1. 04 Jul, 2008 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2008/07/04 23:30:16 · 0b4d48ba
      Damien Miller authored
           [auth1.c auth2.c]
           Make protocol 1 MaxAuthTries logic match protocol 2's.
           Do not treat the first protocol 2 authentication attempt as
           a failure IFF it is for method "none".
           Makes MaxAuthTries' user-visible behaviour identical for
           protocol 1 vs 2.
           ok dtucker@
      0b4d48ba
  2. 19 May, 2008 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2008/05/08 12:02:23 · b84886ba
      Damien Miller authored
           [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
           [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
           [ssh.c sshd.c]
           Implement a channel success/failure status confirmation callback
           mechanism. Each channel maintains a queue of callbacks, which will
           be drained in order (RFC4253 guarantees confirm messages are not
           reordered within an channel).
           Also includes a abandonment callback to clean up if a channel is
           closed without sending confirmation messages. This probably
           shouldn't happen in compliant implementations, but it could be
           abused to leak memory.
           ok markus@ (as part of a larger diff)
      b84886ba
  3. 26 Oct, 2007 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2007/09/21 08:15:29 · 733124b5
      Damien Miller authored
           [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
           [monitor.c monitor_wrap.c]
           unifdef -DBSD_AUTH
           unifdef -USKEY
           These options have been in use for some years;
           ok markus@ "no objection" millert@
           (NB. RCD ID sync only for portable)
      733124b5
  4. 01 Sep, 2006 1 commit
    • Damien Miller's avatar
      - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] · ded319cc
      Damien Miller authored
         [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
         [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
         [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
         [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
         [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
         [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
         [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
         [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
         [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
         [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
         [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
         [openbsd-compat/port-uw.c]
         Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
         compile problems reported by rac AT tenzing.org
      ded319cc
  5. 05 Aug, 2006 2 commits
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 · d7834353
      Damien Miller authored
           [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
           [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
           [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
           [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
           [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
           [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
           [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
           [serverloop.c session.c session.h sftp-client.c sftp-common.c]
           [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
           [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
           [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
           [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
           almost entirely get rid of the culture of ".h files that include .h files"
           ok djm, sort of ok stevesk
           makes the pain stop in one easy step
           NB. portable commit contains everything *except* removing includes.h, as
           that will take a fair bit more work as we move headers that are required
           for portability workarounds to defines.h. (also, this step wasn't "easy")
      d7834353
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/08/01 23:22:48 · a7a73ee3
      Damien Miller authored
           [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
           [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
           [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
           [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
           [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
           [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
           [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
           [uuencode.h xmalloc.c]
           move #include <stdio.h> out of includes.h
      a7a73ee3
  6. 24 Jul, 2006 2 commits
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 · e3476ed0
      Damien Miller authored
           [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
           [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
           [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
           [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
           [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
           [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
           [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
           move #include <string.h> out of includes.h
      e3476ed0
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/20 15:26:15 · 1cdde6f5
      Damien Miller authored
           [auth1.c serverloop.c session.c sshconnect2.c]
           missed some needed #include <unistd.h> when KERBEROS5=no; issue from
           massimo@cedoc.mo.it
      1cdde6f5
  7. 26 Mar, 2006 3 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 13:17:03 · 57c30117
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
           [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
           [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
           [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
           [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
           [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
           [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
           [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
           [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
           [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c]
           Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
           Theo nuked - our scripts to sync -portable need them in the files
      57c30117
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/03/20 18:17:20 · 91d4b12f
      Damien Miller authored
           [auth1.c auth2.c sshd.c]
           sprinkle some ARGSUSED for table driven functions (which sometimes
           must ignore their args)
      91d4b12f
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/03/19 18:52:11 · d62f2ca3
      Damien Miller authored
           [auth1.c authfd.c channels.c]
           spacing
      d62f2ca3
  8. 25 Mar, 2006 1 commit
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 · b0fb6872
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
           [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
           [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
           [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
           [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
           [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
           [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
           [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
           [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
           [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
           [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
           [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
           [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
           [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
           [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
           [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
           [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
           RCSID() can die
      b0fb6872
  9. 17 Jul, 2005 3 commits
  10. 18 Jun, 2005 2 commits
  11. 08 Feb, 2005 1 commit
  12. 02 Feb, 2005 1 commit
  13. 03 Dec, 2004 1 commit
  14. 12 Aug, 2004 1 commit
  15. 21 Jul, 2004 1 commit
  16. 22 Jun, 2004 2 commits
  17. 24 May, 2004 1 commit
  18. 13 May, 2004 1 commit
  19. 08 Mar, 2004 1 commit
  20. 22 Nov, 2003 1 commit
  21. 21 Nov, 2003 1 commit
  22. 17 Nov, 2003 2 commits
  23. 02 Oct, 2003 1 commit
    • Darren Tucker's avatar
      - markus@cvs.openbsd.org 2003/09/23 20:17:11 · 3e33cecf
      Darren Tucker authored
           [Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
           cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
           monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
           ssh-agent.c sshd.c]
           replace fatal_cleanup() and linked list of fatal callbacks with static
           cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
           allocate sshd's authctxt eary to allow simpler cleanup in sshd.
           tested by many, ok deraadt@
      3e33cecf
  24. 02 Sep, 2003 2 commits
    • Damien Miller's avatar
      - markus@cvs.openbsd.org 2003/08/26 09:58:43 · 856f0be6
      Damien Miller authored
           [auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
           [auth2.c monitor.c]
           fix passwd auth for 'username leaks via timing'; with djm@, original
           patches from solar
      856f0be6
    • Damien Miller's avatar
      - markus@cvs.openbsd.org 2003/08/28 12:54:34 · 1a0c0b96
      Damien Miller authored
           [auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
           [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
           [sshconnect1.c sshd.c sshd_config sshd_config.5]
           remove kerberos support from ssh1, since it has been replaced with GSSAPI;
           but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
      1a0c0b96
  25. 25 Aug, 2003 1 commit
  26. 13 Aug, 2003 1 commit
    • Darren Tucker's avatar
      - markus@cvs.openbsd.org 2003/08/13 08:46:31 · ec960f2c
      Darren Tucker authored
           [auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
           ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
           remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
           fgsch@, miod@, henning@, jakob@ and others
      ec960f2c
  27. 02 Aug, 2003 1 commit
    • Darren Tucker's avatar
      - (dtucker) OpenBSD CVS Sync · 6aaa58c4
      Darren Tucker authored
         - markus@cvs.openbsd.org 2003/07/22 13:35:22
           [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
           monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
           ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
           remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
           test+ok henning@
       - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
       - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
      
      I hope I got this right....
      6aaa58c4
  28. 14 May, 2003 3 commits