Roumen Petrov
2012-May-25 19:24 UTC
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
Dear All, X.509 certificates support for OpenSSH version 6.0p1 was published. I brief new version include : - support for Android platform; - engine implementation is now considered stable; - various regression test improvements including fixes for OpenSSL FIPS enabled 1.0.1 stable release and korn shell Yours sincerely, Roumen Petrov -- Get X.509 certificates support in OpenSSH: http://roumenpetrov.info/openssh/
John Olsson M
2012-May-28 07:19 UTC
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
What is blocking this from being merged into OpenSSH? /John -----Original Message----- From: openssh-unix-dev-bounces+john.m.olsson=ericsson.com at mindrot.org [mailto:openssh-unix-dev-bounces+john.m.olsson=ericsson.com at mindrot.org] On Behalf Of Roumen Petrov Sent: den 25 maj 2012 21:25 To: OpenSSH Devel List Subject: Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1 Dear All, X.509 certificates support for OpenSSH version 6.0p1 was published. I brief new version include : - support for Android platform; - engine implementation is now considered stable; - various regression test improvements including fixes for OpenSSL FIPS enabled 1.0.1 stable release and korn shell Yours sincerely, Roumen Petrov -- Get X.509 certificates support in OpenSSH: http://roumenpetrov.info/openssh/ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev at mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Peter Stuge
2012-May-28 07:57 UTC
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
John Olsson M wrote:> What is blocking this from being merged into OpenSSH?Quite likely the diffstat: $ curl -s http://roumenpetrov.info/openssh/x509-7.2/openssh-6.0p1+x509-7.2.diff.gz | zcat | diffstat INSTALL | 14 LICENCE | 3 Makefile.in | 79 ++ README.x509v3 | 622 +++++++++++++++++++ aclocal.m4 | 2 auth-passwd.c | 7 auth.c | 2 auth2-hostbased.c | 42 + auth2-jpake.c | 49 + auth2-pubkey.c | 159 ++++ authfd.c | 23 authfile.c | 75 ++ cipher.c | 67 ++ cipher.h | 6 config.h.in | 67 ++ configure | 1072 ++++++++++++++++++++++++++++++--- configure.ac | 343 +++++++++- defines.h | 7 dns.c | 343 ++++++++++ dns.h | 32 - evp-compat.h | 134 ++++ hostfile.c | 17 jpake.c | 7 key-eng.c | 677 +++++++++++++++++++++ key-eng.h | 45 + key.c | 194 +++++- key.h | 9 log.c | 24 log.h | 4 loginrec.c | 10 m4/ldap.m4 | 217 ++++++ mac.c | 52 + mac.h | 7 misc.c | 9 moduli.0 | 18 moduli.5 | 10 monitor.c | 8 monitor_wrap.c | 15 openbsd-compat/Makefile.in | 8 openbsd-compat/bsd-arc4random.c | 30 openbsd-compat/bsd-closefrom.c | 23 openbsd-compat/openssl-compat.c | 57 + openbsd-compat/openssl-compat.h | 18 openbsd-compat/xcrypt.c | 11 pathnames.h | 50 + readconf.c | 344 ++++++++++ readconf.h | 50 + regress/Makefile | 12 regress/forwarding.sh | 6 regress/multiplex.sh | 7 regress/sftp-cmds.sh | 6 regress/test-exec.sh | 23 scp.0 | 74 -- scp.1 | 67 -- servconf.c | 300 +++++++++ servconf.h | 44 + session.c | 32 + sftp-server.0 | 15 sftp-server.8 | 10 sftp.0 | 160 +---- sftp.1 | 67 -- ssh-add.0 | 44 - ssh-add.1 | 26 ssh-add.c | 20 ssh-agent.0 | 68 +- ssh-agent.1 | 18 ssh-agent.c | 57 + ssh-dss.c | 199 ++++++ ssh-keygen.0 | 193 +++--- ssh-keygen.1 | 51 + ssh-keygen.c | 36 + ssh-keyscan.0 | 46 - ssh-keyscan.1 | 53 + ssh-keyscan.c | 117 ++- ssh-keysign.0 | 19 ssh-keysign.8 | 12 ssh-keysign.c | 3 ssh-ocsp.c | 1045 ++++++++++++++++++++++++++++++++ ssh-pkcs11-helper.0 | 6 ssh-pkcs11-helper.8 | 10 ssh-pkcs11-helper.c | 5 ssh-pkcs11.c | 57 + ssh-rsa.c | 143 ++++ ssh-x509.c | 1215 ++++++++++++++++++++++++++++++++++++++ ssh-x509.h | 86 ++ ssh-xkalg.c | 532 ++++++++++++++++ ssh-xkalg.h | 58 + ssh.0 | 554 ++++++++--------- ssh.1 | 196 +++--- ssh.c | 76 ++ ssh_config | 13 ssh_config.0 | 632 +++++++++++-------- ssh_config.5 | 247 +++++++ ssh_engine.0 | 64 ++ ssh_engine.5 | 120 +++ sshconnect.c | 69 +- sshconnect2.c | 121 +++ sshd.0 | 430 +++++++------ sshd.8 | 91 ++ sshd.c | 57 + sshd_config | 68 ++ sshd_config.0 | 456 +++++++++----- sshd_config.5 | 259 ++++++++ tests/CA/1-cre_cadb.sh | 417 +++++++++++++ tests/CA/2-cre_cakeys.sh | 382 +++++++++++ tests/CA/2-cre_key.sh | 33 + tests/CA/3-cre_certs.sh | 343 ++++++++++ tests/CA/4-cre_crls.sh | 125 +++ tests/CA/5-cre_ldap.sh | 137 ++++ tests/CA/Makefile.in | 163 +++++ tests/CA/config | 254 +++++++ tests/CA/env.in | 7 tests/CA/functions | 279 ++++++++ tests/CA/openssh_tests.sh | 374 +++++++++++ tests/CA/shell.rc | 41 + tests/CA/test-agent.sh.inc | 165 +++++ tests/CA/test-alg.sh.inc | 140 ++++ tests/CA/test-algfmt.sh.inc | 156 ++++ tests/CA/test-blob_auth.sh.inc | 84 ++ tests/CA/test-by_ldap.sh.inc | 299 +++++++++ tests/CA/test-crl.sh.inc | 266 ++++++++ tests/CA/test-dn_auth_file.sh.inc | 119 +++ tests/CA/test-dn_auth_path.sh.inc | 130 ++++ tests/CA/test-ocsp.sh.inc | 256 ++++++++ tests/CA/test-self.sh.inc | 183 +++++ tests/CA/verify.sh | 44 + umac.c | 4 x509_by_ldap.c | 874 +++++++++++++++++++++++++++ x509_by_ldap.h | 98 +++ x509_nm_cmp.c | 524 ++++++++++++++++ x509store.c | 1034 ++++++++++++++++++++++++++++++++ x509store.h | 123 +++ 132 files changed, 18689 insertions(+), 1822 deletions(-) $ //Peter