Update to latest version of URI patch passing the new tests + rebase to 7.7
This commit is contained in:
Jakub Jelen
parent
273086d13a
commit
af10de8f01
@ -2498,9 +2498,9 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
|
|||||||
int (*orig_finish)(RSA *rsa);
|
int (*orig_finish)(RSA *rsa);
|
||||||
- RSA_METHOD rsa_method;
|
- RSA_METHOD rsa_method;
|
||||||
+ RSA_METHOD *rsa_method;
|
+ RSA_METHOD *rsa_method;
|
||||||
char *label;
|
|
||||||
char *keyid;
|
char *keyid;
|
||||||
int keyid_len;
|
int keyid_len;
|
||||||
|
char *label;
|
||||||
@@ -183,6 +183,7 @@ pkcs11_rsa_finish(RSA *rsa)
|
@@ -183,6 +183,7 @@ pkcs11_rsa_finish(RSA *rsa)
|
||||||
pkcs11_provider_unref(k11->provider);
|
pkcs11_provider_unref(k11->provider);
|
||||||
free(k11->keyid);
|
free(k11->keyid);
|
||||||
@ -2544,8 +2544,8 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
|
|||||||
CK_FUNCTION_LIST *f;
|
CK_FUNCTION_LIST *f;
|
||||||
+ const BIGNUM *n, *e;
|
+ const BIGNUM *n, *e;
|
||||||
|
|
||||||
f = p->function_list;
|
f = p->module->function_list;
|
||||||
session = p->slotinfo[slotidx].session;
|
session = p->module->slotinfo[slotidx].session;
|
||||||
@@ -512,10 +521,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
@@ -512,10 +521,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
||||||
if ((rsa = RSA_new()) == NULL) {
|
if ((rsa = RSA_new()) == NULL) {
|
||||||
error("RSA_new failed");
|
error("RSA_new failed");
|
||||||
|
|||||||
@ -155,7 +155,7 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
|||||||
+ CK_ULONG key_type;
|
+ CK_ULONG key_type;
|
||||||
int (*orig_finish)(RSA *rsa);
|
int (*orig_finish)(RSA *rsa);
|
||||||
RSA_METHOD rsa_method;
|
RSA_METHOD rsa_method;
|
||||||
char *label;
|
char *keyid;
|
||||||
@@ -75,6 +85,9 @@ struct pkcs11_key {
|
@@ -75,6 +85,9 @@ struct pkcs11_key {
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -217,8 +217,8 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
|||||||
key_filter[0].pValue = &private_key_class;
|
key_filter[0].pValue = &private_key_class;
|
||||||
@@ -326,33 +372,8 @@ pkcs11_rsa_private_encrypt(int flen, con
|
@@ -326,33 +372,8 @@ pkcs11_rsa_private_encrypt(int flen, con
|
||||||
}
|
}
|
||||||
f = k11->provider->function_list;
|
f = k11->provider->module->function_list;
|
||||||
si = &k11->provider->slotinfo[k11->slotidx];
|
si = &k11->provider->module->slotinfo[k11->slotidx];
|
||||||
- if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) {
|
- if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) {
|
||||||
- if (!pkcs11_interactive) {
|
- if (!pkcs11_interactive) {
|
||||||
- error("need pin entry%s", (si->token.flags &
|
- error("need pin entry%s", (si->token.flags &
|
||||||
@ -300,8 +300,8 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
|||||||
+ error("no pkcs11 (valid) provider for ecdsa %p", ecdsa);
|
+ error("no pkcs11 (valid) provider for ecdsa %p", ecdsa);
|
||||||
+ return NULL;
|
+ return NULL;
|
||||||
+ }
|
+ }
|
||||||
+ f = k11->provider->function_list;
|
+ f = k11->provider->module->function_list;
|
||||||
+ si = &k11->provider->slotinfo[k11->slotidx];
|
+ si = &k11->provider->module->slotinfo[k11->slotidx];
|
||||||
+ if(pkcs11_login(k11, f, si)) {
|
+ if(pkcs11_login(k11, f, si)) {
|
||||||
+ return NULL;
|
+ return NULL;
|
||||||
+ }
|
+ }
|
||||||
@ -595,7 +595,7 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11.c
|
|||||||
cp = attribs[3].pValue;
|
cp = attribs[3].pValue;
|
||||||
if ((x509 = X509_new()) == NULL) {
|
if ((x509 = X509_new()) == NULL) {
|
||||||
@@ -639,13 +879,28 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
@@ -639,13 +879,28 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
EVP_PKEY_free(evp);
|
EVP_PKEY_free(evp);
|
||||||
}
|
}
|
||||||
- if (rsa && rsa->n && rsa->e &&
|
- if (rsa && rsa->n && rsa->e &&
|
||||||
@ -666,13 +666,13 @@ diff -up openssh-7.6p1/ssh-pkcs11-helper.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11
|
|||||||
if (!strcmp(ki->providername, name)) {
|
if (!strcmp(ki->providername, name)) {
|
||||||
TAILQ_REMOVE(&pkcs11_keylist, ki, next);
|
TAILQ_REMOVE(&pkcs11_keylist, ki, next);
|
||||||
free(ki->providername);
|
free(ki->providername);
|
||||||
- key_free(ki->key);
|
- sshkey_free(ki->key);
|
||||||
+ pkcs11_del_key(ki->key);
|
+ pkcs11_del_key(ki->key);
|
||||||
free(ki);
|
free(ki);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -164,6 +174,20 @@ process_del(void)
|
@@ -164,6 +174,20 @@ process_del(void)
|
||||||
buffer_free(&msg);
|
sshbuf_free(msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
+#ifdef ENABLE_PKCS11_ECDSA
|
+#ifdef ENABLE_PKCS11_ECDSA
|
||||||
@ -693,7 +693,7 @@ diff -up openssh-7.6p1/ssh-pkcs11-helper.c.pkcs11-ecdsa openssh-7.6p1/ssh-pkcs11
|
|||||||
process_sign(void)
|
process_sign(void)
|
||||||
{
|
{
|
||||||
@@ -180,14 +204,38 @@ process_sign(void)
|
@@ -180,14 +204,38 @@ process_sign(void)
|
||||||
if ((key = key_from_blob(blob, blen)) != NULL) {
|
else {
|
||||||
if ((found = lookup_key(key)) != NULL) {
|
if ((found = lookup_key(key)) != NULL) {
|
||||||
#ifdef WITH_OPENSSL
|
#ifdef WITH_OPENSSL
|
||||||
- int ret;
|
- int ret;
|
||||||
@ -790,5 +790,5 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.old openssh-7.6p1/ssh-pkcs11.c
|
|||||||
+ break;
|
+ break;
|
||||||
+ }
|
+ }
|
||||||
}
|
}
|
||||||
if (x509)
|
X509_free(x509);
|
||||||
X509_free(x509);
|
EVP_PKEY_free(evp);
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user