summaryrefslogtreecommitdiffstats
path: root/hostfile.h (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-01-21upstream: factor out DH keygen; it's identical between the clientdjm@openbsd.org4-57/+37
and the server from markus@ ok djm@ OpenBSD-Commit-ID: 2be57f6a0d44f1ab2c8de2b1b5d6f530c387fae9
2019-01-21upstream: save the derived session id in kex_derive_keys() ratherdjm@openbsd.org9-97/+17
than making each kex method implementation do it. from markus@ ok djm@ OpenBSD-Commit-ID: d61ade9c8d1e13f665f8663c552abff8c8a30673
2019-01-21upstream: Make sshpkt_get_bignum2() allocate the bignum it isdjm@openbsd.org11-133/+68
parsing rather than make the caller do it. Saves a lot of boilerplate code. from markus@ ok djm@ OpenBSD-Commit-ID: 576bf784f9a240f5a1401f7005364e59aed3bce9
2019-01-21upstream: remove obsolete (SSH v.1) sshbuf_get/put_bignum1djm@openbsd.org2-52/+2
functions from markus@ ok djm@ OpenBSD-Commit-ID: 0380b1b2d9de063de3c5a097481a622e6a04943e
2019-01-21upstream: fix all-zero check in kexc25519_shared_keydjm@openbsd.org1-5/+7
from markus@ ok djm@ OpenBSD-Commit-ID: 60b1d364e0d9d34d1d1ef1620cb92e36cf06712d
2019-01-21upstream: - -T was added to the first synopsis by mistake - sincejmc@openbsd.org1-6/+5
"..." denotes optional, no need to surround it in [] ok djm OpenBSD-Commit-ID: 918f6d8eed4e0d8d9ef5eadae1b8983d796f0e25
2019-01-21Make --with-rpath take a flag instead of yes/no.Darren Tucker1-22/+23
Linkers need various flags for -rpath and similar, so make --with-rpath take an optional flag argument which is passed to the linker. ok djm@
2019-01-21fix previous testDamien Miller1-1/+1
2019-01-21Wrap ECC static globals in EC_KEY_METHOD_NEW too.Darren Tucker1-0/+2
2019-01-21pass TEST_SSH_SSHPKCS11HELPER to regress testsDamien Miller1-0/+1
2019-01-21make agent-pkcs11 search harder for softhsm2.soDamien Miller1-1/+16
2019-01-21upstream: always print the caller's error message in ossl_error(),djm@openbsd.org1-2/+3
even when there are no libcrypto errors to report. OpenBSD-Commit-ID: 09ebaa8f706e0eccedd209775baa1eee2ada806a
2019-01-21upstream: get the ex_data (pkcs11_key object) back from the keys atdjm@openbsd.org1-9/+8
the index at which it was inserted, rather than assuming index 0 OpenBSD-Commit-ID: 1f3a6ce0346c8014e895e50423bef16401510aa8
2019-01-21upstream: GSSAPI code got missed when converting to new packet APIdjm@openbsd.org1-4/+4
OpenBSD-Commit-ID: 37e4f06ab4a0f4214430ff462ba91acba28b7851
2019-01-21Fix -Wunused when compiling PKCS#11 without ECDSADamien Miller1-0/+2
2019-01-21upstream: allow override of ssh-pkcs11-helper binary viadjm@openbsd.org1-1/+5
$TEST_SSH_SSHPKCS11HELPER from markus@ OpenBSD-Regress-ID: 7382a3d76746f5a792d106912a5819fd5e49e469
2019-01-21upstream: adapt agent-pkcs11.sh test to softhsm2 and add supportdjm@openbsd.org1-23/+58
for ECDSA keys work by markus@, ok djm@ OpenBSD-Regress-ID: 1ebc2be0e88eff1b6d8be2f9c00cdc60723509fe
2019-01-21upstream: add "extra:" target to run some extra tests that are notdjm@openbsd.org1-2/+10
enabled by default (currently includes agent-pkcs11.sh); from markus@ OpenBSD-Regress-ID: 9a969e1adcd117fea174d368dcb9c61eb50a2a3c
2019-01-21upstream: use ECDSA_SIG_set0() instead of poking signature values intodjm@openbsd.org1-3/+14
structure directly; the latter works on LibreSSL but not on OpenSSL. From portable. OpenBSD-Commit-ID: 5b22a1919d9cee907d3f8a029167f70a481891c6
2019-01-21remove HAVE_DLOPEN that snuck inDamien Miller1-4/+2
portable doesn't use this
2019-01-21conditionalise ECDSA PKCS#11 supportDamien Miller3-1/+20
Require EC_KEY_METHOD support in libcrypto, evidenced by presence of EC_KEY_METHOD_new() function.
