ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность
4 344 коммитов 3 Ветки 1 Тег 7,9 MiB
7f83a1efae
Граф коммитов

4344 Коммитов

This Branch
This Branch
Все ветки
Автор SHA1 Сообщение Дата
Chris Townsend
6c56c1e0d7 sftpserver: Support some openssh extensions 
Add support for "hardlink@openssh.com" and
"posix-rename@openssh.com" extensions.

Signed-off-by: Chris Townsend <christopher.townsend@canonical.com>
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
e4711c469f pki: Use strndup in ssh_pki_export_privkey_base64() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
8410f43d8b tests: Add a test for ssh_pki_export_privkey_base64() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
DavidWed
d0ce2d1ecd pki: Add ssh_pki_export_privkey_base64() 
Fixes T53

Signed-off-by: DavidWedderwille <davidwe@posteo.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
5a198732a5 tests: Add test for ssh_get_fingerprint_hash() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
92aa2cf496 dh: Use ssh_get_fingerprint_hash() in ssh_print_hash() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
bbed139eca dh: Add ssh_get_fingerprint_hash() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Anderson Toshiyuki Sasaki
0eab270754 dh: Removed duplicated code 
The code for calculating SHA 512 in ssh_make_sessionid() had been
duplicated; the cases were unified.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2018-09-20 15:37:23 +02:00
Anderson Toshiyuki Sasaki
71594f9d6c dh: Add diffie-hellman-group18-sha512 support 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2018-09-20 15:37:23 +02:00
Andreas Schneider
2ae2baf9ca buffer: Don't call va_end() twice 
This is handled in the cleanup.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 15:37:23 +02:00
Andreas Schneider
4c47719d98 examples: Reformat authenticaton.c 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 15:37:23 +02:00
Andreas Schneider
a30d542207 sftp: Include stdint.h 
Thanks to Apex Liu

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-19 12:25:03 +02:00
Anderson Toshiyuki Sasaki
d9d3b65df2 dh: Add diffie-hellman-group16-sha512 support 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-19 12:17:02 +02:00
Harald Sitter
97cb302c0e sftp: fix buffer_unpack argument to be char** rather than char* 
Summary:
buffer variable 's' gets unpacked as char**, the previous code was passing
a char* causing segfaults on all readlink calls inside the unpacking code

Test Plan:
- without patchy examples/samplesftp segfaults in readlink
- with patchy it doesn't

Reviewers: asn

Differential Revision: https://bugs.libssh.org/D14

Signed-off-by: Harald Sitter <sitter@kde.org>
 2018-09-19 11:18:12 +02:00
Andreas Schneider
90373d8394 buffer: Do cleanup if ssh_buffer_unpack() fails in the first loop 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-19 11:18:12 +02:00
Andreas Schneider
07f7fa7806 buffer: Fix invalid memory access in ssh_buffer_unpack() 
Found by oss-fuzz.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-19 11:18:02 +02:00
Andreas Schneider
5123f7955b tests: Add OK: and a new line to ssh_ping 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 18:46:28 +02:00
Jakub Jelen
c15ad753a7 tests: Wait for the server to start 
The previous timeout of 500 ms was not enough on slower machines or
while running the tests under valgrind. On much faster machines the
sleep() was bringing unnecessary overhead.

This method opens simple connection to the server verifying it is ready
to accept the connection from the test for 5 seconds. It the server
does not start until then, it fails the tests during initialization,
rather than leaving the cases to run against missing server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 18:07:27 +02:00
Anderson Toshiyuki Sasaki
63aa274f4b tests: Add null checks in torture_threads_pki_rsa.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
8170e30073 tests: Add null checks in torture_pki_rsa.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
77f58a225f tests: Add null checks in torture_pki_ed25519.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
48459c37f6 tests: Add null checks in torture_pki_ecdsa.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
31f24ed23e tests: Add null checks and frees in torture_pki_dsa.c 
These frees are unnecessary because the negative tests should not
allocate the keys, but the static analyser reports memory leak errors.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
82c3faa44d tests: Add return and null checks in torture_options.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
7c75e76d10 tests: Add null checks in torture_config.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
f246e31ca0 examples: Fix code style in samplesftp.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
7390db6bbb examples: Fixed possible memory leak in samplesftp.c 
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Andreas Schneider
cc83b463ce sftp: Fix a possible null pointer dereference 
CID 1395721

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 10:19:59 +02:00
Jakub Jelen
39975fdd6d tests: Verify we can read public key from OpenSSH container 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
1226de875b pki: Implement reading public key from OpenSSH private key container 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
2307be32cf Revert "pkd: Generate host keys in old format" 
This is no longer needed since libssh can read the private keys
in new OpenSSH format.

This reverts commit 100c9c98ce.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
eaaa4131de tests: Verify the keys loaded from new OpenSSH format 
This runs the same test that are ran on the legacy PEM files
also with the new OpenSSH key files.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
39102224b2 pki: Allow reading keys in new OpenSSH format 
This implements reading the OpenSSH key format accross the
cryptographic backends. Most of the code is shared and moved
to pki.c, just the building of the keys is implemented in
pki_privkey_build_*() functions.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
e365aed6d2 tests: Provide testing keys also in OpenSSH format 
This extends the torture API to provide a way to request
keys in different formats. This extends the keys with
private keys in the new OpenSSH format (default since
OpenSSH 7.8).

This also needs modifications to the ed25519 tests, which
do not support PEM format and expected the new format out of the
box.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
d23bda8181 pki: Use unpack to simplify public key reading 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Jakub Jelen
86d521cbe7 buffer: Make sure unpack of secure buffers securely cleans up 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:53:49 +02:00
Andreas Schneider
856dc698a9 libmbedcrypto: Fix creating evp hash 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-18 09:51:41 +02:00
Jakub Jelen
4d09c6dc31 buffer: Reformat ssh_buffer_get_ssh_string 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
03a66b8599 tests: Use stdbool for with_passphrase argument 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
c04eac40f3 pki_crypto: Clarify that memory passed with set0 is managed by openssl objects 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
8cc0672c0c pki_mbedcrypto: pki_pubkey_build_rsa: properly clean up on error 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
8f7214a584 pki: Initialize pointers to NULL 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
9d2de880ec tests: Drop duplicate ed25519 key creation 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
039c066da5 buffer: Fix typo 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 16:39:38 +02:00
Jakub Jelen
6efbf7a30e tests: Verify the pubkey authentication works with ECDSA keys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2018-09-17 16:39:38 +02:00
Andreas Schneider
e5170107c9 auth: Fix ecdsa pubkey auth 
Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2018-09-17 16:39:12 +02:00
Andreas Schneider
30df04a8a5 tests: Do not call sftp_canonicalize_path() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 14:35:39 +02:00
Andreas Schneider
aaca395bd3 tests: Add a sftp benchmark test for write/read 
The tests writes and reads a file of 128M.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 10:48:49 +02:00
Andreas Schneider
0762057eb9 sftp: Move the packet payload to the message 
This reduces memory allocations and copying.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 10:48:49 +02:00
Andreas Schneider
57153f6481 sftp: Use SSH_BUFFER_FREE in sftp_message_free() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-17 10:48:49 +02:00