be43ebf975
- stevesk@cvs.openbsd.org 2006/07/12 22:28:52
...
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
ba72405026
- stevesk@cvs.openbsd.org 2006/07/11 20:27:56
...
[authfile.c ssh.c]
need <errno.h> here also (it's also included in <openssl/err.h>)
2006-07-12 22:24:22 +10:00
57f4224677
- stevesk@cvs.openbsd.org 2006/07/11 20:16:43
...
[ssh.c]
cast asterisk field precision argument to int to remove warning;
ok markus@
2006-07-12 22:23:35 +10:00
e7d4b19f75
- markus@cvs.openbsd.org 2006/07/11 18:50:48
...
[clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
channels.h readconf.c]
add ExitOnForwardFailure: terminate the connection if ssh(1)
cannot set up all requested dynamic, local, and remote port
forwardings. ok djm, dtucker, stevesk, jmc
2006-07-12 22:17:10 +10:00
284706a755
- dtucker@cvs.openbsd.org 2006/07/11 10:12:07
...
[ssh.c]
Only copy the part of environment variable that we actually use. Prevents
ssh bailing when SendEnv is used and an environment variable with a really
long value exists. ok djm@
2006-07-12 22:16:23 +10:00
57cf638577
- stevesk@cvs.openbsd.org 2006/07/09 15:15:11
...
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
[readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
[sshlogin.c sshpty.c]
move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
e3b60b524e
- stevesk@cvs.openbsd.org 2006/07/08 21:47:12
...
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
[monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
9f2abc47eb
- stevesk@cvs.openbsd.org 2006/07/06 16:03:53
...
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
[auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
[auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
[monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
[session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
[ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
[uidswap.h]
move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
b757677d02
- stevesk@cvs.openbsd.org 2006/07/03 08:54:20
...
[includes.h ssh.c sshconnect.c sshd.c]
move #include "version.h" out of includes.h; ok markus@
2006-07-10 20:23:39 +10:00
991dba43e1
- stevesk@cvs.openbsd.org 2006/07/02 17:12:58
...
[ssh.1 ssh.c ssh_config.5 sshd_config.5]
more details and clarity for tun(4) device forwarding; ok and help
jmc@
2006-07-10 20:16:27 +10:00
232b76f9f8
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
...
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186 , ok djm@
2006-05-06 17:41:51 +10:00
6b1d53c2b0
- djm@cvs.openbsd.org 2006/03/30 10:41:25
...
[ssh.c ssh_config.5]
add percent escape chars to the IdentityFile option, bz #1159 based
on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
ddd63ab1d0
- deraadt@cvs.openbsd.org 2006/03/28 00:12:31
...
[README.tun ssh.c]
spacing
2006-03-31 23:10:51 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
1d2b6706ba
- deraadt@cvs.openbsd.org 2006/03/20 18:42:27
...
[canohost.c match.c ssh.c sshconnect.c]
be strict with tolower() casting
2006-03-26 14:09:54 +11:00
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
71a7367130
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
4662d3492f
- deraadt@cvs.openbsd.org 2006/03/19 18:59:30
...
[ssh.c]
spacing
2006-03-26 13:59:59 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
2ecb6bd95d
- djm@cvs.openbsd.org 2006/03/12 04:23:07
...
[ssh.c]
knf nit
2006-03-15 12:03:53 +11:00
c7b06369a8
- stevesk@cvs.openbsd.org 2006/02/22 00:04:45
...
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
6ff3caddb6
oops, this commit is really:
...
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
574c41fdb3
- stevesk@cvs.openbsd.org 2006/02/20 16:36:15
...
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
3ec54c7e58
- djm@cvs.openbsd.org 2006/02/12 06:45:34
...
[ssh.c ssh_config.5]
add a %l expansion code to the ControlPath, which is filled in with the
local hostname at runtime. Requested by henning@ to avoid some problems
with /home on NFS; ok dtucker@
2006-03-15 11:30:13 +11:00
17e91c0fb0
- stevesk@cvs.openbsd.org 2006/02/10 00:27:13
...
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
[ssh.c sshd.c sshpty.c]
move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
cd4223c245
- stevesk@cvs.openbsd.org 2006/02/08 14:31:30
...
[includes.h ssh-agent.c ssh-keyscan.c ssh.c]
move #include <sys/resource.h> out of includes.h; ok markus@
2006-03-15 11:22:47 +11:00
03e2003a23
- stevesk@cvs.openbsd.org 2006/02/08 12:15:27
...
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
[session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
[sshd.c sshpty.c]
move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
598bbc2d8f
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
...
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
2005-12-31 16:33:36 +11:00
e9a9b71c6b
- dtucker@cvs.openbsd.org 2005/12/20 04:41:07
...
[ssh.c]
exit(255) on error to match description in ssh(1); bz #1137 ; ok deraadt@
2005-12-20 16:15:51 +11:00
7b58e80036
- reyk@cvs.openbsd.org 2005/12/08 18:34:11
...
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
2005-12-13 19:33:19 +11:00
d27b947178
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
...
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
aa3bb10940
- djm@cvs.openbsd.org 2005/10/30 04:03:24
...
[ssh.c]
fix misleading debug message; ok dtucker@
2005-11-05 15:12:59 +11:00
15d72a00a3
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
...
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
895d698515
- jmc@cvs.openbsd.org 2005/09/19 15:42:44
...
[ssh.c]
update -D usage here too;
2005-10-03 18:18:05 +10:00
ce321d8a30
- djm@cvs.openbsd.org 2005/09/13 23:40:07
...
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
be1045dc58
- djm@cvs.openbsd.org 2005/07/30 01:26:16
...
[ssh.c]
fix -D listen_host initialisation, so it picks up gateway_ports setting
correctly
2005-08-12 22:10:56 +10:00
46d38de48b
- djm@cvs.openbsd.org 2005/07/16 01:35:24
...
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
[sshconnect.c]
spacing
2005-07-17 17:02:09 +10:00
1339002e8b
- djm@cvs.openbsd.org 2005/07/04 00:58:43
...
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
7c71cc738c
- djm@cvs.openbsd.org 2005/06/25 22:47:49
...
[ssh.c]
do the default port filling code a few lines earlier, so it really
does fix %p
2005-06-26 08:56:31 +10:00
8f74c8fc32
- djm@cvs.openbsd.org 2005/06/18 04:30:36
...
[ssh.c ssh_config.5]
allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
2005-06-26 08:56:03 +10:00
9651fe690a
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/06/17 22:53:47
[ssh.c sshconnect.c]
Fix ControlPath's %p expanding to "0" for a default port,
spotted dwmw2 AT infradead.org; ok markus@
2005-06-26 08:55:25 +10:00
17e7ed0e75
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/06/16 03:38:36
[channels.c channels.h clientloop.c clientloop.h ssh.c]
move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
d14b1e731c
- djm@cvs.openbsd.org 2005/06/08 11:25:09
...
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
add ControlMaster=auto/autoask options to support opportunistic
multiplexing; tested avsm@ and jakob@, ok markus@
2005-06-16 13:19:41 +10:00
6476cad9bb
- djm@cvs.openbsd.org 2005/06/06 11:20:36
...
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
introduce a generic %foo expansion function. replace existing % expansion
and add expansion to ControlPath; ok markus@
2005-06-16 13:18:34 +10:00
0814d3136f
- djm@cvs.openbsd.org 2005/05/27 08:30:37
...
[ssh.c]
fix -O for cases where no ControlPath has been specified or socket at
ControlPath is not contactable; spotted by and ok avsm@
2005-06-01 23:08:51 +10:00
538c9b71ec
- djm@cvs.openbsd.org 2005/05/10 10:30:43
...
[ssh.c]
report real errors on fallback from ControlMaster=no to normal connect
2005-05-26 12:11:28 +10:00
924c25a64e
- djm@cvs.openbsd.org 2005/05/10 10:28:11
...
[ssh.c]
print nice error message for EADDRINUSE as well (ID sync only)
2005-05-26 12:09:32 +10:00
dadfd4dd38
- jakob@cvs.openbsd.org 2005/04/26 13:08:37
...
[ssh.c ssh_config.5]
fallback gracefully if client cannot connect to ControlPath. ok djm@
2005-05-26 12:07:13 +10:00
ddee575b98
- djm@cvs.openbsd.org 2005/04/21 11:47:19
...
[ssh.c]
don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
ignasi.roca AT fujitsu-siemens.com (bz #829 ); ok dtucker@
2005-05-26 12:05:05 +10:00
1b0de9a041
- dtucker@cvs.openbsd.org 2005/04/06 12:26:06
...
[ssh.c]
Fix debug call for port forwards; patch from pete at seebeyond.com,
ok djm@ (ID sync only - change already in portable)
2005-05-26 12:01:22 +10:00
4f10e25684
- (djm) [ssh.c] some systems return EADDRINUSE on a bind to an already-used
...
unix domain socket, so catch that too; from jakob@ ok dtucker@
2005-05-04 15:33:09 +10:00
73ba43798a
- (dtucker) [ssh.c] Prevent null pointer deref in port forwarding debug
...
message on some platforms. Patch from pete at seebeyond.com via djm.
2005-03-31 21:51:54 +10:00
47eede77ed
- deraadt@cvs.openbsd.org 2005/03/10 22:01:05
...
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
readconf.c bufaux.c sftp.c]
spacing
2005-03-14 23:08:12 +11:00
02faeceb56
- jmc@cvs.openbsd.org 2005/03/01 17:22:06
...
[ssh.c]
sync usage() w/ man SYNOPSIS;
ok markus@
2005-03-02 12:04:32 +11:00
f91ee4c3de
- djm@cvs.openbsd.org 2005/03/01 10:09:52
...
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
3eb48b6245
- otto@cvs.openbsd.org 2005/02/16 09:56:44
...
[ssh.c]
Better diagnostic if an identity file is not accesible. ok markus@ djm@
2005-03-01 21:15:46 +11:00
9c6bf325c0
- jmc@cvs.openbsd.org 2004/11/07 17:57:30
...
[ssh.c]
usage():
- add -O
- sync -S w/ manpage
- remove -h
2004-12-03 14:10:19 +11:00
7ebfc10884
- djm@cvs.openbsd.org 2004/11/07 00:01:46
...
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
2004-11-07 20:06:19 +11:00
39207a46b4
- djm@cvs.openbsd.org 2004/09/23 13:00:04
...
[ssh.c]
correctly honour -n in multiplex client mode; spotted by sturm@ ok markus@
2004-11-05 20:19:51 +11:00
e9bf98412e
- deraadt@cvs.openbsd.org 2004/09/15 00:46:01
...
[ssh.c]
/* fallthrough */ is something a programmer understands. But
/* FALLTHROUGH */ is also understood by lint, so that is better.
2004-11-05 20:05:32 +11:00
07336dae94
- djm@cvs.openbsd.org 2004/09/07 23:41:30
...
[clientloop.c ssh.c]
cleanup multiplex control socket on SIGHUP too, spotted by sturm@
ok markus@ deraadt@
2004-11-05 20:02:16 +11:00
2aa6d3cfce
- (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocol
...
banner. Suggested by deraadt@, ok mouring@, dtucker@
2004-09-12 16:53:04 +10:00
27a8f6b056
- dtucker@cvs.openbsd.org 2004/08/23 14:26:38
...
[ssh-keysign.c ssh.c]
Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
change in Portable; ok markus@ (CVS ID sync only)
2004-08-29 16:31:28 +10:00
25f60a7ee7
- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
...
it does the right thing on all platforms. ok djm@
2004-08-15 17:23:34 +10:00
5cb30ad2ec
- markus@cvs.openbsd.org 2004/07/28 09:40:29
...
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
sshconnect1.c]
more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
ba6de952a0
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
...
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
b5bc1a6393
- dtucker@cvs.openbsd.org 2004/06/23 14:31:01
...
[ssh.c]
Fix counting in master/slave when passing environment variables; ok djm@
2004-06-24 00:34:53 +10:00
3f9fdc7121
- avsm@cvs.openbsd.org 2004/06/21 17:36:31
...
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
365433f883
- djm@cvs.openbsd.org 2004/06/20 17:36:59
...
[ssh.c]
filter passed env vars at slave in connection sharing case; ok markus@
2004-06-22 12:29:23 +10:00
b8ea24868f
- markus@cvs.openbsd.org 2004/06/18 10:55:43
...
[ssh.1 ssh.c]
trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm
2004-06-18 22:21:55 +10:00
0809e233a4
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/18 10:40:19
[ssh.c]
delay signal handler setup until we have finished talking to the master.
allow interrupting of setup (e.g. if master is stuck); ok markus@
2004-06-18 22:20:57 +10:00
ba5c592126
- djm@cvs.openbsd.org 2004/06/17 23:56:57
...
[ssh.1 ssh.c]
sync usage() and SYNPOSIS with connection sharing changes
2004-06-18 16:22:39 +10:00
23f0770a1b
- djm@cvs.openbsd.org 2004/06/17 15:10:14
...
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
2004-06-18 01:19:03 +10:00
3756dcee24
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/17 14:52:48
[clientloop.c clientloop.h ssh.c]
support environment passing over shared connections; ok markus@
2004-06-18 01:17:29 +10:00
07b6ff12c4
- (djm) [ssh.c] Use separate var for address length
2004-06-15 11:14:45 +10:00
0e220dbfbc
- djm@cvs.openbsd.org 2004/06/13 15:03:02
...
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
[readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
implement session multiplexing in the client (the server has supported
this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
06f2bd8bde
- deraadt@cvs.openbsd.org 2004/05/08 00:01:37
...
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
tildexpand.c], removed: sshtty.h tildexpand.h
make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
46bc075474
- djm@cvs.openbsd.org 2004/04/27 09:46:37
...
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815 : implement ability to pass specified environment variables from
the client to the server; ok markus@
2004-05-02 22:11:30 +10:00
914420fe74
- djm@cvs.openbsd.org 2004/04/19 21:51:49
...
[ssh.c]
fix idiot typo that i introduced in my last commit;
spotted by cschneid AT cschneid.com
2004-04-20 20:14:07 +10:00
57a4476a69
- djm@cvs.openbsd.org 2004/04/18 23:10:26
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
perform strict ownership and modes checks for ~/.ssh/config files,
as these can be used to execute arbitrary programs; ok markus@
NB. ssh will now exit when it detects a config with poor permissions
2004-04-20 20:11:57 +10:00
0c889cd9e9
- markus@cvs.openbsd.org 2004/03/11 10:21:17
...
[ssh.c sshd.c]
ssh, sshd: sync version output, ok djm
2004-03-22 09:36:00 +11:00
5095510e5f
- markus@cvs.openbsd.org 2004/03/10 09:45:06
...
[ssh.c]
trim usage to match ssh(1) and look more like unix. ok djm@
2004-03-22 09:34:58 +11:00
3df755e441
- markus@cvs.openbsd.org 2004/03/09 22:11:05
...
[ssh.c]
increase x11 cookie lifetime to 20 minutes; ok djm
2004-03-22 09:34:26 +11:00
509b0107f0
- markus@cvs.openbsd.org 2003/12/16 15:49:51
...
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
2003-12-17 16:33:10 +11:00
9836cf8d71
- markus@cvs.openbsd.org 2003/12/09 17:30:05
...
[ssh.c]
don't modify argv for ssh -o; similar to sshd.c 1.283
2003-12-17 16:30:06 +11:00
e0113ccc08
- dtucker@cvs.openbsd.org 2003/11/24 00:16:35
...
[ssh.1 ssh.c]
Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
2003-11-24 13:10:09 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
0a118da00e
- markus@cvs.openbsd.org 2003/10/11 08:24:08
...
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
2003-10-15 15:54:32 +10:00
fb10e9abe8
- markus@cvs.openbsd.org 2003/09/01 18:15:50
...
[readconf.c readconf.h servconf.c servconf.h ssh.c]
remove unused kerberos code; ok henning@
2003-09-02 22:58:22 +10:00
59d3d5b8b4
- (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
...
-lbroken; ok dtucker
2003-08-22 09:34:41 +10:00
1c52ee3e6f
- markus@cvs.openbsd.org 2003/08/13 09:07:10
...
[readconf.c ssh.c]
socks4->socks, since with support both 4 and 5; dtucker@zip.com.au
2003-08-13 20:38:36 +10:00
ec960f2c93
- markus@cvs.openbsd.org 2003/08/13 08:46:31
...
[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
fgsch@, miod@, henning@, jakob@ and others
2003-08-13 20:37:05 +10:00
6aaa58c470
- (dtucker) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/07/22 13:35:22
[auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
test+ok henning@
- (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
- (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
I hope I got this right....
2003-08-02 22:24:49 +10:00
e98dfa323e
- markus@cvs.openbsd.org 2003/07/16 10:34:53
...
[ssh.c sshd.c]
don't exit on multiple -v or -d; ok deraadt@
2003-07-19 19:54:31 +10:00
0a4f04b5b2
- djm@cvs.openbsd.org 2003/07/03 08:09:06
...
[readconf.c readconf.h ssh-keysign.c ssh.c]
fix AddressFamily option in config file, from brent@graveland.net ;
ok markus@
2003-07-03 20:37:47 +10:00
3f521e21c0
- markus@cvs.openbsd.org 2003/07/02 20:37:48
...
[ssh.c]
convert hostkeyalias to lowercase, otherwise uppercase aliases will
not match at all; ok henning@
2003-07-03 16:20:42 +10:00
56a0bb07c4
- markus@cvs.openbsd.org 2003/06/12 19:12:03
...
[scard.c scard.h ssh-agent.c ssh.c]
add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
2003-06-18 20:28:40 +10:00
7e1bbc55af
- (djm) Remove IPv4 by default hack now that we can specify AF in config
2003-05-18 20:52:40 +10:00
6e80c36e2a
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2003/05/15 13:52:10
[ssh.c]
Make "ssh -V" print the OpenSSL version in a human readable form. Patch
from Craig Leres (mindrot at ee.lbl.gov); ok markus@
2003-05-16 11:38:00 +10:00
1ea7166019
- (djm) Bug #258 : sscanf("[0-9]") -> sscanf("[0123456789]") for portability
2003-05-14 22:33:58 +10:00
b1ca8bb159
- markus@cvs.openbsd.org 2003/05/11 20:30:25
...
[channels.c clientloop.c serverloop.c session.c ssh.c]
make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
9f1e33a6b2
- markus@cvs.openbsd.org 2003/02/06 09:27:29
...
[ssh.c ssh_config.5]
support 'ProxyCommand none'; bugzilla #433 ; binder@arago.de ; ok djm@
2003-02-24 11:57:32 +11:00
b9fa691819
- millert@cvs.openbsd.org 2002/12/09 16:50:30
...
[ssh.c]
Avoid setting optind to 0 as GNU getopt treats that like we do optreset.
markus@ OK
2002-12-23 02:24:54 +00:00
c276c1208e
- markus@cvs.openbsd.org 2002/11/27 17:53:35
...
[scp.c sftp.c ssh.c]
allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp;
http://bugzilla.mindrot.org/show_bug.cgi?id=447 ; ok mouring@, millert@
2002-12-23 02:14:51 +00:00
604dc72890
- markus@cvs.openbsd.org 2002/11/21 23:04:33
...
[ssh.c]
debug->debug2
2002-12-23 02:08:57 +00:00
8c4e18a6ec
- djm@cvs.openbsd.org 2002/09/19 01:58:18
...
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au ; ok markus@
2002-09-19 12:05:02 +10:00
789e95dbe9
- stevesk@cvs.openbsd.org 2002/09/11 18:27:26
...
[authfd.c authfd.h ssh.c]
don't connect to agent to test for presence if we've previously
connected; ok markus@
2002-09-12 09:52:46 +10:00
50b9a60082
- stevesk@cvs.openbsd.org 2002/08/29 19:49:42
...
[ssh.c]
shrink initial privilege bracket for setuid case; ok markus@
2002-09-04 16:50:06 +10:00
147bba3453
- stevesk@cvs.openbsd.org 2002/08/29 16:02:54
...
[ssh.1 ssh.c]
deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
2002-09-04 16:46:06 +10:00
ee8d52d008
- stevesk@cvs.openbsd.org 2002/07/19 17:42:40
...
[ssh.c]
display a warning from ssh when XAuthLocation does not exist or xauth
returned no authentication data. ok markus@
2002-07-23 21:03:02 +00:00
5d35a2f582
- markus@cvs.openbsd.org 2002/07/03 14:21:05
...
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
re-enable ssh-keysign's sbit, but make ssh-keysign read
/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
globally. based on discussions with deraadt, itojun and sommerfeld;
ok itojun@
2002-07-04 00:19:40 +00:00
a962c2fb35
- deraadt@cvs.openbsd.org 2002/06/30 21:59:45
...
[auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
sshconnect2.c sshd.c]
minor KNF
2002-07-04 00:14:17 +00:00
da394cae04
- markus@cvs.openbsd.org 2002/06/12 01:09:52
...
[ssh.c]
ssh_connect returns 0 on success
2002-06-12 16:11:12 +00:00
2415757253
- markus@cvs.openbsd.org 2002/06/11 23:03:54
...
[ssh.c]
remove unused cruft.
2002-06-12 16:09:39 +00:00
1aa6427c0f
- (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
...
vinschen@redhat.com
2002-06-11 20:28:05 +00:00
f9c4884c8e
- markus@cvs.openbsd.org 2002/06/11 04:14:26
...
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
2002-06-11 16:37:51 +00:00
4daea86fd4
- markus@cvs.openbsd.org 2002/06/08 05:17:01
...
[readconf.c readconf.h ssh.1 ssh.c]
deprecate FallBackToRsh and UseRsh; patch from djm@
2002-06-09 20:04:02 +00:00
ece420413b
- markus@cvs.openbsd.org 2002/06/08 05:07:56
...
[ssh.c]
nuke ptrace comment
2002-06-09 20:00:09 +00:00
9e5bb579f9
- markus@cvs.openbsd.org 2002/05/23 19:39:34
...
[ssh.c]
add comment about ssh-keysign
2002-06-06 19:58:27 +00:00
1bad256822
- markus@cvs.openbsd.org 2002/05/23 19:24:30
...
[authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
add /usr/libexec/ssh-keysign: a setuid helper program for hostbased
authentication in protocol v2 (needs to access the hostkeys).
Note: Makefile.in untested. Will test after merge is finished.
2002-06-06 19:57:33 +00:00
f666fec2d5
- deraadt@cvs.openbsd.org 2002/05/22 23:18:25
...
[ssh.c sshd.c]
spelling; abishoff@arc.nasa.gov
2002-06-06 19:51:58 +00:00
fac7769f64
- stevesk@cvs.openbsd.org 2002/05/16 22:09:59
...
[session.c ssh.c]
don't limit xauth pathlen on client side and longer print length on
server when debug; ok markus@
2002-06-06 19:49:54 +00:00
2797f7f03a
- markus@cvs.openbsd.org 2002/04/22 21:04:52
...
[channels.c clientloop.c clientloop.h ssh.c]
request reply (success/failure) for -R style fwd in protocol v2,
depends on ordered replies.
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215 ; ok provos@
2002-04-23 21:09:44 +10:00
eb041dca1f
- markus@cvs.openbsd.org 2002/03/26 11:37:05
...
[ssh.c]
update Copyright
2002-03-27 17:20:38 +00:00
4f054607f0
- markus@cvs.openbsd.org 2002/03/25 21:04:02
...
[ssh.c]
simplify num_identity_files handling
2002-03-26 03:23:00 +00:00
0936a5bb72
- markus@cvs.openbsd.org 2002/03/25 17:34:27
...
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
ba72d30aa5
- rees@cvs.openbsd.org 2002/03/21 22:44:05
...
[authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
Add PIN-protection for secret key.
2002-03-22 03:51:06 +00:00
6328ab3989
- markus@cvs.openbsd.org 2002/03/19 10:49:35
...
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
ttymodes.c]
KNF whitespace
2002-03-22 02:54:23 +00:00
19a5945105
- markus@cvs.openbsd.org 2002/02/14 23:28:00
...
[channels.h session.c ssh.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
2002-02-19 15:20:57 +11:00
4860650842
- markus@cvs.openbsd.org 2002/02/07 09:35:39
...
[ssh.c]
remove bogus comments
2002-02-08 22:07:33 +11:00
699d003e3a
- markus@cvs.openbsd.org 2002/02/06 14:55:16
...
[channels.c clientloop.c serverloop.c ssh.c]
channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
a500cd608e
- markus@cvs.openbsd.org 2002/02/05 14:32:55
...
[channels.c channels.h ssh.c]
merge channel_request() into channel_request_start()
2002-02-08 22:04:26 +11:00
67f0bc043c
- markus@cvs.openbsd.org 2002/02/03 17:58:21
...
[channels.c channels.h ssh.c]
generic callbacks are not really used, remove and
add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
ok djm@
2002-02-05 12:23:08 +11:00
35b13d633b
- stevesk@cvs.openbsd.org 2002/01/27 18:08:17
...
[ssh.c]
handle simple case to identify FamilyLocal display; ok markus@
2002-02-05 12:12:09 +11:00
b16461ce45
- markus@cvs.openbsd.org 2002/01/16 13:17:51
...
[channels.c channels.h serverloop.c ssh.c]
wrapper for channel_setup_fwd_listener
2002-01-22 23:29:22 +11:00
630d6f4479
- markus@cvs.openbsd.org 2001/12/28 15:06:00
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
dff5099f13
- markus@cvs.openbsd.org 2001/12/28 14:50:54
...
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
48b03fc546
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
66823cddbe
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
5a6b4fe225
- stevesk@cvs.openbsd.org 2001/12/19 17:16:13
...
[authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
change the buffer/packet interface to use void* vs. char*; ok markus@
2001-12-21 14:56:54 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
4a4bd719ea
- stevesk@cvs.openbsd.org 2001/11/30 20:39:28
...
[ssh.c]
sscanf() length dependencies are clearer now; can also shrink proto
and data if desired, but i have not done that. ok markus@
2001-12-06 17:45:19 +00:00
07cd5897f9
- markus@cvs.openbsd.org 2001/10/24 08:51:35
...
[clientloop.c ssh.c]
ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
2001-11-12 10:52:03 +11:00
595bb4f572
- markus@cvs.openbsd.org 2001/10/24 08:41:20
...
[ssh.c]
remove unused
2001-11-12 10:51:40 +11:00
139d4cd908
- markus@cvs.openbsd.org 2001/10/09 10:12:08
...
[session.c]
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
2001-10-10 15:07:44 +10:00
908afed17f
- markus@cvs.openbsd.org 2001/10/01 21:38:53
...
[channels.c channels.h ssh.c sshd.c]
remove ugliness; vp@drexel.edu via angelos
2001-10-03 17:34:59 +00:00
83f07d1954
- markus@cvs.openbsd.org 2001/09/28 15:46:29
...
[ssh.c]
bug: read user config first; report kaukasoi@elektroni.ee.tut.fi
2001-10-03 17:22:29 +00:00
40a0d20913
- (bal) Removed 'extern int optopt;' since it is dead wood.
2001-09-24 22:04:02 +00:00
5ccf63a974
- (bal) updated ssh.c to mirror minor getopts 'extern int' formating done
...
by stevesk@
2001-09-24 20:00:10 +00:00
f558cf6580
- markus@cvs.openbsd.org 2001/09/20 13:50:40
...
[compat.c compat.h ssh.c]
bug compat: request a dummy channel for -N (no shell) sessions +
cleanup; vinschen@redhat.com
2001-09-20 23:13:49 +00:00
edc0cf26d1
- stevesk@cvs.openbsd.org 2001/09/03 20:58:33
...
[readconf.c readconf.h ssh.c]
fatal() for nonexistent -Fssh_config. ok markus@
2001-09-12 18:32:20 +00:00
1a1747172e
- stevesk@cvs.openbsd.org 2001/08/29 23:27:23
...
[ssh.c]
validate ports for -L/-R; ok markus@
2001-09-12 17:56:15 +00:00
19ceb17040
- stevesk@cvs.openbsd.org 2001/08/29 23:13:10
...
[ssh.1 ssh.c]
document -D and DynamicForward; ok markus
2001-09-12 17:54:24 +00:00
14f31ab947
- markus@cvs.openbsd.org 2001/08/28 15:39:48
...
[ssh.1 ssh.c]
allow: ssh -F configfile host
2001-09-12 17:48:04 +00:00
930b14a28e
- jakob@cvs.openbsd.org 2001/08/11 22:51:27
...
[ssh.c tildexpand.c]
fix more paths beginning with "//"; <bradshaw@staff.crosswalk.com>.
ok markus@
2001-08-15 23:19:21 +00:00
bcc1808bf2
- jakob@cvs.openbsd.org 2001/08/02 16:14:05
...
[scard.c ssh-agent.c ssh.c ssh-keygen.c]
clean up some /* SMARTCARD */. ok markus@
2001-08-06 21:59:25 +00:00
ffce147638
- jakob@cvs.openbsd.org 2001/08/02 15:43:57
...
[ssh-agent.c ssh.c ssh-keygen.c]
add /* SMARTCARD */ to #else/#endif. ok markus@
2001-08-06 21:57:31 +00:00
61eb9568b3
- jakob@cvs.openbsd.org 2001/08/02 15:32:10
...
[ssh.c]
add smartcard to usage(). ok markus@
2001-08-06 21:53:42 +00:00
a6c8a8d4d5
- markus@cvs.openbsd.org 2001/08/01 23:38:45
...
[scard.c ssh.c]
support finish rsa keys.
free public keys after login -> call finish -> close smartcard.
2001-08-06 21:42:00 +00:00
f7db3bb64c
- markus@cvs.openbsd.org 2001/08/01 22:03:33
...
[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
ssh-agent.c ssh.c]
use strings instead of ints for smartcard reader ids
2001-08-06 21:35:51 +00:00
ae996bf7d1
- jakob@cvs.openbsd.org 2001/07/31 09:28:44
...
[readconf.c readconf.h ssh.1 ssh.c]
add 'SmartcardDevice' client option to specify which smartcard device
is used to access a smartcard used for storing the user's private RSA
key. ok markus@.
2001-08-06 21:27:53 +00:00
711b04a56a
- millert@cvs.openbsd.org 2001/07/27 14:50:45
...
[ssh.c]
If smart card support is compiled in and a smart card is being used
for authentication, make it the first method used. markus@ OK
2001-08-06 21:12:42 +00:00
f9cedb9ca0
- markus@cvs.openbsd.org 2001/07/25 14:35:18
...
[readconf.c ssh.1 ssh.c sshconnect.c]
cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
2001-08-06 21:07:11 +00:00
4f8e66929b
- (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension.
2001-07-14 13:22:53 +10:00
1b73448d6d
- markus@cvs.openbsd.org 2001/07/11 16:29:59
...
[ssh.c]
sort options string, fix -p, add -k
2001-07-14 12:21:07 +10:00
f4614450d1
- OpenBSD CVS Sync
...
- fgsch@cvs.openbsd.org 2001/07/09 05:58:47
[ssh.c]
Use getopt(3); markus@ ok.
2001-07-14 12:18:10 +10:00
08ccf9d08c
whitespace sync
2001-07-04 17:52:01 +00:00
c5b680018b
- markus@cvs.openbsd.org 2001/06/26 20:14:11
...
