![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.144 / (download) - annotate - [select for diffs], Tue Mar 14 07:26:25 2023 UTC (14 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.143: +3 -1 lines
Diff to previous 1.143 (colored)
Check pointer for NULL before attempting to deref. None of the existing callers seem to do that, but it's worth checking. From Coverity CID 291834, ok djm@
Revision 1.143 / (download) - annotate - [select for diffs], Tue Jun 21 14:52:13 2022 UTC (22 months, 3 weeks ago) by tobhe
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.142: +12 -7 lines
Diff to previous 1.142 (colored)
Make sure not to fclose() the same fd twice in case of an error. ok dtucker@
Revision 1.142 / (download) - annotate - [select for diffs], Sat Jan 1 01:55:30 2022 UTC (2 years, 4 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored)
spelling ok dtucker@
Revision 1.141 / (download) - annotate - [select for diffs], Thu Jun 18 23:33:38 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.140: +8 -2 lines
Diff to previous 1.140 (colored)
avoid spurious "Unable to load host key" message when sshd can load a private key but no public counterpart; with & ok markus@
Revision 1.140 / (download) - annotate - [select for diffs], Fri Apr 17 07:15:11 2020 UTC (4 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.139: +9 -34 lines
Diff to previous 1.139 (colored)
refactor out some duplicate private key loading code; based on patch from loic AT venez.fr, ok dtucker@
Revision 1.139 / (download) - annotate - [select for diffs], Wed Apr 8 00:10:37 2020 UTC (4 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.138: +37 -1 lines
Diff to previous 1.138 (colored)
let sshkey_try_load_public() load public keys from the unencrypted envelope of private key files if not sidecar public key file is present. ok markus@
Revision 1.138 / (download) - annotate - [select for diffs], Wed Apr 8 00:09:24 2020 UTC (4 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.137: +19 -39 lines
Diff to previous 1.137 (colored)
simplify sshkey_try_load_public() ok markus@
Revision 1.137 / (download) - annotate - [select for diffs], Sat Jan 25 23:02:13 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.136: +9 -68 lines
Diff to previous 1.136 (colored)
factor out reading/writing sshbufs to dedicated functions; feedback and ok markus@
Revision 1.136 / (download) - annotate - [select for diffs], Thu Jan 2 22:38:33 2020 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.135: +32 -1 lines
Diff to previous 1.135 (colored)
add sshkey_save_public(), to save a public key; ok markus@
Revision 1.135 / (download) - annotate - [select for diffs], Tue Sep 3 08:30:47 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.134: +23 -1 lines
Diff to previous 1.134 (colored)
move advance_past_options to authfile.c and make it public; ok markus@
Revision 1.134 / (download) - annotate - [select for diffs], Mon Aug 5 11:50:33 2019 UTC (4 years, 9 months ago) by dtucker
Branch: MAIN
Changes since 1.133: +8 -16 lines
Diff to previous 1.133 (colored)
Remove now-redundant perm_ok arg since sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from jitendra.sharma at intel.com, ok djm@
Revision 1.133 / (download) - annotate - [select for diffs], Mon Jul 15 13:16:29 2019 UTC (4 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.132: +3 -3 lines
Diff to previous 1.132 (colored)
support PKCS8 as an optional format for storage of private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus
Revision 1.132 / (download) - annotate - [select for diffs], Fri Jun 28 13:35:04 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.131: +6 -6 lines
Diff to previous 1.131 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.131 / (download) - annotate - [select for diffs], Fri Sep 21 12:20:12 2018 UTC (5 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.130: +10 -4 lines
Diff to previous 1.130 (colored)
In sshkey_in_file(), ignore keys that are considered for being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to be "in the file". This allows key revocation lists to contain short keys without the entire revocation list being considered invalid. bz#2897; ok dtucker
Revision 1.130 / (download) - annotate - [select for diffs], Mon Jul 9 21:59:10 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored)
replace cast with call to sshbuf_mutable_ptr(); ok djm@
Revision 1.129 / (download) - annotate - [select for diffs], Wed Jun 6 18:29:18 2018 UTC (5 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.128: +11 -11 lines
Diff to previous 1.128 (colored)
switch config file parsing to getline(3) as this avoids static limits noted by gerhard@; ok dtucker@, djm@
Revision 1.128 / (download) - annotate - [select for diffs], Fri Feb 23 15:58:37 2018 UTC (6 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.127: +7 -1 lines
Diff to previous 1.127 (colored)
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@
Revision 1.127 / (download) - annotate - [select for diffs], Sat Jul 1 13:50:45 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.126: +1 -2 lines
Diff to previous 1.126 (colored)
remove post-SSHv1 removal dead code from rsa.c and merge the remaining bit that it still used into ssh-rsa.c; ok markus
