openbsd/libopenssh
1
0
Fork 0
mirror of https://github.com/openssh/libopenssh synced 2026-04-17 18:27:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
66 Commits 1 Branch 0 Tags
568a12a63e0a2e07d968edea30eeebffbdefa4ed
Commit Graph

53 Commits

Author SHA1 Message Date
Markus Friedl
568a12a63e defatal mac.[ch] 
Conflicts:

	ssh/packet.c
 2012-01-17 14:42:52 +01:00
Damien Miller
ef0c2e123f defatal cipher.[ch] 
unbreak arcfour(128|256)
 2012-01-17 14:37:27 +01:00
Markus Friedl
c037dfa962 deal with error-codes returned by dispatch function (fatal for now) 2012-01-17 14:37:27 +01:00
Markus Friedl
f63a37137d de-fatal kex dh (test for de-fatal of packet.c) 2012-01-17 14:37:27 +01:00
Markus Friedl
52128ed203 packet.c: s/ret/r/g 2012-01-17 14:37:27 +01:00
Markus Friedl
43f038abce ssh_packet_read_poll/seqnr now return an error and no longer use xmalloc 2012-01-17 14:37:27 +01:00
Markus Friedl
9e254e24c5 new sshpkt API: {get,put} wraps ssh_packet_{get,put}, adds {get_end,disconnect} 2012-01-17 14:37:27 +01:00
Markus Friedl
54c5205bc4 switch packet.c from buffer_* to sshbuf_* and call fatal on failure 
this moves the call to fatal() to packet.c itself.
 2012-01-17 14:37:27 +01:00
Markus Friedl
9662f3f978 replace Buffer with allocated 'struct sshbuf *' in session_state 2012-01-17 14:37:27 +01:00
Damien Miller
7861f112ba disable SSHBUF_ABORT and fix compilation with it turned off 2012-01-17 14:37:27 +01:00
Damien Miller
44dce8d972 reinitialise compression buffers in postauth privsep child 
the postauth privsep child never had its compression buffers initialised.
the old buffer code would would because they were (fortunately) bzeroed,
but the new code is more paranoid.

There is probably a more minimal way to do this that I'm missing :)
 2012-01-17 14:37:26 +01:00
Markus Friedl
b720702ef3 unbreak ssh_add_hostkey(): sshkey_read() returns 0 on sucess 2012-01-17 14:37:26 +01:00
Markus Friedl
585db2baab move kex-specific states to struct kex and release states in kex_free() 2012-01-17 14:37:26 +01:00
Markus Friedl
0e69e20693 dispatch_fn() now returns an error code (int) instead of void 2012-01-17 14:37:26 +01:00
Markus Friedl
4f48a68397 rename ssh_packet_get() to ssh_packet_next() and document resulting API 2012-01-17 14:37:26 +01:00
Markus Friedl
c905073179 ssh_api.c: offer hostkey algorithms depending on registered keys 
For now, the 'serialized' proposal is de-serialized, modified, and
serialized again in order to change the hostkey algorithm.
 2012-01-17 14:36:45 +01:00
Damien Miller
c79348e375 better parameter checking for RSA key generation 2012-01-17 14:32:49 +01:00
Damien Miller
c90c1905fd fix conversion of key types to "plain" (non-cert) names 
makes cert-* regress pass
 2012-01-17 14:32:49 +01:00
Damien Miller
207b5422e6 fix ecdsa signatures from Markus 
guess I somehow botched Markus' pull request :(
 2012-01-17 14:32:49 +01:00
Markus Friedl
97a2b75862 dump packet content to stderr if ssh-proxy is started with -D 2012-01-17 14:32:49 +01:00
Markus Friedl
79762ba77d fix reading/writing of pubic keys 
pubkeys are stored base64 not base16 and
deal with spaces in pubkeys correctly.
 2012-01-17 14:32:49 +01:00
Markus Friedl
e339f7589e key_verify now returns 0 on success and < 0 on error 
(used to return 1 on success 0 on failed signatures and -1
on error)
 2012-01-17 14:32:49 +01:00
Damien Miller
ea5ceecdc2 first cut at merging disentangled buffer and library code. buffer_* continue 
to exist as thin wrappers around sshbuf_*

doesn't yet pass regress (breakage in hostkey checking, probably related to
new sshkey_* return values)
 2012-01-17 14:32:48 +01:00
Markus Friedl
7c423254e3 add ssh_free() to API and use it in the proxy 2012-01-17 14:32:48 +01:00
Markus Friedl
81e3938108 add a libevent based ssh proxy 
example usage:
% test -f /tmp/hk2 || ssh-keygen -N '' -t ecdsa -f  /tmp/hk2
% ssh-keyscan -t ecdsa 127.0.0.1 | sed 's/^[^ ]* //'  > /tmp/hk.pub
% ./ssh-proxy/obj/ssh-proxy -f -S /tmp/hk2 -C /tmp/hk.pub -L 127.0.0.1:12345:127.0.0.1:22 -d
% ssh -o hostkeyalgorithms'='ecdsa-sha2-nistp256 -o hostkeyalias'='egal2 -v 127.0.0.1 -p 12345
 2012-01-17 14:32:48 +01:00
Markus Friedl
c714b85e60 do not send service request/accept during rekeying 2012-01-17 14:32:48 +01:00
Markus Friedl
9f176fa427 don't forget to send the packet 2012-01-17 14:32:48 +01:00
Markus Friedl
e7792bcbe2 use ssh_packet_* in dispatch.c 2012-01-17 14:32:48 +01:00
Markus Friedl
36bd2a3bbd remove the last argument from ssh_dispatch_run() 
since it's always the same as the first...
 2012-01-17 14:32:48 +01:00
Markus Friedl
e38108317d generate the compat dispatch API only if requested 2012-01-17 14:32:48 +01:00
Markus Friedl
bb19f6ffb3 switch sshd-auth2 to ssh_packet_* 2012-01-17 14:32:48 +01:00
Markus Friedl
a9e3bee9b9 switch sshd-auth2 code from dispatch to ssh_dispatch 2012-01-17 14:32:48 +01:00
Markus Friedl
81b6a34857 the host key verification callbacks always get a 'struct ssh *' 
so change the prototypes accordingly (from void *).
 2012-01-17 14:32:48 +01:00
Markus Friedl
c8197a3b42 change all protocol handlers from 'void *' to 'struct ssh *' 2012-01-17 14:32:48 +01:00
Markus Friedl
b1920d0ebe sshd: pass struct ssh instead of authctxt to authentication handlers 2012-01-17 14:32:48 +01:00
Markus Friedl
543ff8b66b skip compat api for sshconnect2.c 2012-01-17 14:32:48 +01:00
Markus Friedl
746426cf6e replace dispatch wrapper with #defines 2012-01-17 14:32:47 +01:00
Markus Friedl
93081a66ae move statics from userauth_gssapi to Authctxt 2012-01-17 14:32:47 +01:00
Markus Friedl
3cb4b0e6de userauth: add # of attempts to authctxt 2012-01-17 14:32:47 +01:00
Markus Friedl
6e946b8c40 client userauth: packet_ -> ssh_packet_ and dispatch_ -> ssh_dispatch_ 
remove globals: move hostname/address for hostkey verification to 'struct ssh'
 2012-01-17 14:32:47 +01:00
Markus Friedl
b2a6a55106 sync to openssh cvs as of 2012/01/08 2012-01-17 14:32:47 +01:00
Markus Friedl
9ab2398fe8 remove unused packet_*() defines 2012-01-17 14:32:47 +01:00
Markus Friedl
205959230c ssh_api.h: remove obsolete comment 2012-01-17 14:32:47 +01:00
Markus Friedl
1b2b926894 unifdef ETCDIR 2012-01-17 14:32:47 +01:00
Markus Friedl
3bbc21f3af packet.c: s/ssh->state/state/ 2012-01-17 14:32:47 +01:00
Markus Friedl
c44b8a2397 active_state declaration already in packet.h 2012-01-17 14:32:47 +01:00
Markus Friedl
6043e0c641 let packet_set_connection create the active_state, again 2012-01-17 14:32:47 +01:00
Markus Friedl
bb5f42a34e replace most of opacket.c with #defines 2012-01-17 14:32:47 +01:00
Markus Friedl
fd206f1cc3 remove duplicates from session_state 2012-01-17 14:32:47 +01:00
Markus Friedl
6c9eb04eb4 enable warnings 2012-01-17 14:32:47 +01:00