![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.74 / (download) - annotate - [select for diffs], Tue Apr 30 05:53:03 2024 UTC (2 weeks, 3 days ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)
stricter validation of messaging socket fd number; disallow usage of stderr. Based on GHPR492 by RealHurrison
Revision 1.73 / (download) - annotate - [select for diffs], Thu Jan 11 01:51:16 2024 UTC (4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.72: +4 -1 lines
Diff to previous 1.72 (colored)
ensure key_fd is filled when DSA is disabled; spotted by tb@
Revision 1.72 / (download) - annotate - [select for diffs], Thu Jan 11 01:45:36 2024 UTC (4 months ago) by djm
Branch: MAIN
Changes since 1.71: +3 -1 lines
Diff to previous 1.71 (colored)
make DSA key support compile-time optional, defaulting to on ok markus@
Revision 1.71 / (download) - annotate - [select for diffs], Mon Aug 1 11:09:26 2022 UTC (21 months, 2 weeks ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.70: +2 -4 lines
Diff to previous 1.70 (colored)
avoid double-free in error path introduced in r1.70; report and fix based on GHPR#332 by v-rzh ok dtucker@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Jan 6 22:00:18 2022 UTC (2 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.69: +20 -9 lines
Diff to previous 1.69 (colored)
make ssh-keysign use the requested signature algorithm and not the default for the keytype. Part of unbreaking hostbased auth for RSA/SHA2 keys. ok markus@
Revision 1.69 / (download) - annotate - [select for diffs], Sat Nov 13 17:26:13 2021 UTC (2 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.68: +5 -4 lines
Diff to previous 1.68 (colored)
It really looks like pledge "stdio dns" is possible earlier. Discussed with mestre
Revision 1.68 / (download) - annotate - [select for diffs], Wed Nov 10 06:25:08 2021 UTC (2 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.67: +6 -3 lines
Diff to previous 1.67 (colored)
fix ssh-keysign for KEX algorithms that use SHA384/512 exchange hashes; feedback/ok markus@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Jul 5 01:16:46 2021 UTC (2 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.66: +3 -3 lines
Diff to previous 1.66 (colored)
Order includes as per style(9). Portable already has these so this removes a handful of diffs between the two.
Revision 1.66 / (download) - annotate - [select for diffs], Thu Dec 17 23:10:27 2020 UTC (3 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
prepare readconf.c for fuzzing; remove fatal calls and fix some (one-off) memory leaks; ok markus@
Revision 1.65 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:02 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.64: +27 -26 lines
Diff to previous 1.64 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.64 / (download) - annotate - [select for diffs], Thu Aug 27 01:06:18 2020 UTC (3 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
support for user-verified FIDO keys FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@
Revision 1.63 / (download) - annotate - [select for diffs], Mon Nov 18 16:10:05 2019 UTC (4 years, 5 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored)
additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@
Revision 1.62 / (download) - annotate - [select for diffs], Thu Oct 31 21:23:19 2019 UTC (4 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.61: +3 -3 lines
Diff to previous 1.61 (colored)
Refactor signing - use sshkey_sign for everything, including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@
Revision 1.61 / (download) - annotate - [select for diffs], Wed Oct 2 00:42:30 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.60: +1 -2 lines
Diff to previous 1.60 (colored)
remove some duplicate #includes
Revision 1.60 / (download) - annotate - [select for diffs], Fri Sep 6 05:23:55 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.59: +5 -3 lines
Diff to previous 1.59 (colored)
fixes for !WITH_OPENSSL compilation; ok dtucker@
Revision 1.59 / (download) - annotate - [select for diffs], Fri Sep 6 04:53:27 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.58: +2 -1 lines
Diff to previous 1.58 (colored)
lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly
Revision 1.58 / (download) - annotate - [select for diffs], Fri Jun 14 03:28:19 2019 UTC (4 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
if passed a bad fd, log what it was
Revision 1.57 / (download) - annotate - [select for diffs], Thu Jun 6 05:13:13 2019 UTC (4 years, 11 months ago) by otto
Branch: MAIN
Changes since 1.56: +1 -2 lines
Diff to previous 1.56 (colored)
Replace calls to ssh_malloc_init() by a static init of malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
Revision 1.56 / (download) - annotate - [select for diffs], Fri Nov 23 05:08:07 2018 UTC (5 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.55: +3 -2 lines
Diff to previous 1.55 (colored)
add a ssh_config "Match final" predicate Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus
Revision 1.55 / (download) - annotate - [select for diffs], Fri Jul 27 05:34:42 2018 UTC (5 years, 9 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.54: +2 -6 lines
Diff to previous 1.54 (colored)
Now that ssh can't be setuid, remove the original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@
Revision 1.54 / (download) - annotate - [select for diffs], Fri Feb 23 15:58:38 2018 UTC (6 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.53: +3 -2 lines
Diff to previous 1.53 (colored)
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@
Revision 1.53 / (download) - annotate - [select for diffs], Wed Feb 7 22:52:45 2018 UTC (6 years, 3 months ago) by dtucker
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)
ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@
Revision 1.52 / (download) - annotate - [select for diffs], Mon Feb 15 09:47:49 2016 UTC (8 years, 3 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.51: +2 -1 lines
Diff to previous 1.51 (colored)
Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while.
