search for: with_openssl

Displaying 20 results from an estimated 30 matches for "with_openssl".

2015 Jun 23
2
Call for testing: OpenSSH 6.9
...thout OpenSSL. Here's a first attempt at the unit tests: diff --git a/regress/unittests/bitmap/tests.c b/regress/unittests/bitmap/tests.c index 23025f9..2271e94 100644 --- a/regress/unittests/bitmap/tests.c +++ b/regress/unittests/bitmap/tests.c @@ -27,6 +27,7 @@ void tests(void) { +#ifdef WITH_OPENSSL struct bitmap *b; BIGNUM *bn; size_t len; @@ -131,5 +132,6 @@ tests(void) bitmap_free(b); BN_free(bn); TEST_DONE(); +#endif /* WITH_OPENSSL */ } diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 2eaaf06..da0e353 100644 --- a/regr...
2018 Nov 19
2
[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
OpenSSL 1.1.0 has deprecated this function. --- configure.ac | 1 + openbsd-compat/openssl-compat.c | 2 ++ openbsd-compat/openssl-compat.h | 4 ++++ 3 files changed, 7 insertions(+) diff --git a/configure.ac b/configure.ac index 3f7fe2cd..db2aade8 100644 --- a/configure.ac +++ b/configure.ac @@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then ])
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi, OpenSSH 6.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is
2015 Apr 22
2
non-openssl build fixes
The attached patches fixes and cleans up the build when configured with --without-openssl. Summary: * Fix KEX_SERVER_ENCRYPT macro in myproposal.h * Fix unresolved symbols in ssh-keygen.c * Isolate openssl code and extend WITH_OPENSSL wrappers around it * Make ed25519 default key type in ssh-keygen when configured --without-openssl -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-myproposal.h-fix-newline-in-KEX_SERVER_ENCRYPT.patch Type: text/x-patch Size: 992 bytes Desc: not available URL...
2020 Jan 16
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
...ly.c b/cipher-chachapoly.c index a58616fb..7e6995f6 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c @@ -109,7 +109,14 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) { #if defined(WITH_OPENSSL) && defined(HAVE_EVP_CHACHA20) +#if defined(LIBRESSL_VERSION_NUMBER) +#define CHACHA_IV_OFFSET 4 + u_char seqbuf[12]; +#else +#define CHACHA_IV_OFFSET 8 + /* OpenSSL IV contains also the counter in the first 4 bytes */ u_char seqbuf[16]; +#endif int r = SSH_ERR_LIBCRYPTO_ERROR; #else...
2015 Mar 03
2
configure and have crypt or DES_crypt
Hello, With current portable master source tree HAVE_CRYPT and HAVE_DES_CRYPT are not defined. It seems to me this is regression introduced with implementation of configure options --with-openssl. Impacted code is in xcrypt.c: ... # if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) # include <openssl/des.h> # define crypt DES_crypt # endif ... Only above preprocessor statement use defines HAVE_CRYPT and HAVE_DES_CRYPT. Configure script look like ( if with OpenSSL then .... else ... AC_CHE...
2016 Aug 03
2
Configure option '--with-ssh1' breaks openssh-7.3p1
OK, with this additional information I can now reproduce it. Based on some quick experiments it seems to be triggered when sshd is built --with-ssh1 and the config does not *load* a Protocol 1 host key. Works: Protocol=1,2 + Hostkey not specified Protocol=1,2 + Hostkeys for both protocols specified. Doesn't work: Protocol=2 + Hostkey not specified. Protocol=1,2 + Hostkeys specified only for
2015 Feb 19
3
[PATCH] Unbreak compilation with --without-ssh1
Hi, Patch attached for $SUBJECT. ismail
2018 Apr 18
3
[PATCH] configure.ac/cipher.c: Check for OpenSSL with EVP_des_ede3_cbc
...iver.com> --- cipher.c | 2 ++ configure.ac | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/cipher.c b/cipher.c index c3cd5dc..41dacfb 100644 --- a/cipher.c +++ b/cipher.c @@ -82,7 +82,9 @@ struct sshcipher { static const struct sshcipher ciphers[] = { #ifdef WITH_OPENSSL +#ifdef OPENSSL_HAVE_DES { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, +#endif { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc }, { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc }, { "aes256-cbc", 16, 32, 0, 0, CFLAG_...
2019 Nov 27
2
[PATCH] remove stray `;` after function definitions
...eezero(r, sizeof(*r)); -}; +} static void sshsk_free_sign_response(struct sk_sign_response *r) @@ -163,7 +163,7 @@ sshsk_free_sign_response(struct sk_sign_response *r) freezero(r->sig_r, r->sig_r_len); freezero(r->sig_s, r->sig_s_len); freezero(r, sizeof(*r)); -}; +} #ifdef WITH_OPENSSL /* Assemble key from response */ -- 2.24.0
2024 Aug 06
1
[PATCH] Add SM3 secure hash algorithm
...+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "includes.h" + +#ifndef WITH_OPENSSL + +#include <sys/types.h> +#include <string.h> +#include "sm3.h" + +/* ENDIAN SPECIFIC COPY MACROS */ +#define BE_8_TO_32(dst, cp) \ + (dst) = (u_int32_t)(cp)[3] | ((u_int32_t)(cp)[2] << 8) | \ + ((u_int32_t)(cp)[1] << 16) | ((u_int32_t)(cp)[0] << 24...
2024 Aug 07
1
[PATCH] Add SM3 secure hash algorithm
...LIABILITY, WHETHER IN CONTRACT, STRICT > + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > + * SUCH DAMAGE. > + */ > + > +#include "includes.h" > + > +#ifndef WITH_OPENSSL > + > +#include <sys/types.h> > +#include <string.h> > +#include "sm3.h" > + > +/* ENDIAN SPECIFIC COPY MACROS */ > +#define BE_8_TO_32(dst, cp) \ > + (dst) = (u_int32_t)(cp)[3] | ((u_int32_t)(cp)[2] << 8) | \ > + ((u_int32_t)(cp)[1] &...
2015 Feb 25
6
Current 6.8 git build issues on HP-UX
On Tue, 24 Feb 2015, Darren Tucker wrote: | On Tue, Feb 24, 2015 at 3:11 PM, Kevin Brott <kevin.brott at gmail.com> wrote: | | > [...] | > "cipher-aesctr.c", line 30: warning #2260-D: explicit type is missing | > ("int" assumed) | > static inline void | > | | does replacing "inline" with "__inline__" work? Failing that,
2015 Apr 23
16
[Bug 2388] New: build fixups for --without-openssl
...Reporter: reubenhwk at gmail.com Created attachment 2599 --> https://bugzilla.mindrot.org/attachment.cgi?id=2599&action=edit git format-patch origin/master Summary: * Fix KEX_SERVER_ENCRYPT macro in myproposal.h * Fix unresolved symbols in ssh-keygen.c * Isolate openssl code and extend WITH_OPENSSL wrappers around it * Make ed25519 default key type in ssh-keygen when configured --without-openssl The attached patches apply to master (commit id 70860b6) -- You are receiving this mail because: You are watching the assignee of the bug.
2019 Jan 17
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
On some cpu's optimized chacha implementation in openssl (1.1.0+) is notably faster (and on others it is just faster) than generic C implementation in openssh. Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses different scheme (with padding/etc - see rfc8439) and it looks it is not possible to use in openssh. OpenSSL 1.1.1+ also exports "raw" poly1305 primitive,
2017 Feb 16
1
Issue with ssh-keygen
On Wed, Feb 15, 2017 at 9:50 PM, Kelly Dunlop <kdunlop at guralp.com> wrote: > > > Hi, > > I am running openssh7.3p1 on an embedded Linux system and discovered this problem. > > If I run: > > ssh-keygen -t rsa1 -f testfile > > it appears to generate the key and I get the output: > > Generating public/private rsa1 key pair. >
2017 Feb 16
2
Issue with ssh-keygen
...supported key type". diff --git a/sshkey.c b/sshkey.c index 4768790..f45e239 100644 --- a/sshkey.c +++ b/sshkey.c @@ -89,7 +89,9 @@ static const struct keytype keytypes[] = { { "ssh-ed25519-cert-v01 at openssh.com", "ED25519-CERT", KEY_ED25519_CERT, 0, 1 }, #ifdef WITH_OPENSSL +# ifdef WITH_SSH1 { NULL, "RSA1", KEY_RSA1, 0, 0 }, +# endif { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, # ifdef OPENSSL_HAS_ECC -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880...
2023 Sep 03
1
[patch] ssh-keygen(1): generate Ed25519 keys when invoked without arguments
...============================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.470 diff -u -p -r1.470 ssh-keygen.c --- ssh-keygen.c 17 Jul 2023 04:01:10 -0000 1.470 +++ ssh-keygen.c 3 Sep 2023 21:29:12 -0000 @@ -61,11 +61,7 @@ #include "ssh-pkcs11.h" #endif -#ifdef WITH_OPENSSL -# define DEFAULT_KEY_TYPE_NAME "rsa" -#else -# define DEFAULT_KEY_TYPE_NAME "ed25519" -#endif +#define DEFAULT_KEY_TYPE_NAME "ed25519" /* * Default number of bits in the RSA, DSA and ECDSA keys. These value can be @@ -252,7 +248,7 @@ ask_filename(struct passwd *...
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...200 +++ openssh.cert_shadow/sshkey.c 2015-07-26 13:55:40.978410299 +0200 @@ -324,6 +324,48 @@ sshkey_is_cert(const struct sshkey *k) return sshkey_type_is_cert(k->type); } +/* TODO: Please review carefully */ +int +sshkey_is_private(const struct sshkey *k) +{ + switch (k->type) { +#ifdef WITH_OPENSSL + case KEY_RSA1: + case KEY_RSA: + case KEY_RSA_CERT_V00: + case KEY_RSA_CERT: + if (k->rsa && k->rsa->d && k->rsa->q && k->rsa->p && + k->rsa->iqmp && + !BN_is_zero(k->rsa->d) && + !BN_is_zero(k->rsa->q)...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...t type, ??? ??? ?*keyp = prv; ??? ??? ?prv = NULL; ??? ?} +?? ?if (vault_infop != NULL) { +?? ??? ?*vault_infop = vault_info; +?? ??? ?vault_info = NULL; +?? ?} ? out: ??? ?BIO_free(bio); ??? ?EVP_PKEY_free(pk); ??? ?sshkey_free(prv); +?? ?sshkey_vault_free(vault_info); ??? ?return r; ?} ?#endif /* WITH_OPENSSL */ ? ?int ?sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, -??? const char *passphrase, struct sshkey **keyp, char **commentp) +??? const char *passphrase, struct sshkey **keyp, char **commentp, struct sshkey_vault **vault_infop) ?{ ??? ?int r = SSH_ERR_INTERNAL_ERROR; ? @@ -4632,...