![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.95 / (download) - annotate - [select for diffs], Tue Feb 21 06:48:18 2023 UTC (14 months, 3 weeks ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.94: +9 -8 lines
Diff to previous 1.94 (colored)
fseek to end of known_hosts before writing to it. POSIX and ANSI C require that applications call fseek or similar between read and writing to a RW file. OpenBSD doesn't enforce this, but some (System V derived) platforms need this to prevent it from writing a spurious extra byte (in this case, a newline). ok djm@ deraadt@
Revision 1.94 / (download) - annotate - [select for diffs], Thu Feb 9 09:54:11 2023 UTC (15 months ago) by dtucker
Branch: MAIN
Changes since 1.93: +10 -2 lines
Diff to previous 1.93 (colored)
Ensure that there is a terminating newline when adding a new entry to known_hosts. bz#3529, with git+openssh at limpsquid.nl, ok deraadt@ markus@
Revision 1.93 / (download) - annotate - [select for diffs], Thu Jan 6 22:02:52 2022 UTC (2 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)
piece of UpdateHostkeys client strictification: when updating known_hosts with new keys, ignore NULL keys (forgot to include in prior commit)
Revision 1.92 / (download) - annotate - [select for diffs], Sat Oct 2 03:17:01 2021 UTC (2 years, 7 months ago) by dtucker
Branch: MAIN
Changes since 1.91: +11 -9 lines
Diff to previous 1.91 (colored)
Dynamically allocate encoded HashKnownHosts and free as appropriate. Saves 1k of static storage and prevents snprintf "possible truncation" warnings from newer compilers (although in this case it's false positive since the actual sizes are limited by the output size of the SHA1). ok djm@
Revision 1.91 / (download) - annotate - [select for diffs], Mon Jul 5 01:16:46 2021 UTC (2 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored)
Order includes as per style(9). Portable already has these so this removes a handful of diffs between the two.
Revision 1.90 / (download) - annotate - [select for diffs], Sat Apr 3 06:58:30 2021 UTC (3 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)
typos in comments; GHPR#180 from Ville Skyttä
Revision 1.89 / (download) - annotate - [select for diffs], Tue Jan 26 00:51:30 2021 UTC (3 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.88: +1 -6 lines
Diff to previous 1.88 (colored)
make struct hostkeys public; I have no idea why I made it opaque originally. ok markus@
Revision 1.88 / (download) - annotate - [select for diffs], Tue Jan 26 00:49:30 2021 UTC (3 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.87: +2 -1 lines
Diff to previous 1.87 (colored)
move check_host_cert() from sshconnect,c to sshkey.c and refactor it to make it more generally usable and testable. ok markus@
Revision 1.87 / (download) - annotate - [select for diffs], Sun Dec 20 23:36:51 2020 UTC (3 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.86: +43 -11 lines
Diff to previous 1.86 (colored)
load_hostkeys()/hostkeys_foreach() variants for FILE* Add load_hostkeys_file() and hostkeys_foreach_file() that accept a FILE* argument instead of opening the file directly. Original load_hostkeys() and hostkeys_foreach() are implemented using these new interfaces. Add a u_int note field to the hostkey_entry and hostkey_foreach_line structs that is passed directly from the load_hostkeys() and hostkeys_foreach() call. This is a lightweight way to annotate results between different invocations of load_hostkeys(). ok markus@
Revision 1.86 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:01 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.85: +26 -31 lines
Diff to previous 1.85 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.85 / (download) - annotate - [select for diffs], Sun Oct 11 22:13:37 2020 UTC (3 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.84: +49 -28 lines
Diff to previous 1.84 (colored)
UpdateHostkeys: better CheckHostIP handling When preparing to update the known_hosts file, fully check both entries for both the host and the address (if CheckHostIP enabled) and ensure that, at the end of the operation, entries for both are recorded. Make sure this works with HashKnownHosts too, which requires maintaining a list of entry-types seen across the whole file for each key. ok markus@
Revision 1.84 / (download) - annotate - [select for diffs], Wed Oct 7 02:25:43 2020 UTC (3 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.83: +4 -1 lines
Diff to previous 1.83 (colored)
Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bug When all of UpdateHostkeys, HashKnownHosts and ChechHostIP were enabled and new host keys were learned, known_hosts IP entries were not being recorded for new host keys. reported by matthieu@ ok markus@
Revision 1.83 / (download) - annotate - [select for diffs], Sun Oct 4 09:45:01 2020 UTC (3 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.82: +9 -5 lines
Diff to previous 1.82 (colored)
when ordering host key algorithms in the client, consider the ECDSA key subtype; ok markus@
Revision 1.82 / (download) - annotate - [select for diffs], Fri Jun 26 05:42:16 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.81: +14 -9 lines
Diff to previous 1.81 (colored)
avoid spurious error message when ssh-keygen creates files outside ~/.ssh; with dtucker@
