aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-06-28misc: Use strtoul in ssh_analyze_banner()Andreas Schneider1-1/+1
Thanks to Tilo Eckert. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-08config: fix buffer underflow with unrecognized opcodesAris Adamantiadis1-1/+1
2017-06-06misc: Do not fall through and return a valueAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-06wrapper: Fix possible crash in ssh_handle_key_exchange()debevv1-4/+6
If ssh_handle_key_exchange() fails, when ssh_free() is called cipher->ctx is NULL. Signed-off-by: debevv <valerio@sonicpengu.in>
2017-06-06config: Bugfix: Don't skip unseen opcodesArtyom V. Poptsov1-1/+1
libssh fails to read the configuration from a config file due to a wrong check in 'ssh_config_parse_line' procedure in 'config.c'; it's effectively skipping every opcode (and therefore every option) from the file. The change fixes that behaviour. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-26messages: Make sure we always free the answers pointerAndreas Schneider1-2/+2
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1272 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-25messages: Do not leak memory of previously allocated answersAndreas Schneider1-2/+9
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-24messages: Do not leak memory if answeres had been allocated previouslyAndreas Schneider1-0/+1
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Do not leak memory if answered had been allocated previouslyAndreas Schneider1-2/+3
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1184 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21misc: Validate integers converted from the SSH bannerAndreas Schneider1-2/+16
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1181 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Fix memory leaks in the ssh_packet_global_request callbackAndreas Schneider1-0/+2
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1208 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21auth: Use calloc in ssh_userauth_agent_pubkey()Andreas Schneider1-2/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-20session: Free session->kbdint in ssh_free()Peter Volpe1-0/+4
Makes sure we free pending keyboard auth prompts so prompts that have not be replied to do not leak. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider1-4/+28
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13Revert "buffer: Create ssh_buffer_validate_length()"Andreas Schneider1-21/+3
This reverts commit 34bdc1ca7871e8e9258077411edd516c8de55299.
2017-04-13Revert "buffer: Validate the length before before memory allocation"Andreas Schneider1-19/+2
This reverts commit 57550e6211c19c634a319bed59d39b28d020dcd1.
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider1-3/+21
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Only use first occurence of each parameterAlex Hermann1-2/+11
ssh_config's manpage says: "For each parameter, the first obtained value will be used." Make libssh adhere to this rule. BUG: https://red.libssh.org/issues/256 Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Don't expand Host variableAlex Hermann1-7/+1
Tokens are not allowed (according to the manpage). Expansion was introduced by a wrong fix for #127. This commit reverts part of 6eea08a9ef Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Support expansion in the HostName variableAlex Hermann1-1/+6
BUG: https://red.libssh.org/issues/127 The original "fix" for 127 was expanding the wrong variable: Host instead of HostName. Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11session: Add SSH1 support in ssh_send_debug()Yanis Kurganov1-6/+16
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11session: Add SSH1 support in ssh_send_ignore()Yanis Kurganov1-2/+9
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11server: Add option SSH_BIND_OPTIONS_IMPORT_KEY to serverAlfredo Mazzinghi2-6/+57
This sets the bind private key directly from an ssh_key struct instead of reading a file. Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11messages: Utilize the message queue for SSH_REQUEST_GLOBAL.Max Bachmann1-2/+4
Signed-off-by: Max Bachmann <mabahltm@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-23libcrypto-compat: Check if EVP_CIPHER_CTX_new is neededAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-06buffer: Use calloc to allocate a zero'ed bufferAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-03pki: Use byte mode for fopen()Andreas Schneider1-2/+2
BUG: https://red.libssh.org/issues/251 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix freeing of ECDSA signatures.Justus Winter1-1/+1
* src/pki.c (ssh_signature_free): Fix test for ECC using gcrypt. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix memory leak.Justus Winter1-0/+4
* src/pki_gcrypt.c (pki_key_ecdsa_to_nid): Release 'sexp'. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-08cmake: Only build libcrypto and libcrypto-compat when neededAndreas Schneider2-9/+4
This also fixes the gcrypt build. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07cmake: Use configure check for CRYPTO_ctr128_encryptAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07threads: Use new API call for OpenSSL CRYPTO THREADIDAndreas Schneider1-2/+17
BUG: https://red.libssh.org/issues/222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07pki_crypto: Use getters and setters for opaque keys and signaturesJakub Jelen1-92/+203
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use a pointer for EVP_CIPHER_CTXJakub Jelen2-9/+17
This has been made opaque and it needs to be a pointer. This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use a pointer for EVP_MD_CTXJakub Jelen1-5/+6
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use newer API for HMACJakub Jelen1-8/+9
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Introduce a libcrypto compat fileJakub Jelen3-0/+378
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Remove AES_ctr128_encrypt()Jakub Jelen1-0/+4
This is for OpenSSL 1.1.0. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07misc: Use simpler macros for htonll and ntohllAndreas Schneider1-17/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06log: Add missing config.h includeAndreas Schneider1-1/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06cmake: Check for io.h on WindowsAndreas Schneider3-7/+7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06cmake: Correctly check for sys/[u]time.hAndreas Schneider3-8/+11
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06doc: Improve documentation for ssh_set_auth_methods()Andreas Schneider1-6/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06bcrypt: Fix type of shalenAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06pki_ed25519: Do paranoia checks before we allocate memoryAndreas Schneider1-5/+7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05callbacks: Add support for MSVCAndreas Schneider2-8/+17
__typeof__ is GCC specific Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05connector: Fix build with Visual StudioAndreas Schneider1-0/+14
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05options: Fix log level documentationAndreas Schneider1-4/+4
BUG: https://red.libssh.org/issues/210 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>