summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshkey.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* argument to sshkey_from_private() and sshkey_demote() can't be NULLdjm2015-10-151-7/+3
|
* - Fix error message: passphrase needs to be at least 5 characters, not 4.tim2015-09-131-13/+7
| | | | | | | - Remove unused function argument. - Remove two unnecessary variables. OK djm@
* Fix occurrences of "r = func() != 0" which result in the wrong errorjsg2015-09-021-11/+11
| | | | | | codes being returned due to != having higher precedence than =. ok deraadt@ markus@
* fix double-free() in error path of DSA key generation reported bydjm2015-08-191-2/+1
| | | | Mateusz Kocielski; ok markus@
* delete support for legacy v00 certificates; "sure" markus@ dtucker@djm2015-07-031-92/+16
|
* refactor: split base64 encoding of pubkey into its owndjm2015-05-211-75/+99
| | | | | sshkey_to_base64() function and out of sshkey_write(); ok markus@
* don't choke on new-format private keys encrypted with an AEAD cipher;djm2015-05-081-4/+11
| | | | bz#2366, patch from Ron Frederick; ok markus@
* Remove pattern length argument from match_pattern_list(),djm2015-05-041-2/+2
| | | | | | | | | | we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* correct return value in pubkey parsing, spotted by Ben Hawkesdjm2015-04-031-7/+7
| | | | ok markus@
* fix sshkey_certify() return value for unsupported key types;djm2015-03-061-1/+2
| | | | ok markus@ deraadt@
* small refactor and add some convenience functions;djm2015-01-261-35/+75
| | | | ok markus
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-2/+3
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* avoid an warning for the !OPENSSL casedjm2015-01-141-5/+5
|
* add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypesdjm2015-01-131-5/+27
| | | | | options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
* unbreak parsing of pubkey comments; with gerhard; ok djm/deraadtmarkus2015-01-121-9/+9
|
* allow WITH_OPENSSL w/o WITH_SSH1; ok djm@markus2015-01-121-3/+7
|
* deprecate key_load_private_pem() and sshkey_load_private_pem()djm2015-01-081-19/+7
| | | | | | | | | | | | | | | interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-38/+76
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* better error value for invalid signature lengthdjm2014-12-101-5/+2
|
* fix NULL pointer dereference crash in key loadingdjm2014-11-181-5/+3
| | | | found by Michal Zalewski's AFL fuzzer
* parse cert sections using nested buffers to reduce copies; ok markusdjm2014-10-081-51/+47
|
* make Ed25519 keys' title fit properly in the randomart border; bz#2247djm2014-07-031-8/+17
| | | | based on patch from Christian Hesse
* fix loading of private keysmarkus2014-06-271-4/+4
|
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-0/+3789
existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.