Revision 1.81 / (download) - annotate - [select for diffs], Fri Jun 26 05:02:03 2020 UTC (3 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.80: +31 -1 lines
Diff to previous 1.80 (colored)
Defer creation of ~/.ssh by ssh(1) until we attempt to write to it so we don't leave an empty .ssh directory when it's not needed. Use the same function to replace the code in ssh-keygen that does the same thing. bz#3156, ok djm@
Revision 1.80 / (download) - annotate - [select for diffs], Wed May 13 09:52:41 2020 UTC (4 years ago) by djm
Branch: MAIN
Changes since 1.79: +13 -1 lines
Diff to previous 1.79 (colored)
when ordering the hostkey algorithms to request from a server, prefer certificate types if the known_hosts files contain a key marked as a @cert-authority; bz#3157 ok markus@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Mar 6 18:25:12 2020 UTC (4 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)
fix possible null-deref in check_key_not_revoked; ok djm
Revision 1.78 / (download) - annotate - [select for diffs], Wed Feb 26 13:40:09 2020 UTC (4 years, 2 months ago) by jsg
Branch: MAIN
Changes since 1.77: +2 -3 lines
Diff to previous 1.77 (colored)
change explicit_bzero();free() to freezero() While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@
Revision 1.77 / (download) - annotate - [select for diffs], Sat Jan 25 00:21:08 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.76: +2 -1 lines
Diff to previous 1.76 (colored)
allow UpdateKnownHosts=yes to function when multiple known_hosts files are in use. When updating host keys, ssh will now search subsequent known_hosts files, but will add new/changed host keys to the first specified file only. bz#2738 ok markus@
Revision 1.76 / (download) - annotate - [select for diffs], Sun Jul 7 01:05:00 2019 UTC (4 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.75: +2 -3 lines
Diff to previous 1.75 (colored)
Remove some set but never used variables. ok daraadt@
Revision 1.75 / (download) - annotate - [select for diffs], Fri Jun 28 01:23:50 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
oops, from asou
Revision 1.74 / (download) - annotate - [select for diffs], Thu Jun 27 18:03:37 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.73: +3 -3 lines
Diff to previous 1.73 (colored)
Some asprintf() calls were checked < 0, rather than the precise == -1. ok millert nicm tb, etc
Revision 1.73 / (download) - annotate - [select for diffs], Mon Jul 16 03:09:13 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)
memleaks; found by valgrind
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jun 6 18:29:18 2018 UTC (5 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.71: +9 -6 lines
Diff to previous 1.71 (colored)
switch config file parsing to getline(3) as this avoids static limits noted by gerhard@; ok dtucker@, djm@
Revision 1.71 / (download) - annotate - [select for diffs], Wed May 31 09:15:42 2017 UTC (6 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus
Revision 1.70 / (download) - annotate - [select for diffs], Sun Apr 30 23:18:44 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.69: +3 -15 lines
Diff to previous 1.69 (colored)
remove KEY_RSA1 ok markus@
Revision 1.69 / (download) - annotate - [select for diffs], Sun Apr 30 23:10:43 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.68: +1 -14 lines
Diff to previous 1.68 (colored)
unifdef WITH_SSH1 ok markus@
Revision 1.68 / (download) - annotate - [select for diffs], Fri Mar 10 04:26:06 2017 UTC (7 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.67: +12 -7 lines
Diff to previous 1.67 (colored)
ensure hostname is lower-case before hashing it; bz#2591 reported by Griff Miller II; ok dtucker@
Revision 1.67 / (download) - annotate - [select for diffs], Sat Sep 17 18:00:27 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.66: +3 -4 lines
Diff to previous 1.66 (colored)
replace two arc4random loops with arc4random_buf ok deraadt natano
Revision 1.66 / (download) - annotate - [select for diffs], Mon May 4 06:10:48 2015 UTC (9 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
Revision 1.65 / (download) - annotate - [select for diffs], Tue Mar 31 22:57:06 2015 UTC (9 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.64: +5 -4 lines
Diff to previous 1.64 (colored)
downgrade error() for known_hosts parse errors to debug() to quiet warnings from ssh1 keys present when compiled !ssh1. also identify ssh1 keys when scanning, even when compiled !ssh1 ok markus@ miod@
Revision 1.64 / (download) - annotate - [select for diffs], Mon Feb 16 22:08:57 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.63: +143 -76 lines
Diff to previous 1.63 (colored)
Refactor hostkeys_foreach() and dependent code Deal with IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing changed ok markus@ as part of larger commit
Revision 1.63 / (download) - annotate - [select for diffs], Mon Jan 26 13:36:53 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.62: +4 -2 lines
Diff to previous 1.62 (colored)
properly restore umask
Revision 1.62 / (download) - annotate - [select for diffs], Mon Jan 26 03:04:45 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.61: +190 -16 lines
Diff to previous 1.61 (colored)
Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
Revision 1.61 / (download) - annotate - [select for diffs], Sun Jan 18 21:48:09 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.60: +55 -92 lines
Diff to previous 1.60 (colored)
convert load_hostkeys() (hostkey ordering and known_host matching) to use the new hostkey_foreach() iterator; ok markus
Revision 1.60 / (download) - annotate - [select for diffs], Sun Jan 18 21:40:23 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.59: +145 -2 lines
Diff to previous 1.59 (colored)
introduce hostkeys_foreach() to allow iteration over a known_hosts file or controlled subset thereof. This will allow us to pull out some ugly and duplicated code, and will be used to implement hostkey rotation later. feedback and ok markus
Revision 1.59 / (download) - annotate - [select for diffs], Thu Jan 15 09:40:00 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.58: +40 -34 lines
Diff to previous 1.58 (colored)
sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@
Revision 1.58 / (download) - annotate - [select for diffs], Mon Oct 20 03:43:01 2014 UTC (9 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.57: +3 -3 lines
Diff to previous 1.57 (colored)
whitespace
Revision 1.57 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.56: +2 -1 lines
Diff to previous 1.56 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.56 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
Changes since 1.55: +7 -1 lines
Diff to previous 1.55 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.55 / (download) - annotate - [select for diffs], Fri Jan 31 16:39:19 2014 UTC (10 years, 3 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.54: +3 -3 lines
Diff to previous 1.54 (colored)
replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jan 27 18:58:14 2014 UTC (10 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.53: +14 -15 lines
Diff to previous 1.53 (colored)
replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@
Revision 1.53 / (download) - annotate - [select for diffs], Thu Jan 9 23:20:00 2014 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.52: +2 -1 lines
Diff to previous 1.52 (colored)
Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
Revision 1.52 / (download) - annotate - [select for diffs], Fri Jul 12 00:19:58 2013 UTC (10 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.51: +10 -7 lines
Diff to previous 1.51 (colored)
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
Revision 1.51 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.50: +7 -9 lines
Diff to previous 1.50 (colored)
bye, bye xfree(); ok markus@
Revision 1.50 / (download) - annotate - [select for diffs], Sat Dec 4 13:31:37 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.49: +2 -1 lines
Diff to previous 1.49 (colored)
fix fd leak; spotted and ok dtucker@
Revision 1.49 / (download) - annotate - [select for diffs], Mon Nov 29 23:45:51 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.48: +176 -125 lines
Diff to previous 1.48 (colored)
automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
Revision 1.48 / (download) - annotate - [select for diffs], Thu Mar 4 10:36:03 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.47: +81 -21 lines
Diff to previous 1.47 (colored)
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
Revision 1.47 / (download) - annotate - [select for diffs], Fri Feb 26 20:29:54 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.46: +27 -4 lines
Diff to previous 1.46 (colored)
Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
Revision 1.46 / (download) - annotate - [select for diffs], Sun Oct 11 23:03:15 2009 UTC (14 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
mention the host name that we are looking for in check_host_in_hostfile()
Revision 1.35.2.2 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.35.2.1: +13 -6 lines
Diff to previous 1.35.2.1 (colored) to branchpoint 1.35 (colored) next main 1.36 (colored)
upgrade to OpenSSH 4.4
Revision 1.37.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.37: +12 -5 lines
Diff to previous 1.37 (colored) next main 1.38 (colored)
upgrade to OpenSSH 4.4
Revision 1.45 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:42 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.44: +2 -4 lines
Diff to previous 1.44 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.44 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)
move #include <stdio.h> out of includes.h
Revision 1.43 / (download) - annotate - [select for diffs], Wed Jul 26 13:57:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.42: +5 -4 lines
Diff to previous 1.42 (colored)
move #include <stdlib.h> out of includes.h
Revision 1.42 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:23 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.41: +2 -1 lines
Diff to previous 1.41 (colored)
move #include <string.h> out of includes.h
Revision 1.41 / (download) - annotate - [select for diffs], Wed Jul 5 02:42:09 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.40: +5 -1 lines
Diff to previous 1.40 (colored)
move #include <netinet/in.h> out of includes.h; ok deraadt@
Revision 1.40 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:02 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.39: +1 -0 lines
