summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* include: Add support for older MSVC versionsAndreas Schneider2015-06-241-0/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* kex: Add comments to #if clausesAndreas Schneider2015-06-241-6/+10
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* channels: fix exit-status not correctly setAris Adamantiadis2015-06-031-5/+3
|
* Comment that ssh_forward_cancel() is deprecated.Mike DePaulo2015-05-291-0/+1
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* Reintroduce ssh_forward_listen() (Fixes: #194)Mike DePaulo2015-05-291-0/+5
| | | | Signed-off-by: Aris Adamantiadis <aris@badcode.be>
* cpack: Use application version.Andreas Schneider2015-05-081-3/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Bump version to 0.7.0Andreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Update ChangeLogAndreas Schneider2015-05-061-1/+63
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Add suppression for openssl FIPS dlopen leakAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* valgrind: Ignore valgrind free bug on exitAndreas Schneider2015-05-061-0/+12
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Migrate torture_keyfiles to testkey functionsAndreas Schneider2015-05-061-16/+31
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* torture: Move TORTURE_TESTKEY_PASSWORD to headerAndreas Schneider2015-05-062-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Fix memory leak in torture_server_x11 testAndreas Schneider2015-05-061-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* kex: also compare host keys for 'first_kex_packet_follows'Jon Simons2015-05-051-21/+23
| | | | | | | | | | | | Also consider the host key type at hand when computing whether a 'first_kex_packet_follows' packet matches the current server settings. Without this change libssh may incorrectly believe that guessed settings which match by kex algorithm alone fully match: the host key types must also match. Observed when testing with dropbear clients. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: return SSH_OK for ignored SSH_MSG_KEXDH_INIT caseJon Simons2015-05-051-0/+1
| | | | | | | | | | | Return SSH_OK for the case that an incoming SSH_MSG_KEXDH_INIT should be ignored. That is, for the case that the initial 'first_kex_packet_follows' guess is incorrect. Before this change sessions served with libssh can be observed to error out unexpectedly early when testing with dropbear clients that send an incompatible guess. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Only link against threading library if availableAndreas Schneider2015-05-051-10/+14
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add missing OpenSSL include directoryAndreas Schneider2015-05-051-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add --enable-stdcall-fixup for MinGW buildsAndreas Schneider2015-05-051-0/+4
| | | | | | This fixes warnings for getaddrinfo() and freeaddrinfo(). Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* include: Fix variadic macro issues with MSVCAndreas Schneider2015-05-051-1/+9
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Apply umask before calling mkstemp()Andreas Schneider2015-05-052-1/+8
| | | | | | CID: #978660 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* example: Fix a use after free in the scp exampleAndreas Schneider2015-05-051-0/+1
| | | | | | CID: #1032343 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* example: Check return value of ssh_get_fd()Andreas Schneider2015-05-051-2/+11
| | | | | | CID: #1199454 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* sftp: Fix size checkAndreas Schneider2015-05-051-5/+7
| | | | | | CID: #1296588 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Fix resetting the stateAndreas Schneider2015-05-041-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Make sure we burn buffers in bcryptAndreas Schneider2015-05-041-5/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Fix a possible buffer overrun in bcrypt_pbkdfAndreas Schneider2015-05-041-3/+9
| | | | | | | | | CID: #1250106 This fixes a 1 byte output overflow for large key length (not reachable in libssh). Pulled from OpenBSD BCrypt PBKDF implementation. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* sftp: Add bound check for sizeAndreas Schneider2015-05-041-1/+2
| | | | | | CID: #1238630 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* buffer: Cleanup vaargs in ssh_buffer_unpack_va()Andreas Schneider2015-05-041-0/+1
| | | | | | CID: #1267977 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* string: Improve ssh_string_len() to avoid tainted variablesAndreas Schneider2015-05-041-4/+11
| | | | | | CID: #1278978 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_container: Fix a memory leakAndreas Schneider2015-05-041-2/+9
| | | | | | CID: #1267980 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_container: Add check for return valueAndreas Schneider2015-05-041-1/+4
| | | | | | CID: #1267982 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* tests: Fix ctest default scriptAndreas Schneider2015-05-041-4/+4
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Add support for Address SanitizerAndreas Schneider2015-05-041-0/+7
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* config: Add missing HAVE_ARPA_INET_H defineAndreas Schneider2015-05-041-0/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* buffers: Fix a possible null pointer dereferenceAris Adamantiadis2015-04-231-0/+8
| | | | | | | | | This is an addition to CVE-2015-3146 to fix the null pointer dereference. The patch is not required to fix the CVE but prevents issues in future. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* CVE-2015-3146: Fix state validation in packet handlersAris Adamantiadis2015-04-232-9/+15
| | | | | | | | | | The state validation in the packet handlers for SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY had a bug which did not raise an error. The issue has been found and reported by Mariusz Ziule. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Fix leak of sftp->ext when sftp_new() failsKevin Fan2015-04-141-0/+2
| | | | | Signed-off-by: Kevin Fan <kevinfan@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Require cmake 2.8.5Andreas Schneider2015-04-101-1/+1
| | | | | | | | I've improved FindOpenSSL and FindZLIB in that version to work well with Windows and Linux. This was 2011 it should be old enough that most distributions have at least this version available. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Detect network function correctly on WindowsAndreas Schneider2015-04-101-11/+17
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* socket: Cleanup ssh_socket_close() code.Andreas Schneider2015-04-101-5/+6
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* bind: Correctly close sockets and invalidate them.Andreas Schneider2015-04-102-13/+11
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Require cmake version 2.8.0Andreas Schneider2015-04-104-334/+5
|
* cmake: Check for sys/param.h header fileAndreas Schneider2015-04-102-0/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Check for arpa/inet.h header fileAndreas Schneider2015-04-102-0/+3
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* external: Use standard int typesAndreas Schneider2015-04-104-84/+92
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* include: Do not make x11 variables constAndreas Schneider2015-04-021-2/+2
| | | | | | | We allocate them and also free them after the callback has been executed. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* messages: Don't leak memory after callback executionAndreas Schneider2015-04-021-0/+19
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* unittests: Fix memory leak in torture_pki_ed25519Andreas Schneider2015-04-021-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* poll: Fix compilation with struct ssh_timestampAndreas Schneider2015-04-021-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* cmake: Detect __func__ and __FUNCTION__ during configure stepAndreas Schneider2015-04-024-3/+25
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
generated by cgit (git 2.34.1) at 2024-06-12 19:39:52 +0000