ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 10:57:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,239 Commits 5 Branches 63 Tags 14 MiB
24b446705b
Commit Graph

72 Commits

Author SHA1 Message Date
Matt Johnston
c6e912f9e2 merge 2016.74 2016-07-21 23:38:42 +08:00
Matt Johnston
32a28d0d9c Convert #ifdef to #if, other build changes 2016-05-04 15:33:40 +02:00
Matt Johnston
d6daad29fc options for disabling "normal" DH 2016-05-02 23:48:16 +02:00
Matt Johnston
4f5d0756c2 improve algorithm list parsing 2016-07-11 22:40:38 +08:00
Francois Perrad
893d7be5bf const variables 2016-03-16 22:41:19 +08:00
Matt Johnston
fdc61f3ab2 Get rid of group15, move group16 to sha512. 
New groups are disabled by default pending
draft-ietf-curdle-ssh-kex-sha2-02 being finalised
 2016-03-12 16:21:13 +08:00
Matt Johnston
21ed9480d7 add dh group15 and group16, disabled by default 2016-01-15 00:19:11 +08:00
Matt Johnston
09e83ad742 Move dh group constants to a separate file 2016-01-14 21:54:58 +08:00
Matt Johnston
87d2c9c05c diffie-hellman-group14-sha256 2015-12-11 22:12:12 +08:00
Matt Johnston
1a4db21fe4 buf_getstring and buf_putstring now use non-unsigned char* 2015-06-04 23:08:50 +08:00
Matt Johnston
e7ac4c1ab3 Merge pull request #13 from gazoo74/fix-warnings 
Fix warnings
 2015-06-04 22:25:28 +08:00
Matt Johnston
ecd8505218 Disable twofish-ctr by default, add config option 2015-06-03 22:59:59 +08:00
Gaël PORTAY
6b90885d4f Turn Algo_Type's name attribute into const char * 2015-05-05 20:39:14 +02:00
Gaël PORTAY
224b16b247 Fix pointer differ in signess warnings [-Werror=pointer-sign] 2015-05-05 20:39:13 +02:00
Thorsten Horstmann
ab9439519a Fix for old compilers, variable declarations at beginning of functions 
and /**/ comments
 2015-02-24 20:51:18 +08:00
Matt Johnston
02179b1218 merge 2015-02-13 23:15:12 +08:00
Matt Johnston
b6685bf806 twofish ctr modes 2015-02-04 22:12:06 +08:00
Matt Johnston
4de876f259 Keep sha1 default 2015-01-28 22:14:07 +08:00
Matt Johnston
a7a79d569a Disable non-delayed zlib for server 2015-01-28 21:38:27 +08:00
Fedor Brunner
4122cac66b Prefer stronger algorithms in algorithm negotiation. 
Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).

Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.

Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.

(github pull request #9)
 2015-01-23 23:00:25 +08:00
Matt Johnston
6cbb23a819 Add config option to disable cbc. Disable twofish by default 2015-01-23 22:37:14 +08:00
Matt Johnston
de1deaf0bd use oldstyle comments 2013-11-14 22:03:30 +08:00
Matt Johnston
e60a84d0ed Various cleanups and fixes for warnings 
--HG--
branch : ecc
 2013-11-12 23:02:32 +08:00
Matt Johnston
0162c116da curve25519 
--HG--
branch : ecc
 2013-11-08 23:11:43 +08:00
Matt Johnston
814ab77538 Default to some larger key sizes 
--HG--
branch : ecc
 2013-10-31 22:49:15 +08:00
Matt Johnston
04518e9e80 merge in HEAD 
--HG--
branch : ecc
 2013-05-21 12:09:35 +08:00
Matt Johnston
95a21c8fd7 ecdsa is working 
--HG--
branch : ecc
 2013-05-03 23:07:48 +08:00
Matt Johnston
7f091e7019 start on ecdsa keys 
--HG--
branch : ecc
 2013-04-09 00:36:04 +08:00
Matt Johnston
c797c1750c - Fix various hardcoded uses of SHA1 
- rename curves to nistp256 etc
- fix svr-auth.c TRACE problem

--HG--
branch : ecc
 2013-04-08 00:10:57 +08:00
Matt Johnston
c6bdc810ab ecc kind of works, needs fixing/testing 
--HG--
branch : ecc
 2013-04-07 01:36:42 +08:00
Matt Johnston
1a16da38d5 merge kexguess branch 2013-04-03 00:49:24 +08:00
Matt Johnston
cbd3d5e3a5 Put some #ifdef options around first-follows options in case they 
need to be disabled

--HG--
branch : kexguess
 2013-04-03 00:43:31 +08:00
Matt Johnston
78fbed8c3e Don't usually need to recalculate dh_e for the repeated kexdh_init packet 
--HG--
branch : kexguess
 2013-04-03 00:32:55 +08:00
Matt Johnston
9c7485331a Get rid of client/server specific buf_match_algo, use single 
function with a couple of if statements instead

--HG--
branch : kexguess
 2013-03-30 23:55:05 +08:00
Matt Johnston
99d9cf500b Add kexguess2 behaviour 
--HG--
branch : kexguess
 2013-03-29 23:29:48 +08:00
Matt Johnston
b4bcc60657 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, 
ses.hash and ses.session_id are now buffers (doesn't compile)

--HG--
branch : ecc
 2013-03-29 00:28:09 +08:00
Matt Johnston
74cad1612f more bits on ecc branch 
--HG--
branch : ecc
 2013-03-27 00:38:03 +08:00
Matt Johnston
73e22c115c refactor kexdh code a bit, start working on ecdh etc 
--HG--
branch : ecc
 2013-03-26 01:35:22 +08:00
Matt Johnston
024d268d8c Make hmac-sha2-256 and hmac-sha2-512 work 2013-03-21 22:55:12 +08:00
Matt Johnston
e719a9ef6f - Only request "none" cipher after auth has succeeded 
--HG--
branch : insecure-nocrypto
 2012-05-17 20:52:57 +08:00
Matt Johnston
f2cd610750 Merge in "-m"/"-c" code 
--HG--
branch : insecure-nocrypto
 2012-05-17 08:09:19 +08:00
Matt Johnston
db34044c7f ENABLE_USER_ALGO_LIST should work for the client 2012-05-17 00:26:12 +08:00
Matt Johnston
036edd6206 Add rough support for choosing ciphers/hashes with "-c" or "-m" 2012-05-17 00:12:42 +08:00
Matt Johnston
f40ed8bad7 Update insecure-nocrypto to current head 
--HG--
branch : insecure-nocrypto
 2012-05-16 22:54:51 +08:00
Matt Johnston
c62e53807f - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be 
getting keyed incorrectly

--HG--
branch : sha2
 2012-05-10 08:38:37 +08:00
Matt Johnston
0ffdf2bba9 Add diffie-hellman-group14-sha1 KEX method 
--HG--
extra : convert_revision : 5b9c394ad43745e48c42d671cefac7a5c346082f
 2011-02-24 12:42:42 +00:00
Matt Johnston
38ed870ffe Improve capitalisation for all logged strings 
--HG--
extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e
 2011-02-23 15:50:30 +00:00
Matt Johnston
e3ca0513a0 - Disable compression for non-final multihops 
--HG--
extra : convert_revision : c507a2aacb9e0db4c0266891b8915c614e32857e
 2009-09-11 14:02:04 +00:00
Matt Johnston
08893f03a5 - Don't memcpy() in place with void_encrypt 
--HG--
extra : convert_revision : d123343d78df1b5998d8dd2674fd83fd682ce0c0
 2009-06-09 13:18:52 +00:00
Matt Johnston
1912439526 Update nocrypto branch to current head 
--HG--
branch : insecure-nocrypto
extra : convert_revision : 9e5e6e33be005d27cd5b3270c574edc45b5c2893
 2008-11-06 13:33:06 +00:00