search for: bn_new

Displaying 20 results from an estimated 28 matches for "bn_new".

2017 Feb 03
2
compilation errors on master
...277:28: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}? return BN_num_bits(k->dsa->p); ^~ sshkey.c: In function ?sshkey_new?: sshkey.c:478:11: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}? (rsa->n = BN_new()) == NULL || ^~ sshkey.c:490:11: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}? (dsa->p = BN_new()) == NULL || ^~ sshkey.c: In function ?sshkey_parse_private_pem_fileblob?: sshkey.c:3792:8: error: dereferencing pointer to incomplete type ?...
2000 Jul 19
2
Why do I *still* need RSA?
OpenSSH Developers, I'm researching whether or not OpenSSH is a viable commercial alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the kind of results that I expected from a "Non patent encumbered ssh client". When I attempt to build OpenSSH against an OpenSSL build without rc5, idea, or rsa it bombs since OpenSSL doesn't place the header files in the
2006 Feb 12
1
sshd double-logging
...2" : ""); } debug3("%s: key %p is %s", @@ -1374,6 +1381,7 @@ mm_answer_rsa_keyallowed(int sock, Buffe debug3("%s entering", __func__); + auth_method = "rsa"; if (options.rsa_authentication && authctxt->valid) { if ((client_n = BN_new()) == NULL) fatal("%s: BN_new", __func__); -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...at -lz -lcrypt ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn ld: 0711-317 ERROR: Undefined symbol: .BN_free ld: 0711-317 ERROR: Undefined symbol: .BN_new ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free ld: 0711-317 ERROR: Undefined symbol: .BN_cmp ld: 0711-317 ERROR: Undefined symbol: .BN_bn2hex ld: 0711-317 ERROR: Undefined symbol: .ERR_get_error ld: 0711-317 ERROR: Undefined symbol: .ERR_error_string ld: 0711-345 Use the -bloadmap or -bnoquie...
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...at -lz -lcrypt ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn ld: 0711-317 ERROR: Undefined symbol: .BN_free ld: 0711-317 ERROR: Undefined symbol: .BN_new ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free ld: 0711-317 ERROR: Undefined symbol: .BN_cmp ld: 0711-317 ERROR: Undefined symbol: .BN_bn2hex ld: 0711-317 ERROR: Undefined symbol: .ERR_get_error ld: 0711-317 ERROR: Undefined symbol: .ERR_error_string ld: 0711-345 Use the -bloadmap or -bnoquie...
2015 Jun 25
3
Call for testing: OpenSSH 6.9
On Thu, 25 Jun 2015, Michael Felt wrote: > Just running a standard make, and then a make install to a packaging > directory. It seems to be complaining about missing keys - not sure yet if > this is a show stopper For packaging you want the install-nokeys rule not install. -- Tim Rice Multitalents tim at multitalents.net
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2010 Jan 12
2
[patch] Automatically add keys to agent
...on(AuthenticationConnection *auth) { int type; char *comment; - AuthenticationConnection *auth; u_char response[16]; u_int i; Key *key; BIGNUM *challenge; - /* Get connection to the agent. */ - auth = ssh_get_authentication_connection(); - if (!auth) - return 0; - if ((challenge = BN_new()) == NULL) fatal("try_agent_authentication: BN_new failed"); /* Loop through identities served by the agent. */ @@ -134,7 +128,6 @@ try_agent_authentication(void) /* The server returns success if it accepted the authentication. */ if (type == SSH_SMSG_SUCCESS) { - ssh_clos...
2005 Feb 24
3
Suggestion: SSHD pseudo/fake mode. Source available.
Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different
2013 Sep 24
9
[PATCH] curve25519-sha256@libssh.org key exchange proposal
...gned H */ + signature = packet_get_string(&slen); + packet_check_eom(); + + crypto_scalarmult_curve25519(shared_secret_raw, client_key, server_pubkey); + +#ifdef DEBUG_KEXECDH + dump_digest("shared secret", shared_secret_raw, sizeof(shared_secret_raw)); +#endif + if ((shared_secret = BN_new()) == NULL) + fatal("%s: BN_new failed", __func__); + if (BN_bin2bn(shared_secret_raw, sizeof(shared_secret_raw), shared_secret) == NULL) + fatal("%s: BN_bin2bn failed", __func__); + memset(shared_secret_raw, 0, sizeof(shared_secret_raw)); + + /* calc and verify H */ + kex_c25...
2002 Aug 30
1
LIBCRYPTO?
...ference to `BN_num_bits' /opt/uClinux-dist/user/ssh/sshd.c:1082: undefined reference to `BN_num_bits' /.../ssh/sshd.c:1122: undefined reference to `BN_num_bits' /opt/uClinux-dist/user/ssh/sshd.c:1122: undefined reference to `BN_num_bits' /.../ssh/sshd.c:1143: undefined reference to `BN_new' /.../ssh/sshd.c:1155: undefined reference to `BN_cmp' /.../ssh/sshd.c:1157: undefined reference to `BN_num_bits' /opt/uClinux-dist/user/ssh/sshd.c:1157: undefined reference to `BN_num_bits' /.../ssh/sshd.c:1159: undefined reference to `BN_num_bits' /.../ssh/sshd.c:1159: undefin...
2007 Aug 22
0
Patch to allow checking of v1 keys on remote host.
...-0500 +++ openssh-4.6p1/sshconnect1.c 2007-05-15 03:31:06.740012440 -0400 @@ -69,10 +69,11 @@ u_int i; Key *key; BIGNUM *challenge; + u_char buf[300]; /* Get connection to the agent. */ auth = ssh_get_authentication_connection(); - if (!auth) +if (!auth) return 0; if ((challenge = BN_new()) == NULL) @@ -84,7 +85,7 @@ /* Try this identity. */ debug("Trying RSA authentication via agent with '%.100s'", comment); - xfree(comment); + if (!options.checkey) xfree(comment); /* Tell the server that we are willing to authenticate using this key. */ packet_st...
2007 Aug 21
1
ssh-agent security
...nt ret; + + snprintf(inform_cmdline, sizeof inform_cmdline, "%s %d", + inform_cmd, cred.pid); + ret = system(inform_cmdline); + if (ret != 0) { + close_socket(e); + return; + } + } + } +#endif + + + buffer_init(&msg); key = key_new(KEY_RSA1); if ((challenge = BN_new()) == NULL) @@ -314,6 +339,26 @@ Buffer msg; Key *key; +#if defined(SO_PEERCRED) + if (AUTH_CONNECTION == e->type) { + struct ucred cred; + socklen_t len = sizeof(cred); + char inform_cmdline[MAXPATHLEN]; + + if (run_inform && getsockopt(e->fd, SOL_SOCKET, SO_PEERCRED, &...
2015 Jun 23
2
Call for testing: OpenSSH 6.9
..., size_t len) { struct sshbuf *p1; +#ifdef WITH_OPENSSL BIGNUM *bn; +#endif #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) EC_KEY *eck; #endif @@ -54,12 +56,14 @@ attempt_parse_blob(u_char *blob, size_t len) bzero(s, l); free(s); } +#ifdef WITH_OPENSSL bn = BN_new(); sshbuf_get_bignum1(p1, bn); BN_clear_free(bn); bn = BN_new(); sshbuf_get_bignum2(p1, bn); BN_clear_free(bn); +#endif #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ASSERT_PTR_NE(eck, NULL); diff --git a/r...
2017 Sep 22
2
Call for testing: OpenSSH 7.6
...its > SSHBUF_MAX_BIGNUM * 8) + bits > SSHBUF_MAX_BIGNUM * 8) { + fprintf(stderr, "%s bits %d min %d max %d\n", __func__, bits, + SSH_RSA_MINIMUM_MODULUS_SIZE, SSHBUF_MAX_BIGNUM); return SSH_ERR_KEY_LENGTH; + } *rsap = NULL; if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -1425,8 +1428,10 @@ dsa_generate_private_key(u_int bits, DSA **dsap) if (dsap == NULL) return SSH_ERR_INVALID_ARGUMENT; - if (bits != 1024) + if (bits != 1024) { + fprintf(stderr, "%s bits %d expected %d\n", __func__, bits, 1024); r...
2001 Nov 20
3
problem with AFS token forwarding
Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2002 Jan 29
2
Key fingerprint logging
...log(RSA *); #ifdef KRB4 #include <krb.h> diff -u5 openssh-3.0.2p1.orig/auth1.c openssh-3.0.2p1/auth1.c --- openssh-3.0.2p1.orig/auth1.c Tue Nov 13 13:46:19 2001 +++ openssh-3.0.2p1/auth1.c Tue Jan 29 13:40:20 2002 @@ -231,11 +231,11 @@ } /* RSA authentication requested. */ n = BN_new(); packet_get_bignum(n, &nlen); packet_integrity_check(plen, nlen, type); - authenticated = auth_rsa(pw, n); + authenticated = auth_rsa(pw, n, info, sizeof(info)); BN_clear_free(n); break; case SSH_CMSG_AUTH_PASSWORD: if (!options.password_authentication) { diff -u5...
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi, OpenSSH 6.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is
2001 Jun 28
1
Adding 'name' key types
Playing around with the [wonderful] GSS-API patches for OpenSSH [1] I noticed that there is a bit of functionality missing from OpenSSH/GSS-API, namely that authorized_keys2 has no meaning when using GSS authentication. Yes, ~/.k5login can be used to grant access to an account for applications that support Kerberos, as does OpenSSH with those GSS patches, but .k5login does not and cannot provide