| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-06-24 | cat to (void) when output from buffer_get_X is ignored | Markus Friedl | |
| 2002-05-15 | 'monitor' variable clashes with at least one lame platform (NeXT). Renamed | mouring | |
| to 'pmonitor'. provos@ | |||
| 2002-03-26 | generate a new cookie for each SSH2_MSG_KEXINIT message we send out | Markus Friedl | |
| 2002-03-18 | integrate privilege separated openssh; its turned off by default for now. | Niels Provos | |
| work done by me and markus@ | |||
| 2002-02-28 | add some const EVP_MD for openssl-0.9.7 | Markus Friedl | |
| 2002-02-23 | don't allow garbage after payload. | Markus Friedl | |
| 2002-02-14 | hide some more implementation details of cipher.[ch] and prepares for move | Markus Friedl | |
| to EVP, ok deraadt@ | |||
| 2002-02-11 | restore kexinit handler if we reset the dispatcher, this unbreaks rekeying | Markus Friedl | |
| s/kex_clear_dispatch/kex_reset_dispatch/ | |||
| 2002-01-25 | use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@ | Markus Friedl | |
| 2002-01-11 | a single dispatch_protocol_error() that sends a message of type 'UNIMPLEMENTED' | Markus Friedl | |
| dispatch_range(): set handler for a ranges message types use dispatch_protocol_ignore() for authentication requests after successful authentication (the drafts requirement). serverloop/clientloop now send a 'UNIMPLEMENTED' message instead of exiting. | |||
| 2001-12-28 | remove plen from the dispatch fn. it's no longer used. | Markus Friedl | |
| 2001-12-28 | packet_read* no longer return the packet length, since it's not used. | Markus Friedl | |
| 2001-12-28 | s/packet_done/packet_check_eom/ (end-of-message); ok djm@ | Markus Friedl | |
| 2001-12-20 | Conformance fix: we should send failing packet sequence number when | Damien Miller | |
| responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@ | |||
| 2001-12-05 | minor KNF | Theo de Raadt | |
| 2001-06-25 | update copyright for 2001 | Markus Friedl | |
| 2001-06-23 | more strict prototypes. raise warning level in Makefile.inc. markus ok'ed | Jun-ichiro itojun Hagino | |
| TODO; cleanup headers | |||
| 2001-04-30 | allow interop with weaker key generation used by ssh-2.0.x, x < 10 | Markus Friedl | |
| 2001-04-05 | fix whitespace: unexpand + trailing spaces. | Markus Friedl | |
| 2001-04-04 | clear+free keys,iv for rekeying. | Markus Friedl | |
| + fix DH mem leaks. ok niels@ | |||
| 2001-04-04 | parse full kexinit packet. | Markus Friedl | |
| make server-side more robust, too. | |||
| 2001-04-04 | more robust rekeying | Markus Friedl | |
| don't send channel data after rekeying is started. | |||
| 2001-04-04 | enable server side rekeying + some rekey related clientup. | Markus Friedl | |
| todo: we should not send any non-KEX messages after we send KEXINIT | |||
| 2001-04-04 | don't sent multiple kexinit-requests. | Markus Friedl | |
| send newkeys, block while waiting for newkeys. fix comments. | |||
| 2001-04-03 | undo parts of recent my changes: main part of keyexchange does not | Markus Friedl | |
| need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying. | |||
| 2001-04-03 | move kex to kex*.c, used dispatch_set() callbacks for kex. should | Markus Friedl | |
| make rekeying easier. | |||
| 2001-03-29 | prepare for rekeying: move DH code to dh.c | Markus Friedl | |
| 2001-03-28 | forgot to include min and max params in hash, okay markus@ | Niels Provos | |
| 2001-03-10 | add PreferredAuthentications | Markus Friedl | |
| 2001-03-05 | generate a 2*need size (~300 instead of 1024/2048) random private | Markus Friedl | |
| exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343. | |||
| 2001-02-11 | 1) clean up the MAC support for SSH-2 | Markus Friedl | |
| 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@ | |||
| 2001-02-08 | sync with netbsd tree changes. | Jun-ichiro itojun Hagino | |
| - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long | |||
| 2001-02-04 | unexpand and remove end-of-line whitespace; ok markus@ | Kevin Steves | |
| 2001-01-21 | split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. | Markus Friedl | |
| rename util.[ch] -> misc.[ch] | |||
| 2001-01-08 | missing free; thanks stevesk@pobox.com | Markus Friedl | |
| 2000-12-20 | fix prototypes; from stevesk@pobox.com | Markus Friedl | |
| 2000-12-19 | replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' | Markus Friedl | |
| with u_char. | |||
| 2000-12-15 | compute diffie-hellman in parallel between server and client. okay markus@ | Niels Provos | |
| 2000-11-12 | add support for RSA to SSH2. please test. | Markus Friedl | |
| there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication. | |||
| 2000-10-11 | new cipher framework | Markus Friedl | |
| 2000-10-11 | First rough implementation of the diffie-hellman group exchange. The | Niels Provos | |
| client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company. | |||
| 2000-09-07 | cleanup copyright notices on all files. I have attempted to be accurate with | Theo de Raadt | |
| the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate. | |||
| 2000-07-10 | strtok() --> strsep(). (niels@ ok) | Hakan Olsson | |
| 2000-06-20 | OpenBSD tag | Markus Friedl | |
| 2000-05-25 | split kexinit/kexdh, factor out common code | Markus Friedl | |
| 2000-05-08 | bug compat w/ ssh-2.0.13 x11, split out bugs | Markus Friedl | |
| 2000-04-14 | whitespace cleanup | Markus Friedl | |
| 2000-04-12 | #include <ssl/foo.h> -> <openssh/foo.h> | Markus Friedl | |
| 2000-04-12 | check for reasonable public DH values | Markus Friedl | |
| 2000-04-12 | less debugging output | Markus Friedl | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |