summaryrefslogtreecommitdiffstats
path: root/authfile.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: avoid spurious "Unable to load host key" message whendjm@openbsd.org2020-06-191-2/+8
| | | | | | sshd can load a private key but no public counterpart; with & ok markus@ OpenBSD-Commit-ID: 0713cbdf9aa1ff8ac7b1f78b09ac911af510f81b
* upstream: refactor out some duplicate private key loading code;djm@openbsd.org2020-04-171-34/+9
| | | | | | based on patch from loic AT venez.fr, ok dtucker@ OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e
* upstream: let sshkey_try_load_public() load public keys from thedjm@openbsd.org2020-04-081-1/+37
| | | | | | | | | unencrypted envelope of private key files if not sidecar public key file is present. ok markus@ OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040
* upstream: simplify sshkey_try_load_public()djm@openbsd.org2020-04-081-39/+19
| | | | | | ok markus@ OpenBSD-Commit-ID: 05a5d46562aafcd70736c792208b1856064f40ad
* upstream: factor out reading/writing sshbufs to dedicateddjm@openbsd.org2020-01-261-68/+9
| | | | | | functions; feedback and ok markus@ OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
* upstream: add sshkey_save_public(), to save a public key; okdjm@openbsd.org2020-01-021-1/+32
| | | | | | markus@ OpenBSD-Commit-ID: 5d6f96a966d10d7fa689ff9aa9e1d6767ad5a076
* upstream: move advance_past_options to authfile.c and make itdjm@openbsd.org2019-09-031-1/+23
| | | | | | public; ok markus@ OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c
* upstream: Remove now-redundant perm_ok arg sincedtucker@openbsd.org2019-08-081-16/+8
| | | | | | | sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from jitendra.sharma at intel.com, ok djm@ OpenBSD-Commit-ID: 07916a17ed0a252591b71e7fb4be2599cb5b0c77
* upstream: support PKCS8 as an optional format for storage ofdjm@openbsd.org2019-07-151-3/+3
| | | | | | | | | | | | | | private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-6/+6
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: In sshkey_in_file(), ignore keys that are considered fordjm@openbsd.org2018-09-211-4/+10
| | | | | | | | | | being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to be "in the file". This allows key revocation lists to contain short keys without the entire revocation list being considered invalid. bz#2897; ok dtucker OpenBSD-Commit-ID: d9f3d857d07194a42ad7e62889a74dc3f9d9924b
* upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@markus@openbsd.org2018-07-101-2/+2
| | | | OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
* upstream: switch config file parsing to getline(3) as this avoidsmarkus@openbsd.org2018-06-061-11/+11
| | | | | | static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
* upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org2018-02-261-1/+7
| | | | | | | | | Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
* upstream commitdjm@openbsd.org2017-07-211-2/+1
| | | | | | | remove post-SSHv1 removal dead code from rsa.c and merge the remaining bit that it still used into ssh-rsa.c; ok markus Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
* upstream commitderaadt@openbsd.org2017-06-011-14/+2
| | | | | | | | | Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
* upstream commitmarkus@openbsd.org2017-05-311-23/+21
| | | | | | | | revise sshkey_load_public(): remove ssh1 related comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if 'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@ Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
* upstream commitdjm@openbsd.org2017-05-011-55/+1
| | | | | | unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
* upstream commitderaadt@openbsd.org2017-04-041-2/+2
| | | | | | incorrect renditions of this quote bother me Upstream-ID: 1662be3ebb7a71d543da088119c31d4d463a9e49
* upstream commitdjm@openbsd.org2016-11-291-2/+14
| | | | | | | | | | | | use sshbuf_allocate() to pre-allocate the buffer used for loading keys. This avoids implicit realloc inside the buffer code, which might theoretically leave fragments of the key on the heap. This doesn't appear to happen in practice for normal sized keys, but was observed for novelty oversize ones. Pointed out by Jann Horn of Project Zero; ok markus@ Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1
* upstream commitdjm@openbsd.org2016-04-131-12/+22
| | | | | | | make private key loading functions consistently handle NULL key pointer arguments; ok markus@ Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
* upstream commitmmcc@openbsd.org2015-12-181-5/+3
| | | | | | | | Remove NULL-checks before sshbuf_free(). ok djm@ Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
* upstream commitmmcc@openbsd.org2015-12-181-9/+5
| | | | | | | | Remove NULL-checks before sshkey_free(). ok djm@ Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
* upstream commitmmcc@openbsd.org2015-12-111-3/+2
| | | | | | | | Remove NULL-checks before free(). ok dtucker@ Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
* upstream committim@openbsd.org2015-09-161-3/+3
| | | | | | | | | | - Fix error message: passphrase needs to be at least 5 characters, not 4. - Remove unused function argument. - Remove two unnecessary variables. OK djm@ Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
* upstream commitmarkus@openbsd.org2015-07-151-3/+3
| | | | | | re-enable ed25519-certs if compiled w/o openssl; ok djm Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
* upstream commitdjm@openbsd.org2015-07-151-2/+2
| | | | | | | delete support for legacy v00 certificates; "sure" markus@ dtucker@ Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
* upstream commitdjm@openbsd.org2015-04-291-2/+2
| | | | | s/recommended/required/ that private keys be og-r this wording change was made a while ago but got accidentally reverted
* upstream commitdjm@openbsd.org2015-04-011-1/+3
| | | | fd leak for !ssh1 case; found by unittests; ok markus@
* upstream commitdjm@openbsd.org2015-03-231-1/+1
| | | | | KRL support doesn't need OpenSSL anymore, remove #ifdefs from around call
* upstream commitdjm@openbsd.org2015-02-231-1/+4
| | | | add an XXX to remind me to improve sshkey_load_public
* upstream commitderaadt@openbsd.org2015-01-261-3/+3
| | | | | Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
* more --without-opensslDamien Miller2015-01-141-2/+0
| | | | | | fix some regressions caused by upstream merges enable KRLs now that they no longer require BIGNUMs
* upstream commitdjm@openbsd.org2015-01-081-40/+24
| | | | | | | | | | | | | | | | deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* upstream commitdjm@openbsd.org2014-12-041-10/+48
| | | | | | add RevokedHostKeys option for the client Allow textfile or KRL-based revocation of hostkeys.
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-1103/+318
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller2014-05-151-1/+32
| | | | | | | | | | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* - djm@cvs.openbsd.org 2014/04/28 03:09:18Damien Miller2014-05-151-2/+3
| | | | | | | | [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] [ssh-keygen.c] buffer_get_string_ptr's return should be const to remind callers that futzing with it will futz with the actual buffer contents
* - djm@cvs.openbsd.org 2014/03/12 04:51:12Damien Miller2014-04-201-2/+2
| | | | | [authfile.c] correct test that kdf name is not "none" or "bcrypt"
* - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller2014-02-041-7/+7
| | | | | | | | | | | [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-4/+4
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - djm@cvs.openbsd.org 2013/12/29 04:35:50Damien Miller2013-12-291-1/+2
| | | | | [authfile.c] don't refuse to load Ed25519 certificates
* - [authfile.c] Conditionalise inclusion of util.hDamien Miller2013-12-071-0/+2
|
* - markus@cvs.openbsd.org 2013/12/06 13:39:49Damien Miller2013-12-071-1/+9
| | | | | | | | | | | | [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
* - markus@cvs.openbsd.org 2013/12/06 13:34:54Damien Miller2013-12-071-10/+361
| | | | | | | [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by default; details in PROTOCOL.key; feedback and lots help from djm; ok djm@
* - djm@cvs.openbsd.org 2013/11/21 00:45:44Damien Miller2013-11-211-3/+3
| | | | | | | | | | | | | | | | | | | [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-5/+5
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - djm@cvs.openbsd.org 2013/04/19 01:06:50Damien Miller2013-04-231-3/+3
| | | | | | | | [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] add the ability to query supported ciphers, MACs, key type and KEX algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@
* - markus@cvs.openbsd.org 2013/01/08 18:49:04Damien Miller2013-01-091-3/+3
| | | | | | | [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] [myproposal.h packet.c ssh_config.5 sshd_config.5] support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
* - markus@cvs.openbsd.org 2012/12/11 22:31:18Damien Miller2012-12-121-3/+3
| | | | | | | | | | [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] [packet.c ssh_config.5 sshd_config.5] add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@