Rivoreo Source Code Repositories
src.rivoreo.one / security / openssh-library / 9235a030ad1b16903fb495d81544e0f7c7449523
commit9235a030ad1b16903fb495d81544e0f7c7449523[log] [download]
authorDamien Miller <djm@mindrot.org>Sun Apr 20 13:17:20 2014 +1000
committerDamien Miller <djm@mindrot.org>Sun Apr 20 13:17:20 2014 +1000
tree3cb61622daa8f3b0caf0e53fd8bfab5534def35e
parent6e1777f592f15f4559728c78204617537b1ac076 [diff]
Three commits in one (since they touch the same heavily-diverged file
repeatedly):

   - markus@cvs.openbsd.org 2014/03/25 09:40:03
     [myproposal.h]
     trimm default proposals.

     This commit removes the weaker pre-SHA2 hashes, the broken ciphers
     (arcfour), and the broken modes (CBC) from the default configuration
     (the patch only changes the default, all the modes are still available
     for the config files).

     ok djm@, reminded by tedu@ & naddy@ and discussed with many
   - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
     [myproposal.h]
     The current sharing of myproposal[] between both client and server code
     makes the previous diff highly unpallatable.  We want to go in that
     direction for the server, but not for the client.  Sigh.
     Brought up by naddy.
   - markus@cvs.openbsd.org 2014/03/27 23:01:27
     [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     disable weak proposals in sshd, but keep them in ssh; ok djm@
5 files changed
tree: 3cb61622daa8f3b0caf0e53fd8bfab5534def35e
  1. .cvsignore
  2. CREDITS
  3. ChangeLog
  4. INSTALL
  5. LICENCE
  6. Makefile.in
  7. OVERVIEW
  8. PROTOCOL
  9. PROTOCOL.agent
  10. PROTOCOL.certkeys
  11. PROTOCOL.chacha20poly1305
  12. PROTOCOL.key
  13. PROTOCOL.krl
  14. PROTOCOL.mux
  15. README
  16. README.dns
  17. README.platform
  18. README.privsep
  19. README.tun
  20. TODO
  21. aclocal.m4
  22. addrmatch.c
  23. atomicio.c
  24. atomicio.h
  25. audit-bsm.c
  26. audit-linux.c
  27. audit.c
  28. audit.h
  29. auth-bsdauth.c
  30. auth-chall.c
  31. auth-krb5.c
  32. auth-options.c
  33. auth-options.h
  34. auth-pam.c
  35. auth-pam.h
  36. auth-passwd.c
  37. auth-rh-rsa.c
  38. auth-rhosts.c
  39. auth-rsa.c
  40. auth-shadow.c
  41. auth-sia.c
  42. auth-sia.h
  43. auth-skey.c
  44. auth.c
  45. auth.h
  46. auth1.c
  47. auth2-chall.c
  48. auth2-gss.c
  49. auth2-hostbased.c
  50. auth2-kbdint.c
  51. auth2-none.c
  52. auth2-passwd.c
  53. auth2-pubkey.c
  54. auth2.c
  55. authfd.c
  56. authfd.h
  57. authfile.c
  58. authfile.h
  59. blocks.c
  60. bufaux.c
  61. bufbn.c
  62. bufec.c
  63. buffer.c
  64. buffer.h
  65. buildpkg.sh.in
  66. canohost.c
  67. canohost.h
  68. chacha.c
  69. chacha.h
  70. channels.c
  71. channels.h
  72. cipher-3des1.c
  73. cipher-aes.c
  74. cipher-bf1.c
  75. cipher-chachapoly.c
  76. cipher-chachapoly.h
  77. cipher-ctr.c
  78. cipher.c
  79. cipher.h
  80. cleanup.c
  81. clientloop.c
  82. clientloop.h
  83. compat.c
  84. compat.h
  85. compress.c
  86. compress.h
  87. config.guess
  88. config.sub
  89. configure.ac
  90. contrib/
  91. crc32.c
  92. crc32.h
  93. crypto_api.h
  94. deattack.c
  95. deattack.h
  96. defines.h
  97. dh.c
  98. dh.h
  99. digest-libc.c
  100. digest-openssl.c
  101. digest.h
  102. dispatch.c
  103. dispatch.h
  104. dns.c
  105. dns.h
  106. ed25519.c
  107. entropy.c
  108. entropy.h
  109. fatal.c
  110. fe25519.c
  111. fe25519.h
  112. fixalgorithms
  113. fixpaths
  114. fixprogs
  115. ge25519.c
  116. ge25519.h
  117. ge25519_base.data
  118. groupaccess.c
  119. groupaccess.h
  120. gss-genr.c
  121. gss-serv-krb5.c
  122. gss-serv.c
  123. hash.c
  124. hmac.c
  125. hmac.h
  126. hostfile.c
  127. hostfile.h
  128. includes.h
  129. install-sh
  130. kex.c
  131. kex.h
  132. kexc25519.c
  133. kexc25519c.c
  134. kexc25519s.c
  135. kexdh.c
  136. kexdhc.c
  137. kexdhs.c
  138. kexecdh.c
  139. kexecdhc.c
  140. kexecdhs.c
  141. kexgex.c
  142. kexgexc.c
  143. kexgexs.c
  144. key.c
  145. key.h
  146. krl.c
  147. krl.h
  148. log.c
  149. log.h
  150. loginrec.c
  151. loginrec.h
  152. logintest.c
  153. mac.c
  154. mac.h
  155. match.c
  156. match.h
  157. md-sha256.c
  158. md5crypt.c
  159. md5crypt.h
  160. mdoc2man.awk
  161. misc.c
  162. misc.h
  163. mkinstalldirs
  164. moduli
  165. moduli.5
  166. moduli.c
  167. monitor.c
  168. monitor.h
  169. monitor_fdpass.c
  170. monitor_fdpass.h
  171. monitor_mm.c
  172. monitor_mm.h
  173. monitor_wrap.c
  174. monitor_wrap.h
  175. msg.c
  176. msg.h
  177. mux.c
  178. myproposal.h
  179. nchan.c
  180. nchan.ms
  181. nchan2.ms
  182. openbsd-compat/
  183. openssh.xml.in
  184. opensshd.init.in
  185. packet.c
  186. packet.h
  187. pathnames.h
  188. pkcs11.h
  189. platform.c
  190. platform.h
  191. poly1305.c
  192. poly1305.h
  193. progressmeter.c
  194. progressmeter.h
  195. readconf.c
  196. readconf.h
  197. readpass.c
  198. regress/
  199. rijndael.c
  200. rijndael.h
  201. roaming.h
  202. roaming_client.c
  203. roaming_common.c
  204. roaming_dummy.c
  205. roaming_serv.c
  206. rsa.c
  207. rsa.h
  208. sandbox-capsicum.c
  209. sandbox-darwin.c
  210. sandbox-null.c
  211. sandbox-rlimit.c
  212. sandbox-seccomp-filter.c
  213. sandbox-systrace.c
  214. sc25519.c
  215. sc25519.h
  216. scard/
  217. scp.1
  218. scp.c
  219. servconf.c
  220. servconf.h
  221. serverloop.c
  222. serverloop.h
  223. session.c
  224. session.h
  225. sftp-client.c
  226. sftp-client.h
  227. sftp-common.c
  228. sftp-common.h
  229. sftp-glob.c
  230. sftp-server-main.c
  231. sftp-server.8
  232. sftp-server.c
  233. sftp.1
  234. sftp.c
  235. sftp.h
  236. smult_curve25519_ref.c
  237. ssh-add.1
  238. ssh-add.c
  239. ssh-agent.1
  240. ssh-agent.c
  241. ssh-dss.c
  242. ssh-ecdsa.c
  243. ssh-ed25519.c
  244. ssh-gss.h
  245. ssh-keygen.1
  246. ssh-keygen.c
  247. ssh-keyscan.1
  248. ssh-keyscan.c
  249. ssh-keysign.8
  250. ssh-keysign.c
  251. ssh-pkcs11-client.c
  252. ssh-pkcs11-helper.8
  253. ssh-pkcs11-helper.c
  254. ssh-pkcs11.c
  255. ssh-pkcs11.h
  256. ssh-rsa.c
  257. ssh-sandbox.h
  258. ssh.1
  259. ssh.c
  260. ssh.h
  261. ssh1.h
  262. ssh2.h
  263. ssh_config
  264. ssh_config.5
  265. sshconnect.c
  266. sshconnect.h
  267. sshconnect1.c
  268. sshconnect2.c
  269. sshd.8
  270. sshd.c
  271. sshd_config
  272. sshd_config.5
  273. sshlogin.c
  274. sshlogin.h
  275. sshpty.c
  276. sshpty.h
  277. sshtty.c
  278. survey.sh.in
  279. ttymodes.c
  280. ttymodes.h
  281. uidswap.c
  282. uidswap.h
  283. umac.c
  284. umac.h
  285. uuencode.c
  286. uuencode.h
  287. verify.c
  288. version.h
  289. xmalloc.c
  290. xmalloc.h