lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-31 00:03:07 +03:00
Code Activity

tests: Fix segfault with mbedTLS built without threading support

Browse Source 
torture_rand and torture_server_x11 call ssh_init without checking
the return value. If mbedTLS is built without threading support
ssh_init fails but the tests continue and then segfault since threading
wasn't correctly initialised.

Add a section that documents requirements for mbedTLS usage in a
multi threaded environment to README.mbedtls.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
jvijtiuk
2018-02-12 18:01:48 +01:00
committed by Andreas Schneider
parent ebcff9fd63
commit 963111b836
3 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.mbedtls
View File

@ -1,3 +1,6 @@
libssh mbedTLS ECDSA support
=============================
When built with mbedTLS, libssh currently does not support ECDSA key comparison. When built with mbedTLS, libssh currently does not support ECDSA key comparison.
Since the comparison function is used during the verification of publickey Since the comparison function is used during the verification of publickey
authentication requests a libssh server will not be able to deal with ECDSA authentication requests a libssh server will not be able to deal with ECDSA
@ -5,3 +8,16 @@ keys.
In general, if the ssh_key_cmp function is used with mbedTLS, ECDSA key In general, if the ssh_key_cmp function is used with mbedTLS, ECDSA key
comparison won't work. comparison won't work.
mbedTLS and libssh in multithreaded applications
==================================================
To use libssh with mbedTLS in a multithreaded application, mbedTLS has to be
built with threading support enabled.
If threading support is not available and multi threading is used, ssh_init
will fail.
More information about building mbedTLS with threading support can be found
in the mbedTLS documentation.

6
tests/unittests/torture_rand.c
View File

@ -17,9 +17,13 @@
static int setup(void **state) { static int setup(void **state) {
(void) state; (void) state;
int rc;
ssh_threads_set_callbacks(ssh_threads_get_pthread()); ssh_threads_set_callbacks(ssh_threads_get_pthread());
ssh_init(); rc = ssh_init();
if (rc != SSH_OK) {
return -1;
}
return 0; return 0;
} }

6
tests/unittests/torture_server_x11.c
View File

@ -21,9 +21,13 @@ struct hostkey_state {
static int setup(void **state) { static int setup(void **state) {
struct hostkey_state *h; struct hostkey_state *h;
mode_t mask; mode_t mask;
int rc;
ssh_threads_set_callbacks(ssh_threads_get_pthread()); ssh_threads_set_callbacks(ssh_threads_get_pthread());
ssh_init(); rc = ssh_init();
if (rc != SSH_OK) {
return -1;
}
h = malloc(sizeof(struct hostkey_state)); h = malloc(sizeof(struct hostkey_state));
assert_non_null(h); assert_non_null(h);