Age | Commit message (Collapse) | Author |
|
speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer
and Rambleed. This change encrypts private keys when they are not in use with
a symmetic key that is derived from a relatively large "prekey" consisting of
random data (currently 16KB).
Attackers must recover the entire prekey with high accuracy before
they can attempt to decrypt the shielded private key, but the current
generation of attacks have bit error rates that, when applied
cumulatively to the entire prekey, make this unlikely.
Implementation-wise, keys are encrypted "shielded" when loaded and then
automatically and transparently unshielded when used for signatures or
when being saved/serialised.
Hopefully we can remove this in a few years time when computer
architecture has become less unsafe.
been in snaps for a bit already; thanks deraadt@
ok dtucker@ deraadt@
OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
|
|
an uninitialised variable; spotted by dtucker@
OpenBSD-Commit-ID: 02802018784250f68202f01c8561de82e17b0638
|
|
optional, not local-path - sync help
from deraadt:
- prefer -R and undocument -r (but add a comment for future editors)
from schwarze:
- prefer -p and undocument -P (as above. the comment was schwarze's too)
more:
- add the -f flag to reput and reget
- sort help (i can;t remember who suggested this originally)
djm and deraadt were ok with earlier versions of this;
tim and schwarze ok
OpenBSD-Commit-ID: 3c699b53b46111f5c57eed4533f132e7e58bacdd
|
|
resolve to LONG_MAX Reported by Kirk Wolf bz2977; ok dtucker
OpenBSD-Regress-ID: 15c9fe87be1ec241d24707006a31123d3a3117e0
|
|
OpenBSD-Regress-ID: 69d5b6f278e04ed32377046f7692c714c2d07a68
|
|
OpenBSD-Regress-ID: d4c34916fe20d717692f10ef50b5ae5a271c12c7
|
|
Patch from mforney at mforney.org.
|
|
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow
on 32bit platforms which cause incorrect results when adding a block
>=512M in size. sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@
|
|
Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct
ok deraadt@
|
|
|
|
in hash Final and End functions. OK deraadt@ djm@
|
|
specifies multiple -J options on the commandline. bz3015 ok dtucker@
OpenBSD-Commit-ID: 181c15a65cac3b575819bc8d9a56212c3c748179
|
|
correct signature algorithm when requested. Patch from Jakub Jelen in bz3016
ok dtucker markus
OpenBSD-Commit-ID: 61f86efbeb4a1857a3e91298c1ccc6cf49b79624
|
|
files before consulting AuthorizedKeysCommand; ok dtucker markus
OpenBSD-Commit-ID: 13652998bea5cb93668999c39c3c48e8429db8b3
|
|
OpenBSD-Commit-ID: 582e2bd05854e49365195b58989b68ac67f09140
|
|
dtucker
OpenBSD-Commit-ID: 4ade73629ede63b691f36f9a929f943d4e7a44e4
|
|
the "Hostname" and "X11UseLocalhost" keywords; this makes things consistent
(effectively reversing my commit of yesterday);
ok deraadt markus djm
OpenBSD-Commit-ID: 255c02adb29186ac91dcf47dfad7adb1b1e54667
|
|
tirkkonen
OpenBSD-Commit-ID: 0c267a1257ed7482b13ef550837b6496e657d563
|
|
Patch from knweiss at gmail.com via github pull req #97 (portable-
specific parts).
|
|
Patch from knweiss at gmail.com via -portable.
OpenBSD-Commit-ID: 2577465442f761a39703762c4f87a8dfcb918b4b
|
|
|
|
allows user@[1.2.3.4] to work without a path in addition to with one.
bz#2999, ok djm@
OpenBSD-Commit-ID: d989217110932490ba8ce92127a9a6838878928b
|
|
malloc_options. Prepares for changes in the way malloc is initialized. ok
guenther@ dtucker@
OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
|
|
caused by a typo (STDIN_FILENO vs STDERR_FILENO)
OpenBSD-Commit-ID: 57a0b4be7bef23963afe24150e24bf014fdd9cb0
|
|
changing a key pair's comments (using -c and -C) more applicable to both
methods. ok and suggestions djm@ dtucker@
OpenBSD-Commit-ID: b379338118109eb36e14a65bc0a12735205b3de6
|
|
|
|
POSIX specifies that when given a symlink, AT_SYMLINK_NOFOLLOW should
update the symlink and not the destination. The compat code doesn't
have a way to do this, so where possible it fails instead of following a
symlink when explicitly asked not to. Instead of checking for an explicit
failure, check that it does not update the destination, which both the
real and compat implmentations should honour.
Inspired by github pull req #125 from chutzpah at gentoo.org.
|
|
According to POSIX, pthread_create returns the failure reason in
the non-zero function return code so make the fork wrapper do that.
Matches previous change.
|
|
Found by inspection after finding similar bugs in other code used by
Android.
|
|
Adding another s390 specific ioctl to be able to support ECC hardware
acceleration to the sandbox seccomp filter rules.
Now the ibmca openssl engine provides elliptic curve cryptography
support with the help of libica and CCA crypto cards. This is done via
jet another ioctl call to the zcrypt device driver and so there is a
need to enable this on the openssl sandbox.
Code is s390 specific and has been tested, verified and reviewed.
Please note that I am also the originator of the previous changes in
that area. I posted these changes to Eduardo and he forwarded the
patches to the openssl community.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
|
openssl-devel is no longer installable via the cygwin setup and
it's hidden by default, so you can't see the replacement very easy.
|
|
OpenBSD-Commit-ID: 42f39f22f53cfcb913bce401ae0f1bb93e08dd6c
|
|
that it will fit a full 64 bit integer. bz#3012 from Manoel Domingues Junior
OpenBSD-Commit-ID: a51f3013056d05b976e5af6b978dcb9e27bbc12b
|
|
using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys
will therefore be incompatible with OpenSSH < 7.2 unless the default is
overridden.
Document the ability of the ssh-keygen -t flag to override the
signature algorithm when signing certificates, and the new default.
ok deraadt@
OpenBSD-Commit-ID: 400c9c15013978204c2cb80f294b03ae4cfc8b95
|
|
Some platforms such as HP-UX do not have pam_putenv. Currently the
calls are ifdef'ed out, but a new one was recently added. Remove the
ifdefs and add a no-op implementation. bz#3008, ok djm.
|
|
|
|
Ifdef out ECC specific code so that that it'll build against an OpenSSL
configured w/out ECC. With & ok djm@
|
|
When building against an OpenSSL configured without ECC, don't include
those algos in CASignatureAlgorithms. ok djm@
|
|
to make things a little tidier for -portable.
OpenBSD-Commit-ID: 616379861be95619e5358768b7dee4793e2f3a75
|
|
the socket into fd3, so as to not mistakenly leak other fd forward
accidentally. ok djm
OpenBSD-Commit-ID: 24cc753f5aa2c6a7d0fbf62766adbc75cd785296
|
|
Part of a patch from Stephen Gregoratto <dev at sgregoratto dot me>.
OpenBSD-Commit-ID: 15501ed13c595f135e7610b1a5d8345ccdb513b7
|
|
be able to find out from where the request was comming.
Add the same logging for PermitListen violations which where not
logged at all.
Pointed out by Robert Kisteleki (robert AT ripe.net)
input markus
OK deraadt
OpenBSD-Commit-ID: 8a7d0f1b7175504c0d1dca8d9aca1588b66448c8
|
|
Clarify the language around prngd and egd.
|
|
|
|
Previously configure would not select the "doc" man page format if
mandoc was present but nroff was not. This checks for mandoc first
and removes a now-superflous AC_PATH_PROG. Based on a patch from
vehk at vehk.de and feedback from schwarze at usta.de.
|
|
left-justification in snmprintf. bz#3002, patch from velemas at gmail.com, ok
markus@.
OpenBSD-Commit-ID: 65d252b799be0cc8f68b6c47cece0a57bb00fea7
|
|
blueflash.cc, ok deraadt
OpenBSD-Commit-ID: dbe4db381603909482211ffdd2b48abd72169117
|
|
blueflash.cc, ok djm@
OpenBSD-Commit-ID: c54e9945d93c4ce28350d8b9fa8b71f744ef2b5a
|
|
blueflash.cc, ok djm
OpenBSD-Commit-ID: e3b34fc35cf12d33bde91ac03633210a3bc0f8b5
|
|
OpenBSD-Commit-ID: db6375fc302e3bdf07d96430c63c991b2c2bd3ff
|