summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/kex.c
AgeCommit message (Expand)Author
2020-10-18use the new variant log macros instead of prepending __func__ andDamien Miller
2020-07-05some language improvements; ok markusDamien Miller
2020-03-13use sshpkt_fatal() for kex_exchange_identification() errors.Damien Miller
2020-02-26change explicit_bzero();free() to freezero()Jonathan Gray
2020-01-23Make zlib optional. This adds a "ZLIB" build time option that allowsDarren Tucker
2019-10-08Correct type for end-of-list sentinel; fixes initializer warnings onDarren Tucker
2019-09-06Allow prepending a list of algorithms to the default set by startingChristian Weisgerber
2019-09-06better error code for bad arguments; inspired byDamien Miller
2019-09-05sprinkle in some explicit errors here, otherwise the percolate allDamien Miller
2019-09-05only send ext_info for KEX_INITIAL; bz#2929 ok dtuckerDamien Miller
2019-01-21fix reversed arguments to kex_load_hostkey(); manifested as errors inDamien Miller
2019-01-21rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamedDamien Miller
2019-01-21remove kex_derive_keys_bn wrapper; no unused since the DH-like KEXDamien Miller
2019-01-21Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.orgDamien Miller
2019-01-21factor out kex_verify_hostkey() - again, duplicated almost exactlyDamien Miller
2019-01-21factor out kex_load_hostkey() - this is duplicated in both the client andDamien Miller
2019-01-21save the derived session id in kex_derive_keys() rather than making eachDamien Miller
2018-12-27move client/server SSH-* banners to buffers under ssh->kex and factorDamien Miller
2018-12-07only consider the ext-info-c extension during the initial KEX. It shouldn'tDamien Miller
2018-07-09Revert previous two commitsStefan Fritsch
2018-07-06Rename COMP_DELAYED to COMP_ZLIBStefan Fritsch
2018-07-06Remove leftovers from pre-authentication compressionStefan Fritsch
2018-07-04repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work -Damien Miller
2018-07-03Improve strictness and control over RSA-SHA2 signature types:Damien Miller
2018-02-07Remove all guards for calls to OpenSSL free functions - all of theseJoel Sing
2018-01-23Drop compatibility hacks for some ancient SSH implementations, includingDamien Miller
2017-06-13Do not require that unknown EXT_INFO extension values not containDamien Miller
2017-05-30protocol handlers all get struct ssh passed; ok djm@Markus Friedl
2017-04-30unifdef WITH_SSH1Damien Miller
2017-03-15disallow KEXINIT before NEWKEYS; ok djm; report by vegard.nossum at oracle.comMarkus Friedl
2017-03-10fix regression in 7.4 server-sig-algs, where we were accidentallyDamien Miller
2017-03-10Plug some mem leaks mostly on error paths. From jjelen at redhat.comDarren Tucker
2017-02-03support =- for removing methods from algorithms lists, e.g.Damien Miller
2016-10-10Unregister the KEXINIT handler after message has been received.Markus Friedl
2016-09-28put back some pre-auth zlib bits that I shouldn't have removed -Damien Miller
2016-09-28restore pre-auth compression support in the client -- the previousDamien Miller
2016-09-22support plain curve25519-sha256 KEX algorithm now that it isDamien Miller
2016-09-21correctly return errors from kex_send_ext_info(). Fix from Sami FarinDamien Miller
2016-09-19move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS causesMarkus Friedl
2016-09-12list all supported signature algorithms in the server-sig-algsDamien Miller
2016-09-12Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsTheo de Raadt
2016-09-06update ext_info_c every time we receive a kexinit msg; fixes sending ofMarkus Friedl
2016-05-02add support for additional fixed DH groups fromDamien Miller
2016-02-08refactor activation of rekeyingDamien Miller
2016-01-14remove roaming support; ok djm@Markus Friedl
2015-12-13unbreak connections with peers that set first_kex_follows;Damien Miller
2015-12-10Remove NULL-checks before free().mmcc
2015-12-04implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)Markus Friedl
2015-11-13send SSH2_MSG_UNIMPLEMENTED replies to unexpected messages duringDamien Miller
2015-10-13free the correct IV length, don't assume it's always the cipherDamien Miller