Darren Tucker
8901fa9c88
- djm@cvs.openbsd.org 2008/06/10 22:15:23
...
[PROTOCOL ssh.c serverloop.c]
Add a no-more-sessions@openssh.com global request extension that the
client sends when it knows that it will never request another session
(i.e. when session multiplexing is disabled). This allows a server to
disallow further session requests and terminate the session.
Why would a non-multiplexing client ever issue additional session
requests? It could have been attacked with something like SSH'jack:
http://www.storm.net.nz/projects/7
feedback & ok markus
2008-06-11 09:34:01 +10:00
Damien Miller
b3da593962
- djm@cvs.openbsd.org 2008/05/09 14:26:08
...
[ssh.c]
dingo stole my diff hunk
2008-05-19 16:02:37 +10:00
Damien Miller
b1cbfa25f1
- djm@cvs.openbsd.org 2008/05/09 14:18:44
...
[clientloop.c clientloop.h ssh.c mux.c]
tidy up session multiplexing code, moving it into its own file and
making the function names more consistent - making ssh.c and
clientloop.c a fair bit more readable.
ok markus@
2008-05-19 16:00:08 +10:00
Damien Miller
5771ed7d1b
- djm@cvs.openbsd.org 2008/05/08 13:06:11
...
[clientloop.c clientloop.h ssh.c]
Use new channel status confirmation callback system to properly deal
with "important" channel requests that fail, in particular command exec,
shell and subsystem requests. Previously we would optimistically assume
that the requests would always succeed, which could cause hangs if they
did not (e.g. when the server runs out of fds) or were unimplemented by
the server (bz #1384 )
Also, properly report failing multiplex channel requests via the mux
client stderr (subject to LogLevel in the mux master) - better than
silently failing.
most bits ok markus@ (as part of a larger diff)
2008-05-19 15:35:33 +10:00
Damien Miller
b84886ba3e
- djm@cvs.openbsd.org 2008/05/08 12:02:23
...
[auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
[monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
[ssh.c sshd.c]
Implement a channel success/failure status confirmation callback
mechanism. Each channel maintains a queue of callbacks, which will
be drained in order (RFC4253 guarantees confirm messages are not
reordered within an channel).
Also includes a abandonment callback to clean up if a channel is
closed without sending confirmation messages. This probably
shouldn't happen in compliant implementations, but it could be
abused to leak memory.
ok markus@ (as part of a larger diff)
2008-05-19 15:05:07 +10:00
Darren Tucker
bfaaf960a0
- (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
...
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
header to after OpenSSL headers, since some versions of OpenSSL have
SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
Damien Miller
d39a3cffc9
- djm@cvs.openbsd.org 2008/01/19 20:51:26
...
[ssh.c]
ignore SIGPIPE in multiplex client mode - we can receive this if the
server runs out of fds on us midway. Report and patch from
gregory_shively AT fanniemae.com
2008-02-10 22:23:18 +11:00
Darren Tucker
06321f5d1d
- deraadt@cvs.openbsd.org 2007/11/03 02:03:49
...
[ssh.c]
avoid errno trashing in signal handler; ok dtucker
2007-12-02 23:22:52 +11:00
Darren Tucker
e143f062ba
- dtucker@cvs.openbsd.org 2007/11/03 02:00:32
...
[ssh.c]
Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@
2007-12-02 23:21:16 +11:00
Darren Tucker
b4fbbc6850
- deraadt@cvs.openbsd.org 2007/11/03 01:24:06
...
[ssh.c]
bz #1377 : getpwuid results were being clobbered by another getpw* call
inside tilde_expand_filename(); save the data we need carefully
ok djm
2007-12-02 23:16:32 +11:00
Darren Tucker
b776c856aa
- dtucker@cvs.openbsd.org 2007/10/29 06:54:50
...
[ssh.c]
Make LocalCommand work for Protocol 1 too; ok djm@
2007-12-02 23:06:35 +11:00
Darren Tucker
32e42c74a5
- dtucker@cvs.openbsd.org 2007/10/29 01:55:04
...
[ssh.c]
Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
ok djm@
2007-12-02 23:01:03 +11:00
Damien Miller
67bd062b27
- djm@cvs.openbsd.org 2007/09/04 11:15:56
...
[ssh.c sshconnect.c sshconnect.h]
make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
SSH banner exchange (previously it just covered the TCP connection).
This allows callers of ssh(1) to better detect and deal with stuck servers
that accept a TCP connection but don't progress the protocol, and also
makes ConnectTimeout useful for connections via a ProxyCommand;
feedback and "looks ok" markus@
2007-09-17 12:06:57 +10:00
Damien Miller
54fd7cf2db
- djm@cvs.openbsd.org 2007/09/04 03:21:03
...
[clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
[monitor_wrap.c ssh.c]
make file descriptor passing code return an error rather than call fatal()
when it encounters problems, and use this to make session multiplexing
masters survive slaves failing to pass all stdio FDs; ok markus@
2007-09-17 12:04:08 +10:00
Damien Miller
b3ce9fec30
- djm@cvs.openbsd.org 2007/08/07 07:32:53
...
[clientloop.c clientloop.h ssh.c]
bz#1232: ensure that any specified LocalCommand is executed after the
tunnel device is opened. Also, make failures to open a tunnel device
fatal when ExitOnForwardFailure is active.
Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 14:32:41 +10:00
Darren Tucker
132367f76f
- djm@cvs.openbsd.org 2007/06/14 22:48:05
...
[ssh.c]
when waiting for the multiplex exit status, read until the master end
writes an entire int of data *and* closes the client_fd; fixes mux
regression spotted by dtucker, ok dtucker@
2007-06-25 18:59:17 +10:00
Darren Tucker
d989adadd3
- djm@cvs.openbsd.org 2007/06/14 21:43:25
...
[ssh.c]
handle EINTR when waiting for mux exit status properly
2007-06-25 18:34:43 +10:00
Darren Tucker
2604749651
- djm@cvs.openbsd.org 2007/06/12 11:45:27
...
[ssh.c]
improved exit message from multiplex slave sessions; bz #1262
reported by alexandre.nunes AT gmail.com; ok dtucker@
2007-06-12 23:44:10 +10:00
Darren Tucker
415bddc1bd
- djm@cvs.openbsd.org 2007/06/12 11:15:17
...
[ssh.c ssh.1]
Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
and is useful for hosts with /home on Kerberised NFS; bz #1312
patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
2007-06-12 23:43:16 +10:00
Darren Tucker
2cbec749d7
- djm@cvs.openbsd.org 2007/06/12 11:11:08
...
[ssh.c]
fix slave exit value when a control master goes away without passing the
full exit status by ensuring that the slave reads a full int. bz#1261
reported by frekko AT gmail.com; ok markus@ dtucker@
2007-06-12 23:41:33 +10:00
Damien Miller
80163907ed
- stevesk@cvs.openbsd.org 2007/01/03 03:01:40
...
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
spaces
2007-01-05 16:30:16 +11:00
Damien Miller
952dce6593
- djm@cvs.openbsd.org 2006/10/06 02:29:19
...
