| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | spelling errors in comments; no code change |   djm | 2020-03-13 | 1 | -2/+2 |
| | | | | | from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html | ||||
| * | sshd: switch GSSAPI to sshbuf API; ok djm@ |   markus | 2018-07-09 | 1 | -3/+2 |
| | | |||||
| * | refactor authentication logging | djm | 2017-06-24 | 1 | -1/+10 |
| | | | | | | | | optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ | ||||
| * | add knob to relax GSSAPI host credential check for multihomed hosts | djm | 2015-05-22 | 1 | -15/+25 |
| | | | | | | bz#928, patch by Simon Wilkinson; ok dtucker (kerberos/GSSAPI is not compiled by default on OpenBSD) | ||||
| * | Reduce use of <sys/param.h> and transition to <limits.h> throughout. |   deraadt | 2015-01-20 | 1 | -2/+1 |
| | | | | | ok djm markus | ||||
| * | standardise on NI_MAXHOST for gethostname() string lengths; about | djm | 2014-07-03 | 1 | -3/+3 |
| | | | | | 1/2 the cases were using it already. Fixes bz#2239 en passant | ||||
| * | bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep | djm | 2014-02-26 | 1 | -1/+20 |
| | | | | | | sandboxing, as running this code in the sandbox can cause violations; ok markus@ | ||||
| * | convert memset of potentially-private data to explicit_bzero() | djm | 2014-02-02 | 1 | -2/+3 |
| | | |||||
| * | fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ | djm | 2013-07-20 | 1 | -2/+2 |
| | | |||||
| * | prevent post-auth resource exhaustion (int overflow leading to 4GB malloc); | markus | 2011-08-01 | 1 | -1/+3 |
| | | | | | report Adam Zabrock; ok djm@, deraadt@ | ||||
| * | Implement a channel success/failure status confirmation callback | djm | 2008-05-08 | 1 | -1/+2 |
| | | | | | | | | | | | | | | mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff) | ||||
| * | relocate server-only GSSAPI code from libssh to server; bz #1225 | djm | 2007-06-12 | 1 | -1/+49 |
| | | | | | patch from simon AT sxw.org.uk; ok markus@ dtucker@ | ||||
| * | almost entirely get rid of the culture of ".h files that include .h files" | deraadt | 2006-08-03 | 1 | -4/+6 |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | ||||
| * | move #include <string.h> out of includes.h |   stevesk | 2006-07-22 | 1 | -1/+3 |
| | | |||||
| * | no "servconf.h" needed here | stevesk | 2006-07-02 | 1 | -2/+1 |
| | | |||||
| * | replace {GET,PUT}_XXBIT macros with functionally similar functions, | djm | 2006-03-30 | 1 | -4/+4 |
| | | | | | | | silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and feedback from deraadt@ | ||||
| * | standardise spacing in $OpenBSD$ tags; requested by deraadt@ | djm | 2006-03-25 | 1 | -1/+1 |
| | | |||||
| * | last lot of GSSAPI related leaks detected by Coverity via | djm | 2006-03-20 | 1 | -1/+3 |
| | | | | | elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok | ||||
| * | small KNF | stevesk | 2006-02-08 | 1 | -3/+4 |
| | | |||||
| * | KNF; ok djm@ | stevesk | 2005-10-13 | 1 | -7/+6 |
| | | |||||
| * | unused declarations; ok deraadt@ | stevesk | 2005-10-13 | 1 | -3/+1 |
| | | |||||
| * | spelling in comments | stevesk | 2005-10-13 | 1 | -5/+5 |
| | | |||||
| * | remove unneeded #includes; ok markus@ | stevesk | 2005-10-13 | 1 | -3/+1 |
| | | |||||
| * | typo | djm | 2005-09-19 | 1 | -2/+2 |
| | | |||||
| * | destroy credentials if krb5_kuserok() call fails. Stops credentials being | djm | 2005-08-30 | 1 | -2/+13 |
| | | | | | | | | delegated to users who are not authorised for GSSAPIAuthentication when GSSAPIDeletegateCredentials=yes and another authentication mechanism succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@ | ||||
| * | knf says that a 2nd level indent is four (not three or five) spaces | djm | 2005-07-17 | 1 | -3/+3 |
| | | |||||
| * | make this -Wsign-compare clean; ok avsm@ markus@ | djm | 2005-06-17 | 1 | -2/+2 |
| | | |||||
| * | replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob. | markus | 2003-11-17 | 1 | -1/+11 |
| | | |||||
| * | replace fatal_cleanup() and linked list of fatal callbacks with static | markus | 2003-09-23 | 1 | -5/+3 |
| | | | | | | | cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@ | ||||
| * | whitspace KNF | markus | 2003-08-31 | 1 | -22/+22 |
| | | |||||
| * | correct string termination in parse_ename(); sxw@inf.ed.ac.uk | markus | 2003-08-31 | 1 | -3/+4 |
| | | |||||
| * | support GSS API user authentication; patches from Simon Wilkinson, | markus | 2003-08-22 | 1 | -0/+291 |
| stripped down and tested by Jakob and myself. | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |