summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/auth-options.c
AgeCommit message (Expand)Author
2015-01-14swith auth-options to new sshbuf/sshkey; ok djm@Markus Friedl
2014-07-15Add support for Unix domain socket forwarding. A remote TCP portTodd C. Miller
2014-06-24New key API: refactor key-related functions to be more library-like,Damien Miller
2013-12-19simplify freeing of source-address certificate restrictionDamien Miller
2013-11-08use calloc for all structure allocations; from markus@Damien Miller
2013-11-02no need to include monitor_wrap.h and ssh-gss.hMarkus Friedl
2013-07-12fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@Damien Miller
2013-05-17bye, bye xfree(); ok markus@Damien Miller
2012-12-02make AllowTcpForwarding accept "local" and "remote" in addition to itsDamien Miller
2011-10-18remove explict search for \0 in packet strings, this job is now doneDamien Miller
2011-09-23Add wildcard support to PermitOpen, allowing things like "PermitOpenDarren Tucker
2010-12-24don't send the actual forced command in a debug message; ok markus deraadtDamien Miller
2010-08-31Add buffer_get_cstring() and related functions that verify that theDamien Miller
2010-05-20Move the permit-* options to the non-critical "extensions" field for v01Damien Miller
2010-05-07add some optional indirection to matching of principal names listedDamien Miller
2010-04-16revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with theDamien Miller
2010-03-16spelling in error message. ok djm kettenisKevin Steves
2010-03-07Hold authentication debug messages until after successful authentication.Darren Tucker
2010-03-04"force-command" is not spelled "forced-command"; spotted byDamien Miller
2010-03-03reject strings with embedded ASCII nul chars in certificate key IDs,Damien Miller
2010-02-26Add support for certificate key types for users and hosts.Damien Miller
2009-01-22another chunk of a2port() diff that got away. wtfdjm??Damien Miller
2008-06-10support CIDR address matching in .ssh/authorized_keys from="..." stanzasDamien Miller
2008-05-08Implement a channel success/failure status confirmation callbackDamien Miller
2008-03-26add no-user-rc authorized_keys option to disable execution of ~/.ssh/rcDamien Miller
2006-08-03almost entirely get rid of the culture of ".h files that include .h files"Theo de Raadt
2006-07-22move #include <string.h> out of includes.hKevin Steves
2006-07-17Use '\0' rather than 0 to terminates strings; ok djm@Darren Tucker
2006-07-12move #include <netdb.h> out of includes.h; ok djm@Kevin Steves
2006-07-06move #include <pwd.h> out of includes.h; ok markus@Kevin Steves
2006-03-25Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatDamien Miller
2006-03-19RCSID() can dieTheo de Raadt
2005-12-08two changes to the new ssh tunnel support. this breaks compatibilityReyk Floeter
2005-12-06Add support for tun(4) forwarding over OpenSSH, based on an idea andReyk Floeter
2005-03-10spacingTheo de Raadt
2005-03-10spacingTheo de Raadt
2005-03-01bz#413: allow optional specification of bind address for port forwardings.Damien Miller
2003-06-02deprecate VerifyReverseMapping since it's dangerous if combinedMarkus Friedl
2003-04-08rename log() into logit() to avoid name conflict. markus ok, from netbsdJun-ichiro itojun Hagino
2002-07-30add PermitUserEnvironment (off by default!); from dot@dotat.at; ok provos, de...Markus Friedl
2002-07-21unneeded includesKevin Steves
2002-05-13move the packet_send_debug handling from auth-options.c to auth.c; ok provos@Markus Friedl
2002-03-19clean up prototypesMarkus Friedl
2002-03-18integrate privilege separated openssh; its turned off by default for now.Niels Provos
2002-01-29s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@Markus Friedl
2001-08-30validate ports for permitopen key file option. add host/portKevin Steves
2001-06-24move ip+hostname check to match.cMarkus Friedl
2001-05-31undo the .c file split, just merge the header and keep the cvs historyMarkus Friedl
2001-05-30channel layer cleanup: merge header files and split .c filesMarkus Friedl
2001-03-18ignore permitopen="host:port" if AllowTcpForwarding==noMarkus Friedl