Commit Graph

70 Commits

Author SHA1 Message Date
Damien Miller
42c5ec4b97 refactor libcrypto initialisation
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().

Prompted by patch from Rosen Penev
2018-11-23 10:42:05 +11:00
Damien Miller
859754bdeb remove remaining references to SSLeay
Prompted by Rosen Penev
2018-10-23 17:10:41 +11:00
Damien Miller
120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
Darren Tucker
389125b25d Replace remaining mysignal() with signal().
These seem to have been missed during the replacement of mysignal
with #define signal in commit 5ade9ab.  Both include the requisite
headers to pick up the #define.
2018-02-15 22:06:26 +11:00
Damien Miller
72ef7c148c support --without-openssl at configure time
Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.

Considered highly experimental for now.
2015-01-15 02:28:36 +11:00
Damien Miller
8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
2014-07-02 15:28:02 +10:00
Darren Tucker
316fac6f18 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
   Move the OpenSSL header/library version test into its own function and add
   tests for it. Fix it to allow fix version upgrades (but not downgrades).
   Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
   ok djm@ chl@
2014-06-17 23:06:07 +10:00
Damien Miller
4d55734c16 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@
2012-03-30 11:34:27 +11:00
Damien Miller
f22019bdbf - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@ for testing on affected platforms.
2011-05-05 13:48:37 +10:00
Damien Miller
ff22df538e - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
gcc warning on platforms where it defaults to int
2011-01-13 21:05:27 +11:00
Darren Tucker
a8d51ee307 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include
string.h to prevent warnings, from vapier at gentoo.org.
2007-03-13 07:35:38 +11:00
Darren Tucker
23dd658e57 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.
2006-09-28 19:40:20 +10:00
Damien Miller
ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Darren Tucker
ecf28ba7aa - (dtucker) [entropy.c] Needs unistd.h too. 2006-08-05 15:50:20 +10:00
Damien Miller
4cbfe8ebeb - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
2006-08-05 12:49:30 +10:00
Darren Tucker
e0e4aad1fd - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably
others).
2006-07-11 19:01:51 +10:00
Damien Miller
b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Darren Tucker
d82cbcb9da - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. 2006-03-16 07:21:35 +11:00
Darren Tucker
46e7ba5d53 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency 2005-09-28 08:26:30 +10:00
Darren Tucker
c6f8219e0d - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@
2005-09-27 22:46:32 +10:00
Darren Tucker
f1377bdeed - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
calls, since they can't possibly fail.  ok djm@
2005-09-27 19:50:25 +10:00
Damien Miller
b6f72f5294 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
2005-07-17 17:26:43 +10:00
Damien Miller
787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller
a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Ben Lindstrom
5ade9abc37 - (bal) redo how we handle 'mysignal()'. Move it to
openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
   be our 'mysignal' by default.  OK djm@
2003-08-25 01:16:21 +00:00
Damien Miller
c46b6bc4f7 - (djm) A few type mismatch fixes from Bug #565 2003-05-16 15:51:44 +10:00
Ben Lindstrom
5a6abdae0f unexpand 2002-06-09 19:41:48 +00:00
Tim Rice
f02dccc0dc [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0).
entropy.c needs seteuid(getuid()) for the setuid(original_uid) to succeed.
Patch by gert@greenie.muc.de. This fixes one part of Bug 208
2002-04-21 11:26:10 -07:00
Damien Miller
a370f4dcc6 - (djm) Avoid SIGCHLD breakage when run from rsync. Fix from
Sturle Sunde <sturle.sunde@usit.uio.no>
2002-04-18 22:53:22 +10:00
Kevin Steves
581930735a - (stevesk) entropy.c: typo in debug message 2002-03-11 00:16:34 +00:00
Damien Miller
6c21c51c48 - (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
   - Rework cryptographic random number support detection. We now detect
     whether OpenSSL seeds itself. If it does, then we don't bother with
     the ssh-rand-helper program. You can force the use of ssh-rand-helper
     using the --with-rand-helper configure argument
   - Simplify and clean up ssh-rand-helper configuration
2002-01-22 21:57:53 +11:00
Damien Miller
62116dcc0a - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
solar@openwall.com
 - (djm) Rework entropy code. If the OpenSSL PRNG is has not been
   internally seeded, execute a subprogram "ssh-rand-helper" to obtain
   some entropy for us. Rewrite the old in-process entropy collecter as
   an example ssh-rand-helper.
 - (djm) Always perform ssh_prng_cmds path lookups in configure, even if
   we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-24 01:41:47 +11:00
Damien Miller
2ab5924d1f - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
a fast UltraSPARC.
2001-08-06 16:51:49 +10:00
Damien Miller
79b332dd67 - (djm) Fix a few warnings the above turned up 2001-06-27 23:36:08 +10:00
Damien Miller
60bc517356 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
do it implicitly.
2001-03-19 09:38:15 +11:00
Damien Miller
d0ccb989c2 - Allow PRNGd entropy collection from localhost TCP socket. Replace
"--with-egd-pool" configure option with "--with-prngd-socket" and
   "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
   <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2001-03-04 00:29:20 +11:00
Damien Miller
3456d32a92 avoid warning 2001-02-27 11:00:52 +11:00
Damien Miller
248131ae99 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
<markm@swoon.net>
2001-02-27 09:47:16 +11:00
Damien Miller
767c7fc27c - (djm) fatal() on OpenSSL version mismatch 2001-02-27 09:20:57 +11:00
Damien Miller
fbd884a80d - (djm) Fix up POSIX saved uid support. Report from Mark Miller
<markm@swoon.net>
 - (djm) Search for -lcrypt on FreeBSD too
2001-02-27 08:39:07 +11:00
Damien Miller
bb7c976202 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
Based on patch from Tim Rice <tim@multitalents.net>
2001-02-26 20:49:58 +11:00
Kevin Steves
4679f5b94f - (stevesk) entropy.c: typo; should be SIGPIPE 2001-02-18 11:34:32 +00:00
Damien Miller
a1072a8e37 - (djm) Move entropy.c over to mysignal() 2001-02-18 15:28:11 +11:00
Damien Miller
b3ffc5f1d4 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
Todd C. Miller <Todd.Miller@courtesan.com>
2001-02-18 12:44:29 +11:00
Kevin Steves
ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
2001-02-05 12:42:17 +00:00
Ben Lindstrom
cb577331b4 20010123
- (bal) regexp.h typo in configure.in.  Should have been regex.h
 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
2001-01-22 21:06:19 +00:00
Ben Lindstrom
226cfa0378 Hopefully things did not get mixed around too much. It compiles under
Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.
2001-01-22 05:34:40 +00:00
Damien Miller
21de450853 - (djm) Only write random seed file at exit 2001-01-17 09:37:15 +11:00
Damien Miller
d592b63296 give up privs when reading seed file 2000-11-25 10:09:32 +11:00
Damien Miller
52dc96b717 - (djm) Make inability to read/write PRNG seedfile non-fatal 2000-10-16 20:13:43 +11:00