aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2017-07-20libcrypto: add NULL-check for EVP_CIPHER_CTX_cleanupJon Simons1-1/+1
On OpenSSL versions prior to 1.1.0, `EVP_CIPHER_CTX_cleanup` will dereference its argument regardless of whether it is NULL. This is not a problem on OpenSSL at or beyond 1.1.0, where `EVP_CIPHER_CTX_cleanup` (macro to `EVP_CIPHER_CTX_reset`) returns early upon NULL input. Move the call to `EVP_CIPHER_CTX_cleanup` under the existing NULL check in `evp_cipher_cleanup` to avoid the problem. Introduced with this build-break fix: * e66f370682927ca8bd7ae0e7544754c6f4ac4969 Found in manual testing in an environment with an older OpenSSL. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18misc: relax fatal errors in ssh_analyze_bannerJon Simons2-31/+26
Relax the cases where `ssh_analyze_banner` fails to extract a major and minor version from banners which appear like OpenSSH banners. Update the tests to demonstrate that now a banner as might be sent by `ssh-keyscan(1)` ("SSH-2.0-OpenSSH-keyscan") no longer returns failure. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: move EVP_CIPHER_CTX_free call to libcrypto.cJon Simons2-6/+3
With this change, a HAVE_LIBCRYPTO #ifdef is removed from wrapper.c. Now, the libcrypto-specific logic for EVP_CIPHER_CTX_free is moved into the ssh_cipher_struct cleanup callback handler for those ciphers. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: fix gcrypt build error in ssh_cipher_clearJon Simons1-5/+7
Fix a gcrypt build error introduced with 48e7b098f86207f8596651b5ba8242a3b834a868. The ssh_cipher_struct only contains a `ctx` field on the libcrypto builds, so it can't be referenced unless within HAVE_LIBCRYPTO. This build fix preserves the original spirit of the change in 48e7b098f86207f8596651b5ba8242a3b834a868: only call `EVP_CIPHER_CTX_free` when `cipher->ctx` is non-NULL. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: fix 4-space indentation in ssh_cipher_clearJon Simons1-15/+15
Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-14tests: Fix endifAndreas Schneider1-1/+1
Ups. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-14tests: Only run ssh_bind test if we build with server supportAndreas Schneider1-0/+6
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13misc: fix error-checking in ssh_analyze_bannerJon Simons2-9/+18
Fix error-checking for `strtoul` in `ssh_analyze_banner`, and enable some tests which demonstrate the fix before-and-after. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13misc: reindent ssh_analyze_banner, update docsJon Simons1-81/+79
No changes to code, only whitespace indentation and an update to the function docs. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13tests: torture-misc: add torture_ssh_analyze_bannerJon Simons1-0/+146
Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13tests: torture-misc: fix 4-space indentationJon Simons1-4/+4
Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13libcrypto: fix resource leak in hmac_finalJon Simons1-1/+2
Fix a resource leak in `hmac_final`: say `HMAC_CTX_free` instead of `HMAC_CTX_reset`. This matches the error handling as done in `hmac_init`. Introduced with cf1e808e2ffa1f26644fb5d2cb82a919f323deba. The problem is reproducible running the `pkd_hello` test with: valgrind --leak-check=full ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default Resolves https://red.libssh.org/issues/252. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13libcrypto-compat: fix HMAC_CTX_free for OpenSSL < 1.1.0Jon Simons1-0/+2
On older OpenSSL versions, the EVP_MD_CTX fields within an HMAC_CTX structure are contained inlined (change here [1]): be sure to not try to free those fields on those builds. Found running the `pkd_hello` test with: valgrind ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default ^ valgrind will cite "Invalid free() ..." errors which are present before this fix and absent after, when building with OpenSSL 1.0.1. [1] https://github.com/openssl/openssl/commit/6e59a892db781658c050e5217127c4147c116ac9 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-28misc: Use strtoul in ssh_analyze_banner()Andreas Schneider1-1/+1
Thanks to Tilo Eckert. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-19Add config file for arcanistAndreas Schneider1-0/+3
This is for the commanline-client to access https://bugs.libssh.org Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-08config: fix buffer underflow with unrecognized opcodesAris Adamantiadis1-1/+1
2017-06-07tests: fix buffer overflow in testcaseAris Adamantiadis1-1/+1
2017-06-06misc: Do not fall through and return a valueAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-06wrapper: Fix possible crash in ssh_handle_key_exchange()debevv1-4/+6
