ports/libssh2
ports/libssh2
1
1
Форкнуть 0
Код Релизы 1 Активность
2 035 коммитов 3 Ветки 1 Тег
Граф коммитов

2035 Коммитов

This Branch
This Branch
Все ветки
Автор SHA1 Сообщение Дата
Daniel Stenberg
10098f9d4e
include/libssh2.h: warning: "_WIN64" is not defined, evaluates to 0 
We don't use #if for defines that might not be defined.
 2019-03-15 11:56:03 +01:00
Daniel Stenberg
fb43746aaa
pem: //-comments are not allowed 2019-03-15 01:09:18 +01:00
Daniel Stenberg
cd6c353d82 userauth: fix "Function call argument is an uninitialized value" (#318) 
Detected by scan-build.
 2019-03-14 17:06:45 -07:00
Will Cosgrove
2599e2ebf3 fixed unsigned/signed issue 2019-03-14 17:02:28 -07:00
Daniel Stenberg
4d66f6762c
session_disconnect: clear state 
If authentication is started but not completed before the application
gives up and instead wants to shut down the session, the '->state' field
might still be set and thus effectively dead-lock session_disconnect.

This happens because both _libssh2_transport_send() and
_libssh2_transport_read() refuse to do anything as long as state is set
without the LIBSSH2_STATE_KEX_ACTIVE bit.

Reported in curl bug https://github.com/curl/curl/issues/3650

Closes #310
 2019-03-15 01:00:25 +01:00
Will Cosgrove
6394c0dbff Release notes from 1.8.1 2019-03-14 16:22:36 -07:00
Michael Buckley
41fbd4476a Use string_buf in sftp_init(). 2019-03-14 15:24:53 -07:00
Michael Buckley
c02d9b7b73 Guard against out-of-bounds reads in publickey.c 2019-03-14 15:24:53 -07:00
Michael Buckley
09240d8917 Guard against out-of-bounds reads in session.c 2019-03-14 15:24:53 -07:00
Michael Buckley
8031a60518 Guard against out-of-bounds reads in userauth.c 2019-03-14 15:24:53 -07:00
Michael Buckley
959b8e5fa0 Use LIBSSH2_ERROR_BUFFER_TOO_SMALL instead of LIBSSH2_ERROR_OUT_OF_BOUNDARY in sftp.c 2019-03-14 15:24:52 -07:00
Michael Buckley
48d46f0ce2 Additional bounds checking in sftp.c 2019-03-14 15:24:52 -07:00
Michael Buckley
0561cc4c4b Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html 2019-03-14 15:24:52 -07:00
Michael Buckley
0986673d1a Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html 2019-03-14 15:24:52 -07:00
Michael Buckley
f500724665 Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. 2019-03-14 15:24:52 -07:00
Michael Buckley
bac8d7d411 Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html 2019-03-14 15:24:52 -07:00
Michael Buckley
8690f0e041 Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html 
This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent.
 2019-03-14 15:24:52 -07:00
Michael Buckley
634444a348 Defend against writing beyond the end of the payload in _libssh2_transport_read(). 2019-03-14 15:24:52 -07:00
Michael Buckley
76727cf476 Defend against possible integer overflows in comp_method_zlib_decomp. 2019-03-14 15:24:52 -07:00
Will Cosgrove
dc109a7f51
Security fixes (#315) 
* Bounds checks

Fixes for CVEs
https://www.libssh2.org/CVE-2019-3863.html
https://www.libssh2.org/CVE-2019-3856.html

* Packet length bounds check

CVE
https://www.libssh2.org/CVE-2019-3855.html

* Response length check

CVE
https://www.libssh2.org/CVE-2019-3859.html

* Bounds check

CVE
https://www.libssh2.org/CVE-2019-3857.html

* Bounds checking

CVE
https://www.libssh2.org/CVE-2019-3859.html

and additional data validation

* Check bounds before reading into buffers

* Bounds checking

CVE
https://www.libssh2.org/CVE-2019-3859.html

* declare SIZE_MAX and UINT_MAX if needed
 2019-03-14 15:22:13 -07:00
Will Cosgrove
e1d9bd49e4
fixed type warnings (#309) 2019-03-07 11:17:06 -08:00
Will Cosgrove
bc00a288a8
Bumping version number for pending 1.8.1 release 2019-03-07 11:01:20 -08:00
Daniel Stenberg
3f927a8439 _libssh2_string_buf_free: use correct free (#304) 
Use LIBSSH2_FREE() here, not free(). We allow memory function
replacements so free() is rarely the right choice...
 2019-03-04 09:41:06 -08:00
Will Cosgrove
3c1ff8a0b7
Fix for building against libreSSL #302 
Changed to use the check we use elsewhere.
 2019-02-26 14:48:54 -08:00
Will Cosgrove
ca06fe21c9
Fix for when building against LibreSSL #302 2019-02-26 14:44:50 -08:00
gartens
cfa74b9d14 docs: update libssh2_hostkey_hash.3 [ci skip] (#301) 2019-02-25 10:06:24 -08:00
Will Cosgrove
f7dd7d1d43
fix malloc/free mismatches #296 (#297) 2019-02-21 12:00:44 -08:00
Will Cosgrove
097448107a
Replaced malloc with calloc #295 2019-02-21 09:55:42 -08:00
Will Cosgrove
b45333b2b6
Abstracted OpenSSL calls out of hostkey.c (#294) 2019-02-20 17:02:48 -08:00
Will Cosgrove
53aba03fef
Fix memory dealloc impedance mis-match #292 (#293) 
When using ed25519 host keys and a custom memory allocator.
 2019-02-20 12:00:44 -08:00
Will Cosgrove
5c805e23ea
Added call to OpenSSL_add_all_digests() #288 
For OpenSSL 1.0.x we need to call OpenSSL_add_all_digests().
 2019-02-18 09:48:14 -08:00
Zhen-Huan HWANG
03d068f00a SFTP: increase maximum packet size to 256K (#268) 
to match implementations like OpenSSH.
 2019-02-12 15:18:26 -08:00
Zenju
508efe4fb4 Fix https://github.com/libssh2/libssh2/pull/271 (#284) 2019-02-06 13:47:34 -08:00
Will Cosgrove
0b5af2af92
Agent NULL check in shutdown #281 2019-01-16 11:42:39 -08:00
Adrian Moran
77e0bc9796 mbedtls: Fix leak of 12 bytes by each key exchange. (#280) 
Correctly free ducts by calling _libssh2_mbedtls_bignum_free() in dtor.
 2019-01-15 16:06:48 -08:00
alex-weaver
31aea1ec68 Fix error compiling on Win32 with STDCALL=ON (#275) 2018-11-30 11:34:20 -08:00
Will Cosgrove
cf13c9925c
Allow default permissions to be used in sftp_mkdir (#271) 
Added constant LIBSSH2_SFTP_DEFAULT_MODE to use the server default permissions when making a new directory
 2018-11-08 10:01:21 -08:00
Giulio Benetti
b5b6673c28 openssl: fix dereferencing ambiguity potentially causing build failure (#267) 
When dereferencing from *aes_ctr_cipher, being a pointer itself,
ambiguity can occur; fixed possible build errors.
 2018-09-13 10:05:24 -07:00
Viktor Szakats
64769acab5 win32/GNUmakefile: define HAVE_WINDOWS_H 
This macro was only used in test/example code before, now it is
also used in library code, but only defined automatically by
automake/cmake, so let's do the same for the standalone win32
make file.

It'd be probably better to just rely on the built-in _WIN32 macro
to detect the presence of windows.h though. It's already used
in most of libssh2 library code. There is a 3rd, similar macro
named LIBSSH2_WIN32, which might also be replaced with _WIN32.

Ref: 8b870ad771
Closes https://github.com/libssh2/libssh2/pull/266
 2018-09-12 08:57:57 +00:00
Marc Hoersken
8b870ad771 Fix conditional check for HAVE_DECL_SECUREZEROMEMORY 
"Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared,
HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol
undeclared. When you are sure that the check was performed,
use HAVE_DECL_symbol in #if."

Source: autoconf documentation for AC_CHECK_DECLS.
 2018-09-02 17:49:28 +02:00
Marc Hoersken
ee89d17d67 Fix implicit declaration of function 'SecureZeroMemory' 
Include window.h in order to use SecureZeroMemory on Windows.
 2018-09-02 17:35:23 +02:00
Marc Hoersken
174698fa5b Fix implicit declaration of function 'free' by including stdlib.h 2018-09-02 17:24:45 +02:00
Will Cosgrove
a09f518ff7
Use malloc abstraction function in pem parse 
Fix warning on WinCNG build.
 2018-08-27 12:09:51 -07:00
Will Cosgrove
01f1689cc8
Fixed possible junk memory read in sftp_stat #258 2018-08-10 15:20:36 -07:00
Will Cosgrove
525c1973cf
removed INT64_C define (#260) 
No longer used.
 2018-08-09 09:51:32 -07:00
Will Cosgrove
dd1b8be51a
Added conditional around engine.h include 2018-08-07 08:46:47 -07:00
Alex Crichton
d071e0e07b Fix OpenSSL link error with no-engine support (#259) 
This commit fixes linking against an OpenSSL library that was compiled with
`no-engine` support by bypassing the initialization routines as they won't be
available anyway.
 2018-08-06 14:40:29 -07:00
Will Cosgrove
0309229259
ED25519 Key Support #39 (#248) 
OpenSSH Key and ED25519 support #39
Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120

* ED25519 Key file support - Requires OpenSSL 1.1.1 or later
* OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types
* New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading.
* Added new tests for OpenSSH formatted Keys
 2018-08-02 14:00:25 -07:00
Will Cosgrove
62b825c8af
ECDSA key types are now explicit (#251) 
* ECDSA key types are now explicit

Issue was brough up in pull request #248
 2018-05-04 13:03:15 -07:00
Jakob Egger
930bf09cb4 Add Instructions for building from Master (#249) 2018-05-02 09:35:25 -07:00