summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* security: fix for vulnerability CVE-2014-0017v0-5Aris Adamantiadis2014-03-044-1/+15
| | | | | | | | | | | | | When accepting a new connection, a forking server based on libssh forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id (getpid) to the PRNG state, which is not guaranteed to be unique. This can cause several children to end up with same PRNG state which is a security issue. Conflicts: src/bind.c
* tests: Add a sftp_read blocking test.Andreas Schneider2013-10-232-0/+83
|
* socket: Call data handler as long as handler takes data.Johannes Krude2013-10-061-4/+6
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Update ChangeLog.libssh-0.5.5Andreas Schneider2013-07-261-0/+7
|
* BUG 103: Disable proxy command if set to 'none'.Andreas Schneider2013-07-262-4/+26
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* client: Fix possible NULL pointer dereference.Andreas Schneider2013-07-261-2/+2
|
* kex: Fix a double free.Andreas Schneider2013-07-261-0/+1
|
* Check for NULL pointers in channels.cmilo2013-07-261-5/+37
|
* cmake: Set application version as package version.Andreas Schneider2013-07-261-3/+3
|
* BUG 103: Fix ProxyCommand parsing.Andreas Schneider2013-06-021-2/+21
|
* config: Rename ssh_config_get_str().Andreas Schneider2013-06-021-11/+11
|
* opts: Fix segfault in option parser.Andreas Schneider2013-06-021-3/+11
|
* cmake: Fix setting -D_FORTIFY_SOURCE=2.Andreas Schneider2013-06-021-4/+9
|
* poll: return error on poll() when pollset is emptyAris Adamantiadis2013-02-271-1/+1
| | | | (cherry picked from commit 222a0d78ca5c272ea109e847d62cf12674dd875f)
* Update version number to 0.5.5.Andreas Schneider2013-02-122-3/+3
|
* server: Fix typo in dh_handshake_server().Laurent Bigonville2013-02-051-1/+1
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Update to version 0.5.4.libssh-0.5.4Andreas Schneider2013-01-223-3/+8
|
* CVE-2013-0176: Fix a remote DoS if the client doesn't send a matching kex.Andreas Schneider2013-01-141-2/+11
| | | | Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
* options: Fix a free crash bug if we parse unknown options.Andreas Schneider2013-01-111-6/+8
| | | | Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
* channels1: Fix severa possible null pointer dereferences.Andreas Schneider2013-01-101-6/+59
| | | | (cherry picked from commit b811b89f57ec167612948e688d75015f85b9c8f4)
* Update ChangeLog.libssh-0.5.3Andreas Schneider2012-11-141-0/+15
|
* cmake: Bump version number.Andreas Schneider2012-11-142-3/+3
|
* CVE-2012-4561: Fix possible free's on invalid pointers.Andreas Schneider2012-11-141-0/+5
|
* CVE-2012-4561: Fix error handling of try_publickey_from_file().Andreas Schneider2012-11-141-6/+6
|
* CVE-2012-4559: Make sure we don't free name and longname twice on error.Andreas Schneider2012-11-141-10/+16
|
* CVE-2012-4559: Ensure that we don't free req twice.Andreas Schneider2012-11-141-1/+1
|
* CVE-2012-4559: Ensure we don't free blob or request twice.Andreas Schneider2012-11-141-0/+2
|
* CVE-2012-4560: Fix a write one past the end of 'buf'.Andreas Schneider2012-11-141-2/+3
|
* CVE-2012-4560: Fix a write one past the end of the 'u' buffer.Andreas Schneider2012-11-141-1/+1
|
* CVE-2012-4562: Fix possible string related integer overflows.Xi Wang2012-11-141-7/+18
|
* CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().Andreas Schneider2012-11-141-4/+9
| | | | | If needed is bigger than the highest power of two or a which fits in an integer we will loop forever.
* CVE-2012-4562: Fix multiple integer overflows in buffer-related functions.Xi Wang2012-11-141-5/+15
|
* CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().Xi Wang2012-11-141-0/+4
| | | | No exploit known, but it is better to check the string length.
* channels: Fix a possible infinite loop if the connection dropped.Andreas Schneider2012-10-221-1/+3
| | | | This fixes bug #85.
* channels1: Add missing request_state and set it to accepted.Andreas Schneider2012-10-221-0/+1
| | | | This fixes bug #88.
* auth1: Reset error state to no error.Andreas Schneider2012-10-221-0/+1
| | | | This fixes bug #89.
* session: Fix a possible use after free in ssh_free().Andreas Schneider2012-10-221-15/+19
| | | | | | | We need to cleanup the channels first cause we call ssh_channel_close() on the channels which still require a working socket and poll context. Thanks to sh4rm4!
* doc: Update copyright policy.Andreas Schneider2012-10-142-28/+198
|
* channel: Fix a possible null pointer dereference.Andreas Schneider2012-10-051-1/+6
| | | | (cherry picked from commit ceb8072b34a581eb72ed43f7f7ce78fd9b0ea708)
* channels: Fix a possible null pointer dereference.Andreas Schneider2012-10-051-1/+6
| | | | (cherry picked from commit 656fd60110b73b3fc56c8c407b12a68be7ca67ff)
* getpass: Fix a memory leak in ssh_gets() on error.Andreas Schneider2012-10-051-0/+1
| | | | (cherry picked from commit 6092596199e8ebfbbf6e6ba48b7ec6ca0d85fa13)
* sftp: Harden sftp_extension_supported() against null pointers.Andreas Schneider2012-10-051-2/+10
| | | | (cherry picked from commit 22f607649d7dc530df84b7b90781ce0b88153095)
* sftp: Fix a memory on error in sftp_opendir().Andreas Schneider2012-10-051-0/+1
| | | | (cherry picked from commit b5c4b090da254c1ad3689983b0cb999b09aa3394)
* misc: Don't leak memory on ssh_path_expand_escape() on error.Andreas Schneider2012-10-051-0/+4
| | | | (cherry picked from commit 61d032fc03e0055c859931f466bc75fbdf36385a)
* session: Fix a memory leak in ssh_new() on error.Andreas Schneider2012-10-051-0/+1
| | | | (cherry picked from commit 280ce3fe937c96899732814928c8ecfa9f9ae431)
* Fix regression in pre-connected socket setting.Werner Koch2012-09-213-8/+22
| | | | | | | | | | | * src/socket.c (ssh_socket_pollcallback): Factor some code out to ... (ssh_socket_set_connecting): New. * include/libssh/socket.h (ssh_socket_set_connecting): Add prototype. * src/client.c (ssh_connect): Use new function for a socket set by SSH_OPTIONS_FD. Signed-off-by: Werner Koch <wk@gnupg.org> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* build: Fix missing struct in_addr warning.Andreas Schneider2012-07-1713-0/+13
| | | | (cherry picked from commit 782b2e37c6a4e0254e2b596b9182043c5ebabd75)
* sftp: Fix bug in sftp_mkdir not returning on error.Andreas Schneider2012-07-171-0/+1
| | | | | resolves: #84 (cherry picked from commit a92c97b2e17715c1b3cdd693d14af6c3311d8e44)
* connect: Fix a build warning.Andreas Schneider2012-07-171-1/+1
| | | | (cherry picked from commit 8b8d9dc83af81dfaec22bbb6710083e79f00c470)
* session: Cleanup timeout functions and fix packets termination.rofl0r2012-01-023-34/+42
| | | | | | | | It is possible that we get unrelated packets while waiting for termination, thus waiting indefinitely. As a workaround we have to check the user-supplied timeout. Also cleaned up ssh_blocking_flush, which was using the timeout in a bogus manner (resetting the timeout after each check).
generated by cgit (git 2.34.1) at 2024-05-07 19:11:02 +0000