1
1
Граф коммитов

3838 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
ec6df9896a tests: Add missing check for valid fd
CID 1032753

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:52:14 +02:00
Andreas Schneider
ab7c5c448c tests: Add additional NULL checks
CID 1393894

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:43:51 +02:00
Andreas Schneider
5871d604cd tests: Use fstat instead of lstat
CID 1393878

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:38:59 +02:00
Andreas Schneider
f6fe7488e3 tests: Add some null checks
CID 1393898

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:36:50 +02:00
Andreas Schneider
24aef4fbf1 sftp: Add missing size checks
CID 1238630

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:36:50 +02:00
Andreas Schneider
fbfe002460 tests: Check for memory allocation error in torture_pki_ed25519_sign()
CID 1393899

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 09:36:47 +02:00
Andreas Schneider
c7525c056c tests: Improve torture_connect_socket()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:58:27 +02:00
Andreas Schneider
1509693cce tests: null terminate buffer in torture_read_one_line()
CID 1393902

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:52:42 +02:00
Andreas Schneider
67ef808a95 tests: Add additional NULL check in torture_pki_rsa_write_privkey()
CID 1393904
CID 1393903

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:50:11 +02:00
Andreas Schneider
aeefcd8199 tests: Initialize readfds in torture_channel_select()
CID 1393905

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:46:37 +02:00
Andreas Schneider
9bc050d07d tests: Check return code of ssh_pki_import_privkey_base64
CID 1393906

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:44:28 +02:00
Andreas Schneider
c2776f70c1 tests: Improve test checks
CID 1394620

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-06 08:32:07 +02:00
Andreas Schneider
e6020f94bf server: Fix echo access in ssh_message_auth_interactive_request()
Fixes T94

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 19:08:57 +02:00
Anderson Toshiyuki Sasaki
9305762fcd Remove internal calls to ssh_init
Since the call is made automatically when the library is loaded, these
calls are no longer required (if the library is not linked statically).

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
e0e0d62a71 tests: Run thread tests on Windows
When pthreads is available, run the threads tests on Windows

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
708f127788 tests: Add test for RSA PKI running on threads
Run the tests from torture_pki_rsa.c on threads.  Tests requiring files
to be removed are not tested, since they would require the access to
the files to be synchronized.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
dd3d867452 tests: Add test for crypto running on threads
The test run crypto test on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
5443863723 tests: Add test for buffer running on threads
The test run buffer tests on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
edcdef94ee tests: Add test for init running on threads
The test runs ssh_init()/ssh_finalize() on multiple threads.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
04cc7b769a threads: Add Windows threads implementation
Added Windows threads implementation based on CriticalSection.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Anderson Toshiyuki Sasaki
83b43443e5 threads: Automatically call ssh_init on load
This makes unnecessary to call ssh_init() when the library is
dynamically loaded.  Also removes the threads shared library.  The used
threads implementation is chosen in configuration time, changing the
ssh_threads_get_default() depending on the available threads library.

Internally, it is expected a threads implementation providing:

- void ssh_mutex_lock(void **mutex);
- void ssh_mutex_unlock(void **mutex);
- struct ssh_threads_callbacks_struct *ssh_threads_get_default(void);

and a crypto implementation providing:

- int crypto_thread_init(struct ssh_threads_callbacks_struct *user_callbacks);
- void crypto_thread_finalize(void);

This adds internal threads implementation for pthreads and noop.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Andreas Schneider
6a077fe750 gitlab-ci: Build with cmake3 on CentOS7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Andreas Schneider
b2a681bd29 cmake: Require at least cmake 3.1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-03 16:43:03 +02:00
Jakub Jelen
18077673ac pki: Log really the signature algorithm type
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:05:37 +02:00
Jakub Jelen
25407209b0 pkd: Add missing ECDH mechanisms + whitespace cleanup
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:05:12 +02:00
Jakub Jelen
0e886ba803 pkd: Support ed25519 host keys in server
This adds support for the ed25519 keys in the pkd framework and adds
openssh-only tests utilizing these host keys (dropbear does not support
them yet).

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:04:40 +02:00
Jakub Jelen
c8429113fa bind: Complete loading ed25519 in server
Previously, the support was only partial and if the ed25519 key was
the only one, the internal checks were failing the tests.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:48 +02:00
Jakub Jelen
e1d2454dd7 session: Do not search for RSA1 keys in ~/.ssh/identity
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:41 +02:00
Jakub Jelen
ed738bee34 test: Fix text labels (copy & paste error)
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 16:03:17 +02:00
Pino Toscano
12284b75fa buffer: Add and use ssh_buffer_allocate_size()
Add a small helper for ssh_buffer to ensure that the buffer has a
certain amount of space already preallocated. This can be useful in case
it is known how much data is going to be added to a buffer, to avoid
multiple reallocations.

Make use of it in few places in the library.

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01 11:04:33 +02:00
Andreas Schneider
afa4021ded tests: Add umask() around mkstemp()
CID 1391450

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-07 11:38:59 +02:00
Andreas Schneider
c425082394 tests: Fix errno check in pkd
CID 1393877

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-07 11:35:00 +02:00
Aris Adamantiadis
db9da99a36 bignum: Make bignum_free safer
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 14:35:13 +02:00
Andreas Schneider
c3dac948c9 pki: Improve pubkey buffer handling form file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 13:21:23 +02:00
Andreas Schneider
c866768da4 torture_pki_dsa: Improve torture_pki_dsa_publickey_base64
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 13:15:14 +02:00
Aris Adamantiadis
2b40ad29c0 crypto: Split init and finalize functions
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:55:23 +02:00
Andreas Schneider
38c53db953 libcrypto: Use new RAND_priv_bytes() for strong randomness
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:12:17 +02:00
Andreas Schneider
c503bb572e crytpo: Make sure we check return of ssh_get_random() correctly
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:12:14 +02:00
Aris Adamantiadis
36a727e656 bignum: Harmonize ssh_get_random()
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05 12:09:52 +02:00
Andreas Schneider
7b9a07c363 cmake: Print if server testing is enabled
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 20:33:31 +02:00
Jakub Jelen
4b298ca770 kex: Check allocation result
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 08:24:54 +02:00
Jakub Jelen
8e211c0689 tests: Verify various host keys can be successfully negotiated and verified
This verifies that all the supported host keys can be used and
verified by the client, including the SHA2 extension in RFC 8332.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:52:50 +02:00
Jakub Jelen
d25b8fb550 packet: Avoid warnings by using correct template
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:48:32 +02:00
Jakub Jelen
f1b36c18f6 client: Properly reset session structures on disconnect
torture_connect_double  test case used to test the connect only up
to key exchange phase, but not after the new keys are stated to be
used for communication. The keys from previous connectoin were not
cleaned up from the previous invocation as well as the seqence
number was not reset and therefore any further packet was failing
with length-check errors or MAC errors.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:47:54 +02:00
Andreas Schneider
b3a7e86a4a knownhosts: Fix memory leak
CID 1393774

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:09:24 +02:00
Andreas Schneider
d316390825 gitlab-ci: Only enable freebsd runner where it is enabled
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
3141dec632 known_hosts: Remove deprecated ssh_knownhosts_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
539d7ba249 kex: Use ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
83a46c7756 tests: Add knownhosts test for detecting conflics
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
2d90bc9d6b knownhosts: Fix checking if server is known
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00