search for: sshbuf_new

...pher->flags & CFLAG_NONE) != 0; Index: sshbuf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshbuf.c,v diff -u -p -u -p -r1.19 sshbuf.c --- sshbuf.c 2 Dec 2022 04:40:27 -0000 1.19 +++ sshbuf.c 13 Aug 2024 16:46:00 -0000 @@ -91,7 +91,7 @@ sshbuf_new(void) { struct sshbuf *ret; - if ((ret = calloc(sizeof(*ret), 1)) == NULL) + if ((ret = calloc(1, sizeof(*ret))) == NULL) return NULL; ret->alloc = SSHBUF_SIZE_INIT; ret->max_size = SSHBUF_SIZE_MAX; @@ -111,7 +111,7 @@ sshbuf_from(const void *blob, size_t len struct sshbuf *ret;...

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

...ZE_INIT if buf->alloc != SSHBUF_SIZE_INIT, which can put buf in an inconsistent state if buf->max_size < SSHBUF_SIZE_INIT, because it will make buf->alloc > buf->max_size true, which will trigger an error with a next call to sshbuf_check_sanity(). For example, struct sshbuf *buf = sshbuf_new(); sshbuf_set_max_size(buf, 100); sshbuf_reset(buf); will lead to SSH_ERR_INTERNAL_ERROR. This code is of course just for demonstration, but the thing is that an sshbuf object can be put into invalid state through its public API. Or it is just assumed that no one will ever set ->max_size to a va...

...couple of questions arose while I was investigating it, and I guess this is the place where I can find answers. 1. There are a lot of allocations, even for short lived objects like sshbufs and sshkeys. Creating an sshbuf always requires at least one allocation, two allocations if it is created with sshbuf_new(). There are a lot of times when they are allocated and freed within the same function. Same thing with bitmaps. What is the reason behind not allocating them on the stack? 2. A lot of stuff in sshbuf's functions is checked against max_size. What is the reason behind setting the max_size in the...

Hello, I noticed a problem recently when running some test code against the OpenSSH 7.6p1 ssh-agent. These tests ran fine against OpenSSH 7.5p1 and earlier, but with OpenSSH 7.6p1, they were suddenly causing ssh-agent to exit. The request being made was a ?sign? request, and the point of the test was to have the sign operation fail. To trigger this, I was passing in an invalid key blob

...r = NULL; - int r, fd; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((fd = open(filename, O_RDONLY)) == -1) - return SSH_ERR_SYSTEM_ERROR; - if (sshkey_perm_ok(fd, filename) != 0) { - r = SSH_ERR_KEY_BAD_PERMISSIONS; - goto out; - } - - if ((buffer = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_load_file(fd, buffer)) != 0 || - (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp, - commentp)) != 0) - goto out; - if (keyp && *keyp && - (r = sshkey_set_filename(*keyp, filename)) !...

OpenSSL 1.1.0 has deprecated this function. --- configure.ac | 1 + openbsd-compat/openssl-compat.c | 2 ++ openbsd-compat/openssl-compat.h | 4 ++++ 3 files changed, 7 insertions(+) diff --git a/configure.ac b/configure.ac index 3f7fe2cd..db2aade8 100644 --- a/configure.ac +++ b/configure.ac @@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then ])

...>> ssh-agent to exit. > > Sorry, I've committed this fix: > > > diff --git a/ssh-agent.c b/ssh-agent.c > index 9693722..0c88ab1 100644 > --- a/ssh-agent.c > +++ b/ssh-agent.c > @@ -272,8 +272,11 @@ process_sign_request2(SocketEntry *e) > fatal("%s: sshbuf_new failed", __func__); > if ((r = sshkey_froms(e->request, &key)) != 0 || > (r = sshbuf_get_string_direct(e->request, &data, &dlen)) != 0 || > - (r = sshbuf_get_u32(e->request, &flags)) != 0) > - fatal("%s: buffer error: %s", __func__, ssh...

https://bugzilla.mindrot.org/show_bug.cgi?id=3068 Bug ID: 3068 Summary: Duplicate code in sshkey_load_private() function Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Windows 10 Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

Hi, I have a question regarding the binary format of the certificates generated with ssh-keygen, in particular when the critical options of source-address or force-command are present and the correspondence to the certificate format specifications such as http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD . It appears that the string values of the source-address

I hacked zstd support into OpenSSH a while ago and just started to clean it up in the recent days. The cleanup includes configuration support among other things that I did not have. During testing I noticed the following differences compared to zlib: - highly interactive shell output (as in refreshed at a _very_ high rate) may result in higher bandwidth compared to zlib. Since zstd is quicker

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a

I added ZSTD support to OpenSSH roughly over a year and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

...((r = rsa_private_decrypt(challenge, challenge, private->rsa) != 0)) { @@ -380,7 +428,7 @@ process_sign_request2(SocketEntry *e) u_int compat = 0, flags; int r, ok = -1; struct sshbuf *msg; - struct sshkey *key; + struct sshkey *key, *sign_key; struct identity *id; if ((msg = sshbuf_new()) == NULL) @@ -403,7 +451,12 @@ process_sign_request2(SocketEntry *e) verbose("%s: user refused key", __func__); goto send; } - if ((r = sshkey_sign(id->key, &signature, &slen, + + if (id->shadowed_key) + sign_key = id->shadowed_key->key; + else + sign_key =...

Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private

...const char *file, const char *engine, + const char *pin, u_int lifetime, u_int confirm, + u_int maxsign) +{ + struct sshbuf *msg; + int r, constrained = (lifetime || confirm); + u_char type = constrained ? SSH_AGENTC_ADD_ENGINE_KEY_CONSTRAINED : + SSH_AGENTC_ADD_ENGINE_KEY; + + msg = sshbuf_new(); + if (!msg) + return SSH_ERR_ALLOC_FAIL; + r = sshbuf_put_u8(msg, type); + if (r) + goto out; + r = sshbuf_put_cstring(msg, engine); + if (r) + goto out; + r = sshbuf_put_cstring(msg, file); + if (r) + goto out; + r = sshbuf_put_cstring(msg, pin); + if (r) + goto out; + if (constrained) { +...

Hi, OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a feature release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at