libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 18:50:27 +09:00

Author	SHA1	Message	Date
Andreas Schneider	4d98b1cd7e	sftp: Use ssh_buffer_pack() in sftp_xstat() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	b00a0578f9	sftp: Reformat sftp_xstat() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	336c097ae7	sftp: Use ssh_buffer_unpack() in sftp_canonicalize_path() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	1dd8466f66	sftp: Use ssh_buffer_pack() in sftp_canonicalize_path() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	8b19ef05f3	sftp: Reformat sftp_canonicalize_path() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	7e11e41a9f	sftp: Use sftp_buffer_pack() in sftp_fstatvfs() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	5914ea7c75	sftp: Reformat sftp_fstatvfs() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	f1e84d5e67	sftp: Use ssh_buffer_pack() in sftp_fsync() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	8e3dd09e11	sftp: Use ssh_buffer_pack() in sftp_statvfs() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	ae0afec98d	sftp: Reformat sftp_statvfs() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	0be43c333e	sftp: Use ssh_buffer_unpack() in sftp_readlink() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	83a5d3b258	sftp: Use ssh_buffer_pack() in sftp_readlink() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:23 +02:00
Andreas Schneider	bb4bdec184	sftp: Reformat sftp_readlink() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:39:16 +02:00
Andreas Schneider	e0449ba21f	sftp: Use ssh_buffer_pack() in sftp_setstat() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:37:24 +02:00
Andreas Schneider	8a56b90c3e	sftp: Reformat sftp_setstat() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:36:29 +02:00
Andreas Schneider	218c67a51d	sftp: Use ssh_buffer_pack() in sftp_mkdir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:36:29 +02:00
Andreas Schneider	89c525bbf1	sftp: Reformat sftp_mkdir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:36:29 +02:00
Andreas Schneider	2c0baef7d4	sftp: Use ssh_buffer_pack in sftp_open() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:34:00 +02:00
Andreas Schneider	bfb6718b50	sftp: Reformat sftp_open() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:34:00 +02:00
Andreas Schneider	d99c066a0b	sftp: Use ssh_buffer_pack() in sftp_handle_close() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:34:00 +02:00
Andreas Schneider	2844942c1b	sftp: Reformat sftp_handle_close() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:34:00 +02:00
Andreas Schneider	3a729829fd	sftp: Use ssh_buffer_pack() in sftp_readdir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:34:00 +02:00
Andreas Schneider	576fdbe1e8	sftp: Reformat sftp_readdir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:32:45 +02:00
Andreas Schneider	87df9cfc5d	sftp: Use ssh_buffer_pack() in sftp_opendir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:32:23 +02:00
Andreas Schneider	ea375d1605	sftp: Reformat sftp_opendir() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:32:23 +02:00
Andreas Schneider	c15bd2831f	buffer: Precalculate the size required for ssh_buffer_pack() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:32:12 +02:00
Andreas Schneider	efef877356	buffer: Only reduce the buffer size if it gets bigger than 64K Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:29:15 +02:00
Andreas Schneider	254a0f7132	buffer: Only allow to allocate a maximum of 256MB Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:27:32 +02:00
Andreas Schneider	d2131b286f	buffer: Always preallocate a buffer with 64 bytes Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:26:36 +02:00
Andreas Schneider	c1c32bda14	buffer: Rewrite ssh_buffer_free() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 18:19:58 +02:00
Andreas Schneider	a1b57d3b94	buffer: Use bool for secure buffer Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 15:00:53 +02:00
Andreas Schneider	be703974e9	buffer: Reformat buffer_shift() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 15:00:53 +02:00
Andreas Schneider	29f36791c9	buffer: Cleanup buffer_verify Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-03 15:00:53 +02:00
Andreas Schneider	f99e6766d6	auth: Fix freeing memory in ssh_userauth_agent_publickey() CID 1395453 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-02 10:01:47 +02:00
Andreas Schneider	f8fc0b9dfb	messages: Fix memory leak in ssh_packet_userauth_request Found by AddressSanitizer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-01 21:26:37 +02:00
Andreas Schneider	ea2b403ab2	auth: Fix a memory leak in ssh_userauth_agent_publickey() CID 1230358 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-01 09:41:11 +02:00
Andreas Schneider	8323cd791f	pki: Fix a memory leak in ssh_pki_do_sign() CID 1395335 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-01 09:41:11 +02:00
Andreas Schneider	461ebd1e2f	packet: Add a bound check for nr_extensions CID 1395335 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-01 09:40:44 +02:00
Jakub Jelen	b4c8bd9fe4	pki: Support RSA SHA2 signatures of sessionid for server This involves mostly creation of host keys proofs but needs to follow the same procedure as the client authentication signatures. At the same time, the SHA2 extension is enabled in the pkd so we are able to atomicaly provide correct signatures and pass tests. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	5d13006650	server: We should list SHA2 variants in offered hostkeys The SHA2 variants should be preferred. Also the buffer needs to be extended to fit all possible public key algorithms. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	6fa5e8adb0	server: Support for extension negotiation This includes intercepting the ext-info-c string from the client kex proposal, configuring the server to allow using this extension and sending the SSH_MSG_EXT_INFO packet back to the client after the new keys are in use. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	60ad7ee15d	messages: Create correct digest for pki signatures This does not affect old signatures, where the public key algorithm matches the public key type. This is a problem when using SHA2 extension for the RSA keys, where the new signature algorithsm are introduced in addition to the exitsing ssh-rsa which was ignored throughout the code. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	09cf301eee	auth: Prevent authentication with non-allowed key algorithms Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	594c62d718	tests: PUBLICKEY_ACCEPTED_TYPES are effective Verify the PUBLICKEY_ACCEPTED_TYPES option is handled correctly and affects the signature algorithm selection based on the extensions and can be used to limit list of offered mechanisms to the server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	4169be45eb	pki: Allow filtering accepted public key types based on the configuration This effectively allows to disable using the SHA2 extension, disable other old public key mechanisms out of the box (hello DSA) or force the new SHA2-based key algorithm types if needed. This exposes the default_methods array from kex.c. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	37864b6575	config: Accept the PubkeyAcceptedTypes configuration option Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	4521ab73b6	options: The new option SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES This option allows to specify acceptable public key algorithms and reflects the PubkeyAcceptedTypes configuration option from OpenSSH. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	9ca6127b91	kex: The public key algorithms are no longer only host keys Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	ebb01549d0	SHA2 extension in the ssh-agent interface The new constants for flags are defined in draft-miller-ssh-agent-02 are active if the SHA2 extension is negotiated with the server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00
Jakub Jelen	82da0c3361	auth: Support SHA2 extension for pubkey authentication (RFC 8332) Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-08-31 14:18:34 +02:00

... 19 20 21 22 23 ...

2534 Commits