Revision 1.126 / (download) - annotate - [select for diffs], Wed May 31 09:15:42 2017 UTC (6 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.125: +2 -14 lines
Diff to previous 1.125 (colored)
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus
Revision 1.125 / (download) - annotate - [select for diffs], Tue May 30 08:49:32 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.124: +21 -23 lines
Diff to previous 1.124 (colored)
revise sshkey_load_public(): remove ssh1 related comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if 'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@
Revision 1.124 / (download) - annotate - [select for diffs], Sun Apr 30 23:10:43 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.123: +1 -55 lines
Diff to previous 1.123 (colored)
unifdef WITH_SSH1 ok markus@
Revision 1.123 / (download) - annotate - [select for diffs], Sun Mar 26 00:18:52 2017 UTC (7 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.122: +2 -2 lines
Diff to previous 1.122 (colored)
incorrect renditions of this quote bother me
Revision 1.122 / (download) - annotate - [select for diffs], Fri Nov 25 23:24:45 2016 UTC (7 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.121: +14 -2 lines
Diff to previous 1.121 (colored)
use sshbuf_allocate() to pre-allocate the buffer used for loading keys. This avoids implicit realloc inside the buffer code, which might theoretically leave fragments of the key on the heap. This doesn't appear to happen in practice for normal sized keys, but was observed for novelty oversize ones. Pointed out by Jann Horn of Project Zero; ok markus@
Revision 1.121 / (download) - annotate - [select for diffs], Sat Apr 9 12:39:30 2016 UTC (8 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.120: +22 -12 lines
Diff to previous 1.120 (colored)
make private key loading functions consistently handle NULL key pointer arguments; ok markus@
Revision 1.120 / (download) - annotate - [select for diffs], Fri Dec 11 04:21:11 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.119: +3 -5 lines
Diff to previous 1.119 (colored)
Remove NULL-checks before sshbuf_free(). ok djm@
Revision 1.119 / (download) - annotate - [select for diffs], Fri Dec 11 02:31:47 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
Changes since 1.118: +5 -9 lines
Diff to previous 1.118 (colored)
Remove NULL-checks before sshkey_free(). ok djm@
Revision 1.118 / (download) - annotate - [select for diffs], Thu Dec 10 17:08:40 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
Changes since 1.117: +2 -3 lines
Diff to previous 1.117 (colored)
Remove NULL-checks before free(). ok dtucker@
Revision 1.117 / (download) - annotate - [select for diffs], Sun Sep 13 14:39:16 2015 UTC (8 years, 8 months ago) by tim
Branch: MAIN
Changes since 1.116: +3 -3 lines
Diff to previous 1.116 (colored)
- Fix error message: passphrase needs to be at least 5 characters, not 4. - Remove unused function argument. - Remove two unnecessary variables. OK djm@
Revision 1.116 / (download) - annotate - [select for diffs], Thu Jul 9 09:49:46 2015 UTC (8 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.115: +3 -3 lines
Diff to previous 1.115 (colored)
re-enable ed25519-certs if compiled w/o openssl; ok djm
Revision 1.115 / (download) - annotate - [select for diffs], Fri Jul 3 03:43:18 2015 UTC (8 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.114: +2 -2 lines
Diff to previous 1.114 (colored)
delete support for legacy v00 certificates; "sure" markus@ dtucker@
Revision 1.114 / (download) - annotate - [select for diffs], Fri Apr 17 13:32:09 2015 UTC (9 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.113: +2 -2 lines
Diff to previous 1.113 (colored)
s/recommended/required/ that private keys be og-r this wording change was made a while ago but got accidentally reverted
Revision 1.113 / (download) - annotate - [select for diffs], Tue Mar 31 22:55:50 2015 UTC (9 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.112: +3 -1 lines
Diff to previous 1.112 (colored)
fd leak for !ssh1 case; found by unittests; ok markus@
Revision 1.112 / (download) - annotate - [select for diffs], Wed Mar 18 01:44:21 2015 UTC (9 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.111: +1 -3 lines
Diff to previous 1.111 (colored)
KRL support doesn't need OpenSSL anymore, remove #ifdefs from around call
Revision 1.111 / (download) - annotate - [select for diffs], Mon Feb 23 16:55:51 2015 UTC (9 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.110: +4 -1 lines
Diff to previous 1.110 (colored)
add an XXX to remind me to improve sshkey_load_public
Revision 1.110 / (download) - annotate - [select for diffs], Tue Jan 20 23:14:00 2015 UTC (9 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.109: +3 -3 lines
Diff to previous 1.109 (colored)
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
Revision 1.109 / (download) - annotate - [select for diffs], Thu Jan 8 10:14:08 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.108: +24 -40 lines
Diff to previous 1.108 (colored)
deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
Revision 1.108 / (download) - annotate - [select for diffs], Thu Dec 4 02:24:32 2014 UTC (9 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.107: +48 -10 lines
Diff to previous 1.107 (colored)
add RevokedHostKeys option for the client Allow textfile or KRL-based revocation of hostkeys.
Revision 1.107 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.106: +316 -1088 lines
Diff to previous 1.106 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.106 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
Changes since 1.105: +32 -1 lines
Diff to previous 1.105 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.105 / (download) - annotate - [select for diffs], Mon Apr 28 03:09:18 2014 UTC (10 years ago) by djm
Branch: MAIN
Changes since 1.104: +3 -2 lines
Diff to previous 1.104 (colored)
buffer_get_string_ptr's return should be const to remind callers that futzing with it will futz with the actual buffer contents
Revision 1.104 / (download) - annotate - [select for diffs], Wed Mar 12 04:51:12 2014 UTC (10 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.103: +2 -2 lines
Diff to previous 1.103 (colored)
correct test that kdf name is not "none" or "bcrypt"
Revision 1.103 / (download) - annotate - [select for diffs], Sun Feb 2 03:44:31 2014 UTC (10 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.102: +7 -7 lines
Diff to previous 1.102 (colored)
convert memset of potentially-private data to explicit_bzero()
Revision 1.102 / (download) - annotate - [select for diffs], Fri Jan 31 16:39:19 2014 UTC (10 years, 3 months ago) by tedu
Branch: MAIN
Changes since 1.101: +4 -4 lines
Diff to previous 1.101 (colored)
replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
Revision 1.101 / (download) - annotate - [select for diffs], Sun Dec 29 04:35:50 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.100: +2 -1 lines
Diff to previous 1.100 (colored)
don't refuse to load Ed25519 certificates
Revision 1.100 / (download) - annotate - [select for diffs], Fri Dec 6 13:39:49 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.99: +9 -1 lines
Diff to previous 1.99 (colored)
support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
Revision 1.99 / (download) - annotate - [select for diffs], Fri Dec 6 13:34:54 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.98: +361 -10 lines
Diff to previous 1.98 (colored)
new private key format, bcrypt as KDF by default; details in PROTOCOL.key; feedback and lots help from djm; ok djm@
Revision 1.98 / (download) - annotate - [select for diffs], Thu Nov 21 00:45:43 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.97: +3 -3 lines
Diff to previous 1.97 (colored)
Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
Revision 1.97 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.96: +5 -5 lines
Diff to previous 1.96 (colored)
bye, bye xfree(); ok markus@
Revision 1.96 / (download) - annotate - [select for diffs], Fri Apr 19 01:06:50 2013 UTC (11 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.95: +3 -3 lines
Diff to previous 1.95 (colored)
add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
Revision 1.95 / (download) - annotate - [select for diffs], Tue Jan 8 18:49:04 2013 UTC (11 years, 4 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.94: +3 -3 lines
Diff to previous 1.94 (colored)
support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
Revision 1.94 / (download) - annotate - [select for diffs], Tue Dec 11 22:31:18 2012 UTC (11 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.93: +3 -3 lines
Diff to previous 1.93 (colored)
add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@
Revision 1.93 / (download) - annotate - [select for diffs], Wed Jan 25 19:36:31 2012 UTC (12 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)
memleak in key_load_file(); from Jan Klemkow
Revision 1.92 / (download) - annotate - [select for diffs], Tue Jun 14 22:49:18 2011 UTC (12 years, 11 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.91: +28 -25 lines
Diff to previous 1.91 (colored)
make sure key_parse_public/private_rsa1() no longer consumes its input buffer. fixes ssh-add for passphrase-protected ssh1-keys; noted by naddy@; ok djm@
Revision 1.91 / (download) - annotate - [select for diffs], Mon May 23 07:24:57 2011 UTC (12 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.90: +6 -3 lines
Diff to previous 1.90 (colored)
read in key comments for v.2 keys (though note that these are not passed over the agent protocol); bz#439, based on patch from binder AT arago.de; ok markus@
Revision 1.90 / (download) - annotate - [select for diffs], Fri May 13 00:05:36 2011 UTC (13 years ago) by djm
Branch: MAIN
Changes since 1.89: +2 -1 lines
Diff to previous 1.89 (colored)
warn on unexpected key type in key_parse_private_type()
Revision 1.89 / (download) - annotate - [select for diffs], Tue May 10 05:46:46 2011 UTC (13 years ago) by djm
Branch: MAIN
Changes since 1.88: +4 -1 lines
Diff to previous 1.88 (colored)
despam debug() logs by detecting that we are trying to load a private key in key_try_load_public() and returning early; ok markus@
Revision 1.88 / (download) - annotate - [select for diffs], Wed May 4 21:15:29 2011 UTC (13 years ago) by djm
Branch: MAIN
Changes since 1.87: +64 -36 lines
Diff to previous 1.87 (colored)
allow "ssh-add - < key"; feedback and ok markus@
Revision 1.87 / (download) - annotate - [select for diffs], Mon Nov 29 18:57:04 2010 UTC (13 years, 5 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.86: +3 -2 lines
Diff to previous 1.86 (colored)
correctly load comment for encrypted rsa1 keys; report/fix Joachim Schipper; ok djm@
Revision 1.86 / (download) - annotate - [select for diffs], Sun Nov 21 10:57:07 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.85: +254 -193 lines
Diff to previous 1.85 (colored)
Refactor internals of private key loading and saving to work on memory buffers rather than directly on files. This will make a few things easier to do in the future; ok markus@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Oct 28 11:22:09 2010 UTC (13 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.84: +5 -9 lines
Diff to previous 1.84 (colored)
fix a possible NULL deref on loading a corrupt ECDH key store ECDH group information in private keys files as "named groups" rather than as a set of explicit group parameters (by setting the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and retrieves the group's OpenSSL NID that we need for various things.
Revision 1.84 / (download) - annotate - [select for diffs], Wed Sep 8 03:54:36 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.83: +2 -2 lines
Diff to previous 1.83 (colored)
typo
Revision 1.83 / (download) - annotate - [select for diffs], Tue Aug 31 11:54:45 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.82: +31 -1 lines
Diff to previous 1.82 (colored)
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Revision 1.82 / (download) - annotate - [select for diffs], Wed Aug 4 05:49:22 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.81: +7 -5 lines
Diff to previous 1.81 (colored)
commited the wrong version of the hostbased certificate diff; this
version replaces some strlc{py,at} verbosity with xasprintf() at
the request of markus@
Revision 1.81 / (download) - annotate - [select for diffs], Wed Aug 4 05:42:47 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.80: +59 -1 lines
Diff to previous 1.80 (colored)
enable certificates for hostbased authentication, from Iain Morgan; "looks ok" markus@
Revision 1.80 / (download) - annotate - [select for diffs], Thu Mar 4 10:36:03 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.79: +63 -1 lines
Diff to previous 1.79 (colored)
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
Revision 1.79 / (download) - annotate - [select for diffs], Tue Jan 12 00:16:47 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)
Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. Patch from joachim joachimschipper nl.
Revision 1.78 / (download) - annotate - [select for diffs], Mon Jan 11 04:46:45 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.77: +11 -3 lines
Diff to previous 1.77 (colored)
Do not prompt for a passphrase if we fail to open a keyfile, and log the reason the open failed to debug. bz #1693, found by tj AT castaglia org, ok djm@
Revision 1.77 / (download) - annotate - [select for diffs], Thu Oct 22 22:26:13 2009 UTC (14 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)
switch from 3DES to AES-128 for encryption of passphrase-protected SSH protocol 2 private keys; ok several
Revision 1.61.2.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.61: +21 -11 lines
Diff to previous 1.61 (colored) next main 1.62 (colored)
upgrade to OpenSSH 4.4
Revision 1.62.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.62: +18 -11 lines
Diff to previous 1.62 (colored) next main 1.63 (colored)
upgrade to OpenSSH 4.4
Revision 1.76 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:41 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.75: +3 -4 lines
Diff to previous 1.75 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.75 / (download) - annotate - [select for diffs], Tue Aug 1 23:36:11 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
clean extra spaces
Revision 1.74 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)
move #include <stdio.h> out of includes.h
Revision 1.73 / (download) - annotate - [select for diffs], Wed Jul 26 13:57:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.72: +2 -1 lines
Diff to previous 1.72 (colored)
move #include <stdlib.h> out of includes.h
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jul 26 02:35:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
move #include <sys/param.h> out of includes.h
Revision 1.71 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:22 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.70: +2 -1 lines
Diff to previous 1.70 (colored)
move #include <string.h> out of includes.h
Revision 1.70 / (download) - annotate - [select for diffs], Mon Jul 17 01:31:09 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
move #include <unistd.h> out of includes.h
Revision 1.69 / (download) - annotate - [select for diffs], Tue Jul 11 20:27:56 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)
need <errno.h> here also (it's also included in <openssl/err.h>)
Revision 1.68 / (download) - annotate - [select for diffs], Sun Jul 9 15:15:10 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.67: +3 -1 lines
Diff to previous 1.67 (colored)
move #include <fcntl.h> out of includes.h
Revision 1.67 / (download) - annotate - [select for diffs], Tue Apr 25 08:02:27 2006 UTC (18 years ago) by dtucker
Branch: MAIN
Changes since 1.66: +6 -2 lines
Diff to previous 1.66 (colored)
Prevent ssh from trying to open private keys with bad permissions more than once or prompting for their passphrases (which it subsequently ignores anyway), similar to a previous change in ssh-add. bz #1186, ok djm@
Revision 1.66 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:01 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.65: +1 -0 lines
