| Age | Commit message (Collapse) | Author |
|---|
|
This should fix the "Log in goroutine" panic seen in
https://build.golang.org/log/e42bf69fc002113dbccfe602a6c67fd52e8f31df,
as well as a few other related leaks. It also helps to verify that
none of the functions under test deadlock unexpectedly.
See https://go.dev/wiki/CodeReviewComments#goroutine-lifetimes.
Updates golang/go#58901.
Change-Id: Ica943444db381ae1accb80b101ea646e28ebf4f9
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/541095
Auto-Submit: Bryan Mills <bcmills@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Nicola Murino <nicola.murino@gmail.com>
Reviewed-by: Heschi Kreinick <heschi@google.com>
|
|
Also fix some redundant type declarations.
Change-Id: Iad2950b67b1ec2e2590c59393b8ad15421ed3add
GitHub-Last-Rev: 41cf552f11387208491dee7b867050475043b25e
GitHub-Pull-Request: golang/crypto#263
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/505798
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
|
|
It was possible to accept auth type "none" before, but not dynamically
at runtime as a function of the ConnMetadata like the other auth types'
callback hooks.
Fixes golang/go#51994
Change-Id: I83ea80901d4977d8f78523e3d1e16e0a7df5b172
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/395314
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>
|
|
For golang/go#45557
Change-Id: I447530cc66896aef7a8d528ccb8d095b80e3cf47
GitHub-Last-Rev: 5f385ff46487ac318bd1147cdbbd26bb0ffd0426
GitHub-Pull-Request: golang/crypto#230
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/430797
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Meng Zhuo <mzh@golangcn.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
|
RFC 8332, Section 2 sets up two overlapping namespaces: public key
formats and public key algorithms.
* The formats are what we currently have KeyAlgo constants for, and they
appear in PublicKey.Type.
* The algorithms are the set of both KeyAlgo and SigAlgo constants, and
they appear in Signature.Format (amongst other places).
This is incoherent, because that means Signature.Format can be both a
KeyAlgo (like KeyAlgoECDSA256) or a SigAlgo (like SigAlgoRSASHA2256).
One solution would be to duplicate all the KeyAlgo constants into the
SigAlgo namespace, but that would be confusing because applications are
currently using KeyAlgos where they'd be supposed to use the new
SigAlgos (while we can't deprecate the KeyAlgos because they are still
necessary for the PublicKey.Type namespace).
Instead, drop the separate namespaces, and use KeyAlgos throughout.
There are simply some KeyAlgos that can't be a PublicKey.Type.
Take the opportunity to fix the stuttering SHA22565/SHA2512 names. It's
totally ok to call those hashes SHA-256 and SHA-512 without the family
infix.
For golang/go#49952
Change-Id: Ia1fce3912a7e60aa70a88f75ed311be331fd19d5
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/392354
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
|
|
This change adds support for RSA SHA-2 based signatures for host keys and certificates. It also switches the default certificate signature algorithm for RSA to use SHA-512. This is implemented by treating ssh.Signer specially when the key type is `ssh-rsa` by also allowing SHA-256 and SHA-512 signatures.
Fixes golang/go#37278
Change-Id: I2ee1ac4ae4c9c1de441a2d6cf1e806357ef18910
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/220037
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
|
|
This helps debugging protocol violations by the client
Change-Id: I8e5486b49515b719bbe3de44daa489fb7434875a
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/171680
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
|
|
This change breaks existing behavior.
Before, a missing ClientConfig.HostKeyCallback would cause host key
checking to be disabled. In this configuration, establishing a
connection to any host just works, so today, most SSH client code in
the wild does not perform any host key checks.
This makes it easy to perform a MITM attack:
* SSH installations that use keyboard-interactive or password
authentication can be attacked with MITM, thereby stealing
passwords.
* Clients that use public-key authentication with agent forwarding are
also vulnerable: the MITM server could allow the login to succeed, and
then immediately ask the agent to authenticate the login to the real
server.
* Clients that use public-key authentication without agent forwarding
are harder to attack unnoticedly: an attacker cannot authenticate the
login to the real server, so it cannot in general present a convincing
server to the victim.
Now, a missing HostKeyCallback will cause the handshake to fail. This
change also provides InsecureIgnoreHostKey() and FixedHostKey(key) as
ready made host checkers.
A simplistic parser for OpenSSH's known_hosts file is given as an
example. This change does not provide a full-fledged parser, as it
has complexity (wildcards, revocation, hashed addresses) that will
need further consideration.
When introduced, the host checking feature maintained backward
compatibility at the expense of security. We have decided this is not
the right tradeoff for the SSH library.
Fixes golang/go#19767
Change-Id: I45fc7ba9bd1ea29c31ec23f115cdbab99913e814
Reviewed-on: https://go-review.googlesource.com/38701
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
|
|
According to RFC 4254 section 6.10, SSH server implementations may
omit the exit-status and exit-signal messages. If this happens, we
now return &ExitMissingError{}, so clients can handle this case
specifically.
This came up in the discussion of issue #16194.
Change-Id: Iae5e916b18aa5bd8e95618e9fcfcab8b19e147d9
Reviewed-on: https://go-review.googlesource.com/24727
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
|
|
Fixes golang/go#11722.
Change-Id: I4fa2a1db14050151f9269427ca35cf7ebd21440a
Reviewed-on: https://go-review.googlesource.com/12907
Reviewed-by: Adam Langley <agl@golang.org>
|
|
Change-Id: I58fdfbe00fcc4ca09da9699edcc181cc512feef7
Reviewed-on: https://go-review.googlesource.com/9807
Reviewed-by: JP Sugarbroad <jpsugar@google.com>
Reviewed-by: Adam Langley <agl@golang.org>
|
|
SessionID() returned nil previously.
Fixes #9761.
Change-Id: I53d2b347571d21eab2d913c2228e85997a84f757
Reviewed-on: https://go-review.googlesource.com/3872
Reviewed-by: Adam Langley <agl@golang.org>
|
|
LGTM=bradfitz
R=rsc, bradfitz
CC=golang-codereviews
https://golang.org/cl/167190043
|
|
See https://groups.google.com/d/msg/Golang-nuts/AoVxQ4bB5XQ/i8kpMxdbVlEJ
R=hanwen
CC=golang-codereviews
https://golang.org/cl/86190043
|
|
R=agl, hanwen
CC=dave, golang-dev, jpsugar
https://golang.org/cl/14430055
|
|
This change reverts https://golang.org/cl/10113043/ because
some folks are stuck on 1.0 till 1.1.1 comes out.
R=golang-dev
CC=golang-dev
https://golang.org/cl/10151043
|
|
I ran go vet over all of go.crypto and removed lots of panic("unreachable") that are no longer needed.
R=golang-dev, r, dgryski
CC=golang-dev
https://golang.org/cl/10113043
|
|
Followup CL for 9711043. The order that CombinedOutput returns data captured from stdout/stderr is not specified, so we have to test both variants.
Thanks to fullung for the bug report.
R=fullung, kr
CC=golang-dev
https://golang.org/cl/9921044
|
|
R=golang-dev, dave
CC=golang-dev
https://golang.org/cl/9711043
|
|
When running the ssh tests several times (e.g. with -cpu 1,2), the
second run would fail because testing globals had been altered. This
change avoids altering the globals since the default worked anyway.
Fixes golang/go#4715.
R=golang-dev, minux.ma
CC=golang-dev
https://golang.org/cl/7903045
|
|
Fixes golang/go#4552.
R=minux.ma, agl
CC=golang-dev
https://golang.org/cl/6948059
|
|
gofmt got better at removing trailing whitespace.
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/6929044
|
|
The check for a sensible packet length was removed a while ago
when the window size and channel packet size checks were moved
into channel.go. While the RFC suggests that any packet of size
less than uint32 -1 is valid, most implmentations limit the size
to a smaller value. OpenSSH chose 256kb, so that sounds like a
sensible default.
R=agl, huin, kardianos
CC=golang-dev
https://golang.org/cl/6490098
|
|
Fixes golang/go#3810.
Fixes chanWriter Write after close behaviour bug.
Fixes serverChan writePacket after close bug.
Addresses final comments by agl on 6405064, plus various cleanups.
R=agl, kardianos, gustav.paul, fullung
CC=golang-dev
https://golang.org/cl/6479056
|
|
Fixes golang/go#3989.
Tested for several hours on an 8 core ec2 instance with
random GOMAXPROC values.
Also, rolls server_test.go into session_test using the
existing dial() framework.
R=fullung, agl, kardianos
CC=golang-dev
https://golang.org/cl/6475063
|
|
Use a handler that does not attempt to send a status message
as the failing test closes the connection abruptly.
Also, check the err response on all shell.ReadLine operations.
R=agl, minux.ma, kardianos
CC=golang-dev
https://golang.org/cl/6487043
|
|
Fixes golang/go#3810.
This change introduces an atomic boolean to guard the close
of the clientChan. Previously the client code was quite
lax with the ordering of the close messages and could allow
window adjustment or EOF messages to leak after Close had
been signaled.
Consolidating the changes to the serverChan will be handled
in a following CL.
R=agl, kardianos, gustav.paul
CC=golang-dev
https://golang.org/cl/6405064
|
|
This proposal moves the check for max packet into
channel.writePacket. Callers should be aware they cannot
pass a buffer larger than max packet. This is only a
concern to chanWriter.Write and appropriate guards are
already in place.
There was some max packet handling in transport.go but it was
incorrect. This has been removed.
This proposal also cleans up session_test.go.
R=gustav.paul, agl, fullung, huin
CC=golang-dev
https://golang.org/cl/6460075
|
|
RFC 4254 s5.2 is clear that a client must never send a data
packet larger than the value of maximum packet supplied by the
remote side during channel setup. The client was not honoring
this value, in fact it wasn't even recording it.
Thanks to Albert Strasheim for the bug report.
R=agl, fullung
CC=golang-dev
https://golang.org/cl/6448128
|
|
The RFC doesn't prohibit zero sized window adjustments and
there is evidence of well known clients using them in the
wild.
R=agl, kardianos, gustav.paul
CC=golang-dev
https://golang.org/cl/6209082
|
|
This CL is in preparation for 6128059.
* rename channel -> serverChan
* rename chanlist -> chanList
* normalise theirId/MyId/id/peersId -> localId/remoteId
R=agl
CC=golang-dev
https://golang.org/cl/6174046
|
|
When shutting down the test, we sometimes see EOF on the server's side
of the connection and sometimes ECONNRESET. In the latter case, based
on timing, it was possible that the server loop would hit Errorf during
shutdown and cause the test to fail.
R=dave
CC=golang-dev
https://golang.org/cl/6125047
|
|
This change prevents bad servers from crashing a client by sending an
invalid channel ID. It also makes the client disconnect in more cases
of invalid messages from a server and cleans up the client channels
in the event of a disconnect.
R=dave
CC=golang-dev
https://golang.org/cl/6099050
|
|
This removes the sole "exp/foo" import in the Go subrepos.
A separate CL will remove exp/terminal from the standard Go repository.
R=golang-dev, dave, r
CC=golang-dev
https://golang.org/cl/5966045
|
|
R=golang-dev, dave, agl
CC=golang-dev
https://golang.org/cl/5577070
|
|
Manual edits to README.
Moved from main Go repository, deleted Makefiles, ran gofix -r go1rename.
Tested with: go test code.google.com/p/go.crypto/...
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5564059
|