[ssh-agent.c ssh-keyscan.c ssh.c]
sys/resource.h needs sys/time.h; prompted by brad@
(NB. Id sync only for portable)
2006-10-24 03:01:16 +10:00
Darren Tucker
46aa3e0ce1
- (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
...
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
for hton* and ntoh* macros. Required on (at least) HP-UX since we define
_XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-09-02 15:32:40 +10:00
Damien Miller
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Damien Miller
d783435315
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42
...
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
[auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
[buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
[groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
[key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
[monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
[readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
[serverloop.c session.c session.h sftp-client.c sftp-common.c]
[sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
[ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
[uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
[loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step
NB. portable commit contains everything *except* removing includes.h, as
that will take a fair bit more work as we move headers that are required
for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller
4dec5d75da
- stevesk@cvs.openbsd.org 2006/08/01 23:36:12
...
[authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
clean extra spaces
2006-08-05 11:38:40 +10:00
Damien Miller
a7a73ee35d
- stevesk@cvs.openbsd.org 2006/08/01 23:22:48
...
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
[auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
[channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
[kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
[monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
[servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
[uuencode.h xmalloc.c]
move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
Damien Miller
e7a1e5cf63
- stevesk@cvs.openbsd.org 2006/07/26 13:57:17
...
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
[hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
[scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
[sshconnect1.c sshd.c xmalloc.c]
move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
Damien Miller
b8fe89c4d9
- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
...
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
[gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
[servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
[ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
[openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
[openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
[openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
[openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
[openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
make the portable tree compile again - sprinkle unistd.h and string.h
back in. Don't redefine __unused, as it turned out to be used in
headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 14:51:00 +10:00
Damien Miller
e3476ed03b
- stevesk@cvs.openbsd.org 2006/07/22 20:48:23
...
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
[auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
[authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
[cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
[compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
[includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
[progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller
e6b3b610ec
- stevesk@cvs.openbsd.org 2006/07/17 01:31:10
...
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
[includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
[readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
[sshconnect.c sshlogin.c sshpty.c uidswap.c]
move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
Damien Miller
2d00e63cb8
- stevesk@cvs.openbsd.org 2006/07/12 22:42:32
...
[includes.h ssh.c ssh-rand-helper.c]
move #include <stddef.h> out of includes.h
2006-07-24 13:53:19 +10:00
Damien Miller
be43ebf975
- stevesk@cvs.openbsd.org 2006/07/12 22:28:52
...
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
Darren Tucker
ba72405026
- stevesk@cvs.openbsd.org 2006/07/11 20:27:56
...
[authfile.c ssh.c]
need <errno.h> here also (it's also included in <openssl/err.h>)
2006-07-12 22:24:22 +10:00
Darren Tucker
57f4224677
- stevesk@cvs.openbsd.org 2006/07/11 20:16:43
...
[ssh.c]
cast asterisk field precision argument to int to remove warning;
ok markus@
2006-07-12 22:23:35 +10:00
Darren Tucker
e7d4b19f75
- markus@cvs.openbsd.org 2006/07/11 18:50:48
...
[clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
channels.h readconf.c]
add ExitOnForwardFailure: terminate the connection if ssh(1)
cannot set up all requested dynamic, local, and remote port
forwardings. ok djm, dtucker, stevesk, jmc
2006-07-12 22:17:10 +10:00
Darren Tucker
284706a755
- dtucker@cvs.openbsd.org 2006/07/11 10:12:07
...
[ssh.c]
Only copy the part of environment variable that we actually use. Prevents
ssh bailing when SendEnv is used and an environment variable with a really
long value exists. ok djm@
2006-07-12 22:16:23 +10:00
Damien Miller
57cf638577
- stevesk@cvs.openbsd.org 2006/07/09 15:15:11
...
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
[readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
[sshlogin.c sshpty.c]
move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
Damien Miller
e3b60b524e
- stevesk@cvs.openbsd.org 2006/07/08 21:47:12
...
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
[monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
Damien Miller
9f2abc47eb
- stevesk@cvs.openbsd.org 2006/07/06 16:03:53
...
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
[auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
[auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
[monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
[session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
[ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
[uidswap.h]
move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
Damien Miller
b757677d02
- stevesk@cvs.openbsd.org 2006/07/03 08:54:20
...
[includes.h ssh.c sshconnect.c sshd.c]
move #include "version.h" out of includes.h; ok markus@
2006-07-10 20:23:39 +10:00
Damien Miller
991dba43e1
- stevesk@cvs.openbsd.org 2006/07/02 17:12:58
...
[ssh.1 ssh.c ssh_config.5 sshd_config.5]
more details and clarity for tun(4) device forwarding; ok and help
jmc@
2006-07-10 20:16:27 +10:00
Darren Tucker
232b76f9f8
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
...
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186 , ok djm@
2006-05-06 17:41:51 +10:00
Damien Miller
6b1d53c2b0
- djm@cvs.openbsd.org 2006/03/30 10:41:25
...
[ssh.c ssh_config.5]
add percent escape chars to the IdentityFile option, bz #1159 based
on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
Damien Miller
ddd63ab1d0
- deraadt@cvs.openbsd.org 2006/03/28 00:12:31
...
[README.tun ssh.c]
spacing
2006-03-31 23:10:51 +11:00
Damien Miller
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
Damien Miller
1d2b6706ba
- deraadt@cvs.openbsd.org 2006/03/20 18:42:27
...
[canohost.c match.c ssh.c sshconnect.c]
be strict with tolower() casting
2006-03-26 14:09:54 +11:00
Damien Miller
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
Damien Miller
71a7367130
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
Damien Miller
4662d3492f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:30
...
[ssh.c]
spacing
2006-03-26 13:59:59 +11:00
Damien Miller
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
Damien Miller
2ecb6bd95d
- djm@cvs.openbsd.org 2006/03/12 04:23:07
...
[ssh.c]
knf nit
2006-03-15 12:03:53 +11:00
Damien Miller
c7b06369a8
- stevesk@cvs.openbsd.org 2006/02/22 00:04:45
...
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
Damien Miller
6ff3caddb6
oops, this commit is really:
...
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
Damien Miller
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
Damien Miller
574c41fdb3
- stevesk@cvs.openbsd.org 2006/02/20 16:36:15
...
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
Damien Miller
3ec54c7e58
- djm@cvs.openbsd.org 2006/02/12 06:45:34
...
[ssh.c ssh_config.5]
add a %l expansion code to the ControlPath, which is filled in with the
local hostname at runtime. Requested by henning@ to avoid some problems
with /home on NFS; ok dtucker@
2006-03-15 11:30:13 +11:00
Damien Miller
17e91c0fb0
- stevesk@cvs.openbsd.org 2006/02/10 00:27:13
...
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
[ssh.c sshd.c sshpty.c]
move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
Damien Miller
cd4223c245
- stevesk@cvs.openbsd.org 2006/02/08 14:31:30
...
[includes.h ssh-agent.c ssh-keyscan.c ssh.c]
move #include <sys/resource.h> out of includes.h; ok markus@
2006-03-15 11:22:47 +11:00
Damien Miller
03e2003a23
- stevesk@cvs.openbsd.org 2006/02/08 12:15:27
...
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
[session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
[sshd.c sshpty.c]
move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
Damien Miller
598bbc2d8f
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
...
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
2005-12-31 16:33:36 +11:00
Darren Tucker
e9a9b71c6b
- dtucker@cvs.openbsd.org 2005/12/20 04:41:07
...
[ssh.c]
exit(255) on error to match description in ssh(1); bz #1137 ; ok deraadt@
2005-12-20 16:15:51 +11:00
Damien Miller
7b58e80036
- reyk@cvs.openbsd.org 2005/12/08 18:34:11
...
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
2005-12-13 19:33:19 +11:00
Damien Miller
d27b947178
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
...
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
Damien Miller
788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
Damien Miller
aa3bb10940
- djm@cvs.openbsd.org 2005/10/30 04:03:24
...
[ssh.c]
fix misleading debug message; ok dtucker@
2005-11-05 15:12:59 +11:00
Damien Miller
15d72a00a3
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
...
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
Darren Tucker
895d698515
- jmc@cvs.openbsd.org 2005/09/19 15:42:44
...
[ssh.c]
update -D usage here too;
2005-10-03 18:18:05 +10:00
Darren Tucker
ce321d8a30
- djm@cvs.openbsd.org 2005/09/13 23:40:07
...
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
Damien Miller
be1045dc58
- djm@cvs.openbsd.org 2005/07/30 01:26:16
...
[ssh.c]
fix -D listen_host initialisation, so it picks up gateway_ports setting
correctly
2005-08-12 22:10:56 +10:00
Damien Miller
46d38de48b
- djm@cvs.openbsd.org 2005/07/16 01:35:24
...
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
[sshconnect.c]
spacing
2005-07-17 17:02:09 +10:00
Damien Miller
1339002e8b
- djm@cvs.openbsd.org 2005/07/04 00:58:43
...
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
Damien Miller
7c71cc738c
- djm@cvs.openbsd.org 2005/06/25 22:47:49
...
[ssh.c]
do the default port filling code a few lines earlier, so it really
does fix %p
2005-06-26 08:56:31 +10:00
Damien Miller
8f74c8fc32
- djm@cvs.openbsd.org 2005/06/18 04:30:36
...
[ssh.c ssh_config.5]
allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
2005-06-26 08:56:03 +10:00
Damien Miller
9651fe690a
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/06/17 22:53:47
[ssh.c sshconnect.c]
Fix ControlPath's %p expanding to "0" for a default port,
spotted dwmw2 AT infradead.org; ok markus@
2005-06-26 08:55:25 +10:00
Damien Miller
17e7ed0e75
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/06/16 03:38:36
[channels.c channels.h clientloop.c clientloop.h ssh.c]
move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
Damien Miller
d14b1e731c
- djm@cvs.openbsd.org 2005/06/08 11:25:09
...
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
add ControlMaster=auto/autoask options to support opportunistic
multiplexing; tested avsm@ and jakob@, ok markus@
2005-06-16 13:19:41 +10:00
Damien Miller
6476cad9bb
- djm@cvs.openbsd.org 2005/06/06 11:20:36
...
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
introduce a generic %foo expansion function. replace existing % expansion
and add expansion to ControlPath; ok markus@
2005-06-16 13:18:34 +10:00
Darren Tucker
0814d3136f
- djm@cvs.openbsd.org 2005/05/27 08:30:37
...
[ssh.c]
fix -O for cases where no ControlPath has been specified or socket at
ControlPath is not contactable; spotted by and ok avsm@
2005-06-01 23:08:51 +10:00
Damien Miller
538c9b71ec
- djm@cvs.openbsd.org 2005/05/10 10:30:43
...
[ssh.c]
report real errors on fallback from ControlMaster=no to normal connect
2005-05-26 12:11:28 +10:00
Damien Miller
924c25a64e
- djm@cvs.openbsd.org 2005/05/10 10:28:11
...
[ssh.c]
print nice error message for EADDRINUSE as well (ID sync only)
2005-05-26 12:09:32 +10:00
Damien Miller
dadfd4dd38
- jakob@cvs.openbsd.org 2005/04/26 13:08:37
...
[ssh.c ssh_config.5]
fallback gracefully if client cannot connect to ControlPath. ok djm@
2005-05-26 12:07:13 +10:00
Damien Miller
ddee575b98
- djm@cvs.openbsd.org 2005/04/21 11:47:19
...
[ssh.c]
don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
ignasi.roca AT fujitsu-siemens.com (bz #829 ); ok dtucker@
2005-05-26 12:05:05 +10:00
Damien Miller
1b0de9a041
- dtucker@cvs.openbsd.org 2005/04/06 12:26:06
...
[ssh.c]
Fix debug call for port forwards; patch from pete at seebeyond.com,
ok djm@ (ID sync only - change already in portable)
2005-05-26 12:01:22 +10:00
Damien Miller
4f10e25684
- (djm) [ssh.c] some systems return EADDRINUSE on a bind to an already-used
...
unix domain socket, so catch that too; from jakob@ ok dtucker@
2005-05-04 15:33:09 +10:00
Darren Tucker
73ba43798a
- (dtucker) [ssh.c] Prevent null pointer deref in port forwarding debug
...
message on some platforms. Patch from pete at seebeyond.com via djm.
2005-03-31 21:51:54 +10:00
Darren Tucker
47eede77ed
- deraadt@cvs.openbsd.org 2005/03/10 22:01:05
...
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
readconf.c bufaux.c sftp.c]
spacing
2005-03-14 23:08:12 +11:00
Damien Miller
02faeceb56
- jmc@cvs.openbsd.org 2005/03/01 17:22:06
...
[ssh.c]
sync usage() w/ man SYNOPSIS;
ok markus@
2005-03-02 12:04:32 +11:00
Damien Miller
f91ee4c3de
- djm@cvs.openbsd.org 2005/03/01 10:09:52
...
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Damien Miller
3eb48b6245
- otto@cvs.openbsd.org 2005/02/16 09:56:44
...
[ssh.c]
Better diagnostic if an identity file is not accesible. ok markus@ djm@
2005-03-01 21:15:46 +11:00
Darren Tucker
9c6bf325c0
- jmc@cvs.openbsd.org 2004/11/07 17:57:30
...
[ssh.c]
usage():
- add -O
- sync -S w/ manpage
- remove -h
2004-12-03 14:10:19 +11:00
Darren Tucker
7ebfc10884
- djm@cvs.openbsd.org 2004/11/07 00:01:46
...
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
2004-11-07 20:06:19 +11:00
Darren Tucker
39207a46b4
- djm@cvs.openbsd.org 2004/09/23 13:00:04
...
[ssh.c]
correctly honour -n in multiplex client mode; spotted by sturm@ ok markus@
2004-11-05 20:19:51 +11:00
Darren Tucker
e9bf98412e
- deraadt@cvs.openbsd.org 2004/09/15 00:46:01
...
[ssh.c]
/* fallthrough */ is something a programmer understands. But
/* FALLTHROUGH */ is also understood by lint, so that is better.
2004-11-05 20:05:32 +11:00
Darren Tucker
07336dae94
- djm@cvs.openbsd.org 2004/09/07 23:41:30
...
[clientloop.c ssh.c]
cleanup multiplex control socket on SIGHUP too, spotted by sturm@
ok markus@ deraadt@
2004-11-05 20:02:16 +11:00
Damien Miller
2aa6d3cfce
- (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocol
...
banner. Suggested by deraadt@, ok mouring@, dtucker@
2004-09-12 16:53:04 +10:00
Darren Tucker
27a8f6b056
- dtucker@cvs.openbsd.org 2004/08/23 14:26:38
...
[ssh-keysign.c ssh.c]
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
change in Portable; ok markus@ (CVS ID sync only)
2004-08-29 16:31:28 +10:00
Darren Tucker
25f60a7ee7
- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
...
it does the right thing on all platforms. ok djm@
2004-08-15 17:23:34 +10:00
Darren Tucker
5cb30ad2ec
- markus@cvs.openbsd.org 2004/07/28 09:40:29
...
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
sshconnect1.c]
more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
Darren Tucker
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
Darren Tucker
ba6de952a0
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
...
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
Darren Tucker
b5bc1a6393
- dtucker@cvs.openbsd.org 2004/06/23 14:31:01
...
[ssh.c]
Fix counting in master/slave when passing environment variables; ok djm@
2004-06-24 00:34:53 +10:00
Darren Tucker
3f9fdc7121
- avsm@cvs.openbsd.org 2004/06/21 17:36:31
...
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Darren Tucker
365433f883
- djm@cvs.openbsd.org 2004/06/20 17:36:59
...
[ssh.c]
filter passed env vars at slave in connection sharing case; ok markus@
2004-06-22 12:29:23 +10:00
Damien Miller
b8ea24868f
- markus@cvs.openbsd.org 2004/06/18 10:55:43
...
[ssh.1 ssh.c]
trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm
2004-06-18 22:21:55 +10:00
Damien Miller
0809e233a4
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/18 10:40:19
[ssh.c]
delay signal handler setup until we have finished talking to the master.
allow interrupting of setup (e.g. if master is stuck); ok markus@
2004-06-18 22:20:57 +10:00
Darren Tucker
ba5c592126
- djm@cvs.openbsd.org 2004/06/17 23:56:57
...
[ssh.1 ssh.c]
sync usage() and SYNPOSIS with connection sharing changes
2004-06-18 16:22:39 +10:00
Damien Miller
23f0770a1b
- djm@cvs.openbsd.org 2004/06/17 15:10:14
...
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
2004-06-18 01:19:03 +10:00
Damien Miller
3756dcee24
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/17 14:52:48
[clientloop.c clientloop.h ssh.c]
support environment passing over shared connections; ok markus@
2004-06-18 01:17:29 +10:00
Damien Miller
07b6ff12c4
- (djm) [ssh.c] Use separate var for address length
2004-06-15 11:14:45 +10:00
Damien Miller
0e220dbfbc
- djm@cvs.openbsd.org 2004/06/13 15:03:02
...
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
[readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
implement session multiplexing in the client (the server has supported
this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
Darren Tucker
06f2bd8bde
- deraadt@cvs.openbsd.org 2004/05/08 00:01:37
...
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
tildexpand.c], removed: sshtty.h tildexpand.h
make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
Darren Tucker
46bc075474
- djm@cvs.openbsd.org 2004/04/27 09:46:37
...
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815 : implement ability to pass specified environment variables from
the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
Damien Miller
914420fe74
- djm@cvs.openbsd.org 2004/04/19 21:51:49
...
[ssh.c]
fix idiot typo that i introduced in my last commit;
spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
Damien Miller
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
Damien Miller
0c889cd9e9
- markus@cvs.openbsd.org 2004/03/11 10:21:17
...
[ssh.c sshd.c]
ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
Damien Miller
5095510e5f
- markus@cvs.openbsd.org 2004/03/10 09:45:06
...
[ssh.c]
trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
Damien Miller
3df755e441
- markus@cvs.openbsd.org 2004/03/09 22:11:05
...
[ssh.c]
increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
Damien Miller
509b0107f0
- markus@cvs.openbsd.org 2003/12/16 15:49:51
...
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
2003-12-17 16:33:10 +11:00
Damien Miller
9836cf8d71
- markus@cvs.openbsd.org 2003/12/09 17:30:05
...
[ssh.c]
don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 16:30:06 +11:00
Damien Miller
e0113ccc08
- dtucker@cvs.openbsd.org 2003/11/24 00:16:35
...
[ssh.1 ssh.c]
Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 13:10:09 +11:00
Damien Miller
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Darren Tucker
0a118da00e
- markus@cvs.openbsd.org 2003/10/11 08:24:08
...
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
Damien Miller
fb10e9abe8
- markus@cvs.openbsd.org 2003/09/01 18:15:50
...
[readconf.c readconf.h servconf.c servconf.h ssh.c]
remove unused kerberos code; ok henning@
2003-09-02 22:58:22 +10:00
Damien Miller
59d3d5b8b4
- (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
...
-lbroken; ok dtucker
2003-08-22 09:34:41 +10:00
Darren Tucker
1c52ee3e6f
- markus@cvs.openbsd.org 2003/08/13 09:07:10
...
[readconf.c ssh.c]
socks4->socks, since with support both 4 and 5; dtucker@zip.com.au
2003-08-13 20:38:36 +10:00
Darren Tucker
ec960f2c93
- markus@cvs.openbsd.org 2003/08/13 08:46:31
...
[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
fgsch@, miod@, henning@, jakob@ and others
2003-08-13 20:37:05 +10:00
Darren Tucker
6aaa58c470
- (dtucker) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/07/22 13:35:22
[auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
test+ok henning@
- (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
- (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
I hope I got this right....
2003-08-02 22:24:49 +10:00
Darren Tucker
e98dfa323e
- markus@cvs.openbsd.org 2003/07/16 10:34:53
...
[ssh.c sshd.c]
don't exit on multiple -v or -d; ok deraadt@
2003-07-19 19:54:31 +10:00
Darren Tucker
0a4f04b5b2
- djm@cvs.openbsd.org 2003/07/03 08:09:06
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
fix AddressFamily option in config file, from brent@graveland.net ;
ok markus@
2003-07-03 20:37:47 +10:00
Darren Tucker
3f521e21c0
- markus@cvs.openbsd.org 2003/07/02 20:37:48
...
[ssh.c]
convert hostkeyalias to lowercase, otherwise uppercase aliases will
not match at all; ok henning@
2003-07-03 16:20:42 +10:00
Damien Miller
56a0bb07c4
- markus@cvs.openbsd.org 2003/06/12 19:12:03
...
[scard.c scard.h ssh-agent.c ssh.c]
add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
2003-06-18 20:28:40 +10:00
Damien Miller
7e1bbc55af
- (djm) Remove IPv4 by default hack now that we can specify AF in config
2003-05-18 20:52:40 +10:00
Damien Miller
6e80c36e2a
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/05/15 13:52:10
[ssh.c]
Make "ssh -V" print the OpenSSL version in a human readable form. Patch
from Craig Leres (mindrot at ee.lbl.gov); ok markus@
2003-05-16 11:38:00 +10:00
Damien Miller
1ea7166019
- (djm) Bug #258 : sscanf("[0-9]") -> sscanf("[0123456789]") for portability
2003-05-14 22:33:58 +10:00
Damien Miller
b1ca8bb159
- markus@cvs.openbsd.org 2003/05/11 20:30:25
...
[channels.c clientloop.c serverloop.c session.c ssh.c]
make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
Damien Miller
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
Damien Miller
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
Damien Miller
9f1e33a6b2
- markus@cvs.openbsd.org 2003/02/06 09:27:29
...
[ssh.c ssh_config.5]
support 'ProxyCommand none'; bugzilla #433 ; binder@arago.de ; ok djm@
2003-02-24 11:57:32 +11:00
Ben Lindstrom
b9fa691819
- millert@cvs.openbsd.org 2002/12/09 16:50:30
...
[ssh.c]
Avoid setting optind to 0 as GNU getopt treats that like we do optreset.
markus@ OK
2002-12-23 02:24:54 +00:00
Ben Lindstrom
c276c1208e
- markus@cvs.openbsd.org 2002/11/27 17:53:35
...
[scp.c sftp.c ssh.c]
allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp;
http://bugzilla.mindrot.org/show_bug.cgi?id=447 ; ok mouring@, millert@
2002-12-23 02:14:51 +00:00
Ben Lindstrom
604dc72890
- markus@cvs.openbsd.org 2002/11/21 23:04:33
...
[ssh.c]
debug->debug2
2002-12-23 02:08:57 +00:00
Damien Miller
8c4e18a6ec
- djm@cvs.openbsd.org 2002/09/19 01:58:18
...
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au ; ok markus@
2002-09-19 12:05:02 +10:00
Damien Miller
789e95dbe9
- stevesk@cvs.openbsd.org 2002/09/11 18:27:26
...
[authfd.c authfd.h ssh.c]
don't connect to agent to test for presence if we've previously
connected; ok markus@
2002-09-12 09:52:46 +10:00
Damien Miller
50b9a60082
- stevesk@cvs.openbsd.org 2002/08/29 19:49:42
...
[ssh.c]
shrink initial privilege bracket for setuid case; ok markus@
2002-09-04 16:50:06 +10:00
Damien Miller
147bba3453
- stevesk@cvs.openbsd.org 2002/08/29 16:02:54
...
[ssh.1 ssh.c]
deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
2002-09-04 16:46:06 +10:00
Ben Lindstrom
ee8d52d008
- stevesk@cvs.openbsd.org 2002/07/19 17:42:40
...
[ssh.c]
display a warning from ssh when XAuthLocation does not exist or xauth
returned no authentication data. ok markus@
2002-07-23 21:03:02 +00:00
Ben Lindstrom
5d35a2f582
- markus@cvs.openbsd.org 2002/07/03 14:21:05
...
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
re-enable ssh-keysign's sbit, but make ssh-keysign read
/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
globally. based on discussions with deraadt, itojun and sommerfeld;
ok itojun@
2002-07-04 00:19:40 +00:00
Ben Lindstrom
a962c2fb35
- deraadt@cvs.openbsd.org 2002/06/30 21:59:45
...
[auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
sshconnect2.c sshd.c]
minor KNF
2002-07-04 00:14:17 +00:00
Ben Lindstrom
da394cae04
- markus@cvs.openbsd.org 2002/06/12 01:09:52
...
[ssh.c]
ssh_connect returns 0 on success
2002-06-12 16:11:12 +00:00
Ben Lindstrom
2415757253
- markus@cvs.openbsd.org 2002/06/11 23:03:54
...
[ssh.c]
remove unused cruft.
2002-06-12 16:09:39 +00:00
Ben Lindstrom
1aa6427c0f
- (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
...
vinschen@redhat.com
2002-06-11 20:28:05 +00:00
Ben Lindstrom
f9c4884c8e
- markus@cvs.openbsd.org 2002/06/11 04:14:26
...
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
2002-06-11 16:37:51 +00:00
Ben Lindstrom
4daea86fd4
- markus@cvs.openbsd.org 2002/06/08 05:17:01
...
[readconf.c readconf.h ssh.1 ssh.c]
deprecate FallBackToRsh and UseRsh; patch from djm@
2002-06-09 20:04:02 +00:00
Ben Lindstrom
ece420413b
- markus@cvs.openbsd.org 2002/06/08 05:07:56
...
[ssh.c]
nuke ptrace comment
2002-06-09 20:00:09 +00:00
Ben Lindstrom
9e5bb579f9
- markus@cvs.openbsd.org 2002/05/23 19:39:34
...
[ssh.c]
add comment about ssh-keysign
2002-06-06 19:58:27 +00:00
Ben Lindstrom
1bad256822
- markus@cvs.openbsd.org 2002/05/23 19:24:30
...
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 19:57:33 +00:00
Ben Lindstrom
f666fec2d5
- deraadt@cvs.openbsd.org 2002/05/22 23:18:25
...
[ssh.c sshd.c]
spelling; abishoff@arc.nasa.gov
2002-06-06 19:51:58 +00:00
Ben Lindstrom
fac7769f64
- stevesk@cvs.openbsd.org 2002/05/16 22:09:59
...
[session.c ssh.c]
don't limit xauth pathlen on client side and longer print length on
server when debug; ok markus@
2002-06-06 19:49:54 +00:00
Damien Miller
2797f7f03a
- markus@cvs.openbsd.org 2002/04/22 21:04:52
...
[channels.c clientloop.c clientloop.h ssh.c]
request reply (success/failure) for -R style fwd in protocol v2,
depends on ordered replies.
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215 ; ok provos@
2002-04-23 21:09:44 +10:00
Ben Lindstrom
eb041dca1f
- markus@cvs.openbsd.org 2002/03/26 11:37:05
...
[ssh.c]
update Copyright
2002-03-27 17:20:38 +00:00
Ben Lindstrom
4f054607f0
- markus@cvs.openbsd.org 2002/03/25 21:04:02
...
[ssh.c]
simplify num_identity_files handling
2002-03-26 03:23:00 +00:00
Ben Lindstrom
0936a5bb72
- markus@cvs.openbsd.org 2002/03/25 17:34:27
...
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
Ben Lindstrom
ba72d30aa5
- rees@cvs.openbsd.org 2002/03/21 22:44:05
...
[authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
Add PIN-protection for secret key.
2002-03-22 03:51:06 +00:00
Ben Lindstrom
6328ab3989
- markus@cvs.openbsd.org 2002/03/19 10:49:35
...
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
2002-03-22 02:54:23 +00:00
Damien Miller
19a5945105
- markus@cvs.openbsd.org 2002/02/14 23:28:00
...
[channels.h session.c ssh.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
2002-02-19 15:20:57 +11:00
Damien Miller
4860650842
- markus@cvs.openbsd.org 2002/02/07 09:35:39
...
[ssh.c]
remove bogus comments
2002-02-08 22:07:33 +11:00
Damien Miller
699d003e3a
- markus@cvs.openbsd.org 2002/02/06 14:55:16
...
[channels.c clientloop.c serverloop.c ssh.c]
channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
Damien Miller
a500cd608e
- markus@cvs.openbsd.org 2002/02/05 14:32:55
...
[channels.c channels.h ssh.c]
merge channel_request() into channel_request_start()
2002-02-08 22:04:26 +11:00
Damien Miller
67f0bc043c
- markus@cvs.openbsd.org 2002/02/03 17:58:21
...
[channels.c channels.h ssh.c]
generic callbacks are not really used, remove and
add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
ok djm@
2002-02-05 12:23:08 +11:00
Damien Miller
35b13d633b
- stevesk@cvs.openbsd.org 2002/01/27 18:08:17
...
[ssh.c]
handle simple case to identify FamilyLocal display; ok markus@
2002-02-05 12:12:09 +11:00
Damien Miller
b16461ce45
- markus@cvs.openbsd.org 2002/01/16 13:17:51
...
[channels.c channels.h serverloop.c ssh.c]
wrapper for channel_setup_fwd_listener
2002-01-22 23:29:22 +11:00
Damien Miller
630d6f4479
- markus@cvs.openbsd.org 2001/12/28 15:06:00
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
Damien Miller
dff5099f13
- markus@cvs.openbsd.org 2001/12/28 14:50:54
...
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
Damien Miller
48b03fc546
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
Damien Miller
66823cddbe
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
Damien Miller
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
Damien Miller
5a6b4fe225
- stevesk@cvs.openbsd.org 2001/12/19 17:16:13
...
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
Damien Miller
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom
4a4bd719ea
- stevesk@cvs.openbsd.org 2001/11/30 20:39:28
...
[ssh.c]
sscanf() length dependencies are clearer now; can also shrink proto
and data if desired, but i have not done that. ok markus@
2001-12-06 17:45:19 +00:00
Damien Miller
07cd5897f9
- markus@cvs.openbsd.org 2001/10/24 08:51:35
...
[clientloop.c ssh.c]
ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
2001-11-12 10:52:03 +11:00
Damien Miller
595bb4f572
- markus@cvs.openbsd.org 2001/10/24 08:41:20
...
[ssh.c]
remove unused
2001-11-12 10:51:40 +11:00
Damien Miller
139d4cd908
- markus@cvs.openbsd.org 2001/10/09 10:12:08
...
[session.c]
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 15:07:44 +10:00
Ben Lindstrom
908afed17f
- markus@cvs.openbsd.org 2001/10/01 21:38:53
...
[channels.c channels.h ssh.c sshd.c]
remove ugliness; vp@drexel.edu via angelos
2001-10-03 17:34:59 +00:00
Ben Lindstrom
83f07d1954
- markus@cvs.openbsd.org 2001/09/28 15:46:29
...
[ssh.c]
bug: read user config first; report kaukasoi@elektroni.ee.tut.fi
2001-10-03 17:22:29 +00:00
Ben Lindstrom
40a0d20913
- (bal) Removed 'extern int optopt;' since it is dead wood.
2001-09-24 22:04:02 +00:00
Ben Lindstrom
5ccf63a974
- (bal) updated ssh.c to mirror minor getopts 'extern int' formating done
...
by stevesk@
2001-09-24 20:00:10 +00:00
Ben Lindstrom
f558cf6580
- markus@cvs.openbsd.org 2001/09/20 13:50:40
...
[compat.c compat.h ssh.c]
bug compat: request a dummy channel for -N (no shell) sessions +
cleanup; vinschen@redhat.com
2001-09-20 23:13:49 +00:00
Ben Lindstrom
edc0cf26d1
- stevesk@cvs.openbsd.org 2001/09/03 20:58:33
...
[readconf.c readconf.h ssh.c]
fatal() for nonexistent -Fssh_config. ok markus@
2001-09-12 18:32:20 +00:00
Ben Lindstrom
1a1747172e
- stevesk@cvs.openbsd.org 2001/08/29 23:27:23
...
[ssh.c]
validate ports for -L/-R; ok markus@
2001-09-12 17:56:15 +00:00
Ben Lindstrom
19ceb17040
- stevesk@cvs.openbsd.org 2001/08/29 23:13:10
...
[ssh.1 ssh.c]
document -D and DynamicForward; ok markus
2001-09-12 17:54:24 +00:00
Ben Lindstrom
14f31ab947
- markus@cvs.openbsd.org 2001/08/28 15:39:48
...
[ssh.1 ssh.c]
allow: ssh -F configfile host
2001-09-12 17:48:04 +00:00
Ben Lindstrom
930b14a28e
- jakob@cvs.openbsd.org 2001/08/11 22:51:27
...
[ssh.c tildexpand.c]
fix more paths beginning with "//"; <bradshaw@staff.crosswalk.com>.
ok markus@
2001-08-15 23:19:21 +00:00
Ben Lindstrom
bcc1808bf2
- jakob@cvs.openbsd.org 2001/08/02 16:14:05
...
[scard.c ssh-agent.c ssh.c ssh-keygen.c]
clean up some /* SMARTCARD */. ok markus@
2001-08-06 21:59:25 +00:00
Ben Lindstrom
ffce147638
- jakob@cvs.openbsd.org 2001/08/02 15:43:57
...
[ssh-agent.c ssh.c ssh-keygen.c]
add /* SMARTCARD */ to #else/#endif. ok markus@
2001-08-06 21:57:31 +00:00
Ben Lindstrom
61eb9568b3
- jakob@cvs.openbsd.org 2001/08/02 15:32:10
...
[ssh.c]
add smartcard to usage(). ok markus@
2001-08-06 21:53:42 +00:00
Ben Lindstrom
a6c8a8d4d5
- markus@cvs.openbsd.org 2001/08/01 23:38:45
...
[scard.c ssh.c]
support finish rsa keys.
free public keys after login -> call finish -> close smartcard.
2001-08-06 21:42:00 +00:00
Ben Lindstrom
f7db3bb64c
- markus@cvs.openbsd.org 2001/08/01 22:03:33
...
[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
ssh-agent.c ssh.c]
use strings instead of ints for smartcard reader ids
2001-08-06 21:35:51 +00:00
Ben Lindstrom
ae996bf7d1
- jakob@cvs.openbsd.org 2001/07/31 09:28:44
...
[readconf.c readconf.h ssh.1 ssh.c]
add 'SmartcardDevice' client option to specify which smartcard device
is used to access a smartcard used for storing the user's private RSA
key. ok markus@.
2001-08-06 21:27:53 +00:00
Ben Lindstrom
711b04a56a
- millert@cvs.openbsd.org 2001/07/27 14:50:45
...
[ssh.c]
If smart card support is compiled in and a smart card is being used
for authentication, make it the first method used. markus@ OK
2001-08-06 21:12:42 +00:00
Ben Lindstrom
f9cedb9ca0
- markus@cvs.openbsd.org 2001/07/25 14:35:18
...
[readconf.c ssh.1 ssh.c sshconnect.c]
cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
2001-08-06 21:07:11 +00:00
Damien Miller
4f8e66929b
- (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension.
2001-07-14 13:22:53 +10:00
Damien Miller
1b73448d6d
- markus@cvs.openbsd.org 2001/07/11 16:29:59
...
[ssh.c]
sort options string, fix -p, add -k
2001-07-14 12:21:07 +10:00
Damien Miller
f4614450d1
- OpenBSD CVS Sync
...
- fgsch@cvs.openbsd.org 2001/07/09 05:58:47
[ssh.c]
Use getopt(3); markus@ ok.
2001-07-14 12:18:10 +10:00
Kevin Steves
08ccf9d08c
whitespace sync
2001-07-04 17:52:01 +00:00
Ben Lindstrom
c5b680018b
- markus@cvs.openbsd.org 2001/06/26 20:14:11
...
[key.c key.h ssh.c sshconnect1.c sshconnect2.c]
add smartcard support to the client, too (now you can use both
the agent and the client).
2001-07-04 04:52:03 +00:00
Ben Lindstrom
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom
6ab6486273
- markus@cvs.openbsd.org 2001/06/22 23:35:21
...
[ssh.c]
don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
2001-06-25 04:26:55 +00:00
Ben Lindstrom
664408d2a7
- markus@cvs.openbsd.org 2001/06/07 20:23:05
...
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
sshconnect.c sshconnect1.c]
use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
Ben Lindstrom
c763767f18
[NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
...
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
2001-06-09 00:36:26 +00:00
Ben Lindstrom
5ec2645a2d
- markus@cvs.openbsd.org 2001/05/30 15:20:10
...
[ssh.c]
merge functions, simplify.
2001-06-09 00:18:51 +00:00
Ben Lindstrom
e6455aee8f
[NOTE: File split is was not done in Portabl Tree]
...
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
Ben Lindstrom
3b89c5ef89
- markus@cvs.openbsd.org 2001/05/28 08:04:39
...
[ssh.c]
fix usage()
2001-06-05 20:44:16 +00:00
Ben Lindstrom
2b1f71baee
- stevesk@cvs.openbsd.org 2001/05/24 18:57:53
...
[clientloop.c readconf.c ssh.c ssh.h]
don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 20:32:21 +00:00
Ben Lindstrom
99c73b377a
- markus@cvs.openbsd.org 2001/05/04 23:47:34
...
[channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
move to Channel **channels (instead of Channel *channels), fixes realloc
problems. channel_new now returns a Channel *, favour Channel * over
channel id. remove old channel_allocate interface.
2001-05-05 04:09:47 +00:00
Ben Lindstrom
e0f8804194
- markus@cvs.openbsd.org 2001/04/30 11:18:52
...
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
implement 'ssh -b bind_address' like 'telnet -b'
2001-04-30 13:06:24 +00:00
Ben Lindstrom
2b261b9035
- markus@cvs.openbsd.org 2001/04/17 12:55:04
...
[channels.c ssh.c]
undo socks5 and https support since they are not really used and
only bloat ssh. remove -D from usage(), since '-D' is experimental.
2001-04-17 18:14:34 +00:00
Ben Lindstrom
ae8e2d30db
- stevesk@cvs.openbsd.org 2001/04/14 16:33:20
...
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
protocol 2 tty modes support; ok markus@
2001-04-14 23:13:02 +00:00
Ben Lindstrom
92d4a02001
- stevesk@cvs.openbsd.org 2001/04/13 01:26:17
...
[ssh.c]
missing \n in error message
2001-04-13 04:44:37 +00:00
Ben Lindstrom
19066a112b
- stevesk@cvs.openbsd.org 2001/04/12 20:09:38
...
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
robust port validation; ok markus@ jakob@
2001-04-12 23:39:26 +00:00
Ben Lindstrom
5eabda303a
- markus@cvs.openbsd.org 2001/04/12 19:15:26
...
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-12 23:34:34 +00:00
Ben Lindstrom
2b646528cb
- markus@cvs.openbsd.org 2001/04/12 14:29:09
...
[ssh.c]
show debug output during option processing, report from
pekkas@netcore.fi
2001-04-12 16:16:57 +00:00
Ben Lindstrom
6fa9d10ed5
- markus@cvs.openbsd.org 2001/04/11 13:56:13
...
[channels.c ssh.c]
https-connect and socks5 support. i feel so bad.
2001-04-11 23:08:17 +00:00
Ben Lindstrom
146edb9832
- markus@cvs.openbsd.org 2001/04/11 10:59:01
...
[ssh.c]
use strtol() for ports, thanks jakob@
2001-04-11 23:06:28 +00:00
Ben Lindstrom
3bb4f9da73
- markus@cvs.openbsd.org 2001/04/07 08:55:18
...
[buffer.c channels.c channels.h readconf.c ssh.c]
allow the ssh client act as a SOCKS4 proxy (dynamic local
portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
netscape use localhost:1080 as a socks proxy.
2001-04-08 18:30:26 +00:00
Ben Lindstrom
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
Ben Lindstrom
4c3f77dd3b
- markus@cvs.openbsd.org 2001/04/05 21:05:24
...
[clientloop.c ssh.c]
don't request a session for 'ssh -N', pointed out slade@shore.net
2001-04-05 23:37:36 +00:00
Ben Lindstrom
d0fca423fc
- markus@cvs.openbsd.org 2001/03/26 08:07:09
...
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
2001-03-26 13:44:06 +00:00
Damien Miller
60bc517356
- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
...
do it implicitly.
2001-03-19 09:38:15 +11:00
Ben Lindstrom
266dfdfd62
- markus@cvs.openbsd.org 2001/03/08 21:42:33
...
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
no need to do enter passphrase or do expensive sign operations if the
server does not accept key).
2001-03-09 00:12:22 +00:00
Ben Lindstrom
6df8ef4196
- millert@cvs.openbsd.org 2001/03/04 17:42:28
...
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
ssh.c sshconnect.c sshd.c]
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.
2001-03-05 07:47:23 +00:00
Ben Lindstrom
3d73a34931
- stevesk@cvs.openbsd.org 2001/03/04 10:57:53
...
[ssh.c]
add -m to usage; ok markus@
2001-03-05 07:39:01 +00:00
Ben Lindstrom
8a432f5fe0
- markus@cvs.openbsd.org 2001/03/03 23:59:34
...
[log.c ssh.c]
log*.c -> log.c
2001-03-05 07:24:46 +00:00
Ben Lindstrom
4040fe10a9
- markus@cvs.openbsd.org 2001/03/01 22:46:37
...
[ssh.c]
don't truncate remote ssh-2 commands; from mkubita@securities.cz
use min, not max for logging, fixes overflow.
2001-03-05 06:52:57 +00:00
Ben Lindstrom
0ab2a01079
- deraadt@cvs.openbsd.org 2001/03/01 02:29:04
...
[ssh.c]
shorten usage by a line
2001-03-05 06:45:21 +00:00
Ben Lindstrom
086cf214cf
- markus@cvs.openbsd.org 2001/02/22 21:59:44
...
[auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
use pwcopy in ssh.c, too
2001-03-05 05:56:40 +00:00
Ben Lindstrom
87af95b3e7
- stevesk@cvs.openbsd.org 2001/02/21 21:14:04
...
[ssh.c]
-i supports DSA identities now; ok markus@
2001-03-05 05:04:57 +00:00
Damien Miller
225736c73a
- OpenBSD CVS Sync:
...
- reinhard@cvs.openbsd.org 2001/02/17 08:24:40
[sftp.1]
typo
- deraadt@cvs.openbsd.org 2001/02/17 16:28:58
[ssh.c]
cleanup -V output; noted by millert
- deraadt@cvs.openbsd.org 2001/02/17 16:48:48
[sshd.8]
it's the OpenSSH one
- markus@cvs.openbsd.org 2001/02/18 11:33:54
[dispatch.c]
typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
- markus@cvs.openbsd.org 2001/02/19 02:53:32
[compat.c compat.h serverloop.c]
ssh-1.2.{18-22} has broken handling of ignore messages; report from
itojun@
- markus@cvs.openbsd.org 2001/02/19 03:35:23
[version.h]
OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
- deraadt@cvs.openbsd.org 2001/02/19 03:36:25
[scp.c]
np is changed by recursion; vinschen@redhat.com
2001-02-19 21:51:08 +11:00
Ben Lindstrom
06b33aa0e8
- markus@cvs.openbsd.org 2001/02/11 12:59:25
...
[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
1) clean up the MAC support for SSH-2
2) allow you to specify the MAC with 'ssh -m'
3) or the 'MACs' keyword in ssh(d)_config
4) add hmac-{md5,sha1}-96
ok stevesk@, provos@
2001-02-15 03:01:59 +00:00
Ben Lindstrom
8fd10b0f13
- markus@cvs.openbsd.org 2001/02/10 1:46:28
...
[ssh.c]
remove mapping of argv[0] -> hostname
2001-02-10 22:11:13 +00:00
Ben Lindstrom
1e7d30611b
- markus@cvs.openbsd.org 2001/02/06 22:07:42
...
[ssh.c]
fatal() if subsystem fails
- markus@cvs.openbsd.org 2001/02/06 22:43:02
[ssh.c]
remove confusing callback code
- jakob@cvs.openbsd.org 2001/02/06 23:03:24
[ssh.c]
add -1 option (force protocol version 1). ok markus@
- jakob@cvs.openbsd.org 2001/02/06 23:06:21
[ssh.c]
reorder -{1,2,4,6} options. ok markus@
2001-02-09 02:36:43 +00:00
Ben Lindstrom
31ca54aa86
- itojun@cvs.openbsd.org 2001/02/08 19:30:52
...
sync with netbsd tree changes.
- more strict prototypes, include necessary headers
- use paths.h/pathnames.h decls
- size_t typecase to int -> u_long
2001-02-09 02:11:24 +00:00
Kevin Steves
12057500cc
- markus@cvs.openbsd.org 2001/01/31 13:37:24
...
[channels.c channels.h serverloop.c ssh.c]
do not disconnect if local port forwarding fails, e.g. if port is already in
use
- markus@cvs.openbsd.org 2001/02/01 14:58:09
[channels.c]
use ipaddr in channel messages, ietf-secsh wants this
- markus@cvs.openbsd.org 2001/01/31 12:26:20
[channels.c]
ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
bug report from edmundo@rano.org
2001-02-05 14:54:34 +00:00
Kevin Steves
adf74cdeca
- deraadt@cvs.openbsd.org 2001/02/04 16:56:23
...
[scp.c sshd.c]
alpha happiness
- stevesk@cvs.openbsd.org 2001/02/04 15:12:17
[sshd.c]
precedence; ok markus@
- deraadt@cvs.openbsd.org 2001/02/04 08:14:15
[ssh.c sshd.c]
make the alpha happy
2001-02-05 14:22:50 +00:00
Kevin Steves
ef4eea9bad
- stevesk@cvs.openbsd.org 2001/02/04 08:32:27
...
[many files; did this manually to our top-level source dir]
unexpand and remove end-of-line whitespace; ok markus@
2001-02-05 12:42:17 +00:00
Damien Miller
832562e9ba
- djm@cvs.openbsd.org 2001/01/29 05:36:11
...
[ssh.1 ssh.c]
Allow invocation of sybsystem by commandline (-s); ok markus@
2001-01-30 09:30:01 +11:00
Ben Lindstrom
226cfa0378
Hopefully things did not get mixed around too much. It compiles under
...
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
2001-01-22 05:34:40 +00:00
Ben Lindstrom
bf555ba621
NOTE: This update changes the RSA key generation. *NEW RSA KEYS
...
NEED TO BE GENERATED* =) Refer to to entry "2001/01/16 19:20:06"
for more details.
20010118
- (bal) Super Sized OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
[sshd.c]
maxfd+1
- markus@cvs.openbsd.org 2001/01/13 17:59:18
[ssh-keygen.1]
small ssh-keygen manpage cleanup; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:03:07
[scp.c ssh-keygen.c sshd.c]
getopt() returns -1 not EOF; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:06:54
[ssh-keyscan.c]
use SSH_DEFAULT_PORT; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:12:47
[ssh-keyscan.c]
free() -> xfree(); fix memory leak; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:14:13
[ssh-add.c]
typo, from stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2001/01/13 18:32:50
[packet.c session.c ssh.c sshconnect.c sshd.c]
split out keepalive from packet_interactive (from dale@accentre.com )
set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
- markus@cvs.openbsd.org 2001/01/13 18:36:45
[packet.c packet.h]
reorder, typo
- markus@cvs.openbsd.org 2001/01/13 18:38:00
[auth-options.c]
fix comment
- markus@cvs.openbsd.org 2001/01/13 18:43:31
[session.c]
Wall
- markus@cvs.openbsd.org 2001/01/13 19:14:08
[clientloop.h clientloop.c ssh.c]
move callback to headerfile
- markus@cvs.openbsd.org 2001/01/15 21:40:10
[ssh.c]
use log() instead of stderr
- markus@cvs.openbsd.org 2001/01/15 21:43:51
[dh.c]
use error() not stderr!
- markus@cvs.openbsd.org 2001/01/15 21:45:29
[sftp-server.c]
rename must fail if newpath exists, debug off by default
- markus@cvs.openbsd.org 2001/01/15 21:46:38
[sftp-server.c]
readable long listing for sftp-server, ok deraadt@
- markus@cvs.openbsd.org 2001/01/16 19:20:06
[key.c ssh-rsa.c]
make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
galb@vandyke.com . note that you have to delete older ssh2-rsa keys,
since they are in the wrong format, too. they must be removed from
.ssh/authorized_keys2 and .ssh/known_hosts2, etc.
(cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
.ssh/authorized_keys2) additionally, we now check that
BN_num_bits(rsa->n) >= 768.
- markus@cvs.openbsd.org 2001/01/16 20:54:27
[sftp-server.c]
remove some statics. simpler handles; idea from nisse@lysator.liu.se
- deraadt@cvs.openbsd.org 2001/01/16 23:58:08
[bufaux.c radix.c sshconnect.h sshconnect1.c]
indent
- (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
be missing such feature.
2001-01-18 02:04:35 +00:00