Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | gssapi: Add support for GSSAPIDelegateCredentials config option. | Simo Sorce | 2013-11-15 | 2 | -1/+12 |
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
* | options: Add SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS option. | Simo Sorce | 2013-11-15 | 1 | -0/+15 |
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
* | gssapi: Add error checks and cleanup the code in ssh_gssapi_auth_mic(). | Andreas Schneider | 2013-11-15 | 1 | -2/+13 |
| | |||||
* | gssapi: Use GSSAPIClientIdentity to acquire creds | Simo Sorce | 2013-11-15 | 1 | -3/+23 |
| | | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | gssapi: Add support for GSSAPIClientIdentity config option. | Andreas Schneider | 2013-11-15 | 1 | -1/+9 |
| | |||||
* | options: Add SSH_OPTIONS_GSSAPI_CLIENT_IDENTITY option. | Andreas Schneider | 2013-11-15 | 2 | -0/+19 |
| | |||||
* | gssapi: Add support for GSSAPIServerIdentity config option. | Andreas Schneider | 2013-11-15 | 1 | -1/+9 |
| | |||||
* | gssapi: Add suppport to set GSSAPI server identity. | Andreas Schneider | 2013-11-15 | 3 | -1/+25 |
| | |||||
* | Fix gssapi credential handling. | Simo Sorce | 2013-11-15 | 1 | -105/+65 |
| | | | | | | | | | | | - Properly acquire and inquitre credentials to get the list of available credentials. - Avoid enforcing a specific username it breaks some use cases (k5login). - Remove confusing references to delegated credentials as there is no code that actually uses delegated credentials in the initialization case. Signed-off-by: Siom Sorce <simo@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | socket: Fix connect if we pass in a fd. | Andreas Schneider | 2013-11-15 | 1 | -9/+13 |
| | | | | | | BUG: https://red.libssh.org/issues/106 Thanks to Saju Panikulam. | ||||
* | packet: Remove dead code. | Andreas Schneider | 2013-11-14 | 1 | -6/+0 |
| | |||||
* | packet: Set the packet to the processed data position. | Andreas Schneider | 2013-11-14 | 1 | -1/+1 |
| | | | | Else we could end up with packet - current_macsize if to_be_read is 0. | ||||
* | dh: Fix wrong assignment. | Andreas Schneider | 2013-11-14 | 1 | -1/+1 |
| | | | | Ups, sorry. | ||||
* | poll: Fix realloc in ssh_poll_ctx_resize(). | Andreas Schneider | 2013-11-09 | 1 | -2/+6 |
| | |||||
* | dh: Avoid possible memory leaks with realloc. | Andreas Schneider | 2013-11-09 | 1 | -4/+13 |
| | |||||
* | packet: Refactor ssh_packet_socket_callback(). | Andreas Schneider | 2013-11-09 | 1 | -156/+201 |
| | | | | Make error checking more readable and add additional NULL checks. | ||||
* | server: Fix malloc call. | Andreas Schneider | 2013-11-09 | 1 | -1/+1 |
| | |||||
* | session: Always request POLLIN | Colin Walters | 2013-11-09 | 1 | -3/+1 |
| | | | | | | | The assumption is that if libssh functions are being invoked, we want to read data. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | Add ssh_get_poll_flags() | Colin Walters | 2013-11-09 | 2 | -0/+30 |
| | | | | | | | | | | For integration with an external mainloop, we need to know how to replicate libssh's internal poll() calls. We originally through ssh_get_status() was that API, but it's not really - those flags only get updated from the *result* of a poll(), where what we really need is to know how libssh would *start* a poll(). Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | client: If we have a pre-connected FD, set state to SOCKET_CONNECTED | Colin Walters | 2013-11-09 | 1 | -0/+1 |
| | | | | | | | Otherwise applications providing their own fd end up tripping an assertion, since the session is just in _CONNECTING. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | dh: Move ssh_get_hexa() and ssh_print_hexa() down. | Andreas Schneider | 2013-11-06 | 1 | -57/+57 |
| | | | | | This way they are in the documentation block for the session and we get documentation for them. | ||||
* | dh: Add new ssh_get_publickey_hash() function. | Andreas Schneider | 2013-11-06 | 1 | -19/+102 |
| | |||||
* | doc: Fix doxygen warnings. | Andreas Schneider | 2013-11-04 | 2 | -6/+7 |
| | |||||
* | Fix cast warnings on 64bits | Aris Adamantiadis | 2013-11-04 | 2 | -3/+3 |
| | |||||
* | remove warnings on OSX (workaround) | Aris Adamantiadis | 2013-11-04 | 1 | -2/+2 |
| | |||||
* | logging: fix wording | Aris Adamantiadis | 2013-11-04 | 1 | -2/+2 |
| | |||||
* | curve25519: include reference implementation | Aris Adamantiadis | 2013-11-03 | 3 | -7/+283 |
| | |||||
* | socket: Fix check for pending data. | Aris Adamantiadis | 2013-11-03 | 1 | -3/+3 |
| | | | | | | BUG: https://red.libssh.org/issues/119 Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | server: Fix ssh_execute_server_callbacks() client execution | Nicolas Viennot | 2013-11-03 | 1 | -4/+2 |
| | | | | | | | | | | When the public key auth handler is executed and returns SSH_OK, ssh_execute_server_callbacks() still runs some client callbacks, which may set rc to SSH_AGAIN, which triggers a default reply on auth, denying auth. Signed-off-by: Nicolas Viennot <nicolas@viennot.biz> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | server kex: enable delayed compression | Nicolas Viennot | 2013-11-03 | 1 | -4/+14 |
| | | | | | | | The code is careful to reenable compression when rekeying. Signed-off-by: Nicolas Viennot <nicolas@viennot.biz> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | session: Make sure we correctly burn the buffer. | Andreas Schneider | 2013-11-03 | 1 | -1/+1 |
| | |||||
* | wrapper: Make sure we really burn the buffer. | Andreas Schneider | 2013-11-03 | 1 | -1/+1 |
| | |||||
* | server: fix pubkey reply for key probes | Jon Simons | 2013-11-02 | 1 | -1/+9 |
| | | | | | | | | | | | | | | | Per RFC 4252, it is required to send back only one of either SSH_MSG_USERAUTH_PK_OK or SSH_MSG_USERAUTH_FAILURE for public key probes. Update the handling of 'auth_pubkey_function' to send back PK_OK instead of SSH_MSG_USERAUTH_SUCCESS for the case that the state of the message at hand is SSH_PUBLICKEY_STATE_NONE. With this change, it is now possible to process an initial key probe and then subsequent signature validation using the server callbacks. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | ssh_options_get can now return ProxyCommand | William Orr | 2013-11-02 | 1 | -0/+9 |
| | | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | connect: fix memory leak in ssh_select | Jon Simons | 2013-10-31 | 1 | -2/+9 |
| | | | | | | | | Balance 'ssh_event_add_fd' with 'ssh_event_remove_fd' in 'ssh_select'. BUG: https://red.libssh.org/issues/128 Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | poll: fix leak in ssh_poll_ctx_free | Jon Simons | 2013-10-31 | 1 | -1/+5 |
| | | | | | | | | | Fix a memory leak in 'ssh_poll_ctx_free': issue 'ssh_poll_free' to remove the poll handle from its context and free it. BUG: https://red.libssh.org/issues/128 Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | bind: fix leak in ssh_bind_accept error path | Jon Simons | 2013-10-24 | 1 | -2/+1 |
| | | | | | Use 'ssh_socket_free' to cleanup if 'ssh_bind_accept_fd' fails, to be sure to free the ssh_socket in/out buffers. | ||||
* | auth: docs: Fix typo optoins -> options | Colin Walters | 2013-10-23 | 1 | -6/+6 |
| | | | | | | I'm just getting my feet wet with this codebase. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | channel: Reinit the buffer and reset the state on error. | Andreas Schneider | 2013-10-20 | 1 | -23/+46 |
| | | | | BUG: https://red.libssh.org/issues/126 | ||||
* | channel: Fix ssh_global_request_termination(). | Andreas Schneider | 2013-10-20 | 1 | -1/+1 |
| | | | | BUG: https://red.libssh.org/issues/126 | ||||
* | pki: Don't leak a buffer. | Andreas Schneider | 2013-10-19 | 1 | -0/+2 |
| | |||||
* | pki_crpypto: Fix ecdsa signature to blob. | Andreas Schneider | 2013-10-18 | 1 | -12/+26 |
| | | | | BUG: https://red.libssh.org/issues/118 | ||||
* | pki: Add support for ECDSA private key signing. | Andreas Schneider | 2013-10-18 | 1 | -14/+34 |
| | |||||
* | pki: Add the type as a char pointer. | Andreas Schneider | 2013-10-18 | 2 | -2/+5 |
| | |||||
* | wrapper: Add more evp functions. | Andreas Schneider | 2013-10-18 | 1 | -0/+24 |
| | |||||
* | client: Fix the build. | Andreas Schneider | 2013-10-18 | 1 | -1/+0 |
| | |||||
* | scp: Fixed result of ssh_scp_string_mode() to get SCP working. | Oliver Stöneberg | 2013-10-18 | 1 | -1/+1 |
| | | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | client: Added a missing NULL pointer check. | Oliver Stöneberg | 2013-10-18 | 1 | -8/+13 |
| | | | | Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | ||||
* | channel: Fix packets termination timeout in global_request(). | Andreas Schneider | 2013-10-01 | 1 | -1/+1 |
| | | | | BUG: https://red.libssh.org/issues/126 | ||||
* | session: Try the ecdsa default key first. | Andreas Schneider | 2013-10-01 | 1 | -0/+11 |
| |