aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-03-23doc: Add SSH auth callback to libssh_auth doc groupAndreas Schneider1-1/+9
Fixes T217 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-25tests: Verify error returned by killAnderson Toshiyuki Sasaki3-13/+12
Verify the error code returned by kill() in torture_terminate_process(). The error code is raised when killing the process failed. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-24tests: Close SFTP file opened during rekey testsAnderson Toshiyuki Sasaki1-0/+6
The SFTP files wouldn't be closed during the rekey tests leading to memory leak. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-24tests: Do not leave temporary SFTP directoryAnderson Toshiyuki Sasaki1-0/+4
The temporary directory created in torture_sftp_session() wouldn't be removed. This removes such directory in torture_sftp_close(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-24tests: Use a common function to start sshdAnderson Toshiyuki Sasaki1-26/+19
In torture_reload_sshd_server(), instead of trying to use SIGHUP to reload the configuration file, kill the original process and create a new one with the new configuration. With this change, both torture_setup_sshd_server() and torture_reload_sshd_server() need to start sshd, with the only difference in the configuration setup. The shared code to start the sshd server was moved to a new introduced internal function torture_start_sshd_server(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12pki: Small code cleanup in ssh_pki_signature_verify()Andreas Schneider1-2/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12pki: Use SSH_BUFFER_FREE() in ssh_pki_signature_verify()Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12pki: Add missing return check for ssh_buffer_pack()Andreas Schneider1-4/+10
CID #1419376 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12pki: Fix memory leak of blob on errorAndreas Schneider1-0/+1
CID #1419377 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12include: Remove PRIdS definitionsAndreas Schneider1-6/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12channels: Replace PRIdS with ANSI C99 %zuAndreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12sftp: Replace PRIdS with ANSI C99 %zuAndreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-12packet: Replace PRIdS with ANSI C99 %zuAndreas Schneider2-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-11doc: Documents PKCS #11 URI support for libsshSahana Prasad1-0/+67
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-02-11src: updates documentation incorporate PKCS#11 URIs in import functions.Sahana Prasad1-4/+6
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-02-11pki: add support for sk-ecdsa and sk-ed25519Sebastian Kinne7-13/+245
This adds server-side support for the newly introduced OpenSSH keytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com (including their corresponding certificates), which are backed by U2F/FIDO2 tokens. Change-Id: Ib73425c572601c3002be45974e6ea051f1d7efdc Signed-off-by: Sebastian Kinne <skinne@google.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-02-11pki: fix `pki_key_ecdsa_to_key_type` thread-safetyJon Simons3-3/+3
Resolves https://bugs.libssh.org/T214. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-24gitlab-ci: Improve setting Fedora to FIPS modeAndreas Schneider1-1/+7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-01-23channels: Fix ssh_channel_poll_timeout() not returing available bytesAndreas Schneider1-0/+5
Fixes T211 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-01-23Implement chacha20-poly1305 in mbedTLSJakub Jelen1-1/+345
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23tests: Skip chacha20-poly1305 tests in FIPS modeJakub Jelen2-0/+26
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23Implement ChaCha20-poly1305 cipher using native OpenSSLJakub Jelen4-4/+425
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23Do not build in internal chacha implementation if gcrypt supports thatJakub Jelen1-3/+14
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23chacha: Create common file to avoid code duplicationJakub Jelen6-31/+64
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23packet_crypt: Check return values from AEAD decipheringJakub Jelen1-4/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23curve25519: Avoid memory leaksJakub Jelen1-17/+14
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23pki: Avoid uneeded memory duplicationAndreas Schneider1-2/+2
CID #1412375 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23misc: Make the src pointer const in ssh_strreplace()Andreas Schneider2-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23unittests: Extends testcases for ssh_strreplace().Sahana Prasad1-0/+19
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23misc: Simplifies ssh_strreplace().Sahana Prasad1-13/+14
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23unittests: Removes extra empty lines.Sahana Prasad1-2/+0
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23unitests: Removes unwanted comments.Sahana Prasad1-3/+0
Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23pki_crypto: Fix possible memory leak on errorAndreas Schneider1-3/+4
CID #1409680 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23messages: Add missing NULL checkAndreas Schneider1-0/+3
CID #1409678 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23tests: Use correct assert function for ssh return codesAndreas Schneider1-2/+2
CID #1398983 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-22tests: Give server more time to startJakub Jelen1-1/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-20gitlab-ci: Create obj directory for Windows buildsAnderson Toshiyuki Sasaki1-2/+4
The obj directory is not created anymore when the git repository is cloned. Create the directory during the build. Also set the variable "ErrorActionPreference: STOP" to make the build to fail if an error occurs. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-09gitlab-ci: Re-enable client testing on TumbleweedAndreas Schneider1-3/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-12-23gitlab-ci: Unbreak Freebsd buildJakub Jelen1-0/+2
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23Update ChangeLogAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23gitlab-ci: Add csbuilds for gcrypt and mbedtlsJakub Jelen1-0/+21
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23gitlab-ci: Simplify the targets definitions using inheritanceJakub Jelen1-326/+187
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23gitlab-ci: Add Ubuntu target (based on Fedora one)Jakub Jelen1-0/+24
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23socket: Use the users shell for running proxy commandJakub Jelen1-2/+14
Fixes T200 and tests on ubuntu, which is using dash Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23socket: Fix the error messageJakub Jelen1-1/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23socket: Kill the proxy command if it still runs on disconnectJakub Jelen1-1/+33
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23pki_gcrypt: Warn about unsupported PEM export in gcryptJakub Jelen1-0/+2
Based on the following mail thread: https://www.libssh.org/archive/libssh/2019-12/0000027.html Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23tests: Unbreak strict builds on UbuntuJakub Jelen1-6/+9
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23CMakeLists: Shorten the keys lists passed to the ssh commandJakub Jelen1-0/+6
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-23libgcrypt: Do not leak memory with invalid key lengthsJakub Jelen1-0/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>