aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2021-04-01doc: Fix uninitialized variable in example codeHEADmasterAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-03-30gitlab-ci: Run basic test with ninjaJakub Jelen1-0/+6
v1: Move to the test stage Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-03-26gitlab-ci: fix typo ADDTIONALDDoSolitary1-8/+8
Signed-off-by: DDoSolitary <DDoSolitary@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-03-25cmake: Fix Ninja multiple rules errorDDoSolitary1-3/+3
Currently "cmake -G Ninja" complains about "multiple rules generate src/libssh_dev.map", because the target has the same name as the output of the custom command. Signed-off-by: DDoSolitary <DDoSolitary@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2021-03-18tests: Cover sftp_new_channel functionJakub Jelen4-4/+135
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2021-03-18fix sftp_new_channel constructs an invalid objectPablo Yaggi1-2/+26
Fixes T273 Signed-off-by: Pablo Yaggi <pyaggi@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2021-03-18Reformat sftp_new_channelJakub Jelen1-21/+21
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2021-03-18Reformat sftp_server_newJakub Jelen1-26/+28
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2021-03-11[winlocks] Include stdlib.h to avoid crash in WindowsChris Townsend1-0/+1
Due to the missing include, the compiler makes assumptions and leads to a crash in ssh_mutex_lock() during runtime. Signed-off-by: Chris Townsend <christopher.townsend@canonical.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-02-15cmake: Support build directories with special charactersDDoSolitary2-9/+15
Signed-off-by: DDoSolitary <DDoSolitary@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-02-04cmake: Avoid setting compiler flags directlyDDoSolitary1-13/+6
Calling set_target_properties directly overrides previously set flags, so replace them with target_compile_definitions and target_link_options. Signed-off-by: DDoSolitary <DDoSolitary@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-28pki: Fix memory leak on error pathJakub Jelen1-0/+1
Thanks coverity CID 1445481 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-28tests: Verify the configuration can set more identity files from one ↵Jakub Jelen1-0/+29
configuration file Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-28config: Support more identity files in configurationJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-15dh-gex: Avoid memory leaksJakub Jelen1-0/+3
Thanks oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29611 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-12tests/external_override: Add override test for internal implementationsAnderson Toshiyuki Sasaki13-0/+931
This adds a test to check if the internal implementation is not used when it is not supposed to be used. To be able to override functions using LD_PRELOAD, a shared version of the torture library was added, as well as a shared library for each of the algorithms implemented internally (ChaCha20, Poly1305, curve25519, and ed25519). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12libmbedcrypto: Fix chacha20-poly1305Anderson Toshiyuki Sasaki3-8/+20
Previously, the mbed TLS implementation wouldn't be use at all when available, being the internal implementation always used instead. This corrects few bugs and makes the mbed TLS implementation to be used when ChaCha20 and Poly1305 are available. This also makes the constant time comparison to be used when checking the authentication tag. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12chachapoly: Use secure_memcmp() to compare auth tagAnderson Toshiyuki Sasaki1-1/+1
When checking the authentication tag, use secure_memcmp() instead of memcmp(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12libcrypto: Use CRYPTO_memcmp() instead of memcmpAnderson Toshiyuki Sasaki1-1/+1
When comparing the authentication tag for chacha20-poly1305, use the constant time CRYPTO_memcmp() instead of memcmp(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12packet_crypt: Move secure_memcmp() to a shared sourceAnderson Toshiyuki Sasaki4-11/+37
Move the secure_memcmp() function to a shared source to make it available internally for other crypto implementations. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12Clean memory on failure pathsJakub Jelen2-3/+7
Thanks oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28490 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-12include: Introduce secure SSH_SIGNATURE_FREE()Jakub Jelen1-0/+2
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-01-11torture_session: Test delayed closeAnderson Toshiyuki Sasaki1-0/+43
The test for delayed close asks for the execution of a command that generates big output (larger than the default window) to make data to remain in buffers while the close message arrives, triggering the delayed channel closure. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2021-01-11channel_rcv_close: indentationTom Deseyn1-30/+30
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2021-01-11channesl: Fix delayed closeTom Deseyn1-13/+28
If the SSH2_MSG_CHANNEL_CLOSE was previously received, change the channel state to SSH_STATE_CHANNEL_CLOSED in ssh_channel_read_timeout() after reading all data available. Fixes T31 Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2021-01-11Cleanup AES compatibility codeDirkjan Bussink4-158/+1
OpenSSL 1.0.1 has support for CTR & GCM modes so the checks here are no longer needed. This allows for a bunch of additional cleanup of the old code. As for old MacOS versions etc, LibreSSL is a kind of compatibility layer there but things already don't work anyway with that, so it doesn't break anything that isn't already broken. OpenSSL is needed on MacOS separately anyway (like installed with Homebrew). Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove no longer needed compatibility checkDirkjan Bussink3-19/+0
CRYPTO_THREADID_set_callback is available since 1.0.1 which is the oldest supported version. This means the check and compatibility code can be removed. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove no longer needed compatibility functionDirkjan Bussink3-24/+0
Since OpenSSL 1.0.1 is the minimum version, this function is always available so no compatibility check is needed anymore. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove compat reset functionDirkjan Bussink3-10/+2
This can be implemented with the init directly when the context is reused. When a new cipher context is allocated, no initialization call is needed either so this moves the logic to one place as well. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Move HMAC implementation to EVP APIDirkjan Bussink4-32/+28
Now that the minimum OpenSSL version is 1.0.1, we know that the EVP HMAC API is always available. This switches to this API. The existing API is deprecated for OpenSSL 3.0. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Fix formatting for file with changesDirkjan Bussink1-23/+25
This fixes the formatting for src/libcrypto.c for the last bits where it is not correct. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove unneeded version conditionalDirkjan Bussink1-11/+4
The HMAC_CTX_free function in the compat layer already handles this so there's no need to add conditional logic to the code here. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Use correct cleanup function for cipher contextDirkjan Bussink1-2/+1
This specific cleanup function describes better what happens here and is available for older OpenSSL releases. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove unneeded HMAC_CTX_reset functionDirkjan Bussink2-7/+0
This isn't referenced anywhere outside of the compatibility layer so it is unneeded. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove unneeded EVP_MD_CTX_reset custom cleanupDirkjan Bussink2-41/+1
The EVP_MD_CTX_reset function is not used anywhere outside of the compat layer and is not needed there. The only usage in the compat layer is for cleanup, but EVP_MD_CTX_cleanup can be used for that which is availble at least since OpenSSL 0.9.8. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Improve cleanup logic for HMACDirkjan Bussink1-16/+1
Older OpenSSL version have a cleanup function that can be used here. This removes a whole bunch of now no longer needed logic and custom conditionals. These functions have existed since 0.9.8 and can be used here. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Remove OPENSSL_zalloc helperDirkjan Bussink1-16/+8
This function is not needed, because in each case it is used, we follow it up immediately with an initialization function call. This means that the zeroing here is unneeded, since the initialization already guarantees things end up in the right state. It also swaps the reset call with a simpler init call, also because reset is implemented as init with a return value that is always 1. That means the more complex logic is not needed at all. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Use current OpenSSL API as the exampleDirkjan Bussink2-21/+20
EVP_MD_CTX_new / EVP_MD_CTX_free is the current recommended / documented API. The other names are defined as aliases for backwards compatibility. The other part here is that EVP_MD_CTX_init is not needed for a context allocated with EVP_MD_CTX_new. Only for the compatibility path for older OpenSSL is the init needed if the structure is allocated directly. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-01Happy new year 2021!Andreas Schneider2-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-22Require at least OpenSSL 1.0.1Dirkjan Bussink1-1/+1
This is now the minimum version, so check it in the CMake configuration. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-22Cleanup old OpenSSL 0.9.7 compatibility codeDirkjan Bussink3-16/+2
OpenSSL 0.9.7 is already not supported, so clean up the old legacy bits for that as well. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-22Bump minimum version requirement for OpenSSLDirkjan Bussink2-10/+2
This updates the minimum version requirement for OpenSSL in the documentation to 1.0.1 and also updates the practical minimum CMake version. Why pick 1.0.1 as the minimum? Main reason is whatever is still out there with long term support contracts etc. One of the oldest I could find is Ubuntu 14.04 which still has paid extended support and is on 1.0.1. Another reason that 1.0.1 is probably a good minimum is a bit more involved. 1.0.1 is the first version to add TLS 1.2. Large parts of the internet have TLS 1.2 as a minimum requirement. This means that systems with OpenSSL older than 1.0.1 already can't access large parts of the internet anyway, so not supporting the latest libssh there either is ok I think. Bumping minimum support also means things like the HMAC API can be moved to the more recent EVP style APIs and things can be more easily made compatible with the deprecated APIs in OpenSSL 3.0. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-14Fix CMake warning about mismatched if/endif arguments during OpenSSL detectionKevin Kane1-1/+1
Signed-off-by: Kevin Kane <kkane@microsoft.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-11Always check return value of ssh_list_new()Dirkjan Bussink5-21/+42
Another item identified during code review was cases where the return value of ssh_list_new() was not properly checked and handled. This updates all cases that were missing this to handle failure to allocate a new list. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-11Add safety checks for all ssh_string_fill callsDirkjan Bussink8-30/+97
These calls can fail and the return code should always be checked. These issues were identified when code review called it out on new code. The updates here are to existing code with no behavior changes to make review simpler. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-11Ignore request success and failure message if they are not expectedDirkjan Bussink2-18/+112
In https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145#note_463232084 behavior in libssh was identified where it diverges from how for example OpenSSH behaves. In OpenSSH if a request success of failure message is received, apart from it being treated as a keepalive message, it is ignored otherwise. Libssh does handle the unexpected message and triggers an error condition internally. This means that with the Dropbear behavior where it replies to a hostkeys-00@openssh.com message even with a want_reply = 0 (arguably a bug), libssh enters an error state. This change makes the libssh behavior match OpenSSH to ignore these messages. The spec is a bit unclear on whether Dropbear is buggy here or not, but let's be liberal with the input accepted here in libssh. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-10Provide OPENSSL_CRYPTO_LIBRARIES synonym for OPENSSL_CRYPTO_LIBRARYKevin Kane1-1/+7
FindOpenSSL.cmake usually defines this synonym, but it doesn't on CMake < 3.16 when building on Windows outside of Cygwin. Signed-off-by: Kevin Kane <kkane@microsoft.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-10Use OPENSSL_CRYPTO_LIBRARIES CMake variable when linking against OpenSSLKevin Kane2-18/+18
The build currently breaks when attempting to link libssh.so using a statically-linked OpenSSL. -ldl and -lpthread are required when linking a binary with the static libcrypto.a. The OPENSSL_CRYPTO_LIBRARY does not include these dependencies when linking against static OpenSSL. OPENSSL_CRYPTO_LIBRARIES contains the correct dependencies in both static and shared configurations; -ldl and -lpthread are not required when linking against shared libcrypto.so. This change changes all uses of OPENSSL_CRYPTO_LIBRARY to OPENSSL_CRYPTO_LIBRARIES to let the FindOpenSSL CMake module always provide the correct libraries at link time. Signed-off-by: Kevin Kane <kkane@microsoft.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-10Revert "cmake: Use OPENSSL_CRYPTO_LIBRARIES CMake variable when linking ↵Andreas Schneider2-18/+18
against OpenSSL" This reverts commit 026879e9f0d766ebe651e6d3fd9809e243928391.
2020-12-10auth: Add ssh_userauth_publickey_auto_get_current_identity()Marius Vollmer7-0/+177
Signed-off-by: Marius Vollmer <mvollmer@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>