History log of /openssh-portable/ssh-pkcs11-helper.c (Results 1 - 25 of 50)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 816036f1 18-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8


Revision tags: V_8_4_P1, V_8_3_P1
# e26a3175 06-Mar-2020 markus@openbsd.org

upstream: remove unused variables in ssh-pkcs11-helper; ok djm

OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1


Revision tags: V_8_2_P1
# 89a8d452 24-Jan-2020 djm@openbsd.org

upstream: expose PKCS#11 key labels/X.509 subjects as comments

Extract the key label or X.509 subject string when PKCS#11 keys
are retrieved from the token and plumb this through to plac

upstream: expose PKCS#11 key labels/X.509 subjects as comments

Extract the key label or X.509 subject string when PKCS#11 keys
are retrieved from the token and plumb this through to places where
it may be used as a comment.

based on https://github.com/openssh/openssh-portable/pull/138
by Danielle Church

feedback and ok markus@

OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35

show more ...


# 6fc7e1c6 28-Oct-2019 Darren Tucker

Wrap poll.h includes in HAVE_POLL_H.


Revision tags: V_8_1_P1
# 670104b9 06-Sep-2019 djm@openbsd.org

upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@

OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f


# be02d7cb 06-Sep-2019 djm@openbsd.org

upstream: lots of things were relying on libcrypto headers to

transitively include various system headers (mostly stdlib.h); include them
explicitly

OpenBSD-Commit-ID: 5b522f4f2

upstream: lots of things were relying on libcrypto headers to

transitively include various system headers (mostly stdlib.h); include them
explicitly

OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080

show more ...


# 0323d9b6 06-Jun-2019 otto@openbsd.org

upstream: Replace calls to ssh_malloc_init() by a static init of

malloc_options. Prepares for changes in the way malloc is initialized. ok
guenther@ dtucker@

OpenBSD-Commit-ID:

upstream: Replace calls to ssh_malloc_init() by a static init of

malloc_options. Prepares for changes in the way malloc is initialized. ok
guenther@ dtucker@

OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b

show more ...


# 97370f6c 16-May-2019 Darren Tucker

Fix building w/out ECC.

Ifdef out ECC specific code so that that it'll build against an OpenSSL
configured w/out ECC. With & ok djm@


# 5c8d14c5 16-May-2019 dtucker@openbsd.org

upstream: Move a variable declaration to the block where it's used

to make things a little tidier for -portable.

OpenBSD-Commit-ID: 616379861be95619e5358768b7dee4793e2f3a75


Revision tags: V_8_0_P1
# 2c223878 22-Jan-2019 djm@openbsd.org

upstream: switch mainloop from select(2) to poll(2); ok deraadt@

OpenBSD-Commit-ID: 37645419a330037d297f6f0adc3b3663e7ae7b2e


# c7670b09 21-Jan-2019 djm@openbsd.org

upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up

debug verbosity.

Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run
in debug mode ("ssh-age

upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up

debug verbosity.

Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run
in debug mode ("ssh-agent -d"), so we get to see errors from the
PKCS#11 code.

ok markus@

OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d

show more ...


# 93f02107 20-Jan-2019 djm@openbsd.org

upstream: add support for ECDSA keys in PKCS#11 tokens

Work by markus@ and Pedro Martelletto, feedback and ok me@

OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424


Revision tags: V_7_9_P1, V_7_8_P1, V_7_7_P1
# b0d34132 08-Jan-2018 markus@openbsd.org

upstream commit

switch ssh-pkcs11-helper to new API; ok djm@

OpenBSD-Commit-ID: e0c0ed2a568e25b1d2024f3e630f3fea837c2a42


Revision tags: V_7_6_P1
# 54d90ace 30-May-2017 markus@openbsd.org

upstream commit

switch from Key typedef with struct sshkey; ok djm@

Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f


Revision tags: V_7_5_P1, V_7_4_P1, V_7_3_P1, V_7_2_P2, V_7_2_P1
# ffb1e7e8 15-Feb-2016 dtucker@openbsd.org

upstream commit

Add a function to enable security-related malloc_options.
With and ok deraadt@, something similar has been in the snaps for a while.

Upstream-ID: 43a95523b832b

upstream commit

Add a function to enable security-related malloc_options.
With and ok deraadt@, something similar has been in the snaps for a while.

Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed

show more ...


Revision tags: V_7_1_P2, V_7_1_P1
# ce445b0e 20-Aug-2015 deraadt@openbsd.org

upstream commit

Do not cast result of malloc/calloc/realloc* if stdlib.h
is in scope ok krw millert

Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667


Revision tags: V_7_0_P1, V_6_9_P1, V_6_8_P1
# 087266ec 20-Jan-2015 deraadt@openbsd.org

upstream commit

Reduce use of <sys/param.h> and transition to <limits.h>
throughout. ok djm markus


# 48b68ce1 11-Dec-2014 djm@openbsd.org

upstream commit

explicitly include sys/param.h in files that use the
howmany() macro; from portable


Revision tags: V_6_7_P1
# 8668706d 02-Jul-2014 Damien Miller

- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c

- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.

with and ok markus@

Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.

NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.

show more ...


Revision tags: V_6_6_P1, V_6_5_P1
# f1e44ea9 04-Dec-2013 Damien Miller

- djm@cvs.openbsd.org 2013/12/02 02:56:17
[ssh-pkcs11-helper.c]
use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC


Revision tags: V_6_4_P1, V_6_3_P1
# a627d42e 01-Jun-2013 Darren Tucker

- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c

- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@

show more ...


# 64c6fcee 16-May-2013 Darren Tucker

- dtucker@cvs.openbsd.org 2013/05/10 10:13:50
[ssh-pkcs11-helper.c]
remove unused extern optarg. ok markus@


Revision tags: V_6_2_P2, V_6_2_P1, V_6_1_P1
# 4908d44e 02-Jul-2012 Darren Tucker

- dtucker@cvs.openbsd.org 2012/07/02 12:13:26
[ssh-pkcs11-helper.c sftp-client.c]
fix a couple of "assigned but not used" warnings. ok markus@


Revision tags: V_6_0_P1, V_5_9_P1
# f22019bd 04-May-2011 Damien Miller

- (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.

- (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
[ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
[regress/README.regress] Remove ssh-rand-helper and all its
tentacles. PRNGd seeding has been rolled into entropy.c directly.
Thanks to tim@ for testing on affected platforms.

show more ...


Revision tags: V_5_8_P2, V_5_8_P1, V_5_7_P1, V_5_6_P1, V_5_5_P1
# 47f9a410 13-Mar-2010 Damien Miller

- (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
AT fefe.de


12