summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/kexgex.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* pass most arguments to the KEX hash functions as sshbuf ratherdjm2019-01-231-9/+9
| | | | than pointer+length; ok markus@
* factor out kex_dh_compute_key() - it's shared between plain DH KEX anddjm2019-01-211-3/+3
| | | | | | DH GEX in both the client and server implementations from markus@ ok djm@
* move client/server SSH-* banners to buffers under ssh->kex and factordjm2018-12-271-5/+5
| | | | | | | | | | | out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@
* adapt kex to sshbuf and struct ssh; ok djm@markus2015-01-191-52/+53
|
* Introduce digest API and use it to perform all hashing operationsdjm2014-01-091-12/+12
| | | | | | rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-3/+5
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* RCSID() can diederaadt2006-03-191-1/+0
|
* remove hardcoded hash lengths in key exchange code, allowingdjm2005-11-041-7/+9
| | | | | implementation of KEX methods with different hashes (e.g. SHA-256); ok markus@ dtucker@ stevesk@
* split kex into client and server code, no need to linkmarkus2003-02-161-325/+3
| | | | server code into the client; ok provos@
* typo; ok markus@stevesk2002-03-241-2/+2
|
* integrate privilege separated openssh; its turned off by default for now.provos2002-03-181-3/+6
| | | | work done by me and markus@
* add some const EVP_MD for openssl-0.9.7markus2002-02-281-2/+2
|
* signed vs. unsigned: make size arguments u_int, ok stevesk@markus2002-02-241-3/+3
|
* don't allow garbage after payload.markus2002-02-231-1/+2
|
* cross check announced key type and type from key blobmarkus2002-01-311-2/+3
|
* use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@markus2002-01-251-2/+2
|
* packet_read* no longer return the packet length, since it's not used.markus2001-12-281-7/+7
|
* packet_get_bignum* no longer returns a sizemarkus2001-12-281-7/+7
|
* s/packet_done/packet_check_eom/ (end-of-message); ok djm@markus2001-12-281-4/+4
|
* always use BN_clear_free instead of BN_freemarkus2001-12-271-3/+3
|
* call fatal() for openssl allocation failuresmarkus2001-12-271-7/+7
|
* minor KNFderaadt2001-12-051-2/+2
|
* u_char*/char* cleanup; ok markus@stevesk2001-09-171-6/+6
|
* more strict prototypes. raise warning level in Makefile.inc. markus ok'editojun2001-06-231-4/+4
| | | | TODO; cleanup headers
* get rid of known_hosts2, use it for hostkey lookup, but do not modify.markus2001-06-231-4/+5
|
* use xxx_put_cstring()markus2001-06-071-3/+3
|
* fix whitespace: unexpand + trailing spaces.markus2001-04-051-4/+4
|
* parse full kexinit packet.markus2001-04-041-2/+2
| | | | make server-side more robust, too.
* don't sent multiple kexinit-requests.markus2001-04-041-10/+7
| | | | | send newkeys, block while waiting for newkeys. fix comments.
* undo parts of recent my changes: main part of keyexchange does notmarkus2001-04-031-137/+68
| | | | | | | need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
* move kex to kex*.c, used dispatch_set() callbacks for kex. shouldmarkus2001-04-031-0/+480
make rekeying easier.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.