| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | use KEM API for vanilla DH KEX |   djm | 2019-01-21 | 1 | -143/+0 |
| | | | | | from markus@ ok djm@ | ||||
| * | factor out kex_verify_hostkey() - again, duplicated almost exactly | djm | 2019-01-21 | 1 | -14/+2 |
| | | | | | | | across client and server for several KEX methods. from markus@ ok djm@ | ||||
| * | factor out kex_dh_compute_key() - it's shared between plain DH KEX and | djm | 2019-01-21 | 1 | -34/+11 |
| | | | | | | | DH GEX in both the client and server implementations from markus@ ok djm@ | ||||
| * | factor out DH keygen; it's identical between the client and the server | djm | 2019-01-21 | 1 | -25/+3 |
| | | | | | from markus@ ok djm@ | ||||
| * | save the derived session id in kex_derive_keys() rather than making each | djm | 2019-01-21 | 1 | -12/+1 |
| | | | | | | | kex method implementation do it. from markus@ ok djm@ | ||||
| * | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather | djm | 2019-01-21 | 1 | -8/+3 |
| | | | | | | | than make the caller do it. Saves a lot of boilerplate code. from markus@ ok djm@ | ||||
| * | move client/server SSH-* banners to buffers under ssh->kex and factor | djm | 2018-12-27 | 1 | -3/+3 |
| | | | | | | | | | | | | out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ | ||||
| * | hold our collective noses and use the openssl-1.1.x API in OpenSSH; | djm | 2018-09-13 | 1 | -6/+11 |
| | | | | | feedback and ok tb@ jsing@ markus@ | ||||
| * | Remove all guards for calls to OpenSSL free functions - all of these |   jsing | 2018-02-07 | 1 | -5/+3 |
| | | | | | | | | | | functions handle NULL, from at least OpenSSL 1.0.1g onwards. Prompted by dtucker@ asking about guards for RSA_free(), when looking at openssh-portable pr#84 on github. ok deraadt@ dtucker@ | ||||
| * | pass negotiated signing algorithm though to sshkey_verify() and | djm | 2017-12-18 | 1 | -2/+2 |
| | | | | | | check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ | ||||
| * | protocol handlers all get struct ssh passed; ok djm@ |   markus | 2017-05-30 | 1 | -4/+3 |
| | | |||||
| * | add support for additional fixed DH groups from | djm | 2016-05-02 | 1 | -1/+9 |
| | | | | | | | | | | | | draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ | ||||
| * | correctly match ECDSA subtype (== curve) for offered/recevied | djm | 2015-01-26 | 1 | -2/+4 |
| | | | | | | | | | host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with different curve type (an extremely unlikely configuration). ok markus, "looks mechanical" deraadt@ | ||||
| * | adapt kex to sshbuf and struct ssh; ok djm@ | markus | 2015-01-19 | 1 | -74/+120 |
| | | |||||
| * | update packet.c & isolate, introduce struct ssh | markus | 2015-01-19 | 1 | -3/+3 |
| | | | | | | | | | a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@ | ||||
| * | convert memset of potentially-private data to explicit_bzero() | djm | 2014-02-02 | 1 | -2/+2 |
| | | |||||
| * | avoid use of OpenSSL BIGNUM type and functions for KEX with | djm | 2014-01-12 | 1 | -2/+2 |
| | | | | | | | | Curve25519 by adding a buffer_put_bignum2_from_string() that stores a string using the bignum encoding rules. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in the future; ok markus@ | ||||
| * | bye, bye xfree(); ok markus@ | djm | 2013-05-17 | 1 | -4/+4 |
| | | |||||
| * | use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. | djm | 2010-11-10 | 1 | -1/+3 |
| | | | | | these have been around for years by this time. ok markus | ||||
| * | add missing checks for openssl return codes; with & ok djm@ | markus | 2006-11-06 | 1 | -2/+3 |
| | | |||||
| * | check DH_compute_key() for -1 even if it should not happen because of | markus | 2006-10-31 | 1 | -3/+5 |
| | | | | | earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm | ||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -2/+5 |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | ||||
| * | move #include <stdio.h> out of includes.h |   stevesk | 2006-08-01 | 1 | -1/+2 |
| | | |||||
| * | move #include <string.h> out of includes.h | stevesk | 2006-07-22 | 1 | -1/+3 |
| | | |||||
| * | paramter -> parameter |   miod | 2006-05-18 | 1 | -2/+2 |
| | | |||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | ||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 |
| | | |||||
| * | remove hardcoded hash lengths in key exchange code, allowing | djm | 2005-11-04 | 1 | -7/+8 |
| | | | | | | implementation of KEX methods with different hashes (e.g. SHA-256); ok markus@ dtucker@ stevesk@ | ||||
| * | implement diffie-hellman-group14-sha1 kex method (trivial extension to | djm | 2004-06-13 | 1 | -2/+11 |
| | | | | | existing diffie-hellman-group1-sha1); ok markus@ | ||||
| * | split kex into client and server code, no need to link | markus | 2003-02-16 | 1 | -0/+137 |
| server code into the client; ok provos@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |