summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2019-01-21upstream: rename kex->kem_client_pub -> kex->client_pub now thatdjm@openbsd.org
2019-01-21upstream: merge kexkem[cs] into kexgendjm@openbsd.org
2019-01-21upstream: pass values used in KEX hash computation as sshbufdjm@openbsd.org
2019-01-21upstream: remove kex_derive_keys_bn wrapper; no unused since thedjm@openbsd.org
2019-01-21upstream: use KEM API for vanilla ECDHdjm@openbsd.org
2019-01-21fixup missing ssherr.hDamien Miller
2019-01-21upstream: use KEM API for vanilla DH KEXdjm@openbsd.org
2019-01-21upstream: use KEM API for vanilla c25519 KEXdjm@openbsd.org
2019-01-21upstream: Add support for a PQC KEX/KEM:djm@openbsd.org
2019-01-21upstream: factor out kex_verify_hostkey() - again, duplicateddjm@openbsd.org
2019-01-21upstream: factor out kex_load_hostkey() - this is duplicated indjm@openbsd.org
2019-01-21upstream: factor out kex_dh_compute_key() - it's shared betweendjm@openbsd.org
2019-01-21upstream: factor out DH keygen; it's identical between the clientdjm@openbsd.org
2019-01-21upstream: save the derived session id in kex_derive_keys() ratherdjm@openbsd.org
2019-01-21upstream: Make sshpkt_get_bignum2() allocate the bignum it isdjm@openbsd.org
2019-01-21upstream: remove obsolete (SSH v.1) sshbuf_get/put_bignum1djm@openbsd.org
2019-01-21upstream: fix all-zero check in kexc25519_shared_keydjm@openbsd.org
2019-01-21upstream: - -T was added to the first synopsis by mistake - sincejmc@openbsd.org
2019-01-21Make --with-rpath take a flag instead of yes/no.Darren Tucker
2019-01-21fix previous testDamien Miller
2019-01-21Wrap ECC static globals in EC_KEY_METHOD_NEW too.Darren Tucker
2019-01-21pass TEST_SSH_SSHPKCS11HELPER to regress testsDamien Miller
2019-01-21make agent-pkcs11 search harder for softhsm2.soDamien Miller
2019-01-21upstream: always print the caller's error message in ossl_error(),djm@openbsd.org
2019-01-21upstream: get the ex_data (pkcs11_key object) back from the keys atdjm@openbsd.org
2019-01-21upstream: GSSAPI code got missed when converting to new packet APIdjm@openbsd.org
2019-01-21Fix -Wunused when compiling PKCS#11 without ECDSADamien Miller
2019-01-21upstream: allow override of ssh-pkcs11-helper binary viadjm@openbsd.org
2019-01-21upstream: adapt agent-pkcs11.sh test to softhsm2 and add supportdjm@openbsd.org
2019-01-21upstream: add "extra:" target to run some extra tests that are notdjm@openbsd.org
2019-01-21upstream: use ECDSA_SIG_set0() instead of poking signature values intodjm@openbsd.org
2019-01-21remove HAVE_DLOPEN that snuck inDamien Miller
2019-01-21conditionalise ECDSA PKCS#11 supportDamien Miller
2019-01-21upstream: we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHODdjm@openbsd.org
2019-01-21upstream: KNF previous; from markus@djm@openbsd.org
2019-01-21upstream: use OpenSSL's RSA reference counting hooks todjm@openbsd.org
2019-01-21upstream: make the PKCS#11 RSA code more like the new PKCS#11djm@openbsd.org
2019-01-21upstream: fix leak of ECDSA pkcs11_key objectsdjm@openbsd.org
2019-01-21upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access ofdjm@openbsd.org
2019-01-21upstream: cleanup PKCS#11 ECDSA pubkey loading: the returneddjm@openbsd.org
2019-01-21upstream: cleanup unnecessary code in ECDSA pkcs#11 signaturedjm@openbsd.org
2019-01-21upstream: cleanup pkcs#11 client code: use sshkey_new in insteaddjm@openbsd.org
2019-01-21upstream: allow override of the pkcs#11 helper binary viadjm@openbsd.org
2019-01-21upstream: add support for ECDSA keys in PKCS#11 tokensdjm@openbsd.org
2019-01-21upstream: add option to test whether keys in an agent are usable,djm@openbsd.org
2019-01-21upstream: Fix BN_is_prime_* calls in SSH, the API returns -1 ontb@openbsd.org
2019-01-21upstream: DH-GEX min value is now specified in RFC8270. ok djm@dtucker@openbsd.org
2019-01-21Check for cc before gcc.Darren Tucker
2019-01-20last bits of old packet API / active_state globalDamien Miller
2019-01-20remove PAM dependencies on old packet APIDamien Miller