tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,080 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

81 Commits

Author SHA1 Message Date
Damien Miller c652cac5f7 - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2003/04/09 12:00:37
     [readconf.c]
     strip trailing whitespace from config lines before parsing.
     Fixes bz 528; ok markus@
 2003-05-14 13:40:54 +10:00
Damien Miller a5539d2698 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/04/02 09:48:07
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     reapply rekeying chage, tested by henning@, ok djm@
 2003-04-09 20:50:06 +10:00
Damien Miller 2dc074ef4b - markus@cvs.openbsd.org 2003/04/01 10:10:23 
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     rekeying bugfixes and automatic rekeying:
     * both client and server rekey _automatically_
           (a) after 2^31 packets, because after 2^32 packets
               the sequence number for packets wraps
           (b) after 2^(blocksize_in_bits/4) blocks
       (see: draft-ietf-secsh-newmodes-00.txt)
       (a) and (b) are _enabled_ by default, and only disabled for known
       openssh versions, that don't support rekeying properly.
     * client option 'RekeyLimit'
     * do not reply to requests during rekeying
   - markus@cvs.openbsd.org 2003/04/01 10:22:21
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     backout rekeying changes (for 3.6.1)
 2003-04-01 21:43:39 +10:00
Damien Miller 61f08ac35a - markus@cvs.openbsd.org 2003/02/05 09:02:28 
[readconf.c]
     simplify ProxyCommand parsing, remove strcat/xrealloc; ok henning@, djm@
 2003-02-24 11:56:27 +11:00
Ben Lindstrom b6df73b06a - markus@cvs.openbsd.org 2002/11/07 22:08:07 
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
     we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
     because HostbasedAuthentication might be enabled based on the
     target host and ssh-keysign(8) does not know the remote hostname
     and not trust ssh(1) about the hostname, so we add a new option
     EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
 2002-11-09 15:52:31 +00:00
Ben Lindstrom 99a4e14fe0 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms 
lacking that concept can share it. Patch by vinschen@redhat.com
 2002-07-09 14:06:40 +00:00
Ben Lindstrom cb72e4f6d2 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55 
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
 2002-06-21 00:41:51 +00:00
Ben Lindstrom 2bf8276393 - stevesk@cvs.openbsd.org 2002/06/10 17:45:20 
[readconf.c ssh.1]
     change RhostsRSAAuthentication and RhostsAuthentication default to no
     since ssh is no longer setuid root by default; ok markus@
 2002-06-11 15:53:05 +00:00
Ben Lindstrom 2e17b08e48 - markus@cvs.openbsd.org 2002/06/08 12:46:14 
[readconf.c]
     silently ignore deprecated options, since FallBackToRsh might be passed
     by remote scp commands.
 2002-06-09 20:13:27 +00:00
Ben Lindstrom 1c2bafebb3 - markus@cvs.openbsd.org 2002/06/08 05:40:01 
[readconf.c]
     just warn about Deprecated options for now
 2002-06-09 20:04:50 +00:00
Ben Lindstrom 4daea86fd4 - markus@cvs.openbsd.org 2002/06/08 05:17:01 
[readconf.c readconf.h ssh.1 ssh.c]
     deprecate FallBackToRsh and UseRsh; patch from djm@
 2002-06-09 20:04:02 +00:00
Damien Miller fcd9320440 - markus@cvs.openbsd.org 2002/02/04 12:15:25 
[log.c log.h readconf.c servconf.c]
     add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
     fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
 2002-02-05 12:26:34 +11:00
Damien Miller f51b0e1a30 - stevesk@cvs.openbsd.org 2002/01/04 17:59:17 
[readconf.c servconf.c]
     remove #ifdef _PATH_XAUTH/#endif; ok markus@
 2002-01-22 23:18:49 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
 2001-12-21 14:45:46 +11:00
Ben Lindstrom 65366a8c76 - stevesk@cvs.openbsd.org 2001/11/17 19:14:34 
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
     enum/int type cleanup where it made sense to do so; ok markus@
 2001-12-06 16:32:47 +00:00
Ben Lindstrom 3cecc9a41f - markus@cvs.openbsd.org 2001/10/01 21:51:16 
[readconf.c readconf.h ssh.1 sshconnect.c]
     add NoHostAuthenticationForLocalhost; note that the hostkey is
     now check for localhost, too.
 2001-10-03 17:39:38 +00:00
Ben Lindstrom 2b7a0e953e - stevesk@cvs.openbsd.org 2001/09/19 19:24:19 
[readconf.c readconf.h scp.c sftp.c ssh.1]
     add ClearAllForwardings ssh option and set it in scp and sftp; ok
     markus@
 2001-09-20 00:57:55 +00:00
Ben Lindstrom edc0cf26d1 - stevesk@cvs.openbsd.org 2001/09/03 20:58:33 
[readconf.c readconf.h ssh.c]
     fatal() for nonexistent -Fssh_config. ok markus@
 2001-09-12 18:32:20 +00:00
Ben Lindstrom 62c25a43db - stevesk@cvs.openbsd.org 2001/08/30 16:04:35 
[readconf.c ssh.1]
     validate ports for LocalForward/RemoteForward.
     add host/port alternative syntax for IPv6 (like -L/-R).
     ok markus@
 2001-09-12 18:01:59 +00:00
Ben Lindstrom 525a09389e - markus@cvs.openbsd.org 2001/08/28 09:51:26 
[readconf.c]
     don't set DynamicForward unless Host matches
 2001-09-12 17:35:27 +00:00
Ben Lindstrom d0ff40847d - (bal) Fixed stray code in readconf.c that went in by mistake. 2001-08-15 22:58:59 +00:00
Ben Lindstrom f7db3bb64c - markus@cvs.openbsd.org 2001/08/01 22:03:33 
[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
      ssh-agent.c ssh.c]
     use strings instead of ints for smartcard reader ids
 2001-08-06 21:35:51 +00:00
Ben Lindstrom ae996bf7d1 - jakob@cvs.openbsd.org 2001/07/31 09:28:44 
[readconf.c readconf.h ssh.1 ssh.c]
     add 'SmartcardDevice' client option to specify which smartcard device
     is used to access a smartcard used for storing the user's private RSA
     key. ok markus@.
 2001-08-06 21:27:53 +00:00
Ben Lindstrom f9cedb9ca0 - markus@cvs.openbsd.org 2001/07/25 14:35:18 
[readconf.c ssh.1 ssh.c sshconnect.c]
     cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
 2001-08-06 21:07:11 +00:00
Ben Lindstrom 0076d75c25 - markus@cvs.openbsd.org 2001/07/22 22:04:19 
[readconf.c ssh.1]
     enable challenge-response auth by default; ok millert@
 2001-08-06 20:53:26 +00:00
Ben Lindstrom c88785efc8 - markus@cvs.openbsd.org 2001/07/22 21:32:27 
[sshpty.c]
     update comment
 2001-08-06 20:47:23 +00:00
Ben Lindstrom ec95ed9b4c - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
      servconf.c servconf.h session.c sshconnect1.c sshd.c]
     Kerberos v5 support for SSH1, mostly from Assar Westerlund
     <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
 2001-07-04 04:21:14 +00:00
Ben Lindstrom d6481ea49a - markus@cvs.openbsd.org 2001/06/23 02:34:33 
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
      sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
     get rid of known_hosts2, use it for hostkey lookup, but do not
     modify.
 2001-06-25 04:37:41 +00:00
Ben Lindstrom 1bf11f6af7 - markus@cvs.openbsd.org 2001/06/08 15:25:40 
[includes.h pathnames.h readconf.c servconf.c]
     move the path for xauth to pathnames.h
 2001-06-09 01:48:01 +00:00
Ben Lindstrom 2b1f71baee - stevesk@cvs.openbsd.org 2001/05/24 18:57:53 
[clientloop.c readconf.c ssh.c ssh.h]
     don't perform escape processing when ``EscapeChar none''; ok markus@
 2001-06-05 20:32:21 +00:00
Ben Lindstrom 551ea37576 - markus@cvs.openbsd.org 2001/05/18 14:13:29 
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
      readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
     improved kbd-interactive support. work by per@appgate.com and me
 2001-06-05 18:56:16 +00:00
Ben Lindstrom e0f8804194 - markus@cvs.openbsd.org 2001/04/30 11:18:52 
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
     implement 'ssh -b bind_address' like 'telnet -b'
 2001-04-30 13:06:24 +00:00
Ben Lindstrom 982dbbcfda - markus@cvs.openbsd.org 2001/04/17 10:53:26 
[key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c]
     add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
 2001-04-17 18:11:36 +00:00
Ben Lindstrom b5cdc66438 - stevesk@cvs.openbsd.org 2001/04/15 21:28:35 
[readconf.c servconf.c]
     use fatal() or error() vs. fprintf(); ok markus@
 2001-04-16 02:13:26 +00:00
Ben Lindstrom 19066a112b - stevesk@cvs.openbsd.org 2001/04/12 20:09:38 
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
     robust port validation; ok markus@ jakob@
 2001-04-12 23:39:26 +00:00
Ben Lindstrom d69dab3cde - markus@cvs.openbsd.org 2001/04/12 19:39:27 
[readconf.c]
     typo
 2001-04-12 23:36:05 +00:00
Ben Lindstrom 5eabda303a - markus@cvs.openbsd.org 2001/04/12 19:15:26 
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
      compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
      servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
      sshconnect2.c sshd_config]
     implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
     similar to RhostRSAAuthentication unless you enable (the experimental)
     HostbasedUsesNameFromPacketOnly option.  please test. :)
 2001-04-12 23:34:34 +00:00
Ben Lindstrom 3bb4f9da73 - markus@cvs.openbsd.org 2001/04/07 08:55:18 
[buffer.c channels.c channels.h readconf.c ssh.c]
     allow the ssh client act as a SOCKS4 proxy (dynamic local
     portforwarding).  work by Dan Kaminsky <dankamin@cisco.com> and me.
     thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
     netscape use localhost:1080 as a socks proxy.
 2001-04-08 18:30:26 +00:00
Ben Lindstrom 3704c2612a - stevesk@cvs.openbsd.org 2001/04/02 14:20:23 
[readconf.c servconf.c]
     correct comment; ok markus@
 2001-04-02 18:20:03 +00:00
Ben Lindstrom 6b77643fd5 - OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2001/03/20 19:10:16
     [readconf.c]
     default to SSH protocol version 2
 2001-03-22 01:24:04 +00:00
Damien Miller e7cf07c927 - markus@cvs.openbsd.org 2001/03/19 17:07:23 
[auth.c readconf.c]
     undo /etc/shell and proto 2,1 change for openssh-2.5.2
 2001-03-20 09:15:57 +11:00
Ben Lindstrom b9be60a722 - markus@cvs.openbsd.org 2001/03/10 17:51:04 
[kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
     add PreferredAuthentications
 2001-03-11 01:49:19 +00:00
Ben Lindstrom 068f3dce28 - deraadt@cvs.openbsd.org 2001/03/10 12:53:51 
[readconf.c ssh_config]
     default to SSH2, now that m68k runs fast
 2001-03-10 17:15:39 +00:00
Ben Lindstrom cebc858ca2 - OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2001/03/08 00:15:48
     [readconf.c ssh.1]
     turn off useprivilegedports by default. only rhost-auth needs
     this. older sshd's may need this, too.
 2001-03-08 03:39:10 +00:00
Ben Lindstrom 6df8ef4196 - millert@cvs.openbsd.org 2001/03/04 17:42:28 
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
      ssh.c sshconnect.c sshd.c]
     log functions should not be passed strings that end in newline as they
     get passed on to syslog() and when logging to stderr, do_log() appends
     its own newline.
 2001-03-05 07:47:23 +00:00
Ben Lindstrom b00d4fb142 - deraadt@cvs.openbsd.org 2001/02/24 10:37:55 
[readconf.c]
     look for id_rsa by default, before id_dsa
 2001-03-05 06:03:03 +00:00
Ben Lindstrom 06b33aa0e8 - markus@cvs.openbsd.org 2001/02/11 12:59:25 
[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@
 2001-02-15 03:01:59 +00:00
Ben Lindstrom 4f7a64a64f - deraadt@cvs.openbsd.org 2001/02/08 14:39:36 
[readconf.c]
     snprintf
 2001-02-10 22:50:09 +00:00
Ben Lindstrom 5ed8acd3e3 - stevesk@cvs.openbsd.or 2001/01/28 20:36:16 
[readconf.c]
     ``StrictHostKeyChecking ask'' documentation and small cleanup.
     ok markus@
 2001-01-29 08:00:54 +00:00
Ben Lindstrom 95fb2dde77 - markus@cvs.openbsd.org 2001/01/22 23:06:39 
[auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
      sshconnect1.c sshconnect2.c sshd.c]
     rename skey -> challenge response.
     auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
 2001-01-23 03:12:10 +00:00