freebsd-skq/crypto/openssh
delphij 40a7840d69 MFV r308196:
Fix OpenSSH remote Denial of Service vulnerability.

Security:	CVE-2016-8858
2016-11-02 06:49:25 +00:00
..
contrib
openbsd-compat
regress
scard
.cvsignore
aclocal.m4
addrmatch.c
atomicio.c
atomicio.h
audit-bsm.c
audit-linux.c
audit.c
audit.h
auth1.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
auth2-chall.c
auth2-gss.c
auth2-hostbased.c
auth2-kbdint.c
auth2-none.c
auth2-passwd.c
auth2-pubkey.c
auth2.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
auth-bsdauth.c
auth-chall.c
auth-krb5.c
auth-options.c
auth-options.h
auth-pam.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
auth-pam.h
auth-passwd.c
auth-rh-rsa.c
auth-rhosts.c
auth-rsa.c
auth-shadow.c
auth-sia.c
auth-sia.h
auth-skey.c
auth.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
auth.h
authfd.c
authfd.h
authfile.c
authfile.h
bitmap.c
bitmap.h
blacklist_client.h Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
blacklist.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
blocks.c
bufaux.c
bufbn.c
bufec.c
buffer.c
buffer.h
buildpkg.sh.in
canohost.c
canohost.h
chacha.c
chacha.h
ChangeLog
channels.c
channels.h
cipher-3des1.c
cipher-aes.c
cipher-aesctr.c
cipher-aesctr.h
cipher-bf1.c
cipher-chachapoly.c
cipher-chachapoly.h
cipher-ctr.c
cipher.c
cipher.h
cleanup.c
clientloop.c
clientloop.h
compat.c
compat.h
config.guess
config.h Remove DSA from default cipher list and disable SSH1. 2016-08-03 16:08:21 +00:00
config.sub
configure.ac Remove DSA from default cipher list and disable SSH1. 2016-08-03 16:08:21 +00:00
crc32.c
crc32.h
CREDITS
crypto_api.h
deattack.c
deattack.h
defines.h
dh.c
dh.h
digest-libc.c
digest-openssl.c
digest.h
dispatch.c
dispatch.h
dns.c
dns.h
ed25519.c
entropy.c
entropy.h
fatal.c
fe25519.c
fe25519.h
fixalgorithms
fixpaths
fixprogs
freebsd-configure.sh
freebsd-post-merge.sh
freebsd-pre-merge.sh
FREEBSD-upgrade Remove DSA from default cipher list and disable SSH1. 2016-08-03 16:08:21 +00:00
FREEBSD-vendor
ge25519_base.data
ge25519.c
ge25519.h
groupaccess.c
groupaccess.h
gss-genr.c
gss-serv-krb5.c
gss-serv.c
hash.c
hmac.c
hmac.h
hostfile.c
hostfile.h
includes.h
INSTALL
install-sh
kex.c MFV r308196: 2016-11-02 06:49:25 +00:00
kex.h
kexc25519.c
kexc25519c.c
kexc25519s.c
kexdh.c
kexdhc.c
kexdhs.c
kexecdh.c
kexecdhc.c
kexecdhs.c
kexgex.c
kexgexc.c
kexgexs.c
key.c
key.h
krb5_config.h
krl.c
krl.h
LICENCE
log.c
log.h
loginrec.c
loginrec.h
logintest.c
mac.c
mac.h
Makefile.in
match.c
match.h
md5crypt.c
md5crypt.h
md-sha256.c
mdoc2man.awk
misc.c
misc.h
mkinstalldirs
moduli
moduli.5
moduli.c
monitor_fdpass.c
monitor_fdpass.h
monitor_mm.c
monitor_mm.h
monitor_wrap.c
monitor_wrap.h
monitor.c
monitor.h
msg.c
msg.h
mux.c
myproposal.h Remove DSA from default cipher list and disable SSH1. 2016-08-03 16:08:21 +00:00
nchan2.ms
nchan.c
nchan.ms
opacket.c
opacket.h
openssh.xml.in
opensshd.init.in
OVERVIEW
packet.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
packet.h
pathnames.h
pkcs11.h
platform-pledge.c
platform.c
platform.h
poly1305.c
poly1305.h
progressmeter.c
progressmeter.h
PROTOCOL
PROTOCOL.agent
PROTOCOL.certkeys
PROTOCOL.chacha20poly1305
PROTOCOL.key
PROTOCOL.krl
PROTOCOL.mux
readconf.c
readconf.h
README
README.dns
README.platform
README.privsep
README.tun
readpass.c
rijndael.c
rijndael.h
roaming.h
rsa.c
rsa.h
sandbox-capsicum.c
sandbox-darwin.c
sandbox-null.c
sandbox-pledge.c
sandbox-rlimit.c
sandbox-seccomp-filter.c
sandbox-solaris.c
sandbox-systrace.c
sc25519.c
sc25519.h
scp.1
scp.c
servconf.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
servconf.h Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
serverloop.c
serverloop.h
session.c
session.h
sftp-client.c
sftp-client.h
sftp-common.c
sftp-common.h
sftp-glob.c
sftp-server-main.c
sftp-server.8
sftp-server.c
sftp.1
sftp.c
sftp.h
smult_curve25519_ref.c
ssh1.h
ssh2.h
ssh_api.c
ssh_api.h
ssh_config
ssh_config.5 Remove DSA from default cipher list and disable SSH1. 2016-08-03 16:08:21 +00:00
ssh_namespace.h
ssh-add.1
ssh-add.c
ssh-agent.1
ssh-agent.c
ssh-dss.c
ssh-ecdsa.c
ssh-ed25519.c
ssh-gss.h
ssh-keygen.1
ssh-keygen.c
ssh-keyscan.1
ssh-keyscan.c
ssh-keysign.8
ssh-keysign.c
ssh-pkcs11-client.c
ssh-pkcs11-helper.8
ssh-pkcs11-helper.c
ssh-pkcs11.c
ssh-pkcs11.h
ssh-rsa.c
ssh-sandbox.h
ssh.1
ssh.c
ssh.h
sshbuf-getput-basic.c
sshbuf-getput-crypto.c
sshbuf-misc.c
sshbuf.c
sshbuf.h
sshconnect1.c
sshconnect2.c
sshconnect.c
sshconnect.h
sshd_config Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
sshd_config.5 Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
sshd.8
sshd.c Add refactored blacklist support to sshd 2016-08-30 14:09:24 +00:00
ssherr.c
ssherr.h
sshkey.c
sshkey.h
sshlogin.c
sshlogin.h
sshpty.c
sshpty.h
sshtty.c
survey.sh.in
TODO
ttymodes.c
ttymodes.h
uidswap.c
uidswap.h
umac128.c
umac.c
umac.h
uuencode.c
uuencode.h
verify.c
version.h
xmalloc.c
xmalloc.h

See http://www.openssh.com/txt/release-7.2p2 for the release notes.

Please read http://www.openssh.com/report.html for bug reporting
instructions and note that we do not use Github for bug reporting or
patch/pull-request management.

- A Japanese translation of this document and of the OpenSSH FAQ is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>

This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's sample
implementation with all patent-encumbered algorithms removed (to
external libraries), all known security bugs fixed, new features
reintroduced and many other clean-ups.  OpenSSH has been created by
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
and Dug Song. It has a homepage at http://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare.

This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[3], OpenSSL[4] and optionally PAM[5].

There is now several mailing lists for this port of OpenSSH. Please
refer to http://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by
unsubscribed users.Code contribution are welcomed, but please follow the 
OpenBSD style guidelines[6].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system. There are a number of differences between this
port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7]
for details and general tips.

Damien Miller <djm@mindrot.org>

Miscellania -

This version of OpenSSH is based upon code retrieved from the OpenBSD
CVS repository which in turn was based on the last free sample
implementation released by Tatu Ylonen.

References -

[0] http://www.openssh.com/faq.html
[1] http://www.lothar.com/tech/crypto/
[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
[3] http://www.gzip.org/zlib/
[4] http://www.openssl.org/
[5] http://www.openpam.org
    http://www.kernel.org/pub/linux/libs/pam/ 
    (PAM also is standard on Solaris and HP-UX 11)
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html

$Id: README,v 1.87 2014/08/10 01:35:06 djm Exp $