delta/openssh-git.git - anongit.mindrot.org: openssh.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Always use compat getentropy.	Darren Tucker	2022-11-02	1	-5/+7
\| \| \| \| \| \|	Have it call native getentropy and fall back as required. Should fix issues of platforms where libc has getentropy but it is not implemented in the kernel. Based on github PR#354 from simsergey.
*	Remove DEF_WEAK, it's already in defines.h.	Darren Tucker	2022-09-02	1	-2/+0
\|
*	Resync arc4random with OpenBSD.	Darren Tucker	2022-09-02	1	-101/+90
\| \| \| \| \| \| \|	This brings us up to current, including djm's random-reseeding change, as prompted by logan at cyberstorm.mu in bz#3467. It brings the platform-specific hooks from LibreSSL Portable, simplified to match our use case. ok djm@.
*	Remove arc4random_uniform from arc4random.c	Darren Tucker	2022-09-02	1	-38/+0
\| \| \| \| \|	This was previously moved into its own file (matching OpenBSD) which prematurely committed in commit 73541f2.
*	Rename our getentropy to prevent possible loops.	Darren Tucker	2022-08-10	1	-0/+9
\| \| \| \| \| \| \| \|	Since arc4random seeds from getentropy, and we use OpenSSL for that if enabled, there's the possibility that if we build on a system that does not have getentropy then run on a system that does have it, then OpenSSL could end up calling our getentropy and getting stuck in a loop. Pointed out by deraadt@, ok djm@
*	Factor out getrnd() and rename to getentropy().	Darren Tucker	2022-08-05	1	-54/+2
\| \| \| \| \| \| \|	Factor out the arc4random seeding into its own file and change the interface to match getentropy. Use native getentropy if available. This will make it easier to resync OpenBSD changes to arc4random. Prompted by bz#3467, ok djm@.
*	Remove unused ivbits argument from chacha_keysetup	Darren Tucker	2022-03-01	1	-1/+1
\|
*	remove sys/param.h in -portable, after upstream	Damien Miller	2021-12-22	1	-3/+5
\|
*	Try EGD/PRNGD if random device fails.	Darren Tucker	2021-06-18	1	-3/+9
\| \| \| \| \|	When built --without-openssl, try EGD/PRGGD (if configured) as a last resort before failing.
*	prefer to use getrandom() for PRNG seeding	Damien Miller	2018-04-13	1	-3/+13
\| \| \| \| \|	Only applies when built --without-openssl. Thanks Jann Horn for reminder.
*	cast to avoid type warning in error message	Damien Miller	2016-07-15	1	-2/+2
\|
*	support --without-openssl at configure time	Damien Miller	2015-01-15	1	-1/+35
\| \| \| \| \| \| \| \|	Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
*	- (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG	Damien Miller	2014-09-04	1	-1/+1
\|
*	- (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an	Darren Tucker	2014-06-11	1	-1/+1
\| \| \| \|	assigment that might get optimized out. ok djm@
*	- (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]	Damien Miller	2013-10-09	1	-13/+46
\| \| \| \| \| \|	[openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, tested tim@
*	- (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull	Damien Miller	2013-10-09	1	-0/+261
	in OpenBSD implementation of arc4random, shortly to replace the existing bsd-arc4random.c