openbsd/libopenssh
1
0
Fork 0
mirror of https://github.com/openssh/libopenssh synced 2026-04-20 11:46:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
55 Commits 1 Branch 0 Tags
b720702ef39b366e2d110e27fa519f23f7ee918e
Commit Graph

55 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Markus Friedl
b720702ef3 unbreak ssh_add_hostkey(): sshkey_read() returns 0 on sucess 2012-01-17 14:37:26 +01:00
Markus Friedl
585db2baab move kex-specific states to struct kex and release states in kex_free() 2012-01-17 14:37:26 +01:00
Markus Friedl
0e69e20693 dispatch_fn() now returns an error code (int) instead of void 2012-01-17 14:37:26 +01:00
Markus Friedl
4f48a68397 rename ssh_packet_get() to ssh_packet_next() and document resulting API 2012-01-17 14:37:26 +01:00
Markus Friedl
c905073179 ssh_api.c: offer hostkey algorithms depending on registered keys 
For now, the 'serialized' proposal is de-serialized, modified, and
serialized again in order to change the hostkey algorithm.
 2012-01-17 14:36:45 +01:00
Damien Miller
eab08a3d52 add fingerprints to test data 2012-01-17 14:32:49 +01:00
Damien Miller
27d673a877 TODO for unittests 2012-01-17 14:32:49 +01:00
Damien Miller
0a106ab1a1 start regress tests for sshkey code 2012-01-17 14:32:49 +01:00
Damien Miller
c79348e375 better parameter checking for RSA key generation 2012-01-17 14:32:49 +01:00
Damien Miller
e60ae70c50 better name for the unit tests 2012-01-17 14:32:49 +01:00
Damien Miller
1cdc6a59ec add unittests for sshbuf in separate directory 2012-01-17 14:32:49 +01:00
Damien Miller
c90c1905fd fix conversion of key types to "plain" (non-cert) names 
makes cert-* regress pass
 2012-01-17 14:32:49 +01:00
Damien Miller
207b5422e6 fix ecdsa signatures from Markus 
guess I somehow botched Markus' pull request :(
 2012-01-17 14:32:49 +01:00
Markus Friedl
97a2b75862 dump packet content to stderr if ssh-proxy is started with -D 2012-01-17 14:32:49 +01:00
Markus Friedl
7be80648ac autodetect obj dirs for make regress 2012-01-17 14:32:49 +01:00
Markus Friedl
79762ba77d fix reading/writing of pubic keys 
pubkeys are stored base64 not base16 and
deal with spaces in pubkeys correctly.
 2012-01-17 14:32:49 +01:00
Markus Friedl
e339f7589e key_verify now returns 0 on success and < 0 on error 
(used to return 1 on success 0 on failed signatures and -1
on error)
 2012-01-17 14:32:49 +01:00
Damien Miller
ea5ceecdc2 first cut at merging disentangled buffer and library code. buffer_* continue 
to exist as thin wrappers around sshbuf_*

doesn't yet pass regress (breakage in hostkey checking, probably related to
new sshkey_* return values)
 2012-01-17 14:32:48 +01:00
Markus Friedl
7c423254e3 add ssh_free() to API and use it in the proxy 2012-01-17 14:32:48 +01:00
Markus Friedl
81e3938108 add a libevent based ssh proxy 
example usage:
% test -f /tmp/hk2 || ssh-keygen -N '' -t ecdsa -f  /tmp/hk2
% ssh-keyscan -t ecdsa 127.0.0.1 | sed 's/^[^ ]* //'  > /tmp/hk.pub
% ./ssh-proxy/obj/ssh-proxy -f -S /tmp/hk2 -C /tmp/hk.pub -L 127.0.0.1:12345:127.0.0.1:22 -d
% ssh -o hostkeyalgorithms'='ecdsa-sha2-nistp256 -o hostkeyalias'='egal2 -v 127.0.0.1 -p 12345
 2012-01-17 14:32:48 +01:00
Markus Friedl
c714b85e60 do not send service request/accept during rekeying 2012-01-17 14:32:48 +01:00
Markus Friedl
9f176fa427 don't forget to send the packet 2012-01-17 14:32:48 +01:00
Markus Friedl
e7792bcbe2 use ssh_packet_* in dispatch.c 2012-01-17 14:32:48 +01:00
Markus Friedl
36bd2a3bbd remove the last argument from ssh_dispatch_run() 
since it's always the same as the first...
 2012-01-17 14:32:48 +01:00
Markus Friedl
e38108317d generate the compat dispatch API only if requested 2012-01-17 14:32:48 +01:00
Markus Friedl
bb19f6ffb3 switch sshd-auth2 to ssh_packet_* 2012-01-17 14:32:48 +01:00
Markus Friedl
a9e3bee9b9 switch sshd-auth2 code from dispatch to ssh_dispatch 2012-01-17 14:32:48 +01:00
Markus Friedl
81b6a34857 the host key verification callbacks always get a 'struct ssh *' 
so change the prototypes accordingly (from void *).
 2012-01-17 14:32:48 +01:00
Markus Friedl
c8197a3b42 change all protocol handlers from 'void *' to 'struct ssh *' 2012-01-17 14:32:48 +01:00
Markus Friedl
b1920d0ebe sshd: pass struct ssh instead of authctxt to authentication handlers 2012-01-17 14:32:48 +01:00
Markus Friedl
543ff8b66b skip compat api for sshconnect2.c 2012-01-17 14:32:48 +01:00
Markus Friedl
746426cf6e replace dispatch wrapper with #defines 2012-01-17 14:32:47 +01:00
Markus Friedl
93081a66ae move statics from userauth_gssapi to Authctxt 2012-01-17 14:32:47 +01:00
Markus Friedl
3cb4b0e6de userauth: add # of attempts to authctxt 2012-01-17 14:32:47 +01:00
Markus Friedl
6e946b8c40 client userauth: packet_ -> ssh_packet_ and dispatch_ -> ssh_dispatch_ 
remove globals: move hostname/address for hostkey verification to 'struct ssh'
 2012-01-17 14:32:47 +01:00
Markus Friedl
b2a6a55106 sync to openssh cvs as of 2012/01/08 2012-01-17 14:32:47 +01:00
Markus Friedl
9ab2398fe8 remove unused packet_*() defines 2012-01-17 14:32:47 +01:00
Markus Friedl
205959230c ssh_api.h: remove obsolete comment 2012-01-17 14:32:47 +01:00
Markus Friedl
1b2b926894 unifdef ETCDIR 2012-01-17 14:32:47 +01:00
Markus Friedl
474a076bdf how to diff against openbsd cvs 2012-01-17 14:32:47 +01:00
Markus Friedl
3bbc21f3af packet.c: s/ssh->state/state/ 2012-01-17 14:32:47 +01:00
Markus Friedl
c44b8a2397 active_state declaration already in packet.h 2012-01-17 14:32:47 +01:00
Markus Friedl
6043e0c641 let packet_set_connection create the active_state, again 2012-01-17 14:32:47 +01:00
Markus Friedl
bb5f42a34e replace most of opacket.c with #defines 2012-01-17 14:32:47 +01:00
Markus Friedl
b0189c3239 sort .gitignore; add ID, tags 2012-01-17 14:32:47 +01:00
Markus Friedl
fd206f1cc3 remove duplicates from session_state 2012-01-17 14:32:47 +01:00
Markus Friedl
6c9eb04eb4 enable warnings 2012-01-17 14:32:47 +01:00
Markus Friedl
9cc85e2464 move packet state internals back from packet.h to packet.c 2012-01-17 14:32:46 +01:00
Markus Friedl
ba502644ad disable ptrace test, since it depends on ssh-agent being setuid 2012-01-17 14:32:46 +01:00
Markus Friedl
530367aafa Move the key exchange state and other global variables into 
a per connection state struct, add a initial API that could
be used for a proxy (see ssh-proxy.c)

Joint work with Matthias Pitzl, Stefan Rinkes, Bernhard Zaun and
Arne Becker.
 2012-01-17 14:32:46 +01:00