summaryrefslogtreecommitdiffstats
path: root/ssh-pkcs11-helper.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* more OPENSSL_HAS_ECCDamien Miller2024-08-161-0/+6
|
* upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.djm@openbsd.org2024-08-151-34/+49
| | | | | | | | | | | | DSA remains unconverted as it will be removed within six months. Based on patches originally from Dmitry Belyavskiy, but significantly reworked based on feedback from Bob Beck, Joel Sing and especially Theo Buehler (apologies to anyone I've missed). ok tb@ OpenBSD-Commit-ID: d098744e89f1dc7e5952a6817bef234eced648b5
* upstream: check for POLLHUP wherever we check for POLLINdjm@openbsd.org2021-11-181-2/+2
| | | | OpenBSD-Commit-ID: 6aa6f3ec6b17c3bd9bfec672a917f003a76d93e5
* upstream: remove a bunch of %p in format strings; leftovers ofdjm@openbsd.org2021-08-111-2/+3
| | | | | | debuggings past. prompted by Michael Forney, ok dtucker@ OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
* Remove some whitespace not in upstream.Darren Tucker2021-07-031-1/+0
| | | | Reduces diff vs OpenBSD by a small amount.
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-41/+31
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: remove unused variables in ssh-pkcs11-helper; ok djmmarkus@openbsd.org2020-03-131-8/+2
| | | | OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1
* upstream: expose PKCS#11 key labels/X.509 subjects as commentsdjm@openbsd.org2020-01-251-8/+13
| | | | | | | | | | | | | Extract the key label or X.509 subject string when PKCS#11 keys are retrieved from the token and plumb this through to places where it may be used as a comment. based on https://github.com/openssh/openssh-portable/pull/138 by Danielle Church feedback and ok markus@ OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
* Wrap poll.h includes in HAVE_POLL_H.Darren Tucker2019-10-281-0/+2
|
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-1/+18
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-071-2/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* Fix building w/out ECC.Darren Tucker2019-05-171-0/+2
| | | | | Ifdef out ECC specific code so that that it'll build against an OpenSSL configured w/out ECC. With & ok djm@
* upstream: Move a variable declaration to the block where it's useddtucker@openbsd.org2019-05-171-3/+3
| | | | | | to make things a little tidier for -portable. OpenBSD-Commit-ID: 616379861be95619e5358768b7dee4793e2f3a75
* upstream: switch mainloop from select(2) to poll(2); ok deraadt@djm@openbsd.org2019-01-231-23/+19
| | | | OpenBSD-Commit-ID: 37645419a330037d297f6f0adc3b3663e7ae7b2e
* upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn updjm@openbsd.org2019-01-211-5/+23
| | | | | | | | | | | | debug verbosity. Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run in debug mode ("ssh-agent -d"), so we get to see errors from the PKCS#11 code. ok markus@ OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d
* upstream: add support for ECDSA keys in PKCS#11 tokensdjm@openbsd.org2019-01-211-10/+30
| | | | | | Work by markus@ and Pedro Martelletto, feedback and ok me@ OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424
* upstream commitmarkus@openbsd.org2018-01-231-78/+105
| | | | | | switch ssh-pkcs11-helper to new API; ok djm@ OpenBSD-Commit-ID: e0c0ed2a568e25b1d2024f3e630f3fea837c2a42
* upstream commitmarkus@openbsd.org2017-05-311-7/+7
| | | | | | switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
* upstream commitdtucker@openbsd.org2016-02-161-1/+2
| | | | | | | Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while. Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
* upstream commitderaadt@openbsd.org2015-08-211-3/+3
| | | | | | | Do not cast result of malloc/calloc/realloc* if stdlib.h is in scope ok krw millert Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
* upstream commitderaadt@openbsd.org2015-01-261-2/+1
| | | | | Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
* upstream commitdjm@openbsd.org2014-12-111-1/+2
| | | | | explicitly include sys/param.h in files that use the howmany() macro; from portable
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-2/+6
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - djm@cvs.openbsd.org 2013/12/02 02:56:17Damien Miller2013-12-051-2/+3
| | | | | [ssh-pkcs11-helper.c] use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-12/+11
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - dtucker@cvs.openbsd.org 2013/05/10 10:13:50Darren Tucker2013-05-161-2/+1
| | | | | [ssh-pkcs11-helper.c] remove unused extern optarg. ok markus@
* - dtucker@cvs.openbsd.org 2012/07/02 12:13:26Darren Tucker2012-07-021-3/+3
| | | | | [ssh-pkcs11-helper.c sftp-client.c] fix a couple of "assigned but not used" warnings. ok markus@
* - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]Damien Miller2011-05-051-1/+0
| | | | | | | | | [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.
* - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fixDamien Miller2010-03-131-2/+2
| | | | | compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot AT fefe.de
* - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functionsTim Rice2010-02-281-3/+3
| | | | to make older compilers (gcc 2.95) happy.
* - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seededDamien Miller2010-02-271-0/+2
|
* - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]Damien Miller2010-02-241-0/+1
| | | | [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
* - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]Damien Miller2010-02-121-0/+15
| | | | Use ssh_get_progname to fill __progname
* - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]Damien Miller2010-02-111-2/+7
| | | | Make it compile on OSX
* - markus@cvs.openbsd.org 2010/02/08 10:50:20Damien Miller2010-02-111-0/+349
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5] replace our obsolete smartcard code with PKCS#11. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev `
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 16:32:59 +0100