![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.338 / (download) - annotate - [select for diffs], Fri May 17 00:30:24 2024 UTC (4 hours, 11 minutes ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.337: +5 -18 lines
Diff to previous 1.337 (colored)
Start the process of splitting sshd into separate binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out.
Revision 1.337 / (download) - annotate - [select for diffs], Thu Feb 1 02:37:33 2024 UTC (3 months, 2 weeks ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.336: +2 -2 lines
Diff to previous 1.336 (colored)
whitespace
Revision 1.336 / (download) - annotate - [select for diffs], Thu Aug 10 23:05:48 2023 UTC (9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.335: +11 -4 lines
Diff to previous 1.335 (colored)
better debug logging of sessions' exit status
Revision 1.335 / (download) - annotate - [select for diffs], Tue Mar 7 06:09:14 2023 UTC (14 months, 1 week ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.334: +2 -1 lines
Diff to previous 1.334 (colored)
Fix mem leak in environment setup. From jjelen at redhat.com via bz#2687, ok djm@
Revision 1.334 / (download) - annotate - [select for diffs], Sun Mar 5 05:34:09 2023 UTC (14 months, 1 week ago) by dtucker
Branch: MAIN
Changes since 1.333: +1 -2 lines
Diff to previous 1.333 (colored)
Remove unused compat.h includes. We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it.
Revision 1.333 / (download) - annotate - [select for diffs], Fri Jan 6 02:42:34 2023 UTC (16 months, 1 week ago) by djm
Branch: MAIN
Changes since 1.332: +11 -2 lines
Diff to previous 1.332 (colored)
Add channel_set_xtype() This sets an "extended" channel type after channel creation (e.g. "session:subsystem:sftp") that will be used for setting channel inactivity timeouts. ok markus dtucker
Revision 1.332 / (download) - annotate - [select for diffs], Fri Jan 6 02:41:49 2023 UTC (16 months, 1 week ago) by djm
Branch: MAIN
Changes since 1.331: +2 -2 lines
Diff to previous 1.331 (colored)
tweak channel ctype names These are now used by sshd_config:ChannelTimeouts to specify timeouts by channel type, so force them all to use a similar format without whitespace. ok dtucker markus
Revision 1.331 / (download) - annotate - [select for diffs], Fri Jan 6 02:39:59 2023 UTC (16 months, 1 week ago) by djm
Branch: MAIN
Changes since 1.330: +8 -6 lines
Diff to previous 1.330 (colored)
Add channel_force_close() This will forcibly close an open channel by simulating read/write errors, draining the IO buffers and calling the detach function. Previously the detach function was only ever called during channel garbage collection, but there was no way to signal the user of a channel (e.g. session.c) that its channel was being closed deliberately (vs. by the usual state-machine logic). So this adds an extra "force" argument to the channel cleanup callback to indicate this condition. ok markus dtucker
Revision 1.330 / (download) - annotate - [select for diffs], Tue Feb 8 08:59:12 2022 UTC (2 years, 3 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.329: +2 -2 lines
Diff to previous 1.329 (colored)
Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdelim accepted ":" or "/" as a port delimiter between hosts (or addresses) and ports. These days most of the uses for "/" are no longer accepted, so there are several places where it checks the delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2 in the other cases. ok djm@
Revision 1.329 / (download) - annotate - [select for diffs], Wed Aug 11 05:20:17 2021 UTC (2 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.328: +2 -3 lines
Diff to previous 1.328 (colored)
remove a bunch of %p in format strings; leftovers of debuggings past. prompted by Michael Forney, ok dtucker@
Revision 1.328 / (download) - annotate - [select for diffs], Sat Apr 3 06:18:41 2021 UTC (3 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.327: +2 -2 lines
Diff to previous 1.327 (colored)
highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on continuation lines. Prompted by GHPR#185
Revision 1.327 / (download) - annotate - [select for diffs], Mon Dec 14 03:13:12 2020 UTC (3 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.326: +3 -3 lines
Diff to previous 1.326 (colored)
use _PATH_SSH_USER_DIR instead of hardcoded .ssh in path
Revision 1.326 / (download) - annotate - [select for diffs], Sat Nov 28 03:27:59 2020 UTC (3 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.325: +2 -2 lines
Diff to previous 1.325 (colored)
check result of strchr() against NULL rather than searched-for characters; from zhongjubin@huawei.com
Revision 1.325 / (download) - annotate - [select for diffs], Sun Oct 18 11:32:02 2020 UTC (3 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.324: +60 -71 lines
Diff to previous 1.324 (colored)
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
Revision 1.324 / (download) - annotate - [select for diffs], Tue Jul 7 02:47:21 2020 UTC (3 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.323: +2 -2 lines
Diff to previous 1.323 (colored)
correct recently broken comments
Revision 1.323 / (download) - annotate - [select for diffs], Sun Jul 5 23:59:45 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.322: +10 -10 lines
Diff to previous 1.322 (colored)
some language improvements; ok markus
Revision 1.322 / (download) - annotate - [select for diffs], Fri Jul 3 07:02:37 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.321: +2 -2 lines
Diff to previous 1.321 (colored)
avoid tilde_expand_filename() in expanding ~/.ssh/rc - if sshd is in chroot mode, the likely absence of a password database will cause tilde_expand_filename() to fatal; ok dtucker@
Revision 1.321 / (download) - annotate - [select for diffs], Fri Jul 3 06:46:41 2020 UTC (3 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.320: +4 -1 lines
Diff to previous 1.320 (colored)
when redirecting sshd's log output to a file, undo this redirection after the session child process is forked(); ok dtucker@
Revision 1.320 / (download) - annotate - [select for diffs], Fri Jun 26 04:45:11 2020 UTC (3 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.319: +12 -8 lines
Diff to previous 1.319 (colored)
Expand path to ~/.ssh/rc rather than relying on it being relative to the current directory, so that it'll still be found if the shell startup changes its directory. Since the path is potentially longer, make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@
Revision 1.319 / (download) - annotate - [select for diffs], Fri Mar 13 03:17:07 2020 UTC (4 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.318: +3 -3 lines
Diff to previous 1.318 (colored)
spelling errors in comments; no code change from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
Revision 1.318 / (download) - annotate - [select for diffs], Thu Jan 23 07:10:22 2020 UTC (4 years, 3 months ago) by dtucker
Branch: MAIN
Changes since 1.317: +2 -2 lines
Diff to previous 1.317 (colored)
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
Revision 1.317 / (download) - annotate - [select for diffs], Wed Nov 13 04:47:52 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.316: +2 -1 lines
Diff to previous 1.316 (colored)
stdarg.h required more broadly; ok djm
Revision 1.316 / (download) - annotate - [select for diffs], Fri Jun 28 13:35:04 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.315: +24 -24 lines
Diff to previous 1.315 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.315 / (download) - annotate - [select for diffs], Fri Feb 22 03:37:11 2019 UTC (5 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.314: +3 -1 lines
Diff to previous 1.314 (colored)
perform removal of agent-forwarding directory in forward setup error path with user's privileged. This is a no-op as this code always runs with user privilege now that we no longer support running sshd with privilege separation disabled, but as long as the privsep skeleton is there we should follow the rules. bz#2969 with patch from Erik Sjölund
Revision 1.314 / (download) - annotate - [select for diffs], Sun Feb 10 11:10:57 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.313: +6 -3 lines
Diff to previous 1.313 (colored)
syslog when connection is dropped for attempting to run a command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
Revision 1.313 / (download) - annotate - [select for diffs], Tue Feb 5 11:35:56 2019 UTC (5 years, 3 months ago) by dtucker
Branch: MAIN
Changes since 1.312: +2 -2 lines
Diff to previous 1.312 (colored)
Adapt code in the non-USE_PIPES codepath to the new packet API. This code is not normally reachable since USE_PIPES is always defined. bz#2961, patch from adrian.fita at gmail com.
Revision 1.312 / (download) - annotate - [select for diffs], Sat Jan 19 21:41:53 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.311: +84 -60 lines
Diff to previous 1.311 (colored)
convert session.c to new packet API with & ok markus@
Revision 1.311 / (download) - annotate - [select for diffs], Sat Jan 19 21:41:18 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.310: +2 -2 lines
Diff to previous 1.310 (colored)
convert auth.c to new packet API with & ok markus@
Revision 1.310 / (download) - annotate - [select for diffs], Sat Jan 19 21:31:32 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.309: +4 -1 lines
Diff to previous 1.309 (colored)
begin landing remaining refactoring of packet parsing API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@
Revision 1.309 / (download) - annotate - [select for diffs], Thu Jan 17 04:45:09 2019 UTC (5 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.308: +2 -2 lines
Diff to previous 1.308 (colored)
tun_fwd_ifnames variable should be extern; from Hanno Böck
Revision 1.308 / (download) - annotate - [select for diffs], Fri Nov 16 03:26:01 2018 UTC (5 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.307: +2 -2 lines
Diff to previous 1.307 (colored)
use path_absolute() for pathname checks; from Manoj Ampalam
Revision 1.307 / (download) - annotate - [select for diffs], Thu Oct 4 00:10:11 2018 UTC (5 years, 7 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.306: +5 -4 lines
Diff to previous 1.306 (colored)
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
Revision 1.306 / (download) - annotate - [select for diffs], Tue Oct 2 12:40:07 2018 UTC (5 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.305: +75 -1 lines
Diff to previous 1.305 (colored)
Add server support for signalling sessions via the SSH channel/ session protocol. Signalling is only supported to sesssions that are not subsystems and were not started with a forced command. Long requested in bz#1424 Based on a patch from markus@ and reworked by dtucker@; ok markus@ dtucker@
Revision 1.305 / (download) - annotate - [select for diffs], Wed Jul 25 13:56:23 2018 UTC (5 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.304: +2 -2 lines
Diff to previous 1.304 (colored)
fix indent; Clemens Goessnitzer
Revision 1.304 / (download) - annotate - [select for diffs], Wed Jul 11 18:53:29 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.303: +2 -2 lines
Diff to previous 1.303 (colored)
remove legacy key emulation layer; ok djm@
Revision 1.303 / (download) - annotate - [select for diffs], Mon Jul 9 21:26:02 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.302: +13 -9 lines
Diff to previous 1.302 (colored)
sshd: switch loginmsg to sshbuf API; ok djm@
Revision 1.302 / (download) - annotate - [select for diffs], Mon Jul 9 21:20:26 2018 UTC (5 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.301: +2 -4 lines
Diff to previous 1.301 (colored)
ttymodes: switch to sshbuf API; ok djm@
Revision 1.301 / (download) - annotate - [select for diffs], Tue Jul 3 10:59:35 2018 UTC (5 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.300: +15 -4 lines
Diff to previous 1.300 (colored)
allow sshd_config PermitUserEnvironment to accept a pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@
Revision 1.300 / (download) - annotate - [select for diffs], Sat Jun 9 03:03:10 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.299: +13 -2 lines
Diff to previous 1.299 (colored)
add a SetEnv directive for sshd_config to allow an administrator to explicitly specify environment variables set in sessions started by sshd. These override the default environment and any variables set by user configuration (PermitUserEnvironment, etc), but not the SSH_* variables set by sshd itself. ok markus@
Revision 1.299 / (download) - annotate - [select for diffs], Sat Jun 9 02:58:02 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.298: +21 -19 lines
Diff to previous 1.298 (colored)
reorder child environment preparation so that variables read from ~/.ssh/environment (if enabled) do not override SSH_* variables set by the server.
Revision 1.298 / (download) - annotate - [select for diffs], Wed Jun 6 18:29:18 2018 UTC (5 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.297: +6 -5 lines
Diff to previous 1.297 (colored)
switch config file parsing to getline(3) as this avoids static limits noted by gerhard@; ok dtucker@, djm@
Revision 1.297 / (download) - annotate - [select for diffs], Wed Jun 6 18:23:32 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.296: +34 -18 lines
Diff to previous 1.296 (colored)
permitlisten option for authorized_keys; ok markus@
Revision 1.296 / (download) - annotate - [select for diffs], Wed Jun 6 18:22:41 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.295: +18 -9 lines
Diff to previous 1.295 (colored)
Add a PermitListen directive to control which server-side addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@
Revision 1.295 / (download) - annotate - [select for diffs], Fri Jun 1 03:33:53 2018 UTC (5 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.294: +5 -3 lines
Diff to previous 1.294 (colored)
make UID available as a %-expansion everywhere that the username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@
Revision 1.294 / (download) - annotate - [select for diffs], Sat Mar 3 03:15:51 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.293: +58 -29 lines
Diff to previous 1.293 (colored)
switch over to the new authorized_keys options API and remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@
Revision 1.293 / (download) - annotate - [select for diffs], Mon Oct 23 05:08:00 2017 UTC (6 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.292: +4 -1 lines
Diff to previous 1.292 (colored)
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus
Revision 1.292 / (download) - annotate - [select for diffs], Tue Sep 12 06:32:07 2017 UTC (6 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.291: +108 -115 lines
Diff to previous 1.291 (colored)
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@
Revision 1.291 / (download) - annotate - [select for diffs], Fri Aug 18 05:36:45 2017 UTC (6 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.290: +1 -50 lines
Diff to previous 1.290 (colored)
Move several subprocess-related functions from various locations to misc.c. Extend subprocess() to offer a little more control over stdio disposition. feedback & ok dtucker@
Revision 1.290 / (download) - annotate - [select for diffs], Sat Jun 24 06:34:38 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.289: +53 -1 lines
Diff to previous 1.289 (colored)
refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@
Revision 1.289 / (download) - annotate - [select for diffs], Sat Jun 24 05:24:11 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.288: +1 -9 lines
Diff to previous 1.288 (colored)
no need to call log_init to reinitialise logged PID in child sessions, since we haven't called openlog() in log_init() since 1999; ok markus@
Revision 1.288 / (download) - annotate - [select for diffs], Wed May 31 09:15:42 2017 UTC (6 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.287: +5 -5 lines
Diff to previous 1.287 (colored)
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus
Revision 1.287 / (download) - annotate - [select for diffs], Wed May 31 08:09:45 2017 UTC (6 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.286: +2 -1 lines
Diff to previous 1.286 (colored)
clear session keys from memory; ok djm@
Revision 1.286 / (download) - annotate - [select for diffs], Wed Nov 30 03:00:05 2016 UTC (7 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.285: +2 -2 lines
Diff to previous 1.285 (colored)
Add a sshd_config DisableForwaring option that disables X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as anything else we might implement in the future. This, like the 'restrict' authorized_keys flag, is intended to be a simple and future-proof way of restricting an account. Suggested as a complement to 'restrict' by Jann Horn; ok markus@
Revision 1.285 / (download) - annotate - [select for diffs], Tue Aug 23 16:21:45 2016 UTC (7 years, 8 months ago) by otto
Branch: MAIN
Changes since 1.284: +2 -3 lines
Diff to previous 1.284 (colored)
fix previous, a condition was modified incorrectly; ok markus@ deraadt@
Revision 1.284 / (download) - annotate - [select for diffs], Fri Aug 19 03:18:06 2016 UTC (7 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.283: +37 -78 lines
Diff to previous 1.283 (colored)
remove UseLogin option and support for having /bin/login manage login sessions; ok deraadt markus dtucker
Revision 1.283 / (download) - annotate - [select for diffs], Sat Aug 13 17:47:41 2016 UTC (7 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.282: +11 -201 lines
Diff to previous 1.282 (colored)
remove ssh1 server code; ok djm@
Revision 1.280.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 11:55:43 2016 UTC (8 years, 2 months ago) by djm
Branch: OPENBSD_5_9
Changes since 1.280: +31 -3 lines
Diff to previous 1.280 (colored) next main 1.281 (colored)
MFC: revision 1.282 sanitise characters destined for xauth reported by github.com/tintinweb feedback and ok deraadt and markus
Revision 1.278.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 11:54:22 2016 UTC (8 years, 2 months ago) by djm
Branch: OPENBSD_5_8
Changes since 1.278: +31 -3 lines
Diff to previous 1.278 (colored) next main 1.279 (colored)
MFC: revision 1.282 sanitise characters destined for xauth reported by github.com/tintinweb feedback and ok deraadt and markus
Revision 1.277.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 11:53:34 2016 UTC (8 years, 2 months ago) by djm
Branch: OPENBSD_5_7
Changes since 1.277: +31 -3 lines
Diff to previous 1.277 (colored) next main 1.278 (colored)
MFC: revision 1.282 sanitise characters destined for xauth reported by github.com/tintinweb feedback and ok deraadt and markus
Revision 1.282 / (download) - annotate - [select for diffs], Thu Mar 10 11:47:57 2016 UTC (8 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.281: +31 -3 lines
Diff to previous 1.281 (colored)
sanitise characters destined for xauth reported by github.com/tintinweb feedback and ok deraadt and markus
Revision 1.281 / (download) - annotate - [select for diffs], Mon Mar 7 19:02:43 2016 UTC (8 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.280: +32 -10 lines
Diff to previous 1.280 (colored)
refactor canohost.c: move functions that cache results closer to the places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@
Revision 1.280 / (download) - annotate - [select for diffs], Tue Feb 16 03:37:48 2016 UTC (8 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE
Branch point for: OPENBSD_5_9
Changes since 1.279: +12 -6 lines
Diff to previous 1.279 (colored)
add a "Close session" log entry (at loglevel=verbose) to correspond to the existing "Starting session" one. Also include the session id number to make multiplexed sessions more apparent. feedback and ok dtucker@
Revision 1.279 / (download) - annotate - [select for diffs], Sat Oct 24 22:52:22 2015 UTC (8 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.278: +6 -4 lines
Diff to previous 1.278 (colored)
skip "Could not chdir to home directory" message when chrooted patch from Christian Hesse in bz#2485 ok dtucker@
Revision 1.278 / (download) - annotate - [select for diffs], Fri Apr 24 01:36:00 2015 UTC (9 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE
Branch point for: OPENBSD_5_8
Changes since 1.277: +4 -4 lines
Diff to previous 1.277 (colored)
rename xrealloc() to xreallocarray() since it follows that form. ok djm
Revision 1.277 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:12 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE
Branch point for: OPENBSD_5_7
Changes since 1.276: +3 -3 lines
Diff to previous 1.276 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.276 / (download) - annotate - [select for diffs], Wed Jan 14 20:05:27 2015 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.275: +5 -5 lines
Diff to previous 1.275 (colored)
move authfd.c and its tentacles to the new buffer/key API; ok markus@
Revision 1.275 / (download) - annotate - [select for diffs], Mon Dec 22 07:55:51 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.274: +2 -2 lines
Diff to previous 1.274 (colored)
make internal handling of filename arguments of "none" more consistent with ssh. "none" arguments are now replaced with NULL when the configuration is finalised. Simplifies checking later on (just need to test not-NULL rather than that + strcmp) and cleans up some inconsistencies. ok markus@
Revision 1.274 / (download) - annotate - [select for diffs], Tue Jul 15 15:54:14 2014 UTC (9 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.273: +8 -26 lines
Diff to previous 1.273 (colored)
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
Revision 1.273 / (download) - annotate - [select for diffs], Thu Jul 3 22:40:43 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.272: +3 -2 lines
Diff to previous 1.272 (colored)
Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys option; bz#2160; ok markus@
Revision 1.272 / (download) - annotate - [select for diffs], Thu Jul 3 03:34:09 2014 UTC (9 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.271: +3 -2 lines
Diff to previous 1.271 (colored)
standardise on NI_MAXHOST for gethostname() string lengths; about 1/2 the cases were using it already. Fixes bz#2239 en passant
Revision 1.271 / (download) - annotate - [select for diffs], Mon Mar 3 22:22:30 2014 UTC (10 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.270: +8 -3 lines
Diff to previous 1.270 (colored)
ignore enviornment variables with embedded '=' or '\0' characters; spotted by Jann Horn; ok deraadt@
Revision 1.270 / (download) - annotate - [select for diffs], Fri Jan 31 16:39:19 2014 UTC (10 years, 3 months ago) by tedu
Branch: MAIN
Changes since 1.269: +2 -2 lines
Diff to previous 1.269 (colored)
replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
Revision 1.269 / (download) - annotate - [select for diffs], Sat Jan 18 09:36:26 2014 UTC (10 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.268: +2 -2 lines
Diff to previous 1.268 (colored)
explicitly define USE_PIPES to 1 to prevent redefinition warnings in portable on platforms that use pipes for everything.
Revision 1.268 / (download) - annotate - [select for diffs], Tue Oct 29 09:48:02 2013 UTC (10 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.267: +2 -2 lines
Diff to previous 1.267 (colored)
shd_config PermitTTY to disallow TTY allocation, mirroring the longstanding no-pty authorized_keys option; bz#2070, patch from Teran McKinney; ok markus@
Revision 1.267 / (download) - annotate - [select for diffs], Mon Oct 14 21:20:52 2013 UTC (10 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.266: +38 -14 lines
Diff to previous 1.266 (colored)
Add logging of session starts in a useful format; ok markus@ feedback and ok dtucker@
Revision 1.266 / (download) - annotate - [select for diffs], Fri Jul 19 07:37:48 2013 UTC (10 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.265: +9 -1 lines
Diff to previous 1.265 (colored)
add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
Revision 1.265 / (download) - annotate - [select for diffs], Fri May 17 00:13:14 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.264: +38 -54 lines
Diff to previous 1.264 (colored)
bye, bye xfree(); ok markus@
Revision 1.264 / (download) - annotate - [select for diffs], Fri Apr 19 01:03:01 2013 UTC (11 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.263: +8 -1 lines
Diff to previous 1.263 (colored)
reintroduce 1.262 without the connection-killing bug: fatal() when ChrootDirectory specified by running without root privileges; ok markus@
Revision 1.263 / (download) - annotate - [select for diffs], Wed Apr 17 09:04:09 2013 UTC (11 years, 1 month ago) by dtucker
Branch: MAIN
Changes since 1.262: +1 -4 lines
Diff to previous 1.262 (colored)
revert rev 1.262; it fails because uid is already set here. ok djm@
Revision 1.262 / (download) - annotate - [select for diffs], Wed Mar 6 23:35:23 2013 UTC (11 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.261: +5 -2 lines
Diff to previous 1.261 (colored)
fatal() when ChrootDirectory specified by running without root privileges; ok markus@
Revision 1.261 / (download) - annotate - [select for diffs], Sun Dec 2 20:46:11 2012 UTC (11 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.260: +6 -3 lines
Diff to previous 1.260 (colored)
make AllowTcpForwarding accept "local" and "remote" in addition to its current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
Revision 1.260 / (download) - annotate - [select for diffs], Thu Mar 15 03:10:27 2012 UTC (12 years, 2 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.259: +2 -2 lines
Diff to previous 1.259 (colored)
root should always be excluded from the test for /etc/nologin instead of having it always enforced even when marked as ignorenologin. This regressed when the logic was incompletely flipped around in rev 1.251 ok halex@ millert@
Revision 1.259 / (download) - annotate - [select for diffs], Mon Oct 24 02:13:13 2011 UTC (12 years, 6 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.258: +2 -2 lines
Diff to previous 1.258 (colored)
bz#1859: send tty break to pty master instead of (probably already closed) slave side; "looks good" markus@
Revision 1.258 / (download) - annotate - [select for diffs], Thu Nov 25 04:10:09 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.257: +2 -5 lines
Diff to previous 1.257 (colored)
replace close() loop for fds 3->64 with closefrom(); ok markus deraadt dtucker
Revision 1.257 / (download) - annotate - [select for diffs], Sat Nov 13 23:27:50 2010 UTC (13 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.256: +5 -3 lines
Diff to previous 1.256 (colored)
allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
Revision 1.256 / (download) - annotate - [select for diffs], Fri Jun 25 07:20:04 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.255: +28 -53 lines
Diff to previous 1.255 (colored)
bz#1750: fix requirement for /dev/null inside ChrootDirectory for internal-sftp accidentally introduced in r1.253 by removing the code that opens and dup /dev/null to stderr and modifying the channels code to read stderr but discard it instead; ok markus@
Revision 1.255 / (download) - annotate - [select for diffs], Tue Jun 22 04:59:12 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.254: +3 -2 lines
Diff to previous 1.254 (colored)
include the user name on "subsystem request for ..." log messages; bz#1571; ok dtucker@
Revision 1.254 / (download) - annotate - [select for diffs], Fri Jun 18 03:16:03 2010 UTC (13 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.253: +3 -2 lines
Diff to previous 1.253 (colored)
Missing check for chroot_director == "none" (we already checked against NULL); bz#1564 from Jan.Pechanec AT Sun.COM
Revision 1.253 / (download) - annotate - [select for diffs], Fri Apr 23 22:42:05 2010 UTC (14 years ago) by djm
Branch: MAIN
Changes since 1.252: +55 -28 lines
Diff to previous 1.252 (colored)
set stderr to /dev/null for subsystems rather than just closing it. avoids hangs if a subsystem or shell initialisation writes to stderr. bz#1750; ok markus@
Revision 1.252 / (download) - annotate - [select for diffs], Sun Mar 7 11:57:13 2010 UTC (14 years, 2 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.251: +3 -1 lines
Diff to previous 1.251 (colored)
Hold authentication debug messages until after successful authentication. Fixes an info leak of environment variables specified in authorized_keys, reported by Jacob Appelbaum. ok djm@
Revision 1.251 / (download) - annotate - [select for diffs], Tue Jan 12 08:33:17 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.250: +17 -12 lines
Diff to previous 1.250 (colored)
Add explicit stat so we reliably detect nologin with bad perms. ok djm markus
Revision 1.250 / (download) - annotate - [select for diffs], Tue Jan 12 01:31:05 2010 UTC (14 years, 4 months ago) by dtucker
Branch: MAIN
Changes since 1.249: +4 -2 lines
Diff to previous 1.249 (colored)
Do not allow logins if /etc/nologin exists but is not readable by the user logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
Revision 1.249 / (download) - annotate - [select for diffs], Fri Nov 20 00:15:41 2009 UTC (14 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.248: +7 -7 lines
Diff to previous 1.248 (colored)
Warn but do not fail if stat()ing the subsystem binary fails. This helps with chrootdirectory+forcecommand=sftp-server and restricted shells. bz #1599, ok djm.
Revision 1.248 / (download) - annotate - [select for diffs], Thu Nov 19 23:39:50 2009 UTC (14 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.247: +18 -11 lines
Diff to previous 1.247 (colored)
bz#1606: error when an attempt is made to connect to a server with ForceCommand=internal-sftp with a shell session (i.e. not a subsystem session). Avoids stuck client when attempting to ssh to such a service. ok dtucker@
Revision 1.247 / (download) - annotate - [select for diffs], Tue Oct 6 04:46:40 2009 UTC (14 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.246: +3 -1 lines
Diff to previous 1.246 (colored)
bz#1596: fflush(NULL) before exec() to ensure that everying (motd in particular) has made it out before the streams go away.
Revision 1.246 / (download) - annotate - [select for diffs], Fri Apr 17 19:23:06 2009 UTC (15 years, 1 month ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.245: +2 -2 lines
Diff to previous 1.245 (colored)
use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; ok djm@ markus@
Revision 1.245 / (download) - annotate - [select for diffs], Thu Jan 22 09:46:01 2009 UTC (15 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.244: +2 -2 lines
Diff to previous 1.244 (colored)
make Channel->path an allocated string, saving a few bytes here and there and fixing bz#1380 in the process; ok markus@
Revision 1.244 / (download) - annotate - [select for diffs], Sun Nov 9 12:34:47 2008 UTC (15 years, 6 months ago) by tobias
Branch: MAIN
Changes since 1.243: +2 -2 lines
Diff to previous 1.243 (colored)
typo fixed (overriden -> overridden) ok espie, jmc
Revision 1.243 / (download) - annotate - [select for diffs], Thu Oct 2 14:39:35 2008 UTC (15 years, 7 months ago) by millert
Branch: MAIN
Changes since 1.242: +2 -2 lines
Diff to previous 1.242 (colored)
Convert an unchecked strdup to xstrdup. OK deraadt@
Revision 1.242 / (download) - annotate - [select for diffs], Thu Aug 21 04:09:57 2008 UTC (15 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.241: +9 -3 lines
Diff to previous 1.241 (colored)
allow ForceCommand internal-sftp with arguments. based on patch from michael.barabanov AT gmail.com; ok markus@
Revision 1.241 / (download) - annotate - [select for diffs], Mon Jun 16 13:22:53 2008 UTC (15 years, 11 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.240: +3 -3 lines
Diff to previous 1.240 (colored)
Rename the isatty argument to is_tty so we don't shadow isatty(3). ok markus@
Revision 1.240 / (download) - annotate - [select for diffs], Sun Jun 15 20:06:26 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.239: +7 -8 lines
Diff to previous 1.239 (colored)
don't call isatty() on a pty master, instead pass a flag down to channel_set_fds() indicating that te fds refer to a tty. Fixes a hang on exit on Solaris (bz#1463) in portable but is actually a generic bug; ok dtucker deraadt markus
Revision 1.239 / (download) - annotate - [select for diffs], Sat Jun 14 18:33:43 2008 UTC (15 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.238: +9 -4 lines
Diff to previous 1.238 (colored)
suppress the warning message from chdir(homedir) failures when chrooted (bz#1461); ok dtucker
Revision 1.238 / (download) - annotate - [select for diffs], Fri May 9 16:16:06 2008 UTC (16 years ago) by markus
Branch: MAIN
Changes since 1.237: +79 -1 lines
Diff to previous 1.237 (colored)
re-add the USE_PIPES code and enable it. without pipes shutdown-read from the sshd does not trigger a SIGPIPE when the forked program does a write. ok djm@
Revision 1.237 / (download) - annotate - [select for diffs], Thu May 8 12:21:16 2008 UTC (16 years ago) by djm
Branch: MAIN
Changes since 1.236: +214 -105 lines
Diff to previous 1.236 (colored)
Make the maximum number of sessions run-time controllable via a sshd_config MaxSessions knob. This is useful for disabling login/shell/subsystem access while leaving port-forwarding working (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or simply increasing the number of allows multiplexed sessions. Because some bozos are sure to configure MaxSessions in excess of the number of available file descriptors in sshd (which, at peak, might be as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds on error paths, and make it fail gracefully on out-of-fd conditions - sending channel errors instead of than exiting with fatal(). bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com ok markus@
Revision 1.236 / (download) - annotate - [select for diffs], Thu May 8 12:02:23 2008 UTC (16 years ago) by djm
Branch: MAIN
Changes since 1.235: +2 -1 lines
Diff to previous 1.235 (colored)
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff)
Revision 1.235 / (download) - annotate - [select for diffs], Wed May 7 05:49:37 2008 UTC (16 years ago) by pyr
Branch: MAIN
Changes since 1.234: +4 -3 lines
Diff to previous 1.234 (colored)
Enable the AllowAgentForwarding option in sshd_config (global and match context), to specify if agents should be permitted on the server. As the man page states: ``Note that disabling Agent forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders.'' ok djm@, ok and a mild frown markus@
Revision 1.234 / (download) - annotate - [select for diffs], Fri Apr 18 22:01:33 2008 UTC (16 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.233: +2 -2 lines
Diff to previous 1.233 (colored)
remove unneccessary parentheses
Revision 1.230.2.1 / (download) - annotate - [select for diffs], Mon Mar 31 01:14:45 2008 UTC (16 years, 1 month ago) by brad
Branch: OPENBSD_4_3
Changes since 1.230: +4 -3 lines
Diff to previous 1.230 (colored) next main 1.231 (colored)
ignore ~/.ssh/rc if a sshd_config ForceCommand is specified; ok djm@
Revision 1.221.4.1 / (download) - annotate - [select for diffs], Mon Mar 31 01:12:07 2008 UTC (16 years, 1 month ago) by brad
Branch: OPENBSD_4_2
Changes since 1.221: +4 -3 lines
Diff to previous 1.221 (colored) next main 1.222 (colored)
ignore ~/.ssh/rc if a sshd_config ForceCommand is specified; ok djm@
Revision 1.221.2.1 / (download) - annotate - [select for diffs], Mon Mar 31 01:07:59 2008 UTC (16 years, 1 month ago) by brad
Branch: OPENBSD_4_1
Changes since 1.221: +4 -3 lines
Diff to previous 1.221 (colored) next main 1.222 (colored)
ignore ~/.ssh/rc if a sshd_config ForceCommand is specified; ok djm@
Revision 1.233 / (download) - annotate - [select for diffs], Wed Mar 26 21:28:14 2008 UTC (16 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.232: +2 -2 lines
Diff to previous 1.232 (colored)
add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
Revision 1.232 / (download) - annotate - [select for diffs], Tue Mar 25 23:01:41 2008 UTC (16 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.231: +2 -2 lines
Diff to previous 1.231 (colored)
last patch had backwards test; spotted by termim AT gmail.com
Revision 1.231 / (download) - annotate - [select for diffs], Tue Mar 25 11:58:02 2008 UTC (16 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.230: +4 -3 lines
Diff to previous 1.230 (colored)
ignore ~/.ssh/rc if a sshd_config ForceCommand is specified; from dtucker@ ok deraadt@ djm@
Revision 1.230 / (download) - annotate - [select for diffs], Fri Feb 22 05:58:56 2008 UTC (16 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE
Branch point for: OPENBSD_4_3
Changes since 1.229: +3 -5 lines
Diff to previous 1.229 (colored)
closefrom() call was too early, delay it until just before we execute the user's rc files (if any).
Revision 1.229 / (download) - annotate - [select for diffs], Wed Feb 20 15:25:26 2008 UTC (16 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.228: +2 -2 lines
Diff to previous 1.228 (colored)
correct boolean encoding for coredump; der Mouse via dugsong
Revision 1.228 / (download) - annotate - [select for diffs], Wed Feb 13 22:38:17 2008 UTC (16 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.227: +5 -4 lines
Diff to previous 1.227 (colored)
rekey arc4random and OpenSSL RNG in postauth child closefrom fds > 2 before shell/command execution ok markus@
Revision 1.227 / (download) - annotate - [select for diffs], Sun Feb 10 10:54:29 2008 UTC (16 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.226: +8 -5 lines
Diff to previous 1.226 (colored)
delay ~ expansion for ChrootDirectory so it expands to the logged-in user's home, rather than the user who starts sshd (probably root)
Revision 1.226 / (download) - annotate - [select for diffs], Fri Feb 8 23:24:07 2008 UTC (16 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.225: +86 -7 lines
Diff to previous 1.225 (colored)
add sshd_config ChrootDirectory option to chroot(2) users to a directory and tweak internal sftp server to work with it (no special files in chroot required). ok markus@
Revision 1.225 / (download) - annotate - [select for diffs], Mon Feb 4 21:53:00 2008 UTC (16 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.224: +33 -4 lines
Diff to previous 1.224 (colored)
link sftp-server into sshd; feedback and ok djm@
Revision 1.224 / (download) - annotate - [select for diffs], Tue Sep 11 15:47:17 2007 UTC (16 years, 8 months ago) by gilles
Branch: MAIN
Changes since 1.223: +4 -3 lines
Diff to previous 1.223 (colored)
use strcspn to properly overwrite '\n' in fgets returned buffer ok pyr@, ray@, millert@, moritz@, chl@
Revision 1.223 / (download) - annotate - [select for diffs], Thu Aug 23 02:55:51 2007 UTC (16 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.222: +2 -1 lines
Diff to previous 1.222 (colored)
missed include bits from last commit
Revision 1.222 / (download) - annotate - [select for diffs], Thu Aug 23 02:49:43 2007 UTC (16 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.221: +1 -43 lines
Diff to previous 1.221 (colored)
unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@
Revision 1.221 / (download) - annotate - [select for diffs], Sun Jan 21 01:41:54 2007 UTC (17 years, 3 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_1_BASE
Branch point for: OPENBSD_4_2,
OPENBSD_4_1
Changes since 1.220: +3 -3 lines
Diff to previous 1.220 (colored)
spaces
Revision 1.186.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 00:44:05 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.186.2.2: +2 -2 lines
Diff to previous 1.186.2.2 (colored) to branchpoint 1.186 (colored) next main 1.187 (colored)
upgrade to OpenSSH 4.5
Revision 1.219.4.1 / (download) - annotate - [select for diffs], Wed Nov 8 00:42:10 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_4_0
Changes since 1.219: +2 -2 lines
Diff to previous 1.219 (colored) next main 1.220 (colored)
upgrade to OpenSSH 4.5
Revision 1.197.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 00:17:14 2006 UTC (17 years, 6 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.197.2.1: +2 -2 lines
Diff to previous 1.197.2.1 (colored) to branchpoint 1.197 (colored) next main 1.198 (colored)
upgrade to OpenSSH 4.5
Revision 1.220 / (download) - annotate - [select for diffs], Mon Oct 9 23:36:11 2006 UTC (17 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.219: +2 -2 lines
Diff to previous 1.219 (colored)
xmalloc -> xcalloc that was missed previously, from portable
Revision 1.186.2.2 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:33 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.186.2.1: +56 -79 lines
Diff to previous 1.186.2.1 (colored) to branchpoint 1.186 (colored)
upgrade to OpenSSH 4.4
Revision 1.197.2.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:51 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.197: +48 -79 lines
Diff to previous 1.197 (colored)
upgrade to OpenSSH 4.4
Revision 1.219 / (download) - annotate - [select for diffs], Tue Aug 29 10:40:19 2006 UTC (17 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE
Branch point for: OPENBSD_4_0
Changes since 1.218: +7 -6 lines
Diff to previous 1.218 (colored)
normalise some inconsistent (but harmless) NULL pointer checks spotted by the Stanford SATURN tool, via Isil Dillig; ok markus@ deraadt@
Revision 1.218 / (download) - annotate - [select for diffs], Fri Aug 18 09:15:20 2006 UTC (17 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.217: +2 -2 lines
Diff to previous 1.217 (colored)
delay authentication related cleanups until we're authenticated and all alarms have been cancelled; ok deraadt
Revision 1.217 / (download) - annotate - [select for diffs], Fri Aug 4 20:46:05 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.216: +2 -2 lines
Diff to previous 1.216 (colored)
spaces
Revision 1.216 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:42 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.215: +9 -10 lines
Diff to previous 1.215 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.215 / (download) - annotate - [select for diffs], Tue Aug 1 23:22:47 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.214: +2 -1 lines
Diff to previous 1.214 (colored)
move #include <stdio.h> out of includes.h
Revision 1.214 / (download) - annotate - [select for diffs], Wed Jul 26 13:57:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.213: +2 -1 lines
Diff to previous 1.213 (colored)
move #include <stdlib.h> out of includes.h
Revision 1.213 / (download) - annotate - [select for diffs], Wed Jul 26 02:35:17 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.212: +2 -1 lines
Diff to previous 1.212 (colored)
move #include <sys/param.h> out of includes.h
Revision 1.212 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:23 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.211: +2 -1 lines
Diff to previous 1.211 (colored)
move #include <string.h> out of includes.h
Revision 1.211 / (download) - annotate - [select for diffs], Thu Jul 20 15:26:15 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.210: +2 -1 lines
Diff to previous 1.210 (colored)
missed some needed #include <unistd.h> when KERBEROS5=no; issue from massimo@cedoc.mo.it
Revision 1.210 / (download) - annotate - [select for diffs], Wed Jul 19 13:07:10 2006 UTC (17 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.209: +7 -3 lines
Diff to previous 1.209 (colored)
Add ForceCommand keyword to sshd_config, equivalent to the "command=" key option, man page entry and example in sshd_config. Feedback & ok djm@, man page corrections & ok jmc@
Revision 1.209 / (download) - annotate - [select for diffs], Tue Jul 11 20:07:25 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.208: +2 -1 lines
Diff to previous 1.208 (colored)
move #include <errno.h> out of includes.h; ok markus@
Revision 1.208 / (download) - annotate - [select for diffs], Tue Jul 11 18:50:48 2006 UTC (17 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.207: +6 -2 lines
Diff to previous 1.207 (colored)
add ExitOnForwardFailure: terminate the connection if ssh(1) cannot set up all requested dynamic, local, and remote port forwardings. ok djm, dtucker, stevesk, jmc
Revision 1.207 / (download) - annotate - [select for diffs], Sat Jul 8 21:48:53 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.206: +2 -1 lines
Diff to previous 1.206 (colored)
missed these from last commit: move #include <sys/socket.h> out of includes.h
Revision 1.206 / (download) - annotate - [select for diffs], Thu Jul 6 16:03:53 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.205: +2 -1 lines
Diff to previous 1.205 (colored)
move #include <pwd.h> out of includes.h; ok markus@
Revision 1.205 / (download) - annotate - [select for diffs], Thu Jul 6 10:47:05 2006 UTC (17 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.204: +6 -5 lines
Diff to previous 1.204 (colored)
support arguments to Subsystem commands; ok markus@
Revision 1.204 / (download) - annotate - [select for diffs], Sun Jul 2 22:45:59 2006 UTC (17 years, 10 months ago) by stevesk
Branch: MAIN
Changes since 1.203: +2 -1 lines
Diff to previous 1.203 (colored)
move #include <grp.h> out of includes.h
Revision 1.203 / (download) - annotate - [select for diffs], Thu Apr 20 21:53:44 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.202: +1 -50 lines
Diff to previous 1.202 (colored)
Switch from using pipes to socketpairs for communication between sftp/scp and ssh, and between sshd and its subprocesses. This saves a file descriptor per session and apparently makes userland ppp over ssh work; ok markus@ deraadt@
Revision 1.202 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:02 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.201: +1 -0 lines
Diff to previous 1.201 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.201 / (download) - annotate - [select for diffs], Sat Mar 25 01:13:23 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.200: +3 -3 lines
Diff to previous 1.200 (colored)
change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@
Revision 1.200 / (download) - annotate - [select for diffs], Mon Mar 20 18:26:55 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.199: +2 -2 lines
Diff to previous 1.199 (colored)
annoying spacing fixes getting in the way of real diffs
Revision 1.199 / (download) - annotate - [select for diffs], Sun Mar 19 18:53:12 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.198: +1 -1 lines
Diff to previous 1.198 (colored)
spacing
Revision 1.198 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.197: +0 -1 lines
Diff to previous 1.197 (colored)
RCSID() can die
Revision 1.197 / (download) - annotate - [select for diffs], Tue Feb 28 01:10:21 2006 UTC (18 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE
Branch point for: OPENBSD_3_9
Changes since 1.196: +2 -2 lines
Diff to previous 1.196 (colored)
fix logout recording when privilege separation is disabled, analysis and patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@
Revision 1.196 / (download) - annotate - [select for diffs], Mon Feb 20 17:19:54 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
Changes since 1.195: +2 -1 lines
Diff to previous 1.195 (colored)
move #include <sys/stat.h> out of includes.h; ok markus@
Revision 1.195 / (download) - annotate - [select for diffs], Mon Feb 20 17:02:44 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
Changes since 1.194: +2 -1 lines
Diff to previous 1.194 (colored)
move #include <signal.h> out of includes.h; ok markus@
Revision 1.194 / (download) - annotate - [select for diffs], Mon Feb 20 16:36:14 2006 UTC (18 years, 2 months ago) by stevesk
Branch: MAIN
Changes since 1.193: +2 -1 lines
Diff to previous 1.193 (colored)
move #include <sys/un.h> out of includes.h; ok djm@
Revision 1.193 / (download) - annotate - [select for diffs], Fri Feb 10 01:44:27 2006 UTC (18 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.192: +4 -1 lines
Diff to previous 1.192 (colored)
move #include <sys/wait.h> out of includes.h; ok markus@
Revision 1.192 / (download) - annotate - [select for diffs], Wed Feb 8 12:15:27 2006 UTC (18 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.191: +3 -1 lines
Diff to previous 1.191 (colored)
move #include <paths.h> out of includes.h; ok markus@
Revision 1.186.2.1 / (download) - annotate - [select for diffs], Fri Feb 3 03:01:57 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.186: +27 -27 lines
Diff to previous 1.186 (colored)
upgrade to OpenSSH 4.3
Revision 1.181.2.2 / (download) - annotate - [select for diffs], Fri Feb 3 02:53:45 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.181.2.1: +27 -27 lines
Diff to previous 1.181.2.1 (colored) to branchpoint 1.181 (colored) next main 1.182 (colored)
upgrade to OpenSSH 4.3
Revision 1.191 / (download) - annotate - [select for diffs], Sat Dec 24 02:27:41 2005 UTC (18 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.190: +1 -10 lines
Diff to previous 1.190 (colored)
eliminate some code duplicated in privsep and non-privsep paths, and explicitly clear SIGALRM handler; "groovy" deraadt@
Revision 1.190 / (download) - annotate - [select for diffs], Sat Dec 17 21:13:05 2005 UTC (18 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.189: +2 -2 lines
Diff to previous 1.189 (colored)
spelling: fowarding, fowarded
Revision 1.189 / (download) - annotate - [select for diffs], Mon Dec 12 13:46:18 2005 UTC (18 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.188: +2 -2 lines
Diff to previous 1.188 (colored)
make sure protocol messages for internal channels are ignored. allow adjust messages for non-open channels; with and ok djm@
Revision 1.188 / (download) - annotate - [select for diffs], Sun Oct 30 08:52:17 2005 UTC (18 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.187: +3 -3 lines
Diff to previous 1.187 (colored)
no need to escape single quotes in comments, no binary change
Revision 1.187 / (download) - annotate - [select for diffs], Mon Oct 10 10:23:08 2005 UTC (18 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.186: +23 -14 lines
Diff to previous 1.186 (colored)
fix regression I introduced in 4.2: X11 forwardings initiated after a session has exited (e.g. "(sleep 5; xterm) &") would not start. bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
Revision 1.181.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:03 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.181: +114 -11 lines
Diff to previous 1.181 (colored)
upgrade to OpenSSH 4.2
Revision 1.180.2.2 / (download) - annotate - [select for diffs], Fri Sep 2 03:45:00 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.180.2.1: +114 -11 lines
Diff to previous 1.180.2.1 (colored) to branchpoint 1.180 (colored) next main 1.181 (colored)
upgrade to OpenSSH 4.2
Revision 1.186 / (download) - annotate - [select for diffs], Mon Jul 25 11:59:40 2005 UTC (18 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.185: +3 -2 lines
Diff to previous 1.185 (colored)
add a new compression method that delays compression until the user has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@
Revision 1.185 / (download) - annotate - [select for diffs], Sun Jul 17 07:17:55 2005 UTC (18 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.184: +2 -2 lines
Diff to previous 1.184 (colored)
knf says that a 2nd level indent is four (not three or five) spaces
Revision 1.184 / (download) - annotate - [select for diffs], Sun Jul 17 06:49:04 2005 UTC (18 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.183: +104 -2 lines
Diff to previous 1.183 (colored)
Fix a number of X11 forwarding channel leaks: 1. Refuse multiple X11 forwarding requests on the same session 2. Clean up all listeners after a single_connection X11 forward, not just the one that made the single connection 3. Destroy X11 listeners when the session owning them goes away testing and ok dtucker@
Revision 1.183 / (download) - annotate - [select for diffs], Sat Jul 16 01:35:24 2005 UTC (18 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.182: +6 -6 lines
Diff to previous 1.182 (colored)
spacing
Revision 1.182 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:33 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.181: +3 -3 lines
Diff to previous 1.181 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.172.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:04 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.172.2.1: +5 -1 lines
Diff to previous 1.172.2.1 (colored) to branchpoint 1.172 (colored) next main 1.173 (colored)
upgrade to OpenSSH 4.0
Revision 1.180.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:27 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.180: +5 -1 lines
Diff to previous 1.180 (colored)
upgrade to OpenSSH 4.0
Revision 1.181 / (download) - annotate - [select for diffs], Thu Dec 23 17:35:48 2004 UTC (19 years, 4 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.180: +5 -1 lines
Diff to previous 1.180 (colored)
check for NULL; from mpech
Revision 1.163.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:32 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.163.2.1: +81 -26 lines
Diff to previous 1.163.2.1 (colored) to branchpoint 1.163 (colored) next main 1.164 (colored)
upgrade to OpenSSH 3.9
Revision 1.172.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:27 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.172: +81 -26 lines
Diff to previous 1.172 (colored)
upgrade to OpenSSH 3.9
Revision 1.180 / (download) - annotate - [select for diffs], Wed Jul 28 09:40:29 2004 UTC (19 years, 9 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.179: +2 -2 lines
Diff to previous 1.179 (colored)
more s/illegal/invalid/
Revision 1.179 / (download) - annotate - [select for diffs], Sat Jul 17 05:31:41 2004 UTC (19 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.178: +20 -18 lines
Diff to previous 1.178 (colored)
Move "Last logged in at.." message generation to the monitor, right before recording the new login. Fixes missing lastlog message when /var/log/lastlog is not world-readable and incorrect datestamp when multiple sessions are used (bz #463); much assistance & ok markus@
Revision 1.178 / (download) - annotate - [select for diffs], Sun Jul 11 17:48:47 2004 UTC (19 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.177: +3 -3 lines
Diff to previous 1.177 (colored)
spaces
Revision 1.177 / (download) - annotate - [select for diffs], Wed Jun 30 08:36:59 2004 UTC (19 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.176: +4 -3 lines
Diff to previous 1.176 (colored)
unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
Revision 1.176 / (download) - annotate - [select for diffs], Mon Jun 21 17:53:03 2004 UTC (19 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.175: +6 -2 lines
Diff to previous 1.175 (colored)
fix fd leak for multiple subsystem connections; with markus@
Revision 1.175 / (download) - annotate - [select for diffs], Tue May 11 19:01:43 2004 UTC (20 years ago) by deraadt
Branch: MAIN
Changes since 1.174: +2 -3 lines
Diff to previous 1.174 (colored)
improve some code lint did not like; djm millert ok
Revision 1.174 / (download) - annotate - [select for diffs], Sun May 9 01:19:28 2004 UTC (20 years ago) by djm
Branch: MAIN
Changes since 1.173: +1 -2 lines
Diff to previous 1.173 (colored)
kill some more tiny files; ok deraadt@
Revision 1.173 / (download) - annotate - [select for diffs], Tue Apr 27 09:46:37 2004 UTC (20 years ago) by djm
Branch: MAIN
Changes since 1.172: +51 -1 lines
Diff to previous 1.172 (colored)
bz #815: implement ability to pass specified environment variables from the client to the server; ok markus@
Revision 1.154.2.2 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:16 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.154.2.1: +155 -76 lines
Diff to previous 1.154.2.1 (colored) to branchpoint 1.154 (colored) next main 1.155 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.163.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:33 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.163: +155 -76 lines
Diff to previous 1.163 (colored)
upgrade to OpenSSH 3.8
Revision 1.172 / (download) - annotate - [select for diffs], Fri Jan 30 09:48:57 2004 UTC (20 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.171: +60 -29 lines
Diff to previous 1.171 (colored)
support for password change; ok dtucker@ (set password-dead=1w in login.conf to use this).
Revision 1.171 / (download) - annotate - [select for diffs], Tue Jan 13 19:23:15 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.170: +5 -1 lines
Diff to previous 1.170 (colored)
-Wall; ok henning
Revision 1.170 / (download) - annotate - [select for diffs], Tue Dec 23 16:12:10 2003 UTC (20 years, 4 months ago) by jakob
Branch: MAIN
Changes since 1.169: +27 -1 lines
Diff to previous 1.169 (colored)
implement KerberosGetAFSToken server option. ok markus@, beck@
Revision 1.169 / (download) - annotate - [select for diffs], Tue Dec 2 17:01:15 2003 UTC (20 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.168: +2 -2 lines
Diff to previous 1.168 (colored)
use SSH_LISTEN_BACKLOG (=128) in listen(2).
Revision 1.168 / (download) - annotate - [select for diffs], Fri Nov 21 11:57:03 2003 UTC (20 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.167: +2 -2 lines
Diff to previous 1.167 (colored)
unexpand and delete whitespace at EOL; ok markus@
Revision 1.167 / (download) - annotate - [select for diffs], Tue Nov 4 08:54:09 2003 UTC (20 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.166: +2 -2 lines
Diff to previous 1.166 (colored)
standardise arguments to auth methods - they should all take authctxt. check authctxt->valid rather then pw != NULL; ok markus@
Revision 1.166 / (download) - annotate - [select for diffs], Tue Oct 14 19:54:39 2003 UTC (20 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.165: +2 -2 lines
Diff to previous 1.165 (colored)
10X for mkdtemp; djm@
Revision 1.165 / (download) - annotate - [select for diffs], Tue Sep 23 20:17:11 2003 UTC (20 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.164: +54 -38 lines
Diff to previous 1.164 (colored)
replace fatal_cleanup() and linked list of fatal callbacks with static cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
Revision 1.164 / (download) - annotate - [select for diffs], Thu Sep 18 08:49:45 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.163: +10 -8 lines
Diff to previous 1.163 (colored)
more buffer allocation fixes; from Solar Designer; CAN-2003-0682; ok millert@
Revision 1.150.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:27 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.150.2.1: +49 -83 lines
Diff to previous 1.150.2.1 (colored) to branchpoint 1.150 (colored) next main 1.151 (colored)
upgrade to OpenSSH 3.7
Revision 1.154.2.1 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:43 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.154: +49 -83 lines
Diff to previous 1.154 (colored)
upgrade to OpenSSH 3.7
Revision 1.163 / (download) - annotate - [select for diffs], Sun Aug 31 13:29:05 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.162: +9 -13 lines
Diff to previous 1.162 (colored)
call ssh_gssapi_storecreds conditionally from do_exec(); with sxw@inf.ed.ac.uk
Revision 1.162 / (download) - annotate - [select for diffs], Thu Aug 28 12:54:34 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.161: +1 -25 lines
Diff to previous 1.161 (colored)
remove kerberos support from ssh1, since it has been replaced with GSSAPI; but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
Revision 1.161 / (download) - annotate - [select for diffs], Fri Aug 22 10:56:09 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.160: +29 -2 lines
Diff to previous 1.160 (colored)
support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.
Revision 1.160 / (download) - annotate - [select for diffs], Wed Aug 13 08:33:02 2003 UTC (20 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.159: +4 -10 lines
Diff to previous 1.159 (colored)
use more portable tcsendbreak(3) and ignore break_length; ok deraadt, millert
Revision 1.159 / (download) - annotate - [select for diffs], Tue Jul 22 13:35:22 2003 UTC (20 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.158: +4 -53 lines
Diff to previous 1.158 (colored)
remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1); test+ok henning@
Revision 1.158 / (download) - annotate - [select for diffs], Mon Jun 2 09:17:34 2003 UTC (20 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.157: +3 -3 lines
Diff to previous 1.157 (colored)
deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
Revision 1.157 / (download) - annotate - [select for diffs], Wed May 14 22:24:42 2003 UTC (21 years ago) by markus
Branch: MAIN
Changes since 1.156: +23 -1 lines
Diff to previous 1.156 (colored)
allow to send a BREAK to the remote system; ok various
Revision 1.156 / (download) - annotate - [select for diffs], Sun May 11 20:30:25 2003 UTC (21 years ago) by markus
Branch: MAIN
Changes since 1.155: +2 -2 lines
Diff to previous 1.155 (colored)
make channel_new() strdup the 'remote_name' (not the caller); ok theo
Revision 1.155 / (download) - annotate - [select for diffs], Tue Apr 8 20:21:29 2003 UTC (21 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.154: +6 -6 lines
Diff to previous 1.154 (colored)
rename log() into logit() to avoid name conflict. markus ok, from netbsd
Revision 1.134.2.3 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:17 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.134.2.2: +20 -8 lines
Diff to previous 1.134.2.2 (colored) to branchpoint 1.134 (colored) next main 1.135 (colored)
Merge OpenSSH 3.6.1
Revision 1.150.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:14 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.150: +20 -8 lines
Diff to previous 1.150 (colored)
Update to OpenSSH 3.6
Revision 1.154 / (download) - annotate - [select for diffs], Wed Mar 5 22:33:43 2003 UTC (21 years, 2 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.153: +5 -4 lines
Diff to previous 1.153 (colored)
fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
Revision 1.153 / (download) - annotate - [select for diffs], Thu Feb 6 09:26:23 2003 UTC (21 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.152: +3 -1 lines
Diff to previous 1.152 (colored)
missing call to setproctitle() after authentication; ok provos@
Revision 1.152 / (download) - annotate - [select for diffs], Tue Dec 10 08:56:00 2002 UTC (21 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.151: +8 -3 lines
Diff to previous 1.151 (colored)
Make sure $SHELL points to the shell from the password file, even if shell is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@
Revision 1.151 / (download) - annotate - [select for diffs], Wed Dec 4 04:36:47 2002 UTC (21 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.150: +7 -3 lines
Diff to previous 1.150 (colored)
remove xauth entries before add; PR 2994 from janjaap@stack.nl. ok markus@
Revision 1.108.2.7 / (download) - annotate - [select for diffs], Fri Oct 11 14:53:07 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.108.2.6: +46 -12 lines
Diff to previous 1.108.2.6 (colored) to branchpoint 1.108 (colored) next main 1.109 (colored)
Update to OpenSSH 3.5
Revision 1.134.2.2 / (download) - annotate - [select for diffs], Fri Oct 11 14:51:52 2002 UTC (21 years, 7 months ago) by miod
Branch: OPENBSD_3_1
Changes since 1.134.2.1: +46 -12 lines
Diff to previous 1.134.2.1 (colored) to branchpoint 1.134 (colored)
Update to OpenSSH 3.5
Revision 1.150 / (download) - annotate - [select for diffs], Mon Sep 16 19:55:33 2002 UTC (21 years, 8 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.149: +3 -1 lines
Diff to previous 1.149 (colored)
log when _PATH_NOLOGIN exists; ok markus@
Revision 1.149 / (download) - annotate - [select for diffs], Thu Sep 12 19:50:36 2002 UTC (21 years, 8 months ago) by stevesk
Branch: MAIN
Changes since 1.148: +7 -1 lines
Diff to previous 1.148 (colored)
add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384. ok markus@
Revision 1.148 / (download) - annotate - [select for diffs], Thu Aug 29 15:57:25 2002 UTC (21 years, 8 months ago) by stevesk
Branch: MAIN
Changes since 1.147: +3 -3 lines
Diff to previous 1.147 (colored)
pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@FreeBSD.org> NOTE: there are also p-specific parts to this patch. ok markus@
Revision 1.147 / (download) - annotate - [select for diffs], Thu Aug 22 21:45:41 2002 UTC (21 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.146: +23 -2 lines
Diff to previous 1.146 (colored)
send signal name (not signal number) in "exit-signal" message; noticed by galb@vandyke.com
Revision 1.146 / (download) - annotate - [select for diffs], Tue Jul 30 17:03:55 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.145: +2 -2 lines
Diff to previous 1.145 (colored)
add PermitUserEnvironment (off by default!); from dot@dotat.at; ok provos, deraadt
Revision 1.145 / (download) - annotate - [select for diffs], Mon Jul 22 11:03:06 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.144: +5 -3 lines
Diff to previous 1.144 (colored)
fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors; suggeted by millert@; ok deraadt@
Revision 1.144 / (download) - annotate - [select for diffs], Fri Jul 19 15:43:33 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.143: +4 -1 lines
Diff to previous 1.143 (colored)
remove fatal cleanups after fork; based on discussions with and code from solar.
Revision 1.143 / (download) - annotate - [select for diffs], Sun Jun 30 21:54:16 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.142: +6 -6 lines
Diff to previous 1.142 (colored)
lint asks that we use names that do not overlap
Revision 1.108.2.6 / (download) - annotate - [select for diffs], Wed Jun 26 18:22:35 2002 UTC (21 years, 10 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.108.2.5: +17 -10 lines
Diff to previous 1.108.2.5 (colored) to branchpoint 1.108 (colored)
There was an update to OpenSSH 3.4, and people rejoiced.
