summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshconnect1.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-141-31/+41
| | | | ok markus@
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-2/+2
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-8/+10
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-10/+13
|
* replace openssl MD5 with our ssh_digest_*; ok djm@markus2014-01-271-7/+9
|
* All the instances of arc4random_stir() are bogus, since arc4random()deraadt2013-09-021-4/+1
| | | | | | does this itself, inside itself, and has for a very long time.. Actually, this was probably reducing the entropy available. ok djm
* bye, bye xfree(); ok markus@djm2013-05-171-9/+9
|
* add missing checks for openssl return codes; with & ok djm@markus2006-11-061-8/+14
|
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-5/+9
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdio.h> out of includes.hstevesk2006-08-011-1/+2
|
* move #include <stdlib.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+3
|
* Prevent ssh from trying to open private keys with bad permissions more thandtucker2006-04-251-6/+7
| | | | | once or prompting for their passphrases (which it subsequently ignores anyway), similar to a previous change in ssh-add. bz #1186, ok djm@
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* RCSID() can diederaadt2006-03-191-1/+0
|
* no need to escape single quotes in comments, no binary changedjm2005-10-301-4/+4
|
* make this -Wsign-compare clean; ok avsm@ markus@djm2005-06-171-2/+2
|
* more s/illegal/invalid/markus2004-07-281-2/+2
|
* make ssh -Wshadow clean, no functional changesavsm2004-06-211-5/+5
| | | | markus@ ok
* kill some more tiny files; ok deraadt@djm2004-05-091-3/+3
|
* kill a tiny header; ok deraadt@djm2004-05-081-2/+2
|
* remove kerberos support from ssh1, since it has been replaced with GSSAPI;markus2003-08-281-221/+1
| | | | but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
* remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,markus2003-08-131-21/+1
| | | | fgsch@, miod@, henning@, jakob@ and others
* remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);markus2003-07-221-286/+1
| | | | test+ok henning@
* rename log() into logit() to avoid name conflict. markus ok, from netbsditojun2003-04-081-12/+12
|
* Use & to test if bits are set, not &&; markus@ ok.aaron2002-08-081-2/+2
|
* add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authenticationmarkus2002-05-231-5/+7
| | | | in protocol v2 (needs to access the hostkeys).
* spelling in error message; ok markus@stevesk2002-04-211-2/+2
|
* don't trust size sent by (rogue) server; noted by s.esser@e-matters.demarkus2002-03-141-1/+3
|
* include md5.h, not evp.hmarkus2002-02-111-2/+2
|
* packet_read* no longer return the packet length, since it's not used.markus2001-12-281-33/+28
|
* packet_get_bignum* no longer returns a sizemarkus2001-12-281-16/+12
|
* s/packet_done/packet_check_eom/ (end-of-message); ok djm@markus2001-12-281-8/+8
|
* get rid of packet_integrity_check, use packet_done() instead.markus2001-12-271-14/+8
|
* call fatal() for openssl allocation failuresmarkus2001-12-271-45/+40
|
* basic KNF done while i was looking for something elsederaadt2001-12-191-100/+100
|
* unify hostkey check error messages, simplify prompt.markus2001-10-061-2/+2
|
* typos; from solarmarkus2001-09-271-4/+4
|
* statement after label; ok dugsong@stevesk2001-07-051-1/+3
|
* add smartcard support to the client, too (now you can use bothmarkus2001-06-261-18/+17
| | | | the agent and the client).
* Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ okdugsong2001-06-261-108/+340
|
* consistent with ssh2: skip key if empty passphrase is entered,markus2001-06-231-37/+36
| | | | retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
* more strict prototypes. raise warning level in Makefile.inc. markus ok'editojun2001-06-231-10/+10
| | | | TODO; cleanup headers
* get rid of known_hosts2, use it for hostkey lookup, but do not modify.markus2001-06-231-3/+3
|
* use xxx_put_cstring()markus2001-06-071-6/+6
|
* improved kbd-interactive support. work by per@appgate.com and memarkus2001-05-181-4/+4
|
* check for key!=NULL, thanks to costamarkus2001-04-171-2/+2
|
* implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)markus2001-04-121-10/+10
| | | | | similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
* simpler key load/save interface, see authfile.hmarkus2001-03-261-15/+15
|
* implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->markus2001-03-081-2/+3
| | | | | no need to do enter passphrase or do expensive sign operations if the server does not accept key).
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.