![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.26 / (download) - annotate - [select for diffs], Fri May 17 00:30:23 2024 UTC (4 hours, 56 minutes ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.25: +5 -7 lines
Diff to previous 1.25 (colored)
Start the process of splitting sshd into separate binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out.
Revision 1.25 / (download) - annotate - [select for diffs], Sun Mar 5 05:34:09 2023 UTC (14 months, 1 week ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.24: +1 -2 lines
Diff to previous 1.24 (colored)
Remove unused compat.h includes. We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it.
Revision 1.24 / (download) - annotate - [select for diffs], Sun Dec 19 22:12:07 2021 UTC (2 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.23: +3 -2 lines
Diff to previous 1.23 (colored)
prepare for multiple names for authmethods allow authentication methods to have one additional name beyond their primary name. allow lookup by this synonym Use primary name for authentication decisions, e.g. for PermitRootLogin=publickey Pass actual invoked name to the authmethods, so they can tell whether they were requested via the their primary name or synonym. ok markus@
Revision 1.23 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:01 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Jul 9 21:35:50 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.21: +1 -2 lines
Diff to previous 1.21 (colored)
sshd: switch authentication to sshbuf API; ok djm@
Revision 1.21 / (download) - annotate - [select for diffs], Sat Mar 3 03:15:51 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
switch over to the new authorized_keys options API and remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@
Revision 1.20 / (download) - annotate - [select for diffs], Tue May 30 14:29:59 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.19: +2 -3 lines
Diff to previous 1.19 (colored)
switch auth2 to ssh_dispatch API; ok djm@
Revision 1.19 / (download) - annotate - [select for diffs], Tue May 30 14:27:22 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.18: +9 -4 lines
Diff to previous 1.18 (colored)
switch auth2-none.c to modern APIs; ok djm@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.16: +3 -1 lines
Diff to previous 1.16 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.16 / (download) - annotate - [select for diffs], Fri Jun 25 08:46:17 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
skip the initial check for access with an empty password when PermitEmptyPasswords=no;
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jul 2 12:36:39 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.14: +1 -65 lines
Diff to previous 1.14 (colored)
Make protocol 2 MaxAuthTries behaviour a little more sensible: Check whether client has exceeded MaxAuthTries before running an authentication method and skip it if they have, previously it would always allow one try (for "none" auth). Preincrement failure count before post-auth test - previously this checked and postincremented, also to allow one "none" try. Together, these two changes always count the "none" auth method which could be skipped by a malicious client (e.g. an SSH worm) to get an extra attempt at a real auth method. They also make MaxAuthTries=0 a useful way to block users entirely (esp. in a sshd_config Match block). Also, move sending of any preauth banner from "none" auth method to the first call to input_userauth_request(), so worms that skip the "none" method get to see it too.
Revision 1.14 / (download) - annotate - [select for diffs], Thu Aug 23 03:22:16 2007 UTC (16 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.13: +5 -2 lines
Diff to previous 1.13 (colored)
Support "Banner=none" to disable displaying of the pre-login banner; ok dtucker@ deraadt@
Revision 1.7.6.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.7: +14 -3 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
upgrade to OpenSSH 4.4
Revision 1.8.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.8: +12 -4 lines
Diff to previous 1.8 (colored) next main 1.9 (colored)
upgrade to OpenSSH 4.4
Revision 1.13 / (download) - annotate - [select for diffs], Sat Aug 5 07:52:52 2006 UTC (17 years, 9 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.12: +3 -1 lines
Diff to previous 1.12 (colored)
Add headers required to build with KERBEROS5=no. ok djm@
Revision 1.12 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:41 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.11: +8 -4 lines
Diff to previous 1.11 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jul 9 15:15:10 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.10: +3 -1 lines
Diff to previous 1.10 (colored)
move #include <fcntl.h> out of includes.h
Revision 1.10 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:01 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.9: +1 -0 lines
Diff to previous 1.9 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.9 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.8: +0 -1 lines
Diff to previous 1.8 (colored)
RCSID() can die
Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 20 17:19:54 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.7: +4 -1 lines
Diff to previous 1.7 (colored)
move #include <sys/stat.h> out of includes.h; ok markus@
Revision 1.6.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:30 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.6: +8 -3 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
upgrade to OpenSSH 3.9
Revision 1.6.4.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:26 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.6: +8 -3 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
upgrade to OpenSSH 3.9
Revision 1.7 / (download) - annotate - [select for diffs], Tue May 11 19:01:43 2004 UTC (20 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6
Branch point for: OPENBSD_3_8
Changes since 1.6: +8 -3 lines
Diff to previous 1.6 (colored)
improve some code lint did not like; djm millert ok
Revision 1.4.4.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.4.4.1: +0 -0 lines
Diff to previous 1.4.4.1 (colored) to branchpoint 1.4 (colored) next main 1.5 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.4.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:24 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.4: +4 -2 lines
Diff to previous 1.4 (colored) next main 1.5 (colored)
upgrade to OpenSSH 3.7
Revision 1.4.4.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:42 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.4: +4 -2 lines
Diff to previous 1.4 (colored)
upgrade to OpenSSH 3.7
Revision 1.6 / (download) - annotate - [select for diffs], Tue Aug 26 09:58:43 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_5,
OPENBSD_3_4
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 31 09:21:02 2003 UTC (20 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.4: +4 -2 lines
Diff to previous 1.4 (colored)
check whether passwd auth is allowd, similar to proto 1; rob@pitman.co.za ok henning
Revision 1.3.2.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:06 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.3.2.1: +2 -2 lines
Diff to previous 1.3.2.1 (colored) next main 1.4 (colored)
Update to OpenSSH 3.5
Revision 1.3.4.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:52 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.3.4.1: +2 -2 lines
Diff to previous 1.3.4.1 (colored) next main 1.4 (colored)
Update to OpenSSH 3.5
Revision 1.4 / (download) - annotate - [select for diffs], Thu Jun 27 10:35:47 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_3,
OPENBSD_3_2
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
use xfree()
Revision 1.3.4.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:52:13 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored)
More missing files in 3.4 merge
Revision 1.3.2.1 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:16 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jun 19 00:27:55 2002 UTC (21 years, 11 months ago) by deraadt
Branch: MAIN
Branch point for: OPENBSD_3_1,
OPENBSD_3_0
Changes since 1.2: +2 -3 lines
Diff to previous 1.2 (colored)
KNF done automatically while reading....
Revision 1.2 / (download) - annotate - [select for diffs], Fri May 31 11:35:15 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.1: +12 -7 lines
Diff to previous 1.1 (colored)
move Authmethod definitons to per-method file.
Revision 1.1 / (download) - annotate - [select for diffs], Sat May 25 18:51:07 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
split auth2.c into one file per method; ok provos@/deraadt@