search for: sshbuf_len

...h the majority of my effort has been devoted to (and all of my code snippets come from) openssl-portable. The bug is that an offset is incorrectly treated as a length [2]: /* Check signature over entire KRL up to this point */ > if ((r = sshkey_verify(key, blob, blen, > sshbuf_ptr(buf), sshbuf_len(buf) - sig_off, 0)) != 0) > goto out; "sshbuf_len(buf) - sig_off" should read "sig_off". The result of this bug is that the number of unparsed bytes after our current parse cursor, rather than the number of parsed bytes before the cursor, is used as the length of th...

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

...x600000) -> ssh_packet_write_wait(0xa870151e0, 0x0, 0x0, 0x0, 0x0, 0x600000) -> __addvdi3(0x4, 0x1, 0x0, 0x0, 0x0, 0x600000) <- __addvdi3() = 5 -> ssh_packet_write_poll(0xa870151e0, 0x0, 0x0, 0x2dc, 0x8, 0x101010101010101) -> sshbuf_len(0xa86ffc5d0, 0x0, 0x0, 0x2dc, 0x8, 0x101010101010101) <- sshbuf_len() = 80 -> sshbuf_ptr(0xa86ffc5d0, 0x0, 0x50, 0xf00, 0x8, 0x101010101010101) <- sshbuf_ptr() = 0xa87070ae0 -> roaming_write(0x4, 0xa87070ae0, 0x50,...

...ob(struct sshbuf *blob, int type, const char *passphrase, struct sshkey **keyp) { EVP_PKEY *pk = NULL; struct sshkey *prv = NULL; BIO *bio = NULL; int r; if (keyp != NULL) *keyp = NULL; if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) return SSH_ERR_ALLOC_FAIL; if (BIO_write(bio, sshbuf_ptr(blob), sshbuf_len(blob)) != (int)sshbuf_len(blob)) { r = SSH_ERR_ALLOC_FAIL; goto out; } char keybuf[T_L_4] = {0}; BIO_read(bio,...

...eturn 0; +} + +static int +compress_buffer_zstd(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) +{ + u_char buf[4096]; + ZSTD_inBuffer in_buff; + ZSTD_outBuffer out_buff; + int r, comp; + + if (ssh->state->compression_out_started != COMP_ZSTD) + return SSH_ERR_INTERNAL_ERROR; + + if (sshbuf_len(in) == 0) + return 0; + + in_buff.src = sshbuf_mutable_ptr(in); + if (!in_buff.src) + return SSH_ERR_INTERNAL_ERROR; + in_buff.size = sshbuf_len(in); + in_buff.pos = 0; + + ssh->state->compress_zstd_out_raw += in_buff.size; + out_buff.dst = buf; + out_buff.size = sizeof(buf); + + /* + * Co...

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

Using OpenSSH_8.3p1 I had an open (working) connection to some other box; after a bit of inactivity, some device in the middle seems to have forgotten about the TCP connection (NAT) and broke it. I've got an EscapeChar defined, though; so first I tried to send a BREAK and, when that didn't help (TCP already gone, packets get lost!), I tried (just out of curiosity) a Rekey. Now I can see

I added ZSTD support to OpenSSH roughly three years ago and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

...clude a built-in MAC. The error happens for all key types when using the new private key format. The error is in the call inside sshkey_parse_private2() where it passes in the length of the encrypted buffer: if ((r = cipher_crypt(&ciphercontext, 0, dp, sshbuf_ptr(decoded), sshbuf_len(decoded), 0, cipher_authlen(cipher))) != 0) { The length here should be encrypted_len, not sshbuf_len(decoded), as that includes the cipher_authlen(cipher) additional MAC bytes. A few additional changes are needed to use encrypted_len safely here and to later properly consume the auth data. I hav...

I hacked zstd support into OpenSSH a while ago and just started to clean it up in the recent days. The cleanup includes configuration support among other things that I did not have. During testing I noticed the following differences compared to zlib: - highly interactive shell output (as in refreshed at a _very_ high rate) may result in higher bandwidth compared to zlib. Since zstd is quicker

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a

I added ZSTD support to OpenSSH roughly over a year and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private

...ity *id; + + if ((r = sshbuf_get_cstring(e->request, &engine, NULL)) != 0 || + (r = sshbuf_get_cstring(e->request, &file, NULL)) != 0 || + (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + while (sshbuf_len(e->request)) { + if ((r = sshbuf_get_u8(e->request, &type)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + switch (type) { + case SSH_AGENT_CONSTRAIN_LIFETIME: + if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) + fatal("%s: buffer error:...

...?{ ??? ?EVP_PKEY *pk = NULL; ??? ?struct sshkey *prv = NULL; +?? ?struct sshkey_vault *vault_info = NULL; ??? ?BIO *bio = NULL; ??? ?int r; ? ??? ?if (keyp != NULL) ??? ??? ?*keyp = NULL; +?? ?if (vault_infop != NULL) +?? ??? ?*vault_infop = NULL; ? ??? ?if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) ??? ??? ?return SSH_ERR_ALLOC_FAIL; @@ -4538,6 +4607,13 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, ??? ??? ?r = SSH_ERR_ALLOC_FAIL; ??? ??? ?goto out; ??? ?} +?? ?if ((vault_info = sshkey_vault_new()) == NULL) { +?? ??? ?r = SSH_ERR_ALLOC_FAIL; +?? ??? ?...