| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2007-01-03 | spaces | Kevin Steves | |
| 2006-12-12 | bz #1019: some ssh.com versions apparently can't cope with the remote port | Damien Miller | |
| forwarding bind_address being a hostname, so send them an address for cases where they are not explicitly specified (wildcard or localhost bind). reported by daveroth AT acm.org; ok dtucker@ deraadt@ | |||
| 2006-08-29 | normalise some inconsistent (but harmless) NULL pointer checks | Damien Miller | |
| spotted by the Stanford SATURN tool, via Isil Dillig; ok markus@ deraadt@ | |||
| 2006-08-03 | almost entirely get rid of the culture of ".h files that include .h files" | Theo de Raadt | |
| ok djm, sort of ok stevesk makes the pain stop in one easy step | |||
| 2006-08-01 | clean extra spaces | Kevin Steves | |
| 2006-08-01 | move #include <stdio.h> out of includes.h | Kevin Steves | |
| 2006-07-26 | move #include <stdlib.h> out of includes.h | Kevin Steves | |
| 2006-07-25 | move #include <sys/time.h> out of includes.h | Kevin Steves | |
| 2006-07-22 | move #include <string.h> out of includes.h | Kevin Steves | |
| 2006-07-21 | more ARGSUSED (lint) for dispatch table-driven functions; ok djm@ | Kevin Steves | |
| 2006-07-21 | Make PermitOpen take a list of permitted ports and act more like most other | Darren Tucker | |
| keywords (ie the first match is the effective setting). This also makes it easier to override a previously set PermitOpen. ok djm@ | |||
| 2006-07-17 | Add PermitOpen directive to sshd_config which is equivalent to the | Darren Tucker | |
| "permitopen" key option. Allows server admin to allow TCP port forwarding only two specific host/port pairs. Useful when combined with Match. If permitopen is used in both sshd_config and a key option, both must allow a given connection before it will be permitted. Note that users can still use external forwarders such as netcat, so to be those must be controlled too for the limits to be effective. Feedback & ok djm@, man page corrections & ok jmc@. | |||
| 2006-07-17 | move #include <unistd.h> out of includes.h | Kevin Steves | |
| 2006-07-12 | move #include <netdb.h> out of includes.h; ok djm@ | Kevin Steves | |
| 2006-07-11 | move #include <errno.h> out of includes.h; ok markus@ | Kevin Steves | |
| 2006-07-11 | add ExitOnForwardFailure: terminate the connection if ssh(1) | Markus Friedl | |
| cannot set up all requested dynamic, local, and remote port forwardings. ok djm, dtucker, stevesk, jmc | |||
| 2006-07-10 | fix misparsing of SOCKS 5 packets that could result in a crash; | Damien Miller | |
| reported by mk@ ok markus@ | |||
| 2006-07-03 | move #include <arpa/inet.h> out of includes.h; old ok djm@ | Kevin Steves | |
| 2006-04-16 | Fix condition where we could exit with a fatal error when an input | Damien Miller | |
| buffer became too large and the remote end had advertised a big window. The problem was a mismatch in the backoff math between the channels code and the buffer code, so make a buffer_check_alloc() function that the channels code can use to propsectivly check whether an incremental allocation will succeed. bz #1131, debugged with the assistance of cove AT wildpackets.com; ok dtucker@ deraadt@ | |||
| 2006-03-30 | ARGSUSED for dispatch table-driven functions | Damien Miller | |
| 2006-03-28 | do not accept unreasonable X ports numbers; ok djm | Theo de Raadt | |
| 2006-03-25 | delete cast not required | Theo de Raadt | |
| 2006-03-25 | remove (char *) casts to a function that accepts void * for the arg | Theo de Raadt | |
| 2006-03-25 | use strtonum() instead of atoi() [limit X screens to 400, sorry] | Theo de Raadt | |
| 2006-03-25 | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | Damien Miller | |
| Theo nuked - our scripts to sync -portable need them in the files | |||
| 2006-03-25 | change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to | Damien Miller | |
| xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@ | |||
| 2006-03-25 | introduce xcalloc() and xasprintf() failure-checked allocations functions | Damien Miller | |
| and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@ | |||
| 2006-03-20 | spacing | Theo de Raadt | |
| 2006-03-20 | x11_fake_data is only ever used as u_char * | Theo de Raadt | |
| 2006-03-20 | annoying spacing fixes getting in the way of real diffs | Theo de Raadt | |
| 2006-03-20 | sprinkle u_int throughout pty subsystem, ok markus | Theo de Raadt | |
| 2006-03-19 | spacing | Theo de Raadt | |
| 2006-03-19 | RCSID() can die | Theo de Raadt | |
| 2006-02-20 | move #include <sys/un.h> out of includes.h; ok djm@ | Kevin Steves | |
| 2006-02-10 | move #include <sys/ioctl.h> out of includes.h; ok markus@ | Kevin Steves | |
| 2006-02-07 | move #include <termios.h> out of includes.h; ok markus@ | Kevin Steves | |
| 2006-01-30 | mark channel as write failed or dead instead of read failed on error | Reyk Floeter | |
| of the channel output filter. ok markus@ | |||
| 2005-12-30 | add channel output filter interface. | Reyk Floeter | |
| ok djm@, suggested by markus@ | |||
| 2005-12-28 | use 'break-in' for consistency; ok deraadt@ ok and input jmc@ | Kevin Steves | |
| 2005-12-12 | make sure protocol messages for internal channels are ignored. | Markus Friedl | |
| allow adjust messages for non-open channels; with and ok djm@ | |||
| 2005-12-06 | Add support for tun(4) forwarding over OpenSSH, based on an idea and | Reyk Floeter | |
| initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others | |||
| 2005-10-14 | free()->xfree(); ok djm@ | Kevin Steves | |
| 2005-10-11 | bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing | Damien Miller | |
| bind() failure when a previous connection's listeners are in TIME_WAIT, reported by plattner AT inf.ethz.ch; ok dtucker@ | |||
| 2005-10-10 | fix regression I introduced in 4.2: X11 forwardings initiated after | Damien Miller | |
| a session has exited (e.g. "(sleep 5; xterm) &") would not start. bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@ | |||
| 2005-09-07 | enforce chanid != NULL; ok djm | Markus Friedl | |
| 2005-07-17 | knf says that a 2nd level indent is four (not three or five) spaces | Damien Miller | |
| 2005-07-17 | Fix a number of X11 forwarding channel leaks: | Damien Miller | |
| 1. Refuse multiple X11 forwarding requests on the same session 2. Clean up all listeners after a single_connection X11 forward, not just the one that made the single connection 3. Destroy X11 listeners when the session owning them goes away testing and ok dtucker@ | |||
| 2005-07-16 | spacing | Damien Miller | |
| 2005-07-04 | don't forget to set x11_saved_display | Markus Friedl | |
| 2005-07-04 | implement support for X11 and agent forwarding over multiplex slave | Damien Miller | |
| connections. Because of protocol limitations, the slave connections inherit the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding their own. ok dtucker@ "put it in" deraadt@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |