History log of /openssh-portable/authfile.c (Results 1 – 25 of 147)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: V_8_6_P1, V_8_5_P1, V_8_4_P1
# c514f3c0 18-Jun-2020 djm@openbsd.org

upstream: avoid spurious "Unable to load host key" message when

sshd can load a private key but no public counterpart; with & ok markus@

OpenBSD-Commit-ID: 0713cbdf9aa1ff8ac7b1f78b09ac911af510f81b


Revision tags: V_8_3_P1
# 094dd513 17-Apr-2020 djm@openbsd.org

upstream: refactor out some duplicate private key loading code;

based on patch from loic AT venez.fr, ok dtucker@

OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e


# 2b13d393 07-Apr-2020 djm@openbsd.org

upstream: let sshkey_try_load_public() load public keys from the

unencrypted envelope of private key files if not sidecar public key file is
present.

ok markus@

OpenBSD-Commit-ID: 252a0a580e10b9a6

upstream: let sshkey_try_load_public() load public keys from the

unencrypted envelope of private key files if not sidecar public key file is
present.

ok markus@

OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040

show more ...


# d01f3930 07-Apr-2020 djm@openbsd.org

upstream: simplify sshkey_try_load_public()

ok markus@

OpenBSD-Commit-ID: 05a5d46562aafcd70736c792208b1856064f40ad


Revision tags: V_8_2_P1
# 99aa8035 25-Jan-2020 djm@openbsd.org

upstream: factor out reading/writing sshbufs to dedicated

functions; feedback and ok markus@

OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d


# 878ba435 02-Jan-2020 djm@openbsd.org

upstream: add sshkey_save_public(), to save a public key; ok

markus@

OpenBSD-Commit-ID: 5d6f96a966d10d7fa689ff9aa9e1d6767ad5a076


Revision tags: V_8_1_P1
# dd8002fb 03-Sep-2019 djm@openbsd.org

upstream: move advance_past_options to authfile.c and make it

public; ok markus@

OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c


# 6b39a7b4 05-Aug-2019 dtucker@openbsd.org

upstream: Remove now-redundant perm_ok arg since

sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that
case. Patch from jitendra.sharma at intel.com, ok djm@

OpenBSD-Commit-

upstream: Remove now-redundant perm_ok arg since

sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that
case. Patch from jitendra.sharma at intel.com, ok djm@

OpenBSD-Commit-ID: 07916a17ed0a252591b71e7fb4be2599cb5b0c77

show more ...


# eb0d8e70 15-Jul-2019 djm@openbsd.org

upstream: support PKCS8 as an optional format for storage of

private keys, enabled via "ssh-keygen -m PKCS8" on operations that save
private keys to disk.

The OpenSSH native key format remains the

upstream: support PKCS8 as an optional format for storage of

private keys, enabled via "ssh-keygen -m PKCS8" on operations that save
private keys to disk.

The OpenSSH native key format remains the default, but PKCS8 is a
superior format to PEM if interoperability with non-OpenSSH software
is required, as it may use a less terrible KDF (IIRC PEM uses a single
round of MD5 as a KDF).

adapted from patch by Jakub Jelen via bz3013; ok markus

OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1

show more ...


# 4d28fa78 28-Jun-2019 deraadt@openbsd.org

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and le

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075

show more ...


Revision tags: V_8_0_P1, V_7_9_P1
# bbc8af72 21-Sep-2018 djm@openbsd.org

upstream: In sshkey_in_file(), ignore keys that are considered for

being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered
to be "in the file". This allows key revocation lists

upstream: In sshkey_in_file(), ignore keys that are considered for

being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered
to be "in the file". This allows key revocation lists to contain short keys
without the entire revocation list being considered invalid.

bz#2897; ok dtucker

OpenBSD-Commit-ID: d9f3d857d07194a42ad7e62889a74dc3f9d9924b

show more ...


Revision tags: V_7_8_P1
# 49f47e65 09-Jul-2018 markus@openbsd.org

upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@

OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29


# 7f906352 06-Jun-2018 markus@openbsd.org

upstream: switch config file parsing to getline(3) as this avoids

static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c


Revision tags: V_7_7_P1
# 1b11ea7c 23-Feb-2018 markus@openbsd.org

upstream: Add experimental support for PQC XMSS keys (Extended

Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at ge

upstream: Add experimental support for PQC XMSS keys (Extended

Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac

show more ...


Revision tags: V_7_6_P1
# 83fa3a04 01-Jul-2017 djm@openbsd.org

upstream commit

remove post-SSHv1 removal dead code from rsa.c and merge
the remaining bit that it still used into ssh-rsa.c; ok markus

Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f


# 9e509d4e 31-May-2017 deraadt@openbsd.org

upstream commit

Switch to recallocarray() for a few operations. Both
growth and shrinkage are handled safely, and there also is no need for
preallocation dances. Future changes in this area will be

upstream commit

Switch to recallocarray() for a few operations. Both
growth and shrinkage are handled safely, and there also is no need for
preallocation dances. Future changes in this area will be less error prone.
Review and one bug found by markus

Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065

show more ...


# afbfa68f 30-May-2017 markus@openbsd.org

upstream commit

revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@

upstream commit

revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@

Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca

show more ...


# 56912dea 30-Apr-2017 djm@openbsd.org

upstream commit

unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7


# ef47843a 25-Mar-2017 deraadt@openbsd.org

upstream commit

incorrect renditions of this quote bother me

Upstream-ID: 1662be3ebb7a71d543da088119c31d4d463a9e49


Revision tags: V_7_5_P1, V_7_4_P1
# 54d02202 25-Nov-2016 djm@openbsd.org

upstream commit

use sshbuf_allocate() to pre-allocate the buffer used for
loading keys. This avoids implicit realloc inside the buffer code, which
might theoretically leave fragments of the key on t

upstream commit

use sshbuf_allocate() to pre-allocate the buffer used for
loading keys. This avoids implicit realloc inside the buffer code, which
might theoretically leave fragments of the key on the heap. This doesn't
appear to happen in practice for normal sized keys, but was observed for
novelty oversize ones.

Pointed out by Jann Horn of Project Zero; ok markus@

Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1

show more ...


Revision tags: V_7_3_P1
# dce19bf6 09-Apr-2016 djm@openbsd.org

upstream commit

make private key loading functions consistently handle NULL
key pointer arguments; ok markus@

Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761


Revision tags: V_7_2_P2, V_7_2_P1, V_7_1_P2
# 52d70784 10-Dec-2015 mmcc@openbsd.org

upstream commit

Remove NULL-checks before sshbuf_free().

ok djm@

Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917


# 89540b6d 10-Dec-2015 mmcc@openbsd.org

upstream commit

Remove NULL-checks before sshkey_free().

ok djm@

Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52


# d59ce088 10-Dec-2015 mmcc@openbsd.org

upstream commit

Remove NULL-checks before free().

ok dtucker@

Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8


# 3c019a93 13-Sep-2015 tim@openbsd.org

upstream commit

- Fix error message: passphrase needs to be at least 5
characters, not 4. - Remove unused function argument. - Remove two
unnecessary variables.

OK djm@

Upstream-ID: 13010c05bfa8

upstream commit

- Fix error message: passphrase needs to be at least 5
characters, not 4. - Remove unused function argument. - Remove two
unnecessary variables.

OK djm@

Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30

show more ...


123456