Commit Graph

130 Commits

Author SHA1 Message Date
Damien Miller b253cc4213 - avsm@cvs.openbsd.org 2005/05/24 17:32:44
[atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
     [ssh-keyscan.c sshconnect.c]
     Switch atomicio to use a simpler interface; it now returns a size_t
     (containing number of bytes read/written), and indicates error by
     returning 0.  EOF is signalled by errno==EPIPE.
     Typical use now becomes:

     if (atomicio(read, ..., len) != len)
             err(1,"read");

     ok deraadt@, cloder@, djm@
2005-05-26 12:23:44 +10:00
Darren Tucker 47eede77ed - deraadt@cvs.openbsd.org 2005/03/10 22:01:05
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
2005-03-14 23:08:12 +11:00
Damien Miller 1227d4c93c - djm@cvs.openbsd.org 2005/03/02 01:00:06
[sshconnect.c]
     fix addition of new hashed hostnames when CheckHostIP=yes;
     found and ok dtucker@
2005-03-02 12:06:51 +11:00
Damien Miller e1776155d1 - djm@cvs.openbsd.org 2005/03/01 10:40:27
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
     [sshconnect.c sshd.8]
     add support for hashing host names and addresses added to known_hosts
     files, to improve privacy of which hosts user have been visiting; ok
     markus@ deraadt@
2005-03-01 21:47:37 +11:00
Darren Tucker b2161e37f5 - markus@cvs.openbsd.org 2005/01/05 08:51:32
[sshconnect.c]
     remove dead code, log connect() failures with level error, ok djm@
2005-01-20 11:00:46 +11:00
Darren Tucker 3f9fdc7121 - avsm@cvs.openbsd.org 2004/06/21 17:36:31
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Darren Tucker e608ca2965 - djm@cvs.openbsd.org 2004/05/08 00:21:31
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
     sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
     kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
Damien Miller f6723f08e0 - djm@cvs.openbsd.org 2004/01/25 03:49:09
[sshconnect.c]
     reset nonblocking flag after ConnectTimeout > 0 connect; (bugzilla #785)
     from jclonguet AT free.fr; ok millert@
2004-01-27 21:21:27 +11:00
Damien Miller 12c150e7e0 - markus@cvs.openbsd.org 2003/12/09 21:53:37
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
     [ssh_config.5 sshconnect.c sshd.c sshd_config.5]
     rename keepalive to tcpkeepalive; the old name causes too much
     confusion; ok djm, dtucker; with help from jmc@
2003-12-17 16:31:10 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Damien Miller 150b55745b - jakob@cvs.openbsd.org 2003/11/12 16:39:58
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
     update SSHFP validation. ok markus@
2003-11-17 21:19:29 +11:00
Damien Miller f58b58ced1 - jakob@cvs.openbsd.org 2003/11/10 16:23:41
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
     [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
     [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
     constify. ok markus@ & djm@
2003-11-17 21:18:23 +11:00
Damien Miller 8f746ec970 - jakob@cvs.openbsd.org 2003/11/03 09:37:32
[sshconnect.c]
     do not free static type pointer in warn_changed_key()
2003-11-17 21:11:15 +11:00
Damien Miller 5a38897dbb - jakob@cvs.openbsd.org 2003/11/03 09:09:41
[sshconnect.c]
     move changed key warning into warn_changed_key(). ok markus@
2003-11-17 21:10:47 +11:00
Darren Tucker dda19d63ff - jakob@cvs.openbsd.org 2003/10/14 19:42:10
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
     include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
Darren Tucker bd5361b237 - markus@cvs.openbsd.org 2003/09/18 07:52:54
[sshconnect.c]
     missing {}; bug #656; jclonguet at free.fr
2003-09-22 20:59:16 +10:00
Darren Tucker edeb1f7449 - markus@cvs.openbsd.org 2003/06/29 12:44:38
[sshconnect.c]
     memset 0, not \0; andrushock@korovino.net
2003-07-03 13:48:04 +10:00
Darren Tucker 9f63f22aa0 - deraadt@cvs.openbsd.org 2003/06/28 16:23:06
[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
     progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
     sshd.c]
     deal with typing of write vs read in atomicio
2003-07-03 13:46:56 +10:00
Damien Miller 7392ae6270 - jakob@cvs.openbsd.org 2003/06/11 10:16:16
[sshconnect.c]
     clean up check_host_key() and improve SSHFP feedback. ok markus@
2003-06-11 22:05:25 +10:00
Damien Miller 941ac459ce - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2003/06/04 08:25:18
     [sshconnect.c]
     disable challenge/response and keyboard-interactive auth methods
     upon hostkey mismatch. based on patch from fcusack AT fcusack.com.
     bz #580; ok markus@
2003-06-04 20:31:53 +10:00
Damien Miller ab2db41b61 - djm@cvs.openbsd.org 2003/05/26 12:54:40
[sshconnect.c]
     fix format strings; ok markus@
2003-06-02 19:09:13 +10:00
Damien Miller 08293fa435 - djm@cvs.openbsd.org 2003/05/23 08:29:30
[sshconnect.c]
     fix leak; ok markus@
2003-05-23 18:44:41 +10:00
Damien Miller b78d5eb6c5 - djm@cvs.openbsd.org 2003/05/15 14:55:25
[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
     add a ConnectTimeout option to ssh, based on patch from
     Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
2003-05-16 11:39:04 +10:00
Damien Miller 37876e913a - jakob@cvs.openbsd.org 2003/05/14 18:16:20
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
     [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
     add experimental support for verifying hos keys using DNS as described
     in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
     ok markus@ and henning@
2003-05-15 10:19:46 +10:00
Damien Miller 2372ace572 - markus@cvs.openbsd.org 2003/04/14 14:17:50
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 13:42:23 +10:00
Damien Miller d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Damien Miller 996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Ben Lindstrom 93576d9538 - deraadt@cvs.openbsd.org 2002/11/21 23:03:51
[auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c
      sshconnect.c]
     KNF
2002-12-23 02:06:19 +00:00
Ben Lindstrom 064496feaa - markus@cvs.openbsd.org 2002/11/21 22:45:31
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
     debug->debug2, unify debug messages
2002-12-23 02:04:22 +00:00
Damien Miller 8c4e18a6ec - djm@cvs.openbsd.org 2002/09/19 01:58:18
[ssh.c sshconnect.c]
     bugzilla.mindrot.org #223 - ProxyCommands don't exit.
     Patch from dtucker@zip.com.au; ok markus@
2002-09-19 12:05:02 +10:00
Damien Miller e1383cee9d - stevesk@cvs.openbsd.org 2002/09/13 19:23:09
[channels.c sshconnect.c sshd.c]
     remove use of SO_LINGER, it should not be needed. error check
     SO_REUSEADDR. fixup comments. ok markus@
2002-09-19 11:49:37 +10:00
Ben Lindstrom 4b99be899c - markus@cvs.openbsd.org 2002/07/29 18:57:30
[sshconnect.c]
     print file:line
2002-08-01 01:26:29 +00:00
Ben Lindstrom 3ed6640532 - markus@cvs.openbsd.org 2002/07/24 16:11:18
[hostfile.c hostfile.h sshconnect.c]
     print out all known keys for a host if we get a unknown host key,
     see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4

