aboutsummaryrefslogtreecommitdiff
path: root/include/libssh
AgeCommit message (Collapse)AuthorFilesLines
2019-08-07bignum: Pass const to ssh_print_bignum()Andreas Schneider3-3/+6
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-08-06misc: Introduce internal function ssh_mkdirs()Anderson Toshiyuki Sasaki1-0/+3
If the given path includes missing directories, ssh_mkdirs() tries to create them recursively. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-08-06misc: Introduce internal function ssh_dir_writeable()Anderson Toshiyuki Sasaki1-0/+1
The introduced internal function checks if the provided path is for an existing directory which is accessible for writing. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-07-30misc: Introduce ssh_log_hexdump()Anderson Toshiyuki Sasaki1-0/+1
The introduced internal function is intended to be a replacement for the deprecated function ssh_print_hexa(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-07-08include: Add define for SSH_CONNECTOR_STDINOUTAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-04libcrypto: fix compilation with LibreSSLStefan Strogin1-0/+4
LibreSSL does not support FIPS mode, check for FIPS_mode() in ConfigureChecks.cmake. Signed-off-by: Stefan Strogin <steils@gentoo.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-04cmake: Use GNUInstallDirs for installationAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-07-04knownhosts: Introduced ssh_known_hosts_get_algorithms_names()Anderson Toshiyuki Sasaki1-0/+1
The added internal function obtain a newly allocated string containing a list of the signature types that can be generated by the keys present in the known_hosts files, separated by commas. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-04token: Added function to remove duplicatesAnderson Toshiyuki Sasaki1-1/+5
Added a function to remove duplicates from lists. This function is used in a new provided function to append lists removing duplicates. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-27connect: Removed unused codeAnderson Toshiyuki Sasaki1-2/+0
The internal function ssh_connect_host() is not used. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-14include: Make sure ssh_session_get_known_hosts_entry is added to the APIAndreas Schneider1-3/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-06-14callbacks: Add ssh_threads_get_default() to the callbacks.hDavid Wedderwille1-2/+13
Fixes: T154 Signed-off-by: David Wedderwille <davidwe@posteo.de> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-14ed25519: Replace unsigned long long with uint64_tAnderson Toshiyuki Sasaki1-4/+4
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-14priv.h: Add macro definitions for PRIx32 and PRIx64Anderson Toshiyuki Sasaki1-0/+12
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-13channels: Make ssh_message_channel_request_open_reply_accept_channel publicDavid Wedderwille2-1/+1
This also adds documentation for it. Fixes T144 Signed-off-by: David Wedderwille <davidwe@posteo.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-12bignum: Define bignum_dup(bignum orig, bignum *dest)Anderson Toshiyuki Sasaki3-0/+23
The macro is defined for each crypto back end. If (*dest) is NULL, a new bignum is allocated. Otherwise the value of orig is copied to (*dest). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-06-12kex, pki, server, options: Filter algorithms in FIPS modeAnderson Toshiyuki Sasaki1-0/+2
When in FIPS mode, filter the algorithms to enable only the allowed ones. If any algorithm is explicitly set through options or configuration file, they are kept. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-06-12options: Allow avoiding system-wide configurationAnderson Toshiyuki Sasaki1-0/+1
The added option SSH_BIND_OPTIONS_PROCESS_CONFIG allows to skip processing the system-wide configuration file. The global configuration file is processed automatically if this option is not set as false. This option will only be effective if set before any call to ssh_bind_options_parse_config(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12bind_config: Add support for HostKeyAlgorithmsAnderson Toshiyuki Sasaki1-0/+1
Add support for setting the allowed HostKey algorithms through configuration file. Note that this does NOT add support for adding or removing values using '+' or '-'. Only replacing the whole list is supported. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12options: Added an option to set server HostKey algorithmsAnderson Toshiyuki Sasaki1-0/+1
The added option SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS allows restricting the signature algorithms to offer to the client for host authentication. The list set is used as a filter of allowed algorithms. First a list of possible signature algorithms to offer is created from the keys set and then such list is filtered against the allowed algorithms. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12bind_config: Add support for PubkeyAcceptedKeyTypesAnderson Toshiyuki Sasaki1-0/+1
Add support for setting the accepted public key types through configuration file. Note that this does NOT add support for adding or removing values using '+' or '-'. Only replacing the whole list is supported. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12options: Add option to set server accepted pubkey typesAnderson Toshiyuki Sasaki2-0/+2
The added option SSH_BIND_OPTIONS_PUBKEY_ACCEPTED_KEY_TYPES allows restricting the allowed public key types accepted by the server for authentication. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12token, kex: Add functions to handle tokens listsAnderson Toshiyuki Sasaki1-0/+44
The added functions allow splitting chains of tokens separated by a given character (usually ','), and extracting matching parts between two chains of tokens. The previously existing functions in kex.c were replaced by the introduced ones. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-05-13pki: Fail to sign when using wrong hash algorithmAnderson Toshiyuki Sasaki1-0/+2
Do not allow using SSH_DIGEST_AUTO for any algorithm other than ed25519. Do not allow using incompatible hash algorithms when signing or verifying signatures. Added negative tests for all combinations of signature and hash algorithms. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13pki: Remove unused codeAnderson Toshiyuki Sasaki1-8/+0
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13pki_crypto: Added pki_sign_data() and pki_verify_data_signature()Anderson Toshiyuki Sasaki1-0/+8
pki_sign_data() uses the given private key and hash algorithm to sign the data using the OpenSSL EVP interface. The corresponding function pki_verify_data_signature() receives the signature, the signed data, and the public key to verify the signature. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13pki: Add a common place to store raw signaturesAnderson Toshiyuki Sasaki1-0/+1
This is a preparation to store the raw signature for all algorithms in the same place in ssh_signature. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13auth, pki: Calculate hash internally when signing/verifyingAnderson Toshiyuki Sasaki2-5/+9
This makes pki_do_sign() and pki_signature_verify() to receive the original input instead of the pre-calculated hash. The hash is then calculated internally. The hash to be used inside the signature is decided earlier, when all the information about the signature to be generated/verified is available. Simplify ssh_pki_do_sign() and ssh_srv_pki_do_sign_sessionid(). The tests were modified to use pki_do_sign() instead of pki_do_sign_hash(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13pki: Remove duplicate and unused codeAnderson Toshiyuki Sasaki1-6/+0
Remove duplicate code previously used only in server side to generate signatures. Currently the code used to generate the signature is the same for both client and server. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13wrapper: Make sha{1, 256, 384, 512}() input constAnderson Toshiyuki Sasaki1-4/+4
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-13wrapper.h: Add SSH_DIGEST_SHA384 to ssh_digest_e enumAnderson Toshiyuki Sasaki1-1/+2
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-29dh-gex: Verify received primes in FIPS mode to match one of the known groupsJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-29Provide a function to query crypto backend for FIPS statusJakub Jelen3-0/+8
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-29dh-gex: Fall back to known primes when the moduli file is not readableJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-29sftp server: Implementation of sftp_server_free() as counterpart to ↵David Wedderwille1-0/+7
sftp_server_new() Fixes T143 Signed-off-by: David Wedderwille <davidwe@posteo.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-04-17pki: allow certificates to be used in signature verificationBen Toews1-0/+1
A number of places checked that the signature type matched the key type. We losen these checks to, for example, allow an RSA signature with an RSA-cert key. Signed-off-by: Ben Toews <mastahyeti@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-04-17pki: support ECDSA/ED25519 certificatesBen Toews2-0/+10
As with RSA/DSS, support is still quite limited. This is mostly about adding new ssh_keytypes_e values and updating sites that check keys' types. Signed-off-by: Ben Toews <mastahyeti@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-04-17libssh: deprecate SSH_KEYTYPE_ECDSABen Toews2-2/+8
This type is imprecise. We often need the ecdsa_nid in addition to the key type in order to do anything. We replace this singluar ECDSA type with one type per curve. Signed-off-by: Ben Toews <mastahyeti@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-04-04dh: Move DH key handling into a separate file.Simo Sorce1-17/+21
In preparation for adding crypto-libraries specific backends. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-04dh: Confine DH KEX keys handling into fewer functionsSimo Sorce4-13/+19
In preparation for deferring computation on DH secret material to crypto library specific backends Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-04dh: Rename variables for DH key exchangeSimo Sorce2-3/+17
Rename and refactor how some variables are held in ssh_crypto_struct. Refactor allocation of dh exchange public keys. This is in preparation for switching the code to use openssl native DH handling and allowed to better reason about the code and the overall API. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-04mbedcrypto: Make bignum_bin2bn behave like othersSimo Sorce1-2/+6
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01bind_config: Added minimal support for Match keywordAnderson Toshiyuki Sasaki1-0/+3
Only "Match All" is supported, if any other criterion is used, the block is ignored and the options are not applied. It is important to note that only a subset of the supported keywords are allowed to be used inside a Match block, currently being "LogLevel" the only supported keyword. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01options: Add a bind option to set the config directoryAnderson Toshiyuki Sasaki2-1/+3
This adds the SSH_BIND_OPTIONS_CONFIG_DIR which allows to set the directory used to expand the escape character "%d" when passing a path to ssh_bind_options_parse_file(). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01options: Introduce ssh_bind_options_parse_config()Anderson Toshiyuki Sasaki2-0/+4
The added API allows setting the options of a given bind context through a configuration file. The default global configuration file "/etc/ssh/libssh_server_config" is parsed before the provided configuration file, if it hasn't been parsed yet. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01bind_config: Support server side configurationAnderson Toshiyuki Sasaki1-0/+59
Introduced the support to set options for a given ssh_bind through a configuration file. For options set more than once in a single file (or by files included in it recursively) the first value set will be kept. Differently from the session options configuration, if an option previously set in one configuration file is redefined in a later processed file, the latest will be kept. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01config: Move common parser functions to config_parser.cAnderson Toshiyuki Sasaki1-0/+57
This will allow the moved functions to be used in the server side configuration parser implementation. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-03-29channels: Added function to create channel to UNIX socketpmorris671-0/+2
[asn: Reformatting and added openssh version check] Signed-off-by: Philip Morris <philip.morris67@ntlworld.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-03-25The ssh_channel_callbacks_struct member name is channel_data_function.Jan Pazdziora1-1/+1
Addressing client.c: In function ‘show_remote_uptime’: client.c:107:6: error: ‘struct ssh_channel_callbacks_struct’ has no member named ‘channel_data’ .channel_data = my_channel_data_function, ^~~~~~~~~~~~ client.c:107:21: warning: initialization of ‘long unsigned int’ from ‘int (*)(struct ssh_session_struct *, struct ssh_channel_struct *, void *, uint32_t, int, void *)’ {aka ‘int (*)(struct ssh_session_struct *, struct ssh_channel_struct *, void *, unsigned int, int, void *)’} makes integer from pointer without a cast [-Wint-conversion] .channel_data = my_channel_data_function, ^~~~~~~~~~~~~~~~~~~~~~~~ client.c:107:21: note: (near initialization for ‘cb.size’) Signed-off-by: Jan Pazdziora <jpazdziora@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-03-07Use a common KDF functionSimo Sorce2-11/+17
Cleanup the KDF function to use only one function per crypto backend. Improve the KDF function to properly handle requested lenght and to avoid unnecessarily reallocating buffers. In OpenSSL use the new EVP_KDF API if available. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>