summaryrefslogtreecommitdiff
path: root/kex.c
AgeCommit message (Collapse)Author
2006-03-16 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on oldDamien Miller
OpenSSL; ok tim
2006-03-15 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] DisableTim Rice
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
2006-03-15 - (djm) [configure.ac defines.h kex.c md-sha256.c]Damien Miller
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present
2006-03-15 - djm@cvs.openbsd.org 2006/03/07 09:07:40Damien Miller
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet
2005-11-05 - djm@cvs.openbsd.org 2005/11/04 05:15:59Damien Miller
[kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c] remove hardcoded hash lengths in key exchange code, allowing implementation of KEX methods with different hashes (e.g. SHA-256); ok markus@ dtucker@ stevesk@
2005-07-26 - markus@cvs.openbsd.org 2005/07/25 11:59:40Damien Miller
[kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c] [sshconnect2.c sshd.c sshd_config sshd_config.5] add a new compression method that delays compression until the user has been authenticated successfully and set compression to 'delayed' for sshd. this breaks older openssh clients (< 3.5) if they insist on compression, so you have to re-enable compression in sshd_config. ok djm@
2005-07-17 - djm@cvs.openbsd.org 2005/07/17 07:17:55Damien Miller
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 - djm@cvs.openbsd.org 2005/07/16 01:35:24Damien Miller
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c] [sshconnect.c] spacing
2005-06-17 - djm@cvs.openbsd.org 2005/06/17 02:44:33Damien Miller
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] make this -Wsign-compare clean; ok avsm@ markus@ NB. auth1.c changes not committed yet (conflicts with uncommitted sync) NB2. more work may be needed to make portable Wsign-compare clean
2004-06-22 - avsm@cvs.openbsd.org 2004/06/21 17:36:31Darren Tucker
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c sshpty.c] make ssh -Wshadow clean, no functional changes markus@ ok There are also some portable-specific -Wshadow warnings to be fixed in monitor.c and montior_wrap.c.
2004-06-15 - djm@cvs.openbsd.org 2004/06/13 12:53:24Damien Miller
[dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h] [ssh-keyscan.c sshconnect2.c sshd.c] implement diffie-hellman-group14-sha1 kex method (trivial extension to existing diffie-hellman-group1-sha1); ok markus@
2004-05-13 - djm@cvs.openbsd.org 2004/05/09 01:26:48Darren Tucker
[kex.c] don't overwrite what we are trying to compute
2004-05-13 - djm@cvs.openbsd.org 2004/05/09 01:19:28Darren Tucker
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c sshd.c] removed: mpaux.c mpaux.h kill some more tiny files; ok deraadt@
2003-11-21 - djm@cvs.openbsd.org 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:31:26Damien Miller
[compat.c compat.h kex.c] bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; tested by ho@ and myself
2003-02-24 - markus@cvs.openbsd.org 2003/02/16 17:09:57Damien Miller
[kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c] split kex into client and server code, no need to link server code into the client; ok provos@
2003-02-24 - markus@cvs.openbsd.org 2003/02/02 10:56:08Damien Miller
[kex.c] add support for key exchange guesses; based on work by avraham.fraenkel@commatch.com; fixes bug #148; ok deraadt@
2002-12-23 - markus@cvs.openbsd.org 2002/11/21 22:45:31Ben Lindstrom
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c] debug->debug2, unify debug messages
2002-06-25 - markus@cvs.openbsd.org 2002/06/24 14:55:38Ben Lindstrom
[authfile.c kex.c ssh-agent.c] cat to (void) when output from buffer_get_X is ignored
2002-05-15 - mouring@cvs.openbsd.org 2002/05/15 15:47:49Ben Lindstrom
[kex.c monitor.c monitor_wrap.c sshd.c] 'monitor' variable clashes with at least one lame platform (NeXT). i Renamed to 'pmonitor'. provos@ - (bal) Fixed up PAM case. I think.
2002-03-27 - markus@cvs.openbsd.org 2002/03/26 23:14:51Ben Lindstrom
[kex.c] generate a new cookie for each SSH2_MSG_KEXINIT message we send out
2002-03-22 - provos@cvs.openbsd.org 2002/03/18 17:50:31Ben Lindstrom
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-03-13Stupid djm commits experimental code to head instead of branchDamien Miller
revert
2002-03-13Import of Niels Provos' 20020312 ssh-complete.diffDamien Miller
PAM, Cygwin and OSF SIA will not work for sure
2002-03-05 - markus@cvs.openbsd.org 2002/02/28 15:46:33Ben Lindstrom
[authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c] add some const EVP_MD for openssl-0.9.7
2002-02-26 - markus@cvs.openbsd.org 2002/02/23 17:59:02Ben Lindstrom
[kex.c kexdh.c kexgex.c] don't allow garbage after payload.
2002-02-19 - markus@cvs.openbsd.org 2002/02/14 23:41:01Damien Miller
[authfile.c cipher.c cipher.h kex.c kex.h packet.c] hide some more implementation details of cipher.[ch] and prepares for move to EVP, ok deraadt@
2002-02-13 - markus@cvs.openbsd.org 2002/02/11 16:10:15Damien Miller
[kex.c] restore kexinit handler if we reset the dispatcher, this unbreaks rekeying s/kex_clear_dispatch/kex_reset_dispatch/
2002-02-05 - markus@cvs.openbsd.org 2002/01/25 22:07:40Damien Miller
[kex.c kexdh.c kexgex.c key.c mac.c] use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
2002-01-22 - markus@cvs.openbsd.org 2002/01/11 13:39:36Damien Miller
[auth2.c dispatch.c dispatch.h kex.c] a single dispatch_protocol_error() that sends a message of type 'UNIMPLEMENTED' dispatch_range(): set handler for a ranges message types use dispatch_protocol_ignore() for authentication requests after successful authentication (the drafts requirement). serverloop/clientloop now send a 'UNIMPLEMENTED' message instead of exiting.
2002-01-22 - markus@cvs.openbsd.org 2001/12/28 15:06:00Damien Miller
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c] remove plen from the dispatch fn. it's no longer used.
2002-01-22 - markus@cvs.openbsd.org 2001/12/28 14:50:54Damien Miller
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c] packet_read* no longer return the packet length, since it's not used.
2002-01-22 - markus@cvs.openbsd.org 2001/12/27 20:39:58Damien Miller
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead.
2001-12-21 - djm@cvs.openbsd.org 2001/12/20 22:50:24Damien Miller
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] [sshconnect2.c] Conformance fix: we should send failing packet sequence number when responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
2001-07-04 - markus@cvs.openbsd.org 2001/06/25 08:25:41Ben Lindstrom
[channels.c channels.h cipher.c clientloop.c compat.c compat.h hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] update copyright for 2001
2001-06-25 - itojun@cvs.openbsd.org 2001/06/23 15:12:20Ben Lindstrom
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
2001-04-30 - markus@cvs.openbsd.org 2001/04/30 15:50:46Ben Lindstrom
[compat.c compat.h kex.c] allow interop with weaker key generation used by ssh-2.0.x, x < 10
2001-04-05 - markus@cvs.openbsd.org 2001/04/05 10:42:57Ben Lindstrom
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c sshconnect2.c sshd.c] fix whitespace: unexpand + trailing spaces.
2001-04-05 - markus@cvs.openbsd.org 2001/04/04 23:09:18Ben Lindstrom
[dh.c kex.c packet.c] clear+free keys,iv for rekeying. + fix DH mem leaks. ok niels@
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 22:04:35Ben Lindstrom
[kex.c kexgex.c serverloop.c] parse full kexinit packet. make server-side more robust, too.
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 20:25:38Ben Lindstrom
[channels.c channels.h clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] more robust rekeying don't send channel data after rekeying is started.
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 14:34:58Ben Lindstrom
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c] enable server side rekeying + some rekey related clientup. todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04 - markus@cvs.openbsd.org 2001/04/04 09:48:35Ben Lindstrom
[kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c] don't sent multiple kexinit-requests. send newkeys, block while waiting for newkeys. fix comments.
2001-04-04 - markus@cvs.openbsd.org 2001/04/03 23:32:12Ben Lindstrom
[kex.c kex.h packet.c sshconnect2.c sshd.c] undo parts of recent my changes: main part of keyexchange does not need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
2001-04-04 - markus@cvs.openbsd.org 2001/04/03 19:53:29Ben Lindstrom
[dh.c dh.h kex.c kex.h sshconnect2.c sshd.c] move kex to kex*.c, used dispatch_set() callbacks for kex. should make rekeying easier.
2001-03-30 - OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2001/03/29 21:17:40 [dh.c dh.h kex.c kex.h] prepare for rekeying: move DH code to dh.c
2001-03-30 - (djm) OpenBSD CVS SyncDamien Miller
- provos@cvs.openbsd.org 2001/03/28 21:59:41 [kex.c kex.h sshconnect2.c sshd.c] forgot to include min and max params in hash, okay markus@
2001-03-11 - markus@cvs.openbsd.org 2001/03/10 17:51:04Ben Lindstrom
[kex.c match.c match.h readconf.c readconf.h sshconnect2.c] add PreferredAuthentications
2001-03-06 - markus@cvs.openbsd.org 2001/03/05 17:17:21Ben Lindstrom
[kex.c kex.h sshconnect2.c sshd.c] generate a 2*need size (~300 instead of 1024/2048) random private exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.