Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-04-08 | init pointers with NULL, thanks to danimal@danimal.org | Markus Friedl | |
2001-04-08 | leave_raw_mode if ssh2 "session" is closed | Markus Friedl | |
2001-04-08 | KNF | Markus Friedl | |
2001-04-07 | Small changes, user-friendly: | Marc Espie | |
- just warn if hints file holds duplicates. So what ? We sure can't use uniq to remove those. - on the other hand, warn in verbose mode if main file holds nodes that are not in hints file. Ok millert@ | |||
2001-04-07 | allow the ssh client act as a SOCKS4 proxy (dynamic local portforwarding). | Markus Friedl | |
work by Dan Kaminsky <dankamin@cisco.com> and me. thanks to Dan for this great patch: use 'ssh -D 1080 host' and make netscape use localhost:1080 as a socks proxy. | |||
2001-04-06 | in addition to: | Kevin Steves | |
ListenAddress host|ipv4_addr|ipv6_addr permit: ListenAddress [host|ipv4_addr|ipv6_addr]:port ListenAddress host|ipv4_addr:port sshd.8 updates coming. ok markus@ | |||
2001-04-06 | unused; typo in comment | Kevin Steves | |
2001-04-06 | do gid/groups-swap in addition to uid-swap, should help if /home/group | Markus Friedl | |
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this. | |||
2001-04-06 | remove trailing / from source paths; fixes pr#1756 | Theo de Raadt | |
2001-04-05 | keep the ssh session even if there is no active channel. | Markus Friedl | |
this is more in line with the protocol spec and makes ssh -N -L 1234:server:110 host more useful. based on discussion with <mats@mindbright.se> long time ago and recent mail from <res@shore.net> | |||
2001-04-05 | don't request a session for 'ssh -N', pointed out slade@shore.net | Markus Friedl | |
2001-04-05 | better error message | Markus Friedl | |
2001-04-05 | for ~R print message if server does not support rekeying. (and fix ~R). | Markus Friedl | |
2001-04-05 | document RCS $OpenBSD matching; adrian@ubergeeks.com | Theo de Raadt | |
2001-04-05 | move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@ | Kevin Steves | |
2001-04-05 | ssh defaults to protocol v2; from quisar@quisar.ambre.net | Markus Friedl | |
2001-04-05 | add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions. | Markus Friedl | |
2001-04-05 | fix whitespace: unexpand + trailing spaces. | Markus Friedl | |
2001-04-05 | temporary version 2.5.4 (supports rekeying). | Markus Friedl | |
this is not an official release. | |||
2001-04-05 | reset compress state per direction when rekeying. | Markus Friedl | |
2001-04-05 | 2.3.x does old GEX, too; report jakob@ | Markus Friedl | |
2001-04-04 | clear+free keys,iv for rekeying. | Markus Friedl | |
+ fix DH mem leaks. ok niels@ | |||
2001-04-04 | parse full kexinit packet. | Markus Friedl | |
make server-side more robust, too. | |||
2001-04-04 | we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ | Markus Friedl | |
2001-04-04 | more robust rekeying | Markus Friedl | |
don't send channel data after rekeying is started. | |||
2001-04-04 | f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov | Markus Friedl | |
2001-04-04 | enable server side rekeying + some rekey related clientup. | Markus Friedl | |
todo: we should not send any non-KEX messages after we send KEXINIT | |||
2001-04-04 | don't sent multiple kexinit-requests. | Markus Friedl | |
send newkeys, block while waiting for newkeys. fix comments. | |||
2001-04-04 | enable client rekeying | Markus Friedl | |
(1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0 | |||
2001-04-03 | undo parts of recent my changes: main part of keyexchange does not | Markus Friedl | |
need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying. | |||
2001-04-03 | id_rsa1/2 -> id_rsa; ok markus@ | Todd T. Fries | |
2001-04-03 | move kex to kex*.c, used dispatch_set() callbacks for kex. should | Markus Friedl | |
make rekeying easier. | |||
2001-04-03 | free() -> xfree() | Kevin Steves | |
2001-04-02 | grammar; slade@shore.net | Theo de Raadt | |
2001-04-02 | correct comment; ok markus@ | Kevin Steves | |
2001-04-02 | typo; ok markus@ | Kevin Steves | |
2001-03-31 | Make this work again, this might be ugly, but it works; bad mickey. | Federico G. Schwindt | |
2001-03-30 | Use stashed user_gid when checking against exempt gid since sudo | Todd C. Miller | |
sets its gid to SUDOERS_GID, making getgid() return that, not the real gid. FIxes problem with setting exempt group == SUDOERS_GID. Fix from Paul Kranenburg. | |||
2001-03-29 | Protocol 1 key regeneration log => verbose, some KNF; ok markus@ | Damien Miller | |
2001-03-29 | prepare for rekeying: move DH code to dh.c | Markus Friedl | |
2001-03-29 | need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@ | Kevin Steves | |
2001-03-29 | Pretty. | Aaron Campbell | |
2001-03-29 | use recommended defaults | Niels Provos | |
2001-03-28 | check auth_root_allowed for kbd-int auth, too. | Markus Friedl | |
2001-03-28 | more sanity checking on primes file | Niels Provos | |
2001-03-28 | forgot to include min and max params in hash, okay markus@ | Niels Provos | |
2001-03-28 | call refuse() before close(); from olemx@ans.pl | Markus Friedl | |
2001-03-28 | usage more like rcp and add missing -B to usage; ok markus@ | Kevin Steves | |
2001-03-28 | start to sync scp closer to rcp; ok markus@ | Kevin Steves | |
2001-03-27 | Get rid of bogus .UC macro, likely an artifact of old mdoc conversions. | Aaron Campbell | |