aboutsummaryrefslogtreecommitdiff
path: root/include/libssh/session.h
AgeCommit message (Collapse)AuthorFilesLines
2019-11-18Use only one variable denoting the size of methods arraysJakub Jelen1-1/+1
Previously, there was non-consistent usage of constans SSH_KEX_METHODS, KEX_METHODS_SIZE and of magic number 10 to reference the arrays used for algorithm negotiation by peers. This commit settles down to the single constant and its usage throughout the whole codebase. Fixes T195 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-11-18session: Use ssh_packet_state_e instead of intAnderson Toshiyuki Sasaki1-1/+1
Use the enum type instead of int in the ssh_session_struct Fixes T194 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-11-07server: Use really the negotiated signature typeJakub Jelen1-0/+1
Generally, when the extension negotiation is enabled and client supports SHA2 algorithms for RSA, they are supposed to be prioritized against the old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey algorithms during negotiation), the server wrongly tries to provide the new typo of signature, ignoring the negotiated algirithm This commit propagates the digest algorithm from negotiation to the actual signature functions, which were previously responsible for decision about the hash algorithm based just on the negotiated extensions. Fixes T191 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add server implementationAris Adamantiadis1-0/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add client implementationAris Adamantiadis1-0/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09server: Correctly handle extensionsJakub Jelen1-3/+4
If the server had an RSA host key, it provided unconditionally SHA2 signatures without consulting the client proposed list of supported host keys. This commit implements more fine-grained detection of the extension to provide the client with valid signatures according to RFC 8332 Section 3.1. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Implement rekeying based on the recommendation from RFC'sJakub Jelen1-0/+2
The default rekeying recommendations are specified in RFC4344 Section 3 (First and Second Rekeying Recommendations). Additionally, the rekeying can be specified in configuration file/options allowing us to turn the rekeying off, base it on time or make it more strict. The code is highly inspired by the OpenSSH rekeying code. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Prepare counters to handle rekeying limitsJakub Jelen1-0/+2
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09options: Introduce new options for handling rekey limitsJakub Jelen1-0/+2
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-07session: Use long for the timeoutAndreas Schneider1-2/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-07config: Get rid of the dynamic seen arrayJakub Jelen1-1/+2
* This makes the array constant in the session structure, avoiding allocations and frees while parsing the file * It also drops passing the seen array to all the functions, because it is already part of the passed session * The test cases are adjusted to match these changes Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02config: Preserve the seen array among invocationsJakub Jelen1-0/+1
This follows the OpenSSH behavior of parsing subseqent configuration files, while applying only the first option. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02Process OpenSSH configuration files by default.Jakub Jelen1-0/+3
This will allow to use the same configuration in client applications including the users aliases or system wide cryptographic configuration. As the configuration parsing is the last thing before doing the actual connection, it might overwrite previously set options. If this is not intended, the client application can ask the configuration files to be parsed before setting some other options that should not ve overwritten. The code ensures that the configuration is not parsed again. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30session: Drop unused structure member (SSHv1)Jakub Jelen1-2/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31server: Support for extension negotiationJakub Jelen1-0/+1
This includes intercepting the ext-info-c string from the client kex proposal, configuring the server to allow using this extension and sending the SSH_MSG_EXT_INFO packet back to the client after the new keys are in use. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31options: The new option SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPESJakub Jelen1-0/+1
This option allows to specify acceptable public key algorithms and reflects the PubkeyAcceptedTypes configuration option from OpenSSH. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31client: Handle the MSG_EXT_INFO packet signalling supported extensionsJakub Jelen1-0/+8
RFC 8308: The extension negotiation in Secure Shell (SSH) Protocol RFC 8332: Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell (SSH) Protocol Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27auth: Also log the current auth methodAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27session: Group auth variables in a structAndreas Schneider1-4/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29Rest in Peace SSHv1Andreas Schneider1-3/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-03-21Add a NODELAY optionAlberto Aguirre1-0/+1
Add a new option SSH_OPTIONS_NODELAY to enable or disable the Nagle Algorithm (TCP_NODELAY) on the session socket. Improved performance can be achieved for some applications like sftp servers by enabling SSH_OPTIONS_NODELAY as typically, the next request won't arrive until the server replies, which are typically small writes. Signed-off-by: Alberto Aguirre <albaguirre@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15Add new optionsAris Adamantiadis1-0/+9
Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com> Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-02-02server: Add support for ed25519 keys in the server.Aris Adamantiadis1-1/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-22kex: server fix for first_kex_packet_followsJon Simons1-0/+9
Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Patch adjusted from original to ensure that client tests remain passing (ie 'torture_connect'): restrict the changes in 'ssh_packet_kexinit' only for the 'server_kex' case. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-04-15Revert "kex: server fix for first_kex_packet_follows"Andreas Schneider1-9/+0
The patch breaks the client with ECDSA. This reverts commit 5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.
2014-04-10kex: server fix for first_kex_packet_followsJon Simons1-0/+9
Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-02-12Add session/channel byte/packet countersAudrius Butkevicius1-0/+3
Signed-off-by: Audrius Butkevicius <audrius.butkevicius@elastichosts.com>
2014-02-01server: allow custom server banners (bug #83)Aris Adamantiadis1-0/+1
2013-11-15options: Add SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS option.Simo Sorce1-0/+1
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-11-15options: Add SSH_OPTIONS_GSSAPI_CLIENT_IDENTITY option.Andreas Schneider1-0/+1
2013-11-15gssapi: Add suppport to set GSSAPI server identity.Andreas Schneider1-0/+1
2013-09-16session: Remove obsolete status variables.Andreas Schneider1-3/+0
BUG: https://red.libssh.org/issues/121
2013-07-14src: Remove enter_function() and leave_function().Andreas Schneider1-1/+0
2013-07-13auth: implement client-side gssapiAris Adamantiadis1-1/+2
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-07-13auth: adapt libssh to gssapi-with-mic serverAris Adamantiadis1-0/+1
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-07-13session: Introduce SSH_TIMEOUT_DEFAULTAris Adamantiadis1-0/+5
The default timeout of 30seconds is very nice when connecting to a new SSH session, however it completely breaks the synchronous blocking API. Use SSH_TIMEOUT_DEFAULT when in blocking mode so channel reads&write are blocking as expected Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-07-13Defined SSH server callbacks interfaceAris Adamantiadis1-1/+1
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-01-23include: Fix the LGPL header.Andreas Schneider1-12/+11
This has been reported by rpmlint: libssh-devel.x86_64: W: incorrect-fsf-address libssh.h
2012-12-23Implement key re-exchangeAris Adamantiadis1-0/+3
2012-02-19server: Add ecdsa hostkey support.Andreas Schneider1-0/+1
2012-02-05session: Use a struct for all options.Andreas Schneider1-17/+18
2011-09-18priv: Move kex functions to kex header.Andreas Schneider1-0/+1
2011-09-18kex: moved KEX structures to ssh_crypto_structAris Adamantiadis1-6/+0
2011-09-18kex: split key selection and sendingAris Adamantiadis1-0/+4
2011-09-11auth: made keyboard-interactive nonblockingAris Adamantiadis1-1/+3
2011-09-11Auth: nonblocking ssh_userauth_pubkey_autoAris Adamantiadis1-0/+1
2011-09-11auth: Implement nonblocking ssh_auth_agentAris Adamantiadis1-0/+1
2011-09-11auth: different code for auth_agentAris Adamantiadis1-0/+1
2011-09-02Update libssh to ssh_handle_packets_terminationAris Adamantiadis1-0/+5
cherry-picked from 0cb5248 Should resolve all timeout problems Conflicts: src/auth.c src/channels.c
2011-09-02channels: replaced bugged lists with ssh_listAris Adamantiadis1-1/+1
cherry-picked from 0aef5f Conflicts: src/session.c