mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-25 19:32:09 +00:00
Portable OpenSSH
eb9c582b71
Previously portable OpenSSH has synced against a conversion of OpenBSD's CVS repository made using the git cvsimport tool, but this has become increasingly unreliable. As of this commit, portable OpenSSH now tracks a conversion of the OpenBSD CVS upstream made using the excellent cvs2gitdump tool from YASUOKA Masahiko: https://github.com/yasuoka/cvs2gitdump cvs2gitdump is considerably more reliable than gitcvsimport and the old version of cvsps that it uses under the hood, and is the same tool used to export the entire OpenBSD repository to git (so we know it can cope with future growth). These new conversions are mirrored at github, so interested parties can match portable OpenSSH commits to their upstream counterparts. https://github.com/djmdjm/openbsd-openssh-src https://github.com/djmdjm/openbsd-openssh-regress An unfortunate side effect of switching upstreams is that we must have a flag day, across which the upstream commit IDs will be inconsistent. The old commit IDs are recorded with the tags "Upstream-ID" for main directory commits and "Upstream-Regress-ID" for regress commits. To make it clear that the commit IDs do not refer to the same things, the new repository will instead use "OpenBSD-ID" and "OpenBSD-Regress-ID" tags instead. Apart from being a longwinded explanation of what is going on, this commit message also serves to synchronise our tools with the state of the tree, which happens to be: OpenBSD-ID: 9c43a9968c7929613284ea18e9fb92e4e2a8e4c1 OpenBSD-Regress-ID: b33b385719420bf3bc57d664feda6f699c147fef |
||
---|---|---|
contrib | ||
openbsd-compat | ||
regress | ||
.gitignore | ||
.skipped-commit-ids | ||
aclocal.m4 | ||
addrmatch.c | ||
atomicio.c | ||
atomicio.h | ||
audit-bsm.c | ||
audit-linux.c | ||
audit.c | ||
audit.h | ||
auth2-chall.c | ||
auth2-gss.c | ||
auth2-hostbased.c | ||
auth2-kbdint.c | ||
auth2-none.c | ||
auth2-passwd.c | ||
auth2-pubkey.c | ||
auth2.c | ||
auth-bsdauth.c | ||
auth-krb5.c | ||
auth-options.c | ||
auth-options.h | ||
auth-pam.c | ||
auth-pam.h | ||
auth-passwd.c | ||
auth-rhosts.c | ||
auth-shadow.c | ||
auth-sia.c | ||
auth-sia.h | ||
auth-skey.c | ||
auth.c | ||
auth.h | ||
authfd.c | ||
authfd.h | ||
authfile.c | ||
authfile.h | ||
bitmap.c | ||
bitmap.h | ||
blocks.c | ||
bufaux.c | ||
bufbn.c | ||
bufec.c | ||
buffer.c | ||
buffer.h | ||
buildpkg.sh.in | ||
canohost.c | ||
canohost.h | ||
chacha.c | ||
chacha.h | ||
channels.c | ||
channels.h | ||
cipher-aes.c | ||
cipher-aesctr.c | ||
cipher-aesctr.h | ||
cipher-chachapoly.c | ||
cipher-chachapoly.h | ||
cipher-ctr.c | ||
cipher.c | ||
cipher.h | ||
cleanup.c | ||
clientloop.c | ||
clientloop.h | ||
compat.c | ||
compat.h | ||
config.guess | ||
config.sub | ||
configure.ac | ||
crc32.c | ||
crc32.h | ||
CREDITS | ||
crypto_api.h | ||
defines.h | ||
dh.c | ||
dh.h | ||
digest-libc.c | ||
digest-openssl.c | ||
digest.h | ||
dispatch.c | ||
dispatch.h | ||
dns.c | ||
dns.h | ||
ed25519.c | ||
entropy.c | ||
entropy.h | ||
fatal.c | ||
fe25519.c | ||
fe25519.h | ||
fixalgorithms | ||
fixpaths | ||
fixprogs | ||
ge25519_base.data | ||
ge25519.c | ||
ge25519.h | ||
groupaccess.c | ||
groupaccess.h | ||
gss-genr.c | ||
gss-serv-krb5.c | ||
gss-serv.c | ||
hash.c | ||
hmac.c | ||
hmac.h | ||
hostfile.c | ||
hostfile.h | ||
includes.h | ||
INSTALL | ||
install-sh | ||
kex.c | ||
kex.h | ||
kexc25519.c | ||
kexc25519c.c | ||
kexc25519s.c | ||
kexdh.c | ||
kexdhc.c | ||
kexdhs.c | ||
kexecdh.c | ||
kexecdhc.c | ||
kexecdhs.c | ||
kexgex.c | ||
kexgexc.c | ||
kexgexs.c | ||
key.c | ||
key.h | ||
krl.c | ||
krl.h | ||
LICENCE | ||
log.c | ||
log.h | ||
loginrec.c | ||
loginrec.h | ||
logintest.c | ||
mac.c | ||
mac.h | ||
Makefile.in | ||
match.c | ||
match.h | ||
md5crypt.c | ||
md5crypt.h | ||
mdoc2man.awk | ||
misc.c | ||
misc.h | ||
mkinstalldirs | ||
moduli | ||
moduli.5 | ||
moduli.c | ||
monitor_fdpass.c | ||
monitor_fdpass.h | ||
monitor_wrap.c | ||
monitor_wrap.h | ||
monitor.c | ||
monitor.h | ||
msg.c | ||
msg.h | ||
mux.c | ||
myproposal.h | ||
nchan2.ms | ||
nchan.c | ||
nchan.ms | ||
opacket.c | ||
opacket.h | ||
openssh.xml.in | ||
opensshd.init.in | ||
OVERVIEW | ||
packet.c | ||
packet.h | ||
pathnames.h | ||
pkcs11.h | ||
platform-misc.c | ||
platform-pledge.c | ||
platform-tracing.c | ||
platform.c | ||
platform.h | ||
poly1305.c | ||
poly1305.h | ||
progressmeter.c | ||
progressmeter.h | ||
PROTOCOL | ||
PROTOCOL.agent | ||
PROTOCOL.certkeys | ||
PROTOCOL.chacha20poly1305 | ||
PROTOCOL.key | ||
PROTOCOL.krl | ||
PROTOCOL.mux | ||
readconf.c | ||
readconf.h | ||
README | ||
README.dns | ||
README.platform | ||
README.privsep | ||
README.tun | ||
readpass.c | ||
rijndael.c | ||
rijndael.h | ||
sandbox-capsicum.c | ||
sandbox-darwin.c | ||
sandbox-null.c | ||
sandbox-pledge.c | ||
sandbox-rlimit.c | ||
sandbox-seccomp-filter.c | ||
sandbox-solaris.c | ||
sandbox-systrace.c | ||
sc25519.c | ||
sc25519.h | ||
scp.1 | ||
scp.c | ||
servconf.c | ||
servconf.h | ||
serverloop.c | ||
serverloop.h | ||
session.c | ||
session.h | ||
sftp-client.c | ||
sftp-client.h | ||
sftp-common.c | ||
sftp-common.h | ||
sftp-glob.c | ||
sftp-server-main.c | ||
sftp-server.8 | ||
sftp-server.c | ||
sftp.1 | ||
sftp.c | ||
sftp.h | ||
smult_curve25519_ref.c | ||
ssh2.h | ||
ssh_api.c | ||
ssh_api.h | ||
ssh_config | ||
ssh_config.5 | ||
ssh-add.1 | ||
ssh-add.c | ||
ssh-agent.1 | ||
ssh-agent.c | ||
ssh-dss.c | ||
ssh-ecdsa.c | ||
ssh-ed25519.c | ||
ssh-gss.h | ||
ssh-keygen.1 | ||
ssh-keygen.c | ||
ssh-keyscan.1 | ||
ssh-keyscan.c | ||
ssh-keysign.8 | ||
ssh-keysign.c | ||
ssh-pkcs11-client.c | ||
ssh-pkcs11-helper.8 | ||
ssh-pkcs11-helper.c | ||
ssh-pkcs11.c | ||
ssh-pkcs11.h | ||
ssh-rsa.c | ||
ssh-sandbox.h | ||
ssh.1 | ||
ssh.c | ||
ssh.h | ||
sshbuf-getput-basic.c | ||
sshbuf-getput-crypto.c | ||
sshbuf-misc.c | ||
sshbuf.c | ||
sshbuf.h | ||
sshconnect2.c | ||
sshconnect.c | ||
sshconnect.h | ||
sshd_config | ||
sshd_config.5 | ||
sshd.8 | ||
sshd.c | ||
ssherr.c | ||
ssherr.h | ||
sshkey.c | ||
sshkey.h | ||
sshlogin.c | ||
sshlogin.h | ||
sshpty.c | ||
sshpty.h | ||
sshtty.c | ||
survey.sh.in | ||
TODO | ||
ttymodes.c | ||
ttymodes.h | ||
uidswap.c | ||
uidswap.h | ||
umac.c | ||
umac.h | ||
utf8.c | ||
utf8.h | ||
uuencode.c | ||
uuencode.h | ||
verify.c | ||
version.h | ||
xmalloc.c | ||
xmalloc.h |
See https://www.openssh.com/releasenotes.html#7.6p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting instructions and note that we do not use Github for bug reporting or patch/pull-request management. - A Japanese translation of this document and of the release notes is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html - Thanks to HARUYAMA Seigo <haruyama@unixuser.org> This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other Unices. OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all patent-encumbered algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced and many other clean-ups. OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a homepage at https://www.openssh.com/ This port consists of the re-introduction of autoconf support, PAM support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are (regrettably) absent from other unices. This port has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X, NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare. This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for all logins, not just when using password authentication. OpenSSH depends on Zlib[3], OpenSSL[4], and optionally PAM[5] and libedit[6] There is now several mailing lists for this port of OpenSSH. Please refer to https://www.openssh.com/list.html for details on how to join. Please send bug reports and patches to the mailing list openssh-unix-dev@mindrot.org. The list is open to posting by unsubscribed users. Code contribution are welcomed, but please follow the OpenBSD style guidelines[7]. Please refer to the INSTALL document for information on how to install OpenSSH on your system. Damien Miller <djm@mindrot.org> Miscellania - This version of OpenSSH is based upon code retrieved from the OpenBSD CVS repository which in turn was based on the last free sample implementation released by Tatu Ylonen. References - [0] https://www.openssh.com/ [1] http://www.lothar.com/tech/crypto/ [2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html [3] http://www.gzip.org/zlib/ [4] http://www.openssl.org/ [5] http://www.openpam.org http://www.kernel.org/pub/linux/libs/pam/ (PAM also is standard on Solaris and HP-UX 11) [6] http://thrysoee.dk/editline/ (portable version) [7] http://man.openbsd.org/style.9