shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 18:50:27 +09:00
Code Issues Packages Projects Releases Wiki Activity
6,000 Commits 12 Branches 62 Tags
2daf3dc4a8d83dd74d98ce8cea2b2e457fedbc5a
Commit Graph

2718 Commits

Author SHA1 Message Date
Anderson Toshiyuki Sasaki
e3e3a27863 client: Check if the library is initialized in ssh_connect() 
If the library is not initialized, SSH_ERROR is returned and the error
message is set properly.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki
0f33eecc01 client: Reformat ssh_connect() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki
dba2114ed7 init: Introduce internal is_ssh_initialized() 
The introduced function returns whether the library is initialized or
not.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki
e3e52394c1 init: Clarify the need to call ssh_{init, finalize}() 
When libssh is statically linked, it is necessary to explicitly call
ssh_init() before calling any other provided API.  It is also necessary
to call ssh_finalize() before exiting to free allocated resources.

Fixes T222

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-09 11:25:49 +02:00
Andreas Schneider
b36272eac1 CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR key 
Fixes T213

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-09 09:28:03 +02:00
Sahana Prasad
cd15043656 src/pki_crypto.c corrects the incorrect usage of enum 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-06 09:27:55 +02:00
Anderson Toshiyuki Sasaki
9eb1ce88ae kex: Add support for diffie-hellman-group14-sha256 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-04-06 09:27:26 +02:00
Andreas Schneider
d2f0d3270a dh-gex: Check return value of ssh_get_random() 
CID #1422162

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-04-02 07:25:53 +02:00
Andreas Schneider
a9a7c2dc29 cmake: Fix building with threading support on MinGW 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-01 14:35:17 +02:00
Anderson Toshiyuki Sasaki
6bd2b93f43 auth: Fix memory leak in ssh_userauth_publickey_auto() 
When a key is rejected, free the allocated memory before returning.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-03-29 09:58:19 +02:00
Andreas Schneider
a9e39a41ff pki: Small code cleanup in ssh_pki_signature_verify() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:46:14 +01:00
Andreas Schneider
0ece6e52aa pki: Use SSH_BUFFER_FREE() in ssh_pki_signature_verify() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:44:58 +01:00
Andreas Schneider
f208e4b332 pki: Add missing return check for ssh_buffer_pack() 
CID #1419376

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:44:17 +01:00
Andreas Schneider
9fcb559301 pki: Fix memory leak of blob on error 
CID #1419377

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:41:11 +01:00
Andreas Schneider
702e7e4c85 channels: Replace PRIdS with ANSI C99 %zu 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:39:06 +01:00
Andreas Schneider
8542f675f4 sftp: Replace PRIdS with ANSI C99 %zu 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:39:06 +01:00
Andreas Schneider
faedadf2eb packet: Replace PRIdS with ANSI C99 %zu 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-12 09:39:06 +01:00
Sahana Prasad
862b2341d7 src: updates documentation incorporate PKCS#11 URIs in import functions. 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-02-11 14:25:18 +01:00
Sebastian Kinne
17b518a677 pki: add support for sk-ecdsa and sk-ed25519 
This adds server-side support for the newly introduced OpenSSH
keytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com
(including their corresponding certificates), which are backed
by U2F/FIDO2 tokens.

Change-Id: Ib73425c572601c3002be45974e6ea051f1d7efdc
Signed-off-by: Sebastian Kinne <skinne@google.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-11 10:08:26 +01:00
Jon Simons
3664ba2800 pki: fix pki_key_ecdsa_to_key_type thread-safety 
Resolves https://bugs.libssh.org/T214.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-02-11 10:08:26 +01:00
Andreas Schneider
022409e99c channels: Fix ssh_channel_poll_timeout() not returing available bytes 
Fixes T211

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-01-23 10:20:59 +01:00
Jakub Jelen
07f571f1c0 Implement chacha20-poly1305 in mbedTLS 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Jakub Jelen
60a987fd17 Implement ChaCha20-poly1305 cipher using native OpenSSL 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Jakub Jelen
94fe7634e1 Do not build in internal chacha implementation if gcrypt supports that 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Jakub Jelen
8670fb101b chacha: Create common file to avoid code duplication 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Jakub Jelen
e31e7b0406 packet_crypt: Check return values from AEAD deciphering 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Jakub Jelen
6644f8ca3b curve25519: Avoid memory leaks 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2020-01-23 09:48:11 +01:00
Andreas Schneider
06d25497ff pki: Avoid uneeded memory duplication 
CID #1412375

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-01-23 09:21:04 +01:00
Andreas Schneider
8215753402 misc: Make the src pointer const in ssh_strreplace() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-01-23 09:20:43 +01:00
Sahana Prasad
240bf3236a misc: Simplifies ssh_strreplace(). 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-01-23 09:19:07 +01:00
Andreas Schneider
72498bac5f pki_crypto: Fix possible memory leak on error 
CID #1409680

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-01-23 09:19:07 +01:00
Andreas Schneider
4b4f568a68 messages: Add missing NULL check 
CID #1409678

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-01-23 09:19:07 +01:00
Jakub Jelen
e5553a92d9 socket: Use the users shell for running proxy command 
Fixes T200 and tests on ubuntu, which is using dash

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
3a6751f3d2 socket: Fix the error message 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
dd64980662 socket: Kill the proxy command if it still runs on disconnect 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
24f450fed1 pki_gcrypt: Warn about unsupported PEM export in gcrypt 
Based on the following mail thread:

https://www.libssh.org/archive/libssh/2019-12/0000027.html

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
7e692ee1b6 libgcrypt: Do not leak memory with invalid key lengths 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
dd54ffb2f1 pki_gcrypt: Do not confuse static analyzers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
3642224ee5 legacy,keys: Fix the macro conditions 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:45:24 +01:00
Jakub Jelen
9b858f57c5 mbedcrypto_missing: Always check return values 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Jakub Jelen
13c88a2e0a mbedcrypto_missing: Avoid potential memory leaks as reported by csbuild 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Jakub Jelen
059b6851dc pki_mbedtls: Avoid potential memory leaks 
reported by csbuild

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Jakub Jelen
71ba61cc5b pki_mbedtls: Do not warn about unused arguments 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Jakub Jelen
30cc1568f4 options: Avoid needless assignment as reported by csbuild 
The error was

 src/options.c:971:13: warning: Value stored to 'u' is never read
 #            u = 0;
 #            ^   ~
 src/options.c:971:13: note: Value stored to 'u' is never read
 #            u = 0;
 #            ^   ~
 #  969|           case SSH_OPTIONS_KBDINT_AUTH:
 #  970|           case SSH_OPTIONS_GSSAPI_AUTH:
 #  971|->             u = 0;
 #  972|               if (value == NULL) {
 #  973|                   ssh_set_error_invalid(session);

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Jakub Jelen
e2841908fb kex: Avoid always-false comparisons as reported by csbuild 
/builds/jjelen/libssh-mirror/src/kex.c:360:17: warning: comparison of unsigned expression < 0 is always false [-Wtype-limits] <--[cc]
  360 |         if (len < 0) {
      |                 ^
/builds/jjelen/libssh-mirror/src/kex.c:372:17: warning: comparison of unsigned expression < 0 is always false [-Wtype-limits] <--[cc]
  372 |         if (len < 0) {
      |                 ^

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-23 14:31:32 +01:00
Sahana Prasad
4ea09256f6 src: Implements PKCS11 URI support 
Imports private and public keys from the engine via PKCS11 URIs. Uses
the imported keys to authenticate to the ssh server.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-20 16:17:33 +01:00
Sahana Prasad
6bf4ada240 src: Helper funtions to detect PKCS #11 URIs 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-20 14:41:02 +01:00
Sahana Prasad
86a0dfa65b src: Adds the Engine header file and invokes cleanup of the engine 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-12-20 14:40:51 +01:00
Andreas Schneider
35216e7254 misc: Add ssh_strreplace() 
Pair-Programmed-With: Sahana Prasad <sahana@redhat.com>
Signed-Off-by: Sahana Prasad <sahana@redhat.com>
Signed-Off-By: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-20 14:35:18 +01:00
Andreas Schneider
5317ebf0fc misc: Add ssh_tmpname() 
Signed-Off-By: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-20 14:35:04 +01:00