Displaying 20 results from an estimated 37 matches for "key_unspec".
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
...sh-keygen.c b/ssh-keygen.c
index ea3c0e63888..215693eaca6 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -275,7 +275,8 @@ load_identity(char *filename)
struct sshkey *prv;
int r;
- if ((r = sshkey_load_private(filename, "", &prv, NULL)) == 0)
+ if ((r = sshkey_load_private_type(KEY_UNSPEC, filename, "",
+ &prv, NULL)) == 0)
return prv;
if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
fatal("Load key \"%s\": %s", filename, ssh_err(r));
@@ -283,7 +284,7 @@ load_identity(char *filename)
pass = xstrdup(identity_passphrase);
else
pass = read_pa...
2003 Mar 31
1
[Bug 526] potential ssh-keysign segfault if pktype == KEY_UNSPEC
http://bugzilla.mindrot.org/show_bug.cgi?id=526
Summary: potential ssh-keysign segfault if pktype == KEY_UNSPEC
Product: Portable OpenSSH
Version: 3.6p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: cjwats...
2001 May 25
1
ssh-keygen segfault (2.9p1)
....c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- authfile.c 2001/04/18 23:44:51 1.32
+++ authfile.c 2001/05/16 20:51:57 1.33
@@ -555,7 +555,8 @@
lseek(fd, (off_t) 0, SEEK_SET); /* rewind */
if (pub == NULL) {
/* closes fd */
- return key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL);
+ return key_load_private_pem(fd, KEY_UNSPEC, passphrase,
+ commentp);
} else {
/* it's a SSH v1 key if the public key part is readable */
key_free(pub);
2002 Jan 24
1
PATCH: krb4/krb5/... names/patterns in auth_keys entries
...en this key is used for authentication.
Any port forward requests by the client will return an error.
Index: 3_0_2p1.1/key.h
--- 3_0_2p1.1/key.h Wed, 21 Nov 2001 10:38:46 -0500
+++ 3_0_2p1_w_named_keys.1(w)/key.h Thu, 24 Jan 2002 10:52:24 -0500
@@ -34,7 +34,9 @@
KEY_RSA1,
KEY_RSA,
KEY_DSA,
- KEY_UNSPEC
+ KEY_UNSPEC,
+ KEY_NAME,
+ KEY_NAME_PAT
};
enum fp_type {
SSH_FP_SHA1,
@@ -53,12 +55,15 @@
int flags;
RSA *rsa;
DSA *dsa;
+ u_char *name;
+ char *name_type;
};
Key *key_new(int);
Key *key_new_private(int);
void key_free(Key *);
int key_equal(Key *, Key *);
+int key_match(Key *...
2001 Aug 15
0
[ossh patch] principal name/patterns in authorized_keys2
...s by the client will return an error.
Index: 2_9_p2.1/key.h
--- 2_9_p2.1/key.h Thu, 03 May 2001 16:12:13 -0400 jd (OpenSSH/j/7_key.h 1.1 644)
+++ 2_9_p2_w_named_keys.2/key.h Tue, 03 Jul 2001 13:57:30 -0400 willian (OpenSSH/j/7_key.h 1.1.1.1 644)
@@ -34,7 +34,9 @@
KEY_RSA1,
KEY_RSA,
KEY_DSA,
- KEY_UNSPEC
+ KEY_UNSPEC,
+ KEY_NAME,
+ KEY_NAME_PAT
};
enum fp_type {
SSH_FP_SHA1,
@@ -48,12 +50,16 @@
int type;
RSA *rsa;
DSA *dsa;
+ u_char *name;
+ u_int name_len;
+ char *name_type;
};
Key *key_new(int type);
Key *key_new_private(int type);
void key_free(Key *k);
int key_equal(Key *a, Key...
2001 Jun 28
1
Adding 'name' key types
Playing around with the [wonderful] GSS-API patches for OpenSSH [1] I
noticed that there is a bit of functionality missing from
OpenSSH/GSS-API, namely that authorized_keys2 has no meaning when using
GSS authentication.
Yes, ~/.k5login can be used to grant access to an account for
applications that support Kerberos, as does OpenSSH with those GSS
patches, but .k5login does not and cannot provide
2001 Nov 25
2
displaying identity key comment string in passphrase prompt
...====== sshconnect2.c
- in load_identity_file() add a comment string pointer
and a few lines to print the key comment if requested
and the comment string exists.
diff:
603a604,605
> // added:
> char *comment;
611c613,622
< private = key_load_private_type(KEY_UNSPEC, filename, "", NULL);
---
>
> comment = NULL;
>
> debug("load_identity_file: loading private key from %s", filename);
>
> // private = key_load_private_type(KEY_UNSPEC, filename, "", NULL);
> private = key_load_private_type(...
2001 Mar 04
1
bubblebabble patch
...ds the possibility of displaying key fingerprints
in the bubblebabble format used by ssh.com ssh implementations.
I hope it makes its way into the source.
--- ./openssh-2.5.1/key_original.h Sun Mar 4 00:47:55 2001
+++ ./openssh-2.5.1/key.h Sun Mar 4 00:57:57 2001
@@ -36,6 +36,17 @@
KEY_DSA,
KEY_UNSPEC
};
+
+enum digest_type {
+ DIGEST_TYPE_SHA1,
+ DIGEST_TYPE_MD5
+};
+
+enum digest_representation {
+ DIGEST_REPRESENTATION_HEX,
+ DIGEST_REPRESENTATION_BUBBLEBABBLE
+};
+
struct Key {
int type;
RSA *rsa;
@@ -46,6 +57,7 @@
Key *key_new_private(int type);
void key_free(Key *k);
int key_equal...
2010 Jan 12
2
[patch] Automatically add keys to agent
...passphrase;
- int perm_ok = 0, quit, i;
+ char prompt[300], *passphrase, *comment = NULL;
+ int perm_ok = 0, quit, i, allowed = 0;
struct stat st;
if (stat(filename, &st) < 0) {
debug3("no such identity: %s", filename);
return NULL;
}
- private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok);
- if (!perm_ok)
+ private = key_load_private_type(KEY_UNSPEC, filename, "", &comment, &perm_ok);
+ if (!perm_ok) {
+ if (comment)
+ xfree(comment);
return NULL;
+ }
if (private == NULL) {
- if (options.batch_mode)
+ if (optio...
2003 Nov 27
2
Question about adding another parameter for OpenSSH
...t = 0;
} else {
debug2("no passphrase given, try next key");
--- sshconnect2.c.orig Thu Nov 27 16:31:25 2003
+++ sshconnect2.c Thu Nov 27 16:36:38 2003
@@ -967,7 +967,8 @@
debug3("no such identity: %s", filename);
return NULL;
}
- private = key_load_private_type(KEY_UNSPEC, filename, "", NULL);
+ private = key_load_private_type(KEY_UNSPEC, filename, "", NULL,
+ options.group_private_key);
if (private == NULL) {
if (options.batch_mode)
return NULL;
@@ -977,7 +978,8 @@
passphrase = read_passphrase(prompt, 0);
if (strcmp(passphra...
2012 Jul 28
1
[PATCH] ssh-keygen: support public key import/export using SubjectPublicKeyInfo
...k, int *private)
+{
+ FILE *fp;
+ RSA *rsa;
+#ifdef notyet
+ DSA *dsa;
+#endif
+
+ if ((fp = fopen(identity_file, "r")) == NULL)
+ fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
+ if ((rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL)) != NULL) {
+ *k = key_new(KEY_UNSPEC);
+ (*k)->type = KEY_RSA;
+ (*k)->rsa = rsa;
+ fclose(fp);
+ return;
+ }
+#if notyet /* OpenSSH 0.9.8 lacks this function */
+ rewind(fp);
+ if ((dsa = PEM_read_DSA_PUBKEY(fp, NULL, NULL, NULL)) != NULL) {
+ *k = key_new(KEY_UNSPEC);
+ (*k)->type = KEY_DSA;
+ (*k)->dsa = dsa;
+...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...e_type(int type, const char
*filename, const char *passphrase,
?
?int
?sshkey_load_private(const char *filename, const char *passphrase,
-??? struct sshkey **keyp, char **commentp)
+??? struct sshkey **keyp, char **commentp, struct sshkey_vault
**vault_infop)
?{
??? ?return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase,
-?? ???? keyp, commentp);
+?? ???? keyp, commentp, vault_infop);
?}
?
?int
?sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
-??? struct sshkey **keyp, char **commentp)
+??? struct sshkey **keyp, char **commentp, struct sshkey_vault
**vault_infop)
?{
???...
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2015 Jun 23
2
Call for testing: OpenSSH 6.9
...(struct hostkey_foreach_line *l, void *_ctx)
#ifndef WITH_SSH1
if (parse_key && (expected->l.keytype == KEY_RSA1 ||
- expected->no_parse_keytype == KEY_RSA1)) {
+ expected->no_parse_keytype == KEY_RSA1)) {
expected_status = HKF_STATUS_INVALID;
expected_keytype = KEY_UNSPEC;
parse_key = 0;
}
#endif
+#ifndef WITH_OPENSSL
+ if (expected->l.keytype == KEY_RSA ||
+ expected->no_parse_keytype == KEY_RSA ||
+ expected->l.keytype == KEY_DSA ||
+ expected->no_parse_keytype == KEY_DSA) {
+ expected_status = HKF_STATUS_INVALID;
+ expected_keytyp...
2015 Jun 05
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
...somewhere
inside the line being parsed. It cannot be freed itself.
>--- sshconnect2.c 29 May 2011 11:42:34 -0000 1.180
>+++ sshconnect2.c 30 Dec 2011 09:27:33 -0000
>@@ -1323,8 +1323,11 @@ load_identity_file(char *filename)
> return NULL;
> }
> private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok);
>- if (!perm_ok)
>+ if (!perm_ok) {
>+ if (private != NULL)
>+ key_free(private);
This code has been refactored and the leak eliminated.
>@@ -1892,9 +1895,9 @@ authmethod_get(char *authlist)
> xfree(name);
> return curren...
2001 Feb 21
0
Private key files closed twice --
...:24 2001
+++ authfile.c Tue Feb 20 19:27:20 2001
@@ -446,6 +446,7 @@
fp = fdopen(fd, "r");
if (fp == NULL) {
error("fdopen failed");
+ close(fd);
return 0;
}
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
@@ -536,10 +537,11 @@
case KEY_RSA:
case KEY_UNSPEC:
ret = load_private_key_ssh2(fd, passphrase, key, comment_return);
+ break;
default:
+ close(fd);
break;
}
- close(fd);
return ret;
}
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list,
I have no idea if Damien Miller had the time to work on that.
I have an initial patch to authenticate using PKCS#11 and ECDSA keys.
This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the
required interfaces to override the signature function pointer for ECDSA.
The only limitation is that the OpenSSL API misses some cleanup function
(finish, for instance), hence I have yet
2012 Nov 24
0
ssh-keyscan continuity patch --
...quot;);
+ if (hostkeyalg == NULL) {
+ if (k->server)
+ fatal("bad '%.100s' hostkey alg request from %.200s", client, get_remote_ipaddr());
+ else
+ fatal("no '%.100s' hostkey alg(s) for %.200s", client, get_remote_ipaddr());
+ }
+/*
+ * Note that if KEY_UNSPEC is returned, BOTH the client and the server
+ * have the same bad key string.
+ */
k->hostkey_type = key_type_from_name(hostkeyalg);
if (k->hostkey_type == KEY_UNSPEC)
- fatal("bad hostkey alg '%s'", hostkeyalg);
+ fatal("unknown hostkey alg '%s'", ho...
2001 Mar 07
1
patch to select pkalg
Suppose an SSH server has both RSA and DSA host keys for protocol 2, but I
only have the DSA key, and I want to use that. I'm stuck; the OpenSSH client
is hard-wired to offer both algorithms in the key exchange, and will select
ssh-rsa if it's available (see myproposal.h, KEX_DEFAULT_PK_ALG).
Below is a patch adding the client configuration option "PKAlgorithms" for
this
2016 Oct 08
6
[Bug 2623] New: AuthorizedKeysFile split pub key and signature with tab `\t` not work.
https://bugzilla.mindrot.org/show_bug.cgi?id=2623
Bug ID: 2623
Summary: AuthorizedKeysFile split pub key and signature with
tab `\t` not work.
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: