Age | Commit message (Collapse) | Author |
|
for ECDSA keys
work by markus@, ok djm@
OpenBSD-Regress-ID: 1ebc2be0e88eff1b6d8be2f9c00cdc60723509fe
|
|
enabled by default (currently includes agent-pkcs11.sh); from markus@
OpenBSD-Regress-ID: 9a969e1adcd117fea174d368dcb9c61eb50a2a3c
|
|
structure directly; the latter works on LibreSSL but not on OpenSSL. From
portable.
OpenBSD-Commit-ID: 5b22a1919d9cee907d3f8a029167f70a481891c6
|
|
portable doesn't use this
|
|
Require EC_KEY_METHOD support in libcrypto, evidenced by presence
of EC_KEY_METHOD_new() function.
|
|
now, so there is no need to keep a copy of each in the pkcs11_key object.
work by markus@, ok djm@
OpenBSD-Commit-ID: 43b4856516e45c0595f17a8e95b2daee05f12faa
|
|
OpenBSD-Commit-ID: 3dfe35e25b310c3968b1e4e53a0cb1d03bda5395
|
|
implicitly clean up pkcs11_key objects when their owning RSA object's
reference count drops to zero. Simplifies the cleanup path and makes it more
like ECDSA's
work by markus@, ok djm@
OpenBSD-Commit-ID: 74b9c98f405cd78f7148e9e4a4982336cd3df25c
|
|
ECDSA code: use a single custom RSA_METHOD instead of a method per key
suggested by me, but markus@ did all the work.
ok djm@
OpenBSD-Commit-ID: 8aafcebe923dc742fc5537a995cee549d07e4b2e
|
|
work by markus, ok djm@
OpenBSD-Commit-ID: 9fc0c4f1d640aaa5f19b8d70f37ea19b8ad284a1
|
|
EC_KEY internals as that won't work on OpenSSL
work by markus@, feedback and ok djm@
OpenBSD-Commit-ID: 4a99cdb89fbd6f5155ef8c521c99dc66e2612700
|
|
object should never have a DER header
work by markus; feedback and ok djm@
OpenBSD-Commit-ID: b617fa585eddbbf0b1245b58b7a3c4b8d613db17
|
|
work by markus@, feedback and ok djm@
OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
|
|
of stack- allocating a sshkey
work by markus@, ok djm@
OpenBSD-Commit-ID: a048eb6ec8aa7fa97330af927022c0da77521f91
|
|
$SSH_PKCS11_HELPER; needed for regress tests.
work by markus@, ok me
OpenBSD-Commit-ID: f78d8185500bd7c37aeaf7bd27336db62f0f7a83
|
|
Work by markus@ and Pedro Martelletto, feedback and ok me@
OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424
|
|
by performing a signature and a verification using each key "ssh-add -T
pubkey [...]"
work by markus@, ok djm@
OpenBSD-Commit-ID: 931b888a600b6a883f65375bd5f73a4776c6d19b
|
|
error.
Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd
by David Benjamin.
ok djm, dtucker
OpenBSD-Commit-ID: 1ee832be3c44b1337f76b8562ec6d203f3b072f8
|
|
OpenBSD-Commit-ID: 1229d0feb1d0ecefe05bf67a17578b263e991acc
|
|
If cc is something other than gcc and is the system compiler prefer using
that, unless otherwise told via $CC. ok djm@
|
|
|
|
Requires some caching of values, because the PAM code isn't
always called with packet context.
|
|
|
|
|
|
sshpkt_error(). The first one logs the error and exits (what we want) instead
of just logging and blundering on.
OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
|
|
with & ok markus@
OpenBSD-Commit-ID: 9bd10437026423eb8245636ad34797a20fbafd7d
|
|
with & ok markus@
OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
|
|
with & ok markus@
OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5
|
|
with & ok markus@
OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891
|
|
with & ok markus@
OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
|
|
with & ok markus@
OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
|
|
with & ok markus@
OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885
|
|
API
with & ok markus@
OpenBSD-Commit-ID: 0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71
|
|
with & ok markus@
OpenBSD-Commit-ID: ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e
|
|
OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999
|
|
with & ok markus@
OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4
|
|
with & ok markus@
OpenBSD-Commit-ID: 0b8279b56113cbd4011fc91315c0796b63dc862c
|
|
with & ok markus@
OpenBSD-Commit-ID: 222337cf6c96c347f1022d976fac74b4257c061f
|
|
with & ok markus@
OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21
|
|
with & ok markus@
OpenBSD-Commit-ID: 4e3893937bae66416e984b282d8f0f800aafd802
|
|
with & ok markus@
OpenBSD-Commit-ID: 1cb869e0d6e03539f943235641ea070cae2ebc58
|
|
with & ok markus@
OpenBSD-Commit-ID: 497b36500191f452a22abf283aa8d4a9abaee7fa
|
|
use this to give packet-related fatal error messages more context (esp. the
remote endpoint) ok markus@
OpenBSD-Commit-ID: de57211f9543426b515a8a10a4f481666b2b2a50
|
|
API, started almost exactly six years ago.
This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.
with & ok markus@
OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
|
|
a password that was entered too early are likely clobbered by the prompt.
Idea from doas.
from and ok djm
"i like it" deraadt
OpenBSD-Commit-ID: 5fb97c68df6d8b09ab37f77bca1d84d799c4084e
|
|
Fixes builds on at least OS X Lion, NetBSD 6 and Solaris 10.
|
|
Some systems (eg older OS X) do not have utimensat, so provide minimal
implementation in compat layer. Fixes build on at least El Capitan.
|
|
depending on ssh returning a particular error message for banner parsing
failure)
reminded by bluhm@
OpenBSD-Regress-ID: f24fc303d40931157431df589b386abf5e1be575
|
|
=?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
|
|
McKellar
OpenBSD-Commit-ID: 6412ccd06a88f65b207a1089345f51fa1244ea51
|