![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.17, Mon Jan 21 10:24:09 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.16: +1 -1 lines
FILE REMOVED
use KEM API for vanilla c25519 KEX
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jan 21 10:20:12 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.15: +4 -4 lines
Diff to previous 1.15 (colored)
Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jan 21 10:05:09 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.14: +3 -14 lines
Diff to previous 1.14 (colored)
factor out kex_load_hostkey() - this is duplicated in both the client and server implementations for most KEX methods. from markus@ ok djm@
Revision 1.14 / (download) - annotate - [select for diffs], Mon Jan 21 09:55:52 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.13: +1 -12 lines
Diff to previous 1.13 (colored)
save the derived session id in kex_derive_keys() rather than making each kex method implementation do it. from markus@ ok djm@
Revision 1.13 / (download) - annotate - [select for diffs], Sat Jan 19 21:43:56 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
remove last references to active_state with & ok markus@
Revision 1.12 / (download) - annotate - [select for diffs], Thu Dec 27 03:25:25 2018 UTC (5 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored)
move client/server SSH-* banners to buffers under ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@
Revision 1.11 / (download) - annotate - [select for diffs], Wed May 31 04:19:28 2017 UTC (6 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.10: +3 -4 lines
Diff to previous 1.10 (colored)
one more void *ctx => struct ssh *ssh conversion
Revision 1.10 / (download) - annotate - [select for diffs], Fri Dec 4 16:41:28 2015 UTC (8 years, 5 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)
based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt;
with & ok djm@
Revision 1.9 / (download) - annotate - [select for diffs], Mon Apr 27 00:37:53 2015 UTC (9 years ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
Include stdio.h for FILE (used in sshkey.h) so it compiles with OPENSSL=no.
Revision 1.8 / (download) - annotate - [select for diffs], Mon Jan 26 06:10:03 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.7: +5 -3 lines
Diff to previous 1.7 (colored)
correctly match ECDSA subtype (== curve) for offered/recevied host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with different curve type (an extremely unlikely configuration). ok markus, "looks mechanical" deraadt@
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jan 20 07:55:33 2015 UTC (9 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.6: +4 -5 lines
Diff to previous 1.6 (colored)
fix hostkeys in agent; ok markus@
Revision 1.6 / (download) - annotate - [select for diffs], Mon Jan 19 20:16:15 2015 UTC (9 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.5: +82 -51 lines
Diff to previous 1.5 (colored)
adapt kex to sshbuf and struct ssh; ok djm@
Revision 1.5 / (download) - annotate - [select for diffs], Mon Jan 19 19:52:16 2015 UTC (9 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)
update packet.c & isolate, introduce struct ssh a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
Revision 1.4 / (download) - annotate - [select for diffs], Sun Jan 12 08:13:13 2014 UTC (10 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.3: +9 -6 lines
Diff to previous 1.3 (colored)
avoid use of OpenSSL BIGNUM type and functions for KEX with Curve25519 by adding a buffer_put_bignum2_from_string() that stores a string using the bignum encoding rules. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in the future; ok markus@
Revision 1.3 / (download) - annotate - [select for diffs], Thu Jan 9 23:20:00 2014 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
Revision 1.2 / (download) - annotate - [select for diffs], Sat Nov 2 22:02:14 2013 UTC (10 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.1: +1 -0 lines
Diff to previous 1.1 (colored)
add missing $OpenBSD$ tags
Revision 1.1 / (download) - annotate - [select for diffs], Sat Nov 2 21:59:15 2013 UTC (10 years, 6 months ago) by markus
Branch: MAIN
use curve25519 for default key exchange (curve25519-sha256@libssh.org); initial patch from Aris Adamantiadis; ok djm@