summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/monitor.c
AgeCommit message (Collapse)Author
2003-11-21unexpand and delete whitespace at EOL; ok markus@Damien Miller
2003-11-18unbreak fake authloop for non-existent users (my screwup). Spotted andDamien Miller
tested by dtucker@; ok markus@
2003-11-17replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob.Markus Friedl
2003-11-04standardise arguments to auth methods - they should all take authctxt.Damien Miller
check authctxt->valid rather then pw != NULL; ok markus@
2003-09-23replace fatal_cleanup() and linked list of fatal callbacks with staticMarkus Friedl
cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
2003-08-28remove kerberos support from ssh1, since it has been replaced with GSSAPI;Markus Friedl
but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
2003-08-26fix passwd auth for 'username leaks via timing'; with djm@, original patches ↵Markus Friedl
from solar
2003-08-2464 bit cleanups; markus okTheo de Raadt
2003-08-22support GSS API user authentication; patches from Simon Wilkinson,Markus Friedl
stripped down and tested by Jakob and myself.
2003-07-22remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);Markus Friedl
test+ok henning@
2003-06-24int -> u_int; ok djm@, deraadt@, mouring@Markus Friedl
2003-06-12typos; dtucker at zip.com.auMarkus Friedl
2003-06-02deprecate VerifyReverseMapping since it's dangerous if combinedMarkus Friedl
with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
2003-05-24cast some types for printing; ok markus@Damien Miller
2003-05-14http://bugzilla.mindrot.org/show_bug.cgi?id=560Markus Friedl
Privsep child continues to run after monitor killed. Pass monitor signals through to child; Darren Tucker
2003-05-14implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@Markus Friedl
server interops with commercial client; ok jakob@ djm@
2003-04-08rename log() into logit() to avoid name conflict. markus ok, from netbsdJun-ichiro itojun Hagino
2003-04-02reapply rekeying chage, tested by henning@, ok djm@Markus Friedl
2003-04-01backout rekeying changes (for 3.6.1)Markus Friedl
2003-04-01rekeying bugfixes and automatic rekeying:Markus Friedl
* both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying
2003-03-23unbreak rekeying for privsep; ok millert@Markus Friedl
2003-03-05fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@Markus Friedl
2003-02-16fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@Markus Friedl
2003-02-04skey/bsdauth: use 0 to indicate failure instead of -1, becauseMarkus Friedl
the buffer API only supports unsigned ints.
2002-11-05handle overflows for size_t larger than u_int; siw@goneko.de, bug #425Markus Friedl
2002-09-26krb4 + privsep; ok dugsong@, deraadt@Markus Friedl
2002-09-24only call kerberos code for authctxt->validMarkus Friedl
2002-09-23only call auth_krb5 if kerberos is enabled; ok deraadt@Markus Friedl
2002-09-09signed vs unsigned from -pedantic; ok henning@Markus Friedl
2002-09-09kerberos support for privsep. confirmed to work by lha@stacken.kth.seJun-ichiro itojun Hagino
patch from markus
2002-08-29pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org>Kevin Steves
NOTE: there are also p-specific parts to this patch. ok markus@
2002-08-02Change mm_zalloc() sanity checks to be more in line with whatTodd C. Miller
we do in calloc() and add a check to monitor_mm.c. OK provos@ and markus@
2002-07-22u_int here; ok provos@Kevin Steves
2002-06-27use xfree()Theo de Raadt
2002-06-27improve mm_zalloc check; markus okTheo de Raadt
2002-06-26correct %uTheo de Raadt
2002-06-26be careful in mm_zallocTheo de Raadt
2002-06-22save auth method before monitor_reset_key_state(); bugzilla bug #284;Kevin Steves
ok provos@
2002-06-21Don't initialise compression buffers when compression=no in sshd_config;Damien Miller
ok Niels@
2002-06-19make the monitor sync the transfer ssh1 session key;Markus Friedl
transfer keycontext only for RC4 (this is still depends on EVP implementation details and is broken).
2002-06-04__FUNCTION__ -> __func__Markus Friedl
2002-06-04save the session id (hash) for ssh2 (it will be passed with the initial sign ↵Markus Friedl
request) and verify that this value is used during authentication; ok provos@
2002-06-04only allow enabled authentication methods; ok provos@Markus Friedl
2002-05-15'monitor' variable clashes with at least one lame platform (NeXT). Renamedmouring
to 'pmonitor'. provos@
2002-05-12Fix sshd Banner option for privsep; ok markus@ provos@Damien Miller
2002-03-30check waitpid for EINTR; based on patch from peter@ifm.liu.seMarkus Friedl
2002-03-27monitor_allowed_key() returns int instead of pointer. ok markus@mouring
2002-03-24remove "\n" from fatal()Kevin Steves
2002-03-21fix NULL %s on debug3(); ok markus@Kevin Steves
2002-03-19use SSH_SESSION_KEY_LENGTH for key lengthMarkus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-07 02:08:31 +0000