Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Created the test torture_packet_filter.c which tests if packets are
being correctly filtered.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The packet filter checks required states for the incoming packets and
reject them if they arrived in the wrong state.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
When a SSH2_MSG_OPEN_FAILURE arrives, the channel state is checked
to be in SSH_CHANNEL_STATE_OPENING.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
When a SSH2_MSG_OPEN_CONFIRMATION arrives, the channel state is checked
to be in SSH_CHANNEL_STATE_OPENING.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
After sending the client token, the auth state is set as
SSH_AUTH_STATE_GSSAPI_MIC_SENT. Then this can be expected to be the
state when a USERAUTH_FAILURE or USERAUTH_SUCCESS arrives.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The introduced auth state allows to identify when a request without
authentication information was sent.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The introduced auth state allows to identify when authentication using
password was tried.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
Introduced the states SSH_AUTH_STATE_PUBKEY_OFFER_SENT and
SSH_AUTH_STATE_PUBKEY_AUTH_SENT to know when SSH2_MSG_USERAUTH_PK_OK and
SSH2_MSG_USERAUTH_SUCCESS should be expected.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 92aa2cf4963b714d0f30d4fb0f9e609200224f7a)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit bbed139ecab26cb46b0bb3a21fa4cd2a4f12dadd)
|
|
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit f32cb706752d8dc35ad53a64f51e432cc0bc41cd)
|
|
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1499b38aef17beac8b438522535daf428600d529)
|
|
Cherry-picked from the following commit:
e4653b82bdb63469fd7279cc2b37c48a9d838665
|
|
CHerry-picked from the following commit:
571f547556ad9e2aee38ce894057cca042e8f154
|
|
Cherry-picked from the following commit:
af3de262b69f44ba84009b9aba644b5f1cf3b1a7
|
|
Cherry-picked from the following commit:
be25b58380d8dc7106864102059da58e6c5899e9
|
|
Cherry-picked from the following commit:
4bc6af6c1756c347f46b8a3374d66eb632fad9b7
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 66f51df9)
|
|
This also allows bob to auth as alice.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit ee866441)
|
|
Cherry-picked from the following commit:
b65dcb3a358aa432c8f455de9a04d3c8d6cd9766
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 250bf37a)
|
|
Cherry-picked from the following commits:
cbd75c3e350e2e0e5589d4865f31101588da0473
3014e3c458dee09ebf1deae560c354eb1ecdd703
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit b74a1841)
|
|
Additionally, we can already work around the privilege separation.
http://www.openssh.com/txt/release-7.5
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 56317caa)
|
|
OpenSSH's sshd does not work well under valgrind so lets avoid tracing it.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit ca4fb9c6)
|
|
(cherry-picked from commit 094aa5eb)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 1729d4a1)
|
|
pcap file is generated by the processes writing to the sockets,
which is not allowed for privilege-separated process in new
OpenSSH servers (confined by seccomp filter).
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 5d3ab421)
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit f8f7989c)
|
|
(cherry-picked from commit b92c4996)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 2a9c3966)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 2bd65015)
|
|
(cherry-picked from commit 886fdc8b)
|
|
* tests/torture.c (torture_setup_create_sshd_config): Rework how the
location of the sftp server is discovered, and add the Debian-specific
location.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit e37fd832)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit de309c51)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 06343074)
|
|
This allows to capture debug information of the wrappers.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit c365ff3d)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 1bbfe058)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit a3557b81)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 7aa84318)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 0e98f121)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 6e7eae96)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 21b0d29e)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit a30d16c4)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit c1fb9483)
|
|
We need to test them, so enable them in the sshd.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit dd0d04ae)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit ae89b6c0)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 14f1ce2e)
|