ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность
4 412 коммитов 3 Ветки 1 Тег 7,9 MiB
1a92c4bc64
Граф коммитов

4412 Коммитов

This Branch
This Branch
Все ветки
Автор SHA1 Сообщение Дата
Jakub Jelen
1a92c4bc64 config: Parse rekey limits and apply them 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
e973f95b37 options: Introduce new options for handling rekey limits 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
78427a9264 priv: Provide PRIu32 for Visual Studio 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
b3ae5e06ee tests: Allow to generate unencrypted PCAP files from testsuite 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
d4e5644e21 tests: Reproducer for T122 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
42c92074b9 tests: Do not run SSHD with PAM when not needed 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
81fdb574e7 packet: Write also incoming packets to .pcap files 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
fff2e85ab2 pcap: Reformat ssh_pcap_context_write() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Jakub Jelen
1be9618f4e kex: Correctly check for the rekey (amends 83f2ac4a) 
This is more reliable fix than 83f2ac4a, which was failing for the
server initialized rekeying, because the session_state is altered
by receiving the KEXINIT from server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-09 10:14:56 +01:00
Andreas Schneider
b26ca652f5 client: Happy new year! 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-05 13:18:12 +01:00
Andreas Schneider
9f1718e159 Revert "sftp: Set error if invalid session pointer is passed to sftp_new()" 
This reverts commit d011b780c3.
 2019-01-05 13:17:32 +01:00
Andreas Schneider
d011b780c3 sftp: Set error if invalid session pointer is passed to sftp_new() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2019-01-04 13:31:34 +01:00
Andreas Schneider
c6460cc955 Bump SO version to 4.7.3 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-24 07:58:20 +01:00
Andreas Schneider
b5f1949480 gitlab-ci: Build with blowfish cipher support on fedora 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2018-12-19 14:57:36 +01:00
Andreas Schneider
dea6fe3d89 crypto: Disable blowfish support by default 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2018-12-19 14:57:29 +01:00
Andreas Schneider
6cd8d4a24a channels: Don't call ssh_channel_close() twice 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-12 18:31:31 +01:00
Andreas Schneider
0bd404bcbd gitlab-ci: Add minimal build 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-12 18:29:14 +01:00
Jakub Jelen
c9bdb9a01e tests: Do not segfault when built without ZLIB 
Signed-off-by: Jakub Jelen <jakuje@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 20:28:01 +01:00
Jakub Jelen
973da84a47 tests: Verify we can parse the ProxyJump configuration option 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:56:07 +01:00
Jakub Jelen
990794c580 config: Parse ProxyJump configuration option and implement it using ProxyCommand with OpenSSH 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:56:05 +01:00
Jakub Jelen
9b1852f728 tests: Verify ProxyCommand works with ssh 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
055bf830db tests: Use torture_server_address() in proxycommand test 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
8c812dbfa3 tests: Verify all the options are copied over 
The ssh_options_copy() function was missing several options that were added
in recent years.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
9128ecf397 options: Copy also the new options 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Jakub Jelen
48aede2a31 options: Check for null 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 17:52:56 +01:00
Anderson Toshiyuki Sasaki
fe309ba43f packet: Allow SSH2_MSG_EXT_INFO when authenticated 
When the server requests rekey, it can send the SSH2_MSG_EXT_INFO.  This
message was being filtered out by the packet filtering.  This includes a
test to enforce the filtering rules for this packet type.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 16:42:26 +01:00
Andreas Schneider
c3067f8e73 channels: Send close if we received a remote close 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 16:42:22 +01:00
Andreas Schneider
1d5b222cc4 channels: Reformat ssh_channel_free() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:59:21 +01:00
Andreas Schneider
13b9d268d4 channel: Add SSH_CHANNEL_FLAG_CLOSED_LOCAL 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:59:21 +01:00
Andreas Schneider
0ba10870d1 channel: Reformat ssh_channel_close() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-10 14:57:50 +01:00
Andreas Schneider
e4e51ccc13 session: Check the session timeout and use it if set 
This checks if a timeout has been set using ssh_options_set(). If it has
been set it will use that parametr by default for blocking sessions.

This is at least what users are expecting.

Fixes T33

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:49:19 +01:00
Andreas Schneider
8ece2abfab session: Use long for the timeout 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:49:17 +01:00
Anderson Toshiyuki Sasaki
f05717d23e sftp: Add NULL check in sftp_fstat() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2018-12-07 17:47:22 +01:00
Anderson Toshiyuki Sasaki
eaa97d2062 sftp: Add NULL check in sftp_xstat() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:18 +01:00
Anderson Toshiyuki Sasaki
bda2cc69af sftp: Add NULL check in sftp_opendir() 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:11 +01:00
Anderson Toshiyuki Sasaki
83d827d7dd sftp: Set sftp error when received unexpected message 
Set sftp error to SSH_FX_BAD_MESSAGE if an unexpected message is
received.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:47:00 +01:00
Anderson Toshiyuki Sasaki
0f95295966 sftp: Set sftp error code when fail occurs 
When an operation fails in sftp subsystem, set the sftp error, so that
it can be obtained by sftp_get_error().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:44:52 +01:00
Anderson Toshiyuki Sasaki
8e69d435ef channels: Set error state when closed channel is read 
When an attempt to read a closed channel happens, set the session error
state properly.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:44:46 +01:00
Anderson Toshiyuki Sasaki
d78a29eb79 sftp: Set error when EOF is received in sftp_packet_read() 
When reading a sftp packet and an EOF is received before all requested
bytes are read, set the session and sftp error codes.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 17:43:08 +01:00
Andreas Schneider
58113d489e connect: Fix size type for i an j in ssh_select() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:31 +01:00
Andreas Schneider
c306a693f3 buffer: Use size_t for argc argument in ssh_buffer_(un)pack() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:31 +01:00
Jakub Jelen
21e2522360 config: Get rid of the dynamic seen array 
* This makes the array constant in the session structure, avoiding
   allocations and frees while parsing the file
 * It also drops passing the seen array to all the functions,
   because it is already part of the passed session
 * The test cases are adjusted to match these changes

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:08:27 +01:00
Jakub Jelen
8f887e82c7 config: Reformat local_parse_file 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
993e24a361 config: Reformat ssh_config_parse_file 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
cf6f1e7a64 tests: Cover also compression with unit tests 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 14:07:31 +01:00
Jakub Jelen
31bc83f366 tests: Do not recreate unnecessary files for every test case 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 13:57:03 +01:00
Jakub Jelen
42ce989488 tests: Cover missing parts of the config parsing 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-12-07 13:28:11 +01:00
Andreas Schneider
4282f3c664 gitlab-ci: Fix csbuild to run latest 20 commits 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:52:40 +01:00
Andreas Schneider
3784226fd8 sftp: Do not overwrite errors set by channel functions 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:52:40 +01:00
Andreas Schneider
cf24048f02 libcrypto: Fix integer comparison in evp_cipher_aead_encrypt() 
src/libcrypto.c:773:27: warning: comparison of integer expressions of
different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’}
[-Wsign-compare] <--[cc]
     if (rc != 1 || outlen != len - aadlen) {
                           ^~
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-11-30 18:47:25 +01:00