Page MenuHomePhabricator
Feed All Stories

Yesterday

asn committed rLIBSSH30997a098c49: Update ChangeLog (authored by ansasaki).
Update ChangeLog
Wed, May 22, 4:45 PM
asn committed rLIBSSH9fb7fb3fac58: socket: Use calloc in ssh_socket_new() (authored by ansasaki).
socket: Use calloc in ssh_socket_new()
Wed, May 22, 4:44 PM
asn committed rLIBSSH9b1772ecbdb5: sftp: Remove the break statements (authored by raminfp).
sftp: Remove the break statements
Wed, May 22, 4:44 PM
asn closed T134: crash in nonblock-write mode of ssh_handle_key_exchange() when receiving tcp rst after 3WHS (keepalive) as Resolved by committing rLIBSSH9fb7fb3fac58: socket: Use calloc in ssh_socket_new().
Wed, May 22, 4:44 PM · Restricted Project
asn committed rLIBSSH59ba3f18963c: dh-gex: Fix memory leak in DH GEX with OpenSSL (authored by ansasaki).
dh-gex: Fix memory leak in DH GEX with OpenSSL
Wed, May 22, 4:44 PM

Mon, May 20

Jakuje closed T109: ProxyCommand for jump host configuration broken as Resolved.

Fixed in 990794c58045d5afe69d2fa861fe32b7f547b1fd

Mon, May 20, 5:50 PM · Restricted Project
ansasaki added a comment to T134: crash in nonblock-write mode of ssh_handle_key_exchange() when receiving tcp rst after 3WHS (keepalive).

Thank you for reporting this!

Mon, May 20, 5:16 PM · Restricted Project
ansasaki added a comment to T145: Add ssh_threads_get_winlock() to the callbacks.h.

Thank you for your contribution!

Mon, May 20, 4:50 PM · Restricted Project

Tue, May 14

asn closed T148: PubkeyAcceptedKeyTypes is not supported in config file as Resolved.

This has been fixed with 38f9802eec067454a421eebfcae087c79bc02c67

Tue, May 14, 5:34 PM
asn committed rLIBSSH38f9802eec06: config: Add support for PubkeyAcceptedKeyTypes (authored by ansasaki).
config: Add support for PubkeyAcceptedKeyTypes
Tue, May 14, 5:33 PM
asn committed rLIBSSHeae971c00277: tests: Update knownhost tests with reproducer from T110 (authored by Jakuje).
tests: Update knownhost tests with reproducer from T110
Tue, May 14, 5:33 PM
asn committed rLIBSSH962bdf806c6f: knownhosts: Handle wildcard ports matches against standard one (authored by Jakuje).
knownhosts: Handle wildcard ports matches against standard one
Tue, May 14, 5:32 PM
asn committed rLIBSSH1e22a089eba5: Reformat ssh_hostport() (authored by Jakuje).
Reformat ssh_hostport()
Tue, May 14, 5:32 PM
asn committed rLIBSSH8152c6aba49a: knownhosts: Ignore OpenSSH markers related to certificates (authored by Jakuje).
knownhosts: Ignore OpenSSH markers related to certificates
Tue, May 14, 5:32 PM
asn committed rLIBSSH7cc159d72079: cmake,options: Allow to set global client config file (authored by ansasaki).
cmake,options: Allow to set global client config file
Tue, May 14, 5:32 PM
asn closed T110: Knownhost notation with port wildcard ( [hostname]:* ) doesn't accept port 22 as Resolved by committing rLIBSSH962bdf806c6f: knownhosts: Handle wildcard ports matches against standard one.
Tue, May 14, 5:32 PM · Restricted Project

Mon, May 13

asn committed rLIBSSH248e5acd5c9f: pki: Fail to sign when using wrong hash algorithm (authored by ansasaki).
pki: Fail to sign when using wrong hash algorithm
Mon, May 13, 4:53 PM
asn committed rLIBSSH550a1a766789: pki: Remove unused code (authored by ansasaki).
pki: Remove unused code
Mon, May 13, 4:53 PM
asn committed rLIBSSHdb51fa1bc1ba: pki: Use pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki: Use pki_sign_data() and pki_verify_data_signature()
Mon, May 13, 4:53 PM
asn committed rLIBSSHd923dc39c19a: tests: Use public key to verify signatures (authored by ansasaki).
tests: Use public key to verify signatures
Mon, May 13, 4:53 PM
asn committed rLIBSSH88a8b1f57c6c: pki_gcrypt: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_gcrypt: Added pki_sign_data() and pki_verify_data_signature()
Mon, May 13, 4:53 PM
asn committed rLIBSSH7bc53f3957cc: pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature()
Mon, May 13, 4:53 PM
asn committed rLIBSSHfd9446553b5e: pki_crypto: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_crypto: Added pki_sign_data() and pki_verify_data_signature()
Mon, May 13, 4:53 PM
asn committed rLIBSSH33af73655575: pki_crypto: Store ECDSA raw signature in ssh_signature (authored by ansasaki).
pki_crypto: Store ECDSA raw signature in ssh_signature
Mon, May 13, 4:52 PM
asn committed rLIBSSH132c7bee64ca: pki_crypto: Store DSA raw signature in ssh_signature (authored by ansasaki).
pki_crypto: Store DSA raw signature in ssh_signature
Mon, May 13, 4:52 PM
asn committed rLIBSSHba67555764a8: pki_crypto: Store raw RSA signature in ssh_signature (authored by ansasaki).
pki_crypto: Store raw RSA signature in ssh_signature
Mon, May 13, 4:52 PM
asn committed rLIBSSH0ea9e39e81a4: pki: Add a common place to store raw signatures (authored by ansasaki).
pki: Add a common place to store raw signatures
Mon, May 13, 4:52 PM
asn committed rLIBSSHe775182c2e07: pki: Make DSA signature to use SHA1 instead of AUTO (authored by ansasaki).
pki: Make DSA signature to use SHA1 instead of AUTO
Mon, May 13, 4:52 PM
asn committed rLIBSSH76f9808eb2fa: auth, pki: Calculate hash internally when signing/verifying (authored by ansasaki).
auth, pki: Calculate hash internally when signing/verifying
Mon, May 13, 4:52 PM
asn committed rLIBSSH58b3b2696c90: pki_crypto: Change SSH_KEYTYPE_ED25519 position in switches (authored by ansasaki).
pki_crypto: Change SSH_KEYTYPE_ED25519 position in switches
Mon, May 13, 4:52 PM
asn committed rLIBSSH20c03c289e59: pki_crypto: Refactor pki_signature_to_blob() (authored by ansasaki).
pki_crypto: Refactor pki_signature_to_blob()
Mon, May 13, 4:52 PM
asn committed rLIBSSHc27d41df75e4: pki_crypto: Fixed typos transfered -> transferred (authored by ansasaki).
pki_crypto: Fixed typos transfered -> transferred
Mon, May 13, 4:52 PM
asn committed rLIBSSH99053a6c3373: pki_cryto: Refactor pki_signature_from_blob() (authored by ansasaki).
pki_cryto: Refactor pki_signature_from_blob()
Mon, May 13, 4:52 PM
asn committed rLIBSSH01e98a6df758: pki: Remove duplicate and unused code (authored by ansasaki).
pki: Remove duplicate and unused code
Mon, May 13, 4:52 PM
asn committed rLIBSSHc3b8f9c0ecc6: pki_crypto: Make pki_signature_from_rsa_blob() to return int (authored by ansasaki).
pki_crypto: Make pki_signature_from_rsa_blob() to return int
Mon, May 13, 4:52 PM
asn committed rLIBSSHdbf3f962a4f5: pki: Refactor ssh_srv_pki_do_sign_sessionid() (authored by ansasaki).
pki: Refactor ssh_srv_pki_do_sign_sessionid()
Mon, May 13, 4:52 PM
asn committed rLIBSSH3917a5c916a8: pki: Refactor ssh_pki_do_sign() (authored by ansasaki).
pki: Refactor ssh_pki_do_sign()
Mon, May 13, 4:52 PM
asn committed rLIBSSH848f59c37e6d: wrapper.h: Add SSH_DIGEST_SHA384 to ssh_digest_e enum (authored by ansasaki).
wrapper.h: Add SSH_DIGEST_SHA384 to ssh_digest_e enum
Mon, May 13, 4:52 PM
asn committed rLIBSSH5f7a3c5c66a7: wrapper: Make sha{1, 256, 384, 512}() input const (authored by ansasaki).
wrapper: Make sha{1, 256, 384, 512}() input const
Mon, May 13, 4:52 PM

Fri, May 10

ansasaki created T148: PubkeyAcceptedKeyTypes is not supported in config file.
Fri, May 10, 7:17 PM

Thu, May 9

asn committed rLIBSSHee42e3badba4: dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup (authored by simonsj).
dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup
Thu, May 9, 6:36 PM
asn committed rLIBSSH0849e44220ec: dh: fix libcrypto leak via ssh_dh_keypair_set_keys (authored by simonsj).
dh: fix libcrypto leak via ssh_dh_keypair_set_keys
Thu, May 9, 6:36 PM
Jakuje updated subscribers of T110: Knownhost notation with port wildcard ( [hostname]:* ) doesn't accept port 22.

@asn On the second though, I reworked the branch to optimize the pass and pass the given test cases. Can you check if the following would be acceptable?

Thu, May 9, 1:22 PM · Restricted Project

Mon, May 6

Jakuje triaged T147: libssh supports non-standard DSA key of sizes different than 1k as Low priority.
Mon, May 6, 4:38 PM · Restricted Project
davidwed closed T146: sftp: Add check if we are authenticated as Invalid.
Mon, May 6, 1:24 PM · Restricted Project
davidwed added a comment to T146: sftp: Add check if we are authenticated.

I created all relevant structures in advance ( also the channel ) no matter if the session authenticated itself or not.
I then checked separately whether the session is authenticated.

Mon, May 6, 1:24 PM · Restricted Project
asn committed rLIBSSHdb8aca69a7a3: knownhosts: Avoid possible null pointer dereference (authored by asn).
knownhosts: Avoid possible null pointer dereference
Mon, May 6, 12:01 PM
asn committed rLIBSSHee82bab80166: auth: Avoid memory on error in ssh_userauth_agent_publickey() (authored by asn).
auth: Avoid memory on error in ssh_userauth_agent_publickey()
Mon, May 6, 12:01 PM
asn added a comment to T146: sftp: Add check if we are authenticated.

What do you mean you can't create a channel in advance?

Mon, May 6, 11:54 AM · Restricted Project

Fri, May 3

davidwed updated the task description for T146: sftp: Add check if we are authenticated.
Fri, May 3, 1:25 PM · Restricted Project
davidwed updated the task description for T146: sftp: Add check if we are authenticated.
Fri, May 3, 1:24 PM · Restricted Project
davidwed created T146: sftp: Add check if we are authenticated.
Fri, May 3, 1:23 PM · Restricted Project

Thu, May 2

davidwed updated the task description for T145: Add ssh_threads_get_winlock() to the callbacks.h.
Thu, May 2, 2:19 PM · Restricted Project
davidwed created T145: Add ssh_threads_get_winlock() to the callbacks.h.
Thu, May 2, 2:17 PM · Restricted Project

Tue, Apr 30

davidwed updated subscribers of T144: Add ssh_message_channel_request_open_reply_accept_channel function.

I've added some basic documentation, but I think @aris could write more about it. ( He implemented the functions ) :-)

Tue, Apr 30, 1:00 AM · Restricted Project

Mon, Apr 29

asn committed rLIBSSH19cb6f1b6c07: server: fix sending SSH_MSG_EXT_INFO upon rekey (authored by simonsj).
server: fix sending SSH_MSG_EXT_INFO upon rekey
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH3fccb244647d: tests:pkd: Fix size comparison (payload.len is size_t) (authored by asn).
tests:pkd: Fix size comparison (payload.len is size_t)
Mon, Apr 29, 5:40 PM
asn committed rLIBSSHc0f3a9608961: server: fix queued USERAUTH_SUCCESS rekey bug (authored by simonsj).
server: fix queued USERAUTH_SUCCESS rekey bug
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH03a1f1dd0c7d: tests/pkd: support optional --buffer for test payload (authored by simonsj).
tests/pkd: support optional --buffer for test payload
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH410f10096828: tests/pkd: input test payload buffer (authored by simonsj).
tests/pkd: input test payload buffer
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH7ef2fe7f7b21: packet: log when data-based rekeying needed (authored by simonsj).
packet: log when data-based rekeying needed
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH175375bc0995: tests/pkd: support --rekey to set rekey data limit (authored by simonsj).
tests/pkd: support --rekey to set rekey data limit
Mon, Apr 29, 5:40 PM
asn committed rLIBSSH104c696bca84: dh-gex: Verify received primes in FIPS mode to match one of the known groups (authored by Jakuje).
dh-gex: Verify received primes in FIPS mode to match one of the known groups
Mon, Apr 29, 2:03 PM
asn committed rLIBSSHe4465073527b: Provide a function to query crypto backend for FIPS status (authored by Jakuje).
Provide a function to query crypto backend for FIPS status
Mon, Apr 29, 2:03 PM
asn committed rLIBSSH67beaf363fc1: dh-gex: Fall back to known primes when the moduli file is not readable (authored by Jakuje).
dh-gex: Fall back to known primes when the moduli file is not readable
Mon, Apr 29, 2:03 PM
asn committed rLIBSSH4012338862da: doc: Update the description of the pki_private_key_decrypt() function to match… (authored by Jakuje).
doc: Update the description of the pki_private_key_decrypt() function to match…
Mon, Apr 29, 2:03 PM
asn committed rLIBSSHbb7920efbc8f: tests: Avoid reading user configuration when running algorithm tests (authored by Jakuje).
tests: Avoid reading user configuration when running algorithm tests
Mon, Apr 29, 2:03 PM
asn committed rLIBSSH3e8bdb122f12: knownhosts: Check if the hosts file exists (authored by asn).
knownhosts: Check if the hosts file exists
Mon, Apr 29, 2:03 PM
asn committed rLIBSSHcc536377f971: sftp server: Implementation of sftp_server_free() as counterpart to… (authored by davidwed).
sftp server: Implementation of sftp_server_free() as counterpart to…
Mon, Apr 29, 2:03 PM
asn committed rLIBSSH643ca67f8881: gssapi: Add missing malloc checks (authored by asn).
gssapi: Add missing malloc checks
Mon, Apr 29, 2:02 PM
asn closed T135: When ~/.ssh/known_hosts is removed, I still get SSH_KNOWN_HOSTS_UNKNOWN, not SSH_KNOWN_HOSTS_NOT_FOUND as Resolved by committing rLIBSSH3e8bdb122f12: knownhosts: Check if the hosts file exists.
Mon, Apr 29, 2:02 PM · Restricted Project
asn closed T143: sftp_server_free() as Resolved by committing rLIBSSHcc536377f971: sftp server: Implementation of sftp_server_free() as counterpart to….
Mon, Apr 29, 2:02 PM · Restricted Project
asn committed rLIBSSH5ffc595d0d58: Document more @return values with doxygen for APIs (authored by ngie-eign).
Document more @return values with doxygen for APIs
Mon, Apr 29, 2:02 PM
asn closed T141: gssapi: detect malloc failure as Resolved by committing rLIBSSH643ca67f8881: gssapi: Add missing malloc checks.
Mon, Apr 29, 2:02 PM · Restricted Project
asn committed rLIBSSHc4348c7b3c55: sftp: Check if the channel is still valid (authored by asn).
sftp: Check if the channel is still valid
Mon, Apr 29, 2:02 PM
asn committed rLIBSSH8a885f0bd389: channels: Add check if we are authenticated before we create a channel (authored by asn).
channels: Add check if we are authenticated before we create a channel
Mon, Apr 29, 2:02 PM
asn closed T138: sftp_free() segfaults when called after ssh_disconnect() as Resolved by committing rLIBSSHc4348c7b3c55: sftp: Check if the channel is still valid.
Mon, Apr 29, 2:02 PM · Restricted Project
asn closed T139: Calling sftp_new() on session that was not authenticated hangs as Resolved by committing rLIBSSH8a885f0bd389: channels: Add check if we are authenticated before we create a channel.
Mon, Apr 29, 2:02 PM · Restricted Project
asn committed rLIBSSH815a53375e90: libcrypto: Fix compilation without deprecated OpenSSL APIs (authored by Rosen Penev <rosenp@gmail.com>).
libcrypto: Fix compilation without deprecated OpenSSL APIs
Mon, Apr 29, 2:02 PM
asn committed rLIBSSH95ab5f0dce21: channel: Don't send EOF on channel more than once (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
channel: Don't send EOF on channel more than once
Mon, Apr 29, 2:02 PM
asn committed rLIBSSH6cd506ea8128: options: Update doc for SSH_OPTIONS_PORT (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
options: Update doc for SSH_OPTIONS_PORT
Mon, Apr 29, 2:02 PM
asn committed rLIBSSH9340a0af5e31: connector: Stop socket-to-channel EOF flooding (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
connector: Stop socket-to-channel EOF flooding
Mon, Apr 29, 2:02 PM
asn committed rLIBSSH08b3301e4fb7: tests/pkd: connect to openssh using certificates (authored by Ben Toews <mastahyeti@gmail.com>).
tests/pkd: connect to openssh using certificates
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH4a014968106a: tests/unittests: test that signatures can be verified with certs (authored by Ben Toews <mastahyeti@gmail.com>).
tests/unittests: test that signatures can be verified with certs
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH2f26b5d63cde: pki: allow certificates to be used in signature verification (authored by Ben Toews <mastahyeti@gmail.com>).
pki: allow certificates to be used in signature verification
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH04b284dae028: tests/unittests: test ECDSA/ED25519 support (authored by Ben Toews <mastahyeti@gmail.com>).
tests/unittests: test ECDSA/ED25519 support
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH19cd909c8d77: pki: support ECDSA/ED25519 certificates (authored by Ben Toews <mastahyeti@gmail.com>).
pki: support ECDSA/ED25519 certificates
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH7c0719e53dce: pki: parse keys from certificates into ssh_key (authored by Ben Toews <mastahyeti@gmail.com>).
pki: parse keys from certificates into ssh_key
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH78f764b7c983: torture_pki: store test case attributes in struct instead of multiple arrays (authored by Ben Toews <mastahyeti@gmail.com>).
torture_pki: store test case attributes in struct instead of multiple arrays
Mon, Apr 29, 10:26 AM
asn committed rLIBSSH77a6fe4a6237: dh-gex: Add error check for ssh_packet_client_dhgex_group() (authored by asn).
dh-gex: Add error check for ssh_packet_client_dhgex_group()
Mon, Apr 29, 10:26 AM
asn committed rLIBSSHe036c426f8e8: tests: add OpenSSL includes dir for torture tests (authored by Ben Toews <mastahyeti@gmail.com>).
tests: add OpenSSL includes dir for torture tests
Mon, Apr 29, 10:26 AM
asn committed rLIBSSHb1f3cfec34c6: libssh: deprecate SSH_KEYTYPE_ECDSA (authored by Ben Toews <mastahyeti@gmail.com>).
libssh: deprecate SSH_KEYTYPE_ECDSA
Mon, Apr 29, 10:26 AM
asn added a project to T137: Difference between sftp_new() and sftp_init() is not clear: Restricted Project.
Mon, Apr 29, 10:24 AM · Restricted Project
asn added a project to T135: When ~/.ssh/known_hosts is removed, I still get SSH_KNOWN_HOSTS_UNKNOWN, not SSH_KNOWN_HOSTS_NOT_FOUND: Restricted Project.
Mon, Apr 29, 10:24 AM · Restricted Project
asn added a project to T136: A more elaborate way to get the remote data: Restricted Project.
Mon, Apr 29, 10:24 AM · Restricted Project
davidwed added a comment to T143: sftp_server_free().

The sftp_free() function calls ssh_channel_free(), not sftp_server_free().

Mon, Apr 29, 10:24 AM · Restricted Project
ansasaki added a comment to T141: gssapi: detect malloc failure.

Thank you for reporting this and sending you patch proposal.

Mon, Apr 29, 10:24 AM · Restricted Project
ansasaki added a comment to T142: torture_proxycommand failing.

Actually the client testing is enabled in most of the builds in the CI (you can check the CI configuration in .gitlab-ci.yml file).

Mon, Apr 29, 10:24 AM · Restricted Project
Jakuje added a comment to T144: Add ssh_message_channel_request_open_reply_accept_channel function.

I do not know a lot about the channels code. Sadly these functions do not have any documentation to clarify that to me.

Mon, Apr 29, 10:24 AM · Restricted Project
Jakuje added a comment to T143: sftp_server_free().

The sftp server is using normal sftp_session. Why the sftp_free() function can not be used, since it is almost the same as your proposal?

Mon, Apr 29, 10:24 AM · Restricted Project