In function pki_signature_from_blob(), the warning message in case of
an oversized RSA key was missing an ‘o’ (reading “to” instead of “too”).
While we are here, make this oversized message the same than the ones
found in pki_crypto.c & pki_mbedcrypto.c: put the expected size in it.
The message in case of an _under_sized key include the expected size,
so that’s more consistent in that regard too (and more informative!)
Signed-off-by: Paul Capron <paul@fragara.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Avoid calling random() and use ssh_get_random() instead.
CID #1412376
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
In 906cc7e7e9 a memory leak was fixed but
a similar one is present here that needs a fix as well.
Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
OpenSSH disabled them in 2014 and 2017 for servers and clients so its our
turn to follow the suit.
Fixes T236
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
If the server properly closed the channel, the client should not return
error if it finds the channel closed.
Fixes T231
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Thanks to Ramin Farajpour Cami for spotting this.
Fixes T232
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
private keys for ecdsa keys.
ssh_userauth_publickey() calls ssh_pki_export_pubkey_blob() and tries to export
the the public key from private key if public keys are not already imported
into pkcs #11 tokens.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Set the cmake project verision to the autogenerated file to have a single
point to set the version. This will be included in the libssh.h file.
Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Add SSH_AGAIN as return value to ssh_handle_packets documentation.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
EVP_CIPHER_CTX_init was replaced with _reset.
Removed EVP_CIPHER_CTX_cleanup. The successive _free call handles that.
Removed old SSLeay function usage.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Added extra functions. The next commit will switch to them.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
All subsecond timestamps are only in the packets if both the
SUBSECOND_TIMES flag and the timestamp flag, e.g. ATTR_ACCESSTIME
are set.
SUBSECOND_TIMES are not very common across server implementations
(e.g. openssh does not include it, nor does libssh's sftpserver
implementation), but this interpretation of the SFTP protocol draft
is used by WinSCP and lftp.
Fixes T219.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
If the library is not initialized, SSH_ERROR is returned and the error
message is set properly.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The introduced function returns whether the library is initialized or
not.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
When libssh is statically linked, it is necessary to explicitly call
ssh_init() before calling any other provided API. It is also necessary
to call ssh_finalize() before exiting to free allocated resources.
Fixes T222
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
When a key is rejected, free the allocated memory before returning.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
