libssh

Автор	SHA1	Сообщение	Дата
Jakub Jelen	4dec2f989c	options: Move SSH_OPTIONS_ADD_IDENTITY to *set() function description Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 12:38:23 +01:00
Eric Bentley	5fdfa8fe44	docs: correction for importing key file Signed-off-by: ebentley66@gmail.com Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 12:31:11 +01:00
Jakub Jelen	176b92a4f4	tests/client/algorithms: Respect global verbosity settings Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	afc6a4e973	tests/config: Verify LogLevel from config is applied Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	53d84abb17	tests/config: Newly parsed options Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	dab8985c05	tests/config: Enable and disable authentication methods Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	0bd6ccc066	tests/config: Verify known_hosts files are applied Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	5c7b8802f2	tests: HostkeyAlgorithms passed from config to options Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:19 +01:00
Jakub Jelen	b8e301ade3	config: Add CMake check for glob()	2017-12-21 11:43:19 +01:00
NoName115	99c5160cb5	config: glob support for include with test Signed-off-by: NoName115 <robert.kolcun@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-21 11:43:14 +01:00
Jakub Jelen	110da49504	config: support for MACs Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	f3754dc072	tests/config: Text KexAlgorithms parsing in ssh_config Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	78a3ab2eaa	tests/options: Verify key exchange algorithms are set properly Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	4da7985204	config: Set global log level from configuration file Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	2a66c38efa	options: Typo. The expand character is %d Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	2e31dffdb7	config: Remove MAC option (SSHv1) Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	88e43d2502	config: Add configuration options from current OpenSSH 7.5 (and fix typos) Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	4166bb2a26	options: Document SSH_OPTIONS_GLOBAL_KNOWNHOSTS and set default value Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Aris Adamantiadis	f818e63f8f	Add new options Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com> Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	094aa5eb02	tests: Temporarily build chroot_wrapper	2017-12-15 12:00:49 +01:00
Jakub Jelen	5d3ab421e1	tests: Do not generate pcap file by default pcap file is generated by the processes writing to the sockets, which is not allowed for privilege-separated process in new OpenSSH servers (confined by seccomp filter). Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	f8f7989c3d	tests: Give server more time to start Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-12-15 12:00:49 +01:00
Jakub Jelen	b92c499626	tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer	2017-12-15 11:59:19 +01:00
Andreas Schneider	9fce33a2e3	client: Add missing language tag in disconnect message Fixes T74 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-16 12:10:41 +01:00
Andreas Schneider	7a65f7f028	test: ssh_userauth_kbdint_setanswer() does not network interaction Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-09 15:35:22 +01:00
Andreas Schneider	f525fdb2e1	sftp: Check for NULL path and give correct error Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-09 11:41:58 +01:00
Andreas Schneider	01994ea302	examples: Build server examples on Linux too Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-08 16:28:35 +01:00
Jakub Jelen	c4ddf62f7e	pki_crypto: Avoid potential memory leak Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-08 16:21:36 +01:00
Andreas Schneider	2ec633f33d	examples: Rename samplessh to ssh-client Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-07 15:28:52 +01:00
Jakub Jelen	748d749675	doc: Missing new Host Key algorithms Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-07 15:12:27 +01:00
Jakub Jelen	77f632a559	doc: Missing new MAC algorithms in documentation Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-07 15:12:27 +01:00
Jakub Jelen	54165a394a	doc: Missing new ECDH algorithms in documentation Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-07 15:12:27 +01:00
Jakub Jelen	16818bd0e4	pki_crypto: Avoid segfault with OpenSSL 1.1.0 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-11-07 15:10:32 +01:00
Jon Simons	d29d199592	ecdh: fix build for old libgcrypt Summary: Fix a typo for old libgcrypt builds `k_length` -> `k_len`. Signed-off-by: Jon Simons <jon@jonsimons.org> Test Plan: * Spotted this last-minute typo bug in local testing. Reviewers: asn Reviewed By: asn Differential Revision: https://bugs.libssh.org/D10	2017-10-29 16:28:39 +01:00
Jon Simons	17c03005d8	ecdh: fix build for old libgcrypt Summary: Fix a typo for old libgcrypt builds `k_length` -> `k_len`. Signed-off-by: Jon Simons <jon@jonsimons.org> Test Plan: * Spotted this last-minute typo bug in local testing. Reviewers: asn Differential Revision: https://bugs.libssh.org/D10	2017-10-29 16:27:02 +01:00
Andreas Schneider	509fa8a7b2	dh: Don't use deprecated function with newer OpenSSL Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-10-29 16:15:33 +01:00
Andreas Schneider	954da14c15	pki_crypto: Don't use deprecated function with newer OpenSSL Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-10-29 16:06:14 +01:00
Jon Simons	7527876fad	torture_algorithms: deduplicate kex method passes Summary: Signed-off-by: Jon Simons <jon@jonsimons.org> Test Plan: * Re-ran the `torture_algorithms` test. Reviewers: asn Reviewed By: asn Tags: #libssh Differential Revision: https://bugs.libssh.org/D8	2017-10-29 15:56:08 +01:00
Jon Simons	9d79b7629c	torture_algorithms: deduplicate kex method passes Summary: Signed-off-by: Jon Simons <jon@jonsimons.org> Test Plan: * Re-ran the `torture_algorithms` test. Reviewers: asn Tags: #libssh Differential Revision: https://bugs.libssh.org/D8	2017-10-29 15:50:09 +01:00
Jon Simons	538f1bc00e	server: expose 'ssh_server_init_kex' API Expose an API 'ssh_server_init_kex' which allows one to change the set of key exchange, hostkey, ciphers, MACs, and compression algorithms currently configured for the ssh_session at hand, after having started the 'ssh_handle_key_exchange' process. One can use this API from the already-existing 'connect_status_function' callback to dynamically modify the set of algorithms used after having received the client banner, but before sending out the initial KEXINIT message. For example, one might want to prevent advertising the curve25519 key exchange algorithm for older OpenSSH clients due to interop bugs. Fixes T25 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-10-29 15:49:12 +01:00
Andreas Schneider	f0ddde4826	Fix config.h includes We need stdlib.h and string.h in priv.h for free() and memset(). Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-10-28 14:31:37 +02:00
Andreas Schneider	d3834f69bc	cmake: Fix parsing the gcrypt version Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-10-12 10:16:23 +02:00
Andreas Schneider	f7b8394127	cmake: Bump version numbers Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-12 07:40:45 +02:00
Andreas Schneider	72cf2e3ae2	README.Coding: Add section about pointers Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 17:14:21 +02:00
DavidWed	164cee66ee	sftp-server: Fix LIBSSH_API Fixes T44 Signed-off-by: DavidWedderwille <davidwe@posteo.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 16:34:11 +02:00
Jon Simons	9003f92e8f	pkd_daemon.c: force close pkd_state.server_fd upon stop There's a race window between the accept loop's call to accept(2) and it checking `ctx.keep_going`. Forcefully close the server socket such that any raced `accept` ends up failing. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 16:31:01 +02:00
Jon Simons	8d7563a9c3	pkd_daemon.c: split final close loop; wait for client to close Sometimes, but not always, the pkd tests will fail because they close the socket at hand a bit too early for the client. The client in turn may exit non-zero when that happens. Split up the final close loop so that pkd waits to receive a channel close from the client, and then socket close, before finally returning. With this change I observe that tests are now passing in environments that would previously tickle the above race and fail. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 16:30:54 +02:00
Jon Simons	4c4a03f056	pkd_hello.c: fix return code upon test failure Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 16:30:45 +02:00
Jon Simons	73d76a2638	auth: fix double-free in ssh_userauth_agent_publickey Fixes T72 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2017-09-11 16:28:14 +02:00
Jon Simons	1c9eb4dfb9	config: fix memory leak with repeated opcodes Fix a memory leak in the path where parsing returns early due to seeing a repeated opcode. A testcase is added which demonstrates the leak and fix with valgrind. Resolves CID 1374267. Signed-off-by: Jon Simons <jon@jonsimons.org>	2017-09-11 16:26:41 +02:00

1 2 3 4 5 ...

3581 Коммитов