aboutsummaryrefslogtreecommitdiff
path: root/config.h.cmake
AgeCommit message (Collapse)AuthorFilesLines
2019-05-14cmake,options: Allow to set global client config fileAnderson Toshiyuki Sasaki1-0/+3
This allows the global client (ssh_session) configuration file path to be set in configuration time by defining GLOBAL_CLIENT_CONFIG when calling cmake. If it is not defined, the default path is set as "/etc/ssh/ssh_config". usage example: $ cmake -DGLOBAL_CLIENT_CONFIG=/etc/my/custom/path .. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01cmake,options: Allow to set global bind config fileAnderson Toshiyuki Sasaki1-0/+3
This allows the global bind configuration file path to be set in configuration time by defining the GLOBAL_BIND_CONFIG when calling cmake. If no value is defined, the default path is set as "/etc/ssh/libssh_server_config". usage example: $ cmake -DGLOBAL_BIND_CONFIG=/etc/my/custom/path .. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-03-07Use a common KDF functionSimo Sorce1-0/+3
Cleanup the KDF function to use only one function per crypto backend. Improve the KDF function to properly handle requested lenght and to avoid unnecessarily reallocating buffers. In OpenSSL use the new EVP_KDF API if available. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-21buffer: Fix regression introduced by 6c7eaa and c306a6Tilo Eckert1-1/+0
Buffer (un)packing was broken on compilers that are not gcc-compatible since the checks for an argument count of -1 have been removed from ssh_buffer_(un)pack(). This fix no longer uses GCC extensions for the __VA_NARG__ macro, but only plain C99. Note: The macro can no longer count empty argument lists (results in compile error) which was not needed anyway. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-07Allow building without Group Exchange supportJakub Jelen1-0/+3
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-19crypto: Disable blowfish support by defaultAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-11-30include: Add macro for unused arguments and variablesAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-28tests: Replace tests filtering with cmocka builtin filterAnderson Toshiyuki Sasaki1-0/+6
This completely removes the tests filter code from torture.c and calls cmocka_set_test_filter() instead, if available. The checks for required libraries, headers, and the availability of cmocka_set_test_filter() were added to the cmake configuration. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-21libcrypto: disable AES-NI engine when running inside valgrindAris Adamantiadis1-0/+6
Valgrind detects many uninitialized memory false positives from libcrypto's AES-NI internals. Roll back to software AES when running tests. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09libcrypto: Implement OpenSSH-compatible AES-GCM ciphers using OpenSSLJakub Jelen1-0/+3
The commit also propares the internals throughout the code base for the inclusion of a new AEAD cipher, because previously, the source code counted only with chacha20-poly1305 cipher, which is very specific in many cases. The SSH_HMAC_AEAD_GCM mac algorithm is not actually used, but the name needed to be defined so we can match in the algorithms selection per OpenSSH specification (MACs are ignored in case GCM is select as a cipher [1]). If the provided OpenSSL does not provide EVP_aes_128_gcm() function, the AES-GCM ciphers will not be compiled in. [1] https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.chacha20poly1305?annotate=HEAD Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-17cmake: Correctly detect if glob has gl_flags memberAndreas Schneider1-0/+3
Thanks to Baruch Siach. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-29misc: Add strndup implementation if not provides by the OSAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-13cmake: Fix PACKAGE and VERSION in config.hAndreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-13cmake: Detect constructor and destructor attributesAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29Rest in Peace SSHv1Andreas Schneider1-3/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-06-29kex: Enable chacha20-poly1304 KEX with mbedtlsAndreas Schneider1-3/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28chacha: fix build for mbedTLSJon Simons1-0/+3
Fix the build for mbedTLS: * set HAVE_CHACHA for non-mbedTLS builds * only compile chachapoly.c when HAVE_CHACHA * use empty CHACHA20 in src/kex.c unless HAVE_CHACHA Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28cmake: detect "bounded" compiler attributeAris Adamantiadis1-0/+2
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28external: Add ChaCha and Poly1305 implementations from OpenSSHAris Adamantiadis1-0/+3
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04cmake: add WITH_PACKET_DEBUG optionAris Adamantiadis1-0/+3
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-11misc: Use SecureZeroMemory if available for explicit_bzeroAlberto Aguirre1-0/+3
Useful on Windows platforms where SecureZeroMemory is available. Signed-off-by: Alberto Aguirre <albaguirre@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-11misc: Use memset_s if available for explicit_bzeroAlberto Aguirre1-0/+3
Useful on OSX where memset_s is available. Signed-off-by: Alberto Aguirre <albaguirre@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-12src: Use explicit_bzero() if available on the platformAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-28add mbedtls crypto supportJuraj Vijtiuk1-0/+6
Summary: This patch adds support for mbedTLS as a crypto backend for libssh. mbedTLS is an SSL/TLS library that has been designed to mainly be used in embedded systems. It is loosely coupled and has a low memory footprint. mbedTLS also provides a cryptography library (libmbedcrypto) that can be used without the TLS modules. The patch is unfortunately quite big, since several new files had to be added. DSA is disabled at compile time, since mbedTLS doesn't support DSA Patch review and feedback would be appreciated, and if any issues or suggestions appear, I'm willing to work on them. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: * The patch has been tested with a Debug and MinSizeRel build, with libssh unit tests, client tests and the pkd tests. * All the tests have been run with valgrind's memcheck, drd and helgrind tools. * The examples/samplessh client works when built with the patch. Reviewers: asn, aris Subscribers: simonsj Differential Revision: https://bugs.libssh.org/D1
2017-12-21config: Add CMake check for glob()Jakub Jelen1-0/+6
2017-08-25cmake: Add check for fallthrough attributeAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-23cmake: Check for EVP_CIPHER_CTX_newAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07cmake: Use configure check for CRYPTO_ctr128_encryptAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07threads: Use new API call for OpenSSL CRYPTO THREADIDAndreas Schneider1-0/+3
BUG: https://red.libssh.org/issues/222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06cmake: Check for io.h on WindowsAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06cmake: Correctly check for sys/[u]time.hAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-25crypto: old-fashioned aes_ctr when evp_aes_ctr is missingAris Adamantiadis1-0/+6
2015-05-04config: Add missing HAVE_ARPA_INET_H defineAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-04-02cmake: Detect __func__ and __FUNCTION__ during configure stepAndreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-02-08buffer: detect compilers not supporting __VA_ARGS__Aris Adamantiadis1-0/+1
2014-12-17libcrypto: Fix Windows build with ssh_reseed().Andreas Schneider1-0/+3
gettimeofday() is not available on Windows and we need it only in case of forking. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2014-02-16examples: Add ssh_server_fork exampleAudrius Butkevicius1-0/+3
Signed-off-by: Audrius Butkevicius <audrius.butkevicius@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-02-16config: Add missing HAVE_LIBUTIL_H define in config.hAudrius Butkevicius1-0/+3
Signed-off-by: Audrius Butkevicius <audrius.butkevicius@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-03examples: fix forktty() warning on OSXAris Adamantiadis1-0/+3
2013-11-03Compile libssh with nacl if possibleAris Adamantiadis1-1/+3
Conflicts: DefineOptions.cmake
2013-10-30cmake: Check for isblank().Andreas Schneider1-0/+3
2013-07-23cmake: Check for unistd.h.Andreas Schneider1-0/+3
2013-07-23cmake: Check for HAVE_GCC_VOLATILE_MEMORY_PROTECTION.Andreas Schneider1-0/+2
This ensures that the memset call is not optimized out by the compiler (works works with gcc and clang).
2013-07-22cmake: Check for _strtoui64() on Windows.Andreas Schneider1-0/+3
2013-07-14cmake: Check if we have Thread Local Storage support.Andreas Schneider1-0/+3
2013-07-13cmake: Make GSSAPI optional.Andreas Schneider1-0/+3
2012-12-03BUG 97: Fix strtoull() detection on serveral platforms.Andreas Schneider1-0/+6
2012-12-03BUG 96: Guard ntohll() and htonll prototypes correctly.Andreas Schneider1-0/+3
2012-02-04cmake: Enable ECC support for GCrypt 1.5.0 or newer.Andreas Schneider1-0/+3
2012-02-04cmake: Add a define to see if we have ecc support.Andreas Schneider1-0/+4