[key.c key.h ssh.c sshconnect1.c sshconnect2.c]
add smartcard support to the client, too (now you can use both
the agent and the client).
2001-07-04 04:52:03 +00:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
6ab6486273
- markus@cvs.openbsd.org 2001/06/22 23:35:21
...
[ssh.c]
don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
2001-06-25 04:26:55 +00:00
664408d2a7
- markus@cvs.openbsd.org 2001/06/07 20:23:05
...
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
sshconnect.c sshconnect1.c]
use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
c763767f18
[NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
...
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
2001-06-09 00:36:26 +00:00
5ec2645a2d
- markus@cvs.openbsd.org 2001/05/30 15:20:10
...
[ssh.c]
merge functions, simplify.
2001-06-09 00:18:51 +00:00
e6455aee8f
[NOTE: File split is was not done in Portabl Tree]
...
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
3b89c5ef89
- markus@cvs.openbsd.org 2001/05/28 08:04:39
...
[ssh.c]
fix usage()
2001-06-05 20:44:16 +00:00
2b1f71baee
- stevesk@cvs.openbsd.org 2001/05/24 18:57:53
...
[clientloop.c readconf.c ssh.c ssh.h]
don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 20:32:21 +00:00
99c73b377a
- markus@cvs.openbsd.org 2001/05/04 23:47:34
...
[channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
move to Channel **channels (instead of Channel *channels), fixes realloc
problems. channel_new now returns a Channel *, favour Channel * over
channel id. remove old channel_allocate interface.
2001-05-05 04:09:47 +00:00
e0f8804194
- markus@cvs.openbsd.org 2001/04/30 11:18:52
...
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
implement 'ssh -b bind_address' like 'telnet -b'
2001-04-30 13:06:24 +00:00
2b261b9035
- markus@cvs.openbsd.org 2001/04/17 12:55:04
...
[channels.c ssh.c]
undo socks5 and https support since they are not really used and
only bloat ssh. remove -D from usage(), since '-D' is experimental.
2001-04-17 18:14:34 +00:00
ae8e2d30db
- stevesk@cvs.openbsd.org 2001/04/14 16:33:20
...
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
protocol 2 tty modes support; ok markus@
2001-04-14 23:13:02 +00:00
92d4a02001
- stevesk@cvs.openbsd.org 2001/04/13 01:26:17
...
[ssh.c]
missing \n in error message
2001-04-13 04:44:37 +00:00
19066a112b
- stevesk@cvs.openbsd.org 2001/04/12 20:09:38
...
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
robust port validation; ok markus@ jakob@
2001-04-12 23:39:26 +00:00
5eabda303a
- markus@cvs.openbsd.org 2001/04/12 19:15:26
...
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-12 23:34:34 +00:00
2b646528cb
- markus@cvs.openbsd.org 2001/04/12 14:29:09
...
[ssh.c]
show debug output during option processing, report from
pekkas@netcore.fi
2001-04-12 16:16:57 +00:00
6fa9d10ed5
- markus@cvs.openbsd.org 2001/04/11 13:56:13
...
[channels.c ssh.c]
https-connect and socks5 support. i feel so bad.
2001-04-11 23:08:17 +00:00
146edb9832
- markus@cvs.openbsd.org 2001/04/11 10:59:01
...
[ssh.c]
use strtol() for ports, thanks jakob@
2001-04-11 23:06:28 +00:00
3bb4f9da73
- markus@cvs.openbsd.org 2001/04/07 08:55:18
...
[buffer.c channels.c channels.h readconf.c ssh.c]
allow the ssh client act as a SOCKS4 proxy (dynamic local
portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
netscape use localhost:1080 as a socks proxy.
2001-04-08 18:30:26 +00:00
3fcf1a22b5
- markus@cvs.openbsd.org 2001/04/06 21:00:17
...
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
2001-04-08 18:26:59 +00:00
4c3f77dd3b
- markus@cvs.openbsd.org 2001/04/05 21:05:24
...
[clientloop.c ssh.c]
don't request a session for 'ssh -N', pointed out slade@shore.net
2001-04-05 23:37:36 +00:00
d0fca423fc
- markus@cvs.openbsd.org 2001/03/26 08:07:09
...
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
2001-03-26 13:44:06 +00:00
60bc517356
- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
...
do it implicitly.
2001-03-19 09:38:15 +11:00
266dfdfd62
- markus@cvs.openbsd.org 2001/03/08 21:42:33
...
[compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
no need to do enter passphrase or do expensive sign operations if the
server does not accept key).
2001-03-09 00:12:22 +00:00
Damien Miller
Darren Tucker
Ben Lindstrom
Kevin Steves