1
1
Граф коммитов

4519 Коммитов

Автор SHA1 Сообщение Дата
Jakub Jelen
fffa66698f Allow building without Group Exchange support
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
a170580147 kex: Disable diffie-hellman-group-exchange-sha1 by default
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
0833f07c53 options: Allow to configure cryptographic algorithms for server
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
805709dd36 docs: Missing documentation for SSH_OPTIONS_HMAC_*
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
fd95b68c0f tests: Fix error message
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
82f4c6c607 buffer: Fix typo in a comment
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Jakub Jelen
c110122fb5 tests: Don't talk to ssh-agent in server authentication tests
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Andreas Schneider
686cd6e83b Update INSTALL file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 10:30:05 +01:00
Andreas Schneider
9f9afab3e6 dh: Add function references to ssh_print_hash() doc
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 09:48:09 +01:00
Andreas Schneider
b84949b32c include: Mark ssh_print_hexa as deprecated
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07 09:46:13 +01:00
Jon Simons
c0102e6a59 pki_crypto: plug pki_signature_from_blob leaks
In 3341f49a49, some direct assignments
to OpenSSL structures was replaced with usage of getter and setter
macros.  Ensure to `bignum_safe_free` a couple of intermediate values
in error paths for `pki_signature_from_blob` DSS and ECDSA cases.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Jon Simons
ccd73db90c pki: NULL check pki_signature_from_rsa_blob result
Check for a potential NULL result from `pki_signature_from_rsa_blob`
in `pki_signature_from_blob`.  Otherwise the following `sig->type_c`
will result in a segfault.

Introduced in 7f83a1efae.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Jon Simons
3760e59c13 dh: harden error handling in 'ssh_dh_init_common'
Harden the error path in 'ssh_dh_init_common' such that
all potential allocations are free'd upon exit.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Jon Simons
3334443089 dh: plug pubkey_blob leak in ssh_server_dh_process_init
Ensure to `SSH_STRING_FREE` the pubkey_blob local in
`ssh_server_dh_process_init`.  The leak can be seen with
valgrind and the pkd tests with:

    valgrind \
      --leak-check=full \
      --show-leak-kinds=definite \
      ./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group14_sha1

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Jon Simons
b44987a164 dh-gex: fix double-ssh_dh_init_common memory leak
Fix a memory leak whereby the x, y, and k bignum fields within
a session's next_crypto structure were being unintentionally
initialized twice.

The leak can be seen before the fix with valgrind and the pkd
tests with:

    valgrind \
      --leak-check=full \
      --show-leak-kinds=definite \
      ./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Jon Simons
886681a421 dh-gex: fix moduli file stream leak
Ensure to close the moduli file stream in `ssh_retrieve_dhgroup`.
The leak is observable with the pkd tests and valgrind with:

    valgrind \
      --track-fds=yes \
      ./pkd_hello -i1 \
      -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 13:22:59 +01:00
Till Wimmer
04c97c0eaf session: Repects timeout=0 for packets on blocking sessions
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 09:24:29 +01:00
Till Wimmer
d27b817acc options: Removed outdated param annotations of ssh_options_set()
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 09:24:29 +01:00
Till Wimmer
16a52a8362 connector: Don't NULL connector (in|out) channels on event remove
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30 09:24:26 +01:00
Andreas Schneider
5bc7432b10 gitlab-ci: Enable DEBUG build options on Fedora
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-27 17:47:31 +01:00
Jakub Jelen
8c7b6bffff bignum: Reformat ssh_make_string_bn and unbreak build with DEBUG_CRYPTO
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 16:40:14 +01:00
Jakub Jelen
42185fbf6e dh: Reformat ssh_dh_debug, ssh_dh_build_k and unbreak build with DEBUG_CRYPTO
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 16:40:09 +01:00
Andreas Schneider
303bdc5a4f tests: Initialize ssh_cipher_struct in torture_crypto_aes256_cbc()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 15:47:49 +01:00
Andreas Schneider
9b694f396c packet: Add missing error check in packet_send2()
Found by csbuild.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 14:21:46 +01:00
Andreas Schneider
d41042f92d pki: Avoid a possible segfaults in error paths
Found by csbuild.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 14:21:26 +01:00
Andreas Schneider
9b2eefe62c dh-gex: Add error check for ssh_packet_send() in ssh_packet_server_dhgex_request
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 14:15:01 +01:00
Andreas Schneider
8ec80d1f5d libcrypto: Use size_t for size calculations
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 14:09:44 +01:00
Anderson Toshiyuki Sasaki
8ddbe7bec6 sftp: Add NULL check in sftp_ext_free()
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:25 +01:00
Anderson Toshiyuki Sasaki
61ad276a87 sftp: Reformat sftp_ext_free()
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
9c5a1967c3 tests: Add NULL checks in pki tests
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
27caaa000b tests: Prefer assert_non_null() over assert_false()
This also replaces some occurrences of assert_true() with assert_null()

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
bdf968c178 tests: Added NULL checks in torture_list.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
603b6d7222 tests: Prefer assert_non_null over assert_true
This also replaces some occurrences of assert_true with assert_null.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
89f58decb6 misc: Add NULL checks before accessing lists
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:22 +01:00
Anderson Toshiyuki Sasaki
5ed5e97114 messages: Fix NULL check, preventing SEGFAULT
The wrong conditional check for newly allocated memory would make the
function to fail when the allocation was successful and access invalid
memory when the allocation failed.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26 13:56:15 +01:00
Andreas Schneider
6dacc8b26c gitlab-ci: Add (disabled) target with MemorySanitizer
We can't enable this till we can ignore OpenSSL.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25 16:08:04 +01:00
Andreas Schneider
d41fd0c465 cmake: Add support for MemorySanitizer
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25 16:07:50 +01:00
Andreas Schneider
d598e4e52a packet_crypt: Make sure we always operate on initilized memory
Found by MemorySanitizer.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25 16:07:50 +01:00
Andreas Schneider
932102bd13 session: Initialize allocated memory
Found by MemorySanitizer.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25 14:13:10 +01:00
Andreas Schneider
e260a591f4 gitlab-ci: Fix UndefinedSanitizer
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25 11:36:07 +01:00
Baruch Siach
6c7eaa9e12 buffer: Convert argc to size_t in ssh_buffer_unpack() as well
Commit c306a693f3 ("buffer: Use size_t for argc argument in
ssh_buffer_(un)pack()") mentioned unpack in the commit log, but it only
touches the pack variants. Extend the conversion to unpack.

Pre-initialize the p pointer to avoid possible use before
initialization in case of early argc check failure.

This fixes build failure:

.../libssh-0.8.6/src/buffer.c: In function 'ssh_buffer_unpack_va':
.../libssh-0.8.6/src/buffer.c:1229:16: error: assuming signed overflow does not occur when simplifying conditional to constant [-Werror=strict-overflow]
             if (argc == -1){
		^

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 17:48:08 +01:00
Eric Bentley
83d86ef6a5 examples: add public key auth for specific key
There was no example of using a specific key for authentication so I added
one.

Signed-off-by: Eric Bentley <ebentley66@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 17:48:08 +01:00
Eric Bentley
db67fcbe88 examples: add public key authentication to ssh_server_fork
I noticed that there was no example showing server side public key encryption in the examples
so I added this one. I used authorizedkeys as a global to minimize the changes to the original
code as well as I was not sure the correct methodology of determining the .ssh directory location
for a user not using Linux. One code using the user parameter to determine the location to use
instead if desired.

Signed-off-by: Eric Bentley <ebentley66@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 17:48:04 +01:00
Jakub Jelen
be9943132e tests: Extend negative test cases for config Match keyword
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 15:15:39 +01:00
Jakub Jelen
893510db35 tests: Use assert_ssh_return_code() in config test
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 15:15:35 +01:00
Jakub Jelen
e989c4afff config: Add new Match final keyword from OpenSSH 8.0
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 15:15:18 +01:00
Jakub Jelen
3ce31532eb config: Fail if there is missing argument for some of the match keywords
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 15:13:30 +01:00
Aris Adamantiadis
3b5f9ef8d6 pkd: dh-group-exchange testcases 2019-01-24 13:06:33 +01:00
Aris Adamantiadis
53c88375fe dh-gex: Add server implementation
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 13:06:33 +01:00
Aris Adamantiadis
40faa98c5e wrapper: Move dh cleanup into dh.c
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24 12:56:14 +01:00