Revision 1.134.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:38 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.134: +124 -24 lines
Diff to previous 1.134 (colored)
Pull in OpenSSH-3.4
Revision 1.142 / (download) - annotate - [select for diffs], Wed Jun 26 13:49:26 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.141: +6 -2 lines
Diff to previous 1.141 (colored)
disclose less information from environment files; based on input from djm, and dschultz@uclink.Berkeley.EDU
Revision 1.141 / (download) - annotate - [select for diffs], Wed Jun 26 08:58:26 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.140: +4 -1 lines
Diff to previous 1.140 (colored)
limit # of env vars to 1000; ok deraadt/djm
Revision 1.140 / (download) - annotate - [select for diffs], Sun Jun 23 21:06:41 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.139: +7 -7 lines
Diff to previous 1.139 (colored)
display, screen, row, col, xpixel, ypixel are u_int; markus ok
Revision 1.139 / (download) - annotate - [select for diffs], Sun Jun 23 20:39:45 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.138: +3 -3 lines
Diff to previous 1.138 (colored)
compression_level is u_int
Revision 1.108.2.5 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:17 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.108.2.4: +108 -15 lines
Diff to previous 1.108.2.4 (colored) to branchpoint 1.108 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.138 / (download) - annotate - [select for diffs], Thu Jun 20 23:05:55 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.137: +5 -1 lines
Diff to previous 1.137 (colored)
allow Compression=yes/no in sshd_config
Revision 1.137 / (download) - annotate - [select for diffs], Tue Jun 11 05:46:20 2002 UTC (21 years, 11 months ago) by mpech
Branch: MAIN
Changes since 1.136: +15 -13 lines
Diff to previous 1.136 (colored)
pid_t cleanup. Markus need this now to keep hacking. markus@, millert@ ok Note: big usr.bin/ cleanup is comming. Now I'm waiting Ok from espie@ for make/.
Revision 1.136 / (download) - annotate - [select for diffs], Mon Jun 10 22:28:41 2002 UTC (21 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.135: +91 -4 lines
Diff to previous 1.135 (colored)
move creation of agent socket to session.c; no need for uidswapping in channel.c.
Revision 1.74.2.6 / (download) - annotate - [select for diffs], Sun Jun 2 22:56:11 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.74.2.5: +75 -80 lines
Diff to previous 1.74.2.5 (colored) to branchpoint 1.74 (colored) next main 1.75 (colored)
Upgrade to OpenSSH 3.2.3. Except for improbable compilation error fixes, this should be the last commit made to the 2.9-STABLE branche. Have fun upgrading.
Revision 1.108.2.4 / (download) - annotate - [select for diffs], Fri May 17 00:03:24 2002 UTC (22 years ago) by miod
Branch: OPENBSD_3_0
Changes since 1.108.2.3: +75 -80 lines
Diff to previous 1.108.2.3 (colored) to branchpoint 1.108 (colored)
Update OpenSSH to version 3.2.2.
Revision 1.135 / (download) - annotate - [select for diffs], Thu May 16 22:09:59 2002 UTC (22 years ago) by stevesk
Branch: MAIN
Changes since 1.134: +2 -2 lines
Diff to previous 1.134 (colored)
don't limit xauth pathlen on client side and longer print length on server when debug; ok markus@ patch from pin@math.chalmers.se
Revision 1.134 / (download) - annotate - [select for diffs], Fri Mar 29 18:59:31 2002 UTC (22 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.133: +12 -14 lines
Diff to previous 1.133 (colored)
retrieve last login time before the pty is allocated, store per session
Revision 1.133 / (download) - annotate - [select for diffs], Thu Mar 28 15:34:51 2002 UTC (22 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.132: +6 -4 lines
Diff to previous 1.132 (colored)
do not call record_login twice (for use_privsep)
Revision 1.132 / (download) - annotate - [select for diffs], Tue Mar 19 10:49:35 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.131: +2 -2 lines
Diff to previous 1.131 (colored)
KNF whitespace
Revision 1.131 / (download) - annotate - [select for diffs], Tue Mar 19 10:35:39 2002 UTC (22 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)
clean up prototypes
Revision 1.130 / (download) - annotate - [select for diffs], Mon Mar 18 17:50:31 2002 UTC (22 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.129: +58 -51 lines
Diff to previous 1.129 (colored)
integrate privilege separated openssh; its turned off by default for now. work done by me and markus@
Revision 1.129 / (download) - annotate - [select for diffs], Mon Mar 18 03:41:08 2002 UTC (22 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.128: +2 -14 lines
Diff to previous 1.128 (colored)
move auth_approval into getpwnamallow with help from millert@
Revision 1.74.2.5 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:45 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.74.2.4: +301 -265 lines
Diff to previous 1.74.2.4 (colored) to branchpoint 1.74 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.42.2.8 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:43 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.42.2.7: +314 -275 lines
Diff to previous 1.42.2.7 (colored) to branchpoint 1.42 (colored) next main 1.43 (colored)
Merge OpenSSH 3.1.
Revision 1.108.2.3 / (download) - annotate - [select for diffs], Fri Mar 8 15:17:18 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_3_0
Changes since 1.108.2.2: +3 -3 lines
Diff to previous 1.108.2.2 (colored) to branchpoint 1.108 (colored)
apply the necessary openbsd30_3.1.patch patch. -- Ok'd by markus@
Revision 1.108.2.2 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:47 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.108.2.1: +301 -265 lines
Diff to previous 1.108.2.1 (colored) to branchpoint 1.108 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.128 / (download) - annotate - [select for diffs], Sat Feb 16 00:51:44 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.127: +2 -2 lines
Diff to previous 1.127 (colored)
typo
Revision 1.127 / (download) - annotate - [select for diffs], Fri Feb 15 23:11:26 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.126: +211 -172 lines
Diff to previous 1.126 (colored)
split do_child(), ok mouring@
Revision 1.126 / (download) - annotate - [select for diffs], Thu Feb 14 23:28:00 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.125: +3 -2 lines
Diff to previous 1.125 (colored)
increase the SSH v2 window size to 4 packets. comsumes a little bit more memory for slow receivers but increases througput.
Revision 1.125 / (download) - annotate - [select for diffs], Sat Feb 9 17:37:34 2002 UTC (22 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.124: +5 -5 lines
Diff to previous 1.124 (colored)
move ssh config files to /etc/ssh
Revision 1.124 / (download) - annotate - [select for diffs], Wed Feb 6 14:37:22 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.123: +5 -9 lines
Diff to previous 1.123 (colored)
minor KNF
Revision 1.123 / (download) - annotate - [select for diffs], Sun Feb 3 17:53:25 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.122: +10 -27 lines
Diff to previous 1.122 (colored)
don't use channel_input_channel_request and callback use new server_input_channel_req() instead: server_input_channel_req does generic request parsing on server side session_input_channel_req handles just session specific things now ok djm@
Revision 1.122 / (download) - annotate - [select for diffs], Tue Jan 29 22:46:41 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.121: +2 -1 lines
Diff to previous 1.121 (colored)
don't depend on servconf.c; ok djm@
Revision 1.121 / (download) - annotate - [select for diffs], Tue Jan 29 16:29:02 2002 UTC (22 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.120: +3 -3 lines
Diff to previous 1.120 (colored)
limit subsystem length in log; ok markus@
Revision 1.120 / (download) - annotate - [select for diffs], Tue Jan 29 14:32:03 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.119: +3 -3 lines
Diff to previous 1.119 (colored)
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
Revision 1.119 / (download) - annotate - [select for diffs], Sun Jan 27 14:57:46 2002 UTC (22 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.118: +3 -3 lines
Diff to previous 1.118 (colored)
add X11UseLocalhost; ok markus@
Revision 1.118 / (download) - annotate - [select for diffs], Sat Jan 26 16:44:22 2002 UTC (22 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.117: +10 -39 lines
Diff to previous 1.117 (colored)
revert code to add x11 localhost display authorization entry for hostname/unix:d and uts.nodename/unix:d if nodename was different than hostname. just add entry for unix:d instead. ok markus@
Revision 1.117 / (download) - annotate - [select for diffs], Fri Dec 28 14:50:54 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.116: +3 -3 lines
Diff to previous 1.116 (colored)
packet_read* no longer return the packet length, since it's not used.
Revision 1.116 / (download) - annotate - [select for diffs], Fri Dec 28 12:14:27 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.115: +13 -13 lines
Diff to previous 1.115 (colored)
s/packet_done/packet_check_eom/ (end-of-message); ok djm@
Revision 1.115 / (download) - annotate - [select for diffs], Thu Dec 27 20:39:58 2001 UTC (22 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.114: +4 -4 lines
Diff to previous 1.114 (colored)
get rid of packet_integrity_check, use packet_done() instead.
Revision 1.114 / (download) - annotate - [select for diffs], Thu Dec 20 16:37:29 2001 UTC (22 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.113: +2 -2 lines
Diff to previous 1.113 (colored)
setup x11 listen socket for just one connect if the client requests so. (v2 only, but the openssh client does not support this feature).
Revision 1.113 / (download) - annotate - [select for diffs], Wed Dec 19 15:43:11 2001 UTC (22 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.112: +39 -10 lines
Diff to previous 1.112 (colored)
handle utsname.nodename case for FamilyLocal X authorization; ok markus@
Revision 1.112 / (download) - annotate - [select for diffs], Wed Dec 19 07:18:56 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.111: +24 -24 lines
Diff to previous 1.111 (colored)
basic KNF done while i was looking for something else
Revision 1.111 / (download) - annotate - [select for diffs], Thu Dec 6 18:09:23 2001 UTC (22 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.110: +2 -3 lines
Diff to previous 1.110 (colored)
strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
Revision 1.108.2.1 / (download) - annotate - [select for diffs], Wed Dec 5 19:31:48 2001 UTC (22 years, 5 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.108: +15 -12 lines
Diff to previous 1.108 (colored)
Update to OpenSSH-3.0.2 from patch by markus.
Revision 1.74.2.4 / (download) - annotate - [select for diffs], Mon Dec 3 00:36:34 2001 UTC (22 years, 5 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.74.2.3: +15 -12 lines
Diff to previous 1.74.2.3 (colored) to branchpoint 1.74 (colored)
Upgrade OpenSSH to version 3.0.2.
Revision 1.110 / (download) - annotate - [select for diffs], Sat Dec 1 21:41:48 2001 UTC (22 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.109: +15 -12 lines
Diff to previous 1.109 (colored)
don't pass user defined variables to /usr/bin/login
Revision 1.109 / (download) - annotate - [select for diffs], Thu Nov 29 21:10:51 2001 UTC (22 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.108: +35 -18 lines
Diff to previous 1.108 (colored)
sshd X11 fake server will now listen on localhost by default: $ echo $DISPLAY localhost:12.0 $ netstat -an|grep 6012 tcp 0 0 127.0.0.1.6012 *.* LISTEN tcp6 0 0 ::1.6012 *.* LISTEN sshd_config gatewayports=yes can be used to revert back to the old behavior. will control this with another option later. ok markus@
Revision 1.74.2.3 / (download) - annotate - [select for diffs], Thu Nov 15 00:15:19 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.74.2.2: +59 -54 lines
Diff to previous 1.74.2.2 (colored) to branchpoint 1.74 (colored)
Merge OpenSSH 3.0
Revision 1.42.2.7 / (download) - annotate - [select for diffs], Thu Nov 15 00:15:00 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.42.2.6: +59 -54 lines
Diff to previous 1.42.2.6 (colored) to branchpoint 1.42 (colored)
Merge OpenSSH 3.0
Revision 1.108 / (download) - annotate - [select for diffs], Thu Oct 11 13:45:21 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.107: +12 -2 lines
Diff to previous 1.107 (colored)
delay detach of session if a channel gets closed but the child is still alive. however, release pty, since the fd's to the child are already closed.
Revision 1.107 / (download) - annotate - [select for diffs], Wed Oct 10 22:18:47 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.106: +11 -18 lines
Diff to previous 1.106 (colored)
try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
Revision 1.106 / (download) - annotate - [select for diffs], Tue Oct 9 21:59:41 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.105: +21 -23 lines
Diff to previous 1.105 (colored)
simplify session close: no more delayed session_close, no more blocking wait() calls.
Revision 1.105 / (download) - annotate - [select for diffs], Tue Oct 9 19:32:49 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.104: +14 -6 lines
Diff to previous 1.104 (colored)
stat subsystem command before calling do_exec, and return error to client.
Revision 1.104 / (download) - annotate - [select for diffs], Tue Oct 9 10:12:08 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.103: +11 -11 lines
Diff to previous 1.103 (colored)
chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
Revision 1.103 / (download) - annotate - [select for diffs], Sat Oct 6 00:36:42 2001 UTC (22 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.102: +8 -12 lines
Diff to previous 1.102 (colored)
fix typo in error message, sync with do_exec_nopty
Revision 1.74.2.2 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:55 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.74.2.1: +285 -256 lines
Diff to previous 1.74.2.1 (colored) to branchpoint 1.74 (colored)
Pull in OpenSSH-2.9.9
Revision 1.42.2.6 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:42 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.42.2.5: +285 -256 lines
Diff to previous 1.42.2.5 (colored) to branchpoint 1.42 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.102 / (download) - annotate - [select for diffs], Sun Sep 16 14:46:54 2001 UTC (22 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.101: +13 -13 lines
Diff to previous 1.101 (colored)
calls krb_afslog() after setting $HOME; mattiasa@e.kth.se; fixes pr 1943
Revision 1.101 / (download) - annotate - [select for diffs], Fri Sep 14 18:59:11 2001 UTC (22 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)
command=xxx overwrites subsystems, too
Revision 1.100 / (download) - annotate - [select for diffs], Thu Aug 16 19:18:34 2001 UTC (22 years, 9 months ago) by jakob
Branch: MAIN
Changes since 1.99: +1 -20 lines
Diff to previous 1.99 (colored)
deprecate CheckMail. ok markus@ ----------------------------------------------------------------------
Revision 1.99 / (download) - annotate - [select for diffs], Mon Jul 9 07:04:53 2001 UTC (22 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)
correct type on last arg to execl(); nordin@cse.ogi.edu
Revision 1.98 / (download) - annotate - [select for diffs], Mon Jul 2 13:59:15 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.97: +17 -1 lines
Diff to previous 1.97 (colored)
wait until !session_have_children(); bugreport from Lutz.Jaenicke@aet.TU-Cottbus.DE
Revision 1.97 / (download) - annotate - [select for diffs], Wed Jun 27 02:12:53 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.96: +6 -5 lines
Diff to previous 1.96 (colored)
quick hack to make ssh2 work again.
Revision 1.96 / (download) - annotate - [select for diffs], Tue Jun 26 16:15:24 2001 UTC (22 years, 10 months ago) by dugsong
Branch: MAIN
Changes since 1.95: +77 -15 lines
Diff to previous 1.95 (colored)
Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
Revision 1.95 / (download) - annotate - [select for diffs], Mon Jun 25 08:25:39 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)
update copyright for 2001
Revision 1.94 / (download) - annotate - [select for diffs], Sat Jun 23 15:12:20 2001 UTC (22 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.93: +34 -33 lines
Diff to previous 1.93 (colored)
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
Revision 1.93 / (download) - annotate - [select for diffs], Thu Jun 21 21:08:25 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.92: +1 -2 lines
Diff to previous 1.92 (colored)
don't reset forced_command (we allow multiple login shells in ssh2); dwd@bell-labs.com
Revision 1.92 / (download) - annotate - [select for diffs], Tue Jun 19 15:40:45 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.91: +8 -13 lines
Diff to previous 1.91 (colored)
allocate and free at the same level.
Revision 1.91 / (download) - annotate - [select for diffs], Tue Jun 19 14:09:45 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.90: +6 -1 lines
Diff to previous 1.90 (colored)
disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
Revision 1.90 / (download) - annotate - [select for diffs], Tue Jun 19 12:34:09 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.89: +34 -29 lines
Diff to previous 1.89 (colored)
cleanup forced command handling, from dwd@bell-labs.com
Revision 1.89 / (download) - annotate - [select for diffs], Wed Jun 13 09:10:31 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)
typo, use pid not s->pid, mstone@cs.loyola.edu
Revision 1.42.2.5 / (download) - annotate - [select for diffs], Tue Jun 12 22:47:36 2001 UTC (22 years, 11 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.42.2.4: +5 -77 lines
Diff to previous 1.42.2.4 (colored) to branchpoint 1.42 (colored)
Pull in patch from current: Errata: sshd(8) allows users to delete arbitrary files named "cookies" if X11 forwarding is enabled. X11 forwarding is disabled by default. Fix (markus): - use fatal_register_cleanup instead of atexit, sync with x11 authdir handling - switch uid when cleaning up tmp files and sockets; reported by zen-parse@gmx.net on bugtraq
Revision 1.74.2.1 / (download) - annotate - [select for diffs], Tue Jun 12 22:31:48 2001 UTC (22 years, 11 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.74: +5 -77 lines
Diff to previous 1.74 (colored)
Pull in patch from current: Fix (markus): - use fatal_register_cleanup instead of atexit, sync with x11 authdir handling - switch uid when cleaning up tmp files and sockets; reported by zen-parse@gmx.net on bugtraq
Revision 1.88 / (download) - annotate - [select for diffs], Tue Jun 12 21:30:57 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.87: +1 -2 lines
Diff to previous 1.87 (colored)
unused
Revision 1.87 / (download) - annotate - [select for diffs], Tue Jun 12 21:21:29 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.86: +4 -53 lines
Diff to previous 1.86 (colored)
remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since we do already trust $HOME/.ssh you can use .ssh/sshrc and .ssh/environment if you want to customize the location of the xauth cookies
Revision 1.86 / (download) - annotate - [select for diffs], Tue Jun 12 16:10:38 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.85: +32 -58 lines
Diff to previous 1.85 (colored)
merge ssh1/ssh2 tty msg parse and alloc code
Revision 1.85 / (download) - annotate - [select for diffs], Tue Jun 12 10:58:29 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.84: +26 -42 lines
Diff to previous 1.84 (colored)
merge session_free into session_close() merge pty_cleanup_proc into session_pty_cleanup()
Revision 1.84 / (download) - annotate - [select for diffs], Mon Jun 11 10:18:24 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.83: +9 -2 lines
Diff to previous 1.83 (colored)
reset pointer to NULL after xfree(); report from solar@openwall.com
Revision 1.83 / (download) - annotate - [select for diffs], Thu Jun 7 22:25:02 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.82: +2 -6 lines
Diff to previous 1.82 (colored)
don't overwrite errno delay deletion of the xauth cookie
Revision 1.82 / (download) - annotate - [select for diffs], Tue Jun 5 16:46:19 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.81: +4 -5 lines
Diff to previous 1.81 (colored)
let session_close() delete the pty. deny x11fwd if xauthfile is set.
Revision 1.81 / (download) - annotate - [select for diffs], Mon Jun 4 23:16:16 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.80: +64 -95 lines
Diff to previous 1.80 (colored)
merge ssh1/2 x11-fwd setup, create listener after tmp-dir
Revision 1.80 / (download) - annotate - [select for diffs], Mon Jun 4 21:59:43 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.79: +12 -9 lines
Diff to previous 1.79 (colored)
switch uid when cleaning up tmp files and sockets; reported by zen-parse@gmx.net on bugtraq
Revision 1.79 / (download) - annotate - [select for diffs], Sun Jun 3 14:55:39 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.78: +8 -6 lines
Diff to previous 1.78 (colored)
use fatal_register_cleanup instead of atexit, sync with x11 authdir handling
Revision 1.78 / (download) - annotate - [select for diffs], Thu May 31 10:30:16 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)
undo the .c file split, just merge the header and keep the cvs history
Revision 1.77 / (download) - annotate - [select for diffs], Wed May 30 12:55:13 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.76: +2 -3 lines
Diff to previous 1.76 (colored)
channel layer cleanup: merge header files and split .c files
Revision 1.76 / (download) - annotate - [select for diffs], Sat May 19 00:36:40 2001 UTC (23 years ago) by djm
Branch: MAIN
Changes since 1.75: +10 -2 lines
Diff to previous 1.75 (colored)
Disable X11 forwarding if xauth binary is not found. Patch from Nalin Dahyabhai <nalin@redhat.com>; ok markus@
Revision 1.42.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:33 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.42.2.3: +136 -123 lines
Diff to previous 1.42.2.3 (colored) to branchpoint 1.42 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.75 / (download) - annotate - [select for diffs], Thu May 3 15:45:15 2001 UTC (23 years ago) by markus
Branch: MAIN
Changes since 1.74: +5 -4 lines
Diff to previous 1.74 (colored)
exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au
Revision 1.74 / (download) - annotate - [select for diffs], Tue Apr 17 19:34:25 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.73: +13 -10 lines
Diff to previous 1.73 (colored)
move auth_approval to do_authenticated(). do_child(): nuke hostkeys from memory don't source .ssh/rc for subsystems.
Revision 1.73 / (download) - annotate - [select for diffs], Mon Apr 16 08:19:31 2001 UTC (23 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.72: +43 -13 lines
Diff to previous 1.72 (colored)
Split motd and hushlogin checks into seperate functions, helps for portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@
Revision 1.72 / (download) - annotate - [select for diffs], Sat Apr 14 16:33:20 2001 UTC (23 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.71: +6 -7 lines
Diff to previous 1.71 (colored)
protocol 2 tty modes support; ok markus@
Revision 1.71 / (download) - annotate - [select for diffs], Fri Apr 6 21:00:12 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.70: +4 -4 lines
Diff to previous 1.70 (colored)
do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
Revision 1.70 / (download) - annotate - [select for diffs], Thu Apr 5 15:48:18 2001 UTC (23 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.69: +5 -14 lines
Diff to previous 1.69 (colored)
move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
Revision 1.69 / (download) - annotate - [select for diffs], Sun Mar 25 13:16:11 2001 UTC (23 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.68: +7 -5 lines
Diff to previous 1.68 (colored)
PrintLastLog option; from chip@valinux.com with some minor changes by me. ok markus@
Revision 1.68 / (download) - annotate - [select for diffs], Sun Mar 25 00:01:34 2001 UTC (23 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.67: +2 -11 lines
Diff to previous 1.67 (colored)
shorten; ok markus@
Revision 1.67 / (download) - annotate - [select for diffs], Fri Mar 23 14:28:32 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.66: +5 -1 lines
Diff to previous 1.66 (colored)
ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
Revision 1.66 / (download) - annotate - [select for diffs], Wed Mar 21 21:06:30 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.65: +2 -1 lines
Diff to previous 1.65 (colored)
missing init; from mib@unimelb.edu.au
Revision 1.42.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:28 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.42.2.2: +77 -73 lines
Diff to previous 1.42.2.2 (colored) to branchpoint 1.42 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.12.2.5 / (download) - annotate - [select for diffs], Wed Mar 21 18:53:03 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12.2.4: +77 -73 lines
Diff to previous 1.12.2.4 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.65 / (download) - annotate - [select for diffs], Wed Mar 21 11:43:44 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.64: +42 -51 lines
Diff to previous 1.64 (colored)
merge common ssh v1/2 code
Revision 1.64 / (download) - annotate - [select for diffs], Tue Mar 20 19:35:29 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.63: +9 -10 lines
Diff to previous 1.63 (colored)
rename
Revision 1.63 / (download) - annotate - [select for diffs], Tue Mar 20 19:21:21 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.62: +12 -12 lines
Diff to previous 1.62 (colored)
remove unused arg
Revision 1.62 / (download) - annotate - [select for diffs], Tue Mar 20 18:57:04 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.61: +8 -6 lines
Diff to previous 1.61 (colored)
add changes need for BSD_AUTH plus disabled BSD_AUTH code
Revision 1.61 / (download) - annotate - [select for diffs], Fri Mar 16 19:06:30 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.60: +6 -11 lines
Diff to previous 1.60 (colored)
implement "permitopen" key option, restricts -L style forwarding to to specified host:port pairs. based on work by harlan@genua.de
Revision 1.60 / (download) - annotate - [select for diffs], Thu Mar 15 22:07:08 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.59: +60 -57 lines
Diff to previous 1.59 (colored)
pass Session to do_child + KNF
Revision 1.12.2.4 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:14 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12.2.3: +68 -41 lines
Diff to previous 1.12.2.3 (colored) to branchpoint 1.12 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.59 / (download) - annotate - [select for diffs], Sun Mar 4 01:46:30 2001 UTC (23 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.58: +3 -3 lines
Diff to previous 1.58 (colored)
Rename pty.[ch] -> sshpty.[ch] and login.[ch] to sshlogin.[ch] to avoid header conflicts in portable; ok markus@
Revision 1.58 / (download) - annotate - [select for diffs], Fri Mar 2 18:54:31 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
make copyright lines the same format
Revision 1.57 / (download) - annotate - [select for diffs], Fri Feb 23 15:37:45 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.56: +10 -4 lines
Diff to previous 1.56 (colored)
handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
Revision 1.42.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:19:21 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.42.2.1: +0 -0 lines
Diff to previous 1.42.2.1 (colored) to branchpoint 1.42 (colored)
Pull in OpenSSH-2.5.1
Revision 1.42.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:13:13 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.42: +68 -41 lines
Diff to previous 1.42 (colored)
Pull in OpenSSH 2.5.0
Revision 1.56 / (download) - annotate - [select for diffs], Fri Feb 16 14:03:43 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.55: +10 -4 lines
Diff to previous 1.55 (colored)
proper payload-length check for x11 w/o screen-number
Revision 1.55 / (download) - annotate - [select for diffs], Thu Feb 8 19:30:52 2001 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.54: +2 -1 lines
Diff to previous 1.54 (colored)
sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
Revision 1.54 / (download) - annotate - [select for diffs], Thu Feb 8 17:11:23 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)
%i -> %d
Revision 1.53 / (download) - annotate - [select for diffs], Sun Feb 4 15:32:25 2001 UTC (23 years, 3 months ago) by stevesk
Branch: MAIN
Changes since 1.52: +4 -4 lines
Diff to previous 1.52 (colored)
unexpand and remove end-of-line whitespace; ok markus@
Revision 1.52 / (download) - annotate - [select for diffs], Sat Feb 3 10:08:37 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)
make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
Revision 1.51 / (download) - annotate - [select for diffs], Sun Jan 21 19:05:56 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.50: +9 -6 lines
Diff to previous 1.50 (colored)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
Revision 1.50 / (download) - annotate - [select for diffs], Fri Jan 19 15:55:11 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.49: +11 -9 lines
Diff to previous 1.49 (colored)
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
Revision 1.49 / (download) - annotate - [select for diffs], Thu Jan 18 17:00:00 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.48: +3 -6 lines
Diff to previous 1.48 (colored)
1) removes fake skey from sshd, since this will be much harder with /usr/libexec/auth/login_XXX 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) 3) make addition of BSD_AUTH and other challenge reponse methods easier.
Revision 1.48 / (download) - annotate - [select for diffs], Sat Jan 13 18:43:31 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
Wall
Revision 1.47 / (download) - annotate - [select for diffs], Sat Jan 13 18:32:50 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.46: +4 -5 lines
Diff to previous 1.46 (colored)
split out keepalive from packet_interactive (from dale@accentre.com) set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jan 4 22:41:03 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.45: +5 -5 lines
Diff to previous 1.45 (colored)
consistent use of _PATH_BSHELL; from stevesk@pobox.com
Revision 1.45 / (download) - annotate - [select for diffs], Tue Dec 19 23:17:58 2000 UTC (23 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.44: +11 -11 lines
Diff to previous 1.44 (colored)
replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' with u_char.
Revision 1.44 / (download) - annotate - [select for diffs], Tue Nov 14 23:44:19 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.43: +5 -1 lines
Diff to previous 1.43 (colored)
check no_agent_forwarding_flag for ssh-2, too
Revision 1.12.2.3 / (download) - annotate - [select for diffs], Wed Nov 8 21:31:14 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12.2.2: +67 -24 lines
Diff to previous 1.12.2.2 (colored) to branchpoint 1.12 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.43 / (download) - annotate - [select for diffs], Mon Nov 6 23:04:56 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.42: +16 -1 lines
Diff to previous 1.42 (colored)
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
Revision 1.42 / (download) - annotate - [select for diffs], Fri Oct 27 07:32:18 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.41: +3 -2 lines
Diff to previous 1.41 (colored)
enable non-blocking IO on channels, and tty's (except for the client ttys).
Revision 1.41 / (download) - annotate - [select for diffs], Wed Oct 18 18:42:00 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.40: +8 -6 lines
Diff to previous 1.40 (colored)
restore old record login behaviour
Revision 1.40 / (download) - annotate - [select for diffs], Sun Oct 15 14:14:01 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
typos; from stevesk@sweden.hp.com
Revision 1.39 / (download) - annotate - [select for diffs], Sat Oct 14 12:12:09 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.38: +6 -2 lines
Diff to previous 1.38 (colored)
AllowTcpForwarding; from naddy@
Revision 1.38 / (download) - annotate - [select for diffs], Wed Oct 11 20:27:23 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.37: +1 -2 lines
Diff to previous 1.37 (colored)
new cipher framework
Revision 1.37 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:53 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.36: +28 -3 lines
Diff to previous 1.36 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.36 / (download) - annotate - [select for diffs], Tue Sep 5 08:59:57 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.35: +3 -2 lines
Diff to previous 1.35 (colored)
print hostname (not hushlogin)
Revision 1.35 / (download) - annotate - [select for diffs], Mon Sep 4 19:07:21 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.34: +6 -7 lines
Diff to previous 1.34 (colored)
fix get_last_login_time order; from andre@van-veen.de
Revision 1.34 / (download) - annotate - [select for diffs], Mon Sep 4 19:06:03 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.33: +9 -2 lines
Diff to previous 1.33 (colored)
set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
Revision 1.33 / (download) - annotate - [select for diffs], Mon Sep 4 19:03:40 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.32: +9 -4 lines
Diff to previous 1.32 (colored)
missing close; ok theo
Revision 1.12.2.2 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:22 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12.2.1: +228 -133 lines
Diff to previous 1.12.2.1 (colored) to branchpoint 1.12 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.32 / (download) - annotate - [select for diffs], Thu Aug 31 22:05:42 2000 UTC (23 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
Wall
Revision 1.31 / (download) - annotate - [select for diffs], Mon Aug 28 03:50:54 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
print uid/gid as unsigned
Revision 1.30 / (download) - annotate - [select for diffs], Fri Aug 25 16:10:05 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
Wall
Revision 1.29 / (download) - annotate - [select for diffs], Mon Aug 21 16:23:31 2000 UTC (23 years, 9 months ago) by millert
Branch: MAIN
Changes since 1.28: +4 -5 lines
Diff to previous 1.28 (colored)
Fix incorrect PATH setting; noted by Markus.
Revision 1.28 / (download) - annotate - [select for diffs], Sun Aug 20 18:42:40 2000 UTC (23 years, 9 months ago) by millert
Branch: MAIN
Changes since 1.27: +68 -8 lines
Diff to previous 1.27 (colored)
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Aug 20 18:30:59 2000 UTC (23 years, 9 months ago) by millert
Branch: MAIN
Changes since 1.26: +11 -9 lines
Diff to previous 1.26 (colored)
Only check /etc/nologin if "UseLogin no" since login(1) may have its own policy on determining who is allowed to login when /etc/nologin is present. Also use the _PATH_NOLOGIN define.
Revision 1.26 / (download) - annotate - [select for diffs], Sun Aug 20 18:25:53 2000 UTC (23 years, 9 months ago) by millert
Branch: MAIN
Changes since 1.25: +6 -4 lines
Diff to previous 1.25 (colored)
We have to stash the result of get_remote_name_or_ip() before we close our socket or getpeername() will get EBADF and the process will exit. Only a problem for "UseLogin yes".
Revision 1.25 / (download) - annotate - [select for diffs], Thu Aug 17 20:06:34 2000 UTC (23 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.24: +18 -5 lines
Diff to previous 1.24 (colored)
sshd -u len, similar to telnetd
Revision 1.24 / (download) - annotate - [select for diffs], Thu Aug 17 20:05:10 2000 UTC (23 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.23: +67 -86 lines
Diff to previous 1.23 (colored)
cleanup login(1)-like jobs, no duplicate utmp entries
Revision 1.23 / (download) - annotate - [select for diffs], Tue Jul 11 08:11:33 2000 UTC (23 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.22: +9 -3 lines
Diff to previous 1.22 (colored)
make MaxStartups code still work with -d; djm
Revision 1.22 / (download) - annotate - [select for diffs], Wed Jul 5 20:18:07 2000 UTC (23 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
use no_x11_forwarding_flag correctly; provos ok
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jun 26 21:59:18 2000 UTC (23 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.20: +5 -1 lines
Diff to previous 1.20 (colored)
MaxStartups: limit number of unauthenticated connections, work by theo and me
Revision 1.20 / (download) - annotate - [select for diffs], Sun Jun 18 04:42:54 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.19: +2 -1 lines
Diff to previous 1.19 (colored)
typo
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jun 18 04:05:02 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.18: +44 -29 lines
Diff to previous 1.18 (colored)
split auth-rsa option parsing into auth-options add options support to authorized_keys2
Revision 1.18 / (download) - annotate - [select for diffs], Sat Jun 17 22:52:33 2000 UTC (23 years, 11 months ago) by jakob
Branch: MAIN
Changes since 1.17: +13 -1 lines
Diff to previous 1.17 (colored)
add support for ssh v2 subsystems. ok markus@.
Revision 1.12.2.1 / (download) - annotate - [select for diffs], Mon Jun 12 02:37:35 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12: +47 -25 lines
Diff to previous 1.12 (colored)
lovin' CVS... update patch branch to OpenSSH-2.1.1
Revision 1.17 / (download) - annotate - [select for diffs], Mon Jun 5 19:53:40 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.16: +5 -1 lines
Diff to previous 1.16 (colored)
allow use_login only for login sessions, otherwise remote commands are execed with uid==0
Revision 1.16 / (download) - annotate - [select for diffs], Wed May 31 06:36:40 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.15: +16 -16 lines
Diff to previous 1.15 (colored)
xauth_location support; pr 1234
Revision 1.15 / (download) - annotate - [select for diffs], Tue May 30 17:23:37 2000 UTC (23 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.14: +2 -3 lines
Diff to previous 1.14 (colored)
don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via kris@FreeBSD.org
Revision 1.14 / (download) - annotate - [select for diffs], Thu May 25 03:10:18 2000 UTC (23 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.13: +23 -11 lines
Diff to previous 1.13 (colored)
just some line shortening
Revision 1.13 / (download) - annotate - [select for diffs], Mon May 22 16:51:44 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.12: +11 -4 lines
Diff to previous 1.12 (colored)
make x11-fwd work w/ localhost (xauth add host/unix:11)
Revision 1.12 / (download) - annotate - [select for diffs], Wed May 3 18:03:07 2000 UTC (24 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
GatewayPorts for sshd, ok deraadt@
Revision 1.11 / (download) - annotate - [select for diffs], Tue May 2 12:44:38 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
use c-style comments
Revision 1.10 / (download) - annotate - [select for diffs], Tue May 2 08:05:32 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.9: +3 -1 lines
Diff to previous 1.9 (colored)
update proctitle for proto 1, too
Revision 1.9 / (download) - annotate - [select for diffs], Tue May 2 07:32:44 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.8: +34 -3 lines
Diff to previous 1.8 (colored)
update proctitle on pty alloc/dealloc, e.g. w/ windows client
Revision 1.8 / (download) - annotate - [select for diffs], Sat Apr 29 16:06:08 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.7: +3 -2 lines
Diff to previous 1.7 (colored)
don't call chan_write_failed() if we are not writing
Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 28 08:10:20 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.6: +83 -7 lines
Diff to previous 1.6 (colored)
support for x11-fwding, client+server
Revision 1.6 / (download) - annotate - [select for diffs], Thu Apr 27 15:23:02 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.5: +1 -2 lines
Diff to previous 1.5 (colored)
cleanup logging for sshd/2, respect PasswordAuth no
Revision 1.5 / (download) - annotate - [select for diffs], Wed Apr 19 09:24:39 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.4: +7 -3 lines
Diff to previous 1.4 (colored)
remove bogus chan_read_failed. this could cause data corruption (missing data) at end of a SSH2 session.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 14 10:30:33 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.3: +8 -8 lines
Diff to previous 1.3 (colored)
whitespace cleanup
Revision 1.3 / (download) - annotate - [select for diffs], Fri Apr 14 10:09:16 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.2: +13 -5 lines
Diff to previous 1.2 (colored)
check payload for (illegal) extra data
Revision 1.2 / (download) - annotate - [select for diffs], Thu Apr 6 08:55:22 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.1: +319 -9 lines
Diff to previous 1.1 (colored)
ssh2 server side, see README.openssh2; enable with 'sshd -2'
Revision 1.1 / (download) - annotate - [select for diffs], Tue Mar 28 21:15:45 2000 UTC (24 years, 1 month ago) by markus
Branch: MAIN
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal