WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,417 Commits
1 Branch
29 Tags
37 MiB
Commit Graph

49 Commits (c1ea43d5050214fa895bf54d566f384476a25c3a)

Author SHA1 Message Date
JacobBarthelmeh c1ea43d505 add handling exec sub shell to wolfsshd app 2023-01-15 14:36:56 -08:00
John Safranek d61cb264e5
Clear Alarm 
1. Add a user auth result callback function to clear the alarm on
   successful user authentication.
 2022-09-19 09:22:46 -07:00
John Safranek 66be47acfe
Merge pull request #453 from JacobBarthelmeh/sshd-certs 
adding X509 authentication of host
 2022-09-08 11:11:05 -07:00
JacobBarthelmeh c6df8f6164
Merge pull request #457 from ejohnstown/child-listen 
Child Listener
 2022-09-08 11:47:22 -06:00
John Safranek 95431c3de1
Child Listener 
1. Stash a copy of wolfsshd's listenFd in the connection record.
2. After the fork, the child now closes the listenFd.
3. After the fork, the parent now closes the fd.
 2022-09-08 10:05:58 -07:00
JacobBarthelmeh af3658cd6c use abstract file calls 2022-09-08 09:38:29 -07:00
JacobBarthelmeh 3e1a6ff342 add mutual X509 auth of host key and sshd_config parsing additions 2022-09-06 16:15:34 -07:00
Hayden Roche 7c486e518a initial openssh-style certificate parsing 2022-09-06 15:56:42 -07:00
John Safranek c1aabbdd87
Old Compiler Warning Cleanup (GCC 4.0.2) 
Fixed a few "possibly used uninialized variable" warnings.
 2022-09-06 09:10:50 -07:00
John Safranek c8bdf7d3d2
Merge pull request #441 from JacobBarthelmeh/sshd 
add chroot jailing to sshd
 2022-09-01 13:28:52 -07:00
JacobBarthelmeh ee68ef9333 change default path with sftp and chroot 2022-09-01 12:39:36 -07:00
JacobBarthelmeh c4efae1f5d adjust chdir in the case of chroot 2022-09-01 10:18:01 -07:00
JacobBarthelmeh 887edc29e3 do not fail out on chdir if chroot is used 2022-08-31 13:27:10 -07:00
JacobBarthelmeh e1f72a00e1 chroot and reduce permissions after forkpty 2022-08-31 10:34:13 -07:00
David Garske 86360a4fe2
Merge pull request #415 from ejohnstown/cert 
Add support for X509 certificates
 2022-08-29 15:51:28 -07:00
JacobBarthelmeh 0ef7ca2145 refactor chroot call 2022-08-29 13:17:26 -07:00
JacobBarthelmeh 8a286ad727 remove duplicate code and raise permissions for chroot 2022-08-29 09:27:42 -07:00
JacobBarthelmeh e1f0a67c38 add chroot jailing to sshd 2022-08-29 09:27:42 -07:00
JacobBarthelmeh 0830b56fab fix for permissions level seperation 2022-08-26 23:07:32 -07:00
JacobBarthelmeh 2abce6326e turn off FPKI if not enabled, check CERTMAN log in SSHD 2022-08-24 06:55:25 -07:00
JacobBarthelmeh 20ace73349 fix new scan-build warning 2022-08-22 18:09:07 -06:00
Jacob Barthelmeh 5a1f42ba07 update copyright, wrap isspace, fix formating 2022-08-16 13:28:06 -06:00
Andrew Hutchings d2327d5acd Fix syslog priority 2022-08-08 16:12:35 +01:00
Andrew Hutchings b1f26c84d0 Add syslog support 
When going into daemon mode on a POSIX system, use syslog
 2022-08-08 15:43:17 +01:00
Jacob Barthelmeh 8f3cdc8230 infer fixes, clang build fixes, initial build on OSX 2022-08-05 12:05:07 -06:00
JacobBarthelmeh f51375802b add more comments and always print out error messages 2022-08-03 15:04:34 -07:00
JacobBarthelmeh 7d58486a42 QNX shell login as user 2022-07-30 01:26:56 -07:00
JacobBarthelmeh 87a9bd4325 cleanup some debug messages and start to actual daemon 2022-07-30 00:46:11 -07:00
JacobBarthelmeh 4d90993e16 stub UseDNS, add checking config UsePrivilegeSeparation, scan-build warning fixes 2022-07-29 23:08:19 -07:00
JacobBarthelmeh 3af82ddb42 login as user with new shell 2022-07-29 09:51:04 -07:00
Andrew Hutchings 2e4d69e5ea Missed one function in PPC32 fix 2022-07-29 13:34:47 +01:00
Andrew Hutchings afdc1f4c67 Fix compiler errors for PPC32 2022-07-29 13:33:12 +01:00
Andrew Hutchings b6924ff604 Fix -p breaking everything 
Specifying a port set `ret` to the port number instead of `WS_SUCCESS`
which meant that everything after parameter passing failed silently.
 2022-07-29 10:14:34 +01:00
Hayden Roche ec873e1088 Rename wolfSSHD_NewConfig to wolfSSHD_ConfigNew, following pattern. 2022-07-28 13:34:14 -07:00
Andrew Hutchings f7fad8b8d0 Fix compiling issues 2022-07-28 15:34:21 +01:00
Hayden Roche cef7e5065a Add support for Port config option and change default port back to 22. 2022-07-27 16:48:10 -07:00
Hayden Roche e255679861 Add support for PasswordAuthentication config option. 2022-07-27 16:46:15 -07:00
Hayden Roche 48b627d70d Refactor various wolfSSHD code. 
- Move function declarations for WOLFSSHD_CONFIG from wolfsshd.h to a new
header, configuration.h. Change config.c to configuration.c. (using
"configuration" so as not to collide with autotools' config.h)
- Make the WOLFSSL_CONFIG* member of WOLFSSHD_AUTH const. At least at the
moment, it shouldn't be necessary for this member to be writable.
- Replace wolfSSHD_ConfigGetOption with functions to get specific members from
the config.
- Namespace all config functions with wolfSSHD_Config* and all auth functions
with wolfSSHD_Auth.
- Add const to function parameters, where possible.
- Remove wolfSSHD_ prefix from static functions. Just use PascalCase. These
don't need namespacing since they aren't visible outside their translation unit.
- Modify GetConfigInt to expect leading and trailing whitespace to have already
been removed. It will have been removed in the context this function is used in
configuration.c.
 2022-07-27 15:21:11 -07:00
Hayden Roche 477fb6c5c8 Add HostKey support and other config file code improvements. 
- hostKeyFile and authKeysFile members of the config are now dynamically
allocated strings owned by the config.
- Break out sshd_config option handling into more modular functions.
 2022-07-26 14:10:54 -07:00
JacobBarthelmeh 8d1d2fb633 add support for grace login timer 2022-07-26 10:56:30 -07:00
Hayden Roche 374f675553 Add support for PEM host keys. 2022-07-26 09:27:07 -07:00
JacobBarthelmeh 85109e66cf raise and lower permissions levels 2022-07-25 09:26:05 -07:00
JacobBarthelmeh f8439af47e add support to handle PermitEmptyPasswords config 2022-07-21 16:23:01 -07:00
JacobBarthelmeh 311738d057 add link to liblogin with QNX for crypt 2022-07-21 14:43:43 -07:00
JacobBarthelmeh 11c1a3998d use function callbacks for auth 2022-07-21 13:31:22 -07:00
JacobBarthelmeh 7b8ce149d7 add look for libpam and adjust for QNX build 2022-07-21 13:31:22 -07:00
JacobBarthelmeh e493d3aeb2 assume sshd builds use shell, better support for routing session types after SSH accept 2022-07-21 13:31:22 -07:00
JacobBarthelmeh 2982ae88ee define for crypt use, set fd for shell, tie in sftp 2022-07-21 13:31:22 -07:00
Hayden Roche 787d5be900 Add more functionality to wolfsshd, other improvements. 
- Moved all wolfsshd source code into apps/wolfsshd/. Then future apps, e.g.
an ssh-keygen type utility, will get their own subdirectory under apps/.
- Rename wolfauth.(c|h) to auth.(c|h), rename wolfconfig.c to config.c.
- Add support for checking user public keys against an authorized keys file.
Doesn't support parsing options and comments in the key file, yet. Parsing
special tokens (e.g. %h) and absolute paths in the AuthorizedKeysFile string
are also not supported.
- Comment out currently unused USER_NODE code. Could be useful later on if
we integrate wolfsshd in an environment where the OS doesn't have its own
username service.
- Modify configure.ac to bring in libcrypt if wolfsshd is enabled.
 2022-07-21 13:31:22 -07:00