shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-06 10:27:22 +09:00
Code Issues Packages Projects Releases Wiki Activity
3,369 Commits 12 Branches 62 Tags
c20b360c96a098773755e82982ec6d7dfc7ff057
Commit Graph

18 Commits

Author SHA1 Message Date
Andreas Schneider
1d4151e51f libcrypt: Add missing header for compat 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-30 14:10:32 +02:00
Jon Simons
e2b48dc662 libcrypto: fix resource leak in hmac_final 
Fix a resource leak in `hmac_final`: say `HMAC_CTX_free` instead
of `HMAC_CTX_reset`.  This matches the error handling as done in
`hmac_init`.  Introduced with cf1e808e2f.

The problem is reproducible running the `pkd_hello` test with:

    valgrind --leak-check=full ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default

Resolves https://red.libssh.org/issues/252.

Cherry-picked from a64ddff3fe

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-29 17:08:54 +02:00
Andreas Schneider
1642cec280 cmake: Use configure check for CRYPTO_ctr128_encrypt 
Cherry-picked from 3daf1760a1

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-29 17:08:54 +02:00
Jakub Jelen
fbeecf388c libcrypto: Use a pointer for EVP_MD_CTX 
This is for OpenSSL 1.1.0 support.

Cherry-picked from 607c671f67

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-29 17:08:54 +02:00
Jakub Jelen
7933756b5a libcrypto: Use newer API for HMAC 
This is for OpenSSL 1.1.0 support.

Cherry-picked from cf1e808e2f

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-29 17:08:54 +02:00
Jakub Jelen
f81c3ada9c libcrypto: Remove AES_ctr128_encrypt() 
This is for OpenSSL 1.1.0.

Cherry-picked from d73f665edd

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-29 17:08:54 +02:00
Andreas Schneider
b7b535816d libcrypto: Fix Windows build with ssh_reseed(). 
gettimeofday() is not available on Windows and we need it only in case
of forking.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2014-12-17 19:39:18 +01:00
Jon Simons
af25c5e668 crypto: check malloc return in ssh_mac_ctx_init 
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2014-10-02 08:25:53 +02:00
Dirkjan Bussink
4a08902664 Add SHA2 algorithms for HMAC 
BUG: https://red.libssh.org/issues/91

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2014-04-22 10:55:59 +02:00
Aris Adamantiadis
e99246246b security: fix for vulnerability CVE-2014-0017 
When accepting a new connection, a forking server based on libssh forks
and the child process handles the request. The RAND_bytes() function of
openssl doesn't reset its state after the fork, but simply adds the
current process id (getpid) to the PRNG state, which is not guaranteed
to be unique.
This can cause several children to end up with same PRNG state which is
a security issue.
 2014-03-04 09:55:28 +01:00
Andreas Schneider
15e31eb464 wrapper: Add more evp functions. 2013-10-18 23:22:24 +02:00
Dmitriy Kuznetsov
320951f42f kex: Add simple DES support for SSHv1. 2012-09-07 12:19:43 +02:00
Andreas Schneider
216cb8b1aa crypto: Add evp hashing function. 2012-02-04 23:44:55 +01:00
Aris Adamantiadis
af09313eac crypto: rename crypto_struct -> ssh_cipher_struct 2011-09-18 20:34:16 +02:00
Andreas Schneider
544747d02c crypt: Fix function definition. 2011-09-15 11:04:00 +02:00
Aris Adamantiadis
2653b31af0 [crypto] Removed ugly ifdefs on gcrypt/libcrypto 2011-06-13 14:47:17 +02:00
Aris Adamantiadis
c5a998f47a [crypto] initial support for ecdh-sha2-nistp256 
Works with openssl
Still requires work for libgcrypt and other modes
 2011-06-13 13:46:34 +02:00
Andreas Schneider
f7842e3a4b misc: Rename libssh/ to src/ 2010-09-06 14:28:38 +02:00