aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2024-01-09Happy new year 2024!Andreas Schneider2-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2024-01-02Document that options set on a bind will be free'd by ssh_bind_freeJamesWrigley2-1/+5
Signed-off-by: James Wrigley <james@puiterwijk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2024-01-02Document that ssh_channel_read_nonblocking() will trigger callbacksJamesWrigley1-1/+1
Signed-off-by: James Wrigley <james@puiterwijk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
2024-01-02Document that ssh_channel_read_nonblocking() may return SSH_EOFJamesWrigley1-4/+2
The current documentation incorrectly states that it will return 0 on EOF, but the function calls ssh_channel_poll() internally, which will return SSH_EOF, which will then be returned by ssh_channel_read_nonblocking(). Signed-off-by: James Wrigley <james@puiterwijk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
2024-01-02pki: Rewrite default key format handling to improve readabilityJakub Jelen1-24/+20
... and make coerity happy avoiding dead code CID 1531320 CID 1531321 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
2024-01-02session: Avoid memory leaksJakub Jelen1-2/+5
Thanks coverity CID 1531417 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
2024-01-02Generate a tagfile with DoxygenJamesWrigley2-0/+2
This creates an XML file with information about each symbol, including the anchors used in the URL. It's useful to have this to generate links to the documentation from other documentation systems. Signed-off-by: James Wrigley <james@puiterwijk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2024-01-02Fix typos detected with new codespellJakub Jelen3-3/+3
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-22tests: Increase test coverage for IPv6 address parsing as hostnamesJakub Jelen2-0/+65
This was an issue in cockpit: https://github.com/cockpit-project/cockpit/issues/19772 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-22Fix regression in IPv6 addresses in hostname parsingJakub Jelen4-18/+23
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6918: tests: Code coverage for ssh_get_pubkey_hash()Jakub Jelen1-0/+35
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6918: kdf: Detect context init failuresJakub Jelen1-3/+15
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6918: Systematically check return values when calculating digestsJakub Jelen6-131/+504
with all crypto backends Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6918: Remove unused evp functions and typesJakub Jelen7-192/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6918: kdf: ReformatJakub Jelen1-9/+11
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-48795: tests: Adjust calculation to strict kexJakub Jelen1-24/+31
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-48795: Strip extensions from both kex lists for matchingJakub Jelen1-4/+12
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-48795: Server side mitigationsAris Adamantiadis3-11/+44
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-48795: client side mitigationAris Adamantiadis12-69/+125
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6004: torture_misc: Add tests for ipv6 link-localNorbert Pocs1-0/+20
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: misc: Add ipv6 link-local check for an ip addressNorbert Pocs3-8/+41
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: torture_misc: Add test for ssh_is_ipaddrNorbert Pocs1-0/+26
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: torture_proxycommand: Add test for proxycommand injectionNorbert Pocs1-0/+53
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: config_parser: Check for valid syntax of a hostname if it is ↵Norbert Pocs1-1/+11
a domain name This prevents code injection. The domain name syntax checker is based on RFC1035. Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: torture_misc: Add test for ssh_check_hostname_syntaxNorbert Pocs1-1/+74
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: misc: Add function to check allowed characters of a hostnameNorbert Pocs2-0/+70
The hostname can be a domain name or an ip address. The colon has to be allowed because of IPv6 even it is prohibited in domain names. Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: options: Simplify the hostname parsing in ssh_options_setNorbert Pocs1-24/+16
Using ssh_config_parse_uri can simplify the parsing of the host parsing inside the function of ssh_options_set Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: config_parser: Allow multiple '@' in usernamesNorbert Pocs1-1/+1
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-18CVE-2023-6004: torture_config: Allow multiple '@' in usernamesNorbert Pocs1-23/+27
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-15Test coverage for file export and for PEM and OpenSSH formatsJakub Jelen3-91/+344
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15examples: Demonstrate export of different key formatsJakub Jelen1-2/+44
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15pki: New API functions exporting (also ed25519 keys in different formats)Jakub Jelen10-163/+727
This also adds an fallback to OpenSSH file format in non-OpenSSL backends and OpenSSH-compatible private key export for writing OpenSSH private keys. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15pki: Fix indentationJakub Jelen1-2/+3
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15pki: Calculate missing CRT parameters when building RSA KeyJakub Jelen1-5/+79
The OpenSSL claims that these parameters are not mandatory and just speed up calculations. But in reality, if they are missing, we can not export this key into PEM files or if we export them, they are not readable/valid. This was discussed in the following OpenSSL issue even with some proposed fix, but it will take time before this will be implemented so in the meantime, we back down to calculating the parameters manually as done in OpenSSH. https://github.com/openssl/openssl/issues/21826 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15libcrypto: Report errors from OpenSSL key import and exportJakub Jelen2-0/+6
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15pki: Unbreak key comparison of Ed25519 keys imported from PEM or OpenSSH ↵Jakub Jelen1-0/+19
container Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15examples: Reformat and fix typos in keygenJakub Jelen1-3/+3
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15tests: Do not use assert_trueJakub Jelen1-17/+17
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-15packet_cb: Reformat remaining functionsJakub Jelen1-125/+144
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-05tests: Move the workaround to separate functionJakub Jelen1-22/+21
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05CommentsJakub Jelen2-0/+7
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Implement more certificate testsJakub Jelen2-3/+434
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Implement more negative auth testsJakub Jelen2-0/+16
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Convert key to PEM so we can not access public key directlyJakub Jelen1-28/+30
There are several tests that depended in the past on the fact that we can not read public key from private encrypted keys. This is no longer the case for some time as the OpenSSH file format has public key in plaintext. This change just converts the same key into the PEM Format, which should still be opaque for us and trigger code paths that enforce opening of the accompanied public key file. Converted using the following command: $ ssh-keygen -m PEM -p -N secret -P secret -f tests/keys/id_rsa_protected Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Cover failed logins with password/kbdintJakub Jelen1-22/+106
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Verify the certs in default location are used for authenticationJakub Jelen1-20/+324
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Move tests with certificates to separate userJakub Jelen8-208/+446
This avoids very-long test and false positives when using some auto-pubkey authentication from picking up default keys, which are available in bob's home directory when we want to test the certificate authentication. The separate file is also needed because once we change to bob's UID, we can not simply go back different UID and this sounds cleaner than setting up SSH_DIR to different users ... Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05tests: Coverage for certificate files config and optionsJakub Jelen2-4/+37
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05Handle automatic certificate authenticationJakub Jelen7-33/+325
This involves reading the certificates from configuration files through options and handling them similarly as the OpenSSH does when doing the auto pubkey authentication, also in combination with agent or identities only. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-12-05Reformat auth.cJakub Jelen1-48/+64
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>