shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-05 12:50:30 +09:00
Code Issues Packages Projects Releases Wiki Activity
4,823 Commits 12 Branches 62 Tags
aac682f60ea8d76b8555eff2e78025725c7630ea
Commit Graph

4823 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
aac682f60e dh-gex: Correctly free modulus and generator with openssl 
Fixes T176

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-24 16:04:52 +02:00
Jakub Jelen
2f05243a4a channels: Correctly reports failed channels opening 
Fixes T75

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-24 16:04:52 +02:00
Jakub Jelen
89a9eb8811 Reformat channel_open() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-24 16:04:52 +02:00
Jakub Jelen
3cf2b41f5e channels: Do not use deprecated functions in the example code 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-24 16:04:52 +02:00
Jakub Jelen
223cc96239 options: Do not attempt to expand percents in PKCS#11 URIs 
With the old token parser, the data was simply broken on the = sign even
if the uri was in quotes and ignored.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-19 15:10:08 +02:00
Jakub Jelen
61b1e0e7e9 tests: Verify the localuser match works 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-18 15:18:33 +02:00
Jakub Jelen
6500134259 config: Support match localuser 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-18 15:17:21 +02:00
Jakub Jelen
9b8b312b88 config: Make the matching case sensitive as documented in ssh_config manual pages 
> note that keywords are case-insensitive and arguments are case-sensitive

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-18 10:45:21 +02:00
Jakub Jelen
4900ab6ca9 Skip the proxycommand test in case the netcat is not avaliable 
Fixes: T142

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-16 09:39:58 +02:00
Jakub Jelen
618b858e49 sftp: Improve the documentation of sftp_init() and sftp_new() 
Fixes: T137

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-16 09:35:32 +02:00
Jakub Jelen
83fa060cec known_hosts: Avoid using deprecated functions (even from deprecated functions) 
Fixes: T165

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-09-16 09:35:24 +02:00
Andreas Schneider
4799915a36 gitlab-ci: Turn DEBUG_CRYPTO on for standard crypto lib builds 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-08-08 09:30:12 +02:00
Andreas Schneider
92d3efec81 dh: Add ssh_dh_debug_crypto() 
We should call it where we have access to the crypto structure.

Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-08-08 09:30:03 +02:00
Andreas Schneider
4e25ee6124 bignum: Pass const to ssh_print_bignum() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-08-07 09:49:00 +02:00
Andreas Schneider
89ab7b23f8 pki_mbedcrypto: Add missing misc.h header file 
For ssh_log_hexdump().

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-08-07 08:25:31 +02:00
Anderson Toshiyuki Sasaki
3a61cd34a9 tests: Skip testing 1024 bits key generation in FIPS mode 
In torture_threads_pki_rsa, skip the test which generates 1024 bits RSA
key pair when in FIPS mode.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-08-06 16:57:19 +02:00
Anderson Toshiyuki Sasaki
5b18bcb0ac knownhosts: Use ssh_mkdirs() instead of ssh_mkdir() 
Previously, if the path to known_hosts file set through
SSH_OPTIONS_KNOWNHOSTS included missing directories,
ssh_session_update_known_hosts() would fail.  The added test case checks
that this is not the case anymore.

The logic of checking if the directory is accessible before creating it
was replaced by creating the directory if opening the file failed.  This
is to minimize the risk of TOCTOU race conditions.

Fixes: T166

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-08-06 16:53:22 +02:00
Anderson Toshiyuki Sasaki
742918cb1c misc: Introduce internal function ssh_mkdirs() 
If the given path includes missing directories, ssh_mkdirs() tries to
create them recursively.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-08-06 16:53:22 +02:00
Anderson Toshiyuki Sasaki
7857cd1aa5 misc: Introduce internal function ssh_dir_writeable() 
The introduced internal function checks if the provided path is for an
existing directory which is accessible for writing.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-08-06 16:52:24 +02:00
Richard W.M. Jones
3737e5f0e7 misc: Allow %% to escape a single % in paths. 
For example "%d/config%%1" is expanded to "~/.ssh/config%1".

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 16:23:31 +02:00
Jakub Jelen
e42d44e48a libcrypto: Avoid incompatible pointers 
Fixes: T164

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 16:19:32 +02:00
Jakub Jelen
683096ae7e pki_container_openssh: Avoid bogus newline in debug message 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 16:19:31 +02:00
Jakub Jelen
3811c73f8f pki_container_openssh: Reformat whitespace 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 16:19:31 +02:00
Jakub Jelen
cc92e74309 examples: Load ED25519 key when loading all keys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 16:19:27 +02:00
Anderson Toshiyuki Sasaki
68baebbd62 Replace ssh_print_hexa() with ssh_log_hexdump() 
Replace all occurrences of the deprecated function ssh_print_hexa() with
the introduced ssh_log_hexdump().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 13:26:29 +02:00
Anderson Toshiyuki Sasaki
33927f3ae8 misc: Introduce ssh_log_hexdump() 
The introduced internal function is intended to be a replacement for the
deprecated function ssh_print_hexa().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-30 13:26:29 +02:00
Anderson Toshiyuki Sasaki
c03c9b88d1 tests: Try PEM files with leading white spaces 
This adds a reproducer for T123.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-29 19:14:24 +02:00
Anderson Toshiyuki Sasaki
88d777e678 pki: Search OpenSSH header not only at the beginning 
Try to find the OpenSSH private key header not only at the beginning of
the file.  This makes the parser to skip comments and white spaces.

Fixes: T76
Fixes: T123

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-07-29 19:14:24 +02:00
Andreas Schneider
0a85f3a58d gitlab-ci: Test installation at least on one runner 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-15 11:02:58 +02:00
Andreas Schneider
a5cad4e700 tests: Do not use internal macros in the fuzzer 
It should be buildable without internal headers.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-09 09:31:12 +02:00
Andreas Schneider
8ce6a889aa tests: Use the correct assert function in test server 
CID 1398983

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-08 17:26:29 +02:00
Andreas Schneider
6e4e6f8da6 tests: Fix #ifdef in torture_server_config 
This should stop detecting it as dead code.

CID 1402934

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-08 17:26:29 +02:00
Andreas Schneider
0734bc490f examples: Fix freeing the channel in ssh_client 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-08 17:26:21 +02:00
Andreas Schneider
b275045ac8 examples: Update header in ssh_client 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 15:02:38 +02:00
Andreas Schneider
85951a156b tests: Add ssh_client_fuzzer 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 14:58:59 +02:00
Andreas Schneider
b5a8547d91 exmples: Use SSH_CONNECTOR_STDINOUT in client example 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 14:58:59 +02:00
Andreas Schneider
1a26c57af2 include: Add define for SSH_CONNECTOR_STDINOUT 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 14:48:28 +02:00
Andreas Schneider
595c2c4336 gitlab-ci: Run the fuzzer with AddressSanitzer 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 12:02:19 +02:00
Andreas Schneider
343c90ccf4 ctest: Run the ssh_server_fuzzer to check it works 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 12:02:19 +02:00
Andreas Schneider
7cd66d49f8 tests: Fix memory leak in ssh_server_fuzzer 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 12:02:19 +02:00
Andreas Schneider
b2c7e0dd69 cmake: We don't have to define the ssh link libraries 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 12:02:19 +02:00
Andreas Schneider
915c006a30 cmake: Fix linking shared and static libraries 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-08 12:02:19 +02:00
Andreas Schneider
2884f97bc5 dh_crypto: Use size_t for loop variable 
Also don't declare the variable in the loop.

Fixes #157

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-05 16:49:09 +02:00
Stefan Strogin
0d4658740b libcrypto: fix compilation with LibreSSL 
LibreSSL does not support FIPS mode, check for FIPS_mode() in
ConfigureChecks.cmake.

Signed-off-by: Stefan Strogin <steils@gentoo.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-07-04 17:57:35 +02:00
Andreas Schneider
fed31c1ca3 tests: Use C99 initilizer in test_server.c 
This fixes a clang build warning.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 16:32:14 +02:00
Andreas Schneider
68533147e2 cmake: Write libssh-config.cmake using EXPORTS 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 16:08:34 +02:00
Andreas Schneider
24af712931 cmake: Use GNUInstallDirs for installation 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 16:08:34 +02:00
Andreas Schneider
519074f13e tests: Improve fuzzer test 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 11:56:04 +02:00
Andreas Schneider
946ac0ee28 gitlab-ci: Enable building the ssh_server_fuzzer with clang 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 11:56:04 +02:00
Andreas Schneider
5a50fc6b0d cmake: Fix building the ssh_server_fuzzer 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-07-04 11:56:04 +02:00