| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | highly polished whitespace, mostly fixing spaces-for-tab and bad |   djm | 2021-04-03 | 1 | -2/+2 |
| * | use the new variant log macros instead of prepending __func__ and | djm | 2020-10-18 | 1 | -8/+7 |
| * | support for requiring user verified FIDO keys in sshd | djm | 2020-08-27 | 1 | -5/+15 |
| * | fix null-deref on calloc failure; ok djm |   markus | 2020-03-06 | 1 | -4/+6 |
| * | change explicit_bzero();free() to freezero() |   jsg | 2020-02-26 | 1 | -3/+2 |
| * | add a "no-touch-required" option for authorized_keys and a similar | djm | 2019-11-25 | 1 | -12/+26 |
| * | Plug mem leaks on error paths, based in part on github pr#120 from |   dtucker | 2019-09-13 | 1 | -1/+2 |
| * | lots of things were relying on libcrypto headers to transitively | djm | 2019-09-06 | 1 | -1/+2 |
| * | move authorized_keys option parsing helpsers to misc.c and make | djm | 2019-09-03 | 1 | -70/+1 |
| * | cap the number of permiopen/permitlisten directives we're willing to | djm | 2019-07-09 | 1 | -2/+2 |
| * | Some asprintf() calls were checked < 0, rather than the precise == -1. |   deraadt | 2019-06-27 | 1 | -2/+2 |
| * | Allow ssh_config IdentityAgent directive to accept environment variable | djm | 2018-10-03 | 1 | -7/+10 |
| * | allow bare port numbers to appear in PermitListen directives, e.g. | djm | 2018-06-19 | 1 | -5/+17 |
| * | some permitlisten fixes from markus@ that I missed in my insomnia-fueled | djm | 2018-06-07 | 1 | -4/+4 |
| * | fix regression caused by recent permitlisten option commit: | djm | 2018-06-07 | 1 | -5/+5 |
| * | permitlisten option for authorized_keys; ok markus@ | djm | 2018-06-06 | 1 | -46/+94 |
| * | relax checking of authorized_keys environment="..." options to allow | djm | 2018-04-06 | 1 | -2/+2 |
| * | rename recently-added "valid-before" key restriction to "expiry-time" | djm | 2018-03-14 | 1 | -2/+2 |
| * | add valid-before="[time]" authorized_keys option. A simple way of | djm | 2018-03-12 | 1 | -3/+29 |
| * | switch over to the new authorized_keys options API and remove the | djm | 2018-03-03 | 1 | -647/+3 |
| * | Introduce a new API for handling authorized_keys options. This API | djm | 2018-03-03 | 1 | -1/+828 |
| * | refactor channels.c | djm | 2017-09-12 | 1 | -3/+8 |
| * | make sure we don't pass a NULL string to vfprintf (triggered by the | markus | 2017-05-31 | 1 | -2/+3 |
| * | When a forced-command appears in both a certificate and an | djm | 2016-11-30 | 1 | -6/+21 |
| * | refactor canohost.c: move functions that cache results closer to the | djm | 2016-03-07 | 1 | -5/+8 |
| * | Remove NULL-checks before free(). |   mmcc | 2015-12-10 | 1 | -17/+9 |
| * | Add a new authorized_keys option "restrict" that includes all current | djm | 2015-11-16 | 1 | -30/+57 |
| * | delete support for legacy v00 certificates; "sure" markus@ dtucker@ | djm | 2015-07-03 | 1 | -30/+16 |
| * | Don't make parsing of authorized_keys' environment= option conditional | djm | 2015-05-01 | 1 | -9/+14 |
| * | unknown certificate extensions are non-fatal, so don't fatal | djm | 2015-04-22 | 1 | -2/+2 |
| * | swith auth-options to new sshbuf/sshkey; ok djm@ | markus | 2015-01-14 | 1 | -44/+38 |
| * | Add support for Unix domain socket forwarding. A remote TCP port |   millert | 2014-07-15 | 1 | -2/+3 |
| * | New key API: refactor key-related functions to be more library-like, | djm | 2014-06-24 | 1 | -7/+7 |
| * | simplify freeing of source-address certificate restriction | djm | 2013-12-19 | 1 | -7/+7 |
| * | use calloc for all structure allocations; from markus@ | djm | 2013-11-08 | 1 | -2/+2 |
| * | no need to include monitor_wrap.h and ssh-gss.h | markus | 2013-11-02 | 1 | -5/+1 |
| * | fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ | djm | 2013-07-12 | 1 | -3/+5 |
| * | bye, bye xfree(); ok markus@ | djm | 2013-05-17 | 1 | -30/+30 |
| * | make AllowTcpForwarding accept "local" and "remote" in addition to its | djm | 2012-12-02 | 1 | -2/+2 |
| * | remove explict search for \0 in packet strings, this job is now done | djm | 2011-10-18 | 1 | -15/+1 |
| * | Add wildcard support to PermitOpen, allowing things like "PermitOpen | dtucker | 2011-09-23 | 1 | -2/+2 |
| * | don't send the actual forced command in a debug message; ok markus deraadt | djm | 2010-12-24 | 1 | -2/+2 |
| * | Add buffer_get_cstring() and related functions that verify that the | djm | 2010-08-31 | 1 | -4/+4 |
| * | Move the permit-* options to the non-critical "extensions" field for v01 | djm | 2010-05-20 | 1 | -102/+180 |
| * | add some optional indirection to matching of principal names listed | djm | 2010-05-07 | 1 | -1/+42 |
| * | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | djm | 2010-04-16 | 1 | -10/+11 |
| * | spelling in error message. ok djm kettenis |   stevesk | 2010-03-16 | 1 | -3/+3 |
| * | Hold authentication debug messages until after successful authentication. | dtucker | 2010-03-07 | 1 | -8/+1 |
| * | "force-command" is not spelled "forced-command"; spotted by | djm | 2010-03-04 | 1 | -2/+2 |
| * | reject strings with embedded ASCII nul chars in certificate key IDs, | djm | 2010-03-03 | 1 | -8/+20 |
