.github
Add make target for standalone sk-libfido2
2024-11-29 03:15:49 +11:00
contrib
Remove ancient RHL 6.x config in RPM spec.
2024-12-07 01:15:48 +11:00
m4
Improve detection of -fzero-call-used-regs=used.
2024-03-25 10:12:58 +11:00
openbsd-compat
Simplify pselect shim and remove side effects.
2024-10-25 19:01:02 +11:00
regress
upstream: Expand $SSH to absolute path if it's not already.
2024-12-06 20:20:20 +11:00
.depend
depend
2024-10-14 14:49:20 +11:00
.git_allowed_signers
Add new hardware-backed signing key for myself.
2024-12-06 23:54:45 +11:00
.git_allowed_signers.asc
add new token-based signing key for dtucker@
2024-03-30 16:05:59 +11:00
.gitignore
don't ignore changes in regress Makefiles
2024-12-05 01:01:04 +11:00
.skipped-commit-ids
upstream: turn off CDIAGFLAGS and turn back on INSTALL_STRIP
2024-11-27 08:24:49 +11:00
addr.c
upstream: remove addr.[ch] functions that are unused and
2024-10-18 15:30:36 +11:00
addr.h
upstream: remove addr.[ch] functions that are unused and
2024-10-18 15:30:36 +11:00
addrmatch.c
atomicio.c
atomicio.h
audit-bsm.c
audit-linux.c
audit.c
audit.h
auth2-chall.c
auth2-gss.c
upstream: g/c unused variable
2024-05-17 14:42:49 +10:00
auth2-hostbased.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth2-kbdint.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth2-methods.c
upstream: typos
2024-05-31 19:04:11 +10:00
auth2-none.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth2-passwd.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth2-pubkey.c
upstream: Plug leak on error path, spotted by Coverity. ok djm@
2024-12-12 21:23:32 +11:00
auth2-pubkeyfile.c
auth2.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth-bsdauth.c
auth-krb5.c
auth-options.c
auth-options.h
auth-pam.c
propagate PAM crashes to PerSourcePenalties
2024-06-17 17:02:18 +10:00
auth-pam.h
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth-passwd.c
auth-rhosts.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
auth-shadow.c
auth-sia.c
auth-sia.h
auth.c
upstream: add a "Match invalid-user" predicate to sshd_config Match
2024-09-15 11:23:11 +10:00
auth.h
upstream: remove prototypes with no matching function; ok djm@
2024-05-22 14:21:13 +10:00
authfd.c
upstream: Make it possible to load certs from PKCS#11 tokens
2023-12-19 01:52:55 +11:00
authfd.h
upstream: Make it possible to load certs from PKCS#11 tokens
2023-12-19 01:52:55 +11:00
authfile.c
upstream: remove some unused defines; ok djm@
2024-09-24 12:09:35 +10:00
authfile.h
bitmap.c
bitmap.h
buildpkg.sh.in
fix old typo (s/SYSVINITSTOPT/SYSVINITSTOP/)
2024-12-16 15:36:54 -08:00
canohost.c
canohost.h
chacha.c
chacha.h
channels.c
upstream: De-magic the x11 base port number into a define. ok djm@
2024-12-05 19:13:45 +11:00
channels.h
upstream: don't start the ObscureKeystrokeTiming mitigations if
2024-10-14 09:21:08 +11:00
cipher-aes.c
cipher-aesctr.c
cipher-aesctr.h
cipher-chachapoly-libcrypto.c
cipher-chachapoly.c
cipher-chachapoly.h
cipher.c
upstream: As defined in the RFC, the SSH protocol has negotiable
2024-08-27 09:05:43 +10:00
cipher.h
upstream: Garbage collect cipher_get_keyiv_len()
2023-10-11 15:57:08 +11:00
cleanup.c
clientloop.c
upstream: spelling; ok djm@
2024-12-05 01:28:54 +11:00
clientloop.h
upstream: remove prototypes with no matching function; ok djm@
2024-05-22 14:21:13 +10:00
compat.c
compat.h
config.guess
config.sub
configure.ac
Fix configure implicit declaration and format warnings.
2024-12-06 20:53:14 +11:00
CREDITS
crypto_api.h
upstream: Add experimental support for hybrid post-quantum key exchange
2024-09-02 22:32:44 +10:00
defines.h
Define u_short and u_long if needed.
2024-12-03 20:01:47 +11:00
dh.c
upstream: Remove fallback to compiled-in gropup for dhgex when the
2024-12-05 01:28:47 +11:00
dh.h
digest-libc.c
digest-openssl.c
digest.h
dispatch.c
dispatch.h
dns.c
dns.h
ed25519.c
ed25519.sh
upstream: spelling; ok djm@
2024-05-17 14:42:49 +10:00
entropy.c
entropy.h
fatal.c
fixalgorithms
fixpaths
groupaccess.c
upstream: Ignore extra groups that don't fit in the buffer passed
2024-11-07 10:01:05 +11:00
groupaccess.h
gss-genr.c
upstream: whitespace
2024-02-01 13:42:45 +11:00
gss-serv-krb5.c
gss-serv.c
gss-serv.c needs sys/param.h
2024-09-25 11:15:45 +10:00
hash.c
hmac.c
hmac.h
hostfile.c
hostfile.h
includes.h
INSTALL
Update readme files to better reflect reality.
2024-12-04 21:37:22 +11:00
install-sh
kex-names.c
test for compiler feature needed for ML-KEM
2024-09-09 16:06:21 +10:00
kex.c
upstream: As defined in the RFC, the SSH protocol has negotiable
2024-08-27 09:05:43 +10:00
kex.h
upstream: Add experimental support for hybrid post-quantum key exchange
2024-09-02 22:32:44 +10:00
kexc25519.c
upstream: Add experimental support for hybrid post-quantum key exchange
2024-09-02 22:32:44 +10:00
kexdh.c
kexecdh.c
kexgen.c
upstream: pull post-quantum ML-KEM/x25519 key exchange out from
2024-09-09 12:45:53 +10:00
kexgex.c
kexgexc.c
kexgexs.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
kexmlkem768x25519.c
upstream: explicitly include endian.h
2024-10-27 13:09:58 +11:00
kexsntrup761x25519.c
upstream: update the Streamlined NTRU Prime code from the "ref"
2024-09-15 12:24:48 +10:00
krl.c
krl.h
libcrux_mlkem768_sha3.h
upstream: fix ML-KEM768x25519 KEX on big-endian systems; spotted by
2024-10-27 13:09:32 +11:00
LICENCE
include openbsd-compat/base64.c license in LICENSE
2024-09-18 16:03:23 +10:00
log.c
upstream: add infrastructure for ratelimited logging; feedback/ok
2024-12-07 21:22:56 +11:00
log.h
upstream: add infrastructure for ratelimited logging; feedback/ok
2024-12-07 21:22:56 +11:00
loginrec.c
Add wtmpdb support as Y2038 safe wtmp replacement
2024-12-03 02:55:36 +11:00
loginrec.h
Add wtmpdb support as Y2038 safe wtmp replacement
2024-12-03 02:55:36 +11:00
logintest.c
mac.c
mac.h
Makefile.in
Add $(srcdir) for standalone sk-libfido2 make target.
2024-12-12 20:12:09 +11:00
match.c
upstream: make parsing user@host consistently look for the last '@' in
2024-09-06 12:31:19 +10:00
match.h
mdoc2man.awk
mdoc2man: balance nested square brackets
2024-11-28 19:20:10 +11:00
misc.c
upstream: relax valid_domain() checks to allow an underscore as the
2024-10-24 14:28:40 +11:00
misc.h
upstream: fix regression introduced when I switched the "Match"
2024-09-25 11:27:24 +10:00
mkinstalldirs
mlkem768.sh
upstream: fix ML-KEM768x25519 KEX on big-endian systems; spotted by
2024-10-27 13:09:32 +11:00
moduli
upstream: Import regenerated moduli.
