djm@openbsd.org
680eb7749a
upstream: implement recent SK API change to support resident keys
...
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@
OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
2020-01-03 13:47:32 +11:00
Damien Miller
0248ec7c76
ssh-sk-null.cc needs extern "C" {}
2020-01-02 13:41:31 +11:00
Damien Miller
5ca4b414ef
add dummy ssh-sk API for linking with fuzzers
2020-01-02 11:15:49 +11:00
djm@openbsd.org
1a7217ac06
upstream: adapt to ssh-sk-client change
...
OpenBSD-Regress-ID: 40481999a5928d635ab2e5b029e8239c112005ea
2019-12-16 14:20:35 +11:00
Darren Tucker
fa7924008e
Wrap ECC specific bits in ifdef.
...
Fixes tests when built against an OpenSSL configured with no-ec.
2019-12-06 14:17:26 +11:00
Damien Miller
37f5b5346e
includes.h for sk-dummy.c, dummy
2019-11-29 14:48:46 +11:00
Damien Miller
ef3853bb94
another attempt at sk-dummy.so working x-platform
...
include a fatal() implementation to satisfy libopenbsd-compat
clean up .lo and .so files
.gitignore .lo and .so files
2019-11-29 11:52:23 +11:00
djm@openbsd.org
d46ac56f1c
upstream: lots of dependencies go away here with ed25519 no longer
...
needing the ssh_digest API.
OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
2019-11-29 11:19:48 +11:00
djm@openbsd.org
c6efa8a91a
upstream: add dummy security key middleware based on work by
...
markus@
This will allow us to test U2F/FIDO2 support in OpenSSH without
requiring real hardware.
ok markus@
OpenBSD-Regress-ID: 88b309464b8850c320cf7513f26d97ee1fdf9aae
2019-11-27 10:47:28 +11:00
Damien Miller
9281d4311b
unbreak fuzzers for recent security key changes
2019-11-25 21:47:49 +11:00
djm@openbsd.org
6498826682
upstream: unbreak after security key support landed
...
OpenBSD-Regress-ID: 3ab578b0dbeb2aa6d9969b54a9c1bad329c0dcba
2019-11-25 21:34:20 +11:00
Damien Miller
1ba130ac8f
add a fuzzer for private key parsing
2019-10-09 13:49:35 +11:00
Damien Miller
8b57337c1c
update fuzzing makefile to more recent clang
2019-09-05 15:46:39 +10:00
Damien Miller
ae631ad77d
fuzzer for sshsig allowed_signers option parsing
2019-09-05 15:46:11 +10:00
Damien Miller
f4846dfc6a
Fuzzer harness for sshsig
2019-09-05 14:26:39 +10:00
djm@openbsd.org
49d8c8e214
upstream: adapt to changes in KEX APIs and file removals
...
OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca
2019-01-21 23:51:29 +11:00
Damien Miller
9b655dc9c9
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00
Damien Miller
4488ae1a69
really add source for authopt_fuzz this time
2018-09-15 19:36:55 +10:00
Damien Miller
9201784b4a
remove accidentally checked-in authopt_fuzz binary
2018-09-15 19:35:40 +10:00
Damien Miller
6bc5a24ac8
fuzzer harness for authorized_keys option parsing
2018-09-14 15:17:08 +10:00
Damien Miller
4f29309c4c
unbreak fuzz harness
2018-01-03 19:50:43 +11:00
djm@openbsd.org
f6b50bf84d
upstream commit
...
another libssh casualty
OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec
2018-01-03 16:46:49 +11:00
djm@openbsd.org
d3b6aeb546
upstream commit
...
more RCSIDs
Upstream-Regress-ID: 1aecbe3f8224793f0ec56741a86d619830eb33be
2017-10-20 13:15:40 +11:00
Damien Miller
ec9d22cc25
Fuzzer harnesses for sig verify and pubkey parsing
...
These are some basic clang libfuzzer harnesses for signature
verification and public key parsing. Some assembly (metaphorical)
required.
2017-09-08 12:44:13 +10:00
djm@openbsd.org
dd369320d2
upstream commit
...
eliminate explicit specification of protocol in tests and
loops over protocol. We only support SSHv2 now.
Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
2017-05-01 11:59:42 +10:00
jsg@openbsd.org
e0194b471e
upstream commit
...
Change COMPILER_VERSION tests which limited additional
warnings to gcc4 to instead skip them on gcc3 as clang can handle
-Wpointer-sign and -Wold-style-definition.
Upstream-Regress-ID: e48d7dc13e48d9334b8195ef884dfbc51316012f
2017-04-28 13:28:49 +10:00
djm@openbsd.org
1723ec92eb
upstream commit
...
fix the KEX fuzzer - the previous method of obtaining the
packet contents was broken. This now uses the new per-packet input hook, so
it sees exact post-decrypt packets and doesn't have to pass packet integrity
checks. ok markus@
Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
2016-10-13 18:55:25 +11:00
djm@openbsd.org
920585b826
upstream commit
...
add a note on kexfuzz' limitations
Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
2016-09-21 11:07:47 +10:00
djm@openbsd.org
0445ff1840
upstream commit
...
fix for newer modp DH groups
(diffie-hellman-group14-sha256 etc)
Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
2016-09-21 11:07:47 +10:00
Darren Tucker
6310ef27a2
Move err.h replacements into compat lib.
...
Move implementations of err.h replacement functions into their own file
in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
2016-07-13 14:42:35 +10:00
Darren Tucker
e960051f9a
Wrap stdint.h inside #ifdef HAVE_STDINT_H.
2016-03-09 13:14:18 +11:00
Damien Miller
c425494d6b
unbreak kexfuzz for -Werror without __bounded__
2016-03-08 14:03:54 -08:00
djm@openbsd.org
0892edaa3c
upstream commit
...
add KEX fuzzer harness; ok deraadt@
Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
2016-03-04 15:12:24 +11:00