1
1
Граф коммитов

3005 Коммитов

Автор SHA1 Сообщение Дата
Jon Simons
6007c3c43f bind: fix possible double-frees in ssh_bind_free
Make sure to explicitly set key pointers to NULL following the use
of 'ssh_key_free' throughout bind.c.

Before this change, a double free can happen via 'ssh_bind_free'
as in this example callpath:

  // create an ssh_bind
  ssh_bind b = ssh_bind_new();

  // provide a path to a wrong key-type
  ssh_bind_options_set(b, SSH_BIND_OPTIONS_DSAKEY, path_to_rsa_key);

  // initialize set key-type
  ssh_bind_listen(b);

    -> error path "The DSA host key has the wrong type: %d",

       ssh_key_free(sshbind->dsa)

         -> ssh_key_clean(key) // OK

         -> SAFE_FREE(key)     // OK, but, sshbind->dsa is *not* set to NULL

  // ssh_bind_listen failed, so clean up ssh_bind
  ssh_bind_free(b);

    -> ssh_key_free(sshbind->dsa)  // double-free here

To fix, set pointers to NULL that have been free'd with 'ssh_key_free'.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-01-16 09:27:41 +01:00
Andreas Schneider
9d1ddd0547 doc: Add changes to the forwarding tutorial. 2014-01-16 09:13:06 +01:00
Andreas Schneider
5229253f86 channel: Fix the name scheme of the forward functions. 2014-01-16 09:13:06 +01:00
Oleksandr Shneyder
a1c4fc07d4 channel: Add ssh_channel_accept_forward().
This works same way as ssh_forward_accept() but can return a destination
port of the channel (useful if SSH connection forwarding several TCP/IP
ports).

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-01-16 09:12:03 +01:00
Andreas Schneider
6d09104ad3 Rename build directory to obj.
Some buildsystem use build in the pathname and so we will filter out
e.g. docs generation.
2014-01-16 08:53:32 +01:00
Aris Adamantiadis
57ef959aa3 threads: support libgcrypt 1.6 hack
Not 100% satisfied of this patch, but the way libgcrypt handles
threading in 1.6 is not compatible with custom handlers. The
new code basicaly uses pthreads in every case. This will probably
not work on windows.
2014-01-08 18:57:31 +01:00
Andreas Schneider
b617d7fa29 include: Remove warning cause VSC doesn't know about it. 2014-01-08 10:55:20 +01:00
Andreas Schneider
4b3363ecf2 include: Fix building if we do not have asm volatile. 2014-01-08 10:52:29 +01:00
Andreas Schneider
6fe51b13fb src: Update my mail address. 2014-01-07 16:08:23 +01:00
Andreas Schneider
8bcbfb1642 cmake: Remove unused macro modules. 2014-01-07 16:07:00 +01:00
Aris Adamantiadis
aecd952d18 update copyright information 2014-01-07 15:18:15 +01:00
Aris Adamantiadis
fedb1b3def tests: avoid reading uninitialized bytes 2014-01-07 14:43:46 +01:00
Aris Adamantiadis
8fdfa13227 pki: fix gcrypt signature process 2014-01-07 14:20:49 +01:00
Andreas Schneider
9d90d15e91 examples: Make sure buffer is initialized. 2014-01-07 09:19:02 +01:00
Andreas Schneider
09a715b147 example: Add missing include for forkpty(). 2014-01-07 09:03:53 +01:00
Aris Adamantiadis
42ad55377f test: fixed torture_auth_none condition 2014-01-06 22:09:43 +01:00
Aris Adamantiadis
d771dafe04 test: test case for async auth_none
This test currently fails
2014-01-06 16:52:44 +01:00
Aris Adamantiadis
09af855b6f tests: auth_agent_nonblocking should run in nonblocking 2014-01-06 16:52:44 +01:00
Aris Adamantiadis
0571360f37 tests: use LC_LIBSSH instead of LANG for env tests.
LANG is stripped and replaced on many distros and LC_* is accepted
by default on debian
2014-01-06 16:17:16 +01:00
Andreas Schneider
f3e3700063 session: Fix a possible memory leak. 2014-01-05 23:05:13 +01:00
Aris Adamantiadis
41fe03e0d6 poll: fix poll_handles ownerships 2014-01-05 22:33:45 +01:00
Aris Adamantiadis
b514957af7 socket: don't attempt reading a non-connected socket 2014-01-05 21:54:08 +01:00
Andreas Schneider
d9c5d0767c examples: Fix building samplesshd-tty on FreeBSD. 2013-12-26 09:42:32 +01:00
Andreas Schneider
8f162e3b13 poll: Correctly free ssh_event_fd_wrapper.
This is allocated by ssh_event_add_fd.
2013-12-22 22:08:45 +01:00
Andreas Schneider
32ba84dac7 config: Support expansion in the Host variable too.
BUG: https://red.libssh.org/issues/127
2013-12-21 12:30:32 +01:00
Andreas Schneider
7f806b7c68 tests: Fix non-blocking auth tests.
The ssh_userauth_none() call should already be non-blocking. However
this this function is broken in non-blocking mode. It should reveal the
existing bug.
2013-12-15 21:03:00 +01:00
Andreas Schneider
a6107f7432 tests: Fix blocking mode in password auth test. 2013-12-15 20:42:18 +01:00
Andreas Schneider
9829aa2236 tests: Use new auth API in the torture_session test. 2013-12-15 20:29:30 +01:00
Andreas Schneider
f8debe9a19 tests: Use new auth API in the torture_auth test. 2013-12-15 20:26:17 +01:00
Andreas Schneider
8b407f1ca2 tests: Fix pki test with gcrypt. 2013-12-11 21:11:49 +01:00
Jon Simons
20b5734649 channel: fix setting of channel->flags
Fix the setting of 'channel->flags' to use '|='.  Before this
change, one bug symptom can be that channels are never fully
free'd via ssh_channel_free, resulting in memory leaks.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-12-11 21:02:47 +01:00
Jon Simons
0557f57c63 client: use ssh_channel_do_free in ssh_disconnect
Ensure to use 'ssh_channel_do_free' in 'ssh_disconnect', when removing and
free'ing up a session's channels.  This matches the behavior in 'ssh_free',
and is necessary to fully free any channel which may not have been closed
completely (see usage of flags SSH_CHANNEL_FLAG_CLOSED_REMOTE,
SSH_CHANNEL_FLAG_FREED_LOCAL).

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-12-11 21:02:05 +01:00
Andreas Schneider
4f4e917187 bind: Correctly free all memory in ssh_bind_free().
Thanks to Jacob Baines.
2013-12-09 19:49:54 +01:00
Jon Simons
a1f0b2acfc session: Add ssh_get_clientbanner(). 2013-12-07 16:24:33 +01:00
Andreas Schneider
d65777b570 channels: Add a ssh_channel_read_timeout function. 2013-12-04 20:34:13 +01:00
Andreas Schneider
2df00fd84c tests: Try to fix torture_forward. 2013-12-04 14:21:52 +01:00
Andreas Schneider
d1d3beac33 tests: Fix memory leaks. 2013-11-28 14:40:11 +01:00
Andreas Schneider
ad0abff8b3 tests: Add missing line breaks. 2013-11-28 11:49:11 +01:00
Andreas Schneider
cdd7a6cb8d pki: Fix a memory leak.
CID #1132819
2013-11-28 09:09:45 +01:00
Andreas Schneider
004240af48 tests: Add torture_pki_write_privkey_ecdsa test. 2013-11-27 22:54:13 +01:00
Andreas Schneider
4e3d16e291 tests: Add torture_pki_write_privkey_dsa test. 2013-11-27 22:54:13 +01:00
Andreas Schneider
7933aef747 tests: Add torture_pki_write_privkey_rsa test. 2013-11-27 22:54:13 +01:00
Andreas Schneider
136efd6ed5 pki: Add ssh_pki_import_privkey_file(). 2013-11-27 22:54:13 +01:00
Andreas Schneider
94969cf263 pki_crypto: Add pki_private_key_to_pem(). 2013-11-27 22:54:13 +01:00
Andreas Schneider
68c3c26029 pki_gcrypt: Add pki_private_key_to_pem() stub. 2013-11-27 22:54:13 +01:00
Andreas Schneider
fd185acbea curve25519: Fix memory leaks in ssh_server_curve25519_init().
CID #1125255
2013-11-27 20:26:14 +01:00
Andreas Schneider
7a4e8e58f0 curve25519: Do not leak q_s_string.
CID #1125256
2013-11-27 20:20:07 +01:00
Andreas Schneider
cbeb2a9de7 curve25519: Fix a memory leak.
CID #1125257
2013-11-27 20:18:25 +01:00
Andreas Schneider
d61fcbf7b2 examples: Fix else branch.
CID #1127816
2013-11-27 20:16:09 +01:00
Andreas Schneider
75e61f498b packet: Remove logically dead code.
CID #1128796
2013-11-27 20:14:02 +01:00