summaryrefslogtreecommitdiffstats
path: root/src/server.c
Commit message (Collapse)AuthorAgeFilesLines
* server: fix auth_interactive_request replyJon Simons2014-10-021-1/+1
| | | | | | | | Fix a missing 'buffer_pack' formatter in 'ssh_message_auth_interactive_request'. With this fix the 'examples/samplesshd-kbdint' program is working again for me. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* buffers: adapt server.c to ssh_buffer_(un)pack()Aris Adamantiadis2014-08-061-178/+108
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* kex: server fix for first_kex_packet_followsJon Simons2014-04-221-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Patch adjusted from original to ensure that client tests remain passing (ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit' only for the 'server_kex' case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Revert "kex: server fix for first_kex_packet_follows"Andreas Schneider2014-04-151-9/+0
| | | | | | The patch breaks the client with ECDSA. This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
* kex: server fix for first_kex_packet_followsJon Simons2014-04-101-0/+9
| | | | | | | | | | | | | | | | | | | | | Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: silence build warningLuka Perkov2014-03-121-0/+1
| | | | | | | | | | | | | | | The commit fixes this build warning: ==== src/server.c:223:8: warning: ‘privkey’ may be used uninitialized in this function [-Wmaybe-uninitialized] rc = ssh_pki_export_privkey_to_pubkey(*privkey, &pubkey); ^ src/server.c:243:11: note: ‘privkey’ was declared here ssh_key privkey; ==== Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src: Rename buffer_init to ssh_buffer_init().Andreas Schneider2014-01-191-3/+3
|
* update copyright informationAris Adamantiadis2014-01-071-1/+1
|
* server: Add a ssh_send_keepalive() function.Nicolas Viennot2013-11-241-0/+41
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: Fix malloc call.Andreas Schneider2013-11-091-1/+1
|
* kex: implement curve25519-sha256@libssh.orgAris Adamantiadis2013-09-271-0/+6
|
* src: Remove enter_function() and leave_function().Andreas Schneider2013-07-141-14/+5
|
* src: Migrate to SSH_LOG.Andreas Schneider2013-07-141-20/+20
|
* Server: fix rekeyingAris Adamantiadis2013-07-131-21/+25
|
* Doc: fix a few broken parametersAris Adamantiadis2013-07-131-2/+2
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: move message-specific call to ssh_*Aris Adamantiadis2013-07-131-17/+40
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: Fix a double free.Andreas Schneider2013-06-131-4/+1
|
* Fix an invalid strlen comparison in ssh_message_auth_reply_defaultAndrew Collins2012-12-191-1/+1
| | | | | | | | | During the transition to strncat in ssh_message_auth_reply_default, an invalid strlen comparison was added which causes the function to fail whenever it's called. Signed-off-by: Andrew Collins <bsderandrew@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* kex: Use getter functions to access kex arrays.Andreas Schneider2012-10-121-1/+1
| | | | This should fix the build on OpenIndiana.
* server: Use strncat instead of strcat.Andreas Schneider2012-10-121-4/+12
| | | | | | This is just hardening the code. Found by Coverity.
* server: Don't leak memory on calling ssh_string_from_char().Andreas Schneider2012-10-121-8/+32
| | | | | | Also check the return values. Found by Coverity.
* server: Fix for loop to free server methods.Andreas Schneider2012-10-121-1/+1
| | | | Found by Coverity.
* server: Removed unused variable keytype in the ecdsa case.Andreas Schneider2012-10-071-2/+0
|
* dh: Add support for diffie-hellman-group14-sha1.Dmitriy Kuznetsov2012-09-041-0/+1
|
* server: Add ecdsa hostkey support.Andreas Schneider2012-02-191-12/+43
|
* session: Use a struct for all options.Andreas Schneider2012-02-051-4/+4
|
* kex: Fix some build warnings.Andreas Schneider2011-11-101-2/+1
|
* Fix warningAris Adamantiadis2011-09-241-0/+1
|
* Fix bugs found by clangAris Adamantiadis2011-09-231-0/+2
|
* priv: Move kex functions to kex header.Andreas Schneider2011-09-181-1/+1
|
* priv: Move options and config prototypes to own header.Andreas Schneider2011-09-181-0/+1
|
* server: split dh_handsake_serverAris Adamantiadis2011-09-181-33/+44
|
* kex: moved KEX structures to ssh_crypto_structAris Adamantiadis2011-09-181-2/+2
|
* kex: have server_kex use the elected methodsAris Adamantiadis2011-09-181-1/+2
|
* kex: split key selection and sendingAris Adamantiadis2011-09-181-22/+37
|
* session: Use defines for ssh_handle_packets().Andreas Schneider2011-09-171-1/+1
|
* server: Fix some build warnings.Andreas Schneider2011-09-111-2/+2
|
* server: Fix compiler warning.Andreas Schneider2011-09-111-2/+3
|
* Update libssh to ssh_handle_packets_terminationAris Adamantiadis2011-09-021-15/+21
| | | | | | | | | | | cherry-picked from 0cb5248 Should resolve all timeout problems Conflicts: src/auth.c src/channels.c
* pki: Use consistent API for ssh_pki_export_privkey_to_pubkey().Andreas Schneider2011-08-301-2/+2
|
* pki: Use consistent API for ssh_pki_export_pubkey_blob().Andreas Schneider2011-08-301-4/+5
|
* keyfiles: Remove keyfiles.h.Andreas Schneider2011-08-281-1/+0
|
* auth: Prefix kbdint functions.Andreas Schneider2011-08-251-7/+7
|
* server: Fix a build warning.Andreas Schneider2011-08-231-1/+1
| | | | Thanks to Tom Judge.
* server: Migrate more functions to new pki.Andreas Schneider2011-08-221-10/+30
|
* server: Migrate hostkey check to new pki.Andreas Schneider2011-08-221-2/+4
|
* server: Use new pki infrastructure.Andreas Schneider2011-08-221-29/+30
|
* session: Fix timeout handling.rofl0r2011-08-061-1/+1
| | | | | -2 now means to use the timeout specified in options. It wasn't used earlier and poll only knows -1 and 0 anyway for special meanings.
* Fixes the ssh_log issue on ssh_bind handles.Aris Adamantiadis2011-07-191-2/+2
|
* Implemented X11 server sidemilo2011-04-141-0/+16
|
generated by cgit (git 2.34.1) at 2025-09-26 14:44:43 +0000