summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/dh.c
AgeCommit message (Expand)Author
2019-09-06typo in previousDamien Miller
2019-09-06fixes for !WITH_OPENSSL compilation; ok dtucker@Damien Miller
2018-11-09correct local variable name; from yawang AT microsoft.comDamien Miller
2018-09-17When choosing a prime from the moduli file, avoid re-using theTodd C. Miller
2018-09-13hold our collective noses and use the openssl-1.1.x API in OpenSSH;Damien Miller
2018-08-04invalidate dh->priv_key after freeing it in error path; avoidsDamien Miller
2018-06-26Fix "WARNING: line 6 disappeared in /etc/moduli, giving up" whenTodd C. Miller
2018-06-06switch config file parsing to getline(3) as this avoids static limitsMarkus Friedl
2018-02-07Remove all guards for calls to OpenSSL free functions - all of theseJoel Sing
2016-12-15Fix text in error message. Patch from zev at bewilderbeest.net.Darren Tucker
2016-09-12Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsTheo de Raadt
2016-05-02add support for additional fixed DH groups fromDamien Miller
2016-03-31Remove fallback from moduli to "primes" file that was deprecated in 2001Darren Tucker
2016-02-28rearrange DH public value tests to be a little more clearDamien Miller
2015-05-27Add a stronger (4k bit) fallback group that sshd can use when the moduliDarren Tucker
2015-03-26relax bits needed check to allow diffie-hellman-group1-sha1 keyDamien Miller
2015-01-20Reduce use of <sys/param.h> and transition to <limits.h> throughout.Theo de Raadt
2015-01-19adapt kex to sshbuf and struct ssh; ok djm@Markus Friedl
2013-11-21Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com"Damien Miller
2013-10-08Increase the size of the Diffie-Hellman groups requested for a each symmetricDarren Tucker
2013-07-02remove extra whitespaceMarkus Friedl
2013-06-21sprinkle in some error() to explain moduli(5) parse failuresDamien Miller
2011-12-07fix some harmless and/or unreachable int overflows;Damien Miller
2009-10-01fix a castAlexander von Gernler
2008-06-26when loading moduli from /etc/moduli in sshd(8), check that theyDamien Miller
2008-04-13Use arc4random_buf() when requesting more than a single word of outputDamien Miller
2007-09-27Don't return -1 on error in dh_pub_is_valid(), since it evaluatesRay Lai
2006-11-07BN_hex2bn returns int; from dtucker@Markus Friedl
2006-11-06add missing checks for openssl return codes; with & ok djm@Markus Friedl
2006-08-03almost entirely get rid of the culture of ".h files that include .h files"Theo de Raadt
2006-08-01move #include <stdio.h> out of includes.hKevin Steves
2006-07-26move #include <stdlib.h> out of includes.hKevin Steves
2006-07-26move #include <sys/param.h> out of includes.hKevin Steves
2006-07-22move #include <string.h> out of includes.hKevin Steves
2006-07-18remove unneeded includes; ok djm@Kevin Steves
2006-05-04tighter DH exponent checks here too; feedback and ok markus@Damien Miller
2006-03-27use strtonum() instead of atoi(), limit dhg size to 64k; ok djmTheo de Raadt
2006-03-25Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatDamien Miller
2006-03-19RCSID() can dieTheo de Raadt
2006-03-19potential NULL pointer dereferences detected by CoverityDamien Miller
2004-08-04return group14 when no primes found - fixes hang on empty /etc/moduli;Damien Miller
2004-06-13implement diffie-hellman-group14-sha1 kex method (trivial extension toDamien Miller
2004-02-27Reset bit counter at the right time, fixes debug output in the case whereDarren Tucker
2004-02-27Make /etc/moduli line buffer big enough for 8kbit primes, in case anyoneDarren Tucker
2004-02-27Prevent sshd from sending DH groups with a primitive generator of zero orDarren Tucker
2003-12-16use <= instead of < in dh_estimate; ok provos/hshoexer; do not return < DH_GR...Markus Friedl
2003-09-18A few signedness fixes for harmless situations; markus@ okMiod Vallat
2003-04-08rename log() into logit() to avoid name conflict. markus ok, from netbsdJun-ichiro itojun Hagino
2002-11-21debug->debug2Markus Friedl
2002-06-27more checks for NULL pointers; from grendel@zeitbombe.org; ok deraadt@Markus Friedl