aboutsummaryrefslogtreecommitdiff
path: root/src/packet_cb.c
AgeCommit message (Collapse)AuthorFilesLines
2019-01-24kex: use runtime callbacks (client)Aris Adamantiadis1-44/+0
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Provide a function to switch crypto in separate directionsJakub Jelen1-86/+4
This also fixes the test using the crypto directly Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Prepare counters to handle rekeying limitsJakub Jelen1-0/+38
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30packet_cb: Properly verify the signature typeJakub Jelen1-4/+4
Issue reported by Tilo Eckert <tilo.eckert@flam.de> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Separate signature extraction and verificationJakub Jelen1-6/+13
Initial solution proposed by Tilo Eckert <tilo.eckert@flam.de> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-23kex,packet,packet_cb: ReformatJakub Jelen1-3/+3
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-20packet: Fix timeout on hostkey type mismatch instead of proper errorTilo Eckert1-1/+1
If the hostkey type was not in the list of acceptable hostkey types, the function failed to set the error state. Due to the fact that the calling function ssh_packet_process() does not handle the SSH_ERROR return code, the newkeys packet from the server was silently ignored, stalling the connection until a timeout occurred. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20dh: Add diffie-hellman-group18-sha512 supportAnderson Toshiyuki Sasaki1-0/+1
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2018-09-19dh: Add diffie-hellman-group16-sha512 supportAnderson Toshiyuki Sasaki1-0/+1
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-01packet: Add a bound check for nr_extensionsAndreas Schneider1-0/+6
CID 1395335 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31client: Handle the MSG_EXT_INFO packet signalling supported extensionsJakub Jelen1-0/+52
RFC 8308: The extension negotiation in Secure Shell (SSH) Protocol RFC 8332: Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell (SSH) Protocol Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-27session: Group auth variables in a structAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29kex: add curve25519-sha256 as alias for curve25519-sha256@libssh.orgTilo Eckert1-0/+1
see: https://tools.ietf.org/id/draft-ietf-curdle-ssh-curves-07.html Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29Rest in Peace SSHv1Andreas Schneider1-2/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-04-18packet_cb: Fix the if check in ssh_packet_newkeys()Andreas Schneider1-1/+1
CID 1388446 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-21crypto: Change the type of server_pubkey to ssh_keyAndreas Schneider1-10/+6
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-08-24ecdh: enable ecdh_sha2_nistp{384,521} kex methodsJon Simons1-0/+2
Summary: Based on Dirkjan's original patch series here: * https://www.libssh.org/archive/libssh/2015-08/0000029.html Here the changes are adapted for the current master branch, and expanded to include libgcrypt support. Co-Authored-By: Dirkjan Bussink <d.bussink@gmail.com> Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Test Plan: * Ran pkd tests for libcrypto and libgcrypt builds. * Ran client torture_algorithms.c tests for libcrypto and libgcrypt builds. * Tested across multiple libgcrypts ("1.6.3" and "1.7.6-beta"). Reviewers: aris, asn Tags: #libssh Differential Revision: https://bugs.libssh.org/D7
2016-01-19cleanup: use ssh_ prefix in the dh (non-static) functionsFabiano Fidêncio1-3/+3
Having "ssh_" prefix in the functions' name will avoid possible clashes when compiling libssh statically. Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19cleanup: use ssh_ prefix in the buffer (non-static) functionsFabiano Fidêncio1-2/+2
Having "ssh_" prefix in the functions' name will avoid possible clashes when compiling libssh statically. Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-24crypto: move key setup in newkeys handlerAris Adamantiadis1-0/+8
2015-04-23CVE-2015-3146: Fix state validation in packet handlersAris Adamantiadis1-6/+10
The state validation in the packet handlers for SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY had a bug which did not raise an error. The issue has been found and reported by Mariusz Ziule. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-04-10cmake: Check for arpa/inet.h header fileAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-01-21packet_cb: Add misssing include for ntohl().Andreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2014-03-12packet: log disconnect code in host byte orderJon Simons1-13/+19
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-09-27kex: implement curve25519-sha256@libssh.orgAris Adamantiadis1-0/+6
2013-07-14src: Remove enter_function() and leave_function().Andreas Schneider1-2/+2
2013-07-14src: Migrate to SSH_LOG.Andreas Schneider1-6/+7
2012-12-23Implement key re-exchangeAris Adamantiadis1-1/+8
2012-09-07kex: Add simple DES support for SSHv1.Dmitriy Kuznetsov1-1/+1
2012-09-04dh: Add support for diffie-hellman-group14-sha1.Dmitriy Kuznetsov1-0/+1
2012-02-05session: Use a struct for all options.Andreas Schneider1-3/+3
2011-09-18packet: Move packet callbacks to packet_cb.c.Andreas Schneider1-0/+236