![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.55 / (download) - annotate - [select for diffs], Mon Jan 8 05:05:15 2024 UTC (4 months, 1 week ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.54: +2 -1 lines
Diff to previous 1.54 (colored)
fix missing field in users-groups-by-id@openssh.com reply documentation GHPR441 from TJ Saunders
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jan 8 04:10:03 2024 UTC (4 months, 1 week ago) by djm
Branch: MAIN
Changes since 1.53: +8 -7 lines
Diff to previous 1.53 (colored)
make kex-strict section more explicit about its intent: banning all messages not strictly required in KEX
Revision 1.53 / (download) - annotate - [select for diffs], Wed Dec 20 00:06:25 2023 UTC (4 months, 3 weeks ago) by jsg
Branch: MAIN
Changes since 1.52: +3 -3 lines
Diff to previous 1.52 (colored)
spelling; ok markus@
Revision 1.52 / (download) - annotate - [select for diffs], Tue Dec 19 06:41:14 2023 UTC (4 months, 4 weeks ago) by djm
Branch: MAIN
Changes since 1.51: +3 -3 lines
Diff to previous 1.51 (colored)
correct section numbers; from Ed Maste
Revision 1.48.4.1 / (download) - annotate - [select for diffs], Mon Dec 18 14:57:43 2023 UTC (4 months, 4 weeks ago) by bluhm
Branch: OPENBSD_7_3
Changes since 1.48: +27 -1 lines
Diff to previous 1.48 (colored) next main 1.49 (colored)
implement "strict key exchange" in ssh and sshd This adds a protocol extension to improve the integrity of the SSH transport protocol, particular in and around the initial key exchange (KEX) phase. Full details of the extension are in the PROTOCOL file. from djm@; with markus@ this is errata/7.3/024_ssh.patch.sig
Revision 1.49.2.1 / (download) - annotate - [select for diffs], Mon Dec 18 14:56:35 2023 UTC (4 months, 4 weeks ago) by bluhm
Branch: OPENBSD_7_4
Changes since 1.49: +27 -1 lines
Diff to previous 1.49 (colored) next main 1.50 (colored)
implement "strict key exchange" in ssh and sshd This adds a protocol extension to improve the integrity of the SSH transport protocol, particular in and around the initial key exchange (KEX) phase. Full details of the extension are in the PROTOCOL file. from djm@; with markus@ this is errata/7.4/011_ssh.patch.sig
Revision 1.51 / (download) - annotate - [select for diffs], Mon Dec 18 14:45:49 2023 UTC (4 months, 4 weeks ago) by djm
Branch: MAIN
Changes since 1.50: +20 -1 lines
Diff to previous 1.50 (colored)
add "ext-info-in-auth@openssh.com" extension This adds another transport protocol extension to allow a sshd to send SSH2_MSG_EXT_INFO during user authentication, after the server has learned the username that is being logged in to. This lets sshd to update the acceptable signature algoritms for public key authentication, and allows these to be varied via sshd_config(5) "Match" directives, which are evaluated after the server learns the username being authenticated. Full details in the PROTOCOL file
Revision 1.50 / (download) - annotate - [select for diffs], Mon Dec 18 14:45:17 2023 UTC (4 months, 4 weeks ago) by djm
Branch: MAIN
Changes since 1.49: +27 -1 lines
Diff to previous 1.49 (colored)
implement "strict key exchange" in ssh and sshd This adds a protocol extension to improve the integrity of the SSH transport protocol, particular in and around the initial key exchange (KEX) phase. Full details of the extension are in the PROTOCOL file. with markus@
Revision 1.49 / (download) - annotate - [select for diffs], Mon Aug 28 03:28:43 2023 UTC (8 months, 2 weeks ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE
Branch point for: OPENBSD_7_4
Changes since 1.48: +34 -1 lines
Diff to previous 1.48 (colored)
Introduce a transport-level ping facility This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to implement a ping capability. These messages use numbers in the "local extensions" number space and are advertised using a "ping@openssh.com" ext-info message with a string version number of "0". ok markus@
Revision 1.48 / (download) - annotate - [select for diffs], Mon Nov 7 01:53:01 2022 UTC (18 months, 1 week ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE
Branch point for: OPENBSD_7_3
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
Fix typo. From pablomh via -portable github PR#344.
Revision 1.47 / (download) - annotate - [select for diffs], Mon Sep 19 10:40:52 2022 UTC (19 months, 3 weeks ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.46: +42 -1 lines
Diff to previous 1.46 (colored)
sftp-server(8): add a "users-groups-by-id@openssh.com" extension request that allows the client to obtain user/group names that correspond to a set of uids/gids. Will be used to make directory listings more useful and consistent in sftp(1). ok markus@
Revision 1.46 / (download) - annotate - [select for diffs], Fri Aug 12 05:20:28 2022 UTC (21 months ago) by djm
Branch: MAIN
Changes since 1.45: +21 -1 lines
Diff to previous 1.45 (colored)
sftp-server: support home-directory request Add support to the sftp-server for the home-directory extension defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing expand-path@openssh.com, but uses a more official protocol name, and so is a bit more likely to be implemented by non-OpenSSH clients. From Mike Frysinger, ok dtucker@
Revision 1.45 / (download) - annotate - [select for diffs], Fri Apr 8 05:43:39 2022 UTC (2 years, 1 month ago) by dtucker
Branch: MAIN
Changes since 1.44: +3 -1 lines
Diff to previous 1.44 (colored)
Note that curve25519-sha256 was later published in RFC8731. ok djm@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Mar 31 03:05:49 2022 UTC (2 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.43: +39 -2 lines
Diff to previous 1.43 (colored)
add support for the "corp-data" protocol extension to allow server-side copies to be performed without having to go via the client. Patch by Mike Frysinger, ok dtucker@
Revision 1.43 / (download) - annotate - [select for diffs], Sun Dec 19 22:15:42 2021 UTC (2 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.42: +53 -16 lines
Diff to previous 1.42 (colored)
document host-bound publickey authentication
Revision 1.42 / (download) - annotate - [select for diffs], Mon Aug 9 23:47:44 2021 UTC (2 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.41: +20 -1 lines
Diff to previous 1.41 (colored)
SFTP protocol extension to allow the server to expand ~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept these paths, like scp in rcp mode does. prompted by and much discussion deraadt@ ok markus@
Revision 1.41 / (download) - annotate - [select for diffs], Thu Feb 18 02:49:35 2021 UTC (3 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.40: +2 -1 lines
Diff to previous 1.40 (colored)
Fix the hostkeys rotation extension documentation The documentation was lacking the needed want-reply field in the initial global request. https://github.com/openssh/openssh-portable/pull/218 by dbussink
Revision 1.40 / (download) - annotate - [select for diffs], Thu Feb 18 00:30:17 2021 UTC (3 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.39: +44 -1 lines
Diff to previous 1.39 (colored)
sftp-server: implement limits@openssh.com extension This is a simple extension that allows the server to clearly communicate transfer limits it is imposing so the client doesn't have to guess, or force the user to manually tune. This is particularly useful when an attempt to use too large of a value causes the server to abort the connection. Patch from Mike Frysinger; ok dtucker@
Revision 1.39 / (download) - annotate - [select for diffs], Fri Feb 12 03:49:09 2021 UTC (3 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.38: +17 -1 lines
Diff to previous 1.38 (colored)
sftp: add missing lsetstat@openssh.com documentation patch from Mike Frysinger
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jul 5 23:59:45 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.37: +3 -3 lines
Diff to previous 1.37 (colored)
some language improvements; ok markus
Revision 1.37 / (download) - annotate - [select for diffs], Fri Feb 21 00:04:43 2020 UTC (4 years, 2 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.36: +3 -3 lines
Diff to previous 1.36 (colored)
Fix some typos and an incorrect word in docs. Patch from itoama at live.jp via github PR#172.
Revision 1.36 / (download) - annotate - [select for diffs], Tue Oct 2 12:51:58 2018 UTC (5 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.35: +8 -1 lines
Diff to previous 1.35 (colored)
mention INFO@openssh.com for sending SIGINFO
Revision 1.35 / (download) - annotate - [select for diffs], Fri Aug 10 00:44:01 2018 UTC (5 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.34: +6 -6 lines
Diff to previous 1.34 (colored)
improve
Revision 1.34 / (download) - annotate - [select for diffs], Fri Aug 10 00:42:29 2018 UTC (5 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.33: +32 -1 lines
Diff to previous 1.33 (colored)
Describe pubkey format, prompted by bz#2853 While I'm here, describe and link to the remaining local PROTOCOL.* docs that weren't already mentioned (PROTOCOL.key, PROTOCOL.krl and PROTOCOL.mux)
Revision 1.33 / (download) - annotate - [select for diffs], Fri Aug 10 00:27:15 2018 UTC (5 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)
fix numbering
Revision 1.32 / (download) - annotate - [select for diffs], Mon Feb 19 00:55:02 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.31: +9 -5 lines
Diff to previous 1.31 (colored)
emphasise that the hostkey rotation may send key types that the client may not support, and that the client should simply disregard such keys (this is what ssh does already).
Revision 1.31 / (download) - annotate - [select for diffs], Fri May 26 01:40:07 2017 UTC (6 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.30: +3 -3 lines
Diff to previous 1.30 (colored)
fix references to obsolete v00 cert format; spotted by Jakub Jelen
Revision 1.30 / (download) - annotate - [select for diffs], Fri Apr 8 06:35:54 2016 UTC (8 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.29: +3 -1 lines
Diff to previous 1.29 (colored)
We accidentally send an empty string and a zero uint32 with every direct-streamlocal@openssh.com channel open, in contravention of our own spec. Fixing this is too hard wrt existing versions that expect these fields to be present and fatal() if they aren't, so document them as "reserved" fields in the PROTOCOL spec as though we always intended this and let us never speak of it again. bz#2529, reported by Ron Frederick
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jul 17 03:09:19 2015 UTC (8 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.28: +1 -2 lines
Diff to previous 1.28 (colored)
direct-streamlocal@openssh.com Unix domain foward messages do not contain a "reserved for future use" field and in fact, serverloop.c checks that there isn't one. Remove erroneous mention from PROTOCOL description. bz#2421 from Daniel Black
Revision 1.28 / (download) - annotate - [select for diffs], Fri May 8 03:56:51 2015 UTC (9 years ago) by djm
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
whitespace at EOL
Revision 1.27 / (download) - annotate - [select for diffs], Fri Feb 20 22:17:21 2015 UTC (9 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.26: +6 -6 lines
Diff to previous 1.26 (colored)
UpdateHostKeys fixes: I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this)
Revision 1.26 / (download) - annotate - [select for diffs], Mon Feb 16 22:13:32 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.25: +40 -15 lines
Diff to previous 1.25 (colored)
Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
Revision 1.25 / (download) - annotate - [select for diffs], Mon Jan 26 03:04:45 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.24: +23 -1 lines
Diff to previous 1.24 (colored)
Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.23: +51 -1 lines
Diff to previous 1.23 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.23 / (download) - annotate - [select for diffs], Sun Dec 1 23:19:05 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.22: +7 -1 lines
Diff to previous 1.22 (colored)
mention curve25519-sha256@libssh.org key exchange algorithm
Revision 1.22 / (download) - annotate - [select for diffs], Thu Nov 21 00:45:43 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.21: +6 -1 lines
Diff to previous 1.21 (colored)
Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
Revision 1.21 / (download) - annotate - [select for diffs], Thu Oct 17 00:30:13 2013 UTC (10 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.20: +15 -1 lines
Diff to previous 1.20 (colored)
fsync@openssh.com protocol extension for sftp-server client support to allow calling fsync() faster successful transfer patch mostly by imorgan AT nas.nasa.gov; bz#1798 "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
Revision 1.20 / (download) - annotate - [select for diffs], Tue Jan 8 18:49:04 2013 UTC (11 years, 4 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.19: +13 -1 lines
Diff to previous 1.19 (colored)
support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Jan 3 12:49:01 2013 UTC (11 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.18: +4 -3 lines
Diff to previous 1.18 (colored)
fix description of MAC calculation for EtM modes; ok markus@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Dec 11 22:31:18 2012 UTC (11 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.17: +28 -1 lines
Diff to previous 1.17 (colored)
add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@
Revision 1.17 / (download) - annotate - [select for diffs], Sat Dec 4 00:18:01 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.16: +17 -1 lines
Diff to previous 1.16 (colored)
add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command; based on a patch from miklos AT szeredi.hu in bz#1555; ok markus@
Revision 1.16 / (download) - annotate - [select for diffs], Tue Aug 31 11:54:45 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.15: +31 -14 lines
Diff to previous 1.15 (colored)
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Feb 26 20:29:54 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.14: +15 -8 lines
Diff to previous 1.14 (colored)
Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jan 9 00:57:10 2010 UTC (14 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
tweak language
Revision 1.13 / (download) - annotate - [select for diffs], Sun Dec 20 23:20:40 2009 UTC (14 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.12: +6 -6 lines
Diff to previous 1.12 (colored)
fix an incorrect magic number and typo in PROTOCOL; bz#1688 report and fix from ueno AT unixuser.org
Revision 1.12 / (download) - annotate - [select for diffs], Sat Feb 14 06:35:49 2009 UTC (15 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.11: +12 -1 lines
Diff to previous 1.11 (colored)
mention that eow and no-more-sessions extensions are sent only to OpenSSH peers
Revision 1.11 / (download) - annotate - [select for diffs], Sat Jul 5 05:16:01 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
grammar
Revision 1.10 / (download) - annotate - [select for diffs], Mon Jun 30 12:18:34 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.9: +4 -4 lines
Diff to previous 1.9 (colored)
clarify that eow@openssh.com is only sent on session channels
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jun 28 14:08:30 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.8: +4 -1 lines
Diff to previous 1.8 (colored)
document the protocol used by ssh-agent; "looks ok" markus@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Jun 28 07:25:07 2008 UTC (15 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.7: +7 -7 lines
Diff to previous 1.7 (colored)
spelling fixes
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jun 12 05:15:41 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.6: +66 -6 lines
Diff to previous 1.6 (colored)
document tun@openssh.com forwarding method
Revision 1.6 / (download) - annotate - [select for diffs], Tue Jun 10 22:15:23 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.5: +28 -5 lines
Diff to previous 1.5 (colored)
Add a no-more-sessions@openssh.com global request extension that the client sends when it knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session. Why would a non-multiplexing client ever issue additional session requests? It could have been attacked with something like SSH'jack: http://www.storm.net.nz/projects/7 feedback & ok markus
Revision 1.5 / (download) - annotate - [select for diffs], Mon Jun 9 13:38:46 2008 UTC (15 years, 11 months ago) by dtucker
Branch: MAIN
Changes since 1.4: +1 -1 lines
Diff to previous 1.4 (colored)
Use a $OpenBSD tag so our scripts will sync changes.
Revision 1.4 / (download) - annotate - [select for diffs], Sun Jun 8 20:15:29 2008 UTC (15 years, 11 months ago) by dtucker
Branch: MAIN
Changes since 1.3: +5 -5 lines
Diff to previous 1.3 (colored)
Have the sftp client store the statvfs replies in wire format, which prevents problems when the server's native sizes exceed the client's. Also extends the sizes of the remaining 32bit wire format to 64bit, they're specified as unsigned long in the standard.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Jun 7 21:52:46 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.2: +5 -2 lines
Diff to previous 1.2 (colored)
statvfs member fsid needs to be wider, increase it to 64 bits and crank extension revision number to 2; prodded and ok dtucker@
Revision 1.2 / (download) - annotate - [select for diffs], Sat May 17 01:31:56 2008 UTC (16 years ago) by djm
Branch: MAIN
Changes since 1.1: +7 -7 lines
Diff to previous 1.1 (colored)
grammar and correctness fixes from stevesk@
Revision 1.1 / (download) - annotate - [select for diffs], Fri May 16 08:30:42 2008 UTC (16 years ago) by djm
Branch: MAIN
document our protocol extensions and deviations; ok markus@