summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/lib
AgeCommit message (Expand)Author
2015-01-14avoid BIGNUM in KRL code by using a simple bitmap;Damien Miller
2014-06-24New key API: refactor key-related functions to be more library-like,Damien Miller
2014-04-30UMAC can use our local fallback implementation of AES when OpenSSL isn'tChristian Weisgerber
2014-04-30New buffer API; the first installment of the conversion/replacementDamien Miller
2014-04-29make compiling against OpenSSL optional (make OPENSSL=no);Markus Friedl
2014-04-22comment out the .if (${KERBEROS5:L} block for now, breaks the buildHenning Brauer
2014-01-29remove experimental, never-enabled JPAKE code; ok markus@Damien Miller
2014-01-28rename digest.c to digest-openssl.c and add libc variant; ok djm@Markus Friedl
2014-01-27replace openssl HMAC with an implementation based on our ssh_digest_*Markus Friedl
2014-01-09Introduce digest API and use it to perform all hashing operationsDamien Miller
2013-12-06support ed25519 keys (hostkeys and user identities) using the public domainMarkus Friedl
2013-11-21Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com"Damien Miller
2013-11-02use curve25519 for default key exchange (curve25519-sha256@libssh.org);Markus Friedl
2013-01-17add support for Key Revocation Lists (KRLs). These are a compact way toDamien Miller
2012-12-12use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolledChristian Weisgerber
2012-10-04add umac128 variant; ok djm@ at n2k12Markus Friedl
2012-08-02remove leftover NOLINT, WANTLINT, LINTFLAGS, LOBJ vars and lint targets.Okan Demirmen
2011-04-25linting this library is not helping anythingTheo de Raadt
2010-08-31Implement Elliptic Curve Cryptography modes for key exchange (ECDH) andDamien Miller
2010-02-20unbreak build for NOPIC systems; noticed, help and ok deraadt@Markus Friedl
2010-02-08remove scardMarkus Friedl
2010-02-08replace our obsolete smartcard code with PKCS#11.Markus Friedl
2008-11-04Add support for an experimental zero-knowledge password authenticationDamien Miller
2008-09-06OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need ourDamien Miller
2008-06-10support CIDR address matching in sshd_config "Match address" blocks, withDamien Miller
2007-06-07Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, mustPeter Valchev
2006-05-28build a lint library for us to use aboveTheo de Raadt
2006-04-18Move Buffer bignum functions into their own file, bufbn.c. This means thatDarren Tucker
2006-03-07Implement the diffie-hellman-group-exchange-sha256 key exchange methodDamien Miller
2005-04-09replace tilde_expand_filename with a simpler implementation, ahead of moreDamien Miller
2004-12-22remove fallback AES support for old OpenSSL, as OpenBSD has had it for manyDamien Miller
2004-08-23Use permanently_set_uid() in ssh and ssh-keysign for consistency, matchesDarren Tucker
2004-06-13implement session multiplexing in the client (the server has supported thisDamien Miller
2004-05-09kill it here tooDamien Miller
2003-11-21unexpand and delete whitespace at EOL; ok markus@Damien Miller
2003-09-23replace fatal_cleanup() and linked list of fatal callbacks with staticMarkus Friedl
2003-08-22support GSS API user authentication; patches from Simon Wilkinson,Markus Friedl
2003-05-17experimental support for aes-ctr modes fromMarkus Friedl
2003-05-15split out custom EVP ciphersMarkus Friedl
2003-05-14add experimental support for verifying hos keys using DNS as describedJakob Schlyter
2003-04-09Disable Kerberos 4 support.Hans Insulander
2003-02-21move server only kex and monitor code to sshd.Markus Friedl
2003-02-16split kex into client and server code, no need to linkMarkus Friedl
2003-01-12move progressmeter.c to libssh; ok djm/fgs@Markus Friedl
2002-06-11Make sure kerberosV/kafs.h is picked up if kerberosIV/kafs.h is not removed.Hans Insulander
2002-06-11no longer use uidswap.[ch] from the ssh clientMarkus Friedl
2002-05-23add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentic...Markus Friedl
2002-03-18integrate privilege separated openssh; its turned off by default for now.Niels Provos
2002-03-08tabifyJun-ichiro itojun Hagino
2002-02-22overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@Markus Friedl