| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-02-21 | dlclose() call should also be #ifdef HAVE_DLOPEN | Theo de Raadt | |
| 2010-02-20 | unbreak build for NOPIC systems; noticed, help and ok deraadt@ | Markus Friedl | |
| 2010-02-19 | gcc2 requires decls before code | Theo de Raadt | |
| 2010-02-11 | correct comment | Damien Miller | |
| 2010-02-11 | libarary -> library; | Jason McIntyre | |
| 2010-02-10 | pkcs#11 is no longer optional; improve wording; ok jmc@ | Markus Friedl | |
| 2010-02-09 | enable PKCS#11 code; ok djm | Markus Friedl | |
| 2010-02-09 | fix whitespace; from jmc@ | Markus Friedl | |
| 2010-02-09 | add manpage; ok djm@ | Markus Friedl | |
| 2010-02-09 | unbreak ChrootDirectory+internal-sftp by skipping check for executable shell | Damien Miller | |
| when chrooting; reported by danh AT wzrd.com; ok dtucker@ | |||
| 2010-02-09 | constify the arguments to buffer_len, buffer_ptr and buffer_dump | Damien Miller | |
| 2010-02-09 | fix -Wall | Damien Miller | |
| 2010-02-09 | fallout from PKCS#11: unbreak -D | Damien Miller | |
| 2010-02-08 | tweak previous; ok markus | Jason McIntyre | |
| 2010-02-08 | obsolete | Markus Friedl | |
| 2010-02-08 | remove scard | Markus Friedl | |
| 2010-02-08 | remove obsole scard code | Markus Friedl | |
| 2010-02-08 | replace our obsolete smartcard code with PKCS#11. | Markus Friedl | |
| ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev | |||
| 2010-02-02 | make buffer_get_string_ret() really non-fatal in all cases (it was | Damien Miller | |
| using buffer_get_int(), which could fatal() on buffer empty); ok markus dtucker | |||
| 2010-01-30 | fake local addr:port when stdio fowarding as some servers (Tectia at | Damien Miller | |
| least) validate that they are well-formed; reported by imorgan AT nas.nasa.gov ok dtucker | |||
| 2010-01-30 | debug output goes to stderr, not "the system log"; ok markus dtucker | Damien Miller | |
| 2010-01-30 | don't mark channel as read failed if it is already closing; suppresses | Damien Miller | |
| harmless error messages when connecting to SSH.COM Tectia server report by imorgan AT nas.nasa.gov | |||
| 2010-01-29 | kill correct channel (was killing already-dead mux channel, not | Damien Miller | |
| its session channel) | |||
| 2010-01-29 | set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com | Damien Miller | |
| ok dtucker@ | |||
| 2010-01-28 | downgrade an error() to a debug() - this particular case can be hit in | Damien Miller | |
| normal operation for certain sequences of mux slave vs session closure and is harmless | |||
| 2010-01-27 | add missing "p" flag to getopt optstring; | Damien Miller | |
| bz#1704 from imorgan AT nas.nasa.gov | |||
| 2010-01-27 | fix bug introduced in mux rewrite: | Damien Miller | |
| In a mux master, when a socket to a mux slave closes before its server session (as may occur when the slave has been signalled), gracefully close the server session rather than deleting its channel immediately. A server may have more messages on that channel to send (e.g. an exit message) that will fatal() the client if they are sent to a channel that has been prematurely deleted. spotted by imorgan AT nas.nasa.gov | |||
| 2010-01-26 | -Wuninitialized and remove a // comment; from portable | Damien Miller | |
| 2010-01-26 | rewrite ssh(1) multiplexing code to a more sensible protocol. | Damien Miller | |
| The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave. avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master. implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established. add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned). feedback Salvador Fandino, dtucker@ channel changes ok markus@ | |||
| 2010-01-18 | s/long long unsigned/unsigned long long/, from tim via portable | Darren Tucker | |
| 2010-01-17 | Correct and clarify ssh-add's password asking behavior. | Ted Unangst | |
| Improved text dtucker and ok jmc | |||
| 2010-01-15 | unused | Markus Friedl | |
| 2010-01-15 | Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp | Philip Guenthe | |
| inherited SIGTERM as ignored it will still be able to kill the ssh it starts. ok dtucker@ | |||
| 2010-01-14 | use user_from{uid,gid} to lookup up ids since it keeps a small cache. ok djm | Darren Tucker | |
| 2010-01-13 | when using ChrootDirectory, make sure we test for the existence of the | Damien Miller | |
| user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; ok dtucker | |||
| 2010-01-13 | sftp.1: put ls -h in the right place | Jason McIntyre | |
| sftp.c: as above, plus add -p to get/put, and shorten their arg names to keep the help usage nicely aligned ok djm | |||
| 2010-01-13 | don't append a space after inserting a completion of a directory (i.e. | Damien Miller | |
| a path ending in '/') for a slightly better user experience; ok dtucker@ | |||
| 2010-01-13 | avoid run-time failures when specifying hostkeys via a relative | Damien Miller | |
| path by prepending the cwd in these cases; bz#1290; ok dtucker@ | |||
| 2010-01-13 | support '-h' (human-readable units) for sftp's ls command, just like | Damien Miller | |
| ls(1); ok dtucker@ | |||
| 2010-01-13 | Make HostBased authentication work with a ProxyCommand. bz #1569, patch | Darren Tucker | |
| from imorgan at nas nasa gov, ok djm@ | |||
| 2010-01-13 | Ignore and log any Protocol 1 keys where the claimed size is not equal to | Darren Tucker | |
| the actual size. Noted by Derek Martin, ok djm@ | |||
| 2010-01-13 | Fix a couple of typos/mispellings in comments | Darren Tucker | |
| 2010-01-12 | Add explicit stat so we reliably detect nologin with bad perms. ok djm markus | Darren Tucker | |
| 2010-01-12 | add a buffer_get_string_ptr_ret() that does the same as | Damien Miller | |
| buffer_get_string_ptr() but does not fatal() on error; ok dtucker@ | |||
| 2010-01-12 | Do not allow logins if /etc/nologin exists but is not readable by the user | Darren Tucker | |
| logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@ | |||
| 2010-01-12 | delete with extreme prejudice a debug() that fired with every keypress; | Damien Miller | |
| ok dtucker deraadt | |||
| 2010-01-12 | avoid spinning when fd passing on nonblocking sockets by calling poll() | Damien Miller | |
| in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@ | |||
| 2010-01-12 | Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. | Darren Tucker | |
| Patch from joachim joachimschipper nl. | |||
| 2010-01-11 | when converting keys, truncate key comments at 72 chars as per RFC4716; | Damien Miller | |
| bz#1630 reported by tj AT castaglia.org; ok markus@ | |||
| 2010-01-11 | Do not prompt for a passphrase if we fail to open a keyfile, and log the | Darren Tucker | |
| reason the open failed to debug. bz #1693, found by tj AT castaglia org, ok djm@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |