| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2008-08-02 | whitepsace -> whitespace. From Matthew Clarke via bugs@. | Kenneth R Westerback | |
| 2008-07-31 | don't allocate space for empty banners; report t8m at centrum.cz; ok deraadt | Markus Friedl | |
| 2008-07-25 | In random art visualization, make sure to use the end marker only at the | Alexander von Gernler | |
| end. Initial diff by Dirk Loss, tweaks and ok djm@ | |||
| 2008-07-25 | Add VisualHostKey to example file, ok djm@ | Alexander von Gernler | |
| 2008-07-24 | Add "ssh-keygen -F -l" to synopsis (displays fingerprint from | Stuart Henderson | |
| known_hosts). ok djm@ | |||
| 2008-07-23 | do not try to print options that have been compile-time disabled | Damien Miller | |
| in config test mode (sshd -T); report from nix-corp AT esperi.org.uk ok dtucker@ | |||
| 2008-07-21 | openssh-5.1 | Damien Miller | |
| 2008-07-18 | no need for .Pp before or after .Sh; | Jason McIntyre | |
| 2008-07-17 | strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes | Damien Miller | |
| report and patch from res AT qoxp.net (bz#1200); ok markus@ | |||
| 2008-07-17 | strnvis preauth banner; pointed out by mpf@ ok markus@ | Damien Miller | |
| 2008-07-16 | this loop index should be automatic, not static | Damien Miller | |
| 2008-07-16 | rename variable first_gc -> last_gc (since it is actually the last | Damien Miller | |
| in the list). | |||
| 2008-07-15 | number of pipelined requests is not 64; prodded by Iain.Morgan AT nasa.gov | Damien Miller | |
| 2008-07-14 | mention requirement for /dev/log inside chroot when using sftp-server | Damien Miller | |
| with ChrootDirectory | |||
| 2008-07-13 | increase number of piplelined requests so they properly fill the | Damien Miller | |
| (recently increased) channel window. prompted by rapier AT psc.edu; ok markus@ | |||
| 2008-07-13 | use struct sockaddr_storage instead of struct sockaddr for accept(2) | Damien Miller | |
| address argument. from visibilis AT yahoo.com in bz#1485; ok markus@ | |||
| 2008-07-13 | Change "ssh-keygen -F [host] -l" to not display random art unless | Stuart Henderson | |
| -v is also specified, making it consistent with the manual and other uses of -l. ok grunk@ | |||
| 2008-07-12 | better description for -i flag: | Damien Miller | |
| s/RSA authentication/public key authentication/ | |||
| 2008-07-12 | unbreak; move clearing of cctx struct to before first use | Damien Miller | |
| reported by dkrause@ | |||
| 2008-07-10 | sync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@ | Markus Friedl | |
| 2008-07-10 | missing bzero; from mickey; ok djm@ | Markus Friedl | |
| 2008-07-07 | /*NOTREACHED*/ for lint warning: | Kevin Steves | |
| warning: function key_equal falls off bottom without returning value ok djm@ | |||
| 2008-07-07 | we don't need arg after the debug3() was removed. from lint. | Kevin Steves | |
| ok djm@ | |||
| 2008-07-05 | grammar | Damien Miller | |
| 2008-07-04 | Make protocol 1 MaxAuthTries logic match protocol 2's. | Damien Miller | |
| Do not treat the first protocol 2 authentication attempt as a failure IFF it is for method "none". Makes MaxAuthTries' user-visible behaviour identical for protocol 1 vs 2. ok dtucker@ | |||
| 2008-07-04 | handle EINTR in packet_write_poll()l ok dtucker@ | Damien Miller | |
| 2008-07-04 | Make debug a little clearer. ok djm@ | Darren Tucker | |
| 2008-07-04 | support negation of groups in "Match group" block (bz#1315); ok dtucker@ | Damien Miller | |
| 2008-07-03 | avoid nasty double free; ok dtucker@ djm@ | Otto Moerbeek | |
| 2008-07-02 | When forking after authentication ("ssh -f") with ExitOnForwardFailure | Damien Miller | |
| enabled, delay the fork until after replies for any -R forwards have been seen. Allows for robust detection of -R forward failure when using -f (similar to bz#92); ok dtucker@ | |||
| 2008-07-02 | really really remove the freebie "none" auth try for protocol 2 | Damien Miller | |
| 2008-07-02 | Make protocol 2 MaxAuthTries behaviour a little more sensible: | Damien Miller | |
| Check whether client has exceeded MaxAuthTries before running an authentication method and skip it if they have, previously it would always allow one try (for "none" auth). Preincrement failure count before post-auth test - previously this checked and postincremented, also to allow one "none" try. Together, these two changes always count the "none" auth method which could be skipped by a malicious client (e.g. an SSH worm) to get an extra attempt at a real auth method. They also make MaxAuthTries=0 a useful way to block users entirely (esp. in a sshd_config Match block). Also, move sending of any preauth banner from "none" auth method to the first call to input_userauth_request(), so worms that skip the "none" method get to see it too. | |||
| 2008-07-02 | Merge duplicate host key file checks, based in part on a patch from Rob | Darren Tucker | |
| Holland via bz #1348 . Also checks for non-regular files during protocol 1 RSA auth. ok djm@ | |||
| 2008-07-02 | increase default size of ssh protocol 1 ephemeral key from 768 to 1024 | Damien Miller | |
| bits; prodded by & ok dtucker@ ok deraadt@ | |||
| 2008-07-01 | fix some typos; ok djm@ | Kevin Steves | |
| 2008-07-01 | Send CR LF during protocol banner exchanges, but only for Protocol 2 only, | Darren Tucker | |
| in order to comply with RFC 4253. bz #1443, ok djm@ | |||
| 2008-07-01 | Check ExitOnForwardFailure if forwardings are disabled due to a failed | Darren Tucker | |
| host key check. ok djm@ | |||
| 2008-06-30 | clarify that eow@openssh.com is only sent on session channels | Damien Miller | |
| 2008-06-30 | only send eow@openssh.com notifications for session channels; ok! markus@ | Damien Miller | |
| 2008-06-30 | only pass channel requests on session channels through to the session | Damien Miller | |
| channel handler, avoiding spurious log messages; ok! markus@ | |||
| 2008-06-30 | typo: s/constraint_date/constraint_data/ | Damien Miller | |
| 2008-06-29 | protocol 2 key blobs are strings, not byte arrays | Damien Miller | |
| 2008-06-28 | document the protocol used by ssh-agent; "looks ok" markus@ | Damien Miller | |
| 2008-06-28 | reset global compat flag after processing a protocol 2 signature | Damien Miller | |
| request with the legacy DSA encoding flag set; ok markus | |||
| 2008-06-28 | revert accidental commit (nearly 2 months ago!) that | Damien Miller | |
| unconditionally enabled -Werror and -g | |||
| 2008-06-28 | refuse to add a key that has unknown constraints specified; | Damien Miller | |
| ok markus | |||
| 2008-06-28 | spelling fixes | Damien Miller | |
| 2008-06-26 | add VisualHostKey to the list of options listed in -o; | Jason McIntyre | |
| 2008-06-26 | Move SSH Fingerprint Visualization away from sharing the config option | Alexander von Gernler | |
| CheckHostIP to an own config option named VisualHostKey. While there, fix the behaviour that ssh would draw a random art picture on every newly seen host even when the option was not enabled. prodded by deraadt@, discussions, help and ok markus@ djm@ dtucker@ | |||
| 2008-06-26 | when loading moduli from /etc/moduli in sshd(8), check that they | Damien Miller | |
| are of the expected "safe prime" structure and have had appropriate primality tests performed; feedback and ok dtucker@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |