If the server properly closed the channel, the client should not return
error if it finds the channel closed.
Fixes T231
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Thanks to Ramin Farajpour Cami for spotting this.
Fixes T232
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
private keys for ecdsa keys.
ssh_userauth_publickey() calls ssh_pki_export_pubkey_blob() and tries to export
the the public key from private key if public keys are not already imported
into pkcs #11 tokens.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Set the cmake project verision to the autogenerated file to have a single
point to set the version. This will be included in the libssh.h file.
Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Add SSH_AGAIN as return value to ssh_handle_packets documentation.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
EVP_CIPHER_CTX_init was replaced with _reset.
Removed EVP_CIPHER_CTX_cleanup. The successive _free call handles that.
Removed old SSLeay function usage.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Added extra functions. The next commit will switch to them.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
All subsecond timestamps are only in the packets if both the
SUBSECOND_TIMES flag and the timestamp flag, e.g. ATTR_ACCESSTIME
are set.
SUBSECOND_TIMES are not very common across server implementations
(e.g. openssh does not include it, nor does libssh's sftpserver
implementation), but this interpretation of the SFTP protocol draft
is used by WinSCP and lftp.
Fixes T219.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
If the library is not initialized, SSH_ERROR is returned and the error
message is set properly.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The introduced function returns whether the library is initialized or
not.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
When libssh is statically linked, it is necessary to explicitly call
ssh_init() before calling any other provided API. It is also necessary
to call ssh_finalize() before exiting to free allocated resources.
Fixes T222
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
When a key is rejected, free the allocated memory before returning.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This adds server-side support for the newly introduced OpenSSH
keytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com
(including their corresponding certificates), which are backed
by U2F/FIDO2 tokens.
Change-Id: Ib73425c572601c3002be45974e6ea051f1d7efdc
Signed-off-by: Sebastian Kinne <skinne@google.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
