summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/compat.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Cap DH-GEX group size at 4kbits for Cisco implementations. Some of themdtucker2015-05-261-1/+2
| | | | | will choke when asked for preferred sizes >4k instead of returning the 4k group that they do have. bz#2209, ok djm@
* Don't send hostkey advertisments (hostkeys-00@openssh.com) to currentdtucker2015-04-101-1/+2
| | | | | versions of Tera Term as they can't handle them. Newer versions should be OK. Patch from Bryan Drewery and IWAMOTO Kouichi, ok djm@
* store compat flags in struct ssh; ok djm@markus2015-01-191-2/+2
|
* OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connectionsdjm2014-04-181-1/+3
| | | | | | | | | | using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@
* refuse RSA keys from old proprietary clients/servers that use thedjm2013-12-301-1/+2
| | | | | | obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
* unbreak remote portforwarding with dynamic allocated listen ports:markus2011-09-231-1/+2
| | | | | | | | | 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
* only send eow and no-more-sessions requests to openssh 5 and newer;markus2008-09-111-1/+2
| | | | fixes interop problems with broken ssh v2 implementations; ok djm@
* bz #1019: some ssh.com versions apparently can't cope with the remote portdjm2006-12-121-1/+2
| | | | | | forwarding bind_address being a hostname, so send them an address for cases where they are not explicitly specified (wildcard or localhost bind). reported by daveroth AT acm.org; ok dtucker@ deraadt@
* standardise spacing in $OpenBSD$ tags; requested by deraadt@djm2006-03-251-1/+1
|
* bz#413: allow optional specification of bind address for port forwardings.djm2005-03-011-1/+2
| | | | | | | | Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports. ok markus@
* spacesderaadt2004-07-111-2/+2
|
* remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.ukmarkus2003-11-021-2/+1
|
* SSH_BUG_K5USER is unused; ok henning@markus2003-08-291-5/+4
|
* support GSS API user authentication; patches from Simon Wilkinson,markus2003-08-221-1/+2
| | | | stripped down and tested by Jakob and myself.
* bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; tested by ho@ and myselfmarkus2003-04-011-1/+2
|
* add a generic match for a prober, such as sie big brother; idea from stevesk@; markus@ okmickey2002-09-271-1/+2
|
* strip '@' from username only for KerbV and known broken clients, bug #204markus2002-04-101-1/+2
|
* don't send stderr data after EOF, accept this from older known (broken)markus2002-03-251-1/+2
| | | | sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
* $OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; addstevesk2002-03-041-1/+2
| | | | | missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c files. ok markus@
* bug compat: request a dummy channel for -N (no shell) sessions + cleanup; vinschen@redhat.commarkus2001-09-201-1/+2
|
* remove comments from .h, since they are cut&paste from the .c filesmarkus2001-06-261-5/+6
| | | | and out of sync
* prototype pedant. not very creative...itojun2001-06-261-4/+4
| | | | | - () -> (void) - no variable names
* update copyright for 2001markus2001-06-251-2/+2
|
* allow interop with weaker key generation used by ssh-2.0.x, x < 10markus2001-04-301-1/+2
|
* more ssh.com-2.0.x bug-compat; from per@appgate.commarkus2001-04-291-18/+19
|
* implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)markus2001-04-121-1/+2
| | | | | similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
* add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.markus2001-04-051-1/+2
|
* make dh group exchange more flexible, allow min and max group size,provos2001-03-271-1/+2
| | | | okay markus@, deraadt@
* some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5markus2001-03-271-1/+2
| | | | signatures in SSH protocol 2, ok djm@
* Compat for OpenSSH with broken Rijndael/AES. ok markus@djm2001-03-231-1/+3
|
* specifically version match on ssh scanners. do not log scan informationderaadt2001-03-181-1/+2
| | | | | | to the console, because clueless users freak out when people do completely legal probes. instead, generate a detailed log file entry and use british humour to relax their sphincters a little bit.
* all known netscreen ssh versions, and older versions of OSU ssh cannotderaadt2001-03-101-1/+2
| | | | handle password padding (newer OSU is fixed)
* implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->markus2001-03-081-1/+2
| | | | | no need to do enter passphrase or do expensive sign operations if the server does not accept key).
* ssh-1.2.{18-22} has broken handling of ignore messages; report from itojun@markus2001-02-191-9/+10
|
* implement option 'Banner /etc/issue.net' for ssh2, move version tomarkus2001-01-081-1/+2
| | | | | 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner is enabled).
* disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0markus2000-12-061-1/+2
|
* support f-secure/ssh.com 2.0.12; ok niels@markus2000-12-031-2/+3
|
* OpenSSH_2.3; note that is is not complete, but the version number needs to be changed for interoperability reasonsmarkus2000-10-141-2/+2
|
* cleanup copyright notices on all files. I have attempted to be accurate withderaadt2000-09-071-6/+1
| | | | | | | the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
* OpenBSD tagmarkus2000-06-201-1/+1
|
* make userauth+pubkey interop with ssh.com-2.2.0markus2000-06-191-1/+2
|
* bug compat w/ ssh-2.0.13 x11, split out bugsmarkus2000-05-081-1/+6
|
* add Cipher and Protocol options to ssh/sshd, e.g.:markus2000-04-121-1/+8
| | | | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc'
* channel layer support for ssh2markus2000-04-031-1/+5
|
* missing copyrightmarkus1999-11-241-1/+29
|
* much more KNFderaadt1999-11-241-2/+2
|
* add CVS tags, fix comments and whitespacemarkus1999-10-161-0/+2
|
* support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies.markus1999-10-161-0/+5
interops (x11,agent,etc) with 1.2.27 and protocol 1.3
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.