summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-keysign.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* prepare readconf.c for fuzzing; remove fatal calls and fix somedjm2020-12-171-2/+2
| | | | (one-off) memory leaks; ok markus@
* use the new variant log macros instead of prepending __func__ anddjm2020-10-181-26/+27
| | | | appending ssh_err(r) manually; ok markus@
* support for user-verified FIDO keysdjm2020-08-271-2/+2
| | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@
* additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@naddy2019-11-181-1/+2
|
* Refactor signing - use sshkey_sign for everything, including the newdjm2019-10-311-3/+3
| | | | | | | | | | | U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@
* remove some duplicate #includesdjm2019-10-021-2/+1
|
* fixes for !WITH_OPENSSL compilation; ok dtucker@djm2019-09-061-3/+5
|
* lots of things were relying on libcrypto headers to transitivelydjm2019-09-061-1/+2
| | | | | include various system headers (mostly stdlib.h); include them explicitly
* if passed a bad fd, log what it wasdjm2019-06-141-2/+2
|
* Replace calls to ssh_malloc_init() by a static init of malloc_options.otto2019-06-061-2/+1
| | | | Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
* add a ssh_config "Match final" predicatedjm2018-11-231-2/+3
| | | | | Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus
* Now that ssh can't be setuid, remove the original_real_uid anddtucker2018-07-271-6/+2
| | | | | original_effective_uid globals and replace with calls to plain getuid(). ok djm@
* Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)markus2018-02-231-2/+3
| | | | | | | The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@
* ssh_free checks for and handles NULL args, remove NULL checks from remainingdtucker2018-02-071-2/+2
| | | | callers. ok djm@
* Add a function to enable security-related malloc_options. With and okdtucker2016-02-151-1/+2
| | | | deraadt@, something similar has been in the snaps for a while.
* implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)markus2015-12-041-2/+3
| | | | | based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@
* pledge, better fatal() messages; feedback deraadt@djm2015-11-291-7/+16
|
* add an XXX reminder for getting correct key paths from sshd_configdjm2015-07-031-1/+2
|
* consistent check for NULL as noted by Nicholas Lemonias; ok djm@markus2015-03-241-2/+2
|
* update to new API (key_fingerprint => sshkey_fingerprint)djm2015-01-281-3/+4
| | | | | check sshkey_fingerprint return values; ok markus
* sync ssh-keysign, ssh-keygen and some dependencies to the newdjm2015-01-151-52/+68
| | | | buffer/key API; mostly mechanical, ok markus@
* deprecate key_load_private_pem() and sshkey_load_private_pem()djm2015-01-081-8/+13
| | | | | | | | | | | | | | | interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-2/+3
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* Tweak config reparsing with host canonicalisationdjm2014-10-081-2/+2
| | | | | | | | | | | | | | | | Make the second pass through the config files always run when hostname canonicalisation is enabled. Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T" Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored). bz#2267 bz#2286; ok markus
* make compiling against OpenSSL optional (make OPENSSL=no);markus2014-04-291-1/+4
| | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* Delete futile calls to RAND_seed. ok djmtedu2014-04-191-5/+1
|
* include fingerprint of key not founddjm2014-04-011-6/+8
| | | | use arc4random_buf() instead of loop+arc4random()
* support ed25519 keys (hostkeys and user identities) using the public domainmarkus2013-12-061-2/+3
| | | | | ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
* add a "Match" keyword to ssh_config that allows matching on hostname,djm2013-10-141-2/+2
| | | | user and result of arbitrary commands. "nice work" markus@
* bye, bye xfree(); ok markus@djm2013-05-171-10/+10
|
* make hostbased auth with ECDSA keys work correctly. Based on patchdjm2011-02-161-8/+15
| | | | by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
* reintroduce commit from tedu@, which I pulled out for release engineering:djm2010-08-311-2/+2
| | | | | OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
* backout previous temporarily; discussed with deraadt@djm2010-08-161-2/+2
|
* OpenSSL_add_all_algorithms is the name of the function we have a man pagetedu2010-08-121-2/+2
| | | | for, so use that. ok djm
* clean for -Wuninitializeddjm2010-08-041-2/+2
|
* enable certificates for hostbased authentication, from Iain Morgan;djm2010-08-041-2/+2
| | | | "looks ok" markus@
* Make HostBased authentication work with a ProxyCommand. bz #1569, patchdtucker2010-01-131-2/+2
| | | | from imorgan at nas nasa gov, ok djm@
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-4/+2
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdlib.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+2
|
* move #include <unistd.h> out of includes.hstevesk2006-07-171-1/+2
|
* move #include <fcntl.h> out of includes.hstevesk2006-07-091-1/+2
|
* move #include <pwd.h> out of includes.h; ok markus@stevesk2006-07-061-2/+5
|
* sessionid can be 32 bytes now too when sha256 kex is used; ok djm@dtucker2006-04-021-3/+3
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* RCSID() can diederaadt2006-03-191-1/+0
|
* move #include <paths.h> out of includes.h; ok markus@stevesk2006-02-081-1/+3
|
* ensure that stdio fds are attached; ok deraadt@djm2005-09-131-1/+8
|
* Remove duplicate getuid(), suggested by & ok markus@dtucker2004-08-231-3/+3
|
* Use permanently_set_uid() in ssh and ssh-keysign for consistency, matchesdtucker2004-08-231-7/+7
| | | | change in Portable; ok markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.