aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-07-18misc: relax fatal errors in ssh_analyze_bannerJon Simons1-10/+7
Relax the cases where `ssh_analyze_banner` fails to extract a major and minor version from banners which appear like OpenSSH banners. Update the tests to demonstrate that now a banner as might be sent by `ssh-keyscan(1)` ("SSH-2.0-OpenSSH-keyscan") no longer returns failure. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: move EVP_CIPHER_CTX_free call to libcrypto.cJon Simons2-6/+3
With this change, a HAVE_LIBCRYPTO #ifdef is removed from wrapper.c. Now, the libcrypto-specific logic for EVP_CIPHER_CTX_free is moved into the ssh_cipher_struct cleanup callback handler for those ciphers. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: fix gcrypt build error in ssh_cipher_clearJon Simons1-5/+7
Fix a gcrypt build error introduced with 48e7b098f86207f8596651b5ba8242a3b834a868. The ssh_cipher_struct only contains a `ctx` field on the libcrypto builds, so it can't be referenced unless within HAVE_LIBCRYPTO. This build fix preserves the original spirit of the change in 48e7b098f86207f8596651b5ba8242a3b834a868: only call `EVP_CIPHER_CTX_free` when `cipher->ctx` is non-NULL. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18wrapper: fix 4-space indentation in ssh_cipher_clearJon Simons1-15/+15
Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13misc: fix error-checking in ssh_analyze_bannerJon Simons1-7/+18
Fix error-checking for `strtoul` in `ssh_analyze_banner`, and enable some tests which demonstrate the fix before-and-after. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13misc: reindent ssh_analyze_banner, update docsJon Simons1-81/+79
No changes to code, only whitespace indentation and an update to the function docs. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13libcrypto: fix resource leak in hmac_finalJon Simons1-1/+2
Fix a resource leak in `hmac_final`: say `HMAC_CTX_free` instead of `HMAC_CTX_reset`. This matches the error handling as done in `hmac_init`. Introduced with cf1e808e2ffa1f26644fb5d2cb82a919f323deba. The problem is reproducible running the `pkd_hello` test with: valgrind --leak-check=full ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default Resolves https://red.libssh.org/issues/252. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13libcrypto-compat: fix HMAC_CTX_free for OpenSSL < 1.1.0Jon Simons1-0/+2
On older OpenSSL versions, the EVP_MD_CTX fields within an HMAC_CTX structure are contained inlined (change here [1]): be sure to not try to free those fields on those builds. Found running the `pkd_hello` test with: valgrind ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default ^ valgrind will cite "Invalid free() ..." errors which are present before this fix and absent after, when building with OpenSSL 1.0.1. [1] https://github.com/openssl/openssl/commit/6e59a892db781658c050e5217127c4147c116ac9 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-28misc: Use strtoul in ssh_analyze_banner()Andreas Schneider1-1/+1
Thanks to Tilo Eckert. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-08config: fix buffer underflow with unrecognized opcodesAris Adamantiadis1-1/+1
2017-06-06misc: Do not fall through and return a valueAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-06-06wrapper: Fix possible crash in ssh_handle_key_exchange()debevv1-4/+6
If ssh_handle_key_exchange() fails, when ssh_free() is called cipher->ctx is NULL. Signed-off-by: debevv <valerio@sonicpengu.in>
2017-06-06config: Bugfix: Don't skip unseen opcodesArtyom V. Poptsov1-1/+1
libssh fails to read the configuration from a config file due to a wrong check in 'ssh_config_parse_line' procedure in 'config.c'; it's effectively skipping every opcode (and therefore every option) from the file. The change fixes that behaviour. Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-26messages: Make sure we always free the answers pointerAndreas Schneider1-2/+2
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1272 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-25messages: Do not leak memory of previously allocated answersAndreas Schneider1-2/+9
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-24messages: Do not leak memory if answeres had been allocated previouslyAndreas Schneider1-0/+1
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Do not leak memory if answered had been allocated previouslyAndreas Schneider1-2/+3
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1184 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21misc: Validate integers converted from the SSH bannerAndreas Schneider1-2/+16
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1181 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21messages: Fix memory leaks in the ssh_packet_global_request callbackAndreas Schneider1-0/+2
BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1208 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-21auth: Use calloc in ssh_userauth_agent_pubkey()Andreas Schneider1-2/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-20session: Free session->kbdint in ssh_free()Peter Volpe1-0/+4
Makes sure we free pending keyboard auth prompts so prompts that have not be replied to do not leak. Signed-off-by: Peter Volpe <pvolpe@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider1-4/+28
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13Revert "buffer: Create ssh_buffer_validate_length()"Andreas Schneider1-21/+3
This reverts commit 34bdc1ca7871e8e9258077411edd516c8de55299.
2017-04-13Revert "buffer: Validate the length before before memory allocation"Andreas Schneider1-19/+2
This reverts commit 57550e6211c19c634a319bed59d39b28d020dcd1.
2017-04-13buffer: Validate the length before before memory allocationAndreas Schneider1-2/+19
Check if the size the other party sent is a valid size in the transmitted buffer. Thanks to Alex Gaynor for finding and reporting the issue. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13buffer: Create ssh_buffer_validate_length()Andreas Schneider1-3/+21
This functions allows if a given length can be obtained from the buffer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Only use first occurence of each parameterAlex Hermann1-2/+11
ssh_config's manpage says: "For each parameter, the first obtained value will be used." Make libssh adhere to this rule. BUG: https://red.libssh.org/issues/256 Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Don't expand Host variableAlex Hermann1-7/+1
Tokens are not allowed (according to the manpage). Expansion was introduced by a wrong fix for #127. This commit reverts part of 6eea08a9ef Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-13config: Support expansion in the HostName variableAlex Hermann1-1/+6
BUG: https://red.libssh.org/issues/127 The original "fix" for 127 was expanding the wrong variable: Host instead of HostName. Signed-off-by: Alex Hermann <alex@hexla.nl> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11session: Add SSH1 support in ssh_send_debug()Yanis Kurganov1-6/+16
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11session: Add SSH1 support in ssh_send_ignore()Yanis Kurganov1-2/+9
Signed-off-by: Yanis Kurganov <ykurganov@ptsecurity.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-11server: Add option SSH_BIND_OPTIONS_IMPORT_KEY to serverAlfredo Mazzinghi2-6/+57
This sets the bind private key directly from an ssh_key struct instead of reading a file. Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11messages: Utilize the message queue for SSH_REQUEST_GLOBAL.Max Bachmann1-2/+4
Signed-off-by: Max Bachmann <mabahltm@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-23libcrypto-compat: Check if EVP_CIPHER_CTX_new is neededAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-06buffer: Use calloc to allocate a zero'ed bufferAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-02-03pki: Use byte mode for fopen()Andreas Schneider1-2/+2
BUG: https://red.libssh.org/issues/251 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix freeing of ECDSA signatures.Justus Winter1-1/+1
* src/pki.c (ssh_signature_free): Fix test for ECC using gcrypt. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix memory leak.Justus Winter1-0/+4
* src/pki_gcrypt.c (pki_key_ecdsa_to_nid): Release 'sexp'. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-08cmake: Only build libcrypto and libcrypto-compat when neededAndreas Schneider2-9/+4
This also fixes the gcrypt build. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07cmake: Use configure check for CRYPTO_ctr128_encryptAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07threads: Use new API call for OpenSSL CRYPTO THREADIDAndreas Schneider1-2/+17
BUG: https://red.libssh.org/issues/222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07pki_crypto: Use getters and setters for opaque keys and signaturesJakub Jelen1-92/+203
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use a pointer for EVP_CIPHER_CTXJakub Jelen2-9/+17
This has been made opaque and it needs to be a pointer. This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use a pointer for EVP_MD_CTXJakub Jelen1-5/+6
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Use newer API for HMACJakub Jelen1-8/+9
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Introduce a libcrypto compat fileJakub Jelen3-0/+378
This is for OpenSSL 1.1.0 support. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07libcrypto: Remove AES_ctr128_encrypt()Jakub Jelen1-0/+4
This is for OpenSSL 1.1.0. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07misc: Use simpler macros for htonll and ntohllAndreas Schneider1-17/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06log: Add missing config.h includeAndreas Schneider1-1/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>