Diff to previous 1.39 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.39 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.38: +0 -1 lines
Diff to previous 1.38 (colored)
RCSID() can die
Revision 1.38 / (download) - annotate - [select for diffs], Sun Mar 19 02:23:26 2006 UTC (18 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.37: +4 -2 lines
Diff to previous 1.37 (colored)
FILE* leak detected by Coverity via elad AT netbsd.org; ok deraadt@
Revision 1.37 / (download) - annotate - [select for diffs], Tue Feb 7 03:47:05 2006 UTC (18 years, 3 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)
"packet.h" not needed
Revision 1.35.2.1 / (download) - annotate - [select for diffs], Fri Feb 3 03:01:56 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored)
upgrade to OpenSSH 4.3
Revision 1.34.2.2 / (download) - annotate - [select for diffs], Fri Feb 3 02:53:44 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.34.2.1: +3 -3 lines
Diff to previous 1.34.2.1 (colored) to branchpoint 1.34 (colored) next main 1.35 (colored)
upgrade to OpenSSH 4.3
Revision 1.36 / (download) - annotate - [select for diffs], Tue Nov 22 03:36:03 2005 UTC (18 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored)
Correct format/arguments to debug call; spotted by shaw at vranix.com ok djm@
Revision 1.34.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:02 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
upgrade to OpenSSH 4.2
Revision 1.32.4.3 / (download) - annotate - [select for diffs], Fri Sep 2 03:45:00 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.32.4.2: +2 -2 lines
Diff to previous 1.32.4.2 (colored) to branchpoint 1.32 (colored) next main 1.33 (colored)
upgrade to OpenSSH 4.2
Revision 1.35 / (download) - annotate - [select for diffs], Wed Jul 27 10:39:03 2005 UTC (18 years, 9 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
Silence bogus -Wuninitialized warnings; ok djm@
Revision 1.32.4.2 / (download) - annotate - [select for diffs], Sun Jun 5 02:22:39 2005 UTC (18 years, 11 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.32.4.1: +4 -4 lines
Diff to previous 1.32.4.1 (colored) to branchpoint 1.32 (colored)
upgrade to OpenSSH 4.1
Revision 1.34 / (download) - annotate - [select for diffs], Thu Mar 10 22:01:05 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.33: +4 -4 lines
Diff to previous 1.33 (colored)
spacing
Revision 1.32.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.32: +117 -6 lines
Diff to previous 1.32 (colored) next main 1.33 (colored)
upgrade to OpenSSH 4.0
Revision 1.32.4.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.32: +117 -6 lines
Diff to previous 1.32 (colored)
upgrade to OpenSSH 4.0
Revision 1.33 / (download) - annotate - [select for diffs], Tue Mar 1 10:40:26 2005 UTC (19 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.32: +117 -6 lines
Diff to previous 1.32 (colored)
add support for hashing host names and addresses added to known_hosts files, to improve privacy of which hosts user have been visiting; ok markus@ deraadt@
Revision 1.30.4.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.30.4.1: +5 -5 lines
Diff to previous 1.30.4.1 (colored) to branchpoint 1.30 (colored) next main 1.31 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.31.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:33 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.31: +5 -5 lines
Diff to previous 1.31 (colored) next main 1.32 (colored)
upgrade to OpenSSH 3.8
Revision 1.32 / (download) - annotate - [select for diffs], Mon Nov 10 16:23:41 2003 UTC (20 years, 6 months ago) by jakob
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_6,
OPENBSD_3_5
Changes since 1.31: +5 -5 lines
Diff to previous 1.31 (colored)
constify. ok markus@ & djm@
Revision 1.30.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:25 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.30: +3 -3 lines
Diff to previous 1.30 (colored) next main 1.31 (colored)
upgrade to OpenSSH 3.7
Revision 1.30.4.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:43 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.30: +3 -3 lines
Diff to previous 1.30 (colored)
upgrade to OpenSSH 3.7
Revision 1.31 / (download) - annotate - [select for diffs], Tue Apr 8 20:21:28 2003 UTC (21 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.30: +3 -3 lines
Diff to previous 1.30 (colored)
rename log() into logit() to avoid name conflict. markus ok, from netbsd
Revision 1.28.2.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:06 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.28.2.1: +36 -8 lines
Diff to previous 1.28.2.1 (colored) to branchpoint 1.28 (colored) next main 1.29 (colored)
Update to OpenSSH 3.5
Revision 1.29.2.1 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:52 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.29: +36 -8 lines
Diff to previous 1.29 (colored) next main 1.30 (colored)
Update to OpenSSH 3.5
Revision 1.30 / (download) - annotate - [select for diffs], Wed Jul 24 16:11:18 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_3,
OPENBSD_3_2
Changes since 1.29: +36 -8 lines
Diff to previous 1.29 (colored)
print out all known keys for a host if we get a unknown host key, see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 the ssharp mitm tool attacks users in a similar way, so i'd like to pointed out again: A MITM attack is always possible if the ssh client prints: The authenticity of host 'bla' can't be established. (protocol version 2 with pubkey authentication allows you to detect MITM attacks)
Revision 1.26.2.2 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:44 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.26.2.1: +2 -13 lines
Diff to previous 1.26.2.1 (colored) to branchpoint 1.26 (colored) next main 1.27 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.20.2.6 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:42 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.20.2.5: +2 -13 lines
Diff to previous 1.20.2.5 (colored) to branchpoint 1.20 (colored) next main 1.21 (colored)
Merge OpenSSH 3.1.
Revision 1.28.2.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.28: +2 -13 lines
Diff to previous 1.28 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.29 / (download) - annotate - [select for diffs], Tue Dec 18 10:04:21 2001 UTC (22 years, 5 months ago) by jakob
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.28: +2 -13 lines
Diff to previous 1.28 (colored)
remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
Revision 1.26.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.26: +4 -4 lines
Diff to previous 1.26 (colored)
Pull in OpenSSH-2.9.9
Revision 1.20.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:42 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.20.2.4: +4 -4 lines
Diff to previous 1.20.2.4 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jun 25 08:25:37 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
update copyright for 2001
Revision 1.27 / (download) - annotate - [select for diffs], Sat Jun 23 15:12:18 2001 UTC (22 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.26: +3 -3 lines
Diff to previous 1.26 (colored)
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
Revision 1.20.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:29 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.3: +5 -6 lines
Diff to previous 1.20.2.3 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.26 / (download) - annotate - [select for diffs], Thu Apr 12 19:15:24 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.25: +3 -1 lines
Diff to previous 1.25 (colored)
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
Revision 1.25 / (download) - annotate - [select for diffs], Fri Apr 6 22:12:47 2001 UTC (23 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.24: +3 -6 lines
Diff to previous 1.24 (colored)
unused; typo in comment
Revision 1.20.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:25 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.2: +0 -0 lines
Diff to previous 1.20.2.2 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.18.2.5 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:46 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.4: +0 -0 lines
Diff to previous 1.18.2.4 (colored) to branchpoint 1.18 (colored) next main 1.19 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.18.2.4 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:10 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.3: +15 -15 lines
Diff to previous 1.18.2.3 (colored) to branchpoint 1.18 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.20.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:18:57 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20.2.1: +0 -0 lines
Diff to previous 1.20.2.1 (colored) to branchpoint 1.20 (colored)
Pull in OpenSSH-2.5.1
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:13:03 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.20: +15 -15 lines
Diff to previous 1.20 (colored)
Pull in OpenSSH 2.5.0
Revision 1.24 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:49 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.23: +2 -4 lines
Diff to previous 1.23 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.23 / (download) - annotate - [select for diffs], Thu Dec 21 15:10:16 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.22: +6 -2 lines
Diff to previous 1.22 (colored)
print keyfile:line for changed hostkeys, for deraadt@; ok deraadt@
Revision 1.22 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:56 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.21 / (download) - annotate - [select for diffs], Sun Nov 12 19:50:37 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.20: +5 -7 lines
Diff to previous 1.20 (colored)
add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
Revision 1.18.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:49 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.2: +30 -8 lines
Diff to previous 1.18.2.2 (colored) to branchpoint 1.18 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.20 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:51 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.19: +30 -8 lines
Diff to previous 1.19 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.18.2.2 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:20 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.1: +0 -0 lines
