summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* tests: Add port option to torture_ssh_sessionAlan Dunn2015-01-206-4/+12
| | | | | Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add libsshpp.hpp to the distributed headers list.Léo Peltier2015-01-201-0/+1
| | | | | | BUG: https://red.libssh.org/issues/163 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Make sure sig is not used unintialized.Andreas Schneider2015-01-201-1/+1
| | | | | | BUG: https://red.libssh.org/issues/167 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* examples: Use safer names for stdin, stdout, stderrWilliam Orr2015-01-201-20/+20
| | | | | | | | | | BUG: https://red.libssh.org/issues/168 On some platforms, like OpenBSD, stdin and friends are macros which break compilation of this struct. I've fixed these names such that it compiles and runs cleanly on OpenBSD Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* threads: Fix building with POSIX threads in MinGW.Andreas Schneider2015-01-201-1/+1
| | | | | | | | | | | | | | | BUG: https://red.libssh.org/issues/181 Originally written by Patrick von Reth <vonreth () kde ! org>. This patch is part of the larger patch: https://projects.kde.org/projects/kdesupport/emerge/repository/revisions/master/changes/portage/win32libs/libssh/0002-add-a-way-to-test-ssh-connections-on-windows.patch MinGW (in particular, the MinGW-w64 fork) can use either posix threads or win32 threads. This patch fixes the MinGW build when using posix threads. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* channels1: Fix pty request stateYanis Kurganov2015-01-201-1/+2
| | | | | Signed-off-by: Yanis Kurganov <YKurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Update README.CodingStyleAndreas Schneider2015-01-202-59/+354
|
* connect: Fix a memory leak.Andreas Schneider2015-01-141-0/+1
| | | | | | | CID: #1238618 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* sftp: Fix a possible integer overflow.Andreas Schneider2015-01-141-2/+6
| | | | | | | CID: #1238630 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* sftp: Use a declared variable for data len.Andreas Schneider2015-01-141-6/+7
| | | | | | | CID: #1238632 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* pkd: Make sure we do not pass -1 to close.Andreas Schneider2015-01-141-1/+3
| | | | | | | CID: #1245696 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* pkd: Check return value of pkd_run_tests().Andreas Schneider2015-01-141-0/+3
| | | | | | | CID: #1245697 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* sftp: Fix memory leak on realloc failureTobias Klauser2015-01-141-6/+9
| | | | | | | | | | If realloc of sftp->ext->name or sftp->ext->data fails, the memory previously allocated for the respective member is leaked. Fix this by storing the return value of realloc() in a temporary variable which only gets assigned to the respective sftp->ext member on success. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Fix ntohll and htonll macro detection.Andreas Schneider2015-01-131-2/+2
| | | | | | | | BUG: https://red.libssh.org/issues/164 Thanks to Ryan Schmidt! Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* doc: Fix a typo in curve25519-sha256@libssh.org.txtTobias Klauser2015-01-131-1/+1
| | | | | | | | Fix the typo 'stengths' -> 'strengths' and remove the trailing white space on the same line. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* doc: Fix link to curve25519-sha256@libssh.org spec.Andreas Schneider2015-01-061-1/+1
|
* doc: Fix a typo, blank lines and trailing spaces.Andreas Schneider2015-01-061-7/+7
|
* connect: Fix mingw build.Andreas Schneider2015-01-061-0/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* connect: Check that errno is 0 to fix Windows build.Andreas Schneider2014-12-251-1/+2
| | | | | | Thanks to Viktor Butskih. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* options: Fix setting the port.Andreas Schneider2014-12-255-9/+12
| | | | | | Make sure we correctly read the port from the config file. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* CVE-2014-8132: Fixup error path in ssh_packet_kexinit()Jon Simons2014-12-171-1/+6
| | | | | | | | | Before this change, dangling pointers can be unintentionally left in the respective next_crypto kex methods slots. Ensure to set all slots to NULL in the error-out path. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* libcrypto: Fix Windows build with ssh_reseed().Andreas Schneider2014-12-173-0/+9
| | | | | | | gettimeofday() is not available on Windows and we need it only in case of forking. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Fix config variable names.Andreas Schneider2014-12-171-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* config: Also tokenize on equal sign.William Orr2014-12-171-1/+1
| | | | | | | | The ssh config specifies it as a valid separator. BUG: https://red.libssh.org/issues/166 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_gcrypt: fix DSA signature extractionJon Simons2014-12-091-3/+29
| | | | | | | | | | | | | | | | | Fix DSA signature extraction for the LIBGCRYPT build. Here, the same fix that was applied to the LIBCRYPTO build for https://red.libssh.org/issues/144 is now adapted for pki_gcrypt. Additionally, ensure to set the resulting output sig_blob buffer before returning. Before this fix, one can observe the failure with the pkd test on a LIBGCRYPT build as so: # ./pkd_hello -i 1 -t torture_pkd_openssh_dsa_dsa_default After, runs of 10000 back-to-back iterations of the same test are passing. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_gcrypt: fix warnings for SSH_KEYTYPE_ED25519Jon Simons2014-12-091-0/+9
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* torture: fix warning for SSH_KEYTYPE_ED25519Jon Simons2014-12-091-0/+1
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* bignum: no-op make_string_bn_inplace for LIBGCRYPTJon Simons2014-12-091-1/+3
| | | | | | | | Disable the 'make_string_bn_inplace' helper function for the LIBGCRYPT build, rather than using '#error' to fail the build completely. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* doc: clarify tutorial error sectionDavide \"FunkyAss\" Del Zompo2014-12-051-5/+4
| | | | | Signed-off-by: Davide "FunkyAss" Del Zompo <davide.delzompo@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Set the correct error in ssh_options_set().Hani Benhabiles2014-12-051-2/+2
| | | | | Signed-off-by: Hani Benhabiles <hani@linux.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* session: add getter for kexalgoJon Simons2014-12-052-0/+30
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaksJon Simons2014-12-053-2/+12
| | | | | | | | | | | Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields. Fix a bug where the initial 'r' and 's' bignums were being overwritten with newly-allocated bignums, resulting in a memory leak. BUG: https://red.libssh.org/issues/175 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* connect: Do not fail if the connect is in progress.Andreas Schneider2014-10-151-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: fix pkd build breakagesJon Simons2014-10-154-3/+9
| | | | | | | | | Fix a build breakage when '-DWITH_SERVER=OFF' is set: skip building the pkd test for that case. Add some missing includes for the OpenIndiana and FreeBSD builds. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* gssapi: ssh_gssapi_set_creds() is a client side functionStef Walter2014-10-121-2/+4
| | | | | | | It should not be guarded by the WITH_SERVER #ifdef Signed-off-by: Stef Walter <stefw@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Check return code of connect(2).William Orr2014-10-121-1/+9
| | | | | Signed-off-by: William Orr <will@worrbase.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* tests: introduce pkd_helloJon Simons2014-10-1210-0/+1416
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki_gcrypt: Initialize 'type_c' in 'pki_do_sign_sessionid'Artyom V. Poptsov2014-10-021-0/+1
| | | | | | | | | | | Add missing initialization of 'type_c' field of a SSH signature in 'pki_do_sign_sessionid' procedure. If libssh is compiled with GCrypt, 'dh_handshake_server' fails with "Could not sign the session id" error. The change fixes that. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: fix auth_interactive_request replyJon Simons2014-10-021-1/+1
| | | | | | | | Fix a missing 'buffer_pack' formatter in 'ssh_message_auth_interactive_request'. With this fix the 'examples/samplesshd-kbdint' program is working again for me. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* ed25519: fix leak in pki_ed25519_signJon Simons2014-10-021-2/+2
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: check ssh_buffer_pack return in ssh_pki_do_signJon Simons2014-10-021-5/+10
| | | | | | | Check the 'ssh_buffer_pack' return in ssh_pki_do_sign for the ED25519 case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: fail when pubkey buffer length is not ED25519_PK_LENJon Simons2014-10-021-1/+5
| | | | | | | | | Fail fast in 'pki_import_pubkey_buffer' for the ED25519 case if a buffer sized ED25519_PK_LEN can not be retrieved. Before, the 'memcpy' could have read beyond the bounds of 'ssh_string_data(pubkey)'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* crypto: check malloc return in ssh_mac_ctx_initJon Simons2014-10-022-2/+10
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* wrapper: fix z_stream leakJon Simons2014-10-021-0/+3
| | | | | | | | Ensure to free the z_stream structures as allocated from the gzip.c initcompress, initdecompress functions. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* string: Correctly burn the string buffer.Andreas Schneider2014-09-151-4/+5
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
* ed25519: Generate, sign and verify keys.Aris2014-09-076-2/+460
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* crypto: Add ed25519 implementation from OpenSSH.Aris Adamantiadis2014-09-0712-1/+2507
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* base64: Use a secure buffer.Aris Adamantiadis2014-09-071-0/+5
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* buffer: Add a secure buffer mechanism to avoid memory spillsAris Adamantiadis2014-09-073-9/+43
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* buffer: Implement "t" for text in ssh_buffer_pack().Aris Adamantiadis2014-09-072-3/+11
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
generated by cgit (git 2.34.1) at 2025-08-31 07:10:24 +0000