| Age | Commit message (Expand) | Author |
|---|
| 2018-12-27 | move client/server SSH-* banners to buffers under ssh->kex and factor | Damien Miller |
| 2018-12-07 | only consider the ext-info-c extension during the initial KEX. It shouldn't | Damien Miller |
| 2018-07-09 | Revert previous two commits | Stefan Fritsch |
| 2018-07-06 | Rename COMP_DELAYED to COMP_ZLIB | Stefan Fritsch |
| 2018-07-06 | Remove leftovers from pre-authentication compression | Stefan Fritsch |
| 2018-07-04 | repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work - | Damien Miller |
| 2018-07-03 | Improve strictness and control over RSA-SHA2 signature types: | Damien Miller |
| 2018-02-07 | Remove all guards for calls to OpenSSL free functions - all of these | Joel Sing |
| 2018-01-23 | Drop compatibility hacks for some ancient SSH implementations, including | Damien Miller |
| 2017-06-13 | Do not require that unknown EXT_INFO extension values not contain | Damien Miller |
| 2017-05-30 | protocol handlers all get struct ssh passed; ok djm@ | Markus Friedl |
| 2017-04-30 | unifdef WITH_SSH1 | Damien Miller |
| 2017-03-15 | disallow KEXINIT before NEWKEYS; ok djm; report by vegard.nossum at oracle.com | Markus Friedl |
| 2017-03-10 | fix regression in 7.4 server-sig-algs, where we were accidentally | Damien Miller |
| 2017-03-10 | Plug some mem leaks mostly on error paths. From jjelen at redhat.com | Darren Tucker |
| 2017-02-03 | support =- for removing methods from algorithms lists, e.g. | Damien Miller |
| 2016-10-10 | Unregister the KEXINIT handler after message has been received. | Markus Friedl |
| 2016-09-28 | put back some pre-auth zlib bits that I shouldn't have removed - | Damien Miller |
| 2016-09-28 | restore pre-auth compression support in the client -- the previous | Damien Miller |
| 2016-09-22 | support plain curve25519-sha256 KEX algorithm now that it is | Damien Miller |
| 2016-09-21 | correctly return errors from kex_send_ext_info(). Fix from Sami Farin | Damien Miller |
| 2016-09-19 | move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS causes | Markus Friedl |
| 2016-09-12 | list all supported signature algorithms in the server-sig-algs | Damien Miller |
| 2016-09-12 | Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions | Theo de Raadt |
| 2016-09-06 | update ext_info_c every time we receive a kexinit msg; fixes sending of | Markus Friedl |
| 2016-05-02 | add support for additional fixed DH groups from | Damien Miller |
| 2016-02-08 | refactor activation of rekeying | Damien Miller |
| 2016-01-14 | remove roaming support; ok djm@ | Markus Friedl |
| 2015-12-13 | unbreak connections with peers that set first_kex_follows; | Damien Miller |
| 2015-12-10 | Remove NULL-checks before free(). | mmcc |
| 2015-12-04 | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) | Markus Friedl |
| 2015-11-13 | send SSH2_MSG_UNIMPLEMENTED replies to unexpected messages during | Damien Miller |
| 2015-10-13 | free the correct IV length, don't assume it's always the cipher | Damien Miller |
| 2015-08-21 | Improve printing of KEX offers and decisions | Damien Miller |
| 2015-07-30 | Allow ssh_config and sshd_config kex parameters options be prefixed | Damien Miller |
| 2015-07-29 | fix bug in previous; was printing incorrect string for failed | Damien Miller |
| 2015-07-29 | include the peer's offer when logging a failure to negotiate a | Damien Miller |
| 2015-04-17 | don't try to cleanup NULL KEX proposals in kex_prop_free(); | Damien Miller |
| 2015-01-30 | fix ssh protocol 1, spotted by miod@ | Damien Miller |
| 2015-01-26 | correctly match ECDSA subtype (== curve) for offered/recevied | Damien Miller |
| 2015-01-20 | Reduce use of <sys/param.h> and transition to <limits.h> throughout. | Theo de Raadt |
| 2015-01-19 | adapt kex to sshbuf and struct ssh; ok djm@ | Markus Friedl |
| 2015-01-19 | move dispatch to struct ssh; ok djm@ | Markus Friedl |
| 2015-01-19 | update packet.c & isolate, introduce struct ssh | Markus Friedl |
| 2014-04-29 | make compiling against OpenSSL optional (make OPENSSL=no); | Markus Friedl |
| 2014-02-02 | convert memset of potentially-private data to explicit_bzero() | Damien Miller |
| 2014-01-25 | dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) | Markus Friedl |
| 2014-01-25 | Add a special case for the DH group size for 3des-cbc, which has an | Darren Tucker |
| 2014-01-12 | avoid use of OpenSSL BIGNUM type and functions for KEX with | Damien Miller |
| 2014-01-09 | Introduce digest API and use it to perform all hashing operations | Damien Miller |
