1
1
Граф коммитов

4288 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
86dabfe7e4 cmake: Only check for bounded attribute on OpenBSD
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 16:42:06 +01:00
Jakub Jelen
1650d8178e config: Avoid potential file descriptor leak
Found by csbuild runner.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 13:26:09 +01:00
Jakub Jelen
6eb43fcbf3 tests: Verify the configuration reparsing with real client
This tests verifies that the only the first seen option is applied
throughout all the configuration files processed. It also verifies
that the configuration files are parsed automatically and that this
behavior can be overridden by configuration option.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
9aa47fef99 tests: Adjust test that require complete config re-parsing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
de7405f1c7 config: Preserve the seen array among invocations
This follows the OpenSSH behavior of parsing subseqent configuration
files, while applying only the first option.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
4a95a35bc6 tests: Properly set the bob's UID also in other tests than pubkey
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
f6b390084e tests: Make sure that no other configuration options will get pulled to the auth test from system
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
b7fefb0500 options: Provide a way of disabling automatic config parsing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:35 +01:00
Jakub Jelen
89a8a6fcf0 Process OpenSSH configuration files by default.
This will allow to use the same configuration in client applications
including the users aliases or system wide cryptographic configuration.

As the configuration parsing is the last thing before doing the
actual connection, it might overwrite previously set options.
If this is not intended, the client application can
ask the configuration files to be parsed before setting some other
options that should not ve overwritten. The code ensures that
the configuration is not parsed again.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:15:30 +01:00
Jakub Jelen
7e44ce1556 tests: Improve error reporting in auth test
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 10:08:20 +01:00
Jakub Jelen
5fc4d5b22a tests: Typo -- the flags should be checked according to the comment
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 10:08:20 +01:00
Jakub Jelen
5159cd96e8 knownhosts: Make sure we have both knownhosts files ready
If either one is missing at this point, fill it with default vaules in
ssh_options_apply().

Previously, when setting up only knownhosts, global_knownhosts file
was left pointing to NULL and the ssh_known_hosts_read_entries()
was trying to open NULL file which is invalid.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 10:08:20 +01:00
Jakub Jelen
35c417312c client: Reformat comment
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Jakub Jelen
e1a8b359c1 tests/pkd: Properly clean up memory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Jakub Jelen
c8519c435e session: Drop unused structure member (SSHv1)
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Jakub Jelen
d85bc347d3 misc: Properly check for errors returned from getpwuid_r()
Resolves: T118

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Jakub Jelen
9c4baa7fd5 misc: Reformat ssh_get_user_home_dir and ssh_file_readaccess_ok
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Andreas Schneider
a4342b97d6 Bump SO version to 4.7.2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-29 09:33:46 +01:00
Mike Frysinger
963c3077a4 doc: fix up various typos and trailing whitespace
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-28 12:15:02 +01:00
Andreas Schneider
a280747462 libcrypto: Fix memory leak in evp_final()
Fixes T116

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-27 22:15:56 +02:00
Meng Tan
bce8d56705 gssapi: Set correct state after sending GSSAPI_RESPONSE (select mechanism OID)
Signed-off-by: Meng Tan <mtan@wallix.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-26 07:28:20 +02:00
Sanne Raymaekers
ced05eb6db socket: Undouble socket fds
Signed-off-by: Sanne Raymaekers <sraymaek@redhat.com>
2018-10-25 18:49:29 +02:00
Meng Tan
b796924fea client: Send KEX as soon as banners are exchanged
Signed-off-by: Meng Tan <mtan@wallix.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 19:56:15 +02:00
Andreas Schneider
2af4e3970e gitlab-ci: Add static analysis with csbuild
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 14:30:38 +02:00
Andreas Schneider
cf3c2ee5b3 tests: Improve asserts in torture_pki_ecdsa
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
57eb6a400a tests: Init pubkey string with NULL in torture_keyfiles
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
8c77a49729 tests: Fix pointer arithmetic in torture_pki_*_publickey_base64
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
8c8026b892 tests: Init cipher structure in thread_crypto_aes256_cbc()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
80be1d0ee9 legacy: Fix possible null pointer dereference
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
9c3ba94960 buffer: Fix size comparison with count
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
194c34ebe3 messages: Use SSH_MESSAGE_FREE
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
00cd5b1c83 messages: Add SSH_MESSAGE_FREE
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
9fbbdcc154 messages: Rework ssh_message_queue()
Return early and make it easier to understand.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
b9ac61d5a3 messages: Use calloc in ssh_message_new()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
ca425ebe67 messages: Make ssh_message_queue() static
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
7e6b540277 exmpales: Init rc in ssh_server_fork
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
12ec1fed2f examples: Zero fds in sshnetcat
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
fb70d0fb41 pki: Add NULL check in ssh_pki_key_ecdsa_name()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
f8b70d6a73 pki_crypto: Mark iqmp as unused
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
74888a6fa4 pki: Remove superfluous statement
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
729384f346 pki: Add log message on error in ssh_pki_openssh_import()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
7e5291668c gssapi: Check return code of gss_indicate_mechs()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
bb081f6681 gssapi: Ignore return codes of gss_release_buffer()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
8a3ea3bdd5 packet: Do not segfault if we don't have packet_second_block
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
a190ff9302 packet: Add missing null pointer check in ssh_packet_socket_callback()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
2e7e0ad6c9 wrapper: Fix size type and loops in crypt_set_algorithms_server()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
39b08af2e8 wrapper: Reformat crypt_set_algorithms2()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
60a3796041 messages: Log message if callback for window change fails
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
cc4f220fd3 messages: Log message if sending reply fails
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
bc72ec5821 messages: Some cleanup for ssh_packet_service_request
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00