Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1

Peter Stuge peter at stuge.se
Mon May 28 17:57:47 EST 2012


John Olsson M wrote:
> What is blocking this from being merged into OpenSSH?

Quite likely the diffstat:

$ curl -s http://roumenpetrov.info/openssh/x509-7.2/openssh-6.0p1+x509-7.2.diff.gz | zcat | diffstat
 INSTALL                           |   14 
 LICENCE                           |    3 
 Makefile.in                       |   79 ++
 README.x509v3                     |  622 +++++++++++++++++++
 aclocal.m4                        |    2 
 auth-passwd.c                     |    7 
 auth.c                            |    2 
 auth2-hostbased.c                 |   42 +
 auth2-jpake.c                     |   49 +
 auth2-pubkey.c                    |  159 ++++
 authfd.c                          |   23 
 authfile.c                        |   75 ++
 cipher.c                          |   67 ++
 cipher.h                          |    6 
 config.h.in                       |   67 ++
 configure                         | 1072 ++++++++++++++++++++++++++++++---
 configure.ac                      |  343 +++++++++-
 defines.h                         |    7 
 dns.c                             |  343 ++++++++++
 dns.h                             |   32 -
 evp-compat.h                      |  134 ++++
 hostfile.c                        |   17 
 jpake.c                           |    7 
 key-eng.c                         |  677 +++++++++++++++++++++
 key-eng.h                         |   45 +
 key.c                             |  194 +++++-
 key.h                             |    9 
 log.c                             |   24 
 log.h                             |    4 
 loginrec.c                        |   10 
 m4/ldap.m4                        |  217 ++++++
 mac.c                             |   52 +
 mac.h                             |    7 
 misc.c                            |    9 
 moduli.0                          |   18 
 moduli.5                          |   10 
 monitor.c                         |    8 
 monitor_wrap.c                    |   15 
 openbsd-compat/Makefile.in        |    8 
 openbsd-compat/bsd-arc4random.c   |   30 
 openbsd-compat/bsd-closefrom.c    |   23 
 openbsd-compat/openssl-compat.c   |   57 +
 openbsd-compat/openssl-compat.h   |   18 
 openbsd-compat/xcrypt.c           |   11 
 pathnames.h                       |   50 +
 readconf.c                        |  344 ++++++++++
 readconf.h                        |   50 +
 regress/Makefile                  |   12 
 regress/forwarding.sh             |    6 
 regress/multiplex.sh              |    7 
 regress/sftp-cmds.sh              |    6 
 regress/test-exec.sh              |   23 
 scp.0                             |   74 --
 scp.1                             |   67 --
 servconf.c                        |  300 +++++++++
 servconf.h                        |   44 +
 session.c                         |   32 +
 sftp-server.0                     |   15 
 sftp-server.8                     |   10 
 sftp.0                            |  160 +----
 sftp.1                            |   67 --
 ssh-add.0                         |   44 -
 ssh-add.1                         |   26 
 ssh-add.c                         |   20 
 ssh-agent.0                       |   68 +-
 ssh-agent.1                       |   18 
 ssh-agent.c                       |   57 +
 ssh-dss.c                         |  199 ++++++
 ssh-keygen.0                      |  193 +++---
 ssh-keygen.1                      |   51 +
 ssh-keygen.c                      |   36 +
 ssh-keyscan.0                     |   46 -
 ssh-keyscan.1                     |   53 +
 ssh-keyscan.c                     |  117 ++-
 ssh-keysign.0                     |   19 
 ssh-keysign.8                     |   12 
 ssh-keysign.c                     |    3 
 ssh-ocsp.c                        | 1045 ++++++++++++++++++++++++++++++++
 ssh-pkcs11-helper.0               |    6 
 ssh-pkcs11-helper.8               |   10 
 ssh-pkcs11-helper.c               |    5 
 ssh-pkcs11.c                      |   57 +
 ssh-rsa.c                         |  143 ++++
 ssh-x509.c                        | 1215 ++++++++++++++++++++++++++++++++++++++
 ssh-x509.h                        |   86 ++
 ssh-xkalg.c                       |  532 ++++++++++++++++
 ssh-xkalg.h                       |   58 +
 ssh.0                             |  554 ++++++++---------
 ssh.1                             |  196 +++---
 ssh.c                             |   76 ++
 ssh_config                        |   13 
 ssh_config.0                      |  632 +++++++++++--------
 ssh_config.5                      |  247 +++++++
 ssh_engine.0                      |   64 ++
 ssh_engine.5                      |  120 +++
 sshconnect.c                      |   69 +-
 sshconnect2.c                     |  121 +++
 sshd.0                            |  430 +++++++------
 sshd.8                            |   91 ++
 sshd.c                            |   57 +
 sshd_config                       |   68 ++
 sshd_config.0                     |  456 +++++++++-----
 sshd_config.5                     |  259 ++++++++
 tests/CA/1-cre_cadb.sh            |  417 +++++++++++++
 tests/CA/2-cre_cakeys.sh          |  382 +++++++++++
 tests/CA/2-cre_key.sh             |   33 +
 tests/CA/3-cre_certs.sh           |  343 ++++++++++
 tests/CA/4-cre_crls.sh            |  125 +++
 tests/CA/5-cre_ldap.sh            |  137 ++++
 tests/CA/Makefile.in              |  163 +++++
 tests/CA/config                   |  254 +++++++
 tests/CA/env.in                   |    7 
 tests/CA/functions                |  279 ++++++++
 tests/CA/openssh_tests.sh         |  374 +++++++++++
 tests/CA/shell.rc                 |   41 +
 tests/CA/test-agent.sh.inc        |  165 +++++
 tests/CA/test-alg.sh.inc          |  140 ++++
 tests/CA/test-algfmt.sh.inc       |  156 ++++
 tests/CA/test-blob_auth.sh.inc    |   84 ++
 tests/CA/test-by_ldap.sh.inc      |  299 +++++++++
 tests/CA/test-crl.sh.inc          |  266 ++++++++
 tests/CA/test-dn_auth_file.sh.inc |  119 +++
 tests/CA/test-dn_auth_path.sh.inc |  130 ++++
 tests/CA/test-ocsp.sh.inc         |  256 ++++++++
 tests/CA/test-self.sh.inc         |  183 +++++
 tests/CA/verify.sh                |   44 +
 umac.c                            |    4 
 x509_by_ldap.c                    |  874 +++++++++++++++++++++++++++
 x509_by_ldap.h                    |   98 +++
 x509_nm_cmp.c                     |  524 ++++++++++++++++
 x509store.c                       | 1034 ++++++++++++++++++++++++++++++++
 x509store.h                       |  123 +++
 132 files changed, 18689 insertions(+), 1822 deletions(-)
$ 


//Peter


More information about the openssh-unix-dev mailing list