summaryrefslogtreecommitdiff
path: root/readconf.c
AgeCommit message (Collapse)Author
2003-05-18 - djm@cvs.openbsd.org 2003/05/16 03:27:12Damien Miller
[readconf.c ssh_config ssh_config.5 ssh-keysign.c] add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@
2003-05-16 - djm@cvs.openbsd.org 2003/05/15 14:55:25Damien Miller
[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c] add a ConnectTimeout option to ssh, based on patch from Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
2003-05-16 - jakob@cvs.openbsd.org 2003/05/15 14:02:47Damien Miller
[readconf.c servconf.c] warn for unsupported config option. ok markus@
2003-05-15 - jakob@cvs.openbsd.org 2003/05/15 04:08:44Damien Miller
[readconf.c servconf.c] disable kerberos when not supported. ok markus@
2003-05-15 - jakob@cvs.openbsd.org 2003/05/15 01:48:10Damien Miller
[readconf.c readconf.h servconf.c servconf.h] always parse kerberos options. ok djm@ markus@ - (djm) Always parse UsePAM
2003-05-15 - jakob@cvs.openbsd.org 2003/05/14 18:16:20Damien Miller
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c] [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c] add experimental support for verifying hos keys using DNS as described in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
2003-05-14 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2003/04/09 12:00:37 [readconf.c] strip trailing whitespace from config lines before parsing. Fixes bz 528; ok markus@
2003-04-09 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/04/02 09:48:07 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] reapply rekeying chage, tested by henning@, ok djm@
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:10:23Damien Miller
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] rekeying bugfixes and automatic rekeying: * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying - markus@cvs.openbsd.org 2003/04/01 10:22:21 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] backout rekeying changes (for 3.6.1)
2003-02-24 - markus@cvs.openbsd.org 2003/02/05 09:02:28Damien Miller
[readconf.c] simplify ProxyCommand parsing, remove strcat/xrealloc; ok henning@, djm@
2002-11-09 - markus@cvs.openbsd.org 2002/11/07 22:08:07Ben Lindstrom
[readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] we cannot use HostbasedAuthentication for enabling ssh-keysign(8), because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
2002-07-09 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platformsBen Lindstrom
lacking that concept can share it. Patch by vinschen@redhat.com
2002-06-21 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55Ben Lindstrom
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c xmalloc.h] KNF done automatically while reading....
2002-06-11 - stevesk@cvs.openbsd.org 2002/06/10 17:45:20Ben Lindstrom
[readconf.c ssh.1] change RhostsRSAAuthentication and RhostsAuthentication default to no since ssh is no longer setuid root by default; ok markus@
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 12:46:14Ben Lindstrom
[readconf.c] silently ignore deprecated options, since FallBackToRsh might be passed by remote scp commands.
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:40:01Ben Lindstrom
[readconf.c] just warn about Deprecated options for now
2002-06-09 - markus@cvs.openbsd.org 2002/06/08 05:17:01Ben Lindstrom
[readconf.c readconf.h ssh.1 ssh.c] deprecate FallBackToRsh and UseRsh; patch from djm@
2002-02-05 - markus@cvs.openbsd.org 2002/02/04 12:15:25Damien Miller
[log.c log.h readconf.c servconf.c] add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
2002-01-22 - stevesk@cvs.openbsd.org 2002/01/04 17:59:17Damien Miller
[readconf.c servconf.c] remove #ifdef _PATH_XAUTH/#endif; ok markus@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - stevesk@cvs.openbsd.org 2001/11/17 19:14:34Ben Lindstrom
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] enum/int type cleanup where it made sense to do so; ok markus@
2001-10-03 - markus@cvs.openbsd.org 2001/10/01 21:51:16Ben Lindstrom
[readconf.c readconf.h ssh.1 sshconnect.c] add NoHostAuthenticationForLocalhost; note that the hostkey is now check for localhost, too.
2001-09-20 - stevesk@cvs.openbsd.org 2001/09/19 19:24:19Ben Lindstrom
[readconf.c readconf.h scp.c sftp.c ssh.1] add ClearAllForwardings ssh option and set it in scp and sftp; ok markus@
2001-09-12 - stevesk@cvs.openbsd.org 2001/09/03 20:58:33Ben Lindstrom
[readconf.c readconf.h ssh.c] fatal() for nonexistent -Fssh_config. ok markus@
2001-09-12 - stevesk@cvs.openbsd.org 2001/08/30 16:04:35Ben Lindstrom
[readconf.c ssh.1] validate ports for LocalForward/RemoteForward. add host/port alternative syntax for IPv6 (like -L/-R). ok markus@
2001-09-12 - markus@cvs.openbsd.org 2001/08/28 09:51:26Ben Lindstrom
[readconf.c] don't set DynamicForward unless Host matches
2001-08-15 - (bal) Fixed stray code in readconf.c that went in by mistake.Ben Lindstrom
2001-08-06 - markus@cvs.openbsd.org 2001/08/01 22:03:33Ben Lindstrom
[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c ssh-agent.c ssh.c] use strings instead of ints for smartcard reader ids
2001-08-06 - jakob@cvs.openbsd.org 2001/07/31 09:28:44Ben Lindstrom
[readconf.c readconf.h ssh.1 ssh.c] add 'SmartcardDevice' client option to specify which smartcard device is used to access a smartcard used for storing the user's private RSA key. ok markus@.
2001-08-06 - markus@cvs.openbsd.org 2001/07/25 14:35:18Ben Lindstrom
[readconf.c ssh.1 ssh.c sshconnect.c] cleanup connect(); connection_attempts 4 -> 1; from eivind@freebsd.org
2001-08-06 - markus@cvs.openbsd.org 2001/07/22 22:04:19Ben Lindstrom
[readconf.c ssh.1] enable challenge-response auth by default; ok millert@
2001-08-06 - markus@cvs.openbsd.org 2001/07/22 21:32:27Ben Lindstrom
[sshpty.c] update comment
2001-07-04 - dugsong@cvs.openbsd.org 2001/06/26 16:15:25Ben Lindstrom
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h servconf.c servconf.h session.c sshconnect1.c sshd.c] Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
2001-06-25 - markus@cvs.openbsd.org 2001/06/23 02:34:33Ben Lindstrom
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] get rid of known_hosts2, use it for hostkey lookup, but do not modify.
2001-06-09 - markus@cvs.openbsd.org 2001/06/08 15:25:40Ben Lindstrom
[includes.h pathnames.h readconf.c servconf.c] move the path for xauth to pathnames.h
2001-06-05 - stevesk@cvs.openbsd.org 2001/05/24 18:57:53Ben Lindstrom
[clientloop.c readconf.c ssh.c ssh.h] don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 - markus@cvs.openbsd.org 2001/05/18 14:13:29Ben Lindstrom
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] improved kbd-interactive support. work by per@appgate.com and me
2001-04-30 - markus@cvs.openbsd.org 2001/04/30 11:18:52Ben Lindstrom
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c] implement 'ssh -b bind_address' like 'telnet -b'
2001-04-17 - markus@cvs.openbsd.org 2001/04/17 10:53:26Ben Lindstrom
[key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c] add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
2001-04-16 - stevesk@cvs.openbsd.org 2001/04/15 21:28:35Ben Lindstrom
[readconf.c servconf.c] use fatal() or error() vs. fprintf(); ok markus@
2001-04-12 - stevesk@cvs.openbsd.org 2001/04/12 20:09:38Ben Lindstrom
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c] robust port validation; ok markus@ jakob@
2001-04-12 - markus@cvs.openbsd.org 2001/04/12 19:39:27Ben Lindstrom
[readconf.c] typo
2001-04-12 - markus@cvs.openbsd.org 2001/04/12 19:15:26Ben Lindstrom
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-08 - markus@cvs.openbsd.org 2001/04/07 08:55:18Ben Lindstrom
[buffer.c channels.c channels.h readconf.c ssh.c] allow the ssh client act as a SOCKS4 proxy (dynamic local portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me. thanks to Dan for this great patch: use 'ssh -D 1080 host' and make netscape use localhost:1080 as a socks proxy.
2001-04-02 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23Ben Lindstrom
[readconf.c servconf.c] correct comment; ok markus@
2001-03-22 - OpenBSD CVS SyncBen Lindstrom
- markus@cvs.openbsd.org 2001/03/20 19:10:16 [readconf.c] default to SSH protocol version 2
2001-03-20 - markus@cvs.openbsd.org 2001/03/19 17:07:23Damien Miller
[auth.c readconf.c] undo /etc/shell and proto 2,1 change for openssh-2.5.2
2001-03-11 - markus@cvs.openbsd.org 2001/03/10 17:51:04Ben Lindstrom
[kex.c match.c match.h readconf.c readconf.h sshconnect2.c] add PreferredAuthentications
2001-03-10 - deraadt@cvs.openbsd.org 2001/03/10 12:53:51Ben Lindstrom
[readconf.c ssh_config] default to SSH2, now that m68k runs fast
2001-03-08 - OpenBSD CVS SyncBen Lindstrom
- markus@cvs.openbsd.org 2001/03/08 00:15:48 [readconf.c ssh.1] turn off useprivilegedports by default. only rhost-auth needs this. older sshd's may need this, too.