summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2016-09-30ssh proxy mux mode (-O proxy; idea from Simon Tatham):Markus Friedl
2016-09-28put back some pre-auth zlib bits that I shouldn't have removed -Damien Miller
2016-09-28restore pre-auth compression support in the client -- the previousDamien Miller
2016-09-28use a separate TOKENS section, as we've done for sshd_config(5);Jason McIntyre
2016-09-28Remove support for pre-authentication compression. Doing compressionDamien Miller
2016-09-26Avoid a theoretical signed integer overflow should BN_num_bytes()Damien Miller
2016-09-22missing bit from previous commitDamien Miller
2016-09-22organise the token stuff into a separate section;Jason McIntyre
2016-09-22mention curve25519-sha256 KEXDamien Miller
2016-09-22support plain curve25519-sha256 KEX algorithm now that it isDamien Miller
2016-09-22If ssh receives a PACKET_DISCONNECT during userauth it will causeDarren Tucker
2016-09-21correctly return errors from kex_send_ext_info(). Fix from Sami FarinDamien Miller
2016-09-21cast uint64_t for printfDamien Miller
2016-09-21Revert two recent changes to negated address matching. The newDamien Miller
2016-09-21add a way for principals command to get see key ID and serial tooDamien Miller
2016-09-19move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS causesMarkus Friedl
2016-09-19Replace two more arc4random() loops with arc4random_buf().Martin Natano
2016-09-17replace two arc4random loops with arc4random_bufTed Unangst
2016-09-14take fingerprint of correct key for AuthorizedPrincipalsCommandDamien Miller
2016-09-14add %-escapes to AuthorizedPrincipalsCommand to match those supportedDamien Miller
2016-09-12handle certs in rsa_hash_alg_from_ident(), saving an unnecessaryDamien Miller
2016-09-12list all supported signature algorithms in the server-sig-algsDamien Miller
2016-09-12Spaces->tabs.Darren Tucker
2016-09-12Style whitespace fix. Also happens to remove a no-op diff with portable.Darren Tucker
2016-09-12Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsTheo de Raadt
2016-09-07sort; from matthew martinJason McIntyre
2016-09-06ssh_set_newkeys: print correct block counters on rekeying; ok djm@Markus Friedl
2016-09-06update ext_info_c every time we receive a kexinit msg; fixes sending ofMarkus Friedl
2016-09-05remove 3des-cbc from the client's default proposal; 64-bit block ciphersDamien Miller
2016-09-05enforce expected request flow for GSSAPI calls; thanks to Jakub JelenDamien Miller
2016-08-30restrict monitor auth calls to be allowed only when theirDamien Miller
2016-08-28fix uninitialised optlen in getsockopt() call; harmless on Unix/BSDDamien Miller
2016-08-27Pull in <sys/time.h> for struct timevalPhilip Guenther
2016-08-27Pull in <stdlib.h> for NULLPhilip Guenther
2016-08-25add a sIgnore opcode that silently ignores options and use it toDamien Miller
2016-08-25remove superfluous NOTREACHED commentDamien Miller
2016-08-23fix previous, a condition was modified incorrectly; ok markus@ deraadt@Otto Moerbeek
2016-08-23downgrade an error() to a debug2() to match similar casesDamien Miller
2016-08-23fix negated address matching where the address list consists of aDamien Miller
2016-08-23fix matching for pattern lists that contain a single negated match,Damien Miller
2016-08-19remove UseLogin option and support for having /bin/login manageDamien Miller
2016-08-15Catch up with the SSH1 code removal and delete all mention ofChristian Weisgerber
2016-08-15Remove more SSH1 server code:Christian Weisgerber
2016-08-13remove ssh1 server code; ok djm@Markus Friedl
2016-08-12Use 2001:db8::/32, the official IPv6 subnet for configuration examples.Jeremie Courreges-Anglas
2016-08-11Update moduli file.Darren Tucker
2016-08-08Improve error message for overlong ControlPath. ok markus@ djm@Darren Tucker
2016-08-03small refactor of cipher.c: make ciphercontext opaque to callersDamien Miller
2016-08-03Fix bug introduced in rev 1.467 which causes "buffer_get_bignum_ret:Darren Tucker
2016-07-27better bounds check on iovcnt (we only ever use fixed, positive values)Damien Miller