summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Collapse)Author
2006-10-11exit instead of doing a blocking tcp send if we detect a client/server timeout,Markus Friedl
since the tcp sendqueue might be already full (of alive requests); ok dtucker, report mpf
2006-10-10sleep before retrying (not after) since sleep changes errno; fixesMarkus Friedl
pr 5250; rad@twig.com; ok dtucker djm
2006-10-09xmalloc -> xcalloc that was missed previously, from portableDamien Miller
2006-10-06sys/resource.h needs sys/time.h; prompted by brad@Damien Miller
2006-09-30Clear errno before calling the strtol functions.Ray Lai
From Paul Stoeber <x0001 at x dot de1 dot cc>. OK deraadt@.
2006-09-25Change "a SSH" to "an SSH". Hurray, I'm not the only one whoRay Lai
pronounces "SSH" as "ess-ess-aich". OK jmc@ and stevesk@.
2006-09-19client NULL deref on protocol error; Tavis Ormandy, Google Security TeamMarkus Friedl
2006-09-19Use S_IS* macros insted of masking with S_IF* flags. The latter mayOtto Moerbeek
have multiple bits set, which lead to surprising results. Spotted by Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@
2006-09-16limit maximum work performed by the CRC compensation attack detector,Damien Miller
problem reported by Tavis Ormandy, Google Security Team; ok markus@ deraadt@
2006-08-30crank to 4.4Damien Miller
2006-08-30Fix regression where SSH2 banner is printed at loglevels ERROR and FATALDarren Tucker
where previously it weren't. bz #1221, found by Dean Kopesky, ok djm@
2006-08-29Work around a problem in Heimdal that occurs when KRB5CCNAME file isDarren Tucker
missing, by checking whether or not kerberos allocated us a context before attempting to free it. Patch from Simon Wilkinson, tested by biorn@, ok djm@
2006-08-29normalise some inconsistent (but harmless) NULL pointer checksDamien Miller
spotted by the Stanford SATURN tool, via Isil Dillig; ok markus@ deraadt@
2006-08-21Add more detail about what permissions are and aren't accepted forDarren Tucker
authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
2006-08-21Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, ok jmc@ djm@Darren Tucker
2006-08-18GSSAPI error code should be 0 and not -1; from simon@sxw.org.ukDamien Miller
2006-08-18constify host argument to match the rest of the GSSAPI functions andDamien Miller
unbreak compilation with -Werror
2006-08-18bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.ukDamien Miller
ok markus@
2006-08-18reorder so prototypes are sorted by the files they refer to; noDamien Miller
binary change
2006-08-18delay authentication related cleanups until we're authenticated andMarkus Friedl
all alarms have been cancelled; ok deraadt
2006-08-18make signal handler termination path shorter; risky code pointed out byTheo de Raadt
mark dowd; ok djm markus
2006-08-16factor inetd connection, TCP listen and main TCP accept loop out of main()Damien Miller
into separate functions to improve readability; ok markus@
2006-08-14Add ability to match groups to Match keyword in sshd_config. Feedback djm@,Darren Tucker
stevesk@, ok stevesk@.
2006-08-12Revert previous include file ordering change, for ssh to compile under gcc2Miod Vallat
(or until openssl include files are cleaned of parameter names in function prototypes)
2006-08-06"zlib.h" can be <zlib.h>; ok djm@ markus@Kevin Steves
2006-08-05Typo in commentDarren Tucker
2006-08-05Zap unused variables in -DSKEY code. ok djm@Darren Tucker
2006-08-05Add headers required to build with -DSKEY. ok djm@Darren Tucker
2006-08-05Add headers required to build with KERBEROS5=no. ok djm@Darren Tucker
2006-08-04spacesKevin Steves
2006-08-03almost entirely get rid of the culture of ".h files that include .h files"Theo de Raadt
ok djm, sort of ok stevesk makes the pain stop in one easy step
2006-08-01clean extra spacesKevin Steves
2006-08-01move #include <stdio.h> out of includes.hKevin Steves
2006-08-01Allow fallback to known_hosts entries without port qualifiers forDarren Tucker
non-standard ports too, so that all existing known_hosts entries will be recognised. Requested by, feedback and ok markus@
2006-07-30order includes to KNFKevin Steves
2006-07-27avoid confusing wording in HashKnownHosts:Jason McIntyre
originally spotted by alan amesbury; ok deraadt
2006-07-26move #include <stdlib.h> out of includes.hKevin Steves
2006-07-26move #include <sys/param.h> out of includes.hKevin Steves
2006-07-25move #include <sys/time.h> out of includes.hKevin Steves
2006-07-25need #include <string.h>Kevin Steves
2006-07-24disable tunnel forwarding when no strict host key checkingKevin Steves
and key changed; ok djm@ markus@ dtucker@
2006-07-23#include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>Kevin Steves
move
2006-07-22move #include <string.h> out of includes.hKevin Steves
2006-07-22move #include <time.h> out of includes.hKevin Steves
2006-07-21ARGSUSED for signal handlerKevin Steves
2006-07-21more ARGSUSED (lint) for dispatch table-driven functions; ok djm@Kevin Steves
2006-07-21Make PermitOpen take a list of permitted ports and act more like most otherDarren Tucker
keywords (ie the first match is the effective setting). This also makes it easier to override a previously set PermitOpen. ok djm@
2006-07-20missed some needed #include <unistd.h> when KERBEROS5=no; issue fromKevin Steves
massimo@cedoc.mo.it
2006-07-19Add ForceCommand keyword to sshd_config, equivalent to the "command="Darren Tucker
key option, man page entry and example in sshd_config. Feedback & ok djm@, man page corrections & ok jmc@
2006-07-19Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost toDarren Tucker
Match. ok djm@
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 02:17:47 +0000