summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/readconf.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* move #include <unistd.h> out of includes.hstevesk2006-07-171-1/+2
|
* move #include <netdb.h> out of includes.h; ok djm@stevesk2006-07-121-1/+2
|
* move #include <errno.h> out of includes.h; ok markus@stevesk2006-07-111-1/+2
|
* add ExitOnForwardFailure: terminate the connection if ssh(1)markus2006-07-111-1/+10
| | | | | cannot set up all requested dynamic, local, and remote port forwardings. ok djm, dtucker, stevesk, jmc
* move #include <netinet/in.h> out of includes.h; ok deraadt@stevesk2006-07-051-1/+4
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* RCSID() can diederaadt2006-03-191-1/+0
|
* potential NULL pointer dereferences detected by Coveritydjm2006-03-191-2/+3
| | | | via elad AT netbsd.org; ok deraadt@
* move #include <ctype.h> out of includes.h; ok djm@stevesk2006-02-221-1/+3
|
* move #include <sys/stat.h> out of includes.h; ok markus@stevesk2006-02-201-1/+4
|
* raise error when the user specifies a RekeyLimit that is smaller than 16djm2006-02-121-7/+22
| | | | | (the smallest of our cipher's blocksize) or big enough to cause integer wraparound; ok & feedback dtucker@
* two changes to the new ssh tunnel support. this breaks compatibilityreyk2005-12-081-5/+27
| | | | | | | | | | | | with the initial commit but is required for a portable approach. - make the tunnel id u_int and platform friendly, use predefined types. - support configuration of layer 2 (ethernet) or layer 3 (point-to-point, default) modes. configuration is done using the Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option in sshd_config(5). ok djm@, man page bits by jmc@
* Add support for tun(4) forwarding over OpenSSH, based on an idea andreyk2005-12-061-3/+49
| | | | | | | | | | | | initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others
* listen_hosts initialisation here too; spotted greg AT y2005.nest.cxdjm2005-07-301-2/+2
|
* knf says that a 2nd level indent is four (not three or five) spacesdjm2005-07-171-2/+2
|
* add ControlMaster=auto/autoask options to support opportunistic multiplexing;djm2005-06-081-2/+22
| | | | tested avsm@ and jakob@, ok markus@
* check return value from strdelim() for NULL (AddressFamily); mpechmarkus2005-05-161-1/+4
|
* spacingderaadt2005-03-101-2/+2
|
* Check listen addresses for null, prevents xfree from dying duringdtucker2005-03-101-3/+5
| | | | ClearAllForwardings (bz #996). From Craig Leres, ok markus@
* fix SendEnv config parsing bug found by Roumen Petrov; ok dtucker@djm2005-03-041-1/+3
|
* add support for hashing host names and addresses added to known_hosts files,djm2005-03-011-2/+10
| | | | to improve privacy of which hosts user have been visiting; ok markus@ deraadt@
* bz#413: allow optional specification of bind address for port forwardings.djm2005-03-011-38/+119
| | | | | | | | Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports. ok markus@
* spacesderaadt2004-07-111-3/+3
|
* Add option for confirmation (ControlMaster=ask) via ssh-askpass before openingdjm2004-06-171-2/+2
| | | | shared connections; ok markus@
* implement session multiplexing in the client (the server has supported thisdjm2004-06-131-2/+16
| | | | since 2.0); ok markus@
* Kill dead code after fatal(); ok djm@dtucker2004-05-271-8/+3
|
* bz #815: implement ability to pass specified environment variables from thedjm2004-04-271-1/+17
| | | | client to the server; ok markus@
* perform strict ownership and modes checks for ~/.ssh/config files, as thesedjm2004-04-181-4/+19
| | | | | | can be used to execute arbitrary programs; ok markus@ NB. ssh will now exit when it detects a config with poor permissions
* add IdentitiesOnly; ok djm@, pb@markus2004-03-051-2/+10
|
* application layer keep alive (ServerAliveInterval ServerAliveCountMax)markus2003-12-161-2/+19
| | | | | for ssh(1), similar to the sshd(8) option; ok beck@; with help from jmc and dtucker@
* rename keepalive to tcpkeepalive; the old name causes too muchmarkus2003-12-091-9/+10
| | | | confusion; ok djm, dtucker; with help from jmc@
* update SSHFP validation. ok markus@jakob2003-11-121-2/+3
|
* include SSHFP lookup code (not enabled by default). ok markus@jakob2003-10-141-5/+1
|
* remote x11 clients are now untrusted by default, uses xauth(8) to generatemarkus2003-10-111-2/+10
| | | | | untrusted cookies; ForwardX11Trusted=yes restores old behaviour. ok deraadt; feedback and ok djm/fries
* default GSS API to no in client, too; ok jakob, deraadt@markus2003-10-081-2/+2
|
* remove unused kerberos code; ok henning@markus2003-09-011-16/+1
|
* rm gssapidelegatecreds alias; never supported beforemarkus2003-09-011-2/+1
|
* remove kerberos support from ssh1, since it has been replaced with GSSAPI;markus2003-08-281-6/+1
| | | | but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
* support GSS API user authentication; patches from Simon Wilkinson,markus2003-08-221-2/+24
| | | | stripped down and tested by Jakob and myself.
* socks4->socks, since with support both 4 and 5; dtucker@zip.com.aumarkus2003-08-131-2/+2
|
* remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,markus2003-08-131-12/+3
| | | | fgsch@, miod@, henning@, jakob@ and others
* remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);markus2003-07-221-14/+3
| | | | test+ok henning@
* fix AddressFamily option in config file, from brent@graveland.net; ok markus@djm2003-07-031-5/+10
|
* do not dump core for 'ssh -o proxycommand host'; ok deraadt@markus2003-06-261-1/+3
|
* add AddressFamily option to ssh_config (like -4, -6 on commandline).djm2003-05-161-1/+16
| | | | Portable bug #534; ok markus@
* add a ConnectTimeout option to ssh, based on patch fromdjm2003-05-151-2/+18
| | | | Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
* warn for unsupported config option. ok markus@jakob2003-05-151-14/+24
|
* disable kerberos when not supported. ok markus@jakob2003-05-151-1/+13
|
* always parse kerberos options. ok djm@ markus@jakob2003-05-151-34/+6
|
* add experimental support for verifying hos keys using DNS as describedjakob2003-05-141-2/+10
| | | | | in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.