summaryrefslogtreecommitdiff
path: root/authfile.c
AgeCommit message (Collapse)Author
2006-08-05 - stevesk@cvs.openbsd.org 2006/08/01 23:22:48Damien Miller
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c] [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c] [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c] [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c] [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c] [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c] [uuencode.h xmalloc.c] move #include <stdio.h> out of includes.h
2006-08-05 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17Damien Miller
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c] [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c] [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c] [sshconnect1.c sshd.c xmalloc.c] move #include <stdlib.h> out of includes.h
2006-08-05 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17Damien Miller
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c] [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c] [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c] [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c] [uidswap.c xmalloc.c] move #include <sys/param.h> out of includes.h
2006-07-24 - stevesk@cvs.openbsd.org 2006/07/22 20:48:23Damien Miller
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] move #include <string.h> out of includes.h
2006-07-24 - stevesk@cvs.openbsd.org 2006/07/17 01:31:10Damien Miller
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c] [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c] [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c] [sshconnect.c sshlogin.c sshpty.c uidswap.c] move #include <unistd.h> out of includes.h
2006-07-12 - stevesk@cvs.openbsd.org 2006/07/11 20:27:56Darren Tucker
[authfile.c ssh.c] need <errno.h> here also (it's also included in <openssl/err.h>)
2006-07-10 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11Damien Miller
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c] [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] [sshlogin.c sshpty.c] move #include <fcntl.h> out of includes.h
2006-05-06 - dtucker@cvs.openbsd.org 2006/04/25 08:02:27Darren Tucker
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c] Prevent ssh from trying to open private keys with bad permissions more than once or prompting for their passphrases (which it subsequently ignores anyway), similar to a previous change in ssh-add. bz #1186, ok djm@
2006-03-26 - djm@cvs.openbsd.org 2006/03/25 13:17:03Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:59:09Damien Miller
[authfile.c] whoever thought that break after return was a good idea needs to get their head examimed
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
2006-03-15 - dtucker@cvs.openbsd.org 2006/03/13 10:26:52Damien Miller
[authfile.c authfile.h ssh-add.c] Make ssh-add check file permissions before attempting to load private key files multiple times; it will fail anyway and this prevents confusing multiple prompts and warnings. mindrot #1138, ok djm@
2006-03-15 - stevesk@cvs.openbsd.org 2006/02/20 17:02:44Damien Miller
[clientloop.c includes.h monitor.c progressmeter.c scp.c] [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c] move #include <signal.h> out of includes.h; ok markus@
2005-06-17 - djm@cvs.openbsd.org 2005/06/17 02:44:33Damien Miller
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] make this -Wsign-compare clean; ok avsm@ markus@ NB. auth1.c changes not committed yet (conflicts with uncommitted sync) NB2. more work may be needed to make portable Wsign-compare clean
2004-12-11 - dtucker@cvs.openbsd.org 2004/12/11 01:48:56Darren Tucker
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@
2004-12-06 - dtucker@cvs.openbsd.org 2004/12/06 11:41:03Darren Tucker
[auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@
2004-08-29 - djm@cvs.openbsd.org 2004/08/23 11:48:09Darren Tucker
[authfile.c] fix error path, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
2004-06-22 - avsm@cvs.openbsd.org 2004/06/21 17:36:31Darren Tucker
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c sshpty.c] make ssh -Wshadow clean, no functional changes markus@ ok There are also some portable-specific -Wshadow warnings to be fixed in monitor.c and montior_wrap.c.
2004-05-13 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43Darren Tucker
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c] improve some code lint did not like; djm millert ok
2003-09-22 - markus@cvs.openbsd.org 2003/09/18 07:56:05Darren Tucker
[authfile.c] missing buffer_free(&encrypted); #662; zardoz at users.sf.net
2003-05-25 - djm@cvs.openbsd.org 2003/05/24 09:30:40Damien Miller
[authfile.c monitor.c sftp-common.c sshpty.c] cast some types for printing; ok markus@
2003-05-14 - markus@cvs.openbsd.org 2003/05/11 16:56:48Damien Miller
[authfile.c ssh-keygen.c] change key_load_public to try to read a public from: rsa1 private or rsa1 public and ssh2 keys. this makes ssh-keygen -e fail for ssh1 keys more gracefully for example; report from itojun (netbsd pr 20550).
2003-03-15 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/03/13 11:42:19 [authfile.c ssh-keysign.c] move RSA_blinding_on to generic key load method
2002-12-23 - fgsch@cvs.openbsd.org 2002/11/15 10:03:09Ben Lindstrom
[authfile.c] lseek(2) may return -1 when getting the public/private key lenght. Simplify the code and check for errors using fstat(2). Problem reported by Mauricio Sanchez, markus@ ok.
2002-06-25 - markus@cvs.openbsd.org 2002/06/24 14:55:38Ben Lindstrom
[authfile.c kex.c ssh-agent.c] cat to (void) when output from buffer_get_X is ignored
2002-06-06 - markus@cvs.openbsd.org 2002/05/23 19:24:30Ben Lindstrom
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.
2002-03-05 - markus@cvs.openbsd.org 2002/02/28 15:46:33Ben Lindstrom
[authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c] add some const EVP_MD for openssl-0.9.7
2002-02-26 - markus@cvs.openbsd.org 2002/02/24 19:14:59Ben Lindstrom
[auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c] signed vs. unsigned: make size arguments u_int, ok stevesk@
2002-02-19 - markus@cvs.openbsd.org 2002/02/14 23:41:01Damien Miller
[authfile.c cipher.c cipher.h kex.c kex.h packet.c] hide some more implementation details of cipher.[ch] and prepares for move to EVP, ok deraadt@
2002-01-22 - stevesk@cvs.openbsd.org 2001/12/29 21:56:01Damien Miller
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c] remove unneeded casts and some char->u_char cleanup; ok markus@
2002-01-22 - markus@cvs.openbsd.org 2001/12/27 18:26:13Damien Miller
[authfile.c] missing include
2002-01-22 - markus@cvs.openbsd.org 2001/12/27 18:22:16Damien Miller
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c] call fatal() for openssl allocation failures
2001-12-21 - stevesk@cvs.openbsd.org 2001/12/19 17:16:13Damien Miller
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c] change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
2001-10-10 - markus@cvs.openbsd.org 2001/10/07 10:29:52Damien Miller
[authfile.c] grammer; Matthew_Clarke@mindlink.bc.ca
2001-09-23 - markus@cvs.openbsd.org 2001/09/23 11:09:13Ben Lindstrom
[authfile.c] relax permission check for private key files.
2001-06-25 - itojun@cvs.openbsd.org 2001/06/23 15:12:20Ben Lindstrom
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
2001-06-09 - markus@cvs.openbsd.org 2001/06/07 20:23:05Ben Lindstrom
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c sshconnect.c sshconnect1.c] use xxx_put_cstring()
2001-06-05 - markus@cvs.openbsd.org 2001/05/29 12:31:27Ben Lindstrom
[authfile.c] typo
2001-06-05 - markus@cvs.openbsd.org 2001/05/28 10:08:55Ben Lindstrom
[authfile.c] key_load_private: set comment to filename for PEM keys
2001-05-17 - markus@cvs.openbsd.org 2001/05/16 20:51:57Ben Lindstrom
[authfile.c] return comments for private pem files, too; report from nolan@naic.edu
2001-04-19 - markus@cvs.openbsd.org 2001/04/18 23:44:51Ben Lindstrom
[authfile.c] error->debug; noted by fries@
2001-04-16 - markus@cvs.openbsd.org 2001/04/15 16:58:03Ben Lindstrom
[authfile.c ssh-keygen.c sshd.c] don't use errno for key_{load,save}_private; discussion w/ solar@openwall
2001-03-29 - markus@cvs.openbsd.org 2001/03/26 23:12:42Ben Lindstrom
[authfile.c] KNF
2001-03-26 - markus@cvs.openbsd.org 2001/03/26 08:07:09Ben Lindstrom
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd.c] simpler key load/save interface, see authfile.h
2001-03-05 - deraadt@cvs.openbsd.org 2001/02/21 09:05:54Ben Lindstrom
[authfile.c] improve fd handling
2001-02-09 - itojun@cvs.openbsd.org 2001/02/08 19:30:52Ben Lindstrom
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
2001-01-29 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05Ben Lindstrom
[authfile.c] spelling. use sizeof vs. strlen(). ok markus@
2001-01-22Hopefully things did not get mixed around too much. It compiles underBen Lindstrom
Linux and works. So that is at least a good sign. =) 20010122 - (bal) OpenBSD Resync - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus [servconf.c ssh.h sshd.c] only auth-chall.c needs #ifdef SKEY - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c packet.c pathname.h readconf.c scp.c servconf.c serverloop.c session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h ssh1.h sshconnect1.c sshd.c ttymodes.c] move ssh1 definitions to ssh1.h, pathnames to pathnames.h - markus@cvs.openbsd.org 2001/01/19 16:48:14 [sshd.8] fix typo; from stevesk@ - markus@cvs.openbsd.org 2001/01/19 16:50:58 [ssh-dss.c] clear and free digest, make consistent with other code (use dlen); from stevesk@ - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus [auth-options.c auth-options.h auth-rsa.c auth2.c] pass the filename to auth_parse_options() - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 [readconf.c] fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 [sshconnect2.c] dh_new_group() does not return NULL. ok markus@ - markus@cvs.openbsd.org 2001/01/20 21:33:42 [ssh-add.c] do not loop forever if askpass does not exist; from andrew@pimlott.ne.mediaone.net - djm@cvs.openbsd.org 2001/01/20 23:00:56 [servconf.c] Check for NULL return from strdelim; ok markus - djm@cvs.openbsd.org 2001/01/20 23:02:07 [readconf.c] KNF; ok markus - jakob@cvs.openbsd.org 2001/01/21 9:00:33 [ssh-keygen.1] remove -R flag; ok markus@ - markus@cvs.openbsd.org 2001/01/21 19:05:40 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c cipher.c cli.c clientloop.c clientloop.h compat.c compress.c deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c key.c key.h log-client.c log-server.c log.c log.h login.c login.h match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h ttysmodes.c uidswap.c xmalloc.c] split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch] - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve conflict when compiling for non-kerb install - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes on 1/19.