Jakub Jelen
809898b980
tests: Adjust valgrind supression to match new calls stack
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-25 13:20:15 +02:00
Jakub Jelen
51bd08027e
CentOS 9 and 10 were updated to OpenSSL 3.5
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-25 13:20:15 +02:00
Praneeth Sarode
0b4b71cc11
fix(callbacks): make is_callback_valid's behaviour consistent with its name
...
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-24 16:10:54 +02:00
Praneeth Sarode
5d3ef7261c
refactor(callbacks): reformat to improve readability
...
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-24 16:10:53 +02:00
Jakub Jelen
9817392e26
pkd: Run hmac-sha1 tests with OpenSSH
...
This was initially in hurry disabled in
ca4c874a9ec17112f070jjelen@redhat.com >
Reviewed-by: Sahana Prasad <sahana@redhat.com >
2025-07-24 16:09:55 +02:00
Nguyễn Thái Ngọc Duy
168302b9d6
Fix ssh_handle_key_exchange() timeout
...
See libssh-mirror#311 for background. But in some case, it's possible to
trigger the code in ssh_handle_key_exchange() to move session state
directly to SSH_SESSION_STATE_AUTHENTICATED. The exit condition for this
function is SSH_SESSION_STATE_AUTHENTICATING though, so when it happens,
ssh_handle_key_exchange() will time out eventually.
The fix is straightforward. Tested with the problematic
client (trilead-ssh2) and made sure the bad condition happened (and not
cause timeout)
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-24 13:08:46 +02:00
Jakub Jelen
82c8bbc504
tests: Add missing header file to unbreak build on freebsd
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Sahana Prasad <sahana@redhat.com >
2025-07-24 11:13:35 +02:00
Jakub Jelen
1ea1782036
Add simple sshsig fuzzer
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Sahana Prasad <sahana@redhat.com >
2025-07-24 11:13:34 +02:00
abdallah elhdad
c17112f070
Enable HMAC SHA1 tests for dropbear <2025.87
...
Signed-off-by: abdallah elhdad <abdallahselhdad@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-24 10:49:51 +02:00
Nicolas Graves
28c0056bca
Add logging for private API functions
...
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com >
2025-07-10 11:21:44 +02:00
Nicolas Graves
7e4f08e22a
Add logging to public API functions
...
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com >
2025-07-10 11:21:44 +02:00
Nicolas Graves
aeb0b2ec6f
Add unittests for sshsig functions
...
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com >
2025-07-10 11:21:44 +02:00
Nicolas Graves
67cf8e3702
Implement sshsig functions
...
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com >
2025-07-02 14:38:07 +02:00
Nicolas Graves
309f36fa83
pki: Add key_to_type_hash helper
...
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com >
2025-07-02 14:38:07 +02:00
Praneeth Sarode
7a2a743a39
fix(string): handle empty string case in ssh_string_copy
...
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-02 13:58:51 +02:00
Theo Buehler
ccb8cf88c8
Unbreak torture_config_make_absolute() on OpenBSD
...
The torture_config_make_absolute() and its _no_sshdir() version both
segfault on OpenBSD. The reason for this is that the storage returned
by getpwuid() is backed by mmap and is unapped by the getpwnam() call
in ssh_path_expand_tilde(), so a later access to home segfaults. The
possibility of this happening (getpwnam() overwriting values returned
by getpwuid()) is explicitly called out in POSIX.
A simple fix is to work with copies of username and homedir.
Signed-off-by: Theo Buehler <tb@openbsd.org >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-01 20:50:25 +02:00
Praneeth Sarode
b43392c31d
tests(string): add unit tests for ssh_string functions
...
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-01 20:49:39 +02:00
Andreas Schneider
5fc65e7270
agent: Fix resource leak
...
CID 1611718
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-01 20:48:52 +02:00
Navid Fayezi
8310b8cc2b
Remove redundant line and change strlen(buffer) to sizeof(buffer) in examples/authentication.c
...
Signed-off-by: Navid Fayezi <navidfayezi.98@gmail.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-07-01 20:47:55 +02:00
Navid
b0063b52d8
Remove more redundant casts
...
Signed-off-by: Navid Fayezi navidfayezi.98@gmail.com
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-01 20:38:03 +02:00
Navid
33a947dcb0
Remove unnecessary char* cast in memset call in examples/examples_common.h
...
Signed-off-by: Navid Fayezi navidfayezi.98@gmail.com
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-07-01 20:38:03 +02:00
Jakub Jelen
72c282434b
dh-gex: Reformat the dhgex_server_callbacks structure
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-24 10:14:29 +02:00
Jakub Jelen
ba9642882d
dh-gex.c: Fix typo in the constant name
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-24 10:14:25 +02:00
Jakub Jelen
a6b73219e2
packet: Implement missing packet filter for DH GEX
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-24 10:14:21 +02:00
Jakub Jelen
e2afe196d8
CVE-2025-5372 libgcrypto: Simplify error checking and handling of return codes in ssh_kdf()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
32833b40bc
libgcrypto: Reformat ssh_kdf()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
bc4804aa9b
CVE-2025-5987 libcrypto: Correctly detect failures of chacha initialization
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
acb158e827
CVE-2025-5351 pki_crypto: Avoid double-free on low-memory conditions
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
faf9caafc6
pki_crypto: Reformat pki_key_to_blob()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
8dc29f140b
CVE-2025-4878 legacy: Properly check return value to avoid NULL pointer dereference
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
7501ca1e08
examples: Fix possible pass of NULL into strchr()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
2eb2af4426
CVE-2025-4878 Initialize pointers where possible
...
This is mostly mechanical change initializing all the pointers I was able to
find with some grep and manual review of sources and examples.
Used the following greps (which yield some false positives though):
git grep " \w* *\* *\w*;$"
git grep " ssh_session \w*;"
git grep " ssh_channel \w*;"
git grep " struct ssh_iterator \*\w*;"
git grep " ssh_bind \w*;"
git grep " ssh_key \w*;"
git grep " ssh_string \w*;"
git grep " ssh_buffer \w*;"
git grep " HMACCTX \w*;"
git grep " SHACTX \w*;"
grep -rinP '^(?!.*=)\s*(?:\w+\s+)*\w+\s*\*\s*\w+\s*;'
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
5d27f69494
string: Reformat
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
6fc1bf6901
session: Reformat ssh_get_publickey_hash
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
a85813e6e6
poll: Reformat ssh_poll_ctx_resize
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Jakub Jelen
f039edd85d
examples: Reformat sshnetcat.c
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 15:24:30 +02:00
Andreas Schneider
1229ad650b
src: Reformat pki_gcrypt.c
...
clang-format -i pki_gcrypt.c
Reviewed-by: Jakub Jelen <jjelen@redhat.com >
2025-06-23 15:24:18 +02:00
Jakub Jelen
937552aed2
pki: Reformat ssh_pki_copy_cert_to_privkey()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
f6709b03e6
misc: Reformat
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
96595d1674
messages: Reformat
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
c799a18d89
channels: Reformat
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
babd891e82
examples: Reformat senddata.c
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
320e5154b2
examples: Reformat scp_download.c
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
986e0c593f
examples: Reformat connect_ssh.c
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:48:16 +02:00
Jakub Jelen
d38007c4be
CVE-2025-5449 sftpserver: Use constant for return values
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
Jakub Jelen
c22bfa792f
CVE-2025-5449 tests: Reproducer for payload length overrun
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
Jakub Jelen
926d45b6dd
CVE-2025-5449 sftpserver: Fix possible read behind buffer on 32bit arch
...
On 32b architecture when processing the SFTP packets, the value
0x7ffffffc in the payload_len will overflow to negative integer values,
causing these checks to pass and possibly reading behind the buffer
bounds later.
This affects only SFTP server implementations running on 32b
architecture.
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
Jakub Jelen
681a5aaa26
CVE-2025-5449 tests: Reproducer for server processing invalid handles
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
Jakub Jelen
e322e8f50c
CVE-2025-5449 sftpserver: Avoid NULL dereference for invalid handles
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
Jakub Jelen
a4118ddc06
CVE-2025-5449 tests: Reproducer for sftp handles exhaustion
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2025-06-23 13:37:06 +02:00
