aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2018-10-19gitlab-ci: Add static analysis with csbuildmaster-static-analysisAndreas Schneider1-0/+20
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Improve asserts in torture_pki_ecdsaAndreas Schneider1-3/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Init pubkey string with NULL in torture_keyfilesAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Fix pointer arithmetic in torture_pki_*_publickey_base64Andreas Schneider4-16/+32
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Init cipher structure in thread_crypto_aes256_cbc()Andreas Schneider1-1/+19
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19legacy: Fix possible null pointer dereferenceAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19buffer: Fix size comparison with countAndreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Use SSH_MESSAGE_FREEAndreas Schneider1-12/+11
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Add SSH_MESSAGE_FREEAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Rework ssh_message_queue()Andreas Schneider1-30/+43
Return early and make it easier to understand. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Use calloc in ssh_message_new()Andreas Schneider1-8/+9
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Make ssh_message_queue() staticAndreas Schneider2-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19exmpales: Init rc in ssh_server_forkAndreas Schneider1-1/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19examples: Zero fds in sshnetcatAndreas Schneider2-0/+5
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19pki: Add NULL check in ssh_pki_key_ecdsa_name()Andreas Schneider1-1/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19pki_crypto: Mark iqmp as unusedAndreas Schneider2-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19pki: Remove superfluous statementAndreas Schneider1-1/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19pki: Add log message on error in ssh_pki_openssh_import()Andreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19gssapi: Check return code of gss_indicate_mechs()Andreas Schneider1-0/+9
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19gssapi: Ignore return codes of gss_release_buffer()Andreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19packet: Do not segfault if we don't have packet_second_blockAndreas Schneider1-22/+32
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19packet: Add missing null pointer check in ssh_packet_socket_callback()Andreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19wrapper: Fix size type and loops in crypt_set_algorithms_server()Andreas Schneider1-21/+17
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19wrapper: Fix size type in crypt_set_algorithms2()Andreas Schneider1-3/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19wrapper: Reformat crypt_set_algorithms2()Andreas Schneider1-121/+153
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Log message if callback for window change failsAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Log message if sending reply failsAndreas Schneider1-0/+5
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Some cleanup for ssh_packet_service_requestAndreas Schneider1-13/+10
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19messages: Reformat ssh_packet_service_request()Andreas Schneider1-28/+35
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19connect: Zero the origfds structAndreas Schneider1-0/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19client: Remove superfluous strlen()Andreas Schneider1-1/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19channels: Check return code of ssh_packet_send()Andreas Schneider1-0/+3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19channels: Reformat ssh_channel_send_eof()Andreas Schneider1-29/+30
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19channels: Check return of ssh_buffer_unpack()Andreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19libsshpp: Pass username and submethods to ssh_userauth_kbdint()Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19include: Fix HAVE_<FEATURE> checks in pki.hAndreas Schneider1-11/+11
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19cmake: Fix -Wattributes check in ConfigureChecks.cmakeAndreas Schneider1-5/+5
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19gitlab-ci: Fix -DWITH_PCAP=ONAndreas Schneider1-15/+15
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Verify we can authenticate using ed25519 keyJakub Jelen4-5/+110
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Global known_hosts are used for host key verificationJakub Jelen1-0/+64
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19knownhosts: Consult also the global known hosts fileJakub Jelen2-16/+110
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19options: Set the global known_hosts fileJakub Jelen1-0/+11
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Verify the hostkey ordering for negotiation is correctJakub Jelen3-1/+32
Previously, not all of the host keys algorithms were used for algorithm negotiation. This verifies the algorithms list is sane and ordered with the key types from known hosts in the first place. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Generate valid known_hosts file, fixing the current testJakub Jelen1-15/+28
Previously, the file contained the known_hosts strings separated by NULL bytes which somehow magically worked. The test was also expecting all the keys from the file will have the same key type, which was not indeed true. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Verify the ecdsa key types are handled correctlyJakub Jelen1-1/+12
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19kex: Use all supported hostkey algorithms for negotiationJakub Jelen1-3/+30
Previously, only the algorithms we had a keys for in known_hosts were used, which could lead to no-matching algorithms errors if the one key we used to depend on was removed from the server. This commit adds also the other algorithms, but lists them only after all the key types we have in known_hosts file. Resolves: T105 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19kex: Honor more host key algorithms than the first one (ssh-ed25519)Jakub Jelen1-3/+1
The code as it was written used only the first algorithm from preferred_hostkeys array and compared it with the list returned from the known hosts. This commit is fixing the code so we actually compare each of the algorithms from both of the lists and returns the intersection. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19knownhosts: Use the correct name for ECDSA keys for host key negotiationJakub Jelen1-3/+1
The conversion from ssh_keytype_e to string does not work for ECDSA keys, because different key lengths have different string representation. The usage of type_c should work also for every other key type in future, but it does not reflrect different signature types (SHA2 extension for RSA keys), but this early in the key exchange phase, we can not make any assumptions about supported extensions by the server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Do not trace sshdJakub Jelen1-1/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19libsshpp: Use ssh_session_update_known_hosts()Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 16:38:50 +0000