ssh_api.c - OpenGrok history log for /openssh-portable/ssh

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
# 9a14c64c	31-Oct-2019	djm@openbsd.org	upstream: Refactor signing - use sshkey_sign for everything, including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() upstream: Refactor signing - use sshkey_sign for everything, including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c show more ...
Revision tags: V_8_1_P1
# b36ee3fc	13-Sep-2019	dtucker@openbsd.org	upstream: Plug mem leaks on error paths, based in part on github pr#120 from David Carlier. ok djm@. OpenBSD-Commit-ID: c57adeb1022a8148fc86e5a88837b3b156dbdb7e
# 670104b9	06-Sep-2019	djm@openbsd.org	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@ OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
# be02d7cb	06-Sep-2019	djm@openbsd.org	upstream: lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2 upstream: lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080 show more ...
Revision tags: V_8_0_P1
# aaca72d6	21-Jan-2019	djm@openbsd.org	upstream: rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to kexgen from markus@ ok djm@ OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8 upstream: rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed to kexgen from markus@ ok djm@ OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8 show more ...
# 92dda34e	21-Jan-2019	djm@openbsd.org	upstream: use KEM API for vanilla ECDH from markus@ ok djm@ OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
# 9c9c97e1	21-Jan-2019	djm@openbsd.org	upstream: use KEM API for vanilla DH KEX from markus@ ok djm@ OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
# 2f6a9ddb	21-Jan-2019	djm@openbsd.org	upstream: use KEM API for vanilla c25519 KEX OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
# dfd59161	21-Jan-2019	djm@openbsd.org	upstream: Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. upstream: Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@ OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7 show more ...
# 04c091fc	19-Jan-2019	djm@openbsd.org	upstream: remove last references to active_state with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
# 0a843d9a	26-Dec-2018	djm@openbsd.org	upstream: move client/server SSH-* banners to buffers under ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be mor upstream: move client/server SSH-* banners to buffers under ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b show more ...
# 42c5ec4b	22-Nov-2018	Damien Miller	refactor libcrypto initialisation Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call t refactor libcrypto initialisation Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev show more ...
# 31b49525	22-Oct-2018	Darren Tucker	Include openssl compatibility. Patch from rosenp at gmail.com via openssh-unix-dev.
Revision tags: V_7_9_P1, V_7_8_P1, V_7_7_P1, V_7_6_P1
# 97f4d308	30-Apr-2017	djm@openbsd.org	upstream commit remove compat20/compat13/compat15 variables ok markus@ Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
Revision tags: V_7_5_P1, V_7_4_P1, V_7_3_P1
# 05164541	04-May-2016	markus@openbsd.org	upstream commit move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
# 0e8eeec8	02-May-2016	djm@openbsd.org	upstream commit add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K upstream commit add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f show more ...
Revision tags: V_7_2_P2, V_7_2_P1, V_7_1_P2
# 76c9fbbe	04-Dec-2015	markus@openbsd.org	upstream commit implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ upstream commit implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309 show more ...
Revision tags: V_7_1_P1, V_7_0_P1, V_6_9_P1, V_6_8_P1
# f2004cd1	22-Feb-2015	Darren Tucker	Repair for non-ECC OpenSSL. Ifdef out the ECC parts when building with an OpenSSL that doesn't have it.
# 773dda25	30-Jan-2015	Damien Miller	repair --without-openssl; broken in refactor
# 523463a3	16-Feb-2015	djm@openbsd.org	upstream commit Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostke upstream commit Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@ show more ...
# 4509b5d4	29-Jan-2015	djm@openbsd.org	upstream commit avoid more fatal/exit in the packet.c paths that ssh-keyscan uses; feedback and "looks good" markus@
# 5104db7c	26-Jan-2015	djm@openbsd.org	upstream commit correctly match ECDSA subtype (== curve) for offered/recevied host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with upstream commit correctly match ECDSA subtype (== curve) for offered/recevied host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with different curve type (an extremely unlikely configuration). ok markus, "looks mechanical" deraadt@ show more ...
# f582f0e9	19-Jan-2015	markus@openbsd.org	upstream commit add experimental api for packet layer; ok djm@
# 97f4d308	30-Apr-2017	djm@openbsd.org	upstream commit remove compat20/compat13/compat15 variables ok markus@ Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
# 05164541	04-May-2016	markus@openbsd.org	upstream commit move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
12