From a448de907b70e9d6b2532f1e820e5c70b11dcc70 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Tue, 8 Sep 2015 14:36:07 +0200
Subject: afssh: call ssh without arguments for usage

---
 afssh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/afssh b/afssh
index 3b9d84f..c482aea 100755
--- a/afssh
+++ b/afssh
@@ -28,7 +28,7 @@ usage () {
 	echo
 	"$SAF" --help
 	echo
-	ssh --help
+	ssh
 	exit
 }
 
-- 
cgit v1.2.3


From edcfe36b273de11d04cd0e77e31bc5e8c0b1337b Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Mon, 5 Oct 2015 19:13:17 +0200
Subject: s/Invocation:/Usage:/ to make help2man recognize SYNOPSIS

---
 ssh-agent-filter.C | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 4d9b2ba..1dcbb5c 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -211,7 +211,7 @@ void parse_cmdline (int const argc, char const * const * const argv) {
 	notify(config);
 	
 	if (config.count("help")) {
-		cout << "Invocation: ssh-agent-filter [ OPTIONS ]" << endl;
+		cout << "Usage: ssh-agent-filter [ OPTIONS ]" << endl;
 		cout << opts << endl;
 		exit(EX_OK);
 	}
-- 
cgit v1.2.3


From af7125b71663fafb61fb2e097a34695bab895b01 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Wed, 10 Feb 2016 11:18:03 +0100
Subject: fix lintian spelling-error-in-manpage ssh-askpass-noinput.1.gz
 acutally actually

---
 ssh-askpass-noinput.1.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssh-askpass-noinput.1.md b/ssh-askpass-noinput.1.md
index 7b103ed..36251a4 100644
--- a/ssh-askpass-noinput.1.md
+++ b/ssh-askpass-noinput.1.md
@@ -13,7 +13,7 @@ ssh-askpass-noinput - an `ssh-askpass` implementation for asking allow/deny ques
 # DESCRIPTION
 
 *ssh-askpass-noinput* is an implementation of *ssh-askpass*, which does not
-acutally ask for a password; instead, it only asks a binary (allow/deny)
+actually ask for a password; instead, it only asks a binary (allow/deny)
 question and exits with 0 for allow and 1 for deny.
 
 It is not intended as a general replacement for *ssh-askpass*, but for special
-- 
cgit v1.2.3


From dc582af6e7a1e645402f333e200b8ff718de1b48 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Tue, 23 Aug 2016 22:03:43 +0200
Subject: clear O_NONBLOCK on client sockets

on *BSD client sockets inherit flags from the listening socket
---
 ssh-agent-filter.C | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 1dcbb5c..30aaf9a 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -497,6 +497,9 @@ rfc4251::string handle_request (rfc4251::string const & r) {
 }
 
 void handle_client (int const sock) try {
+	if (fcntl(sock, F_SETFL, fcntl(sock, F_GETFL) & ~O_NONBLOCK))
+		throw system_error(errno, system_category(), "fcntl");
+
 	io::stream<io::file_descriptor> client{sock, io::close_handle};
 	arm(client);
 	
-- 
cgit v1.2.3


From bfa8ac40e032d4d204ab6a9202531198cee9706e Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Sat, 27 Aug 2016 21:44:17 +0200
Subject: exploit more help2man features

use an include file for explanatory text
add environment, author and bug report information to the program's output
---
 Makefile                  |  4 ++--
 ssh-agent-filter.C        | 14 ++++++++++----
 ssh-agent-filter.help2man | 12 ++++++++++++
 3 files changed, 24 insertions(+), 6 deletions(-)
 create mode 100644 ssh-agent-filter.help2man

diff --git a/Makefile b/Makefile
index a0dd007..e655ff1 100644
--- a/Makefile
+++ b/Makefile
@@ -27,8 +27,8 @@ all: ssh-agent-filter.1 afssh.1 ssh-askpass-noinput.1
 %.1: %.1.md
 	pandoc -s -w man $< -o $@
 
-ssh-agent-filter.1: ssh-agent-filter
-	help2man -n $< -o $@ -N ./$<
+%.1: %.help2man %
+	help2man -i $< -o $@ -N -L C.UTF-8 $(*D)/$(*F)
 
 ssh-agent-filter: ssh-agent-filter.o
 
diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 30aaf9a..0fb6861 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -192,7 +192,7 @@ int make_listen_sock () {
 }
 
 void parse_cmdline (int const argc, char const * const * const argv) {
-	po::options_description opts{"OPTIONS"};
+	po::options_description opts{"Options"};
 	opts.add_options()
 		("all-confirmed,A",		po::bool_switch(&all_confirmed),"allow all other keys with confirmation")
 		("comment,c",			po::value(&allowed_comment),	"key specified by comment")
@@ -211,13 +211,19 @@ void parse_cmdline (int const argc, char const * const * const argv) {
 	notify(config);
 	
 	if (config.count("help")) {
-		cout << "Usage: ssh-agent-filter [ OPTIONS ]" << endl;
-		cout << opts << endl;
+		cout << "Usage: ssh-agent-filter [ OPTIONS ]\n";
+		cout << opts;
+		cout << "Environment:\n";
+		cout << "  SSH_AUTH_SOCK  socket of upstream ssh-agent\n";
+		cout << "  SSH_ASKPASS    command to run for confirmation questions\n";
 		exit(EX_OK);
 	}
 	
 	if (config.count("version")) {
-		cout << SSH_AGENT_FILTER_VERSION << endl;
+		cout << SSH_AGENT_FILTER_VERSION "\n";
+		cout << "Written by Timo Weingärtner.\n";
+		cout << "Report bugs to the Debian BTS at https://bugs.debian.org/\n";
+		cout << "or by mail to timo@tiwe.de.\n";
 		exit(EX_OK);
 	}
 
diff --git a/ssh-agent-filter.help2man b/ssh-agent-filter.help2man
new file mode 100644
index 0000000..e546c9e
--- /dev/null
+++ b/ssh-agent-filter.help2man
@@ -0,0 +1,12 @@
+[NAME]
+ssh\-agent\-filter \- filtering proxy for ssh\-agent meant to be forwarded to untrusted servers
+[DESCRIPTION]
+ssh\-agent\-filter provides the unix domain socket interface of an ssh\-agent.
+By default it forks and outputs shell code setting SSH_AUTH_SOCK and SSH_AGENT_PID, just like ssh\-agent does.
+
+It filters each request according to its command line options.
+No crypto operations are done by ssh\-agent\-filter; they are delegated to the upstream ssh\-agent.
+
+ssh\-agent\-filter is not meant to be used directly, but through afssh.
+[SEE ALSO]
+afssh(1), ssh(1), ssh\-agent(1)
-- 
cgit v1.2.3


From 7152b927e22ef602011f8acf865c3cafc113c502 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Sat, 27 Aug 2016 22:47:48 +0200
Subject: update copyright

---
 Makefile           | 2 +-
 ssh-agent-filter.C | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index e655ff1..b2e05ec 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-# Copyright (C) 2013,2015 Timo Weingärtner <timo@tiwe.de>
+# Copyright (C) 2013-2016 Timo Weingärtner <timo@tiwe.de>
 #
 # This file is part of ssh-agent-filter.
 #
diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 0fb6861..2878678 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -1,7 +1,7 @@
 /*
  * ssh-agent-filter.C -- filtering proxy for ssh-agent meant to be forwarded to untrusted servers
  *
- * Copyright (C) 2013-2015 Timo Weingärtner <timo@tiwe.de>
+ * Copyright (C) 2013-2016 Timo Weingärtner <timo@tiwe.de>
  *
  * This file is part of ssh-agent-filter.
  *
-- 
cgit v1.2.3


From d765ef1acb318e1b97481805b66f7b45f8f08f41 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Sat, 27 Aug 2016 22:51:46 +0200
Subject: release 0.4.2

---
 changelog | 43 ++++++++++++++++++++++++++++++++++++++++++-
 version.h |  2 +-
 2 files changed, 43 insertions(+), 2 deletions(-)

diff --git a/changelog b/changelog
index 39261c0..8a06f55 100644
--- a/changelog
+++ b/changelog
@@ -1,4 +1,45 @@
-commit 6bf9113ea96a99a5eb1b8f832497dd9e24857468
+commit 7152b927e22ef602011f8acf865c3cafc113c502
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2016-08-27 22:47:48 +0200
+
+    update copyright
+
+commit bfa8ac40e032d4d204ab6a9202531198cee9706e
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2016-08-27 21:44:17 +0200
+
+    exploit more help2man features
+    
+    use an include file for explanatory text
+    add environment, author and bug report information to the program's output
+
+commit dc582af6e7a1e645402f333e200b8ff718de1b48
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2016-08-23 22:03:43 +0200
+
+    clear O_NONBLOCK on client sockets
+    
+    on *BSD client sockets inherit flags from the listening socket
+
+commit af7125b71663fafb61fb2e097a34695bab895b01
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2016-02-10 11:18:03 +0100
+
+    fix lintian spelling-error-in-manpage ssh-askpass-noinput.1.gz acutally actually
+
+commit edcfe36b273de11d04cd0e77e31bc5e8c0b1337b
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2015-10-05 19:13:17 +0200
+
+    s/Invocation:/Usage:/ to make help2man recognize SYNOPSIS
+
+commit a448de907b70e9d6b2532f1e820e5c70b11dcc70
+Author: Timo Weingärtner <timo@tiwe.de>
+Date:   2015-09-08 14:36:07 +0200
+
+    afssh: call ssh without arguments for usage
+
+commit c9dfa57b7a06c5b0770e11d210e02ace54518644 (tag: 0.4.1)
 Author: Timo Weingärtner <timo@tiwe.de>
 Date:   2015-09-06 16:41:22 +0200
 
diff --git a/version.h b/version.h
index d36b567..6d8ba97 100644
--- a/version.h
+++ b/version.h
@@ -1 +1 @@
-#define SSH_AGENT_FILTER_VERSION "ssh-agent-filter 0.4.1"
+#define SSH_AGENT_FILTER_VERSION "ssh-agent-filter 0.4.2"
-- 
cgit v1.2.3