2019-01-21upstream: we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHODdjm@openbsd.org1-7/+3
now, so there is no need to keep a copy of each in the pkcs11_key object. work by markus@, ok djm@ OpenBSD-Commit-ID: 43b4856516e45c0595f17a8e95b2daee05f12faa
2019-01-21upstream: KNF previous; from markus@djm@openbsd.org1-6/+6
OpenBSD-Commit-ID: 3dfe35e25b310c3968b1e4e53a0cb1d03bda5395
2019-01-21upstream: use OpenSSL's RSA reference counting hooks todjm@openbsd.org1-35/+21
implicitly clean up pkcs11_key objects when their owning RSA object's reference count drops to zero. Simplifies the cleanup path and makes it more like ECDSA's work by markus@, ok djm@ OpenBSD-Commit-ID: 74b9c98f405cd78f7148e9e4a4982336cd3df25c
2019-01-21upstream: make the PKCS#11 RSA code more like the new PKCS#11djm@openbsd.org1-16/+29
ECDSA code: use a single custom RSA_METHOD instead of a method per key suggested by me, but markus@ did all the work. ok djm@ OpenBSD-Commit-ID: 8aafcebe923dc742fc5537a995cee549d07e4b2e
2019-01-21upstream: fix leak of ECDSA pkcs11_key objectsdjm@openbsd.org1-2/+21
work by markus, ok djm@ OpenBSD-Commit-ID: 9fc0c4f1d640aaa5f19b8d70f37ea19b8ad284a1
2019-01-21upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access ofdjm@openbsd.org1-4/+3
EC_KEY internals as that won't work on OpenSSL work by markus@, feedback and ok djm@ OpenBSD-Commit-ID: 4a99cdb89fbd6f5155ef8c521c99dc66e2612700
2019-01-21upstream: cleanup PKCS#11 ECDSA pubkey loading: the returneddjm@openbsd.org1-10/+14
object should never have a DER header work by markus; feedback and ok djm@ OpenBSD-Commit-ID: b617fa585eddbbf0b1245b58b7a3c4b8d613db17
2019-01-21upstream: cleanup unnecessary code in ECDSA pkcs#11 signaturedjm@openbsd.org1-25/+16
work by markus@, feedback and ok djm@ OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
2019-01-21upstream: cleanup pkcs#11 client code: use sshkey_new in insteaddjm@openbsd.org1-23/+42
of stack- allocating a sshkey work by markus@, ok djm@ OpenBSD-Commit-ID: a048eb6ec8aa7fa97330af927022c0da77521f91
2019-01-21upstream: allow override of the pkcs#11 helper binary viadjm@openbsd.org1-5/+7
$SSH_PKCS11_HELPER; needed for regress tests. work by markus@, ok me OpenBSD-Commit-ID: f78d8185500bd7c37aeaf7bd27336db62f0f7a83
2019-01-21upstream: add support for ECDSA keys in PKCS#11 tokensdjm@openbsd.org5-236/+1302
Work by markus@ and Pedro Martelletto, feedback and ok me@ OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424
2019-01-21upstream: add option to test whether keys in an agent are usable,djm@openbsd.org2-6/+60
by performing a signature and a verification using each key "ssh-add -T pubkey [...]" work by markus@, ok djm@ OpenBSD-Commit-ID: 931b888a600b6a883f65375bd5f73a4776c6d19b
2019-01-21upstream: Fix BN_is_prime_* calls in SSH, the API returns -1 ontb@openbsd.org1-5/+14
error. Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd by David Benjamin. ok djm, dtucker OpenBSD-Commit-ID: 1ee832be3c44b1337f76b8562ec6d203f3b072f8
2019-01-21upstream: DH-GEX min value is now specified in RFC8270. ok djm@dtucker@openbsd.org1-2/+2
OpenBSD-Commit-ID: 1229d0feb1d0ecefe05bf67a17578b263e991acc
2019-01-20Check for cc before gcc.Darren Tucker1-1/+1
If cc is something other than gcc and is the system compiler prefer using that, unless otherwise told via $CC. ok djm@
2019-01-20last bits of old packet API / active_state globalDamien Miller15-58/+18
2019-01-20remove PAM dependencies on old packet APIDamien Miller6-31/+47
Requires some caching of values, because the PAM code isn't always called with packet context.
2019-01-19remove vestiges of old packet API from loginrec.cDamien Miller6-11/+18
2019-01-19dependDamien Miller1-50/+49
2019-01-19upstream: fix error in refactor: use ssh_packet_disconnect() instead ofdjm@openbsd.org1-4/+6
sshpkt_error(). The first one logs the error and exits (what we want) instead of just logging and blundering on. OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
2019-01-19upstream: remove last traces of old packet API!djm@openbsd.org4-484/+2
with & ok markus@ OpenBSD-Commit-ID: 9bd10437026423eb8245636ad34797a20fbafd7d
2019-01-19upstream: remove last references to active_statedjm@openbsd.org15-88/+90
with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-19upstream: convert monitor.c to new packet APIdjm@openbsd.org5-105/+94
with & ok markus@ OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5
2019-01-19upstream: convert sshd.c to new packet APIdjm@openbsd.org1-30/+39
with & ok markus@ OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891
2019-01-19upstream: convert session.c to new packet APIdjm@openbsd.org1-64/+87
with & ok markus@ OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
2019-01-19upstream: convert auth.c to new packet APIdjm@openbsd.org7-37/+31
with & ok markus@ OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
2019-01-19upstream: convert serverloop.c to new packet APIdjm@openbsd.org1-152/+204
with & ok markus@ OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885
2019-01-19upstream: convert the remainder of sshconnect2.c to new packetdjm@openbsd.org1-49/+46
API with & ok markus@ OpenBSD-Commit-ID: 0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71
2019-01-19upstream: convert the remainder of clientloop.c to new packet APIdjm@openbsd.org1-35/+32
with & ok markus@ OpenBSD-Commit-ID: ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e