Age | Commit message (Collapse) | Author |
|
|
|
|
|
* hans/ssh/eddsa/OTP-15094:
ssh: Add Edward curves to the documentation
ssh: Update test cases for eddsa
ssh: Add public keys 'ssh-ed25519' and 'ssh-ed448'
|
|
This will prevent crashes in ssh_file for public key types which have no passphrase option although being supported.
Also centralize host key checking to avoid code duplication. This was already done for user keys.
|
|
No intentional api changes. Only to make the code less hard to read.
|
|
|
|
Requires OpenSSL-1.1.1
https://tools.ietf.org/html/draft-ietf-curdle-ssh-ed25519-ed448-00
|
|
* hans/ssh/fix_ext_info/OTP-15413:
ssh: Fix ssh_options checking for ext_info
ssh: Fix SSH_MSG_EXT_INFO bug for OTP SSH as server
ssh: Fix SSH_MSG_EXT_INFO bug for OTP SSH as client
|
|
The wrong set of supported public keys was sent to the client.
|
|
* hans/ssh/x25519_x448/OTP-15133:
ssh: Doc updates
ssh: spec curve25519 & curve448
ssh: Fix non-conforming key generation in kex for x25519 and x448
ssh: Enable curve448-sha512 and curve25519-sha256
ssh: Remove the term 'eddh'
|
|
That is, curve25519-sha256, [email protected] and curve448-sha512
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Not working
|
|
* maint:
Updated OTP version
Prepare release
ssh: Renegotiation -> renegotiate
ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419
ssh: Fix server crashes for exit-normal signals
|
|
* maint-19:
Updated OTP version
Prepare release
ssh: Renegotiation -> renegotiate
ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419
ssh: Fix server crashes for exit-normal signals
Conflicts:
OTP_VERSION
lib/ssh/doc/src/notes.xml
lib/ssh/src/ssh_connection_handler.erl
lib/ssh/src/ssh_transport.erl
lib/ssh/vsn.mk
otp_versions.table
|
|
* maint:
Updated OTP version
Prepare release
ssh: Renegotiation -> renegotiate
ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419
crypto: get_engine_load_cmd_list excluded if no engine support
crypto: Fix compilation for LibreSSL 2.7.x
crypto: Disable test_engine if engine is disabled
crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h
Conflicts:
OTP_VERSION
|
|
and others following draft-draft-00 from 2001 and not the rfc4419
|
|
and others following draft-draft-00 from 2001 and not the rfc4419
|
|
|
|
|
|
* maint-20:
Updated OTP version
Prepare release
ssh: Add option save_accepted_host
ssh: No error message for signal kill
ssh: Dont repeat supervisor defaults in map fields
ssh: Move starting of channel child to ssh_channel_sup
ssh: Test case for sup tree when shell server proc times out
|
|
|
|
This suite tests compatibility with different combinations of OpenSSH and OpenSSL. The peer SSH is running in a docker container.
|
|
Thoose clients signs with sha instead of sha2-*. Try first to verify with the correct one, and if that fails, retry with sha1.
|
|
* maint-18:
Updated OTP version
Prepare release
ssh: Unicode encoding fix
ssh: testcases for space trailing Hello msg
Remove unused test include file from test suites
eldap: Repair Makefile
ssh: Don't remove trailing WS in Hello msg
Conflicts:
OTP_VERSION
erts/doc/src/notes.xml
erts/vsn.mk
lib/compiler/doc/src/notes.xml
lib/compiler/vsn.mk
lib/crypto/test/blowfish_SUITE.erl
lib/eldap/doc/src/notes.xml
lib/eldap/vsn.mk
lib/inets/test/httpd_load.erl
lib/inets/test/httpd_mod.erl
lib/inets/test/old_httpd_SUITE.erl
lib/ssh/doc/src/notes.xml
lib/ssh/vsn.mk
lib/stdlib/test/zip_SUITE.erl
otp_versions.table
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If a user wants to enable one non-default algorithm or remove a default one, the option preferred_algorithms is too complicated since it replaces the whole set of algorithms.
|
|
|
|
|
|
|
|
Conflicts:
lib/ssh/src/ssh_transport.erl
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is only a draft extension, but it is quite stable and already supported
by some implementations. OpenSSH has had it for some year now.
|