#
d57915d6 |
| 06-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <pwd.h> out of includes.h; ok markus@
|
#
374bfa89 |
| 02-Apr-2006 |
dtucker <dtucker@openbsd.org> |
sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
|
#
7ef31a41 |
| 25-Mar-2006 |
djm <djm@openbsd.org> |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
4bfeb04e |
| 19-Mar-2006 |
deraadt <deraadt@openbsd.org> |
RCSID() can die
|
#
a0b0b69d |
| 08-Feb-2006 |
stevesk <stevesk@openbsd.org> |
move #include <paths.h> out of includes.h; ok markus@
|
#
399d21a6 |
| 13-Sep-2005 |
djm <djm@openbsd.org> |
ensure that stdio fds are attached; ok deraadt@
|
#
761e1af9 |
| 23-Aug-2004 |
dtucker <dtucker@openbsd.org> |
Remove duplicate getuid(), suggested by & ok markus@
|
#
e059ceb3 |
| 23-Aug-2004 |
dtucker <dtucker@openbsd.org> |
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches change in Portable; ok markus@
|
#
8de77409 |
| 18-Apr-2004 |
djm <djm@openbsd.org> |
perform strict ownership and modes checks for ~/.ssh/config files, as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
|
#
3205e54a |
| 19-Jan-2004 |
markus <markus@openbsd.org> |
fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
|
#
3c7791bd |
| 17-Nov-2003 |
djm <djm@openbsd.org> |
return error on msg send/receive failure (rather than fatal); ok markus@
|
#
aea7b5d8 |
| 03-Jul-2003 |
djm <djm@openbsd.org> |
fix AddressFamily option in config file, from brent@graveland.net; ok markus@
|
#
93c38a72 |
| 16-May-2003 |
djm <djm@openbsd.org> |
add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@
|
#
9f88b722 |
| 02-Apr-2003 |
markus <markus@openbsd.org> |
potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
|
#
4f51379f |
| 13-Mar-2003 |
markus <markus@openbsd.org> |
move RSA_blinding_on to generic key load method
|
#
cc11bcf2 |
| 19-Dec-2002 |
djm <djm@openbsd.org> |
s/msg_send/ssh_msg_send/ to avoid namespace clashes in portable; ok markus@
|
#
87c2e2c1 |
| 07-Nov-2002 |
markus <markus@openbsd.org> |
we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and n
we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
show more ...
|
#
d851c2be |
| 03-Jul-2002 |
markus <markus@openbsd.org> |
re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itoj
re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
show more ...
|
#
1666c37d |
| 03-Jul-2002 |
markus <markus@openbsd.org> |
use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) in order to avoid a possible Kocher timing attack pointed out by Charles Hannum; ok provos@
|
#
cf478148 |
| 26-Jun-2002 |
markus <markus@openbsd.org> |
bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu
|
#
4d92f097 |
| 19-Jun-2002 |
deraadt <deraadt@openbsd.org> |
KNF done automatically while reading....
|
#
e6471dca |
| 08-Jun-2002 |
markus <markus@openbsd.org> |
only accept 20 byte session ids
|
#
6e8cec49 |
| 31-May-2002 |
markus <markus@openbsd.org> |
extent ssh-keysign protocol: pass # of socket-fd to ssh-keysign, keysign verfies locally used ip-address using this socket-fd, restricts fake local hostnames to actual local hostnames; ok stevesk@
|
#
44c8244e |
| 23-May-2002 |
markus <markus@openbsd.org> |
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys).
|