From 81c9529c82aa4bea9217983499152783c70e08e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=B0smail=20Y=C4=B1lmaz?= <32938453+ismail-yilmaz@users.noreply.github.com> Date: Sun, 4 Sep 2022 21:39:14 +0300 Subject: [PATCH 1/3] TheIDE: import file parser fix (include keyword made optional) (#93) --- uppsrc/ide/Builders/CppBuilder.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/uppsrc/ide/Builders/CppBuilder.cpp b/uppsrc/ide/Builders/CppBuilder.cpp index 3a3b3577f..0dd893c32 100644 --- a/uppsrc/ide/Builders/CppBuilder.cpp +++ b/uppsrc/ide/Builders/CppBuilder.cpp @@ -379,8 +379,7 @@ Vector CppBuilder::CustomStep(const String& pf, const String& package_, if(p.Id("exclude_path")) { ExtExclude(p, packageFolder, include_path, flags); } - else { - p.PassId("includes"); + if(p.Id("includes")) { bool apply = CheckImportCondition(p, flags); Vector e = ReadPatterns(p); if(apply) { From b4f6c2e58eb84af3fc6d80cd343e533bf5c065f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=B0smail=20Y=C4=B1lmaz?= <32938453+ismail-yilmaz@users.noreply.github.com> Date: Wed, 14 Sep 2022 18:17:05 +0300 Subject: [PATCH 2/3] Core/SSH: Underlying libssh2 libarary is upgraded (1.9.1 -> 1.10.0) (#92) --- uppsrc/Core/SSH/Copying | 2 +- uppsrc/Core/SSH/ReadMe | 50 -- uppsrc/Core/SSH/ReadMe.md | 80 +++ uppsrc/Core/SSH/SSH.upp | 2 +- uppsrc/Core/SSH/libssh2/ChangeLog | 1 + uppsrc/Core/SSH/libssh2/Copying | 4 +- uppsrc/Core/SSH/libssh2/NEWS | 604 +++++++++++++++----- uppsrc/Core/SSH/libssh2/RELEASE-NOTES | 94 +-- uppsrc/Core/SSH/libssh2/agent.c | 65 +-- uppsrc/Core/SSH/libssh2/agent.h | 112 ++++ uppsrc/Core/SSH/libssh2/agent_win.c | 361 ++++++++++++ uppsrc/Core/SSH/libssh2/bcrypt_pbkdf.c | 2 +- uppsrc/Core/SSH/libssh2/channel.c | 6 +- uppsrc/Core/SSH/libssh2/hostkey.c | 39 ++ uppsrc/Core/SSH/libssh2/kex.c | 149 ++--- uppsrc/Core/SSH/libssh2/libgcrypt.h | 2 +- uppsrc/Core/SSH/libssh2/libssh2.h | 9 +- uppsrc/Core/SSH/libssh2/libssh2_config.h | 6 +- uppsrc/Core/SSH/libssh2/libssh2_config.h.in | 24 +- uppsrc/Core/SSH/libssh2/libssh2_priv.h | 9 +- uppsrc/Core/SSH/libssh2/openssl.c | 90 +-- uppsrc/Core/SSH/libssh2/openssl.h | 2 +- uppsrc/Core/SSH/libssh2/packet.c | 4 +- uppsrc/Core/SSH/libssh2/pem.c | 31 +- uppsrc/Core/SSH/libssh2/transport.c | 9 +- uppsrc/Core/SSH/libssh2/userauth.c | 44 +- uppsrc/Core/SSH/libssh2upp.c | 1 + 27 files changed, 1335 insertions(+), 467 deletions(-) delete mode 100644 uppsrc/Core/SSH/ReadMe create mode 100644 uppsrc/Core/SSH/ReadMe.md create mode 100644 uppsrc/Core/SSH/libssh2/ChangeLog create mode 100644 uppsrc/Core/SSH/libssh2/agent.h create mode 100644 uppsrc/Core/SSH/libssh2/agent_win.c diff --git a/uppsrc/Core/SSH/Copying b/uppsrc/Core/SSH/Copying index 7a794cecc..8fc6713bb 100644 --- a/uppsrc/Core/SSH/Copying +++ b/uppsrc/Core/SSH/Copying @@ -1,6 +1,6 @@ SSH package for Ultimate++ -Copyright (c) 2016, 2021, İsmail Yılmaz +Copyright (c) 2016, 2022, İsmail Yılmaz All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted diff --git a/uppsrc/Core/SSH/ReadMe b/uppsrc/Core/SSH/ReadMe deleted file mode 100644 index 2bade7f50..000000000 --- a/uppsrc/Core/SSH/ReadMe +++ /dev/null @@ -1,50 +0,0 @@ -SSH package for U++ --------------------- -SSH package is a flexible, easy-to-use, yet powerful libssh2 wrapper for Ultimate++. -It supports both console and GUI-based applications on POSIX-compliant operating systems and -MS Windows (tm). - -Classes: --------------------- - -- Base (core) class -> Ssh - - Ssh session -----> SshSession - - Sftp subsystem -----> SFtp - - SFtp Stream interface -----> SFtpStream - - File system transparency -----> SFtpFileSystemInfo - - Ssh channel -----> SshChannel - - Scp channel -----> Scp - - Exec channel -----> SshExec - - Real-time interactive shell -----> SshShell - - X11 forwarding -----> SshShell (as operation mode) - - Tcp/IP and port forwarding -----> SshTunnel -- Known hosts manager -> SshHosts - -Features and Highlights: --------------------- - -- Ssh-derived classes have pick semantics, based on RAII principle, support RTTI, and allow - polymorphism (i.e. different classes can be stored in the same array, etc.) through a common - interface. -- Uses U++'s memory manager (Native manager (malloc) is also a compile-time option) -- Uses OpenSSL by default. -- Supports multithreading. -- Supports 3rd-party network proxies. -- Supports known hosts verification mechanism. -- Supports password, public key, host-based, and keyboard-interactive authentication methods. -- Supports ssh-agents. -- Supports real-time interactive command line (shell) interface with both console and GUI integration - (SshShell works on both Windows and Posix-compliant OSes) -- Supports X11 forwarding. - (A single SShShell instance is capable of handling multiple X11 requests simultaneously.) -- Supports Tcp/IP and port forwarding. -- Supports stream operations on SFTP objects. -- Supports access to sftp folder hiearcy in a file-system-agnostic (transparent) way. -- Supports detailed (full) debug logging. - -Reference examples: -------------------- - -- SshBasics: Demonstrates basic capabilities of SSH package. -- SFtpFileSel: Demonstrates FileSel integration of SFtp class, using FileSystemInfo interface. -- SFtpBrowser: Demonstrates a basic sftp browser with GUI. \ No newline at end of file diff --git a/uppsrc/Core/SSH/ReadMe.md b/uppsrc/Core/SSH/ReadMe.md new file mode 100644 index 000000000..4c3e29b87 --- /dev/null +++ b/uppsrc/Core/SSH/ReadMe.md @@ -0,0 +1,80 @@ +# SSH package for U++ + +SSH package is a flexible, easy-to-use, yet powerful [libssh2](https://www.libssh2.org/) wrapper for Ultimate++. +It supports both console and GUI-based applications on POSIX-compliant operating systems and +MS Windows (tm). + +## Classes: + +``` +- Base (core) class -> Ssh + - Ssh session -----> SshSession + - Sftp subsystem -----> SFtp + - SFtp Stream interface -----> SFtpStream + - File system transparency -----> SFtpFileSystemInfo + - Ssh channel -----> SshChannel + - Scp channel -----> Scp + - Exec channel -----> SshExec + - Real-time interactive shell -----> SshShell + - X11 forwarding -----> SshShell (as operation mode) + - Tcp/IP and port forwarding -----> SshTunnel +- Known hosts manager -> SshHosts +``` + +## Features and Highlights: + +- Ssh-derived classes have pick semantics, based on RAII principle, support RTTI, and allow + polymorphism (i.e. different classes can be stored in the same array, etc.) through a common + interface. +- Uses U++'s memory manager (Native manager (malloc) is also a compile-time option) +- Uses OpenSSL by default. +- Supports multithreading. +- Supports 3rd-party network proxies. +- Supports known hosts verification mechanism. +- Supports password, public key, host-based, and keyboard-interactive authentication methods. +- Supports ssh-agents. +- Supports real-time interactive command line (shell) interface with both console and GUI integration + (SshShell works on both Windows and Posix-compliant OSes) +- Supports X11 forwarding. + (A single SShShell instance is capable of handling multiple X11 requests simultaneously.) +- Supports Tcp/IP and port forwarding. +- Supports stream operations on SFTP objects. +- Supports access to sftp folder hiearcy in a file-system-agnostic (transparent) way. +- Supports detailed (full) debug logging. + +## Reference examples: + + ++ *SshBasics*: Demonstrates basic capabilities of SSH package. ++ *SFtpFileSel*: Demonstrates FileSel integration of SFtp class, using FileSystemInfo interface. ++ *SFtpBrowser*: Demonstrates a basic sftp browser with GUI. + +## License +``` +Copyright (c) 2019-2022, İsmail Yılmaz +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/uppsrc/Core/SSH/SSH.upp b/uppsrc/Core/SSH/SSH.upp index 8b2c24cf9..e1c3b410d 100644 --- a/uppsrc/Core/SSH/SSH.upp +++ b/uppsrc/Core/SSH/SSH.upp @@ -48,7 +48,7 @@ file Docs readonly separator, src.tpp, Info readonly separator, - ReadMe, + ReadMe.md, Copying, Todo, Issues; diff --git a/uppsrc/Core/SSH/libssh2/ChangeLog b/uppsrc/Core/SSH/libssh2/ChangeLog new file mode 100644 index 000000000..404c887c2 --- /dev/null +++ b/uppsrc/Core/SSH/libssh2/ChangeLog @@ -0,0 +1 @@ +see NEWS diff --git a/uppsrc/Core/SSH/libssh2/Copying b/uppsrc/Core/SSH/libssh2/Copying index 68c8d369c..937ed32e3 100644 --- a/uppsrc/Core/SSH/libssh2/Copying +++ b/uppsrc/Core/SSH/libssh2/Copying @@ -2,8 +2,10 @@ * Copyright (c) 2005,2006 Mikhail Gusarov * Copyright (c) 2006-2007 The Written Word, Inc. * Copyright (c) 2007 Eli Fant - * Copyright (c) 2009-2019 Daniel Stenberg + * Copyright (c) 2009-2021 Daniel Stenberg * Copyright (C) 2008, 2009 Simon Josefsson + * Copyright (c) 2000 Markus Friedl + * Copyright (c) 2015 Microsoft Corp. * All rights reserved. * * Redistribution and use in source and binary forms, diff --git a/uppsrc/Core/SSH/libssh2/NEWS b/uppsrc/Core/SSH/libssh2/NEWS index c38fe15fa..7e22b3dd8 100644 --- a/uppsrc/Core/SSH/libssh2/NEWS +++ b/uppsrc/Core/SSH/libssh2/NEWS @@ -1,6 +1,448 @@ Changelog for the libssh2 project. Generated with git2news.pl -GitHub (11 Nov 2020) +Daniel Stenberg (29 Aug 2021) +- [Will Cosgrove brought this change] + + updated docs for 1.10.0 release + +Marc Hörsken (30 May 2021) +- [Laurent Stacul brought this change] + + [tests] Try several times to connect the ssh server + + Sometimes, as the OCI container is run in detached mode, it is possible + the actual server is not ready yet to handle SSH traffic. The goal of + this PR is to try several times (max 3). The mechanism is the same as + for the connection to the docker machine. + +- [Laurent Stacul brought this change] + + Remove openssh_server container on test exit + +- [Laurent Stacul brought this change] + + Allow the tests to run inside a container + + The current tests suite starts SSH server as OCI container. This commit + add the possibility to run the tests in a container provided that: + + * the docker client is installed builder container + * the host docker daemon unix socket has been mounted in the builder + container (with, if needed, the DOCKER_HOST environment variable + accordingly set, and the permission to write on this socket) + * the builder container is run on the default bridge network, or the + host network. This PR does not handle the case where the builder + container is on another network. + +Marc Hoersken (28 May 2021) +- CI/appveyor: run SSH server for tests on GitHub Actions (#607) + + No longer rely on DigitalOcean to host the Docker container. + + Unfortunately we require a small dispatcher script that has + access to a GitHub access token with scope repo in order to + trigger the daemon workflow on GitHub Actions also for PRs. + + This script is hosted by myself for the time being until GitHub + provides a tighter scope to trigger the workflow_dispatch event. + +GitHub (26 May 2021) +- [Will Cosgrove brought this change] + + openssl.c: guards around calling FIPS_mode() #596 (#603) + + Notes: + FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call. + + Credit: + Will Cosgrove + +- [Will Cosgrove brought this change] + + configure.ac: don't undefine scoped variable (#594) + + * configure.ac: don't undefine scoped variable + + To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it. + + * configure.ac: remove cygwin specific CFLAGS #598 + + Notes: + Remove cygwin specific Win32 CFLAGS and treat the build like a posix build + + Credit: + Will Cosgrove, Brian Inglis + +- [Laurent Stacul brought this change] + + tests: Makefile.am: Add missing tests client keys in distribution tarball (#604) + + Notes: + Added missing test keys. + + Credit: + Laurent Stacul + +- [Laurent Stacul brought this change] + + Makefile.am: Add missing test keys in the distribution tarball (#601) + + Notes: + Fix tests missing key to build the OCI image + + Credit: + Laurent Stacul + +Daniel Stenberg (16 May 2021) +- dist: add src/agent.h + + Fixes #597 + Closes #599 + +GitHub (12 May 2021) +- [Will Cosgrove brought this change] + + packet.c: Reset read timeout after received a packet (#576) (#586) + + File: + packet.c + + Notes: + Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails. + + The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning. + + Credit: + teottin, Co-authored-by: Tor Erik Ottinsen + +- [kkoenig brought this change] + + Support ECDSA certificate authentication (#570) + + Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c + + Notes: + Support ECDSA certificate authentication + + Add a test for: + - Existing ecdsa basic public key authentication + - ecdsa public key authentication with a signed public key + + Credit: + kkoenig + +- [Gabriel Smith brought this change] + + agent.c: Add support for Windows OpenSSH agent (#517) + + Files: agent.c, agent.h, agent_win.c + + Notes: + * agent: Add support for Windows OpenSSH agent + + The implementation was partially taken and modified from that found in + the Portable OpenSSH port to Win32 by the PowerShell team, but mostly + based on the existing Unix OpenSSH agent support. + + https://github.com/PowerShell/openssh-portable + + Regarding the partial transfer support implementation: partial transfers + are easy to deal with, but you need to track additional state when + non-blocking IO enters the picture. A tracker of how many bytes have + been transfered has been placed in the transfer context struct as that's + where it makes most sense. This tracker isn't placed behind a WIN32 + #ifdef as it will probably be useful for other agent implementations. + + * agent: win32 openssh: Disable overlapped IO + + Non-blocking IO is not currently supported by the surrounding agent + code, despite a lot of the code having everything set up to handle it. + + Credit: + Co-authored-by: Gabriel Smith + +- [Zenju brought this change] + + Fix detailed _libssh2_error being overwritten (#473) + + Files: openssl.c, pem.c, userauth.c + + Notes: + * Fix detailed _libssh2_error being overwritten by generic errors + * Unified error handling + + Credit: + Zenju + +- [Paul Capron brought this change] + + Fix _libssh2_random() silently discarding errors (#520) + + Notes: + * Make _libssh2_random return code consistent + + Previously, _libssh2_random was advertized in HACKING.CRYPTO as + returning `void` (and was implemented that way in os400qc3.c), but that + was in other crypto backends a lie; _libssh2_random is (a macro + expanding) to an int-value expression or function. + + Moreover, that returned code was: + — 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends + But also: + — 1 on success, -1 or 0 on error for the OpenSSL backend! + – 1 on success, error cannot happen for libgcrypt! + + This commit makes explicit that _libssh2_random can fail (because most of + the underlying crypto functions can indeed fail!), and it makes its result + code consistent: 0 on success, -1 on error. + + This is related to issue #519 https://github.com/libssh2/libssh2/issues/519 + It fixes the first half of it. + + * Don't silent errors of _libssh2_random + + Make sure to check the returned code of _libssh2_random(), and + propagates any failure. + + A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h + None of the existing error constants seemed fit. + + This commit is related to d74285b68450c0e9ea6d5f8070450837fb1e74a7 + and to https://github.com/libssh2/libssh2/issues/519 (see the issue + for more info.) It closes #519. + + Credit: + Paul Capron + +- [Gabriel Smith brought this change] + + ci: Remove caching of docker image layers (#589) + + Notes: + continued ci reliability work. + + Credit: + Gabriel Smith + +- [Gabriel Smith brought this change] + + ci: Speed up docker builds for tests (#587) + + Notes: + The OpenSSH server docker image used for tests is pre-built to prevent + wasting time building it during a test, and unneeded rebuilds are + prevented by caching the image layers. + + Credit: + Gabriel Smith + +- [Will Cosgrove brought this change] + + userauth.c: don't error if using keys without RSA (#555) + + file: userauth.c + + notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error + + credit: + Will Cosgrove + +- [Marc brought this change] + + openssl.c: Avoid OpenSSL latent error in FIPS mode (#528) + + File: + openssl.c + + Notes: + Avoid initing MD5 digest, which is not permitted in OpenSSL FIPS certified cryptography mode. + + Credit: + Marc + +- [Laurent Stacul brought this change] + + openssl.c: Fix EVP_Cipher interface change in openssl 3 #463 + + File: + openssl.c + + Notes: + Fixes building with OpenSSL 3, #463. + + The change is described there: + https://github.com/openssl/openssl/commit/f7397f0d58ce7ddf4c5366cd1846f16b341fbe43 + + Credit: + Laurent Stacul, reported by Sergei + +- [Gabriel Smith brought this change] + + openssh_fixture.c: Fix potential overwrite of buffer when reading stdout of command (#580) + + File: + openssh_fixture.c + Notes: + If reading the full output from the executed command took multiple + passes (such as when reading multiple lines) the old code would read + into the buffer starting at the some position (the start) every time. + The old code only works if fgets updated p or had an offset parameter, + both of which are not true. + + Credit: + Gabriel Smith + +- [Gabriel Smith brought this change] + + ci: explicitly state the default branch (#585) + + Notes: + It looks like the $default-branch macro only works in templates, not + workflows. This is not explicitly stated anywhere except the linked PR + comment. + + https://github.com/actions/starter-workflows/pull/590#issuecomment-672360634 + + credit: + Gabriel Smith + +- [Gabriel Smith brought this change] + + ci: Swap from Travis to Github Actions (#581) + + Files: ci files + + Notes: + Move Linux CI using Github Actions + + Credit: + Gabriel Smith, Marc Hörsken + +- [Mary brought this change] + + libssh2_priv.h: add iovec on 3ds (#575) + + file: libssh2_priv.h + note: include iovec for 3DS + credit: Mary Mstrodl + +- [Laurent Stacul brought this change] + + Tests: Fix unused variables warning (#561) + + file: test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c + + notes: fixed unused vars + + credit: + Laurent Stacul + +- [Viktor Szakats brought this change] + + bcrypt_pbkdf.c: fix clang10 false positive warning (#563) + + File: bcrypt_pbkdf.c + + Notes: + blf_enc() takes a number of 64-bit blocks to encrypt, but using + sizeof(uint64_t) in the calculation triggers a warning with + clang 10 because the actual data type is uint32_t. Pass + BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3) + does. + + Ref: https://github.com/openbsd/src/commit/04a2240bd8f465bcae6b595d912af3e2965856de + + Fixes #562 + + Credit: + Viktor Szakats + +- [Will Cosgrove brought this change] + + transport.c: release payload on error (#554) + + file: transport.c + notes: If the payload is invalid and there is an early return, we could leak the payload + credit: + Will Cosgrove + +- [Will Cosgrove brought this change] + + ssh2_client_fuzzer.cc: fixed building + + The GitHub web editor did some funky things + +- [Will Cosgrove brought this change] + + ssh_client_fuzzer.cc: set blocking mode on (#553) + + file: ssh_client_fuzzer.cc + + notes: the session needs blocking mode turned on to avoid EAGAIN being returned from libssh2_session_handshake() + + credit: + Will Cosgrove, reviewed by Michael Buckley + +- [Etienne Samson brought this change] + + Add a LINT option to CMake (#372) + + * ci: make style-checking available locally + + * cmake: add a linting target + + * tests: check test suite syntax with checksrc.pl + +- [Will Cosgrove brought this change] + + kex.c: kex_agree_instr() improve string reading (#552) + + * kex.c: kex_agree_instr() improve string reading + + file: kex.c + notes: if haystack isn't null terminated we should use memchr() not strchar(). We should also make sure we don't walk off the end of the buffer. + credit: + Will Cosgrove, reviewed by Michael Buckley + +- [Will Cosgrove brought this change] + + kex.c: use string_buf in ecdh_sha2_nistp (#551) + + * kex.c: use string_buf in ecdh_sha2_nistp + + file: kex.c + + notes: + use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data + +- [Will Cosgrove brought this change] + + kex.c: move EC macro outside of if check #549 (#550) + + File: kex.c + + Notes: + Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code. + + Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up. + + Credit: + Stefan-Ghinea + +- [Tim Gates brought this change] + + kex.c: fix simple typo, niumber -> number (#545) + + File: kex.c + + Notes: + There is a small typo in src/kex.c. + + Should read `number` rather than `niumber`. + + Credit: + Tim Gates + - [Tseng Jun brought this change] session.c: Correct a typo which may lead to stack overflow (#533) @@ -3200,7 +3642,7 @@ Alexander Lamaison (13 Mar 2015) - Without zlib Conflicts: - README + README - Man man syntax tests fail gracefully if man version is not suitable. @@ -3275,18 +3717,18 @@ Guenter Knauf (8 Jan 2015) Marc Hoersken (29 Dec 2014) - knownhost.c: fix use of uninitialized argument variable wrote - Detected by clang scan in line 1195, column 18. + Detected by clang scan in line 1195, column 18. - examples/x11.c: fix result of operation is garbage or undefined Fix use of uninitialized structure w_size_bck. - Detected by clang scan in line 386, column 28. + Detected by clang scan in line 386, column 28. - examples/x11.c: remove dead assigments of some return values Detected by clang scan in line 212, column 9. Detected by clang scan in line 222, column 13. - Detected by clang scan in line 410, column 13. + Detected by clang scan in line 410, column 13. - examples/x11.c: fix possible memory leak if read fails @@ -6387,155 +6829,3 @@ Peter Stuge (17 Jun 2010) Daniel Stenberg (16 Jun 2010) - libssh2_session_callback_set: extended the man page - -- [John brought this change] - - LIBSSH2_DEBUG: macro uses incorrect function variable - - The LIBSSH2_DEBUG macro, defined in libssh2_priv.h, incorrectly uses the - function variable ssh_msg_disconnect when it should use ssh_msg_debug. - - This shows that the LIBSSH2_CALLBACK_DEBUG callback never has worked... - -- warning: fix a compiler warning 'pointer differs in signedness' - - As reported in bug #177 - -- portability: introduce LIBSSH2_INT64_T_FORMAT for 64bit printf()s - - As pointed out in bug #177, some of the Windows compilers use - %I64 to output 64 bit variables with the printf family. - -- debug: avoid sending NULL to sprintf %s - - Via the _libssh2_debug() macro/function. Pointed out by john in bug report - -- sftp docs: show macro on macro page, only function on function page - - The individual man pages for macros now show the full convenience - macro as defined, and then the man page for the actual function - only shows the function. - -- code police: make the code use less than 80 columns - -- libssh2_channel_write_ex: remove macros, added wording on buffer size - -- libssh2_sftp_write: document buffer size and changed some ordering - -- libssh2_channel_write_stderr: show how the macro is defined - -- libssh2_channel_write: show how the macro is defined - -- SFTP: limit write() to not produce overly large packets - - sftp_write() now limits how much data it gets at a time even more - than before. Since this function creates a complete outgoing - packet based on what gets passed to it, it is crucial that it - doesn't create too large packets. - - With this method, there's also no longer any problem to use very - large buffers in your application and feed that to libssh2. I've - done numerous tests now with uploading data over SFTP using 100K - buffers and I've had no problems with that. - -- scp_write_nonblock: add transfer time info - - Using the same timing logic and output format as - sftp_write_nonblock allows us to very easily run benchmarks on - SCP vs SFTP uploads using libssh2. - -- sftp_write_nonblock: select() on socket, use *BIG* buffer, time transfer - - The select() is just to make it nicer so that it doesn't - crazy-loop on EAGAIN. The buffer size thing is mostly to verify - that this really work as supposed. - - Transfer timing is just a minor thing, but it can just as well be - there and help us time and work on performance easier using out - of the box examples. - -- agent: use _libssh2_error() when returning errors - - As pointed out in bug report #173, this module basically never - used _libssh2_error() which made it work inconstently with other - parts of the libssh2 code base. This is my first take at making - this code more in line with the rest. - -- inputchecks: make lots of API functions check for NULL pointers - - If an application accidentally provides a NULL handle pointer to - the channel or sftp public functions, they now return an error - instead of segfaulting. - -- libssh2_channel_eof: clarify that it returns negative on errors - -- SFTP: keep the sftp error code as 32 bit - - 'last_errno' holds to the error code from the SFTP protocol and - since that is 32 bits on the wire there's no point in using a - long for this internally which is larger on some platforms. - -- agent: make the code better deal with unexpected code flows - - agent->ops gets initialized by the libssh2_agent_connect() call - but we need to make sure that we don't segfault even if a bad - sequence of function calls is used. - -Alexander Lamaison (10 Jun 2010) -- Better handling of invalid key files. - - Passing an invalid public key to libssh2_userauth_publickey_fromfile_ex - triggered an assertion. Replaced this with a runtime check that rejects - obviously invalid key data. - -Daniel Stenberg (10 Jun 2010) -- version: we start working on 1.2.7 now - -Version 1.2.6 (10 Jun 2010) - -Daniel Stenberg (10 Jun 2010) -- NEWS: add the 1.2.6 release details - -- RELEASE-NOTES: 1.2.6 details added - -Guenter Knauf (10 Jun 2010) -- fixed libssh2.dsw to use the generated libssh2.dsp; removed old *.dsp files. - -- moved MSVC strdup define to libssh2_config.h which we include already. - -- added missing source files to src/NMakefile. - -Daniel Stenberg (8 Jun 2010) -- libssh2_poll: refer to poll(3) and select(3) instead - -- example: fix strdup() for MSVC compiles - - MSVC has a _strdup() that we better use. This was reported in bug - -- SFTP: fail init SFTP if session isn't authenticated - - Alexander Lamaison filed bug #172 - (http://trac.libssh2.org/ticket/172), and pointed out that SFTP - init would do bad if the session isn't yet authenticated at the - time of the call, so we now check for this situation and returns - an error if detected. Calling sftp_init() at this point is bad - usage to start with. - -- direct_tcpip: bring back inclusion of libssh2_config.h - - In order to increase portability of this example, I'm bringing - the inclusion of libssh2_config.h back, and I also added an - require that header for this example to compile. - - I also made all code lines fit within 80 columns. - -Guenter Knauf (3 Jun 2010) -- cast away a warning. - -- moved CRT_SECURE_NO_DEPRECATE define up so its defined before the winsock headers are included. - -- fixed platform detection for MingW32 test makefile. - -- MingW32 has gettimeofday() implemented, so proper ifdef this function here. - -- removed MSVC ifdef since seems we can use __int64 still with latest headers. diff --git a/uppsrc/Core/SSH/libssh2/RELEASE-NOTES b/uppsrc/Core/SSH/libssh2/RELEASE-NOTES index 98cb8033b..62064a9fe 100644 --- a/uppsrc/Core/SSH/libssh2/RELEASE-NOTES +++ b/uppsrc/Core/SSH/libssh2/RELEASE-NOTES @@ -1,44 +1,62 @@ -libssh2 1.9.0 +libssh2 1.10 This release includes the following enhancements and bugfixes: - - o adds ECDSA keys and host key support when using OpenSSL - o adds ED25519 key and host key support when using OpenSSL 1.1.1 - o adds OpenSSH style key file reading - o adds AES CTR mode support when using WinCNG - o adds PEM passphrase protected file support for Libgcrypt and WinCNG - o adds SHA256 hostkey fingerprint - o adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() - o adds explicit zeroing of sensitive data in memory - o adds additional bounds checks to network buffer reads - o adds the ability to use the server default permissions when creating sftp directories - o adds support for building with OpenSSL no engine flag - o adds support for building with LibreSSL - o increased sftp packet size to 256k - o fixed oversized packet handling in sftp - o fixed building with OpenSSL 1.1 - o fixed a possible crash if sftp stat gets an unexpected response - o fixed incorrect parsing of the KEX preference string value - o fixed conditional RSA and AES-CTR support - o fixed a small memory leak during the key exchange process - o fixed a possible memory leak of the ssh banner string - o fixed various small memory leaks in the backends - o fixed possible out of bounds read when parsing public keys from the server - o fixed possible out of bounds read when parsing invalid PEM files - o no longer null terminates the scp remote exec command - o now handle errors when diffie hellman key pair generation fails - o fixed compiling on Windows with the flag STDCALL=ON - o improved building instructions + + o adds agent forwarding support + o adds OpenSSH Agent support on Windows + o adds ECDSA key support using the Mbed TLS backend + o adds ECDSA cert authentication + o adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, + diffie-hellman-group18-sha512 key exchanges + o adds support for PKIX key reading when using ed25519 with OpenSSL + o adds support for EWOULDBLOCK on VMS systems + o adds support for building with OpenSSL 3 + o adds support for using FIPS mode in OpenSSL + o adds debug symbols when building with MSVC + o adds support for building on the 3DS + o adds unicode build support on Windows + o restores os400 building + o increases min, max and opt Diffie Hellman group values + o improves portiablity of the make file + o improves timeout behavior with 2FA keyboard auth + o various improvements to the Wincng backend + o fixes reading parital packet replies when using an agent + o fixes Diffie Hellman key exchange on Windows 1903+ builds + o fixes building tests with older versions of OpenSSL + o fixes possible multiple definition warnings + o fixes potential cast issues _libssh2_ecdsa_key_get_curve_type() + o fixes potential use after free if libssh2_init() is called twice + o improved linking when using Mbed TLS + o fixes call to libssh2_crypto_exit() if crypto hasn't been initialized + o fixes crash when loading public keys with no id + o fixes possible out of bounds read when exchanging keys + o fixes possible out of bounds read when reading packets + o fixes possible out of bounds read when opening an X11 connection + o fixes possible out of bounds read when ecdh host keys + o fixes possible hang when trying to read a disconnected socket + o fixes a crash when using the delayed compression option + o fixes read error with large known host entries + o fixes various warnings + o fixes various small memory leaks + o improved error handling, various detailed errors will now be reported + o builds are now using OSS-Fuzz + o builds now use autoreconf instead of a custom build script + o cmake now respects install directory + o improved CI backend + o updated HACKING-CRYPTO documentation + o use markdown file extensions o improved unit tests - + This release would not have looked like this without help, code, reports and advice from friends like these: - Peter Surge, Will Cosgrove, Daniel Stenberg, Alex Arslan, Alex Crichton, - Thomas Bleeker, Keno Fischer, Marc Hörsken, Marcel Raad, Viktor Szakats, - Kamil Dudka, Panos, Etienne Samson, Tseng Jun, Brendan Shanks, doublex, - Erik B, Jakob Egger, Thomas Lochmatter, alex-weaver, Adrian Moran, Zenju, - gartens, Matthew D. Fuller, Ryan Kelley, Zhen-Huan HWANG, Orivej Desh, - Alexander Curtiss - - (29 contributors) + katzer, Orgad Shaneh, mark-i-m, Zenju, axjowa, Thilo Schulz, + Etienne Samson, hlefebvre, seba30, Panos, jethrogb, Fabrice Fontaine, + Will Cosgrove, Daniel Stenberg, Michael Buckley, Wallace Souza Silva, + Romain-Geissler-1A, meierha, Tseng Jun, Thomas Klausner, Brendan Shanks, + Harry Sintonen, monnerat, Koutheir Attouchi, Marc Hörsken, yann-morin-1998, + Wez Furlong, TDi-jonesds, David Benjamin, Max Dymond, Igor Klevanets, + Viktor Szakats, Laurent Stacul, Mstrodl, Gabriel Smith, MarcT512, + Paul Capron, teottin, Tor Erik Ottinsen, Brian Inglis + + (40 contributors) diff --git a/uppsrc/Core/SSH/libssh2/agent.c b/uppsrc/Core/SSH/libssh2/agent.c index 3fbf310d1..85c3e34af 100644 --- a/uppsrc/Core/SSH/libssh2/agent.c +++ b/uppsrc/Core/SSH/libssh2/agent.c @@ -38,6 +38,7 @@ */ #include "libssh2_priv.h" +#include "agent.h" #include "misc.h" #include #ifdef HAVE_SYS_UN_H @@ -50,6 +51,9 @@ #endif #include "userauth.h" #include "session.h" +#ifdef WIN32 +#include +#endif /* Requests from client to agent for protocol 1 key operations */ #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 @@ -90,58 +94,6 @@ #define SSH_AGENT_CONSTRAIN_LIFETIME 1 #define SSH_AGENT_CONSTRAIN_CONFIRM 2 -/* non-blocking mode on agent connection is not yet implemented, but - for future use. */ -typedef enum { - agent_NB_state_init = 0, - agent_NB_state_request_created, - agent_NB_state_request_length_sent, - agent_NB_state_request_sent, - agent_NB_state_response_length_received, - agent_NB_state_response_received -} agent_nonblocking_states; - -typedef struct agent_transaction_ctx { - unsigned char *request; - size_t request_len; - unsigned char *response; - size_t response_len; - agent_nonblocking_states state; -} *agent_transaction_ctx_t; - -typedef int (*agent_connect_func)(LIBSSH2_AGENT *agent); -typedef int (*agent_transact_func)(LIBSSH2_AGENT *agent, - agent_transaction_ctx_t transctx); -typedef int (*agent_disconnect_func)(LIBSSH2_AGENT *agent); - -struct agent_publickey { - struct list_node node; - - /* this is the struct we expose externally */ - struct libssh2_agent_publickey external; -}; - -struct agent_ops { - agent_connect_func connect; - agent_transact_func transact; - agent_disconnect_func disconnect; -}; - -struct _LIBSSH2_AGENT -{ - LIBSSH2_SESSION *session; /* the session this "belongs to" */ - - libssh2_socket_t fd; - - struct agent_ops *ops; - - struct agent_transaction_ctx transctx; - struct agent_publickey *identity; - struct list_head head; /* list of public keys */ - - char *identity_agent_path; /* Path to a custom identity agent socket */ -}; - #ifdef PF_UNIX static int agent_connect_unix(LIBSSH2_AGENT *agent) @@ -404,6 +356,7 @@ static struct { } supported_backends[] = { #ifdef WIN32 {"Pageant", &agent_ops_pageant}, + {"OpenSSH", &agent_ops_openssh}, #endif /* WIN32 */ #ifdef PF_UNIX {"Unix", &agent_ops_unix}, @@ -441,6 +394,7 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, _libssh2_store_u32(&s, 0); transctx->request_len = s - transctx->request; + transctx->send_recv_total = 0; transctx->state = agent_NB_state_request_created; } @@ -541,6 +495,7 @@ agent_list_identities(LIBSSH2_AGENT *agent) if(transctx->state == agent_NB_state_init) { transctx->request = &c; transctx->request_len = 1; + transctx->send_recv_total = 0; transctx->state = agent_NB_state_request_created; } @@ -717,6 +672,12 @@ libssh2_agent_init(LIBSSH2_SESSION *session) agent->identity_agent_path = NULL; _libssh2_list_init(&agent->head); +#ifdef WIN32 + agent->pipe = INVALID_HANDLE_VALUE; + memset(&agent->overlapped, 0, sizeof(OVERLAPPED)); + agent->pending_io = FALSE; +#endif + return agent; } diff --git a/uppsrc/Core/SSH/libssh2/agent.h b/uppsrc/Core/SSH/libssh2/agent.h new file mode 100644 index 000000000..dfac0715c --- /dev/null +++ b/uppsrc/Core/SSH/libssh2/agent.h @@ -0,0 +1,112 @@ +#ifndef __LIBSSH2_AGENT_H +#define __LIBSSH2_AGENT_H +/* + * Copyright (c) 2009 by Daiki Ueno + * Copyright (C) 2010-2014 by Daniel Stenberg + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#include "libssh2_priv.h" +#include "misc.h" +#include "session.h" +#ifdef WIN32 +#include +#endif + +/* non-blocking mode on agent connection is not yet implemented, but + for future use. */ +typedef enum { + agent_NB_state_init = 0, + agent_NB_state_request_created, + agent_NB_state_request_length_sent, + agent_NB_state_request_sent, + agent_NB_state_response_length_received, + agent_NB_state_response_received +} agent_nonblocking_states; + +typedef struct agent_transaction_ctx { + unsigned char *request; + size_t request_len; + unsigned char *response; + size_t response_len; + agent_nonblocking_states state; + size_t send_recv_total; +} *agent_transaction_ctx_t; + +typedef int (*agent_connect_func)(LIBSSH2_AGENT *agent); +typedef int (*agent_transact_func)(LIBSSH2_AGENT *agent, + agent_transaction_ctx_t transctx); +typedef int (*agent_disconnect_func)(LIBSSH2_AGENT *agent); + +struct agent_publickey { + struct list_node node; + + /* this is the struct we expose externally */ + struct libssh2_agent_publickey external; +}; + +struct agent_ops { + agent_connect_func connect; + agent_transact_func transact; + agent_disconnect_func disconnect; +}; + +struct _LIBSSH2_AGENT +{ + LIBSSH2_SESSION *session; /* the session this "belongs to" */ + + libssh2_socket_t fd; + + struct agent_ops *ops; + + struct agent_transaction_ctx transctx; + struct agent_publickey *identity; + struct list_head head; /* list of public keys */ + + char *identity_agent_path; /* Path to a custom identity agent socket */ + +#ifdef WIN32 + OVERLAPPED overlapped; + HANDLE pipe; + BOOL pending_io; +#endif +}; + +#ifdef WIN32 +extern struct agent_ops agent_ops_openssh; +#endif + +#endif /* __LIBSSH2_AGENT_H */ diff --git a/uppsrc/Core/SSH/libssh2/agent_win.c b/uppsrc/Core/SSH/libssh2/agent_win.c new file mode 100644 index 000000000..a1605a95f --- /dev/null +++ b/uppsrc/Core/SSH/libssh2/agent_win.c @@ -0,0 +1,361 @@ +/* + * Copyright (c) 2009 by Daiki Ueno + * Copyright (C) 2010-2014 by Daniel Stenberg + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + +#include "libssh2_priv.h" +#include "agent.h" +#include "misc.h" +#include +#ifdef HAVE_SYS_UN_H +#include +#else +/* Use the existence of sys/un.h as a test if Unix domain socket is + supported. winsock*.h define PF_UNIX/AF_UNIX but do not actually + support them. */ +#undef PF_UNIX +#endif +#include "userauth.h" +#include "session.h" +#ifdef WIN32 +#include +#endif + +#ifdef WIN32 +/* Code to talk to OpenSSH was taken and modified from the Win32 port of + * Portable OpenSSH by the PowerShell team. Commit + * 8ab565c53f3619d6a1f5ac229e212cad8a52852c of + * https://github.com/PowerShell/openssh-portable.git was used as the base, + * specificaly the following files: + * + * - contrib\win32\win32compat\fileio.c + * - Structure of agent_connect_openssh from ssh_get_authentication_socket + * - Structure of agent_transact_openssh from ssh_request_reply + * - contrib\win32\win32compat\wmain_common.c + * - Windows equivalent functions for common Unix functions, inlined into + * this implementation + * - fileio_connect replacing connect + * - fileio_read replacing read + * - fileio_write replacing write + * - fileio_close replacing close + * + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Functions for connecting the local authentication agent. + * + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". + * + * SSH2 implementation, + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * Copyright (c) 2015 Microsoft Corp. + * All rights reserved + * + * Microsoft openssh win32 port + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#define WIN32_OPENSSH_AGENT_SOCK "\\\\.\\pipe\\openssh-ssh-agent" + +static int +agent_connect_openssh(LIBSSH2_AGENT *agent) +{ + int ret = LIBSSH2_ERROR_NONE; + const char *path; + HANDLE pipe = INVALID_HANDLE_VALUE; + HANDLE event = NULL; + + path = agent->identity_agent_path; + if(!path) { + path = getenv("SSH_AUTH_SOCK"); + if(!path) + path = WIN32_OPENSSH_AGENT_SOCK; + } + + for(;;) { + pipe = CreateFileA( + path, + GENERIC_READ | GENERIC_WRITE, + 0, + NULL, + OPEN_EXISTING, + /* Non-blocking mode for agent connections is not implemented at + * the point this was implemented. The code for Win32 OpenSSH + * should support non-blocking IO, but the code calling it doesn't + * support it as of yet. + * When non-blocking IO is implemented for the surrounding code, + * uncomment the following line to enable support within the Win32 + * OpenSSH code. + */ + /* FILE_FLAG_OVERLAPPED | */ + SECURITY_SQOS_PRESENT | + SECURITY_IDENTIFICATION, + NULL + ); + + if(pipe != INVALID_HANDLE_VALUE) + break; + if(GetLastError() != ERROR_PIPE_BUSY) + break; + + /* Wait up to 1 second for a pipe instance to become available */ + if(!WaitNamedPipeA(path, 1000)) + break; + } + + if(pipe == INVALID_HANDLE_VALUE) { + ret = _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, + "unable to connect to agent pipe"); + goto cleanup; + } + + if(SetHandleInformation(pipe, HANDLE_FLAG_INHERIT, 0) == FALSE) { + ret = _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, + "unable to set handle information of agent pipe"); + goto cleanup; + } + + event = CreateEventA(NULL, TRUE, FALSE, NULL); + if(event == NULL) { + ret = _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL, + "unable to create async I/O event"); + goto cleanup; + } + + agent->pipe = pipe; + pipe = INVALID_HANDLE_VALUE; + agent->overlapped.hEvent = event; + event = NULL; + agent->fd = 0; /* Mark as the connection has been established */ + +cleanup: + if(event != NULL) + CloseHandle(event); + if(pipe != INVALID_HANDLE_VALUE) + CloseHandle(pipe); + return ret; +} + +#define RECV_SEND_ALL(func, agent, buffer, length, total) \ + DWORD bytes_transfered; \ + BOOL ret; \ + DWORD err; \ + int rc; \ + \ + while(*total < length) { \ + if(!agent->pending_io) \ + ret = func(agent->pipe, (char *)buffer + *total, \ + (DWORD)(length - *total), &bytes_transfered, \ + &agent->overlapped); \ + else \ + ret = GetOverlappedResult(agent->pipe, &agent->overlapped, \ + &bytes_transfered, FALSE); \ + \ + *total += bytes_transfered; \ + if(!ret) { \ + err = GetLastError(); \ + if((!agent->pending_io && ERROR_IO_PENDING == err) \ + || (agent->pending_io && ERROR_IO_INCOMPLETE == err)) { \ + agent->pending_io = TRUE; \ + return LIBSSH2_ERROR_EAGAIN; \ + } \ + \ + return LIBSSH2_ERROR_SOCKET_NONE; \ + } \ + agent->pending_io = FALSE; \ + } \ + \ + rc = (int)*total; \ + *total = 0; \ + return rc; + +static int +win32_openssh_send_all(LIBSSH2_AGENT *agent, void *buffer, size_t length, + size_t *send_recv_total) +{ + RECV_SEND_ALL(WriteFile, agent, buffer, length, send_recv_total) +} + +static int +win32_openssh_recv_all(LIBSSH2_AGENT *agent, void *buffer, size_t length, + size_t *send_recv_total) +{ + RECV_SEND_ALL(ReadFile, agent, buffer, length, send_recv_total) +} + +#undef RECV_SEND_ALL + +static int +agent_transact_openssh(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx) +{ + unsigned char buf[4]; + int rc; + + /* Send the length of the request */ + if(transctx->state == agent_NB_state_request_created) { + _libssh2_htonu32(buf, (uint32_t)transctx->request_len); + rc = win32_openssh_send_all(agent, buf, sizeof buf, + &transctx->send_recv_total); + if(rc == LIBSSH2_ERROR_EAGAIN) + return LIBSSH2_ERROR_EAGAIN; + else if(rc < 0) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_SEND, + "agent send failed"); + transctx->state = agent_NB_state_request_length_sent; + } + + /* Send the request body */ + if(transctx->state == agent_NB_state_request_length_sent) { + rc = win32_openssh_send_all(agent, transctx->request, + transctx->request_len, + &transctx->send_recv_total); + if(rc == LIBSSH2_ERROR_EAGAIN) + return LIBSSH2_ERROR_EAGAIN; + else if(rc < 0) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_SEND, + "agent send failed"); + transctx->state = agent_NB_state_request_sent; + } + + /* Receive the length of the body */ + if(transctx->state == agent_NB_state_request_sent) { + rc = win32_openssh_recv_all(agent, buf, sizeof buf, + &transctx->send_recv_total); + if(rc == LIBSSH2_ERROR_EAGAIN) + return LIBSSH2_ERROR_EAGAIN; + else if(rc < 0) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_RECV, + "agent recv failed"); + + transctx->response_len = _libssh2_ntohu32(buf); + transctx->response = LIBSSH2_ALLOC(agent->session, + transctx->response_len); + if(!transctx->response) + return LIBSSH2_ERROR_ALLOC; + + transctx->state = agent_NB_state_response_length_received; + } + + /* Receive the response body */ + if(transctx->state == agent_NB_state_response_length_received) { + rc = win32_openssh_recv_all(agent, transctx->response, + transctx->response_len, + &transctx->send_recv_total); + if(rc == LIBSSH2_ERROR_EAGAIN) + return LIBSSH2_ERROR_EAGAIN; + else if(rc < 0) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_RECV, + "agent recv failed"); + transctx->state = agent_NB_state_response_received; + } + + return LIBSSH2_ERROR_NONE; +} + +static int +agent_disconnect_openssh(LIBSSH2_AGENT *agent) +{ + if(!CancelIo(agent->pipe)) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_DISCONNECT, + "failed to cancel pending IO of agent pipe"); + if(!CloseHandle(agent->overlapped.hEvent)) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_DISCONNECT, + "failed to close handle to async I/O event"); + agent->overlapped.hEvent = NULL; + /* let queued APCs (if any) drain */ + SleepEx(0, TRUE); + if(!CloseHandle(agent->pipe)) + return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_DISCONNECT, + "failed to close handle to agent pipe"); + + agent->pipe = INVALID_HANDLE_VALUE; + agent->fd = LIBSSH2_INVALID_SOCKET; + + return LIBSSH2_ERROR_NONE; +} + +struct agent_ops agent_ops_openssh = { + agent_connect_openssh, + agent_transact_openssh, + agent_disconnect_openssh +}; +#endif /* WIN32 */ diff --git a/uppsrc/Core/SSH/libssh2/bcrypt_pbkdf.c b/uppsrc/Core/SSH/libssh2/bcrypt_pbkdf.c index ca2863be8..f782bcac5 100644 --- a/uppsrc/Core/SSH/libssh2/bcrypt_pbkdf.c +++ b/uppsrc/Core/SSH/libssh2/bcrypt_pbkdf.c @@ -81,7 +81,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext), &j); for(i = 0; i < 64; i++) - blf_enc(&state, cdata, sizeof(cdata) / (sizeof(uint64_t))); + blf_enc(&state, cdata, BCRYPT_BLOCKS / 2); /* copy out */ for(i = 0; i < BCRYPT_BLOCKS; i++) { diff --git a/uppsrc/Core/SSH/libssh2/channel.c b/uppsrc/Core/SSH/libssh2/channel.c index 55a16e9f4..78ed40e87 100644 --- a/uppsrc/Core/SSH/libssh2/channel.c +++ b/uppsrc/Core/SSH/libssh2/channel.c @@ -1338,7 +1338,11 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection, border */ unsigned char buffer[(LIBSSH2_X11_RANDOM_COOKIE_LEN / 2) + 1]; - _libssh2_random(buffer, LIBSSH2_X11_RANDOM_COOKIE_LEN / 2); + if(_libssh2_random(buffer, LIBSSH2_X11_RANDOM_COOKIE_LEN / 2)) { + return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN, + "Unable to get random bytes " + "for x11-req cookie"); + } for(i = 0; i < (LIBSSH2_X11_RANDOM_COOKIE_LEN / 2); i++) { snprintf((char *)&s[i*2], 3, "%02X", buffer[i]); } diff --git a/uppsrc/Core/SSH/libssh2/hostkey.c b/uppsrc/Core/SSH/libssh2/hostkey.c index 1631aae64..d87a4c744 100644 --- a/uppsrc/Core/SSH/libssh2/hostkey.c +++ b/uppsrc/Core/SSH/libssh2/hostkey.c @@ -783,6 +783,42 @@ static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ecdsa_ssh_nistp521 = { hostkey_method_ssh_ecdsa_dtor, }; +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ecdsa_ssh_nistp256_cert = { + "ecdsa-sha2-nistp256-cert-v01@openssh.com", + SHA256_DIGEST_LENGTH, + NULL, + hostkey_method_ssh_ecdsa_initPEM, + hostkey_method_ssh_ecdsa_initPEMFromMemory, + NULL, + hostkey_method_ssh_ecdsa_signv, + NULL, /* encrypt */ + hostkey_method_ssh_ecdsa_dtor, +}; + +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ecdsa_ssh_nistp384_cert = { + "ecdsa-sha2-nistp384-cert-v01@openssh.com", + SHA384_DIGEST_LENGTH, + NULL, + hostkey_method_ssh_ecdsa_initPEM, + hostkey_method_ssh_ecdsa_initPEMFromMemory, + NULL, + hostkey_method_ssh_ecdsa_signv, + NULL, /* encrypt */ + hostkey_method_ssh_ecdsa_dtor, +}; + +static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ecdsa_ssh_nistp521_cert = { + "ecdsa-sha2-nistp521-cert-v01@openssh.com", + SHA512_DIGEST_LENGTH, + NULL, + hostkey_method_ssh_ecdsa_initPEM, + hostkey_method_ssh_ecdsa_initPEMFromMemory, + NULL, + hostkey_method_ssh_ecdsa_signv, + NULL, /* encrypt */ + hostkey_method_ssh_ecdsa_dtor, +}; + #endif /* LIBSSH2_ECDSA */ #if LIBSSH2_ED25519 @@ -999,6 +1035,9 @@ static const LIBSSH2_HOSTKEY_METHOD *hostkey_methods[] = { &hostkey_method_ecdsa_ssh_nistp256, &hostkey_method_ecdsa_ssh_nistp384, &hostkey_method_ecdsa_ssh_nistp521, + &hostkey_method_ecdsa_ssh_nistp256_cert, + &hostkey_method_ecdsa_ssh_nistp384_cert, + &hostkey_method_ecdsa_ssh_nistp521_cert, #endif #if LIBSSH2_ED25519 &hostkey_method_ssh_ed25519, diff --git a/uppsrc/Core/SSH/libssh2/kex.c b/uppsrc/Core/SSH/libssh2/kex.c index cc871e756..9f3ef7992 100644 --- a/uppsrc/Core/SSH/libssh2/kex.c +++ b/uppsrc/Core/SSH/libssh2/kex.c @@ -1579,39 +1579,6 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange } -#if LIBSSH2_ECDSA - -/* kex_session_ecdh_curve_type - * returns the EC curve type by name used in key exchange - */ - -static int -kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) -{ - int ret = 0; - libssh2_curve_type type; - - if(name == NULL) - return -1; - - if(strcmp(name, "ecdh-sha2-nistp256") == 0) - type = LIBSSH2_EC_CURVE_NISTP256; - else if(strcmp(name, "ecdh-sha2-nistp384") == 0) - type = LIBSSH2_EC_CURVE_NISTP384; - else if(strcmp(name, "ecdh-sha2-nistp521") == 0) - type = LIBSSH2_EC_CURVE_NISTP521; - else { - ret = -1; - } - - if(ret == 0 && out_type) { - *out_type = type; - } - - return ret; -} - - /* LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY * * Macro that create and verifies EC SHA hash with a given digest bytes @@ -1721,6 +1688,39 @@ kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) } \ +#if LIBSSH2_ECDSA + +/* kex_session_ecdh_curve_type + * returns the EC curve type by name used in key exchange + */ + +static int +kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) +{ + int ret = 0; + libssh2_curve_type type; + + if(name == NULL) + return -1; + + if(strcmp(name, "ecdh-sha2-nistp256") == 0) + type = LIBSSH2_EC_CURVE_NISTP256; + else if(strcmp(name, "ecdh-sha2-nistp384") == 0) + type = LIBSSH2_EC_CURVE_NISTP384; + else if(strcmp(name, "ecdh-sha2-nistp521") == 0) + type = LIBSSH2_EC_CURVE_NISTP521; + else { + ret = -1; + } + + if(ret == 0 && out_type) { + *out_type = type; + } + + return ret; +} + + /* ecdh_sha2_nistp * Elliptic Curve Diffie Hellman Key Exchange */ @@ -1752,26 +1752,24 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, /* parse INIT reply data */ /* host key K_S */ - unsigned char *s = data + 1; /* Advance past packet type */ unsigned char *server_public_key; size_t server_public_key_len; - size_t host_sig_len; + struct string_buf buf; - session->server_hostkey_len = - _libssh2_ntohu32((const unsigned char *)s); - s += 4; + buf.data = data; + buf.len = data_len; + buf.dataptr = buf.data; + buf.dataptr++; /* Advance past packet type */ - session->server_hostkey = LIBSSH2_ALLOC(session, - session->server_hostkey_len); - if(!session->server_hostkey) { - ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for a copy " - "of the host key"); + if(_libssh2_copy_string(session, &buf, &(session->server_hostkey), + &server_public_key_len)) { + ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for a copy " + "of the host key"); goto clean_exit; } - memcpy(session->server_hostkey, s, session->server_hostkey_len); - s += session->server_hostkey_len; + session->server_hostkey_len = (uint32_t)server_public_key_len; #if LIBSSH2_MD5 { @@ -1870,19 +1868,20 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type, } /* server public key Q_S */ - server_public_key_len = _libssh2_ntohu32((const unsigned char *)s); - s += 4; - - server_public_key = s; - s += server_public_key_len; + if(_libssh2_get_string(&buf, &server_public_key, + &server_public_key_len)) { + ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Unexpected key length"); + goto clean_exit; + } /* server signature */ - host_sig_len = _libssh2_ntohu32((const unsigned char *)s); - s += 4; - - exchange_state->h_sig = s; - exchange_state->h_sig_len = host_sig_len; - s += host_sig_len; + if(_libssh2_get_string(&buf, &exchange_state->h_sig, + &(exchange_state->h_sig_len))) { + ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, + "Unexpected ecdh server sig length"); + goto clean_exit; + } /* Compute the shared secret K */ rc = _libssh2_ecdh_gen_k(&exchange_state->k, private_key, @@ -3177,7 +3176,11 @@ static int kexinit(LIBSSH2_SESSION * session) *(s++) = SSH_MSG_KEXINIT; - _libssh2_random(s, 16); + if(_libssh2_random(s, 16)) { + return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN, + "Unable to get random bytes " + "for KEXINIT cookie"); + } s += 16; /* Ennumerating through these lists twice is probably (certainly?) @@ -3287,24 +3290,40 @@ kex_agree_instr(unsigned char *haystack, unsigned long haystack_len, const unsigned char *needle, unsigned long needle_len) { unsigned char *s; + unsigned char *end_haystack; + unsigned long left; - /* Haystack too short to bother trying */ - if(haystack_len < needle_len) { + if(haystack == NULL || needle == NULL) { return NULL; } + /* Haystack too short to bother trying */ + if(haystack_len < needle_len || needle_len == 0) { + return NULL; + } + + s = haystack; + end_haystack = &haystack[haystack_len]; + left = end_haystack - s; + /* Needle at start of haystack */ if((strncmp((char *) haystack, (char *) needle, needle_len) == 0) && (needle_len == haystack_len || haystack[needle_len] == ',')) { return haystack; } - s = haystack; /* Search until we run out of comas or we run out of haystack, whichever comes first */ - while((s = (unsigned char *) strchr((char *) s, ',')) - && ((haystack_len - (s - haystack)) > needle_len)) { - s++; + while((s = (unsigned char *) memchr((char *) s, ',', left))) { + /* Advance buffer past coma if we can */ + left = end_haystack - s; + if((left >= 1) && (left <= haystack_len) && (left > needle_len)) { + s++; + } + else { + return NULL; + } + /* Needle at X position */ if((strncmp((char *) s, (char *) needle, needle_len) == 0) && (((s - haystack) + needle_len) == haystack_len @@ -4069,7 +4088,7 @@ LIBSSH2_API int libssh2_session_supported_algs(LIBSSH2_SESSION* session, supported algorithms (needed to allocate the proper size of array) and the second time to actually copy the pointers. Typically this function will not be called often (typically at the beginning of a session) and - the number of algorithms (i.e. niumber of iterations in one loop) will + the number of algorithms (i.e. number of iterations in one loop) will not be high (typically it will not exceed 20) for quite a long time. So double looping really shouldn't be an issue and it is definitely a diff --git a/uppsrc/Core/SSH/libssh2/libgcrypt.h b/uppsrc/Core/SSH/libssh2/libgcrypt.h index 92b48b88b..298c65ed0 100644 --- a/uppsrc/Core/SSH/libssh2/libgcrypt.h +++ b/uppsrc/Core/SSH/libssh2/libgcrypt.h @@ -68,7 +68,7 @@ #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) #define _libssh2_random(buf, len) \ - (gcry_randomize ((buf), (len), GCRY_STRONG_RANDOM), 1) + (gcry_randomize ((buf), (len), GCRY_STRONG_RANDOM), 0) #define libssh2_prepare_iovec(vec, len) /* Empty. */ diff --git a/uppsrc/Core/SSH/libssh2/libssh2.h b/uppsrc/Core/SSH/libssh2/libssh2.h index f2233e91f..995d83ed0 100644 --- a/uppsrc/Core/SSH/libssh2/libssh2.h +++ b/uppsrc/Core/SSH/libssh2/libssh2.h @@ -46,12 +46,12 @@ to make the BANNER define (used by src/session.c) be a valid SSH banner. Release versions have no appended strings and may of course not have dashes either. */ -#define LIBSSH2_VERSION "1.9.0-20201117" +#define LIBSSH2_VERSION "1.10.0" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBSSH2_VERSION_MAJOR 1 -#define LIBSSH2_VERSION_MINOR 9 +#define LIBSSH2_VERSION_MINOR 10 #define LIBSSH2_VERSION_PATCH 0 /* This is the numeric version of the libssh2 version number, meant for easier @@ -69,7 +69,7 @@ and it is always a greater number in a more recent release. It makes comparisons with greater than and less than work. */ -#define LIBSSH2_VERSION_NUM 0x010900 +#define LIBSSH2_VERSION_NUM 0x010a00 /* * This is the date and time when the full source package was created. The @@ -80,7 +80,7 @@ * * "Mon Feb 12 11:35:33 UTC 2007" */ -#define LIBSSH2_TIMESTAMP "Tue Nov 17 05:06:30 UTC 2020" +#define LIBSSH2_TIMESTAMP "Sun 29 Aug 2021 08:37:50 PM UTC" #ifndef RC_INVOKED @@ -505,6 +505,7 @@ typedef struct _LIBSSH2_POLLFD { #define LIBSSH2_ERROR_KNOWN_HOSTS -46 #define LIBSSH2_ERROR_CHANNEL_WINDOW_FULL -47 #define LIBSSH2_ERROR_KEYFILE_AUTH_FAILED -48 +#define LIBSSH2_ERROR_RANDGEN -49 /* this is a define to provide the old (<= 1.2.7) name */ #define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV diff --git a/uppsrc/Core/SSH/libssh2/libssh2_config.h b/uppsrc/Core/SSH/libssh2/libssh2_config.h index cf579dc3d..1324d9444 100644 --- a/uppsrc/Core/SSH/libssh2/libssh2_config.h +++ b/uppsrc/Core/SSH/libssh2/libssh2_config.h @@ -31,7 +31,7 @@ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE - * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * USE OF TH☕IS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY * OF SUCH DAMAGE. */ @@ -42,9 +42,9 @@ #define PACKAGE "Upp::SSH" #define PACKAGE_BUGREPORT "https://github.com/ultimatepp/ultimatepp/issues" #define PACKAGE_NAME "Ultimate++ SSH package" -#define PACKAGE_STRING "Ultimate++ SSH package, a libssh2 wrapper, (ver. 2021.1)" +#define PACKAGE_STRING "Ultimate++ SSH package, a libssh2 wrapper, (ver. 2022.2)" #define PACKAGE_URL "https://github.com/ultimatepp/ultimatepp" -#define PACKAGE_VERSION "2021.1" +#define PACKAGE_VERSION "2022.2 (libssh2 v.1.10.0)" /* Headers */ #define HAVE_INTTYPES_H diff --git a/uppsrc/Core/SSH/libssh2/libssh2_config.h.in b/uppsrc/Core/SSH/libssh2/libssh2_config.h.in index 307c62553..94adf4283 100644 --- a/uppsrc/Core/SSH/libssh2/libssh2_config.h.in +++ b/uppsrc/Core/SSH/libssh2/libssh2_config.h.in @@ -3,19 +3,13 @@ /* Define if building universal (internal helper macro) */ #undef AC_APPLE_UNIVERSAL_BUILD -/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP - systems. This function is required for `alloca.c' support on those systems. - */ -#undef CRAY_STACKSEG_END - -/* Define to 1 if using `alloca.c'. */ +/* Define to 1 if using 'alloca.c'. */ #undef C_ALLOCA -/* Define to 1 if you have `alloca', as a function or macro. */ +/* Define to 1 if you have 'alloca', as a function or macro. */ #undef HAVE_ALLOCA -/* Define to 1 if you have and it should be used (not on Ultrix). - */ +/* Define to 1 if works. */ #undef HAVE_ALLOCA_H /* Define to 1 if you have the header file. */ @@ -76,9 +70,6 @@ /* Define to 1 if the compiler supports the 'long long' data type. */ #undef HAVE_LONGLONG -/* Define to 1 if you have the header file. */ -#undef HAVE_MEMORY_H - /* Define to 1 if you have the `memset_s' function. */ #undef HAVE_MEMSET_S @@ -222,7 +213,9 @@ STACK_DIRECTION = 0 => direction of growth unknown */ #undef STACK_DIRECTION -/* Define to 1 if you have the ANSI C header files. */ +/* Define to 1 if all of the C90 standard headers exist (not just the ones + required in a freestanding environment). This macro is provided for + backward compatibility; new code need not use it. */ #undef STDC_HEADERS /* Version number of package */ @@ -240,11 +233,6 @@ # endif #endif -/* Enable large inode numbers on Mac OS X 10.5. */ -#ifndef _DARWIN_USE_64_BIT_INODE -# define _DARWIN_USE_64_BIT_INODE 1 -#endif - /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS diff --git a/uppsrc/Core/SSH/libssh2/libssh2_priv.h b/uppsrc/Core/SSH/libssh2/libssh2_priv.h index 474698e15..da488b744 100644 --- a/uppsrc/Core/SSH/libssh2/libssh2_priv.h +++ b/uppsrc/Core/SSH/libssh2/libssh2_priv.h @@ -109,14 +109,19 @@ #define inline __inline #endif -/* Provide iovec / writev on WIN32 platform. */ -#ifdef WIN32 +/* 3DS doesn't seem to have iovec */ +#if defined(WIN32) || defined(_3DS) struct iovec { size_t iov_len; void *iov_base; }; +#endif + +/* Provide iovec / writev on WIN32 platform. */ +#ifdef WIN32 + static inline int writev(int sock, struct iovec *iov, int nvecs) { DWORD ret; diff --git a/uppsrc/Core/SSH/libssh2/openssl.c b/uppsrc/Core/SSH/libssh2/openssl.c index 65a6c1736..7a6810f13 100644 --- a/uppsrc/Core/SSH/libssh2/openssl.c +++ b/uppsrc/Core/SSH/libssh2/openssl.c @@ -427,10 +427,19 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, #else ret = EVP_Cipher(ctx, buf, block, blocksize); #endif +#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3 + if(ret != -1) { +#else if(ret == 1) { +#endif memcpy(block, buf, blocksize); } + +#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3 + return ret != -1 ? 0 : 1; +#else return ret == 1 ? 0 : 1; +#endif } #if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) @@ -1681,6 +1690,8 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, method_buf = LIBSSH2_ALLOC(session, 11); /* ssh-ed25519. */ if(method_buf == NULL) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for ED25519 key"); goto clean_exit; } @@ -1689,6 +1700,8 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session, key_len = LIBSSH2_ED25519_KEY_LEN + 19; key = LIBSSH2_CALLOC(session, key_len); if(key == NULL) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for ED25519 key"); goto clean_exit; } @@ -2212,6 +2225,19 @@ _libssh2_sha512(const unsigned char *message, unsigned long len, int _libssh2_md5_init(libssh2_md5_ctx *ctx) { + /* MD5 digest is not supported in OpenSSL FIPS mode + * Trying to init it will result in a latent OpenSSL error: + * "digital envelope routines:FIPS_DIGESTINIT:disabled for fips" + * So, just return 0 in FIPS mode + */ +#if OPENSSL_VERSION_NUMBER >= 0x000907000L && \ + defined(OPENSSL_VERSION_MAJOR) && \ + OPENSSL_VERSION_MAJOR < 3 && \ + !defined(LIBRESSL_VERSION_NUMBER) + if(FIPS_mode() != 0) + return 0; +#endif + #ifdef HAVE_OPAQUE_STRUCTS *ctx = EVP_MD_CTX_new(); @@ -2402,6 +2428,7 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, if((rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, point_buf, pointlen, curve_type)) != 0) { + rc = -1; _libssh2_error(session, LIBSSH2_ERROR_PROTO, "ECDSA could not create key"); goto fail; @@ -2410,6 +2437,8 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, bn_exponent = BN_new(); if(bn_exponent == NULL) { rc = -1; + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for private key data"); goto fail; } @@ -2436,15 +2465,10 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session, return rc; fail: - if(ec_key != NULL) EC_KEY_free(ec_key); - return _libssh2_error(session, - LIBSSH2_ERROR_ALLOC, - "Unable to allocate memory for private key data"); - - + return rc; } static int @@ -3037,17 +3061,13 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, if(key_ctx != NULL) *key_ctx = NULL; - if(session == NULL) { - _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Session is required"); - return -1; - } + if(session == NULL) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Session is required"); - if(key_type != NULL && (strlen(key_type) > 11 || strlen(key_type) < 7)) { - _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "type is invalid"); - return -1; - } + if(key_type != NULL && (strlen(key_type) > 11 || strlen(key_type) < 7)) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "type is invalid"); _libssh2_init_if_needed(); @@ -3055,20 +3075,18 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, privatekeydata, privatekeydata_len, &decrypted); - if(rc) { + if(rc) return rc; - } /* We have a new key file, now try and parse it using supported types */ rc = _libssh2_get_string(decrypted, &buf, NULL); - if(rc != 0 || buf == NULL) { - _libssh2_error(session, LIBSSH2_ERROR_PROTO, - "Public key type in decrypted key data not found"); - return -1; - } + if(rc != 0 || buf == NULL) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Public key type in decrypted " + "key data not found"); - rc = -1; + rc = LIBSSH2_ERROR_FILE; #if LIBSSH2_ED25519 if(strcmp("ssh-ed25519", (const char *)buf) == 0) { @@ -3122,6 +3140,11 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session, } #endif + if(rc == LIBSSH2_ERROR_FILE) + rc = _libssh2_error(session, LIBSSH2_ERROR_FILE, + "Unable to extract public key from private key file: " + "invalid/unrecognized private key file format"); + if(decrypted) _libssh2_string_buf_free(session, decrypted); @@ -3161,10 +3184,10 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, "Computing public key from private key."); bp = BIO_new_mem_buf((char *)privatekeydata, privatekeydata_len); - if(!bp) { - return -1; - } - + if(!bp) + return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory when" + "computing public key"); BIO_reset(bp); pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void *)passphrase); BIO_free(bp); @@ -3179,15 +3202,8 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, privatekeydata, privatekeydata_len, (unsigned const char *)passphrase); - if(st != 0) { - return _libssh2_error(session, - LIBSSH2_ERROR_FILE, - "Unable to extract public key " - "from private key file: " - "Wrong passphrase or invalid/unrecognized " - "private key file format"); - } - + if(st != 0) + return st; return 0; } diff --git a/uppsrc/Core/SSH/libssh2/openssl.h b/uppsrc/Core/SSH/libssh2/openssl.h index 66ff1b26a..658b040d6 100644 --- a/uppsrc/Core/SSH/libssh2/openssl.h +++ b/uppsrc/Core/SSH/libssh2/openssl.h @@ -137,7 +137,7 @@ #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) -#define _libssh2_random(buf, len) RAND_bytes ((buf), (len)) +#define _libssh2_random(buf, len) (RAND_bytes((buf), (len)) == 1 ? 0 : -1) #define libssh2_prepare_iovec(vec, len) /* Empty. */ diff --git a/uppsrc/Core/SSH/libssh2/packet.c b/uppsrc/Core/SSH/libssh2/packet.c index 9897f7771..04937d62a 100644 --- a/uppsrc/Core/SSH/libssh2/packet.c +++ b/uppsrc/Core/SSH/libssh2/packet.c @@ -1323,9 +1323,11 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session, if(strchr((char *) packet_types, ret)) { /* Be lazy, let packet_ask pull it out of the brigade */ - return _libssh2_packet_askv(session, packet_types, data, + int ret = _libssh2_packet_askv(session, packet_types, data, data_len, match_ofs, match_buf, match_len); + state->start = 0; + return ret; } } diff --git a/uppsrc/Core/SSH/libssh2/pem.c b/uppsrc/Core/SSH/libssh2/pem.c index 53f58c2ef..3416bd528 100644 --- a/uppsrc/Core/SSH/libssh2/pem.c +++ b/uppsrc/Core/SSH/libssh2/pem.c @@ -176,6 +176,8 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session, linelen = strlen(line); tmp = LIBSSH2_REALLOC(session, b64data, b64datalen + linelen); if(!tmp) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for PEM parsing"); ret = -1; goto out; } @@ -319,6 +321,8 @@ _libssh2_pem_parse_memory(LIBSSH2_SESSION * session, linelen = strlen(line); tmp = LIBSSH2_REALLOC(session, b64data, b64datalen + linelen); if(!tmp) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for PEM parsing"); ret = -1; goto out; } @@ -690,6 +694,8 @@ _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session, linelen = strlen(line); tmp = LIBSSH2_REALLOC(session, b64data, b64datalen + linelen); if(!tmp) { + _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for PEM parsing"); ret = -1; goto out; } @@ -738,17 +744,17 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, size_t off = 0; int ret; - if(filedata == NULL || filedata_len <= 0) { - return -1; - } + if(filedata == NULL || filedata_len <= 0) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Error parsing PEM: filedata missing"); do { *line = '\0'; - if(off >= filedata_len) { - return -1; - } + if(off >= filedata_len) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Error parsing PEM: offset out of bounds"); if(readline_memory(line, LINE_SIZE, filedata, filedata_len, &off)) { return -1; @@ -766,7 +772,9 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, linelen = strlen(line); tmp = LIBSSH2_REALLOC(session, b64data, b64datalen + linelen); if(!tmp) { - ret = -1; + ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, + "Unable to allocate memory for " + "PEM parsing"); goto out; } memcpy(tmp + b64datalen, line, linelen); @@ -777,7 +785,8 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, *line = '\0'; if(off >= filedata_len) { - ret = -1; + ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Error parsing PEM: offset out of bounds"); goto out; } @@ -787,9 +796,9 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session, } } while(strcmp(line, OPENSSH_HEADER_END) != 0); - if(!b64data) { - return -1; - } + if(!b64data) + return _libssh2_error(session, LIBSSH2_ERROR_PROTO, + "Error parsing PEM: base 64 data missing"); ret = _libssh2_openssh_pem_parse_data(session, passphrase, b64data, b64datalen, decrypted_buf); diff --git a/uppsrc/Core/SSH/libssh2/transport.c b/uppsrc/Core/SSH/libssh2/transport.c index 0723b77bb..17af3e4da 100644 --- a/uppsrc/Core/SSH/libssh2/transport.c +++ b/uppsrc/Core/SSH/libssh2/transport.c @@ -488,6 +488,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) p->wptr += blocksize - 5; /* advance write pointer */ } else { + if(p->payload) + LIBSSH2_FREE(session, p->payload); return LIBSSH2_ERROR_OUT_OF_BOUNDARY; } } @@ -570,6 +572,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) memcpy(p->wptr, &p->buf[p->readidx], numbytes); } else { + if(p->payload) + LIBSSH2_FREE(session, p->payload); return LIBSSH2_ERROR_OUT_OF_BOUNDARY; } @@ -858,7 +862,10 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, p->outbuf[4] = (unsigned char)padding_length; /* fill the padding area with random junk */ - _libssh2_random(p->outbuf + 5 + data_len, padding_length); + if(_libssh2_random(p->outbuf + 5 + data_len, padding_length)) { + return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN, + "Unable to get random bytes for packet padding"); + } if(encrypted) { size_t i; diff --git a/uppsrc/Core/SSH/libssh2/userauth.c b/uppsrc/Core/SSH/libssh2/userauth.c index d5dbaa48c..40ef9153a 100644 --- a/uppsrc/Core/SSH/libssh2/userauth.c +++ b/uppsrc/Core/SSH/libssh2/userauth.c @@ -828,11 +828,6 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session, { int rc; -#if !LIBSSH2_RSA - return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "RSA is not supported by crypto backend"); -#endif - if(session->userauth_host_state == libssh2_NB_state_idle) { const LIBSSH2_HOSTKEY_METHOD *privkeyobj; unsigned char *pubkeydata = NULL; @@ -1075,7 +1070,21 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, return rc; } - +static int plain_method_len(const char *method, size_t method_len) +{ + if(!strncmp("ecdsa-sha2-nistp256-cert-v01@openssh.com", + method, + method_len) || + !strncmp("ecdsa-sha2-nistp384-cert-v01@openssh.com", + method, + method_len) || + !strncmp("ecdsa-sha2-nistp521-cert-v01@openssh.com", + method, + method_len)) { + return 19; + } + return method_len; +} int _libssh2_userauth_publickey(LIBSSH2_SESSION *session, @@ -1340,6 +1349,10 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, s = session->userauth_pblc_packet + session->userauth_pblc_packet_len; session->userauth_pblc_b = NULL; + session->userauth_pblc_method_len = + plain_method_len((const char *)session->userauth_pblc_method, + session->userauth_pblc_method_len); + _libssh2_store_u32(&s, 4 + session->userauth_pblc_method_len + 4 + sig_len); @@ -1438,11 +1451,6 @@ userauth_publickey_frommemory(LIBSSH2_SESSION *session, void *abstract = &privkey_file; int rc; -#if !LIBSSH2_RSA - return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "RSA is not supported by crypto backend"); -#endif - privkey_file.filename = privatekeydata; privkey_file.passphrase = passphrase; @@ -1457,15 +1465,14 @@ userauth_publickey_frommemory(LIBSSH2_SESSION *session, } else if(privatekeydata_len && privatekeydata) { /* Compute public key from private key. */ - if(_libssh2_pub_priv_keyfilememory(session, + rc = _libssh2_pub_priv_keyfilememory(session, &session->userauth_pblc_method, &session->userauth_pblc_method_len, &pubkeydata, &pubkeydata_len, privatekeydata, privatekeydata_len, - passphrase)) - return _libssh2_error(session, LIBSSH2_ERROR_FILE, - "Unable to extract public key " - "from private key."); + passphrase); + if(rc) + return rc; } else { return _libssh2_error(session, LIBSSH2_ERROR_FILE, @@ -1500,11 +1507,6 @@ userauth_publickey_fromfile(LIBSSH2_SESSION *session, void *abstract = &privkey_file; int rc; -#if !LIBSSH2_RSA - return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED, - "RSA is not supported by crypto backend"); -#endif - privkey_file.filename = privatekey; privkey_file.passphrase = passphrase; diff --git a/uppsrc/Core/SSH/libssh2upp.c b/uppsrc/Core/SSH/libssh2upp.c index 013d03268..295d7c1f5 100644 --- a/uppsrc/Core/SSH/libssh2upp.c +++ b/uppsrc/Core/SSH/libssh2upp.c @@ -2,6 +2,7 @@ #define _UPP_SSH_libssh2upp_h_ #include "libssh2/agent.c" +#include "libssh2/agent_win.c" #include "libssh2/bcrypt_pbkdf.c" #include "libssh2/blowfish.c" #include "libssh2/channel.c" From edb3e5ca420e8c5eb9d2ec846cebf7c9aba1b5ac Mon Sep 17 00:00:00 2001 From: warchef Date: Wed, 14 Sep 2022 17:25:42 +0200 Subject: [PATCH 3/3] LabelBox USC SetFont property (#87) --- uppsrc/CtrlLib/CtrlLib.usc | 1 + 1 file changed, 1 insertion(+) diff --git a/uppsrc/CtrlLib/CtrlLib.usc b/uppsrc/CtrlLib/CtrlLib.usc index df1500e79..041cb9b0d 100644 --- a/uppsrc/CtrlLib/CtrlLib.usc +++ b/uppsrc/CtrlLib/CtrlLib.usc @@ -324,6 +324,7 @@ ctrl LabelBox { >Base; Text SetLabel ? "Box label" ; + Font SetFont = StdFont(); Paint(w) { sz = GetSize();