Age | Commit message (Collapse) | Author |
|
dummy U2F middleware to use.
OpenBSD-Regress-ID: 37200462b44334a4ad45e6a1f7ad1bd717521a95
|
|
OpenBSD-Commit-ID: 8264b0be01ec5a60602bd50fd49cc3c81162ea16
|
|
OpenBSD-Commit-ID: 4bd5551b306df55379afe17d841207990eb773bf
|
|
|
|
OpenBSD-Commit-ID: 3441eb04f872a00c2483c11a5f1570dfe775103c
|
|
including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
|
|
feedback & ok markus@
OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb
|
|
feedback & ok markus@
OpenBSD-Commit-ID: ac08e45c7f995fa71f8d661b3f582e38cc0a2f91
|
|
OpenBSD-Commit-ID: 7f88a5181c982687afedf3130c6ab2bba60f7644
|
|
feedback & ok markus@
OpenBSD-Commit-ID: d880c380170704280b4003860a1744d286c7a172
|
|
OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc
|
|
U2F/FIDO keys are not supported for host authentication, so we need
a separate list for user keys.
feedback & ok markus@
OpenBSD-Commit-ID: 7fe2e6ab85f9f2338866e5af8ca2d312abbf0429
|
|
OpenBSD-Commit-ID: 6ce04f2b497ac9dd8c327f76f1e6c724fb1d1b37
|
|
Supports enrolling (generating) keys and signatures.
feedback & ok markus@
OpenBSD-Commit-ID: 73d1dd5939454f9c7bd840f48236cba41e8ad592
|
|
Key library support: including allocation, marshalling public/private
keys and certificates, signature validation.
feedback & ok markus@
OpenBSD-Commit-ID: a17615ba15e0f7932ac4360cb18fc9a9544e68c7
|
|
OpenBSD-Commit-ID: 8f3247317c2909870593aeb306dff848bc427915
|
|
|
|
|
|
unreliable signals and now-unneeded save and restore of errno. ok deraadt@
markus@
OpenBSD-Commit-ID: 01dd8a1ebdd991c8629ba1f5237283341a93cd88
|
|
OpenBSD-Commit-ID: 4c4bfd2806c5bbc753788ffe19c5ee13aaf418b2
|
|
OpenBSD-Commit-ID: 58ec755be4e51978ecfee73539090eb68652a987
|
|
|
|
|
|
|
|
|
|
Since utimensat uses struct timespec, move it to the section where we
define struct timespec when needed.
|
|
|
|
|
|
Including a function call in the test programs for the gcc stack
protector flag tests exercises more of the compiler and makes it more
likely it'll detect problems.
|
|
|
|
by krishnaiah bommu
OpenBSD-Commit-ID: 35ff685e7cc9dd2e3fe2e3dfcdcb9bc5c79f6506
|
|
OpenBSD-Commit-ID: 091bb23a6e913af5d4f72c50030b53ce1cef4de1
|
|
OpenBSD-Commit-ID: d6ed260cbbc297ab157ad63931802fb1ef7a4266
|
|
This makes mysignal implement reliable BSD semantics according to
Stevens' APUE. This was first attempted in 2001 but was reverted
due to problems with HP-UX 10.20 and select() and possibly grantpt().
Modern systems should be fine with it, but if any current platforms have
a problem with it now we can disable it just for those. ok djm@
|
|
Fixes build on IRIX. bz#3081.
|
|
|
|
|
|
|
|
OpenBSD-Commit-ID: 3356bb34e2aa287f0e6d6773c9ae659dc680147d
|
|
case, and some other NULL dereferences found by fuzzing.
fix with and ok markus@
OpenBSD-Commit-ID: 0f81adbb95ef887ce586953e1cb225fa45c7a47b
|
|
Reported by Adam Zabrocki via SecuriTeam's SSH program.
Note that this code is experimental and not compiled by default.
ok markus@
OpenBSD-Commit-ID: cd0361896d15e8a1bac495ac583ff065ffca2be1
|
|
warnings on some platforms. ok deraadt.
OpenBSD-Commit-ID: a990dbc2dac25bdfa07e79321349c73fd991efa2
|
|
OpenBSD-Commit-ID: 78bb512d04cfc238adb2c5b7504ac93eecf523b3
|
|
|
|
Similar to the previous change to DEF_WEAK, some compilers don't like
the empty statement, so convert into a no-op function prototype.
|
|
make the indenting a little more consistent too..
Fixes Solaris 2.6; reported by Tom G. Christensen
|
|
spotted by Tim Rice; ok dtucker
|
|
Completely nop-ing out DEF_WEAK leaves an empty statemment which some
compilers don't like. Replace with a no-op function template. ok djm@
|
|
remove them only where it's needed (and confuses test(1) on at least OS X in
portable).
OpenBSD-Regress-ID: a6ab9b4bd1d33770feaf01b2dfb96f9e4189d2d0
|
|
The EP11 crypto card needs to make an ioctl call, which receives an
specific argument. This crypto card is for s390 only.
Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
|