0fa803a1dd
Prefer OpenSSL's SHA256 in sk-dummy.so
...
Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
built without OpenSSL. In many cases, however, including both libc's
and OpenSSL's headers together caused conflicting definitions.
We tried working around this (on OpenSSL <1.1 you could define
OPENSSL_NO_SHA, NetBSD had USE_LIBC_SHA2, various #define hacks) with
varying levels of success. Since OpenSSL >=1.1 removed OPENSSL_NO_SHA
and including most OpenSSL headers would bring sha.h in, even if it
wasn't used directly this was a constant hassle.
Admit defeat and use OpenSSL's SHA256 unless we aren't using OpenSSL at
all. ok djm@
2023-07-27 10:30:12 +10:00
b500afcf00
upstream: Remove compat code for OpenSSL 1.0.*
...
versions now that -portable has dropped support for those versions.
OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
2023-03-28 19:03:10 +11:00
727560e601
Prevent conflicts between Solaris SHA2 and OpenSSL.
...
We used to prevent conflicts between native SHA2 headers and OpenSSL's
by setting OPENSSL_NO_SHA but that was removed prior to OpenSSL 1.1.0
2023-03-28 19:03:03 +11:00
46db8e14b7
Remove HEADER_SHA_H from previous...
...
since it causes more problems than it solves.
2023-03-28 12:44:03 +11:00
72bd68d373
Replace OPENSSL_NO_SHA with HEADER_SHA_H.
...
Since this test doesn't use OpenSSL's SHA2 and may cause conflicts we
don't want to include it, but OPENSSL_NO_SHA was removed beginning in
OpenSSL's 1.1 series.
2023-03-28 10:35:18 +11:00
8ec2e31238
upstream: adapt to ed25519 changes in src/usr.bin/ssh
...
OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
2023-01-16 10:57:42 +11:00
c46f6fed41
crank SSH_SK_VERSION_MAJOR in sk-dummy.so
2022-07-20 13:39:14 +10:00
ed45a01686
upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
...
usr/bin/ssh
OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
2021-11-03 10:10:09 +11:00
ccd358e1e2
upstream: avoid signedness warning; spotted in -portable
...
OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
2021-10-29 14:25:32 +11:00
c5de1fffa6
upstream: increment SSH_SK_VERSION_MAJOR to match last change
...
OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
2021-10-28 13:57:52 +11:00
7cd062c3a2
Add USE_LIBC_SHA2 for (at least) NetBSD 9.
2021-10-06 17:45:28 +11:00
639c440f6c
Define OPENSSL_NO_SHA including OpenSSL from test.
...
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
2021-10-06 17:09:31 +11:00
e3e62deb54
upstream: use libc SHA256 functions; make this work when compiled
...
!WITH_OPENSSL
OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
2021-10-06 14:40:26 +11:00
5a37cc118f
fix broken OPENSSL_HAS_ECC test
...
spotted by dtucker
2021-10-06 13:16:21 +11:00
16a25414f3
make sk-dummy.so work without libcrypto installed
2021-10-01 22:40:06 +10:00
7c2e3d6de1
upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy
...
security key middleware to be directly linked; useful for writing fuzzers,
etc.
OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
2021-01-30 11:58:38 +11:00
1050109b4b
Remove duplicated declaration in fatal.c .
2021-01-12 07:08:26 +11:00
816036f142
upstream: use the new variant log macros instead of prepending
...
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
d55dfed34e
missing header
2020-10-17 22:55:24 +11:00
999d7cb79a
sync regress/misc/sk-dummy/fatal.c
2020-10-17 22:47:52 +11:00
0f938f9986
adapt sk-dummy's fatal implementation to changes
2020-10-17 11:42:26 +11:00
bbf20ac806
upstream: adapt to SSH_SK_VERSION_MAJOR crank
...
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
2020-09-09 13:12:29 +10:00
9cbbdc12cb
upstream: dummy firmware needs to match API version numner crank (for
...
verify-required resident keys) even though it doesn't implement this feature
OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
2020-08-27 12:16:23 +10:00
a01817a9f6
upstream: adapt dummy FIDO middleware to API change; ok markus@
...
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
2020-05-01 13:13:36 +10:00
1af3354aea
Wrap stdint.h in ifdef HAVE_STDINT_H.
2020-01-15 16:22:36 +11:00
dd2acc8b86
upstream: adapt sk-dummy to SK API changes
...
also, make it pull prototypes directly from sk-api.c and #error
if the expected version changes. This will make any future regress
test breakage because of SK API changes much more apparent
OpenBSD-Regress-ID: 79b07055de4feb988e31da71a89051ad5969829d
2020-01-06 13:12:46 +11:00
680eb7749a
upstream: implement recent SK API change to support resident keys
...
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@
OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
2020-01-03 13:47:32 +11:00
fa7924008e
Wrap ECC specific bits in ifdef.
...
Fixes tests when built against an OpenSSL configured with no-ec.
2019-12-06 14:17:26 +11:00
37f5b5346e
includes.h for sk-dummy.c, dummy
2019-11-29 14:48:46 +11:00
ef3853bb94
another attempt at sk-dummy.so working x-platform
...
include a fatal() implementation to satisfy libopenbsd-compat
clean up .lo and .so files
.gitignore .lo and .so files
2019-11-29 11:52:23 +11:00
d46ac56f1c
upstream: lots of dependencies go away here with ed25519 no longer
...
needing the ssh_digest API.
OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
2019-11-29 11:19:48 +11:00
c6efa8a91a
upstream: add dummy security key middleware based on work by
...
markus@
This will allow us to test U2F/FIDO2 support in OpenSSH without
requiring real hardware.
ok markus@
OpenBSD-Regress-ID: 88b309464b8850c320cf7513f26d97ee1fdf9aae
2019-11-27 10:47:28 +11:00
Darren Tucker
dtucker@openbsd.org
djm@openbsd.org
Damien Miller
anatasluo