The issue with sshsk_sign can happen if projects wants to include libhiba.so. Include sshsk_sign in libhiba.so directly for external projects to depend on instead of having them work around it individually

Signed-off-by: Willy Tu [email protected]

Gathering fresh sources for openssh-portable, openssl, and hiba I run into a build error.

Following the instructions on INSTALL.md, I gathered sources

$ git clone [email protected]:openssh/openssh-portable.git
$ git clone [email protected]:sourcequench/hiba.git
$ git clone git://git.openssl.org/openssl.git

Building openssl and openssh (with the addition of LD_LIBRARY_PATH=../openssl) worked out fine.

The autogen.sh and configure steps worked fine for hiba, but make ended in sadness - looks like an issue with untyped struct for revocations.

make
make  all-am
make[1]: Entering directory '/home/ryanshea/git/hiba'
  CC       libhiba_la-revocations.lo
In file included from revocations.c:15:
revocations.c: In function 'hibagrl_decode':
revocations.c:173:80: error: invalid use of undefined type 'struct sshbuf'
  173 |                 debug3("hibagrl_decode: serial list section content @%zu", blob->off);
      |                                                                                ^~
../openssh-portable/log.h:88:100: note: in definition of macro 'debug3'
   88 | #define debug3(...)             sshlog(__FILE__, __func__, __LINE__, 0, SYSLOG_LEVEL_DEBUG3, NULL, __VA_ARGS__)
      |                                                                                                    ^~~~~~~~~~~
revocations.c:189:75: error: invalid use of undefined type 'struct sshbuf'
  189 |                 debug3("hibagrl_decode: bitmap section content @%zu", blob->off);
      |                                                                           ^~
../openssh-portable/log.h:88:100: note: in definition of macro 'debug3'
   88 | #define debug3(...)             sshlog(__FILE__, __func__, __LINE__, 0, SYSLOG_LEVEL_DEBUG3, NULL, __VA_ARGS__)
      |                                                                                                    ^~~~~~~~~~~
make[1]: *** [Makefile:609: libhiba_la-revocations.lo] Error 1
make[1]: Leaving directory '/home/ryanshea/git/hiba'
make: *** [Makefile:394: all] Error 2

This script is needed for bitbake to build it properly in https://gbmc-review.googlesource.com/c/meta-gbmc-staging/+/2001

Tested: Able to build hiba after running bootstrap.sh

./bootstrap.sh
autoreconf: export WARNINGS=
autoreconf: Entering directory '.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --force -I m4
autoreconf: configure.ac: tracing
autoreconf: running: libtoolize --copy --force
libtoolize: putting auxiliary files in '.'.
libtoolize: copying file './ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'.
libtoolize: copying file 'm4/libtool.m4'
libtoolize: copying file 'm4/ltoptions.m4'
libtoolize: copying file 'm4/ltsugar.m4'
libtoolize: copying file 'm4/ltversion.m4'
libtoolize: copying file 'm4/lt~obsolete.m4'
autoreconf: configure.ac: not using Intltool
autoreconf: configure.ac: not using Gtkdoc
autoreconf: running: aclocal --force -I m4
autoreconf: running: /usr/bin/autoconf --force
autoreconf: running: /usr/bin/autoheader --force
autoreconf: running: automake --add-missing --copy --force-missing
configure.ac:13: installing './compile'
configure.ac:17: installing './missing'
autoreconf: Leaving directory '.'
Run "./configure ${CONFIGURE_FLAGS} && make"

Signed-off-by: Willy Tu [email protected]

Certificate passed via command line with a size larger than the expected maximum filename size fail the stat syscall with ENAMETOOLONG rather than ENOENT, which causes decode_file() to consider it as a filename rather than inline.

How to actually create grants/identities and sign certificates with these probably not is immediately obvious, so an example is probably useful for those wanting to go beyond the local setup shell script.

Commit c7a3d77c0b8c153d463398606a8d57569186a0c3 in OpenSSH sources made the struct sshbuf private, which broke our introspection into the sshbuf offset. This was only needed for augmenting the debug data and not critical at all, so it can safely be removed.

Fixes #29

https://github.com/openssh/openssh-portable/pull/358 tries to properly fix the missing sshsk_sign symbol in OpenSSH.

Once that pull request is merged, HIBA might fail to build against newer versions of OpenSSH since the symbol will now be duplicated (depending on compilers). As we can't easily declare a clean cut-off, making the symbol weak will allow for a smoother transition.

This CL removes uint16 size previously specified in the grant revocation bitmap section and documents the algorithm for calculating bitmap size and checking grant revocation for a certificate serial and grant index.

Support for multiple HIBA grants attached to one certificate.

This pull request also includes:

• testing for multiple identities (this must result in access denied)
• debug log rewording