shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00
Code Issues Packages Projects Releases Wiki Activity
5,611 Commits 12 Branches 62 Tags
d7f18c468e297b0cfdf6cdbd757eb30fa063d5d8
Commit Graph

5611 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
d7f18c468e gssapi: Release output_token (GHSL-2023-037) 
Thanks Phil Turnbull from GitHub

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:36:00 +02:00
Jakub Jelen
f73dac8eed gssapi: Avoid memory leaks of selected OID (GHSL-2023-036) 
Thanks Phil Turnbull from GitHub

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:35:58 +02:00
Jakub Jelen
3c381565c9 gssapi: Release buffer on error path (GHSL-2023-035) 
Thanks Phil Turnbull from GitHub

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:35:55 +02:00
Jakub Jelen
833c3d3330 gssapi: Free both_supported on error paths (GHSL-2023-033) 
Thanks Phil Turnbull from GitHub

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:35:52 +02:00
Jakub Jelen
6d073f2746 fuzz: Avoid the server fuzzer to proceed to the authentication and further 
Thanks Phil Turnbull from GitHub

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:35:49 +02:00
Jakub Jelen
fe83733a7c kex: Avoid NULL pointer dereference (GHSL-2023-032) 
Thanks Phil Turnbull from Github

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-04-28 11:35:45 +02:00
Ran Park
d3d7eeab75 Add tests for run ssh_execute_command 
Signed-off-by: Ran Park <bagayonghuming@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit d109b5bd5f)
 2023-04-28 11:06:16 +02:00
Ran Park
8a037e9afe solve incorrect parsing of the ProxyCommand configuration option 
Signed-off-by: Ran Park <bagayonghuming@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 9cd23fecac)
 2023-04-28 11:06:13 +02:00
Jakub Jelen
dd0aaec67e cmake: Return back the DEFAULT_C_COMPILE_FLAGS 
Accidentally removed in 1689b83d0f.

Reported in #185 by Peter Kästle

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 3058549bf7)
 2023-04-17 13:46:41 +02:00
Jakub Jelen
8b3b041096 ci: Add CentOS 8 as there are no other OpenSSL 1.1.1 platforms 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 7f40974802)
 2023-04-17 13:46:41 +02:00
Jakub Jelen
e9e9190079 ci: Suse is already on OpenSSL 3.0 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit f6f1bfaa4e)
 2023-04-17 13:46:41 +02:00
Jakub Jelen
bc4afc1067 ci: Actually build the package with x86 cross-compiler 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 91279e0aac)
 2023-04-17 13:46:41 +02:00
Jakub Jelen
6a187990c1 tests: Update to unbreak agent_cert test for CentOS 8 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 2ba5a5e976)
 2023-04-17 13:46:41 +02:00
khalid
ec5bd83e50 Remove zlib from the default compression methods and fips methods 
Signed-off-by: Khalid Mamdouh <khalidmamdou7@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit f9147a3cf4)
 2023-04-17 13:46:41 +02:00
khalid
e818700734 Disabled preauth compression (zlib) by default 
Removed it from the wanted methods list in the ssh_options_set function. Now users have to set the compression value to 'zlib' explicitly to enable it.
Updated unit tests to reflect removing zlib compression algo from the defaults compression algorithms.

Signed-off-by: Khalid Mamdouh <khalidmamdou7@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit cb19677d2e)
 2023-04-17 13:46:41 +02:00
Andreas Schneider
9e20e180e6 gitlab-ci: We have cmake in Windows runners in the default path now 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0c6995b149)
 2023-04-17 13:46:41 +02:00
Norbert Pocs
e426664623 doc: Fix doxygen errors when QUIET=yes EXTRACT_ALL=yes 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 7b12876f04)
 2023-03-20 13:41:04 +01:00
Andreas Schneider
921efbeea1 gitlab-ci: Don't install CMake 
The choco server is somtimes ratelimited. Avoid running into issues
and use cmake already installed on the runner.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0b826c986c)
 2023-03-20 13:41:04 +01:00
Ahsen Kamal
03f8fcae84 fix null dereference of error 
The Coverity scan CID 1506418 found the null pointer dereferencing

Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 6d3e7e1c44)
 2023-03-20 13:41:04 +01:00
Andreas Schneider
ea639b0258 poll: Rename lock to lock_cnt and make it unsigned 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 2ed0525f40)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
bb5bdac321 poll: Change the lock to block only POLLIN events 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 30b5a2e33b)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
554fe06aeb socket: Reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit e15f493d4a)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
298155da71 Reformat ssh_packet_socket_callback 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 19c4de7350)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
44ceeb4d53 Reformat ssh_connector_fd_out_cb 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 832b94a660)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
0c725d7602 config: Fix indentation 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 5506aadf05)
 2023-03-20 13:41:04 +01:00
Jakub Jelen
2461027f72 bignum: Avoid bogus newline in the log 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 258560da16)
 2023-03-20 13:41:04 +01:00
Ahsen Kamal
967082c207 free memory of peer_discon_msg 
Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e364b1e793)
 2023-03-20 13:41:04 +01:00
Ahsen Kamal
1f7995ccea test for peer_discon_msg 
Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 49b34987d6)
 2023-03-20 13:41:04 +01:00
Ahsen Kamal
662fe00c15 assign peer_discon_msg 
Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 4a7a7e3186)
 2023-03-20 13:41:04 +01:00
Ahsen Kamal
0d86688da2 rename discon_msg to peer_discon_msg 
Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e2b89dec9d)
 2023-03-20 13:41:04 +01:00
Andreas Schneider
02f39b5e60 gitlab-ci: Use CentOS9 for Coverity builds 
The Fedora 34 container is not available anymore. And we need gcc 11
as scan.coverity.com is on version 2022.6 supporting only gcc 11.

See
https://dev.sig-docs.synopsys.com/polaris/topics/r_coverity-compatible-platforms_2022.6.html

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit e7b8de1363)
 2023-03-01 14:41:24 +01:00
Norbert Pocs
1bf87909e7 src/options.c: Add documentation for default LogLevel 
Libssh defaults to QUIET or SSH_LOG_NONE regarding of loglevel. Have it
documented to not confuse the users.

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 486df37a84)
 2023-02-02 10:45:16 +01:00
Norbert Pocs
096416d306 server: Add documentation to some functions 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 9931f158e0)
 2023-02-02 10:45:01 +01:00
Norbert Pocs
019040f693 documentation: Fix Missing param doxygen warnings 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit b7c1f792cc)
 2023-02-02 10:44:56 +01:00
Jakub Jelen
f1c5888553 ci: Update OpenSSL versions in the CI target names 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 6d34718f89)
 2023-02-02 10:44:12 +01:00
Jakub Jelen
8a5bdc3a21 ci: Drop fedora/fips combination as it looks broken 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 31073780d1)
 2023-02-02 10:44:02 +01:00
Jakub Jelen
3a77bb2992 tests: Use temporary variable to set test environment 
avoids also long lines and code duplication

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 10296dbc76)
 2023-02-02 10:43:09 +01:00
Jakub Jelen
b2ca8b07ec Clean up usage of HAVE_ECC and HAVE_ECDH 
they might be turned off and on independenty and each of them affects different
part of libssh, authentication and key exchange respectively. But only HAVE_ECC
is defined by the cmake.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 492f5d82b8)
 2023-02-02 10:42:58 +01:00
Jakub Jelen
1bc9b20b1a pki: Initialize pointers and avoid double-free with OSSL 3.0 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit dac62e7439)
 2023-02-02 10:42:53 +01:00
Jakub Jelen
b9a6fac062 Do not build the PKCS#11 when disabled 
This prevents building the pkcs11-related functions and printing pkcs11-related
log messages when the libssh is built without PKCS#11 support.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit ab24110ae0)
 2023-02-02 10:42:48 +01:00
Jakub Jelen
2eee844025 tests: Reproducer for delayed compression rekey 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit c52f40bcb2)
 2023-02-02 10:42:34 +01:00
Jakub Jelen
be2084f9e2 wrapper: Correctly handle rekey with delayed compression 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 98b81ebcad)
 2023-02-02 10:42:29 +01:00
Jakub Jelen
cfa95d9ead wrapper: Reformat compression algorithms handling 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 342b69246c)
 2023-02-02 10:42:27 +01:00
Jakub Jelen
1685c14024 Reformat gzip.c 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit c784bf345c)
 2023-02-02 10:42:25 +01:00
Jakub Jelen
7f12c572d3 packet: Log at least names of unknown extensions 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 834603c96b)
 2023-02-02 10:42:07 +01:00
Jakub Jelen
2177c9e567 cmake: Check for Argp also on Linux to fix alpine build 
This adjusts also usage of ARGP_LIBRARY to use ARGP_LIBRARIES which is defined
by the FindArgp module, unlike the former one in case it is provided by libc
directly.

Fixes: #167

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 8f237bde15)
 2023-02-02 10:41:53 +01:00
Jakub Jelen
96bc6af2b3 cmake: Document the consequences of enabling benchmarks 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit d54d45871a)
 2023-02-02 10:41:48 +01:00
Jakub Jelen
ec33973319 include: Document the need to free the returned buffer 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit a5631280a9)
 2023-02-02 10:41:42 +01:00
Jakub Jelen
512ac7620b examples: Avoid memory leak from sftp 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
(cherry picked from commit 8c1b159a3a)
 2023-02-02 10:41:35 +01:00
Norbert Pocs
d190053660 Add support for sk-keys through configuration 
To be able to enable sk-ecdsa, sk-edd25519 key usage from the config file
the algorithms are needed to be listed in the algorithm lists.

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 96ad1b380d)
 2023-02-02 10:41:26 +01:00