| History log of /src/lib/libpam/modules/pam_ssh |
| Revision | Date | Author | Comments |
| 1.14 | 13-Jul-2025 |
christos | Get ready to handle the openssl move from bsd -> apache2
|
| 1.13 | 01-Mar-2020 |
christos | branches: 1.13.10;
Redo the sshsk_sign() stuff properly, but putting the helper in libssh.so
|
| 1.12 | 01-Mar-2020 |
christos | Add the sign client part.
|
| 1.11 | 04-Feb-2018 |
christos | branches: 1.11.4; 1.11.6;
switch everyone to openssl.old
|
| 1.10 | 20-Jul-2009 |
christos | branches: 1.10.8; 1.10.14; 1.10.20;
use new openssh tree
|
| 1.9 | 20-Jul-2009 |
christos | use the proper libcrypto
|
| 1.8 | 09-Jun-2009 |
mrg | build libnetpgp and libssh earlier.
look for libssh in the right place.
|
| 1.7 | 27-Oct-2008 |
mrg | use LIBDPLIBS+= not =.
|
| 1.6 | 27-Oct-2008 |
mrg | don't set LIBDPLIBS in libpam/modules/Makefile - it is not necessary
and it interferes with the compat lib build. don't use LIB_ROOT_DIR.
|
| 1.5 | 03-Jan-2005 |
lukem | Build & install pam_ssh.so.0 now that libssh is available for use.
|
| 1.4 | 29-Dec-2004 |
lukem | Use LIBDPLIBS to provide the list of libraries for the modules to depend
upon, because:
* it's MUCH quicker; no need to calculate the OBJDIRS of every library
we might require in every subdir.
(make obj drops from 21s to 3s on my system.)
* it's more robust when building to a fresh DESTDIR.
|
| 1.3 | 29-Dec-2004 |
christos | Link with libraries from the source build directory.
|
| 1.2 | 12-Dec-2004 |
christos | - NetBSD build glue
- Warning fixes
- RCSID's
|
| 1.1 | 12-Dec-2004 |
christos | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 12-Dec-2004 |
christos | - Import freebsd's version of libpam as of today (20041212).
- Did not import opie, passwdqc, tacplus. We need to decide what to do
with them.
- Imported radius and ssh, although they will not work until we
import libradius and re-structure our tree to install libssh.
|
| 1.10.20.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.10.14.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.10.8.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.11.6.1 | 25-Dec-2023 |
martin | Pull up the following, requested by kim in ticket #1780:
crypto/external/bsd/openssh/Makefile.inc up to 1.15 (+patch)
crypto/external/bsd/openssh/bin/Makefile.inc up to 1.4
crypto/external/bsd/openssh/bin/scp/Makefile up to 1.6
crypto/external/bsd/openssh/bin/sftp/Makefile up to 1.11
crypto/external/bsd/openssh/bin/sftp-server/Makefile up to 1.4
crypto/external/bsd/openssh/bin/ssh/Makefile up to 1.20
crypto/external/bsd/openssh/bin/ssh-add/Makefile up to 1.3
crypto/external/bsd/openssh/bin/ssh-agent/Makefile up to 1.7
crypto/external/bsd/openssh/bin/ssh-keygen/Makefile up to 1.10
crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.6
crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile up to 1.4
crypto/external/bsd/openssh/bin/sshd/Makefile up to 1.27 (+patch)
crypto/external/bsd/openssh/dist/PROTOCOL.sshsig up to 1.1.1.2
crypto/external/bsd/openssh/dist/srclimit.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-realpath.c up to 1.3
crypto/external/bsd/openssh/dist/sntrup761.c up to 1.3
crypto/external/bsd/openssh/dist/sntrup761.sh up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshsig.c up to 1.12
crypto/external/bsd/openssh/dist/sshsig.h up to 1.1.1.5
crypto/external/bsd/openssh/dist/addr.c up to 1.6
crypto/external/bsd/openssh/dist/PROTOCOL.u2f up to 1.1.1.3
crypto/external/bsd/openssh/dist/sk-api.h up to 1.1.1.6
crypto/external/bsd/openssh/dist/sk-usbhid.c up to 1.9
crypto/external/bsd/openssh/dist/ssh-ecdsa-sk.c up to 1.4
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c up to 1.5
crypto/external/bsd/openssh/dist/ssh-sk-client.c up to 1.6
crypto/external/bsd/openssh/dist/ssh-sk-helper.8 up to 1.1.1.2
crypto/external/bsd/openssh/dist/ssh-sk-helper.c up to 1.7
crypto/external/bsd/openssh/dist/ssh-sk.c up to 1.8
crypto/external/bsd/openssh/dist/ssh-sk.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshbuf-io.c up to 1.2
crypto/external/bsd/openssh/dist/addr.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/kexsntrup761x25519.c up to 1.3
crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c up to 1.3
crypto/external/bsd/openssh/dist/srclimit.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-usergroup.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-usergroup.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/ed25519.sh up to 1.1.1.1
crypto/external/bsd/openssh/dist/crc32.c delete
crypto/external/bsd/openssh/dist/crc32.h delete
crypto/external/bsd/openssh/dist/fe25519.c delete
crypto/external/bsd/openssh/dist/fe25519.h delete
crypto/external/bsd/openssh/dist/ge25519.c delete
crypto/external/bsd/openssh/dist/ge25519.h delete
crypto/external/bsd/openssh/dist/ge25519_base.data delete
crypto/external/bsd/openssh/dist/kexsntrup4591761x25519.c delete
crypto/external/bsd/openssh/dist/sc25519.c delete
crypto/external/bsd/openssh/dist/sc25519.h delete
crypto/external/bsd/openssh/dist/sntrup4591761.c delete
crypto/external/bsd/openssh/dist/sntrup4591761.sh delete
crypto/external/bsd/openssh/dist/uuencode.c delete
crypto/external/bsd/openssh/dist/uuencode.h delete
crypto/external/bsd/openssh/dist/verify.c delete
crypto/external/bsd/openssh/dist/LICENCE up to 1.7
crypto/external/bsd/openssh/dist/PROTOCOL up to 1.23
crypto/external/bsd/openssh/dist/PROTOCOL.agent up to 1.15
crypto/external/bsd/openssh/dist/PROTOCOL.certkeys up to 1.13
crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.4
crypto/external/bsd/openssh/dist/PROTOCOL.key up to 1.1.1.3
crypto/external/bsd/openssh/dist/PROTOCOL.krl up to 1.1.1.5
crypto/external/bsd/openssh/dist/PROTOCOL.mux up to 1.12
crypto/external/bsd/openssh/dist/addrmatch.c up to 1.15
crypto/external/bsd/openssh/dist/auth-krb5.c up to 1.16
crypto/external/bsd/openssh/dist/auth-options.c up to 1.29
crypto/external/bsd/openssh/dist/auth-options.h up to 1.15
crypto/external/bsd/openssh/dist/auth-pam.c up to 1.21
crypto/external/bsd/openssh/dist/auth-passwd.c up to 1.13
crypto/external/bsd/openssh/dist/auth-rhosts.c up to 1.16
crypto/external/bsd/openssh/dist/auth.c up to 1.34
crypto/external/bsd/openssh/dist/auth.h up to 1.23
crypto/external/bsd/openssh/dist/auth2-chall.c up to 1.19
crypto/external/bsd/openssh/dist/auth2-gss.c up to 1.17
crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.23
crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.15
crypto/external/bsd/openssh/dist/auth2-krb5.c up to 1.10
crypto/external/bsd/openssh/dist/auth2-none.c up to 1.14
crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.16
crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.34
crypto/external/bsd/openssh/dist/auth2.c up to 1.29
crypto/external/bsd/openssh/dist/authfd.c up to 1.27
crypto/external/bsd/openssh/dist/authfd.h up to 1.17
crypto/external/bsd/openssh/dist/authfile.c up to 1.28
crypto/external/bsd/openssh/dist/authfile.h up to 1.10
crypto/external/bsd/openssh/dist/canohost.c up to 1.16
crypto/external/bsd/openssh/dist/chacha.c up to 1.6
crypto/external/bsd/openssh/dist/chacha.h up to 1.3
crypto/external/bsd/openssh/dist/channels.c up to 1.42
crypto/external/bsd/openssh/dist/channels.h up to 1.26
crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.7
crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.3
crypto/external/bsd/openssh/dist/cipher.c up to 1.21
crypto/external/bsd/openssh/dist/cipher.h up to 1.17
crypto/external/bsd/openssh/dist/clientloop.c up to 1.39
crypto/external/bsd/openssh/dist/clientloop.h up to 1.18
crypto/external/bsd/openssh/dist/compat.c up to 1.26
crypto/external/bsd/openssh/dist/compat.h up to 1.18
crypto/external/bsd/openssh/dist/crypto_api.h up to 1.5
crypto/external/bsd/openssh/dist/dh.c up to 1.20
crypto/external/bsd/openssh/dist/dh.h up to 1.13
crypto/external/bsd/openssh/dist/digest-libc.c up to 1.8
crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.9
crypto/external/bsd/openssh/dist/dispatch.c up to 1.11
crypto/external/bsd/openssh/dist/dns.c up to 1.23
crypto/external/bsd/openssh/dist/dns.h up to 1.13
crypto/external/bsd/openssh/dist/ed25519.c up to 1.6
crypto/external/bsd/openssh/dist/fatal.c up to 1.7
crypto/external/bsd/openssh/dist/getrrsetbyname.c up to 1.6
crypto/external/bsd/openssh/dist/gss-genr.c up to 1.11
crypto/external/bsd/openssh/dist/gss-serv.c up to 1.15
crypto/external/bsd/openssh/dist/hash.c up to 1.7
crypto/external/bsd/openssh/dist/hmac.c up to 1.8
crypto/external/bsd/openssh/dist/hostfile.c up to 1.23
crypto/external/bsd/openssh/dist/hostfile.h up to 1.11
crypto/external/bsd/openssh/dist/includes.h up to 1.9
crypto/external/bsd/openssh/dist/kex.c up to 1.34
crypto/external/bsd/openssh/dist/kex.h up to 1.24
crypto/external/bsd/openssh/dist/kexdh.c up to 1.10
crypto/external/bsd/openssh/dist/kexgen.c up to 1.7
crypto/external/bsd/openssh/dist/kexgexc.c up to 1.17
crypto/external/bsd/openssh/dist/kexgexs.c up to 1.23
crypto/external/bsd/openssh/dist/krl.c up to 1.23
crypto/external/bsd/openssh/dist/krl.h up to 1.6
crypto/external/bsd/openssh/dist/ldapauth.c up to 1.8
crypto/external/bsd/openssh/dist/ldapauth.h up to 1.6
crypto/external/bsd/openssh/dist/log.c up to 1.27
crypto/external/bsd/openssh/dist/log.h up to 1.17
crypto/external/bsd/openssh/dist/mac.c up to 1.16
crypto/external/bsd/openssh/dist/match.c up to 1.16
crypto/external/bsd/openssh/dist/match.h up to 1.11
crypto/external/bsd/openssh/dist/misc.c up to 1.35
crypto/external/bsd/openssh/dist/misc.h up to 1.27
crypto/external/bsd/openssh/dist/moduli up to 1.10
crypto/external/bsd/openssh/dist/moduli.c up to 1.17
crypto/external/bsd/openssh/dist/monitor.c up to 1.43
crypto/external/bsd/openssh/dist/monitor.h up to 1.13
crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.9
crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.34
crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.23
crypto/external/bsd/openssh/dist/msg.c up to 1.11
crypto/external/bsd/openssh/dist/mux.c up to 1.35
crypto/external/bsd/openssh/dist/myproposal.h up to 1.24
crypto/external/bsd/openssh/dist/namespace.h up to 1.10
crypto/external/bsd/openssh/dist/nchan.c up to 1.14
crypto/external/bsd/openssh/dist/packet.c up to 1.50
crypto/external/bsd/openssh/dist/packet.h up to 1.26
crypto/external/bsd/openssh/dist/pathnames.h up to 1.15
crypto/external/bsd/openssh/dist/pfilter.c up to 1.8 (+patch)
crypto/external/bsd/openssh/dist/poly1305.c up to 1.6
crypto/external/bsd/openssh/dist/progressmeter.c up to 1.15
crypto/external/bsd/openssh/dist/readconf.c up to 1.44
crypto/external/bsd/openssh/dist/readconf.h up to 1.34
crypto/external/bsd/openssh/dist/readpass.c up to 1.18
crypto/external/bsd/openssh/dist/rijndael.h up to 1.3
crypto/external/bsd/openssh/dist/sandbox-pledge.c up to 1.3
crypto/external/bsd/openssh/dist/sandbox-rlimit.c up to 1.7
crypto/external/bsd/openssh/dist/scp.1 up to 1.31
crypto/external/bsd/openssh/dist/scp.c up to 1.41
crypto/external/bsd/openssh/dist/servconf.c up to 1.44
crypto/external/bsd/openssh/dist/servconf.h up to 1.30
crypto/external/bsd/openssh/dist/serverloop.c up to 1.35
crypto/external/bsd/openssh/dist/session.c up to 1.38
crypto/external/bsd/openssh/dist/session.h up to 1.10
crypto/external/bsd/openssh/dist/sftp-client.c up to 1.35
crypto/external/bsd/openssh/dist/sftp-client.h up to 1.18
crypto/external/bsd/openssh/dist/sftp-common.c up to 1.14
crypto/external/bsd/openssh/dist/sftp-common.h up to 1.8
crypto/external/bsd/openssh/dist/sftp-glob.c up to 1.15
crypto/external/bsd/openssh/dist/sftp-server-main.c up to 1.8
crypto/external/bsd/openssh/dist/sftp-server.8 up to 1.14
crypto/external/bsd/openssh/dist/sftp-server.c up to 1.30
crypto/external/bsd/openssh/dist/sftp.1 up to 1.30
crypto/external/bsd/openssh/dist/sftp.c up to 1.39
crypto/external/bsd/openssh/dist/ssh-add.1 up to 1.18
crypto/external/bsd/openssh/dist/ssh-add.c up to 1.30
crypto/external/bsd/openssh/dist/ssh-agent.1 up to 1.19
crypto/external/bsd/openssh/dist/ssh-agent.c up to 1.37
crypto/external/bsd/openssh/dist/ssh-dss.c up to 1.18
crypto/external/bsd/openssh/dist/ssh-ecdsa.c up to 1.15
crypto/external/bsd/openssh/dist/ssh-ed25519.c up to 1.10
crypto/external/bsd/openssh/dist/ssh-gss.h up to 1.10
crypto/external/bsd/openssh/dist/ssh-keygen.1 up to 1.34
crypto/external/bsd/openssh/dist/ssh-keygen.c up to 1.46
crypto/external/bsd/openssh/dist/ssh-keyscan.1 up to 1.18
crypto/external/bsd/openssh/dist/ssh-keyscan.c up to 1.32
crypto/external/bsd/openssh/dist/ssh-keysign.8 up to 1.14
crypto/external/bsd/openssh/dist/ssh-keysign.c up to 1.24
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.19
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 up to 1.12
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.22
crypto/external/bsd/openssh/dist/ssh-pkcs11.c up to 1.26
crypto/external/bsd/openssh/dist/ssh-pkcs11.h up to 1.9
crypto/external/bsd/openssh/dist/ssh-rsa.c up to 1.19
crypto/external/bsd/openssh/dist/ssh-xmss.c up to 1.6
crypto/external/bsd/openssh/dist/ssh.1 up to 1.39
crypto/external/bsd/openssh/dist/ssh.c up to 1.45
crypto/external/bsd/openssh/dist/ssh.h up to 1.13
crypto/external/bsd/openssh/dist/ssh2.h up to 1.15
crypto/external/bsd/openssh/dist/ssh_api.c up to 1.15
crypto/external/bsd/openssh/dist/ssh_config up to 1.16
crypto/external/bsd/openssh/dist/ssh_config.5 up to 1.40
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.12
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.11
crypto/external/bsd/openssh/dist/sshbuf-misc.c up to 1.14
crypto/external/bsd/openssh/dist/sshbuf.c up to 1.14
crypto/external/bsd/openssh/dist/sshbuf.h up to 1.19
crypto/external/bsd/openssh/dist/sshconnect.c up to 1.37
crypto/external/bsd/openssh/dist/sshconnect.h up to 1.17
crypto/external/bsd/openssh/dist/sshconnect2.c up to 1.46
crypto/external/bsd/openssh/dist/sshd.8 up to 1.31
crypto/external/bsd/openssh/dist/sshd.c up to 1.50
crypto/external/bsd/openssh/dist/sshd_config up to 1.28
crypto/external/bsd/openssh/dist/sshd_config.5 up to 1.42
crypto/external/bsd/openssh/dist/ssherr.c up to 1.10
crypto/external/bsd/openssh/dist/ssherr.h up to 1.4
crypto/external/bsd/openssh/dist/sshkey-xmss.c up to 1.10
crypto/external/bsd/openssh/dist/sshkey-xmss.h up to 1.5
crypto/external/bsd/openssh/dist/sshkey.c up to 1.32
crypto/external/bsd/openssh/dist/sshkey.h up to 1.19
crypto/external/bsd/openssh/dist/sshlogin.c up to 1.13
crypto/external/bsd/openssh/dist/sshpty.c up to 1.8
crypto/external/bsd/openssh/dist/ttymodes.c up to 1.12
crypto/external/bsd/openssh/dist/uidswap.c up to 1.10
crypto/external/bsd/openssh/dist/umac.c up to 1.22
crypto/external/bsd/openssh/dist/umac.h up to 1.10
crypto/external/bsd/openssh/dist/utf8.c up to 1.9
crypto/external/bsd/openssh/dist/utf8.h up to 1.5
crypto/external/bsd/openssh/dist/version.h up to 1.44
crypto/external/bsd/openssh/dist/xmalloc.c up to 1.13
crypto/external/bsd/openssh/dist/xmalloc.h up to 1.16
crypto/external/bsd/openssh/dist/xmss_hash.c up to 1.3
crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.3
crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.3
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.16
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.18
crypto/external/bsd/openssh/lib/Makefile up to 1.38
crypto/external/bsd/openssh/lib/shlib_version up to 1.36
crypto/external/bsd/openssh/openssh2netbsd up to 1.4
lib/libpam/modules/pam_ssh/Makefile up to 1.13
lib/libpam/modules/pam_ssh/pam_ssh.c up to 1.30
distrib/sets/lists/base/shl.mi (apply patch)
distrib/sets/lists/debug/shl.mi (apply patch)
doc/3RDPARTY (apply patch)
Update OpenSSH to 9.6.
|
| 1.11.4.1 | 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
| 1.13.10.1 | 02-Aug-2025 |
perseant | Sync with HEAD
|
| 1.8 | 18-Mar-2014 |
riastradh | Merge riastradh-drm2 to HEAD.
|
| 1.7 | 20-Jul-2013 |
wiz | Use Mt for email addresses.
|
| 1.6 | 16-Dec-2011 |
drochner | branches: 1.6.6; 1.6.10;
support ECDSA keys used by recent ssh
|
| 1.5 | 28-Feb-2005 |
wiz | branches: 1.5.48;
Bump date for new SECURITY CONSIDERATIONS section.
|
| 1.4 | 27-Feb-2005 |
thorpej | Add a SECURITY CONSIDRATIONS section.
|
| 1.3 | 26-Feb-2005 |
thorpej | Minor wording consistency nit.
|
| 1.2 | 12-Dec-2004 |
christos | - NetBSD build glue
- Warning fixes
- RCSID's
|
| 1.1 | 12-Dec-2004 |
christos | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 12-Dec-2004 |
christos | - Import freebsd's version of libpam as of today (20041212).
- Did not import opie, passwdqc, tacplus. We need to decide what to do
with them.
- Imported radius and ssh, although they will not work until we
import libradius and re-structure our tree to install libssh.
|
| 1.5.48.2 | 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.5.48.1 | 17-Apr-2012 |
yamt | sync with head
|
| 1.6.10.1 | 23-Jul-2013 |
riastradh | sync with HEAD
|
| 1.6.6.1 | 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.32 | 12-Oct-2025 |
kre | Adapt call of ssh_add_identity_constrained() after openssh update
Note, this commit log entry belongs to the previous commit (1.31)
and is to fix my screwup in the previous commit, Apologies all.
With the recent openssh update, ssh_add_identity_constrained() has had
its "maxsign" parameter removed. Adapt the mapping macro from
ssh_add_identity() -> ssh_add_identity_constrained() to cope.
While here, change the octal 0 (00) that was being passed to as the
final (size_t) arg to be a nice simple decimal 0 instead.
This should fix the current build breakage.
|
| 1.31 | 12-Oct-2025 |
kre | /* $NetBSD: pam_ssh.c,v 1.30 2022/06/15 08:31:34 hannken Exp $ */
/*-
* Copyright (c) 2003 Networks Associates Technology, Inc.
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
* NAI Labs, the Security Research Division of Network Associates, Inc.
* under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
* DARPA CHATS research program.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ssh/pam_ssh.c,v 1.40 2004/02/10 10:13:21 des Exp $");
#else
__RCSID("$NetBSD: pam_ssh.c,v 1.30 2022/06/15 08:31:34 hannken Exp $");
#endif
#include <sys/param.h>
#include <sys/wait.h>
#include <errno.h>
#include <fcntl.h>
#include <paths.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#define PAM_SM_AUTH
#define PAM_SM_SESSION
#include <security/pam_appl.h>
#include <security/pam_modules.h>
#include <security/openpam.h>
#include <openssl/evp.h>
#include "sshkey.h"
#include "sshbuf.h"
#include "authfd.h"
#include "authfile.h"
#define ssh_add_identity(auth, key, comment) \
ssh_add_identity_constrained(auth, key, comment, 0, 0, NULL, NULL, 0)
extern char **environ;
struct pam_ssh_key {
struct sshkey *key;
char *comment;
};
static const char *pam_ssh_prompt = "SSH passphrase: ";
static const char *pam_ssh_have_keys = "pam_ssh_have_keys";
static const char *pam_ssh_keyfiles[] = {
".ssh/identity", /* SSH1 RSA key */
".ssh/id_rsa", /* SSH2 RSA key */
".ssh/id_dsa", /* SSH2 DSA key */
".ssh/id_ecdsa", /* SSH2 ECDSA key */
NULL
};
static const char *pam_ssh_agent = "/usr/bin/ssh-agent";
static const char *const pam_ssh_agent_argv[] = { "ssh_agent", "-s", NULL };
static const char *const pam_ssh_agent_envp[] = { NULL };
/*
* Attempts to load a private key from the specified file in the specified
* directory, using the specified passphrase. If successful, returns a
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
int r;
char *comment;
struct sshkey *key;
if (snprintf(fn, sizeof(fn), "%s/%s", dir, kfn) > (int)sizeof(fn))
return (NULL);
comment = NULL;
/*
* If the key is unencrypted, OpenSSL ignores the passphrase, so
* it will seem like the user typed in the right one. This allows
* a user to circumvent nullok by providing a dummy passphrase.
* Verify that the key really *is* encrypted by trying to load it
* with an empty passphrase, and if the key is not encrypted,
* accept only an empty passphrase.
*/
r = sshkey_load_private(fn, "", &key, &comment);
if (r == 0 && !(*passphrase == '\0' && nullok)) {
openpam_log(PAM_LOG_DEBUG, "rejected unencrypted key from %s", fn);
sshkey_free(key);
free(comment);
return (NULL);
}
if (r)
r = sshkey_load_private(fn, passphrase, &key, &comment);
if (r) {
openpam_log(PAM_LOG_DEBUG, "failed to load key from %s", fn);
if (comment != NULL)
free(comment);
return (NULL);
}
openpam_log(PAM_LOG_DEBUG, "loaded '%s' from %s", comment, fn);
if ((psk = malloc(sizeof(*psk))) == NULL) {
sshkey_free(key);
free(comment);
return (NULL);
}
psk->key = key;
psk->comment = comment;
return (psk);
}
/*
* Wipes a private key and frees the associated resources.
*/
static void
pam_ssh_free_key(pam_handle_t *pamh __unused,
void *data, int pam_err __unused)
{
struct pam_ssh_key *psk;
psk = data;
sshkey_free(psk->key);
free(psk->comment);
free(psk);
}
PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
int argc __unused, const char *argv[] __unused)
{
const char **kfn, *passphrase, *user;
const void *item;
struct passwd *pwd, pwres;
struct pam_ssh_key *psk;
int nkeys, nullok, pam_err, pass;
char pwbuf[1024];
nullok = (openpam_get_option(pamh, "nullok") != NULL);
/* PEM is not loaded by default */
OpenSSL_add_all_algorithms();
/* get user name and home directory */
pam_err = pam_get_user(pamh, &user, NULL);
if (pam_err != PAM_SUCCESS)
return (pam_err);
if (getpwnam_r(user, &pwres, pwbuf, sizeof(pwbuf), &pwd) != 0 ||
pwd == NULL)
return (PAM_USER_UNKNOWN);
if (pwd->pw_dir == NULL)
return (PAM_AUTH_ERR);
nkeys = 0;
pass = (pam_get_item(pamh, PAM_AUTHTOK, &item) == PAM_SUCCESS &&
item != NULL);
load_keys:
/* get passphrase */
pam_err = pam_get_authtok(pamh, PAM_AUTHTOK,
&passphrase, pam_ssh_prompt);
if (pam_err != PAM_SUCCESS)
return (pam_err);
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
return (pam_err);
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
psk = pam_ssh_load_key(pwd->pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
}
}
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
* user for a new passphrase.
*/
if (nkeys == 0 && pass == 1 &&
openpam_get_option(pamh, "try_first_pass") != NULL) {
pam_set_item(pamh, PAM_AUTHTOK, NULL);
pass = 0;
goto load_keys;
}
/* no keys? */
if (nkeys == 0)
return (PAM_AUTH_ERR);
pam_set_data(pamh, pam_ssh_have_keys, NULL, NULL);
return (PAM_SUCCESS);
}
PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused,
int argc __unused, const char *argv[] __unused)
{
return (PAM_SUCCESS);
}
/*
* Parses a line from ssh-agent's output.
*/
static void
pam_ssh_process_agent_output(pam_handle_t *pamh, FILE *f)
{
char *line, *p, *key, *val;
size_t len;
while ((line = fgetln(f, &len)) != NULL) {
if (len < 4 || strncmp(line, "SSH_", 4) != 0)
continue;
/* find equal sign at end of key */
for (p = key = line; p < line + len; ++p)
if (*p == '=')
break;
if (p == line + len || *p != '=')
continue;
*p = '\0';
/* find semicolon at end of value */
for (val = ++p; p < line + len; ++p)
if (*p == ';')
break;
if (p == line + len || *p != ';')
continue;
*p = '\0';
/* store key-value pair in environment */
openpam_log(PAM_LOG_DEBUG, "got %s: %s", key, val);
pam_setenv(pamh, key, val, 1);
}
}
/*
* Starts an ssh agent and stores the environment variables derived from
* its output.
*/
static int
pam_ssh_start_agent(pam_handle_t *pamh, struct passwd *pwd)
{
int agent_pipe[2];
pid_t pid;
FILE *f;
/* get a pipe which we will use to read the agent's output */
if (pipe(agent_pipe) == -1)
return (PAM_SYSTEM_ERR);
/* start the agent */
openpam_log(PAM_LOG_DEBUG, "starting an ssh agent");
pid = fork();
if (pid == (pid_t)-1) {
/* failed */
close(agent_pipe[0]);
close(agent_pipe[1]);
return (PAM_SYSTEM_ERR);
}
if (pid == 0) {
#ifndef F_CLOSEM
int fd;
#endif
/* child: drop privs, close fds and start agent */
if (setgid(pwd->pw_gid) == -1) {
openpam_log(PAM_LOG_DEBUG, "%s: Cannot setgid %d (%s)",
__func__, (int)pwd->pw_gid, strerror(errno));
goto done;
}
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
openpam_log(PAM_LOG_DEBUG,
"%s: Cannot initgroups for %s (%s)",
__func__, pwd->pw_name, strerror(errno));
goto done;
}
if (setuid(pwd->pw_uid) == -1) {
openpam_log(PAM_LOG_DEBUG, "%s: Cannot setuid %d (%s)",
__func__, (int)pwd->pw_uid, strerror(errno));
goto done;
}
(void)close(STDIN_FILENO);
(void)open(_PATH_DEVNULL, O_RDONLY);
(void)dup2(agent_pipe[1], STDOUT_FILENO);
(void)dup2(agent_pipe[1], STDERR_FILENO);
#ifdef F_CLOSEM
(void)fcntl(3, F_CLOSEM, 0);
#else
for (fd = 3; fd < getdtablesize(); ++fd)
(void)close(fd);
#endif
(void)execve(pam_ssh_agent,
(char **)__UNCONST(pam_ssh_agent_argv),
(char **)__UNCONST(pam_ssh_agent_envp));
done:
_exit(127);
}
/* parent */
close(agent_pipe[1]);
if ((f = fdopen(agent_pipe[0], "r")) == NULL)
return (PAM_SYSTEM_ERR);
pam_ssh_process_agent_output(pamh, f);
fclose(f);
return (PAM_SUCCESS);
}
/*
* Adds previously stored keys to a running agent.
*/
static int
pam_ssh_add_keys_to_agent(pam_handle_t *pamh)
{
const struct pam_ssh_key *psk;
const char **kfn;
char **envlist, **env;
int pam_err;
int agent_fd;
/* switch to PAM environment */
envlist = environ;
if ((environ = pam_getenvlist(pamh)) == NULL) {
openpam_log(PAM_LOG_DEBUG, "%s: cannot get envlist",
__func__);
environ = envlist;
return (PAM_SYSTEM_ERR);
}
/* get a connection to the agent */
if (ssh_get_authentication_socket(&agent_fd) != 0) {
openpam_log(PAM_LOG_DEBUG,
"%s: cannot get authentication connection",
__func__);
pam_err = PAM_SYSTEM_ERR;
agent_fd = -1;
goto end;
}
/* look for keys to add to it */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
const void *vp;
pam_err = pam_get_data(pamh, *kfn, &vp);
psk = vp;
if (pam_err == PAM_SUCCESS && psk != NULL) {
if (ssh_add_identity(agent_fd, psk->key, psk->comment))
openpam_log(PAM_LOG_DEBUG,
"added %s to ssh agent", psk->comment);
else
openpam_log(PAM_LOG_DEBUG, "failed "
"to add %s to ssh agent", psk->comment);
/* we won't need the key again, so wipe it */
pam_set_data(pamh, *kfn, NULL, NULL);
}
}
pam_err = PAM_SUCCESS;
end:
/* disconnect from agent */
if (agent_fd != -1)
ssh_close_authentication_socket(agent_fd);
/* switch back to original environment */
for (env = environ; *env != NULL; ++env)
free(*env);
free(environ);
environ = envlist;
return (pam_err);
}
PAM_EXTERN int
pam_sm_open_session(pam_handle_t *pamh, int flags __unused,
int argc __unused, const char *argv[] __unused)
{
struct passwd *pwd, pwres;
const char *user;
const void *data;
int pam_err = PAM_SUCCESS;
char pwbuf[1024];
/* no keys, no work */
if (pam_get_data(pamh, pam_ssh_have_keys, &data) != PAM_SUCCESS &&
openpam_get_option(pamh, "want_agent") == NULL)
return (PAM_SUCCESS);
/* switch to user credentials */
pam_err = pam_get_user(pamh, &user, NULL);
if (pam_err != PAM_SUCCESS)
return (pam_err);
if (getpwnam_r(user, &pwres, pwbuf, sizeof(pwbuf), &pwd) != 0 ||
pwd == NULL)
return (PAM_USER_UNKNOWN);
/* start the agent */
pam_err = pam_ssh_start_agent(pamh, pwd);
if (pam_err != PAM_SUCCESS)
return pam_err;
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
return pam_err;
/* we have an agent, see if we can add any keys to it */
pam_err = pam_ssh_add_keys_to_agent(pamh);
if (pam_err != PAM_SUCCESS) {
/* XXX ignore failures */
openpam_log(PAM_LOG_DEBUG, "failed adding keys to ssh agent");
pam_err = PAM_SUCCESS;
}
openpam_restore_cred(pamh);
return pam_err;
}
PAM_EXTERN int
pam_sm_close_session(pam_handle_t *pamh, int flags __unused,
int argc __unused, const char *argv[] __unused)
{
const char *ssh_agent_pid;
char *end;
int status;
pid_t pid;
if ((ssh_agent_pid = pam_getenv(pamh, "SSH_AGENT_PID")) == NULL) {
openpam_log(PAM_LOG_DEBUG, "no ssh agent");
return (PAM_SUCCESS);
}
pid = (pid_t)strtol(ssh_agent_pid, &end, 10);
if (*ssh_agent_pid == '\0' || *end != '\0') {
openpam_log(PAM_LOG_DEBUG, "invalid ssh agent pid");
return (PAM_SESSION_ERR);
}
openpam_log(PAM_LOG_DEBUG, "killing ssh agent %d", (int)pid);
if (kill(pid, SIGTERM) == -1 ||
(waitpid(pid, &status, 0) == -1 && errno != ECHILD))
return (PAM_SYSTEM_ERR);
return (PAM_SUCCESS);
}
PAM_MODULE_ENTRY("pam_ssh");
|
| 1.30 | 15-Jun-2022 |
hannken | Set provider to NULL -- "pam" is not a valid security key helper library.
Now ssh-agent no longer fails key addition with
error: Cannot add provider: RSA is not an authenticator-hosted key
|
| 1.29 | 24-Feb-2022 |
christos | Add constrain arguments
|
| 1.28 | 27-Feb-2020 |
christos | This takes a provider now
|
| 1.27 | 01-Jun-2019 |
mlelstv | branches: 1.27.2;
Fix key loading logic and add log message when rejecting an unencrypted key.
|
| 1.26 | 26-Aug-2018 |
christos | adjust to new libssh api.
|
| 1.25 | 07-Apr-2018 |
christos | branches: 1.25.2;
fix and use the macro.
|
| 1.24 | 07-Apr-2018 |
christos | function grew an extra argument now.
|
| 1.23 | 04-Apr-2015 |
christos | branches: 1.23.14;
Adapt to the new API.
|
| 1.22 | 06-Jan-2012 |
drochner | branches: 1.22.2; 1.22.8; 1.22.14; 1.22.18;
pull in from FreeBSD rev.1.41: Narrow the use of user credentials.
(call pam_get_authtok() with caller's rights rather than user's)
|
| 1.21 | 03-Jan-2012 |
christos | avoid using %m in format.
|
| 1.20 | 16-Dec-2011 |
drochner | support ECDSA keys used by recent ssh
|
| 1.19 | 16-Dec-2011 |
drochner | disallow empty passphrases per default, and implement the "nullok"
option to allow it if the administator wishes, from FreeBSD
|
| 1.18 | 16-Dec-2011 |
drochner | -remove remainders of the misguided changes in revs 1.5-1.9
-iron out more unnecessary differences to FreeBSD
|
| 1.17 | 06-May-2011 |
drochner | branches: 1.17.4;
remove excess newlines in debug output
|
| 1.16 | 21-Nov-2010 |
adam | Use ssh_add_identity_constrained() instead of ssh_add_identity()
|
| 1.15 | 27-Jan-2008 |
christos | Fix compilation
|
| 1.14 | 15-Sep-2007 |
ragge | __FUNCTION__ -> __func__.
|
| 1.13 | 29-Sep-2006 |
dogcow | branches: 1.13.8;
new ssh import requires another include
|
| 1.12 | 19-Mar-2006 |
jnemeth | Fix coverity run 5, issue 2018 -- memory leak.
Approved by christos.
|
| 1.11 | 19-Apr-2005 |
christos | check for pwd != in getpw*_r functions.
|
| 1.10 | 31-Mar-2005 |
thorpej | Use getpwnam_r().
|
| 1.9 | 17-Mar-2005 |
christos | remove debugging printf's
|
| 1.8 | 14-Mar-2005 |
christos | branches: 1.8.2;
remove code to deal with authorized keys. it has no place here.
|
| 1.7 | 14-Mar-2005 |
christos | Go back to rev-1.5. This is better than what was there before, but I am
still uncertain about the proper way to dealing what keys to accept.
|
| 1.6 | 14-Mar-2005 |
christos | Revert previous. This is not the right fix.
|
| 1.5 | 14-Mar-2005 |
christos | Do not let keys that are not listed in authorized_keys participate
in authentication. Problem reported by Maximum Entropy.
|
| 1.4 | 27-Feb-2005 |
christos | NetBSD does not allow setuid(user) when euid=user, and ruid=0. Change
the logic for setting the uid/gid/groups for the agent around and also
add error checking. I.e. Don't exec the agent, if we could not set
the proper environment for it. Add a few more debugging lines. Now ssh
authentication works through xdm.
|
| 1.3 | 03-Jan-2005 |
lukem | s/ifndef/ifdef/ for __FreeBSD__
|
| 1.2 | 12-Dec-2004 |
christos | - NetBSD build glue
- Warning fixes
- RCSID's
|
| 1.1 | 12-Dec-2004 |
christos | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 12-Dec-2004 |
christos | - Import freebsd's version of libpam as of today (20041212).
- Did not import opie, passwdqc, tacplus. We need to decide what to do
with them.
- Imported radius and ssh, although they will not work until we
import libradius and re-structure our tree to install libssh.
|
| 1.8.2.4 | 05-Jan-2007 |
tron | Apply patch (request by ghen in ticket #1617):
Update OpenPAM to 20050616 ("Figwort") and add the pam_afslog(8)
authentication module.
|
| 1.8.2.3 | 11-Jul-2005 |
tron | Pull up revision 1.11 (requested by lukem in ticket #539):
check for pwd != in getpw*_r functions.
|
| 1.8.2.2 | 04-Apr-2005 |
tron | Pull up revision 1.10 (requested by thorpej in ticket #96):
Use getpwnam_r().
|
| 1.8.2.1 | 19-Mar-2005 |
tron | Pull up revision 1.9 (requested by christos in ticket #23):
remove debugging printf's
|
| 1.13.8.2 | 23-Mar-2008 |
matt | sync with HEAD
|
| 1.13.8.1 | 06-Nov-2007 |
matt | sync with HEAD
|
| 1.17.4.1 | 17-Apr-2012 |
yamt | sync with head
|
| 1.22.18.1 | 30-Apr-2015 |
riz | Pull up blacklistd(8), requested by christos in ticket #711:
crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1024 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.1.1.1
crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c up to 1.2
crypto/external/bsd/openssh/dist/kexc25519.c up to 1.3
crypto/external/bsd/openssh/dist/smult_curve25519_ref.c up to 1.3
crypto/external/bsd/openssh/dist/bitmap.c up to 1.2 plus patch
crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.1
crypto/external/bsd/openssh/dist/PROTOCOL.key up to 1.1.1.1
crypto/external/bsd/openssh/dist/blf.h up to 1.1
crypto/external/bsd/openssh/dist/blocks.c up to 1.3
crypto/external/bsd/openssh/dist/blowfish.c up to 1.2
crypto/external/bsd/openssh/dist/chacha.c up to 1.3
crypto/external/bsd/openssh/dist/chacha.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/cipher-aesctr.c up to 1.1.1.2
crypto/external/bsd/openssh/dist/cipher-aesctr.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.3
crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/crypto_api.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/digest-libc.c up to 1.3
crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.3
crypto/external/bsd/openssh/dist/digest.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/ed25519.c up to 1.3
crypto/external/bsd/openssh/dist/fe25519.c up to 1.3
crypto/external/bsd/openssh/dist/fe25519.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/ge25519.c up to 1.3
crypto/external/bsd/openssh/dist/ge25519.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/ge25519_base.data up to 1.1.1.1
crypto/external/bsd/openssh/dist/hash.c up to 1.3
crypto/external/bsd/openssh/dist/hmac.c up to 1.3
crypto/external/bsd/openssh/dist/hmac.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/kexc25519c.c up to 1.3
crypto/external/bsd/openssh/dist/kexc25519s.c up to 1.3
crypto/external/bsd/openssh/dist/poly1305.c up to 1.3
crypto/external/bsd/openssh/dist/poly1305.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/rijndael.c up to 1.1.1.2
crypto/external/bsd/openssh/dist/rijndael.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/sc25519.c up to 1.3
crypto/external/bsd/openssh/dist/sc25519.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/ssh-ed25519.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-misc.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf.h up to 1.4
crypto/external/bsd/openssh/dist/ssherr.c up to 1.3
crypto/external/bsd/openssh/dist/ssherr.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshkey.c up to 1.3
crypto/external/bsd/openssh/dist/sshkey.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/verify.c up to 1.3
crypto/external/bsd/openssh/dist/opacket.c up to 1.2
crypto/external/bsd/openssh/dist/umac128.c up to 1.1
crypto/external/bsd/openssh/dist/pfilter.c up to 1.2
crypto/external/bsd/openssh/dist/pfilter.h up to 1.1
crypto/external/bsd/openssh/dist/bitmap.h up to 1.2
crypto/external/bsd/openssh/dist/opacket.h up to 1.2
crypto/external/bsd/openssh/dist/ssh_api.c up to 1.2
crypto/external/bsd/openssh/dist/ssh_api.h up to 1.2
crypto/external/bsd/openssh/dist/auth2-jpake.c delete
crypto/external/bsd/openssh/dist/compress.c delete
crypto/external/bsd/openssh/dist/compress.h delete
crypto/external/bsd/openssh/dist/jpake.c delete
crypto/external/bsd/openssh/dist/jpake.h delete
crypto/external/bsd/openssh/dist/schnorr.c delete
crypto/external/bsd/openssh/dist/schnorr.h delete
crypto/external/bsd/openssh/dist/strtonum.c 1.1
crypto/external/bsd/openssh/Makefile.inc up to 1.8
crypto/external/bsd/openssh/bin/Makefile.inc up to 1.3
crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.2
crypto/external/bsd/openssh/bin/sshd/Makefile up to 1.12
crypto/external/bsd/openssh/dist/PROTOCOL up to 1.5
crypto/external/bsd/openssh/dist/PROTOCOL.krl up to 1.1.1.2
crypto/external/bsd/openssh/dist/addrmatch.c up to 1.8
crypto/external/bsd/openssh/dist/atomicio.c up to 1.6
crypto/external/bsd/openssh/dist/auth-bsdauth.c up to 1.4
crypto/external/bsd/openssh/dist/auth-chall.c up to 1.6
crypto/external/bsd/openssh/dist/auth-krb5.c up to 1.7
crypto/external/bsd/openssh/dist/auth-options.c up to 1.9
crypto/external/bsd/openssh/dist/auth-options.h up to 1.6
crypto/external/bsd/openssh/dist/auth-passwd.c up to 1.4
crypto/external/bsd/openssh/dist/auth-rh-rsa.c up to 1.6
crypto/external/bsd/openssh/dist/auth-rhosts.c up to 1.5
crypto/external/bsd/openssh/dist/auth-rsa.c up to 1.10
crypto/external/bsd/openssh/dist/auth.c up to 1.12
crypto/external/bsd/openssh/dist/auth.h up to 1.10
crypto/external/bsd/openssh/dist/auth1.c up to 1.11
crypto/external/bsd/openssh/dist/auth2-chall.c up to 1.7
crypto/external/bsd/openssh/dist/auth2-gss.c up to 1.8
crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.7
crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.5
crypto/external/bsd/openssh/dist/auth2-krb5.c up to 1.4
crypto/external/bsd/openssh/dist/auth2-none.c up to 1.5
crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.5
crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.11
crypto/external/bsd/openssh/dist/auth2.c up to 1.11
crypto/external/bsd/openssh/dist/authfd.c up to 1.8
crypto/external/bsd/openssh/dist/authfd.h up to 1.5
crypto/external/bsd/openssh/dist/authfile.c up to 1.10
crypto/external/bsd/openssh/dist/authfile.h up to 1.6
crypto/external/bsd/openssh/dist/bufaux.c up to 1.7
crypto/external/bsd/openssh/dist/bufbn.c up to 1.5
crypto/external/bsd/openssh/dist/bufec.c up to 1.5
crypto/external/bsd/openssh/dist/buffer.c up to 1.6
crypto/external/bsd/openssh/dist/buffer.h up to 1.7
crypto/external/bsd/openssh/dist/canohost.c up to 1.8
crypto/external/bsd/openssh/dist/channels.c up to 1.13
crypto/external/bsd/openssh/dist/channels.h up to 1.10
crypto/external/bsd/openssh/dist/cipher-3des1.c up to 1.7
crypto/external/bsd/openssh/dist/cipher-bf1.c up to 1.6
crypto/external/bsd/openssh/dist/cipher.c up to 1.7
crypto/external/bsd/openssh/dist/cipher.h up to 1.7
crypto/external/bsd/openssh/dist/clientloop.c up to 1.13
crypto/external/bsd/openssh/dist/compat.c up to 1.9
crypto/external/bsd/openssh/dist/compat.h up to 1.6
crypto/external/bsd/openssh/dist/deattack.c up to 1.4
crypto/external/bsd/openssh/dist/deattack.h up to 1.4
crypto/external/bsd/openssh/dist/dh.c up to 1.8
crypto/external/bsd/openssh/dist/dh.h up to 1.4
crypto/external/bsd/openssh/dist/dispatch.c up to 1.5
crypto/external/bsd/openssh/dist/dispatch.h up to 1.4
crypto/external/bsd/openssh/dist/dns.c up to 1.11
crypto/external/bsd/openssh/dist/dns.h up to 1.6
crypto/external/bsd/openssh/dist/groupaccess.c up to 1.5
crypto/external/bsd/openssh/dist/gss-genr.c up to 1.7
crypto/external/bsd/openssh/dist/gss-serv-krb5.c up to 1.8
crypto/external/bsd/openssh/dist/gss-serv.c up to 1.7
crypto/external/bsd/openssh/dist/hostfile.c up to 1.7
crypto/external/bsd/openssh/dist/hostfile.h up to 1.7
crypto/external/bsd/openssh/dist/includes.h up to 1.4
crypto/external/bsd/openssh/dist/kex.c up to 1.10
crypto/external/bsd/openssh/dist/kex.h up to 1.9
crypto/external/bsd/openssh/dist/kexdh.c up to 1.4
crypto/external/bsd/openssh/dist/kexdhc.c up to 1.6
crypto/external/bsd/openssh/dist/kexdhs.c up to 1.8
crypto/external/bsd/openssh/dist/kexecdh.c up to 1.5
crypto/external/bsd/openssh/dist/kexecdhc.c up to 1.5
crypto/external/bsd/openssh/dist/kexecdhs.c up to 1.5
crypto/external/bsd/openssh/dist/kexgex.c up to 1.4
crypto/external/bsd/openssh/dist/kexgexc.c up to 1.6
crypto/external/bsd/openssh/dist/kexgexs.c up to 1.8
crypto/external/bsd/openssh/dist/key.c up to 1.16
crypto/external/bsd/openssh/dist/key.h up to 1.9
crypto/external/bsd/openssh/dist/krl.c up to 1.5
crypto/external/bsd/openssh/dist/krl.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/mac.c up to 1.11
crypto/external/bsd/openssh/dist/mac.h up to 1.5
crypto/external/bsd/openssh/dist/match.c up to 1.5
crypto/external/bsd/openssh/dist/misc.c up to 1.10
crypto/external/bsd/openssh/dist/misc.h up to 1.9 plus patch
crypto/external/bsd/openssh/dist/moduli.c up to 1.8
crypto/external/bsd/openssh/dist/monitor.c up to 1.14
crypto/external/bsd/openssh/dist/monitor.h up to 1.7
crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.5
crypto/external/bsd/openssh/dist/monitor_mm.c up to 1.6
crypto/external/bsd/openssh/dist/monitor_mm.h up to 1.4
crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.11
crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.8
crypto/external/bsd/openssh/dist/msg.c up to 1.4
crypto/external/bsd/openssh/dist/msg.h up to 1.4
crypto/external/bsd/openssh/dist/mux.c up to 1.11
crypto/external/bsd/openssh/dist/myproposal.h up to 1.10
crypto/external/bsd/openssh/dist/namespace.h up to 1.5
crypto/external/bsd/openssh/dist/packet.c up to 1.18
crypto/external/bsd/openssh/dist/packet.h up to 1.11
crypto/external/bsd/openssh/dist/pathnames.h up to 1.9
crypto/external/bsd/openssh/dist/pkcs11.h up to 1.4
crypto/external/bsd/openssh/dist/progressmeter.c up to 1.7
crypto/external/bsd/openssh/dist/progressmeter.h up to 1.4
crypto/external/bsd/openssh/dist/reallocarray.c new
crypto/external/bsd/openssh/dist/readconf.c up to 1.13
crypto/external/bsd/openssh/dist/readconf.h up to 1.12
crypto/external/bsd/openssh/dist/readpass.c up to 1.6
crypto/external/bsd/openssh/dist/roaming_client.c up to 1.7
crypto/external/bsd/openssh/dist/roaming_common.c up to 1.9
crypto/external/bsd/openssh/dist/roaming_dummy.c up to 1.4
crypto/external/bsd/openssh/dist/rsa.c up to 1.5
crypto/external/bsd/openssh/dist/rsa.h up to 1.4
crypto/external/bsd/openssh/dist/sandbox-systrace.c up to 1.1.1.5
crypto/external/bsd/openssh/dist/scp.1 up to 1.9
crypto/external/bsd/openssh/dist/scp.c up to 1.11
crypto/external/bsd/openssh/dist/servconf.c up to 1.17
crypto/external/bsd/openssh/dist/servconf.h up to 1.11
crypto/external/bsd/openssh/dist/serverloop.c up to 1.12
crypto/external/bsd/openssh/dist/session.c up to 1.14
crypto/external/bsd/openssh/dist/session.h up to 1.4
crypto/external/bsd/openssh/dist/sftp-client.c up to 1.13
crypto/external/bsd/openssh/dist/sftp-client.h up to 1.7
crypto/external/bsd/openssh/dist/sftp-common.c up to 1.7
crypto/external/bsd/openssh/dist/sftp-common.h up to 1.5
crypto/external/bsd/openssh/dist/sftp-glob.c up to 1.8
crypto/external/bsd/openssh/dist/sftp-server.8 up to 1.9
crypto/external/bsd/openssh/dist/sftp-server.c up to 1.11
crypto/external/bsd/openssh/dist/sftp.1 up to 1.11
crypto/external/bsd/openssh/dist/sftp.c up to 1.15
crypto/external/bsd/openssh/dist/ssh-add.1 up to 1.9
crypto/external/bsd/openssh/dist/ssh-add.c up to 1.10
crypto/external/bsd/openssh/dist/ssh-agent.1 up to 1.8
crypto/external/bsd/openssh/dist/ssh-agent.c up to 1.14
crypto/external/bsd/openssh/dist/ssh-dss.c up to 1.7
crypto/external/bsd/openssh/dist/ssh-ecdsa.c up to 1.6
crypto/external/bsd/openssh/dist/ssh-gss.h up to 1.5
crypto/external/bsd/openssh/dist/ssh-keygen.1 up to 1.13
crypto/external/bsd/openssh/dist/ssh-keygen.c up to 1.16
crypto/external/bsd/openssh/dist/ssh-keyscan.1 up to 1.10
crypto/external/bsd/openssh/dist/ssh-keyscan.c up to 1.13
crypto/external/bsd/openssh/dist/ssh-keysign.8 up to 1.9
crypto/external/bsd/openssh/dist/ssh-keysign.c up to 1.8
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.6
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.8
crypto/external/bsd/openssh/dist/ssh-pkcs11.c up to 1.7
crypto/external/bsd/openssh/dist/ssh-pkcs11.h up to 1.4
crypto/external/bsd/openssh/dist/ssh-rsa.c up to 1.7
crypto/external/bsd/openssh/dist/ssh.1 up to 1.14
crypto/external/bsd/openssh/dist/ssh.c up to 1.16
crypto/external/bsd/openssh/dist/ssh2.h up to 1.6
crypto/external/bsd/openssh/dist/ssh_config up to 1.8
crypto/external/bsd/openssh/dist/ssh_config.5 up to 1.13
crypto/external/bsd/openssh/dist/sshconnect.c up to 1.11
crypto/external/bsd/openssh/dist/sshconnect.h up to 1.6
crypto/external/bsd/openssh/dist/sshconnect1.c up to 1.6
crypto/external/bsd/openssh/dist/sshconnect2.c up to 1.19
crypto/external/bsd/openssh/dist/sshd.8 up to 1.13
crypto/external/bsd/openssh/dist/sshd.c up to 1.18
crypto/external/bsd/openssh/dist/sshd_config up to 1.13
crypto/external/bsd/openssh/dist/sshd_config.5 up to 1.17
crypto/external/bsd/openssh/dist/sshlogin.c up to 1.6
crypto/external/bsd/openssh/dist/sshpty.c up to 1.4
crypto/external/bsd/openssh/dist/uidswap.c up to 1.4
crypto/external/bsd/openssh/dist/umac.c up to 1.9
crypto/external/bsd/openssh/dist/version.h up to 1.14
crypto/external/bsd/openssh/dist/xmalloc.c up to 1.5
crypto/external/bsd/openssh/lib/Makefile up to 1.17 plus patch
crypto/external/bsd/openssh/lib/shlib_version up to 1.13
distrib/sets/lists/base/ad.aarch64 patch
distrib/sets/lists/base/ad.arm patch
distrib/sets/lists/base/ad.mips patch
distrib/sets/lists/base/ad.powerpc patch
distrib/sets/lists/base/md.amd64 patch
distrib/sets/lists/base/md.sparc64 patch
distrib/sets/lists/base/mi patch
distrib/sets/lists/base/shl.mi patch
distrib/sets/lists/comp/ad.aarch64 patch
distrib/sets/lists/comp/ad.arm patch
distrib/sets/lists/comp/ad.mips patch
distrib/sets/lists/comp/ad.powerpc patch
distrib/sets/lists/comp/md.amd64 patch
distrib/sets/lists/comp/md.sparc64 patch
distrib/sets/lists/comp/mi patch
distrib/sets/lists/comp/shl.mi patch
distrib/sets/lists/debug/ad.aarch64 patch
distrib/sets/lists/debug/ad.arm patch
distrib/sets/lists/debug/ad.mips patch
distrib/sets/lists/debug/ad.powerpc patch
distrib/sets/lists/debug/md.amd64 patch
distrib/sets/lists/debug/md.sparc64 patch
distrib/sets/lists/debug/shl.mi patch
distrib/sets/lists/etc/mi patch
distrib/sets/lists/man/mi patch
etc/defaults/rc.conf 1.130
etc/mtree/NetBSD.dist.base 1.142
external/bsd/Makefile up to 1.48
external/bsd/blacklist/bin/Makefile up to 1.11 plus patch
external/bsd/blacklist/bin/blacklistctl.8 up to 1.6
external/bsd/blacklist/bin/blacklistctl.c up to 1.17
external/bsd/blacklist/bin/blacklistd.8 up to 1.10
external/bsd/blacklist/bin/blacklistd.c up to 1.32
external/bsd/blacklist/bin/blacklistd.conf.5 up to 1.2
external/bsd/blacklist/bin/conf.c up to 1.18
external/bsd/blacklist/bin/conf.h up to 1.6
external/bsd/blacklist/bin/internal.c up to 1.5
external/bsd/blacklist/bin/internal.h up to 1.12
external/bsd/blacklist/bin/run.c up to 1.12
external/bsd/blacklist/bin/run.h up to 1.5
external/bsd/blacklist/bin/state.c up to 1.15
external/bsd/blacklist/bin/state.h up to 1.5
external/bsd/blacklist/bin/support.c up to 1.6
external/bsd/blacklist/bin/support.h up to 1.5
external/bsd/blacklist/etc/rc.d/Makefile up to 1.1
external/bsd/blacklist/etc/rc.d/blacklistd up to 1.1
external/bsd/blacklist/etc/Makefile up to 1.3
external/bsd/blacklist/etc/blacklistd.conf up to 1.3
external/bsd/blacklist/etc/npf.conf up to 1.1
external/bsd/blacklist/Makefile up to 1.2
external/bsd/blacklist/Makefile.inc up to 1.3
external/bsd/blacklist/README up to 1.7
external/bsd/blacklist/TODO up to 1.7
external/bsd/blacklist/diff/ftpd.diff up to 1.1
external/bsd/blacklist/diff/named.diff up to 1.6
external/bsd/blacklist/diff/ssh.diff up to 1.6
external/bsd/blacklist/include/Makefile up to 1.1
external/bsd/blacklist/include/bl.h up to 1.12
external/bsd/blacklist/include/blacklist.h up to 1.3
external/bsd/blacklist/include/config.h new
external/bsd/blacklist/lib/Makefile up to 1.3
external/bsd/blacklist/lib/bl.c up to 1.24
external/bsd/blacklist/lib/blacklist.c up to 1.5
external/bsd/blacklist/lib/libblacklist.3 up to 1.3
external/bsd/blacklist/lib/shlib_version up to 1.1
external/bsd/blacklist/libexec/Makefile up to 1.1
external/bsd/blacklist/libexec/blacklistd-helper up to 1.4
external/bsd/blacklist/port/m4/.cvsignore up to 1.1
external/bsd/blacklist/port/Makefile.am up to 1.4
external/bsd/blacklist/port/_strtoi.h up to 1.1
external/bsd/blacklist/port/clock_gettime.c up to 1.2
external/bsd/blacklist/port/configure.ac up to 1.7
external/bsd/blacklist/port/fgetln.c up to 1.1
external/bsd/blacklist/port/fparseln.c up to 1.1
external/bsd/blacklist/port/getprogname.c up to 1.4
external/bsd/blacklist/port/pidfile.c up to 1.1
external/bsd/blacklist/port/popenve.c up to 1.2
external/bsd/blacklist/port/port.h up to 1.6
external/bsd/blacklist/port/sockaddr_snprintf.c up to 1.9
external/bsd/blacklist/port/strlcat.c up to 1.2
external/bsd/blacklist/port/strlcpy.c up to 1.2
external/bsd/blacklist/port/strtoi.c up to 1.3
external/bsd/blacklist/test/Makefile up to 1.2
external/bsd/blacklist/test/cltest.c up to 1.6
external/bsd/blacklist/test/srvtest.c up to 1.9
lib/libpam/modules/pam_ssh/pam_ssh.c up to 1.23
libexec/ftpd/pfilter.c up to 1.1
libexec/ftpd/pfilter.h up to 1.1
libexec/ftpd/Makefile up to 1.64
libexec/ftpd/ftpd.c up to 1.201
Add blacklistd(8), a daemon to block and release network ports
on demand to mitigate abuse, and related changes to system daemons
to support it.
[christos, ticket #711]
|
| 1.22.14.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.22.8.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.22.2.1 | 15-Aug-2017 |
snj | Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.
|
| 1.23.14.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.23.14.1 | 16-Apr-2018 |
pgoyette | Sync with HEAD, resolve some conflicts
|
| 1.25.2.2 | 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
| 1.25.2.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.27.2.1 | 25-Dec-2023 |
martin | Pull up the following, requested by kim in ticket #1780:
crypto/external/bsd/openssh/Makefile.inc up to 1.15 (+patch)
crypto/external/bsd/openssh/bin/Makefile.inc up to 1.4
crypto/external/bsd/openssh/bin/scp/Makefile up to 1.6
crypto/external/bsd/openssh/bin/sftp/Makefile up to 1.11
crypto/external/bsd/openssh/bin/sftp-server/Makefile up to 1.4
crypto/external/bsd/openssh/bin/ssh/Makefile up to 1.20
crypto/external/bsd/openssh/bin/ssh-add/Makefile up to 1.3
crypto/external/bsd/openssh/bin/ssh-agent/Makefile up to 1.7
crypto/external/bsd/openssh/bin/ssh-keygen/Makefile up to 1.10
crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.6
crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile up to 1.4
crypto/external/bsd/openssh/bin/sshd/Makefile up to 1.27 (+patch)
crypto/external/bsd/openssh/dist/PROTOCOL.sshsig up to 1.1.1.2
crypto/external/bsd/openssh/dist/srclimit.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-realpath.c up to 1.3
crypto/external/bsd/openssh/dist/sntrup761.c up to 1.3
crypto/external/bsd/openssh/dist/sntrup761.sh up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshsig.c up to 1.12
crypto/external/bsd/openssh/dist/sshsig.h up to 1.1.1.5
crypto/external/bsd/openssh/dist/addr.c up to 1.6
crypto/external/bsd/openssh/dist/PROTOCOL.u2f up to 1.1.1.3
crypto/external/bsd/openssh/dist/sk-api.h up to 1.1.1.6
crypto/external/bsd/openssh/dist/sk-usbhid.c up to 1.9
crypto/external/bsd/openssh/dist/ssh-ecdsa-sk.c up to 1.4
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c up to 1.5
crypto/external/bsd/openssh/dist/ssh-sk-client.c up to 1.6
crypto/external/bsd/openssh/dist/ssh-sk-helper.8 up to 1.1.1.2
crypto/external/bsd/openssh/dist/ssh-sk-helper.c up to 1.7
crypto/external/bsd/openssh/dist/ssh-sk.c up to 1.8
crypto/external/bsd/openssh/dist/ssh-sk.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshbuf-io.c up to 1.2
crypto/external/bsd/openssh/dist/addr.h up to 1.1.1.2
crypto/external/bsd/openssh/dist/kexsntrup761x25519.c up to 1.3
crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c up to 1.3
crypto/external/bsd/openssh/dist/srclimit.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-usergroup.c up to 1.3
crypto/external/bsd/openssh/dist/sftp-usergroup.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/ed25519.sh up to 1.1.1.1
crypto/external/bsd/openssh/dist/crc32.c delete
crypto/external/bsd/openssh/dist/crc32.h delete
crypto/external/bsd/openssh/dist/fe25519.c delete
crypto/external/bsd/openssh/dist/fe25519.h delete
crypto/external/bsd/openssh/dist/ge25519.c delete
crypto/external/bsd/openssh/dist/ge25519.h delete
crypto/external/bsd/openssh/dist/ge25519_base.data delete
crypto/external/bsd/openssh/dist/kexsntrup4591761x25519.c delete
crypto/external/bsd/openssh/dist/sc25519.c delete
crypto/external/bsd/openssh/dist/sc25519.h delete
crypto/external/bsd/openssh/dist/sntrup4591761.c delete
crypto/external/bsd/openssh/dist/sntrup4591761.sh delete
crypto/external/bsd/openssh/dist/uuencode.c delete
crypto/external/bsd/openssh/dist/uuencode.h delete
crypto/external/bsd/openssh/dist/verify.c delete
crypto/external/bsd/openssh/dist/LICENCE up to 1.7
crypto/external/bsd/openssh/dist/PROTOCOL up to 1.23
crypto/external/bsd/openssh/dist/PROTOCOL.agent up to 1.15
crypto/external/bsd/openssh/dist/PROTOCOL.certkeys up to 1.13
crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.4
crypto/external/bsd/openssh/dist/PROTOCOL.key up to 1.1.1.3
crypto/external/bsd/openssh/dist/PROTOCOL.krl up to 1.1.1.5
crypto/external/bsd/openssh/dist/PROTOCOL.mux up to 1.12
crypto/external/bsd/openssh/dist/addrmatch.c up to 1.15
crypto/external/bsd/openssh/dist/auth-krb5.c up to 1.16
crypto/external/bsd/openssh/dist/auth-options.c up to 1.29
crypto/external/bsd/openssh/dist/auth-options.h up to 1.15
crypto/external/bsd/openssh/dist/auth-pam.c up to 1.21
crypto/external/bsd/openssh/dist/auth-passwd.c up to 1.13
crypto/external/bsd/openssh/dist/auth-rhosts.c up to 1.16
crypto/external/bsd/openssh/dist/auth.c up to 1.34
crypto/external/bsd/openssh/dist/auth.h up to 1.23
crypto/external/bsd/openssh/dist/auth2-chall.c up to 1.19
crypto/external/bsd/openssh/dist/auth2-gss.c up to 1.17
crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.23
crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.15
crypto/external/bsd/openssh/dist/auth2-krb5.c up to 1.10
crypto/external/bsd/openssh/dist/auth2-none.c up to 1.14
crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.16
crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.34
crypto/external/bsd/openssh/dist/auth2.c up to 1.29
crypto/external/bsd/openssh/dist/authfd.c up to 1.27
crypto/external/bsd/openssh/dist/authfd.h up to 1.17
crypto/external/bsd/openssh/dist/authfile.c up to 1.28
crypto/external/bsd/openssh/dist/authfile.h up to 1.10
crypto/external/bsd/openssh/dist/canohost.c up to 1.16
crypto/external/bsd/openssh/dist/chacha.c up to 1.6
crypto/external/bsd/openssh/dist/chacha.h up to 1.3
crypto/external/bsd/openssh/dist/channels.c up to 1.42
crypto/external/bsd/openssh/dist/channels.h up to 1.26
crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.7
crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.3
crypto/external/bsd/openssh/dist/cipher.c up to 1.21
crypto/external/bsd/openssh/dist/cipher.h up to 1.17
crypto/external/bsd/openssh/dist/clientloop.c up to 1.39
crypto/external/bsd/openssh/dist/clientloop.h up to 1.18
crypto/external/bsd/openssh/dist/compat.c up to 1.26
crypto/external/bsd/openssh/dist/compat.h up to 1.18
crypto/external/bsd/openssh/dist/crypto_api.h up to 1.5
crypto/external/bsd/openssh/dist/dh.c up to 1.20
crypto/external/bsd/openssh/dist/dh.h up to 1.13
crypto/external/bsd/openssh/dist/digest-libc.c up to 1.8
crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.9
crypto/external/bsd/openssh/dist/dispatch.c up to 1.11
crypto/external/bsd/openssh/dist/dns.c up to 1.23
crypto/external/bsd/openssh/dist/dns.h up to 1.13
crypto/external/bsd/openssh/dist/ed25519.c up to 1.6
crypto/external/bsd/openssh/dist/fatal.c up to 1.7
crypto/external/bsd/openssh/dist/getrrsetbyname.c up to 1.6
crypto/external/bsd/openssh/dist/gss-genr.c up to 1.11
crypto/external/bsd/openssh/dist/gss-serv.c up to 1.15
crypto/external/bsd/openssh/dist/hash.c up to 1.7
crypto/external/bsd/openssh/dist/hmac.c up to 1.8
crypto/external/bsd/openssh/dist/hostfile.c up to 1.23
crypto/external/bsd/openssh/dist/hostfile.h up to 1.11
crypto/external/bsd/openssh/dist/includes.h up to 1.9
crypto/external/bsd/openssh/dist/kex.c up to 1.34
crypto/external/bsd/openssh/dist/kex.h up to 1.24
crypto/external/bsd/openssh/dist/kexdh.c up to 1.10
crypto/external/bsd/openssh/dist/kexgen.c up to 1.7
crypto/external/bsd/openssh/dist/kexgexc.c up to 1.17
crypto/external/bsd/openssh/dist/kexgexs.c up to 1.23
crypto/external/bsd/openssh/dist/krl.c up to 1.23
crypto/external/bsd/openssh/dist/krl.h up to 1.6
crypto/external/bsd/openssh/dist/ldapauth.c up to 1.8
crypto/external/bsd/openssh/dist/ldapauth.h up to 1.6
crypto/external/bsd/openssh/dist/log.c up to 1.27
crypto/external/bsd/openssh/dist/log.h up to 1.17
crypto/external/bsd/openssh/dist/mac.c up to 1.16
crypto/external/bsd/openssh/dist/match.c up to 1.16
crypto/external/bsd/openssh/dist/match.h up to 1.11
crypto/external/bsd/openssh/dist/misc.c up to 1.35
crypto/external/bsd/openssh/dist/misc.h up to 1.27
crypto/external/bsd/openssh/dist/moduli up to 1.10
crypto/external/bsd/openssh/dist/moduli.c up to 1.17
crypto/external/bsd/openssh/dist/monitor.c up to 1.43
crypto/external/bsd/openssh/dist/monitor.h up to 1.13
crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.9
crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.34
crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.23
crypto/external/bsd/openssh/dist/msg.c up to 1.11
crypto/external/bsd/openssh/dist/mux.c up to 1.35
crypto/external/bsd/openssh/dist/myproposal.h up to 1.24
crypto/external/bsd/openssh/dist/namespace.h up to 1.10
crypto/external/bsd/openssh/dist/nchan.c up to 1.14
crypto/external/bsd/openssh/dist/packet.c up to 1.50
crypto/external/bsd/openssh/dist/packet.h up to 1.26
crypto/external/bsd/openssh/dist/pathnames.h up to 1.15
crypto/external/bsd/openssh/dist/pfilter.c up to 1.8 (+patch)
crypto/external/bsd/openssh/dist/poly1305.c up to 1.6
crypto/external/bsd/openssh/dist/progressmeter.c up to 1.15
crypto/external/bsd/openssh/dist/readconf.c up to 1.44
crypto/external/bsd/openssh/dist/readconf.h up to 1.34
crypto/external/bsd/openssh/dist/readpass.c up to 1.18
crypto/external/bsd/openssh/dist/rijndael.h up to 1.3
crypto/external/bsd/openssh/dist/sandbox-pledge.c up to 1.3
crypto/external/bsd/openssh/dist/sandbox-rlimit.c up to 1.7
crypto/external/bsd/openssh/dist/scp.1 up to 1.31
crypto/external/bsd/openssh/dist/scp.c up to 1.41
crypto/external/bsd/openssh/dist/servconf.c up to 1.44
crypto/external/bsd/openssh/dist/servconf.h up to 1.30
crypto/external/bsd/openssh/dist/serverloop.c up to 1.35
crypto/external/bsd/openssh/dist/session.c up to 1.38
crypto/external/bsd/openssh/dist/session.h up to 1.10
crypto/external/bsd/openssh/dist/sftp-client.c up to 1.35
crypto/external/bsd/openssh/dist/sftp-client.h up to 1.18
crypto/external/bsd/openssh/dist/sftp-common.c up to 1.14
crypto/external/bsd/openssh/dist/sftp-common.h up to 1.8
crypto/external/bsd/openssh/dist/sftp-glob.c up to 1.15
crypto/external/bsd/openssh/dist/sftp-server-main.c up to 1.8
crypto/external/bsd/openssh/dist/sftp-server.8 up to 1.14
crypto/external/bsd/openssh/dist/sftp-server.c up to 1.30
crypto/external/bsd/openssh/dist/sftp.1 up to 1.30
crypto/external/bsd/openssh/dist/sftp.c up to 1.39
crypto/external/bsd/openssh/dist/ssh-add.1 up to 1.18
crypto/external/bsd/openssh/dist/ssh-add.c up to 1.30
crypto/external/bsd/openssh/dist/ssh-agent.1 up to 1.19
crypto/external/bsd/openssh/dist/ssh-agent.c up to 1.37
crypto/external/bsd/openssh/dist/ssh-dss.c up to 1.18
crypto/external/bsd/openssh/dist/ssh-ecdsa.c up to 1.15
crypto/external/bsd/openssh/dist/ssh-ed25519.c up to 1.10
crypto/external/bsd/openssh/dist/ssh-gss.h up to 1.10
crypto/external/bsd/openssh/dist/ssh-keygen.1 up to 1.34
crypto/external/bsd/openssh/dist/ssh-keygen.c up to 1.46
crypto/external/bsd/openssh/dist/ssh-keyscan.1 up to 1.18
crypto/external/bsd/openssh/dist/ssh-keyscan.c up to 1.32
crypto/external/bsd/openssh/dist/ssh-keysign.8 up to 1.14
crypto/external/bsd/openssh/dist/ssh-keysign.c up to 1.24
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.19
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 up to 1.12
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.22
crypto/external/bsd/openssh/dist/ssh-pkcs11.c up to 1.26
crypto/external/bsd/openssh/dist/ssh-pkcs11.h up to 1.9
crypto/external/bsd/openssh/dist/ssh-rsa.c up to 1.19
crypto/external/bsd/openssh/dist/ssh-xmss.c up to 1.6
crypto/external/bsd/openssh/dist/ssh.1 up to 1.39
crypto/external/bsd/openssh/dist/ssh.c up to 1.45
crypto/external/bsd/openssh/dist/ssh.h up to 1.13
crypto/external/bsd/openssh/dist/ssh2.h up to 1.15
crypto/external/bsd/openssh/dist/ssh_api.c up to 1.15
crypto/external/bsd/openssh/dist/ssh_config up to 1.16
crypto/external/bsd/openssh/dist/ssh_config.5 up to 1.40
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.12
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.11
crypto/external/bsd/openssh/dist/sshbuf-misc.c up to 1.14
crypto/external/bsd/openssh/dist/sshbuf.c up to 1.14
crypto/external/bsd/openssh/dist/sshbuf.h up to 1.19
crypto/external/bsd/openssh/dist/sshconnect.c up to 1.37
crypto/external/bsd/openssh/dist/sshconnect.h up to 1.17
crypto/external/bsd/openssh/dist/sshconnect2.c up to 1.46
crypto/external/bsd/openssh/dist/sshd.8 up to 1.31
crypto/external/bsd/openssh/dist/sshd.c up to 1.50
crypto/external/bsd/openssh/dist/sshd_config up to 1.28
crypto/external/bsd/openssh/dist/sshd_config.5 up to 1.42
crypto/external/bsd/openssh/dist/ssherr.c up to 1.10
crypto/external/bsd/openssh/dist/ssherr.h up to 1.4
crypto/external/bsd/openssh/dist/sshkey-xmss.c up to 1.10
crypto/external/bsd/openssh/dist/sshkey-xmss.h up to 1.5
crypto/external/bsd/openssh/dist/sshkey.c up to 1.32
crypto/external/bsd/openssh/dist/sshkey.h up to 1.19
crypto/external/bsd/openssh/dist/sshlogin.c up to 1.13
crypto/external/bsd/openssh/dist/sshpty.c up to 1.8
crypto/external/bsd/openssh/dist/ttymodes.c up to 1.12
crypto/external/bsd/openssh/dist/uidswap.c up to 1.10
crypto/external/bsd/openssh/dist/umac.c up to 1.22
crypto/external/bsd/openssh/dist/umac.h up to 1.10
crypto/external/bsd/openssh/dist/utf8.c up to 1.9
crypto/external/bsd/openssh/dist/utf8.h up to 1.5
crypto/external/bsd/openssh/dist/version.h up to 1.44
crypto/external/bsd/openssh/dist/xmalloc.c up to 1.13
crypto/external/bsd/openssh/dist/xmalloc.h up to 1.16
crypto/external/bsd/openssh/dist/xmss_hash.c up to 1.3
crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.3
crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.3
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.16
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.18
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.18
crypto/external/bsd/openssh/lib/Makefile up to 1.38
crypto/external/bsd/openssh/lib/shlib_version up to 1.36
crypto/external/bsd/openssh/openssh2netbsd up to 1.4
lib/libpam/modules/pam_ssh/Makefile up to 1.13
lib/libpam/modules/pam_ssh/pam_ssh.c up to 1.30
distrib/sets/lists/base/shl.mi (apply patch)
distrib/sets/lists/debug/shl.mi (apply patch)
doc/3RDPARTY (apply patch)
Update OpenSSH to 9.6.
|
