Click on a directory to enter that directory. Click on a file to display its revision history and to get a chance to display diffs between revisions.
Current directory: [local] / src / usr.bin / ssh
Current tag: OPENBSD_7_1
| File | Rev. | Age | Author | Last log entry |
|---|---|---|---|---|
![[BACK]](/icons/back.gif){kind=icon} Parent Directory |
||||
![[DIR]](/icons/dir.gif){kind=icon} lib/ |
||||
| moduli-gen/ |
||||
| scard/ |
||||
| scp/ |
||||
| sftp/ |
||||
| sftp-server/ |
||||
| ssh/ |
||||
| ssh-add/ |
||||
| ssh-agent/ |
||||
| ssh-keygen/ |
||||
| ssh-keyscan/ |
||||
| ssh-keysign/ |
||||
| ssh-pkcs11-helper/ |
||||
| ssh-sk-helper/ |
||||
| sshd/ |
||||
| sshd-session/ |
||||
![[TXT]](/icons/text.gif){kind=icon} LICENCE |
1.20 | 7 years | djm | remove the (in)famous SSHv1 CRC compensation attack detector. Despite your came... |
| Makefile |
1.17 | 4 years | djm | ssh-agent support for U2F/FIDO keys feedback & ok markus@ |
| Makefile.inc |
1.87 | 3 years | dtucker | Move address handling functions out into their own file in order to reuse them f... |
| OVERVIEW |
1.15 | 5 years | djm | refer to OpenSSL not SSLeay; we're old, but we don't have to act it |
| PROTOCOL |
1.44 | 2 years | djm | add support for the "corp-data" protocol extension to allow server-side copies t... |
| PROTOCOL.agent |
1.16 | 2 years | jsg | spelling ok dtucker@ |
| PROTOCOL.certkeys |
1.19 | 2 years | naddy | PROTOCOL.certkeys: update reference from IETF draft to RFC Also fix some typos.... |
| PROTOCOL.chacha20poly1305 |
1.5 | 4 years | dtucker | Fix some typos and an incorrect word in docs. Patch from itoama at live.jp via g... |
| PROTOCOL.key |
1.2 | 3 years | djm | correct mistake in spec - the private key blobs are encoded verbatim and not as ... |
| PROTOCOL.krl |
1.5 | 5 years | djm | allow key revocation by SHA256 hash and allow ssh-keygen to create KRLs using SH... |
| PROTOCOL.mux |
1.13 | 2 years | jsg | spelling ok dtucker@ |
| PROTOCOL.sshsig |
1.4 | 3 years | djm | Add RCS IDs to the few files that are missing them; from Pedro Martelletto |
| PROTOCOL.u2f |
1.26 | 3 years | djm | when writing an attestation blob for a FIDO key, record all the data needed to v... |
| README |
1.7 | 18 years | djm | $OpenBSD$ in here too |
| addr.c |
1.4 | 2 years | dtucker | Prevent mem leaks in the (unlikely) event that getaddrinfo returns no addresses.... |
| addr.h |
1.1 | 3 years | dtucker | Move address handling functions out into their own file in order to reuse them f... |
| addrmatch.c |
1.17 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| atomicio.c |
1.30 | 5 years | dtucker | Check for both EAGAIN and EWOULDBLOCK. This is a no-op in OpenBSD (they are the... |
| atomicio.h |
1.12 | 5 years | djm | move client/server SSH-* banners to buffers under ssh->kex and factor out the ba... |
| auth-bsdauth.c |
1.15 | 5 years | markus | sshd: switch authentication to sshbuf API; ok djm@ |
| auth-krb5.c |
1.24 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| auth-options.c |
1.98 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
| auth-options.h |
1.31 | 2 years | djm | make authorized_keys environment="..." directives first-match-wins and more stri... |
| auth-passwd.c |
1.48 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| auth-rhosts.c |
1.56 | 2 years | djm | free(3) wants stdlib.h |
| auth.c |
1.154 | 2 years | djm | randomise the password used in fakepw |
| auth.h |
1.102 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
| auth2-chall.c |
1.54 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| auth2-gss.c |
1.33 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
| auth2-hostbased.c |
1.49 | 2 years | djm | include rejected signature algorithm in error message and not the (useless) key ... |
| auth2-kbdint.c |
1.14 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
| auth2-none.c |
1.24 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
| auth2-passwd.c |
1.20 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
| auth2-pubkey.c |
1.113 | 2 years | naddy | include rejected signature algorithm in error message and not the (useless) key ... |
| auth2.c |
1.164 | 2 years | djm | avoid integer overflow of auth attempts (harmless, caught by monitor) |
| authfd.c |
1.129 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
| authfd.h |
1.51 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
| authfile.c |
1.142 | 2 years | jsg | spelling ok dtucker@ |
| authfile.h |
1.25 | 4 years | djm | factor out reading/writing sshbufs to dedicated functions; feedback and ok marku... |
| bitmap.c |
1.9 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
| bitmap.h |
1.2 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
| canohost.c |
1.75 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| canohost.h |
1.12 | 8 years | djm | refactor canohost.c: move functions that cache results closer to the places that... |
| chacha.c |
1.1 | 10 years | djm | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combi... |
| chacha.h |
1.5 | 3 years | djm | whitespace (tab after space) |
| channels.c |
1.416 | 2 years | djm | clear io_want/io_ready flags at start of poll() cycle; avoids plausible spin dur... |
| channels.h |
1.142 | 2 years | djm | fix poll() spin when a channel's output fd closes without data in the channel bu... |
| cipher-aesctr.c |
1.2 | 9 years | markus | remove unneeded includes, sync my copyright across files & whitespace; ok djm@ |
| cipher-aesctr.h |
1.1 | 10 years | markus | re-add our own aesctr implementation; ok djm@ |
| cipher-chachapoly-libcrypto.c |
1.1 | 4 years | djm | chacha20-poly1305 AEAD using libcrypto EVP_chacha20 Based on patch from Yuriy M... |
| cipher-chachapoly.c |
1.9 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
| cipher-chachapoly.h |
1.5 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
| cipher.c |
1.119 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| cipher.h |
1.55 | 4 years | dtucker | Make zlib optional. This adds a "ZLIB" build time option that allows building w... |
| cleanup.c |
1.5 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
| clientloop.c |
1.378 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
| clientloop.h |
1.37 | 4 years | djm | make failures when establishing "Tunnel" forwarding terminate the connection whe... |
| compat.c |
1.119 | 2 years | djm | openssh-7.4 was incorrectly listed twice; spotted by Dmitry Belyavskiy, ok dtuck... |
| compat.h |
1.57 | 2 years | djm | Client-side workaround for a bug in OpenSSH 7.4: this release allows RSA/SHA2 si... |
| crypto_api.h |
1.7 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
| dh.c |
1.74 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| dh.h |
1.19 | 3 years | dtucker | Add ModuliFile keyword to sshd_config to specify the location of the "moduli" fi... |
| digest-libc.c |
1.7 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
| digest-openssl.c |
1.9 | 3 years | djm | whitespace; no code change |
| digest.h |
1.8 | 7 years | djm | remove hmac-ripemd160; ok dtucker |
| dispatch.c |
1.32 | 5 years | djm | allow sshpkt_fatal() to take a varargs format; we'll use this to give packet-rel... |
| dispatch.h |
1.15 | 5 years | djm | remove last traces of old packet API! with & ok markus@ |
| dns.c |
1.42 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
| dns.h |
1.19 | 2 years | dtucker | Ensure that all returned SSHFP records for the specified host name and hostkey t... |
| ed25519.c |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| fatal.c |
1.11 | 3 years | djm | fix SEGV on fatal() errors spotted by dtucker@ |
| groupaccess.c |
1.17 | 5 years | dtucker | Move checks for lists of users or groups into their own function. This is a no-o... |
| groupaccess.h |
1.8 | 15 years | djm | support negation of groups in "Match group" block (bz#1315); ok dtucker@ |
| gss-genr.c |
1.28 | 3 years | djm | make ssh->kex->session_id a sshbuf instead of u_char*/size_t and use that instea... |
| gss-serv-krb5.c |
1.9 | 5 years | markus | sshd: switch GSSAPI to sshbuf API; ok djm@ |
| gss-serv.c |
1.32 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
| hash.c |
1.6 | 4 years | djm | perform hashing directly in crypto_hash_sha512() using libcrypto or libc SHA512 ... |
| hmac.c |
1.14 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
| hmac.h |
1.9 | 9 years | djm | New key API: refactor key-related functions to be more library-like, existing AP... |
| hostfile.c |
1.93 | 2 years | djm | piece of UpdateHostkeys client strictification: when updating known_hosts with n... |
| hostfile.h |
1.29 | 3 years | djm | make struct hostkeys public; I have no idea why I made it opaque originally. ok... |
| kex.c |
1.172 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
| kex.h |
1.117 | 2 years | djm | Fix signature algorithm selection logic for UpdateHostkeys on the server side. T... |
| kexc25519.c |
1.17 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
| kexdh.c |
1.34 | 3 years | djm | memleak of DH public bignum; found with libfuzzer |
| kexecdh.c |
1.10 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
| kexgen.c |
1.8 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
| kexgex.c |
1.32 | 5 years | djm | pass most arguments to the KEX hash functions as sshbuf rather than pointer+leng... |
| kexgexc.c |
1.38 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
| kexgexs.c |
1.44 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
| kexsntrup761x25519.c |
1.2 | 2 years | jsg | fix unintended sizeof pointer in debug path ok markus@ |
| krl.c |
1.53 | 2 years | djm | The RB_GENERATE_STATIC(3) macro expands to a series of function definitions and ... |
| krl.h |
1.8 | 4 years | djm | give ssh-keygen the ability to dump the contents of a binary key revocation list... |
| log.c |
1.60 | 2 years | djm | allow log_stderr==2 to prefix log messages with argv[0] use this to make scp's ... |
| log.h |
1.33 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
| mac.c |
1.35 | 4 years | djm | lots of things were relying on libcrypto headers to transitively include various... |
| mac.h |
1.10 | 7 years | djm | Improve crypto ordering for Encrypt-then-MAC (EtM) mode MAC algorithms. Previou... |
| match.c |
1.43 | 3 years | djm | fold consecutive '*' wildcards to mitigate combinatorial explosion of recursive ... |
| match.h |
1.20 | 3 years | djm | some language improvements; ok markus |
| misc.c |
1.175 | 2 years | djm | make addargs() and replacearg() a little more robust and improve error reporting... |
| misc.h |
1.99 | 2 years | deraadt | replace select() with ppoll(), including converting timeval's to timespec's to m... |
| moduli.c |
1.37 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
| monitor.c |
1.232 | 2 years | djm | save an unneccessary alloc/free, based on patch from Martin Vahlensieck; ok dtuc... |
| monitor.h |
1.23 | 5 years | djm | remove last references to active_state with & ok markus@ |
| monitor_fdpass.c |
1.22 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| monitor_fdpass.h |
1.4 | 16 years | djm | make file descriptor passing code return an error rather than call fatal() when ... |
| monitor_wrap.c |
1.123 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
| monitor_wrap.h |
1.47 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
| msg.c |
1.20 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| msg.h |
1.5 | 9 years | djm | sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mo... |
| mux.c |
1.92 | 2 years | djm | suppress "Connection to xxx closed" messages at LogLevel >= error bz3378; ok dtu... |
| myproposal.h |
1.71 | 2 years | djm | select post-quantum KEX sntrup761x25519-sha512@openssh.com as the default; ok ma... |
| nchan.c |
1.74 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
| nchan.ms |
1.8 | 20 years | djm | unexpand and delete whitespace at EOL; ok markus@ |
| nchan2.ms |
1.4 | 16 years | djm | document eow message in ssh protocol 2 channel state machine; feedback and ok ma... |
| packet.c |
1.307 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
| packet.h |
1.94 | 2 years | djm | branches: 1.94.8; add a ssh_packet_process_read() function that reads from a fd... |
| pathnames.h |
1.31 | 4 years | markus | enable ed25519 support; ok djm |
| pkcs11.h |
1.3 | 10 years | deraadt | cleanup 1 << 31 idioms. Resurrection of this issue pointed out by Eitan Adler o... |
| poly1305.c |
1.3 | 10 years | djm | use full name for author, with his permission |
| poly1305.h |
1.4 | 10 years | djm | revert __bounded change; it causes way more problems for portable than it solves... |
| progressmeter.c |
1.50 | 4 years | dtucker | Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper ... |
| progressmeter.h |
1.5 | 5 years | dtucker | Have progressmeter force an update at the beginning and end of each transfer. F... |
| readconf.c |
1.366 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
| readconf.h |
1.146 | 2 years | djm | PubkeyAuthentication=yes|no|unbound|host-bound Allow control over which pubkey ... |
| readpass.c |
1.69 | 2 years | djm | mention in comment that read_passphrase(..., RP_ALLOW_STDIN) will try to use ask... |
| rijndael.c |
1.20 | 9 years | djm | #if 0 some more arrays used only for decrypting (we don't use since we only need... |
| rijndael.h |
1.15 | 2 years | dtucker | Make prototype for rijndaelEncrypt match function including the bounds. Fixes er... |
| sandbox-pledge.c |
1.2 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| sandbox-rlimit.c |
1.5 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| scp.1 |
1.108 | 2 years | djm | put back the scp manpage changes for SFTP mode too |
| scp.c |
1.247 | 2 years | djm | don't leak argument list; bz3404, reported by Balu Gajjala ok dtucker@ |
| servconf.c |
1.384 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
| servconf.h |
1.156 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
| serverloop.c |
1.231 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
| serverloop.h |
1.8 | 6 years | djm | refactor channels.c Move static state to a "struct ssh_channels" that is alloca... |
| session.c |
1.330 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
| session.h |
1.36 | 5 years | djm | Add server support for signalling sessions via the SSH channel/ session protocol... |
| sftp-client.c |
1.162 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
| sftp-client.h |
1.36 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
| sftp-common.c |
1.32 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| sftp-common.h |
1.12 | 9 years | djm | update sftp client and server to new buffer API. pretty much just mechanical cha... |
| sftp-glob.c |
1.30 | 2 years | dtucker | Remove the char * casts from arguments to do_lstat, do_readdir and do_stat paths... |
| sftp-realpath.c |
1.2 | 2 years | deraadt | sys/param.h is not needed for any visible reason |
| sftp-server-main.c |
1.6 | 4 years | otto | Replace calls to ssh_malloc_init() by a static init of malloc_options. Prepares ... |
| sftp-server.8 |
1.31 | 2 years | jmc | standardise the grammar in the options list; issue reported by debian at helgefj... |
| sftp-server.c |
1.140 | 2 years | djm | add support for the "corp-data" protocol extension to allow server-side copies t... |
| sftp.1 |
1.140 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
| sftp.c |
1.214 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
| sftp.h |
1.9 | 15 years | dtucker | replace __dead with __attribute__((noreturn)), makes things a little easier to p... |
| sk-api.h |
1.14 | 2 years | djm | Better handle FIDO keys on tokens that provide user verification (UV) on the dev... |
| sk-usbhid.c |
1.38 | 2 years | djm | use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually hashing dat... |
| smult_curve25519_ref.c |
1.2 | 10 years | markus | add missing $OpenBSD$ tags |
| sntrup761.c |
1.5 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
| sntrup761.sh |
1.5 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
| srclimit.c |
1.2 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| srclimit.h |
1.1 | 3 years | dtucker | Add PerSourceMaxStartups and PerSourceNetBlockSize options which provide more fi... |
| ssh-add.1 |
1.84 | 2 years | dtucker | Since they are deprecated, move DSA to the end of the default list of public key... |
| ssh-add.c |
1.165 | 2 years | dtucker | Since they are deprecated, move DSA to the end of the default list of public key... |
| ssh-agent.1 |
1.73 | 2 years | naddy | branches: 1.73.6; man pages: add missing commas between subordinate and main cl... |
| ssh-agent.c |
1.287 | 2 years | djm | allow pin-required FIDO keys to be added to ssh-agent(1). ssh-askpass will be us... |
| ssh-dss.c |
1.39 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
| ssh-ecdsa-sk.c |
1.8 | 3 years | djm | some clarifying comments |
| ssh-ecdsa.c |
1.16 | 5 years | djm | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather than make the... |
| ssh-ed25519-sk.c |
1.6 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| ssh-ed25519.c |
1.9 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| ssh-gss.h |
1.15 | 3 years | djm | make ssh->kex->session_id a sshbuf instead of u_char*/size_t and use that instea... |
| ssh-keygen.1 |
1.220 | 2 years | jsg | remove please from manual pages ok jmc@ sthen@ millert@ |
| ssh-keygen.c |
1.450 | 2 years | djm | helpful comment |
| ssh-keyscan.1 |
1.45 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
| ssh-keyscan.c |
1.145 | 2 years | deraadt | When poll(2) returns -1, for some error conditions pfd[].revents is not cleared.... |
| ssh-keysign.8 |
1.17 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
| ssh-keysign.c |
1.70 | 2 years | djm | make ssh-keysign use the requested signature algorithm and not the default for t... |
| ssh-pkcs11-client.c |
1.17 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| ssh-pkcs11-helper.8 |
1.6 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
| ssh-pkcs11-helper.c |
1.26 | 2 years | djm | check for POLLHUP wherever we check for POLLIN |
| ssh-pkcs11.c |
1.55 | 2 years | djm | branches: 1.55.6; avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already... |
| ssh-pkcs11.h |
1.6 | 4 years | djm | expose PKCS#11 key labels/X.509 subjects as comments Extract the key label or X... |
| ssh-rsa.c |
1.68 | 5 years | djm | hold our collective noses and use the openssl-1.1.x API in OpenSSH; feedback and... |
| ssh-sandbox.h |
1.1 | 12 years | djm | rename sandbox.h => ssh-sandbox.h to make things easier for portable |
| ssh-sk-client.c |
1.12 | 2 years | djm | sshsk_load_resident: don't preallocate resp resp is allocated by client_convers... |
| ssh-sk-helper.8 |
1.3 | 4 years | naddy | Replace the term "security key" with "(FIDO) authenticator". The polysemous use... |
| ssh-sk-helper.c |
1.12 | 2 years | djm | When downloading resident keys from a FIDO token, pass back the user ID that was... |
| ssh-sk.c |
1.38 | 2 years | djm | ssh-sk: free a resident key's user id From Pedro Martelletto; ok dtucker & me |
| ssh-sk.h |
1.11 | 2 years | djm | When downloading resident keys from a FIDO token, pass back the user ID that was... |
| ssh-xmss.c |
1.4 | 3 years | dtucker | Adapt XMSS to new logging infrastructure. With markus@, ok djm@. |
| ssh.1 |
1.430 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
| ssh.c |
1.574 | 2 years | djm | ssh is almost out of getopt() characters; note the remaining remaining available... |
| ssh.h |
1.90 | 3 years | djm | allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUI... |
| ssh2.h |
1.19 | 3 years | dtucker | draft-ietf-secsh-architecture is now RFC4251. |
| ssh_api.c |
1.27 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| ssh_api.h |
1.2 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
| ssh_config |
1.35 | 3 years | dtucker | Add a '%k' TOKEN that expands to the effective HostKey of the destination. This... |
| ssh_config.5 |
1.371 | 2 years | naddy | ssh: document sntrup761x25519-sha512@openssh.com as default KEX |
| sshbuf-getput-basic.c |
1.11 | 3 years | djm | make sshbuf_putb(b, NULL) a no-op |
| sshbuf-getput-crypto.c |
1.8 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
| sshbuf-io.c |
1.2 | 4 years | djm | tidy headers; some junk snuck into sshbuf-misc.c and sshbuf-io.c doesn't need SS... |
| sshbuf-misc.c |
1.18 | 2 years | djm | Add a sshbuf_read() that attempts to read(2) directly in to a sshbuf; ok markus@... |
| sshbuf.c |
1.15 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
| sshbuf.h |
1.25 | 2 years | djm | Add a sshbuf_read() that attempts to read(2) directly in to a sshbuf; ok markus@... |
| sshconnect.c |
1.356 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
| sshconnect.h |
1.46 | 3 years | djm | add a ssh_config KnownHostsCommand that allows the client to obtain known_hosts ... |
| sshconnect2.c |
1.356 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
| sshd.8 |
1.318 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
| sshd.c |
1.585 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
| sshd_config |
1.104 | 2 years | dtucker | Remove references to ChallengeResponseAuthentication in favour of KbdInteractive... |
| sshd_config.5 |
1.340 | 2 years | naddy | ssh: document sntrup761x25519-sha512@openssh.com as default KEX |
| ssherr.c |
1.10 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
| ssherr.h |
1.8 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
| sshkey-xmss.c |
1.11 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| sshkey-xmss.h |
1.3 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| sshkey.c |
1.120 | 2 years | djm | add a helper function to match a key type to a list of signature algorithms. RSA... |
| sshkey.h |
1.51 | 2 years | djm | add a helper function to match a key type to a list of signature algorithms. RSA... |
| sshlogin.c |
1.35 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
| sshlogin.h |
1.8 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
| sshpty.c |
1.34 | 4 years | deraadt | fatal() if getgrnam() cannot find "tty" |
| sshpty.h |
1.13 | 7 years | dtucker | Factor out code to disconnect from controlling terminal into its own function. ... |
| sshsig.c |
1.29 | 2 years | djm | avoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported by Mateusz ... |
| sshsig.h |
1.11 | 2 years | djm | Add ssh-keygen -Y match-principals operation to perform matching of principals n... |
| sshtty.c |
1.14 | 14 years | djm | quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we usually don't... |
| ttymodes.c |
1.36 | 3 years | djm | remove global variable used to stash compat flags and use the purpose-built ssh-... |
| ttymodes.h |
1.16 | 7 years | djm | purge the last traces of SSHv1 from the TTY modes handling code ok markus |
| uidswap.c |
1.42 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
| uidswap.h |
1.14 | 5 years | dtucker | Remove support for running ssh(1) setuid and fatal if attempted. Do not link uid... |
| umac.c |
1.22 | 2 years | jsg | spelling |
| umac.h |
1.5 | 2 years | jsg | spelling ok dtucker@ |
| umac128.c |
1.2 | 6 years | dtucker | Rename struct umac_ctx to umac128_ctx too. In portable some linkers complain ab... |
| utf8.c |
1.11 | 4 years | djm | expose vasnmprintf(); ok (as part of other commit) markus deraadt |
| utf8.h |
1.4 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| version.h |
1.94 | 2 years | djm | openssh-9.0 |
| xmalloc.c |
1.37 | 2 years | cheloha | ssh: xstrdup(): use memcpy(3) Copying the given string into the buffer with str... |
| xmalloc.h |
1.20 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
| xmss_commons.c |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_commons.h |
1.3 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_fast.c |
1.3 | 6 years | markus | ssh/xmss: fix build; ok djm@ |
| xmss_fast.h |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_hash.c |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_hash.h |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_hash_address.c |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_hash_address.h |
1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
| xmss_wots.c |
1.3 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
| xmss_wots.h |
1.3 | 6 years | dtucker | Remove unneeded (local) include. ok markus@ |
| fe25519.c (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| fe25519.h (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| ge25519.c (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| ge25519.h (in the Attic) [Hide] |
1.4 | 9 years | miod | Declare ge25519_base as extern, to prevent it from becoming a common. Gets us ri... |
| ge25519_base.data (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| sc25519.c (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| sc25519.h (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
| verify.c (in the Attic) [Hide] |
1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |