aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2019-01-30pki_crypto: plug pki_signature_from_blob leaksJon Simons1-0/+8
In 3341f49a49a07cbce003e487ef24a2042e800f01, some direct assignments to OpenSSL structures was replaced with usage of getter and setter macros. Ensure to `bignum_safe_free` a couple of intermediate values in error paths for `pki_signature_from_blob` DSS and ECDSA cases. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30pki: NULL check pki_signature_from_rsa_blob resultJon Simons2-0/+6
Check for a potential NULL result from `pki_signature_from_rsa_blob` in `pki_signature_from_blob`. Otherwise the following `sig->type_c` will result in a segfault. Introduced in 7f83a1efae6a7da19e18268d6298fc11b4e68c57. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30dh: harden error handling in 'ssh_dh_init_common'Jon Simons1-0/+3
Harden the error path in 'ssh_dh_init_common' such that all potential allocations are free'd upon exit. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30dh: plug pubkey_blob leak in ssh_server_dh_process_initJon Simons1-1/+4
Ensure to `SSH_STRING_FREE` the pubkey_blob local in `ssh_server_dh_process_init`. The leak can be seen with valgrind and the pkd tests with: valgrind \ --leak-check=full \ --show-leak-kinds=definite \ ./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group14_sha1 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30dh-gex: fix double-ssh_dh_init_common memory leakJon Simons1-6/+0
Fix a memory leak whereby the x, y, and k bignum fields within a session's next_crypto structure were being unintentionally initialized twice. The leak can be seen before the fix with valgrind and the pkd tests with: valgrind \ --leak-check=full \ --show-leak-kinds=definite \ ./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30dh-gex: fix moduli file stream leakJon Simons1-0/+1
Ensure to close the moduli file stream in `ssh_retrieve_dhgroup`. The leak is observable with the pkd tests and valgrind with: valgrind \ --track-fds=yes \ ./pkd_hello -i1 \ -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30session: Repects timeout=0 for packets on blocking sessionsTill Wimmer1-1/+1
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30options: Removed outdated param annotations of ssh_options_set()Till Wimmer1-31/+0
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-30connector: Don't NULL connector (in|out) channels on event removeTill Wimmer1-2/+0
Signed-off-by: Till Wimmer <g4-lisz@tonarchiv.ch> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-27gitlab-ci: Enable DEBUG build options on FedoraAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26bignum: Reformat ssh_make_string_bn and unbreak build with DEBUG_CRYPTOJakub Jelen1-10/+11
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26dh: Reformat ssh_dh_debug, ssh_dh_build_k and unbreak build with DEBUG_CRYPTOJakub Jelen1-21/+29
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26tests: Initialize ssh_cipher_struct in torture_crypto_aes256_cbc()Andreas Schneider1-8/+20
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26packet: Add missing error check in packet_send2()Andreas Schneider1-0/+3
Found by csbuild. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26pki: Avoid a possible segfaults in error pathsAndreas Schneider1-2/+2
Found by csbuild. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26dh-gex: Add error check for ssh_packet_send() in ssh_packet_server_dhgex_requestAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26libcrypto: Use size_t for size calculationsAndreas Schneider1-5/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26sftp: Add NULL check in sftp_ext_free()Anderson Toshiyuki Sasaki1-7/+14
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26sftp: Reformat sftp_ext_free()Anderson Toshiyuki Sasaki1-13/+14
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26tests: Add NULL checks in pki testsAnderson Toshiyuki Sasaki5-7/+96
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26tests: Prefer assert_non_null() over assert_false()Anderson Toshiyuki Sasaki5-8/+8
This also replaces some occurrences of assert_true() with assert_null() Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26tests: Added NULL checks in torture_list.cAnderson Toshiyuki Sasaki1-0/+31
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26tests: Prefer assert_non_null over assert_trueAnderson Toshiyuki Sasaki14-88/+87
This also replaces some occurrences of assert_true with assert_null. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26misc: Add NULL checks before accessing listsAnderson Toshiyuki Sasaki1-8/+33
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-26messages: Fix NULL check, preventing SEGFAULTAnderson Toshiyuki Sasaki1-1/+1
The wrong conditional check for newly allocated memory would make the function to fail when the allocation was successful and access invalid memory when the allocation failed. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25gitlab-ci: Add (disabled) target with MemorySanitizerAndreas Schneider1-0/+22
We can't enable this till we can ignore OpenSSL. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25cmake: Add support for MemorySanitizerAndreas Schneider1-0/+12
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25packet_crypt: Make sure we always operate on initilized memoryAndreas Schneider1-1/+1
Found by MemorySanitizer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25session: Initialize allocated memoryAndreas Schneider1-3/+3
Found by MemorySanitizer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-25gitlab-ci: Fix UndefinedSanitizerAndreas Schneider1-1/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24buffer: Convert argc to size_t in ssh_buffer_unpack() as wellBaruch Siach2-14/+15
Commit c306a693f3fb ("buffer: Use size_t for argc argument in ssh_buffer_(un)pack()") mentioned unpack in the commit log, but it only touches the pack variants. Extend the conversion to unpack. Pre-initialize the p pointer to avoid possible use before initialization in case of early argc check failure. This fixes build failure: .../libssh-0.8.6/src/buffer.c: In function 'ssh_buffer_unpack_va': .../libssh-0.8.6/src/buffer.c:1229:16: error: assuming signed overflow does not occur when simplifying conditional to constant [-Werror=strict-overflow] if (argc == -1){ ^ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24examples: add public key auth for specific keyEric Bentley1-0/+62
There was no example of using a specific key for authentication so I added one. Signed-off-by: Eric Bentley <ebentley66@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24examples: add public key authentication to ssh_server_forkEric Bentley1-2/+67
I noticed that there was no example showing server side public key encryption in the examples so I added this one. I used authorizedkeys as a global to minimize the changes to the original code as well as I was not sure the correct methodology of determining the .ssh directory location for a user not using Linux. One code using the user parameter to determine the location to use instead if desired. Signed-off-by: Eric Bentley <ebentley66@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24tests: Extend negative test cases for config Match keywordJakub Jelen2-2/+102
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24tests: Use assert_ssh_return_code() in config testJakub Jelen1-7/+7
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24config: Add new Match final keyword from OpenSSH 8.0Jakub Jelen1-5/+16
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24config: Fail if there is missing argument for some of the match keywordsJakub Jelen1-7/+16
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24pkd: dh-group-exchange testcasesAris Adamantiadis1-4/+27
2019-01-24dh-gex: Add server implementationAris Adamantiadis9-31/+195
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24wrapper: Move dh cleanup into dh.cAris Adamantiadis4-14/+9
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24tests: Added moduli file parsing testsAris Adamantiadis2-0/+121
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add support for moduli file parsingAris Adamantiadis1-0/+252
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24tests: Add dh-group-exchange algorithm testsAris Adamantiadis2-1/+28
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add client implementationAris Adamantiadis8-2/+335
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh: move state changes inside DH codeAris Adamantiadis3-1/+2
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh: Do some basic refactoringAris Adamantiadis5-351/+222
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24buffer: Support bignums in ssh_buffer_unpack()Aris Adamantiadis1-0/+20
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24mbedcrypto: fixed nasty RNG bugsAris Adamantiadis1-2/+12
2019-01-24bignum: harmonize gcrypt, libcrypto and libmcrypt bignumAris Adamantiadis11-218/+177
Ensure most of the abstraction around the 3 libs are consistent. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh: move unrelated functions out of dh.cAris Adamantiadis6-714/+786
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>