summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2016-01-29include packet type of non-data packets in debug3 output;Damien Miller
2016-01-29Revert "account for packets buffered but not yet processed" change as itDarren Tucker
2016-01-29Allow RekeyLimits in excess of 4G up to 2**63 bits (limited by the returnDarren Tucker
2016-01-29Account for packets buffered but not yet processed when computing whether orDarren Tucker
2016-01-27change old $FreeBSD version string in comment so it doesn't become anDamien Miller
2016-01-27make the debug messages a bit more useful hereDamien Miller
2016-01-23Zero a stack buffer with explicit_bzero() instead of memset() whenJonathan Gray
2016-01-20Include sys/time.h for gettimeofday. From sortie at maxsi.org.Darren Tucker
2016-01-14fd leaks; report Qualys Security Advisory team; ok deraadt@Markus Friedl
2016-01-14remove roaming support; ok djm@Markus Friedl
2016-01-14Disable experimental client-side roaming support. Server side wasTheo de Raadt
2016-01-13eliminate fallback from untrusted X11 forwarding to trustedDamien Miller
2016-01-12use explicit_bzero() more liberally in the buffer code; ok deraadtDamien Miller
2015-12-31fix three bugs in KRL code related to (unused) signature support:Damien Miller
2015-12-30unused prototypeDamien Miller
2015-12-26Use pread/pwrite instead separate lseek+read/write for lastlog.Philip Guenther
2015-12-26adjust pledge promises for ControlMaster: when using "ask" or "autoask", the ...Sebastien Marie
2015-12-13unbreak connections with peers that set first_kex_follows;Damien Miller
2015-12-11Add "id" to ssh-agent pledge for subprocess support.Doug Hogan
2015-12-11Remove NULL-checks before sshbuf_free().mmcc
2015-12-11include remote port number in a few more messages; makes tying logDamien Miller
2015-12-11don't try to load SSHv1 private key when compiled without SSHv1Damien Miller
2015-12-11use SSH_MAX_PUBKEY_BYTES consistently as buffer size when reading keyDamien Miller
2015-12-11Remove NULL-checks before sshkey_free().mmcc
2015-12-11fflush stdout so that output is seen even when running in debug mode whenDarren Tucker
2015-12-11correct error messages; from Tomas Kuthan bz#2507Damien Miller
2015-12-11Pass (char *)NULL rather than (char *)0 to execl and execlp.mmcc
2015-12-10Remove NULL-checks before free().mmcc
2015-12-10Fix a couple "the the" typos. ok dtucker@mmcc
2015-12-07stricter encoding type checks for ssh-rsa; ok djm@Markus Friedl
2015-12-05prefer rsa-sha2-512 over -256 for hostkeys, too; noticed by naddy@Markus Friedl
2015-12-04Properly handle invalid %-format by calling fatal.Tobias Stoeckmann
2015-12-04implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)Markus Friedl
2015-12-04clean up agent_fd handling; properly initialise it to -1 andDamien Miller
2015-12-03pledges ssh client:Sebastien Marie
2015-12-02Add "cpath" to the ssh-agent pledge so the cleanup handler can unlink().Doug Hogan
2015-12-02ssh-agent pledge needs proc for askpass; spotted by todd@Damien Miller
2015-12-01basic pledge() for ssh-agent, more refinement neededDamien Miller
2015-11-29pledge, better fatal() messages; feedback deraadt@Damien Miller
2015-11-28do not leak temp file if there is no known_hosts fileTheo de Raadt
2015-11-28don't include port number in tcpip-forward replies for requestsDamien Miller
2015-11-27pledge "stdio rpath wpath cpath fattr tty proc exec" except for theTheo de Raadt
2015-11-20allow comment change for all supported formatsAlexander Hall
2015-11-20add cast to make -Werror cleanDamien Miller
2015-11-19ban ConnectionAttempts=0, it makes no sense and would causeDamien Miller
2015-11-19trailing whitespaceDamien Miller
2015-11-19print host certificate contents at debug levelDamien Miller
2015-11-19move the certificate validity formatting code to sshkey.[ch]Damien Miller
2015-11-18fix "ssh-keygen -l" of private key, broken in support forDamien Miller
2015-11-16Replace remaining calls to index(3) with strchr(3). OK jca@ krw@Todd C. Miller