Commit Graph

354 Commits

Author SHA1 Message Date
Damien Miller
42c5ec4b97 refactor libcrypto initialisation
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().

Prompted by patch from Rosen Penev
2018-11-23 10:42:05 +11:00
Manoj Ampalam
9b47b083ca Fix error message w/out nistp521.
Correct error message when OpenSSL doesn't support certain ECDSA key
lengths.
2018-11-10 19:17:55 +11:00
djm@openbsd.org
a4fc253f5f upstream: when printing certificate contents "ssh-keygen -Lf
/path/certificate", include the algorithm that the CA used to sign the cert.

OpenBSD-Commit-ID: 1ea20b5048a851a7a0758dcb9777a211a2c0dddd
2018-10-22 10:58:06 +11:00
djm@openbsd.org
6da046f9c3 upstream: garbage-collect moribund ssh_new_private() API.
OpenBSD-Commit-ID: 7c05bf13b094093dfa01848a9306c82eb6e95f6c
2018-09-14 14:19:06 +10:00
djm@openbsd.org
482d23bcac upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@

OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
2018-09-13 12:12:33 +10:00
djm@openbsd.org
9405c6214f upstream: allow key revocation by SHA256 hash and allow ssh-keygen
to create KRLs using SHA256/base64 key fingerprints; ok markus@

OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
2018-09-12 16:49:21 +10:00
djm@openbsd.org
ed7bd5d93f upstream: Use new private key format by default. This format is
suported by OpenSSH >= 6.5 (released January 2014), so it should be supported
by most OpenSSH versions in active use.

It is possible to convert new-format private keys to the older
format using "ssh-keygen -f /path/key -pm PEM".

ok deraadt dtucker

OpenBSD-Commit-ID: e3bd4f2509a2103bfa2f710733426af3ad6d8ab8
2018-08-08 11:18:05 +10:00
Damien Miller
4d3b2f36fd missing headers 2018-07-13 11:41:33 +10:00
markus@openbsd.org
49f47e656b upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@
OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
2018-07-10 16:44:17 +10:00
markus@openbsd.org
7f90635216 upstream: switch config file parsing to getline(3) as this avoids
static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-07 04:34:05 +10:00
djm@openbsd.org
01b048c8eb upstream: whitespace
OpenBSD-Commit-ID: e5edb5e843ddc9b73a8e46518899be41d5709add
2018-06-01 14:22:29 +10:00
djm@openbsd.org
3e088aaf23 upstream: return correct exit code when searching for and hashing
known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772
Report and fix from Anton Kremenetsky

OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
2018-06-01 14:20:12 +10:00
djm@openbsd.org
bf0fbf2b11 upstream: add valid-before="[time]" authorized_keys option. A
simple way of giving a key an expiry date. ok markus@

OpenBSD-Commit-ID: 1793b4dd5184fa87f42ed33c7b0f4f02bc877947
2018-03-14 18:55:32 +11:00
markus@openbsd.org
1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-26 11:40:41 +11:00
djm@openbsd.org
ca613249a0 upstream commit
Refuse to create a certificate with an unusable number of
principals; Prompted by gdestuynder via github

OpenBSD-Commit-ID: 8cfae2451e8f07810e3e2546dfdcce66984cbd29
2018-02-10 16:49:44 +11:00
djm@openbsd.org
b56ac069d4 upstream commit
fatal if we're unable to write all the public key; previously
we would silently ignore errors writing the comment and terminating newline.
Prompted by github PR from WillerZ; ok dtucker

OpenBSD-Commit-ID: 18fbfcfd4e8c6adbc84820039b64d70906e49831
2018-02-10 16:45:34 +11:00
jsing@openbsd.org
94ec2b69d4 upstream commit
Remove some #ifdef notyet code from OpenSSL 0.9.8 days.

These functions have never appeared in OpenSSL and are likely never to do
so.

"kill it with fire" djm@

OpenBSD-Commit-ID: fee9560e283fd836efc2631ef381658cc673d23e
2018-02-08 09:26:27 +11:00
djm@openbsd.org
04c7e28f83 upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19 15:21:37 +11:00
djm@openbsd.org@openbsd.org
d52131a983 upstream commit
allow certificate validity intervals that specify only a
start or stop time (we already support specifying both or neither)

OpenBSD-Commit-ID: 9be486545603c003030bdb5c467d1318b46b4e42
2017-11-03 16:20:41 +11:00
djm@openbsd.org
853edbe057 upstream commit
When generating all hostkeys (ssh-keygen -A), clobber
existing keys if they exist but are zero length. zero-length keys could
previously be made if ssh-keygen failed part way through generating them, so
avoid that case too. bz#2561 reported by Krzysztof Cieplucha; ok dtucker@

Upstream-ID: f662201c28ab8e1f086b5d43c59cddab5ade4044
2017-07-21 14:17:32 +10:00
djm@openbsd.org
83fa3a0448 upstream commit
remove post-SSHv1 removal dead code from rsa.c and merge
the remaining bit that it still used into ssh-rsa.c; ok markus

Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
2017-07-21 14:17:32 +10:00
djm@openbsd.org
a98339edbc upstream commit
Allow ssh-keygen to use a key held in ssh-agent as a CA when
signing certificates. bz#2377 ok markus

Upstream-ID: fb42e920b592edcbb5b50465739a867c09329c8f
2017-06-28 11:13:19 +10:00
markus@openbsd.org
7da5df11ac upstream commit
remove unused wrapper functions from key.[ch]; ok djm@

Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
2017-05-31 10:49:50 +10:00
djm@openbsd.org
bd636f4091 upstream commit
Refuse RSA keys <1024 bits in length. Improve reporting
for keys that do not meet this requirement. ok markus@

Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
2017-05-08 09:21:22 +10:00
djm@openbsd.org
873d3e7d9a upstream commit
remove KEY_RSA1

ok markus@

Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-05-01 10:05:01 +10:00
djm@openbsd.org
56912dea6e upstream commit
unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
2017-05-01 09:37:40 +10:00
djm@openbsd.org
249516e428 upstream commit
allow ssh-keygen to include arbitrary string or flag
certificate extensions and critical options. ok markus@ dtucker@

Upstream-ID: 2cf28dd6c5489eb9fc136e0b667ac3ea10241646
2017-05-01 09:35:38 +10:00
djm@openbsd.org
db2597207e upstream commit
ensure hostname is lower-case before hashing it;
bz#2591 reported by Griff Miller II; ok dtucker@

Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
2017-03-10 15:35:39 +11:00
dtucker@openbsd.org
18501151cf upstream commit
Check l->hosts before dereferencing; fixes potential null
pointer deref. ok djm@

Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
2017-03-06 13:44:46 +11:00
dtucker@openbsd.org
d072370793 upstream commit
linenum is unsigned long so use %lu in log formats.  ok
deraadt@

Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
2017-03-06 13:17:31 +11:00
djm@openbsd.org
12d3767ba4 upstream commit
fix ssh-keygen -H accidentally corrupting known_hosts that
contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
hostkeys_foreach() when hostname matching is in use, so we need to look for
the hash marker explicitly.

Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
2017-03-03 17:14:35 +11:00
dtucker@openbsd.org
3baa4cdd19 upstream commit
Do not show rsa1 key type in usage when compiled without
SSH1 support.

Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
2017-02-17 14:52:24 +11:00
djm@openbsd.org
a287c5ad1e upstream commit
Sanitise escape sequences in key comments sent to printf
but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@

Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
2017-02-10 14:38:06 +11:00
millert@openbsd.org
e40269be38 upstream commit
Avoid printf %s NULL.  From semarie@, OK djm@

Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
2017-02-10 14:37:26 +11:00
Darren Tucker
7050896e73 Resync ssh-keygen -W error message with upstream. 2016-09-12 13:57:28 +10:00
Darren Tucker
43cceff82c Move ssh-keygen -W handling code to match upstream 2016-09-12 13:57:07 +10:00
Darren Tucker
af48d54136 Move ssh-keygen -T handling code to match upstream. 2016-09-12 13:52:17 +10:00
Darren Tucker
d8c3cfbb01 Move -M handling code to match upstream. 2016-09-12 13:51:04 +10:00
dtucker@openbsd.org
7b63cf6dbb upstream commit
Spaces->tabs.

Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
2016-09-12 13:49:24 +10:00
dtucker@openbsd.org
11e5e64453 upstream commit
Style whitespace fix.  Also happens to remove a no-op
diff with portable.

Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
2016-09-12 13:47:51 +10:00
Darren Tucker
0bb2980260 Restore ssh-keygen's -J and -j option handling.
These were incorrectly removed in the 1d9a2e28 sync commit.
2016-09-12 11:07:00 +10:00
djm@openbsd.org
57464e3934 upstream commit
support SHA256 and SHA512 RSA signatures in certificates;
 ok markus@

Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
2016-05-02 20:35:05 +10:00
djm@openbsd.org
1a31d02b24 upstream commit
fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-05-02 20:35:04 +10:00
dtucker@openbsd.org
ffb1e7e896 upstream commit
Add a function to enable security-related malloc_options.
  With and ok deraadt@, something similar has been in the snaps for a while.

Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
2016-02-16 10:44:00 +11:00
djm@openbsd.org
cce6a36bb9 upstream commit
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
 reading key files. Increase it to match the size of the buffers already being
 used.

Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
2015-12-18 14:49:32 +11:00
mmcc@openbsd.org
89540b6de0 upstream commit
Remove NULL-checks before sshkey_free().

ok djm@

Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
2015-12-18 14:49:32 +11:00
markus@openbsd.org
76c9fbbe35 upstream commit
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt; with & ok djm@

Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-07 12:38:58 +11:00
deraadt@openbsd.org
6da413c085 upstream commit
do not leak temp file if there is no known_hosts file
 from craig leres, ok djm

Upstream-ID: c820497fd5574844c782e79405c55860f170e426
2015-11-30 09:45:53 +11:00
halex@openbsd.org
4d90625b22 upstream commit
allow comment change for all supported formats

ok djm@

Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
2015-11-28 17:44:32 +11:00
djm@openbsd.org
964ab3ee7a upstream commit
trailing whitespace

Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
2015-11-19 12:13:38 +11:00