summaryrefslogtreecommitdiffstats
path: root/ssh-agent.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Move prctl PR_SET_DUMPABLE into platform.c.Darren Tucker2016-06-091-8/+1
| | | | | This should make it easier to add additional platform support such as Solaris (bz#2584).
* upstream commitdjm@openbsd.org2016-05-021-7/+8
| | | | | | | | fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
* upstream commitdtucker@openbsd.org2016-02-161-1/+2
| | | | | | | Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while. Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
* Support Illumos/Solaris fine-grained privilegesDamien Miller2016-01-081-0/+1
| | | | | | | Includes a pre-auth privsep sandbox and several pledge() emulations. bz#2511, patch by Alex Wilson. ok dtucker@
* upstream commitdoug@openbsd.org2015-12-181-2/+2
| | | | | | | | | | | Add "id" to ssh-agent pledge for subprocess support. Found the hard way by Jan Johansson when using ssh-agent with X. Also, rearranged proc/exec and retval to match other pledge calls in the tree. ok djm@ Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
* upstream commitdtucker@openbsd.org2015-12-181-1/+2
| | | | | | | | fflush stdout so that output is seen even when running in debug mode when output may otherwise not be flushed. Patch from dustin at null-ptr.net. Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
* upstream commitdjm@openbsd.org2015-12-111-3/+3
| | | | | | correct error messages; from Tomas Kuthan bz#2507 Upstream-ID: 7454a0affeab772398052954c79300aa82077093
* upstream commitmarkus@openbsd.org2015-12-071-2/+14
| | | | | | | | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
* upstream commitdoug@openbsd.org2015-12-041-2/+2
| | | | | | | | | Add "cpath" to the ssh-agent pledge so the cleanup handler can unlink(). ok djm@ Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
* upstream commitdjm@openbsd.org2015-12-041-2/+2
| | | | | | ssh-agent pledge needs proc for askpass; spotted by todd@ Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
* upstream commitdjm@openbsd.org2015-12-041-1/+4
| | | | | | basic pledge() for ssh-agent, more refinement needed Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
* upstream commitmarkus@openbsd.org2015-07-151-4/+1
| | | | | | no need to include the old buffer/key API Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
* conditionalise util.h inclusionDamien Miller2015-05-211-1/+3
|
* upstream commitdtucker@openbsd.org2015-05-211-13/+40
| | | | | | | | | | Use a salted hash of the lock passphrase instead of plain text and do constant-time comparisons of it. Should prevent leaking any information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s incrementing delay for each failed unlock attempt up to 10s. ok markus@ (earlier version), djm@ Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
* upstream commitjmc@openbsd.org2015-04-291-2/+2
| | | | combine -Dd onto one line and update usage();
* upstream commitdjm@openbsd.org2015-04-291-8/+15
| | | | | add ssh-agent -D to leave ssh-agent in foreground without enabling debug mode; bz#2381 ok dtucker@
* upstream commitderaadt@openbsd.org2015-04-291-2/+2
| | | | | rename xrealloc() to xreallocarray() since it follows that form. ok djm
* upstream commitdjm@openbsd.org2015-03-051-3/+3
| | | | make ssh-add -D work with !SSH1 agent
* fix merge both that broke --without-ssh1 compileDamien Miller2015-03-031-3/+1
|
* upstream commitdjm@openbsd.org2015-03-031-1/+3
| | | | | add SSH1 Makefile knob to make it easier to build without SSH1 support; ok markus@
* upstream commitdjm@openbsd.org2015-01-291-2/+3
| | | | | update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
* upstream commitderaadt@openbsd.org2015-01-161-3/+5
| | | | | | | | | | Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* upstream commitdjm@openbsd.org2015-01-151-14/+23
| | | | | | fix small regression: ssh-agent would return a success message but an empty signature if asked to sign using an unknown key; ok markus@
* more --without-opensslDamien Miller2015-01-141-0/+2
| | | | | | fix some regressions caused by upstream merges enable KRLs now that they no longer require BIGNUMs
* upstream commitmarkus@openbsd.org2015-01-141-212/+308
| | | | switch to sshbuf/sshkey; with & ok djm@
* upstream commitjmc@openbsd.org2014-12-221-3/+3
| | | | tweak previous;
* upstream commitdjm@openbsd.org2014-12-211-4/+11
| | | | | | | | Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* upstream commitkrw@openbsd.org2014-11-241-1/+1
| | | | | | Nuke more obvious #include duplications. ok deraadt@ millert@ tedu@
* - dtucker@cvs.openbsd.org 2014/07/25 21:22:03Damien Miller2014-07-301-1/+2
| | | | | | | | [ssh-agent.c] Clear buffer used for handling messages. This prevents keys being left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
* - djm@cvs.openbsd.org 2014/07/18 02:46:01Damien Miller2014-07-181-1/+4
| | | | | | [ssh-agent.c] restore umask around listener socket creation (dropped in streamlocal patch merge)
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-20/+3
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/07/03 03:11:03Damien Miller2014-07-031-1/+9
| | | | | | | | [ssh-agent.c] Only cleanup agent socket in the main agent process and not in any subprocesses it may have started (e.g. forked askpass). Fixes agent sockets being zapped when askpass processes fatal(); bz#2236 patch from Dmitry V. Levin
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-8/+16
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller2014-05-151-1/+11
| | | | | | | | | | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* - deraadt@cvs.openbsd.org 2014/03/15 17:28:26Damien Miller2014-04-201-10/+5
| | | | | | | | | [ssh-agent.c ssh-keygen.1 ssh-keygen.c] Improve usage() and documentation towards the standard form. In particular, this line saves a lot of man page reading time. usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile] ok schwarze jmc
* - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller2014-02-041-3/+3
| | | | | | | | | | | [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
* - markus@cvs.openbsd.org 2014/01/27 19:18:54Damien Miller2014-02-041-7/+9
| | | | | [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] replace openssl MD5 with our ssh_digest_*; ok djm@
* - djm@cvs.openbsd.org 2013/12/19 01:19:41Damien Miller2013-12-291-1/+4
| | | | | | | [ssh-agent.c] bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; ok dtucker
* - markus@cvs.openbsd.org 2013/12/06 13:39:49Damien Miller2013-12-071-1/+2
| | | | | | | | | | | | [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
* - markus@cvs.openbsd.org 2013/12/06 13:34:54Damien Miller2013-12-071-2/+1
| | | | | | | [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by default; details in PROTOCOL.key; feedback and lots help from djm; ok djm@
* - markus@cvs.openbsd.org 2013/12/06 13:30:08Damien Miller2013-12-071-122/+11
| | | | | [authfd.c key.c key.h ssh-agent.c] move private key (de)serialization to key.c; ok djm
* - djm@cvs.openbsd.org 2013/07/20 01:50:20Damien Miller2013-07-201-3/+2
| | | | | | [ssh-agent.c] call cleanup_handler on SIGINT when in debug mode to ensure sockets are cleaned up on manual exit; bz#2120
* - dtucker@cvs.openbsd.org 2013/06/02 13:35:58Darren Tucker2013-06-021-2/+2
| | | | | [ssh-agent.c] Make parent_alive_interval time_t to avoid signed/unsigned comparison
* - dtucker@cvs.openbsd.org 2013/06/01 13:15:52Darren Tucker2013-06-011-6/+6
| | | | | | | | [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c channels.c sandbox-systrace.c] Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* - dtucker@cvs.openbsd.org 2013/05/31 12:28:10Darren Tucker2013-06-011-9/+12
| | | | | [ssh-agent.c] Use time_t where appropriate. ok djm
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-35/+28
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - dtucker@cvs.openbsd.org 2011/06/03 01:37:40Darren Tucker2011-06-031-2/+6
| | | | | | | | [ssh-agent.c] Check current parent process ID against saved one to determine if the parent has exited, rather than attempting to send a zero signal, since the latter won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn Gillmor, ok djm@
* - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]Damien Miller2011-05-051-1/+0
| | | | | | | | | [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.
* - djm@cvs.openbsd.org 2010/11/21 01:01:13Damien Miller2010-12-011-2/+2
| | | | | | [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c] honour $TMPDIR for client xauth and ssh-agent temporary directories; feedback and ok markus@
* - (djm) [ssh-agent.c] Fix type for curve name.Damien Miller2010-10-071-1/+1
|