summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/monitor.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Keep track of number of bytes read and written. Needed for upcomingandreas2009-05-281-1/+13
| | | | | changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@
* Put the globals in packet.c into a struct and don't access it directlyandreas2009-05-251-6/+6
| | | | | from other files. No functional changes. ok markus@ djm@
* some paranoia: check that the serialised key is really KEY_RSA beforedjm2009-02-121-2/+4
| | | | diddling its internals
* Add support for an experimental zero-knowledge password authenticationdjm2008-11-041-1/+226
| | | | | | | | | | | | | | | | method using the J-PAKE protocol described in F. Hao, P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols, Cambridge, April 2008. This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint. This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc). "just commit it. It isn't too intrusive." deraadt@
* sync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@markus2008-07-101-4/+6
|
* Make debug a little clearer. ok djm@dtucker2008-07-041-2/+2
|
* Clear key options in the monitor on failed authentication, preventsdtucker2008-06-131-1/+5
| | | | | | applying additional restrictions to non-pubkey authentications in the case where pubkey fails but another method subsequently succeeds. bz #1472, found by Colin Watson, ok markus@ djm@
* Make the maximum number of sessions run-time controllable viadjm2008-05-081-2/+2
| | | | | | | | | | | | | | | | | a sshd_config MaxSessions knob. This is useful for disabling login/shell/subsystem access while leaving port-forwarding working (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or simply increasing the number of allows multiplexed sessions. Because some bozos are sure to configure MaxSessions in excess of the number of available file descriptors in sshd (which, at peak, might be as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds on error paths, and make it fail gracefully on out-of-fd conditions - sending channel errors instead of than exiting with fatal(). bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com ok markus@
* Implement a channel success/failure status confirmation callbackdjm2008-05-081-1/+2
| | | | | | | | | | | | | mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff)
* Send config block back to slave for invalid users too so optionsdtucker2007-10-291-3/+3
| | | | | set by a Match block (eg Banner) behave the same for non-existent users. Found by and ok djm@
* unifdef -DBSD_AUTHdjm2007-09-211-65/+1
| | | | | | | unifdef -USKEY These options have been in use for some years; ok markus@ "no objection" millert@
* make file descriptor passing code return an error rather than call fatal()djm2007-09-041-3/+4
| | | | | when it encounters problems, and use this to make session multiplexing masters survive slaves failing to pass all stdio FDs; ok markus@
* pass received SIGINT from monitor to postauth child so it can cleandjm2007-05-171-1/+2
| | | | | up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com; ok markus@
* Teach Match how handle config directives that are used before authentication.dtucker2007-02-191-1/+4
| | | | | | This allows configurations such as permitting password authentication from the local net only while requiring pubkey from offsite. ok djm@, man page bits ok jmc@
* correctly check for bad signatures in the monitor, otherwise the monitor andmarkus2006-11-071-4/+4
| | | | the unpriv process can get out of sync. with dtucker@, ok djm@, dtucker@
* Revert previous include file ordering change, for ssh to compile under gcc2miod2006-08-121-2/+2
| | | | | (or until openssl include files are cleaned of parameter names in function prototypes)
* "zlib.h" can be <zlib.h>; ok djm@ markus@stevesk2006-08-061-2/+2
|
* spacesstevesk2006-08-041-3/+3
|
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-7/+10
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdlib.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <sys/param.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+2
|
* move #include <errno.h> out of includes.h; ok markus@stevesk2006-07-111-1/+2
|
* move #include <fcntl.h> out of includes.hstevesk2006-07-091-1/+2
|
* missed these from last commit:stevesk2006-07-081-1/+2
| | | | move #include <sys/socket.h> out of includes.h
* move #include <pwd.h> out of includes.h; ok markus@stevesk2006-07-061-3/+4
|
* Prevent duplicate log messages when privsep=yes; ok djm@dtucker2006-03-301-4/+14
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* introduce xcalloc() and xasprintf() failure-checked allocations functionsdjm2006-03-251-4/+2
| | | | | | | | | | and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
* spacingderaadt2006-03-201-1/+1
|
* annoying spacing fixes getting in the way of real diffsderaadt2006-03-201-1/+1
|
* memory leaks detected by Coverity via elad AT netbsd.org;djm2006-03-201-0/+4
| | | | | | deraadt@ ok that should be all of them now
* spacingderaadt2006-03-191-1/+1
|
* RCSID() can diederaadt2006-03-191-1/+0
|
* Implement the diffie-hellman-group-exchange-sha256 key exchange methoddjm2006-03-071-2/+7
| | | | | using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY
* move #include <signal.h> out of includes.h; ok markus@stevesk2006-02-201-1/+2
|
* move #include <sys/wait.h> out of includes.h; ok markus@stevesk2006-02-101-1/+4
|
* small KNFstevesk2006-02-081-3/+3
|
* move #include <paths.h> out of includes.h; ok markus@stevesk2006-02-081-2/+4
|
* KNF; ok djm@stevesk2005-10-131-5/+5
|
* spacingderaadt2005-03-101-2/+2
|
* Make code match intent; ok djm@dtucker2005-01-301-2/+2
|
* Move "Last logged in at.." message generation to the monitor, rightdtucker2004-07-171-5/+11
| | | | | | before recording the new login. Fixes missing lastlog message when /var/log/lastlog is not world-readable and incorrect datestamp when multiple sessions are used (bz #463); much assistance & ok markus@
* Change login->username, will prevent -Wshadow errors in Portable; ok markus@dtucker2004-06-221-7/+7
|
* make ssh -Wshadow clean, no functional changesavsm2004-06-211-55/+55
| | | | markus@ ok
* implement diffie-hellman-group14-sha1 kex method (trivial extension todjm2004-06-131-1/+2
| | | | existing diffie-hellman-group1-sha1); ok markus@
* improve some code lint did not like; djm millert okderaadt2004-05-111-2/+2
|
* kill some more tiny files; ok deraadt@djm2004-05-091-2/+1
|
* Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@dtucker2004-02-051-1/+2
|
* unexpand and delete whitespace at EOL; ok markus@djm2003-11-211-8/+8
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.