Alberto Aguirre
1ece5a849c
packet_crypt: Avoid setting keys every time
...
Avoid setting keys on every packet decrypt or encrypt operation.
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
238202d380
libgcrypt: make it compatible with chacha20
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
8a735d5eb7
chacha: packet decryption
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
d038c4dee7
chacha: packet encryption
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
acc1ade74a
external: Add ChaCha and Poly1305 implementations from OpenSSH
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 09:06:30 +02:00
Andreas Schneider
c563ed636a
Remove vim modelines from all files
...
If you want modelines use my vim plugin:
https://github.com/cryptomilk/git-modeline.vim
git config --add vim.modeline "ts=4 sw=4 et"
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-28 08:41:08 +02:00
Jon Simons
7798d39187
dh: fix two leaks in ssh_get_pubkey_hash
...
Fix two memory leaks in `ssh_get_pubkey_hash` for some error paths.
The local `h` buffer and `ctx` MD5 context each must be free'd for
the SSH_ERROR cases.
Introduced with 16217454d5jon@jonsimons.org >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 21:25:34 +02:00
Jon Simons
58ef1e96b8
dh: fix ssh_get_pubkey_hash indentation
...
Fix `ssh_get_pubkey_hash` indentation to use softabs
with 4 spaces. No change in behavior.
Signed-off-by: Jon Simons <jon@jonsimons.org >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 21:25:32 +02:00
Jon Simons
448de134ac
ecdh: fix SSH_MSG_KEXDH_REPLY for mbedTLS
...
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d5jon@jonsimons.org >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 21:25:28 +02:00
Jon Simons
fd3d8d6496
ecdh: fix SSH_MSG_KEXDH_REPLY for libgcrypt
...
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d5jon@jonsimons.org >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 21:25:26 +02:00
Jon Simons
0b90ab102e
ecdh: fix SSH_MSG_KEXDH_REPLY for libcrypto
...
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d5jon@jonsimons.org >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 21:25:24 +02:00
Andreas Schneider
1ae014f52a
dh: Fix reference to ssh_session_update_known_hosts()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-27 09:45:35 +02:00
Alberto Aguirre
b50fb638f7
knownhosts: Fix windows build failure
...
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-25 08:20:40 +02:00
Andreas Schneider
0940b0f29b
knownhosts: Do not double free memory
...
CID 1393236
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-06 08:38:14 +02:00
Andreas Schneider
f5f8c0fc76
knownhosts: Fix resource leak in ssh_known_hosts_parse_line()
...
CID 1391444
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-05 10:44:54 +02:00
Andreas Schneider
c4dbe3b863
knownhosts: Fix a memory leak on error
...
CID 1391446
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-05 10:43:08 +02:00
Andreas Schneider
669678119c
knownhosts: Fix possible null pointer dereference
...
CID 1391447
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-05 10:35:42 +02:00
Andreas Schneider
34e7a3cf8c
knownhosts: Fix resource leak in ssh_session_update_known_hosts()
...
CID 1391448
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-05 10:34:56 +02:00
Andreas Schneider
1001cbbb99
knownhosts: Fix resource leak in ssh_known_hosts_read_entries()
...
CID 1391449
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-05 10:34:49 +02:00
Aris Adamantiadis
36d52ee205
buffer: Add ssh_buffer_allocate() function
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 16:55:23 +02:00
Aris Adamantiadis
0ad462102a
packet: Add more debugging
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 16:55:21 +02:00
Andreas Schneider
4550c99222
known_hosts: Mark ssh_is_server_known as deprecated
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
a209f928d2
kwonhosts: Add functions to check if servers public key is known
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
f23dbe6f42
knownhosts: Add ssh_session_update_known_hosts()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
974e1831a0
knownhosts: Add ssh_session_export_known_hosts_entry()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
963c46e4fb
knownhosts: Add ssh_session_has_known_hosts_entry()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
32c49ea134
misc: Add ssh_list_count()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
a465ea2d49
knownhosts: Add ssh_known_hosts_read_entries()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
702e9e8ad5
knownhosts: Introduce new known hosts managing functions
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:20:28 +02:00
Andreas Schneider
952c64b4c0
threads: Fix compiler warning
...
Use a protype for libcrypto_lock_callback().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-06-04 11:18:12 +02:00
Andreas Schneider
8457580f61
wrapper: Fix memory leak when freeing server_pubkey
...
Thanks to John McVann.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-05-14 08:17:08 +02:00
Andreas Schneider
ed4ea51bb8
connector: Add missing check for POLLHUP to detect EOF
...
Thanks to Chris Townsend.
Fixes T81
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-05-07 20:36:56 +02:00
Andreas Schneider
22a92da30d
auth: Handle SSH_AUTH_PARTIAL in agent auth correctly
...
Thanks to Orion Poplawski.
Fixes T82
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-05-07 20:32:13 +02:00
Andreas Schneider
362b20a0bc
server: Fix segfault in dh_handshake_server()
...
Thanks to Felix Jones
Fixes T91
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-05-07 20:09:56 +02:00
Andreas Schneider
816234350d
pki: Fix duplicating ed25519 public keys
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-25 16:25:32 +02:00
Andreas Schneider
4aeb0cfd9c
server: Fix session pubkey import
...
This is a regression introduced by 16217454d5asn@cryptomilk.org >
2018-04-20 13:47:46 +02:00
Andreas Schneider
c705fb6e3b
kex1: Add missing NULL check in make_rsa1_string()
...
CID 1388445
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:33:55 +02:00
Andreas Schneider
1a36aa21ba
packet_cb: Fix the if check in ssh_packet_newkeys()
...
CID 1388446
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:32:35 +02:00
Andreas Schneider
c2f8010b60
known_hosts: Do not leak pubkey_buffer in check_public_key()
...
CID: 1388447
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:29:21 +02:00
Andreas Schneider
64985f7bea
server: Do not leak pubkey_blob in ssh_get_key_params()
...
CID 1388448
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:27:01 +02:00
Nikos Mavrogiannopoulos
3f562ee586
buffer: Do not call explicit_bzero with null arguments
...
This allows compiling and testing with undefined sanitizer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:24:47 +02:00
Nikos Mavrogiannopoulos
eb796b4bbb
buffer: Do not call memcpy with null arguments
...
This allows compiling and testing with undefined sanitizer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:24:42 +02:00
Andreas Schneider
87b8d232bd
buffer: Apply coding style to ssh_buffer_reinit()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:22:03 +02:00
Andreas Schneider
6f1f8d2bdb
buffer: Apply coding style to realloc_buffer()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-18 10:22:03 +02:00
Nikos Mavrogiannopoulos
a95bc8a016
kex1: Use libcrypto-compat.h for RSA_get0_key with OpenSSL
...
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-17 18:00:52 +02:00
Meng Tan
e005fd310f
Fix ssh_event_add_session() when session socket has two pollhandlers
...
Signed-off-by: Meng Tan <mtan@wallix.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-10 11:20:52 +02:00
Axel Eppe
fb2fefb3c6
channels: add ssh_channel_request_send_break to support RFC 4335
...
Signed-off-by: Axel Eppe <aeppe@google.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2018-04-10 11:16:23 +02:00
Andreas Schneider
2cc5b5865c
kex1: Use new dh pubkey import functions
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-03-28 10:20:54 +02:00
Andreas Schneider
8d65edb41f
kex1: Fix building with OpenSSL 1.1+
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-03-28 10:20:32 +02:00
Andreas Schneider
1247ba3398
channels1: Add missing config.h include
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-03-28 10:11:45 +02:00
