summaryrefslogtreecommitdiffstats
path: root/auth2-chall.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-19/+18
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org2020-02-281-3/+2
| | | | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
* upstream: stdarg.h required more broadly; ok djmderaadt@openbsd.org2019-11-141-2/+2
| | | | OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* Remove support for S/KeyDamien Miller2018-07-311-13/+1
| | | | | | Most people will 1) be using modern multi-factor authentication methods like TOTP/OATH etc and 2) be getting support for multi-factor authentication via PAM or BSD Auth.
* upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@markus@openbsd.org2018-07-121-3/+3
| | | | OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3
* upstream: sshd: switch authentication to sshbuf API; ok djm@markus@openbsd.org2018-07-101-29/+40
| | | | OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
* upstream commitmarkus@openbsd.org2017-05-311-14/+17
| | | | | | switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
* upstream commitmarkus@openbsd.org2017-05-311-4/+3
| | | | | | protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
* upstream commitmarkus@openbsd.org2017-05-311-2/+3
| | | | | | sshd: pass struct ssh to auth functions; ok djm@ Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
* upstream commitmarkus@openbsd.org2017-05-311-1/+1
| | | | | | remove ssh1 references; ok djm@ Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
* upstream commitdjm@openbsd.org2016-05-021-3/+3
| | | | | | | | fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
* upstream commitdjm@openbsd.org2015-07-201-3/+8
| | | | | | | only query each keyboard-interactive device once per authentication request regardless of how many times it is listed; ok markus@ Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
* upstream commitmarkus@openbsd.org2015-01-191-3/+4
| | | | move dispatch to struct ssh; ok djm@
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-0/+1
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller2014-02-041-2/+2
| | | | | | | | | | | [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-2/+2
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - djm@cvs.openbsd.org 2013/11/08 00:39:15Damien Miller2013-11-081-2/+2
| | | | | | | [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] [sftp-client.c sftp-glob.c] use calloc for all structure allocations; from markus@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-15/+12
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - markus@cvs.openbsd.org 2013/03/07 19:27:25Damien Miller2013-04-231-4/+8
| | | | | [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] add submethod support to AuthenticationMethods; ok and freedback djm@
* - djm@cvs.openbsd.org 2012/12/03 00:14:06Damien Miller2012-12-031-2/+3
| | | | | [auth2-chall.c ssh-keygen.c] Fix compilation with -Wall -Werror (trivial type fixes)
* - djm@cvs.openbsd.org 2012/12/02 20:34:10Damien Miller2012-12-021-7/+5
| | | | | | | | | | | | | | | | [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] [monitor.c monitor.h] Fixes logging of partial authentication when privsep is enabled Previously, we recorded "Failed xxx" since we reset authenticated before calling auth_log() in auth2.c. This adds an explcit "Partial" state. Add a "submethod" to auth_log() to report which submethod is used for keyboard-interactive. Fix multiple authentication when one of the methods is keyboard-interactive. ok markus@
* - djm@cvs.openbsd.org 2008/12/09 04:32:22Damien Miller2009-01-281-7/+3
| | | | | [auth2-chall.c] replace by-hand string building with xasprinf(); ok deraadt@
* - djm@cvs.openbsd.org 2007/09/21 08:15:29Damien Miller2007-10-261-1/+1
| | | | | | | | | | [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c] [monitor.c monitor_wrap.c] unifdef -DBSD_AUTH unifdef -USKEY These options have been in use for some years; ok markus@ "no objection" millert@ (NB. RCD ID sync only for portable)
* - stevesk@cvs.openbsd.org 2007/01/03 03:01:40Damien Miller2007-01-051-2/+2
| | | | | [auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c] spaces
* - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]Damien Miller2006-09-011-0/+1
| | | | | | | | | | | | | | | | | [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c rc4.diff] [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] [openbsd-compat/port-uw.c] Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; compile problems reported by rac AT tenzing.org
* - dtucker@cvs.openbsd.org 2006/08/05 08:28:24Darren Tucker2006-08-051-1/+1
| | | | | [monitor_wrap.c auth-skey.c auth2-chall.c] Zap unused variables in -DSKEY code. ok djm@
* - deraadt@cvs.openbsd.org 2006/08/03 03:34:42Damien Miller2006-08-051-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything *except* removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy")
* - stevesk@cvs.openbsd.org 2006/08/01 23:22:48Damien Miller2006-08-051-1/+2
| | | | | | | | | | | | | [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c] [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c] [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c] [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c] [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c] [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c] [uuencode.h xmalloc.c] move #include <stdio.h> out of includes.h
* - stevesk@cvs.openbsd.org 2006/07/22 20:48:23Damien Miller2006-07-241-1/+3
| | | | | | | | | | | | | | | | | [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] move #include <string.h> out of includes.h
* - djm@cvs.openbsd.org 2006/03/25 13:17:03Damien Miller2006-03-261-0/+1
| | | | | | | | | | | | | | | | | | | | | [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c] Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
* - djm@cvs.openbsd.org 2006/03/25 00:05:41Damien Miller2006-03-261-1/+1
| | | | | | | | | | | | | | | | [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] [xmalloc.c xmalloc.h] introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
* - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller2006-03-251-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
* - djm@cvs.openbsd.org 2005/07/17 07:17:55Damien Miller2005-07-171-2/+2
| | | | | | | | [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces
* - djm@cvs.openbsd.org 2005/06/17 02:44:33Damien Miller2005-06-171-5/+4
| | | | | | | | | | | [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] make this -Wsign-compare clean; ok avsm@ markus@ NB. auth1.c changes not committed yet (conflicts with uncommitted sync) NB2. more work may be needed to make portable Wsign-compare clean
* - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam fromDarren Tucker2005-01-201-0/+24
| | | | the list of available kbdint devices if UsePAM=no. ok djm@
* - dtucker@cvs.openbsd.org 2005/01/19 13:11:47Darren Tucker2005-01-201-8/+3
| | | | | | | | | | [auth-bsdauth.c auth2-chall.c] Have keyboard-interactive code call the drivers even for responses for invalid logins. This allows the drivers themselves to decide how to handle them and prevent leaking information where possible. Existing behaviour for bsdauth is maintained by checking authctxt->valid in the bsdauth driver. Note that any third-party kbdint drivers will now need to be able to handle responses for invalid logins. ok markus@
* - dtucker@cvs.openbsd.org 2004/06/01 14:20:45Damien Miller2004-06-151-2/+1
| | | | | [auth2-chall.c] Remove redundant #include; ok markus@
* - (djm) Avoid auth2-chall.c warning when compiling withoutDamien Miller2003-05-261-1/+3
| | | | PAM, BSD_AUTH and SKEY
* - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge withAFTER_FREEBSD_PAM_MERGEDamien Miller2003-05-101-3/+16
| | | | proper challenge-response module
* - deraadt@cvs.openbsd.org 2002/06/30 21:59:45Ben Lindstrom2002-07-041-2/+2
| | | | | | | [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c sshconnect2.c sshd.c] minor KNF
* - markus@cvs.openbsd.org 2002/06/26 13:55:37Damien Miller2002-06-261-6/+12
| | | | | | [auth2-chall.c] make sure # of response matches # of queries, fixes int overflow; from ISS
* - deraadt@cvs.openbsd.org 2002/06/19 00:27:55Ben Lindstrom2002-06-211-2/+2
| | | | | | | | | [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....
* - provos@cvs.openbsd.org 2002/03/18 17:50:31Ben Lindstrom2002-03-221-1/+20
| | | | | | | | | | | [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!
* - markus@cvs.openbsd.org 2002/01/13 17:57:37Damien Miller2002-01-221-8/+12
| | | | | [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c] use buffer API and avoid static strings of fixed size; ok provos@/mouring@
* - markus@cvs.openbsd.org 2002/01/11 23:02:51Damien Miller2002-01-221-4/+3
| | | | | [auth2-chall.c] use snprintf; mouring@
* - markus@cvs.openbsd.org 2002/01/11 20:14:11Damien Miller2002-01-221-3/+2
| | | | | [auth2-chall.c auth-skey.c] use strlcpy not strlcat; mouring@
* - markus@cvs.openbsd.org 2001/12/28 15:06:00Damien Miller2002-01-221-3/+3
| | | | | [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c] remove plen from the dispatch fn. it's no longer used.
* - markus@cvs.openbsd.org 2001/12/27 20:39:58Damien Miller2002-01-221-2/+2
| | | | | [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead.
* - djm@cvs.openbsd.org 2001/12/20 22:50:24Damien Miller2001-12-211-3/+3
| | | | | | | | | [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] [sshconnect2.c] Conformance fix: we should send failing packet sequence number when responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@