| #
c2993daa |
| 30-Apr-2024 |
djm <djm@openbsd.org> |
stricter validation of messaging socket fd number; disallow usage of
stderr. Based on GHPR492 by RealHurrison
|
| #
6f8f255e |
| 11-Jan-2024 |
djm <djm@openbsd.org> |
ensure key_fd is filled when DSA is disabled; spotted by tb@
|
| #
52113de9 |
| 11-Jan-2024 |
djm <djm@openbsd.org> |
make DSA key support compile-time optional, defaulting to on
ok markus@
|
| #
4107c7cc |
| 01-Aug-2022 |
djm <djm@openbsd.org> |
avoid double-free in error path introduced in r1.70;
report and fix based on GHPR#332 by v-rzh
ok dtucker@
|
| #
65d5eb9e |
| 06-Jan-2022 |
djm <djm@openbsd.org> |
make ssh-keysign use the requested signature algorithm and not the
default for the keytype. Part of unbreaking hostbased auth for RSA/SHA2
keys. ok markus@
|
| #
c36b8e7a |
| 13-Nov-2021 |
deraadt <deraadt@openbsd.org> |
It really looks like pledge "stdio dns" is possible earlier.
Discussed with mestre
|
| #
7b0e083b |
| 10-Nov-2021 |
djm <djm@openbsd.org> |
fix ssh-keysign for KEX algorithms that use SHA384/512 exchange hashes;
feedback/ok markus@
|
| #
0c97e03a |
| 05-Jul-2021 |
dtucker <dtucker@openbsd.org> |
Order includes as per style(9). Portable already has these so this
removes a handful of diffs between the two.
|
| #
262b6e20 |
| 17-Dec-2020 |
djm <djm@openbsd.org> |
prepare readconf.c for fuzzing; remove fatal calls and fix some
(one-off) memory leaks; ok markus@
|
| #
48e6b99d |
| 18-Oct-2020 |
djm <djm@openbsd.org> |
use the new variant log macros instead of prepending __func__ and
appending ssh_err(r) manually; ok markus@
|
| #
1f63d3c4 |
| 27-Aug-2020 |
djm <djm@openbsd.org> |
support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing).
support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing). Typically this is done by authenticating
themselves using a PIN that has been set on the token.
This adds support for generating and using user verified keys where
the verification happens via PIN (other options might be added in the
future, but none are in common use now). Practically, this adds
another key generation option "verify-required" that yields a key that
requires a PIN before each authentication.
feedback markus@ and Pedro Martelletto; ok markus@
show more ...
|
| #
d2a7ef38 |
| 18-Nov-2019 |
naddy <naddy@openbsd.org> |
additional missing stdarg.h includes when built without WITH_OPENSSL; ok djm@
|
| #
e3a62e69 |
| 31-Oct-2019 |
djm <djm@openbsd.org> |
Refactor signing - use sshkey_sign for everything, including the new
U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature opera
Refactor signing - use sshkey_sign for everything, including the new
U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
show more ...
|
| #
33afd2d7 |
| 02-Oct-2019 |
djm <djm@openbsd.org> |
remove some duplicate #includes
|
| #
1f96526f |
| 06-Sep-2019 |
djm <djm@openbsd.org> |
fixes for !WITH_OPENSSL compilation; ok dtucker@
|
| #
d04a6061 |
| 06-Sep-2019 |
djm <djm@openbsd.org> |
lots of things were relying on libcrypto headers to transitively
include various system headers (mostly stdlib.h); include them
explicitly
|
| #
1538ccee |
| 14-Jun-2019 |
djm <djm@openbsd.org> |
if passed a bad fd, log what it was
|
| #
eedc3e89 |
| 06-Jun-2019 |
otto <otto@openbsd.org> |
Replace calls to ssh_malloc_init() by a static init of malloc_options.
Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
|
| #
23f959cd |
| 23-Nov-2018 |
djm <djm@openbsd.org> |
add a ssh_config "Match final" predicate
Matches in same pass as "Match canonical" but doesn't require
hostname canonicalisation be enabled. bz#2906 ok markus
|
| #
a01615b1 |
| 27-Jul-2018 |
dtucker <dtucker@openbsd.org> |
Now that ssh can't be setuid, remove the original_real_uid and
original_effective_uid globals and replace with calls to plain getuid().
ok djm@
|
| #
a6be8e7c |
| 23-Feb-2018 |
markus <markus@openbsd.org> |
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)
The code is not compiled in by default (see WITH_XMSS in Makefile.inc)
Joint work with stefan-lukas_gazdag at genua.eu
See
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)
The code is not compiled in by default (see WITH_XMSS in Makefile.inc)
Joint work with stefan-lukas_gazdag at genua.eu
See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12
ok djm@
show more ...
|
| #
b745bc7c |
| 07-Feb-2018 |
dtucker <dtucker@openbsd.org> |
ssh_free checks for and handles NULL args, remove NULL checks from remaining
callers. ok djm@
|
| #
e2395bfa |
| 15-Feb-2016 |
dtucker <dtucker@openbsd.org> |
Add a function to enable security-related malloc_options. With and ok
deraadt@, something similar has been in the snaps for a while.
|
| #
321f30e3 |
| 04-Dec-2015 |
markus <markus@openbsd.org> |
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)
based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt;
with & ok djm@
|
| #
a583677a |
| 29-Nov-2015 |
djm <djm@openbsd.org> |
pledge, better fatal() messages; feedback deraadt@
|