lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-14 04:18:54 +03:00
Code Activity
5,517 Commits 12 Branches 62 Tags
bcc541f467dcde9ce955d01c3d75ab15e566db2c
Commit Graph

5517 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Norbert Pocs
bcc541f467 dh_crypto.c: Add missing rv check 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-09-22 12:29:08 +02:00
Andreas Schneider
915df08058 kdf: Avoid endianess issues 
The key_type is only a letter, if we use and `int` and then cast it to
(const char *) we will end up with a 0 value on big endian.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-09-07 14:37:29 +02:00
Andreas Schneider
9abb541a0f tests: Set OPENSSL_ENABLE_SHA1_SIGNATURES=1 for all tests 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-09-07 14:37:29 +02:00
Andreas Schneider
accbc91a86 tests: Add test with dss known_hosts file 
We should not end up with an infinite loop here.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-09-05 13:30:55 +02:00
Andreas Schneider
3e4c2205c5 knownhosts: Fix and infinite loop when iterating known host entries 
Fixes #145

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-09-05 13:21:51 +02:00
Andreas Schneider
2d79c7a9d5 knownhosts: Give better warnings about unsupported key types 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-09-05 13:21:45 +02:00
Andreas Schneider
b3b3fbfa1d tests: Fix rekey test so it passes on build systems 
The test failed on Fedora Koji and openSUSE Build Service on i686 only. Probably
the rekey on the server needs longer here to collect enough entropy. So we need
to try harder before we stop :-)

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-09-02 09:55:22 +02:00
Jakub Jelen
d69026d7a4 config: Expand tilde when handling include directives 
Related: #93

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-09-02 09:55:19 +02:00
Andreas Schneider
7787dad9bd tests: Use weak attribute for torture_run_tests() if available 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-31 18:57:45 +02:00
Andreas Schneider
23546e354c cmake: Check for weak attribute 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-30 19:47:07 +02:00
Jakub Jelen
e5af9524e3 ci: Add apline linux target 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 15:39:49 +02:00
Jakub Jelen
f86727e06a libcrypto: Avoid unused variable warning 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 13:24:20 +02:00
Jakub Jelen
a69424d4c5 socket: Remove needless typedef 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 13:24:20 +02:00
Jakub Jelen
8aade7ce6f wrapper: Avoid size_t to uint8 cast 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 13:24:20 +02:00
Jakub Jelen
41f2ee92c6 misc: Refactor ssh_strerror to check return values 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 13:24:20 +02:00
Jakub Jelen
8cf9c8162f Do not force GNU_SOURCE during build to fix #141 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-30 13:24:20 +02:00
Andreas Schneider
bd2db30174 options: Use exec for the proxy command 
This wont create a new process but replace the shell.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 16:32:32 +02:00
Andreas Schneider
d642b20d9c socket: Add a comment about shells 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 16:21:04 +02:00
Andreas Schneider
2546b62242 socket: Add error message if execv fails 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 16:21:04 +02:00
Andreas Schneider
6268417ac6 tests: Use ncat instead of nc 
The ncat tool from nmap is available on all unix platforms. The nc
binary might link to ncat or something else. Settle on one we know
also the options can be used if needed.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 11:16:32 +02:00
Andreas Schneider
8c0be750db tests: Add test for expanding port numbers 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 10:08:58 +02:00
Andreas Schneider
f306aafdc6 session: Initialize the port with the standard port (22) 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 10:05:22 +02:00
Andreas Schneider
648baf0f3c misc: Fix expanding port numbers 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-29 10:03:40 +02:00
Andreas Schneider
20406e51c9 misc: Fix format truncation in ssh_path_expand_escape() 
error: ‘%u’ directive output may be truncated writing between 1 and 10
bytes into a region of size 6.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-26 14:09:56 +02:00
Jakub Jelen
8164e1ff9c examples: Fix dereference after NULL check (CID 1461477) 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-25 14:54:00 +02:00
Jakub Jelen
af85ee8e59 config: Avoid false positive report from Coveritt CID 1470006 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-25 14:53:59 +02:00
Jakub Jelen
25a678190c Implement code coverage collection 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-25 14:53:58 +02:00
renmingshuai
0799775185 session->socket_callbacks.data will be set to ssh_packet_socket_callback 
in ssh_packet_register_socket_callback. Here is redundant.

Signed-off-by: renmingshuai <renmingshuai@huawei.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-25 14:51:53 +02:00
Timo Rothenpieler
17aec429f5 misc: rename gettimeofday symbol 
mingw does have this function, even though it appears to be deprecated.
So the symbol has to have a different name, or linking becomes
impossible.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-25 14:48:15 +02:00
Jakub Jelen
6e2648af6b CMake: Do not build PKCS#11 URI support with OpenSSL <1.1.1 
The old version is missing the EVP_PKEY_up_ref(), which is needed to keep track
of the EVP_PKEY references.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Jakub Jelen
a81e78aff4 pki: Rework handling of EVP_PKEYs in OpenSSL backend 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Jakub Jelen
0800618f32 Initialize pkcs11 engine only once 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Jakub Jelen
f721ee847b libcrypto: Skip unneccessary call to ENGINE_cleanup in OSSL>1.1 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Jakub Jelen
382ff38caa pki: Factor out the backend-specifics from cleaning the key structure 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Jakub Jelen
bc0c027ac0 tests: Prevent memory leaks from test 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2022-08-25 14:43:31 +02:00
Anderson Toshiyuki Sasaki
ac6d2fad4a Add gitleaks configuration file to avoid false positives 
The added gitleaks configuration file uses 'tests/*' as the pattern of
paths allowed to contain private keys.  This avoids false positives
during code scans caused by private keys used for testing.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:14:53 +02:00
renmingshuai
1286a70e13 tests: Ensure the mode of the created file is ... 
what we set in open funtion by the argument mode. The mode of the created file
is (mode & ~umask), So we set umask to typical default value(octal 022).

Signed-off-by: renmingshuai <renmingshuai@huawei.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:13:01 +02:00
Jakub Jelen
aa1e136ea3 session: Avoid memory leak of agent_socket from configuration file 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48268

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:11:16 +02:00
Jakub Jelen
a07ec441fd fuzz: Do not expect the channel open and request succeed 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45109
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:11:15 +02:00
Jakub Jelen
5dd8c03b3a Do not accept too long inputs that fill socket buffers 
There are long-standing issues with fuzzing, which cause the send() not writing
all the provided bytes and causing the fuzzer driver to crash. This can be
simply solved by limiting the input size to reasonably large value.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21967

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:11:14 +02:00
Jakub Jelen
33bcd8e81c fuzz: Reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-08 10:11:13 +02:00
Norbert Pocs
4d96c667bc gitlab-ci: Enable environment variable in centos9 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-03 19:42:27 +02:00
Norbert Pocs
2e8e666b1d torture.c Add environment variable to server fork 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-03 19:42:26 +02:00
Jakub Jelen
66be590657 tests: Refactor and provide plain PKCS8 PEM format 
This also allows testing mbedtls with the PKCS8 PEM files

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Jakub Jelen
f193e6840d examples: Update keygen2 example to show fingerprints 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Jakub Jelen
0982715bb5 curve25519: Do not check for openssl functions when other crypto backend is used 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Jakub Jelen
ebeee7631d pki: Do not check for DSA headers when DSA is not built in 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Jakub Jelen
aca482a5a5 mbedcrypto: Refactor PEM parsing 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Jakub Jelen
355e29d881 session: Initialize pointers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2022-08-03 10:41:49 +02:00
Anderson Toshiyuki Sasaki
163951d869 init: Free global init mutex in the destructor on Windows 
Fixes: #57 (T238)

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2022-08-02 15:43:35 +02:00