The previous code created private key curve25519 in OpenSSL, then exported
private key and during key generation, created a new OpenSSL private key object.
This is needless amount of copying potentially sensitive data back and forth and
this will not work when the private key would be backed with external OpenSSL
provider, such as pkcs11 provider or different crypto accelerator handling the
private key operations for us.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
For the sake of reducing code repetition, this commit
adds a helper function to receive sftp response
messages. The function can operate in both blocking
and non-blocking modes.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Fixed include order and formatting issues regarding the 80 char
column width limit
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Windows supports localtime_s() instead of POSIX's localtime_r()
and the function prototype of localtime_s() is different as compared
to localtime_r().
This commit introduces ssh_localtime() (having same prototype as localtime_r())
for Windows which acts as a wrapper for localtime_s(), and defines localtime_r
as a macro which expands to ssh_localtime for Windows.
As a result, libssh can now use localtime_r() on Windows in the same manner
as localtime_r() can be used on POSIX systems.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Some SDK already defined __VA_NARG__, so without #ifndef __VA_NARG__ guard
we got a lot of "__VA_NARG__" redefined warnings.
Fix it by adding #ifndef __VA_NARG__ guard in include/libssh/priv.h.
Fixes: #279
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Presumably this header is always imported with all the other necessary ones so
it doesn't usually make a difference, but generating Julia bindings from the
header by itself requires all the types to be defined (e.g. ssh_session,
ssh_channel, etc).
Signed-off-by: James Wrigley <james@puiterwijk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Currently if a non-blocking `ssh_session` is passed most calls will fail because
they don't know how to handle `SSH_AGAIN`.
Signed-off-by: James Wrigley <james@puiterwijk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
fix: implement gssapi logging according to docs
fix: remove redundant setting of session->gssapi to NULL
feat: add gssapi struct and functions to header file
refactor: initialize gssapi context once
fix: remove redundant ssh_gssapi_free
Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
tests: modify proxyjump tests to check for ssh_jump_info_struct
tests: add proxyjump functionality test
feat: add SSH_OPTIONS_PROXYJUMP
tests: proxyjump, check authentication
fix: ssh_socket_connect_proxyjump add exit label to exit on error
feat: implement io forwarding using pthread
feat: proxyjump: use threading instead of forking
feat: proxyjump: cancel forwarding threads on ssh_disconnect
fix: proxyjump remove ProxyJump bool and put pthread ifdefs
feat: use ssh_event for io forwarding instead of threads
reformat: tests to use assert_int_not_equal
fix: link to pthread
refactor: make function to free proxy jump list
docs: add comment for proxy jump channel
feat: add env variable to enable libssh proxy jump
feat: open channel for proxyjump like OpenSSH
feat: add more tests for proxy jump
fix: use a global variable to close io forwarding, this prevents segfaults
fix: handle proxy list in thread without creating copy
Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
.. to satisfy restricted environment or fuzzers
We are encountering weird issues in the oss-fuzz that the file disappears during
coverage build so I assume some corpus sneaked in, that contains some commands
that end up being executed as part of the coverage run causing it randomly
failing.
The solution I propose is to build fuzzers without ability to call arbitrary
commands on the filesystem (such as `rm -rf /`) as this is not the point the
fuzzers should be testing.
This is controlled by the WITH_EXEC CMake option (enabled by default).
https://github.com/google/oss-fuzz/issues/10136
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
ssh_match_group() has been moved from misc.c to match.c, because it fits
better with other match_*() functions in match.c
The name of the function has also been changed from "ssh_match_group" to
"match_group" to be consistent with the naming of the other match.c
functions.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This way we will get errors as return code else we don't know if the
function failed (SSH_ERROR) or the exit_status is -1 which would
correspond to SSH_ERROR.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This is what we get in the packet and is defined in RFC4254.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Legacy code in 'ssh_set_callbacks' will fallback to
'ssh_legacy_log_callback' (if the current log cb is
NULL) setting the user data to the current session.
However, if any other session is created afterwards,
it won't update the user data with the new session,
potentially leading to a use-after-free.
Fixes#238.
Signed-off-by: Diego Roux <diegoroux04@protonmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
When opening a PTY on the server, try to use the current TTY's settings
(i.e. based on STDIN). If that fails or STDIN isn't a TTY, use default
modes that avoid any character translation.
Don't rely on stdin to be a TTY (breaks CI). Instead, open a PTY and
temporarily use that as "fake" stdin.
Signed-off-by: Daniel Evers (daniel.evers@utimaco.com)
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Added the new function `ssh_channel_request_pty_size_modes` which allows
to pass additional encoded SSH terminal modes (see opcodes in RFC 4245).
Signed-off-by: Daniel Evers (daniel.evers@utimaco.com)
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Malicious code can be injected using the username with metacharacters,
therefore the username must be validated before using it with any %u.
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
In the sftp_init() call, the limits are stored in the sftp_sesssion.
If the limits@openssh.com extension is supported the limits are retrieved
from the server, else libssh uses the default limits.
The sftp library functions that require the limits can access them using
the sftp session.
The library user can call sftp_limits() to get a copy of the limits
stored in the sftp session. Since the limits were already retrieved
from the server during sftp_init(), this sftp_limits() call requires
no communication with the server.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The closing brace of the @addtogroup command was too low, causing some logging
functions to be added to the threads group.
Signed-off-by: James Wrigley <james@puiterwijk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
The hostname can be a domain name or an ip address. The colon has to be
allowed because of IPv6 even it is prohibited in domain names.
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
