summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* channels1: Fix pty request stateYanis Kurganov2015-01-201-1/+2
| | | | | | Signed-off-by: Yanis Kurganov <YKurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit c6590bd1893a600a04a0d87ff66e0dba838a7e7b)
* connect: Fix a memory leak.Andreas Schneider2015-01-141-0/+1
| | | | | | | | CID: #1238618 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit 06a0d8ff1cf017091788da045f958b532ca07be4)
* sftp: Fix a possible integer overflow.Andreas Schneider2015-01-141-2/+6
| | | | | | | | CID: #1238630 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit af0dd3fb0208bf7bded0533020682c65b94544eb)
* sftp: Use a declared variable for data len.Andreas Schneider2015-01-141-6/+7
| | | | | | | | CID: #1238632 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit ce02f6576aaa29ca6c1ccae010a0c2d4e37f26b2)
* Fix the dh.c build with libgcryptAris Adamantiadis2014-12-291-4/+7
| | | | | Fixes bug reported by gentoo at https://bugs.gentoo.org/show_bug.cgi?id=533424 The function was only used by EDCSA backend which are not supported by the libgcrypt code anyway.
* connect: Check that errno is 0 to fix Windows build.Andreas Schneider2014-12-251-1/+2
| | | | | | | Thanks to Viktor Butskih. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit e051135a0516f686456b9f3d089f91ded177ef1a)
* options: Fix setting the port.Andreas Schneider2014-12-255-9/+12
| | | | | | | Make sure we correctly read the port from the config file. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit bb18442fe8f58a483713eb2b988b3da9869ddf86)
* CVE-2014-8132: Fixup error path in ssh_packet_kexinit()Jon Simons2014-12-171-1/+6
| | | | | | | | | | Before this change, dangling pointers can be unintentionally left in the respective next_crypto kex methods slots. Ensure to set all slots to NULL in the error-out path. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 2ced24ddd67a261dc364ad4d8958c068c1671ae7)
* libcrypto: Fix Windows build with ssh_reseed().Andreas Schneider2014-12-171-0/+5
| | | | | | | | gettimeofday() is not available on Windows and we need it only in case of forking. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit b7b535816d5fa49b0d1783f4cb42086f4169b1da)
* cmake: Fix the build on Windows.Andreas Schneider2014-12-171-66/+68
| | | | (cherry picked from commit a738507ad24aa283c6af91fc2a5e8b35473d4c77)
* config: Also tokenize on equal sign.William Orr2014-12-171-1/+1
| | | | | | | | | The ssh config specifies it as a valid separator. BUG: https://red.libssh.org/issues/166 Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 52968b1a11a5e204daa75d1a0b388625b115f847)
* Set the correct error in ssh_options_set().Hani Benhabiles2014-12-051-2/+2
| | | | | | Signed-off-by: Hani Benhabiles <hani@linux.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 03095f1516b7f5b8b0d55f05fa9a39bae68ee8fe)
* messages: Fix a possible double free.Andreas Schneider2014-12-051-0/+1
| | | | | | Thanks to Ramana Gampa. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
* pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaksJon Simons2014-12-052-2/+11
| | | | | | | | | | | | | Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields. Fix a bug where the initial 'r' and 's' bignums were being overwritten with newly-allocated bignums, resulting in a memory leak. BUG: https://red.libssh.org/issues/175 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 4745d652b5e71c27fd891edfe690162c0b8d3005)
* connect: Do not fail if the connect is in progress.Andreas Schneider2014-10-281-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit a48711ae7ef890c94e2a824afb899df385c406ee)
* gssapi: ssh_gssapi_set_creds() is a client side functionStef Walter2014-10-121-2/+4
| | | | | | | | It should not be guarded by the WITH_SERVER #ifdef Signed-off-by: Stef Walter <stefw@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit cd2dc3770a49fc4487cbb0625003983e43520ec7)
* Check return code of connect(2).William Orr2014-10-121-1/+9
| | | | | | Signed-off-by: William Orr <will@worrbase.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 250f50648755415a138b1347a17a367ad384b66d)
