-/* $OpenBSD: auth2-pubkey.c,v 1.98 2020/01/23 07:10:22 dtucker Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.99 2020/02/06 22:30:54 naddy Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
SSH_SK_USER_PRESENCE_REQD) == 0) {
error("public key %s signature for %s%s from "
"%.128s port %d rejected: user presence "
- "(key touch) requirement not met ", key_s,
+ "(authenticator touch) requirement "
+ "not met ", key_s,
authctxt->valid ? "" : "invalid user ",
authctxt->user, ssh_remote_ipaddr(ssh),
ssh_remote_port(ssh));
-/* $OpenBSD: monitor.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */
+/* $OpenBSD: monitor.c,v 1.208 2020/02/06 22:30:54 naddy Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
if (req_presence &&
(sig_details->sk_flags & SSH_SK_USER_PRESENCE_REQD) == 0) {
error("public key %s %s signature for %s%s from %.128s "
- "port %d rejected: user presence (key touch) "
- "requirement not met ", sshkey_type(key), fp,
+ "port %d rejected: user presence "
+ "(authenticator touch) requirement not met ",
+ sshkey_type(key), fp,
authctxt->valid ? "" : "invalid user ",
authctxt->user, ssh_remote_ipaddr(ssh),
ssh_remote_port(ssh));
-/* $OpenBSD: ssh-add.c,v 1.151 2020/01/25 23:02:13 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.152 2020/02/06 22:30:54 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (!sshkey_is_sk(private))
skprovider = NULL; /* Don't send constraint for other keys */
else if (skprovider == NULL) {
- fprintf(stderr, "Cannot load security key %s without "
- "provider\n", filename);
+ fprintf(stderr, "Cannot load authenticator-hosted key %s "
+ "without provider\n", filename);
goto out;
}
int r, ok = 0;
char *fp;
- pass = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN);
+ pass = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN);
if ((r = sshsk_load_resident(skprovider, NULL, pass,
&keys, &nkeys)) != 0) {
error("Unable to load resident keys: %s", ssh_err(r));
-/* $OpenBSD: ssh-agent.c,v 1.254 2020/01/25 00:06:48 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.255 2020/02/06 22:30:54 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
}
if (sk_provider != NULL) {
if (!sshkey_is_sk(k)) {
- error("Cannot add provider: %s is not a security key",
- sshkey_type(k));
+ error("Cannot add provider: %s is not an "
+ "authenticator-hosted key", sshkey_type(k));
free(sk_provider);
goto send;
}
-/* $OpenBSD: ssh-keygen.c,v 1.396 2020/02/04 09:58:04 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.397 2020/02/06 22:30:54 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (skprovider == NULL)
fatal("Cannot download keys without provider");
- pin = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN);
+ pin = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN);
if ((r = sshsk_load_resident(skprovider, device, pin,
&keys, &nkeys)) != 0) {
freezero(pin, strlen(pin));
}
}
if (!quiet) {
- printf("You may need to touch your security key "
+ printf("You may need to touch your authenticator "
"to authorize key generation.\n");
}
passphrase = NULL;
fatal("Key enrollment failed: %s", ssh_err(r));
if (passphrase != NULL)
freezero(passphrase, strlen(passphrase));
- passphrase = read_passphrase("Enter PIN for security "
- "key: ", RP_ALLOW_STDIN);
+ passphrase = read_passphrase("Enter PIN for "
+ "authenticator: ", RP_ALLOW_STDIN);
}
if (passphrase != NULL)
freezero(passphrase, strlen(passphrase));
-/* $OpenBSD: ssh-sk.c,v 1.26 2020/01/28 08:01:34 djm Exp $ */
+/* $OpenBSD: ssh-sk.c,v 1.27 2020/02/06 22:30:54 naddy Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
return ret;
}
if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) {
- error("Security key provider \"%s\" dlopen failed: %s",
- path, dlerror());
+ error("Provider \"%s\" dlopen failed: %s", path, dlerror());
goto fail;
}
if ((ret->sk_api_version = dlsym(ret->dlhandle,
"sk_api_version")) == NULL) {
- error("Security key provider \"%s\" dlsym(sk_api_version) "
- "failed: %s", path, dlerror());
+ error("Provider \"%s\" dlsym(sk_api_version) failed: %s",
+ path, dlerror());
goto fail;
}
version = ret->sk_api_version();
debug("%s: provider %s implements version 0x%08lx", __func__,
ret->path, (u_long)version);
if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) {
- error("Security key provider \"%s\" implements unsupported "
+ error("Provider \"%s\" implements unsupported "
"version 0x%08lx (supported: 0x%08lx)",
path, (u_long)version, (u_long)SSH_SK_VERSION_MAJOR);
goto fail;
}
if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) {
- error("Security key provider %s dlsym(sk_enroll) "
- "failed: %s", path, dlerror());
+ error("Provider %s dlsym(sk_enroll) failed: %s",
+ path, dlerror());
goto fail;
}
if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) {
- error("Security key provider \"%s\" dlsym(sk_sign) failed: %s",
+ error("Provider \"%s\" dlsym(sk_sign) failed: %s",
path, dlerror());
goto fail;
}
if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle,
"sk_load_resident_keys")) == NULL) {
- error("Security key provider \"%s\" "
- "dlsym(sk_load_resident_keys) failed: %s", path, dlerror());
+ error("Provider \"%s\" dlsym(sk_load_resident_keys) "
+ "failed: %s", path, dlerror());
goto fail;
}
/* success */
goto out;
}
if (sshkey_ec_validate_public(EC_KEY_get0_group(key->ecdsa), q) != 0) {
- error("Security key returned invalid ECDSA key");
+ error("Authenticator returned invalid ECDSA key");
r = SSH_ERR_KEY_INVALID_EC_VALUE;
goto out;
}
goto out;
}
if ((r = skp->sk_load_resident_keys(pin, opts, &rks, &nrks)) != 0) {
- error("Security key provider \"%s\" returned failure %d",
- provider_path, r);
+ error("Provider \"%s\" returned failure %d", provider_path, r);
r = skerr_to_ssherr(r);
goto out;
}
-/* $OpenBSD: ssh.c,v 1.517 2020/01/28 07:24:15 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.518 2020/02/06 22:30:54 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (options.sk_provider != NULL && *options.sk_provider == '$' &&
strlen(options.sk_provider) > 1) {
if ((cp = getenv(options.sk_provider + 1)) == NULL) {
- debug("Security key provider %s did not resolve; "
+ debug("Authenticator provider %s did not resolve; "
"disabling", options.sk_provider);
free(options.sk_provider);
options.sk_provider = NULL;
-/* $OpenBSD: sshconnect2.c,v 1.318 2020/01/23 10:24:30 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.319 2020/02/06 22:30:54 naddy Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
if ((id->key->flags & SSHKEY_FLAG_EXT) != 0)
note = " token";
else if (sshkey_is_sk(id->key))
- note = " security-key";
+ note = " authenticator";
}
xasprintf(&ret, "%s %s%s%s%s%s%s",
id->filename,
}
if (private != NULL && sshkey_is_sk(private) &&
options.sk_provider == NULL) {
- debug("key \"%s\" is a security key, but no "
- "provider specified", id->filename);
+ debug("key \"%s\" is an authenticator-hosted key, "
+ "but no provider specified", id->filename);
sshkey_free(private);
private = NULL;
quit = 1;
continue;
}
if (key && sshkey_is_sk(key) && options.sk_provider == NULL) {
- debug("%s: ignoring security key %s as no "
+ debug("%s: ignoring authenticator-hosted key %s as no "
"SecurityKeyProvider has been specified",
__func__, options.identity_files[i]);
continue;
continue;
}
if (key && sshkey_is_sk(key) && options.sk_provider == NULL) {
- debug("%s: ignoring security key certificate %s as no "
+ debug("%s: ignoring authenticator-hosted key "
+ "certificate %s as no "
"SecurityKeyProvider has been specified",
__func__, options.identity_files[i]);
continue;
projects / thirdparty / openssh-portable.git / commitdiff
