#
27a1722d |
| 10-Apr-2018 |
djm <djm@openbsd.org> |
lots of typos in comments/docs. Patch from Karsten Weiss after checking with codespell tool (https://github.com/lucasdemarchi/codespell)
|
#
a6be8e7c |
| 23-Feb-2018 |
markus <markus@openbsd.org> |
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@
show more ...
|
#
1c657780 |
| 10-Feb-2018 |
djm <djm@openbsd.org> |
constify some private key-related functions; based on https://github.com/openssh/openssh-portable/pull/56 by Vincent Brillault
|
#
672fe979 |
| 23-Jan-2018 |
djm <djm@openbsd.org> |
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*.
These versions were all released in or before 2001 and predate the final SSH RFCs. The hack
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*.
These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations.
ok markus@
show more ...
|
#
3671ebbe |
| 01-Jul-2017 |
djm <djm@openbsd.org> |
remove post-SSHv1 removal dead code from rsa.c and merge the remaining bit that it still used into ssh-rsa.c; ok markus
|
#
8705e2e1 |
| 28-Jun-2017 |
djm <djm@openbsd.org> |
Allow ssh-keygen to use a key held in ssh-agent as a CA when signing certificates. bz#2377 ok markus
|
#
d4984305 |
| 05-May-2017 |
naddy <naddy@openbsd.org> |
more simplification and removal of SSHv1-related code; ok djm@
|
#
e24c11f1 |
| 04-May-2017 |
djm <djm@openbsd.org> |
since a couple of people have asked, leave a comment explaining why we retain SSH v.1 support in the "delete all keys from agent" path.
|
#
67cc3a3c |
| 30-Apr-2017 |
djm <djm@openbsd.org> |
unifdef WITH_SSH1 ok markus@
|
#
321f30e3 |
| 04-Dec-2015 |
markus <markus@openbsd.org> |
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@
|
#
0d001bbc |
| 02-Sep-2015 |
jsg <jsg@openbsd.org> |
Fix occurrences of "r = func() != 0" which result in the wrong error codes being returned due to != having higher precedence than =.
ok deraadt@ markus@
|
#
5e456000 |
| 03-Jul-2015 |
djm <djm@openbsd.org> |
delete support for legacy v00 certificates; "sure" markus@ dtucker@
|
#
2e887024 |
| 26-Mar-2015 |
markus <markus@openbsd.org> |
sigp and lenp are not optional in ssh_agent_sign(); ok djm@
|
#
114f5c8d |
| 25-Mar-2015 |
markus <markus@openbsd.org> |
unbreak ssh_agent_sign (lenp vs *lenp)
|
#
5381911f |
| 24-Mar-2015 |
markus <markus@openbsd.org> |
consistent check for NULL as noted by Nicholas Lemonias; ok djm@
|
#
b7e9f6c7 |
| 14-Jan-2015 |
djm <djm@openbsd.org> |
move authfd.c and its tentacles to the new buffer/key API; ok markus@
|
#
12491775 |
| 29-Apr-2014 |
markus <markus@openbsd.org> |
make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
|
#
69881b76 |
| 31-Jan-2014 |
tedu <tedu@openbsd.org> |
replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
|
#
3cc95ad9 |
| 29-Dec-2013 |
djm <djm@openbsd.org> |
allow deletion of ed25519 keys from the agent
|
#
8ffbcf6d |
| 06-Dec-2013 |
markus <markus@openbsd.org> |
support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
|
#
3059183d |
| 06-Dec-2013 |
markus <markus@openbsd.org> |
move private key (de)serialization to key.c; ok djm
|
#
149753fc |
| 08-Nov-2013 |
djm <djm@openbsd.org> |
use calloc for all structure allocations; from markus@
|
#
0d40fefd |
| 17-May-2013 |
djm <djm@openbsd.org> |
bye, bye xfree(); ok markus@
|
#
c769a160 |
| 06-Jul-2011 |
tedu <tedu@openbsd.org> |
bzero the agent address. the kernel was for a while very cranky about these things. evne though that's fixed, always good to initialize memory. ok deraadt djm
|
#
5d60427e |
| 15-May-2011 |
djm <djm@openbsd.org> |
use FD_CLOEXEC consistently; patch from zion AT x96.org
|