Click on a directory to enter that directory. Click on a file to display its revision history and to get a chance to display diffs between revisions.
Current directory: [local] / src / usr.bin / ssh
Current tag: OPENBSD_7_1
File | Rev. | Age | Author | Last log entry |
---|---|---|---|---|
Parent Directory | ||||
lib/ | ||||
moduli-gen/ | ||||
scard/ | ||||
scp/ | ||||
sftp/ | ||||
sftp-server/ | ||||
ssh/ | ||||
ssh-add/ | ||||
ssh-agent/ | ||||
ssh-keygen/ | ||||
ssh-keyscan/ | ||||
ssh-keysign/ | ||||
ssh-pkcs11-helper/ | ||||
ssh-sk-helper/ | ||||
sshd/ | ||||
sshd-session/ | ||||
LICENCE | 1.20 | 7 years | djm | remove the (in)famous SSHv1 CRC compensation attack detector. Despite your came... |
Makefile | 1.17 | 4 years | djm | ssh-agent support for U2F/FIDO keys feedback & ok markus@ |
Makefile.inc | 1.87 | 3 years | dtucker | Move address handling functions out into their own file in order to reuse them f... |
OVERVIEW | 1.15 | 5 years | djm | refer to OpenSSL not SSLeay; we're old, but we don't have to act it |
PROTOCOL | 1.44 | 2 years | djm | add support for the "corp-data" protocol extension to allow server-side copies t... |
PROTOCOL.agent | 1.16 | 2 years | jsg | spelling ok dtucker@ |
PROTOCOL.certkeys | 1.19 | 2 years | naddy | PROTOCOL.certkeys: update reference from IETF draft to RFC Also fix some typos.... |
PROTOCOL.chacha20poly1305 | 1.5 | 4 years | dtucker | Fix some typos and an incorrect word in docs. Patch from itoama at live.jp via g... |
PROTOCOL.key | 1.2 | 3 years | djm | correct mistake in spec - the private key blobs are encoded verbatim and not as ... |
PROTOCOL.krl | 1.5 | 5 years | djm | allow key revocation by SHA256 hash and allow ssh-keygen to create KRLs using SH... |
PROTOCOL.mux | 1.13 | 2 years | jsg | spelling ok dtucker@ |
PROTOCOL.sshsig | 1.4 | 3 years | djm | Add RCS IDs to the few files that are missing them; from Pedro Martelletto |
PROTOCOL.u2f | 1.26 | 3 years | djm | when writing an attestation blob for a FIDO key, record all the data needed to v... |
README | 1.7 | 18 years | djm | $OpenBSD$ in here too |
addr.c | 1.4 | 2 years | dtucker | Prevent mem leaks in the (unlikely) event that getaddrinfo returns no addresses.... |
addr.h | 1.1 | 3 years | dtucker | Move address handling functions out into their own file in order to reuse them f... |
addrmatch.c | 1.17 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
atomicio.c | 1.30 | 5 years | dtucker | Check for both EAGAIN and EWOULDBLOCK. This is a no-op in OpenBSD (they are the... |
atomicio.h | 1.12 | 5 years | djm | move client/server SSH-* banners to buffers under ssh->kex and factor out the ba... |
auth-bsdauth.c | 1.15 | 5 years | markus | sshd: switch authentication to sshbuf API; ok djm@ |
auth-krb5.c | 1.24 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
auth-options.c | 1.98 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
auth-options.h | 1.31 | 2 years | djm | make authorized_keys environment="..." directives first-match-wins and more stri... |
auth-passwd.c | 1.48 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
auth-rhosts.c | 1.56 | 2 years | djm | free(3) wants stdlib.h |
auth.c | 1.154 | 2 years | djm | randomise the password used in fakepw |
auth.h | 1.102 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
auth2-chall.c | 1.54 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
auth2-gss.c | 1.33 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
auth2-hostbased.c | 1.49 | 2 years | djm | include rejected signature algorithm in error message and not the (useless) key ... |
auth2-kbdint.c | 1.14 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
auth2-none.c | 1.24 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
auth2-passwd.c | 1.20 | 2 years | djm | prepare for multiple names for authmethods allow authentication methods to have... |
auth2-pubkey.c | 1.113 | 2 years | naddy | include rejected signature algorithm in error message and not the (useless) key ... |
auth2.c | 1.164 | 2 years | djm | avoid integer overflow of auth attempts (harmless, caught by monitor) |
authfd.c | 1.129 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
authfd.h | 1.51 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
authfile.c | 1.142 | 2 years | jsg | spelling ok dtucker@ |
authfile.h | 1.25 | 4 years | djm | factor out reading/writing sshbufs to dedicated functions; feedback and ok marku... |
bitmap.c | 1.9 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
bitmap.h | 1.2 | 6 years | djm | add RCSIDs to these; they make syncing portable a bit easier |
canohost.c | 1.75 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
canohost.h | 1.12 | 8 years | djm | refactor canohost.c: move functions that cache results closer to the places that... |
chacha.c | 1.1 | 10 years | djm | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combi... |
chacha.h | 1.5 | 3 years | djm | whitespace (tab after space) |
channels.c | 1.416 | 2 years | djm | clear io_want/io_ready flags at start of poll() cycle; avoids plausible spin dur... |
channels.h | 1.142 | 2 years | djm | fix poll() spin when a channel's output fd closes without data in the channel bu... |
cipher-aesctr.c | 1.2 | 9 years | markus | remove unneeded includes, sync my copyright across files & whitespace; ok djm@ |
cipher-aesctr.h | 1.1 | 10 years | markus | re-add our own aesctr implementation; ok djm@ |
cipher-chachapoly-libcrypto.c | 1.1 | 4 years | djm | chacha20-poly1305 AEAD using libcrypto EVP_chacha20 Based on patch from Yuriy M... |
cipher-chachapoly.c | 1.9 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
cipher-chachapoly.h | 1.5 | 4 years | djm | make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a larger diff at... |
cipher.c | 1.119 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
cipher.h | 1.55 | 4 years | dtucker | Make zlib optional. This adds a "ZLIB" build time option that allows building w... |
cleanup.c | 1.5 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
clientloop.c | 1.378 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
clientloop.h | 1.37 | 4 years | djm | make failures when establishing "Tunnel" forwarding terminate the connection whe... |
compat.c | 1.119 | 2 years | djm | openssh-7.4 was incorrectly listed twice; spotted by Dmitry Belyavskiy, ok dtuck... |
compat.h | 1.57 | 2 years | djm | Client-side workaround for a bug in OpenSSH 7.4: this release allows RSA/SHA2 si... |
crypto_api.h | 1.7 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
dh.c | 1.74 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
dh.h | 1.19 | 3 years | dtucker | Add ModuliFile keyword to sshd_config to specify the location of the "moduli" fi... |
digest-libc.c | 1.7 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
digest-openssl.c | 1.9 | 3 years | djm | whitespace; no code change |
digest.h | 1.8 | 7 years | djm | remove hmac-ripemd160; ok dtucker |
dispatch.c | 1.32 | 5 years | djm | allow sshpkt_fatal() to take a varargs format; we'll use this to give packet-rel... |
dispatch.h | 1.15 | 5 years | djm | remove last traces of old packet API! with & ok markus@ |
dns.c | 1.42 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
dns.h | 1.19 | 2 years | dtucker | Ensure that all returned SSHFP records for the specified host name and hostkey t... |
ed25519.c | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
fatal.c | 1.11 | 3 years | djm | fix SEGV on fatal() errors spotted by dtucker@ |
groupaccess.c | 1.17 | 5 years | dtucker | Move checks for lists of users or groups into their own function. This is a no-o... |
groupaccess.h | 1.8 | 15 years | djm | support negation of groups in "Match group" block (bz#1315); ok dtucker@ |
gss-genr.c | 1.28 | 3 years | djm | make ssh->kex->session_id a sshbuf instead of u_char*/size_t and use that instea... |
gss-serv-krb5.c | 1.9 | 5 years | markus | sshd: switch GSSAPI to sshbuf API; ok djm@ |
gss-serv.c | 1.32 | 4 years | djm | spelling errors in comments; no code change from https://fossies.org/linux/misc/... |
hash.c | 1.6 | 4 years | djm | perform hashing directly in crypto_hash_sha512() using libcrypto or libc SHA512 ... |
hmac.c | 1.14 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
hmac.h | 1.9 | 9 years | djm | New key API: refactor key-related functions to be more library-like, existing AP... |
hostfile.c | 1.93 | 2 years | djm | piece of UpdateHostkeys client strictification: when updating known_hosts with n... |
hostfile.h | 1.29 | 3 years | djm | make struct hostkeys public; I have no idea why I made it opaque originally. ok... |
kex.c | 1.172 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
kex.h | 1.117 | 2 years | djm | Fix signature algorithm selection logic for UpdateHostkeys on the server side. T... |
kexc25519.c | 1.17 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
kexdh.c | 1.34 | 3 years | djm | memleak of DH public bignum; found with libfuzzer |
kexecdh.c | 1.10 | 5 years | djm | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to k... |
kexgen.c | 1.8 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
kexgex.c | 1.32 | 5 years | djm | pass most arguments to the KEX hash functions as sshbuf rather than pointer+leng... |
kexgexc.c | 1.38 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
kexgexs.c | 1.44 | 2 years | djm | Record session ID, host key and sig at intital KEX These will be used later for... |
kexsntrup761x25519.c | 1.2 | 2 years | jsg | fix unintended sizeof pointer in debug path ok markus@ |
krl.c | 1.53 | 2 years | djm | The RB_GENERATE_STATIC(3) macro expands to a series of function definitions and ... |
krl.h | 1.8 | 4 years | djm | give ssh-keygen the ability to dump the contents of a binary key revocation list... |
log.c | 1.60 | 2 years | djm | allow log_stderr==2 to prefix log messages with argv[0] use this to make scp's ... |
log.h | 1.33 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
mac.c | 1.35 | 4 years | djm | lots of things were relying on libcrypto headers to transitively include various... |
mac.h | 1.10 | 7 years | djm | Improve crypto ordering for Encrypt-then-MAC (EtM) mode MAC algorithms. Previou... |
match.c | 1.43 | 3 years | djm | fold consecutive '*' wildcards to mitigate combinatorial explosion of recursive ... |
match.h | 1.20 | 3 years | djm | some language improvements; ok markus |
misc.c | 1.175 | 2 years | djm | make addargs() and replacearg() a little more robust and improve error reporting... |
misc.h | 1.99 | 2 years | deraadt | replace select() with ppoll(), including converting timeval's to timespec's to m... |
moduli.c | 1.37 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
monitor.c | 1.232 | 2 years | djm | save an unneccessary alloc/free, based on patch from Martin Vahlensieck; ok dtuc... |
monitor.h | 1.23 | 5 years | djm | remove last references to active_state with & ok markus@ |
monitor_fdpass.c | 1.22 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
monitor_fdpass.h | 1.4 | 16 years | djm | make file descriptor passing code return an error rather than call fatal() when ... |
monitor_wrap.c | 1.123 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
monitor_wrap.h | 1.47 | 3 years | markus | do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@ |
msg.c | 1.20 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
msg.h | 1.5 | 9 years | djm | sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mo... |
mux.c | 1.92 | 2 years | djm | suppress "Connection to xxx closed" messages at LogLevel >= error bz3378; ok dtu... |
myproposal.h | 1.71 | 2 years | djm | select post-quantum KEX sntrup761x25519-sha512@openssh.com as the default; ok ma... |
nchan.c | 1.74 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
nchan.ms | 1.8 | 20 years | djm | unexpand and delete whitespace at EOL; ok markus@ |
nchan2.ms | 1.4 | 16 years | djm | document eow message in ssh protocol 2 channel state machine; feedback and ok ma... |
packet.c | 1.307 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
packet.h | 1.94 | 2 years | djm | branches: 1.94.8; add a ssh_packet_process_read() function that reads from a fd... |
pathnames.h | 1.31 | 4 years | markus | enable ed25519 support; ok djm |
pkcs11.h | 1.3 | 10 years | deraadt | cleanup 1 << 31 idioms. Resurrection of this issue pointed out by Eitan Adler o... |
poly1305.c | 1.3 | 10 years | djm | use full name for author, with his permission |
poly1305.h | 1.4 | 10 years | djm | revert __bounded change; it causes way more problems for portable than it solves... |
progressmeter.c | 1.50 | 4 years | dtucker | Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper ... |
progressmeter.h | 1.5 | 5 years | dtucker | Have progressmeter force an update at the beginning and end of each transfer. F... |
readconf.c | 1.366 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
readconf.h | 1.146 | 2 years | djm | PubkeyAuthentication=yes|no|unbound|host-bound Allow control over which pubkey ... |
readpass.c | 1.69 | 2 years | djm | mention in comment that read_passphrase(..., RP_ALLOW_STDIN) will try to use ask... |
rijndael.c | 1.20 | 9 years | djm | #if 0 some more arrays used only for decrypting (we don't use since we only need... |
rijndael.h | 1.15 | 2 years | dtucker | Make prototype for rijndaelEncrypt match function including the bounds. Fixes er... |
sandbox-pledge.c | 1.2 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
sandbox-rlimit.c | 1.5 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
scp.1 | 1.108 | 2 years | djm | put back the scp manpage changes for SFTP mode too |
scp.c | 1.247 | 2 years | djm | don't leak argument list; bz3404, reported by Balu Gajjala ok dtucker@ |
servconf.c | 1.384 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
servconf.h | 1.156 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
serverloop.c | 1.231 | 2 years | djm | add a ssh_packet_process_read() function that reads from a fd directly into the ... |
serverloop.h | 1.8 | 6 years | djm | refactor channels.c Move static state to a "struct ssh_channels" that is alloca... |
session.c | 1.330 | 2 years | dtucker | Switch hpdelim interface to accept only ":" as delimiter. Historicallly, hpdeli... |
session.h | 1.36 | 5 years | djm | Add server support for signalling sessions via the SSH channel/ session protocol... |
sftp-client.c | 1.162 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
sftp-client.h | 1.36 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
sftp-common.c | 1.32 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
sftp-common.h | 1.12 | 9 years | djm | update sftp client and server to new buffer API. pretty much just mechanical cha... |
sftp-glob.c | 1.30 | 2 years | dtucker | Remove the char * casts from arguments to do_lstat, do_readdir and do_stat paths... |
sftp-realpath.c | 1.2 | 2 years | deraadt | sys/param.h is not needed for any visible reason |
sftp-server-main.c | 1.6 | 4 years | otto | Replace calls to ssh_malloc_init() by a static init of malloc_options. Prepares ... |
sftp-server.8 | 1.31 | 2 years | jmc | standardise the grammar in the options list; issue reported by debian at helgefj... |
sftp-server.c | 1.140 | 2 years | djm | add support for the "corp-data" protocol extension to allow server-side copies t... |
sftp.1 | 1.140 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
sftp.c | 1.214 | 2 years | djm | add a sftp client "cp" command that supports server-side copying of files. Usefu... |
sftp.h | 1.9 | 15 years | dtucker | replace __dead with __attribute__((noreturn)), makes things a little easier to p... |
sk-api.h | 1.14 | 2 years | djm | Better handle FIDO keys on tokens that provide user verification (UV) on the dev... |
sk-usbhid.c | 1.38 | 2 years | djm | use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually hashing dat... |
smult_curve25519_ref.c | 1.2 | 10 years | markus | add missing $OpenBSD$ tags |
sntrup761.c | 1.5 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
sntrup761.sh | 1.5 | 3 years | dtucker | Update the sntrup761 creation script and generated code: - remove unneeded head... |
srclimit.c | 1.2 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
srclimit.h | 1.1 | 3 years | dtucker | Add PerSourceMaxStartups and PerSourceNetBlockSize options which provide more fi... |
ssh-add.1 | 1.84 | 2 years | dtucker | Since they are deprecated, move DSA to the end of the default list of public key... |
ssh-add.c | 1.165 | 2 years | dtucker | Since they are deprecated, move DSA to the end of the default list of public key... |
ssh-agent.1 | 1.73 | 2 years | naddy | branches: 1.73.6; man pages: add missing commas between subordinate and main cl... |
ssh-agent.c | 1.287 | 2 years | djm | allow pin-required FIDO keys to be added to ssh-agent(1). ssh-askpass will be us... |
ssh-dss.c | 1.39 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
ssh-ecdsa-sk.c | 1.8 | 3 years | djm | some clarifying comments |
