Commit Graph

44 Commits

Author SHA1 Message Date
djm@openbsd.org
04c7e28f83 upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19 15:21:37 +11:00
deraadt@openbsd.org
9e509d4ec9 upstream commit
Switch to recallocarray() for a few operations.  Both
growth and shrinkage are handled safely, and there also is no need for
preallocation dances. Future changes in this area will be less error prone.
Review and one bug found by markus

Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
2017-06-01 14:55:22 +10:00
dtucker@openbsd.org
ef653dd5bd upstream commit
krl.c

Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
2017-03-12 10:50:18 +11:00
deraadt@openbsd.org
9136ec134c upstream commit
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker

Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
2016-09-12 13:46:29 +10:00
djm@openbsd.org
422d1b3ee9 upstream commit
fix three bugs in KRL code related to (unused) signature
 support: verification length was being incorrectly calculated, multiple
 signatures were being incorrectly processed and a NULL dereference that
 occurred when signatures were verified. Reported by Carl Jackson

Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
2016-01-07 20:13:33 +11:00
mmcc@openbsd.org
52d7078421 upstream commit
Remove NULL-checks before sshbuf_free().

ok djm@

Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
2015-12-18 14:50:48 +11:00
markus@openbsd.org
76c9fbbe35 upstream commit
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt; with & ok djm@

Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-07 12:38:58 +11:00
jsg@openbsd.org
f3a3ea180a upstream commit
Fix occurrences of "r = func() != 0" which result in the
 wrong error codes being returned due to != having higher precedence than =.

ok deraadt@ markus@

Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
2015-09-03 10:44:41 +10:00
djm@openbsd.org
c28fc62d78 upstream commit
delete support for legacy v00 certificates; "sure"
 markus@ dtucker@

Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
2015-07-15 15:35:09 +10:00
djm@openbsd.org
9d27fb73b4 upstream commit
correct test to sshkey_sign(); spotted by Albert S.

Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
2015-06-25 09:50:30 +10:00
djm@openbsd.org
669aee9943 upstream commit
permit KRLs that revoke certificates by serial number or
 key ID without scoping to a particular CA; ok markus@
2015-01-30 12:17:07 +11:00
djm@openbsd.org
60b1825262 upstream commit
small refactor and add some convenience functions; ok
 markus
2015-01-27 00:00:36 +11:00
deraadt@openbsd.org
087266ec33 upstream commit
Reduce use of <sys/param.h> and transition to <limits.h>
 throughout. ok djm markus
2015-01-26 23:58:53 +11:00
djm@openbsd.org
4e62cc68ce upstream commit
fix format strings in (disabled) debugging
2015-01-20 08:33:01 +11:00
deraadt@openbsd.org
f101d8291d upstream commit
string truncation due to sizeof(size) ok djm markus
2015-01-20 00:20:17 +11:00
Damien Miller
b03ebe2c22 more --without-openssl
fix some regressions caused by upstream merges

enable KRLs now that they no longer require BIGNUMs
2015-01-15 03:08:58 +11:00
Damien Miller
72ef7c148c support --without-openssl at configure time
Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.

Considered highly experimental for now.
2015-01-15 02:28:36 +11:00
djm@openbsd.org
a165bab605 upstream commit
avoid BIGNUM in KRL code by using a simple bitmap;
 feedback and ok markus
2015-01-15 02:22:18 +11:00
djm@openbsd.org
e7fd952f4e upstream commit
sync changes from libopenssh; prepared by markus@ mostly
 debug output tweaks, a couple of error return value changes and some other
 minor stuff
2015-01-14 20:32:42 +11:00
markus@openbsd.org
0097565f84 upstream commit
missing error assigment on sshbuf_put_string()
2015-01-13 19:26:12 +11:00
markus@openbsd.org
905fe30fca upstream commit
free->sshkey_free; ok djm@
2015-01-13 19:25:52 +11:00
djm@openbsd.org
1195f4cb07 upstream commit
deprecate key_load_private_pem() and
 sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
 not require pathnames to be specified (they weren't really used).

Fixes a few other things en passant:

Makes ed25519 keys work for hostbased authentication (ssh-keysign
previously used the PEM-only routines).

Fixes key comment regression bz#2306: key pathnames were being lost as
comment fields.

ok markus@
2015-01-09 00:17:12 +11:00
djm@openbsd.org
56d1c83cdd upstream commit
Add FingerprintHash option to control algorithm used for
 key fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@
2014-12-22 09:32:29 +11:00
djm@openbsd.org
74de254bb9 upstream commit
convert KRL code to new buffer API

ok markus@
2014-12-05 09:29:46 +11:00
djm@openbsd.org
b6de5ac9ed upstream commit
fix NULL pointer dereference crash on invalid timestamp

found using Michal Zalewski's afl fuzzer
2014-11-24 10:15:47 +11:00
djm@openbsd.org
9f9fad0191 upstream commit
fix KRL generation when multiple CAs are in use

We would generate an invalid KRL when revoking certs by serial
number for multiple CA keys due to a section being written out
twice.

Also extend the regress test to catch this case by having it
produce a multi-CA KRL.

Reported by peter AT pean.org
2014-11-17 11:20:39 +11:00
Damien Miller
8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
2014-07-02 15:28:02 +10:00
Damien Miller
2cd7929250 - djm@cvs.openbsd.org 2014/06/24 00:52:02
[krl.c]
     fix bug in KRL generation: multiple consecutive revoked certificate
     serial number ranges could be serialised to an invalid format.

     Readers of a broken KRL caused by this bug will fail closed, so no
     should-have-been-revoked key will be accepted.
2014-07-02 12:48:30 +10:00
Damien Miller
633de33b19 - djm@cvs.openbsd.org 2014/04/28 03:09:18
[authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
     [ssh-keygen.c]
     buffer_get_string_ptr's return should be const to remind
     callers that futzing with it will futz with the actual buffer
     contents
2014-05-15 13:48:26 +10:00
Damien Miller
1d2c456426 - tedu@cvs.openbsd.org 2014/01/31 16:39:19
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
     replace most bzero with explicit_bzero, except a few that cna be memset
     ok djm dtucker
2014-02-04 11:18:20 +11:00
Damien Miller
c8669a8cd2 - djm@cvs.openbsd.org 2013/07/20 22:20:42
[krl.c]
     fix verification error in (as-yet usused) KRL signature checking path
2013-07-25 11:52:48 +10:00
Damien Miller
3071070b39 - markus@cvs.openbsd.org 2013/06/20 19:15:06
[krl.c]
     don't leak the rdata blob on errors; ok djm@
2013-07-18 16:09:44 +10:00
Damien Miller
d677ad14ff - djm@cvs.openbsd.org 2013/04/05 00:14:00
[auth2-gss.c krl.c sshconnect2.c]
     hush some {unused, printf type} warnings
2013-04-23 15:18:51 +10:00
Darren Tucker
f3c3814243 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47
[krl.c]
     Remove bogus include.  ok djm
(id sync only)
2013-04-05 11:16:52 +11:00
Tim Rice
c31db8cd6e - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
err.h include from krl.c. Additional portability fixes for modpipe. OK djm
2013-02-19 19:01:51 -08:00
Damien Miller
0cd2f8e5f8 - djm@cvs.openbsd.org 2013/01/27 10:06:12
[krl.c]
     actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
2013-02-12 11:01:39 +11:00
Damien Miller
60565bcb5c - djm@cvs.openbsd.org 2013/01/25 10:22:19
[krl.c]
     redo last commit without the vi-vomit that snuck in:
     skip serial lookup when cert's serial number is zero
     (now with 100% better comment)
2013-02-12 10:56:42 +11:00
Damien Miller
377d9a44f9 - krw@cvs.openbsd.org 2013/01/25 05:00:27
[krl.c]
     Revert last. Breaks due to likely typo. Let djm@ fix later.
     ok djm@ via dlg@
2013-02-12 10:55:16 +11:00
Damien Miller
6045f5d574 - djm@cvs.openbsd.org 2013/01/24 22:08:56
[krl.c]
     skip serial lookup when cert's serial number is zero
2013-02-12 10:54:54 +11:00
Damien Miller
ea078462ea - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2013/01/24 21:45:37
     [krl.c]
     fix handling of (unused) KRL signatures; skip string in correct buffer
2013-02-12 10:54:37 +11:00
Damien Miller
d60b210830 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
version.
2013-01-20 22:49:58 +11:00
Damien Miller
a7522d9fc0 - markus@cvs.openbsd.org 2013/01/19 12:34:55
[krl.c]
     RB_INSERT does not remove existing elments; ok djm@
2013-01-20 22:35:31 +11:00
Damien Miller
13f5f768bc - djm@cvs.openbsd.org 2013/01/18 03:00:32
[krl.c]
     fix KRL generation bug for list sections
2013-01-18 15:32:03 +11:00
Damien Miller
f3747bf401 - djm@cvs.openbsd.org 2013/01/17 23:00:01
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@
2013-01-18 11:44:04 +11:00