Commit Graph

82 Commits

Author SHA1 Message Date
Darren Tucker
129d0bb6a6 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac
openbsd-compat/openssl-compat.h] Check for and work around broken AES
   ciphers >128bit on (some) Solaris 10 systems.  ok djm@
2005-12-19 17:40:40 +11:00
Damien Miller
46d38de48b - djm@cvs.openbsd.org 2005/07/16 01:35:24
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
2005-07-17 17:02:09 +10:00
Darren Tucker
f0bd352429 - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h
openbsd-compat/openssl-compat.c] only include openssl compat stuff where
   it's needed as it can cause conflicts elsewhere (eg xcrypt.c).  Found by
   and ok tim@
----------------------------------------------------------------------
automatically CVS: CVS: Committing in .  CVS: CVS: Modified Files:
----------------------------------------------------------------------
2005-06-17 21:15:20 +10:00
Damien Miller
eccb9de72a - djm@cvs.openbsd.org 2005/06/17 02:44:33
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@ markus@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
Damien Miller
46f55d3665 - dtucker@cvs.openbsd.org 2005/06/09 13:43:49
[cipher.c]
     Correctly initialize end of array sentinel; ok djm@
     (Id sync only, change already in portable)
2005-06-16 13:21:17 +10:00
Darren Tucker
a55ec77013 - (dtucker) [cipher.c openbsd-compat/Makefile.in
openbsd-compat/openbsd-compat.{c,h} openbsd-compat/openssl-compat.h]
   Move compatibility code for supporting older OpenSSL versions to the
   compat layer.  Suggested by and "no objection" djm@
2005-06-09 21:45:10 +10:00
Damien Miller
3710f278ae - djm@cvs.openbsd.org 2005/05/23 23:32:46
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
     add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
     ok markus@
2005-05-26 12:19:17 +10:00
Darren Tucker
660db78af2 - djm@cvs.openbsd.org 2005/01/23 10:18:12
[cipher.c]
     config option "Ciphers" should be case-sensitive; ok dtucker@
2005-01-24 21:57:11 +11:00
Darren Tucker
d231186fd0 - djm@cvs.openbsd.org 2004/12/22 02:13:19
[cipher-ctr.c cipher.c]
     remove fallback AES support for old OpenSSL, as OpenBSD has had it for
     many years now; ok deraadt@
     (Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 13:27:56 +11:00
Darren Tucker
5cb30ad2ec - markus@cvs.openbsd.org 2004/07/28 09:40:29
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
     sshconnect1.c]
     more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
Darren Tucker
fc9597034b - deraadt@cvs.openbsd.org 2004/07/11 17:48:47
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
2004-07-17 16:12:08 +10:00
Darren Tucker
e5a604fdd4 - (dtucker) [cipher.c] encrypt->do_encrypt inside SSH_OLD_EVP to match
-Wshadow change.
2004-06-23 12:28:31 +10:00
Darren Tucker
3f9fdc7121 - avsm@cvs.openbsd.org 2004/06/21 17:36:31
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Darren Tucker
693f8a8aae - (dtucker) [cipher.c] enable AES counter modes with OpenSSL 0.9.5.
ok djm@, markus@
2004-02-07 12:29:39 +11:00
Darren Tucker
6977fe742b - (dtucker) [cipher-acss.c cipher.c] Enable acss only if building with
OpenSSL >= 0.9.7.  ok djm@
2004-02-06 15:26:10 +11:00
Damien Miller
b2d1c2b3b8 - hshoexer@cvs.openbsd.org 2004/01/23 19:26:33
[cipher.c]
     rename acss@opebsd.org to acss@openssh.org
     ok deraadt@
2004-01-27 21:20:59 +11:00
Damien Miller
4f0fe684da - (djm) OpenBSD CVS Sync
- hshoexer@cvs.openbsd.org 2004/01/23 17:06:03
     [cipher.c]
     enable acss for ssh
     ok deraadt@ markus@
 - (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS
   if libcrypto lacks it
2004-01-27 21:19:21 +11:00
Damien Miller
f58b58ced1 - jakob@cvs.openbsd.org 2003/11/10 16:23:41
[bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
     [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
     [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
     constify. ok markus@ & djm@
2003-11-17 21:18:23 +11:00
Damien Miller
5c3a55846a - (djm) Sync with V_3_7 branch:
- (djm) Fix SSH1 challenge kludge
   - (djm) Bug #671: Fix builds on OpenBSD
   - (djm) Bug #676: Fix PAM stack corruption
   - (djm) Fix bad free() in PAM code
   - (djm) Don't call pam_end before pam_init
   - (djm) Enable build with old OpenSSL again
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2003-09-23 22:12:38 +10:00
Damien Miller
f5399c24dc - markus@cvs.openbsd.org 2003/05/17 04:27:52
[cipher.c cipher-ctr.c myproposal.h]
     experimental support for aes-ctr modes from
     http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
     ok djm@
2003-05-18 20:53:59 +10:00
Damien Miller
3a3261ff99 - markus@cvs.openbsd.org 2003/05/15 03:08:29
[cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
     split out custom EVP ciphers
2003-05-15 13:37:19 +10:00
Damien Miller
a201bb3f8a - markus@cvs.openbsd.org 2003/04/12 10:13:57
[cipher.c]
     hide cipher details; ok djm@
2003-05-14 13:41:23 +10:00
Ben Lindstrom
064496feaa - markus@cvs.openbsd.org 2002/11/21 22:45:31
[cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
     debug->debug2, unify debug messages
2002-12-23 02:04:22 +00:00
Damien Miller
c34e03e471 - (djm) Bug #138: Make protocol 1 blowfish work with old OpenSSL.
Patch from Robert Halubek <rob@adso.com.pl>
2002-09-10 22:26:17 +10:00
Ben Lindstrom
c491b0def1 - markus@cvs.openbsd.org 2002/07/12 15:50:17
[cipher.c]
     EVP_CIPH_CUSTOM_IV for our own rijndael
2002-07-15 17:52:49 +00:00
Ben Lindstrom
836f0e9d9a - deraadt@cvs.openbsd.org 2002/06/23 03:26:19
[cipher.c key.c]
     KNF
2002-06-23 21:21:30 +00:00
Ben Lindstrom
402c6cc681 - markus@cvs.openbsd.org 2002/06/19 18:01:00
[cipher.c monitor.c monitor_wrap.c packet.c packet.h]
     make the monitor sync the transfer ssh1 session key;
     transfer keycontext only for RC4 (this is still depends on EVP
     implementation details and is broken).
2002-06-21 00:43:42 +00:00
Ben Lindstrom
7d9c38f37a - markus@cvs.openbsd.org 2002/06/04 23:05:49
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
     __FUNCTION__ -> __func__

NOTE: This includes all portable references also.
2002-06-06 21:40:51 +00:00
Ben Lindstrom
f088f4374a - markus@cvs.openbsd.org 2002/05/30 08:07:31
[cipher.c]
     use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
     our own implementation. allow use of AES hardware via libcrypto,
     ok deraadt@
2002-06-06 20:50:07 +00:00
Ben Lindstrom
6a24641365 - markus@cvs.openbsd.org 2002/05/16 22:02:50
[cipher.c kex.h mac.c]
     fix warnings (openssl 0.9.7 requires const)
2002-06-06 19:48:16 +00:00
Ben Lindstrom
8a725a843d - markus@cvs.openbsd.org 2002/04/03 09:26:11
[cipher.c myproposal.h]
     re-add rijndael-cbc@lysator.liu.se for MacSSH; ash@lab.poc.net
2002-04-04 22:10:38 +00:00
Tim Rice
f29a6539c0 [cipher.c] fix problem with OpenBSD sync 2002-03-22 13:27:40 -08:00
Ben Lindstrom
6328ab3989 - markus@cvs.openbsd.org 2002/03/19 10:49:35
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
      sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
      ttymodes.c]
     KNF whitespace
2002-03-22 02:54:23 +00:00
Ben Lindstrom
212facacde - markus@cvs.openbsd.org 2002/03/18 17:13:15
[cipher.c cipher.h]
     export/import cipher states; needed by ssh-privsep
2002-03-22 01:39:44 +00:00
Damien Miller
3a5b023330 Stupid djm commits experimental code to head instead of branch
revert
2002-03-13 13:19:42 +11:00
Damien Miller
646e7cf3d7 Import of Niels Provos' 20020312 ssh-complete.diff
PAM, Cygwin and OSF SIA will not work for sure
2002-03-13 12:47:54 +11:00
Damien Miller
c7375ac466 - (djm) Add Markus' patch for compat wih OpenSSL < 0.9.6.
Known issue: Blowfish for SSH1 does not work
2002-03-11 10:51:17 +11:00
Damien Miller
ff8f94c3e6 - (djm) Revert bits of Markus' OpenSSL compat patch which was accidentally
committed.
2002-03-11 10:48:53 +11:00
Ben Lindstrom
784e234c19 - (bal) Test for IRIX JOBS support at runtime. Patch provided
by David Kaelbling <drk@sgi.com>
2002-03-08 03:50:57 +00:00
Damien Miller
21cf4e0628 - markus@cvs.openbsd.org 2002/02/18 13:05:32
[cipher.c cipher.h]
     switch to EVP, ok djm@ deraadt@
2002-02-19 15:26:42 +11:00
Damien Miller
963f6b25e2 - markus@cvs.openbsd.org 2002/02/14 23:41:01
[authfile.c cipher.c cipher.h kex.c kex.h packet.c]
     hide some more implementation details of cipher.[ch] and prepares for move
     to EVP, ok deraadt@
2002-02-19 15:21:23 +11:00
Damien Miller
914bef437e - markus@cvs.openbsd.org 2002/01/21 22:30:12
[cipher.c compat.c myproposal.h]
     remove "rijndael-*", just use "aes-" since this how rijndael is called
     in the drafts; ok stevesk@
2002-01-22 23:34:35 +11:00
Damien Miller
4a8ed54361 - stevesk@cvs.openbsd.org 2002/01/18 18:14:17
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
     unneeded cast cleanup; ok markus@
2002-01-22 23:33:31 +11:00
Damien Miller
9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Ben Lindstrom
319fc7353c I was promised that this does not need to have endness fix up by Markus.
So I will blindly trust him. =)

   - markus@cvs.openbsd.org 2001/08/23 11:31:59
     [cipher.c cipher.h]
     switch to the optimised AES reference code from
     http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
2001-09-14 02:47:33 +00:00
Ben Lindstrom
4469723325 - markus@cvs.openbsd.org 2001/06/25 08:25:41
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
      hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
      session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
     update copyright for 2001
2001-07-04 03:32:30 +00:00
Ben Lindstrom
bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom
a3828d4812 - markus@cvs.openbsd.org 2001/05/28 22:51:11
[cipher.c cipher.h]
     simpler 3des for ssh1
2001-06-05 20:50:16 +00:00
Kevin Steves
2b725a056a RCSID 2001-02-05 18:16:28 +00:00
Kevin Steves
ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
2001-02-05 12:42:17 +00:00