diff options
author | Damien Miller <djm@mindrot.org> | 2012-12-12 10:46:31 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-12-12 10:46:31 +1100 |
commit | af43a7ac2d77c57112b48f34c7a72be2adb761bc (patch) | |
tree | 4381616492fbbca62d39c042f16221f681c1d37f /ChangeLog | |
parent | 6a1937eac5da5bdcf33aaa922ce5de0c764e37ed (diff) |
- markus@cvs.openbsd.org 2012/12/11 22:31:18
[PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
[packet.c ssh_config.5 sshd_config.5]
add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
that change the packet format and compute the MAC over the encrypted
message (including the packet size) instead of the plaintext data;
these EtM modes are considered more secure and used by default.
feedback and ok djm@
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -4,6 +4,14 @@ | |||
4 | [monitor.c] | 4 | [monitor.c] |
5 | drain the log messages after receiving the keystate from the unpriv | 5 | drain the log messages after receiving the keystate from the unpriv |
6 | child. otherwise it might block while sending. ok djm@ | 6 | child. otherwise it might block while sending. ok djm@ |
7 | - markus@cvs.openbsd.org 2012/12/11 22:31:18 | ||
8 | [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] | ||
9 | [packet.c ssh_config.5 sshd_config.5] | ||
10 | add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms | ||
11 | that change the packet format and compute the MAC over the encrypted | ||
12 | message (including the packet size) instead of the plaintext data; | ||
13 | these EtM modes are considered more secure and used by default. | ||
14 | feedback and ok djm@ | ||
7 | 15 | ||
8 | 20121207 | 16 | 20121207 |
9 | - (dtucker) OpenBSD CVS Sync | 17 | - (dtucker) OpenBSD CVS Sync |