markus@openbsd.org
1e0cdf8efb
upstream commit
...
clear session keys from memory; ok djm@
Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
2017-06-01 14:54:46 +10:00
Darren Tucker
31eb78078d
- guenther@cvs.openbsd.org 2014/07/22 07:13:42
...
[umac.c]
Convert from <sys/endian.h> to the shiney new <endian.h>
ok dtucker@, who also confirmed that -portable handles this already
(ID sync only, includes.h pulls in endian.h if available.)
2014-07-23 09:43:42 +10:00
Damien Miller
294c58a007
- naddy@cvs.openbsd.org 2014/04/30 19:07:48
...
[mac.c myproposal.h umac.c]
UMAC can use our local fallback implementation of AES when OpenSSL isn't
available. Glue code straight from Ted Krovetz's original umac.c.
ok markus@
2014-05-15 14:35:03 +10:00
Damien Miller
8885669139
- djm@cvs.openbsd.org 2014/04/20 02:30:25
...
[misc.c misc.h umac.c]
use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
strict-alignment architectures; reported by and ok stsp@
2014-04-20 13:33:19 +10:00
Damien Miller
6c81fee693
- djm@cvs.openbsd.org 2013/11/08 00:39:15
...
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
2013-11-08 12:19:55 +11:00
Damien Miller
c331dbd222
- djm@cvs.openbsd.org 2013/07/22 05:00:17
...
[umac.c]
make MAC key, data to be hashed and nonce for final hash const;
checked with -Wcast-qual
2013-07-25 11:55:20 +10:00
Damien Miller
32ecfa0f79
- djm@cvs.openbsd.org 2013/07/20 01:43:46
...
[umac.c]
use a union to ensure correct alignment; ok deraadt
2013-07-20 13:22:13 +10:00
Darren Tucker
a627d42e51
- djm@cvs.openbsd.org 2013/05/17 00:13:13
...
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Darren Tucker
50ce447ef9
- [umac.c] Enforce allowed umac output sizes. From djm@.
2012-10-05 12:11:33 +10:00
Darren Tucker
992faad1f1
- [Makefile umac.c] Add special-case target to build umac128.o.
2012-10-05 11:38:24 +10:00
Darren Tucker
8a057953d2
- djm@cvs.openbsd.org 2011/10/19 10:39:48
...
[umac.c]
typo in comment; patch from Michael W. Bombardieri
2011-11-04 10:53:31 +11:00
Damien Miller
36d7056f4d
- (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
...
reported by cristian.ionescu-idbohrn AT axis.com
2008-07-14 12:04:43 +10:00
Darren Tucker
2c91b28a6d
- (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
...
on big endian machines, so ifdef them for little endian only to prevent
unused function warnings.
2008-06-13 12:40:55 +10:00
Damien Miller
0f30c87c45
- pvalchev@cvs.openbsd.org 2008/05/12 20:52:20
...
[umac.c]
Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
on Itanium on Linux); from Dale Talcott (bug #1462 ); ok djm@
2008-05-19 16:07:45 +10:00
Damien Miller
83e04f2023
- stevesk@cvs.openbsd.org 2007/09/12 19:39:19
...
[umac.c]
use xmalloc() and xfree(); ok markus@ pvalchev@
2007-09-17 16:11:01 +10:00
Darren Tucker
cb52017ad9
- (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
...
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
shared with umac.c. Allows building with OpenSSL 0.9.5 again including
umac support. With tim@ djm@, ok djm.
2007-06-14 23:21:32 +10:00
Damien Miller
34a176995f
- (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
...
fallback to provided bit-swizzing functions
2007-06-11 14:15:42 +10:00
Damien Miller
e45796f7b4
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
...
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com ). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
2007-06-11 14:01:42 +10:00