lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-17 06:18:58 +03:00
Code Activity
6,040 Commits 12 Branches 62 Tags
0796331c673d66ca69690c585cecf0f07a66da69
Commit Graph

9 Commits

Author SHA1 Message Date
Norbert Pocs
d97a5930c9 Check any input username for validity 
Check possible inputs of username for malicious code.

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-01-15 10:49:58 +01:00
Jakub Jelen
4f997aee7c Fix regression in IPv6 addresses in hostname parsing 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-22 13:03:36 +01:00
Norbert Pocs
95c6f880ef CVE-2023-6004: config_parser: Check for valid syntax of a hostname if it is a domain name 
This prevents code injection.
The domain name syntax checker is based on RFC1035.

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:31 +01:00
Norbert Pocs
1dfde16f49 CVE-2023-6004: config_parser: Allow multiple '@' in usernames 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:21 +01:00
Ran Park
9cd23fecac solve incorrect parsing of the ProxyCommand configuration option 
Signed-off-by: Ran Park <bagayonghuming@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-04-25 18:01:31 +02:00
Norbert Pocs
7ea75cda45 SSH_LOG_TRACE: Recategorize loglevels 
Do not print out logs when no fatal error happens.
This approach is similiar to openssh, when Error/Fatal does not print
recoverable error logs.
recategorized based on - SSH_LOG_TRACE are debug logs when error happens

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-10-07 09:13:19 +02:00
Jakub Jelen
1ba6ef689f config_parser: Allow equal sign as a separator and eat up trailing whitespace 
Probably fixes T210

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2020-04-20 14:14:33 +02:00
Jakub Jelen
349abe5942 config_parser: Implement more useful variant of get_token() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2019-10-01 10:24:01 +02:00
Anderson Toshiyuki Sasaki
79049981a5 config: Move common parser functions to config_parser.c 
This will allow the moved functions to be used in the server side
configuration parser implementation.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2019-04-01 08:25:22 +02:00