Diff to previous 1.65 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.65 / (download) - annotate - [select for diffs], Sun Mar 19 18:59:09 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.64: +0 -4 lines
Diff to previous 1.64 (colored)
whoever thought that break after return was a good idea needs to get their head examimed
Revision 1.64 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.63: +0 -1 lines
Diff to previous 1.63 (colored)
RCSID() can die
Revision 1.63 / (download) - annotate - [select for diffs], Mon Mar 13 10:26:52 2006 UTC (18 years, 2 months ago) by dtucker
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
Make ssh-add check file permissions before attempting to load private key files multiple times; it will fail anyway and this prevents confusing multiple prompts and warnings. mindrot #1138, ok djm@
Revision 1.62 / (download) - annotate - [select for diffs], Mon Feb 20 17:19:54 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.61: +4 -1 lines
Diff to previous 1.61 (colored)
move #include <sys/stat.h> out of includes.h; ok markus@
Revision 1.60.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:00 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.60: +9 -7 lines
Diff to previous 1.60 (colored) next main 1.61 (colored)
upgrade to OpenSSH 4.2
Revision 1.58.2.2 / (download) - annotate - [select for diffs], Fri Sep 2 03:44:59 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.58.2.1: +9 -7 lines
Diff to previous 1.58.2.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)
upgrade to OpenSSH 4.2
Revision 1.61 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:32 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.60: +9 -7 lines
Diff to previous 1.60 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.55.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.55.2.1: +11 -6 lines
Diff to previous 1.55.2.1 (colored) to branchpoint 1.55 (colored) next main 1.56 (colored)
upgrade to OpenSSH 4.0
Revision 1.58.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.58: +6 -4 lines
Diff to previous 1.58 (colored)
upgrade to OpenSSH 4.0
Revision 1.60 / (download) - annotate - [select for diffs], Sat Dec 11 01:48:56 2004 UTC (19 years, 5 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.59: +3 -2 lines
Diff to previous 1.59 (colored)
Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@
Revision 1.59 / (download) - annotate - [select for diffs], Mon Dec 6 11:41:03 2004 UTC (19 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.58: +5 -4 lines
Diff to previous 1.58 (colored)
Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@
Revision 1.58 / (download) - annotate - [select for diffs], Mon Aug 23 11:48:09 2004 UTC (19 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.57: +6 -3 lines
Diff to previous 1.57 (colored)
fix error path, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
Revision 1.54.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:30 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.54.2.1: +15 -9 lines
Diff to previous 1.54.2.1 (colored) to branchpoint 1.54 (colored) next main 1.55 (colored)
upgrade to OpenSSH 3.9
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:26 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.55: +15 -9 lines
Diff to previous 1.55 (colored)
upgrade to OpenSSH 3.9
Revision 1.57 / (download) - annotate - [select for diffs], Mon Jun 21 17:36:31 2004 UTC (19 years, 10 months ago) by avsm
Branch: MAIN
Changes since 1.56: +5 -5 lines
Diff to previous 1.56 (colored)
make ssh -Wshadow clean, no functional changes markus@ ok
Revision 1.56 / (download) - annotate - [select for diffs], Tue May 11 19:01:43 2004 UTC (20 years ago) by deraadt
Branch: MAIN
Changes since 1.55: +11 -5 lines
Diff to previous 1.55 (colored)
improve some code lint did not like; djm millert ok
Revision 1.52.2.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.52.2.1: +2 -1 lines
Diff to previous 1.52.2.1 (colored) to branchpoint 1.52 (colored) next main 1.53 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.54.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:32 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.54: +2 -1 lines
Diff to previous 1.54 (colored)
upgrade to OpenSSH 3.8
Revision 1.55 / (download) - annotate - [select for diffs], Thu Sep 18 07:56:05 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.54: +2 -1 lines
Diff to previous 1.54 (colored)
missing buffer_free(&encrypted); #662; zardoz at users.sf.net
Revision 1.50.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:24 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.50.2.1: +11 -2 lines
Diff to previous 1.50.2.1 (colored) to branchpoint 1.50 (colored) next main 1.51 (colored)
upgrade to OpenSSH 3.7
Revision 1.52.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:42 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.52: +11 -2 lines
Diff to previous 1.52 (colored)
upgrade to OpenSSH 3.7
Revision 1.54 / (download) - annotate - [select for diffs], Sat May 24 09:30:39 2003 UTC (20 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
cast some types for printing; ok markus@
Revision 1.53 / (download) - annotate - [select for diffs], Sun May 11 16:56:48 2003 UTC (21 years ago) by markus
Branch: MAIN
Changes since 1.52: +10 -1 lines
Diff to previous 1.52 (colored)
change key_load_public to try to read a public from: rsa1 private or rsa1 public and ssh2 keys. this makes ssh-keygen -e fail for ssh1 keys more gracefully for example; report from itojun (netbsd pr 20550).
Revision 1.48.2.2 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:16 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.48.2.1: +27 -5 lines
Diff to previous 1.48.2.1 (colored) to branchpoint 1.48 (colored) next main 1.49 (colored)
Merge OpenSSH 3.6.1
Revision 1.50.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:13 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.50: +27 -5 lines
Diff to previous 1.50 (colored)
Update to OpenSSH 3.6
Revision 1.52 / (download) - annotate - [select for diffs], Thu Mar 13 11:42:18 2003 UTC (21 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.51: +12 -1 lines
Diff to previous 1.51 (colored)
move RSA_blinding_on to generic key load method
Revision 1.51 / (download) - annotate - [select for diffs], Fri Nov 15 10:03:09 2002 UTC (21 years, 6 months ago) by fgsch
Branch: MAIN
Changes since 1.50: +15 -4 lines
Diff to previous 1.50 (colored)
lseek(2) may return -1 when getting the public/private key lenght. Simplify the code and check for errors using fstat(2). Problem reported by Mauricio Sanchez, markus@ ok.
Revision 1.39.2.3 / (download) - annotate - [select for diffs], Wed Jun 26 18:22:34 2002 UTC (21 years, 10 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.39.2.2: +3 -3 lines
Diff to previous 1.39.2.2 (colored) to branchpoint 1.39 (colored) next main 1.40 (colored)
There was an update to OpenSSH 3.4, and people rejoiced.
Revision 1.48.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:37 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.48: +4 -4 lines
Diff to previous 1.48 (colored)
Pull in OpenSSH-3.4
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jun 24 14:55:38 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
cat to (void) when output from buffer_get_X is ignored
Revision 1.39.2.2 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:17 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.39.2.1: +2 -2 lines
Diff to previous 1.39.2.1 (colored) to branchpoint 1.39 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.49 / (download) - annotate - [select for diffs], Thu May 23 19:24:30 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys).
Revision 1.32.2.3 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:44 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.32.2.2: +30 -39 lines
Diff to previous 1.32.2.2 (colored) to branchpoint 1.32 (colored) next main 1.33 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.20.2.7 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:42 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.20.2.6: +30 -39 lines
Diff to previous 1.20.2.6 (colored) to branchpoint 1.20 (colored) next main 1.21 (colored)
Merge OpenSSH 3.1.
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.39: +30 -39 lines
Diff to previous 1.39 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.48 / (download) - annotate - [select for diffs], Thu Feb 28 15:46:33 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
add some const EVP_MD for openssl-0.9.7
Revision 1.47 / (download) - annotate - [select for diffs], Sun Feb 24 19:14:59 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
signed vs. unsigned: make size arguments u_int, ok stevesk@
Revision 1.46 / (download) - annotate - [select for diffs], Thu Feb 14 23:41:01 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.45: +14 -12 lines
Diff to previous 1.45 (colored)
hide some more implementation details of cipher.[ch] and prepares for move to EVP, ok deraadt@
Revision 1.45 / (download) - annotate - [select for diffs], Sat Dec 29 21:56:01 2001 UTC (22 years, 4 months ago) by stevesk
Branch: MAIN
Changes since 1.44: +7 -7 lines
Diff to previous 1.44 (colored)
remove unneeded casts and some char->u_char cleanup; ok markus@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Dec 27 18:26:13 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)
missing include
Revision 1.43 / (download) - annotate - [select for diffs], Thu Dec 27 18:22:16 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.42: +2 -14 lines
Diff to previous 1.42 (colored)
call fatal() for openssl allocation failures
Revision 1.42 / (download) - annotate - [select for diffs], Wed Dec 19 17:16:13 2001 UTC (22 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.41: +5 -5 lines
Diff to previous 1.41 (colored)
change the buffer/packet interface to use void* vs. char*; ok markus@
Revision 1.41 / (download) - annotate - [select for diffs], Wed Dec 19 07:18:56 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.40: +4 -4 lines
Diff to previous 1.40 (colored)
basic KNF done while i was looking for something else
Revision 1.40 / (download) - annotate - [select for diffs], Wed Dec 5 10:06:12 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
minor KNF
Revision 1.32.2.2 / (download) - annotate - [select for diffs], Thu Nov 15 00:15:19 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.32.2.1: +5 -5 lines
Diff to previous 1.32.2.1 (colored) to branchpoint 1.32 (colored)
Merge OpenSSH 3.0
Revision 1.20.2.6 / (download) - annotate - [select for diffs], Thu Nov 15 00:14:59 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.20.2.5: +5 -5 lines
Diff to previous 1.20.2.5 (colored) to branchpoint 1.20 (colored)
Merge OpenSSH 3.0
