Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2017-04-11 | server: Add option SSH_BIND_OPTIONS_IMPORT_KEY to server | Alfredo Mazzinghi | 1 | -6/+12 | |
This sets the bind private key directly from an ssh_key struct instead of reading a file. Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2015-04-10 | bind: Correctly close sockets and invalidate them. | Andreas Schneider | 1 | -13/+5 | |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2015-02-02 | server: Add support for ed25519 keys in the server. | Aris Adamantiadis | 1 | -0/+11 | |
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2014-03-27 | style: be consistent when iterating over wanted_methods | Luka Perkov | 1 | -1/+1 | |
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2014-03-12 | bind: only set bindfd after successful listen | Jon Simons | 1 | -1/+2 | |
In 'ssh_bind_listen', move setting of 'sshbind->bindfd' to only happen after the listen call: otherwise 'bindfd' can be set to a bogus descriptor for the case that listen fails. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2014-03-04 | security: fix for vulnerability CVE-2014-0017 | Aris Adamantiadis | 1 | -0/+2 | |
When accepting a new connection, a forking server based on libssh forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id (getpid) to the PRNG state, which is not guaranteed to be unique. This can cause several children to end up with same PRNG state which is a security issue. | |||||
2014-02-01 | server: allow custom server banners (bug #83) | Aris Adamantiadis | 1 | -1/+2 | |
2014-01-21 | Import keys during ssh_bind_accept_fd | Alan Dunn | 1 | -1/+11 | |
Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2014-01-21 | Separate out key import functionality from ssh_bind_listen | Alan Dunn | 1 | -12/+23 | |
Signed-off-by: Alan Dunn <amdunn@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2014-01-16 | bind: fix possible double-frees in ssh_bind_free | Jon Simons | 1 | -0/+10 | |
Make sure to explicitly set key pointers to NULL following the use of 'ssh_key_free' throughout bind.c. Before this change, a double free can happen via 'ssh_bind_free' as in this example callpath: // create an ssh_bind ssh_bind b = ssh_bind_new(); // provide a path to a wrong key-type ssh_bind_options_set(b, SSH_BIND_OPTIONS_DSAKEY, path_to_rsa_key); // initialize set key-type ssh_bind_listen(b); -> error path "The DSA host key has the wrong type: %d", ssh_key_free(sshbind->dsa) -> ssh_key_clean(key) // OK -> SAFE_FREE(key) // OK, but, sshbind->dsa is *not* set to NULL // ssh_bind_listen failed, so clean up ssh_bind ssh_bind_free(b); -> ssh_key_free(sshbind->dsa) // double-free here To fix, set pointers to NULL that have been free'd with 'ssh_key_free'. Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2013-12-09 | bind: Correctly free all memory in ssh_bind_free(). | Andreas Schneider | 1 | -3/+7 | |
Thanks to Jacob Baines. | |||||
2013-10-24 | bind: fix leak in ssh_bind_accept error path | Jon Simons | 1 | -2/+1 | |
Use 'ssh_socket_free' to cleanup if 'ssh_bind_accept_fd' fails, to be sure to free the ssh_socket in/out buffers. | |||||
2013-07-14 | log: Implment new logging functions. | Andreas Schneider | 1 | -1/+1 | |
2013-07-13 | bind: ssh_pki functions also return SSH_EOF error code | Aris Adamantiadis | 1 | -3/+3 | |
Reviewed-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2012-12-03 | BUG 97: Remove obsolete hsterror(). | Andreas Schneider | 1 | -12/+1 | |
This function is pretty much obsolete on most platforms. The standard errno should be used. If it is not enough on Windows we should use WSAGetLastError() in future. | |||||
2012-05-09 | bind: Fix build. | Andreas Schneider | 1 | -1/+2 | |
2012-05-08 | server: Add ecdsa hostkey support. | Andreas Schneider | 1 | -1/+1 | |
2012-02-19 | server: Add ecdsa hostkey support. | Andreas Schneider | 1 | -1/+34 | |
2012-02-05 | session: Use a struct for all options. | Andreas Schneider | 1 | -6/+6 | |
2011-11-09 | bind: Add more error messages. | Andreas Schneider | 1 | -1/+9 | |
2011-10-17 | bind: Fix ssh_bind_listen in normal case. | Andreas Schneider | 1 | -5/+6 | |
2011-10-13 | server: use app-provided bind socket when available | Aris Adamantiadis | 1 | -17/+19 | |
2011-10-13 | server: ssh_bind_accept_fd | Aris Adamantiadis | 1 | -52/+70 | |
This function will not call accept() but use function parameter instead | |||||
2011-09-17 | error: Use macros for error functions. | Andreas Schneider | 1 | -1/+1 | |
2011-08-22 | server: Use new pki infrastructure. | Andreas Schneider | 1 | -28/+4 | |
2011-08-16 | pki: Remove session from ssh_pki_import_privkey_* functions. | Andreas Schneider | 1 | -2/+10 | |
2011-08-15 | bind: Add checks around key functions. | Andreas Schneider | 1 | -6/+31 | |
2011-08-15 | bind: Read only once in ssh_bind_listen() (bug #11). | Andreas Schneider | 1 | -44/+50 | |
2011-08-09 | pki: Use a consistent name scheme. | Andreas Schneider | 1 | -2/+2 | |
Rename ssh_key_import_private to ssh_pki_import_privkey_file. | |||||
2011-08-08 | bind: Use ssh_key_import_private(). | Andreas Schneider | 1 | -22/+37 | |
2011-07-19 | Fixes the ssh_log issue on ssh_bind handles. | Aris Adamantiadis | 1 | -3/+3 | |
2011-03-09 | doc: Improve the doc of ssh_bind_set_callbacks. | Andreas Schneider | 1 | -19/+0 | |
2011-02-14 | bind: Set errors on return. | Bernhard R. Link | 1 | -1/+8 | |
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> | |||||
2011-01-02 | bind: Added include file for close function on Windows. | Andreas Schneider | 1 | -0/+1 | |
2010-12-29 | server: Added missing include files for getaddrinfo on Windows. | Andreas Schneider | 1 | -1/+10 | |
2010-12-27 | server: Replace gethostbyname() with getaddrinfo(). | Andreas Schneider | 1 | -43/+56 | |
Fixes rlo#13. | |||||
2010-10-27 | Moved includes from priv.h to bind.h | Aris Adamantiadis | 1 | -0/+1 | |
2010-10-20 | Split ssh_bind functions in a new .c file | Aris Adamantiadis | 1 | -0/+372 | |