Revision 1.51 / (download) - annotate - [select for diffs], Fri Dec 4 16:41:28 2015 UTC (8 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.50: +3 -2 lines
Diff to previous 1.50 (colored)
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)
based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt;
with & ok djm@
Revision 1.50 / (download) - annotate - [select for diffs], Sun Nov 29 22:18:37 2015 UTC (8 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.49: +16 -7 lines
Diff to previous 1.49 (colored)
pledge, better fatal() messages; feedback deraadt@
Revision 1.49 / (download) - annotate - [select for diffs], Fri Jul 3 03:56:25 2015 UTC (8 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.48: +2 -1 lines
Diff to previous 1.48 (colored)
add an XXX reminder for getting correct key paths from sshd_config
Revision 1.48 / (download) - annotate - [select for diffs], Tue Mar 24 20:09:11 2015 UTC (9 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
consistent check for NULL as noted by Nicholas Lemonias; ok djm@
Revision 1.47 / (download) - annotate - [select for diffs], Wed Jan 28 22:36:00 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.46: +4 -3 lines
Diff to previous 1.46 (colored)
update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jan 15 09:40:00 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.45: +68 -52 lines
Diff to previous 1.45 (colored)
sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@
Revision 1.45 / (download) - annotate - [select for diffs], Thu Jan 8 10:14:08 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.44: +13 -8 lines
Diff to previous 1.44 (colored)
deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
Revision 1.44 / (download) - annotate - [select for diffs], Sun Dec 21 22:27:56 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.43: +3 -2 lines
Diff to previous 1.43 (colored)
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
Revision 1.43 / (download) - annotate - [select for diffs], Wed Oct 8 22:20:25 2014 UTC (9 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
Tweak config reparsing with host canonicalisation Make the second pass through the config files always run when hostname canonicalisation is enabled. Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T" Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored). bz#2267 bz#2286; ok markus
Revision 1.42 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.41: +4 -1 lines
Diff to previous 1.41 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.41 / (download) - annotate - [select for diffs], Sat Apr 19 14:53:48 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.40: +1 -5 lines
Diff to previous 1.40 (colored)
Delete futile calls to RAND_seed. ok djm
Revision 1.40 / (download) - annotate - [select for diffs], Tue Apr 1 02:05:27 2014 UTC (10 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.39: +8 -6 lines
Diff to previous 1.39 (colored)
include fingerprint of key not found use arc4random_buf() instead of loop+arc4random()
Revision 1.39 / (download) - annotate - [select for diffs], Fri Dec 6 13:39:49 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.38: +3 -2 lines
Diff to previous 1.38 (colored)
support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
Revision 1.38 / (download) - annotate - [select for diffs], Mon Oct 14 22:22:04 2013 UTC (10 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
add a "Match" keyword to ssh_config that allows matching on hostname, user and result of arbitrary commands. "nice work" markus@
Revision 1.37 / (download) - annotate - [select for diffs], Fri May 17 00:13:14 2013 UTC (11 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.36: +10 -10 lines
Diff to previous 1.36 (colored)
bye, bye xfree(); ok markus@
Revision 1.36 / (download) - annotate - [select for diffs], Wed Feb 16 00:31:14 2011 UTC (13 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.35: +15 -8 lines
Diff to previous 1.35 (colored)
make hostbased auth with ECDSA keys work correctly. Based on patch by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
Revision 1.35 / (download) - annotate - [select for diffs], Tue Aug 31 12:33:38 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
reintroduce commit from tedu@, which I pulled out for release engineering: OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
Revision 1.34 / (download) - annotate - [select for diffs], Mon Aug 16 04:06:06 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.33: +1 -1 lines
Diff to previous 1.33 (colored)
backout previous temporarily; discussed with deraadt@
Revision 1.33 / (download) - annotate - [select for diffs], Thu Aug 12 23:34:39 2010 UTC (13 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
Revision 1.32 / (download) - annotate - [select for diffs], Wed Aug 4 06:08:40 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
clean for -Wuninitialized
Revision 1.31 / (download) - annotate - [select for diffs], Wed Aug 4 05:42:47 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
enable certificates for hostbased authentication, from Iain Morgan; "looks ok" markus@
Revision 1.30 / (download) - annotate - [select for diffs], Wed Jan 13 01:20:20 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
Make HostBased authentication work with a ProxyCommand. bz #1569, patch from imorgan at nas nasa gov, ok djm@
Revision 1.18.6.2 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:33 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.18.6.1: +13 -6 lines
Diff to previous 1.18.6.1 (colored) to branchpoint 1.18 (colored) next main 1.19 (colored)
upgrade to OpenSSH 4.4
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:51 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.20: +12 -7 lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
upgrade to OpenSSH 4.4
Revision 1.29 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:42 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.28: +2 -4 lines
Diff to previous 1.28 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.28 / (download) - annotate - [select for diffs], Wed Jul 26 13:57:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)
move #include <stdlib.h> out of includes.h
Revision 1.27 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:23 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
move #include <string.h> out of includes.h
Revision 1.26 / (download) - annotate - [select for diffs], Mon Jul 17 01:31:10 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.25: +2 -1 lines
Diff to previous 1.25 (colored)
move #include <unistd.h> out of includes.h
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jul 9 15:15:11 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)
move #include <fcntl.h> out of includes.h
Revision 1.24 / (download) - annotate - [select for diffs], Thu Jul 6 16:03:53 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.23: +5 -2 lines
Diff to previous 1.23 (colored)
move #include <pwd.h> out of includes.h; ok markus@
Revision 1.23 / (download) - annotate - [select for diffs], Sun Apr 2 08:34:52 2006 UTC (18 years, 1 month ago) by dtucker
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
Revision 1.22 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:02 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.21: +1 -0 lines
Diff to previous 1.21 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.21 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.20: +0 -1 lines
Diff to previous 1.20 (colored)
RCSID() can die
Revision 1.20 / (download) - annotate - [select for diffs], Wed Feb 8 12:15:27 2006 UTC (18 years, 3 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.19: +3 -1 lines
Diff to previous 1.19 (colored)
move #include <paths.h> out of includes.h; ok markus@
Revision 1.18.6.1 / (download) - annotate - [select for diffs], Fri Feb 3 03:01:57 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.18: +8 -1 lines
Diff to previous 1.18 (colored)
upgrade to OpenSSH 4.3
Revision 1.18.4.1 / (download) - annotate - [select for diffs], Fri Feb 3 02:53:45 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.18: +8 -1 lines
Diff to previous 1.18 (colored) next main 1.19 (colored)
upgrade to OpenSSH 4.3
Revision 1.19 / (download) - annotate - [select for diffs], Tue Sep 13 23:40:07 2005 UTC (18 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.18: +8 -1 lines
Diff to previous 1.18 (colored)
ensure that stdio fds are attached; ok deraadt@
Revision 1.18 / (download) - annotate - [select for diffs], Mon Aug 23 14:29:23 2004 UTC (19 years, 8 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_7_BASE,
OPENBSD_3_6_BASE,
OPENBSD_3_6
Branch point for: OPENBSD_3_8,
OPENBSD_3_7
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Remove duplicate getuid(), suggested by & ok markus@
Revision 1.17 / (download) - annotate - [select for diffs], Mon Aug 23 14:26:38 2004 UTC (19 years, 8 months ago) by dtucker
Branch: MAIN
Changes since 1.16: +7 -7 lines
Diff to previous 1.16 (colored)
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches change in Portable; ok markus@
Revision 1.13.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:32 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.13.2.1: +2 -2 lines
Diff to previous 1.13.2.1 (colored) to branchpoint 1.13 (colored) next main 1.14 (colored)
upgrade to OpenSSH 3.9
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:27 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored) next main 1.16 (colored)
upgrade to OpenSSH 3.9
Revision 1.16 / (download) - annotate - [select for diffs], Sun Apr 18 23:10:26 2004 UTC (20 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
perform strict ownership and modes checks for ~/.ssh/config files, as these can be used to execute arbitrary programs; ok markus@ NB. ssh will now exit when it detects a config with poor permissions
Revision 1.10.2.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:16 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.10.2.1: +4 -2 lines
Diff to previous 1.10.2.1 (colored) to branchpoint 1.10 (colored) next main 1.11 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:34 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.13: +4 -2 lines
Diff to previous 1.13 (colored)
upgrade to OpenSSH 3.8
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jan 19 21:25:15 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.14: +2 -1 lines
Diff to previous 1.14 (colored)
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
Revision 1.14 / (download) - annotate - [select for diffs], Mon Nov 17 09:45:39 2003 UTC (20 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.13: +3 -2 lines
Diff to previous 1.13 (colored)
return error on msg send/receive failure (rather than fatal); ok markus@
Revision 1.7.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:28 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.7.2.1: +4 -3 lines
Diff to previous 1.7.2.1 (colored) to branchpoint 1.7 (colored) next main 1.8 (colored)
upgrade to OpenSSH 3.7
Revision 1.10.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:44 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.10: +4 -3 lines
Diff to previous 1.10 (colored)
upgrade to OpenSSH 3.7
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jul 3 08:09:06 2003 UTC (20 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.12: +1 -2 lines
Diff to previous 1.12 (colored)
fix AddressFamily option in config file, from brent@graveland.net; ok markus@
Revision 1.12 / (download) - annotate - [select for diffs], Fri May 16 03:27:12 2003 UTC (21 years ago) by djm
Branch: MAIN
Changes since 1.11: +4 -2 lines
Diff to previous 1.11 (colored)
add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@
Revision 1.4.4.3 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:18 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.4.4.2: +6 -13 lines
Diff to previous 1.4.4.2 (colored) next main 1.5 (colored)
Merge OpenSSH 3.6.1
Revision 1.11 / (download) - annotate - [select for diffs], Wed Apr 2 14:36:26 2003 UTC (21 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
Revision 1.7.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:14 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.7: +6 -13 lines
Diff to previous 1.7 (colored)
Update to OpenSSH 3.6
Revision 1.10 / (download) - annotate - [select for diffs], Thu Mar 13 11:42:19 2003 UTC (21 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.9: +1 -8 lines
Diff to previous 1.9 (colored)
move RSA_blinding_on to generic key load method
Revision 1.9 / (download) - annotate - [select for diffs], Thu Dec 19 00:07:02 2002 UTC (21 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.8: +4 -4 lines
Diff to previous 1.8 (colored)
s/msg_send/ssh_msg_send/ to avoid namespace clashes in portable; ok markus@
Revision 1.8 / (download) - annotate - [select for diffs], Thu Nov 7 22:08:07 2002 UTC (21 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
Revision 1.4.2.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:07 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.4.2.1: +29 -2 lines
Diff to previous 1.4.2.1 (colored) next main 1.5 (colored)
Update to OpenSSH 3.5
Revision 1.4.4.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:53 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.4.4.1: +29 -2 lines
Diff to previous 1.4.4.1 (colored)
Update to OpenSSH 3.5
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jul 3 14:21:05 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.6: +15 -1 lines
Diff to previous 1.6 (colored)
re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jul 3 09:55:38 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.5: +14 -1 lines
Diff to previous 1.5 (colored)
use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) in order to avoid a possible Kocher timing attack pointed out by Charles Hannum; ok provos@
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jun 26 22:27:32 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu
Revision 1.4.4.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:39 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.4: +1 -1 lines
Diff to previous 1.4 (colored)
Pull in OpenSSH-3.4
Revision 1.4.2.1 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:18 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.4: +1 -1 lines
Diff to previous 1.4 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 19 00:27:55 2002 UTC (21 years, 11 months ago) by deraadt
Branch: MAIN
Branch point for: OPENBSD_3_1,
OPENBSD_3_0
Changes since 1.3: +8 -8 lines
Diff to previous 1.3 (colored)
KNF done automatically while reading....
Revision 1.3 / (download) - annotate - [select for diffs], Sat Jun 8 05:07:09 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.2: +7 -3 lines
Diff to previous 1.2 (colored)
only accept 20 byte session ids
Revision 1.2 / (download) - annotate - [select for diffs], Fri May 31 10:30:33 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.1: +28 -9 lines
Diff to previous 1.1 (colored)
extent ssh-keysign protocol: pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@
Revision 1.1 / (download) - annotate - [select for diffs], Thu May 23 19:24:30 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys).