libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00

Author	SHA1	Message	Date
Jakub Jelen	fa902a37ae	CVE-2023-1667:packet_cb: Log more verbose error if signature verification fails Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	df350d3aa4	CVE-2023-1667:token: Add missing whitespace Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	3981aeede2	CVE-2023-1667:kex: Properly conditionalize server code Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	070f679767	kex: Reformat ssh_kex_select_methods Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	82850b6ed1	client: Reformat ssh_client_connection_callback Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	a29d28d1f6	wrapper: Reformat crypto_new Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	2fdb5a121f	Reformat struct ssh_session_struct Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	c00a3369c2	server: Reformat ssh_server_connection_callback Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	1d6f2e4d9b	Reformat ssh_packet_kexinit() Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	e6cc8dfef5	kex: Reformat ssh_send_kex Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	d6bc4905ad	packet: Reformat callback handling functions Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	e1be63d78d	server: Reformat callback_receive_banner Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	b0ce6935fc	server: Reformat ssh_handle_key_exchange Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	1f3143b18c	packet: Fix indentation Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	8cdf602330	kex: Clarify the comment Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	0a9b5bcd45	gssapi: Free mic_buffer on all code paths (GHSL-2023-042) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	bb4e6ad1ee	gssapi: Release output_token on error path (GHSL-2023-041) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	19ec009b7d	gssapi: Release actual_mechs on exit (GHSL-2023-040) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	ccc87f5593	gssapi: Free output token on exit path (GHSL-2023-039) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	23ff6f9388	gssapi: Free mic_token_buffer on before return (GHSL-2023-038) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	5928d7962e	gssapi: Release output_token (GHSL-2023-037) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	3334070f63	gssapi: Avoid memory leaks of selected OID (GHSL-2023-036) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	f691dbbaab	gssapi: Release buffer on error path (GHSL-2023-035) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	bdabf25a5b	gssapi: Free selected OID set on error paths (GHSL-2023-034) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	2b5bef9c03	gssapi: Free both_supported on error paths (GHSL-2023-033) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Ahsen Kamal	14f3910d12	add server test for no-more-sessions Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:13 +02:00
Ahsen Kamal	bfa7a94b83	add client test for no-more-sessions Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:12 +02:00
Ahsen Kamal	08a6996103	handle no-more-sessions in server Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:11 +02:00
Ahsen Kamal	9741054422	add request no-more-sessions@openssh.com global request Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:10 +02:00
Ran Park	d109b5bd5f	Add tests for run ssh_execute_command Signed-off-by: Ran Park <bagayonghuming@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 18:01:32 +02:00
Ran Park	9cd23fecac	solve incorrect parsing of the ProxyCommand configuration option Signed-off-by: Ran Park <bagayonghuming@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 18:01:31 +02:00
Eshan Kelkar	bfa988a7c7	Implement tests for sftp_rename torture_sftp_rename has been added which tries to rename an existing file (positive test case) and tries to rename a file that does not exist (negative test case). Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:49 +02:00
Eshan Kelkar	ef901829c1	Introduce the posix-rename@openssh.com extension handling Changes done in sftp_rename such that it will use posix-rename@openssh.com extension if supported and send a SSH_FXP_EXTENDED request. If the extension is not supported a normal SSH_FXP_RENAME request will be sent. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:18 +02:00
Eshan Kelkar	b067d7a123	Reformat of sftp_rename() to match the current coding style Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:17 +02:00
Eshan Kelkar	73c3d8965d	Add tests for sftp_hardlink For testing sftp_hardlink, torture_sftp_hardlink has been introduced in tests/client. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-24 10:29:13 +02:00
Eshan Kelkar	88335c8e07	Add support for hardlink@openssh.com sftp_hardlink() has been introduced which when called sends a SSH_FXP_EXTENDED request to server for creating a hardlink. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-24 10:29:12 +02:00
Jakub Jelen	804814b895	fuzz: Avoid the server fuzzer to proceed to the authentication and further Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-21 14:27:46 +02:00
Jakub Jelen	a12a8a0153	fuzz: Set smaller connection timeouts to avoid fuzzing timeouts The client fuzzer can get stuck in poll call, when there is long connection timeout and there are no usable message from the peer. Setting smaller user timeout allows us spend more time productively fuzzing and exit early when there is no message from peer. Thanks oss-fuzz. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56935 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-21 14:25:03 +02:00
Adley Phu	2122fc3dcb	Add callback to accept forwarded-tcpip requests Signed-off-by: Adley Phu <aphu@janestreet.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-21 12:56:16 +02:00
Jakub Jelen	c3aa0cb182	options: Remove set-but-never read variable Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	fffdcfb373	ecdh: Avoid unused variable with OpenSSL 1.1.1 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	3058549bf7	cmake: Return back the DEFAULT_C_COMPILE_FLAGS Accidentally removed in `1689b83d0f`. Reported in #185 by Peter Kästle Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	2c876464ab	ecdh: Fix missing-prototype warning Related to the accidental removal of compiler flags as reported in #185 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	7f40974802	ci: Add CentOS 8 as there are no other OpenSSL 1.1.1 platforms Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	f6f1bfaa4e	ci: Suse is already on OpenSSL 3.0 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	91279e0aac	ci: Actually build the package with x86 cross-compiler Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 19:11:24 +02:00
Jakub Jelen	2ba5a5e976	tests: Update to unbreak agent_cert test for CentOS 8 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-04-14 18:43:05 +02:00
Jakub Jelen	e0011a1970	pki: Avoid freeing static groups/points on OpenSSL<3 Fixup commit `49490ac06d` Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-04-14 17:09:28 +02:00
Tom Deseyn	6f029598c7	Emit channel_write_wontblock when remote window becomes non-zero. Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-14 15:02:03 +02:00
roytak	49490ac06d	pki_crypto: Fix memory leak Fixed memory leak in pki_publickey_to_blob when using an EC type of hostkey. Signed-off-by: roytak <xjanot04@stud.fit.vutbr.cz> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-14 14:28:05 +02:00

1 2 3 4 5 ...

5714 Commits