pxcloud/guacamole-server
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,095 Commits 3 Branches 66 Tags 11 MiB
adff8a9aae
Commit Graph

49 Commits

Author SHA1 Message Date
Virtually Nick
adff8a9aae GUACAMOLE-312: Implement common SSH support for tunneling. 2025-06-12 07:25:53 -04:00
Mike Jumper
97558a8c7a
GUACAMOLE-2012: Merge addition of AES GCM to preferred FIPS ciphers. 2025-01-11 01:41:11 -08:00
eugen-keeper
da3ca38e6a GUACAMOLE-2012: Fix SSH connection to FIPS servers which only offer AES GCM 2025-01-10 14:36:13 +00:00
Michael Jumper
5ec496fbaf GUACAMOLE-600: Refactor guac_socket_tcp_connect() to guac_tcp_connect(), as it does not involve guac_socket. 2024-08-28 10:26:50 -07:00
Virtually Nick
1cdda6dd2c GUACAMOLE-600: Add support for setting SSH and SFTP timeouts. 2024-05-24 21:42:57 -04:00
Virtually Nick
2c796593b2 GUACAMOLE-1686: Switch SSH and Telnet to common TCP socket function. 2024-04-16 08:43:23 -04:00
Virtually Nick
a575af63ef Merge 1.5.5 changes back to master. 2024-01-22 12:17:29 -05:00
Jimmy
4ff54ad306 GUACAMOLE-1911: Fixed some typo mistakes ("fullfill", "fullfilling", "cerficiate"). 2024-01-21 22:00:04 -08:00
James Muehlner
bb14ee9780 Merge 1.5.4 changes back to master. 2023-10-26 03:43:28 +00:00
Mike Jumper
944718174d GUACAMOLE-1867: Migrate SSH to new memory management functions. 2023-10-25 12:18:13 -07:00
Tejaswi Kandula
f2b9aaf3e7 GUACAMOLE-1290: Add support for ssh certificate authentication 2023-06-29 09:48:46 -07:00
James Muehlner
a99a03429d GUACAMOLE-1669: Include ext-info-c in preferred KEX algorithms to ensure RSA key upgrades can happen. 2023-05-17 15:55:19 -07:00
James Muehlner
4768cb7e8b GUACAMOLE-1669: Prefer FIPS compliant ciphers and algorithms when FIPS mode is enabled. 2023-05-17 15:54:58 -07:00
James Muehlner
b096e47f57 GUACAMOLE-1669: Include ext-info-c in preferred KEX algorithms to ensure RSA key upgrades can happen. 2022-09-13 21:39:38 +00:00
James Muehlner
1971a9dad2 GUACAMOLE-1669: Prefer FIPS compliant ciphers and algorithms when FIPS mode is enabled. 2022-08-24 22:23:46 +00:00
James Muehlner
cdee93ae25 GUACAMOLE-1652: Only call SSL init functions when the library version requires it. 2022-07-30 02:22:36 +00:00
Joshua Roys
f84db7d166 GUACAMOLE-745: Support OpenSSH private keys & ED25519 
Let libssh2 parse PEM and ssh-native keys. Requires libssh2 1.9.0+
compiled against a crypto backend supporting ed25519.
 2022-01-12 09:02:11 -05:00
Nick Couchman
46bed49a43 GUACAMOLE-1133: initialize GCrypt in VNC protocol prior to client start-up. 2021-01-21 21:14:18 -05:00
Nick Couchman
3511991e2f GUACAMOLE-547: Fixes for style and documentation. 2019-06-18 07:52:05 -04:00
Nick Couchman
3d15454097 GUACAMOLE-547: Use a call-back function for getting the password. 2019-06-18 07:37:02 -04:00
Nick Couchman
4641da06ac GUACAMOLE-547: Relocate NULL check and log when NONE succeeds. 2019-06-18 07:37:02 -04:00
Nick Couchman
b7dca0ed16 GUACAMOLE-547: Add support for SSH NONE authentication method. 2019-06-18 07:37:02 -04:00
Nick Couchman
fe44fd7c3b GUACAMOLE-527: Remove unused error message length variable. 2018-06-25 20:04:26 -04:00
Nick Couchman
7bc6a62365 GUACAMOLE-527: Do not call a remote host key a fingerprint. 2018-06-25 13:57:01 -04:00
Nick Couchman
ba684962b6 GUACAMOLE-527: Plug some memory leaks before returning NULL. 2018-06-25 13:50:19 -04:00
Nick Couchman
7e254955e8 GUACAMOLE-527: Slight tweak to error message. 2018-06-25 08:31:37 -04:00
Nick Couchman
428243bb78 GUACAMOLE-527: Move host key checking to a separate function. 2018-06-25 08:31:37 -04:00
Nick Couchman
ac2b4f8d12 GUACAMOLE-527: Check either provided key or key file, if it exists. 2018-06-25 08:31:37 -04:00
Nick Couchman
551598e0a4 GUACAMOLE-527: Use libssh2_knownhost_readline and remove host key type. 2018-06-25 08:31:37 -04:00
Nick Couchman
42044e4279 GUACAMOLE-527: Clean up memory and logging. 2018-06-25 08:31:37 -04:00
Nick Couchman
5bb616832e GUACAMOLE-527: Order SSH handshake correctly, and remove unnecessary logging. 2018-06-25 08:31:37 -04:00
Nick Couchman
c080569cac GUACAMOLE-527: Fix issue with null host_key variable. 2018-06-25 08:31:37 -04:00
Nick Couchman
2f0c6dcfa3 GUACAMOLE-527: Add error logging for known host checks. 2018-06-25 08:31:37 -04:00
Nick Couchman
9112c4f32f GUACAMOLE-527: Enable host key setting for SFTP connections. 2018-06-25 08:31:37 -04:00
Nick Couchman
0d82cd1e6c GUACAMOLE-527: Add host key and type settings. 2018-06-25 08:31:37 -04:00
Nick Couchman
171bae1f5c GUACAMOLE-527: Add basic check for known hosts file for SSH connections. 2018-06-25 08:31:37 -04:00
Nick Couchman
9200bc789f GUACAMOLE-398: Use freeaddrinfo() instead of free() on the linked list. 2017-09-27 13:24:58 -04:00
Nick Couchman
e4dd8de4f1 GUACAMOLE-398: Fix memory leak identified by Coverity in common ssh code. 2017-09-27 13:02:41 -04:00
James
f559701645 GUACAMOLE-396: Fixing ssh socket for IPv6 address 
Root Cause:
In the ssh library of guacd, the TCP socket for connecting to ssh server is created with AF_INET. So it does not support IPv6 address.

Solution:
When guacd creates the socket for ssh in guac_common_ssh_create_session(), stop using hard coded AF_INET for socket() call, use the address family which is returned from getaddrinfo().

Test:
- Connected successfully via ssh connections with IPv4 and IPv6 hosts.
- No connection error in guacd logs.
- Simulated a connection failure with specifying a ssh server which does not exist. guacd worked well in this case.
 2017-09-26 17:19:18 -07:00
Nick Couchman
650f7a0a32 GUACAMOLE-203: if is not a function... 2017-06-25 14:10:42 -04:00
Nick Couchman
711cdd6929 GUACAMOLE-203: Allow keepalive param to be modified inside the function. 2017-06-25 05:13:12 -04:00
Nick Couchman
05dfb1a6ae GUACAMOLE-203: Deal correctly with negative keepalive values. 2017-06-25 05:10:22 -04:00
Nick Couchman
ed77114038 GUACAMOLE-203: Fix issue using guac_client_log instead of guac_user_log. 2017-06-14 13:01:01 -04:00
Nick Couchman
af4d762147 GUACAMOLE-203: Move warning about minimum alive interval to single place in common code. 2017-06-14 12:49:49 -04:00
Nick Couchman
e7fc8a0d98 GUACAMOLE-203: Expand SSH keepalives to cover SFTP connections for other protocols. 2017-05-31 21:03:09 -04:00
Michael Jumper
270d51d4d4 GUACAMOLE-205: Use semantically-named macro rather than repeatedly and explicitly check OpenSSL version. 2017-02-28 13:01:30 -08:00
Michael Jumper
dbfb782dd5 GUACAMOLE-205: Update to 1.1 version of OpenSSL API. 2017-02-28 13:01:30 -08:00
James Muehlner
c4903a8e36 Merge 0.9.12-incubating changes back to master. 2017-02-28 10:32:49 -08:00
Michael Jumper
d371f2d9ee GUACAMOLE-169: Move common-ssh headers to namespaced directory. 2017-02-27 14:28:23 -08:00