Age | Commit message (Expand) | Author |
2020-10-18 | use the new variant log macros instead of prepending __func__ and | Damien Miller |
2020-08-27 | support for requiring user verified FIDO keys in sshd | Damien Miller |
2020-03-06 | fix null-deref on calloc failure; ok djm | Markus Friedl |
2020-02-26 | change explicit_bzero();free() to freezero() | Jonathan Gray |
2019-11-25 | add a "no-touch-required" option for authorized_keys and a similar | Damien Miller |
2019-09-13 | Plug mem leaks on error paths, based in part on github pr#120 from | Darren Tucker |
2019-09-06 | lots of things were relying on libcrypto headers to transitively | Damien Miller |
2019-09-03 | move authorized_keys option parsing helpsers to misc.c and make | Damien Miller |
2019-07-09 | cap the number of permiopen/permitlisten directives we're willing to | Damien Miller |
2019-06-27 | Some asprintf() calls were checked < 0, rather than the precise == -1. | Theo de Raadt |
2018-10-03 | Allow ssh_config IdentityAgent directive to accept environment variable | Damien Miller |
2018-06-19 | allow bare port numbers to appear in PermitListen directives, e.g. | Damien Miller |
2018-06-07 | some permitlisten fixes from markus@ that I missed in my insomnia-fueled | Damien Miller |
2018-06-07 | fix regression caused by recent permitlisten option commit: | Damien Miller |
2018-06-06 | permitlisten option for authorized_keys; ok markus@ | Damien Miller |
2018-04-06 | relax checking of authorized_keys environment="..." options to allow | Damien Miller |
2018-03-14 | rename recently-added "valid-before" key restriction to "expiry-time" | Damien Miller |
2018-03-12 | add valid-before="[time]" authorized_keys option. A simple way of | Damien Miller |
2018-03-03 | switch over to the new authorized_keys options API and remove the | Damien Miller |
2018-03-03 | Introduce a new API for handling authorized_keys options. This API | Damien Miller |
2017-09-12 | refactor channels.c | Damien Miller |
2017-05-31 | make sure we don't pass a NULL string to vfprintf (triggered by the | Markus Friedl |
2016-11-30 | When a forced-command appears in both a certificate and an | Damien Miller |
2016-03-07 | refactor canohost.c: move functions that cache results closer to the | Damien Miller |
2015-12-10 | Remove NULL-checks before free(). | mmcc |
2015-11-16 | Add a new authorized_keys option "restrict" that includes all current | Damien Miller |
2015-07-03 | delete support for legacy v00 certificates; "sure" markus@ dtucker@ | Damien Miller |
2015-05-01 | Don't make parsing of authorized_keys' environment= option conditional | Damien Miller |
2015-04-22 | unknown certificate extensions are non-fatal, so don't fatal | Damien Miller |
2015-01-14 | swith auth-options to new sshbuf/sshkey; ok djm@ | Markus Friedl |
2014-07-15 | Add support for Unix domain socket forwarding. A remote TCP port | Todd C. Miller |
2014-06-24 | New key API: refactor key-related functions to be more library-like, | Damien Miller |
2013-12-19 | simplify freeing of source-address certificate restriction | Damien Miller |
2013-11-08 | use calloc for all structure allocations; from markus@ | Damien Miller |
2013-11-02 | no need to include monitor_wrap.h and ssh-gss.h | Markus Friedl |
2013-07-12 | fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ | Damien Miller |
2013-05-17 | bye, bye xfree(); ok markus@ | Damien Miller |
2012-12-02 | make AllowTcpForwarding accept "local" and "remote" in addition to its | Damien Miller |
2011-10-18 | remove explict search for \0 in packet strings, this job is now done | Damien Miller |
2011-09-23 | Add wildcard support to PermitOpen, allowing things like "PermitOpen | Darren Tucker |
2010-12-24 | don't send the actual forced command in a debug message; ok markus deraadt | Damien Miller |
2010-08-31 | Add buffer_get_cstring() and related functions that verify that the | Damien Miller |
2010-05-20 | Move the permit-* options to the non-critical "extensions" field for v01 | Damien Miller |
2010-05-07 | add some optional indirection to matching of principal names listed | Damien Miller |
2010-04-16 | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | Damien Miller |
2010-03-16 | spelling in error message. ok djm kettenis | Kevin Steves |
2010-03-07 | Hold authentication debug messages until after successful authentication. | Darren Tucker |
2010-03-04 | "force-command" is not spelled "forced-command"; spotted by | Damien Miller |
2010-03-03 | reject strings with embedded ASCII nul chars in certificate key IDs, | Damien Miller |
2010-02-26 | Add support for certificate key types for users and hosts. | Damien Miller |