1
1
Граф коммитов

935 Коммитов

Автор SHA1 Сообщение Дата
Jan-Niklas Burfeind
1499b38aef dh: Add SSH_PUBLICKEY_HASH_SHA256 to ssh_get_publickey_hash()
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29 19:04:44 +02:00
Andreas Schneider
247983e982 misc: Add strndup implementation if not provides by the OS
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29 19:04:44 +02:00
Andreas Schneider
0aad4de5f4 error: Add ssh_reset_error() function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 11:29:18 +02:00
Andreas Schneider
280519af29 auth: Also log the current auth method
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 11:25:29 +02:00
Andreas Schneider
73c9d60e5a session: Group auth variables in a struct
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 09:30:24 +02:00
Andreas Schneider
868623f9a8 libssh: Document ssh_known_hosts_e
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-22 09:08:39 +02:00
Andreas Schneider
49f92cf5cd libsshpp: Match documentation with the code
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-22 09:08:39 +02:00
Andreas Schneider
85d2c0371a mbedtls: Use getter for ssh_mbedtls_ctr_drbg
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-20 18:42:03 +02:00
Andreas Schneider
dad456a1ee include: Fix shadow variables in libsshpp
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-20 18:42:03 +02:00
Anderson Toshiyuki Sasaki
0be1ae0e3b threads: use static error check mutex initializer if available
This changes the condition to use the static error check mutex
initializer.  If it is not available, use the default static mutex
initializer.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-13 12:00:13 +02:00
Andreas Schneider
a33e71ae88 include: Bump libssh version
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-13 09:22:39 +02:00
Marcin Szalowicz
5ea81166bf include: Fix segfault in getIssueBanner, add missing wrappers in libsshpp
Also make some private properties protected

Signed-off-by: Marcin Szalowicz <marcin.szalowicz@oracle.com>
2018-08-07 14:31:55 +02:00
Anderson Toshiyuki Sasaki
04cc7b769a threads: Add Windows threads implementation
Added Windows threads implementation based on CriticalSection.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
83b43443e5 threads: Automatically call ssh_init on load
This makes unnecessary to call ssh_init() when the library is
dynamically loaded.  Also removes the threads shared library.  The used
threads implementation is chosen in configuration time, changing the
ssh_threads_get_default() depending on the available threads library.

Internally, it is expected a threads implementation providing:

- void ssh_mutex_lock(void **mutex);
- void ssh_mutex_unlock(void **mutex);
- struct ssh_threads_callbacks_struct *ssh_threads_get_default(void);

and a crypto implementation providing:

- int crypto_thread_init(struct ssh_threads_callbacks_struct *user_callbacks);
- void crypto_thread_finalize(void);

This adds internal threads implementation for pthreads and noop.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Pino Toscano
12284b75fa buffer: Add and use ssh_buffer_allocate_size()
Add a small helper for ssh_buffer to ensure that the buffer has a
certain amount of space already preallocated. This can be useful in case
it is known how much data is going to be added to a buffer, to avoid
multiple reallocations.

Make use of it in few places in the library.

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 11:04:33 +02:00
Aris Adamantiadis
db9da99a36 bignum: Make bignum_free safer
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 14:35:13 +02:00
Aris Adamantiadis
2b40ad29c0 crypto: Split init and finalize functions
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:55:23 +02:00
Aris Adamantiadis
36a727e656 bignum: Harmonize ssh_get_random()
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:09:52 +02:00
Andreas Schneider
3141dec632 known_hosts: Remove deprecated ssh_knownhosts_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
e49e4e13f3 knownhosts: Implement ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:38 +02:00
Andreas Schneider
6dd9303729 chachapoly: Use a function instead of an extern variable
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 14:37:04 +02:00
Andreas Schneider
cf250171de include: Add arpa/inet.h for htonl
This should fix a build warning on FreeBSD.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 14:37:04 +02:00
Tilo Eckert
e60cb2ee10 kex: add curve25519-sha256 as alias for curve25519-sha256@libssh.org
see: https://tools.ietf.org/id/draft-ietf-curdle-ssh-curves-07.html

Signed-off-by: Tilo Eckert <tilo.eckert@flam.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29 15:57:11 +02:00
Andreas Schneider
206f3ff895 Rest in Peace SSHv1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-06-29 14:41:14 +02:00
Andreas Schneider
bed60f9b84 kex: Enable chacha20-poly1304 KEX with mbedtls
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29 11:41:22 +02:00
Aris Adamantiadis
238202d380 libgcrypt: make it compatible with chacha20
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
8a735d5eb7 chacha: packet decryption
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
d038c4dee7 chacha: packet encryption
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
ebd76bf347 cmake: detect "bounded" compiler attribute
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
acc1ade74a external: Add ChaCha and Poly1305 implementations from OpenSSH
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Andreas Schneider
c563ed636a Remove vim modelines from all files
If you want modelines use my vim plugin:
https://github.com/cryptomilk/git-modeline.vim

git config --add vim.modeline "ts=4 sw=4 et"

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 08:41:08 +02:00
Andreas Schneider
1369559385 include: Fix reference to ssh_session_update_known_hosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 09:45:35 +02:00
Andreas Schneider
e06ae8e096 include: Declare ge25519_base as extern
Thanks to Tilo Eckart.

The global variable "ge25519_base" is referenced in the module
"src/external/ed25519.c" and initialized in "src/external/ge25519.c".
The lack of the extern keyword in the header results in different
instances being compiled into both translation units with some
compilers.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-21 17:41:32 +02:00
Aris Adamantiadis
36d52ee205 buffer: Add ssh_buffer_allocate() function
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 16:55:23 +02:00
Andreas Schneider
93781f9d5a libsshpp: Use new known hosts functions
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
a209f928d2 kwonhosts: Add functions to check if servers public key is known
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
f23dbe6f42 knownhosts: Add ssh_session_update_known_hosts()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
974e1831a0 knownhosts: Add ssh_session_export_known_hosts_entry()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
963c46e4fb knownhosts: Add ssh_session_has_known_hosts_entry()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
32c49ea134 misc: Add ssh_list_count()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
702e9e8ad5 knownhosts: Introduce new known hosts managing functions
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Axel Eppe
fb2fefb3c6 channels: add ssh_channel_request_send_break to support RFC 4335
Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-04-10 11:16:23 +02:00
Alberto Aguirre
be22c0d442 Add a NODELAY option
Add a new option SSH_OPTIONS_NODELAY to enable or disable the
Nagle Algorithm (TCP_NODELAY) on the session socket.

Improved performance can be achieved for some applications like
sftp servers by enabling SSH_OPTIONS_NODELAY as typically, the
next request won't arrive until the server replies, which are
typically small writes.

Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-21 20:44:04 +01:00
Andreas Schneider
16217454d5 crypto: Change the type of server_pubkey to ssh_key
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-21 20:40:02 +01:00
Andreas Schneider
81847bf513 priv: Implement explicit_bzero as a function if not available
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Alberto Aguirre <albaguirre@gmail.com>
2018-03-02 18:07:42 +01:00
Andreas Schneider
bba40abc76 priv: Fix explicit_bzero macro if we pass a function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-22 16:28:24 +01:00
Alberto Aguirre
0c12643466 sftp: Remove stray semi-colon in sftp.h header
The stray semi-colon in sftp.h is flagged when using -pedantic
which affects clients that include the header and use -pedantic
and -Werror on their codebase.

Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-22 16:28:24 +01:00
Andreas Schneider
ebcff9fd63 src: Use explicit_bzero() if available on the platform
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-12 14:41:27 +01:00
Andreas Schneider
459677e20e libssh: Bump the version to 0.7.90
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-29 20:43:35 +01:00
Juraj Vijtiuk
778652460f add mbedtls crypto support
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems.  It is loosely coupled and has a low memory
footprint.  mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>

Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.

Reviewers: asn, aris

Subscribers: simonsj

Differential Revision: https://bugs.libssh.org/D1
2017-12-28 11:17:39 +01:00