libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-06 10:27:22 +09:00

Author	SHA1	Message	Date
Gauravsingh Sisodia	bc5211d055	feat: add gssapi key exchange feat: add generic functions for importing name and initializing ctx feat: add suffix to gsskex algs dynamically feat: move gssapi key exchange to another file feat: add gssapi key exchange for server refactor: remove unnecessary fields in gssapi struct refactor: add some documentation and improve logging fix: remove gss_dh callbacks feat: add a check to see if GSSAPI is configured correctly fix: memory leaks feat: add client side "gssapi-keyex" auth feat: add gssapi_key_exchange_algs for server fix: some memory issues feat: add gssapi kex options to config feat: add check to see if GSSAPI key exchange was performed feat: add more tests for gssapi key exchange fix: add valgrind supp Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2026-01-05 12:24:00 +01:00
Pavol Žáčik	0ef79018b3	kex: Implement remaining hybrid ML-KEM methods This builds on top of `a9c8f94`. The pure ML-KEM code is now separated from the hybrid parts, with the hybrid implementation generalized to support NIST curves. Signed-off-by: Pavol Žáčik <pzacik@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2025-11-25 17:57:42 +01:00
Jakub Jelen	6aea779918	sftpserver: Fix loop termination Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-10-01 16:03:46 +02:00
Jakub Jelen	a51384fe4e	sftpserver: Remove some needless parts Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-10-01 16:03:45 +02:00
Jakub Jelen	444982b38a	tests: Avoid needless call to pthread_exit() Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-07-25 13:20:15 +02:00
Jakub Jelen	7eefbbd478	tests: Cleanup OpenSSL in the forked server processes Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-07-25 13:20:15 +02:00
Jakub Jelen	c4c28c6473	tests: Skip test leaking handle under valgrind This is leaking memory allocated in process_open(), which is stored in the handles list in the sftpserver session. Given that the data is provided by the use callbacks, we can not universally free them on our side, but we should, in the long term, introduce some way for the implementers to free outstanding handles that were not closed by misbehaving clients. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-07-25 13:20:15 +02:00
Jakub Jelen	c22bfa792f	CVE-2025-5449 tests: Reproducer for payload length overrun Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-06-23 13:37:06 +02:00
Jakub Jelen	681a5aaa26	CVE-2025-5449 tests: Reproducer for server processing invalid handles Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-06-23 13:37:06 +02:00
Jakub Jelen	a4118ddc06	CVE-2025-5449 tests: Reproducer for sftp handles exhaustion Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2025-06-23 13:37:06 +02:00
Jakub Jelen	f0b9db586b	test: Fix potential leak of fds on error Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>	2025-04-16 17:41:22 +02:00
Jakub Jelen	c735b44f83	test: Fix unused variables and potential memory leaks Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>	2025-04-16 17:41:22 +02:00
David Wedderwille	84d02e7440	kex: Make existing convenience features available Signed-off-by: David Wedderwille <davidwe@posteo.de> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2025-03-30 12:17:42 +02:00
Eshan Kelkar	6c4e4a9e1c	torture_sftpserver.c: Add test for O_TRUNC while opening files Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2025-03-18 18:13:51 +01:00
Jakub Jelen	c043122655	tests: Close channel before freeying Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2024-12-20 14:20:29 +01:00
Jakub Jelen	5da8963c1d	tests: Verify channel requests return valid replies Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2024-12-20 14:20:29 +01:00
Jakub Jelen	57073d588a	tests: Remove needless printf Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2024-08-19 13:12:27 +02:00
Gauravsingh Sisodia	3bfa6e8637	feat: add gssapi server callbacks tests Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>	2024-07-11 16:44:20 +02:00
Gauravsingh Sisodia	965a94b515	fix: memory leaks in gssapi.c fix: implement gssapi logging according to docs fix: remove redundant setting of session->gssapi to NULL feat: add gssapi struct and functions to header file refactor: initialize gssapi context once fix: remove redundant ssh_gssapi_free Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>	2024-07-11 16:44:14 +02:00
Gauravsingh Sisodia	74d42ca38b	feat: add tests for gssapi-with-mic feat: tests set hostname for sshd, make GSSAPIStrictAcceptorCheck yes pass feat: add GSSAPI_TESTING cmake option feat: gssapi libssh server test feat: make kdc setup and teardown functions feat: add kinit, kadmin scripts to kdc setup function feat: add some client gssapi auth tests Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>	2024-07-11 16:44:07 +02:00
Abdelrahman Youssef	21627509f5	support for setstat on server Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2024-06-20 12:33:44 +02:00
Andreas Schneider	649f381029	cmake: Rename torture_server test This makes it easier to select it as a single test with: `ctest -R torture_server_default*` Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2024-05-13 15:41:54 +02:00
Jakub Jelen	8577f588c3	tests: Support logging into separate file for exec-ed libssh test server Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2024-05-13 11:56:22 +02:00
Jakub Jelen	64ef3fefb4	Rework the coverage build This reworks it to avoid a need to special build type and adding the flags only to the targets that need it (skipping testing wrappers which break with them). It also updates the CodeCoverage module from the following URL: https://github.com/bilke/cmake-modules/blob/master/CodeCoverage.cmake Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2024-03-08 13:34:23 +01:00
Jakub Jelen	9847f3f638	Deprecate SSH_BIND_OPTIONS_{RSA,ECDSA}KEY in favor of generic HOSTKEY Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-06-26 15:10:52 +02:00
Jakub Jelen	df0a445c87	tests: Clean correctly SFTP context Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	79425f8b92	tests: Remove needless assignemnt and clean memory on errors Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	af771cc35f	tests: Adjust to the current implementation to correctly free memory Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	213d1c7fd8	tests: Improve sftpserver test coverage Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	5ea54c8159	sftpserver: Move duplicate code handling SFTP operations to library These can be replaced by user-provided functions when needed. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	af60e23081	Reformat sftpserver examples and tests and remove unused code there were unused structure members and some code formatted not following our code guidelines. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	f1f766f14f	Reformat the test sftpserver Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	13b2727023	tests: Fix assertion Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	5854937328	tests: Support libssh server logging into separate file Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	2f45688066	tests: Drop support for DSA Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	cb4bdf893d	tests: Replace non-english variable names Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
tatataeki	8104c19013	sftp: fix problems in sftp APIs and example Signed-off-by: tatataeki <shengzeyu19_98@163.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
tatataeki	0a5161a7d1	sftp: fix format problems, style nit and building problems Signed-off-by: tatataeki <shengzeyu19_98@163.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
tatataeki	329d53a109	tests: add sftp server test Signed-off-by: tatataeki <shengzeyu19_98@163.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2023-06-06 10:54:31 +02:00
Jakub Jelen	ce7cc49465	test_server: Use dynamically allocated state The "dynamically" loaded server is using allocated state and using something else complicates proper cleanup. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	e4bf3b97b4	Avoid memory leaks from the server_auth_kbdint Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	28dc1ef45b	tests: Use sigterm handler for graceful exit Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	f80faa89ce	tests: Wait longer for the server Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	fcb6ee4031	tests: Log server messages to separate file Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	4022ef69f3	test_server: Check for hostkey The address was tested twice so repurposed the needless check for the check for hostkey, which is also mandatory Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Jakub Jelen	20f52432fc	tests: Support libssh server logging into separate file Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-09 09:07:16 +02:00
Ahsen Kamal	14f3910d12	add server test for no-more-sessions Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:13 +02:00
Mohammad Shehar Yaar Tausif	a3a13eb3a8	Remove support for DSA Keys Solving issue #110. The original work is at !231 Some changes were needed because the newly added features in master through time Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com> Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-02-02 14:49:06 +01:00
Jakub Jelen	8f237bde15	cmake: Check for Argp also on Linux to fix alpine build This adjusts also usage of ARGP_LIBRARY to use ARGP_LIBRARIES which is defined by the FindArgp module, unlike the former one in case it is provided by libc directly. Fixes: #167 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-01-09 22:40:10 +01:00
Jakub Jelen	97c9ac2f58	Fix various spelling issues reported by codespell Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>	2022-10-12 13:50:38 +02:00

1 2

92 Commits