Diff to previous 1.18.2.1 (colored) to branchpoint 1.18 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.18.2.1 / (download) - annotate - [select for diffs], Mon Jun 12 02:37:33 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
lovin' CVS... update patch branch to OpenSSH-2.1.1
Revision 1.19 / (download) - annotate - [select for diffs], Tue Jun 6 19:32:13 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
fix match_hostname() logic for auth-rsa: deny access if we have a negative match or no match at all
Revision 1.18 / (download) - annotate - [select for diffs], Sat Apr 29 18:11:52 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
keysize warnings error() -> log()
Revision 1.17 / (download) - annotate - [select for diffs], Wed Apr 26 20:56:29 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.16: +6 -17 lines
Diff to previous 1.16 (colored)
add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
Revision 1.16 / (download) - annotate - [select for diffs], Fri Apr 14 10:30:31 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.15: +7 -7 lines
Diff to previous 1.15 (colored)
whitespace cleanup
Revision 1.15 / (download) - annotate - [select for diffs], Wed Apr 12 09:39:10 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored)
#include <ssl/foo.h> -> <openssh/foo.h>
Revision 1.14 / (download) - annotate - [select for diffs], Thu Mar 23 22:15:33 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.13: +49 -144 lines
Diff to previous 1.13 (colored)
initial support for DSA keys. ok deraadt@, niels@
Revision 1.13 / (download) - annotate - [select for diffs], Fri Feb 18 10:20:20 2000 UTC (24 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.12: +5 -8 lines
Diff to previous 1.12 (colored)
remove unused variable 'len'. fix comments.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Feb 16 13:18:51 2000 UTC (24 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.11: +2 -5 lines
Diff to previous 1.11 (colored)
remove unused variable
Revision 1.11 / (download) - annotate - [select for diffs], Tue Jan 4 00:07:59 2000 UTC (24 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.10: +0 -0 lines
Diff to previous 1.10 (colored)
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features: sshd allows multiple ListenAddress and Port options. note that libwrap is not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and fujiwara@rcac.tdi.co.jp)
Revision 1.10 / (download) - annotate - [select for diffs], Thu Dec 2 20:18:59 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.9: +4 -4 lines
Diff to previous 1.9 (colored)
indent, shorter warning
Revision 1.9 / (download) - annotate - [select for diffs], Wed Nov 24 19:53:47 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.8: +70 -49 lines
Diff to previous 1.8 (colored)
KNF, final part 3
Revision 1.8 / (download) - annotate - [select for diffs], Wed Nov 24 00:26:02 1999 UTC (24 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.7: +14 -14 lines
Diff to previous 1.7 (colored)
much more KNF
Revision 1.7 / (download) - annotate - [select for diffs], Tue Nov 23 22:25:53 1999 UTC (24 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.6: +218 -227 lines
Diff to previous 1.6 (colored)
KNF part 1
Revision 1.6 / (download) - annotate - [select for diffs], Tue Nov 16 15:44:41 1999 UTC (24 years, 6 months ago) by provos
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
in known_hosts key lookup the entry for the bits does not need to match, all the information is contained in n and e. This solves the problem with buggy servers announcing the wrong modulus length. markus and me.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Nov 15 20:53:24 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.4: +26 -19 lines
Diff to previous 1.4 (colored)
the keysize of rsa-parameter 'n' is passed implizit, a few more checks and warnings about 'pretended' keysizes.
Revision 1.4 / (download) - annotate - [select for diffs], Tue Nov 2 19:42:36 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.3: +11 -3 lines
Diff to previous 1.3 (colored)
replace assert() with error, fatal or packet_disconnect
Revision 1.3 / (download) - annotate - [select for diffs], Sun Oct 3 21:50:03 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.2: +3 -11 lines
Diff to previous 1.2 (colored)
add code to detect DNS spoofing: the main idea is to not only store the host key for the hostname but also for the according IP address. When we check the host key in the known_hosts file, we also check the key against the according IP address. When the server key changes, host_status = HOST_CHANGED. If check_host_in_hostfile() returns differing status for the IP address that means that either DNS was spoofed or that the IP address for the host and the host key changed at the same time.
Revision 1.2 / (download) - annotate - [select for diffs], Tue Sep 28 04:45:36 1999 UTC (24 years, 7 months ago) by provos
Branch: MAIN
Changes since 1.1: +37 -25 lines
Diff to previous 1.1 (colored)
convert all uses of gmp to SSL bignum convert all used of rsa to SSL rsa functions remove all use of randomstate to OpenBSD arc4random() and arc4_stir() all this done at a long long night in Canada.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Sep 26 20:53:36 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.