Commit Graph

14 Commits

Author SHA1 Message Date
djm@openbsd.org 014e2f147a upstream: sshsk_load_resident: don't preallocate resp
resp is allocated by client_converse(), at which point we lose
the original pointer.

From Pedro Martelletto; ok dtucker & me

OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
2022-01-14 14:40:40 +11:00
djm@openbsd.org c88265f207 upstream: sshsk_sign: trim call to sshkey_fingerprint()
the resulting fingerprint doesn't appear to be used for anything,
and we end up leaking it.

from Pedro Martelletto; ok dtucker & me

OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
2022-01-14 14:40:40 +11:00
djm@openbsd.org 0001d04e55 upstream: When downloading resident keys from a FIDO token, pass
back the user ID that was used when the key was created and append it to the
filename the key is written to (if it is not the default).

Avoids keys being clobbered if the user created multiple
resident keys with the same application string but different
user IDs.

feedback Pedro Martelletto; ok markus

NB. increments SSH_SK_VERSION_MAJOR

OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
2021-10-28 13:56:59 +11:00
djm@openbsd.org 31d8d231eb upstream: highly polished whitespace, mostly fixing spaces-for-tab
and bad indentation on continuation lines. Prompted by GHPR#185

OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
2021-04-03 17:23:02 +11:00
djm@openbsd.org 816036f142 upstream: use the new variant log macros instead of prepending
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
dtucker@openbsd.org 3bf2a6ac79 upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-23 18:51:25 +11:00
djm@openbsd.org b5fcb0ac1c upstream: check access(ssh-sk-helper, X_OK) to provide friendly
error message for misconfigured helper paths

OpenBSD-Commit-ID: 061bcc262155d12e726305c91394ac0aaf1f8341
2020-01-21 18:09:25 +11:00
djm@openbsd.org 57b181eaf2 upstream: pass the log-on-stderr flag and log level through to
ssh-sk-helper, making debugging a bit easier. ok markus@

OpenBSD-Commit-ID: 2e7aea6bf5770d3f38b7c7bba891069256c5a49a
2020-01-21 18:09:09 +11:00
djm@openbsd.org c312ca077c upstream: Extends the SK API to accept a set of key/value options
for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to change
the API version for each.

At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O

This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.

feedback, fixes and ok markus@

OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
2020-01-06 13:12:46 +11:00
djm@openbsd.org c54cd1892c upstream: SK API and sk-helper error/PIN passing
Allow passing a PIN via the SK API (API major crank) and let the
ssh-sk-helper API follow.

Also enhance the ssh-sk-helper API to support passing back an error
code instead of a complete reply. Will be used to signal "wrong PIN",
etc.

feedback and ok markus@

OpenBSD-Commit-ID: a1bd6b0a2421646919a0c139b8183ad76d28fb71
2019-12-30 20:59:33 +11:00
djm@openbsd.org 27753a8e21 upstream: implement loading of resident keys in ssh-sk-helper
feedback and ok markus@

OpenBSD-Commit-ID: b273c23769ea182c55c4a7b8f9cbd9181722011a
2019-12-30 20:58:19 +11:00
Damien Miller 9244990ecd remove a bunch of ENABLE_SK #ifdefs
The ssh-sk-helper client API gives us a nice place to disable
security key support when it is wasn't enabled at compile time,
so we don't need to check everywere.

Also, verification of security key signatures can remain enabled
all the time - it has no additional dependencies. So sshd can
accept security key pubkeys in authorized_keys, etc regardless of
the host's support for dlopen, etc.
2019-12-14 09:21:46 +11:00
Damien Miller a33ab1688b ssh-sk-client.c needs includes.h 2019-12-14 09:15:06 +11:00
djm@openbsd.org d214347667 upstream: actually commit the ssh-sk-helper client code; ok markus
OpenBSD-Commit-ID: fd2ea776a5bbbf4d452989d3c3054cf25a5e0589
2019-12-14 07:21:27 +11:00