freebsd-nq/crypto/openssh
Bryan Drewery e3bd730f60 Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled.
The use of CHAN_TCP_WINDOW_DEFAULT here was fixed in upstream OpenSSH
in CVS 1.4810, git 5baa170d771de9e95cf30b4c469ece684244cf3e:

  - dtucker@cvs.openbsd.org 2007/12/28 22:34:47
    [clientloop.c]
    Use the correct packet maximum sizes for remote port and agent forwarding.
    Prevents the server from killing the connection if too much data is queued
    and an excessively large packet gets sent.  bz #1360, ok djm@.

The change was lost due to the the way the original upstream HPN patch
modified this code. It was re-adding the original OpenSSH code and never
was properly fixed to use the new value.

MFC after:	2 weeks
2015-04-02 18:43:25 +00:00
..
contrib
openbsd-compat
regress
aclocal.m4
addrmatch.c
atomicio.c
atomicio.h
audit-bsm.c
audit-linux.c
audit.c
audit.h
auth1.c
auth2-chall.c
auth2-gss.c
auth2-hostbased.c
auth2-kbdint.c
auth2-none.c
auth2-passwd.c
auth2-pubkey.c
auth2.c
auth-bsdauth.c
auth-chall.c
auth-krb5.c
auth-options.c
auth-options.h
auth-pam.c
auth-pam.h
auth-passwd.c
auth-rh-rsa.c
auth-rhosts.c
auth-rsa.c
auth-shadow.c
auth-sia.c
auth-sia.h
auth-skey.c
auth.c
auth.h
authfd.c
authfd.h
authfile.c
authfile.h
blocks.c
bufaux.c
bufbn.c
bufec.c
buffer.c
buffer.h
buildpkg.sh.in
canohost.c
canohost.h
chacha.c
chacha.h
ChangeLog
channels.c
channels.h
cipher-3des1.c
cipher-aes.c
cipher-bf1.c
cipher-chachapoly.c
cipher-chachapoly.h
cipher-ctr.c
cipher.c
cipher.h
cleanup.c
clientloop.c Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled. 2015-04-02 18:43:25 +00:00
clientloop.h
compat.c
compat.h
compress.c
compress.h
config.guess
config.h
config.h.in
config.sub
configure
configure.ac
crc32.c
crc32.h
CREDITS
crypto_api.h
deattack.c
deattack.h
defines.h
dh.c
dh.h
digest-libc.c
digest-openssl.c
digest.h
dispatch.c
dispatch.h
dns.c
dns.h
ed25519.c
entropy.c
entropy.h
fatal.c
fe25519.c
fe25519.h
fixalgorithms
fixpaths
fixprogs
freebsd-configure.sh
freebsd-post-merge.sh
freebsd-pre-merge.sh
FREEBSD-upgrade
FREEBSD-vendor
ge25519_base.data
ge25519.c
ge25519.h
groupaccess.c
groupaccess.h
gss-genr.c
gss-serv-krb5.c
gss-serv.c
hash.c
hmac.c
hmac.h
hostfile.c
hostfile.h
includes.h
INSTALL
install-sh
kex.c
kex.h
kexc25519.c
kexc25519c.c
kexc25519s.c
kexdh.c
kexdhc.c
kexdhs.c
kexecdh.c
kexecdhc.c
kexecdhs.c
kexgex.c
kexgexc.c
kexgexs.c
key.c
key.h
krb5_config.h
krl.c
krl.h
LICENCE
log.c
log.h
loginrec.c
loginrec.h
logintest.c
mac.c
mac.h
Makefile.in
match.c
match.h
md5crypt.c
md5crypt.h
md-sha256.c
mdoc2man.awk
misc.c
misc.h
mkinstalldirs
moduli
moduli.0
moduli.5
moduli.c
monitor_fdpass.c
monitor_fdpass.h
monitor_mm.c
monitor_mm.h
monitor_wrap.c
monitor_wrap.h
monitor.c
monitor.h
msg.c
msg.h
mux.c
myproposal.h
nchan2.ms
nchan.c
nchan.ms
openssh.xml.in
opensshd.init.in
OVERVIEW
packet.c
packet.h
pathnames.h
pkcs11.h
platform.c
platform.h
poly1305.c
poly1305.h
progressmeter.c
progressmeter.h
PROTOCOL
PROTOCOL.agent
PROTOCOL.certkeys
PROTOCOL.chacha20poly1305
PROTOCOL.key
PROTOCOL.krl
PROTOCOL.mux
readconf.c
readconf.h
README
README.dns
README.hpn
README.platform
README.privsep
README.tun
readpass.c
rijndael.c
rijndael.h
roaming_client.c
roaming_common.c
roaming_dummy.c
roaming_serv.c
roaming.h
rsa.c
rsa.h
sandbox-capsicum.c
sandbox-darwin.c
sandbox-null.c
sandbox-rlimit.c
sandbox-seccomp-filter.c
sandbox-systrace.c
sc25519.c
sc25519.h
schnorr.c
scp.0
scp.1
scp.c
servconf.c
servconf.h
serverloop.c
serverloop.h
session.c
session.h
sftp-client.c
sftp-client.h
sftp-common.c
sftp-common.h
sftp-glob.c
sftp-server-main.c
sftp-server.0
sftp-server.8
sftp-server.c
sftp.0
sftp.1
sftp.c
sftp.h
smult_curve25519_ref.c
ssh1.h
ssh2.h
ssh_config
ssh_config.0
ssh_config.5
ssh_namespace.h
ssh-add.0
ssh-add.1
ssh-add.c
ssh-agent.0
ssh-agent.1
ssh-agent.c
ssh-dss.c
ssh-ecdsa.c
ssh-ed25519.c
ssh-gss.h
ssh-keygen.0
ssh-keygen.1
ssh-keygen.c
ssh-keyscan.0
ssh-keyscan.1
ssh-keyscan.c
ssh-keysign.0
ssh-keysign.8
ssh-keysign.c
ssh-pkcs11-client.c
ssh-pkcs11-helper.0
ssh-pkcs11-helper.8
ssh-pkcs11-helper.c
ssh-pkcs11.c
ssh-pkcs11.h
ssh-rsa.c
ssh-sandbox.h
ssh.0
ssh.1
ssh.c
ssh.h
sshconnect1.c
sshconnect2.c
sshconnect.c
sshconnect.h
sshd_config
sshd_config.0
sshd_config.5
sshd.0
sshd.8
sshd.c
sshlogin.c
sshlogin.h
sshpty.c
sshpty.h
sshtty.c
survey.sh.in
TODO
ttymodes.c
ttymodes.h
uidswap.c
uidswap.h
umac128.c
umac.c
umac.h
uuencode.c
uuencode.h
verify.c
version.h
xmalloc.c
xmalloc.h

See http://www.openssh.com/txt/release-6.6 for the release notes.

- A Japanese translation of this document and of the OpenSSH FAQ is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>

This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's sample
implementation with all patent-encumbered algorithms removed (to
external libraries), all known security bugs fixed, new features
reintroduced and many other clean-ups.  OpenSSH has been created by
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
and Dug Song. It has a homepage at http://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare.

This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[3], OpenSSL[4] and optionally PAM[5].

There is now several mailing lists for this port of OpenSSH. Please
refer to http://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by
unsubscribed users.Code contribution are welcomed, but please follow the 
OpenBSD style guidelines[6].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system. There are a number of differences between this
port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7]
for details and general tips.

Damien Miller <djm@mindrot.org>

Miscellania -

This version of OpenSSH is based upon code retrieved from the OpenBSD
CVS repository which in turn was based on the last free sample
implementation released by Tatu Ylonen.

References -

[0] http://www.openssh.com/faq.html
[1] http://www.lothar.com/tech/crypto/
[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
[3] http://www.gzip.org/zlib/
[4] http://www.openssl.org/
[5] http://www.openpam.org
    http://www.kernel.org/pub/linux/libs/pam/ 
    (PAM also is standard on Solaris and HP-UX 11)
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html

$Id: README,v 1.86 2014/02/27 23:03:53 djm Exp $