search for: rsa_free

...lowing patch to the sshd code, a quick test with an ssh session worked: --- sshd.c~ Sat May 6 22:03:20 2000 +++ sshd.c Mon May 15 12:04:34 2000 @@ -404,9 +404,12 @@ destroy_sensitive_data(void) { /* Destroy the private and public keys. They will no longer be needed. */ - RSA_free(public_key); - RSA_free(sensitive_data.private_key); - RSA_free(sensitive_data.host_key); + if (public_key != NULL) + RSA_free(public_key); + if (sensitive_data.private_key != NULL) + RSA_free(sensitive_data.private_key); + if (sensitive_dat...

...ation. In Makefile there is defined LIBS=$(LIBCRYPTO), but the problem is that the version of OpenSSL that I'm using holds only the version LIBCRYPT. When adding LIBCRYPT to the Makefile I get: sshd.elf2flt: In function `key_regeneration_alarm': /.../ssh/sshd.c:252: undefined reference to `RSA_free' /.../ssh/sshd.c:253: undefined reference to `RSA_new' /.../ssh/sshd.c:256: undefined reference to `RSA_free' /.../ssh/sshd.c:257: undefined reference to `RSA_new' sshd.elf2flt: In function `destroy_sensitive_data': /.../ssh/sshd.c:399: undefined reference to `RSA_free' /......

...pe res_crypto.c:484: dereferencing pointer to incomplete type res_crypto.c:484: dereferencing pointer to incomplete type res_crypto.c:487: dereferencing pointer to incomplete type res_crypto.c:490: dereferencing pointer to incomplete type res_crypto.c:491: warning: implicit declaration of function `RSA_free' res_crypto.c:491: dereferencing pointer to incomplete type res_crypto.c:492: warning: implicit declaration of function `free' res_crypto.c:454: warning: `nkey' might be used uninitialized in this function res_crypto.c: In function `show_keys': res_crypto.c:516: dereferencing point...

https://bugzilla.mindrot.org/show_bug.cgi?id=1506 Summary: rationalize agent behavior on smartcard removal/reattachment Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

Playing around with the [wonderful] GSS-API patches for OpenSSH [1] I noticed that there is a bit of functionality missing from OpenSSH/GSS-API, namely that authorized_keys2 has no meaning when using GSS authentication. Yes, ~/.k5login can be used to grant access to an account for applications that support Kerberos, as does OpenSSH with those GSS patches, but .k5login does not and cannot provide

...BIO_read' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_certificate_type' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_MD_CTX_copy' /usr/local/ssl/lib/libssl.so: undefined reference to `ASN1_INTEGER_get' /usr/local/ssl/lib/libssl.so: undefined reference to `RSA_free' /usr/local/ssl/lib/libssl.so: undefined reference to `d2i_DHparams' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_int_ctrl' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_f_buffer' /usr/local/ssl/lib/libssl.so: undefined reference to `ERR_get_error' /usr/...

..._NAME_PAT)) { + /* + if (ret->name != NULL) + xfree(ret->name); + */ + ret->name = k->name; + ret->name_type = k->name_type; + k->name = NULL; + k->name_type = NULL; + success = 1; + } else if (ret->type == KEY_RSA) { if (ret->rsa != NULL) RSA_free(ret->rsa); ret->rsa = k->rsa; @@ -488,7 +621,7 @@ } } else if ((key->type == KEY_DSA && key->dsa != NULL) || (key->type == KEY_RSA && key->rsa != NULL)) { - int len, n; + u_int len, n; u_char *blob, *uu; key_to_blob(key, &blob, &le...

...et->name); + */ + ret->name = k->name; + ret->name_len = k->name_len; + ret->name_type = k->name_type; + k->name = NULL; + k->name_type = NULL; + k->name_len = 0; + success = 1; + } else if (ret->type == KEY_RSA) { if (ret->rsa != NULL) RSA_free(ret->rsa); ret->rsa = k->rsa; @@ -487,7 +620,7 @@ } } else if ((key->type == KEY_DSA && key->dsa != NULL) || (key->type == KEY_RSA && key->rsa != NULL)) { - int len, n; + u_int len, n; u_char *blob, *uu; key_to_blob(key, &blob, &le...

...SSH_CMSG_USER); /* Get the user name. */ ! user = packet_get_string((unsigned int*)&ulen); packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); /* Destroy the private and public keys. They will no longer be needed. */ *************** *** 997,1002 **** --- 1002,1008 ---- RSA_free(sensitive_data.host_key); setproctitle("%s", user); + /* Do the authentication. */ do_authentication(user); } *************** *** 1084,1089 **** --- 1090,1099 ---- { struct passwd *pw, pwcopy; + #ifdef _AIX + char *loginmsg; + #endif + #ifdef AFS /* If machin...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the