Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 01ed2272a1545336173bf3aef66fbccc3494c8d8
commit01ed2272a1545336173bf3aef66fbccc3494c8d8[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Nov 05 16:20:46 2008 +1100
committerDamien Miller <djm@mindrot.org>Wed Nov 05 16:20:46 2008 +1100
treea77f115d3b8964f0b6fcc604f9dea87d15143d7e
parent6f66d34308af787613d5525729953665f26367ee [diff]
   - djm@cvs.openbsd.org 2008/11/04 08:22:13
     [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.

     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.

     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).

     "just commit it.  It isn't too intrusive." deraadt@
20 files changed
tree: a77f115d3b8964f0b6fcc604f9dea87d15143d7e
  1. contrib/
  2. openbsd-compat/
  3. regress/
  4. scard/
  5. .cvsignore
  6. aclocal.m4
  7. acss.c
  8. acss.h
  9. addrmatch.c
  10. atomicio.c
  11. atomicio.h
  12. audit-bsm.c
  13. audit.c
  14. audit.h
  15. auth-bsdauth.c
  16. auth-chall.c
  17. auth-krb5.c
  18. auth-options.c
  19. auth-options.h
  20. auth-pam.c
  21. auth-pam.h
  22. auth-passwd.c
  23. auth-rh-rsa.c
  24. auth-rhosts.c
  25. auth-rsa.c
  26. auth-shadow.c
  27. auth-sia.c
  28. auth-sia.h
  29. auth-skey.c
  30. auth.c
  31. auth.h
  32. auth1.c
  33. auth2-chall.c
  34. auth2-gss.c
  35. auth2-hostbased.c
  36. auth2-jpake.c
  37. auth2-kbdint.c
  38. auth2-none.c
  39. auth2-passwd.c
  40. auth2-pubkey.c
  41. auth2.c
  42. authfd.c
  43. authfd.h
  44. authfile.c
  45. authfile.h
  46. bufaux.c
  47. bufbn.c
  48. buffer.c
  49. buffer.h
  50. buildpkg.sh.in
  51. canohost.c
  52. canohost.h
  53. ChangeLog
  54. channels.c
  55. channels.h
  56. cipher-3des1.c
  57. cipher-acss.c
  58. cipher-aes.c
  59. cipher-bf1.c
  60. cipher-ctr.c
  61. cipher.c
  62. cipher.h
  63. cleanup.c
  64. clientloop.c
  65. clientloop.h
  66. compat.c
  67. compat.h
  68. compress.c
  69. compress.h
  70. config.guess
  71. config.sub
  72. configure.ac
  73. crc32.c
  74. crc32.h
  75. CREDITS
  76. deattack.c
  77. deattack.h
  78. defines.h
  79. dh.c
  80. dh.h
  81. dispatch.c
  82. dispatch.h
  83. dns.c
  84. dns.h
  85. entropy.c
  86. entropy.h
  87. fatal.c
  88. fixpaths
  89. fixprogs
  90. groupaccess.c
  91. groupaccess.h
  92. gss-genr.c
  93. gss-serv-krb5.c
  94. gss-serv.c
  95. hostfile.c
  96. hostfile.h
  97. includes.h
  98. INSTALL
  99. install-sh
  100. jpake.c
  101. jpake.h
  102. kex.c
  103. kex.h
  104. kexdh.c
  105. kexdhc.c
  106. kexdhs.c
  107. kexgex.c
  108. kexgexc.c
  109. kexgexs.c
  110. key.c
  111. key.h
  112. LICENCE
  113. log.c
  114. log.h
  115. loginrec.c
  116. loginrec.h
  117. logintest.c
  118. mac.c
  119. mac.h
  120. Makefile.in
  121. match.c
  122. match.h
  123. md-sha256.c
  124. md5crypt.c
  125. md5crypt.h
  126. mdoc2man.awk
  127. misc.c
  128. misc.h
  129. mkinstalldirs
  130. moduli
  131. moduli.5
  132. moduli.c
  133. monitor.c
  134. monitor.h
  135. monitor_fdpass.c
  136. monitor_fdpass.h
  137. monitor_mm.c
  138. monitor_mm.h
  139. monitor_wrap.c
  140. monitor_wrap.h
  141. msg.c
  142. msg.h
  143. mux.c
  144. myproposal.h
  145. nchan.c
  146. nchan.ms
  147. nchan2.ms
  148. openssh.xml.in
  149. opensshd.init.in
  150. OVERVIEW
  151. packet.c
  152. packet.h
  153. pathnames.h
  154. platform.c
  155. platform.h
  156. progressmeter.c
  157. progressmeter.h
  158. PROTOCOL
  159. PROTOCOL.agent
  160. readconf.c
  161. readconf.h
  162. README
  163. README.dns
  164. README.platform
  165. README.privsep
  166. README.smartcard
  167. README.tun
  168. readpass.c
  169. rijndael.c
  170. rijndael.h
  171. rsa.c
  172. rsa.h
  173. scard-opensc.c
  174. scard.c
  175. scard.h
  176. schnorr.c
  177. scp.1
  178. scp.c
  179. servconf.c
  180. servconf.h
  181. serverloop.c
  182. serverloop.h
  183. session.c
  184. session.h
  185. sftp-client.c
  186. sftp-client.h
  187. sftp-common.c
  188. sftp-common.h
  189. sftp-glob.c
  190. sftp-server-main.c
  191. sftp-server.8
  192. sftp-server.c
  193. sftp.1
  194. sftp.c
  195. sftp.h
  196. ssh-add.1
  197. ssh-add.c
  198. ssh-agent.1
  199. ssh-agent.c
  200. ssh-dss.c
  201. ssh-gss.h
  202. ssh-keygen.1
  203. ssh-keygen.c
  204. ssh-keyscan.1
  205. ssh-keyscan.c
  206. ssh-keysign.8
  207. ssh-keysign.c
  208. ssh-rand-helper.8
  209. ssh-rand-helper.c
  210. ssh-rsa.c
  211. ssh.1
  212. ssh.c
  213. ssh.h
  214. ssh1.h
  215. ssh2.h
  216. ssh_config
  217. ssh_config.5
  218. ssh_prng_cmds.in
  219. sshconnect.c
  220. sshconnect.h
  221. sshconnect1.c
  222. sshconnect2.c
  223. sshd.8
  224. sshd.c
  225. sshd_config
  226. sshd_config.5
  227. sshlogin.c
  228. sshlogin.h
  229. sshpty.c
  230. sshpty.h
  231. sshtty.c
  232. survey.sh.in
  233. TODO
  234. ttymodes.c
  235. ttymodes.h
  236. uidswap.c
  237. uidswap.h
  238. umac.c
  239. umac.h
  240. uuencode.c
  241. uuencode.h
  242. version.h
  243. WARNING.RNG
  244. xmalloc.c
  245. xmalloc.h