Thanks for your informative replies!
I hope BIND, OpenSSH et al start using
the 1.1.0 API soon.
RE:
<cite>
jason.vas.dias> On 20/03/2017, Kurt Roeckx <k...@roeckx.be> wrote:
jason.vas.dias> > The ed25519 support in openssh doesn't even come from
openssl.
jason.vas.dias> >
jason.vas.dias> What happens is OpenSSH's cipher.c calls
jason.vas.dias> if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv,
jason.vas.dias> (do_encrypt == CIPHER_ENCRYPT)) == 0) {
jason.vas.dias> ret = SSH_ERR_LIBCRYPTO_ERROR;
jason.vas.dias> goto out;
jason.vas.dias> }
jason.vas.dias> which always does 'goto out' for any ED25519 file.
That would happen if ssh_host_ed25519_key is password protected and
the cipher used to encrypt the key isn't recognised in OpenSSL 1.1.0
(and considering the current master of openssh-portable doesn't build
cleanly against OpenSSL 1.1.0e and I therefore suppose you've hacked
around, I can't even begin to say where the fault came in). It also
depends on your OpenSSL configuration, since you can disable most
algorithms it carries...
</cite>
But none of my host keys were password protected.
They were just what resulted from the command:
$ ssh-keygen -A
which is run on initial openssh installation.
The modifications I made were trivial :
o Including the hidden API headers ,
o initializing automatic SSL structs
- ie '{struct}_CTX v ={0};' , not
'{struct}_CTX v;'
( else the {struct}_init(&v) function
( I think evp_init() )
could try free()-ing garbage pointer
members ( in named ) )
o changing some structure member references
from s->m to s.m - these were verified by
compiler.
That really is the extent of all mods I made
to openssh / BIND .
Openssh was then unable to read or write the
existing /etc/ssh_host_ed25519_key file ( not PW protected ), so NO ssh app
can run, and
'ssh_keygen -A' failed to write a new ed25519
key file (not pw protected) when I moved all the old files out of the way ,
failing ( under gdb ) at that point in the
cipher_init() code I posted before .
If anyone has managed to get openssh working
under OpenSSL 1.1.0 please let me know & I'll
try upgrading again.
But until 1.1.0 adoption becomes more widespread, I still think it would be
helpful
if the main openssl.org webpage let users
know this is the case , with a statement such
as 'most openssl using applications have not
upgraded to 1.1.0 yet' . This would prevent
others from wasting time as I was led to do.
Regards, Jason
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
