shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 18:04:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: shinys000114:libssh-0.11.2
Branches Tags
shinys000114:master shinys000114:stable-0.11 shinys000114:stable-0.9 shinys000114:stable-0.10 shinys000114:stable-0.8 shinys000114:master-fix shinys000114:v0-7 shinys000114:v0-6 shinys000114:v0-5 shinys000114:v0-4 shinys000114:v0-3 shinys000114:v0-2
shinys000114:libssh-0.11.3 shinys000114:libssh-0.11.2 shinys000114:libssh-0.11.1 shinys000114:libssh-0.11.0 shinys000114:libssh-0.9.8 shinys000114:libssh-0.10.6 shinys000114:libssh-0.9.7 shinys000114:libssh-0.10.5 shinys000114:libssh-0.10.4 shinys000114:libssh-0.10.3 shinys000114:libssh-0.10.2 shinys000114:libssh-0.10.0 shinys000114:libssh-0.9.6 shinys000114:libssh-0.9.5 shinys000114:libssh-0.8.9 shinys000114:libssh-0.9.4 shinys000114:libssh-0.8.8 shinys000114:libssh-0.9.3 shinys000114:libssh-0.9.2 shinys000114:libssh-0.9.1 shinys000114:libssh-0.9.0 shinys000114:libssh-0.8.7 shinys000114:libssh-0.8.6 shinys000114:libssh-0.7.7 shinys000114:libssh-0.8.5 shinys000114:libssh-0.7.6 shinys000114:libssh-0.8.4 shinys000114:libssh-0.8.3 shinys000114:libssh-0.8.2 shinys000114:libssh-0.8.1 shinys000114:libssh-0.8.0 shinys000114:libssh-0.7.5 shinys000114:libssh-0.7.4 shinys000114:libssh-0.7.3 shinys000114:libssh-0.7.2 shinys000114:libssh-0.7.1 shinys000114:libssh-0.7.0 shinys000114:libssh-0.6.5 shinys000114:libssh-0.6.4 shinys000114:libssh-0.6.3 shinys000114:libssh-0.6.1 shinys000114:libssh-0.6.0 shinys000114:libssh-0.5.5 shinys000114:libssh-0.5.4 shinys000114:libssh-0.5.3 shinys000114:libssh-0.5.2 shinys000114:libssh-0.5.1 shinys000114:release-0-5-0 shinys000114:release-0-4-8 shinys000114:release-0-4-7 shinys000114:release-0-4-6 shinys000114:release-0-4-5 shinys000114:release-0-4-4 shinys000114:release-0-4-3 shinys000114:release-0-4-2 shinys000114:release-0-4-1 shinys000114:release-0-4-0 shinys000114:release-0-3-4 shinys000114:release-0-3-3 shinys000114:release-0-3-2 shinys000114:release-0-3-1 shinys000114:release-0-3-0
...
compare: shinys000114:02cbd41b922f2603755d86f58f56798342015b07
Branches Tags
shinys000114:master shinys000114:stable-0.11 shinys000114:stable-0.9 shinys000114:stable-0.10 shinys000114:stable-0.8 shinys000114:master-fix shinys000114:v0-7 shinys000114:v0-6 shinys000114:v0-5 shinys000114:v0-4 shinys000114:v0-3 shinys000114:v0-2
shinys000114:libssh-0.11.3 shinys000114:libssh-0.11.2 shinys000114:libssh-0.11.1 shinys000114:libssh-0.11.0 shinys000114:libssh-0.9.8 shinys000114:libssh-0.10.6 shinys000114:libssh-0.9.7 shinys000114:libssh-0.10.5 shinys000114:libssh-0.10.4 shinys000114:libssh-0.10.3 shinys000114:libssh-0.10.2 shinys000114:libssh-0.10.0 shinys000114:libssh-0.9.6 shinys000114:libssh-0.9.5 shinys000114:libssh-0.8.9 shinys000114:libssh-0.9.4 shinys000114:libssh-0.8.8 shinys000114:libssh-0.9.3 shinys000114:libssh-0.9.2 shinys000114:libssh-0.9.1 shinys000114:libssh-0.9.0 shinys000114:libssh-0.8.7 shinys000114:libssh-0.8.6 shinys000114:libssh-0.7.7 shinys000114:libssh-0.8.5 shinys000114:libssh-0.7.6 shinys000114:libssh-0.8.4 shinys000114:libssh-0.8.3 shinys000114:libssh-0.8.2 shinys000114:libssh-0.8.1 shinys000114:libssh-0.8.0 shinys000114:libssh-0.7.5 shinys000114:libssh-0.7.4 shinys000114:libssh-0.7.3 shinys000114:libssh-0.7.2 shinys000114:libssh-0.7.1 shinys000114:libssh-0.7.0 shinys000114:libssh-0.6.5 shinys000114:libssh-0.6.4 shinys000114:libssh-0.6.3 shinys000114:libssh-0.6.1 shinys000114:libssh-0.6.0 shinys000114:libssh-0.5.5 shinys000114:libssh-0.5.4 shinys000114:libssh-0.5.3 shinys000114:libssh-0.5.2 shinys000114:libssh-0.5.1 shinys000114:release-0-5-0 shinys000114:release-0-4-8 shinys000114:release-0-4-7 shinys000114:release-0-4-6 shinys000114:release-0-4-5 shinys000114:release-0-4-4 shinys000114:release-0-4-3 shinys000114:release-0-4-2 shinys000114:release-0-4-1 shinys000114:release-0-4-0 shinys000114:release-0-3-4 shinys000114:release-0-3-3 shinys000114:release-0-3-2 shinys000114:release-0-3-1 shinys000114:release-0-3-0

22 Commits
libssh-0.1 ... 02cbd41b92

Author SHA1 Message Date
Andreas Schneider
02cbd41b92 tests: Call disable_secmem() before ssh_init() 
ssh_init calls ssh_crypto_init() which initializes the secure memory of
gcrypt. Those should actually be just called by the application once.
Lets do that.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 2966a4a33c)
 2025-08-08 16:11:26 +02:00
Andreas Schneider
750693d10b tests: Reformat cmocka_unit_test calls in torture_threads_pki_rsa.c 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 867630750c)
 2025-08-08 16:11:24 +02:00
Jakub Jelen
56953f8aab mbedtls: Avoid one more memory leak 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit 4f239f79c6)
 2025-08-08 13:49:35 +02:00
Jakub Jelen
0f1723b5c7 mbedtls: Rename label to match the current meaning 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit b314fd3e04)
 2025-08-08 13:49:29 +02:00
Jakub Jelen
f1998d6064 mbedtls: Avoid code duplication between v2 and v3 branches 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit d1ad796496)
 2025-08-08 13:49:28 +02:00
Jakub Jelen
d0ef7afdfa pki: Make sure the buffer is zeroized too 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit e2064b743d)
 2025-08-08 13:49:26 +02:00
Jakub Jelen
6e459f5756 pki_mbedtls: Simplify memory cleanup 
The spread out initialization and variable definition (and alising)
was hell to keep up with and was causing memory issues as reported by valgrind:

==4480== 128 bytes in 1 blocks are definitely lost in loss record 1 of 12
==4480==    at 0x48463F3: calloc (vg_replace_malloc.c:1675)
==4480==    by 0x487D152: mbedtls_mpi_grow (bignum.c:218)
==4480==    by 0x487D6C5: mbedtls_mpi_copy (bignum.c:334)
==4480==    by 0x48B9627: mbedtls_rsa_export (rsa.c:899)
==4480==    by 0x283955: pki_key_to_blob (pki_mbedcrypto.c:976)
==4480==    by 0x24F162: ssh_pki_export_privkey_blob (pki.c:2188)
==4480==    by 0x278001: ssh_pki_openssh_privkey_export (pki_container_openssh.c:546)
==4480==    by 0x24D7D2: ssh_pki_export_privkey_file_format (pki.c:1122)
==4480==    by 0x24D916: torture_pki_rsa_write_privkey_format (torture_pki_rsa.c:895)
==4480==    by 0x24D916: torture_pki_rsa_write_privkey (torture_pki_rsa.c:962)
==4480==    by 0x4865499: ??? (in /usr/lib64/libcmocka.so.0.8.0)
==4480==    by 0x4865C0B: _cmocka_run_group_tests (in /usr/lib64/libcmocka.so.0.8.0)
==4480==    by 0x252115: torture_run_tests (torture_pki_rsa.c:1160)
==4480==    by 0x2546B8: main (torture.c:1984)
==4480==

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit 6d2a3e4eb6)
 2025-08-08 13:49:25 +02:00
Jakub Jelen
51746e51f0 mbedcrypto: Refromat pki_key_to_blob() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit 7c34fa783d)
 2025-08-08 13:49:23 +02:00
Jakub Jelen
e7ef3f2962 CentOS 9 and 10 were updated to OpenSSL 3.5 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 51bd08027e)
 2025-08-08 11:37:19 +02:00
Jakub Jelen
b8d92bbcc7 tests: Fix build script to work also on MacOS correctly 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c2e9d39dbe)
 2025-08-08 11:30:53 +02:00
Jakub Jelen
f2aaee53df tests: Add more valgrind supressions for krb5 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit ab44f606b2)
 2025-08-08 11:29:54 +02:00
Jakub Jelen
b026b24b55 tests: Avoid needless call to pthread_exit() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 444982b38a)
 2025-08-08 11:29:50 +02:00
Jakub Jelen
028859ce99 pkd: Cleanup OpenSSL context 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 3df61a4e86)
 2025-08-08 11:29:45 +02:00
Jakub Jelen
d64f06f98a tests: Cleanup OpenSSL in the forked server processes 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7eefbbd478)
 2025-08-08 11:29:32 +02:00
Jakub Jelen
b298a04f96 tests: Cleanup OpenSSL in tests when GSSAPI is built 
also from the fuzzer tests

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 08a32ac381)
 2025-08-08 11:28:18 +02:00
Jakub Jelen
962012bbf6 Cleanup the loaded pkcs11 provider 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 62762bbbc9)
 2025-08-08 11:28:13 +02:00
Jakub Jelen
abfc42fad3 Finalize OpenSSL context from tests to make the valgrind output clean 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit ab3e08c2b5)
 2025-08-08 11:28:09 +02:00
Jakub Jelen
1ad67bd66e tests: Adjust valgrind supression to match new calls stack 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 809898b980)
 2025-08-08 11:24:55 +02:00
Jakub Jelen
f553a6740a pkd: Run hmac-sha1 tests with OpenSSH 
This was initially in hurry disabled in
ca4c874a9e because dropbear dropped support for
these HMACs. The follow-up commit enabled running these tests on old dropbear in
c17112f070, but still did not run them on openssh,
when the new dropbear was installed.

This fixes up the above commit to run the HMAC-SHA1 tests with OpenSSH even if
the new dropbear is installed.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
(cherry picked from commit 9817392e26)
 2025-08-08 11:24:32 +02:00
Nguyễn Thái Ngọc Duy
bac5d3f10a Fix ssh_handle_key_exchange() timeout 
See libssh-mirror#311 for background. But in some case, it's possible to
trigger the code in ssh_handle_key_exchange() to move session state
directly to SSH_SESSION_STATE_AUTHENTICATED. The exit condition for this
function is SSH_SESSION_STATE_AUTHENTICATING though, so when it happens,
ssh_handle_key_exchange() will time out eventually.

The fix is straightforward. Tested with the problematic
client (trilead-ssh2) and made sure the bad condition happened (and not
cause timeout)

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 168302b9d6)
 2025-08-08 11:24:28 +02:00
abdallah elhdad
c8c3d418ee Enable HMAC SHA1 tests for dropbear <2025.87 
Signed-off-by: abdallah elhdad <abdallahselhdad@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit c17112f070)
 2025-08-08 11:23:41 +02:00
Theo Buehler
33be8038fe Unbreak torture_config_make_absolute() on OpenBSD 
The torture_config_make_absolute() and its _no_sshdir() version both
segfault on OpenBSD. The reason for this is that the storage returned
by getpwuid() is backed by mmap and is unapped by the getpwnam() call
in ssh_path_expand_tilde(), so a later access to home segfaults. The
possibility of this happening (getpwnam() overwriting values returned
by getpwuid()) is explicitly called out in POSIX.

A simple fix is to work with copies of username and homedir.

Signed-off-by: Theo Buehler <tb@openbsd.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit ccb8cf88c8)
 2025-08-08 11:22:05 +02:00
29 changed files with 498 additions and 343 deletions
Expand all files Collapse all files

8
.gitlab-ci.yml
View File

@@ -121,7 +121,7 @@ review:
############################################################################### ###############################################################################
# CentOS builds # # CentOS builds #
############################################################################### ###############################################################################
centos10s/openssl_3.2.x/x86_64: centos10s/openssl_3.5.x/x86_64:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD
extends: .tests extends: .tests
variables: variables:
@@ -132,7 +132,7 @@ centos10s/openssl_3.2.x/x86_64:
make -j$(nproc) && make -j$(nproc) &&
ctest --output-on-failure ctest --output-on-failure
centos10s/openssl_3.2.x/x86_64/fips: centos10s/openssl_3.5.x/x86_64/fips:
extends: .fips extends: .fips
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD
variables: variables:
@@ -143,7 +143,7 @@ centos10s/openssl_3.2.x/x86_64/fips:
make -j$(nproc) && make -j$(nproc) &&
OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure
centos9s/openssl_3.0.x/x86_64: centos9s/openssl_3.5.x/x86_64:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD
extends: .tests extends: .tests
variables: variables:
@@ -160,7 +160,7 @@ centos9s/mbedtls_2.x/x86_64:
variables: variables:
CMAKE_ADDITIONAL_OPTIONS: "-DWITH_MBEDTLS=ON -DWITH_DEBUG_CRYPTO=ON -DWITH_BLOWFISH_CIPHER=OFF" CMAKE_ADDITIONAL_OPTIONS: "-DWITH_MBEDTLS=ON -DWITH_DEBUG_CRYPTO=ON -DWITH_BLOWFISH_CIPHER=OFF"
centos9s/openssl_3.0.x/x86_64/fips: centos9s/openssl_3.5.x/x86_64/fips:
extends: .fips extends: .fips
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD
script: script:

3
include/libssh/crypto.h
View File

@@ -223,9 +223,6 @@ int sshkdf_derive_key(struct ssh_crypto_struct *crypto,
size_t requested_len); size_t requested_len);
int secure_memcmp(const void *s1, const void *s2, size_t n); int secure_memcmp(const void *s1, const void *s2, size_t n);
#if defined(HAVE_LIBCRYPTO) && !defined(WITH_PKCS11_PROVIDER)
ENGINE *pki_get_engine(void);
#endif /* HAVE_LIBCRYPTO */
void compress_cleanup(struct ssh_crypto_struct *crypto); void compress_cleanup(struct ssh_crypto_struct *crypto);

9
include/libssh/libcrypto.h
View File

@@ -121,6 +121,15 @@ typedef BN_CTX* bignum_CTX;
ssh_string pki_key_make_ecpoint_string(const EC_GROUP *g, const EC_POINT *p); ssh_string pki_key_make_ecpoint_string(const EC_GROUP *g, const EC_POINT *p);
int pki_key_ecgroup_name_to_nid(const char *group); int pki_key_ecgroup_name_to_nid(const char *group);
#if defined(WITH_PKCS11_URI)
#if defined(WITH_PKCS11_PROVIDER)
int pki_load_pkcs11_provider(void);
#else
ENGINE *pki_get_engine(void);
#endif
#endif /* WITH_PKCS11_PROVIDER */
#endif /* HAVE_LIBCRYPTO */ #endif /* HAVE_LIBCRYPTO */
#endif /* LIBCRYPTO_H_ */ #endif /* LIBCRYPTO_H_ */

46
src/libcrypto.c
View File

@@ -49,8 +49,9 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/hmac.h> #include <openssl/hmac.h>
#else #else
#include <openssl/param_build.h>
#include <openssl/core_names.h> #include <openssl/core_names.h>
#include <openssl/param_build.h>
#include <openssl/provider.h>
#endif /* OPENSSL_VERSION_NUMBER */ #endif /* OPENSSL_VERSION_NUMBER */
#include <openssl/rand.h> #include <openssl/rand.h>
#if defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER) #if defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER)
@@ -96,7 +97,37 @@ void ssh_reseed(void){
#endif #endif
} }
#if defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER) #if defined(WITH_PKCS11_URI)
#if defined(WITH_PKCS11_PROVIDER)
static OSSL_PROVIDER *provider = NULL;
static bool pkcs11_provider_failed = false;
int pki_load_pkcs11_provider(void)
{
if (OSSL_PROVIDER_available(NULL, "pkcs11") == 1) {
/* the provider is already available.
* Loaded through a configuration file? */
return SSH_OK;
}
if (pkcs11_provider_failed) {
/* the loading failed previously -- do not retry */
return SSH_ERROR;
}
provider = OSSL_PROVIDER_try_load(NULL, "pkcs11", 1);
if (provider != NULL) {
return SSH_OK;
}
SSH_LOG(SSH_LOG_TRACE,
"Failed to load the pkcs11 provider: %s",
ERR_error_string(ERR_get_error(), NULL));
/* Do not attempt to load it again */
pkcs11_provider_failed = true;
return SSH_ERROR;
}
#else
static ENGINE *engine = NULL; static ENGINE *engine = NULL;
ENGINE *pki_get_engine(void) ENGINE *pki_get_engine(void)
@@ -128,7 +159,8 @@ ENGINE *pki_get_engine(void)
} }
return engine; return engine;
} }
#endif /* defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER) */ #endif /* defined(WITH_PKCS11_PROVIDER) */
#endif /* defined(WITH_PKCS11_URI) */
#ifdef HAVE_OPENSSL_EVP_KDF_CTX #ifdef HAVE_OPENSSL_EVP_KDF_CTX
#if OPENSSL_VERSION_NUMBER < 0x30000000L #if OPENSSL_VERSION_NUMBER < 0x30000000L
@@ -1402,6 +1434,14 @@ void ssh_crypto_finalize(void)
engine = NULL; engine = NULL;
} }
#endif #endif
#if defined(WITH_PKCS11_URI)
#if defined(WITH_PKCS11_PROVIDER)
if (provider != NULL) {
OSSL_PROVIDER_unload(provider);
provider = NULL;
}
#endif /* WITH_PKCS11_PROVIDER */
#endif /* WITH_PKCS11_URI */
libcrypto_initialized = 0; libcrypto_initialized = 0;
} }

23
src/pki_crypto.c
View File

@@ -46,7 +46,6 @@
#include <openssl/param_build.h> #include <openssl/param_build.h>
#if defined(WITH_PKCS11_URI) && defined(WITH_PKCS11_PROVIDER) #if defined(WITH_PKCS11_URI) && defined(WITH_PKCS11_PROVIDER)
#include <openssl/store.h> #include <openssl/store.h>
#include <openssl/provider.h>
#endif #endif
#endif /* OPENSSL_VERSION_NUMBER */ #endif /* OPENSSL_VERSION_NUMBER */
@@ -1429,6 +1428,8 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
if (buffer == NULL) { if (buffer == NULL) {
return NULL; return NULL;
} }
/* The buffer will contain sensitive information. Make sure it is erased */
ssh_buffer_set_secure(buffer);
if (key->cert != NULL) { if (key->cert != NULL) {
rc = ssh_buffer_add_buffer(buffer, key->cert); rc = ssh_buffer_add_buffer(buffer, key->cert);
@@ -2719,9 +2720,6 @@ error:
} }
#ifdef WITH_PKCS11_URI #ifdef WITH_PKCS11_URI
#ifdef WITH_PKCS11_PROVIDER
static bool pkcs11_provider_failed = false;
#endif
/** /**
* @internal * @internal
@@ -2787,19 +2785,10 @@ int pki_uri_import(const char *uri_name,
/* The provider can be either configured in openssl.cnf or dynamically /* The provider can be either configured in openssl.cnf or dynamically
* loaded, assuming it does not need any special configuration */ * loaded, assuming it does not need any special configuration */
if (OSSL_PROVIDER_available(NULL, "pkcs11") == 0 && rv = pki_load_pkcs11_provider();
!pkcs11_provider_failed) { if (rv != SSH_OK) {
OSSL_PROVIDER *pkcs11_provider = NULL; SSH_LOG(SSH_LOG_TRACE, "Failed to load or initialize pkcs11 provider");
goto fail;
pkcs11_provider = OSSL_PROVIDER_try_load(NULL, "pkcs11", 1);
if (pkcs11_provider == NULL) {
SSH_LOG(SSH_LOG_TRACE,
"Failed to initialize provider: %s",
ERR_error_string(ERR_get_error(), NULL));
/* Do not attempt to load it again */
pkcs11_provider_failed = true;
goto fail;
}
} }
store = OSSL_STORE_open(uri_name, NULL, NULL, NULL, NULL); store = OSSL_STORE_open(uri_name, NULL, NULL, NULL, NULL);

2
src/pki_gcrypt.c
View File

@@ -1409,6 +1409,8 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
if (buffer == NULL) { if (buffer == NULL) {
return NULL; return NULL;
} }
/* The buffer will contain sensitive information. Make sure it is erased */
ssh_buffer_set_secure(buffer);
if (key->cert != NULL) { if (key->cert != NULL) {
rc = ssh_buffer_add_buffer(buffer, key->cert); rc = ssh_buffer_add_buffer(buffer, key->cert);

442
src/pki_mbedcrypto.c
View File

@@ -864,7 +864,12 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
ssh_string type_s = NULL; ssh_string type_s = NULL;
ssh_string e = NULL; ssh_string e = NULL;
ssh_string n = NULL; ssh_string n = NULL;
ssh_string p = NULL;
ssh_string q = NULL;
ssh_string d = NULL;
ssh_string iqmp = NULL;
ssh_string str = NULL; ssh_string str = NULL;
int rc;
#if MBEDTLS_VERSION_MAJOR > 2 #if MBEDTLS_VERSION_MAJOR > 2
mbedtls_mpi E = {0}; mbedtls_mpi E = {0};
mbedtls_mpi N = {0}; mbedtls_mpi N = {0};
@@ -872,18 +877,21 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
mbedtls_mpi IQMP = {0}; mbedtls_mpi IQMP = {0};
mbedtls_mpi P = {0}; mbedtls_mpi P = {0};
mbedtls_mpi Q = {0}; mbedtls_mpi Q = {0};
#endif
int rc;
#if MBEDTLS_VERSION_MAJOR > 2
mbedtls_mpi_init(&E); mbedtls_mpi_init(&E);
mbedtls_mpi_init(&N); mbedtls_mpi_init(&N);
mbedtls_mpi_init(&D);
mbedtls_mpi_init(&IQMP);
mbedtls_mpi_init(&P);
mbedtls_mpi_init(&Q);
#endif #endif
buffer = ssh_buffer_new(); buffer = ssh_buffer_new();
if (buffer == NULL) { if (buffer == NULL) {
return NULL; return NULL;
} }
/* The buffer will contain sensitive information. Make sure it is erased */
ssh_buffer_set_secure(buffer);
if (key->cert != NULL) { if (key->cert != NULL) {
rc = ssh_buffer_add_buffer(buffer, key->cert); rc = ssh_buffer_add_buffer(buffer, key->cert);
@@ -909,279 +917,241 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
} }
switch (key->type) { switch (key->type) {
case SSH_KEYTYPE_RSA: { case SSH_KEYTYPE_RSA: {
mbedtls_rsa_context *rsa; mbedtls_rsa_context *rsa = NULL;
if (mbedtls_pk_can_do(key->pk, MBEDTLS_PK_RSA) == 0) { mbedtls_mpi *E_ptr = NULL, *N_ptr = NULL;
SSH_BUFFER_FREE(buffer);
return NULL;
}
rsa = mbedtls_pk_rsa(*key->pk); if (mbedtls_pk_can_do(key->pk, MBEDTLS_PK_RSA) == 0) {
SSH_BUFFER_FREE(buffer);
#if MBEDTLS_VERSION_MAJOR > 2 return NULL;
rc = mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E);
if (rc != 0) {
goto fail;
}
e = ssh_make_bignum_string(&E);
if (e == NULL) {
goto fail;
}
n = ssh_make_bignum_string(&N);
if (n == NULL) {
goto fail;
}
#else
e = ssh_make_bignum_string(&rsa->E);
if (e == NULL) {
goto fail;
}
n = ssh_make_bignum_string(&rsa->N);
if (n == NULL) {
goto fail;
}
#endif
if (type == SSH_KEY_PUBLIC) {
/* The N and E parts are swapped in the public key export ! */
rc = ssh_buffer_add_ssh_string(buffer, e);
if (rc < 0) {
goto fail;
}
rc = ssh_buffer_add_ssh_string(buffer, n);
if (rc < 0) {
goto fail;
}
} else if (type == SSH_KEY_PRIVATE) {
ssh_string p = NULL;
ssh_string q = NULL;
ssh_string d = NULL;
ssh_string iqmp = NULL;
rc = ssh_buffer_add_ssh_string(buffer, n);
if (rc < 0) {
goto fail;
}
rc = ssh_buffer_add_ssh_string(buffer, e);
if (rc < 0) {
goto fail;
}
#if MBEDTLS_VERSION_MAJOR > 2
rc = mbedtls_rsa_export(rsa, NULL, &P, &Q, &D, NULL);
if (rc != 0) {
goto fail;
}
p = ssh_make_bignum_string(&P);
if (p == NULL) {
goto fail;
}
q = ssh_make_bignum_string(&Q);
if (q == NULL) {
goto fail;
}
d = ssh_make_bignum_string(&D);
if (d == NULL) {
goto fail;
}
rc = mbedtls_rsa_export_crt(rsa, NULL, NULL, &IQMP);
if (rc != 0) {
goto fail;
}
iqmp = ssh_make_bignum_string(&IQMP);
if (iqmp == NULL) {
goto fail;
}
#else
p = ssh_make_bignum_string(&rsa->P);
if (p == NULL) {
goto fail;
}
q = ssh_make_bignum_string(&rsa->Q);
if (q == NULL) {
goto fail;
}
d = ssh_make_bignum_string(&rsa->D);
if (d == NULL) {
goto fail;
}
iqmp = ssh_make_bignum_string(&rsa->QP);
if (iqmp == NULL) {
goto fail;
}
#endif
rc = ssh_buffer_add_ssh_string(buffer, d);
if (rc < 0) {
goto fail;
}
rc = ssh_buffer_add_ssh_string(buffer, iqmp);
if (rc < 0) {
goto fail;
}
rc = ssh_buffer_add_ssh_string(buffer, p);
if (rc < 0) {
goto fail;
}
rc = ssh_buffer_add_ssh_string(buffer, q);
if (rc < 0) {
goto fail;
}
ssh_string_burn(d);
SSH_STRING_FREE(d);
d = NULL;
ssh_string_burn(iqmp);
SSH_STRING_FREE(iqmp);
iqmp = NULL;
ssh_string_burn(p);
SSH_STRING_FREE(p);
p = NULL;
ssh_string_burn(q);
SSH_STRING_FREE(q);
q = NULL;
}
ssh_string_burn(e);
SSH_STRING_FREE(e);
e = NULL;
ssh_string_burn(n);
SSH_STRING_FREE(n);
n = NULL;
break;
} }
case SSH_KEYTYPE_ECDSA_P256:
case SSH_KEYTYPE_ECDSA_P384:
case SSH_KEYTYPE_ECDSA_P521:
case SSH_KEYTYPE_SK_ECDSA:
type_s =
ssh_string_from_char(pki_key_ecdsa_nid_to_char(key->ecdsa_nid));
if (type_s == NULL) {
SSH_BUFFER_FREE(buffer);
return NULL;
}
rc = ssh_buffer_add_ssh_string(buffer, type_s); rsa = mbedtls_pk_rsa(*key->pk);
SSH_STRING_FREE(type_s); #if MBEDTLS_VERSION_MAJOR > 2
rc = mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E);
if (rc != 0) {
goto out;
}
E_ptr = &E;
N_ptr = &N;
#else
E_ptr = &rsa->E;
N_ptr = &rsa->N;
#endif
e = ssh_make_bignum_string(E_ptr);
if (e == NULL) {
goto out;
}
n = ssh_make_bignum_string(N_ptr);
if (n == NULL) {
goto out;
}
if (type == SSH_KEY_PUBLIC) {
/* The N and E parts are swapped in the public key export ! */
rc = ssh_buffer_add_ssh_string(buffer, e);
if (rc < 0) { if (rc < 0) {
SSH_BUFFER_FREE(buffer); goto out;
return NULL;
} }
e = make_ecpoint_string(&key->ecdsa->MBEDTLS_PRIVATE(grp), rc = ssh_buffer_add_ssh_string(buffer, n);
&key->ecdsa->MBEDTLS_PRIVATE(Q)); if (rc < 0) {
goto out;
}
} else if (type == SSH_KEY_PRIVATE) {
mbedtls_mpi *P_ptr = NULL, *Q_ptr = NULL, *D_ptr = NULL;
mbedtls_mpi *IQMP_ptr = NULL;
if (e == NULL) { rc = ssh_buffer_add_ssh_string(buffer, n);
SSH_BUFFER_FREE(buffer); if (rc < 0) {
return NULL; goto out;
} }
rc = ssh_buffer_add_ssh_string(buffer, e); rc = ssh_buffer_add_ssh_string(buffer, e);
if (rc < 0) { if (rc < 0) {
goto fail; goto out;
} }
ssh_string_burn(e); #if MBEDTLS_VERSION_MAJOR > 2
SSH_STRING_FREE(e); rc = mbedtls_rsa_export(rsa, NULL, &P, &Q, &D, NULL);
e = NULL; if (rc != 0) {
goto out;
}
if (type == SSH_KEY_PRIVATE) { rc = mbedtls_rsa_export_crt(rsa, NULL, NULL, &IQMP);
ssh_string d = NULL; if (rc != 0) {
d = ssh_make_bignum_string(&key->ecdsa->MBEDTLS_PRIVATE(d)); goto out;
}
if (d == NULL) { P_ptr = &P;
SSH_BUFFER_FREE(buffer); Q_ptr = &Q;
return NULL; D_ptr = &D;
} IQMP_ptr = &IQMP;
#else
P_ptr = &rsa->P;
Q_ptr = &rsa->Q;
D_ptr = &rsa->D;
IQMP_ptr = &rsa->QP;
#endif
rc = ssh_buffer_add_ssh_string(buffer, d); p = ssh_make_bignum_string(P_ptr);
if (rc < 0) { if (p == NULL) {
goto fail; goto out;
} }
ssh_string_burn(d); q = ssh_make_bignum_string(Q_ptr);
SSH_STRING_FREE(d); if (q == NULL) {
d = NULL; goto out;
} else if (key->type == SSH_KEYTYPE_SK_ECDSA) { }
/* public key can contain certificate sk information */
d = ssh_make_bignum_string(D_ptr);
if (d == NULL) {
goto out;
}
iqmp = ssh_make_bignum_string(IQMP_ptr);
if (iqmp == NULL) {
goto out;
}
rc = ssh_buffer_add_ssh_string(buffer, d);
if (rc < 0) {
goto out;
}
rc = ssh_buffer_add_ssh_string(buffer, iqmp);
if (rc < 0) {
goto out;
}
rc = ssh_buffer_add_ssh_string(buffer, p);
if (rc < 0) {
goto out;
}
rc = ssh_buffer_add_ssh_string(buffer, q);
if (rc < 0) {
goto out;
}
}
break;
}
case SSH_KEYTYPE_ECDSA_P256:
case SSH_KEYTYPE_ECDSA_P384:
case SSH_KEYTYPE_ECDSA_P521:
case SSH_KEYTYPE_SK_ECDSA:
type_s =
ssh_string_from_char(pki_key_ecdsa_nid_to_char(key->ecdsa_nid));
if (type_s == NULL) {
SSH_BUFFER_FREE(buffer);
return NULL;
}
rc = ssh_buffer_add_ssh_string(buffer, type_s);
SSH_STRING_FREE(type_s);
if (rc < 0) {
SSH_BUFFER_FREE(buffer);
return NULL;
}
e = make_ecpoint_string(&key->ecdsa->MBEDTLS_PRIVATE(grp),
&key->ecdsa->MBEDTLS_PRIVATE(Q));
if (e == NULL) {
SSH_BUFFER_FREE(buffer);
return NULL;
}
rc = ssh_buffer_add_ssh_string(buffer, e);
if (rc < 0) {
goto out;
}
if (type == SSH_KEY_PRIVATE) {
d = ssh_make_bignum_string(&key->ecdsa->MBEDTLS_PRIVATE(d));
if (d == NULL) {
SSH_BUFFER_FREE(buffer);
goto out;
}
rc = ssh_buffer_add_ssh_string(buffer, d);
if (rc < 0) {
goto out;
}
} else if (key->type == SSH_KEYTYPE_SK_ECDSA) {
/* public key can contain certificate sk information */
rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
if (rc < 0) {
goto out;
}
}
break;
case SSH_KEYTYPE_ED25519:
case SSH_KEYTYPE_SK_ED25519:
if (type == SSH_KEY_PUBLIC) {
rc = pki_ed25519_public_key_to_blob(buffer, key);
if (rc == SSH_ERROR) {
goto out;
}
/* public key can contain certificate sk information */
if (key->type == SSH_KEYTYPE_SK_ED25519) {
rc = ssh_buffer_add_ssh_string(buffer, key->sk_application); rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
if (rc < 0) { if (rc < 0) {
goto fail; goto out;
}
}
break;
case SSH_KEYTYPE_ED25519:
case SSH_KEYTYPE_SK_ED25519:
if (type == SSH_KEY_PUBLIC) {
rc = pki_ed25519_public_key_to_blob(buffer, key);
if (rc == SSH_ERROR) {
goto fail;
}
/* public key can contain certificate sk information */
if (key->type == SSH_KEYTYPE_SK_ED25519) {
rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
if (rc < 0) {
goto fail;
}
}
} else {
rc = pki_ed25519_private_key_to_blob(buffer, key);
if (rc == SSH_ERROR) {
goto fail;
} }
} }
break; } else {
default: rc = pki_ed25519_private_key_to_blob(buffer, key);
goto fail; if (rc == SSH_ERROR) {
goto out;
}
}
break;
default:
goto out;
} }
makestring: makestring:
str = ssh_string_new(ssh_buffer_get_len(buffer)); str = ssh_string_new(ssh_buffer_get_len(buffer));
if (str == NULL) { if (str == NULL) {
goto fail; goto out;
} }
rc = ssh_string_fill(str, ssh_buffer_get(buffer), rc = ssh_string_fill(str,
ssh_buffer_get_len(buffer)); ssh_buffer_get(buffer),
ssh_buffer_get_len(buffer));
if (rc < 0) { if (rc < 0) {
goto fail; ssh_string_burn(str);
SSH_STRING_FREE(str);
} }
out:
SSH_BUFFER_FREE(buffer); SSH_BUFFER_FREE(buffer);
#if MBEDTLS_VERSION_MAJOR > 2
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&E);
#endif
return str;
fail:
SSH_BUFFER_FREE(buffer);
ssh_string_burn(str);
SSH_STRING_FREE(str);
ssh_string_burn(e); ssh_string_burn(e);
SSH_STRING_FREE(e); SSH_STRING_FREE(e);
ssh_string_burn(n); ssh_string_burn(n);
SSH_STRING_FREE(n); SSH_STRING_FREE(n);
ssh_string_burn(d);
SSH_STRING_FREE(d);
ssh_string_burn(iqmp);
SSH_STRING_FREE(iqmp);
ssh_string_burn(p);
SSH_STRING_FREE(p);
ssh_string_burn(q);
SSH_STRING_FREE(q);
#if MBEDTLS_VERSION_MAJOR > 2 #if MBEDTLS_VERSION_MAJOR > 2
mbedtls_mpi_free(&N); mbedtls_mpi_free(&N);
mbedtls_mpi_free(&E); mbedtls_mpi_free(&E);
mbedtls_mpi_free(&D);
mbedtls_mpi_free(&IQMP);
mbedtls_mpi_free(&P);
mbedtls_mpi_free(&Q);
#endif #endif
return NULL; return str;
} }
ssh_string pki_signature_to_blob(const ssh_signature sig) ssh_string pki_signature_to_blob(const ssh_signature sig)

1
src/server.c
View File

@@ -523,6 +523,7 @@ static int ssh_server_kex_termination(void *s){
ssh_session session = s; ssh_session session = s;
if (session->session_state != SSH_SESSION_STATE_ERROR && if (session->session_state != SSH_SESSION_STATE_ERROR &&
session->session_state != SSH_SESSION_STATE_AUTHENTICATING && session->session_state != SSH_SESSION_STATE_AUTHENTICATING &&
session->session_state != SSH_SESSION_STATE_AUTHENTICATED &&
session->session_state != SSH_SESSION_STATE_DISCONNECTED) session->session_state != SSH_SESSION_STATE_DISCONNECTED)
return 0; return 0;
else else

22
tests/CMakeLists.txt
View File

@@ -23,6 +23,12 @@ if (NOT WIN32)
${TORTURE_LINK_LIBRARIES} ${TORTURE_LINK_LIBRARIES}
pthread) pthread)
endif(NOT WIN32) endif(NOT WIN32)
if (WITH_GSSAPI AND GSSAPI_FOUND)
find_package(OpenSSL 1.1.1 REQUIRED)
set(TORTURE_LINK_LIBRARIES
${TORTURE_LINK_LIBRARIES}
OpenSSL::Crypto)
endif (WITH_GSSAPI AND GSSAPI_FOUND)
# create test library # create test library
add_library(${TORTURE_LIBRARY} add_library(${TORTURE_LIBRARY}
@@ -163,6 +169,22 @@ if (SSH_EXECUTABLE)
endif() endif()
find_program(DROPBEAR_EXECUTABLE NAMES dbclient)
if (DROPBEAR_EXECUTABLE)
execute_process(COMMAND ${DROPBEAR_EXECUTABLE} -V ERROR_VARIABLE DROPBEAR_VERSION_STR)
string(REGEX REPLACE "^.*Dropbear v([0-9]+)\\.([0-9]+).*$" "\\1.\\2" DROPBEAR_VERSION "${DROPBEAR_VERSION_STR}")
set(DROPBEAR_VERSION "${DROPBEAR_VERSION}")
# HMAC-SHA1 support was removed in version 2025.87
if("${DROPBEAR_VERSION}" VERSION_LESS "2025.87")
message("Dropbear Version less than 2025.87, enabling dropbear HMAC-SHA1 tests")
add_definitions(-DDROPBEAR_SUPPORTS_HMAC_SHA1)
endif()
else()
message(STATUS "Could NOT find Dropbear (missing: dbclient executable)")
set(DROPBEAR_EXECUTABLE "/bin/false")
endif()
find_program(SSHD_EXECUTABLE find_program(SSHD_EXECUTABLE
NAME NAME
sshd sshd

2
tests/client/torture_gssapi_auth.c
View File

@@ -272,5 +272,5 @@ torture_run_tests(void)
rc = cmocka_run_group_tests(tests, sshd_setup, sshd_teardown); rc = cmocka_run_group_tests(tests, sshd_setup, sshd_teardown);
ssh_finalize(); ssh_finalize();
pthread_exit((void *)&rc); return rc;
} }

4
tests/fuzz/CMakeLists.txt
View File

@@ -2,9 +2,7 @@ project(fuzzing CXX)
macro(fuzzer name) macro(fuzzer name)
add_executable(${name} ${name}.c) add_executable(${name} ${name}.c)
target_link_libraries(${name} target_link_libraries(${name} PRIVATE ${TORTURE_LINK_LIBRARIES})
PRIVATE
ssh::static pthread)
if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang") if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
set_target_properties(${name} set_target_properties(${name}
PROPERTIES PROPERTIES

10
tests/fuzz/fuzzer.c
View File

@@ -1,8 +1,14 @@
/* Simpler gnu89 version of StandaloneFuzzTargetMain.c from LLVM */ /* Simpler gnu89 version of StandaloneFuzzTargetMain.c from LLVM */
#include "config.h"
#include <assert.h> #include <assert.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
#include <openssl/crypto.h>
#endif
int LLVMFuzzerTestOneInput (const unsigned char *data, size_t size); int LLVMFuzzerTestOneInput (const unsigned char *data, size_t size);
__attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv); __attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv);
@@ -35,5 +41,9 @@ main (int argc, char **argv)
free (buf); free (buf);
printf ("Done!\n"); printf ("Done!\n");
#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
OPENSSL_cleanup();
#endif
return 0; return 0;
} }

4
tests/pkd/CMakeLists.txt
View File

@@ -17,10 +17,8 @@ set(pkd_hello_src
) )
set(pkd_libs set(pkd_libs
${CMOCKA_LIBRARY} ${TORTURE_LINK_LIBRARIES}
ssh::static
${ARGP_LIBRARIES} ${ARGP_LIBRARIES}
pthread
) )
add_executable(pkd_hello ${pkd_hello_src}) add_executable(pkd_hello ${pkd_hello_src})

2
tests/pkd/pkd_client.h
View File

@@ -61,7 +61,7 @@
/* Dropbear */ /* Dropbear */
#define DROPBEAR_BINARY "dbclient" #define DROPBEAR_BINARY DROPBEAR_EXECUTABLE
#define DROPBEAR_KEYGEN "dropbearkey" #define DROPBEAR_KEYGEN "dropbearkey"
#define DROPBEAR_CMD_START \ #define DROPBEAR_CMD_START \

34
tests/pkd/pkd_hello.c
View File

@@ -22,6 +22,11 @@
#include "pkd_keyutil.h" #include "pkd_keyutil.h"
#include "pkd_util.h" #include "pkd_util.h"
#if defined(HAVE_LIBCRYPTO)
/* for OPENSSL_cleanup() of OpenSSL context */
#include <openssl/crypto.h>
#endif
#define DEFAULT_ITERATIONS 10 #define DEFAULT_ITERATIONS 10
static struct pkd_daemon_args pkd_dargs; static struct pkd_daemon_args pkd_dargs;
@@ -410,22 +415,32 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown) f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown)
#define PKDTESTS_MAC_FIPS(f, client, maccmd) \ #define PKDTESTS_MAC_FIPS_BASE(f, client, maccmd) \
f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \
f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) \
f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown)
/* TODO: Include these tests when an older version of dropbear is used. Currently, they have been removed as the latest dropbear version #define PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd) \
does not support these MACs. f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \
f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \
f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown)
f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \ #ifdef DROPBEAR_SUPPORTS_HMAC_SHA1
f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \ #define PKDTESTS_MAC_FIPS(f, client, maccmd) \
f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \ PKDTESTS_MAC_FIPS_BASE(f, client, maccmd) \
f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \ PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd)
*/ #define PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd)
#else
#define PKDTESTS_MAC_FIPS(f, client, maccmd) \
PKDTESTS_MAC_FIPS_BASE(f, client, maccmd)
#define PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd) \
PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd)
#endif
#define PKDTESTS_MAC_OPENSSHONLY_FIPS(f, client, maccmd) \ #define PKDTESTS_MAC_OPENSSHONLY_FIPS(f, client, maccmd) \
PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd) \
f(client, ecdsa_256_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \
@@ -990,6 +1005,9 @@ out_finalize:
if (rc != 0) { if (rc != 0) {
fprintf(stderr, "ssh_finalize: %d\n", rc); fprintf(stderr, "ssh_finalize: %d\n", rc);
} }
#if defined(HAVE_LIBCRYPTO)
OPENSSL_cleanup();
#endif
out: out:
return exit_code; return exit_code;
} }

5
tests/server/test_server/CMakeLists.txt
View File

@@ -11,7 +11,8 @@ set(server_SRCS
add_library(testserver STATIC add_library(testserver STATIC
test_server.c test_server.c
default_cb.c default_cb.c
sftpserver_cb.c) sftpserver_cb.c
testserver_common.c)
if (WITH_COVERAGE) if (WITH_COVERAGE)
append_coverage_compiler_flags_to_target(testserver) append_coverage_compiler_flags_to_target(testserver)
endif (WITH_COVERAGE) endif (WITH_COVERAGE)
@@ -32,7 +33,7 @@ if (UNIX AND NOT WIN32)
add_executable(test_server ${server_SRCS}) add_executable(test_server ${server_SRCS})
target_compile_options(test_server PRIVATE ${DEFAULT_C_COMPILE_FLAGS}) target_compile_options(test_server PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
target_link_libraries(test_server target_link_libraries(test_server
PRIVATE testserver ssh::ssh ${ARGP_LIBRARIES} util) PRIVATE testserver ${TORTURE_LINK_LIBRARIES} ${ARGP_LIBRARIES} util)
if (WITH_COVERAGE) if (WITH_COVERAGE)
append_coverage_compiler_flags_to_target(test_server) append_coverage_compiler_flags_to_target(test_server)
endif (WITH_COVERAGE) endif (WITH_COVERAGE)

5
tests/server/test_server/default_cb.c
View File

@@ -21,9 +21,11 @@
* MA 02111-1307, USA. * MA 02111-1307, USA.
*/ */
#include "config.h" #include "config.h"
#include "test_server.h" #include "test_server.h"
#include "default_cb.h" #include "default_cb.h"
#include "testserver_common.h"
#include <libssh/callbacks.h> #include <libssh/callbacks.h>
#include <libssh/server.h> #include <libssh/server.h>
@@ -448,9 +450,11 @@ static int exec_pty(const char *mode,
case 0: case 0:
close(cdata->pty_master); close(cdata->pty_master);
if (login_tty(cdata->pty_slave) != 0) { if (login_tty(cdata->pty_slave) != 0) {
finalize_openssl();
exit(1); exit(1);
} }
execl("/bin/sh", "sh", mode, command, NULL); execl("/bin/sh", "sh", mode, command, NULL);
finalize_openssl();
exit(0); exit(0);
default: default:
close(cdata->pty_slave); close(cdata->pty_slave);
@@ -500,6 +504,7 @@ static int exec_nopty(const char *command, struct channel_data_st *cdata)
close(err[1]); close(err[1]);
/* exec the requested command. */ /* exec the requested command. */
execl("/bin/sh", "sh", "-c", command, NULL); execl("/bin/sh", "sh", "-c", command, NULL);
finalize_openssl();
exit(0); exit(0);
} }

9
tests/server/test_server/test_server.c
View File

@@ -22,6 +22,7 @@
*/ */
#include "test_server.h" #include "test_server.h"
#include "testserver_common.h"
#include <libssh/priv.h> #include <libssh/priv.h>
#include <libssh/libssh.h> #include <libssh/libssh.h>
@@ -288,6 +289,7 @@ int run_server(struct server_state_st *state)
free_server_state(state); free_server_state(state);
SAFE_FREE(state); SAFE_FREE(state);
finalize_openssl();
exit(0); exit(0);
case -1: case -1:
fprintf(stderr, "Failed to fork\n"); fprintf(stderr, "Failed to fork\n");
@@ -355,11 +357,8 @@ fork_run_server(struct server_state_st *state,
/* The child process starts a server which will listen for connections */ /* The child process starts a server which will listen for connections */
rc = run_server(state); rc = run_server(state);
if (rc != 0) { finalize_openssl();
exit(rc); exit(rc);
}
exit(0);
case -1: case -1:
strerror_r(errno, err_str, 1024); strerror_r(errno, err_str, 1024);
fprintf(stderr, "Failed to fork: %s\n", fprintf(stderr, "Failed to fork: %s\n",

36
tests/server/test_server/testserver_common.c Normal file
View File

@@ -0,0 +1,36 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2025 by Red Hat, Inc.
*
* Author: Jakub Jelen <jjelen@redhat.com>
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the SSH Library; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#include "testserver_common.h"
#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
#include <openssl/crypto.h>
#endif
void finalize_openssl(void)
{
#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
OPENSSL_cleanup();
#endif
}

26
tests/server/test_server/testserver_common.h Normal file
View File

@@ -0,0 +1,26 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2025 by Red Hat, Inc.
*
* Author: Jakub Jelen <jjelen@redhat.com>
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the SSH Library; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#include "config.h"
void finalize_openssl(void);

2
tests/server/torture_gssapi_server_auth.c
View File

@@ -451,5 +451,5 @@ torture_run_tests(void)
teardown_default_server); teardown_default_server);
ssh_finalize(); ssh_finalize();
pthread_exit((void *)&rc); return rc;
} }

2
tests/server/torture_gssapi_server_auth_cb.c
View File

@@ -475,5 +475,5 @@ torture_run_tests(void)
teardown_default_server); teardown_default_server);
ssh_finalize(); ssh_finalize();
pthread_exit((void *)&rc); return rc;
} }

2
tests/server/torture_gssapi_server_delegation.c
View File

@@ -371,5 +371,5 @@ torture_run_tests(void)
teardown_default_server); teardown_default_server);
ssh_finalize(); ssh_finalize();
pthread_exit((void *)&rc); return rc;
} }

1
tests/tests_config.h.cmake
View File

@@ -65,6 +65,7 @@
#cmakedefine NCAT_EXECUTABLE "${NCAT_EXECUTABLE}" #cmakedefine NCAT_EXECUTABLE "${NCAT_EXECUTABLE}"
#cmakedefine SSHD_EXECUTABLE "${SSHD_EXECUTABLE}" #cmakedefine SSHD_EXECUTABLE "${SSHD_EXECUTABLE}"
#cmakedefine SSH_EXECUTABLE "${SSH_EXECUTABLE}" #cmakedefine SSH_EXECUTABLE "${SSH_EXECUTABLE}"
#cmakedefine DROPBEAR_EXECUTABLE "${DROPBEAR_EXECUTABLE}"
#cmakedefine WITH_TIMEOUT ${WITH_TIMEOUT} #cmakedefine WITH_TIMEOUT ${WITH_TIMEOUT}
#cmakedefine TIMEOUT_EXECUTABLE "${TIMEOUT_EXECUTABLE}" #cmakedefine TIMEOUT_EXECUTABLE "${TIMEOUT_EXECUTABLE}"
#cmakedefine SOFTHSM2_LIBRARY "${SOFTHSM2_LIBRARY}" #cmakedefine SOFTHSM2_LIBRARY "${SOFTHSM2_LIBRARY}"

35
tests/torture.c
View File

@@ -52,6 +52,11 @@
#include <valgrind/valgrind.h> #include <valgrind/valgrind.h>
#endif #endif
#ifdef WITH_GSSAPI
/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
#include <openssl/crypto.h>
#endif
#define TORTURE_SSHD_SRV_IPV4 "127.0.0.10" #define TORTURE_SSHD_SRV_IPV4 "127.0.0.10"
/* socket wrapper IPv6 prefix fd00::5357:5fxx */ /* socket wrapper IPv6 prefix fd00::5357:5fxx */
#define TORTURE_SSHD_SRV_IPV6 "fd00::5357:5f0a" #define TORTURE_SSHD_SRV_IPV6 "fd00::5357:5f0a"
@@ -1848,9 +1853,31 @@ __attribute__((weak)) int torture_run_tests(void)
} }
#endif /* defined(HAVE_WEAK_ATTRIBUTE) && defined(TORTURE_SHARED) */ #endif /* defined(HAVE_WEAK_ATTRIBUTE) && defined(TORTURE_SHARED) */
int main(int argc, char **argv) { /**
* Finalize the torture context. No-op except for OpenSSL or GSSAPI
*
* When OpenSSL is built without the at-exit handlers, it won't call the
* OPENSSL_cleanup() from destructor or at-exit handler, which means we need to
* do it manually in the tests.
*
* It is never a good idea to call this function from the library context as we
* can not be sure the libssh is really the last one using the OpenSSL.
*
* This needs to be called at the end of the main function or any time before
* any forked process (servers) exits.
*/
void torture_finalize(void)
{
#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
OPENSSL_cleanup();
#endif
}
int main(int argc, char **argv)
{
struct argument_s arguments; struct argument_s arguments;
char *env = getenv("LIBSSH_VERBOSITY"); char *env = getenv("LIBSSH_VERBOSITY");
int rv;
arguments.verbose=0; arguments.verbose=0;
arguments.pattern=NULL; arguments.pattern=NULL;
@@ -1868,5 +1895,9 @@ int main(int argc, char **argv) {
cmocka_set_test_filter(pattern); cmocka_set_test_filter(pattern);
#endif #endif
return torture_run_tests(); rv = torture_run_tests();
torture_finalize();
return rv;
} }

2
tests/torture.h
View File

@@ -178,4 +178,6 @@ int torture_change_dir(char *path);
void torture_setenv(char const* variable, char const* value); void torture_setenv(char const* variable, char const* value);
void torture_unsetenv(char const* variable); void torture_unsetenv(char const* variable);
void torture_finalize(void);
#endif /* _TORTURE_H */ #endif /* _TORTURE_H */

6
tests/unittests/torture_config.c
View File

@@ -2468,9 +2468,9 @@ static void torture_config_make_absolute_int(void **state, bool no_sshdir_fails)
char *home = NULL; char *home = NULL;
struct passwd *pw = getpwuid(getuid()); struct passwd *pw = getpwuid(getuid());
assert_non_null(pw); assert_non_null(pw);
user = pw->pw_name; user = strdup(pw->pw_name);
assert_non_null(user); assert_non_null(user);
home = pw->pw_dir; home = strdup(pw->pw_dir);
assert_non_null(home); assert_non_null(home);
#endif #endif
@@ -2528,6 +2528,8 @@ static void torture_config_make_absolute_int(void **state, bool no_sshdir_fails)
snprintf(h, 256 - 1, "/etc/ssh/~%s/.ssh/config.d/*.conf", user); snprintf(h, 256 - 1, "/etc/ssh/~%s/.ssh/config.d/*.conf", user);
assert_string_equal(result, h); assert_string_equal(result, h);
free(result); free(result);
free(home);
free(user);
#endif #endif
} }

52
tests/unittests/torture_threads_pki_rsa.c
View File

@@ -133,10 +133,9 @@ static int teardown(void **state) {
return 0; return 0;
} }
static int disable_secmem(void **state) static void
disable_secmem(void)
{ {
(void) state; /*unused*/
#if defined(HAVE_LIBGCRYPT) #if defined(HAVE_LIBGCRYPT)
/* gcrypt currently is configured to use only 4kB of locked secmem /* gcrypt currently is configured to use only 4kB of locked secmem
* (see ssh_crypto_init() in src/libcrypt.c) * (see ssh_crypto_init() in src/libcrypt.c)
@@ -145,23 +144,10 @@ static int disable_secmem(void **state)
* To avoid the expected warning, disable the secure memory. * To avoid the expected warning, disable the secure memory.
* */ * */
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
gcry_control(GCRYCTL_DISABLE_SECMEM); gcry_control(GCRYCTL_DISABLE_SECMEM);
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif #endif
return 0;
}
static int enable_secmem(void **state)
{
(void) state; /*unused*/
#if defined(HAVE_LIBGCRYPT)
/* Re-enable secmem */
gcry_control(GCRYCTL_INIT_SECMEM, 4096);
gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
#endif
return 0;
} }
static void *thread_pki_rsa_import_pubkey_file(void *threadid) static void *thread_pki_rsa_import_pubkey_file(void *threadid)
@@ -756,18 +742,21 @@ int torture_run_tests(void)
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_pubkey_file, cmocka_unit_test_setup_teardown(torture_pki_rsa_import_pubkey_file,
setup_rsa_key, setup_rsa_key,
teardown), teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64_NULL_key, cmocka_unit_test_setup_teardown(
setup_rsa_key, torture_pki_rsa_import_privkey_base64_NULL_key,
teardown), setup_rsa_key,
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64_NULL_str, teardown),
setup_rsa_key, cmocka_unit_test_setup_teardown(
teardown), torture_pki_rsa_import_privkey_base64_NULL_str,
setup_rsa_key,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64, cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64,
setup_rsa_key, setup_rsa_key,
teardown), teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_publickey_from_privatekey, cmocka_unit_test_setup_teardown(
setup_rsa_key, torture_pki_rsa_publickey_from_privatekey,
teardown), setup_rsa_key,
teardown),
cmocka_unit_test(torture_pki_rsa_import_privkey_base64_passphrase), cmocka_unit_test(torture_pki_rsa_import_privkey_base64_passphrase),
cmocka_unit_test_setup_teardown(torture_pki_rsa_copy_cert_to_privkey, cmocka_unit_test_setup_teardown(torture_pki_rsa_copy_cert_to_privkey,
setup_rsa_key, setup_rsa_key,
@@ -781,12 +770,8 @@ int torture_run_tests(void)
cmocka_unit_test_setup_teardown(torture_pki_rsa_duplicate_key, cmocka_unit_test_setup_teardown(torture_pki_rsa_duplicate_key,
setup_rsa_key, setup_rsa_key,
teardown), teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_generate_key, cmocka_unit_test(torture_pki_rsa_generate_key),
disable_secmem, cmocka_unit_test_setup_teardown(torture_mixed, setup_rsa_key, teardown),
enable_secmem),
cmocka_unit_test_setup_teardown(torture_mixed,
setup_rsa_key,
teardown),
}; };
/* /*
@@ -801,6 +786,7 @@ int torture_run_tests(void)
* If the library is statically linked, ssh_init() is not called * If the library is statically linked, ssh_init() is not called
* automatically * automatically
*/ */
disable_secmem();
ssh_init(); ssh_init();
torture_filter_tests(tests); torture_filter_tests(tests);
rc = cmocka_run_group_tests(tests, NULL, NULL); rc = cmocka_run_group_tests(tests, NULL, NULL);

46
tests/valgrind.supp
View File

@@ -248,23 +248,9 @@
Reachable memory from getaddrinfo Reachable memory from getaddrinfo
Memcheck:Leak Memcheck:Leak
match-leak-kinds: reachable match-leak-kinds: reachable
fun:malloc ...
fun:UnknownInlinedFun
fun:_dl_new_object
fun:_dl_map_object_from_fd
fun:_dl_map_object
fun:dl_open_worker_begin
fun:_dl_catch_exception
fun:dl_open_worker
fun:_dl_catch_exception
fun:_dl_open
fun:do_dlopen
fun:_dl_catch_exception
fun:_dl_catch_error
fun:dlerror_run
fun:__libc_dlopen_mode
fun:module_load
fun:__nss_module_get_function fun:__nss_module_get_function
...
fun:getaddrinfo fun:getaddrinfo
... ...
fun:krb5_sname_to_principal fun:krb5_sname_to_principal
@@ -285,7 +271,6 @@
fun:torture_run_tests fun:torture_run_tests
fun:main fun:main
} }
## libkrb5 ## libkrb5
# krb5_mcc_generate_new allocates a hashtab on a static global variable # krb5_mcc_generate_new allocates a hashtab on a static global variable
# It doesn't get freed. # It doesn't get freed.
@@ -298,3 +283,30 @@
... ...
fun:krb5_mcc_generate_new* fun:krb5_mcc_generate_new*
} }
{
Error string from acquire creds in krb5
Memcheck:Leak
match-leak-kinds: reachable
fun:malloc
...
fun:krb5_gss_save_error_string
fun:UnknownInlinedFun
fun:acquire_cred_context.isra.0
fun:acquire_cred_from.isra.0
fun:gss_add_cred_from
fun:gss_acquire_cred_from
...
fun:gss_acquire_cred
}
{
error string from gss init sec context
Memcheck:Leak
match-leak-kinds: reachable
fun:malloc
...
fun:krb5_gss_save_error_string
fun:UnknownInlinedFun
fun:krb5_gss_init_sec_context_ext
fun:krb5_gss_init_sec_context
fun:gss_init_sec_context
}