If ssh_handle_key_exchange() fails, when ssh_free() is called cipher->ctx is NULL. Signed-off-by: debevv <valerio@sonicpengu.in>
2017-06-06config: Bugfix: Don't skip unseen opcodesArtyom V. Poptsov1-1/+1
libssh fails to read the configuration from a config file due to a wrong check in 'ssh_config_parse_line' procedure in 'config.c'; it's effectively skipping every opcode (and therefore every option) from the file. The change fixes that behaviour. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-06doc: Fix documentation for ssh_userauth_none() usageAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-26messages: Make sure we always free the answers pointerAndreas Schneider1-2/+2
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1272 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-25messages: Do not leak memory of previously allocated answersAndreas Schneider1-2/+9
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-24messages: Do not leak memory if answeres had been allocated previouslyAndreas Schneider1-0/+1
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Do not leak memory if answered had been allocated previouslyAndreas Schneider1-2/+3
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1184 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21misc: Validate integers converted from the SSH bannerAndreas Schneider1-2/+16
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1181 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Fix memory leaks in the ssh_packet_global_request callbackAndreas Schneider1-0/+2
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1208 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21auth: Use calloc in ssh_userauth_agent_pubkey()Andreas Schneider1-2/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-20session: Free session->kbdint in ssh_free()Peter Volpe1-0/+4
Makes sure we free pending keyboard auth prompts so prompts that have not be replied to do not leak. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider2-4/+30
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13Revert "buffer: Create ssh_buffer_validate_length()"Andreas Schneider2-23/+3
This reverts commit 34bdc1ca7871e8e9258077411edd516c8de55299.
2017-04-13Revert "buffer: Validate the length before before memory allocation"Andreas Schneider1-19/+2
This reverts commit 57550e6211c19c634a319bed59d39b28d020dcd1.
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider2-3/+23
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Only use first occurence of each parameterAlex Hermann1-2/+11
ssh_config's manpage says: "For each parameter, the first obtained value will be used." Make libssh adhere to this rule. BUG: https://red.libssh.org/issues/256 Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Don't expand Host variableAlex Hermann1-7/+1
Tokens are not allowed (according to the manpage). Expansion was introduced by a wrong fix for #127. This commit reverts part of 6eea08a9ef Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Support expansion in the HostName variableAlex Hermann1-1/+6
BUG: https://red.libssh.org/issues/127 The original "fix" for 127 was expanding the wrong variable: Host instead of HostName. Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11session: Add SSH1 support in ssh_send_debug()Yanis Kurganov1-6/+16
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11session: Add SSH1 support in ssh_send_ignore()Yanis Kurganov1-2/+9
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11server: Add option SSH_BIND_OPTIONS_IMPORT_KEY to serverAlfredo Mazzinghi4-7/+111
This sets the bind private key directly from an ssh_key struct instead of reading a file. Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11messages: Utilize the message queue for SSH_REQUEST_GLOBAL.Max Bachmann1-2/+4
Signed-off-by: Max Bachmann <mabahltm@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11cmake: Fix GCRYPT_ROOT_DIR and check correct pathsAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-27Update SubmittingPatchesAndreas Schneider1-3/+3
2017-02-23libcrypto-compat: Check if EVP_CIPHER_CTX_new is neededAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-23cmake: Check for EVP_CIPHER_CTX_newAndreas Schneider2-0/+7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-06buffer: Use calloc to allocate a zero'ed bufferAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-03pki: Use byte mode for fopen()Andreas Schneider1-2/+2
BUG: https://red.libssh.org/issues/251 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix freeing of ECDSA signatures.Justus Winter1-1/+1
* src/pki.c (ssh_signature_free): Fix test for ECC using gcrypt. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix memory leak.Justus Winter1-0/+4
* src/pki_gcrypt.c (pki_key_ecdsa_to_nid): Release 'sexp'. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>