.github
Switch from LibreSSL 3.4.0 to 3.4.1.
2021-11-12 22:57:51 +11:00
contrib
remove built-in support for md5crypt()
2021-10-28 16:16:13 +11:00
m4
…
openbsd-compat
Don't trust closefrom() on Linux.
2021-11-10 12:34:25 +11:00
regress
upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
2021-11-03 10:10:09 +11:00
.depend
update depends
2021-11-18 10:16:44 +11:00
.gitignore
…
.skipped-commit-ids
upstream: Import regenerated moduli file.
2021-03-13 13:09:28 +11:00
CREDITS
…
INSTALL
remove built-in support for md5crypt()
2021-10-28 16:16:13 +11:00
LICENCE
remove built-in support for md5crypt()
2021-10-28 16:16:13 +11:00
Makefile.in
remove built-in support for md5crypt()
2021-10-28 16:16:13 +11:00
OVERVIEW
…
PROTOCOL
upstream: SFTP protocol extension to allow the server to expand
2021-08-10 12:47:46 +10:00
PROTOCOL.agent
…
PROTOCOL.certkeys
upstream: PROTOCOL.certkeys: update reference from IETF draft to
2021-06-06 13:24:37 +10:00
PROTOCOL.chacha20poly1305
…
PROTOCOL.key
upstream: correct mistake in spec - the private key blobs are encoded
2021-05-07 12:36:18 +10:00
PROTOCOL.krl
…
PROTOCOL.mux
…
PROTOCOL.sshsig
…
PROTOCOL.u2f
…
README
update version numbers for release
2021-09-26 22:16:36 +10:00
README.dns
…
README.md
Add status badges for Actions-based tests.
2021-04-29 10:59:54 +10:00
README.platform
Improve AIX text.
2020-12-22 19:21:26 +11:00
README.privsep
…
README.tun
…
SECURITY.md
basic SECURITY.md (refers people to the website)
2021-11-03 12:08:21 +11:00
TODO
…
addr.c
upstream: Plug mem addrinfo mem leaks.
2021-10-22 22:03:05 +11:00
addr.h
upstream: Move address handling functions out into their own file
2021-01-11 15:04:12 +11:00
addrmatch.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
atomicio.c
…
atomicio.h
…
audit-bsm.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
audit-linux.c
…
audit.c
…
audit.h
…
auth-bsdauth.c
…
auth-krb5.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
auth-options.c
upstream: don't leak environment= variable when it is not the first
2021-07-24 12:30:58 +10:00
auth-options.h
upstream: make authorized_keys environment="..." directives
2021-07-23 14:07:19 +10:00
auth-pam.c
Fix memory leak in error path.
2021-09-03 13:42:08 +10:00
auth-pam.h
…
auth-passwd.c
…
auth-rhosts.c
…
auth-shadow.c
…
auth-sia.c
…
auth-sia.h
…
auth.c
upstream: Remove comment referencing now-removed
2021-07-08 14:50:59 +10:00
auth.h
upstream: move subprocess() from auth.c to misc.c
2020-12-22 15:43:59 +11:00
auth2-chall.c
…
auth2-gss.c
upstream: this needs kex.h now
2021-01-27 21:16:45 +11:00
auth2-hostbased.c
upstream: Let allowed signers files used by ssh-keygen(1)
2021-07-23 14:07:19 +10:00
auth2-kbdint.c
Sync remaining ChallengeResponse removal.
2021-07-03 19:23:28 +10:00
auth2-none.c
…
auth2-passwd.c
…
auth2-pubkey.c
upstream: add some debug output showing how many key file/command lines
2021-09-29 11:35:11 +10:00
auth2.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
authfd.c
upstream: factor out common code in the agent client
2021-01-26 12:21:48 +11:00
authfd.h
…
authfile.c
…
authfile.h
…
bitmap.c
…
bitmap.h
…
buildpkg.sh.in
whitespace at EOL
2020-12-22 19:43:55 +11:00
canohost.c
…
canohost.h
…
chacha.c
…
chacha.h
upstream: whitespace (tab after space)
2021-04-03 17:20:00 +11:00
channels.c
upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT
2021-09-15 15:58:18 +10:00
channels.h
upstream: restore blocking status on stdio fds before close
2021-05-19 11:52:14 +10:00
cipher-aes.c
…
cipher-aesctr.c
…
cipher-aesctr.h
…
cipher-chachapoly-libcrypto.c
…
cipher-chachapoly.c
…
cipher-chachapoly.h
…
cipher-ctr.c
…
cipher.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
cipher.h
…
cleanup.c
…
clientloop.c
upstream: wrap at 80 columns
2021-08-30 09:58:15 +10:00
clientloop.h
…
compat.c
upstream: openssh-7.4 was incorrectly listed twice; spotted by
2021-09-10 20:34:09 +10:00
compat.h
upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
2021-06-06 13:41:36 +10:00
config.guess
…
config.sub
…
configure.ac
Don't trust closefrom() on Linux.
2021-11-10 12:34:25 +11:00
crypto_api.h
upstream: Update the sntrup761 creation script and generated code:
2021-01-08 13:49:49 +11:00
defines.h
compat for timespecsub() and friends
2021-11-18 09:26:20 +11:00
dh.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
dh.h
upstream: Add ModuliFile keyword to sshd_config to specify the
2021-03-13 13:14:13 +11:00
digest-libc.c
…
digest-openssl.c
…
digest.h
…
dispatch.c
…
dispatch.h
…
dns.c
upstream: Ensure that all returned SSHFP records for the specified host
2021-07-19 13:46:13 +10:00
dns.h
upstream: Ensure that all returned SSHFP records for the specified host
2021-07-19 13:46:13 +10:00
ed25519.c
…
entropy.c
Split EGD/PRNGD interface into its own file.
2021-06-18 18:32:51 +10:00
entropy.h
…
fatal.c
…
fe25519.c
…
fe25519.h
…
fixalgorithms
…
fixpaths
…
ge25519.c
…
ge25519.h
…
ge25519_base.data
…
groupaccess.c
…
groupaccess.h
…
gss-genr.c
need stdlib.h for free(3)
2021-10-01 16:36:24 +10:00
gss-serv-krb5.c
…
gss-serv.c
…
hash.c
Remove old OpenBSD version marker.
2021-07-03 20:36:06 +10:00
hmac.c
…
hmac.h
…
hostfile.c
upstream: Dynamically allocate encoded HashKnownHosts and free as
2021-10-06 14:40:32 +11:00
hostfile.h
upstream: make struct hostkeys public; I have no idea why I made it
2021-01-26 12:21:48 +11:00
includes.h
…
install-sh
…
int32_minmax.inc
upstream: estructure sntrup761.sh to process all files in a single
2021-01-08 13:46:35 +11:00
kex.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
kex.h
upstream: more strictly enforce KEX state-machine by banning packet
2021-02-01 09:57:28 +11:00
kexc25519.c
…
kexdh.c
Move signal.h up include order to match upstream.
2021-07-03 20:38:09 +10:00
kexecdh.c
…
kexgen.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
kexgex.c
…
kexgexc.c
upstream: more strictly enforce KEX state-machine by banning packet
2021-02-01 09:57:28 +11:00
kexgexs.c
upstream: more strictly enforce KEX state-machine by banning packet
2021-02-01 09:57:28 +11:00
kexsntrup761x25519.c
Disable sntrup761 if compiler doesn't support VLAs.
2021-01-26 14:48:07 +11:00
krl.c
upstream: The RB_GENERATE_STATIC(3) macro expands to a series of
2021-06-04 16:20:28 +10:00
krl.h
…
log.c
upstream: allow log_stderr==2 to prefix log messages with argv[0]
2021-09-19 17:21:59 +10:00
log.h
upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
2021-04-16 13:24:33 +10:00
loginrec.c
…
loginrec.h
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
logintest.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
mac.c
…
mac.h
…
match.c
…
match.h
…
mdoc2man.awk
…
misc.c
upstream: replace select() with ppoll(), including converting
2021-11-18 09:09:59 +11:00
misc.h
upstream: replace select() with ppoll(), including converting
2021-11-18 09:09:59 +11:00
mkinstalldirs
…
moduli
upstream: Import regenerated moduli.
2021-09-29 11:00:50 +10:00
moduli.5
…
moduli.c
…
monitor.c
upstream: remove a bunch of %p in format strings; leftovers of
2021-08-11 18:37:30 +10:00
monitor.h
…
monitor_fdpass.c
…
monitor_fdpass.h
…
monitor_wrap.c
upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
2021-04-16 13:24:33 +10:00
monitor_wrap.h
upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
2021-04-16 13:24:33 +10:00
msg.c
…
msg.h
…
mux.c
upstream: Add a StdinNull directive to ssh_config(5) that allows
2021-07-23 14:07:19 +10:00
myproposal.h
upstream: add the sntrup761x25519-sha512@openssh.com hybrid
2021-11-10 17:32:18 +11:00
nchan.c
upstream: restore blocking status on stdio fds before close
2021-05-19 11:52:14 +10:00
nchan.ms
…
nchan2.ms
…
openssh.xml.in
…
opensshd.init.in
Replace shell function with ssh-keygen -A.
2021-08-20 18:14:13 +10:00
packet.c
upstream: replace select() with ppoll(), including converting
2021-11-18 09:09:59 +11:00
packet.h
upstream: Explicitly check for and start time-based rekeying in the
2021-07-16 19:21:04 +10:00
pathnames.h
…
pkcs11.h
…
platform-misc.c
…
platform-pledge.c
…
platform-tracing.c
Include string.h and stdio.h for strerror.
2021-10-15 12:59:06 +11:00
platform.c
…
platform.h
…
poly1305.c
…
poly1305.h
…
progressmeter.c
…
progressmeter.h
…
readconf.c
upstream: missing space character in ssh -G output broke the
2021-09-16 15:38:16 +10:00
readconf.h
upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok
2021-09-16 15:38:16 +10:00
readpass.c
upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)
2021-07-23 15:57:56 +10:00
rijndael.c
…
rijndael.h
upstream: Make prototype for rijndaelEncrypt match function
2021-09-29 11:09:27 +10:00
sandbox-capsicum.c
…
sandbox-darwin.c
…
sandbox-null.c
…
sandbox-pledge.c
…
sandbox-rlimit.c
…
sandbox-seccomp-filter.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
sandbox-solaris.c
…
sandbox-systrace.c
…
sc25519.c
…
sc25519.h
…
scp.1
upstream: switch scp(1) back to sftp protocol.
2021-10-22 22:01:46 +11:00
scp.c
upstream: For open/openat, if the flags parameter does not contain
2021-10-28 13:56:59 +11:00
servconf.c
upstream: revision 1.381 neglected to remove
2021-09-07 16:05:36 +10:00
servconf.h
Sync remaining ChallengeResponse removal.
2021-07-03 19:23:28 +10:00
serverloop.c
upstream: Explicitly check for and start time-based rekeying in the
2021-07-16 19:21:04 +10:00
serverloop.h
…
session.c
upstream: remove a bunch of %p in format strings; leftovers of
2021-08-11 18:37:30 +10:00
session.h
…
sftp-client.c
upstream: Plug a couple of minor mem leaks. From beldmit at
2021-11-06 21:56:09 +11:00
sftp-client.h
upstream: SFTP protocol extension to allow the server to expand
2021-08-10 12:47:46 +10:00
sftp-common.c
…
sftp-common.h
…
sftp-glob.c
…
sftp-realpath.c
upstream: sys/param.h is not needed for any visible reason
2021-09-03 14:20:22 +10:00
sftp-server-main.c
…
sftp-server.8
upstream: standardise the grammar in the options list; issue
2021-08-03 09:39:57 +10:00
sftp-server.c
upstream: match .events with .fd better
2021-11-18 09:12:28 +11:00
sftp.1
Sync remaining ChallengeResponse removal.
2021-07-03 19:23:28 +10:00
sftp.c
upstream: Do not ignore SIGINT while waiting for input if editline(3)
2021-09-11 20:26:51 +10:00
sftp.h
…
sk-api.h
upstream: Better handle FIDO keys on tokens that provide user
2021-11-03 10:07:23 +11:00
sk-usbhid.c
upstream: Many downstreams expect ssh to compile as non-C99...
2021-11-06 21:56:09 +11:00
smult_curve25519_ref.c
…
sntrup761.c
Disable sntrup761 if compiler doesn't support VLAs.
2021-01-26 14:48:07 +11:00
sntrup761.sh
upstream: Update the sntrup761 creation script and generated code:
2021-01-08 13:49:49 +11:00
srclimit.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
srclimit.h
upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize
2021-01-11 15:04:12 +11:00
ssh-add.1
…
ssh-add.c
upstream: When downloading resident keys from a FIDO token, pass
2021-10-28 13:56:59 +11:00
ssh-agent.1
Avoid lines >80 chars. From jmc@
2021-08-03 21:02:33 +10:00
ssh-agent.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
ssh-dss.c
…
ssh-ecdsa-sk.c
…
ssh-ecdsa.c
…
ssh-ed25519-sk.c
…
ssh-ed25519.c
…
ssh-gss.h
upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t
2021-01-27 21:10:57 +11:00
ssh-keygen.1
upstream: when verifying sshsig signatures, support an option
2021-08-11 18:56:29 +10:00
ssh-keygen.c
upstream: ssh-keygen: make verify-time argument parsing optional
2021-10-29 14:25:23 +11:00
ssh-keyscan.1
…
ssh-keyscan.c
upstream: aggressively pre-fill the pollfd array with fd=-1
2021-11-18 08:58:54 +11:00
ssh-keysign.8
…
ssh-keysign.c
upstream: It really looks like pledge "stdio dns" is possible
2021-11-18 08:59:38 +11:00
ssh-pkcs11-client.c
make OPENSSL_HAS_ECC checks more thorough
2021-10-01 16:36:24 +10:00
ssh-pkcs11-helper.8
…
ssh-pkcs11-helper.c
upstream: remove a bunch of %p in format strings; leftovers of
2021-08-11 18:37:30 +10:00
ssh-pkcs11.c
make OPENSSL_HAS_ECC checks more thorough
2021-10-01 16:36:24 +10:00
ssh-pkcs11.h
…
ssh-rsa.c
…
ssh-sandbox.h
…
ssh-sk-client.c
upstream: When downloading resident keys from a FIDO token, pass
2021-10-28 13:56:59 +11:00
ssh-sk-helper.8
…
ssh-sk-helper.c
upstream: When downloading resident keys from a FIDO token, pass
2021-10-28 13:56:59 +11:00
ssh-sk.c
upstream: Better handle FIDO keys on tokens that provide user
2021-11-03 10:07:23 +11:00
ssh-sk.h
upstream: When downloading resident keys from a FIDO token, pass
2021-10-28 13:56:59 +11:00
ssh-xmss.c
…
ssh.1
upstream: Document behaviour of arguments following non-interactive
2021-09-10 20:34:09 +10:00
ssh.c
upstream: Fix "Allocated port" debug message
2021-09-20 14:31:57 +10:00
ssh.h
…
ssh2.h
…
ssh_api.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
ssh_api.h
…
ssh_config
…
ssh_config.5
upstream: add the sntrup761x25519-sha512@openssh.com hybrid
2021-11-10 17:32:18 +11:00
sshbuf-getput-basic.c
…
sshbuf-getput-crypto.c
…
sshbuf-io.c
…
sshbuf-misc.c
upstream: oops, missed one more %p
2021-08-11 18:37:30 +10:00
sshbuf.c
…
sshbuf.h
…
sshconnect.c
Sync remaining ChallengeResponse removal.
2021-07-03 19:23:28 +10:00
sshconnect.h
upstream: add a ssh_config KnownHostsCommand that allows the client
2020-12-22 15:43:59 +11:00
sshconnect2.c
upstream: note successful authentication method in final "Authenticated
2021-07-23 15:25:19 +10:00
sshd.8
upstream: Document that non-interactive commands are run via the user's
2021-09-10 22:05:35 +10:00
sshd.c
upstream: set num_listen_socks to 0 on close-all instead of -1,
2021-11-18 09:14:22 +11:00
sshd_config
Replace remaining references to ChallengeResponse.
2021-07-03 19:27:43 +10:00
sshd_config.5
upstream: add the sntrup761x25519-sha512@openssh.com hybrid
2021-11-10 17:32:18 +11:00
ssherr.c
…
ssherr.h
…
sshkey-xmss.c
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
sshkey-xmss.h
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
sshkey.c
Only enable sk-* key types if ENABLE_SK is defined
2021-10-07 14:28:02 +11:00
sshkey.h
upstream: Let allowed signers files used by ssh-keygen(1)
2021-07-23 14:07:19 +10:00
sshlogin.c
…
sshlogin.h
…
sshpty.c
Include stdio.h for FILE in misc.h.
2020-12-22 18:56:54 +11:00
sshpty.h
…
sshsig.c
upstream: move cert_filter_principals() to earlier in the file for
2021-11-06 21:56:09 +11:00
sshsig.h
upstream: Let allowed signers files used by ssh-keygen(1)
2021-07-23 14:07:19 +10:00
sshtty.c
…
survey.sh.in
…
ttymodes.c
upstream: remove global variable used to stash compat flags and use the
2021-01-27 20:28:25 +11:00
ttymodes.h
…
uidswap.c
polish whitespace for portable files
2021-04-03 17:47:37 +11:00
uidswap.h
…
umac.c
upstream: typos in comments; GHPR#180 from Vill
2021-04-03 17:59:32 +11:00
umac.h
…
umac128.c
…
utf8.c
…
utf8.h
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
verify.c
…
version.h
upstream: openssh-8.8
2021-09-27 00:03:12 +10:00
xmalloc.c
…
xmalloc.h
upstream: highly polished whitespace, mostly fixing spaces-for-tab
2021-04-03 17:23:02 +11:00
xmss_commons.c
…
xmss_commons.h
…
xmss_fast.c
…
xmss_fast.h
…
xmss_hash.c
…
xmss_hash.h
…
xmss_hash_address.c
…
xmss_hash_address.h
…
xmss_wots.c
…
xmss_wots.h
…
fcd8d895bb
