Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-11-13 | upstream: check sig_r and sig_s for ssh-sk keys; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 1a1e6a85b5f465d447a3800f739e35c5b74e0abc | |||
2019-11-13 | upstream: enable ed25519 support; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e | |||
2019-11-13 | upstream: update sk-api to version 2 for ed25519 support; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 77aa4d5b6ab17987d8a600907b49573940a0044a | |||
2019-11-13 | upstream: implement sshsk_ed25519_assemble(); ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: af9ec838b9bc643786310b5caefc4ca4754e68c6 | |||
2019-11-13 | upstream: implement sshsk_ed25519_inner_sig(); ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: f422d0052c6d948fe0e4b04bc961f37fdffa0910 | |||
2019-11-13 | upstream: rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19 | |||
2019-11-13 | upstream: factor out sshsk_ecdsa_inner_sig(); ok djm@ | markus@openbsd.org | |
OpenBSD-Commit-ID: 07e41997b542f670a15d7e2807143fe01efef584 | |||
2019-11-13 | upstream: factor out sshsk_ecdsa_assemble(); ok djm@ | markus@openbsd.org | |
OpenBSD-Commit-ID: 2313761a3a84ccfe032874d638d3c363e0f14026 | |||
2019-11-13 | upstream: implement ssh-ed25519-sk verification; ok djm@ | markus@openbsd.org | |
OpenBSD-Commit-ID: 37906d93948a1e3d237c20e713d6ca8fbf7d13f6 | |||
2019-11-13 | ignore ssh-sk-helper | Damien Miller | |
2019-11-13 | upstream: skip demanding -fstack-protector-all on hppa. we never | deraadt@openbsd.org | |
wrote a stack protector for reverse-stack architectures, and i don't think anyone else did either. a warning per compiled file is just annoying. OpenBSD-Commit-ID: 14806a59353152f843eb349e618abbf6f4dd3ada | |||
2019-11-11 | upstream: duplicate 'x' character in getopt(3) optstring | djm@openbsd.org | |
OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7 | |||
2019-11-08 | upstream: Fill in missing man page bits for U2F security key support: | naddy@openbsd.org | |
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@ OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4 | |||
2019-11-03 | Put sftp-realpath in libssh.a | Darren Tucker | |
and remove it from the specific binary targets. | |||
2019-11-03 | statfs might be defined in sys/mount.h. | Darren Tucker | |
eg on old NetBSDs. | |||
2019-11-02 | Put stdint.h inside ifdef HAVE_STDINT_H. | Darren Tucker | |
2019-11-02 | Rebuild .depend. | Darren Tucker | |
2019-11-02 | Define __BSD_VISIBLE in fnmatch.h. | Darren Tucker | |
.. since we use symbols defined only when it is when using the compat fnmatch. | |||
2019-11-02 | Only enable U2F if OpenSSL supports ECC. | Darren Tucker | |
This requires moving the U2F bits to below the OpenSSL parts so we have the required information. ok djm@ | |||
2019-11-02 | upstream: fix miscellaneous text problems; ok djm@ | naddy@openbsd.org | |
OpenBSD-Commit-ID: 0cbf411a14d8fa0b269b69cbb1b4fc0ca699fe9f | |||
2019-11-01 | Add flags needed to build and work on Ultrix. | Darren Tucker | |
2019-11-01 | Hook up fnmatch for platforms that don't have it. | Darren Tucker | |
2019-11-01 | Add missing bracket in realpath macro. | Darren Tucker | |
2019-11-01 | Import fnmatch.c from OpenBSD. | Darren Tucker | |
2019-11-01 | Use sftp_realpath if no native realpath. | Darren Tucker | |
2019-11-01 | Configure flags for haiku from haikuports. | Darren Tucker | |
Should build with the default flags with ./configure | |||
2019-11-01 | upstream: fix a race condition in the SIGCHILD handler that could turn | djm@openbsd.org | |
in to a kill(-1); bz3084, reported by Gao Rui, ok dtucker@ OpenBSD-Commit-ID: ac2742e04a69d4c34223505b6a32f6d686e18896 | |||
2019-11-01 | conditionalise SK sign/verify on ENABLE_SK | Damien Miller | |
Spotted by Darren and his faux-Vax | |||
2019-11-01 | Add prototype for localtime_r if needed. | Darren Tucker | |
2019-11-01 | Check if IP_TOS is defined before using. | Darren Tucker | |
2019-11-01 | autoconf pieces for U2F support | Damien Miller | |
Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable. | |||
2019-11-01 | upstream: remove duplicate PUBKEY_DEFAULT_PK_ALG on !WITH_OPENSSL path | djm@openbsd.org | |
OpenBSD-Commit-ID: 95a7cafad2a4665d57cabacc28031fabc0bea9fc | |||
2019-11-01 | upstream: more additional source files | djm@openbsd.org | |
OpenBSD-Regress-ID: 8eaa25fb901594aee23b76eda99dca5b8db94c6f | |||
2019-11-01 | upstream: additional source files here too | djm@openbsd.org | |
OpenBSD-Regress-ID: 8809f8e1c8f7459e7096ab6b58d8e56cb2f483fd | |||
2019-11-01 | upstream: additional source files here too | djm@openbsd.org | |
OpenBSD-Regress-ID: 09297e484327f911fd353489518cceaa0c1b95ce | |||
2019-11-01 | upstream: adapt to extra sshkey_sign() argument and additional | djm@openbsd.org | |
dependencies OpenBSD-Regress-ID: 7a25604968486c4d6f81d06e8fbc7d17519de50e | |||
2019-11-01 | upstream: skip security-key key types for tests until we have a | djm@openbsd.org | |
dummy U2F middleware to use. OpenBSD-Regress-ID: 37200462b44334a4ad45e6a1f7ad1bd717521a95 | |||
2019-11-01 | upstream: sort; | jmc@openbsd.org | |
OpenBSD-Commit-ID: 8264b0be01ec5a60602bd50fd49cc3c81162ea16 | |||
2019-11-01 | upstream: undo debugging bits that shouldn't have been committed | djm@openbsd.org | |
OpenBSD-Commit-ID: 4bd5551b306df55379afe17d841207990eb773bf | |||
2019-11-01 | depend | Damien Miller | |
2019-11-01 | upstream: fix -Wshadow warning | djm@openbsd.org | |
OpenBSD-Commit-ID: 3441eb04f872a00c2483c11a5f1570dfe775103c | |||
2019-11-01 | upstream: Refactor signing - use sshkey_sign for everything, | djm@openbsd.org | |
including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c | |||
2019-11-01 | upstream: ssh-agent support for U2F/FIDO keys | djm@openbsd.org | |
feedback & ok markus@ OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb | |||
2019-11-01 | upstream: ssh AddKeysToAgent support for U2F/FIDO keys | djm@openbsd.org | |
feedback & ok markus@ OpenBSD-Commit-ID: ac08e45c7f995fa71f8d661b3f582e38cc0a2f91 | |||
2019-11-01 | upstream: ssh-add support for U2F/FIDO keys | djm@openbsd.org | |
OpenBSD-Commit-ID: 7f88a5181c982687afedf3130c6ab2bba60f7644 | |||
2019-11-01 | upstream: add new agent key constraint for U2F/FIDO provider | djm@openbsd.org | |
feedback & ok markus@ OpenBSD-Commit-ID: d880c380170704280b4003860a1744d286c7a172 | |||
2019-11-01 | upstream: ssh client support for U2F/FIDO keys | djm@openbsd.org | |
OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc | |||
2019-11-01 | upstream: Separate myproposal.h userauth pubkey types | djm@openbsd.org | |
U2F/FIDO keys are not supported for host authentication, so we need a separate list for user keys. feedback & ok markus@ OpenBSD-Commit-ID: 7fe2e6ab85f9f2338866e5af8ca2d312abbf0429 | |||
2019-11-01 | upstream: ssh-keygen support for generating U2F/FIDO keys | djm@openbsd.org | |
OpenBSD-Commit-ID: 6ce04f2b497ac9dd8c327f76f1e6c724fb1d1b37 | |||
2019-11-01 | upstream: U2F/FIDO middleware interface | djm@openbsd.org | |
Supports enrolling (generating) keys and signatures. feedback & ok markus@ OpenBSD-Commit-ID: 73d1dd5939454f9c7bd840f48236cba41e8ad592 |