The configuration of identities are first saved to `opts.identities_non_exp`,
then moved to `opts.identities` after calling ssh_options_apply and expanding
the identity strings. These tests are testing against the proper configuration
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
It should be possible to use features to add,remove,prioritize
algorithms in the algorithm list from the config file.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Functions `ssh_remove_all_matching` and `ssh_prefix_without_duplicates` were
added; a little test suite will suite them.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
ED25519 is implicitly included in new (>1.1.1) openssl version, no need
to check it explicitly.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
FIPS 140-3 puts big limitations on using TDEA and it is
already disabled in rhel9.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Missing escaping results in syntax errors in Zsh shell because of square
brackets getting interpreted as being a pattern for globbing.
Signed-off-by: Thomas Baag <libssh-git@spam.b2ag.de>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
We should not end up with an infinite loop here.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
The tests are compiled without -D_GNU_SOURCE, therefore
the XSI version of strerror_r is used. Defining
_GNU_SOURCE in torture.h then including *.c gives error
because it is assuming GNU version of strerror_r in
the source file.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The cmocka captures all signals so I was not able to reproduce the code
path. But leaving the code in for future readers.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Thanks to Harry Sintonen from WithSecure for pointing this out.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Thanks to Harry Sintonen from WithSecure for pointing this out.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Remove config options: protocol, mac, cipher, compressionlevel,
gssapikeyexchange,
gssapirenewalforcesrekey,
gssapitrustdns,
rhostsrsaauthentication,
rsaauthentication,
useprivilegedport,
pubkeyacceptedtypes
since they are not supported by OpenSSH
Rename some config options:
hostbasedkeytypes, challengeresponseauthentication and pubkeyacceptedkeytypes
to hosbasedacceptedalgorithms, kdbinteractiveauthentication and pubkeyacceptedalgorithms
to be consistent with the OpenSSH manual https://man.openbsd.org/sshd_config.
Keep pubkeyacceptedkeytypes for backward compatibility.
Rename SOC_PUBKEYACCEPTEDTYPES to SOC_PUBKEYACCEPTEDKEYTYPES in config.h
Update unittests/torture_config.c and unittests/torture_options.c
Signed-off-by: Anh Minh Tran <anhminh@seznam.cz>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
The libssh versions before this included files with relative path based
on the current working directory, which can result unexpected results
and is different from the OpenSSH include behavior. The manual page for
ssh_config lists:
> iles without absolute paths are assumed to be in ~/.ssh if included in
> a user configuration file or /etc/ssh if included from the system
> configuration file.
This is following the semantics as close as possible with a difference
that we do not use the hardcoded ~/.ssh for user configuration files,
but the path defined with SSH_OPTIONS_SSH_DIR, which is already used
to reference any other files in used home directory.
Fixes#93
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Currently Compression=no (the default) force-disables zlib algos, while
Compression=yes force-enables it. This means that mismatching options between
client and server lead to connection failure. This can easily happen if the
server has default settings but the client specifies Compression=yes.
OpenSSH treats the option as a "prefer compression" setting:
Compression=no -> none,zlib@openssh.com,zlib (default)
Compression=yes -> zlib@openssh.com,zlib,none
This commit changes the libssh behaviour to the same as OpenSSH.
Signed-off-by: Fabian Vogt <fabian@ritter-vogt.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Normally, the length of session_id and secret_hash is the same,
but if we will get into rekeying with a peer that changes preference
of key exchange algorithm, the new secret hash can be larger or
smaller than the previous session_id causing invalid reads or writes.
Resolves https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Another item identified during code review was cases where the return
value of ssh_list_new() was not properly checked and handled. This
updates all cases that were missing this to handle failure to allocate a
new list.
Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
These calls can fail and the return code should always be checked. These
issues were identified when code review called it out on new code. The
updates here are to existing code with no behavior changes to make
review simpler.
Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
In https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145#note_463232084
behavior in libssh was identified where it diverges from how for example
OpenSSH behaves. In OpenSSH if a request success of failure message is
received, apart from it being treated as a keepalive message, it is
ignored otherwise.
Libssh does handle the unexpected message and triggers an error
condition internally. This means that with the Dropbear behavior where
it replies to a hostkeys-00@openssh.com message even with a want_reply
= 0 (arguably a bug), libssh enters an error state.
This change makes the libssh behavior match OpenSSH to ignore these
messages. The spec is a bit unclear on whether Dropbear is buggy here or
not, but let's be liberal with the input accepted here in libssh.
Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
ssh_pki_export_pubkey_blob() is incorrectly used to export ecdsa pubkeys from privkeys
when pubkeys are not imported into pkcs #11 tokens.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
determines if public keys must be loaded in pkcs #11 tokens or not.
tests: Adds the load_public parameter in all files where torture_setup_tokens() was used.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The introduced function returns whether the library is initialized or
not.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
v3:
- add tests for malformed encrypted inputs
v2:
- use proper size key for chacha20poly1305
- make copy of cleartext for chacha20poly1305 test-case
- update chacha20_encrypted
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
