summaryrefslogtreecommitdiffstats
path: root/ssh-keysign.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* - dtucker@cvs.openbsd.org 2006/04/02 08:34:52Damien Miller2006-04-231-3/+3
| | | | | [ssh-keysign.c] sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
* - djm@cvs.openbsd.org 2006/03/25 13:17:03Damien Miller2006-03-261-0/+1
| | | | | | | | | | | | | | | | | | | | | [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
* - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller2006-03-251-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
* - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]Damien Miller2006-03-151-0/+2
| | | | | | | | [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris
* - stevesk@cvs.openbsd.org 2006/02/08 12:15:27Damien Miller2006-03-151-1/+3
| | | | | | | [auth.c clientloop.c includes.h misc.c monitor.c readpass.c] [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c] [sshd.c sshpty.c] move #include <paths.h> out of includes.h; ok markus@
* - djm@cvs.openbsd.org 2005/09/13 23:40:07Darren Tucker2005-10-031-1/+8
| | | | | | [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c] ensure that stdio fds are attached; ok deraadt@
* - dtucker@cvs.openbsd.org 2004/08/23 14:29:23Darren Tucker2004-08-291-3/+3
| | | | | [ssh-keysign.c] Remove duplicate getuid(), suggested by & ok markus@
* - dtucker@cvs.openbsd.org 2004/08/23 14:26:38Darren Tucker2004-08-291-1/+1
| | | | | | [ssh-keysign.c ssh.c] Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches change in Portable; ok markus@ (CVS ID sync only)
* - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() sinceDarren Tucker2004-08-151-6/+6
| | | | it does the right thing on all platforms. ok djm@
* - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.cDarren Tucker2004-07-171-4/+0
| | | | | | ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces diff vs OpenBSD; ok mouring@, tested by tim@ too.
* - djm@cvs.openbsd.org 2004/04/18 23:10:26Damien Miller2004-04-201-2/+2
| | | | | | | [readconf.c readconf.h ssh-keysign.c ssh.c] perform strict ownership and modes checks for ~/.ssh/config files, as these can be used to execute arbitrary programs; ok markus@ NB. ssh will now exit when it detects a config with poor permissions
* - markus@cvs.openbsd.org 2004/01/19 21:25:15Damien Miller2004-01-211-1/+2
| | | | | [auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c] fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
* - djm@cvs.openbsd.org 2003/11/17 09:45:39Damien Miller2003-11-171-2/+3
| | | | | [msg.c msg.h sshconnect2.c ssh-keysign.c] return error on msg send/receive failure (rather than fatal); ok markus@
* - djm@cvs.openbsd.org 2003/07/03 08:09:06Darren Tucker2003-07-031-2/+1
| | | | | | [readconf.c readconf.h ssh-keysign.c ssh.c] fix AddressFamily option in config file, from brent@graveland.net; ok markus@
* - djm@cvs.openbsd.org 2003/05/16 03:27:12Damien Miller2003-05-181-2/+4
| | | | | | [readconf.c ssh_config ssh_config.5 ssh-keysign.c] add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@
* - markus@cvs.openbsd.org 2003/04/02 14:36:26Damien Miller2003-04-091-2/+2
| | | | | [ssh-keysign.c] potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
* - (djm) OpenBSD CVS SyncDamien Miller2003-03-151-8/+1
| | | | | | - markus@cvs.openbsd.org 2003/03/13 11:42:19 [authfile.c ssh-keysign.c] move RSA_blinding_on to generic key load method
* - (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs sinceBen Lindstrom2002-12-231-1/+1
| | | | we already did s/msg_send/ssh_msg_send/
* - markus@cvs.openbsd.org 2002/11/07 22:08:07Ben Lindstrom2002-11-091-3/+3
| | | | | | | | | [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
* - (djm) Bug #406: s/msg_send/ssh_msg_send/ for Mac OS X 1.2Damien Miller2002-10-041-3/+3
|
* - markus@cvs.openbsd.org 2002/07/03 14:21:05Ben Lindstrom2002-07-041-1/+15
| | | | | | | | [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
* - markus@cvs.openbsd.org 2002/07/03 09:55:38Ben Lindstrom2002-07-041-1/+14
| | | | | | | [ssh-keysign.c] use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) in order to avoid a possible Kocher timing attack pointed out by Charles Hannum; ok provos@
* - markus@cvs.openbsd.org 2002/06/26 22:27:32Ben Lindstrom2002-06-271-2/+2
| | | | | [ssh-keysign.c] bug #304, xfree(data) called to early; openssh@sigint.cs.purdue.edu
* - deraadt@cvs.openbsd.org 2002/06/19 00:27:55Ben Lindstrom2002-06-211-8/+8
| | | | | | | | | [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....
* - markus@cvs.openbsd.org 2002/06/08 05:07:09Ben Lindstrom2002-06-091-3/+7
| | | | | [ssh-keysign.c] only accept 20 byte session ids
* unexpandBen Lindstrom2002-06-091-3/+3
|
* - (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.auBen Lindstrom2002-06-071-0/+6
|
* - (bal) ssh-keysign should build and install correctly now. Phase twoBen Lindstrom2002-06-071-0/+4
| | | | would be to clean out any dead wood and disable ssh setuid on install.
* - markus@cvs.openbsd.org 2002/05/23 19:24:30Ben Lindstrom2002-06-061-0/+204
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in] add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication in protocol v2 (needs to access the hostkeys). Note: Makefile.in untested. Will test after merge is finished.