1
1
Граф коммитов

2837 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
41d99d32e8 gssapi: Add suppport to set GSSAPI server identity. 2013-11-15 15:50:09 +01:00
Simo Sorce
c481f9dafd Fix gssapi credential handling.
- Properly acquire and inquitre credentials to get the list of available
credentials.
- Avoid enforcing a specific username it breaks some use cases (k5login).
- Remove confusing references to delegated credentials as there is no code
that actually uses delegated credentials in the initialization case.

Signed-off-by: Siom Sorce <simo@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-15 14:49:29 +01:00
Andreas Schneider
f240ecf328 socket: Fix connect if we pass in a fd.
BUG: https://red.libssh.org/issues/106

Thanks to Saju Panikulam.
2013-11-15 08:47:58 +01:00
Andreas Schneider
1972a27fe0 packet: Remove dead code. 2013-11-14 11:43:49 +01:00
Andreas Schneider
097760db17 packet: Set the packet to the processed data position.
Else we could end up with packet - current_macsize if to_be_read is 0.
2013-11-14 11:42:21 +01:00
Andreas Schneider
b3a08ba8d3 dh: Fix wrong assignment.
Ups, sorry.
2013-11-14 08:08:49 +01:00
Andreas Schneider
fef7e1dffe poll: Fix realloc in ssh_poll_ctx_resize(). 2013-11-09 13:27:59 +01:00
Andreas Schneider
6d7bbe63fe dh: Avoid possible memory leaks with realloc. 2013-11-09 13:20:13 +01:00
Andreas Schneider
387e26c837 packet: Refactor ssh_packet_socket_callback().
Make error checking more readable and add additional NULL checks.
2013-11-09 13:10:41 +01:00
Andreas Schneider
e8e99ec6de server: Fix malloc call. 2013-11-09 12:47:02 +01:00
Colin Walters
13c4499449 session: Always request POLLIN
The assumption is that if libssh functions are being invoked, we want
to read data.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-09 12:29:07 +01:00
Colin Walters
4cc7f4ad03 Add ssh_get_poll_flags()
For integration with an external mainloop, we need to know how to
replicate libssh's internal poll() calls.  We originally through
ssh_get_status() was that API, but it's not really - those flags only
get updated from the *result* of a poll(), where what we really need
is to know how libssh would *start* a poll().

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-09 12:26:19 +01:00
Colin Walters
a8dc67ded8 client: If we have a pre-connected FD, set state to SOCKET_CONNECTED
Otherwise applications providing their own fd end up tripping an
assertion, since the session is just in _CONNECTING.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-09 12:25:41 +01:00
Andreas Schneider
aa33d18930 example: Use ssh_get_publickey_hash(). 2013-11-06 17:10:41 +01:00
Andreas Schneider
8c5777554a dh: Move ssh_get_hexa() and ssh_print_hexa() down.
This way they are in the documentation block for the session and we get
documentation for them.
2013-11-06 17:10:41 +01:00
Andreas Schneider
06cd9bc4dc dh: Add new ssh_get_publickey_hash() function. 2013-11-06 17:10:35 +01:00
Andreas Schneider
0c8984ba9f doc: Add curve25519 to features list. 2013-11-05 13:15:11 +01:00
Andreas Schneider
6f0f1ef292 doc: Fix doxygen warnings. 2013-11-04 21:55:29 +01:00
Aris Adamantiadis
b12f3f38c7 Fix cast warnings on 64bits 2013-11-04 10:49:32 +01:00
Aris Adamantiadis
cb165df64e remove warnings on OSX (workaround) 2013-11-04 10:47:22 +01:00
Aris Adamantiadis
e4c4f57f05 logging: fix wording 2013-11-04 10:31:10 +01:00
Aris Adamantiadis
c5ef5ed18f curve25519: include reference implementation 2013-11-03 14:58:10 +01:00
Aris Adamantiadis
ebf4a03908 examples: fix forktty() warning on OSX 2013-11-03 14:10:04 +01:00
Aris Adamantiadis
4f3ee2fc7e Fix examples compilation on OSX (libargp) 2013-11-03 13:49:27 +01:00
Aris Adamantiadis
f565aeebfa Compile libssh with nacl if possible
Conflicts:
	DefineOptions.cmake
2013-11-03 13:18:26 +01:00
Aris Adamantiadis
04cb94a2dd socket: Fix check for pending data.
BUG: https://red.libssh.org/issues/119

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-03 12:46:27 +01:00
Nicolas Viennot
754152aa22 server: Fix ssh_execute_server_callbacks() client execution
When the public key auth handler is executed and returns SSH_OK,
ssh_execute_server_callbacks() still runs some client callbacks,
which may set rc to SSH_AGAIN, which triggers a default reply on
auth, denying auth.

Signed-off-by: Nicolas Viennot <nicolas@viennot.biz>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-03 10:52:38 +01:00
Nicolas Viennot
1ef00045dd server kex: enable delayed compression
The code is careful to reenable compression when rekeying.

Signed-off-by: Nicolas Viennot <nicolas@viennot.biz>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-03 10:48:59 +01:00
Andreas Schneider
a466a624e2 session: Make sure we correctly burn the buffer. 2013-11-03 10:45:02 +01:00
Andreas Schneider
643a3b7cc3 wrapper: Make sure we really burn the buffer. 2013-11-03 10:39:31 +01:00
Andreas Schneider
d2dea8dc2e priv: Fix brackets of burn macros. 2013-11-03 10:24:47 +01:00
Andreas Schneider
6edb6bcca1 doc: Add missing RFCs. 2013-11-03 09:35:35 +01:00
Jon Simons
d4f5a0e6ab server: fix pubkey reply for key probes
Per RFC 4252, it is required to send back only one of either
SSH_MSG_USERAUTH_PK_OK or SSH_MSG_USERAUTH_FAILURE for public
key probes.

Update the handling of 'auth_pubkey_function' to send back PK_OK
instead of SSH_MSG_USERAUTH_SUCCESS for the case that the state
of the message at hand is SSH_PUBLICKEY_STATE_NONE.

With this change, it is now possible to process an initial key probe
and then subsequent signature validation using the server callbacks.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-02 21:02:56 +01:00
William Orr
ce1d73e0f0 ssh_options_get can now return ProxyCommand
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-02 21:02:56 +01:00
Jon Simons
20caa68b84 connect: fix memory leak in ssh_select
Balance 'ssh_event_add_fd' with 'ssh_event_remove_fd' in 'ssh_select'.

BUG: https://red.libssh.org/issues/128

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-10-31 12:45:21 +01:00
Andreas Schneider
b00a6e3885 tests: Add a test for ssh_channel(). 2013-10-31 12:44:48 +01:00
Jon Simons
ffc33ca28c poll: fix leak in ssh_poll_ctx_free
Fix a memory leak in 'ssh_poll_ctx_free': issue 'ssh_poll_free'
to remove the poll handle from its context and free it.

BUG: https://red.libssh.org/issues/128

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-10-31 11:55:09 +01:00
Alan Dunn
ee95c05c08 SSH_AUTH_OK -> SSH_AUTH_SUCCESS in comments
A few callback descriptions refer to a non-existent value SSH_AUTH_OK,
which should be SSH_AUTH_SUCCESS.  This commit fixes these.

Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-10-31 08:18:55 +01:00
Andreas Schneider
cfea381307 cmake: Check for isblank(). 2013-10-30 17:30:07 +01:00
Jon Simons
099b914fd9 bind: fix leak in ssh_bind_accept error path
Use 'ssh_socket_free' to cleanup if 'ssh_bind_accept_fd'
fails, to be sure to free the ssh_socket in/out buffers.
2013-10-24 10:37:37 +02:00
Andreas Schneider
afd35fa98c tests: Add a sftp_read blocking test. 2013-10-23 15:49:07 +02:00
Colin Walters
f02bc4768e auth: docs: Fix typo optoins -> options
I'm just getting my feet wet with this codebase.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-10-23 09:55:09 +02:00
Andreas Schneider
bcb162816e doc: Improve sftp_read_sync() example. 2013-10-23 09:53:16 +02:00
Andreas Schneider
5baa6aed6b include: Fix build on platforms without ECC. 2013-10-21 07:15:59 +02:00
Andreas Schneider
6a6e85752e tests: Add a test for ssh_channel_request_env(). 2013-10-20 17:05:35 +02:00
Andreas Schneider
4421540b7b tests: We can't test the accept right now. 2013-10-20 13:28:53 +02:00
Andreas Schneider
d3c186b04c tests: Fix torture_forward. 2013-10-20 13:23:31 +02:00
Andreas Schneider
e30acdb58a channel: Reinit the buffer and reset the state on error.
BUG: https://red.libssh.org/issues/126
2013-10-20 12:46:57 +02:00
Andreas Schneider
b0cbe88b0b channel: Fix ssh_global_request_termination().
BUG: https://red.libssh.org/issues/126
2013-10-20 12:46:17 +02:00
Andreas Schneider
3afba83134 tests: Add torture forward test. 2013-10-20 12:46:17 +02:00