     the ssharp mitm tool attacks users in a similar way, so i'd like to
     pointed out again:
        A MITM attack is always possible if the ssh client prints:
        The authenticity of host 'bla' can't be established.
     (protocol version 2 with pubkey authentication allows you to detect
     MITM attacks)
2002-08-01 01:21:56 +00:00
Ben Lindstrom 728aa7e18c - itojun@cvs.openbsd.org 2002/07/12 13:29:09
[sshconnect.c]
     print connect failure during debugging mode.
2002-07-15 17:48:11 +00:00
Ben Lindstrom a6cd75c49e - itojun@cvs.openbsd.org 2002/07/10 10:28:15
[sshconnect.c]
     bark if all connection attempt fails.
2002-07-11 04:00:19 +00:00
Ben Lindstrom ba8df7d76d - itojun@cvs.openbsd.org 2002/07/09 12:04:02
[sshconnect.c]
     ed static function (less warnings)
2002-07-11 03:58:11 +00:00
Ben Lindstrom efee05958c - itojun@cvs.openbsd.org 2002/07/09 11:56:50
[sshconnect.c]
     silently try next address on connect(2).  markus ok
2002-07-11 03:54:43 +00:00
Ben Lindstrom 04f9af7dfc - markus@cvs.openbsd.org 2002/06/27 08:49:44
[dh.c ssh-keyscan.c sshconnect.c]
     more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@
2002-07-04 00:03:56 +00:00
Ben Lindstrom 5c3855210e - deraadt@cvs.openbsd.org 2002/06/23 03:30:58
[scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
      sshpty.c]
     various KNF and %d for unsigned
2002-06-23 21:23:20 +00:00
Ben Lindstrom cb72e4f6d2 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
Ben Lindstrom f9c4884c8e - markus@cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
     no longer use uidswap.[ch] from the ssh client
     run less code with euid==0 if ssh is installed setuid root
     just switch the euid, don't switch the complete set of groups
     (this is only needed by sshd). ok provos@
2002-06-11 16:37:51 +00:00
Ben Lindstrom 18a32a7efa - itojun@cvs.openbsd.org 2002/06/09 22:17:21
[sshconnect.c]
     pass salen to sockaddr_ntop so that we are happy on linux/solaris
2002-06-11 15:46:34 +00:00
Ben Lindstrom 2749e1c8f5 - markus@cvs.openbsd.org 2002/06/09 04:33:27
[sshconnect.c]
     abort() - > fatal()
2002-06-09 20:16:22 +00:00
Ben Lindstrom 159ac2e8cd - itojun@cvs.openbsd.org 2002/06/08 21:15:27
[sshconnect.c]
     always use getnameinfo.  (diag message only)
2002-06-09 20:14:54 +00:00
Ben Lindstrom 1bad256822 - markus@cvs.openbsd.org 2002/05/23 19:24:30
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
     add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
     authentication in protocol v2 (needs to access the hostkeys).

Note: Makefile.in untested.  Will test after merge is finished.
2002-06-06 19:57:33 +00:00
Kevin Steves 399ec97bc2 whitespace sync 2002-03-05 18:59:45 +00:00
Damien Miller 49d795c647 - markus@cvs.openbsd.org 2002/01/21 15:13:51
[sshconnect.c]
     use read_passphrase+ECHO in confirm(), allows use of ssh-askpass
     for hostkey confirm.
2002-01-22 23:34:12 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom e181a4d294 - stevesk@cvs.openbsd.org 2001/12/06 18:02:32
[channels.c sshconnect.c]
     shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
Ben Lindstrom 1c37c6a518 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
      key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
      sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
     minor KNF
2001-12-06 18:00:18 +00:00