|
1 # |
|
2 # Per Solaris crypto team recommendation, we need to remove support for |
|
3 # Curve25519 from OpenSSH. |
|
4 # |
|
5 # Patch offered upstream but rejected: |
|
6 # https://bugzilla.mindrot.org/show_bug.cgi?id=2376 |
|
7 # |
1 diff -pur old/Makefile.in new/Makefile.in |
8 diff -pur old/Makefile.in new/Makefile.in |
2 --- old/Makefile.in 2015-04-10 02:43:51.101312444 -0700 |
9 --- old/Makefile.in 2015-12-07 15:58:19.591097920 -0800 |
3 +++ new/Makefile.in 2015-04-10 02:43:51.156820521 -0700 |
10 +++ new/Makefile.in 2015-12-07 16:05:02.810457680 -0800 |
4 @@ -138,7 +138,7 @@ $(SSHDOBJS): Makefile.in config.h |
11 @@ -153,7 +153,7 @@ $(SSHDOBJS): Makefile.in config.h |
5 $(CC) $(CFLAGS) $(CPPFLAGS) -c $< |
12 $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ |
6 |
13 |
7 LIBCOMPAT=openbsd-compat/libopenbsd-compat.a |
14 LIBCOMPAT=openbsd-compat/libopenbsd-compat.a |
8 -$(LIBCOMPAT): always |
15 -$(LIBCOMPAT): always |
9 +$(LIBCOMPAT): always libssh.a |
16 +$(LIBCOMPAT): always libssh.a |
10 (cd openbsd-compat && $(MAKE)) |
17 (cd openbsd-compat && $(MAKE)) |
11 always: |
18 always: |
12 |
19 |
13 Only in new: Makefile.in.orig |
|
14 diff -pur old/authfd.c new/authfd.c |
20 diff -pur old/authfd.c new/authfd.c |
15 --- old/authfd.c 2013-12-28 22:49:56.000000000 -0800 |
21 --- old/authfd.c |
16 +++ new/authfd.c 2015-04-10 02:43:51.157515880 -0700 |
22 +++ new/authfd.c |
17 @@ -508,8 +508,10 @@ ssh_add_identity_constrained(Authenticat |
23 @@ -565,8 +565,10 @@ ssh_add_identity_constrained(int sock, s |
18 case KEY_DSA_CERT_V00: |
|
19 case KEY_ECDSA: |
24 case KEY_ECDSA: |
20 case KEY_ECDSA_CERT: |
25 case KEY_ECDSA_CERT: |
|
26 #endif |
21 +#ifndef WITHOUT_ED25519 |
27 +#ifndef WITHOUT_ED25519 |
22 case KEY_ED25519: |
28 case KEY_ED25519: |
23 case KEY_ED25519_CERT: |
29 case KEY_ED25519_CERT: |
24 +#endif /* WITHOUT_ED25519 */ |
30 +#endif /* WITHOUT_ED25519 */ |
25 type = constrained ? |
31 type = constrained ? |
26 SSH2_AGENTC_ADD_ID_CONSTRAINED : |
32 SSH2_AGENTC_ADD_ID_CONSTRAINED : |
27 SSH2_AGENTC_ADD_IDENTITY; |
33 SSH2_AGENTC_ADD_IDENTITY; |
28 diff -pur old/authfile.c new/authfile.c |
34 diff -pur old/authfile.c new/authfile.c |
29 --- old/authfile.c 2013-12-28 22:50:15.000000000 -0800 |
35 --- old/authfile.c |
30 +++ new/authfile.c 2015-04-10 02:43:51.158405633 -0700 |
36 +++ new/authfile.c |
31 @@ -597,9 +597,11 @@ key_private_to_blob(Key *key, Buffer *bl |
37 @@ -449,7 +449,9 @@ sshkey_load_private_cert(int type, const |
32 comment, new_format_cipher, new_format_rounds); |
|
33 } |
|
34 return key_private_pem_to_blob(key, blob, passphrase, comment); |
|
35 +#ifndef WITHOUT_ED25519 |
|
36 case KEY_ED25519: |
|
37 return key_private_to_blob2(key, blob, passphrase, |
|
38 comment, new_format_cipher, new_format_rounds); |
|
39 +#endif /* WITHOUT_ED25519 */ |
|
40 default: |
|
41 error("%s: cannot save key type %d", __func__, key->type); |
|
42 return 0; |
|
43 @@ -1005,8 +1007,10 @@ key_parse_private_type(Buffer *blob, int |
|
44 case KEY_ECDSA: |
|
45 case KEY_RSA: |
|
46 return key_parse_private_pem(blob, type, passphrase, commentp); |
|
47 +#ifndef WITHOUT_ED25519 |
|
48 case KEY_ED25519: |
|
49 return key_parse_private2(blob, type, passphrase, commentp); |
|
50 +#endif /* WITHOUT_ED25519 */ |
|
51 case KEY_UNSPEC: |
|
52 if ((k = key_parse_private2(blob, type, passphrase, commentp))) |
|
53 return k; |
|
54 @@ -1213,7 +1217,9 @@ key_load_private_cert(int type, const ch |
|
55 case KEY_RSA: |
|
56 case KEY_DSA: |
38 case KEY_DSA: |
57 case KEY_ECDSA: |
39 case KEY_ECDSA: |
|
40 #endif /* WITH_OPENSSL */ |
58 +#ifndef WITHOUT_ED25519 |
41 +#ifndef WITHOUT_ED25519 |
59 case KEY_ED25519: |
42 case KEY_ED25519: |
60 +#endif /* WITHOUT_ED25519 */ |
43 +#endif /* WITHOUT_ED25519 */ |
|
44 case KEY_UNSPEC: |
61 break; |
45 break; |
62 default: |
46 default: |
63 error("%s: unsupported key type", __func__); |
47 diff -pur old/dns.c new/dns.c |
64 diff -pur old/crypto_api.h new/crypto_api.h |
48 --- old/dns.c |
65 --- old/crypto_api.h 2014-01-16 17:31:34.000000000 -0800 |
49 +++ new/dns.c |
66 +++ new/crypto_api.h 2015-04-10 02:43:51.158673341 -0700 |
50 @@ -100,11 +100,13 @@ dns_read_key(u_int8_t *algorithm, u_int8 |
67 @@ -26,7 +26,7 @@ int crypto_hashblocks_sha512(unsigned ch |
51 if (!*digest_type) |
68 |
52 *digest_type = SSHFP_HASH_SHA256; |
69 #define crypto_hash_sha512_BYTES 64U |
53 break; |
70 |
54 +#ifndef WITHOUT_ED25519 |
71 -int crypto_hash_sha512(unsigned char *, const unsigned char *, |
55 case KEY_ED25519: |
72 +extern int crypto_hash_sha512(unsigned char *, const unsigned char *, |
56 *algorithm = SSHFP_KEY_ED25519; |
73 unsigned long long); |
57 if (!*digest_type) |
74 |
58 *digest_type = SSHFP_HASH_SHA256; |
75 int crypto_verify_32(const unsigned char *, const unsigned char *); |
59 break; |
|
60 +#endif /* WITHOUT_ED25519 */ |
|
61 default: |
|
62 *algorithm = SSHFP_KEY_RESERVED; /* 0 */ |
|
63 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ |
|
64 diff -pur old/dns.h new/dns.h |
|
65 --- old/dns.h |
|
66 +++ new/dns.h |
|
67 @@ -33,7 +33,9 @@ enum sshfp_types { |
|
68 SSHFP_KEY_RSA = 1, |
|
69 SSHFP_KEY_DSA = 2, |
|
70 SSHFP_KEY_ECDSA = 3, |
|
71 - SSHFP_KEY_ED25519 = 4 |
|
72 +#ifndef WITHOUT_ED25519 |
|
73 + SSHFP_KEY_ED25519 = 4 |
|
74 +#endif /* WITHOUT_ED25519 */ |
|
75 }; |
|
76 |
|
77 enum sshfp_hashes { |
76 diff -pur old/ed25519.c new/ed25519.c |
78 diff -pur old/ed25519.c new/ed25519.c |
77 --- old/ed25519.c 2013-12-17 22:48:11.000000000 -0800 |
79 --- old/ed25519.c |
78 +++ new/ed25519.c 2015-04-10 02:43:51.158974499 -0700 |
80 +++ new/ed25519.c |
79 @@ -6,6 +6,8 @@ |
81 @@ -7,6 +7,7 @@ |
80 * Copied from supercop-20130419/crypto_sign/ed25519/ref/ed25519.c |
|
81 */ |
82 */ |
82 |
83 |
83 +#ifndef WITHOUT_ED25519 |
|
84 + |
|
85 #include "includes.h" |
84 #include "includes.h" |
|
85 +#ifndef WITHOUT_ED25519 |
86 #include "crypto_api.h" |
86 #include "crypto_api.h" |
87 |
87 |
88 @@ -142,3 +144,4 @@ int crypto_sign_ed25519_open( |
88 #include "ge25519.h" |
|
89 @@ -142,3 +143,4 @@ int crypto_sign_ed25519_open( |
89 } |
90 } |
90 return ret; |
91 return ret; |
91 } |
92 } |
92 +#endif /* WITHOUT_ED25519 */ |
93 +#endif /* WITHOUT_ED25519 */ |
93 diff -pur old/fe25519.c new/fe25519.c |
94 diff -pur old/fe25519.c new/fe25519.c |
94 --- old/fe25519.c 2014-01-16 17:43:44.000000000 -0800 |
95 --- old/fe25519.c |
95 +++ new/fe25519.c 2015-04-10 02:43:51.159348136 -0700 |
96 +++ new/fe25519.c |
96 @@ -6,6 +6,8 @@ |
97 @@ -8,6 +8,7 @@ |
97 * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c |
98 |
98 */ |
|
99 |
|
100 +#ifndef WITHOUT_ED25519 |
|
101 + |
|
102 #include "includes.h" |
99 #include "includes.h" |
103 |
100 |
|
101 +#ifndef WITHOUT_ED25519 |
104 #define WINDOWSIZE 1 /* Should be 1,2, or 4 */ |
102 #define WINDOWSIZE 1 /* Should be 1,2, or 4 */ |
105 @@ -335,3 +337,5 @@ void fe25519_pow2523(fe25519 *r, const f |
103 #define WINDOWMASK ((1<<WINDOWSIZE)-1) |
|
104 |
|
105 @@ -335,3 +336,4 @@ void fe25519_pow2523(fe25519 *r, const f |
106 /* 2^252 - 2^2 */ fe25519_square(&t,&t); |
106 /* 2^252 - 2^2 */ fe25519_square(&t,&t); |
107 /* 2^252 - 3 */ fe25519_mul(r,&t,x); |
107 /* 2^252 - 3 */ fe25519_mul(r,&t,x); |
108 } |
108 } |
109 + |
|
110 +#endif /* WITHOUT_ED25519 */ |
109 +#endif /* WITHOUT_ED25519 */ |
111 diff -pur old/fe25519.h new/fe25519.h |
110 diff -pur old/fe25519.h new/fe25519.h |
112 --- old/fe25519.h 2013-12-17 22:48:11.000000000 -0800 |
111 --- old/fe25519.h |
113 +++ new/fe25519.h 2015-04-10 02:43:51.159633614 -0700 |
112 +++ new/fe25519.h |
114 @@ -9,6 +9,8 @@ |
113 @@ -8,6 +8,7 @@ |
|
114 |
115 #ifndef FE25519_H |
115 #ifndef FE25519_H |
116 #define FE25519_H |
116 #define FE25519_H |
117 |
117 +#ifndef WITHOUT_ED25519 |
118 +#ifndef WITHOUT_ED25519 |
118 |
119 + |
|
120 #include "crypto_api.h" |
119 #include "crypto_api.h" |
121 |
120 |
122 #define fe25519 crypto_sign_ed25519_ref_fe25519 |
121 @@ -67,4 +68,5 @@ void fe25519_invert(fe25519 *r, const fe |
123 @@ -67,4 +69,5 @@ void fe25519_invert(fe25519 *r, const fe |
|
124 |
122 |
125 void fe25519_pow2523(fe25519 *r, const fe25519 *x); |
123 void fe25519_pow2523(fe25519 *r, const fe25519 *x); |
126 |
124 |
127 +#endif /* WITHOUT_ED25519 */ |
125 +#endif /* WITHOUT_ED25519 */ |
128 #endif |
126 #endif |
129 diff -pur old/ge25519.c new/ge25519.c |
127 diff -pur old/ge25519.c new/ge25519.c |
130 --- old/ge25519.c 2014-01-16 17:43:44.000000000 -0800 |
128 --- old/ge25519.c |
131 +++ new/ge25519.c 2015-04-10 02:43:51.160002884 -0700 |
129 +++ new/ge25519.c |
132 @@ -6,6 +6,8 @@ |
130 @@ -7,6 +7,7 @@ |
133 * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.c |
|
134 */ |
131 */ |
135 |
132 |
136 +#ifndef WITHOUT_ED25519 |
|
137 + |
|
138 #include "includes.h" |
133 #include "includes.h" |
|
134 +#ifndef WITHOUT_ED25519 |
139 |
135 |
140 #include "fe25519.h" |
136 #include "fe25519.h" |
141 @@ -319,3 +321,5 @@ void ge25519_scalarmult_base(ge25519_p3 |
137 #include "sc25519.h" |
|
138 @@ -319,3 +320,4 @@ void ge25519_scalarmult_base(ge25519_p3 |
142 ge25519_mixadd2(r, &t); |
139 ge25519_mixadd2(r, &t); |
143 } |
140 } |
144 } |
141 } |
145 + |
|
146 +#endif /* WITHOUT_ED25519 */ |
142 +#endif /* WITHOUT_ED25519 */ |
147 diff -pur old/ge25519.h new/ge25519.h |
143 diff -pur old/ge25519.h new/ge25519.h |
148 --- old/ge25519.h 2013-12-17 22:48:11.000000000 -0800 |
144 --- old/ge25519.h |
149 +++ new/ge25519.h 2015-04-10 02:43:51.160283095 -0700 |
145 +++ new/ge25519.h |
150 @@ -8,6 +8,7 @@ |
146 @@ -8,6 +8,7 @@ |
151 |
147 |
152 #ifndef GE25519_H |
148 #ifndef GE25519_H |
153 #define GE25519_H |
149 #define GE25519_H |
154 +#ifndef WITHOUT_ED25519 |
150 +#ifndef WITHOUT_ED25519 |
160 void ge25519_scalarmult_base(ge25519 *r, const sc25519 *s); |
156 void ge25519_scalarmult_base(ge25519 *r, const sc25519 *s); |
161 |
157 |
162 +#endif /* WITHOUT_ED25519 */ |
158 +#endif /* WITHOUT_ED25519 */ |
163 #endif |
159 #endif |
164 diff -pur old/kex.c new/kex.c |
160 diff -pur old/kex.c new/kex.c |
165 --- old/kex.c 2014-01-25 14:38:04.000000000 -0800 |
161 --- old/kex.c |
166 +++ new/kex.c 2015-04-10 02:43:51.160754653 -0700 |
162 +++ new/kex.c |
167 @@ -87,7 +87,7 @@ static const struct kexalg kexalgs[] = { |
163 @@ -96,9 +96,11 @@ static const struct kexalg kexalgs[] = { |
168 # endif |
164 # endif /* OPENSSL_HAS_NISTP521 */ |
169 #endif |
165 #endif /* OPENSSL_HAS_ECC */ |
170 { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
166 #endif /* WITH_OPENSSL */ |
171 -#ifdef HAVE_EVP_SHA256 |
167 +#ifndef WITHOUT_ED25519 |
172 +#if defined(HAVE_EVP_SHA256) && !defined(WITHOUT_ED25519) |
168 #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) |
173 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, |
169 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, |
174 #endif |
170 #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ |
175 { NULL, -1, -1, -1}, |
171 +#endif /* WITHOUT_ED25519 */ |
176 Only in new: kex.c.orig |
172 #ifdef GSSAPI |
|
173 { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, |
|
174 { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
177 diff -pur old/kex.h new/kex.h |
175 diff -pur old/kex.h new/kex.h |
178 --- old/kex.h 2014-01-25 14:37:26.000000000 -0800 |
176 --- old/kex.h |
179 +++ new/kex.h 2015-04-10 02:47:29.726358404 -0700 |
177 +++ new/kex.h |
180 @@ -43,7 +43,9 @@ |
178 @@ -58,13 +58,17 @@ |
181 #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
179 #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
182 #define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" |
180 #define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" |
183 #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" |
181 #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" |
184 +#ifndef WITHOUT_ED25519 |
182 +#ifndef WITHOUT_ED25519 |
185 #define KEX_CURVE25519_SHA256 "[email protected]" |
183 #define KEX_CURVE25519_SHA256 "[email protected]" |
186 +#endif /* WITHOUT_ED25519 */ |
184 +#endif /* WITHOUT_ED25519 */ |
187 |
185 |
188 #define COMP_NONE 0 |
186 #define COMP_NONE 0 |
189 #define COMP_ZLIB 1 |
187 #define COMP_ZLIB 1 |
190 @@ -75,7 +77,9 @@ enum kex_exchange { |
188 #define COMP_DELAYED 2 |
|
189 |
|
190 +#ifndef WITHOUT_ED25519 |
|
191 #define CURVE25519_SIZE 32 |
|
192 +#endif /* WITHOUT_ED25519 */ |
|
193 |
|
194 enum kex_init_proposals { |
|
195 PROPOSAL_KEX_ALGS, |
|
196 @@ -92,7 +96,9 @@ enum kex_exchange { |
191 KEX_DH_GEX_SHA1, |
197 KEX_DH_GEX_SHA1, |
192 KEX_DH_GEX_SHA256, |
198 KEX_DH_GEX_SHA256, |
193 KEX_ECDH_SHA2, |
199 KEX_ECDH_SHA2, |
194 +#ifndef WITHOUT_ED25519 |
200 +#ifndef WITHOUT_ED25519 |
195 KEX_C25519_SHA256, |
201 KEX_C25519_SHA256, |
196 +#endif /* WITHOUT_ED25519 */ |
202 +#endif /* WITHOUT_ED25519 */ |
197 KEX_MAX |
203 KEX_GSS_GRP1_SHA1, |
|
204 KEX_GSS_GRP14_SHA1, |
|
205 KEX_GSS_GEX_SHA1, |
|
206 @@ -161,8 +167,10 @@ struct kex { |
|
207 u_int min, max, nbits; /* GEX */ |
|
208 EC_KEY *ec_client_key; /* ECDH */ |
|
209 const EC_GROUP *ec_group; /* ECDH */ |
|
210 +#ifndef WITHOUT_ED25519 |
|
211 u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */ |
|
212 u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */ |
|
213 +#endif /* WITHOUT_ED25519 */ |
198 }; |
214 }; |
199 |
215 |
200 @@ -165,8 +169,10 @@ void kexgex_client(Kex *); |
216 int kex_names_valid(const char *); |
201 void kexgex_server(Kex *); |
217 @@ -191,8 +199,10 @@ int kexgex_client(struct ssh *); |
202 void kexecdh_client(Kex *); |
218 int kexgex_server(struct ssh *); |
203 void kexecdh_server(Kex *); |
219 int kexecdh_client(struct ssh *); |
204 +#ifndef WITHOUT_ED25519 |
220 int kexecdh_server(struct ssh *); |
205 void kexc25519_client(Kex *); |
221 +#ifndef WITHOUT_ED25519 |
206 void kexc25519_server(Kex *); |
222 int kexc25519_client(struct ssh *); |
207 +#endif /* WITHOUT_ED25519 */ |
223 int kexc25519_server(struct ssh *); |
208 |
224 +#endif /* WITHOUT_ED25519 */ |
209 void |
225 #ifdef GSSAPI |
210 kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, |
226 int kexgss_client(struct ssh *); |
211 @@ -181,6 +187,7 @@ kex_ecdh_hash(int, const EC_GROUP *, cha |
227 int kexgss_server(struct ssh *); |
212 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, |
228 @@ -213,6 +223,7 @@ int kex_ecdh_hash(int, const EC_GROUP *, |
213 const BIGNUM *, u_char **, u_int *); |
229 const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
214 #endif |
230 const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); |
215 +#ifndef WITHOUT_ED25519 |
231 |
216 void |
232 +#ifndef WITHOUT_ED25519 |
217 kex_c25519_hash(int, char *, char *, char *, int, |
233 int kex_c25519_hash(int, const char *, const char *, const char *, size_t, |
218 char *, int, u_char *, int, const u_char *, const u_char *, |
234 const char *, size_t, const u_char *, size_t, const u_char *, const u_char *, |
219 @@ -194,6 +201,7 @@ void kexc25519_shared_key(const u_char k |
235 const u_char *, size_t, u_char *, size_t *); |
220 const u_char pub[CURVE25519_SIZE], Buffer *out) |
236 @@ -224,6 +235,7 @@ int kexc25519_shared_key(const u_char ke |
|
237 const u_char pub[CURVE25519_SIZE], struct sshbuf *out) |
221 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
238 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
222 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
239 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
223 +#endif /* WITHOUT_ED25519 */ |
240 +#endif /* WITHOUT_ED25519 */ |
224 |
241 |
225 void |
242 int |
226 derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
243 derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
227 Only in new: kex.h.orig |
|
228 Only in new: kex.h.rej |
|
229 diff -pur old/kexc25519.c new/kexc25519.c |
244 diff -pur old/kexc25519.c new/kexc25519.c |
230 --- old/kexc25519.c 2014-01-12 00:21:23.000000000 -0800 |
245 --- old/kexc25519.c |
231 +++ new/kexc25519.c 2015-04-10 02:43:51.161993727 -0700 |
246 +++ new/kexc25519.c |
232 @@ -25,6 +25,8 @@ |
247 @@ -27,6 +27,7 @@ |
233 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
248 |
234 */ |
249 #include "includes.h" |
|
250 |
|
251 +#ifndef WITHOUT_ED25519 |
|
252 #include <sys/types.h> |
|
253 |
|
254 #include <signal.h> |
|
255 @@ -131,3 +132,4 @@ kex_c25519_hash( |
|
256 #endif |
|
257 return 0; |
|
258 } |
|
259 +#endif /* WITHOUT_ED25519 */ |
|
260 diff -pur old/kexc25519c.c new/kexc25519c.c |
|
261 --- old/kexc25519c.c |
|
262 +++ new/kexc25519c.c |
|
263 @@ -27,6 +27,7 @@ |
|
264 |
|
265 #include "includes.h" |
|
266 |
|
267 +#ifndef WITHOUT_ED25519 |
|
268 #include <sys/types.h> |
|
269 |
|
270 #include <stdio.h> |
|
271 @@ -168,3 +169,4 @@ out: |
|
272 sshbuf_free(shared_secret); |
|
273 return r; |
|
274 } |
|
275 +#endif /* WITHOUT_ED25519 */ |
|
276 diff -pur old/kexc25519s.c new/kexc25519s.c |
|
277 --- old/kexc25519s.c |
|
278 +++ new/kexc25519s.c |
|
279 @@ -26,6 +26,8 @@ |
|
280 |
|
281 #include "includes.h" |
235 |
282 |
236 +#ifndef WITHOUT_ED25519 |
283 +#ifndef WITHOUT_ED25519 |
237 + |
284 + |
238 #include "includes.h" |
|
239 |
|
240 #include <sys/types.h> |
285 #include <sys/types.h> |
241 @@ -120,3 +122,5 @@ kex_c25519_hash( |
286 #include <stdio.h> |
242 *hash = digest; |
287 #include <string.h> |
243 *hashlen = ssh_digest_bytes(hash_alg); |
288 @@ -157,3 +159,4 @@ out: |
|
289 sshbuf_free(shared_secret); |
|
290 return r; |
244 } |
291 } |
|
292 +#endif /* WITHOUT_ED25519 */ |
|
293 diff -pur old/monitor.c new/monitor.c |
|
294 --- old/monitor.c |
|
295 +++ new/monitor.c |
|
296 @@ -1941,7 +1941,9 @@ monitor_apply_keystate(struct monitor *p |
|
297 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
|
298 # endif |
|
299 #endif /* WITH_OPENSSL */ |
|
300 +#ifndef WITHOUT_ED25519 |
|
301 kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
|
302 +#endif /* WITHOUT_ED25519 */ |
|
303 #ifdef GSSAPI |
|
304 if (options.gss_keyex) { |
|
305 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
|
306 diff -pur old/myproposal.h new/myproposal.h |
|
307 --- old/myproposal.h |
|
308 +++ new/myproposal.h |
|
309 @@ -59,6 +59,20 @@ |
|
310 # define HOSTKEY_ECDSA_METHODS |
|
311 #endif |
|
312 |
|
313 +#ifndef WITHOUT_ED25519 |
|
314 +# if defined(WITH_OPENSSL) && defined(HAVE_EVP_SHA256) |
|
315 +# define KEX_CURVE25519_METHODS "[email protected]," |
|
316 +# else |
|
317 +# define KEX_CURVE25519_METHODS |
|
318 +# endif |
|
319 +# define HOSTKEY_CURVE25519_CERT_METHODS "[email protected]," |
|
320 +# define HOSTKEY_CURVE25519_METHODS "ssh-ed25519," |
|
321 +#else |
|
322 +# define KEX_CURVE25519_METHODS |
|
323 +# define HOSTKEY_CURVE25519_CERT_METHODS |
|
324 +# define HOSTKEY_CURVE25519_METHODS |
|
325 +#endif /* WITHOUT_ED25519 */ |
245 + |
326 + |
246 +#endif /* WITHOUT_ED25519 */ |
327 #ifdef OPENSSL_HAVE_EVPGCM |
247 diff -pur old/kexc25519c.c new/kexc25519c.c |
328 # define AESGCM_CIPHER_MODES \ |
248 --- old/kexc25519c.c 2014-01-12 00:21:23.000000000 -0800 |
329 ",[email protected],[email protected]" |
249 +++ new/kexc25519c.c 2015-04-10 02:43:51.162319004 -0700 |
330 @@ -78,11 +92,6 @@ |
250 @@ -25,6 +25,8 @@ |
|
251 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
252 */ |
|
253 |
|
254 +#ifndef WITHOUT_ED25519 |
|
255 + |
|
256 #include "includes.h" |
|
257 |
|
258 #include <sys/types.h> |
|
259 @@ -127,3 +129,5 @@ kexc25519_client(Kex *kex) |
|
260 buffer_free(&shared_secret); |
|
261 kex_finish(kex); |
|
262 } |
|
263 + |
|
264 +#endif /* WITHOUT_ED25519 */ |
|
265 diff -pur old/kexc25519s.c new/kexc25519s.c |
|
266 --- old/kexc25519s.c 2014-01-12 00:21:23.000000000 -0800 |
|
267 +++ new/kexc25519s.c 2015-04-10 02:43:51.162628310 -0700 |
|
268 @@ -24,6 +24,8 @@ |
|
269 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
270 */ |
|
271 |
|
272 +#ifndef WITHOUT_ED25519 |
|
273 + |
|
274 #include "includes.h" |
|
275 |
|
276 #include <sys/types.h> |
|
277 @@ -124,3 +126,5 @@ kexc25519_server(Kex *kex) |
|
278 buffer_free(&shared_secret); |
|
279 kex_finish(kex); |
|
280 } |
|
281 + |
|
282 +#endif /* WITHOUT_ED25519 */ |
|
283 diff -pur old/key.c new/key.c |
|
284 --- old/key.c 2014-01-09 15:58:53.000000000 -0800 |
|
285 +++ new/key.c 2015-04-10 02:48:40.602200617 -0700 |
|
286 @@ -89,8 +89,10 @@ key_new(int type) |
|
287 k->dsa = NULL; |
|
288 k->rsa = NULL; |
|
289 k->cert = NULL; |
|
290 +#ifndef WITHOUT_ED25519 |
|
291 k->ed25519_sk = NULL; |
|
292 k->ed25519_pk = NULL; |
|
293 +#endif /* WITHOUT_ED25519 */ |
|
294 switch (k->type) { |
|
295 case KEY_RSA1: |
|
296 case KEY_RSA: |
|
297 @@ -125,10 +127,12 @@ key_new(int type) |
|
298 /* Cannot do anything until we know the group */ |
|
299 break; |
|
300 #endif |
331 #endif |
301 +#ifndef WITHOUT_ED25519 |
332 |
302 case KEY_ED25519: |
333 #ifdef WITH_OPENSSL |
303 case KEY_ED25519_CERT: |
334 -# ifdef HAVE_EVP_SHA256 |
304 /* no need to prealloc */ |
335 -# define KEX_CURVE25519_METHODS "[email protected]," |
305 break; |
336 -# else |
306 +#endif /* WITHOUT_ED25519 */ |
337 -# define KEX_CURVE25519_METHODS "" |
307 case KEY_UNSPEC: |
338 -# endif |
308 break; |
339 #define KEX_COMMON_KEX \ |
309 default: |
|
310 @@ -173,10 +177,12 @@ key_add_private(Key *k) |
|
311 case KEY_ECDSA_CERT: |
|
312 /* Cannot do anything until we know the group */ |
|
313 break; |
|
314 +#ifndef WITHOUT_ED25519 |
|
315 case KEY_ED25519: |
|
316 case KEY_ED25519_CERT: |
|
317 /* no need to prealloc */ |
|
318 break; |
|
319 +#endif /* WITHOUT_ED25519 */ |
|
320 case KEY_UNSPEC: |
|
321 break; |
|
322 default: |
|
323 @@ -239,6 +245,7 @@ key_free(Key *k) |
|
324 k->ecdsa = NULL; |
|
325 break; |
|
326 #endif |
|
327 +#ifndef WITHOUT_ED25519 |
|
328 case KEY_ED25519: |
|
329 case KEY_ED25519_CERT: |
|
330 if (k->ed25519_pk) { |
|
331 @@ -252,6 +259,7 @@ key_free(Key *k) |
|
332 k->ed25519_sk = NULL; |
|
333 } |
|
334 break; |
|
335 +#endif /* WITHOUT_ED25519 */ |
|
336 case KEY_UNSPEC: |
|
337 break; |
|
338 default: |
|
339 @@ -333,10 +341,12 @@ key_equal_public(const Key *a, const Key |
|
340 BN_CTX_free(bnctx); |
|
341 return 1; |
|
342 #endif /* OPENSSL_HAS_ECC */ |
|
343 +#ifndef WITHOUT_ED25519 |
|
344 case KEY_ED25519: |
|
345 case KEY_ED25519_CERT: |
|
346 return a->ed25519_pk != NULL && b->ed25519_pk != NULL && |
|
347 memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0; |
|
348 +#endif /* WITHOUT_ED25519 */ |
|
349 default: |
|
350 fatal("key_equal: bad key type %d", a->type); |
|
351 } |
|
352 @@ -392,7 +402,9 @@ key_fingerprint_raw(const Key *k, enum f |
|
353 case KEY_DSA: |
|
354 case KEY_ECDSA: |
|
355 case KEY_RSA: |
|
356 +#ifndef WITHOUT_ED25519 |
|
357 case KEY_ED25519: |
|
358 +#endif /* WITHOUT_ED25519 */ |
|
359 key_to_blob(k, &blob, &len); |
|
360 break; |
|
361 case KEY_DSA_CERT_V00: |
|
362 @@ -400,7 +412,9 @@ key_fingerprint_raw(const Key *k, enum f |
|
363 case KEY_DSA_CERT: |
|
364 case KEY_ECDSA_CERT: |
|
365 case KEY_RSA_CERT: |
|
366 +#ifndef WITHOUT_ED25519 |
|
367 case KEY_ED25519_CERT: |
|
368 +#endif /* WITHOUT_ED25519 */ |
|
369 /* We want a fingerprint of the _key_ not of the cert */ |
|
370 to_blob(k, &blob, &len, 1); |
|
371 break; |
|
372 @@ -728,13 +742,17 @@ key_read(Key *ret, char **cpp) |
|
373 case KEY_RSA: |
|
374 case KEY_DSA: |
|
375 case KEY_ECDSA: |
|
376 +#ifndef WITHOUT_ED25519 |
|
377 case KEY_ED25519: |
|
378 +#endif /* WITHOUT_ED25519 */ |
|
379 case KEY_DSA_CERT_V00: |
|
380 case KEY_RSA_CERT_V00: |
|
381 case KEY_DSA_CERT: |
|
382 case KEY_ECDSA_CERT: |
|
383 case KEY_RSA_CERT: |
|
384 +#ifndef WITHOUT_ED25519 |
|
385 case KEY_ED25519_CERT: |
|
386 +#endif /* WITHOUT_ED25519 */ |
|
387 space = strchr(cp, ' '); |
|
388 if (space == NULL) { |
|
389 debug3("key_read: missing whitespace"); |
|
390 @@ -836,6 +854,7 @@ key_read(Key *ret, char **cpp) |
|
391 #endif |
|
392 } |
|
393 #endif |
|
394 +#ifndef WITHOUT_ED25519 |
|
395 if (key_type_plain(ret->type) == KEY_ED25519) { |
|
396 free(ret->ed25519_pk); |
|
397 ret->ed25519_pk = k->ed25519_pk; |
|
398 @@ -844,6 +863,7 @@ key_read(Key *ret, char **cpp) |
|
399 /* XXX */ |
|
400 #endif |
|
401 } |
|
402 +#endif /* WITHOUT_ED25519 */ |
|
403 success = 1; |
|
404 /*XXXX*/ |
|
405 key_free(k); |
|
406 @@ -907,11 +927,13 @@ key_write(const Key *key, FILE *f) |
|
407 return 0; |
|
408 break; |
|
409 #endif |
|
410 +#ifndef WITHOUT_ED25519 |
|
411 case KEY_ED25519: |
|
412 case KEY_ED25519_CERT: |
|
413 if (key->ed25519_pk == NULL) |
|
414 return 0; |
|
415 break; |
|
416 +#endif /* WITHOUT_ED25519 */ |
|
417 case KEY_RSA: |
|
418 case KEY_RSA_CERT_V00: |
|
419 case KEY_RSA_CERT: |
|
420 @@ -959,7 +981,9 @@ static const struct keytype keytypes[] = |
|
421 { NULL, "RSA1", KEY_RSA1, 0, 0 }, |
|
422 { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, |
|
423 { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, |
|
424 +#ifndef WITHOUT_ED25519 |
|
425 { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 }, |
|
426 +#endif /* WITHOUT_ED25519 */ |
|
427 #ifdef OPENSSL_HAS_ECC |
|
428 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 }, |
|
429 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 }, |
|
430 @@ -983,8 +1007,10 @@ static const struct keytype keytypes[] = |
|
431 KEY_RSA_CERT_V00, 0, 1 }, |
|
432 { "[email protected]", "DSA-CERT-V00", |
|
433 KEY_DSA_CERT_V00, 0, 1 }, |
|
434 +#ifndef WITHOUT_ED25519 |
|
435 { "[email protected]", "ED25519-CERT", |
|
436 KEY_ED25519_CERT, 0, 1 }, |
|
437 +#endif /* WITHOUT_ED25519 */ |
|
438 { NULL, NULL, -1, -1, 0 } |
|
439 }; |
|
440 |
|
441 @@ -1096,7 +1122,9 @@ key_type_is_valid_ca(int type) |
|
442 case KEY_RSA: |
|
443 case KEY_DSA: |
|
444 case KEY_ECDSA: |
|
445 +#ifndef WITHOUT_ED25519 |
|
446 case KEY_ED25519: |
|
447 +#endif /* WITHOUT_ED25519 */ |
|
448 return 1; |
|
449 default: |
|
450 return 0; |
|
451 @@ -1116,8 +1144,10 @@ key_size(const Key *k) |
|
452 case KEY_DSA_CERT_V00: |
|
453 case KEY_DSA_CERT: |
|
454 return BN_num_bits(k->dsa->p); |
|
455 +#ifndef WITHOUT_ED25519 |
|
456 case KEY_ED25519: |
|
457 return 256; /* XXX */ |
|
458 +#endif /* WITHOUT_ED25519 */ |
|
459 #ifdef OPENSSL_HAS_ECC |
|
460 case KEY_ECDSA: |
|
461 case KEY_ECDSA_CERT: |
|
462 @@ -1261,11 +1291,13 @@ key_generate(int type, u_int bits) |
|
463 case KEY_RSA1: |
|
464 k->rsa = rsa_generate_private_key(bits); |
|
465 break; |
|
466 +#ifndef WITHOUT_ED25519 |
|
467 case KEY_ED25519: |
|
468 k->ed25519_pk = xmalloc(ED25519_PK_SZ); |
|
469 k->ed25519_sk = xmalloc(ED25519_SK_SZ); |
|
470 crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk); |
|
471 break; |
|
472 +#endif /* WITHOUT_ED25519 */ |
|
473 case KEY_RSA_CERT_V00: |
|
474 case KEY_DSA_CERT_V00: |
|
475 case KEY_RSA_CERT: |
|
476 @@ -1359,6 +1391,7 @@ key_from_private(const Key *k) |
|
477 (BN_copy(n->rsa->e, k->rsa->e) == NULL)) |
|
478 fatal("key_from_private: BN_copy failed"); |
|
479 break; |
|
480 +#ifndef WITHOUT_ED25519 |
|
481 case KEY_ED25519: |
|
482 case KEY_ED25519_CERT: |
|
483 n = key_new(k->type); |
|
484 @@ -1367,6 +1400,7 @@ key_from_private(const Key *k) |
|
485 memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); |
|
486 } |
|
487 break; |
|
488 +#endif /* WITHOUT_ED25519 */ |
|
489 default: |
|
490 fatal("key_from_private: unknown type %d", k->type); |
|
491 break; |
|
492 @@ -1628,6 +1662,7 @@ key_from_blob2(const u_char *blob, u_int |
|
493 #endif |
|
494 break; |
|
495 #endif /* OPENSSL_HAS_ECC */ |
|
496 +#ifndef WITHOUT_ED25519 |
|
497 case KEY_ED25519_CERT: |
|
498 (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */ |
|
499 /* FALLTHROUGH */ |
|
500 @@ -1645,6 +1680,7 @@ key_from_blob2(const u_char *blob, u_int |
|
501 key->ed25519_pk = pk; |
|
502 pk = NULL; |
|
503 break; |
|
504 +#endif /* WITHOUT_ED25519 */ |
|
505 case KEY_UNSPEC: |
|
506 key = key_new(type); |
|
507 break; |
|
508 @@ -1699,7 +1735,9 @@ to_blob(const Key *key, u_char **blobp, |
|
509 case KEY_DSA_CERT: |
|
510 case KEY_ECDSA_CERT: |
|
511 case KEY_RSA_CERT: |
|
512 +#ifndef WITHOUT_ED25519 |
|
513 case KEY_ED25519_CERT: |
|
514 +#endif /* WITHOUT_ED25519 */ |
|
515 /* Use the existing blob */ |
|
516 buffer_append(&b, buffer_ptr(&key->cert->certblob), |
|
517 buffer_len(&key->cert->certblob)); |
|
518 @@ -1727,11 +1765,13 @@ to_blob(const Key *key, u_char **blobp, |
|
519 buffer_put_bignum2(&b, key->rsa->e); |
|
520 buffer_put_bignum2(&b, key->rsa->n); |
|
521 break; |
|
522 +#ifndef WITHOUT_ED25519 |
|
523 case KEY_ED25519: |
|
524 buffer_put_cstring(&b, |
|
525 key_ssh_name_from_type_nid(type, key->ecdsa_nid)); |
|
526 buffer_put_string(&b, key->ed25519_pk, ED25519_PK_SZ); |
|
527 break; |
|
528 +#endif /* WITHOUT_ED25519 */ |
|
529 default: |
|
530 error("key_to_blob: unsupported key type %d", key->type); |
|
531 buffer_free(&b); |
|
532 @@ -1775,9 +1815,11 @@ key_sign( |
|
533 case KEY_RSA_CERT: |
|
534 case KEY_RSA: |
|
535 return ssh_rsa_sign(key, sigp, lenp, data, datalen); |
|
536 +#ifndef WITHOUT_ED25519 |
|
537 case KEY_ED25519: |
|
538 case KEY_ED25519_CERT: |
|
539 return ssh_ed25519_sign(key, sigp, lenp, data, datalen); |
|
540 +#endif /* WITHOUT_ED25519 */ |
|
541 default: |
|
542 error("key_sign: invalid key type %d", key->type); |
|
543 return -1; |
|
544 @@ -1811,9 +1853,11 @@ key_verify( |
|
545 case KEY_RSA_CERT: |
|
546 case KEY_RSA: |
|
547 return ssh_rsa_verify(key, signature, signaturelen, data, datalen); |
|
548 +#ifndef WITHOUT_ED25519 |
|
549 case KEY_ED25519: |
|
550 case KEY_ED25519_CERT: |
|
551 return ssh_ed25519_verify(key, signature, signaturelen, data, datalen); |
|
552 +#endif /* WITHOUT_ED25519 */ |
|
553 default: |
|
554 error("key_verify: invalid key type %d", key->type); |
|
555 return -1; |
|
556 @@ -1833,8 +1877,10 @@ key_demote(const Key *k) |
|
557 pk->dsa = NULL; |
|
558 pk->ecdsa = NULL; |
|
559 pk->rsa = NULL; |
|
560 +#ifndef WITHOUT_ED25519 |
|
561 pk->ed25519_pk = NULL; |
|
562 pk->ed25519_sk = NULL; |
|
563 +#endif /* WITHOUT_ED25519 */ |
|
564 |
|
565 switch (k->type) { |
|
566 case KEY_RSA_CERT_V00: |
|
567 @@ -1878,6 +1924,7 @@ key_demote(const Key *k) |
|
568 fatal("key_demote: EC_KEY_set_public_key failed"); |
|
569 break; |
|
570 #endif |
|
571 +#ifndef WITHOUT_ED25519 |
|
572 case KEY_ED25519_CERT: |
|
573 key_cert_copy(k, pk); |
|
574 /* FALLTHROUGH */ |
|
575 @@ -1887,6 +1934,7 @@ key_demote(const Key *k) |
|
576 memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); |
|
577 } |
|
578 break; |
|
579 +#endif /* WITHOUT_ED25519 */ |
|
580 default: |
|
581 fatal("key_demote: bad key type %d", k->type); |
|
582 break; |
|
583 @@ -1916,8 +1964,10 @@ key_type_plain(int type) |
|
584 return KEY_DSA; |
|
585 case KEY_ECDSA_CERT: |
|
586 return KEY_ECDSA; |
|
587 +#ifndef WITHOUT_ED25519 |
|
588 case KEY_ED25519_CERT: |
|
589 return KEY_ED25519; |
|
590 +#endif /* WITHOUT_ED25519 */ |
|
591 default: |
|
592 return type; |
|
593 } |
|
594 @@ -1943,6 +1993,7 @@ key_to_certified(Key *k, int legacy) |
|
595 k->cert = cert_new(); |
|
596 k->type = KEY_ECDSA_CERT; |
|
597 return 0; |
|
598 +#ifndef WITHOUT_ED25519 |
|
599 case KEY_ED25519: |
|
600 if (legacy) |
|
601 fatal("%s: legacy ED25519 certificates are not " |
|
602 @@ -1950,6 +2001,7 @@ key_to_certified(Key *k, int legacy) |
|
603 k->cert = cert_new(); |
|
604 k->type = KEY_ED25519_CERT; |
|
605 return 0; |
|
606 +#endif /* WITHOUT_ED25519 */ |
|
607 default: |
|
608 error("%s: key has incorrect type %s", __func__, key_type(k)); |
|
609 return -1; |
|
610 @@ -2028,10 +2080,12 @@ key_certify(Key *k, Key *ca) |
|
611 buffer_put_bignum2(&k->cert->certblob, k->rsa->e); |
|
612 buffer_put_bignum2(&k->cert->certblob, k->rsa->n); |
|
613 break; |
|
614 +#ifndef WITHOUT_ED25519 |
|
615 case KEY_ED25519_CERT: |
|
616 buffer_put_string(&k->cert->certblob, |
|
617 k->ed25519_pk, ED25519_PK_SZ); |
|
618 break; |
|
619 +#endif /* WITHOUT_ED25519 */ |
|
620 default: |
|
621 error("%s: key has incorrect type %s", __func__, key_type(k)); |
|
622 buffer_clear(&k->cert->certblob); |
|
623 @@ -2449,6 +2503,7 @@ key_private_serialize(const Key *key, Bu |
|
624 buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa)); |
|
625 break; |
|
626 #endif /* OPENSSL_HAS_ECC */ |
|
627 +#ifndef WITHOUT_ED25519 |
|
628 case KEY_ED25519: |
|
629 buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ); |
|
630 buffer_put_string(b, key->ed25519_sk, ED25519_SK_SZ); |
|
631 @@ -2461,6 +2516,7 @@ key_private_serialize(const Key *key, Bu |
|
632 buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ); |
|
633 buffer_put_string(b, key->ed25519_sk, ED25519_SK_SZ); |
|
634 break; |
|
635 +#endif /* WITHOUT_ED25519 */ |
|
636 } |
|
637 } |
|
638 |
|
639 @@ -2575,6 +2631,7 @@ key_private_deserialize(Buffer *blob) |
|
640 buffer_get_bignum2(blob, k->rsa->p); |
|
641 buffer_get_bignum2(blob, k->rsa->q); |
|
642 break; |
|
643 +#ifndef WITHOUT_ED25519 |
|
644 case KEY_ED25519: |
|
645 k = key_new_private(type); |
|
646 k->ed25519_pk = buffer_get_string(blob, &pklen); |
|
647 @@ -2601,6 +2658,7 @@ key_private_deserialize(Buffer *blob) |
|
648 fatal("%s: ed25519 sklen %d != %d", |
|
649 __func__, sklen, ED25519_SK_SZ); |
|
650 break; |
|
651 +#endif /* WITHOUT_ED25519 */ |
|
652 default: |
|
653 free(type_name); |
|
654 buffer_clear(blob); |
|
655 Only in new: key.c.orig |
|
656 Only in new: key.c.rej |
|
657 diff -pur old/key.h new/key.h |
|
658 --- old/key.h 2014-01-09 15:58:53.000000000 -0800 |
|
659 +++ new/key.h 2015-04-10 02:43:51.166553603 -0700 |
|
660 @@ -39,11 +39,15 @@ enum types { |
|
661 KEY_RSA, |
|
662 KEY_DSA, |
|
663 KEY_ECDSA, |
|
664 +#ifndef WITHOUT_ED25519 |
|
665 KEY_ED25519, |
|
666 +#endif /* WITHOUT_ED25519 */ |
|
667 KEY_RSA_CERT, |
|
668 KEY_DSA_CERT, |
|
669 KEY_ECDSA_CERT, |
|
670 +#ifndef WITHOUT_ED25519 |
|
671 KEY_ED25519_CERT, |
|
672 +#endif /* WITHOUT_ED25519 */ |
|
673 KEY_RSA_CERT_V00, |
|
674 KEY_DSA_CERT_V00, |
|
675 KEY_UNSPEC |
|
676 @@ -88,12 +92,16 @@ struct Key { |
|
677 void *ecdsa; |
|
678 #endif |
|
679 struct KeyCert *cert; |
|
680 +#ifndef WITHOUT_ED25519 |
|
681 u_char *ed25519_sk; |
|
682 u_char *ed25519_pk; |
|
683 +#endif /* WITHOUT_ED25519 */ |
|
684 }; |
|
685 |
|
686 +#ifndef WITHOUT_ED25519 |
|
687 #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES |
|
688 #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES |
|
689 +#endif /* WITHOUT_ED25519 */ |
|
690 |
|
691 Key *key_new(int); |
|
692 void key_add_private(Key *); |
|
693 @@ -152,8 +160,10 @@ int ssh_ecdsa_sign(const Key *, u_char |
|
694 int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
695 int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
|
696 int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
697 +#ifndef WITHOUT_ED25519 |
|
698 int ssh_ed25519_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
|
699 int ssh_ed25519_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
700 +#endif /* WITHOUT_ED25519 */ |
|
701 |
|
702 #if defined(OPENSSL_HAS_ECC) && (defined(DEBUG_KEXECDH) || defined(DEBUG_PK)) |
|
703 void key_dump_ec_point(const EC_GROUP *, const EC_POINT *); |
|
704 Only in new: key.h.orig |
|
705 diff -pur old/monitor.c new/monitor.c |
|
706 --- old/monitor.c 2015-04-10 02:43:51.067342317 -0700 |
|
707 +++ new/monitor.c 2015-04-10 02:49:10.399820034 -0700 |
|
708 @@ -1887,7 +1887,9 @@ mm_get_kex(Buffer *m) |
|
709 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
|
710 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
|
711 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
|
712 +#ifndef WITHOUT_ED25519 |
|
713 kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
|
714 +#endif /* WITHOUT_ED25519 */ |
|
715 kex->server = 1; |
|
716 kex->hostkey_type = buffer_get_int(m); |
|
717 kex->kex_type = buffer_get_int(m); |
|
718 Only in new: monitor.c.orig |
|
719 Only in new: monitor.c.rej |
|
720 diff -pur old/myproposal.h new/myproposal.h |
|
721 --- old/myproposal.h 2013-12-06 16:24:02.000000000 -0800 |
|
722 +++ new/myproposal.h 2015-04-10 02:43:51.168744484 -0700 |
|
723 @@ -80,6 +80,24 @@ |
|
724 # define SHA2_HMAC_MODES |
|
725 #endif |
|
726 |
|
727 +#ifdef WITHOUT_ED25519 |
|
728 +# define KEX_DEFAULT_KEX \ |
|
729 + KEX_ECDH_METHODS \ |
|
730 + KEX_SHA256_METHODS \ |
|
731 + "diffie-hellman-group-exchange-sha1," \ |
|
732 + "diffie-hellman-group14-sha1," \ |
|
733 + "diffie-hellman-group1-sha1" |
|
734 + |
|
735 +#define KEX_DEFAULT_PK_ALG \ |
|
736 + HOSTKEY_ECDSA_CERT_METHODS \ |
|
737 + "[email protected]," \ |
|
738 + "[email protected]," \ |
|
739 + "[email protected]," \ |
|
740 + "[email protected]," \ |
|
741 + HOSTKEY_ECDSA_METHODS \ |
|
742 + "ssh-rsa," \ |
|
743 + "ssh-dss" |
|
744 +#else /* WITHOUT_ED25519 */ |
|
745 # define KEX_DEFAULT_KEX \ |
|
746 KEX_CURVE25519_METHODS \ |
340 KEX_CURVE25519_METHODS \ |
747 KEX_ECDH_METHODS \ |
341 KEX_ECDH_METHODS \ |
748 @@ -99,6 +117,7 @@ |
342 @@ -97,10 +106,10 @@ |
749 "ssh-ed25519," \ |
343 |
750 "ssh-rsa," \ |
344 #define KEX_DEFAULT_PK_ALG \ |
751 "ssh-dss" |
345 HOSTKEY_ECDSA_CERT_METHODS \ |
752 +#endif /* WITHOUT_ED25519 */ |
346 - "[email protected]," \ |
|
347 + HOSTKEY_CURVE25519_CERT_METHODS \ |
|
348 "[email protected]," \ |
|
349 HOSTKEY_ECDSA_METHODS \ |
|
350 - "ssh-ed25519," \ |
|
351 + HOSTKEY_CURVE25519_METHODS \ |
|
352 "ssh-rsa" \ |
753 |
353 |
754 /* the actual algorithms */ |
354 /* the actual algorithms */ |
755 |
355 @@ -141,10 +150,10 @@ |
|
356 #else |
|
357 |
|
358 #define KEX_SERVER_KEX \ |
|
359 - "[email protected]" |
|
360 + KEX_CURVE25519_METHODS |
|
361 #define KEX_DEFAULT_PK_ALG \ |
|
362 - "[email protected]," \ |
|
363 - "ssh-ed25519" |
|
364 + HOSTKEY_CURVE25519_CERT_METHODS \ |
|
365 + HOSTKEY_CURVE25519_METHODS |
|
366 #define KEX_SERVER_ENCRYPT \ |
|
367 "[email protected]," \ |
|
368 "aes128-ctr,aes192-ctr,aes256-ctr" |
756 diff -pur old/openbsd-compat/Makefile.in new/openbsd-compat/Makefile.in |
369 diff -pur old/openbsd-compat/Makefile.in new/openbsd-compat/Makefile.in |
757 --- old/openbsd-compat/Makefile.in 2013-12-06 17:37:54.000000000 -0800 |
370 --- old/openbsd-compat/Makefile.in |
758 +++ new/openbsd-compat/Makefile.in 2015-04-10 02:43:51.169041778 -0700 |
371 +++ new/openbsd-compat/Makefile.in |
759 @@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ |
|
760 |
|
761 OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o |
|
762 |
|
763 -COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o |
|
764 +COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o |
|
765 |
|
766 PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o |
|
767 |
|
768 @@ -32,7 +32,7 @@ $(OPENBSD): ../config.h |
372 @@ -32,7 +32,7 @@ $(OPENBSD): ../config.h |
769 $(PORTS): ../config.h |
373 $(PORTS): ../config.h |
770 |
374 |
771 libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS) |
375 libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS) |
772 - $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) |
376 - $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) |
773 + $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) ../hash.o ../blocks.o |
377 + $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) ../hash.o ../blocks.o |
774 $(RANLIB) $@ |
378 $(RANLIB) $@ |
775 |
379 |
776 clean: |
380 clean: |
777 diff -pur old/pathnames.h new/pathnames.h |
381 diff -pur old/pathnames.h new/pathnames.h |
778 --- old/pathnames.h 2013-12-06 16:24:02.000000000 -0800 |
382 --- old/pathnames.h |
779 +++ new/pathnames.h 2015-04-10 02:43:51.169362243 -0700 |
383 +++ new/pathnames.h |
780 @@ -39,7 +39,9 @@ |
384 @@ -39,7 +39,9 @@ |
781 #define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key" |
385 #define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key" |
782 #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" |
386 #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" |
783 #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" |
387 #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" |
784 +#ifndef WITHOUT_ED25519 |
388 +#ifndef WITHOUT_ED25519 |
796 +#endif /* WITHOUT_ED25519 */ |
400 +#endif /* WITHOUT_ED25519 */ |
797 |
401 |
798 /* |
402 /* |
799 * Configuration file in user's home directory. This file need not be |
403 * Configuration file in user's home directory. This file need not be |
800 diff -pur old/readconf.c new/readconf.c |
404 diff -pur old/readconf.c new/readconf.c |
801 --- old/readconf.c 2015-04-10 02:43:51.075573457 -0700 |
405 --- old/readconf.c |
802 +++ new/readconf.c 2015-04-10 02:43:51.170150446 -0700 |
406 +++ new/readconf.c |
803 @@ -1702,8 +1702,10 @@ fill_default_options(Options * options) |
407 @@ -1846,8 +1846,10 @@ fill_default_options(Options * options) |
804 add_identity_file(options, "~/", |
408 add_identity_file(options, "~/", |
805 _PATH_SSH_CLIENT_ID_ECDSA, 0); |
409 _PATH_SSH_CLIENT_ID_ECDSA, 0); |
806 #endif |
410 #endif |
807 +#ifndef WITHOUT_ED25519 |
411 +#ifndef WITHOUT_ED25519 |
808 add_identity_file(options, "~/", |
412 add_identity_file(options, "~/", |
809 _PATH_SSH_CLIENT_ID_ED25519, 0); |
413 _PATH_SSH_CLIENT_ID_ED25519, 0); |
810 +#endif /* WITHOUT_ED25519 */ |
414 +#endif /* WITHOUT_ED25519 */ |
811 } |
415 } |
812 } |
416 } |
813 if (options->escape_char == -1) |
417 if (options->escape_char == -1) |
814 Only in new: readconf.c.orig |
|
815 diff -pur old/sc25519.c new/sc25519.c |
|
816 --- old/sc25519.c 2014-01-16 17:43:44.000000000 -0800 |
|
817 +++ new/sc25519.c 2015-04-10 02:43:51.170631841 -0700 |
|
818 @@ -6,6 +6,8 @@ |
|
819 * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c |
|
820 */ |
|
821 |
|
822 +#ifndef WITHOUT_ED25519 |
|
823 + |
|
824 #include "includes.h" |
|
825 |
|
826 #include "sc25519.h" |
|
827 @@ -306,3 +308,5 @@ void sc25519_2interleave2(unsigned char |
|
828 r[125] = ((s1->v[31] >> 2) & 3) ^ (((s2->v[31] >> 2) & 3) << 2); |
|
829 r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2); |
|
830 } |
|
831 + |
|
832 +#endif /* WITHOUT_ED25519 */ |
|
833 diff -pur old/sc25519.h new/sc25519.h |
|
834 --- old/sc25519.h 2013-12-17 22:48:11.000000000 -0800 |
|
835 +++ new/sc25519.h 2015-04-10 02:43:51.170901036 -0700 |
|
836 @@ -8,6 +8,7 @@ |
|
837 |
|
838 #ifndef SC25519_H |
|
839 #define SC25519_H |
|
840 +#ifndef WITHOUT_ED25519 |
|
841 |
|
842 #include "crypto_api.h" |
|
843 |
|
844 @@ -77,4 +78,5 @@ void sc25519_window5(signed char r[51], |
|
845 |
|
846 void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2); |
|
847 |
|
848 +#endif /* WITHOUT_ED25519 */ |
|
849 #endif |
|
850 diff -pur old/servconf.c new/servconf.c |
418 diff -pur old/servconf.c new/servconf.c |
851 --- old/servconf.c 2015-04-10 02:43:51.086374994 -0700 |
419 --- old/servconf.c |
852 +++ new/servconf.c 2015-04-10 02:43:51.171761969 -0700 |
420 +++ new/servconf.c |
853 @@ -189,8 +189,10 @@ fill_default_server_options(ServerOption |
421 @@ -222,8 +222,10 @@ fill_default_server_options(ServerOption |
854 options->host_key_files[options->num_host_key_files++] = |
422 options->host_key_files[options->num_host_key_files++] = |
855 _PATH_HOST_ECDSA_KEY_FILE; |
423 _PATH_HOST_ECDSA_KEY_FILE; |
856 #endif |
424 #endif |
857 +#ifndef WITHOUT_ED25519 |
425 +#ifndef WITHOUT_ED25519 |
858 options->host_key_files[options->num_host_key_files++] = |
426 options->host_key_files[options->num_host_key_files++] = |
859 _PATH_HOST_ED25519_KEY_FILE; |
427 _PATH_HOST_ED25519_KEY_FILE; |
860 +#endif /* WITHOUT_ED25519 */ |
428 +#endif /* WITHOUT_ED25519 */ |
861 } |
429 } |
862 } |
430 } |
863 /* No certificates by default */ |
431 /* No certificates by default */ |
864 Only in new: servconf.c.orig |
|
865 diff -pur old/smult_curve25519_ref.c new/smult_curve25519_ref.c |
432 diff -pur old/smult_curve25519_ref.c new/smult_curve25519_ref.c |
866 --- old/smult_curve25519_ref.c 2013-11-03 13:26:53.000000000 -0800 |
433 --- old/smult_curve25519_ref.c |
867 +++ new/smult_curve25519_ref.c 2015-04-10 02:43:51.172253244 -0700 |
434 +++ new/smult_curve25519_ref.c |
868 @@ -6,6 +6,8 @@ Public domain. |
435 @@ -6,6 +6,8 @@ Public domain. |
869 Derived from public domain code by D. J. Bernstein. |
436 Derived from public domain code by D. J. Bernstein. |
870 */ |
437 */ |
871 |
438 |
872 +#ifndef WITHOUT_ED25519 |
439 +#ifndef WITHOUT_ED25519 |
873 + |
440 + |
874 int crypto_scalarmult_curve25519(unsigned char *, const unsigned char *, const unsigned char *); |
441 int crypto_scalarmult_curve25519(unsigned char *, const unsigned char *, const unsigned char *); |
875 |
442 |
876 static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) |
443 static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) |
877 @@ -263,3 +265,5 @@ int crypto_scalarmult_curve25519(unsigne |
444 @@ -263,3 +265,4 @@ int crypto_scalarmult_curve25519(unsigne |
878 for (i = 0;i < 32;++i) q[i] = work[64 + i]; |
445 for (i = 0;i < 32;++i) q[i] = work[64 + i]; |
879 return 0; |
446 return 0; |
880 } |
447 } |
881 + |
|
882 +#endif /* WITHOUT_ED25519 */ |
448 +#endif /* WITHOUT_ED25519 */ |
883 diff -pur old/ssh-add.0 new/ssh-add.0 |
449 diff -pur old/ssh-add.0 new/ssh-add.0 |
884 --- old/ssh-add.0 2014-01-29 17:52:47.000000000 -0800 |
450 --- old/ssh-add.0 |
885 +++ new/ssh-add.0 2015-04-10 02:43:51.172577448 -0700 |
451 +++ new/ssh-add.0 |
886 @@ -11,7 +11,7 @@ SYNOPSIS |
452 @@ -11,7 +11,7 @@ SYNOPSIS |
887 DESCRIPTION |
453 DESCRIPTION |
888 ssh-add adds private key identities to the authentication agent, |
454 ssh-add adds private key identities to the authentication agent, |
889 ssh-agent(1). When run without arguments, it adds the files |
455 ssh-agent(1). When run without arguments, it adds the files |
890 - ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and |
456 - ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and |
891 + ~/.ssh/id_rsa, ~/.ssh/id_dsa and |
457 + ~/.ssh/id_rsa, ~/.ssh/id_dsa, and |
892 ~/.ssh/identity. After loading a private key, ssh-add will try to load |
458 ~/.ssh/identity. After loading a private key, ssh-add will try to load |
893 corresponding certificate information from the filename obtained by |
459 corresponding certificate information from the filename obtained by |
894 appending -cert.pub to the name of the private key file. Alternative |
460 appending -cert.pub to the name of the private key file. Alternative |
895 @@ -91,14 +91,6 @@ FILES |
461 @@ -97,14 +97,6 @@ FILES |
896 Contains the protocol version 2 DSA authentication identity of |
462 Contains the protocol version 2 DSA authentication identity of |
897 the user. |
463 the user. |
898 |
464 |
899 - ~/.ssh/id_ecdsa |
465 - ~/.ssh/id_ecdsa |
900 - Contains the protocol version 2 ECDSA authentication identity of |
466 - Contains the protocol version 2 ECDSA authentication identity of |
901 - the user. |
467 - the user. |
902 - |
468 - |
903 - ~/.ssh/id_ed25519 |
469 - ~/.ssh/id_ed25519 |
904 - Contains the protocol version 2 ED25519 authentication identity |
470 - Contains the protocol version 2 Ed25519 authentication identity |
905 - of the user. |
471 - of the user. |
906 - |
472 - |
907 ~/.ssh/id_rsa |
473 ~/.ssh/id_rsa |
908 Contains the protocol version 2 RSA authentication identity of |
474 Contains the protocol version 2 RSA authentication identity of |
909 the user. |
475 the user. |
910 diff -pur old/ssh-add.1 new/ssh-add.1 |
476 diff -pur old/ssh-add.1 new/ssh-add.1 |
911 --- old/ssh-add.1 2013-12-17 22:46:28.000000000 -0800 |
477 --- old/ssh-add.1 |
912 +++ new/ssh-add.1 2015-04-10 02:43:51.172897417 -0700 |
478 +++ new/ssh-add.1 |
913 @@ -57,8 +57,6 @@ adds private key identities to the authe |
479 @@ -58,8 +58,6 @@ adds private key identities to the authe |
914 When run without arguments, it adds the files |
480 When run without arguments, it adds the files |
915 .Pa ~/.ssh/id_rsa , |
481 .Pa ~/.ssh/id_rsa , |
916 .Pa ~/.ssh/id_dsa , |
482 .Pa ~/.ssh/id_dsa , |
917 -.Pa ~/.ssh/id_ecdsa , |
483 -.Pa ~/.ssh/id_ecdsa , |
918 -.Pa ~/.ssh/id_ed25519 |
484 -.Pa ~/.ssh/id_ed25519 |
919 and |
485 and |
920 .Pa ~/.ssh/identity . |
486 .Pa ~/.ssh/identity . |
921 After loading a private key, |
487 After loading a private key, |
922 @@ -168,10 +166,6 @@ socket used to communicate with the agen |
488 @@ -178,10 +176,6 @@ socket used to communicate with the agen |
923 Contains the protocol version 1 RSA authentication identity of the user. |
489 Contains the protocol version 1 RSA authentication identity of the user. |
924 .It Pa ~/.ssh/id_dsa |
490 .It Pa ~/.ssh/id_dsa |
925 Contains the protocol version 2 DSA authentication identity of the user. |
491 Contains the protocol version 2 DSA authentication identity of the user. |
926 -.It Pa ~/.ssh/id_ecdsa |
492 -.It Pa ~/.ssh/id_ecdsa |
927 -Contains the protocol version 2 ECDSA authentication identity of the user. |
493 -Contains the protocol version 2 ECDSA authentication identity of the user. |
928 -.It Pa ~/.ssh/id_ed25519 |
494 -.It Pa ~/.ssh/id_ed25519 |
929 -Contains the protocol version 2 ED25519 authentication identity of the user. |
495 -Contains the protocol version 2 Ed25519 authentication identity of the user. |
930 .It Pa ~/.ssh/id_rsa |
496 .It Pa ~/.ssh/id_rsa |
931 Contains the protocol version 2 RSA authentication identity of the user. |
497 Contains the protocol version 2 RSA authentication identity of the user. |
932 .El |
498 .El |
933 diff -pur old/ssh-add.c new/ssh-add.c |
499 diff -pur old/ssh-add.c new/ssh-add.c |
934 --- old/ssh-add.c 2013-12-28 22:44:07.000000000 -0800 |
500 --- old/ssh-add.c |
935 +++ new/ssh-add.c 2015-04-10 02:43:51.173249822 -0700 |
501 +++ new/ssh-add.c |
936 @@ -73,7 +73,9 @@ static char *default_files[] = { |
502 @@ -78,7 +78,9 @@ static char *default_files[] = { |
937 #ifdef OPENSSL_HAS_ECC |
|
938 _PATH_SSH_CLIENT_ID_ECDSA, |
503 _PATH_SSH_CLIENT_ID_ECDSA, |
939 #endif |
504 #endif |
940 +#ifndef WITHOUT_ED25519 |
505 #endif /* WITH_OPENSSL */ |
941 _PATH_SSH_CLIENT_ID_ED25519, |
506 - _PATH_SSH_CLIENT_ID_ED25519, |
942 +#endif /* WITHOUT_ED25519 */ |
507 +#ifndef WITHOUT_ED25519 |
|
508 + _PATH_SSH_CLIENT_ID_ED25519, |
|
509 +#endif /* WITHOUT_ED25519 */ |
|
510 #ifdef WITH_SSH1 |
943 _PATH_SSH_CLIENT_IDENTITY, |
511 _PATH_SSH_CLIENT_IDENTITY, |
944 NULL |
512 #endif |
945 }; |
|
946 diff -pur old/ssh-agent.0 new/ssh-agent.0 |
513 diff -pur old/ssh-agent.0 new/ssh-agent.0 |
947 --- old/ssh-agent.0 2014-01-29 17:52:47.000000000 -0800 |
514 --- old/ssh-agent.0 |
948 +++ new/ssh-agent.0 2015-04-10 02:43:51.173618938 -0700 |
515 +++ new/ssh-agent.0 |
949 @@ -9,7 +9,7 @@ SYNOPSIS |
516 @@ -10,7 +10,7 @@ SYNOPSIS |
950 |
517 |
951 DESCRIPTION |
518 DESCRIPTION |
952 ssh-agent is a program to hold private keys used for public key |
519 ssh-agent is a program to hold private keys used for public key |
953 - authentication (RSA, DSA, ECDSA, ED25519). The idea is that ssh-agent is |
520 - authentication (RSA, DSA, ECDSA, Ed25519). ssh-agent is usually started |
954 + authentication (RSA, DSA). The idea is that ssh-agent is |
521 + authentication (RSA, DSA). ssh-agent is usually started |
955 started in the beginning of an X-session or a login session, and all |
522 in the beginning of an X-session or a login session, and all other |
956 other windows or programs are started as clients to the ssh-agent |
523 windows or programs are started as clients to the ssh-agent program. |
957 program. Through use of environment variables the agent can be located |
524 Through use of environment variables the agent can be located and |
958 @@ -46,8 +46,8 @@ DESCRIPTION |
|
959 |
|
960 The agent initially does not have any private keys. Keys are added using |
|
961 ssh-add(1). When executed without arguments, ssh-add(1) adds the files |
|
962 - ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and |
|
963 - ~/.ssh/identity. If the identity has a passphrase, ssh-add(1) asks for |
|
964 + ~/.ssh/id_rsa, ~/.ssh/id_dsa ~/.ssh/identity. |
|
965 + If the identity has a passphrase, ssh-add(1) asks for |
|
966 the passphrase on the terminal if it has one or from a small X11 program |
|
967 if running under X11. If neither of these is the case then the |
|
968 authentication will fail. It then sends the identity to the agent. |
|
969 @@ -97,14 +97,6 @@ FILES |
|
970 Contains the protocol version 2 DSA authentication identity of |
|
971 the user. |
|
972 |
|
973 - ~/.ssh/id_ecdsa |
|
974 - Contains the protocol version 2 ECDSA authentication identity of |
|
975 - the user. |
|
976 - |
|
977 - ~/.ssh/id_ed25519 |
|
978 - Contains the protocol version 2 ED25519 authentication identity |
|
979 - of the user. |
|
980 - |
|
981 ~/.ssh/id_rsa |
|
982 Contains the protocol version 2 RSA authentication identity of |
|
983 the user. |
|
984 diff -pur old/ssh-agent.1 new/ssh-agent.1 |
525 diff -pur old/ssh-agent.1 new/ssh-agent.1 |
985 --- old/ssh-agent.1 2013-12-17 22:46:28.000000000 -0800 |
526 --- old/ssh-agent.1 |
986 +++ new/ssh-agent.1 2015-04-10 02:43:51.173976932 -0700 |
527 +++ new/ssh-agent.1 |
987 @@ -53,7 +53,7 @@ |
528 @@ -54,7 +54,7 @@ |
988 .Sh DESCRIPTION |
529 .Sh DESCRIPTION |
989 .Nm |
530 .Nm |
990 is a program to hold private keys used for public key authentication |
531 is a program to hold private keys used for public key authentication |
991 -(RSA, DSA, ECDSA, ED25519). |
532 -(RSA, DSA, ECDSA, Ed25519). |
992 +(RSA, DSA). |
533 +(RSA, DSA). |
993 The idea is that |
|
994 .Nm |
534 .Nm |
995 is started in the beginning of an X-session or a login session, and |
535 is usually started in the beginning of an X-session or a login session, and |
996 @@ -114,9 +114,7 @@ When executed without arguments, |
536 all other windows or programs are started as clients to the ssh-agent |
997 .Xr ssh-add 1 |
|
998 adds the files |
|
999 .Pa ~/.ssh/id_rsa , |
|
1000 -.Pa ~/.ssh/id_dsa , |
|
1001 -.Pa ~/.ssh/id_ecdsa , |
|
1002 -.Pa ~/.ssh/id_ed25519 |
|
1003 +.Pa ~/.ssh/id_dsa |
|
1004 and |
|
1005 .Pa ~/.ssh/identity . |
|
1006 If the identity has a passphrase, |
|
1007 @@ -189,10 +187,6 @@ line terminates. |
|
1008 Contains the protocol version 1 RSA authentication identity of the user. |
|
1009 .It Pa ~/.ssh/id_dsa |
|
1010 Contains the protocol version 2 DSA authentication identity of the user. |
|
1011 -.It Pa ~/.ssh/id_ecdsa |
|
1012 -Contains the protocol version 2 ECDSA authentication identity of the user. |
|
1013 -.It Pa ~/.ssh/id_ed25519 |
|
1014 -Contains the protocol version 2 ED25519 authentication identity of the user. |
|
1015 .It Pa ~/.ssh/id_rsa |
|
1016 Contains the protocol version 2 RSA authentication identity of the user. |
|
1017 .It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt |
|
1018 diff -pur old/ssh-ed25519.c new/ssh-ed25519.c |
537 diff -pur old/ssh-ed25519.c new/ssh-ed25519.c |
1019 --- old/ssh-ed25519.c 2013-12-06 17:37:54.000000000 -0800 |
538 --- old/ssh-ed25519.c |
1020 +++ new/ssh-ed25519.c 2015-04-10 02:43:51.174245635 -0700 |
539 +++ new/ssh-ed25519.c |
1021 @@ -15,6 +15,8 @@ |
540 @@ -17,6 +17,8 @@ |
1022 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
541 |
1023 */ |
542 #include "includes.h" |
1024 |
543 |
1025 +#ifndef WITHOUT_ED25519 |
544 +#ifndef WITHOUT_ED25519 |
1026 + |
545 + |
1027 #include "includes.h" |
|
1028 |
|
1029 #include <sys/types.h> |
546 #include <sys/types.h> |
1030 @@ -141,3 +143,5 @@ ssh_ed25519_verify(const Key *key, const |
547 #include <limits.h> |
1031 /* translate return code carefully */ |
548 |
1032 return (ret == 0) ? 1 : -1; |
549 @@ -164,3 +166,4 @@ ssh_ed25519_verify(const struct sshkey * |
|
550 free(ktype); |
|
551 return r; |
1033 } |
552 } |
1034 + |
|
1035 +#endif /* WITHOUT_ED25519 */ |
553 +#endif /* WITHOUT_ED25519 */ |
1036 diff -pur old/ssh-keygen.0 new/ssh-keygen.0 |
554 diff -pur old/ssh-keygen.0 new/ssh-keygen.0 |
1037 --- old/ssh-keygen.0 2014-01-29 17:52:47.000000000 -0800 |
555 --- old/ssh-keygen.0 |
1038 +++ new/ssh-keygen.0 2015-04-10 02:43:51.175019524 -0700 |
556 +++ new/ssh-keygen.0 |
|
557 @@ -4,7 +4,7 @@ NAME |
|
558 ssh-keygen M-bM-^@M-^S authentication key generation, management and conversion |
|
559 |
|
560 SYNOPSIS |
|
561 - ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] |
|
562 + ssh-keygen [-q] [-b bits] [-t dsa | rsa | rsa1] |
|
563 [-N new_passphrase] [-C comment] [-f output_keyfile] |
|
564 ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] |
|
565 ssh-keygen -i [-m key_format] [-f input_keyfile] |
1039 @@ -32,7 +32,7 @@ SYNOPSIS |
566 @@ -32,7 +32,7 @@ SYNOPSIS |
1040 DESCRIPTION |
567 DESCRIPTION |
1041 ssh-keygen generates, manages and converts authentication keys for |
568 ssh-keygen generates, manages and converts authentication keys for |
1042 ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 |
569 ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 |
1043 - and DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2. |
570 - and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. |
1044 + and DSA or RSA keys for use by SSH protocol version 2. |
571 + and DSA or RSA keys for use by SSH protocol version 2. |
1045 The type of key to be generated is specified with the -t option. If |
572 The type of key to be generated is specified with the -t option. If |
1046 invoked without any arguments, ssh-keygen will generate an RSA key for |
573 invoked without any arguments, ssh-keygen will generate an RSA key for |
1047 use in SSH protocol 2 connections. |
574 use in SSH protocol 2 connections. |
1048 @@ -46,7 +46,7 @@ DESCRIPTION |
575 @@ -46,7 +46,7 @@ DESCRIPTION |
1057 @@ -79,14 +79,14 @@ DESCRIPTION |
584 @@ -79,14 +79,14 @@ DESCRIPTION |
1058 |
585 |
1059 The options are as follows: |
586 The options are as follows: |
1060 |
587 |
1061 - -A For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for |
588 - -A For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for |
1062 + -A For each of the key types (rsa1, rsa, and dsa) for |
589 + -A For each of the key types (rsa1, rsa and dsa) for |
1063 which host keys do not exist, generate the host keys with the |
590 which host keys do not exist, generate the host keys with the |
1064 default key file path, an empty passphrase, default bits for the |
591 default key file path, an empty passphrase, default bits for the |
1065 key type, and default comment. This is used by /etc/rc to |
592 key type, and default comment. This is used by /etc/rc to |
1066 generate new host keys. |
593 generate new host keys. |
1067 |
594 |
1068 -a rounds |
595 -a rounds |
1069 - When saving a new-format private key (i.e. an ed25519 key or any |
596 - When saving a new-format private key (i.e. an ed25519 key or any |
1070 + When saving a new-format private key (i.e. any |
597 + When saving a new-format private key (i.e. |
1071 SSH protocol 2 key when the -o flag is set), this option |
598 SSH protocol 2 key when the -o flag is set), this option |
1072 specifies the number of KDF (key derivation function) rounds |
599 specifies the number of KDF (key derivation function) rounds |
1073 used. Higher numbers result in slower passphrase verification |
600 used. Higher numbers result in slower passphrase verification |
1074 @@ -103,12 +103,7 @@ DESCRIPTION |
601 @@ -103,12 +103,7 @@ DESCRIPTION |
1075 Specifies the number of bits in the key to create. For RSA keys, |
602 Specifies the number of bits in the key to create. For RSA keys, |
1076 the minimum size is 768 bits and the default is 2048 bits. |
603 the minimum size is 1024 bits and the default is 2048 bits. |
1077 Generally, 2048 bits is considered sufficient. DSA keys must be |
604 Generally, 2048 bits is considered sufficient. DSA keys must be |
1078 - exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, |
605 - exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, |
1079 - the -b flag determines the key length by selecting from one of |
606 - the -b flag determines the key length by selecting from one of |
1080 - three elliptic curve sizes: 256, 384 or 521 bits. Attempting to |
607 - three elliptic curve sizes: 256, 384 or 521 bits. Attempting to |
1081 - use bit lengths other than these three values for ECDSA keys will |
608 - use bit lengths other than these three values for ECDSA keys will |
1082 - fail. ED25519 keys have a fixed length and the -b flag will be |
609 - fail. Ed25519 keys have a fixed length and the -b flag will be |
1083 - ignored. |
610 - ignored. |
1084 + exactly 1024 bits as specified by FIPS 186-2. |
611 + exactly 1024 bits as specified by FIPS 186-2. |
1085 |
612 |
1086 -C comment |
613 -C comment |
1087 Provides a new comment. |
614 Provides a new comment. |
1088 @@ -274,7 +269,7 @@ DESCRIPTION |
615 @@ -279,7 +274,7 @@ DESCRIPTION |
1089 new OpenSSH format rather than the more compatible PEM format. |
616 new OpenSSH format rather than the more compatible PEM format. |
1090 The new format has increased resistance to brute-force password |
617 The new format has increased resistance to brute-force password |
1091 cracking but is not supported by versions of OpenSSH prior to |
618 cracking but is not supported by versions of OpenSSH prior to |
1092 - 6.5. Ed25519 keys always use the new private key format. |
619 - 6.5. Ed25519 keys always use the new private key format. |
1093 + 6.5. |
620 + 6.5. |
1094 |
621 |
1095 -P passphrase |
622 -P passphrase |
1096 Provides the (old) passphrase. |
623 Provides the (old) passphrase. |
1097 @@ -315,8 +310,8 @@ DESCRIPTION |
624 @@ -318,9 +313,9 @@ DESCRIPTION |
1098 |
625 Test DH group exchange candidate primes (generated using the -G |
1099 -t type |
626 option) for safety. |
|
627 |
|
628 - -t dsa | ecdsa | ed25519 | rsa | rsa1 |
|
629 + -t dsa | rsa | rsa1 |
1100 Specifies the type of key to create. The possible values are |
630 Specifies the type of key to create. The possible values are |
1101 - ``rsa1'' for protocol version 1 and ``dsa'', ``ecdsa'', |
631 - M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or |
1102 - ``ed25519'', or ``rsa'' for protocol version 2. |
632 + M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], or |
1103 + ``rsa1'' for protocol version 1 and ``dsa'' or ``rsa'' for |
633 M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. |
1104 + protocol version 2. |
|
1105 |
634 |
1106 -u Update a KRL. When specified with -k, keys listed via the |
635 -u Update a KRL. When specified with -k, keys listed via the |
1107 command line are added to the existing KRL rather than a new KRL |
636 @@ -525,10 +520,8 @@ FILES |
1108 @@ -521,10 +516,8 @@ FILES |
|
1109 contents of this file secret. |
637 contents of this file secret. |
1110 |
638 |
1111 ~/.ssh/id_dsa |
639 ~/.ssh/id_dsa |
1112 - ~/.ssh/id_ecdsa |
640 - ~/.ssh/id_ecdsa |
1113 - ~/.ssh/id_ed25519 |
641 - ~/.ssh/id_ed25519 |
1114 ~/.ssh/id_rsa |
642 ~/.ssh/id_rsa |
1115 - Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA |
643 - Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA |
1116 + Contains the protocol version 2 DSA or RSA |
644 + Contains the protocol version 2 DSA or RSA |
1117 authentication identity of the user. This file should not be |
645 authentication identity of the user. This file should not be |
1118 readable by anyone but the user. It is possible to specify a |
646 readable by anyone but the user. It is possible to specify a |
1119 passphrase when generating the key; that passphrase will be used |
647 passphrase when generating the key; that passphrase will be used |
1120 @@ -534,10 +527,8 @@ FILES |
648 @@ -538,10 +531,8 @@ FILES |
1121 read this file when a login attempt is made. |
649 read this file when a login attempt is made. |
1122 |
650 |
1123 ~/.ssh/id_dsa.pub |
651 ~/.ssh/id_dsa.pub |
1124 - ~/.ssh/id_ecdsa.pub |
652 - ~/.ssh/id_ecdsa.pub |
1125 - ~/.ssh/id_ed25519.pub |
653 - ~/.ssh/id_ed25519.pub |
1126 ~/.ssh/id_rsa.pub |
654 ~/.ssh/id_rsa.pub |
1127 - Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA public |
655 - Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA public |
1128 + Contains the protocol version 2 DSA or RSA public |
656 + Contains the protocol version 2 DSA or RSA public |
1129 key for authentication. The contents of this file should be |
657 key for authentication. The contents of this file should be |
1130 added to ~/.ssh/authorized_keys on all machines where the user |
658 added to ~/.ssh/authorized_keys on all machines where the user |
1131 wishes to log in using public key authentication. There is no |
659 wishes to log in using public key authentication. There is no |
1132 diff -pur old/ssh-keygen.1 new/ssh-keygen.1 |
660 diff -pur old/ssh-keygen.1 new/ssh-keygen.1 |
1133 --- old/ssh-keygen.1 2013-12-28 22:47:14.000000000 -0800 |
661 --- old/ssh-keygen.1 |
1134 +++ new/ssh-keygen.1 2015-04-10 02:43:51.175831546 -0700 |
662 +++ new/ssh-keygen.1 |
1135 @@ -140,7 +140,7 @@ generates, manages and converts authenti |
663 @@ -46,7 +46,7 @@ |
|
664 .Nm ssh-keygen |
|
665 .Op Fl q |
|
666 .Op Fl b Ar bits |
|
667 -.Op Fl t Cm dsa | ecdsa | ed25519 | rsa | rsa1 |
|
668 +.Op Fl t Cm dsa | rsa | rsa1 |
|
669 .Op Fl N Ar new_passphrase |
|
670 .Op Fl C Ar comment |
|
671 .Op Fl f Ar output_keyfile |
|
672 @@ -142,7 +142,7 @@ generates, manages and converts authenti |
1136 .Xr ssh 1 . |
673 .Xr ssh 1 . |
1137 .Nm |
674 .Nm |
1138 can create RSA keys for use by SSH protocol version 1 and |
675 can create RSA keys for use by SSH protocol version 1 and |
1139 -DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2. |
676 -DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. |
1140 +DSA or RSA keys for use by SSH protocol version 2. |
677 +DSA or RSA keys for use by SSH protocol version 2. |
1141 The type of key to be generated is specified with the |
678 The type of key to be generated is specified with the |
1142 .Fl t |
679 .Fl t |
1143 option. |
680 option. |
1144 @@ -168,8 +168,6 @@ with public key authentication runs this |
681 @@ -170,8 +170,6 @@ with public key authentication runs this |
1145 key in |
682 key in |
1146 .Pa ~/.ssh/identity , |
683 .Pa ~/.ssh/identity , |
1147 .Pa ~/.ssh/id_dsa , |
684 .Pa ~/.ssh/id_dsa , |
1148 -.Pa ~/.ssh/id_ecdsa , |
685 -.Pa ~/.ssh/id_ecdsa , |
1149 -.Pa ~/.ssh/id_ed25519 |
686 -.Pa ~/.ssh/id_ed25519 |
1150 or |
687 or |
1151 .Pa ~/.ssh/id_rsa . |
688 .Pa ~/.ssh/id_rsa . |
1152 Additionally, the system administrator may use this to generate host keys, |
689 Additionally, the system administrator may use this to generate host keys, |
1153 @@ -217,7 +215,7 @@ should be placed to be activated. |
690 @@ -219,7 +217,7 @@ should be placed to be activated. |
1154 The options are as follows: |
691 The options are as follows: |
1155 .Bl -tag -width Ds |
692 .Bl -tag -width Ds |
1156 .It Fl A |
693 .It Fl A |
1157 -For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) |
694 -For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) |
1158 +For each of the key types (rsa1, rsa, dsa) |
695 +For each of the key types (rsa1, rsa and dsa) |
1159 for which host keys |
696 for which host keys |
1160 do not exist, generate the host keys with the default key file path, |
697 do not exist, generate the host keys with the default key file path, |
1161 an empty passphrase, default bits for the key type, and default comment. |
698 an empty passphrase, default bits for the key type, and default comment. |
1162 @@ -225,8 +223,7 @@ This is used by |
699 @@ -227,7 +225,7 @@ This is used by |
1163 .Pa /etc/rc |
700 .Pa /etc/rc |
1164 to generate new host keys. |
701 to generate new host keys. |
1165 .It Fl a Ar rounds |
702 .It Fl a Ar rounds |
1166 -When saving a new-format private key (i.e. an ed25519 key or any SSH protocol |
703 -When saving a new-format private key (i.e. an ed25519 key or any SSH protocol |
1167 -2 key when the |
704 +When saving a new-format private key (i.e. SSH protocol |
1168 +When saving a new-format private key (i.e. any SSH protocol 2 key when the |
705 2 key when the |
1169 .Fl o |
706 .Fl o |
1170 flag is set), this option specifies the number of KDF (key derivation function) |
707 flag is set), this option specifies the number of KDF (key derivation function) |
1171 rounds used. |
708 @@ -247,15 +245,6 @@ Specifies the number of bits in the key |
1172 @@ -245,15 +242,6 @@ Specifies the number of bits in the key |
709 For RSA keys, the minimum size is 1024 bits and the default is 2048 bits. |
1173 For RSA keys, the minimum size is 768 bits and the default is 2048 bits. |
|
1174 Generally, 2048 bits is considered sufficient. |
710 Generally, 2048 bits is considered sufficient. |
1175 DSA keys must be exactly 1024 bits as specified by FIPS 186-2. |
711 DSA keys must be exactly 1024 bits as specified by FIPS 186-2. |
1176 -For ECDSA keys, the |
712 -For ECDSA keys, the |
1177 -.Fl b |
713 -.Fl b |
1178 -flag determines the key length by selecting from one of three elliptic |
714 -flag determines the key length by selecting from one of three elliptic |
1179 -curve sizes: 256, 384 or 521 bits. |
715 -curve sizes: 256, 384 or 521 bits. |
1180 -Attempting to use bit lengths other than these three values for ECDSA keys |
716 -Attempting to use bit lengths other than these three values for ECDSA keys |
1181 -will fail. |
717 -will fail. |
1182 -ED25519 keys have a fixed length and the |
718 -Ed25519 keys have a fixed length and the |
1183 -.Fl b |
719 -.Fl b |
1184 -flag will be ignored. |
720 -flag will be ignored. |
1185 .It Fl C Ar comment |
721 .It Fl C Ar comment |
1186 Provides a new comment. |
722 Provides a new comment. |
1187 .It Fl c |
723 .It Fl c |
1188 @@ -468,7 +456,6 @@ to save SSH protocol 2 private keys usin |
724 @@ -478,7 +467,6 @@ to save SSH protocol 2 private keys usin |
1189 the more compatible PEM format. |
725 the more compatible PEM format. |
1190 The new format has increased resistance to brute-force password cracking |
726 The new format has increased resistance to brute-force password cracking |
1191 but is not supported by versions of OpenSSH prior to 6.5. |
727 but is not supported by versions of OpenSSH prior to 6.5. |
1192 -Ed25519 keys always use the new private key format. |
728 -Ed25519 keys always use the new private key format. |
1193 .It Fl P Ar passphrase |
729 .It Fl P Ar passphrase |
1194 Provides the (old) passphrase. |
730 Provides the (old) passphrase. |
1195 .It Fl p |
731 .It Fl p |
1196 @@ -520,8 +507,6 @@ The possible values are |
732 @@ -524,14 +512,12 @@ section for details. |
|
733 Test DH group exchange candidate primes (generated using the |
|
734 .Fl G |
|
735 option) for safety. |
|
736 -.It Fl t Cm dsa | ecdsa | ed25519 | rsa | rsa1 |
|
737 +.It Fl t Cm dsa | rsa | rsa1 |
|
738 Specifies the type of key to create. |
|
739 The possible values are |
1197 .Dq rsa1 |
740 .Dq rsa1 |
1198 for protocol version 1 and |
741 for protocol version 1 and |
1199 .Dq dsa , |
742 .Dq dsa , |
1200 -.Dq ecdsa , |
743 -.Dq ecdsa , |
1201 -.Dq ed25519 , |
744 -.Dq ed25519 , |
1202 or |
745 or |
1203 .Dq rsa |
746 .Dq rsa |
1204 for protocol version 2. |
747 for protocol version 2. |
1205 @@ -800,10 +785,8 @@ where the user wishes to log in using RS |
748 @@ -810,10 +796,8 @@ where the user wishes to log in using RS |
1206 There is no need to keep the contents of this file secret. |
749 There is no need to keep the contents of this file secret. |
1207 .Pp |
750 .Pp |
1208 .It Pa ~/.ssh/id_dsa |
751 .It Pa ~/.ssh/id_dsa |
1209 -.It Pa ~/.ssh/id_ecdsa |
752 -.It Pa ~/.ssh/id_ecdsa |
1210 -.It Pa ~/.ssh/id_ed25519 |
753 -.It Pa ~/.ssh/id_ed25519 |
1211 .It Pa ~/.ssh/id_rsa |
754 .It Pa ~/.ssh/id_rsa |
1212 -Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA |
755 -Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA |
1213 +Contains the protocol version 2 DSA or RSA |
756 +Contains the protocol version 2 DSA or RSA |
1214 authentication identity of the user. |
757 authentication identity of the user. |
1215 This file should not be readable by anyone but the user. |
758 This file should not be readable by anyone but the user. |
1216 It is possible to |
759 It is possible to |
1217 @@ -816,10 +799,8 @@ but it is offered as the default file fo |
760 @@ -826,10 +810,8 @@ but it is offered as the default file fo |
1218 will read this file when a login attempt is made. |
761 will read this file when a login attempt is made. |
1219 .Pp |
762 .Pp |
1220 .It Pa ~/.ssh/id_dsa.pub |
763 .It Pa ~/.ssh/id_dsa.pub |
1221 -.It Pa ~/.ssh/id_ecdsa.pub |
764 -.It Pa ~/.ssh/id_ecdsa.pub |
1222 -.It Pa ~/.ssh/id_ed25519.pub |
765 -.It Pa ~/.ssh/id_ed25519.pub |
1223 .It Pa ~/.ssh/id_rsa.pub |
766 .It Pa ~/.ssh/id_rsa.pub |
1224 -Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA |
767 -Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA |
1225 +Contains the protocol version 2 DSA or RSA |
768 +Contains the protocol version 2 DSA or RSA |
1226 public key for authentication. |
769 public key for authentication. |
1227 The contents of this file should be added to |
770 The contents of this file should be added to |
1228 .Pa ~/.ssh/authorized_keys |
771 .Pa ~/.ssh/authorized_keys |
1229 diff -pur old/ssh-keygen.c new/ssh-keygen.c |
772 diff -pur old/ssh-keygen.c new/ssh-keygen.c |
1230 --- old/ssh-keygen.c 2013-12-06 16:24:02.000000000 -0800 |
773 --- old/ssh-keygen.c |
1231 +++ new/ssh-keygen.c 2015-04-10 02:43:51.176894394 -0700 |
774 +++ new/ssh-keygen.c |
1232 @@ -197,7 +197,11 @@ type_bits_valid(int type, u_int32_t *bit |
775 @@ -217,7 +217,11 @@ type_bits_valid(int type, const char *na |
1233 } |
776 fatal("key bits exceeds maximum %d", maxbits); |
1234 if (type == KEY_DSA && *bitsp != 1024) |
777 if (type == KEY_DSA && *bitsp != 1024) |
1235 fatal("DSA keys must be 1024 bits"); |
778 fatal("DSA keys must be 1024 bits"); |
1236 +#ifdef WITHOUT_ED25519 |
779 - else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 1024) |
1237 + else if (type != KEY_ECDSA && *bitsp < 768) |
780 + else if (type != KEY_ECDSA && |
1238 +#else /* WITHOUT_ED25519 */ |
781 +#ifndef WITHOUT_ED25519 |
1239 else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) |
782 + type != KEY_ED25519 && |
1240 +#endif /* WITHOUT_ED25519 */ |
783 +#endif /* WITHOUT_ED25519 */ |
1241 fatal("Key must at least be 768 bits"); |
784 + *bitsp < 1024) |
1242 else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1) |
785 fatal("Key must at least be 1024 bits"); |
|
786 else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1) |
1243 fatal("Invalid ECDSA key length - valid lengths are " |
787 fatal("Invalid ECDSA key length - valid lengths are " |
1244 @@ -233,10 +237,12 @@ ask_filename(struct passwd *pw, const ch |
788 @@ -252,10 +256,12 @@ ask_filename(struct passwd *pw, const ch |
1245 case KEY_RSA: |
789 case KEY_RSA: |
1246 name = _PATH_SSH_CLIENT_ID_RSA; |
790 name = _PATH_SSH_CLIENT_ID_RSA; |
1247 break; |
791 break; |
1248 +#ifndef WITHOUT_ED25519 |
792 +#ifndef WITHOUT_ED25519 |
1249 case KEY_ED25519: |
793 case KEY_ED25519: |
1250 case KEY_ED25519_CERT: |
794 case KEY_ED25519_CERT: |
1251 name = _PATH_SSH_CLIENT_ID_ED25519; |
795 name = _PATH_SSH_CLIENT_ID_ED25519; |
1252 break; |
796 break; |
1253 +#endif /* WITHOUT_ED25519 */ |
797 +#endif /* WITHOUT_ED25519 */ |
1254 default: |
798 default: |
1255 fprintf(stderr, "bad key type\n"); |
799 fatal("bad key type"); |
1256 exit(1); |
800 } |
1257 @@ -900,7 +906,9 @@ do_gen_all_hostkeys(struct passwd *pw) |
801 @@ -939,7 +945,9 @@ do_gen_all_hostkeys(struct passwd *pw) |
1258 #ifdef OPENSSL_HAS_ECC |
|
1259 { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE }, |
802 { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE }, |
1260 #endif |
803 #endif /* OPENSSL_HAS_ECC */ |
1261 +#ifndef WITHOUT_ED25519 |
804 #endif /* WITH_OPENSSL */ |
1262 { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE }, |
805 - { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE }, |
|
806 +#ifndef WITHOUT_ED25519 |
|
807 + { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE }, |
1263 +#endif /* WITHOUT_ED25519 */ |
808 +#endif /* WITHOUT_ED25519 */ |
1264 { NULL, NULL, NULL } |
809 { NULL, NULL, NULL } |
1265 }; |
810 }; |
1266 |
811 |
1267 @@ -1616,7 +1624,10 @@ do_ca_sign(struct passwd *pw, int argc, |
812 @@ -1605,7 +1613,10 @@ do_ca_sign(struct passwd *pw, int argc, |
1268 if ((public = key_load_public(tmp, &comment)) == NULL) |
813 fatal("%s: unable to open \"%s\": %s", |
1269 fatal("%s: unable to open \"%s\"", __func__, tmp); |
814 __func__, tmp, ssh_err(r)); |
1270 if (public->type != KEY_RSA && public->type != KEY_DSA && |
815 if (public->type != KEY_RSA && public->type != KEY_DSA && |
1271 - public->type != KEY_ECDSA && public->type != KEY_ED25519) |
816 - public->type != KEY_ECDSA && public->type != KEY_ED25519) |
1272 +#ifndef WITHOUT_ED25519 |
817 +#ifndef WITHOUT_ED25519 |
1273 + public->type != KEY_ED25519 && |
818 + public->type != KEY_ED25519 && |
1274 +#endif /* WITHOUT_ED25519 */ |
819 +#endif /* WITHOUT_ED25519 */ |
1275 + public->type != KEY_ECDSA) |
820 + public->type != KEY_ECDSA) |
1276 fatal("%s: key \"%s\" type %s cannot be certified", |
821 fatal("%s: key \"%s\" type %s cannot be certified", |
1277 __func__, tmp, key_type(public)); |
822 __func__, tmp, sshkey_type(public)); |
1278 |
823 |
|
824 @@ -2502,8 +2513,10 @@ main(int argc, char **argv) |
|
825 _PATH_HOST_DSA_KEY_FILE, rr_hostname); |
|
826 n += do_print_resource_record(pw, |
|
827 _PATH_HOST_ECDSA_KEY_FILE, rr_hostname); |
|
828 +#ifndef WITHOUT_ED25519 |
|
829 n += do_print_resource_record(pw, |
|
830 _PATH_HOST_ED25519_KEY_FILE, rr_hostname); |
|
831 +#endif /* WITHOUT_ED25519 */ |
|
832 if (n == 0) |
|
833 fatal("no keys found."); |
|
834 exit(0); |
1279 diff -pur old/ssh-keyscan.0 new/ssh-keyscan.0 |
835 diff -pur old/ssh-keyscan.0 new/ssh-keyscan.0 |
1280 --- old/ssh-keyscan.0 2014-01-29 17:52:47.000000000 -0800 |
836 --- old/ssh-keyscan.0 |
1281 +++ new/ssh-keyscan.0 2015-04-10 02:43:51.177179968 -0700 |
837 +++ new/ssh-keyscan.0 |
1282 @@ -48,9 +48,9 @@ DESCRIPTION |
838 @@ -48,9 +48,9 @@ DESCRIPTION |
1283 -t type |
839 -t type |
1284 Specifies the type of the key to fetch from the scanned hosts. |
840 Specifies the type of the key to fetch from the scanned hosts. |
1285 The possible values are ``rsa1'' for protocol version 1 and |
841 The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], |
1286 - ``dsa'', ``ecdsa'', ``ed25519'', or ``rsa'' for protocol version |
842 - M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. Multiple |
1287 + ``dsa'' or ``rsa'' for protocol version |
843 + or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. Multiple |
1288 2. Multiple values may be specified by separating them with |
844 values may be specified by separating them with commas. The |
1289 - commas. The default is to fetch ``rsa'' and ``ecdsa'' keys. |
845 - default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], and M-bM-^@M-^\ed25519M-bM-^@M-^] keys. |
1290 + commas. The default is to fetch ``rsa'' keys. |
846 + default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^] keys. |
1291 |
847 |
1292 -v Verbose mode. Causes ssh-keyscan to print debugging messages |
848 -v Verbose mode. Causes ssh-keyscan to print debugging messages |
1293 about its progress. |
849 about its progress. |
1294 @@ -72,12 +72,11 @@ FILES |
850 @@ -72,12 +72,11 @@ FILES |
1295 |
851 |
1296 host-or-namelist bits exponent modulus |
852 host-or-namelist bits exponent modulus |
1297 |
853 |
1298 - Output format for rsa, dsa and ecdsa keys: |
854 - Output format for RSA, DSA, ECDSA, and Ed25519 keys: |
1299 + Output format for rsa and dsa keys: |
855 + Output format for RSA, and DSA keys: |
1300 |
856 |
1301 host-or-namelist keytype base64-encoded-key |
857 host-or-namelist keytype base64-encoded-key |
1302 |
858 |
1303 - Where keytype is either ``ecdsa-sha2-nistp256'', ``ecdsa-sha2-nistp384'', |
859 - Where keytype is either M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], |
1304 - ``ecdsa-sha2-nistp521'', ``ssh-ed25519'', ``ssh-dss'' or ``ssh-rsa''. |
860 - M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. |
1305 + Where keytype is either ``ssh-dss'' or ``ssh-rsa''. |
861 + Where keytype is either M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. |
1306 |
862 |
1307 /etc/ssh/ssh_known_hosts |
863 /etc/ssh/ssh_known_hosts |
1308 |
864 |
1309 @@ -89,7 +88,7 @@ EXAMPLES |
865 @@ -89,7 +88,7 @@ EXAMPLES |
1310 Find all hosts from the file ssh_hosts which have new or different keys |
866 Find all hosts from the file ssh_hosts which have new or different keys |
1311 from those in the sorted file ssh_known_hosts: |
867 from those in the sorted file ssh_known_hosts: |
1312 |
868 |
1313 - $ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \ |
869 - $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \ |
1314 + $ ssh-keyscan -t rsa,dsa -f ssh_hosts | \ |
870 + $ ssh-keyscan -t rsa,dsa -f ssh_hosts | \ |
1315 sort -u - ssh_known_hosts | diff ssh_known_hosts - |
871 sort -u - ssh_known_hosts | diff ssh_known_hosts - |
1316 |
872 |
1317 SEE ALSO |
873 SEE ALSO |
1318 diff -pur old/ssh-keyscan.1 new/ssh-keyscan.1 |
874 diff -pur old/ssh-keyscan.1 new/ssh-keyscan.1 |
1319 --- old/ssh-keyscan.1 2013-12-17 22:46:28.000000000 -0800 |
875 --- old/ssh-keyscan.1 |
1320 +++ new/ssh-keyscan.1 2015-04-10 02:43:51.177539875 -0700 |
876 +++ new/ssh-keyscan.1 |
1321 @@ -89,16 +89,12 @@ The possible values are |
877 @@ -90,18 +90,13 @@ Specifies the type of the key to fetch f |
|
878 The possible values are |
1322 .Dq rsa1 |
879 .Dq rsa1 |
1323 for protocol version 1 and |
880 for protocol version 1 and |
1324 .Dq dsa , |
881 -.Dq dsa , |
1325 -.Dq ecdsa , |
882 -.Dq ecdsa , |
1326 -.Dq ed25519 , |
883 -.Dq ed25519 , |
|
884 +.Dq dsa |
1327 or |
885 or |
1328 .Dq rsa |
886 .Dq rsa |
1329 for protocol version 2. |
887 for protocol version 2. |
1330 Multiple values may be specified by separating them with commas. |
888 Multiple values may be specified by separating them with commas. |
1331 The default is to fetch |
889 The default is to fetch |
1332 .Dq rsa |
890 -.Dq rsa , |
|
891 -.Dq ecdsa , |
1333 -and |
892 -and |
1334 -.Dq ecdsa |
893 -.Dq ed25519 |
|
894 +.Dq rsa |
1335 keys. |
895 keys. |
1336 .It Fl v |
896 .It Fl v |
1337 Verbose mode. |
897 Verbose mode. |
1338 @@ -127,7 +123,7 @@ attacks which have begun after the ssh_k |
898 @@ -130,7 +125,7 @@ Output format for RSA1 keys: |
1339 host-or-namelist bits exponent modulus |
899 host-or-namelist bits exponent modulus |
1340 .Ed |
900 .Ed |
1341 .Pp |
901 .Pp |
1342 -.Pa Output format for rsa, dsa and ecdsa keys: |
902 -Output format for RSA, DSA, ECDSA, and Ed25519 keys: |
1343 +.Pa Output format for rsa and dsa keys: |
903 +Output format for RSA and DSA keys: |
1344 .Bd -literal |
904 .Bd -literal |
1345 host-or-namelist keytype base64-encoded-key |
905 host-or-namelist keytype base64-encoded-key |
1346 .Ed |
906 .Ed |
1347 @@ -135,10 +131,6 @@ host-or-namelist keytype base64-encoded- |
907 @@ -138,10 +133,6 @@ host-or-namelist keytype base64-encoded- |
1348 Where |
908 Where |
1349 .Pa keytype |
909 .Ar keytype |
1350 is either |
910 is either |
1351 -.Dq ecdsa-sha2-nistp256 , |
911 -.Dq ecdsa-sha2-nistp256 , |
1352 -.Dq ecdsa-sha2-nistp384 , |
912 -.Dq ecdsa-sha2-nistp384 , |
1353 -.Dq ecdsa-sha2-nistp521 , |
913 -.Dq ecdsa-sha2-nistp521 , |
1354 -.Dq ssh-ed25519 , |
914 -.Dq ssh-ed25519 , |
1355 .Dq ssh-dss |
915 .Dq ssh-dss |
1356 or |
916 or |
1357 .Dq ssh-rsa . |
917 .Dq ssh-rsa . |
1358 @@ -158,7 +150,7 @@ Find all hosts from the file |
918 @@ -159,7 +150,7 @@ Find all hosts from the file |
1359 which have new or different keys from those in the sorted file |
919 which have new or different keys from those in the sorted file |
1360 .Pa ssh_known_hosts : |
920 .Pa ssh_known_hosts : |
1361 .Bd -literal |
921 .Bd -literal |
1362 -$ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \e |
922 -$ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \e |
1363 +$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e |
923 +$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e |
1364 sort -u - ssh_known_hosts | diff ssh_known_hosts - |
924 sort -u - ssh_known_hosts | diff ssh_known_hosts - |
1365 .Ed |
925 .Ed |
1366 .Sh SEE ALSO |
926 .Sh SEE ALSO |
1367 diff -pur old/ssh-keyscan.c new/ssh-keyscan.c |
927 diff -pur old/ssh-keyscan.c new/ssh-keyscan.c |
1368 --- old/ssh-keyscan.c 2013-12-06 16:24:02.000000000 -0800 |
928 --- old/ssh-keyscan.c |
1369 +++ new/ssh-keyscan.c 2015-04-10 02:43:51.178102053 -0700 |
929 +++ new/ssh-keyscan.c |
1370 @@ -56,7 +56,9 @@ int ssh_port = SSH_DEFAULT_PORT; |
930 @@ -286,7 +286,9 @@ keygrab_ssh2(con *c) |
1371 #define KT_DSA 2 |
931 c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
1372 #define KT_RSA 4 |
932 # endif |
1373 #define KT_ECDSA 8 |
933 #endif |
1374 +#ifndef WITHOUT_ED25519 |
934 +#ifndef WITHOUT_ED25519 |
1375 #define KT_ED25519 16 |
935 c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
1376 +#endif /* WITHOUT_ED25519 */ |
936 +#endif /* WITHOUT_ED25519 */ |
1377 |
937 ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); |
1378 int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */ |
938 /* |
1379 |
939 * do the key-exchange until an error occurs or until |
1380 @@ -247,9 +249,11 @@ keygrab_ssh2(con *c) |
940 @@ -612,10 +614,15 @@ do_host(char *host) |
1381 packet_set_connection(c->c_fd, c->c_fd); |
|
1382 enable_compat20(); |
|
1383 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
|
1384 - c->c_keytype == KT_DSA ? "ssh-dss" : |
|
1385 +#ifndef WITHOUT_ED25519 |
|
1386 + c->c_keytype == KT_ED25519 ? "ssh-ed25519" : |
|
1387 +#endif /* WITHOUT_ED25519 */ |
|
1388 (c->c_keytype == KT_RSA ? "ssh-rsa" : |
|
1389 - (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : |
|
1390 + (c->c_keytype == KT_DSA ? "ssh-dss" : |
|
1391 "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); |
|
1392 c->c_kex = kex_setup(myproposal); |
|
1393 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
|
1394 @@ -257,7 +261,9 @@ keygrab_ssh2(con *c) |
|
1395 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
|
1396 c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
|
1397 c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
|
1398 +#ifndef WITHOUT_ED25519 |
|
1399 c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
|
1400 +#endif /* WITHOUT_ED25519 */ |
|
1401 c->c_kex->verify_host_key = hostjump; |
|
1402 |
|
1403 if (!(j = setjmp(kexjmp))) { |
|
1404 @@ -575,10 +581,15 @@ do_host(char *host) |
|
1405 { |
941 { |
1406 char *name = strnnsep(&host, " \t\n"); |
942 char *name = strnnsep(&host, " \t\n"); |
1407 int j; |
943 int j; |
1408 +#ifdef WITHOUT_ED25519 |
944 +#ifndef WITHOUT_ED25519 |
|
945 + int max_kt = KT_ED25519; |
|
946 +#else |
1409 + int max_kt = KT_ECDSA; |
947 + int max_kt = KT_ECDSA; |
1410 +#else |
948 +#endif /* WITHOUT_ED25519 */ |
1411 + int max_kt = KT_ED25519; |
|
1412 +#endif |
|
1413 |
949 |
1414 if (name == NULL) |
950 if (name == NULL) |
1415 return; |
951 return; |
1416 - for (j = KT_RSA1; j <= KT_ED25519; j *= 2) { |
952 - for (j = KT_RSA1; j <= KT_ED25519; j *= 2) { |
1417 + for (j = KT_RSA1; j <= max_kt; j *= 2) { |
953 + for (j = KT_RSA1; j <= max_kt; j *= 2) { |
1418 if (get_keytypes & j) { |
954 if (get_keytypes & j) { |
1419 while (ncon >= MAXCON) |
955 while (ncon >= MAXCON) |
1420 conloop(); |
956 conloop(); |
1421 @@ -685,9 +696,11 @@ main(int argc, char **argv) |
957 @@ -719,9 +726,11 @@ main(int argc, char **argv) |
1422 case KEY_RSA: |
958 case KEY_RSA: |
1423 get_keytypes |= KT_RSA; |
959 get_keytypes |= KT_RSA; |
1424 break; |
960 break; |
1425 +#ifndef WITHOUT_ED25519 |
961 +#ifndef WITHOUT_ED25519 |
1426 case KEY_ED25519: |
962 case KEY_ED25519: |
1471 -.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub |
1007 -.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub |
1472 .It Pa /etc/ssh/ssh_host_rsa_key-cert.pub |
1008 .It Pa /etc/ssh/ssh_host_rsa_key-cert.pub |
1473 If these files exist they are assumed to contain public certificate |
1009 If these files exist they are assumed to contain public certificate |
1474 information corresponding with the private keys above. |
1010 information corresponding with the private keys above. |
1475 diff -pur old/ssh-keysign.c new/ssh-keysign.c |
1011 diff -pur old/ssh-keysign.c new/ssh-keysign.c |
1476 --- old/ssh-keysign.c 2013-12-06 16:24:02.000000000 -0800 |
1012 --- old/ssh-keysign.c |
1477 +++ new/ssh-keysign.c 2015-04-10 02:43:51.178924008 -0700 |
1013 +++ new/ssh-keysign.c |
1478 @@ -150,7 +150,11 @@ main(int argc, char **argv) |
1014 @@ -168,7 +168,7 @@ main(int argc, char **argv) |
1479 { |
1015 { |
1480 Buffer b; |
1016 struct sshbuf *b; |
1481 Options options; |
1017 Options options; |
1482 +#ifdef WITHOUT_ED25519 |
1018 -#define NUM_KEYTYPES 4 |
1483 +#define NUM_KEYTYPES 3 |
1019 +#define NUM_KEYTYPES 3 |
1484 +#else |
1020 struct sshkey *keys[NUM_KEYTYPES], *key = NULL; |
1485 #define NUM_KEYTYPES 4 |
|
1486 +#endif |
|
1487 Key *keys[NUM_KEYTYPES], *key = NULL; |
|
1488 struct passwd *pw; |
1021 struct passwd *pw; |
1489 int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; |
1022 int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; |
1490 @@ -169,7 +173,9 @@ main(int argc, char **argv) |
1023 @@ -190,7 +190,9 @@ main(int argc, char **argv) |
1491 i = 0; |
1024 /* XXX This really needs to read sshd_config for the paths */ |
1492 key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); |
1025 key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); |
1493 key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); |
1026 key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); |
1494 +#ifndef WITHOUT_ED25519 |
1027 +#ifndef WITHOUT_ED25519 |
1495 key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); |
1028 key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); |
1496 +#endif /* WITHOUT_ED25519 */ |
1029 +#endif /* WITHOUT_ED25519 */ |
1497 key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); |
1030 key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); |
1498 |
1031 |
1499 original_real_uid = getuid(); /* XXX readconf.c needs this */ |
1032 original_real_uid = getuid(); /* XXX readconf.c needs this */ |
1500 diff -pur old/ssh.0 new/ssh.0 |
1033 diff -pur old/ssh.0 new/ssh.0 |
1501 --- old/ssh.0 2014-01-29 17:52:47.000000000 -0800 |
1034 --- old/ssh.0 |
1502 +++ new/ssh.0 2015-04-10 02:43:51.179753862 -0700 |
1035 +++ new/ssh.0 |
1503 @@ -142,8 +142,8 @@ DESCRIPTION |
1036 @@ -140,8 +140,8 @@ DESCRIPTION |
1504 -i identity_file |
1037 -i identity_file |
1505 Selects a file from which the identity (private key) for public |
1038 Selects a file from which the identity (private key) for public |
1506 key authentication is read. The default is ~/.ssh/identity for |
1039 key authentication is read. The default is ~/.ssh/identity for |
1507 - protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, |
1040 - protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, |
1508 - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. |
1041 - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. |
1509 + protocol version 1, and ~/.ssh/id_dsa, and ~/.ssh/id_rsa for |
1042 + protocol version 1, and ~/.ssh/id_dsa |
1510 + protocol version 2. |
1043 + and ~/.ssh/id_rsa for protocol version 2. |
1511 Identity files may also be specified on a per-host basis in the |
1044 Identity files may also be specified on a per-host basis in the |
1512 configuration file. It is possible to have multiple -i options |
1045 configuration file. It is possible to have multiple -i options |
1513 (and multiple identities specified in configuration files). ssh |
1046 (and multiple identities specified in configuration files). ssh |
1514 @@ -446,7 +446,7 @@ AUTHENTICATION |
1047 @@ -463,7 +463,7 @@ AUTHENTICATION |
1515 creates a public/private key pair for authentication purposes. The |
1048 creates a public/private key pair for authentication purposes. The |
1516 server knows the public key, and only the user knows the private key. |
1049 server knows the public key, and only the user knows the private key. |
1517 ssh implements public key authentication protocol automatically, using |
1050 ssh implements public key authentication protocol automatically, using |
1518 - one of the DSA, ECDSA, ED25519 or RSA algorithms. Protocol 1 is |
1051 - one of the DSA, ECDSA, Ed25519 or RSA algorithms. Protocol 1 is |
1519 + one of the DSA or RSA algorithms. Protocol 1 is |
1052 + one of the DSA or RSA algorithms. Protocol 1 is |
1520 restricted to using only RSA keys, but protocol 2 may use any. The |
1053 restricted to using only RSA keys, but protocol 2 may use any. The |
1521 HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA |
1054 HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA |
1522 algorithms. |
1055 algorithms. |
1523 @@ -459,11 +459,9 @@ AUTHENTICATION |
1056 @@ -476,11 +476,9 @@ AUTHENTICATION |
1524 |
1057 |
1525 The user creates his/her key pair by running ssh-keygen(1). This stores |
1058 The user creates his/her key pair by running ssh-keygen(1). This stores |
1526 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol |
1059 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol |
1527 - 2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2 |
1060 - 2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2 |
1528 - ED25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in |
1061 - Ed25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in |
1529 - ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), |
1062 - ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), |
1530 - ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2 |
1063 - ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2 |
1531 - ED25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home |
1064 - Ed25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home |
1532 + 2 DSA) or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in |
1065 + 2 DSA) or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in |
1533 + ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA) |
1066 + ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA) |
1534 + or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home |
1067 + or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home |
1535 directory. The user should then copy the public key to |
1068 directory. The user should then copy the public key to |
1536 ~/.ssh/authorized_keys in his/her home directory on the remote machine. |
1069 ~/.ssh/authorized_keys in his/her home directory on the remote machine. |
1537 The authorized_keys file corresponds to the conventional ~/.rhosts file, |
1070 The authorized_keys file corresponds to the conventional ~/.rhosts file, |
1538 @@ -799,7 +797,7 @@ FILES |
1071 @@ -825,7 +823,7 @@ FILES |
1539 for the user, and not accessible by others. |
1072 for the user, and not accessible by others. |
1540 |
1073 |
1541 ~/.ssh/authorized_keys |
1074 ~/.ssh/authorized_keys |
1542 - Lists the public keys (DSA, ECDSA, ED25519, RSA) that can be used |
1075 - Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used |
1543 + Lists the public keys (DSA, RSA) that can be used |
1076 + Lists the public keys (DSA, RSA) that can be used |
1544 for logging in as this user. The format of this file is |
1077 for logging in as this user. The format of this file is |
1545 described in the sshd(8) manual page. This file is not highly |
1078 described in the sshd(8) manual page. This file is not highly |
1546 sensitive, but the recommended permissions are read/write for the |
1079 sensitive, but the recommended permissions are read/write for the |
1547 @@ -817,8 +815,6 @@ FILES |
1080 @@ -843,8 +841,6 @@ FILES |
1548 |
1081 |
1549 ~/.ssh/identity |
1082 ~/.ssh/identity |
1550 ~/.ssh/id_dsa |
1083 ~/.ssh/id_dsa |
1551 - ~/.ssh/id_ecdsa |
1084 - ~/.ssh/id_ecdsa |
1552 - ~/.ssh/id_ed25519 |
1085 - ~/.ssh/id_ed25519 |
1553 ~/.ssh/id_rsa |
1086 ~/.ssh/id_rsa |
1554 Contains the private key for authentication. These files contain |
1087 Contains the private key for authentication. These files contain |
1555 sensitive data and should be readable by the user but not |
1088 sensitive data and should be readable by the user but not |
1556 @@ -830,8 +826,6 @@ FILES |
1089 @@ -856,8 +852,6 @@ FILES |
1557 |
1090 |
1558 ~/.ssh/identity.pub |
1091 ~/.ssh/identity.pub |
1559 ~/.ssh/id_dsa.pub |
1092 ~/.ssh/id_dsa.pub |
1560 - ~/.ssh/id_ecdsa.pub |
1093 - ~/.ssh/id_ecdsa.pub |
1561 - ~/.ssh/id_ed25519.pub |
1094 - ~/.ssh/id_ed25519.pub |
1562 ~/.ssh/id_rsa.pub |
1095 ~/.ssh/id_rsa.pub |
1563 Contains the public key for authentication. These files are not |
1096 Contains the public key for authentication. These files are not |
1564 sensitive and can (but need not) be readable by anyone. |
1097 sensitive and can (but need not) be readable by anyone. |
1565 @@ -862,8 +856,6 @@ FILES |
1098 @@ -888,8 +882,6 @@ FILES |
1566 |
1099 |
1567 /etc/ssh/ssh_host_key |
1100 /etc/ssh/ssh_host_key |
1568 /etc/ssh/ssh_host_dsa_key |
1101 /etc/ssh/ssh_host_dsa_key |
1569 - /etc/ssh/ssh_host_ecdsa_key |
1102 - /etc/ssh/ssh_host_ecdsa_key |
1570 - /etc/ssh/ssh_host_ed25519_key |
1103 - /etc/ssh/ssh_host_ed25519_key |
1571 /etc/ssh/ssh_host_rsa_key |
1104 /etc/ssh/ssh_host_rsa_key |
1572 These files contain the private parts of the host keys and are |
1105 These files contain the private parts of the host keys and are |
1573 used for host-based authentication. If protocol version 1 is |
1106 used for host-based authentication. If protocol version 1 is |
1574 diff -pur old/ssh.1 new/ssh.1 |
1107 diff -pur old/ssh.1 new/ssh.1 |
1575 --- old/ssh.1 2013-12-17 22:46:28.000000000 -0800 |
1108 --- old/ssh.1 |
1576 +++ new/ssh.1 2015-04-10 02:43:51.180632097 -0700 |
1109 +++ new/ssh.1 |
1577 @@ -279,8 +279,6 @@ The default is |
1110 @@ -292,9 +292,7 @@ public key authentication is read. |
|
1111 The default is |
1578 .Pa ~/.ssh/identity |
1112 .Pa ~/.ssh/identity |
1579 for protocol version 1, and |
1113 for protocol version 1, and |
1580 .Pa ~/.ssh/id_dsa , |
1114 -.Pa ~/.ssh/id_dsa , |
1581 -.Pa ~/.ssh/id_ecdsa , |
1115 -.Pa ~/.ssh/id_ecdsa , |
1582 -.Pa ~/.ssh/id_ed25519 |
1116 -.Pa ~/.ssh/id_ed25519 |
|
1117 +.Pa ~/.ssh/id_dsa |
1583 and |
1118 and |
1584 .Pa ~/.ssh/id_rsa |
1119 .Pa ~/.ssh/id_rsa |
1585 for protocol version 2. |
1120 for protocol version 2. |
1586 @@ -758,7 +756,7 @@ key pair for authentication purposes. |
1121 @@ -848,7 +846,7 @@ key pair for authentication purposes. |
1587 The server knows the public key, and only the user knows the private key. |
1122 The server knows the public key, and only the user knows the private key. |
1588 .Nm |
1123 .Nm |
1589 implements public key authentication protocol automatically, |
1124 implements public key authentication protocol automatically, |
1590 -using one of the DSA, ECDSA, ED25519 or RSA algorithms. |
1125 -using one of the DSA, ECDSA, Ed25519 or RSA algorithms. |
1591 +using one of the DSA or RSA algorithms. |
1126 +using one of the DSA or RSA algorithms. |
1592 Protocol 1 is restricted to using only RSA keys, |
1127 Protocol 1 is restricted to using only RSA keys, |
1593 but protocol 2 may use any. |
1128 but protocol 2 may use any. |
1594 The HISTORY section of |
1129 The HISTORY section of |
1595 @@ -783,10 +781,6 @@ This stores the private key in |
1130 @@ -873,10 +871,6 @@ This stores the private key in |
1596 (protocol 1), |
1131 (protocol 1), |
1597 .Pa ~/.ssh/id_dsa |
1132 .Pa ~/.ssh/id_dsa |
1598 (protocol 2 DSA), |
1133 (protocol 2 DSA), |
1599 -.Pa ~/.ssh/id_ecdsa |
1134 -.Pa ~/.ssh/id_ecdsa |
1600 -(protocol 2 ECDSA), |
1135 -(protocol 2 ECDSA), |
1601 -.Pa ~/.ssh/id_ed25519 |
1136 -.Pa ~/.ssh/id_ed25519 |
1602 -(protocol 2 ED25519), |
1137 -(protocol 2 Ed25519), |
1603 or |
1138 or |
1604 .Pa ~/.ssh/id_rsa |
1139 .Pa ~/.ssh/id_rsa |
1605 (protocol 2 RSA) |
1140 (protocol 2 RSA) |
1606 @@ -795,10 +789,6 @@ and stores the public key in |
1141 @@ -885,10 +879,6 @@ and stores the public key in |
1607 (protocol 1), |
1142 (protocol 1), |
1608 .Pa ~/.ssh/id_dsa.pub |
1143 .Pa ~/.ssh/id_dsa.pub |
1609 (protocol 2 DSA), |
1144 (protocol 2 DSA), |
1610 -.Pa ~/.ssh/id_ecdsa.pub |
1145 -.Pa ~/.ssh/id_ecdsa.pub |
1611 -(protocol 2 ECDSA), |
1146 -(protocol 2 ECDSA), |
1612 -.Pa ~/.ssh/id_ed25519.pub |
1147 -.Pa ~/.ssh/id_ed25519.pub |
1613 -(protocol 2 ED25519), |
1148 -(protocol 2 Ed25519), |
1614 or |
1149 or |
1615 .Pa ~/.ssh/id_rsa.pub |
1150 .Pa ~/.ssh/id_rsa.pub |
1616 (protocol 2 RSA) |
1151 (protocol 2 RSA) |
1617 @@ -1338,7 +1328,7 @@ secret, but the recommended permissions |
1152 @@ -1444,7 +1434,7 @@ secret, but the recommended permissions |
1618 and not accessible by others. |
1153 and not accessible by others. |
1619 .Pp |
1154 .Pp |
1620 .It Pa ~/.ssh/authorized_keys |
1155 .It Pa ~/.ssh/authorized_keys |
1621 -Lists the public keys (DSA, ECDSA, ED25519, RSA) |
1156 -Lists the public keys (DSA, ECDSA, Ed25519, RSA) |
1622 +Lists the public keys (DSA, RSA) |
1157 +Lists the public keys (DSA, RSA) |
1623 that can be used for logging in as this user. |
1158 that can be used for logging in as this user. |
1624 The format of this file is described in the |
1159 The format of this file is described in the |
1625 .Xr sshd 8 |
1160 .Xr sshd 8 |
1626 @@ -1360,8 +1350,6 @@ above. |
1161 @@ -1466,8 +1456,6 @@ above. |
1627 .Pp |
1162 .Pp |
1628 .It Pa ~/.ssh/identity |
1163 .It Pa ~/.ssh/identity |
1629 .It Pa ~/.ssh/id_dsa |
1164 .It Pa ~/.ssh/id_dsa |
1630 -.It Pa ~/.ssh/id_ecdsa |
1165 -.It Pa ~/.ssh/id_ecdsa |
1631 -.It Pa ~/.ssh/id_ed25519 |
1166 -.It Pa ~/.ssh/id_ed25519 |
1632 .It Pa ~/.ssh/id_rsa |
1167 .It Pa ~/.ssh/id_rsa |
1633 Contains the private key for authentication. |
1168 Contains the private key for authentication. |
1634 These files |
1169 These files |
1635 @@ -1375,8 +1363,6 @@ sensitive part of this file using 3DES. |
1170 @@ -1481,8 +1469,6 @@ sensitive part of this file using 3DES. |
1636 .Pp |
1171 .Pp |
1637 .It Pa ~/.ssh/identity.pub |
1172 .It Pa ~/.ssh/identity.pub |
1638 .It Pa ~/.ssh/id_dsa.pub |
1173 .It Pa ~/.ssh/id_dsa.pub |
1639 -.It Pa ~/.ssh/id_ecdsa.pub |
1174 -.It Pa ~/.ssh/id_ecdsa.pub |
1640 -.It Pa ~/.ssh/id_ed25519.pub |
1175 -.It Pa ~/.ssh/id_ed25519.pub |
1641 .It Pa ~/.ssh/id_rsa.pub |
1176 .It Pa ~/.ssh/id_rsa.pub |
1642 Contains the public key for authentication. |
1177 Contains the public key for authentication. |
1643 These files are not |
1178 These files are not |
1644 @@ -1415,8 +1401,6 @@ The file format and configuration option |
1179 @@ -1521,8 +1507,6 @@ The file format and configuration option |
1645 .Pp |
1180 .Pp |
1646 .It Pa /etc/ssh/ssh_host_key |
1181 .It Pa /etc/ssh/ssh_host_key |
1647 .It Pa /etc/ssh/ssh_host_dsa_key |
1182 .It Pa /etc/ssh/ssh_host_dsa_key |
1648 -.It Pa /etc/ssh/ssh_host_ecdsa_key |
1183 -.It Pa /etc/ssh/ssh_host_ecdsa_key |
1649 -.It Pa /etc/ssh/ssh_host_ed25519_key |
1184 -.It Pa /etc/ssh/ssh_host_ed25519_key |
1650 .It Pa /etc/ssh/ssh_host_rsa_key |
1185 .It Pa /etc/ssh/ssh_host_rsa_key |
1651 These files contain the private parts of the host keys |
1186 These files contain the private parts of the host keys |
1652 and are used for host-based authentication. |
1187 and are used for host-based authentication. |
1653 diff -pur old/ssh.c new/ssh.c |
1188 diff -pur old/ssh.c new/ssh.c |
1654 --- old/ssh.c 2013-12-28 22:53:40.000000000 -0800 |
1189 --- old/ssh.c |
1655 +++ new/ssh.c 2015-04-10 02:43:51.181446718 -0700 |
1190 +++ new/ssh.c |
1656 @@ -1010,8 +1010,10 @@ main(int ac, char **av) |
1191 @@ -1233,8 +1233,10 @@ main(int ac, char **av) |
|
1192 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, |
|
1193 _PATH_HOST_ECDSA_KEY_FILE, "", NULL); |
1657 #endif |
1194 #endif |
|
1195 +#ifndef WITHOUT_ED25519 |
|
1196 sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, |
|
1197 _PATH_HOST_ED25519_KEY_FILE, "", NULL); |
|
1198 +#endif /* WITHOUT_ED25519 */ |
1658 sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, |
1199 sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, |
1659 _PATH_HOST_RSA_KEY_FILE, "", NULL); |
1200 _PATH_HOST_RSA_KEY_FILE, "", NULL); |
1660 +#ifndef WITHOUT_ED25519 |
1201 sensitive_data.keys[4] = key_load_private_cert(KEY_DSA, |
1661 sensitive_data.keys[4] = key_load_private_cert(KEY_ED25519, |
1202 @@ -1243,8 +1245,10 @@ main(int ac, char **av) |
1662 _PATH_HOST_ED25519_KEY_FILE, "", NULL); |
1203 sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, |
1663 +#endif /* WITHOUT_ED25519 */ |
1204 _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); |
1664 sensitive_data.keys[5] = key_load_private_type(KEY_DSA, |
|
1665 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); |
|
1666 #ifdef OPENSSL_HAS_ECC |
|
1667 @@ -1020,8 +1022,10 @@ main(int ac, char **av) |
|
1668 #endif |
1205 #endif |
|
1206 +#ifndef WITHOUT_ED25519 |
|
1207 sensitive_data.keys[6] = key_load_private_type(KEY_ED25519, |
|
1208 _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); |
|
1209 +#endif /* WITHOUT_ED25519 */ |
1669 sensitive_data.keys[7] = key_load_private_type(KEY_RSA, |
1210 sensitive_data.keys[7] = key_load_private_type(KEY_RSA, |
1670 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); |
1211 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); |
1671 +#ifndef WITHOUT_ED25519 |
1212 sensitive_data.keys[8] = key_load_private_type(KEY_DSA, |
1672 sensitive_data.keys[8] = key_load_private_type(KEY_ED25519, |
1213 @@ -1261,8 +1265,10 @@ main(int ac, char **av) |
1673 _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); |
1214 sensitive_data.keys[1] = key_load_cert( |
1674 +#endif /* WITHOUT_ED25519 */ |
1215 _PATH_HOST_ECDSA_KEY_FILE); |
1675 PRIV_END; |
|
1676 |
|
1677 if (options.hostbased_authentication == 1 && |
|
1678 @@ -1038,8 +1042,10 @@ main(int ac, char **av) |
|
1679 #endif |
1216 #endif |
|
1217 +#ifndef WITHOUT_ED25519 |
|
1218 sensitive_data.keys[2] = key_load_cert( |
|
1219 _PATH_HOST_ED25519_KEY_FILE); |
|
1220 +#endif /* WITHOUT_ED25519 */ |
1680 sensitive_data.keys[3] = key_load_cert( |
1221 sensitive_data.keys[3] = key_load_cert( |
1681 _PATH_HOST_RSA_KEY_FILE); |
1222 _PATH_HOST_RSA_KEY_FILE); |
1682 +#ifndef WITHOUT_ED25519 |
|
1683 sensitive_data.keys[4] = key_load_cert( |
1223 sensitive_data.keys[4] = key_load_cert( |
1684 _PATH_HOST_ED25519_KEY_FILE); |
1224 @@ -1271,8 +1277,10 @@ main(int ac, char **av) |
1685 +#endif /* WITHOUT_ED25519 */ |
|
1686 sensitive_data.keys[5] = key_load_public( |
1225 sensitive_data.keys[5] = key_load_public( |
1687 _PATH_HOST_DSA_KEY_FILE, NULL); |
1226 _PATH_HOST_ECDSA_KEY_FILE, NULL); |
1688 #ifdef OPENSSL_HAS_ECC |
|
1689 @@ -1048,8 +1054,10 @@ main(int ac, char **av) |
|
1690 #endif |
1227 #endif |
|
1228 +#ifndef WITHOUT_ED25519 |
|
1229 sensitive_data.keys[6] = key_load_public( |
|
1230 _PATH_HOST_ED25519_KEY_FILE, NULL); |
|
1231 +#endif /* WITHOUT_ED25519 */ |
1691 sensitive_data.keys[7] = key_load_public( |
1232 sensitive_data.keys[7] = key_load_public( |
1692 _PATH_HOST_RSA_KEY_FILE, NULL); |
1233 _PATH_HOST_RSA_KEY_FILE, NULL); |
1693 +#ifndef WITHOUT_ED25519 |
|
1694 sensitive_data.keys[8] = key_load_public( |
1234 sensitive_data.keys[8] = key_load_public( |
1695 _PATH_HOST_ED25519_KEY_FILE, NULL); |
1235 diff -pur old/ssh_api.c new/ssh_api.c |
1696 +#endif /* WITHOUT_ED25519 */ |
1236 --- old/ssh_api.c |
1697 sensitive_data.external_keysign = 1; |
1237 +++ new/ssh_api.c |
1698 } |
1238 @@ -109,7 +109,9 @@ ssh_init(struct ssh **sshp, int is_serve |
|
1239 ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
|
1240 # endif |
|
1241 #endif /* WITH_OPENSSL */ |
|
1242 +#ifndef WITHOUT_ED25519 |
|
1243 ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
|
1244 +#endif /* WITHOUT_ED25519 */ |
|
1245 ssh->kex->load_host_public_key=&_ssh_host_public_key; |
|
1246 ssh->kex->load_host_private_key=&_ssh_host_private_key; |
|
1247 ssh->kex->sign=&_ssh_host_key_sign; |
|
1248 @@ -123,7 +125,9 @@ ssh_init(struct ssh **sshp, int is_serve |
|
1249 ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
|
1250 # endif |
|
1251 #endif /* WITH_OPENSSL */ |
|
1252 +#ifndef WITHOUT_ED25519 |
|
1253 ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
|
1254 +#endif /* WITHOUT_ED25519 */ |
|
1255 ssh->kex->verify_host_key =&_ssh_verify_host_key; |
1699 } |
1256 } |
|
1257 *sshp = ssh; |
1700 diff -pur old/ssh_config.0 new/ssh_config.0 |
1258 diff -pur old/ssh_config.0 new/ssh_config.0 |
1701 --- old/ssh_config.0 2014-01-29 17:52:48.000000000 -0800 |
1259 --- old/ssh_config.0 |
1702 +++ new/ssh_config.0 2015-04-10 02:43:51.182117645 -0700 |
1260 +++ new/ssh_config.0 |
1703 @@ -409,14 +409,9 @@ DESCRIPTION |
1261 @@ -444,13 +444,8 @@ DESCRIPTION |
1704 client wants to use in order of preference. The default for this |
1262 specified key types will be appended to the default set instead |
1705 option is: |
1263 of replacing them. The default for this option is: |
1706 |
1264 |
1707 - [email protected], |
1265 - [email protected], |
1708 - [email protected], |
1266 - [email protected], |
1709 - [email protected], |
1267 - [email protected], |
1710 - [email protected], |
1268 - [email protected], |
1711 [email protected],[email protected], |
1269 [email protected], |
1712 [email protected],[email protected], |
|
1713 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
1270 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
1714 - ssh-ed25519,ssh-rsa,ssh-dss |
1271 - ssh-ed25519,ssh-rsa |
1715 + ssh-rsa,ssh-dss |
1272 + ssh-rsa |
|
1273 |
|
1274 The -Q option of ssh(1) may be used to list supported key types. |
|
1275 |
|
1276 @@ -461,13 +456,8 @@ DESCRIPTION |
|
1277 key types will be appended to the default set instead of |
|
1278 replacing them. The default for this option is: |
|
1279 |
|
1280 - [email protected], |
|
1281 - [email protected], |
|
1282 - [email protected], |
|
1283 - [email protected], |
|
1284 [email protected], |
|
1285 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1286 - ssh-ed25519,ssh-rsa |
|
1287 + ssh-rsa |
1716 |
1288 |
1717 If hostkeys are known for the destination host then this default |
1289 If hostkeys are known for the destination host then this default |
1718 is modified to prefer their algorithms. |
1290 is modified to prefer their algorithms. |
1719 @@ -446,10 +441,10 @@ DESCRIPTION |
1291 @@ -503,10 +493,10 @@ DESCRIPTION |
1720 default is ``no''. |
1292 default is M-bM-^@M-^\noM-bM-^@M-^]. |
1721 |
1293 |
1722 IdentityFile |
1294 IdentityFile |
1723 - Specifies a file from which the user's DSA, ECDSA, ED25519 or RSA |
1295 - Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA |
1724 + Specifies a file from which the user's DSA or RSA |
1296 + Specifies a file from which the user's DSA or RSA |
1725 authentication identity is read. The default is ~/.ssh/identity |
1297 authentication identity is read. The default is ~/.ssh/identity |
1726 - for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, |
1298 - for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, |
1727 - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. |
1299 - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. |
1728 + for protocol version 1, and ~/.ssh/id_dsa and ~/.ssh/id_rsa for |
1300 + for protocol version 1, and ~/.ssh/id_dsa |
1729 + protocol version 2. |
1301 + and ~/.ssh/id_rsa for protocol version 2. |
1730 Additionally, any identities represented by the authentication |
1302 Additionally, any identities represented by the authentication |
1731 agent will be used for authentication unless IdentitiesOnly is |
1303 agent will be used for authentication unless IdentitiesOnly is |
1732 set. ssh(1) will try to load certificate information from the |
1304 set. ssh(1) will try to load certificate information from the |
1733 @@ -509,8 +504,6 @@ DESCRIPTION |
1305 @@ -569,7 +559,6 @@ DESCRIPTION |
1734 Specifies the available KEX (Key Exchange) algorithms. Multiple |
1306 will be appended to the default set instead of replacing them. |
1735 algorithms must be comma-separated. The default is: |
1307 The default is: |
1736 |
1308 |
1737 - [email protected], |
1309 - [email protected], |
1738 - ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1310 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1739 diffie-hellman-group-exchange-sha256, |
1311 diffie-hellman-group-exchange-sha256, |
1740 diffie-hellman-group-exchange-sha1, |
1312 diffie-hellman-group-exchange-sha1, |
1741 diffie-hellman-group14-sha1, |
1313 @@ -727,13 +716,8 @@ DESCRIPTION |
|
1314 types after it will be appended to the default instead of |
|
1315 replacing it. The default for this option is: |
|
1316 |
|
1317 - [email protected], |
|
1318 - [email protected], |
|
1319 - [email protected], |
|
1320 - [email protected], |
|
1321 [email protected], |
|
1322 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1323 - ssh-ed25519,ssh-rsa |
|
1324 + ssh-rsa |
|
1325 |
|
1326 The -Q option of ssh(1) may be used to list supported key types. |
|
1327 |
1742 diff -pur old/ssh_config.5 new/ssh_config.5 |
1328 diff -pur old/ssh_config.5 new/ssh_config.5 |
1743 --- old/ssh_config.5 2015-04-10 02:43:51.077725535 -0700 |
1329 --- old/ssh_config.5 |
1744 +++ new/ssh_config.5 2015-04-10 02:43:51.182862658 -0700 |
1330 +++ new/ssh_config.5 |
1745 @@ -723,14 +723,9 @@ Specifies the protocol version 2 host ke |
1331 @@ -806,13 +806,8 @@ character, then the specified key types |
1746 that the client wants to use in order of preference. |
1332 instead of replacing them. |
1747 The default for this option is: |
1333 The default for this option is: |
1748 .Bd -literal -offset 3n |
1334 .Bd -literal -offset 3n |
1749 [email protected], |
1335 [email protected], |
1750 [email protected], |
1336 [email protected], |
1751 [email protected], |
1337 [email protected], |
1752 [email protected], |
1338 [email protected], |
1753 [email protected],[email protected], |
1339 [email protected], |
1754 [email protected],[email protected], |
|
1755 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
1340 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
1756 -ssh-ed25519,ssh-rsa,ssh-dss |
1341 -ssh-ed25519,ssh-rsa |
1757 +ssh-rsa,ssh-dss |
1342 +ssh-rsa |
|
1343 .Ed |
|
1344 .Pp |
|
1345 The |
|
1346 @@ -829,13 +824,8 @@ character, then the specified key types |
|
1347 instead of replacing them. |
|
1348 The default for this option is: |
|
1349 .Bd -literal -offset 3n |
|
1350 [email protected], |
|
1351 [email protected], |
|
1352 [email protected], |
|
1353 [email protected], |
|
1354 [email protected], |
|
1355 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1356 -ssh-ed25519,ssh-rsa |
|
1357 +ssh-rsa |
1758 .Ed |
1358 .Ed |
1759 .Pp |
1359 .Pp |
1760 If hostkeys are known for the destination host then this default is modified |
1360 If hostkeys are known for the destination host then this default is modified |
1761 @@ -772,14 +767,12 @@ offers many different identities. |
1361 @@ -890,14 +880,12 @@ offers many different identities. |
1762 The default is |
1362 The default is |
1763 .Dq no . |
1363 .Dq no . |
1764 .It Cm IdentityFile |
1364 .It Cm IdentityFile |
1765 -Specifies a file from which the user's DSA, ECDSA, ED25519 or RSA authentication |
1365 -Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication |
1766 +Specifies a file from which the user's DSA or RSA authentication |
1366 +Specifies a file from which the user's DSA or RSA authentication |
1767 identity is read. |
1367 identity is read. |
1768 The default is |
1368 The default is |
1769 .Pa ~/.ssh/identity |
1369 .Pa ~/.ssh/identity |
1770 for protocol version 1, and |
1370 for protocol version 1, and |
1772 -.Pa ~/.ssh/id_ecdsa , |
1372 -.Pa ~/.ssh/id_ecdsa , |
1773 -.Pa ~/.ssh/id_ed25519 |
1373 -.Pa ~/.ssh/id_ed25519 |
1774 and |
1374 and |
1775 .Pa ~/.ssh/id_rsa |
1375 .Pa ~/.ssh/id_rsa |
1776 for protocol version 2. |
1376 for protocol version 2. |
1777 @@ -892,8 +885,6 @@ Specifies the available KEX (Key Exchang |
1377 @@ -1014,7 +1002,6 @@ character, then the specified methods wi |
1778 Multiple algorithms must be comma-separated. |
1378 instead of replacing them. |
1779 The default is: |
1379 The default is: |
1780 .Bd -literal -offset indent |
1380 .Bd -literal -offset indent |
1781 [email protected], |
1381 [email protected], |
1782 -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1382 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1783 diffie-hellman-group-exchange-sha256, |
1383 diffie-hellman-group-exchange-sha256, |
1784 diffie-hellman-group-exchange-sha1, |
1384 diffie-hellman-group-exchange-sha1, |
1785 diffie-hellman-group14-sha1, |
1385 @@ -1259,13 +1246,8 @@ character, then the key types after it w |
1786 Only in new: ssh_config.5.orig |
1386 instead of replacing it. |
|
1387 The default for this option is: |
|
1388 .Bd -literal -offset 3n |
|
1389 [email protected], |
|
1390 [email protected], |
|
1391 [email protected], |
|
1392 [email protected], |
|
1393 [email protected], |
|
1394 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1395 -ssh-ed25519,ssh-rsa |
|
1396 +ssh-rsa |
|
1397 .Ed |
|
1398 .Pp |
|
1399 The |
1787 diff -pur old/sshconnect.c new/sshconnect.c |
1400 diff -pur old/sshconnect.c new/sshconnect.c |
1788 --- old/sshconnect.c 2015-04-10 02:43:51.092987117 -0700 |
1401 --- old/sshconnect.c |
1789 +++ new/sshconnect.c 2015-04-10 02:43:51.183586425 -0700 |
1402 +++ new/sshconnect.c |
1790 @@ -1325,7 +1325,9 @@ show_other_keys(struct hostkeys *hostkey |
1403 @@ -1392,7 +1392,9 @@ show_other_keys(struct hostkeys *hostkey |
1791 KEY_RSA, |
1404 KEY_RSA, |
1792 KEY_DSA, |
1405 KEY_DSA, |
1793 KEY_ECDSA, |
1406 KEY_ECDSA, |
1794 +#ifndef WITHOUT_ED25519 |
1407 +#ifndef WITHOUT_ED25519 |
1795 KEY_ED25519, |
1408 KEY_ED25519, |
1796 +#endif /* WITHOUT_ED25519 */ |
1409 +#endif /* WITHOUT_ED25519 */ |
1797 -1 |
1410 -1 |
1798 }; |
1411 }; |
1799 int i, ret = 0; |
1412 int i, ret = 0; |
1800 Only in new: sshconnect.c.orig |
|
1801 diff -pur old/sshconnect2.c new/sshconnect2.c |
1413 diff -pur old/sshconnect2.c new/sshconnect2.c |
1802 --- old/sshconnect2.c 2015-04-10 02:43:51.055621784 -0700 |
1414 --- old/sshconnect2.c |
1803 +++ new/sshconnect2.c 2015-04-10 02:49:31.451117756 -0700 |
1415 +++ new/sshconnect2.c |
1804 @@ -213,7 +213,9 @@ ssh_kex2(char *host, struct sockaddr *ho |
1416 @@ -247,7 +247,9 @@ ssh_kex2(char *host, struct sockaddr *ho |
1805 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
|
1806 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
|
1807 kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
1417 kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
|
1418 # endif |
|
1419 #endif |
1808 +#ifndef WITHOUT_ED25519 |
1420 +#ifndef WITHOUT_ED25519 |
1809 kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
1421 kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
1810 +#endif /* WITHOUT_ED25519 */ |
1422 +#endif /* WITHOUT_ED25519 */ |
1811 kex->client_version_string=client_version_string; |
1423 #ifdef GSSAPI |
1812 kex->server_version_string=server_version_string; |
1424 if (options.gss_keyex) { |
1813 kex->verify_host_key=&verify_host_key_callback; |
1425 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; |
1814 Only in new: sshconnect2.c.orig |
|
1815 Only in new: sshconnect2.c.rej |
|
1816 diff -pur old/sshd.0 new/sshd.0 |
1426 diff -pur old/sshd.0 new/sshd.0 |
1817 --- old/sshd.0 2014-01-29 17:52:47.000000000 -0800 |
1427 --- old/sshd.0 |
1818 +++ new/sshd.0 2015-04-10 02:43:51.185708016 -0700 |
1428 +++ new/sshd.0 |
1819 @@ -82,8 +82,7 @@ DESCRIPTION |
1429 @@ -81,8 +81,7 @@ DESCRIPTION |
1820 be given if sshd is not run as root (as the normal host key files |
1430 be given if sshd is not run as root (as the normal host key files |
1821 are normally not readable by anyone but root). The default is |
1431 are normally not readable by anyone but root). The default is |
1822 /etc/ssh/ssh_host_key for protocol version 1, and |
1432 /etc/ssh/ssh_host_key for protocol version 1, and |
1823 - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key. |
1433 - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key. |
1824 - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for |
1434 - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for |
1825 + /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key for |
1435 + /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key for |
1826 protocol version 2. It is possible to have multiple host key |
1436 protocol version 2. It is possible to have multiple host key |
1827 files for the different protocol versions and host key |
1437 files for the different protocol versions and host key |
1828 algorithms. |
1438 algorithms. |
1829 @@ -148,7 +147,7 @@ DESCRIPTION |
1439 @@ -146,7 +145,7 @@ DESCRIPTION |
1830 AUTHENTICATION |
1440 AUTHENTICATION |
1831 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to |
1441 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to |
1832 use protocol 2 only, though this can be changed via the Protocol option |
1442 use protocol 2 only, though this can be changed via the Protocol option |
1833 - in sshd_config(5). Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys; |
1443 - in sshd_config(5). Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; |
1834 + in sshd_config(5). Protocol 2 supports DSA and RSA keys; |
1444 + in sshd_config(5). Protocol 2 supports DSA and RSA keys; |
1835 protocol 1 only supports RSA keys. For both protocols, each host has a |
1445 protocol 1 only supports RSA keys. For both protocols, each host has a |
1836 host-specific key, normally 2048 bits, used to identify the host. |
1446 host-specific key, normally 2048 bits, used to identify the host. |
1837 |
1447 |
1838 @@ -278,15 +277,13 @@ AUTHORIZED_KEYS FILE FORMAT |
1448 @@ -279,15 +278,13 @@ AUTHORIZED_KEYS FILE FORMAT |
1839 starts with a number). The bits, exponent, modulus, and comment fields |
1449 starts with a number). The bits, exponent, modulus, and comment fields |
1840 give the RSA key for protocol version 1; the comment field is not used |
1450 give the RSA key for protocol version 1; the comment field is not used |
1841 for anything (but may be convenient for the user to identify the key). |
1451 for anything (but may be convenient for the user to identify the key). |
1842 - For protocol version 2 the keytype is ``ecdsa-sha2-nistp256'', |
1452 - For protocol version 2 the keytype is M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], |
1843 - ``ecdsa-sha2-nistp384'', ``ecdsa-sha2-nistp521'', ``ssh-ed25519'', |
1453 - M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or |
1844 - ``ssh-dss'' or ``ssh-rsa''. |
1454 - M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. |
1845 + For protocol version 2 the keytype is ``ssh-dss'' or ``ssh-rsa''. |
1455 + For protocol version 2 the keytype is M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. |
1846 |
1456 |
1847 Note that lines in this file are usually several hundred bytes long |
1457 Note that lines in this file are usually several hundred bytes long |
1848 (because of the size of the public key encoding) up to a limit of 8 |
1458 (because of the size of the public key encoding) up to a limit of 8 |
1849 kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 |
1459 kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 |
1850 kilobits. You don't want to type them in; instead, copy the |
1460 kilobits. You don't want to type them in; instead, copy the |
1851 - identity.pub, id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub |
1461 - identity.pub, id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub |
1852 + identity.pub, id_dsa.pub or the id_rsa.pub |
1462 + identity.pub, id_dsa.pub or the id_rsa.pub |
1853 file and edit it. |
1463 file and edit it. |
1854 |
1464 |
1855 sshd enforces a minimum RSA key modulus size for protocol 1 and protocol |
1465 sshd enforces a minimum RSA key modulus size for protocol 1 and protocol |
1856 @@ -513,7 +510,7 @@ FILES |
1466 @@ -514,7 +511,7 @@ FILES |
1857 for the user, and not accessible by others. |
1467 for the user, and not accessible by others. |
1858 |
1468 |
1859 ~/.ssh/authorized_keys |
1469 ~/.ssh/authorized_keys |
1860 - Lists the public keys (DSA, ECDSA, ED25519, RSA) that can be used |
1470 - Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used |
1861 + Lists the public keys (DSA, RSA) that can be used |
1471 + Lists the public keys (DSA, RSA) that can be used |
1862 for logging in as this user. The format of this file is |
1472 for logging in as this user. The format of this file is |
1863 described above. The content of the file is not highly |
1473 described above. The content of the file is not highly |
1864 sensitive, but the recommended permissions are read/write for the |
1474 sensitive, but the recommended permissions are read/write for the |
1865 @@ -574,8 +571,6 @@ FILES |
1475 @@ -570,8 +567,6 @@ FILES |
1866 |
1476 |
1867 /etc/ssh/ssh_host_key |
1477 /etc/ssh/ssh_host_key |
1868 /etc/ssh/ssh_host_dsa_key |
1478 /etc/ssh/ssh_host_dsa_key |
1869 - /etc/ssh/ssh_host_ecdsa_key |
1479 - /etc/ssh/ssh_host_ecdsa_key |
1870 - /etc/ssh/ssh_host_ed25519_key |
1480 - /etc/ssh/ssh_host_ed25519_key |
1871 /etc/ssh/ssh_host_rsa_key |
1481 /etc/ssh/ssh_host_rsa_key |
1872 These files contain the private parts of the host keys. These |
1482 These files contain the private parts of the host keys. These |
1873 files should only be owned by root, readable only by root, and |
1483 files should only be owned by root, readable only by root, and |
1874 @@ -584,8 +579,6 @@ FILES |
1484 @@ -580,8 +575,6 @@ FILES |
1875 |
1485 |
1876 /etc/ssh/ssh_host_key.pub |
1486 /etc/ssh/ssh_host_key.pub |
1877 /etc/ssh/ssh_host_dsa_key.pub |
1487 /etc/ssh/ssh_host_dsa_key.pub |
1878 - /etc/ssh/ssh_host_ecdsa_key.pub |
1488 - /etc/ssh/ssh_host_ecdsa_key.pub |
1879 - /etc/ssh/ssh_host_ed25519_key.pub |
1489 - /etc/ssh/ssh_host_ed25519_key.pub |
1880 /etc/ssh/ssh_host_rsa_key.pub |
1490 /etc/ssh/ssh_host_rsa_key.pub |
1881 These files contain the public parts of the host keys. These |
1491 These files contain the public parts of the host keys. These |
1882 files should be world-readable but writable only by root. Their |
1492 files should be world-readable but writable only by root. Their |
1883 diff -pur old/sshd.8 new/sshd.8 |
1493 diff -pur old/sshd.8 new/sshd.8 |
1884 --- old/sshd.8 2015-04-10 02:43:51.068793178 -0700 |
1494 --- old/sshd.8 2015-12-10 12:36:52.040393250 -0800 |
1885 +++ new/sshd.8 2015-04-10 02:43:51.186397825 -0700 |
1495 +++ new/sshd.8 2015-12-10 12:40:30.706984900 -0800 |
1886 @@ -175,8 +175,6 @@ The default is |
1496 @@ -172,8 +172,6 @@ The default is |
1887 .Pa /etc/ssh/ssh_host_key |
1497 .Pa /etc/ssh/ssh_host_key |
1888 for protocol version 1, and |
1498 for protocol version 1, and |
1889 .Pa /etc/ssh/ssh_host_dsa_key , |
1499 .Pa /etc/ssh/ssh_host_dsa_key , |
1890 -.Pa /etc/ssh/ssh_host_ecdsa_key . |
1500 -.Pa /etc/ssh/ssh_host_ecdsa_key . |
1891 -.Pa /etc/ssh/ssh_host_ed25519_key |
1501 -.Pa /etc/ssh/ssh_host_ed25519_key |
1892 and |
1502 and |
1893 .Pa /etc/ssh/ssh_host_rsa_key |
1503 .Pa /etc/ssh/ssh_host_rsa_key |
1894 for protocol version 2. |
1504 for protocol version 2. |
1895 @@ -281,7 +279,7 @@ though this can be changed via the |
1505 @@ -275,7 +273,7 @@ though this can be changed via the |
1896 .Cm Protocol |
1506 .Cm Protocol |
1897 option in |
1507 option in |
1898 .Xr sshd_config 4 . |
1508 .Xr sshd_config 4 . |
1899 -Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys; |
1509 -Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; |
1900 +Protocol 2 supports DSA and RSA keys; |
1510 +Protocol 2 supports DSA and RSA keys; |
1901 protocol 1 only supports RSA keys. |
1511 protocol 1 only supports RSA keys. |
1902 For both protocols, |
1512 For both protocols, |
1903 each host has a host-specific key, |
1513 each host has a host-specific key, |
1904 @@ -492,10 +490,6 @@ protocol version 1; the |
1514 @@ -491,10 +489,6 @@ protocol version 1; the |
1905 comment field is not used for anything (but may be convenient for the |
1515 comment field is not used for anything (but may be convenient for the |
1906 user to identify the key). |
1516 user to identify the key). |
1907 For protocol version 2 the keytype is |
1517 For protocol version 2 the keytype is |
1908 -.Dq ecdsa-sha2-nistp256 , |
1518 -.Dq ecdsa-sha2-nistp256 , |
1909 -.Dq ecdsa-sha2-nistp384 , |
1519 -.Dq ecdsa-sha2-nistp384 , |
1910 -.Dq ecdsa-sha2-nistp521 , |
1520 -.Dq ecdsa-sha2-nistp521 , |
1911 -.Dq ssh-ed25519 , |
1521 -.Dq ssh-ed25519 , |
1912 .Dq ssh-dss |
1522 .Dq ssh-dss |
1913 or |
1523 or |
1914 .Dq ssh-rsa . |
1524 .Dq ssh-rsa . |
1915 @@ -507,8 +501,6 @@ keys up to 16 kilobits. |
1525 @@ -506,8 +500,6 @@ keys up to 16 kilobits. |
1916 You don't want to type them in; instead, copy the |
1526 You don't want to type them in; instead, copy the |
1917 .Pa identity.pub , |
1527 .Pa identity.pub , |
1918 .Pa id_dsa.pub , |
1528 .Pa id_dsa.pub , |
1919 -.Pa id_ecdsa.pub , |
1529 -.Pa id_ecdsa.pub , |
1920 -.Pa id_ed25519.pub , |
1530 -.Pa id_ed25519.pub , |
1921 or the |
1531 or the |
1922 .Pa id_rsa.pub |
1532 .Pa id_rsa.pub |
1923 file and edit it. |
1533 file and edit it. |
1924 @@ -808,7 +800,7 @@ secret, but the recommended permissions |
1534 @@ -807,7 +799,7 @@ secret, but the recommended permissions |
1925 and not accessible by others. |
1535 and not accessible by others. |
1926 .Pp |
1536 .Pp |
1927 .It Pa ~/.ssh/authorized_keys |
1537 .It Pa ~/.ssh/authorized_keys |
1928 -Lists the public keys (DSA, ECDSA, ED25519, RSA) |
1538 -Lists the public keys (DSA, ECDSA, Ed25519, RSA) |
1929 +Lists the public keys (DSA, RSA) |
1539 +Lists the public keys (DSA, RSA) |
1930 that can be used for logging in as this user. |
1540 that can be used for logging in as this user. |
1931 The format of this file is described above. |
1541 The format of this file is described above. |
1932 The content of the file is not highly sensitive, but the recommended |
1542 The content of the file is not highly sensitive, but the recommended |
1933 @@ -888,8 +880,6 @@ rlogin/rsh. |
1543 @@ -881,8 +873,6 @@ rlogin/rsh. |
1934 .Pp |
1544 .Pp |
1935 .It Pa /etc/ssh/ssh_host_key |
1545 .It Pa /etc/ssh/ssh_host_key |
1936 .It Pa /etc/ssh/ssh_host_dsa_key |
1546 .It Pa /etc/ssh/ssh_host_dsa_key |
1937 -.It Pa /etc/ssh/ssh_host_ecdsa_key |
1547 -.It Pa /etc/ssh/ssh_host_ecdsa_key |
1938 -.It Pa /etc/ssh/ssh_host_ed25519_key |
1548 -.It Pa /etc/ssh/ssh_host_ed25519_key |
1939 .It Pa /etc/ssh/ssh_host_rsa_key |
1549 .It Pa /etc/ssh/ssh_host_rsa_key |
1940 These files contain the private parts of the host keys. |
1550 These files contain the private parts of the host keys. |
1941 These files should only be owned by root, readable only by root, and not |
1551 These files should only be owned by root, readable only by root, and not |
1942 @@ -900,8 +890,6 @@ does not start if these files are group/ |
1552 @@ -893,8 +883,6 @@ does not start if these files are group/ |
1943 .Pp |
1553 .Pp |
1944 .It Pa /etc/ssh/ssh_host_key.pub |
1554 .It Pa /etc/ssh/ssh_host_key.pub |
1945 .It Pa /etc/ssh/ssh_host_dsa_key.pub |
1555 .It Pa /etc/ssh/ssh_host_dsa_key.pub |
1946 -.It Pa /etc/ssh/ssh_host_ecdsa_key.pub |
1556 -.It Pa /etc/ssh/ssh_host_ecdsa_key.pub |
1947 -.It Pa /etc/ssh/ssh_host_ed25519_key.pub |
1557 -.It Pa /etc/ssh/ssh_host_ed25519_key.pub |
1948 .It Pa /etc/ssh/ssh_host_rsa_key.pub |
1558 .It Pa /etc/ssh/ssh_host_rsa_key.pub |
1949 These files contain the public parts of the host keys. |
1559 These files contain the public parts of the host keys. |
1950 These files should be world-readable but writable only by |
1560 These files should be world-readable but writable only by |
1951 diff -pur old/sshd.c new/sshd.c |
1561 diff -pur old/sshd.c new/sshd.c |
1952 --- old/sshd.c 2015-04-10 02:43:51.101980137 -0700 |
1562 --- old/sshd.c |
1953 +++ new/sshd.c 2015-04-10 02:49:46.274593753 -0700 |
1563 +++ new/sshd.c |
1954 @@ -797,7 +797,9 @@ list_hostkey_types(void) |
1564 @@ -811,7 +811,9 @@ list_hostkey_types(void) |
1955 case KEY_RSA: |
1565 case KEY_RSA: |
1956 case KEY_DSA: |
1566 case KEY_DSA: |
1957 case KEY_ECDSA: |
1567 case KEY_ECDSA: |
1958 +#ifndef WITHOUT_ED25519 |
1568 +#ifndef WITHOUT_ED25519 |
1959 case KEY_ED25519: |
1569 case KEY_ED25519: |
1960 +#endif /* WITHOUT_ED25519 */ |
1570 +#endif /* WITHOUT_ED25519 */ |
1961 if (buffer_len(&b) > 0) |
1571 if (buffer_len(&b) > 0) |
1962 buffer_append(&b, ",", 1); |
1572 buffer_append(&b, ",", 1); |
1963 p = key_ssh_name(key); |
1573 p = key_ssh_name(key); |
1964 @@ -814,7 +816,9 @@ list_hostkey_types(void) |
1574 @@ -826,7 +828,9 @@ list_hostkey_types(void) |
1965 case KEY_RSA_CERT: |
1575 case KEY_RSA_CERT: |
1966 case KEY_DSA_CERT: |
1576 case KEY_DSA_CERT: |
1967 case KEY_ECDSA_CERT: |
1577 case KEY_ECDSA_CERT: |
1968 +#ifndef WITHOUT_ED25519 |
1578 +#ifndef WITHOUT_ED25519 |
1969 case KEY_ED25519_CERT: |
1579 case KEY_ED25519_CERT: |
1970 +#endif /* WITHOUT_ED25519 */ |
1580 +#endif /* WITHOUT_ED25519 */ |
1971 if (buffer_len(&b) > 0) |
1581 if (buffer_len(&b) > 0) |
1972 buffer_append(&b, ",", 1); |
1582 buffer_append(&b, ",", 1); |
1973 p = key_ssh_name(key); |
1583 p = key_ssh_name(key); |
1974 @@ -842,7 +846,9 @@ get_hostkey_by_type(int type, int need_p |
1584 @@ -852,7 +856,9 @@ get_hostkey_by_type(int type, int nid, i |
1975 case KEY_RSA_CERT: |
1585 case KEY_RSA_CERT: |
1976 case KEY_DSA_CERT: |
1586 case KEY_DSA_CERT: |
1977 case KEY_ECDSA_CERT: |
1587 case KEY_ECDSA_CERT: |
1978 +#ifndef WITHOUT_ED25519 |
1588 +#ifndef WITHOUT_ED25519 |
1979 case KEY_ED25519_CERT: |
1589 case KEY_ED25519_CERT: |
1980 +#endif /* WITHOUT_ED25519 */ |
1590 +#endif /* WITHOUT_ED25519 */ |
1981 key = sensitive_data.host_certificates[i]; |
1591 key = sensitive_data.host_certificates[i]; |
1982 break; |
1592 break; |
1983 default: |
1593 default: |
1984 @@ -1719,7 +1725,9 @@ main(int ac, char **av) |
1594 @@ -1810,7 +1816,9 @@ main(int ac, char **av) |
1985 case KEY_RSA: |
1595 case KEY_RSA: |
1986 case KEY_DSA: |
1596 case KEY_DSA: |
1987 case KEY_ECDSA: |
1597 case KEY_ECDSA: |
1988 +#ifndef WITHOUT_ED25519 |
1598 +#ifndef WITHOUT_ED25519 |
1989 case KEY_ED25519: |
1599 case KEY_ED25519: |
1990 +#endif /* WITHOUT_ED25519 */ |
1600 +#endif /* WITHOUT_ED25519 */ |
1991 sensitive_data.have_ssh2_key = 1; |
1601 if (have_agent || key != NULL) |
|
1602 sensitive_data.have_ssh2_key = 1; |
1992 break; |
1603 break; |
1993 } |
1604 @@ -2646,7 +2654,9 @@ do_ssh2_kex(void) |
1994 @@ -2501,7 +2509,9 @@ do_ssh2_kex(void) |
|
1995 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
|
1996 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
|
1997 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
1605 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
|
1606 # endif |
|
1607 #endif |
1998 +#ifndef WITHOUT_ED25519 |
1608 +#ifndef WITHOUT_ED25519 |
1999 kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
1609 kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
2000 +#endif /* WITHOUT_ED25519 */ |
1610 +#endif /* WITHOUT_ED25519 */ |
2001 kex->server = 1; |
1611 #ifdef GSSAPI |
2002 kex->client_version_string=client_version_string; |
1612 if (options.gss_keyex) { |
2003 kex->server_version_string=server_version_string; |
1613 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
2004 Only in new: sshd.c.orig |
|
2005 Only in new: sshd.c.rej |
|
2006 diff -pur old/sshd_config.0 new/sshd_config.0 |
1614 diff -pur old/sshd_config.0 new/sshd_config.0 |
2007 --- old/sshd_config.0 2014-01-29 17:52:48.000000000 -0800 |
1615 --- old/sshd_config.0 |
2008 +++ new/sshd_config.0 2015-04-10 02:43:51.188313577 -0700 |
1616 +++ new/sshd_config.0 |
2009 @@ -332,12 +332,11 @@ DESCRIPTION |
1617 @@ -403,13 +403,8 @@ DESCRIPTION |
|
1618 specified key types will be appended to the default set instead |
|
1619 of replacing them. The default for this option is: |
|
1620 |
|
1621 - [email protected], |
|
1622 - [email protected], |
|
1623 - [email protected], |
|
1624 - [email protected], |
|
1625 [email protected], |
|
1626 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1627 - ssh-ed25519,ssh-rsa |
|
1628 + ssh-rsa |
|
1629 |
|
1630 The -Q option of ssh(1) may be used to list supported key types. |
|
1631 |
|
1632 @@ -438,8 +433,7 @@ DESCRIPTION |
2010 HostKey |
1633 HostKey |
2011 Specifies a file containing a private host key used by SSH. The |
1634 Specifies a file containing a private host key used by SSH. The |
2012 default is /etc/ssh/ssh_host_key for protocol version 1, and |
1635 default is /etc/ssh/ssh_host_key for protocol version 1, and |
2013 - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key, |
1636 - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key, |
2014 - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for |
1637 - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for |
2015 + /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key for |
1638 + /etc/ssh/ssh_host_dsa_key, and /etc/ssh/ssh_host_rsa_key for |
2016 protocol version 2. Note that sshd(8) will refuse to use a file |
1639 protocol version 2. |
2017 if it is group/world-accessible. It is possible to have multiple |
1640 |
2018 host key files. ``rsa1'' keys are used for version 1 and |
1641 Note that sshd(8) will refuse to use a file if it is group/world- |
2019 - ``dsa'', ``ecdsa'', ``ed25519'' or ``rsa'' are used for version 2 |
1642 @@ -447,7 +441,7 @@ DESCRIPTION |
2020 + ``dsa'' or ``rsa'' are used for version 2 |
1643 of the keys are actually used by sshd(8). |
2021 of the SSH protocol. It is also possible to specify public host |
1644 |
2022 key files instead. In this case operations on the private key |
1645 It is possible to have multiple host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are |
2023 will be delegated to an ssh-agent(1). |
1646 - used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are |
2024 @@ -399,8 +398,6 @@ DESCRIPTION |
1647 + used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^] are |
2025 Specifies the available KEX (Key Exchange) algorithms. Multiple |
1648 used for version 2 of the SSH protocol. It is also possible to |
2026 algorithms must be comma-separated. The default is |
1649 specify public host key files instead. In this case operations |
|
1650 on the private key will be delegated to an ssh-agent(1). |
|
1651 @@ -462,13 +456,8 @@ DESCRIPTION |
|
1652 Specifies the protocol version 2 host key algorithms that the |
|
1653 server offers. The default for this option is: |
|
1654 |
|
1655 - [email protected], |
|
1656 - [email protected], |
|
1657 - [email protected], |
|
1658 - [email protected], |
|
1659 [email protected], |
|
1660 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1661 - ssh-ed25519,ssh-rsa |
|
1662 + ssh-rsa |
|
1663 |
|
1664 The list of available key types may also be obtained using the -Q |
|
1665 option of ssh(1) with an argument of M-bM-^@M-^\keyM-bM-^@M-^]. |
|
1666 @@ -532,7 +521,6 @@ DESCRIPTION |
|
1667 will be appended to the default set instead of replacing them. |
|
1668 The supported algorithms are: |
|
1669 |
|
1670 - [email protected] |
|
1671 diffie-hellman-group1-sha1 |
|
1672 diffie-hellman-group14-sha1 |
|
1673 diffie-hellman-group-exchange-sha1 |
|
1674 @@ -543,7 +531,6 @@ DESCRIPTION |
|
1675 |
|
1676 The default is: |
2027 |
1677 |
2028 - [email protected], |
1678 - [email protected], |
2029 - ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1679 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
2030 diffie-hellman-group-exchange-sha256, |
1680 diffie-hellman-group-exchange-sha256, |
2031 diffie-hellman-group-exchange-sha1, |
1681 diffie-hellman-group14-sha1 |
2032 diffie-hellman-group14-sha1, |
1682 @@ -787,13 +774,8 @@ DESCRIPTION |
|
1683 specified key types will be appended to the default set instead |
|
1684 of replacing them. The default for this option is: |
|
1685 |
|
1686 - [email protected], |
|
1687 - [email protected], |
|
1688 - [email protected], |
|
1689 - [email protected], |
|
1690 [email protected], |
|
1691 - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
|
1692 - ssh-ed25519,ssh-rsa |
|
1693 + ssh-rsa |
|
1694 |
|
1695 The -Q option of ssh(1) may be used to list supported key types. |
|
1696 |
2033 diff -pur old/sshd_config.5 new/sshd_config.5 |
1697 diff -pur old/sshd_config.5 new/sshd_config.5 |
2034 --- old/sshd_config.5 2015-04-10 02:43:51.078482159 -0700 |
1698 --- old/sshd_config.5 |
2035 +++ new/sshd_config.5 2015-04-10 02:43:51.189013912 -0700 |
1699 +++ new/sshd_config.5 |
2036 @@ -540,8 +540,6 @@ The default is |
1700 @@ -712,8 +712,6 @@ The default is |
2037 .Pa /etc/ssh/ssh_host_key |
1701 .Pa /etc/ssh/ssh_host_key |
2038 for protocol version 1, and |
1702 for protocol version 1, and |
2039 .Pa /etc/ssh/ssh_host_dsa_key , |
1703 .Pa /etc/ssh/ssh_host_dsa_key , |
2040 -.Pa /etc/ssh/ssh_host_ecdsa_key , |
1704 -.Pa /etc/ssh/ssh_host_ecdsa_key , |
2041 -.Pa /etc/ssh/ssh_host_ed25519_key |
1705 -.Pa /etc/ssh/ssh_host_ed25519_key |
2042 and |
1706 and |
2043 .Pa /etc/ssh/ssh_host_rsa_key |
1707 .Pa /etc/ssh/ssh_host_rsa_key |
2044 for protocol version 2. |
1708 for protocol version 2. |
2045 @@ -552,8 +550,6 @@ It is possible to have multiple host key |
1709 @@ -730,8 +728,6 @@ It is possible to have multiple host key |
2046 .Dq rsa1 |
1710 .Dq rsa1 |
2047 keys are used for version 1 and |
1711 keys are used for version 1 and |
2048 .Dq dsa , |
1712 .Dq dsa , |
2049 -.Dq ecdsa , |
1713 -.Dq ecdsa , |
2050 -.Dq ed25519 |
1714 -.Dq ed25519 |
2051 or |
1715 or |
2052 .Dq rsa |
1716 .Dq rsa |
2053 are used for version 2 of the SSH protocol. |
1717 are used for version 2 of the SSH protocol. |
2054 @@ -663,8 +659,6 @@ Specifies the available KEX (Key Exchang |
1718 @@ -878,8 +874,6 @@ The supported algorithms are: |
2055 Multiple algorithms must be comma-separated. |
1719 .Pp |
2056 The default is |
1720 .Bl -item -compact -offset indent |
|
1721 .It |
|
1722 [email protected] |
|
1723 -.It |
|
1724 diffie-hellman-group1-sha1 |
|
1725 .It |
|
1726 diffie-hellman-group14-sha1 |
|
1727 @@ -897,7 +891,6 @@ ecdh-sha2-nistp521 |
|
1728 .Pp |
|
1729 The default is: |
2057 .Bd -literal -offset indent |
1730 .Bd -literal -offset indent |
2058 [email protected], |
1731 [email protected], |
2059 -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
1732 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, |
2060 diffie-hellman-group-exchange-sha256, |
1733 diffie-hellman-group-exchange-sha256, |
2061 diffie-hellman-group-exchange-sha1, |
1734 diffie-hellman-group14-sha1 |
2062 diffie-hellman-group14-sha1, |
1735 diff -pur old/sshkey.c new/sshkey.c |
2063 Only in new: sshd_config.5.orig |
1736 --- old/sshkey.c |
2064 diff -pur old/verify.c new/verify.c |
1737 +++ new/sshkey.c |
2065 --- old/verify.c 2014-01-16 17:43:44.000000000 -0800 |
1738 @@ -85,9 +85,11 @@ struct keytype { |
2066 +++ new/verify.c 2015-04-10 02:43:51.189372783 -0700 |
1739 int cert; |
2067 @@ -9,6 +9,8 @@ |
1740 }; |
2068 |
1741 static const struct keytype keytypes[] = { |
2069 #include "crypto_api.h" |
1742 +#ifndef WITHOUT_ED25519 |
2070 |
1743 { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 }, |
2071 +#ifndef WITHOUT_ED25519 |
1744 { "[email protected]", "ED25519-CERT", |
2072 + |
1745 KEY_ED25519_CERT, 0, 1 }, |
2073 int crypto_verify_32(const unsigned char *x,const unsigned char *y) |
1746 +#endif /* WITHOUT_ED25519 */ |
2074 { |
1747 #ifdef WITH_OPENSSL |
2075 unsigned int differentbits = 0; |
1748 { NULL, "RSA1", KEY_RSA1, 0, 0 }, |
2076 @@ -47,3 +49,4 @@ int crypto_verify_32(const unsigned char |
1749 { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, |
2077 F(31) |
1750 @@ -278,8 +280,10 @@ sshkey_size(const struct sshkey *k) |
2078 return (1 & ((differentbits - 1) >> 8)) - 1; |
1751 case KEY_ECDSA_CERT: |
2079 } |
1752 return sshkey_curve_nid_to_bits(k->ecdsa_nid); |
2080 +#endif /* WITHOUT_ED25519 */ |
1753 #endif /* WITH_OPENSSL */ |
|
1754 +#ifndef WITHOUT_ED25519 |
|
1755 case KEY_ED25519: |
|
1756 case KEY_ED25519_CERT: |
|
1757 +#endif /* WITHOUT_ED25519 */ |
|
1758 return 256; /* XXX */ |
|
1759 } |
|
1760 return 0; |
|
1761 @@ -292,7 +296,9 @@ sshkey_type_is_valid_ca(int type) |
|
1762 case KEY_RSA: |
|
1763 case KEY_DSA: |
|
1764 case KEY_ECDSA: |
|
1765 +#ifndef WITHOUT_ED25519 |
|
1766 case KEY_ED25519: |
|
1767 +#endif /* WITHOUT_ED25519 */ |
|
1768 return 1; |
|
1769 default: |
|
1770 return 0; |
|
1771 @@ -318,8 +324,10 @@ sshkey_type_plain(int type) |
|
1772 return KEY_DSA; |
|
1773 case KEY_ECDSA_CERT: |
|
1774 return KEY_ECDSA; |
|
1775 +#ifndef WITHOUT_ED25519 |
|
1776 case KEY_ED25519_CERT: |
|
1777 return KEY_ED25519; |
|
1778 +#endif /* WITHOUT_ED25519 */ |
|
1779 default: |
|
1780 return type; |
|
1781 } |
|
1782 @@ -472,8 +480,10 @@ sshkey_new(int type) |
|
1783 k->dsa = NULL; |
|
1784 k->rsa = NULL; |
|
1785 k->cert = NULL; |
|
1786 +#ifndef WITHOUT_ED25519 |
|
1787 k->ed25519_sk = NULL; |
|
1788 k->ed25519_pk = NULL; |
|
1789 +#endif /* WITHOUT_ED25519 */ |
|
1790 switch (k->type) { |
|
1791 #ifdef WITH_OPENSSL |
|
1792 case KEY_RSA1: |
|
1793 @@ -508,10 +518,12 @@ sshkey_new(int type) |
|
1794 /* Cannot do anything until we know the group */ |
|
1795 break; |
|
1796 #endif /* WITH_OPENSSL */ |
|
1797 +#ifndef WITHOUT_ED25519 |
|
1798 case KEY_ED25519: |
|
1799 case KEY_ED25519_CERT: |
|
1800 /* no need to prealloc */ |
|
1801 break; |
|
1802 +#endif /* WITHOUT_ED25519 */ |
|
1803 case KEY_UNSPEC: |
|
1804 break; |
|
1805 default: |
|
1806 @@ -558,10 +570,12 @@ sshkey_add_private(struct sshkey *k) |
|
1807 /* Cannot do anything until we know the group */ |
|
1808 break; |
|
1809 #endif /* WITH_OPENSSL */ |
|
1810 +#ifndef WITHOUT_ED25519 |
|
1811 case KEY_ED25519: |
|
1812 case KEY_ED25519_CERT: |
|
1813 /* no need to prealloc */ |
|
1814 break; |
|
1815 +#endif /* WITHOUT_ED25519 */ |
|
1816 case KEY_UNSPEC: |
|
1817 break; |
|
1818 default: |
|
1819 @@ -613,6 +627,7 @@ sshkey_free(struct sshkey *k) |
|
1820 break; |
|
1821 # endif /* OPENSSL_HAS_ECC */ |
|
1822 #endif /* WITH_OPENSSL */ |
|
1823 +#ifndef WITHOUT_ED25519 |
|
1824 case KEY_ED25519: |
|
1825 case KEY_ED25519_CERT: |
|
1826 if (k->ed25519_pk) { |
|
1827 @@ -626,6 +641,7 @@ sshkey_free(struct sshkey *k) |
|
1828 k->ed25519_sk = NULL; |
|
1829 } |
|
1830 break; |
|
1831 +#endif /* WITHOUT_ED25519 */ |
|
1832 case KEY_UNSPEC: |
|
1833 break; |
|
1834 default: |
|
1835 @@ -703,10 +719,12 @@ sshkey_equal_public(const struct sshkey |
|
1836 return 1; |
|
1837 # endif /* OPENSSL_HAS_ECC */ |
|
1838 #endif /* WITH_OPENSSL */ |
|
1839 +#ifndef WITHOUT_ED25519 |
|
1840 case KEY_ED25519: |
|
1841 case KEY_ED25519_CERT: |
|
1842 return a->ed25519_pk != NULL && b->ed25519_pk != NULL && |
|
1843 memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0; |
|
1844 +#endif /* WITHOUT_ED25519 */ |
|
1845 default: |
|
1846 return 0; |
|
1847 } |
|
1848 @@ -749,7 +767,9 @@ to_blob_buf(const struct sshkey *key, st |
|
1849 case KEY_ECDSA_CERT: |
|
1850 case KEY_RSA_CERT: |
|
1851 #endif /* WITH_OPENSSL */ |
|
1852 +#ifndef WITHOUT_ED25519 |
|
1853 case KEY_ED25519_CERT: |
|
1854 +#endif /* WITHOUT_ED25519 */ |
|
1855 /* Use the existing blob */ |
|
1856 /* XXX modified flag? */ |
|
1857 if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0) |
|
1858 @@ -786,6 +806,7 @@ to_blob_buf(const struct sshkey *key, st |
|
1859 return ret; |
|
1860 break; |
|
1861 #endif /* WITH_OPENSSL */ |
|
1862 +#ifndef WITHOUT_ED25519 |
|
1863 case KEY_ED25519: |
|
1864 if (key->ed25519_pk == NULL) |
|
1865 return SSH_ERR_INVALID_ARGUMENT; |
|
1866 @@ -794,6 +815,7 @@ to_blob_buf(const struct sshkey *key, st |
|
1867 key->ed25519_pk, ED25519_PK_SZ)) != 0) |
|
1868 return ret; |
|
1869 break; |
|
1870 +#endif /* WITHOUT_ED25519 */ |
|
1871 default: |
|
1872 return SSH_ERR_KEY_TYPE_UNKNOWN; |
|
1873 } |
|
1874 @@ -1267,11 +1289,13 @@ sshkey_read(struct sshkey *ret, char **c |
|
1875 case KEY_RSA: |
|
1876 case KEY_DSA: |
|
1877 case KEY_ECDSA: |
|
1878 - case KEY_ED25519: |
|
1879 +#ifndef WITHOUT_ED25519 |
|
1880 + case KEY_ED25519: |
|
1881 + case KEY_ED25519_CERT: |
|
1882 +#endif /* WITHOUT_ED25519 */ |
|
1883 case KEY_DSA_CERT: |
|
1884 case KEY_ECDSA_CERT: |
|
1885 case KEY_RSA_CERT: |
|
1886 - case KEY_ED25519_CERT: |
|
1887 space = strchr(cp, ' '); |
|
1888 if (space == NULL) |
|
1889 return SSH_ERR_INVALID_FORMAT; |
|
1890 @@ -1363,6 +1387,7 @@ sshkey_read(struct sshkey *ret, char **c |
|
1891 } |
|
1892 # endif /* OPENSSL_HAS_ECC */ |
|
1893 #endif /* WITH_OPENSSL */ |
|
1894 +#ifndef WITHOUT_ED25519 |
|
1895 if (sshkey_type_plain(ret->type) == KEY_ED25519) { |
|
1896 free(ret->ed25519_pk); |
|
1897 ret->ed25519_pk = k->ed25519_pk; |
|
1898 @@ -1371,6 +1396,7 @@ sshkey_read(struct sshkey *ret, char **c |
|
1899 /* XXX */ |
|
1900 #endif |
|
1901 } |
|
1902 +#endif /* WITHOUT_ED25519 */ |
|
1903 retval = 0; |
|
1904 /*XXXX*/ |
|
1905 sshkey_free(k); |
|
1906 @@ -1662,7 +1688,8 @@ sshkey_generate(int type, u_int bits, st |
|
1907 if ((k = sshkey_new(KEY_UNSPEC)) == NULL) |
|
1908 return SSH_ERR_ALLOC_FAIL; |
|
1909 switch (type) { |
|
1910 - case KEY_ED25519: |
|
1911 +#ifndef WITHOUT_ED25519 |
|
1912 + case KEY_ED25519: |
|
1913 if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL || |
|
1914 (k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) { |
|
1915 ret = SSH_ERR_ALLOC_FAIL; |
|
1916 @@ -1671,6 +1698,7 @@ sshkey_generate(int type, u_int bits, st |
|
1917 crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk); |
|
1918 ret = 0; |
|
1919 break; |
|
1920 +#endif /* WITHOUT_ED25519 */ |
|
1921 #ifdef WITH_OPENSSL |
|
1922 case KEY_DSA: |
|
1923 ret = dsa_generate_private_key(bits, &k->dsa); |
|
1924 @@ -1806,6 +1834,7 @@ sshkey_from_private(const struct sshkey |
|
1925 } |
|
1926 break; |
|
1927 #endif /* WITH_OPENSSL */ |
|
1928 +#ifndef WITHOUT_ED25519 |
|
1929 case KEY_ED25519: |
|
1930 case KEY_ED25519_CERT: |
|
1931 if ((n = sshkey_new(k->type)) == NULL) |
|
1932 @@ -1818,6 +1847,7 @@ sshkey_from_private(const struct sshkey |
|
1933 memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); |
|
1934 } |
|
1935 break; |
|
1936 +#endif /* WITHOUT_ED25519 */ |
|
1937 default: |
|
1938 return SSH_ERR_KEY_TYPE_UNKNOWN; |
|
1939 } |
|
1940 @@ -2084,6 +2114,7 @@ sshkey_from_blob_internal(struct sshbuf |
|
1941 break; |
|
1942 # endif /* OPENSSL_HAS_ECC */ |
|
1943 #endif /* WITH_OPENSSL */ |
|
1944 +#ifndef WITHOUT_ED25519 |
|
1945 case KEY_ED25519_CERT: |
|
1946 /* Skip nonce */ |
|
1947 if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { |
|
1948 @@ -2105,6 +2136,7 @@ sshkey_from_blob_internal(struct sshbuf |
|
1949 key->ed25519_pk = pk; |
|
1950 pk = NULL; |
|
1951 break; |
|
1952 +#endif /* WITHOUT_ED25519 */ |
|
1953 case KEY_UNSPEC: |
|
1954 if ((key = sshkey_new(type)) == NULL) { |
|
1955 ret = SSH_ERR_ALLOC_FAIL; |
|
1956 @@ -2197,9 +2229,11 @@ sshkey_sign(const struct sshkey *key, |
|
1957 case KEY_RSA: |
|
1958 return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat); |
|
1959 #endif /* WITH_OPENSSL */ |
|
1960 +#ifndef WITHOUT_ED25519 |
|
1961 case KEY_ED25519: |
|
1962 case KEY_ED25519_CERT: |
|
1963 return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat); |
|
1964 +#endif /* WITHOUT_ED25519 */ |
|
1965 default: |
|
1966 return SSH_ERR_KEY_TYPE_UNKNOWN; |
|
1967 } |
|
1968 @@ -2229,9 +2263,11 @@ sshkey_verify(const struct sshkey *key, |
|
1969 case KEY_RSA: |
|
1970 return ssh_rsa_verify(key, sig, siglen, data, dlen, compat); |
|
1971 #endif /* WITH_OPENSSL */ |
|
1972 +#ifndef WITHOUT_ED25519 |
|
1973 case KEY_ED25519: |
|
1974 case KEY_ED25519_CERT: |
|
1975 return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); |
|
1976 +#endif /* WITHOUT_ED25519 */ |
|
1977 default: |
|
1978 return SSH_ERR_KEY_TYPE_UNKNOWN; |
|
1979 } |
|
1980 @@ -2255,8 +2291,10 @@ sshkey_demote(const struct sshkey *k, st |
|
1981 pk->dsa = NULL; |
|
1982 pk->ecdsa = NULL; |
|
1983 pk->rsa = NULL; |
|
1984 +#ifndef WITHOUT_ED25519 |
|
1985 pk->ed25519_pk = NULL; |
|
1986 pk->ed25519_sk = NULL; |
|
1987 +#endif /* WITHOUT_ED25519 */ |
|
1988 |
|
1989 switch (k->type) { |
|
1990 #ifdef WITH_OPENSSL |
|
1991 @@ -2306,6 +2344,7 @@ sshkey_demote(const struct sshkey *k, st |
|
1992 break; |
|
1993 # endif /* OPENSSL_HAS_ECC */ |
|
1994 #endif /* WITH_OPENSSL */ |
|
1995 +#ifndef WITHOUT_ED25519 |
|
1996 case KEY_ED25519_CERT: |
|
1997 if ((ret = sshkey_cert_copy(k, pk)) != 0) |
|
1998 goto fail; |
|
1999 @@ -2319,6 +2358,7 @@ sshkey_demote(const struct sshkey *k, st |
|
2000 memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); |
|
2001 } |
|
2002 break; |
|
2003 +#endif /* WITHOUT_ED25519 */ |
|
2004 default: |
|
2005 ret = SSH_ERR_KEY_TYPE_UNKNOWN; |
|
2006 fail: |
|
2007 @@ -2347,9 +2387,11 @@ sshkey_to_certified(struct sshkey *k) |
|
2008 newtype = KEY_ECDSA_CERT; |
|
2009 break; |
|
2010 #endif /* WITH_OPENSSL */ |
|
2011 +#ifndef WITHOUT_ED25519 |
|
2012 case KEY_ED25519: |
|
2013 newtype = KEY_ED25519_CERT; |
|
2014 break; |
|
2015 +#endif /* WITHOUT_ED25519 */ |
|
2016 default: |
|
2017 return SSH_ERR_INVALID_ARGUMENT; |
|
2018 } |
|
2019 @@ -2428,11 +2470,13 @@ sshkey_certify(struct sshkey *k, struct |
|
2020 goto out; |
|
2021 break; |
|
2022 #endif /* WITH_OPENSSL */ |
|
2023 +#ifndef WITHOUT_ED25519 |
|
2024 case KEY_ED25519_CERT: |
|
2025 if ((ret = sshbuf_put_string(cert, |
|
2026 k->ed25519_pk, ED25519_PK_SZ)) != 0) |
|
2027 goto out; |
|
2028 break; |
|
2029 +#endif /* WITHOUT_ED25519 */ |
|
2030 default: |
|
2031 ret = SSH_ERR_INVALID_ARGUMENT; |
|
2032 goto out; |
|
2033 @@ -2607,6 +2651,7 @@ sshkey_private_serialize(const struct ss |
|
2034 break; |
|
2035 # endif /* OPENSSL_HAS_ECC */ |
|
2036 #endif /* WITH_OPENSSL */ |
|
2037 +#ifndef WITHOUT_ED25519 |
|
2038 case KEY_ED25519: |
|
2039 if ((r = sshbuf_put_string(b, key->ed25519_pk, |
|
2040 ED25519_PK_SZ)) != 0 || |
|
2041 @@ -2626,6 +2671,7 @@ sshkey_private_serialize(const struct ss |
|
2042 ED25519_SK_SZ)) != 0) |
|
2043 goto out; |
|
2044 break; |
|
2045 +#endif /* WITHOUT_ED25519 */ |
|
2046 default: |
|
2047 r = SSH_ERR_INVALID_ARGUMENT; |
|
2048 goto out; |
|
2049 @@ -2750,6 +2796,7 @@ sshkey_private_deserialize(struct sshbuf |
|
2050 goto out; |
|
2051 break; |
|
2052 #endif /* WITH_OPENSSL */ |
|
2053 +#ifndef WITHOUT_ED25519 |
|
2054 case KEY_ED25519: |
|
2055 if ((k = sshkey_new_private(type)) == NULL) { |
|
2056 r = SSH_ERR_ALLOC_FAIL; |
|
2057 @@ -2780,6 +2827,7 @@ sshkey_private_deserialize(struct sshbuf |
|
2058 k->ed25519_sk = ed25519_sk; |
|
2059 ed25519_pk = ed25519_sk = NULL; |
|
2060 break; |
|
2061 +#endif /* WITHOUT_ED25519 */ |
|
2062 default: |
|
2063 r = SSH_ERR_KEY_TYPE_UNKNOWN; |
|
2064 goto out; |
|
2065 @@ -3545,9 +3593,11 @@ sshkey_private_to_fileblob(struct sshkey |
|
2066 return sshkey_private_pem_to_blob(key, blob, |
|
2067 passphrase, comment); |
|
2068 #endif /* WITH_OPENSSL */ |
|
2069 +#ifndef WITHOUT_ED25519 |
|
2070 case KEY_ED25519: |
|
2071 return sshkey_private_to_blob2(key, blob, passphrase, |
|
2072 comment, new_format_cipher, new_format_rounds); |
|
2073 +#endif /* WITHOUT_ED25519 */ |
|
2074 default: |
|
2075 return SSH_ERR_KEY_TYPE_UNKNOWN; |
|
2076 } |
|
2077 @@ -3853,9 +3903,11 @@ sshkey_parse_private_fileblob_type(struc |
|
2078 return sshkey_parse_private_pem_fileblob(blob, type, |
|
2079 passphrase, keyp); |
|
2080 #endif /* WITH_OPENSSL */ |
|
2081 +#ifndef WITHOUT_ED25519 |
|
2082 case KEY_ED25519: |
|
2083 return sshkey_parse_private2(blob, type, passphrase, |
|
2084 keyp, commentp); |
|
2085 +#endif /* WITHOUT_ED25519 */ |
|
2086 case KEY_UNSPEC: |
|
2087 if ((r = sshkey_parse_private2(blob, type, passphrase, keyp, |
|
2088 commentp)) == 0) |
|
2089 diff -pur old/sshkey.h new/sshkey.h |
|
2090 --- old/sshkey.h |
|
2091 +++ new/sshkey.h |
|
2092 @@ -57,11 +57,15 @@ enum sshkey_types { |
|
2093 KEY_RSA, |
|
2094 KEY_DSA, |
|
2095 KEY_ECDSA, |
|
2096 - KEY_ED25519, |
|
2097 +#ifndef WITHOUT_ED25519 |
|
2098 + KEY_ED25519, |
|
2099 +#endif /* WITHOUT_ED25519 */ |
|
2100 KEY_RSA_CERT, |
|
2101 KEY_DSA_CERT, |
|
2102 KEY_ECDSA_CERT, |
|
2103 +#ifndef WITHOUT_ED25519 |
|
2104 KEY_ED25519_CERT, |
|
2105 +#endif /* WITHOUT_ED25519 */ |
|
2106 KEY_NULL, |
|
2107 KEY_UNSPEC |
|
2108 }; |
|
2109 @@ -104,13 +108,17 @@ struct sshkey { |
|
2110 DSA *dsa; |
|
2111 int ecdsa_nid; /* NID of curve */ |
|
2112 EC_KEY *ecdsa; |
|
2113 +#ifndef WITHOUT_ED25519 |
|
2114 u_char *ed25519_sk; |
|
2115 u_char *ed25519_pk; |
|
2116 +#endif /* WITHOUT_ED25519 */ |
|
2117 struct sshkey_cert *cert; |
|
2118 }; |
|
2119 |
|
2120 +#ifndef WITHOUT_ED25519 |
|
2121 #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES |
|
2122 #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES |
|
2123 +#endif /* WITHOUT_ED25519 */ |
|
2124 |
|
2125 struct sshkey *sshkey_new(int); |
|
2126 int sshkey_add_private(struct sshkey *); |
|
2127 @@ -208,11 +216,13 @@ int ssh_ecdsa_sign(const struct sshkey * |
|
2128 int ssh_ecdsa_verify(const struct sshkey *key, |
|
2129 const u_char *signature, size_t signaturelen, |
|
2130 const u_char *data, size_t datalen, u_int compat); |
|
2131 +#ifndef WITHOUT_ED25519 |
|
2132 int ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, |
|
2133 const u_char *data, size_t datalen, u_int compat); |
|
2134 int ssh_ed25519_verify(const struct sshkey *key, |
|
2135 const u_char *signature, size_t signaturelen, |
|
2136 const u_char *data, size_t datalen, u_int compat); |
|
2137 +#endif /* WITHOUT_ED25519 */ |
|
2138 #endif |
|
2139 |
|
2140 #if !defined(WITH_OPENSSL) |