![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.101 / (download) - annotate - [select for diffs], Fri Jul 14 07:44:21 2023 UTC (9 months, 1 week ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.100: +2 -1 lines
Diff to previous 1.100 (colored)
Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
Revision 1.100 / (download) - annotate - [select for diffs], Fri Jul 14 05:31:44 2023 UTC (9 months, 1 week ago) by djm
Branch: MAIN
Changes since 1.99: +4 -3 lines
Diff to previous 1.99 (colored)
add defence-in-depth checks for some unreachable integer overflows reported by Yair Mizrahi @ JFrog; feedback/ok millert@
Revision 1.99 / (download) - annotate - [select for diffs], Wed Mar 29 00:18:35 2023 UTC (12 months, 3 weeks ago) by djm
Branch: MAIN
Changes since 1.98: +10 -11 lines
Diff to previous 1.98 (colored)
fix memory leak; Coverity CID 291848, with/ok dtucker@
Revision 1.98 / (download) - annotate - [select for diffs], Tue Feb 8 08:59:12 2022 UTC (2 years, 2 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)
Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdelim accepted ":" or "/" as a port delimiter between hosts (or addresses) and ports. These days most of the uses for "/" are no longer accepted, so there are several places where it checks the delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2 in the other cases. ok djm@
Revision 1.97 / (download) - annotate - [select for diffs], Sat Jul 24 01:55:19 2021 UTC (2 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.96: +6 -2 lines
Diff to previous 1.96 (colored)
don't leak environment= variable when it is not the first match
Revision 1.96 / (download) - annotate - [select for diffs], Fri Jul 23 03:57:20 2021 UTC (2 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.95: +24 -11 lines
Diff to previous 1.95 (colored)
make authorized_keys environment="..." directives first-match-wins and more strictly limit their maximum number; prompted by OOM reported by OSS-fuzz (35470). feedback and ok dtucker@
Revision 1.95 / (download) - annotate - [select for diffs], Sat Apr 3 06:18:40 2021 UTC (3 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)
highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on continuation lines. Prompted by GHPR#185
Revision 1.94 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:01 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.93: +7 -8 lines
Diff to previous 1.93 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.93 / (download) - annotate - [select for diffs], Thu Aug 27 01:07:09 2020 UTC (3 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.92: +15 -5 lines
Diff to previous 1.92 (colored)
support for requiring user verified FIDO keys in sshd This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@
Revision 1.92 / (download) - annotate - [select for diffs], Fri Mar 6 18:15:38 2020 UTC (4 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.91: +6 -4 lines
Diff to previous 1.91 (colored)
fix null-deref on calloc failure; ok djm
Revision 1.91 / (download) - annotate - [select for diffs], Wed Feb 26 13:40:09 2020 UTC (4 years, 1 month ago) by jsg
Branch: MAIN
Changes since 1.90: +2 -3 lines
Diff to previous 1.90 (colored)
change explicit_bzero();free() to freezero() While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@
Revision 1.90 / (download) - annotate - [select for diffs], Mon Nov 25 00:54:23 2019 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.89: +26 -12 lines
Diff to previous 1.89 (colored)
add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus
Revision 1.89 / (download) - annotate - [select for diffs], Fri Sep 13 04:36:43 2019 UTC (4 years, 7 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.88: +2 -1 lines
Diff to previous 1.88 (colored)
Plug mem leaks on error paths, based in part on github pr#120 from David Carlier. ok djm@.
Revision 1.88 / (download) - annotate - [select for diffs], Fri Sep 6 04:53:27 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.87: +2 -1 lines
Diff to previous 1.87 (colored)
lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly
Revision 1.87 / (download) - annotate - [select for diffs], Tue Sep 3 08:32:11 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.86: +1 -70 lines
Diff to previous 1.86 (colored)
move authorized_keys option parsing helpsers to misc.c and make them public; ok markus@
Revision 1.86 / (download) - annotate - [select for diffs], Tue Jul 9 04:15:00 2019 UTC (4 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)
cap the number of permiopen/permitlisten directives we're willing to parse on a single authorized_keys line; ok deraadt@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Jun 27 18:03:37 2019 UTC (4 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.84: +2 -2 lines
Diff to previous 1.84 (colored)
Some asprintf() calls were checked < 0, rather than the precise == -1. ok millert nicm tb, etc
Revision 1.84 / (download) - annotate - [select for diffs], Wed Oct 3 06:38:35 2018 UTC (5 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.83: +10 -7 lines
Diff to previous 1.83 (colored)
Allow ssh_config IdentityAgent directive to accept environment variable names as well as explicit paths. ok dtucker@
Revision 1.83 / (download) - annotate - [select for diffs], Tue Jun 19 02:59:41 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.82: +17 -5 lines
Diff to previous 1.82 (colored)
allow bare port numbers to appear in PermitListen directives, e.g. PermitListen 2222 8080 is equivalent to: PermitListen *:2222 *:8080 Some bonus manpage improvements, mostly from markus@ "looks fine" markus@
Revision 1.82 / (download) - annotate - [select for diffs], Thu Jun 7 09:26:42 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.81: +4 -4 lines
Diff to previous 1.81 (colored)
some permitlisten fixes from markus@ that I missed in my insomnia-fueled commits last night
Revision 1.81 / (download) - annotate - [select for diffs], Thu Jun 7 04:31:51 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.80: +5 -5 lines
Diff to previous 1.80 (colored)
fix regression caused by recent permitlisten option commit: authorized_keys lines that contained permitopen/permitlisten were being treated as invalid.
Revision 1.80 / (download) - annotate - [select for diffs], Wed Jun 6 18:23:32 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.79: +94 -46 lines
Diff to previous 1.79 (colored)
permitlisten option for authorized_keys; ok markus@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Apr 6 04:15:45 2018 UTC (6 years ago) by djm
Branch: MAIN
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)
relax checking of authorized_keys environment="..." options to allow underscores in variable names (regression introduced in 7.7). bz2851, ok deraadt@
Revision 1.78 / (download) - annotate - [select for diffs], Wed Mar 14 05:35:40 2018 UTC (6 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)
rename recently-added "valid-before" key restriction to "expiry-time" as the former is confusing wrt similar terminology in X.509; pointed out by jsing@
Revision 1.77 / (download) - annotate - [select for diffs], Mon Mar 12 00:52:01 2018 UTC (6 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.76: +29 -3 lines
Diff to previous 1.76 (colored)
add valid-before="[time]" authorized_keys option. A simple way of giving a key an expiry date. ok markus@
Revision 1.76 / (download) - annotate - [select for diffs], Sat Mar 3 03:15:51 2018 UTC (6 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.75: +3 -647 lines
Diff to previous 1.75 (colored)
switch over to the new authorized_keys options API and remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@
Revision 1.75 / (download) - annotate - [select for diffs], Sat Mar 3 03:06:02 2018 UTC (6 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.74: +828 -1 lines
Diff to previous 1.74 (colored)
Introduce a new API for handling authorized_keys options. This API parses options to a dedicated structure rather than the old API's approach of setting global state. It also includes support for merging options, e.g. from authorized_keys, authorized_principals and/or certificates. feedback and ok markus@
Revision 1.74 / (download) - annotate - [select for diffs], Tue Sep 12 06:32:07 2017 UTC (6 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.73: +8 -3 lines
Diff to previous 1.73 (colored)
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@
Revision 1.73 / (download) - annotate - [select for diffs], Wed May 31 10:54:00 2017 UTC (6 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.72: +3 -2 lines
Diff to previous 1.72 (colored)
make sure we don't pass a NULL string to vfprintf (triggered by the principals-command regress test); ok bluhm
Revision 1.72 / (download) - annotate - [select for diffs], Wed Nov 30 02:57:40 2016 UTC (7 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.71: +21 -6 lines
Diff to previous 1.71 (colored)
When a forced-command appears in both a certificate and an authorized keys/principals command= restriction, refuse to accept the certificate unless they are identical. The previous (documented) behaviour of having the certificate forced- command override the other could be a bit confused and more error-prone. Pointed out by Jann Horn of Project Zero; ok dtucker@
Revision 1.71 / (download) - annotate - [select for diffs], Mon Mar 7 19:02:43 2016 UTC (8 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.70: +8 -5 lines