ssh-ecdsa.c | 1.16 | 5 years | djm | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather than make the... |
ssh-ed25519-sk.c | 1.6 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
ssh-ed25519.c | 1.9 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
ssh-gss.h | 1.15 | 3 years | djm | make ssh->kex->session_id a sshbuf instead of u_char*/size_t and use that instea... |
ssh-keygen.1 | 1.220 | 2 years | jsg | remove please from manual pages ok jmc@ sthen@ millert@ |
ssh-keygen.c | 1.450 | 2 years | djm | helpful comment |
ssh-keyscan.1 | 1.45 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
ssh-keyscan.c | 1.145 | 2 years | deraadt | When poll(2) returns -1, for some error conditions pfd[].revents is not cleared.... |
ssh-keysign.8 | 1.17 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
ssh-keysign.c | 1.70 | 2 years | djm | make ssh-keysign use the requested signature algorithm and not the default for t... |
ssh-pkcs11-client.c | 1.17 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
ssh-pkcs11-helper.8 | 1.6 | 4 years | jmc | tweak the Nd lines for a bit of consistency; ok markus |
ssh-pkcs11-helper.c | 1.26 | 2 years | djm | check for POLLHUP wherever we check for POLLIN |
ssh-pkcs11.c | 1.55 | 2 years | djm | branches: 1.55.6; avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already... |
ssh-pkcs11.h | 1.6 | 4 years | djm | expose PKCS#11 key labels/X.509 subjects as comments Extract the key label or X... |
ssh-rsa.c | 1.68 | 5 years | djm | hold our collective noses and use the openssl-1.1.x API in OpenSSH; feedback and... |
ssh-sandbox.h | 1.1 | 12 years | djm | rename sandbox.h => ssh-sandbox.h to make things easier for portable |
ssh-sk-client.c | 1.12 | 2 years | djm | sshsk_load_resident: don't preallocate resp resp is allocated by client_convers... |
ssh-sk-helper.8 | 1.3 | 4 years | naddy | Replace the term "security key" with "(FIDO) authenticator". The polysemous use... |
ssh-sk-helper.c | 1.12 | 2 years | djm | When downloading resident keys from a FIDO token, pass back the user ID that was... |
ssh-sk.c | 1.38 | 2 years | djm | ssh-sk: free a resident key's user id From Pedro Martelletto; ok dtucker & me |
ssh-sk.h | 1.11 | 2 years | djm | When downloading resident keys from a FIDO token, pass back the user ID that was... |
ssh-xmss.c | 1.4 | 3 years | dtucker | Adapt XMSS to new logging infrastructure. With markus@, ok djm@. |
ssh.1 | 1.430 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
ssh.c | 1.574 | 2 years | djm | ssh is almost out of getopt() characters; note the remaining remaining available... |
ssh.h | 1.90 | 3 years | djm | allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUI... |
ssh2.h | 1.19 | 3 years | dtucker | draft-ietf-secsh-architecture is now RFC4251. |
ssh_api.c | 1.27 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
ssh_api.h | 1.2 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
ssh_config | 1.35 | 3 years | dtucker | Add a '%k' TOKEN that expands to the effective HostKey of the destination. This... |
ssh_config.5 | 1.371 | 2 years | naddy | ssh: document sntrup761x25519-sha512@openssh.com as default KEX |
sshbuf-getput-basic.c | 1.11 | 3 years | djm | make sshbuf_putb(b, NULL) a no-op |
sshbuf-getput-crypto.c | 1.8 | 4 years | djm | remove most uses of BN_CTX We weren't following the rules re BN_CTX_start/BN_CT... |
sshbuf-io.c | 1.2 | 4 years | djm | tidy headers; some junk snuck into sshbuf-misc.c and sshbuf-io.c doesn't need SS... |
sshbuf-misc.c | 1.18 | 2 years | djm | Add a sshbuf_read() that attempts to read(2) directly in to a sshbuf; ok markus@... |
sshbuf.c | 1.15 | 4 years | jsg | change explicit_bzero();free() to freezero() While freezero() returns early if ... |
sshbuf.h | 1.25 | 2 years | djm | Add a sshbuf_read() that attempts to read(2) directly in to a sshbuf; ok markus@... |
sshconnect.c | 1.356 | 2 years | djm | ssh-add side of destination constraints Have ssh-add accept a list of "destinat... |
sshconnect.h | 1.46 | 3 years | djm | add a ssh_config KnownHostsCommand that allows the client to obtain known_hosts ... |
sshconnect2.c | 1.356 | 2 years | djm | mark const string array contents const too, i.e. static const char *array => sta... |
sshd.8 | 1.318 | 2 years | naddy | man pages: add missing commas between subordinate and main clauses jmc@ dislike... |
sshd.c | 1.585 | 2 years | djm | don't try to resolve ListenAddress directives in the sshd re-exec path - we're n... |
sshd_config | 1.104 | 2 years | dtucker | Remove references to ChallengeResponseAuthentication in favour of KbdInteractive... |
sshd_config.5 | 1.340 | 2 years | naddy | ssh: document sntrup761x25519-sha512@openssh.com as default KEX |
ssherr.c | 1.10 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
ssherr.h | 1.8 | 4 years | djm | improve the error message for u2f enrollment errors by making ssh-keygen be sole... |
sshkey-xmss.c | 1.11 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
sshkey-xmss.h | 1.3 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
sshkey.c | 1.120 | 2 years | djm | add a helper function to match a key type to a list of signature algorithms. RSA... |
sshkey.h | 1.51 | 2 years | djm | add a helper function to match a key type to a list of signature algorithms. RSA... |
sshlogin.c | 1.35 | 3 years | djm | use the new variant log macros instead of prepending __func__ and appending ssh_... |
sshlogin.h | 1.8 | 17 years | deraadt | almost entirely get rid of the culture of ".h files that include .h files" ok dj... |
sshpty.c | 1.34 | 4 years | deraadt | fatal() if getgrnam() cannot find "tty" |
sshpty.h | 1.13 | 7 years | dtucker | Factor out code to disconnect from controlling terminal into its own function. ... |
sshsig.c | 1.29 | 2 years | djm | avoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported by Mateusz ... |
sshsig.h | 1.11 | 2 years | djm | Add ssh-keygen -Y match-principals operation to perform matching of principals n... |
sshtty.c | 1.14 | 14 years | djm | quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we usually don't... |
ttymodes.c | 1.36 | 3 years | djm | remove global variable used to stash compat flags and use the purpose-built ssh-... |
ttymodes.h | 1.16 | 7 years | djm | purge the last traces of SSHv1 from the TTY modes handling code ok markus |
uidswap.c | 1.42 | 4 years | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
uidswap.h | 1.14 | 5 years | dtucker | Remove support for running ssh(1) setuid and fatal if attempted. Do not link uid... |
umac.c | 1.22 | 2 years | jsg | spelling |
umac.h | 1.5 | 2 years | jsg | spelling ok dtucker@ |
umac128.c | 1.2 | 6 years | dtucker | Rename struct umac_ctx to umac128_ctx too. In portable some linkers complain ab... |
utf8.c | 1.11 | 4 years | djm | expose vasnmprintf(); ok (as part of other commit) markus deraadt |
utf8.h | 1.4 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
version.h | 1.94 | 2 years | djm | openssh-9.0 |
xmalloc.c | 1.37 | 2 years | cheloha | ssh: xstrdup(): use memcpy(3) Copying the given string into the buffer with str... |
xmalloc.h | 1.20 | 3 years | djm | highly polished whitespace, mostly fixing spaces-for-tab and bad indentation on ... |
xmss_commons.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_commons.h | 1.3 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_fast.c | 1.3 | 6 years | markus | ssh/xmss: fix build; ok djm@ |
xmss_fast.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash_address.c | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_hash_address.h | 1.2 | 6 years | dtucker | Add $OpenBSD$ markers to xmss files to help keep synced with portable. ok djm@. |
xmss_wots.c | 1.3 | 6 years | djm | lots of typos in comments/docs. Patch from Karsten Weiss after checking with cod... |
xmss_wots.h | 1.3 | 6 years | dtucker | Remove unneeded (local) include. ok markus@ |
fe25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
fe25519.h (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
ge25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
ge25519.h (in the Attic) [Hide] | 1.4 | 9 years | miod | Declare ge25519_base as extern, to prevent it from becoming a common. Gets us ri... |
ge25519_base.data (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
sc25519.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
sc25519.h (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |
verify.c (in the Attic) [Hide] | 1.3 | 10 years | markus | Add Authors for the public domain ed25519/nacl code. see also http://nacl.cr.yp.... |