Aris Adamantiadis
63c3f0e736
Implement key re-exchange
2012-12-23 23:09:50 +01:00
Andreas Schneider
e934ab0816
BUG 82: Fix function names of ssh_forward_*.
2012-12-19 18:15:54 +01:00
Andreas Schneider
9fa53cd932
doc: Fix forward function names.
2012-12-19 18:10:16 +01:00
Andrew Collins
5cd7942801
Fix an invalid strlen comparison in ssh_message_auth_reply_default
...
During the transition to strncat in ssh_message_auth_reply_default,
an invalid strlen comparison was added which causes the function
to fail whenever it's called.
Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-12-19 16:03:49 +01:00
Andreas Schneider
de9bc1fa41
string: Fix memory leak in ssh_string_to_char().
...
This was probably a mistake by me fixing up a patch after merging.
2012-12-13 19:29:46 +01:00
Andreas Schneider
b14df297fa
BUG 97: Fix strtoull() detection on serveral platforms.
2012-12-03 14:00:06 +01:00
Andreas Schneider
3896aa43ff
BUG 96: Guard ntohll() and htonll prototypes correctly.
2012-12-03 13:44:02 +01:00
Andreas Schneider
da8d44ccba
BUG 98: Use __attribute__ ((packed)) only with GCC.
2012-12-03 13:19:29 +01:00
Andreas Schneider
c6fc69fbdd
BUG 97: Remove obsolete hsterror().
...
This function is pretty much obsolete on most platforms. The standard
errno should be used. If it is not enough on Windows we should use
WSAGetLastError() in future.
2012-12-03 13:08:17 +01:00
Andreas Schneider
ab8c7de6f8
BUG 94: Fix big endian issue.
2012-12-03 12:35:36 +01:00
Aris Adamantiadis
cd4e28e7c8
test: Try to fetch wrong values in buffer.
...
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-11-27 19:10:41 +01:00
Andreas Schneider
ea0e858de0
priv: Add BURN_BUFFER macro and make sure it isn't optimzed out.
2012-11-23 11:56:21 +01:00
Andreas Schneider
e403596d98
pki: Add a size limit for pubkey files.
2012-11-21 12:44:00 +01:00
Andreas Schneider
571dc42335
CVE-2012-4559: Make sure we don't free name and longname twice on error.
2012-11-14 17:36:24 +01:00
Andreas Schneider
68d04c8e47
CVE-2012-4559: Ensure that we don't free req twice.
2012-11-14 17:36:24 +01:00
Andreas Schneider
bd3acae4f3
CVE-2012-4560: Fix a write one past the end of 'buf'.
2012-11-14 17:36:24 +01:00
Andreas Schneider
894bbf3137
CVE-2012-4560: Fix a write one past the end of the 'u' buffer.
2012-11-14 17:36:24 +01:00
Andreas Schneider
f61813eaea
CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().
...
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
2012-11-14 17:36:22 +01:00
Xi Wang
ad5f306884
CVE-2012-4562: Fix multiple integer overflows in buffer-related functions.
2012-11-14 17:36:19 +01:00
Xi Wang
5ffb8c7cde
CVE-2012-4562: Fix possible integer overflows.
2012-11-14 17:36:16 +01:00
Xi Wang
efaebad323
CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().
...
No exploit known, but it is better to check the string length.
2012-11-14 17:36:11 +01:00
Xi Wang
cab00c3bfc
pki: Fix integer overflow in ssh_pki_import_privkey_file().
...
If the file size is ULONG_MAX, the call to malloc() may allocate a
small buffer, leading to a memory corruption.
2012-10-22 21:00:08 +02:00
Xi Wang
d404ad7152
channels: Fix integer overflow in generate_cookie().
...
Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is
considered as arithmetic shift by gcc, could be negative, leading
to out-of-bounds read.
2012-10-22 21:00:08 +02:00
Andreas Schneider
a4ffaff550
channels1: Add missing request_state and set it to accepted.
...
This fixes bug #88 .
2012-10-22 18:05:06 +02:00
Andreas Schneider
e164b236c6
auth1: Reset error state to no error.
...
This fixes bug #89 .
2012-10-22 18:01:39 +02:00
Andreas Schneider
166ccef8dc
session: Fix a possible use after free in ssh_free().
...
We need to cleanup the channels first cause we call ssh_channel_close()
on the channels which still require a working socket and poll context.
Thanks to sh4rm4!
2012-10-22 17:37:32 +02:00
Andreas Schneider
f2e498c7db
cmake: Set GNU compiler flags also for clang.
2012-10-22 16:05:39 +02:00
Andreas Schneider
dde0404dfb
cmake: Add message if we build with static library.
2012-10-15 11:55:42 +02:00
Andreas Schneider
f86b2bf743
doc: Update copyright policy.
2012-10-14 19:58:07 +02:00
Andreas Schneider
13c26f0733
options: Fix documentation of ssh_options_get_port().
2012-10-14 19:53:51 +02:00
Andreas Schneider
f5d8bdf946
doc: Update doxygen config.
2012-10-14 19:52:28 +02:00
Andreas Schneider
f4f2237263
doc: Use the correct channel functions.
2012-10-14 19:44:02 +02:00
Andreas Schneider
7e93edc722
cmake: Add better check to detect -fvisibility=hidden.
2012-10-14 18:40:05 +02:00
Andreas Schneider
95ab34696b
kex: Use getter functions to access kex arrays.
...
This should fix the build on OpenIndiana.
2012-10-12 17:46:37 +02:00
Andreas Schneider
82711acd39
cmake: Fix building with gcrypt support.
2012-10-12 17:07:20 +02:00
Andreas Schneider
e8118c5be4
tests: Add a valgrind suppression for getaddrino leak.
...
https://bugzilla.redhat.com/show_bug.cgi?id=859717
2012-10-12 14:45:54 +02:00
Andreas Schneider
a59a379ce4
tests: Add a valgrind suppression for OPENSSL_cleanse().
2012-10-12 14:45:54 +02:00
Andreas Schneider
0bd2bbefa7
scp: Make sure buffer is initialzed.
...
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
3d390cf6ff
pki: Make sure the key_buf is null terminated.
...
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
e04dc45f20
misc: Use a fixed buffer for getenv().
2012-10-12 14:45:54 +02:00
Andreas Schneider
de34a64895
poll: Fix sizeof in ssh_poll_ctx_resize().
...
sizeof(ssh_poll_handle *) is to be equal to sizeof(ssh_poll_handle), but
this is not a portable assumption.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
46f22576b0
legacy: Use snprintf instead of sprintf.
...
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
2f8ddc6e65
dh: Don't use strcat for ssh_get_hexa().
...
This is just hardening the code.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
b1287cd946
server: Use strncat instead of strcat.
...
This is just hardening the code.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
a660177a6e
misc: Use strncpy instead of strcat.
...
This is just hardening the code.
Found by Coverity.
2012-10-12 14:45:36 +02:00
Andreas Schneider
0a4ea19982
pki: Fix a possible null pointer dereference.
...
Found by Coverity.
2012-10-12 08:07:02 +02:00
Andreas Schneider
0bf2dd81e6
messages: Fix memory leaks in user request callback.
2012-10-12 08:07:02 +02:00
Andreas Schneider
ecb6cfd053
connect: Don't leak the addressinfo on error.
2012-10-12 08:07:02 +02:00
Andreas Schneider
ba220adb84
connect: Don't leak the file descriptor on error.
...
Found by Coverity.
2012-10-12 08:07:02 +02:00
Andreas Schneider
802e4133cb
session: Don't leak memory in ssh_send_debug().
...
Found by Coverity.
2012-10-12 08:07:02 +02:00