contrib
update version numbers ahead of release
2018-10-12 09:47:20 +11:00
openbsd-compat
unbreak compilation with --with-ssl-engine
2018-10-17 08:12:02 +11:00
regress
really add source for authopt_fuzz this time
2018-09-15 19:36:55 +10:00
.depend
update depends
2018-10-11 13:08:59 +11:00
.gitignore
Fuzzer harnesses for sig verify and pubkey parsing
2017-09-08 12:44:13 +10:00
.skipped-commit-ids
upstream: Import updated moduli.
2018-09-21 09:41:59 +10:00
aclocal.m4
Better detection of unsupported compiler options.
2018-06-08 13:55:59 +10:00
addrmatch.c
upstream: fix some memory leaks spotted by Coverity via Jakub Jelen
2018-07-31 13:13:26 +10:00
atomicio.c
atomicio.h
audit-bsm.c
Remove key.h from portable files too.
2018-07-12 14:57:46 +10:00
audit-linux.c
audit.c
Include unistd.h for geteuid declaration.
2018-07-13 13:40:20 +10:00
audit.h
auth2-chall.c
Remove support for S/Key
2018-07-31 12:59:30 +10:00
auth2-gss.c
upstream: delay bailout for invalid authentic
2018-07-31 13:13:26 +10:00
auth2-hostbased.c
upstream: Add sshd_config CASignatureAlgorithms option to allow
2018-09-20 14:00:29 +10:00
auth2-kbdint.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth2-none.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth2-passwd.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth2-pubkey.c
upstream: Add sshd_config CASignatureAlgorithms option to allow
2018-09-20 14:00:29 +10:00
auth2.c
upstream: hold our collective noses and use the openssl-1.1.x API in
2018-09-13 12:12:33 +10:00
auth-bsdauth.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth-krb5.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth-options.c
upstream: Allow ssh_config IdentityAgent directive to accept
2018-10-03 16:39:58 +10:00
auth-options.h
upstream: permitlisten option for authorized_keys; ok markus@
2018-06-07 04:27:20 +10:00
auth-pam.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
auth-pam.h
upstream: switch over to the new authorized_keys options API and
2018-03-03 14:37:16 +11:00
auth-passwd.c
check pw_passwd != NULL here too
2018-10-11 11:29:35 +11:00
auth-rhosts.c
upstream: sshd: switch authentication to sshbuf API; ok djm@
2018-07-10 15:27:43 +10:00
auth-shadow.c
Remove key.h from portable files too.
2018-07-12 14:57:46 +10:00
auth-sia.c
Remove key.h from portable files too.
2018-07-12 14:57:46 +10:00
auth-sia.h
auth-skey.c
Remove key.h from portable files too.
2018-07-12 14:57:46 +10:00
auth.c
upstream: log certificate fingerprint in authentication
2018-09-12 16:48:18 +10:00
auth.h
Remove support for S/Key
2018-07-31 12:59:30 +10:00
authfd.c
upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@
2018-07-10 16:44:17 +10:00
authfd.h
upstream: remove prototype to long-gone function
2018-07-12 14:36:12 +10:00
authfile.c
upstream: In sshkey_in_file(), ignore keys that are considered for
2018-09-21 22:49:09 +10:00
authfile.h
bitmap.c
upstream commit
2017-10-20 12:58:35 +11:00
bitmap.h
upstream commit
2017-10-20 12:58:35 +11:00
buildpkg.sh.in
canohost.c
canohost.h
chacha.c
chacha.h
channels.c
upstream: factor out channel status formatting from
2018-10-04 17:50:22 +10:00
channels.h
upstream: include a little more information about the status and
2018-10-04 10:44:49 +10:00
cipher-aes.c
cipher-aesctr.c
cipher-aesctr.h
cipher-chachapoly.c
cipher-chachapoly.h
cipher-ctr.c
cipher.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
cipher.h
upstream: hold our collective noses and use the openssl-1.1.x API in
2018-09-13 12:12:33 +10:00
cleanup.c
clientloop.c
upstream: Allow ssh_config ForwardX11Timeout=0 to disable the
2018-09-21 22:49:27 +10:00
clientloop.h
upstream: client: switch to sshbuf API; ok djm@
2018-07-10 15:14:26 +10:00
compat.c
upstream: revert compat.[ch] section of the following change. It
2018-08-13 12:42:13 +10:00
compat.h
upstream: revert compat.[ch] section of the following change. It
2018-08-13 12:42:13 +10:00
config.guess
config.sub
configure.ac
Require OpenSSL 1.1.x series 1.1.0g or greater
2018-10-17 11:01:20 +11:00
crc32.c
crc32.h
CREDITS
crypto_api.h
crypto_api.h needs includes.h
2018-01-24 12:20:44 +11:00
defines.h
Remove support for S/Key
2018-07-31 12:59:30 +10:00
dh.c
upstream: When choosing a prime from the moduli file, avoid
2018-09-20 14:00:11 +10:00
dh.h
upstream: hold our collective noses and use the openssl-1.1.x API in
2018-09-13 12:12:33 +10:00
digest-libc.c
upstream commit
2017-05-10 11:41:21 +10:00
digest-openssl.c
upstream: hold our collective noses and use the openssl-1.1.x API in
2018-09-13 12:12:33 +10:00
digest.h
upstream commit
2017-05-10 11:41:21 +10:00
dispatch.c
upstream commit
2017-06-01 14:53:33 +10:00
dispatch.h
upstream commit
2017-06-01 14:53:33 +10:00
dns.c
upstream: Add experimental support for PQC XMSS keys (Extended
2018-02-26 11:40:41 +11:00
dns.h
upstream: Add experimental support for PQC XMSS keys (Extended
2018-02-26 11:40:41 +11:00
ed25519.c
entropy.c
Adapt portable to legacy buffer API removal
2018-07-10 19:39:52 +10:00
entropy.h
Adapt portable to legacy buffer API removal
2018-07-10 19:39:52 +10:00
fatal.c
fe25519.c
fe25519.h
fixalgorithms
fixpaths
ge25519_base.data
ge25519.c
ge25519.h
groupaccess.c
Handle ngroups>_SC_NGROUPS_MAX.
2018-09-07 14:41:53 +10:00
groupaccess.h
gss-genr.c
upstream: kerberos/gssapi fixes for buffer removal
2018-07-10 19:15:35 +10:00
gss-serv-krb5.c
upstream: sshd: switch GSSAPI to sshbuf API; ok djm@
2018-07-10 15:28:30 +10:00
gss-serv.c
upstream: sshd: switch GSSAPI to sshbuf API; ok djm@
2018-07-10 15:28:30 +10:00
hash.c
upstream commit
2018-01-23 16:35:07 +11:00
hmac.c
hmac.h
hostfile.c
upstream: memleaks; found by valgrind
2018-07-16 13:12:20 +10:00
hostfile.h
includes.h
portability for sftp globbed ls sort by mtime
2017-06-10 23:41:25 +10:00
INSTALL
Remove support for S/Key
2018-07-31 12:59:30 +10:00
install-sh
Pull in newer install-sh from autoconf-2.69.
2017-12-01 17:07:08 +11:00
kex.c
upstream: Revert previous two commits
2018-07-10 15:13:41 +10:00
kex.h
repair !WITH_OPENSSL build
2018-07-13 11:41:33 +10:00
kexc25519.c
kexc25519c.c
upstream commit
2017-12-19 15:21:37 +11:00
kexc25519s.c
upstream commit
2017-10-20 12:58:18 +11:00
kexdh.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
kexdhc.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
kexdhs.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
kexecdh.c
kexecdhc.c
upstream commit
2018-02-08 09:26:27 +11:00
kexecdhs.c
upstream commit
2018-02-08 09:26:27 +11:00
kexgex.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
kexgexc.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
kexgexs.c
upstream: explicit_bzero here to be consistent with other kex*.c;
2018-10-04 10:42:34 +10:00
krl.c
upstream: allow key revocation by SHA256 hash and allow ssh-keygen
2018-09-12 16:49:21 +10:00
krl.h
upstream: allow key revocation by SHA256 hash and allow ssh-keygen
2018-09-12 16:49:21 +10:00
LICENCE
log.c
upstream: avoid expensive channel_open_message() calls; ok djm@
2018-07-31 12:20:13 +10:00
log.h
upstream: avoid expensive channel_open_message() calls; ok djm@
2018-07-31 12:20:13 +10:00
loginrec.c
upstream: remove legacy key emulation layer; ok djm@
2018-07-12 13:18:25 +10:00
loginrec.h
logintest.c
mac.c
upstream commit
2017-05-10 11:41:21 +10:00
mac.h
Makefile.in
delete the correct thing; kexfuzz binary
2018-09-12 16:50:01 +10:00
match.c
upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA
2018-07-04 23:51:52 +10:00
match.h
upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA
2018-07-04 23:51:52 +10:00
md5crypt.c
Remove assigned-to-but-never-used variable.
2018-02-13 16:27:09 +11:00
md5crypt.h
mdoc2man.awk
Remove remaining now-obsolete cvs $Ids.
2018-02-15 20:06:19 +11:00
misc.c
upstream: Support using service names for port numbers.
2018-10-07 14:58:24 +11:00
misc.h
upstream: Allow ssh_config IdentityAgent directive to accept
2018-10-03 16:39:58 +10:00
mkinstalldirs
Remove remaining now-obsolete cvs $Ids.
2018-02-15 20:06:19 +11:00
moduli
Import updated moduli.
2018-09-22 11:59:55 +10:00
moduli.5
moduli.c
upstream commit
2017-12-12 10:32:04 +11:00
monitor_fdpass.c
monitor_fdpass.h
monitor_wrap.c
Remove support for S/Key
2018-07-31 12:59:30 +10:00
monitor_wrap.h
Remove support for S/Key
2018-07-31 12:59:30 +10:00
monitor.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
monitor.h
Remove support for S/Key
2018-07-31 12:59:30 +10:00
msg.c
upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@
2018-07-10 16:44:17 +10:00
msg.h
mux.c
upstream: remove big ugly TODO comment from start of file. Some of
2018-09-26 17:35:49 +10:00
myproposal.h
upstream: add SSH_ALLOWED_CA_SIGALGS - the default list of
2018-09-12 16:49:21 +10:00
nchan2.ms
nchan.c
upstream: when the peer sends a channel-close message, make sure we
2018-10-04 17:50:22 +10:00
nchan.ms
opacket.c
missing headers
2018-07-13 11:41:33 +10:00
opacket.h
upstream: Remove unused ssh_packet_start_compression()
2018-07-10 15:13:40 +10:00
openssh.xml.in
opensshd.init.in
Remove RSA1 host key generation.
2017-12-01 16:55:35 +11:00
OVERVIEW
upstream: ssh(1) no longer supports being setuid root. Remove reference
2018-07-27 15:09:59 +10:00
packet.c
Explicitly include openssl before zlib.
2018-07-20 13:48:51 +10:00
packet.h
upstream: ttymodes: switch to sshbuf API; ok djm@
2018-07-10 15:19:12 +10:00
pathnames.h
upstream: Add experimental support for PQC XMSS keys (Extended
2018-02-26 11:40:41 +11:00
pkcs11.h
platform-misc.c
Split platform_sys_dir_uid into its own file
2017-08-25 13:25:01 +10:00
platform-pledge.c
platform-tracing.c
platform.c
upstream: remove legacy key emulation layer; ok djm@
2018-07-12 13:18:25 +10:00
platform.h
poly1305.c
poly1305.h
progressmeter.c
progressmeter.h
PROTOCOL
upstream: mention INFO@openssh.com for sending SIGINFO
2018-10-02 22:53:48 +10:00
PROTOCOL.agent
update URL again
2017-10-01 10:32:25 +11:00
PROTOCOL.certkeys
upstream: Improve strictness and control over RSA-SHA2 signature
2018-07-03 23:26:36 +10:00
PROTOCOL.chacha20poly1305
upstream: lots of typos in comments/docs. Patch from Karsten Weiss
2018-04-10 10:17:15 +10:00
PROTOCOL.key
PROTOCOL.krl
upstream: allow key revocation by SHA256 hash and allow ssh-keygen
2018-09-12 16:49:21 +10:00
PROTOCOL.mux
upstream: Document mux proxy mode; added by Markus in openssh-7.4
2018-09-26 17:35:22 +10:00
readconf.c
upstream: Support using service names for port numbers.
2018-10-07 14:58:24 +11:00
readconf.h
upstream: add CASignatureAlgorithms option for the client, allowing
2018-09-20 14:00:29 +10:00
README
remove stale link, tweak
2018-10-12 09:48:05 +11:00
README.dns
README.platform
Many typo fixes from Karsten Weiss
2018-04-10 10:19:02 +10:00
README.privsep
Remove references to UNICOS.
2018-02-15 22:28:14 +11:00
README.tun
readpass.c
upstream: Remove support for running ssh(1) setuid and fatal if
2018-07-19 21:41:42 +10:00
rijndael.c
rijndael.h
sandbox-capsicum.c
Switch Capsicum header to sys/capsicum.h.
2017-08-28 16:48:27 +10:00
sandbox-darwin.c
sandbox-null.c
sandbox-pledge.c
sandbox-rlimit.c
sandbox-seccomp-filter.c
add futex(2) syscall to seccomp sandbox
2018-09-15 19:37:48 +10:00
sandbox-solaris.c
drop two more privileges in the Solaris sandbox
2017-06-09 14:44:43 +10:00
sandbox-systrace.c
Allow nanosleep in preauth privsep child.
2018-04-13 16:23:57 +10:00
sc25519.c
sc25519.h
scp.1
upstream: reorder CASignatureAlgorithms, and add them to the
2018-09-21 09:41:10 +10:00
scp.c
upstream: Apply umask to all incoming files and directories not
2018-06-04 14:54:43 +10:00
servconf.c
upstream: actually make CASignatureAlgorithms available as a config
2018-09-21 09:41:59 +10:00
servconf.h
upstream: Add sshd_config CASignatureAlgorithms option to allow
2018-09-20 14:00:29 +10:00
serverloop.c
upstream: Remove uid checks from low port binds. Now that ssh
2018-07-31 12:18:49 +10:00
serverloop.h
upstream commit
2017-09-12 17:37:02 +10:00
session.c
upstream: include a little more information about the status and
2018-10-04 10:44:49 +10:00
session.h
upstream: Add server support for signalling sessions via the SSH
2018-10-02 22:41:01 +10:00
sftp-client.c
upstream: fix some memory leaks spotted by Coverity via Jakub Jelen
2018-07-31 13:13:26 +10:00
sftp-client.h
sftp-common.c
upstream: Fix warnings caused by user_from_uid() and group_from_gid()
2018-09-14 12:49:29 +10:00
sftp-common.h
sftp-glob.c
sftp-server-main.c
sftp-server.8
sftp-server.c
upstream: make UID available as a %-expansion everywhere that the
2018-06-01 13:35:59 +10:00
sftp.1
upstream: reorder CASignatureAlgorithms, and add them to the
2018-09-21 09:41:10 +10:00
sftp.c
upstream: Add FALLTHROUGH comments where appropriate. Patch from
2018-09-09 14:50:32 +10:00
sftp.h
smult_curve25519_ref.c
ssh2.h
ssh_api.c
Include openssl compatibility.
2018-10-22 20:05:18 +11:00
ssh_api.h
upstream: lots of typos in comments/docs. Patch from Karsten Weiss
2018-04-10 10:17:15 +10:00
ssh_config
ssh_config.5
upstream: Allow ssh_config IdentityAgent directive to accept
2018-10-03 16:39:58 +10:00
ssh-add.1
upstream commit
2017-09-04 09:38:57 +10:00
ssh-add.c
upstream: Make "ssh-add -q" do what it says on the tin: silence
2018-09-20 14:00:11 +10:00
ssh-agent.1
ssh-agent.c
upstream: implement EMFILE mitigation for ssh-agent: remember the
2018-05-11 13:56:42 +10:00
ssh-dss.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-ecdsa.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-ed25519.c
ssh-gss.h
upstream: kerberos/gssapi fixes for buffer removal
2018-07-10 19:15:35 +10:00
ssh-keygen.1
upstream: fix edit mistake; spotted by jmc@
2018-09-12 16:49:21 +10:00
ssh-keygen.c
upstream: when printing certificate contents "ssh-keygen -Lf
2018-10-22 10:58:06 +11:00
ssh-keyscan.1
upstream: move the input format details to -f; remove the output
2018-03-12 11:48:15 +11:00
ssh-keyscan.c
upstream: switch config file parsing to getline(3) as this avoids
2018-06-07 04:34:05 +10:00
ssh-keysign.8
ssh-keysign.c
Include openssl compatibility.
2018-10-22 20:05:18 +11:00
ssh-pkcs11-client.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-pkcs11-helper.8
ssh-pkcs11-helper.c
upstream commit
2018-01-23 16:31:55 +11:00
ssh-pkcs11.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-pkcs11.h
ssh-rsa.c
adapt -portable to OpenSSL 1.1x API
2018-09-13 12:13:50 +10:00
ssh-sandbox.h
ssh-xmss.c
Add WITH_XMSS, move to prevent conflicts.
2018-02-28 19:59:35 +11:00
ssh.1
upstream: reorder CASignatureAlgorithms, and add them to the
2018-09-21 09:41:10 +10:00
ssh.c
upstream: Allow ssh_config IdentityAgent directive to accept
2018-10-03 16:39:58 +10:00
ssh.h
upstream: switch config file parsing to getline(3) as this avoids
2018-06-07 04:34:05 +10:00
sshbuf-getput-basic.c
upstream commit
2017-06-01 14:55:23 +10:00
sshbuf-getput-crypto.c
sshbuf-misc.c
sshbuf.c
upstream: remove legacy buffer API emulation layer; ok djm@
2018-07-10 16:44:17 +10:00
sshbuf.h
upstream: remove legacy buffer API emulation layer; ok djm@
2018-07-10 16:44:17 +10:00
sshconnect2.c
upstream: don't send new-style rsa-sha2-*-cert-v01@openssh.com names to
2018-10-12 09:43:30 +11:00
sshconnect.c
upstream: struct sockaddr_storage is guaranteed to be large enough,
2018-10-22 10:58:06 +11:00
sshconnect.h
upstream: Deprecate UsePrivilegedPort now that support for running
2018-07-19 21:44:21 +10:00
sshd_config
upstream: the UseLogin option was removed, so remove it here too.
2018-04-10 10:16:36 +10:00
sshd_config.5
upstream: Add sshd_config CASignatureAlgorithms option to allow
2018-09-20 14:00:29 +10:00
sshd.8
upstream: Switch authorized_keys example from ssh-dss to ssh-rsa
2018-07-26 13:54:30 +10:00
sshd.c
upstream: when compiled with GSSAPI support, cache supported method
2018-09-21 22:49:27 +10:00
ssherr.c
upstream: Improve strictness and control over RSA-SHA2 signature
2018-07-03 23:26:36 +10:00
ssherr.h
upstream: Improve strictness and control over RSA-SHA2 signature
2018-07-03 23:26:36 +10:00
sshkey-xmss.c
upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@
2018-07-10 16:44:17 +10:00
sshkey-xmss.h
upstream: Add experimental support for PQC XMSS keys (Extended
2018-02-26 11:40:41 +11:00
sshkey.c
some more duplicated key algorithm lines
2018-10-11 13:02:11 +11:00
sshkey.h
upstream: garbage-collect moribund ssh_new_private() API.
2018-09-14 14:19:06 +10:00
sshlogin.c
upstream: sshd: switch loginmsg to sshbuf API; ok djm@
2018-07-10 15:21:58 +10:00
sshlogin.h
sshpty.c
Remove UNICOS support.
2018-02-15 20:04:02 +11:00
sshpty.h
sshtty.c
survey.sh.in
TODO
Remove support for S/Key
2018-07-31 12:59:30 +10:00
ttymodes.c
upstream: ttymodes: switch to sshbuf API; ok djm@
2018-07-10 15:19:12 +10:00
ttymodes.h
uidswap.c
upstream: Remove support for running ssh(1) setuid and fatal if
2018-07-19 21:41:42 +10:00
uidswap.h
upstream: Remove support for running ssh(1) setuid and fatal if
2018-07-19 21:41:42 +10:00
umac128.c
upstream commit
2018-02-09 20:00:18 +11:00
umac.c
upstream: lots of typos in comments/docs. Patch from Karsten Weiss
2018-04-10 10:17:15 +10:00
umac.h
utf8.c
upstream: AIX reports the CODESET as "ISO8859-1" in the POSIX locale.
2018-08-22 07:52:26 +10:00
utf8.h
uuencode.c
uuencode.h
verify.c
version.h
upstream: introducing openssh 7.9
2018-10-11 11:03:53 +11:00
xmalloc.c
upstream commit
2017-06-01 14:55:22 +10:00
xmalloc.h
upstream commit
2017-06-01 14:55:22 +10:00
xmss_commons.c
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_commons.h
Remove extra XMSS #endif
2018-03-05 10:22:32 +11:00
xmss_fast.c
upstream: ssh/xmss: fix build; ok djm@
2018-03-23 11:05:39 +11:00
xmss_fast.h
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_hash_address.c
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_hash_address.h
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_hash.c
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_hash.h
upstream: Add $OpenBSD$ markers to xmss files to help keep synced
2018-03-02 14:29:25 +11:00
xmss_wots.c
upstream: lots of typos in comments/docs. Patch from Karsten Weiss
2018-04-10 10:17:15 +10:00
xmss_wots.h
upstream: Remove unneeded (local) include. ok markus@
2018-03-02 14:30:02 +11:00