summaryrefslogtreecommitdiffstats
path: root/ssh-keysign.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: stricter validation of messaging socket fd number; disallowdjm@openbsd.org2024-04-301-2/+2
| | | | | | usage of stderr. Based on GHPR492 by RealHurrison OpenBSD-Commit-ID: 73dbbe82ea16f73ce1d044d3232bc869ae2f2ce8
* upstream: ensure key_fd is filled when DSA is disabled; spotted bydjm@openbsd.org2024-01-111-1/+4
| | | | | | tb@ OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7
* upstream: make DSA key support compile-time optional, defaulting todjm@openbsd.org2024-01-111-1/+3
| | | | | | | | on ok markus@ OpenBSD-Commit-ID: 4f8e98fc1fd6de399d0921d5b31b3127a03f581d
* upstream: avoid double-free in error path introduced in r1.70; reportdjm@openbsd.org2022-08-011-4/+2
| | | | | | and fix based on GHPR#332 by v-rzh ok dtucker@ OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
* upstream: make ssh-keysign use the requested signature algorithmdjm@openbsd.org2022-01-061-9/+20
| | | | | | | and not the default for the keytype. Part of unbreaking hostbased auth for RSA/SHA2 keys. ok markus@ OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
* upstream: It really looks like pledge "stdio dns" is possiblederaadt@openbsd.org2021-11-171-4/+4
| | | | | | earlier. Discussed with mestre OpenBSD-Commit-ID: 610873de63a593e0ac7bbbcb7a0f2894d36f4c01
* upstream: fix ssh-keysign for KEX algorithms that use SHA384/512djm@openbsd.org2021-11-101-3/+6
| | | | | | exchange hashes; feedback/ok markus@ OpenBSD-Commit-ID: 09a8fda1c081f5de1e3128df64f28b7bdadee239
* upstream: Order includes as per style(9). Portable already hasdtucker@openbsd.org2021-07-081-1/+1
| | | | | | these so this removes a handful of diffs between the two. OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
* upstream: prepare readconf.c for fuzzing; remove fatal calls anddjm@openbsd.org2020-12-211-2/+2
| | | | | | fix some (one-off) memory leaks; ok markus@ OpenBSD-Commit-ID: 91c6aec57b0e7aae9190de188e9fe8933aad5ec5
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-26/+27
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-2/+2
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org2019-11-191-1/+1
| | | | | | WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-10-311-3/+3
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* remove duplicate #includesDamien Miller2019-10-021-1/+0
| | | | Prompted by Jakub Jelen
* upstream: remove some duplicate #includesdjm@openbsd.org2019-10-021-2/+1
| | | | OpenBSD-Commit-ID: ed6827ab921eff8027669848ef4f70dc1da4098c
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-1/+1
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* Add headers to prevent warnings w/out OpenSSL.Darren Tucker2019-07-231-0/+1
|
* upstream: if passed a bad fd, log what it wasdjm@openbsd.org2019-06-141-2/+2
| | | | OpenBSD-Commit-ID: 582e2bd05854e49365195b58989b68ac67f09140
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-071-2/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* last bits of old packet API / active_state globalDamien Miller2019-01-201-2/+0
|
* upstream: add a ssh_config "Match final" predicatedjm@openbsd.org2018-11-231-2/+3
| | | | | | | Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
* refactor libcrypto initialisationDamien Miller2018-11-231-9/+0
| | | | | | | | | | Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
* Include openssl compatibility.Darren Tucker2018-10-221-0/+1
| | | | Patch from rosenp at gmail.com via openssh-unix-dev.
* upstream: Now that ssh can't be setuid, remove thedtucker@openbsd.org2018-07-311-8/+2
| | | | | | | original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@ OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
* upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org2018-02-261-2/+3
| | | | | | | | | Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
* upstream commitdtucker@openbsd.org2018-02-091-2/+2
| | | | | | | ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
* upstream commitdtucker@openbsd.org2016-02-161-1/+2
| | | | | | | Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while. Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
* upstream commitmarkus@openbsd.org2015-12-071-2/+3
| | | | | | | | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
* upstream commitdjm@openbsd.org2015-11-291-7/+16
| | | | | | pledge, better fatal() messages; feedback deraadt@ Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
* upstream commitdjm@openbsd.org2015-07-151-1/+2
| | | | | | | add an XXX reminder for getting correct key paths from sshd_config Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
* upstream commitmarkus@openbsd.org2015-03-271-2/+2
| | | | | consistent check for NULL as noted by Nicholas Lemonias; ok djm@
* upstream commitdjm@openbsd.org2015-01-291-3/+4
| | | | | update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
* these need active_state defined to link on OSXDamien Miller2015-01-271-0/+2
| | | | temporary measure until active_state goes away entirely
* upstream commitdjm@openbsd.org2015-01-151-52/+68
| | | | | sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@
* support --without-openssl at configure timeDamien Miller2015-01-141-0/+6
| | | | | | | | Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
* upstream commitdjm@openbsd.org2015-01-081-8/+13
| | | | | | | | | | | | | | | | deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* upstream commitdjm@openbsd.org2014-12-211-2/+3
| | | | | | | | Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* upstream commitdjm@openbsd.org2014-10-131-2/+2
| | | | | | | | | | | | | | | | | | Tweak config reparsing with host canonicalisation Make the second pass through the config files always run when hostname canonicalisation is enabled. Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T" Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored). bz#2267 bz#2286; ok markus
* - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller2014-05-151-1/+4
| | | | | | | | | | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* - tedu@cvs.openbsd.org 2014/04/19 14:53:48Damien Miller2014-04-201-1/+1
| | | | | | [ssh-keysign.c sshd.c] Delete futile calls to RAND_seed. ok djm NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
* - djm@cvs.openbsd.org 2014/04/01 02:05:27Damien Miller2014-04-201-6/+8
| | | | | | [ssh-keysign.c] include fingerprint of key not found use arc4random_buf() instead of loop+arc4random()
* - markus@cvs.openbsd.org 2013/12/06 13:39:49Damien Miller2013-12-071-2/+3
| | | | | | | | | | | | [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
* - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] RemoveDamien Miller2013-10-261-1/+0
| | | | | | unnecessary arc4random_stir() calls. The only ones left are to ensure that the PRNG gets a different state after fork() for platforms that have broken the API.
* - djm@cvs.openbsd.org 2013/10/14 22:22:05Damien Miller2013-10-151-2/+2
| | | | | | [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] add a "Match" keyword to ssh_config that allows matching on hostname, user and result of arbitrary commands. "nice work" markus@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-10/+10
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]Damien Miller2011-05-051-1/+0
| | | | | | | | | [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.
* - djm@cvs.openbsd.org 2011/02/16 00:31:14Damien Miller2011-02-171-8/+15
| | | | | | [ssh-keysign.c] make hostbased auth with ECDSA keys work correctly. Based on patch by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
* - djm@cvs.openbsd.org 2010/08/31 12:33:38Damien Miller2010-09-101-2/+2
| | | | | | | | [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] reintroduce commit from tedu@, which I pulled out for release engineering: OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
* - djm@cvs.openbsd.org 2010/08/16 04:06:06Damien Miller2010-08-311-2/+2
| | | | | [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] backout previous temporarily; discussed with deraadt@
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 18:30:53 +0100