WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,901 Commits
1 Branch
29 Tags
37 MiB
Commit Graph

219 Commits (23dd6a80d1a084eea5ded02cf3ec2c9cb70ad4fd)

Author SHA1 Message Date
John Safranek 979801a05d
Known Hosts Update 
1. Move setting a nul termination on the knownHosts data until after
   checking the size is reasonable.
2. A temporary keySz variable was getting used to get the length of the
   key type value, but it wasn't used to copy the value. Deleted it and
   used the other sz value.
3. Fix the leaking of the known hosts filename.
 2023-11-30 13:18:30 -08:00
JacobBarthelmeh 7569d45b69 remove debugging comment in test 2023-11-28 13:22:18 -07:00
JacobBarthelmeh 9a33bed122 add regression test for grace period login 2023-11-28 10:04:11 -07:00
JacobBarthelmeh 82323db6f8 cancel alarm timer after connected 2023-11-28 08:01:05 -07:00
John Safranek 8bcb466f92
Known Hosts: PR Review 
1. Fix a few stdC function calls to use the porting wrappers.
2. Missing some error checking, added it.
3. Add some bounds checking to the sz usage when checking for the
   server's key in the known hosts file.
4. Move the temp buffers from the stack to the heap.
5. Make sure to nul terminate the read known_hosts file.
 2023-11-22 16:46:53 -08:00
John Safranek 0074ead857
Known Hosts 
1. Add porting layer wrapper macros for strcat, strcpy, and strsep.
2. Use port layer macros for the known hosts additions.
 2023-11-21 16:47:21 -08:00
John Safranek efd7ed01da
Known Hosts 
1. Update the logic for checking the key name and key against the known
   hosts file.
2. Key fingerprinting for user confirmation.
3. Add user confirmation of host key additions.
4. Remove old debugging for known hosts.
 2023-11-21 16:34:24 -08:00
John Safranek 51f4f48901 Known Hosts 
1. Comment out the original known hosts check for another method.
2. Implement new key checking method.
 2023-11-21 16:33:00 -08:00
John Safranek e16c247a4b Known Hosts 
1. Added support to the wolfSSH client for a known hosts file.
2. In the client's common.c file, moved the functions ato32() and
   load_der_file() around so the known hosts callback can uses them.
 2023-11-20 13:24:14 -08:00
John Safranek 70aa287d78 wolfSSH Client with OpenSSH-format Keys 
1. Move the KeySignature struct around in internal.c so it can be used
   for a couple tasks.
2. Add decoder for the OpenSSH-format keys.
3. Add an identification function for the new key.
4. Update ReadKey to handle the new format.
 2023-11-06 14:07:21 -08:00
JacobBarthelmeh e3637574dd remove unused ret value 2023-10-16 09:16:34 -06:00
JacobBarthelmeh 46d2017d76 fix reference to struct 2023-10-16 07:57:50 -06:00
JacobBarthelmeh f8de131e81 fix for shared socket ID between connections 2023-10-13 16:56:17 -06:00
JacobBarthelmeh 6ce5724ba9 fix speed of SFTP with SSHd when handling 'get' command 2023-09-29 13:34:16 -07:00
John Safranek 53a4dea81a
wolfSSH Client 
1. Fix build with enabling client and disabling terminal support.
 2023-09-25 09:41:50 -07:00
John Safranek 2250f149b5 wolfSSH Client 
1. Relabel many of the string functions with their compatibility wrappers.
2. Add command line options to the readme file.
 2023-09-25 09:23:13 -07:00
John Safranek fd67c8b0c8 wolfSSH Client 
1. Changed the function client_test()'s name to wolfSSH_Client().
2. Added "destination" to the usage text.
3. Improved the handling of the termios settings.
4. Remove the file names from the ClientFreeBuffers() function.
5. Changed ClientFreeBuffers() to free if the pointers aren't pointing
   at the static buffers. They may not load because the file is bad, but
   it will still have a file name.
6. Only try to load the public key or cert if loading the private key
   was successful. Do not fail out if key cannot load, password may
   still be possible.
 2023-09-25 09:23:13 -07:00
John Safranek 653722f481 wolfSSH Client 
1. Remove the global req test code.
2. Remove the check for having both both private key and public key
   specified. It currently derives a public key name from the private
   key name.
 2023-09-25 09:23:13 -07:00
John Safranek 0ded1c83e8 wolfSSH Client 
1. In the windowMonitor(), move the check for quit outside the
   conditional build so it works for both macOS and Linux.
2. Removed a dead store in readPeer(). If the socket wants read, that's
   fine. Don't need to override it.
3. When allocating memory for the hostname, don't forget the nul.
4. When parsing the command line and storing a copy of it to send to the
   peer, stash it in the config.
5. When allocating memory for the username, add 1 for the nul outside
   the strlen().
6. When canceling a thread, be sure to join it afterwards.
7. Added a read me document for wolfSSH client. Just a quick note. To be
   replaced later with something more formal.
 2023-09-25 09:23:13 -07:00
John Safranek a577c119fc wolfSSH Client 
1. Removed redundant fflush() after a write().
2. Treat WS_CHANNEL_CLOSED during shutdown as successful.
 2023-09-25 09:23:13 -07:00
John Safranek 35b5c40969 wolfSSH Client 
1. Remove stray print when the client isn't going to ask for a password.
2. Remove adding the CR to the end of the string sent to the server.
   The appropriate solution is to fix the issue in the Windows build of
   the server. For POSIX, the LF is converted to CR/LF, so we get a
   CR/CR/LF in the end, which looks like the enter key double-striking.
 2023-09-25 09:23:13 -07:00
John Safranek 93a5440141 wolfSSH Client 
1. Update to use a default public key based on the name of the private
   key.
2. Stash the public key name in the config structure, removing it from
   the list of globals.
 2023-09-25 09:23:13 -07:00
John Safranek 4d5c4e1306 Semaphore Fix 
1. Add quit parameter to the example client's thread_args structure.
   This will be used to let the windowMonitor thread know the
   application is quitting.
2. If the windowMonitor's quit flag is set, it will exit and not call
   wait again.
3. Join the windowMonitor thread rather than cancel it.
 2023-09-25 09:23:13 -07:00
John Safranek cdef5f69ad wolfSSH Client 
1. Allocating the user and hostname separately, makes updates from
   default to set value easier.
2. Set a default user name based and private key file name based on the
   environment.
3. Changed the visibility of the client common functions to
   WOLFSSL_LOCAL.
4. Removed the userEcc varible from the main loop, and from the client
   utility functions. Key type should be figured from the key.
5. Removed the hardcoded default keys for fake user Hansel. The key
   loading functions will error out if a file name isn't used.
 2023-09-25 09:23:13 -07:00
John Safranek f28d6b4a26 wolfSSH Client 
1. Merge the current example client code into the wolfssh client.
2. Add the example client common files to the wolfssh client.
 2023-09-25 09:23:13 -07:00
John Safranek e19b60b767 wolfSSH Client 
1. Added a comment regarding the potential leak. It is confirmed NOT A
   LEAK.
2. Fixed the connection fail. Added a check for WANT_READ and treat that
   as a success.
3. Put back a couple things removed from the last commit regarding
   agent.
4. Change ShowUsage to use basename(). (Linux build didn't have
   basename_r().)
5. Add NULL for the fs context parameter of the file wrapper macros.
6. Printing config checks any pointers for null then uses a default
   value.
7. Minor cleanups.
 2023-09-25 09:23:13 -07:00
John Safranek 0346f68102 wolfSSH Client 
1. Since the base of the client is copied from the example client,
   remove the command line options used by the client. Start populating
   with a few of the options used by the other client, and decode the
   destination and optional command from the command line.
2. Move parsing the command line to its own function. It is a member of
   a set of functions for reading the command line options, the config
   file, and the environment to config the client.
3. Trim out many includes. Some will be added back later. Some don't
   need to be there.
4. The client will only use non-blocking sockets.

Note/Todo:
(a) The connection fails to start some of the time.
(b) The user name has the potential to leak.
 2023-09-25 09:23:13 -07:00
Jacob Barthelmeh 7d0e8aacda fix warning and add more print outs to help menu 2023-09-25 09:23:13 -07:00
JacobBarthelmeh 325a89b7eb initial wolfssh app 2023-09-25 09:23:13 -07:00
John Safranek 7965c97ceb wolfSSH Client 
1. Add scaffold to the build for the wolfSSH client.
2. A little whitespace change in configure.ac.
 2023-09-25 09:23:13 -07:00
JacobBarthelmeh 827d901f52 add sanity check that pid file is not null 2023-09-20 16:32:50 -06:00
JacobBarthelmeh c349510cc3 add include of process.h for _getpid and add a cast to fix warning 2023-09-20 13:29:33 -06:00
JacobBarthelmeh 12b7c3af93 add Windows version of getpid 2023-09-20 11:16:35 -06:00
JacobBarthelmeh aa6ba94206 keep permissions rasied when binding to socket 2023-09-07 09:19:48 -07:00
John Safranek 491f3dce57 WMACRO Update 
1. Fix missing updates to wolfSSHd.
2. Fix missing update to scp.
 2023-09-01 09:34:26 -07:00
John Safranek d4fa4ebd69
Merge branch 'master' into pull-reqs/f4021bb_All_the_filesystem-related_W_macros_accept_a_filesystem_context_pointer_as_first_parameter 2023-09-01 09:08:34 -07:00
JacobBarthelmeh 034ed7fe9f fix ups for format, spelling, includes, and string compare 2023-08-30 13:32:17 -07:00
Jacob Barthelmeh 4fd4d0458f scan build warning of unread timeout 2023-08-30 09:08:25 -07:00
JacobBarthelmeh 9993a26add parse command line arguments for Windows service 2023-08-30 09:08:25 -07:00
JacobBarthelmeh da32306628 fix for rekey with wolfsshd, improve wolfsshd vs project 2023-08-30 09:08:25 -07:00
JacobBarthelmeh 6b22fedec9 check SFTP pending data before processing more 2023-08-30 09:08:25 -07:00
JacobBarthelmeh 1b1f2d7090 with windows check for window-change packet before creating psudo terminal 2023-08-30 09:08:25 -07:00
JacobBarthelmeh ecd47ddfd6 add OSX semaphore use, and fix warning 2023-08-30 09:08:25 -07:00
JacobBarthelmeh ab742ca766 wolfSSHd port to Windows 
handling of terminal size adjustments

stub case for ECH virtual terminal command
 2023-08-30 09:08:25 -07:00
John Safranek 47001e0d92
Merge pull request #560 from JacobBarthelmeh/interop 2023-08-30 09:00:17 -07:00
JacobBarthelmeh 067cc069aa add check for full window with SSHD and improve nonblocking connect with client 2023-08-07 09:55:33 -07:00
JacobBarthelmeh 8d9b30d9a9 add PidFile and -t support 2023-07-25 08:55:43 -07:00
Fabio Alemagna 092c04fe30 All the filesystem-related W* macros accept a filesystem context pointer as first parameter, to make portability better. 2023-07-21 11:53:40 +02:00
JacobBarthelmeh 4c0c0124ec better handling of want read/write cases with SFTP + SSHD 2023-07-12 07:38:45 -07:00
JacobBarthelmeh 57f07802a2 fix warnings for g++ build 2023-07-05 15:10:48 -07:00
David Garske 9e83349745
Merge pull request #530 from JacobBarthelmeh/sftp 
better handling of window full cases and chroot with SFTP
 2023-06-28 09:27:48 -07:00
JacobBarthelmeh e55b4f7e70 fix for getgroups with QNX 2023-06-27 23:30:32 -07:00
JacobBarthelmeh 711470e2d4 sanity check on return value 2023-06-27 15:14:55 -07:00
JacobBarthelmeh f3922d14cd improve chroot with SShd 2023-06-27 00:08:25 -07:00
JacobBarthelmeh 049e40bb1c better handling of window full cases with SFTP 2023-06-26 22:58:28 -07:00
JacobBarthelmeh be522e8267 fix warning about unused stored value 2023-06-21 16:10:15 -07:00
JacobBarthelmeh aaf8b04fae adjust set and get groups 2023-06-15 01:48:31 -06:00
John Safranek 8b4ae3681c
Mac Build Fix 
Put macro wrapper around function getgrouplist(). The mac is treating it
as taking a pointer to int rather than gid_t.
 2023-06-07 17:33:32 -07:00
John Safranek 639f896320
Merge pull request #519 from JacobBarthelmeh/scp 
break between SSH accept and SCP operation
 2023-06-01 20:54:43 -07:00
John Safranek f41135dbd9
Merge pull request #520 from JacobBarthelmeh/auth 
fix empty password support regression
 2023-06-01 11:17:55 -07:00
JacobBarthelmeh 066aa22259 fix for setting secondary groups 2023-05-26 07:56:24 -07:00
John Safranek 6fabf0084c
Merge pull request #521 from JacobBarthelmeh/qnx 
keep raised permissions for startup
 2023-05-24 14:59:47 -07:00
JacobBarthelmeh f18f9adf1f fix for check on empty password 2023-05-24 14:53:50 -07:00
JacobBarthelmeh 796a745a92 fix scan-build warning for check on ret value 2023-05-19 13:49:23 -07:00
JacobBarthelmeh ebbf43d2fe catch SCP as exec session 2023-05-19 10:55:07 -07:00
JacobBarthelmeh 26b68c2b1b keep raised permissions for startup 2023-05-19 09:50:23 -07:00
JacobBarthelmeh 94df77ff76 fix empty password support regression 2023-05-19 06:58:23 -07:00
JacobBarthelmeh 3f2aa055ab break between SSH accept and SCP operation 2023-05-19 06:26:18 -07:00
JacobBarthelmeh b11e87b384 add secondary groups as well 2023-05-05 15:20:27 -07:00
John Safranek 7e7c5553df
Update wolfSSHd 
1. Update wolfSSHd with changes made for the echoserver.
2. Better indication of when the SFTP channel closes.
 2023-04-13 11:52:22 -07:00
JacobBarthelmeh 5a674a42d7 fix for ssh->error with SCP and public key use with common client code 2023-04-04 21:57:36 -07:00
John Safranek 95bcc4541c
Release v1.4.13 
1. Update the copyright year in all file header comments.
2. Update the STM32CUBE files to use the correct GPL headers.
 2023-04-03 10:41:10 -07:00
John Safranek 9c9cb5adbd
Forking 
1. Updated wolfSSHd with the common practices for starting a daemon.
2. Close std I/O and reopen as /dev/null.
 2023-03-29 10:23:32 -07:00
John Safranek f74c2db6eb
wolfSSHd Shadow Fix 
1. Checking the string returned from crypt() to make sure it isn't a
   "*".
2. Checking the lengths of the strings when checking the password.
 2023-03-24 14:06:25 -07:00
John Safranek 17e83731ff
Merge pull request #499 from JacobBarthelmeh/sshd 
add option to use x509v3 private key in connection without x509 auth
 2023-03-16 09:01:10 -07:00
JacobBarthelmeh d5ecaf4452 update sed command with tests 2023-03-15 10:46:47 -07:00
John Safranek f8651c952b
Merge pull request #498 from JacobBarthelmeh/sshd-forcedcmd 
remove leading tabs in config file while parsing, add force command test
 2023-03-10 15:17:57 -08:00
JacobBarthelmeh f844683c13 remove leading tabs in config file while parsing, add force command test 2023-01-23 14:25:08 -08:00
JacobBarthelmeh 203557b350 move authorized and sshd_config creation to before start of server 2023-01-18 15:14:02 -08:00
JacobBarthelmeh cd70e15d60 add additional sshd test framework 2023-01-18 14:54:39 -08:00
JacobBarthelmeh c1ea43d505 add handling exec sub shell to wolfsshd app 2023-01-15 14:36:56 -08:00
John Safranek d8e3288dd6
Merge pull request #465 from JacobBarthelmeh/Certs 
renew cert script, add check for user name in UPN and host IP in alt. names
 2022-10-21 09:43:58 -07:00
John Safranek a7c7830dcd
Automake Refactor 
1. Remove the DISTCLEANFILES variables from automake scripts. The items
   they clean are already cleaned appropriately.
2. For application targets, move the local headers to the SOURCES lists
   for the apps.
 2022-10-20 11:35:59 -07:00
JacobBarthelmeh 49256a2e40 update comment 2022-10-19 13:31:06 -07:00
JacobBarthelmeh 0f9304d70d update client macro guard and add small stack dcert 2022-10-19 12:52:59 -07:00
Jacob Barthelmeh 9e3c2f3b78 check on user name in UPN if exists 
add check on host IP address in certificate alt names
 2022-10-10 08:29:50 -07:00
Jacob Barthelmeh b0e042b3fa change to adjust include.am include path instead of source code 2022-09-23 15:31:38 -06:00
JacobBarthelmeh f0e3822b13 update test include path, needed for Yocto builds 2022-09-22 08:15:13 -07:00
JacobBarthelmeh 8399f78111
Merge pull request #461 from ejohnstown/clear-alarm 
Clear Alarm
 2022-09-20 11:57:02 -06:00
John Safranek d61cb264e5
Clear Alarm 
1. Add a user auth result callback function to clear the alarm on
   successful user authentication.
 2022-09-19 09:22:46 -07:00
JacobBarthelmeh 3d7c766906 fix test case for building with QNX 2022-09-15 15:04:17 -07:00
John Safranek 66be47acfe
Merge pull request #453 from JacobBarthelmeh/sshd-certs 
adding X509 authentication of host
 2022-09-08 11:11:05 -07:00
JacobBarthelmeh c6df8f6164
Merge pull request #457 from ejohnstown/child-listen 
Child Listener
 2022-09-08 11:47:22 -06:00
John Safranek 95431c3de1
Child Listener 
1. Stash a copy of wolfsshd's listenFd in the connection record.
2. After the fork, the child now closes the listenFd.
3. After the fork, the parent now closes the fd.
 2022-09-08 10:05:58 -07:00
JacobBarthelmeh af3658cd6c use abstract file calls 2022-09-08 09:38:29 -07:00
JacobBarthelmeh 657db7cd7e allow verify of public key with no authorized keys file if using a CA 2022-09-07 14:40:55 -07:00
JacobBarthelmeh 3e1a6ff342 add mutual X509 auth of host key and sshd_config parsing additions 2022-09-06 16:15:34 -07:00
Hayden Roche 7c486e518a initial openssh-style certificate parsing 2022-09-06 15:56:42 -07:00
John Safranek c1aabbdd87
Old Compiler Warning Cleanup (GCC 4.0.2) 
Fixed a few "possibly used uninialized variable" warnings.
 2022-09-06 09:10:50 -07:00
John Safranek c1f473d52b
Merge pull request #449 from JacobBarthelmeh/qnx 
fix for DIR with QNX
 2022-09-01 13:32:41 -07:00