shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 02:39:48 +09:00
Code Issues Packages Projects Releases Wiki Activity
5,187 Commits 12 Branches 62 Tags
245ad744b5ab0582fef7cf3905a717b791d7e08b
Commit Graph

5187 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Schneider
245ad744b5 buffer: Add NULL check for 'buffer' argument 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:40:06 +02:00
Andreas Schneider
10b3ebbe61 buffer: Reformat ssh_buffer_add_data() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:40:04 +02:00
Andreas Schneider
2782cb0495 sftpserver: Add missing return check for ssh_buffer_add_data() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:38:40 +02:00
Andreas Schneider
533d881b0f sftpserver: Add missing NULL check for ssh_buffer_new() 
Thanks to Ramin Farajpour Cami for spotting this.

Fixes T232

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:38:34 +02:00
Jakub Jelen
866e4442b5 Removed old, 10 years unused test files 
They do not build anymore and I believe most of their functionality is already
covered by new testst.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-21 13:34:23 +02:00
Jakub Jelen
39bb93a53b options: Do not reference non-existing function 
Fixes T227

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-21 13:34:23 +02:00
Sahana Prasad
4e4711d2fb unittests: updates torture_pki_ecdsa_uri test by adding negative test cases to ensure there is no crash when 
ssh_pki_export_pubkey_blob() is incorrectly used to export ecdsa pubkeys from privkeys
           when pubkeys are not imported into pkcs #11 tokens.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-05-20 12:49:29 +02:00
Sahana Prasad
7eb6c7ee6c tests/torture.c: update the definition of torture_setup_tokens() to take load_public as an option that 
determines if public keys must be loaded in pkcs #11 tokens or not.
tests:           Adds the load_public parameter in all files where torture_setup_tokens() was used.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-05-20 12:49:29 +02:00
Sahana Prasad
d3f7b64579 tests/pkcs11/setup-softhsm-tokens.sh: updates the script to handle LOADPUBLIC parameter. 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-05-20 12:49:29 +02:00
Sahana Prasad
7de9722d23 src/pki_crypto.c pki_publickey_to_blob() should not be used to export public key from 
private keys for ecdsa keys.
                 ssh_userauth_publickey() calls ssh_pki_export_pubkey_blob() and tries to export
                 the the public key from private key if public keys are not already imported
                 into pkcs #11 tokens.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-05-20 12:49:29 +02:00
David Wedderwille
641a80be74 cmake: add _POSIX_SOURCE 
Fixes T228

Signed-off-by: David Wedderwille <davidwe@posteo.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-05-15 18:39:21 +02:00
Heiko Thiery
bee8ed82ab cmake: Add autogenerated libssh_version.h 
Set the cmake project verision to the autogenerated file to have a single
point to set the version. This will be included in the libssh.h file.

Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-05-06 13:02:32 +02:00
Jakub Jelen
4149cebd64 fuzz: Avoid warnings from csbuild in fuzzers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:29:16 +02:00
Jakub Jelen
425c02cb94 fuzz: Add instructions for corpus creation and first corpus files 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:29:13 +02:00
Jakub Jelen
ad8dedd4a4 fuzz: Allow to increase log level from server fuzzer 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
e26e98e59f fuzz: Do not parse configuration files 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
ae184db913 fuzz: Use none cipher and MAC 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
b88aa98550 Allow example client and server to process different configuration files 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
08a70bb474 tests: Cover ssh_options_getopt with unit tests 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
3d0ecd37fe options: Avoid memory leaks during modification of argv 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
2e7ca3e8a6 options: Properly handle unknown options with arguments 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
b90131dfe6 tests: Verify functionality of none cipher and mac 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
4f976ce5c4 packet: Skip HMAC handling if none is selected 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
239eef6322 packet: Check if set_*_key functions exists before calling it 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
201fd66176 packet: Use temporary variables to avoid long lines 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
e6aee24a1e Add basic support for none cipher and MACs 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
46499b1b90 Drop none cipher and MAC as they are not implemented 
or not intended for production

Related: T85

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
62a0229f16 fuzz: Simplify definition of fuzzing targets and build them also with gcc 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
5411e0821f fuzz: Correctly sort members initialization to prevent GCC warnings 
tests/fuzz/ssh_client_fuzzer.cpp:45:1: error: designator order for field ‘ssh_callbacks_struct::userdata’ does not match declaration order in ‘ssh_callbacks_struct’

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
44de453b22 tests: Enable all CASignatureAlgorithms as SHA1 certificates are now disabled in OpenSSH 8.2p1 
This option is unknown to older OpenSSH versions (for example CentOS 7
with OpenSSH 7.4) so we can not add it everywhere.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
7c20875891 pki: Mark explicit fall through 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
0c7a772301 external: Do not confuse new gcc 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Jakub Jelen
c45cfce166 client: Properly indicate fall through 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-05-05 14:23:06 +02:00
Heiko Thiery
e76332bbd6 session: add missing return value documentation 
Add SSH_AGAIN as return value to ssh_handle_packets documentation.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-04-24 16:00:29 +02:00
Heiko Thiery
99e0ad75a6 tests: add testcases for ssh_channel_poll_timeout() 
This adds testcases for the regression introduced in 3bad0607.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-04-24 15:57:38 +02:00
Jakub Jelen
154765ae8c config: Check null deref 
As reported by LGTM

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
6417f5a3ca channels: Avoid returning SSH_AGAIN from ssh_channel_poll_timeout() 
This addresses a regression introduced in 3bad0607, partially fixed in 022409e9,
but the function was still able to return SSH_AGAIN, which was not expected by
callers.

Based on discussion in [1] and [2]

[1] https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101
[2] https://www.libssh.org/archive/libssh/2020-03/0000029.html

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
fe0fcbbc67 channels: reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
c2f64108a1 examples: Avoid unused parameter warnings and reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
59ac79c4dc gitlab-ci: Avoid passing artifacts between completely unrelated stages 
The introduction of stages in gitlab-ci had quite a unfortune side
effect that is described in the documentation [1]. The whole artifacts
path (in our case obj/) is passed from one stage to another by default,
which is causing very odd behavior as the previous results are only
partially overwritten by the new cmake command and can even lead to
execution of tests that are not supposed to run in particular job.

[1] https://docs.gitlab.com/ee/ci/yaml/#dependencies

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
7f57717f84 gitlab-ci: Fix typo 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
db948bdac8 tests: Enable RSA SHA1 certs for testing against older OpenSSH 
The OpenSSH 7.4 or 7.6 in Ubuntu and CentOS 7 does not support SHA2
RSA certificates and libssh automatically falls back to SHA1, which
is not allowed by default.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
6941958b49 tests: Update coverage of config_parser 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
1ba6ef689f config_parser: Allow equal sign as a separator and eat up trailing whitespace 
Probably fixes T210

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
fecdc3cc0e Disable RSA and DSA keys with sha1 by default 
Fixes: T218

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
04ae110c61 pkd: Enable all hostkeys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
9ac2d14707 tests: Enable all host key algorithms in testing client 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
bab2c775da Make the testing ping use all supported algorithms 
Previously, it would use only the default set, which makes some tests failing
including the DSA ones and disabled RSA with SHA1.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
945829a5dd Reformat ssh_bind_accept() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-15 20:05:56 +02:00
Jakub Jelen
58d53f1397 examples: Add missing includes 
Fixes: T225

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-15 20:05:56 +02:00