Age | Commit message (Collapse) | Author |
|
Check l->hosts before dereferencing; fixes potential null
pointer deref. ok djm@
Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
Origin: https://anongit.mindrot.org/openssh.git/commit/?id=18501151cf272a15b5f2c5e777f2e0933633c513
Last-Update: 2017-03-16
Patch-Name: ssh-keygen-null-deref.patch
|
|
fix ssh-keygen -H accidentally corrupting known_hosts that
contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
hostkeys_foreach() when hostname matching is in use, so we need to look for
the hash marker explicitly.
Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
Origin: https://anongit.mindrot.org/openssh.git/commit/?id=12d3767ba4c84c32150cbe6ff6494498780f12c9
Bug-Debian: https://bugs.debian.org/851734
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1668093
Last-Update: 2017-03-09
Patch-Name: ssh-keygen-hash-corruption.patch
|
|
|
|
|
|
|
|
|
|
Spaces->tabs.
Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
|
|
Style whitespace fix. Also happens to remove a no-op
diff with portable.
Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
|
|
These were incorrectly removed in the 1d9a2e28 sync commit.
|
|
support SHA256 and SHA512 RSA signatures in certificates;
ok markus@
Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
|
|
fix signed/unsigned errors reported by clang-3.7; add
sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
better safety checking; feedback and ok markus@
Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
|
|
Add a function to enable security-related malloc_options.
With and ok deraadt@, something similar has been in the snaps for a while.
Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
|
|
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
reading key files. Increase it to match the size of the buffers already being
used.
Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
|
|
Remove NULL-checks before sshkey_free().
ok djm@
Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
|
|
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
(user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
draft-ssh-ext-info-04.txt; with & ok djm@
Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
|
|
do not leak temp file if there is no known_hosts file
from craig leres, ok djm
Upstream-ID: c820497fd5574844c782e79405c55860f170e426
|
|
allow comment change for all supported formats
ok djm@
Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
|
|
trailing whitespace
Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
|
|
move the certificate validity formatting code to
sshkey.[ch]
Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
|
|
fix "ssh-keygen -l" of private key, broken in support for
multiple plain keys on stdin
Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
|
|
Allow fingerprinting from standard input "ssh-keygen -lf
-"
Support fingerprinting multiple plain keys in a file and authorized_keys
files too (bz#1319)
ok markus@
Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
|
|
support multiple certificates (one per line) and
reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
|
|
fixed unlink([uninitialised memory]) reported by Mateusz
Kocielski; ok markus@
Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
|
|
refuse to generate or accept RSA keys smaller than 1024
bits; feedback and ok dtucker@
Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
|
|
delete support for legacy v00 certificates; "sure"
markus@ dtucker@
Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
|
|
wrap all moduli-related code in #ifdef WITH_OPENSSL.
based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
|
|
make ssh-keygen default to ed25519 keys when compiled
without OpenSSL; bz#2388, ok dtucker@
Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
|
|
Support "ssh-keygen -lF hostname" to find search known_hosts
and print key hashes. Already advertised by ssh-keygen(1), but not delivered
by code; ok dtucker@
Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
|
|
fix compilation with OPENSSL=no; ok dtucker@
|
|
rename xrealloc() to xreallocarray() since it follows
that form. ok djm
|
|
use error/logit/fatal instead of fprintf(stderr, ...)
and exit(0), fix a few errors that were being printed to stdout instead of
stderr and a few non-errors that were going to stderr instead of stdout
bz#2325; ok dtucker
|
|
Comments are only supported for RSA1 keys. If a user
tried to add one and entered his passphrase, explicitly clear it before exit.
This is done in all other error paths, too.
ok djm
|
|
for ssh-keygen -A, don't try (and fail) to generate ssh
v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled
without OpenSSL based on patch by Mike Frysinger; bz#2369
|
|
don't printf NULL key comments; reported by Tom Christensen
|
|
add -v (show ASCII art) to -l's synopsis; ok djm@
|
|
further silence spurious error message even when -v is
specified (e.g. to get visual host keys); reported by naddy@
|
|
silence a spurious error message when listing
fingerprints for known_hosts; bz#2342
|
|
|
|
Refactor hostkeys_foreach() and dependent code Deal with
IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
changed ok markus@ as part of larger commit
|
|
permit KRLs that revoke certificates by serial number or
key ID without scoping to a particular CA; ok markus@
|
|
missing parentheses after if in do_convert_from() broke
private key conversion from other formats some time in 2010; bz#2345 reported
by jjelen AT redhat.com
|
|
update to new API (key_fingerprint => sshkey_fingerprint)
check sshkey_fingerprint return values; ok markus
|
|
djm, your /usr/include tree is old
|
|
some feedback from markus@: comment hostkeys_foreach()
context and avoid a member in it.
|
|
make ssh-keygen use hostkeys_foreach(). Removes some
horrendous code; ok markus@
|
|
infer key length correctly when user specified a fully-
qualified key name instead of using the -b bits option; ok markus@
|
|
regression: incorrect error message on
otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
|
|
Replace <sys/param.h> with <limits.h> and other less
dirty headers where possible. Annotate <sys/param.h> lines with their
current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of
MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
These are the files confirmed through binary verification. ok guenther,
millert, doug (helped with the verification protocol)
|
|
sync ssh-keysign, ssh-keygen and some dependencies to the
new buffer/key API; mostly mechanical, ok markus@
|
|
fix some regressions caused by upstream merges
enable KRLs now that they no longer require BIGNUMs
|