shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-06 18:29:50 +09:00
Code Issues Packages Projects Releases Wiki Activity
4,950 Commits 12 Branches 62 Tags
54e7c8d21ae3b96bfbfa971e0620000aad8621ff
Commit Graph

4950 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Schneider
7db565601d server: Make sure methods is a valid value before casting 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 442d22da60)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
95faeb498f pki_crypto: Cast return value of EVP_PKEY_size() to size_t 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 3cca9994d4)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
db97435a41 packet: Fix size types in ssh_packet_need_rekey() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 53635dff7e)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
c72a3495d0 options: Define constants as unsigned in ssh_options_set() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit b7c628ff06)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
f2487f07f5 options: Define constants as unsigned in ssh_bind_options_set() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 7823df8343)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
675d85e538 kex: Use a len variable for length checks in ssh_packet_kexinit() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit be34ff967f)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
dfd73d7cb2 sc25519: Fix integer types of sc25519_add() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 815f874964)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
db68813cb9 sc25519: Fix integer types in sc25519_mul() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit f2d40fb94c)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
affb43a45f fe25519: Fix integer types of fe25519_iszero() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 31b26934b0)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
1e71951a51 include: Fix integer type of dh_pn and dh_pmax 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 922a2aee99)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
297aed60c4 channels: Return size_t for count_ptrs() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 500481e101)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
4e5dfd677e channels: Fix integer and bool argument of channel_default_bufferize() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit dad2720355)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
34fd4ebfc3 channels: Fix type of arguments of grow_window() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 6f39deefcd)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
0080ac1f03 channels: Fix type of arguments of channel_open() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0abd187dba)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
dd4eb4a288 channels: Use ssize_t for to_read 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 07a57b74ba)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
a967258649 channels: Reformat ssh_channel_read_nonblocking() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 8d671efdbd)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
e0e3636c60 channels: Use a size_t variable for length check 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 3bad060738)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
c0e5393927 channesl: Reformat ssh_channel_poll_timeout() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit fbe115abba)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
36bdcb85b3 auth: Fix integer type in ssh_kbdint_free() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 66c4857c4a)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
cf34ba92bf auth: Fix integer type in ssh_kbdint_clean() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 1434b4a279)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
f5f547f35e examples: Fix integer types in libssh_scp.c 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 8d62257172)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
1eed0cbd3d examples: Remove internal include from sshd_direct-tcpip.c 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0773696ee5)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
1668bd8baf CVE-2019-14889: scp: Quote location to be used on shell 
Single quote file paths to be used on commands to be executed on remote
shell.

Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 3830c7ae6e)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
245be62438 CVE-2019-14889: scp: Don't allow file path longer than 32kb 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0b5ee39726)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
8ce782f9ec CVE-2019-14889: tests: Add unit tests for ssh_quote_file_name() 
Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit b82d2caa90)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
db34fd44fb CVE-2019-14889: misc: Add function to quote file names 
The added function quote file names strings to be used in a shell.
Special cases are treated for the charactes '\'' and '!'.

Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c4ad1aba98)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
00dd3f864b CVE-2019-14889: scp: Log SCP warnings received from the server 
Fixes T181

Previously, warnings received from the server were ignored.  With this
change the warning message sent by the server will be logged.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c75d417d06)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
52550994c5 CVE-2019-14889: scp: Reformat scp.c 
Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 42c727d0c1)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
182d363b27 CVE-2019-14889: tests: Add tests for SCP client 
Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 27bcac6845)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
f9189a8a9a packet: Do not deref a NULL pointer in ssh_packet_set_newkeys() 
Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e00ef9635a)
 2019-12-09 16:38:36 +01:00
Andreas Schneider
56c079cbb2 SSH-01-003: Add cipher NULL checks to ssh_packet_get_current_crypto() 
Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e60fc79542)
 2019-12-09 16:38:36 +01:00
Jakub Jelen
ab24d64241 Use only one variable denoting the size of methods arrays 
Previously, there was non-consistent usage of constans SSH_KEX_METHODS,
KEX_METHODS_SIZE and of magic number 10 to reference the arrays used
for algorithm negotiation by peers. This commit settles down to the single
constant and its usage throughout the whole codebase.

Fixes T195

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c8a621c606)
 2019-12-09 16:38:36 +01:00
Anderson Toshiyuki Sasaki
7856ae594b session: Initialize states explicitly 
In ssh_session_new(), initialize the state machines states explicitly
for better readability.

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit ec67ad47eb)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
eeb9ae15c7 messages: Set signature state explicitly 
In ssh_message_new(), initialize msg->auth_request.signature_state
explicitly for better readability.

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 553eab748a)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
8837d32d92 channels: Initialize states explicitly 
In ssh_channel_new(), initialize channel->state and
channel->request_state explicitly for better readability.

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 2f1f662d46)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
0408d8d851 auth: Set auto_state->state explicitly 
When a new ssh_auth_auto_state_struct is allocated in
ssh_userauth_publickey_auto(), initialize the state explicitly for
better readability.

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7e3995d2dd)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
bab8d84d13 session: Use ssh_packet_state_e instead of int 
Use the enum type instead of int in the ssh_session_struct

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 77bd8ed4c0)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
6ee159d9d2 messages: Use ssh_publickey_state_e instead of char 
Use the enum type instead of char in the ssh_auth_request struct

Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 39f6ba2dc9)
 2019-12-09 16:38:35 +01:00
Anderson Toshiyuki Sasaki
71ff06d04a session: Reformat ssh_new() 
Fixes T194

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 3f64fb3b3b)
 2019-12-09 16:38:35 +01:00
Andreas Schneider
7851f216af cmake: Fix building libssh as a static lib on Windows 
Fixes T198

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit c54fd03e50)
 2019-11-18 11:38:27 +01:00
Andreas Schneider
9b316fe8b9 gitlab-ci: Make sure we have enough git commits for csbuild 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit db632015be)
 2019-11-08 15:44:17 +01:00
Andreas Schneider
389efc234b src: Add missing ABI files 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
libssh-0.9.2 		2019-11-07 16:19:45 +01:00
Andreas Schneider
f1e44a79a9 Bump version to 0.9.2 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-11-07 16:19:00 +01:00
Jakub Jelen
54cf7b92ed server: Use really the negotiated signature type 
Generally, when the extension negotiation is enabled and client supports
SHA2 algorithms for RSA, they are supposed to be prioritized against the
old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey
algorithms during negotiation), the server wrongly tries to provide the
new typo of signature, ignoring the negotiated algirithm

This commit propagates the digest algorithm from negotiation to the actual
signature functions, which were previously responsible for decision
about the hash algorithm based just on the negotiated extensions.

Fixes T191

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1ebf506913)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
f0b676a9f0 gitlab-ci: Disable client testing as pam_wrapper is broken on TW 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit fbc2912dde)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
cc190b21b2 cmake: Fix setting up cwrap for server testing 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit ea4f71721f)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
a775324c35 cmake: Do not use cached LIBSSH_PUBLIC_INCLUDE_DIRS 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 4ab0fb2b48)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
5de765ebd5 cmake: Rename static library 
This is only compiled for tests and fuzzers!

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 8c36a865f2)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
9de970160d cmake: Create ssh library directly as libssh 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 82c57c1f36)
 2019-11-07 16:14:46 +01:00
Andreas Schneider
8a7abf2480 cmake: Add option to build shared libs 
See https://cmake.org/cmake/help/latest/variable/BUILD_SHARED_LIBS.html

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit c2c3545391)
 2019-11-07 16:14:46 +01:00