summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* pki: Fix a memory leak on error in ssh_pki_copy_cert_to_privkey()Andreas Schneider2015-09-091-0/+1
| | | | | | CID 1323516 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Fix a memory leak in pki_import_cert_buffer()Andreas Schneider2015-09-091-0/+1
| | | | CID #1323517
* tests: Fix return code of torture_initAndreas Schneider2015-09-091-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Add tests for the new ssh_pki cert functionsAxel Eppe2015-09-072-0/+169
| | | | | Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Add certificate loading functionsAxel Eppe2015-09-073-2/+123
| | | | | | | | | | | | | - ssh_pki_import_cert_base64() - ssh_pki_import_cert_file() - ssh_pki_import_cert_blob() Those functions are currently simple wrappers around their pubkey counterpart. - ssh_pki_copy_cert_to_privkey() This function copies the cert-specific data to a private key. Signed-off-by: Axel Eppe <aeppe@google.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Add Add new pki_import_cert_buffer functionAxel Eppe2015-09-071-0/+51
| | | | | Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Add rsa, dss certificate key type definitionsAxel Eppe2015-09-075-1/+28
| | | | | | | | - Add rsa/dsa (ssh-{rsa,dss}-cert-v01@openssh.com) as key types. - Add a cert_type member in the ssh_key struct. Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Migrate pkd_hello to new cmocka APIAndreas Schneider2015-09-071-19/+33
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Use the standard logging functionAndreas Schneider2015-09-077-112/+109
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Migrate to new cmocka APIAndreas Schneider2015-09-0726-275/+395
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Handle libssh threas library correctlyAndreas Schneider2015-09-075-10/+32
| | | | | | This should fix the build on Windows and would not install pkg files. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* bignum: Fix OpenSSL crash in SAFE_FREEMichael Wilder2015-09-071-0/+4
| | | | | Signed-off-by: Michael Wilder <wilder.michael@cimcor.com> Reviewed-by: Andreas Schneider <asn@samba.org>
* crypto: Add OpenSSL EVP functions for FIPS compatibilityMichael Wilder2015-09-072-150/+414
| | | | Signed-off-by: Michael Wilder <wilder.michael@cimcor.com>
* server: Fix return code check of ssh_buffer_pack()Andreas Schneider2015-08-181-1/+1
| | | | | | Thanks to Andreas Gutschick <andreas.gutschick@mitel.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* doc: Fix typos in sftp tutorialAndreas Schneider2015-08-181-2/+2
| | | | | | Thanks to Anthony Baker <AnthonyBaker@fico.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Add checks for ssh_key_is_private()Andreas Schneider2015-08-101-0/+30
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Fix return values of ssh_key_is_(public|private)Andreas Schneider2015-08-101-2/+2
| | | | | | Thanks to Kevin Haake <khaake@red-cocoa.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* sftp: Fix incorrect handling of received length fieldsTilo Eckert2015-08-011-7/+13
| | | | Signed-off-by: Tilo Eckert <tilo.eckert@flam.de>
* auth: Fix return status for ssh_userauth_agent()Peter Volpe2015-07-301-0/+5
| | | | | | | | | | BUG: https://red.libssh.org/issues/201 Return SSH_AUTH_DENIED instead of SSH_AUTH_ERROR when the provided agent offers no public keys. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* define our own platform-independent S_IF macrosTilo Eckert2015-07-302-24/+26
| | | | | Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* fix file mode checks in sftp_open()Tilo Eckert2015-07-301-8/+7
| | | | | Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* fix permissionsAris Adamantiadis2015-07-082-0/+0
|
* client: handle agent forward open requests with callbacksFabiano Fidêncio2015-07-074-1/+57
| | | | | Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Aris Adamantiadis <aris@badcode.be>
* cmake: Fix zlib include directoryAndreas Schneider2015-07-033-7/+7
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Fix OpenSSL detection in non-standard pathAndreas Schneider2015-07-031-6/+6
| | | | | | This should fix the detection on Windows. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Fail if can't find OpenSSL aes and des headersAndreas Schneider2015-07-031-17/+25
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* include: Add stdarg.h so we can check for va_copy macroAndreas Schneider2015-06-301-0/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* SSH_AUTH_PARTIAL is now correctly passed to the caller of ↵Tilo Eckert2015-06-291-8/+7
| | | | | | | | | ssh_userauth_publickey_auto(). Implicitly fixed unsafe return code handling that could result in use-after-free. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* available auth_methods must be reset on partial authenticationTilo Eckert2015-06-291-1/+1
| | | | | Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* channels: Fix exit-signal data unpackingPeter Volpe2015-06-291-1/+1
| | | | | Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* agent: Add ssh_set_agent_socketPeter Volpe2015-06-292-3/+21
| | | | | | | | Allow callers to specify their own socket for an ssh agent. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Don't allocate a new identity list in the new session's options.Seb Boving2015-06-241-6/+0
| | | | | | | | The previous list is not freed. Since the new session just got created, an identity list is already allocated and empty. Signed-off-by: Sebastien Boving <seb@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Do not use CMAKE_(SOURCE|BINARY)_DIRDouglas Heriot2015-06-245-7/+7
|
* pki: Fix allocation of ed25519 public keysTiamo Laitakari2015-06-241-2/+2
| | | | | Signed-off-by: Tiamo Laitakari <tiamo.laitakari@cs.helsinki.fi> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Documentation fix where unsigned is used where signed is expectedJordy Moos2015-06-242-3/+3
| | | | | Signed-off-by: Jordy Moos <jordymoos@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* misc: Correctly guard the sys/time.h includeAndreas Schneider2015-06-242-3/+8
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* include: Add support for older MSVC versionsAndreas Schneider2015-06-241-0/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* kex: Add comments to #if clausesAndreas Schneider2015-06-241-6/+10
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* channels: fix exit-status not correctly setAris Adamantiadis2015-06-031-5/+3
|
* Comment that ssh_forward_cancel() is deprecated.Mike DePaulo2015-05-291-0/+1
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* Reintroduce ssh_forward_listen() (Fixes: #194)Mike DePaulo2015-05-291-0/+5
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* cpack: Use application version.Andreas Schneider2015-05-081-3/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Bump version to 0.7.0Andreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Update ChangeLogAndreas Schneider2015-05-061-1/+63
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Add suppression for openssl FIPS dlopen leakAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Ignore valgrind free bug on exitAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Migrate torture_keyfiles to testkey functionsAndreas Schneider2015-05-061-16/+31
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* torture: Move TORTURE_TESTKEY_PASSWORD to headerAndreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Fix memory leak in torture_server_x11 testAndreas Schneider2015-05-061-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* kex: also compare host keys for 'first_kex_packet_follows'Jon Simons2015-05-051-21/+23
| | | | | | | | | | | | Also consider the host key type at hand when computing whether a 'first_kex_packet_follows' packet matches the current server settings. Without this change libssh may incorrectly believe that guessed settings which match by kex algorithm alone fully match: the host key types must also match. Observed when testing with dropbear clients. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
generated by cgit (git 2.34.1) at 2024-11-16 03:03:49 +0000