Age | Commit message (Collapse) | Author |
|
[channels.c channels.h session.c]
setup x11 listen socket for just one connect if the client requests so.
(v2 only, but the openssh client does not support this feature).
|
|
|
|
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
|
|
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
[channels.h channels.c session.c]
sshd X11 fake server will now listen on localhost by default:
$ echo $DISPLAY
localhost:12.0
$ netstat -an|grep 6012
tcp 0 0 127.0.0.1.6012 *.* LISTEN
tcp6 0 0 ::1.6012 *.* LISTEN
sshd_config gatewayports=yes can be used to revert back to the old
behavior. will control this with another option later. ok markus@
- stevesk@cvs.openbsd.org 2001/12/19 08:43:11
[includes.h session.c]
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
|
|
[channels.c session.c]
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
|
|
[session.c sshd.8]
don't pass user defined variables to /usr/bin/login
|
|
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
|
|
|
|
[session.c]
delay detach of session if a channel gets closed but the child is
still alive. however, release pty, since the fd's to the child are
already closed.
|
|
- markus@cvs.openbsd.org 2001/10/10 22:18:47
[channels.c channels.h clientloop.c nchan.c serverloop.c]
[session.c session.h]
try to keep channels open until an exit-status message is sent.
don't kill the login shells if the shells stdin/out/err is closed.
this should now work:
ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
|
[channels.c channels.h serverloop.c session.c session.h]
simplify session close: no more delayed session_close, no more blocking wait() calls.
|
|
[session.c]
stat subsystem command before calling do_exec, and return error to client.
|
|
[session.c]
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
|
|
[session.c]
fix typo in error message, sync with do_exec_nopty
|
|
wayned@users.sourceforge.net
|
|
[session.c]
calls krb_afslog() after setting $HOME; mattiasa@e.kth.se; fixes
pr 1943b
|
|
|
|
[session.c]
command=xxx overwrites subsystems, too
|
|
[servconf.c servconf.h session.c sshd.8]
deprecate CheckMail. ok markus@
|
|
[session.c sftp-int.c]
correct type on last arg to execl(); nordin@cse.ogi.edu
|
|
pam_nologin module. Report from William Yodlowsky
<bsd@openbsd.rutgers.edu>
|
|
|
|
[serverloop.c session.c session.h]
wait until !session_have_children(); bugreport from
Lutz.Jaenicke@aet.TU-Cottbus.DE
|
|
[serverloop.c serverloop.h session.c session.h]
quick hack to make ssh2 work again.
|
|
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
servconf.c servconf.h session.c sshconnect1.c sshd.c]
Kerberos v5 support for SSH1, mostly from Assar Westerlund
<assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
|
|
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
update copyright for 2001
|
|
|
|
|
|
|
|
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
|
|
[session.c]
don't reset forced_command (we allow multiple login shells in
ssh2); dwd@bell-labs.com
|
|
[session.c]
allocate and free at the same level.
|
|
[session.c sshd.8]
disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
|
|
[session.c]
cleanup forced command handling, from dwd@bell-labs.com
|
|
- markus@cvs.openbsd.org 2001/06/13 09:10:31
[session.c]
typo, use pid not s->pid, mstone@cs.loyola.edu
|
|
[session.c]
unused
|
|
[session.c]
remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
we do already trust $HOME/.ssh
you can use .ssh/sshrc and .ssh/environment if you want to customize
the location of the xauth cookies
|
|
[session.c]
merge ssh1/ssh2 tty msg parse and alloc code
|
|
[session.c]
merge session_free into session_close()
merge pty_cleanup_proc into session_pty_cleanup()
|
|
[session.c]
reset pointer to NULL after xfree(); report from solar@openwall.com
|
|
[session.c]
don't overwrite errno
delay deletion of the xauth cookie
|
|
[session.c]
let session_close() delete the pty. deny x11fwd if xauthfile is set.
|
|
[session.c]
merge ssh1/2 x11-fwd setup, create listener after tmp-dir
|
|
[channels.c channels.h session.c]
switch uid when cleaning up tmp files and sockets; reported by
zen-parse@gmx.net on bugtraq
|
|
[channels.c channels.h session.c]
use fatal_register_cleanup instead of atexit, sync with x11 authdir
handling
|
|
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
|
|
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
|
|
[session.c]
Disable X11 forwarding if xauth binary is not found. Patch from Nalin
Dahyabhai <nalin@redhat.com>; ok markus@
|
|
<wayne@blorf.net>
|
|
|