summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* poll: Fix compilation with struct ssh_timestampv0-6Andreas Schneider2015-05-061-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit e0a73d3dbe909f8e2cb486ed344e5beb8148032e)
* buffers: Fix a possible null pointer dereferenceAris Adamantiadis2015-04-231-0/+8
| | | | | | | | | | This is an addition to CVE-2015-3146 to fix the null pointer dereference. The patch is not required to fix the CVE but prevents issues in future. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 309102547208281215e6799336b42d355cdd7c5d)
* CVE-2015-3146: Fix state validation in packet handlersAris Adamantiadis2015-04-232-9/+15
| | | | | | | | | | | The state validation in the packet handlers for SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY had a bug which did not raise an error. The issue has been found and reported by Mariusz Ziule. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit bf0c7ae0aeb0ebe661d11ea6785fff2cbf4f3dbe)
* Fix leak of sftp->ext when sftp_new() failsKevin Fan2015-04-141-0/+2
| | | | | | Signed-off-by: Kevin Fan <kevinfan@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit b5dc8197f78b6639ca75aa93d6c421c0181d0f32)
* include: We should use __func__ which is C99Andreas Schneider2015-04-021-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* Locally restart ssh_poll() upon EINTR.Seb Boving2015-02-231-1/+7
| | | | | | | BUG: https://red.libssh.org/issues/186 Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Sebastien Boving <seb@google.com>
* Sending EOF on Socket that received a Broken Pipe makes call to poll to hangxjoaalm2015-02-231-9/+18
| | | | | Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Joao Pedro Almeida Pereira <joao.almeida@blue-tc.com>
* sftp: fix endianess issueAris Adamantiadis2015-02-111-0/+1
|
* connect: Fix mingw build.Andreas Schneider2015-01-261-0/+4
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit a198193723b6a17668e95163df9a9de23f66b62f)
* sftp: Fix sftp_get_new_id().Andreas Schneider2015-01-211-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Make sure sig is not used unintialized.Andreas Schneider2015-01-201-1/+1
| | | | | | | BUG: https://red.libssh.org/issues/167 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 9a7d450098a4fc45ae3f0eb194218c51b133b3f9)
* sftp: Fix sftp endianess bugs.Andreas Schneider2015-01-201-20/+20
| | | | | | | | BUG: https://red.libssh.org/issues/179 This is a backport of 6019cf1bed63849e49174f9a51512a8b0fe84052. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* threads: Fix building with POSIX threads in MinGW.Andreas Schneider2015-01-201-1/+1
| | | | | | | | | | | | | | | | BUG: https://red.libssh.org/issues/181 Originally written by Patrick von Reth <vonreth () kde ! org>. This patch is part of the larger patch: https://projects.kde.org/projects/kdesupport/emerge/repository/revisions/master/changes/portage/win32libs/libssh/0002-add-a-way-to-test-ssh-connections-on-windows.patch MinGW (in particular, the MinGW-w64 fork) can use either posix threads or win32 threads. This patch fixes the MinGW build when using posix threads. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 433f8fd5502841279aae6f416c81bb70f42d1734)
* channels1: Fix pty request stateYanis Kurganov2015-01-201-1/+2
| | | | | | Signed-off-by: Yanis Kurganov <YKurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit c6590bd1893a600a04a0d87ff66e0dba838a7e7b)
* connect: Fix a memory leak.Andreas Schneider2015-01-141-0/+1
| | | | | | | | CID: #1238618 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit 06a0d8ff1cf017091788da045f958b532ca07be4)
* sftp: Fix a possible integer overflow.Andreas Schneider2015-01-141-2/+6
| | | | | | | | CID: #1238630 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit af0dd3fb0208bf7bded0533020682c65b94544eb)
* sftp: Use a declared variable for data len.Andreas Schneider2015-01-141-6/+7
| | | | | | | | CID: #1238632 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit ce02f6576aaa29ca6c1ccae010a0c2d4e37f26b2)
* Fix the dh.c build with libgcryptAris Adamantiadis2014-12-291-4/+7
| | | | | Fixes bug reported by gentoo at https://bugs.gentoo.org/show_bug.cgi?id=533424 The function was only used by EDCSA backend which are not supported by the libgcrypt code anyway.
* connect: Check that errno is 0 to fix Windows build.Andreas Schneider2014-12-251-1/+2
| | | | | | | Thanks to Viktor Butskih. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit e051135a0516f686456b9f3d089f91ded177ef1a)
* options: Fix setting the port.Andreas Schneider2014-12-255-9/+12
| | | | | | | Make sure we correctly read the port from the config file. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit bb18442fe8f58a483713eb2b988b3da9869ddf86)
* CVE-2014-8132: Fixup error path in ssh_packet_kexinit()Jon Simons2014-12-171-1/+6
| | | | | | | | | | Before this change, dangling pointers can be unintentionally left in the respective next_crypto kex methods slots. Ensure to set all slots to NULL in the error-out path. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 2ced24ddd67a261dc364ad4d8958c068c1671ae7)
* libcrypto: Fix Windows build with ssh_reseed().Andreas Schneider2014-12-171-0/+5
| | | | | | | | gettimeofday() is not available on Windows and we need it only in case of forking. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit b7b535816d5fa49b0d1783f4cb42086f4169b1da)
* cmake: Fix the build on Windows.Andreas Schneider2014-12-171-66/+68
| | | | (cherry picked from commit a738507ad24aa283c6af91fc2a5e8b35473d4c77)
* config: Also tokenize on equal sign.William Orr2014-12-171-1/+1
| | | | | | | | | The ssh config specifies it as a valid separator. BUG: https://red.libssh.org/issues/166 Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 52968b1a11a5e204daa75d1a0b388625b115f847)
* Set the correct error in ssh_options_set().Hani Benhabiles2014-12-051-2/+2
| | | | | | Signed-off-by: Hani Benhabiles <hani@linux.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 03095f1516b7f5b8b0d55f05fa9a39bae68ee8fe)
* messages: Fix a possible double free.Andreas Schneider2014-12-051-0/+1
| | | | | | Thanks to Ramana Gampa. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaksJon Simons2014-12-052-2/+11
| | | | | | | | | | | | | Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields. Fix a bug where the initial 'r' and 's' bignums were being overwritten with newly-allocated bignums, resulting in a memory leak. BUG: https://red.libssh.org/issues/175 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 4745d652b5e71c27fd891edfe690162c0b8d3005)
* connect: Do not fail if the connect is in progress.Andreas Schneider2014-10-281-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit a48711ae7ef890c94e2a824afb899df385c406ee)
* gssapi: ssh_gssapi_set_creds() is a client side functionStef Walter2014-10-121-2/+4
| | | | | | | | It should not be guarded by the WITH_SERVER #ifdef Signed-off-by: Stef Walter <stefw@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit cd2dc3770a49fc4487cbb0625003983e43520ec7)
* Check return code of connect(2).William Orr2014-10-121-1/+9
| | | | | | Signed-off-by: William Orr <will@worrbase.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 250f50648755415a138b1347a17a367ad384b66d)
* pki_gcrypt: Initialize 'type_c' in 'pki_do_sign_sessionid'Artyom V. Poptsov2014-10-021-0/+1
| | | | | | | | | | | | Add missing initialization of 'type_c' field of a SSH signature in 'pki_do_sign_sessionid' procedure. If libssh is compiled with GCrypt, 'dh_handshake_server' fails with "Could not sign the session id" error. The change fixes that. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit aaae6cd97d3b99061fcf5444d491895690fb4cde)
* crypto: check malloc return in ssh_mac_ctx_initJon Simons2014-10-022-2/+10
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit af25c5e668fa817521496ac2278127b516f219d3)
* wrapper: fix z_stream leakJon Simons2014-10-021-0/+3
| | | | | | | | | Ensure to free the z_stream structures as allocated from the gzip.c initcompress, initdecompress functions. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 092fe0b727399cd971709c16c030bc093ca54d87)
* string: Correctly burn the string buffer.Andreas Schneider2014-09-151-4/+5
| | | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit 1ddb99c46ffbeeac52f27a630b50670848b39e0c)
* session: fix ssh_session->srv.ecdsa_key leakJon Simons2014-05-281-0/+4
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Fix build without ECC support.Andreas Schneider2014-05-091-0/+5
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* pki: Move ssh_pki_key_ecdsa_name() to the correct file.Andreas Schneider2014-05-071-14/+0
|
* pki crypto: expose new ssh_pki_key_ecdsa_name APIJon Simons2014-05-071-0/+14
| | | | | | | | | | | | | Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a new 'ssh_pki_key_ecdsa_name' API. This gives more information than the 'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys. The motivation is that this info is useful to have in a server context. The torture_pki unit test is updated to include the new API, and a few more passes are added to additionally test 384 and 521-bit keys. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* messages: Add missing ntohl on X11 request screen numberAlan Dunn2014-05-061-1/+3
| | | | | | | BUG: https://red.libssh.org/issues/160 Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Correctly update the ECDSA keytype.Andreas Schneider2014-05-061-1/+8
| | | | (cherry picked from commit 2884bbf5b1bfe915160a1dc03eddbcd000555ec1)
* pki: Move ssh_pki_key_ecdsa_name() to the correct file.Andreas Schneider2014-05-061-0/+14
| | | | (cherry picked from commit f48a99b97c399174ad35b83a91df922f106ade13)
* pki: Make pki_key_ecdsa_nid_to_name() a shared function.Andreas Schneider2014-05-061-1/+1
| | | | (cherry picked from commit 11cfb2903eb319d32a2432a015c61506f50dc78b)
* doc: Improve docs for ssh_channel_get_exit_status().Andreas Schneider2014-04-221-0/+5
| | | | | BUG: https://red.libssh.org/issues/154 (cherry picked from commit adf23533e02d997118d1732f91abf9f116a47cec)
* channels: Fix exit-signal request.Andreas Schneider2014-04-221-3/+3
| | | | | BUG: https://red.libssh.org/issues/153 (cherry picked from commit 927cd90dc171b7e7a400ab8c1c9474f627e89167)
* session: Fix a memory leak with custom banner.Andreas Schneider2014-04-221-0/+1
| | | | | BUG: https://red.libssh.org/issues/152 (cherry picked from commit b5efbe75cd7b3881618940f9508b313222176bd8)
* packet: elide two buffer_prepend calls into oneJon Simons2014-03-271-8/+9
| | | | | | | | | | | | | | In packet_send2, rather than issue two separate buffer_prepend_data calls (each of which may entail realloc + memmove + memcpy), elide the prepend work into a single buffer_prepend_data: the header information is computed locally, and a single 5 byte prepend operation is now done instead of prepending 1, then 4 bytes. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit aa05248ca81e3bd9e949ad724d45518707446e2c) Conflicts: src/packet.c
* doc: Improve and consolidate ssh_bind_options_set docsAlan Dunn2014-03-271-48/+53
| | | | | | Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 47bd0b6d1f3176a4539c22741848d37b9357175b)
* channel: check for closed state in waitwindow loopsJon Simons2014-03-271-2/+4
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit dee8e5688b4395ee379fd7f36f4a488d57fd0d6c)
* kex: enable more ECDSA hostkey algosJon Simons2014-03-271-1/+1
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 40d81bb7cafe528639cb201e893ba62db1e813bf)
* pki_crypto: guard against NULL pubkey->rsa in signature extractionJon Simons2014-03-271-1/+7
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 10bc5ac203a428699508293f91faa460358ca6dc)
generated by cgit (git 2.34.1) at 2025-08-29 00:27:21 +0000