https://bugzilla.mindrot.org/show_bug.cgi?id=3561
Bug ID: 3561
Summary: Open SSH does not support 1-byte structure packing on
non-windows systems for PKCS11
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: [email protected]
Reporter: [email protected]
The PKCS11 specification is very clear on byte packing (1 byte), but
openssh does not even attempt to do so for anything besides Windows.
Instead, it relies on the compiler to set the size of CK_ULONG, CK_LONG
to unsigned long, which may be 32 or 64 depending on system and
compiler. While the PKCS11 API is painful in it's original form, it is
a very simple matter to add a definition for the appropriate packed
syntax, and define it for the compiler, or rely on a pragma.
This should at least be configurable at build time. Although many
implementations of PKCS11 on non-windows systems also do this, is that
really a good reason to ignore the standard? There really isn't a
standard at that point. This is especially troubling since the API
allows many places to fail.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
