summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-agent.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* highly polished whitespace, mostly fixing spaces-for-tab and baddjm2021-04-031-4/+4
| | | | indentation on continuation lines. Prompted by GHPR#185
* factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own functiondjm2021-02-121-41/+59
| | | | and remove an unused variable; ok dtucker@
* memleak on error path; ok markus@djm2021-02-021-2/+2
|
* fix the values of enum sock_typedjm2021-01-291-4/+4
|
* give typedef'd struct a struct name; makes the fuzzer I'm writing a bitdjm2021-01-291-2/+2
| | | | easier
* Logical not bitwise or. ok djm@dtucker2021-01-271-2/+2
|
* Remove unused variables leftover from refactoring. ok djm@dtucker2021-01-261-6/+4
|
* refactor key constraint parsing in ssh-agentdjm2021-01-261-69/+95
| | | | | | | | | | Key constraints parsing code previously existed in both the "add regular key" and "add smartcard key" path. This unifies them but also introduces more consistency checking: duplicated constraints and constraints that are nonsensical for a particular situation (e.g. FIDO provider for a smartcard key) are now banned. ok markus@
* more ssh-agent refactoringdjm2021-01-261-67/+130
| | | | | | | | | | Allow confirm_key() to accept an additional reason suffix Factor publickey userauth parsing out into its own function and allow it to optionally return things it parsed out of the message to its caller. feedback/ok markus@
* use recallocarray to allocate the agent sockets table; also cleardjm2021-01-261-4/+16
| | | | | | | | | socket entries that are being marked as unused. spinkle in some debug2() spam to make it easier to watch an agent do its thing. ok markus
* Change convtime() from returning long to returning int. On platformsdtucker2021-01-111-2/+2
| | | | | | where sizeof(int) != sizeof(long), convtime could accept values >MAX_INT which subsequently truncate when stored in an int during config parsing. bz#3250, ok djm@
* when requesting a security key touch on stderr, inform the user oncedjm2020-11-081-2/+2
| | | | the touch has been recorded; requested by claudio@ ok markus@
* use the new variant log macros instead of prepending __func__ anddjm2020-10-181-95/+77
| | | | appending ssh_err(r) manually; ok markus@
* There are lots of place where we want to redirect stdin, stdoutdjm2020-10-031-10/+4
| | | | | | and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
* handle multiple messages in a single read()djm2020-09-181-6/+13
| | | | PR#183 by Dennis Kaarsemaker; feedback and ok markus@
* support for user-verified FIDO keysdjm2020-08-271-2/+3
| | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@
* some language improvements; ok markusdjm2020-07-051-4/+4
|
* updated argument name for -P in first synopsis was missed in previous;jmc2020-06-221-2/+2
|
* better terminology for permissions; feedback & ok markus@djm2020-06-221-12/+12
|
* Correct synopsis and usage for the options accepted when passing a commanddtucker2020-06-191-2/+4
| | | | to ssh-agent. ok jmc@
* Restrict ssh-agent from signing web challenges for FIDO keys.djm2020-05-261-10/+100
| | | | | | | | | | | | | | | | | When signing messages in ssh-agent using a FIDO key that has an application string that does not start with "ssh:", ensure that the message being signed is one of the forms expected for the SSH protocol (currently pubkey authentication and sshsig signatures). This prevents ssh-agent forwarding on a host that has FIDO keys attached granting the ability for the remote side to sign challenges for web authentication using those keys too. Note that the converse case of web browsers signing SSH challenges is already precluded because no web RP can have the "ssh:" prefix in the application string that we require. ok markus@
* initialize seconds for debug message; ok djmmarkus2020-03-061-2/+2
|
* change explicit_bzero();free() to freezero()jsg2020-02-261-3/+2
| | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@
* Replace "security key" with "authenticator" in program messages.naddy2020-02-061-3/+3
| | | | | | | This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@
* process security key provider via realpath() in agent, avoidsdjm2020-01-251-7/+19
| | | | | | | malicious client from being able to cause agent to load arbitrary libraries into ssh-sk-helper. reported by puck AT puckipedia.com; ok markus
* expose PKCS#11 key labels/X.509 subjects as commentsdjm2020-01-251-6/+13
| | | | | | | | | | | Extract the key label or X.509 subject string when PKCS#11 keys are retrieved from the token and plumb this through to places where it may be used as a comment. based on https://github.com/openssh/openssh-portable/pull/138 by Danielle Church feedback and ok markus@
* Replace all calls to signal(2) with a wrapper around sigaction(2).dtucker2020-01-231-5/+5
| | | | | | This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
* use ssh-sk-helper for all security key signing operationsdjm2019-12-131-140/+20
| | | | | | | | | This extracts and refactors the client interface for ssh-sk-helper from ssh-agent and generalises it for use by the other programs. This means that most OpenSSH tools no longer need to link against libfido2 or directly interact with /dev/uhid* requested by, feedback and ok markus@
* revert previous: naddy pointed out what's meant to happen. rethink needed...jmc2019-11-191-3/+4
|
* -c and -s do not make sense with -k; reshuffle -k into the main synopsis/usage;jmc2019-11-191-4/+3
| | | | ok djm
* additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@naddy2019-11-181-1/+2
|
* always use ssh-sk-helper, even for the internal USB HID support.djm2019-11-161-33/+11
| | | | | | This avoid the need for a wpath pledge in ssh-agent. reported by jmc@
* unshield security key privkey before attempting signature indjm2019-11-151-4/+16
| | | | agent. spotted by dtucker@
* don't consult dlopen whitelist for internal security key provider;djm2019-11-151-2/+4
| | | | spotted by dtucker@
* show the "please touch your security key" notifier when using thedjm2019-11-151-9/+15
| | | | (default) build-in security key support.
* directly support U2F/FIDO2 security keys in OpenSSH by linkingdjm2019-11-141-1/+6
| | | | | | against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging.
* fix shield/unshield for xmss keys:markus2019-11-131-5/+5
| | | | | | | | - in ssh-agent we need to delay the call to shield until we have received key specific options. - when serializing xmss keys for shield we need to deal with all optional components (e.g. state might not be loaded). ok djm@
* security keys typically need to be tapped/touched in order to performdjm2019-11-121-2/+11
| | | | | | | a signature operation. Notify the user when this is expected via the TTY (if available) or $SSH_ASKPASS if we can. ok markus@
* enable ed25519 support; ok djmmarkus2019-11-121-2/+2
|
* Refactor signing - use sshkey_sign for everything, including the newdjm2019-10-311-3/+4
| | | | | | | | | | | U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@
* ssh-agent support for U2F/FIDO keysdjm2019-10-311-19/+199
| | | | feedback & ok markus@
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-5/+5
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* Add protection for private keys at rest in RAM against speculationdjm2019-06-211-2/+5
| | | | | | | | | | | | | | | | | | | | | | | and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@
* process agent requests for RSA certificate private keys using correctdjm2019-06-141-1/+6
| | | | | signature algorithm when requested. Patch from Jakub Jelen in bz3016 ok dtucker markus
* Replace calls to ssh_malloc_init() by a static init of malloc_options.otto2019-06-061-2/+1
| | | | Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
* backoff reading messages from active connections when the input bufferdjm2019-01-221-4/+18
| | | | | is too full to read one, or if the output buffer is too full to enqueue a response; feedback & ok dtucker@
* typo in error message; caught by Debian lintian, via Colin Watsondjm2018-11-091-2/+2
|
* implement EMFILE mitigation for ssh-agent: remember the fd rlimitdjm2018-05-111-11/+49
| | | | | | | and stop accepting new connections when it is exceeded (with some grace). Accept is resumed when enough connections are closed. bz#2576. feedback deraadt; ok dtucker@
* lots of typos in comments/docs. Patch from Karsten Weiss after checkingdjm2018-04-101-2/+2
| | | | with codespell tool (https://github.com/lucasdemarchi/codespell)
* don't kill ssh-agent's listening socket entriely if we fail to accept adjm2018-04-091-4/+3
| | | | connection; bz#2837, patch from Lukas Kuster
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.