| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)
|
|
|
|
|
|
|
|
|
|
the information is contained in n and e. This solves the problem with buggy
servers announcing the wrong modulus length. markus and me.
|
|
a few more checks and warnings about 'pretended' keysizes.
|
|
|
|
the main idea is to not only store the host key for the hostname but
also for the according IP address. When we check the host key in the
known_hosts file, we also check the key against the according IP address.
When the server key changes, host_status = HOST_CHANGED. If
check_host_in_hostfile() returns differing status for the IP address
that means that either DNS was spoofed or that the IP address
for the host and the host key changed at the same time.
|
|
convert all used of rsa to SSL rsa functions
remove all use of randomstate to OpenBSD arc4random() and arc4_stir()
all this done at a long long night in Canada.
|
|
well, except for the patent issues. someone in sweden (forget their
name at the moment) cleaned out most of the patented code, and now
this code removes rsa code. when this is done, it will link against
libssl, but the work isn't completely done yet. then we need to bring
this up to modern days, featurewise.
|
