summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/kex.c
AgeCommit message (Expand)Author
2022-02-01mark const string array contents const too, i.e.Damien Miller
2022-01-06Fix signature algorithm selection logic for UpdateHostkeys on theDamien Miller
2021-12-19EXT_INFO negotiation of hostbound pubkey authDamien Miller
2021-12-19Record session ID, host key and sig at intital KEXDamien Miller
2021-04-03highly polished whitespace, mostly fixing spaces-for-tab and badDamien Miller
2021-01-31more strictly enforce KEX state-machine by banning packet typesDamien Miller
2021-01-27fix leak: was double allocating kex->session_id bufferDamien Miller
2021-01-27make ssh->kex->session_id a sshbuf instead of u_char*/size_t andDamien Miller
2021-01-27remove global variable used to stash compat flags and use theDamien Miller
2020-12-29Update/replace the experimental post-quantim hybrid key exchangeDamien Miller
2020-12-04fix minor memleak of kex->hostkey_alg on rekexDamien Miller
2020-12-04typos: s/hex/kex/ in error messagesDamien Miller
2020-10-18use the new variant log macros instead of prepending __func__ andDamien Miller
2020-07-05some language improvements; ok markusDamien Miller
2020-03-13use sshpkt_fatal() for kex_exchange_identification() errors.Damien Miller
2020-02-26change explicit_bzero();free() to freezero()Jonathan Gray
2020-01-23Make zlib optional. This adds a "ZLIB" build time option that allowsDarren Tucker
2019-10-08Correct type for end-of-list sentinel; fixes initializer warnings onDarren Tucker
2019-09-06Allow prepending a list of algorithms to the default set by startingChristian Weisgerber
2019-09-06better error code for bad arguments; inspired byDamien Miller
2019-09-05sprinkle in some explicit errors here, otherwise the percolate allDamien Miller
2019-09-05only send ext_info for KEX_INITIAL; bz#2929 ok dtuckerDamien Miller
2019-01-21fix reversed arguments to kex_load_hostkey(); manifested as errors inDamien Miller
2019-01-21rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamedDamien Miller
2019-01-21remove kex_derive_keys_bn wrapper; no unused since the DH-like KEXDamien Miller
2019-01-21Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.orgDamien Miller
2019-01-21factor out kex_verify_hostkey() - again, duplicated almost exactlyDamien Miller
2019-01-21factor out kex_load_hostkey() - this is duplicated in both the client andDamien Miller
2019-01-21save the derived session id in kex_derive_keys() rather than making eachDamien Miller
2018-12-27move client/server SSH-* banners to buffers under ssh->kex and factorDamien Miller
2018-12-07only consider the ext-info-c extension during the initial KEX. It shouldn'tDamien Miller
2018-07-09Revert previous two commitsStefan Fritsch
2018-07-06Rename COMP_DELAYED to COMP_ZLIBStefan Fritsch
2018-07-06Remove leftovers from pre-authentication compressionStefan Fritsch
2018-07-04repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work -Damien Miller
2018-07-03Improve strictness and control over RSA-SHA2 signature types:Damien Miller
2018-02-07Remove all guards for calls to OpenSSL free functions - all of theseJoel Sing
2018-01-23Drop compatibility hacks for some ancient SSH implementations, includingDamien Miller
2017-06-13Do not require that unknown EXT_INFO extension values not containDamien Miller
2017-05-30protocol handlers all get struct ssh passed; ok djm@Markus Friedl
2017-04-30unifdef WITH_SSH1Damien Miller
2017-03-15disallow KEXINIT before NEWKEYS; ok djm; report by vegard.nossum at oracle.comMarkus Friedl
2017-03-10fix regression in 7.4 server-sig-algs, where we were accidentallyDamien Miller
2017-03-10Plug some mem leaks mostly on error paths. From jjelen at redhat.comDarren Tucker
2017-02-03support =- for removing methods from algorithms lists, e.g.Damien Miller
2016-10-10Unregister the KEXINIT handler after message has been received.Markus Friedl
2016-09-28put back some pre-auth zlib bits that I shouldn't have removed -Damien Miller
2016-09-28restore pre-auth compression support in the client -- the previousDamien Miller
2016-09-22support plain curve25519-sha256 KEX algorithm now that it isDamien Miller
2016-09-21correctly return errors from kex_send_ext_info(). Fix from Sami FarinDamien Miller