| Age | Commit message (Collapse) | Author |
|---|
|
[umac.c]
Convert from <sys/endian.h> to the shiney new <endian.h>
ok dtucker@, who also confirmed that -portable handles this already
(ID sync only, includes.h pulls in endian.h if available.)
|
|
[mac.c myproposal.h umac.c]
UMAC can use our local fallback implementation of AES when OpenSSL isn't
available. Glue code straight from Ted Krovetz's original umac.c.
ok markus@
|
|
[misc.c misc.h umac.c]
use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
strict-alignment architectures; reported by and ok stsp@
|
|
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
|
|
[umac.c]
make MAC key, data to be hashed and nonce for final hash const;
checked with -Wcast-qual
|
|
[umac.c]
use a union to ensure correct alignment; ok deraadt
|
|
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
|
|
|
|
|
|
[umac.c]
typo in comment; patch from Michael W. Bombardieri
|
|
reported by cristian.ionescu-idbohrn AT axis.com
|
|
on big endian machines, so ifdef them for little endian only to prevent
unused function warnings.
|
|
[umac.c]
Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
|
|
[umac.c]
use xmalloc() and xfree(); ok markus@ pvalchev@
|
|
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
shared with umac.c. Allows building with OpenSSL 0.9.5 again including
umac support. With tim@ djm@, ok djm.
|
|
fallback to provided bit-swizzing functions
|
|
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
|
