Darren Tucker
edeb1f7449
- markus@cvs.openbsd.org 2003/06/29 12:44:38
...
[sshconnect.c]
memset 0, not \0; andrushock@korovino.net
2003-07-03 13:48:04 +10:00
Darren Tucker
9f63f22aa0
- deraadt@cvs.openbsd.org 2003/06/28 16:23:06
...
[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
sshd.c]
deal with typing of write vs read in atomicio
2003-07-03 13:46:56 +10:00
Damien Miller
7392ae6270
- jakob@cvs.openbsd.org 2003/06/11 10:16:16
...
[sshconnect.c]
clean up check_host_key() and improve SSHFP feedback. ok markus@
2003-06-11 22:05:25 +10:00
Damien Miller
941ac459ce
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/06/04 08:25:18
[sshconnect.c]
disable challenge/response and keyboard-interactive auth methods
upon hostkey mismatch. based on patch from fcusack AT fcusack.com.
bz #580 ; ok markus@
2003-06-04 20:31:53 +10:00
Damien Miller
ab2db41b61
- djm@cvs.openbsd.org 2003/05/26 12:54:40
...
[sshconnect.c]
fix format strings; ok markus@
2003-06-02 19:09:13 +10:00
Damien Miller
08293fa435
- djm@cvs.openbsd.org 2003/05/23 08:29:30
...
[sshconnect.c]
fix leak; ok markus@
2003-05-23 18:44:41 +10:00
Damien Miller
b78d5eb6c5
- djm@cvs.openbsd.org 2003/05/15 14:55:25
...
[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
add a ConnectTimeout option to ssh, based on patch from
Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
2003-05-16 11:39:04 +10:00
Damien Miller
37876e913a
- jakob@cvs.openbsd.org 2003/05/14 18:16:20
...
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
add experimental support for verifying hos keys using DNS as described
in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
ok markus@ and henning@
2003-05-15 10:19:46 +10:00
Damien Miller
2372ace572
- markus@cvs.openbsd.org 2003/04/14 14:17:50
...
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 13:42:23 +10:00
Damien Miller
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
Damien Miller
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
Ben Lindstrom
93576d9538
- deraadt@cvs.openbsd.org 2002/11/21 23:03:51
...
[auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c
sshconnect.c]
KNF
2002-12-23 02:06:19 +00:00
Ben Lindstrom
064496feaa
- markus@cvs.openbsd.org 2002/11/21 22:45:31
...
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
debug->debug2, unify debug messages
2002-12-23 02:04:22 +00:00
Damien Miller
8c4e18a6ec
- djm@cvs.openbsd.org 2002/09/19 01:58:18
...
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au ; ok markus@
2002-09-19 12:05:02 +10:00
Damien Miller
e1383cee9d
- stevesk@cvs.openbsd.org 2002/09/13 19:23:09
...
[channels.c sshconnect.c sshd.c]
remove use of SO_LINGER, it should not be needed. error check
SO_REUSEADDR. fixup comments. ok markus@
2002-09-19 11:49:37 +10:00
Ben Lindstrom
4b99be899c
- markus@cvs.openbsd.org 2002/07/29 18:57:30
...
[sshconnect.c]
print file:line
2002-08-01 01:26:29 +00:00
Ben Lindstrom
3ed6640532
- markus@cvs.openbsd.org 2002/07/24 16:11:18
...
[hostfile.c hostfile.h sshconnect.c]
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
2002-08-01 01:21:56 +00:00
Ben Lindstrom
728aa7e18c
- itojun@cvs.openbsd.org 2002/07/12 13:29:09
...
[sshconnect.c]
print connect failure during debugging mode.
2002-07-15 17:48:11 +00:00
Ben Lindstrom
a6cd75c49e
- itojun@cvs.openbsd.org 2002/07/10 10:28:15
...
[sshconnect.c]
bark if all connection attempt fails.
2002-07-11 04:00:19 +00:00
Ben Lindstrom
ba8df7d76d
- itojun@cvs.openbsd.org 2002/07/09 12:04:02
...
[sshconnect.c]
ed static function (less warnings)
2002-07-11 03:58:11 +00:00
Ben Lindstrom
efee05958c
- itojun@cvs.openbsd.org 2002/07/09 11:56:50
...
[sshconnect.c]
silently try next address on connect(2). markus ok
2002-07-11 03:54:43 +00:00
Ben Lindstrom
04f9af7dfc
- markus@cvs.openbsd.org 2002/06/27 08:49:44
...
[dh.c ssh-keyscan.c sshconnect.c]
more checks for NULL pointers; from grendel@zeitbombe.org ; ok deraadt@
2002-07-04 00:03:56 +00:00
Ben Lindstrom
5c3855210e
- deraadt@cvs.openbsd.org 2002/06/23 03:30:58
...
[scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
sshpty.c]
various KNF and %d for unsigned
2002-06-23 21:23:20 +00:00
Ben Lindstrom
cb72e4f6d2
- deraadt@cvs.openbsd.org 2002/06/19 00:27:55
...
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
Ben Lindstrom
f9c4884c8e
- markus@cvs.openbsd.org 2002/06/11 04:14:26
...
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
2002-06-11 16:37:51 +00:00
Ben Lindstrom
18a32a7efa
- itojun@cvs.openbsd.org 2002/06/09 22:17:21
...
[sshconnect.c]
pass salen to sockaddr_ntop so that we are happy on linux/solaris
2002-06-11 15:46:34 +00:00
Ben Lindstrom
2749e1c8f5
- markus@cvs.openbsd.org 2002/06/09 04:33:27
...
[sshconnect.c]
abort() - > fatal()
2002-06-09 20:16:22 +00:00
Ben Lindstrom
159ac2e8cd
- itojun@cvs.openbsd.org 2002/06/08 21:15:27
...
[sshconnect.c]
always use getnameinfo. (diag message only)
2002-06-09 20:14:54 +00:00
Ben Lindstrom
1bad256822
- markus@cvs.openbsd.org 2002/05/23 19:24:30
...
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 19:57:33 +00:00
Kevin Steves
399ec97bc2
whitespace sync
2002-03-05 18:59:45 +00:00
Damien Miller
49d795c647
- markus@cvs.openbsd.org 2002/01/21 15:13:51
...
[sshconnect.c]
use read_passphrase+ECHO in confirm(), allows use of ssh-askpass
for hostkey confirm.
2002-01-22 23:34:12 +11:00
Damien Miller
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom
e181a4d294
- stevesk@cvs.openbsd.org 2001/12/06 18:02:32
...
[channels.c sshconnect.c]
shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
Ben Lindstrom
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
Damien Miller
139d4cd908
- markus@cvs.openbsd.org 2001/10/09 10:12:08
...
[session.c]
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 15:07:44 +10:00
Damien Miller
7ea6f204b6
- markus@cvs.openbsd.org 2001/10/08 16:15:47
...
[sshconnect.c]
use correct family for -b option
2001-10-10 15:04:41 +10:00
Damien Miller
59d9fb9e55
- markus@cvs.openbsd.org 2001/10/06 11:18:19
...
[sshconnect1.c sshconnect2.c sshconnect.c]
unify hostkey check error messages, simplify prompt.
2001-10-10 15:03:11 +10:00
Damien Miller
e398004f6c
- markus@cvs.openbsd.org 2001/10/06 00:14:50
...
[sshconnect.c]
remove unused argument
2001-10-10 15:02:03 +10:00
Ben Lindstrom
3cecc9a41f
- markus@cvs.openbsd.org 2001/10/01 21:51:16
...
[readconf.c readconf.h ssh.1 sshconnect.c]
add NoHostAuthenticationForLocalhost; note that the hostkey is
now check for localhost, too.
2001-10-03 17:39:38 +00:00
Tim Rice
e991e3cf22
- (tim) [configure.in sshconnect.c openbsd-compat/Makefile.in
...
openbsd-compat/openbsd-compat.h ] Add inet_ntop.c inet_ntop.h back
in. Needed for sshconnect.c
[sshconnect.c] fix INET6_ADDRSTRLEN for non IPv6 machines
[configure.in] make tests with missing libraries fail
patch by Wendy Palm <wendyp@cray.com>
Added openbsd-compat/bsd-cray.h. Selective patches from
William L. Jones <jones@mail.utexas.edu>
2001-08-07 15:29:07 -07:00
Ben Lindstrom
f9cedb9ca0
- markus@cvs.openbsd.org 2001/07/25 14:35:18
...
[readconf.c ssh.1 ssh.c sshconnect.c]
cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
2001-08-06 21:07:11 +00:00
Ben Lindstrom
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom
d6481ea49a
- markus@cvs.openbsd.org 2001/06/23 02:34:33
...
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
get rid of known_hosts2, use it for hostkey lookup, but do not
modify.
2001-06-25 04:37:41 +00:00
Ben Lindstrom
664408d2a7
- markus@cvs.openbsd.org 2001/06/07 20:23:05
...
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
sshconnect.c sshconnect1.c]
use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
Ben Lindstrom
80c6d77085
- markus@cvs.openbsd.org 2001/05/28 23:58:35
...
[packet.c packet.h sshconnect.c sshd.c]
remove some lines, simplify.
2001-06-05 21:09:18 +00:00
Ben Lindstrom
e0f8804194
- markus@cvs.openbsd.org 2001/04/30 11:18:52
...
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
implement 'ssh -b bind_address' like 'telnet -b'
2001-04-30 13:06:24 +00:00
Ben Lindstrom
5eabda303a
- markus@cvs.openbsd.org 2001/04/12 19:15:26
...
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-12 23:34:34 +00:00
Ben Lindstrom
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
Ben Lindstrom
a3700050ec
- markus@cvs.openbsd.org 2001/04/05 10:42:57
...
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
sshconnect2.c sshd.c]
fix whitespace: unexpand + trailing spaces.
2001-04-05 23:26:32 +00:00
Ben Lindstrom
d0fca423fc
- markus@cvs.openbsd.org 2001/03/26 08:07:09
...
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
2001-03-26 13:44:06 +00:00