| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Add support for Unix domain socket forwarding. A remote TCP port |   millert | 2014-07-15 | 1 | -22/+83 | |
| | | | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@ | |||||
| * | bz#1818 - don't send channel success/failre replies on channels that |   djm | 2014-04-29 | 1 | -2/+2 | |
| | | | | | | have sent a close already; analysis and patch from Simon Tatham; ok markus@ | |||||
| * | convert memset of potentially-private data to explicit_bzero() | djm | 2014-02-02 | 1 | -2/+2 | |
| | | ||||||
| * | Cast client_alive_interval to u_int64_t before assinging to |   dtucker | 2013-12-19 | 1 | -2/+3 | |
| | | | | | | max_time_milliseconds to avoid potential integer overflow in the timeout. bz#2170, patch from Loganaden Velvindron, ok djm@ | |||||
| * | fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ | djm | 2013-07-12 | 1 | -2/+3 | |
| | | ||||||
| * | bye, bye xfree(); ok markus@ | djm | 2013-05-17 | 1 | -18/+14 | |
| | | ||||||
| * | Fix some "unused result" warnings found via clang and -portable. ok markus@ | dtucker | 2013-05-16 | 1 | -2/+2 | |
| | | ||||||
| * | Add RekeyLimit to sshd with the same syntax as the client allowing rekeying | dtucker | 2013-05-16 | 1 | -4/+10 | |
| | | | | | based on traffic volume or time. ok djm@, help & ok jmc@ for the man page. | |||||
| * | Cast signal to int for logging. A no-op on openbsd (they're always ints) | dtucker | 2012-12-07 | 1 | -3/+3 | |
| | | | | | but will prevent warnings in portable. ok djm@ | |||||
| * | make AllowTcpForwarding accept "local" and "remote" in addition to its | djm | 2012-12-02 | 1 | -6/+13 | |
| | | | | | | current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@ | |||||
| * | initialise accept() backoff timer to avoid EINVAL from select(2) in | djm | 2012-06-20 | 1 | -2/+2 | |
| | | | | | rekeying | |||||
| * | don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a | djm | 2012-04-11 | 1 | -4/+10 | |
| | | | | | while; ok deraadt@ markus@ | |||||
| * | use FD_CLOEXEC consistently; patch from zion AT x96.org | djm | 2011-05-15 | 1 | -3/+3 | |
| | | ||||||
| * | Keep track of number of bytes read and written. Needed for upcoming |   andreas | 2009-05-28 | 1 | -2/+6 | |
| | | | | | | changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ | |||||
| * | Put the globals in packet.c into a struct and don't access it directly | andreas | 2009-05-25 | 1 | -3/+3 | |
| | | | | | | from other files. No functional changes. ok markus@ djm@ | |||||
| * | tighten check for -R0:... forwarding: only allow dynamic allocation if | djm | 2009-02-12 | 1 | -1/+2 | |
| | | | | | want_reply is set in the packet | |||||
| * | support remote port forwarding with a zero listen port (-R0:...) to | djm | 2009-02-12 | 1 | -4/+8 | |
| | | | | | | dyamically allocate a listen port at runtime (this is actually specified in rfc4254); bz#1003 ok markus@ | |||||
| * | make a2port() return -1 when it encounters an invalid port number | djm | 2009-01-22 | 1 | -2/+2 | |
| | | | | | | | | | | | | rather than 0, which it will now treat as valid (needed for future work) adjust current consumers of a2port() to check its return value is <= 0, which in turn required some things to be converted from u_short => int make use of int vs. u_short consistent in some other places too feedback & ok markus@ | |||||
| * | backout 1.149, since it's not necessary and openssh clients send |   markus | 2008-12-02 | 1 | -3/+3 | |
| | | | | | broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@ | |||||
| * | only pass channel requests on session channels through to the session | djm | 2008-06-30 | 1 | -2/+3 | |
| | | | | | channel handler, avoiding spurious log messages; ok! markus@ | |||||
| * | Add a no-more-sessions@openssh.com global request extension that the | djm | 2008-06-10 | 1 | -1/+11 | |
| | | | | | | | | | | | | | client sends when it knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session. Why would a non-multiplexing client ever issue additional session requests? It could have been attacked with something like SSH'jack: http://www.storm.net.nz/projects/7 feedback & ok markus | |||||
| * | unbreak | markus | 2008-05-09 | 1 | -2/+5 | |
| | | | | | | | | ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@ | |||||
| * | Try additional addresses when connecting to a port forward destination | djm | 2008-05-09 | 1 | -11/+8 | |
| | | | | | | | | | | whose DNS name resolves to more than one address. The previous behaviour was to try the first address and give up. Reported by stig AT venaas.com in bz#343 great feedback and ok markus@ | |||||
| * | Implement a channel success/failure status confirmation callback | djm | 2008-05-08 | 1 | -2/+4 | |
| | | | | | | | | | | | | | | mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff) | |||||
| * | Allow all SSH2 packet types, including UNIMPLEMENTED to reset the | dtucker | 2008-02-22 | 1 | -4/+3 | |
| | | | | | keepalive timer (bz #1307). ok markus@ | |||||
| * | Revert the change for bz #1307 as it causes connection aborts if an IGNORE | dtucker | 2008-01-23 | 1 | -3/+1 | |
| | | | | | | packet arrives while we're waiting in packet_read_expect (and possibly elsewhere). | |||||
| * | Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the | dtucker | 2007-12-28 | 1 | -1/+3 | |
| | | | | | | | ServerAlive and ClientAlive timers. Prevents dropping a connection when these are enabled but the peer does not support our keepalives. bz #1307, ok djm@. | |||||
| * | exit instead of doing a blocking tcp send if we detect a client/server timeout, | markus | 2006-10-11 | 1 | -3/+5 | |
| | | | | | since the tcp sendqueue might be already full (of alive requests); ok dtucker, report mpf | |||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -4/+6 | |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | |||||
| * | move #include <sys/param.h> out of includes.h |   stevesk | 2006-07-26 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/time.h> out of includes.h | stevesk | 2006-07-25 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <string.h> out of includes.h | stevesk | 2006-07-22 | 1 | -1/+2 | |
| | | ||||||
| * | missed some needed #include <unistd.h> when KERBEROS5=no; issue from | stevesk | 2006-07-20 | 1 | -1/+2 | |
| | | | | | massimo@cedoc.mo.it | |||||
| * | move #include <errno.h> out of includes.h; ok markus@ | stevesk | 2006-07-11 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <fcntl.h> out of includes.h | stevesk | 2006-07-09 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <pwd.h> out of includes.h; ok markus@ | stevesk | 2006-07-06 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <netinet/in.h> out of includes.h; ok deraadt@ | stevesk | 2006-07-05 | 1 | -1/+4 | |
| | | ||||||
| * | spacing | deraadt | 2006-03-25 | 1 | -3/+3 | |
| | | ||||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 | |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | |||||
| * | spacing | deraadt | 2006-03-20 | 1 | -0/+1 | |
| | | ||||||
| * | sprinkle u_int throughout pty subsystem, ok markus | deraadt | 2006-03-20 | 1 | -4/+4 | |
| | | ||||||
| * | ARGSUSED for signal handlers | deraadt | 2006-03-19 | 1 | -1/+3 | |
| | | ||||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 | |
| | | ||||||
| * | memory leaks detected by Coverity via elad AT netbsd.org; | djm | 2006-03-19 | 1 | -1/+2 | |
| | | | | | ok deraadt@ dtucker@ | |||||
| * | move a debug() outside of a signal handler; ok markus@ a little while back | djm | 2006-03-04 | 1 | -2/+2 | |
| | | ||||||
| * | move #include <signal.h> out of includes.h; ok markus@ | stevesk | 2006-02-20 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/wait.h> out of includes.h; ok markus@ | stevesk | 2006-02-10 | 1 | -1/+4 | |
| | | ||||||
| * | move #include <termios.h> out of includes.h; ok markus@ | stevesk | 2006-02-07 | 1 | -1/+3 | |
| | | ||||||
| * | if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY |   reyk | 2005-12-13 | 1 | -2/+2 | |
| | | ||||||
| * | two changes to the new ssh tunnel support. this breaks compatibility | reyk | 2005-12-08 | 1 | -7/+18 | |
| | | | | | | | | | | | | | with the initial commit but is required for a portable approach. - make the tunnel id u_int and platform friendly, use predefined types. - support configuration of layer 2 (ethernet) or layer 3 (point-to-point, default) modes. configuration is done using the Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option in sshd_config(5). ok djm@, man page bits by jmc@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |