| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2009-02-02 | Initialize a few variables to prevent spurious "may be used uninitialized" | Darren Tucker | |
| warnings from newer gcc's. ok djm@ | |||
| 2009-01-26 | Work around the CPNI-957037 Plaintext Recovery Attack by always | Markus Friedl | |
| reading 256K of data on packet size or HMAC errors (in CBC mode only). Help, feedback and ok djm@ Feedback from Martin Albrecht and Paterson Kenny | |||
| 2009-01-24 | sync list of preferred ciphers; ok djm@ | Christian Weisgerber | |
| 2009-01-23 | prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC | Damien Miller | |
| modes; ok markus@ | |||
| 2009-01-22 | another chunk of a2port() diff that got away. wtfdjm?? | Damien Miller | |
| 2009-01-22 | make a2port() return -1 when it encounters an invalid port number | Damien Miller | |
| rather than 0, which it will now treat as valid (needed for future work) adjust current consumers of a2port() to check its return value is <= 0, which in turn required some things to be converted from u_short => int make use of int vs. u_short consistent in some other places too feedback & ok markus@ | |||
| 2009-01-22 | oops! I committed the wrong version of the Channel->path diff, | Damien Miller | |
| it was missing some tweaks suggested by stevesk@ | |||
| 2009-01-22 | make Channel->path an allocated string, saving a few bytes here and | Damien Miller | |
| there and fixing bz#1380 in the process; ok markus@ | |||
| 2009-01-15 | 1) use obsolete instead of alias for consistency | Kevin Steves | |
| 2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is so move the comment. 3) reorder so like options are together ok djm@ | |||
| 2009-01-14 | support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482; | Damien Miller | |
| "looks ok" markus@ | |||
| 2009-01-01 | fix hash calculation for KEXGEX: hash over the original client-supplied | Damien Miller | |
| values and not the sanity checked versions that we acutally use; bz#1540 reported by john.smith AT arrows.demon.co.uk ok markus@ | |||
| 2009-01-01 | call channel destroy callbacks on receipt of open failure messages. | Damien Miller | |
| fixes client hangs when connecting to a server that has MaxSessions=0 set spotted by imorgan AT nas.nasa.gov; ok markus@ | |||
| 2008-12-30 | add AllowAgentForwarding to available Match keywords list | Okan Demirmen | |
| ok djm | |||
| 2008-12-29 | no need to escape single quotes in comments | Kevin Steves | |
| 2008-12-29 | fix example, default key type is rsa for 3+ years; from | Kevin Steves | |
| frederic.perrin@resel.fr | |||
| 2008-12-10 | o cannot be NULL here but use xfree() to be consistent; ok djm@ | Kevin Steves | |
| 2008-12-09 | fix typo in error message | Kevin Steves | |
| 2008-12-09 | update for the synopses displayed by the 'help' command, there are a | Igor Sobrado | |
| few missing flags; add 'bye' to the output of 'help'; sorting and spacing. jmc@ suggested replacing .Oo/.Oc with a single .Op macro. ok jmc@ | |||
| 2008-12-09 | replace by-hand string building with xasprinf(); ok deraadt@ | Damien Miller | |
| 2008-12-09 | channel_print_adm_permitted_opens() should deal with all the printing | Kevin Steves | |
| for that config option. suggested by markus@; ok markus@ djm@ dtucker@ | |||
| 2008-12-09 | correct sftp(1) and corresponding usage syntax; | Damien Miller | |
| bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@ | |||
| 2008-12-09 | correct sftp(1) and corresponding usage syntax; | Damien Miller | |
| bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@ | |||
| 2008-12-09 | don't leave junk (free'd) pointers around in Forward *fwd argument on | Damien Miller | |
| failure; avoids double-free in ~C -L handler when given an invalid forwarding specification; bz#1539 report from adejong AT debian.org via Colin Watson; ok markus@ dtucker@ | |||
| 2008-12-09 | Deal correctly with failures in remote stat() operation in sftp, | Damien Miller | |
| correcting fail-on-error behaviour in batchmode. bz#1541 report and fix from anedvedicky AT gmail.com; ok markus@ | |||
| 2008-12-09 | The ~C escape handler does not work correctly for multiplexed sessions - | Damien Miller | |
| it opens a commandline on the master session, instead of on the slave that requested it. Disable it on slave sessions until such time as it is fixed; bz#1543 report from Adrian Bridgett via Colin Watson ok markus@ | |||
| 2008-12-02 | s/remote_id/id/ to be more consistent with other code; ok djm@ | Markus Friedl | |
| 2008-12-02 | backout 1.149, since it's not necessary and openssh clients send | Markus Friedl | |
| broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@ | |||
| 2008-12-02 | we have to use the recipient's channel number (RFC 4254) for | Markus Friedl | |
| SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages, otherwise we trigger 'Non-public channel' error messages on sshd systems with clientkeepalive enabled; noticed by sturm; ok djm; | |||
| 2008-11-30 | Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@ | Darren Tucker | |
| 2008-11-21 | packet_disconnect() on padding error, too. should reduce the success | Markus Friedl | |
| probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18 ok djm@ | |||
| 2008-11-11 | for sshd -T print 'permitopen any' vs. 'permitopen' for case of no | Kevin Steves | |
| permitopen's; ok and input dtucker@ | |||
| 2008-11-11 | USE_AFS not referenced so remove #ifdef. fixes sshd -T not printing | Kevin Steves | |
| kerberosgetafstoken. ok dtucker@ | |||
| 2008-11-09 | typo fixed (overriden -> overridden) | Tobias Stoeckmann | |
| ok espie, jmc | |||
| 2008-11-07 | Move JPAKE define to make life easier for portable. ok djm@ | Darren Tucker | |
| 2008-11-07 | add space to some log/debug messages for readability; ok djm@ markus@ | Kevin Steves | |
| 2008-11-07 | spelling/typo in comment | Kevin Steves | |
| 2008-11-05 | passord -> password; | Jason McIntyre | |
| fixes user/5975 from Rene Maroufi | |||
| 2008-11-05 | add dynamic forward escape command line; ok djm@ | Kevin Steves | |
| 2008-11-04 | because parse_forward() is now used to parse all forward types (DLR), | Kevin Steves | |
| and it malloc's space for host variables, we don't need to malloc here. fixes small memory leaks. previously dynamic forwards were not parsed in parse_forward() and space was not malloc'd in that case. ok djm@ | |||
| 2008-11-04 | Add support for an experimental zero-knowledge password authentication | Damien Miller | |
| method using the J-PAKE protocol described in F. Hao, P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols, Cambridge, April 2008. This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint. This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc). "just commit it. It isn't too intrusive." deraadt@ | |||
| 2008-11-04 | need unistd.h for close() prototype | Damien Miller | |
| 2008-11-03 | include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov | Damien Miller | |
| 2008-11-03 | fix comment | Kevin Steves | |
| 2008-11-03 | remove valueless comment | Kevin Steves | |
| 2008-11-02 | protocol 2 tty modes support is now 7.5 years old so remove these | Kevin Steves | |
| debug3()s; ok deraadt@ | |||
| 2008-11-01 | merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@ | Kevin Steves | |
| 2008-11-01 | the ellipsis is not an optional argument; while here, improve spacing. | Igor Sobrado | |
| 2008-11-01 | fix some typos in log messages; ok djm@ | Kevin Steves | |
| 2008-11-01 | sprinkle ARGSUSED on dispatch handlers | Damien Miller | |
| nuke stale unusued prototype | |||
| 2008-10-31 | remove unused #define DISPATCH_MIN; ok markus@ | Kevin Steves | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |