| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan. |   reyk | 2009-10-28 | 1 | -2/+3 | |
| | | | | | ok markus@ | |||||
| * | Keep track of number of bytes read and written. Needed for upcoming |   andreas | 2009-05-28 | 1 | -3/+5 | |
| | | | | | | changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ | |||||
| * | Un-static ssh_exchange_identification(), part of a larger change from | andreas | 2009-05-27 | 1 | -2/+2 | |
| | | | | | | Martin Forssen and needed for upcoming changes. ok markus@ | |||||
| * | use #define ROQUIET here; no binary change. ok dtucker@ |   stevesk | 2008-10-14 | 1 | -3/+3 | |
| | | ||||||
| * | Send CR LF during protocol banner exchanges, but only for Protocol 2 only, |   dtucker | 2008-07-01 | 1 | -3/+3 | |
| | | | | | in order to comply with RFC 4253. bz #1443, ok djm@ | |||||
| * | Check ExitOnForwardFailure if forwardings are disabled due to a failed | dtucker | 2008-07-01 | 1 | -2/+13 | |
| | | | | | host key check. ok djm@ | |||||
| * | Move SSH Fingerprint Visualization away from sharing the config option |   grunk | 2008-06-26 | 1 | -11/+7 | |
| | | | | | | | | | | CheckHostIP to an own config option named VisualHostKey. While there, fix the behaviour that ssh would draw a random art picture on every newly seen host even when the option was not enabled. prodded by deraadt@, discussions, help and ok markus@ djm@ dtucker@ | |||||
| * | tweak wording in message, ok deraadt@ jmc@ |   ian | 2008-06-12 | 1 | -2/+2 | |
| | | ||||||
| * | Make keepalive timeouts apply while waiting for a packet, particularly during | dtucker | 2008-06-12 | 1 | -18/+5 | |
| | | | | | key renegotiation (bz #1363). With djm and Matt Day, ok djm@ | |||||
| * | Make ssh print the random art also when ssh'ing to a host using IP only. | grunk | 2008-06-12 | 1 | -2/+10 | |
| | | | | | spotted by naddy@, ok and help djm@ dtucker@ | |||||
| * | Do not pass "0" strings as ports to getaddrinfo because the lookups | dtucker | 2008-06-12 | 1 | -2/+2 | |
| | | | | | | | | | | | | | | | | can slow things down and we never use the service info anyway. bz #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok deraadt@ djm@ djm belives that the reason for the "0" strings is to ensure that it's not possible to call getaddrinfo with both host and port being NULL. In the case of canohost.c host is a local array. In the case of sshconnect.c, it's checked for null immediately before use. In dns.c it ultimately comes from ssh.c:main() and is guaranteed to be non-null but it's not obvious, so I added a warning message in case it is ever passed a null. | |||||
| * | Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the | grunk | 2008-06-11 | 1 | -7/+19 | |
| | | | | | | | | | | | | | | | | | | | | | | | | graphical hash visualization schemes known as "random art", and by Dan Kaminsky's musings on the subject during a BlackOp talk at the 23C3 in Berlin. Scientific publication (original paper): "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99) http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf The algorithm used here is a worm crawling over a discrete plane, leaving a trace (augmenting the field) everywhere it goes. Movement is taken from dgst_raw 2bit-wise. Bumping into walls makes the respective movement vector be ignored for this turn, thus switching to the other color of the chessboard. Graphs are not unambiguous for now, because circles in graphs can be walked in either direction. discussions with several people, help, corrections and ok markus@ djm@ | |||||
| * | Add a small helper function to consistently handle the EAI_SYSTEM error | dtucker | 2007-12-27 | 1 | -4/+4 | |
| | | | | | | code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417. ok markus@ stevesk@ | |||||
| * | make ssh(1)'s ConnectTimeout option apply to both the TCP connection and |   djm | 2007-09-04 | 1 | -21/+84 | |
| | | | | | | | | | SSH banner exchange (previously it just covered the TCP connection). This allows callers of ssh(1) to better detect and deal with stuck servers that accept a TCP connection but don't progress the protocol, and also makes ConnectTimeout useful for connections via a ProxyCommand; feedback and "looks ok" markus@ | |||||
| * | Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally | djm | 2007-08-23 | 1 | -3/+6 | |
| | | ||||||
| * | sleep before retrying (not after) since sleep changes errno; fixes |   markus | 2006-10-10 | 1 | -6/+5 | |
| | | | | | pr 5250; rad@twig.com; ok dtucker djm | |||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -4/+3 | |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | |||||
| * | move #include <stdio.h> out of includes.h | stevesk | 2006-08-01 | 1 | -1/+2 | |
| | | ||||||
| * | Allow fallback to known_hosts entries without port qualifiers for | dtucker | 2006-08-01 | 1 | -9/+25 | |
| | | | | | | non-standard ports too, so that all existing known_hosts entries will be recognised. Requested by, feedback and ok markus@ | |||||
| * | move #include <stdlib.h> out of includes.h | stevesk | 2006-07-26 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/time.h> out of includes.h | stevesk | 2006-07-25 | 1 | -1/+2 | |
| | | ||||||
| * | disable tunnel forwarding when no strict host key checking | stevesk | 2006-07-24 | 1 | -2/+7 | |
| | | | | | and key changed; ok djm@ markus@ dtucker@ | |||||
| * | move #include <string.h> out of includes.h | stevesk | 2006-07-22 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <unistd.h> out of includes.h | stevesk | 2006-07-17 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <netdb.h> out of includes.h; ok djm@ | stevesk | 2006-07-12 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <errno.h> out of includes.h; ok markus@ | stevesk | 2006-07-11 | 1 | -1/+2 | |
| | | ||||||
| * | Add port identifier to known_hosts for non-default ports, based originally | dtucker | 2006-07-10 | 1 | -10/+15 | |
| | | | | | | | | | | | on a patch from Devin Nate in bz#910. For any connection using the default port or using a HostKeyAlias the format is unchanged, otherwise the host name or address is enclosed within square brackets in the same format as sshd's ListenAddress. Tested by many, ok markus@. | |||||
| * | move #include <pwd.h> out of includes.h; ok markus@ | stevesk | 2006-07-06 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <netinet/in.h> out of includes.h; ok deraadt@ | stevesk | 2006-07-05 | 1 | -1/+4 | |
| | | ||||||
| * | move #include "version.h" out of includes.h; ok markus@ | stevesk | 2006-07-03 | 1 | -1/+2 | |
| | | ||||||
| * | limit the number of pre-banner characters we will accept; ok markus@ | djm | 2006-06-14 | 1 | -3/+5 | |
| | | ||||||
| * | do not set the gid, noted by solar; ok djm | markus | 2006-06-08 | 1 | -2/+2 | |
| | | ||||||
| * | replace remaining setuid() calls with permanently_set_uid() and | markus | 2006-06-06 | 1 | -3/+2 | |
| | | | | | check seteuid() return values; report Marcus Meissner; ok dtucker djm | |||||
| * | fix leak; coverity via Kylene Jo Hall | markus | 2006-05-17 | 1 | -1/+2 | |
| | | ||||||
| * | simplify; ok djm@ | markus | 2006-04-20 | 1 | -20/+9 | |
| | | ||||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 | |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | |||||
| * | introduce xcalloc() and xasprintf() failure-checked allocations functions | djm | 2006-03-25 | 1 | -12/+5 | |
| | | | | | | | | | | | and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@ | |||||
| * | be strict with tolower() casting | deraadt | 2006-03-20 | 1 | -1/+1 | |
| | | ||||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 | |
| | | ||||||
| * | move #include <ctype.h> out of includes.h; ok djm@ | stevesk | 2006-02-22 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/stat.h> out of includes.h; ok markus@ | stevesk | 2006-02-20 | 1 | -1/+2 | |
| | | ||||||
| * | move #include <sys/wait.h> out of includes.h; ok markus@ | stevesk | 2006-02-10 | 1 | -1/+4 | |
| | | ||||||
| * | <openssl/bn.h> not needed | stevesk | 2006-02-08 | 1 | -3/+1 | |
| | | ||||||
| * | move #include <paths.h> out of includes.h; ok markus@ | stevesk | 2006-02-08 | 1 | -1/+3 | |
| | | ||||||
| * | Add support for tun(4) forwarding over OpenSSH, based on an idea and | reyk | 2005-12-06 | 1 | -1/+37 | |
| | | | | | | | | | | | | | initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others | |||||
| * | no need to escape single quotes in comments, no binary change | djm | 2005-10-30 | 1 | -2/+2 | |
| | | ||||||
| * | make external definition static; ok deraadt@ | stevesk | 2005-10-15 | 1 | -3/+2 | |
| | | ||||||
| * | knf says that a 2nd level indent is four (not three or five) spaces | djm | 2005-07-17 | 1 | -4/+4 | |
| | | ||||||
| * | spacing | djm | 2005-07-16 | 1 | -2/+2 | |
| | | ||||||
| * | Fix ControlPath's %p expanding to "0" for a default port, | djm | 2005-06-17 | 1 | -10/+1 | |
| | | | | | spotted dwmw2 AT infradead.org; ok markus@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |