tests: modify proxyjump tests to check for ssh_jump_info_struct
tests: add proxyjump functionality test
feat: add SSH_OPTIONS_PROXYJUMP
tests: proxyjump, check authentication
fix: ssh_socket_connect_proxyjump add exit label to exit on error
feat: implement io forwarding using pthread
feat: proxyjump: use threading instead of forking
feat: proxyjump: cancel forwarding threads on ssh_disconnect
fix: proxyjump remove ProxyJump bool and put pthread ifdefs
feat: use ssh_event for io forwarding instead of threads
reformat: tests to use assert_int_not_equal
fix: link to pthread
refactor: make function to free proxy jump list
docs: add comment for proxy jump channel
feat: add env variable to enable libssh proxy jump
feat: open channel for proxyjump like OpenSSH
feat: add more tests for proxy jump
fix: use a global variable to close io forwarding, this prevents segfaults
fix: handle proxy list in thread without creating copy
Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
This way we will get errors as return code else we don't know if the
function failed (SSH_ERROR) or the exit_status is -1 which would
correspond to SSH_ERROR.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Added the new function `ssh_channel_request_pty_size_modes` which allows
to pass additional encoded SSH terminal modes (see opcodes in RFC 4245).
Signed-off-by: Daniel Evers (daniel.evers@utimaco.com)
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This also adds an fallback to OpenSSH file format in non-OpenSSL backends and
OpenSSH-compatible private key export for writing OpenSSH private keys.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This involves reading the certificates from configuration files through options
and handling them similarly as the OpenSSH does when doing the auto pubkey
authentication, also in combination with agent or identities only.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Solving issue #110. The original work is at !231
Some changes were needed because the newly added features in master through time
Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com>
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
uint32_t should be formated by PRI?32
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Change-Id: I811cfd764010f9e8bb599b370155ac065ee1905c
Fix#98 by adding 'ssh_session_set_disconnect_message' Whenever the ssh
session disconnects a "Bye Bye" message was set and displayed. Now the
peer has a choice to set a customised message to be sent after the
session is disconnected. The default "Bye Bye" will be set if this
function is not called or not called correctly. The testcases in
tests/server/torture_server can also demonstrate how this function
works.
Signed-off-by: Om Sheladia <omsheladia10@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit adds an `agent_socket` field to the session options
and connects the config parser to that option.
`SSH_OPTIONS_IDENTITY_AGENT` is added to allow applications to
set this option for themselves.
agent.c is updated to take the `agent_socket` value in preference
to the `SSH_AUTH_SOCK` environment variable.
Signed-off-by: Wez Furlong <wez@fb.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Added API function ssh_channel_open_forward_port that is the same as
ssh_channel_accept_forward with the addition to determine the
originator address and port
Signed-off-by: Tomas Holmqvist <tomhol@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Thanks to Harry Sintonen from WithSecure for pointing this out.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
and add LOG_SIZE macro to control the buffer size
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Change-Id: I3eaeea001fc531fdb55074fc3a9d140b27847c1f
Set the cmake project verision to the autogenerated file to have a single
point to set the version. This will be included in the libssh.h file.
Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This adds server-side support for the newly introduced OpenSSH
keytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com
(including their corresponding certificates), which are backed
by U2F/FIDO2 tokens.
Change-Id: Ib73425c572601c3002be45974e6ea051f1d7efdc
Signed-off-by: Sebastian Kinne <skinne@google.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This also adds documentation for it.
Fixes T144
Signed-off-by: David Wedderwille <davidwe@posteo.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
As with RSA/DSS, support is still quite limited. This is mostly about adding
new ssh_keytypes_e values and updating sites that check keys' types.
Signed-off-by: Ben Toews <mastahyeti@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This type is imprecise. We often need the ecdsa_nid in addition to the key type
in order to do anything. We replace this singluar ECDSA type with one type per
curve.
Signed-off-by: Ben Toews <mastahyeti@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