Revision 1.39 / (download) - annotate - [select for diffs], Sun Oct 7 10:29:52 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.38: +5 -5 lines
Diff to previous 1.38 (colored)
grammer; Matthew_Clarke@mindlink.bc.ca
Revision 1.32.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.32: +25 -18 lines
Diff to previous 1.32 (colored)
Pull in OpenSSH-2.9.9
Revision 1.20.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:41 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.20.2.4: +25 -18 lines
Diff to previous 1.20.2.4 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.38 / (download) - annotate - [select for diffs], Sun Sep 23 11:09:13 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.37: +10 -7 lines
Diff to previous 1.37 (colored)
relax permission check for private key files.
Revision 1.37 / (download) - annotate - [select for diffs], Sat Jun 23 15:12:17 2001 UTC (22 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.36: +8 -8 lines
Diff to previous 1.36 (colored)
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
Revision 1.36 / (download) - annotate - [select for diffs], Thu Jun 7 20:23:03 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)
use xxx_put_cstring()
Revision 1.35 / (download) - annotate - [select for diffs], Tue May 29 12:31:27 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
typo
Revision 1.34 / (download) - annotate - [select for diffs], Mon May 28 10:08:55 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.33: +8 -5 lines
Diff to previous 1.33 (colored)
key_load_private: set comment to filename for PEM keys
Revision 1.33 / (download) - annotate - [select for diffs], Wed May 16 20:51:57 2001 UTC (23 years ago) by markus
Branch: MAIN
Changes since 1.32: +3 -2 lines
Diff to previous 1.32 (colored)
return comments for private pem files, too; report from nolan@naic.edu
Revision 1.20.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:26 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.3: +202 -181 lines
Diff to previous 1.20.2.3 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.32 / (download) - annotate - [select for diffs], Wed Apr 18 23:44:51 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
error->debug; noted by fries@
Revision 1.31 / (download) - annotate - [select for diffs], Sun Apr 15 16:58:03 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.30: +17 -15 lines
Diff to previous 1.30 (colored)
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
Revision 1.30 / (download) - annotate - [select for diffs], Mon Mar 26 23:12:42 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.29: +9 -9 lines
Diff to previous 1.29 (colored)
KNF
Revision 1.29 / (download) - annotate - [select for diffs], Mon Mar 26 08:07:07 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.28: +181 -162 lines
Diff to previous 1.28 (colored)
simpler key load/save interface, see authfile.h
Revision 1.20.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:23 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.2: +14 -7 lines
Diff to previous 1.20.2.2 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.16.2.4 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:36 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.16.2.3: +14 -7 lines
Diff to previous 1.16.2.3 (colored) to branchpoint 1.16 (colored) next main 1.17 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.16.2.3 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:08 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.16.2.2: +102 -78 lines
Diff to previous 1.16.2.2 (colored) to branchpoint 1.16 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.28 / (download) - annotate - [select for diffs], Wed Feb 21 09:05:54 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.27: +14 -7 lines
Diff to previous 1.27 (colored)
improve fd handling
Revision 1.20.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:18:40 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.1: +0 -0 lines
Diff to previous 1.20.2.1 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.5.1
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:12:54 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20: +102 -78 lines
Diff to previous 1.20 (colored)
Pull in OpenSSH 2.5.0
Revision 1.27 / (download) - annotate - [select for diffs], Thu Feb 8 19:30:51 2001 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
Revision 1.26 / (download) - annotate - [select for diffs], Sun Jan 28 22:27:05 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.25: +13 -13 lines
Diff to previous 1.25 (colored)
spelling. use sizeof vs. strlen(). ok markus@
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:44 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.24: +5 -6 lines
Diff to previous 1.24 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.24 / (download) - annotate - [select for diffs], Wed Dec 20 19:26:56 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
allow ssh -i userkey for root
Revision 1.23 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:55 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.22: +7 -7 lines
Diff to previous 1.22 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.22 / (download) - annotate - [select for diffs], Tue Dec 19 22:43:44 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
remove() -> unlink() for consistency
Revision 1.21 / (download) - annotate - [select for diffs], Sun Nov 12 19:50:37 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.20: +80 -56 lines
Diff to previous 1.20 (colored)
add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
Revision 1.16.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:27 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.16.2.1: +105 -29 lines
Diff to previous 1.16.2.1 (colored) to branchpoint 1.16 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.20 / (download) - annotate - [select for diffs], Wed Oct 11 20:27:23 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.19: +22 -22 lines
Diff to previous 1.19 (colored)
new cipher framework
Revision 1.19 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:49 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.18: +29 -8 lines
Diff to previous 1.18 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.18 / (download) - annotate - [select for diffs], Tue Sep 5 19:18:47 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.17: +56 -1 lines
Diff to previous 1.17 (colored)
enable ssh-add -d for DSA keys
Revision 1.16.2.1 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:17 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.16: +1 -1 lines
Diff to previous 1.16 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.17 / (download) - annotate - [select for diffs], Tue Jun 20 01:39:38 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.16: +1 -1 lines
Diff to previous 1.16 (colored)
OpenBSD tag
Revision 1.16 / (download) - annotate - [select for diffs], Wed Apr 26 21:28:32 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.15: +0 -0 lines
Diff to previous 1.15 (colored)
split auth/sshconnect in one file per protocol version
Revision 1.15 / (download) - annotate - [select for diffs], Wed Apr 26 20:56:29 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.14: +177 -29 lines
Diff to previous 1.14 (colored)
add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
Revision 1.14 / (download) - annotate - [select for diffs], Fri Apr 14 10:30:30 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.13: +7 -7 lines
Diff to previous 1.13 (colored)
whitespace cleanup
Revision 1.13 / (download) - annotate - [select for diffs], Wed Apr 12 09:39:10 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
#include <ssl/foo.h> -> <openssh/foo.h>
Revision 1.12 / (download) - annotate - [select for diffs], Tue Apr 4 21:37:27 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.11: +4 -4 lines
Diff to previous 1.11 (colored)
remove unused argument, split cipher_mask()
Revision 1.11 / (download) - annotate - [select for diffs], Mon Dec 6 19:11:15 1999 UTC (24 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.10: +26 -25 lines
Diff to previous 1.10 (colored)
properly name fd variable
Revision 1.10 / (download) - annotate - [select for diffs], Wed Nov 24 19:53:44 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.9: +36 -27 lines
Diff to previous 1.9 (colored)
KNF, final part 3
Revision 1.9 / (download) - annotate - [select for diffs], Wed Nov 24 00:26:00 1999 UTC (24 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.8: +15 -15 lines
Diff to previous 1.8 (colored)
much more KNF
Revision 1.8 / (download) - annotate - [select for diffs], Tue Nov 23 22:25:52 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.7: +274 -289 lines
Diff to previous 1.7 (colored)
KNF part 1
Revision 1.7 / (download) - annotate - [select for diffs], Mon Oct 11 20:00:35 1999 UTC (24 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.6: +15 -1 lines
Diff to previous 1.6 (colored)
make sure ~/.ssh/authorized_keys is not writable for group/world (sshd)
don't load private keys if they are group/world-{rwx} (ssh,sshd and ssh-add)
Revision 1.6 / (download) - annotate - [select for diffs], Thu Sep 30 18:28:35 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
better way to deal with authfile cipher; dugsong@
Revision 1.5 / (download) - annotate - [select for diffs], Thu Sep 30 16:55:06 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.4: +9 -9 lines
Diff to previous 1.4 (colored)
off_t, but needs more looking at later
Revision 1.4 / (download) - annotate - [select for diffs], Thu Sep 30 16:34:21 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
Changes since 1.3: +3 -2 lines
Diff to previous 1.3 (colored)
we have to enable SSH_CIPHER_NONE for unprotected host keys, etc...
Revision 1.3 / (download) - annotate - [select for diffs], Tue Sep 28 04:45:35 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
Changes since 1.2: +59 -38 lines
Diff to previous 1.2 (colored)
convert all uses of gmp to SSL bignum convert all used of rsa to SSL rsa functions remove all use of randomstate to OpenBSD arc4random() and arc4_stir() all this done at a long long night in Canada.
Revision 1.2 / (download) - annotate - [select for diffs], Sun Sep 26 21:02:15 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +1 -2 lines
Diff to previous 1.1 (colored)
all the idea code goes away
Revision 1.1 / (download) - annotate - [select for diffs], Sun Sep 26 20:53:33 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.