Feed All Stories

Yesterday

asn committed rLIBSSH4aeb0cfd9ce4: server: Fix session pubkey import (authored by asn).
server: Fix session pubkey import
Fri, Apr 20, 1:51 PM

Wed, Apr 18

asn committed rLIBSSHbe414423d747: Introduce a gitlab CI for centos7, debian and Fedora (authored by nmav).
Introduce a gitlab CI for centos7, debian and Fedora
Wed, Apr 18, 11:01 AM
asn committed rLIBSSHabd1a1f372c0: README: Added markdown readmine with gitlab CI badge (authored by nmav).
README: Added markdown readmine with gitlab CI badge
Wed, Apr 18, 11:01 AM
asn committed rLIBSSHc705fb6e3bef: kex1: Add missing NULL check in make_rsa1_string() (authored by asn).
kex1: Add missing NULL check in make_rsa1_string()
Wed, Apr 18, 10:36 AM
asn committed rLIBSSH1a36aa21ba7e: packet_cb: Fix the if check in ssh_packet_newkeys() (authored by asn).
packet_cb: Fix the if check in ssh_packet_newkeys()
Wed, Apr 18, 10:36 AM
asn committed rLIBSSHc2f8010b6003: known_hosts: Do not leak pubkey_buffer in check_public_key() (authored by asn).
known_hosts: Do not leak pubkey_buffer in check_public_key()
Wed, Apr 18, 10:36 AM
asn committed rLIBSSH64985f7beac7: server: Do not leak pubkey_blob in ssh_get_key_params() (authored by asn).
server: Do not leak pubkey_blob in ssh_get_key_params()
Wed, Apr 18, 10:36 AM
asn committed rLIBSSH3f562ee5861f: buffer: Do not call explicit_bzero with null arguments (authored by nmav).
buffer: Do not call explicit_bzero with null arguments
Wed, Apr 18, 10:36 AM
asn committed rLIBSSHeb796b4bbb86: buffer: Do not call memcpy with null arguments (authored by nmav).
buffer: Do not call memcpy with null arguments
Wed, Apr 18, 10:36 AM
asn committed rLIBSSH87b8d232bd52: buffer: Apply coding style to ssh_buffer_reinit() (authored by asn).
buffer: Apply coding style to ssh_buffer_reinit()
Wed, Apr 18, 10:36 AM
asn committed rLIBSSH6f1f8d2bdbe4: buffer: Apply coding style to realloc_buffer() (authored by asn).
buffer: Apply coding style to realloc_buffer()
Wed, Apr 18, 10:36 AM

Tue, Apr 17

asn committed rLIBSSHa95bc8a01636: kex1: Use libcrypto-compat.h for RSA_get0_key with OpenSSL (authored by nmav).
kex1: Use libcrypto-compat.h for RSA_get0_key with OpenSSL
Tue, Apr 17, 6:32 PM
asn committed rLIBSSHf3a19d8c963a: torture_path_expand_tilde_unix: use getpwuid() if no env variables (authored by nmav).
torture_path_expand_tilde_unix: use getpwuid() if no env variables
Tue, Apr 17, 6:32 PM

Mon, Apr 16

epertinez triaged T89: SFTP transfers handled by kio_sftp are much slower than those handled by scp as High priority.
Mon, Apr 16, 2:56 PM
tuxmaster created T88: Unable to connect etm mac's only servers.
Mon, Apr 16, 2:24 PM

Tue, Apr 10

asn committed rLIBSSHe005fd310f61: Fix ssh_event_add_session() when session socket has two pollhandlers (authored by mengtan).
Fix ssh_event_add_session() when session socket has two pollhandlers
Tue, Apr 10, 12:16 PM
asn committed rLIBSSH6026fc80369b: cmake: Fix libfuzzer linking with clang6 (authored by asn).
cmake: Fix libfuzzer linking with clang6
Tue, Apr 10, 12:16 PM
asn committed rLIBSSHfb2fefb3c659: channels: add ssh_channel_request_send_break to support RFC 4335 (authored by Axel Eppe <aeppe@google.com>).
channels: add ssh_channel_request_send_break to support RFC 4335
Tue, Apr 10, 12:16 PM

Mon, Apr 9

antenore added a comment to T34: Add support for cert-authority.

Thank you Andreas!

Mon, Apr 9, 1:19 AM · Restricted Project
antenore awarded T34: Add support for cert-authority a Party Time token.
Mon, Apr 9, 1:17 AM · Restricted Project

Wed, Mar 28

asn committed rLIBSSH2cc5b5865c9e: kex1: Use new dh pubkey import functions (authored by asn).
kex1: Use new dh pubkey import functions
Wed, Mar 28, 10:42 AM
asn committed rLIBSSH1247ba3398ed: channels1: Add missing config.h include (authored by asn).
channels1: Add missing config.h include
Wed, Mar 28, 10:42 AM
asn committed rLIBSSH8d65edb41f8e: kex1: Fix building with OpenSSL 1.1+ (authored by asn).
kex1: Fix building with OpenSSL 1.1+
Wed, Mar 28, 10:42 AM

Mar 21 2018

asn committed rLIBSSHbe22c0d442a1: Add a NODELAY option (authored by albaguirre).
Add a NODELAY option
Mar 21 2018, 9:26 PM
asn committed rLIBSSH467d78a442a0: tests: Fix mixed code compiler warning in torture_rand (authored by asn).
tests: Fix mixed code compiler warning in torture_rand
Mar 21 2018, 9:26 PM
asn committed rLIBSSHa4aeee972cc1: torture: Increase wait time for the sshd process to exit (authored by asn).
torture: Increase wait time for the sshd process to exit
Mar 21 2018, 9:26 PM
asn committed rLIBSSH16217454d576: crypto: Change the type of server_pubkey to ssh_key (authored by asn).
crypto: Change the type of server_pubkey to ssh_key
Mar 21 2018, 9:26 PM

Mar 13 2018

m.nasim added a comment to T85: missing cipher 'none'.
In T85#1236, @townsend wrote:

Hello,

I'm interested in trying this out, but I can't find your proposed patches anywhere. Could you make them available please?

Mar 13 2018, 5:19 PM

Mar 12 2018

asn committed rLIBSSH7e1e0e5098be: misc: Use SecureZeroMemory if available for explicit_bzero (authored by albaguirre).
misc: Use SecureZeroMemory if available for explicit_bzero
Mar 12 2018, 5:26 PM
asn committed rLIBSSH3fa0e3959ced: misc: Use memset_s if available for explicit_bzero (authored by albaguirre).
misc: Use memset_s if available for explicit_bzero
Mar 12 2018, 5:26 PM
asn committed rLIBSSHdd20253fec90: tests: fix OSX build errors when enabling tests (authored by albaguirre).
tests: fix OSX build errors when enabling tests
Mar 12 2018, 5:26 PM
asn committed rLIBSSH85ab4ee53a59: connector: ensure channel callbacks are removed (authored by albaguirre).
connector: ensure channel callbacks are removed
Mar 12 2018, 5:26 PM
asn committed rLIBSSH25f31760aacd: connector: Check for POLLHUP on in_fd (authored by albaguirre).
connector: Check for POLLHUP on in_fd
Mar 12 2018, 5:26 PM
asn committed rLIBSSHd11869bdb6df: pki: Add mbedTLS ECDSA key comparison support (authored by jvijtiuk).
pki: Add mbedTLS ECDSA key comparison support
Mar 12 2018, 5:25 PM
asn committed rLIBSSHbba40abc7603: priv: Fix explicit_bzero macro if we pass a function (authored by asn).
priv: Fix explicit_bzero macro if we pass a function
Mar 12 2018, 5:25 PM
asn committed rLIBSSH0c126434660b: sftp: Remove stray semi-colon in sftp.h header (authored by albaguirre).
sftp: Remove stray semi-colon in sftp.h header
Mar 12 2018, 5:25 PM
asn committed rLIBSSH81847bf5135d: priv: Implement explicit_bzero as a function if not available (authored by asn).
priv: Implement explicit_bzero as a function if not available
Mar 12 2018, 5:25 PM
townsend added a comment to T85: missing cipher 'none'.

I'm interested in trying this out, but I can't find your proposed patches anywhere. Could you make them available please?

Mar 12 2018, 5:25 PM
m.nasim lowered the priority of T87: raising security in libssh from Normal to Wishlist.
Mar 12 2018, 5:25 PM
m.nasim lowered the priority of T86: adding twofish cipher from Normal to Wishlist.
Mar 12 2018, 5:25 PM

Feb 21 2018

m.nasim updated the task description for T87: raising security in libssh.
Feb 21 2018, 9:31 PM
m.nasim triaged T87: raising security in libssh as Normal priority.
Feb 21 2018, 9:26 PM
m.nasim updated the task description for T86: adding twofish cipher.
Feb 21 2018, 9:18 PM
m.nasim triaged T86: adding twofish cipher as Normal priority.
Feb 21 2018, 9:16 PM
m.nasim triaged T85: missing cipher 'none' as Normal priority.
Feb 21 2018, 9:00 PM

Feb 16 2018

asn committed rLIBSSH1319d2ceb27b: cmake: Mark LIBSSH_LIBRARIES and LIBSSH_INCLUDE_DIR as advanced (authored by asn).
cmake: Mark LIBSSH_LIBRARIES and LIBSSH_INCLUDE_DIR as advanced
Feb 16 2018, 5:14 PM
asn committed rLIBSSHcc1f4967415e: pki: Use explicit_bzero() to wipe privkey in memory (authored by asn).
pki: Use explicit_bzero() to wipe privkey in memory
Feb 16 2018, 5:14 PM
jiriprchal created T84: sftp connect don't read ~/.ssh/config correctly.
Feb 16 2018, 2:14 PM · Restricted Project

Feb 12 2018

asn committed rLIBSSH963111b836af: tests: Fix segfault with mbedTLS built without threading support (authored by jvijtiuk).
tests: Fix segfault with mbedTLS built without threading support
Feb 12 2018, 8:06 PM
asn committed rLIBSSHebcff9fd630f: src: Use explicit_bzero() if available on the platform (authored by asn).
src: Use explicit_bzero() if available on the platform
Feb 12 2018, 3:10 PM

Feb 4 2018

albaguirre created T83: ssh_connector_free does not remove callbacks.
Feb 4 2018, 8:41 PM
albaguirre added a comment to T81: ssh_connector_fd_cb() does not check for POLLHUP for in_fd.

To add some more detail..

Feb 4 2018, 8:34 PM · Restricted Project
asn committed rLIBSSH25ff1214a405: cmake: Build ssh_server_fuzzer if enabled (authored by asn).
cmake: Build ssh_server_fuzzer if enabled
Feb 4 2018, 2:41 PM
asn committed rLIBSSHd84b0926f0ff: tests: Added a fuzzer for the server (authored by Alex Gaynor <alex.gaynor@gmail.com>).
tests: Added a fuzzer for the server
Feb 4 2018, 2:41 PM
asn added a commit to T67: move code for fuzzing from oss-fuzz repo to libssh fuzz: rLIBSSH25ff1214a405: cmake: Build ssh_server_fuzzer if enabled.
Feb 4 2018, 2:41 PM · Restricted Project
asn closed T67: move code for fuzzing from oss-fuzz repo to libssh fuzz as Resolved by committing rLIBSSHd84b0926f0ff: tests: Added a fuzzer for the server.
Feb 4 2018, 2:41 PM · Restricted Project

Feb 1 2018

asn committed rLIBSSHf19158cadf99: Set channel as bound when accepting channel open request (authored by Meng Tan <mtan@mta.corp.wallix.com>).
Set channel as bound when accepting channel open request
Feb 1 2018, 6:32 PM

Jan 31 2018

townsend added a project to T81: ssh_connector_fd_cb() does not check for POLLHUP for in_fd: Restricted Project.
Jan 31 2018, 9:20 PM · Restricted Project

Jan 29 2018

asn committed rLIBSSH459677e20e92: libssh: Bump the version to 0.7.90 (authored by asn).
libssh: Bump the version to 0.7.90
Jan 29 2018, 9:02 PM

Jan 25 2018

townsend updated the task description for T81: ssh_connector_fd_cb() does not check for POLLHUP for in_fd.
Jan 25 2018, 2:17 PM · Restricted Project
opoplawski created T82: SSH_AUTH_PARTIAL not handled properly.
Jan 25 2018, 12:36 AM · Restricted Project

Jan 19 2018

townsend created T81: ssh_connector_fd_cb() does not check for POLLHUP for in_fd.
Jan 19 2018, 9:23 PM · Restricted Project
asn changed the visibility for T59: allow use of memory-only keys for ssh_bind/hostkey.
Jan 19 2018, 10:27 AM · Restricted Project
asn changed the visibility for T56: Bad authentication state after failed GSSAPI authentication.
Jan 19 2018, 10:27 AM · Restricted Project

Jan 18 2018

asn committed rLIBSSH43bd7b6eeee8: dh: Use calloc() instead of malloc() (authored by asn).
dh: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSHd7c47f529f2f: pki_gcrypt: Use calloc() instead of malloc() (authored by asn).
pki_gcrypt: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSH2cff66c15577: threads: Use calloc() instead of malloc() (authored by asn).
threads: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSH78ce67f57973: sftpserver: Use calloc() instead of malloc() (authored by asn).
sftpserver: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSH2fb8198c4883: server: Use calloc() instead of malloc() (authored by asn).
server: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSH2ea3683347e3: kex: Use calloc() instead of malloc() (authored by asn).
kex: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSHef4a81ea0c5e: auth: Use calloc() instead of malloc() (authored by asn).
auth: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn committed rLIBSSHaaeb938ca4c8: channels: Use calloc() instead of malloc() (authored by asn).
channels: Use calloc() instead of malloc()
Jan 18 2018, 7:03 PM
asn closed T34: Add support for cert-authority as Resolved.

Fixed in master for DSA and RSA

Jan 18 2018, 7:03 PM · Restricted Project

Jan 10 2018

asn committed rLIBSSHe9073a6bdb4d: torture_pki_ed25519: Add tests for private key with passphrase (authored by asn).
torture_pki_ed25519: Add tests for private key with passphrase
Jan 10 2018, 10:49 PM
asn committed rLIBSSH9086d5ca3398: torture_pki_ecdsa: Add tests for private key with passphrase (authored by asn).
torture_pki_ecdsa: Add tests for private key with passphrase
Jan 10 2018, 10:49 PM
asn committed rLIBSSH3c65057fadac: torture_key: Add ecdsa keys with passphrase (authored by asn).
torture_key: Add ecdsa keys with passphrase
Jan 10 2018, 10:49 PM
asn committed rLIBSSHf9b1dece418e: torture_pki_dsa: Add tests for private key with passphrase (authored by asn).
torture_pki_dsa: Add tests for private key with passphrase
Jan 10 2018, 10:49 PM
asn committed rLIBSSHf7a2330de7fe: torture_pki_rsa: Add tests for private key with passphrase (authored by asn).
torture_pki_rsa: Add tests for private key with passphrase
Jan 10 2018, 10:49 PM
asn committed rLIBSSHb0af81271023: tests: Move torture keys to own file (authored by asn).
tests: Move torture keys to own file
Jan 10 2018, 10:49 PM
asn committed rLIBSSH67b8f3d6dfa2: pki_crypto: Fix private key generation with password (authored by asn).
pki_crypto: Fix private key generation with password
Jan 10 2018, 10:49 PM
asn committed rLIBSSHd13a17a27ca6: cmake: Move ed25519 tests into unix part (authored by asn).
cmake: Move ed25519 tests into unix part
Jan 10 2018, 10:49 PM
asn committed rLIBSSHddfc36aa568e: tests: Move rsa tests to own test file (authored by asn).
tests: Move rsa tests to own test file
Jan 10 2018, 10:49 PM
asn committed rLIBSSHa5997d180dfb: tests: Remove obsolete setup_both_keys() (authored by asn).
tests: Remove obsolete setup_both_keys()
Jan 10 2018, 10:49 PM
asn committed rLIBSSH51875db70ca0: tests: Move ed25519 functions to the right file (authored by asn).
tests: Move ed25519 functions to the right file
Jan 10 2018, 10:49 PM
asn committed rLIBSSH5ad7da7fd20b: tests: Move ecdsa tests to own test file (authored by asn).
tests: Move ecdsa tests to own test file
Jan 10 2018, 10:49 PM
asn committed rLIBSSH59308bc269c9: tests: Move dsa tests to own test file (authored by asn).
tests: Move dsa tests to own test file
Jan 10 2018, 10:49 PM
asn committed rLIBSSHfd2ef07f3728: tests: Move helper functions to a common file (authored by asn).
tests: Move helper functions to a common file
Jan 10 2018, 10:49 PM
asn committed rLIBSSHe19163eabb03: libgcrypt: Add missing config.h include (authored by asn).
libgcrypt: Add missing config.h include
Jan 10 2018, 10:49 PM
asn committed rLIBSSH37acd3eca80a: torture: Give sshd more time to start up (authored by asn).
torture: Give sshd more time to start up
Jan 10 2018, 10:48 PM
asn closed T80: torture_config_new test fails due to invalid session time out value caused by int pointer to long pointer cast as Resolved.

Fixed with c3c492a190475a96bddcfe3a10da74f7a0e0baba

Jan 10 2018, 4:58 PM

Jan 4 2018

asn committed rLIBSSHcc13e8520255: tests: Fix torture_pki with libcrypto (authored by asn).
tests: Fix torture_pki with libcrypto
Jan 4 2018, 3:38 PM

Jan 2 2018

asn committed rLIBSSH720739bc2a7e: Happy new year! (authored by asn).
Happy new year!
Jan 2 2018, 8:18 AM

Dec 28 2017

asn committed rLIBSSHea99215664ab: pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built… (authored by jvijtiuk).
pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built…
Dec 28 2017, 8:47 PM
asn closed D13: pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC.
Dec 28 2017, 8:47 PM
asn committed rLIBSSHc3c492a19047: config: Avoid long -> int -> long casting for timeout configuration option (authored by Jakuje).
config: Avoid long -> int -> long casting for timeout configuration option
Dec 28 2017, 8:44 PM
asn committed rLIBSSH778652460f7c: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Dec 28 2017, 11:18 AM
asn committed rLIBSSH5c3b1ee0a427: options: Rewrite set() description to get() (authored by Jakuje).
options: Rewrite set() description to get()
Dec 28 2017, 11:18 AM
asn committed rLIBSSHfd4e7b9b42df: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Dec 28 2017, 11:17 AM
asn committed rLIBSSHe51e1a7578e2: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Dec 28 2017, 11:17 AM
asn closed D1: add mbedtls crypto support.
Dec 28 2017, 11:17 AM