1
1
Граф коммитов

3005 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
b5efbe75cd session: Fix a memory leak with custom banner.
BUG: https://red.libssh.org/issues/152
2014-04-10 08:54:10 +02:00
Andreas Schneider
01311dd419 cmake: Fix doxygen. 2014-04-10 08:54:10 +02:00
Jon Simons
5865b9436f kex: server fix for first_kex_packet_follows
Ensure to honor the 'first_kex_packet_follow' field when processing
KEXINIT messages in the 'ssh_packet_kexinit' callback.  Until now
libssh would assume that this field is always unset (zero).  But
some clients may set this (dropbear at or beyond version 2013.57),
and it needs to be included when computing the session ID.

Also include logic for handling wrongly-guessed key exchange algorithms.
Save whether a client's guess is wrong in a new field in the session
struct: when set, the next KEX_DHINIT message to be processed will be
ignored per RFC 4253, 7.1.

While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to
use softabs with a 4 space indent level throughout, and also convert
various error-checking to store intermediate values into an explicit
'rc'.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-10 08:54:10 +02:00
Andreas Schneider
ad1313c2e5 Revert "direct-tcpip and forwarded-tcpip callbacks"
This reverts commit efe785e711.

We need a Signed-off version. I didn't have the Certificate of Origin
yet.
2014-04-09 12:49:06 +02:00
Andreas Schneider
0cb9f792b8 cmake: Update doxygen module. 2014-04-09 11:21:29 +02:00
Loïc Michaux
efe785e711 direct-tcpip and forwarded-tcpip callbacks 2014-04-09 11:13:57 +02:00
Jon Simons
48aca98cd5 pki crypto: expose new ssh_pki_key_ecdsa_name API
Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a
new 'ssh_pki_key_ecdsa_name' API.  This gives more information than the
'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys.
The motivation is that this info is useful to have in a server context.

The torture_pki unit test is updated to include the new API, and a few
more passes are added to additionally test 384 and 521-bit keys.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-09 11:01:11 +02:00
Petar Koretic
89e154f78c libsshpp: include required <string> header for std::string
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-09 10:59:59 +02:00
Alan Dunn
491b407d17 examples: Update ssh_server_fork for new SSH_BIND_OPTIONS_HOSTKEY
Tested by

ssh_server_fork -k <an ecdsa key> -k <an rsa key> ...

and connection succeeded with OpenSSH clients both for ECDSA and RSA
(the latter forced via -o HostKeyAlgorithms=ssh-rsa and some known
hosts clearing was necessary).  Also

ssh_server_fork -k <an ecdsa key> -k <another ecdsa key> ...

caused the second key to be used, as expected.

Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-09 10:59:21 +02:00
Alan Dunn
2f4589b765 doc: Document new meaning of SSH_BIND_OPTIONS_HOSTKEY
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-09 10:59:10 +02:00
Alan Dunn
acb7161c81 options: Repurpose SSH_BIND_OPTIONS_HOSTKEY to load host keys
SSH_BIND_OPTIONS_HOSTKEY will now load host keys of any supported type
rather than set the algorithms that the server permits (which seems
like an unhelpful option anyway; it seems you can always control this
by just loading the right keys).

This option has slightly different semantics than the
SSH_BIND_OPTIONS_<x>KEY options because it requires the key file to
exist immediately rather than on ssh_bind_listen or
ssh_bind_accept_fd.  The semantics of this option makes more sense to
me.

We also eliminate ssh_bind_options_set_algo, since it is no longer
used.

Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-09 10:57:16 +02:00
Andreas Schneider
437a39c798 cmake: Enable creation of the compile command database by default. 2014-04-04 10:03:43 +02:00
Andreas Schneider
b3e6d5df53 packet: Fix function name. 2014-03-27 11:26:27 +01:00
Luka Perkov
53644a14ac style: be consistent when iterating over wanted_methods
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 11:23:34 +01:00
Jon Simons
aa05248ca8 packet: elide two buffer_prepend calls into one
In packet_send2, rather than issue two separate buffer_prepend_data calls
(each of which may entail realloc + memmove + memcpy), elide the prepend
work into a single buffer_prepend_data: the header information is computed
locally, and a single 5 byte prepend operation is now done instead of
prepending 1, then 4 bytes.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 11:19:50 +01:00
Andreas Schneider
04543c9dbc doc: Fix ssh_userauth_none() function signature.
Thanks to David Tibbe!

BUG: https://red.libssh.org/issues/151
2014-03-27 11:06:01 +01:00
Alan Dunn
d5aeebe323 socket: Fix style of ssh_socket_pollcallback
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:54:55 +01:00
Alan Dunn
47bd0b6d1f doc: Improve and consolidate ssh_bind_options_set docs
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:49:08 +01:00
Petar Koretic
8e2590b535 libssh: libhpp: overload read function to support timeout parameter
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:48:13 +01:00
Petar Koretic
c51f42a566 libssh: libhpp: avoid unnecessary call to ssh_channel_read
ssh_channel_read is a wrapper for ssh_channel_read_timeout with timeout
-1 (infinite) so we call that directly.

Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:46:21 +01:00
Petar Koretic
00d4fbe753 libssh: libhpp: fix multiple definitions for acceptForward function
Defining a non inlined class function in a header will cause multiple
definitions when header is included in more that one file since for each
file function will get defined.

Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:45:54 +01:00
Jon Simons
dee8e5688b channel: check for closed state in waitwindow loops
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:34:22 +01:00
Jon Simons
40d81bb7ca kex: enable more ECDSA hostkey algos
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:28:06 +01:00
Jon Simons
10bc5ac203 pki_crypto: guard against NULL pubkey->rsa in signature extraction
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:27:23 +01:00
Luka Perkov
8ba9402282 session: fix comment typo
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:16:24 +01:00
Luka Perkov
a2fe341da5 messages: use predefined macro for clearing sensitive data
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:16:14 +01:00
Luka Perkov
dbb2de272b client: fix corner case when sockets are manually created
If the sockets are created manually and passed to libssh the internal session
state is set to SSH_SESSION_STATE_SOCKET_CONNECTED. Result of this fix can be
verified by running torture_connect test (torture_connect_socket) with -vvvv
flags.

Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:15:54 +01:00
Luka Perkov
9423a3a065 tests: torture_connect: add test for user provided socket
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:14:35 +01:00
Luka Perkov
0c5d4954a7 tests: torture_connect: fix coding style
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:13:57 +01:00
Petar Koretic
0b8d24f800 pki_crypto: Replace deprecated RSA_generate_key() with RSA_generate_key_ex()
On Mar 16, 09:41, Aris Adamantiadis wrote:
> Hi Petar,
> I agree with the principle, but I don't think this code can work...
> RSA_generate_key takes an RSA* as parameter and in our code we probably
> have key->rsa==NULL. (if we don't then the old code had a memory leak).
>
> Does the test case work ?
>
> Aris
>

Yes, you are right. This works, tested with tests/unittests/torture_pki

Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
2014-03-27 10:11:24 +01:00
Luka Perkov
48354f56ec update gitignore file
The libssh library by default does not allow in-source build (with cmake
MacroEnsureOutOfSourceBuild macro). The INSTALL file (implicitly) suggests
creating a build directory. So lets add build to list of git ignore files to
avoid complaints from git.

Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:10:48 +01:00
Alan Dunn
5c0c95bd34 examples: Add ECDSA key option to ssh_server_fork
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:06:36 +01:00
Alan Dunn
c82dd2eb81 examples: Add no default keys options to ssh_server_fork
It seems useful to be able to run ssh_server_fork without being
required to load some key of RSA and DSA keytypes.  However, with the
current ssh_server_fork, you need to have some keys as some default
value is set by default and you can't unset the value for a keytype
(e.g. by using NULL as an argument).  So the "no default keys"
argument turns off the default key assignments.

Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:06:11 +01:00
Alan Dunn
f6276fe739 doc: Add ECDSA keys to docs, make key docs consistent
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:05:58 +01:00
Alan Dunn
2a1089d607 options: Allow use of host ECDSA key
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:05:23 +01:00
Andreas Schneider
fbf73ede1e tests: Check the the ecdsa_nid is the same. 2014-03-27 10:01:12 +01:00
Alan Dunn
577840d7f7 tests: Add test case for bug #147
Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-27 10:01:01 +01:00
Alan Dunn
3d9b1693eb pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keys
BUG: https://red.libssh.org/issues/147

Signed-off-by: Alan Dunn <amdunn@gmail.com>
2014-03-12 14:14:03 +01:00
Alan Dunn
15f3988bc8 pki: Use SHA-2 for session ID signing with ECDSA keys
Previously, SHA-1 was used always.

BUG: https://red.libssh.org/issues/148

Signed-off-by: Alan Dunn <amdunn@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-12 14:13:29 +01:00
Luka Perkov
9c2127b798 server: silence build warning
The commit fixes this build warning:

====
src/server.c:223:8: warning: ‘privkey’ may be used uninitialized in this function [-Wmaybe-uninitialized]
     rc = ssh_pki_export_privkey_to_pubkey(*privkey, &pubkey);
        ^
src/server.c:243:11: note: ‘privkey’ was declared here
   ssh_key privkey;
====

Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-12 14:12:18 +01:00
Jon Simons
0bb779904d packet: log disconnect code in host byte order
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-12 14:11:09 +01:00
Jon Simons
5eeac3566e bind: only set bindfd after successful listen
In 'ssh_bind_listen', move setting of 'sshbind->bindfd' to only happen after
the listen call: otherwise 'bindfd' can be set to a bogus descriptor for the
case that listen fails.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-12 14:09:35 +01:00
Aris Adamantiadis
e99246246b security: fix for vulnerability CVE-2014-0017
When accepting a new connection, a forking server based on libssh forks
and the child process handles the request. The RAND_bytes() function of
openssl doesn't reset its state after the fork, but simply adds the
current process id (getpid) to the PRNG state, which is not guaranteed
to be unique.
This can cause several children to end up with same PRNG state which is
a security issue.
2014-03-04 09:55:28 +01:00
Andreas Schneider
c96e862c08 examples: Add missing include for stderr.
This should fix the build on FreeBSD.
2014-02-17 09:20:46 +01:00
Andreas Schneider
7021a46617 cmake: Merge server examples. 2014-02-16 17:59:46 +01:00
Andreas Schneider
c7cb2d0657 examples: Remove old samplesshd-tty. 2014-02-16 17:58:55 +01:00
Andreas Schneider
fd50a4dd9f examples: Remove old samplesshd. 2014-02-16 17:57:09 +01:00
Audrius Butkevicius
afe97d6cab examples: Add ssh_server_fork example
Signed-off-by: Audrius Butkevicius <audrius.butkevicius@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-02-16 17:52:50 +01:00
Audrius Butkevicius
00949383f4 config: Add missing HAVE_LIBUTIL_H define in config.h
Signed-off-by: Audrius Butkevicius <audrius.butkevicius@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-02-16 17:45:47 +01:00
Andreas Schneider
2a1cb323f7 examples: Add missing include on FreeBSD. 2014-02-14 10:33:07 +01:00