aboutsummaryrefslogtreecommitdiff
path: root/include/libssh
AgeCommit message (Collapse)AuthorFilesLines
2019-02-27sftp: Document how to free memory retruned by sftp_canonicalize_path()Andreas Schneider1-1/+3
Fixes T129 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-22Add flag for tracking EtM HMACsDirkjan Bussink2-1/+6
This adds a flag to the type structures to track if we use a Encrypt-then-MAC cipher instead of Encrypt-and-MAC. EtM is a more secure hashing mechanism. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-22Refactor ssh_packet_hmac_verify to allow for direct bufferDirkjan Bussink1-1/+1
This will make it easier to do Encrypt-then-MAC checks as those will be on the direct encrypted data received before decrypting which means they are not allocated in an ssh buffer at that point yet. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-22Remove SHA384 HMACDirkjan Bussink1-1/+0
This is not supported by OpenSSH and not recommended to be implemented either. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-21buffer: Fix regression introduced by 6c7eaa and c306a6Tilo Eckert1-6/+1
Buffer (un)packing was broken on compilers that are not gcc-compatible since the checks for an argument count of -1 have been removed from ssh_buffer_(un)pack(). This fix no longer uses GCC extensions for the __VA_NARG__ macro, but only plain C99. Note: The macro can no longer count empty argument lists (results in compile error) which was not needed anyway. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-07Allow building without Group Exchange supportJakub Jelen1-0/+5
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07options: Allow to configure cryptographic algorithms for serverJakub Jelen1-1/+6
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07include: Mark ssh_print_hexa as deprecatedAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24buffer: Convert argc to size_t in ssh_buffer_unpack() as wellBaruch Siach1-2/+2
Commit c306a693f3fb ("buffer: Use size_t for argc argument in ssh_buffer_(un)pack()") mentioned unpack in the commit log, but it only touches the pack variants. Extend the conversion to unpack. Pre-initialize the p pointer to avoid possible use before initialization in case of early argc check failure. This fixes build failure: .../libssh-0.8.6/src/buffer.c: In function 'ssh_buffer_unpack_va': .../libssh-0.8.6/src/buffer.c:1229:16: error: assuming signed overflow does not occur when simplifying conditional to constant [-Werror=strict-overflow] if (argc == -1){ ^ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add server implementationAris Adamantiadis4-5/+3
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24wrapper: Move dh cleanup into dh.cAris Adamantiadis1-1/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add client implementationAris Adamantiadis3-0/+41
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh: Do some basic refactoringAris Adamantiadis2-11/+7
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24bignum: harmonize gcrypt, libcrypto and libmcrypt bignumAris Adamantiadis4-16/+51
Ensure most of the abstraction around the 3 libs are consistent. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh: move unrelated functions out of dh.cAris Adamantiadis2-6/+5
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24kex: use runtime callbacks (server)Aris Adamantiadis3-3/+8
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24kex: use runtime callbacks (client)Aris Adamantiadis3-4/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09server: Correctly handle extensionsJakub Jelen1-3/+4
If the server had an RSA host key, it provided unconditionally SHA2 signatures without consulting the client proposed list of supported host keys. This commit implements more fine-grained detection of the extension to provide the client with valid signatures according to RFC 8332 Section 3.1. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Implement rekeying based on the recommendation from RFC'sJakub Jelen2-0/+4
The default rekeying recommendations are specified in RFC4344 Section 3 (First and Second Rekeying Recommendations). Additionally, the rekeying can be specified in configuration file/options allowing us to turn the rekeying off, base it on time or make it more strict. The code is highly inspired by the OpenSSH rekeying code. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Provide a function to switch crypto in separate directionsJakub Jelen1-0/+2
This also fixes the test using the crypto directly Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Introduce a new function to access cryptoJakub Jelen3-0/+9
And remove most of the direct access to the structure throughout the code Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Prepare counters to handle rekeying limitsJakub Jelen2-0/+7
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09config: Parse rekey limits and apply themJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09options: Introduce new options for handling rekey limitsJakub Jelen2-0/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09priv: Provide PRIu32 for Visual StudioJakub Jelen1-0/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-19crypto: Disable blowfish support by defaultAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-12-10config: Parse ProxyJump configuration option and implement it using ↵Jakub Jelen1-0/+1
ProxyCommand with OpenSSH Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-10channel: Add SSH_CHANNEL_FLAG_CLOSED_LOCALAndreas Schneider1-3/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-07session: Use long for the timeoutAndreas Schneider1-2/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-07buffer: Use size_t for argc argument in ssh_buffer_(un)pack()Andreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-12-07config: Get rid of the dynamic seen arrayJakub Jelen2-1/+68
* This makes the array constant in the session structure, avoiding allocations and frees while parsing the file * It also drops passing the seen array to all the functions, because it is already part of the passed session * The test cases are adjusted to match these changes Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30include: Add macro for unused arguments and variablesAndreas Schneider1-2/+16
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30crypto: Use size_t for len argument in encrypt and decrpyt fnAndreas Schneider1-4/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Separate signature extraction and verificationJakub Jelen1-5/+5
Initial solution proposed by Tilo Eckert <tilo.eckert@flam.de> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-23Drop unused header fileJakub Jelen1-28/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-21packets: allow removal of callbacksAris Adamantiadis1-0/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-20packets: Fix ssh_send_keepalive()Nicolas Viennot1-0/+4
ssh_send_keepalive() should use global_request() to properly configure the state machine for packet filtering. Signed-off-by: Nicolas Viennot <nicolas@viennot.biz> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02config: Preserve the seen array among invocationsJakub Jelen1-0/+1
This follows the OpenSSH behavior of parsing subseqent configuration files, while applying only the first option. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02options: Provide a way of disabling automatic config parsingJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02Process OpenSSH configuration files by default.Jakub Jelen1-0/+3
This will allow to use the same configuration in client applications including the users aliases or system wide cryptographic configuration. As the configuration parsing is the last thing before doing the actual connection, it might overwrite previously set options. If this is not intended, the client application can ask the configuration files to be parsed before setting some other options that should not ve overwritten. The code ensures that the configuration is not parsed again. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30session: Drop unused structure member (SSHv1)Jakub Jelen1-2/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-25socket: Undouble socket fdsSanne Raymaekers1-3/+2
Signed-off-by: Sanne Raymaekers <sraymaek@redhat.com>
2018-10-24messages: Add SSH_MESSAGE_FREEAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24messages: Make ssh_message_queue() staticAndreas Schneider1-1/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24pki_crypto: Mark iqmp as unusedAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24libsshpp: Pass username and submethods to ssh_userauth_kbdint()Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24include: Fix HAVE_<FEATURE> checks in pki.hAndreas Schneider1-11/+11
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19knownhosts: Consult also the global known hosts fileJakub Jelen1-0/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Verify the hostkey ordering for negotiation is correctJakub Jelen1-0/+1
Previously, not all of the host keys algorithms were used for algorithm negotiation. This verifies the algorithms list is sane and ordered with the key types from known hosts in the first place. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19libsshpp: Use ssh_session_update_known_hosts()Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>