libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00

Author	SHA1	Message	Date
Jakub Jelen	3d0ecd37fe	options: Avoid memory leaks during modification of argv Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	2e7ca3e8a6	options: Properly handle unknown options with arguments Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	4f976ce5c4	packet: Skip HMAC handling if none is selected Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	239eef6322	packet: Check if set_*_key functions exists before calling it Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	201fd66176	packet: Use temporary variables to avoid long lines Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	e6aee24a1e	Add basic support for none cipher and MACs Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	7c20875891	pki: Mark explicit fall through Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	0c7a772301	external: Do not confuse new gcc Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Jakub Jelen	c45cfce166	client: Properly indicate fall through Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-05-05 14:23:06 +02:00
Heiko Thiery	e76332bbd6	session: add missing return value documentation Add SSH_AGAIN as return value to ssh_handle_packets documentation. Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-04-24 16:00:29 +02:00
Jakub Jelen	154765ae8c	config: Check null deref As reported by LGTM Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-20 14:14:33 +02:00
Jakub Jelen	6417f5a3ca	channels: Avoid returning SSH_AGAIN from ssh_channel_poll_timeout() This addresses a regression introduced in `3bad0607`, partially fixed in `022409e9`, but the function was still able to return SSH_AGAIN, which was not expected by callers. Based on discussion in [1] and [2] [1] https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101 [2] https://www.libssh.org/archive/libssh/2020-03/0000029.html Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-20 14:14:33 +02:00
Jakub Jelen	fe0fcbbc67	channels: reformat Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-20 14:14:33 +02:00
Jakub Jelen	1ba6ef689f	config_parser: Allow equal sign as a separator and eat up trailing whitespace Probably fixes T210 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-20 14:14:33 +02:00
Jakub Jelen	fecdc3cc0e	Disable RSA and DSA keys with sha1 by default Fixes: T218 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-20 14:14:33 +02:00
Jakub Jelen	945829a5dd	Reformat ssh_bind_accept() Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-15 20:05:56 +02:00
Jakub Jelen	eebb02fff5	libcrypto-compat: Fix indentation and return value Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-15 20:05:56 +02:00
Rosen Penev	54296787a7	libcrypto: remove deprecated API usage EVP_CIPHER_CTX_init was replaced with _reset. Removed EVP_CIPHER_CTX_cleanup. The successive _free call handles that. Removed old SSLeay function usage. Signed-off-by: Rosen Penev <rosenp@gmail.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-15 20:05:56 +02:00
Rosen Penev	70478619ce	libcrypto-compat: add extra functions Added extra functions. The next commit will switch to them. Signed-off-by: Rosen Penev <rosenp@gmail.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-15 20:05:56 +02:00
StefanBruens	1ff6dda616	Correctly parse v4 subsecond timestamps All subsecond timestamps are only in the packets if both the SUBSECOND_TIMES flag and the timestamp flag, e.g. ATTR_ACCESSTIME are set. SUBSECOND_TIMES are not very common across server implementations (e.g. openssh does not include it, nor does libssh's sftpserver implementation), but this interpretation of the SFTP protocol draft is used by WinSCP and lftp. Fixes T219. Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-04-15 13:21:28 +02:00
Anderson Toshiyuki Sasaki	e3e3a27863	client: Check if the library is initialized in ssh_connect() If the library is not initialized, SSH_ERROR is returned and the error message is set properly. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki	0f33eecc01	client: Reformat ssh_connect() Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki	dba2114ed7	init: Introduce internal is_ssh_initialized() The introduced function returns whether the library is initialized or not. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-09 11:25:49 +02:00
Anderson Toshiyuki Sasaki	e3e52394c1	init: Clarify the need to call ssh_{init, finalize}() When libssh is statically linked, it is necessary to explicitly call ssh_init() before calling any other provided API. It is also necessary to call ssh_finalize() before exiting to free allocated resources. Fixes T222 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-09 11:25:49 +02:00
Andreas Schneider	b36272eac1	CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR key Fixes T213 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-09 09:28:03 +02:00
Sahana Prasad	cd15043656	src/pki_crypto.c corrects the incorrect usage of enum Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-06 09:27:55 +02:00
Anderson Toshiyuki Sasaki	9eb1ce88ae	kex: Add support for diffie-hellman-group14-sha256 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-04-06 09:27:26 +02:00
Andreas Schneider	d2f0d3270a	dh-gex: Check return value of ssh_get_random() CID #1422162 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-04-02 07:25:53 +02:00
Andreas Schneider	a9a7c2dc29	cmake: Fix building with threading support on MinGW Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-04-01 14:35:17 +02:00
Anderson Toshiyuki Sasaki	6bd2b93f43	auth: Fix memory leak in ssh_userauth_publickey_auto() When a key is rejected, free the allocated memory before returning. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-03-29 09:58:19 +02:00
Andreas Schneider	a9e39a41ff	pki: Small code cleanup in ssh_pki_signature_verify() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:46:14 +01:00
Andreas Schneider	0ece6e52aa	pki: Use SSH_BUFFER_FREE() in ssh_pki_signature_verify() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:44:58 +01:00
Andreas Schneider	f208e4b332	pki: Add missing return check for ssh_buffer_pack() CID #1419376 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:44:17 +01:00
Andreas Schneider	9fcb559301	pki: Fix memory leak of blob on error CID #1419377 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:41:11 +01:00
Andreas Schneider	702e7e4c85	channels: Replace PRIdS with ANSI C99 %zu Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:39:06 +01:00
Andreas Schneider	8542f675f4	sftp: Replace PRIdS with ANSI C99 %zu Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:39:06 +01:00
Andreas Schneider	faedadf2eb	packet: Replace PRIdS with ANSI C99 %zu Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-12 09:39:06 +01:00
Sahana Prasad	862b2341d7	src: updates documentation incorporate PKCS#11 URIs in import functions. Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-02-11 14:25:18 +01:00
Sebastian Kinne	17b518a677	pki: add support for sk-ecdsa and sk-ed25519 This adds server-side support for the newly introduced OpenSSH keytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com (including their corresponding certificates), which are backed by U2F/FIDO2 tokens. Change-Id: Ib73425c572601c3002be45974e6ea051f1d7efdc Signed-off-by: Sebastian Kinne <skinne@google.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-11 10:08:26 +01:00
Jon Simons	3664ba2800	pki: fix `pki_key_ecdsa_to_key_type` thread-safety Resolves https://bugs.libssh.org/T214. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-02-11 10:08:26 +01:00
Andreas Schneider	022409e99c	channels: Fix ssh_channel_poll_timeout() not returing available bytes Fixes T211 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2020-01-23 10:20:59 +01:00
Jakub Jelen	07f571f1c0	Implement chacha20-poly1305 in mbedTLS Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Jakub Jelen	60a987fd17	Implement ChaCha20-poly1305 cipher using native OpenSSL Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Jakub Jelen	94fe7634e1	Do not build in internal chacha implementation if gcrypt supports that Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Jakub Jelen	8670fb101b	chacha: Create common file to avoid code duplication Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Jakub Jelen	e31e7b0406	packet_crypt: Check return values from AEAD deciphering Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Jakub Jelen	6644f8ca3b	curve25519: Avoid memory leaks Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2020-01-23 09:48:11 +01:00
Andreas Schneider	06d25497ff	pki: Avoid uneeded memory duplication CID #1412375 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-01-23 09:21:04 +01:00
Andreas Schneider	8215753402	misc: Make the src pointer const in ssh_strreplace() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-01-23 09:20:43 +01:00
Sahana Prasad	240bf3236a	misc: Simplifies ssh_strreplace(). Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2020-01-23 09:19:07 +01:00

1 2 3 4 5 ...

2238 Commits