Age | Commit message (Collapse) | Author | Files | Lines |
|
Fixes T119
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Fixes T116
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit a2807474621e51b386ea26ce2a01d2b1aa295c7b)
|
|
Signed-off-by: Meng Tan <mtan@wallix.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit bce8d567053232debd6ec490af5a7d27e1160f39)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 0ff566b6dde5cd27653aa35280feceefad5d5224)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9c200d3ef4f62d724d3bae2563b81c38cc31e215)
|
|
Signed-off-by: Meng Tan <mtan@wallix.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 4ea46eecce9f4e676150fe27fec34e1570b70ace)
|
|
CID 1396239
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit fe618a35dc4be3e73ddf29d0c4a96b98d3b9c48f)
|
|
Fixes T112
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 247983e9820fd264cb5a59c14cc12846c028bd08)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Created the test torture_packet_filter.c which tests if packets are
being correctly filtered.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The packet filter checks required states for the incoming packets and
reject them if they arrived in the wrong state.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
When a SSH2_MSG_OPEN_FAILURE arrives, the channel state is checked
to be in SSH_CHANNEL_STATE_OPENING.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
When a SSH2_MSG_OPEN_CONFIRMATION arrives, the channel state is checked
to be in SSH_CHANNEL_STATE_OPENING.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
After sending the client token, the auth state is set as
SSH_AUTH_STATE_GSSAPI_MIC_SENT. Then this can be expected to be the
state when a USERAUTH_FAILURE or USERAUTH_SUCCESS arrives.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The introduced auth state allows to identify when a request without
authentication information was sent.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
The introduced auth state allows to identify when authentication using
password was tried.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
Introduced the states SSH_AUTH_STATE_PUBKEY_OFFER_SENT and
SSH_AUTH_STATE_PUBKEY_AUTH_SENT to know when SSH2_MSG_USERAUTH_PK_OK and
SSH2_MSG_USERAUTH_SUCCESS should be expected.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 92aa2cf4963b714d0f30d4fb0f9e609200224f7a)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit bbed139ecab26cb46b0bb3a21fa4cd2a4f12dadd)
|
|
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit f32cb706752d8dc35ad53a64f51e432cc0bc41cd)
|
|
Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1499b38aef17beac8b438522535daf428600d529)
|
|
Cherry-picked from the following commit:
e4653b82bdb63469fd7279cc2b37c48a9d838665
|
|
CHerry-picked from the following commit:
571f547556ad9e2aee38ce894057cca042e8f154
|
|
Cherry-picked from the following commit:
af3de262b69f44ba84009b9aba644b5f1cf3b1a7
|
|
Cherry-picked from the following commit:
be25b58380d8dc7106864102059da58e6c5899e9
|
|
Cherry-picked from the following commit:
4bc6af6c1756c347f46b8a3374d66eb632fad9b7
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 66f51df9)
|
|
This also allows bob to auth as alice.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit ee866441)
|
|
Cherry-picked from the following commit:
b65dcb3a358aa432c8f455de9a04d3c8d6cd9766
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 250bf37a)
|
|
Cherry-picked from the following commits:
cbd75c3e350e2e0e5589d4865f31101588da0473
3014e3c458dee09ebf1deae560c354eb1ecdd703
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit b74a1841)
|
|
Additionally, we can already work around the privilege separation.
http://www.openssh.com/txt/release-7.5
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 56317caa)
|
|
OpenSSH's sshd does not work well under valgrind so lets avoid tracing it.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit ca4fb9c6)
|
|
(cherry-picked from commit 094aa5eb)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 1729d4a1)
|
|
pcap file is generated by the processes writing to the sockets,
which is not allowed for privilege-separated process in new
OpenSSH servers (confined by seccomp filter).
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 5d3ab421)
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit f8f7989c)
|
|
(cherry-picked from commit b92c4996)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 2a9c3966)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 2bd65015)
|
|
(cherry-picked from commit 886fdc8b)
|
|
* tests/torture.c (torture_setup_create_sshd_config): Rework how the
location of the sftp server is discovered, and add the Debian-specific
location.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit e37fd832)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit de309c51)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 06343074)
|
|
This allows to capture debug information of the wrappers.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit c365ff3d)
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry-picked from commit 1bbfe058)
|