dropbear

mirror of https://github.com/clearml/dropbear synced 2025-02-02 03:43:53 +00:00

Author	SHA1	Message	Date
Thorsten Horstmann	ab9439519a	Fix for old compilers, variable declarations at beginning of functions and /**/ comments	2015-02-24 20:51:18 +08:00
Matt Johnston	02179b1218	merge	2015-02-13 23:15:12 +08:00
Matt Johnston	b6685bf806	twofish ctr modes	2015-02-04 22:12:06 +08:00
Matt Johnston	4de876f259	Keep sha1 default	2015-01-28 22:14:07 +08:00
Matt Johnston	a7a79d569a	Disable non-delayed zlib for server	2015-01-28 21:38:27 +08:00
Fedor Brunner	4122cac66b	Prefer stronger algorithms in algorithm negotiation. Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)	2015-01-23 23:00:25 +08:00
Matt Johnston	6cbb23a819	Add config option to disable cbc. Disable twofish by default	2015-01-23 22:37:14 +08:00
Matt Johnston	de1deaf0bd	use oldstyle comments	2013-11-14 22:03:30 +08:00
Matt Johnston	e60a84d0ed	Various cleanups and fixes for warnings --HG-- branch : ecc	2013-11-12 23:02:32 +08:00
Matt Johnston	0162c116da	curve25519 --HG-- branch : ecc	2013-11-08 23:11:43 +08:00
Matt Johnston	814ab77538	Default to some larger key sizes --HG-- branch : ecc	2013-10-31 22:49:15 +08:00
Matt Johnston	04518e9e80	merge in HEAD --HG-- branch : ecc	2013-05-21 12:09:35 +08:00
Matt Johnston	95a21c8fd7	ecdsa is working --HG-- branch : ecc	2013-05-03 23:07:48 +08:00
Matt Johnston	7f091e7019	start on ecdsa keys --HG-- branch : ecc	2013-04-09 00:36:04 +08:00
Matt Johnston	c797c1750c	- Fix various hardcoded uses of SHA1 - rename curves to nistp256 etc - fix svr-auth.c TRACE problem --HG-- branch : ecc	2013-04-08 00:10:57 +08:00
Matt Johnston	c6bdc810ab	ecc kind of works, needs fixing/testing --HG-- branch : ecc	2013-04-07 01:36:42 +08:00
Matt Johnston	1a16da38d5	merge kexguess branch	2013-04-03 00:49:24 +08:00
Matt Johnston	cbd3d5e3a5	Put some #ifdef options around first-follows options in case they need to be disabled --HG-- branch : kexguess	2013-04-03 00:43:31 +08:00
Matt Johnston	78fbed8c3e	Don't usually need to recalculate dh_e for the repeated kexdh_init packet --HG-- branch : kexguess	2013-04-03 00:32:55 +08:00
Matt Johnston	9c7485331a	Get rid of client/server specific buf_match_algo, use single function with a couple of if statements instead --HG-- branch : kexguess	2013-03-30 23:55:05 +08:00
Matt Johnston	99d9cf500b	Add kexguess2 behaviour --HG-- branch : kexguess	2013-03-29 23:29:48 +08:00
Matt Johnston	b4bcc60657	More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, ses.hash and ses.session_id are now buffers (doesn't compile) --HG-- branch : ecc	2013-03-29 00:28:09 +08:00
Matt Johnston	74cad1612f	more bits on ecc branch --HG-- branch : ecc	2013-03-27 00:38:03 +08:00
Matt Johnston	73e22c115c	refactor kexdh code a bit, start working on ecdh etc --HG-- branch : ecc	2013-03-26 01:35:22 +08:00
Matt Johnston	024d268d8c	Make hmac-sha2-256 and hmac-sha2-512 work	2013-03-21 22:55:12 +08:00
Matt Johnston	e719a9ef6f	- Only request "none" cipher after auth has succeeded --HG-- branch : insecure-nocrypto	2012-05-17 20:52:57 +08:00
Matt Johnston	f2cd610750	Merge in "-m"/"-c" code --HG-- branch : insecure-nocrypto	2012-05-17 08:09:19 +08:00
Matt Johnston	db34044c7f	ENABLE_USER_ALGO_LIST should work for the client	2012-05-17 00:26:12 +08:00
Matt Johnston	036edd6206	Add rough support for choosing ciphers/hashes with "-c" or "-m"	2012-05-17 00:12:42 +08:00
Matt Johnston	f40ed8bad7	Update insecure-nocrypto to current head --HG-- branch : insecure-nocrypto	2012-05-16 22:54:51 +08:00
Matt Johnston	c62e53807f	- Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be getting keyed incorrectly --HG-- branch : sha2	2012-05-10 08:38:37 +08:00
Matt Johnston	0ffdf2bba9	Add diffie-hellman-group14-sha1 KEX method --HG-- extra : convert_revision : 5b9c394ad43745e48c42d671cefac7a5c346082f	2011-02-24 12:42:42 +00:00
Matt Johnston	38ed870ffe	Improve capitalisation for all logged strings --HG-- extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e	2011-02-23 15:50:30 +00:00
Matt Johnston	e3ca0513a0	- Disable compression for non-final multihops --HG-- extra : convert_revision : c507a2aacb9e0db4c0266891b8915c614e32857e	2009-09-11 14:02:04 +00:00
Matt Johnston	08893f03a5	- Don't memcpy() in place with void_encrypt --HG-- extra : convert_revision : d123343d78df1b5998d8dd2674fd83fd682ce0c0	2009-06-09 13:18:52 +00:00
Matt Johnston	1912439526	Update nocrypto branch to current head --HG-- branch : insecure-nocrypto extra : convert_revision : 9e5e6e33be005d27cd5b3270c574edc45b5c2893	2008-11-06 13:33:06 +00:00
Matt Johnston	800810a181	propagate from branch 'au.asn.ucc.matt.dropbear' (head cdcc3c729e29544e8b98a408e2dc60e4483dfd2a) to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab) --HG-- branch : insecure-nocrypto extra : convert_revision : dbb093e087a68abf2e54ab0b711af70771ddb29d	2008-11-06 13:16:55 +00:00
Matt Johnston	c2bd79131a	- Get rid of blowfish and twofish CTR since they weren't likely to be that useful --HG-- extra : convert_revision : e16bd265bb6e8093b3488993dffc86662a2a7a62	2008-09-29 14:30:47 +00:00
Matt Johnston	511f6555c9	- Add Counter Mode support --HG-- extra : convert_revision : 5225162bdf32d70b58b6d3ae375a290326c59f3a	2008-09-29 13:53:31 +00:00
Matt Johnston	049fcf1ac5	Add support for zlib@openssh.com delayed compression. Are still advertising 'zlib' for the server, need to allow delayed-only as an option --HG-- extra : convert_revision : 319df675cc3c9b35a10b7d8357c94f33fdab1a46	2008-09-29 02:23:04 +00:00
Matt Johnston	60d4cd5996	Add comments about requiring keysize <= 2*SHA1_HASH_SIZE --HG-- extra : convert_revision : bcb33fce2fad01a7626598209d43af3571bd86f0	2007-02-04 10:31:48 +00:00
Matt Johnston	ba869e5601	propagate from branch 'au.asn.ucc.matt.dropbear' (head 7ad1775ed65e75dbece27fe6b65bf1a234db386a) to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 88ed2b94d9bfec9a4f661caf592ed01da5eb3b6a) --HG-- branch : insecure-nocrypto extra : convert_revision : 2b954d406290e6a2be8eb4a262d3675ac95ac544	2006-03-10 06:30:52 +00:00
Matt Johnston	0314b2cf45	* common-algo.c: use zlib for dbclient --HG-- extra : convert_revision : 71c8d2ac84129e8aa204e7e35a44066fd1bea584	2005-11-08 11:35:52 +00:00
Matt Johnston	1632bd4a18	- a hack for grahame to run dropbear with "none" cipher. DO NOT USE IF YOU DON'T KNOW THE CONSEQUENCES Here is your noose. Use it wisely. --HG-- branch : insecure-nocrypto extra : convert_revision : 88ed2b94d9bfec9a4f661caf592ed01da5eb3b6a	2005-09-23 16:29:19 +00:00
Matt Johnston	5a6404712c	use a buffer rather than raw char array for creating the comma-seperated algorithm lists --HG-- extra : convert_revision : bd00bc1e914dc1a816e9a2cca38c7bd3b6865dd0	2005-09-02 15:35:18 +00:00
Matt Johnston	b332e4aaf9	merge of 57902417ad22502b79c63fcabb7f4a8c8449e682 and 92bb4dd3f6f212342a5c991f738b987d7a07a6b2 --HG-- extra : convert_revision : f4bf35030bf75c46ab649774ebaf7bcf8e545b04	2005-09-02 15:33:45 +00:00
Matt Johnston	cff00f43c2	disapproval of revision ac41ae96770156bca2c0193b500ee07ee8d9a027 --HG-- extra : convert_revision : f90dd77112802d0d9252e4c124a14d0f4fcd9011	2005-09-02 15:33:09 +00:00
Matt Johnston	1cf8d6b631	Change the preferred algorithm order --HG-- extra : convert_revision : ae8391fa550707447ac60d661eb07bab82e4b53f	2005-09-02 07:43:42 +00:00
Matt Johnston	f724ece386	Increase algorithm list buffer length --HG-- extra : convert_revision : c821fb2723909e932bb390b2eb46a9e0c6f28c30	2005-09-02 07:14:50 +00:00
Matt Johnston	cebbc4e2b7	- register AES and Twofish even if just the 256 bit key variants are used --HG-- extra : convert_revision : 6a05bc31e3e23ebb4c75cc18c69af7a4977e2313	2005-08-30 17:46:34 +00:00

1 2

58 Commits