| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| | |
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
| |
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
| |
That function permits chaining of buffer values to minimize buffer handling
in packet sending code.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
For some reason I got a segfault in gdb here. Make sure it works
correctly.
|
| |
|
|
|
| |
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| | |
|
| |
|
|
| |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
|
|
|
|
| |
Add NULL checks to 'is_first_kex_packet_follows_guess_wrong'
to ensure that a 'strdup(NULL)' path can not be taken.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
| |
BUG: https://red.libssh.org/issues/160
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Hani Benhabiles <hani@linux.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
BUG: https://red.libssh.org/issues/91
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
BUG: https://red.libssh.org/issues/91
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
BUG: https://red.libssh.org/issues/91
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
BUG: https://red.libssh.org/issues/91
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Gangadhar Sandrani <gangadhar.sandrani@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure to honor the 'first_kex_packet_follow' field when processing
KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now
libssh would assume that this field is always unset (zero). But
some clients may set this (dropbear at or beyond version 2013.57),
and it needs to be included when computing the session ID.
Also include logic for handling wrongly-guessed key exchange algorithms.
Save whether a client's guess is wrong in a new field in the session
struct: when set, the next KEX_DHINIT message to be processed will be
ignored per RFC 4253, 7.1.
While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to
use softabs with a 4 space indent level throughout, and also convert
various error-checking to store intermediate values into an explicit
'rc'.
Patch adjusted from original to ensure that client tests remain passing
(ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit'
only for the 'server_kex' case.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
| |
The patch breaks the client with ECDSA.
This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
|
| |
|
|
| |
BUG: https://red.libssh.org/issues/154
|
| |
|
|
| |
BUG: https://red.libssh.org/issues/153
|
| |
|
|
| |
BUG: https://red.libssh.org/issues/152
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure to honor the 'first_kex_packet_follow' field when processing
KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now
libssh would assume that this field is always unset (zero). But
some clients may set this (dropbear at or beyond version 2013.57),
and it needs to be included when computing the session ID.
Also include logic for handling wrongly-guessed key exchange algorithms.
Save whether a client's guess is wrong in a new field in the session
struct: when set, the next KEX_DHINIT message to be processed will be
ignored per RFC 4253, 7.1.
While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to
use softabs with a 4 space indent level throughout, and also convert
various error-checking to store intermediate values into an explicit
'rc'.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
| |
This reverts commit efe785e711e1fe8c66dc120b741d1e560ef556db.
We need a Signed-off version. I didn't have the Certificate of Origin
yet.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a
new 'ssh_pki_key_ecdsa_name' API. This gives more information than the
'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys.
The motivation is that this info is useful to have in a server context.
The torture_pki unit test is updated to include the new API, and a few
more passes are added to additionally test 384 and 521-bit keys.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSH_BIND_OPTIONS_HOSTKEY will now load host keys of any supported type
rather than set the algorithms that the server permits (which seems
like an unhelpful option anyway; it seems you can always control this
by just loading the right keys).
This option has slightly different semantics than the
SSH_BIND_OPTIONS_<x>KEY options because it requires the key file to
exist immediately rather than on ssh_bind_listen or
ssh_bind_accept_fd. The semantics of this option makes more sense to
me.
We also eliminate ssh_bind_options_set_algo, since it is no longer
used.
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| | |
|
| |
|
|
|
| |
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
|
|
|
|
|
| |
In packet_send2, rather than issue two separate buffer_prepend_data calls
(each of which may entail realloc + memmove + memcpy), elide the prepend
work into a single buffer_prepend_data: the header information is computed
locally, and a single 5 byte prepend operation is now done instead of
prepending 1, then 4 bytes.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
| |
|
|
|
| |
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
