1. 31 Aug, 2010 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/08/31 11:54:45 · eb8b60e3
      Damien Miller authored
           [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
           [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
           [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
           [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
           [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
           [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
           [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
           Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
           host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
           better performance than plain DH and DSA at the same equivalent symmetric
           key length, as well as much shorter keys.
      
           Only the mandatory sections of RFC5656 are implemented, specifically the
           three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
           ECDSA. Point compression (optional in RFC5656 is NOT implemented).
      
           Certificate host and user keys using the new ECDSA key types are supported.
      
           Note that this code has not been tested for interoperability and may be
           subject to change.
      
           feedback and ok markus@
      eb8b60e3
  2. 05 Aug, 2006 2 commits
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 · d7834353
      Damien Miller authored
           [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
           [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
           [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
           [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
           [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
           [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
           [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
           [serverloop.c session.c session.h sftp-client.c sftp-common.c]
           [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
           [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
           [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
           [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
           almost entirely get rid of the culture of ".h files that include .h files"
           ok djm, sort of ok stevesk
           makes the pain stop in one easy step
           NB. portable commit contains everything *except* removing includes.h, as
           that will take a fair bit more work as we move headers that are required
           for portability workarounds to defines.h. (also, this step wasn't "easy")
      d7834353
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/08/01 23:22:48 · a7a73ee3
      Damien Miller authored
           [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
           [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
           [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
           [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
           [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
           [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
           [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
           [uuencode.h xmalloc.c]
           move #include <stdio.h> out of includes.h
      a7a73ee3
  3. 26 Mar, 2006 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 22:22:43 · 51096383
      Damien Miller authored
           [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
           [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
           [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
           [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
           [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
           [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
           [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
           [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
           [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
           [ttymodes.h uidswap.h uuencode.h xmalloc.h]
           standardise spacing in $OpenBSD$ tags; requested by deraadt@
      51096383
  4. 17 Nov, 2003 1 commit
    • Damien Miller's avatar
      - jakob@cvs.openbsd.org 2003/11/10 16:23:41 · f58b58ce
      Damien Miller authored
           [bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
           [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
           [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
           constify. ok markus@ & djm@
      f58b58ce
  5. 26 Feb, 2002 1 commit
  6. 04 Jul, 2001 3 commits
    • Ben Lindstrom's avatar
      - markus@cvs.openbsd.org 2001/06/26 17:27:25 · 4cc240da
      Ben Lindstrom authored
           [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h
            canohost.h channels.h cipher.h clientloop.h compat.h compress.h
            crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h
            hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h
            packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h
            session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h
            sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h
            tildexpand.h uidswap.h uuencode.h xmalloc.h]
           remove comments from .h, since they are cut&paste from the .c files
           and out of sync
      4cc240da
    • Ben Lindstrom's avatar
      - itojun@cvs.openbsd.org 2001/06/26 06:33:07 · b4c774cf
      Ben Lindstrom authored
           [servconf.h serverloop.h session.h sftp-client.h sftp-common.h
            sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h
            ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h]
           prototype pedant.  not very creative...
           - () -> (void)
           - no variable names
      b4c774cf
    • Ben Lindstrom's avatar
      - markus@cvs.openbsd.org 2001/06/25 08:25:41 · 44697233
      Ben Lindstrom authored
           [channels.c channels.h cipher.c clientloop.c compat.c compat.h
            hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
            session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
           update copyright for 2001
      44697233
  7. 29 Jan, 2001 1 commit
    • Ben Lindstrom's avatar
      - niklas@cvs.openbsd.org 2001/01/2001 · 36579d3d
      Ben Lindstrom authored
           [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
            groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
            key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
            radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
            ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
            sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
           $OpenBSD$
      36579d3d
  8. 22 Dec, 2000 1 commit
    • Ben Lindstrom's avatar
      One way to massive patch. <sigh> It compiles and works under Linux.. · 46c16220
      Ben Lindstrom authored
      And I think I have all the bits right from the OpenBSD tree.
      20001222
       - Updated RCSID for pty.c
       - (bal) OpenBSD CVS Updates:
        - markus@cvs.openbsd.org 2000/12/21 15:10:16
          [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
          print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
        - markus@cvs.openbsd.org 2000/12/20 19:26:56
          [authfile.c]
          allow ssh -i userkey for root
        - markus@cvs.openbsd.org 2000/12/20 19:37:21
          [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
          fix prototypes; from stevesk@pobox.com
        - markus@cvs.openbsd.org 2000/12/20 19:32:08
          [sshd.c]
          init pointer to NULL; report from Jan.Ivan@cern.ch
        - markus@cvs.openbsd.org 2000/12/19 23:17:54
          [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
           auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
           bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
           crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
           key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
           packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
           serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
           ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h  uuencode.c
           uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
          replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
          unsigned' with u_char.
      46c16220
  9. 16 Sep, 2000 1 commit
    • Damien Miller's avatar
      - (djm) Merge OpenBSD changes: · e4340be5
      Damien Miller authored
         - markus@cvs.openbsd.org  2000/09/05 02:59:57
           [session.c]
           print hostname (not hushlogin)
         - markus@cvs.openbsd.org  2000/09/05 13:18:48
           [authfile.c ssh-add.c]
           enable ssh-add -d for DSA keys
         - markus@cvs.openbsd.org  2000/09/05 13:20:49
           [sftp-server.c]
           cleanup
         - markus@cvs.openbsd.org  2000/09/06 03:46:41
           [authfile.h]
           prototype
         - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
           [ALL]
           cleanup copyright notices on all files.  I have attempted to be
           accurate with the details.  everything is now under Tatu's licence
           (which I copied from his readme), and/or the core-sdi bsd-ish thing
           for deattack, or various openbsd developers under a 2-term bsd
           licence.  We're not changing any rules, just being accurate.
         - markus@cvs.openbsd.org  2000/09/07 14:40:30
           [channels.c channels.h clientloop.c serverloop.c ssh.c]
           cleanup window and packet sizes for ssh2 flow control; ok niels
         - markus@cvs.openbsd.org  2000/09/07 14:53:00
           [scp.c]
           typo
         - markus@cvs.openbsd.org  2000/09/07 15:13:37
           [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
           [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
           [pty.c readconf.c]
           some more Copyright fixes
         - markus@cvs.openbsd.org  2000/09/08 03:02:51
           [README.openssh2]
           bye bye
         - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
           [LICENCE cipher.c]
           a few more comments about it being ARC4 not RC4
         - markus@cvs.openbsd.org  2000/09/12 14:53:11
           [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
           multiple debug levels
         - markus@cvs.openbsd.org  2000/09/14 14:25:15
           [clientloop.c]
           typo
         - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
           [ssh-agent.c]
           check return value for setenv(3) for failure, and deal appropriately
      e4340be5
  10. 07 May, 2000 1 commit
    • Damien Miller's avatar
      - Remove references to SSLeay. · e247cc40
      Damien Miller authored
       - Big OpenBSD CVS update
        - markus@cvs.openbsd.org
          [clientloop.c]
          - typo
          [session.c]
          - update proctitle on pty alloc/dealloc, e.g. w/ windows client
          [session.c]
          - update proctitle for proto 1, too
          [channels.h nchan.c serverloop.c session.c sshd.c]
          - use c-style comments
        - deraadt@cvs.openbsd.org
          [scp.c]
          - more atomicio
        - markus@cvs.openbsd.org
          [channels.c]
          - set O_NONBLOCK
          [ssh.1]
          - update AUTHOR
          [readconf.c ssh-keygen.c ssh.h]
          - default DSA key file ~/.ssh/id_dsa
          [clientloop.c]
          - typo, rm verbose debug
        - deraadt@cvs.openbsd.org
          [ssh-keygen.1]
          - document DSA use of ssh-keygen
          [sshd.8]
          - a start at describing what i understand of the DSA side
          [ssh-keygen.1]
          - document -X and -x
          [ssh-keygen.c]
          - simplify usage
        - markus@cvs.openbsd.org
          [sshd.8]
          - there is no rhosts_dsa
          [ssh-keygen.1]
          - document -y, update -X,-x
          [nchan.c]
          - fix close for non-open ssh1 channels
          [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
          - s/DsaKey/HostDSAKey/, document option
          [sshconnect2.c]
          - respect number_of_password_prompts
          [channels.c channels.h servconf.c servconf.h session.c sshd.8]
          - GatewayPorts for sshd, ok deraadt@
          [ssh-add.1 ssh-agent.1 ssh.1]
          - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
          [ssh.1]
          - more info on proto 2
          [sshd.8]
          - sync AUTHOR w/ ssh.1
          [key.c key.h sshconnect.c]
          - print key type when talking about host keys
          [packet.c]
          - clear padding in ssh2
          [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
          - replace broken uuencode w/ libc b64_ntop
          [auth2.c]
          - log failure before sending the reply
          [key.c radix.c uuencode.c]
          - remote trailing comments before calling __b64_pton
          [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
          [sshconnect2.c sshd.8]
          - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
       - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
      e247cc40
  11. 29 Apr, 2000 1 commit
    • Damien Miller's avatar
      - Merge big update to OpenSSH-2.0 from OpenBSD CVS · eba71bab
      Damien Miller authored
         [README.openssh2]
         - interop w/ F-secure windows client
         - sync documentation
         - ssh_host_dsa_key not ssh_dsa_key
         [auth-rsa.c]
         - missing fclose
         [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
         [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
         [sshd.c uuencode.c uuencode.h authfile.h]
         - add DSA pubkey auth and other SSH2 fixes.  use ssh-keygen -[xX]
           for trading keys with the real and the original SSH, directly from the
           people who invented the SSH protocol.
         [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
         [sshconnect1.c sshconnect2.c]
         - split auth/sshconnect in one file per protocol version
         [sshconnect2.c]
         - remove debug
         [uuencode.c]
         - add trailing =
         [version.h]
         - OpenSSH-2.0
         [ssh-keygen.1 ssh-keygen.c]
         - add -R flag: exit code indicates if RSA is alive
         [sshd.c]
         - remove unused
           silent if -Q is specified
         [ssh.h]
         - host key becomes /etc/ssh_host_dsa_key
         [readconf.c servconf.c ]
         - ssh/sshd default to proto 1 and 2
         [uuencode.c]
         - remove debug
         [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
         - xfree DSA blobs
         [auth2.c serverloop.c session.c]
         - cleanup logging for sshd/2, respect PasswordAuth no
         [sshconnect2.c]
         - less debug, respect .ssh/config
         [README.openssh2 channels.c channels.h]
         - clientloop.c session.c ssh.c
         - support for x11-fwding, client+server
      eba71bab