| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Implement the diffie-hellman-group-exchange-sha256 key exchange method |   djm | 2006-03-07 | 1 | -1/+2 | |
| | | | | | | using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY | |||||
| * | move #include <sys/stat.h> out of includes.h; ok markus@ |   stevesk | 2006-02-20 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/wait.h> out of includes.h; ok markus@ | stevesk | 2006-02-10 | 1 | -1/+3 | |
| | | ||||||
| * | move #include <sys/queue.h> out of includes.h; ok markus@ | stevesk | 2006-02-07 | 1 | -1/+3 | |
| | | ||||||
| * | no trailing "\n" for log functions; ok djm@ | stevesk | 2005-10-14 | 1 | -2/+2 | |
| | | ||||||
| * | destroy credentials if krb5_kuserok() call fails. Stops credentials being | djm | 2005-08-30 | 1 | -2/+3 | |
| | | | | | | | | delegated to users who are not authorised for GSSAPIAuthentication when GSSAPIDeletegateCredentials=yes and another authentication mechanism succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@ | |||||
| * | add a new compression method that delays compression until the user |   markus | 2005-07-25 | 1 | -3/+3 | |
| | | | | | | | | | | has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@ | |||||
| * | knf says that a 2nd level indent is four (not three or five) spaces | djm | 2005-07-17 | 1 | -3/+3 | |
| | | ||||||
| * | make this -Wsign-compare clean; ok avsm@ markus@ | djm | 2005-06-17 | 1 | -3/+4 | |
| | | ||||||
| * | implement diffie-hellman-group14-sha1 kex method (trivial extension to | djm | 2004-06-13 | 1 | -1/+2 | |
| | | | | | existing diffie-hellman-group1-sha1); ok markus@ | |||||
| * | kill a tiny header; ok deraadt@ | djm | 2004-05-08 | 1 | -2/+2 | |
| | | ||||||
| * | swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what FreeBSD |   henning | 2004-04-08 | 1 | -2/+2 | |
| | | | | | | and NetBSD do. ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@ | |||||
| * | add IdentitiesOnly; ok djm@, pb@ | markus | 2004-03-05 | 1 | -2/+2 | |
| | | ||||||
| * | fix mem leaks; some fixes from Pete Flugstad; tested dtucker@ | markus | 2004-01-19 | 1 | -4/+4 | |
| | | ||||||
| * | unexpand and delete whitespace at EOL; ok markus@ | djm | 2003-11-21 | 1 | -12/+12 | |
| | | ||||||
| * | replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob. | markus | 2003-11-17 | 1 | -7/+29 | |
| | | ||||||
| * | return error on msg send/receive failure (rather than fatal); ok markus@ | djm | 2003-11-17 | 1 | -2/+3 | |
| | | ||||||
| * | cleanup and minor fixes for the client code; from Simon Wilkinson | markus | 2003-11-14 | 1 | -44/+36 | |
| | | ||||||
| * | remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk | markus | 2003-11-02 | 1 | -24/+16 | |
| | | ||||||
| * | rename 'supported' static var in userauth_gssapi() to 'gss_supported' |   avsm | 2003-10-26 | 1 | -13/+13 | |
| | | | | | to avoid shadowing the global version. markus@ ok | |||||
| * | search keys in reverse order; fixes #684 | markus | 2003-10-11 | 1 | -2/+8 | |
| | | ||||||
| * | set ptr to NULL after free |   deraadt | 2003-10-07 | 1 | -4/+9 | |
| | | ||||||
| * | Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & #707. |   dtucker | 2003-10-07 | 1 | -2/+3 | |
| | | | | | ok markus@ | |||||
| * | fprintf->logit to silence login banner with "ssh -q"; ok markus@ | djm | 2003-08-25 | 1 | -2/+2 | |
| | | ||||||
| * | 64 bit cleanups; markus ok | deraadt | 2003-08-24 | 1 | -2/+4 | |
| | | ||||||
| * | remove support for "kerberos-2@ssh.com" | markus | 2003-08-22 | 1 | -99/+1 | |
| | | ||||||
| * | support GSS API user authentication; patches from Simon Wilkinson, | markus | 2003-08-22 | 1 | -1/+251 | |
| | | | | | stripped down and tested by Jakob and myself. | |||||
| * | int -> u_int; ok djm@, deraadt@, mouring@ | markus | 2003-06-24 | 1 | -3/+3 | |
| | | ||||||
| * | cleanup unregister of per-method packet handlers; ok djm@ | markus | 2003-05-15 | 1 | -15/+10 | |
| | | ||||||
| * | implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@ | markus | 2003-05-14 | 1 | -1/+100 | |
| | | | | | server interops with commercial client; ok jakob@ djm@ | |||||
| * | for pubkey authentication try the user keys in the following order: | markus | 2003-05-12 | 1 | -146/+190 | |
| | | | | | | | | | 1. agent keys that are found in the config file 2. other agent keys 3. keys that are only listed in the config file this helps when an agent has many keys, where the server might close the connection before the correct key is used. report & ok pb@ | |||||
| * | rename log() into logit() to avoid name conflict. markus ok, from netbsd |   itojun | 2003-04-08 | 1 | -7/+7 | |
| | | ||||||
| * | reapply rekeying chage, tested by henning@, ok djm@ | markus | 2003-04-02 | 1 | -1/+4 | |
| | | ||||||
| * | backout rekeying changes (for 3.6.1) | markus | 2003-04-01 | 1 | -4/+1 | |
| | | ||||||
| * | rekeying bugfixes and automatic rekeying: | markus | 2003-04-01 | 1 | -1/+4 | |
| | | | | | | | | | | | | | * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying | |||||
| * | fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@ | markus | 2003-03-05 | 1 | -1/+2 | |
| | | ||||||
| * | split kex into client and server code, no need to link | markus | 2003-02-16 | 1 | -1/+3 | |
| | | | | | server code into the client; ok provos@ | |||||
| * | s/msg_send/ssh_msg_send/ to avoid namespace clashes in portable; ok markus@ | djm | 2002-12-19 | 1 | -3/+3 | |
| | | ||||||
| * | cleanup debug messages, more useful information for the client user. | markus | 2002-12-13 | 1 | -13/+12 | |
| | | ||||||
| * | debug->debug2, unify debug messages | markus | 2002-11-21 | 1 | -8/+6 | |
| | | ||||||
| * | for compression=yes, we fallback to no-compression if the server does | markus | 2002-07-01 | 1 | -3/+3 | |
| | | | | | not support compression, vice versa for compression=no. ok mouring@ | |||||
| * | minor KNF | deraadt | 2002-06-30 | 1 | -2/+2 | |
| | | ||||||
| * | various KNF and %d for unsigned | deraadt | 2002-06-23 | 1 | -5/+8 | |
| | | ||||||
| * | KNF done automatically while reading.... | deraadt | 2002-06-19 | 1 | -8/+8 | |
| | | ||||||
| * | extent ssh-keysign protocol: | markus | 2002-05-31 | 1 | -5/+8 | |
| | | | | | | | pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@ | |||||
| * | execlp->execl; from stevesk | markus | 2002-05-25 | 1 | -2/+2 | |
| | | ||||||
| * | stat ssh-keysign first, print error if stat fails; | markus | 2002-05-24 | 1 | -14/+15 | |
| | | | | | some debug->error; fix comment | |||||
| * | add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication | markus | 2002-05-23 | 1 | -10/+85 | |
| | | | | | in protocol v2 (needs to access the hostkeys). | |||||
| * | client side support for PASSWD_CHANGEREQ | markus | 2002-03-26 | 1 | -2/+75 | |
| | | | | | based on work by johan.andersson@appgate.com; ok provos@ | |||||
| * | KNF whitespace | markus | 2002-03-19 | 1 | -2/+2 | |
| | | ||||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |