♟ asn

server: Fix session pubkey import

Introduce a gitlab CI for centos7, debian and Fedora

README: Added markdown readmine with gitlab CI badge

kex1: Add missing NULL check in make_rsa1_string()

packet_cb: Fix the if check in ssh_packet_newkeys()

known_hosts: Do not leak pubkey_buffer in check_public_key()

server: Do not leak pubkey_blob in ssh_get_key_params()

buffer: Do not call explicit_bzero with null arguments

buffer: Do not call memcpy with null arguments

buffer: Apply coding style to ssh_buffer_reinit()

buffer: Apply coding style to realloc_buffer()

kex1: Use libcrypto-compat.h for RSA_get0_key with OpenSSL

torture_path_expand_tilde_unix: use getpwuid() if no env variables

Fix ssh_event_add_session() when session socket has two pollhandlers

cmake: Fix libfuzzer linking with clang6

channels: add ssh_channel_request_send_break to support RFC 4335

kex1: Use new dh pubkey import functions

channels1: Add missing config.h include

kex1: Fix building with OpenSSL 1.1+

Add a NODELAY option

tests: Fix mixed code compiler warning in torture_rand

torture: Increase wait time for the sshd process to exit

crypto: Change the type of server_pubkey to ssh_key

misc: Use SecureZeroMemory if available for explicit_bzero

misc: Use memset_s if available for explicit_bzero

tests: fix OSX build errors when enabling tests

connector: ensure channel callbacks are removed

connector: Check for POLLHUP on in_fd

pki: Add mbedTLS ECDSA key comparison support

priv: Fix explicit_bzero macro if we pass a function

sftp: Remove stray semi-colon in sftp.h header

priv: Implement explicit_bzero as a function if not available

cmake: Mark LIBSSH_LIBRARIES and LIBSSH_INCLUDE_DIR as advanced

pki: Use explicit_bzero() to wipe privkey in memory

tests: Fix segfault with mbedTLS built without threading support

src: Use explicit_bzero() if available on the platform

cmake: Build ssh_server_fuzzer if enabled

tests: Added a fuzzer for the server

Set channel as bound when accepting channel open request

libssh: Bump the version to 0.7.90

dh: Use calloc() instead of malloc()

pki_gcrypt: Use calloc() instead of malloc()

threads: Use calloc() instead of malloc()

sftpserver: Use calloc() instead of malloc()

server: Use calloc() instead of malloc()

kex: Use calloc() instead of malloc()

auth: Use calloc() instead of malloc()

channels: Use calloc() instead of malloc()

Fixed in master for DSA and RSA

torture_pki_ed25519: Add tests for private key with passphrase

torture_pki_ecdsa: Add tests for private key with passphrase

torture_key: Add ecdsa keys with passphrase

torture_pki_dsa: Add tests for private key with passphrase

torture_pki_rsa: Add tests for private key with passphrase

tests: Move torture keys to own file

pki_crypto: Fix private key generation with password

cmake: Move ed25519 tests into unix part

tests: Move rsa tests to own test file

tests: Remove obsolete setup_both_keys()

tests: Move ed25519 functions to the right file

tests: Move ecdsa tests to own test file

tests: Move dsa tests to own test file

tests: Move helper functions to a common file

libgcrypt: Add missing config.h include

torture: Give sshd more time to start up

tests: Fix torture_pki with libcrypto

pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built…

config: Avoid long -> int -> long casting for timeout configuration option

add mbedtls crypto support

options: Rewrite set() description to get()

add mbedtls crypto support

I think we are good to go. Thanks for your contributions!

Closing. Test to verify this is working correctly:

The problem is time at the moment. There are two features missing for a release right now. One is the mbedtls support and the other is a new known_hosts API I'm working on. I need to find time to finish this. Hopefully in the next days. Normally I try to do a release around FOSDEM.

I think that has just been fixed with the patches I committed today, see:

I've just commited a bigger patchset upstream. I think you need to rebase again. Sorry :-)

options: Rewrite set() description to get()

tests/client/algorithms: Respect global verbosity settings

docs: correction for importing key file

options: Move SSH_OPTIONS_ADD_IDENTITY to *set() function description

tests/config: Verify LogLevel from config is applied

tests/config: Newly parsed options

tests/config: Enable and disable authentication methods

tests/config: Verify known_hosts files are applied

config: Add CMake check for glob()

tests: HostkeyAlgorithms passed from config to options

config: glob support for include with test

config: support for MACs

tests/config: Text KexAlgorithms parsing in ssh_config

asn (Andreas Schneider)Administrator
User

Projects

User Details

Recent Activity
View All

Yesterday

Wed, Apr 18

Tue, Apr 17

Tue, Apr 10

Mon, Apr 9

Wed, Mar 28

Mar 21 2018

Mar 12 2018

Feb 16 2018

Feb 12 2018

Feb 4 2018

Feb 1 2018

Jan 29 2018

Jan 19 2018

Jan 18 2018

Jan 10 2018

Jan 4 2018

Jan 2 2018

Dec 28 2017

Dec 21 2017

asn (Andreas Schneider)AdministratorUser