summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshconnect1.c
AgeCommit message (Collapse)Author
2002-03-14don't trust size sent by (rogue) server; noted by s.esser@e-matters.deMarkus Friedl
2002-02-11include md5.h, not evp.hMarkus Friedl
2001-12-28packet_read* no longer return the packet length, since it's not used.Markus Friedl
2001-12-28packet_get_bignum* no longer returns a sizeMarkus Friedl
2001-12-28s/packet_done/packet_check_eom/ (end-of-message); ok djm@Markus Friedl
2001-12-27get rid of packet_integrity_check, use packet_done() instead.Markus Friedl
2001-12-27call fatal() for openssl allocation failuresMarkus Friedl
2001-12-19basic KNF done while i was looking for something elseTheo de Raadt
2001-10-06unify hostkey check error messages, simplify prompt.Markus Friedl
2001-09-27typos; from solarMarkus Friedl
2001-07-05statement after label; ok dugsong@Kevin Steves
2001-06-26add smartcard support to the client, too (now you can use bothMarkus Friedl
the agent and the client).
2001-06-26Kerberos v5 support for SSH1, mostly from Assar Westerlund ↵Dug Song
<assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
2001-06-23consistent with ssh2: skip key if empty passphrase is entered,Markus Friedl
retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
2001-06-23more strict prototypes. raise warning level in Makefile.inc. markus ok'edJun-ichiro itojun Hagino
TODO; cleanup headers
2001-06-23get rid of known_hosts2, use it for hostkey lookup, but do not modify.Markus Friedl
2001-06-07use xxx_put_cstring()Markus Friedl
2001-05-18improved kbd-interactive support. work by per@appgate.com and meMarkus Friedl
2001-04-17check for key!=NULL, thanks to costaMarkus Friedl
2001-04-12implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)Markus Friedl
similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-03-26simpler key load/save interface, see authfile.hMarkus Friedl
2001-03-08implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->Markus Friedl
no need to do enter passphrase or do expensive sign operations if the server does not accept key).
2001-02-15genericize password padding function for SSH1 and SSH2.Markus Friedl
add stylized echo to 2, too.
2001-02-12fix xmalloc(0), ok dugsong@Markus Friedl
2001-02-08mitigate SSH1 traffic analysis - from Solar Designer <solar@openwall.com>, ↵Dug Song
ok provos@
2001-02-08sync with netbsd tree changes.Jun-ichiro itojun Hagino
- more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
2001-02-08%.30s is too short for IPv6 numeric address. use %.128s for now. markus okJun-ichiro itojun Hagino
2001-02-03make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@Markus Friedl
2001-01-29handle rsa_private_decrypt failures; helps against the Bleichenbacher pkcs#1 ↵Markus Friedl
attack
2001-01-22rename skey -> challenge response.Markus Friedl
auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
2001-01-22only AFS needs radix.[ch]Markus Friedl
2001-01-21split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.Markus Friedl
rename util.[ch] -> misc.[ch]
2001-01-19move ssh1 definitions to ssh1.h, pathnames to pathnames.hMarkus Friedl
2001-01-181) removes fake skey from sshd, since this will be muchMarkus Friedl
harder with /usr/libexec/auth/login_XXX 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) 3) make addition of BSD_AUTH and other challenge reponse methods easier.
2001-01-16indentTheo de Raadt
2001-01-08more cleanups and fixes from stevesk@pobox.com:Markus Friedl
1) try_agent_authentication() for loop will overwrite key just allocated with key_new(); don't alloc 2) call ssh_close_authentication_connection() before exit try_agent_authentication() 3) free mem on bad passphrase in try_rsa_authentication()
2000-12-19replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'Markus Friedl
with u_char.
2000-12-10always request new challenge for skey/tis-auth, fixes interop withMarkus Friedl
other implementations; report from roth@feep.net
2000-11-25reorder check for illegal ciphers, bugreport from espie@Markus Friedl
2000-11-23complain about invalid ciphers for ssh1/ssh2, fall back to reasonable defaultsMarkus Friedl
2000-11-12add support for RSA to SSH2. please test.Markus Friedl
there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
2000-10-12enable DES in SSH-1 clients onlyMarkus Friedl
2000-10-11new cipher frameworkMarkus Friedl
2000-09-07cleanup copyright notices on all files. I have attempted to be accurate withTheo de Raadt
the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
2000-08-19add SSH2/DSA support to the agent and some other DSA related cleanups.Markus Friedl
(note that we cannot talk to ssh.com's ssh2 agents)
2000-07-16make ssh-add accept dsa keys (the agent does not)Markus Friedl
2000-05-08complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)Markus Friedl
2000-05-04replace broken uuencode w/ libc b64_ntopMarkus Friedl
2000-04-26split auth/sshconnect in one file per protocol versionMarkus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-02 10:30:40 +0000