78ce67f579
sftpserver: Use calloc() instead of malloc()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-18 18:54:18 +01:00
2fb8198c48
server: Use calloc() instead of malloc()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-18 18:53:35 +01:00
2ea3683347
kex: Use calloc() instead of malloc()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-18 18:52:04 +01:00
aaeb938ca4
channels: Use calloc() instead of malloc()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-18 18:52:04 +01:00
ef4a81ea0c
auth: Use calloc() instead of malloc()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-18 18:52:00 +01:00
e9073a6bdb
torture_pki_ed25519: Add tests for private key with passphrase
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
9086d5ca33
torture_pki_ecdsa: Add tests for private key with passphrase
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
3c65057fad
torture_key: Add ecdsa keys with passphrase
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
f9b1dece41
torture_pki_dsa: Add tests for private key with passphrase
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
f7a2330de7
torture_pki_rsa: Add tests for private key with passphrase
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
67b8f3d6df
pki_crypto: Fix private key generation with password
...
We need to specify a cipher when we generate a key with a password.
OpenSSH uses aes_128_cbc, so we should use the same.
Thanks to Julian Lunz for the report.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
b0af812710
tests: Move torture keys to own file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
d13a17a27c
cmake: Move ed25519 tests into unix part
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
ddfc36aa56
tests: Move rsa tests to own test file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
a5997d180d
tests: Remove obsolete setup_both_keys()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
51875db70c
tests: Move ed25519 functions to the right file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:31:02 +01:00
5ad7da7fd2
tests: Move ecdsa tests to own test file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:27:52 +01:00
59308bc269
tests: Move dsa tests to own test file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:27:52 +01:00
fd2ef07f37
tests: Move helper functions to a common file
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:24:11 +01:00
e19163eabb
libgcrypt: Add missing config.h include
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:24:11 +01:00
37acd3eca8
torture: Give sshd more time to start up
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-10 22:24:11 +01:00
cc13e85202
tests: Fix torture_pki with libcrypto
...
This stops asking for a passphrase on commandline.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-04 15:35:37 +01:00
720739bc2a
Happy new year!
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org >
2018-01-02 08:05:59 +01:00
ea99215664
pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC
...
Summary:
When ed25519 was introduced in commit 93c7b81b4ejuraj.vijtiuk@sartura.hr >
Test Plan: Unit tests passed. No memory leaks found with valgrind.
Reviewers: asn
Differential Revision: https://bugs.libssh.org/D13
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-28 20:46:37 +01:00
c3c492a190
config: Avoid long -> int -> long casting for timeout configuration option
...
Fixes: T80
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-28 20:42:53 +01:00
778652460f
add mbedtls crypto support
...
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems. It is loosely coupled and has a low memory
footprint. mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr >
Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.
Reviewers: asn, aris
Subscribers: simonsj
Differential Revision: https://bugs.libssh.org/D1
2017-12-28 11:17:39 +01:00
5c3b1ee0a4
options: Rewrite set() description to get()
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-28 11:17:39 +01:00
4dec2f989c
options: Move SSH_OPTIONS_ADD_IDENTITY to *set() function description
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 12:38:23 +01:00
5fdfa8fe44
docs: correction for importing key file
...
Signed-off-by: ebentley66@gmail.com
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 12:31:11 +01:00
176b92a4f4
tests/client/algorithms: Respect global verbosity settings
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
afc6a4e973
tests/config: Verify LogLevel from config is applied
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
53d84abb17
tests/config: Newly parsed options
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
dab8985c05
tests/config: Enable and disable authentication methods
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
0bd6ccc066
tests/config: Verify known_hosts files are applied
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
5c7b8802f2
tests: HostkeyAlgorithms passed from config to options
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:19 +01:00
b8e301ade3
config: Add CMake check for glob()
2017-12-21 11:43:19 +01:00
99c5160cb5
config: glob support for include with test
...
Signed-off-by: NoName115 <robert.kolcun@gmail.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-21 11:43:14 +01:00
110da49504
config: support for MACs
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
f3754dc072
tests/config: Text KexAlgorithms parsing in ssh_config
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
78a3ab2eaa
tests/options: Verify key exchange algorithms are set properly
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
4da7985204
config: Set global log level from configuration file
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
2a66c38efa
options: Typo. The expand character is %d
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
2e31dffdb7
config: Remove MAC option (SSHv1)
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
88e43d2502
config: Add configuration options from current OpenSSH 7.5 (and fix typos)
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
4166bb2a26
options: Document SSH_OPTIONS_GLOBAL_KNOWNHOSTS and set default value
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
f818e63f8f
Add new options
...
Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com >
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be >
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
094aa5eb02
tests: Temporarily build chroot_wrapper
2017-12-15 12:00:49 +01:00
5d3ab421e1
tests: Do not generate pcap file by default
...
pcap file is generated by the processes writing to the sockets,
which is not allowed for privilege-separated process in new
OpenSSH servers (confined by seccomp filter).
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
f8f7989c3d
tests: Give server more time to start
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com >
Reviewed-by: Andreas Schneider <asn@cryptomilk.org >
2017-12-15 12:00:49 +01:00
b92c499626
tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer
2017-12-15 11:59:19 +01:00
