summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/kex.h
AgeCommit message (Expand)Author
2024-09-02Add experimental support for hybrid post-quantum key exchangeDamien Miller
2024-08-23As defined in the RFC, the SSH protocol has negotiable compression supportTheo de Raadt
2024-08-22sntrup761x25519-sha512 now has an IANA codepoint assigned,Damien Miller
2024-05-17Start the process of splitting sshd into separate binaries. This stepDamien Miller
2024-02-02whitespaceDamien Miller
2023-12-18add "ext-info-in-auth@openssh.com" extensionDamien Miller
2023-12-18implement "strict key exchange" in ssh and sshdDamien Miller
2023-08-28Introduce a transport-level ping facilityDamien Miller
2023-03-06Refactor creation of KEX proposal.Darren Tucker
2022-01-06Fix signature algorithm selection logic for UpdateHostkeys on theDamien Miller
2021-12-19client side of host-bound pubkey authenticationDamien Miller
2021-12-19Record session ID, host key and sig at intital KEXDamien Miller
2021-01-31more strictly enforce KEX state-machine by banning packet typesDamien Miller
2021-01-27make ssh->kex->session_id a sshbuf instead of u_char*/size_t andDamien Miller
2020-12-29Update/replace the experimental post-quantim hybrid key exchangeDamien Miller
2020-10-07revert kex->flags cert hostkey downgrade back to a plain keyDamien Miller
2020-10-03record when the host key checking code downgrades a certificate hostDamien Miller
2019-09-06fixes for !WITH_OPENSSL compilation; ok dtucker@Damien Miller
2019-09-06remove leakmalloc reference; we used this early when refactoring butDamien Miller
2019-01-23pass most arguments to the KEX hash functions as sshbuf ratherDamien Miller
2019-01-21rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamedDamien Miller
2019-01-21merge kexkem[cs] into kexgenDamien Miller
2019-01-21pass values used in KEX hash computation as sshbuf rather thanDamien Miller
2019-01-21remove kex_derive_keys_bn wrapper; no unused since the DH-like KEXDamien Miller
2019-01-21use KEM API for vanilla ECDHDamien Miller
2019-01-21use KEM API for vanilla DH KEXDamien Miller
2019-01-21use KEM API for vanilla c25519 KEXDamien Miller
2019-01-21Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.orgDamien Miller
2019-01-21factor out kex_verify_hostkey() - again, duplicated almost exactlyDamien Miller
2019-01-21factor out kex_load_hostkey() - this is duplicated in both the client andDamien Miller
2019-01-21factor out kex_dh_compute_key() - it's shared between plain DH KEX andDamien Miller
2019-01-21factor out DH keygen; it's identical between the client and the serverDamien Miller
2019-01-19remove last references to active_stateDamien Miller
2018-12-27move client/server SSH-* banners to buffers under ssh->kex and factorDamien Miller
2018-12-07only consider the ext-info-c extension during the initial KEX. It shouldn'tDamien Miller
2018-07-11remove legacy key emulation layer; ok djm@Markus Friedl
2018-07-10re-remove some pre-auth compression bitsStefan Fritsch
2018-07-09remove legacy buffer API emulation layer; ok djm@Markus Friedl
2018-07-09Revert previous two commitsStefan Fritsch
2018-07-06Rename COMP_DELAYED to COMP_ZLIBStefan Fritsch
2018-07-06Remove leftovers from pre-authentication compressionStefan Fritsch
2018-07-04repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work -Damien Miller
2018-07-03Improve strictness and control over RSA-SHA2 signature types:Damien Miller
2017-05-30protocol handlers all get struct ssh passed; ok djm@Markus Friedl
2017-05-03remove miscellaneous SSH1 leftovers; ok markus@Christian Weisgerber
2016-09-28put back some pre-auth zlib bits that I shouldn't have removed -Damien Miller
2016-09-28restore pre-auth compression support in the client -- the previousDamien Miller
2016-09-22missing bit from previous commitDamien Miller
2016-05-02add support for additional fixed DH groups fromDamien Miller
2016-05-02fix signed/unsigned errors reported by clang-3.7; addDamien Miller
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-01 19:15:27 +0000