Commit Graph

5 Commits

Author SHA1 Message Date
djm@openbsd.org
9405c6214f upstream: allow key revocation by SHA256 hash and allow ssh-keygen
to create KRLs using SHA256/base64 key fingerprints; ok markus@

OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
2018-09-12 16:49:21 +10:00
djm@openbsd.org
6074c84bf9 upstream commit
unused prototype

Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
2016-01-07 20:13:32 +11:00
djm@openbsd.org
e7fd952f4e upstream commit
sync changes from libopenssh; prepared by markus@ mostly
 debug output tweaks, a couple of error return value changes and some other
 minor stuff
2015-01-14 20:32:42 +11:00
djm@openbsd.org
74de254bb9 upstream commit
convert KRL code to new buffer API

ok markus@
2014-12-05 09:29:46 +11:00
Damien Miller
f3747bf401 - djm@cvs.openbsd.org 2013/01/17 23:00:01
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@
2013-01-18 11:44:04 +11:00