![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.11, Wed Jan 29 06:18:35 2014 UTC (10 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.10: +1 -1 lines
FILE REMOVED
remove experimental, never-enabled JPAKE code; ok markus@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jan 29 00:21:41 2014 UTC (10 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.9: +4 -1 lines
Diff to previous 1.9 (colored)
In the experimental, never-enabled JPAKE code: clear returned digest and length in hash_buffer() for error cases; could lead to memory corruption later if EVP_Digest* fails. Pointed out by Mark Dowd
Revision 1.9 / (download) - annotate - [select for diffs], Thu Jan 9 23:20:00 2014 UTC (10 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.8: +24 -33 lines
Diff to previous 1.8 (colored)
Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
Revision 1.5.10.1 / (download) - annotate - [select for diffs], Fri Nov 8 05:52:21 2013 UTC (10 years, 6 months ago) by djm
Branch: OPENBSD_5_3
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)
openssh-6.4 for the 5.3 branch; reminded by deraadt@
Revision 1.7.2.1 / (download) - annotate - [select for diffs], Fri Nov 8 01:33:56 2013 UTC (10 years, 6 months ago) by djm
Branch: OPENBSD_5_4
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
cherrypick commit: date: 2013/11/08 00:39:15; author: djm; state: Exp; lines: +2 -2; use calloc for all structure allocations; from markus@
Revision 1.8 / (download) - annotate - [select for diffs], Fri Nov 8 00:39:15 2013 UTC (10 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
use calloc for all structure allocations; from markus@
Revision 1.7 / (download) - annotate - [select for diffs], Fri May 17 00:13:14 2013 UTC (11 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE
Branch point for: OPENBSD_5_4
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)
bye, bye xfree(); ok markus@
Revision 1.6 / (download) - annotate - [select for diffs], Thu May 16 09:08:41 2013 UTC (11 years ago) by dtucker
Branch: MAIN
Changes since 1.5: +7 -5 lines
Diff to previous 1.5 (colored)
Fix some "unused result" warnings found via clang and -portable. ok markus@
Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 3 23:49:26 2010 UTC (13 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Branch point for: OPENBSD_5_3
Changes since 1.4: +24 -6 lines
Diff to previous 1.4 (colored)
check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao (this code is still disabled, but apprently people are treating it as a reference implementation)
Revision 1.4 / (download) - annotate - [select for diffs], Mon Sep 20 04:50:53 2010 UTC (13 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.3: +9 -1 lines
Diff to previous 1.3 (colored)
check that received values are smaller than the group size in the disabled and unfinished J-PAKE code. avoids catastrophic security failure found by Sebastien Martini
Revision 1.3 / (download) - annotate - [select for diffs], Thu Mar 5 07:18:19 2009 UTC (15 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.2: +306 -68 lines
Diff to previous 1.2 (colored)
refactor the (disabled) Schnorr proof code to make it a little more generally useful
Revision 1.2 / (download) - annotate - [select for diffs], Wed Feb 18 04:31:21 2009 UTC (15 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.1: +4 -2 lines
Diff to previous 1.1 (colored)
signature should hash over the entire group, not just the generator (this is still disabled code)
Revision 1.1 / (download) - annotate - [select for diffs], Tue Nov 4 08:22:13 2008 UTC (15 years, 6 months ago) by djm
Branch: MAIN
Add support for an experimental zero-knowledge password authentication method using the J-PAKE protocol described in F. Hao, P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols, Cambridge, April 2008. This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint. This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc). "just commit it. It isn't too intrusive." deraadt@