PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 21:51:28 +00:00
Code Issues Projects Releases Wiki Activity

Upgrade libssh2 to 1.11.0

Browse Source
This commit is contained in:
dmiller
2024-02-28 17:39:06 +00:00
parent f64e2fab07
commit 1fc984bc73
114 changed files with 24809 additions and 19351 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,6 +1,7 @@
#Nmap Changelog ($Id$); -*-text-*-
o Upgrade included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1
o Upgrade included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1,
libssh2 1.11.0
o [Zenmap][GH#2739] Fix a crash in Zenmap when changing a host comment.

385
libssh2/CMakeLists.txt
View File

@@ -1,4 +1,5 @@
# Copyright (c) 2014, 2015 Alexander Lamaison <alexander.lamaison@gmail.com>
# Copyright (c) 2023 Viktor Szakats
#
# Redistribution and use in source and binary forms,
# with or without modification, are permitted provided
@@ -33,23 +34,32 @@
# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
# OF SUCH DAMAGE.
cmake_minimum_required(VERSION 2.8.11)
include(CheckFunctionExists)
include(CheckSymbolExists)
include(CheckIncludeFiles)
include(CheckSymbolExists)
include(CMakePushCheckState)
include(FeatureSummary)
set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake;${CMAKE_MODULE_PATH}")
include(CheckFunctionExistsMayNeedLibrary)
include(CheckNonblockingSocketSupport)
cmake_minimum_required(VERSION 3.1)
set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake)
project(libssh2 C)
set(PROJECT_URL "https://www.libssh2.org/")
set(PROJECT_DESCRIPTION "The SSH library")
if (CMAKE_VERSION VERSION_LESS "3.1")
if (CMAKE_C_COMPILER_ID STREQUAL "GNU")
set (CMAKE_C_FLAGS "--std=gnu90 ${CMAKE_C_FLAGS}")
endif()
else()
set (CMAKE_C_STANDARD 90)
endif()
set(CMAKE_UNITY_BUILD_BATCH_SIZE 32)
option(BUILD_SHARED_LIBS "Build Shared Libraries" OFF)
option(BUILD_STATIC_LIBS "Build Static Libraries" ON)
add_feature_info("Static library" BUILD_STATIC_LIBS
"creating libssh2 static library")
option(BUILD_SHARED_LIBS "Build Shared Libraries" ON)
add_feature_info("Shared library" BUILD_SHARED_LIBS
"creating libssh2 shared library (.so/.dll)")
# Parse version
@@ -79,20 +89,359 @@ endif()
include(GNUInstallDirs)
install(
FILES docs/AUTHORS COPYING docs/HACKING README RELEASE-NOTES NEWS
FILES
COPYING README RELEASE-NOTES
docs/AUTHORS docs/BINDINGS.md docs/HACKING.md
DESTINATION ${CMAKE_INSTALL_DOCDIR})
include(max_warnings)
include(FeatureSummary)
# Add socket libraries
if(WIN32)
list(APPEND SOCKET_LIBRARIES ws2_32)
else()
check_function_exists_may_need_library(socket HAVE_SOCKET socket)
if(NEED_LIB_SOCKET)
list(APPEND SOCKET_LIBRARIES socket)
endif()
check_function_exists_may_need_library(inet_addr HAVE_INET_ADDR nsl)
if(NEED_LIB_NSL)
list(APPEND SOCKET_LIBRARIES nsl)
endif()
endif()
option(BUILD_EXAMPLES "Build libssh2 examples" ON)
option(BUILD_TESTING "Build libssh2 test suite" ON)
if(NOT BUILD_STATIC_LIBS AND NOT BUILD_SHARED_LIBS)
set(BUILD_STATIC_LIBS ON)
endif()
set(LIB_STATIC "libssh2_static")
set(LIB_SHARED "libssh2_shared")
# lib flavour selected for example and test programs.
if(BUILD_SHARED_LIBS)
set(LIB_SELECTED ${LIB_SHARED})
else()
set(LIB_SELECTED ${LIB_STATIC})
endif()
# Symbol hiding
option(HIDE_SYMBOLS "Set to ON to hide all libssh2 symbols that are not officially external" ON)
mark_as_advanced(HIDE_SYMBOLS)
if(HIDE_SYMBOLS)
set(LIB_SHARED_DEFINITIONS LIBSSH2_EXPORTS)
if(WIN32)
elseif((CMAKE_C_COMPILER_ID MATCHES "Clang") OR
(CMAKE_COMPILER_IS_GNUCC AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.0) OR
(CMAKE_C_COMPILER_ID MATCHES "Intel" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1))
set(LIB_SHARED_C_FLAGS -fvisibility=hidden)
set(LIBSSH2_API "__attribute__ ((__visibility__ (\"default\")))")
elseif(CMAKE_C_COMPILER_ID MATCHES "SunPro" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.0)
set(LIB_SHARED_C_FLAGS -xldscope=hidden)
set(LIBSSH2_API "__global")
endif()
endif()
# Options
# Enable debugging logging by default if the user configured a debug build
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
set(DEBUG_LOGGING_DEFAULT ON)
else()
set(DEBUG_LOGGING_DEFAULT OFF)
endif()
option(ENABLE_DEBUG_LOGGING "log execution with debug trace"
${DEBUG_LOGGING_DEFAULT})
add_feature_info(Logging ENABLE_DEBUG_LOGGING
"Logging of execution with debug trace")
if(ENABLE_DEBUG_LOGGING)
# Must be visible to the library and tests using internals
add_definitions(-DLIBSSH2DEBUG)
endif()
# Auto-detection
# Prefill values with known detection results
# Keep this synced with src/libssh2_setup.h
if(WIN32)
if(MINGW)
set(HAVE_SNPRINTF 1)
set(HAVE_UNISTD_H 1)
set(HAVE_INTTYPES_H 1)
set(HAVE_SYS_TIME_H 1)
set(HAVE_SYS_PARAM_H 1)
set(HAVE_GETTIMEOFDAY 1)
set(HAVE_STRTOLL 1)
elseif(MSVC)
set(HAVE_GETTIMEOFDAY 0)
if(NOT MSVC_VERSION LESS 1800)
set(HAVE_INTTYPES_H 1)
set(HAVE_STRTOLL 1)
else()
set(HAVE_INTTYPES_H 0)
set(HAVE_STRTOI64 1)
endif()
if(NOT MSVC_VERSION LESS 1900)
set(HAVE_SNPRINTF 1)
endif()
endif()
endif()
## Platform checks
check_include_files(inttypes.h HAVE_INTTYPES_H)
if(NOT MSVC)
check_include_files(unistd.h HAVE_UNISTD_H)
check_include_files(sys/time.h HAVE_SYS_TIME_H)
check_include_files(sys/param.h HAVE_SYS_PARAM_H) # tests
endif()
if(NOT WIN32)
check_include_files(sys/select.h HAVE_SYS_SELECT_H)
check_include_files(sys/uio.h HAVE_SYS_UIO_H)
check_include_files(sys/socket.h HAVE_SYS_SOCKET_H)
check_include_files(sys/ioctl.h HAVE_SYS_IOCTL_H)
check_include_files(sys/un.h HAVE_SYS_UN_H)
check_include_files(arpa/inet.h HAVE_ARPA_INET_H) # example and tests
check_include_files(netinet/in.h HAVE_NETINET_IN_H) # example and tests
endif()
# CMake uses C syntax in check_symbol_exists() that generates a warning with
# MSVC. To not break detection with ENABLE_WERRROR, we disable it for the
# duration of these tests.
if(MSVC AND ENABLE_WERROR)
cmake_push_check_state()
set(CMAKE_REQUIRED_FLAGS "/WX-")
endif()
if(HAVE_SYS_TIME_H)
check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY)
else()
check_function_exists(gettimeofday HAVE_GETTIMEOFDAY)
endif()
check_symbol_exists(strtoll stdlib.h HAVE_STRTOLL)
if(NOT HAVE_STRTOLL)
# Try _strtoi64() if strtoll() is not available
check_symbol_exists(_strtoi64 stdlib.h HAVE_STRTOI64)
endif()
check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF)
if(NOT WIN32)
check_symbol_exists(explicit_bzero string.h HAVE_EXPLICIT_BZERO)
check_symbol_exists(explicit_memset string.h HAVE_EXPLICIT_MEMSET)
check_symbol_exists(memset_s string.h HAVE_MEMSET_S)
endif()
if(MSVC AND ENABLE_WERROR)
cmake_pop_check_state()
endif()
if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" OR
${CMAKE_SYSTEM_NAME} STREQUAL "Interix")
# poll() does not work on these platforms
#
# Interix: "does provide poll(), but the implementing developer must
# have been in a bad mood, because poll() only works on the /proc
# filesystem here"
#
# macOS poll() has funny behaviors, like:
# not being able to do poll on no filedescriptors (10.3?)
# not being able to poll on some files (like anything in /dev)
# not having reliable timeout support
# inconsistent return of POLLHUP where other implementations give POLLIN
message("poll use is disabled on this platform")
elseif(NOT WIN32)
check_function_exists(poll HAVE_POLL)
endif()
if(WIN32)
set(HAVE_SELECT 1)
else()
check_function_exists(select HAVE_SELECT)
endif()
# Non-blocking socket support tests. Use a separate, yet unset variable
# for the socket libraries to not link against the other configured
# dependencies which might not have been built yet.
if(NOT WIN32)
cmake_push_check_state()
set(CMAKE_REQUIRED_LIBRARIES ${SOCKET_LIBRARIES})
check_nonblocking_socket_support()
cmake_pop_check_state()
endif()
# Config file
add_definitions(-DHAVE_CONFIG_H)
configure_file(src/libssh2_config_cmake.h.in
${CMAKE_CURRENT_BINARY_DIR}/src/libssh2_config.h)
## Cryptography backend choice
set(CRYPTO_BACKEND
""
CACHE
STRING
"The backend to use for cryptography: OpenSSL, wolfSSL, Libgcrypt,
WinCNG, mbedTLS, or empty to try any available")
# If the crypto backend was given, rather than searching for the first
# we are able to find, the find_package commands must abort configuration
# and report to the user.
if(CRYPTO_BACKEND)
set(SPECIFIC_CRYPTO_REQUIREMENT REQUIRED)
endif()
if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR NOT CRYPTO_BACKEND)
find_package(OpenSSL ${SPECIFIC_CRYPTO_REQUIREMENT})
if(OPENSSL_FOUND)
set(CRYPTO_BACKEND "OpenSSL")
set(CRYPTO_BACKEND_DEFINE "LIBSSH2_OPENSSL")
set(CRYPTO_BACKEND_INCLUDE_DIR ${OPENSSL_INCLUDE_DIR})
list(APPEND LIBRARIES ${OPENSSL_LIBRARIES})
list(APPEND PC_REQUIRES_PRIVATE libssl libcrypto)
if(WIN32)
# Statically linking to OpenSSL requires crypt32 for some Windows APIs.
# This should really be handled by FindOpenSSL.cmake.
list(APPEND LIBRARIES crypt32 bcrypt)
list(APPEND PC_LIBS -lcrypt32 -lbcrypt)
#set(CMAKE_FIND_DEBUG_MODE TRUE)
find_file(DLL_LIBCRYPTO
NAMES crypto.dll
libcrypto-1_1.dll libcrypto-1_1-x64.dll
libcrypto-3.dll libcrypto-3-x64.dll
HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS}
PATH_SUFFIXES bin NO_DEFAULT_PATH)
if(DLL_LIBCRYPTO)
message(STATUS "Found libcrypto DLL: ${DLL_LIBCRYPTO}")
else()
message(WARNING
"Unable to find OpenSSL libcrypto DLL, executables may not run")
endif()
find_file(DLL_LIBSSL
NAMES ssl.dll
libssl-1_1.dll libssl-1_1-x64.dll
libssl-3.dll libssl-3-x64.dll
HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS}
PATH_SUFFIXES bin NO_DEFAULT_PATH)
if(DLL_LIBSSL)
message(STATUS "Found libssl DLL: ${DLL_LIBSSL}")
else()
message(WARNING
"Unable to find OpenSSL libssl DLL, executables may not run")
endif()
#set(CMAKE_FIND_DEBUG_MODE FALSE)
if(DLL_LIBCRYPTO AND DLL_LIBSSL)
list(APPEND _RUNTIME_DEPENDENCIES ${DLL_LIBCRYPTO} ${DLL_LIBSSL})
endif()
endif()
find_package(ZLIB)
if(ZLIB_FOUND)
list(APPEND LIBRARIES ${ZLIB_LIBRARIES})
list(APPEND PC_REQUIRES_PRIVATE zlib)
endif()
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "wolfSSL" OR NOT CRYPTO_BACKEND)
find_package(wolfssl ${SPECIFIC_CRYPTO_REQUIREMENT})
if(WOLFSSL_FOUND)
set(CRYPTO_BACKEND "wolfSSL")
set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WOLFSSL")
set(CRYPTO_BACKEND_INCLUDE_DIR ${WOLFSSL_INCLUDE_DIR} ${WOLFSSL_INCLUDE_DIR}/wolfssl)
list(APPEND LIBRARIES ${WOLFSSL_LIBRARIES})
list(APPEND PC_LIBS -lwolfssl)
if(WIN32)
list(APPEND LIBRARIES crypt32)
list(APPEND PC_LIBS -lcrypt32)
endif()
find_package(ZLIB)
if(ZLIB_FOUND)
list(APPEND CRYPTO_BACKEND_INCLUDE_DIR ${ZLIB_INCLUDE_DIR}) # Public wolfSSL headers require zlib headers
list(APPEND LIBRARIES ${ZLIB_LIBRARIES})
list(APPEND PC_REQUIRES_PRIVATE zlib)
endif()
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "Libgcrypt" OR NOT CRYPTO_BACKEND)
find_package(Libgcrypt ${SPECIFIC_CRYPTO_REQUIREMENT})
if(LIBGCRYPT_FOUND)
set(CRYPTO_BACKEND "Libgcrypt")
set(CRYPTO_BACKEND_DEFINE "LIBSSH2_LIBGCRYPT")
set(CRYPTO_BACKEND_INCLUDE_DIR ${LIBGCRYPT_INCLUDE_DIRS})
list(APPEND LIBRARIES ${LIBGCRYPT_LIBRARIES})
list(APPEND PC_LIBS -lgcrypt)
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "mbedTLS" OR NOT CRYPTO_BACKEND)
find_package(mbedTLS ${SPECIFIC_CRYPTO_REQUIREMENT})
if(MBEDTLS_FOUND)
set(CRYPTO_BACKEND "mbedTLS")
set(CRYPTO_BACKEND_DEFINE "LIBSSH2_MBEDTLS")
set(CRYPTO_BACKEND_INCLUDE_DIR ${MBEDTLS_INCLUDE_DIR})
list(APPEND LIBRARIES ${MBEDTLS_LIBRARIES})
list(APPEND PC_LIBS -lmbedcrypto)
link_directories(${MBEDTLS_LIBRARY_DIR})
endif()
endif()
# Detect platform-specific crypto-backends last:
if(CRYPTO_BACKEND STREQUAL "WinCNG" OR NOT CRYPTO_BACKEND)
if(WIN32)
set(CRYPTO_BACKEND "WinCNG")
set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WINCNG")
set(CRYPTO_BACKEND_INCLUDE_DIR "")
list(APPEND LIBRARIES crypt32 bcrypt)
list(APPEND PC_LIBS -lcrypt32 -lbcrypt)
elseif(${SPECIFIC_CRYPTO_REQUIREMENT} STREQUAL ${REQUIRED})
message(FATAL_ERROR "WinCNG not available")
endif()
endif()
# Global functions
# Convert GNU Make assignments into CMake ones.
function(transform_makefile_inc INPUT_FILE OUTPUT_FILE)
file(READ ${INPUT_FILE} MAKEFILE_INC_CMAKE)
string(REGEX REPLACE "\\\\\n" "" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE})
string(REGEX REPLACE "([A-Za-z_]+) *= *([^\n]*)" "set(\\1 \\2)" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE})
file(WRITE ${OUTPUT_FILE} ${MAKEFILE_INC_CMAKE})
set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS "${INPUT_FILE}")
endfunction()
#
add_subdirectory(src)
option(BUILD_EXAMPLES "Build libssh2 examples" ON)
if(BUILD_EXAMPLES)
add_subdirectory(example)
endif()
option(BUILD_TESTING "Build libssh2 test suite" ON)
if(BUILD_TESTING)
enable_testing()
add_subdirectory(tests)
@@ -103,7 +452,11 @@ if(LINT)
add_custom_target(lint ALL
./ci/checksrc.sh
WORKING_DIRECTORY ${libssh2_SOURCE_DIR})
add_dependencies(libssh2 lint)
if(BUILD_STATIC_LIBS)
add_dependencies(${LIB_STATIC} lint)
else()
add_dependencies(${LIB_SHARED} lint)
endif()
endif()
add_subdirectory(docs)

3
libssh2/COPYING
View File

@@ -2,7 +2,7 @@
* Copyright (c) 2005,2006 Mikhail Gusarov <dottedmag@dottedmag.net>
* Copyright (c) 2006-2007 The Written Word, Inc.
* Copyright (c) 2007 Eli Fant <elifantu@mail.ru>
* Copyright (c) 2009-2021 Daniel Stenberg
* Copyright (c) 2009-2023 Daniel Stenberg
* Copyright (C) 2008, 2009 Simon Josefsson
* Copyright (c) 2000 Markus Friedl
* Copyright (c) 2015 Microsoft Corp.
@@ -41,4 +41,3 @@
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/

1
libssh2/ChangeLog
View File

@@ -1 +0,0 @@
see NEWS

119
libssh2/Makefile.am
View File

@@ -1,6 +1,9 @@
AUTOMAKE_OPTIONS = foreign nostdinc
SUBDIRS = src tests docs
SUBDIRS = src
if ENABLE_TESTS
SUBDIRS += tests
endif
if BUILD_EXAMPLES
SUBDIRS += example
endif
@@ -13,39 +16,29 @@ include_HEADERS = \
include/libssh2_publickey.h \
include/libssh2_sftp.h
NETWAREFILES = nw/keepscreen.c \
nw/nwlib.c \
nw/GNUmakefile \
nw/test/GNUmakefile
DSP = win32/libssh2.dsp
VCPROJ = win32/libssh2.vcproj
DISTCLEANFILES = $(DSP)
DISTCLEANFILES =
VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \
vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \
vms/readme.vms vms/libssh2_config.h
vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \
vms/readme.vms vms/libssh2_config.h
WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \
win32/libssh2_config.h win32/config.mk win32/rules.mk \
win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \
win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc
WIN32FILES = src/libssh2.rc NMakefile
OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \
os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \
os400/os400sys.c os400/ccsid.c \
os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \
os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \
os400/libssh2rpg/libssh2.rpgle.in \
os400/libssh2rpg/libssh2_ccsid.rpgle.in \
os400/libssh2rpg/libssh2_publickey.rpgle \
os400/libssh2rpg/libssh2_sftp.rpgle \
Makefile.os400qc3.inc
os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \
os400/os400sys.c os400/ccsid.c \
os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \
os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \
os400/include/assert.h \
os400/libssh2rpg/libssh2.rpgle.in \
os400/libssh2rpg/libssh2_ccsid.rpgle.in \
os400/libssh2rpg/libssh2_publickey.rpgle \
os400/libssh2rpg/libssh2_sftp.rpgle
EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \
maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \
CMakeLists.txt cmake $(OS400FILES)
EXTRA_DIST = $(WIN32FILES) get_ver.awk \
maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \
CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \
buildconf Makefile.mk
ACLOCAL_AMFLAGS = -I m4
@@ -86,69 +79,11 @@ gen-coverage:
coverage: init-coverage build-coverage gen-coverage
# DSP/VCPROJ generation adapted from libcurl
# only OpenSSL and WinCNG are supported with this build system
CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c
CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h
# Makefile.inc provides the CSOURCES and HHEADERS defines
include Makefile.inc
WIN32SOURCES = $(CSOURCES)
WIN32HEADERS = $(HHEADERS) libssh2_config.h
$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am
echo "creating $(DSP)"
@( (cat $(srcdir)/win32/msvcproj.head; \
echo "# Begin Group \"Source Files\""; \
echo ""; \
echo "# PROP Default_Filter \"cpp;c;cxx\""; \
win32_srcs='$(WIN32SOURCES)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
for file in $$sorted_srcs; do \
echo "# Begin Source File"; \
echo ""; \
echo "SOURCE=..\\src\\"$$file; \
echo "# End Source File"; \
done; \
echo "# End Group"; \
echo "# Begin Group \"Header Files\""; \
echo ""; \
echo "# PROP Default_Filter \"h;hpp;hxx\""; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
for file in $$sorted_hdrs; do \
echo "# Begin Source File"; \
echo ""; \
if [ "$$file" = "libssh2_config.h" ]; \
then \
echo "SOURCE=.\\"$$file; \
else \
echo "SOURCE=..\\src\\"$$file; \
fi; \
echo "# End Source File"; \
done; \
echo "# End Group"; \
cat $(srcdir)/win32/msvcproj.foot) | \
awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am
echo "creating $(VCPROJ)"
@( (cat $(srcdir)/vc8proj.head; \
win32_srcs='$(WIN32SOURCES)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
for file in $$sorted_srcs; do \
echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
done; \
echo "</Filter><Filter Name=\"Header Files\">"; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
for file in $$sorted_hdrs; do \
echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
done; \
cat $(srcdir)/vc8proj.foot) | \
awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
checksrc:
perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \
-AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \
perl ci/checksrc.pl -i4 -m79 \
-ASNPRINTF \
-ACOPYRIGHT \
-AFOPENMODE \
-ATYPEDEFSTRUCT \
-Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \
tests/*.[ch]

150
libssh2/Makefile.in
View File

@@ -1,4 +1,4 @@
# Makefile.in generated by automake 1.16.4 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
@@ -89,7 +89,8 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
@BUILD_EXAMPLES_TRUE@am__append_1 = example
@ENABLE_TESTS_TRUE@am__append_1 = tests
@BUILD_EXAMPLES_TRUE@am__append_2 = example
subdir = .
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \
@@ -191,11 +192,11 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
DIST_SUBDIRS = src tests docs example
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.inc \
$(srcdir)/libssh2.pc.in COPYING ChangeLog NEWS README compile \
config.guess config.rpath config.sub depcomp install-sh \
ltmain.sh missing
DIST_SUBDIRS = src docs tests example
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/libssh2.pc.in \
COPYING README compile config.guess \
config.rpath config.sub depcomp install-sh ltmain.sh missing \
tap-driver.sh
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
@@ -274,12 +275,13 @@ EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
FILECMD = @FILECMD@
GREP = @GREP@
HAVE_LIBBCRYPT = @HAVE_LIBBCRYPT@
HAVE_LIBCRYPT32 = @HAVE_LIBCRYPT32@
HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@
HAVE_LIBMBEDCRYPTO = @HAVE_LIBMBEDCRYPTO@
HAVE_LIBSSL = @HAVE_LIBSSL@
HAVE_LIBWOLFSSL = @HAVE_LIBWOLFSSL@
HAVE_LIBZ = @HAVE_LIBZ@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -290,8 +292,6 @@ LD = @LD@
LDFLAGS = @LDFLAGS@
LIBBCRYPT = @LIBBCRYPT@
LIBBCRYPT_PREFIX = @LIBBCRYPT_PREFIX@
LIBCRYPT32 = @LIBCRYPT32@
LIBCRYPT32_PREFIX = @LIBCRYPT32_PREFIX@
LIBGCRYPT = @LIBGCRYPT@
LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@
LIBMBEDCRYPTO = @LIBMBEDCRYPTO@
@@ -303,17 +303,19 @@ LIBSSH2VER = @LIBSSH2VER@
LIBSSL = @LIBSSL@
LIBSSL_PREFIX = @LIBSSL_PREFIX@
LIBTOOL = @LIBTOOL@
LIBWOLFSSL = @LIBWOLFSSL@
LIBWOLFSSL_PREFIX = @LIBWOLFSSL_PREFIX@
LIBZ = @LIBZ@
LIBZ_PREFIX = @LIBZ_PREFIX@
LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBBCRYPT = @LTLIBBCRYPT@
LTLIBCRYPT32 = @LTLIBCRYPT32@
LTLIBGCRYPT = @LTLIBGCRYPT@
LTLIBMBEDCRYPTO = @LTLIBMBEDCRYPTO@
LTLIBOBJS = @LTLIBOBJS@
LTLIBSSL = @LTLIBSSL@
LTLIBWOLFSSL = @LTLIBWOLFSSL@
LTLIBZ = @LTLIBZ@
LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAINT = @MAINT@
@@ -335,6 +337,7 @@ PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
RC = @RC@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -396,7 +399,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = foreign nostdinc
SUBDIRS = src tests docs $(am__append_1)
SUBDIRS = src docs $(am__append_1) $(am__append_2)
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libssh2.pc
include_HEADERS = \
@@ -404,61 +407,35 @@ include_HEADERS = \
include/libssh2_publickey.h \
include/libssh2_sftp.h
NETWAREFILES = nw/keepscreen.c \
nw/nwlib.c \
nw/GNUmakefile \
nw/test/GNUmakefile
DSP = win32/libssh2.dsp
VCPROJ = win32/libssh2.vcproj
DISTCLEANFILES = $(DSP) ChangeLog
DISTCLEANFILES = ChangeLog
VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \
vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \
vms/readme.vms vms/libssh2_config.h
WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \
win32/libssh2_config.h win32/config.mk win32/rules.mk \
win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \
win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc
vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \
vms/readme.vms vms/libssh2_config.h
WIN32FILES = src/libssh2.rc NMakefile
OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \
os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \
os400/os400sys.c os400/ccsid.c \
os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \
os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \
os400/libssh2rpg/libssh2.rpgle.in \
os400/libssh2rpg/libssh2_ccsid.rpgle.in \
os400/libssh2rpg/libssh2_publickey.rpgle \
os400/libssh2rpg/libssh2_sftp.rpgle \
Makefile.os400qc3.inc
os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \
os400/os400sys.c os400/ccsid.c \
os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \
os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \
os400/include/assert.h \
os400/libssh2rpg/libssh2.rpgle.in \
os400/libssh2rpg/libssh2_ccsid.rpgle.in \
os400/libssh2rpg/libssh2_publickey.rpgle \
os400/libssh2rpg/libssh2_sftp.rpgle
EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \
maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \
CMakeLists.txt cmake $(OS400FILES)
EXTRA_DIST = $(WIN32FILES) get_ver.awk \
maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \
CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \
buildconf Makefile.mk
ACLOCAL_AMFLAGS = -I m4
# DSP/VCPROJ generation adapted from libcurl
# only OpenSSL and WinCNG are supported with this build system
CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c
CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h
CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \
packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \
version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \
blowfish.c bcrypt_pbkdf.c agent_win.c
HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \
mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h
# Makefile.inc provides the CSOURCES and HHEADERS defines
WIN32SOURCES = $(CSOURCES)
WIN32HEADERS = $(HHEADERS) libssh2_config.h
all: all-recursive
.SUFFIXES:
am--refresh: Makefile
@:
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/Makefile.inc $(am__configure_deps)
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@@ -480,7 +457,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \
esac;
$(srcdir)/Makefile.inc $(am__empty):
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
$(SHELL) ./config.status --recheck
@@ -1017,61 +993,13 @@ gen-coverage:
coverage: init-coverage build-coverage gen-coverage
$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am
echo "creating $(DSP)"
@( (cat $(srcdir)/win32/msvcproj.head; \
echo "# Begin Group \"Source Files\""; \
echo ""; \
echo "# PROP Default_Filter \"cpp;c;cxx\""; \
win32_srcs='$(WIN32SOURCES)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
for file in $$sorted_srcs; do \
echo "# Begin Source File"; \
echo ""; \
echo "SOURCE=..\\src\\"$$file; \
echo "# End Source File"; \
done; \
echo "# End Group"; \
echo "# Begin Group \"Header Files\""; \
echo ""; \
echo "# PROP Default_Filter \"h;hpp;hxx\""; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
for file in $$sorted_hdrs; do \
echo "# Begin Source File"; \
echo ""; \
if [ "$$file" = "libssh2_config.h" ]; \
then \
echo "SOURCE=.\\"$$file; \
else \
echo "SOURCE=..\\src\\"$$file; \
fi; \
echo "# End Source File"; \
done; \
echo "# End Group"; \
cat $(srcdir)/win32/msvcproj.foot) | \
awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am
echo "creating $(VCPROJ)"
@( (cat $(srcdir)/vc8proj.head; \
win32_srcs='$(WIN32SOURCES)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
for file in $$sorted_srcs; do \
echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
done; \
echo "</Filter><Filter Name=\"Header Files\">"; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
for file in $$sorted_hdrs; do \
echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
done; \
cat $(srcdir)/vc8proj.foot) | \
awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
checksrc:
perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \
-AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \
perl ci/checksrc.pl -i4 -m79 \
-ASNPRINTF \
-ACOPYRIGHT \
-AFOPENMODE \
-ATYPEDEFSTRUCT \
-Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \
tests/*.[ch]
# Tell versions [3.59,3.63) of GNU make to not export all variables.

326
libssh2/Makefile.mk Normal file
View File

@@ -0,0 +1,326 @@
#########################################################################
#
# Makefile for building libssh2 with GCC-like toolchains.
# Use: make -f Makefile.mk [help|all|clean|dist|distclean|dyn|objclean|example|exampleclean|test|testclean]
#
# Written by Guenter Knauf and Viktor Szakats
#
# Look for ' ?=' to find accepted customization variables.
#
#########################################################################
### Common
CFLAGS ?=
CPPFLAGS ?=
LIBSSH2_CPPFLAGS_LIB ?=
RCFLAGS ?=
LDFLAGS ?=
LIBSSH2_LDFLAGS_BIN ?=
LIBSSH2_LDFLAGS_DYN ?=
LIBS ?=
CROSSPREFIX ?=
ifeq ($(CC),cc)
CC := gcc
endif
CC := $(CROSSPREFIX)$(CC)
AR := $(CROSSPREFIX)$(AR)
RC ?= $(CROSSPREFIX)windres
# For compatibility
ARCH ?=
ifeq ($(ARCH),w64)
TRIPLET := x86_64-w64-mingw32
CFLAGS += -m64
LDFLAGS += -m64
RCFLAGS += --target=pe-x86-64
else ifdef ARCH
TRIPLET := i686-w64-mingw32
CFLAGS += -m32
LDFLAGS += -m32
RCFLAGS += --target=pe-i386
else
TRIPLET ?= $(shell $(CC) -dumpmachine)
endif
BLD_DIR ?= $(TRIPLET)
ifneq ($(findstring -w,$(TRIPLET)),)
WIN32 := 1
BIN_EXT := .exe
DYN_EXT := .dll
else
CPPFLAGS += -I$(BLD_DIR) -DHAVE_CONFIG_H
endif
CPPFLAGS += -Isrc -Iinclude
RCFLAGS += -Iinclude
# examples, tests
LIBSSH2_LDFLAGS_BIN += -L$(BLD_DIR)
LIBS_BIN := -lssh2
ifdef WIN32
LIBS_BIN += -lws2_32
endif
ifdef DYN
ifdef WIN32
libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2.dll.a
else
libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2$(DYN_EXT)
endif
LIBSSH2_LDFLAGS_BIN += -shared
else
libssh2_DEPENDENCIES := $(BLD_DIR)/libssh2.a
LIBSSH2_LDFLAGS_BIN += -static
endif
### Optional features
# must be equal to DEBUG or NDEBUG
DB ?= NDEBUG
CPPFLAGS += -D$(DB)
ifeq ($(DB),NDEBUG)
OBJ_DIR := release
else
OBJ_DIR := debug
CFLAGS += -g
CPPFLAGS += -DLIBSSH2DEBUG
endif
OBJ_DIR := $(BLD_DIR)/$(OBJ_DIR)
# Linker options to exclude for shared mode executables.
_LDFLAGS :=
_LIBS :=
ifdef OPENSSL_PATH
CPPFLAGS += -DLIBSSH2_OPENSSL
OPENSSL_INCLUDE ?= $(OPENSSL_PATH)/include
OPENSSL_LIBPATH ?= $(OPENSSL_PATH)/lib
CPPFLAGS += -I"$(OPENSSL_INCLUDE)"
_LDFLAGS += -L"$(OPENSSL_LIBPATH)"
OPENSSL_LIBS ?= -lssl -lcrypto
_LIBS += $(OPENSSL_LIBS)
else ifdef WOLFSSL_PATH
CPPFLAGS += -DLIBSSH2_WOLFSSL
CPPFLAGS += -I"$(WOLFSSL_PATH)/include"
CPPFLAGS += -I"$(WOLFSSL_PATH)/include/wolfssl"
_LDFLAGS += -L"$(WOLFSSL_PATH)/lib"
_LIBS += -lwolfssl
else ifdef LIBGCRYPT_PATH
CPPFLAGS += -DLIBSSH2_LIBGCRYPT
CPPFLAGS += -I"$(LIBGCRYPT_PATH)/include"
_LDFLAGS += -L"$(LIBGCRYPT_PATH)/lib"
_LIBS += -lgcrypt
else ifdef MBEDTLS_PATH
CPPFLAGS += -DLIBSSH2_MBEDTLS
CPPFLAGS += -I"$(MBEDTLS_PATH)/include"
_LDFLAGS += -L"$(MBEDTLS_PATH)/lib"
_LIBS += -lmbedtls -lmbedx509 -lmbedcrypto
else ifdef WIN32
CPPFLAGS += -DLIBSSH2_WINCNG
else
$(error No suitable cryptography backend found)
endif
ifdef ZLIB_PATH
CPPFLAGS += -DLIBSSH2_HAVE_ZLIB
CPPFLAGS += -I"$(ZLIB_PATH)/include"
_LDFLAGS += -L"$(ZLIB_PATH)/lib"
_LIBS += -lz
endif
ifdef WIN32
_LIBS += -lws2_32 -lcrypt32 -lbcrypt
endif
LIBSSH2_LDFLAGS_DYN += $(_LDFLAGS)
LIBS_DYN += $(_LIBS)
ifndef DYN
LIBSSH2_LDFLAGS_BIN += $(_LDFLAGS)
LIBS_BIN += $(_LIBS)
endif
### Rules
# Platform-dependent helper tool macros
ifneq ($(findstring /sh,$(SHELL)),)
DEL = rm -f $1
RMDIR = rm -fr $1
MKDIR = mkdir -p $1
COPY = -cp -afv $1 $2
DL = '
else
DEL = -del 2>NUL /q /f $(subst /,\,$1)
RMDIR = -rd 2>NUL /q /s $(subst /,\,$1)
MKDIR = -md 2>NUL $(subst /,\,$1)
COPY = -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
endif
AWK := awk
ZIP := zip -qzr9
# Include the version info retrieved from libssh2.h
-include $(OBJ_DIR)/version.inc
vpath %.c src
ifdef WIN32
vpath %.rc src
endif
# Get CSOURCES define
include src/Makefile.inc
OBJS := $(addprefix $(OBJ_DIR)/,$(patsubst %.c,%.o,$(CSOURCES)))
TARGET := $(BLD_DIR)/libssh2
# Override the path below to point to your Distribution folder.
DISTNAM ?= libssh2-$(LIBSSH2_VERSION_STR)-bin-$(word 1,$(subst -, ,$(TRIPLET)))
DISTDIR := $(BLD_DIR)/$(DISTNAM)
DISTARC := $(DISTDIR).zip
LIBSSH2_DYN_SUFFIX ?=
libssh2_dyn_LIBRARY := $(TARGET)$(LIBSSH2_DYN_SUFFIX)$(DYN_EXT)
OBJS_dyn := $(OBJS)
ifdef WIN32
libssh2_def_LIBRARY := $(libssh2_dyn_LIBRARY:$(DYN_EXT)=.def)
libssh2_dyn_a_LIBRARY := $(TARGET).dll.a
OBJS_dyn += $(OBJ_DIR)/libssh2.res
LIBSSH2_LDFLAGS_DYN += -Wl,--output-def,$(libssh2_def_LIBRARY),--out-implib,$(libssh2_dyn_a_LIBRARY)
endif
# Get noinst_PROGRAMS define
include example/Makefile.am
TARGETS_EXAMPLES := $(patsubst %.c,%$(BIN_EXT),$(strip $(wildcard example/*.c)))
all: lib dyn
# For compatibility
dll: dyn
dyn: prebuild $(libssh2_dyn_LIBRARY)
lib: prebuild $(TARGET).a
prebuild: $(OBJ_DIR) $(OBJ_DIR)/version.inc
example: $(TARGETS_EXAMPLES)
# Get DOCKER_TESTS, STANDALONE_TESTS, SSHD_TESTS, TESTS_WITH_LIB_STATIC,
# librunner_la_SOURCES defines
include tests/Makefile.inc
TARGETS_RUNNER := $(TARGET)-runner.a
TARGETS_RUNNER_OBJS := $(addprefix $(OBJ_DIR)/,$(patsubst %.c,%.o,$(filter %.c,$(librunner_la_SOURCES))))
TARGETS_TESTS := $(patsubst %.c,%$(BIN_EXT),$(addprefix tests/,$(addsuffix .c,$(DOCKER_TESTS) $(STANDALONE_TESTS) $(SSHD_TESTS))))
ifdef DYN
TARGETS_TESTS := $(filter-out $(patsubst %.c,%$(BIN_EXT),$(addprefix tests/,$(addsuffix .c,$(TESTS_WITH_LIB_STATIC)))),$(TARGETS_TESTS))
endif
test: $(TARGETS_RUNNER) $(TARGETS_TESTS)
$(TARGETS_RUNNER_OBJS):
$(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) -c $(patsubst $(OBJ_DIR)/%.o,tests/%.c,$@) -o $@
$(TARGETS_RUNNER): $(TARGETS_RUNNER_OBJS)
@$(call DEL, $@)
$(AR) rcs $@ $^
test_%$(BIN_EXT): $(libssh2_DEPENDENCIES) $(TARGETS_RUNNER)
$(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $(LIBSSH2_LDFLAGS_BIN) \
$(patsubst %$(BIN_EXT),%.c,$@) -o $@ $(TARGETS_RUNNER) $(LIBS) $(LIBS_BIN)
%$(BIN_EXT): %.c $(libssh2_DEPENDENCIES)
$(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $(LIBSSH2_LDFLAGS_BIN) $< -o $@ $(LIBS) $(LIBS_BIN)
$(OBJ_DIR)/%.o: %.c
$(CC) -W -Wall $(CFLAGS) $(CPPFLAGS) $(LIBSSH2_CPPFLAGS_LIB) -c $< -o $@
$(libssh2_dyn_LIBRARY) $(libssh2_dyn_a_LIBRARY): $(OBJS_dyn)
@$(call DEL, $@)
$(CC) $(LDFLAGS) -shared $(LIBSSH2_LDFLAGS_DYN) $^ -o $@ $(LIBS) $(LIBS_DYN)
ifdef WIN32
$(OBJ_DIR)/%.res: %.rc
$(RC) -O coff $(RCFLAGS) -i $< -o $@
endif
$(TARGET).a: $(OBJS)
@$(call DEL, $@)
$(AR) rcs $@ $^
$(OBJ_DIR)/version.inc: get_ver.awk include/libssh2.h $(OBJ_DIR)
$(AWK) -f $^ > $@
dist: all $(DISTDIR) $(DISTDIR)/readme.txt
@$(call MKDIR, $(DISTDIR)/bin)
@$(call MKDIR, $(DISTDIR)/include)
@$(call MKDIR, $(DISTDIR)/lib)
@$(call COPY, COPYING, $(DISTDIR))
@$(call COPY, README, $(DISTDIR))
@$(call COPY, RELEASE-NOTES, $(DISTDIR))
@$(call COPY, include/*.h, $(DISTDIR)/include)
@$(call COPY, $(TARGET).a, $(DISTDIR)/lib)
ifdef WIN32
@$(call COPY, $(libssh2_def_LIBRARY), $(DISTDIR)/bin)
@$(call COPY, $(libssh2_dyn_LIBRARY), $(DISTDIR)/bin)
@$(call COPY, $(libssh2_dyn_a_LIBRARY), $(DISTDIR)/lib)
else
@$(call COPY, $(libssh2_dyn_LIBRARY), $(DISTDIR)/lib)
endif
@echo Creating... $(DISTARC)
(cd $(DISTDIR)/.. && $(ZIP) $(abspath $(DISTARC)) $(DISTNAM)/* < $(abspath $(DISTDIR)/readme.txt))
distclean vclean: clean
$(call RMDIR, $(DISTDIR))
$(call DEL, $(DISTARC))
objclean: all
$(call RMDIR, $(OBJ_DIR))
exampleclean:
$(call DEL, $(TARGETS_EXAMPLES))
testclean:
$(call DEL, $(TARGETS_RUNNER_OBJS) $(TARGETS_RUNNER) $(TARGETS_TESTS))
clean:
$(call DEL, $(TARGET).a $(libssh2_dyn_LIBRARY) $(libssh2_def_LIBRARY) $(libssh2_dyn_a_LIBRARY))
$(call RMDIR, $(OBJ_DIR))
$(OBJ_DIR) $(DISTDIR):
@$(call MKDIR, $@)
$(DISTDIR)/readme.txt: Makefile.mk
@echo Creating... $@
@echo $(DL)This is a binary distribution for $(TRIPLET).$(DL) > $@
@echo $(DL)libssh2 version $(LIBSSH2_VERSION_STR)$(DL) >> $@
@echo $(DL)Please download the complete libssh2 package for$(DL) >> $@
@echo $(DL)any further documentation:$(DL) >> $@
@echo $(DL)https://www.libssh2.org/$(DL) >> $@
help: $(OBJ_DIR)/version.inc
@echo $(DL)===========================================================$(DL)
@echo $(DL)OpenSSL path = $(OPENSSL_PATH)$(DL)
@echo $(DL)wolfSSL path = $(WOLFSSL_PATH)$(DL)
@echo $(DL)libgcrypt path = $(LIBGCRYPT_PATH)$(DL)
@echo $(DL)mbedTLS path = $(MBEDTLS_PATH)$(DL)
@echo $(DL)zlib path = $(ZLIB_PATH)$(DL)
@echo $(DL)===========================================================$(DL)
@echo $(DL)libssh2 $(LIBSSH2_VERSION_STR) - available targets are:$(DL)
@echo $(DL)$(MAKE) all$(DL)
@echo $(DL)$(MAKE) dyn$(DL)
@echo $(DL)$(MAKE) lib$(DL)
@echo $(DL)$(MAKE) clean$(DL)
@echo $(DL)$(MAKE) dist$(DL)
@echo $(DL)$(MAKE) distclean$(DL)
@echo $(DL)$(MAKE) objclean$(DL)
@echo $(DL)$(MAKE) example$(DL)
@echo $(DL)$(MAKE) exampleclean$(DL)
@echo $(DL)$(MAKE) test$(DL)
@echo $(DL)$(MAKE) testclean$(DL)
@echo $(DL)===========================================================$(DL)

6831
libssh2/NEWS
View File

File diff suppressed because it is too large Load Diff

95
libssh2/NMakefile
View File

@@ -1,23 +1,86 @@
!include "win32/config.mk"
!if "$(WITH_WINCNG)" == "1"
!include "Makefile.WinCNG.inc"
!else
!include "Makefile.OpenSSL.inc"
!if "$(TARGET)" == ""
TARGET=Release
!endif
!include "Makefile.inc"
!if "$(TARGET)" == "Debug"
SUFFIX=_debug
CFLAGS=/Od /MDd
DLLFLAGS=/LDd /DEBUG
!else
CFLAGS=/Oi /O2 /Oy /GF /Y- /MD /DNDEBUG
DLLFLAGS=/LD
!endif
CFLAGS=/nologo /GL /Zi /EHsc $(CFLAGS) /Iinclude
!if "$(OPENSSL_PATH)" != ""
CFLAGS=$(CFLAGS) /DLIBSSH2_OPENSSL /I$(OPENSSL_PATH)\include
LIBS=$(LIBS) $(OPENSSL_PATH)\lib\crypto.lib $(OPENSSL_PATH)\lib\ssl.lib
!else
CFLAGS=$(CFLAGS) /DLIBSSH2_WINCNG
LIBS=crypt32.lib bcrypt.lib
!endif
!if "$(ZLIB_PATH)" != ""
CFLAGS=$(CFLAGS) /DLIBSSH2_HAVE_ZLIB /I$(ZLIB_PATH)\include
LIBS=$(LIBS) $(ZLIB_PATH)\lib\zlib.lib
!endif
LIBS=$(LIBS) ws2_32.lib user32.lib advapi32.lib gdi32.lib
INTDIR=$(TARGET)
SUBDIR=src
!include "src/Makefile.inc"
OBJECTS=$(CSOURCES:.c=.obj)
# SUBDIRS=src example
SUBDIRS=src
!if "$(TARGET)" == "Debug"
OBJECTS=Debug/$(OBJECTS: = Debug/)
OBJECTS=$(OBJECTS: Debug/ = )
!else
TARGET=Release
OBJECTS=Release/$(OBJECTS: = Release/)
OBJECTS=$(OBJECTS: Release/ = )
!endif
all-sub: win32\objects.mk
-for %D in ($(SUBDIRS)) do $(MAKE) /nologo /f %D/NMakefile BUILD=$(BUILD) SUBDIR=%D all-sub
!if "$(AR)" == ""
AR=lib
ARFLAGS=-nologo /LTCG
!endif
RESOURCE=$(INTDIR)\libssh2.res
DLL=libssh2$(SUFFIX).dll
STATICLIB=$(INTDIR)\libssh2.lib
!if "$(BUILD_STATIC_LIB)" == ""
all: $(INTDIR) $(DLL)
!else
all: $(INTDIR) $(STATICLIB)
!endif
$(INTDIR):
@if not exist $(INTDIR) mkdir $(INTDIR)
$(DLL): $(OBJECTS) $(RESOURCE)
$(CC) -o $(DLL) $(CFLAGS) $(DLLFLAGS) $(OBJECTS) $(RESOURCE) $(LIBS)
$(STATICLIB): $(OBJECTS)
$(AR) $(ARFLAGS) -out:$@ $(OBJECTS)
$(RESOURCE): src\libssh2.rc
$(RC) /Iinclude /Fo"$@" $?
all-sub: $(INTDIR) all
clean-sub: clean
{$(SUBDIR)}.c{$(INTDIR)}.obj::
$(CC) -c $(CFLAGS) /Fo"$(INTDIR)\\" $<
clean:
-rmdir 2>NUL /s/q $(TARGET)
-del 2>NUL win32\objects.mk
-rd 2>NUL /q /s $(TARGET)
real-clean vclean: clean
-del 2>NUL libssh2.dll
@@ -25,9 +88,3 @@ real-clean vclean: clean
-del 2>NUL libssh2.ilk
-del 2>NUL libssh2.lib
-del 2>NUL *.pdb
win32\objects.mk: Makefile.inc
@echo OBJECTS = \>$@
@for %O in ($(OBJECTS)) do @echo $$(INTDIR)\%O \>>$@
@echo $$(EOL)>>$@

2
libssh2/README
View File

@@ -6,7 +6,7 @@ the revised BSD license.
Web site: https://www.libssh2.org/
Mailing list: https://cool.haxx.se/mailman/listinfo/libssh2-devel
Mailing list: https://lists.haxx.se/listinfo/libssh2-devel
License: see COPYING

16
libssh2/README.md Normal file
View File

@@ -0,0 +1,16 @@
# libssh2 - SSH2 library
libssh2 is a library implementing the SSH2 protocol, available under
the revised BSD license.
[Web site](https://www.libssh2.org/)
[Mailing list](https://lists.haxx.se/listinfo/libssh2-devel)
[BSD Licensed](https://www.libssh2.org/license.html)
[Web site source code](https://github.com/libssh2/www)
Installation instructions:
- [for CMake](docs/INSTALL_CMAKE.md)
- [for autotools](docs/INSTALL_AUTOTOOLS)

123
libssh2/RELEASE-NOTES
View File

@@ -1,62 +1,75 @@
libssh2 1.10
libssh2 1.11
This release includes the following enhancements and bugfixes:
o adds agent forwarding support
o adds OpenSSH Agent support on Windows
o adds ECDSA key support using the Mbed TLS backend
o adds ECDSA cert authentication
o adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512,
diffie-hellman-group18-sha512 key exchanges
o adds support for PKIX key reading when using ed25519 with OpenSSL
o adds support for EWOULDBLOCK on VMS systems
o adds support for building with OpenSSL 3
o adds support for using FIPS mode in OpenSSL
o adds debug symbols when building with MSVC
o adds support for building on the 3DS
o adds unicode build support on Windows
o restores os400 building
o increases min, max and opt Diffie Hellman group values
o improves portiablity of the make file
o improves timeout behavior with 2FA keyboard auth
o various improvements to the Wincng backend
o fixes reading parital packet replies when using an agent
o fixes Diffie Hellman key exchange on Windows 1903+ builds
o fixes building tests with older versions of OpenSSL
o fixes possible multiple definition warnings
o fixes potential cast issues _libssh2_ecdsa_key_get_curve_type()
o fixes potential use after free if libssh2_init() is called twice
o improved linking when using Mbed TLS
o fixes call to libssh2_crypto_exit() if crypto hasn't been initialized
o fixes crash when loading public keys with no id
o fixes possible out of bounds read when exchanging keys
o fixes possible out of bounds read when reading packets
o fixes possible out of bounds read when opening an X11 connection
o fixes possible out of bounds read when ecdh host keys
o fixes possible hang when trying to read a disconnected socket
o fixes a crash when using the delayed compression option
o fixes read error with large known host entries
o fixes various warnings
o fixes various small memory leaks
o improved error handling, various detailed errors will now be reported
o builds are now using OSS-Fuzz
o builds now use autoreconf instead of a custom build script
o cmake now respects install directory
o improved CI backend
o updated HACKING-CRYPTO documentation
o use markdown file extensions
o improved unit tests
o Adds support for encrypt-then-mac (ETM) MACs
o Adds support for AES-GCM crypto protocols
o Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys
o Adds support for RSA certificate authentication
o Adds FIDO support with *_sk() functions
o Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends
o Adds Agent Forwarding and libssh2_agent_sign()
o Adds support for Channel Signal message libssh2_channel_signal_ex()
o Adds support to get the user auth banner message libssh2_userauth_banner()
o Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519,
AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options
o Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()
o Adds wolfSSL support to CMake file
o Adds mbedTLS 3.x support
o Adds LibreSSL 3.5 support
o Adds support for CMake "unity" builds
o Adds CMake support for building shared and static libs in a single pass
o Adds symbol hiding support to CMake
o Adds support for libssh2.rc for all build tools
o Adds .zip, .tar.xz and .tar.bz2 release tarballs
o Enables ed25519 key support for LibreSSL 3.7.0 or higher
o Improves OpenSSL 1.1 and 3 compatibility
o Now requires OpenSSL 1.0.2 or newer
o Now requires CMake 3.1 or newer
o SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs
o SFTP: No longer has a packet limit when reading a directory
o SFTP: now parses attribute extensions if they exist
o SFTP: no longer will busy loop if SFTP fails to initialize
o SFTP: now clear various errors as expected
o SFTP: no longer skips files if the line buffer is too small
o SCP: add option to not quote paths
o SCP: Enables 64-bit offset support unconditionally
o Now skips leading \r and \n characters in banner_receive()
o Enables secure memory zeroing with all build tools on all platforms
o No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive
o Speed up base64 encoding by 7x
o Assert if there is an attempt to write a value that is too large
o WinCNG: fix memory leak in _libssh2_dh_secret()
o Added protection against possible null pointer dereferences
o Agent now handles overly large comment lengths
o Now ensure KEX replies don't include extra bytes
o Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER
o Fixed possible buffer overflow in keyboard interactive code path
o Fixed overlapping memcpy()
o Fixed Windows UWP builds
o Fixed DLL import name
o Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows
o Support for building with gcc versions older than 8
o Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files
o Restores ANSI C89 compliance
o Enabled new compiler warnings and fixed/silenced them
o Improved error messages
o Now uses CIFuzz
o Numerous minor code improvements
o Improvements to CI builds
o Improvements to unit tests
o Improvements to doc files
o Improvements to example files
o Removed "old gex" build option
o Removed no-encryption/no-mac builds
o Removed support for NetWare and Watcom wmake build files
This release would not have looked like this without help, code, reports and
advice from friends like these:
katzer, Orgad Shaneh, mark-i-m, Zenju, axjowa, Thilo Schulz,
Etienne Samson, hlefebvre, seba30, Panos, jethrogb, Fabrice Fontaine,
Will Cosgrove, Daniel Stenberg, Michael Buckley, Wallace Souza Silva,
Romain-Geissler-1A, meierha, Tseng Jun, Thomas Klausner, Brendan Shanks,
Harry Sintonen, monnerat, Koutheir Attouchi, Marc Hörsken, yann-morin-1998,
Wez Furlong, TDi-jonesds, David Benjamin, Max Dymond, Igor Klevanets,
Viktor Szakats, Laurent Stacul, Mstrodl, Gabriel Smith, MarcT512,
Paul Capron, teottin, Tor Erik Ottinsen, Brian Inglis
(40 contributors)
Viktor Szakats, Dan Fandrich, Will Cosgrove, Daniel Stenberg, Michael Buckley,
Zenju, Miguel de Icaza, Nick Woodruff, Keith Dart, Anders Borum,
Jörgen Sigvardsson, vajdaakos, Gustavo Junior Alves, Marc Hörsken, iruis,
Nishit Majithia, Stefan Eissing, metab0t, Y. Yang, skundu07, Mike Harris,
Gabriel Smith, Leo Liu, Miguel de Icaza, Sandeep Bansal, Harry Sintonen,
xalopp, tihmstar, Sunil Nimmagadda

515
libssh2/acinclude.m4
View File

@@ -1,3 +1,145 @@
dnl CURL_CPP_P
dnl
dnl Check if $cpp -P should be used for extract define values due to gcc 5
dnl splitting up strings and defines between line outputs. gcc by default
dnl (without -P) will show TEST EINVAL TEST as
dnl
dnl # 13 "conftest.c"
dnl TEST
dnl # 13 "conftest.c" 3 4
dnl 22
dnl # 13 "conftest.c"
dnl TEST
AC_DEFUN([CURL_CPP_P], [
AC_MSG_CHECKING([if cpp -P is needed])
AC_EGREP_CPP([TEST.*TEST], [
#include <errno.h>
TEST EINVAL TEST
], [cpp=no], [cpp=yes])
AC_MSG_RESULT([$cpp])
dnl we need cpp -P so check if it works then
if test "x$cpp" = "xyes"; then
AC_MSG_CHECKING([if cpp -P works])
OLDCPPFLAGS=$CPPFLAGS
CPPFLAGS="$CPPFLAGS -P"
AC_EGREP_CPP([TEST.*TEST], [
#include <errno.h>
TEST EINVAL TEST
], [cpp_p=yes], [cpp_p=no])
AC_MSG_RESULT([$cpp_p])
if test "x$cpp_p" = "xno"; then
AC_MSG_WARN([failed to figure out cpp -P alternative])
# without -P
CPPPFLAG=""
else
# with -P
CPPPFLAG="-P"
fi
dnl restore CPPFLAGS
CPPFLAGS=$OLDCPPFLAGS
else
# without -P
CPPPFLAG=""
fi
])
dnl CURL_CHECK_DEF (SYMBOL, [INCLUDES], [SILENT])
dnl -------------------------------------------------
dnl Use the C preprocessor to find out if the given object-style symbol
dnl is defined and get its expansion. This macro will not use default
dnl includes even if no INCLUDES argument is given. This macro will run
dnl silently when invoked with three arguments. If the expansion would
dnl result in a set of double-quoted strings the returned expansion will
dnl actually be a single double-quoted string concatenating all them.
AC_DEFUN([CURL_CHECK_DEF], [
AC_REQUIRE([CURL_CPP_P])dnl
OLDCPPFLAGS=$CPPFLAGS
# CPPPFLAG comes from CURL_CPP_P
CPPFLAGS="$CPPFLAGS $CPPPFLAG"
AS_VAR_PUSHDEF([ac_HaveDef], [curl_cv_have_def_$1])dnl
AS_VAR_PUSHDEF([ac_Def], [curl_cv_def_$1])dnl
if test -z "$SED"; then
AC_MSG_ERROR([SED not set. Cannot continue without SED being set.])
fi
if test -z "$GREP"; then
AC_MSG_ERROR([GREP not set. Cannot continue without GREP being set.])
fi
ifelse($3,,[AC_MSG_CHECKING([for preprocessor definition of $1])])
tmp_exp=""
AC_PREPROC_IFELSE([
AC_LANG_SOURCE(
ifelse($2,,,[$2])[[
#ifdef $1
CURL_DEF_TOKEN $1
#endif
]])
],[
tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \
"$GREP" CURL_DEF_TOKEN 2>/dev/null | \
"$SED" 's/.*CURL_DEF_TOKEN[[ ]][[ ]]*//' 2>/dev/null | \
"$SED" 's/[["]][[ ]]*[["]]//g' 2>/dev/null`
if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then
tmp_exp=""
fi
])
if test -z "$tmp_exp"; then
AS_VAR_SET(ac_HaveDef, no)
ifelse($3,,[AC_MSG_RESULT([no])])
else
AS_VAR_SET(ac_HaveDef, yes)
AS_VAR_SET(ac_Def, $tmp_exp)
ifelse($3,,[AC_MSG_RESULT([$tmp_exp])])
fi
AS_VAR_POPDEF([ac_Def])dnl
AS_VAR_POPDEF([ac_HaveDef])dnl
CPPFLAGS=$OLDCPPFLAGS
])
dnl CURL_CHECK_COMPILER_CLANG
dnl -------------------------------------------------
dnl Verify if compiler being used is clang.
AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
AC_BEFORE([$0],[CURL_CHECK_COMPILER_GNU_C])dnl
AC_MSG_CHECKING([if compiler is clang])
CURL_CHECK_DEF([__clang__], [], [silent])
if test "$curl_cv_have_def___clang__" = "yes"; then
AC_MSG_RESULT([yes])
AC_MSG_CHECKING([if compiler is xlclang])
CURL_CHECK_DEF([__ibmxl__], [], [silent])
if test "$curl_cv_have_def___ibmxl__" = "yes" ; then
dnl IBM's almost-compatible clang version
AC_MSG_RESULT([yes])
compiler_id="XLCLANG"
else
AC_MSG_RESULT([no])
compiler_id="CLANG"
fi
fullclangver=`$CC -v 2>&1 | grep version`
clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'`
if test -z "$clangver"; then
if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then
dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version
clangver="3.7"
else
clangver=`echo $fullclangver | "$SED" 's/.*version \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'`
fi
fi
clangvhi=`echo $clangver | cut -d . -f1`
clangvlo=`echo $clangver | cut -d . -f2`
compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
flags_dbg_yes="-g"
flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4"
flags_opt_yes="-O2"
flags_opt_off="-O0"
else
AC_MSG_RESULT([no])
fi
])
dnl **********************************************************************
dnl CURL_DETECT_ICC ([ACTION-IF-YES])
@@ -28,23 +170,136 @@ AC_DEFUN([CURL_DETECT_ICC],
])
dnl We create a function for detecting which compiler we use and then set as
dnl pendantic compiler options as possible for that particular compiler. The
dnl pedantic compiler options as possible for that particular compiler. The
dnl options are only used for debug-builds.
AC_DEFUN([CURL_CC_DEBUG_OPTS],
[
if test "z$CLANG" = "z"; then
CURL_CHECK_COMPILER_CLANG
if test "z$compiler_id" = "zCLANG"; then
CLANG="yes"
else
CLANG="no"
fi
fi
if test "z$ICC" = "z"; then
CURL_DETECT_ICC
fi
if test "$GCC" = "yes"; then
if test "$CLANG" = "yes"; then
dnl figure out clang version!
AC_MSG_CHECKING([clang version])
fullclangver=`$CC -v 2>&1 | grep version`
clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'`
if test -z "$clangver"; then
if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then
dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version
clangver="3.7"
else
clangver=`echo $fullclangver | "$SED" 's/.*version \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'`
fi
fi
clangvhi=`echo $clangver | cut -d . -f1`
clangvlo=`echo $clangver | cut -d . -f2`
compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
AC_MSG_RESULT($compiler_num)
WARN="-pedantic"
CURL_ADD_COMPILER_WARNINGS([WARN], [all extra])
CURL_ADD_COMPILER_WARNINGS([WARN], [pointer-arith write-strings])
CURL_ADD_COMPILER_WARNINGS([WARN], [shadow])
CURL_ADD_COMPILER_WARNINGS([WARN], [inline nested-externs])
CURL_ADD_COMPILER_WARNINGS([WARN], [missing-declarations])
CURL_ADD_COMPILER_WARNINGS([WARN], [missing-prototypes])
WARN="$WARN -Wno-long-long"
CURL_ADD_COMPILER_WARNINGS([WARN], [float-equal])
CURL_ADD_COMPILER_WARNINGS([WARN], [no-multichar sign-compare])
CURL_ADD_COMPILER_WARNINGS([WARN], [undef])
WARN="$WARN -Wno-format-nonliteral"
CURL_ADD_COMPILER_WARNINGS([WARN], [endif-labels strict-prototypes])
CURL_ADD_COMPILER_WARNINGS([WARN], [declaration-after-statement])
CURL_ADD_COMPILER_WARNINGS([WARN], [cast-align])
WARN="$WARN -Wno-system-headers"
CURL_ADD_COMPILER_WARNINGS([WARN], [shorten-64-to-32])
#
dnl Only clang 1.1 or later
if test "$compiler_num" -ge "101"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [unused])
fi
#
dnl Only clang 2.8 or later
if test "$compiler_num" -ge "208"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [vla])
fi
#
dnl Only clang 2.9 or later
if test "$compiler_num" -ge "209"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [shift-sign-overflow])
fi
#
dnl Only clang 3.0 or later (possibly earlier)
if test "$compiler_num" -ge "300"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [bad-function-cast])
CURL_ADD_COMPILER_WARNINGS([WARN], [conversion])
CURL_ADD_COMPILER_WARNINGS([WARN], [empty-body])
CURL_ADD_COMPILER_WARNINGS([WARN], [ignored-qualifiers])
CURL_ADD_COMPILER_WARNINGS([WARN], [type-limits])
CURL_ADD_COMPILER_WARNINGS([WARN], [no-sign-conversion])
fi
#
dnl Only clang 3.2 or later
if test "$compiler_num" -ge "302"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [enum-conversion])
case $host_os in
cygwin* | mingw*)
dnl skip missing-variable-declarations warnings for cygwin and
dnl mingw because the libtool wrapper executable causes them
;;
*)
CURL_ADD_COMPILER_WARNINGS([WARN], [missing-variable-declarations])
;;
esac
fi
#
dnl Only clang 3.4 or later
if test "$compiler_num" -ge "304"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [unused-const-variable])
fi
#
dnl Only clang 3.6 or later
if test "$compiler_num" -ge "306"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [double-promotion])
fi
#
dnl Only clang 3.9 or later
if test "$compiler_num" -ge "309"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [comma])
# avoid the varargs warning, fixed in 4.0
# https://bugs.llvm.org/show_bug.cgi?id=29140
if test "$compiler_num" -lt "400"; then
WARN="$WARN -Wno-varargs"
fi
fi
dnl clang 7 or later
if test "$compiler_num" -ge "700"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [assign-enum])
CURL_ADD_COMPILER_WARNINGS([WARN], [extra-semi-stmt])
fi
CFLAGS="$CFLAGS $WARN"
AC_MSG_NOTICE([Added this set of compiler options: $WARN])
elif test "$GCC" = "yes"; then
dnl figure out gcc version!
AC_MSG_CHECKING([gcc version])
gccver=`$CC -dumpversion`
num1=`echo $gccver | cut -d . -f1`
num2=`echo $gccver | cut -d . -f2`
gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null`
compiler_num=`(expr $num1 "*" 100 + $num2) 2>/dev/null`
AC_MSG_RESULT($gccver)
if test "$ICC" = "yes"; then
@@ -61,7 +316,7 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],
WARN="-wd279,269,981,1418,1419"
if test "$gccnum" -gt "600"; then
if test "$compiler_num" -gt "600"; then
dnl icc 6.0 and older doesn't have the -Wall flag
WARN="-Wall $WARN"
fi
@@ -69,26 +324,24 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],
dnl this is a set of options we believe *ALL* gcc versions support:
WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes"
dnl -Wcast-align is a bit too annoying on all gcc versions ;-)
if test "$gccnum" -ge "207"; then
if test "$compiler_num" -ge "207"; then
dnl gcc 2.7 or later
WARN="$WARN -Wmissing-declarations"
fi
if test "$gccnum" -gt "295"; then
if test "$compiler_num" -gt "295"; then
dnl only if the compiler is newer than 2.95 since we got lots of
dnl "`_POSIX_C_SOURCE' is not defined" in system headers with
dnl gcc 2.95.4 on FreeBSD 4.9!
WARN="$WARN -Wundef -Wno-long-long -Wsign-compare"
WARN="$WARN -Wbad-function-cast -Wundef -Wno-long-long -Wno-multichar -Wshadow -Wsign-compare -Wunused"
fi
if test "$gccnum" -ge "296"; then
if test "$compiler_num" -ge "296"; then
dnl gcc 2.96 or later
WARN="$WARN -Wfloat-equal"
fi
if test "$gccnum" -gt "296"; then
if test "$compiler_num" -gt "296"; then
dnl this option does not exist in 2.96
WARN="$WARN -Wno-format-nonliteral"
fi
@@ -98,16 +351,93 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],
dnl Also, on gcc 4.0.X it is totally unbearable and complains all
dnl over making it unusable for generic purposes. Let's not use it.
if test "$gccnum" -ge "303"; then
if test "$compiler_num" -ge "303"; then
dnl gcc 3.3 and later
WARN="$WARN -Wendif-labels -Wstrict-prototypes"
fi
if test "$gccnum" -ge "304"; then
if test "$compiler_num" -ge "304"; then
# try these on gcc 3.4
WARN="$WARN -Wdeclaration-after-statement"
fi
dnl Only gcc 4.0 or later
if test "$compiler_num" -ge "400"; then
WARN="$WARN -Wstrict-aliasing=3"
fi
#
dnl Only gcc 4.1 or later (possibly earlier)
if test "$compiler_num" -ge "401"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [no-system-headers])
fi
#
dnl Only gcc 4.2 or later
if test "$compiler_num" -ge "402"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [cast-align])
fi
#
dnl Only gcc 4.3 or later
if test "$compiler_num" -ge "403"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [type-limits old-style-declaration])
CURL_ADD_COMPILER_WARNINGS([WARN], [missing-parameter-type empty-body])
CURL_ADD_COMPILER_WARNINGS([WARN], [ignored-qualifiers])
CURL_ADD_COMPILER_WARNINGS([WARN], [conversion])
WARN="$WARN -Wno-sign-conversion"
CURL_ADD_COMPILER_WARNINGS([WARN], [vla])
dnl required for -Warray-bounds, included in -Wall
WARN="$WARN -ftree-vrp"
fi
#
dnl Only gcc 4.5 or later
if test "$compiler_num" -ge "405"; then
dnl Only windows targets
case $host_os in
mingw*)
WARN="$WARN -Wno-pedantic-ms-format"
;;
esac
fi
#
dnl Only gcc 4.6 or later
if test "$compiler_num" -ge "406"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [double-promotion])
fi
#
dnl only gcc 4.8 or later
if test "$compiler_num" -ge "408"; then
WARN="$WARN -Wformat=2"
fi
#
dnl Only gcc 5 or later
if test "$compiler_num" -ge "500"; then
WARN="$WARN -Warray-bounds=2"
fi
#
dnl Only gcc 6 or later
if test "$compiler_num" -ge "600"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [shift-negative-value])
WARN="$WARN -Wshift-overflow=2"
CURL_ADD_COMPILER_WARNINGS([WARN], [null-dereference])
WARN="$WARN -fdelete-null-pointer-checks"
CURL_ADD_COMPILER_WARNINGS([WARN], [duplicated-cond])
CURL_ADD_COMPILER_WARNINGS([WARN], [unused-const-variable])
fi
#
dnl Only gcc 7 or later
if test "$compiler_num" -ge "700"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [duplicated-branches])
CURL_ADD_COMPILER_WARNINGS([WARN], [restrict])
CURL_ADD_COMPILER_WARNINGS([WARN], [alloc-zero])
WARN="$WARN -Wformat-overflow=2"
WARN="$WARN -Wformat-truncation=1"
fi
#
dnl Only gcc 10 or later
if test "$compiler_num" -ge "1000"; then
CURL_ADD_COMPILER_WARNINGS([WARN], [arith-conversion])
CURL_ADD_COMPILER_WARNINGS([WARN], [enum-conversion])
fi
for flag in $CPPFLAGS; do
case "$flag" in
-I*)
@@ -148,6 +478,67 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],
]) dnl end of AC_DEFUN()
dnl CURL_ADD_COMPILER_WARNINGS (WARNING-LIST, NEW-WARNINGS)
dnl -------------------------------------------------------
dnl Contents of variable WARNING-LIST and NEW-WARNINGS are
dnl handled as whitespace separated lists of words.
dnl Add each compiler warning from NEW-WARNINGS that has not
dnl been disabled via CFLAGS to WARNING-LIST.
AC_DEFUN([CURL_ADD_COMPILER_WARNINGS], [
AC_REQUIRE([CURL_SHFUNC_SQUEEZE])dnl
ac_var_added_warnings=""
for warning in [$2]; do
CURL_VAR_MATCH(CFLAGS, [-Wno-$warning -W$warning])
if test "$ac_var_match_word" = "no"; then
ac_var_added_warnings="$ac_var_added_warnings -W$warning"
fi
done
dnl squeeze whitespace out of result
[$1]="$[$1] $ac_var_added_warnings"
squeeze [$1]
])
dnl CURL_SHFUNC_SQUEEZE
dnl -------------------------------------------------
dnl Declares a shell function squeeze() which removes
dnl redundant whitespace out of a shell variable.
AC_DEFUN([CURL_SHFUNC_SQUEEZE], [
squeeze() {
_sqz_result=""
eval _sqz_input=\[$][$]1
for _sqz_token in $_sqz_input; do
if test -z "$_sqz_result"; then
_sqz_result="$_sqz_token"
else
_sqz_result="$_sqz_result $_sqz_token"
fi
done
eval [$]1=\$_sqz_result
return 0
}
])
dnl CURL_VAR_MATCH (VARNAME, VALUE)
dnl -------------------------------------------------
dnl Verifies if shell variable VARNAME contains VALUE.
dnl Contents of variable VARNAME and VALUE are handled
dnl as whitespace separated lists of words. If at least
dnl one word of VALUE is present in VARNAME the match
dnl is considered positive, otherwise false.
AC_DEFUN([CURL_VAR_MATCH], [
ac_var_match_word="no"
for word1 in $[$1]; do
for word2 in [$2]; do
if test "$word1" = "$word2"; then
ac_var_match_word="yes"
fi
done
done
])
dnl CURL_CHECK_NONBLOCKING_SOCKET
dnl -------------------------------------------------
dnl Check for how to set a socket to non-blocking state. There seems to exist
@@ -163,12 +554,12 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET],
[
AC_MSG_CHECKING([non-blocking sockets style])
AC_TRY_COMPILE([
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
/* headers for O_NONBLOCK test */
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
],[
]], [[
/* try to compile O_NONBLOCK */
#if defined(sun) || defined(__sun__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
@@ -187,22 +578,22 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET],
#endif
int socket;
int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK);
],[
]])],[
dnl the O_NONBLOCK test was fine
nonblock="O_NONBLOCK"
AC_DEFINE(HAVE_O_NONBLOCK, 1, [use O_NONBLOCK for non-blocking sockets])
],[
dnl the code was bad, try a different program now, test 2
AC_TRY_COMPILE([
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
/* headers for FIONBIO test */
#include <unistd.h>
#include <stropts.h>
],[
]], [[
/* FIONBIO source test (old-style unix) */
int socket;
int flags = ioctl(socket, FIONBIO, &flags);
],[
]])],[
dnl FIONBIO test was good
nonblock="FIONBIO"
AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets])
@@ -210,67 +601,34 @@ AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets])
dnl FIONBIO test was also bad
dnl the code was bad, try a different program now, test 3
AC_TRY_COMPILE([
/* headers for ioctlsocket test (Windows) */
#undef inline
#ifdef HAVE_WINDOWS_H
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <windows.h>
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#else
#ifdef HAVE_WINSOCK_H
#include <winsock.h>
#endif
#endif
#endif
],[
/* ioctlsocket source code */
SOCKET sd;
unsigned long flags = 0;
sd = socket(0, 0, 0);
ioctlsocket(sd, FIONBIO, &flags);
],[
dnl ioctlsocket test was good
nonblock="ioctlsocket"
AC_DEFINE(HAVE_IOCTLSOCKET, 1, [use ioctlsocket() for non-blocking sockets])
],[
dnl ioctlsocket didnt compile!, go to test 4
AC_TRY_LINK([
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
/* headers for IoctlSocket test (Amiga?) */
#include <sys/ioctl.h>
],[
]], [[
/* IoctlSocket source code */
int socket;
int flags = IoctlSocket(socket, FIONBIO, (long)1);
],[
]])],[
dnl ioctlsocket test was good
nonblock="IoctlSocket"
AC_DEFINE(HAVE_IOCTLSOCKET_CASE, 1, [use Ioctlsocket() for non-blocking sockets])
],[
dnl Ioctlsocket didnt compile, do test 5!
AC_TRY_COMPILE([
dnl Ioctlsocket did not compile, do test 4!
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
/* headers for SO_NONBLOCK test (BeOS) */
#include <socket.h>
],[
]], [[
/* SO_NONBLOCK source code */
long b = 1;
int socket;
int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b));
],[
]])],[
dnl the SO_NONBLOCK test was good
nonblock="SO_NONBLOCK"
AC_DEFINE(HAVE_SO_NONBLOCK, 1, [use SO_NONBLOCK for non-blocking sockets])
],[
dnl test 5 didnt compile!
dnl test 4 did not compile!
nonblock="nada"
AC_DEFINE(HAVE_DISABLED_NONBLOCKING, 1, [disabled non-blocking sockets])
])
dnl end of fifth test
])
dnl end of forth test
@@ -419,15 +777,21 @@ m4_case([$1],
LIBSSH2_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include <openssl/ssl.h>], [
AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use $1])
LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto"
# Not all OpenSSL have AES-CTR functions.
libssh2_save_LIBS="$LIBS"
LIBS="$LIBS $LIBSSL"
AC_CHECK_FUNCS(EVP_aes_128_ctr)
LIBS="$libssh2_save_LIBS"
found_crypto="$1"
found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})"
found_crypto_str="OpenSSL"
])
],
[wolfssl], [
if test "${with_libwolfssl_prefix+set}" = set; then
CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libwolfssl_prefix}/include/wolfssl"
else
AC_MSG_ERROR([When using wolfSSL, must specify prefix with --with-libwolfssl-prefix in order to find OpenSSL compatibility headers.])
fi
LIBSSH2_LIB_HAVE_LINKFLAGS([wolfssl], [], [#include <wolfssl/options.h>], [
AC_DEFINE(LIBSSH2_WOLFSSL, 1, [Use $1])
LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libwolfssl"
found_crypto="$1"
])
],
@@ -443,20 +807,15 @@ m4_case([$1],
AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use $1])
LIBS="$LIBS -lmbedcrypto"
found_crypto="$1"
support_clear_memory=yes
])
],
[wincng], [
# Look for Windows Cryptography API: Next Generation
AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [#include <windows.h>])
AC_CHECK_DECLS([SecureZeroMemory], [], [], [#include <windows.h>])
LIBS="$LIBS -lcrypt32"
LIBSSH2_LIB_HAVE_LINKFLAGS([crypt32], [], [
#include <windows.h>
#include <wincrypt.h>
])
# Check necessary for old-MinGW
LIBSSH2_LIB_HAVE_LINKFLAGS([bcrypt], [], [
#include <windows.h>
#include <bcrypt.h>
@@ -464,7 +823,6 @@ m4_case([$1],
AC_DEFINE(LIBSSH2_WINCNG, 1, [Use $1])
found_crypto="$1"
found_crypto_str="Windows Cryptography API: Next Generation"
support_clear_memory="$ac_cv_have_decl_SecureZeroMemory"
])
],
)
@@ -486,8 +844,8 @@ AC_DEFUN([LIBSSH2_CHECK_OPTION_WERROR], [
AC_MSG_CHECKING([whether to enable compiler warnings as errors])
OPT_COMPILER_WERROR="default"
AC_ARG_ENABLE(werror,
AC_HELP_STRING([--enable-werror],[Enable compiler warnings as errors])
AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]),
AS_HELP_STRING([--enable-werror],[Enable compiler warnings as errors])
AS_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]),
OPT_COMPILER_WERROR=$enableval)
case "$OPT_COMPILER_WERROR" in
no)
@@ -509,4 +867,3 @@ AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]),
CFLAGS="$CFLAGS -Werror"
fi
])

10
libssh2/aclocal.m4 vendored
View File

@@ -1,4 +1,4 @@
# generated automatically by aclocal 1.16.4 -*- Autoconf -*-
# generated automatically by aclocal 1.16.5 -*- Autoconf -*-
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
@@ -35,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.16'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.16.4], [],
m4_if([$1], [1.16.5], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@@ -51,7 +51,7 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.16.4])dnl
[AM_AUTOMAKE_VERSION([1.16.5])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
@@ -428,6 +428,10 @@ m4_defn([AC_PROG_CC])
# release and drop the old call support.
AC_DEFUN([AM_INIT_AUTOMAKE],
[AC_PREREQ([2.65])dnl
m4_ifdef([_$0_ALREADY_INIT],
[m4_fatal([$0 expanded multiple times
]m4_defn([_$0_ALREADY_INIT]))],
[m4_define([_$0_ALREADY_INIT], m4_expansion_stack)])dnl
dnl Autoconf wants to disallow AM_ names. We explicitly allow
dnl the ones we care about.
m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl

8
libssh2/buildconf Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
echo "***" >&2
echo "*** Do not use buildconf. Instead, use: autoreconf -fi" >&2
echo "*** Doing it for you now, but buildconf may disappear in the future." >&2
echo "***" >&2
exec ${AUTORECONF:-autoreconf} -fi "${@}"

52
libssh2/cmake/CheckNonblockingSocketSupport.cmake
View File

@@ -11,10 +11,8 @@ include(CheckCSourceCompiles)
# method (if any):
# HAVE_O_NONBLOCK
# HAVE_FIONBIO
# HAVE_IOCTLSOCKET
# HAVE_IOCTLSOCKET_CASE
# HAVE_SO_NONBLOCK
# HAVE_DISABLED_NONBLOCKING
#
# The following variables may be set before calling this macro to
# modify the way the check is run:
@@ -47,10 +45,10 @@ macro(check_nonblocking_socket_support)
#error \"O_NONBLOCK does not work on this platform\"
#endif
int main()
int main(void)
{
int socket;
int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK);
int socket = 0;
(void)fcntl(socket, F_SETFL, O_NONBLOCK);
}"
HAVE_O_NONBLOCK)
@@ -59,40 +57,22 @@ int main()
#include <unistd.h>
#include <stropts.h>
int main()
int main(void)
{
int socket;
int flags = ioctl(socket, FIONBIO, &flags);
int socket = 0;
int flags = 0;
(void)ioctl(socket, FIONBIO, &flags);
}"
HAVE_FIONBIO)
if(NOT HAVE_FIONBIO)
check_c_source_compiles("/* ioctlsocket test (Windows) */
#undef inline
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <windows.h>
#include <winsock2.h>
int main()
{
SOCKET sd;
unsigned long flags = 0;
sd = socket(0, 0, 0);
ioctlsocket(sd, FIONBIO, &flags);
}"
HAVE_IOCTLSOCKET)
if(NOT HAVE_IOCTLSOCKET)
check_c_source_compiles("/* IoctlSocket test (Amiga?) */
#include <sys/ioctl.h>
int main()
int main(void)
{
int socket;
int flags = IoctlSocket(socket, FIONBIO, (long)1);
int socket = 0;
(void)IoctlSocket(socket, FIONBIO, (long)1);
}"
HAVE_IOCTLSOCKET_CASE)
@@ -100,19 +80,13 @@ int main()
check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */
#include <socket.h>
int main()
int main(void)
{
long b = 1;
int socket;
int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b));
int socket = 0;
(void)setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b));
}"
HAVE_SO_NONBLOCK)
if(NOT HAVE_SO_NONBLOCK)
# No non-blocking socket method found
set(HAVE_DISABLED_NONBLOCKING 1)
endif()
endif()
endif()
endif()
endif()

72
libssh2/cmake/FindmbedTLS.cmake
View File

@@ -10,51 +10,49 @@
# MBEDX509_LIBRARY - path to mbedTLS X.509 library
# MBEDCRYPTO_LIBRARY - path to mbedTLS Crypto library
FIND_PATH(MBEDTLS_INCLUDE_DIR mbedtls/version.h)
find_path(MBEDTLS_INCLUDE_DIR mbedtls/version.h)
IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES)
if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES)
# Already in cache, be silent
SET(MBEDTLS_FIND_QUIETLY TRUE)
ENDIF()
set(MBEDTLS_FIND_QUIETLY TRUE)
endif()
FIND_LIBRARY(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509)
FIND_LIBRARY(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509)
FIND_LIBRARY(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto)
find_library(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509)
find_library(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509)
find_library(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto)
IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY)
SET(MBEDTLS_FOUND TRUE)
ENDIF()
if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY)
set(MBEDTLS_FOUND TRUE)
endif()
IF(MBEDTLS_FOUND)
if(MBEDTLS_FOUND)
# split mbedTLS into -L and -l linker options, so we can set them for pkg-config
GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH)
GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE)
GET_FILENAME_COMPONENT(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE)
GET_FILENAME_COMPONENT(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE)
STRING(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE})
STRING(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE})
STRING(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE})
SET(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}")
get_filename_component(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH)
get_filename_component(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE)
get_filename_component(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE)
get_filename_component(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE)
string(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE})
string(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE})
string(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE})
set(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}")
IF(NOT MBEDTLS_FIND_QUIETLY)
MESSAGE(STATUS "Found mbedTLS:")
FILE(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT)
STRING(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT})
IF (MBEDTLSMATCH)
STRING(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH})
MESSAGE(STATUS " version ${MBEDTLS_VERSION}")
ENDIF(MBEDTLSMATCH)
MESSAGE(STATUS " TLS: ${MBEDTLS_LIBRARY}")
MESSAGE(STATUS " X509: ${MBEDX509_LIBRARY}")
MESSAGE(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}")
ENDIF(NOT MBEDTLS_FIND_QUIETLY)
ELSE(MBEDTLS_FOUND)
IF(MBEDTLS_FIND_REQUIRED)
MESSAGE(FATAL_ERROR "Could not find mbedTLS")
ENDIF(MBEDTLS_FIND_REQUIRED)
ENDIF(MBEDTLS_FOUND)
if(NOT MBEDTLS_FIND_QUIETLY)
message(STATUS "Found mbedTLS:")
file(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT)
string(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT})
if(MBEDTLSMATCH)
string(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH})
message(STATUS " version ${MBEDTLS_VERSION}")
endif()
message(STATUS " TLS: ${MBEDTLS_LIBRARY}")
message(STATUS " X509: ${MBEDX509_LIBRARY}")
message(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}")
endif()
elseif(MBEDTLS_FIND_REQUIRED)
message(FATAL_ERROR "Could not find mbedTLS")
endif()
MARK_AS_ADVANCED(
mark_as_advanced(
MBEDTLS_INCLUDE_DIR
MBEDTLS_LIBRARY_DIR
MBEDTLS_LIBRARIES

41
libssh2/cmake/Findwolfssl.cmake Normal file
View File

@@ -0,0 +1,41 @@
# - Try to find wolfssl
# Once done this will define
# WOLFSSL_FOUND - System has wolfssl
# WOLFSSL_INCLUDE_DIR - The wolfssl include directories
# WOLFSSL_LIBRARIES - The libraries needed to use wolfssl
find_package(PkgConfig QUIET)
pkg_check_modules(PC_WOLFSSL QUIET wolfssl)
find_path(WOLFSSL_INCLUDE_DIR
NAMES wolfssl/ssl.h
HINTS ${PC_WOLFSSL_INCLUDE_DIRS}
)
find_library(WOLFSSL_LIBRARY
NAMES wolfssl
HINTS ${PC_WOLFSSL_LIBRARY_DIRS}
)
if(WOLFSSL_INCLUDE_DIR)
set(_version_regex "^#define[ \t]+LIBWOLFSSL_VERSION_STRING[ \t]+\"([^\"]+)\".*")
file(STRINGS "${WOLFSSL_INCLUDE_DIR}/wolfssl/version.h"
WOLFSSL_VERSION REGEX "${_version_regex}")
string(REGEX REPLACE "${_version_regex}" "\\1"
WOLFSSL_VERSION "${WOLFSSL_VERSION}")
unset(_version_regex)
endif()
include(FindPackageHandleStandardArgs)
# handle the QUIETLY and REQUIRED arguments and set WOLFSSL_FOUND
# to TRUE if all listed variables are TRUE and the requested version
# matches.
find_package_handle_standard_args(wolfssl REQUIRED_VARS
WOLFSSL_LIBRARY WOLFSSL_INCLUDE_DIR
VERSION_VAR WOLFSSL_VERSION)
if(WOLFSSL_FOUND)
set(WOLFSSL_LIBRARIES ${WOLFSSL_LIBRARY})
set(WOLFSSL_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR})
endif()
mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY)

204
libssh2/cmake/max_warnings.cmake
View File

@@ -1,23 +1,211 @@
# Copyright (c) 2023 Viktor Szakats
include(CheckCCompilerFlag)
option(ENABLE_WERROR "Turn compiler warnings into errors" OFF)
option(PICKY_COMPILER "Enable picky compiler options" ON)
if(ENABLE_WERROR)
if(MSVC)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /WX")
else() # llvm/clang and gcc style options
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror")
endif()
endif()
if(MSVC)
# Use the highest warning level for visual studio.
if(CMAKE_CXX_FLAGS MATCHES "/W[0-4]")
string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
# Use the highest warning level for Visual Studio.
if(PICKY_COMPILER)
if(CMAKE_CXX_FLAGS MATCHES "[/-]W[0-4]")
string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
else()
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4")
endif()
if(CMAKE_C_FLAGS MATCHES "/W[0-4]")
string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}")
if(CMAKE_C_FLAGS MATCHES "[/-]W[0-4]")
string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}")
else()
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4")
endif()
endif()
elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX OR CMAKE_C_COMPILER_ID MATCHES "Clang")
# https://clang.llvm.org/docs/DiagnosticsReference.html
# https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
# Disable broken warnings
add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE)
elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX)
if(NOT CMAKE_CXX_FLAGS MATCHES "-Wall")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall")
endif()
if(NOT CMAKE_C_FLAGS MATCHES "-Wall")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall")
endif()
if(PICKY_COMPILER)
# WPICKY_ENABLE = Options we want to enable as-is.
# WPICKY_DETECT = Options we want to test first and enable if available.
# Prefer the -Wextra alias with clang.
if(CMAKE_C_COMPILER_ID MATCHES "Clang")
set(WPICKY_ENABLE "-Wextra")
else()
set(WPICKY_ENABLE "-W")
endif()
list(APPEND WPICKY_ENABLE
-pedantic
)
# ----------------------------------
# Add new options here, if in doubt:
# ----------------------------------
set(WPICKY_DETECT
)
# Assume these options always exist with both clang and gcc.
# Require clang 3.0 / gcc 2.95 or later.
list(APPEND WPICKY_ENABLE
-Wbad-function-cast # clang 3.0 gcc 2.95
-Wconversion # clang 3.0 gcc 2.95
-Winline # clang 1.0 gcc 1.0
-Wmissing-declarations # clang 1.0 gcc 2.7
-Wmissing-prototypes # clang 1.0 gcc 1.0
-Wnested-externs # clang 1.0 gcc 2.7
-Wno-long-long # clang 1.0 gcc 2.95
-Wno-multichar # clang 1.0 gcc 2.95
-Wpointer-arith # clang 1.0 gcc 1.4
-Wshadow # clang 1.0 gcc 2.95
-Wsign-compare # clang 1.0 gcc 2.95
-Wundef # clang 1.0 gcc 2.95
-Wunused # clang 1.1 gcc 2.95
-Wwrite-strings # clang 1.0 gcc 1.4
)
# Always enable with clang, version dependent with gcc
set(WPICKY_COMMON_OLD
-Wcast-align # clang 1.0 gcc 4.2
-Wdeclaration-after-statement # clang 1.0 gcc 3.4
-Wempty-body # clang 3.0 gcc 4.3
-Wendif-labels # clang 1.0 gcc 3.3
-Wfloat-equal # clang 1.0 gcc 2.96 (3.0)
-Wignored-qualifiers # clang 3.0 gcc 4.3
-Wno-format-nonliteral # clang 1.0 gcc 2.96 (3.0)
-Wno-sign-conversion # clang 3.0 gcc 4.3
-Wno-system-headers # clang 1.0 gcc 3.0
-Wstrict-prototypes # clang 1.0 gcc 3.3
-Wtype-limits # clang 3.0 gcc 4.3
-Wvla # clang 2.8 gcc 4.3
)
set(WPICKY_COMMON
-Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.3
-Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.6 g++ 11.0
-Wunused-const-variable # clang 3.4 gcc 6.0 appleclang 5.1
)
if(CMAKE_C_COMPILER_ID MATCHES "Clang")
list(APPEND WPICKY_ENABLE
${WPICKY_COMMON_OLD}
-Wshift-sign-overflow # clang 2.9
-Wshorten-64-to-32 # clang 1.0
)
# Enable based on compiler version
if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.6) OR
(CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.3))
list(APPEND WPICKY_ENABLE
${WPICKY_COMMON}
)
endif()
if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.9) OR
(CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.3))
list(APPEND WPICKY_ENABLE
-Wcomma # clang 3.9 appleclang 8.3
-Wmissing-variable-declarations # clang 3.2 appleclang 4.6
)
endif()
if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0) OR
(CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.3))
list(APPEND WPICKY_ENABLE
-Wassign-enum # clang 7.0 appleclang 10.3
-Wextra-semi-stmt # clang 7.0 appleclang 10.3
)
endif()
else() # gcc
list(APPEND WPICKY_DETECT
${WPICKY_COMMON}
)
# Enable based on compiler version
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.3)
list(APPEND WPICKY_ENABLE
${WPICKY_COMMON_OLD}
-Wmissing-parameter-type # gcc 4.3
-Wold-style-declaration # gcc 4.3
-Wstrict-aliasing=3 # gcc 4.0
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.5 AND MINGW)
list(APPEND WPICKY_ENABLE
-Wno-pedantic-ms-format # gcc 4.5 (mingw-only)
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.8)
list(APPEND WPICKY_ENABLE
-Wformat=2 # clang 3.0 gcc 4.8 (clang part-default, enabling it fully causes -Wformat-nonliteral warnings)
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 5.0)
list(APPEND WPICKY_ENABLE
-Warray-bounds=2 -ftree-vrp # clang 3.0 gcc 5.0 (clang default: -Warray-bounds)
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.0)
list(APPEND WPICKY_ENABLE
-Wduplicated-cond # gcc 6.0
-Wnull-dereference # clang 3.0 gcc 6.0 (clang default)
-fdelete-null-pointer-checks
-Wshift-negative-value # clang 3.7 gcc 6.0 (clang default)
-Wshift-overflow=2 # clang 3.0 gcc 6.0 (clang default: -Wshift-overflow)
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0)
list(APPEND WPICKY_ENABLE
-Walloc-zero # gcc 7.0
-Wduplicated-branches # gcc 7.0
-Wformat-overflow=2 # gcc 7.0
-Wformat-truncation=1 # gcc 7.0
-Wrestrict # gcc 7.0
)
endif()
if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.0)
list(APPEND WPICKY_ENABLE
-Warith-conversion # gcc 10.0
)
endif()
endif()
#
unset(WPICKY)
foreach(_CCOPT ${WPICKY_ENABLE})
set(WPICKY "${WPICKY} ${_CCOPT}")
endforeach()
foreach(_CCOPT ${WPICKY_DETECT})
# surprisingly, CHECK_C_COMPILER_FLAG needs a new variable to store each new
# test result in.
string(MAKE_C_IDENTIFIER "OPT${_CCOPT}" _optvarname)
# GCC only warns about unknown -Wno- options if there are also other diagnostic messages,
# so test for the positive form instead
string(REPLACE "-Wno-" "-W" _CCOPT_ON "${_CCOPT}")
check_c_compiler_flag(${_CCOPT_ON} ${_optvarname})
if(${_optvarname})
set(WPICKY "${WPICKY} ${_CCOPT}")
endif()
endforeach()
message(STATUS "Picky compiler options:${WPICKY}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${WPICKY}")
endif()
endif()

2
libssh2/compile
View File

@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify

1454
libssh2/config.guess vendored
View File

File diff suppressed because it is too large Load Diff

2849
libssh2/config.sub vendored
View File

File diff suppressed because it is too large Load Diff

12145
libssh2/configure vendored
View File

File diff suppressed because it is too large Load Diff

153
libssh2/configure.ac
View File

@@ -1,8 +1,9 @@
# AC_PREREQ(2.57)
AC_INIT(libssh2, [-], libssh2-devel@cool.haxx.se)
# AC_PREREQ(2.59)
AC_INIT([libssh2],[-],[libssh2-devel@lists.haxx.se])
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_SRCDIR([src])
AC_CONFIG_HEADERS([src/libssh2_config.h])
AC_REQUIRE_AUX_FILE([tap-driver.sh])
AM_MAINTAINER_MODE
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
@@ -33,11 +34,9 @@ AB_INIT
AC_CANONICAL_HOST
case "$host" in
*-mingw*)
CFLAGS="$CFLAGS -DLIBSSH2_WIN32"
LIBS="$LIBS -lws2_32"
;;
*darwin*)
CFLAGS="$CFLAGS -DLIBSSH2_DARWIN"
;;
*hpux*)
;;
@@ -48,12 +47,6 @@ case "$host" in
;;
esac
AC_CHECK_TYPE(long long,
[AC_DEFINE(HAVE_LONGLONG, 1,
[Define to 1 if the compiler supports the 'long long' data type.])]
longlong="yes"
)
dnl Our configure and build reentrant settings
CURL_CONFIGURE_REENTRANT
@@ -70,10 +63,21 @@ AC_PROG_CXX
AC_PROG_INSTALL
AC_PROG_LN_S
AC_PROG_MAKE_SET
AC_PATH_PROGS(SSHD, [sshd], [],
[$PATH$PATH_SEPARATOR/usr/libexec$PATH_SEPARATOR]dnl
[/usr/sbin$PATH_SEPARATOR/usr/etc$PATH_SEPARATOR/etc])
AM_CONDITIONAL(SSHD, test -n "$SSHD")
m4_ifdef([LT_INIT],
[dnl
LT_INIT([win32-dll])
],[dnl
AC_LIBTOOL_WIN32_DLL
AC_PROG_LIBTOOL
])
AC_C_BIGENDIAN
LT_LANG([Windows Resource])
dnl check for how to do large files
AC_SYS_LARGEFILE
@@ -81,16 +85,16 @@ AC_SYS_LARGEFILE
found_crypto=none
found_crypto_str=""
support_clear_memory=no
crypto_errors=""
m4_set_add([crypto_backends], [openssl])
m4_set_add([crypto_backends], [libgcrypt])
m4_set_add([crypto_backends], [mbedtls])
m4_set_add([crypto_backends], [wincng])
m4_set_add([crypto_backends], [wolfssl])
AC_ARG_WITH([crypto],
AC_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]),
AS_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]),
[Select crypto backend (default: auto)]),
use_crypto=$withval,
use_crypto=auto
@@ -110,7 +114,7 @@ esac
if test "$found_crypto" = "none"; then
crypto_errors="${crypto_errors}
Specify --with-crypto=\$backend and/or the neccessary library search prefix.
Specify --with-crypto=\$backend and/or the necessary library search prefix.
Known crypto backends: auto, m4_set_contents([crypto_backends], [, ])"
AS_MESSAGE([ERROR: ${crypto_errors}])
@@ -118,14 +122,10 @@ else
test "$found_crypto_str" = "" && found_crypto_str="$found_crypto"
fi
m4_set_foreach([crypto_backends], [backend],
[AM_CONDITIONAL(m4_toupper(backend), test "$found_crypto" = "backend")]
)
# libz
AC_ARG_WITH([libz],
AC_HELP_STRING([--with-libz],[Use libz for compression]),
AS_HELP_STRING([--with-libz],[Use libz for compression]),
use_libz=$withval,
use_libz=auto)
@@ -155,43 +155,14 @@ AC_SUBST(LIBSREQUIRED)
#
# Optional Settings
#
AC_ARG_ENABLE(crypt-none,
AC_HELP_STRING([--enable-crypt-none],[Permit "none" cipher -- NOT RECOMMENDED]),
[AC_DEFINE(LIBSSH2_CRYPT_NONE, 1, [Enable "none" cipher -- NOT RECOMMENDED])])
AC_ARG_ENABLE(mac-none,
AC_HELP_STRING([--enable-mac-none],[Permit "none" MAC -- NOT RECOMMENDED]),
[AC_DEFINE(LIBSSH2_MAC_NONE, 1, [Enable "none" MAC -- NOT RECOMMENDED])])
AC_ARG_ENABLE(gex-new,
AC_HELP_STRING([--disable-gex-new],[Disable "new" diffie-hellman-group-exchange-sha1 method]),
[GEX_NEW=$enableval])
if test "$GEX_NEW" != "no"; then
AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax])
fi
AC_ARG_ENABLE(clear-memory,
AC_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]),
AS_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]),
[CLEAR_MEMORY=$enableval])
if test "$CLEAR_MEMORY" != "no"; then
if test "$support_clear_memory" = "yes"; then
AC_DEFINE(LIBSSH2_CLEAR_MEMORY, 1, [Enable clearing of memory before being freed])
enable_clear_memory=yes
else
if test "$CLEAR_MEMORY" = "yes"; then
AC_MSG_ERROR([secure clearing/zeroing of memory is not supported by the selected crypto backend])
else
AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend])
fi
enable_clear_memory=unsupported
fi
else
if test "$support_clear_memory" = "yes"; then
if test "$CLEAR_MEMORY" = "no"; then
AC_DEFINE(LIBSSH2_NO_CLEAR_MEMORY, 1, [Disable clearing of memory before being freed])
enable_clear_memory=no
else
AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend])
enable_clear_memory=unsupported
fi
else
enable_clear_memory=yes
fi
dnl ************************************************************
@@ -199,8 +170,8 @@ dnl option to switch on compiler debug options
dnl
AC_MSG_CHECKING([whether to enable pedantic and debug compiler options])
AC_ARG_ENABLE(debug,
AC_HELP_STRING([--enable-debug],[Enable pedantic and debug options])
AC_HELP_STRING([--disable-debug],[Disable debug options]),
AS_HELP_STRING([--enable-debug],[Enable pedantic and debug options])
AS_HELP_STRING([--disable-debug],[Disable debug options]),
[ case "$enable_debug" in
no)
AC_MSG_RESULT(no)
@@ -228,8 +199,8 @@ dnl on gcc >= 4.0 and SunPro C.
dnl
AC_MSG_CHECKING([whether to enable hidden symbols in the library])
AC_ARG_ENABLE(hidden-symbols,
AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library])
AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]),
AS_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library])
AS_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]),
[ case "$enableval" in
no)
AC_MSG_RESULT(no)
@@ -260,11 +231,36 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi
AC_MSG_RESULT(no)
)
# Build tests?
AC_ARG_ENABLE([tests],
[AS_HELP_STRING([--disable-tests], [Disable tests @<:@default=enabled@:>@])],
[
if ! test "x${enable_tests}" = "xyes"; then
enable_tests="no"
fi
],
[enable_tests="yes"])
AM_CONDITIONAL([ENABLE_TESTS], [test "x$enable_tests" = xyes])
# Run Docker tests?
AC_ARG_ENABLE([docker-tests],
[AS_HELP_STRING([--disable-docker-tests],
[Do not run tests requiring Docker])],
[run_docker_tests=no], [run_docker_tests=yes])
AM_CONDITIONAL([RUN_DOCKER_TESTS], [test "x$run_docker_tests" != "xno"])
# Run sshd tests?
AC_ARG_ENABLE([sshd-tests],
[AS_HELP_STRING([--disable-sshd-tests],
[Do not run tests requiring sshd])],
[run_sshd_tests=no], [run_sshd_tests=yes])
AM_CONDITIONAL([RUN_SSHD_TESTS], [test "x$run_sshd_tests" != "xno"])
# Build example applications?
AC_MSG_CHECKING([whether to build example applications])
AC_ARG_ENABLE([examples-build],
AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)])
AC_HELP_STRING([--disable-examples-build], [Do not build example applications]),
AS_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)])
AS_HELP_STRING([--disable-examples-build], [Do not build example applications]),
[case "$enableval" in
no | false)
build_examples='no'
@@ -292,19 +288,17 @@ AM_CONDITIONAL([USE_OSSFUZZ_STATIC], [test -f "$LIB_FUZZING_ENGINE"])
# Checks for header files.
# AC_HEADER_STDC
AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h])
AC_CHECK_HEADERS([errno.h fcntl.h stdio.h unistd.h sys/param.h sys/uio.h])
AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h])
AC_CHECK_HEADERS([arpa/inet.h netinet/in.h])
AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no])
AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes)
AC_CHECK_HEADERS([sys/un.h])
case $host in
*-*-cygwin* | *-*-cegcc*)
# These are POSIX-like systems using BSD-like sockets API.
;;
*)
AC_CHECK_HEADERS([windows.h winsock2.h ws2tcpip.h])
AC_CHECK_HEADERS([windows.h], [have_windows_h=yes], [have_windows_h=no])
;;
esac
@@ -314,7 +308,7 @@ case $host in
dnl Interix: "does provide poll(), but the implementing developer must
dnl have been in a bad mood, because poll() only works on the /proc
dnl filesystem here"
dnl Mac OS X's poll has funny behaviors, like:
dnl macOS poll() has funny behaviors, like:
dnl not being able to do poll on no fildescriptors (10.3?)
dnl not being able to poll on some files (like anything in /dev)
dnl not having reliable timeout support
@@ -326,21 +320,21 @@ case $host in
;;
esac
AC_CHECK_FUNCS(gettimeofday select strtoll memset_s)
AC_CHECK_FUNCS(gettimeofday select strtoll explicit_bzero explicit_memset memset_s snprintf)
dnl Check for select() into ws2_32 for Msys/Mingw
if test "$ac_cv_func_select" != "yes"; then
AC_MSG_CHECKING([for select in ws2_32])
AC_TRY_LINK([
#ifdef HAVE_WINSOCK2_H
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#ifdef HAVE_WINDOWS_H
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <winsock2.h>
#endif
],[
]], [[
select(0,(fd_set *)NULL,(fd_set *)NULL,(fd_set *)NULL,(struct timeval *)NULL);
],[
]])],[
AC_MSG_RESULT([yes])
HAVE_SELECT="1"
AC_DEFINE_UNQUOTED(HAVE_SELECT, 1,
@@ -374,9 +368,25 @@ if test $missing_required_deps = 1; then
AC_MSG_ERROR([Required dependencies are missing!])
fi
AM_CONDITIONAL([HAVE_WINDRES],
[test "x$have_windows_h" = "xyes" && test "x${enable_shared}" = "xyes" && test -n "${RC}"])
# Configure parameters
LIBSSH2_CHECK_OPTION_WERROR
# Append crypto lib
if test "$found_crypto" = "openssl"; then
LIBS="${LIBS} ${LTLIBSSL}"
elif test "$found_crypto" = "wolfssl"; then
LIBS="${LIBS} ${LTLIBWOLFSSL}"
elif test "$found_crypto" = "libgcrypt"; then
LIBS="${LIBS} ${LTLIBGCRYPT}"
elif test "$found_crypto" = "wincng"; then
LIBS="${LIBS} ${LTLIBBCRYPT}"
elif test "$found_crypto" = "mbedtls"; then
LIBS="${LIBS} ${LTLIBMBEDCRYPTO}"
fi
AC_CONFIG_FILES([Makefile
src/Makefile
libssh2.pc])
@@ -391,8 +401,11 @@ AC_MSG_NOTICE([summary of build options:
Compiler flags: ${CFLAGS}
Library types: Shared=${enable_shared}, Static=${enable_static}
Crypto library: ${found_crypto_str}
zlib compression: ${found_libz}
Clear memory: $enable_clear_memory
Debug build: $enable_debug
Build examples: $build_examples
zlib compression: ${found_libz}
Run Docker tests: $run_docker_tests
Run sshd tests: $run_sshd_tests
Path to sshd: $ac_cv_path_SSHD (only for self-tests)
])

2
libssh2/depcomp
View File

@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

76
libssh2/git2news.pl Executable file
View File

@@ -0,0 +1,76 @@
#!/usr/bin/env perl
# git log --pretty=fuller --no-color --date=short --decorate=full
my @mname = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec' );
sub nicedate {
my ($date)=$_;
if($date =~ /(\d\d\d\d)-(\d\d)-(\d\d)/) {
return sprintf("%d %s %4d", $3, $mname[$2-1], $1);
}
return $date;
}
print
' Changelog for the libssh2 project. Generated with git2news.pl
';
my $line;
my $tag;
while(<STDIN>) {
my $l = $_;
if($l =~/^commit ([[:xdigit:]]*) ?(.*)/) {
$co = $1;
my $ref = $2;
if ($ref =~ /refs\/tags\/(libssh2-|VERSION\.)([0-9._]*)/) {
$tag = $2;
} else {
$tag = '';
}
}
elsif($l =~ /^Author: *(.*) +</) {
$a = $1;
}
elsif($l =~ /^Commit: *(.*) +</) {
$c = $1;
}
elsif($l =~ /^CommitDate: (.*)/) {
$date = nicedate($1);
}
elsif($l =~ /^( )(.*)/) {
my $extra;
if ($tag) {
# Version entries have a special format
print "\nVersion " . $tag." ($date)\n";
$oldc = "";
$tag = "";
}
if($a ne $c) {
$extra=sprintf("\n- [%s brought this change]\n\n ", $a);
}
else {
$extra="\n- ";
}
if($co ne $oldco) {
if($c ne $oldc) {
print "\n$c ($date)$extra";
}
else {
print "$extra";
}
$line =0;
}
$oldco = $co;
$oldc = $c;
$olddate = $date;
if($line++) {
print " ";
}
print $2."\n";
}
}

240
libssh2/include/libssh2.h
View File

@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2009, Sara Golemon <sarag@libssh2.org>
* Copyright (c) 2009-2015 Daniel Stenberg
* Copyright (c) 2009-2021 Daniel Stenberg
* Copyright (c) 2010 Simon Josefsson <simon@josefsson.org>
* All rights reserved.
*
@@ -40,22 +40,22 @@
#ifndef LIBSSH2_H
#define LIBSSH2_H 1
#define LIBSSH2_COPYRIGHT "2004-2019 The libssh2 project and its contributors."
#define LIBSSH2_COPYRIGHT "2004-2023 The libssh2 project and its contributors."
/* We use underscore instead of dash when appending DEV in dev versions just
to make the BANNER define (used by src/session.c) be a valid SSH
banner. Release versions have no appended strings and may of course not
have dashes either. */
#define LIBSSH2_VERSION "1.10.0"
#define LIBSSH2_VERSION "1.11.0"
/* The numeric version number is also available "in parts" by using these
defines: */
#define LIBSSH2_VERSION_MAJOR 1
#define LIBSSH2_VERSION_MINOR 10
#define LIBSSH2_VERSION_MINOR 11
#define LIBSSH2_VERSION_PATCH 0
/* This is the numeric version of the libssh2 version number, meant for easier
parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
parsing and comparisons by programs. The LIBSSH2_VERSION_NUM define will
always follow this syntax:
0xXXYYZZ
@@ -69,7 +69,7 @@
and it is always a greater number in a more recent release. It makes
comparisons with greater than and less than work.
*/
#define LIBSSH2_VERSION_NUM 0x010a00
#define LIBSSH2_VERSION_NUM 0x010b00
/*
* This is the date and time when the full source package was created. The
@@ -80,14 +80,19 @@
*
* "Mon Feb 12 11:35:33 UTC 2007"
*/
#define LIBSSH2_TIMESTAMP "Sun 29 Aug 2021 08:37:50 PM UTC"
#define LIBSSH2_TIMESTAMP "Tue May 30 03:58:58 PM UTC 2023"
#ifndef RC_INVOKED
#ifdef __cplusplus
extern "C" {
#endif
#ifdef _WIN32
#if defined(_WIN32) || defined(WIN32)
#define LIBSSH2_WIN32
#endif
#ifdef LIBSSH2_WIN32
# include <basetsd.h>
# include <winsock2.h>
#endif
@@ -100,7 +105,7 @@ extern "C" {
/* Allow alternate API prefix from CFLAGS or calling app */
#ifndef LIBSSH2_API
# ifdef LIBSSH2_WIN32
# ifdef _WINDLL
# if defined(LIBSSH2_EXPORTS) || defined(DLL_EXPORT) || defined(_WINDLL)
# ifdef LIBSSH2_LIBRARY
# define LIBSSH2_API __declspec(dllexport)
# else
@@ -118,16 +123,6 @@ extern "C" {
# include <sys/uio.h>
#endif
#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
# include <sys/bsdskt.h>
typedef unsigned char uint8_t;
typedef unsigned short int uint16_t;
typedef unsigned int uint32_t;
typedef int int32_t;
typedef unsigned long long uint64_t;
typedef long long int64_t;
#endif
#ifdef _MSC_VER
typedef unsigned char uint8_t;
typedef unsigned short int uint16_t;
@@ -147,13 +142,13 @@ typedef unsigned long long libssh2_uint64_t;
typedef long long libssh2_int64_t;
#endif
#ifdef WIN32
#ifdef LIBSSH2_WIN32
typedef SOCKET libssh2_socket_t;
#define LIBSSH2_INVALID_SOCKET INVALID_SOCKET
#else /* !WIN32 */
#else /* !LIBSSH2_WIN32 */
typedef int libssh2_socket_t;
#define LIBSSH2_INVALID_SOCKET -1
#endif /* WIN32 */
#endif /* LIBSSH2_WIN32 */
/*
* Determine whether there is small or large file support on windows.
@@ -179,7 +174,7 @@ typedef int libssh2_socket_t;
# undef LIBSSH2_USE_WIN32_LARGE_FILES
#endif
#if defined(_WIN32) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES) && \
#if defined(LIBSSH2_WIN32) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES) && \
!defined(LIBSSH2_USE_WIN32_SMALL_FILES)
# define LIBSSH2_USE_WIN32_SMALL_FILES
#endif
@@ -190,8 +185,6 @@ typedef int libssh2_socket_t;
#ifdef LIBSSH2_USE_WIN32_LARGE_FILES
# include <io.h>
# include <sys/types.h>
# include <sys/stat.h>
# define LIBSSH2_STRUCT_STAT_SIZE_FORMAT "%I64d"
typedef struct _stati64 libssh2_struct_stat;
typedef __int64 libssh2_struct_stat_size;
@@ -202,8 +195,6 @@ typedef __int64 libssh2_struct_stat_size;
*/
#ifdef LIBSSH2_USE_WIN32_SMALL_FILES
# include <sys/types.h>
# include <sys/stat.h>
# ifndef _WIN32_WCE
# define LIBSSH2_STRUCT_STAT_SIZE_FORMAT "%d"
typedef struct _stat libssh2_struct_stat;
@@ -233,14 +224,6 @@ typedef off_t libssh2_struct_stat_size;
#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER
#define LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF LIBSSH2_SSH_DEFAULT_BANNER "\r\n"
/* Default generate and safe prime sizes for
diffie-hellman-group-exchange-sha1 */
#define LIBSSH2_DH_GEX_MINGROUP 2048
#define LIBSSH2_DH_GEX_OPTGROUP 4096
#define LIBSSH2_DH_GEX_MAXGROUP 8192
#define LIBSSH2_DH_MAX_MODULUS_BITS 16384
/* Defaults for pty requests */
#define LIBSSH2_TERM_WIDTH 80
#define LIBSSH2_TERM_HEIGHT 24
@@ -272,8 +255,8 @@ typedef off_t libssh2_struct_stat_size;
typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT
{
char *text;
unsigned int length;
unsigned char *text;
size_t length;
unsigned char echo;
} LIBSSH2_USERAUTH_KBDINT_PROMPT;
@@ -283,6 +266,15 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
unsigned int length;
} LIBSSH2_USERAUTH_KBDINT_RESPONSE;
typedef struct _LIBSSH2_SK_SIG_INFO {
uint8_t flags;
uint32_t counter;
unsigned char *sig_r;
size_t sig_r_len;
unsigned char *sig_s;
size_t sig_s_len;
} LIBSSH2_SK_SIG_INFO;
/* 'publickey' authentication callback */
#define LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC(name) \
int name(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, \
@@ -295,19 +287,34 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts, \
LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses, void **abstract)
/* SK authentication callback */
#define LIBSSH2_USERAUTH_SK_SIGN_FUNC(name) \
int name(LIBSSH2_SESSION *session, LIBSSH2_SK_SIG_INFO *sig_info, \
const unsigned char *data, size_t data_len, \
int algorithm, uint8_t flags, \
const char *application, const unsigned char *key_handle, \
size_t handle_len, \
void **abstract)
/* Flags for SK authentication */
#define LIBSSH2_SK_PRESENCE_REQUIRED 0x01
#define LIBSSH2_SK_VERIFICATION_REQUIRED 0x04
/* Callbacks for special SSH packets */
#define LIBSSH2_IGNORE_FUNC(name) \
void name(LIBSSH2_SESSION *session, const char *message, int message_len, \
void **abstract)
#define LIBSSH2_DEBUG_FUNC(name) \
void name(LIBSSH2_SESSION *session, int always_display, const char *message, \
int message_len, const char *language, int language_len, \
void name(LIBSSH2_SESSION *session, int always_display, \
const char *message, int message_len, \
const char *language, int language_len, \
void **abstract)
#define LIBSSH2_DISCONNECT_FUNC(name) \
void name(LIBSSH2_SESSION *session, int reason, const char *message, \
int message_len, const char *language, int language_len, \
void name(LIBSSH2_SESSION *session, int reason, \
const char *message, int message_len, \
const char *language, int language_len, \
void **abstract)
#define LIBSSH2_PASSWD_CHANGEREQ_FUNC(name) \
@@ -322,6 +329,22 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
void name(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel, \
const char *shost, int sport, void **abstract)
#define LIBSSH2_AUTHAGENT_FUNC(name) \
void name(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel, \
void **abstract)
#define LIBSSH2_ADD_IDENTITIES_FUNC(name) \
void name(LIBSSH2_SESSION *session, void *buffer, \
const char *agent_path, void **abstract)
#define LIBSSH2_AUTHAGENT_SIGN_FUNC(name) \
int name(LIBSSH2_SESSION* session, \
unsigned char *blob, unsigned int blen, \
const unsigned char *data, unsigned int dlen, \
unsigned char **signature, unsigned int *sigLen, \
const char *agentPath, \
void **abstract)
#define LIBSSH2_CHANNEL_CLOSE_FUNC(name) \
void name(LIBSSH2_SESSION *session, void **session_abstract, \
LIBSSH2_CHANNEL *channel, void **channel_abstract)
@@ -344,6 +367,9 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
#define LIBSSH2_CALLBACK_X11 4
#define LIBSSH2_CALLBACK_SEND 5
#define LIBSSH2_CALLBACK_RECV 6
#define LIBSSH2_CALLBACK_AUTHAGENT 7
#define LIBSSH2_CALLBACK_AUTHAGENT_IDENTITIES 8
#define LIBSSH2_CALLBACK_AUTHAGENT_SIGN 9
/* libssh2_session_method_pref() constants */
#define LIBSSH2_METHOD_KEX 0
@@ -356,10 +382,12 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
#define LIBSSH2_METHOD_COMP_SC 7
#define LIBSSH2_METHOD_LANG_CS 8
#define LIBSSH2_METHOD_LANG_SC 9
#define LIBSSH2_METHOD_SIGN_ALGO 10
/* flags */
#define LIBSSH2_FLAG_SIGPIPE 1
#define LIBSSH2_FLAG_COMPRESS 2
#define LIBSSH2_FLAG_QUOTE_PATHS 3
typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION;
typedef struct _LIBSSH2_CHANNEL LIBSSH2_CHANNEL;
@@ -367,6 +395,25 @@ typedef struct _LIBSSH2_LISTENER LIBSSH2_LISTENER;
typedef struct _LIBSSH2_KNOWNHOSTS LIBSSH2_KNOWNHOSTS;
typedef struct _LIBSSH2_AGENT LIBSSH2_AGENT;
/* SK signature callback */
typedef struct _LIBSSH2_PRIVKEY_SK {
int algorithm;
uint8_t flags;
const char *application;
const unsigned char *key_handle;
size_t handle_len;
LIBSSH2_USERAUTH_SK_SIGN_FUNC((*sign_callback));
void **orig_abstract;
} LIBSSH2_PRIVKEY_SK;
int
libssh2_sign_sk(LIBSSH2_SESSION *session,
unsigned char **sig,
size_t *sig_len,
const unsigned char *data,
size_t data_len,
void **abstract);
typedef struct _LIBSSH2_POLLFD {
unsigned char type; /* LIBSSH2_POLLFD_* below */
@@ -506,6 +553,8 @@ typedef struct _LIBSSH2_POLLFD {
#define LIBSSH2_ERROR_CHANNEL_WINDOW_FULL -47
#define LIBSSH2_ERROR_KEYFILE_AUTH_FAILED -48
#define LIBSSH2_ERROR_RANDGEN -49
#define LIBSSH2_ERROR_MISSING_USERAUTH_BANNER -50
#define LIBSSH2_ERROR_ALGO_UNSUPPORTED -51
/* this is a define to provide the old (<= 1.2.7) name */
#define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV
@@ -614,6 +663,8 @@ LIBSSH2_API const char *libssh2_session_banner_get(LIBSSH2_SESSION *session);
LIBSSH2_API char *libssh2_userauth_list(LIBSSH2_SESSION *session,
const char *username,
unsigned int username_len);
LIBSSH2_API int libssh2_userauth_banner(LIBSSH2_SESSION *session,
char **banner);
LIBSSH2_API int libssh2_userauth_authenticated(LIBSSH2_SESSION *session);
LIBSSH2_API int
@@ -628,7 +679,8 @@ libssh2_userauth_password_ex(LIBSSH2_SESSION *session,
#define libssh2_userauth_password(session, username, password) \
libssh2_userauth_password_ex((session), (username), \
(unsigned int)strlen(username), \
(password), (unsigned int)strlen(password), NULL)
(password), (unsigned int)strlen(password), \
NULL)
LIBSSH2_API int
libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session,
@@ -697,8 +749,8 @@ LIBSSH2_API int
libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION* session,
const char *username,
unsigned int username_len,
LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(
(*response_callback)));
LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC
((*response_callback)));
#define libssh2_userauth_keyboard_interactive(session, username, \
response_callback) \
@@ -706,6 +758,19 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION* session,
(unsigned int)strlen(username), \
(response_callback))
LIBSSH2_API int
libssh2_userauth_publickey_sk(LIBSSH2_SESSION *session,
const char *username,
size_t username_len,
const unsigned char *pubkeydata,
size_t pubkeydata_len,
const char *privatekeydata,
size_t privatekeydata_len,
const char *passphrase,
LIBSSH2_USERAUTH_SK_SIGN_FUNC
((*sign_callback)),
void **abstract);
LIBSSH2_API int libssh2_poll(LIBSSH2_POLLFD *fds, unsigned int nfds,
long timeout);
@@ -741,6 +806,11 @@ libssh2_channel_direct_tcpip_ex(LIBSSH2_SESSION *session, const char *host,
#define libssh2_channel_direct_tcpip(session, host, port) \
libssh2_channel_direct_tcpip_ex((session), (host), (port), "127.0.0.1", 22)
LIBSSH2_API LIBSSH2_CHANNEL *
libssh2_channel_direct_streamlocal_ex(LIBSSH2_SESSION * session,
const char *socket_path,
const char *shost, int sport);
LIBSSH2_API LIBSSH2_LISTENER *
libssh2_channel_forward_listen_ex(LIBSSH2_SESSION *session, const char *host,
int port, int *bound_port,
@@ -797,6 +867,12 @@ LIBSSH2_API int libssh2_channel_x11_req_ex(LIBSSH2_CHANNEL *channel,
#define libssh2_channel_x11_req(channel, screen_number) \
libssh2_channel_x11_req_ex((channel), 0, NULL, NULL, (screen_number))
LIBSSH2_API int libssh2_channel_signal_ex(LIBSSH2_CHANNEL *channel,
const char *signame,
size_t signame_len);
#define libssh2_channel_signal(channel, signame) \
libssh2_channel_signal_ex((channel), signame, strlen(signame))
LIBSSH2_API int libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
const char *request,
unsigned int request_len,
@@ -817,9 +893,11 @@ LIBSSH2_API ssize_t libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel,
int stream_id, char *buf,
size_t buflen);
#define libssh2_channel_read(channel, buf, buflen) \
libssh2_channel_read_ex((channel), 0, (buf), (buflen))
libssh2_channel_read_ex((channel), 0, \
(buf), (buflen))
#define libssh2_channel_read_stderr(channel, buf, buflen) \
libssh2_channel_read_ex((channel), SSH_EXTENDED_DATA_STDERR, (buf), (buflen))
libssh2_channel_read_ex((channel), SSH_EXTENDED_DATA_STDERR, \
(buf), (buflen))
LIBSSH2_API int libssh2_poll_channel_read(LIBSSH2_CHANNEL *channel,
int extended);
@@ -831,7 +909,7 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel,
#define libssh2_channel_window_read(channel) \
libssh2_channel_window_read_ex((channel), NULL, NULL)
/* libssh2_channel_receive_window_adjust is DEPRECATED, do not use! */
/* libssh2_channel_receive_window_adjust() is DEPRECATED, do not use! */
LIBSSH2_API unsigned long
libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL *channel,
unsigned long adjustment,
@@ -848,7 +926,8 @@ LIBSSH2_API ssize_t libssh2_channel_write_ex(LIBSSH2_CHANNEL *channel,
size_t buflen);
#define libssh2_channel_write(channel, buf, buflen) \
libssh2_channel_write_ex((channel), 0, (buf), (buflen))
libssh2_channel_write_ex((channel), 0, \
(buf), (buflen))
#define libssh2_channel_write_stderr(channel, buf, buflen) \
libssh2_channel_write_ex((channel), SSH_EXTENDED_DATA_STDERR, \
(buf), (buflen))
@@ -870,7 +949,11 @@ LIBSSH2_API void libssh2_session_set_timeout(LIBSSH2_SESSION* session,
long timeout);
LIBSSH2_API long libssh2_session_get_timeout(LIBSSH2_SESSION* session);
/* libssh2_channel_handle_extended_data is DEPRECATED, do not use! */
LIBSSH2_API void libssh2_session_set_read_timeout(LIBSSH2_SESSION* session,
long timeout);
LIBSSH2_API long libssh2_session_get_read_timeout(LIBSSH2_SESSION* session);
/* libssh2_channel_handle_extended_data() is DEPRECATED, do not use! */
LIBSSH2_API void libssh2_channel_handle_extended_data(LIBSSH2_CHANNEL *channel,
int ignore_mode);
LIBSSH2_API int libssh2_channel_handle_extended_data2(LIBSSH2_CHANNEL *channel,
@@ -885,8 +968,7 @@ LIBSSH2_API int libssh2_channel_handle_extended_data2(LIBSSH2_CHANNEL *channel,
*/
/* DEPRECATED */
#define libssh2_channel_ignore_extended_data(channel, ignore) \
libssh2_channel_handle_extended_data((channel), \
(ignore) ? \
libssh2_channel_handle_extended_data((channel), (ignore) ? \
LIBSSH2_CHANNEL_EXTENDED_DATA_IGNORE : \
LIBSSH2_CHANNEL_EXTENDED_DATA_NORMAL)
@@ -917,7 +999,7 @@ LIBSSH2_API int libssh2_channel_free(LIBSSH2_CHANNEL *channel);
LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv(LIBSSH2_SESSION *session,
const char *path,
struct stat *sb);
/* Use libssh2_scp_recv2 for large (> 2GB) file support on windows */
/* Use libssh2_scp_recv2() for large (> 2GB) file support on windows */
LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv2(LIBSSH2_SESSION *session,
const char *path,
libssh2_struct_stat *sb);
@@ -932,6 +1014,7 @@ libssh2_scp_send64(LIBSSH2_SESSION *session, const char *path, int mode,
#define libssh2_scp_send(session, path, mode, size) \
libssh2_scp_send_ex((session), (path), (mode), (size), 0, 0)
/* DEPRECATED */
LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest,
unsigned int *dest_len,
const char *src, unsigned int src_len);
@@ -939,8 +1022,22 @@ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest,
LIBSSH2_API
const char *libssh2_version(int req_version_num);
typedef enum {
libssh2_no_crypto = 0,
libssh2_openssl,
libssh2_gcrypt,
libssh2_mbedtls,
libssh2_wincng,
libssh2_os400qc3
} libssh2_crypto_engine_t;
LIBSSH2_API
libssh2_crypto_engine_t libssh2_crypto_engine(void);
#define HAVE_LIBSSH2_KNOWNHOST_API 0x010101 /* since 1.1.1 */
#define HAVE_LIBSSH2_VERSION_API 0x010100 /* libssh2_version since 1.1 */
#define HAVE_LIBSSH2_CRYPTOENGINE_API 0x011100 /* libssh2_crypto_engine
since 1.11 */
struct libssh2_knownhost {
unsigned int magic; /* magic stored by the library */
@@ -951,7 +1048,7 @@ struct libssh2_knownhost {
};
/*
* libssh2_knownhost_init
* libssh2_knownhost_init()
*
* Init a collection of known hosts. Returns the pointer to a collection.
*
@@ -960,7 +1057,7 @@ LIBSSH2_API LIBSSH2_KNOWNHOSTS *
libssh2_knownhost_init(LIBSSH2_SESSION *session);
/*
* libssh2_knownhost_add
* libssh2_knownhost_add()
*
* Add a host and its associated key to the collection of known hosts.
*
@@ -1012,7 +1109,7 @@ libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
struct libssh2_knownhost **store);
/*
* libssh2_knownhost_addc
* libssh2_knownhost_addc()
*
* Add a host and its associated key to the collection of known hosts.
*
@@ -1030,8 +1127,8 @@ libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
* If 'sha1' is selected as type, the salt must be provided to the salt
* argument. This too base64 encoded.
*
* The SHA-1 hash is what OpenSSH can be told to use in known_hosts files. If
* a custom type is used, salt is ignored and you must provide the host
* The SHA-1 hash is what OpenSSH can be told to use in known_hosts files.
* If a custom type is used, salt is ignored and you must provide the host
* pre-hashed when checking for it in the libssh2_knownhost_check() function.
*
* The keylen parameter may be omitted (zero) if the key is provided as a
@@ -1047,7 +1144,7 @@ libssh2_knownhost_addc(LIBSSH2_KNOWNHOSTS *hosts,
struct libssh2_knownhost **store);
/*
* libssh2_knownhost_check
* libssh2_knownhost_check()
*
* Check a host and its associated key against the collection of known hosts.
*
@@ -1086,7 +1183,7 @@ libssh2_knownhost_checkp(LIBSSH2_KNOWNHOSTS *hosts,
struct libssh2_knownhost **knownhost);
/*
* libssh2_knownhost_del
* libssh2_knownhost_del()
*
* Remove a host from the collection of known hosts. The 'entry' struct is
* retrieved by a call to libssh2_knownhost_check().
@@ -1097,7 +1194,7 @@ libssh2_knownhost_del(LIBSSH2_KNOWNHOSTS *hosts,
struct libssh2_knownhost *entry);
/*
* libssh2_knownhost_free
* libssh2_knownhost_free()
*
* Free an entire collection of known hosts.
*
@@ -1118,7 +1215,7 @@ libssh2_knownhost_readline(LIBSSH2_KNOWNHOSTS *hosts,
const char *line, size_t len, int type);
/*
* libssh2_knownhost_readfile
* libssh2_knownhost_readfile()
*
* Add hosts+key pairs from a given file.
*
@@ -1154,7 +1251,7 @@ libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
int type);
/*
* libssh2_knownhost_writefile
* libssh2_knownhost_writefile()
*
* Write hosts+key pairs to a given file.
*
@@ -1194,7 +1291,7 @@ struct libssh2_agent_publickey {
};
/*
* libssh2_agent_init
* libssh2_agent_init()
*
* Init an ssh-agent handle. Returns the pointer to the handle.
*
@@ -1251,6 +1348,23 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent,
const char *username,
struct libssh2_agent_publickey *identity);
/*
* libssh2_agent_sign()
*
* Sign a payload using a system-installed ssh-agent.
*
* Returns 0 if succeeded, or a negative value for error.
*/
LIBSSH2_API int
libssh2_agent_sign(LIBSSH2_AGENT *agent,
struct libssh2_agent_publickey *identity,
unsigned char **sig,
size_t *s_len,
const unsigned char *data,
size_t d_len,
const char *method,
unsigned int method_len);
/*
* libssh2_agent_disconnect()
*

10
libssh2/include/libssh2_publickey.h
View File

@@ -94,7 +94,9 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey,
const libssh2_publickey_attribute attrs[]);
#define libssh2_publickey_add(pkey, name, blob, blob_len, overwrite, \
num_attrs, attrs) \
libssh2_publickey_add_ex((pkey), (name), strlen(name), (blob), (blob_len), \
libssh2_publickey_add_ex((pkey), \
(name), strlen(name), \
(blob), (blob_len), \
(overwrite), (num_attrs), (attrs))
LIBSSH2_API int libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY *pkey,
@@ -103,7 +105,9 @@ LIBSSH2_API int libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY *pkey,
const unsigned char *blob,
unsigned long blob_len);
#define libssh2_publickey_remove(pkey, name, blob, blob_len) \
libssh2_publickey_remove_ex((pkey), (name), strlen(name), (blob), (blob_len))
libssh2_publickey_remove_ex((pkey), \
(name), strlen(name), \
(blob), (blob_len))
LIBSSH2_API int
libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY *pkey,
@@ -119,4 +123,4 @@ LIBSSH2_API int libssh2_publickey_shutdown(LIBSSH2_PUBLICKEY *pkey);
} /* extern "C" */
#endif
#endif /* ifndef: LIBSSH2_PUBLICKEY_H */
#endif /* LIBSSH2_PUBLICKEY_H */

58
libssh2/include/libssh2_sftp.h
View File

@@ -40,7 +40,7 @@
#include "libssh2.h"
#ifndef WIN32
#ifndef LIBSSH2_WIN32
#include <unistd.h>
#endif
@@ -231,11 +231,24 @@ libssh2_sftp_open_ex(LIBSSH2_SFTP *sftp,
unsigned long flags,
long mode, int open_type);
#define libssh2_sftp_open(sftp, filename, flags, mode) \
libssh2_sftp_open_ex((sftp), (filename), strlen(filename), (flags), \
(mode), LIBSSH2_SFTP_OPENFILE)
libssh2_sftp_open_ex((sftp), \
(filename), (unsigned int)strlen(filename), \
(flags), (mode), LIBSSH2_SFTP_OPENFILE)
#define libssh2_sftp_opendir(sftp, path) \
libssh2_sftp_open_ex((sftp), (path), strlen(path), 0, 0, \
LIBSSH2_SFTP_OPENDIR)
libssh2_sftp_open_ex((sftp), \
(path), (unsigned int)strlen(path), \
0, 0, LIBSSH2_SFTP_OPENDIR)
LIBSSH2_API LIBSSH2_SFTP_HANDLE *
libssh2_sftp_open_ex_r(LIBSSH2_SFTP *sftp,
const char *filename,
size_t filename_len,
unsigned long flags,
long mode, int open_type,
LIBSSH2_SFTP_ATTRIBUTES *attrs);
#define libssh2_sftp_open_r(sftp, filename, flags, mode, attrs) \
libssh2_sftp_open_ex_r((sftp), (filename), strlen(filename), \
(flags), (mode), LIBSSH2_SFTP_OPENFILE, \
(attrs))
LIBSSH2_API ssize_t libssh2_sftp_read(LIBSSH2_SFTP_HANDLE *handle,
char *buffer, size_t buffer_maxlen);
@@ -281,8 +294,9 @@ LIBSSH2_API int libssh2_sftp_rename_ex(LIBSSH2_SFTP *sftp,
unsigned int dest_filename_len,
long flags);
#define libssh2_sftp_rename(sftp, sourcefile, destfile) \
libssh2_sftp_rename_ex((sftp), (sourcefile), strlen(sourcefile), \
(destfile), strlen(destfile), \
libssh2_sftp_rename_ex((sftp), \
(sourcefile), (unsigned int)strlen(sourcefile), \
(destfile), (unsigned int)strlen(destfile), \
LIBSSH2_SFTP_RENAME_OVERWRITE | \
LIBSSH2_SFTP_RENAME_ATOMIC | \
LIBSSH2_SFTP_RENAME_NATIVE)
@@ -305,13 +319,13 @@ LIBSSH2_API int libssh2_sftp_mkdir_ex(LIBSSH2_SFTP *sftp,
const char *path,
unsigned int path_len, long mode);
#define libssh2_sftp_mkdir(sftp, path, mode) \
libssh2_sftp_mkdir_ex((sftp), (path), strlen(path), (mode))
libssh2_sftp_mkdir_ex((sftp), (path), (unsigned int)strlen(path), (mode))
LIBSSH2_API int libssh2_sftp_rmdir_ex(LIBSSH2_SFTP *sftp,
const char *path,
unsigned int path_len);
#define libssh2_sftp_rmdir(sftp, path) \
libssh2_sftp_rmdir_ex((sftp), (path), strlen(path))
libssh2_sftp_rmdir_ex((sftp), (path), (unsigned int)strlen(path))
LIBSSH2_API int libssh2_sftp_stat_ex(LIBSSH2_SFTP *sftp,
const char *path,
@@ -319,14 +333,14 @@ LIBSSH2_API int libssh2_sftp_stat_ex(LIBSSH2_SFTP *sftp,
int stat_type,
LIBSSH2_SFTP_ATTRIBUTES *attrs);
#define libssh2_sftp_stat(sftp, path, attrs) \
libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_STAT, \
(attrs))
libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \
LIBSSH2_SFTP_STAT, (attrs))
#define libssh2_sftp_lstat(sftp, path, attrs) \
libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_LSTAT, \
(attrs))
libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \
LIBSSH2_SFTP_LSTAT, (attrs))
#define libssh2_sftp_setstat(sftp, path, attrs) \
libssh2_sftp_stat_ex((sftp), (path), strlen(path), LIBSSH2_SFTP_SETSTAT, \
(attrs))
libssh2_sftp_stat_ex((sftp), (path), (unsigned int)strlen(path), \
LIBSSH2_SFTP_SETSTAT, (attrs))
LIBSSH2_API int libssh2_sftp_symlink_ex(LIBSSH2_SFTP *sftp,
const char *path,
@@ -335,13 +349,19 @@ LIBSSH2_API int libssh2_sftp_symlink_ex(LIBSSH2_SFTP *sftp,
unsigned int target_len,
int link_type);
#define libssh2_sftp_symlink(sftp, orig, linkpath) \
libssh2_sftp_symlink_ex((sftp), (orig), strlen(orig), (linkpath), \
strlen(linkpath), LIBSSH2_SFTP_SYMLINK)
libssh2_sftp_symlink_ex((sftp), \
(orig), (unsigned int)strlen(orig), \
(linkpath), (unsigned int)strlen(linkpath), \
LIBSSH2_SFTP_SYMLINK)
#define libssh2_sftp_readlink(sftp, path, target, maxlen) \
libssh2_sftp_symlink_ex((sftp), (path), strlen(path), (target), (maxlen), \
libssh2_sftp_symlink_ex((sftp), \
(path), (unsigned int)strlen(path), \
(target), (maxlen), \
LIBSSH2_SFTP_READLINK)
#define libssh2_sftp_realpath(sftp, path, target, maxlen) \
libssh2_sftp_symlink_ex((sftp), (path), strlen(path), (target), (maxlen), \
libssh2_sftp_symlink_ex((sftp), \
(path), (unsigned int)strlen(path), \
(target), (maxlen), \
LIBSSH2_SFTP_REALPATH)
#ifdef __cplusplus

50
libssh2/libssh2-style.el Normal file
View File

@@ -0,0 +1,50 @@
;;;; Emacs Lisp help for writing libssh2 code. ;;;;
;;; The libssh2 hacker's C conventions.
;;; See the sample.emacs file on how this file can be made to take
;;; effect automatically when editing libssh2 source files.
(defconst libssh2-c-style
'((c-basic-offset . 4)
(c-comment-only-line-offset . 0)
(c-hanging-braces-alist . ((substatement-open before after)))
(c-offsets-alist . ((topmost-intro . 0)
(topmost-intro-cont . 0)
(substatement . +)
(substatement-open . 0)
(statement-case-intro . +)
(statement-case-open . 0)
(case-label . 0)
))
)
"Libssh2 C Programming Style")
(defun libssh2-code-cleanup ()
"tabify and delete trailing whitespace"
(interactive)
(untabify (point-min) (point-max))
(delete-trailing-whitespace)
)
;; Customizations for all of c-mode, c++-mode, and objc-mode
(defun libssh2-c-mode-common-hook ()
"Libssh2 C mode hook"
;; add libssh2 style and set it for the current buffer
(c-add-style "libssh2" libssh2-c-style t)
(setq tab-width 8
indent-tabs-mode nil ; Use spaces, not tabs.
comment-column 40
c-font-lock-extra-types (append '("libssh2_int64_t" "LIBSSH2_USERAUTH_KBDINT_PROMPT" "LIBSSH2_SESSION" "LIBSSH2_CHANNEL" "ssize_t" "size_t" "uint32_t" "LIBSSH2_LISTENER" "LIBSSH2_POLLFD"))
)
;; keybindings for C, C++, and Objective-C. We can put these in
;; c-mode-base-map because of inheritance ...
(define-key c-mode-base-map "\M-q" 'c-fill-paragraph)
(define-key c-mode-base-map "\M-m" 'libssh2-code-cleanup)
(setq c-recognize-knr-p nil)
;;; (add-hook 'write-file-hooks 'delete-trailing-whitespace t)
(setq show-trailing-whitespace t)
)
;; Set this is in your .emacs if you want to use the c-mode-hook as
;; defined here right out of the box.
; (add-hook 'c-mode-common-hook 'libssh2-c-mode-common-hook)

815
libssh2/ltmain.sh
View File

File diff suppressed because it is too large Load Diff

4
libssh2/m4/lib-link.m4
View File

@@ -6,7 +6,7 @@ dnl with or without modifications, as long as this notice is preserved.
dnl From Bruno Haible.
AC_PREREQ(2.54)
AC_PREREQ([2.54])
dnl AC_LIB_LINKFLAGS(name [, dependencies]) searches for libname and
dnl the libraries corresponding to explicit and implicit dependencies.
@@ -74,7 +74,7 @@ AC_DEFUN([AC_LIB_HAVE_LINKFLAGS],
AC_CACHE_CHECK([for lib[]$1], [ac_cv_lib[]Name], [
ac_save_LIBS="$LIBS"
LIBS="$LIBS $LIB[]NAME"
AC_TRY_LINK([$3], [$4], [ac_cv_lib[]Name=yes], [ac_cv_lib[]Name=no])
AC_LINK_IFELSE([AC_LANG_PROGRAM([[$3]], [[$4]])],[ac_cv_lib[]Name=yes],[ac_cv_lib[]Name=no])
LIBS="$ac_save_LIBS"
])
if test "$ac_cv_lib[]Name" = yes; then

207
libssh2/m4/libtool.m4 vendored
View File

@@ -1,6 +1,7 @@
# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
#
# Copyright (C) 1996-2001, 2003-2015 Free Software Foundation, Inc.
# Copyright (C) 1996-2001, 2003-2019, 2021-2022 Free Software
# Foundation, Inc.
# Written by Gordon Matzigkeit, 1996
#
# This file is free software; the Free Software Foundation gives
@@ -31,7 +32,7 @@ m4_define([_LT_COPYING], [dnl
# along with this program. If not, see <http://www.gnu.org/licenses/>.
])
# serial 58 LT_INIT
# serial 59 LT_INIT
# LT_PREREQ(VERSION)
@@ -181,6 +182,7 @@ m4_require([_LT_FILEUTILS_DEFAULTS])dnl
m4_require([_LT_CHECK_SHELL_FEATURES])dnl
m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl
m4_require([_LT_CMD_RELOAD])dnl
m4_require([_LT_DECL_FILECMD])dnl
m4_require([_LT_CHECK_MAGIC_METHOD])dnl
m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl
m4_require([_LT_CMD_OLD_ARCHIVE])dnl
@@ -219,8 +221,8 @@ esac
ofile=libtool
can_build_shared=yes
# All known linkers require a '.a' archive for static linking (except MSVC,
# which needs '.lib').
# All known linkers require a '.a' archive for static linking (except MSVC and
# ICC, which need '.lib').
libext=a
with_gnu_ld=$lt_cv_prog_gnu_ld
@@ -777,7 +779,7 @@ _LT_EOF
# if finds mixed CR/LF and LF-only lines. Since sed operates in
# text mode, it properly converts lines to CR/LF. This bash problem
# is reportedly fixed, but why not run on old versions too?
sed '$q' "$ltmain" >> "$cfgfile" \
$SED '$q' "$ltmain" >> "$cfgfile" \
|| (rm -f "$cfgfile"; exit 1)
mv -f "$cfgfile" "$ofile" ||
@@ -1041,8 +1043,8 @@ int forced_loaded() { return 2;}
_LT_EOF
echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
$LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
echo "$AR cr libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
$AR cr libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
echo "$AR $AR_FLAGS libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
$AR $AR_FLAGS libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
$RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
cat > conftest.c << _LT_EOF
@@ -1066,16 +1068,11 @@ _LT_EOF
_lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;;
darwin1.*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
darwin*) # darwin 5.x on
# if running on 10.5 or later, the deployment target defaults
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
10.0,*86*-darwin8*|10.0,*-darwin[[912]]*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
10.[[012]][[,.]]*)
darwin*)
case $MACOSX_DEPLOYMENT_TARGET,$host in
10.[[012]],*|,*powerpc*-darwin[[5-8]]*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
10.*|11.*)
*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
esac
;;
@@ -1125,12 +1122,12 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES],
output_verbose_link_cmd=func_echo_all
_LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil"
_LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil"
_LT_TAGVAR(archive_expsym_cmds, $1)="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil"
_LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil"
_LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil"
_LT_TAGVAR(module_expsym_cmds, $1)="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil"
m4_if([$1], [CXX],
[ if test yes != "$lt_cv_apple_cc_single_mod"; then
_LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil"
_LT_TAGVAR(archive_expsym_cmds, $1)="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil"
_LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil"
fi
],[])
else
@@ -1244,7 +1241,8 @@ _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes])
# _LT_WITH_SYSROOT
# ----------------
AC_DEFUN([_LT_WITH_SYSROOT],
[AC_MSG_CHECKING([for sysroot])
[m4_require([_LT_DECL_SED])dnl
AC_MSG_CHECKING([for sysroot])
AC_ARG_WITH([sysroot],
[AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@],
[Search for dependent libraries within DIR (or the compiler's sysroot
@@ -1261,7 +1259,7 @@ case $with_sysroot in #(
fi
;; #(
/*)
lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"`
;; #(
no|'')
;; #(
@@ -1291,7 +1289,7 @@ ia64-*-hpux*)
# options accordingly.
echo 'int i;' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*ELF-32*)
HPUX_IA64_MODE=32
;;
@@ -1308,7 +1306,7 @@ ia64-*-hpux*)
echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
if test yes = "$lt_cv_prog_gnu_ld"; then
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*32-bit*)
LD="${LD-ld} -melf32bsmip"
;;
@@ -1320,7 +1318,7 @@ ia64-*-hpux*)
;;
esac
else
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*32-bit*)
LD="${LD-ld} -32"
;;
@@ -1342,7 +1340,7 @@ mips64*-*linux*)
echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
emul=elf
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*32-bit*)
emul="${emul}32"
;;
@@ -1350,7 +1348,7 @@ mips64*-*linux*)
emul="${emul}64"
;;
esac
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*MSB*)
emul="${emul}btsmip"
;;
@@ -1358,7 +1356,7 @@ mips64*-*linux*)
emul="${emul}ltsmip"
;;
esac
case `/usr/bin/file conftest.$ac_objext` in
case `$FILECMD conftest.$ac_objext` in
*N32*)
emul="${emul}n32"
;;
@@ -1378,14 +1376,14 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
# not appear in the list.
echo 'int i;' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
case `/usr/bin/file conftest.o` in
case `$FILECMD conftest.o` in
*32-bit*)
case $host in
x86_64-*kfreebsd*-gnu)
LD="${LD-ld} -m elf_i386_fbsd"
;;
x86_64-*linux*)
case `/usr/bin/file conftest.o` in
case `$FILECMD conftest.o` in
*x86-64*)
LD="${LD-ld} -m elf32_x86_64"
;;
@@ -1453,7 +1451,7 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
# options accordingly.
echo 'int i;' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
case `/usr/bin/file conftest.o` in
case `$FILECMD conftest.o` in
*64-bit*)
case $lt_cv_prog_gnu_ld in
yes*)
@@ -1492,9 +1490,22 @@ need_locks=$enable_libtool_lock
m4_defun([_LT_PROG_AR],
[AC_CHECK_TOOLS(AR, [ar], false)
: ${AR=ar}
: ${AR_FLAGS=cr}
_LT_DECL([], [AR], [1], [The archiver])
_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive])
# Use ARFLAGS variable as AR's operation code to sync the variable naming with
# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have
# higher priority because thats what people were doing historically (setting
# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS
# variable obsoleted/removed.
test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr}
lt_ar_flags=$AR_FLAGS
_LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)])
# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override
# by AR_FLAGS because that was never working and AR_FLAGS is about to die.
_LT_DECL([], [AR_FLAGS], [\@S|@{ARFLAGS-"\@S|@lt_ar_flags"}],
[Flags to create an archive])
AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file],
[lt_cv_ar_at_file=no
@@ -1713,7 +1724,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
lt_cv_sys_max_cmd_len=8192;
;;
bitrig* | darwin* | dragonfly* | freebsd* | netbsd* | openbsd*)
bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*)
# This has been around since 386BSD, at least. Likely further.
if test -x /sbin/sysctl; then
lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
@@ -1756,7 +1767,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
sysv5* | sco5v6* | sysv4.2uw2*)
kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
if test -n "$kargmax"; then
lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'`
lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[[ ]]//'`
else
lt_cv_sys_max_cmd_len=32768
fi
@@ -2206,18 +2217,26 @@ m4_defun([_LT_CMD_STRIPLIB],
striplib=
old_striplib=
AC_MSG_CHECKING([whether stripping libraries is possible])
if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
test -z "$striplib" && striplib="$STRIP --strip-unneeded"
AC_MSG_RESULT([yes])
if test -z "$STRIP"; then
AC_MSG_RESULT([no])
else
# FIXME - insert some real tests, host_os isn't really good enough
if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
old_striplib="$STRIP --strip-debug"
striplib="$STRIP --strip-unneeded"
AC_MSG_RESULT([yes])
else
case $host_os in
darwin*)
if test -n "$STRIP"; then
# FIXME - insert some real tests, host_os isn't really good enough
striplib="$STRIP -x"
old_striplib="$STRIP -S"
AC_MSG_RESULT([yes])
;;
freebsd*)
if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then
old_striplib="$STRIP --strip-debug"
striplib="$STRIP --strip-unneeded"
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
fi
@@ -2226,6 +2245,7 @@ else
AC_MSG_RESULT([no])
;;
esac
fi
fi
_LT_DECL([], [old_striplib], [1], [Commands to strip libraries])
_LT_DECL([], [striplib], [1])
@@ -2548,7 +2568,7 @@ cygwin* | mingw* | pw32* | cegcc*)
case $host_os in
cygwin*)
# Cygwin DLLs use 'cyg' prefix rather than 'lib'
soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
m4_if([$1], [],[
sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"])
;;
@@ -2558,14 +2578,14 @@ m4_if([$1], [],[
;;
pw32*)
# pw32 DLLs use 'pw' prefix rather than 'lib'
library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
;;
esac
dynamic_linker='Win32 ld.exe'
;;
*,cl*)
# Native MSVC
*,cl* | *,icl*)
# Native MSVC or ICC
libname_spec='$name'
soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
library_names_spec='$libname.dll.lib'
@@ -2584,7 +2604,7 @@ m4_if([$1], [],[
done
IFS=$lt_save_ifs
# Convert to MSYS style.
sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'`
sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'`
;;
cygwin*)
# Convert to unix form, then to dos form, then back to unix form
@@ -2621,7 +2641,7 @@ m4_if([$1], [],[
;;
*)
# Assume MSVC wrapper
# Assume MSVC and ICC wrapper
library_names_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext $libname.lib'
dynamic_linker='Win32 ld.exe'
;;
@@ -2654,7 +2674,7 @@ dgux*)
shlibpath_var=LD_LIBRARY_PATH
;;
freebsd* | dragonfly*)
freebsd* | dragonfly* | midnightbsd*)
# DragonFly does not have aout. When/if they implement a new
# versioning mechanism, adjust this.
if test -x /usr/bin/objformat; then
@@ -3465,7 +3485,7 @@ beos*)
bsdi[[45]]*)
lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
lt_cv_file_magic_cmd='/usr/bin/file -L'
lt_cv_file_magic_cmd='$FILECMD -L'
lt_cv_file_magic_test_file=/shlib/libc.so
;;
@@ -3499,14 +3519,14 @@ darwin* | rhapsody*)
lt_cv_deplibs_check_method=pass_all
;;
freebsd* | dragonfly*)
freebsd* | dragonfly* | midnightbsd*)
if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
case $host_cpu in
i*86 )
# Not sure whether the presence of OpenBSD here was a mistake.
# Let's accept both of them until this is cleared up.
lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
lt_cv_file_magic_cmd=/usr/bin/file
lt_cv_file_magic_cmd=$FILECMD
lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
;;
esac
@@ -3520,7 +3540,7 @@ haiku*)
;;
hpux10.20* | hpux11*)
lt_cv_file_magic_cmd=/usr/bin/file
lt_cv_file_magic_cmd=$FILECMD
case $host_cpu in
ia64*)
lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
@@ -3567,7 +3587,7 @@ netbsd* | netbsdelf*-gnu)
newos6*)
lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
lt_cv_file_magic_cmd=/usr/bin/file
lt_cv_file_magic_cmd=$FILECMD
lt_cv_file_magic_test_file=/usr/lib/libnls.so
;;
@@ -3694,13 +3714,13 @@ else
mingw*) lt_bad_file=conftest.nm/nofile ;;
*) lt_bad_file=/dev/null ;;
esac
case `"$tmp_nm" -B $lt_bad_file 2>&1 | sed '1q'` in
case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in
*$lt_bad_file* | *'Invalid file or object type'*)
lt_cv_path_NM="$tmp_nm -B"
break 2
;;
*)
case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in
*/dev/null*)
lt_cv_path_NM="$tmp_nm -p"
break 2
@@ -3726,7 +3746,7 @@ else
# Let the user override the test.
else
AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :)
case `$DUMPBIN -symbols -headers /dev/null 2>&1 | sed '1q'` in
case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in
*COFF*)
DUMPBIN="$DUMPBIN -symbols -headers"
;;
@@ -3966,7 +3986,7 @@ esac
if test "$lt_cv_nm_interface" = "MS dumpbin"; then
# Gets list of data symbols to import.
lt_cv_sys_global_symbol_to_import="sed -n -e 's/^I .* \(.*\)$/\1/p'"
lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'"
# Adjust the below global symbol transforms to fixup imported variables.
lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'"
lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'"
@@ -3984,20 +4004,20 @@ fi
# Transform an extracted symbol line into a proper C declaration.
# Some systems (esp. on ia64) link data and code symbols differently,
# so use this general approach.
lt_cv_sys_global_symbol_to_cdecl="sed -n"\
lt_cv_sys_global_symbol_to_cdecl="$SED -n"\
$lt_cdecl_hook\
" -e 's/^T .* \(.*\)$/extern int \1();/p'"\
" -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'"
# Transform an extracted symbol line into symbol name and symbol address
lt_cv_sys_global_symbol_to_c_name_address="sed -n"\
lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\
$lt_c_name_hook\
" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
" -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'"
# Transform an extracted symbol line into symbol name with lib prefix and
# symbol address.
lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n"\
lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\
$lt_c_name_lib_hook\
" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
" -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\
@@ -4021,7 +4041,7 @@ for ac_symprfx in "" "_"; do
if test "$lt_cv_nm_interface" = "MS dumpbin"; then
# Fake it for dumpbin and say T for any non-static function,
# D for any global variable and I for any imported variable.
# Also find C++ and __fastcall symbols from MSVC++,
# Also find C++ and __fastcall symbols from MSVC++ or ICC,
# which start with @ or ?.
lt_cv_sys_global_symbol_pipe="$AWK ['"\
" {last_section=section; section=\$ 3};"\
@@ -4039,9 +4059,9 @@ for ac_symprfx in "" "_"; do
" s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\
" ' prfx=^$ac_symprfx]"
else
lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
fi
lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'"
# Check to see that the pipe works correctly.
pipe_works=no
@@ -4329,7 +4349,7 @@ m4_if([$1], [CXX], [
;;
esac
;;
freebsd* | dragonfly*)
freebsd* | dragonfly* | midnightbsd*)
# FreeBSD uses GNU C++
;;
hpux9* | hpux10* | hpux11*)
@@ -4412,7 +4432,7 @@ m4_if([$1], [CXX], [
_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
;;
*)
case `$CC -V 2>&1 | sed 5q` in
case `$CC -V 2>&1 | $SED 5q` in
*Sun\ C*)
# Sun C++ 5.9
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
@@ -4754,7 +4774,7 @@ m4_if([$1], [CXX], [
_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
;;
*)
case `$CC -V 2>&1 | sed 5q` in
case `$CC -V 2>&1 | $SED 5q` in
*Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*)
# Sun Fortran 8.3 passes all unrecognized flags to the linker
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
@@ -4937,7 +4957,7 @@ m4_if([$1], [CXX], [
if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
_LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols'
else
_LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
_LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
fi
;;
pw32*)
@@ -4945,7 +4965,7 @@ m4_if([$1], [CXX], [
;;
cygwin* | mingw* | cegcc*)
case $cc_basename in
cl*)
cl* | icl*)
_LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
;;
*)
@@ -5005,15 +5025,15 @@ dnl Note also adjust exclude_expsyms for C++ above.
case $host_os in
cygwin* | mingw* | pw32* | cegcc*)
# FIXME: the MSVC++ port hasn't been tested in a loooong time
# FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time
# When not using gcc, we currently assume that we are using
# Microsoft Visual C++.
# Microsoft Visual C++ or Intel C++ Compiler.
if test yes != "$GCC"; then
with_gnu_ld=no
fi
;;
interix*)
# we just hope/assume this is gcc and not c89 (= MSVC++)
# we just hope/assume this is gcc and not c89 (= MSVC++ or ICC)
with_gnu_ld=yes
;;
openbsd* | bitrig*)
@@ -5068,7 +5088,7 @@ dnl Note also adjust exclude_expsyms for C++ above.
_LT_TAGVAR(whole_archive_flag_spec, $1)=
fi
supports_anon_versioning=no
case `$LD -v | $SED -e 's/([^)]\+)\s\+//' 2>&1` in
case `$LD -v | $SED -e 's/([[^)]]\+)\s\+//' 2>&1` in
*GNU\ gold*) supports_anon_versioning=yes ;;
*\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
*\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
@@ -5180,6 +5200,7 @@ _LT_EOF
emximp -o $lib $output_objdir/$libname.def'
_LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
_LT_TAGVAR(file_list_spec, $1)='@'
;;
interix[[3-9]]*)
@@ -5194,7 +5215,7 @@ _LT_EOF
# 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
# time. Moving up from 0x10000000 also allows more sbrk(2) space.
_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
;;
gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
@@ -5237,7 +5258,7 @@ _LT_EOF
_LT_TAGVAR(compiler_needs_object, $1)=yes
;;
esac
case `$CC -V 2>&1 | sed 5q` in
case `$CC -V 2>&1 | $SED 5q` in
*Sun\ C*) # Sun C 5.9
_LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
_LT_TAGVAR(compiler_needs_object, $1)=yes
@@ -5249,13 +5270,14 @@ _LT_EOF
if test yes = "$supports_anon_versioning"; then
_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
echo "local: *; };" >> $output_objdir/$libname.ver~
$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib'
fi
case $cc_basename in
tcc*)
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
_LT_TAGVAR(export_dynamic_flag_spec, $1)='-rdynamic'
;;
xlf* | bgf* | bgxlf* | mpixlf*)
@@ -5265,7 +5287,7 @@ _LT_EOF
_LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
if test yes = "$supports_anon_versioning"; then
_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
echo "local: *; };" >> $output_objdir/$libname.ver~
$LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
fi
@@ -5397,7 +5419,7 @@ _LT_EOF
if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
_LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols'
else
_LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
_LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
fi
aix_use_runtimelinking=no
@@ -5580,12 +5602,12 @@ _LT_EOF
cygwin* | mingw* | pw32* | cegcc*)
# When not using gcc, we currently assume that we are using
# Microsoft Visual C++.
# Microsoft Visual C++ or Intel C++ Compiler.
# hardcode_libdir_flag_spec is actually meaningless, as there is
# no search path for DLLs.
case $cc_basename in
cl*)
# Native MSVC
cl* | icl*)
# Native MSVC or ICC
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
_LT_TAGVAR(always_export_symbols, $1)=yes
@@ -5626,7 +5648,7 @@ _LT_EOF
fi'
;;
*)
# Assume MSVC wrapper
# Assume MSVC and ICC wrapper
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
# Tell ltmain to make .lib files, not .a files.
@@ -5674,7 +5696,7 @@ _LT_EOF
;;
# FreeBSD 3 and greater uses gcc -shared to do shared libraries.
freebsd* | dragonfly*)
freebsd* | dragonfly* | midnightbsd*)
_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
_LT_TAGVAR(hardcode_direct, $1)=yes
@@ -5815,6 +5837,7 @@ _LT_EOF
# Fabrice Bellard et al's Tiny C Compiler
_LT_TAGVAR(ld_shlibs, $1)=yes
_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
;;
esac
;;
@@ -5886,6 +5909,7 @@ _LT_EOF
emximp -o $lib $output_objdir/$libname.def'
_LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
_LT_TAGVAR(file_list_spec, $1)='@'
;;
osf3*)
@@ -6656,8 +6680,8 @@ if test yes != "$_lt_caught_CXX_error"; then
cygwin* | mingw* | pw32* | cegcc*)
case $GXX,$cc_basename in
,cl* | no,cl*)
# Native MSVC
,cl* | no,cl* | ,icl* | no,icl*)
# Native MSVC or ICC
# hardcode_libdir_flag_spec is actually meaningless, as there is
# no search path for DLLs.
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
@@ -6755,6 +6779,7 @@ if test yes != "$_lt_caught_CXX_error"; then
emximp -o $lib $output_objdir/$libname.def'
_LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
_LT_TAGVAR(file_list_spec, $1)='@'
;;
dgux*)
@@ -6785,7 +6810,7 @@ if test yes != "$_lt_caught_CXX_error"; then
_LT_TAGVAR(archive_cmds_need_lc, $1)=no
;;
freebsd* | dragonfly*)
freebsd* | dragonfly* | midnightbsd*)
# FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
# conventions
_LT_TAGVAR(ld_shlibs, $1)=yes
@@ -6922,7 +6947,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
# time. Moving up from 0x10000000 also allows more sbrk(2) space.
_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
;;
irix5* | irix6*)
case $cc_basename in
@@ -7062,13 +7087,13 @@ if test yes != "$_lt_caught_CXX_error"; then
_LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
if test yes = "$supports_anon_versioning"; then
_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
echo "local: *; };" >> $output_objdir/$libname.ver~
$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib'
fi
;;
*)
case `$CC -V 2>&1 | sed 5q` in
case `$CC -V 2>&1 | $SED 5q` in
*Sun\ C*)
# Sun C++ 5.9
_LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
@@ -8214,6 +8239,14 @@ _LT_DECL([], [DLLTOOL], [1], [DLL creation program])
AC_SUBST([DLLTOOL])
])
# _LT_DECL_FILECMD
# ----------------
# Check for a file(cmd) program that can be used to detect file type and magic
m4_defun([_LT_DECL_FILECMD],
[AC_CHECK_TOOL([FILECMD], [file], [:])
_LT_DECL([], [FILECMD], [1], [A file(cmd) program that detects file types])
])# _LD_DECL_FILECMD
# _LT_DECL_SED
# ------------
# Check for a fully-functional sed program, that truncates

4
libssh2/m4/ltoptions.m4 vendored
View File

@@ -1,7 +1,7 @@
# Helper functions for option handling. -*- Autoconf -*-
#
# Copyright (C) 2004-2005, 2007-2009, 2011-2015 Free Software
# Foundation, Inc.
# Copyright (C) 2004-2005, 2007-2009, 2011-2019, 2021-2022 Free
# Software Foundation, Inc.
# Written by Gary V. Vaughan, 2004
#
# This file is free software; the Free Software Foundation gives

2
libssh2/m4/ltsugar.m4 vendored
View File

@@ -1,6 +1,6 @@
# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*-
#
# Copyright (C) 2004-2005, 2007-2008, 2011-2015 Free Software
# Copyright (C) 2004-2005, 2007-2008, 2011-2019, 2021-2022 Free Software
# Foundation, Inc.
# Written by Gary V. Vaughan, 2004
#

13
libssh2/m4/ltversion.m4 vendored
View File

@@ -1,6 +1,7 @@
# ltversion.m4 -- version numbers -*- Autoconf -*-
#
# Copyright (C) 2004, 2011-2015 Free Software Foundation, Inc.
# Copyright (C) 2004, 2011-2019, 2021-2022 Free Software Foundation,
# Inc.
# Written by Scott James Remnant, 2004
#
# This file is free software; the Free Software Foundation gives
@@ -9,15 +10,15 @@
# @configure_input@
# serial 4179 ltversion.m4
# serial 4245 ltversion.m4
# This file is part of GNU Libtool
m4_define([LT_PACKAGE_VERSION], [2.4.6])
m4_define([LT_PACKAGE_REVISION], [2.4.6])
m4_define([LT_PACKAGE_VERSION], [2.4.7])
m4_define([LT_PACKAGE_REVISION], [2.4.7])
AC_DEFUN([LTVERSION_VERSION],
[macro_version='2.4.6'
macro_revision='2.4.6'
[macro_version='2.4.7'
macro_revision='2.4.7'
_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
_LT_DECL(, macro_revision, 0)
])

4
libssh2/m4/lt~obsolete.m4 vendored
View File

@@ -1,7 +1,7 @@
# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*-
#
# Copyright (C) 2004-2005, 2007, 2009, 2011-2015 Free Software
# Foundation, Inc.
# Copyright (C) 2004-2005, 2007, 2009, 2011-2019, 2021-2022 Free
# Software Foundation, Inc.
# Written by Scott James Remnant, 2004.
#
# This file is free software; the Free Software Foundation gives

96
libssh2/maketgz
View File

@@ -1,26 +1,27 @@
#! /bin/sh
# Script to build release-archives with
#!/bin/sh
# Script to build release-archives with. Note that this requires a checkout
# from git and you should first run 'autoreconf -fi' and './configure'.
#
version=$1
version="$1"
if [ -z "$version" ]; then
echo "Specify a version number!"
exit
fi
if [ "xonly" = "x$2" ]; then
if [ "only" = "$2" ]; then
echo "Setup version number only!"
only=1
fi
libversion="$version"
major=`echo $libversion |cut -d. -f1 | sed -e "s/[^0-9]//g"`
minor=`echo $libversion |cut -d. -f2 | sed -e "s/[^0-9]//g"`
patch=`echo $libversion |cut -d. -f3 | cut -d- -f1 | sed -e "s/[^0-9]//g"`
major="$(echo "$libversion" | cut -d. -f1 | sed -e "s/[^0-9]//g")"
minor="$(echo "$libversion" | cut -d. -f2 | sed -e "s/[^0-9]//g")"
patch="$(echo "$libversion" | cut -d. -f3 | cut -d- -f1 | sed -e "s/[^0-9]//g")"
numeric=`perl -e 'printf("%02x%02x%02x\n", '"$major, $minor, $patch);"`
numeric="$(printf "%02x%02x%02x\n" "$major" "$minor" "$patch")"
HEADER=include/libssh2.h
@@ -28,22 +29,25 @@ if test -z "$only"; then
ext=".dist"
# when not setting up version numbers locally
for a in $HEADER; do
cp $a "$a$ext"
cp "$a" "$a$ext"
done
HEADER="$HEADER$ext"
fi
# requires a date command that knows -u for UTC time zone
datestamp=`LC_TIME=C date -u`
datestamp="$(LC_TIME=C date -u)"
# Replace in-place version number in header file:
sed -i -e 's/^#define LIBSSH2_VERSION .*/#define LIBSSH2_VERSION "'$libversion'"/g' \
-e 's/^#define LIBSSH2_VERSION_NUM .*/#define LIBSSH2_VERSION_NUM 0x'$numeric'/g' \
-e 's/^#define LIBSSH2_VERSION_MAJOR .*/#define LIBSSH2_VERSION_MAJOR '$major'/g' \
-e 's/^#define LIBSSH2_VERSION_MINOR .*/#define LIBSSH2_VERSION_MINOR '$minor'/g' \
-e 's/^#define LIBSSH2_VERSION_PATCH .*/#define LIBSSH2_VERSION_PATCH '$patch'/g' \
sed -i.bak \
-e "s/^#define LIBSSH2_VERSION .*/#define LIBSSH2_VERSION \"$libversion\"/g" \
-e "s/^#define LIBSSH2_VERSION_NUM .*/#define LIBSSH2_VERSION_NUM 0x$numeric/g" \
-e "s/^#define LIBSSH2_VERSION_MAJOR .*/#define LIBSSH2_VERSION_MAJOR $major/g" \
-e "s/^#define LIBSSH2_VERSION_MINOR .*/#define LIBSSH2_VERSION_MINOR $minor/g" \
-e "s/^#define LIBSSH2_VERSION_PATCH .*/#define LIBSSH2_VERSION_PATCH $patch/g" \
-e "s/^#define LIBSSH2_TIMESTAMP .*/#define LIBSSH2_TIMESTAMP \"$datestamp\"/g" \
$HEADER
"$HEADER"
rm -f "$HEADER.bak"
echo "libssh2 version $libversion"
echo "libssh2 numerical $numeric"
@@ -51,13 +55,12 @@ echo "datestamp $datestamp"
if test -n "$only"; then
# done!
exit;
exit
fi
findprog()
{
findprog() {
file="$1"
for part in `echo $PATH| tr ':' ' '`; do
for part in $(echo "$PATH" | tr ':' ' '); do
path="$part/$file"
if [ -x "$path" ]; then
# there it is!
@@ -76,7 +79,7 @@ findprog()
#
if { findprog automake >/dev/null 2>/dev/null; } then
echo "- Could not find or run automake, I hope you know what you're doing!"
echo "- Could not find or run automake, I hope you know what you are doing!"
else
echo "Runs automake --include-deps"
automake --include-deps Makefile >/dev/null
@@ -96,4 +99,53 @@ git log --pretty=fuller --no-color --date=short --decorate=full -1000 | ./git2ne
echo "make dist"
targz="libssh2-$version.tar.gz"
make -s dist VERSION=$version
make -s dist "VERSION=$version"
res=$?
if test "$res" != 0; then
echo "make dist failed"
exit 2
fi
############################################################################
#
# Now make a bz2 archive from the tar.gz original
#
bzip2="libssh2-$version.tar.bz2"
echo "Generating $bzip2"
gzip -dc "$targz" | bzip2 --best > "$bzip2"
############################################################################
#
# Now make an xz archive from the tar.gz original
#
xz="libssh2-$version.tar.xz"
echo "Generating $xz"
gzip -dc "$targz" | xz -6e - > "$xz"
############################################################################
#
# Now make a zip archive from the tar.gz original
#
makezip() {
rm -rf "$tempdir"
mkdir "$tempdir"
cd "$tempdir" || exit 1
gzip -dc "../$targz" | tar -xf -
find . | zip "$zip" -@ >/dev/null
mv "$zip" ../
cd .. || exit 1
rm -rf "$tempdir"
}
zip="libssh2-$version.zip"
echo "Generating $zip"
tempdir=".builddir"
makezip
echo "------------------"
echo "maketgz report:"
echo ""
ls -l "$targz" "$bzip2" "$zip" "$xz"

2
libssh2/missing
View File

@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2020 Free Software Foundation, Inc.
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify

9
libssh2/os400/README400
View File

@@ -38,7 +38,8 @@ familiar with.
_ As a prerequisite, QADRT development environment must be installed.
_ Install the libssh2 sources directory in IFS.
_ Enter shell (QSH)
_ Enter shell (QSH). You may need to change the LANG environment variable
to be in phase with the libssh2 source files CCSID.
_ Change current directory to the libssh2 sources installation directory
_ Change current directory to os400
_ Edit file iniscript.sh. You may want to change tunable configuration
@@ -96,9 +97,9 @@ String transcoding support:
values from/to the libssh2 API, three non-standard additional procedures are
provided. They use a session pointer and a "string cache" pointer.
Each time a string is transcoded, it is cached in the given cache. It is
the responsibility of the caller to release the cache when its associted strings
are no longer needed. These procedures and the string cache type are defined
in a new libssh2_ccsid.h header file.
the responsibility of the caller to release the cache when its associated
strings are no longer needed. These procedures and the string cache type are
defined in a new libssh2_ccsid.h header file.
To create a string cache, use:
#include <libssh2_ccsid.h>

58
libssh2/os400/include/assert.h Normal file
View File

@@ -0,0 +1,58 @@
/*
* Copyright (C) 2023 Patrick Monnerat <patrick@monnerat.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* Neither the name of the copyright holder nor the names
* of any other contributors may be used to endorse or
* promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/
#ifndef LIBSSH2_ASSERT_H
#define LIBSSH2_ASSERT_H
#include <stdio.h>
#include <stdlib.h>
/* Ascii assert() macro. */
#ifndef NDEBUG
#pragma convert(819)
#define assert(expr) ((expr)? ((void) 0): (fprintf(stderr, \
"Assertion failed: %s in file %s line %u. Aborting\n", \
#expr, __FILE__, __LINE__), abort()))
#else
#define assert(expr) ((void) 0)
#endif
#endif
/* vim: set expandtab ts=4 sw=4: */

7
libssh2/os400/initscript.sh
View File

@@ -49,8 +49,9 @@ setenv TGTCCSID '500' # Target CCSID of objects.
setenv DEBUG '*ALL' # Debug level.
setenv OPTIMIZE '10' # Optimisation level
setenv OUTPUT '*NONE' # Compilation output option.
setenv TGTRLS 'V6R1M0' # Target OS release.
setenv TGTRLS 'V7R3M0' # Target OS release.
setenv IFSDIR '/libssh2' # Installation IFS directory.
setenv QADRTDIR '/QIBM/ProdData/qadrt' # QADRT IFS directory.
# Define ZLIB availability and locations.
@@ -182,7 +183,7 @@ make_module()
CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST)"
CMD="${CMD} LOCALETYPE(*LOCALE) FLAG(10)"
CMD="${CMD} INCDIR('${TOPDIR}/os400/include'"
CMD="${CMD} '/QIBM/ProdData/qadrt/include' '${TOPDIR}/include'"
CMD="${CMD} '${QADRTDIR}/include' '${TOPDIR}/include'"
CMD="${CMD} '${TOPDIR}/os400' '${SRCDIR}'"
if [ "${WITH_ZLIB}" != "0" ]
@@ -198,7 +199,7 @@ make_module()
DEFINES="${3}"
if [ "${WITH_ZLIB}" != "0" ]
then DEFINES="${DEFINES} HAVE_LIBZ LIBSSH2_HAVE_ZLIB"
then DEFINES="${DEFINES} LIBSSH2_HAVE_ZLIB"
fi
if [ "${DEFINES}" ]

93
libssh2/os400/libssh2_config.h
View File

@@ -59,25 +59,6 @@
/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1
/* Define to 1 if you have the declaration of `SecureZeroMemory', and to 0 if
you don't. */
#undef HAVE_DECL_SECUREZEROMEMORY
/* disabled non-blocking sockets */
#undef HAVE_DISABLED_NONBLOCKING
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
/* Define to 1 if you have the <errno.h> header file. */
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the `EVP_aes_128_ctr' function. */
#undef HAVE_EVP_AES_128_CTR
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* use FIONBIO for non-blocking sockets */
#undef HAVE_FIONBIO
@@ -87,42 +68,15 @@
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* use ioctlsocket() for non-blocking sockets */
#undef HAVE_IOCTLSOCKET
/* use Ioctlsocket() for non-blocking sockets */
#undef HAVE_IOCTLSOCKET_CASE
/* Define if you have the bcrypt library. */
#undef HAVE_LIBBCRYPT
/* Define if you have the crypt32 library. */
#undef HAVE_LIBCRYPT32
/* Define if you have the gcrypt library. */
#undef HAVE_LIBGCRYPT
/* Define if you have the ssl library. */
#undef HAVE_LIBSSL
/* Define if you have the z library. */
/* #undef HAVE_LIBZ */
/* Define to 1 if the compiler supports the 'long long' data type. */
#define HAVE_LONGLONG 1
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the <netinet/in.h> header file. */
#define HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <ntdef.h> header file. */
#undef HAVE_NTDEF_H
/* Define to 1 if you have the <ntstatus.h> header file. */
#undef HAVE_NTSTATUS_H
/* use O_NONBLOCK for non-blocking sockets */
#define HAVE_O_NONBLOCK 1
@@ -141,15 +95,6 @@
/* Define to 1 if you have the <stdio.h> header file. */
#define HAVE_STDIO_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the `strtoll' function. */
#define HAVE_STRTOLL 1
@@ -162,15 +107,9 @@
/* Define to 1 if you have the <sys/socket.h> header file. */
#define HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/time.h> header file. */
#define HAVE_SYS_TIME_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
#define HAVE_SYS_UIO_H 1
@@ -180,36 +119,15 @@
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the <windows.h> header file. */
#undef HAVE_WINDOWS_H
/* Define to 1 if you have the <winsock2.h> header file. */
#undef HAVE_WINSOCK2_H
/* Define to 1 if you have the <ws2tcpip.h> header file. */
#undef HAVE_WS2TCPIP_H
/* to make a symbol visible */
#undef LIBSSH2_API
/* Enable clearing of memory before being freed */
#define LIBSSH2_CLEAR_MEMORY 1
/* Enable "none" cipher -- NOT RECOMMENDED */
#undef LIBSSH2_CRYPT_NONE
/* Enable newer diffie-hellman-group-exchange-sha1 syntax */
#define LIBSSH2_DH_GEX_NEW 1
/* Compile in zlib support */
/* #undef LIBSSH2_HAVE_ZLIB */
/* Use libgcrypt */
#undef LIBSSH2_LIBGCRYPT
/* Enable "none" MAC -- NOT RECOMMENDED */
#undef LIBSSH2_MAC_NONE
/* Use OpenSSL */
#undef LIBSSH2_OPENSSL
@@ -219,6 +137,10 @@
/* Use OS/400 Qc3 */
#define LIBSSH2_OS400QC3
/* Use our platform-specific local implementation:
_libssh2_os400_snprintf */
#define HAVE_SNPRINTF 1
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#define LT_OBJDIR ".libs/"
@@ -230,7 +152,7 @@
#define PACKAGE "libssh2"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "libssh2-devel@cool.haxx.se"
#define PACKAGE_BUGREPORT "libssh2-devel@lists.haxx.se"
/* Define to the full name of this package. */
#define PACKAGE_NAME "libssh2"
@@ -265,11 +187,6 @@
significant byte first (like Motorola and SPARC, unlike Intel). */
#define WORDS_BIGENDIAN 1
/* Enable large inode numbers on Mac OS X 10.5. */
#ifndef _DARWIN_USE_64_BIT_INODE
# define _DARWIN_USE_64_BIT_INODE 1
#endif
/* Number of bits in a file offset, on hosts where this is settable. */
#undef _FILE_OFFSET_BITS

10
libssh2/os400/libssh2rpg/libssh2.rpgle.in
View File

@@ -58,7 +58,7 @@
d c @LIBSSH2_VERSION_PATCH@
* This is the numeric version of the libssh2 version number, meant for
* easier parsing and comparions by programs. The LIBSSH2_VERSION_NUM
* easier parsing and comparisons by programs. The LIBSSH2_VERSION_NUM
* define will always follow this syntax:
*
* X'XXYYZZ'
@@ -511,7 +511,7 @@
*
* Fills algs with a list of supported cryptographic algorithms. Returns a
* non-negative number (number of supported algorithms) on success or a
* negative number (an eror code) on failure.
* negative number (an error code) on failure.
*
* NOTE: on success, algs must be deallocated (by calling libssh2_free)
* when not needed anymore
@@ -772,7 +772,7 @@
* response_callback is provided with filled by library prompts array,
* but client must allocate and fill individual responses. Responses
* array is already allocated. Responses data will be freed by libssh2
* after callback return, but before subsequent callback invokation.
* after callback return, but before subsequent callback invocation.
d libssh2_userauth_keyboard_interactive_ex...
d pr extproc('libssh2_userauth_keyboard_i-
@@ -1519,7 +1519,7 @@
* libssh2_knownhost_get()
*
* Traverse the internal list of known hosts. Pass NULL to 'prev' to get
* the first one. Or pass a poiner to the previously returned one to
* the first one. Or pass a pointer to the previously returned one to
* get the next.
*
* Returns:
@@ -1580,7 +1580,7 @@
* libssh2_agent_get_identity()
*
* Traverse the internal list of public keys. Pass NULL to 'prev' to get
* the first one. Or pass a poiner to the previously returned one to
* the first one. Or pass a pointer to the previously returned one to
* get the next.
*
* Returns:

4
libssh2/os400/make-src.sh
View File

@@ -78,7 +78,7 @@ fi
# Get source list.
cat ../Makefile.inc ../Makefile.os400qc3.inc |
cat Makefile.inc |
sed -e ':begin' \
-e '/\\$/{' \
-e 's/\\$/ /' \
@@ -98,7 +98,7 @@ cat ../Makefile.inc ../Makefile.os400qc3.inc |
INCLUDES="'`pwd`'"
for SRC in "${TOPDIR}/os400/os400sys.c" "${TOPDIR}/os400/ccsid.c" \
${CSOURCES} ${CRYPTO_CSOURCES} macros.c
${CSOURCES} macros.c
do MODULE=`db2_name "${SRC}"`
make_module "${MODULE}" "${SRC}"
done

2
libssh2/os400/make.sh
View File

@@ -31,7 +31,7 @@ fi
for TEXT in "${TOPDIR}/COPYING" "${SCRIPTDIR}/README400" \
"${TOPDIR}/NEWS" "${TOPDIR}/README" "${TOPDIR}/docs/AUTHORS" \
"${TOPDIR}/docs/BINDINGS"
"${TOPDIR}/docs/BINDINGS.md"
do MEMBER="${LIBIFSNAME}/DOCS.FILE/`db2_name \"${TEXT}\"`.MBR"
if action_needed "${MEMBER}" "${TEXT}"

414
libssh2/src/CMakeLists.txt
View File

@@ -1,4 +1,5 @@
# Copyright (c) 2014 Alexander Lamaison <alexander.lamaison@gmail.com>
# Copyright (c) 2023 Viktor Szakats
#
# Redistribution and use in source and binary forms,
# with or without modification, are permitted provided
@@ -33,208 +34,19 @@
# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
# OF SUCH DAMAGE.
include(CheckFunctionExists)
include(CheckSymbolExists)
include(CheckFunctionExistsMayNeedLibrary)
include(CheckIncludeFiles)
include(CheckTypeSize)
include(CheckSymbolExists)
include(CheckNonblockingSocketSupport)
include(SocketLibraries)
## Cryptography backend choice
set(CRYPTO_BACKEND
""
CACHE
STRING
"The backend to use for cryptography: OpenSSL, Libgcrypt or WinCNG, mbedTLS
or empty to try any available")
# If the crypto backend was given, rather than searching for the first
# we are able to find, the find_package commands must abort configuration
# and report to the user.
if(CRYPTO_BACKEND)
set(SPECIFIC_CRYPTO_REQUIREMENT REQUIRED)
endif()
if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR NOT CRYPTO_BACKEND)
find_package(OpenSSL ${SPECIFIC_CRYPTO_REQUIREMENT})
if(OPENSSL_FOUND)
set(CRYPTO_BACKEND "OpenSSL")
set(CRYPTO_SOURCES openssl.c openssl.h)
list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_OPENSSL)
list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${OPENSSL_INCLUDE_DIR})
list(APPEND LIBRARIES ${OPENSSL_LIBRARIES})
list(APPEND PC_REQUIRES_PRIVATE libssl libcrypto)
if (WIN32)
# Statically linking to OpenSSL requires crypt32 for some Windows APIs.
# This should really be handled by FindOpenSSL.cmake.
list(APPEND LIBRARIES crypt32)
list(APPEND PC_LIBS -lcrypt32)
find_file(DLL_LIBEAY32
NAMES libeay32.dll crypto.dll libcrypto-1_1.dll libcrypto-1_1-x64.dll
HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS}
PATH_SUFFIXES bin)
if (NOT DLL_LIBEAY32)
message(WARNING
"Unable to find OpenSSL crypto (aka libeay32) DLL, executables may not run")
endif()
find_file(DLL_SSLEAY32
NAMES ssleay32.dll ssl.dll libssl-1_1.dll libssl-1_1-x64.dll
HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS}
PATH_SUFFIXES bin)
if (NOT DLL_SSLEAY32)
message(WARNING
"Unable to find OpenSSL ssl (aka ssleay32) DLL, executables may not run")
endif()
if(DLL_LIBEAY32 AND DLL_SSLEAY32)
list(APPEND _RUNTIME_DEPENDENCIES ${DLL_LIBEAY32} ${DLL_SSLEAY32})
endif()
endif()
# Not all OpenSSL have AES-CTR functions.
set(SAVE_CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES})
set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES})
check_function_exists(EVP_aes_128_ctr HAVE_EVP_AES_128_CTR)
set(CMAKE_REQUIRED_LIBRARIES ${SAVE_CMAKE_REQUIRED_LIBRARIES})
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "Libgcrypt" OR NOT CRYPTO_BACKEND)
find_package(Libgcrypt ${SPECIFIC_CRYPTO_REQUIREMENT})
if(LIBGCRYPT_FOUND)
set(CRYPTO_BACKEND "Libgcrypt")
set(CRYPTO_SOURCES libgcrypt.c libgcrypt.h)
list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_LIBGCRYPT)
list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${LIBGCRYPT_INCLUDE_DIRS})
list(APPEND LIBRARIES ${LIBGCRYPT_LIBRARIES})
list(APPEND PC_LIBS -lgcrypt)
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "WinCNG" OR NOT CRYPTO_BACKEND)
# The check actually compiles the header. This requires windows.h.
check_include_files("windows.h;bcrypt.h" HAVE_BCRYPT_H)
if(HAVE_BCRYPT_H)
set(CRYPTO_BACKEND "WinCNG")
set(CRYPTO_SOURCES wincng.c wincng.h)
list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_WINCNG)
set(HAVE_LIBCRYPT32 TRUE)
list(APPEND LIBRARIES bcrypt)
list(APPEND PC_LIBS -lbcrypt)
check_include_files(ntdef.h HAVE_NTDEF_H)
check_include_files(ntstatus.h HAVE_NTSTATUS_H)
# Reading keys from files is optional and depends on Wincrypt
check_include_files("windows.h;wincrypt.h" HAVE_WINCRYPT_H)
if(HAVE_WINCRYPT_H)
list(APPEND LIBRARIES crypt32)
list(APPEND PC_LIBS -lcrypt32)
endif()
elseif(${SPECIFIC_CRYPTO_REQUIREMENT} STREQUAL ${REQUIRED})
message(FATAL_ERROR "WinCNG not available")
endif()
endif()
if(CRYPTO_BACKEND STREQUAL "mbedTLS" OR NOT CRYPTO_BACKEND)
find_package(mbedTLS ${SPECIFIC_CRYPTO_REQUIREMENT})
if(MBEDTLS_FOUND)
set(CRYPTO_BACKEND "mbedTLS")
set(CRYPTO_SOURCES mbedtls.c mbedtls.h)
list(APPEND PRIVATE_COMPILE_DEFINITIONS LIBSSH2_MBEDTLS)
list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${MBEDTLS_INCLUDE_DIR})
list(APPEND LIBRARIES ${MBEDTLS_LIBRARIES})
list(APPEND PC_LIBS -lmbedcrypto)
link_directories(${MBEDTLS_LIBRARY_DIR})
endif()
endif()
if(NOT CRYPTO_BACKEND)
list(APPEND PRIVATE_COMPILE_DEFINITIONS ${CRYPTO_BACKEND_DEFINE})
list(APPEND PRIVATE_INCLUDE_DIRECTORIES ${CRYPTO_BACKEND_INCLUDE_DIR})
else()
message(FATAL_ERROR "No suitable cryptography backend found.")
endif()
## Library definition
include(GNUInstallDirs)
set(SOURCES
${CRYPTO_SOURCES}
agent.c
agent_win.c
blf.h
bcrypt_pbkdf.c
blowfish.c
channel.c
channel.h
comp.c
comp.h
crypt.c
crypto.h
global.c
hostkey.c
keepalive.c
kex.c
knownhost.c
libssh2_priv.h
mac.c
mac.h
misc.c
misc.h
packet.c
packet.h
pem.c
publickey.c
scp.c
session.c
session.h
sftp.c
sftp.h
transport.c
transport.h
userauth.c
userauth.h
version.c)
if(WIN32)
list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/win32/libssh2.rc)
endif()
add_library(libssh2 ${SOURCES})
# we want it to be called libssh2 on all platforms
set_target_properties(libssh2 PROPERTIES PREFIX "")
target_compile_definitions(libssh2 PRIVATE ${PRIVATE_COMPILE_DEFINITIONS})
target_include_directories(libssh2
PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${PRIVATE_INCLUDE_DIRECTORIES}
PUBLIC
$<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>)
## Options
option(CLEAR_MEMORY "Enable clearing of memory before being freed" ON)
if(CLEAR_MEMORY)
add_definitions(-DLIBSSH2_CLEAR_MEMORY)
endif(CLEAR_MEMORY)
add_feature_info("Shared library" BUILD_SHARED_LIBS
"creating libssh2 as a shared library (.so/.dll)")
if(NOT CLEAR_MEMORY)
list(APPEND libssh2_DEFINITIONS LIBSSH2_NO_CLEAR_MEMORY)
endif()
option(ENABLE_ZLIB_COMPRESSION "Use zlib for compression")
add_feature_info(Compression ENABLE_ZLIB_COMPRESSION
@@ -242,134 +54,81 @@ add_feature_info(Compression ENABLE_ZLIB_COMPRESSION
if(ENABLE_ZLIB_COMPRESSION)
find_package(ZLIB REQUIRED)
target_include_directories(libssh2 PRIVATE ${ZLIB_INCLUDE_DIRS})
list(APPEND libssh2_INCLUDE_DIRS ${ZLIB_INCLUDE_DIRS})
list(APPEND LIBRARIES ${ZLIB_LIBRARIES})
list(APPEND PC_REQUIRES_PRIVATE zlib)
if(ZLIB_FOUND)
target_compile_definitions(libssh2 PRIVATE LIBSSH2_HAVE_ZLIB=1)
list(APPEND libssh2_DEFINITIONS LIBSSH2_HAVE_ZLIB)
endif()
endif()
option(ENABLE_CRYPT_NONE "Permit \"none\" cipher -- NOT RECOMMENDED")
add_feature_info("\"none\" cipher" ENABLE_CRYPT_NONE "")
if(ENABLE_CRYPT_NONE)
target_compile_definitions(libssh2 PRIVATE LIBSSH2_CRYPT_NONE=1)
list(APPEND LIBRARIES ${SOCKET_LIBRARIES})
if(WIN32)
list(APPEND PC_LIBS -lws2_32)
endif()
option(ENABLE_MAC_NONE "Permit \"none\" MAC -- NOT RECOMMMENDED")
add_feature_info("\"none\" MAC" ENABLE_MAC_NONE "")
if(ENABLE_MAC_NONE)
target_compile_definitions(libssh2 PRIVATE LIBSSH2_MAC_NONE=1)
endif()
option(ENABLE_GEX_NEW
"Enable diffie-hellman-group-exchange-sha1 method" ON)
add_feature_info("diffie-hellman-group-exchange-sha1" ENABLE_GEX_NEW
"\"new\" diffie-hellman-group-exchange-sha1 method")
if(ENABLE_GEX_NEW)
target_compile_definitions(libssh2 PRIVATE LIBSSH2_DH_GEX_NEW=1)
endif()
# Enable debugging logging by default if the user configured a debug build
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
set(DEBUG_LOGGING_DEFAULT ON)
else()
set(DEBUG_LOGGING_DEFAULT OFF)
endif()
option(ENABLE_DEBUG_LOGGING "log execution with debug trace"
${DEBUG_LOGGING_DEFAULT})
add_feature_info(Logging ENABLE_DEBUG_LOGGING
"Logging of execution with debug trace")
if(ENABLE_DEBUG_LOGGING)
target_compile_definitions(libssh2 PRIVATE LIBSSH2DEBUG)
endif()
## Platform checks
check_include_files(unistd.h HAVE_UNISTD_H)
check_include_files(inttypes.h HAVE_INTTYPES_H)
check_include_files(stdlib.h HAVE_STDLIB_H)
check_include_files(sys/select.h HAVE_SYS_SELECT_H)
check_include_files(sys/uio.h HAVE_SYS_UIO_H)
check_include_files(sys/socket.h HAVE_SYS_SOCKET_H)
check_include_files(sys/ioctl.h HAVE_SYS_IOCTL_H)
check_include_files(sys/time.h HAVE_SYS_TIME_H)
check_include_files(sys/un.h HAVE_SYS_UN_H)
check_include_files(windows.h HAVE_WINDOWS_H)
check_include_files(ws2tcpip.h HAVE_WS2TCPIP_H)
check_include_files(winsock2.h HAVE_WINSOCK2_H)
check_type_size("long long" LONGLONG)
if(HAVE_SYS_TIME_H)
check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY)
else()
check_function_exists(gettimeofday HAVE_GETTIMEOFDAY)
endif()
if(HAVE_STDLIB_H)
check_symbol_exists(strtoll stdlib.h HAVE_STRTOLL)
else()
check_function_exists(strtoll HAVE_STRTOLL)
endif()
if (NOT HAVE_STRTOLL)
# Try _strtoi64 if strtoll isn't available
check_symbol_exists(_strtoi64 stdlib.h HAVE_STRTOI64)
endif()
check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF)
check_symbol_exists(memset_s string.h HAVE_MEMSET_S)
if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" OR
${CMAKE_SYSTEM_NAME} STREQUAL "Interix")
# poll() does not work on these platforms
#
# Interix: "does provide poll(), but the implementing developer must
# have been in a bad mood, because poll() only works on the /proc
# filesystem here"
#
# Mac OS X's poll has funny behaviors, like:
# not being able to do poll on no filedescriptors (10.3?)
# not being able to poll on some files (like anything in /dev)
# not having reliable timeout support
# inconsistent return of POLLHUP where other implementations give POLLIN
message("poll use is disabled on this platform")
else()
check_function_exists(poll HAVE_POLL)
endif()
append_needed_socket_libraries(LIBRARIES)
# Non-blocking socket support tests. Must be after library tests to
# link correctly
set(SAVE_CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES})
set(CMAKE_REQUIRED_LIBRARIES ${LIBRARIES})
check_nonblocking_socket_support()
set(CMAKE_REQUIRED_LIBRARIES ${SAVE_CMAKE_REQUIRED_LIBRARIES})
configure_file(
${CMAKE_CURRENT_SOURCE_DIR}/libssh2_config_cmake.h.in
${CMAKE_CURRENT_BINARY_DIR}/libssh2_config.h)
# to find generated header
target_include_directories(libssh2 PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
# Check for the OS.
# Daniel's note: this should not be necessary and we need to work to
# get this removed.
if(${CMAKE_SYSTEM_NAME} STREQUAL "Windows")
target_compile_definitions(libssh2 PRIVATE LIBSSH2_WIN32)
elseif(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin")
target_compile_definitions(libssh2 PRIVATE LIBSSH2_DARWIN)
endif()
list(APPEND libssh2_INCLUDE_DIRS ${CMAKE_CURRENT_BINARY_DIR})
if(MSVC)
set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Zi /Od")
set(CMAKE_SHARED_LINKER_FLAGS_DEBUG "${CMAKE_SHARED_LINKER_FLAGS_DEBUG} /DEBUG")
endif()
if(CMAKE_VERSION VERSION_LESS "2.8.12")
# Fall back to over-linking dependencies
target_link_libraries(libssh2 ${LIBRARIES})
else()
target_link_libraries(libssh2 PRIVATE ${LIBRARIES})
## Sources
include(GNUInstallDirs)
transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
# Get 'CSOURCES' and 'HHEADERS' variables
include(${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake)
set(SOURCES ${CSOURCES} ${HHEADERS})
## Library definition
# Ensure that the static library and import library filenames are different,
# when building both static and shared library. On Windows, with certain
# toolchains (e.g. MSVC) these libraries get the same by default, overwriting
# each other. MinGW is not affected.
if(WIN32 AND BUILD_STATIC_LIBS AND BUILD_SHARED_LIBS AND
NOT STATIC_LIB_SUFFIX AND NOT IMPORT_LIB_SUFFIX AND
CMAKE_STATIC_LIBRARY_SUFFIX STREQUAL CMAKE_IMPORT_LIBRARY_SUFFIX)
set(STATIC_LIB_SUFFIX "_static")
endif()
# we want it to be called libssh2 on all platforms
if(BUILD_STATIC_LIBS)
list(APPEND libssh2_export ${LIB_STATIC})
add_library(${LIB_STATIC} STATIC ${SOURCES})
target_compile_definitions(${LIB_STATIC} PRIVATE ${PRIVATE_COMPILE_DEFINITIONS} ${libssh2_DEFINITIONS})
target_link_libraries(${LIB_STATIC} PRIVATE ${LIBRARIES})
set_target_properties(${LIB_STATIC} PROPERTIES PREFIX "" OUTPUT_NAME "libssh2")
set_target_properties(${LIB_STATIC} PROPERTIES SUFFIX "${STATIC_LIB_SUFFIX}${CMAKE_STATIC_LIBRARY_SUFFIX}")
target_include_directories(${LIB_STATIC}
PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${libssh2_INCLUDE_DIRS} ${PRIVATE_INCLUDE_DIRECTORIES}
PUBLIC
$<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>)
endif()
if(BUILD_SHARED_LIBS)
list(APPEND libssh2_export ${LIB_SHARED})
add_library(${LIB_SHARED} SHARED ${SOURCES})
if(WIN32)
set_property(TARGET ${LIB_SHARED} APPEND PROPERTY SOURCES libssh2.rc)
endif()
target_compile_definitions(${LIB_SHARED} PRIVATE ${PRIVATE_COMPILE_DEFINITIONS} ${libssh2_DEFINITIONS} ${LIB_SHARED_DEFINITIONS})
target_compile_options(${LIB_SHARED} PRIVATE ${LIB_SHARED_C_FLAGS})
target_link_libraries(${LIB_SHARED} PRIVATE ${LIBRARIES})
set_target_properties(${LIB_SHARED} PROPERTIES PREFIX "" IMPORT_PREFIX "" OUTPUT_NAME "libssh2")
set_target_properties(${LIB_SHARED} PROPERTIES IMPORT_SUFFIX "${IMPORT_LIB_SUFFIX}${CMAKE_IMPORT_LIBRARY_SUFFIX}")
set_target_properties(${LIB_SHARED} PROPERTIES POSITION_INDEPENDENT_CODE ON)
target_include_directories(${LIB_SHARED}
PRIVATE "${PROJECT_SOURCE_DIR}/include/" ${libssh2_INCLUDE_DIRS} ${PRIVATE_INCLUDE_DIRECTORIES}
PUBLIC
$<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>)
endif()
## Installation
@@ -380,14 +139,21 @@ install(FILES
${PROJECT_SOURCE_DIR}/include/libssh2_sftp.h
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
install(TARGETS libssh2
if(BUILD_STATIC_LIBS)
install(TARGETS ${LIB_STATIC}
EXPORT Libssh2Config
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR})
endif()
if(BUILD_SHARED_LIBS)
install(TARGETS ${LIB_SHARED}
EXPORT Libssh2Config
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR})
if(BUILD_SHARED_LIBS)
list(APPEND _RUNTIME_DEPENDENCIES $<TARGET_FILE:libssh2>)
list(APPEND _RUNTIME_DEPENDENCIES $<TARGET_FILE:${LIB_SHARED}>)
endif()
set(RUNTIME_DEPENDENCIES ${_RUNTIME_DEPENDENCIES} CACHE INTERNAL
@@ -402,7 +168,7 @@ install(EXPORT Libssh2Config
## During build, register directly from build tree
# create Libssh2Config.cmake
export(TARGETS libssh2 NAMESPACE Libssh2:: FILE Libssh2Config.cmake)
export(TARGETS ${libssh2_export} NAMESPACE Libssh2:: FILE Libssh2Config.cmake)
export(PACKAGE Libssh2) # register it
## Export a .pc file for client projects not using CMaek
@@ -412,16 +178,32 @@ endif()
if(PC_LIBS)
string(REPLACE ";" " " PC_LIBS "${PC_LIBS}")
endif()
configure_file(libssh2.pc.in libssh2.pc @ONLY)
set(LIBSSH2VER ${LIBSSH2_VERSION})
set(LIBSREQUIRED ${PC_REQUIRES_PRIVATE})
set(LIBS ${PC_LIBS})
set(prefix ${CMAKE_INSTALL_PREFIX})
set(exec_prefix "\${prefix}")
set(libdir "\${prefix}/${CMAKE_INSTALL_LIBDIR}")
set(includedir "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}")
configure_file(${CMAKE_SOURCE_DIR}/libssh2.pc.in libssh2.pc @ONLY)
install(
FILES ${CMAKE_CURRENT_BINARY_DIR}/libssh2.pc
DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
## Versioning
set_target_properties(libssh2 PROPERTIES
SOVERSION 1
VERSION 1.0.1)
set(LIBSSH2_SOVERSION 1)
set(LIBSSH2_VERSION 1.0.1)
if(BUILD_STATIC_LIBS)
set_target_properties(${LIB_STATIC} PROPERTIES
SOVERSION ${LIBSSH2_SOVERSION}
VERSION ${LIBSSH2_VERSION})
endif()
if(BUILD_SHARED_LIBS)
set_target_properties(${LIB_SHARED} PROPERTIES
SOVERSION ${LIBSSH2_SOVERSION}
VERSION ${LIBSSH2_VERSION})
endif()
include(CMakePackageConfigHelpers)
write_basic_package_version_file(

34
libssh2/src/Makefile.am
View File

@@ -1,34 +1,21 @@
# $Id: Makefile.am,v 1.21 2009/05/07 17:21:56 bagder Exp $
AUTOMAKE_OPTIONS = foreign nostdinc
# Get the CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS defines
if OPENSSL
include ../Makefile.OpenSSL.inc
endif
if LIBGCRYPT
include ../Makefile.libgcrypt.inc
endif
if WINCNG
include ../Makefile.WinCNG.inc
endif
if MBEDTLS
include ../Makefile.mbedTLS.inc
endif
# Makefile.inc provides the CSOURCES and HHEADERS defines
include ../Makefile.inc
# Get the CSOURCES, HHEADERS and EXTRA_DIST defines
include Makefile.inc
libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS)
if HAVE_WINDRES
libssh2_la_SOURCES += libssh2.rc
endif
EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in libssh2.pc.in
EXTRA_DIST += CMakeLists.txt NMakefile
EXTRA_DIST += libssh2_config.h.in libssh2_config_cmake.h.in CMakeLists.txt
lib_LTLIBRARIES = libssh2.la
# srcdir/include for the shipped headers
# builddir/src for the generated config header when building out of the source
# tree
AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src
AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/include
VERSION=-version-info 1:1:0
@@ -62,4 +49,9 @@ VERSION=-version-info 1:1:0
libssh2_la_LDFLAGS = $(VERSION) -no-undefined \
-export-symbols-regex '^libssh2_.*' \
$(CRYPTO_LTLIBS) $(LTLIBZ)
$(LTLIBZ)
if HAVE_WINDRES
.rc.lo:
$(LIBTOOL) --tag=RC --mode=compile $(RC) -I$(top_srcdir)/include $(RCFLAGS) -i $< -o $@
endif

189
libssh2/src/Makefile.in
View File

@@ -1,4 +1,4 @@
# Makefile.in generated by automake 1.16.4 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
@@ -88,6 +88,7 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
@HAVE_WINDRES_TRUE@am__append_1 = libssh2.rc
subdir = src
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \
@@ -133,27 +134,23 @@ am__uninstall_files_from_dir = { \
am__installdirs = "$(DESTDIR)$(libdir)"
LTLIBRARIES = $(lib_LTLIBRARIES)
libssh2_la_LIBADD =
am__libssh2_la_SOURCES_DIST = channel.c comp.c crypt.c hostkey.c kex.c \
mac.c misc.c packet.c publickey.c scp.c session.c sftp.c \
userauth.c transport.c version.c knownhost.c agent.c \
libgcrypt.c mbedtls.c openssl.c wincng.c pem.c keepalive.c \
global.c blowfish.c bcrypt_pbkdf.c agent_win.c libssh2_priv.h \
libgcrypt.h mbedtls.h openssl.h wincng.h transport.h channel.h \
comp.h mac.h misc.h packet.h userauth.h session.h sftp.h \
crypto.h blf.h agent.h
@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_FALSE@@WINCNG_TRUE@am__objects_1 = wincng.lo
@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_TRUE@am__objects_1 = \
@LIBGCRYPT_FALSE@@MBEDTLS_FALSE@@OPENSSL_TRUE@ openssl.lo
@LIBGCRYPT_FALSE@@MBEDTLS_TRUE@am__objects_1 = mbedtls.lo
@LIBGCRYPT_TRUE@am__objects_1 = libgcrypt.lo
am__objects_2 = channel.lo comp.lo crypt.lo hostkey.lo kex.lo mac.lo \
misc.lo packet.lo publickey.lo scp.lo session.lo sftp.lo \
userauth.lo transport.lo version.lo knownhost.lo agent.lo \
$(am__objects_1) pem.lo keepalive.lo global.lo blowfish.lo \
bcrypt_pbkdf.lo agent_win.lo
am__objects_3 =
am__objects_4 = $(am__objects_3)
am_libssh2_la_OBJECTS = $(am__objects_2) $(am__objects_4)
am__libssh2_la_SOURCES_DIST = agent.c bcrypt_pbkdf.c channel.c comp.c \
crypt.c crypto.c global.c hostkey.c keepalive.c kex.c \
knownhost.c mac.c misc.c packet.c pem.c publickey.c scp.c \
session.c sftp.c transport.c userauth.c userauth_kbd_packet.c \
version.c channel.h comp.h crypto.h libgcrypt.h libssh2_priv.h \
libssh2_setup.h mac.h mbedtls.h misc.h openssl.h os400qc3.h \
packet.h session.h sftp.h transport.h userauth.h \
userauth_kbd_packet.h wincng.h libssh2.rc
am__objects_1 = agent.lo bcrypt_pbkdf.lo channel.lo comp.lo crypt.lo \
crypto.lo global.lo hostkey.lo keepalive.lo kex.lo \
knownhost.lo mac.lo misc.lo packet.lo pem.lo publickey.lo \
scp.lo session.lo sftp.lo transport.lo userauth.lo \
userauth_kbd_packet.lo version.lo
am__objects_2 =
@HAVE_WINDRES_TRUE@am__objects_3 = libssh2.lo
am_libssh2_la_OBJECTS = $(am__objects_1) $(am__objects_2) \
$(am__objects_3)
libssh2_la_OBJECTS = $(am_libssh2_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
@@ -177,20 +174,18 @@ am__v_at_1 =
DEFAULT_INCLUDES =
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/agent.Plo ./$(DEPDIR)/agent_win.Plo \
./$(DEPDIR)/bcrypt_pbkdf.Plo ./$(DEPDIR)/blowfish.Plo \
./$(DEPDIR)/channel.Plo ./$(DEPDIR)/comp.Plo \
./$(DEPDIR)/crypt.Plo ./$(DEPDIR)/global.Plo \
am__depfiles_remade = ./$(DEPDIR)/agent.Plo \
./$(DEPDIR)/bcrypt_pbkdf.Plo ./$(DEPDIR)/channel.Plo \
./$(DEPDIR)/comp.Plo ./$(DEPDIR)/crypt.Plo \
./$(DEPDIR)/crypto.Plo ./$(DEPDIR)/global.Plo \
./$(DEPDIR)/hostkey.Plo ./$(DEPDIR)/keepalive.Plo \
./$(DEPDIR)/kex.Plo ./$(DEPDIR)/knownhost.Plo \
./$(DEPDIR)/libgcrypt.Plo ./$(DEPDIR)/mac.Plo \
./$(DEPDIR)/mbedtls.Plo ./$(DEPDIR)/misc.Plo \
./$(DEPDIR)/openssl.Plo ./$(DEPDIR)/packet.Plo \
./$(DEPDIR)/pem.Plo ./$(DEPDIR)/publickey.Plo \
./$(DEPDIR)/scp.Plo ./$(DEPDIR)/session.Plo \
./$(DEPDIR)/sftp.Plo ./$(DEPDIR)/transport.Plo \
./$(DEPDIR)/userauth.Plo ./$(DEPDIR)/version.Plo \
./$(DEPDIR)/wincng.Plo
./$(DEPDIR)/mac.Plo ./$(DEPDIR)/misc.Plo \
./$(DEPDIR)/packet.Plo ./$(DEPDIR)/pem.Plo \
./$(DEPDIR)/publickey.Plo ./$(DEPDIR)/scp.Plo \
./$(DEPDIR)/session.Plo ./$(DEPDIR)/sftp.Plo \
./$(DEPDIR)/transport.Plo ./$(DEPDIR)/userauth.Plo \
./$(DEPDIR)/userauth_kbd_packet.Plo ./$(DEPDIR)/version.Plo
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -235,10 +230,7 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
am__DIST_COMMON = $(srcdir)/../Makefile.OpenSSL.inc \
$(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.inc \
$(srcdir)/../Makefile.libgcrypt.inc \
$(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/Makefile.in \
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.inc \
$(srcdir)/libssh2_config.h.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
@@ -275,12 +267,13 @@ EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
FILECMD = @FILECMD@
GREP = @GREP@
HAVE_LIBBCRYPT = @HAVE_LIBBCRYPT@
HAVE_LIBCRYPT32 = @HAVE_LIBCRYPT32@
HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@
HAVE_LIBMBEDCRYPTO = @HAVE_LIBMBEDCRYPTO@
HAVE_LIBSSL = @HAVE_LIBSSL@
HAVE_LIBWOLFSSL = @HAVE_LIBWOLFSSL@
HAVE_LIBZ = @HAVE_LIBZ@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -291,8 +284,6 @@ LD = @LD@
LDFLAGS = @LDFLAGS@
LIBBCRYPT = @LIBBCRYPT@
LIBBCRYPT_PREFIX = @LIBBCRYPT_PREFIX@
LIBCRYPT32 = @LIBCRYPT32@
LIBCRYPT32_PREFIX = @LIBCRYPT32_PREFIX@
LIBGCRYPT = @LIBGCRYPT@
LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@
LIBMBEDCRYPTO = @LIBMBEDCRYPTO@
@@ -304,17 +295,19 @@ LIBSSH2VER = @LIBSSH2VER@
LIBSSL = @LIBSSL@
LIBSSL_PREFIX = @LIBSSL_PREFIX@
LIBTOOL = @LIBTOOL@
LIBWOLFSSL = @LIBWOLFSSL@
LIBWOLFSSL_PREFIX = @LIBWOLFSSL_PREFIX@
LIBZ = @LIBZ@
LIBZ_PREFIX = @LIBZ_PREFIX@
LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBBCRYPT = @LTLIBBCRYPT@
LTLIBCRYPT32 = @LTLIBCRYPT32@
LTLIBGCRYPT = @LTLIBGCRYPT@
LTLIBMBEDCRYPTO = @LTLIBMBEDCRYPTO@
LTLIBOBJS = @LTLIBOBJS@
LTLIBSSL = @LTLIBSSL@
LTLIBWOLFSSL = @LTLIBWOLFSSL@
LTLIBZ = @LTLIBZ@
LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAINT = @MAINT@
@@ -336,6 +329,7 @@ PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
RC = @RC@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -396,42 +390,64 @@ target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
# $Id: Makefile.am,v 1.21 2009/05/07 17:21:56 bagder Exp $
AUTOMAKE_OPTIONS = foreign nostdinc
@LIBGCRYPT_TRUE@CRYPTO_CSOURCES = libgcrypt.c
@MBEDTLS_TRUE@CRYPTO_CSOURCES = mbedtls.c
@OPENSSL_TRUE@CRYPTO_CSOURCES = openssl.c
@WINCNG_TRUE@CRYPTO_CSOURCES = wincng.c
@LIBGCRYPT_TRUE@CRYPTO_HHEADERS = libgcrypt.h
@MBEDTLS_TRUE@CRYPTO_HHEADERS = mbedtls.h
@OPENSSL_TRUE@CRYPTO_HHEADERS = openssl.h
@WINCNG_TRUE@CRYPTO_HHEADERS = wincng.h
@LIBGCRYPT_TRUE@CRYPTO_LTLIBS = $(LTLIBGCRYPT)
@MBEDTLS_TRUE@CRYPTO_LTLIBS = $(LTLIBMBEDCRYPTO)
@OPENSSL_TRUE@CRYPTO_LTLIBS = $(LTLIBSSL)
@WINCNG_TRUE@CRYPTO_LTLIBS = $(LTLIBBCRYPT) $(LTLIBCRYPT32)
CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \
packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \
version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \
blowfish.c bcrypt_pbkdf.c agent_win.c
CSOURCES = \
agent.c \
bcrypt_pbkdf.c \
channel.c \
comp.c \
crypt.c \
crypto.c \
global.c \
hostkey.c \
keepalive.c \
kex.c \
knownhost.c \
mac.c \
misc.c \
packet.c \
pem.c \
publickey.c \
scp.c \
session.c \
sftp.c \
transport.c \
userauth.c \
userauth_kbd_packet.c \
version.c
HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \
mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h
HHEADERS = \
channel.h \
comp.h \
crypto.h \
libgcrypt.h \
libssh2_priv.h \
libssh2_setup.h \
mac.h \
mbedtls.h \
misc.h \
openssl.h \
os400qc3.h \
packet.h \
session.h \
sftp.h \
transport.h \
userauth.h \
userauth_kbd_packet.h \
wincng.h
EXTRA_DIST = agent_win.c blowfish.c libgcrypt.c mbedtls.c openssl.c \
os400qc3.c wincng.c libssh2_config.h.in \
libssh2_config_cmake.h.in CMakeLists.txt
# Get the CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS defines
# Makefile.inc provides the CSOURCES and HHEADERS defines
libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS)
EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in \
libssh2.pc.in CMakeLists.txt NMakefile
# Get the CSOURCES, HHEADERS and EXTRA_DIST defines
libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS) $(am__append_1)
lib_LTLIBRARIES = libssh2.la
# srcdir/include for the shipped headers
# builddir/src for the generated config header when building out of the source
# tree
AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src
AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/include
# This flag accepts an argument of the form current[:revision[:age]]. So,
# passing -version-info 3:12:1 sets current to 3, revision to 12, and age to
@@ -462,14 +478,14 @@ AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/src
#
libssh2_la_LDFLAGS = $(VERSION) -no-undefined \
-export-symbols-regex '^libssh2_.*' \
$(CRYPTO_LTLIBS) $(LTLIBZ)
$(LTLIBZ)
all: libssh2_config.h
$(MAKE) $(AM_MAKEFLAGS) all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__configure_deps)
.SUFFIXES: .c .lo .o .obj .rc
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/Makefile.inc $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@@ -489,7 +505,7 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__empty):
$(srcdir)/Makefile.inc $(am__empty):
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
@@ -560,22 +576,18 @@ distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent_win.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bcrypt_pbkdf.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blowfish.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ # am--include-marker
@@ -584,8 +596,8 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth_kbd_packet.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ # am--include-marker
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@@ -748,22 +760,18 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
distclean: distclean-am
-rm -f ./$(DEPDIR)/agent.Plo
-rm -f ./$(DEPDIR)/agent_win.Plo
-rm -f ./$(DEPDIR)/bcrypt_pbkdf.Plo
-rm -f ./$(DEPDIR)/blowfish.Plo
-rm -f ./$(DEPDIR)/channel.Plo
-rm -f ./$(DEPDIR)/comp.Plo
-rm -f ./$(DEPDIR)/crypt.Plo
-rm -f ./$(DEPDIR)/crypto.Plo
-rm -f ./$(DEPDIR)/global.Plo
-rm -f ./$(DEPDIR)/hostkey.Plo
-rm -f ./$(DEPDIR)/keepalive.Plo
-rm -f ./$(DEPDIR)/kex.Plo
-rm -f ./$(DEPDIR)/knownhost.Plo
-rm -f ./$(DEPDIR)/libgcrypt.Plo
-rm -f ./$(DEPDIR)/mac.Plo
-rm -f ./$(DEPDIR)/mbedtls.Plo
-rm -f ./$(DEPDIR)/misc.Plo
-rm -f ./$(DEPDIR)/openssl.Plo
-rm -f ./$(DEPDIR)/packet.Plo
-rm -f ./$(DEPDIR)/pem.Plo
-rm -f ./$(DEPDIR)/publickey.Plo
@@ -772,8 +780,8 @@ distclean: distclean-am
-rm -f ./$(DEPDIR)/sftp.Plo
-rm -f ./$(DEPDIR)/transport.Plo
-rm -f ./$(DEPDIR)/userauth.Plo
-rm -f ./$(DEPDIR)/userauth_kbd_packet.Plo
-rm -f ./$(DEPDIR)/version.Plo
-rm -f ./$(DEPDIR)/wincng.Plo
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-hdr distclean-tags
@@ -820,22 +828,18 @@ installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/agent.Plo
-rm -f ./$(DEPDIR)/agent_win.Plo
-rm -f ./$(DEPDIR)/bcrypt_pbkdf.Plo
-rm -f ./$(DEPDIR)/blowfish.Plo
-rm -f ./$(DEPDIR)/channel.Plo
-rm -f ./$(DEPDIR)/comp.Plo
-rm -f ./$(DEPDIR)/crypt.Plo
-rm -f ./$(DEPDIR)/crypto.Plo
-rm -f ./$(DEPDIR)/global.Plo
-rm -f ./$(DEPDIR)/hostkey.Plo
-rm -f ./$(DEPDIR)/keepalive.Plo
-rm -f ./$(DEPDIR)/kex.Plo
-rm -f ./$(DEPDIR)/knownhost.Plo
-rm -f ./$(DEPDIR)/libgcrypt.Plo
-rm -f ./$(DEPDIR)/mac.Plo
-rm -f ./$(DEPDIR)/mbedtls.Plo
-rm -f ./$(DEPDIR)/misc.Plo
-rm -f ./$(DEPDIR)/openssl.Plo
-rm -f ./$(DEPDIR)/packet.Plo
-rm -f ./$(DEPDIR)/pem.Plo
-rm -f ./$(DEPDIR)/publickey.Plo
@@ -844,8 +848,8 @@ maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/sftp.Plo
-rm -f ./$(DEPDIR)/transport.Plo
-rm -f ./$(DEPDIR)/userauth.Plo
-rm -f ./$(DEPDIR)/userauth_kbd_packet.Plo
-rm -f ./$(DEPDIR)/version.Plo
-rm -f ./$(DEPDIR)/wincng.Plo
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -884,6 +888,9 @@ uninstall-am: uninstall-libLTLIBRARIES
.PRECIOUS: Makefile
@HAVE_WINDRES_TRUE@.rc.lo:
@HAVE_WINDRES_TRUE@ $(LIBTOOL) --tag=RC --mode=compile $(RC) -I$(top_srcdir)/include $(RCFLAGS) -i $< -o $@
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

53
libssh2/src/Makefile.inc Normal file
View File

@@ -0,0 +1,53 @@
CSOURCES = \
agent.c \
bcrypt_pbkdf.c \
channel.c \
comp.c \
crypt.c \
crypto.c \
global.c \
hostkey.c \
keepalive.c \
kex.c \
knownhost.c \
mac.c \
misc.c \
packet.c \
pem.c \
publickey.c \
scp.c \
session.c \
sftp.c \
transport.c \
userauth.c \
userauth_kbd_packet.c \
version.c
HHEADERS = \
channel.h \
comp.h \
crypto.h \
libgcrypt.h \
libssh2_priv.h \
libssh2_setup.h \
mac.h \
mbedtls.h \
misc.h \
openssl.h \
os400qc3.h \
packet.h \
session.h \
sftp.h \
transport.h \
userauth.h \
userauth_kbd_packet.h \
wincng.h
EXTRA_DIST = \
agent_win.c \
blowfish.c \
libgcrypt.c \
mbedtls.c \
openssl.c \
os400qc3.c \
wincng.c

273
libssh2/src/agent.c
View File

@@ -1,6 +1,6 @@
/*
* Copyright (c) 2009 by Daiki Ueno
* Copyright (C) 2010-2014 by Daniel Stenberg
* Copyright (C) 2010-2021 by Daniel Stenberg
* All rights reserved.
*
* Redistribution and use in source and binary forms,
@@ -38,9 +38,10 @@
*/
#include "libssh2_priv.h"
#include "agent.h"
#include "misc.h"
#include <errno.h>
#include <stdlib.h> /* for getenv() */
#ifdef HAVE_SYS_UN_H
#include <sys/un.h>
#else
@@ -49,11 +50,13 @@
support them. */
#undef PF_UNIX
#endif
#if defined(WIN32) && !defined(LIBSSH2_WINDOWS_UWP)
#define HAVE_WIN32_AGENTS
#endif
#include "userauth.h"
#include "session.h"
#ifdef WIN32
#include <stdlib.h>
#endif
/* Requests from client to agent for protocol 1 key operations */
#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
@@ -94,6 +97,71 @@
#define SSH_AGENT_CONSTRAIN_LIFETIME 1
#define SSH_AGENT_CONSTRAIN_CONFIRM 2
/* Signature request methods */
#define SSH_AGENT_RSA_SHA2_256 2
#define SSH_AGENT_RSA_SHA2_512 4
/* non-blocking mode on agent connection is not yet implemented, but
for future use. */
typedef enum {
agent_NB_state_init = 0,
agent_NB_state_request_created,
agent_NB_state_request_length_sent,
agent_NB_state_request_sent,
agent_NB_state_response_length_received,
agent_NB_state_response_received
} agent_nonblocking_states;
typedef struct agent_transaction_ctx {
unsigned char *request;
size_t request_len;
unsigned char *response;
size_t response_len;
agent_nonblocking_states state;
size_t send_recv_total;
} *agent_transaction_ctx_t;
typedef int (*agent_connect_func)(LIBSSH2_AGENT *agent);
typedef int (*agent_transact_func)(LIBSSH2_AGENT *agent,
agent_transaction_ctx_t transctx);
typedef int (*agent_disconnect_func)(LIBSSH2_AGENT *agent);
struct agent_publickey {
struct list_node node;
/* this is the struct we expose externally */
struct libssh2_agent_publickey external;
};
struct agent_ops {
const agent_connect_func connect;
const agent_transact_func transact;
const agent_disconnect_func disconnect;
};
struct _LIBSSH2_AGENT
{
LIBSSH2_SESSION *session; /* the session this "belongs to" */
libssh2_socket_t fd;
struct agent_ops *ops;
struct agent_transaction_ctx transctx;
struct agent_publickey *identity;
struct list_head head; /* list of public keys */
char *identity_agent_path; /* Path to a custom identity agent socket */
#ifdef HAVE_WIN32_AGENTS
OVERLAPPED overlapped;
HANDLE pipe;
BOOL pending_io;
#endif
};
#include "agent_win.c"
#ifdef PF_UNIX
static int
agent_connect_unix(LIBSSH2_AGENT *agent)
@@ -115,10 +183,10 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
"failed creating socket");
s_un.sun_family = AF_UNIX;
strncpy(s_un.sun_path, path, sizeof s_un.sun_path);
strncpy(s_un.sun_path, path, sizeof(s_un.sun_path));
s_un.sun_path[sizeof(s_un.sun_path)-1] = 0; /* make sure there's a trailing
zero */
if(connect(agent->fd, (struct sockaddr*)(&s_un), sizeof s_un) != 0) {
if(connect(agent->fd, (struct sockaddr*)(&s_un), sizeof(s_un)) != 0) {
close(agent->fd);
return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL,
"failed connecting with agent");
@@ -128,10 +196,11 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
}
#define RECV_SEND_ALL(func, socket, buffer, length, flags, abstract) \
int rc; \
do { \
size_t finished = 0; \
\
while(finished < length) { \
ssize_t rc; \
rc = func(socket, \
(char *)buffer + finished, length - finished, \
flags, abstract); \
@@ -141,7 +210,8 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
finished += rc; \
} \
\
return finished;
return finished; \
} while(0)
static ssize_t _send_all(LIBSSH2_SEND_FUNC(func), libssh2_socket_t socket,
const void *buffer, size_t length,
@@ -167,9 +237,10 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Send the length of the request */
if(transctx->state == agent_NB_state_request_created) {
_libssh2_htonu32(buf, transctx->request_len);
rc = _send_all(agent->session->send, agent->fd,
buf, sizeof buf, 0, &agent->session->abstract);
_libssh2_htonu32(buf, (uint32_t)transctx->request_len);
rc = (int)_send_all(agent->session->send, agent->fd,
buf, sizeof(buf), 0,
&agent->session->abstract);
if(rc == -EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
else if(rc < 0)
@@ -180,8 +251,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Send the request body */
if(transctx->state == agent_NB_state_request_length_sent) {
rc = _send_all(agent->session->send, agent->fd, transctx->request,
transctx->request_len, 0, &agent->session->abstract);
rc = (int)_send_all(agent->session->send, agent->fd,
transctx->request, transctx->request_len, 0,
&agent->session->abstract);
if(rc == -EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
else if(rc < 0)
@@ -192,8 +264,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Receive the length of a response */
if(transctx->state == agent_NB_state_request_sent) {
rc = _recv_all(agent->session->recv, agent->fd,
buf, sizeof buf, 0, &agent->session->abstract);
rc = (int)_recv_all(agent->session->recv, agent->fd,
buf, sizeof(buf), 0,
&agent->session->abstract);
if(rc < 0) {
if(rc == -EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
@@ -211,8 +284,9 @@ agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Receive the response body */
if(transctx->state == agent_NB_state_response_length_received) {
rc = _recv_all(agent->session->recv, agent->fd, transctx->response,
transctx->response_len, 0, &agent->session->abstract);
rc = (int)_recv_all(agent->session->recv, agent->fd,
transctx->response, transctx->response_len, 0,
&agent->session->abstract);
if(rc < 0) {
if(rc == -EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
@@ -238,14 +312,14 @@ agent_disconnect_unix(LIBSSH2_AGENT *agent)
return LIBSSH2_ERROR_NONE;
}
struct agent_ops agent_ops_unix = {
static struct agent_ops agent_ops_unix = {
agent_connect_unix,
agent_transact_unix,
agent_disconnect_unix
};
#endif /* PF_UNIX */
#ifdef WIN32
#ifdef HAVE_WIN32_AGENTS
/* Code to talk to Pageant was taken from PuTTY.
*
* Portions copyright Robert de Bath, Joris van Rantwijk, Delian
@@ -276,7 +350,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
HANDLE filemap;
unsigned char *p;
unsigned char *p2;
int id;
LRESULT id;
COPYDATASTRUCT cds;
if(!transctx || 4 + transctx->request_len > PAGEANT_MAX_MSGLEN)
@@ -289,16 +363,16 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
"found no pageant");
snprintf(mapname, sizeof(mapname),
"PageantRequest%08x%c", (unsigned)GetCurrentThreadId(), '\0');
"PageantRequest%08x", (unsigned)GetCurrentThreadId());
filemap = CreateFileMappingA(INVALID_HANDLE_VALUE, NULL, PAGE_READWRITE,
0, PAGEANT_MAX_MSGLEN, mapname);
if(filemap == NULL || filemap == INVALID_HANDLE_VALUE)
if(!filemap || filemap == INVALID_HANDLE_VALUE)
return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL,
"failed setting up pageant filemap");
p2 = p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0);
if(p == NULL || p2 == NULL) {
if(!p || !p2) {
CloseHandle(filemap);
return _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL,
"failed to open pageant filemap for writing");
@@ -308,7 +382,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
transctx->request_len);
cds.dwData = PAGEANT_COPYDATA_ID;
cds.cbData = 1 + strlen(mapname);
cds.cbData = (DWORD)(1 + strlen(mapname));
cds.lpData = mapname;
id = SendMessage(hwnd, WM_COPYDATA, (WPARAM) NULL, (LPARAM) &cds);
@@ -343,21 +417,21 @@ agent_disconnect_pageant(LIBSSH2_AGENT *agent)
return 0;
}
struct agent_ops agent_ops_pageant = {
static struct agent_ops agent_ops_pageant = {
agent_connect_pageant,
agent_transact_pageant,
agent_disconnect_pageant
};
#endif /* WIN32 */
#endif /* HAVE_WIN32_AGENTS */
static struct {
const char *name;
struct agent_ops *ops;
} supported_backends[] = {
#ifdef WIN32
#ifdef HAVE_WIN32_AGENTS
{"Pageant", &agent_ops_pageant},
{"OpenSSH", &agent_ops_openssh},
#endif /* WIN32 */
#endif /* HAVE_WIN32_AGENTS */
#ifdef PF_UNIX
{"Unix", &agent_ops_unix},
#endif /* PF_UNIX */
@@ -375,6 +449,9 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
ssize_t method_len;
unsigned char *s;
int rc;
unsigned char *method_name = NULL;
uint32_t sign_flags = 0;
ssize_t plain_len;
/* Create a request to sign the data */
if(transctx->state == agent_NB_state_init) {
@@ -391,7 +468,18 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
_libssh2_store_str(&s, (const char *)data, data_len);
/* flags */
_libssh2_store_u32(&s, 0);
if(session->userauth_pblc_method_len > 0 &&
session->userauth_pblc_method) {
if(session->userauth_pblc_method_len == 12 &&
!memcmp(session->userauth_pblc_method, "rsa-sha2-512", 12)) {
sign_flags = SSH_AGENT_RSA_SHA2_512;
}
else if(session->userauth_pblc_method_len == 12 &&
!memcmp(session->userauth_pblc_method, "rsa-sha2-256", 12)) {
sign_flags = SSH_AGENT_RSA_SHA2_256;
}
}
_libssh2_store_u32(&s, sign_flags);
transctx->request_len = s - transctx->request;
transctx->send_recv_total = 0;
@@ -449,8 +537,32 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
goto error;
}
/* method name */
method_name = LIBSSH2_ALLOC(session, method_len);
if(!method_name) {
rc = LIBSSH2_ERROR_ALLOC;
goto error;
}
memcpy(method_name, s, method_len);
s += method_len;
plain_len = plain_method((char *)session->userauth_pblc_method,
session->userauth_pblc_method_len);
/* check to see if we match requested */
if(((size_t)method_len != session->userauth_pblc_method_len &&
method_len != plain_len) ||
memcmp(method_name, session->userauth_pblc_method, method_len)) {
_libssh2_debug((session,
LIBSSH2_TRACE_KEX,
"Agent sign method %.*s",
method_len, method_name));
rc = LIBSSH2_ERROR_ALGO_UNSUPPORTED;
goto error;
}
/* Read the signature */
len -= 4;
if(len < 0) {
@@ -472,13 +584,19 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
}
memcpy(*sig, s, *sig_len);
error:
error:
if(method_name)
LIBSSH2_FREE(session, method_name);
LIBSSH2_FREE(session, transctx->request);
transctx->request = NULL;
LIBSSH2_FREE(session, transctx->response);
transctx->response = NULL;
transctx->state = agent_NB_state_init;
return _libssh2_error(session, rc, "agent sign failure");
}
@@ -541,7 +659,7 @@ agent_list_identities(LIBSSH2_AGENT *agent)
while(num_identities--) {
struct agent_publickey *identity;
ssize_t comment_len;
size_t comment_len;
/* Read the length of the blob */
len -= 4;
@@ -549,7 +667,7 @@ agent_list_identities(LIBSSH2_AGENT *agent)
rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
goto error;
}
identity = LIBSSH2_ALLOC(agent->session, sizeof *identity);
identity = LIBSSH2_ALLOC(agent->session, sizeof(*identity));
if(!identity) {
rc = LIBSSH2_ERROR_ALLOC;
goto error;
@@ -586,14 +704,14 @@ agent_list_identities(LIBSSH2_AGENT *agent)
comment_len = _libssh2_ntohu32(s);
s += 4;
/* Read the comment */
len -= comment_len;
if(len < 0) {
if(comment_len > (size_t)len) {
rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
LIBSSH2_FREE(agent->session, identity->external.blob);
LIBSSH2_FREE(agent->session, identity);
goto error;
}
/* Read the comment */
len -= comment_len;
identity->external.comment = LIBSSH2_ALLOC(agent->session,
comment_len + 1);
@@ -609,7 +727,7 @@ agent_list_identities(LIBSSH2_AGENT *agent)
_libssh2_list_add(&agent->head, &identity->node);
}
error:
error:
LIBSSH2_FREE(agent->session, transctx->response);
transctx->response = NULL;
@@ -634,7 +752,7 @@ agent_free_identities(LIBSSH2_AGENT *agent)
#define AGENT_PUBLICKEY_MAGIC 0x3bdefed2
/*
* agent_publickey_to_external()
* agent_publickey_to_external
*
* Copies data from the internal to the external representation struct.
*
@@ -661,7 +779,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session)
{
LIBSSH2_AGENT *agent;
agent = LIBSSH2_CALLOC(session, sizeof *agent);
agent = LIBSSH2_CALLOC(session, sizeof(*agent));
if(!agent) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate space for agent connection");
@@ -672,7 +790,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session)
agent->identity_agent_path = NULL;
_libssh2_list_init(&agent->head);
#ifdef WIN32
#ifdef HAVE_WIN32_AGENTS
agent->pipe = INVALID_HANDLE_VALUE;
memset(&agent->overlapped, 0, sizeof(OVERLAPPED));
agent->pending_io = FALSE;
@@ -682,7 +800,7 @@ libssh2_agent_init(LIBSSH2_SESSION *session)
}
/*
* libssh2_agent_connect()
* libssh2_agent_connect
*
* Connect to an ssh-agent.
*
@@ -702,7 +820,7 @@ libssh2_agent_connect(LIBSSH2_AGENT *agent)
}
/*
* libssh2_agent_list_identities()
* libssh2_agent_list_identities
*
* Request ssh-agent to list identities.
*
@@ -711,14 +829,14 @@ libssh2_agent_connect(LIBSSH2_AGENT *agent)
LIBSSH2_API int
libssh2_agent_list_identities(LIBSSH2_AGENT *agent)
{
memset(&agent->transctx, 0, sizeof agent->transctx);
memset(&agent->transctx, 0, sizeof(agent->transctx));
/* Abandon the last fetched identities */
agent_free_identities(agent);
return agent_list_identities(agent);
}
/*
* libssh2_agent_get_identity()
* libssh2_agent_get_identity
*
* Traverse the internal list of public keys. Pass NULL to 'prev' to get
* the first one. Or pass a pointer to the previously returned one to get the
@@ -755,7 +873,7 @@ libssh2_agent_get_identity(LIBSSH2_AGENT *agent,
}
/*
* libssh2_agent_userauth()
* libssh2_agent_userauth
*
* Do publickey user authentication with the help of ssh-agent.
*
@@ -770,7 +888,7 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent,
int rc;
if(agent->session->userauth_pblc_state == libssh2_NB_state_idle) {
memset(&agent->transctx, 0, sizeof agent->transctx);
memset(&agent->transctx, 0, sizeof(agent->transctx));
agent->identity = identity->node;
}
@@ -785,7 +903,58 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent,
}
/*
* libssh2_agent_disconnect()
* libssh2_agent_sign
*
* Sign a payload using a system-installed ssh-agent.
*
* Returns 0 if succeeded, or a negative value for error.
*/
LIBSSH2_API int
libssh2_agent_sign(LIBSSH2_AGENT *agent,
struct libssh2_agent_publickey *identity,
unsigned char **sig,
size_t *s_len,
const unsigned char *data,
size_t d_len,
const char *method,
unsigned int method_len)
{
void *abstract = agent;
int rc;
uint32_t methodLen;
if(agent->session->userauth_pblc_state == libssh2_NB_state_idle) {
memset(&agent->transctx, 0, sizeof(agent->transctx));
agent->identity = identity->node;
}
if(identity->blob_len < sizeof(uint32_t)) {
return LIBSSH2_ERROR_BUFFER_TOO_SMALL;
}
methodLen = _libssh2_ntohu32(identity->blob);
if(identity->blob_len < sizeof(uint32_t) + methodLen) {
return LIBSSH2_ERROR_BUFFER_TOO_SMALL;
}
agent->session->userauth_pblc_method_len = method_len;
agent->session->userauth_pblc_method = LIBSSH2_ALLOC(agent->session,
method_len);
memcpy(agent->session->userauth_pblc_method, method, methodLen);
rc = agent_sign(agent->session, sig, s_len, data, d_len, &abstract);
LIBSSH2_FREE(agent->session, agent->session->userauth_pblc_method);
agent->session->userauth_pblc_method = NULL;
agent->session->userauth_pblc_method_len = 0;
return rc;
}
/*
* libssh2_agent_disconnect
*
* Close a connection to an ssh-agent.
*
@@ -800,7 +969,7 @@ libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
}
/*
* libssh2_agent_free()
* libssh2_agent_free
*
* Free an ssh-agent handle. This function also frees the internal
* collection of public keys.
@@ -813,7 +982,7 @@ libssh2_agent_free(LIBSSH2_AGENT *agent)
libssh2_agent_disconnect(agent);
}
if(agent->identity_agent_path != NULL)
if(agent->identity_agent_path)
LIBSSH2_FREE(agent->session, agent->identity_agent_path);
agent_free_identities(agent);
@@ -821,7 +990,7 @@ libssh2_agent_free(LIBSSH2_AGENT *agent)
}
/*
* libssh2_agent_set_identity_path()
* libssh2_agent_set_identity_path
*
* Allows a custom agent socket path beyond SSH_AUTH_SOCK env
*
@@ -846,7 +1015,7 @@ libssh2_agent_set_identity_path(LIBSSH2_AGENT *agent, const char *path)
}
/*
* libssh2_agent_get_identity_path()
* libssh2_agent_get_identity_path
*
* Returns the custom agent socket path if set
*

36
libssh2/src/agent_win.c
View File

@@ -37,30 +37,15 @@
* OF SUCH DAMAGE.
*/
#include "libssh2_priv.h"
#include "agent.h"
#include "misc.h"
#include <errno.h>
#ifdef HAVE_SYS_UN_H
#include <sys/un.h>
#else
/* Use the existence of sys/un.h as a test if Unix domain socket is
supported. winsock*.h define PF_UNIX/AF_UNIX but do not actually
support them. */
#undef PF_UNIX
#endif
#include "userauth.h"
#include "session.h"
#ifdef WIN32
#include <stdlib.h>
#endif
#ifdef HAVE_WIN32_AGENTS /* Compile this via agent.c */
#include <stdlib.h> /* for getenv() */
#ifdef WIN32
/* Code to talk to OpenSSH was taken and modified from the Win32 port of
* Portable OpenSSH by the PowerShell team. Commit
* 8ab565c53f3619d6a1f5ac229e212cad8a52852c of
* https://github.com/PowerShell/openssh-portable.git was used as the base,
* specificaly the following files:
* specifically the following files:
*
* - contrib\win32\win32compat\fileio.c
* - Structure of agent_connect_openssh from ssh_get_authentication_socket
@@ -195,7 +180,7 @@ agent_connect_openssh(LIBSSH2_AGENT *agent)
}
event = CreateEventA(NULL, TRUE, FALSE, NULL);
if(event == NULL) {
if(!event) {
ret = _libssh2_error(agent->session, LIBSSH2_ERROR_AGENT_PROTOCOL,
"unable to create async I/O event");
goto cleanup;
@@ -208,7 +193,7 @@ agent_connect_openssh(LIBSSH2_AGENT *agent)
agent->fd = 0; /* Mark as the connection has been established */
cleanup:
if(event != NULL)
if(event)
CloseHandle(event);
if(pipe != INVALID_HANDLE_VALUE)
CloseHandle(pipe);
@@ -273,7 +258,7 @@ agent_transact_openssh(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Send the length of the request */
if(transctx->state == agent_NB_state_request_created) {
_libssh2_htonu32(buf, (uint32_t)transctx->request_len);
rc = win32_openssh_send_all(agent, buf, sizeof buf,
rc = win32_openssh_send_all(agent, buf, sizeof(buf),
&transctx->send_recv_total);
if(rc == LIBSSH2_ERROR_EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
@@ -298,7 +283,7 @@ agent_transact_openssh(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
/* Receive the length of the body */
if(transctx->state == agent_NB_state_request_sent) {
rc = win32_openssh_recv_all(agent, buf, sizeof buf,
rc = win32_openssh_recv_all(agent, buf, sizeof(buf),
&transctx->send_recv_total);
if(rc == LIBSSH2_ERROR_EAGAIN)
return LIBSSH2_ERROR_EAGAIN;
@@ -353,9 +338,10 @@ agent_disconnect_openssh(LIBSSH2_AGENT *agent)
return LIBSSH2_ERROR_NONE;
}
struct agent_ops agent_ops_openssh = {
static struct agent_ops agent_ops_openssh = {
agent_connect_openssh,
agent_transact_openssh,
agent_disconnect_openssh
};
#endif /* WIN32 */
#endif /* HAVE_WIN32_AGENTS */

55
libssh2/src/bcrypt_pbkdf.c
View File

@@ -15,19 +15,14 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "libssh2_priv.h"
#ifndef HAVE_BCRYPT_PBKDF
#include "libssh2_priv.h"
#include <stdlib.h>
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#include "blf.h"
#define MINIMUM(a,b) (((a) < (b)) ? (a) : (b))
#define LIBSSH2_BCRYPT_PBKDF_C
#include "blowfish.c"
/*
* pkcs #5 pbkdf2 implementation using the "bcrypt" hash
@@ -60,12 +55,15 @@ static void
bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
{
blf_ctx state;
uint8_t ciphertext[BCRYPT_HASHSIZE] =
"OxychromaticBlowfishSwatDynamite";
uint8_t ciphertext[BCRYPT_HASHSIZE] = {
'O', 'x', 'y', 'c', 'h', 'r', 'o', 'm', 'a', 't', 'i', 'c',
'B', 'l', 'o', 'w', 'f', 'i', 's', 'h',
'S', 'w', 'a', 't',
'D', 'y', 'n', 'a', 'm', 'i', 't', 'e' };
uint32_t cdata[BCRYPT_BLOCKS];
int i;
uint16_t j;
size_t shalen = SHA512_DIGEST_LENGTH;
uint16_t shalen = SHA512_DIGEST_LENGTH;
/* key expansion */
Blowfish_initstate(&state);
@@ -85,7 +83,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
/* copy out */
for(i = 0; i < BCRYPT_BLOCKS; i++) {
out[4 * i + 3] = (cdata[i] >> 24) & 0xff;
out[4 * i + 3] = (uint8_t)((cdata[i] >> 24) & 0xff);
out[4 * i + 2] = (cdata[i] >> 16) & 0xff;
out[4 * i + 1] = (cdata[i] >> 8) & 0xff;
out[4 * i + 0] = cdata[i] & 0xff;
@@ -97,7 +95,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
_libssh2_explicit_zero(&state, sizeof(state));
}
int
static int
bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
size_t saltlen,
uint8_t *key, size_t keylen, unsigned int rounds)
@@ -119,7 +117,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
keylen > sizeof(out) * sizeof(out) || saltlen > 1<<20)
return -1;
countsalt = calloc(1, saltlen + 4);
if(countsalt == NULL)
if(!countsalt)
return -1;
stride = (keylen + sizeof(out) - 1) / sizeof(out);
amt = (keylen + stride - 1) / stride;
@@ -127,19 +125,19 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
memcpy(countsalt, salt, saltlen);
/* collapse password */
libssh2_sha512_init(&ctx);
(void)libssh2_sha512_init(&ctx);
libssh2_sha512_update(ctx, pass, passlen);
libssh2_sha512_final(ctx, sha2pass);
/* generate key, sizeof(out) at a time */
for(count = 1; keylen > 0; count++) {
countsalt[saltlen + 0] = (count >> 24) & 0xff;
countsalt[saltlen + 0] = (uint8_t)((count >> 24) & 0xff);
countsalt[saltlen + 1] = (count >> 16) & 0xff;
countsalt[saltlen + 2] = (count >> 8) & 0xff;
countsalt[saltlen + 3] = count & 0xff;
/* first round, salt is salt */
libssh2_sha512_init(&ctx);
(void)libssh2_sha512_init(&ctx);
libssh2_sha512_update(ctx, countsalt, saltlen + 4);
libssh2_sha512_final(ctx, sha2salt);
@@ -148,7 +146,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
for(i = 1; i < rounds; i++) {
/* subsequent rounds, salt is previous output */
libssh2_sha512_init(&ctx);
(void)libssh2_sha512_init(&ctx);
libssh2_sha512_update(ctx, tmpout, sizeof(tmpout));
libssh2_sha512_final(ctx, sha2salt);
@@ -160,7 +158,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
/*
* pbkdf2 deviation: output the key material non-linearly.
*/
amt = MINIMUM(amt, keylen);
amt = LIBSSH2_MIN(amt, keylen);
for(i = 0; i < amt; i++) {
size_t dest = i * stride + (count - 1);
if(dest >= origkeylen) {
@@ -178,3 +176,22 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
return 0;
}
#endif /* HAVE_BCRYPT_PBKDF */
/* Wrapper */
int _libssh2_bcrypt_pbkdf(const char *pass,
size_t passlen,
const uint8_t *salt,
size_t saltlen,
uint8_t *key,
size_t keylen,
unsigned int rounds)
{
return bcrypt_pbkdf(pass,
passlen,
salt,
saltlen,
key,
keylen,
rounds);
}

164
libssh2/src/blowfish.c
View File

@@ -1,6 +1,7 @@
/* $OpenBSD: blowfish.c,v 1.18 2004/11/02 17:23:26 hshoexer Exp $ */
/*
* Blowfish block cipher for OpenBSD
* Blowfish for OpenBSD - a fast block cipher designed by Bruce Schneier
*
* Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
* All rights reserved.
*
@@ -14,10 +15,7 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Niels Provos.
* 4. The name of the author may not be used to endorse or promote products
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
@@ -39,38 +37,81 @@
* Bruce Schneier.
*/
#if defined(LIBSSH2_BCRYPT_PBKDF_C) || defined(_DEBUG_BLOWFISH)
#if !defined(HAVE_BCRYPT_PBKDF) && (!defined(HAVE_BLOWFISH_INITSTATE) || \
!defined(HAVE_BLOWFISH_EXPAND0STATE) || \
!defined(HAVE_BLF_ENC))
#if 0
#include <stdio.h> /* used for debugging */
#ifdef _DEBUG_BLOWFISH
#include <stdio.h>
#include <string.h>
#include <inttypes.h>
#endif
#include <sys/types.h>
/* Schneier specifies a maximum key length of 56 bytes.
* This ensures that every key bit affects every cipher
* bit. However, the subkeys can hold up to 72 bytes.
* Warning: For normal blowfish encryption only 56 bytes
* of the key affect all cipherbits.
*/
#include "libssh2.h"
#include "blf.h"
#define BLF_N 16 /* Number of Subkeys */
#define BLF_MAXKEYLEN ((BLF_N-2)*4) /* 448 bits */
#define BLF_MAXUTILIZED ((BLF_N + 2)*4) /* 576 bits */
#undef inline
#ifdef __GNUC__
#define inline __inline
#else /* !__GNUC__ */
#define inline
#endif /* !__GNUC__ */
/* Blowfish context */
typedef struct BlowfishContext {
uint32_t S[4][256]; /* S-Boxes */
uint32_t P[BLF_N + 2]; /* Subkeys */
} blf_ctx;
/* Raw access to customized Blowfish
* blf_key is just:
* Blowfish_initstate( state )
* Blowfish_expand0state( state, key, keylen )
*/
static void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *);
#ifdef _DEBUG_BLOWFISH
static void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *);
#endif
static void Blowfish_initstate(blf_ctx *);
static void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t);
static void Blowfish_expandstate
(blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t);
/* Standard Blowfish */
#ifdef _DEBUG_BLOWFISH
static void blf_key(blf_ctx *, const uint8_t *, uint16_t);
#endif
static void blf_enc(blf_ctx *, uint32_t *, uint16_t);
#ifdef _DEBUG_BLOWFISH
static void blf_dec(blf_ctx *, uint32_t *, uint16_t);
#endif
#if 0
static void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t);
static void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t);
static void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t);
static void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t);
#endif
/* Converts uint8_t to uint32_t */
static uint32_t Blowfish_stream2word(const uint8_t *, uint16_t, uint16_t *);
/* Function for Feistel Networks */
#define F(s, x) ((((s)[ (((x)>>24)&0xFF)] \
+ (s)[0x100 + (((x)>>16)&0xFF)]) \
^ (s)[0x200 + (((x)>> 8)&0xFF)]) \
+ (s)[0x300 + ( (x) &0xFF)])
#define F(s, x) ((((s)[ (((x) >> 24) & 0xFF)] \
+ (s)[0x100 + (((x) >> 16) & 0xFF)]) \
^ (s)[0x200 + (((x) >> 8) & 0xFF)]) \
+ (s)[0x300 + ( (x) & 0xFF)])
#define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n])
void
static void
Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr)
{
uint32_t Xl;
@@ -95,7 +136,8 @@ Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr)
*xr = Xl;
}
void
#ifdef _DEBUG_BLOWFISH
static void
Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr)
{
uint32_t Xl;
@@ -119,8 +161,9 @@ Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr)
*xl = Xr ^ p[0];
*xr = Xl;
}
#endif
void
static void
Blowfish_initstate(blf_ctx *c)
{
/* P-box and S-box tables initialized with digits of Pi */
@@ -399,7 +442,7 @@ Blowfish_initstate(blf_ctx *c)
*c = initstate;
}
uint32_t
static uint32_t
Blowfish_stream2word(const uint8_t *data, uint16_t databytes,
uint16_t *current)
{
@@ -420,12 +463,12 @@ Blowfish_stream2word(const uint8_t *data, uint16_t databytes,
return temp;
}
void
static void
Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes)
{
uint16_t i;
int i;
int k;
uint16_t j;
uint16_t k;
uint32_t temp;
uint32_t datal;
uint32_t datar;
@@ -457,14 +500,13 @@ Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes)
}
}
void
static void
Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes,
const uint8_t *key, uint16_t keybytes)
{
uint16_t i;
int i;
int k;
uint16_t j;
uint16_t k;
uint32_t temp;
uint32_t datal;
uint32_t datar;
@@ -501,7 +543,8 @@ Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes,
}
void
#ifdef _DEBUG_BLOWFISH
static void
blf_key(blf_ctx *c, const uint8_t *k, uint16_t len)
{
/* Initialize S-boxes and subkeys with Pi */
@@ -510,8 +553,9 @@ blf_key(blf_ctx *c, const uint8_t *k, uint16_t len)
/* Transform S-boxes and subkeys with key */
Blowfish_expand0state(c, k, len);
}
#endif
void
static void
blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks)
{
uint32_t *d;
@@ -524,7 +568,8 @@ blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks)
}
}
void
#ifdef _DEBUG_BLOWFISH
static void
blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks)
{
uint32_t *d;
@@ -536,8 +581,10 @@ blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks)
d += 2;
}
}
#endif
void
#if 0
static void
blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len)
{
uint32_t l, r;
@@ -547,11 +594,11 @@ blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len)
l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7];
Blowfish_encipher(c, &l, &r);
data[0] = l >> 24 & 0xff;
data[0] = (uint8_t)(l >> 24 & 0xff);
data[1] = l >> 16 & 0xff;
data[2] = l >> 8 & 0xff;
data[3] = l & 0xff;
data[4] = r >> 24 & 0xff;
data[4] = (uint8_t)(r >> 24 & 0xff);
data[5] = r >> 16 & 0xff;
data[6] = r >> 8 & 0xff;
data[7] = r & 0xff;
@@ -559,7 +606,7 @@ blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len)
}
}
void
static void
blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len)
{
uint32_t l, r;
@@ -569,11 +616,11 @@ blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len)
l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7];
Blowfish_decipher(c, &l, &r);
data[0] = l >> 24 & 0xff;
data[0] = (uint8_t)(l >> 24 & 0xff);
data[1] = l >> 16 & 0xff;
data[2] = l >> 8 & 0xff;
data[3] = l & 0xff;
data[4] = r >> 24 & 0xff;
data[4] = (uint8_t)(r >> 24 & 0xff);
data[5] = r >> 16 & 0xff;
data[6] = r >> 8 & 0xff;
data[7] = r & 0xff;
@@ -581,7 +628,7 @@ blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len)
}
}
void
static void
blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len)
{
uint32_t l, r;
@@ -593,11 +640,11 @@ blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len)
l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7];
Blowfish_encipher(c, &l, &r);
data[0] = l >> 24 & 0xff;
data[0] = (uint8_t)(l >> 24 & 0xff);
data[1] = l >> 16 & 0xff;
data[2] = l >> 8 & 0xff;
data[3] = l & 0xff;
data[4] = r >> 24 & 0xff;
data[4] = (uint8_t)(r >> 24 & 0xff);
data[5] = r >> 16 & 0xff;
data[6] = r >> 8 & 0xff;
data[7] = r & 0xff;
@@ -606,7 +653,7 @@ blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len)
}
}
void
static void
blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len)
{
uint32_t l, r;
@@ -619,11 +666,11 @@ blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len)
l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7];
Blowfish_decipher(c, &l, &r);
data[0] = l >> 24 & 0xff;
data[0] = (uint8_t)(l >> 24 & 0xff);
data[1] = l >> 16 & 0xff;
data[2] = l >> 8 & 0xff;
data[3] = l & 0xff;
data[4] = r >> 24 & 0xff;
data[4] = (uint8_t)(r >> 24 & 0xff);
data[5] = r >> 16 & 0xff;
data[6] = r >> 8 & 0xff;
data[7] = r & 0xff;
@@ -635,31 +682,31 @@ blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len)
l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7];
Blowfish_decipher(c, &l, &r);
data[0] = l >> 24 & 0xff;
data[0] = (uint8_t)(l >> 24 & 0xff);
data[1] = l >> 16 & 0xff;
data[2] = l >> 8 & 0xff;
data[3] = l & 0xff;
data[4] = r >> 24 & 0xff;
data[4] = (uint8_t)(r >> 24 & 0xff);
data[5] = r >> 16 & 0xff;
data[6] = r >> 8 & 0xff;
data[7] = r & 0xff;
for(j = 0; j < 8; j++)
data[j] ^= iva[j];
}
#endif
#if 0
void
#ifdef _DEBUG_BLOWFISH
static void
report(uint32_t data[], uint16_t len)
{
uint16_t i;
int i;
for(i = 0; i < len; i += 2)
printf("Block %0hd: %08lx %08lx.\n",
i / 2, data[i], data[i + 1]);
printf("Block %d: 0x%08lx 0x%08lx.\n",
i / 2, (unsigned long)data[i], (unsigned long)data[i + 1]);
}
void
int
main(void)
{
blf_ctx c;
char key[] = "AAAAA";
char key2[] = "abcdefghijklmnopqrstuvwxyz";
@@ -682,12 +729,15 @@ main(void)
report(data, 10);
/* Second test */
blf_key(&c, (uint8_t *) key2, strlen(key2));
blf_key(&c, (uint8_t *) key2, (uint16_t)strlen(key2));
blf_enc(&c, data2, 1);
printf("\nShould read as: 0x324ed0fe 0xf413a203.\n");
report(data2, 2);
blf_dec(&c, data2, 1);
printf("\nShould read as: 0x424c4f57 0x46495348.\n");
report(data2, 2);
return 0;
}
#endif
@@ -695,3 +745,5 @@ main(void)
(!defined(HAVE_BLOWFISH_INITSTATE) || \
!defined(HAVE_BLOWFISH_EXPAND0STATE) || \
'!defined(HAVE_BLF_ENC)) */
#endif /* defined(LIBSSH2_BCRYPT_PBKDF_C) || defined(_DEBUG_BLOWFISH) */

392
libssh2/src/channel.c
View File

@@ -39,13 +39,14 @@
*/
#include "libssh2_priv.h"
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <fcntl.h>
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#endif
#include <assert.h>
#include "channel.h"
@@ -81,8 +82,8 @@ _libssh2_channel_nextid(LIBSSH2_SESSION * session)
* told...
*/
session->next_channel = id + 1;
_libssh2_debug(session, LIBSSH2_TRACE_CONN, "Allocated new channel ID#%lu",
id);
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Allocated new channel ID#%lu", id));
return id;
}
@@ -154,9 +155,9 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type,
memset(&session->open_packet_requirev_state, 0,
sizeof(session->open_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Opening Channel - win %d pack %d", window_size,
packet_size);
packet_size));
session->open_channel =
LIBSSH2_CALLOC(session, sizeof(LIBSSH2_CHANNEL));
if(!session->open_channel) {
@@ -262,7 +263,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type,
_libssh2_ntohu32(session->open_data + 9);
session->open_channel->local.packet_size =
_libssh2_ntohu32(session->open_data + 13);
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Connection Established - ID: %lu/%lu win: %lu/%lu"
" pack: %lu/%lu",
session->open_channel->local.id,
@@ -270,7 +271,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type,
session->open_channel->local.window_size,
session->open_channel->remote.window_size,
session->open_channel->local.packet_size,
session->open_channel->remote.packet_size);
session->open_channel->remote.packet_size));
LIBSSH2_FREE(session, session->open_packet);
session->open_packet = NULL;
LIBSSH2_FREE(session, session->open_data);
@@ -308,7 +309,7 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type,
}
}
channel_error:
channel_error:
if(session->open_data) {
LIBSSH2_FREE(session, session->open_data);
@@ -390,9 +391,9 @@ channel_direct_tcpip(LIBSSH2_SESSION * session, const char *host,
session->direct_message_len =
session->direct_host_len + session->direct_shost_len + 16;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Requesting direct-tcpip session from %s:%d to %s:%d",
shost, sport, host, port);
shost, sport, host, port));
s = session->direct_message =
LIBSSH2_ALLOC(session, session->direct_message_len);
@@ -452,6 +453,85 @@ libssh2_channel_direct_tcpip_ex(LIBSSH2_SESSION *session, const char *host,
return ptr;
}
/*
* libssh2_channel_direct_streamlocal_ex
*
* Tunnel TCP/IP connect through the SSH session to direct UNIX socket
*/
static LIBSSH2_CHANNEL *
channel_direct_streamlocal(LIBSSH2_SESSION * session, const char *socket_path,
const char *shost, int sport)
{
LIBSSH2_CHANNEL *channel;
unsigned char *s;
if(session->direct_state == libssh2_NB_state_idle) {
session->direct_host_len = strlen(socket_path);
session->direct_shost_len = strlen(shost);
session->direct_message_len =
session->direct_host_len + session->direct_shost_len + 12;
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Requesting direct-streamlocal session to %s",
socket_path));
s = session->direct_message =
LIBSSH2_ALLOC(session, session->direct_message_len);
if(!session->direct_message) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for direct-streamlocal connection");
return NULL;
}
_libssh2_store_str(&s, socket_path, session->direct_host_len);
_libssh2_store_str(&s, shost, session->direct_shost_len);
_libssh2_store_u32(&s, sport);
}
channel =
_libssh2_channel_open(session, "direct-streamlocal@openssh.com",
sizeof("direct-streamlocal@openssh.com") - 1,
LIBSSH2_CHANNEL_WINDOW_DEFAULT,
LIBSSH2_CHANNEL_PACKET_DEFAULT,
session->direct_message,
session->direct_message_len);
if(!channel &&
libssh2_session_last_errno(session) == LIBSSH2_ERROR_EAGAIN) {
/* The error code is still set to LIBSSH2_ERROR_EAGAIN, set our state
to created to avoid re-creating the package on next invoke */
session->direct_state = libssh2_NB_state_created;
return NULL;
}
/* by default we set (keep?) idle state... */
session->direct_state = libssh2_NB_state_idle;
LIBSSH2_FREE(session, session->direct_message);
session->direct_message = NULL;
return channel;
}
/*
* libssh2_channel_direct_streamlocal_ex
*
* Tunnel TCP/IP connect through the SSH session to direct UNIX socket
*/
LIBSSH2_API LIBSSH2_CHANNEL *
libssh2_channel_direct_streamlocal_ex(LIBSSH2_SESSION * session,
const char *socket_path,
const char *shost, int sport)
{
LIBSSH2_CHANNEL *ptr;
if(!session)
return NULL;
BLOCK_ADJUST_ERRNO(ptr, session,
channel_direct_streamlocal(session,
socket_path, shost, sport));
return ptr;
}
/*
* channel_forward_listen
*
@@ -470,19 +550,20 @@ channel_forward_listen(LIBSSH2_SESSION * session, const char *host,
host = "0.0.0.0";
if(session->fwdLstn_state == libssh2_NB_state_idle) {
session->fwdLstn_host_len = strlen(host);
session->fwdLstn_host_len = (uint32_t)strlen(host);
/* 14 = packet_type(1) + request_len(4) + want_replay(1) + host_len(4)
+ port(4) */
session->fwdLstn_packet_len =
session->fwdLstn_host_len + (sizeof("tcpip-forward") - 1) + 14;
session->fwdLstn_host_len +
(uint32_t)(sizeof("tcpip-forward") - 1) + 14;
/* Zero the whole thing out */
memset(&session->fwdLstn_packet_requirev_state, 0,
sizeof(session->fwdLstn_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Requesting tcpip-forward session for %s:%d", host,
port);
port));
s = session->fwdLstn_packet =
LIBSSH2_ALLOC(session, session->fwdLstn_packet_len);
@@ -567,10 +648,10 @@ channel_forward_listen(LIBSSH2_SESSION * session, const char *host,
listener->host[session->fwdLstn_host_len] = 0;
if(data_len >= 5 && !port) {
listener->port = _libssh2_ntohu32(data + 1);
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Dynamic tcpip-forward port "
"allocated: %d",
listener->port);
listener->port));
}
else
listener->port = port;
@@ -647,9 +728,9 @@ int _libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener)
int retcode = 0;
if(listener->chanFwdCncl_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Cancelling tcpip-forward session for %s:%d",
listener->host, listener->port);
listener->host, listener->port));
s = packet = LIBSSH2_ALLOC(session, packet_len);
if(!packet) {
@@ -818,10 +899,10 @@ static int channel_setenv(LIBSSH2_CHANNEL *channel,
memset(&channel->setenv_packet_requirev_state, 0,
sizeof(channel->setenv_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Setting remote environment variable: %s=%s on "
"channel %lu/%lu",
varname, value, channel->local.id, channel->remote.id);
varname, value, channel->local.id, channel->remote.id));
s = channel->setenv_packet =
LIBSSH2_ALLOC(session, channel->setenv_packet_len);
@@ -877,7 +958,9 @@ static int channel_setenv(LIBSSH2_CHANNEL *channel,
}
if(rc) {
channel->setenv_state = libssh2_NB_state_idle;
return rc;
return _libssh2_error(session, rc,
"Failed getting response for "
"channel-setenv");
}
else if(data_len < 1) {
channel->setenv_state = libssh2_NB_state_idle;
@@ -951,9 +1034,9 @@ static int channel_request_pty(LIBSSH2_CHANNEL *channel,
memset(&channel->reqPTY_packet_requirev_state, 0,
sizeof(channel->reqPTY_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Allocating tty on channel %lu/%lu", channel->local.id,
channel->remote.id);
channel->remote.id));
s = channel->reqPTY_packet;
@@ -1054,9 +1137,9 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel,
memset(&channel->req_auth_agent_requirev_state, 0,
sizeof(channel->req_auth_agent_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Requesting auth agent on channel %lu/%lu",
channel->local.id, channel->remote.id);
channel->local.id, channel->remote.id));
/*
* byte SSH_MSG_CHANNEL_REQUEST
@@ -1083,6 +1166,7 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel,
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, rc,
"Would block sending auth-agent request");
return rc;
}
else if(rc) {
channel->req_auth_agent_state = libssh2_NB_state_idle;
@@ -1099,10 +1183,10 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel,
size_t data_len;
unsigned char code;
rc = _libssh2_packet_requirev(
session, reply_codes, &data, &data_len, 1,
channel->req_auth_agent_local_channel,
4, &channel->req_auth_agent_requirev_state);
rc = _libssh2_packet_requirev(session, reply_codes, &data, &data_len,
1, channel->req_auth_agent_local_channel,
4,
&channel->req_auth_agent_requirev_state);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
}
@@ -1125,13 +1209,14 @@ static int channel_request_auth_agent(LIBSSH2_CHANNEL *channel,
"Unable to complete request for auth-agent");
}
/**
/*
* libssh2_channel_request_auth_agent
*
* Requests that agent forwarding be enabled for the session. The
* request must be sent over a specific channel, which starts the agent
* listener on the remote side. Once the channel is closed, the agent
* listener continues to exist.
* */
*/
LIBSSH2_API int
libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel)
{
@@ -1140,6 +1225,8 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel)
if(!channel)
return LIBSSH2_ERROR_BAD_USE;
rc = LIBSSH2_ERROR_CHANNEL_UNKNOWN;
/* The current RFC draft for agent forwarding says you're supposed to
* send "auth-agent-req," but most SSH servers out there right now
* actually expect "auth-agent-req@openssh.com", so we try that
@@ -1152,7 +1239,8 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel)
/* If we failed (but not with EAGAIN), then we move onto
* the next step to try another request type. */
if(rc != 0 && rc != LIBSSH2_ERROR_EAGAIN)
if(rc != LIBSSH2_ERROR_NONE &&
rc != LIBSSH2_ERROR_EAGAIN)
channel->req_auth_agent_try_state = libssh2_NB_state_sent;
}
@@ -1163,12 +1251,13 @@ libssh2_channel_request_auth_agent(LIBSSH2_CHANNEL *channel)
/* If we failed without an EAGAIN, then move on with this
* state machine. */
if(rc != 0 && rc != LIBSSH2_ERROR_EAGAIN)
if(rc != LIBSSH2_ERROR_NONE &&
rc != LIBSSH2_ERROR_EAGAIN)
channel->req_auth_agent_try_state = libssh2_NB_state_sent1;
}
/* If things are good, reset the try state. */
if(rc == 0)
if(rc == LIBSSH2_ERROR_NONE)
channel->req_auth_agent_try_state = libssh2_NB_state_idle;
return rc;
@@ -1212,10 +1301,10 @@ channel_request_pty_size(LIBSSH2_CHANNEL * channel, int width,
memset(&channel->reqPTY_packet_requirev_state, 0,
sizeof(channel->reqPTY_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"changing tty size on channel %lu/%lu",
channel->local.id,
channel->remote.id);
channel->remote.id));
s = channel->reqPTY_packet;
@@ -1301,13 +1390,13 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection,
memset(&channel->reqX11_packet_requirev_state, 0,
sizeof(channel->reqX11_packet_requirev_state));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Requesting x11-req for channel %lu/%lu: single=%d "
"proto=%s cookie=%s screen=%d",
channel->local.id, channel->remote.id,
single_connection,
auth_proto ? auth_proto : "MIT-MAGIC-COOKIE-1",
auth_cookie ? auth_cookie : "<random>", screen_number);
auth_cookie ? auth_cookie : "<random>", screen_number));
s = channel->reqX11_packet =
LIBSSH2_ALLOC(session, channel->reqX11_packet_len);
@@ -1326,7 +1415,7 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection,
_libssh2_store_str(&s, auth_proto ? auth_proto : "MIT-MAGIC-COOKIE-1",
proto_len);
_libssh2_store_u32(&s, cookie_len);
_libssh2_store_u32(&s, (uint32_t)cookie_len);
if(auth_cookie) {
memcpy(s, auth_cookie, cookie_len);
}
@@ -1459,10 +1548,10 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
if(message)
channel->process_packet_len += + 4;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"starting request(%s) on channel %lu/%lu, message=%s",
request, channel->local.id, channel->remote.id,
message ? message : "<null>");
message ? message : "<null>"));
s = channel->process_packet =
LIBSSH2_ALLOC(session, channel->process_packet_len);
if(!channel->process_packet)
@@ -1476,7 +1565,7 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
*(s++) = 0x01;
if(message)
_libssh2_store_u32(&s, message_len);
_libssh2_store_u32(&s, (uint32_t)message_len);
channel->process_state = libssh2_NB_state_created;
}
@@ -1567,7 +1656,7 @@ LIBSSH2_API void
libssh2_channel_set_blocking(LIBSSH2_CHANNEL * channel, int blocking)
{
if(channel)
(void) _libssh2_session_set_blocking(channel->session, blocking);
(void)_libssh2_session_set_blocking(channel->session, blocking);
}
/*
@@ -1591,8 +1680,8 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
if(packet->data_len < 1) {
packet = next;
_libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length");
_libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length"));
continue;
}
@@ -1628,11 +1717,11 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
size_t bytes_to_flush = packet->data_len -
packet->data_head;
_libssh2_debug(channel->session, LIBSSH2_TRACE_CONN,
_libssh2_debug((channel->session, LIBSSH2_TRACE_CONN,
"Flushing %d bytes of data from stream "
"%lu on channel %lu/%lu",
bytes_to_flush, packet_stream_id,
channel->local.id, channel->remote.id);
channel->local.id, channel->remote.id));
/* It's one of the streams we wanted to flush */
channel->flush_refund_bytes += packet->data_len - 13;
@@ -1652,12 +1741,12 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
}
channel->read_avail -= channel->flush_flush_bytes;
channel->remote.window_size -= channel->flush_flush_bytes;
channel->remote.window_size -= (uint32_t)channel->flush_flush_bytes;
if(channel->flush_refund_bytes) {
int rc =
_libssh2_channel_receive_window_adjust(channel,
channel->flush_refund_bytes,
(uint32_t)channel->flush_refund_bytes,
1, NULL);
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -1665,7 +1754,7 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
channel->flush_state = libssh2_NB_state_idle;
return channel->flush_flush_bytes;
return (int)channel->flush_flush_bytes;
}
/*
@@ -1791,10 +1880,10 @@ _libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL * channel,
if(!force
&& (adjustment + channel->adjust_queue <
LIBSSH2_CHANNEL_MINADJUST)) {
_libssh2_debug(channel->session, LIBSSH2_TRACE_CONN,
_libssh2_debug((channel->session, LIBSSH2_TRACE_CONN,
"Queueing %lu bytes for receive window adjustment "
"for channel %lu/%lu",
adjustment, channel->local.id, channel->remote.id);
adjustment, channel->local.id, channel->remote.id));
channel->adjust_queue += adjustment;
return 0;
}
@@ -1810,10 +1899,10 @@ _libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL * channel,
channel->adjust_adjust[0] = SSH_MSG_CHANNEL_WINDOW_ADJUST;
_libssh2_htonu32(&channel->adjust_adjust[1], channel->remote.id);
_libssh2_htonu32(&channel->adjust_adjust[5], adjustment);
_libssh2_debug(channel->session, LIBSSH2_TRACE_CONN,
_libssh2_debug((channel->session, LIBSSH2_TRACE_CONN,
"Adjusting window %lu bytes for data on "
"channel %lu/%lu",
adjustment, channel->local.id, channel->remote.id);
adjustment, channel->local.id, channel->remote.id));
channel->adjust_state = libssh2_NB_state_created;
}
@@ -1865,7 +1954,8 @@ libssh2_channel_receive_window_adjust(LIBSSH2_CHANNEL *channel,
return (unsigned long)LIBSSH2_ERROR_BAD_USE;
BLOCK_ADJUST(rc, channel->session,
_libssh2_channel_receive_window_adjust(channel, adj,
_libssh2_channel_receive_window_adjust(channel,
(uint32_t)adj,
force, &window));
/* stupid - but this is how it was made to work before and this is just
@@ -1896,8 +1986,9 @@ libssh2_channel_receive_window_adjust2(LIBSSH2_CHANNEL *channel,
return LIBSSH2_ERROR_BAD_USE;
BLOCK_ADJUST(rc, channel->session,
_libssh2_channel_receive_window_adjust(channel, adj, force,
window));
_libssh2_channel_receive_window_adjust(channel,
(uint32_t)adj,
force, window));
return rc;
}
@@ -1905,10 +1996,10 @@ int
_libssh2_channel_extended_data(LIBSSH2_CHANNEL *channel, int ignore_mode)
{
if(channel->extData2_state == libssh2_NB_state_idle) {
_libssh2_debug(channel->session, LIBSSH2_TRACE_CONN,
_libssh2_debug((channel->session, LIBSSH2_TRACE_CONN,
"Setting channel %lu/%lu handle_extended_data"
" mode to %d",
channel->local.id, channel->remote.id, ignore_mode);
channel->local.id, channel->remote.id, ignore_mode));
channel->remote.extended_data_ignore_mode = (char)ignore_mode;
channel->extData2_state = libssh2_NB_state_created;
@@ -1929,7 +2020,7 @@ _libssh2_channel_extended_data(LIBSSH2_CHANNEL *channel, int ignore_mode)
}
/*
* libssh2_channel_handle_extended_data2()
* libssh2_channel_handle_extended_data2
*
*/
LIBSSH2_API int
@@ -1988,19 +2079,19 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id,
LIBSSH2_PACKET *read_packet;
LIBSSH2_PACKET *read_next;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"channel_read() wants %d bytes from channel %lu/%lu "
"stream #%d",
(int) buflen, channel->local.id, channel->remote.id,
stream_id);
stream_id));
/* expand the receiving window first if it has become too narrow */
if((channel->read_state == libssh2_NB_state_jump1) ||
(channel->remote.window_size <
channel->remote.window_size_initial / 4 * 3 + buflen) ) {
channel->remote.window_size_initial / 4 * 3 + buflen)) {
uint32_t adjustment = channel->remote.window_size_initial + buflen -
channel->remote.window_size;
uint32_t adjustment = (uint32_t)(channel->remote.window_size_initial +
buflen - channel->remote.window_size);
if(adjustment < LIBSSH2_CHANNEL_MINADJUST)
adjustment = LIBSSH2_CHANNEL_MINADJUST;
@@ -2041,8 +2132,13 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id,
if(readpkt->data_len < 5) {
read_packet = read_next;
_libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length");
if(readpkt->data_len != 1 ||
readpkt->data[0] != SSH_MSG_REQUEST_FAILURE) {
_libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length"));
}
continue;
}
@@ -2080,11 +2176,11 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id,
unlink_packet = TRUE;
}
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"channel_read() got %d of data from %lu/%lu/%d%s",
bytes_want, channel->local.id,
channel->remote.id, stream_id,
unlink_packet?" [ul]":"");
unlink_packet?" [ul]":""));
/* copy data from this struct to the target buffer */
memcpy(&buf[bytes_read],
@@ -2123,7 +2219,7 @@ ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id,
}
channel->read_avail -= bytes_read;
channel->remote.window_size -= bytes_read;
channel->remote.window_size -= (uint32_t)bytes_read;
return bytes_read;
}
@@ -2146,7 +2242,7 @@ LIBSSH2_API ssize_t
libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf,
size_t buflen)
{
int rc;
ssize_t rc;
unsigned long recv_window;
if(!channel)
@@ -2156,8 +2252,8 @@ libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf,
if(buflen > recv_window) {
BLOCK_ADJUST(rc, channel->session,
_libssh2_channel_receive_window_adjust(channel, buflen,
1, NULL));
_libssh2_channel_receive_window_adjust(channel,
(uint32_t)buflen, 1, NULL));
}
BLOCK_ADJUST(rc, channel->session,
@@ -2180,7 +2276,7 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id)
uint32_t read_local_id;
read_packet = _libssh2_list_first(&session->packets);
if(read_packet == NULL)
if(!read_packet)
return 0;
while(read_packet) {
@@ -2189,8 +2285,8 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id)
if(read_packet->data_len < 5) {
read_packet = next_packet;
_libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length");
_libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length"));
continue;
}
@@ -2218,7 +2314,7 @@ _libssh2_channel_packet_data_len(LIBSSH2_CHANNEL * channel, int stream_id)
&& (channel->local.id == read_local_id)
&& (channel->remote.extended_data_ignore_mode
== LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE))) {
return (read_packet->data_len - read_packet->data_head);
return read_packet->data_len - read_packet->data_head;
}
read_packet = next_packet;
@@ -2258,15 +2354,15 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
if(channel->write_state == libssh2_NB_state_idle) {
unsigned char *s = channel->write_packet;
_libssh2_debug(channel->session, LIBSSH2_TRACE_CONN,
_libssh2_debug((channel->session, LIBSSH2_TRACE_CONN,
"Writing %d bytes on channel %lu/%lu, stream #%d",
(int) buflen, channel->local.id, channel->remote.id,
stream_id);
stream_id));
if(channel->local.close)
return _libssh2_error(channel->session,
LIBSSH2_ERROR_CHANNEL_CLOSED,
"We've already closed this channel");
"We have already closed this channel");
else if(channel->local.eof)
return _libssh2_error(channel->session,
LIBSSH2_ERROR_CHANNEL_EOF_SENT,
@@ -2293,7 +2389,7 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
*/
session->socket_block_directions = LIBSSH2_SESSION_BLOCK_INBOUND;
return (rc == LIBSSH2_ERROR_EAGAIN?rc:0);
return rc == LIBSSH2_ERROR_EAGAIN ? rc : 0;
}
channel->write_bufwrite = buflen;
@@ -2307,30 +2403,30 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
/* Don't exceed the remote end's limits */
/* REMEMBER local means local as the SOURCE of the data */
if(channel->write_bufwrite > channel->local.window_size) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Splitting write block due to %lu byte "
"window_size on %lu/%lu/%d",
channel->local.window_size, channel->local.id,
channel->remote.id, stream_id);
channel->remote.id, stream_id));
channel->write_bufwrite = channel->local.window_size;
}
if(channel->write_bufwrite > channel->local.packet_size) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Splitting write block due to %lu byte "
"packet_size on %lu/%lu/%d",
channel->local.packet_size, channel->local.id,
channel->remote.id, stream_id);
channel->remote.id, stream_id));
channel->write_bufwrite = channel->local.packet_size;
}
/* store the size here only, the buffer is passed in as-is to
_libssh2_transport_send() */
_libssh2_store_u32(&s, channel->write_bufwrite);
_libssh2_store_u32(&s, (uint32_t)channel->write_bufwrite);
channel->write_packet_len = s - channel->write_packet;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Sending %d bytes on channel %lu/%lu, stream_id=%d",
(int) channel->write_bufwrite, channel->local.id,
channel->remote.id, stream_id);
channel->remote.id, stream_id));
channel->write_state = libssh2_NB_state_created;
}
@@ -2349,7 +2445,7 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
"Unable to send channel data");
}
/* Shrink local window size */
channel->local.window_size -= channel->write_bufwrite;
channel->local.window_size -= (uint32_t)channel->write_bufwrite;
wrote += channel->write_bufwrite;
@@ -2402,9 +2498,9 @@ static int channel_send_eof(LIBSSH2_CHANNEL *channel)
unsigned char packet[5]; /* packet_type(1) + channelno(4) */
int rc;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Sending EOF on channel %lu/%lu",
channel->local.id, channel->remote.id);
channel->local.id, channel->remote.id));
packet[0] = SSH_MSG_CHANNEL_EOF;
_libssh2_htonu32(packet + 1, channel->remote.id);
rc = _libssh2_transport_send(session, packet, 5, NULL, 0);
@@ -2463,8 +2559,8 @@ libssh2_channel_eof(LIBSSH2_CHANNEL * channel)
if(packet->data_len < 1) {
packet = next_packet;
_libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length");
_libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length"));
continue;
}
@@ -2492,9 +2588,9 @@ static int channel_wait_eof(LIBSSH2_CHANNEL *channel)
int rc;
if(channel->wait_eof_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Awaiting EOF for channel %lu/%lu", channel->local.id,
channel->remote.id);
channel->remote.id));
channel->wait_eof_state = libssh2_NB_state_created;
}
@@ -2574,8 +2670,8 @@ int _libssh2_channel_close(LIBSSH2_CHANNEL * channel)
late for us to wait for it. Continue closing! */
if(channel->close_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN, "Closing channel %lu/%lu",
channel->local.id, channel->remote.id);
_libssh2_debug((session, LIBSSH2_TRACE_CONN, "Closing channel %lu/%lu",
channel->local.id, channel->remote.id));
channel->close_packet[0] = SSH_MSG_CHANNEL_CLOSE;
_libssh2_htonu32(channel->close_packet + 1, channel->remote.id);
@@ -2643,7 +2739,7 @@ libssh2_channel_close(LIBSSH2_CHANNEL *channel)
if(!channel)
return LIBSSH2_ERROR_BAD_USE;
BLOCK_ADJUST(rc, channel->session, _libssh2_channel_close(channel) );
BLOCK_ADJUST(rc, channel->session, _libssh2_channel_close(channel));
return rc;
}
@@ -2664,9 +2760,9 @@ static int channel_wait_closed(LIBSSH2_CHANNEL *channel)
}
if(channel->wait_closed_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Awaiting close of channel %lu/%lu", channel->local.id,
channel->remote.id);
channel->remote.id));
channel->wait_closed_state = libssh2_NB_state_created;
}
@@ -2727,9 +2823,9 @@ int _libssh2_channel_free(LIBSSH2_CHANNEL *channel)
assert(session);
if(channel->free_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Freeing channel %lu/%lu resources", channel->local.id,
channel->remote.id);
channel->remote.id));
channel->free_state = libssh2_NB_state_created;
}
@@ -2824,7 +2920,7 @@ libssh2_channel_free(LIBSSH2_CHANNEL *channel)
*/
LIBSSH2_API unsigned long
libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel,
unsigned long *read_avail,
/* FIXME: -> size_t */ unsigned long *read_avail,
unsigned long *window_size_initial)
{
if(!channel)
@@ -2846,8 +2942,8 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel,
if(packet->data_len < 1) {
packet = next_packet;
_libssh2_debug(channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length");
_libssh2_debug((channel->session, LIBSSH2_TRACE_ERROR,
"Unexpected packet length"));
continue;
}
@@ -2864,7 +2960,7 @@ libssh2_channel_window_read_ex(LIBSSH2_CHANNEL *channel,
packet = next_packet;
}
*read_avail = bytes_queued;
*read_avail = (unsigned long)bytes_queued;
}
return channel->remote.window_size;
@@ -2893,3 +2989,87 @@ libssh2_channel_window_write_ex(LIBSSH2_CHANNEL *channel,
return channel->local.window_size;
}
/* A signal can be delivered to the remote process/service using the
following message. Some systems may not implement signals, in which
case they SHOULD ignore this message.
byte SSH_MSG_CHANNEL_REQUEST
uint32 recipient channel
string "signal"
boolean FALSE
string signal name (without the "SIG" prefix)
'signal name' values will be encoded as discussed in the passage
describing SSH_MSG_CHANNEL_REQUEST messages using "exit-signal" in
this section.
*/
static int channel_signal(LIBSSH2_CHANNEL *channel,
const char *signame,
size_t signame_len)
{
LIBSSH2_SESSION *session = channel->session;
int retcode = LIBSSH2_ERROR_PROTO;
if(channel->sendsignal_state == libssh2_NB_state_idle) {
unsigned char *s;
/* 20 = packet_type(1) + channel(4) +
signal_len + sizeof(signal) - 1 + want_reply(1) +
signame_len_len(4) */
channel->sendsignal_packet_len = 20 + signame_len;
s = channel->sendsignal_packet =
LIBSSH2_ALLOC(session, channel->sendsignal_packet_len);
if(!channel->sendsignal_packet)
return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for "
"signal request");
*(s++) = SSH_MSG_CHANNEL_REQUEST;
_libssh2_store_u32(&s, channel->remote.id);
_libssh2_store_str(&s, "signal", sizeof("signal") - 1);
*(s++) = 0x00; /* Don't reply */
_libssh2_store_str(&s, signame, signame_len);
channel->sendsignal_state = libssh2_NB_state_created;
}
if(channel->sendsignal_state == libssh2_NB_state_created) {
int rc;
rc = _libssh2_transport_send(session, channel->sendsignal_packet,
channel->sendsignal_packet_len,
NULL, 0);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, rc, "Would block sending signal request");
return rc;
}
else if(rc) {
LIBSSH2_FREE(session, channel->sendsignal_packet);
channel->sendsignal_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, "Unable to send signal packet");
}
LIBSSH2_FREE(session, channel->sendsignal_packet);
retcode = LIBSSH2_ERROR_NONE;
}
channel->sendsignal_state = libssh2_NB_state_idle;
return retcode;
}
LIBSSH2_API int
libssh2_channel_signal_ex(LIBSSH2_CHANNEL *channel,
const char *signame,
size_t signame_len)
{
int rc;
if(!channel)
return LIBSSH2_ERROR_BAD_USE;
BLOCK_ADJUST(rc, channel->session,
channel_signal(channel, signame, signame_len));
return rc;
}

1
libssh2/src/channel.h
View File

@@ -138,4 +138,3 @@ int _libssh2_channel_close(LIBSSH2_CHANNEL * channel);
int _libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener);
#endif /* __LIBSSH2_CHANNEL_H */

52
libssh2/src/comp.c
View File

@@ -37,6 +37,7 @@
*/
#include "libssh2_priv.h"
#ifdef LIBSSH2_HAVE_ZLIB
#include <zlib.h>
#undef compress /* dodge name clash with ZLIB macro */
@@ -61,12 +62,12 @@ comp_method_none_comp(LIBSSH2_SESSION *session,
size_t src_len,
void **abstract)
{
(void) session;
(void) abstract;
(void) dest;
(void) dest_len;
(void) src;
(void) src_len;
(void)session;
(void)abstract;
(void)dest;
(void)dest_len;
(void)src;
(void)src_len;
return 0;
}
@@ -84,9 +85,9 @@ comp_method_none_decomp(LIBSSH2_SESSION * session,
const unsigned char *src,
size_t src_len, void **abstract)
{
(void) session;
(void) payload_limit;
(void) abstract;
(void)session;
(void)payload_limit;
(void)abstract;
*dest = (unsigned char *) src;
*dest_len = src_len;
return 0;
@@ -163,8 +164,8 @@ comp_method_zlib_init(LIBSSH2_SESSION * session, int compr,
if(status != Z_OK) {
LIBSSH2_FREE(session, strm);
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"unhandled zlib error %d", status);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"unhandled zlib error %d", status));
return LIBSSH2_ERROR_COMPRESS;
}
*abstract = strm;
@@ -189,11 +190,11 @@ comp_method_zlib_comp(LIBSSH2_SESSION *session,
void **abstract)
{
z_stream *strm = *abstract;
int out_maxlen = *dest_len;
uInt out_maxlen = (uInt)*dest_len;
int status;
strm->next_in = (unsigned char *) src;
strm->avail_in = src_len;
strm->avail_in = (uInt)src_len;
strm->next_out = dest;
strm->avail_out = out_maxlen;
@@ -204,9 +205,9 @@ comp_method_zlib_comp(LIBSSH2_SESSION *session,
return 0;
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"unhandled zlib compression error %d, avail_out",
status, strm->avail_out);
status, strm->avail_out));
return _libssh2_error(session, LIBSSH2_ERROR_ZLIB, "compression failure");
}
@@ -227,17 +228,17 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
/* A short-term alloc of a full data chunk is better than a series of
reallocs */
char *out;
size_t out_maxlen = src_len;
size_t out_maxlen;
if(src_len <= SIZE_MAX / 4)
out_maxlen = src_len * 4;
out_maxlen = (uInt)src_len * 4;
else
out_maxlen = payload_limit;
/* If strm is null, then we have not yet been initialized. */
if(strm == NULL)
if(!strm)
return _libssh2_error(session, LIBSSH2_ERROR_COMPRESS,
"decompression uninitialized");;
"decompression uninitialized");
/* In practice they never come smaller than this */
if(out_maxlen < 25)
@@ -247,10 +248,11 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
out_maxlen = payload_limit;
strm->next_in = (unsigned char *) src;
strm->avail_in = src_len;
strm->next_out = (unsigned char *) LIBSSH2_ALLOC(session, out_maxlen);
strm->avail_in = (uInt)src_len;
strm->next_out = (unsigned char *) LIBSSH2_ALLOC(session,
(uInt)out_maxlen);
out = (char *) strm->next_out;
strm->avail_out = out_maxlen;
strm->avail_out = (uInt)out_maxlen;
if(!strm->next_out)
return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate decompression buffer");
@@ -276,8 +278,8 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
else {
/* error state */
LIBSSH2_FREE(session, out);
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"unhandled zlib error %d", status);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"unhandled zlib error %d", status));
return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
"decompression failure");
}
@@ -299,7 +301,7 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
}
out = newout;
strm->next_out = (unsigned char *) out + out_ofs;
strm->avail_out = out_maxlen - out_ofs;
strm->avail_out = (uInt)(out_maxlen - out_ofs);
}
*dest = (unsigned char *) out;

76
libssh2/src/crypt.c
View File

@@ -38,14 +38,23 @@
#include "libssh2_priv.h"
#ifdef LIBSSH2_CRYPT_NONE
#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE)
/* crypt_none_crypt
* Minimalist cipher: VERY secure *wink*
* Minimalist cipher: no encryption. DO NOT USE.
*
* The SSH2 Transport allows for unencrypted data transmission using
* the "none" cipher. Because this is such a huge security hole, it is
* typically disabled on SSH2 implementations and is disabled in libssh2
* by default as well.
*
* Enabling this option will allow for "none" as a negotiable method,
* however it still requires that the method be advertised by the remote
* end and that no more-preferable methods are available.
*
*/
static int
crypt_none_crypt(LIBSSH2_SESSION * session, unsigned char *buf,
void **abstract)
void **abstract, int firstlast)
{
/* Do nothing to the data! */
return 0;
@@ -62,7 +71,7 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_none = {
crypt_none_crypt,
NULL
};
#endif /* LIBSSH2_CRYPT_NONE */
#endif /* defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE) */
struct crypt_ctx
{
@@ -97,12 +106,12 @@ crypt_init(LIBSSH2_SESSION * session,
static int
crypt_encrypt(LIBSSH2_SESSION * session, unsigned char *block,
size_t blocksize, void **abstract)
size_t blocksize, void **abstract, int firstlast)
{
struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
(void) session;
return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
blocksize);
blocksize, firstlast);
}
static int
@@ -117,6 +126,34 @@ crypt_dtor(LIBSSH2_SESSION * session, void **abstract)
return 0;
}
#if LIBSSH2_AES_GCM
static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_gcm = {
"aes256-gcm@openssh.com",
"",
16, /* blocksize */
12, /* initial value length */
32, /* secret length -- 32*8 == 256bit */
LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC | LIBSSH2_CRYPT_FLAG_PKTLEN_AAD,
&crypt_init,
&crypt_encrypt,
&crypt_dtor,
_libssh2_cipher_aes256gcm
};
static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_gcm = {
"aes128-gcm@openssh.com",
"",
16, /* blocksize */
12, /* initial value length */
16, /* secret length -- 16*8 == 128bit */
LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC | LIBSSH2_CRYPT_FLAG_PKTLEN_AAD,
&crypt_init,
&crypt_encrypt,
&crypt_dtor,
_libssh2_cipher_aes128gcm
};
#endif
#if LIBSSH2_AES_CTR
static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_ctr = {
"aes128-ctr",
@@ -158,7 +195,7 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_ctr = {
};
#endif
#if LIBSSH2_AES
#if LIBSSH2_AES_CBC
static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_cbc = {
"aes128-cbc",
"DEK-Info: AES-128-CBC",
@@ -212,7 +249,7 @@ static const LIBSSH2_CRYPT_METHOD
&crypt_dtor,
_libssh2_cipher_aes256
};
#endif /* LIBSSH2_AES */
#endif /* LIBSSH2_AES_CBC */
#if LIBSSH2_BLOWFISH
static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_blowfish_cbc = {
@@ -260,7 +297,8 @@ crypt_init_arcfour128(LIBSSH2_SESSION * session,
size_t discard = 1536;
for(; discard; discard -= 8)
_libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
method->blocksize);
method->blocksize, MIDDLE_BLOCK);
/* Not all middle, but here it doesn't matter */
}
return rc;
@@ -310,18 +348,24 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_3des_cbc = {
};
#endif
/* These are the crypt methods that are available to be negotiated. Methods
towards the start are chosen in preference to ones further down the list. */
static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
#if LIBSSH2_AES_GCM
&libssh2_crypt_method_aes256_gcm,
&libssh2_crypt_method_aes128_gcm,
#endif /* LIBSSH2_AES_GCM */
#if LIBSSH2_AES_CTR
&libssh2_crypt_method_aes128_ctr,
&libssh2_crypt_method_aes192_ctr,
&libssh2_crypt_method_aes256_ctr,
#endif /* LIBSSH2_AES */
#if LIBSSH2_AES
&libssh2_crypt_method_aes192_ctr,
&libssh2_crypt_method_aes128_ctr,
#endif /* LIBSSH2_AES_CTR */
#if LIBSSH2_AES_CBC
&libssh2_crypt_method_aes256_cbc,
&libssh2_crypt_method_rijndael_cbc_lysator_liu_se, /* == aes256-cbc */
&libssh2_crypt_method_aes192_cbc,
&libssh2_crypt_method_aes128_cbc,
#endif /* LIBSSH2_AES */
#endif /* LIBSSH2_AES_CBC */
#if LIBSSH2_BLOWFISH
&libssh2_crypt_method_blowfish_cbc,
#endif /* LIBSSH2_BLOWFISH */
@@ -335,7 +379,7 @@ static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
#if LIBSSH2_3DES
&libssh2_crypt_method_3des_cbc,
#endif /* LIBSSH2_DES */
#ifdef LIBSSH2_CRYPT_NONE
#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_CRYPT_NONE_INSECURE)
&libssh2_crypt_method_none,
#endif
NULL

14
libssh2/src/crypto.c Normal file
View File

@@ -0,0 +1,14 @@
#define LIBSSH2_CRYPTO_C
#include "libssh2_priv.h"
#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL)
#include "openssl.c"
#elif defined(LIBSSH2_LIBGCRYPT)
#include "libgcrypt.c"
#elif defined(LIBSSH2_MBEDTLS)
#include "mbedtls.c"
#elif defined(LIBSSH2_OS400QC3)
#include "os400qc3.c"
#elif defined(LIBSSH2_WINCNG)
#include "wincng.c"
#endif

190
libssh2/src/crypto.h
View File

@@ -38,24 +38,83 @@
* OF SUCH DAMAGE.
*/
#ifdef LIBSSH2_OPENSSL
#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL)
#include "openssl.h"
#endif
#ifdef LIBSSH2_LIBGCRYPT
#elif defined(LIBSSH2_LIBGCRYPT)
#include "libgcrypt.h"
#endif
#ifdef LIBSSH2_WINCNG
#include "wincng.h"
#endif
#ifdef LIBSSH2_OS400QC3
#include "os400qc3.h"
#endif
#ifdef LIBSSH2_MBEDTLS
#elif defined(LIBSSH2_MBEDTLS)
#include "mbedtls.h"
#elif defined(LIBSSH2_OS400QC3)
#include "os400qc3.h"
#elif defined(LIBSSH2_WINCNG)
#include "wincng.h"
#else
#error "no cryptography backend selected"
#endif
#ifdef LIBSSH2_NO_MD5
#undef LIBSSH2_MD5
#define LIBSSH2_MD5 0
#endif
#ifdef LIBSSH2_NO_HMAC_RIPEMD
#undef LIBSSH2_HMAC_RIPEMD
#define LIBSSH2_HMAC_RIPEMD 0
#endif
#ifdef LIBSSH2_NO_DSA
#undef LIBSSH2_DSA
#define LIBSSH2_DSA 0
#endif
#ifdef LIBSSH2_NO_RSA
#undef LIBSSH2_RSA
#define LIBSSH2_RSA 0
#endif
#ifdef LIBSSH2_NO_RSA_SHA1
#undef LIBSSH2_RSA_SHA1
#define LIBSSH2_RSA_SHA1 0
#endif
#ifdef LIBSSH2_NO_ECDSA
#undef LIBSSH2_ECDSA
#define LIBSSH2_ECDSA 0
#endif
#ifdef LIBSSH2_NO_ED25519
#undef LIBSSH2_ED25519
#define LIBSSH2_ED25519 0
#endif
#ifdef LIBSSH2_NO_AES_CTR
#undef LIBSSH2_AES_CTR
#define LIBSSH2_AES_CTR 0
#endif
#ifdef LIBSSH2_NO_AES_CBC
#undef LIBSSH2_AES_CBC
#define LIBSSH2_AES_CBC 0
#endif
#ifdef LIBSSH2_NO_BLOWFISH
#undef LIBSSH2_BLOWFISH
#define LIBSSH2_BLOWFISH 0
#endif
#ifdef LIBSSH2_NO_RC4
#undef LIBSSH2_RC4
#define LIBSSH2_RC4 0
#endif
#ifdef LIBSSH2_NO_CAST
#undef LIBSSH2_CAST
#define LIBSSH2_CAST 0
#endif
#ifdef LIBSSH2_NO_3DES
#undef LIBSSH2_3DES
#define LIBSSH2_3DES 0
#endif
#define LIBSSH2_ED25519_KEY_LEN 32
@@ -83,16 +142,31 @@ int _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
LIBSSH2_SESSION * session,
const char *filename,
unsigned const char *passphrase);
#if LIBSSH2_RSA_SHA1
int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m, unsigned long m_len);
size_t sig_len,
const unsigned char *m, size_t m_len);
int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session,
libssh2_rsa_ctx * rsactx,
const unsigned char *hash,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
#endif
#if LIBSSH2_RSA_SHA2
int _libssh2_rsa_sha2_sign(LIBSSH2_SESSION * session,
libssh2_rsa_ctx * rsactx,
const unsigned char *hash,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
int _libssh2_rsa_sha2_verify(libssh2_rsa_ctx * rsa,
size_t hash_len,
const unsigned char *sig,
size_t sig_len,
const unsigned char *m, size_t m_len);
#endif
int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa,
LIBSSH2_SESSION * session,
const char *filedata,
@@ -117,7 +191,7 @@ int _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
unsigned const char *passphrase);
int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
const unsigned char *sig,
const unsigned char *m, unsigned long m_len);
const unsigned char *m, size_t m_len);
int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
const unsigned char *hash,
unsigned long hash_len, unsigned char *sig);
@@ -134,12 +208,23 @@ _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx ** ecdsactx,
const unsigned char *k,
size_t k_len,
libssh2_curve_type type);
int
_libssh2_ecdsa_new_private(libssh2_ecdsa_ctx ** ec_ctx,
LIBSSH2_SESSION * session,
const char *filename,
unsigned const char *passphrase);
int
_libssh2_ecdsa_new_private_sk(libssh2_ecdsa_ctx ** ec_ctx,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
LIBSSH2_SESSION * session,
const char *filename,
unsigned const char *passphrase);
int
_libssh2_ecdsa_verify(libssh2_ecdsa_ctx * ctx,
const unsigned char *r, size_t r_len,
@@ -169,6 +254,16 @@ int _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx,
size_t filedata_len,
unsigned const char *passphrase);
int _libssh2_ecdsa_new_private_frommemory_sk(libssh2_ecdsa_ctx ** ec_ctx,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
LIBSSH2_SESSION * session,
const char *filedata,
size_t filedata_len,
unsigned const char *passphrase);
libssh2_curve_type
_libssh2_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ec_ctx);
@@ -198,11 +293,21 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx **ed_ctx,
LIBSSH2_SESSION *session,
const char *filename, const uint8_t *passphrase);
int
_libssh2_ed25519_new_private_sk(libssh2_ed25519_ctx **ed_ctx,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
LIBSSH2_SESSION *session,
const char *filename,
const uint8_t *passphrase);
int
_libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx,
LIBSSH2_SESSION *session,
const unsigned char *raw_pub_key,
const uint8_t key_len);
const size_t key_len);
int
_libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session,
@@ -216,6 +321,17 @@ _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx **ed_ctx,
size_t filedata_len,
unsigned const char *passphrase);
int
_libssh2_ed25519_new_private_frommemory_sk(libssh2_ed25519_ctx **ed_ctx,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
LIBSSH2_SESSION *session,
const char *filedata,
size_t filedata_len,
unsigned const char *passphrase);
#endif /* LIBSSH2_ED25519 */
@@ -226,7 +342,8 @@ int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
_libssh2_cipher_type(algo),
int encrypt, unsigned char *block, size_t blocksize);
int encrypt, unsigned char *block, size_t blocksize,
int firstlast);
int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
unsigned char **method,
@@ -245,4 +362,37 @@ int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
size_t privatekeydata_len,
const char *passphrase);
int _libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session,
unsigned char **method,
size_t *method_len,
unsigned char **pubkeydata,
size_t *pubkeydata_len,
int *algorithm,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
const char *privatekeydata,
size_t privatekeydata_len,
const char *passphrase);
/**
* @function _libssh2_supported_key_sign_algorithms
* @abstract Returns supported algorithms used for upgrading public
* key signing RFC 8332
* @discussion Based on the incoming key_method value, this function
* will return supported algorithms that can upgrade the key method
* @related _libssh2_key_sign_algorithm()
* @param key_method current key method, usually the default key sig method
* @param key_method_len length of the key method buffer
* @result comma separated list of supported upgrade options per RFC 8332, if
* there is no upgrade option return NULL
*/
const char *
_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session,
unsigned char *key_method,
size_t key_method_len);
#endif /* __LIBSSH2_CRYPTO_H */

2
libssh2/src/global.c
View File

@@ -74,5 +74,5 @@ void
_libssh2_init_if_needed(void)
{
if(_libssh2_initialized == 0)
(void)libssh2_init (0);
(void)libssh2_init(0);
}

362
libssh2/src/hostkey.c
View File

@@ -37,7 +37,6 @@
*/
#include "libssh2_priv.h"
#include "misc.h"
/* Needed for struct iovec on some platforms */
#ifdef HAVE_SYS_UIO_H
@@ -64,8 +63,8 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
void **abstract)
{
libssh2_rsa_ctx *rsactx;
unsigned char *e, *n;
size_t e_len, n_len;
unsigned char *e, *n, *type;
size_t e_len, n_len, type_len;
struct string_buf buf;
if(*abstract) {
@@ -74,8 +73,8 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
}
if(hostkey_data_len < 19) {
_libssh2_debug(session, LIBSSH2_TRACE_ERROR,
"host key length too short");
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
"host key length too short"));
return -1;
}
@@ -83,8 +82,31 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
buf.dataptr = buf.data;
buf.len = hostkey_data_len;
if(_libssh2_match_string(&buf, "ssh-rsa"))
if(_libssh2_get_string(&buf, &type, &type_len)) {
return -1;
}
/* we accept one of 3 header types */
#if LIBSSH2_RSA_SHA1
if(type_len == 7 && strncmp("ssh-rsa", (char *)type, 7) == 0) {
/* ssh-rsa */
}
else
#endif
#if LIBSSH2_RSA_SHA2
if(type_len == 12 && strncmp("rsa-sha2-256", (char *)type, 12) == 0) {
/* rsa-sha2-256 */
}
else if(type_len == 12 && strncmp("rsa-sha2-512", (char *)type, 12) == 0) {
/* rsa-sha2-512 */
}
else
#endif
{
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
"unexpected rsa type: %.*s", type_len, type));
return -1;
}
if(_libssh2_get_string(&buf, &e, &e_len))
return -1;
@@ -92,8 +114,14 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
if(_libssh2_get_string(&buf, &n, &n_len))
return -1;
if(_libssh2_rsa_new(&rsactx, e, e_len, n, n_len, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0)) {
if(!_libssh2_eob(&buf))
return -1;
if(_libssh2_rsa_new(&rsactx,
e, (unsigned long)e_len,
n, (unsigned long)n_len,
NULL, 0, NULL, 0, NULL, 0,
NULL, 0, NULL, 0, NULL, 0)) {
return -1;
}
@@ -163,6 +191,7 @@ hostkey_method_ssh_rsa_initPEMFromMemory(LIBSSH2_SESSION * session,
return 0;
}
#if LIBSSH2_RSA_SHA1
/*
* hostkey_method_ssh_rsa_sign
*
@@ -176,7 +205,7 @@ hostkey_method_ssh_rsa_sig_verify(LIBSSH2_SESSION * session,
size_t m_len, void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
(void) session;
(void)session;
/* Skip past keyname_len(4) + keyname(7){"ssh-rsa"} + signature_len(4) */
if(sig_len < 15)
@@ -211,7 +240,7 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
unsigned char hash[SHA_DIGEST_LENGTH];
libssh2_sha1_ctx ctx;
libssh2_sha1_init(&ctx);
(void)libssh2_sha1_init(&ctx);
for(i = 0; i < veccount; i++) {
libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
}
@@ -226,6 +255,151 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
return 0;
#endif
}
#endif
/*
* hostkey_method_ssh_rsa_sha2_256_sig_verify
*
* Verify signature created by remote
*/
#if LIBSSH2_RSA_SHA2
static int
hostkey_method_ssh_rsa_sha2_256_sig_verify(LIBSSH2_SESSION * session,
const unsigned char *sig,
size_t sig_len,
const unsigned char *m,
size_t m_len, void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
(void)session;
/* Skip past keyname_len(4) + keyname(12){"rsa-sha2-256"} +
signature_len(4) */
if(sig_len < 20)
return -1;
sig += 20;
sig_len -= 20;
return _libssh2_rsa_sha2_verify(rsactx, SHA256_DIGEST_LENGTH, sig, sig_len,
m, m_len);
}
/*
* hostkey_method_ssh_rsa_sha2_256_signv
*
* Construct a signature from an array of vectors
*/
static int
hostkey_method_ssh_rsa_sha2_256_signv(LIBSSH2_SESSION * session,
unsigned char **signature,
size_t *signature_len,
int veccount,
const struct iovec datavec[],
void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
#ifdef _libssh2_rsa_sha2_256_signv
return _libssh2_rsa_sha2_256_signv(session, signature, signature_len,
veccount, datavec, rsactx);
#else
int ret;
int i;
unsigned char hash[SHA256_DIGEST_LENGTH];
libssh2_sha256_ctx ctx;
if(!libssh2_sha256_init(&ctx)) {
return -1;
}
for(i = 0; i < veccount; i++) {
libssh2_sha256_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
}
libssh2_sha256_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA256_DIGEST_LENGTH,
signature, signature_len);
if(ret) {
return -1;
}
return 0;
#endif
}
/*
* hostkey_method_ssh_rsa_sha2_512_sig_verify
*
* Verify signature created by remote
*/
static int
hostkey_method_ssh_rsa_sha2_512_sig_verify(LIBSSH2_SESSION * session,
const unsigned char *sig,
size_t sig_len,
const unsigned char *m,
size_t m_len, void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
(void)session;
/* Skip past keyname_len(4) + keyname(12){"rsa-sha2-512"} +
signature_len(4) */
if(sig_len < 20)
return -1;
sig += 20;
sig_len -= 20;
return _libssh2_rsa_sha2_verify(rsactx, SHA512_DIGEST_LENGTH, sig,
sig_len, m, m_len);
}
/*
* hostkey_method_ssh_rsa_sha2_512_signv
*
* Construct a signature from an array of vectors
*/
static int
hostkey_method_ssh_rsa_sha2_512_signv(LIBSSH2_SESSION * session,
unsigned char **signature,
size_t *signature_len,
int veccount,
const struct iovec datavec[],
void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
#ifdef _libssh2_rsa_sha2_512_signv
return _libssh2_rsa_sha2_512_signv(session, signature, signature_len,
veccount, datavec, rsactx);
#else
int ret;
int i;
unsigned char hash[SHA512_DIGEST_LENGTH];
libssh2_sha512_ctx ctx;
if(!libssh2_sha512_init(&ctx)) {
return -1;
}
for(i = 0; i < veccount; i++) {
libssh2_sha512_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
}
libssh2_sha512_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA512_DIGEST_LENGTH,
signature, signature_len);
if(ret) {
return -1;
}
return 0;
#endif
}
#endif /* LIBSSH2_RSA_SHA2 */
/*
* hostkey_method_ssh_rsa_dtor
@@ -236,7 +410,7 @@ static int
hostkey_method_ssh_rsa_dtor(LIBSSH2_SESSION * session, void **abstract)
{
libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
(void) session;
(void)session;
_libssh2_rsa_free(rsactx);
@@ -245,13 +419,11 @@ hostkey_method_ssh_rsa_dtor(LIBSSH2_SESSION * session, void **abstract)
return 0;
}
#ifdef OPENSSL_NO_MD5
#define MD5_DIGEST_LENGTH 16
#endif
#if LIBSSH2_RSA_SHA1
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa = {
"ssh-rsa",
MD5_DIGEST_LENGTH,
SHA_DIGEST_LENGTH,
hostkey_method_ssh_rsa_init,
hostkey_method_ssh_rsa_initPEM,
hostkey_method_ssh_rsa_initPEMFromMemory,
@@ -260,6 +432,53 @@ static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa = {
NULL, /* encrypt */
hostkey_method_ssh_rsa_dtor,
};
#endif /* LIBSSH2_RSA_SHA1 */
#if LIBSSH2_RSA_SHA2
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_sha2_256 = {
"rsa-sha2-256",
SHA256_DIGEST_LENGTH,
hostkey_method_ssh_rsa_init,
hostkey_method_ssh_rsa_initPEM,
hostkey_method_ssh_rsa_initPEMFromMemory,
hostkey_method_ssh_rsa_sha2_256_sig_verify,
hostkey_method_ssh_rsa_sha2_256_signv,
NULL, /* encrypt */
hostkey_method_ssh_rsa_dtor,
};
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_sha2_512 = {
"rsa-sha2-512",
SHA512_DIGEST_LENGTH,
hostkey_method_ssh_rsa_init,
hostkey_method_ssh_rsa_initPEM,
hostkey_method_ssh_rsa_initPEMFromMemory,
hostkey_method_ssh_rsa_sha2_512_sig_verify,
hostkey_method_ssh_rsa_sha2_512_signv,
NULL, /* encrypt */
hostkey_method_ssh_rsa_dtor,
};
#endif /* LIBSSH2_RSA_SHA2 */
#if LIBSSH2_RSA_SHA1
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa_cert = {
"ssh-rsa-cert-v01@openssh.com",
SHA_DIGEST_LENGTH,
NULL,
hostkey_method_ssh_rsa_initPEM,
hostkey_method_ssh_rsa_initPEMFromMemory,
NULL,
hostkey_method_ssh_rsa_signv,
NULL, /* encrypt */
hostkey_method_ssh_rsa_dtor,
};
#endif /* LIBSSH2_RSA_SHA1 */
#endif /* LIBSSH2_RSA */
#if LIBSSH2_DSA
@@ -292,8 +511,8 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session,
}
if(hostkey_data_len < 27) {
_libssh2_debug(session, LIBSSH2_TRACE_ERROR,
"host key length too short");
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
"host key length too short"));
return -1;
}
@@ -316,8 +535,15 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session,
if(_libssh2_get_string(&buf, &y, &y_len))
return -1;
if(_libssh2_dsa_new(&dsactx, p, p_len, q, q_len,
g, g_len, y, y_len, NULL, 0)) {
if(!_libssh2_eob(&buf))
return -1;
if(_libssh2_dsa_new(&dsactx,
p, (unsigned long)p_len,
q, (unsigned long)q_len,
g, (unsigned long)g_len,
y, (unsigned long)y_len,
NULL, 0)) {
return -1;
}
@@ -438,7 +664,7 @@ hostkey_method_ssh_dss_signv(LIBSSH2_SESSION * session,
*signature_len = 2 * SHA_DIGEST_LENGTH;
libssh2_sha1_init(&ctx);
(void)libssh2_sha1_init(&ctx);
for(i = 0; i < veccount; i++) {
libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
}
@@ -461,7 +687,7 @@ static int
hostkey_method_ssh_dss_dtor(LIBSSH2_SESSION * session, void **abstract)
{
libssh2_dsa_ctx *dsactx = (libssh2_dsa_ctx *) (*abstract);
(void) session;
(void)session;
_libssh2_dsa_free(dsactx);
@@ -472,7 +698,7 @@ hostkey_method_ssh_dss_dtor(LIBSSH2_SESSION * session, void **abstract)
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_dss = {
"ssh-dss",
MD5_DIGEST_LENGTH,
SHA_DIGEST_LENGTH,
hostkey_method_ssh_dss_init,
hostkey_method_ssh_dss_initPEM,
hostkey_method_ssh_dss_initPEMFromMemory,
@@ -510,14 +736,14 @@ hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session,
libssh2_curve_type type;
struct string_buf buf;
if(abstract != NULL && *abstract) {
if(abstract && *abstract) {
hostkey_method_ssh_ecdsa_dtor(session, abstract);
*abstract = NULL;
}
if(hostkey_data_len < 39) {
_libssh2_debug(session, LIBSSH2_TRACE_ERROR,
"host key length too short");
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
"host key length too short"));
return -1;
}
@@ -561,11 +787,14 @@ hostkey_method_ssh_ecdsa_init(LIBSSH2_SESSION * session,
if(_libssh2_get_string(&buf, &public_key, &key_len))
return -1;
if(!_libssh2_eob(&buf))
return -1;
if(_libssh2_ecdsa_curve_name_with_octal_new(&ecdsactx, public_key,
key_len, type))
return -1;
if(abstract != NULL)
if(abstract)
*abstract = ecdsactx;
return 0;
@@ -585,7 +814,7 @@ hostkey_method_ssh_ecdsa_initPEM(LIBSSH2_SESSION * session,
libssh2_ecdsa_ctx *ec_ctx = NULL;
int ret;
if(abstract != NULL && *abstract) {
if(abstract && *abstract) {
hostkey_method_ssh_ecdsa_dtor(session, abstract);
*abstract = NULL;
}
@@ -593,7 +822,7 @@ hostkey_method_ssh_ecdsa_initPEM(LIBSSH2_SESSION * session,
ret = _libssh2_ecdsa_new_private(&ec_ctx, session,
privkeyfile, passphrase);
if(abstract != NULL)
if(abstract)
*abstract = ec_ctx;
return ret;
@@ -614,7 +843,7 @@ hostkey_method_ssh_ecdsa_initPEMFromMemory(LIBSSH2_SESSION * session,
libssh2_ecdsa_ctx *ec_ctx = NULL;
int ret;
if(abstract != NULL && *abstract) {
if(abstract && *abstract) {
hostkey_method_ssh_ecdsa_dtor(session, abstract);
*abstract = NULL;
}
@@ -627,7 +856,7 @@ hostkey_method_ssh_ecdsa_initPEMFromMemory(LIBSSH2_SESSION * session,
return -1;
}
if(abstract != NULL)
if(abstract)
*abstract = ec_ctx;
return 0;
@@ -651,7 +880,7 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session,
struct string_buf buf;
libssh2_ecdsa_ctx *ctx = (libssh2_ecdsa_ctx *) (*abstract);
(void) session;
(void)session;
if(sig_len < 35)
return -1;
@@ -679,11 +908,11 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session,
#define LIBSSH2_HOSTKEY_METHOD_EC_SIGNV_HASH(digest_type) \
{ \
do { \
unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \
libssh2_sha##digest_type##_ctx ctx; \
int i; \
libssh2_sha##digest_type##_init(&ctx); \
(void)libssh2_sha##digest_type##_init(&ctx); \
for(i = 0; i < veccount; i++) { \
libssh2_sha##digest_type##_update(ctx, datavec[i].iov_base, \
datavec[i].iov_len); \
@@ -692,7 +921,7 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session,
ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \
SHA##digest_type##_DIGEST_LENGTH, \
signature, signature_len); \
}
} while(0)
/*
@@ -737,9 +966,9 @@ static int
hostkey_method_ssh_ecdsa_dtor(LIBSSH2_SESSION * session, void **abstract)
{
libssh2_ecdsa_ctx *keyctx = (libssh2_ecdsa_ctx *) (*abstract);
(void) session;
(void)session;
if(keyctx != NULL)
if(keyctx)
_libssh2_ecdsa_free(keyctx);
*abstract = NULL;
@@ -841,9 +1070,10 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session,
size_t hostkey_data_len,
void **abstract)
{
const unsigned char *s;
unsigned long len, key_len;
size_t key_len;
unsigned char *key;
libssh2_ed25519_ctx *ctx = NULL;
struct string_buf buf;
if(*abstract) {
hostkey_method_ssh_ed25519_dtor(session, abstract);
@@ -851,26 +1081,26 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session,
}
if(hostkey_data_len < 19) {
_libssh2_debug(session, LIBSSH2_TRACE_ERROR,
"host key length too short");
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
"host key length too short"));
return -1;
}
s = hostkey_data;
len = _libssh2_ntohu32(s);
s += 4;
buf.data = (unsigned char *)hostkey_data;
buf.dataptr = buf.data;
buf.len = hostkey_data_len;
if(len != 11 || strncmp((char *) s, "ssh-ed25519", 11) != 0) {
if(_libssh2_match_string(&buf, "ssh-ed25519"))
return -1;
}
s += 11;
/* public key */
key_len = _libssh2_ntohu32(s);
s += 4;
if(_libssh2_get_string(&buf, &key, &key_len))
return -1;
if(_libssh2_ed25519_new_public(&ctx, session, s, key_len) != 0) {
if(!_libssh2_eob(&buf))
return -1;
if(_libssh2_ed25519_new_public(&ctx, session, key, key_len) != 0) {
return -1;
}
@@ -924,7 +1154,7 @@ hostkey_method_ssh_ed25519_initPEMFromMemory(LIBSSH2_SESSION * session,
libssh2_ed25519_ctx *ed_ctx = NULL;
int ret;
if(abstract != NULL && *abstract) {
if(abstract && *abstract) {
hostkey_method_ssh_ed25519_dtor(session, abstract);
*abstract = NULL;
}
@@ -937,7 +1167,7 @@ hostkey_method_ssh_ed25519_initPEMFromMemory(LIBSSH2_SESSION * session,
return -1;
}
if(abstract != NULL)
if(abstract)
*abstract = ed_ctx;
return 0;
@@ -956,7 +1186,7 @@ hostkey_method_ssh_ed25519_sig_verify(LIBSSH2_SESSION * session,
size_t m_len, void **abstract)
{
libssh2_ed25519_ctx *ctx = (libssh2_ed25519_ctx *) (*abstract);
(void) session;
(void)session;
if(sig_len < 19)
return -1;
@@ -1005,7 +1235,7 @@ static int
hostkey_method_ssh_ed25519_dtor(LIBSSH2_SESSION * session, void **abstract)
{
libssh2_ed25519_ctx *keyctx = (libssh2_ed25519_ctx*) (*abstract);
(void) session;
(void)session;
if(keyctx)
_libssh2_ed25519_free(keyctx);
@@ -1027,7 +1257,19 @@ static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_ed25519 = {
hostkey_method_ssh_ed25519_dtor,
};
#endif /*LIBSSH2_ED25519*/
static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_ed25519_cert = {
"ssh-ed25519-cert-v01@openssh.com",
SHA256_DIGEST_LENGTH,
hostkey_method_ssh_ed25519_init,
hostkey_method_ssh_ed25519_initPEM,
hostkey_method_ssh_ed25519_initPEMFromMemory,
hostkey_method_ssh_ed25519_sig_verify,
hostkey_method_ssh_ed25519_signv,
NULL, /* encrypt */
hostkey_method_ssh_ed25519_dtor,
};
#endif /* LIBSSH2_ED25519 */
static const LIBSSH2_HOSTKEY_METHOD *hostkey_methods[] = {
@@ -1041,9 +1283,17 @@ static const LIBSSH2_HOSTKEY_METHOD *hostkey_methods[] = {
#endif
#if LIBSSH2_ED25519
&hostkey_method_ssh_ed25519,
&hostkey_method_ssh_ed25519_cert,
#endif
#if LIBSSH2_RSA
#if LIBSSH2_RSA_SHA2
&hostkey_method_ssh_rsa_sha2_512,
&hostkey_method_ssh_rsa_sha2_256,
#endif /* LIBSSH2_RSA_SHA2 */
#if LIBSSH2_RSA_SHA1
&hostkey_method_ssh_rsa,
&hostkey_method_ssh_rsa_cert,
#endif /* LIBSSH2_RSA_SHA1 */
#endif /* LIBSSH2_RSA */
#if LIBSSH2_DSA
&hostkey_method_ssh_dss,
@@ -1146,7 +1396,7 @@ static int hostkey_type(const unsigned char *hostkey, size_t len)
}
/*
* libssh2_session_hostkey()
* libssh2_session_hostkey
*
* Returns the server key and length.
*

4
libssh2/src/keepalive.c
View File

@@ -42,7 +42,7 @@
/* Keep-alive stuff. */
LIBSSH2_API void
libssh2_keepalive_config (LIBSSH2_SESSION *session,
libssh2_keepalive_config(LIBSSH2_SESSION *session,
int want_reply,
unsigned interval)
{
@@ -54,7 +54,7 @@ libssh2_keepalive_config (LIBSSH2_SESSION *session,
}
LIBSSH2_API int
libssh2_keepalive_send (LIBSSH2_SESSION *session,
libssh2_keepalive_send(LIBSSH2_SESSION *session,
int *seconds_to_next)
{
time_t now;

678
libssh2/src/kex.c
View File

File diff suppressed because it is too large Load Diff

27
libssh2/src/knownhost.c
View File

@@ -37,7 +37,6 @@
*/
#include "libssh2_priv.h"
#include "misc.h"
struct known_host {
struct list_node node;
@@ -111,7 +110,7 @@ libssh2_knownhost_init(LIBSSH2_SESSION *session)
#define KNOWNHOST_MAGIC 0xdeadcafe
/*
* knownhost_to_external()
* knownhost_to_external
*
* Copies data from the internal to the external representation struct.
*
@@ -123,7 +122,7 @@ static struct libssh2_knownhost *knownhost_to_external(struct known_host *node)
ext->magic = KNOWNHOST_MAGIC;
ext->node = node;
ext->name = ((node->typemask & LIBSSH2_KNOWNHOST_TYPE_MASK) ==
LIBSSH2_KNOWNHOST_TYPE_PLAIN)? node->name:NULL;
LIBSSH2_KNOWNHOST_TYPE_PLAIN) ? node->name : NULL;
ext->key = node->key;
ext->typemask = node->typemask;
@@ -142,7 +141,7 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
size_t hostlen = strlen(host);
int rc;
char *ptr;
unsigned int ptrlen;
size_t ptrlen;
/* make sure we have a key type set */
if(!(typemask & LIBSSH2_KNOWNHOST_KEY_MASK))
@@ -170,14 +169,14 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
entry->name_len = hostlen;
break;
case LIBSSH2_KNOWNHOST_TYPE_SHA1:
rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
rc = _libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
host, hostlen);
if(rc)
goto error;
entry->name = ptr;
entry->name_len = ptrlen;
rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
rc = _libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
salt, strlen(salt));
if(rc)
goto error;
@@ -252,7 +251,7 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
*store = knownhost_to_external(entry);
return LIBSSH2_ERROR_NONE;
error:
error:
free_host(hosts->session, entry);
return rc;
}
@@ -727,7 +726,7 @@ static int hashed_hostline(LIBSSH2_KNOWNHOSTS *hosts,
}
/*
* hostline()
* hostline
*
* Parse a single known_host line pre-split into host and key.
*
@@ -822,7 +821,7 @@ static int hostline(LIBSSH2_KNOWNHOSTS *hosts,
}
/* Figure out host format */
if((hostlen >2) && memcmp(host, "|1|", 3)) {
if((hostlen > 2) && memcmp(host, "|1|", 3)) {
/* old style plain text: [name]([,][name])*
for the sake of simplicity, we add them as separate hosts with the
@@ -841,7 +840,7 @@ static int hostline(LIBSSH2_KNOWNHOSTS *hosts,
}
/*
* libssh2_knownhost_readline()
* libssh2_knownhost_readline
*
* Pass in a line of a file of 'type'.
*
@@ -983,7 +982,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
}
/*
* knownhost_writeline()
* knownhost_writeline
*
* Ask libssh2 to convert a known host to an output line for storage.
*
@@ -1157,7 +1156,7 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
}
/*
* libssh2_knownhost_writeline()
* libssh2_knownhost_writeline
*
* Ask libssh2 to convert a known host to an output line for storage.
*
@@ -1183,7 +1182,7 @@ libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
}
/*
* libssh2_knownhost_writefile()
* libssh2_knownhost_writefile
*
* Write hosts+key pairs to the given file.
*/
@@ -1234,7 +1233,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOWNHOSTS *hosts,
/*
* libssh2_knownhost_get()
* libssh2_knownhost_get
*
* Traverse the internal list of known hosts. Pass NULL to 'prev' to get
* the first one.

