shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity
6,302 Commits 12 Branches 62 Tags
db7f101d1c13c1e1d2dd11255e363f7cb86f3238
Commit Graph

6302 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
db7f101d1c CVE-2025-5449 sftpserver: Avoid memory leak when we run out of handles during sftp_open 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
ae8881dfe5 CVE-2025-5318: sftpserver: Fix possible buffer overrun 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
00f09acbec CVE-2025-4877 base64: Prevent integer overflow and potential OOB 
Set maximum input to 256MB to have safe margin to the 1GB trigger point
for 32b arch.

The OOB should not be reachable by any internal code paths as most of
the buffers and strings we use as input for this operation already have
similar limit and none really allows this much of data.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:33:10 +02:00
Lucas Mulling
74eb01f26d tests: Cleanup torture_channel_exit_signal 
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-06-04 19:46:12 +02:00
Jakub Jelen
4f239f79c6 mbedtls: Avoid one more memory leak 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
b8e587e498 pki: Set ECDSA signature buffers secure 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
b314fd3e04 mbedtls: Rename label to match the current meaning 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
d1ad796496 mbedtls: Avoid code duplication between v2 and v3 branches 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
e2064b743d pki: Make sure the buffer is zeroized too 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
6d2a3e4eb6 pki_mbedtls: Simplify memory cleanup 
The spread out initialization and variable definition (and alising)
was hell to keep up with and was causing memory issues as reported by valgrind:

==4480== 128 bytes in 1 blocks are definitely lost in loss record 1 of 12
==4480==    at 0x48463F3: calloc (vg_replace_malloc.c:1675)
==4480==    by 0x487D152: mbedtls_mpi_grow (bignum.c:218)
==4480==    by 0x487D6C5: mbedtls_mpi_copy (bignum.c:334)
==4480==    by 0x48B9627: mbedtls_rsa_export (rsa.c:899)
==4480==    by 0x283955: pki_key_to_blob (pki_mbedcrypto.c:976)
==4480==    by 0x24F162: ssh_pki_export_privkey_blob (pki.c:2188)
==4480==    by 0x278001: ssh_pki_openssh_privkey_export (pki_container_openssh.c:546)
==4480==    by 0x24D7D2: ssh_pki_export_privkey_file_format (pki.c:1122)
==4480==    by 0x24D916: torture_pki_rsa_write_privkey_format (torture_pki_rsa.c:895)
==4480==    by 0x24D916: torture_pki_rsa_write_privkey (torture_pki_rsa.c:962)
==4480==    by 0x4865499: ??? (in /usr/lib64/libcmocka.so.0.8.0)
==4480==    by 0x4865C0B: _cmocka_run_group_tests (in /usr/lib64/libcmocka.so.0.8.0)
==4480==    by 0x252115: torture_run_tests (torture_pki_rsa.c:1160)
==4480==    by 0x2546B8: main (torture.c:1984)
==4480==

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
7c34fa783d mbedcrypto: Refromat pki_key_to_blob() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2025-06-03 15:38:24 +02:00
Jakub Jelen
2a2c714dfa tests: Auth without none method 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-06-03 10:23:17 +02:00
Jakub Jelen
12baa5200a auth: Process outstanding packets before selecting signature algorithm 
Originally reported by Till on mailing list here:

https://archive.libssh.org/libssh/2025-05/0000000.html

After some debugging, it turns out the client code does not guarantee
the extensions are processed before making decisions on the signature algorithm
that is being used for authentication, causing false-positive failures.

This does not happen in the tests, where we initially call ssh_userauth_none,
which enumerates authentications methods and as a side effect processes
outstanding packets such as SSH_EXT_INFO message with the server-sig-algs
extension.

When the first function called after `ssh_connect()` is
`ssh_userauth_publickey()`, the `ssh_userauth_request_service()` was wrongly
called only after the signature algorithm compatibility was checked.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-06-03 10:23:17 +02:00
Jakub Jelen
f2b64abcbd buffer: Use sizeof instead of magic number 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-06-03 10:23:17 +02:00
Nicolas Graves
4135154b6d cmocka_unit_test_setup_teardown: Comply with codespell style. 
Signed-off-by: Nicolas Graves <ngraves@ngraves.fr>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-30 20:11:51 +02:00
Praneeth Sarode
ca4c874a9e tests: remove unsupported SHA1 HMAC tests for compatibility with latest dropbear version 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-27 13:50:03 +02:00
Rohan Eden
c7b6ffad0e Remove height due to inconsistent display in browser 
Signed-off-by: Rohan Eden <rohan.eden@citypaine.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-20 18:27:46 +02:00
salonidabgar
c1fb0d872d Reformatted torture_auth_cert.c 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
3a167a89b5 Added tests for auth agent forwarding 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
dfa9421e01 Added preprocessor directives for Windows 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
efc5bc633f Reformatted torture.c and torture.h 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
3a4ba8b763 Fix file permissions: remove executable bit from CMakeLists.txt as it's a configuration file 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
47db54b7c1 Move torture_setup_ssh_agent() and torture_cleanup_ssh_agent() to torture.c 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
salonidabgar
d1c2d3db9d Added .DS_Store to .gitignore 
Signed-off-by: salonidabgar <salonidabgar@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-14 13:45:23 +02:00
Praneeth Sarode
dcb65fe584 refactor(curve25519): split the single file curve25519.c into multiple files for better readability 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-05-06 22:03:18 +02:00
Lucas Mulling
d758990d39 misc: Fix OpenSSH banner parsing 
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-28 14:56:27 -03:00
Andreas Schneider
bfae56634c tests:unittests: Fix tests on FreeBSD 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-24 10:47:26 +02:00
Jakub Jelen
3d0226cadc examples: Avoid using uninitialized memory 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
0bcd7d12d8 dh-gex: Avoid reading the EOF stream 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
bd10ec1162 tests: Use fseek instead of rewind to simplify error checking 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
69c169e4cb sftpserver: Free memory on error condition 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
f0b9db586b test: Fix potential leak of fds on error 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
c735b44f83 test: Fix unused variables and potential memory leaks 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
3b4b8033de tests: Make the static ananlyzers happy with the threads 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Jakub Jelen
0068fdd594 examples: Fix possible null pointer passed to open() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 16:19:42 +02:00
Praneeth Sarode
344235c954 fix(tests): improve synchronization in torture_forwarded_tcpip_callback tests 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-16 14:49:40 +02:00
Jakub Jelen
d00f7b1bf9 Make sure we pass right parameters to buffer_pack 
Fixes: #299

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-15 16:15:52 +02:00
Jakub Jelen
b14018ecab tests: Do not build zlib test when built without 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-15 16:15:52 +02:00
Jakub Jelen
5e47b1c1c2 kex: Add more noisy errors to simplify debugging ssh_make_sessionid 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-15 16:15:52 +02:00
Jakub Jelen
9ce885b168 ci: Add mbedTLS + clang build combination 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-15 16:15:52 +02:00
Jakub Jelen
184dad101d Move the PKCS#11 provider environment variable where it needs to be 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-15 16:15:52 +02:00
RaviRaaja
04a58919f8 Fix: NULL pointer check in ssh_channel_is_closed 
The ssh_channel_is_closed function would crash when
accessing channel->session->alive if session is NULL.
This patch adds a null check before accessing the session
pointer.

- build succeeded
- unit test passed
- no new unit test added

https://gitlab.com/libssh/libssh-mirror/-/issues/239

Signed-off-by: Raviraaja Lakshmanan <mailstoraviraaja@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-14 22:20:35 +02:00
Norbert Pocs
b106211d92 clang-format: Align consecutive macros 
This option makes padding between macro names and the values based on
the longest macro name in a consecutive list of macro lines.

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-14 22:20:08 +02:00
Norbert Pocs
af10857aa3 CmakeLists: Fix multiple digit major version for OpenSSH 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-14 22:19:18 +02:00
Praneeth Sarode
f3b389d112 tests: add unit test for direct-tcpip channel open request 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-07 14:02:41 +02:00
Praneeth Sarode
18e7423e70 Add direct-tcpip channel open request callback support 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-07 14:02:21 +02:00
Praneeth Sarode
8c8d3ceef7 tests: add unit test for forwarded-tcpip callback 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-07 10:57:21 +02:00
Praneeth Sarode
0d0ed4b1f8 curve25519: add support for gcrypt's Curve25519 implementation 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-03 11:28:44 +02:00
Arek Ouzounian
8dc234c909 Add clarification to INSTALL for unit testing on Windows via the cmocka dependency 
Signed-off-by: Arek Ouzounian <agouzo777@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-03 11:27:45 +02:00
Praneeth Sarode
2e686c5cea cmake: fix MbedTLS version detection 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-04-03 11:27:08 +02:00