tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,222 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

80 Commits

Author SHA1 Message Date
dtucker@openbsd.org b500afcf00
upstream: Remove compat code for OpenSSL 1.0.* 
versions now that -portable has dropped support for those versions.

OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
 2023-03-28 19:03:10 +11:00
Darren Tucker 727560e601
Prevent conflicts between Solaris SHA2 and OpenSSL. 
We used to prevent conflicts between native SHA2 headers and OpenSSL's
by setting OPENSSL_NO_SHA but that was removed prior to OpenSSL 1.1.0
 2023-03-28 19:03:03 +11:00
Darren Tucker 46db8e14b7
Remove HEADER_SHA_H from previous... 
since it causes more problems than it solves.
 2023-03-28 12:44:03 +11:00
Darren Tucker 72bd68d373
Replace OPENSSL_NO_SHA with HEADER_SHA_H. 
Since this test doesn't use OpenSSL's SHA2 and may cause conflicts we
don't want to include it, but OPENSSL_NO_SHA was removed beginning in
OpenSSL's 1.1 series.
 2023-03-28 10:35:18 +11:00
djm@openbsd.org 8ec2e31238
upstream: adapt to ed25519 changes in src/usr.bin/ssh 
OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
 2023-01-16 10:57:42 +11:00
Damien Miller c46f6fed41 crank SSH_SK_VERSION_MAJOR in sk-dummy.so 2022-07-20 13:39:14 +10:00
Damien Miller dc7bc52372 fix some bugs in the fuzzer 2022-05-30 09:29:20 +10:00
Damien Miller 9b3ad432ad fuzzer for authorized_keys parsing 
mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
makes sense to test this layer too
 2022-05-27 17:00:43 +10:00
Damien Miller 253de42753 portable-specific string array constification 
from Mike Frysinger
 2022-02-02 16:52:07 +11:00
Damien Miller 715c892f0a remove sys/param.h in -portable, after upstream 2021-12-22 09:02:50 +11:00
djm@openbsd.org ed45a01686 upstream: crank SSH_SK_VERSION_MAJOR to match recent change in 
usr/bin/ssh

OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
 2021-11-03 10:10:09 +11:00
djm@openbsd.org ccd358e1e2 upstream: avoid signedness warning; spotted in -portable 
OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
 2021-10-29 14:25:32 +11:00
Damien Miller a1217d363b unbreak fuzz harness for recent changes 2021-10-29 13:48:59 +11:00
djm@openbsd.org c5de1fffa6 upstream: increment SSH_SK_VERSION_MAJOR to match last change 
OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
 2021-10-28 13:57:52 +11:00
Darren Tucker 7cd062c3a2 Add USE_LIBC_SHA2 for (at least) NetBSD 9. 2021-10-06 17:45:28 +11:00
Darren Tucker 639c440f6c Define OPENSSL_NO_SHA including OpenSSL from test. 
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
 2021-10-06 17:09:31 +11:00
djm@openbsd.org e3e62deb54 upstream: use libc SHA256 functions; make this work when compiled 
!WITH_OPENSSL

OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
 2021-10-06 14:40:26 +11:00
Damien Miller 5a37cc118f fix broken OPENSSL_HAS_ECC test 
spotted by dtucker
 2021-10-06 13:16:21 +11:00
Damien Miller 16a25414f3 make sk-dummy.so work without libcrypto installed 2021-10-01 22:40:06 +10:00
djm@openbsd.org 1fe4d70df9 upstream: remove this KEX fuzzer; it's awkward to use and doesn't play 
nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
but me.

OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
 2021-02-26 15:23:42 +11:00
Damien Miller a5dfc5bae8 allow a fuzz case to contain more than one request 
loop until input buffer empty, no message consumed or 256 messages
processed
 2021-01-30 16:32:29 +11:00
Damien Miller 0ef24ad602 expect fuzz cases to have length prefix 
might make life a little easier for the fuzzer, e.g. it can now
produce valid (multi-request) messages by smashing two cases together.
 2021-01-30 16:28:23 +11:00
Damien Miller de613f2713 ssh-agent fuzzer 2021-01-30 13:18:30 +11:00
Damien Miller 7e96c877bc move keys out of kex_fuzz.cc into separate header 
add certificates and missing key types
 2021-01-30 12:02:46 +11:00
Damien Miller 76f46d7566 some fixed test data (mostly keys) for fuzzing 2021-01-30 12:02:10 +11:00
djm@openbsd.org 7c2e3d6de1 upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy 
security key middleware to be directly linked; useful for writing fuzzers,
etc.

OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
 2021-01-30 11:58:38 +11:00
Damien Miller 1e660115f0 fuzz diffie-hellman-group-exchange-sha1 kex too 2021-01-29 11:09:14 +11:00
Damien Miller be5f0048ea support for running kex fuzzer with null cipher 2021-01-29 11:03:35 +11:00
Damien Miller 1134a48cdc correct kex name in disabled code 2021-01-28 08:57:31 +11:00
anatasluo 1050109b4b Remove duplicated declaration in fatal.c . 2021-01-12 07:08:26 +11:00
dtucker@openbsd.org ba328bd7a6 upstream: Adjust kexfuzz to addr.c/addrmatch.c split. 
OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
 2021-01-11 15:24:31 +11:00
Damien Miller 5c1953bf98 adapt KEX fuzzer to PQ kex change 2020-12-29 12:40:54 +11:00
djm@openbsd.org 659864fe81 upstream: Adapt to replacement of 
sntrup4591761x25519-sha512@tinyssh.org with
sntrup761x25519-sha512@openssh.com.

Also test sntrup761x25519-sha512@openssh.com in unittests/kex

OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
 2020-12-29 12:39:40 +11:00
Damien Miller a5ab499bd2 basic KEX fuzzer; adapted from Markus' unittest 2020-12-04 14:01:27 +11:00
Damien Miller 021ff33e38 use options that work with recent clang 2020-12-04 13:57:43 +11:00
djm@openbsd.org 816036f142 upstream: use the new variant log macros instead of prepending 
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
 2020-10-18 23:46:29 +11:00
Damien Miller d55dfed34e missing header 2020-10-17 22:55:24 +11:00
Damien Miller 999d7cb79a sync regress/misc/sk-dummy/fatal.c 2020-10-17 22:47:52 +11:00
Damien Miller 0f938f9986 adapt sk-dummy's fatal implementation to changes 2020-10-17 11:42:26 +11:00
djm@openbsd.org bbf20ac806 upstream: adapt to SSH_SK_VERSION_MAJOR crank 
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
 2020-09-09 13:12:29 +10:00
djm@openbsd.org 9cbbdc12cb upstream: dummy firmware needs to match API version numner crank (for 
verify-required resident keys) even though it doesn't implement this feature

OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
 2020-08-27 12:16:23 +10:00
djm@openbsd.org a01817a9f6 upstream: adapt dummy FIDO middleware to API change; ok markus@ 
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
 2020-05-01 13:13:36 +10:00
djm@openbsd.org 9f8a42340b upstream: this needs utf8.c too 
OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
 2020-04-03 15:46:13 +11:00
djm@openbsd.org f73ab8a811 upstream: unbreak unittests for recent API / source file changes 
OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
 2020-01-26 14:19:43 +11:00
Damien Miller 47160e1de8 unbreak fuzzer support for recent ssh-sk.h changes 2020-01-22 10:30:13 +11:00
Darren Tucker 1af3354aea Wrap stdint.h in ifdef HAVE_STDINT_H. 2020-01-15 16:22:36 +11:00
djm@openbsd.org dd2acc8b86 upstream: adapt sk-dummy to SK API changes 
also, make it pull prototypes directly from sk-api.c and #error
if the expected version changes. This will make any future regress
test breakage because of SK API changes much more apparent

OpenBSD-Regress-ID: 79b07055de4feb988e31da71a89051ad5969829d
 2020-01-06 13:12:46 +11:00
djm@openbsd.org 680eb7749a upstream: implement recent SK API change to support resident keys 
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@

OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
 2020-01-03 13:47:32 +11:00
Damien Miller 0248ec7c76 ssh-sk-null.cc needs extern "C" {} 2020-01-02 13:41:31 +11:00
Damien Miller 5ca4b414ef add dummy ssh-sk API for linking with fuzzers 2020-01-02 11:15:49 +11:00