shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity
6,560 Commits 12 Branches 62 Tags
02ae2ace351011ddbc6c29d643ded7cfe430dde1
Commit Graph

6560 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Praneeth Sarode
55bb909252 refactor(pki): separate the sk signature buffer packing to a separate function 
The logic for creating the buffer to be verified from an sk signature from ssh_pki_signature_verify has been separated into a new function named pki_prepare_sk_signature_buffer to allow for convenient reuse of this logic.

Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-30 12:42:56 +02:00
Praneeth Sarode
08cbbea461 pki: update RSA key generation to use default size when parameter is 0 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-25 15:04:57 +02:00
Praneeth Sarode
8c4e337ab7 pki: define RSA_DEFAULT_KEY_SIZE 
Define a new constant for the default RSA key size for consistency.

Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-25 15:04:56 +02:00
Praneeth Sarode
8541b6584f test(buffer): add unit tests for ssh_buffer_dup function 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-25 15:04:18 +02:00
Praneeth Sarode
2f77727796 feat(buffer): add ssh_buffer_dup function to duplicate existing buffers 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-25 15:04:17 +02:00
Jakub Jelen
a3c5d3b256 tests: Rewrite all fuzzers to LLVMFuzzerInitialize and nalloc 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-09-25 15:03:07 +02:00
Philippe Antoine
59a502ede6 fuzz: test allocations failures 
Signed-off-by: Philippe Antoine <p.antoine@catenacyber.fr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-25 15:03:04 +02:00
Francesco Rollo
c94e2efcf1 fix(bind): Remove code duplication in ssh_bind_listen 
Signed-off-by: Francesco Rollo <eferollo@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-18 13:57:12 +02:00
Jakub Jelen
3d3b12891f tests: Avoid prefix matching when selecting algorithmms 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2025-09-10 13:05:50 +02:00
Jakub Jelen
6ca59307d4 Add non-namespaced alias sntrup761x25519-sha512 that is being standardized 
The specification is now in the last call, data point is allocated so there is
no need to stick to the namespaces alias anymore

https://datatracker.ietf.org/doc/draft-ietf-sshm-ntruprime-ssh/

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2025-09-10 12:23:08 +02:00
Praneeth Sarode
e8bbd194c7 refactor(pki): Define RSA_MIN_KEY_SIZE and update related checks 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-09-09 12:53:43 +02:00
Jakub Jelen
df4e907dff poll: Use is_locked helper where possible 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:33:58 +02:00
Philippe Antoine
c99261437f socket: do not free poll object if it is locked 
As it may a cause a use after free if `send` fails when
ssh_poll_ctx_dopoll does its callback
ssh_poll_ctx_dopoll still wants to use the poll object later

Signed-off-by: Philippe Antoine <p.antoine@catenacyber.fr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:33:57 +02:00
Andreas Schneider
53ac23ded4 CVE-2025-8114: Fix NULL pointer dereference after allocation failure 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-14 10:32:55 +02:00
Jakub Jelen
ffed80f8c0 CVE-2025-8277: mbedtls: Avoid leaking ecdh keys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:32:24 +02:00
Jakub Jelen
9ada7aa0e4 CVE-2025-8277: wrapper: Free cv25519 private key on cleanup 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:32:19 +02:00
Jakub Jelen
d357a9f3e2 tests: Invoke all combinations of wrong guesses during rekey 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:32:13 +02:00
Jakub Jelen
c9d95ab0c7 CVE-2025-8277: ecdh: Free previously allocated pubkeys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:32:10 +02:00
Francesco Rollo
ccff22d378 CVE-2025-8277: Fix memory leak of unused ephemeral key pair after client's wrong KEX guess 
Signed-off-by: Francesco Rollo <eferollo@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:32:05 +02:00
Jakub Jelen
4310a696f2 CVE-2025-8277: packet: Adjust packet filter to work when DH-GEX is guessed wrongly 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:31:51 +02:00
Jakub Jelen
771e19a7a9 tests: Enable all key exchange methods in ssh_ping 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-14 10:31:30 +02:00
Jakub Jelen
118a747acd socket: Free poll handle when resetting socket state 
Since 07cb0be12 we are not closing the user provided FDs,
but the above change also resulted in memory leak during
ssh_disconnect that left the poll_handle allocated during
reset.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:13:31 +02:00
Jakub Jelen
5691e0f609 poll: Initialize ssh_poll_handle pointers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:13:31 +02:00
Jakub Jelen
5a6e2fd02a poll: Fix memory leak on failed realloc() 
In cases where this is the initial allocation, the shrinking of the polltrs
buffer would result in 0B realloc, which really does not make sense. Also,
when this second realloc fails, the memory is never freed as the outer code
believes there is nothing allocated on the poll_ctx

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:13:31 +02:00
Jakub Jelen
e8099375fe poll: Check return value of ssh_poll_ctx_add() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:13:27 +02:00
Jakub Jelen
d00f267bc6 Make ssh_socket_set_fd() return errors 
and properly check the return value where it is used

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:12:47 +02:00
Jakub Jelen
35d337834b options: Avoid memory leaks on allocation failures 
When allocation during tilde expansion fails, libssh could
leak a memory.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:12:47 +02:00
Jakub Jelen
ba1e8303f8 reformat remains of poll.c 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-12 12:12:43 +02:00
Jakub Jelen
ef50a3c0f0 tests: Remove tests of operations on freed channels 
These tests are flaky because even though the care was taken to guess if
the ssh_channel_free() really freed the channel, it might not always be correct
and call to operation on the freed channel results in use after free.

Generally, no operation should be called after the channel is freed by the user.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-06 11:18:45 +02:00
Jakub Jelen
e7cffe7e1b pki: Simplify ed25519 private key duplication 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-06 11:18:20 +02:00
Jakub Jelen
d1bf9068a9 Use calloc instead of zeroizing structure after malloc 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-06 11:16:58 +02:00
Jakub Jelen
737f9ecc3c agent: Reformat the rest of the file 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-08-06 11:16:58 +02:00
Praneeth Sarode
cc667021e5 tests(pki): add torture tests for security keys 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-01 15:28:58 +05:30
Praneeth Sarode
f9f8c939bc tests(pki): add security key testing helper functions to torture library 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-01 15:28:54 +05:30
Praneeth Sarode
aab6ce364a tests(pki): add sk type keys to the testing infrastructure 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-01 15:28:41 +05:30
Praneeth Sarode
0cec257077 pki: add security key file import/export functionality 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-01 15:28:36 +05:30
Praneeth Sarode
957efe51a2 format(pki): format the pki_import_privkey_buffer function 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-08-01 00:29:27 +05:30
Praneeth Sarode
bb85492d4f feat(pki): add support for SK key types in signature handling 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 23:00:53 +05:30
Praneeth Sarode
22c1b6970c pki: add security key fields to ssh_key_struct and update compare, copying and cleaning functions 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 22:47:59 +05:30
Praneeth Sarode
09155adb19 tests(string): add unit tests for ssh_string_cmp function 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 16:06:32 +02:00
Praneeth Sarode
95f8cbc7f0 feat(string): add ssh_string_cmp function for comparing ssh_strings 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 16:06:31 +02:00
Praneeth Sarode
3423399f98 fix(pki): remove redundant key type_c assignment in pki_import_pubkey_buffer 
We already assign the correct key type_c using ssh_key_type_to_char before this point.

Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 16:05:52 +02:00
Praneeth Sarode
ccbec9c275 fix(pki): remove redundant key type_c assignment in build pubkey and privkey functions 
Whenever the pki_pubkey_build_ecdsa and pki_privkey_build_ecdsa functions are called, the key type assignment is already done. So, we don't need to assign it again. Moreover, because the pki_key_ecdsa_nid_to_name function was used, for key types like the SSH_KEYTYPE_SK_ECDSA, we assign the wrong type string to the key, based on the nid.

Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 16:05:51 +02:00
Praneeth Sarode
ed52c88a03 feat(misc): add burn_free function and BURN_FREE macro for secure memory deallocation 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 12:35:12 +02:00
Till Wimmer
0f0ac314d2 session: add err messages for most common WSA error codes (+ applied clang-format to file) 
Signed-off-by: Till Wimmer <github@tonarchiv.ch>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-07-30 12:33:42 +02:00
Navid Fayezi
95e4c39e8a Refactor: fix inconsistency in ssh_callback_struct 
Signed-off-by: Navid Fayezi <navidfayezi.98@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-30 12:31:07 +02:00
Jakub Jelen
8c89633a45 pki: Avoid possible memory leak 
Actually the condition was duplicated at the beginning of the function and this
one could not be hit (again), but it is an error to be fixed anyway.

Thanks Coverity!

CID 1618865

CID 1618864

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-07-29 15:39:37 +02:00
Rémi Coulom
8069679033 remove unused ssh_string in ssh_channel_open_forward_unix 
Signed-off-by: Rémi Coulom <remi.coulom@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-07-25 19:52:37 +02:00
Jakub Jelen
c2e9d39dbe tests: Fix build script to work also on MacOS correctly 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-07-25 16:40:56 +02:00
Jakub Jelen
ab44f606b2 tests: Add more valgrind supressions for krb5 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-07-25 13:20:15 +02:00