Age | Commit message (Collapse) | Author |
|
|
|
system sha2.h
|
|
|
|
|
|
|
|
|
|
|
|
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
[openbsd-compat/sha2.c] First stab at portability glue for SHA256
KEX support, should work with libc SHA256 support or OpenSSL
EVP_sha256 if present
|
|
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
Implement the diffie-hellman-group-exchange-sha256 key exchange method
using the SHA256 code in libc (and wrapper to make it into an OpenSSL
EVP), interop tested against CVS PuTTY
NB. no portability bits committed yet
|
|
[ssh_config.5 sshd_config.5]
*AliveCountMax applies to protcol v2 only; ok dtucker, djm
|
|
[canohost.c]
log the originating address and not just the name when a reverse
mapping check fails, requested by linux AT linuon.com
|
|
[authfile.c authfile.h ssh-add.c]
Make ssh-add check file permissions before attempting to load private
key files multiple times; it will fail anyway and this prevents confusing
multiple prompts and warnings. mindrot #1138, ok djm@
|
|
[misc.c ssh_config.5 sshd_config.5]
Allow config directives to contain whitespace by surrounding them by double
quotes. mindrot #482, man page help from jmc@, ok djm@
|
|
[ssh-keygen.c]
Make ssh-keygen handle CR and CRLF line termination when converting IETF
format keys, in adition to vanilla LF. mindrot #1157, tested by Chris
Pepper, ok djm@
|
|
[packet.c]
Set TCP_NODELAY for all connections not just "interactive" ones. Fixes
poor performance and protocol stalls under some network conditions (mindrot
bugs #556 and #981). Patch originally from markus@, ok djm@
|
|
[sshd.c]
don't log that we are listening on a socket before the listen() call
actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@
|
|
[ssh.c]
knf nit
|
|
[serverloop.c]
move a debug() outside of a signal handler; ok markus@ a little while back
|
|
[session.c]
fix logout recording when privilege separation is disabled, analysis and
patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@
NB. ID sync only - patch already in portable
|
|
[ssh_config.5]
comma;
|
|
[sshd_config.5]
subsection is pointless here;
|
|
[ssh_config.5]
move PATTERNS to the end of the main body; requested by dtucker
|
|
[sshd_config.5]
document the order in which allow/deny directives are processed;
help/ok dtucker
|
|
help/ok dtucker
|
|
[ssh_config.5]
document the possible values for KbdInteractiveDevices;
|
|
[sshd_config.5]
oops - bits i missed;
|
|
[sshd_config.5]
some grammar/wording fixes;
|
|
[ssh_config.5]
some grammar/wording fixes;
|
|
[ssh.1 ssh_config.5 sshd.8 sshd_config.5]
more consistency fixes;
|
|
[ssh-keysign.8 ssh_config.5 sshd_config.5]
some consistency fixes;
|
|
[sshd.8]
signpost to PATTERNS section;
|
|
[ssh_config.5]
tidy up the refs to PATTERNS;
|
|
[sshd_config.5]
signpost to PATTERNS;
|
|
[ssh_config.5]
add section on patterns;
from dtucker + myself
|
|
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
|
|
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
|
|
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
|
|
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
move #include <sys/un.h> out of includes.h; ok djm@
|
|
[ssh_config.5]
add some vertical space;
|
|
[sshd.8]
grammar;
|
|
[sshd.8]
sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
|
|
[sshd.8]
move the sshrc stuff out of FILES, and into its own section:
FILES is not a good place to document how stuff works;
|
|
[sshd.8]
sync some of the FILES entries w/ ssh.1;
|
|
[sshd.8]
remove ietf draft references; RFC list now maintained in ssh.1;
|
|
[ssh.1]
remove the IETF draft references and replace them with some updated RFCs;
|
|
[sftp-client.c]
typo in comment; ok djm@
|
|
[sshd.8]
sort FILES and use a -compact list;
|
|
[sshd.8]
- avoid nasty line split
- `*' does not need to be escaped
|
|
[sshd.8]
turn this into an example ssh_known_hosts file; ok djm
|
|
[sshd.8]
small tweaks for the ssh_known_hosts section;
|