libssh

shinys000114/libssh

Fork 0

mirror of https://git.libssh.org/projects/libssh.git synced 2026-03-24 20:40:09 +09:00

Commit Graph

Select branches

Hide Pull Requests

master

master-fix

stable-0.10

stable-0.11

stable-0.8

stable-0.9

v0-2

v0-3

v0-4

v0-5

v0-6

v0-7

libssh-0.10.0

libssh-0.10.2

libssh-0.10.3

libssh-0.10.4

libssh-0.10.5

libssh-0.10.6

libssh-0.11.0

libssh-0.11.1

libssh-0.11.2

libssh-0.11.3

libssh-0.11.4

libssh-0.12.0

libssh-0.5.1

libssh-0.5.2

libssh-0.5.3

libssh-0.5.4

libssh-0.5.5

libssh-0.6.0

libssh-0.6.1

libssh-0.6.3

libssh-0.6.4

libssh-0.6.5

libssh-0.7.0

libssh-0.7.1

libssh-0.7.2

libssh-0.7.3

libssh-0.7.4

libssh-0.7.5

libssh-0.7.6

libssh-0.7.7

libssh-0.8.0

libssh-0.8.1

libssh-0.8.2

libssh-0.8.3

libssh-0.8.4

libssh-0.8.5

libssh-0.8.6

libssh-0.8.7

libssh-0.8.8

libssh-0.8.9

libssh-0.9.0

libssh-0.9.1

libssh-0.9.2

libssh-0.9.3

libssh-0.9.4

libssh-0.9.5

libssh-0.9.6

libssh-0.9.7

libssh-0.9.8

release-0-3-0

release-0-3-1

release-0-3-2

release-0-3-3

release-0-3-4

release-0-4-0

release-0-4-1

release-0-4-2

release-0-4-3

release-0-4-4

release-0-4-5

release-0-4-6

release-0-4-7

release-0-4-8

release-0-5-0

f7cad4245a tests: reenable wait in torture_gssapi_server_key_exchange_null Pavol Žáčik 2025-12-03 10:35:36 +01:00
11c4b29e20 packet_cb: adjust response to NEWKEYS w.r.t. GSSAPI Pavol Žáčik 2025-12-18 19:37:22 +01:00
e04d753ace gssapi: add null checks for session->gssapi before using it Pavol Žáčik 2025-12-18 19:36:42 +01:00
06eea93ded packet: complete GSSAPI packet filter Pavol Žáčik 2025-12-02 14:47:12 +01:00
06edb2db5e options: replace SSH_OPTIONS_GSSAPI_KEY_EXCHANGE_ALGS example Pavol Žáčik 2025-12-02 10:04:30 +01:00
ced98d41cf doc: document support for gssapi-keyex and related KEX methods Pavol Žáčik 2025-12-02 10:02:30 +01:00
88c2ea6752 gssapi: Add support for ECDH GSSAPI KEX Pavol Žáčik 2025-11-25 11:52:48 +01:00
5fed1bc8be torture_packet: use SSH2_MSG_IGNORE type of test packet Pavol Žáčik 2025-12-01 15:16:56 +01:00
a30ba0091f libgcrypt: make bignum_dup usable with const_bignum Pavol Žáčik 2025-12-01 13:55:00 +01:00
ad23fe8c27 curve25519: Make ssh_curve25519_build_k public Pavol Žáčik 2025-11-26 16:04:48 +01:00
3710b31d24 session: Refactor ssh_get_publickey_hash Pavol Žáčik 2025-12-18 10:54:59 +01:00
2c5bb17211 md: Implement one-shot md5 Pavol Žáčik 2025-12-18 10:08:16 +01:00
83ae6b3f0a gssapi: reformat parts Jakub Jelen 2025-08-14 13:48:26 +02:00
06cefe1d67 packet: Implement packet filter for non-implemented GSSAPI messages Jakub Jelen 2025-08-14 13:47:59 +02:00
043b1fb133 Move GSSAPI KEX messages to be numerically sorted Jakub Jelen 2025-08-14 13:47:22 +02:00
f1490170f3 tests: add test for gssapi server key exchange with null hostkey and no tgt Gauravsingh Sisodia 2025-08-11 12:12:51 +00:00
4ba0746135 fix: some possible memory leaks Gauravsingh Sisodia 2025-08-11 11:58:43 +00:00
e94fd6ccd1 tests: add config tests for SSH_OPTIONS_GSSAPI_KEY_EXCHANGE Gauravsingh Sisodia 2025-08-08 11:49:36 +00:00
83114b636f fix: move ssh_gssapi_check_client_config() from ssh_options_set to ssh_options_apply Gauravsingh Sisodia 2025-08-08 11:48:38 +00:00
5a99cf9c7f refactor: remove extra else if branch for disable_hostkeys Gauravsingh Sisodia 2025-08-07 12:53:04 +00:00
213556ce01 reformat: some nits Gauravsingh Sisodia 2025-08-07 12:16:41 +00:00
5d06ee459b refactor: remove issue link from .gitlab-ci.yml Gauravsingh Sisodia 2025-08-04 05:49:04 +00:00
96807b9313 tests: add valgrind suppressions Gauravsingh Sisodia 2025-08-04 05:48:10 +00:00
6d81ecddbe fix: replace pthread_exit in gssapi tests Gauravsingh Sisodia 2025-07-29 09:12:52 +00:00
d0e5cf78d0 fix: use strcmp instead of strncmp to avoid prefix match Gauravsingh Sisodia 2025-07-28 10:23:14 +00:00
a0707afc3e reformat: gssapi key exchange Gauravsingh Sisodia 2025-07-14 06:04:04 +00:00
06b61f75fa feat: implement packet filter for SSH2_MSG_KEXGSS_COMPLETE Gauravsingh Sisodia 2025-07-13 10:00:28 +00:00
f9d7cadf4b fix: create fopen wrapper and block default hostkey paths Gauravsingh Sisodia 2025-03-17 18:36:42 +00:00
c1aab9903f feat: add null hostkey for server Gauravsingh Sisodia 2024-08-29 14:03:12 +00:00
fd1c3e8878 feat: test null hostkey on ci Gauravsingh Sisodia 2024-08-23 09:48:00 +00:00
d730b40b91 feat: add SSH2_MSG_KEXGSS_HOSTKEY support to client and server Gauravsingh Sisodia 2024-08-22 11:26:40 +00:00
9044fcdb52 feat: add "gssapi-keyex" for server Gauravsingh Sisodia 2024-08-15 07:11:20 +00:00
bc5211d055 feat: add gssapi key exchange Gauravsingh Sisodia 2024-07-17 05:49:24 +00:00
701a2155a7 tests: Improve test coverage of comparing certificates Jakub Jelen 2025-12-12 17:43:13 +01:00
38f3d158f6 pki: Fix comparing public key of certificate Jakub Jelen 2025-12-12 16:37:20 +01:00
0d5a2652b4 pki: Avoild false positive matches when comparing certificates in mbedtls and gcrypt Jakub Jelen 2025-12-12 16:36:43 +01:00
5c496acef7 pkd: Run openssh client with SK keys Jakub Jelen 2025-11-25 18:49:56 +01:00
3e074a3fba tests: Use standard way of setting cmake variables Jakub Jelen 2025-11-25 18:49:18 +01:00
98a844ceb2 tidy(unittests): zero-init config string pointers Samir Benmendil 2026-01-02 14:33:22 +00:00
ce45ba8c61 tests: suppress leaks from NSS modules Samir Benmendil 2025-12-22 17:44:56 +00:00
62c85a59a9 ssh_client: Return non-zero on config parsing failure Samir Benmendil 2025-12-22 11:55:34 +00:00
c4f1a70a89 connect: Support AddressFamily option Samir Benmendil 2025-12-15 19:16:15 +00:00
f52be27114 connect: Improve logging around the connection code Jakub Jelen 2025-12-16 17:23:09 +01:00
228208af5e Happy new year 2026! Jakub Jelen 2026-01-02 14:36:19 +01:00
163373c9d9 tests: Reproducer for missing value to LogLevel Jakub Jelen 2025-12-15 11:07:08 +01:00
e82677a923 config: Fix error paths of configuration parsing Jakub Jelen 2025-12-15 11:08:12 +01:00
79966eb924 fix : modify ssh_connector_free to accept NULL values Nikhil V 2025-12-06 11:19:17 +05:30
4feb0dd79d Improve doxygen documentation Nikhil V 2025-12-06 10:51:35 +05:30
f8d943afda Improve doxygen docs nikhil-nari 2025-12-01 17:53:58 +05:30
4bad7cc08f hybrid_mlkem: Convert ECDH shared secret to a fixed-size string Pavol Žáčik 2025-12-16 14:15:44 +01:00
3526e02dee use standard O_NONBLOCK naming Mike Frysinger 2025-11-08 23:13:35 -05:00
ecea5b6052 Support new '-o' option parsing to client abdallah elhdad 2025-11-19 12:28:31 +02:00
1833ce86f9 refactor auth options handler abdallah elhdad 2025-10-26 15:21:59 +03:00
3938e5e850 set log level when debug option is increased abdallah elhdad 2025-10-16 17:11:52 +03:00
dd80a56029 libcrypto.c: Use openssl const algorithm names Norbert Pocs 2025-12-02 14:26:16 +01:00
9d6df9d0fa ssh_known_hosts_get_algorithms: Simplify cleanup ... Jakub Jelen 2025-11-24 18:05:36 +01:00
ee180c660e server: Check strdup allocation failure Jakub Jelen 2025-11-24 17:51:06 +01:00
541cd39f14 zeroize sensitive buffers in ssh_sntrup761x25519_build_k abdallah elhdad 2025-11-21 18:36:48 +02:00
64f72ed55f Replace explicit_bzero with ssh_burn abdallah elhdad 2025-11-21 18:33:22 +02:00
0ef79018b3 kex: Implement remaining hybrid ML-KEM methods Pavol Žáčik 2025-11-18 13:36:25 +01:00
7911580304 ecdh: Factor out keypair generation Pavol Žáčik 2025-11-18 14:21:10 +01:00
e5108f2ffc docs: Use a modern doxygen theme Andreas Schneider 2025-11-21 14:29:22 +01:00
5ce4b65abb cmake: Add .cmake-format.yaml Andreas Schneider 2025-11-21 09:04:33 +01:00
b62675b435 chore(editorconfig): Put CMakeLists.txt in its own section Andreas Schneider 2025-11-21 17:45:20 +01:00
f333d95013 ci: Avoid repetitive definitions Jakub Jelen 2025-11-19 17:30:43 +01:00
92d0f8aba6 ci: Remove GSSAPI from minimal build Jakub Jelen 2025-11-19 17:29:34 +01:00
66460578b1 ci: Remove marco from the whitelist Jakub Jelen 2025-11-19 16:53:39 +01:00
b93db6c3d1 ci: Replace ad-hoc exports with variables Jakub Jelen 2025-11-19 15:53:36 +01:00
1c3143ff00 ci: Add cmocka.cfg to avoid false positives reports from csbuild Jakub Jelen 2025-11-19 15:46:29 +01:00
47305a2f72 docs(fido2): add FIDO2/U2F security key support chapter to documentation Praneeth Sarode 2025-10-30 22:37:32 +05:30
5bbaecfaa7 feat(pki): extend the sshsig API to support security keys along with tests Praneeth Sarode 2025-10-30 22:37:22 +05:30
6e5d0a935f tests(fido2): add tests for SK ECDSA and SK Ed25519 public key authentication Praneeth Sarode 2025-10-15 21:08:21 +05:30
5d4d9f8208 tests(rsa): add test for RSA key generation using the newer ssh_pki_generate_key API Praneeth Sarode 2025-10-15 21:08:01 +05:30
c128cf8807 tests(pki): add torture tests for pki_sk functions Praneeth Sarode 2025-10-23 22:31:46 +05:30
5937b5ba4e feat(torture_sk): add functions to validate security key signatures and to create PKI context Praneeth Sarode 2025-10-23 22:31:20 +05:30
1241a3a8c9 tests(fido2): add sk-dummy support to the testing infrastructure Praneeth Sarode 2025-10-23 22:24:39 +05:30
21d338737a tests(fido2): add sk key files to the testing infrastructure Praneeth Sarode 2025-08-17 02:14:38 +05:30
d91630308d pki: add security key identities to session options Praneeth Sarode 2025-08-22 19:23:40 +05:30
37f0e91814 feat(pki): add security key support with enrollment, signing, and resident key loading functions Praneeth Sarode 2025-09-20 19:34:41 +05:30
32a256e157 feat(pki): add ssh_key getters to retrieve security key flags, application, and user ID Praneeth Sarode 2025-09-20 19:31:40 +05:30
14bd26e71c feat(pki): add support for user ID in ssh_key structure Praneeth Sarode 2025-08-30 01:50:59 +05:30
97e71606e0 feat(pki): add ssh_pki_ctx to ssh_session Praneeth Sarode 2025-09-20 20:26:37 +05:30
d4b0de702b feat(pki): implement PKI context API Praneeth Sarode 2025-10-06 12:41:55 +05:30
acc080ac03 tests(fido2): add tests for the usb-hid security key callbacks Praneeth Sarode 2025-10-23 22:22:50 +05:30
e56af9fa79 feat(torture_sk): add validation functions for security key callback responses and resident keys Praneeth Sarode 2025-10-23 22:19:20 +05:30
c4b2bd34a8 feat(torture): add torture_get_sk_pin function to retrieve PIN from environment Praneeth Sarode 2025-09-25 03:56:01 +05:30
50ee6411f2 fido2: implement the default sk_callbacks for FIDO2/U2F keys using the usb-hid protocol Praneeth Sarode 2025-08-17 01:56:25 +05:30
c1dd30b47b fido2: add helper functions for writing FIDO2/U2F callbacks Praneeth Sarode 2025-07-05 18:39:12 +05:30
8ba9e931e8 fido2: declare callbacks for sk operations Praneeth Sarode 2025-07-05 17:54:36 +05:30
eda5c6576b tests(torture_sk): validate sk_flags against allowed security key flags Praneeth Sarode 2025-08-19 19:19:43 +05:30
302d868875 fido2: add sk_api.h Praneeth Sarode 2025-05-27 10:00:19 +05:30
7db75e8fd0 ci: enable FIDO2/U2F support in some images Praneeth Sarode 2025-07-05 17:25:50 +05:30
ebe632cf8f cmake: add build option to enable FIDO2/U2F support Praneeth Sarode 2025-07-05 17:05:24 +05:30
150d606db7 cmake: add cmake module to find libfido2 Praneeth Sarode 2025-07-05 17:00:00 +05:30
63fbf00efe pki: Use constant for minimal RSA key size in FIPS Jakub Jelen 2025-11-06 16:24:16 +01:00
ae33ced0dc coverage: Ignore parse errors again Jakub Jelen 2025-11-06 14:13:20 +01:00
ee6e2c69e1 Bump minimal RSA key size to 1024 Jakub Jelen 2025-11-06 10:18:28 +01:00
cefc4f8c97 pkd: Run tests with ecdsa and ed25519 keys with dropbear Jakub Jelen 2025-11-05 17:28:21 +01:00
b64e7f67d3 pkd: Run ed25519 tests with dropbear Jakub Jelen 2025-11-05 16:48:20 +01:00
491cd81a32 kex: Place PQC KEX methods first Jakub Jelen 2025-11-05 15:21:49 +01:00

1 2 3 4 5 ...