summaryrefslogtreecommitdiffstats
path: root/include/libssh/session.h
Commit message (Collapse)AuthorAgeFilesLines
* server: Add support for ed25519 keys in the server.Aris Adamantiadis2015-02-021-1/+1
| | | | | Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: server fix for first_kex_packet_followsJon Simons2014-04-221-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Patch adjusted from original to ensure that client tests remain passing (ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit' only for the 'server_kex' case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Revert "kex: server fix for first_kex_packet_follows"Andreas Schneider2014-04-151-9/+0
| | | | | | The patch breaks the client with ECDSA. This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
* kex: server fix for first_kex_packet_followsJon Simons2014-04-101-0/+9
| | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Add session/channel byte/packet countersAudrius Butkevicius2014-02-121-0/+3
| | | | Signed-off-by: Audrius Butkevicius <audrius.butkevicius@elastichosts.com>
* server: allow custom server banners (bug #83)Aris Adamantiadis2014-02-011-0/+1
|
* options: Add SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS option.Simo Sorce2013-11-151-0/+1
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* options: Add SSH_OPTIONS_GSSAPI_CLIENT_IDENTITY option.Andreas Schneider2013-11-151-0/+1
|
* gssapi: Add suppport to set GSSAPI server identity.Andreas Schneider2013-11-151-0/+1
|
* session: Remove obsolete status variables.Andreas Schneider2013-09-161-3/+0
| | | | BUG: https://red.libssh.org/issues/121
* src: Remove enter_function() and leave_function().Andreas Schneider2013-07-141-1/+0
|
* auth: implement client-side gssapiAris Adamantiadis2013-07-131-1/+2
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* auth: adapt libssh to gssapi-with-mic serverAris Adamantiadis2013-07-131-0/+1
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* session: Introduce SSH_TIMEOUT_DEFAULTAris Adamantiadis2013-07-131-0/+5
| | | | | | | | | The default timeout of 30seconds is very nice when connecting to a new SSH session, however it completely breaks the synchronous blocking API. Use SSH_TIMEOUT_DEFAULT when in blocking mode so channel reads&write are blocking as expected Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Defined SSH server callbacks interfaceAris Adamantiadis2013-07-131-1/+1
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* include: Fix the LGPL header.Andreas Schneider2013-01-231-12/+11
| | | | | This has been reported by rpmlint: libssh-devel.x86_64: W: incorrect-fsf-address libssh.h
* Implement key re-exchangeAris Adamantiadis2012-12-231-0/+3
|
* server: Add ecdsa hostkey support.Andreas Schneider2012-02-191-0/+1
|
* session: Use a struct for all options.Andreas Schneider2012-02-051-17/+18
|
* priv: Move kex functions to kex header.Andreas Schneider2011-09-181-0/+1
|
* kex: moved KEX structures to ssh_crypto_structAris Adamantiadis2011-09-181-6/+0
|
* kex: split key selection and sendingAris Adamantiadis2011-09-181-0/+4
|
* auth: made keyboard-interactive nonblockingAris Adamantiadis2011-09-111-1/+3
|
* Auth: nonblocking ssh_userauth_pubkey_autoAris Adamantiadis2011-09-111-0/+1
|
* auth: Implement nonblocking ssh_auth_agentAris Adamantiadis2011-09-111-0/+1
|
* auth: different code for auth_agentAris Adamantiadis2011-09-111-0/+1
|
* Update libssh to ssh_handle_packets_terminationAris Adamantiadis2011-09-021-0/+5
| | | | | | | | | | | cherry-picked from 0cb5248 Should resolve all timeout problems Conflicts: src/auth.c src/channels.c
* channels: replaced bugged lists with ssh_listAris Adamantiadis2011-09-021-1/+1
| | | | | | | cherry-picked from 0aef5f Conflicts: src/session.c
* server: Migrate hostkey check to new pki.Andreas Schneider2011-08-221-1/+3
|
* server: Use new pki infrastructure.Andreas Schneider2011-08-221-2/+4
|
* Fixes the ssh_log issue on ssh_bind handles.Aris Adamantiadis2011-07-191-4/+9
|
* [crypto] initial support for ecdh-sha2-nistp256Aris Adamantiadis2011-06-131-1/+1
| | | | | Works with openssl Still requires work for libgcrypt and other modes
* Added ssh_userauth_[offer_]pubkey nonblocking ifaceAris Adamantiadis2011-02-121-1/+3
|
* Added the keyboard-interactive authentication methodmilo2011-02-101-1/+0
|
* ssh_auth_password made nonblockingAris Adamantiadis2011-01-161-1/+2
|
* Made ssh_userauth_none nonblockingAris Adamantiadis2011-01-161-1/+2
|
* Use termination functions for event pollingAris Adamantiadis2011-01-121-1/+8
|
* Non-blocking mode for ssh_connectAris Adamantiadis2011-01-101-0/+5
| | | | This looks ugly. I'll see if we need to revert or change that patch later.
* Change blocking parameter to a flagAris Adamantiadis2011-01-101-2/+6
|
* Added compression options and allow "yes/no" settingAris Adamantiadis2010-12-271-0/+1
| | | | SSH_OPTION_COMPRESSION and SSH_OPTION_COMPRESSION_LEVEL options have been added. Now, end-level apps may simply choose to enable compression without knowing the relevant algorithms behind it.
* Removed the global poll ctx in fav. of /session ctxAris Adamantiadis2010-10-121-1/+2
|
* server: Added an API entry for the message callback.Milo Jhoran2010-08-131-1/+2
| | | | Signed-off-by: Andreas Schneider <asn@cynapses.org>
* server: Fix missing socket close notification.milo2010-08-131-0/+2
| | | | Signed-off-by: Andreas Schneider <asn@cynapses.org>
* session: Added callback for the connection per session.milo2010-08-091-0/+1
| | | | Signed-off-by: Andreas Schneider <asn@cynapses.org>
* session: Fixed the type of the session dh_handshake_state.milo2010-08-091-2/+2
| | | | Signed-off-by: Andreas Schneider <asn@cynapses.org>
* options: Added option to bind a client to an ip address.Andreas Schneider2010-07-071-1/+1
| | | | Thanks to Donatello Boccaforno <donatello.boccaforno@gmail.com>.
* ssh_socket support for 2 fd + Proxyhost commandAris Adamantiadis2010-05-091-0/+1
|
* First experiment at trying to make libssh c89Aris Adamantiadis2010-04-071-3/+3
|
* Added support for StrictHostKeyChecking and UserKnownHostsFile parameters.Ruben Garcia Azuara2010-04-071-1/+1
| | | | | | | | | | | | | | | | Added OpenSSH parameters to libssh: - StrictHostKeyChecking - UserKnownHostsFile This parameters are useful to avoid checking the fingerprint. Eg: ~/.ssh/config: Host 192.10.20.30 StrictHostKeyChecking no UserKnownHostsFile /dev/null Signed-off-by: Ruben Garcia Azuara <rubenga@tid.es> Signed-off-by: Andreas Schneider <mail@cynapses.org>
* Fixed and added support for several identity files.Andreas Schneider2010-03-041-1/+1
|
generated by cgit (git 2.34.1) at 2025-08-30 00:57:56 +0000