Commit Graph

1666 Commits

Author SHA1 Message Date
vanhu c2c64af1e8 removed a self include 2009-08-17 11:59:10 +00:00
christos 13492ada53 This code is really broken. It allocates struct sockaddr on the stack
and expects to work with IPV6. Tell the hints that we only want IPV4
for now, so that we don't try to bind to an IPV6 address as returned
by getaddrinfo, and then we bash in V4 in the family!
jeez
2009-08-15 01:25:54 +00:00
christos e70d1f0896 don't try to free a buffer that came from the arguments, make a copy instead.
This can happen if we specify --port
2009-08-15 01:03:03 +00:00
vanhu 0667dd70bd fixed a potential DoS in oakley_do_decrypt(), reported by Orange Labs 2009-08-13 09:18:28 +00:00
tteras ea830abf58 Don't print EAGAIN error from pfkey_handler(), it can occur normally
under some code paths and is not a hard error in any case.
2009-08-10 08:22:13 +00:00
tteras c2919dd501 From Paul Wenau: Check fgets return value in setkey to make gcc happy. 2009-08-06 04:44:43 +00:00
christos bb8cb2851b resolve conflicts 2009-08-05 18:38:21 +00:00
christos 86adef1b84 import 20090805 snapshot. 2009-08-05 18:31:57 +00:00
tteras 4180506456 From Paul Wernau: Fix transport mode per-port security associations that
got broke during NAT-T fixes.
2009-08-05 13:16:01 +00:00
joerg 15895248c1 Use OpenSSL's SHA256 support directly. 2009-08-03 20:56:25 +00:00
mrg 03f1126058 set SSHDIST to the new location. HI CHRISTOS! 2009-07-21 00:47:23 +00:00
christos e97383ebc1 Don't lets this linger around forever. Causes hidden bugs. 2009-07-20 22:55:47 +00:00
christos d7ed66ca45 make tests compile! 2009-07-20 20:41:05 +00:00
christos 71cfba1556 ssh has moved (a long time ago) 2009-07-20 17:39:01 +00:00
christos 75efea6592 bump libcrypto and friends; OpenSSL abi change: do_cipher last argument
changed from u_int to size_t. Affects _LP64 only.
2009-07-20 17:30:52 +00:00
christos 35bdca4d17 use the proper libcrypto 2009-07-20 15:48:16 +00:00
christos 58e8878cb5 use the proper libcrypto 2009-07-20 15:43:51 +00:00
christos 9610bc301c make sha256/512 binary compatible with the libc version which we now use. 2009-07-20 15:34:49 +00:00
christos c9c3cfbcf5 catch up with openssl's abi change. do_cipher length changed from u_int to
size_t.
2009-07-20 15:33:44 +00:00
christos 22505a154a add openssl 2009-07-19 23:44:20 +00:00
christos e3aebf9996 new openssl 2009-07-19 23:43:46 +00:00
christos 2e69c03e37 openssl moved 2009-07-19 23:34:00 +00:00
christos 75534b786a Add one more generated file and install in /usr/bin 2009-07-19 23:33:34 +00:00
christos 49d46fa3c8 - add build glue
- apply our changes
2009-07-19 23:30:37 +00:00
christos a89c9211e5 import new openssl snapshot 2009-07-19 23:01:17 +00:00
apb 87c0c2be33 Add missing va_start before varargs processing.
Part of PR 41255 from Kurt Lidl.
2009-07-14 20:54:25 +00:00
tteras aab4a00722 From Arnaud Ebalard: Fix possible usage of uninitialized local variable
(not sure if any code path triggers this, but this makes compiler happy).
2009-07-07 12:25:22 +00:00
agc 51e16c73a5 Move the null file checks for sign/verify/encrypt/decrypt down into the
library itself. Update the regression test script to add some tests.
2009-07-07 01:13:07 +00:00
agc 1eddadf4f7 Add two more items to the TODO list 2009-07-07 01:12:06 +00:00
spz 1513d3badc fix break for non-64bit systems due to non-applying macro resp variable
having crept in with the last patch.
ok martin, compile tested mbalmer and martin
2009-07-05 11:35:53 +00:00
tonnerre a75354f443 Fix various vulnerabilities in OpenSSL which have not previously been
addressed: CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386
and CVE-2009-1387.

Changes deal mostly with size checking of various elements and fixes
to various error paths.
2009-07-04 19:52:10 +00:00
tteras 3d0db58d61 Get rid of the evil CMPSADDR macro. Trac #295. 2009-07-03 06:41:46 +00:00
tteras edd4f79009 From Yvan Vanhullebus: Use SADB_X_EXT_NAT_T_* consistently for passing the
NAT-T port information. This might break compatibility with some kernels,
but as discussed this is the proper way to pass NAT-T ports and the broken
kernels need to be fixed.
2009-07-03 06:40:10 +00:00
agc 0ff3383f59 Check that a filename has been given, where one has required. Fixes a bug
reported by Mark Kirby.
2009-06-30 18:54:20 +00:00
tonnerre f7384c4a6a Add special handling for CBC cipher modes to make them appear less favorable
than CTR modes. Also, in order to avoid creating oracles unnecessarily,
change behavior in various situations from "Drop connection" to "Ignore
packets up to 256kB". This affects CBC mode ciphers only.

Patch from OpenBSD.
2009-06-29 22:52:13 +00:00
tteras a8d702d9b1 Fix a call to null pointer: in some cases, the unmonitor_fd can be called
from another fd's callback. That could lead to still have callback pending
after unmonitoring the fd resulting in a call to null pointer.
This is fixed by making unmonitor_fd now clear the pending fd_set too.
Bug was introduced by my commit in 2008-12-23.
2009-06-24 11:28:48 +00:00
christos f48c7833ea PR/41628: Jukka Salmi: OpenSSL's c_rehash can't find openssl binary 2009-06-23 14:08:02 +00:00
martin 14c9b3749d Actually use the new (non-shortcut) functions for SHA224 2009-06-16 11:15:29 +00:00
joerg a44a031cb3 Don't take short cuts and use the SHA224 functions to compute SHA224.
At least for Final it makes a difference in some situation.
2009-06-14 14:18:35 +00:00
agc f72138f83a Don't complain if $HOME/.gnupg does not exist (and using --homedir).
Don't require a userid to be set in the gpg.conf file - it can be set
on the command line when it's needed (for signing and encryption, the
other operations in netpgp(1) will take the userid from the
signed/encrypted file).

Add tests for the lack of a default userid in the config file.
2009-06-13 05:25:08 +00:00
agc d1923dbd04 add 3 more niggles (from Luke)
check whether a callback function is needed
2009-06-12 04:12:25 +00:00
agc b655c49f3f Update to version 1.99.12
CHANGES 1.99.11 -> 1.99.12

+ only prompt for the passphrase for the secret key if the secret key is
  protected by a passphrase
+ portability fix for Mac OS X
2009-06-11 17:05:17 +00:00
agc 6808773a84 Remove workaround not needed any more. 2009-06-11 06:45:11 +00:00
agc 7478ab55e5 + only prompt for the passphrase for the secret key if the secret key is
protected by a passphrase
2009-06-11 04:57:51 +00:00
lukem 0a833e378f Use grep to search for specific error messages rather than expecting
the entire command stderr to never change.
2009-06-11 02:55:35 +00:00
lukem 87ffa43d9a Run the "diff of expected output" in a separate AT_CHECK instead of
using the 'run-if-pass' section; this correctly detects failure.
2009-06-11 02:48:20 +00:00
lukem b042093ed7 (ab)use --pass-fd to avoid the passphrase prompt 2009-06-11 02:36:38 +00:00
lukem efcb034d7c Use AT_TESTED
Modify the PATH to the build dir instead of hardcoding NETPGP* vars.
2009-06-11 02:28:50 +00:00
lukem 99f0a62f6e two items I want and/or am working on with Al. 2009-06-11 01:17:43 +00:00
agc 9b75345600 CHANGES 1.99.10 -> 1.99.11
+ address keys array from 0 with unsigned indices
+ print results to io->res stream - default to stderr, and set using
	netpgp_setvar(..., "results", filename)
+ __ops_keyid()'s third arg was always the size of the keyid array - no need
  to pass it
+ get rid of the excessive type-checking in packet-show-cast.h, which wasn't
  necessary, and fold all the show routines into packet-show.c
+ introduce a generic __ops_new() and use it for some structure allocation
2009-06-11 01:12:42 +00:00
agc 380fd10dc6 Add netpgpkeys to the programs to build, and list the keys in the current
keyring as another test.
2009-06-10 16:38:21 +00:00
agc 14f8874ae5 Update userland programs to be able to use the "results" file 2009-06-10 16:37:41 +00:00
agc 01f9a2cc5c Add a separate res output stream for results, and print results to it.
This is settable from userlevel by using
	netpgp_setvar(..., "results", filename)
2009-06-10 16:36:23 +00:00
njoly 260e7036e1 Make _PATH_XAUTH use X11BASE prefix again, instead of hard-coded
"/usr/X11R6".
2009-06-10 16:14:29 +00:00
agc ef1ef480a8 Get rid of an unusual architectural construct:
The original code had dynamic arrays indexed by unsigned indices,
except for the array of keys, which was indexed by a signed integer,
and initialised to -1.  Subsequently, when a new id was created, the
index was pre-incremented, and later on, in a different call, the
userid (a different packet) was assigned to the current index. This
has implications for growing the array, for signed comparison checks,
and just general cleanliness.

This change overhauls the construct:  don't special case anything,
just address the array from 0, use unsigned indices same as everything
else, and complain if we get a user id for which we haven't received a
public or secret key.
2009-06-10 16:01:37 +00:00
wiz b0c00dcfa4 Remove duplicate Pp, fix a typo, wording. 2009-06-10 14:38:14 +00:00
agc 7e61309607 CHANGES 1.99.9 -> 1.99.10
+ fix a bug in decryption whereby a bad passphrase would cause a segmentation
  violation
+ fix some regressions in key searching in the underlying find keys routines
+ add C++ declaration protection to the external interface in netpgp.h
+ split out the key management parts of netpgp(1) into netpgpkeys(1)
2009-06-10 00:38:08 +00:00
agc 481090ff86 avoid a double-free of the passphrase 2009-06-09 19:32:11 +00:00
stacktic 806bebc4f9 Fixed strvisx usage 2009-06-09 13:32:46 +00:00
agc cefa0f256e Fix a bug in decryption whereby a bad passphrase would cause a segmentation
violation
2009-06-09 02:19:47 +00:00
agc d69b68cb05 Adapt to the new directory structure 2009-06-09 00:56:15 +00:00
agc 41335e2dda CHANGES 1.99.8 -> 1.99.9
+ make more use of __ops_io_t structure
+ addition of standalone, stripped-down netpgpverify utility
+ addition of test for --list-packets on an empty file
+ bring forward some simplifications from netpgpverify
	+ some name changes
	+ get rid of the increment and then decrement keycount around
	  accumulated data ("it's to do with counting")
	+ then use unsigned integers for the size and counts for the
	  dynamic array of keys, and use the common dynamic array macros
	  for keys in a keyring
	+ if it's a union, let's use it as a union, not a struct
+ modified documentation to correct the --list-packets command (sorry, ver)
+ add a new directory structure for both the distribution and the
  reachover Makefiles. The autotest framework has been partially overhauled
  but more TLC is needed here.
+ add a --pass-fd=n option so that external programs can provide the
  passphrase on a file descriptor without going through the callback,
  requested by joerg
2009-06-09 00:51:00 +00:00
wiz b1c6e76295 Sort options, fix a typo. 2009-06-08 08:02:32 +00:00
agc c24ee81d8d Fix up paths for the reachover Makefile for netpgpverify 2009-06-08 06:29:33 +00:00
agc 9067a616b3 Fix merge botch in test script 2009-06-08 06:19:31 +00:00
agc da8de2a7e7 Add the netpgpverify tests into the test script. 2009-06-08 06:16:34 +00:00
agc b3acd3dbb1 Add a manual page for netpgpverify(1). 2009-06-08 06:15:51 +00:00
agc 1dfa6d3632 Add a reachover Makefile for building the standalone netpgpverify program 2009-06-08 06:13:56 +00:00
agc 953dc192b5 Move to a different directory structure - this is the directory and
Makefile for building the netpgp program.
2009-06-08 06:13:07 +00:00
agc bfb9a93fd0 Add a cut-down, streamlined, stand-alone netpgp verification program. 2009-06-08 06:09:53 +00:00
christos 983ad222a3 handle mkcrypto 2009-06-07 22:44:04 +00:00
christos d8bad821d7 connect openssh 2009-06-07 22:42:31 +00:00
christos 733a2dd888 Add openssh 2009-06-07 22:39:35 +00:00
christos 313c6c94c4 Merge in our changes:
- conditionalize login_cap
- conditionalize bsd_auth
- bring in pam from portable
- restore krb5, krb4, afs, skey
- bring in hpn patches, disable mt aes cipher, keep speedups and cipher none
- add ignore root rhosts option
- fix ctype macro arguments
- umac is broken, disable it
- better ~homedir handling
- netbsd style tunnels
- urandom, xhome, chrootdir, rescuedir NetBSD handling
- utmp/utmpx handling
- handle tty posix_vdisable properly
- handle setuid and unsetuid the posix way instead of setresuid()
- add all missing functions
- add new moduli
- add build glue
2009-06-07 22:38:44 +00:00
christos ca32bd8de9 import 5.2 from ftp.openbsd.org 2009-06-07 22:19:00 +00:00
agc e4c9a22cd7 Add a test for the null list-packets file. 2009-06-07 01:55:02 +00:00
agc 871e03b1c5 Fix an core dump reported by Oliver Gould - if there is no file from which
to read packets to list, fail with a decent error message.
2009-06-07 01:52:48 +00:00
agc 732655c303 Some autoconfig glue around header files inclusion. 2009-06-02 15:10:07 +00:00
agc d21b929e26 CHANGES 1.99.7 -> 1.99.8
+ get rid of __ops_malloc_passphrase() - strdup() works just as well
+ generalise __ops_seckey_forget() to become __ops_forget(), give it a size
  parameter, and make it work on things other than secret keys (passphrases
  for instance)
+ minor struct field enum renaming
+ minor function call renaming
+ add ops_io_t struct to hold pointers to IO streams, and pass it down
  where necessary
2009-05-31 23:26:20 +00:00
agc 393ecd9217 CHANGES 1.99.6 -> 1.99.7
+ added to the regression tests
+ get rid of some magic constants, replace with more obvious names
+ zero out the memory used for a passphrase before freeing it in one place
2009-05-28 01:52:42 +00:00
lukem 2ae31d0241 regenerate 2009-05-28 00:32:07 +00:00
lukem c26604cdeb wrap "copy the test file" in AT_CHECK 2009-05-28 00:29:06 +00:00
lukem 90194f6da2 libtool is in the builddir not the srcdir.
wrap "copy the test file" in AT_CHECK
2009-05-28 00:28:38 +00:00
lukem 47c3c476b0 sort main tests (arguable asthetic benefit) 2009-05-28 00:27:39 +00:00
lukem 8c3a3d0499 add new tests to TESTSUITE_DEPS 2009-05-28 00:27:03 +00:00
agc a95ce5ae7c More tests for netpgp 2009-05-27 22:13:06 +00:00
agc 334e533951 Add tests for detached signature creation and verification, and for
encryption and decryption via netpgp.
2009-05-27 14:42:07 +00:00
lukem 9fe7631b77 Ensure we can't verify an unsigned file
Rename a test filename
Add some comments
2009-05-27 07:00:32 +00:00
lukem 0f17222c1c Provide a passphraseless test key for the testsuite.
Use gpg to import the test key until netpgp's key management is overhauled.

Per discussion with Alistair.
2009-05-27 06:47:57 +00:00
agc d70007f532 CHANGES 1.99.5 -> 1.99.6
+ made --homedir=d consistent with POLS. Default is $HOME/.gnupg, and
  if a directory is specified with --homedir=d, the directory containing
  conf file and keyrings is taken to be "d".
2009-05-27 05:42:24 +00:00
agc 2df14e286f Use a relative path, rather than an absolute one, to find the source 2009-05-27 04:47:08 +00:00
agc 419050018f bump shlib version 2009-05-27 04:46:33 +00:00
lukem b79d450ba1 simplify definition of TESTROOT 2009-05-27 01:54:22 +00:00
agc c64158a1df CHANGES 1.99.4 -> 1.99.5
+ Luke Mewburn completely overhauled the auto tools infrastructure
+ changed signature (hah!) of some netpgp file management prototypes to
  use const char * for file names and user ids, not char * - suggested by
  christos
+ change some of the openpgpsdk display functions to return integer values,
  and send those values back from the netpgp functions - suggested by
  christos
+ rather than passing a shedload of variables to netpgp_init(), get rid
  of them, and set variables using the netpgp_[gs]etvar() interface
+ replace some magic constants with descriptive names
+ use a netpgp variable to skip userid checks if necessary
+ add ability to allow coredumps via --coredumps if (a) you have taken
  leave of your sanity, and (b) you have some magical persistent
  storage which doesn't spare sectors, and (c) you know how to remove
  a file securely
+ bumped library version on NetBSD to 1.0 for interface changes
2009-05-27 00:38:26 +00:00
lukem b0d9fe21fa regenerate 2009-05-26 05:47:32 +00:00
lukem 14bfdb876a rcsid fixup 2009-05-26 05:42:25 +00:00
lukem 9d4ec13409 simplify header install 2009-05-26 05:41:41 +00:00
lukem fa0f212aba Improve SHA256_CTX checks; OS/X provides it in <CommonCrypto/CommonDigest.h>
even though their <openssl/sha.h> is too old.
2009-05-26 05:40:03 +00:00
lukem 5fc6630f84 Install libnetpgp.3.
Don't build -static
2009-05-26 05:20:25 +00:00
lukem 074150647a Provide a generated config.h in the NetBSD build reachover. 2009-05-26 05:11:17 +00:00