Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Benchmarks: parse config files | Aris Adamantiadis | 2012-12-23 | 1 | -0/+1 |
| | |||||
* | Fix channel_write to wait during key reexchanges | Aris Adamantiadis | 2012-12-23 | 1 | -1/+20 |
| | |||||
* | Implement key re-exchange | Aris Adamantiadis | 2012-12-23 | 8 | -14/+48 |
| | |||||
* | BUG 82: Fix function names of ssh_forward_*. | Andreas Schneider | 2012-12-19 | 1 | -5/+5 |
| | |||||
* | doc: Fix forward function names. | Andreas Schneider | 2012-12-19 | 1 | -2/+2 |
| | |||||
* | Fix an invalid strlen comparison in ssh_message_auth_reply_default | Andrew Collins | 2012-12-19 | 1 | -1/+1 |
| | | | | | | | | | During the transition to strncat in ssh_message_auth_reply_default, an invalid strlen comparison was added which causes the function to fail whenever it's called. Signed-off-by: Andrew Collins <bsderandrew@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | string: Fix memory leak in ssh_string_to_char(). | Andreas Schneider | 2012-12-13 | 1 | -6/+6 |
| | | | | This was probably a mistake by me fixing up a patch after merging. | ||||
* | BUG 97: Fix strtoull() detection on serveral platforms. | Andreas Schneider | 2012-12-03 | 3 | -1/+21 |
| | |||||
* | BUG 96: Guard ntohll() and htonll prototypes correctly. | Andreas Schneider | 2012-12-03 | 3 | -1/+10 |
| | |||||
* | BUG 98: Use __attribute__ ((packed)) only with GCC. | Andreas Schneider | 2012-12-03 | 1 | -1/+1 |
| | |||||
* | BUG 97: Remove obsolete hsterror(). | Andreas Schneider | 2012-12-03 | 2 | -18/+1 |
| | | | | | | This function is pretty much obsolete on most platforms. The standard errno should be used. If it is not enough on Windows we should use WSAGetLastError() in future. | ||||
* | BUG 94: Fix big endian issue. | Andreas Schneider | 2012-12-03 | 1 | -3/+5 |
| | |||||
* | test: Try to fetch wrong values in buffer. | Aris Adamantiadis | 2012-11-27 | 1 | -0/+33 |
| | | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | priv: Add BURN_BUFFER macro and make sure it isn't optimzed out. | Andreas Schneider | 2012-11-23 | 1 | -2/+5 |
| | |||||
* | pki: Add a size limit for pubkey files. | Andreas Schneider | 2012-11-21 | 2 | -1/+3 |
| | |||||
* | CVE-2012-4559: Make sure we don't free name and longname twice on error. | Andreas Schneider | 2012-11-14 | 1 | -10/+16 |
| | |||||
* | CVE-2012-4559: Ensure that we don't free req twice. | Andreas Schneider | 2012-11-14 | 1 | -1/+1 |
| | |||||
* | CVE-2012-4560: Fix a write one past the end of 'buf'. | Andreas Schneider | 2012-11-14 | 1 | -2/+3 |
| | |||||
* | CVE-2012-4560: Fix a write one past the end of the 'u' buffer. | Andreas Schneider | 2012-11-14 | 1 | -1/+1 |
| | |||||
* | CVE-2012-4562: Fix a possible infinite loop in buffer_reinit(). | Andreas Schneider | 2012-11-14 | 1 | -4/+9 |
| | | | | | If needed is bigger than the highest power of two or a which fits in an integer we will loop forever. | ||||
* | CVE-2012-4562: Fix multiple integer overflows in buffer-related functions. | Xi Wang | 2012-11-14 | 1 | -5/+21 |
| | |||||
* | CVE-2012-4562: Fix possible integer overflows. | Xi Wang | 2012-11-14 | 1 | -2/+14 |
| | |||||
* | CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa(). | Xi Wang | 2012-11-14 | 1 | -0/+5 |
| | | | | No exploit known, but it is better to check the string length. | ||||
* | pki: Fix integer overflow in ssh_pki_import_privkey_file(). | Xi Wang | 2012-10-22 | 1 | -0/+5 |
| | | | | | If the file size is ULONG_MAX, the call to malloc() may allocate a small buffer, leading to a memory corruption. | ||||
* | channels: Fix integer overflow in generate_cookie(). | Xi Wang | 2012-10-22 | 1 | -1/+1 |
| | | | | | | Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is considered as arithmetic shift by gcc, could be negative, leading to out-of-bounds read. | ||||
* | channels1: Add missing request_state and set it to accepted. | Andreas Schneider | 2012-10-22 | 1 | -0/+1 |
| | | | | This fixes bug #88. | ||||
* | auth1: Reset error state to no error. | Andreas Schneider | 2012-10-22 | 1 | -0/+1 |
| | | | | This fixes bug #89. | ||||
* | session: Fix a possible use after free in ssh_free(). | Andreas Schneider | 2012-10-22 | 1 | -33/+54 |
| | | | | | | | We need to cleanup the channels first cause we call ssh_channel_close() on the channels which still require a working socket and poll context. Thanks to sh4rm4! | ||||
* | cmake: Set GNU compiler flags also for clang. | Andreas Schneider | 2012-10-22 | 1 | -2/+3 |
| | |||||
* | cmake: Add message if we build with static library. | Andreas Schneider | 2012-10-15 | 1 | -0/+1 |
| | |||||
* | doc: Update copyright policy. | Andreas Schneider | 2012-10-14 | 2 | -28/+198 |
| | |||||
* | options: Fix documentation of ssh_options_get_port(). | Andreas Schneider | 2012-10-14 | 1 | -1/+1 |
| | |||||
* | doc: Update doxygen config. | Andreas Schneider | 2012-10-14 | 1 | -134/+423 |
| | |||||
* | doc: Use the correct channel functions. | Andreas Schneider | 2012-10-14 | 1 | -5/+5 |
| | |||||
* | cmake: Add better check to detect -fvisibility=hidden. | Andreas Schneider | 2012-10-14 | 1 | -1/+6 |
| | |||||
* | kex: Use getter functions to access kex arrays. | Andreas Schneider | 2012-10-12 | 4 | -10/+25 |
| | | | | This should fix the build on OpenIndiana. | ||||
* | cmake: Fix building with gcrypt support. | Andreas Schneider | 2012-10-12 | 1 | -6/+9 |
| | |||||
* | tests: Add a valgrind suppression for getaddrino leak. | Andreas Schneider | 2012-10-12 | 1 | -0/+10 |
| | | | | https://bugzilla.redhat.com/show_bug.cgi?id=859717 | ||||
* | tests: Add a valgrind suppression for OPENSSL_cleanse(). | Andreas Schneider | 2012-10-12 | 1 | -0/+5 |
| | |||||
* | scp: Make sure buffer is initialzed. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 |
| | | | | Found by Coverity. | ||||
* | pki: Make sure the key_buf is null terminated. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 |
| | | | | Found by Coverity. | ||||
* | misc: Use a fixed buffer for getenv(). | Andreas Schneider | 2012-10-12 | 1 | -2/+8 |
| | |||||
* | poll: Fix sizeof in ssh_poll_ctx_resize(). | Andreas Schneider | 2012-10-12 | 1 | -2/+2 |
| | | | | | | | sizeof(ssh_poll_handle *) is to be equal to sizeof(ssh_poll_handle), but this is not a portable assumption. Found by Coverity. | ||||
* | legacy: Use snprintf instead of sprintf. | Andreas Schneider | 2012-10-12 | 1 | -2/+3 |
| | | | | Found by Coverity. | ||||
* | dh: Don't use strcat for ssh_get_hexa(). | Andreas Schneider | 2012-10-12 | 1 | -9/+8 |
| | | | | | | This is just hardening the code. Found by Coverity. | ||||
* | server: Use strncat instead of strcat. | Andreas Schneider | 2012-10-12 | 1 | -4/+12 |
| | | | | | | This is just hardening the code. Found by Coverity. | ||||
* | misc: Use strncpy instead of strcat. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 |
| | | | | | | This is just hardening the code. Found by Coverity. | ||||
* | pki: Fix a possible null pointer dereference. | Andreas Schneider | 2012-10-12 | 1 | -3/+3 |
| | | | | Found by Coverity. | ||||
* | messages: Fix memory leaks in user request callback. | Andreas Schneider | 2012-10-12 | 1 | -54/+41 |
| | |||||
* | connect: Don't leak the addressinfo on error. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 |
| |