ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность
4 561 коммит 3 Ветки 1 Тег
Граф коммитов

4561 Коммитов

This Branch
This Branch
Все ветки
Автор SHA1 Сообщение Дата
Jakub Jelen
e973f95b37 options: Introduce new options for handling rekey limits 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
78427a9264 priv: Provide PRIu32 for Visual Studio 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
b3ae5e06ee tests: Allow to generate unencrypted PCAP files from testsuite 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
d4e5644e21 tests: Reproducer for T122 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
42c92074b9 tests: Do not run SSHD with PAM when not needed 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
81fdb574e7 packet: Write also incoming packets to .pcap files 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
fff2e85ab2 pcap: Reformat ssh_pcap_context_write() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
1be9618f4e kex: Correctly check for the rekey (amends 83f2ac4a) 
This is more reliable fix than 83f2ac4a, which was failing for the
server initialized rekeying, because the session_state is altered
by receiving the KEXINIT from server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Andreas Schneider
b26ca652f5 client: Happy new year! 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-05 13:18:12 +01:00
Andreas Schneider
9f1718e159 Revert "sftp: Set error if invalid session pointer is passed to sftp_new()" 
This reverts commit d011b780c37b7f475095e116d21278d331eeca30.
 2019-01-05 13:17:32 +01:00
Andreas Schneider
d011b780c3 sftp: Set error if invalid session pointer is passed to sftp_new() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-04 13:31:34 +01:00
Andreas Schneider
c6460cc955 Bump SO version to 4.7.3 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-24 07:58:20 +01:00
Andreas Schneider
b5f1949480 gitlab-ci: Build with blowfish cipher support on fedora 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2018-12-19 14:57:36 +01:00
Andreas Schneider
dea6fe3d89 crypto: Disable blowfish support by default 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2018-12-19 14:57:29 +01:00
Andreas Schneider
6cd8d4a24a channels: Don't call ssh_channel_close() twice 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-12 18:31:31 +01:00
Andreas Schneider
0bd404bcbd gitlab-ci: Add minimal build 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-12 18:29:14 +01:00
Jakub Jelen
c9bdb9a01e tests: Do not segfault when built without ZLIB 
Signed-off-by: Jakub Jelen <jakuje@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 20:28:01 +01:00
Jakub Jelen
973da84a47 tests: Verify we can parse the ProxyJump configuration option 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:56:07 +01:00
Jakub Jelen
990794c580 config: Parse ProxyJump configuration option and implement it using ProxyCommand with OpenSSH 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:56:05 +01:00
Jakub Jelen
9b1852f728 tests: Verify ProxyCommand works with ssh 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
055bf830db tests: Use torture_server_address() in proxycommand test 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
8c812dbfa3 tests: Verify all the options are copied over 
The ssh_options_copy() function was missing several options that were added
in recent years.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
9128ecf397 options: Copy also the new options 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
48aede2a31 options: Check for null 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Anderson Toshiyuki Sasaki
fe309ba43f packet: Allow SSH2_MSG_EXT_INFO when authenticated 
When the server requests rekey, it can send the SSH2_MSG_EXT_INFO.  This
message was being filtered out by the packet filtering.  This includes a
test to enforce the filtering rules for this packet type.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 16:42:26 +01:00
Andreas Schneider
c3067f8e73 channels: Send close if we received a remote close 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 16:42:22 +01:00
Andreas Schneider
1d5b222cc4 channels: Reformat ssh_channel_free() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:59:21 +01:00
Andreas Schneider
13b9d268d4 channel: Add SSH_CHANNEL_FLAG_CLOSED_LOCAL 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:59:21 +01:00
Andreas Schneider
0ba10870d1 channel: Reformat ssh_channel_close() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:57:50 +01:00
Andreas Schneider
e4e51ccc13 session: Check the session timeout and use it if set 
This checks if a timeout has been set using ssh_options_set(). If it has
been set it will use that parametr by default for blocking sessions.

This is at least what users are expecting.

Fixes T33

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:49:19 +01:00
Andreas Schneider
8ece2abfab session: Use long for the timeout 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:49:17 +01:00
Anderson Toshiyuki Sasaki
f05717d23e sftp: Add NULL check in sftp_fstat() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2018-12-07 17:47:22 +01:00
Anderson Toshiyuki Sasaki
eaa97d2062 sftp: Add NULL check in sftp_xstat() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:18 +01:00
Anderson Toshiyuki Sasaki
bda2cc69af sftp: Add NULL check in sftp_opendir() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:11 +01:00
Anderson Toshiyuki Sasaki
83d827d7dd sftp: Set sftp error when received unexpected message 
Set sftp error to SSH_FX_BAD_MESSAGE if an unexpected message is
received.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:00 +01:00
Anderson Toshiyuki Sasaki
0f95295966 sftp: Set sftp error code when fail occurs 
When an operation fails in sftp subsystem, set the sftp error, so that
it can be obtained by sftp_get_error().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:44:52 +01:00
Anderson Toshiyuki Sasaki
8e69d435ef channels: Set error state when closed channel is read 
When an attempt to read a closed channel happens, set the session error
state properly.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:44:46 +01:00
Anderson Toshiyuki Sasaki
d78a29eb79 sftp: Set error when EOF is received in sftp_packet_read() 
When reading a sftp packet and an EOF is received before all requested
bytes are read, set the session and sftp error codes.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:43:08 +01:00
Andreas Schneider
58113d489e connect: Fix size type for i an j in ssh_select() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:31 +01:00
Andreas Schneider
c306a693f3 buffer: Use size_t for argc argument in ssh_buffer_(un)pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:31 +01:00
Jakub Jelen
21e2522360 config: Get rid of the dynamic seen array 
* This makes the array constant in the session structure, avoiding
   allocations and frees while parsing the file
 * It also drops passing the seen array to all the functions,
   because it is already part of the passed session
 * The test cases are adjusted to match these changes

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:27 +01:00
Jakub Jelen
8f887e82c7 config: Reformat local_parse_file 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
993e24a361 config: Reformat ssh_config_parse_file 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
cf6f1e7a64 tests: Cover also compression with unit tests 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
31bc83f366 tests: Do not recreate unnecessary files for every test case 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 13:57:03 +01:00
Jakub Jelen
42ce989488 tests: Cover missing parts of the config parsing 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 13:28:11 +01:00
Andreas Schneider
4282f3c664 gitlab-ci: Fix csbuild to run latest 20 commits 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:52:40 +01:00
Andreas Schneider
3784226fd8 sftp: Do not overwrite errors set by channel functions 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:52:40 +01:00
Andreas Schneider
cf24048f02 libcrypto: Fix integer comparison in evp_cipher_aead_encrypt() 
src/libcrypto.c:773:27: warning: comparison of integer expressions of
different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’}
[-Wsign-compare] <--[cc]
     if (rc != 1 || outlen != len - aadlen) {
                           ^~
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:47:25 +01:00
Anderson Toshiyuki Sasaki
f427a975b8 tests: Fix a clang possible memory leak warning 
clang was reporting a possible memory leak after mkdtemp() call, which
was a false positive, since mkdtemp() returns the same pointer provided
as the parameter, in case of success.  This changes the code so that the
static analyser don't get confused.

Found by csbuild runner.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:28:40 +01:00