| #
eba523f0 |
| 03-Apr-2020 |
djm@openbsd.org |
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
part of a larger diff at a2k20
OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
|
| #
d081f017 |
| 12-Mar-2020 |
djm@openbsd.org |
upstream: spelling errors in comments; no code change from
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
|
| #
d5ba1c03 |
| 26-Feb-2020 |
jsg@openbsd.org |
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
show more ...
|
|
Revision tags: V_8_2_P1 |
|
| #
7f8e66fe |
| 23-Jan-2020 |
dtucker@openbsd.org |
upstream: Make zlib optional. This adds a "ZLIB" build time option
that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@
Ope
upstream: Make zlib optional. This adds a "ZLIB" build time option
that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@
OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910
show more ...
|
|
Revision tags: V_8_1_P1 |
|
| #
670104b9 |
| 06-Sep-2019 |
djm@openbsd.org |
upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@
OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
|
|
Revision tags: V_8_0_P1, V_7_9_P1 |
|
| #
48f54b9d |
| 12-Sep-2018 |
Damien Miller |
adapt -portable to OpenSSL 1.1x API
Polyfill missing API with replacement functions extracted from LibreSSL
|
| #
482d23bc |
| 12-Sep-2018 |
djm@openbsd.org |
upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@
OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
|
|
Revision tags: V_7_8_P1 |
|
| #
cec33896 |
| 18-Apr-2018 |
Darren Tucker |
Omit 3des-cbc if OpenSSL built without DES.
Patch from hongxu.jia at windriver.com, ok djm@
|
|
Revision tags: V_7_7_P1 |
|
| #
1b11ea7c |
| 23-Feb-2018 |
markus@openbsd.org |
upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_
upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
show more ...
|
| #
b8bbff3b |
| 12-Feb-2018 |
djm@openbsd.org |
upstream: remove space before tab
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
|
| #
7cd31632 |
| 06-Feb-2018 |
jsing@openbsd.org |
upstream commit
Remove all guards for calls to OpenSSL free functions -
all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards.
Prompted by dtucker@ asking abo
upstream commit
Remove all guards for calls to OpenSSL free functions -
all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards.
Prompted by dtucker@ asking about guards for RSA_free(), when looking at
openssh-portable pr#84 on github.
ok deraadt@ dtucker@
OpenBSD-Commit-ID: 954f1c51b94297d0ae1f749271e184141e0cadae
show more ...
|
| #
41bff4da |
| 02-Nov-2017 |
djm@openbsd.org@openbsd.org |
upstream commit
avoid unused variable warnings for !WITH_OPENSSL; patch from
Marcus Folkesson
OpenBSD-Commit-ID: c01d27a3f907acdc3dd4ea48170fac3ba236d229
|
|
Revision tags: V_7_6_P1 |
|
| #
acaf34fd |
| 07-May-2017 |
djm@openbsd.org |
upstream commit
As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
Upstream-ID: 21f8facdba3fd8da248df6417000867cec6
upstream commit
As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
show more ...
|
| #
0c378ff6 |
| 03-May-2017 |
djm@openbsd.org |
upstream commit
another tentacle: cipher_set_key_string() was only ever
used for SSHv1
Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a
|
| #
e77e1562 |
| 30-Apr-2017 |
djm@openbsd.org |
upstream commit
fixup setting ciphercontext->plaintext (lost in SSHv1 purge),
though it isn't really used for much anymore.
Upstream-ID: 859b8bce84ff4865b32097db5430349d04b9b747
|
| #
cdccebdf |
| 30-Apr-2017 |
djm@openbsd.org |
upstream commit
remove SSHv1 ciphers; ok markus@
Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
|
| #
56912dea |
| 30-Apr-2017 |
djm@openbsd.org |
upstream commit
unifdef WITH_SSH1 ok markus@
Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
|
|
Revision tags: V_7_5_P1, V_7_4_P1 |
|
| #
315d2a4e |
| 27-Oct-2016 |
Damien Miller |
Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
ok dtucker@
|
| #
4706c1d8 |
| 03-Aug-2016 |
djm@openbsd.org |
upstream commit
small refactor of cipher.c: make ciphercontext opaque to
callers feedback and ok markus@
Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
|
|
Revision tags: V_7_3_P1 |
|
| #
832b7443 |
| 15-Jul-2016 |
Damien Miller |
disable ciphers not supported by OpenSSL
bz#2466 ok dtucker@
|
|
Revision tags: V_7_2_P2, V_7_2_P1, V_7_1_P2 |
|
| #
d59ce088 |
| 10-Dec-2015 |
mmcc@openbsd.org |
upstream commit
Remove NULL-checks before free().
ok dtucker@
Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
|
|
Revision tags: V_7_1_P1, V_7_0_P1, V_6_9_P1, V_6_8_P1 |
|
| #
540e8911 |
| 14-Jan-2015 |
djm@openbsd.org |
upstream commit
make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
markus@
|
|
Revision tags: V_6_7_P1 |
|
| #
55731713 |
| 20-Jul-2014 |
Darren Tucker |
- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
|
| #
8668706d |
| 02-Jul-2014 |
Damien Miller |
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
show more ...
|
| #
eae88744 |
| 27-May-2014 |
Damien Miller |
- (djm) [cipher.c] Fix merge botch.
|