From 7f8ae3c2ab900bac01617ecfa363936de427ea43 Mon Sep 17 00:00:00 2001 From: markus Date: Wed, 11 Jul 2018 18:53:29 +0000 Subject: [PATCH] remove legacy key emulation layer; ok djm@ --- usr.bin/ssh/auth2.c | 4 +- usr.bin/ssh/channels.c | 4 +- usr.bin/ssh/clientloop.c | 4 +- usr.bin/ssh/kex.h | 3 +- usr.bin/ssh/key.c | 234 --------------------------------- usr.bin/ssh/key.h | 69 ---------- usr.bin/ssh/monitor.c | 15 ++- usr.bin/ssh/monitor_wrap.c | 17 +-- usr.bin/ssh/monitor_wrap.h | 6 +- usr.bin/ssh/mux.c | 4 +- usr.bin/ssh/servconf.c | 4 +- usr.bin/ssh/serverloop.c | 4 +- usr.bin/ssh/session.c | 4 +- usr.bin/ssh/ssh-agent/Makefile | 4 +- usr.bin/ssh/ssh.c | 135 +++++++++++-------- usr.bin/ssh/ssh/Makefile | 4 +- usr.bin/ssh/sshconnect.c | 12 +- usr.bin/ssh/sshconnect2.c | 12 +- usr.bin/ssh/sshd.c | 69 +++++----- usr.bin/ssh/sshd/Makefile | 4 +- 20 files changed, 167 insertions(+), 445 deletions(-) delete mode 100644 usr.bin/ssh/key.c delete mode 100644 usr.bin/ssh/key.h diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c index b43f503c7ba..c84f9214d84 100644 --- a/usr.bin/ssh/auth2.c +++ b/usr.bin/ssh/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.148 2018/07/09 21:35:50 markus Exp $ */ +/* $OpenBSD: auth2.c,v 1.149 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -44,7 +44,7 @@ #include "misc.h" #include "servconf.h" #include "compat.h" -#include "key.h" +#include "sshkey.h" #include "hostfile.h" #include "auth.h" #include "dispatch.h" diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index b7d99d05cef..4b22e179a85 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.382 2018/06/25 22:28:33 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.383 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -73,7 +73,7 @@ #include "channels.h" #include "compat.h" #include "canohost.h" -#include "key.h" +#include "sshkey.h" #include "authfd.h" #include "pathnames.h" #include "match.h" diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 80d94720a60..8794874b0d5 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.316 2018/07/09 21:20:26 markus Exp $ */ +/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -87,7 +87,7 @@ #include "compat.h" #include "channels.h" #include "dispatch.h" -#include "key.h" +#include "sshkey.h" #include "cipher.h" #include "kex.h" #include "myproposal.h" diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index b6808f79b99..a738c26de55 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.90 2018/07/10 09:36:58 sf Exp $ */ +/* $OpenBSD: kex.h,v 1.91 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -27,7 +27,6 @@ #define KEX_H #include "mac.h" -#include "key.h" /* XXX for typedef */ #ifdef WITH_LEAKMALLOC #include "leakmalloc.h" diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c deleted file mode 100644 index 9fae701c450..00000000000 --- a/usr.bin/ssh/key.c +++ /dev/null @@ -1,234 +0,0 @@ -/* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */ -/* - * placed in the public domain - */ - -#include -#include -#include -#include -#include - -#define SSH_KEY_NO_DEFINE -#include "key.h" - -#include "compat.h" -#include "sshkey.h" -#include "ssherr.h" -#include "log.h" -#include "authfile.h" - -static void -fatal_on_fatal_errors(int r, const char *func, int extra_fatal) -{ - if (r == SSH_ERR_INTERNAL_ERROR || - r == SSH_ERR_ALLOC_FAIL || - (extra_fatal != 0 && r == extra_fatal)) - fatal("%s: %s", func, ssh_err(r)); -} - -Key * -key_from_blob(const u_char *blob, u_int blen) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_from_blob(blob, blen, &ret)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} - -int -key_to_blob(const Key *key, u_char **blobp, u_int *lenp) -{ - u_char *blob; - size_t blen; - int r; - - if (blobp != NULL) - *blobp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return 0; - } - if (blen > INT_MAX) - fatal("%s: giant len %zu", __func__, blen); - if (blobp != NULL) - *blobp = blob; - if (lenp != NULL) - *lenp = blen; - return blen; -} - -int -key_sign(const Key *key, u_char **sigp, u_int *lenp, - const u_char *data, u_int datalen, const char *alg) -{ - int r; - u_char *sig; - size_t siglen; - - if (sigp != NULL) - *sigp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshkey_sign(key, &sig, &siglen, - data, datalen, alg, datafellows)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - if (siglen > INT_MAX) - fatal("%s: giant len %zu", __func__, siglen); - if (sigp != NULL) - *sigp = sig; - if (lenp != NULL) - *lenp = siglen; - return 0; -} - -Key * -key_demote(const Key *k) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_demote(k, &ret)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); - return ret; -} - -int -key_drop_cert(Key *k) -{ - int r; - - if ((r = sshkey_drop_cert(k)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} - -int -key_cert_check_authority(const Key *k, int want_host, int require_principal, - const char *name, const char **reason) -{ - int r; - - if ((r = sshkey_cert_check_authority(k, want_host, require_principal, - name, reason)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return -1; - } - return 0; -} - -/* authfile.c */ - -Key * -key_load_cert(const char *filename) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_cert(filename, &ret)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - /* Old authfile.c ignored all file errors. */ - if (r == SSH_ERR_SYSTEM_ERROR) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; - -} - -Key * -key_load_public(const char *filename, char **commentp) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_public(filename, &ret, commentp)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - /* Old authfile.c ignored all file errors. */ - if (r == SSH_ERR_SYSTEM_ERROR) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} - -Key * -key_load_private(const char *path, const char *passphrase, - char **commentp) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_private(path, passphrase, &ret, commentp)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - /* Old authfile.c ignored all file errors. */ - if (r == SSH_ERR_SYSTEM_ERROR || - r == SSH_ERR_KEY_WRONG_PASSPHRASE) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} - -Key * -key_load_private_cert(int type, const char *filename, const char *passphrase, - int *perm_ok) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_private_cert(type, filename, passphrase, - &ret, perm_ok)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - /* Old authfile.c ignored all file errors. */ - if (r == SSH_ERR_SYSTEM_ERROR || - r == SSH_ERR_KEY_WRONG_PASSPHRASE) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} - -Key * -key_load_private_type(int type, const char *filename, const char *passphrase, - char **commentp, int *perm_ok) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_private_type(type, filename, passphrase, - &ret, commentp, perm_ok)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - /* Old authfile.c ignored all file errors. */ - if (r == SSH_ERR_SYSTEM_ERROR || - (r == SSH_ERR_KEY_WRONG_PASSPHRASE)) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} diff --git a/usr.bin/ssh/key.h b/usr.bin/ssh/key.h deleted file mode 100644 index fd59cbf544d..00000000000 --- a/usr.bin/ssh/key.h +++ /dev/null @@ -1,69 +0,0 @@ -/* $OpenBSD: key.h,v 1.52 2017/12/18 02:25:15 djm Exp $ */ - -/* - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef KEY_H -#define KEY_H - -#include "sshkey.h" - -typedef struct sshkey Key; - -#define types sshkey_types -#define fp_type sshkey_fp_type -#define fp_rep sshkey_fp_rep - -#ifndef SSH_KEY_NO_DEFINE -#define key_free sshkey_free -#define key_equal_public sshkey_equal_public -#define key_equal sshkey_equal -#define key_type sshkey_type -#define key_ssh_name sshkey_ssh_name -#define key_ssh_name_plain sshkey_ssh_name_plain -#define key_type_from_name sshkey_type_from_name -#define key_is_cert sshkey_is_cert -#define key_type_plain sshkey_type_plain -#endif - -void key_free(Key *); -Key *key_demote(const Key *); - -int key_drop_cert(Key *); -int key_cert_check_authority(const Key *, int, int, const char *, - const char **); - -Key *key_from_blob(const u_char *, u_int); -int key_to_blob(const Key *, u_char **, u_int *); - -int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, - const char *); - -/* authfile.c */ -Key *key_load_cert(const char *); -Key *key_load_public(const char *, char **); -Key *key_load_private(const char *, const char *, char **); -Key *key_load_private_cert(int, const char *, const char *, int *); -Key *key_load_private_type(int, const char *, const char *, char **, int *); - -#endif diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index a2eb0499331..9e2c456f3d1 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.185 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -51,7 +51,7 @@ #include "atomicio.h" #include "xmalloc.h" #include "ssh.h" -#include "key.h" +#include "sshkey.h" #include "sshbuf.h" #include "hostfile.h" #include "auth.h" @@ -551,14 +551,15 @@ mm_answer_sign(int sock, struct sshbuf *m) char *alg = NULL; size_t datlen, siglen, alglen; int r, is_proof = 0; - u_int keyid; + u_int keyid, compat; const char proof_req[] = "hostkeys-prove-00@openssh.com"; debug3("%s", __func__); if ((r = sshbuf_get_u32(m, &keyid)) != 0 || (r = sshbuf_get_string(m, &p, &datlen)) != 0 || - (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) + (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0 || + (r = sshbuf_get_u32(m, &compat)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (keyid > INT_MAX) fatal("%s: invalid key ID", __func__); @@ -608,13 +609,13 @@ mm_answer_sign(int sock, struct sshbuf *m) if ((key = get_hostkey_by_index(keyid)) != NULL) { if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, - datafellows)) != 0) + compat)) != 0) fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && auth_sock > 0) { if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen, - p, datlen, alg, datafellows)) != 0) { + p, datlen, alg, compat)) != 0) { fatal("%s: ssh_agent_sign failed: %s", __func__, ssh_err(r)); } @@ -895,7 +896,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) if (key != NULL && authctxt->valid) { /* These should not make it past the privsep child */ - if (key_type_plain(key->type) == KEY_RSA && + if (sshkey_type_plain(key->type) == KEY_RSA && (datafellows & SSH_BUG_RSASIGMD5) != 0) fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); diff --git a/usr.bin/ssh/monitor_wrap.c b/usr.bin/ssh/monitor_wrap.c index 06c98e4b94d..c166baab2bf 100644 --- a/usr.bin/ssh/monitor_wrap.c +++ b/usr.bin/ssh/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.105 2018/07/10 09:36:58 sf Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.106 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -47,7 +47,7 @@ #include "dh.h" #endif #include "sshbuf.h" -#include "key.h" +#include "sshkey.h" #include "cipher.h" #include "kex.h" #include "hostfile.h" @@ -214,12 +214,11 @@ mm_choose_dh(int min, int nbits, int max) #endif int -mm_key_sign(struct sshkey *key, u_char **sigp, u_int *lenp, - const u_char *data, u_int datalen, const char *hostkey_alg) +mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat) { struct kex *kex = *pmonitor->m_pkex; struct sshbuf *m; - size_t xxxlen; u_int ndx = kex->host_key_index(key, 0, active_state); int r; @@ -229,18 +228,16 @@ mm_key_sign(struct sshkey *key, u_char **sigp, u_int *lenp, fatal("%s: sshbuf_new failed", __func__); if ((r = sshbuf_put_u32(m, ndx)) != 0 || (r = sshbuf_put_string(m, data, datalen)) != 0 || - (r = sshbuf_put_cstring(m, hostkey_alg)) != 0) + (r = sshbuf_put_cstring(m, hostkey_alg)) != 0 || + (r = sshbuf_put_u32(m, compat)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, m); debug3("%s: waiting for MONITOR_ANS_SIGN", __func__); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, m); - if ((r = sshbuf_get_string(m, sigp, &xxxlen)) != 0) + if ((r = sshbuf_get_string(m, sigp, lenp)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (xxxlen > 0xffffffff) - fatal("%s: bad length %zu", __func__, xxxlen); - *lenp = xxxlen; /* XXX fix API: size_t vs u_int */ sshbuf_free(m); return (0); diff --git a/usr.bin/ssh/monitor_wrap.h b/usr.bin/ssh/monitor_wrap.h index 9e4f202f674..09bddb97df7 100644 --- a/usr.bin/ssh/monitor_wrap.h +++ b/usr.bin/ssh/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.37 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.38 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright 2002 Niels Provos @@ -41,8 +41,8 @@ struct sshauthopt; void mm_log_handler(LogLevel, const char *, void *); int mm_is_monitor(void); DH *mm_choose_dh(int, int, int); -int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, - const char *); +int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, + const char *, u_int compat); void mm_inform_authserv(char *, char *); struct passwd *mm_getpwnamallow(const char *); char *mm_auth2_read_banner(void); diff --git a/usr.bin/ssh/mux.c b/usr.bin/ssh/mux.c index cdd1bf1b6aa..91b292cf3f9 100644 --- a/usr.bin/ssh/mux.c +++ b/usr.bin/ssh/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.73 2018/07/09 21:18:10 markus Exp $ */ +/* $OpenBSD: mux.c,v 1.74 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -63,7 +63,7 @@ #include "packet.h" #include "monitor_fdpass.h" #include "sshpty.h" -#include "key.h" +#include "sshkey.h" #include "readconf.h" #include "clientloop.h" #include "ssherr.h" diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 6d71c9825f7..73efd7f8b38 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.338 2018/07/09 21:29:36 markus Exp $ */ +/* $OpenBSD: servconf.c,v 1.339 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -42,7 +42,7 @@ #include "compat.h" #include "pathnames.h" #include "cipher.h" -#include "key.h" +#include "sshkey.h" #include "kex.h" #include "mac.h" #include "match.h" diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index e458c5178af..5f9c696bb87 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.207 2018/07/09 21:29:36 markus Exp $ */ +/* $OpenBSD: serverloop.c,v 1.208 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -63,7 +63,7 @@ #include "channels.h" #include "compat.h" #include "ssh2.h" -#include "key.h" +#include "sshkey.h" #include "cipher.h" #include "kex.h" #include "hostfile.h" diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index 0eb01cb9919..26cfb0cfb96 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.303 2018/07/09 21:26:02 markus Exp $ */ +/* $OpenBSD: session.c,v 1.304 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -66,7 +66,7 @@ #include "uidswap.h" #include "compat.h" #include "channels.h" -#include "key.h" +#include "sshkey.h" #include "cipher.h" #include "kex.h" #include "hostfile.h" diff --git a/usr.bin/ssh/ssh-agent/Makefile b/usr.bin/ssh/ssh-agent/Makefile index d8d5cb87ebf..17730f4be33 100644 --- a/usr.bin/ssh/ssh-agent/Makefile +++ b/usr.bin/ssh/ssh-agent/Makefile @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile,v 1.29 2018/07/09 21:56:06 markus Exp $ +# $OpenBSD: Makefile,v 1.30 2018/07/11 18:53:29 markus Exp $ .PATH: ${.CURDIR}/.. SRCS= ssh-agent.c ssh-pkcs11-client.c -SRCS+= atomicio.c compat.c fatal.c key.c readpass.c +SRCS+= atomicio.c compat.c fatal.c readpass.c SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL} PROG= ssh-agent BINOWN= root diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 10e1a98248b..6092752c4c6 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.482 2018/07/09 21:03:30 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.483 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -79,7 +79,7 @@ #include "packet.h" #include "sshbuf.h" #include "channels.h" -#include "key.h" +#include "sshkey.h" #include "authfd.h" #include "authfile.h" #include "pathnames.h" @@ -487,6 +487,30 @@ resolve_canonicalize(char **hostp, int port) return NULL; } +/* + * Check the result of hostkey loading, ignoring some errors and + * fatal()ing for others. + */ +static void +check_load(int r, const char *path, const char *message) +{ + switch (r) { + case 0: + break; + case SSH_ERR_INTERNAL_ERROR: + case SSH_ERR_ALLOC_FAIL: + fatal("load %s \"%s\": %s", message, path, ssh_err(r)); + case SSH_ERR_SYSTEM_ERROR: + /* Ignore missing files */ + if (errno == ENOENT) + break; + /* FALLTHROUGH */ + default: + error("load %s \"%s\": %s", message, path, ssh_err(r)); + break; + } +} + /* * Read per-user configuration file. Ignore the system wide config * file if the user specifies a config file on the command line. @@ -1354,7 +1378,7 @@ main(int ac, char **av) /* * If we successfully made the connection, load the host private key - * in case we will need it later for combined rsa-rhosts + * in case we will need it later for hostbased * authentication. This must be done before releasing extra * privileges, because the file is only readable by root. * If we cannot access the private keys, load the public keys @@ -1366,29 +1390,32 @@ main(int ac, char **av) if (options.hostbased_authentication) { sensitive_data.nkeys = 11; sensitive_data.keys = xcalloc(sensitive_data.nkeys, - sizeof(struct sshkey)); /* XXX */ + sizeof(struct sshkey)); + + /* XXX check errors? */ +#define L_KEY(t,p,o) \ + check_load(sshkey_load_private_type(t, p, "", \ + &(sensitive_data.keys[o]), NULL, NULL), p, "key") +#define L_KEYCERT(t,p,o) \ + check_load(sshkey_load_private_cert(t, p, "", \ + &(sensitive_data.keys[o]), NULL), p, "cert and key") +#define L_PUBKEY(p,o) \ + check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ + p, "pubkey") +#define L_CERT(p,o) \ + check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert") PRIV_START; - sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, - _PATH_HOST_ECDSA_KEY_FILE, "", NULL); - sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, - _PATH_HOST_ED25519_KEY_FILE, "", NULL); - sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, - _PATH_HOST_RSA_KEY_FILE, "", NULL); - sensitive_data.keys[4] = key_load_private_cert(KEY_DSA, - _PATH_HOST_DSA_KEY_FILE, "", NULL); - sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, - _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[6] = key_load_private_type(KEY_ED25519, - _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[7] = key_load_private_type(KEY_RSA, - _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[8] = key_load_private_type(KEY_DSA, - _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[9] = key_load_private_cert(KEY_XMSS, - _PATH_HOST_XMSS_KEY_FILE, "", NULL); - sensitive_data.keys[10] = key_load_private_type(KEY_XMSS, - _PATH_HOST_XMSS_KEY_FILE, "", NULL, NULL); + L_KEYCERT(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, 1); + L_KEYCERT(KEY_ED25519, _PATH_HOST_ED25519_KEY_FILE, 2); + L_KEYCERT(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, 3); + L_KEYCERT(KEY_DSA, _PATH_HOST_DSA_KEY_FILE, 4); + L_KEY(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, 5); + L_KEY(KEY_ED25519, _PATH_HOST_ED25519_KEY_FILE, 6); + L_KEY(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, 7); + L_KEY(KEY_DSA, _PATH_HOST_DSA_KEY_FILE, 8); + L_KEYCERT(KEY_XMSS, _PATH_HOST_XMSS_KEY_FILE, 9); + L_KEY(KEY_XMSS, _PATH_HOST_XMSS_KEY_FILE, 10); PRIV_END; if (options.hostbased_authentication == 1 && @@ -1397,27 +1424,18 @@ main(int ac, char **av) sensitive_data.keys[6] == NULL && sensitive_data.keys[7] == NULL && sensitive_data.keys[8] == NULL && - sensitive_data.keys[9] == NULL) { - sensitive_data.keys[1] = key_load_cert( - _PATH_HOST_ECDSA_KEY_FILE); - sensitive_data.keys[2] = key_load_cert( - _PATH_HOST_ED25519_KEY_FILE); - sensitive_data.keys[3] = key_load_cert( - _PATH_HOST_RSA_KEY_FILE); - sensitive_data.keys[4] = key_load_cert( - _PATH_HOST_DSA_KEY_FILE); - sensitive_data.keys[5] = key_load_public( - _PATH_HOST_ECDSA_KEY_FILE, NULL); - sensitive_data.keys[6] = key_load_public( - _PATH_HOST_ED25519_KEY_FILE, NULL); - sensitive_data.keys[7] = key_load_public( - _PATH_HOST_RSA_KEY_FILE, NULL); - sensitive_data.keys[8] = key_load_public( - _PATH_HOST_DSA_KEY_FILE, NULL); - sensitive_data.keys[9] = key_load_cert( - _PATH_HOST_XMSS_KEY_FILE); - sensitive_data.keys[10] = key_load_public( - _PATH_HOST_XMSS_KEY_FILE, NULL); + sensitive_data.keys[9] == NULL && + sensitive_data.keys[10] == NULL) { + L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 1); + L_CERT(_PATH_HOST_ED25519_KEY_FILE, 2); + L_CERT(_PATH_HOST_RSA_KEY_FILE, 3); + L_CERT(_PATH_HOST_DSA_KEY_FILE, 4); + L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 5); + L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 6); + L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 7); + L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 8); + L_CERT(_PATH_HOST_XMSS_KEY_FILE, 9); + L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 10); sensitive_data.external_keysign = 1; } } @@ -1496,7 +1514,7 @@ main(int ac, char **av) if (sensitive_data.keys[i] != NULL) { /* Destroys contents safely */ debug3("clear hostkey %d", i); - key_free(sensitive_data.keys[i]); + sshkey_free(sensitive_data.keys[i]); sensitive_data.keys[i] = NULL; } } @@ -1506,7 +1524,7 @@ main(int ac, char **av) free(options.identity_files[i]); options.identity_files[i] = NULL; if (options.identity_keys[i]) { - key_free(options.identity_keys[i]); + sshkey_free(options.identity_keys[i]); options.identity_keys[i] = NULL; } } @@ -2000,7 +2018,7 @@ load_public_identity_files(struct passwd *pw) &keys)) > 0) { for (i = 0; i < nkeys; i++) { if (n_ids >= SSH_MAX_IDENTITY_FILES) { - key_free(keys[i]); + sshkey_free(keys[i]); continue; } identity_keys[n_ids] = keys[i]; @@ -2026,7 +2044,8 @@ load_public_identity_files(struct passwd *pw) "u", pw->pw_name, "l", thishost, "h", host, "r", options.user, (char *)NULL); free(cp); - public = key_load_public(filename, NULL); + check_load(sshkey_load_public(filename, &public, NULL), + filename, "pubkey"); debug("identity file %s type %d", filename, public ? public->type : -1); free(options.identity_files[i]); @@ -2043,17 +2062,18 @@ load_public_identity_files(struct passwd *pw) if (options.num_certificate_files != 0) continue; xasprintf(&cp, "%s-cert", filename); - public = key_load_public(cp, NULL); + check_load(sshkey_load_public(cp, &public, NULL), + filename, "pubkey"); debug("identity file %s type %d", cp, public ? public->type : -1); if (public == NULL) { free(cp); continue; } - if (!key_is_cert(public)) { + if (!sshkey_is_cert(public)) { debug("%s: key %s type %s is not a certificate", - __func__, cp, key_type(public)); - key_free(public); + __func__, cp, sshkey_type(public)); + sshkey_free(public); free(cp); continue; } @@ -2078,7 +2098,8 @@ load_public_identity_files(struct passwd *pw) (char *)NULL); free(cp); - public = key_load_public(filename, NULL); + check_load(sshkey_load_public(filename, &public, NULL), + filename, "certificate"); debug("certificate file %s type %d", filename, public ? public->type : -1); free(options.certificate_files[i]); @@ -2087,10 +2108,10 @@ load_public_identity_files(struct passwd *pw) free(filename); continue; } - if (!key_is_cert(public)) { + if (!sshkey_is_cert(public)) { debug("%s: key %s type %s is not a certificate", - __func__, filename, key_type(public)); - key_free(public); + __func__, filename, sshkey_type(public)); + sshkey_free(public); free(filename); continue; } diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index c7c89fc31d0..19b8110f4bf 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -1,10 +1,10 @@ -# $OpenBSD: Makefile,v 1.73 2018/07/09 21:56:06 markus Exp $ +# $OpenBSD: Makefile,v 1.74 2018/07/11 18:53:29 markus Exp $ .PATH: ${.CURDIR}/.. SRCS= ssh.c readconf.c clientloop.c sshtty.c sshconnect.c sshconnect2.c mux.c SRCS+= atomicio.c authfd.c compat.c dns.c fatal.c \ - hostfile.c key.c msg.c readpass.c utf8.c + hostfile.c msg.c readpass.c utf8.c SRCS+= ${SRCS_BASE} ${SRCS_KEX} ${SRCS_KEXC} ${SRCS_KEY} ${SRCS_KEYP} \ ${SRCS_KRL} ${SRCS_PROT} ${SRCS_PKT} ${SRCS_UTL} ${SRCS_PKCS11} diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index f828dcf3497..6c818910978 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.299 2018/07/09 21:03:30 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.300 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -42,7 +42,7 @@ #include "packet.h" #include "uidswap.h" #include "compat.h" -#include "key.h" +#include "sshkey.h" #include "sshconnect.h" #include "hostfile.h" #include "log.h" @@ -743,7 +743,7 @@ check_host_cert(const char *host, const struct sshkey *host_key) { const char *reason; - if (key_cert_check_authority(host_key, 1, 0, host, &reason) != 0) { + if (sshkey_cert_check_authority(host_key, 1, 0, host, &reason) != 0) { error("%s", reason); return 0; } @@ -1456,9 +1456,9 @@ show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) logit("WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", - key_type(found->key), + sshkey_type(found->key), found->host, found->file, found->line, - key_type(found->key), fp); + sshkey_type(found->key), fp); if (options.visual_host_key) logit("%s", ra); free(ra); @@ -1485,7 +1485,7 @@ warn_changed_key(struct sshkey *host_key) error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); error("It is also possible that a host key has just been changed."); error("The fingerprint for the %s key sent by the remote host is\n%s.", - key_type(host_key), fp); + sshkey_type(host_key), fp); error("Please contact your system administrator."); free(fp); diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index bdc684e0131..ddf5700c5ef 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.278 2018/07/09 21:03:30 markus Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.279 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1053,7 +1053,7 @@ key_sig_algorithm(struct ssh *ssh, const struct sshkey *key) if (ssh == NULL || ssh->kex->server_sig_algs == NULL || (key->type != KEY_RSA && key->type != KEY_RSA_CERT)) { /* Filter base key signature alg against our configuration */ - return match_list(key_ssh_name(key), + return match_list(sshkey_ssh_name(key), options.pubkey_key_types, NULL); } @@ -1602,10 +1602,10 @@ try_identity(Identity *id) { if (!id->key) return (0); - if (key_type_plain(id->key->type) == KEY_RSA && + if (sshkey_type_plain(id->key->type) == KEY_RSA && (datafellows & SSH_BUG_RSASIGMD5) != 0) { debug("Skipped %s key %s for RSA/MD5 server", - key_type(id->key), id->filename); + sshkey_type(id->key), id->filename); return (0); } return 1; @@ -1971,7 +1971,7 @@ userauth_hostbased(Authctxt *authctxt) (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 || (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 || - (r = sshbuf_put_cstring(b, key_ssh_name(private))) != 0 || + (r = sshbuf_put_cstring(b, sshkey_ssh_name(private))) != 0 || (r = sshbuf_put_string(b, keyblob, keylen)) != 0 || (r = sshbuf_put_cstring(b, chost)) != 0 || (r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) { @@ -1997,7 +1997,7 @@ userauth_hostbased(Authctxt *authctxt) (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || - (r = sshpkt_put_cstring(ssh, key_ssh_name(private))) != 0 || + (r = sshpkt_put_cstring(ssh, sshkey_ssh_name(private))) != 0 || (r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 || (r = sshpkt_put_cstring(ssh, chost)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 || diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index d9f038c1794..2719e10c90e 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */ +/* $OpenBSD: sshd.c,v 1.512 2018/07/11 18:53:29 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -81,7 +81,7 @@ #include "compat.h" #include "cipher.h" #include "digest.h" -#include "key.h" +#include "sshkey.h" #include "kex.h" #include "myproposal.h" #include "authfile.h" @@ -449,11 +449,11 @@ destroy_sensitive_data(void) for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { - key_free(sensitive_data.host_keys[i]); + sshkey_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = NULL; } if (sensitive_data.host_certificates[i]) { - key_free(sensitive_data.host_certificates[i]); + sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } } @@ -465,11 +465,16 @@ demote_sensitive_data(void) { struct sshkey *tmp; u_int i; + int r; for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { - tmp = key_demote(sensitive_data.host_keys[i]); - key_free(sensitive_data.host_keys[i]); + if ((r = sshkey_demote(sensitive_data.host_keys[i], + &tmp)) != 0) + fatal("could not demote host %s key: %s", + sshkey_type(sensitive_data.host_keys[i]), + ssh_err(r)); + sshkey_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = tmp; } /* Certs do not need demotion */ @@ -772,7 +777,7 @@ get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh) u_int i; for (i = 0; i < options.num_host_key_files; i++) { - if (key_is_cert(key)) { + if (sshkey_is_cert(key)) { if (key == sensitive_data.host_certificates[i] || (compare && sensitive_data.host_certificates[i] && sshkey_equal(key, @@ -1628,11 +1633,18 @@ main(int ac, char **av) for (i = 0; i < options.num_host_key_files; i++) { if (options.host_key_files[i] == NULL) continue; - key = key_load_private(options.host_key_files[i], "", NULL); - pubkey = key_load_public(options.host_key_files[i], NULL); - + if ((r = sshkey_load_private(options.host_key_files[i], "", + &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) + error("Error loading host key \"%s\": %s", + options.host_key_files[i], ssh_err(r)); + if ((r = sshkey_load_public(options.host_key_files[i], + &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) + error("Error loading host key \"%s\": %s", + options.host_key_files[i], ssh_err(r)); if (pubkey == NULL && key != NULL) - pubkey = key_demote(key); + if ((r = sshkey_demote(key, &pubkey)) != 0) + fatal("Could not demote key: \"%s\": %s", + options.host_key_files[i], ssh_err(r)); sensitive_data.host_keys[i] = key; sensitive_data.host_pubkeys[i] = pubkey; @@ -1686,21 +1698,21 @@ main(int ac, char **av) for (i = 0; i < options.num_host_cert_files; i++) { if (options.host_cert_files[i] == NULL) continue; - key = key_load_public(options.host_cert_files[i], NULL); - if (key == NULL) { - error("Could not load host certificate: %s", - options.host_cert_files[i]); + if ((r = sshkey_load_public(options.host_cert_files[i], + &key, NULL)) != 0) { + error("Could not load host certificate \"%s\": %s", + options.host_cert_files[i], ssh_err(r)); continue; } - if (!key_is_cert(key)) { + if (!sshkey_is_cert(key)) { error("Certificate file is not a certificate: %s", options.host_cert_files[i]); - key_free(key); + sshkey_free(key); continue; } /* Find matching private key */ for (j = 0; j < options.num_host_key_files; j++) { - if (key_equal_public(key, + if (sshkey_equal_public(key, sensitive_data.host_keys[j])) { sensitive_data.host_certificates[j] = key; break; @@ -1709,12 +1721,12 @@ main(int ac, char **av) if (j >= options.num_host_key_files) { error("No matching private key for certificate: %s", options.host_cert_files[i]); - key_free(key); + sshkey_free(key); continue; } sensitive_data.host_certificates[j] = key; debug("host certificate: #%u type %d %s", j, key->type, - key_type(key)); + sshkey_type(key)); } if (use_privsep) { @@ -2039,26 +2051,21 @@ main(int ac, char **av) int sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, - u_char **signature, size_t *slen, const u_char *data, size_t dlen, + u_char **signature, size_t *slenp, const u_char *data, size_t dlen, const char *alg, u_int flag) { int r; - u_int xxx_slen, xxx_dlen = dlen; if (privkey) { - if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen, - alg) < 0)) + if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen, + alg, datafellows)) < 0) fatal("%s: key_sign failed", __func__); - if (slen) - *slen = xxx_slen; } else if (use_privsep) { - if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen, - alg) < 0) + if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen, + alg, datafellows) < 0) fatal("%s: pubkey_sign failed", __func__); - if (slen) - *slen = xxx_slen; } else { - if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, + if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp, data, dlen, alg, datafellows)) != 0) fatal("%s: ssh_agent_sign failed: %s", __func__, ssh_err(r)); diff --git a/usr.bin/ssh/sshd/Makefile b/usr.bin/ssh/sshd/Makefile index 8ed0172a1c3..787e515cc19 100644 --- a/usr.bin/ssh/sshd/Makefile +++ b/usr.bin/ssh/sshd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.96 2018/07/09 21:56:06 markus Exp $ +# $OpenBSD: Makefile,v 1.97 2018/07/11 18:53:29 markus Exp $ .PATH: ${.CURDIR}/.. @@ -8,7 +8,7 @@ SRCS= sshd.c auth-rhosts.c auth-passwd.c sshpty.c sshlogin.c servconf.c \ auth2-none.c auth2-passwd.c auth2-pubkey.c monitor.c monitor_wrap.c \ sftp-server.c sftp-common.c sandbox-pledge.c SRCS+= atomicio.c authfd.c compat.c dns.c fatal.c \ - hostfile.c key.c msg.c readpass.c utf8.c + hostfile.c msg.c readpass.c utf8.c SRCS+= ${SRCS_BASE} ${SRCS_KEX} ${SRCS_KEXS} ${SRCS_KEY} ${SRCS_KEYP} \ ${SRCS_KRL} ${SRCS_PROT} ${SRCS_PKT} ${SRCS_UTL} ${SRCS_PKCS11} -- 2.20.1