2024-11-29 18:34:47 +11:00
moduli.5
moduli.c
monitor_fdpass.c
monitor_fdpass.h
monitor_wrap.c
upstream: Make debug call printf("%s", NULL) safe.
2024-10-22 17:50:23 +11:00
monitor_wrap.h
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
monitor.c
upstream: spelling; ok djm@
2024-12-05 01:28:54 +11:00
monitor.h
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
msg.c
upstream: Start the process of splitting sshd into separate
2024-05-17 14:41:35 +10:00
msg.h
mux.c
upstream: remove duplicate misc.h include ok dtucker@
2024-10-14 09:21:07 +11:00
myproposal.h
upstream: unbreak
2024-12-03 01:07:08 +11:00
nchan2.ms
nchan.c
upstream: Fix proxy multiplexing (-O proxy) bug
2024-07-26 08:51:40 +10:00
nchan.ms
openssh.xml.in
opensshd.init.in
OVERVIEW
packet.c
upstream: As defined in the RFC, the SSH protocol has negotiable
2024-08-27 09:05:43 +10:00
packet.h
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
pathnames.h
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
pkcs11.h
platform-listen.c
Makefile support for sshd-session
2024-05-17 14:41:37 +10:00
platform-misc.c
platform-pledge.c
platform-tracing.c
platform.c
Makefile support for sshd-session
2024-05-17 14:41:37 +10:00
platform.h
notify systemd on listen and reload
2024-04-03 14:40:32 +11:00
poly1305.c
poly1305.h
progressmeter.c
upstream: remove some unused defines; ok djm@
2024-09-24 12:09:35 +10:00
progressmeter.h
PROTOCOL
upstream: fix missing field in users-groups-by-id@openssh.com reply
2024-01-08 16:06:29 +11:00
PROTOCOL.agent
upstream: new name/link for agent I-D
2024-11-28 03:09:01 +11:00
PROTOCOL.certkeys
upstream: clarify encoding of options/extensions; bz2389
2024-12-07 21:16:01 +11:00
PROTOCOL.chacha20poly1305
PROTOCOL.key
upstream: in OpenSSH private key format, correct type for subsequent
2024-03-30 16:57:32 +11:00
PROTOCOL.krl
PROTOCOL.mux
upstream: Remove outdated note from PROTOCOL.mux
2024-01-08 16:12:17 +11:00
PROTOCOL.sshsig
PROTOCOL.u2f
readconf.c
upstream: support VersionAddendum in the client, mirroring the
2024-12-07 21:16:02 +11:00
readconf.h
upstream: support VersionAddendum in the client, mirroring the
2024-12-07 21:16:02 +11:00
README
Update readme files to better reflect reality.
2024-12-04 21:37:22 +11:00
README.dns
README.md
Update readme files to better reflect reality.
2024-12-04 21:37:22 +11:00
README.platform
nite that recent OSX tun/tap is unsupported
2024-01-08 16:26:37 +11:00
README.privsep
README.tun
readpass.c
upstream: allow WAYLAND_DISPLAY to enable SSH_ASKPASS
2024-03-30 15:35:03 +11:00
rijndael.c
rijndael.h
sandbox-capsicum.c
fix capsicum sandbox
2024-10-14 17:17:50 +11:00
sandbox-darwin.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
sandbox-null.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
sandbox-rlimit.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
sandbox-seccomp-filter.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
sandbox-solaris.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
scp.1
upstream: sync -o option lists with ssh.1; requested jmc@
2024-12-07 21:16:00 +11:00
scp.c
upstream: save_errno wrappers inside two small signal handlers that
2024-06-28 08:34:49 +10:00
SECURITY.md
servconf.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
servconf.h
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
serverloop.c
upstream: Explicitly specify the signature algorithm when signing
2024-11-27 09:03:27 +11:00
serverloop.h
session.c
upstream: Change "login again" to "log in again"
2024-12-06 20:19:46 +11:00
session.h
sftp-client.c
upstream: spelling; ok djm@
2024-05-17 14:42:49 +10:00
sftp-client.h
upstream: the sftp code was one of my first contributions to
2023-09-08 15:59:08 +10:00
sftp-common.c
sftp-common.h
sftp-glob.c
upstream: rename remote_glob() -> sftp_glob() to match other API
2023-09-11 09:14:02 +10:00
sftp-realpath.c
sftp-server-main.c
sftp-server.8
sftp-server.c
upstream: fix home-directory extension implementation, it always
2024-04-30 16:24:22 +10:00
sftp-usergroup.c
upstream: the sftp code was one of my first contributions to
2023-09-08 15:59:08 +10:00
sftp-usergroup.h
sftp.1
upstream: sync -o option lists with ssh.1; requested jmc@
2024-12-07 21:16:00 +11:00
sftp.c
upstream: save_errno wrappers inside two small signal handlers that
2024-06-28 08:34:49 +10:00
sftp.h
sk-api.h
sk-usbhid.c
upstream: support FIDO tokens that return no attestation data, e.g.
2024-12-03 19:32:18 +11:00
smult_curve25519_ref.c
sntrup761.c
upstream: use 64 bit math to avoid signed underflow. upstream code
2024-09-16 15:37:51 +10:00
sntrup761.sh
upstream: use 64 bit math to avoid signed underflow. upstream code
2024-09-16 15:37:51 +10:00
srclimit.c
upstream: Add a "refuseconnection" penalty class to sshd_config
2024-09-15 11:23:10 +10:00
srclimit.h
upstream: Add a "refuseconnection" penalty class to sshd_config
2024-09-15 11:23:10 +10:00
ssh2.h
upstream: Reserve a range of "local extension" message numbers that
2023-10-10 14:58:55 +11:00
ssh_api.c
upstream: in _ssh_order_hostkeyalgs() consider ECDSA curve type when
2024-10-18 16:16:13 +11:00
ssh_api.h
ssh_config
ssh_config.5
upstream: support VersionAddendum in the client, mirroring the
2024-12-07 21:16:02 +11:00
ssh-add.1
upstream: disable the DSA signature algorithm by default; ok
2024-06-17 18:48:29 +10:00
ssh-add.c
upstream: make parsing user@host consistently look for the last '@' in
2024-09-06 12:31:19 +10:00
ssh-agent.1
typo
2024-12-05 19:25:05 +11:00
ssh-agent.c
Support systemd-style socket activation in agent
2024-12-05 00:01:33 +11:00
ssh-dss.c
upstream: make DSA key support compile-time optional, defaulting to
2024-01-11 15:46:22 +11:00
ssh-ecdsa-sk.c
Fix compilation with DEBUG_SK enabled
2024-12-02 20:41:28 +11:00
ssh-ecdsa.c
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
ssh-ed25519-sk.c
ssh-ed25519.c
ssh-gss.h
upstream: remove prototypes with no matching function; ok djm@
2024-05-22 14:21:13 +10:00
ssh-keygen.1
upstream: mention that biometrics may be used for FIDO key user
2024-11-28 03:09:00 +11:00
ssh-keygen.c
upstream: don't screw up ssh-keygen -l output when the file
2024-12-05 01:28:55 +11:00
ssh-keyscan.1
upstream: disable the DSA signature algorithm by default; ok
2024-06-17 18:48:29 +10:00
ssh-keyscan.c
upstream: ignore SIGPIPE here; some downstreams have had this for
2024-12-07 21:16:01 +11:00
ssh-keysign.8
upstream: disable the DSA signature algorithm by default; ok
2024-06-17 18:48:29 +10:00
ssh-keysign.c
upstream: stricter validation of messaging socket fd number; disallow
2024-04-30 15:53:26 +10:00
ssh-pkcs11-client.c
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
ssh-pkcs11-helper.8
ssh-pkcs11-helper.c
more OPENSSL_HAS_ECC
2024-08-16 08:30:20 +10:00
ssh-pkcs11.c
upstream: remove unneeded semicolons; checked by millert@
2024-09-24 12:09:35 +10:00
ssh-pkcs11.h
upstream: Make it possible to load certs from PKCS#11 tokens
2023-12-19 01:52:55 +11:00
ssh-rsa.c
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
ssh-sandbox.h
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
ssh-sk-client.c
ssh-sk-helper.8
ssh-sk-helper.c
ssh-sk.c
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
ssh-sk.h
ssh-xmss.c
ssh.1
upstream: sync the list of options accepted by -o with ssh_config.5
2024-12-05 01:38:33 +11:00
ssh.c
upstream: support VersionAddendum in the client, mirroring the
2024-12-07 21:16:02 +11:00
ssh.h
upstream: remove some unused defines; ok djm@
2024-09-27 10:01:11 +10:00
sshbuf-getput-basic.c
sshbuf-getput-crypto.c
fix merge botch that broke !OPENSSL_HAS_ECC
2024-08-15 23:35:54 +10:00
sshbuf-io.c
sshbuf-misc.c
sshbuf.c
upstream: Reorder calloc arguments
2024-08-15 11:01:50 +10:00
sshbuf.h
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
2024-08-15 12:07:59 +10:00
sshconnect2.c
upstream: remove duplicate check; GHPR392 from Pedro Martelletto
2024-10-18 16:46:09 +11:00
sshconnect.c
upstream: support VersionAddendum in the client, mirroring the
2024-12-07 21:16:02 +11:00
sshconnect.h
upstream: add explict check for server hostkey type against
2024-04-30 12:22:35 +10:00
sshd_config
upstream: Improve description of KbdInteractiveAuthentication.
2024-12-04 01:55:30 +11:00
sshd_config.5
upstream: allow glob(3) patterns for sshd_config AuthorizedKeysFile
2024-12-07 21:19:02 +11:00
sshd-auth.c
upstream: spelling; ok djm@
2024-12-05 01:28:54 +11:00
sshd-debug.sh
upstream: spelling; ok djm@
2024-12-05 01:28:54 +11:00
sshd-session.c
upstream: Split per-connection sshd-session binary
2024-10-14 14:01:37 +11:00
sshd.8
upstream: document Match invalid-user
2024-09-15 11:23:11 +10:00
sshd.c
upstream: replace bespoke logging of MaxSessions enforcement with
2024-12-07 21:23:54 +11:00
ssherr.c
ssherr.h
sshkey-xmss.c
sshkey-xmss.h
sshkey.c
upstream: Remove redundant field of definition check
2024-12-05 01:28:46 +11:00
sshkey.h
upstream: be more strict in parsing key type names. Only allow
2024-09-04 15:38:50 +10:00
sshlogin.c
sshlogin.h
sshpty.c
sshpty.h
sshsig.c
upstream: g/c outdated XXX comments
2024-11-27 09:46:41 +11:00
sshsig.h
sshtty.c
survey.sh.in
TODO
ttymodes.c
ttymodes.h
uidswap.c
uidswap.h
umac128.c
umac.c
umac.h
utf8.c
utf8.h
version.h
upstream: openssh-9.9
2024-09-20 08:18:23 +10:00
xmalloc.c
xmalloc.h
xmss_commons.c
xmss_commons.h
xmss_fast.c
xmss_fast.h
xmss_hash_address.c
xmss_hash_address.h
xmss_hash.c
upstream: spelling; ok markus@
2024-01-08 13:25:21 +11:00
xmss_hash.h
xmss_wots.c
xmss_wots.h