* pki_gcrypt: Initialize 'type_c' in 'pki_do_sign_sessionid'Artyom V. Poptsov2014-10-021-0/+1
| | | | | | | | | | | | Add missing initialization of 'type_c' field of a SSH signature in 'pki_do_sign_sessionid' procedure. If libssh is compiled with GCrypt, 'dh_handshake_server' fails with "Could not sign the session id" error. The change fixes that. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit aaae6cd97d3b99061fcf5444d491895690fb4cde)
* crypto: check malloc return in ssh_mac_ctx_initJon Simons2014-10-022-2/+10
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit af25c5e668fa817521496ac2278127b516f219d3)
* wrapper: fix z_stream leakJon Simons2014-10-021-0/+3
| | | | | | | | | Ensure to free the z_stream structures as allocated from the gzip.c initcompress, initdecompress functions. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 092fe0b727399cd971709c16c030bc093ca54d87)
* string: Correctly burn the string buffer.Andreas Schneider2014-09-151-4/+5
| | | | | | Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be> (cherry picked from commit 1ddb99c46ffbeeac52f27a630b50670848b39e0c)
* session: fix ssh_session->srv.ecdsa_key leakJon Simons2014-05-281-0/+4
| | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Fix build without ECC support.Andreas Schneider2014-05-091-0/+5
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* pki: Move ssh_pki_key_ecdsa_name() to the correct file.Andreas Schneider2014-05-071-14/+0
|
* pki crypto: expose new ssh_pki_key_ecdsa_name APIJon Simons2014-05-071-0/+14
| | | | | | | | | | | | | Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a new 'ssh_pki_key_ecdsa_name' API. This gives more information than the 'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys. The motivation is that this info is useful to have in a server context. The torture_pki unit test is updated to include the new API, and a few more passes are added to additionally test 384 and 521-bit keys. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* messages: Add missing ntohl on X11 request screen numberAlan Dunn2014-05-061-1/+3
| | | | | | | BUG: https://red.libssh.org/issues/160 Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* pki: Correctly update the ECDSA keytype.Andreas Schneider2014-05-061-1/+8
| | | | (cherry picked from commit 2884bbf5b1bfe915160a1dc03eddbcd000555ec1)
* pki: Move ssh_pki_key_ecdsa_name() to the correct file.Andreas Schneider2014-05-061-0/+14
| | | | (cherry picked from commit f48a99b97c399174ad35b83a91df922f106ade13)
* pki: Make pki_key_ecdsa_nid_to_name() a shared function.Andreas Schneider2014-05-061-1/+1
| | | | (cherry picked from commit 11cfb2903eb319d32a2432a015c61506f50dc78b)
* doc: Improve docs for ssh_channel_get_exit_status().Andreas Schneider2014-04-221-0/+5
| | | | | BUG: https://red.libssh.org/issues/154 (cherry picked from commit adf23533e02d997118d1732f91abf9f116a47cec)
* channels: Fix exit-signal request.Andreas Schneider2014-04-221-3/+3
| | | | | BUG: https://red.libssh.org/issues/153 (cherry picked from commit 927cd90dc171b7e7a400ab8c1c9474f627e89167)
* session: Fix a memory leak with custom banner.Andreas Schneider2014-04-221-0/+1
| | | | | BUG: https://red.libssh.org/issues/152 (cherry picked from commit b5efbe75cd7b3881618940f9508b313222176bd8)
* packet: elide two buffer_prepend calls into oneJon Simons2014-03-271-8/+9
| | | | | | | | | | | | | | In packet_send2, rather than issue two separate buffer_prepend_data calls (each of which may entail realloc + memmove + memcpy), elide the prepend work into a single buffer_prepend_data: the header information is computed locally, and a single 5 byte prepend operation is now done instead of prepending 1, then 4 bytes. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit aa05248ca81e3bd9e949ad724d45518707446e2c) Conflicts: src/packet.c
* doc: Improve and consolidate ssh_bind_options_set docsAlan Dunn2014-03-271-48/+53
| | | | | | Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 47bd0b6d1f3176a4539c22741848d37b9357175b)
* channel: check for closed state in waitwindow loopsJon Simons2014-03-271-2/+4
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit dee8e5688b4395ee379fd7f36f4a488d57fd0d6c)
* kex: enable more ECDSA hostkey algosJon Simons2014-03-271-1/+1
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 40d81bb7cafe528639cb201e893ba62db1e813bf)
* pki_crypto: guard against NULL pubkey->rsa in signature extractionJon Simons2014-03-271-1/+7
| | | | | | Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 10bc5ac203a428699508293f91faa460358ca6dc)
* session: fix comment typoLuka Perkov2014-03-271-1/+1
| | | | | | Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 8ba94022824dadfec2b6650324a06106abaeac13)
* messages: use predefined macro for clearing sensitive dataLuka Perkov2014-03-271-2/+1
| | | | | | Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit a2fe341da558d27c348d55b1fbf9824f42ff2432)
* client: fix corner case when sockets are manually createdLuka Perkov2014-03-271-1/+4
| | | | | | | | | | | If the sockets are created manually and passed to libssh the internal session state is set to SSH_SESSION_STATE_SOCKET_CONNECTED. Result of this fix can be verified by running torture_connect test (torture_connect_socket) with -vvvv flags. Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit dbb2de272b57c7327204adb7b7bdef5c98bfbfd6)
* pki_crypto: Replace deprecated RSA_generate_key() with RSA_generate_key_ex()Petar Koretic2014-03-271-4/+14
| | | | | | | | | | | | | | | | | | On Mar 16, 09:41, Aris Adamantiadis wrote: > Hi Petar, > I agree with the principle, but I don't think this code can work... > RSA_generate_key takes an RSA* as parameter and in our code we probably > have key->rsa==NULL. (if we don't then the old code had a memory leak). > > Does the test case work ? > > Aris > Yes, you are right. This works, tested with tests/unittests/torture_pki Signed-off-by: Petar Koretic <petar.koretic@sartura.hr> (cherry picked from commit 0b8d24f800bae5f4f86c0eaca41c609f40d7baef)
* doc: Add ECDSA keys to docs, make key docs consistentAlan Dunn2014-03-271-1/+4
| | | | | | Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit f6276fe73940dd35bbd4f95d3cf902bcf69f23f3)
* options: Allow use of host ECDSA keyAlan Dunn2014-03-271-23/+31
| | | | | | Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 2a1089d6079c14da8d24c996402e24a689a9f5d3)
* pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keysAlan Dunn2014-03-121-2/+2
| | | | | | BUG: https://red.libssh.org/issues/147 Signed-off-by: Alan Dunn <amdunn@gmail.com>
* pki: Use SHA-2 for session ID signing with ECDSA keysAlan Dunn2014-03-121-12/+42
| | | | | | | | | Previously, SHA-1 was used always. BUG: https://red.libssh.org/issues/148 Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* server: silence build warningLuka Perkov2014-03-121-0/+1
| | | | | | | | | | | | | | | The commit fixes this build warning: ==== src/server.c:223:8: warning: ‘privkey’ may be used uninitialized in this function [-Wmaybe-uninitialized] rc = ssh_pki_export_privkey_to_pubkey(*privkey, &pubkey); ^ src/server.c:243:11: note: ‘privkey’ was declared here ssh_key privkey; ==== Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* packet: log disconnect code in host byte orderJon Simons2014-03-121-13/+19
| | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* bind: only set bindfd after successful listenJon Simons2014-03-121-1/+2
| | | | | | | | In 'ssh_bind_listen', move setting of 'sshbind->bindfd' to only happen after the listen call: otherwise 'bindfd' can be set to a bogus descriptor for the case that listen fails. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* security: fix for vulnerability CVE-2014-0017Aris Adamantiadis2014-03-043-0/+14
| | | | | | | | | | When accepting a new connection, a forking server based on libssh forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id (getpid) to the PRNG state, which is not guaranteed to be unique. This can cause several children to end up with same PRNG state which is a security issue.
* pki: Fix the build on OpenSolaris.Andreas Schneider2014-02-121-1/+1
|
generated by cgit (git 2.34.1) at 2026-02-28 20:10:17 +0000