summaryrefslogtreecommitdiffstats
path: root/src/kex.c
Commit message (Collapse)AuthorAgeFilesLines
* kex: Add comments to #if clausesAndreas Schneider2015-06-241-6/+10
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 1d69e073af6a460eb00cc68869cde9caf7031856)
* kex: also compare host keys for 'first_kex_packet_follows'Jon Simons2015-05-051-21/+23
| | | | | | | | | | | | Also consider the host key type at hand when computing whether a 'first_kex_packet_follows' packet matches the current server settings. Without this change libssh may incorrectly believe that guessed settings which match by kex algorithm alone fully match: the host key types must also match. Observed when testing with dropbear clients. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: Add support for ed25519 on client connections.Aris Adamantiadis2015-02-021-4/+12
| | | | | Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: disable des-cbc-ssh1 by defaultAris Adamantiadis2015-01-261-4/+6
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* CVE-2014-8132: Fixup error path in ssh_packet_kexinit()Jon Simons2014-12-171-1/+6
| | | | | | | | | Before this change, dangling pointers can be unintentionally left in the respective next_crypto kex methods slots. Ensure to set all slots to NULL in the error-out path. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* buffer: adapt kex.c to new ssh_buffer_(un)pack()Aris Adamantiadis2014-08-061-11/+13
| | | | Reviewed-by: Andreas Schneider <asn@samba.org>
* kex: NULL checks for 'first_kex_packet_follows'Jon Simons2014-05-061-11/+17
| | | | | | | | Add NULL checks to 'is_first_kex_packet_follows_guess_wrong' to ensure that a 'strdup(NULL)' path can not be taken. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Add negotiation for SHA2 HMAC algorithmsDirkjan Bussink2014-04-221-4/+4
| | | | | | BUG: https://red.libssh.org/issues/91 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: server fix for first_kex_packet_followsJon Simons2014-04-221-64/+151
| | | | | | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Patch adjusted from original to ensure that client tests remain passing (ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit' only for the 'server_kex' case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Revert "kex: server fix for first_kex_packet_follows"Andreas Schneider2014-04-151-149/+64
| | | | | | The patch breaks the client with ECDSA. This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
* kex: server fix for first_kex_packet_followsJon Simons2014-04-101-64/+149
| | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: enable more ECDSA hostkey algosJon Simons2014-03-271-1/+1
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* knownhosts: resolve leaks found by coverityAris Adamantiadis2014-02-051-1/+3
|
* knownhosts: detect variations of ecdsaAris Adamantiadis2014-02-041-23/+49
|
* Kex: fix coverity warning + edge caseAris Adamantiadis2014-02-021-4/+8
|
* Knownhosts: implement hostkey with knownhosts heuristicAris Adamantiadis2014-02-011-1/+24
|
* src: Rename buffer_add_data() to ssh_buffer_add_data().Andreas Schneider2014-01-191-1/+1
|
* src: Rename buffer_init to ssh_buffer_init().Andreas Schneider2014-01-191-2/+2
|
* kex: implement curve25519-sha256@libssh.orgAris Adamantiadis2013-09-271-2/+12
|
* src: Remove enter_function() and leave_function().Andreas Schneider2013-07-141-16/+4
|
* src: Migrate to SSH_LOG.Andreas Schneider2013-07-141-4/+4
|
* kex: Fix a double free.Andreas Schneider2013-06-131-0/+1
|
* Implement key re-exchangeAris Adamantiadis2012-12-231-1/+4
|
* kex: Use getter functions to access kex arrays.Andreas Schneider2012-10-121-4/+20
| | | | This should fix the build on OpenIndiana.
* kex: Don't compare an array to null.Andreas Schneider2012-10-121-4/+4
| | | | Found by Coverity.
* kex: Fix supported methods index.Andreas Schneider2012-10-071-5/+4
|
* kex: Fix simpledes with gcrypt.Andreas Schneider2012-09-251-21/+21
|
* kex: Add simple DES support for SSHv1.Dmitriy Kuznetsov2012-09-071-0/+2
|
* dh: Add support for diffie-hellman-group14-sha1.Dmitriy Kuznetsov2012-09-041-2/+4
|
* session: Use a struct for all options.Andreas Schneider2012-02-051-1/+1
|
* pki: Make a strcmp better readable.Andreas Schneider2012-02-041-1/+1
|
* kex: Add support for ecdsa hostkeys.Andreas Schneider2012-02-041-2/+4
|
* kex: Add a define for the kex method size.Andreas Schneider2012-02-041-16/+19
|
* kex: Fix some build warnings.Andreas Schneider2011-11-101-1/+1
|
* build: Fix zlib support.Andreas Schneider2011-09-231-1/+1
|
* gzip: Fix zlib support.Andreas Schneider2011-09-181-1/+1
|
* priv: Move kex functions to kex header.Andreas Schneider2011-09-181-5/+5
|
* kex: moved KEX structures to ssh_crypto_structAris Adamantiadis2011-09-181-18/+19
|
* kex: split key selection and sendingAris Adamantiadis2011-09-181-42/+39
|
* kex: Fix includes.Andreas Schneider2011-09-111-4/+0
|
* kex: Split out SSHv1 functions to kex1.c.Andreas Schneider2011-09-101-436/+2
|
* kex: Move ssh_encrypt_rsa1 to SSHv1 kex code.Andreas Schneider2011-08-221-0/+66
|
* session: Fix timeout handling.rofl0r2011-08-061-2/+2
| | | | | -2 now means to use the timeout specified in options. It wasn't used earlier and poll only knows -1 and 0 anyway for special meanings.
* [crypto] initial support for ecdh-sha2-nistp256Aris Adamantiadis2011-06-131-3/+15
| | | | | Works with openssl Still requires work for libgcrypt and other modes
* Fix assertion with Visual Studio because of %zu.Andreas Schneider2011-04-151-1/+1
|
* All error path consistent with ssh_packet_kexinitAris Adamantiadis2011-01-101-4/+6
|
* Fix free() on uninitialized data on some cases.Aris Adamantiadis2010-12-191-2/+1
|
* Implemented zlib@openssh.com compressionAris Adamantiadis2010-10-041-1/+1
|
* misc: Rename libssh/ to src/Andreas Schneider2010-09-061-0/+835
generated by cgit (git 2.34.1) at 2025-08-29 06:13:31 +0000