.github
Output test debug logs on failure.
2020-08-07 15:37:37 +10:00
contrib
Add ssh-sk-helper and manpage to RPM spec file
2020-07-20 13:09:25 +10:00
openbsd-compat
Wrap stdint.h include in ifdef HAVE_STDINT_H.
2020-08-17 21:34:32 +10:00
regress
Skip ECDSA-SK webauthn test when built w/out ECC
2020-07-20 22:12:07 +10:00
.depend
depend
2020-05-29 14:49:16 +10:00
.gitignore
upstream: basic unit test for sshsig.[ch], including FIDO keys
2020-06-19 16:06:06 +10:00
.skipped-commit-ids
upstream: clang -Wimplicit-fallthrough does not recognise /*
2020-08-03 14:27:50 +10:00
aclocal.m4
Use argv in OSSH_CHECK_CFLAG_COMPILE test.
2020-07-28 19:40:30 +10:00
addrmatch.c
atomicio.c
atomicio.h
audit-bsm.c
audit-linux.c
audit.c
audit.h
auth2-chall.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
auth2-gss.c
auth2-hostbased.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
auth2-kbdint.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
auth2-none.c
auth2-passwd.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
auth2-pubkey.c
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
auth2.c
Always send any PAM account messages.
2020-08-07 17:14:56 +10:00
auth-bsdauth.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
auth-krb5.c
auth-options.c
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
auth-options.h
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
auth-pam.c
document a PAM spec problem in a frustrated comment
2020-06-26 16:07:24 +10:00
auth-pam.h
auth-passwd.c
auth-rhosts.c
upstream: make IgnoreRhosts a tri-state option: "yes" ignore
2020-04-17 14:03:36 +10:00
auth-shadow.c
auth-sia.c
auth-sia.h
auth.c
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
auth.h
remove duplicate #includes
2019-10-02 10:54:28 +10:00
authfd.c
upstream: constify a few things; ok dtucker (as part of another
2020-06-26 15:24:28 +10:00
authfd.h
upstream: constify a few things; ok dtucker (as part of another
2020-06-26 15:24:28 +10:00
authfile.c
upstream: avoid spurious "Unable to load host key" message when
2020-06-19 15:51:04 +10:00
authfile.h
upstream: factor out reading/writing sshbufs to dedicated
2020-01-26 10:18:42 +11:00
bitmap.c
bitmap.h
buildpkg.sh.in
canohost.c
canohost.h
chacha.c
chacha.h
channels.c
upstream: put back the mux_ctx memleak fix, but only for channels of
2020-07-03 17:26:23 +10:00
channels.h
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
cipher-aes.c
cipher-aesctr.c
cipher-aesctr.h
cipher-chachapoly-libcrypto.c
Fix conditional for openssl-based chacha20.
2020-05-01 09:21:52 +10:00
cipher-chachapoly.c
Include openssl-compat.h before checking ifdefs.
2020-04-06 20:54:34 +10:00
cipher-chachapoly.h
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
2020-04-03 15:36:57 +11:00
cipher-ctr.c
cipher.c
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
2020-04-03 15:36:57 +11:00
cipher.h
upstream: Make zlib optional. This adds a "ZLIB" build time option
2020-01-23 21:53:54 +11:00
cleanup.c
clientloop.c
upstream: Only reset the serveralive check when we receive traffic from
2020-07-03 15:16:37 +10:00
clientloop.h
upstream: make failures when establishing "Tunnel" forwarding terminate
2020-04-03 13:42:33 +11:00
compat.c
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
compat.h
upstream: Remove now-unused proto_spec and associated definitions.
2020-06-04 11:03:39 +10:00
config.guess
sync config.guess/config.sub with latest versions
2020-05-08 13:32:12 +10:00
config.sub
sync config.guess/config.sub with latest versions
2020-05-08 13:32:12 +10:00
configure.ac
Remove check for 'ent' command.
2020-08-21 00:07:48 +10:00
CREDITS
convert to UTF-8; from Mike Frysinger
2019-07-29 09:49:23 +10:00
crypto_api.h
defines.h
Use LONG_LONG_MAX and friends if available.
2020-05-01 18:41:40 +10:00
dh.c
upstream: typo in previous
2019-09-08 14:49:04 +10:00
dh.h
upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@
2019-09-06 17:54:21 +10:00
digest-libc.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
digest-openssl.c
Remove configure test & compat code for ripemd160.
2020-01-14 12:05:00 +11:00
digest.h
dispatch.c
dispatch.h
dns.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
dns.h
ed25519.c
entropy.c
Fix a couple of mysig_t leftovers.
2020-01-23 21:06:45 +11:00
entropy.h
fatal.c
fe25519.c
fe25519.h
fixalgorithms
fixpaths
ge25519_base.data
ge25519.c
ge25519.h
groupaccess.c
groupaccess.h
gss-genr.c
gss-serv-krb5.c
gss-serv.c
upstream: spelling errors in comments; no code change from
2020-03-14 19:39:09 +11:00
hash.c
Wrap sha2.h include in ifdef.
2019-11-29 20:21:36 +11:00
hmac.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
hmac.h
hostfile.c
upstream: avoid spurious error message when ssh-keygen creates files
2020-06-26 15:44:47 +10:00
hostfile.h
upstream: Defer creation of ~/.ssh by ssh(1) until we attempt to
2020-06-26 15:24:27 +10:00
includes.h
INSTALL
Document --without-openssl and --without-zlib.
2020-08-07 14:26:20 +10:00
install-sh
kex.c
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
kex.h
remove duplicate #includes
2019-10-02 10:54:28 +10:00
kexc25519.c
kexdh.c
upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@
2020-05-27 10:09:18 +10:00
kexecdh.c
Put ssherr.h back as it's actually needed.
2019-10-02 14:30:55 +10:00
kexgen.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
kexgex.c
kexgexc.c
upstream: Add new structure for signature options
2019-11-25 12:23:33 +11:00
kexgexs.c
kexsntrup4591761x25519.c
krl.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
krl.h
upstream: give ssh-keygen the ability to dump the contents of a
2020-04-03 13:33:25 +11:00
LICENCE
convert to UTF-8; from Mike Frysinger
2019-07-29 09:49:23 +10:00
log.c
upstream: when redirecting sshd's log output to a file, undo this
2020-07-03 17:03:54 +10:00
log.h
upstream: lots of things were relying on libcrypto headers to
2019-09-06 17:54:21 +10:00
loginrec.c
support NetBSD's utmpx.ut_ss address field
2020-08-05 08:58:57 +10:00
loginrec.h
logintest.c
mac.c
remove duplicate #includes
2019-10-02 10:54:28 +10:00
mac.h
Makefile.in
Remove check for 'ent' command.
2020-08-21 00:07:48 +10:00
match.c
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
match.h
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
md5crypt.c
md5crypt.h
mdoc2man.awk
misc.c
upstream: handle EINTR in waitfd() and timeout_connect() helpers;
2020-06-26 15:25:24 +10:00
misc.h
upstream: Make dollar_expand variadic and pass a real va_list to
2020-05-29 21:53:37 +10:00
mkinstalldirs
moduli
upstream: Import regenerated moduli file.
2020-06-04 11:04:22 +10:00
moduli.5
moduli.c
upstream: remove most uses of BN_CTX
2019-11-17 09:44:43 +11:00
monitor_fdpass.c
monitor_fdpass.h
monitor_wrap.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
monitor_wrap.h
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
monitor.c
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
monitor.h
msg.c
upstream: allow sshd_config longer than 256k; ok djm
2020-06-26 15:18:07 +10:00
msg.h
mux.c
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
myproposal.h
upstream: remove ssh-rsa (SHA1) from the list of allowed CA
2020-01-25 11:27:29 +11:00
nchan2.ms
nchan.c
nchan.ms
openssh.xml.in
opensshd.init.in
OVERVIEW
packet.c
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
packet.h
upstream: sshpkt_fatal() does not return; ok djm
2020-03-13 13:13:30 +11:00
pathnames.h
upstream: enable ed25519 support; ok djm
2019-11-13 08:54:09 +11:00
pkcs11.h
platform-misc.c
platform-pledge.c
platform-tracing.c
platform.c
Add headers to prevent warnings w/out OpenSSL.
2019-07-23 22:26:20 +10:00
platform.h
poly1305.c
poly1305.h
progressmeter.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
progressmeter.h
PROTOCOL
upstream: some language improvements; ok markus
2020-07-15 15:07:42 +10:00
PROTOCOL.agent
PROTOCOL.certkeys
upstream: document the "no-touch-required" certificate extension;
2019-11-25 12:25:53 +11:00
PROTOCOL.chacha20poly1305
upstream: Fix some typos and an incorrect word in docs. Patch from
2020-02-21 12:27:23 +11:00
PROTOCOL.key
PROTOCOL.krl
PROTOCOL.mux
upstream: spelling errors in comments; no code change from
2020-03-14 19:39:09 +11:00
PROTOCOL.sshsig
upstream: correct RFC number; from HARUYAMA Seigo via GH PR191
2020-06-12 15:28:01 +10:00
PROTOCOL.u2f
upstream: Add support for FIDO webauthn (verification only).
2020-06-22 16:27:27 +10:00
readconf.c
upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
2020-08-27 11:27:01 +10:00
readconf.h
upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
2020-08-27 11:27:01 +10:00
README
prepare for 8.3 release
2020-05-12 12:58:46 +10:00
README.dns
Minor documentation update:
2020-02-11 12:51:24 +11:00
README.md
typo; reported by Phil Pennock
2020-02-07 15:13:26 +11:00
README.platform
README.privsep
Privsep is now required.
2019-09-19 15:41:23 +10:00
README.tun
readpass.c
upstream: let the "Confirm user presence for key ..." ssh-askpass
2020-08-27 11:26:26 +10:00
rijndael.c
rijndael.h
sandbox-capsicum.c
sandbox-darwin.c
sandbox-darwin.c: fix missing prototypes.
2020-01-21 10:37:25 +11:00
sandbox-null.c
sandbox-pledge.c
sandbox-rlimit.c
sandbox-seccomp-filter.c
Add sys/syscall.h for syscall numbers.
2020-04-15 10:58:02 +10:00
sandbox-solaris.c
sandbox-systrace.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
sc25519.c
sc25519.h
scp.1
upstream: allow -A to explicitly enable agent forwarding in scp and
2020-08-03 14:27:59 +10:00
scp.c
upstream: allow -A to explicitly enable agent forwarding in scp and
2020-08-03 14:27:59 +10:00
servconf.c
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
servconf.h
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
serverloop.c
upstream: start ClientAliveInterval bookkeeping before first pass
2020-07-03 17:03:53 +10:00
serverloop.h
session.c
Adjust portable code to match changes in 939d787d,
2020-07-15 15:30:43 +10:00
session.h
sftp-client.c
upstream: fix off-by-one error that caused sftp downloads to make
2020-05-27 10:09:19 +10:00
sftp-client.h
sftp-common.c
sftp-common.h
sftp-glob.c
upstream: stdarg.h required more broadly; ok djm
2019-11-15 08:50:10 +11:00
sftp-realpath.c
sftp-server-main.c
sftp-server.8
upstream: supply word missing in previous;
2020-06-26 15:18:07 +10:00
sftp-server.c
upstream: log error message for process_write() write failures
2020-07-17 13:52:46 +10:00
sftp.1
upstream: allow -A to explicitly enable agent forwarding in scp and
2020-08-03 14:27:59 +10:00
sftp.c
upstream: allow -A to explicitly enable agent forwarding in scp and
2020-08-03 14:27:59 +10:00
sftp.h
sk-api.h
upstream: preserve verify-required for resident FIDO keys
2020-08-27 11:28:36 +10:00
sk-usbhid.c
upstream: preserve verify-required for resident FIDO keys
2020-08-27 11:28:36 +10:00
smult_curve25519_ref.c
sntrup4591761.c
sntrup4591761.sh
ssh2.h
ssh_api.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
ssh_api.h
ssh_config
upstream: Add a '%k' TOKEN that expands to the effective HostKey of
2020-07-17 13:52:46 +10:00
ssh_config.5
upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
2020-08-27 11:27:01 +10:00
ssh-add.1
upstream: allow some additional control over the use of ssh-askpass
2020-07-15 15:08:10 +10:00
ssh-add.c
upstream: allow "ssh-add -d -" to read keys to be deleted from
2020-06-26 15:24:28 +10:00
ssh-agent.1
upstream: better terminology for permissions; feedback & ok markus@
2020-06-22 16:11:14 +10:00
ssh-agent.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
ssh-dss.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
ssh-ecdsa-sk.c
upstream: some clarifying comments
2020-06-26 15:18:07 +10:00
ssh-ecdsa.c
ssh-ed25519-sk.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
ssh-ed25519.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
ssh-gss.h
ssh-keygen.1
upstream: Request PIN ahead of time for certain FIDO actions
2020-08-27 11:28:36 +10:00
ssh-keygen.c
upstream: Request PIN ahead of time for certain FIDO actions
2020-08-27 11:28:36 +10:00
ssh-keyscan.1
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-keyscan.c
upstream: ssh-keyscan(1): simplify conloop() with timercmp(3),
2020-08-27 11:27:01 +10:00
ssh-keysign.8
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-keysign.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
ssh-pkcs11-client.c
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-pkcs11-helper.8
upstream: tweak the Nd lines for a bit of consistency; ok markus
2019-12-11 19:08:22 +11:00
ssh-pkcs11-helper.c
upstream: remove unused variables in ssh-pkcs11-helper; ok djm
2020-03-13 13:18:31 +11:00
ssh-pkcs11.c
upstream: fix compilation on !HAVE_DLOPEN platforms; stub function
2020-05-29 13:28:47 +10:00
ssh-pkcs11.h
upstream: expose PKCS#11 key labels/X.509 subjects as comments
2020-01-25 11:35:55 +11:00
ssh-rsa.c
ssh-sandbox.h
ssh-sk-client.c
upstream: Replace all calls to signal(2) with a wrapper around
2020-01-23 18:51:25 +11:00
ssh-sk-helper.8
upstream: Replace the term "security key" with "(FIDO)
2019-12-30 14:31:40 +11:00
ssh-sk-helper.c
upstream: fix memleak of signature; from Pedro Martelletto
2020-05-27 10:14:45 +10:00
ssh-sk.c
upstream: preserve verify-required for resident FIDO keys
2020-08-27 11:28:36 +10:00
ssh-sk.h
upstream: pass the log-on-stderr flag and log level through to
2020-01-21 18:09:09 +11:00
ssh-xmss.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
ssh.1
upstream: start sentence with capital letter;
2020-07-17 13:23:34 +10:00
ssh.c
upstream: Also compare username when checking for JumpHost loops.
2020-08-03 14:27:18 +10:00
ssh.h
upstream: allow some additional control over the use of ssh-askpass
2020-07-15 15:08:10 +10:00
sshbuf-getput-basic.c
upstream: make sshbuf_putb(b, NULL) a no-op
2020-06-05 13:28:29 +10:00
sshbuf-getput-crypto.c
upstream: remove most uses of BN_CTX
2019-11-17 09:44:43 +11:00
sshbuf-io.c
upstream: tidy headers; some junk snuck into sshbuf-misc.c and
2020-01-26 10:34:50 +11:00
sshbuf-misc.c
upstream: support for RFC4648 base64url encoding; ok markus
2020-06-22 16:11:14 +10:00
sshbuf.c
upstream: change explicit_bzero();free() to freezero()
2020-02-28 12:26:28 +11:00
sshbuf.h
upstream: support for RFC4648 base64url encoding; ok markus
2020-06-22 16:11:14 +10:00
sshconnect2.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
sshconnect.c
upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
2020-08-27 11:27:01 +10:00
sshconnect.h
upstream: when AddKeysToAgent=yes is set and the key contains no
2020-01-25 18:20:01 +11:00
sshd_config
sshd_config.5
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
sshd.8
upstream: support for requiring user verified FIDO keys in sshd
2020-08-27 11:28:36 +10:00
sshd.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
ssherr.c
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
ssherr.h
upstream: improve the error message for u2f enrollment errors by
2020-01-26 10:18:42 +11:00
sshkey-xmss.c
upstream: fix shield/unshield for xmss keys: - in ssh-agent we need
2019-11-15 08:50:10 +11:00
sshkey-xmss.h
sshkey.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
sshkey.h
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
sshlogin.c
Remove unused variable warning.
2020-02-17 22:55:51 +11:00
sshlogin.h
sshpty.c
sshpty.h
sshsig.c
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
sshsig.h
upstream: support for user-verified FIDO keys
2020-08-27 11:28:36 +10:00
sshtty.c
survey.sh.in
TODO
ttymodes.c
ttymodes.h
uidswap.c
explicitly test set[ug]id() return values
2019-09-13 13:15:14 +10:00
uidswap.h
umac128.c
umac.c
upstream: spelling errors in comments; no code change from
2020-03-14 19:39:09 +11:00
umac.h
utf8.c
upstream: expose vasnmprintf(); ok (as part of other commit) markus
2020-05-01 16:40:11 +10:00
utf8.h
upstream: expose vasnmprintf(); ok (as part of other commit) markus
2020-05-01 16:40:11 +10:00
verify.c
version.h
upstream: openssh-8.3; ok deraadt@
2020-05-07 15:39:00 +10:00
xmalloc.c
upstream: add xvasprintf()
2019-11-13 10:15:46 +11:00
xmalloc.h
upstream: add xvasprintf()
2019-11-13 10:15:46 +11:00
xmss_commons.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_commons.h
xmss_fast.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_fast.h
xmss_hash_address.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_hash_address.h
xmss_hash.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_hash.h
xmss_wots.c
wrap stdint.h include in HAVE_STDINT_H
2019-10-09 09:06:35 +11:00
xmss_wots.h