1. 20 Jan, 2014 2 commits
  2. 19 Jan, 2014 5 commits
  3. 18 Jan, 2014 4 commits
  4. 17 Jan, 2014 19 commits
  5. 16 Jan, 2014 5 commits
  6. 12 Jan, 2014 2 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2014/01/12 08:13:13 · 91b580e4
      Damien Miller authored
           [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
           [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
           avoid use of OpenSSL BIGNUM type and functions for KEX with
           Curve25519 by adding a buffer_put_bignum2_from_string() that stores
           a string using the bignum encoding rules. Will make it easier to
           build a reduced-feature OpenSSH without OpenSSL in the future;
           ok markus@
      91b580e4
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2014/01/10 05:59:19 · af5d4481
      Damien Miller authored
           [sshd_config]
           the /etc/ssh/ssh_host_ed25519_key is loaded by default too
      af5d4481
  7. 09 Jan, 2014 3 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2014/01/09 23:26:48 · 58cd63bc
      Damien Miller authored
           [sshconnect.c sshd.c]
           ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
           deranged and might make some attacks on KEX easier; ok markus@
      58cd63bc
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2014/01/09 23:20:00 · b3051d01
      Damien Miller authored
           [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
           [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
           [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
           [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
           Introduce digest API and use it to perform all hashing operations
           rather than calling OpenSSL EVP_Digest* directly. Will make it easier
           to build a reduced-feature OpenSSH without OpenSSL in future;
           feedback, ok markus@
      b3051d01
    • Damien Miller's avatar
      - guenther@cvs.openbsd.org 2014/01/09 03:26:00 · e00e413d
      Damien Miller authored
           [sftp-common.c]
           When formating the time for "ls -l"-style output, show dates in the future
           with the year, and rearrange a comparison to avoid a potentional signed
           arithmetic overflow that would give the wrong result.
      
           ok djm@
      e00e413d