1
1
Граф коммитов

3975 Коммитов

Автор SHA1 Сообщение Дата
Anderson Toshiyuki Sasaki
9305762fcd Remove internal calls to ssh_init
Since the call is made automatically when the library is loaded, these
calls are no longer required (if the library is not linked statically).

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
e0e0d62a71 tests: Run thread tests on Windows
When pthreads is available, run the threads tests on Windows

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
708f127788 tests: Add test for RSA PKI running on threads
Run the tests from torture_pki_rsa.c on threads.  Tests requiring files
to be removed are not tested, since they would require the access to
the files to be synchronized.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
dd3d867452 tests: Add test for crypto running on threads
The test run crypto test on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
5443863723 tests: Add test for buffer running on threads
The test run buffer tests on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
edcdef94ee tests: Add test for init running on threads
The test runs ssh_init()/ssh_finalize() on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
04cc7b769a threads: Add Windows threads implementation
Added Windows threads implementation based on CriticalSection.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
83b43443e5 threads: Automatically call ssh_init on load
This makes unnecessary to call ssh_init() when the library is
dynamically loaded.  Also removes the threads shared library.  The used
threads implementation is chosen in configuration time, changing the
ssh_threads_get_default() depending on the available threads library.

Internally, it is expected a threads implementation providing:

- void ssh_mutex_lock(void **mutex);
- void ssh_mutex_unlock(void **mutex);
- struct ssh_threads_callbacks_struct *ssh_threads_get_default(void);

and a crypto implementation providing:

- int crypto_thread_init(struct ssh_threads_callbacks_struct *user_callbacks);
- void crypto_thread_finalize(void);

This adds internal threads implementation for pthreads and noop.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Andreas Schneider
6a077fe750 gitlab-ci: Build with cmake3 on CentOS7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Andreas Schneider
b2a681bd29 cmake: Require at least cmake 3.1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Jakub Jelen
18077673ac pki: Log really the signature algorithm type
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:05:37 +02:00
Jakub Jelen
25407209b0 pkd: Add missing ECDH mechanisms + whitespace cleanup
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:05:12 +02:00
Jakub Jelen
0e886ba803 pkd: Support ed25519 host keys in server
This adds support for the ed25519 keys in the pkd framework and adds
openssh-only tests utilizing these host keys (dropbear does not support
them yet).

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:04:40 +02:00
Jakub Jelen
c8429113fa bind: Complete loading ed25519 in server
Previously, the support was only partial and if the ed25519 key was
the only one, the internal checks were failing the tests.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:48 +02:00
Jakub Jelen
e1d2454dd7 session: Do not search for RSA1 keys in ~/.ssh/identity
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:41 +02:00
Jakub Jelen
ed738bee34 test: Fix text labels (copy & paste error)
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:17 +02:00
Pino Toscano
12284b75fa buffer: Add and use ssh_buffer_allocate_size()
Add a small helper for ssh_buffer to ensure that the buffer has a
certain amount of space already preallocated. This can be useful in case
it is known how much data is going to be added to a buffer, to avoid
multiple reallocations.

Make use of it in few places in the library.

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 11:04:33 +02:00
Andreas Schneider
afa4021ded tests: Add umask() around mkstemp()
CID 1391450

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-07 11:38:59 +02:00
Andreas Schneider
c425082394 tests: Fix errno check in pkd
CID 1393877

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-07 11:35:00 +02:00
Aris Adamantiadis
db9da99a36 bignum: Make bignum_free safer
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 14:35:13 +02:00
Andreas Schneider
c3dac948c9 pki: Improve pubkey buffer handling form file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 13:21:23 +02:00
Andreas Schneider
c866768da4 torture_pki_dsa: Improve torture_pki_dsa_publickey_base64
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 13:15:14 +02:00
Aris Adamantiadis
2b40ad29c0 crypto: Split init and finalize functions
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:55:23 +02:00
Andreas Schneider
38c53db953 libcrypto: Use new RAND_priv_bytes() for strong randomness
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:12:17 +02:00
Andreas Schneider
c503bb572e crytpo: Make sure we check return of ssh_get_random() correctly
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:12:14 +02:00
Aris Adamantiadis
36a727e656 bignum: Harmonize ssh_get_random()
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:09:52 +02:00
Andreas Schneider
7b9a07c363 cmake: Print if server testing is enabled
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 20:33:31 +02:00
Jakub Jelen
4b298ca770 kex: Check allocation result
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 08:24:54 +02:00
Jakub Jelen
8e211c0689 tests: Verify various host keys can be successfully negotiated and verified
This verifies that all the supported host keys can be used and
verified by the client, including the SHA2 extension in RFC 8332.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:52:50 +02:00
Jakub Jelen
d25b8fb550 packet: Avoid warnings by using correct template
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:48:32 +02:00
Jakub Jelen
f1b36c18f6 client: Properly reset session structures on disconnect
torture_connect_double  test case used to test the connect only up
to key exchange phase, but not after the new keys are stated to be
used for communication. The keys from previous connectoin were not
cleaned up from the previous invocation as well as the seqence
number was not reset and therefore any further packet was failing
with length-check errors or MAC errors.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:47:54 +02:00
Andreas Schneider
b3a7e86a4a knownhosts: Fix memory leak
CID 1393774

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:09:24 +02:00
Andreas Schneider
d316390825 gitlab-ci: Only enable freebsd runner where it is enabled
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
3141dec632 known_hosts: Remove deprecated ssh_knownhosts_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
539d7ba249 kex: Use ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
83a46c7756 tests: Add knownhosts test for detecting conflics
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
2d90bc9d6b knownhosts: Fix checking if server is known
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
de44fdfd35 tests: Add knownhosts test for SSH_KNOWN_HOSTS_UNKNOWN
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
65a5154eff tests: Add knownhosts test for SSH_KNOWN_HOSTS_OTHER
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
613dcc95e6 knownhosts: Fix return codes
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
77e1761734 tests: Add client test for ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
e49e4e13f3 knownhosts: Implement ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:38 +02:00
Andreas Schneider
e73ae60e1a tests: Use assert_ssh_return_code() in client tests
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 07:45:51 +02:00
Andreas Schneider
584c345451 gitlab-ci: Fix mips compilation on debian
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-02 09:53:02 +02:00
Andreas Schneider
bfbd574098 gitlab-ci: Add missing debian variable
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-02 09:06:42 +02:00
Andreas Schneider
b4462bdea0 tests: Use assert_ssh_return_code() in torture_algorithms
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-02 08:03:20 +02:00
Andreas Schneider
6b8d1aa836 gitlab-ci: Fix path to toolchain file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 15:41:50 +02:00
Andreas Schneider
d90b88588f gitlab-ci: Add 32bit build on openSUSE
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 15:39:27 +02:00
Andreas Schneider
6a715b80d6 cmake: Unset CMAKE_REQUIRED_* variables
This should fix the 'gcc -m32' build!

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 15:27:09 +02:00
Andreas Schneider
084769b88c libcrypto: Fix size printing
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 15:27:09 +02:00