Commit Graph

422 Commits

Author SHA1 Message Date
Darren Tucker 57f4224677 - stevesk@cvs.openbsd.org 2006/07/11 20:16:43
[ssh.c]
     cast asterisk field precision argument to int to remove warning;
     ok markus@
2006-07-12 22:23:35 +10:00
Darren Tucker e7d4b19f75 - markus@cvs.openbsd.org 2006/07/11 18:50:48
[clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
     channels.h readconf.c]
     add ExitOnForwardFailure: terminate the connection if ssh(1)
     cannot set up all requested dynamic, local, and remote port
     forwardings. ok djm, dtucker, stevesk, jmc
2006-07-12 22:17:10 +10:00
Darren Tucker 284706a755 - dtucker@cvs.openbsd.org 2006/07/11 10:12:07
[ssh.c]
     Only copy the part of environment variable that we actually use.  Prevents
     ssh bailing when SendEnv is used and an environment variable with a really
     long value exists.  ok djm@
2006-07-12 22:16:23 +10:00
Damien Miller 57cf638577 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
Damien Miller e3b60b524e - stevesk@cvs.openbsd.org 2006/07/08 21:47:12
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
Damien Miller 9f2abc47eb - stevesk@cvs.openbsd.org 2006/07/06 16:03:53
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
Damien Miller b757677d02 - stevesk@cvs.openbsd.org 2006/07/03 08:54:20
[includes.h ssh.c sshconnect.c sshd.c]
     move #include "version.h" out of includes.h; ok markus@
2006-07-10 20:23:39 +10:00
Damien Miller 991dba43e1 - stevesk@cvs.openbsd.org 2006/07/02 17:12:58
[ssh.1 ssh.c ssh_config.5 sshd_config.5]
     more details and clarity for tun(4) device forwarding; ok and help
     jmc@
2006-07-10 20:16:27 +10:00
Darren Tucker 232b76f9f8 - dtucker@cvs.openbsd.org 2006/04/25 08:02:27
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186, ok djm@
2006-05-06 17:41:51 +10:00
Damien Miller 6b1d53c2b0 - djm@cvs.openbsd.org 2006/03/30 10:41:25
[ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
Damien Miller ddd63ab1d0 - deraadt@cvs.openbsd.org 2006/03/28 00:12:31
[README.tun ssh.c]
     spacing
2006-03-31 23:10:51 +11:00
Damien Miller 57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller 07d86bec5e - djm@cvs.openbsd.org 2006/03/25 00:05:41
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
Damien Miller 1d2b6706ba - deraadt@cvs.openbsd.org 2006/03/20 18:42:27
[canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
2006-03-26 14:09:54 +11:00
Damien Miller 9096740f6c - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
Damien Miller 71a7367130 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
Damien Miller 4662d3492f - deraadt@cvs.openbsd.org 2006/03/19 18:59:30
[ssh.c]
     spacing
2006-03-26 13:59:59 +11:00
Damien Miller b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller 6645e7a70d - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
2006-03-15 14:42:54 +11:00
Damien Miller 2ecb6bd95d - djm@cvs.openbsd.org 2006/03/12 04:23:07
[ssh.c]
     knf nit
2006-03-15 12:03:53 +11:00
Damien Miller c7b06369a8 - stevesk@cvs.openbsd.org 2006/02/22 00:04:45
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
     [sshconnect.c]
     move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
Damien Miller 6ff3caddb6 oops, this commit is really:
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
     [clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@

the previous was:

   - stevesk@cvs.openbsd.org 2006/02/20 17:19:54
     [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
     [authfile.c clientloop.c includes.h readconf.c scp.c session.c]
     [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
     [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
     [sshconnect2.c sshd.c sshpty.c]
     move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
Damien Miller f17883e6a0 - stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
Damien Miller 574c41fdb3 - stevesk@cvs.openbsd.org 2006/02/20 16:36:15
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
     move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
Damien Miller 3ec54c7e58 - djm@cvs.openbsd.org 2006/02/12 06:45:34
[ssh.c ssh_config.5]
     add a %l expansion code to the ControlPath, which is filled in with the
     local hostname at runtime. Requested by henning@ to avoid some problems
     with /home on NFS; ok dtucker@
2006-03-15 11:30:13 +11:00
Damien Miller 17e91c0fb0 - stevesk@cvs.openbsd.org 2006/02/10 00:27:13
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
Damien Miller cd4223c245 - stevesk@cvs.openbsd.org 2006/02/08 14:31:30
[includes.h ssh-agent.c ssh-keyscan.c ssh.c]
     move #include <sys/resource.h> out of includes.h; ok markus@
2006-03-15 11:22:47 +11:00
Damien Miller 03e2003a23 - stevesk@cvs.openbsd.org 2006/02/08 12:15:27
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
     [sshd.c sshpty.c]
     move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
Damien Miller 598bbc2d8f - (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
[serverloop.c ssh.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
   compatability support for Linux, diff from reyk@
2005-12-31 16:33:36 +11:00
Darren Tucker e9a9b71c6b - dtucker@cvs.openbsd.org 2005/12/20 04:41:07
[ssh.c]
     exit(255) on error to match description in ssh(1); bz #1137; ok deraadt@
2005-12-20 16:15:51 +11:00
Damien Miller 7b58e80036 - reyk@cvs.openbsd.org 2005/12/08 18:34:11
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
     [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
     two changes to the new ssh tunnel support. this breaks compatibility
     with the initial commit but is required for a portable approach.
     - make the tunnel id u_int and platform friendly, use predefined types.
     - support configuration of layer 2 (ethernet) or layer 3
     (point-to-point, default) modes. configuration is done using the
     Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
     restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
     in sshd_config(5).
     ok djm@, man page bits by jmc@
2005-12-13 19:33:19 +11:00
Damien Miller d27b947178 - reyk@cvs.openbsd.org 2005/12/06 22:38:28
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.

     ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
Damien Miller 788f212aed - djm@cvs.openbsd.org 2005/10/30 08:52:18
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
Damien Miller aa3bb10940 - djm@cvs.openbsd.org 2005/10/30 04:03:24
[ssh.c]
     fix misleading debug message; ok dtucker@
2005-11-05 15:12:59 +11:00
Damien Miller 15d72a00a3 - stevesk@cvs.openbsd.org 2005/10/14 02:17:59
[ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
Darren Tucker 895d698515 - jmc@cvs.openbsd.org 2005/09/19 15:42:44
[ssh.c]
     update -D usage here too;
2005-10-03 18:18:05 +10:00
Darren Tucker ce321d8a30 - djm@cvs.openbsd.org 2005/09/13 23:40:07
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
Damien Miller be1045dc58 - djm@cvs.openbsd.org 2005/07/30 01:26:16
[ssh.c]
     fix -D listen_host initialisation, so it picks up gateway_ports setting
     correctly
2005-08-12 22:10:56 +10:00
Damien Miller 46d38de48b - djm@cvs.openbsd.org 2005/07/16 01:35:24
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
2005-07-17 17:02:09 +10:00
Damien Miller 1339002e8b - djm@cvs.openbsd.org 2005/07/04 00:58:43
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
Damien Miller 7c71cc738c - djm@cvs.openbsd.org 2005/06/25 22:47:49
[ssh.c]
     do the default port filling code a few lines earlier, so it really
     does fix %p
2005-06-26 08:56:31 +10:00
Damien Miller 8f74c8fc32 - djm@cvs.openbsd.org 2005/06/18 04:30:36
[ssh.c ssh_config.5]
     allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
2005-06-26 08:56:03 +10:00
Damien Miller 9651fe690a - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2005/06/17 22:53:47
     [ssh.c sshconnect.c]
     Fix ControlPath's %p expanding to "0" for a default port,
     spotted dwmw2 AT infradead.org; ok markus@
2005-06-26 08:55:25 +10:00
Damien Miller 17e7ed0e75 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
Damien Miller d14b1e731c - djm@cvs.openbsd.org 2005/06/08 11:25:09
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add ControlMaster=auto/autoask options to support opportunistic
     multiplexing; tested avsm@ and jakob@, ok markus@
2005-06-16 13:19:41 +10:00
Damien Miller 6476cad9bb - djm@cvs.openbsd.org 2005/06/06 11:20:36
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
     introduce a generic %foo expansion function. replace existing % expansion
     and add expansion to ControlPath; ok markus@
2005-06-16 13:18:34 +10:00
Darren Tucker 0814d3136f - djm@cvs.openbsd.org 2005/05/27 08:30:37
[ssh.c]
     fix -O for cases where no ControlPath has been specified or socket at
     ControlPath is not contactable; spotted by and ok avsm@
2005-06-01 23:08:51 +10:00
Damien Miller 538c9b71ec - djm@cvs.openbsd.org 2005/05/10 10:30:43
[ssh.c]
     report real errors on fallback from ControlMaster=no to normal connect
2005-05-26 12:11:28 +10:00
Damien Miller 924c25a64e - djm@cvs.openbsd.org 2005/05/10 10:28:11
[ssh.c]
     print nice error message for EADDRINUSE as well (ID sync only)
2005-05-26 12:09:32 +10:00
Damien Miller dadfd4dd38 - jakob@cvs.openbsd.org 2005/04/26 13:08:37
[ssh.c ssh_config.5]
     fallback gracefully if client cannot connect to ControlPath. ok djm@
2005-05-26 12:07:13 +10:00
Damien Miller ddee575b98 - djm@cvs.openbsd.org 2005/04/21 11:47:19
[ssh.c]
     don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
     ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@
2005-05-26 12:05:05 +10:00
Damien Miller 1b0de9a041 - dtucker@cvs.openbsd.org 2005/04/06 12:26:06
[ssh.c]
     Fix debug call for port forwards; patch from pete at seebeyond.com,
     ok djm@ (ID sync only - change already in portable)
2005-05-26 12:01:22 +10:00
Damien Miller 4f10e25684 - (djm) [ssh.c] some systems return EADDRINUSE on a bind to an already-used
unix domain socket, so catch that too; from jakob@ ok dtucker@
2005-05-04 15:33:09 +10:00
Darren Tucker 73ba43798a - (dtucker) [ssh.c] Prevent null pointer deref in port forwarding debug
message on some platforms.  Patch from pete at seebeyond.com via djm.
2005-03-31 21:51:54 +10:00
Darren Tucker 47eede77ed - deraadt@cvs.openbsd.org 2005/03/10 22:01:05
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
2005-03-14 23:08:12 +11:00
Damien Miller 02faeceb56 - jmc@cvs.openbsd.org 2005/03/01 17:22:06
[ssh.c]
     sync usage() w/ man SYNOPSIS;
     ok markus@
2005-03-02 12:04:32 +11:00
Damien Miller f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Damien Miller 3eb48b6245 - otto@cvs.openbsd.org 2005/02/16 09:56:44
[ssh.c]
     Better diagnostic if an identity file is not accesible. ok markus@ djm@
2005-03-01 21:15:46 +11:00
Darren Tucker 9c6bf325c0 - jmc@cvs.openbsd.org 2004/11/07 17:57:30
[ssh.c]
     usage():
     - add -O
     - sync -S w/ manpage
     - remove -h
2004-12-03 14:10:19 +11:00
Darren Tucker 7ebfc10884 - djm@cvs.openbsd.org 2004/11/07 00:01:46
[clientloop.c clientloop.h ssh.1 ssh.c]
     add basic control of a running multiplex master connection; including the
     ability to check its status and request it to exit; ok markus@
2004-11-07 20:06:19 +11:00
Darren Tucker 39207a46b4 - djm@cvs.openbsd.org 2004/09/23 13:00:04
[ssh.c]
     correctly honour -n in multiplex client mode; spotted by sturm@ ok markus@
2004-11-05 20:19:51 +11:00
Darren Tucker e9bf98412e - deraadt@cvs.openbsd.org 2004/09/15 00:46:01
[ssh.c]
     /* fallthrough */ is something a programmer understands.  But
     /* FALLTHROUGH */ is also understood by lint, so that is better.
2004-11-05 20:05:32 +11:00
Darren Tucker 07336dae94 - djm@cvs.openbsd.org 2004/09/07 23:41:30
[clientloop.c ssh.c]
     cleanup multiplex control socket on SIGHUP too, spotted by sturm@
     ok markus@ deraadt@
2004-11-05 20:02:16 +11:00
Damien Miller 2aa6d3cfce - (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocol
banner. Suggested by deraadt@, ok mouring@, dtucker@
2004-09-12 16:53:04 +10:00
Darren Tucker 27a8f6b056 - dtucker@cvs.openbsd.org 2004/08/23 14:26:38
[ssh-keysign.c ssh.c]
     Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
     change in Portable; ok markus@ (CVS ID sync only)
2004-08-29 16:31:28 +10:00
Darren Tucker 25f60a7ee7 - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
it does the right thing on all platforms.  ok djm@
2004-08-15 17:23:34 +10:00
Darren Tucker 5cb30ad2ec - markus@cvs.openbsd.org 2004/07/28 09:40:29
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
     sshconnect1.c]
     more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
Darren Tucker fc9597034b - deraadt@cvs.openbsd.org 2004/07/11 17:48:47
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
2004-07-17 16:12:08 +10:00
Darren Tucker ba6de952a0 - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
   openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c.  Reduces
   diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
Darren Tucker b5bc1a6393 - dtucker@cvs.openbsd.org 2004/06/23 14:31:01
[ssh.c]
     Fix counting in master/slave when passing environment variables; ok djm@
2004-06-24 00:34:53 +10:00
Darren Tucker 3f9fdc7121 - avsm@cvs.openbsd.org 2004/06/21 17:36:31
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Darren Tucker 365433f883 - djm@cvs.openbsd.org 2004/06/20 17:36:59
[ssh.c]
     filter passed env vars at slave in connection sharing case; ok markus@
2004-06-22 12:29:23 +10:00
Damien Miller b8ea24868f - markus@cvs.openbsd.org 2004/06/18 10:55:43
[ssh.1 ssh.c]
     trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm
2004-06-18 22:21:55 +10:00
Damien Miller 0809e233a4 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2004/06/18 10:40:19
     [ssh.c]
     delay signal handler setup until we have finished talking to the master.
     allow interrupting of setup (e.g. if master is stuck); ok markus@
2004-06-18 22:20:57 +10:00
Darren Tucker ba5c592126 - djm@cvs.openbsd.org 2004/06/17 23:56:57
[ssh.1 ssh.c]
     sync usage() and SYNPOSIS with connection sharing changes
2004-06-18 16:22:39 +10:00
Damien Miller 23f0770a1b - djm@cvs.openbsd.org 2004/06/17 15:10:14
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
     Add option for confirmation (ControlMaster=ask) via ssh-askpass before
     opening shared connections; ok markus@
2004-06-18 01:19:03 +10:00
Damien Miller 3756dcee24 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2004/06/17 14:52:48
     [clientloop.c clientloop.h ssh.c]
     support environment passing over shared connections; ok markus@
2004-06-18 01:17:29 +10:00
Damien Miller 07b6ff12c4 - (djm) [ssh.c] Use separate var for address length 2004-06-15 11:14:45 +10:00
Damien Miller 0e220dbfbc - djm@cvs.openbsd.org 2004/06/13 15:03:02
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
     [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
     implement session multiplexing in the client (the server has supported
     this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
Darren Tucker 06f2bd8bde - deraadt@cvs.openbsd.org 2004/05/08 00:01:37
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
     tildexpand.c], removed: sshtty.h tildexpand.h
     make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
Darren Tucker 46bc075474 - djm@cvs.openbsd.org 2004/04/27 09:46:37
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
     ssh_config.5 sshd_config.5]
     bz #815: implement ability to pass specified environment variables from
     the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
Damien Miller 914420fe74 - djm@cvs.openbsd.org 2004/04/19 21:51:49
[ssh.c]
     fix idiot typo that i introduced in my last commit;
     spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
Damien Miller 57a4476a69 - djm@cvs.openbsd.org 2004/04/18 23:10:26
[readconf.c readconf.h ssh-keysign.c ssh.c]
     perform strict ownership and modes checks for ~/.ssh/config files,
     as these can be used to execute arbitrary programs; ok markus@
     NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller 0c889cd9e9 - markus@cvs.openbsd.org 2004/03/11 10:21:17
[ssh.c sshd.c]
     ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
Damien Miller 5095510e5f - markus@cvs.openbsd.org 2004/03/10 09:45:06
[ssh.c]
     trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
Damien Miller 3df755e441 - markus@cvs.openbsd.org 2004/03/09 22:11:05
[ssh.c]
     increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
Damien Miller 509b0107f0 - markus@cvs.openbsd.org 2003/12/16 15:49:51
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
     [ssh.c ssh_config.5]
     application layer keep alive (ServerAliveInterval ServerAliveCountMax)
     for ssh(1), similar to the sshd(8) option; ok beck@; with help from
     jmc and dtucker@
2003-12-17 16:33:10 +11:00
Damien Miller 9836cf8d71 - markus@cvs.openbsd.org 2003/12/09 17:30:05
[ssh.c]
     don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 16:30:06 +11:00
Damien Miller e0113ccc08 - dtucker@cvs.openbsd.org 2003/11/24 00:16:35
[ssh.1 ssh.c]
     Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 13:10:09 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Darren Tucker 0a118da00e - markus@cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Damien Miller fb10e9abe8 - markus@cvs.openbsd.org 2003/09/01 18:15:50
[readconf.c readconf.h servconf.c servconf.h ssh.c]
     remove unused kerberos code; ok henning@
2003-09-02 22:58:22 +10:00
Damien Miller 59d3d5b8b4 - (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
-lbroken; ok dtucker
2003-08-22 09:34:41 +10:00
Darren Tucker 1c52ee3e6f - markus@cvs.openbsd.org 2003/08/13 09:07:10
[readconf.c ssh.c]
     socks4->socks, since with support both 4 and 5; dtucker@zip.com.au
2003-08-13 20:38:36 +10:00
Darren Tucker ec960f2c93 - markus@cvs.openbsd.org 2003/08/13 08:46:31
[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
     ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
     remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
     fgsch@, miod@, henning@, jakob@ and others
2003-08-13 20:37:05 +10:00
Darren Tucker 6aaa58c470 - (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
2003-08-02 22:24:49 +10:00
Darren Tucker e98dfa323e - markus@cvs.openbsd.org 2003/07/16 10:34:53
[ssh.c sshd.c]
     don't exit on multiple -v or -d; ok deraadt@
2003-07-19 19:54:31 +10:00
Darren Tucker 0a4f04b5b2 - djm@cvs.openbsd.org 2003/07/03 08:09:06
[readconf.c readconf.h ssh-keysign.c ssh.c]
     fix AddressFamily option in config file, from brent@graveland.net;
     ok markus@
2003-07-03 20:37:47 +10:00
Darren Tucker 3f521e21c0 - markus@cvs.openbsd.org 2003/07/02 20:37:48
[ssh.c]
     convert hostkeyalias to lowercase, otherwise uppercase aliases will
     not match at all; ok henning@
2003-07-03 16:20:42 +10:00
Damien Miller 56a0bb07c4 - markus@cvs.openbsd.org 2003/06/12 19:12:03
[scard.c scard.h ssh-agent.c ssh.c]
     add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
2003-06-18 20:28:40 +10:00
Damien Miller 7e1bbc55af - (djm) Remove IPv4 by default hack now that we can specify AF in config 2003-05-18 20:52:40 +10:00
Damien Miller 6e80c36e2a - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2003/05/15 13:52:10
     [ssh.c]
     Make "ssh -V" print the OpenSSL version in a human readable form. Patch
     from Craig Leres (mindrot at ee.lbl.gov); ok markus@
2003-05-16 11:38:00 +10:00
Damien Miller 1ea7166019 - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability 2003-05-14 22:33:58 +10:00
Damien Miller b1ca8bb159 - markus@cvs.openbsd.org 2003/05/11 20:30:25
[channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
Damien Miller d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Damien Miller 996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Damien Miller 9f1e33a6b2 - markus@cvs.openbsd.org 2003/02/06 09:27:29
[ssh.c ssh_config.5]
     support 'ProxyCommand none'; bugzilla #433; binder@arago.de; ok djm@
2003-02-24 11:57:32 +11:00
Ben Lindstrom b9fa691819 - millert@cvs.openbsd.org 2002/12/09 16:50:30
[ssh.c]
     Avoid setting optind to 0 as GNU getopt treats that like we do optreset.
     markus@ OK
2002-12-23 02:24:54 +00:00
Ben Lindstrom c276c1208e - markus@cvs.openbsd.org 2002/11/27 17:53:35
[scp.c sftp.c ssh.c]
     allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp;
     http://bugzilla.mindrot.org/show_bug.cgi?id=447; ok mouring@, millert@
2002-12-23 02:14:51 +00:00
Ben Lindstrom 604dc72890 - markus@cvs.openbsd.org 2002/11/21 23:04:33
[ssh.c]
     debug->debug2
2002-12-23 02:08:57 +00:00
Damien Miller 8c4e18a6ec - djm@cvs.openbsd.org 2002/09/19 01:58:18
[ssh.c sshconnect.c]
     bugzilla.mindrot.org #223 - ProxyCommands don't exit.
     Patch from dtucker@zip.com.au; ok markus@
2002-09-19 12:05:02 +10:00
Damien Miller 789e95dbe9 - stevesk@cvs.openbsd.org 2002/09/11 18:27:26
[authfd.c authfd.h ssh.c]
     don't connect to agent to test for presence if we've previously
     connected; ok markus@
2002-09-12 09:52:46 +10:00
Damien Miller 50b9a60082 - stevesk@cvs.openbsd.org 2002/08/29 19:49:42
[ssh.c]
     shrink initial privilege bracket for setuid case; ok markus@
2002-09-04 16:50:06 +10:00
Damien Miller 147bba3453 - stevesk@cvs.openbsd.org 2002/08/29 16:02:54
[ssh.1 ssh.c]
     deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
2002-09-04 16:46:06 +10:00
Ben Lindstrom ee8d52d008 - stevesk@cvs.openbsd.org 2002/07/19 17:42:40
[ssh.c]
     display a warning from ssh when XAuthLocation does not exist or xauth
     returned no authentication data. ok markus@
2002-07-23 21:03:02 +00:00
Ben Lindstrom 5d35a2f582 - markus@cvs.openbsd.org 2002/07/03 14:21:05
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
     re-enable ssh-keysign's sbit, but make ssh-keysign read
     /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
     globally. based on discussions with deraadt, itojun and sommerfeld;
     ok itojun@
2002-07-04 00:19:40 +00:00
Ben Lindstrom a962c2fb35 - deraadt@cvs.openbsd.org 2002/06/30 21:59:45
[auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
      monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
      sshconnect2.c sshd.c]
     minor KNF
2002-07-04 00:14:17 +00:00
Ben Lindstrom da394cae04 - markus@cvs.openbsd.org 2002/06/12 01:09:52
[ssh.c]
     ssh_connect returns 0 on success
2002-06-12 16:11:12 +00:00
Ben Lindstrom 2415757253 - markus@cvs.openbsd.org 2002/06/11 23:03:54
[ssh.c]
     remove unused cruft.
2002-06-12 16:09:39 +00:00
Ben Lindstrom 1aa6427c0f - (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
vinschen@redhat.com
2002-06-11 20:28:05 +00:00
Ben Lindstrom f9c4884c8e - markus@cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
     no longer use uidswap.[ch] from the ssh client
     run less code with euid==0 if ssh is installed setuid root
     just switch the euid, don't switch the complete set of groups
     (this is only needed by sshd). ok provos@
2002-06-11 16:37:51 +00:00
Ben Lindstrom 4daea86fd4 - markus@cvs.openbsd.org 2002/06/08 05:17:01
[readconf.c readconf.h ssh.1 ssh.c]
     deprecate FallBackToRsh and UseRsh; patch from djm@
2002-06-09 20:04:02 +00:00
Ben Lindstrom ece420413b - markus@cvs.openbsd.org 2002/06/08 05:07:56
[ssh.c]
     nuke ptrace comment
2002-06-09 20:00:09 +00:00
Ben Lindstrom 9e5bb579f9 - markus@cvs.openbsd.org 2002/05/23 19:39:34
[ssh.c]
     add comment about ssh-keysign
2002-06-06 19:58:27 +00:00
Ben Lindstrom 1bad256822 - markus@cvs.openbsd.org 2002/05/23 19:24:30
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
     add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
     authentication in protocol v2 (needs to access the hostkeys).

Note: Makefile.in untested.  Will test after merge is finished.
2002-06-06 19:57:33 +00:00
Ben Lindstrom f666fec2d5 - deraadt@cvs.openbsd.org 2002/05/22 23:18:25
[ssh.c sshd.c]
     spelling; abishoff@arc.nasa.gov
2002-06-06 19:51:58 +00:00
Ben Lindstrom fac7769f64 - stevesk@cvs.openbsd.org 2002/05/16 22:09:59
[session.c ssh.c]
     don't limit xauth pathlen on client side and longer print length on
     server when debug; ok markus@
2002-06-06 19:49:54 +00:00
Damien Miller 2797f7f03a - markus@cvs.openbsd.org 2002/04/22 21:04:52
[channels.c clientloop.c clientloop.h ssh.c]
     request reply (success/failure) for -R style fwd in protocol v2,
     depends on ordered replies.
     fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215; ok provos@
2002-04-23 21:09:44 +10:00
Ben Lindstrom eb041dca1f - markus@cvs.openbsd.org 2002/03/26 11:37:05
[ssh.c]
     update Copyright
2002-03-27 17:20:38 +00:00
Ben Lindstrom 4f054607f0 - markus@cvs.openbsd.org 2002/03/25 21:04:02
[ssh.c]
     simplify num_identity_files handling
2002-03-26 03:23:00 +00:00
Ben Lindstrom 0936a5bb72 - markus@cvs.openbsd.org 2002/03/25 17:34:27
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
     change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
Ben Lindstrom ba72d30aa5 - rees@cvs.openbsd.org 2002/03/21 22:44:05
[authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
     Add PIN-protection for secret key.
2002-03-22 03:51:06 +00:00
Ben Lindstrom 6328ab3989 - markus@cvs.openbsd.org 2002/03/19 10:49:35
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
      sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
      ttymodes.c]
     KNF whitespace
2002-03-22 02:54:23 +00:00
Damien Miller 19a5945105 - markus@cvs.openbsd.org 2002/02/14 23:28:00
[channels.h session.c ssh.c]
     increase the SSH v2 window size to 4 packets. comsumes a little
     bit more memory for slow receivers but increases througput.
2002-02-19 15:20:57 +11:00
Damien Miller 4860650842 - markus@cvs.openbsd.org 2002/02/07 09:35:39
[ssh.c]
     remove bogus comments
2002-02-08 22:07:33 +11:00
Damien Miller 699d003e3a - markus@cvs.openbsd.org 2002/02/06 14:55:16
[channels.c clientloop.c serverloop.c ssh.c]
     channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
Damien Miller a500cd608e - markus@cvs.openbsd.org 2002/02/05 14:32:55
[channels.c channels.h ssh.c]
     merge channel_request() into channel_request_start()
2002-02-08 22:04:26 +11:00
Damien Miller 67f0bc043c - markus@cvs.openbsd.org 2002/02/03 17:58:21
[channels.c channels.h ssh.c]
     generic callbacks are not really used, remove and
     add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
     ok djm@
2002-02-05 12:23:08 +11:00
Damien Miller 35b13d633b - stevesk@cvs.openbsd.org 2002/01/27 18:08:17
[ssh.c]
     handle simple case to identify FamilyLocal display; ok markus@
2002-02-05 12:12:09 +11:00
Damien Miller b16461ce45 - markus@cvs.openbsd.org 2002/01/16 13:17:51
[channels.c channels.h serverloop.c ssh.c]
     wrapper for channel_setup_fwd_listener
2002-01-22 23:29:22 +11:00
Damien Miller 630d6f4479 - markus@cvs.openbsd.org 2001/12/28 15:06:00
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
     remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
Damien Miller dff5099f13 - markus@cvs.openbsd.org 2001/12/28 14:50:54
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
     packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
Damien Miller 48b03fc546 - markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
Damien Miller 66823cddbe - markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
Damien Miller 278f907a2d - djm@cvs.openbsd.org 2001/12/20 22:50:24
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
     [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
     [sshconnect2.c]
     Conformance fix: we should send failing packet sequence number when
     responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
     yakk@yakk.dot.net; ok markus@
2001-12-21 15:00:19 +11:00
Damien Miller 5a6b4fe225 - stevesk@cvs.openbsd.org 2001/12/19 17:16:13
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
     change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom 4a4bd719ea - stevesk@cvs.openbsd.org 2001/11/30 20:39:28
[ssh.c]
     sscanf() length dependencies are clearer now; can also shrink proto
     and data if desired, but i have not done that.  ok markus@
2001-12-06 17:45:19 +00:00
Damien Miller 07cd5897f9 - markus@cvs.openbsd.org 2001/10/24 08:51:35
[clientloop.c ssh.c]
     ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
2001-11-12 10:52:03 +11:00
Damien Miller 595bb4f572 - markus@cvs.openbsd.org 2001/10/24 08:41:20
[ssh.c]
     remove unused
2001-11-12 10:51:40 +11:00
Damien Miller 139d4cd908 - markus@cvs.openbsd.org 2001/10/09 10:12:08
[session.c]
     chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 15:07:44 +10:00
Ben Lindstrom 908afed17f - markus@cvs.openbsd.org 2001/10/01 21:38:53
[channels.c channels.h ssh.c sshd.c]
     remove ugliness; vp@drexel.edu via angelos
2001-10-03 17:34:59 +00:00
Ben Lindstrom 83f07d1954 - markus@cvs.openbsd.org 2001/09/28 15:46:29
[ssh.c]
     bug: read user config first; report kaukasoi@elektroni.ee.tut.fi
2001-10-03 17:22:29 +00:00
Ben Lindstrom 40a0d20913 - (bal) Removed 'extern int optopt;' since it is dead wood. 2001-09-24 22:04:02 +00:00
Ben Lindstrom 5ccf63a974 - (bal) updated ssh.c to mirror minor getopts 'extern int' formating done
by stevesk@
2001-09-24 20:00:10 +00:00
Ben Lindstrom f558cf6580 - markus@cvs.openbsd.org 2001/09/20 13:50:40
[compat.c compat.h ssh.c]
     bug compat: request a dummy channel for -N (no shell) sessions +
     cleanup; vinschen@redhat.com
2001-09-20 23:13:49 +00:00
Ben Lindstrom edc0cf26d1 - stevesk@cvs.openbsd.org 2001/09/03 20:58:33
[readconf.c readconf.h ssh.c]
     fatal() for nonexistent -Fssh_config. ok markus@
2001-09-12 18:32:20 +00:00
Ben Lindstrom 1a1747172e - stevesk@cvs.openbsd.org 2001/08/29 23:27:23
[ssh.c]
     validate ports for -L/-R; ok markus@
2001-09-12 17:56:15 +00:00
Ben Lindstrom 19ceb17040 - stevesk@cvs.openbsd.org 2001/08/29 23:13:10
[ssh.1 ssh.c]
     document -D and DynamicForward; ok markus
2001-09-12 17:54:24 +00:00
Ben Lindstrom 14f31ab947 - markus@cvs.openbsd.org 2001/08/28 15:39:48
[ssh.1 ssh.c]
     allow: ssh -F configfile host
2001-09-12 17:48:04 +00:00
Ben Lindstrom 930b14a28e - jakob@cvs.openbsd.org 2001/08/11 22:51:27
[ssh.c tildexpand.c]
     fix more paths beginning with "//"; <bradshaw@staff.crosswalk.com>.
     ok markus@
2001-08-15 23:19:21 +00:00
Ben Lindstrom bcc1808bf2 - jakob@cvs.openbsd.org 2001/08/02 16:14:05
[scard.c ssh-agent.c ssh.c ssh-keygen.c]
     clean up some /* SMARTCARD */. ok markus@
2001-08-06 21:59:25 +00:00
Ben Lindstrom ffce147638 - jakob@cvs.openbsd.org 2001/08/02 15:43:57
[ssh-agent.c ssh.c ssh-keygen.c]
     add /* SMARTCARD */ to #else/#endif. ok markus@
2001-08-06 21:57:31 +00:00
Ben Lindstrom 61eb9568b3 - jakob@cvs.openbsd.org 2001/08/02 15:32:10
[ssh.c]
     add smartcard to usage(). ok markus@
2001-08-06 21:53:42 +00:00
Ben Lindstrom a6c8a8d4d5 - markus@cvs.openbsd.org 2001/08/01 23:38:45
[scard.c ssh.c]
     support finish rsa keys.
     free public keys after login -> call finish -> close smartcard.
2001-08-06 21:42:00 +00:00
Ben Lindstrom f7db3bb64c - markus@cvs.openbsd.org 2001/08/01 22:03:33
[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
      ssh-agent.c ssh.c]
     use strings instead of ints for smartcard reader ids
2001-08-06 21:35:51 +00:00
Ben Lindstrom ae996bf7d1 - jakob@cvs.openbsd.org 2001/07/31 09:28:44
[readconf.c readconf.h ssh.1 ssh.c]
     add 'SmartcardDevice' client option to specify which smartcard device
     is used to access a smartcard used for storing the user's private RSA
     key. ok markus@.
2001-08-06 21:27:53 +00:00
Ben Lindstrom 711b04a56a - millert@cvs.openbsd.org 2001/07/27 14:50:45
[ssh.c]
     If smart card support is compiled in and a smart card is being used
     for authentication, make it the first method used.  markus@ OK
2001-08-06 21:12:42 +00:00
Ben Lindstrom f9cedb9ca0 - markus@cvs.openbsd.org 2001/07/25 14:35:18
[readconf.c ssh.1 ssh.c sshconnect.c]
     cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
2001-08-06 21:07:11 +00:00
Damien Miller 4f8e66929b - (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension. 2001-07-14 13:22:53 +10:00
Damien Miller 1b73448d6d - markus@cvs.openbsd.org 2001/07/11 16:29:59
[ssh.c]
     sort options string, fix -p, add -k
2001-07-14 12:21:07 +10:00
Damien Miller f4614450d1 - OpenBSD CVS Sync
- fgsch@cvs.openbsd.org 2001/07/09 05:58:47
     [ssh.c]
     Use getopt(3); markus@ ok.
2001-07-14 12:18:10 +10:00
Kevin Steves 08ccf9d08c whitespace sync 2001-07-04 17:52:01 +00:00
Ben Lindstrom c5b680018b - markus@cvs.openbsd.org 2001/06/26 20:14:11
[key.c key.h ssh.c sshconnect1.c sshconnect2.c]
     add smartcard support to the client, too (now you can use both
     the agent and the client).
2001-07-04 04:52:03 +00:00
Ben Lindstrom bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom 6ab6486273 - markus@cvs.openbsd.org 2001/06/22 23:35:21
[ssh.c]
     don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
2001-06-25 04:26:55 +00:00
Ben Lindstrom 664408d2a7 - markus@cvs.openbsd.org 2001/06/07 20:23:05
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
      sshconnect.c sshconnect1.c]
     use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
Ben Lindstrom c763767f18 [NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
pain will be over.]
   - markus@cvs.openbsd.org 2001/05/31 10:30:17
     [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
      packet.c serverloop.c session.c ssh.c]
     undo the .c file split, just merge the header and keep the cvs
     history
2001-06-09 00:36:26 +00:00
Ben Lindstrom 5ec2645a2d - markus@cvs.openbsd.org 2001/05/30 15:20:10
[ssh.c]
     merge functions, simplify.
2001-06-09 00:18:51 +00:00
Ben Lindstrom e6455aee8f [NOTE: File split is was not done in Portabl Tree]
- markus@cvs.openbsd.org 2001/05/30 12:55:13
     [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
      packet.c serverloop.c session.c ssh.c ssh1.h]
     channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
Ben Lindstrom 3b89c5ef89 - markus@cvs.openbsd.org 2001/05/28 08:04:39
[ssh.c]
     fix usage()
2001-06-05 20:44:16 +00:00
Ben Lindstrom 2b1f71baee - stevesk@cvs.openbsd.org 2001/05/24 18:57:53
[clientloop.c readconf.c ssh.c ssh.h]
     don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 20:32:21 +00:00
Ben Lindstrom 99c73b377a - markus@cvs.openbsd.org 2001/05/04 23:47:34
[channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
     move to Channel **channels (instead of Channel *channels), fixes realloc
     problems.  channel_new now returns a Channel *, favour Channel * over
     channel id.  remove old channel_allocate interface.
2001-05-05 04:09:47 +00:00
Ben Lindstrom e0f8804194 - markus@cvs.openbsd.org 2001/04/30 11:18:52
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
     implement 'ssh -b bind_address' like 'telnet -b'
2001-04-30 13:06:24 +00:00
Ben Lindstrom 2b261b9035 - markus@cvs.openbsd.org 2001/04/17 12:55:04
[channels.c ssh.c]
     undo socks5 and https support since they are not really used and
     only bloat ssh.  remove -D from usage(), since '-D' is experimental.
2001-04-17 18:14:34 +00:00
Ben Lindstrom ae8e2d30db - stevesk@cvs.openbsd.org 2001/04/14 16:33:20
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
     protocol 2 tty modes support; ok markus@
2001-04-14 23:13:02 +00:00
Ben Lindstrom 92d4a02001 - stevesk@cvs.openbsd.org 2001/04/13 01:26:17
[ssh.c]
     missing \n in error message
2001-04-13 04:44:37 +00:00
Ben Lindstrom 19066a112b - stevesk@cvs.openbsd.org 2001/04/12 20:09:38
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
     robust port validation; ok markus@ jakob@
2001-04-12 23:39:26 +00:00
Ben Lindstrom 5eabda303a - markus@cvs.openbsd.org 2001/04/12 19:15:26
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
      compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
      servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
      sshconnect2.c sshd_config]
     implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
     similar to RhostRSAAuthentication unless you enable (the experimental)
     HostbasedUsesNameFromPacketOnly option.  please test. :)
2001-04-12 23:34:34 +00:00
Ben Lindstrom 2b646528cb - markus@cvs.openbsd.org 2001/04/12 14:29:09
[ssh.c]
     show debug output during option processing, report from
     pekkas@netcore.fi
2001-04-12 16:16:57 +00:00
Ben Lindstrom 6fa9d10ed5 - markus@cvs.openbsd.org 2001/04/11 13:56:13
[channels.c ssh.c]
     https-connect and socks5 support. i feel so bad.
2001-04-11 23:08:17 +00:00
Ben Lindstrom 146edb9832 - markus@cvs.openbsd.org 2001/04/11 10:59:01
[ssh.c]
     use strtol() for ports, thanks jakob@
2001-04-11 23:06:28 +00:00
Ben Lindstrom 3bb4f9da73 - markus@cvs.openbsd.org 2001/04/07 08:55:18
[buffer.c channels.c channels.h readconf.c ssh.c]
     allow the ssh client act as a SOCKS4 proxy (dynamic local
     portforwarding).  work by Dan Kaminsky <dankamin@cisco.com> and me.
     thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
     netscape use localhost:1080 as a socks proxy.
2001-04-08 18:30:26 +00:00
Ben Lindstrom 3fcf1a22b5 - markus@cvs.openbsd.org 2001/04/06 21:00:17
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
      ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
     do gid/groups-swap in addition to uid-swap, should help if /home/group
     is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
     to olar@openwall.com is comments.  we had many requests for this.
2001-04-08 18:26:59 +00:00
Ben Lindstrom 4c3f77dd3b - markus@cvs.openbsd.org 2001/04/05 21:05:24
[clientloop.c ssh.c]
     don't request a session for 'ssh -N', pointed out slade@shore.net
2001-04-05 23:37:36 +00:00
Ben Lindstrom d0fca423fc - markus@cvs.openbsd.org 2001/03/26 08:07:09
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
      sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
     simpler key load/save interface, see authfile.h
2001-03-26 13:44:06 +00:00
Damien Miller 60bc517356 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
do it implicitly.
2001-03-19 09:38:15 +11:00
Ben Lindstrom 266dfdfd62 - markus@cvs.openbsd.org 2001/03/08 21:42:33
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
     implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
     no need to do enter passphrase or do expensive sign operations if the
     server does not accept key).
2001-03-09 00:12:22 +00:00
Ben Lindstrom 6df8ef4196 - millert@cvs.openbsd.org 2001/03/04 17:42:28
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
      ssh.c sshconnect.c sshd.c]
     log functions should not be passed strings that end in newline as they
     get passed on to syslog() and when logging to stderr, do_log() appends
     its own newline.
2001-03-05 07:47:23 +00:00
Ben Lindstrom 3d73a34931 - stevesk@cvs.openbsd.org 2001/03/04 10:57:53
[ssh.c]
     add -m to usage; ok markus@
2001-03-05 07:39:01 +00:00