shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity
3,006 Commits 12 Branches 62 Tags
927cd90dc171b7e7a400ab8c1c9474f627e89167
Commit Graph

968 Commits

Author SHA1 Message Date
Simo Sorce
b4fc5d9524 gssapi: Add support for GSSAPIDelegateCredentials config option. 
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-15 16:53:59 -05:00
Simo Sorce
811c645f2a options: Add SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS option. 
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-15 16:10:29 -05:00
Andreas Schneider
c2312f9dda gssapi: Add error checks and cleanup the code in ssh_gssapi_auth_mic(). 2013-11-15 16:28:49 +01:00
Simo Sorce
440d2ec0ea gssapi: Use GSSAPIClientIdentity to acquire creds 
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-15 16:19:28 +01:00
Andreas Schneider
47e53deebd gssapi: Add support for GSSAPIClientIdentity config option. 2013-11-15 15:50:09 +01:00
Andreas Schneider
095a01b70c options: Add SSH_OPTIONS_GSSAPI_CLIENT_IDENTITY option. 2013-11-15 15:50:09 +01:00
Andreas Schneider
503c729bb0 gssapi: Add support for GSSAPIServerIdentity config option. 2013-11-15 15:50:09 +01:00
Andreas Schneider
41d99d32e8 gssapi: Add suppport to set GSSAPI server identity. 2013-11-15 15:50:09 +01:00
Simo Sorce
c481f9dafd Fix gssapi credential handling. 
- Properly acquire and inquitre credentials to get the list of available
credentials.
- Avoid enforcing a specific username it breaks some use cases (k5login).
- Remove confusing references to delegated credentials as there is no code
that actually uses delegated credentials in the initialization case.

Signed-off-by: Siom Sorce <simo@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-15 14:49:29 +01:00
Andreas Schneider
f240ecf328 socket: Fix connect if we pass in a fd. 
BUG: https://red.libssh.org/issues/106

Thanks to Saju Panikulam.
 2013-11-15 08:47:58 +01:00
Andreas Schneider
1972a27fe0 packet: Remove dead code. 2013-11-14 11:43:49 +01:00
Andreas Schneider
097760db17 packet: Set the packet to the processed data position. 
Else we could end up with packet - current_macsize if to_be_read is 0.
 2013-11-14 11:42:21 +01:00
Andreas Schneider
b3a08ba8d3 dh: Fix wrong assignment. 
Ups, sorry.
 2013-11-14 08:08:49 +01:00
Andreas Schneider
fef7e1dffe poll: Fix realloc in ssh_poll_ctx_resize(). 2013-11-09 13:27:59 +01:00
Andreas Schneider
6d7bbe63fe dh: Avoid possible memory leaks with realloc. 2013-11-09 13:20:13 +01:00
Andreas Schneider
387e26c837 packet: Refactor ssh_packet_socket_callback(). 
Make error checking more readable and add additional NULL checks.
 2013-11-09 13:10:41 +01:00
Andreas Schneider
e8e99ec6de server: Fix malloc call. 2013-11-09 12:47:02 +01:00
Colin Walters
13c4499449 session: Always request POLLIN 
The assumption is that if libssh functions are being invoked, we want
to read data.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-09 12:29:07 +01:00
Colin Walters
4cc7f4ad03 Add ssh_get_poll_flags() 
For integration with an external mainloop, we need to know how to
replicate libssh's internal poll() calls.  We originally through
ssh_get_status() was that API, but it's not really - those flags only
get updated from the *result* of a poll(), where what we really need
is to know how libssh would *start* a poll().

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-09 12:26:19 +01:00
Colin Walters
a8dc67ded8 client: If we have a pre-connected FD, set state to SOCKET_CONNECTED 
Otherwise applications providing their own fd end up tripping an
assertion, since the session is just in _CONNECTING.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-09 12:25:41 +01:00
Andreas Schneider
8c5777554a dh: Move ssh_get_hexa() and ssh_print_hexa() down. 
This way they are in the documentation block for the session and we get
documentation for them.
 2013-11-06 17:10:41 +01:00
Andreas Schneider
06cd9bc4dc dh: Add new ssh_get_publickey_hash() function. 2013-11-06 17:10:35 +01:00
Andreas Schneider
6f0f1ef292 doc: Fix doxygen warnings. 2013-11-04 21:55:29 +01:00
Aris Adamantiadis
b12f3f38c7 Fix cast warnings on 64bits 2013-11-04 10:49:32 +01:00
Aris Adamantiadis
cb165df64e remove warnings on OSX (workaround) 2013-11-04 10:47:22 +01:00
Aris Adamantiadis
e4c4f57f05 logging: fix wording 2013-11-04 10:31:10 +01:00
Aris Adamantiadis
c5ef5ed18f curve25519: include reference implementation 2013-11-03 14:58:10 +01:00
Aris Adamantiadis
04cb94a2dd socket: Fix check for pending data. 
BUG: https://red.libssh.org/issues/119

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-03 12:46:27 +01:00
Nicolas Viennot
754152aa22 server: Fix ssh_execute_server_callbacks() client execution 
When the public key auth handler is executed and returns SSH_OK,
ssh_execute_server_callbacks() still runs some client callbacks,
which may set rc to SSH_AGAIN, which triggers a default reply on
auth, denying auth.

Signed-off-by: Nicolas Viennot <nicolas@viennot.biz>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-03 10:52:38 +01:00
Nicolas Viennot
1ef00045dd server kex: enable delayed compression 
The code is careful to reenable compression when rekeying.

Signed-off-by: Nicolas Viennot <nicolas@viennot.biz>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-03 10:48:59 +01:00
Andreas Schneider
a466a624e2 session: Make sure we correctly burn the buffer. 2013-11-03 10:45:02 +01:00
Andreas Schneider
643a3b7cc3 wrapper: Make sure we really burn the buffer. 2013-11-03 10:39:31 +01:00
Jon Simons
d4f5a0e6ab server: fix pubkey reply for key probes 
Per RFC 4252, it is required to send back only one of either
SSH_MSG_USERAUTH_PK_OK or SSH_MSG_USERAUTH_FAILURE for public
key probes.

Update the handling of 'auth_pubkey_function' to send back PK_OK
instead of SSH_MSG_USERAUTH_SUCCESS for the case that the state
of the message at hand is SSH_PUBLICKEY_STATE_NONE.

With this change, it is now possible to process an initial key probe
and then subsequent signature validation using the server callbacks.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-02 21:02:56 +01:00
William Orr
ce1d73e0f0 ssh_options_get can now return ProxyCommand 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-11-02 21:02:56 +01:00
Jon Simons
20caa68b84 connect: fix memory leak in ssh_select 
Balance 'ssh_event_add_fd' with 'ssh_event_remove_fd' in 'ssh_select'.

BUG: https://red.libssh.org/issues/128

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-10-31 12:45:21 +01:00
Jon Simons
ffc33ca28c poll: fix leak in ssh_poll_ctx_free 
Fix a memory leak in 'ssh_poll_ctx_free': issue 'ssh_poll_free'
to remove the poll handle from its context and free it.

BUG: https://red.libssh.org/issues/128

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-10-31 11:55:09 +01:00
Jon Simons
099b914fd9 bind: fix leak in ssh_bind_accept error path 
Use 'ssh_socket_free' to cleanup if 'ssh_bind_accept_fd'
fails, to be sure to free the ssh_socket in/out buffers.
 2013-10-24 10:37:37 +02:00
Colin Walters
f02bc4768e auth: docs: Fix typo optoins -> options 
I'm just getting my feet wet with this codebase.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-10-23 09:55:09 +02:00
Andreas Schneider
e30acdb58a channel: Reinit the buffer and reset the state on error. 
BUG: https://red.libssh.org/issues/126
 2013-10-20 12:46:57 +02:00
Andreas Schneider
b0cbe88b0b channel: Fix ssh_global_request_termination(). 
BUG: https://red.libssh.org/issues/126
 2013-10-20 12:46:17 +02:00
Andreas Schneider
b8d47a438c pki: Don't leak a buffer. 2013-10-19 10:41:57 +02:00
Andreas Schneider
bd8ab422d0 pki_crpypto: Fix ecdsa signature to blob. 
BUG: https://red.libssh.org/issues/118
 2013-10-18 23:48:21 +02:00
Andreas Schneider
33890daf41 pki: Add support for ECDSA private key signing. 2013-10-18 23:22:24 +02:00
Andreas Schneider
ac4c5699b1 pki: Add the type as a char pointer. 2013-10-18 23:22:24 +02:00
Andreas Schneider
15e31eb464 wrapper: Add more evp functions. 2013-10-18 23:22:24 +02:00
Andreas Schneider
2e81dd61dd client: Fix the build. 2013-10-18 21:18:36 +02:00
Oliver Stöneberg
f2c2687ca6 scp: Fixed result of ssh_scp_string_mode() to get SCP working. 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-10-18 14:58:47 +02:00
Oliver Stöneberg
4c300313c3 client: Added a missing NULL pointer check. 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-10-18 14:57:33 +02:00
Andreas Schneider
423d8c9b6a channel: Fix packets termination timeout in global_request(). 
BUG: https://red.libssh.org/issues/126
 2013-10-01 14:50:56 +02:00
Andreas Schneider
685fe1d0b6 session: Try the ecdsa default key first. 2013-10-01 14:45:01 +02:00