ports/libssh2
ports/libssh2
1
1
Форкнуть 0
Код Релизы 1 Активность
2 072 коммитов 3 Ветки 1 Тег
Граф коммитов

2072 Коммитов

This Branch
This Branch
Все ветки
Автор SHA1 Сообщение Дата
Michael Buckley
0986673d1a Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html 2019-03-14 15:24:52 -07:00
Michael Buckley
f500724665 Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. 2019-03-14 15:24:52 -07:00
Michael Buckley
bac8d7d411 Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html 2019-03-14 15:24:52 -07:00
Michael Buckley
8690f0e041 Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html 
This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent.
 2019-03-14 15:24:52 -07:00
Michael Buckley
634444a348 Defend against writing beyond the end of the payload in _libssh2_transport_read(). 2019-03-14 15:24:52 -07:00
Michael Buckley
76727cf476 Defend against possible integer overflows in comp_method_zlib_decomp. 2019-03-14 15:24:52 -07:00
Will Cosgrove
dc109a7f51
Security fixes (#315) 
* Bounds checks

Fixes for CVEs
https://www.libssh2.org/CVE-2019-3863.html
https://www.libssh2.org/CVE-2019-3856.html

* Packet length bounds check

CVE
https://www.libssh2.org/CVE-2019-3855.html

* Response length check

CVE
https://www.libssh2.org/CVE-2019-3859.html

* Bounds check

CVE
https://www.libssh2.org/CVE-2019-3857.html

* Bounds checking

CVE
https://www.libssh2.org/CVE-2019-3859.html

and additional data validation

* Check bounds before reading into buffers

* Bounds checking

CVE
https://www.libssh2.org/CVE-2019-3859.html

* declare SIZE_MAX and UINT_MAX if needed
 2019-03-14 15:22:13 -07:00
Will Cosgrove
e1d9bd49e4
fixed type warnings (#309) 2019-03-07 11:17:06 -08:00
Will Cosgrove
bc00a288a8
Bumping version number for pending 1.8.1 release 2019-03-07 11:01:20 -08:00
Daniel Stenberg
3f927a8439 _libssh2_string_buf_free: use correct free (#304) 
Use LIBSSH2_FREE() here, not free(). We allow memory function
replacements so free() is rarely the right choice...
 2019-03-04 09:41:06 -08:00
Will Cosgrove
3c1ff8a0b7
Fix for building against libreSSL #302 
Changed to use the check we use elsewhere.
 2019-02-26 14:48:54 -08:00
Will Cosgrove
ca06fe21c9
Fix for when building against LibreSSL #302 2019-02-26 14:44:50 -08:00
gartens
cfa74b9d14 docs: update libssh2_hostkey_hash.3 [ci skip] (#301) 2019-02-25 10:06:24 -08:00
Will Cosgrove
f7dd7d1d43
fix malloc/free mismatches #296 (#297) 2019-02-21 12:00:44 -08:00
Will Cosgrove
097448107a
Replaced malloc with calloc #295 2019-02-21 09:55:42 -08:00
Will Cosgrove
b45333b2b6
Abstracted OpenSSL calls out of hostkey.c (#294) 2019-02-20 17:02:48 -08:00
Will Cosgrove
53aba03fef
Fix memory dealloc impedance mis-match #292 (#293) 
When using ed25519 host keys and a custom memory allocator.
 2019-02-20 12:00:44 -08:00
Will Cosgrove
5c805e23ea
Added call to OpenSSL_add_all_digests() #288 
For OpenSSL 1.0.x we need to call OpenSSL_add_all_digests().
 2019-02-18 09:48:14 -08:00
Zhen-Huan HWANG
03d068f00a SFTP: increase maximum packet size to 256K (#268) 
to match implementations like OpenSSH.
 2019-02-12 15:18:26 -08:00
Zenju
508efe4fb4 Fix https://github.com/libssh2/libssh2/pull/271 (#284) 2019-02-06 13:47:34 -08:00
Will Cosgrove
0b5af2af92
Agent NULL check in shutdown #281 2019-01-16 11:42:39 -08:00
Adrian Moran
77e0bc9796 mbedtls: Fix leak of 12 bytes by each key exchange. (#280) 
Correctly free ducts by calling _libssh2_mbedtls_bignum_free() in dtor.
 2019-01-15 16:06:48 -08:00
alex-weaver
31aea1ec68 Fix error compiling on Win32 with STDCALL=ON (#275) 2018-11-30 11:34:20 -08:00
Will Cosgrove
cf13c9925c
Allow default permissions to be used in sftp_mkdir (#271) 
Added constant LIBSSH2_SFTP_DEFAULT_MODE to use the server default permissions when making a new directory
 2018-11-08 10:01:21 -08:00
Giulio Benetti
b5b6673c28 openssl: fix dereferencing ambiguity potentially causing build failure (#267) 
When dereferencing from *aes_ctr_cipher, being a pointer itself,
ambiguity can occur; fixed possible build errors.
 2018-09-13 10:05:24 -07:00
Viktor Szakats
64769acab5 win32/GNUmakefile: define HAVE_WINDOWS_H 
This macro was only used in test/example code before, now it is
also used in library code, but only defined automatically by
automake/cmake, so let's do the same for the standalone win32
make file.

It'd be probably better to just rely on the built-in _WIN32 macro
to detect the presence of windows.h though. It's already used
in most of libssh2 library code. There is a 3rd, similar macro
named LIBSSH2_WIN32, which might also be replaced with _WIN32.

Ref: 8b870ad771
Closes https://github.com/libssh2/libssh2/pull/266
 2018-09-12 08:57:57 +00:00
Marc Hoersken
8b870ad771 Fix conditional check for HAVE_DECL_SECUREZEROMEMORY 
"Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared,
HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol
undeclared. When you are sure that the check was performed,
use HAVE_DECL_symbol in #if."

Source: autoconf documentation for AC_CHECK_DECLS.
 2018-09-02 17:49:28 +02:00
Marc Hoersken
ee89d17d67 Fix implicit declaration of function 'SecureZeroMemory' 
Include window.h in order to use SecureZeroMemory on Windows.
 2018-09-02 17:35:23 +02:00
Marc Hoersken
174698fa5b Fix implicit declaration of function 'free' by including stdlib.h 2018-09-02 17:24:45 +02:00
Will Cosgrove
a09f518ff7
Use malloc abstraction function in pem parse 
Fix warning on WinCNG build.
 2018-08-27 12:09:51 -07:00
Will Cosgrove
01f1689cc8
Fixed possible junk memory read in sftp_stat #258 2018-08-10 15:20:36 -07:00
Will Cosgrove
525c1973cf
removed INT64_C define (#260) 
No longer used.
 2018-08-09 09:51:32 -07:00
Will Cosgrove
dd1b8be51a
Added conditional around engine.h include 2018-08-07 08:46:47 -07:00
Alex Crichton
d071e0e07b Fix OpenSSL link error with no-engine support (#259) 
This commit fixes linking against an OpenSSL library that was compiled with
`no-engine` support by bypassing the initialization routines as they won't be
available anyway.
 2018-08-06 14:40:29 -07:00
Will Cosgrove
0309229259
ED25519 Key Support #39 (#248) 
OpenSSH Key and ED25519 support #39
Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120

* ED25519 Key file support - Requires OpenSSL 1.1.1 or later
* OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types
* New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading.
* Added new tests for OpenSSH formatted Keys
 2018-08-02 14:00:25 -07:00
Will Cosgrove
62b825c8af
ECDSA key types are now explicit (#251) 
* ECDSA key types are now explicit

Issue was brough up in pull request #248
 2018-05-04 13:03:15 -07:00
Jakob Egger
930bf09cb4 Add Instructions for building from Master (#249) 2018-05-02 09:35:25 -07:00
Will Cosgrove
7b07910b1c
Initialize sb_intl #226 2018-04-27 12:22:33 -07:00
doublex
83151a65f3 buffer overflow (valgrind) (#159) 2018-04-19 10:45:26 -07:00
Brendan Shanks
6b0f67fd55 mbedTLS: Remove some C99-style intermingled variable declarations (#196) 2018-04-18 15:37:07 -07:00
Will Cosgrove
0dd6f96821
fix for #160 2018-04-18 11:21:20 -07:00
doublex
8abc686f0e fix memory leak when using mbedtls backend (#158) 
_libssh2_bn_init_from_bin/_libssh2_bn_free would leak bignum from mbedtls_calloc().
 2018-04-18 10:58:35 -07:00
Brendan Shanks
498a5f5b3f mbedTLS: Avoid multiple definition errors for context handles (#197) 2018-04-18 10:53:02 -07:00
Tseng Jun
d04f9b2bd3 Fix the EVP cipher meth memory leakage problem (#244) 
* Fix the EVP cipher meth memory leakage problem

Looks good, thanks for the fixes.
 2018-04-18 10:08:09 -07:00
Will Cosgrove
2d5b7a891b Added ECDSA defines for WinCNG (#245) 
Fixed missing defines preventing building using WinCNG
 2018-03-31 22:13:38 +02:00
Will Cosgrove
566d271c75
Fix for _libssh2_rsa_new with OpenSSL 1.0.x 
missing d value assignment.
 2018-03-30 16:24:38 -07:00
Etienne Samson
54bef4c5da A collection of small fixes (#198) 
* tests: Remove if-pyramids

* tests: Switch run_command arguments

* tests: Make run_command a vararg function

* tests: Xcode doesn't obey CMake's test working directory

* openssl: move manual AES-CTR cipher into crypto init

* cmake: Move our include dir before all other include paths
 2018-03-20 16:58:13 -07:00
Will Cosgrove
40a79d3558
Fixes incorrect indexing of KEX prefs string 
After stripping out an invalid KEX pref entry, it would incorrectly advance again leaving invalid values in the list.
 2018-03-15 16:53:58 -07:00
Viktor Szakats
42cf29101e tests: fix checksrc warnings 
Also:
* add 'static' qualifier to file-wide const buffers
* fix a non-ANSI C89 comment
* silence a mismatched fprintf() mask warning by adding a cast
 2018-03-13 21:32:41 +00:00
Viktor Szakats
c4ee1cb290 cmake: recognize OpenSSL 1.1 .dll names 
Also fix some comment typos and a stray tab.
 2018-03-13 19:01:07 +00:00