libssh

lib/libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-09 15:41:10 +03:00

Author	SHA1	Message	Date
Jakub Jelen	ae59d21e93	tests: Avoid memory leaks Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>	2023-05-04 16:55:16 +02:00
Jakub Jelen	7ea71ead61	kex: Avoid NULL pointer dereference (GHSL-2023-032) Thanks Phil Turnbull from Github Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	543f3cba7d	torture_options: Add tests for incorrect number parsing options Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	4e1b0e269f	options: Fail if no number was parsed strtoul returns 0 if no valid character was parsed, which can unwantedly misconfigure the options. Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	0e3bb8cbf9	buffer.c: Fix null pointer dereference error This issue was discovered by covscan tool. Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	9f8d46a45a	Add missing return value check This issue was detected by covscan Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	4b5ccd4995	CVE-2023-2283:pki_crypto: Remove unnecessary NULL check Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Norbert Pocs	0bda152ad2	CVE-2023-2283:pki_crypto: Fix possible authentication bypass The return value is changed by the call to pki_key_check_hash_compatible causing the possibility of returning SSH_OK if memory allocation error happens later in the function. The assignment of SSH_ERROR if the verification fails is no longer needed, because the value of the variable is already SSH_ERROR. Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	4e8db9d44b	CVE-2023-1667:tests: Send a bit more to make sure rekey is completed This was for some reason failing on CentOS 7 in 0.10 branch so bringing this to the master too. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	8bb17c46a8	CVE-2023-1667:tests: Client coverage for key exchange with kex guessing Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	08386d4787	CVE-2023-1667:kex: Add support for sending first_kex_packet_follows flag This is not completely straightforward as it requires us to do some state shuffling. We introduce internal flag that can turn this on in client side, so far for testing only as we do not want to universally enable this. We also repurpose the server flag indicating the guess was wrong also for the client to make desired decisions. If we found out our guess was wrong, we need to hope the server was able to figure out this much, we need to revert the DH FSM state, drop the callbacks from the "wrong" key exchange method and initiate the right one. The server side is already tested by the pkd_hello_i1, which is executing tests against dropbrear clients, which is using this flag by default out of the box. Tested manually also with the pkd_hello --rekey to make sure the server is able to handle the rekeying with all key exchange methods. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	8dbe055328	CVE-2023-1667:kex: Correctly handle last fields of KEXINIT also in the client side Previously, the last two fields of KEXINIT were considered as always zero for the key exchange. This was true for the sending side, but might have not been true for the received KEXINIT from the peer. This moves the construction of these two fields closer to their reading or writing, instead of hardcoding them on the last possible moment before they go as input to the hashing function. This also allows accepting the first_kex_packet_follows on the client side, even though there is no kex algorithm now that would allow this. It also avoid memory leaks in case the server_set_kex() or ssh_set_client_kex() gets called multiple times, ensuring the algorithms will not change under our hands. It also makes use of a new flag to track if we sent KEXINIT. Previously, this was tracked only implicitly by the content of the session->next_crypto->{server,client}_kex (local kex). If it was not set, we considered it was not send. But given that we need to check the local kex even before sending it when we receive first_kex_packet_follows flag in the KEXINIT, this can no longer be used. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	cd0aa0bd91	CVE-2023-1667:dh: Expose the callback cleanup functions These will be helpful when we already sent the first key exchange packet, but we found out that our guess was wrong and we need to initiate different key exchange method with different callbacks. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	f455ffe8b8	CVE-2023-1667:kex: Factor out the kex mapping to internal enum Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	1c85acb6e6	CVE-2023-1667:kex: Remove needless function argument The information if the session is client or server session is already part of the session structure so this argument only duplicated information. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	4fb6bccf22	CVE-2023-1667:packet: Do not allow servers to initiate handshake Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	fa902a37ae	CVE-2023-1667:packet_cb: Log more verbose error if signature verification fails Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	df350d3aa4	CVE-2023-1667:token: Add missing whitespace Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	3981aeede2	CVE-2023-1667:kex: Properly conditionalize server code Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	070f679767	kex: Reformat ssh_kex_select_methods Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	82850b6ed1	client: Reformat ssh_client_connection_callback Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	a29d28d1f6	wrapper: Reformat crypto_new Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	2fdb5a121f	Reformat struct ssh_session_struct Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	c00a3369c2	server: Reformat ssh_server_connection_callback Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	1d6f2e4d9b	Reformat ssh_packet_kexinit() Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	e6cc8dfef5	kex: Reformat ssh_send_kex Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	d6bc4905ad	packet: Reformat callback handling functions Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	e1be63d78d	server: Reformat callback_receive_banner Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	b0ce6935fc	server: Reformat ssh_handle_key_exchange Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	1f3143b18c	packet: Fix indentation Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	8cdf602330	kex: Clarify the comment Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	0a9b5bcd45	gssapi: Free mic_buffer on all code paths (GHSL-2023-042) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	bb4e6ad1ee	gssapi: Release output_token on error path (GHSL-2023-041) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	19ec009b7d	gssapi: Release actual_mechs on exit (GHSL-2023-040) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	ccc87f5593	gssapi: Free output token on exit path (GHSL-2023-039) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	23ff6f9388	gssapi: Free mic_token_buffer on before return (GHSL-2023-038) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	5928d7962e	gssapi: Release output_token (GHSL-2023-037) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	3334070f63	gssapi: Avoid memory leaks of selected OID (GHSL-2023-036) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	f691dbbaab	gssapi: Release buffer on error path (GHSL-2023-035) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	bdabf25a5b	gssapi: Free selected OID set on error paths (GHSL-2023-034) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Jakub Jelen	2b5bef9c03	gssapi: Free both_supported on error paths (GHSL-2023-033) Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2023-05-04 11:51:17 +02:00
Ahsen Kamal	14f3910d12	add server test for no-more-sessions Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:13 +02:00
Ahsen Kamal	bfa7a94b83	add client test for no-more-sessions Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:12 +02:00
Ahsen Kamal	08a6996103	handle no-more-sessions in server Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:11 +02:00
Ahsen Kamal	9741054422	add request no-more-sessions@openssh.com global request Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-28 10:58:10 +02:00
Ran Park	d109b5bd5f	Add tests for run ssh_execute_command Signed-off-by: Ran Park <bagayonghuming@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 18:01:32 +02:00
Ran Park	9cd23fecac	solve incorrect parsing of the ProxyCommand configuration option Signed-off-by: Ran Park <bagayonghuming@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 18:01:31 +02:00
Eshan Kelkar	bfa988a7c7	Implement tests for sftp_rename torture_sftp_rename has been added which tries to rename an existing file (positive test case) and tries to rename a file that does not exist (negative test case). Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:49 +02:00
Eshan Kelkar	ef901829c1	Introduce the posix-rename@openssh.com extension handling Changes done in sftp_rename such that it will use posix-rename@openssh.com extension if supported and send a SSH_FXP_EXTENDED request. If the extension is not supported a normal SSH_FXP_RENAME request will be sent. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:18 +02:00
Eshan Kelkar	b067d7a123	Reformat of sftp_rename() to match the current coding style Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>	2023-04-25 12:13:17 +02:00

... 6 7 8 9 10 ...

6080 Commits