libssh

lib/libssh

Fork 0

mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-06 13:20:57 +03:00

Commit Graph

Select branches

Hide Pull Requests

master

master-fix

stable-0.10

stable-0.11

stable-0.8

stable-0.9

v0-2

v0-3

v0-4

v0-5

v0-6

v0-7

libssh-0.10.0

libssh-0.10.2

libssh-0.10.3

libssh-0.10.4

libssh-0.10.5

libssh-0.10.6

libssh-0.11.0

libssh-0.11.1

libssh-0.11.2

libssh-0.11.3

libssh-0.5.1

libssh-0.5.2

libssh-0.5.3

libssh-0.5.4

libssh-0.5.5

libssh-0.6.0

libssh-0.6.1

libssh-0.6.3

libssh-0.6.4

libssh-0.6.5

libssh-0.7.0

libssh-0.7.1

libssh-0.7.2

libssh-0.7.3

libssh-0.7.4

libssh-0.7.5

libssh-0.7.6

libssh-0.7.7

libssh-0.8.0

libssh-0.8.1

libssh-0.8.2

libssh-0.8.3

libssh-0.8.4

libssh-0.8.5

libssh-0.8.6

libssh-0.8.7

libssh-0.8.8

libssh-0.8.9

libssh-0.9.0

libssh-0.9.1

libssh-0.9.2

libssh-0.9.3

libssh-0.9.4

libssh-0.9.5

libssh-0.9.6

libssh-0.9.7

libssh-0.9.8

release-0-3-0

release-0-3-1

release-0-3-2

release-0-3-3

release-0-3-4

release-0-4-0

release-0-4-1

release-0-4-2

release-0-4-3

release-0-4-4

release-0-4-5

release-0-4-6

release-0-4-7

release-0-4-8

release-0-5-0

0ef79018b3 kex: Implement remaining hybrid ML-KEM methods master Pavol Žáčik 2025-11-18 13:36:25 +01:00
7911580304 ecdh: Factor out keypair generation Pavol Žáčik 2025-11-18 14:21:10 +01:00
e5108f2ffc docs: Use a modern doxygen theme Andreas Schneider 2025-11-21 14:29:22 +01:00
5ce4b65abb cmake: Add .cmake-format.yaml Andreas Schneider 2025-11-21 09:04:33 +01:00
b62675b435 chore(editorconfig): Put CMakeLists.txt in its own section Andreas Schneider 2025-11-21 17:45:20 +01:00
f333d95013 ci: Avoid repetitive definitions Jakub Jelen 2025-11-19 17:30:43 +01:00
92d0f8aba6 ci: Remove GSSAPI from minimal build Jakub Jelen 2025-11-19 17:29:34 +01:00
66460578b1 ci: Remove marco from the whitelist Jakub Jelen 2025-11-19 16:53:39 +01:00
b93db6c3d1 ci: Replace ad-hoc exports with variables Jakub Jelen 2025-11-19 15:53:36 +01:00
1c3143ff00 ci: Add cmocka.cfg to avoid false positives reports from csbuild Jakub Jelen 2025-11-19 15:46:29 +01:00
47305a2f72 docs(fido2): add FIDO2/U2F security key support chapter to documentation Praneeth Sarode 2025-10-30 22:37:32 +05:30
5bbaecfaa7 feat(pki): extend the sshsig API to support security keys along with tests Praneeth Sarode 2025-10-30 22:37:22 +05:30
6e5d0a935f tests(fido2): add tests for SK ECDSA and SK Ed25519 public key authentication Praneeth Sarode 2025-10-15 21:08:21 +05:30
5d4d9f8208 tests(rsa): add test for RSA key generation using the newer ssh_pki_generate_key API Praneeth Sarode 2025-10-15 21:08:01 +05:30
c128cf8807 tests(pki): add torture tests for pki_sk functions Praneeth Sarode 2025-10-23 22:31:46 +05:30
5937b5ba4e feat(torture_sk): add functions to validate security key signatures and to create PKI context Praneeth Sarode 2025-10-23 22:31:20 +05:30
1241a3a8c9 tests(fido2): add sk-dummy support to the testing infrastructure Praneeth Sarode 2025-10-23 22:24:39 +05:30
21d338737a tests(fido2): add sk key files to the testing infrastructure Praneeth Sarode 2025-08-17 02:14:38 +05:30
d91630308d pki: add security key identities to session options Praneeth Sarode 2025-08-22 19:23:40 +05:30
37f0e91814 feat(pki): add security key support with enrollment, signing, and resident key loading functions Praneeth Sarode 2025-09-20 19:34:41 +05:30
32a256e157 feat(pki): add ssh_key getters to retrieve security key flags, application, and user ID Praneeth Sarode 2025-09-20 19:31:40 +05:30
14bd26e71c feat(pki): add support for user ID in ssh_key structure Praneeth Sarode 2025-08-30 01:50:59 +05:30
97e71606e0 feat(pki): add ssh_pki_ctx to ssh_session Praneeth Sarode 2025-09-20 20:26:37 +05:30
d4b0de702b feat(pki): implement PKI context API Praneeth Sarode 2025-10-06 12:41:55 +05:30
acc080ac03 tests(fido2): add tests for the usb-hid security key callbacks Praneeth Sarode 2025-10-23 22:22:50 +05:30
e56af9fa79 feat(torture_sk): add validation functions for security key callback responses and resident keys Praneeth Sarode 2025-10-23 22:19:20 +05:30
c4b2bd34a8 feat(torture): add torture_get_sk_pin function to retrieve PIN from environment Praneeth Sarode 2025-09-25 03:56:01 +05:30
50ee6411f2 fido2: implement the default sk_callbacks for FIDO2/U2F keys using the usb-hid protocol Praneeth Sarode 2025-08-17 01:56:25 +05:30
c1dd30b47b fido2: add helper functions for writing FIDO2/U2F callbacks Praneeth Sarode 2025-07-05 18:39:12 +05:30
8ba9e931e8 fido2: declare callbacks for sk operations Praneeth Sarode 2025-07-05 17:54:36 +05:30
eda5c6576b tests(torture_sk): validate sk_flags against allowed security key flags Praneeth Sarode 2025-08-19 19:19:43 +05:30
302d868875 fido2: add sk_api.h Praneeth Sarode 2025-05-27 10:00:19 +05:30
7db75e8fd0 ci: enable FIDO2/U2F support in some images Praneeth Sarode 2025-07-05 17:25:50 +05:30
ebe632cf8f cmake: add build option to enable FIDO2/U2F support Praneeth Sarode 2025-07-05 17:05:24 +05:30
150d606db7 cmake: add cmake module to find libfido2 Praneeth Sarode 2025-07-05 17:00:00 +05:30
63fbf00efe pki: Use constant for minimal RSA key size in FIPS Jakub Jelen 2025-11-06 16:24:16 +01:00
ae33ced0dc coverage: Ignore parse errors again Jakub Jelen 2025-11-06 14:13:20 +01:00
ee6e2c69e1 Bump minimal RSA key size to 1024 Jakub Jelen 2025-11-06 10:18:28 +01:00
cefc4f8c97 pkd: Run tests with ecdsa and ed25519 keys with dropbear Jakub Jelen 2025-11-05 17:28:21 +01:00
b64e7f67d3 pkd: Run ed25519 tests with dropbear Jakub Jelen 2025-11-05 16:48:20 +01:00
491cd81a32 kex: Place PQC KEX methods first Jakub Jelen 2025-11-05 15:21:49 +01:00
3444f4c449 Remove references to (unused) pre-release ssh messages SSH2_MSG_ECMQV_* Jakub Jelen 2025-11-05 15:20:31 +01:00
80541ab828 mlkem768: Fix missing jumps in error handling Pavol Žáčik 2025-11-06 11:16:17 +01:00
b042477f83 Suppress remaining OpenSSL 3.5 memory leaks Jakub Jelen 2025-11-05 15:47:32 +01:00
950abbbd81 tests: Remove the -E which is overridden by followed -E on ctest CLI Jakub Jelen 2025-11-05 14:55:03 +01:00
b9c6701c68 tests: Avoid needless pthread_exit() Jakub Jelen 2025-11-04 21:49:51 +01:00
a94df4bb8f tests: Adjust valgrind supressions for Fedora 43 Jakub Jelen 2025-11-04 18:37:00 +01:00
41b8b3326c client: Reset session packet state on disconnect Pavol Žáčik 2025-10-21 15:34:53 +02:00
a9c8f942a5 kex: Implement mlkem768x25519-sha256 Sahana Prasad 2025-09-11 13:22:09 +02:00
d307bfa239 pki_crypto: Avoid potential memory leak if malloc fails Jakub Jelen 2025-10-03 20:05:20 +02:00
66e8491f73 ttyopts: make non-POSIX defines optional Mike Frysinger 2025-10-23 01:47:05 -04:00
e93c1f6a61 libcrypto: update EVP API usage Mike Frysinger 2025-10-23 01:37:37 -04:00
358553e976 scp: Workaround for Cisco devices not handling single quotes Jakub Jelen 2025-09-16 14:45:40 +02:00
07d099f652 examples: Support passing port to libssh_scp to simplify testing Jakub Jelen 2025-09-16 16:04:50 +02:00
f3d70e54e9 tests(string): add tests for ssh_string_from_data function Praneeth Sarode 2025-10-06 12:38:15 +05:30
74d1bf51b5 feat(string): add ssh_string_from_data function to create ssh_string from data buffer Praneeth Sarode 2025-10-06 12:37:43 +05:30
00f1d6fac2 Add RequiredRsaSize configuration option Jakub Jelen 2025-09-23 18:25:57 +02:00
029754efb3 examples: Reformat Jakub Jelen 2024-08-09 14:54:10 +02:00
a49e0c2a84 examples: Replace magic numbers with FD constants Jakub Jelen 2024-08-09 14:53:57 +02:00
8966e577ab connector: Improve logging Jakub Jelen 2024-07-26 13:50:22 +02:00
dc45b8f3f1 channels: Improve logging information about channels Jakub Jelen 2024-07-22 18:34:22 +02:00
c932790b82 connector: Fix default connector flags Jakub Jelen 2024-07-22 15:17:39 +02:00
8a0aa17bca connector: Reformat Jakub Jelen 2024-07-22 15:26:19 +02:00
ecb11f1a18 tests: Fix wording in comment to make sense Jakub Jelen 2024-07-22 14:01:55 +02:00
6aea779918 sftpserver: Fix loop termination Jakub Jelen 2025-09-08 19:16:01 +02:00
a51384fe4e sftpserver: Remove some needless parts Jakub Jelen 2025-09-08 19:15:10 +02:00
c55140272f examples: Add more flexibility to set verbosity Jakub Jelen 2025-09-08 19:04:08 +02:00
607dad040b mbedtls: Warn about missing featues of mbedTLS build Jakub Jelen 2025-08-11 21:46:15 +02:00
55bb909252 refactor(pki): separate the sk signature buffer packing to a separate function Praneeth Sarode 2025-09-26 18:36:43 +05:30
08cbbea461 pki: update RSA key generation to use default size when parameter is 0 Praneeth Sarode 2025-09-21 04:57:56 +05:30
8c4e337ab7 pki: define RSA_DEFAULT_KEY_SIZE Praneeth Sarode 2025-09-21 04:57:24 +05:30
8541b6584f test(buffer): add unit tests for ssh_buffer_dup function Praneeth Sarode 2025-09-24 20:37:36 +05:30
2f77727796 feat(buffer): add ssh_buffer_dup function to duplicate existing buffers Praneeth Sarode 2025-09-22 16:34:34 +05:30
a3c5d3b256 tests: Rewrite all fuzzers to LLVMFuzzerInitialize and nalloc Jakub Jelen 2025-08-12 11:30:54 +02:00
59a502ede6 fuzz: test allocations failures Philippe Antoine 2025-06-27 12:06:01 +02:00
c94e2efcf1 fix(bind): Remove code duplication in ssh_bind_listen Francesco Rollo 2025-09-17 01:47:59 +03:00
3d3b12891f tests: Avoid prefix matching when selecting algorithmms Jakub Jelen 2025-09-10 13:05:50 +02:00
6ca59307d4 Add non-namespaced alias sntrup761x25519-sha512 that is being standardized Jakub Jelen 2025-09-10 11:52:23 +02:00
e8bbd194c7 refactor(pki): Define RSA_MIN_KEY_SIZE and update related checks Praneeth Sarode 2025-08-28 17:13:48 +05:30
301d0e16df Bump version to 0.11.3 libssh-0.11.3 stable-0.11 Jakub Jelen 2025-08-14 10:49:11 +02:00
c182a21e11 poll: Use is_locked helper where possible Jakub Jelen 2025-08-12 10:39:22 +02:00
3a28fbe5c6 socket: do not free poll object if it is locked Philippe Antoine 2025-07-23 14:37:45 +02:00
65f363c9e3 CVE-2025-8114: Fix NULL pointer dereference after allocation failure Andreas Schneider 2025-08-06 15:17:59 +02:00
1c763e29d1 CVE-2025-8277: mbedtls: Avoid leaking ecdh keys Jakub Jelen 2025-08-06 15:32:56 +02:00
7d85085d2a tests: Invoke all combinations of wrong guesses during rekey Jakub Jelen 2025-07-30 12:27:55 +02:00
8e4d67aa9e CVE-2025-8277: ecdh: Free previously allocated pubkeys Jakub Jelen 2025-08-06 11:10:38 +02:00
266174a6d3 CVE-2025-8277: Fix memory leak of unused ephemeral key pair after client's wrong KEX guess Francesco Rollo 2025-07-24 16:30:07 +03:00
87db2659ec CVE-2025-8277: packet: Adjust packet filter to work when DH-GEX is guessed wrongly Jakub Jelen 2025-08-05 18:42:31 +02:00
0fad4e6307 tests: Enable all key exchange methods in ssh_ping Jakub Jelen 2025-07-30 12:28:23 +02:00
df4e907dff poll: Use is_locked helper where possible Jakub Jelen 2025-08-12 10:39:22 +02:00
c99261437f socket: do not free poll object if it is locked Philippe Antoine 2025-07-23 14:37:45 +02:00
53ac23ded4 CVE-2025-8114: Fix NULL pointer dereference after allocation failure Andreas Schneider 2025-08-06 15:17:59 +02:00
ffed80f8c0 CVE-2025-8277: mbedtls: Avoid leaking ecdh keys Jakub Jelen 2025-08-06 15:32:56 +02:00
9ada7aa0e4 CVE-2025-8277: wrapper: Free cv25519 private key on cleanup Jakub Jelen 2025-08-06 14:22:25 +02:00
d357a9f3e2 tests: Invoke all combinations of wrong guesses during rekey Jakub Jelen 2025-07-30 12:27:55 +02:00
c9d95ab0c7 CVE-2025-8277: ecdh: Free previously allocated pubkeys Jakub Jelen 2025-08-06 11:10:38 +02:00
ccff22d378 CVE-2025-8277: Fix memory leak of unused ephemeral key pair after client's wrong KEX guess Francesco Rollo 2025-07-24 16:30:07 +03:00
4310a696f2 CVE-2025-8277: packet: Adjust packet filter to work when DH-GEX is guessed wrongly Jakub Jelen 2025-08-05 18:42:31 +02:00
771e19a7a9 tests: Enable all key exchange methods in ssh_ping Jakub Jelen 2025-07-30 12:28:23 +02:00
118a747acd socket: Free poll handle when resetting socket state Jakub Jelen 2025-08-11 15:49:32 +02:00

1 2 3 4 5 ...