| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
authentication cookies to avoid fallback in X11 code to fully-trusted
implicit authentication using SO_PEERCRED described at:
http://lists.x.org/archives/xorg-devel/2010-May/008636.html
After the X11ForwardTimeout has expired the client will now refuse
incoming X11 channel opens.
based on patch from Tavis Ormandy; "nice" markus@
|
|
after authentication is successful to mitigate "phishing" attacks by
servers with trusted keys that accept authentication silently and
automatically before presenting fake password/passphrase prompts;
"nice!" markus@
|
|
PermitEmptyPasswords=no;
|
|
internal-sftp accidentally introduced in r1.253 by removing the code
that opens and dup /dev/null to stderr and modifying the channels code
to read stderr but discard it instead; ok markus@
|
|
forwards per direction; ok markus@ stevesk@
|
|
|
|
bz#1571; ok dtucker@
|
|
based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@
|
|
keyfiles. These messages will be sent after the user has successfully
authenticated (where our client will display them with LogLevel=debug).
bz#1554; ok dtucker@
|
|
files to include "progname: filename: error reason"
bz#1783; ok dtucker@
|
|
AuthorizedKeysFile AuthorizedPrincipalsFile
HostbasedUsesNameFromPacketOnly PermitTunnel
bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
|
|
anicka AT suse.cz
|
|
NULL); bz#1564 from Jan.Pechanec AT Sun.COM
|
|
their pathnames. bz#1655 reported by vgiffin AT apple.com
|
|
sizeof(state) with sizeof(*state). This worked by accident since
the struct contained a single int at present, but could have broken
in the future. patch from hyc AT symas.com
|
|
from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@
|
|
|
|
certificates. The logic is that if another implementation fails to
implement them then the connection just loses features rather than fails
outright.
ok markus@
|
|
reported by henning@ also bz#1765; ok markus@ dtucker@
|
|
use with
LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
feedback and ok djm@
|
|
Prevents misordering of replies if new requests arrive while waiting.
Extend channel open confirm callback to allow signalling failure
conditions as well as success. Use this to 1) fix a memory leak, 2)
start using the above pause mechanism and 3) delay sending a success/
failure message on mux slave session open until we receive a reply from
the server.
motivated by and with feedback from markus@
|
|
grafting it on
|
|
|
|
|
|
in certificates. Currently, a certificate must include the a user's name
to be accepted for authentication. This change adds the ability to
specify a list of certificate principal names that are acceptable.
When authenticating using a CA trusted through ~/.ssh/authorized_keys,
this adds a new principals="name1[,name2,...]" key option.
For CAs listed through sshd_config's TrustedCAKeys option, a new config
option "AuthorizedPrincipalsFile" specifies a per-user file containing
the list of acceptable names.
If either option is absent, the current behaviour of requiring the
username to appear in principals continues to apply.
These options are useful for role accounts, disjoint account namespaces
and "user@realm"-style naming policies in certificates.
feedback and ok markus@
|
|
found by Kenneth Whitaker, ok djm@
|
|
|
|
reference to function that accepts sig_atomic_t*. Convert it to
the latter; ok markus@ dtucker@
|
|
since we would refuse to use them anyway. bz#1516; ok dtucker@
|
|
avoids hangs if a subsystem or shell initialisation writes to stderr.
bz#1750; ok markus@
|
|
This causes the channel to close normally when its fds close and
hangs when terminating a mux slave using ~. bz#1758; ok markus@
|
|
inaccessible while trying to create .ssh directory. Based on patch
from jchadima AT redhat.com; ok dtucker@
|
|
|
|
|
|
|
|
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
|
|
attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
ok djm@
|
|
ok deraadt markus
|
|
|
|
between certs and plain keys as the path to the private key is usually
the same.
|
|
stuck client if the server refuses pty allocation.
ok dtucker@ "think so" markus@
|
|
a CA key
|
|
is not a tty; ok dtucker@ markus@
|
|
|
|
|
|
argument to allow skipping past values in a buffer
|
|
implies ", " is acceptable as a separator, which it's not. ok djm@
|
|
|
