summaryrefslogtreecommitdiffstats
path: root/src/dh.c
Commit message (Collapse)AuthorAgeFilesLines
* dh: Fix packing a pointer into the buffer.Andreas Schneider2014-08-251-2/+2
| | | | | | Thanks to Giovanni Panozzo <giovanni@panozzo.it>. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* bignums: detach bignum-related functions from dh.c.Aris Adamantiadis2014-08-061-70/+1
| | | | Reviewed-by: Andreas Schneider <asn@samba.org>
* buffer: adapt dh.c to new ssh_buffer_(un)pack()Aris Adamantiadis2014-08-061-96/+40
| | | | Reviewed-by: Andreas Schneider <asn@samba.org>
* Add logic to support SHA2 HMAC algorithmsDirkjan Bussink2014-04-221-59/+53
| | | | | | BUG: https://red.libssh.org/issues/91 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: server fix for first_kex_packet_followsJon Simons2014-04-221-171/+187
| | | | | | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Patch adjusted from original to ensure that client tests remain passing (ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit' only for the 'server_kex' case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Revert "kex: server fix for first_kex_packet_follows"Andreas Schneider2014-04-151-187/+171
| | | | | | The patch breaks the client with ECDSA. This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
* kex: server fix for first_kex_packet_followsJon Simons2014-04-101-171/+187
| | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* dh: Fix NULL check for p_group14.Rod Vagg2014-01-231-1/+1
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src: Rename buffer_add_data() to ssh_buffer_add_data().Andreas Schneider2014-01-191-11/+11
|
* src: Rename buffer_init to ssh_buffer_init().Andreas Schneider2014-01-191-5/+5
|
* src: Update my mail address.Andreas Schneider2014-01-071-1/+1
|
* update copyright informationAris Adamantiadis2014-01-071-2/+2
|
* dh: Fix wrong assignment.Andreas Schneider2013-11-141-1/+1
| | | | Ups, sorry.
* dh: Avoid possible memory leaks with realloc.Andreas Schneider2013-11-091-4/+13
|
* dh: Move ssh_get_hexa() and ssh_print_hexa() down.Andreas Schneider2013-11-061-57/+57
| | | | | This way they are in the documentation block for the session and we get documentation for them.
* dh: Add new ssh_get_publickey_hash() function.Andreas Schneider2013-11-061-19/+102
|
* kex: implement curve25519-sha256@libssh.orgAris Adamantiadis2013-09-271-0/+13
|
* src: Remove enter_function() and leave_function().Andreas Schneider2013-07-141-9/+1
|
* src: Migrate to SSH_LOG.Andreas Schneider2013-07-141-2/+2
|
* Server: fix rekeyingAris Adamantiadis2013-07-131-1/+1
|
* DH: fix rekeying when using aes256 and biggerAris Adamantiadis2013-07-131-2/+2
|
* dh: Check return value of buffer_add_ssh_string().Andreas Schneider2013-06-171-2/+8
|
* Implement key re-exchangeAris Adamantiadis2012-12-231-10/+22
|
* CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().Xi Wang2012-11-141-0/+5
| | | | No exploit known, but it is better to check the string length.
* dh: Don't use strcat for ssh_get_hexa().Andreas Schneider2012-10-121-9/+8
| | | | | | This is just hardening the code. Found by Coverity.
* dh: Don't leak 'f' on error.Andreas Schneider2012-10-121-5/+6
| | | | Found by Coverity.
* dh: Fix dh_generate_e() with gcrypt.Andreas Schneider2012-09-251-1/+1
|
* dh: Add support for diffie-hellman-group14-sha1.Dmitriy Kuznetsov2012-09-041-19/+82
|
* build: Fix missing struct in_addr warning.Andreas Schneider2012-07-171-0/+1
|
* dh: Add a doc hint to ssh_string_free_char() for ssh_get_hexa().Andreas Schneider2012-06-111-0/+2
|
* dh: Fix build with DEBUG_CRYPTO.Andreas Schneider2012-02-051-3/+5
|
* dh: Add ssh_get_publickey().Andreas Schneider2011-10-291-6/+23
|
* doc: Improve doc of ssh_get_pubkey_hash().Andreas Schneider2011-10-041-0/+4
|
* kex: moved KEX structures to ssh_crypto_structAris Adamantiadis2011-09-181-2/+2
|
* dh: fix segfault in serverAris Adamantiadis2011-09-181-2/+7
|
* dh: Use ssh_string_new() in make_bignum_string().Andreas Schneider2011-09-081-5/+9
|
* string: Use the struct and array for allocating the struct.Andreas Schneider2011-09-081-7/+7
|
* keys: Remove keys.h where it is obsolete.Andreas Schneider2011-08-301-1/+0
|
* dh: Remove obsolete signature functions.Andreas Schneider2011-08-221-140/+0
|
* misc: Add ssh_match_group().Andreas Schneider2011-08-221-25/+2
|
* Fix build with missing openssl/ecdh.hAris Adamantiadis2011-06-141-2/+4
|
* [crypto] initial support for ecdh-sha2-nistp256Aris Adamantiadis2011-06-131-85/+164
| | | | | Works with openssl Still requires work for libgcrypt and other modes
* Moved DH specific code to dh.hAris Adamantiadis2011-06-121-1/+43
|
* init: Some initialization fixes.Oliver Stöneberg2011-05-011-1/+7
| | | | | | | | - Check result of ssh_init() in privatekey_from_base64() - Moved code from ssh_finalize() to appropriate subroutines - Only initialize sockets once (caused mismatch of WSAStartup() and WSACleanup() calls and potential usage of bsd_poll when win_poll should be used)
* dh: Fixed a memory leak in ssh_print_hexa.Andreas Schneider2011-01-061-0/+2
| | | | Found by cppcheck - http://test.libssh.org/cppcheck-analyzer/
* Fixed a bunch of smallish bugsAris Adamantiadis2010-10-201-3/+8
| | | | | http://linuxtesting.org/upstream-tracker/test_results/libssh/current/test_results.html for a whole list
* Removed references to ssh_buffer_get_beginAris Adamantiadis2010-10-031-7/+7
|
* misc: Rename libssh/ to src/Andreas Schneider2010-09-061-0/+1049
generated by cgit (git 2.34.1) at 2025-09-03 01:58:10 +0000