| Age | Commit message (Collapse) | Author |
|---|
|
[ssh_config.5]
put IgnoreUnknown in the right place;
|
|
[ssh_config.5 readconf.h readconf.c]
add the ability to ignore specific unrecognised ssh_config options;
bz#866; ok markus@
|
|
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
|
|
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
ssh_config.5 packet.h]
Add an optional second argument to RekeyLimit in the client to allow
rekeying based on elapsed time in addition to amount of traffic.
with djm@ jmc@, ok djm
|
|
[ssh-pkcs11-helper.c]
remove unused extern optarg. ok markus@
|
|
[key.c]
memleak in cert_free(), wasn't actually freeing the struct;
bz#2096 from shm AT digitalsun.pl
|
|
|
|
[sshconnect2.c]
fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
|
|
[sftp-server.8]
Reference the version of the sftp draft we actually implement. ok djm@
|
|
[misc.c]
remove extra parens noticed by nicm
|
|
[misc.c]
use xasprintf instead of a series of strlcats and strdup. ok djm
|
|
executed if mktemp failed; bz#2105 ok dtucker@
|
|
we don't get a warning on compilers that *don't* support it. Add
-Wno-unknown-warning-option. Move both to the start of the list for
maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
|
|
underlying libraries support them.
|
|
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
in to use it when we're using our own getopt.
|
|
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
portability code to getopt_long.c and switch over Makefile and the ugly
hack in modpipe.c. Fixes bz#1448.
|
|
portability changes yet.
|
|
getopt.c. Preprocessed source is identical other than line numbers.
|
|
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
|
|
[mux.c]
typo in debug output: evitval->exitval
|
|
[kex.c]
remove duplicated list entry pointed out by naddy@
|
|
[ssh.c]
add -Q to usage; reminded by jmc@
|
|
[authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
[key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
add the ability to query supported ciphers, MACs, key type and KEX
algorithms to ssh. Includes some refactoring of KEX and key type handling
to be table-driven; ok markus@
|
|
[session.c]
reintroduce 1.262 without the connection-killing bug:
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
|
|
[ssh-keygen.c]
fix some memory leaks; bz#2088 ok dtucker@
|
|
[sshd_config.5]
document the requirment that the AuthorizedKeysCommand be owned by root;
ok dtucker@ markus@
|
|
[sftp.c]
make "sftp -q" do what it says on the sticker: hush everything but errors;
|
|
[session.c]
revert rev 1.262; it fails because uid is already set here. ok djm@
|
|
[packet.c]
quiet disconnect notifications on the server from error() back to logit()
if it is a normal client closure; bz#2057 ok+feedback dtucker@
|
|
[sshd.8]
clarify -e text. suggested by & ok jmc@
|
|
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@
|
|
[channels.c sshd.c]
handle ECONNABORTED for accept(); ok deraadt some time ago...
|
|
[mux.c]
cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
(in addition to ones already in OPEN); bz#2079, ok dtucker@
|
|
[pathnames.h]
use the existing _PATH_SSH_USER_RC define to construct the other
pathnames; bz#2077, ok dtucker@ (no binary change)
|
|
[auth2-gss.c krl.c sshconnect2.c]
hush some {unused, printf type} warnings
|
|
[ssh.c]
allow "ssh -f none ..." ok markus@
|
|
[auth.h auth2-chall.c auth2.c monitor.c sshd_config.5]
add submethod support to AuthenticationMethods; ok and freedback djm@
|
|
[auth2-pubkey.c monitor.c]
reconstruct the original username that was sent by the client, which may
have included a style (e.g. "root:skey") when checking public key
signatures. Fixes public key and hostbased auth when the client specified
a style; ok markus@
|
|
[readconf.c]
g/c unused variable (-Wunused)
|
|
[session.c]
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
|
|
- markus@cvs.openbsd.org 2013/03/05 20:16:09
[sshconnect2.c]
reset pubkey order on partial success; ok djm@
|
|
platforms, such as Android, that lack struct passwd.pw_gecos. Report
and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
|
|
unused argument warnings (in particular, -fno-builtin-memset) from clang.
|
|
to GPL3. ok dtucker@
|
|
[ssh.c]
Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
version)
|
|
[sshconnect.c]
support ProxyCommand=- (stdin/out already point to the proxy); ok djm@
|
|
[ssh.c readconf.c readconf.h]
Don't complain if IdentityFiles specified in system-wide configs are
missing. ok djm, deraadt
|
|
[krl.c]
Remove bogus include. ok djm
(id sync only)
|
|
[readconf.c ssh.c readconf.h sshconnect2.c]
Keep track of which IndentityFile options were manually supplied and which
were default options, and don't warn if the latter are missing.
ok markus@
|
|
to avoid conflicting definitions of __int64, adding the required bits.
Patch from Corinna Vinschen.
|
