Commit Graph

332 Commits

Author SHA1 Message Date
Yanbing 6b807ae229 file permission on ssh_config, authorized_keys, private keys, host keys, public keys. (#110)
1. Add file permission check when load or add ssh_config, authorized_keys, private keys, host keys,.
2. set the owner and ACE for create secure file, ex, private key in ssh-keygen.exe
3. Update script OpenSSHTestHelper.psm1 to be able to run Install-OpenSSH if the sshd is running on the machine.
4. add OpenSSHBinPath to path.
5. change indents in agentconfig.c
6. update test script to represent the changes
7. Add tests for:
* authorized_keys and ssh-keygen testing
* host keys file perm testing
* user private key file perm testing
* ssh-add test
* user ssh_config
2017-05-01 14:18:20 -07:00
Manoj Ampalam eab3af4216 Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw 2017-03-10 12:30:28 -08:00
djm@openbsd.org db2597207e upstream commit
ensure hostname is lower-case before hashing it;
bz#2591 reported by Griff Miller II; ok dtucker@

Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
2017-03-10 15:35:39 +11:00
Manoj Ampalam 119e3aa383 Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw 2017-03-06 16:42:31 -08:00
dtucker@openbsd.org 18501151cf upstream commit
Check l->hosts before dereferencing; fixes potential null
pointer deref. ok djm@

Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
2017-03-06 13:44:46 +11:00
dtucker@openbsd.org d072370793 upstream commit
linenum is unsigned long so use %lu in log formats.  ok
deraadt@

Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
2017-03-06 13:17:31 +11:00
djm@openbsd.org 12d3767ba4 upstream commit
fix ssh-keygen -H accidentally corrupting known_hosts that
contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
hostkeys_foreach() when hostname matching is in use, so we need to look for
the hash marker explicitly.

Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
2017-03-03 17:14:35 +11:00
dtucker@openbsd.org 3baa4cdd19 upstream commit
Do not show rsa1 key type in usage when compiled without
SSH1 support.

Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
2017-02-17 14:52:24 +11:00
djm@openbsd.org a287c5ad1e upstream commit
Sanitise escape sequences in key comments sent to printf
but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@

Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
2017-02-10 14:38:06 +11:00
millert@openbsd.org e40269be38 upstream commit
Avoid printf %s NULL.  From semarie@, OK djm@

Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
2017-02-10 14:37:26 +11:00
Manoj Ampalam 3508cdc624 Fixed Issue: Invalid ECDSA key length for valid key length (https://github.com/PowerShell/Win32-OpenSSH/issues/413)
https://github.com/PowerShell/Win32-OpenSSH/issues/413
2017-01-10 22:02:46 -08:00
Manoj Ampalam 5ad8a2c358 Sources Merged from Win32 Fork 2016-12-19 14:46:28 -08:00
Darren Tucker 7050896e73 Resync ssh-keygen -W error message with upstream. 2016-09-12 13:57:28 +10:00
Darren Tucker 43cceff82c Move ssh-keygen -W handling code to match upstream 2016-09-12 13:57:07 +10:00
Darren Tucker af48d54136 Move ssh-keygen -T handling code to match upstream. 2016-09-12 13:52:17 +10:00
Darren Tucker d8c3cfbb01 Move -M handling code to match upstream. 2016-09-12 13:51:04 +10:00
dtucker@openbsd.org 7b63cf6dbb upstream commit
Spaces->tabs.

Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
2016-09-12 13:49:24 +10:00
dtucker@openbsd.org 11e5e64453 upstream commit
Style whitespace fix.  Also happens to remove a no-op
diff with portable.

Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
2016-09-12 13:47:51 +10:00
Darren Tucker 0bb2980260 Restore ssh-keygen's -J and -j option handling.
These were incorrectly removed in the 1d9a2e28 sync commit.
2016-09-12 11:07:00 +10:00
djm@openbsd.org 57464e3934 upstream commit
support SHA256 and SHA512 RSA signatures in certificates;
 ok markus@

Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
2016-05-02 20:35:05 +10:00
djm@openbsd.org 1a31d02b24 upstream commit
fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-05-02 20:35:04 +10:00
dtucker@openbsd.org ffb1e7e896 upstream commit
Add a function to enable security-related malloc_options.
  With and ok deraadt@, something similar has been in the snaps for a while.

Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
2016-02-16 10:44:00 +11:00
djm@openbsd.org cce6a36bb9 upstream commit
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
 reading key files. Increase it to match the size of the buffers already being
 used.

Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
2015-12-18 14:49:32 +11:00
mmcc@openbsd.org 89540b6de0 upstream commit
Remove NULL-checks before sshkey_free().

ok djm@

Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
2015-12-18 14:49:32 +11:00
markus@openbsd.org 76c9fbbe35 upstream commit
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt; with & ok djm@

Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-07 12:38:58 +11:00
deraadt@openbsd.org 6da413c085 upstream commit
do not leak temp file if there is no known_hosts file
 from craig leres, ok djm

Upstream-ID: c820497fd5574844c782e79405c55860f170e426
2015-11-30 09:45:53 +11:00
halex@openbsd.org 4d90625b22 upstream commit
allow comment change for all supported formats

ok djm@

Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
2015-11-28 17:44:32 +11:00
djm@openbsd.org 964ab3ee7a upstream commit
trailing whitespace

Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
2015-11-19 12:13:38 +11:00
djm@openbsd.org 499cf36fec upstream commit
move the certificate validity formatting code to
 sshkey.[ch]

Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
2015-11-19 12:11:37 +11:00
djm@openbsd.org bcb7bc77bb upstream commit
fix "ssh-keygen -l" of private key, broken in support for
 multiple plain keys on stdin

Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
2015-11-18 19:40:25 +11:00
djm@openbsd.org c56a255162 upstream commit
Allow fingerprinting from standard input "ssh-keygen -lf
 -"

Support fingerprinting multiple plain keys in a file and authorized_keys
files too (bz#1319)

ok markus@

Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
2015-11-17 11:22:15 +11:00
djm@openbsd.org 94bc0b72c2 upstream commit
support multiple certificates (one per line) and
 reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@

Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
2015-11-16 11:31:36 +11:00
djm@openbsd.org c837643b93 upstream commit
fixed unlink([uninitialised memory]) reported by Mateusz
 Kocielski; ok markus@

Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
2015-08-20 13:07:40 +10:00
djm@openbsd.org 933935ce8d upstream commit
refuse to generate or accept RSA keys smaller than 1024
 bits; feedback and ok dtucker@

Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
2015-07-15 15:36:02 +10:00
djm@openbsd.org c28fc62d78 upstream commit
delete support for legacy v00 certificates; "sure"
 markus@ dtucker@

Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
2015-07-15 15:35:09 +10:00
djm@openbsd.org 1d9a2e2849 upstream commit
wrap all moduli-related code in #ifdef WITH_OPENSSL.
 based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@

Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
2015-05-28 18:54:58 +10:00
djm@openbsd.org d1958793a0 upstream commit
make ssh-keygen default to ed25519 keys when compiled
 without OpenSSL; bz#2388, ok dtucker@

Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
2015-05-28 18:54:54 +10:00
djm@openbsd.org 4739e8d5e1 upstream commit
Support "ssh-keygen -lF hostname" to find search known_hosts
 and print key hashes. Already advertised by ssh-keygen(1), but not delivered
 by code; ok dtucker@

Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
2015-05-21 22:04:07 +10:00
djm@openbsd.org 734226b448 upstream commit
fix compilation with OPENSSL=no; ok dtucker@
2015-04-29 18:19:05 +10:00
deraadt@openbsd.org 657a5fbc0d upstream commit
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
2015-04-29 18:15:23 +10:00
djm@openbsd.org 3038a19187 upstream commit
use error/logit/fatal instead of fprintf(stderr, ...)
 and exit(0), fix a few errors that were being printed to stdout instead of
 stderr and a few non-errors that were going to stderr instead of stdout
 bz#2325; ok dtucker
2015-04-29 18:14:20 +10:00
tobias@openbsd.org 704d8c8898 upstream commit
Comments are only supported for RSA1 keys. If a user
 tried to add one and entered his passphrase, explicitly clear it before exit.
 This is done in all other error paths, too.

ok djm
2015-04-01 10:00:27 +11:00
djm@openbsd.org 5c27e3b6ec upstream commit
for ssh-keygen -A, don't try (and fail) to generate ssh
 v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled
 without OpenSSL based on patch by Mike Frysinger; bz#2369
2015-03-23 17:10:14 +11:00
djm@openbsd.org f43d172691 upstream commit
don't printf NULL key comments; reported by Tom Christensen
2015-02-27 07:46:23 +11:00
naddy@openbsd.org 6288e3a935 upstream commit
add -v (show ASCII art) to -l's synopsis; ok djm@
2015-02-26 04:32:08 +11:00
djm@openbsd.org 2285c30d51 upstream commit
further silence spurious error message even when -v is
 specified (e.g. to get visual host keys); reported by naddy@
2015-02-24 09:21:48 +11:00
djm@openbsd.org e94e4b07ef upstream commit
silence a spurious error message when listing
 fingerprints for known_hosts; bz#2342
2015-02-24 03:59:09 +11:00
Damien Miller 773dda25e8 repair --without-openssl; broken in refactor 2015-02-18 22:29:32 +11:00
djm@openbsd.org 6c5c949782 upstream commit
Refactor hostkeys_foreach() and dependent code Deal with
 IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
 changed ok markus@ as part of larger commit
2015-02-17 09:32:31 +11:00
djm@openbsd.org 669aee9943 upstream commit
permit KRLs that revoke certificates by serial number or
 key ID without scoping to a particular CA; ok markus@
2015-01-30 12:17:07 +11:00