Displaying 20 results from an estimated 28 matches for "bn_new".
2017 Feb 03
2
compilation errors on master
...277:28: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}?
return BN_num_bits(k->dsa->p);
^~
sshkey.c: In function ?sshkey_new?:
sshkey.c:478:11: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}?
(rsa->n = BN_new()) == NULL ||
^~
sshkey.c:490:11: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}?
(dsa->p = BN_new()) == NULL ||
^~
sshkey.c: In function ?sshkey_parse_private_pem_fileblob?:
sshkey.c:3792:8: error: dereferencing pointer to incomplete type ?...
2000 Jul 19
2
Why do I *still* need RSA?
OpenSSH Developers,
I'm researching whether or not OpenSSH is a viable commercial
alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the
kind of results that I expected from a "Non patent encumbered ssh
client".
When I attempt to build OpenSSH against an OpenSSL build without rc5,
idea, or rsa it bombs since OpenSSL doesn't place the header files in
the
2006 Feb 12
1
sshd double-logging
...2" : "");
}
debug3("%s: key %p is %s",
@@ -1374,6 +1381,7 @@ mm_answer_rsa_keyallowed(int sock, Buffe
debug3("%s entering", __func__);
+ auth_method = "rsa";
if (options.rsa_authentication && authctxt->valid) {
if ((client_n = BN_new()) == NULL)
fatal("%s: BN_new", __func__);
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...at -lz -lcrypt
ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin
ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_free
ld: 0711-317 ERROR: Undefined symbol: .BN_new
ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free
ld: 0711-317 ERROR: Undefined symbol: .BN_cmp
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2hex
ld: 0711-317 ERROR: Undefined symbol: .ERR_get_error
ld: 0711-317 ERROR: Undefined symbol: .ERR_error_string
ld: 0711-345 Use the -bloadmap or -bnoquie...
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...at -lz -lcrypt
ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin
ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_free
ld: 0711-317 ERROR: Undefined symbol: .BN_new
ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free
ld: 0711-317 ERROR: Undefined symbol: .BN_cmp
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2hex
ld: 0711-317 ERROR: Undefined symbol: .ERR_get_error
ld: 0711-317 ERROR: Undefined symbol: .ERR_error_string
ld: 0711-345 Use the -bloadmap or -bnoquie...
2015 Jun 25
3
Call for testing: OpenSSH 6.9
On Thu, 25 Jun 2015, Michael Felt wrote:
> Just running a standard make, and then a make install to a packaging
> directory. It seems to be complaining about missing keys - not sure yet if
> this is a show stopper
For packaging you want the install-nokeys rule not install.
--
Tim Rice Multitalents
tim at multitalents.net
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2010 Jan 12
2
[patch] Automatically add keys to agent
...on(AuthenticationConnection *auth)
{
int type;
char *comment;
- AuthenticationConnection *auth;
u_char response[16];
u_int i;
Key *key;
BIGNUM *challenge;
- /* Get connection to the agent. */
- auth = ssh_get_authentication_connection();
- if (!auth)
- return 0;
-
if ((challenge = BN_new()) == NULL)
fatal("try_agent_authentication: BN_new failed");
/* Loop through identities served by the agent. */
@@ -134,7 +128,6 @@ try_agent_authentication(void)
/* The server returns success if it accepted the authentication. */
if (type == SSH_SMSG_SUCCESS) {
- ssh_clos...
2005 Feb 24
3
Suggestion: SSHD pseudo/fake mode. Source available.
Hi,
SSH brute force attacks seem to enjoy increasing popularity. Call me an
optimist or a misrouted kind of contributer to the community, but on our
company server I actually go through the logs and report extreme cases
to the providers of the originating IP's. With the increasing number of
these attacks, however, I have now decided that it's better to move the
SSHd to a different
2013 Sep 24
9
[PATCH] curve25519-sha256@libssh.org key exchange proposal
...gned H */
+ signature = packet_get_string(&slen);
+ packet_check_eom();
+
+ crypto_scalarmult_curve25519(shared_secret_raw, client_key, server_pubkey);
+
+#ifdef DEBUG_KEXECDH
+ dump_digest("shared secret", shared_secret_raw, sizeof(shared_secret_raw));
+#endif
+ if ((shared_secret = BN_new()) == NULL)
+ fatal("%s: BN_new failed", __func__);
+ if (BN_bin2bn(shared_secret_raw, sizeof(shared_secret_raw), shared_secret) == NULL)
+ fatal("%s: BN_bin2bn failed", __func__);
+ memset(shared_secret_raw, 0, sizeof(shared_secret_raw));
+
+ /* calc and verify H */
+ kex_c25...
2002 Aug 30
1
LIBCRYPTO?
...ference to `BN_num_bits'
/opt/uClinux-dist/user/ssh/sshd.c:1082: undefined reference to
`BN_num_bits'
/.../ssh/sshd.c:1122: undefined reference to `BN_num_bits'
/opt/uClinux-dist/user/ssh/sshd.c:1122: undefined reference to
`BN_num_bits'
/.../ssh/sshd.c:1143: undefined reference to `BN_new'
/.../ssh/sshd.c:1155: undefined reference to `BN_cmp'
/.../ssh/sshd.c:1157: undefined reference to `BN_num_bits'
/opt/uClinux-dist/user/ssh/sshd.c:1157: undefined reference to
`BN_num_bits'
/.../ssh/sshd.c:1159: undefined reference to `BN_num_bits'
/.../ssh/sshd.c:1159: undefin...
2007 Aug 22
0
Patch to allow checking of v1 keys on remote host.
...-0500
+++ openssh-4.6p1/sshconnect1.c 2007-05-15 03:31:06.740012440 -0400
@@ -69,10 +69,11 @@
u_int i;
Key *key;
BIGNUM *challenge;
+ u_char buf[300];
/* Get connection to the agent. */
auth = ssh_get_authentication_connection();
- if (!auth)
+if (!auth)
return 0;
if ((challenge = BN_new()) == NULL)
@@ -84,7 +85,7 @@
/* Try this identity. */
debug("Trying RSA authentication via agent with '%.100s'", comment);
- xfree(comment);
+ if (!options.checkey) xfree(comment);
/* Tell the server that we are willing to authenticate using this key. */
packet_st...
2007 Aug 21
1
ssh-agent security
...nt ret;
+
+ snprintf(inform_cmdline, sizeof inform_cmdline, "%s %d",
+ inform_cmd, cred.pid);
+ ret = system(inform_cmdline);
+ if (ret != 0) {
+ close_socket(e);
+ return;
+ }
+ }
+ }
+#endif
+
+
+
buffer_init(&msg);
key = key_new(KEY_RSA1);
if ((challenge = BN_new()) == NULL)
@@ -314,6 +339,26 @@
Buffer msg;
Key *key;
+#if defined(SO_PEERCRED)
+ if (AUTH_CONNECTION == e->type) {
+ struct ucred cred;
+ socklen_t len = sizeof(cred);
+ char inform_cmdline[MAXPATHLEN];
+
+ if (run_inform && getsockopt(e->fd, SOL_SOCKET, SO_PEERCRED, &...
2015 Jun 23
2
Call for testing: OpenSSH 6.9
..., size_t len)
{
struct sshbuf *p1;
+#ifdef WITH_OPENSSL
BIGNUM *bn;
+#endif
#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
EC_KEY *eck;
#endif
@@ -54,12 +56,14 @@ attempt_parse_blob(u_char *blob, size_t len)
bzero(s, l);
free(s);
}
+#ifdef WITH_OPENSSL
bn = BN_new();
sshbuf_get_bignum1(p1, bn);
BN_clear_free(bn);
bn = BN_new();
sshbuf_get_bignum2(p1, bn);
BN_clear_free(bn);
+#endif
#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
ASSERT_PTR_NE(eck, NULL);
diff --git a/r...
2017 Sep 22
2
Call for testing: OpenSSH 7.6
...its > SSHBUF_MAX_BIGNUM * 8)
+ bits > SSHBUF_MAX_BIGNUM * 8) {
+ fprintf(stderr, "%s bits %d min %d max %d\n", __func__, bits,
+ SSH_RSA_MINIMUM_MODULUS_SIZE, SSHBUF_MAX_BIGNUM);
return SSH_ERR_KEY_LENGTH;
+ }
*rsap = NULL;
if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) {
ret = SSH_ERR_ALLOC_FAIL;
@@ -1425,8 +1428,10 @@ dsa_generate_private_key(u_int bits, DSA **dsap)
if (dsap == NULL)
return SSH_ERR_INVALID_ARGUMENT;
- if (bits != 1024)
+ if (bits != 1024) {
+ fprintf(stderr, "%s bits %d expected %d\n", __func__, bits, 1024);
r...
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi,
OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2002 Jan 29
2
Key fingerprint logging
...log(RSA *);
#ifdef KRB4
#include <krb.h>
diff -u5 openssh-3.0.2p1.orig/auth1.c openssh-3.0.2p1/auth1.c
--- openssh-3.0.2p1.orig/auth1.c Tue Nov 13 13:46:19 2001
+++ openssh-3.0.2p1/auth1.c Tue Jan 29 13:40:20 2002
@@ -231,11 +231,11 @@
}
/* RSA authentication requested. */
n = BN_new();
packet_get_bignum(n, &nlen);
packet_integrity_check(plen, nlen, type);
- authenticated = auth_rsa(pw, n);
+ authenticated = auth_rsa(pw, n, info, sizeof(info));
BN_clear_free(n);
break;
case SSH_CMSG_AUTH_PASSWORD:
if (!options.password_authentication) {
diff -u5...
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi,
OpenSSH 6.9 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This release contains
some substantial new features and a number of bugfixes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is
2001 Jun 28
1
Adding 'name' key types
Playing around with the [wonderful] GSS-API patches for OpenSSH [1] I
noticed that there is a bit of functionality missing from
OpenSSH/GSS-API, namely that authorized_keys2 has no meaning when using
GSS authentication.
Yes, ~/.k5login can be used to grant access to an account for
applications that support Kerberos, as does OpenSSH with those GSS
patches, but .k5login does not and cannot provide