shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00
Code Issues Packages Projects Releases Wiki Activity
3,186 Commits 12 Branches 62 Tags
cf05e653de569225775d6bf996ffefba9e8e6135
Commit Graph

1091 Commits

Author SHA1 Message Date
Andreas Schneider
cf05e653de external: Fix a possible buffer overrun in bcrypt_pbkdf 
CID: #1250106

This fixes a 1 byte output overflow for large key length (not reachable
in libssh). Pulled from OpenBSD BCrypt PBKDF implementation.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
4b9916136d sftp: Add bound check for size 
CID: #1238630

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
33ecff11dd buffer: Cleanup vaargs in ssh_buffer_unpack_va() 
CID: #1267977

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
83d3ee7fdb string: Improve ssh_string_len() to avoid tainted variables 
CID: #1278978

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
b1a3f4ee33 pki_container: Fix a memory leak 
CID: #1267980

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Andreas Schneider
05498e0e33 pki_container: Add check for return value 
CID: #1267982

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-05-04 17:54:01 +02:00
Aris Adamantiadis
3091025472 buffers: Fix a possible null pointer dereference 
This is an addition to CVE-2015-3146 to fix the null pointer
dereference. The patch is not required to fix the CVE but prevents
issues in future.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-23 10:33:52 +02:00
Aris Adamantiadis
bf0c7ae0ae CVE-2015-3146: Fix state validation in packet handlers 
The state validation in the packet handlers for SSH_MSG_NEWKEYS and
SSH_MSG_KEXDH_REPLY had a bug which did not raise an error.

The issue has been found and reported by Mariusz Ziule.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-23 10:15:47 +02:00
Kevin Fan
b5dc8197f7 Fix leak of sftp->ext when sftp_new() fails 
Signed-off-by: Kevin Fan <kevinfan@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-14 20:56:56 +02:00
Andreas Schneider
1cb940c44a socket: Cleanup ssh_socket_close() code. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:32:09 +02:00
Andreas Schneider
3f04367fb8 bind: Correctly close sockets and invalidate them. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:32:09 +02:00
Andreas Schneider
6c7e552509 cmake: Require cmake version 2.8.0 2015-04-10 13:32:09 +02:00
Andreas Schneider
b1cb8de385 cmake: Check for sys/param.h header file 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:07:12 +02:00
Andreas Schneider
69c9cd029f cmake: Check for arpa/inet.h header file 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:02:56 +02:00
Andreas Schneider
c699b9ca94 external: Use standard int types 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-10 13:02:56 +02:00
Andreas Schneider
5236358a48 messages: Don't leak memory after callback execution 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 16:13:20 +02:00
Andreas Schneider
e0a73d3dbe poll: Fix compilation with struct ssh_timestamp 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 15:02:29 +02:00
Andreas Schneider
a3357b8920 include: We should use __func__ which is C99 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-04-02 10:58:36 +02:00
Seb Boving
7ec798d3e7 Locally restart ssh_poll() upon EINTR. 
BUG: https://red.libssh.org/issues/186

Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Sebastien Boving <seb@google.com>
 2015-02-23 22:05:54 +01:00
xjoaalm
f32e5f2191 Sending EOF on Socket that received a Broken Pipe makes call to poll to hang 
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Joao Pedro Almeida Pereira <joao.almeida@blue-tc.com>
 2015-02-23 22:01:15 +01:00
Aris Adamantiadis
940cb233ce buffer: buffer_pack & unpack on non-gnu compilers 2015-02-08 18:49:32 +01:00
Aris Adamantiadis
d3f30da158 buffer: fix use-before-nullcheck (coverity #1267979) 
Additionally, the function call was already existing after
the NULL check
 2015-02-03 22:21:22 +01:00
Aris Adamantiadis
760d93e87b Revert "pki_gcrypt: fix warnings for SSH_KEYTYPE_ED25519" 
This reverts commit 10f71c6769.
Commit was redundant with ed25519 branch
 2015-02-03 09:58:28 +01:00
Aris Adamantiadis
8af829a42a base64: Use secure buffers 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 17:33:58 +01:00
Andreas Schneider
ad8fa427dd buffer: Abort if the canary is not intact in ssh_buffer_unpack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:34 +01:00
Andreas Schneider
de10a7754b buffer: buffer: Improve argument checking of in ssh_buffer_pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:31 +01:00
Andreas Schneider
6789170799 buffer: Abort if the canary is not intact in ssh_buffer_unpack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:28 +01:00
Andreas Schneider
afc9988c93 buffer: Improve argument checking in ssh_buffer_pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-02-02 17:32:18 +01:00
Aris Adamantiadis
2490404d45 Move all 3rd-party C files to src/external/ 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:53 +01:00
Aris Adamantiadis
9e4700cdc0 ed25519: Add support for OpenSSH encrypted container export 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
423fa6818b ed25519: ADd OpenSSH encrypted container import 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
61e2c8f0f7 external: Add OpenSSH bcrypt and blowfish implementation 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
c02b260e7e server: Add support for ed25519 keys in the server. 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
01a6004171 kex: Add support for ed25519 on client connections. 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
46bc11f977 ed25519: Add support to export OpenSSH container keys 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
4343ac5b08 libgcrypt: Make the PEM parser ed25519 aware 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
6b9183a20b libcrypto: Make the PEM parser ed25519 aware 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
3ec3a926e5 ed25519: Add support o import OpenSSH container keys 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-02-02 14:45:52 +01:00
Aris Adamantiadis
7febad5821 kex: disable des-cbc-ssh1 by default 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-26 08:57:06 +01:00
Andreas Schneider
b235c380f2 packet_cb: Add misssing include for ntohl(). 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-21 09:23:43 +01:00
Andreas Schneider
9a7d450098 pki: Make sure sig is not used unintialized. 
BUG: https://red.libssh.org/issues/167

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-20 19:31:12 +01:00
Andreas Schneider
433f8fd550 threads: Fix building with POSIX threads in MinGW. 
BUG: https://red.libssh.org/issues/181

Originally written by Patrick von Reth <vonreth () kde ! org>.

This patch is part of the larger patch:
https://projects.kde.org/projects/kdesupport/emerge/repository/revisions/master/changes/portage/win32libs/libssh/0002-add-a-way-to-test-ssh-connections-on-windows.patch

MinGW (in particular, the MinGW-w64 fork) can use either posix threads
or win32 threads. This patch fixes the MinGW build when using posix
threads.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-20 19:01:15 +01:00
Yanis Kurganov
c6590bd189 channels1: Fix pty request state 
Signed-off-by: Yanis Kurganov <YKurganov@ptsecurity.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-20 18:58:13 +01:00
Andreas Schneider
06a0d8ff1c connect: Fix a memory leak. 
CID: #1238618

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-01-14 15:20:52 +01:00
Andreas Schneider
af0dd3fb02 sftp: Fix a possible integer overflow. 
CID: #1238630

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-01-14 15:20:49 +01:00
Andreas Schneider
ce02f6576a sftp: Use a declared variable for data len. 
CID: #1238632

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
 2015-01-14 15:20:46 +01:00
Tobias Klauser
15d71a8c51 sftp: Fix memory leak on realloc failure 
If realloc of sftp->ext->name or sftp->ext->data fails, the memory
previously allocated for the respective member is leaked. Fix this by
storing the return value of realloc() in a temporary variable which only
gets assigned to the respective sftp->ext member on success.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-14 10:22:55 +01:00
Andreas Schneider
a198193723 connect: Fix mingw build. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2015-01-06 15:12:17 +01:00
Andreas Schneider
e051135a05 connect: Check that errno is 0 to fix Windows build. 
Thanks to Viktor Butskih.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2014-12-25 12:34:59 +01:00
Andreas Schneider
bb18442fe8 options: Fix setting the port. 
Make sure we correctly read the port from the config file.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2014-12-25 12:32:16 +01:00