summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2012-07-10Turn on systrace sandboxing of pre-auth sshd by default for new installsDamien Miller
2012-07-06missing full stop in usage();Jason McIntyre
2012-07-06move setting of tty_flag to after config parsing so RequestTTY optionsDamien Miller
2012-07-06fix memory leak of passed-in environment variables and connectionDamien Miller
2012-07-06Add options to specify starting line number and number of lines to processDarren Tucker
2012-07-02fix a couple of "assigned but not used" warnings. ok markus@Darren Tucker
2012-07-02set interactive ToS for forwarded X11 sessions. ok djm@Darren Tucker
2012-06-30fix a during the load of the sandbox policies (child can still makeMarkus Friedl
2012-06-29match the documented MAC order of preference to the actual one; ok dtucker@Christian Weisgerber
2012-06-28Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removedDarren Tucker
2012-06-26Add mquery to the list of allowed syscalls for "UsePrivilegeSeparationDarren Tucker
2012-06-22Remove unused variable leftover from tab-completion changes.Darren Tucker
2012-06-22remove dead code following 'for (;;)' loops.Darren Tucker
2012-06-21fix strlcpy truncation check. from carsten at debian org, ok markusDarren Tucker
2012-06-20initialise accept() backoff timer to avoid EINVAL from select(2) inDamien Miller
2012-06-19tweak previous; ok markusJason McIntyre
2012-06-19sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}Markus Friedl
2012-06-18Clarify description of -W. Noted by Steve.McClellan at radisys com, ok jmcDarren Tucker
2012-06-18Remove mention of 'three' key files since there are now four. FromDarren Tucker
2012-06-18RSA instead of DSA twice. From Steve.McClellan at radisys comDarren Tucker
2012-06-18correct sizeof usage. patch from saw at online.de, ok deraadtDarren Tucker
2012-06-01fix memory leak when mux socket creation fails; bz#2002 from bert.wesargDamien Miller
2012-06-01correct types of port numbers (integers, not strings); bz#2004 fromDamien Miller
2012-05-23add support for RFC6594 SSHFP DNS records for ECDSA key types.Damien Miller
2012-05-19Document PermitOpen none. bz#2001, patch from Loganaden VelvindronDarren Tucker
2012-05-13Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust testsDarren Tucker
2012-04-23fix function proto/source mismatchDamien Miller
2012-04-20use "brackets" instead of "braces", for consistency;Jason McIntyre
2012-04-20setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)Damien Miller
2012-04-12mention AuthorizedPrincipalsFile=none defaultDamien Miller
2012-04-12VersionAddendum option to allow server operators to append some arbitraryDamien Miller
2012-04-11now that sshd defaults to offering ECDSA keys, ssh-keyscan should alsoDamien Miller
2012-04-11don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for aDamien Miller
2012-04-11Support "none" as an argument for AuthorizedPrincipalsFile to indicateDamien Miller
2012-04-11don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for aDamien Miller
2012-03-29Add PermitOpen none option based on patch from Loganaden VelvindronDarren Tucker
2012-03-28explain certificate extensions/crit split rationale. Mention requirementDamien Miller
2012-03-15root should always be excluded from the test for /etc/nologin insteadPhilip Guenthe
2012-02-29allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@Damien Miller
2012-02-09move from 6.0-beta to 6.0Markus Friedl
2012-01-25packet_read_poll() is not used anymore.Markus Friedl
2012-01-25memleak in key_load_file(); from Jan KlemkowMarkus Friedl
2012-01-25do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;Markus Friedl
2012-01-18Ensure that $DISPLAY contains only valid characters before using it toDarren Tucker
2012-01-16Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.Miod Vallat
2012-01-08Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron, ok markus@Miod Vallat
2012-01-07fix double-free in new session handlerDamien Miller
2012-01-05memleak on error pathDamien Miller
2011-12-07fix some harmless and/or unreachable int overflows;Damien Miller
2011-12-04revert:Damien Miller