| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add support for Unix domain socket forwarding. A remote TCP port |   millert | 2014-07-15 | 1 | -1/+2 |
| | | | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@ | ||||
| * | New key API: refactor key-related functions to be more library-like, |   djm | 2014-06-24 | 1 | -1/+3 |
| | | | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. | ||||
| * | skip the initial check for access with an empty password when | djm | 2010-06-25 | 1 | -2/+2 |
| | | | | | PermitEmptyPasswords=no; | ||||
| * | Make protocol 2 MaxAuthTries behaviour a little more sensible: | djm | 2008-07-02 | 1 | -65/+1 |
| | | | | | | | | | | | | | | | | | | | | Check whether client has exceeded MaxAuthTries before running an authentication method and skip it if they have, previously it would always allow one try (for "none" auth). Preincrement failure count before post-auth test - previously this checked and postincremented, also to allow one "none" try. Together, these two changes always count the "none" auth method which could be skipped by a malicious client (e.g. an SSH worm) to get an extra attempt at a real auth method. They also make MaxAuthTries=0 a useful way to block users entirely (esp. in a sshd_config Match block). Also, move sending of any preauth banner from "none" auth method to the first call to input_userauth_request(), so worms that skip the "none" method get to see it too. | ||||
| * | Support "Banner=none" to disable displaying of the pre-login banner; | djm | 2007-08-23 | 1 | -2/+5 |
| | | | | | ok dtucker@ deraadt@ | ||||
| * | Add headers required to build with KERBEROS5=no. ok djm@ |   dtucker | 2006-08-05 | 1 | -1/+3 |
| | | |||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -4/+8 |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | ||||
| * | move #include <fcntl.h> out of includes.h |   stevesk | 2006-07-09 | 1 | -1/+3 |
| | | |||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | ||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 |
| | | |||||
| * | move #include <sys/stat.h> out of includes.h; ok markus@ | stevesk | 2006-02-20 | 1 | -1/+4 |
| | | |||||
| * | improve some code lint did not like; djm millert ok | deraadt | 2004-05-11 | 1 | -3/+8 |
| | | |||||
| * | fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar |   markus | 2003-08-26 | 1 | -2/+2 |
| | | |||||
| * | check whether passwd auth is allowd, similar to proto 1; rob@pitman.co.za | markus | 2003-07-31 | 1 | -2/+4 |
| | | | | | ok henning | ||||
| * | use xfree() | deraadt | 2002-06-27 | 1 | -2/+2 |
| | | |||||
| * | KNF done automatically while reading.... | deraadt | 2002-06-19 | 1 | -3/+2 |
| | | |||||
| * | move Authmethod definitons to per-method file. | markus | 2002-05-31 | 1 | -7/+12 |
| | | |||||
| * | split auth2.c into one file per method; ok provos@/deraadt@ | markus | 2002-05-25 | 1 | -0/+102 |
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |