Age | Commit message (Collapse) | Author |
|
This patch has been rejected upstream: "None of the OpenSSH developers are
in favour of adding this, and this situation has not changed for several
years. This is not a slight on Simon's patch, which is of fine quality, but
just that a) we don't trust GSSAPI implementations that much and b) we don't
like adding new KEX since they are pre-auth attack surface. This one is
particularly scary, since it requires hooks out to typically root-owned
system resources."
However, quite a lot of people rely on this in Debian, and it's better to
have it merged into the main openssh package rather than having separate
-krb5 packages (as we used to have). It seems to have a generally good
security history.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
Last-Updated: 2017-01-16
Patch-Name: gssapi.patch
|
|
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@
Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
|
|
Check for NULL argument to sshkey_read. Patch from
jjelen at redhat.com via bz#2687, ok djm@
Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e
|
|
ifdef out "rsa1" from the list of supported keytypes when
compiled without SSH1 support. Found by kdunlop at guralp.com, ok djm@
Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f
|
|
EVP_R_PRIVATE_KEY_DECODE_ERROR was added in OpenSSL 1.0.0 so ifdef out
for the benefit of OpenSSL versions prior to that.
|
|
bring back r1.34 that was backed out for problems loading
public keys:
translate OpenSSL error codes to something more
meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
with additional fix from Jakub Jelen to solve the backout.
bz#2525 bz#2523 re-ok dtucker@
Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031
|
|
Remove dead breaks, found via opencoverage.net. ok
deraadt@
Upstream-ID: ad9cc655829d67fad219762810770787ba913069
|
|
add a comment about implicitly-expected checks to
sshkey_ec_validate_public()
Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f
|
|
Avoid a theoretical signed integer overflow should
BN_num_bytes() ever violate its manpage and return a negative value. Improve
order of tests to avoid confusing increasingly pedantic compilers.
Reported by Guido Vranken from stack (css.csail.mit.edu/stack)
unstable optimisation analyser output. ok deraadt@
Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505
|
|
list all supported signature algorithms in the
server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
Ron Frederick; ok markus@
Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
|
|
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker
Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
|
|
small refactor of cipher.c: make ciphercontext opaque to
callers feedback and ok markus@
Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
|
|
revert 1.34; causes problems loading public keys
reported by semarie@
Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
|
|
translate OpenSSL error codes to something more
meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
|
|
support SHA256 and SHA512 RSA signatures in certificates;
ok markus@
Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
|
|
make private key loading functions consistently handle NULL
key pointer arguments; ok markus@
Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
|
|
Remove NULL-checks before sshbuf_free().
ok djm@
Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
|
|
Remove NULL-checks before sshkey_free().
ok djm@
Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
|
|
Remove NULL-checks before free().
ok dtucker@
Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
|
|
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
(user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
draft-ssh-ext-info-04.txt; with & ok djm@
Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
|
|
move the certificate validity formatting code to
sshkey.[ch]
Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
|
|
Replace remaining calls to index(3) with strchr(3). OK
jca@ krw@
Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
|
|
improve sshkey_read() semantics; only update *cpp when a
key is successfully read; ok markus@
Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
|
|
argument to sshkey_from_private() and sshkey_demote()
can't be NULL
Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f
|
|
- Fix error message: passphrase needs to be at least 5
characters, not 4. - Remove unused function argument. - Remove two
unnecessary variables.
OK djm@
Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
|
|
Fix occurrences of "r = func() != 0" which result in the
wrong error codes being returned due to != having higher precedence than =.
ok deraadt@ markus@
Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
|
|
fix double-free() in error path of DSA key generation
reported by Mateusz Kocielski; ok markus@
Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c
|
|
delete support for legacy v00 certificates; "sure"
markus@ dtucker@
Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
|
|
refactor: split base64 encoding of pubkey into its own
sshkey_to_base64() function and out of sshkey_write(); ok markus@
Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
|
|
Remove pattern length argument from match_pattern_list(), we
only ever use it for strlen(pattern).
Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.
ok markus@
|
|
don't choke on new-format private keys encrypted with an
AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@
|
|
correct return value in pubkey parsing, spotted by Ben Hawkes
ok markus@
|
|
fix sshkey_certify() return value for unsupported key types;
ok markus@ deraadt@
|
|
small refactor and add some convenience functions; ok
markus
|
|
Replace <sys/param.h> with <limits.h> and other less
dirty headers where possible. Annotate <sys/param.h> lines with their
current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of
MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
These are the files confirmed through binary verification. ok guenther,
millert, doug (helped with the verification protocol)
|
|
avoid an warning for the !OPENSSL case
|
|
add sshd_config HostbasedAcceptedKeyTypes and
PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
will be accepted. Currently defaults to all. Feedback & ok markus@
|
|
unbreak parsing of pubkey comments; with gerhard; ok
djm/deraadt
|
|
allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
|
|
deprecate key_load_private_pem() and
sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
not require pathnames to be specified (they weren't really used).
Fixes a few other things en passant:
Makes ed25519 keys work for hostbased authentication (ssh-keysign
previously used the PEM-only routines).
Fixes key comment regression bz#2306: key pathnames were being lost as
comment fields.
ok markus@
|
|
|
|
Add FingerprintHash option to control algorithm used for
key fingerprints. Default changes from MD5 to SHA256 and format from hex to
base64.
Feedback and ok naddy@ markus@
|
|
better error value for invalid signature length
|
|
fix NULL pointer dereference crash in key loading
found by Michal Zalewski's AFL fuzzer
|
|
parse cert sections using nested buffers to reduce
copies; ok markus
|
|
OPENSSL_HAS_ECC.
|
|
|
|
[sshkey.c]
make Ed25519 keys' title fit properly in the randomart border; bz#2247
based on patch from Christian Hesse
|
|
|
|
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
|