sep 7 21:13:36 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.9: +1 -2 lines
Diff to previous 1.9 (colored)
some more Copyright fixes
Revision 1.9 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:49 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.8: +29 -1 lines
Diff to previous 1.8 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.6.2.2 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:17 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6.2.1: +1 -3 lines
Diff to previous 1.6.2.1 (colored) to branchpoint 1.6 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.8 / (download) - annotate - [select for diffs], Fri Aug 4 20:30:07 2000 UTC (23 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.7: +1 -3 lines
Diff to previous 1.7 (colored)
unused
Revision 1.6.2.1 / (download) - annotate - [select for diffs], Mon Jun 12 02:37:31 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.6: +9 -2 lines
Diff to previous 1.6 (colored)
lovin' CVS... update patch branch to OpenSSH-2.1.1
Revision 1.7 / (download) - annotate - [select for diffs], Wed May 17 21:37:24 2000 UTC (24 years ago) by deraadt
Branch: MAIN
Changes since 1.6: +9 -2 lines
Diff to previous 1.6 (colored)
accept an empty shell in authentication; bug reported by chris@tinker.ucr.edu
Revision 1.6 / (download) - annotate - [select for diffs], Wed Apr 26 21:28:31 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.5: +2 -826 lines
Diff to previous 1.5 (colored)
split auth/sshconnect in one file per protocol version
Revision 1.5 / (download) - annotate - [select for diffs], Wed Apr 26 20:56:29 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.4: +249 -49 lines
Diff to previous 1.4 (colored)
add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 14 10:30:29 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.3: +23 -23 lines
Diff to previous 1.3 (colored)
whitespace cleanup
Revision 1.3 / (download) - annotate - [select for diffs], Fri Apr 14 10:09:14 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.2: +15 -5 lines
Diff to previous 1.2 (colored)
check payload for (illegal) extra data
Revision 1.2 / (download) - annotate - [select for diffs], Thu Apr 6 08:55:22 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.1: +172 -1 lines
Diff to previous 1.1 (colored)
ssh2 server side, see README.openssh2; enable with 'sshd -2'
Revision 1.1 / (download) - annotate - [select for diffs], Tue Mar 28 21:15:45 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal