lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-09-14 02:01:48 +03:00
Code Activity
2,027 Commits 12 Branches 62 Tags
libssh-0.5.5
Commit Graph

2027 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Schneider
f17788adc2 Update ChangeLog. libssh-0.5.5 2013-07-26 08:42:26 +02:00
Andreas Schneider
23e0053a41 BUG 103: Disable proxy command if set to 'none'. 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2013-07-26 08:42:26 +02:00
Andreas Schneider
b6788f369e client: Fix possible NULL pointer dereference. 2013-07-26 08:42:26 +02:00
Andreas Schneider
4cc4236182 kex: Fix a double free. 2013-07-26 08:42:26 +02:00
milo
21a1c51eef Check for NULL pointers in channels.c 2013-07-26 08:42:26 +02:00
Andreas Schneider
d796de288e cmake: Set application version as package version. 2013-07-26 08:42:26 +02:00
Andreas Schneider
7ba381116d BUG 103: Fix ProxyCommand parsing. 2013-06-02 19:33:57 +02:00
Andreas Schneider
6f59c0534d config: Rename ssh_config_get_str(). 2013-06-02 19:33:57 +02:00
Andreas Schneider
494fb26b01 opts: Fix segfault in option parser. 2013-06-02 19:33:57 +02:00
Andreas Schneider
d0f9320602 cmake: Fix setting -D_FORTIFY_SOURCE=2. 2013-06-02 19:33:56 +02:00
Aris Adamantiadis
5826cb6ab2 poll: return error on poll() when pollset is empty 
(cherry picked from commit 222a0d78ca)
 2013-02-27 08:07:44 +01:00
Andreas Schneider
bbdef245a1 Update version number to 0.5.5. 2013-02-12 14:30:22 +01:00
Laurent Bigonville
a0d894dd2a server: Fix typo in dh_handshake_server(). 
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2013-02-05 21:16:04 +01:00
Andreas Schneider
05d8421290 Update to version 0.5.4. libssh-0.5.4 2013-01-22 11:52:36 +01:00
Andreas Schneider
55b09f4264 CVE-2013-0176: Fix a remote DoS if the client doesn't send a matching kex. 
Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
 2013-01-14 14:38:55 +01:00
Andreas Schneider
f128338132 options: Fix a free crash bug if we parse unknown options. 
Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
 2013-01-11 08:52:27 +01:00
Andreas Schneider
ba231d0844 channels1: Fix severa possible null pointer dereferences. 
(cherry picked from commit b811b89f57)
 2013-01-10 13:55:12 +01:00
Andreas Schneider
6da817aa47 Update ChangeLog. libssh-0.5.3 2012-11-14 17:56:48 +01:00
Andreas Schneider
05ed61848f cmake: Bump version number. 2012-11-14 17:11:03 +01:00
Andreas Schneider
d63f19c300 CVE-2012-4561: Fix possible free's on invalid pointers. 2012-11-14 17:11:03 +01:00
Andreas Schneider
455da60846 CVE-2012-4561: Fix error handling of try_publickey_from_file(). 2012-11-14 17:11:03 +01:00
Andreas Schneider
46b2eb3c14 CVE-2012-4559: Make sure we don't free name and longname twice on error. 2012-11-14 17:11:03 +01:00
Andreas Schneider
6236001ff4 CVE-2012-4559: Ensure that we don't free req twice. 2012-11-14 17:11:03 +01:00
Andreas Schneider
1471f2c67a CVE-2012-4559: Ensure we don't free blob or request twice. 2012-11-14 17:11:03 +01:00
Andreas Schneider
b485463197 CVE-2012-4560: Fix a write one past the end of 'buf'. 2012-11-14 17:11:03 +01:00
Andreas Schneider
64fca8a7ed CVE-2012-4560: Fix a write one past the end of the 'u' buffer. 2012-11-14 17:11:03 +01:00
Xi Wang
e3d9501b31 CVE-2012-4562: Fix possible string related integer overflows. 2012-11-14 17:11:00 +01:00
Andreas Schneider
1699adfa03 CVE-2012-4562: Fix a possible infinite loop in buffer_reinit(). 
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
 2012-11-14 17:10:57 +01:00
Xi Wang
db81310d71 CVE-2012-4562: Fix multiple integer overflows in buffer-related functions. 2012-11-14 17:10:53 +01:00
Xi Wang
8489521c0d CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa(). 
No exploit known, but it is better to check the string length.
 2012-11-14 17:10:47 +01:00
Andreas Schneider
2ee6282fdd channels: Fix a possible infinite loop if the connection dropped. 
This fixes bug #85.
 2012-10-22 18:13:53 +02:00
Andreas Schneider
ae218d0d15 channels1: Add missing request_state and set it to accepted. 
This fixes bug #88.
 2012-10-22 18:06:12 +02:00
Andreas Schneider
26579b2231 auth1: Reset error state to no error. 
This fixes bug #89.
 2012-10-22 18:06:09 +02:00
Andreas Schneider
04f1d950b9 session: Fix a possible use after free in ssh_free(). 
We need to cleanup the channels first cause we call ssh_channel_close()
on the channels which still require a working socket and poll context.

Thanks to sh4rm4!
 2012-10-22 17:37:50 +02:00
Andreas Schneider
191c0ae2bb doc: Update copyright policy. 2012-10-14 19:58:26 +02:00
Andreas Schneider
5b32f31a31 channel: Fix a possible null pointer dereference. 
(cherry picked from commit ceb8072b34)
 2012-10-05 11:48:34 +02:00
Andreas Schneider
3eac8e1c18 channels: Fix a possible null pointer dereference. 
(cherry picked from commit 656fd60110)
 2012-10-05 11:47:35 +02:00
Andreas Schneider
dc8f0cddee getpass: Fix a memory leak in ssh_gets() on error. 
(cherry picked from commit 6092596199)
 2012-10-05 11:45:47 +02:00
Andreas Schneider
97b263aee9 sftp: Harden sftp_extension_supported() against null pointers. 
(cherry picked from commit 22f607649d)
 2012-10-05 11:45:28 +02:00
Andreas Schneider
cb53c4f0e1 sftp: Fix a memory on error in sftp_opendir(). 
(cherry picked from commit b5c4b090da)
 2012-10-05 11:45:12 +02:00
Andreas Schneider
0d029e7038 misc: Don't leak memory on ssh_path_expand_escape() on error. 
(cherry picked from commit 61d032fc03)
 2012-10-05 11:44:50 +02:00
Andreas Schneider
aae725a44c session: Fix a memory leak in ssh_new() on error. 
(cherry picked from commit 280ce3fe93)
 2012-10-05 11:44:12 +02:00
Werner Koch
0e833d75e6 Fix regression in pre-connected socket setting. 
* src/socket.c (ssh_socket_pollcallback): Factor some code out to ...
(ssh_socket_set_connecting): New.
* include/libssh/socket.h (ssh_socket_set_connecting): Add prototype.
* src/client.c (ssh_connect): Use new function for a socket set by
SSH_OPTIONS_FD.

Signed-off-by: Werner Koch <wk@gnupg.org>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2012-09-21 09:41:47 +02:00
Andreas Schneider
ae83f77511 build: Fix missing struct in_addr warning. 
(cherry picked from commit 782b2e37c6)
 2012-07-17 18:17:05 +02:00
Andreas Schneider
4d8420f328 sftp: Fix bug in sftp_mkdir not returning on error. 
resolves: #84
(cherry picked from commit a92c97b2e1)
 2012-07-17 18:13:03 +02:00
Andreas Schneider
d8f2a793d3 connect: Fix a build warning. 
(cherry picked from commit 8b8d9dc83a)
 2012-07-17 17:34:50 +02:00
rofl0r
558b53a856 session: Cleanup timeout functions and fix packets termination. 
It is possible that we get unrelated packets while waiting for
termination, thus waiting indefinitely. As a workaround we have to
check the user-supplied timeout.
Also cleaned up ssh_blocking_flush, which was using the timeout in a
bogus manner (resetting the timeout after each check).
 2012-01-02 12:42:47 +01:00
Andreas Schneider
0764adc82f message: Fix compiler warning. 
(cherry picked from commit 2f861a858b)
 2012-01-02 09:31:59 +01:00
rofl0r
87fd7d617e message: Handle all unknown global messages. 
Reply to unknown global messages as required by the RFC. Therefore
keepalive@openssh.com style messages should get treated in a sane way.
 2012-01-01 20:54:09 +01:00
Andreas Schneider
3e83af5f5e keyfiles: Fix build errors with callbacks. 
Introduced with the last commit.
 2011-09-17 22:59:13 +02:00