opensourcemirror
/
opnsense-src
mirror of https://github.com/opnsense/src.git
1
0
Fork 0
Code Issues Releases Wiki Activity
opnsense-src/crypto
History
Gordon Tetlow 888363ef25 Implement "strict key exchange" in ssh and sshd. 
This adds a protocol extension to improve the integrity of the SSH
transport protocol, particular in and around the initial key exchange
(KEX) phase.

Full details of the extension are in the PROTOCOL file.

OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14

Approved by:	so (implicit)
Obtained from:	https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
Security:	CVE-2023-48795
Security:	FreeBSD-SA-23:19.openssh

(cherry picked from commit 92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
(cherry picked from commit 3bafcb9744c966ff7750357b24fc7942f2d928d4)
 		2023-12-20 09:28:52 +01:00
..
heimdal heimdal: Resolve hdb_free_entry() SIGSEGV/SIGILL 2023-03-16 13:44:57 -04:00
openssh Implement "strict key exchange" in ssh and sshd. 2023-12-20 09:28:52 +01:00
openssl OpenSSL: Merge OpenSSL 1.1.1t 2023-02-07 17:38:40 -05:00
README

README 

$FreeBSD$

This directory is for the EXACT same use as src/contrib, except it
holds crypto sources.  In other words, this holds raw sources obtained
from various third party vendors, with FreeBSD patches applied.  No
compilation is done from this directory, it is all done from the
src/secure directory.  The separation between src/contrib and src/crypto
is the result of an old USA law, which made these sources export
controlled, so they had to be kept separate.