forked from rpms/openssh
Update to latest version of URI patch passing the new tests + rebase to 7.7
This commit is contained in:
parent
273086d13a
commit
af10de8f01
@ -2498,9 +2498,9 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
|
||||
int (*orig_finish)(RSA *rsa);
|
||||
- RSA_METHOD rsa_method;
|
||||
+ RSA_METHOD *rsa_method;
|
||||
char *label;
|
||||
char *keyid;
|
||||
int keyid_len;
|
||||
char *label;
|
||||
@@ -183,6 +183,7 @@ pkcs11_rsa_finish(RSA *rsa)
|
||||
pkcs11_provider_unref(k11->provider);
|
||||
free(k11->keyid);
|
||||
@ -2544,8 +2544,8 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
|
||||
CK_FUNCTION_LIST *f;
|
||||
+ const BIGNUM *n, *e;
|
||||
|
||||
f = p->function_list;
|
||||
session = p->slotinfo[slotidx].session;
|
||||
f = p->module->function_list;
|
||||
session = p->module->slotinfo[slotidx].session;
|
||||
@@ -512,10 +521,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
||||
if ((rsa = RSA_new()) == NULL) {
|
||||
error("RSA_new failed");
|
||||
|
@ -155,7 +155,7 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
||||
+ CK_ULONG key_type;
|
||||
int (*orig_finish)(RSA *rsa);
|
||||
RSA_METHOD rsa_method;
|
||||
char *label;
|
||||
char *keyid;
|
||||
@@ -75,6 +85,9 @@ struct pkcs11_key {
|
||||
};
|
||||
|
||||
@ -217,8 +217,8 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
||||
key_filter[0].pValue = &private_key_class;
|
||||
@@ -326,33 +372,8 @@ pkcs11_rsa_private_encrypt(int flen, con
|
||||
}
|
||||
f = k11->provider->function_list;
|
||||
si = &k11->provider->slotinfo[k11->slotidx];
|
||||
f = k11->provider->module->function_list;
|
||||
si = &k11->provider->module->slotinfo[k11->slotidx];
|
||||
- if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) {
|
||||
- if (!pkcs11_interactive) {
|
||||
- error("need pin entry%s", (si->token.flags &
|
||||
@ -300,8 +300,8 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
||||
+ error("no pkcs11 (valid) provider for ecdsa %p", ecdsa);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ f = k11->provider->function_list;
|
||||
+ si = &k11->provider->slotinfo[k11->slotidx];
|
||||
+ f = k11->provider->module->function_list;
|
||||
+ si = &k11->provider->module->slotinfo[k11->slotidx];
|
||||
+ if(pkcs11_login(k11, f, si)) {
|
||||
+ return NULL;
|
||||
+ }
|
||||
@ -595,7 +595,7 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
||||
cp = attribs[3].pValue;
|
||||
if ((x509 = X509_new()) == NULL) {
|
||||
@@ -639,13 +879,28 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
||||
X509_free(x509);
|
||||
X509_free(x509);
|
||||
EVP_PKEY_free(evp);
|
||||
}
|
||||
- if (rsa && rsa->n && rsa->e &&
|
||||
@ -666,13 +666,13 @@ diff -up openssh-7.6p1/ssh-pkcs11-helper.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11
|
||||
if (!strcmp(ki->providername, name)) {
|
||||
TAILQ_REMOVE(&pkcs11_keylist, ki, next);
|
||||
free(ki->providername);
|
||||
- key_free(ki->key);
|
||||
- sshkey_free(ki->key);
|
||||
+ pkcs11_del_key(ki->key);
|
||||
free(ki);
|
||||
}
|
||||
}
|
||||
@@ -164,6 +174,20 @@ process_del(void)
|
||||
buffer_free(&msg);
|
||||
sshbuf_free(msg);
|
||||
}
|
||||
|
||||
+#ifdef ENABLE_PKCS11_ECDSA
|
||||
@ -693,7 +693,7 @@ diff -up openssh-7.6p1/ssh-pkcs11-helper.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11
|
||||
process_sign(void)
|
||||
{
|
||||
@@ -180,14 +204,38 @@ process_sign(void)
|
||||
if ((key = key_from_blob(blob, blen)) != NULL) {
|
||||
else {
|
||||
if ((found = lookup_key(key)) != NULL) {
|
||||
#ifdef WITH_OPENSSL
|
||||
- int ret;
|
||||
@ -790,5 +790,5 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.old openssh-7.6p1/ssh-pkcs11.c
|
||||
+ break;
|
||||
+ }
|
||||
}
|
||||
if (x509)
|
||||
X509_free(x509);
|
||||
X509_free(x509);
|
||||
EVP_PKEY_free(evp);
|
||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user