shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00
Code Issues Packages Projects Releases Wiki Activity
3,216 Commits 12 Branches 62 Tags
1accbcb98bd4c259151b6103b0771f2bed6a109c
Commit Graph

1104 Commits

Author SHA1 Message Date
Douglas Heriot
1accbcb98b cmake: Do not use CMAKE_(SOURCE|BINARY)_DIR 
(cherry picked from commit a65af1b3b8)
 2015-06-24 18:36:08 +02:00
Tiamo Laitakari
342ae10f08 pki: Fix allocation of ed25519 public keys 
Signed-off-by: Tiamo Laitakari <tiamo.laitakari@cs.helsinki.fi>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 5478de1a64)
 2015-06-24 18:36:08 +02:00
Andreas Schneider
64233fa3bb misc: Correctly guard the sys/time.h include 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit ef751a26d0)
 2015-06-24 18:36:08 +02:00
Andreas Schneider
a3f3f9cb76 kex: Add comments to #if clauses 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1d69e073af)
 2015-06-24 16:24:08 +02:00
Aris Adamantiadis
5aeae08be0 channels: fix exit-status not correctly set 2015-06-03 16:41:19 +02:00
Mike DePaulo
64a658acaa Comment that ssh_forward_cancel() is deprecated. 
Signed-off-by: Aris Adamantiadis <aris@badcode.be>
 2015-05-29 11:30:32 +02:00
Mike DePaulo
361940a5d7 Reintroduce ssh_forward_listen() (Fixes: #194) 
Signed-off-by: Aris Adamantiadis <aris@badcode.be>
 2015-05-29 11:24:27 +02:00
Jon Simons
ee460dc04b kex: also compare host keys for 'first_kex_packet_follows' 
Also consider the host key type at hand when computing whether a
'first_kex_packet_follows' packet matches the current server settings.
Without this change libssh may incorrectly believe that guessed
settings which match by kex algorithm alone fully match: the host
key types must also match.  Observed when testing with dropbear
clients.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-05 22:03:47 +02:00
Jon Simons
f134cb3d57 server: return SSH_OK for ignored SSH_MSG_KEXDH_INIT case 
Return SSH_OK for the case that an incoming SSH_MSG_KEXDH_INIT should be
ignored.  That is, for the case that the initial 'first_kex_packet_follows'
guess is incorrect.  Before this change sessions served with libssh can be
observed to error out unexpectedly early when testing with dropbear clients
that send an incompatible guess.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-05 22:03:32 +02:00
Andreas Schneider
e8720a30e2 cmake: Add --enable-stdcall-fixup for MinGW builds 
This fixes warnings for getaddrinfo() and freeaddrinfo().

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-05 18:59:30 +02:00
Andreas Schneider
ca501df8c8 sftp: Fix size check 
CID: #1296588

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-05 11:26:40 +02:00
Andreas Schneider
a4cecf59d5 external: Fix resetting the state 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 18:10:30 +02:00
Andreas Schneider
244881b87d external: Make sure we burn buffers in bcrypt 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
cf05e653de external: Fix a possible buffer overrun in bcrypt_pbkdf 
CID: #1250106

This fixes a 1 byte output overflow for large key length (not reachable
in libssh). Pulled from OpenBSD BCrypt PBKDF implementation.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
4b9916136d sftp: Add bound check for size 
CID: #1238630

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
33ecff11dd buffer: Cleanup vaargs in ssh_buffer_unpack_va() 
CID: #1267977

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
83d3ee7fdb string: Improve ssh_string_len() to avoid tainted variables 
CID: #1278978

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
b1a3f4ee33 pki_container: Fix a memory leak 
CID: #1267980

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
05498e0e33 pki_container: Add check for return value 
CID: #1267982

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Aris Adamantiadis
3091025472 buffers: Fix a possible null pointer dereference 
This is an addition to CVE-2015-3146 to fix the null pointer
dereference. The patch is not required to fix the CVE but prevents
issues in future.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-23 10:33:52 +02:00
Aris Adamantiadis
bf0c7ae0ae CVE-2015-3146: Fix state validation in packet handlers 
The state validation in the packet handlers for SSH_MSG_NEWKEYS and
SSH_MSG_KEXDH_REPLY had a bug which did not raise an error.

The issue has been found and reported by Mariusz Ziule.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-23 10:15:47 +02:00
Kevin Fan
b5dc8197f7 Fix leak of sftp->ext when sftp_new() fails 
Signed-off-by: Kevin Fan <kevinfan@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-14 20:56:56 +02:00
Andreas Schneider
1cb940c44a socket: Cleanup ssh_socket_close() code. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:32:09 +02:00
Andreas Schneider
3f04367fb8 bind: Correctly close sockets and invalidate them. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:32:09 +02:00
Andreas Schneider
6c7e552509 cmake: Require cmake version 2.8.0 2015-04-10 13:32:09 +02:00
Andreas Schneider
b1cb8de385 cmake: Check for sys/param.h header file 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:07:12 +02:00
Andreas Schneider
69c9cd029f cmake: Check for arpa/inet.h header file 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:02:56 +02:00
Andreas Schneider
c699b9ca94 external: Use standard int types 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:02:56 +02:00
Andreas Schneider
5236358a48 messages: Don't leak memory after callback execution 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 16:13:20 +02:00
Andreas Schneider
e0a73d3dbe poll: Fix compilation with struct ssh_timestamp 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 15:02:29 +02:00
Andreas Schneider
a3357b8920 include: We should use __func__ which is C99 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 10:58:36 +02:00
Seb Boving
7ec798d3e7 Locally restart ssh_poll() upon EINTR. 
BUG: https://red.libssh.org/issues/186

Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Sebastien Boving <seb@google.com>
 2015-02-23 22:05:54 +01:00
xjoaalm
f32e5f2191 Sending EOF on Socket that received a Broken Pipe makes call to poll to hang 
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Joao Pedro Almeida Pereira <joao.almeida@blue-tc.com>
 2015-02-23 22:01:15 +01:00
Aris Adamantiadis
940cb233ce buffer: buffer_pack & unpack on non-gnu compilers 2015-02-08 18:49:32 +01:00
Aris Adamantiadis
d3f30da158 buffer: fix use-before-nullcheck (coverity #1267979) 
Additionally, the function call was already existing after
the NULL check
 2015-02-03 22:21:22 +01:00
Aris Adamantiadis
760d93e87b Revert "pki_gcrypt: fix warnings for SSH_KEYTYPE_ED25519" 
This reverts commit 10f71c6769.
Commit was redundant with ed25519 branch
 2015-02-03 09:58:28 +01:00
Aris Adamantiadis
8af829a42a base64: Use secure buffers 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 17:33:58 +01:00
Andreas Schneider
ad8fa427dd buffer: Abort if the canary is not intact in ssh_buffer_unpack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:34 +01:00
Andreas Schneider
de10a7754b buffer: buffer: Improve argument checking of in ssh_buffer_pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:31 +01:00
Andreas Schneider
6789170799 buffer: Abort if the canary is not intact in ssh_buffer_unpack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:28 +01:00
Andreas Schneider
afc9988c93 buffer: Improve argument checking in ssh_buffer_pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:18 +01:00
Aris Adamantiadis
2490404d45 Move all 3rd-party C files to src/external/ 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:53 +01:00
Aris Adamantiadis
9e4700cdc0 ed25519: Add support for OpenSSH encrypted container export 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
423fa6818b ed25519: ADd OpenSSH encrypted container import 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
61e2c8f0f7 external: Add OpenSSH bcrypt and blowfish implementation 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
c02b260e7e server: Add support for ed25519 keys in the server. 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
01a6004171 kex: Add support for ed25519 on client connections. 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
46bc11f977 ed25519: Add support to export OpenSSH container keys 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
4343ac5b08 libgcrypt: Make the PEM parser ed25519 aware 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
6b9183a20b libcrypto: Make the PEM parser ed25519 aware 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00