User Details
User Details
- User Since
- Jun 9 2017, 11:48 AM (101 w, 5 d)
- Roles
- Administrator
Yesterday
Yesterday
Update ChangeLog
socket: Use calloc in ssh_socket_new()
sftp: Remove the break statements
asn closed T134: crash in nonblock-write mode of ssh_handle_key_exchange() when receiving tcp rst after 3WHS (keepalive) as Resolved by committing rLIBSSH9fb7fb3fac58: socket: Use calloc in ssh_socket_new().
Wed, May 22, 4:44 PM · Restricted Project
asn committed rLIBSSH59ba3f18963c: dh-gex: Fix memory leak in DH GEX with OpenSSL (authored by ansasaki).
dh-gex: Fix memory leak in DH GEX with OpenSSL
Tue, May 14
Tue, May 14
This has been fixed with 38f9802eec067454a421eebfcae087c79bc02c67
asn committed rLIBSSH38f9802eec06: config: Add support for PubkeyAcceptedKeyTypes (authored by ansasaki).
config: Add support for PubkeyAcceptedKeyTypes
asn committed rLIBSSHeae971c00277: tests: Update knownhost tests with reproducer from T110 (authored by Jakuje).
tests: Update knownhost tests with reproducer from T110
asn committed rLIBSSH962bdf806c6f: knownhosts: Handle wildcard ports matches against standard one (authored by Jakuje).
knownhosts: Handle wildcard ports matches against standard one
Reformat ssh_hostport()
asn committed rLIBSSH8152c6aba49a: knownhosts: Ignore OpenSSH markers related to certificates (authored by Jakuje).
knownhosts: Ignore OpenSSH markers related to certificates
asn committed rLIBSSH7cc159d72079: cmake,options: Allow to set global client config file (authored by ansasaki).
cmake,options: Allow to set global client config file
asn closed T110: Knownhost notation with port wildcard ( [hostname]:* ) doesn't accept port 22 as Resolved by committing rLIBSSH962bdf806c6f: knownhosts: Handle wildcard ports matches against standard one.
Tue, May 14, 5:32 PM · Restricted Project
Mon, May 13
Mon, May 13
asn committed rLIBSSH248e5acd5c9f: pki: Fail to sign when using wrong hash algorithm (authored by ansasaki).
pki: Fail to sign when using wrong hash algorithm
pki: Remove unused code
asn committed rLIBSSHdb51fa1bc1ba: pki: Use pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki: Use pki_sign_data() and pki_verify_data_signature()
asn committed rLIBSSHd923dc39c19a: tests: Use public key to verify signatures (authored by ansasaki).
tests: Use public key to verify signatures
asn committed rLIBSSH88a8b1f57c6c: pki_gcrypt: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_gcrypt: Added pki_sign_data() and pki_verify_data_signature()
asn committed rLIBSSH7bc53f3957cc: pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature()
asn committed rLIBSSHfd9446553b5e: pki_crypto: Added pki_sign_data() and pki_verify_data_signature() (authored by ansasaki).
pki_crypto: Added pki_sign_data() and pki_verify_data_signature()
asn committed rLIBSSH33af73655575: pki_crypto: Store ECDSA raw signature in ssh_signature (authored by ansasaki).
pki_crypto: Store ECDSA raw signature in ssh_signature
asn committed rLIBSSH132c7bee64ca: pki_crypto: Store DSA raw signature in ssh_signature (authored by ansasaki).
pki_crypto: Store DSA raw signature in ssh_signature
asn committed rLIBSSHba67555764a8: pki_crypto: Store raw RSA signature in ssh_signature (authored by ansasaki).
pki_crypto: Store raw RSA signature in ssh_signature
asn committed rLIBSSH0ea9e39e81a4: pki: Add a common place to store raw signatures (authored by ansasaki).
pki: Add a common place to store raw signatures
asn committed rLIBSSHe775182c2e07: pki: Make DSA signature to use SHA1 instead of AUTO (authored by ansasaki).
pki: Make DSA signature to use SHA1 instead of AUTO
asn committed rLIBSSH76f9808eb2fa: auth, pki: Calculate hash internally when signing/verifying (authored by ansasaki).
auth, pki: Calculate hash internally when signing/verifying
asn committed rLIBSSH58b3b2696c90: pki_crypto: Change SSH_KEYTYPE_ED25519 position in switches (authored by ansasaki).
pki_crypto: Change SSH_KEYTYPE_ED25519 position in switches
asn committed rLIBSSH20c03c289e59: pki_crypto: Refactor pki_signature_to_blob() (authored by ansasaki).
pki_crypto: Refactor pki_signature_to_blob()
asn committed rLIBSSHc27d41df75e4: pki_crypto: Fixed typos transfered -> transferred (authored by ansasaki).
pki_crypto: Fixed typos transfered -> transferred
asn committed rLIBSSH99053a6c3373: pki_cryto: Refactor pki_signature_from_blob() (authored by ansasaki).
pki_cryto: Refactor pki_signature_from_blob()
pki: Remove duplicate and unused code
asn committed rLIBSSHc3b8f9c0ecc6: pki_crypto: Make pki_signature_from_rsa_blob() to return int (authored by ansasaki).
pki_crypto: Make pki_signature_from_rsa_blob() to return int
asn committed rLIBSSHdbf3f962a4f5: pki: Refactor ssh_srv_pki_do_sign_sessionid() (authored by ansasaki).
pki: Refactor ssh_srv_pki_do_sign_sessionid()
pki: Refactor ssh_pki_do_sign()
asn committed rLIBSSH848f59c37e6d: wrapper.h: Add SSH_DIGEST_SHA384 to ssh_digest_e enum (authored by ansasaki).
wrapper.h: Add SSH_DIGEST_SHA384 to ssh_digest_e enum
asn committed rLIBSSH5f7a3c5c66a7: wrapper: Make sha{1, 256, 384, 512}() input const (authored by ansasaki).
wrapper: Make sha{1, 256, 384, 512}() input const
Thu, May 9
Thu, May 9
asn committed rLIBSSHee42e3badba4: dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup (authored by simonsj).
dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup
asn committed rLIBSSH0849e44220ec: dh: fix libcrypto leak via ssh_dh_keypair_set_keys (authored by simonsj).
dh: fix libcrypto leak via ssh_dh_keypair_set_keys
Mon, May 6
Mon, May 6
asn committed rLIBSSHdb8aca69a7a3: knownhosts: Avoid possible null pointer dereference (authored by asn).
knownhosts: Avoid possible null pointer dereference
asn committed rLIBSSHee82bab80166: auth: Avoid memory on error in ssh_userauth_agent_publickey() (authored by asn).
auth: Avoid memory on error in ssh_userauth_agent_publickey()
asn added a comment to T146: sftp: Add check if we are authenticated.
What do you mean you can't create a channel in advance?
Mon, May 6, 11:54 AM · Restricted Project
Mon, Apr 29
Mon, Apr 29
asn committed rLIBSSH19cb6f1b6c07: server: fix sending SSH_MSG_EXT_INFO upon rekey (authored by simonsj).
server: fix sending SSH_MSG_EXT_INFO upon rekey
asn committed rLIBSSH3fccb244647d: tests:pkd: Fix size comparison (payload.len is size_t) (authored by asn).
tests:pkd: Fix size comparison (payload.len is size_t)
asn committed rLIBSSHc0f3a9608961: server: fix queued USERAUTH_SUCCESS rekey bug (authored by simonsj).
server: fix queued USERAUTH_SUCCESS rekey bug
asn committed rLIBSSH03a1f1dd0c7d: tests/pkd: support optional --buffer for test payload (authored by simonsj).
tests/pkd: support optional --buffer for test payload
tests/pkd: input test payload buffer
asn committed rLIBSSH7ef2fe7f7b21: packet: log when data-based rekeying needed (authored by simonsj).
packet: log when data-based rekeying needed
asn committed rLIBSSH175375bc0995: tests/pkd: support --rekey to set rekey data limit (authored by simonsj).
tests/pkd: support --rekey to set rekey data limit
asn committed rLIBSSH104c696bca84: dh-gex: Verify received primes in FIPS mode to match one of the known groups (authored by Jakuje).
dh-gex: Verify received primes in FIPS mode to match one of the known groups
asn committed rLIBSSHe4465073527b: Provide a function to query crypto backend for FIPS status (authored by Jakuje).
Provide a function to query crypto backend for FIPS status
asn committed rLIBSSH67beaf363fc1: dh-gex: Fall back to known primes when the moduli file is not readable (authored by Jakuje).
dh-gex: Fall back to known primes when the moduli file is not readable
asn committed rLIBSSH4012338862da: doc: Update the description of the pki_private_key_decrypt() function to match… (authored by Jakuje).
doc: Update the description of the pki_private_key_decrypt() function to match…
asn committed rLIBSSHbb7920efbc8f: tests: Avoid reading user configuration when running algorithm tests (authored by Jakuje).
tests: Avoid reading user configuration when running algorithm tests
knownhosts: Check if the hosts file exists
asn committed rLIBSSHcc536377f971: sftp server: Implementation of sftp_server_free() as counterpart to… (authored by davidwed).
sftp server: Implementation of sftp_server_free() as counterpart to…
gssapi: Add missing malloc checks
asn closed T135: When ~/.ssh/known_hosts is removed, I still get SSH_KNOWN_HOSTS_UNKNOWN, not SSH_KNOWN_HOSTS_NOT_FOUND as Resolved by committing rLIBSSH3e8bdb122f12: knownhosts: Check if the hosts file exists.
Mon, Apr 29, 2:02 PM · Restricted Project
asn closed T143: sftp_server_free() as Resolved by committing rLIBSSHcc536377f971: sftp server: Implementation of sftp_server_free() as counterpart to….
Mon, Apr 29, 2:02 PM · Restricted Project
asn committed rLIBSSH5ffc595d0d58: Document more @return values with doxygen for APIs (authored by ngie-eign).
Document more @return values with doxygen for APIs
asn closed T141: gssapi: detect malloc failure as Resolved by committing rLIBSSH643ca67f8881: gssapi: Add missing malloc checks.
Mon, Apr 29, 2:02 PM · Restricted Project
sftp: Check if the channel is still valid
asn committed rLIBSSH8a885f0bd389: channels: Add check if we are authenticated before we create a channel (authored by asn).
channels: Add check if we are authenticated before we create a channel
asn closed T138: sftp_free() segfaults when called after ssh_disconnect() as Resolved by committing rLIBSSHc4348c7b3c55: sftp: Check if the channel is still valid.
Mon, Apr 29, 2:02 PM · Restricted Project
asn closed T139: Calling sftp_new() on session that was not authenticated hangs as Resolved by committing rLIBSSH8a885f0bd389: channels: Add check if we are authenticated before we create a channel.
Mon, Apr 29, 2:02 PM · Restricted Project
asn committed rLIBSSH815a53375e90: libcrypto: Fix compilation without deprecated OpenSSL APIs (authored by Rosen Penev <rosenp@gmail.com>).
libcrypto: Fix compilation without deprecated OpenSSL APIs
asn committed rLIBSSH95ab5f0dce21: channel: Don't send EOF on channel more than once (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
channel: Don't send EOF on channel more than once
asn committed rLIBSSH6cd506ea8128: options: Update doc for SSH_OPTIONS_PORT (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
options: Update doc for SSH_OPTIONS_PORT
asn committed rLIBSSH9340a0af5e31: connector: Stop socket-to-channel EOF flooding (authored by Till Wimmer <g4-lisz@tonarchiv.ch>).
connector: Stop socket-to-channel EOF flooding
asn committed rLIBSSH08b3301e4fb7: tests/pkd: connect to openssh using certificates (authored by Ben Toews <mastahyeti@gmail.com>).
tests/pkd: connect to openssh using certificates
asn committed rLIBSSH4a014968106a: tests/unittests: test that signatures can be verified with certs (authored by Ben Toews <mastahyeti@gmail.com>).
tests/unittests: test that signatures can be verified with certs
asn committed rLIBSSH2f26b5d63cde: pki: allow certificates to be used in signature verification (authored by Ben Toews <mastahyeti@gmail.com>).
pki: allow certificates to be used in signature verification
asn committed rLIBSSH04b284dae028: tests/unittests: test ECDSA/ED25519 support (authored by Ben Toews <mastahyeti@gmail.com>).
tests/unittests: test ECDSA/ED25519 support
asn committed rLIBSSH19cd909c8d77: pki: support ECDSA/ED25519 certificates (authored by Ben Toews <mastahyeti@gmail.com>).
pki: support ECDSA/ED25519 certificates
asn committed rLIBSSH7c0719e53dce: pki: parse keys from certificates into ssh_key (authored by Ben Toews <mastahyeti@gmail.com>).
pki: parse keys from certificates into ssh_key
asn committed rLIBSSH78f764b7c983: torture_pki: store test case attributes in struct instead of multiple arrays (authored by Ben Toews <mastahyeti@gmail.com>).
torture_pki: store test case attributes in struct instead of multiple arrays
asn committed rLIBSSH77a6fe4a6237: dh-gex: Add error check for ssh_packet_client_dhgex_group() (authored by asn).
dh-gex: Add error check for ssh_packet_client_dhgex_group()
asn committed rLIBSSHe036c426f8e8: tests: add OpenSSL includes dir for torture tests (authored by Ben Toews <mastahyeti@gmail.com>).
tests: add OpenSSL includes dir for torture tests
asn committed rLIBSSHb1f3cfec34c6: libssh: deprecate SSH_KEYTYPE_ECDSA (authored by Ben Toews <mastahyeti@gmail.com>).
libssh: deprecate SSH_KEYTYPE_ECDSA
asn added a project to T137: Difference between sftp_new() and sftp_init() is not clear: Restricted Project.
Mon, Apr 29, 10:24 AM · Restricted Project
asn added a project to T135: When ~/.ssh/known_hosts is removed, I still get SSH_KNOWN_HOSTS_UNKNOWN, not SSH_KNOWN_HOSTS_NOT_FOUND: Restricted Project.
Mon, Apr 29, 10:24 AM · Restricted Project
Mon, Apr 29, 10:24 AM · Restricted Project
Apr 4 2019
Apr 4 2019
asn committed rLIBSSH33ad6bc54e92: dh: Add compat function for openssl < 1.1.0 (authored by Simo Sorce <simo@redhat.com>).
dh: Add compat function for openssl < 1.1.0
asn committed rLIBSSH33399e52f0af: dh: Add OpenSSL libcrypto specific DH implementation (authored by Simo Sorce <simo@redhat.com>).
dh: Add OpenSSL libcrypto specific DH implementation
asn committed rLIBSSH2f38af155969: dh: Rename variables for DH key exchange (authored by Simo Sorce <simo@redhat.com>).
dh: Rename variables for DH key exchange
asn committed rLIBSSH7551857d0862: dh: Move DH key handling into a separate file. (authored by Simo Sorce <simo@redhat.com>).
dh: Move DH key handling into a separate file.
asn committed rLIBSSH30d97979a299: dh: Confine DH KEX keys handling into fewer functions (authored by Simo Sorce <simo@redhat.com>).
dh: Confine DH KEX keys handling into fewer functions
asn committed rLIBSSH997fe4d418ea: mbedcrypto: Make bignum_bin2bn behave like others (authored by Simo Sorce <simo@redhat.com>).
mbedcrypto: Make bignum_bin2bn behave like others
Apr 1 2019
Apr 1 2019
asn committed rLIBSSHfd30cf06763c: tests: Add test cases for Match keyword in bind config (authored by ansasaki).
tests: Add test cases for Match keyword in bind config
asn committed rLIBSSHd9e6237a4728: bind_config: Added minimal support for Match keyword (authored by ansasaki).
bind_config: Added minimal support for Match keyword
asn committed rLIBSSH25af8641b31b: bind: Apply global configuration automatically (authored by ansasaki).
bind: Apply global configuration automatically
asn committed rLIBSSH68385a2e983a: options: Add a bind option to set the config directory (authored by ansasaki).
options: Add a bind option to set the config directory
asn committed rLIBSSHd6d9b56bb9c9: cmake,options: Allow to set global bind config file (authored by ansasaki).
cmake,options: Allow to set global bind config file
asn committed rLIBSSHbab4d2b77b82: tests: Add tests for server side configuration (authored by ansasaki).
tests: Add tests for server side configuration
asn committed rLIBSSHfd25beff68a8: options: Introduce ssh_bind_options_parse_config() (authored by ansasaki).
options: Introduce ssh_bind_options_parse_config()
asn committed rLIBSSH55a713cb0455: bind_config: Support server side configuration (authored by ansasaki).
bind_config: Support server side configuration
asn committed rLIBSSH79049981a513: config: Move common parser functions to config_parser.c (authored by ansasaki).
config: Move common parser functions to config_parser.c
bind: Use calloc instead of malloc
asn committed rLIBSSH0bde6b142cad: tests: Add missing unit tests for bind options (authored by ansasaki).
tests: Add missing unit tests for bind options
Mar 29 2019
Mar 29 2019
asn committed rLIBSSHf05571841b05: channels: Added function to create channel to UNIX socket (authored by pmorris67 <philip.morris67@ntlworld.com>).
channels: Added function to create channel to UNIX socket
asn committed rLIBSSH45c7d077804a: misc: Avoid printing full path in debug message (authored by Alberto Garcia Illera <agarciaillera@gmail.com>).
misc: Avoid printing full path in debug message