Age | Commit message (Collapse) | Author |
|
[crypto_api.h]
remove unused defines
|
|
[blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
[ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
Add Authors for the public domain ed25519/nacl code.
see also http://nacl.cr.yp.to/features.html
All of the NaCl software is in the public domain.
and http://ed25519.cr.yp.to/software.html
The Ed25519 software is in the public domain.
|
|
[sshd_config.5]
Use a literal for the default value of KEXAlgorithms. ok deraadt jmc
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
add missing mentions of ed25519; ok djm@
|
|
[ssh-keygen.1]
document -a and -o wrt new key format
|
|
[regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
filesystem before running agent-ptrace.sh; ok dtucker
|
|
Vinschen
|
|
Loganaden Velvindron @ AfriNIC in bz#2179
|
|
|
|
[regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
[regress/cert-userkey.sh regress/keytype.sh]
test ed25519 support; from djm@
|
|
[openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
Linux
|
|
[openbsd-compat/blf.h openbsd-compat/blowfish.c]
[openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
portable.
|
|
|
|
|
|
[key.c]
set k->cert = NULL after freeing it
|
|
[ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
|
|
[sshd.8]
missing comma;
|
|
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
[servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
[ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
[sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
[fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
support ed25519 keys (hostkeys and user identities) using the public
domain ed25519 reference code from SUPERCOP, see
http://ed25519.cr.yp.to/software.html
feedback, help & ok djm@
|
|
[authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
[ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
default; details in PROTOCOL.key; feedback and lots help from djm;
ok djm@
|
|
[authfd.c key.c key.h ssh-agent.c]
move private key (de)serialization to key.c; ok djm
|
|
[ssh-keygen.c]
remove duplicated character ('g') in getopt() string;
document the (few) remaining option characters so we don't have to
rummage next time.
|
|
[sftp-client.c]
fix memory leak in error path in do_readdir(); pointed out by
Loganaden Velvindron @ AfriNIC in bz#2163
|
|
[servconf.c servconf.h]
bz#2161 - fix AuthorizedKeysCommand inside a Match block and
rearrange things so the same error is harder to make next time;
with and ok dtucker@
|
|
-L location for libedit. Patch from Serge van den Boom.
|
|
[sftp-client.c]
bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
AfriNIC
|
|
[cipher.c]
correct bzero of chacha20+poly1305 key context. bz#2177 from
Loganaden Velvindron @ AfriNIC
Also make it a memset for consistency with the rest of cipher.c
|
|
[key.c]
make key_to_blob() return a NULL blob on failure; part of
bz#2175 from Loganaden Velvindron @ AfriNIC
|
|
[ssh-pkcs11-helper.c]
use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
|
|
[PROTOCOL.chacha20poly1305]
typo; from Jon Cave
|
|
[PROTOCOL]
mention curve25519-sha256@libssh.org key exchange algorithm
|
|
[pkcs11.h]
cleanup 1 << 31 idioms. Resurrection of this issue pointed out by
Eitan Adler ok markus for ssh, implies same change in kerberosV
|
|
[ssh.1 ssh.c]
- put -Q in the right place
- Ar was a poor choice for the arguments to -Q. i've chosen an
admittedly equally poor Cm, at least consistent with the rest
of the docs. also no need for multiple instances
- zap a now redundant Nm
- usage() sync
|
|
[ssh.1 ssh.c]
improve -Q usage and such. One usage change is that the option is now
case-sensitive
ok dtucker markus djm
|
|
[ssh_config.5 sshd_config.5]
no need for .Pp before displays;
|
|
[regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
[regress/try-ciphers.sh]
use new "ssh -Q cipher-auth" query to obtain lists of authenticated
encryption ciphers instead of specifying them manually; ensures that
the new chacha20poly1305@openssh.com mode is tested;
ok markus@ and naddy@ as part of the diff to add
chacha20poly1305@openssh.com
|
|
[regress/modpipe.c]
use unsigned long long instead of u_int64_t here to avoid warnings
on some systems portable OpenSSH is built on.
|
|
[regress/krl.sh]
add some reminders for additional tests that I'd like to implement
|
|
[regress/forward-control.sh]
bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
to successfully run this; ok djm@
(ID sync only; our timeouts are already longer)
|
|
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
[chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
[dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
[ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
cipher "chacha20-poly1305@openssh.com" that combines Daniel
Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
authenticated encryption mode.
Inspired by and similar to Adam Langley's proposal for TLS:
http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
but differs in layout used for the MAC calculation and the use of a
second ChaCha20 instance to separately encrypt packet lengths.
Details are in the PROTOCOL.chacha20poly1305 file.
Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
ok markus@ naddy@
|
|
[canohost.c clientloop.c match.c readconf.c sftp.c]
unsigned casts for ctype macros where neccessary
ok guenther millert markus
|
|
[scp.c]
unsigned casts for ctype macros where neccessary
ok guenther millert markus
|
|
[sshd.c]
delay closure of in/out fds until after "Bad protocol version
identification..." message, as get_remote_ipaddr/get_remote_port
require them open.
|
|
[ssh-pkcs11.c]
add missing braces found by pedro
|
|
[bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
[uidswap.c] Include stdlib.h for free() as per the man page.
|
|
querying the ones that are compiled in.
|
|
|
|
|
|
|
|
NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
latter actually works before using it. Fedora (at least) has NID_secp521r1
that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
|
|
[regress/test-exec.sh regress/rekey.sh]
Use smaller test data files to speed up tests. Grow test datafiles
where necessary for a specific test.
|