Mercurial > dropbear
annotate options.h @ 1855:35d504d59c05
Implement server-side support for sk-ecdsa U2F-backed keys (#142)
* Implement server-side support for sk-ecdsa U2F-backed keys
* Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys
* Fix one more potential out-of-bounds read
* Check if nistp256 curve is used in sk-ecdsa-sha2- key
It's the only allowed curve per PROTOCOL.u2f specification
* Implement server-side support for sk-ed25519 FIDO2-backed keys
* Keys with type sk-* make no sense as host keys, so they should be
disabled
* fix typo
* Make sk-ecdsa call buf_ecdsa_verify
This reduces code duplication, the SK code just handles the
different message format.
* Reduce sk specific code
The application id can be stored in signkey, then we don't need
to call sk-specific functions from svr-authpubkey
* Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled
* Proper cleanup of sk_app
Co-authored-by: Matt Johnston <[email protected]>
author | egor-duda <egor-duda@users.noreply.github.com> |
---|---|
date | Sat, 22 Jan 2022 16:53:04 +0300 |
parents | 2fd52c383163 |
children |
rev | line source |
---|---|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
1 #ifndef DROPBEAR_OPTIONS_H |
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
2 #define DROPBEAR_OPTIONS_H |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
4 /* |
1438
4f8eb331174f
add configuration option for default RSA size.
Matt Johnston <matt@ucc.asn.au>
parents:
1295
diff
changeset
|
5 > > > Don't edit this file any more! < < < |
4f8eb331174f
add configuration option for default RSA size.
Matt Johnston <matt@ucc.asn.au>
parents:
1295
diff
changeset
|
6 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
7 Local compile-time configuration should be defined in localoptions.h |
1565
2fd52c383163
mention localoptions.h being build directory, fix underscore in CHANGES
Matt Johnston <matt@ucc.asn.au>
parents:
1521
diff
changeset
|
8 in the build directory. |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
9 See default_options.h.in for a description of the available options. |
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
10 */ |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
291
diff
changeset
|
11 |
1515
d68d61e7056a
include config.h for options.h. don't need to include options.h when
Matt Johnston <matt@ucc.asn.au>
parents:
1438
diff
changeset
|
12 /* Some configuration options or checks depend on system config */ |
d68d61e7056a
include config.h for options.h. don't need to include options.h when
Matt Johnston <matt@ucc.asn.au>
parents:
1438
diff
changeset
|
13 #include "config.h" |
d68d61e7056a
include config.h for options.h. don't need to include options.h when
Matt Johnston <matt@ucc.asn.au>
parents:
1438
diff
changeset
|
14 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
15 #ifdef LOCALOPTIONS_H_EXISTS |
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
16 #include "localoptions.h" |
795 | 17 #endif |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 |
1521
198e2ee0f4b1
- Fix dependencies and remove old default_options.h from version control
Matt Johnston <matt@ucc.asn.au>
parents:
1515
diff
changeset
|
19 /* default_options.h is processed to add #ifndef guards */ |
198e2ee0f4b1
- Fix dependencies and remove old default_options.h from version control
Matt Johnston <matt@ucc.asn.au>
parents:
1515
diff
changeset
|
20 #include "default_options_guard.h" |
555
daf52f813328
- Add option to change zlib windowBits/memLevel
Matt Johnston <matt@ucc.asn.au>
parents:
554
diff
changeset
|
21 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
22 /* Some other defines that mostly should be left alone are defined |
499
f3ca5ebc319a
Split options.h out into sysoptions.h for options that aren't usually
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
23 * in sysoptions.h */ |
f3ca5ebc319a
Split options.h out into sysoptions.h for options that aren't usually
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
24 #include "sysoptions.h" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
26 #endif /* DROPBEAR_OPTIONS_H */ |