summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-agent.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* no need to include the old buffer/key APImarkus2015-07-081-4/+1
|
* Use a salted hash of the lock passphrase instead of plain text and dodtucker2015-05-151-13/+40
| | | | | | constant-time comparisons of it. Should prevent leaking any information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s incrementing delay for each failed unlock attempt up to 10s. ok markus@ (earlier version), djm@
* combine -Dd onto one line and update usage();jmc2015-04-241-2/+2
|
* add ssh-agent -D to leave ssh-agent in foreground without enablingdjm2015-04-241-8/+15
| | | | debug mode; bz#2381 ok dtucker@
* rename xrealloc() to xreallocarray() since it follows that form.deraadt2015-04-241-2/+2
| | | | ok djm
* make ssh-add -D work with !SSH1 agentdjm2015-03-041-3/+3
|
* add SSH1 Makefile knob to make it easier to build without SSH1 support;djm2015-03-031-1/+3
| | | | ok markus@
* update to new API (key_fingerprint => sshkey_fingerprint)djm2015-01-281-2/+3
| | | | | check sshkey_fingerprint return values; ok markus
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-4/+5
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* fix small regression: ssh-agent would return a success messagedjm2015-01-141-14/+23
| | | | | but an empty signature if asked to sign using an unknown key; ok markus@
* switch to sshbuf/sshkey; with & ok djm@markus2015-01-141-212/+308
|
* tweak previous;jmc2014-12-211-3/+3
|
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-4/+11
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* Nuke more obvious #include duplications.krw2014-11-181-2/+1
| | | | ok deraadt@ millert@ tedu@
* Clear buffer used for handling messages. This prevents keys beingdtucker2014-07-251-1/+2
| | | | | | left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
* restore umask around listener socket creation (dropped in streamlocal patchdjm2014-07-181-1/+5
| | | | merge)
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-16/+3
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* Only cleanup agent socket in the main agent process and not in anydjm2014-07-031-1/+9
| | | | | | subprocesses it may have started (e.g. forked askpass). Fixes agent sockets being zapped when askpass processes fatal(); bz#2236 patch from Dmitry V. Levin
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-8/+16
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* make compiling against OpenSSL optional (make OPENSSL=no);markus2014-04-291-1/+11
| | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* Improve usage() and documentation towards the standard form. In particular,deraadt2014-03-151-10/+5
| | | | | | | this line saves a lot of man page reading time. usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile] ok schwarze jmc
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-3/+3
|
* replace openssl MD5 with our ssh_digest_*; ok djm@markus2014-01-271-7/+9
|
* bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agentdjm2013-12-191-1/+4
| | | | | that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; ok dtucker
* support ed25519 keys (hostkeys and user identities) using the public domainmarkus2013-12-061-1/+2
| | | | | ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
* new private key format, bcrypt as KDF by default; details in PROTOCOL.key;markus2013-12-061-2/+1
| | | | feedback and lots help from djm; ok djm@
* move private key (de)serialization to key.c; ok djmmarkus2013-12-061-117/+11
|
* call cleanup_handler on SIGINT when in debug mode to ensure socketsdjm2013-07-201-3/+2
| | | | are cleaned up on manual exit; bz#2120
* Make parent_alive_interval time_t to avoid signed/unsigned comparisondtucker2013-06-021-2/+2
|
* Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things likedtucker2013-06-011-6/+6
| | | | | keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* Use time_t where appropriate. ok djmdtucker2013-05-311-9/+12
|
* bye, bye xfree(); ok markus@djm2013-05-171-35/+28
|
* Check current parent process ID against saved one to determine if the parentdtucker2011-06-031-2/+6
| | | | | | has exited, rather than attempting to send a zero signal, since the latter won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn Gillmor, ok djm@
* honour $TMPDIR for client xauth and ssh-agent temporary directories;djm2010-11-211-2/+2
| | | | feedback and ok markus@
* reintroduce commit from tedu@, which I pulled out for release engineering:djm2010-08-311-2/+2
| | | | | OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) anddjm2010-08-311-3/+57
| | | | | | | | | | | | | | | | | host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
* backout previous temporarily; discussed with deraadt@djm2010-08-161-2/+2
|
* OpenSSL_add_all_algorithms is the name of the function we have a man pagetedu2010-08-121-2/+2
| | | | for, so use that. ok djm
* revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with thedjm2010-04-161-1/+4
| | | | | | | | | | | | | | | | | | following changes: move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix attacks on the signature hash Rename "constraints" field to "critical options" Add a new non-critical "extensions" field Add a serial number The older format is still support for authentication and cert generation (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate) ok markus@
* Add support for certificate key types for users and hosts.djm2010-02-261-1/+23
| | | | | | | | | | | | | | | | | | | | | | | | OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
* fallout from PKCS#11: unbreak -Ddjm2010-02-091-2/+3
|
* replace our obsolete smartcard code with PKCS#11.markus2010-02-081-50/+51
| | | | | | | | | ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev
* fix a race condition in ssh-agent that could result in a wedged ordjm2009-09-011-19/+13
| | | | | | | spinning agent: don't read off the end of the allocated fd_sets, and don't issue blocking read/write on agent sockets - just fall back to select() on retriable read/write errors. bz#1633 reported and tested by "noodle10000 AT googlemail.com"; ok dtucker@ markus@
* My previous commit didn't fix the problem at all, so stick at my firsttobias2009-03-231-3/+4
| | | | | | | | version of the fix presented to dtucker. Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). ok dtucker
* Fixed a possible out-of-bounds memory access if the environment variabletobias2009-03-231-2/+2
| | | | | | SHELL is shorter than 3 characters. with input by and ok dtucker
* reset global compat flag after processing a protocol 2 signaturedjm2008-06-281-1/+4
| | | | request with the legacy DSA encoding flag set; ok markus
* refuse to add a key that has unknown constraints specified;djm2008-06-281-8/+16
| | | | ok markus
* When adding a key that already exists, update the propertiescanacar2007-09-251-7/+8
| | | | (time, confirm, comment) instead of discarding them. ok djm@ markus@
* sort synopsis and options in ssh-agent(1); usage is lowercasesobrado2007-09-091-2/+2
| | | | ok jmc@
* Remove the signal handler that checks if the agent's parent processdtucker2007-03-191-25/+41
| | | | | | | has gone away, instead check when the select loop returns. Record when the next key will expire when scanning for expired keys. Set the select timeout to whichever of these two things happens next. With djm@, with & ok deraadt@ markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.