lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-08 03:42:12 +03:00
Code Activity
6,185 Commits 12 Branches 62 Tags
7e3263d995a25e6545dbddea63573a357de310cc
Commit Graph

6185 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
b815ca08b3 mbedcrypto: Initialize mpi structs to avoid crashes 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-05-16 09:56:38 +02:00
Jakub Jelen
0882338142 Detect blowfish in mbedtls and skip it if not found 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-05-16 09:56:38 +02:00
Jakub Jelen
a8883199d4 cmake: Compatibility with MbedTLS 3.6.0 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-05-16 09:56:38 +02:00
Jakub Jelen
1db37cd9f4 cmake: Fix typo in error message 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-05-16 09:56:38 +02:00
Andreas Schneider
a5f082db83 tests:client: Add test which checks if we got an exit signal 
Fixes #235

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
04d86aeeae channels: Implement better ssh_channel_get_exit_state() variant 
This way we will get errors as return code else we don't know if the
function failed (SSH_ERROR) or the exit_status is -1 which would
correspond to SSH_ERROR.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
d40a6448a4 channels: Store exit-signal in channel structure 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
fdf8dc2750 channels: Reformat SSH_PACKET_CALLBACK(channel_rcv_request) 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
b2d3a4670a channels: Use a structure to store exit information 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
bc1acb5312 channels: Make exit_status and uint32_t 
This is what we get in the packet and is defined in RFC4254.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
3ce68badca channels: Reformat ssh_channel_exit_status_termination() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
d7bfbebad6 tests:client: Add test for exit_status 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
765597e31f tests:client: We need to set channel to NULL after we freed it 
This fixes an invalid memory read in ssh_channel_get_exit_status() below.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
8aa808a600 include: Introduce a SSH_CHANNEL_FREE() macro 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
649f381029 cmake: Rename torture_server test 
This makes it easier to select it as a single test with:
`ctest -R torture_server_default*`

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Andreas Schneider
081a59371b server: Introduce ssh_send_disconnect() 
This will only send the disconnect message and close the socket. We
should not free any memory here. This should be done by the server
implementation.

Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 15:41:54 +02:00
Jakub Jelen
8577f588c3 tests: Support logging into separate file for exec-ed libssh test server 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-05-13 11:56:22 +02:00
Jakub Jelen
9170320298 ci: Update tags for shared linux and windows runners 
Use the Windows tags from the following article:

https://docs.gitlab.com/ee/ci/runners/hosted_runners/windows.html

The Windows runner are now extremely slow so moving them out of the
pipeline/dependency chain.

The Linux tags were removed with GitLab 17.0. But we need to use the new tags to
avoid the generic jobs being picked up by specific runners, such as freebsd.

https://about.gitlab.com/blog/2023/08/15/removing-tags-from-small-saas-runner-on-linux/
https://docs.gitlab.com/ee/update/deprecations.html#removal-of-tags-from-small-saas-runners-on-linux

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-13 11:56:22 +02:00
Wenjie Yang
7f442afd57 Fix missing memory free functions in pki_key_to_blob(). 
Signed-off-by: Wenjie Yang <yangw.ing@foxmail.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-05-07 12:41:09 +02:00
Jakub Jelen
89c53e1962 libgcrypt: Prevent signature blob to start with 1 bit 
This should prevent the long standing random failures of libgcrypt pipeline. I
was recently able to reproduce it only with dropbear, which sounds like choking
on the signature starting with bit 1, possibly interpretting it as a negative
value.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-29 14:33:16 +02:00
Jakub Jelen
dceb17d2ad libgcrypt: Reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-29 14:33:16 +02:00
Jakub Jelen
2e4a9e3f7b libgcrypt: Initialize pointers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-29 14:33:16 +02:00
Feynman-young
cbabc72555 Add an error handler unittest for ssh_options_set(). 
Add an error handler unittest for ssh_options_set with case SSH_OPTIONS_HOST when ssh_config_parse_uri returns error.

Signed-off-by: Wenjie Yang <yangw.ing@foxmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:42:59 +02:00
Feynman-young
3577eea324 Add ssh_set_error_invalid in ssh_options_set(). 
Add ssh_set_error_invalid in ssh_options_set with case SSH_OPTIONS_HOST after ssh_config_parse_uri returns error.

Signed-off-by: Wenjie Yang <yangw.ing@foxmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:42:58 +02:00
Diego Roux
46a28cfc49 log: fixes legacy fallback for multiple sessions. 
Legacy code in 'ssh_set_callbacks' will fallback to
'ssh_legacy_log_callback' (if the current log cb is
NULL) setting the user data to the current session.

However, if any other session is created afterwards,
it won't update the user data with the new session,
potentially leading to a use-after-free.

Fixes #238.

Signed-off-by: Diego Roux <diegoroux04@protonmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:42:26 +02:00
Abdelrahman Youssef
3227a4cae0 use internal-sftp 
Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:36:03 +02:00
Abdelrahman yossef
efc1176232 tests: setstat and lsetstat 
Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:36:00 +02:00
Abdelrahman yossef
fc451a8f3d fs_wrapper: added stat and lstat 
Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:35:42 +02:00
Abdelrahman Youssef
19e62a78a6 sftp: Added lsetstat extension 
Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-29 08:35:42 +02:00
Jakub Jelen
164ca9ae93 libcrypto: Check return values in KDF handling 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-04-27 10:40:06 +02:00
Debanga Sarma
455d26a479 parse count, longname and attrs fields of SSH_FXP_NAME message 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-18 02:30:21 +05:30
Debanga Sarma
095ab5ad61 use internal-sftp for testing 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-16 03:10:52 +05:30
Debanga Sarma
a9c998c080 test: add tests for sftp extension "home-directory" 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-15 11:54:35 +00:00
Debanga Sarma
b500c2f0cf feat: add support for sftp extension "home-directory" 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-15 11:54:35 +00:00
Debanga Sarma
4edd0669fd test: test coverage for SSH_BIND_OPTIONS_IMPORT_KEY_STR and ed25519 keys 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-15 11:48:31 +02:00
Debanga Sarma
2daf3dc4a8 feat: add option to read user-supplied key string in ssh_bind_options_set() 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-15 11:48:31 +02:00
Debanga Sarma
d34bfdab69 reformat 
Signed-off-by: Debanga Sarma <deb737@proton.me>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-15 11:48:31 +02:00
Jakub Jelen
5dd42dfa22 examples: Avoid buffer overrun 
and provide helpful warning message

CID 1533680:  Memory - illegal accesses  (OVERRUN)

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-04-11 16:08:50 +02:00
Jakub Jelen
a8b7e17aa0 kex: Avoid trailing comma in cipher list 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-09 12:46:08 +02:00
Jakub Jelen
1bdc78d69f Reformat rest of torture_options 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-09 12:46:08 +02:00
Adam Kerrison
74a8d271ad Add support for more options in ssh_options_get() 
Signed-off-by: Adam Kerrison <adam_kerrison@bmc.com>
Squashed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-04-09 12:46:05 +02:00
Noah Miller
d2a8a464a7 Fix mbedTLS issues 
Signed-off-by: Noah Miller <mike@stealthwing.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-09 12:36:13 +02:00
Ajit Singh
4a83c50ce9 sftp.c: call ssh_set_error 
Since sftp_init() returns 0 on success, < 0 on error with ssh error set. This
change sets the appropriate ssh error when the SSH_FXP_VERSION packet cannot be
unpacked and sftp_init() return with -1.

Signed-off-by: Ajit Singh <ajeetsinghchahar2@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-09 12:35:37 +02:00
Noah Miller
996037e77b cmake: fix missing includes in ConfigureChecks 
Signed-off-by: Noah Miller <mike@stealthwing.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-04-02 09:37:02 +02:00
Norbert Pocs
78378291b1 ecdh_crypto.c: free secret when error happens 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-03-24 17:27:16 +01:00
Jakub Jelen
60085debb1 ci: Remove duplicate check for sign-off trailers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-03-23 12:34:47 +01:00
Jakub Jelen
07cb0be12f Do not close socket passed through options on error conditions 
Fixes: #244

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-03-23 11:48:50 +01:00
Jakub Jelen
9d5c31205c Reformat ssh_silent_disconnect 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-03-23 11:48:50 +01:00
Jakub Jelen
49c61bb263 ci: Add shellcheck 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-03-22 12:35:07 +01:00
Jakub Jelen
b6fd4912d7 Fix shellcheck issues 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2024-03-22 12:35:07 +01:00