libssh

Автор	SHA1	Сообщение	Дата
Hani Benhabiles	03095f1516	Set the correct error in ssh_options_set(). Signed-off-by: Hani Benhabiles <hani@linux.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-12-05 11:03:55 +01:00
Jon Simons	6895d0b727	session: add getter for kexalgo Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-12-05 10:48:07 +01:00
Jon Simons	4745d652b5	pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaks Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields. Fix a bug where the initial 'r' and 's' bignums were being overwritten with newly-allocated bignums, resulting in a memory leak. BUG: https://red.libssh.org/issues/175 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-12-05 10:42:32 +01:00
Andreas Schneider	a48711ae7e	connect: Do not fail if the connect is in progress. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-15 10:27:55 +02:00
Stef Walter	cd2dc3770a	gssapi: ssh_gssapi_set_creds() is a client side function It should not be guarded by the WITH_SERVER #ifdef Signed-off-by: Stef Walter <stefw@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-12 15:41:15 +02:00
William Orr	250f506487	Check return code of connect(2). Signed-off-by: William Orr <will@worrbase.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-12 15:39:58 +02:00
Artyom V. Poptsov	aaae6cd97d	pki_gcrypt: Initialize 'type_c' in 'pki_do_sign_sessionid' Add missing initialization of 'type_c' field of a SSH signature in 'pki_do_sign_sessionid' procedure. If libssh is compiled with GCrypt, 'dh_handshake_server' fails with "Could not sign the session id" error. The change fixes that. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:30:17 +02:00
Jon Simons	509676e3a4	server: fix auth_interactive_request reply Fix a missing 'buffer_pack' formatter in 'ssh_message_auth_interactive_request'. With this fix the 'examples/samplesshd-kbdint' program is working again for me. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:29:22 +02:00
Jon Simons	a6d412f0d7	ed25519: fix leak in pki_ed25519_sign Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:28:51 +02:00
Jon Simons	59da8dab50	pki: check ssh_buffer_pack return in ssh_pki_do_sign Check the 'ssh_buffer_pack' return in ssh_pki_do_sign for the ED25519 case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:28:05 +02:00
Jon Simons	7edbedf0dd	pki: fail when pubkey buffer length is not ED25519_PK_LEN Fail fast in 'pki_import_pubkey_buffer' for the ED25519 case if a buffer sized ED25519_PK_LEN can not be retrieved. Before, the 'memcpy' could have read beyond the bounds of 'ssh_string_data(pubkey)'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:27:05 +02:00
Jon Simons	af25c5e668	crypto: check malloc return in ssh_mac_ctx_init Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:25:53 +02:00
Jon Simons	092fe0b727	wrapper: fix z_stream leak Ensure to free the z_stream structures as allocated from the gzip.c initcompress, initdecompress functions. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-10-02 08:25:10 +02:00
Andreas Schneider	1ddb99c46f	string: Correctly burn the string buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-09-15 20:45:47 +02:00
Aris	93c7b81b4e	ed25519: Generate, sign and verify keys. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 22:07:34 +02:00
Aris Adamantiadis	93e82fa0c0	crypto: Add ed25519 implementation from OpenSSH. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 21:35:20 +02:00
Aris Adamantiadis	e9b2d164e0	base64: Use a secure buffer. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 10:38:23 +02:00
Aris Adamantiadis	86ae6b2251	buffer: Add a secure buffer mechanism to avoid memory spills Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 10:36:32 +02:00
Aris Adamantiadis	2cb2587b55	buffer: Implement "t" for text in ssh_buffer_pack(). Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 10:27:35 +02:00
Andreas Schneider	86294ad3ea	dh: Fix packing a pointer into the buffer. Thanks to Giovanni Panozzo <giovanni@panozzo.it>. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2014-08-25 12:23:17 +02:00
Andreas Schneider	81123d6a91	ec: Fix build on CentOS. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2014-08-18 10:08:00 +02:00
Andreas Schneider	5fa4721c6e	auth: Fix a memory leak in agent publickey auth. CID: 1230358 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:26 +02:00
Andreas Schneider	662217f409	packet: Check return value of ssh_buffer_unpack(). CID: 1230357 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:20 +02:00
Andreas Schneider	19433dca00	messages: Check return value of ssh_buffer_unpack(). CID: 1230356 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:16 +02:00
Andreas Schneider	1b6375ce89	buffer: Make sure rc is initialized. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:11 +02:00
Andreas Schneider	64f6abead7	libgcrypt: Fix initializer name. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:07 +02:00
Andreas Schneider	f20a6d0a82	bignum: Add missing include. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-15 12:29:00 +02:00
Andreas Schneider	97c6b76863	messages: Fix two ssh_buffer_unpack(). Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>	2014-08-07 17:28:42 +02:00
Aris Adamantiadis	6019cf1bed	Fix sftp endianess bugs Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 10:08:25 +02:00
Aris Adamantiadis	228dc08038	bignums: detach bignum-related functions from dh.c. Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 10:07:36 +02:00
Aris Adamantiadis	33cd594f1f	crypto: fix secure burning, structure members naming Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 10:05:19 +02:00
Aris Adamantiadis	3b4b0f01ec	buffer: add a hidden canary to detect format errors Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:58:52 +02:00
Aris Adamantiadis	7bd62dd652	buffers: adapt sftpserver.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:52:29 +02:00
Aris Adamantiadis	c341da03d3	buffers: adapt sftp.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:51:00 +02:00
Aris Adamantiadis	c238136010	buffers: adapt session.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:47:35 +02:00
Aris Adamantiadis	5a08ddcff2	buffers: adapt server.c to ssh_buffer_(un)pack() Signed-off-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	a182926024	buffers: adapt pcap.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	9457685320	buffers: adapt ecdh.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	e9fd14c7f0	buffers: adapt packet.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	cfd2e4894e	buffers: adapt messages.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	3703389feb	buffers: adapt gssapi.c to ssh_buffer_(un)pack()	2014-08-06 09:46:14 +02:00
Aris Adamantiadis	673990f568	buffers: adapt curve25519.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:33:32 +02:00
Aris Adamantiadis	97638a1465	buffers: adapt client.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:33:07 +02:00
Aris Adamantiadis	506e11fa8b	buffers: adapt channels.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:33:03 +02:00
Aris Adamantiadis	1dd95675df	buffer: adapt dh.c to new ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:20:49 +02:00
Aris Adamantiadis	cb10ad0c84	buffer: adapt kex.c to new ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@samba.org>	2014-08-06 09:20:49 +02:00
Aris Adamantiadis	1f2c61d6ad	buffer: adapt auth.c to ssh_buffer_(un)pack() Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-08-06 09:20:49 +02:00
Aris Adamantiadis	835e34d1eb	Buffer: add ssh_buffer_(un)pack() That function permits chaining of buffer values to minimize buffer handling in packet sending code. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-08-06 09:04:34 +02:00
Andreas Schneider	59a1799501	log: Add check for return value. For some reason I got a segfault in gdb here. Make sure it works correctly.	2014-06-10 13:52:38 +02:00
Jon Simons	987991a3f2	session: fix ssh_session->srv.ecdsa_key leak Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-05-28 10:23:46 +02:00

... 3 4 5 6 7 ...

1235 Коммитов