contrib
crank version numbers
2020-02-12 09:28:35 +11:00
openbsd-compat
Constify aix_krb5_get_principal_name.
2020-02-17 22:53:24 +11:00
regress
upstream: regress test for sshd_config Include directive; from Jakub
2020-02-01 10:28:33 +11:00
.depend
depend
2020-02-06 12:02:22 +11:00
.gitignore
Add config.log to .gitignore
2020-01-16 13:27:23 +11:00
.skipped-commit-ids
upstream: Update moduli generation script to new ssh-keygen
2020-02-21 11:11:08 +11:00
CREDITS
convert to UTF-8; from Mike Frysinger
2019-07-29 09:49:23 +10:00
INSTALL
Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/
2020-02-18 20:24:44 +11:00
LICENCE
convert to UTF-8; from Mike Frysinger
2019-07-29 09:49:23 +10:00
Makefile.in
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
OVERVIEW
upstream: refer to OpenSSL not SSLeay;
2018-10-23 16:57:54 +11:00
PROTOCOL
upstream: Fix some typos and an incorrect word in docs. Patch from
2020-02-21 12:27:23 +11:00
PROTOCOL.agent
…
PROTOCOL.certkeys
upstream: document the "no-touch-required" certificate extension;
2019-11-25 12:25:53 +11:00
PROTOCOL.chacha20poly1305
upstream: Fix some typos and an incorrect word in docs. Patch from
2020-02-21 12:27:23 +11:00
PROTOCOL.key
…
PROTOCOL.krl
…
PROTOCOL.mux
upstream: Document mux proxy mode; added by Markus in openssh-7.4
2018-09-26 17:35:22 +10:00
PROTOCOL.sshsig
upstream: sshsig tweaks and improvements from and suggested by
2019-09-03 18:40:24 +10:00
PROTOCOL.u2f
upstream: Fix some typos and an incorrect word in docs. Patch from
2020-02-21 12:27:23 +11:00
README
crank version numbers
2020-02-12 09:28:35 +11:00
README.dns
Minor documentation update:
2020-02-11 12:51:24 +11:00
README.md
typo; reported by Phil Pennock
2020-02-07 15:13:26 +11:00
README.platform
…
README.privsep
Privsep is now required.
2019-09-19 15:41:23 +10:00
README.tun
…
TODO
…
aclocal.m4
…
addrmatch.c
…
atomicio.c
upstream: Check for both EAGAIN and EWOULDBLOCK. This is a no-op
2019-01-24 14:40:03 +11:00
atomicio.h
upstream: move client/server SSH-* banners to buffers under
2018-12-27 14:38:22 +11:00
audit-bsm.c
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00
audit-linux.c
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00
audit.c
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00
audit.h
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00
auth-bsdauth.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
auth-krb5.c
…
auth-options.c
upstream: add a "no-touch-required" option for authorized_keys and
2019-11-25 12:23:40 +11:00
auth-options.h
upstream: add a "no-touch-required" option for authorized_keys and
2019-11-25 12:23:40 +11:00
auth-pam.c
Fix a couple of mysig_t leftovers.
2020-01-23 21:06:45 +11:00
auth-pam.h
remove PAM dependencies on old packet API
2019-01-20 10:22:18 +11:00
auth-passwd.c
check pw_passwd != NULL here too
2018-10-11 11:29:35 +11:00
auth-rhosts.c
upstream: remove some duplicate #includes
2019-10-02 10:43:47 +10:00
auth-shadow.c
…
auth-sia.c
…
auth-sia.h
…
auth.c
upstream: Add a sshd_config "Include" directive to allow inclusion
2020-02-01 10:20:24 +11:00
auth.h
remove duplicate #includes
2019-10-02 10:54:28 +10:00
auth2-chall.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
auth2-gss.c
…
auth2-hostbased.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
auth2-kbdint.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
auth2-none.c
…
auth2-passwd.c
upstream: lots of things were relying on libcrypto headers to
2019-09-06 17:54:21 +10:00
auth2-pubkey.c
upstream: Replace "security key" with "authenticator" in program
2020-02-07 09:52:59 +11:00
auth2.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
authfd.c
upstream: Allow forwarding a different agent socket to the path
2019-12-21 13:22:07 +11:00
authfd.h
upstream: Allow forwarding a different agent socket to the path
2019-12-21 13:22:07 +11:00
authfile.c
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
authfile.h
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
bitmap.c
…
bitmap.h
…
buildpkg.sh.in
…
canohost.c
upstream: When system calls indicate an error they return -1, not
2019-07-05 11:10:39 +10:00
canohost.h
…
chacha.c
…
chacha.h
…
channels.c
upstream: the GatewayPorts vs -R listen address selection logic is
2020-01-25 18:20:01 +11:00
channels.h
upstream: add a comment describing the ranges of channel IDs that
2020-01-26 10:15:13 +11:00
cipher-aes.c
…
cipher-aesctr.c
…
cipher-aesctr.h
…
cipher-chachapoly.c
…
cipher-chachapoly.h
…
cipher-ctr.c
…
cipher.c
upstream: Make zlib optional. This adds a "ZLIB" build time option
2020-01-23 21:53:54 +11:00
cipher.h
upstream: Make zlib optional. This adds a "ZLIB" build time option
2020-01-23 21:53:54 +11:00
cleanup.c
…
clientloop.c
upstream: Output (none) in debug in the case in the CheckHostIP=no case
2020-02-02 21:18:07 +11:00
clientloop.h
…
compat.c
…
compat.h
…
config.guess
…
config.sub
…
configure.ac
Check if getpeereid is actually declared.
2020-02-17 22:48:50 +11:00
crypto_api.h
upstream: Add support for a PQC KEX/KEM:
2019-01-21 22:07:02 +11:00
defines.h
Check if UINT32_MAX is defined before redefining.
2020-02-09 11:23:35 +11:00
dh.c
upstream: typo in previous
2019-09-08 14:49:04 +10:00
dh.h
upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@
2019-09-06 17:54:21 +10:00
digest-libc.c
Re-apply portability changes to current sha2.{c,h}.
2019-07-23 22:06:24 +10:00
digest-openssl.c
Remove configure test & compat code for ripemd160.
2020-01-14 12:05:00 +11:00
digest.h
…
dispatch.c
upstream: allow sshpkt_fatal() to take a varargs format; we'll
2019-01-20 09:02:20 +11:00
dispatch.h
upstream: remove last traces of old packet API!
2019-01-20 09:45:18 +11:00
dns.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
dns.h
…
ed25519.c
…
entropy.c
Fix a couple of mysig_t leftovers.
2020-01-23 21:06:45 +11:00
entropy.h
…
fatal.c
…
fe25519.c
…
fe25519.h
…
fixalgorithms
…
fixpaths
…
ge25519.c
…
ge25519.h
…
ge25519_base.data
…
groupaccess.c
upstream: Move checks for lists of users or groups into their own
2019-03-08 15:10:07 +11:00
groupaccess.h
…
gss-genr.c
…
gss-serv-krb5.c
…
gss-serv.c
…
hash.c
Wrap sha2.h include in ifdef.
2019-11-29 20:21:36 +11:00
hmac.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
hmac.h
…
hostfile.c
upstream: allow UpdateKnownHosts=yes to function when multiple
2020-01-25 11:35:56 +11:00
hostfile.h
…
includes.h
…
install-sh
…
kex.c
upstream: Make zlib optional. This adds a "ZLIB" build time option
2020-01-23 21:53:54 +11:00
kex.h
remove duplicate #includes
2019-10-02 10:54:28 +10:00
kexc25519.c
upstream: rename kex->kem_client_pub -> kex->client_pub now that
2019-01-21 23:13:03 +11:00
kexdh.c
typo
2019-01-22 10:50:40 +11:00
kexecdh.c
Put ssherr.h back as it's actually needed.
2019-10-02 14:30:55 +10:00
kexgen.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
kexgex.c
upstream: pass most arguments to the KEX hash functions as sshbuf
2019-01-23 13:02:02 +11:00
kexgexc.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
kexgexs.c
upstream: pass most arguments to the KEX hash functions as sshbuf
2019-01-23 13:02:02 +11:00
kexsntrup4591761x25519.c
new files need includes.h
2019-01-22 00:02:23 +11:00
krl.c
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
krl.h
upstream: Add protection for private keys at rest in RAM against
2019-06-21 14:24:35 +10:00
log.c
…
log.h
upstream: lots of things were relying on libcrypto headers to
2019-09-06 17:54:21 +10:00
loginrec.c
upstream: lots of things were relying on libcrypto headers to
2019-09-06 17:54:21 +10:00
loginrec.h
remove vestiges of old packet API from loginrec.c
2019-01-20 09:58:45 +11:00
logintest.c
…
mac.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
mac.h
…
match.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
match.h
upstream: Move checks for lists of users or groups into their own
2019-03-08 15:10:07 +11:00
md5crypt.c
…
md5crypt.h
…
mdoc2man.awk
…
misc.c
upstream: make IPTOS_DSCP_LE available via IPQoS directive; bz2986,
2020-01-28 12:52:46 +11:00
misc.h
upstream: add xextendf() to extend a string with a format
2020-01-25 11:27:29 +11:00
mkinstalldirs
…
moduli
Import regenerated moduli.
2020-02-20 16:42:50 +11:00
moduli.5
…
moduli.c
upstream: remove most uses of BN_CTX
2019-11-17 09:44:43 +11:00
monitor.c
upstream: Replace "security key" with "authenticator" in program
2020-02-07 09:52:59 +11:00
monitor.h
upstream: remove last references to active_state
2019-01-20 09:45:18 +11:00
monitor_fdpass.c
…
monitor_fdpass.h
…
monitor_wrap.c
upstream: allow security keys to act as host keys as well as user
2019-12-16 14:19:41 +11:00
monitor_wrap.h
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
msg.c
upstream: some __func__ and strerror(errno) here; no functional
2020-01-22 17:17:51 +11:00
msg.h
…
mux.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
myproposal.h
upstream: remove ssh-rsa (SHA1) from the list of allowed CA
2020-01-25 11:27:29 +11:00
nchan.c
upstream: When system calls indicate an error they return -1, not
2019-07-05 11:10:39 +10:00
nchan.ms
…
nchan2.ms
…
openssh.xml.in
…
opensshd.init.in
…
packet.c
upstream: have sshpkt_fatal() save/restore errno before we
2020-01-30 18:22:34 +11:00
packet.h
upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@
2019-09-06 17:54:21 +10:00
pathnames.h
upstream: enable ed25519 support; ok djm
2019-11-13 08:54:09 +11:00
pkcs11.h
…
platform-misc.c
…
platform-pledge.c
…
platform-tracing.c
…
platform.c
Add headers to prevent warnings w/out OpenSSL.
2019-07-23 22:26:20 +10:00
platform.h
…
poly1305.c
…
poly1305.h
…
progressmeter.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
progressmeter.h
upstream: Have progressmeter force an update at the beginning and
2019-01-25 06:32:14 +11:00
readconf.c
upstream: expand HostkeyAlgorithms prior to config dump, matching
2020-02-07 09:53:00 +11:00
readconf.h
upstream: Remove unsupported algorithms from list of defaults at run
2020-01-23 14:40:15 +11:00
readpass.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
rijndael.c
…
rijndael.h
…
sandbox-capsicum.c
…
sandbox-darwin.c
sandbox-darwin.c: fix missing prototypes.
2020-01-21 10:37:25 +11:00
sandbox-null.c
…
sandbox-pledge.c
…
sandbox-rlimit.c
…
sandbox-seccomp-filter.c
add clock_gettime64(2) to sandbox allowed syscalls
2020-02-03 19:40:12 +11:00
sandbox-solaris.c
…
sandbox-systrace.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
sc25519.c
…
sc25519.h
…
scp.1
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
scp.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
servconf.c
upstream: Add a sshd_config "Include" directive to allow inclusion
2020-02-01 10:20:24 +11:00
servconf.h
Use sys-queue.h from compat library.
2020-02-01 17:25:09 +11:00
serverloop.c
upstream: use sshpkt_fatal() instead of plain fatal() for
2020-01-30 18:22:34 +11:00
serverloop.h
…
session.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
session.h
upstream: Add server support for signalling sessions via the SSH
2018-10-02 22:41:01 +10:00
sftp-client.c
upstream: fix memory leak in error path; bz#3074 patch from
2019-10-04 14:34:05 +10:00
sftp-client.h
upstream: Add "-h" flag to sftp chown/chgrp/chmod commands to
2019-01-17 11:08:13 +11:00
sftp-common.c
Include unistd.h for strmode().
2019-01-24 10:07:03 +11:00
sftp-common.h
…
sftp-glob.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
sftp-realpath.c
sftp-realpath.c needs includes.h
2019-07-08 13:44:32 +10:00
sftp-server-main.c
upstream: Replace calls to ssh_malloc_init() by a static init of
2019-06-08 00:25:42 +10:00
sftp-server.8
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
sftp-server.c
upstream: add a local implementation of BSD realpath() for
2019-07-08 11:44:49 +10:00
sftp.1
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
sftp.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
sftp.h
…
sk-api.h
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
sk-usbhid.c
upstream: changes to support FIDO attestation
2020-01-29 18:52:55 +11:00
smult_curve25519_ref.c
…
sntrup4591761.c
Add includes.h for compat layer.
2019-04-01 20:07:23 +11:00
sntrup4591761.sh
upstream: Add authors for public domain sntrup4591761 code;
2019-02-01 18:55:11 +11:00
ssh-add.1
upstream: sync the description of the $SSH_SK_PROVIDER environment
2020-02-07 15:03:20 +11:00
ssh-add.c
upstream: Ensure that the key lifetime provided fits within the
2020-02-18 20:23:25 +11:00
ssh-agent.1
upstream: Replace the term "security key" with "(FIDO)
2019-12-30 14:31:40 +11:00
ssh-agent.c
upstream: Replace "security key" with "authenticator" in program
2020-02-07 09:52:59 +11:00
ssh-dss.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-ecdsa-sk.c
Fix building without openssl.
2020-01-20 21:14:46 +11:00
ssh-ecdsa.c
upstream: Make sshpkt_get_bignum2() allocate the bignum it is
2019-01-21 21:47:28 +11:00
ssh-ed25519-sk.c
Include compat header for definitions.
2020-01-14 14:28:01 +11:00
ssh-ed25519.c
…
ssh-gss.h
…
ssh-keygen.1
upstream: sync the description of the $SSH_SK_PROVIDER environment
2020-02-07 15:03:20 +11:00
ssh-keygen.c
upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
2020-02-07 14:31:02 +11:00
ssh-keyscan.1
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-keyscan.c
upstream: allow ssh-keyscan to find security key hostkeys
2019-12-16 14:19:41 +11:00
ssh-keysign.8
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-keysign.c
upstream: additional missing stdarg.h includes when built without
2019-11-20 09:27:29 +11:00
ssh-pkcs11-client.c
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-pkcs11-helper.8
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-pkcs11-helper.c
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-pkcs11.c
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-pkcs11.h
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-rsa.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-sandbox.h
…
ssh-sk-client.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
ssh-sk-helper.8
upstream: Replace the term "security key" with "(FIDO)
2019-12-30 14:31:40 +11:00
ssh-sk-helper.c
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
ssh-sk.c
upstream: Replace "security key" with "authenticator" in program
2020-02-07 09:52:59 +11:00
ssh-sk.h
upstream: pass the log-on-stderr flag and log level through to
2020-01-21 18:09:09 +11:00
ssh-xmss.c
…
ssh.1
upstream: document -F none; with jmc@
2020-02-18 20:23:25 +11:00
ssh.c
upstream: Detect and prevent simple configuration loops when using
2020-02-18 20:23:25 +11:00
ssh.h
upstream: move client/server SSH-* banners to buffers under
2018-12-27 14:38:22 +11:00
ssh2.h
…
ssh_api.c
upstream: Refactor signing - use sshkey_sign for everything,
2019-11-01 09:46:10 +11:00
ssh_api.h
…
ssh_config
upstream: Remove obsolete "Protocol" from commented out examples. Patch
2019-02-04 15:01:38 +11:00
ssh_config.5
upstream: Add ssh -Q key-sig for all key and signature types.
