James Muehlner
b096e47f57
GUACAMOLE-1669: Include ext-info-c in preferred KEX algorithms to ensure RSA key upgrades can happen.
2022-09-13 21:39:38 +00:00
James Muehlner
1971a9dad2
GUACAMOLE-1669: Prefer FIPS compliant ciphers and algorithms when FIPS mode is enabled.
2022-08-24 22:23:46 +00:00
James Muehlner
cdee93ae25
GUACAMOLE-1652: Only call SSL init functions when the library version requires it.
2022-07-30 02:22:36 +00:00
Joshua Roys
f84db7d166
GUACAMOLE-745: Support OpenSSH private keys & ED25519
...
Let libssh2 parse PEM and ssh-native keys. Requires libssh2 1.9.0+
compiled against a crypto backend supporting ed25519.
2022-01-12 09:02:11 -05:00
Nick Couchman
46bed49a43
GUACAMOLE-1133: initialize GCrypt in VNC protocol prior to client start-up.
2021-01-21 21:14:18 -05:00
Michael Jumper
f4ff5f337c
GUACAMOLE-474: Enforce upload disable option at low level, warning if not blocked at higher level as expected.
2020-06-25 14:43:37 -07:00
Michael Jumper
d8c32b1e82
GUACAMOLE-474: Enforce download disable option at low level, warning if not blocked at higher level as expected.
2020-06-25 14:41:39 -07:00
Mike Jumper
e526174009
GUACAMOLE-474: Merge support for selectively disabling file uploads and downloads.
2020-06-07 16:30:37 -07:00
Nick Couchman
ec093d3cea
GUACAMOLE-474: Minor style and debug message tweaks.
2020-05-29 07:39:39 -04:00
Michael Jumper
8ea9b14a80
GUACAMOLE-818: Break SFTP directory JSON at blob boundaries. Do not skip entries.
...
The intent of the previous version of the SFTP directory listing code
was to break the JSON transfer at blob boundaries, waiting for an ack
before sending the next blob, however the ordering of the "blob_written"
and directory read checks could result in a directory entry being
skipped at the boundary of each blob.
The proper order would be to check the "blob_written" flag first,
however the "blob_written" flag is unnecessary. It's simpler and more
correct to just break out of the loop once the desired blob has been
flushed.
2020-02-24 17:58:29 -08:00
Nick Couchman
1a699686b9
GUACAMOLE-474: Implement logic to disable file transfers in each protocol.
2020-01-26 03:33:08 -05:00
Nick Couchman
1baa91f852
GUACAMOLE-547: Minor changes to function documentation.
2019-06-19 12:38:05 -04:00
Nick Couchman
22874e2388
GUACAMOLE-547: Document return value of credential handler.
2019-06-18 17:59:33 -04:00
Nick Couchman
3511991e2f
GUACAMOLE-547: Fixes for style and documentation.
2019-06-18 07:52:05 -04:00
Nick Couchman
3d15454097
GUACAMOLE-547: Use a call-back function for getting the password.
2019-06-18 07:37:02 -04:00
Nick Couchman
4641da06ac
GUACAMOLE-547: Relocate NULL check and log when NONE succeeds.
2019-06-18 07:37:02 -04:00
Nick Couchman
b7dca0ed16
GUACAMOLE-547: Add support for SSH NONE authentication method.
2019-06-18 07:37:02 -04:00
Michael Jumper
0c25782036
GUACAMOLE-637: Add missing libguac include path to RDP and common-ssh tests.
2019-04-09 23:36:03 -07:00
Michael Jumper
f8ec709e33
GUACAMOLE-637: Correct naming of SFTP unit tests.
2019-04-07 16:51:53 -07:00
Michael Jumper
cda7bca126
GUACAMOLE-637: Add RDP filesystem and SFTP unit tests for path depth.
2019-04-07 16:51:33 -07:00
Michael Jumper
6e2be38ae2
GUACAMOLE-637: Add path depth limits to generated paths in unit tests.
2019-04-07 16:36:16 -07:00
Michael Jumper
1591980579
GUACAMOLE-637: Simplify SFTP path normalization logic. Correct behavior to match documentation.
2019-04-07 16:14:00 -07:00
Michael Jumper
f19754cfa6
GUACAMOLE-637: Add unit tests for SFTP path normalization.
2019-04-07 13:50:53 -07:00
Michael Jumper
fdd3292f09
GUACAMOLE-637: Simplify path translation logic. Update to use guac_strl*(). Fix return values.
2019-01-23 18:44:45 -08:00
Michael Jumper
e5c1147cf6
GUACAMOLE-637: Replace usages of strncpy() with guac_strlcpy().
2019-01-23 18:44:45 -08:00
Michael Jumper
d851f10a48
GUACAMOLE-353: Clarify applicability of ASF header when transcluded into generated build files.
2018-10-02 20:37:49 -07:00
Nick Couchman
fe44fd7c3b
GUACAMOLE-527: Remove unused error message length variable.
2018-06-25 20:04:26 -04:00
Nick Couchman
7bc6a62365
GUACAMOLE-527: Do not call a remote host key a fingerprint.
2018-06-25 13:57:01 -04:00
Nick Couchman
ba684962b6
GUACAMOLE-527: Plug some memory leaks before returning NULL.
2018-06-25 13:50:19 -04:00
Nick Couchman
f9379dc6bb
GUACAMOLE-527: Get full error message when key verification fails.
2018-06-25 08:37:34 -04:00
Nick Couchman
7e254955e8
GUACAMOLE-527: Slight tweak to error message.
2018-06-25 08:31:37 -04:00
Nick Couchman
ebbb7492e7
GUACAMOLE-527: Add warning if no known host keys are provided.
2018-06-25 08:31:37 -04:00
Nick Couchman
27c977adb2
GUACAMOLE-527: Make sure ssh_known_hosts exists before trying to load.
2018-06-25 08:31:37 -04:00
Nick Couchman
428243bb78
GUACAMOLE-527: Move host key checking to a separate function.
2018-06-25 08:31:37 -04:00
Nick Couchman
ac2b4f8d12
GUACAMOLE-527: Check either provided key or key file, if it exists.
2018-06-25 08:31:37 -04:00
Nick Couchman
551598e0a4
GUACAMOLE-527: Use libssh2_knownhost_readline and remove host key type.
2018-06-25 08:31:37 -04:00
Nick Couchman
42044e4279
GUACAMOLE-527: Clean up memory and logging.
2018-06-25 08:31:37 -04:00
Nick Couchman
5bb616832e
GUACAMOLE-527: Order SSH handshake correctly, and remove unnecessary logging.
2018-06-25 08:31:37 -04:00
Nick Couchman
c080569cac
GUACAMOLE-527: Fix issue with null host_key variable.
2018-06-25 08:31:37 -04:00
Nick Couchman
2f0c6dcfa3
GUACAMOLE-527: Add error logging for known host checks.
2018-06-25 08:31:37 -04:00
Nick Couchman
9112c4f32f
GUACAMOLE-527: Enable host key setting for SFTP connections.
2018-06-25 08:31:37 -04:00
Nick Couchman
0d82cd1e6c
GUACAMOLE-527: Add host key and type settings.
2018-06-25 08:31:37 -04:00
Nick Couchman
171bae1f5c
GUACAMOLE-527: Add basic check for known hosts file for SSH connections.
2018-06-25 08:31:37 -04:00
Nick Couchman
9200bc789f
GUACAMOLE-398: Use freeaddrinfo() instead of free() on the linked list.
2017-09-27 13:24:58 -04:00
Nick Couchman
e4dd8de4f1
GUACAMOLE-398: Fix memory leak identified by Coverity in common ssh code.
2017-09-27 13:02:41 -04:00
James
f559701645
GUACAMOLE-396: Fixing ssh socket for IPv6 address
...
Root Cause:
In the ssh library of guacd, the TCP socket for connecting to ssh server is created with AF_INET. So it does not support IPv6 address.
Solution:
When guacd creates the socket for ssh in guac_common_ssh_create_session(), stop using hard coded AF_INET for socket() call, use the address family which is returned from getaddrinfo().
Test:
- Connected successfully via ssh connections with IPv4 and IPv6 hosts.
- No connection error in guacd logs.
- Simulated a connection failure with specifying a ssh server which does not exist. guacd worked well in this case.
2017-09-26 17:19:18 -07:00
Michael Jumper
7857dd0a9a
GUACAMOLE-303: Ensure there is always space for the null terminator when normalizing.
2017-07-04 12:00:43 -07:00
Michael Jumper
0474f86c46
GUACAMOLE-303: Extend common SFTP filesystem such that arbitrary directories can be used as the root of the filesystem.
2017-06-29 15:36:10 -07:00
Nick Couchman
a5efbb5933
GUACAMOLE-203: Fix function prototype to remove const.
2017-06-25 14:56:50 -04:00
Nick Couchman
650f7a0a32
GUACAMOLE-203: if is not a function...
2017-06-25 14:10:42 -04:00