summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/kex.h
AgeCommit message (Expand)Author
2020-10-07revert kex->flags cert hostkey downgrade back to a plain keyDamien Miller
2020-10-03record when the host key checking code downgrades a certificate hostDamien Miller
2019-09-06fixes for !WITH_OPENSSL compilation; ok dtucker@Damien Miller
2019-09-06remove leakmalloc reference; we used this early when refactoring butDamien Miller
2019-01-23pass most arguments to the KEX hash functions as sshbuf ratherDamien Miller
2019-01-21rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamedDamien Miller
2019-01-21merge kexkem[cs] into kexgenDamien Miller
2019-01-21pass values used in KEX hash computation as sshbuf rather thanDamien Miller
2019-01-21remove kex_derive_keys_bn wrapper; no unused since the DH-like KEXDamien Miller
2019-01-21use KEM API for vanilla ECDHDamien Miller
2019-01-21use KEM API for vanilla DH KEXDamien Miller
2019-01-21use KEM API for vanilla c25519 KEXDamien Miller
2019-01-21Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.orgDamien Miller
2019-01-21factor out kex_verify_hostkey() - again, duplicated almost exactlyDamien Miller
2019-01-21factor out kex_load_hostkey() - this is duplicated in both the client andDamien Miller
2019-01-21factor out kex_dh_compute_key() - it's shared between plain DH KEX andDamien Miller
2019-01-21factor out DH keygen; it's identical between the client and the serverDamien Miller
2019-01-19remove last references to active_stateDamien Miller
2018-12-27move client/server SSH-* banners to buffers under ssh->kex and factorDamien Miller
2018-12-07only consider the ext-info-c extension during the initial KEX. It shouldn'tDamien Miller
2018-07-11remove legacy key emulation layer; ok djm@Markus Friedl
2018-07-10re-remove some pre-auth compression bitsStefan Fritsch
2018-07-09remove legacy buffer API emulation layer; ok djm@Markus Friedl
2018-07-09Revert previous two commitsStefan Fritsch
2018-07-06Rename COMP_DELAYED to COMP_ZLIBStefan Fritsch
2018-07-06Remove leftovers from pre-authentication compressionStefan Fritsch
2018-07-04repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work -Damien Miller
2018-07-03Improve strictness and control over RSA-SHA2 signature types:Damien Miller
2017-05-30protocol handlers all get struct ssh passed; ok djm@Markus Friedl
2017-05-03remove miscellaneous SSH1 leftovers; ok markus@Christian Weisgerber
2016-09-28put back some pre-auth zlib bits that I shouldn't have removed -Damien Miller
2016-09-28restore pre-auth compression support in the client -- the previousDamien Miller
2016-09-22missing bit from previous commitDamien Miller
2016-05-02add support for additional fixed DH groups fromDamien Miller
2016-05-02fix signed/unsigned errors reported by clang-3.7; addDamien Miller
2016-02-08refactor activation of rekeyingDamien Miller
2016-01-14remove roaming support; ok djm@Markus Friedl
2015-12-04implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)Markus Friedl
2015-07-30Allow ssh_config and sshd_config kex parameters options be prefixedDamien Miller
2015-07-29include the peer's offer when logging a failure to negotiate aDamien Miller
2015-02-16Revise hostkeys@openssh.com hostkey learning extension.Damien Miller
2015-01-26correctly match ECDSA subtype (== curve) for offered/receviedDamien Miller
2015-01-19adapt kex to sshbuf and struct ssh; ok djm@Markus Friedl
2015-01-19move dispatch to struct ssh; ok djm@Markus Friedl
2015-01-19update packet.c & isolate, introduce struct sshMarkus Friedl
2015-01-15sync ssh-keysign, ssh-keygen and some dependencies to the newDamien Miller
2015-01-13adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependenciesMarkus Friedl
2014-05-02revert __bounded change; it causes way more problems for portable thanDamien Miller
2014-03-26use __bounded(...) attribute recently added to sys/cdefs.h instead ofDamien Miller
2014-01-27replace openssl HMAC with an implementation based on our ssh_digest_*Markus Friedl