#
1.71 |
|
30-Mar-2024 |
djm |
allow WAYLAND_DISPLAY to enable SSH_ASKPASS
From dkg via GHPR479; ok dtucker@
|
Revision tags: OPENBSD_7_2_BASE OPENBSD_7_3_BASE OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.70 |
|
27-May-2022 |
dtucker |
Avoid kill with -1 argument. The out_ctx label can be reached before fork has been called. If this happens, then kill -1 would be called, sending SIGTERM to all processes reachable by the current process.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
|
Revision tags: OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.69 |
|
23-Jul-2021 |
djm |
mention in comment that read_passphrase(..., RP_ALLOW_STDIN) will try to use askpass first. bz3314
convert a couple of debug() -> debug_f() while here
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.68 |
|
10-Nov-2020 |
claudio |
Free the previously allocated msg buffer after writing it out. OK djm@
|
#
1.67 |
|
08-Nov-2020 |
djm |
unbreak; missing NULL check
|
#
1.66 |
|
08-Nov-2020 |
djm |
when requesting a security key touch on stderr, inform the user once the touch has been recorded; requested by claudio@ ok markus@
|
#
1.65 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.70 |
|
27-May-2022 |
dtucker |
Avoid kill with -1 argument. The out_ctx label can be reached before fork has been called. If this happens, then kill -1 would be called, sending SIGTERM to all processes reachable by the current process.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
|
Revision tags: OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.69 |
|
23-Jul-2021 |
djm |
mention in comment that read_passphrase(..., RP_ALLOW_STDIN) will try to use askpass first. bz3314
convert a couple of debug() -> debug_f() while here
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.68 |
|
10-Nov-2020 |
claudio |
Free the previously allocated msg buffer after writing it out. OK djm@
|
#
1.67 |
|
08-Nov-2020 |
djm |
unbreak; missing NULL check
|
#
1.66 |
|
08-Nov-2020 |
djm |
when requesting a security key touch on stderr, inform the user once the touch has been recorded; requested by claudio@ ok markus@
|
#
1.65 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.69 |
|
23-Jul-2021 |
djm |
mention in comment that read_passphrase(..., RP_ALLOW_STDIN) will try to use askpass first. bz3314
convert a couple of debug() -> debug_f() while here
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.68 |
|
10-Nov-2020 |
claudio |
Free the previously allocated msg buffer after writing it out. OK djm@
|
#
1.67 |
|
08-Nov-2020 |
djm |
unbreak; missing NULL check
|
#
1.66 |
|
08-Nov-2020 |
djm |
when requesting a security key touch on stderr, inform the user once the touch has been recorded; requested by claudio@ ok markus@
|
#
1.65 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.68 |
|
10-Nov-2020 |
claudio |
Free the previously allocated msg buffer after writing it out. OK djm@
|
#
1.67 |
|
08-Nov-2020 |
djm |
unbreak; missing NULL check
|
#
1.66 |
|
08-Nov-2020 |
djm |
when requesting a security key touch on stderr, inform the user once the touch has been recorded; requested by claudio@ ok markus@
|
#
1.65 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.65 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.64 |
|
03-Oct-2020 |
djm |
There are lots of place where we want to redirect stdin, stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.63 |
|
11-Aug-2020 |
djm |
let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.62 |
|
14-Jul-2020 |
djm |
allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.61 |
|
23-Jan-2020 |
dtucker |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.60 |
|
06-Dec-2019 |
djm |
fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile")
|
#
1.59 |
|
06-Dec-2019 |
djm |
bring the __func__
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.58 |
|
27-Nov-2019 |
djm |
use error()+_exit() instead of fatal() to avoid running cleanup handlers in child process; spotted via weird regress failures in portable
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.57 |
|
15-Nov-2019 |
djm |
follow existing askpass logic for security key notifier: fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable is set.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.56 |
|
12-Nov-2019 |
djm |
pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
|
#
1.55 |
|
12-Nov-2019 |
djm |
dd API for performing one-shot notifications via tty or SSH_ASKPASS
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.54 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.53 |
|
19-Jan-2019 |
tb |
Print an \r in front of the password prompt so parts of a password that was entered too early are likely clobbered by the prompt. Idea from doas.
from and ok djm "i like it" deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
#
1.52 |
|
18-Jul-2018 |
dtucker |
Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.51 |
|
11-Dec-2015 |
mmcc |
Pass (char *)NULL rather than (char *)0 to execl and execlp.
ok dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.50 |
|
02-Feb-2014 |
djm |
convert memset of potentially-private data to explicit_bzero()
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.49 |
|
17-May-2013 |
djm |
bye, bye xfree(); ok markus@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.48 |
|
15-Dec-2010 |
djm |
fix ControlMaster=ask regression
reset SIGCHLD handler before fork (and restore it after) so we don't miss the the askpass child's exit status. Correct test for exit status/signal to account for waitpid() failure; with claudio@ ok claudio@ markus@
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.47 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.46 |
|
01-Aug-2006 |
stevesk |
move #include <stdio.h> out of includes.h
|
#
1.45 |
|
26-Jul-2006 |
stevesk |
move #include <stdlib.h> out of includes.h
|
#
1.44 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.43 |
|
17-Jul-2006 |
stevesk |
move #include <unistd.h> out of includes.h
|
#
1.42 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.41 |
|
10-Jul-2006 |
stevesk |
move #include <stdarg.h> out of includes.h; ok markus@
|
#
1.40 |
|
09-Jul-2006 |
stevesk |
move #include <fcntl.h> out of includes.h
|
#
1.39 |
|
08-Jun-2006 |
markus |
do not set the gid, noted by solar; ok djm
|
#
1.38 |
|
06-Jun-2006 |
markus |
replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
|
#
1.37 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.36 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.35 |
|
10-Feb-2006 |
stevesk |
branches: 1.35.2; move #include <sys/wait.h> out of includes.h; ok markus@
|
#
1.34 |
|
08-Feb-2006 |
stevesk |
move #include <paths.h> out of includes.h; ok markus@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.33 |
|
02-May-2005 |
markus |
branches: 1.33.2; missing {}
|
#
1.32 |
|
23-Apr-2005 |
dtucker |
Add debug message if read_passphrase can't open /dev/tty; bz #471; ok djm@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.31 |
|
29-Oct-2004 |
djm |
branches: 1.31.2; factor out common permission-asking code to separate function; ok markus@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.30 |
|
17-Jun-2004 |
djm |
branches: 1.30.2; Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
|
#
1.29 |
|
08-May-2004 |
djm |
kill a tiny header; ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.28 |
|
23-Jan-2003 |
markus |
branches: 1.28.4; 1.28.6; ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.27 |
|
26-Mar-2002 |
markus |
branches: 1.27.2; 1.27.4; client side support for PASSWD_CHANGEREQ based on work by johan.andersson@appgate.com; ok provos@
|
#
1.26 |
|
13-Feb-2002 |
markus |
readpass.c is not longer from UCB, since we now use readpassphrase(3)
|
#
1.25 |
|
11-Jan-2002 |
markus |
use _PATH_TTY
|
#
1.24 |
|
21-Dec-2001 |
djm |
Avoid interruptable passphrase read; ok markus@
|
#
1.23 |
|
08-Nov-2001 |
markus |
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
14-Jul-2001 |
stevesk |
branches: 1.22.2; delete spurious #includes; ok deraadt@ markus@
|
#
1.21 |
|
10-Jul-2001 |
markus |
don't panic if fork or pipe fail (just return an empty passwd).
|
#
1.20 |
|
02-Jul-2001 |
markus |
do not return NULL, use "" instead.
|
#
1.19 |
|
24-Jun-2001 |
markus |
switch to readpassphrase(3) 2.7/8-stable needs readpassphrase.[ch] from libc
|
#
1.18 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.17 |
|
06-May-2001 |
mouring |
Use const for 'prompt'. Brought over from portable tree.
|
#
1.16 |
|
02-May-2001 |
mouring |
Put the 'const' back into ssh_askpass() function. Pointed out by Mark Miller <markm@swoon.net>. OK Markus
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.15 |
|
18-Apr-2001 |
markus |
branches: 1.15.2; call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
|
#
1.14 |
|
08-Feb-2001 |
itojun |
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
|
#
1.13 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.12 |
|
11-Oct-2000 |
markus |
branches: 1.12.2; add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me
|
#
1.11 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.10 |
|
14-Apr-2000 |
markus |
branches: 1.10.2; whitespace cleanup
|
#
1.9 |
|
21-Jan-2000 |
deraadt |
instead of blocking SIGINT, catch it ourselves, so that we can clean the tty modes up and kill ourselves -- instead of our process group leader (scp, cvs, ...) going away and leaving us in noecho mode. people with cbreak shells never even noticed..
|
#
1.8 |
|
08-Dec-1999 |
deraadt |
avoid stdio; based on work by markus, millert, and I
|
#
1.7 |
|
24-Nov-1999 |
markus |
KNF, final part 3
|
#
1.6 |
|
24-Nov-1999 |
deraadt |
much more KNF
|
#
1.5 |
|
23-Nov-1999 |
markus |
KNF part 1
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.4 |
|
11-Oct-1999 |
markus |
we do not ship ssh-askpass
|
#
1.3 |
|
30-Sep-1999 |
deraadt |
even smaller
|
#
1.2 |
|
30-Sep-1999 |
deraadt |
cull more ancient garbage from pre-POSIX days
|
#
1.1 |
|
26-Sep-1999 |
deraadt |
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
|