wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

	Commit message (Collapse)	Author	Age	Files	Lines
*	correct local variable name; from yawang AT microsoft.com	djm	2018-11-09	1	-3/+3
\|
*	When choosing a prime from the moduli file, avoid re-using the	millert	2018-09-17	1	-6/+8
\| \| \| \| \| \| \|	linenum variable for something that is not a line number to avoid the confusion that resulted in the bug in rev. 1.64. This also lets us pass the actual linenum to parse_prime() so the error messages include the correct line number. OK markus@ some time ago.
*	hold our collective noses and use the openssl-1.1.x API in OpenSSH;	djm	2018-09-13	1	-24/+38
\| \| \| \|	feedback and ok tb@ jsing@ markus@
*	invalidate dh->priv_key after freeing it in error path; avoids	djm	2018-08-04	1	-1/+2
\| \| \| \| \| \|	unlikely double-free later. Reported by Viktor Dukhovni via https://github.com/openssh/openssh-portable/pull/96 feedback jsing@ tb@
*	Fix "WARNING: line 6 disappeared in /etc/moduli, giving up" when	millert	2018-06-26	1	-2/+1
\| \| \| \| \|	choosing a prime. An extra increment of linenum snuck in as part of the conversion to getline(). OK djm@ markus@
*	switch config file parsing to getline(3) as this avoids static limits	markus	2018-06-06	1	-6/+12
\| \| \| \|	noted by gerhard@; ok dtucker@, djm@
*	Remove all guards for calls to OpenSSL free functions - all of these	jsing	2018-02-07	1	-5/+3
\| \| \| \| \| \| \| \| \|	functions handle NULL, from at least OpenSSL 1.0.1g onwards. Prompted by dtucker@ asking about guards for RSA_free(), when looking at openssh-portable pr#84 on github. ok deraadt@ dtucker@
*	Fix text in error message. Patch from zev at bewilderbeest.net.	dtucker	2016-12-15	1	-2/+2
\|
*	Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions	deraadt	2016-09-12	1	-3/+2
\| \| \| \| \|	rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker
*	add support for additional fixed DH groups from	djm	2016-05-02	1	-11/+72
\| \| \| \| \| \| \| \| \| \| \|	draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@
*	Remove fallback from moduli to "primes" file that was deprecated in 2001	dtucker	2016-03-31	1	-7/+7
\| \| \| \| \|	and fix log messages referring to primes file. Based on patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@
*	rearrange DH public value tests to be a little more clear	djm	2016-02-28	1	-7/+16
\| \| \| \| \| \| \|	rearrange DH private value generation to explain rationale more clearly and include an extra sanity check. ok deraadt
*	Add a stronger (4k bit) fallback group that sshd can use when the moduli	dtucker	2015-05-27	1	-4/+43
\| \| \| \| \|	file is missing or broken, sourced from RFC3526. bz#2302, ok markus@ (earlier version), djm@
*	relax bits needed check to allow diffie-hellman-group1-sha1 key	djm	2015-03-26	1	-2/+2
\| \| \| \| \|	exchange to complete for chacha20-poly1305 was selected as symmetric cipher; ok markus
*	Reduce use of <sys/param.h> and transition to <limits.h> throughout.	deraadt	2015-01-20	1	-2/+3
\| \| \| \|	ok djm markus
*	adapt kex to sshbuf and struct ssh; ok djm@	markus	2015-01-19	1	-29/+30
\|
*	Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com"	djm	2013-11-21	1	-26/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
*	Increase the size of the Diffie-Hellman groups requested for a each symmetric	dtucker	2013-10-08	1	-7/+10
\| \| \| \| \|	key size. New values from NIST Special Publication 800-57 with the upper limit specified by RFC4419. Pointed out by Peter Backes, ok djm@.
*	remove extra whitespace	markus	2013-07-02	1	-2/+2
\|
*	sprinkle in some error() to explain moduli(5) parse failures	djm	2013-06-21	1	-27/+47
\|
*	fix some harmless and/or unreachable int overflows;	djm	2011-12-07	1	-1/+3
\| \| \| \|	reported Xi Wang, ok markus@
*	fix a cast	grunk	2009-10-01	1	-2/+2
\| \| \| \|	ok djm@ markus@
*	when loading moduli from /etc/moduli in sshd(8), check that they	djm	2008-06-26	1	-1/+14
\| \| \| \| \| \|	are of the expected "safe prime" structure and have had appropriate primality tests performed; feedback and ok dtucker@
*	Use arc4random_buf() when requesting more than a single word of output	djm	2008-04-13	1	-2/+2
\| \| \| \| \| \| \|	Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
*	Don't return -1 on error in dh_pub_is_valid(), since it evaluates	ray	2007-09-27	1	-4/+6
\| \| \| \| \| \| \| \| \| \|	to true. Also fix a typo. Initial diff from Matthew Dempsky, input from djm. OK djm, markus.
*	BN_hex2bn returns int; from dtucker@	markus	2006-11-07	1	-3/+3
\|
*	add missing checks for openssl return codes; with & ok djm@	markus	2006-11-06	1	-3/+3
\|
*	almost entirely get rid of the culture of ".h files that include .h files"	deraadt	2006-08-03	1	-3/+1
\| \| \| \| \|	ok djm, sort of ok stevesk makes the pain stop in one easy step
*	move #include <stdio.h> out of includes.h	stevesk	2006-08-01	1	-1/+2
\|
*	move #include <stdlib.h> out of includes.h	stevesk	2006-07-26	1	-1/+2
\|
*	move #include <sys/param.h> out of includes.h	stevesk	2006-07-26	1	-1/+3
\|
*	move #include <string.h> out of includes.h	stevesk	2006-07-22	1	-1/+3
\|
*	remove unneeded includes; ok djm@	stevesk	2006-07-18	1	-7/+1
\|
*	tighter DH exponent checks here too; feedback and ok markus@	djm	2006-05-04	1	-2/+19
\|
*	use strtonum() instead of atoi(), limit dhg size to 64k; ok djm	deraadt	2006-03-27	1	-2/+4
\|
*	Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that	djm	2006-03-25	1	-0/+1
\| \| \| \|	Theo nuked - our scripts to sync -portable need them in the files
*	RCSID() can die	deraadt	2006-03-19	1	-1/+0
\|
*	potential NULL pointer dereferences detected by Coverity	djm	2006-03-19	1	-2/+3
\| \| \| \|	via elad AT netbsd.org; ok deraadt@
*	return group14 when no primes found - fixes hang on empty /etc/moduli;	djm	2004-08-04	1	-2/+2
\| \| \| \|	ok markus@
*	implement diffie-hellman-group14-sha1 kex method (trivial extension to	djm	2004-06-13	1	-4/+24
\| \| \| \|	existing diffie-hellman-group1-sha1); ok markus@
*	Reset bit counter at the right time, fixes debug output in the case where	dtucker	2004-02-27	1	-3/+3
\| \| \| \|	the DH group is rejected. ok markus@
*	Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone	dtucker	2004-02-27	1	-2/+2
\| \| \| \|	ever uses one. ok markus@
*	Prevent sshd from sending DH groups with a primitive generator of zero or	dtucker	2004-02-27	1	-1/+4
\| \| \| \|	one, even if they are listed in /etc/moduli. ok markus@
*	use <= instead of < in dh_estimate; ok provos/hshoexer; do not return < DH_GRP_MIN	markus	2003-12-16	1	-5/+3
\|
*	A few signedness fixes for harmless situations; markus@ ok	miod	2003-09-18	1	-2/+2
\|
*	rename log() into logit() to avoid name conflict. markus ok, from netbsd	itojun	2003-04-08	1	-5/+5
\|
*	debug->debug2	markus	2002-11-21	1	-3/+3
\|
*	more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@	markus	2002-06-27	1	-2/+2
\|
*	undo	markus	2002-03-06	1	-6/+3
\|
*	compat.c	markus	2002-03-06	1	-3/+6
\|