Click on a directory to enter that directory. Click on a file to display its revision history and to get a chance to display diffs between revisions.
Current directory: [local] / src / usr.bin / ssh
Current tag: OPENBSD_6_7
File | Rev. | Age | Author | Last log entry |
---|---|---|---|---|
Parent Directory | ||||
lib/ | ||||
moduli-gen/ | ||||
scard/ | ||||
scp/ | ||||
sftp/ | ||||
sftp-server/ | ||||
ssh/ | ||||
ssh-add/ | ||||
ssh-agent/ | ||||
ssh-keygen/ | ||||
ssh-keyscan/ | ||||
ssh-keysign/ | ||||
ssh-pkcs11-helper/ | ||||
ssh-sk-helper/ | ||||
sshd/ | ||||
sshd-session/ | ||||
LICENCE | 1.20 | 7 years | djm | remove the (in)famous SSHv1 CRC compensation attack detector. Despite your came... |
Makefile | 1.17 | 4 years | djm | ssh-agent support for U2F/FIDO keys feedback & ok markus@ |
Makefile.inc | 1.83 | 4 years | djm | chacha20-poly1305 AEAD using libcrypto EVP_chacha20 Based on patch from Yuriy M... |
OVERVIEW | 1.15 | 5 years | djm | refer to OpenSSL not SSLeay; we're old, but we don't have to act it |
PROTOCOL | 1.37 | 4 years | dtucker | Fix some typos and an incorrect word in docs. Patch from itoama at live.jp via g... |
PROTOCOL.agent | 1.12 | 6 years | djm | Now that we no longer support SSHv1, replace the contents of this file with a po... |
PROTOCOL.certkeys | 1.17 | 4 years | djm | document the "no-touch-required" certificate extension; ok markus, feedback der... |
PROTOCOL.chacha20poly1305 | 1.5 | 4 years | dtucker | Fix some typos and an incorrect word in docs. Patch from itoama at live.jp via g... |
PROTOCOL.key | 1.1 | 10 years | markus | new private key format, bcrypt as KDF by default; details in PROTOCOL.key; feedb... |
PROTOCOL.krl | 1.5 | 5 years | djm | allow key revocation by SHA256 hash and allow ssh-keygen to create KRLs using SH... |
PROTOCOL.mux | 1.12 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
PROTOCOL.sshsig | 1.2 | 4 years | djm | sshsig tweaks and improvements from and suggested by Markus ok markus/me |
PROTOCOL.u2f | 1.21 | 4 years | djm | when signing a challenge using a FIDO toke, perform the hashing in the middlewar... |
README | 1.7 | 18 years | djm | $OpenBSD$ in here too |
addrmatch.c | 1.14 | 5 years | djm | fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 feedback an... |
atomicio.c | 1.30 | 5 years | dtucker | Check for both EAGAIN and EWOULDBLOCK. This is a no-op in OpenBSD (they are the... |
atomicio.h | 1.12 | 5 years | djm | move client/server SSH-* banners to buffers under ssh->kex and factor out the ba... |
auth-bsdauth.c | 1.15 | 5 years | markus | sshd: switch authentication to sshbuf API; ok djm@ |
auth-krb5.c | 1.23 | 5 years | markus | sshd: switch authentication to sshbuf API; ok djm@ |
auth-options.c | 1.92 | 4 years | markus | fix null-deref on calloc failure; ok djm |
auth-options.h | 1.29 | 4 years | djm | add a "no-touch-required" option for authorized_keys and a similar extension for... |
auth-passwd.c | 1.47 | 5 years | markus | sshd: switch loginmsg to sshbuf API; ok djm@ |
auth-rhosts.c | 1.52 | 4 years | djm | make IgnoreRhosts a tri-state option: "yes" ignore rhosts/shosts, "no" allow rho... |
auth.c | 1.146 | 4 years | djm | Add a sshd_config "Include" directive to allow inclusion of files. This has sens... |
auth.h | 1.100 | 4 years | djm | fixes for !WITH_OPENSSL compilation; ok dtucker@ |
auth2-chall.c | 1.53 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
auth2-gss.c | 1.29 | 5 years | djm | delay bailout for invalid authenticating user until after the packet containing ... |
auth2-hostbased.c | 1.42 | 4 years | djm | Add new structure for signature options This is populated during signature veri... |
auth2-kbdint.c | 1.11 | 4 years | deraadt | stdarg.h required more broadly; ok djm |
auth2-none.c | 1.22 | 5 years | markus | sshd: switch authentication to sshbuf API; ok djm@ |
auth2-passwd.c | 1.18 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
auth2-pubkey.c | 1.99 | 4 years | naddy | Replace "security key" with "authenticator" in program messages. This replaces ... |
auth2.c | 1.158 | 4 years | markus | exit on parse failures in input_service_request; ok djm |
authfd.c | 1.123 | 4 years | markus | ssh_fetch_identitylist() returns the return value from ssh_request_reply() so we... |
authfd.h | 1.48 | 4 years | djm | Allow forwarding a different agent socket to the path specified by $SSH_AUTH_SOC... |
authfile.c | 1.140 | 4 years | djm | refactor out some duplicate private key loading code; based on patch from loic A... |
authfile.h | 1.25 | 4 years | djm | factor out reading/writing sshbufs to dedicated functions; feedback and ok marku... |
bitmap.c | 1.9 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
bitmap.h | 1.2 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
canohost.c | 1.74 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
canohost.h | 1.12 | 8 years | djm | refactor canohost.c: move functions that cache results closer to the places that... |
chacha.c | 1.1 | 10 years | djm | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combi... |
chacha.h | 1.4 | 7 years | guenther | Pull in <stdlib.h> for NULL ok deraadt@ |
channels.c | 1.398 | 4 years | dtucker | We've standardized on memset over bzero, replace a couple that had slipped in. ... |
channels.h | 1.133 | 4 years | djm | add a comment describing the ranges of channel IDs that we use; requested by mar... |
cipher-aesctr.c | 1.2 | 9 years | markus | remove unneeded includes, sync my copyright across files & whitespace; ok djm@ |
cipher-aesctr.h | 1.1 | 10 years | markus | re-add our own aesctr implementation; ok djm@ |
cipher-chachapoly-libcrypto.c | 1.1 | 4 years | djm | chacha20-poly1305 AEAD using libcrypto EVP_chacha20 Based on patch from Yuriy M... |
cipher-chachapoly.c | 1.9 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
cipher-chachapoly.h | 1.5 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
cipher.c | 1.117 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
cipher.h | 1.55 | 4 years | dtucker | Make zlib optional. This adds a "ZLIB" build time option that allows building w... |
cleanup.c | 1.5 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
clientloop.c | 1.344 | 4 years | dtucker | Remove leave_non_blocking() which is now dead code because nothing sets in_non_b... |
clientloop.h | 1.37 | 4 years | djm | make failures when establishing "Tunnel" forwarding terminate the connection whe... |
compat.c | 1.113 | 5 years | djm | revert compat.[ch] section of the following change. It causes double-free under ... |
compat.h | 1.54 | 5 years | djm | revert compat.[ch] section of the following change. It causes double-free under ... |
crypto_api.h | 1.5 | 5 years | djm | Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the ... |
dh.c | 1.71 | 4 years | djm | typo in previous |
dh.h | 1.18 | 4 years | djm | fixes for !WITH_OPENSSL compilation; ok dtucker@ |
digest-libc.c | 1.7 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
digest-openssl.c | 1.8 | 5 years | djm | hold our collective noses and use the openssl-1.1.x API in OpenSSH; feedback and... |
digest.h | 1.8 | 7 years | djm | remove hmac-ripemd160; ok dtucker |
dispatch.c | 1.32 | 5 years | djm | allow sshpkt_fatal() to take a varargs format; we'll use this to give packet-rel... |
dispatch.h | 1.15 | 5 years | djm | remove last traces of old packet API! with & ok markus@ |
dns.c | 1.38 | 6 years | markus | Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The ... |
dns.h | 1.18 | 6 years | markus | Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The ... |
ed25519.c | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
fatal.c | 1.7 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
groupaccess.c | 1.17 | 5 years | dtucker | Move checks for lists of users or groups into their own function. This is a no-o... |
groupaccess.h | 1.8 | 15 years | djm | support negation of groups in "Match group" block (bz#1315); ok dtucker@ |
gss-genr.c | 1.26 | 5 years | djm | kerberos/gssapi fixes for buffer removal |
gss-serv-krb5.c | 1.9 | 5 years | markus | sshd: switch GSSAPI to sshbuf API; ok djm@ |
gss-serv.c | 1.32 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
hash.c | 1.6 | 4 years | djm | perform hashing directly in crypto_hash_sha512() using libcrypto or libc SHA512 ... |
hmac.c | 1.14 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
