1
1
Граф коммитов

976 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
480915c07d libsshpp: Pass username and submethods to ssh_userauth_kbdint()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
e27c6b21b5 include: Fix HAVE_<FEATURE> checks in pki.h
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Jakub Jelen
f622c4309b knownhosts: Consult also the global known hosts file
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
bdb3bb9ccd tests: Verify the hostkey ordering for negotiation is correct
Previously, not all of the host keys algorithms were used for algorithm
negotiation. This verifies the algorithms list is sane and ordered
with the key types from known hosts in the first place.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Andreas Schneider
91f35eca4d libsshpp: Use ssh_session_update_known_hosts()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:42:02 +02:00
Andreas Schneider
009ca5c9dd priv: Add ssize_t if not available with MSVC
Fixes T113

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Tested-by: Wolf Wolfswinkel <wolf.wolfswinkel@objectplus.nl>
2018-10-17 15:37:28 +02:00
Anderson Toshiyuki Sasaki
75be012b4a CVE-2018-10933: Introduced packet filtering
The packet filter checks required states for the incoming packets and
reject them if they arrived in the wrong state.

Fixes T101

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 09:19:03 +02:00
Anderson Toshiyuki Sasaki
20981bf229 CVE-2018-10933: Introduce SSH_AUTH_STATE_AUTH_NONE_SENT
The introduced auth state allows to identify when a request without
authentication information was sent.

Fixes T101

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 09:19:03 +02:00
Anderson Toshiyuki Sasaki
825f4ba964 CVE-2018-10933: Introduce SSH_AUTH_STATE_PASSWORD_AUTH_SENT
The introduced auth state allows to identify when authentication using
password was tried.

Fixes T101

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 09:19:03 +02:00
Anderson Toshiyuki Sasaki
2bddafeb70 CVE-2018-10933: Introduced new auth states
Introduced the states SSH_AUTH_STATE_PUBKEY_OFFER_SENT and
SSH_AUTH_STATE_PUBKEY_AUTH_SENT to know when SSH2_MSG_USERAUTH_PK_OK and
SSH2_MSG_USERAUTH_SUCCESS should be expected.

Fixes T101

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 09:19:03 +02:00
Andreas Schneider
259d7de153 include: Mark old known_hosts API as deprecated
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-13 22:08:41 +02:00
Jakub Jelen
72bd2fe197 libmbedtls: Support OpenSSH-compatible AES-GCM ciphers using mbedTLS
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09 13:05:38 +02:00
Jakub Jelen
5790036a23 libgcrypt: Implement OpenSSH-compatible AES-GCM ciphers using libgcrypt
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09 13:05:38 +02:00
Jakub Jelen
46090facba libcrypto: Implement OpenSSH-compatible AES-GCM ciphers using OpenSSL
The commit also propares the internals throughout the code base
for the inclusion of a new AEAD cipher, because previously, the
source code counted only with chacha20-poly1305 cipher, which
is very specific in many cases.

The SSH_HMAC_AEAD_GCM mac algorithm is not actually used, but the name
needed to be defined so we can match in the algorithms selection per
OpenSSH specification (MACs are ignored in case GCM is select as a cipher [1]).

If the provided OpenSSL does not provide  EVP_aes_128_gcm()  function,
the AES-GCM ciphers will not be compiled in.

[1] https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.chacha20poly1305?annotate=HEAD

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09 12:05:40 +02:00
Andreas Schneider
85a274ff3c include: Add macros for bytearray handling
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-10-05 14:38:43 +02:00
Anderson Toshiyuki Sasaki
11d480134c include: Add SSH_KEY_FREE
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Andreas Schneider
ae2b9a3bde include: Do not declare ssh_channel_new() twice
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-25 14:37:25 +02:00
Chris Townsend
6c56c1e0d7 sftpserver: Support some openssh extensions
Add support for "hardlink@openssh.com" and
"posix-rename@openssh.com" extensions.

Signed-off-by: Chris Townsend <christopher.townsend@canonical.com>
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20 16:35:13 +02:00
DavidWed
d0ce2d1ecd pki: Add ssh_pki_export_privkey_base64()
Fixes T53

Signed-off-by: DavidWedderwille <davidwe@posteo.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-09-20 16:35:13 +02:00
Andreas Schneider
bbed139eca dh: Add ssh_get_fingerprint_hash()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20 16:35:13 +02:00
Anderson Toshiyuki Sasaki
71594f9d6c dh: Add diffie-hellman-group18-sha512 support
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2018-09-20 15:37:23 +02:00
Anderson Toshiyuki Sasaki
d9d3b65df2 dh: Add diffie-hellman-group16-sha512 support
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-19 12:17:02 +02:00
Jakub Jelen
1226de875b pki: Implement reading public key from OpenSSH private key container
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 09:53:49 +02:00
Jakub Jelen
39102224b2 pki: Allow reading keys in new OpenSSH format
This implements reading the OpenSSH key format accross the
cryptographic backends. Most of the code is shared and moved
to pki.c, just the building of the keys is implemented in
pki_privkey_build_*() functions.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 09:53:49 +02:00
Andreas Schneider
79a3fcac72 sftp: Keep a ssh_packet for reading in the sftp handle
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-17 10:48:49 +02:00
Andreas Schneider
29b5477849 include: Add SSH_BUFFER_FREE
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-17 10:48:49 +02:00
Jakub Jelen
e9b44d26b1 config: Parse Match keyword
Amends f818e63f8, which introduced the constants and matching of this
configuration option, but did not implement the handling of the values
which was causing the configuration parser failing for certain
configurations.

This commit exposes match_pattern_list() from match.c

Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1624425

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-05 11:43:05 +02:00
Andreas Schneider
ba1ff992ce libsshpp: Initialize the string returned by getIssueBanner()
Fixes T13

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-04 20:52:31 +02:00
Andreas Schneider
a1b57d3b94 buffer: Use bool for secure buffer
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-03 15:00:53 +02:00
Andreas Schneider
3efc64112a include: Add SSH_STRING_FREE() and SSH_STRING_FREE_CHAR()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-02 09:54:20 +02:00
Jakub Jelen
b4c8bd9fe4 pki: Support RSA SHA2 signatures of sessionid for server
This involves mostly creation of host keys proofs but needs
to follow the same procedure as the client authentication
signatures.

At the same time, the SHA2 extension is enabled in the pkd
so we are able to atomicaly provide correct signatures and
pass tests.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
6fa5e8adb0 server: Support for extension negotiation
This includes intercepting the  ext-info-c  string from
the client kex proposal, configuring the server to allow using
this extension and sending the SSH_MSG_EXT_INFO packet back
to the client after the new keys are in use.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
594c62d718 tests: PUBLICKEY_ACCEPTED_TYPES are effective
Verify the PUBLICKEY_ACCEPTED_TYPES option is handled correctly
and affects the signature algorithm selection based on the
extensions and can be used to limit list of offered mechanisms
to the server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
4169be45eb pki: Allow filtering accepted public key types based on the configuration
This effectively allows to disable using the SHA2 extension, disable
other old public key mechanisms out of the box (hello DSA) or force
the new SHA2-based key algorithm types if needed.

This exposes the  default_methods  array from  kex.c.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
4521ab73b6 options: The new option SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES
This option allows to specify acceptable public key algorithms
and reflects the PubkeyAcceptedTypes configuration option from
OpenSSH.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
ebb01549d0 SHA2 extension in the ssh-agent interface
The new constants for flags are defined in draft-miller-ssh-agent-02
are active if the SHA2 extension is negotiated with the server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
82da0c3361 auth: Support SHA2 extension for pubkey authentication (RFC 8332)
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
1f08aabe43 pki: RSA signatures with SHA2 hash algorithms (RFC 8332)
* This change introduces a new API to request signature using
   one key and different hash algorithms. This is used only with
   RSA keys, that used to have SHA1 hardcoded, but the new
   algorithsms allow to use the SHA2 hashes, if the extension
   is negotiated.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
fa60827840 pki: Support RSA verification using different hash algorithms
This changes the private API by adding one more argument to function

  pki_signature_from_blob()

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jakub Jelen
761225712a client: Handle the MSG_EXT_INFO packet signalling supported extensions
RFC 8308: The extension negotiation in Secure Shell (SSH) Protocol

RFC 8332: Use of RSA Keys with SHA-256 and SHA-512
          in the Secure Shell (SSH) Protocol

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31 14:18:34 +02:00
Jan-Niklas Burfeind
f32cb70675 dh: Add ssh_print_hash() function which can deal with sha256
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29 19:04:44 +02:00
Jan-Niklas Burfeind
1499b38aef dh: Add SSH_PUBLICKEY_HASH_SHA256 to ssh_get_publickey_hash()
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29 19:04:44 +02:00
Andreas Schneider
247983e982 misc: Add strndup implementation if not provides by the OS
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29 19:04:44 +02:00
Andreas Schneider
0aad4de5f4 error: Add ssh_reset_error() function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 11:29:18 +02:00
Andreas Schneider
280519af29 auth: Also log the current auth method
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 11:25:29 +02:00
Andreas Schneider
73c9d60e5a session: Group auth variables in a struct
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27 09:30:24 +02:00
Andreas Schneider
868623f9a8 libssh: Document ssh_known_hosts_e
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-22 09:08:39 +02:00
Andreas Schneider
49f92cf5cd libsshpp: Match documentation with the code
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-22 09:08:39 +02:00
Andreas Schneider
85d2c0371a mbedtls: Use getter for ssh_mbedtls_ctr_drbg
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-20 18:42:03 +02:00
Andreas Schneider
dad456a1ee include: Fix shadow variables in libsshpp
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-20 18:42:03 +02:00