aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2023-12-22tests: Increase test coverage for IPv6 address parsing as hostnamesstable-0.9Jakub Jelen2-0/+71
2023-12-22Fix regression in IPv6 addresses in hostname parsingJakub Jelen4-18/+23
2023-12-18Bump version to 0.9.8libssh-0.9.8Jakub Jelen4-3/+429
2023-12-18Generate new 2k certificate key working in FIPSJakub Jelen3-29/+29
2023-12-18CVE-2023-6918: tests: Code coverage for ssh_get_pubkey_hash()Jakub Jelen1-0/+35
2023-12-18CVE-2023-6918: kdf: Detect context init failuresJakub Jelen1-3/+15
2023-12-18CVE-2023-6918: Systematically check return values when calculating digestsJakub Jelen6-159/+533
2023-12-18CVE-2023-6918: Remove unused evp functions and typesJakub Jelen7-192/+1
2023-12-18CVE-2023-6918: kdf: ReformatJakub Jelen1-9/+11
2023-12-18CVE-2023-48795: tests: Adjust calculation to strict kexJakub Jelen1-24/+32
2023-12-18CVE-2023-48795: Strip extensions from both kex lists for matchingJakub Jelen1-4/+12
2023-12-18CVE-2023-48795: Server side mitigationsAris Adamantiadis3-11/+44
2023-12-18CVE-2023-48795: client side mitigationAris Adamantiadis12-69/+126
2023-12-18CVE-2023-6004: torture_misc: Add tests for ipv6 link-localNorbert Pocs1-0/+20
2023-12-18CVE-2023-6004: misc: Add ipv6 link-local check for an ip addressNorbert Pocs3-14/+49
2023-12-18CVE-2023-6004: torture_misc: Add test for ssh_is_ipaddrNorbert Pocs1-0/+26
2023-12-18CVE-2023-6004: torture_proxycommand: Add test for proxycommand injectionNorbert Pocs1-0/+53
2023-12-18CVE-2023-6004: config_parser: Check for valid syntax of a hostname if it is a...Norbert Pocs1-0/+10
2023-12-18CVE-2023-6004: torture_misc: Add test for ssh_check_hostname_syntaxNorbert Pocs1-0/+73
2023-12-18CVE-2023-6004: misc: Add function to check allowed characters of a hostnameNorbert Pocs2-0/+70
2023-12-18CVE-2023-6004: options: Simplify the hostname parsing in ssh_options_setNorbert Pocs1-24/+16
2023-12-18CVE-2023-6004: config_parser: Allow multiple '@' in usernamesNorbert Pocs1-1/+1
2023-12-18CVE-2023-6004: torture_config: Allow multiple '@' in usernamesNorbert Pocs1-19/+25
2023-12-18channels: Avoid out-of-bounds writesJakub Jelen1-3/+9
2023-12-18session: Avoid potential null dereference on low-memory conditionsJakub Jelen1-0/+4
2023-05-04Bump version to 0.9.7libssh-0.9.7Jakub Jelen5-4/+432
2023-05-04CVE-2023-2283:pki_crypto: Remove unnecessary NULL checkNorbert Pocs1-6/+2
2023-05-04CVE-2023-2283:pki_crypto: Fix possible authentication bypassNorbert Pocs1-14/+18
2023-05-04CVE-2023-1667:tests: Client coverage for key exchange with kex guessingJakub Jelen1-4/+105
2023-05-04CVE-2023-1667:kex: Add support for sending first_kex_packet_follows flagJakub Jelen4-16/+94
2023-05-04CVE-2023-1667:kex: Correctly handle last fields of KEXINIT also in the client...Jakub Jelen4-59/+80
2023-05-04CVE-2023-1667:dh: Expose the callback cleanup functionsJakub Jelen9-4/+66
2023-05-04CVE-2023-1667:kex: Factor out the kex mapping to internal enumJakub Jelen1-28/+37
2023-05-04CVE-2023-1667:kex: Remove needless function argumentJakub Jelen4-8/+8
2023-05-04CVE-2023-1667:packet: Do not allow servers to initiate handshakeJakub Jelen1-0/+5
2023-05-04CVE-2023-1667:packet_cb: Log more verbose error if signature verification failsJakub Jelen1-0/+3
2023-04-28token: Add missing whitespaceJakub Jelen1-1/+1
2023-04-28kex: Reformat ssh_kex_select_methodsJakub Jelen1-36/+41
2023-04-28client: Reformat ssh_client_connection_callbackJakub Jelen1-71/+72
2023-04-28wrapper: Reformat crypto_newJakub Jelen1-8/+9
2023-04-28Reformat struct ssh_session_structJakub Jelen1-7/+7
2023-04-28server: Reformat ssh_server_connection_callbackJakub Jelen1-92/+96
2023-04-28Reformat ssh_packet_kexinit()Jakub Jelen1-24/+30
2023-04-28kex: Reformat ssh_send_kexJakub Jelen1-45/+50
2023-04-28packet: Reformat callback handling functionsJakub Jelen1-14/+25
2023-04-28server: Reformat callback_receive_bannerJakub Jelen1-8/+10
2023-04-28server: Reformat ssh_handle_key_exchangeJakub Jelen1-13/+18
2023-04-28packet: Fix indentationJakub Jelen1-1/+1
2023-04-28kex: Clarify the commentJakub Jelen1-1/+1
2023-04-28gssapi: Free mic_buffer on all code paths (GHSL-2023-042)Jakub Jelen1-3/+4