summaryrefslogtreecommitdiff
path: root/sshconnect.c
AgeCommit message (Collapse)Author
2003-10-15 - jakob@cvs.openbsd.org 2003/10/14 19:42:10Darren Tucker
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c] include SSHFP lookup code (not enabled by default). ok markus@
2003-09-22 - markus@cvs.openbsd.org 2003/09/18 07:52:54Darren Tucker
[sshconnect.c] missing {}; bug #656; jclonguet at free.fr
2003-07-03 - markus@cvs.openbsd.org 2003/06/29 12:44:38Darren Tucker
[sshconnect.c] memset 0, not \0; andrushock@korovino.net
2003-07-03 - deraadt@cvs.openbsd.org 2003/06/28 16:23:06Darren Tucker
[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c sshd.c] deal with typing of write vs read in atomicio
2003-06-11 - jakob@cvs.openbsd.org 2003/06/11 10:16:16Damien Miller
[sshconnect.c] clean up check_host_key() and improve SSHFP feedback. ok markus@
2003-06-04 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2003/06/04 08:25:18 [sshconnect.c] disable challenge/response and keyboard-interactive auth methods upon hostkey mismatch. based on patch from fcusack AT fcusack.com. bz #580; ok markus@
2003-06-02 - djm@cvs.openbsd.org 2003/05/26 12:54:40Damien Miller
[sshconnect.c] fix format strings; ok markus@
2003-05-23 - djm@cvs.openbsd.org 2003/05/23 08:29:30Damien Miller
[sshconnect.c] fix leak; ok markus@
2003-05-16 - djm@cvs.openbsd.org 2003/05/15 14:55:25Damien Miller
[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c] add a ConnectTimeout option to ssh, based on patch from Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
2003-05-15 - jakob@cvs.openbsd.org 2003/05/14 18:16:20Damien Miller
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c] [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c] add experimental support for verifying hos keys using DNS as described in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
2003-05-14 - markus@cvs.openbsd.org 2003/04/14 14:17:50Damien Miller
[channels.c sshconnect.c sshd.c ssh-keyscan.c] avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 - (djm) RCSID sync w/ OpenBSDDamien Miller
2003-04-09*** empty log message ***Damien Miller
2002-12-23 - deraadt@cvs.openbsd.org 2002/11/21 23:03:51Ben Lindstrom
[auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c sshconnect.c] KNF
2002-12-23 - markus@cvs.openbsd.org 2002/11/21 22:45:31Ben Lindstrom
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c] debug->debug2, unify debug messages
2002-09-19 - djm@cvs.openbsd.org 2002/09/19 01:58:18Damien Miller
[ssh.c sshconnect.c] bugzilla.mindrot.org #223 - ProxyCommands don't exit. Patch from dtucker@zip.com.au; ok markus@
2002-09-19 - stevesk@cvs.openbsd.org 2002/09/13 19:23:09Damien Miller
[channels.c sshconnect.c sshd.c] remove use of SO_LINGER, it should not be needed. error check SO_REUSEADDR. fixup comments. ok markus@
2002-08-01 - markus@cvs.openbsd.org 2002/07/29 18:57:30Ben Lindstrom
[sshconnect.c] print file:line
2002-08-01 - markus@cvs.openbsd.org 2002/07/24 16:11:18Ben Lindstrom
[hostfile.c hostfile.h sshconnect.c] print out all known keys for a host if we get a unknown host key, see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 the ssharp mitm tool attacks users in a similar way, so i'd like to pointed out again: A MITM attack is always possible if the ssh client prints: The authenticity of host 'bla' can't be established. (protocol version 2 with pubkey authentication allows you to detect MITM attacks)
2002-07-15 - itojun@cvs.openbsd.org 2002/07/12 13:29:09Ben Lindstrom
[sshconnect.c] print connect failure during debugging mode.
2002-07-11 - itojun@cvs.openbsd.org 2002/07/10 10:28:15Ben Lindstrom
[sshconnect.c] bark if all connection attempt fails.
2002-07-11 - itojun@cvs.openbsd.org 2002/07/09 12:04:02Ben Lindstrom
[sshconnect.c] ed static function (less warnings)
2002-07-11 - itojun@cvs.openbsd.org 2002/07/09 11:56:50Ben Lindstrom
[sshconnect.c] silently try next address on connect(2). markus ok
2002-07-04 - markus@cvs.openbsd.org 2002/06/27 08:49:44Ben Lindstrom
[dh.c ssh-keyscan.c sshconnect.c] more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@
2002-06-23 - deraadt@cvs.openbsd.org 2002/06/23 03:30:58Ben Lindstrom
[scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c sshpty.c] various KNF and %d for unsigned
2002-06-21 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55Ben Lindstrom
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....
2002-06-11 - markus@cvs.openbsd.org 2002/06/11 04:14:26Ben Lindstrom
[ssh.c sshconnect.c sshconnect.h] no longer use uidswap.[ch] from the ssh client run less code with euid==0 if ssh is installed setuid root just switch the euid, don't switch the complete set of groups (this is only needed by sshd). ok provos@
2002-06-11 - itojun@cvs.openbsd.org 2002/06/09 22:17:21Ben Lindstrom
[sshconnect.c] pass salen to sockaddr_ntop so that we are happy on linux/solaris
2002-06-09 - markus@cvs.openbsd.org 2002/06/09 04:33:27Ben Lindstrom
[sshconnect.c] abort() - > fatal()
2002-06-09 - itojun@cvs.openbsd.org 2002/06/08 21:15:27Ben Lindstrom
[sshconnect.c] always use getnameinfo. (diag message only)
2002-06-06 - markus@cvs.openbsd.org 2002/05/23 19:24:30Ben Lindstrom
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.
2002-03-05whitespace syncKevin Steves
2002-01-22 - markus@cvs.openbsd.org 2002/01/21 15:13:51Damien Miller
[sshconnect.c] use read_passphrase+ECHO in confirm(), allows use of ssh-askpass for hostkey confirm.
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-07 - stevesk@cvs.openbsd.org 2001/12/06 18:02:32Ben Lindstrom
[channels.c sshconnect.c] shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
2001-10-10 - markus@cvs.openbsd.org 2001/10/09 10:12:08Damien Miller
[session.c] chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 - markus@cvs.openbsd.org 2001/10/08 16:15:47Damien Miller
[sshconnect.c] use correct family for -b option
2001-10-10 - markus@cvs.openbsd.org 2001/10/06 11:18:19Damien Miller
[sshconnect1.c sshconnect2.c sshconnect.c] unify hostkey check error messages, simplify prompt.
2001-10-10 - markus@cvs.openbsd.org 2001/10/06 00:14:50Damien Miller
[sshconnect.c] remove unused argument
2001-10-03 - markus@cvs.openbsd.org 2001/10/01 21:51:16Ben Lindstrom
[readconf.c readconf.h ssh.1 sshconnect.c] add NoHostAuthenticationForLocalhost; note that the hostkey is now check for localhost, too.
2001-08-07 - (tim) [configure.in sshconnect.c openbsd-compat/Makefile.inTim Rice
openbsd-compat/openbsd-compat.h ] Add inet_ntop.c inet_ntop.h back in. Needed for sshconnect.c [sshconnect.c] fix INET6_ADDRSTRLEN for non IPv6 machines [configure.in] make tests with missing libraries fail patch by Wendy Palm <wendyp@cray.com> Added openbsd-compat/bsd-cray.h. Selective patches from William L. Jones <jones@mail.utexas.edu>
2001-08-06 - markus@cvs.openbsd.org 2001/07/25 14:35:18Ben Lindstrom
[readconf.c ssh.1 ssh.c sshconnect.c] cleanup connect(); connection_attempts 4 -> 1; from eivind@freebsd.org
2001-06-25 - itojun@cvs.openbsd.org 2001/06/23 15:12:20Ben Lindstrom
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
2001-06-25 - markus@cvs.openbsd.org 2001/06/23 02:34:33Ben Lindstrom
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] get rid of known_hosts2, use it for hostkey lookup, but do not modify.
2001-06-09 - markus@cvs.openbsd.org 2001/06/07 20:23:05Ben Lindstrom
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c sshconnect.c sshconnect1.c] use xxx_put_cstring()
2001-06-05 - markus@cvs.openbsd.org 2001/05/28 23:58:35Ben Lindstrom
[packet.c packet.h sshconnect.c sshd.c] remove some lines, simplify.
2001-04-30 - markus@cvs.openbsd.org 2001/04/30 11:18:52Ben Lindstrom
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c] implement 'ssh -b bind_address' like 'telnet -b'
2001-04-12 - markus@cvs.openbsd.org 2001/04/12 19:15:26Ben Lindstrom
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-08 - markus@cvs.openbsd.org 2001/04/06 21:00:17Ben Lindstrom
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.