| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-04-29 | Allow ListenAddress, Port and AddressFamily in any order. bz#68, | Darren Tucker | |
| ok djm@, jmc@ (for the man page bit). | |||
| 2015-04-28 | enviroment -> environment: apologies to darren for not spotting that first | Jason McIntyre | |
| time round... | |||
| 2015-04-28 | Fix typo in previous | Darren Tucker | |
| 2015-04-28 | Document that the TERM environment variable is not subject to SendEnv | Darren Tucker | |
| and AcceptEnv. bz#2386, based loosely on a patch from jjelen at redhat, help and ok jmc@ | |||
| 2015-04-27 | Make sshd default to PermitRootLogin=no; | Damien Miller | |
| ok deraadt@ rpe@ | |||
| 2015-04-27 | more OPENSSL=no fixes; ok dtucker@ | Damien Miller | |
| 2015-04-27 | fix compilation with OPENSSL=no; ok dtucker@ | Damien Miller | |
| 2015-04-27 | Include stdio.h for FILE (used in sshkey.h) so it compiles with OPENSSL=no. | Darren Tucker | |
| 2015-04-27 | allow "sshd -f none" to skip reading the config file, much like | Damien Miller | |
| "ssh -F none" does. ok dtucker | |||
| 2015-04-24 | combine -Dd onto one line and update usage(); | Jason McIntyre | |
| 2015-04-24 | add ssh-agent -D to leave ssh-agent in foreground without enabling | Damien Miller | |
| debug mode; bz#2381 ok dtucker@ | |||
| 2015-04-24 | 2*len -> use xreallocarray() | Theo de Raadt | |
| ok djm | |||
| 2015-04-24 | rename xrealloc() to xreallocarray() since it follows that form. | Theo de Raadt | |
| ok djm | |||
| 2015-04-23 | Two small fixes for sshd -T: ListenAddress'es are added to a list head so | Darren Tucker | |
| reverse the order when printing them to ensure the behaviour remains the same, and print StreamLocalBindMask as octal with leading zero. ok deraadt@ | |||
| 2015-04-23 | Check for and reject missing arguments for VersionAddendum and ForceCommand. | Darren Tucker | |
| bz#2281, patch from plautrba at redhat com, ok djm@ | |||
| 2015-04-22 | unknown certificate extensions are non-fatal, so don't fatal | Damien Miller | |
| when they are encountered; bz#2387 reported by Bob Van Zant; ok dtucker@ | |||
| 2015-04-21 | Add back a backslash removed in rev 1.42 so KEX_SERVER_ENCRYPT will | Jonathan Gray | |
| include aes again. ok deraadt@ | |||
| 2015-04-17 | s/recommended/required/ that private keys be og-r | Damien Miller | |
| this wording change was made a while ago but got accidentally reverted | |||
| 2015-04-17 | don't try to cleanup NULL KEX proposals in kex_prop_free(); | Damien Miller | |
| found by Jukka Taimisto and Markus Hietava | |||
| 2015-04-17 | use error/logit/fatal instead of fprintf(stderr, ...) and exit(0), | Damien Miller | |
| fix a few errors that were being printed to stdout instead of stderr and a few non-errors that were going to stderr instead of stdout bz#2325; ok dtucker | |||
| 2015-04-17 | debug log missing DISPLAY environment when X11 forwarding | Damien Miller | |
| requested; bz#1682 ok dtucker@ | |||
| 2015-04-17 | don't call record_login() in monitor when UseLogin is enabled; | Damien Miller | |
| bz#278 reported by drk AT sgi.com; ok dtucker | |||
| 2015-04-17 | Add some missing options to sshd -T and fix the output of VersionAddendum | Darren Tucker | |
| HostCertificate. bz#2346, patch from jjelen at redhat com, ok djm. | |||
| 2015-04-16 | Document "none" for PidFile XAuthLocation TrustedUserCAKeys and RevokedKeys. | Darren Tucker | |
| bz#2382, feedback from jmc@, ok djm@ | |||
| 2015-04-15 | Plug leak of address passed to logging. bz#2373, patch from jjelen at redhat, | Darren Tucker | |
| ok markus@ | |||
| 2015-04-14 | Output remote username in debug output since with Host and Match it's not | Darren Tucker | |
| always obvious what it will be. bz#2368, ok djm@ | |||
| 2015-04-13 | deprecate ancient, pre-RFC4419 and undocumented | Damien Miller | |
| SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems reasonable" dtucker@ | |||
| 2015-04-10 | Don't send hostkey advertisments (hostkeys-00@openssh.com) to current | Darren Tucker | |
| versions of Tera Term as they can't handle them. Newer versions should be OK. Patch from Bryan Drewery and IWAMOTO Kouichi, ok djm@ | |||
| 2015-04-10 | include port number if a non-default one has been specified; | Damien Miller | |
| based on patch from Michael Handler | |||
| 2015-04-07 | treat Protocol=1,2|2,1 as Protocol=2 when compiled without SSH1 | Damien Miller | |
| support; ok dtucker@ millert@ | |||
| 2015-04-05 | Do not use int for sig_atomic_t; spotted by christos@netbsd; ok markus@ | Miod Vallat | |
| 2015-04-03 | correct return value in pubkey parsing, spotted by Ben Hawkes | Damien Miller | |
| ok markus@ | |||
| 2015-03-31 | downgrade error() for known_hosts parse errors to debug() to quiet | Damien Miller | |
| warnings from ssh1 keys present when compiled !ssh1. also identify ssh1 keys when scanning, even when compiled !ssh1 ok markus@ miod@ | |||
| 2015-03-31 | fd leak for !ssh1 case; found by unittests; ok markus@ | Damien Miller | |
| 2015-03-31 | don't fatal when a !ssh1 sshd is reexeced from a w/ssh1 listener; | Damien Miller | |
| reported by miod@; ok miod@ markus@ | |||
| 2015-03-31 | Comments are only supported for RSA1 keys. If a user tried to add one and | Tobias Stoeckmann | |
| entered his passphrase, explicitly clear it before exit. This is done in all other error paths, too. ok djm | |||
| 2015-03-30 | ssh-askpass(1) is the default, overridden by SSH_ASKPASS; | Jason McIntyre | |
| diff originally from jiri b; | |||
| 2015-03-30 | fix uninitialised memory read when parsing a config file consisting | Damien Miller | |
| of a single nul byte. Found by hanno AT hboeck.de using AFL; ok dtucker | |||
| 2015-03-26 | sigp and lenp are not optional in ssh_agent_sign(); ok djm@ | Markus Friedl | |
| 2015-03-26 | don't try to load .ssh/identity by default if SSH1 is disabled; ok markus@ | Christian Weisgerber | |
| 2015-03-26 | ban all-zero curve25519 keys as recommended by latest | Damien Miller | |
| CFRG curves draft; ok markus | |||
| 2015-03-26 | relax bits needed check to allow diffie-hellman-group1-sha1 key | Damien Miller | |
| exchange to complete for chacha20-poly1305 was selected as symmetric cipher; ok markus | |||
| 2015-03-25 | ignore v1 errors on ssh-add -D; only try v2 keys on -l/-L (unless WITH_SSH1) | Markus Friedl | |
| ok djm@ | |||
| 2015-03-25 | unbreak ssh_agent_sign (lenp vs *lenp) | Markus Friedl | |
| 2015-03-24 | don't leak 'setp' on error; noted by Nicholas Lemonias; ok djm@ | Markus Friedl | |
| 2015-03-24 | consistent check for NULL as noted by Nicholas Lemonias; ok djm@ | Markus Friedl | |
| 2015-03-24 | correct fmt-string for size_t as noted by Nicholas Lemonias; ok djm@ | Markus Friedl | |
| 2015-03-24 | promote chacha20-poly1305@openssh.com to be the default cipher; | Damien Miller | |
| ok markus | |||
| 2015-03-24 | Compile-time disable SSH protocol 1. You can turn it back on using | Damien Miller | |
| the Makefile.inc knob if you need it to talk to ancient devices. | |||
| 2015-03-24 | fix double-negative error message "ssh1 is not unsupported" | Damien Miller | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |