| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-02-16 | split kex into client and server code, no need to link | Markus Friedl | |
| server code into the client; ok provos@ | |||
| 2002-09-09 | signed vs unsigned from -pedantic; ok henning@ | Markus Friedl | |
| 2002-05-16 | fix warnings (openssl 0.9.7 requires const) | Markus Friedl | |
| 2002-03-18 | integrate privilege separated openssh; its turned off by default for now. | Niels Provos | |
| work done by me and markus@ | |||
| 2002-02-14 | hide some more implementation details of cipher.[ch] and prepares for move | Markus Friedl | |
| to EVP, ok deraadt@ | |||
| 2001-12-28 | remove plen from the dispatch fn. it's no longer used. | Markus Friedl | |
| 2001-12-20 | Conformance fix: we should send failing packet sequence number when | Damien Miller | |
| responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@ | |||
| 2001-06-26 | remove comments from .h, since they are cut&paste from the .c files | Markus Friedl | |
| and out of sync | |||
| 2001-06-26 | prototype pedant. not very creative... | Jun-ichiro itojun Hagino | |
| - () -> (void) - no variable names | |||
| 2001-06-25 | update copyright for 2001 | Markus Friedl | |
| 2001-06-23 | get rid of known_hosts2, use it for hostkey lookup, but do not modify. | Markus Friedl | |
| 2001-04-04 | more robust rekeying | Markus Friedl | |
| don't send channel data after rekeying is started. | |||
| 2001-04-04 | enable server side rekeying + some rekey related clientup. | Markus Friedl | |
| todo: we should not send any non-KEX messages after we send KEXINIT | |||
| 2001-04-04 | don't sent multiple kexinit-requests. | Markus Friedl | |
| send newkeys, block while waiting for newkeys. fix comments. | |||
| 2001-04-03 | undo parts of recent my changes: main part of keyexchange does not | Markus Friedl | |
| need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying. | |||
| 2001-04-03 | move kex to kex*.c, used dispatch_set() callbacks for kex. should | Markus Friedl | |
| make rekeying easier. | |||
| 2001-03-29 | prepare for rekeying: move DH code to dh.c | Markus Friedl | |
| 2001-03-28 | forgot to include min and max params in hash, okay markus@ | Niels Provos | |
| 2001-03-05 | generate a 2*need size (~300 instead of 1024/2048) random private | Markus Friedl | |
| exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343. | |||
| 2001-02-11 | 1) clean up the MAC support for SSH-2 | Markus Friedl | |
| 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@ | |||
| 2001-02-04 | unexpand and remove end-of-line whitespace; ok markus@ | Kevin Steves | |
| 2001-01-29 | $OpenBSD$ | Niklas Hallqvist | |
| 2000-12-20 | fix prototypes; from stevesk@pobox.com | Markus Friedl | |
| 2000-12-19 | replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' | Markus Friedl | |
| with u_char. | |||
| 2000-12-15 | compute diffie-hellman in parallel between server and client. okay markus@ | Niels Provos | |
| 2000-11-12 | add support for RSA to SSH2. please test. | Markus Friedl | |
| there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication. | |||
| 2000-10-12 | remove unused | Markus Friedl | |
| 2000-10-11 | new cipher framework | Markus Friedl | |
| 2000-10-11 | First rough implementation of the diffie-hellman group exchange. The | Niels Provos | |
| client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company. | |||
| 2000-09-07 | cleanup copyright notices on all files. I have attempted to be accurate with | Theo de Raadt | |
| the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate. | |||
| 2000-05-25 | split kexinit/kexdh, factor out common code | Markus Friedl | |
| 2000-04-12 | check for reasonable public DH values | Markus Friedl | |
| 2000-04-03 | DSA, keyexchange, algorithm agreement for ssh2 | Markus Friedl | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |