summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/auth-rsa.c
AgeCommit message (Expand)Author
2011-05-23allow AuthorizedKeysFile to specify multiple files, separated by spaces.Damien Miller
2010-12-03move check for revoked keys to run earlier (in auth_rsa_key_allowed)Damien Miller
2010-07-13s/timing_safe_cmp/timingsafe_bcmp/gDamien Miller
2010-07-13implement a timing_safe_cmp() function to compare memory without leakingDamien Miller
2010-05-11don't accept certificates marked as "cert-authority" here; ok markus@Damien Miller
2010-04-16revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with theDamien Miller
2010-03-04Add a TrustedUserCAKeys option to sshd_config to specify CA keys thatDamien Miller
2008-07-02Merge duplicate host key file checks, based in part on a patch from RobDarren Tucker
2006-11-06add missing checks for openssl return codes; with & ok djm@Markus Friedl
2006-08-03almost entirely get rid of the culture of ".h files that include .h files"Theo de Raadt
2006-08-01move #include <stdio.h> out of includes.hKevin Steves
2006-07-22move #include <string.h> out of includes.hKevin Steves
2006-07-06move #include <pwd.h> out of includes.h; ok markus@Kevin Steves
2006-03-25needed casts (always will be needed)Theo de Raadt
2006-03-25Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatDamien Miller
2006-03-19RCSID() can dieTheo de Raadt
2006-02-20move #include <sys/stat.h> out of includes.h; ok markus@Kevin Steves
2005-06-17make this -Wsign-compare clean; ok avsm@ markus@Damien Miller
2004-12-11Fix debug call in error path of authorized_keys processing and fix relatedDarren Tucker
2004-12-06Discard over-length authorized_keys entries rather than complaining whenDarren Tucker
2004-06-21make ssh -Wshadow clean, no functional changesAnil Madhavapeddy
2004-05-09kill some more tiny files; ok deraadt@Damien Miller
2003-11-04standardise arguments to auth methods - they should all take authctxt.Damien Miller
2003-04-08rename log() into logit() to avoid name conflict. markus ok, from netbsdJun-ichiro itojun Hagino
2002-06-10display minimum RSA modulus in error(); ok markus@Kevin Steves
2002-03-29make RSA modulus minimum #define; ok markus@Kevin Steves
2002-03-26disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)Markus Friedl
2002-03-25return 0 (not NULL); tomh@po.crl.go.jpMarkus Friedl
2002-03-18integrate privilege separated openssh; its turned off by default for now.Niels Provos
2002-03-14split auth_rsa() for better readability and privsep; ok provos@Markus Friedl
2001-12-28packet_read* no longer return the packet length, since it's not used.Markus Friedl
2001-12-28s/packet_done/packet_check_eom/ (end-of-message); ok djm@Markus Friedl
2001-12-27get rid of packet_integrity_check, use packet_done() instead.Markus Friedl
2001-12-27call fatal() for openssl allocation failuresMarkus Friedl
2001-12-18log fingerprint on successful public key authentication, simplify usage of ke...Jakob Schlyter
2001-11-29fix protocol error: send 'failed' message instead of a 2nd challengeMarkus Friedl
2001-07-23use %lu; ok markus@Kevin Steves
2001-06-25terminate secure_filename checking after checking homedir. that way itNiels Provos
2001-06-22merge authorized_keys2 into authorized_keys.Markus Friedl
2001-05-20configurable authorized_keys{,2} location; originally from peter@; ok djm@Markus Friedl
2001-04-06do gid/groups-swap in addition to uid-swap, should help if /home/groupMarkus Friedl
2001-03-01KNFTheo de Raadt
2001-01-21split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.Markus Friedl
2001-01-20typoMarkus Friedl
2001-01-20pass the filename to auth_parse_options()Markus Friedl
2001-01-19move ssh1 definitions to ssh1.h, pathnames to pathnames.hMarkus Friedl
2000-12-19replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'Markus Friedl
2000-11-14parse options only if key matches; fixes some confusing messages seen by the ...Markus Friedl
2000-10-14do not send RSA challenge if key is not allowed by key-options; from eivind@T...Markus Friedl
2000-10-11clear auth options unless auth sucessfullMarkus Friedl