History log of /openssh-portable/readconf.c (Results 1 - 25 of 606)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# b9225c3a 23-Feb-2021 dtucker@openbsd.org

upstream: Put obsolete aliases for hostbasedalgorithms and

pubkeyacceptedalgorithms after their current names so that the config-dump
mode finds and uses the current names. Spotted by P

upstream: Put obsolete aliases for hostbasedalgorithms and

pubkeyacceptedalgorithms after their current names so that the config-dump
mode finds and uses the current names. Spotted by Phil Pennock.

OpenBSD-Commit-ID: 5dd10e93cccfaff3aaaa09060c917adff04a9b15

show more ...


# da0a9afc 15-Feb-2021 markus@openbsd.org

upstream: ssh: add PermitRemoteOpen for remote dynamic forwarding

with SOCKS ok djm@, dtucker@

OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c


# e9f78d6b 26-Jan-2021 dtucker@openbsd.org

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to
PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok
djm@

OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e

show more ...


# ee9c0da8 21-Jan-2021 dtucker@openbsd.org

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted.

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted. Some key
types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
so the old name is becoming increasingly misleading. The old name is
retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@

OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5

show more ...


# 6cb52d5b 07-Jan-2021 djm@openbsd.org

upstream: make CheckHostIP default to 'no'. It doesn't provide any

perceptible value and makes it much harder for hosts to change host keys,
particularly ones that use IP-based load-bala

upstream: make CheckHostIP default to 'no'. It doesn't provide any

perceptible value and makes it much harder for hosts to change host keys,
particularly ones that use IP-based load-balancing.

ok dtucker@

OpenBSD-Commit-ID: 0db98413e82074f78c7d46784b1286d08aee78f0

show more ...


# 0121aa87 21-Dec-2020 tb@openbsd.org

upstream: Remove lines accidentally left behind in the ProxyJump

parsing fix r1.345.

ok djm

OpenBSD-Commit-ID: fe767c108c8117bea33767b080ff62eef2c55f5c


# da4bf0db 21-Dec-2020 djm@openbsd.org

upstream: add a ssh_config KnownHostsCommand that allows the client

to obtain known_hosts data from a command in addition to the usual files.

The command accepts bunch of %-expansio

upstream: add a ssh_config KnownHostsCommand that allows the client

to obtain known_hosts data from a command in addition to the usual files.

The command accepts bunch of %-expansions, including details of the
connection and the offered server host key. Note that the command may
be invoked up to three times per connection (see the manpage for
details).

ok markus@

OpenBSD-Commit-ID: 2433cff4fb323918ae968da6ff38feb99b4d33d0

show more ...


# a11ca015 21-Dec-2020 djm@openbsd.org

upstream: properly fix ProxyJump parsing; Thanks to tb@ for

pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).
Reported by Raf Czlonka via bugs@

ok tb@

upstream: properly fix ProxyJump parsing; Thanks to tb@ for

pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).
Reported by Raf Czlonka via bugs@

ok tb@

OpenBSD-Commit-ID: a2991a3794bcaf1ca2b025212cce11cdb5f6b7d6

show more ...


# 43026da0 17-Dec-2020 djm@openbsd.org

upstream: prepare readconf.c for fuzzing; remove fatal calls and

fix some (one-off) memory leaks; ok markus@

OpenBSD-Commit-ID: 91c6aec57b0e7aae9190de188e9fe8933aad5ec5


# 2bcbf679 30-Nov-2020 dtucker@openbsd.org

upstream: Ignore comments at the end of config lines in ssh_config,

similar to what we already do for sshd_config. bz#2320, with & ok djm@

OpenBSD-Commit-ID: bdbf9fc5bc72b1a14266f5

upstream: Ignore comments at the end of config lines in ssh_config,

similar to what we already do for sshd_config. bz#2320, with & ok djm@

OpenBSD-Commit-ID: bdbf9fc5bc72b1a14266f5f61723ed57307a6db4

show more ...


# 5b9720f9 15-Nov-2020 djm@openbsd.org

upstream: revert r1.341; it breaks ProxyJump; reported by sthen@

OpenBSD-Commit-ID: 6ac2f945b26cb86d936eed338f77861d6da8356a


# add926dd 11-Nov-2020 djm@openbsd.org

upstream: fix logic error that broke URI parsing in ProxyJump

directives; ok dtucker@

OpenBSD-Commit-ID: 96d48839b1704882a0e9a77898f5e14b2d222705


# 816036f1 18-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8


# 793b583d 16-Oct-2020 djm@openbsd.org

upstream: LogVerbose keyword for ssh and sshd

Allows forcing maximum debug logging by file/function/line pattern-
lists.

ok markus@

OpenBSD-Commit-ID: c294c25732d1b4fe7

upstream: LogVerbose keyword for ssh and sshd

Allows forcing maximum debug logging by file/function/line pattern-
lists.

ok markus@

OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356

show more ...


# e79957e8 06-Oct-2020 djm@openbsd.org

upstream: disable UpdateHostkeys by default if VerifyHostKeyDNS is

enabled; suggested by Mark D. Baushke

OpenBSD-Commit-ID: 85a1b88592c81bc85df7ee7787dbbe721a0542bf


# 396d32f3 03-Oct-2020 djm@openbsd.org

upstream: There are lots of place where we want to redirect stdin,

stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of w

upstream: There are lots of place where we want to redirect stdin,

stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of which of these to redirect.
ok markus@

OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099

show more ...


# 1286981d 03-Oct-2020 djm@openbsd.org

upstream: enable UpdateHostkeys by default when the configuration

has not overridden UserKnownHostsFile; ok markus@ "The timing is perfect"
deraadt@

OpenBSD-Commit-ID: 62df71c9c

upstream: enable UpdateHostkeys by default when the configuration

has not overridden UserKnownHostsFile; ok markus@ "The timing is perfect"
deraadt@

OpenBSD-Commit-ID: 62df71c9c5242da5763cb473c2a2deefbd0cef60

show more ...


Revision tags: V_8_4_P1
# c1e76c64 26-Aug-2020 djm@openbsd.org

upstream: remove unreachable code I forgot to delete in r1.334

OpenBSD-Commit-ID: 9ed6078251a0959ee8deda443b9ae42484fd8b18


# d0a195c8 11-Aug-2020 djm@openbsd.org

upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time

limit for keys in addition to its current flag options. Time-limited keys
will automatically be removed from ssh-agent

upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time

limit for keys in addition to its current flag options. Time-limited keys
will automatically be removed from ssh-agent after their expiry time has
passed; ok markus@

OpenBSD-Commit-ID: 792e71cacbbc25faab5424cf80bee4a006119f94

show more ...


# a2855c04 17-Jul-2020 dtucker@openbsd.org

upstream: Add %k to the TOKENs for Match Exec for consistency with

the other keywords that recently got %k.

OpenBSD-Commit-ID: 1857d1c40f270cbc254fca91e66110641dddcfdb


# 6d755706 05-Jul-2020 djm@openbsd.org

upstream: some language improvements; ok markus

OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8


# 4a1b46e6 29-May-2020 dtucker@openbsd.org

upstream: Allow some keywords to expand shell-style ${ENV}

environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityF

upstream: Allow some keywords to expand shell-style ${ENV}

environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
LocalForward and RemoteForward when used for Unix domain socket paths. This
would for example allow forwarding of Unix domain socket paths that change at
runtime. bz#3140, ok djm@

OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa

show more ...


# 16ea1fdb 27-May-2020 djm@openbsd.org

upstream: fix crash in recallocarray when deleting SendEnv

variables; spotted by & ok sthen@

OpenBSD-Commit-ID: b881e8e849edeec5082b5c0a87d8d7cff091a8fd


Revision tags: V_8_3_P1
# 2c169011 23-Apr-2020 dtucker@openbsd.org

upstream: Fix incorrect error message for "too many known hosts files."

bz#3149, patch from jjelen at redhat.com.

OpenBSD-Commit-ID: e0fcb07ed5cf7fd54ce340471a747c24454235e5


# eece2436 02-Apr-2020 dtucker@openbsd.org

upstream: %C expansion just added to Match Exec should include

remote user not local user.

OpenBSD-Commit-ID: 80f1d976938f2a55ee350c11d8b796836c8397e2


12345678910>>...25