Diff to previous 1.70 (colored)
refactor canohost.c: move functions that cache results closer to the places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Dec 10 17:08:40 2015 UTC (8 years, 4 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.69: +9 -17 lines
Diff to previous 1.69 (colored)
Remove NULL-checks before free(). ok dtucker@
Revision 1.69 / (download) - annotate - [select for diffs], Mon Nov 16 00:30:02 2015 UTC (8 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.68: +57 -30 lines
Diff to previous 1.68 (colored)
Add a new authorized_keys option "restrict" that includes all current and future key restrictions (no-*-forwarding, etc). Also add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty". This simplifies the task of setting up restricted keys and ensures they are maximally-restricted, regardless of any permissions we might implement in the future. Example: restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1... Idea from Jann Horn; ok markus@
Revision 1.68 / (download) - annotate - [select for diffs], Fri Jul 3 03:43:18 2015 UTC (8 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.67: +16 -30 lines
Diff to previous 1.67 (colored)
delete support for legacy v00 certificates; "sure" markus@ dtucker@
Revision 1.67 / (download) - annotate - [select for diffs], Fri May 1 03:20:54 2015 UTC (8 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.66: +14 -9 lines
Diff to previous 1.66 (colored)
Don't make parsing of authorized_keys' environment= option conditional on PermitUserEnv - always parse it, but only use the result if the option is enabled. This prevents the syntax of authorized_keys changing depending on which sshd_config options were enabled. bz#2329; based on patch from coladict AT gmail.com, ok dtucker@
Revision 1.66 / (download) - annotate - [select for diffs], Wed Apr 22 01:24:01 2015 UTC (9 years ago) by djm
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
unknown certificate extensions are non-fatal, so don't fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok dtucker@
Revision 1.65 / (download) - annotate - [select for diffs], Wed Jan 14 10:30:34 2015 UTC (9 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.64: +40 -46 lines
Diff to previous 1.64 (colored)
swith auth-options to new sshbuf/sshkey; ok djm@
Revision 1.64 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 9 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.63: +3 -2 lines
Diff to previous 1.63 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.63 / (download) - annotate - [select for diffs], Tue Jun 24 01:13:21 2014 UTC (9 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.62: +7 -7 lines
Diff to previous 1.62 (colored)
New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Revision 1.62 / (download) - annotate - [select for diffs], Thu Dec 19 00:27:57 2013 UTC (10 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.61: +7 -7 lines
Diff to previous 1.61 (colored)
simplify freeing of source-address certificate restriction
Revision 1.57.2.1 / (download) - annotate - [select for diffs], Fri Nov 8 05:52:21 2013 UTC (10 years, 5 months ago) by djm
Branch: OPENBSD_5_3
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored) next main 1.58 (colored)
openssh-6.4 for the 5.3 branch; reminded by deraadt@
Revision 1.59.2.1 / (download) - annotate - [select for diffs], Fri Nov 8 01:33:56 2013 UTC (10 years, 5 months ago) by djm
Branch: OPENBSD_5_4
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored) next main 1.60 (colored)
cherrypick commit: date: 2013/11/08 00:39:15; author: djm; state: Exp; lines: +2 -2; use calloc for all structure allocations; from markus@
Revision 1.61 / (download) - annotate - [select for diffs], Fri Nov 8 00:39:14 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)
use calloc for all structure allocations; from markus@
Revision 1.60 / (download) - annotate - [select for diffs], Sat Nov 2 22:34:01 2013 UTC (10 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.59: +1 -5 lines
Diff to previous 1.59 (colored)
no need to include monitor_wrap.h and ssh-gss.h
Revision 1.59 / (download) - annotate - [select for diffs], Fri Jul 12 00:19:58 2013 UTC (10 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE
Branch point for: OPENBSD_5_4
Changes since 1.58: +5 -3 lines
Diff to previous 1.58 (colored)
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
Revision 1.58 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (10 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.57: +30 -30 lines
Diff to previous 1.57 (colored)
bye, bye xfree(); ok markus@
Revision 1.57 / (download) - annotate - [select for diffs], Sun Dec 2 20:46:11 2012 UTC (11 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE
Branch point for: OPENBSD_5_3
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)
make AllowTcpForwarding accept "local" and "remote" in addition to its current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
Revision 1.56 / (download) - annotate - [select for diffs], Tue Oct 18 04:58:26 2011 UTC (12 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.55: +1 -15 lines
Diff to previous 1.55 (colored)
remove explict search for \0 in packet strings, this job is now done implicitly by buffer_get_cstring; ok markus
Revision 1.55 / (download) - annotate - [select for diffs], Fri Sep 23 00:22:04 2011 UTC (12 years, 7 months ago) by dtucker
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857, ok djm markus.
Revision 1.54 / (download) - annotate - [select for diffs], Fri Dec 24 21:41:48 2010 UTC (13 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
don't send the actual forced command in a debug message; ok markus deraadt
Revision 1.53 / (download) - annotate - [select for diffs], Tue Aug 31 09:58:37 2010 UTC (13 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.52: +4 -4 lines
Diff to previous 1.52 (colored)
Add buffer_get_cstring() and related functions that verify that the string extracted from the buffer contains no embedded \0 characters* This prevents random (possibly malicious) crap from being appended to strings where it would not be noticed if the string is used with a string(3) function. Use the new API in a few sensitive places. * actually, we allow a single one at the end of the string for now because we don't know how many deployed implementations get this wrong, but don't count on this to remain indefinitely.
Revision 1.52 / (download) - annotate - [select for diffs], Thu May 20 23:46:02 2010 UTC (13 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.51: +181 -103 lines
Diff to previous 1.51 (colored)
Move the permit-* options to the non-critical "extensions" field for v01 certificates. The logic is that if another implementation fails to implement them then the connection just loses features rather than fails outright. ok markus@
Revision 1.51 / (download) - annotate - [select for diffs], Fri May 7 11:30:29 2010 UTC (13 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.50: +42 -1 lines
Diff to previous 1.50 (colored)
add some optional indirection to matching of principal names listed in certificates. Currently, a certificate must include the a user's name to be accepted for authentication. This change adds the ability to specify a list of certificate principal names that are acceptable. When authenticating using a CA trusted through ~/.ssh/authorized_keys, this adds a new principals="name1[,name2,...]" key option. For CAs listed through sshd_config's TrustedCAKeys option, a new config option "AuthorizedPrincipalsFile" specifies a per-user file containing the list of acceptable names. If either option is absent, the current behaviour of requiring the username to appear in principals continues to apply. These options are useful for role accounts, disjoint account namespaces and "user@realm"-style naming policies in certificates. feedback and ok markus@
Revision 1.50 / (download) - annotate - [select for diffs], Fri Apr 16 01:47:26 2010 UTC (14 years ago) by djm
Branch: MAIN
Changes since 1.49: +11 -10 lines
Diff to previous 1.49 (colored)
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
Revision 1.49 / (download) - annotate - [select for diffs], Tue Mar 16 15:46:52 2010 UTC (14 years, 1 month ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.48: +3 -3 lines
Diff to previous 1.48 (colored)
spelling in error message. ok djm kettenis
Revision 1.48 / (download) - annotate - [select for diffs], Sun Mar 7 11:57:13 2010 UTC (14 years, 1 month ago) by dtucker
Branch: MAIN
Changes since 1.47: +1 -8 lines
Diff to previous 1.47 (colored)
Hold authentication debug messages until after successful authentication. Fixes an info leak of environment variables specified in authorized_keys, reported by Jacob Appelbaum. ok djm@
Revision 1.47 / (download) - annotate - [select for diffs], Thu Mar 4 23:27:25 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
"force-command" is not spelled "forced-command"; spotted by imorgan AT nas.nasa.gov
Revision 1.46 / (download) - annotate - [select for diffs], Wed Mar 3 01:44:36 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.45: +20 -8 lines
Diff to previous 1.45 (colored)
reject strings with embedded ASCII nul chars in certificate key IDs, principal names and constraints
Revision 1.45 / (download) - annotate - [select for diffs], Fri Feb 26 20:29:54 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.44: +149 -1 lines
Diff to previous 1.44 (colored)
Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Jan 22 10:09:16 2009 UTC (15 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
another chunk of a2port() diff that got away. wtfdjm??
Revision 1.43 / (download) - annotate - [select for diffs], Tue Jun 10 23:06:19 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.42: +17 -8 lines
Diff to previous 1.42 (colored)
support CIDR address matching in .ssh/authorized_keys from="..." stanzas ok and extensive testing dtucker@
Revision 1.42 / (download) - annotate - [select for diffs], Thu May 8 12:02:23 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.41: +2 -1 lines
Diff to previous 1.41 (colored)
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff)
Revision 1.41 / (download) - annotate - [select for diffs], Wed Mar 26 21:28:14 2008 UTC (16 years ago) by djm
Branch: MAIN
Changes since 1.40: +10 -1 lines
Diff to previous 1.40 (colored)
add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
Revision 1.31.4.2 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.31.4.1: +20 -8 lines
Diff to previous 1.31.4.1 (colored) to branchpoint 1.31 (colored) next main 1.32 (colored)
upgrade to OpenSSH 4.4
Revision 1.33.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.33: +20 -8 lines
Diff to previous 1.33 (colored) next main 1.34 (colored)
upgrade to OpenSSH 4.4
Revision 1.40 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:41 2006 UTC (17 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.39: +10 -4 lines
Diff to previous 1.39 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.39 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:22 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.38: +2 -1 lines
Diff to previous 1.38 (colored)
move #include <string.h> out of includes.h
Revision 1.38 / (download) - annotate - [select for diffs], Mon Jul 17 12:02:24 2006 UTC (17 years, 9 months ago) by dtucker
Branch: MAIN
Changes since 1.37: +6 -6 lines
Diff to previous 1.37 (colored)
Use '\0' rather than 0 to terminates strings; ok djm@
Revision 1.37 / (download) - annotate - [select for diffs], Wed Jul 12 22:28:51 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored)
move #include <netdb.h> out of includes.h; ok djm@
Revision 1.36 / (download) - annotate - [select for diffs], Thu Jul 6 16:03:53 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.35: +5 -1 lines
Diff to previous 1.35 (colored)
move #include <pwd.h> out of includes.h; ok markus@
Revision 1.35 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:01 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.34: +1 -0 lines
Diff to previous 1.34 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.34 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.33: +0 -1 lines
Diff to previous 1.33 (colored)
RCSID() can die
Revision 1.31.4.1 / (download) - annotate - [select for diffs], Fri Feb 3 03:01:55 2006 UTC (18 years, 2 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.31: +40 -1 lines
Diff to previous 1.31 (colored)
upgrade to OpenSSH 4.3
Revision 1.31.2.1 / (download) - annotate - [select for diffs], Fri Feb 3 02:53:44 2006 UTC (18 years, 2 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.31: +40 -1 lines
Diff to previous 1.31 (colored) next main 1.32 (colored)
upgrade to OpenSSH 4.3
Revision 1.33 / (download) - annotate - [select for diffs], Thu Dec 8 18:34:11 2005 UTC (18 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
two changes to the new ssh tunnel support. this breaks compatibility with the initial commit but is required for a portable approach. - make the tunnel id u_int and platform friendly, use predefined types. - support configuration of layer 2 (ethernet) or layer 3 (point-to-point, default) modes. configuration is done using the Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option in sshd_config(5). ok djm@, man page bits by jmc@
Revision 1.32 / (download) - annotate - [select for diffs], Tue Dec 6 22:38:27 2005 UTC (18 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.31: +40 -1 lines
Diff to previous 1.31 (colored)
Add support for tun(4) forwarding over OpenSSH, based on an idea and initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others
Revision 1.28.6.2 / (download) - annotate - [select for diffs], Sun Jun 5 02:22:39 2005 UTC (18 years, 10 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.28.6.1: +4 -4 lines
Diff to previous 1.28.6.1 (colored) to branchpoint 1.28 (colored) next main 1.29 (colored)
upgrade to OpenSSH 4.1
Revision 1.31 / (download) - annotate - [select for diffs], Thu Mar 10 22:40:38 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_8,
OPENBSD_3_7
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
spacing
Revision 1.30 / (download) - annotate - [select for diffs], Thu Mar 10 22:01:05 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
spacing
Revision 1.28.4.1 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:03 2005 UTC (19 years, 1 month ago) by brad
Branch: OPENBSD_3_5
Changes since 1.28: +16 -12 lines
Diff to previous 1.28 (colored) next main 1.29 (colored)
upgrade to OpenSSH 4.0
Revision 1.28.6.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 1 month ago) by brad
Branch: OPENBSD_3_6
Changes since 1.28: +16 -12 lines
Diff to previous 1.28 (colored)
upgrade to OpenSSH 4.0
Revision 1.29 / (download) - annotate - [select for diffs], Tue Mar 1 10:09:52 2005 UTC (19 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.28: +16 -12 lines
Diff to previous 1.28 (colored)
bz#413: allow optional specification of bind address for port forwardings. Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports. ok markus@
Revision 1.26.4.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 1 month ago) by brad
Branch: OPENBSD_3_3
Changes since 1.26.4.1: +0 -0 lines
Diff to previous 1.26.4.1 (colored) to branchpoint 1.26 (colored) next main 1.27 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.26.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:24 2003 UTC (20 years, 7 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.26: +4 -4 lines
Diff to previous 1.26 (colored) next main 1.27 (colored)
upgrade to OpenSSH 3.7
Revision 1.26.4.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:42 2003 UTC (20 years, 7 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.26: +4 -4 lines
Diff to previous 1.26 (colored)
upgrade to OpenSSH 3.7
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jun 2 09:17:34 2003 UTC (20 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_5_BASE,
OPENBSD_3_4_BASE,
OPENBSD_3_4
Branch point for: OPENBSD_3_6,
OPENBSD_3_5
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
Revision 1.27 / (download) - annotate - [select for diffs], Tue Apr 8 20:21:28 2003 UTC (21 years ago) by itojun
Branch: MAIN
Changes since 1.26: +3 -3 lines
Diff to previous 1.26 (colored)
rename log() into logit() to avoid name conflict. markus ok, from netbsd
Revision 1.20.2.3 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:06 2002 UTC (21 years, 6 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.20.2.2: +3 -4 lines
Diff to previous 1.20.2.2 (colored) to branchpoint 1.20 (colored) next main 1.21 (colored)
Update to OpenSSH 3.5
Revision 1.23.2.4 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:51 2002 UTC (21 years, 6 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.23.2.3: +3 -4 lines
Diff to previous 1.23.2.3 (colored) to branchpoint 1.23 (colored) next main 1.24 (colored)
Update to OpenSSH 3.5
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jul 30 17:03:55 2002 UTC (21 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_3,
OPENBSD_3_2
Changes since 1.25: +3 -2 lines
Diff to previous 1.25 (colored)
add PermitUserEnvironment (off by default!); from dot@dotat.at; ok provos, deraadt
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jul 21 18:32:20 2002 UTC (21 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.24: +1 -3 lines
Diff to previous 1.24 (colored)
unneeded includes
Revision 1.23.2.3 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:37 2002 UTC (21 years, 9 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.23.2.2: +0 -0 lines
Diff to previous 1.23.2.2 (colored) to branchpoint 1.23 (colored)
Pull in OpenSSH-3.4
Revision 1.16.2.3 / (download) - annotate - [select for diffs], Sun Jun 2 22:56:09 2002 UTC (21 years, 10 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.16.2.2: +27 -15 lines
Diff to previous 1.16.2.2 (colored) to branchpoint 1.16 (colored) next main 1.17 (colored)
Upgrade to OpenSSH 3.2.3. Except for improbable compilation error fixes, this should be the last commit made to the 2.9-STABLE branche. Have fun upgrading.
Revision 1.23.2.2 / (download) - annotate - [select for diffs], Sat May 18 04:50:37 2002 UTC (21 years, 11 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.23.2.1: +0 -0 lines
Diff to previous 1.23.2.1 (colored) to branchpoint 1.23 (colored)
Update to OpenSSH-3.2.3
Revision 1.23.2.1 / (download) - annotate - [select for diffs], Sat May 18 04:12:10 2002 UTC (21 years, 11 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.23: +19 -57 lines
Diff to previous 1.23 (colored)
Update to OpenSSH-3.2.2
Revision 1.20.2.2 / (download) - annotate - [select for diffs], Fri May 17 00:03:23 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.20.2.1: +27 -15 lines
Diff to previous 1.20.2.1 (colored) to branchpoint 1.20 (colored)
Update OpenSSH to version 3.2.2.
Revision 1.24 / (download) - annotate - [select for diffs], Mon May 13 20:44:58 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.23: +19 -57 lines
Diff to previous 1.23 (colored)
move the packet_send_debug handling from auth-options.c to auth.c; ok provos@
Revision 1.23 / (download) - annotate - [select for diffs], Tue Mar 19 10:35:39 2002 UTC (22 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)
clean up prototypes
Revision 1.22 / (download) - annotate - [select for diffs], Mon Mar 18 17:50:31 2002 UTC (22 years, 1 month ago) by provos
Branch: MAIN
Changes since 1.21: +65 -15 lines
Diff to previous 1.21 (colored)
integrate privilege separated openssh; its turned off by default for now. work done by me and markus@
Revision 1.16.2.2 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:43 2002 UTC (22 years, 1 month ago) by miod
Branch: OPENBSD_2_9
Changes since 1.16.2.1: +2 -2 lines
Diff to previous 1.16.2.1 (colored) to branchpoint 1.16 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.5.2.6 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:41 2002 UTC (22 years, 1 month ago) by brad
Branch: OPENBSD_2_8
Changes since 1.5.2.5: +2 -2 lines
Diff to previous 1.5.2.5 (colored) to branchpoint 1.5 (colored) next main 1.6 (colored)
Merge OpenSSH 3.1.
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 1 month ago) by jason
Branch: OPENBSD_3_0
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.21 / (download) - annotate - [select for diffs], Tue Jan 29 14:32:03 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
Revision 1.16.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:54 2001 UTC (22 years, 6 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.16: +19 -30 lines
Diff to previous 1.16 (colored)
Pull in OpenSSH-2.9.9
Revision 1.5.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:41 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.5.2.4: +19 -30 lines
Diff to previous 1.5.2.4 (colored) to branchpoint 1.5 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.20 / (download) - annotate - [select for diffs], Thu Aug 30 20:36:34 2001 UTC (22 years, 7 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.19: +15 -17 lines
Diff to previous 1.19 (colored)
validate ports for permitopen key file option. add host/port alternative syntax for IPv6. ok markus@
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jun 24 05:25:09 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.18: +5 -14 lines
Diff to previous 1.18 (colored)
move ip+hostname check to match.c
Revision 1.18 / (download) - annotate - [select for diffs], Thu May 31 10:30:12 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
undo the .c file split, just merge the header and keep the cvs history
Revision 1.17 / (download) - annotate - [select for diffs], Wed May 30 12:55:06 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
channel layer cleanup: merge header files and split .c files
Revision 1.5.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:25 2001 UTC (22 years, 11 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.5.2.3: +0 -0 lines
Diff to previous 1.5.2.3 (colored) to branchpoint 1.5 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.5.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:22 2001 UTC (23 years, 1 month ago) by jason
Branch: OPENBSD_2_8
Changes since 1.5.2.2: +66 -7 lines
Diff to previous 1.5.2.2 (colored) to branchpoint 1.5 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.2.2.4 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:32 2001 UTC (23 years, 1 month ago) by jason
Branch: OPENBSD_2_7
Changes since 1.2.2.3: +66 -7 lines
Diff to previous 1.2.2.3 (colored) next main 1.3 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.16 / (download) - annotate - [select for diffs], Sun Mar 18 12:07:52 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.15: +3 -2 lines
Diff to previous 1.15 (colored)
ignore permitopen="host:port" if AllowTcpForwarding==no
Revision 1.15 / (download) - annotate - [select for diffs], Fri Mar 16 19:06:28 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.14: +58 -4 lines
Diff to previous 1.14 (colored)
implement "permitopen" key option, restricts -L style forwarding to to specified host:port pairs. based on work by harlan@genua.de
Revision 1.14 / (download) - annotate - [select for diffs], Tue Mar 13 17:34:42 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.13: +8 -4 lines
Diff to previous 1.13 (colored)
missing xfree, deny key on parse error; ok stevesk@
Revision 1.2.2.3 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:07 2001 UTC (23 years, 1 month ago) by jason
Branch: OPENBSD_2_7
Changes since 1.2.2.2: +80 -70 lines
Diff to previous 1.2.2.2 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.5.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:18:33 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.5.2.1: +0 -0 lines
Diff to previous 1.5.2.1 (colored) to branchpoint 1.5 (colored)
Pull in OpenSSH-2.5.1
Revision 1.5.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:12:51 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.5: +80 -70 lines
Diff to previous 1.5 (colored)
Pull in OpenSSH 2.5.0
Revision 1.13 / (download) - annotate - [select for diffs], Fri Feb 9 13:38:07 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.12: +4 -3 lines
Diff to previous 1.12 (colored)
reset options if no option is given; from han.holl@prismant.nl
Revision 1.12 / (download) - annotate - [select for diffs], Sat Feb 3 10:08:36 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.11: +65 -57 lines
Diff to previous 1.11 (colored)
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:41 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.10: +4 -2 lines
Diff to previous 1.10 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.10 / (download) - annotate - [select for diffs], Sat Jan 20 15:55:20 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.9: +14 -12 lines
Diff to previous 1.9 (colored)
pass the filename to auth_parse_options()
Revision 1.9 / (download) - annotate - [select for diffs], Fri Jan 19 15:55:10 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.8: +10 -9 lines
Diff to previous 1.8 (colored)
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
Revision 1.8 / (download) - annotate - [select for diffs], Sat Jan 13 18:38:00 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.7: +1 -5 lines
Diff to previous 1.7 (colored)
fix comment
Revision 1.7 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:54 2000 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Nov 15 22:31:36 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.5: +8 -8 lines
Diff to previous 1.5 (colored)
case insensitive key options; from stevesk@sweden.hp.com
Revision 1.2.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 21:30:17 2000 UTC (23 years, 5 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.2.2.1: +43 -20 lines
Diff to previous 1.2.2.1 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.5 / (download) - annotate - [select for diffs], Mon Oct 9 21:32:34 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.4: +28 -20 lines
Diff to previous 1.4 (colored)
clear options on every call.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Sep 7 21:13:36 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.3: +1 -24 lines
Diff to previous 1.3 (colored)
some more Copyright fixes
Revision 1.3 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:49 2000 UTC (23 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +39 -1 lines
Diff to previous 1.2 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.2.2.1 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:16 2000 UTC (23 years, 7 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.2 / (download) - annotate - [select for diffs], Tue Jun 20 01:39:38 2000 UTC (23 years, 10 months ago) by markus
Branch: MAIN
Branch point for: OPENBSD_2_7
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
OpenBSD tag
Revision 1.1 / (download) - annotate - [select for diffs], Sun Jun 18 04:05:01 2000 UTC (23 years, 10 months ago) by markus
Branch: MAIN
split auth-rsa option parsing into auth-options add options support to authorized_keys2