lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-09 15:41:10 +03:00
Code Activity
6,080 Commits 12 Branches 62 Tags
fe53cdfabdc82fd8bd50d263a653a15d9439b79c
Commit Graph

6080 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
4f997aee7c Fix regression in IPv6 addresses in hostname parsing 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-22 13:03:36 +01:00
Jakub Jelen
b3de3a3335 CVE-2023-6918: tests: Code coverage for ssh_get_pubkey_hash() 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
59c00c66c4 CVE-2023-6918: kdf: Detect context init failures 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
5c407d2f16 CVE-2023-6918: Systematically check return values when calculating digests 
with all crypto backends

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
10c200037a CVE-2023-6918: Remove unused evp functions and types 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
a16f34c57a CVE-2023-6918: kdf: Reformat 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
a8b9d13687 CVE-2023-48795: tests: Adjust calculation to strict kex 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Jakub Jelen
bdcdf92096 CVE-2023-48795: Strip extensions from both kex lists for matching 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Aris Adamantiadis
3876976ced CVE-2023-48795: Server side mitigations 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Aris Adamantiadis
7ecc6a704b CVE-2023-48795: client side mitigation 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-18 17:35:04 +01:00
Norbert Pocs
f353b39ff2 CVE-2023-6004: torture_misc: Add tests for ipv6 link-local 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:32:06 +01:00
Norbert Pocs
2c92e8ce93 CVE-2023-6004: misc: Add ipv6 link-local check for an ip address 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:32:00 +01:00
Norbert Pocs
92e35c291c CVE-2023-6004: torture_misc: Add test for ssh_is_ipaddr 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:34 +01:00
Norbert Pocs
7b697d711e CVE-2023-6004: torture_proxycommand: Add test for proxycommand injection 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:33 +01:00
Norbert Pocs
95c6f880ef CVE-2023-6004: config_parser: Check for valid syntax of a hostname if it is a domain name 
This prevents code injection.
The domain name syntax checker is based on RFC1035.

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:31 +01:00
Norbert Pocs
2cd971e10e CVE-2023-6004: torture_misc: Add test for ssh_check_hostname_syntax 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:29 +01:00
Norbert Pocs
0ff85b034a CVE-2023-6004: misc: Add function to check allowed characters of a hostname 
The hostname can be a domain name or an ip address. The colon has to be
allowed because of IPv6 even it is prohibited in domain names.

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:27 +01:00
Norbert Pocs
b83368b2ed CVE-2023-6004: options: Simplify the hostname parsing in ssh_options_set 
Using ssh_config_parse_uri can simplify the parsing of the host
parsing inside the function of ssh_options_set

Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:24 +01:00
Norbert Pocs
1dfde16f49 CVE-2023-6004: config_parser: Allow multiple '@' in usernames 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:21 +01:00
Norbert Pocs
57ec9a35c6 CVE-2023-6004: torture_config: Allow multiple '@' in usernames 
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2023-12-18 17:31:14 +01:00
Jakub Jelen
75a177f8d6 Test coverage for file export and for PEM and OpenSSH formats 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:08:35 +01:00
Jakub Jelen
417a0f01f8 examples: Demonstrate export of different key formats 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:08:35 +01:00
Jakub Jelen
3fa28aaf49 pki: New API functions exporting (also ed25519 keys in different formats) 
This also adds an fallback to OpenSSH file format in non-OpenSSL backends and
OpenSSH-compatible private key export for writing OpenSSH private keys.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:08:35 +01:00
Jakub Jelen
30d5ab4313 pki: Fix indentation 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:08:35 +01:00
Jakub Jelen
baa773d1cd pki: Calculate missing CRT parameters when building RSA Key 
The OpenSSL claims that these parameters are not mandatory and just speed up
calculations. But in reality, if they are missing, we can not export this key
into PEM files or if we export them, they are not readable/valid.

This was discussed in the following OpenSSL issue even with some proposed fix,
but it will take time before this will be implemented so in the meantime, we
back down to calculating the parameters manually as done in OpenSSH.

https://github.com/openssl/openssl/issues/21826

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:06:15 +01:00
Jakub Jelen
63be7f7651 libcrypto: Report errors from OpenSSL key import and export 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:06:15 +01:00
Jakub Jelen
04acf9a8ab pki: Unbreak key comparison of Ed25519 keys imported from PEM or OpenSSH container 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:06:15 +01:00
Jakub Jelen
0cfd4d8ec7 examples: Reformat and fix typos in keygen 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:06:15 +01:00
Jakub Jelen
ad458c4633 tests: Do not use assert_true 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:06:12 +01:00
Jakub Jelen
d22194f0b1 packet_cb: Reformat remaining functions 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2023-12-15 10:05:04 +01:00
Jakub Jelen
c925907917 tests: Move the workaround to separate function 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
f41f0492e4 Comments 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
0ff6adeb80 tests: Implement more certificate tests 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
1fcaac9a35 tests: Implement more negative auth tests 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
bac71d1e9c tests: Convert key to PEM so we can not access public key directly 
There are several tests that depended in the past on the fact that we can not
read public key from private encrypted keys. This is no longer the case for some
time as the OpenSSH file format has public key in plaintext.

This change just converts the same key into the PEM Format, which should still
be opaque for us and trigger code paths that enforce opening of the accompanied
public key file.

Converted using the following command:

$ ssh-keygen -m PEM -p -N secret -P secret -f tests/keys/id_rsa_protected

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
1a5ff139e2 tests: Cover failed logins with password/kbdint 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
e179675f2c tests: Verify the certs in default location are used for authentication 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
baa4eb1232 tests: Move tests with certificates to separate user 
This avoids very-long test and false positives when using some
auto-pubkey authentication from picking up default keys, which are available in
bob's home directory when we want to test the certificate authentication.

The separate file is also needed because once we change to bob's UID, we can not
simply go back different UID and this sounds cleaner than setting up SSH_DIR to
different users ...

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
14c7b6a3fb tests: Coverage for certificate files config and options 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
aae1bc1058 Handle automatic certificate authentication 
This involves reading the certificates from configuration files through options
and handling them similarly as the OpenSSH does when doing the auto pubkey
authentication, also in combination with agent or identities only.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
c1630fa097 Reformat auth.c 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
7d4f210234 tests: Cover recent changes for importing certs to keys 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
4f903812e6 auth: Reformat ssh_userauth_agent 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
d604d7f872 pki: Make sure public keys match when adding certificate data 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
a8c844c9c2 pki: Make sure imported certificate is certificate 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
de8f36c93c pki: Support comparing keys with certificates 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
44de06e8db pki: Add support for comparing certificates 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
16ebd4597e pki: Avoid needless cast to void 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
dd11d469dc tests: replace assert_true 
Mechanical edit in vim:

%s/assert_true(rc == 0)/assert_return_code(rc, errno)/g
%s/assert_true(rc == SSH_OK)/assert_return_code(rc, errno)/g
%s/assert_true(rc == \(-*\d*\))/assert_int_equal(rc, \1)/g
%s/assert_true(rc == \(.*\))/assert_int_equal(rc, \1)/g
%s/assert_true(type == \(.*\))/assert_int_equal(type, \1)/g

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00
Jakub Jelen
2c026e4314 bignum: Avoid trailing newline in log message 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-12-05 14:45:51 +01:00