2020-02-07 15:03:20 +11:00
sshbuf-getput-basic.c
upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@
2019-12-14 07:17:44 +11:00
sshbuf-getput-crypto.c
upstream: remove most uses of BN_CTX
2019-11-17 09:44:43 +11:00
sshbuf-io.c
upstream: tidy headers; some junk snuck into sshbuf-misc.c and
2020-01-26 10:34:50 +11:00
sshbuf-misc.c
upstream: tidy headers; some junk snuck into sshbuf-misc.c and
2020-01-26 10:34:50 +11:00
sshbuf.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
sshbuf.h
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
sshconnect.c
upstream: when AddKeysToAgent=yes is set and the key contains no
2020-01-25 18:20:01 +11:00
sshconnect.h
upstream: when AddKeysToAgent=yes is set and the key contains no
2020-01-25 18:20:01 +11:00
sshconnect2.c
upstream: When using HostkeyAlgorithms to merely append or remove
2020-02-07 09:53:00 +11:00
sshd.8
upstream: mention that permitopen=/PermitOpen do no name to address
2020-01-25 17:04:14 +11:00
sshd.c
upstream: whitespace
2020-02-01 10:22:33 +11:00
sshd_config
…
sshd_config.5
upstream: Add ssh -Q key-sig for all key and signature types.
2020-02-07 15:03:20 +11:00
ssherr.c
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
ssherr.h
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
sshkey-xmss.c
upstream: fix shield/unshield for xmss keys: - in ssh-agent we need
2019-11-15 08:50:10 +11:00
sshkey-xmss.h
…
sshkey.c
upstream: fix ssh-keygen not displaying authenticator touch
2020-01-21 18:09:09 +11:00
sshkey.h
upstream: SK API and sk-helper error/PIN passing
2019-12-30 20:59:33 +11:00
sshlogin.c
Remove unused variable warning.
2020-02-17 22:55:51 +11:00
sshlogin.h
…
sshpty.c
Do not fatal on failed lookup of group "tty".
2019-07-05 13:23:46 +10:00
sshpty.h
…
sshsig.c
upstream: ssh-keygen -Y find-principals fixes based on feedback
2020-01-25 11:27:29 +11:00
sshsig.h
upstream: ssh-keygen -Y find-principals fixes based on feedback
2020-01-25 11:27:29 +11:00
sshtty.c
…
survey.sh.in
…
ttymodes.c
…
ttymodes.h
…
uidswap.c
explicitly test set[ug]id() return values
2019-09-13 13:15:14 +10:00
uidswap.h
…
umac.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
umac.h
upstream: Typo and spelling fixes in comments and error messages.
2019-06-08 00:49:26 +10:00
umac128.c
…
utf8.c
…
utf8.h
…
verify.c
…
version.h
upstream: openssh-8.2
2020-02-14 11:40:54 +11:00
xmalloc.c
upstream: add xvasprintf()
2019-11-13 10:15:46 +11:00
xmalloc.h
upstream: add xvasprintf()
2019-11-13 10:15:46 +11:00
xmss_commons.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_commons.h
…
xmss_fast.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_fast.h
…
xmss_hash.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_hash.h
…
xmss_hash_address.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_hash_address.h
…
xmss_wots.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_wots.h
…