Feed All Stories

Fri, Jan 19

townsend created T81: ssh_connector_fd_cb() does not check for POLLHUP for in_fd.
Fri, Jan 19, 9:23 PM
asn changed the visibility for T59: allow use of memory-only keys for ssh_bind/hostkey.
Fri, Jan 19, 10:27 AM · Restricted Project
asn changed the visibility for T56: Bad authentication state after failed GSSAPI authentication.
Fri, Jan 19, 10:27 AM · Restricted Project

Thu, Jan 18

asn committed rLIBSSH43bd7b6eeee8: dh: Use calloc() instead of malloc() (authored by asn).
dh: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSHd7c47f529f2f: pki_gcrypt: Use calloc() instead of malloc() (authored by asn).
pki_gcrypt: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSH2cff66c15577: threads: Use calloc() instead of malloc() (authored by asn).
threads: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSH78ce67f57973: sftpserver: Use calloc() instead of malloc() (authored by asn).
sftpserver: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSH2fb8198c4883: server: Use calloc() instead of malloc() (authored by asn).
server: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSH2ea3683347e3: kex: Use calloc() instead of malloc() (authored by asn).
kex: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSHef4a81ea0c5e: auth: Use calloc() instead of malloc() (authored by asn).
auth: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn committed rLIBSSHaaeb938ca4c8: channels: Use calloc() instead of malloc() (authored by asn).
channels: Use calloc() instead of malloc()
Thu, Jan 18, 7:03 PM
asn closed T34: Add support for cert-authority as Resolved.

Fixed in master for DSA and RSA

Thu, Jan 18, 7:03 PM · Restricted Project

Wed, Jan 10

asn committed rLIBSSHe9073a6bdb4d: torture_pki_ed25519: Add tests for private key with passphrase (authored by asn).
torture_pki_ed25519: Add tests for private key with passphrase
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH9086d5ca3398: torture_pki_ecdsa: Add tests for private key with passphrase (authored by asn).
torture_pki_ecdsa: Add tests for private key with passphrase
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH3c65057fadac: torture_key: Add ecdsa keys with passphrase (authored by asn).
torture_key: Add ecdsa keys with passphrase
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHf9b1dece418e: torture_pki_dsa: Add tests for private key with passphrase (authored by asn).
torture_pki_dsa: Add tests for private key with passphrase
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHf7a2330de7fe: torture_pki_rsa: Add tests for private key with passphrase (authored by asn).
torture_pki_rsa: Add tests for private key with passphrase
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHb0af81271023: tests: Move torture keys to own file (authored by asn).
tests: Move torture keys to own file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH67b8f3d6dfa2: pki_crypto: Fix private key generation with password (authored by asn).
pki_crypto: Fix private key generation with password
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHd13a17a27ca6: cmake: Move ed25519 tests into unix part (authored by asn).
cmake: Move ed25519 tests into unix part
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHddfc36aa568e: tests: Move rsa tests to own test file (authored by asn).
tests: Move rsa tests to own test file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHa5997d180dfb: tests: Remove obsolete setup_both_keys() (authored by asn).
tests: Remove obsolete setup_both_keys()
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH51875db70ca0: tests: Move ed25519 functions to the right file (authored by asn).
tests: Move ed25519 functions to the right file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH5ad7da7fd20b: tests: Move ecdsa tests to own test file (authored by asn).
tests: Move ecdsa tests to own test file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH59308bc269c9: tests: Move dsa tests to own test file (authored by asn).
tests: Move dsa tests to own test file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHfd2ef07f3728: tests: Move helper functions to a common file (authored by asn).
tests: Move helper functions to a common file
Wed, Jan 10, 10:49 PM
asn committed rLIBSSHe19163eabb03: libgcrypt: Add missing config.h include (authored by asn).
libgcrypt: Add missing config.h include
Wed, Jan 10, 10:49 PM
asn committed rLIBSSH37acd3eca80a: torture: Give sshd more time to start up (authored by asn).
torture: Give sshd more time to start up
Wed, Jan 10, 10:48 PM
asn closed T80: torture_config_new test fails due to invalid session time out value caused by int pointer to long pointer cast as Resolved.

Fixed with c3c492a190475a96bddcfe3a10da74f7a0e0baba

Wed, Jan 10, 4:58 PM

Thu, Jan 4

asn committed rLIBSSHcc13e8520255: tests: Fix torture_pki with libcrypto (authored by asn).
tests: Fix torture_pki with libcrypto
Thu, Jan 4, 3:38 PM

Tue, Jan 2

asn committed rLIBSSH720739bc2a7e: Happy new year! (authored by asn).
Happy new year!
Tue, Jan 2, 8:18 AM

Thu, Dec 28

asn committed rLIBSSHea99215664ab: pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built… (authored by jvijtiuk).
pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built…
Thu, Dec 28, 8:47 PM
This revision was not accepted when it landed; it landed in state Needs Review.
Thu, Dec 28, 8:47 PM
asn committed rLIBSSHc3c492a19047: config: Avoid long -> int -> long casting for timeout configuration option (authored by Jakuje).
config: Avoid long -> int -> long casting for timeout configuration option
Thu, Dec 28, 8:44 PM
asn committed rLIBSSH778652460f7c: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Thu, Dec 28, 11:18 AM
asn committed rLIBSSH5c3b1ee0a427: options: Rewrite set() description to get() (authored by Jakuje).
options: Rewrite set() description to get()
Thu, Dec 28, 11:18 AM
asn committed rLIBSSHfd4e7b9b42df: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Thu, Dec 28, 11:17 AM
asn committed rLIBSSHe51e1a7578e2: add mbedtls crypto support (authored by jvijtiuk).
add mbedtls crypto support
Thu, Dec 28, 11:17 AM
asn closed D1: add mbedtls crypto support.
Thu, Dec 28, 11:17 AM
asn closed D1: add mbedtls crypto support.
Thu, Dec 28, 11:17 AM
asn accepted D1: add mbedtls crypto support.

I think we are good to go. Thanks for your contributions!

Thu, Dec 28, 11:15 AM

Wed, Dec 27

jvijtiuk updated the diff for D1: add mbedtls crypto support.
  • Add mbedtls drbg reseeding
  • Update README.mbedtls with info for ssh_key_cmp
  • Remove redundant comment on make_ecpoint mbedTLS len hack that was removed.
Wed, Dec 27, 4:24 PM
jvijtiuk added a comment to T80: torture_config_new test fails due to invalid session time out value caused by int pointer to long pointer cast.

I see you are referencing that the fail was introduced by my commit, but it was just adding a test that uncovered this problem that existed for longer time (from 484564261?).

Yes, you are right, I should have worded that better, the torture_config_new test only made the bug visible.

Wed, Dec 27, 4:07 PM

Dec 24 2017

Jakuje added a comment to T80: torture_config_new test fails due to invalid session time out value caused by int pointer to long pointer cast.

Thank you for the bug report with verbose analysis of the problem. I see you are referencing that the fail was introduced by my commit, but it was just adding a test that uncovered this problem that existed for longer time (from 484564261?). Fortunately, this is not very common configuration option from my experience so there was probably not a lot harm caused so far.

Dec 24 2017, 12:16 AM

Dec 22 2017

jvijtiuk added a reviewer for D13: pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC: asn.
Dec 22 2017, 5:50 PM
jvijtiuk updated the summary of D13: pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC.
Dec 22 2017, 5:44 PM
jvijtiuk created T80: torture_config_new test fails due to invalid session time out value caused by int pointer to long pointer cast.
Dec 22 2017, 5:01 PM

Dec 21 2017

asn closed T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value) as Resolved.

Closing. Test to verify this is working correctly:

Dec 21 2017, 8:06 PM · Restricted Project
asn added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

The problem is time at the moment. There are two features missing for a release right now. One is the mbedtls support and the other is a new known_hosts API I'm working on. I need to find time to finish this. Hopefully in the next days. Normally I try to do a release around FOSDEM.

Dec 21 2017, 8:05 PM · Restricted Project
antenore added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

Ah! Yes, it makes sense!!! Good sight!

Dec 21 2017, 5:13 PM · Restricted Project
asn added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

I think that has just been fixed with the patches I committed today, see:

Dec 21 2017, 4:47 PM · Restricted Project
asn added a comment to D1: add mbedtls crypto support.

I've just commited a bigger patchset upstream. I think you need to rebase again. Sorry :-)

Dec 21 2017, 3:13 PM
asn committed rLIBSSH6047dc98d104: options: Rewrite set() description to get() (authored by Jakuje).
options: Rewrite set() description to get()
Dec 21 2017, 2:31 PM
asn committed rLIBSSH176b92a4f4a3: tests/client/algorithms: Respect global verbosity settings (authored by Jakuje).
tests/client/algorithms: Respect global verbosity settings
Dec 21 2017, 2:31 PM
asn committed rLIBSSH5fdfa8fe444b: docs: correction for importing key file (authored by eric-bentley).
docs: correction for importing key file
Dec 21 2017, 2:31 PM
asn committed rLIBSSH4dec2f989c41: options: Move SSH_OPTIONS_ADD_IDENTITY to *set() function description (authored by Jakuje).
options: Move SSH_OPTIONS_ADD_IDENTITY to *set() function description
Dec 21 2017, 2:31 PM
asn committed rLIBSSHafc6a4e97348: tests/config: Verify LogLevel from config is applied (authored by Jakuje).
tests/config: Verify LogLevel from config is applied
Dec 21 2017, 2:31 PM
asn committed rLIBSSH53d84abb1713: tests/config: Newly parsed options (authored by Jakuje).
tests/config: Newly parsed options
Dec 21 2017, 2:31 PM
asn committed rLIBSSHdab8985c05b7: tests/config: Enable and disable authentication methods (authored by Jakuje).
tests/config: Enable and disable authentication methods
Dec 21 2017, 2:31 PM
asn committed rLIBSSH0bd6ccc06669: tests/config: Verify known_hosts files are applied (authored by Jakuje).
tests/config: Verify known_hosts files are applied
Dec 21 2017, 2:31 PM
asn committed rLIBSSHb8e301ade328: config: Add CMake check for glob() (authored by Jakuje).
config: Add CMake check for glob()
Dec 21 2017, 2:31 PM
asn committed rLIBSSH5c7b8802f2be: tests: HostkeyAlgorithms passed from config to options (authored by Jakuje).
tests: HostkeyAlgorithms passed from config to options
Dec 21 2017, 2:31 PM
asn committed rLIBSSH99c5160cb5a1: config: glob support for include with test (authored by NoName115 <robert.kolcun@gmail.com>).
config: glob support for include with test
Dec 21 2017, 2:31 PM
asn committed rLIBSSH110da49504e5: config: support for MACs (authored by Jakuje).
config: support for MACs
Dec 21 2017, 2:31 PM
asn committed rLIBSSHf3754dc072df: tests/config: Text KexAlgorithms parsing in ssh_config (authored by Jakuje).
tests/config: Text KexAlgorithms parsing in ssh_config
Dec 21 2017, 2:30 PM
asn committed rLIBSSH78a3ab2eaa05: tests/options: Verify key exchange algorithms are set properly (authored by Jakuje).
tests/options: Verify key exchange algorithms are set properly
Dec 21 2017, 2:30 PM
asn committed rLIBSSH4da7985204fe: config: Set global log level from configuration file (authored by Jakuje).
config: Set global log level from configuration file
Dec 21 2017, 2:30 PM
asn committed rLIBSSH2a66c38efa3e: options: Typo. The expand character is %d (authored by Jakuje).
options: Typo. The expand character is %d
Dec 21 2017, 2:30 PM
asn committed rLIBSSH2e31dffdb75c: config: Remove MAC option (SSHv1) (authored by Jakuje).
config: Remove MAC option (SSHv1)
Dec 21 2017, 2:30 PM
asn committed rLIBSSH88e43d250220: config: Add configuration options from current OpenSSH 7.5 (and fix typos) (authored by Jakuje).
config: Add configuration options from current OpenSSH 7.5 (and fix typos)
Dec 21 2017, 2:30 PM
asn committed rLIBSSH4166bb2a2655: options: Document SSH_OPTIONS_GLOBAL_KNOWNHOSTS and set default value (authored by Jakuje).
options: Document SSH_OPTIONS_GLOBAL_KNOWNHOSTS and set default value
Dec 21 2017, 2:30 PM
asn committed rLIBSSH094aa5eb0245: tests: Temporarily build chroot_wrapper (authored by Jakuje).
tests: Temporarily build chroot_wrapper
Dec 21 2017, 2:30 PM
asn committed rLIBSSHf818e63f8f3e: Add new options (authored by aris).
Add new options
Dec 21 2017, 2:30 PM
asn committed rLIBSSH5d3ab421e1db: tests: Do not generate pcap file by default (authored by Jakuje).
tests: Do not generate pcap file by default
Dec 21 2017, 2:30 PM
asn committed rLIBSSHf8f7989c3daf: tests: Give server more time to start (authored by Jakuje).
tests: Give server more time to start
Dec 21 2017, 2:30 PM
asn committed rLIBSSHb92c499626f8: tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer (authored by Jakuje).
tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer
Dec 21 2017, 2:30 PM
jvijtiuk updated the diff for D1: add mbedtls crypto support.

Rebased onto master and fixed conflicts that appeared.

Dec 21 2017, 1:39 PM
asn triaged T78: ssh_pki_import_pubkey_file() will randomly corrupt memory as High priority.
Dec 21 2017, 12:44 PM · Restricted Project
asn claimed T78: ssh_pki_import_pubkey_file() will randomly corrupt memory.
Dec 21 2017, 12:43 PM · Restricted Project
asn added a comment to D4: [Patch] for terminal modes.

Ping!

Dec 21 2017, 12:41 PM
asn added a comment to D11: Add log function for GCD.

Ping!

Dec 21 2017, 12:40 PM

Dec 19 2017

antenore added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

Thanks Andreas

Dec 19 2017, 9:41 PM · Restricted Project
asn added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

How do you set it exactly? Maybe point to the code where you implemented it.

Dec 19 2017, 4:04 PM · Restricted Project
antenore added a comment to T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).

Nobody? Please

Dec 19 2017, 3:52 PM · Restricted Project

Dec 12 2017

asn added a comment to D1: add mbedtls crypto support.

This looks fine now. However it needs rebasing on master!

Dec 12 2017, 9:37 AM

Dec 11 2017

jvijtiuk updated the diff for D1: add mbedtls crypto support.
  • Add mbedtls drbg reseeding
  • Update README.mbedtls with info for ssh_key_cmp
Dec 11 2017, 1:22 PM

Dec 7 2017

antenore created T79: Forcing Key Exchange Methods to diffie-hellman-group14-sha1 with an additional algorithm (any of the supported) exit with a ssh_options_set error (invalid value).
Dec 7 2017, 10:45 PM · Restricted Project

Dec 5 2017

nickb937 created T78: ssh_pki_import_pubkey_file() will randomly corrupt memory.
Dec 5 2017, 12:13 PM · Restricted Project

Dec 1 2017

asn added a comment to D1: add mbedtls crypto support.
In D1#197, @jvijtiuk wrote:

Hello,

Dec 1 2017, 9:05 AM

Nov 26 2017

aris added a comment to D4: [Patch] for terminal modes.

I'm very new with phabricator, apologies if I'm using it incorrectly.
I have two questions:

Nov 26 2017, 6:26 PM

Nov 17 2017

jvijtiuk updated the diff for D1: add mbedtls crypto support.

I've fixed the memory leaks and config.h issues. README.mbedtls has also been added.
However, maybe the comparison code for ECDSA could be written with what mbedTLS already provides, the private and public curve points and the group can be accessed through the ECDSA context, however a function similar to EC_POINT_cmp doesn't exist, so I will have to look further into that when I find some time as I'm not sure what effect the curve group has on point comparison. The gcrypt code just compares the private and public points.

Nov 17 2017, 6:14 PM

Nov 16 2017

asn committed rLIBSSH9fce33a2e332: client: Add missing language tag in disconnect message (authored by asn).
client: Add missing language tag in disconnect message
Nov 16 2017, 12:44 PM
asn closed T74: LIBSSH generates what I believe is an invalid SSH_MSG_DISCONNECT msg as Resolved by committing rLIBSSH9fce33a2e332: client: Add missing language tag in disconnect message.
Nov 16 2017, 12:44 PM
asn raised the priority of T19: libssh-4: parsing of known_hosts file fails for entries with a comment field from Normal to High.
Nov 16 2017, 12:17 PM · Restricted Project
asn closed T77: pkg-config file libssh.pc should list zlib and gcrypt dependencies as Wontfix.

I'm sorry but static linking is not encouraged.

Nov 16 2017, 12:06 PM · Restricted Project
asn raised the priority of T56: Bad authentication state after failed GSSAPI authentication from Normal to High.
Nov 16 2017, 12:05 PM · Restricted Project

Nov 9 2017

asn committed rLIBSSH7a65f7f02806: test: ssh_userauth_kbdint_setanswer() does not network interaction (authored by asn).
test: ssh_userauth_kbdint_setanswer() does not network interaction
Nov 9 2017, 3:38 PM
asn committed rLIBSSHf525fdb2e189: sftp: Check for NULL path and give correct error (authored by asn).
sftp: Check for NULL path and give correct error
Nov 9 2017, 3:38 PM

Nov 8 2017

asn committed rLIBSSH01994ea302a1: examples: Build server examples on Linux too (authored by asn).
examples: Build server examples on Linux too
Nov 8 2017, 4:29 PM
asn committed rLIBSSHc4ddf62f7e64: pki_crypto: Avoid potential memory leak (authored by Jakuje).
pki_crypto: Avoid potential memory leak
Nov 8 2017, 4:22 PM