summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* include: Add stdarg.h so we can check for va_copy macrov0-7Andreas Schneider2015-06-301-0/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Bump version to 0.7.1libssh-0.7.1Andreas Schneider2015-06-303-2/+9
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* SSH_AUTH_PARTIAL is now correctly passed to the caller of ↵Tilo Eckert2015-06-291-8/+7
| | | | | | | | | | ssh_userauth_publickey_auto(). Implicitly fixed unsafe return code handling that could result in use-after-free. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 0423057424ce5af157e56defb129ad0607953985)
* available auth_methods must be reset on partial authenticationTilo Eckert2015-06-291-1/+1
| | | | | | Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit cc25d747d45f139729f1728cc5dcbd1666709a4f)
* channels: Fix exit-signal data unpackingPeter Volpe2015-06-291-1/+1
| | | | | | Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 763735106564a3bff1ba9a3fece0dca58eec403f)
* agent: Add ssh_set_agent_socketPeter Volpe2015-06-292-3/+21
| | | | | | | | | Allow callers to specify their own socket for an ssh agent. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 7aeba71a92d5a2dcb606e94f95516b975242586c)
* Don't allocate a new identity list in the new session's options.Seb Boving2015-06-241-6/+0
| | | | | | | | | The previous list is not freed. Since the new session just got created, an identity list is already allocated and empty. Signed-off-by: Sebastien Boving <seb@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit e020dd8d5917c3c957b73211cecc618d9f0207cb)
* cmake: Do not use CMAKE_(SOURCE|BINARY)_DIRDouglas Heriot2015-06-245-7/+7
| | | | (cherry picked from commit a65af1b3b8a4ea50fd687b6583eac93e38cf4f3b)
* pki: Fix allocation of ed25519 public keysTiamo Laitakari2015-06-241-2/+2
| | | | | | Signed-off-by: Tiamo Laitakari <tiamo.laitakari@cs.helsinki.fi> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 5478de1a64251c3f7e19260e599045061136f2e9)
* Documentation fix where unsigned is used where signed is expectedJordy Moos2015-06-242-3/+3
| | | | | | Signed-off-by: Jordy Moos <jordymoos@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit fa9fbb1d670e1ee99ba8c5255c2d80ac699496e4)
* misc: Correctly guard the sys/time.h includeAndreas Schneider2015-06-242-3/+8
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit ef751a26d0cb746966aaee64cfb5d1a87efba535)
* include: Add support for older MSVC versionsAndreas Schneider2015-06-241-0/+4
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 30a7229fc5f147c9f39abfa9272546773f58678c)
* kex: Add comments to #if clausesAndreas Schneider2015-06-241-6/+10
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 1d69e073af6a460eb00cc68869cde9caf7031856)
* channels: fix exit-status not correctly setAris Adamantiadis2015-06-031-5/+3
|
* Comment that ssh_forward_cancel() is deprecated.Mike DePaulo2015-05-291-0/+1
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* Reintroduce ssh_forward_listen() (Fixes: #194)Mike DePaulo2015-05-291-0/+5
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* ChangeLog: Set release date for 0.7.0libssh-0.7.0Andreas Schneider2015-05-111-1/+1
|
* cpack: Use application version.Andreas Schneider2015-05-081-3/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Bump version to 0.7.0Andreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Update ChangeLogAndreas Schneider2015-05-061-1/+63
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Add suppression for openssl FIPS dlopen leakAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Ignore valgrind free bug on exitAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Migrate torture_keyfiles to testkey functionsAndreas Schneider2015-05-061-16/+31
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* torture: Move TORTURE_TESTKEY_PASSWORD to headerAndreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Fix memory leak in torture_server_x11 testAndreas Schneider2015-05-061-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* kex: also compare host keys for 'first_kex_packet_follows'Jon Simons2015-05-051-21/+23
| | | | | | | | | | | | Also consider the host key type at hand when computing whether a 'first_kex_packet_follows' packet matches the current server settings. Without this change libssh may incorrectly believe that guessed settings which match by kex algorithm alone fully match: the host key types must also match. Observed when testing with dropbear clients. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: return SSH_OK for ignored SSH_MSG_KEXDH_INIT caseJon Simons2015-05-051-0/+1
| | | | | | | | | | | Return SSH_OK for the case that an incoming SSH_MSG_KEXDH_INIT should be ignored. That is, for the case that the initial 'first_kex_packet_follows' guess is incorrect. Before this change sessions served with libssh can be observed to error out unexpectedly early when testing with dropbear clients that send an incompatible guess. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Only link against threading library if availableAndreas Schneider2015-05-051-10/+14
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add missing OpenSSL include directoryAndreas Schneider2015-05-051-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add --enable-stdcall-fixup for MinGW buildsAndreas Schneider2015-05-051-0/+4
| | | | | | This fixes warnings for getaddrinfo() and freeaddrinfo(). Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* include: Fix variadic macro issues with MSVCAndreas Schneider2015-05-051-1/+9
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Apply umask before calling mkstemp()Andreas Schneider2015-05-052-1/+8
| | | | | | CID: #978660 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* example: Fix a use after free in the scp exampleAndreas Schneider2015-05-051-0/+1
| | | | | | CID: #1032343 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* example: Check return value of ssh_get_fd()Andreas Schneider2015-05-051-2/+11
| | | | | | CID: #1199454 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* sftp: Fix size checkAndreas Schneider2015-05-051-5/+7
| | | | | | CID: #1296588 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Fix resetting the stateAndreas Schneider2015-05-041-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Make sure we burn buffers in bcryptAndreas Schneider2015-05-041-5/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Fix a possible buffer overrun in bcrypt_pbkdfAndreas Schneider2015-05-041-3/+9
| | | | | | | | | CID: #1250106 This fixes a 1 byte output overflow for large key length (not reachable in libssh). Pulled from OpenBSD BCrypt PBKDF implementation. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* sftp: Add bound check for sizeAndreas Schneider2015-05-041-1/+2
| | | | | | CID: #1238630 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* buffer: Cleanup vaargs in ssh_buffer_unpack_va()Andreas Schneider2015-05-041-0/+1
| | | | | | CID: #1267977 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* string: Improve ssh_string_len() to avoid tainted variablesAndreas Schneider2015-05-041-4/+11
| | | | | | CID: #1278978 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_container: Fix a memory leakAndreas Schneider2015-05-041-2/+9
| | | | | | CID: #1267980 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_container: Add check for return valueAndreas Schneider2015-05-041-1/+4
| | | | | | CID: #1267982 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Fix ctest default scriptAndreas Schneider2015-05-041-4/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add support for Address SanitizerAndreas Schneider2015-05-041-0/+7
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* config: Add missing HAVE_ARPA_INET_H defineAndreas Schneider2015-05-041-0/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* buffers: Fix a possible null pointer dereferenceAris Adamantiadis2015-04-231-0/+8
| | | | | | | | | This is an addition to CVE-2015-3146 to fix the null pointer dereference. The patch is not required to fix the CVE but prevents issues in future. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* CVE-2015-3146: Fix state validation in packet handlersAris Adamantiadis2015-04-232-9/+15
| | | | | | | | | | The state validation in the packet handlers for SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY had a bug which did not raise an error. The issue has been found and reported by Mariusz Ziule. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Fix leak of sftp->ext when sftp_new() failsKevin Fan2015-04-141-0/+2
| | | | | Signed-off-by: Kevin Fan <kevinfan@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Require cmake 2.8.5Andreas Schneider2015-04-101-1/+1
| | | | | | | | I've improved FindOpenSSL and FindZLIB in that version to work well with Windows and Linux. This was 2011 it should be old enough that most distributions have at least this version available. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
generated by cgit (git 2.34.1) at 2025-08-28 21:13:32 +0000