hmac.h | 1.9 | 9 years | djm | New key API: refactor key-related functions to be more library-like, existing AP... |
hostfile.c | 1.79 | 4 years | markus | fix possible null-deref in check_key_not_revoked; ok djm |
hostfile.h | 1.24 | 9 years | djm | Refactor hostkeys_foreach() and dependent code Deal with IP addresses (i.e. Chec... |
kex.c | 1.158 | 4 years | djm | use sshpkt_fatal() for kex_exchange_identification() errors. This ensures that t... |
kex.h | 1.109 | 4 years | djm | fixes for !WITH_OPENSSL compilation; ok dtucker@ |
kexc25519.c | 1.17 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
kexdh.c | 1.32 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
kexecdh.c | 1.10 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
kexgen.c | 1.4 | 4 years | djm | Add new structure for signature options This is populated during signature veri... |
kexgex.c | 1.32 | 5 years | djm | pass most arguments to the KEX hash functions as sshbuf rather than pointer+leng... |
kexgexc.c | 1.35 | 4 years | djm | Add new structure for signature options This is populated during signature veri... |
kexgexs.c | 1.42 | 5 years | djm | pass most arguments to the KEX hash functions as sshbuf rather than pointer+leng... |
krl.c | 1.50 | 4 years | djm | avoid another compiler warning spotted in -portable |
krl.h | 1.8 | 4 years | djm | give ssh-keygen the ability to dump the contents of a binary key revocation list... |
log.c | 1.51 | 5 years | markus | avoid expensive channel_open_message() calls; ok djm@ |
log.h | 1.24 | 4 years | djm | lots of things were relying on libcrypto headers to transitively include various... |
mac.c | 1.35 | 4 years | djm | lots of things were relying on libcrypto headers to transitively include various... |
mac.h | 1.10 | 7 years | djm | Improve crypto ordering for Encrypt-then-MAC (EtM) mode MAC algorithms. Previou... |
match.c | 1.41 | 4 years | deraadt | stdarg.h required more broadly; ok djm |
match.h | 1.19 | 5 years | dtucker | Move checks for lists of users or groups into their own function. This is a no-o... |
misc.c | 1.147 | 4 years | dtucker | We've standardized on memset over bzero, replace a couple that had slipped in. ... |
misc.h | 1.84 | 4 years | djm | add xextendf() to extend a string with a format (reallocating as necessary). ok ... |
moduli.c | 1.37 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
monitor.c | 1.210 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
monitor.h | 1.23 | 5 years | djm | remove last references to active_state with & ok markus@ |
monitor_fdpass.c | 1.21 | 8 years | jca | Print ssize_t with %zd; ok deraadt@ mmcc@ |
monitor_fdpass.h | 1.4 | 16 years | djm | make file descriptor passing code return an error rather than call fatal() when ... |
monitor_wrap.c | 1.117 | 4 years | djm | allow security keys to act as host keys as well as user keys. Previously we did... |
monitor_wrap.h | 1.44 | 4 years | djm | Add new structure for signature options This is populated during signature veri... |
msg.c | 1.18 | 4 years | djm | some __func__ and strerror(errno) here; no functional change |
msg.h | 1.5 | 9 years | djm | sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mo... |
mux.c | 1.82 | 4 years | markus | bring back debug() removed in rev 1.74; noted by pradeep kumar |
myproposal.h | 1.67 | 4 years | djm | remove ssh-rsa (SHA1) from the list of allowed CA signature algorithms ok markus... |
nchan.c | 1.70 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
nchan.ms | 1.8 | 20 years | djm | unexpand and delete whitespace at EOL; ok markus@ |
nchan2.ms | 1.4 | 16 years | djm | document eow message in ssh protocol 2 channel state machine; feedback and ok ma... |
packet.c | 1.291 | 4 years | markus | consistently check packet_timeout_ms against 0; ok djm |
packet.h | 1.92 | 4 years | markus | sshpkt_fatal() does not return; ok djm |
pathnames.h | 1.31 | 4 years | markus | enable ed25519 support; ok djm |
pkcs11.h | 1.3 | 10 years | deraadt | cleanup 1 << 31 idioms. Resurrection of this issue pointed out by Eitan Adler o... |
poly1305.c | 1.3 | 10 years | djm | use full name for author, with his permission |
poly1305.h | 1.4 | 10 years | djm | revert __bounded change; it causes way more problems for portable than it solves... |
progressmeter.c | 1.50 | 4 years | dtucker | Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper ... |
progressmeter.h | 1.5 | 5 years | dtucker | Have progressmeter force an update at the beginning and end of each transfer. F... |
readconf.c | 1.329 | 4 years | dtucker | Fix incorrect error message for "too many known hosts files." bz#3149, patch fro... |
readconf.h | 1.133 | 4 years | dtucker | Make with config keywords support which percent_expansions more consistent. - %... |
readpass.c | 1.61 | 4 years | dtucker | Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper ... |
rijndael.c | 1.20 | 9 years | djm | #if 0 some more arrays used only for decrypting (we don't use since we only need... |
rijndael.h | 1.14 | 10 years | markus | re-add our own aesctr implementation; ok djm@ |
sandbox-pledge.c | 1.1 | 8 years | deraadt | Change all tame callers to namechange to pledge(2). |
sandbox-rlimit.c | 1.4 | 7 years | deraadt | Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions ra... |
scp.1 | 1.89 | 4 years | jmc | tweak previous; ok markus |
scp.c | 1.210 | 4 years | djm | another case where a utimes() failure could make scp send a desynchronising erro... |
servconf.c | 1.363 | 4 years | djm | make IgnoreRhosts a tri-state option: "yes" ignore rhosts/shosts, "no" allow rho... |
servconf.h | 1.144 | 4 years | djm | make IgnoreRhosts a tri-state option: "yes" ignore rhosts/shosts, "no" allow rho... |
serverloop.c | 1.222 | 4 years | djm | use sshpkt_fatal() instead of plain fatal() for ssh_packet_write_poll() failures... |
serverloop.h | 1.8 | 6 years | djm | refactor channels.c Move static state to a "struct ssh_channels" that is alloca... |
session.c | 1.319 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
session.h | 1.36 | 5 years | djm | Add server support for signalling sessions via the SSH channel/ session protocol... |
sftp-client.c | 1.135 | 4 years | djm | fix memory leak in error path; bz#3074 patch from krishnaiah.bommu@intel.com, ok... |
sftp-client.h | 1.28 | 5 years | djm | Add "-h" flag to sftp chown/chgrp/chmod commands to request they do not follow s... |
sftp-common.c | 1.31 | 5 years | millert | Fix warnings caused by user_from_uid() and group_from_gid() now returning const ... |
sftp-common.h | 1.12 | 9 years | djm | update sftp client and server to new buffer API. pretty much just mechanical cha... |
sftp-glob.c | 1.29 | 4 years | deraadt | stdarg.h required more broadly; ok djm |
sftp-realpath.c | 1.1 | 4 years | djm | add a local implementation of BSD realpath() for sftp-server use ahead of OpenBS... |
sftp-server-main.c | 1.6 | 4 years | otto | Replace calls to ssh_malloc_init() by a static init of malloc_options. Prepares ... |
sftp-server.8 | 1.28 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
sftp-server.c | 1.117 | 4 years | djm | add a local implementation of BSD realpath() for sftp-server use ahead of OpenBS... |
sftp.1 | 1.131 | 4 years | jmc | ce examples of "Ar arg Ar arg" with "Ar arg arg" and stop the spread; |
sftp.c | 1.200 | 4 years | jmc | sort -N and add it to usage(); |
sftp.h | 1.9 | 15 years | dtucker | replace __dead with __attribute__((noreturn)), makes things a little easier to p... |
sk-api.h | 1.9 | 4 years | djm | when signing a challenge using a FIDO toke, perform the hashing in the middlewar... |
sk-usbhid.c | 1.17 | 4 years | djm | when signing a challenge using a FIDO toke, perform the hashing in the middlewar... |
smult_curve25519_ref.c | 1.2 | 10 years | markus | add missing $OpenBSD$ tags |
ssh-add.1 | 1.79 | 4 years | djm | sync the description of the $SSH_SK_PROVIDER environment variable with that of t... |
ssh-add.c | 1.155 | 4 years | dtucker | Cast lifetime to u_long for comparison to prevent unsigned comparison warning on... |
ssh-agent.1 | 1.70 | 4 years | naddy | Replace the term "security key" with "(FIDO) authenticator". The polysemous use... |
ssh-agent.c | 1.257.2.1 | 3 years | deraadt | Double free in ssh-agent(1), fixed differently in -current from djm his is errat... |
ssh-dss.c | 1.39 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
ssh-ecdsa-sk.c | 1.5 | 4 years | djm | more debugging; behind DEBUG_SK |
ssh-ecdsa.c | 1.16 | 5 years | djm | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather than make the... |
ssh-ed25519-sk.c | 1.5 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
ssh-ed25519.c | 1.8 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
ssh-gss.h | 1.14 | 5 years | djm | kerberos/gssapi fixes for buffer removal |
ssh-keygen.1 | 1.203 | 4 years | djm | give ssh-keygen the ability to dump the contents of a binary key revocation list... |
ssh-keygen.c | 1.409.2.1 | 3 years | benno | this is errata 6.7/003_ssh.patch.sig original commit: revision 1.411 date: 202... |
ssh-keyscan.1 | 1.45 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
ssh-keyscan.c | 1.131 | 4 years | djm | allow ssh-keyscan to find security key hostkeys |
ssh-keysign.8 | 1.16 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
ssh-keysign.c | 1.63 | 4 years | naddy | additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@ |
ssh-pkcs11-client.c | 1.16 | 4 years | djm | expose PKCS#11 key labels/X.509 subjects as comments Extract the key label or X... |
ssh-pkcs11-helper.8 | 1.6 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
ssh-pkcs11-helper.c | 1.23 | 4 years | markus | remove unused variables in ssh-pkcs11-helper; ok djm |
ssh-pkcs11.c | 1.49 | 4 years | djm | improve error messages for some common PKCS#11 C_Login failure cases; based on p... |
ssh-pkcs11.h | 1.6 | 4 years | djm | expose PKCS#11 key labels/X.509 subjects as comments Extract the key label or X... |
ssh-rsa.c | 1.68 | 5 years | djm | hold our collective noses and use the openssl-1.1.x API in OpenSSH; feedback and... |
ssh-sandbox.h | 1.1 | 12 years | djm | rename sandbox.h => ssh-sandbox.h to make things easier for portable |
ssh-sk-client.c | 1.7 | 4 years | dtucker | Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper ... |
ssh-sk-helper.8 | 1.3 | 4 years | naddy | Replace the term "security key" with "(FIDO) authenticator". The polysemous use... |
ssh-sk-helper.c | 1.9 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
ssh-sk.c | 1.30 | 4 years | djm | when signing a challenge using a FIDO toke, perform the hashing in the middlewar... |
ssh-sk.h | 1.10 | 4 years | djm | pass the log-on-stderr flag and log level through to ssh-sk-helper, making debug... |
ssh-xmss.c | 1.2 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
ssh.1 | 1.412 | 4 years | djm | mention that /etc/hosts.equiv and /etc/shosts.equiv are not considered for Hostb... |
ssh.c | 1.527 | 4 years | dtucker | Add TOKEN percent expansion to LocalFoward and RemoteForward when used for Unix ... |
ssh.h | 1.89 | 5 years | djm | move client/server SSH-* banners to buffers under ssh->kex and factor out the ba... |
ssh2.h | 1.18 | 8 years | markus | move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ |
ssh_api.c | 1.19 | 4 years | djm | Refactor signing - use sshkey_sign for everything, including the new U2F signatu... |
ssh_api.h | 1.2 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
ssh_config | 1.34 | 5 years | dtucker | Remove obsolete "Protocol" from commented out examples. Patch from samy.mahmoudi... |
ssh_config.5 | 1.325 | 4 years | jmc | add space between macro arg and punctuation; |
sshbuf-getput-basic.c | 1.10 | 4 years | djm | allow sshbuf_put_stringb(buf, NULL); ok markus@ |
sshbuf-getput-crypto.c | 1.8 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
sshbuf-io.c | 1.2 | 4 years | djm | tidy headers; some junk snuck into sshbuf-misc.c and sshbuf-io.c doesn't need SS... |
sshbuf-misc.c | 1.14 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
sshbuf.c | 1.15 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
sshbuf.h | 1.21 | 4 years | dtucker | Fix comment typo. Patch from mforney at mforney.org. |
sshconnect.c | 1.329 | 4 years | djm | use sshpkt_fatal() for kex_exchange_identification() errors. This ensures that t... |
sshconnect.h | 1.40 | 4 years | djm | when AddKeysToAgent=yes is set and the key contains no comment, add the key to t... |
sshconnect2.c | 1.321 | 4 years | djm | fix reversed test that caused IdentitiesOnly=yes to not apply to keys loaded fro... |
sshd.8 | 1.312 | 4 years | djm | mention that permitopen=/PermitOpen do no name to address translation; prompted ... |
sshd.c | 1.552 | 4 years | djm | use sshpkt_fatal() for kex_exchange_identification() errors. This ensures that t... |
sshd_config | 1.103 | 6 years | tj | the UseLogin option was removed, so remove it here too. ok dtucker |
sshd_config.5 | 1.311 | 4 years | jmc | add space beteen macro arg and punctuation; |
ssherr.c | 1.10 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
ssherr.h | 1.8 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
sshkey-xmss.c | 1.8 | 4 years | markus | fix shield/unshield for xmss keys: - in ssh-agent we need to delay the call to s... |
sshkey-xmss.h | 1.1 | 6 years | markus | Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The ... |
sshkey.c | 1.108 | 4 years | djm | Refactor private key parsing. Eliminates a fair bit of duplicated code and fixes... |
sshkey.h | 1.45 | 4 years | djm | add sshkey_parse_pubkey_from_private_fileblob_type() Extracts a public key from... |
sshlogin.c | 1.34 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
sshlogin.h | 1.8 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
sshpty.c | 1.34 | 4 years | deraadt | fatal() if getgrnam() cannot find "tty" |
sshpty.h | 1.13 | 7 years | dtucker | Factor out code to disconnect from controlling terminal into its own function. ... |
sshsig.c | 1.15 | 4 years | markus | do not leak oprincipals; ok djm |
sshsig.h | 1.7 | 4 years | djm | ssh-keygen -Y find-principals fixes based on feedback from Markus: use "princip... |
sshtty.c | 1.14 | 14 years | djm | quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we usually don't... |
ttymodes.c | 1.34 | 5 years | markus | ttymodes: switch to sshbuf API; ok djm@ |
ttymodes.h | 1.16 | 7 years | djm | purge the last traces of SSHv1 from the TTY modes handling code ok markus |
uidswap.c | 1.42 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
uidswap.h | 1.14 | 5 years | dtucker | Remove support for running ssh(1) setuid and fatal if attempted. Do not link uid... |
umac.c | 1.20 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
umac.h | 1.4 | 4 years | dtucker | Typo and spelling fixes in comments and error messages. Patch from knweiss at g... |
umac128.c | 1.2 | 6 years | dtucker | Rename struct umac_ctx to umac128_ctx too. In portable some linkers complain ab... |
utf8.c | 1.11 | 4 years | djm | expose vasnmprintf(); ok (as part of other commit) markus deraadt |
utf8.h | 1.3 | 4 years | djm | expose vasnmprintf(); ok (as part of other commit) markus deraadt |
version.h | 1.87 | 4 years | djm | openssh-8.3; ok deraadt@ |
xmalloc.c | 1.36 | 4 years | djm | add xvasprintf() |
xmalloc.h | 1.19 | 4 years | djm | add xvasprintf() |
xmss_commons.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_commons.h | 1.3 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_fast.c | 1.3 | 6 years | markus | ssh/xmss: fix build; ok djm@ |
xmss_fast.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash_address.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash_address.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_wots.c | 1.3 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
xmss_wots.h | 1.3 | 6 years | dtucker | Remove unneeded (local) include. ok markus@ |
fe25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
fe25519.h (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
ge25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
ge25519.h (in the Attic) [Hide] | 1.4 | 9 years | miod | Declare ge25519_base as extern, to prevent it from becoming a common. Gets us ri... |
ge25519_base.data (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
kexsntrup4591761x25519.c (in the Attic) [Hide] | 1.3 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
sc25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
sc25519.h (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
sntrup4591761.c (in the Attic) [Hide] | 1.3 | 5 years | markus | Add authors for public domain sntrup4591761 code; confirmed by Daniel J. Bernste... |
sntrup4591761.sh (in the Attic) [Hide] | 1.3 | 5 years | markus | Add authors for public domain sntrup4591761 code; confirmed by Daniel J. Bernste... |
verify.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |