libssh

Автор	SHA1	Сообщение	Дата
Andreas Schneider	90373d8394	buffer: Do cleanup if ssh_buffer_unpack() fails in the first loop Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-19 11:18:12 +02:00
Andreas Schneider	07f7fa7806	buffer: Fix invalid memory access in ssh_buffer_unpack() Found by oss-fuzz. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-19 11:18:02 +02:00
Andreas Schneider	cc83b463ce	sftp: Fix a possible null pointer dereference CID 1395721 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 10:19:59 +02:00
Jakub Jelen	1226de875b	pki: Implement reading public key from OpenSSH private key container Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 09:53:49 +02:00
Jakub Jelen	39102224b2	pki: Allow reading keys in new OpenSSH format This implements reading the OpenSSH key format accross the cryptographic backends. Most of the code is shared and moved to pki.c, just the building of the keys is implemented in pki_privkey_build_*() functions. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 09:53:49 +02:00
Jakub Jelen	d23bda8181	pki: Use unpack to simplify public key reading Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 09:53:49 +02:00
Jakub Jelen	86d521cbe7	buffer: Make sure unpack of secure buffers securely cleans up Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 09:53:49 +02:00
Andreas Schneider	856dc698a9	libmbedcrypto: Fix creating evp hash Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-18 09:51:41 +02:00
Jakub Jelen	4d09c6dc31	buffer: Reformat ssh_buffer_get_ssh_string Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 16:39:38 +02:00
Jakub Jelen	c04eac40f3	pki_crypto: Clarify that memory passed with set0 is managed by openssl objects Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 16:39:38 +02:00
Jakub Jelen	8cc0672c0c	pki_mbedcrypto: pki_pubkey_build_rsa: properly clean up on error Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 16:39:38 +02:00
Jakub Jelen	8f7214a584	pki: Initialize pointers to NULL Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 16:39:38 +02:00
Jakub Jelen	039c066da5	buffer: Fix typo Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 16:39:38 +02:00
Andreas Schneider	e5170107c9	auth: Fix ecdsa pubkey auth Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Signed-off-by: Jakub Jelen <jjelen@redhat.com>	2018-09-17 16:39:12 +02:00
Andreas Schneider	0762057eb9	sftp: Move the packet payload to the message This reduces memory allocations and copying. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	57153f6481	sftp: Use SSH_BUFFER_FREE in sftp_message_free() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	4c32befd93	sftp: Reformat sftp_message_free() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	be8302e2f3	sftp: Allocate a new buffer in sftp_packet_read() if needed We will move the buffer to the message instead of duplicating the memory. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	97d2e1f4cb	sftp: Reformat sftp_read_and_dispatch() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	12fc0ea1bf	sftp: Validate the packet handle before we allocate memory Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	573eab0d51	sftp: Reformat sftp_get_message() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	0e317e612f	sftp: Use bool for is_eof in sftp_packet_read() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	01135703a3	sftp: Use 's' only in the scope it is needed This revaled a bug when reading the packet type. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	c070414309	sftp: Use 16K for the transfer buffer size Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	d2cc4eccc7	sftp: Get the packet type directly from the buffer Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	38781f69b0	sftp: Limit packet size to 256 MB Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	dc4faf9952	sftp: Directly read and validate the packet size from the bufffer Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	cbbc6ddcb6	sftp: Use read_packet from sftp handle Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	a7456bf4d5	sftp: Simplify the code for reading data Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	afc14fe003	sftp: Reformat sftp_packet_read() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	79a3fcac72	sftp: Keep a ssh_packet for reading in the sftp handle Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	945afaa6b4	sftp: Remove ZERO_STRUCTP from sftp_free() The structure doesn't hold any sensitive data and this would be optimized away anyway. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	d840a05be3	sftp: Reformat sftp_free() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	662c30eb72	sftp: Reformat sftp_new() Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	2e8f2f03e7	cmake: Correctly detect if glob has gl_flags member Thanks to Baruch Siach. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-17 10:48:49 +02:00
Andreas Schneider	ceecd3fd6f	config: Fix size type src/config.c:562:12: error: assuming signed overflow does not occur when simplifying conditional to constant [-Werror=strict-overflow] if (args < 1) { ^ Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-06 08:28:24 +02:00
Jakub Jelen	e9b44d26b1	config: Parse Match keyword Amends f818e63f8, which introduced the constants and matching of this configuration option, but did not implement the handling of the values which was causing the configuration parser failing for certain configurations. This commit exposes match_pattern_list() from match.c Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1624425 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-05 11:43:05 +02:00
Jakub Jelen	9f5f10552b	config: Do not overwrite previously matched result in Host blocks The match_hostname() expects comma separated list, while the Host config keyword in openssh uses spaces separated list by default. Therefore any subseqent match or negated match in space separated list will overwrite the previous matches. This also adjusts the tests to make sure both of the versions work. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-05 11:43:05 +02:00
Andreas Schneider	ef06ef2c1b	channels: Allow infinite timeout for ssh_channel_read_timout() This is also documented. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-05 11:43:05 +02:00
Andreas Schneider	e558827c4e	channels: Don't read from a closed channel Fixes T76 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2018-09-04 20:34:52 +02:00
Andreas Schneider	1e195a232a	auth: Use calloc to allocate memory Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:59:07 +02:00
Andreas Schneider	d1cd914012	misc: Use C99 initializer to initialize string Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:59:01 +02:00
Andreas Schneider	c3980d433a	pki_container: Use string functions for cleanup Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:47 +02:00
Andreas Schneider	78498ee289	packet: Use C99 initializer to reset session->in_packet Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:38 +02:00
Andreas Schneider	76f5a60a82	packet: Reformat ssh_packet_parse_type() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:30 +02:00
Andreas Schneider	07986731c6	gzip: Use calloc in initcompress() and initdecompress() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:23 +02:00
Andreas Schneider	f1608778be	kex: Use C99 initializer instead of memset Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:17 +02:00
Andreas Schneider	72e91d5131	channels: Remove memset in ssh_channel_do_free() We have nice tools to detect that in the meantime. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:11 +02:00
Andreas Schneider	4af4b59e21	channels: Reformat ssh_channel_free() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:58:03 +02:00
Andreas Schneider	ca464ca2ba	channels: Use calloc() in ssh_channel_new() Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2018-09-04 19:57:58 +02:00

1 2 3 4 5 ...

1597 Коммитов