aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Expand)AuthorFilesLines
2019-06-13session: OpenSSH is using SHA256 fingerprints nowJakub Jelen1-1/+1
2019-06-13kex: Only advertise allowed signature typesAnderson Toshiyuki Sasaki1-2/+20
2019-06-13server: Send only allowed algorithms in extensionAnderson Toshiyuki Sasaki1-2/+6
2019-06-13pki: Derive correct algorithm identification for certificate authentication w...Jakub Jelen1-13/+28
2019-06-13agent: Use SHA2 signatures also for RSA certificatesJakub Jelen1-1/+1
2019-06-13pki_gcrypt: Do not compare private parts when comparing public keysJakub Jelen1-2/+4
2019-06-13config: Remove bogus trailing newlines in log messagesJakub Jelen1-3/+3
2019-06-13kex: Reformat ssh_kex_get_supported_method()Jakub Jelen1-5/+6
2019-06-13kex: List also certificate types in list of allowed public key algorithmsJakub Jelen1-10/+35
2019-06-12dh: Avoid segmentation fault in GEX if fallback to known moduliAnderson Toshiyuki Sasaki1-4/+12
2019-06-12ssh_known_hosts_get_algorithms: Avoid returning duplicate key types from know...Jakub Jelen1-3/+20
2019-06-12ssh_known_hosts_read_entries: Avoid returning duplicate knownhowst itemsJakub Jelen1-2/+43
2019-06-12kex, pki, server, options: Filter algorithms in FIPS modeAnderson Toshiyuki Sasaki4-14/+135
2019-06-12pki_crypto: Use the new OpenSSL API to read PEM filesJakub Jelen1-100/+65
2019-06-12pki_crypto: Use the new OpenSSL API to write new PKCS#8 PEM filesJakub Jelen1-73/+46
2019-06-12session: Do not use MD5 in FIPS modeAnderson Toshiyuki Sasaki1-2/+21
2019-06-12bind_config: Fail if a known option couldn't be setAnderson Toshiyuki Sasaki1-12/+73
2019-06-12kex: Remove unused codeAnderson Toshiyuki Sasaki1-17/+0
2019-06-12server: Use default methods instead of allAnderson Toshiyuki Sasaki1-2/+2
2019-06-12kex: Make order of preferred signature algorithms consistentAnderson Toshiyuki Sasaki1-3/+3
2019-06-12options: Allow avoiding system-wide configurationAnderson Toshiyuki Sasaki2-9/+28
2019-06-12bind_config: Add support for HostKeyAlgorithmsAnderson Toshiyuki Sasaki1-0/+12
2019-06-12options: Added an option to set server HostKey algorithmsAnderson Toshiyuki Sasaki2-62/+101
2019-06-12bind_config: Add support for PubkeyAcceptedKeyTypesAnderson Toshiyuki Sasaki1-0/+12
2019-06-12options: Add option to set server accepted pubkey typesAnderson Toshiyuki Sasaki4-10/+77
2019-06-12kex, known_hosts: Use new tokens functionsAnderson Toshiyuki Sasaki2-276/+181
2019-06-12token, kex: Add functions to handle tokens listsAnderson Toshiyuki Sasaki3-111/+264
2019-06-12pki: Check if the key is allowed against right listAnderson Toshiyuki Sasaki1-3/+18
2019-06-12knownhosts: Fix use after freeAndreas Schneider1-1/+3
2019-05-28config: Add missing NULL checkAndreas Schneider1-0/+4
2019-05-28gzip: Add missing NULL checkAndreas Schneider1-0/+3
2019-05-28pki: Avoid a null pointer derefrenceAndreas Schneider1-1/+2
2019-05-28pki_crypto: Make sure that we set buf to NULL after free()Andreas Schneider1-2/+2
2019-05-28pki_crypto: Fix a possible null pointer dereferenceAndreas Schneider1-6/+16
2019-05-22sftp: Remove the break statementsraminfp1-2/+0
2019-05-22socket: Use calloc in ssh_socket_new()Anderson Toshiyuki Sasaki1-1/+1
2019-05-22dh-gex: Fix memory leak in DH GEX with OpenSSLAnderson Toshiyuki Sasaki1-0/+6
2019-05-14config: Add support for PubkeyAcceptedKeyTypesAnderson Toshiyuki Sasaki1-0/+1
2019-05-14knownhosts: Handle wildcard ports matches against standard oneJakub Jelen1-4/+21
2019-05-14Reformat ssh_hostport()Jakub Jelen1-7/+13
2019-05-14knownhosts: Ignore OpenSSH markers related to certificatesJakub Jelen1-0/+6
2019-05-14cmake,options: Allow to set global client config fileAnderson Toshiyuki Sasaki1-1/+1
2019-05-13pki: Fail to sign when using wrong hash algorithmAnderson Toshiyuki Sasaki4-10/+161
2019-05-13pki: Remove unused codeAnderson Toshiyuki Sasaki2-177/+2
2019-05-13pki: Use pki_sign_data() and pki_verify_data_signature()Anderson Toshiyuki Sasaki4-376/+38
2019-05-13pki_gcrypt: Added pki_sign_data() and pki_verify_data_signature()Anderson Toshiyuki Sasaki1-0/+207
2019-05-13pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature()Anderson Toshiyuki Sasaki1-0/+154
2019-05-13pki_crypto: Added pki_sign_data() and pki_verify_data_signature()Anderson Toshiyuki Sasaki1-0/+306
2019-05-13pki_crypto: Store ECDSA raw signature in ssh_signatureAnderson Toshiyuki Sasaki1-31/+129
2019-05-13pki_crypto: Store DSA raw signature in ssh_signatureAnderson Toshiyuki Sasaki1-18/+116