![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.35 / (download) - annotate - [select for diffs], Fri Sep 6 04:53:27 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
HEAD
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored)
lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly
Revision 1.34 / (download) - annotate - [select for diffs], Mon May 8 22:57:38 2017 UTC (7 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.33: +1 -4 lines
Diff to previous 1.33 (colored)
remove hmac-ripemd160; ok dtucker
Revision 1.33 / (download) - annotate - [select for diffs], Fri Jul 8 03:44:42 2016 UTC (7 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.32: +21 -2 lines
Diff to previous 1.32 (colored)
Improve crypto ordering for Encrypt-then-MAC (EtM) mode MAC algorithms. Previously we were computing the MAC, decrypting the packet and then checking the MAC. This gave rise to the possibility of creating a side-channel oracle in the decryption step, though no such oracle has been identified. This adds a mac_check() function that computes and checks the MAC in one pass, and uses it to advance MAC checking for EtM algorithms to before payload decryption. Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. feedback and ok markus@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Jan 15 18:32:54 2015 UTC (9 years, 4 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.31: +3 -2 lines
Diff to previous 1.31 (colored)
handle UMAC128 initialization like UMAC; ok djm@ markus@
Revision 1.31 / (download) - annotate - [select for diffs], Tue Jan 13 19:31:40 2015 UTC (9 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.30: +47 -47 lines
Diff to previous 1.30 (colored)
adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependencies ok djm@
Revision 1.30 / (download) - annotate - [select for diffs], Wed Apr 30 19:07:48 2014 UTC (10 years ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.29: +1 -15 lines
Diff to previous 1.29 (colored)
UMAC can use our local fallback implementation of AES when OpenSSL isn't available. Glue code straight from Ted Krovetz's original umac.c. ok markus@
Revision 1.29 / (download) - annotate - [select for diffs], Tue Apr 29 18:01:49 2014 UTC (10 years ago) by markus
Branch: MAIN
Changes since 1.28: +17 -2 lines
Diff to previous 1.28 (colored)
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
Revision 1.28 / (download) - annotate - [select for diffs], Fri Feb 7 06:55:54 2014 UTC (10 years, 3 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.27: +5 -6 lines
Diff to previous 1.27 (colored)
remove some logging that makes ssh debugging output very verbose; ok markus
Revision 1.27 / (download) - annotate - [select for diffs], Mon Jan 27 18:58:14 2014 UTC (10 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.26: +41 -42 lines
Diff to previous 1.26 (colored)
replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jan 4 17:50:55 2014 UTC (10 years, 4 months ago) by tedu
Branch: MAIN
Changes since 1.25: +3 -3 lines
Diff to previous 1.25 (colored)
use standard types and formats for size_t like variables. ok dtucker
Revision 1.25 / (download) - annotate - [select for diffs], Thu Nov 7 11:58:27 2013 UTC (10 years, 6 months ago) by dtucker
Branch: MAIN
Changes since 1.24: +4 -4 lines
Diff to previous 1.24 (colored)
Output the effective values of Ciphers, MACs and KexAlgorithms when the default has not been overridden. ok markus@
Revision 1.24 / (download) - annotate - [select for diffs], Mon Jun 3 00:03:18 2013 UTC (10 years, 11 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.23: +11 -8 lines
Diff to previous 1.23 (colored)
force the MAC output to be 64-bit aligned so umac won't see unaligned accesses on strict-alignment architectures. bz#2101, patch from tomas.kuthan at oracle.com, ok djm@
Revision 1.23 / (download) - annotate - [select for diffs], Fri May 17 00:13:13 2013 UTC (11 years ago) by djm
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
bye, bye xfree(); ok markus@
Revision 1.22 / (download) - annotate - [select for diffs], Fri Apr 19 01:06:50 2013 UTC (11 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.21: +41 -19 lines
Diff to previous 1.21 (colored)
add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Dec 11 22:51:45 2012 UTC (11 years, 5 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@
Revision 1.20 / (download) - annotate - [select for diffs], Tue Dec 11 22:31:18 2012 UTC (11 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.19: +27 -12 lines
Diff to previous 1.19 (colored)
add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Oct 4 13:21:50 2012 UTC (11 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.18: +14 -1 lines
Diff to previous 1.18 (colored)
add umac128 variant; ok djm@ at n2k12
Revision 1.18 / (download) - annotate - [select for diffs], Thu Jun 28 05:07:45 2012 UTC (11 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.17: +1 -3 lines
Diff to previous 1.17 (colored)
Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus.
Revision 1.17 / (download) - annotate - [select for diffs], Fri Dec 2 00:43:57 2011 UTC (12 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)
fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before HMAC_init (this change in policy seems insane to me) ok dtucker@
Revision 1.16 / (download) - annotate - [select for diffs], Tue Aug 2 01:22:11 2011 UTC (12 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.15: +5 -1 lines
Diff to previous 1.15 (colored)
Add new SHA256 and SHA512 based HMAC modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt feedback and ok markus@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Jun 13 00:51:47 2008 UTC (15 years, 11 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
upcast another size_t to u_long to match format
Revision 1.14 / (download) - annotate - [select for diffs], Thu Jun 7 19:37:34 2007 UTC (16 years, 11 months ago) by pvalchev
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.13: +80 -27 lines
Diff to previous 1.13 (colored)
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must specify umac-64@openssh.com). Provides about 20% end-to-end speedup compared to hmac-md5. Represents a different approach to message authentication to that of HMAC that may be beneficial if HMAC based on one of its underlying hash algorithms is found to be vulnerable to a new attack. http://www.ietf.org/rfc/rfc4418.txt in conjunction with and OK djm@
Revision 1.13 / (download) - annotate - [select for diffs], Tue Jun 5 06:52:37 2007 UTC (16 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.12: +23 -13 lines
Diff to previous 1.12 (colored)
Preserve MAC ctx between packets, saving 2xhash calls per-packet. Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5 patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm committing at his request)
Revision 1.7.2.1 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:32 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.7: +9 -4 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
upgrade to OpenSSH 4.4
Revision 1.7.4.1 / (download) - annotate - [select for diffs], Sat Sep 30 04:06:50 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_9
Changes since 1.7: +9 -4 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
upgrade to OpenSSH 4.4
Revision 1.12 / (download) - annotate - [select for diffs], Thu Aug 3 03:34:42 2006 UTC (17 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.11: +5 -2 lines
Diff to previous 1.11 (colored)
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
Revision 1.11 / (download) - annotate - [select for diffs], Sat Jul 22 20:48:23 2006 UTC (17 years, 9 months ago) by stevesk
Branch: MAIN
Changes since 1.10: +3 -1 lines
Diff to previous 1.10 (colored)
move #include <string.h> out of includes.h
Revision 1.10 / (download) - annotate - [select for diffs], Thu Mar 30 09:58:15 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
replace {GET,PUT}_XXBIT macros with functionally similar functions,
silencing a heap of lint warnings. also allows them to use
__bounded__ checking which can't be applied to macros; requested
by and feedback from deraadt@
Revision 1.9 / (download) - annotate - [select for diffs], Sat Mar 25 13:17:02 2006 UTC (18 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.8: +1 -0 lines
Diff to previous 1.8 (colored)
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
Revision 1.8 / (download) - annotate - [select for diffs], Sun Mar 19 18:51:18 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.7: +0 -1 lines
Diff to previous 1.7 (colored)
RCSID() can die
Revision 1.6.6.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:02 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.6: +7 -4 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
upgrade to OpenSSH 4.2
Revision 1.6.4.1 / (download) - annotate - [select for diffs], Fri Sep 2 03:45:00 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.6: +7 -4 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
upgrade to OpenSSH 4.2
Revision 1.7 / (download) - annotate - [select for diffs], Fri Jun 17 02:44:32 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_9,
OPENBSD_3_8
Changes since 1.6: +7 -4 lines
Diff to previous 1.6 (colored)
make this -Wsign-compare clean; ok avsm@ markus@
Revision 1.5.4.1 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:15 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.5.6.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:33 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)
upgrade to OpenSSH 3.8
Revision 1.6 / (download) - annotate - [select for diffs], Thu Sep 18 13:02:21 2003 UTC (20 years, 8 months ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_6_BASE,
OPENBSD_3_5_BASE,
OPENBSD_3_5
Branch point for: OPENBSD_3_7,
OPENBSD_3_6
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
A few signedness fixes for harmless situations; markus@ ok
Revision 1.4.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:38 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored) next main 1.5 (colored)
Pull in OpenSSH-3.4
Revision 1.2.4.2 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:17 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.2.4.1: +2 -2 lines
Diff to previous 1.2.4.1 (colored) to branchpoint 1.2 (colored) next main 1.3 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.5 / (download) - annotate - [select for diffs], Thu May 16 22:02:50 2002 UTC (22 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Branch point for: OPENBSD_3_4,
OPENBSD_3_3
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
fix warnings (openssl 0.9.7 requires const)
Revision 1.2.2.1 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:44 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored) next main 1.3 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.1.2.6 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:42 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.1.2.5: +3 -3 lines
Diff to previous 1.1.2.5 (colored) next main 1.2 (colored)
Merge OpenSSH 3.1.
Revision 1.2.4.1 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:46 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jan 25 22:07:40 2002 UTC (22 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
Revision 1.3 / (download) - annotate - [select for diffs], Wed Dec 19 07:18:56 2001 UTC (22 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
basic KNF done while i was looking for something else
Revision 1.1.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:42 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.1.2.4: +0 -0 lines
Diff to previous 1.1.2.4 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.1.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:30 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.1.2.3: +2 -2 lines
Diff to previous 1.1.2.3 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.2 / (download) - annotate - [select for diffs], Thu Apr 5 10:42:51 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_2_9_BASE
Branch point for: OPENBSD_3_0,
OPENBSD_2_9
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
fix whitespace: unexpand + trailing spaces.
Revision 1.1.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:26 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.1.2.2: +0 -0 lines
Diff to previous 1.1.2.2 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.1.4.2 / (download) - annotate - [select for diffs], Wed Mar 21 18:52:51 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.1.4.1: +0 -0 lines
Diff to previous 1.1.4.1 (colored) next main 1.2 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.1.4.1 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:11 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.1.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:19:04 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.1.2.1: +0 -0 lines
Diff to previous 1.1.2.1 (colored)
Pull in OpenSSH-2.5.1
Revision 1.1.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:13:05 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
Pull in OpenSSH 2.5.0
Revision 1.1 / (download) - annotate - [select for diffs], Sun Feb 11 12:59:24 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Branch point for: OPENBSD_2_8,
OPENBSD_2_7
1) clean up the MAC support for SSH-2
2) allow you to specify the MAC with 'ssh -m'
3) or the 'MACs' keyword in ssh(d)_config
4) add hmac-{md5,sha1}-96
ok stevesk@, provos@