shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00
Code Issues Packages Projects Releases Wiki Activity
5,060 Commits 12 Branches 62 Tags
1da78553dce8a112ebdddb68ab84f25e8f1152c5
Commit Graph

5060 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anderson Toshiyuki Sasaki
1da78553dc tests: Add test for CVE-2019-14889 
The test checks if a command appended to the file path is not executed.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1694606e12)
 2020-06-23 19:57:12 +02:00
Andreas Schneider
c5dfc2d5ce buffer: Add NULL check for 'buffer' argument 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 245ad744b5)
 2020-06-08 09:15:26 +02:00
Andreas Schneider
f760781cb8 buffer: Reformat ssh_buffer_add_data() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 10b3ebbe61)
 2020-06-08 09:15:24 +02:00
Andreas Schneider
8316bf1177 sftpserver: Add missing return check for ssh_buffer_add_data() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 2782cb0495)
 2020-06-08 09:15:22 +02:00
Andreas Schneider
e631ebb3e2 sftpserver: Add missing NULL check for ssh_buffer_new() 
Thanks to Ramin Farajpour Cami for spotting this.

Fixes T232

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 533d881b0f)
 2020-06-08 09:15:20 +02:00
David Wedderwille
dcc0b9d7aa cmake: add _POSIX_SOURCE 
Fixes T228

Signed-off-by: David Wedderwille <davidwe@posteo.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 641a80be74)
 2020-05-15 18:43:26 +02:00
Heiko Thiery
b1bbd20dfa cmake: Add autogenerated libssh_version.h 
Set the cmake project verision to the autogenerated file to have a single
point to set the version. This will be included in the libssh.h file.

Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit bee8ed82ab)
 2020-05-07 11:59:09 +02:00
Jakub Jelen
929a6b7d50 pki: Mark explicit fall through 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7c20875891)
 2020-05-05 14:33:32 +02:00
Jakub Jelen
88d676cf1a external: Do not confuse new gcc 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 0c7a772301)
 2020-05-05 14:33:30 +02:00
Jakub Jelen
b93c9ae641 client: Properly indicate fall through 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c45cfce166)
 2020-05-05 14:33:27 +02:00
Heiko Thiery
a77d89d3ea session: add missing return value documentation 
Add SSH_AGAIN as return value to ssh_handle_packets documentation.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e76332bbd6)
 2020-05-05 14:33:24 +02:00
Jakub Jelen
4276560680 channels: Avoid returning SSH_AGAIN from ssh_channel_poll_timeout() 
This addresses a regression introduced in 3bad0607, partially fixed in 022409e9,
but the function was still able to return SSH_AGAIN, which was not expected by
callers.

Based on discussion in [1] and [2]

[1] https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101
[2] https://www.libssh.org/archive/libssh/2020-03/0000029.html

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 6417f5a3ca)
 2020-05-05 14:33:01 +02:00
Jakub Jelen
a7ce241652 channels: reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit fe0fcbbc67)
 2020-05-05 14:32:59 +02:00
Jakub Jelen
1c7cfaba9c examples: Avoid unused parameter warnings and reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit c2f64108a1)
 2020-05-05 14:32:57 +02:00
Jakub Jelen
98c91e68fa examples: Add missing includes 
Fixes: T225

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 58d53f1397)
 2020-05-05 14:32:31 +02:00
Jakub Jelen
078cb4c6f3 libcrypto-compat: Fix indentation and return value 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit eebb02fff5)
 2020-05-05 14:32:27 +02:00
Rosen Penev
5972d7a98e libcrypto: remove deprecated API usage 
EVP_CIPHER_CTX_init was replaced with _reset.

Removed EVP_CIPHER_CTX_cleanup. The successive _free call handles that.

Removed old SSLeay function usage.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 54296787a7)
 2020-05-05 14:32:23 +02:00
Rosen Penev
d35fdfbdb4 libcrypto-compat: add extra functions 
Added extra functions. The next commit will switch to them.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 70478619ce)
 2020-05-05 14:32:15 +02:00
Laurent Bigonville
7ee7ff94ba Fix FTBFS on hurd-i386 
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933015

Signed-off-by: Laurent Bigonville <bigon@bigon.be>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit a881c318ac)
 2020-05-05 14:32:09 +02:00
Laurent Bigonville
c42aab0122 Make the documentation reproducible 
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 5f1d0c4795)
 2020-05-05 14:32:07 +02:00
StefanBruens
69e97057c7 Correctly parse v4 subsecond timestamps 
All subsecond timestamps are only in the packets if both the
SUBSECOND_TIMES flag and the timestamp flag, e.g. ATTR_ACCESSTIME
are set.

SUBSECOND_TIMES are not very common across server implementations
(e.g. openssh does not include it, nor does libssh's sftpserver
implementation), but this interpretation of the SFTP protocol draft
is used by WinSCP and lftp.

Fixes T219.

Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 1ff6dda616)
 2020-05-05 14:32:04 +02:00
Anderson Toshiyuki Sasaki
3025eeace3 client: Check if the library is initialized in ssh_connect() 
If the library is not initialized, SSH_ERROR is returned and the error
message is set properly.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit e3e3a27863)
 2020-05-05 14:31:59 +02:00
Anderson Toshiyuki Sasaki
ffb0007768 client: Reformat ssh_connect() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 0f33eecc01)
 2020-05-05 14:31:58 +02:00
Anderson Toshiyuki Sasaki
a99b8a3979 init: Introduce internal is_ssh_initialized() 
The introduced function returns whether the library is initialized or
not.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit dba2114ed7)
 2020-05-05 14:31:53 +02:00
Anderson Toshiyuki Sasaki
0a450f0251 init: Clarify the need to call ssh_{init, finalize}() 
When libssh is statically linked, it is necessary to explicitly call
ssh_init() before calling any other provided API.  It is also necessary
to call ssh_finalize() before exiting to free allocated resources.

Fixes T222

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit e3e52394c1)
 2020-05-05 14:31:49 +02:00
Andreas Schneider
9e9df61244 Bump version to 0.9.4 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
libssh-0.9.4 		2020-04-09 09:30:20 +02:00
Andreas Schneider
958afb1c6a CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR key 
Fixes T213

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit b36272eac1)
 2020-04-09 09:30:00 +02:00
Anderson Toshiyuki Sasaki
e510de0315 kex: Add support for diffie-hellman-group14-sha256 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9eb1ce88ae)
 2020-04-06 11:36:35 +02:00
Andreas Schneider
34c596182d dh-gex: Check return value of ssh_get_random() 
CID #1422162

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit d2f0d3270a)
 2020-04-06 11:36:33 +02:00
Andreas Schneider
1a18d9cce2 cmake: Fix building with threading support on MinGW 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit a9a7c2dc29)
 2020-04-06 11:36:30 +02:00
Anderson Toshiyuki Sasaki
4c83d19c48 auth: Fix memory leak in ssh_userauth_publickey_auto() 
When a key is rejected, free the allocated memory before returning.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 6bd2b93f43)
 2020-03-29 09:59:52 +02:00
Andreas Schneider
673bf1ff09 doc: Fix a doxygen warning 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 46c54e5ddb)
 2020-03-27 13:15:30 +01:00
Andreas Schneider
fe1fe49617 doc: Make sure we parse the server and sftp documentation 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit bbfce454de)
 2020-03-27 13:15:28 +01:00
Andreas Schneider
316f46f833 doc: Add SSH auth callback to libssh_auth doc group 
Fixes T217

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 3e5dc99198)
 2020-03-27 13:15:26 +01:00
Jon Simons
0dd71375e7 pki: fix pki_key_ecdsa_to_key_type thread-safety 
Resolves https://bugs.libssh.org/T214.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 3664ba2800)
 2020-02-11 10:16:00 +01:00
Andreas Schneider
9a10cef920 channels: Fix ssh_channel_poll_timeout() not returing available bytes 
Fixes T211

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 022409e99c)
 2020-01-23 11:03:44 +01:00
Jakub Jelen
6fcd0940e3 packet_crypt: Check return values from AEAD deciphering 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit e31e7b0406)
 2020-01-23 10:31:44 +01:00
Jakub Jelen
0c8dbf5c81 curve25519: Avoid memory leaks 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 6644f8ca3b)
 2020-01-23 10:31:38 +01:00
Anderson Toshiyuki Sasaki
a0aa62fffe gitlab-ci: Create obj directory for Windows builds 
The obj directory is not created anymore when the git repository is
cloned.  Create the directory during the build.

Also set the variable "ErrorActionPreference: STOP" to make the build to
fail if an error occurs.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7f5e14698f)
 2020-01-23 09:53:48 +01:00
Andreas Schneider
402c922a9e pki_crypto: Fix possible memory leak on error 
CID #1409680

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 72498bac5f)
 2020-01-23 09:50:41 +01:00
Andreas Schneider
112e32ba86 messages: Add missing NULL check 
CID #1409678

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 4b4f568a68)
 2020-01-23 09:50:35 +01:00
Andreas Schneider
e2c5f5c7d1 tests: Use correct assert function for ssh return codes 
CID #1398983

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 6324014866)
 2020-01-23 09:50:33 +01:00
Jakub Jelen
6dcfa25c9b socket: Fix the error message 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 3a6751f3d2)
 2020-01-23 09:50:04 +01:00
Jakub Jelen
eed8d8e957 socket: Kill the proxy command if it still runs on disconnect 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit dd64980662)
 2020-01-23 09:50:01 +01:00
Jakub Jelen
1935e15cd4 pki_gcrypt: Warn about unsupported PEM export in gcrypt 
Based on the following mail thread:

https://www.libssh.org/archive/libssh/2019-12/0000027.html

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 24f450fed1)
 2020-01-23 09:49:52 +01:00
Jakub Jelen
238dbabef8 tests: Unbreak strict builds on Ubuntu 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9d5616a18c)
 2020-01-23 09:49:45 +01:00
Jakub Jelen
ee7ee2404a libgcrypt: Do not leak memory with invalid key lengths 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7e692ee1b6)
 2020-01-23 09:49:35 +01:00
Jakub Jelen
6205cad534 pki_gcrypt: Do not confuse static analyzers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit dd54ffb2f1)
 2020-01-23 09:49:30 +01:00
Jakub Jelen
d5a37e2bf5 legacy,keys: Fix the macro conditions 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 3642224ee5)
 2020-01-23 09:49:26 +01:00
Jakub Jelen
226d2a16b0 mbedcrypto_missing: Always check return values 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9b858f57c5)
 2020-01-23 09:49:22 +01:00