summaryrefslogtreecommitdiffstats
path: root/ssh_api.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: in _ssh_order_hostkeyalgs() consider ECDSA curve type whendjm@openbsd.org2024-10-181-10/+15
| | | | | | | | | arranging the hostkey algorithms. AFAIK this code is unused in OpenSSH, but I guess others are using it based on GHPR387 from Pawel Jakub Dawidek OpenBSD-Commit-ID: 4d462495ac0c40f7b7dd66178e0005b9b2128225
* upstream: pull post-quantum ML-KEM/x25519 key exchange out fromdjm@openbsd.org2024-09-091-5/+1
| | | | | | | | | | | compile-time flag now than an IANA codepoint has been assigned for the algorithm. Add mlkem768x25519-sha256 in 2nd KexAlgorithms preference slot. ok markus@ OpenBSD-Commit-ID: 9f50a0fae7d7ae8b27fcca11f8dc6f979207451a
* upstream: Add experimental support for hybrid post-quantum key exchangedjm@openbsd.org2024-09-021-1/+7
| | | | | | | | | | | | | | | | | | ML-KEM768 with ECDH/X25519 from the Internet-draft: https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 This is based on previous patches from markus@ but adapted to use the final FIPS203 standard ML-KEM using a formally-verified implementation from libcrux. Note this key exchange method is still a draft and thus subject to change. It is therefore disabled by default; set MLKEM=yes to build it. We're making it available now to make it easy for other SSH implementations to test against it. ok markus@ deraadt@ OpenBSD-Commit-ID: 02a8730a570b63fa8acd9913ec66353735dea42c
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-6/+11
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: adapt ssh_api.c code for kex-strictdjm@openbsd.org2024-01-091-2/+12
| | | | | | from markus@ ok me OpenBSD-Commit-ID: 4d9f256852af2a5b882b12cae9447f8f00f933ac
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-3/+3
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_tdjm@openbsd.org2021-01-271-5/+1
| | | | | | | and use that instead of global variables containing copies of it. feedback/ok markus@ OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-2/+2
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: Update/replace the experimental post-quantim hybrid keydjm@openbsd.org2020-12-291-3/+3
| | | | | | | | | | | | | | | | | | | | exchange method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per the authors, sntrup4591761 was replaced almost two years ago by sntrup761. The sntrup761 implementaion, like sntrup4591761 before it, is public domain code extracted from the SUPERCOP cryptography benchmark suite (https://bench.cr.yp.to/supercop.html). Thanks for Daniel J Bernstein for guidance on algorithm selection. Patch from Tobias Heider; feedback & ok markus@ and myself (note this both the updated method and the one that it replaced are disabled by default) OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
* upstream: make ssh_free(NULL) a no-opdjm@openbsd.org2020-12-041-1/+4
| | | | OpenBSD-Commit-ID: 42cb285d94789cefe6608db89c63040ab0a80fa0
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-10/+10
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-5/+5
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: free kex in ssh_packet_close; ok djm semariemarkus@openbsd.org2020-07-031-4/+2
| | | | OpenBSD-Commit-ID: dbc181e90d3d32fd97b10d75e68e374270e070a2
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-10-311-4/+5
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* upstream: Plug mem leaks on error paths, based in part on githubdtucker@openbsd.org2019-09-131-15/+19
| | | | | | pr#120 from David Carlier. ok djm@. OpenBSD-Commit-ID: c57adeb1022a8148fc86e5a88837b3b156dbdb7e
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-1/+6
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+6
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* upstream: rename kex->kem_client_pub -> kex->client_pub now thatdjm@openbsd.org2019-01-211-17/+17
| | | | | | | | KEM has been renamed to kexgen from markus@ ok djm@ OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
* upstream: use KEM API for vanilla ECDHdjm@openbsd.org2019-01-211-3/+3
| | | | | | from markus@ ok djm@ OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
* upstream: use KEM API for vanilla DH KEXdjm@openbsd.org2019-01-211-11/+11
| | | | | | from markus@ ok djm@ OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
* upstream: use KEM API for vanilla c25519 KEXdjm@openbsd.org2019-01-211-3/+3
| | | | OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
* upstream: Add support for a PQC KEX/KEM:djm@openbsd.org2019-01-211-1/+3
| | | | | | | | | | | | sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@ OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
* upstream: remove last references to active_statedjm@openbsd.org2019-01-191-7/+8
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
* upstream: move client/server SSH-* banners to buffers underdjm@openbsd.org2018-12-271-55/+70
| | | | | | | | | | | | | ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
* refactor libcrypto initialisationDamien Miller2018-11-231-3/+1
| | | | | | | | | | Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
* Include openssl compatibility.Darren Tucker2018-10-221-0/+2
| | | | Patch from rosenp at gmail.com via openssh-unix-dev.
* upstream commitdjm@openbsd.org2017-05-011-2/+1
| | | | | | | | remove compat20/compat13/compat15 variables ok markus@ Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
* upstream commitmarkus@openbsd.org2016-05-191-3/+1
| | | | | | | move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
* upstream commitdjm@openbsd.org2016-05-021-1/+7
| | | | | | | | | | | | | | add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
* upstream commitmarkus@openbsd.org2015-12-071-8/+8
| | | | | | | | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
* Repair for non-ECC OpenSSL.Darren Tucker2015-02-221-0/+4
| | | | | Ifdef out the ECC parts when building with an OpenSSL that doesn't have it.
* repair --without-openssl; broken in refactorDamien Miller2015-02-181-0/+2
|
* upstream commitdjm@openbsd.org2015-02-161-3/+4
| | | | | | | | | | | | Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
* upstream commitdjm@openbsd.org2015-01-301-2/+3
| | | | | avoid more fatal/exit in the packet.c paths that ssh-keyscan uses; feedback and "looks good" markus@
* upstream commitdjm@openbsd.org2015-01-261-7/+9
| | | | | | | | | correctly match ECDSA subtype (== curve) for offered/recevied host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with different curve type (an extremely unlikely configuration). ok markus, "looks mechanical" deraadt@
* upstream commitmarkus@openbsd.org2015-01-191-0/+527
add experimental api for packet layer; ok djm@
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 06:48:09 +0100