User Details
User Details
- User Since
- Jun 9 2017, 11:48 AM (106 w, 3 d)
- Roles
- Administrator
Yesterday
Yesterday
Update ChangeLog to add FIPS
Update ChangeLog to add FIPS
tests: Skip 1k RSA key generation in FIPS
asn committed rLIBSSHec486d13db7e: pki_crypto: Correct error checking after RSA key generation (authored by Jakuje).
pki_crypto: Correct error checking after RSA key generation
asn committed rLIBSSHebfe46f6ad42: tests: Filter out bogus output from openssh in FIPS Mode (authored by Jakuje).
tests: Filter out bogus output from openssh in FIPS Mode
tests: Add reproducer for T76
asn committed rLIBSSH993e0df81e8d: pki: Search for the PEM headers not only on the start of the key file (authored by Jakuje).
pki: Search for the PEM headers not only on the start of the key file
asn committed rLIBSSH551188d99b40: pki: Reformat pki_privatekey_type_from_string() (authored by Jakuje).
pki: Reformat pki_privatekey_type_from_string()
asn committed rLIBSSHc6c7856b5163: socket: Do not process stderr of proxy commands (Fixes T130) (authored by Jakuje).
socket: Do not process stderr of proxy commands (Fixes T130)
asn committed rLIBSSHcafafe8f5a74: tests: Reproducer for proxy command with stderr output (T130) (authored by Jakuje).
tests: Reproducer for proxy command with stderr output (T130)
socket: Reformat the rest of the file
Fri, Jun 14
Fri, Jun 14
Bump version to 0.8.91
Update ChangeLog
Bump SO version to 4.8.1
asn committed rLIBSSH2d2a4f3784bd: include: Make sure ssh_session_get_known_hosts_entry is added to the API (authored by asn).
include: Make sure ssh_session_get_known_hosts_entry is added to the API
asn committed rLIBSSH70dd8b0348fc: callbacks: Add ssh_threads_get_default() to the callbacks.h (authored by davidwed).
callbacks: Add ssh_threads_get_default() to the callbacks.h
asn committed rLIBSSHc4463ba5e7e6: tests/torture_config: Replace long long with uint64_t (authored by ansasaki).
tests/torture_config: Replace long long with uint64_t
channels: Do not mix integer types
asn committed rLIBSSHfba384ac5879: tests/torture_rekey: Replace long long with uint64_t (authored by ansasaki).
tests/torture_rekey: Replace long long with uint64_t
asn committed rLIBSSH91960409c35b: ed25519: Replace unsigned long long with uint64_t (authored by ansasaki).
ed25519: Replace unsigned long long with uint64_t
config: Replace long long with int64_t
asn committed rLIBSSHb775e316fa9c: priv.h: Add macro definitions for PRIx32 and PRIx64 (authored by ansasaki).
priv.h: Add macro definitions for PRIx32 and PRIx64
sftp: Do not mix integer types
asn added a comment to T142: torture_proxycommand failing.
Is this using musl libc?
Fri, Jun 14, 12:04 PM · Restricted Project
Should be fixed by 1f43b52117fc97eef95e3627517cadb531b2b43e
Fri, Jun 14, 12:02 PM · Restricted Project
Fri, Jun 14, 12:02 PM · Restricted Project
Fri, Jun 14, 8:01 AM · Restricted Project
asn committed rLIBSSH4fc37bb6fed9: tests: Add more reproducers for valid and invalid Match exec blocks (authored by Jakuje).
tests: Add more reproducers for valid and invalid Match exec blocks
asn committed rLIBSSHed8284ab0976: config: Skip the rest of the line for Match exec (authored by Jakuje).
config: Skip the rest of the line for Match exec
asn committed rLIBSSHdc4d4cc8d4c9: tests/torture_rekey: Do not mix integer types (authored by ansasaki).
tests/torture_rekey: Do not mix integer types
Thu, Jun 13
Thu, Jun 13
cmake: Bump API version to 4.8.0
asn committed rLIBSSH658a15099173: channels: Make ssh_message_channel_request_open_reply_accept_channel public (authored by davidwed).
channels: Make ssh_message_channel_request_open_reply_accept_channel public
asn committed rLIBSSH32eec7b41887: SSH_LOG: Adjust log level from SSH_LOG_WARNING to SSH_LOG_PROTOCOL (authored by davidwed).
SSH_LOG: Adjust log level from SSH_LOG_WARNING to SSH_LOG_PROTOCOL
asn closed T153: cmake: Bump API version to 4.8.0 as Resolved by committing rLIBSSHf46eff79e2bb: cmake: Bump API version to 4.8.0.
Thu, Jun 13, 5:38 PM · Restricted Project
tests: Fix the glob test on musl libc
asn closed T144: Add ssh_message_channel_request_open_reply_accept_channel function as Resolved by committing rLIBSSH658a15099173: channels: Make ssh_message_channel_request_open_reply_accept_channel public.
Thu, Jun 13, 5:38 PM · Restricted Project
asn closed T149: Adjust log level from SSH_LOG_WARNING to SSH_LOG_PROTOCOL as Resolved by committing rLIBSSH32eec7b41887: SSH_LOG: Adjust log level from SSH_LOG_WARNING to SSH_LOG_PROTOCOL.
Thu, Jun 13, 5:38 PM · Restricted Project
asn committed rLIBSSHc0c1454298aa: session: OpenSSH is using SHA256 fingerprints now (authored by Jakuje).
session: OpenSSH is using SHA256 fingerprints now
.gitlab-ci.yml: Add FIPS tests
tests/pkd: Fix OpenSSH version check
asn committed rLIBSSH905b027f0f62: tests/pkd: Check OpenSSH version only once (authored by ansasaki).
tests/pkd: Check OpenSSH version only once
asn committed rLIBSSH57cf0cf23088: tests/torture_server_config: Use only allowed algorithms (authored by ansasaki).
tests/torture_server_config: Use only allowed algorithms
asn committed rLIBSSH73b94abea41d: tests/pkd: Accept certificates with SHA2 in signatures (authored by ansasaki).
tests/pkd: Accept certificates with SHA2 in signatures
asn committed rLIBSSH4416a0dae660: tests/pkd: Add tests using certificates with SHA2 in signatures (authored by ansasaki).
tests/pkd: Add tests using certificates with SHA2 in signatures
asn committed rLIBSSHbd32fb020b4a: tests/pkd: Use only allowed algorithms if in FIPS mode (authored by ansasaki).
tests/pkd: Use only allowed algorithms if in FIPS mode
asn committed rLIBSSHbb36cc30eee9: tests/torture_pki_rsa: Avoid using SHA1 in FIPS mode (authored by ansasaki).
tests/torture_pki_rsa: Avoid using SHA1 in FIPS mode
asn committed rLIBSSHc7c3c16fc8bf: tests: There is no 8B block cipher in FIPS Mode (authored by Jakuje).
tests: There is no 8B block cipher in FIPS Mode
asn committed rLIBSSHb6aef1fdd5fd: tests: Update negative test cases to use EC instead of ED keys (authored by Jakuje).
tests: Update negative test cases to use EC instead of ED keys
asn committed rLIBSSHbfafdab0356a: tests: Use more widely supported RSA key as a hostkey (authored by Jakuje).
tests: Use more widely supported RSA key as a hostkey
tests: Avoid mixing stderr with stdout
asn committed rLIBSSHa006c3c451c1: tests: Use consistent checking for ssh return code (authored by Jakuje).
tests: Use consistent checking for ssh return code
asn committed rLIBSSH20e58be7d892: tests: Adjust for FIPS and simplify initialization (authored by Jakuje).
tests: Adjust for FIPS and simplify initialization
asn committed rLIBSSH8c59f7f236a4: tests/torture_pki_dsa: Skip completely if in FIPS mode (authored by ansasaki).
tests/torture_pki_dsa: Skip completely if in FIPS mode
asn committed rLIBSSH9ef0b0b02985: tests/torture_pki: Skip some tests if in FIPS mode (authored by ansasaki).
tests/torture_pki: Skip some tests if in FIPS mode
asn committed rLIBSSH39c69893c7b1: tests/torture_options: Use only allowed algorithms if in FIPS mode (authored by ansasaki).
tests/torture_options: Use only allowed algorithms if in FIPS mode
asn committed rLIBSSHce888fd4c0c3: tests/torture_config: Use only allowed algorithms in FIPS mode (authored by ansasaki).
tests/torture_config: Use only allowed algorithms in FIPS mode
asn committed rLIBSSHaf031d8df64d: tests/torture_bind_config: Use allowed algorithms in FIPS mode (authored by ansasaki).
tests/torture_bind_config: Use allowed algorithms in FIPS mode
asn committed rLIBSSH92a0d23eac7f: tests/torture_hostkey: Skip some tests in FIPS mode (authored by ansasaki).
tests/torture_hostkey: Skip some tests in FIPS mode
asn committed rLIBSSH1a6ac291a785: tests/torture_client_config: Adjust lists in FIPS mode (authored by ansasaki).
tests/torture_client_config: Adjust lists in FIPS mode
asn committed rLIBSSHbdb2ef4dcc6f: tests/torture_algorithms: Skip some tests in FIPS mode (authored by ansasaki).
tests/torture_algorithms: Skip some tests in FIPS mode
asn committed rLIBSSH1b7146e28f68: server: Send only allowed algorithms in extension (authored by ansasaki).
server: Send only allowed algorithms in extension
asn committed rLIBSSH03ca994cc048: tests: Use the SHA2 extension by default to avoid issues in FIPS mode (authored by Jakuje).
tests: Use the SHA2 extension by default to avoid issues in FIPS mode
asn committed rLIBSSH41834f228bc4: tests: Use different config if in FIPS mode (authored by ansasaki).
tests: Use different config if in FIPS mode
asn committed rLIBSSH53ae2502f44f: kex: Only advertise allowed signature types (authored by ansasaki).
kex: Only advertise allowed signature types
asn added a comment to T153: cmake: Bump API version to 4.8.0.
I will push that soon, thanks for your contribution!
Thu, Jun 13, 4:41 PM · Restricted Project
asn added a comment to T149: Adjust log level from SSH_LOG_WARNING to SSH_LOG_PROTOCOL.
Looks fine for me, thanks for your contribution!
Thu, Jun 13, 4:40 PM · Restricted Project
asn added a comment to T150: test torture_config (Failed).
My guess would be that the test requires HAVE_GLOB_GL_FLAGS_MEMBER but musl libc doesn't support it.
Thu, Jun 13, 4:36 PM · Restricted Project
asn committed rLIBSSHa3ddc48cb02c: pki: Derive correct algorithm identification for certificate authentication… (authored by Jakuje).
pki: Derive correct algorithm identification for certificate authentication…
asn committed rLIBSSH132ed59d3f2e: agent: Use SHA2 signatures also for RSA certificates (authored by Jakuje).
agent: Use SHA2 signatures also for RSA certificates
tests: Use ed25519 keys explicitly
tests: The DSA is not available in mbedtls
asn committed rLIBSSH2c385c0e13b9: tests/client/torture_auth: Skip some tests if in FIPS mode (authored by ansasaki).
tests/client/torture_auth: Skip some tests if in FIPS mode
asn committed rLIBSSH66755c478cfe: tests: Do not free pcap context while it is in use by the server session (authored by Jakuje).
tests: Do not free pcap context while it is in use by the server session
asn committed rLIBSSH9f178be1fa8b: tests: Cover comparison of public keys, which was missing (authored by Jakuje).
tests: Cover comparison of public keys, which was missing
asn committed rLIBSSH1f66414805be: pki_gcrypt: Do not compare private parts when comparing public keys (authored by Jakuje).
pki_gcrypt: Do not compare private parts when comparing public keys
asn committed rLIBSSH6d5ac15a5112: config: Remove bogus trailing newlines in log messages (authored by Jakuje).
config: Remove bogus trailing newlines in log messages
asn committed rLIBSSH53cee7c9a3b5: kex: List also certificate types in list of allowed public key algorithms (authored by Jakuje).
kex: List also certificate types in list of allowed public key algorithms
asn committed rLIBSSH85241c19e970: kex: Reformat ssh_kex_get_supported_method() (authored by Jakuje).
kex: Reformat ssh_kex_get_supported_method()
asn committed rLIBSSH0cfe4c7ab803: tests/torture_auth: Workaround OpenSSH agent bug (authored by ansasaki).
tests/torture_auth: Workaround OpenSSH agent bug
asn committed rLIBSSHf64c3dec74a6: tests: Add PKCS#8 PEM encrypted private keys (authored by ansasaki).
tests: Add PKCS#8 PEM encrypted private keys
Wed, Jun 12
Wed, Jun 12
asn committed rLIBSSH01f404021823: dh: Avoid segmentation fault in GEX if fallback to known moduli (authored by ansasaki).
dh: Avoid segmentation fault in GEX if fallback to known moduli
asn committed rLIBSSH765691195394: bignum: Define bignum_dup(bignum orig, bignum *dest) (authored by ansasaki).
bignum: Define bignum_dup(bignum orig, bignum *dest)
asn committed rLIBSSH9f7f5dee18de: tests: Verify duplicate items are removed from knownhosts entries list (authored by Jakuje).
tests: Verify duplicate items are removed from knownhosts entries list
asn committed rLIBSSH5f01ed027817: tests: Verify duplicate items are removed from knownhosts algorithms (authored by Jakuje).
tests: Verify duplicate items are removed from knownhosts algorithms
asn committed rLIBSSH196361c1f0a7: ssh_known_hosts_get_algorithms: Avoid returning duplicate key types from known… (authored by Jakuje).
ssh_known_hosts_get_algorithms: Avoid returning duplicate key types from known…
asn committed rLIBSSH79cd2618ecaf: ssh_known_hosts_read_entries: Avoid returning duplicate knownhowst items (authored by Jakuje).
ssh_known_hosts_read_entries: Avoid returning duplicate knownhowst items
asn committed rLIBSSH54d76098edda: kex, pki, server, options: Filter algorithms in FIPS mode (authored by ansasaki).
kex, pki, server, options: Filter algorithms in FIPS mode
asn committed rLIBSSH56041dc7840a: torture_hashes: Skip the MD5 tests in FIPS mode (authored by Jakuje).
torture_hashes: Skip the MD5 tests in FIPS mode
asn committed rLIBSSH167aa8bc6cdf: pki_crypto: Use the new OpenSSL API to read PEM files (authored by Jakuje).
pki_crypto: Use the new OpenSSL API to read PEM files
asn committed rLIBSSH0ce1e84d9046: pki_crypto: Use the new OpenSSL API to write new PKCS#8 PEM files (authored by Jakuje).
pki_crypto: Use the new OpenSSL API to write new PKCS#8 PEM files
session: Do not use MD5 in FIPS mode
asn committed rLIBSSH0fb7d9831a9d: tests: Make sure unknown options are ignored in server config (authored by ansasaki).
tests: Make sure unknown options are ignored in server config
asn committed rLIBSSH55c637f2d3f4: bind_config: Fail if a known option couldn't be set (authored by ansasaki).
bind_config: Fail if a known option couldn't be set
kex: Remove unused code
asn committed rLIBSSHdc35bbbeb134: server: Use default methods instead of all (authored by ansasaki).
server: Use default methods instead of all
asn committed rLIBSSH2db2a4e170a3: kex: Make order of preferred signature algorithms consistent (authored by ansasaki).
kex: Make order of preferred signature algorithms consistent
asn committed rLIBSSHa8064cb0ca33: tests: Added tests for server config file (authored by ansasaki).
tests: Added tests for server config file
asn committed rLIBSSHe7ef40c8f03f: tests: Allow setting configuration file for test server (authored by ansasaki).
tests: Allow setting configuration file for test server
asn committed rLIBSSH250a0be0f9fa: options: Added an option to set server HostKey algorithms (authored by ansasaki).
options: Added an option to set server HostKey algorithms
asn committed rLIBSSH07faf95a1057: bind_config: Add support for HostKeyAlgorithms (authored by ansasaki).
bind_config: Add support for HostKeyAlgorithms