It uses wolfSSL's OpenSSL compatibility layer, so rather than introduce new
wolfssl.h/c files, the new backend just reuses openssl.h/c. Additionally,
replace EVP_Cipher() calls with EVP_CipherUpdate(), since EVP_Cipher() is not
recommended.
Credit: Hayden Roche
File:
version.c, HACKING-CRYPTO, libssh2.h, libssh2_crypto_engine.3, makefile.
Notes:
libssh2_crypto_engine() API to get crypto engine at runtime.
Credit: Bastien Durel
Notes:
* Host Key RSA 256/512 support #536
* Client side key hash upgrading for RFC 8332
* Support for server-sig-algs, ext-info-c server messages
* Customizing preferred server-sig-algs via the preference LIBSSH2_METHOD_SIGN_ALGO
Credit: Anders Borum, Will Cosgrove
Notes:
Add CIFuzz integration to run fuzzer using the OSS-Fuzz infrastructure
at each PR.
Signed-off-by: David Korczynski <david@adalogics.com>
Closes#635
Files: libssh2.h
Notes:
`_WINDLL` is only defined when a Visual Studio CMake generator is used, `libssh2_EXPORTS` is used though for all CMake generator if a shared libssh2 library is being built.
Credit:
Uwe L. Korn
Fix these categories of warning:
- in `wincng.c` disagreement in signed/unsigned char when passing around
the passphrase string:
`warning: pointer targets in passing argument [...] differ in signedness [-Wpointer-sign]`
Fixed by using `const unsigned char *` in all static functions and
applying/updating casts as necessary.
- in each use of `libssh2_*_init()` macros where the result is not used:
`warning: value computed is not used [-Wunused-value]`
Fixed by using `(void)` casts.
- `channel.c:1171:7: warning: 'rc' may be used uninitialized in this function [-Wmaybe-uninitialized]`
Fixed by initializing this variable with `LIBSSH2_ERROR_CHANNEL_UNKNOWN`.
While there I replaced a few 0 literals with `LIBSSH2_ERROR_NONE`.
- in `sftp.c`, several of these two warnings:
`warning: 'data' may be used uninitialized in this function [-Wmaybe-uninitialized]`
`warning: 'data_len' may be used uninitialized in this function [-Wmaybe-uninitialized]`
Fixed by initializing these variables with NULL and 0 respectively.
- Also removed the exec attribute from `wincng.h`.
Notes:
- There are many pre-existing checksrc issues.
- The `sftp.c` and `channel.c` warnings may apply to other platforms as well.
Closes#628
Sometimes, as the OCI container is run in detached mode, it is possible
the actual server is not ready yet to handle SSH traffic. The goal of
this PR is to try several times (max 3). The mechanism is the same as
for the connection to the docker machine.
The current tests suite starts SSH server as OCI container. This commit
add the possibility to run the tests in a container provided that:
* the docker client is installed builder container
* the host docker daemon unix socket has been mounted in the builder
container (with, if needed, the DOCKER_HOST environment variable
accordingly set, and the permission to write on this socket)
* the builder container is run on the default bridge network, or the
host network. This PR does not handle the case where the builder
container is on another network.
No longer rely on DigitalOcean to host the Docker container.
Unfortunately we require a small dispatcher script that has
access to a GitHub access token with scope repo in order to
trigger the daemon workflow on GitHub Actions also for PRs.
This script is hosted by myself for the time being until GitHub
provides a tighter scope to trigger the workflow_dispatch event.
Notes:
FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call.
Credit:
Will Cosgrove
* configure.ac: don't undefine scoped variable
To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it.
* configure.ac: remove cygwin specific CFLAGS #598
Notes:
Remove cygwin specific Win32 CFLAGS and treat the build like a posix build
Credit:
Will Cosgrove, Brian Inglis
File:
packet.c
Notes:
Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails.
The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning.
Credit:
teottin, Co-authored-by: Tor Erik Ottinsen <tor.ottinsen@kdi.kongsberg.com>
Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c
Notes:
Support ECDSA certificate authentication
Add a test for:
- Existing ecdsa basic public key authentication
- ecdsa public key authentication with a signed public key
Credit:
kkoenig
Files: agent.c, agent.h, agent_win.c
Notes:
* agent: Add support for Windows OpenSSH agent
The implementation was partially taken and modified from that found in
the Portable OpenSSH port to Win32 by the PowerShell team, but mostly
based on the existing Unix OpenSSH agent support.
https://github.com/PowerShell/openssh-portable
Regarding the partial transfer support implementation: partial transfers
are easy to deal with, but you need to track additional state when
non-blocking IO enters the picture. A tracker of how many bytes have
been transfered has been placed in the transfer context struct as that's
where it makes most sense. This tracker isn't placed behind a WIN32
#ifdef as it will probably be useful for other agent implementations.
* agent: win32 openssh: Disable overlapped IO
Non-blocking IO is not currently supported by the surrounding agent
code, despite a lot of the code having everything set up to handle it.
Credit:
Co-authored-by: Gabriel Smith <gabriel.smith@precisionot.com>
Notes:
* Make _libssh2_random return code consistent
Previously, _libssh2_random was advertized in HACKING.CRYPTO as
returning `void` (and was implemented that way in os400qc3.c), but that
was in other crypto backends a lie; _libssh2_random is (a macro
expanding) to an int-value expression or function.
Moreover, that returned code was:
— 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends
But also:
— 1 on success, -1 or 0 on error for the OpenSSL backend!
– 1 on success, error cannot happen for libgcrypt!
This commit makes explicit that _libssh2_random can fail (because most of
the underlying crypto functions can indeed fail!), and it makes its result
code consistent: 0 on success, -1 on error.
This is related to issue #519https://github.com/libssh2/libssh2/issues/519
It fixes the first half of it.
* Don't silent errors of _libssh2_random
Make sure to check the returned code of _libssh2_random(), and
propagates any failure.
A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h
None of the existing error constants seemed fit.
This commit is related to d74285b684
and to https://github.com/libssh2/libssh2/issues/519 (see the issue
for more info.) It closes#519.
Credit:
Paul Capron
Notes:
The OpenSSH server docker image used for tests is pre-built to prevent
wasting time building it during a test, and unneeded rebuilds are
prevented by caching the image layers.
Credit:
Gabriel Smith
file: userauth.c
notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error
credit:
Will Cosgrove
File:
openssh_fixture.c
Notes:
If reading the full output from the executed command took multiple
passes (such as when reading multiple lines) the old code would read
into the buffer starting at the some position (the start) every time.
The old code only works if fgets updated p or had an offset parameter,
both of which are not true.
Credit:
Gabriel Smith
File: bcrypt_pbkdf.c
Notes:
blf_enc() takes a number of 64-bit blocks to encrypt, but using
sizeof(uint64_t) in the calculation triggers a warning with
clang 10 because the actual data type is uint32_t. Pass
BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3)
does.
Ref: 04a2240bd8Fixes#562
Credit:
Viktor Szakats
