Fork 0
Commit Graph

2155 Commits

Author SHA1 Message Date
СВД Встраиваемые Системы 34f941a442 Правила сборки для ЗОСРВ "Нейтрино" редакции 2020 2023-03-09 23:29:43 +03:00
Will Cosgrove 635caa9078
updated docs for 1.10.0 release 2021-08-29 22:36:43 +02:00
Laurent Stacul a88a727c2a [tests] Try several times to connect the ssh server
Sometimes, as the OCI container is run in detached mode, it is possible
the actual server is not ready yet to handle SSH traffic. The goal of
this PR is to try several times (max 3). The mechanism is the same as
for the connection to the docker machine.
2021-05-30 12:33:05 +02:00
Laurent Stacul 3709037b26 Remove openssh_server container on test exit 2021-05-30 11:41:52 +02:00
Laurent Stacul 718bcb03d2 Allow the tests to run inside a container
The current tests suite starts SSH server as OCI container. This commit
add the possibility to run the tests in a container provided that:

* the docker client is installed builder container
* the host docker daemon unix socket has been mounted in the builder
  container (with, if needed, the DOCKER_HOST environment variable
  accordingly set, and the permission to write on this socket)
* the builder container is run on the default bridge network, or the
  host network. This PR does not handle the case where the builder
  container is on another network.
2021-05-29 12:01:51 +02:00
Marc Hoersken fee3125b3b
CI/appveyor: run SSH server for tests on GitHub Actions (#607)
No longer rely on DigitalOcean to host the Docker container.

Unfortunately we require a small dispatcher script that has
access to a GitHub access token with scope repo in order to
trigger the daemon workflow on GitHub Actions also for PRs.

This script is hosted by myself for the time being until GitHub
provides a tighter scope to trigger the workflow_dispatch event.
2021-05-28 08:52:27 +02:00
Will Cosgrove 6f68e8d064
openssl.c: guards around calling FIPS_mode() #596 (#603)
FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call.

Will Cosgrove
2021-05-26 16:43:32 -07:00
Will Cosgrove 35ac220a44
configure.ac: don't undefine scoped variable (#594)
* configure.ac: don't undefine scoped variable

To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it.

* configure.ac: remove cygwin specific CFLAGS #598

Remove cygwin specific Win32 CFLAGS and treat the build like a posix build

Will Cosgrove, Brian Inglis
2021-05-26 16:42:38 -07:00
Laurent Stacul f1f47ef79b
tests: Makefile.am: Add missing tests client keys in distribution tarball (#604)
Added missing test keys.

Laurent Stacul
2021-05-18 08:18:06 -07:00
Laurent Stacul 62bc25c987
Makefile.am: Add missing test keys in the distribution tarball (#601)
Fix tests missing key to build the OCI image

Laurent Stacul
2021-05-17 09:11:10 -07:00
Daniel Stenberg 8adbab3f6c
dist: add src/agent.h
Fixes #597
Closes #599
2021-05-16 00:08:39 +02:00
Will Cosgrove 36fcd543d9
packet.c: Reset read timeout after received a packet (#576) (#586)

Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails.

The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning.

teottin, Co-authored-by: Tor Erik Ottinsen <tor.ottinsen@kdi.kongsberg.com>
2021-05-12 09:14:09 -07:00
kkoenig 3f9d505353
Support ECDSA certificate authentication (#570)
Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c

Support ECDSA certificate authentication

Add a test for:
  - Existing ecdsa basic public key authentication
  - ecdsa public key authentication with a signed public key

2021-05-12 09:13:19 -07:00
Gabriel Smith c998f79384
agent.c: Add support for Windows OpenSSH agent (#517)
Files: agent.c, agent.h, agent_win.c

* agent: Add support for Windows OpenSSH agent

The implementation was partially taken and modified from that found in
the Portable OpenSSH port to Win32 by the PowerShell team, but mostly
based on the existing Unix OpenSSH agent support.


Regarding the partial transfer support implementation: partial transfers
are easy to deal with, but you need to track additional state when
non-blocking IO enters the picture. A tracker of how many bytes have
been transfered has been placed in the transfer context struct as that's
where it makes most sense. This tracker isn't placed behind a WIN32
 #ifdef as it will probably be useful for other agent implementations.

* agent: win32 openssh: Disable overlapped IO

Non-blocking IO is not currently supported by the surrounding agent
code, despite a lot of the code having everything set up to handle it.

Co-authored-by: Gabriel Smith <gabriel.smith@precisionot.com>
2021-05-11 14:13:37 -07:00
Zenju 58ae048c92
Fix detailed _libssh2_error being overwritten (#473)
Files: openssl.c, pem.c, userauth.c

* Fix detailed _libssh2_error being overwritten by generic errors
* Unified error handling

2021-05-11 14:09:57 -07:00
Paul Capron b3a8a6d27c
Fix _libssh2_random() silently discarding errors (#520)
* Make _libssh2_random return code consistent

Previously, _libssh2_random was advertized in HACKING.CRYPTO as
returning `void` (and was implemented that way in os400qc3.c), but that
was in other crypto backends a lie; _libssh2_random is (a macro
expanding) to an int-value expression or function.

Moreover, that returned code was:
  — 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends
But also:
  — 1 on success, -1 or 0 on error for the OpenSSL backend!
  – 1 on success, error cannot happen for libgcrypt!

This commit makes explicit that _libssh2_random can fail (because most of
the underlying crypto functions can indeed fail!), and it makes its result
code consistent: 0 on success, -1 on error.

This is related to issue #519 https://github.com/libssh2/libssh2/issues/519
It fixes the first half of it.

* Don't silent errors of _libssh2_random

Make sure to check the returned code of _libssh2_random(), and
propagates any failure.

A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h
None of the existing error constants seemed fit.

This commit is related to d74285b68450c0e9ea6d5f8070450837fb1e74a7
and to https://github.com/libssh2/libssh2/issues/519 (see the issue
for more info.)  It closes #519.

Paul Capron
2021-05-11 14:06:18 -07:00
Gabriel Smith 1270fdfe4b
ci: Remove caching of docker image layers (#589)
continued ci reliability work.

Gabriel Smith
2021-05-11 13:44:12 -07:00
Gabriel Smith 92366cdb79
ci: Speed up docker builds for tests (#587)
The OpenSSH server docker image used for tests is pre-built to prevent
wasting time building it during a test, and unneeded rebuilds are
prevented by caching the image layers.

Gabriel Smith
2021-05-04 09:16:54 -07:00
Will Cosgrove 7118582a7c
userauth.c: don't error if using keys without RSA (#555)
file: userauth.c

notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error

Will Cosgrove
2021-05-03 14:49:53 -07:00
Marc b853d7a86e
openssl.c: Avoid OpenSSL latent error in FIPS mode (#528)

Avoid initing MD5 digest, which is not permitted in OpenSSL FIPS certified cryptography mode.

2021-05-03 14:49:02 -07:00
Laurent Stacul 35695772d0
openssl.c: Fix EVP_Cipher interface change in openssl 3 #463

Fixes building with OpenSSL 3, #463.

The change is described there:

Laurent Stacul, reported by Sergei
2021-05-03 14:47:06 -07:00
Gabriel Smith b5c071d180
openssh_fixture.c: Fix potential overwrite of buffer when reading stdout of command (#580)
If reading the full output from the executed command took multiple
passes (such as when reading multiple lines) the old code would read
into the buffer starting at the some position (the start) every time.
The old code only works if fgets updated p or had an offset parameter,
both of which are not true.

Gabriel Smith
2021-05-03 14:41:25 -07:00
Gabriel Smith fb375d6fe2
ci: explicitly state the default branch (#585)
It looks like the $default-branch macro only works in templates, not
workflows. This is not explicitly stated anywhere except the linked PR


Gabriel Smith
2021-05-02 17:32:48 -07:00
Gabriel Smith ee199144fe
ci: Swap from Travis to Github Actions (#581)
Files: ci files

Move Linux CI using Github Actions

Gabriel Smith, Marc Hörsken
2021-04-30 16:10:52 -07:00
Mary 91393d6631
libssh2_priv.h: add iovec on 3ds (#575)
file: libssh2_priv.h
note: include iovec for 3DS
credit: Mary Mstrodl
2021-04-22 13:20:43 -07:00
Laurent Stacul 5627b82be6
Tests: Fix unused variables warning (#561)
file: test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c

notes: fixed unused vars

Laurent Stacul
2021-03-04 14:17:00 -08:00
Viktor Szakats 4bb166a2a8
bcrypt_pbkdf.c: fix clang10 false positive warning (#563)
File: bcrypt_pbkdf.c

blf_enc() takes a number of 64-bit blocks to encrypt, but using
sizeof(uint64_t) in the calculation triggers a warning with
clang 10 because the actual data type is uint32_t. Pass
BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3)

Ref: 04a2240bd8

Fixes #562

Viktor Szakats
2021-03-04 13:10:07 -08:00
Will Cosgrove ae26886671
transport.c: release payload on error (#554)
file: transport.c
notes: If the payload is invalid and there is an early return, we could leak the payload
Will Cosgrove
2021-02-11 09:18:16 -08:00
Will Cosgrove 8ae21cad83
ssh2_client_fuzzer.cc: fixed building
The GitHub web editor did some funky things
2021-02-05 10:05:52 -08:00
Will Cosgrove 384a50e0e4
ssh_client_fuzzer.cc: set blocking mode on (#553)
file: ssh_client_fuzzer.cc

notes: the session needs blocking mode turned on to avoid EAGAIN being returned from libssh2_session_handshake()

Will Cosgrove, reviewed by Michael Buckley
2021-02-04 09:56:16 -08:00
Etienne Samson 1adb24fd07
Add a LINT option to CMake (#372)
* ci: make style-checking available locally

* cmake: add a linting target

* tests: check test suite syntax with checksrc.pl
2021-02-02 10:28:28 -08:00
Will Cosgrove cde13f6201
kex.c: kex_agree_instr() improve string reading (#552)
* kex.c: kex_agree_instr() improve string reading

file: kex.c
notes: if haystack isn't null terminated we should use memchr() not strchar(). We should also make sure we don't walk off the end of the buffer.
Will Cosgrove, reviewed by Michael Buckley
2021-02-02 10:11:14 -08:00
Will Cosgrove c69f1f27dc
kex.c: use string_buf in ecdh_sha2_nistp (#551)
* kex.c: use string_buf in ecdh_sha2_nistp

file: kex.c

use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data
2021-01-30 19:32:14 -08:00
Will Cosgrove 1f76151c92
kex.c: move EC macro outside of if check #549 (#550)
File: kex.c

Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code.

Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up.

2021-01-26 11:41:21 -08:00
Tim Gates 720998f322
kex.c: fix simple typo, niumber -> number (#545)
File: kex.c

There is a small typo in src/kex.c.

Should read `number` rather than `niumber`.

Tim Gates
2020-12-18 09:58:29 -08:00
Tseng Jun cfe0bf6498
session.c: Correct a typo which may lead to stack overflow (#533)
File: session.c

Seems the author intend to terminate banner_dup buffer, later, print it to the debug console.

Tseng Jun
2020-11-11 11:18:36 -08:00
Marc Hoersken 6c7769dcc4
wincng: fix random big number generation to match openssl
The old function would set the least significant bits in
the most significant byte instead of the most significant bits.

The old function would also zero pad too much bits in the
most significant byte. This lead to a reduction of key space
in the most significant byte according to the following listing:
- 8 bits reduced to 0 bits => eg. 2048 bits to 2040 bits DH key
- 7 bits reduced to 1 bits => eg. 2047 bits to 2041 bits DH key
- 6 bits reduced to 2 bits => eg. 2046 bits to 2042 bits DH key
- 5 bits reduced to 3 bits => eg. 2045 bits to 2043 bits DH key

No change would occur for the case of 4 significant bits.
For 1 to 3 significant bits in the most significant byte
the DH key would actually be expanded instead of reduced:
- 3 bits expanded to 5 bits => eg. 2043 bits to 2045 bits DH key
- 2 bits expanded to 6 bits => eg. 2042 bits to 2046 bits DH key
- 1 bits expanded to 7 bits => eg. 2041 bits to 2047 bits DH key

There is no case of 0 significant bits in the most significant byte
since this would be a case of 8 significant bits in the next byte.

At the moment only the following case applies due to a fixed
DH key size value currently being used in libssh2:

The DH group_order is fixed to 256 (bytes) which leads to a
2047 bits DH key size by calculating (256 * 8) - 1.

This means the DH keyspace was previously reduced from 2047 bits
to 2041 bits (while the top and bottom bits are always set), so the
keyspace is actually always reduced from 2045 bits to 2039 bits.

All of this is only relevant for Windows versions supporting the
WinCNG backend (Vista or newer) before Windows 10 version 1903.

Closes #521
2020-10-10 19:58:06 +02:00
Daniel Stenberg 4afcb8cd9b
libssh2_session_callback_set.3: explain the recv/send callbacks
Describe how to actually use these callbacks.

Closes #518
2020-09-28 17:45:13 +02:00
Will Cosgrove 00d5b0c385
agent.c: formatting
Improved formatting of RECV_SEND_ALL macro.
2020-09-23 13:41:34 -07:00
Will Cosgrove a1975c5b59
CMakeLists.txt: respect install lib dir #405 (#515)


Credit: Arfrever
2020-09-23 13:21:11 -07:00
Will Cosgrove f553dcc95d
kex.c: group16-sha512 and group18-sha512 support #457 (#468)
Files: kex.c

Added key exchange group16-sha512 and group18-sha512. As a result did the following:

Abstracted diffie_hellman_sha256() to diffie_hellman_sha_algo() which is now algorithm agnostic and takes the algorithm as a parameter since we needed sha512 support. Unfortunately it required some helper functions but they are simple.
Deleted diffie_hellman_sha1()
Deleted diffie_hellman_sha1 specific macro
Cleaned up some formatting
Defined sha384 in os400 and wincng backends
Defined LIBSSH2_DH_MAX_MODULUS_BITS to abort the connection if we receive too large of p from the server doing sha1 key exchange.
Reorder the default key exchange list to match OpenSSH and improve security

Will Cosgrove
2020-09-23 13:20:00 -07:00
Igor Klevanets 9ae9ff30cb
agent.c: Recv and send all bytes via network in agent_transact_unix() (#510)
Files: agent.c

Handle sending/receiving partial packet replies in agent.c API.

Credit: Klevanets Igor <cerevra@yandex-team.ru>
2020-09-23 13:15:01 -07:00
Daniel Stenberg ecd6a74e44
Makefile.am: include all test files in the dist #379

No longer conditionally include OpenSSL specific test files, they aren't run if we're not building against OpenSSL 1.1.x anyway.

Daniel Stenberg
2020-09-01 16:40:48 -07:00
Max Dymond 7a4b051ba4
Add support for an OSS Fuzzer fuzzing target (#392)
.travis.yml, configure.ac, ossfuzz 

This adds support for an OSS-Fuzz fuzzing target in ssh2_client_fuzzer,
which is a cut down example of ssh2.c. Future enhancements can improve

Max Dymond
2020-09-01 14:20:52 -07:00
Sebastián Katzer 5528f3da02
mbedtls.c: ECDSA support for mbed TLS (#385)
mbedtls.c, mbedtls.h, .travis.yml

This PR adds support for ECDSA for both key exchange and host key algorithms.

The following elliptic curves are supported:

256-bit curve defined by FIPS 186-4 and SEC1
384-bit curve defined by FIPS 186-4 and SEC1
521-bit curve defined by FIPS 186-4 and SEC1

Sebastián Katzer
2020-09-01 14:18:09 -07:00
Marc Hoersken 93862bf6c1
buildconf: exec autoreconf to avoid additional process (#512)
Also make buildconf exit with the return code of autoreconf.

Follow up to #224
2020-09-01 20:37:21 +02:00
Marc Hoersken 5964268dc7
scp.c: fix indentation in shell_quotearg documentation 2020-08-23 20:53:48 +02:00
Marc Hoersken 5eaa7aa1c0
wincng: make more use of new helper functions (#496) 2020-07-21 21:18:18 +02:00
Marc Hoersken 1894b30b5c
wincng: make sure algorithm providers are closed once (#496) 2020-07-21 21:17:53 +02:00
David Benjamin 1a61d0c3ca
openssl.c: clean up curve25519 code (#499)
File: openssl.c, openssl.h, crypto.h, kex.c

This cleans up a few things in the curve25519 implementation:

- There is no need to create X509_PUBKEYs or PKCS8_PRIV_KEY_INFOs to
  extract key material. EVP_PKEY_get_raw_private_key and
  EVP_PKEY_get_raw_public_key work fine.

- libssh2_x25519_ctx was never used (and occasionally mis-typedefed to
  libssh2_ed25519_ctx). Remove it. The _libssh2_curve25519_new and
  _libssh2_curve25519_gen_k interfaces use the bytes. Note, if it needs
  to be added back, there is no need to roundtrip through
  EVP_PKEY_new_raw_private_key. EVP_PKEY_keygen already generated an

- Add some missing error checks.

David Benjamin
2020-07-10 10:47:48 -07:00