RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-18 08:04:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,671 Commits 69 Branches 157 Tags 27 MiB
107eb3eeaf
Commit Graph

41 Commits

Author SHA1 Message Date
djm@openbsd.org
bbf20ac806 upstream: adapt to SSH_SK_VERSION_MAJOR crank 
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
 2020-09-09 13:12:29 +10:00
djm@openbsd.org
9cbbdc12cb upstream: dummy firmware needs to match API version numner crank (for 
verify-required resident keys) even though it doesn't implement this feature

OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
 2020-08-27 12:16:23 +10:00
djm@openbsd.org
a01817a9f6 upstream: adapt dummy FIDO middleware to API change; ok markus@ 
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
 2020-05-01 13:13:36 +10:00
djm@openbsd.org
9f8a42340b upstream: this needs utf8.c too 
OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
 2020-04-03 15:46:13 +11:00
djm@openbsd.org
f73ab8a811 upstream: unbreak unittests for recent API / source file changes 
OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
 2020-01-26 14:19:43 +11:00
Damien Miller
47160e1de8 unbreak fuzzer support for recent ssh-sk.h changes 2020-01-22 10:30:13 +11:00
Darren Tucker
1af3354aea Wrap stdint.h in ifdef HAVE_STDINT_H. 2020-01-15 16:22:36 +11:00
djm@openbsd.org
dd2acc8b86 upstream: adapt sk-dummy to SK API changes 
also, make it pull prototypes directly from sk-api.c and #error
if the expected version changes. This will make any future regress
test breakage because of SK API changes much more apparent

OpenBSD-Regress-ID: 79b07055de4feb988e31da71a89051ad5969829d
 2020-01-06 13:12:46 +11:00
djm@openbsd.org
680eb7749a upstream: implement recent SK API change to support resident keys 
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@

OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
 2020-01-03 13:47:32 +11:00
Damien Miller
0248ec7c76 ssh-sk-null.cc needs extern "C" {} 2020-01-02 13:41:31 +11:00
Damien Miller
5ca4b414ef add dummy ssh-sk API for linking with fuzzers 2020-01-02 11:15:49 +11:00
djm@openbsd.org
1a7217ac06 upstream: adapt to ssh-sk-client change 
OpenBSD-Regress-ID: 40481999a5928d635ab2e5b029e8239c112005ea
 2019-12-16 14:20:35 +11:00
Darren Tucker
fa7924008e Wrap ECC specific bits in ifdef. 
Fixes tests when built against an OpenSSL configured with no-ec.
 2019-12-06 14:17:26 +11:00
Damien Miller
37f5b5346e includes.h for sk-dummy.c, dummy 2019-11-29 14:48:46 +11:00
Damien Miller
ef3853bb94 another attempt at sk-dummy.so working x-platform 
include a fatal() implementation to satisfy libopenbsd-compat

clean up .lo and .so files

.gitignore .lo and .so files
 2019-11-29 11:52:23 +11:00
djm@openbsd.org
d46ac56f1c upstream: lots of dependencies go away here with ed25519 no longer 
needing the ssh_digest API.

OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
 2019-11-29 11:19:48 +11:00
djm@openbsd.org
c6efa8a91a upstream: add dummy security key middleware based on work by 
markus@

This will allow us to test U2F/FIDO2 support in OpenSSH without
requiring real hardware.

ok markus@

OpenBSD-Regress-ID: 88b309464b8850c320cf7513f26d97ee1fdf9aae
 2019-11-27 10:47:28 +11:00
Damien Miller
9281d4311b unbreak fuzzers for recent security key changes 2019-11-25 21:47:49 +11:00
djm@openbsd.org
6498826682 upstream: unbreak after security key support landed 
OpenBSD-Regress-ID: 3ab578b0dbeb2aa6d9969b54a9c1bad329c0dcba
 2019-11-25 21:34:20 +11:00
Damien Miller
1ba130ac8f add a fuzzer for private key parsing 2019-10-09 13:49:35 +11:00
Damien Miller
8b57337c1c update fuzzing makefile to more recent clang 2019-09-05 15:46:39 +10:00
Damien Miller
ae631ad77d fuzzer for sshsig allowed_signers option parsing 2019-09-05 15:46:11 +10:00
Damien Miller
f4846dfc6a Fuzzer harness for sshsig 2019-09-05 14:26:39 +10:00
djm@openbsd.org
49d8c8e214 upstream: adapt to changes in KEX APIs and file removals 
OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca
 2019-01-21 23:51:29 +11:00
Damien Miller
9b655dc9c9 last bits of old packet API / active_state global 2019-01-20 14:55:27 +11:00
Damien Miller
4488ae1a69 really add source for authopt_fuzz this time 2018-09-15 19:36:55 +10:00
Damien Miller
9201784b4a remove accidentally checked-in authopt_fuzz binary 2018-09-15 19:35:40 +10:00
Damien Miller
6bc5a24ac8 fuzzer harness for authorized_keys option parsing 2018-09-14 15:17:08 +10:00
Damien Miller
4f29309c4c unbreak fuzz harness 2018-01-03 19:50:43 +11:00
djm@openbsd.org
f6b50bf84d upstream commit 
another libssh casualty

OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec
 2018-01-03 16:46:49 +11:00
djm@openbsd.org
d3b6aeb546 upstream commit 
more RCSIDs

Upstream-Regress-ID: 1aecbe3f8224793f0ec56741a86d619830eb33be
 2017-10-20 13:15:40 +11:00
Damien Miller
ec9d22cc25 Fuzzer harnesses for sig verify and pubkey parsing 
These are some basic clang libfuzzer harnesses for signature
verification and public key parsing. Some assembly (metaphorical)
required.
 2017-09-08 12:44:13 +10:00
djm@openbsd.org
dd369320d2 upstream commit 
eliminate explicit specification of protocol in tests and
loops over protocol. We only support SSHv2 now.

Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
 2017-05-01 11:59:42 +10:00
jsg@openbsd.org
e0194b471e upstream commit 
Change COMPILER_VERSION tests which limited additional
warnings to gcc4 to instead skip them on gcc3 as clang can handle
-Wpointer-sign and -Wold-style-definition.

Upstream-Regress-ID: e48d7dc13e48d9334b8195ef884dfbc51316012f
 2017-04-28 13:28:49 +10:00
djm@openbsd.org
1723ec92eb upstream commit 
fix the KEX fuzzer - the previous method of obtaining the
packet contents was broken. This now uses the new per-packet input hook, so
it sees exact post-decrypt packets and doesn't have to pass packet integrity
checks. ok markus@

Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
 2016-10-13 18:55:25 +11:00
djm@openbsd.org
920585b826 upstream commit 
add a note on kexfuzz' limitations

Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
 2016-09-21 11:07:47 +10:00
djm@openbsd.org
0445ff1840 upstream commit 
fix for newer modp DH groups
(diffie-hellman-group14-sha256 etc)

Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
 2016-09-21 11:07:47 +10:00
Darren Tucker
6310ef27a2 Move err.h replacements into compat lib. 
Move implementations of err.h replacement functions into their own file
in the libopenbsd-compat so we can use them in kexfuzz.c too.  ok djm@
 2016-07-13 14:42:35 +10:00
Darren Tucker
e960051f9a Wrap stdint.h inside #ifdef HAVE_STDINT_H. 2016-03-09 13:14:18 +11:00
Damien Miller
c425494d6b unbreak kexfuzz for -Werror without __bounded__ 2016-03-08 14:03:54 -08:00
djm@openbsd.org
0892edaa3c upstream commit 
add KEX fuzzer harness; ok deraadt@

Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
 2016-03-04 15:12:24 +11:00