| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
Signed-off-by: Aris Adamantiadis <aris@badcode.be>
|
|
|
|
| |
Signed-off-by: Aris Adamantiadis <aris@badcode.be>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also consider the host key type at hand when computing whether a
'first_kex_packet_follows' packet matches the current server settings.
Without this change libssh may incorrectly believe that guessed
settings which match by kex algorithm alone fully match: the host
key types must also match. Observed when testing with dropbear
clients.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Return SSH_OK for the case that an incoming SSH_MSG_KEXDH_INIT should be
ignored. That is, for the case that the initial 'first_kex_packet_follows'
guess is incorrect. Before this change sessions served with libssh can be
observed to error out unexpectedly early when testing with dropbear clients
that send an incompatible guess.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
This fixes warnings for getaddrinfo() and freeaddrinfo().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #978660
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1032343
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1199454
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1296588
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
|
| |
CID: #1250106
This fixes a 1 byte output overflow for large key length (not reachable
in libssh). Pulled from OpenBSD BCrypt PBKDF implementation.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1238630
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1267977
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1278978
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1267980
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
| |
CID: #1267982
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
|
| |
This is an addition to CVE-2015-3146 to fix the null pointer
dereference. The patch is not required to fix the CVE but prevents
issues in future.
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
|
|
| |
The state validation in the packet handlers for SSH_MSG_NEWKEYS and
SSH_MSG_KEXDH_REPLY had a bug which did not raise an error.
The issue has been found and reported by Mariusz Ziule.
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
| |
Signed-off-by: Kevin Fan <kevinfan@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
|
| |
I've improved FindOpenSSL and FindZLIB in that version to work well with
Windows and Linux. This was 2011 it should be old enough that most
distributions have at least this version available.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
|
|
|
| |
We allocate them and also free them after the callback has been
executed.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|