195
libssh2/src/libgcrypt.c
View File

@@ -36,12 +36,9 @@
* OF SUCH DAMAGE.
*/
#include "libssh2_priv.h"
#ifdef LIBSSH2_LIBGCRYPT /* compile only if we build with libgcrypt */
#include <string.h>
#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */
#if LIBSSH2_RSA
int
_libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
const unsigned char *edata,
@@ -61,14 +58,14 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
const unsigned char *coeffdata, unsigned long coefflen)
{
int rc;
(void) e1data;
(void) e1len;
(void) e2data;
(void) e2len;
(void)e1data;
(void)e1len;
(void)e2data;
(void)e2len;
if(ddata) {
rc = gcry_sexp_build
(rsa, NULL,
rc = gcry_sexp_build(rsa, NULL,
"(private-key(rsa(n%b)(e%b)(d%b)(q%b)(p%b)(u%b)))",
nlen, ndata, elen, edata, dlen, ddata, plen, pdata,
qlen, qdata, coefflen, coeffdata);
@@ -85,11 +82,12 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
return 0;
}
#if LIBSSH2_RSA_SHA1
int
_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m, unsigned long m_len)
size_t sig_len,
const unsigned char *m, size_t m_len)
{
unsigned char hash[SHA_DIGEST_LENGTH];
gcry_sexp_t s_sig, s_hash;
@@ -100,12 +98,12 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
rc = gcry_sexp_build(&s_hash, NULL,
"(data (flags pkcs1) (hash sha1 %b))",
SHA_DIGEST_LENGTH, hash);
if(rc != 0) {
if(rc) {
return -1;
}
rc = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s %b)))", sig_len, sig);
if(rc != 0) {
if(rc) {
gcry_sexp_release(s_hash);
return -1;
}
@@ -116,7 +114,10 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
return (rc == 0) ? 0 : -1;
}
#endif
#endif
#if LIBSSH2_DSA
int
_libssh2_dsa_new(libssh2_dsa_ctx ** dsactx,
const unsigned char *p,
@@ -132,8 +133,7 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx,
int rc;
if(x_len) {
rc = gcry_sexp_build
(dsactx, NULL,
rc = gcry_sexp_build(dsactx, NULL,
"(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))",
p_len, p, q_len, q, g_len, g, y_len, y, x_len, x);
}
@@ -150,13 +150,20 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx,
return 0;
}
#endif
#if LIBSSH2_RSA
int
_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa,
LIBSSH2_SESSION * session,
const char *filedata, size_t filedata_len,
unsigned const char *passphrase)
{
(void)rsa;
(void)filedata;
(void)filedata_len;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract private key from memory: "
"Method unimplemented in libgcrypt backend");
@@ -169,7 +176,7 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
{
FILE *fp;
unsigned char *data, *save_data;
unsigned int datalen;
size_t datalen;
int ret;
unsigned char *n, *e, *d, *p, *q, *e1, *e2, *coeff;
unsigned int nlen, elen, dlen, plen, qlen, e1len, e2len, coefflen;
@@ -195,57 +202,58 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
ret = -1;
goto fail;
}
/* First read Version field (should be 0). */
/* First read Version field (should be 0). */
ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen);
if(ret != 0 || (nlen != 1 && *n != '\0')) {
if(ret || (nlen != 1 && *n != '\0')) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &n, &nlen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &e, &elen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &d, &dlen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &e1, &e1len);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &e2, &e2len);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &coeff, &coefflen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
@@ -258,17 +266,24 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
ret = 0;
fail:
fail:
LIBSSH2_FREE(session, save_data);
return ret;
}
#endif
#if LIBSSH2_DSA
int
_libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx ** dsa,
LIBSSH2_SESSION * session,
const char *filedata, size_t filedata_len,
unsigned const char *passphrase)
{
(void)dsa;
(void)filedata;
(void)filedata_len;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract private key from memory: "
"Method unimplemented in libgcrypt backend");
@@ -281,7 +296,7 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
{
FILE *fp;
unsigned char *data, *save_data;
unsigned int datalen;
size_t datalen;
int ret;
unsigned char *p, *q, *g, *y, *x;
unsigned int plen, qlen, glen, ylen, xlen;
@@ -308,44 +323,44 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
goto fail;
}
/* First read Version field (should be 0). */
/* First read Version field (should be 0). */
ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen);
if(ret != 0 || (plen != 1 && *p != '\0')) {
if(ret || (plen != 1 && *p != '\0')) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &p, &plen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &q, &qlen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &g, &glen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &y, &ylen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
ret = _libssh2_pem_decode_integer(&data, &datalen, &x, &xlen);
if(ret != 0) {
if(ret) {
ret = -1;
goto fail;
}
if(datalen != 0) {
if(datalen) {
ret = -1;
goto fail;
}
@@ -357,11 +372,14 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
ret = 0;
fail:
fail:
LIBSSH2_FREE(session, save_data);
return ret;
}
#endif
#if LIBSSH2_RSA
#if LIBSSH2_RSA_SHA1
int
_libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session,
libssh2_rsa_ctx * rsactx,
@@ -389,7 +407,7 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session,
gcry_sexp_release(data);
if(rc != 0) {
if(rc) {
return -1;
}
@@ -421,7 +439,10 @@ _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session,
return rc;
}
#endif
#endif
#if LIBSSH2_DSA
int
_libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
const unsigned char *hash,
@@ -450,13 +471,13 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
gcry_sexp_release(data);
if(ret != 0) {
if(ret) {
return -1;
}
memset(sig, 0, 40);
/* Extract R. */
/* Extract R. */
data = gcry_sexp_find_token(sig_sexp, "r", 0);
if(!data)
@@ -478,7 +499,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
gcry_sexp_release(data);
/* Extract S. */
/* Extract S. */
data = gcry_sexp_find_token(sig_sexp, "s", 0);
if(!data)
@@ -499,10 +520,10 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
memcpy(sig + 20 + (20 - size), tmp, size);
goto out;
err:
err:
ret = -1;
out:
out:
if(sig_sexp) {
gcry_sexp_release(sig_sexp);
}
@@ -515,7 +536,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
int
_libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
const unsigned char *sig,
const unsigned char *m, unsigned long m_len)
const unsigned char *m, size_t m_len)
{
unsigned char hash[SHA_DIGEST_LENGTH + 1];
gcry_sexp_t s_sig, s_hash;
@@ -541,6 +562,7 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
return (rc == 0) ? 0 : -1;
}
#endif
int
_libssh2_cipher_init(_libssh2_cipher_ctx * h,
@@ -550,9 +572,9 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
int ret;
int cipher = _libssh2_gcry_cipher(algo);
int mode = _libssh2_gcry_mode(algo);
int keylen = gcry_cipher_get_algo_keylen(cipher);
size_t keylen = gcry_cipher_get_algo_keylen(cipher);
(void) encrypt;
(void)encrypt;
ret = gcry_cipher_open(h, cipher, mode, 0);
if(ret) {
@@ -566,7 +588,7 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
}
if(mode != GCRY_CIPHER_MODE_STREAM) {
int blklen = gcry_cipher_get_algo_blklen(cipher);
size_t blklen = gcry_cipher_get_algo_blklen(cipher);
if(mode == GCRY_CIPHER_MODE_CTR)
ret = gcry_cipher_setctr(*h, iv, blklen);
else
@@ -583,11 +605,14 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
int
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
_libssh2_cipher_type(algo),
int encrypt, unsigned char *block, size_t blklen)
int encrypt, unsigned char *block, size_t blklen,
int firstlast)
{
int cipher = _libssh2_gcry_cipher(algo);
int ret;
(void)algo;
(void)firstlast;
if(encrypt) {
ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen);
}
@@ -607,6 +632,14 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
size_t privatekeydata_len,
const char *passphrase)
{
(void)method;
(void)method_len;
(void)pubkeydata;
(void)pubkeydata_len;
(void)privatekeydata;
(void)privatekeydata_len;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_METHOD_NOT_SUPPORTED,
"Unable to extract public key from private "
"key in memory: "
@@ -622,11 +655,51 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
const char *privatekey,
const char *passphrase)
{
(void)method;
(void)method_len;
(void)pubkeydata;
(void)pubkeydata_len;
(void)privatekey;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to extract public key from private key file: "
"Method unimplemented in libgcrypt backend");
}
int
_libssh2_sk_pub_keyfilememory(LIBSSH2_SESSION *session,
unsigned char **method,
size_t *method_len,
unsigned char **pubkeydata,
size_t *pubkeydata_len,
int *algorithm,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
const char *privatekeydata,
size_t privatekeydata_len,
const char *passphrase)
{
(void)method;
(void)method_len;
(void)pubkeydata;
(void)pubkeydata_len;
(void)algorithm;
(void)flags;
(void)application;
(void)key_handle;
(void)handle_len;
(void)privatekeydata;
(void)privatekeydata_len;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to extract public SK key from private key file: "
"Method unimplemented in libgcrypt backend");
}
void _libssh2_init_aes_ctr(void)
{
/* no implementation */
@@ -664,4 +737,22 @@ _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx)
*dhctx = NULL;
}
#endif /* LIBSSH2_LIBGCRYPT */
/* _libssh2_supported_key_sign_algorithms
*
* Return supported key hash algo upgrades, see crypto.h
*
*/
const char *
_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session,
unsigned char *key_method,
size_t key_method_len)
{
(void)session;
(void)key_method;
(void)key_method_len;
return NULL;
}
#endif /* LIBSSH2_CRYPTO_C */

32
libssh2/src/libgcrypt.h
View File

@@ -39,6 +39,8 @@
* OF SUCH DAMAGE.
*/
#define LIBSSH2_CRYPTO_ENGINE libssh2_gcrypt
#include <gcrypt.h>
#define LIBSSH2_MD5 1
@@ -47,14 +49,17 @@
#define LIBSSH2_HMAC_SHA256 1
#define LIBSSH2_HMAC_SHA512 1
#define LIBSSH2_AES 1
#define LIBSSH2_AES_CBC 1
#define LIBSSH2_AES_CTR 1
#define LIBSSH2_AES_GCM 0
#define LIBSSH2_BLOWFISH 1
#define LIBSSH2_RC4 1
#define LIBSSH2_CAST 1
#define LIBSSH2_3DES 1
#define LIBSSH2_RSA 1
#define LIBSSH2_RSA_SHA1 1
#define LIBSSH2_RSA_SHA2 0
#define LIBSSH2_DSA 1
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
@@ -68,7 +73,7 @@
#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1)
#define _libssh2_random(buf, len) \
(gcry_randomize ((buf), (len), GCRY_STRONG_RANDOM), 0)
(gcry_randomize((buf), (len), GCRY_STRONG_RANDOM), 0)
#define libssh2_prepare_iovec(vec, len) /* Empty. */
@@ -152,18 +157,18 @@
#define libssh2_hmac_final(ctx, data) \
memcpy(data, gcry_md_read(ctx, 0), \
gcry_md_get_algo_dlen(gcry_md_get_algo(ctx)))
#define libssh2_hmac_cleanup(ctx) gcry_md_close (*ctx);
#define libssh2_hmac_cleanup(ctx) gcry_md_close(*ctx)
#define libssh2_crypto_init() gcry_control (GCRYCTL_DISABLE_SECMEM)
#define libssh2_crypto_init() gcry_control(GCRYCTL_DISABLE_SECMEM)
#define libssh2_crypto_exit()
#define libssh2_rsa_ctx struct gcry_sexp
#define _libssh2_rsa_free(rsactx) gcry_sexp_release (rsactx)
#define _libssh2_rsa_free(rsactx) gcry_sexp_release(rsactx)
#define libssh2_dsa_ctx struct gcry_sexp
#define _libssh2_dsa_free(dsactx) gcry_sexp_release (dsactx)
#define _libssh2_dsa_free(dsactx) gcry_sexp_release(dsactx)
#if LIBSSH2_ECDSA
#else
@@ -214,11 +219,19 @@
#define _libssh2_bn_to_bin(bn, val) \
gcry_mpi_print(GCRYMPI_FMT_USG, val, _libssh2_bn_bytes(bn), NULL, bn)
#define _libssh2_bn_bytes(bn) \
(gcry_mpi_get_nbits (bn) / 8 + \
((gcry_mpi_get_nbits (bn) % 8 == 0) ? 0 : 1))
#define _libssh2_bn_bits(bn) gcry_mpi_get_nbits (bn)
(gcry_mpi_get_nbits(bn) / 8 + \
((gcry_mpi_get_nbits(bn) % 8 == 0) ? 0 : 1))
#define _libssh2_bn_bits(bn) gcry_mpi_get_nbits(bn)
#define _libssh2_bn_free(bn) gcry_mpi_release(bn)
/* Default generate and safe prime sizes for
diffie-hellman-group-exchange-sha1 */
#define LIBSSH2_DH_GEX_MINGROUP 2048
#define LIBSSH2_DH_GEX_OPTGROUP 4096
#define LIBSSH2_DH_GEX_MAXGROUP 8192
#define LIBSSH2_DH_MAX_MODULUS_BITS 16384
#define _libssh2_dh_ctx struct gcry_mpi *
#define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx)
#define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \
@@ -226,6 +239,7 @@
#define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \
_libssh2_dh_secret(dhctx, secret, f, p)
#define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx)
extern void _libssh2_init_aes_ctr(void);
extern void _libssh2_dh_init(_libssh2_dh_ctx *dhctx);
extern int _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,
_libssh2_bn *g, _libssh2_bn *p,

45
libssh2/src/libssh2.rc Normal file
View File

@@ -0,0 +1,45 @@
/***************************************************************************
* libssh2 Windows resource file *
***************************************************************************/
#include <winver.h>
#include "libssh2.h"
LANGUAGE 0, 0
#define RC_VERSION LIBSSH2_VERSION_MAJOR, LIBSSH2_VERSION_MINOR, LIBSSH2_VERSION_PATCH, 0
VS_VERSION_INFO VERSIONINFO
FILEVERSION RC_VERSION
PRODUCTVERSION RC_VERSION
FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
#if defined(LIBSSH2DEBUG) || defined(_DEBUG)
FILEFLAGS VS_FF_DEBUG
#else
FILEFLAGS 0
#endif
FILEOS VOS__WINDOWS32
FILETYPE VFT_DLL
FILESUBTYPE 0
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0" /* 0x0409: en-US, 1200/0x04b0: UTF-16LE */
BEGIN
VALUE "CompanyName", "The libssh2 library, https://www.libssh2.org/\0"
VALUE "FileDescription", "libssh2 Shared Library\0"
VALUE "FileVersion", LIBSSH2_VERSION "\0"
VALUE "InternalName", "libssh2\0"
VALUE "OriginalFilename", "libssh2.dll\0"
VALUE "ProductName", "The libssh2 library\0"
VALUE "ProductVersion", LIBSSH2_VERSION "\0"
VALUE "LegalCopyright", "Copyright (C) " LIBSSH2_COPYRIGHT "\0"
VALUE "License", "https://www.libssh2.org/license.html\0"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x0409, 0x04b0 /* 0x0409: en-US, 1200/0x04b0: UTF-16LE */
END
END

62
libssh2/src/libssh2_config.h.in
View File

@@ -15,21 +15,17 @@
/* Define to 1 if you have the <arpa/inet.h> header file. */
#undef HAVE_ARPA_INET_H
/* Define to 1 if you have the declaration of `SecureZeroMemory', and to 0 if
you don't. */
#undef HAVE_DECL_SECUREZEROMEMORY
/* disabled non-blocking sockets */
#undef HAVE_DISABLED_NONBLOCKING
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
/* Define to 1 if you have the <errno.h> header file. */
#undef HAVE_ERRNO_H
/* Define to 1 if you have the `EVP_aes_128_ctr' function. */
#undef HAVE_EVP_AES_128_CTR
/* Define to 1 if you have the `explicit_bzero' function. */
#undef HAVE_EXPLICIT_BZERO
/* Define to 1 if you have the `explicit_memset' function. */
#undef HAVE_EXPLICIT_MEMSET
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
@@ -43,18 +39,12 @@
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* use ioctlsocket() for non-blocking sockets */
#undef HAVE_IOCTLSOCKET
/* use Ioctlsocket() for non-blocking sockets */
#undef HAVE_IOCTLSOCKET_CASE
/* Define if you have the bcrypt library. */
#undef HAVE_LIBBCRYPT
/* Define if you have the crypt32 library. */
#undef HAVE_LIBCRYPT32
/* Define if you have the gcrypt library. */
#undef HAVE_LIBGCRYPT
@@ -64,24 +54,18 @@
/* Define if you have the ssl library. */
#undef HAVE_LIBSSL
/* Define if you have the wolfssl library. */
#undef HAVE_LIBWOLFSSL
/* Define if you have the z library. */
#undef HAVE_LIBZ
/* Define to 1 if the compiler supports the 'long long' data type. */
#undef HAVE_LONGLONG
/* Define to 1 if you have the `memset_s' function. */
#undef HAVE_MEMSET_S
/* Define to 1 if you have the <netinet/in.h> header file. */
#undef HAVE_NETINET_IN_H
/* Define to 1 if you have the <ntdef.h> header file. */
#undef HAVE_NTDEF_H
/* Define to 1 if you have the <ntstatus.h> header file. */
#undef HAVE_NTSTATUS_H
/* use O_NONBLOCK for non-blocking sockets */
#undef HAVE_O_NONBLOCK
@@ -91,6 +75,9 @@
/* Define to 1 if you have the select function. */
#undef HAVE_SELECT
/* Define to 1 if you have the `snprintf' function. */
#undef HAVE_SNPRINTF
/* use SO_NONBLOCK for non-blocking sockets */
#undef HAVE_SO_NONBLOCK
@@ -115,6 +102,9 @@
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
/* Define to 1 if you have the <sys/param.h> header file. */
#undef HAVE_SYS_PARAM_H
/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
@@ -142,42 +132,30 @@
/* Define to 1 if you have the <windows.h> header file. */
#undef HAVE_WINDOWS_H
/* Define to 1 if you have the <winsock2.h> header file. */
#undef HAVE_WINSOCK2_H
/* Define to 1 if you have the <ws2tcpip.h> header file. */
#undef HAVE_WS2TCPIP_H
/* to make a symbol visible */
#undef LIBSSH2_API
/* Enable clearing of memory before being freed */
#undef LIBSSH2_CLEAR_MEMORY
/* Enable "none" cipher -- NOT RECOMMENDED */
#undef LIBSSH2_CRYPT_NONE
/* Enable newer diffie-hellman-group-exchange-sha1 syntax */
#undef LIBSSH2_DH_GEX_NEW
/* Compile in zlib support */
#undef LIBSSH2_HAVE_ZLIB
/* Use libgcrypt */
#undef LIBSSH2_LIBGCRYPT
/* Enable "none" MAC -- NOT RECOMMENDED */
#undef LIBSSH2_MAC_NONE
/* Use mbedtls */
#undef LIBSSH2_MBEDTLS
/* Disable clearing of memory before being freed */
#undef LIBSSH2_NO_CLEAR_MEMORY
/* Use openssl */
#undef LIBSSH2_OPENSSL
/* Use wincng */
#undef LIBSSH2_WINCNG
/* Use wolfssl */
#undef LIBSSH2_WOLFSSL
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#undef LT_OBJDIR

55
libssh2/src/libssh2_config_cmake.h.in
View File

@@ -38,68 +38,37 @@
/* Headers */
#cmakedefine HAVE_UNISTD_H
#cmakedefine HAVE_INTTYPES_H
#cmakedefine HAVE_STDLIB_H
#cmakedefine HAVE_SYS_SELECT_H
#cmakedefine HAVE_SYS_UIO_H
#cmakedefine HAVE_SYS_SOCKET_H
#cmakedefine HAVE_SYS_IOCTL_H
#cmakedefine HAVE_SYS_TIME_H
#cmakedefine HAVE_SYS_UN_H
#cmakedefine HAVE_WINDOWS_H
#cmakedefine HAVE_WS2TCPIP_H
#cmakedefine HAVE_WINSOCK2_H
#cmakedefine HAVE_NTDEF_H
#cmakedefine HAVE_NTSTATUS_H
/* Libraries */
#cmakedefine HAVE_LIBCRYPT32
/* Types */
#cmakedefine HAVE_LONGLONG
/* for example and tests */
#cmakedefine HAVE_SYS_PARAM_H
#cmakedefine HAVE_ARPA_INET_H
#cmakedefine HAVE_NETINET_IN_H
/* Functions */
#cmakedefine HAVE_GETTIMEOFDAY
#cmakedefine HAVE_INET_ADDR
#cmakedefine HAVE_POLL
#cmakedefine HAVE_SELECT
#cmakedefine HAVE_SOCKET
#cmakedefine HAVE_STRTOLL
#cmakedefine HAVE_STRTOI64
#cmakedefine HAVE_SNPRINTF
#cmakedefine HAVE_EXPLICIT_BZERO
#cmakedefine HAVE_EXPLICIT_MEMSET
#cmakedefine HAVE_MEMSET_S
/* OpenSSL functions */
#cmakedefine HAVE_EVP_AES_128_CTR
#cmakedefine HAVE_POLL
#cmakedefine HAVE_SELECT
/* Socket non-blocking support */
#cmakedefine HAVE_O_NONBLOCK
#cmakedefine HAVE_FIONBIO
#cmakedefine HAVE_IOCTLSOCKET
#cmakedefine HAVE_IOCTLSOCKET_CASE
#cmakedefine HAVE_SO_NONBLOCK
#cmakedefine HAVE_DISABLED_NONBLOCKING
/* snprintf not in Visual Studio CRT and _snprintf dangerously incompatible.
We provide a safe wrapper if snprintf not found */
#ifndef HAVE_SNPRINTF
#include <stdio.h>
#include <stdarg.h>
/* Want safe, 'n += snprintf(b + n ...)' like function. If cp_max_len is 1
* then assume cp is pointing to a null char and do nothing. Returns number
* number of chars placed in cp excluding the trailing null char. So for
* cp_max_len > 0 the return value is always < cp_max_len; for cp_max_len
* <= 0 the return value is 0 (and no chars are written to cp). */
static int snprintf(char * cp, int cp_max_len, const char * fmt, ...)
{
va_list args;
int n;
if (cp_max_len < 2)
return 0;
va_start(args, fmt);
n = vsnprintf(cp, cp_max_len, fmt, args);
va_end(args);
return (n < cp_max_len) ? n : (cp_max_len - 1);
}
#define HAVE_SNPRINTF
/* attribute to export symbol */
#if defined(LIBSSH2_EXPORTS) && defined(LIBSSH2_LIBRARY)
#cmakedefine LIBSSH2_API ${LIBSSH2_API}
#endif

275
libssh2/src/libssh2_priv.h
View File

@@ -39,23 +39,17 @@
* OF SUCH DAMAGE.
*/
/* Header used by 'src' */
#define LIBSSH2_LIBRARY
#include "libssh2_config.h"
#ifdef HAVE_WINDOWS_H
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <windows.h>
#undef WIN32_LEAN_AND_MEAN
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
/* platform/compiler-specific setup */
#include "libssh2_setup.h"
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <limits.h>
/* The following CPP block should really only be in session.c and packet.c.
However, AIX have #define's for 'events' and 'revents' and we are using
@@ -66,15 +60,8 @@
*/
#ifdef HAVE_POLL
# include <poll.h>
#else
# if defined(HAVE_SELECT) && !defined(WIN32)
# ifdef HAVE_SYS_SELECT_H
#elif defined(HAVE_SELECT) && defined(HAVE_SYS_SELECT_H)
# include <sys/select.h>
# else
# include <sys/time.h>
# include <sys/types.h>
# endif
# endif
#endif
/* Needed for struct iovec on some platforms */
@@ -83,10 +70,10 @@
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#include <sys/socket.h>
#endif
#ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
#include <sys/ioctl.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
@@ -95,7 +82,20 @@
#include "libssh2.h"
#include "libssh2_publickey.h"
#include "libssh2_sftp.h"
#include "misc.h" /* for the linked list stuff */
#include "misc.h"
#ifdef WIN32
/* Detect Windows App environment which has a restricted access
to the Win32 APIs. */
# if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \
defined(WINAPI_FAMILY)
# include <winapifamily.h>
# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
!WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
# define LIBSSH2_WINDOWS_UWP
# endif
# endif
#endif
#ifndef FALSE
#define FALSE 0
@@ -104,8 +104,30 @@
#define TRUE 1
#endif
#ifdef _MSC_VER
/* Use local implementation when not available */
#if !defined(HAVE_SNPRINTF)
#undef snprintf
#define snprintf _libssh2_snprintf
#define LIBSSH2_SNPRINTF
int _libssh2_snprintf(char *cp, size_t cp_max_len, const char *fmt, ...);
#endif
#if !defined(HAVE_GETTIMEOFDAY)
#define HAVE_GETTIMEOFDAY
#undef gettimeofday
#define gettimeofday _libssh2_gettimeofday
#define LIBSSH2_GETTIMEOFDAY
int _libssh2_gettimeofday(struct timeval *tp, void *tzp);
#elif defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#endif
/* "inline" keyword is valid only with C++ engine! */
#ifdef __GNUC__
#undef inline
#define inline __inline__
#elif defined(_MSC_VER)
#undef inline
#define inline __inline
#endif
@@ -119,20 +141,6 @@ struct iovec {
#endif
/* Provide iovec / writev on WIN32 platform. */
#ifdef WIN32
static inline int writev(int sock, struct iovec *iov, int nvecs)
{
DWORD ret;
if(WSASend(sock, (LPWSABUF)iov, nvecs, &ret, 0, NULL, NULL) == 0) {
return ret;
}
return -1;
}
#endif /* WIN32 */
#ifdef __OS400__
/* Force parameter type. */
#define send(s, b, l, f) send((s), (unsigned char *) (b), (l), (f))
@@ -140,13 +148,6 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
#include "crypto.h"
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#include <ws2tcpip.h>
#endif
#ifndef SIZE_MAX
#if _WIN64
#define SIZE_MAX 0xFFFFFFFFFFFFFFFF
@@ -159,6 +160,9 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
#define UINT_MAX 0xFFFFFFFF
#endif
#define LIBSSH2_MAX(x, y) ((x) > (y) ? (x) : (y))
#define LIBSSH2_MIN(x, y) ((x) < (y) ? (x) : (y))
/* RFC4253 section 6.1 Maximum Packet Length says:
*
* "All implementations MUST be able to process packets with
@@ -178,24 +182,42 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
#define LIBSSH2_FREE(session, ptr) \
session->free((ptr), &(session)->abstract)
#define LIBSSH2_IGNORE(session, data, datalen) \
session->ssh_msg_ignore((session), (data), (datalen), &(session)->abstract)
session->ssh_msg_ignore((session), (data), (int)(datalen), \
&(session)->abstract)
#define LIBSSH2_DEBUG(session, always_display, message, message_len, \
language, language_len) \
session->ssh_msg_debug((session), (always_display), (message), \
(message_len), (language), (language_len), \
session->ssh_msg_debug((session), (always_display), \
(message), (int)(message_len), \
(language), (int)(language_len), \
&(session)->abstract)
#define LIBSSH2_DISCONNECT(session, reason, message, message_len, \
language, language_len) \
session->ssh_msg_disconnect((session), (reason), (message), \
(message_len), (language), (language_len), \
session->ssh_msg_disconnect((session), (reason), \
(message), (int)(message_len), \
(language), (int)(language_len), \
&(session)->abstract)
#define LIBSSH2_MACERROR(session, data, datalen) \
session->macerror((session), (data), (datalen), &(session)->abstract)
session->macerror((session), (data), (int)(datalen), &(session)->abstract)
#define LIBSSH2_X11_OPEN(channel, shost, sport) \
channel->session->x11(((channel)->session), (channel), \
(shost), (sport), (&(channel)->session->abstract))
#define LIBSSH2_AUTHAGENT(channel) \
channel->session->authagent(((channel)->session), (channel), \
(&(channel)->session->abstract))
#define LIBSSH2_ADD_IDENTITIES(session, buffer, agentPath) \
session->addLocalIdentities((session), (buffer), \
(agentPath), (&(session->abstract)))
#define LIBSSH2_AUTHAGENT_SIGN(session, blob, blen, \
data, dlen, sig, sigLen, \
agentPath) \
session->agentSignCallback((session), (blob), (blen), \
(data), (dlen), (sig), (sigLen), \
(agentPath), (&(session->abstract)))
#define LIBSSH2_CHANNEL_CLOSE(session, channel) \
channel->close_cb((session), &(session)->abstract, \
(channel), &(channel)->abstract)
@@ -235,7 +257,9 @@ typedef enum
libssh2_NB_state_jump3,
libssh2_NB_state_jump4,
libssh2_NB_state_jump5,
libssh2_NB_state_end
libssh2_NB_state_error_closing,
libssh2_NB_state_end,
libssh2_NB_state_jumpauthagent
} libssh2_nonblocking_states;
typedef struct packet_require_state_t
@@ -341,6 +365,24 @@ typedef struct packet_x11_open_state_t
LIBSSH2_CHANNEL *channel;
} packet_x11_open_state_t;
#define AuthAgentUnavail "Auth Agent unavailable"
typedef struct packet_authagent_state_t
{
libssh2_nonblocking_states state;
unsigned char packet[17 + (sizeof(AuthAgentUnavail) - 1)];
uint32_t sender_channel;
uint32_t initial_window_size;
uint32_t packet_size;
LIBSSH2_CHANNEL *channel;
} packet_authagent_state_t;
typedef enum
{
libssh2_requires_size_decryption = (1 << 0),
libssh2_requires_size_field_in_packet = (1 << 1)
} libssh2_crypt_flags;
struct _LIBSSH2_PACKET
{
struct list_node node; /* linked list header */
@@ -383,7 +425,7 @@ struct _LIBSSH2_CHANNEL
/* Amount of bytes to be refunded to receive window (but not yet sent) */
uint32_t adjust_queue;
/* Data immediately available for reading */
uint32_t read_avail;
size_t read_avail;
LIBSSH2_SESSION *session;
@@ -463,6 +505,11 @@ struct _LIBSSH2_CHANNEL
size_t req_auth_agent_packet_len;
unsigned char req_auth_agent_local_channel[4];
packet_requirev_state_t req_auth_agent_requirev_state;
/* State variables used in libssh2_channel_signal_ex() */
libssh2_nonblocking_states sendsignal_state;
unsigned char *sendsignal_packet;
size_t sendsignal_packet_len;
};
struct _LIBSSH2_LISTENER
@@ -510,7 +557,7 @@ typedef struct _libssh2_endpoint_data
char *lang_prefs;
} libssh2_endpoint_data;
#define PACKETBUFSIZE (1024*16)
#define PACKETBUFSIZE MAX_SSH_PACKET_LEN
struct transportpacket
{
@@ -533,14 +580,15 @@ struct transportpacket
packet_length + padding_length + 4 +
mac_length. */
unsigned char *payload; /* this is a pointer to a LIBSSH2_ALLOC()
area to which we write decrypted data */
area to which we write incoming packet data
which is not yet decrypted in etm mode. */
unsigned char *wptr; /* write pointer into the payload to where we
are currently writing decrypted data */
/* ------------- for outgoing data --------------- */
unsigned char outbuf[MAX_SSH_PACKET_LEN]; /* area for the outgoing data */
int ototal_num; /* size of outbuf in number of bytes */
ssize_t ototal_num; /* size of outbuf in number of bytes */
const unsigned char *odata; /* original pointer to the data */
size_t olen; /* original size of the data we stored in
outbuf */
@@ -580,12 +628,14 @@ struct _LIBSSH2_PUBLICKEY
struct flags {
int sigpipe; /* LIBSSH2_FLAG_SIGPIPE */
int compress; /* LIBSSH2_FLAG_COMPRESS */
int quote_paths; /* LIBSSH2_FLAG_QUOTE_PATHS */
};
struct _LIBSSH2_SESSION
{
/* Memory management callbacks */
void *abstract;
LIBSSH2_ALLOC_FUNC((*alloc));
LIBSSH2_REALLOC_FUNC((*realloc));
LIBSSH2_FREE_FUNC((*free));
@@ -596,6 +646,9 @@ struct _LIBSSH2_SESSION
LIBSSH2_DISCONNECT_FUNC((*ssh_msg_disconnect));
LIBSSH2_MACERROR_FUNC((*macerror));
LIBSSH2_X11_OPEN_FUNC((*x11));
LIBSSH2_AUTHAGENT_FUNC((*authagent));
LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities));
LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback));
LIBSSH2_SEND_FUNC((*send));
LIBSSH2_RECV_FUNC((*recv));
@@ -610,7 +663,7 @@ struct _LIBSSH2_SESSION
/* Agreed Key Exchange Method */
const LIBSSH2_KEX_METHOD *kex;
unsigned int burn_optimistic_kexinit:1;
unsigned int burn_optimistic_kexinit;
unsigned char *session_id;
uint32_t session_id_len;
@@ -640,6 +693,12 @@ struct _LIBSSH2_SESSION
unsigned char server_hostkey_sha256[SHA256_DIGEST_LENGTH];
int server_hostkey_sha256_valid;
/* public key algorithms accepted as comma separated list */
char *server_sign_algorithms;
/* key signing algorithm preferences -- NULL yields server order */
char *sign_algo_prefs;
/* (remote as source of data -- packet_read ) */
libssh2_endpoint_data remote;
@@ -713,6 +772,7 @@ struct _LIBSSH2_SESSION
libssh2_nonblocking_states userauth_list_state;
unsigned char *userauth_list_data;
size_t userauth_list_data_len;
char *userauth_banner;
packet_requirev_state_t userauth_list_packet_requirev_state;
/* State variables used in libssh2_userauth_password_ex() */
@@ -753,10 +813,10 @@ struct _LIBSSH2_SESSION
size_t userauth_kybd_data_len;
unsigned char *userauth_kybd_packet;
size_t userauth_kybd_packet_len;
unsigned int userauth_kybd_auth_name_len;
char *userauth_kybd_auth_name;
unsigned userauth_kybd_auth_instruction_len;
char *userauth_kybd_auth_instruction;
size_t userauth_kybd_auth_name_len;
unsigned char *userauth_kybd_auth_name;
size_t userauth_kybd_auth_instruction_len;
unsigned char *userauth_kybd_auth_instruction;
unsigned int userauth_kybd_num_prompts;
int userauth_kybd_auth_failure;
LIBSSH2_USERAUTH_KBDINT_PROMPT *userauth_kybd_prompts;
@@ -803,6 +863,7 @@ struct _LIBSSH2_SESSION
states */
packet_queue_listener_state_t packAdd_Qlstn_state;
packet_x11_open_state_t packAdd_x11open_state;
packet_authagent_state_t packAdd_authagent_state;
/* State variables used in fullpacket() */
libssh2_nonblocking_states fullpacket_state;
@@ -816,7 +877,7 @@ struct _LIBSSH2_SESSION
LIBSSH2_CHANNEL *sftpInit_channel;
unsigned char sftpInit_buffer[9]; /* sftp_header(5){excludes request_id}
+ version_id(4) */
int sftpInit_sent; /* number of bytes from the buffer that have been
size_t sftpInit_sent; /* number of bytes from the buffer that have been
sent */
/* State variables used in libssh2_scp_recv() / libssh_scp_recv2() */
@@ -826,17 +887,7 @@ struct _LIBSSH2_SESSION
unsigned char scpRecv_response[LIBSSH2_SCP_RESPONSE_BUFLEN];
size_t scpRecv_response_len;
long scpRecv_mode;
#if defined(HAVE_LONGLONG) && defined(HAVE_STRTOLL)
/* we have the type and we can parse such numbers */
long long scpRecv_size;
#define scpsize_strtol strtoll
#elif defined(HAVE_STRTOI64)
__int64 scpRecv_size;
#define scpsize_strtol _strtoi64
#else
long scpRecv_size;
#define scpsize_strtol strtol
#endif
libssh2_int64_t scpRecv_size;
long scpRecv_mtime;
long scpRecv_atime;
LIBSSH2_CHANNEL *scpRecv_channel;
@@ -853,6 +904,9 @@ struct _LIBSSH2_SESSION
int keepalive_interval;
int keepalive_want_reply;
time_t keepalive_last_sent;
/* Configurable timeout for packets. Replaces LIBSSH2_READ_TIMEOUT */
long packet_read_timeout;
};
/* session.state bits */
@@ -934,12 +988,36 @@ struct _LIBSSH2_CRYPT_METHOD
int *free_iv, unsigned char *secret, int *free_secret,
int encrypt, void **abstract);
int (*crypt) (LIBSSH2_SESSION * session, unsigned char *block,
size_t blocksize, void **abstract);
size_t blocksize, void **abstract, int firstlast);
int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
_libssh2_cipher_type(algo);
};
/* Bit flags for _LIBSSH2_CRYPT_METHOD */
/* Crypto method has integrated message authentication */
#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1
/* Crypto method does not encrypt the packet length */
#define LIBSSH2_CRYPT_FLAG_PKTLEN_AAD 2
/* Convenience macros for accessing crypt flags */
/* Local crypto flags */
#define CRYPT_FLAG_L(session, flag) ((session)->local.crypt && \
((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag))
/* Remote crypto flags */
#define CRYPT_FLAG_R(session, flag) ((session)->remote.crypt && \
((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag))
/* Values for firstlast */
#define FIRST_BLOCK 1
#define MIDDLE_BLOCK 0
#define LAST_BLOCK 2
/* Convenience macros for accessing firstlast */
#define IS_FIRST(firstlast) (firstlast & FIRST_BLOCK)
#define IS_LAST(firstlast) (firstlast & LAST_BLOCK)
struct _LIBSSH2_COMP_METHOD
{
const char *name;
@@ -963,23 +1041,12 @@ struct _LIBSSH2_COMP_METHOD
};
#ifdef LIBSSH2DEBUG
void _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format,
void
_libssh2_debug_low(LIBSSH2_SESSION * session, int context, const char *format,
...);
#define _libssh2_debug(x) _libssh2_debug_low x
#else
#if (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)) || \
defined(__GNUC__)
/* C99 supported and also by older GCC */
#define _libssh2_debug(x,y,z,...) do {} while (0)
#else
/* no gcc and not C99, do static and hopefully inline */
static inline void
_libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
{
(void)session;
(void)context;
(void)format;
}
#endif
#define _libssh2_debug(x) do {} while(0)
#endif
#define LIBSSH2_SOCKET_UNKNOWN 1
@@ -1006,6 +1073,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
#define SSH_MSG_DEBUG 4
#define SSH_MSG_SERVICE_REQUEST 5
#define SSH_MSG_SERVICE_ACCEPT 6
#define SSH_MSG_EXT_INFO 7
#define SSH_MSG_KEXINIT 20
#define SSH_MSG_NEWKEYS 21
@@ -1069,7 +1137,7 @@ ssize_t _libssh2_recv(libssh2_socket_t socket, void *buffer,
ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer,
size_t length, int flags, void **abstract);
#define LIBSSH2_READ_TIMEOUT 60 /* generic timeout in seconds used when
#define LIBSSH2_DEFAULT_READ_TIMEOUT 60 /* generic timeout in seconds used when
waiting for more data to arrive */
@@ -1080,7 +1148,6 @@ int _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
const LIBSSH2_CRYPT_METHOD **libssh2_crypt_methods(void);
const LIBSSH2_HOSTKEY_METHOD **libssh2_hostkey_methods(void);
/* misc.c */
int _libssh2_bcrypt_pbkdf(const char *pass,
size_t passlen,
const uint8_t *salt,
@@ -1094,12 +1161,12 @@ int _libssh2_pem_parse(LIBSSH2_SESSION * session,
const char *headerbegin,
const char *headerend,
const unsigned char *passphrase,
FILE * fp, unsigned char **data, unsigned int *datalen);
FILE * fp, unsigned char **data, size_t *datalen);
int _libssh2_pem_parse_memory(LIBSSH2_SESSION * session,
const char *headerbegin,
const char *headerend,
const char *filedata, size_t filedata_len,
unsigned char **data, unsigned int *datalen);
unsigned char **data, size_t *datalen);
/* OpenSSL keys */
int
_libssh2_openssh_pem_parse(LIBSSH2_SESSION * session,
@@ -1111,37 +1178,39 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session,
const char *filedata, size_t filedata_len,
struct string_buf **decrypted_buf);
int _libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen);
int _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen,
int _libssh2_pem_decode_sequence(unsigned char **data, size_t *datalen);
int _libssh2_pem_decode_integer(unsigned char **data, size_t *datalen,
unsigned char **i, unsigned int *ilen);
/* global.c */
void _libssh2_init_if_needed(void);
/* Utility function for certificate auth */
size_t plain_method(char *method, size_t method_len);
#define ARRAY_SIZE(a) (sizeof ((a)) / sizeof ((a)[0]))
/* define to output the libssh2_int64_t type in a *printf() */
#if defined(__BORLANDC__) || defined(_MSC_VER) || defined(__MINGW32__)
#if defined(__BORLANDC__) || defined(_MSC_VER)
#define LIBSSH2_INT64_T_FORMAT "I64d"
#else
#define LIBSSH2_INT64_T_FORMAT "lld"
#endif
/* In Windows the default file mode is text but an application can override it.
Therefore we specify it explicitly. https://github.com/curl/curl/pull/258
*/
Therefore we specify it explicitly. https://github.com/curl/curl/pull/258
*/
#if defined(WIN32) || defined(MSDOS)
#define FOPEN_READTEXT "rt"
#define FOPEN_WRITETEXT "wt"
#define FOPEN_APPENDTEXT "at"
#elif defined(__CYGWIN__)
/* Cygwin has specific behavior we need to address when WIN32 is not defined.
https://cygwin.com/cygwin-ug-net/using-textbinary.html
For write we want our output to have line endings of LF and be compatible with
other Cygwin utilities. For read we want to handle input that may have line
endings either CRLF or LF so 't' is appropriate.
*/
https://cygwin.com/cygwin-ug-net/using-textbinary.html
For write we want our output to have line endings of LF and be compatible
with other Cygwin utilities. For read we want to handle input that may have
line endings either CRLF or LF so 't' is appropriate.
*/
#define FOPEN_READTEXT "rt"
#define FOPEN_WRITETEXT "w"
#define FOPEN_APPENDTEXT "a"

105
libssh2/src/libssh2_setup.h Normal file
View File

@@ -0,0 +1,105 @@
/* Copyright (c) 2023 Viktor Szakats */
#ifndef LIBSSH2_SETUP_H
#define LIBSSH2_SETUP_H
/* Header for platform/compiler-specific initialization.
Used by 'src', 'example', 'tests' */
#if defined(_WIN32) && !defined(WIN32)
#define WIN32
#endif
/* Define mingw-w64 version macros, eg __MINGW{32,64}_{MINOR,MAJOR}_VERSION */
#ifdef __MINGW32__
#include <_mingw.h>
#endif
/* Configuration provided by build tools (autotools and CMake),
and via platform-specific directories for os400 and vms */
#if defined(HAVE_CONFIG_H) || defined(__OS400__) || defined(__VMS)
#include "libssh2_config.h"
/* Hand-crafted configuration for platforms which lack config tool.
Keep this synced with root CMakeLists.txt */
#elif defined(WIN32)
#define HAVE_SELECT
#define HAVE_SNPRINTF
#ifdef __MINGW32__
# define HAVE_UNISTD_H
# define HAVE_INTTYPES_H
# define HAVE_SYS_TIME_H
# define HAVE_SYS_PARAM_H
# define HAVE_GETTIMEOFDAY
# define HAVE_STRTOLL
#elif defined(_MSC_VER)
# if _MSC_VER >= 1800
# define HAVE_INTTYPES_H
# define HAVE_STRTOLL
# else
# define HAVE_STRTOI64
# endif
# if _MSC_VER < 1900
# undef HAVE_SNPRINTF
# endif
#endif
#endif /* defined(HAVE_CONFIG_H) */
/* Below applies to both auto-detected and hand-crafted configs */
#ifdef WIN32
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#ifndef NOGDI
#define NOGDI
#endif
#ifndef NONLS
#define NONLS
#endif
#ifdef __MINGW32__
# ifdef __MINGW64_VERSION_MAJOR
/* Number of bits in a file offset, on hosts where this is settable. */
# ifndef _FILE_OFFSET_BITS
# define _FILE_OFFSET_BITS 64
# endif
# endif
#elif defined(_MSC_VER)
# ifndef _CRT_SECURE_NO_WARNINGS
# define _CRT_SECURE_NO_WARNINGS /* for fopen(), getenv() */
# endif
# if !defined(LIBSSH2_LIBRARY) || defined(LIBSSH2_TESTS)
/* apply to examples and tests only */
# ifndef _CRT_NONSTDC_NO_DEPRECATE
# define _CRT_NONSTDC_NO_DEPRECATE /* for strdup(), write() */
# endif
# ifndef _WINSOCK_DEPRECATED_NO_WARNINGS
# define _WINSOCK_DEPRECATED_NO_WARNINGS /* for inet_addr() */
# endif
/* we cannot access our internal snprintf() implementation in examples and
tests when linking to a shared libssh2. */
# if _MSC_VER < 1900
# undef HAVE_SNPRINTF
# define HAVE_SNPRINTF
# define snprintf _snprintf
# endif
# endif
# if _MSC_VER < 1500
# define vsnprintf _vsnprintf
# endif
# if _MSC_VER < 1900
# define strdup _strdup
/* Silence bogus warning C4127: conditional expression is constant */
# pragma warning(disable:4127)
# endif
#endif
#endif /* WIN32 */
#endif /* LIBSSH2_SETUP_H */

143
libssh2/src/mac.c
View File

@@ -38,15 +38,26 @@
#include "libssh2_priv.h"
#include "mac.h"
#ifdef LIBSSH2_MAC_NONE
#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE)
/* mac_none_MAC
* Minimalist MAC: No MAC
*
* Minimalist MAC: No MAC. DO NOT USE.
*
* The SSH2 Transport allows implementations to forego a message
* authentication code. While this is less of a security risk than using
* a "none" cipher, it is still not recommended as disabling MAC hashes
* removes a layer of security.
*
* Enabling this option will allow for "none" as a negotiable method,
* however it still requires that the method be advertised by the remote
* end and that no more-preferable methods are available.
*
*/
static int
mac_none_MAC(LIBSSH2_SESSION * session, unsigned char *buf,
uint32_t seqno, const unsigned char *packet,
uint32_t packet_len, const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t packet_len, const unsigned char *addtl,
size_t addtl_len, void **abstract)
{
return 0;
}
@@ -60,9 +71,10 @@ static LIBSSH2_MAC_METHOD mac_method_none = {
0,
NULL,
mac_none_MAC,
NULL
NULL,
0
};
#endif /* LIBSSH2_MAC_NONE */
#endif /* defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE) */
/* mac_method_common_init
* Initialize simple mac methods
@@ -73,7 +85,7 @@ mac_method_common_init(LIBSSH2_SESSION * session, unsigned char *key,
{
*abstract = key;
*free_key = 0;
(void) session;
(void)session;
return 0;
}
@@ -104,13 +116,13 @@ static int
mac_method_hmac_sha2_512_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
libssh2_hmac_ctx ctx;
unsigned char seqno_buf[4];
(void) session;
(void)session;
_libssh2_htonu32(seqno_buf, seqno);
@@ -127,8 +139,6 @@ mac_method_hmac_sha2_512_hash(LIBSSH2_SESSION * session,
return 0;
}
static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = {
"hmac-sha2-512",
64,
@@ -136,7 +146,19 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = {
mac_method_common_init,
mac_method_hmac_sha2_512_hash,
mac_method_common_dtor,
0
};
static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512_etm = {
"hmac-sha2-512-etm@openssh.com",
64,
64,
mac_method_common_init,
mac_method_hmac_sha2_512_hash,
mac_method_common_dtor,
1
};
#endif
@@ -149,13 +171,13 @@ static int
mac_method_hmac_sha2_256_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
libssh2_hmac_ctx ctx;
unsigned char seqno_buf[4];
(void) session;
(void)session;
_libssh2_htonu32(seqno_buf, seqno);
@@ -181,7 +203,19 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_256 = {
mac_method_common_init,
mac_method_hmac_sha2_256_hash,
mac_method_common_dtor,
0
};
static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_256_etm = {
"hmac-sha2-256-etm@openssh.com",
32,
32,
mac_method_common_init,
mac_method_hmac_sha2_256_hash,
mac_method_common_dtor,
1
};
#endif
@@ -194,13 +228,13 @@ static int
mac_method_hmac_sha1_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
libssh2_hmac_ctx ctx;
unsigned char seqno_buf[4];
(void) session;
(void)session;
_libssh2_htonu32(seqno_buf, seqno);
@@ -226,6 +260,17 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1 = {
mac_method_common_init,
mac_method_hmac_sha1_hash,
mac_method_common_dtor,
0
};
static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1_etm = {
"hmac-sha1-etm@openssh.com",
20,
20,
mac_method_common_init,
mac_method_hmac_sha1_hash,
mac_method_common_dtor,
1
};
/* mac_method_hmac_sha1_96_hash
@@ -235,9 +280,9 @@ static int
mac_method_hmac_sha1_96_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
unsigned char temp[SHA_DIGEST_LENGTH];
@@ -257,6 +302,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1_96 = {
mac_method_common_init,
mac_method_hmac_sha1_96_hash,
mac_method_common_dtor,
0
};
#if LIBSSH2_MD5
@@ -267,13 +313,13 @@ static int
mac_method_hmac_md5_hash(LIBSSH2_SESSION * session, unsigned char *buf,
uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
libssh2_hmac_ctx ctx;
unsigned char seqno_buf[4];
(void) session;
(void)session;
_libssh2_htonu32(seqno_buf, seqno);
@@ -299,6 +345,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_md5 = {
mac_method_common_init,
mac_method_hmac_md5_hash,
mac_method_common_dtor,
0
};
/* mac_method_hmac_md5_96_hash
@@ -308,9 +355,9 @@ static int
mac_method_hmac_md5_96_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len, void **abstract)
size_t addtl_len, void **abstract)
{
unsigned char temp[MD5_DIGEST_LENGTH];
mac_method_hmac_md5_hash(session, temp, seqno, packet, packet_len,
@@ -328,6 +375,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_md5_96 = {
mac_method_common_init,
mac_method_hmac_md5_96_hash,
mac_method_common_dtor,
0
};
#endif /* LIBSSH2_MD5 */
@@ -339,14 +387,14 @@ static int
mac_method_hmac_ripemd160_hash(LIBSSH2_SESSION * session,
unsigned char *buf, uint32_t seqno,
const unsigned char *packet,
uint32_t packet_len,
size_t packet_len,
const unsigned char *addtl,
uint32_t addtl_len,
size_t addtl_len,
void **abstract)
{
libssh2_hmac_ctx ctx;
unsigned char seqno_buf[4];
(void) session;
(void)session;
_libssh2_htonu32(seqno_buf, seqno);
@@ -372,6 +420,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160 = {
mac_method_common_init,
mac_method_hmac_ripemd160_hash,
mac_method_common_dtor,
0
};
static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = {
@@ -381,17 +430,21 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = {
mac_method_common_init,
mac_method_hmac_ripemd160_hash,
mac_method_common_dtor,
0
};
#endif /* LIBSSH2_HMAC_RIPEMD */
static const LIBSSH2_MAC_METHOD *mac_methods[] = {
#if LIBSSH2_HMAC_SHA256
&mac_method_hmac_sha2_256,
&mac_method_hmac_sha2_256_etm,
#endif
#if LIBSSH2_HMAC_SHA512
&mac_method_hmac_sha2_512,
&mac_method_hmac_sha2_512_etm,
#endif
&mac_method_hmac_sha1,
&mac_method_hmac_sha1_etm,
&mac_method_hmac_sha1_96,
#if LIBSSH2_MD5
&mac_method_hmac_md5,
@@ -401,9 +454,9 @@ static const LIBSSH2_MAC_METHOD *mac_methods[] = {
&mac_method_hmac_ripemd160,
&mac_method_hmac_ripemd160_openssh_com,
#endif /* LIBSSH2_HMAC_RIPEMD */
#ifdef LIBSSH2_MAC_NONE
#if defined(LIBSSH2DEBUG) && defined(LIBSSH2_MAC_NONE_INSECURE)
&mac_method_none,
#endif /* LIBSSH2_MAC_NONE */
#endif
NULL
};
@@ -412,3 +465,33 @@ _libssh2_mac_methods(void)
{
return mac_methods;
}
#if LIBSSH2_AES_GCM
/* Stub for aes256-gcm@openssh.com crypto type, which has an integrated
HMAC method. This must not be added to mac_methods[] since it cannot be
negotiated separately. */
static const LIBSSH2_MAC_METHOD mac_method_hmac_aesgcm = {
"INTEGRATED-AES-GCM", /* made up name for display only */
16,
16,
NULL,
NULL,
NULL,
0
};
#endif /* LIBSSH2_AES_GCM */
/* See if the negotiated crypto method has its own authentication scheme that
* obviates the need for a separate negotiated hmac method */
const LIBSSH2_MAC_METHOD *
_libssh2_mac_override(const LIBSSH2_CRYPT_METHOD *crypt)
{
#if LIBSSH2_AES_GCM
if(!strcmp(crypt->name, "aes256-gcm@openssh.com") ||
!strcmp(crypt->name, "aes128-gcm@openssh.com"))
return &mac_method_hmac_aesgcm;
#else
(void) crypt;
#endif /* LIBSSH2_AES_GCM */
return NULL;
}

8
libssh2/src/mac.h
View File

@@ -54,13 +54,17 @@ struct _LIBSSH2_MAC_METHOD
void **abstract);
int (*hash) (LIBSSH2_SESSION * session, unsigned char *buf,
uint32_t seqno, const unsigned char *packet,
uint32_t packet_len, const unsigned char *addtl,
uint32_t addtl_len, void **abstract);
size_t packet_len, const unsigned char *addtl,
size_t addtl_len, void **abstract);
int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
int etm; /* encrypt-then-mac */
};
typedef struct _LIBSSH2_MAC_METHOD LIBSSH2_MAC_METHOD;
const LIBSSH2_MAC_METHOD **_libssh2_mac_methods(void);
const LIBSSH2_MAC_METHOD *_libssh2_mac_override(
const LIBSSH2_CRYPT_METHOD *crypt);
#endif /* __LIBSSH2_MAC_H */

454
libssh2/src/mbedtls.c
View File

@@ -35,9 +35,17 @@
* OF SUCH DAMAGE.
*/
#include "libssh2_priv.h"
#ifdef LIBSSH2_CRYPTO_C /* Compile this via crypto.c */
#ifdef LIBSSH2_MBEDTLS /* compile only if we build with mbedtls */
#include <stdlib.h>
#if MBEDTLS_VERSION_NUMBER < 0x03000000
#define mbedtls_cipher_info_get_key_bitlen(c) (c->key_bitlen)
#define mbedtls_cipher_info_get_iv_size(c) (c->iv_size)
#define mbedtls_rsa_get_len(rsa) (rsa->len)
#define MBEDTLS_PRIVATE(m) m
#endif
/*******************************************************************/
/*
@@ -63,7 +71,7 @@ _libssh2_mbedtls_init(void)
ret = mbedtls_ctr_drbg_seed(&_libssh2_mbedtls_ctr_drbg,
mbedtls_entropy_func,
&_libssh2_mbedtls_entropy, NULL, 0);
if(ret != 0)
if(ret)
mbedtls_ctr_drbg_free(&_libssh2_mbedtls_ctr_drbg);
}
@@ -75,7 +83,7 @@ _libssh2_mbedtls_free(void)
}
int
_libssh2_mbedtls_random(unsigned char *buf, int len)
_libssh2_mbedtls_random(unsigned char *buf, size_t len)
{
int ret;
ret = mbedtls_ctr_drbg_random(&_libssh2_mbedtls_ctr_drbg, buf, len);
@@ -83,19 +91,13 @@ _libssh2_mbedtls_random(unsigned char *buf, int len)
}
static void
_libssh2_mbedtls_safe_free(void *buf, int len)
_libssh2_mbedtls_safe_free(void *buf, size_t len)
{
#ifndef LIBSSH2_CLEAR_MEMORY
(void)len;
#endif
if(!buf)
return;
#ifdef LIBSSH2_CLEAR_MEMORY
if(len > 0)
_libssh2_explicit_zero(buf, len);
#endif
mbedtls_free(buf);
}
@@ -122,10 +124,14 @@ _libssh2_mbedtls_cipher_init(_libssh2_cipher_ctx *ctx,
mbedtls_cipher_init(ctx);
ret = mbedtls_cipher_setup(ctx, cipher_info);
if(!ret)
ret = mbedtls_cipher_setkey(ctx, secret, cipher_info->key_bitlen, op);
ret = mbedtls_cipher_setkey(ctx,
secret,
(int)mbedtls_cipher_info_get_key_bitlen(cipher_info),
op);
if(!ret)
ret = mbedtls_cipher_set_iv(ctx, iv, cipher_info->iv_size);
ret = mbedtls_cipher_set_iv(ctx, iv,
mbedtls_cipher_info_get_iv_size(cipher_info));
return ret == 0 ? 0 : -1;
}
@@ -135,14 +141,15 @@ _libssh2_mbedtls_cipher_crypt(_libssh2_cipher_ctx *ctx,
_libssh2_cipher_type(algo),
int encrypt,
unsigned char *block,
size_t blocklen)
size_t blocklen, int firstlast)
{
int ret;
unsigned char *output;
size_t osize, olen, finish_olen;
(void) encrypt;
(void) algo;
(void)encrypt;
(void)algo;
(void)firstlast;
osize = blocklen + mbedtls_cipher_get_block_size(ctx);
@@ -188,7 +195,7 @@ _libssh2_mbedtls_hash_init(mbedtls_md_context_t *ctx,
if(!md_info)
return 0;
hmac = key == NULL ? 0 : 1;
hmac = key ? 1 : 0;
mbedtls_md_init(ctx);
ret = mbedtls_md_setup(ctx, md_info, hmac);
@@ -261,7 +268,7 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
{
size_t len;
int err;
int i;
size_t i;
if(!bn || bits <= 0)
return -1;
@@ -272,8 +279,8 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
if(err)
return -1;
/* Zero unused bits above the most significant bit*/
for(i = len*8 - 1; bits <= i; --i) {
/* Zero unused bits above the most significant bit */
for(i = len*8 - 1; (size_t)bits <= i; --i) {
err = mbedtls_mpi_set_bit(bn, i, 0);
if(err)
return -1;
@@ -285,11 +292,13 @@ _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
will be set to 1, so that the product of two such random numbers will
always have 2*bits length.
*/
for(i = 0; i <= top; ++i) {
if(top >= 0) {
for(i = 0; i <= (size_t)top; ++i) {
err = mbedtls_mpi_set_bit(bn, bits-i-1, 1);
if(err)
return -1;
}
}
/* make odd by setting first bit in least significant byte */
if(bottom) {
@@ -330,31 +339,43 @@ _libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa,
libssh2_rsa_ctx *ctx;
ctx = (libssh2_rsa_ctx *) mbedtls_calloc(1, sizeof(libssh2_rsa_ctx));
if(ctx != NULL) {
if(ctx) {
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
mbedtls_rsa_init(ctx);
#else
mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, 0);
#endif
}
else
return -1;
/* !checksrc! disable ASSIGNWITHINCONDITION 1 */
if((ret = mbedtls_mpi_read_binary(&(ctx->E), edata, elen) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->N), ndata, nlen) ) != 0) {
if((ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(E)),
edata, elen)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(N)),
ndata, nlen))) {
ret = -1;
}
if(!ret) {
ctx->len = mbedtls_mpi_size(&(ctx->N));
ctx->MBEDTLS_PRIVATE(len) =
mbedtls_mpi_size(&(ctx->MBEDTLS_PRIVATE(N)));
}
if(!ret && ddata) {
/* !checksrc! disable ASSIGNWITHINCONDITION 1 */
if((ret = mbedtls_mpi_read_binary(&(ctx->D), ddata, dlen) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->P), pdata, plen) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->Q), qdata, qlen) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->DP), e1data, e1len) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->DQ), e2data, e2len) ) != 0 ||
(ret = mbedtls_mpi_read_binary(&(ctx->QP), coeffdata, coefflen) )
!= 0) {
if((ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(D)),
ddata, dlen)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(P)),
pdata, plen)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(Q)),
qdata, qlen)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(DP)),
e1data, e1len)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(DQ)),
e2data, e2len)) ||
(ret = mbedtls_mpi_read_binary(&(ctx->MBEDTLS_PRIVATE(QP)),
coeffdata, coefflen))) {
ret = -1;
}
ret = mbedtls_rsa_check_privkey(ctx);
@@ -382,14 +403,24 @@ _libssh2_mbedtls_rsa_new_private(libssh2_rsa_ctx **rsa,
mbedtls_rsa_context *pk_rsa;
*rsa = (libssh2_rsa_ctx *) LIBSSH2_ALLOC(session, sizeof(libssh2_rsa_ctx));
if(*rsa == NULL)
if(!*rsa)
return -1;
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
mbedtls_rsa_init(*rsa);
#else
mbedtls_rsa_init(*rsa, MBEDTLS_RSA_PKCS_V15, 0);
#endif
mbedtls_pk_init(&pkey);
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg);
#else
ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase);
if(ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) {
#endif
if(ret || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) {
mbedtls_pk_free(&pkey);
mbedtls_rsa_free(*rsa);
LIBSSH2_FREE(session, *rsa);
@@ -418,7 +449,7 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
size_t pwd_len;
*rsa = (libssh2_rsa_ctx *) mbedtls_calloc(1, sizeof(libssh2_rsa_ctx));
if(*rsa == NULL)
if(!*rsa)
return -1;
/*
@@ -426,20 +457,28 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
private-key from memory will fail if the last byte is not a null byte
*/
filedata_nullterm = mbedtls_calloc(filedata_len + 1, 1);
if(filedata_nullterm == NULL) {
if(!filedata_nullterm) {
return -1;
}
memcpy(filedata_nullterm, filedata, filedata_len);
mbedtls_pk_init(&pkey);
pwd_len = passphrase != NULL ? strlen((const char *)passphrase) : 0;
pwd_len = passphrase ? strlen((const char *)passphrase) : 0;
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata_nullterm,
filedata_len + 1,
passphrase, pwd_len,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg);
#else
ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata_nullterm,
filedata_len + 1,
passphrase, pwd_len);
#endif
_libssh2_mbedtls_safe_free(filedata_nullterm, filedata_len);
if(ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) {
if(ret || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA) {
mbedtls_pk_free(&pkey);
mbedtls_rsa_free(*rsa);
LIBSSH2_FREE(session, *rsa);
@@ -455,28 +494,69 @@ _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
}
int
_libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
_libssh2_mbedtls_rsa_sha2_verify(libssh2_rsa_ctx * rsactx,
size_t hash_len,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m,
unsigned long m_len)
const unsigned char *m, unsigned long m_len)
{
unsigned char hash[SHA_DIGEST_LENGTH];
int ret;
int md_type;
unsigned char *hash;
ret = _libssh2_mbedtls_hash(m, m_len, MBEDTLS_MD_SHA1, hash);
if(ret)
if(sig_len < mbedtls_rsa_get_len(rsactx))
return -1;
hash = malloc(hash_len);
if(!hash)
return -1;
if(hash_len == SHA_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA1;
}
else if(hash_len == SHA256_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA256;
}
else if(hash_len == SHA512_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA512;
}
else{
free(hash);
return -1; /* unsupported digest */
}
ret = _libssh2_mbedtls_hash(m, m_len, md_type, hash);
if(ret) {
free(hash);
return -1; /* failure */
}
ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH,
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_rsa_pkcs1_verify(rsactx,
md_type, (unsigned int)hash_len,
hash, sig);
#else
ret = mbedtls_rsa_pkcs1_verify(rsactx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
md_type, (unsigned int)hash_len,
hash, sig);
#endif
free(hash);
return (ret == 0) ? 0 : -1;
}
int
_libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session,
_libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx * rsactx,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m, unsigned long m_len)
{
return _libssh2_mbedtls_rsa_sha2_verify(rsactx, SHA_DIGEST_LENGTH,
sig, sig_len, m, m_len);
}
int
_libssh2_mbedtls_rsa_sha2_sign(LIBSSH2_SESSION *session,
libssh2_rsa_ctx *rsa,
const unsigned char *hash,
size_t hash_len,
@@ -485,19 +565,42 @@ _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session,
{
int ret;
unsigned char *sig;
unsigned int sig_len;
size_t sig_len;
int md_type;
(void)hash_len;
sig_len = rsa->len;
sig_len = mbedtls_rsa_get_len(rsa);
sig = LIBSSH2_ALLOC(session, sig_len);
if(!sig) {
return -1;
}
ret = mbedtls_rsa_pkcs1_sign(rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE,
MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH,
ret = 0;
if(hash_len == SHA_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA1;
}
else if(hash_len == SHA256_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA256;
}
else if(hash_len == SHA512_DIGEST_LENGTH) {
md_type = MBEDTLS_MD_SHA512;
}
else {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unsupported hash digest length");
ret = -1;
}
if(ret == 0) {
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_rsa_pkcs1_sign(rsa,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg,
md_type, (unsigned int)hash_len,
hash, sig);
#else
ret = mbedtls_rsa_pkcs1_sign(rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE,
md_type, (unsigned int)hash_len,
hash, sig);
#endif
}
if(ret) {
LIBSSH2_FREE(session, sig);
return -1;
@@ -509,6 +612,18 @@ _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session,
return (ret == 0) ? 0 : -1;
}
int
_libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION * session,
libssh2_rsa_ctx * rsactx,
const unsigned char *hash,
size_t hash_len,
unsigned char **signature,
size_t *signature_len)
{
return _libssh2_mbedtls_rsa_sha2_sign(session, rsactx, hash, hash_len,
signature, signature_len);
}
void
_libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *ctx)
{
@@ -521,13 +636,13 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session,
mbedtls_rsa_context *rsa,
size_t *keylen)
{
int e_bytes, n_bytes;
unsigned long len;
uint32_t e_bytes, n_bytes;
uint32_t len;
unsigned char *key;
unsigned char *p;
e_bytes = mbedtls_mpi_size(&rsa->E);
n_bytes = mbedtls_mpi_size(&rsa->N);
e_bytes = (uint32_t)mbedtls_mpi_size(&rsa->MBEDTLS_PRIVATE(E));
n_bytes = (uint32_t)mbedtls_mpi_size(&rsa->MBEDTLS_PRIVATE(N));
/* Key form is "ssh-rsa" + e + n. */
len = 4 + 7 + 4 + e_bytes + 4 + n_bytes;
@@ -547,11 +662,11 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session,
_libssh2_htonu32(p, e_bytes);
p += 4;
mbedtls_mpi_write_binary(&rsa->E, p, e_bytes);
mbedtls_mpi_write_binary(&rsa->MBEDTLS_PRIVATE(E), p, e_bytes);
_libssh2_htonu32(p, n_bytes);
p += 4;
mbedtls_mpi_write_binary(&rsa->N, p, n_bytes);
mbedtls_mpi_write_binary(&rsa->MBEDTLS_PRIVATE(N), p, n_bytes);
*keylen = (size_t)(p - key);
return key;
@@ -588,7 +703,7 @@ _libssh2_mbedtls_pub_priv_key(LIBSSH2_SESSION *session,
rsa = mbedtls_pk_rsa(*pkey);
key = gen_publickey_from_rsa(session, rsa, &keylen);
if(key == NULL) {
if(!key) {
ret = -1;
}
@@ -623,8 +738,14 @@ _libssh2_mbedtls_pub_priv_keyfile(LIBSSH2_SESSION *session,
int ret;
mbedtls_pk_init(&pkey);
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_pk_parse_keyfile(&pkey, privatekey, passphrase,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg);
#else
ret = mbedtls_pk_parse_keyfile(&pkey, privatekey, passphrase);
if(ret != 0) {
#endif
if(ret) {
mbedtls_strerror(ret, (char *)buf, sizeof(buf));
mbedtls_pk_free(&pkey);
return _libssh2_error(session, LIBSSH2_ERROR_FILE, buf);
@@ -659,21 +780,30 @@ _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
private-key from memory will fail if the last byte is not a null byte
*/
privatekeydata_nullterm = mbedtls_calloc(privatekeydata_len + 1, 1);
if(privatekeydata_nullterm == NULL) {
if(!privatekeydata_nullterm) {
return -1;
}
memcpy(privatekeydata_nullterm, privatekeydata, privatekeydata_len);
mbedtls_pk_init(&pkey);
pwd_len = passphrase != NULL ? strlen((const char *)passphrase) : 0;
pwd_len = passphrase ? strlen((const char *)passphrase) : 0;
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
ret = mbedtls_pk_parse_key(&pkey,
(unsigned char *)privatekeydata_nullterm,
privatekeydata_len + 1,
(const unsigned char *)passphrase, pwd_len,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg);
#else
ret = mbedtls_pk_parse_key(&pkey,
(unsigned char *)privatekeydata_nullterm,
privatekeydata_len + 1,
(const unsigned char *)passphrase, pwd_len);
#endif
_libssh2_mbedtls_safe_free(privatekeydata_nullterm, privatekeydata_len);
if(ret != 0) {
if(ret) {
mbedtls_strerror(ret, (char *)buf, sizeof(buf));
mbedtls_pk_free(&pkey);
return _libssh2_error(session, LIBSSH2_ERROR_FILE, buf);
@@ -687,6 +817,39 @@ _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
return ret;
}
int
_libssh2_mbedtls_sk_pub_keyfilememory(LIBSSH2_SESSION *session,
unsigned char **method,
size_t *method_len,
unsigned char **pubkeydata,
size_t *pubkeydata_len,
int *algorithm,
unsigned char *flags,
const char **application,
const unsigned char **key_handle,
size_t *handle_len,
const char *privatekeydata,
size_t privatekeydata_len,
const char *passphrase)
{
(void)method;
(void)method_len;
(void)pubkeydata;
(void)pubkeydata_len;
(void)algorithm;
(void)flags;
(void)application;
(void)key_handle;
(void)handle_len;
(void)privatekeydata;
(void)privatekeydata_len;
(void)passphrase;
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to extract public SK key from private key file: "
"Method unimplemented in mbedTLS backend");
}
void _libssh2_init_aes_ctr(void)
{
/* no implementation */
@@ -756,23 +919,24 @@ _libssh2_mbedtls_ecdsa_create_key(LIBSSH2_SESSION *session,
*privkey = LIBSSH2_ALLOC(session, sizeof(mbedtls_ecp_keypair));
if(*privkey == NULL)
if(!*privkey)
goto failed;
mbedtls_ecdsa_init(*privkey);
if(mbedtls_ecdsa_genkey(*privkey, (mbedtls_ecp_group_id)curve,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg) != 0)
&_libssh2_mbedtls_ctr_drbg))
goto failed;
plen = 2 * mbedtls_mpi_size(&(*privkey)->grp.P) + 1;
plen = 2 * mbedtls_mpi_size(&(*privkey)->MBEDTLS_PRIVATE(grp).P) + 1;
*pubkey_oct = LIBSSH2_ALLOC(session, plen);
if(*pubkey_oct == NULL)
if(!*pubkey_oct)
goto failed;
if(mbedtls_ecp_point_write_binary(&(*privkey)->grp, &(*privkey)->Q,
if(mbedtls_ecp_point_write_binary(&(*privkey)->MBEDTLS_PRIVATE(grp),
&(*privkey)->MBEDTLS_PRIVATE(Q),
MBEDTLS_ECP_PF_UNCOMPRESSED,
pubkey_oct_len, *pubkey_oct, plen) == 0)
return 0;
@@ -800,18 +964,22 @@ _libssh2_mbedtls_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx **ctx,
{
*ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair));
if(*ctx == NULL)
if(!*ctx)
goto failed;
mbedtls_ecdsa_init(*ctx);
if(mbedtls_ecp_group_load(&(*ctx)->grp, (mbedtls_ecp_group_id)curve) != 0)
if(mbedtls_ecp_group_load(&(*ctx)->MBEDTLS_PRIVATE(grp),
(mbedtls_ecp_group_id)curve))
goto failed;
if(mbedtls_ecp_point_read_binary(&(*ctx)->grp, &(*ctx)->Q, k, k_len) != 0)
if(mbedtls_ecp_point_read_binary(&(*ctx)->MBEDTLS_PRIVATE(grp),
&(*ctx)->MBEDTLS_PRIVATE(Q),
k, k_len))
goto failed;
if(mbedtls_ecp_check_pubkey(&(*ctx)->grp, &(*ctx)->Q) == 0)
if(mbedtls_ecp_check_pubkey(&(*ctx)->MBEDTLS_PRIVATE(grp),
&(*ctx)->MBEDTLS_PRIVATE(Q)) == 0)
return 0;
failed:
@@ -837,26 +1005,28 @@ _libssh2_mbedtls_ecdh_gen_k(_libssh2_bn **k,
mbedtls_ecp_point pubkey;
int rc = 0;
if(*k == NULL)
if(!*k)
return -1;
mbedtls_ecp_point_init(&pubkey);
if(mbedtls_ecp_point_read_binary(&privkey->grp, &pubkey,
server_pubkey, server_pubkey_len) != 0) {
if(mbedtls_ecp_point_read_binary(&privkey->MBEDTLS_PRIVATE(grp),
&pubkey,
server_pubkey, server_pubkey_len)) {
rc = -1;
goto cleanup;
}
if(mbedtls_ecdh_compute_shared(&privkey->grp, *k,
&pubkey, &privkey->d,
if(mbedtls_ecdh_compute_shared(&privkey->MBEDTLS_PRIVATE(grp), *k,
&pubkey,
&privkey->MBEDTLS_PRIVATE(d),
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg) != 0) {
&_libssh2_mbedtls_ctr_drbg)) {
rc = -1;
goto cleanup;
}
if(mbedtls_ecp_check_privkey(&privkey->grp, *k) != 0)
if(mbedtls_ecp_check_privkey(&privkey->MBEDTLS_PRIVATE(grp), *k))
rc = -1;
cleanup:
@@ -867,16 +1037,15 @@ cleanup:
}
#define LIBSSH2_MBEDTLS_ECDSA_VERIFY(digest_type) \
{ \
do { \
unsigned char hsh[SHA##digest_type##_DIGEST_LENGTH]; \
\
if(libssh2_sha##digest_type(m, m_len, hsh) == 0) { \
rc = mbedtls_ecdsa_verify(&ctx->grp, hsh, \
rc = mbedtls_ecdsa_verify(&ctx->MBEDTLS_PRIVATE(grp), hsh, \
SHA##digest_type##_DIGEST_LENGTH, \
&ctx->Q, &pr, &ps); \
&ctx->MBEDTLS_PRIVATE(Q), &pr, &ps); \
} \
\
}
} while(0)
/* _libssh2_ecdsa_sign
*
@@ -896,10 +1065,10 @@ _libssh2_mbedtls_ecdsa_verify(libssh2_ecdsa_ctx *ctx,
mbedtls_mpi_init(&pr);
mbedtls_mpi_init(&ps);
if(mbedtls_mpi_read_binary(&pr, r, r_len) != 0)
if(mbedtls_mpi_read_binary(&pr, r, r_len))
goto cleanup;
if(mbedtls_mpi_read_binary(&ps, s, s_len) != 0)
if(mbedtls_mpi_read_binary(&ps, s, s_len))
goto cleanup;
switch(_libssh2_ecdsa_get_curve_type(ctx)) {
@@ -936,15 +1105,23 @@ _libssh2_mbedtls_parse_eckey(libssh2_ecdsa_ctx **ctx,
pwd_len = pwd ? strlen((const char *) pwd) : 0;
if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len) != 0)
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg))
goto failed;
#else
if(mbedtls_pk_parse_key(pkey, data, data_len, pwd, pwd_len))
goto failed;
#endif
if(mbedtls_pk_get_type(pkey) != MBEDTLS_PK_ECKEY)
goto failed;
*ctx = LIBSSH2_ALLOC(session, sizeof(libssh2_ecdsa_ctx));
if(*ctx == NULL)
if(!*ctx)
goto failed;
mbedtls_ecdsa_init(*ctx);
@@ -975,45 +1152,50 @@ _libssh2_mbedtls_parse_openssh_key(libssh2_ecdsa_ctx **ctx,
if(_libssh2_openssh_pem_parse_memory(session, pwd,
(const char *)data, data_len,
&decrypted) != 0)
&decrypted))
goto failed;
if(_libssh2_get_string(decrypted, &name, NULL) != 0)
if(_libssh2_get_string(decrypted, &name, NULL))
goto failed;
if(_libssh2_mbedtls_ecdsa_curve_type_from_name((const char *)name,
&type) != 0)
&type))
goto failed;
if(_libssh2_get_string(decrypted, &curve, &curvelen) != 0)
if(_libssh2_get_string(decrypted, &curve, &curvelen))
goto failed;
if(_libssh2_get_string(decrypted, &point_buf, &pointlen) != 0)
if(_libssh2_get_string(decrypted, &point_buf, &pointlen))
goto failed;
if(_libssh2_get_bignum_bytes(decrypted, &exponent, &exponentlen) != 0)
if(_libssh2_get_bignum_bytes(decrypted, &exponent, &exponentlen))
goto failed;
*ctx = LIBSSH2_ALLOC(session, sizeof(libssh2_ecdsa_ctx));
if(*ctx == NULL)
if(!*ctx)
goto failed;
mbedtls_ecdsa_init(*ctx);
if(mbedtls_ecp_group_load(&(*ctx)->grp, (mbedtls_ecp_group_id)type) != 0)
if(mbedtls_ecp_group_load(&(*ctx)->MBEDTLS_PRIVATE(grp),
(mbedtls_ecp_group_id)type))
goto failed;
if(mbedtls_mpi_read_binary(&(*ctx)->d, exponent, exponentlen) != 0)
if(mbedtls_mpi_read_binary(&(*ctx)->MBEDTLS_PRIVATE(d),
exponent, exponentlen))
goto failed;
if(mbedtls_ecp_mul(&(*ctx)->grp, &(*ctx)->Q,
&(*ctx)->d, &(*ctx)->grp.G,
if(mbedtls_ecp_mul(&(*ctx)->MBEDTLS_PRIVATE(grp),
&(*ctx)->MBEDTLS_PRIVATE(Q),
&(*ctx)->MBEDTLS_PRIVATE(d),
&(*ctx)->MBEDTLS_PRIVATE(grp).G,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg) != 0)
&_libssh2_mbedtls_ctr_drbg))
goto failed;
if(mbedtls_ecp_check_privkey(&(*ctx)->grp, &(*ctx)->d) == 0)
if(mbedtls_ecp_check_privkey(&(*ctx)->MBEDTLS_PRIVATE(grp),
&(*ctx)->MBEDTLS_PRIVATE(d)) == 0)
goto cleanup;
failed:
@@ -1027,7 +1209,7 @@ cleanup:
_libssh2_string_buf_free(session, decrypted);
}
return (*ctx == NULL) ? -1 : 0;
return *ctx ? 0 : -1;
}
/* _libssh2_ecdsa_new_private
@@ -1046,7 +1228,7 @@ _libssh2_mbedtls_ecdsa_new_private(libssh2_ecdsa_ctx **ctx,
unsigned char *data;
size_t data_len;
if(mbedtls_pk_load_file(filename, &data, &data_len) != 0)
if(mbedtls_pk_load_file(filename, &data, &data_len))
goto cleanup;
mbedtls_pk_init(&pkey);
@@ -1063,7 +1245,7 @@ cleanup:
_libssh2_mbedtls_safe_free(data, data_len);
return (*ctx == NULL) ? -1 : 0;
return *ctx ? 0 : -1;
}
/* _libssh2_ecdsa_new_private
@@ -1086,7 +1268,7 @@ _libssh2_mbedtls_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx **ctx,
ntdata = LIBSSH2_ALLOC(session, data_len + 1);
if(ntdata == NULL)
if(!ntdata)
goto cleanup;
memcpy(ntdata, data, data_len);
@@ -1104,7 +1286,7 @@ cleanup:
_libssh2_mbedtls_safe_free(ntdata, data_len);
return (*ctx == NULL) ? -1 : 0;
return *ctx ? 0 : -1;
}
static unsigned char *
@@ -1113,6 +1295,7 @@ _libssh2_mbedtls_mpi_write_binary(unsigned char *buf,
size_t bytes)
{
unsigned char *p = buf;
uint32_t size = (uint32_t)bytes;
if(sizeof(&p) / sizeof(p[0]) < 4) {
goto done;
@@ -1121,19 +1304,19 @@ _libssh2_mbedtls_mpi_write_binary(unsigned char *buf,
p += 4;
*p = 0;
if(bytes > 0) {
mbedtls_mpi_write_binary(mpi, p + 1, bytes - 1);
if(size > 0) {
mbedtls_mpi_write_binary(mpi, p + 1, size - 1);
}
if(bytes > 0 && !(*(p + 1) & 0x80)) {
memmove(p, p + 1, --bytes);
if(size > 0 && !(*(p + 1) & 0x80)) {
memmove(p, p + 1, --size);
}
_libssh2_htonu32(p - 4, bytes);
_libssh2_htonu32(p - 4, size);
done:
return p + bytes;
return p + size;
}
/* _libssh2_ecdsa_sign
@@ -1157,10 +1340,11 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session,
mbedtls_mpi_init(&pr);
mbedtls_mpi_init(&ps);
if(mbedtls_ecdsa_sign(&ctx->grp, &pr, &ps, &ctx->d,
if(mbedtls_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &pr, &ps,
&ctx->MBEDTLS_PRIVATE(d),
hash, hash_len,
mbedtls_ctr_drbg_random,
&_libssh2_mbedtls_ctr_drbg) != 0)
&_libssh2_mbedtls_ctr_drbg))
goto cleanup;
r_len = mbedtls_mpi_size(&pr) + 1;
@@ -1169,7 +1353,7 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session,
tmp_sign = LIBSSH2_CALLOC(session, tmp_sign_len);
if(tmp_sign == NULL)
if(!tmp_sign)
goto cleanup;
sp = tmp_sign;
@@ -1180,7 +1364,7 @@ _libssh2_mbedtls_ecdsa_sign(LIBSSH2_SESSION *session,
*sign = LIBSSH2_CALLOC(session, *sign_len);
if(*sign == NULL)
if(!*sign)
goto cleanup;
memcpy(*sign, tmp_sign, *sign_len);
@@ -1192,7 +1376,7 @@ cleanup:
_libssh2_mbedtls_safe_free(tmp_sign, tmp_sign_len);
return (*sign == NULL) ? -1 : 0;
return *sign ? 0 : -1;
}
/* _libssh2_ecdsa_get_curve_type
@@ -1204,7 +1388,7 @@ cleanup:
libssh2_curve_type
_libssh2_mbedtls_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ctx)
{
return (libssh2_curve_type) ctx->grp.id;
return (libssh2_curve_type) ctx->MBEDTLS_PRIVATE(grp).id;
}
/* _libssh2_ecdsa_curve_type_from_name
@@ -1220,7 +1404,7 @@ _libssh2_mbedtls_ecdsa_curve_type_from_name(const char *name,
int ret = 0;
libssh2_curve_type type;
if(name == NULL || strlen(name) != 19)
if(!name || strlen(name) != 19)
return -1;
if(strcmp(name, "ecdsa-sha2-nistp256") == 0)
@@ -1246,6 +1430,30 @@ _libssh2_mbedtls_ecdsa_free(libssh2_ecdsa_ctx *ctx)
mbedtls_ecdsa_free(ctx);
mbedtls_free(ctx);
}
#endif /* LIBSSH2_ECDSA */
#endif /* LIBSSH2_MBEDTLS */
/* _libssh2_supported_key_sign_algorithms
*
* Return supported key hash algo upgrades, see crypto.h
*
*/
const char *
_libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session,
unsigned char *key_method,
size_t key_method_len)
{
(void)session;
#if LIBSSH2_RSA_SHA2
if(key_method_len == 7 &&
memcmp(key_method, "ssh-rsa", key_method_len) == 0) {
return "rsa-sha2-512,rsa-sha2-256,ssh-rsa";
}
#endif
return NULL;
}
#endif /* LIBSSH2_CRYPTO_C */

80
libssh2/src/mbedtls.h
View File

@@ -37,8 +37,7 @@
* OF SUCH DAMAGE.
*/
#include <stdlib.h>
#include <string.h>
#define LIBSSH2_CRYPTO_ENGINE libssh2_mbedtls
#include <mbedtls/platform.h>
#include <mbedtls/md.h>
@@ -63,14 +62,25 @@
#define LIBSSH2_HMAC_SHA256 1
#define LIBSSH2_HMAC_SHA512 1
#define LIBSSH2_AES 1
#define LIBSSH2_AES_CBC 1
#define LIBSSH2_AES_CTR 1
#define LIBSSH2_BLOWFISH 1
#define LIBSSH2_RC4 1
#define LIBSSH2_AES_GCM 0
#ifdef MBEDTLS_CIPHER_BLOWFISH_CBC
# define LIBSSH2_BLOWFISH 1
#else
# define LIBSSH2_BLOWFISH 0
#endif
#ifdef MBEDTLS_CIPHER_ARC4_128
# define LIBSSH2_RC4 1
#else
# define LIBSSH2_RC4 0
#endif
#define LIBSSH2_CAST 0
#define LIBSSH2_3DES 1
#define LIBSSH2_RSA 1
#define LIBSSH2_RSA_SHA1 1
#define LIBSSH2_RSA_SHA2 1
#define LIBSSH2_DSA 0
#ifdef MBEDTLS_ECDSA_C
# define LIBSSH2_ECDSA 1
@@ -115,7 +125,7 @@
#define libssh2_hmac_cleanup(pctx) \
mbedtls_md_free(pctx)
#define libssh2_hmac_update(ctx, data, datalen) \
mbedtls_md_hmac_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_hmac_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_hmac_final(ctx, hash) \
mbedtls_md_hmac_finish(&ctx, hash)
@@ -143,12 +153,13 @@
#define libssh2_sha1_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0)
#define libssh2_sha1_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_sha1_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha1(data, datalen, hash) \
_libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA1, hash)
/*******************************************************************/
/*
* mbedTLS backend: SHA256 functions
@@ -159,7 +170,7 @@
#define libssh2_sha256_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0)
#define libssh2_sha256_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_sha256_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha256(data, datalen, hash) \
@@ -176,7 +187,7 @@
#define libssh2_sha384_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0)
#define libssh2_sha384_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_sha384_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha384(data, datalen, hash) \
@@ -193,7 +204,7 @@
#define libssh2_sha512_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0)
#define libssh2_sha512_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_sha512_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha512(data, datalen, hash) \
@@ -210,7 +221,7 @@
#define libssh2_md5_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0)
#define libssh2_md5_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (unsigned char *) data, datalen)
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen)
#define libssh2_md5_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_md5(data, datalen, hash) \
@@ -242,9 +253,16 @@
#define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \
_libssh2_mbedtls_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len)
#define _libssh2_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len) \
_libssh2_mbedtls_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len)
#define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \
_libssh2_mbedtls_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len)
#define _libssh2_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) \
_libssh2_mbedtls_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len)
#define _libssh2_rsa_free(rsactx) \
_libssh2_mbedtls_rsa_free(rsactx)
@@ -334,6 +352,10 @@ typedef enum {
pk, pk_len, pw) \
_libssh2_mbedtls_pub_priv_keyfilememory(s, m, m_len, p, p_len, \
pk, pk_len, pw)
#define _libssh2_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \
f, kh, kh_len, pk, pk_len, pw) \
_libssh2_mbedtls_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \
f, kh, kh_len, pk, pk_len, pw)
/*******************************************************************/
@@ -351,9 +373,12 @@ typedef enum {
#define _libssh2_cipher_aes256 MBEDTLS_CIPHER_AES_256_CBC
#define _libssh2_cipher_aes192 MBEDTLS_CIPHER_AES_192_CBC
#define _libssh2_cipher_aes128 MBEDTLS_CIPHER_AES_128_CBC
#ifdef MBEDTLS_CIPHER_BLOWFISH_CBC
#define _libssh2_cipher_blowfish MBEDTLS_CIPHER_BLOWFISH_CBC
#endif
#ifdef MBEDTLS_CIPHER_ARC4_128
#define _libssh2_cipher_arcfour MBEDTLS_CIPHER_ARC4_128
#define _libssh2_cipher_cast5 MBEDTLS_CIPHER_NULL
#endif
#define _libssh2_cipher_3des MBEDTLS_CIPHER_DES_EDE3_CBC
@@ -364,8 +389,8 @@ typedef enum {
#define _libssh2_cipher_init(ctx, type, iv, secret, encrypt) \
_libssh2_mbedtls_cipher_init(ctx, type, iv, secret, encrypt)
#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen) \
_libssh2_mbedtls_cipher_crypt(ctx, type, encrypt, block, blocklen)
#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) \
_libssh2_mbedtls_cipher_crypt(ctx, type, encrypt, block, blocklen, fl)
#define _libssh2_cipher_dtor(ctx) \
_libssh2_mbedtls_cipher_dtor(ctx)
@@ -404,6 +429,14 @@ typedef enum {
* mbedTLS backend: Diffie-Hellman support.
*/
/* Default generate and safe prime sizes for
diffie-hellman-group-exchange-sha1 */
#define LIBSSH2_DH_GEX_MINGROUP 2048
#define LIBSSH2_DH_GEX_OPTGROUP 4096
#define LIBSSH2_DH_GEX_MAXGROUP 8192
#define LIBSSH2_DH_MAX_MODULUS_BITS 16384
#define _libssh2_dh_ctx mbedtls_mpi *
#define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx)
#define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \
@@ -425,7 +458,7 @@ void
_libssh2_mbedtls_free(void);
int
_libssh2_mbedtls_random(unsigned char *buf, int len);
_libssh2_mbedtls_random(unsigned char *buf, size_t len);
int
_libssh2_mbedtls_cipher_init(_libssh2_cipher_ctx *ctx,
@@ -438,7 +471,7 @@ _libssh2_mbedtls_cipher_crypt(_libssh2_cipher_ctx *ctx,
_libssh2_cipher_type(type),
int encrypt,
unsigned char *block,
size_t blocklen);
size_t blocklen, int firstlast);
void
_libssh2_mbedtls_cipher_dtor(_libssh2_cipher_ctx *ctx);
@@ -503,6 +536,19 @@ _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
int
_libssh2_mbedtls_rsa_sha2_verify(libssh2_rsa_ctx * rsactx,
size_t hash_len,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m, unsigned long m_len);
int
_libssh2_mbedtls_rsa_sha2_sign(LIBSSH2_SESSION *session,
libssh2_rsa_ctx *rsa,
const unsigned char *hash,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
void
_libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *rsa);
@@ -572,6 +618,8 @@ void
_libssh2_mbedtls_ecdsa_free(libssh2_ecdsa_ctx *ctx);
#endif /* LIBSSH2_ECDSA */
extern void
_libssh2_init_aes_ctr(void);
extern void
_libssh2_dh_init(_libssh2_dh_ctx *dhctx);
extern int

335
libssh2/src/misc.c
View File

@@ -39,39 +39,60 @@
#include "libssh2_priv.h"
#include "misc.h"
#include "blf.h"
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#if defined(HAVE_DECL_SECUREZEROMEMORY) && HAVE_DECL_SECUREZEROMEMORY
#ifdef HAVE_WINDOWS_H
#include <windows.h>
#endif
#endif
#include <stdio.h>
#include <errno.h>
#include <assert.h>
#ifdef WIN32
/* Force parameter type. */
#define recv(s, b, l, f) recv((s), (b), (int)(l), (f))
#define send(s, b, l, f) send((s), (b), (int)(l), (f))
#endif
/* snprintf not in Visual Studio CRT and _snprintf dangerously incompatible.
We provide a safe wrapper if snprintf not found */
#ifdef LIBSSH2_SNPRINTF
#include <stdarg.h>
/* Want safe, 'n += snprintf(b + n ...)' like function. If cp_max_len is 1
* then assume cp is pointing to a null char and do nothing. Returns number
* number of chars placed in cp excluding the trailing null char. So for
* cp_max_len > 0 the return value is always < cp_max_len; for cp_max_len
* <= 0 the return value is 0 (and no chars are written to cp). */
int _libssh2_snprintf(char *cp, size_t cp_max_len, const char *fmt, ...)
{
va_list args;
int n;
if(cp_max_len < 2)
return 0;
va_start(args, fmt);
n = vsnprintf(cp, cp_max_len, fmt, args);
va_end(args);
return (n < (int)cp_max_len) ? n : (int)(cp_max_len - 1);
}
#endif
int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode,
const char *errmsg, int errflags)
{
if(!session) {
if(errmsg)
fprintf(stderr, "Session is NULL, error: %s\n", errmsg);
return errcode;
}
if(session->err_flags & LIBSSH2_ERR_FLAG_DUP)
LIBSSH2_FREE(session, (char *)session->err_msg);
session->err_code = errcode;
session->err_flags = 0;
if((errmsg != NULL) && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) {
if(errmsg && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) {
size_t len = strlen(errmsg);
char *copy = LIBSSH2_ALLOC(session, len + 1);
if(copy) {
@@ -91,8 +112,8 @@ int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode,
/* if this is EAGAIN and we're in non-blocking mode, don't generate
a debug output for this */
return errcode;
_libssh2_debug(session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code,
session->err_msg);
_libssh2_debug((session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code,
session->err_msg));
#endif
return errcode;
@@ -135,7 +156,7 @@ _libssh2_recv(libssh2_socket_t sock, void *buffer, size_t length,
{
ssize_t rc;
(void) abstract;
(void)abstract;
rc = recv(sock, buffer, length, flags);
#ifdef WIN32
@@ -168,7 +189,7 @@ _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length,
{
ssize_t rc;
(void) abstract;
(void)abstract;
rc = send(sock, buffer, length, flags);
#ifdef WIN32
@@ -188,13 +209,13 @@ _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length,
/* libssh2_ntohu32
*/
unsigned int
uint32_t
_libssh2_ntohu32(const unsigned char *buf)
{
return (((unsigned int)buf[0] << 24)
| ((unsigned int)buf[1] << 16)
| ((unsigned int)buf[2] << 8)
| ((unsigned int)buf[3]));
return ((uint32_t)buf[0] << 24)
| ((uint32_t)buf[1] << 16)
| ((uint32_t)buf[2] << 8)
| ((uint32_t)buf[3]);
}
@@ -203,14 +224,14 @@ _libssh2_ntohu32(const unsigned char *buf)
libssh2_uint64_t
_libssh2_ntohu64(const unsigned char *buf)
{
unsigned long msl, lsl;
msl = ((libssh2_uint64_t)buf[0] << 24) | ((libssh2_uint64_t)buf[1] << 16)
| ((libssh2_uint64_t)buf[2] << 8) | (libssh2_uint64_t)buf[3];
lsl = ((libssh2_uint64_t)buf[4] << 24) | ((libssh2_uint64_t)buf[5] << 16)
| ((libssh2_uint64_t)buf[6] << 8) | (libssh2_uint64_t)buf[7];
return ((libssh2_uint64_t)msl <<32) | lsl;
return ((libssh2_uint64_t)buf[0] << 56)
| ((libssh2_uint64_t)buf[1] << 48)
| ((libssh2_uint64_t)buf[2] << 40)
| ((libssh2_uint64_t)buf[3] << 32)
| ((libssh2_uint64_t)buf[4] << 24)
| ((libssh2_uint64_t)buf[5] << 16)
| ((libssh2_uint64_t)buf[6] << 8)
| ((libssh2_uint64_t)buf[7]);
}
/* _libssh2_htonu32
@@ -218,7 +239,7 @@ _libssh2_ntohu64(const unsigned char *buf)
void
_libssh2_htonu32(unsigned char *buf, uint32_t value)
{
buf[0] = (value >> 24) & 0xFF;
buf[0] = (unsigned char)((value >> 24) & 0xFF);
buf[1] = (value >> 16) & 0xFF;
buf[2] = (value >> 8) & 0xFF;
buf[3] = value & 0xFF;
@@ -234,13 +255,50 @@ void _libssh2_store_u32(unsigned char **buf, uint32_t value)
/* _libssh2_store_str
*/
void _libssh2_store_str(unsigned char **buf, const char *str, size_t len)
int _libssh2_store_str(unsigned char **buf, const char *str, size_t len)
{
_libssh2_store_u32(buf, (uint32_t)len);
if(len) {
memcpy(*buf, str, len);
*buf += len;
uint32_t len_stored = (uint32_t)len;
_libssh2_store_u32(buf, len_stored);
if(len_stored) {
memcpy(*buf, str, len_stored);
*buf += len_stored;
}
assert(len_stored == len);
return len_stored == len;
}
/* _libssh2_store_bignum2_bytes
*/
int _libssh2_store_bignum2_bytes(unsigned char **buf,
const unsigned char *bytes,
size_t len)
{
uint32_t len_stored;
uint32_t extraByte;
const unsigned char *p;
for(p = bytes; len > 0 && *p == 0; --len, ++p) {}
extraByte = (len > 0 && (p[0] & 0x80) != 0);
len_stored = (uint32_t)len;
if(extraByte && len_stored == 0xffffffff)
len_stored--;
_libssh2_store_u32(buf, len_stored + extraByte);
if(extraByte) {
*buf[0] = 0;
*buf += 1;
}
if(len_stored) {
memcpy(*buf, p, len_stored);
*buf += len_stored;
}
assert(len_stored == len);
return len_stored == len;
}
/* Base64 Conversion */
@@ -266,26 +324,46 @@ static const short base64_reverse_table[256] = {
/* libssh2_base64_decode
*
* Decode a base64 chunk and store it into a newly alloc'd buffer
* Legacy public function. DEPRECATED.
*/
LIBSSH2_API int
libssh2_base64_decode(LIBSSH2_SESSION *session, char **data,
unsigned int *datalen, const char *src,
unsigned int src_len)
{
unsigned char *s, *d;
short v;
int i = 0, len = 0;
int rc;
size_t dlen;
*data = LIBSSH2_ALLOC(session, (3 * src_len / 4) + 1);
rc = _libssh2_base64_decode(session, data, &dlen, src, src_len);
if(datalen)
*datalen = (unsigned int)dlen;
return rc;
}
/* _libssh2_base64_decode
*
* Decode a base64 chunk and store it into a newly alloc'd buffer
*/
int _libssh2_base64_decode(LIBSSH2_SESSION *session,
char **data, size_t *datalen,
const char *src, size_t src_len)
{
unsigned char *d;
const char *s;
short v;
ssize_t i = 0, len = 0;
*data = LIBSSH2_ALLOC(session, ((src_len / 4) * 3) + 1);
d = (unsigned char *) *data;
if(!d) {
return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for base64 decoding");
}
for(s = (unsigned char *) src; ((char *) s) < (src + src_len); s++) {
v = base64_reverse_table[*s];
for(s = src; s < (src + src_len); s++) {
v = base64_reverse_table[(unsigned char)*s];
if(v < 0)
continue;
switch(i % 4) {
@@ -293,15 +371,15 @@ libssh2_base64_decode(LIBSSH2_SESSION *session, char **data,
d[len] = (unsigned char)(v << 2);
break;
case 1:
d[len++] |= v >> 4;
d[len++] |= (unsigned char)(v >> 4);
d[len] = (unsigned char)(v << 4);
break;
case 2:
d[len++] |= v >> 2;
d[len++] |= (unsigned char)(v >> 2);
d[len] = (unsigned char)(v << 6);
break;
case 3:
d[len++] |= v;
d[len++] |= (unsigned char)v;
break;
}
i++;
@@ -323,7 +401,7 @@ static const char table64[]=
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
/*
* _libssh2_base64_encode()
* _libssh2_base64_encode
*
* Returns the length of the newly created base64 string. The third argument
* is a pointer to an allocated area holding the base64 data. If something
@@ -344,11 +422,11 @@ size_t _libssh2_base64_encode(LIBSSH2_SESSION *session,
*outptr = NULL; /* set to NULL in case of failure before we reach the
end */
if(0 == insize)
if(insize == 0)
insize = strlen(indata);
base64data = output = LIBSSH2_ALLOC(session, insize * 4 / 3 + 4);
if(NULL == output)
if(!output)
return 0;
while(insize > 0) {
@@ -372,22 +450,22 @@ size_t _libssh2_base64_encode(LIBSSH2_SESSION *session,
switch(inputparts) {
case 1: /* only one byte read */
snprintf(output, 5, "%c%c==",
table64[obuf[0]],
table64[obuf[1]]);
output[0] = table64[obuf[0]];
output[1] = table64[obuf[1]];
output[2] = '=';
output[3] = '=';
break;
case 2: /* two bytes read */
snprintf(output, 5, "%c%c%c=",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]]);
output[0] = table64[obuf[0]];
output[1] = table64[obuf[1]];
output[2] = table64[obuf[2]];
output[3] = '=';
break;
default:
snprintf(output, 5, "%c%c%c%c",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]],
table64[obuf[3]]);
output[0] = table64[obuf[0]];
output[1] = table64[obuf[1]];
output[2] = table64[obuf[2]];
output[3] = table64[obuf[3]];
break;
}
output += 4;
@@ -425,13 +503,14 @@ libssh2_trace_sethandler(LIBSSH2_SESSION *session, void *handler_context,
}
void
_libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
_libssh2_debug_low(LIBSSH2_SESSION * session, int context, const char *format,
...)
{
char buffer[1536];
int len, msglen, buflen = sizeof(buffer);
va_list vargs;
struct timeval now;
static int firstsec;
static long firstsec;
static const char *const contexts[] = {
"Unknown",
"Transport",
@@ -461,7 +540,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
}
}
_libssh2_gettimeofday(&now, NULL);
gettimeofday(&now, NULL);
if(!firstsec) {
firstsec = now.tv_sec;
}
@@ -492,8 +571,8 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
LIBSSH2_API int
libssh2_trace(LIBSSH2_SESSION * session, int bitmask)
{
(void) session;
(void) bitmask;
(void)session;
(void)bitmask;
return 0;
}
@@ -501,9 +580,9 @@ LIBSSH2_API int
libssh2_trace_sethandler(LIBSSH2_SESSION *session, void *handler_context,
libssh2_trace_handler_func callback)
{
(void) session;
(void) handler_context;
(void) callback;
(void)session;
(void)handler_context;
(void)callback;
return 0;
}
#endif
@@ -600,10 +679,10 @@ void _libssh2_list_insert(struct list_node *after, /* insert before this */
#endif
/* this define is defined in misc.h for the correct platforms */
#ifdef LIBSSH2_GETTIMEOFDAY_WIN32
/* Defined in libssh2_priv.h for the correct platforms */
#ifdef LIBSSH2_GETTIMEOFDAY
/*
* gettimeofday
* _libssh2_gettimeofday
* Implementation according to:
* The Open Group Base Specifications Issue 6
* IEEE Std 1003.1, 2004 Edition
@@ -624,27 +703,31 @@ void _libssh2_list_insert(struct list_node *after, /* insert before this */
* Danny Smith <dannysmith@users.sourceforge.net>
*/
/* Offset between 1/1/1601 and 1/1/1970 in 100 nanosec units */
#define _W32_FT_OFFSET (116444736000000000)
int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp)
int _libssh2_gettimeofday(struct timeval *tp, void *tzp)
{
union {
unsigned __int64 ns100; /*time since 1 Jan 1601 in 100ns units */
FILETIME ft;
} _now;
(void)tzp;
if(tp) {
#ifdef WIN32
/* Offset between 1601-01-01 and 1970-01-01 in 100 nanosec units */
#define _WIN32_FT_OFFSET (116444736000000000)
union {
libssh2_uint64_t ns100; /* time since 1 Jan 1601 in 100ns units */
FILETIME ft;
} _now;
GetSystemTimeAsFileTime(&_now.ft);
tp->tv_usec = (long)((_now.ns100 / 10) % 1000000);
tp->tv_sec = (long)((_now.ns100 - _W32_FT_OFFSET) / 10000000);
tp->tv_sec = (long)((_now.ns100 - _WIN32_FT_OFFSET) / 10000000);
#else
/* Platforms without a native implementation or local replacement */
tp->tv_usec = 0;
tp->tv_sec = 0;
#endif
}
/* Always return 0 as per Open Group Base Specifications Issue 6.
Do not set errno on error. */
return 0;
}
#endif
void *_libssh2_calloc(LIBSSH2_SESSION* session, size_t size)
@@ -687,34 +770,23 @@ void _libssh2_aes_ctr_increment(unsigned char *ctr,
}
}
#ifdef WIN32
static void * (__cdecl * const volatile memset_libssh)(void *, int, size_t) =
memset;
#else
#ifdef LIBSSH2_MEMZERO
static void * (* const volatile memset_libssh)(void *, int, size_t) = memset;
#endif
void _libssh2_explicit_zero(void *buf, size_t size)
void _libssh2_memzero(void *buf, size_t size)
{
#if defined(HAVE_DECL_SECUREZEROMEMORY) && HAVE_DECL_SECUREZEROMEMORY
SecureZeroMemory(buf, size);
(void)memset_libssh; /* Silence unused variable warning */
#elif defined(HAVE_MEMSET_S)
(void)memset_s(buf, size, 0, size);
(void)memset_libssh; /* Silence unused variable warning */
#else
memset_libssh(buf, 0, size);
#endif
}
#endif
/* String buffer */
struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session)
struct string_buf *_libssh2_string_buf_new(LIBSSH2_SESSION *session)
{
struct string_buf *ret;
ret = _libssh2_calloc(session, sizeof(*ret));
if(ret == NULL)
if(!ret)
return NULL;
return ret;
@@ -722,16 +794,39 @@ struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session)
void _libssh2_string_buf_free(LIBSSH2_SESSION *session, struct string_buf *buf)
{
if(buf == NULL)
if(!buf)
return;
if(buf->data != NULL)
if(buf->data)
LIBSSH2_FREE(session, buf->data);
LIBSSH2_FREE(session, buf);
buf = NULL;
}
int _libssh2_get_byte(struct string_buf *buf, unsigned char *out)
{
if(!_libssh2_check_length(buf, 1)) {
return -1;
}
*out = buf->dataptr[0];
buf->dataptr += 1;
return 0;
}
int _libssh2_get_boolean(struct string_buf *buf, unsigned char *out)
{
if(!_libssh2_check_length(buf, 1)) {
return -1;
}
*out = buf->dataptr[0] == 0 ? 0 : 1;
buf->dataptr += 1;
return 0;
}
int _libssh2_get_u32(struct string_buf *buf, uint32_t *out)
{
if(!_libssh2_check_length(buf, 4)) {
@@ -769,7 +864,7 @@ int _libssh2_get_string(struct string_buf *buf, unsigned char **outbuf,
size_t *outlen)
{
uint32_t data_len;
if(_libssh2_get_u32(buf, &data_len) != 0) {
if(!buf || _libssh2_get_u32(buf, &data_len) != 0) {
return -1;
}
if(!_libssh2_check_length(buf, data_len)) {
@@ -794,6 +889,7 @@ int _libssh2_copy_string(LIBSSH2_SESSION *session, struct string_buf *buf,
return -1;
}
if(str_len) {
*outbuf = LIBSSH2_ALLOC(session, str_len);
if(*outbuf) {
memcpy(*outbuf, str, str_len);
@@ -801,6 +897,11 @@ int _libssh2_copy_string(LIBSSH2_SESSION *session, struct string_buf *buf,
else {
return -1;
}
}
else {
*outlen = 0;
*outbuf = NULL;
}
if(outlen)
*outlen = str_len;
@@ -848,25 +949,11 @@ int _libssh2_check_length(struct string_buf *buf, size_t len)
{
unsigned char *endp = &buf->data[buf->len];
size_t left = endp - buf->dataptr;
return ((len <= left) && (left <= buf->len));
return (len <= left) && (left <= buf->len);
}
/* Wrappers */
int _libssh2_bcrypt_pbkdf(const char *pass,
size_t passlen,
const uint8_t *salt,
size_t saltlen,
uint8_t *key,
size_t keylen,
unsigned int rounds)
int _libssh2_eob(struct string_buf *buf)
{
/* defined in bcrypt_pbkdf.c */
return bcrypt_pbkdf(pass,
passlen,
salt,
saltlen,
key,
keylen,
rounds);
unsigned char *endp = &buf->data[buf->len];
return buf->dataptr >= endp;
}

50
libssh2/src/misc.h
View File

@@ -38,6 +38,27 @@
* OF SUCH DAMAGE.
*/
#ifdef LIBSSH2_NO_CLEAR_MEMORY
#define _libssh2_explicit_zero(buf, size) do { \
(void)(buf); \
(void)(size); \
} while(0)
#else
#ifdef WIN32
#define _libssh2_explicit_zero(buf, size) SecureZeroMemory(buf, size)
#elif defined(HAVE_EXPLICIT_BZERO)
#define _libssh2_explicit_zero(buf, size) explicit_bzero(buf, size)
#elif defined(HAVE_EXPLICIT_MEMSET)
#define _libssh2_explicit_zero(buf, size) (void)explicit_memset(buf, 0, size)
#elif defined(HAVE_MEMSET_S)
#define _libssh2_explicit_zero(buf, size) (void)memset_s(buf, size, 0, size)
#else
#define LIBSSH2_MEMZERO
void _libssh2_memzero(void *buf, size_t size);
#define _libssh2_explicit_zero(buf, size) _libssh2_memzero(buf, size)
#endif
#endif
struct list_head {
struct list_node *last;
struct list_node *first;
@@ -77,20 +98,27 @@ void *_libssh2_list_prev(struct list_node *node);
/* remove this node from the list */
void _libssh2_list_remove(struct list_node *entry);
int _libssh2_base64_decode(LIBSSH2_SESSION *session,
char **data, size_t *datalen,
const char *src, size_t src_len);
size_t _libssh2_base64_encode(LIBSSH2_SESSION *session,
const char *inp, size_t insize, char **outptr);
unsigned int _libssh2_ntohu32(const unsigned char *buf);
uint32_t _libssh2_ntohu32(const unsigned char *buf);
libssh2_uint64_t _libssh2_ntohu64(const unsigned char *buf);
void _libssh2_htonu32(unsigned char *buf, uint32_t val);
void _libssh2_store_u32(unsigned char **buf, uint32_t value);
void _libssh2_store_str(unsigned char **buf, const char *str, size_t len);
int _libssh2_store_str(unsigned char **buf, const char *str, size_t len);
int _libssh2_store_bignum2_bytes(unsigned char **buf,
const unsigned char *bytes,
size_t len);
void *_libssh2_calloc(LIBSSH2_SESSION *session, size_t size);
void _libssh2_explicit_zero(void *buf, size_t size);
struct string_buf* _libssh2_string_buf_new(LIBSSH2_SESSION *session);
struct string_buf *_libssh2_string_buf_new(LIBSSH2_SESSION *session);
void _libssh2_string_buf_free(LIBSSH2_SESSION *session,
struct string_buf *buf);
int _libssh2_get_boolean(struct string_buf *buf, unsigned char *out);
int _libssh2_get_byte(struct string_buf *buf, unsigned char *out);
int _libssh2_get_u32(struct string_buf *buf, uint32_t *out);
int _libssh2_get_u64(struct string_buf *buf, libssh2_uint64_t *out);
int _libssh2_match_string(struct string_buf *buf, const char *match);
@@ -101,19 +129,7 @@ int _libssh2_copy_string(LIBSSH2_SESSION* session, struct string_buf *buf,
int _libssh2_get_bignum_bytes(struct string_buf *buf, unsigned char **outbuf,
size_t *outlen);
int _libssh2_check_length(struct string_buf *buf, size_t requested_len);
#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__) && !defined(__CYGWIN__)
/* provide a private one */
#undef HAVE_GETTIMEOFDAY
int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp);
#define HAVE_LIBSSH2_GETTIMEOFDAY
#define LIBSSH2_GETTIMEOFDAY_WIN32 /* enable the win32 implementation */
#else
#ifdef HAVE_GETTIMEOFDAY
#define _libssh2_gettimeofday(x,y) gettimeofday(x,y)
#define HAVE_LIBSSH2_GETTIMEOFDAY
#endif
#endif
int _libssh2_eob(struct string_buf *buf);
void _libssh2_xor_data(unsigned char *output,
const unsigned char *input1,

1809
libssh2/src/openssl.c
View File

File diff suppressed because it is too large Load Diff

137
libssh2/src/openssl.h
View File

@@ -39,6 +39,44 @@
* OF SUCH DAMAGE.
*/
#define LIBSSH2_CRYPTO_ENGINE libssh2_openssl
/* disable deprecated warnings in OpenSSL 3 */
#define OPENSSL_SUPPRESS_DEPRECATED
#ifdef LIBSSH2_WOLFSSL
#include <wolfssl/options.h>
#include <openssl/ecdh.h>
#if defined(NO_DSA) || defined(HAVE_FIPS)
#define OPENSSL_NO_DSA
#endif
#if defined(NO_MD5) || defined(HAVE_FIPS)
#define OPENSSL_NO_MD5
#endif
#if !defined(WOLFSSL_RIPEMD) || defined(HAVE_FIPS)
#define OPENSSL_NO_RIPEMD
#endif
#if defined(NO_RC4) || defined(HAVE_FIPS)
#define OPENSSL_NO_RC4
#endif
#ifdef NO_DES3
#define OPENSSL_NO_DES
#endif
/* wolfSSL doesn't support Blowfish or CAST. */
#define OPENSSL_NO_BF
#define OPENSSL_NO_CAST
/* wolfSSL has no engine framework. */
#define OPENSSL_NO_ENGINE
#endif /* LIBSSH2_WOLFSSL */
#include <openssl/opensslconf.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
@@ -51,21 +89,29 @@
#ifndef OPENSSL_NO_MD5
#include <openssl/md5.h>
#endif
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/bn.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
!defined(LIBRESSL_VERSION_NUMBER)
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && \
!defined(LIBRESSL_VERSION_NUMBER)) || defined(LIBSSH2_WOLFSSL) || \
LIBRESSL_VERSION_NUMBER >= 0x3050000fL
/* For wolfSSL, whether the structs are truly opaque or not, it's best to not
* rely on their internal data members being exposed publicly. */
# define HAVE_OPAQUE_STRUCTS 1
#endif
#ifdef OPENSSL_NO_RSA
# define LIBSSH2_RSA 0
# define LIBSSH2_RSA_SHA1 0
# define LIBSSH2_RSA_SHA2 0
#else
# define LIBSSH2_RSA 1
# define LIBSSH2_RSA_SHA1 1
# define LIBSSH2_RSA_SHA2 1
#endif
#ifdef OPENSSL_NO_DSA
@@ -74,14 +120,16 @@
# define LIBSSH2_DSA 1
#endif
#ifdef OPENSSL_NO_ECDSA
#if defined(OPENSSL_NO_ECDSA) || defined(OPENSSL_NO_EC)
# define LIBSSH2_ECDSA 0
#else
# define LIBSSH2_ECDSA 1
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10101000L && \
!defined(LIBRESSL_VERSION_NUMBER)
#if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
!defined(LIBRESSL_VERSION_NUMBER)) || \
(defined(LIBRESSL_VERSION_NUMBER) && \
LIBRESSL_VERSION_NUMBER >= 0x3070000fL)
# define LIBSSH2_ED25519 1
#else
# define LIBSSH2_ED25519 0
@@ -94,7 +142,7 @@
# define LIBSSH2_MD5 1
#endif
#ifdef OPENSSL_NO_RIPEMD
#if defined(OPENSSL_NO_RIPEMD) || defined(OPENSSL_NO_RMD160)
# define LIBSSH2_HMAC_RIPEMD 0
#else
# define LIBSSH2_HMAC_RIPEMD 1
@@ -103,12 +151,21 @@
#define LIBSSH2_HMAC_SHA256 1
#define LIBSSH2_HMAC_SHA512 1
#if OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES)
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES)) || \
(defined(LIBSSH2_WOLFSSL) && defined(WOLFSSL_AES_COUNTER))
# define LIBSSH2_AES_CTR 1
# define LIBSSH2_AES 1
# define LIBSSH2_AES_CBC 1
#else
# define LIBSSH2_AES_CTR 0
# define LIBSSH2_AES 0
# define LIBSSH2_AES_CBC 0
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x01010100fL && !defined(OPENSSL_NO_AES)) || \
(defined(LIBSSH2_WOLFSSL) && \
defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM))
# define LIBSSH2_AES_GCM 1
#else
# define LIBSSH2_AES_GCM 0
#endif
#ifdef OPENSSL_NO_BF
@@ -137,7 +194,8 @@
#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1)
#define _libssh2_random(buf, len) (RAND_bytes((buf), (len)) == 1 ? 0 : -1)
#define _libssh2_random(buf, len) \
_libssh2_openssl_random((buf), (len))
#define libssh2_prepare_iovec(vec, len) /* Empty. */
@@ -160,7 +218,7 @@ int _libssh2_sha1_init(libssh2_sha1_ctx *ctx);
#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif
int _libssh2_sha1(const unsigned char *message, unsigned long len,
int _libssh2_sha1(const unsigned char *message, size_t len,
unsigned char *out);
#define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z)
@@ -184,7 +242,7 @@ int _libssh2_sha256_init(libssh2_sha256_ctx *ctx);
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif
int _libssh2_sha256(const unsigned char *message, unsigned long len,
int _libssh2_sha256(const unsigned char *message, size_t len,
unsigned char *out);
#define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z)
@@ -208,7 +266,7 @@ int _libssh2_sha384_init(libssh2_sha384_ctx *ctx);
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha384_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif
int _libssh2_sha384(const unsigned char *message, unsigned long len,
int _libssh2_sha384(const unsigned char *message, size_t len,
unsigned char *out);
#define libssh2_sha384(x,y,z) _libssh2_sha384(x,y,z)
@@ -232,7 +290,7 @@ int _libssh2_sha512_init(libssh2_sha512_ctx *ctx);
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha512_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif
int _libssh2_sha512(const unsigned char *message, unsigned long len,
int _libssh2_sha512(const unsigned char *message, size_t len,
unsigned char *out);
#define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z)
@@ -260,18 +318,24 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx);
#define libssh2_hmac_ctx HMAC_CTX *
#define libssh2_hmac_ctx_init(ctx) ctx = HMAC_CTX_new()
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
HMAC_Init_ex(*(ctx), key, keylen, EVP_sha1(), NULL)
HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha1(), NULL)
#define libssh2_hmac_md5_init(ctx, key, keylen) \
HMAC_Init_ex(*(ctx), key, keylen, EVP_md5(), NULL)
HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_md5(), NULL)
#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
HMAC_Init_ex(*(ctx), key, keylen, EVP_ripemd160(), NULL)
HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_ripemd160(), NULL)
#define libssh2_hmac_sha256_init(ctx, key, keylen) \
HMAC_Init_ex(*(ctx), key, keylen, EVP_sha256(), NULL)
HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha256(), NULL)
#define libssh2_hmac_sha512_init(ctx, key, keylen) \
HMAC_Init_ex(*(ctx), key, keylen, EVP_sha512(), NULL)
HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha512(), NULL)
#ifdef LIBSSH2_WOLFSSL
/* FIXME: upstream bug as of v5.6.0: datalen is int instead of size_t */
#define libssh2_hmac_update(ctx, data, datalen) \
HMAC_Update(ctx, data, (int)datalen)
#else
#define libssh2_hmac_update(ctx, data, datalen) \
HMAC_Update(ctx, data, datalen)
#endif /* LIBSSH2_WOLFSSL */
#define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL)
#define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx))
#else
@@ -279,15 +343,15 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx);
#define libssh2_hmac_ctx_init(ctx) \
HMAC_CTX_init(&ctx)
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL)
HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha1(), NULL)
#define libssh2_hmac_md5_init(ctx, key, keylen) \
HMAC_Init_ex(ctx, key, keylen, EVP_md5(), NULL)
HMAC_Init_ex(ctx, key, (int)keylen, EVP_md5(), NULL)
#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
HMAC_Init_ex(ctx, key, keylen, EVP_ripemd160(), NULL)
HMAC_Init_ex(ctx, key, (int)keylen, EVP_ripemd160(), NULL)
#define libssh2_hmac_sha256_init(ctx, key, keylen) \
HMAC_Init_ex(ctx, key, keylen, EVP_sha256(), NULL)
HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha256(), NULL)
#define libssh2_hmac_sha512_init(ctx, key, keylen) \
HMAC_Init_ex(ctx, key, keylen, EVP_sha512(), NULL)
HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha512(), NULL)
#define libssh2_hmac_update(ctx, data, datalen) \
HMAC_Update(&(ctx), data, datalen)
@@ -300,13 +364,17 @@ extern void _libssh2_openssl_crypto_exit(void);
#define libssh2_crypto_init() _libssh2_openssl_crypto_init()
#define libssh2_crypto_exit() _libssh2_openssl_crypto_exit()
#if LIBSSH2_RSA
#define libssh2_rsa_ctx RSA
#define _libssh2_rsa_free(rsactx) RSA_free(rsactx)
#endif
#if LIBSSH2_DSA
#define libssh2_dsa_ctx DSA
#define _libssh2_dsa_free(dsactx) DSA_free(dsactx)
#endif
#if LIBSSH2_ECDSA
#define libssh2_ecdsa_ctx EC_KEY
@@ -336,18 +404,15 @@ libssh2_curve_type;
#define _libssh2_cipher_ctx EVP_CIPHER_CTX
#endif
#define _libssh2_cipher_aes256gcm EVP_aes_256_gcm
#define _libssh2_cipher_aes128gcm EVP_aes_128_gcm
#define _libssh2_cipher_aes256 EVP_aes_256_cbc
#define _libssh2_cipher_aes192 EVP_aes_192_cbc
#define _libssh2_cipher_aes128 EVP_aes_128_cbc
#ifdef HAVE_EVP_AES_128_CTR
#define _libssh2_cipher_aes128ctr EVP_aes_128_ctr
#define _libssh2_cipher_aes192ctr EVP_aes_192_ctr
#define _libssh2_cipher_aes256ctr EVP_aes_256_ctr
#else
#define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr
#define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr
#define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr
#endif
#define _libssh2_cipher_blowfish EVP_bf_cbc
#define _libssh2_cipher_arcfour EVP_rc4
#define _libssh2_cipher_cast5 EVP_cast5_cbc
@@ -366,12 +431,20 @@ libssh2_curve_type;
#define _libssh2_bn_init() BN_new()
#define _libssh2_bn_init_from_bin() _libssh2_bn_init()
#define _libssh2_bn_set_word(bn, val) BN_set_word(bn, val)
#define _libssh2_bn_from_bin(bn, len, val) BN_bin2bn(val, len, bn)
#define _libssh2_bn_from_bin(bn, len, val) BN_bin2bn(val, (int)len, bn)
#define _libssh2_bn_to_bin(bn, val) BN_bn2bin(bn, val)
#define _libssh2_bn_bytes(bn) BN_num_bytes(bn)
#define _libssh2_bn_bits(bn) BN_num_bits(bn)
#define _libssh2_bn_free(bn) BN_clear_free(bn)
/* Default generate and safe prime sizes for
diffie-hellman-group-exchange-sha1 */
#define LIBSSH2_DH_GEX_MINGROUP 2048
#define LIBSSH2_DH_GEX_OPTGROUP 4096
#define LIBSSH2_DH_GEX_MAXGROUP 8192
#define LIBSSH2_DH_MAX_MODULUS_BITS 16384
#define _libssh2_dh_ctx BIGNUM *
#define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx)
#define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \
@@ -389,6 +462,8 @@ extern int _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,
_libssh2_bn_ctx *bnctx);
extern void _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx);
extern int _libssh2_openssl_random(void *buf, size_t len);
const EVP_CIPHER *_libssh2_EVP_aes_128_ctr(void);
const EVP_CIPHER *_libssh2_EVP_aes_192_ctr(void);
const EVP_CIPHER *_libssh2_EVP_aes_256_ctr(void);

2440
libssh2/src/os400qc3.c Normal file
View File

File diff suppressed because it is too large Load Diff

420
libssh2/src/os400qc3.h Normal file
View File

@@ -0,0 +1,420 @@
#ifndef __LIBSSH2_OS400QC3_H
#define __LIBSSH2_OS400QC3_H
/*
* Copyright (C) 2015-2016 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
* Copyright (C) 2020-2023 Patrick Monnerat <patrick@monnerat.net>.
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* Neither the name of the copyright holder nor the names
* of any other contributors may be used to endorse or
* promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/
#define LIBSSH2_CRYPTO_ENGINE libssh2_os400qc3
#include <stdlib.h>
#include <string.h>
#include <qc3cci.h>
/* Redefine character/string literals as always EBCDIC. */
#undef Qc3_Alg_Token
#define Qc3_Alg_Token "\xC1\xD3\xC7\xC4\xF0\xF1\xF0\xF0" /* ALGD0100 */
#undef Qc3_Alg_Block_Cipher
#define Qc3_Alg_Block_Cipher "\xC1\xD3\xC7\xC4\xF0\xF2\xF0\xF0" /* ALGD0200 */
#undef Qc3_Alg_Block_CipherAuth
#define Qc3_Alg_Block_CipherAuth \
"\xC1\xD3\xC7\xC4\xF0\xF2\xF1\xF0" /* ALGD0210 */
#undef Qc3_Alg_Stream_Cipher
#define Qc3_Alg_Stream_Cipher \
"\xC1\xD3\xC7\xC4\xF0\xF3\xF0\xF0" /* ALGD0300 */
#undef Qc3_Alg_Public_Key
#define Qc3_Alg_Public_Key "\xC1\xD3\xC7\xC4\xF0\xF4\xF0\xF0" /* ALGD0400 */
#undef Qc3_Alg_Hash
#define Qc3_Alg_Hash "\xC1\xD3\xC7\xC4\xF0\xF5\xF0\xF0" /* ALGD0500 */
#undef Qc3_Data
#define Qc3_Data "\xC4\xC1\xE3\xC1\xF0\xF1\xF0\xF0" /* DATA0100 */
#undef Qc3_Array
#define Qc3_Array "\xC4\xC1\xE3\xC1\xF0\xF2\xF0\xF0" /* DATA0200 */
#undef Qc3_Key_Token
#define Qc3_Key_Token "\xD2\xC5\xE8\xC4\xF0\xF1\xF0\xF0" /* KEYD0100 */
#undef Qc3_Key_Parms
#define Qc3_Key_Parms "\xD2\xC5\xE8\xC4\xF0\xF2\xF0\xF0" /* KEYD0200 */
#undef Qc3_Key_KSLabel
#define Qc3_Key_KSLabel "\xD2\xC5\xE8\xC4\xF0\xF4\xF0\xF0" /* KEYD0400 */
#undef Qc3_Key_PKCS5
#define Qc3_Key_PKCS5 "\xD2\xC5\xE8\xC4\xF0\xF5\xF0\xF0" /* KEYD0500 */
#undef Qc3_Key_PEMCert
#define Qc3_Key_PEMCert "\xD2\xC5\xE8\xC4\xF0\xF6\xF0\xF0" /* KEYD0600 */
#undef Qc3_Key_CSLabel
#define Qc3_Key_CSLabel "\xD2\xC5\xE8\xC4\xF0\xF7\xF0\xF0" /* KEYD0700 */
#undef Qc3_Key_CSDN
#define Qc3_Key_CSDN "\xD2\xC5\xE8\xC4\xF0\xF8\xF0\xF0" /* KEYD0800 */
#undef Qc3_Key_AppID
#define Qc3_Key_AppID "\xD2\xC5\xE8\xC4\xF0\xF9\xF0\xF0" /* KEYD0900 */
#undef Qc3_ECB
#define Qc3_ECB '\xF0' /* '0' */
#undef Qc3_CBC
#define Qc3_CBC '\xF1' /* '1' */
#undef Qc3_OFB
#define Qc3_OFB '\xF2' /* '2' */
#undef Qc3_CFB1Bit
#define Qc3_CFB1Bit '\xF3' /* '3' */
#undef Qc3_CFB8Bit
#define Qc3_CFB8Bit '\xF4' /* '4' */
#undef Qc3_CFB64Bit
#define Qc3_CFB64Bit '\xF5' /* '5' */
#undef Qc3_CUSP
#define Qc3_CUSP '\xF6' /* '6' */
#undef Qc3_CTR
#define Qc3_CTR '\xF7' /* '7' */
#undef Qc3_CCM
#define Qc3_CCM '\xF8' /* '8' */
#undef Qc3_No_Pad
#define Qc3_No_Pad '\xF0' /* '0' */
#undef Qc3_Pad_Char
#define Qc3_Pad_Char '\xF1' /* '1' */
#undef Qc3_Pad_Counter
#define Qc3_Pad_Counter '\xF2' /* '2' */
#undef Qc3_PKCS1_00
#define Qc3_PKCS1_00 '\xF0' /* '0' */
#undef Qc3_PKCS1_01
#define Qc3_PKCS1_01 '\xF1' /* '1' */
#undef Qc3_PKCS1_02
#define Qc3_PKCS1_02 '\xF2' /* '2' */
#undef Qc3_ISO9796
#define Qc3_ISO9796 '\xF3' /* '3' */
#undef Qc3_Zero_Pad
#define Qc3_Zero_Pad '\xF4' /* '4' */
#undef Qc3_ANSI_X931
#define Qc3_ANSI_X931 '\xF5' /* '5' */
#undef Qc3_OAEP
#define Qc3_OAEP '\xF6' /* '6' */
#undef Qc3_Bin_String
#define Qc3_Bin_String '\xF0' /* '0' */
#undef Qc3_BER_String
#define Qc3_BER_String '\xF1' /* '1' */
#undef Qc3_MK_Struct
#define Qc3_MK_Struct '\xF3' /* '3' */
#undef Qc3_KSLabel_Struct
#define Qc3_KSLabel_Struct '\xF4' /* '4' */
#undef Qc3_PKCS5_Struct
#define Qc3_PKCS5_Struct '\xF5' /* '5' */
#undef Qc3_PEMCert_String
#define Qc3_PEMCert_String '\xF6' /* '6' */
#undef Qc3_CSLabel_String
#define Qc3_CSLabel_String '\xF7' /* '7' */
#undef Qc3_CSDN_String
#define Qc3_CSDN_String '\xF8' /* '8' */
#undef Qc3_Clear
#define Qc3_Clear '\xF0' /* '0' */
#undef Qc3_Encrypted
#define Qc3_Encrypted '\xF1' /* '1' */
#undef Qc3_MK_Encrypted
#define Qc3_MK_Encrypted '\xF2' /* '2' */
#undef Qc3_Any_CSP
#define Qc3_Any_CSP '\xF0' /* '0' */
#undef Qc3_Sfw_CSP
#define Qc3_Sfw_CSP '\xF1' /* '1' */
#undef Qc3_Hdw_CSP
#define Qc3_Hdw_CSP '\xF2' /* '2' */
#undef Qc3_Continue
#define Qc3_Continue '\xF0' /* '0' */
#undef Qc3_Final
#define Qc3_Final '\xF1' /* '1' */
#undef Qc3_MK_New
#define Qc3_MK_New '\xF0' /* '0' */
#undef Qc3_MK_Current
#define Qc3_MK_Current '\xF1' /* '1' */
#undef Qc3_MK_Old
#define Qc3_MK_Old '\xF2' /* '2' */
#undef Qc3_MK_Pending
#define Qc3_MK_Pending '\xF3' /* '3' */
/* Define which features are supported. */
#define LIBSSH2_MD5 1
#define LIBSSH2_HMAC_RIPEMD 0
#define LIBSSH2_HMAC_SHA256 1
#define LIBSSH2_HMAC_SHA512 1
#define LIBSSH2_AES_CBC 1
#define LIBSSH2_AES_CTR 1
#define LIBSSH2_AES_GCM 0
#define LIBSSH2_BLOWFISH 0
#define LIBSSH2_RC4 1
#define LIBSSH2_CAST 0
#define LIBSSH2_3DES 1
#define LIBSSH2_RSA 1
#define LIBSSH2_RSA_SHA1 1
#define LIBSSH2_RSA_SHA2 1
#define LIBSSH2_DSA 0
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
#define MD5_DIGEST_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA256_DIGEST_LENGTH 32
#define SHA384_DIGEST_LENGTH 48
#define SHA512_DIGEST_LENGTH 64
#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1)
#if LIBSSH2_ECDSA
#else
#define _libssh2_ec_key void
#endif
/*******************************************************************
*
* OS/400 QC3 crypto-library backend: global handles structures.
*
*******************************************************************/
/* HMAC & private key algorithms support structure. */
typedef struct _libssh2_os400qc3_crypto_ctx _libssh2_os400qc3_crypto_ctx;
struct _libssh2_os400qc3_crypto_ctx {
Qc3_Format_ALGD0100_T hash; /* Hash algorithm. */
Qc3_Format_KEYD0100_T key; /* Key. */
_libssh2_os400qc3_crypto_ctx * kek; /* Key encryption. */
};
typedef struct { /* Big number. */
unsigned char * bignum; /* Number bits, little-endian. */
unsigned int length; /* Length of bignum (# bytes). */
} _libssh2_bn;
typedef struct { /* Algorithm description. */
char * fmt; /* Format of Qc3 structure. */
int algo; /* Algorithm identifier. */
unsigned char size; /* Block length. */
unsigned char mode; /* Block mode. */
int keylen; /* Key length. */
} _libssh2_os400qc3_cipher_t;
typedef struct { /* Diffie-Hellman context. */
char token[8]; /* Context token. */
} _libssh2_os400qc3_dh_ctx;
/*******************************************************************
*
* OS/400 QC3 crypto-library backend: Define global types/codes.
*
*******************************************************************/
#define libssh2_crypto_init()
#define libssh2_crypto_exit()
#define libssh2_sha1_ctx Qc3_Format_ALGD0100_T
#define libssh2_sha256_ctx Qc3_Format_ALGD0100_T
#define libssh2_sha384_ctx Qc3_Format_ALGD0100_T
#define libssh2_sha512_ctx Qc3_Format_ALGD0100_T
#define libssh2_md5_ctx Qc3_Format_ALGD0100_T
#define libssh2_hmac_ctx _libssh2_os400qc3_crypto_ctx
#define _libssh2_cipher_ctx _libssh2_os400qc3_crypto_ctx
#define libssh2_sha1_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA1)
#define libssh2_sha1_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha1_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha256_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA256)
#define libssh2_sha256_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha256_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha256(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA256)
#define libssh2_sha384_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA384)
#define libssh2_sha384_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha384_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha384(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA384)
#define libssh2_sha512_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA512)
#define libssh2_sha512_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha512_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha512(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA512)
#define libssh2_md5_init(x) libssh2_os400qc3_hash_init(x, Qc3_MD5)
#define libssh2_md5_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_md5_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_hmac_ctx_init(ctx) \
memset((char *) &(ctx), 0, \
sizeof(libssh2_hmac_ctx))
#define libssh2_hmac_md5_init(ctx, key, keylen) \
libssh2_os400qc3_hmac_init(ctx, Qc3_MD5, \
MD5_DIGEST_LENGTH, \
key, keylen)
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
libssh2_os400qc3_hmac_init(ctx, Qc3_SHA1, \
SHA_DIGEST_LENGTH, \
key, keylen)
#define libssh2_hmac_sha256_init(ctx, key, keylen) \
libssh2_os400qc3_hmac_init(ctx, Qc3_SHA256, \
SHA256_DIGEST_LENGTH, \
key, keylen)
#define libssh2_hmac_sha512_init(ctx, key, keylen) \
libssh2_os400qc3_hmac_init(ctx, Qc3_SHA512, \
SHA512_DIGEST_LENGTH, \
key, keylen)
#define libssh2_hmac_update(ctx, data, datalen) \
libssh2_os400qc3_hmac_update(&(ctx), \
data, datalen)
#define libssh2_hmac_final(ctx, data) \
libssh2_os400qc3_hmac_final(&(ctx), data)
#define libssh2_hmac_cleanup(ctx) \
_libssh2_os400qc3_crypto_dtor(ctx)
#define _libssh2_bn_ctx int /* Not used. */
#define _libssh2_bn_ctx_new() 0
#define _libssh2_bn_ctx_free(bnctx) ((void) 0)
#define _libssh2_bn_init_from_bin() _libssh2_bn_init()
#define _libssh2_bn_bytes(bn) ((bn)->length)
#define _libssh2_cipher_type(name) _libssh2_os400qc3_cipher_t name
#define _libssh2_cipher_aes128 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CBC, 16}
#define _libssh2_cipher_aes192 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CBC, 24}
#define _libssh2_cipher_aes256 {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CBC, 32}
#define _libssh2_cipher_aes128ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CTR, 16}
#define _libssh2_cipher_aes192ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CTR, 24}
#define _libssh2_cipher_aes256ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16, \
Qc3_CTR, 32}
#define _libssh2_cipher_3des {Qc3_Alg_Block_Cipher, Qc3_TDES, 8, \
Qc3_CBC, 24}
#define _libssh2_cipher_arcfour {Qc3_Alg_Stream_Cipher, Qc3_RC4, 8, 0, 16}
#define _libssh2_cipher_dtor(ctx) _libssh2_os400qc3_crypto_dtor(ctx)
#define libssh2_rsa_ctx _libssh2_os400qc3_crypto_ctx
#define _libssh2_rsa_free(ctx) (_libssh2_os400qc3_crypto_dtor(ctx), \
free((char *) ctx))
#define libssh2_prepare_iovec(vec, len) memset((char *) (vec), 0, \
(len) * sizeof(struct iovec))
#define _libssh2_rsa_sha1_signv(session, sig, siglen, count, vector, ctx) \
_libssh2_os400qc3_rsa_signv(session, Qc3_SHA1, sig, siglen, \
count, vector, ctx)
#define _libssh2_rsa_sha2_256_signv(session, sig, siglen, cnt, vector, ctx) \
_libssh2_os400qc3_rsa_signv(session, Qc3_SHA256, sig, siglen, \
cnt, vector, ctx)
#define _libssh2_rsa_sha2_512_signv(session, sig, siglen, cnt, vector, ctx) \
_libssh2_os400qc3_rsa_signv(session, Qc3_SHA512, sig, siglen, \
cnt, vector, ctx)
/* Default generate and safe prime sizes for diffie-hellman-group-exchange-sha1
Qc3 is limited to a maximum 2048-bit modulus/key size. */
#define LIBSSH2_DH_GEX_MINGROUP 1024
#define LIBSSH2_DH_GEX_OPTGROUP 1536
#define LIBSSH2_DH_GEX_MAXGROUP 2048
#define LIBSSH2_DH_MAX_MODULUS_BITS 2048
#define _libssh2_dh_ctx _libssh2_os400qc3_dh_ctx
#define libssh2_dh_init(dhctx) _libssh2_os400qc3_dh_init(dhctx)
#define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \
_libssh2_os400qc3_dh_key_pair(dhctx, public, g, p, group_order)
#define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \
_libssh2_os400qc3_dh_secret(dhctx, secret, f, p)
#define libssh2_dh_dtor(dhctx) _libssh2_os400qc3_dh_dtor(dhctx)
/*******************************************************************
*
* OS/400 QC3 crypto-library backend: Support procedure prototypes.
*
*******************************************************************/
extern _libssh2_bn * _libssh2_bn_init(void);
extern void _libssh2_bn_free(_libssh2_bn *bn);
extern unsigned long _libssh2_bn_bits(_libssh2_bn *bn);
extern int _libssh2_bn_from_bin(_libssh2_bn *bn, int len,
const unsigned char *v);
extern int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val);
extern int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val);
extern int _libssh2_random(unsigned char *buf, size_t len);
extern void _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x);
extern int libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x,
unsigned int algo);
extern void libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
const unsigned char *data,
int len);
extern void libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx,
unsigned char *out);
extern int libssh2_os400qc3_hash(const unsigned char *message,
unsigned long len, unsigned char *out,
unsigned int algo);
extern void libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *x,
int algo, size_t minkeylen,
void *key, int keylen);
extern void libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx,
const unsigned char *data,
int len);
extern void libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx,
unsigned char *out);
extern int _libssh2_os400qc3_rsa_signv(LIBSSH2_SESSION *session, int algo,
unsigned char **signature,
size_t *signature_len,
int veccount,
const struct iovec vector[],
libssh2_rsa_ctx *ctx);
extern void _libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx);
extern int _libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx,
_libssh2_bn *public,
_libssh2_bn *g,
_libssh2_bn *p, int group_order);
extern int _libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx,
_libssh2_bn *secret,
_libssh2_bn *f, _libssh2_bn *p);
extern void _libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx);
#endif /* __LIBSSH2_OS400QC3_H */
/* vim: set expandtab ts=4 sw=4: */

388
libssh2/src/packet.c
View File

@@ -39,28 +39,18 @@
*/
#include "libssh2_priv.h"
#include <errno.h>
#include <fcntl.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#endif
/* Needed for struct iovec on some platforms */
#ifdef HAVE_SYS_UIO_H
#include <sys/uio.h>
#endif
#include <sys/types.h>
#include "transport.h"
#include "channel.h"
#include "packet.h"
@@ -72,21 +62,21 @@
*/
static inline int
packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
unsigned long datalen,
size_t datalen,
packet_queue_listener_state_t *listen_state)
{
/*
* Look for a matching listener
*/
/* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */
unsigned long packet_len = 17 + (sizeof(FwdNotReq) - 1);
size_t packet_len = 17 + (sizeof(FwdNotReq) - 1);
unsigned char *p;
LIBSSH2_LISTENER *listn = _libssh2_list_first(&session->listeners);
char failure_code = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
int rc;
if(listen_state->state == libssh2_NB_state_idle) {
unsigned long offset = (sizeof("forwarded-tcpip") - 1) + 5;
size_t offset = (sizeof("forwarded-tcpip") - 1) + 5;
size_t temp_len = 0;
struct string_buf buf;
buf.data = data;
@@ -133,10 +123,10 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
"Data too short extracting sport");
}
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Remote received connection from %s:%ld to %s:%ld",
listen_state->shost, listen_state->sport,
listen_state->host, listen_state->port);
listen_state->host, listen_state->port));
listen_state->state = libssh2_NB_state_allocated;
}
@@ -156,8 +146,8 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
(listn->queue_maxsize <= listn->queue_size)) {
/* Queue is full */
failure_code = SSH_OPEN_RESOURCE_SHORTAGE;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
"Listener queue full, ignoring");
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Listener queue full, ignoring"));
listen_state->state = libssh2_NB_state_sent;
break;
}
@@ -206,14 +196,14 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
listen_state->initial_window_size;
channel->local.packet_size = listen_state->packet_size;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Connection queued: channel %lu/%lu "
"win %lu/%lu packet %lu/%lu",
channel->local.id, channel->remote.id,
channel->local.window_size,
channel->remote.window_size,
channel->local.packet_size,
channel->remote.packet_size);
channel->remote.packet_size));
p = listen_state->packet;
*(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION;
@@ -285,19 +275,19 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
*/
static inline int
packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
unsigned long datalen,
size_t datalen,
packet_x11_open_state_t *x11open_state)
{
int failure_code = SSH_OPEN_CONNECT_FAILED;
/* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */
unsigned long packet_len = 17 + (sizeof(X11FwdUnAvil) - 1);
size_t packet_len = 17 + (sizeof(X11FwdUnAvil) - 1);
unsigned char *p;
LIBSSH2_CHANNEL *channel = x11open_state->channel;
int rc;
if(x11open_state->state == libssh2_NB_state_idle) {
unsigned long offset = (sizeof("x11") - 1) + 5;
size_t offset = (sizeof("x11") - 1) + 5;
size_t temp_len = 0;
struct string_buf buf;
buf.data = data;
@@ -346,10 +336,10 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
goto x11_exit;
}
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"X11 Connection Received from %s:%ld on channel %lu",
x11open_state->shost, x11open_state->sport,
x11open_state->sender_channel);
x11open_state->sender_channel));
x11open_state->state = libssh2_NB_state_allocated;
}
@@ -391,14 +381,14 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
channel->local.window_size = x11open_state->initial_window_size;
channel->local.packet_size = x11open_state->packet_size;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"X11 Connection established: channel %lu/%lu "
"win %lu/%lu packet %lu/%lu",
channel->local.id, channel->remote.id,
channel->local.window_size,
channel->remote.window_size,
channel->local.packet_size,
channel->remote.packet_size);
channel->remote.packet_size));
p = x11open_state->packet;
*(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION;
_libssh2_store_u32(&p, channel->remote.id);
@@ -439,7 +429,7 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
else
failure_code = SSH_OPEN_RESOURCE_SHORTAGE;
/* fall-trough */
x11_exit:
x11_exit:
p = x11open_state->packet;
*(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE;
_libssh2_store_u32(&p, x11open_state->sender_channel);
@@ -460,6 +450,154 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
return 0;
}
/*
* packet_authagent_open
*
* Open a connection to authentication agent
*/
static inline int
packet_authagent_open(LIBSSH2_SESSION * session,
unsigned char *data, size_t datalen,
packet_authagent_state_t *authagent_state)
{
int failure_code = SSH_OPEN_CONNECT_FAILED;
/* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */
size_t packet_len = 17 + (sizeof(X11FwdUnAvil) - 1);
unsigned char *p;
LIBSSH2_CHANNEL *channel = authagent_state->channel;
int rc;
(void)datalen;
if(authagent_state->state == libssh2_NB_state_idle) {
unsigned char *s = data + (sizeof("auth-agent@openssh.org") - 1) + 5;
authagent_state->sender_channel = _libssh2_ntohu32(s);
s += 4;
authagent_state->initial_window_size = _libssh2_ntohu32(s);
s += 4;
authagent_state->packet_size = _libssh2_ntohu32(s);
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Auth Agent Connection Received on channel %lu",
authagent_state->sender_channel));
authagent_state->state = libssh2_NB_state_allocated;
}
if(session->authagent) {
if(authagent_state->state == libssh2_NB_state_allocated) {
channel = LIBSSH2_ALLOC(session, sizeof(LIBSSH2_CHANNEL));
authagent_state->channel = channel;
if(!channel) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"allocate a channel for new connection");
failure_code = SSH_OPEN_RESOURCE_SHORTAGE;
goto authagent_exit;
}
memset(channel, 0, sizeof(LIBSSH2_CHANNEL));
channel->session = session;
channel->channel_type_len = sizeof("auth agent") - 1;
channel->channel_type = LIBSSH2_ALLOC(session,
channel->channel_type_len +
1);
if(!channel->channel_type) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"allocate a channel for new connection");
LIBSSH2_FREE(session, channel);
failure_code = SSH_OPEN_RESOURCE_SHORTAGE;
goto authagent_exit;
}
memcpy(channel->channel_type, "auth agent",
channel->channel_type_len + 1);
channel->remote.id = authagent_state->sender_channel;
channel->remote.window_size_initial =
LIBSSH2_CHANNEL_WINDOW_DEFAULT;
channel->remote.window_size = LIBSSH2_CHANNEL_WINDOW_DEFAULT;
channel->remote.packet_size = LIBSSH2_CHANNEL_PACKET_DEFAULT;
channel->local.id = _libssh2_channel_nextid(session);
channel->local.window_size_initial =
authagent_state->initial_window_size;
channel->local.window_size = authagent_state->initial_window_size;
channel->local.packet_size = authagent_state->packet_size;
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Auth Agent Connection established: channel "
"%lu/%lu win %lu/%lu packet %lu/%lu",
channel->local.id, channel->remote.id,
channel->local.window_size,
channel->remote.window_size,
channel->local.packet_size,
channel->remote.packet_size));
p = authagent_state->packet;
*(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION;
_libssh2_store_u32(&p, channel->remote.id);
_libssh2_store_u32(&p, channel->local.id);
_libssh2_store_u32(&p, channel->remote.window_size_initial);
_libssh2_store_u32(&p, channel->remote.packet_size);
authagent_state->state = libssh2_NB_state_created;
}
if(authagent_state->state == libssh2_NB_state_created) {
rc = _libssh2_transport_send(session, authagent_state->packet, 17,
NULL, 0);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
}
else if(rc) {
authagent_state->state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
"Unable to send channel open "
"confirmation");
}
/* Link the channel into the session */
_libssh2_list_add(&session->channels, &channel->node);
/* mess with stuff so we don't keep reading the same packet
over and over */
session->packet.total_num = 0;
session->fullpacket_state = libssh2_NB_state_idle;
/* Pass control to the callback, they may turn right around and
and free the channel, or actually use it */
LIBSSH2_AUTHAGENT(channel);
authagent_state->state = libssh2_NB_state_idle;
return 0;
}
}
else
failure_code = SSH_OPEN_RESOURCE_SHORTAGE;
/* fall-through */
authagent_exit:
p = authagent_state->packet;
*(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE;
_libssh2_store_u32(&p, authagent_state->sender_channel);
_libssh2_store_u32(&p, failure_code);
_libssh2_store_str(&p, AuthAgentUnavail, sizeof(AuthAgentUnavail) - 1);
_libssh2_htonu32(p, 0);
rc = _libssh2_transport_send(session, authagent_state->packet, packet_len,
NULL, 0);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
}
else if(rc) {
authagent_state->state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, "Unable to send open failure");
}
authagent_state->state = libssh2_NB_state_idle;
return 0;
}
/*
* _libssh2_packet_add
*
@@ -487,9 +625,9 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
switch(session->packAdd_state) {
case libssh2_NB_state_idle:
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Packet type %d received, length=%d",
(int) msg, (int) datalen);
(int) msg, (int) datalen));
if((macstate == LIBSSH2_MAC_INVALID) &&
(!session->macerror ||
@@ -513,6 +651,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
goto libssh2_packet_add_jump_point4;
case libssh2_NB_state_jump5:
goto libssh2_packet_add_jump_point5;
case libssh2_NB_state_jumpauthagent:
goto libssh2_packet_add_jump_authagent;
default: /* nothing to do */
break;
}
@@ -547,9 +687,9 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
language_len);
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Disconnect(%d): %s(%s)", reason,
message, language);
message, language));
}
LIBSSH2_FREE(session, data);
@@ -606,15 +746,84 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
}
/*
* _libssh2_debug will actually truncate this for us so
* _libssh2_debug() will actually truncate this for us so
* that it's not an inordinate about of data
*/
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"Debug Packet: %s", message);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Debug Packet: %s", message));
LIBSSH2_FREE(session, data);
session->packAdd_state = libssh2_NB_state_idle;
return 0;
/*
byte SSH_MSG_EXT_INFO
uint32 nr-extensions
[repeat "nr-extensions" times]
string extension-name [RFC8308]
string extension-value (binary)
*/
case SSH_MSG_EXT_INFO:
if(datalen >= 5) {
uint32_t nr_extensions = 0;
struct string_buf buf;
buf.data = (unsigned char *)data;
buf.dataptr = buf.data;
buf.len = datalen;
buf.dataptr += 1; /* advance past type */
if(_libssh2_get_u32(&buf, &nr_extensions) != 0) {
rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Invalid extension info received");
}
while(rc == 0 && nr_extensions > 0) {
size_t name_len = 0;
size_t value_len = 0;
unsigned char *name = NULL;
unsigned char *value = NULL;
nr_extensions -= 1;
_libssh2_get_string(&buf, &name, &name_len);
_libssh2_get_string(&buf, &value, &value_len);
if(name && value) {
_libssh2_debug((session,
LIBSSH2_TRACE_KEX,
"Server to Client extension %.*s: %.*s",
name_len, name, value_len, value));
}
if(name_len == 15 &&
memcmp(name, "server-sig-algs", 15) == 0) {
if(session->server_sign_algorithms) {
LIBSSH2_FREE(session,
session->server_sign_algorithms);
}
session->server_sign_algorithms =
LIBSSH2_ALLOC(session,
value_len + 1);
if(session->server_sign_algorithms) {
memcpy(session->server_sign_algorithms,
value, value_len);
session->server_sign_algorithms[value_len] = '\0';
}
else {
rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"memory for server sign algo");
}
}
}
}
LIBSSH2_FREE(session, data);
session->packAdd_state = libssh2_NB_state_idle;
return rc;
/*
byte SSH_MSG_GLOBAL_REQUEST
string request name in US-ASCII only
@@ -629,17 +838,17 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
len = _libssh2_ntohu32(data + 1);
if((len <= (UINT_MAX - 6)) && (datalen >= (6 + len))) {
want_reply = data[5 + len];
_libssh2_debug(session,
_libssh2_debug((session,
LIBSSH2_TRACE_CONN,
"Received global request type %.*s (wr %X)",
len, data + 5, want_reply);
len, data + 5, want_reply));
}
if(want_reply) {
static const unsigned char packet =
SSH_MSG_REQUEST_FAILURE;
libssh2_packet_add_jump_point5:
libssh2_packet_add_jump_point5:
session->packAdd_state = libssh2_NB_state_jump5;
rc = _libssh2_transport_send(session, &packet, 1, NULL, 0);
if(rc == LIBSSH2_ERROR_EAGAIN)
@@ -691,12 +900,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if(msg == SSH_MSG_CHANNEL_EXTENDED_DATA)
stream_id = _libssh2_ntohu32(data + 5);
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"%d bytes packet_add() for %lu/%lu/%lu",
(int) (datalen - data_head),
channelp->local.id,
channelp->remote.id,
stream_id);
stream_id));
}
#endif
if((channelp->remote.extended_data_ignore_mode ==
@@ -705,30 +914,31 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
/* Pretend we didn't receive this */
LIBSSH2_FREE(session, data);
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Ignoring extended data and refunding %d bytes",
(int) (datalen - 13));
(int) (datalen - 13)));
if(channelp->read_avail + datalen - data_head >=
channelp->remote.window_size)
datalen = channelp->remote.window_size -
channelp->read_avail + data_head;
channelp->remote.window_size -= datalen - data_head;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
channelp->remote.window_size -= (uint32_t)(datalen -
data_head);
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"shrinking window size by %lu bytes to %lu, "
"read_avail %lu",
datalen - data_head,
channelp->remote.window_size,
channelp->read_avail);
channelp->read_avail));
session->packAdd_channelp = channelp;
/* Adjust the window based on the block we just freed */
libssh2_packet_add_jump_point1:
libssh2_packet_add_jump_point1:
session->packAdd_state = libssh2_NB_state_jump1;
rc = _libssh2_channel_receive_window_adjust(session->
packAdd_channelp,
datalen - 13,
(uint32_t)(datalen - 13),
1, NULL);
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -746,8 +956,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
* Spec says we MAY ignore bytes sent beyond
* packet_size
*/
_libssh2_error(session,
LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED,
_libssh2_error(session, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED,
"Packet contains more data than we offered"
" to receive, truncating");
datalen = channelp->remote.packet_size + data_head;
@@ -757,8 +966,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
* Spec says we MAY ignore bytes sent beyond
* window_size
*/
_libssh2_error(session,
LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED,
_libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED,
"The current receive window is full,"
" data ignored");
LIBSSH2_FREE(session, data);
@@ -770,8 +978,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if(channelp->read_avail + datalen - data_head >
channelp->remote.window_size) {
_libssh2_error(session,
LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED,
_libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED,
"Remote sent more data than current "
"window allows, truncating");
datalen = channelp->remote.window_size -
@@ -783,11 +990,11 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
* from an upper layer */
channelp->read_avail += datalen - data_head;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"increasing read_avail by %lu bytes to %lu/%lu",
(long)(datalen - data_head),
(long)channelp->read_avail,
(long)channelp->remote.window_size);
(long)channelp->remote.window_size));
break;
@@ -805,11 +1012,11 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
/* We may have freed already, just quietly ignore this... */
;
else {
_libssh2_debug(session,
_libssh2_debug((session,
LIBSSH2_TRACE_CONN,
"EOF received for channel %lu/%lu",
channelp->local.id,
channelp->remote.id);
channelp->remote.id));
channelp->remote.eof = 1;
}
LIBSSH2_FREE(session, data);
@@ -833,10 +1040,10 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if((len + 9) < datalen)
want_reply = data[len + 9];
_libssh2_debug(session,
_libssh2_debug((session,
LIBSSH2_TRACE_CONN,
"Channel %d received request type %.*s (wr %X)",
channel, len, data + 9, want_reply);
channel, len, data + 9, want_reply));
if(len == sizeof("exit-status") - 1
&& (sizeof("exit-status") - 1 + 9) <= datalen
@@ -851,12 +1058,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if(channelp && (sizeof("exit-status") + 13) <= datalen) {
channelp->exit_status =
_libssh2_ntohu32(data + 9 + sizeof("exit-status"));
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Exit status %lu received for "
"channel %lu/%lu",
channelp->exit_status,
channelp->local.id,
channelp->remote.id);
channelp->remote.id));
}
}
@@ -890,12 +1097,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
data + 13 + sizeof("exit-signal"), namelen);
channelp->exit_signal[namelen] = '\0';
/* TODO: save error message and language tag */
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Exit signal %s received for "
"channel %lu/%lu",
channelp->exit_signal,
channelp->local.id,
channelp->remote.id);
channelp->remote.id));
}
}
}
@@ -903,7 +1110,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if(want_reply) {
unsigned char packet[5];
libssh2_packet_add_jump_point4:
libssh2_packet_add_jump_point4:
session->packAdd_state = libssh2_NB_state_jump4;
packet[0] = SSH_MSG_CHANNEL_FAILURE;
memcpy(&packet[1], data + 1, 4);
@@ -932,10 +1139,10 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
session->packAdd_state = libssh2_NB_state_idle;
return 0;
}
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Close received for channel %lu/%lu",
channelp->local.id,
channelp->remote.id);
channelp->remote.id));
channelp->remote.close = 1;
channelp->remote.eof = 1;
@@ -966,7 +1173,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
memset(&session->packAdd_Qlstn_state, 0,
sizeof(session->packAdd_Qlstn_state));
libssh2_packet_add_jump_point2:
libssh2_packet_add_jump_point2:
session->packAdd_state = libssh2_NB_state_jump2;
rc = packet_queue_listener(session, data, datalen,
&session->packAdd_Qlstn_state);
@@ -979,11 +1186,26 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
memset(&session->packAdd_x11open_state, 0,
sizeof(session->packAdd_x11open_state));
libssh2_packet_add_jump_point3:
libssh2_packet_add_jump_point3:
session->packAdd_state = libssh2_NB_state_jump3;
rc = packet_x11_open(session, data, datalen,
&session->packAdd_x11open_state);
}
else if((datalen >= (sizeof("auth-agent@openssh.com") + 4)) &&
((sizeof("auth-agent@openssh.com") - 1) ==
_libssh2_ntohu32(data + 1)) &&
(memcmp(data + 5, "auth-agent@openssh.com",
sizeof("auth-agent@openssh.com") - 1) == 0)) {
/* init the state struct */
memset(&session->packAdd_authagent_state, 0,
sizeof(session->packAdd_authagent_state));
libssh2_packet_add_jump_authagent:
session->packAdd_state = libssh2_NB_state_jumpauthagent;
rc = packet_authagent_open(session, data, datalen,
&session->packAdd_authagent_state);
}
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -1007,13 +1229,13 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
if(channelp) {
channelp->local.window_size += bytestoadd;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Window adjust for channel %lu/%lu, "
"adding %lu bytes, new window_size=%lu",
channelp->local.id,
channelp->remote.id,
bytestoadd,
channelp->local.window_size);
channelp->local.window_size));
}
}
LIBSSH2_FREE(session, data);
@@ -1030,8 +1252,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
LIBSSH2_PACKET *packetp =
LIBSSH2_ALLOC(session, sizeof(LIBSSH2_PACKET));
if(!packetp) {
_libssh2_debug(session, LIBSSH2_ERROR_ALLOC,
"memory for packet");
_libssh2_debug((session, LIBSSH2_ERROR_ALLOC,
"memory for packet"));
LIBSSH2_FREE(session, data);
session->packAdd_state = libssh2_NB_state_idle;
return LIBSSH2_ERROR_ALLOC;
@@ -1054,7 +1276,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
* Well, it's already in the brigade,
* let's just call back into ourselves
*/
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Renegotiating Keys");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Renegotiating Keys"));
session->packAdd_state = libssh2_NB_state_sent2;
}
@@ -1099,8 +1322,8 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type,
{
LIBSSH2_PACKET *packet = _libssh2_list_first(&session->packets);
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"Looking for packet of type: %d", (int) packet_type);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Looking for packet of type: %d", (int) packet_type));
while(packet) {
if(packet->data[0] == packet_type
@@ -1137,12 +1360,12 @@ _libssh2_packet_askv(LIBSSH2_SESSION * session,
const unsigned char *match_buf,
size_t match_len)
{
int i, packet_types_len = strlen((char *) packet_types);
size_t i, packet_types_len = strlen((const char *) packet_types);
for(i = 0; i < packet_types_len; i++) {
if(0 == _libssh2_packet_ask(session, packet_types[i], data,
if(_libssh2_packet_ask(session, packet_types[i], data,
data_len, match_ofs,
match_buf, match_len)) {
match_buf, match_len) == 0) {
return 0;
}
}
@@ -1196,7 +1419,7 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type,
}
else if(ret == 0) {
/* nothing available, wait until data arrives or we time out */
long left = LIBSSH2_READ_TIMEOUT - (long)(time(NULL) -
long left = session->packet_read_timeout - (long)(time(NULL) -
state->start);
if(left <= 0) {
@@ -1241,8 +1464,8 @@ _libssh2_packet_burn(LIBSSH2_SESSION * session,
return i;
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"Blocking until packet becomes available to burn");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Blocking until packet becomes available to burn"));
*state = libssh2_NB_state_created;
}
@@ -1309,7 +1532,7 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session,
return ret;
}
if(ret <= 0) {
long left = LIBSSH2_READ_TIMEOUT -
long left = session->packet_read_timeout -
(long)(time(NULL) - state->start);
if(left <= 0) {
@@ -1323,7 +1546,7 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session,
if(strchr((char *) packet_types, ret)) {
/* Be lazy, let packet_ask pull it out of the brigade */
int ret = _libssh2_packet_askv(session, packet_types, data,
ret = _libssh2_packet_askv(session, packet_types, data,
data_len, match_ofs, match_buf,
match_len);
state->start = 0;
@@ -1335,4 +1558,3 @@ _libssh2_packet_requirev(LIBSSH2_SESSION *session,
state->start = 0;
return LIBSSH2_ERROR_SOCKET_DISCONNECT;
}

97
libssh2/src/pem.c
View File

@@ -100,20 +100,27 @@ static const char *crypt_annotation = "Proc-Type: 4,ENCRYPTED";
static unsigned char hex_decode(char digit)
{
return (digit >= 'A') ? 0xA + (digit - 'A') : (digit - '0');
return (unsigned char)
((digit >= 'A') ? (0xA + (digit - 'A')) : (digit - '0'));
}
/* Hack to fix builds with crypto backends with MD5 support disabled.
FIXME: Honor our LIBSSH2_MD5 macro for MD5-dependent logic. */
#ifdef OPENSSL_NO_MD5
#define MD5_DIGEST_LENGTH 16
#endif
int
_libssh2_pem_parse(LIBSSH2_SESSION * session,
const char *headerbegin,
const char *headerend,
const unsigned char *passphrase,
FILE * fp, unsigned char **data, unsigned int *datalen)
FILE * fp, unsigned char **data, size_t *datalen)
{
char line[LINE_SIZE];
unsigned char iv[LINE_SIZE];
char *b64data = NULL;
unsigned int b64datalen = 0;
size_t b64datalen = 0;
int ret;
const LIBSSH2_CRYPT_METHOD *method = NULL;
@@ -141,7 +148,8 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
}
all_methods = libssh2_crypt_methods();
while((cur_method = *all_methods++)) {
/* !checksrc! disable EQUALSNULL 1 */
while((cur_method = *all_methods++) != NULL) {
if(*cur_method->pem_annotation &&
memcmp(line, cur_method->pem_annotation,
strlen(cur_method->pem_annotation)) == 0) {
@@ -152,12 +160,12 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
}
/* None of the available crypt methods were able to decrypt the key */
if(method == NULL)
if(!method)
return -1;
/* Decode IV from hex */
for(i = 0; i < method->iv_len; ++i) {
iv[i] = hex_decode(iv[2*i]) << 4;
iv[i] = (unsigned char)(hex_decode(iv[2*i]) << 4);
iv[i] |= hex_decode(iv[2*i + 1]);
}
@@ -198,7 +206,7 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
return -1;
}
if(libssh2_base64_decode(session, (char **) data, datalen,
if(_libssh2_base64_decode(session, (char **) data, datalen,
b64data, b64datalen)) {
ret = -1;
goto out;
@@ -258,7 +266,11 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
while(len_decrypted <= (int)*datalen - blocksize) {
if(method->crypt(session, *data + len_decrypted, blocksize,
&abstract)) {
&abstract,
len_decrypted == 0 ? FIRST_BLOCK :
((len_decrypted == (int)*datalen - blocksize) ?
LAST_BLOCK : MIDDLE_BLOCK)
)) {
ret = LIBSSH2_ERROR_DECRYPT;
_libssh2_explicit_zero((char *)secret, sizeof(secret));
method->dtor(session, &abstract);
@@ -281,7 +293,7 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
}
ret = 0;
out:
out:
if(b64data) {
_libssh2_explicit_zero(b64data, b64datalen);
LIBSSH2_FREE(session, b64data);
@@ -294,11 +306,11 @@ _libssh2_pem_parse_memory(LIBSSH2_SESSION * session,
const char *headerbegin,
const char *headerend,
const char *filedata, size_t filedata_len,
unsigned char **data, unsigned int *datalen)
unsigned char **data, size_t *datalen)
{
char line[LINE_SIZE];
char *b64data = NULL;
unsigned int b64datalen = 0;
size_t b64datalen = 0;
size_t off = 0;
int ret;
@@ -343,14 +355,14 @@ _libssh2_pem_parse_memory(LIBSSH2_SESSION * session,
return -1;
}
if(libssh2_base64_decode(session, (char **) data, datalen,
if(_libssh2_base64_decode(session, (char **) data, datalen,
b64data, b64datalen)) {
ret = -1;
goto out;
}
ret = 0;
out:
out:
if(b64data) {
_libssh2_explicit_zero(b64data, b64datalen);
LIBSSH2_FREE(session, b64data);
@@ -382,7 +394,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
unsigned char *key_part = NULL;
unsigned char *iv_part = NULL;
unsigned char *f = NULL;
unsigned int f_len = 0;
size_t f_len = 0;
int ret = 0, keylen = 0, ivlen = 0, total_len = 0;
size_t kdf_len = 0, tmp_len = 0, salt_len = 0;
@@ -390,7 +402,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
*decrypted_buf = NULL;
/* decode file */
if(libssh2_base64_decode(session, (char **)&f, &f_len,
if(_libssh2_base64_decode(session, (char **)&f, &f_len,
b64data, b64datalen)) {
ret = -1;
goto out;
@@ -440,7 +452,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
kdf_buf.len = kdf_len;
}
if((passphrase == NULL || strlen((const char *)passphrase) == 0) &&
if((!passphrase || strlen((const char *)passphrase) == 0) &&
strcmp((const char *)ciphername, "none") != 0) {
/* passphrase required */
ret = LIBSSH2_ERROR_KEYFILE_AUTH_FAILED;
@@ -456,7 +468,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
if(!strcmp((const char *)kdfname, "none") &&
strcmp((const char *)ciphername, "none") != 0) {
ret =_libssh2_error(session, LIBSSH2_ERROR_PROTO,
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"invalid format");
goto out;
}
@@ -490,7 +502,8 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
const LIBSSH2_CRYPT_METHOD **all_methods, *cur_method;
all_methods = libssh2_crypt_methods();
while((cur_method = *all_methods++)) {
/* !checksrc! disable EQUALSNULL 1 */
while((cur_method = *all_methods++) != NULL) {
if(*cur_method->name &&
memcmp(ciphername, cur_method->name,
strlen(cur_method->name)) == 0) {
@@ -500,7 +513,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
/* None of the available crypt methods were able to decrypt the key */
if(method == NULL) {
if(!method) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"No supported cipher found");
goto out;
@@ -517,16 +530,15 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
total_len = keylen + ivlen;
key = LIBSSH2_CALLOC(session, total_len);
if(key == NULL) {
if(!key) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Could not alloc key");
goto out;
}
if(strcmp((const char *)kdfname, "bcrypt") == 0 &&
passphrase != NULL) {
if(strcmp((const char *)kdfname, "bcrypt") == 0 && passphrase) {
if((_libssh2_get_string(&kdf_buf, &salt, &salt_len)) ||
(_libssh2_get_u32(&kdf_buf, &rounds) != 0) ) {
(_libssh2_get_u32(&kdf_buf, &rounds) != 0)) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"kdf contains unexpected values");
LIBSSH2_FREE(session, key);
@@ -554,14 +566,14 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
blocksize = method->blocksize;
key_part = LIBSSH2_CALLOC(session, keylen);
if(key_part == NULL) {
if(!key_part) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Could not alloc key part");
goto out;
}
iv_part = LIBSSH2_CALLOC(session, ivlen);
if(iv_part == NULL) {
if(!iv_part) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Could not alloc iv part");
goto out;
@@ -587,7 +599,11 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
while((size_t)len_decrypted <= decrypted.len - blocksize) {
if(method->crypt(session, decrypted.data + len_decrypted,
blocksize,
&abstract)) {
&abstract,
len_decrypted == 0 ? FIRST_BLOCK : (
((size_t)len_decrypted == decrypted.len - blocksize) ?
LAST_BLOCK : MIDDLE_BLOCK)
)) {
ret = LIBSSH2_ERROR_DECRYPT;
method->dtor(session, &abstract);
goto out;
@@ -612,7 +628,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
goto out;
}
if(decrypted_buf != NULL) {
if(decrypted_buf) {
/* copy data to out-going buffer */
struct string_buf *out_buf = _libssh2_string_buf_new(session);
if(!out_buf) {
@@ -623,7 +639,7 @@ _libssh2_openssh_pem_parse_data(LIBSSH2_SESSION * session,
}
out_buf->data = LIBSSH2_CALLOC(session, decrypted.len);
if(out_buf->data == NULL) {
if(!out_buf->data) {
ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for "
"decrypted struct");
@@ -668,7 +684,7 @@ _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session,
{
char line[LINE_SIZE];
char *b64data = NULL;
unsigned int b64datalen = 0;
size_t b64datalen = 0;
int ret = 0;
/* read file */
@@ -719,7 +735,7 @@ _libssh2_openssh_pem_parse(LIBSSH2_SESSION * session,
ret = _libssh2_openssh_pem_parse_data(session,
passphrase,
(const char *)b64data,
(size_t)b64datalen,
b64datalen,
decrypted_buf);
if(b64data) {
@@ -740,11 +756,11 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session,
{
char line[LINE_SIZE];
char *b64data = NULL;
unsigned int b64datalen = 0;
size_t b64datalen = 0;
size_t off = 0;
int ret;
if(filedata == NULL || filedata_len <= 0)
if(!filedata || filedata_len <= 0)
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Error parsing PEM: filedata missing");
@@ -754,7 +770,8 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session,
if(off >= filedata_len)
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Error parsing PEM: offset out of bounds");
"Error parsing PEM: "
"OpenSSH header not found");
if(readline_memory(line, LINE_SIZE, filedata, filedata_len, &off)) {
return -1;
@@ -765,7 +782,7 @@ _libssh2_openssh_pem_parse_memory(LIBSSH2_SESSION * session,
*line = '\0';
do {
if (*line) {
if(*line) {
char *tmp;
size_t linelen;
@@ -814,7 +831,7 @@ out:
static int
read_asn1_length(const unsigned char *data,
unsigned int datalen, unsigned int *len)
size_t datalen, size_t *len)
{
unsigned int lenlen;
int nextpos;
@@ -848,9 +865,9 @@ read_asn1_length(const unsigned char *data,
}
int
_libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen)
_libssh2_pem_decode_sequence(unsigned char **data, size_t *datalen)
{
unsigned int len;
size_t len;
int lenlen;
if(*datalen < 1) {
@@ -876,10 +893,10 @@ _libssh2_pem_decode_sequence(unsigned char **data, unsigned int *datalen)
}
int
_libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen,
_libssh2_pem_decode_integer(unsigned char **data, size_t *datalen,
unsigned char **i, unsigned int *ilen)
{
unsigned int len;
size_t len;
int lenlen;
if(*datalen < 1) {
@@ -902,7 +919,7 @@ _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen,
*datalen -= lenlen;
*i = *data;
*ilen = len;
*ilen = (unsigned int)len;
*data += len;
*datalen -= len;

122
libssh2/src/publickey.c
View File

@@ -105,7 +105,7 @@ static const LIBSSH2_PUBLICKEY_CODE_LIST publickey_status_codes[] = {
*/
static void
publickey_status_error(const LIBSSH2_PUBLICKEY *pkey,
LIBSSH2_SESSION *session, int status)
LIBSSH2_SESSION *session, unsigned long status)
{
const char *msg;
@@ -114,7 +114,7 @@ publickey_status_error(const LIBSSH2_PUBLICKEY *pkey,
status = 7;
}
if(status < 0 || status > LIBSSH2_PUBLICKEY_STATUS_CODE_MAX) {
if(status > LIBSSH2_PUBLICKEY_STATUS_CODE_MAX) {
msg = "unknown";
}
else {
@@ -136,14 +136,14 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey,
LIBSSH2_CHANNEL *channel = pkey->channel;
LIBSSH2_SESSION *session = channel->session;
unsigned char buffer[4];
int rc;
ssize_t rc;
*data = NULL; /* default to nothing returned */
*data_len = 0;
if(pkey->receive_state == libssh2_NB_state_idle) {
rc = _libssh2_channel_read(channel, 0, (char *) buffer, 4);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
return (int)rc;
}
else if(rc != 4) {
return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_PROTOCOL,
@@ -166,9 +166,9 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey,
rc = _libssh2_channel_read(channel, 0, (char *) pkey->receive_packet,
pkey->receive_packet_len);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
return (int)rc;
}
else if(rc != (int)pkey->receive_packet_len) {
else if(rc != (ssize_t)pkey->receive_packet_len) {
LIBSSH2_FREE(session, pkey->receive_packet);
pkey->receive_packet = NULL;
pkey->receive_state = libssh2_NB_state_idle;
@@ -234,7 +234,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey)
size_t data_len;
int response;
while(1) {
for(;;) {
int rc = publickey_packet_receive(pkey, &data, &data_len);
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
@@ -272,7 +272,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey)
return 0;
publickey_status_error(pkey, session, status);
return -1;
goto err_exit;
}
default:
LIBSSH2_FREE(session, data);
@@ -287,7 +287,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey)
data = NULL;
}
}
/* never reached, but include `return` to silence compiler warnings */
err_exit:
return -1;
}
@@ -310,8 +310,8 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
session->pkeyInit_pkey = NULL;
session->pkeyInit_channel = NULL;
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
"Initializing publickey subsystem");
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Initializing publickey subsystem"));
session->pkeyInit_state = libssh2_NB_state_allocated;
}
@@ -387,28 +387,29 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
session->pkeyInit_buffer_sent = 0;
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Sending publickey advertising version %d support",
(int) LIBSSH2_PUBLICKEY_VERSION);
(int) LIBSSH2_PUBLICKEY_VERSION));
session->pkeyInit_state = libssh2_NB_state_sent2;
}
if(session->pkeyInit_state == libssh2_NB_state_sent2) {
rc = _libssh2_channel_write(session->pkeyInit_channel, 0,
ssize_t nwritten;
nwritten = _libssh2_channel_write(session->pkeyInit_channel, 0,
session->pkeyInit_buffer,
19 - session->pkeyInit_buffer_sent);
if(rc == LIBSSH2_ERROR_EAGAIN) {
if(nwritten == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block sending publickey version packet");
return NULL;
}
else if(rc < 0) {
_libssh2_error(session, rc,
else if(nwritten < 0) {
_libssh2_error(session, (int)nwritten,
"Unable to send publickey version packet");
goto err_exit;
}
session->pkeyInit_buffer_sent += rc;
session->pkeyInit_buffer_sent += nwritten;
if(session->pkeyInit_buffer_sent < 19) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Need to be called again to complete this");
@@ -419,7 +420,7 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
}
if(session->pkeyInit_state == libssh2_NB_state_sent3) {
while(1) {
for(;;) {
unsigned char *s;
rc = publickey_packet_receive(session->pkeyInit_pkey,
&session->pkeyInit_data,
@@ -511,16 +512,16 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
session->pkeyInit_pkey->version = _libssh2_ntohu32(s);
if(session->pkeyInit_pkey->version >
LIBSSH2_PUBLICKEY_VERSION) {
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Truncate remote publickey version "
"from %lu",
session->pkeyInit_pkey->version);
session->pkeyInit_pkey->version));
session->pkeyInit_pkey->version =
LIBSSH2_PUBLICKEY_VERSION;
}
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Enabling publickey subsystem version %lu",
session->pkeyInit_pkey->version);
session->pkeyInit_pkey->version));
LIBSSH2_FREE(session, session->pkeyInit_data);
session->pkeyInit_data = NULL;
session->pkeyInit_state = libssh2_NB_state_idle;
@@ -538,7 +539,7 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
}
/* Never reached except by direct goto */
err_exit:
err_exit:
session->pkeyInit_state = libssh2_NB_state_sent4;
if(session->pkeyInit_channel) {
rc = _libssh2_channel_close(session->pkeyInit_channel);
@@ -607,8 +608,8 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
if(pkey->add_state == libssh2_NB_state_idle) {
pkey->add_packet = NULL;
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, "Adding %s publickey",
name);
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Adding %s publickey", name));
if(pkey->version == 1) {
for(i = 0; i < num_attrs; i++) {
@@ -639,25 +640,25 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
}
pkey->add_s = pkey->add_packet;
_libssh2_htonu32(pkey->add_s, packet_len - 4);
_libssh2_htonu32(pkey->add_s, (uint32_t)(packet_len - 4));
pkey->add_s += 4;
_libssh2_htonu32(pkey->add_s, sizeof("add") - 1);
pkey->add_s += 4;
memcpy(pkey->add_s, "add", sizeof("add") - 1);
pkey->add_s += sizeof("add") - 1;
if(pkey->version == 1) {
_libssh2_htonu32(pkey->add_s, comment_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)comment_len);
pkey->add_s += 4;
if(comment) {
memcpy(pkey->add_s, comment, comment_len);
pkey->add_s += comment_len;
}
_libssh2_htonu32(pkey->add_s, name_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)name_len);
pkey->add_s += 4;
memcpy(pkey->add_s, name, name_len);
pkey->add_s += name_len;
_libssh2_htonu32(pkey->add_s, blob_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)blob_len);
pkey->add_s += 4;
memcpy(pkey->add_s, blob, blob_len);
pkey->add_s += blob_len;
@@ -665,23 +666,23 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
else {
/* Version == 2 */
_libssh2_htonu32(pkey->add_s, name_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)name_len);
pkey->add_s += 4;
memcpy(pkey->add_s, name, name_len);
pkey->add_s += name_len;
_libssh2_htonu32(pkey->add_s, blob_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)blob_len);
pkey->add_s += 4;
memcpy(pkey->add_s, blob, blob_len);
pkey->add_s += blob_len;
*(pkey->add_s++) = overwrite ? 0x01 : 0;
_libssh2_htonu32(pkey->add_s, num_attrs);
_libssh2_htonu32(pkey->add_s, (uint32_t)num_attrs);
pkey->add_s += 4;
for(i = 0; i < num_attrs; i++) {
_libssh2_htonu32(pkey->add_s, attrs[i].name_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)attrs[i].name_len);
pkey->add_s += 4;
memcpy(pkey->add_s, attrs[i].name, attrs[i].name_len);
pkey->add_s += attrs[i].name_len;
_libssh2_htonu32(pkey->add_s, attrs[i].value_len);
_libssh2_htonu32(pkey->add_s, (uint32_t)attrs[i].value_len);
pkey->add_s += 4;
memcpy(pkey->add_s, attrs[i].value, attrs[i].value_len);
pkey->add_s += attrs[i].value_len;
@@ -689,21 +690,22 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
}
}
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Sending publickey \"add\" packet: "
"type=%s blob_len=%ld num_attrs=%ld",
name, blob_len, num_attrs);
name, blob_len, num_attrs));
pkey->add_state = libssh2_NB_state_created;
}
if(pkey->add_state == libssh2_NB_state_created) {
rc = _libssh2_channel_write(channel, 0, pkey->add_packet,
ssize_t nwritten;
nwritten = _libssh2_channel_write(channel, 0, pkey->add_packet,
(pkey->add_s - pkey->add_packet));
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
if(nwritten == LIBSSH2_ERROR_EAGAIN) {
return (int)nwritten;
}
else if((pkey->add_s - pkey->add_packet) != rc) {
else if((pkey->add_s - pkey->add_packet) != nwritten) {
LIBSSH2_FREE(session, pkey->add_packet);
pkey->add_packet = NULL;
return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
@@ -758,36 +760,37 @@ libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY * pkey,
}
pkey->remove_s = pkey->remove_packet;
_libssh2_htonu32(pkey->remove_s, packet_len - 4);
_libssh2_htonu32(pkey->remove_s, (uint32_t)(packet_len - 4));
pkey->remove_s += 4;
_libssh2_htonu32(pkey->remove_s, sizeof("remove") - 1);
pkey->remove_s += 4;
memcpy(pkey->remove_s, "remove", sizeof("remove") - 1);
pkey->remove_s += sizeof("remove") - 1;
_libssh2_htonu32(pkey->remove_s, name_len);
_libssh2_htonu32(pkey->remove_s, (uint32_t)name_len);
pkey->remove_s += 4;
memcpy(pkey->remove_s, name, name_len);
pkey->remove_s += name_len;
_libssh2_htonu32(pkey->remove_s, blob_len);
_libssh2_htonu32(pkey->remove_s, (uint32_t)blob_len);
pkey->remove_s += 4;
memcpy(pkey->remove_s, blob, blob_len);
pkey->remove_s += blob_len;
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Sending publickey \"remove\" packet: "
"type=%s blob_len=%ld",
name, blob_len);
name, blob_len));
pkey->remove_state = libssh2_NB_state_created;
}
if(pkey->remove_state == libssh2_NB_state_created) {
rc = _libssh2_channel_write(channel, 0, pkey->remove_packet,
ssize_t nwritten;
nwritten = _libssh2_channel_write(channel, 0, pkey->remove_packet,
(pkey->remove_s - pkey->remove_packet));
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
if(nwritten == LIBSSH2_ERROR_EAGAIN) {
return (int)nwritten;
}
else if((pkey->remove_s - pkey->remove_packet) != rc) {
else if((pkey->remove_s - pkey->remove_packet) != nwritten) {
LIBSSH2_FREE(session, pkey->remove_packet);
pkey->remove_packet = NULL;
pkey->remove_state = libssh2_NB_state_idle;
@@ -835,28 +838,29 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys,
pkey->listFetch_data = NULL;
pkey->listFetch_s = pkey->listFetch_buffer;
_libssh2_htonu32(pkey->listFetch_s, buffer_len - 4);
_libssh2_htonu32(pkey->listFetch_s, (uint32_t)(buffer_len - 4));
pkey->listFetch_s += 4;
_libssh2_htonu32(pkey->listFetch_s, sizeof("list") - 1);
pkey->listFetch_s += 4;
memcpy(pkey->listFetch_s, "list", sizeof("list") - 1);
pkey->listFetch_s += sizeof("list") - 1;
_libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
"Sending publickey \"list\" packet");
_libssh2_debug((session, LIBSSH2_TRACE_PUBLICKEY,
"Sending publickey \"list\" packet"));
pkey->listFetch_state = libssh2_NB_state_created;
}
if(pkey->listFetch_state == libssh2_NB_state_created) {
rc = _libssh2_channel_write(channel, 0,
ssize_t nwritten;
nwritten = _libssh2_channel_write(channel, 0,
pkey->listFetch_buffer,
(pkey->listFetch_s -
pkey->listFetch_buffer));
if(rc == LIBSSH2_ERROR_EAGAIN) {
return rc;
if(nwritten == LIBSSH2_ERROR_EAGAIN) {
return (int)nwritten;
}
else if((pkey->listFetch_s - pkey->listFetch_buffer) != rc) {
else if((pkey->listFetch_s - pkey->listFetch_buffer) != nwritten) {
pkey->listFetch_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
"Unable to send publickey list packet");
@@ -865,7 +869,7 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys,
pkey->listFetch_state = libssh2_NB_state_sent;
}
while(1) {
for(;;) {
rc = publickey_packet_receive(pkey, &pkey->listFetch_data,
&pkey->listFetch_data_len);
if(rc == LIBSSH2_ERROR_EAGAIN) {
@@ -1197,7 +1201,7 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys,
}
/* Only reached via explicit goto */
err_exit:
err_exit:
if(pkey->listFetch_data) {
LIBSSH2_FREE(session, pkey->listFetch_data);
pkey->listFetch_data = NULL;

144
libssh2/src/scp.c
View File

@@ -37,12 +37,19 @@
*/
#include "libssh2_priv.h"
#include <errno.h>
#include <stdlib.h>
#include "channel.h"
#include "session.h"
#include <stdlib.h> /* strtoll(), _strtoi64(), strtol() */
#if defined(HAVE_STRTOLL)
#define scpsize_strtol strtoll
#elif defined(HAVE_STRTOI64)
#define scpsize_strtol _strtoi64
#else
#define scpsize_strtol strtol
#endif
/* Max. length of a quoted string after libssh2_shell_quotearg() processing */
#define _libssh2_shell_quotedsize(s) (3 * strlen(s) + 2)
@@ -112,7 +119,7 @@
References:
o csh-compatible quotation (special handling for '!' etc.), see
http://www.grymoire.com/Unix/Csh.html#toc-uh-10
https://www.grymoire.com/Unix/Csh.html#toc-uh-10
Return value:
Length of the resulting string (not counting the terminating '\0'),
@@ -122,9 +129,9 @@
until then it is kept static and in this source file.
*/
static unsigned
static size_t
shell_quotearg(const char *path, unsigned char *buf,
unsigned bufsize)
size_t bufsize)
{
const char *src;
unsigned char *dst, *endp;
@@ -270,7 +277,7 @@ shell_quotearg(const char *path, unsigned char *buf,
static LIBSSH2_CHANNEL *
scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
{
int cmd_len;
size_t cmd_len;
int rc;
int tmp_err_code;
const char *tmp_err_msg;
@@ -282,7 +289,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
session->scpRecv_atime = 0;
session->scpRecv_command_len =
_libssh2_shell_quotedsize(path) + sizeof("scp -f ") + (sb?1:0);
_libssh2_shell_quotedsize(path) + sizeof("scp -f ") + (sb ? 1 : 0);
session->scpRecv_command =
LIBSSH2_ALLOC(session, session->scpRecv_command_len);
@@ -296,18 +303,30 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
snprintf((char *)session->scpRecv_command,
session->scpRecv_command_len,
"scp -%sf ", sb?"p":"");
"scp -%sf ", sb ? "p" : "");
cmd_len = strlen((char *)session->scpRecv_command);
if(!session->flag.quote_paths) {
size_t path_len;
path_len = strlen(path);
/* no NUL-termination needed, so memcpy will do */
memcpy(&session->scpRecv_command[cmd_len], path, path_len);
cmd_len += path_len;
}
else {
cmd_len += shell_quotearg(path,
&session->scpRecv_command[cmd_len],
session->scpRecv_command_len - cmd_len);
}
/* the command to exec should _not_ be NUL-terminated */
session->scpRecv_command_len = cmd_len;
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
"Opening channel for SCP receive");
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"Opening channel for SCP receive"));
session->scpRecv_state = libssh2_NB_state_created;
}
@@ -356,7 +375,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
LIBSSH2_FREE(session, session->scpRecv_command);
session->scpRecv_command = NULL;
_libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sending initial wakeup");
_libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sending initial wakeup"));
/* SCP ACK */
session->scpRecv_response[0] = '\0';
@@ -364,7 +383,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
}
if(session->scpRecv_state == libssh2_NB_state_sent1) {
rc = _libssh2_channel_write(session->scpRecv_channel, 0,
rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0,
session->scpRecv_response, 1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
@@ -388,10 +407,11 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
unsigned char *s, *p;
if(session->scpRecv_state == libssh2_NB_state_sent2) {
rc = _libssh2_channel_read(session->scpRecv_channel, 0,
rc = (int)_libssh2_channel_read(session->scpRecv_channel, 0,
(char *) session->
scpRecv_response +
session->scpRecv_response_len, 1);
session->scpRecv_response_len,
1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block waiting for SCP response");
@@ -435,9 +455,9 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
/* zero terminate the error */
err_msg[err_len] = 0;
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"got %02x %s", session->scpRecv_response[0],
err_msg);
err_msg));
_libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL,
"Failed to recv file");
@@ -550,7 +570,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
}
if(session->scpRecv_state == libssh2_NB_state_sent3) {
rc = _libssh2_channel_write(session->scpRecv_channel, 0,
rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0,
session->scpRecv_response, 1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
@@ -561,9 +581,10 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
goto scp_recv_error;
}
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"mtime = %ld, atime = %ld",
session->scpRecv_mtime, session->scpRecv_atime);
session->scpRecv_mtime,
session->scpRecv_atime));
/* We *should* check that atime.usec is valid, but why let
that stop use? */
@@ -586,17 +607,18 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
char *s, *p, *e = NULL;
if(session->scpRecv_state == libssh2_NB_state_sent5) {
rc = _libssh2_channel_read(session->scpRecv_channel, 0,
rc = (int)_libssh2_channel_read(session->scpRecv_channel, 0,
(char *) session->
scpRecv_response +
session->scpRecv_response_len, 1);
session->scpRecv_response_len,
1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block waiting for SCP response");
return NULL;
}
else if(rc < 0) {
/* error, bail out*/
/* error, bail out */
_libssh2_error(session, rc, "Failed reading SCP response");
goto scp_recv_error;
}
@@ -678,7 +700,6 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
*(p++) = '\0';
/* Make sure we don't get fooled by leftover values */
session->scpRecv_mode = strtol(s, &e, 8);
if(e && *e) {
_libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL,
@@ -713,7 +734,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
}
if(session->scpRecv_state == libssh2_NB_state_sent6) {
rc = _libssh2_channel_write(session->scpRecv_channel, 0,
rc = (int)_libssh2_channel_write(session->scpRecv_channel, 0,
session->scpRecv_response, 1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
@@ -723,9 +744,9 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
else if(rc != 1) {
goto scp_recv_error;
}
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"mode = 0%lo size = %ld", session->scpRecv_mode,
session->scpRecv_size);
session->scpRecv_size));
/* We *should* check that basename is valid, but why let that
stop us? */
@@ -748,7 +769,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
session->scpRecv_state = libssh2_NB_state_idle;
return session->scpRecv_channel;
scp_recv_empty_channel:
scp_recv_empty_channel:
/* the code only jumps here as a result of a zero read from channel_read()
so we check EOF status to avoid getting stuck in a loop */
if(libssh2_channel_eof(session->scpRecv_channel))
@@ -757,7 +778,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
else
return session->scpRecv_channel;
/* fall-through */
scp_recv_error:
scp_recv_error:
tmp_err_code = session->err_code;
tmp_err_msg = session->err_msg;
while(libssh2_channel_free(session->scpRecv_channel) ==
@@ -780,7 +801,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
*
*/
LIBSSH2_API LIBSSH2_CHANNEL *
libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat * sb)
libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat *sb)
{
LIBSSH2_CHANNEL *ptr;
@@ -823,7 +844,7 @@ libssh2_scp_recv2(LIBSSH2_SESSION *session, const char *path,
}
/*
* scp_send()
* scp_send
*
* Send a file using SCP
*
@@ -832,7 +853,7 @@ static LIBSSH2_CHANNEL *
scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
libssh2_int64_t size, time_t mtime, time_t atime)
{
int cmd_len;
size_t cmd_len;
int rc;
int tmp_err_code;
const char *tmp_err_msg;
@@ -840,7 +861,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
if(session->scpSend_state == libssh2_NB_state_idle) {
session->scpSend_command_len =
_libssh2_shell_quotedsize(path) + sizeof("scp -t ") +
((mtime || atime)?1:0);
((mtime || atime) ? 1 : 0);
session->scpSend_command =
LIBSSH2_ALLOC(session, session->scpSend_command_len);
@@ -854,18 +875,31 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
snprintf((char *)session->scpSend_command,
session->scpSend_command_len,
"scp -%st ", (mtime || atime)?"p":"");
"scp -%st ", (mtime || atime) ? "p" : "");
cmd_len = strlen((char *)session->scpSend_command);
if(!session->flag.quote_paths) {
size_t path_len;
path_len = strlen(path);
/* no NUL-termination needed, so memcpy will do */
memcpy(&session->scpSend_command[cmd_len], path, path_len);
cmd_len += path_len;
}
else {
cmd_len += shell_quotearg(path,
&session->scpSend_command[cmd_len],
session->scpSend_command_len - cmd_len);
}
/* the command to exec should _not_ be NUL-terminated */
session->scpSend_command_len = cmd_len;
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
"Opening channel for SCP send");
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"Opening channel for SCP send"));
/* Allocate a channel */
session->scpSend_state = libssh2_NB_state_created;
@@ -922,7 +956,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
if(session->scpSend_state == libssh2_NB_state_sent1) {
/* Wait for ACK */
rc = _libssh2_channel_read(session->scpSend_channel, 0,
rc = (int)_libssh2_channel_read(session->scpSend_channel, 0,
(char *) session->scpSend_response, 1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
@@ -936,7 +970,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
else if(!rc)
/* remain in the same state */
goto scp_send_empty_channel;
else if(session->scpSend_response[0] != 0) {
else if(session->scpSend_response[0]) {
_libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL,
"Invalid ACK response from remote");
goto scp_send_error;
@@ -947,8 +981,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
snprintf((char *) session->scpSend_response,
LIBSSH2_SCP_RESPONSE_BUFLEN, "T%ld 0 %ld 0\n",
(long)mtime, (long)atime);
_libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sent %s",
session->scpSend_response);
_libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sent %s",
session->scpSend_response));
}
session->scpSend_state = libssh2_NB_state_sent2;
@@ -957,7 +991,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
/* Send mtime and atime to be used for file */
if(mtime || atime) {
if(session->scpSend_state == libssh2_NB_state_sent2) {
rc = _libssh2_channel_write(session->scpSend_channel, 0,
rc = (int)_libssh2_channel_write(session->scpSend_channel, 0,
session->scpSend_response,
session->scpSend_response_len);
if(rc == LIBSSH2_ERROR_EAGAIN) {
@@ -976,8 +1010,9 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
if(session->scpSend_state == libssh2_NB_state_sent3) {
/* Wait for ACK */
rc = _libssh2_channel_read(session->scpSend_channel, 0,
(char *) session->scpSend_response, 1);
rc = (int)_libssh2_channel_read(session->scpSend_channel, 0,
(char *) session->scpSend_response,
1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block waiting for response");
@@ -990,7 +1025,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
else if(!rc)
/* remain in the same state */
goto scp_send_empty_channel;
else if(session->scpSend_response[0] != 0) {
else if(session->scpSend_response[0]) {
_libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL,
"Invalid SCP ACK response");
goto scp_send_error;
@@ -1018,14 +1053,14 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
LIBSSH2_SCP_RESPONSE_BUFLEN, "C0%o %"
LIBSSH2_INT64_T_FORMAT " %s\n", mode,
size, base);
_libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sent %s",
session->scpSend_response);
_libssh2_debug((session, LIBSSH2_TRACE_SCP, "Sent %s",
session->scpSend_response));
session->scpSend_state = libssh2_NB_state_sent5;
}
if(session->scpSend_state == libssh2_NB_state_sent5) {
rc = _libssh2_channel_write(session->scpSend_channel, 0,
rc = (int)_libssh2_channel_write(session->scpSend_channel, 0,
session->scpSend_response,
session->scpSend_response_len);
if(rc == LIBSSH2_ERROR_EAGAIN) {
@@ -1044,8 +1079,9 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
if(session->scpSend_state == libssh2_NB_state_sent6) {
/* Wait for ACK */
rc = _libssh2_channel_read(session->scpSend_channel, 0,
(char *) session->scpSend_response, 1);
rc = (int)_libssh2_channel_read(session->scpSend_channel, 0,
(char *) session->scpSend_response,
1);
if(rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block waiting for response");
@@ -1059,7 +1095,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
else if(rc == 0)
goto scp_send_empty_channel;
else if(session->scpSend_response[0] != 0) {
else if(session->scpSend_response[0]) {
size_t err_len;
char *err_msg;
@@ -1073,13 +1109,13 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
}
/* Read the remote error message */
rc = _libssh2_channel_read(session->scpSend_channel, 0,
rc = (int)_libssh2_channel_read(session->scpSend_channel, 0,
err_msg, err_len);
if(rc > 0) {
err_msg[err_len] = 0;
_libssh2_debug(session, LIBSSH2_TRACE_SCP,
_libssh2_debug((session, LIBSSH2_TRACE_SCP,
"got %02x %s", session->scpSend_response[0],
err_msg);
err_msg));
}
LIBSSH2_FREE(session, err_msg);
_libssh2_error(session, LIBSSH2_ERROR_SCP_PROTOCOL,
@@ -1091,7 +1127,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
session->scpSend_state = libssh2_NB_state_idle;
return session->scpSend_channel;
scp_send_empty_channel:
scp_send_empty_channel:
/* the code only jumps here as a result of a zero read from channel_read()
so we check EOF status to avoid getting stuck in a loop */
if(libssh2_channel_eof(session->scpSend_channel)) {
@@ -1101,7 +1137,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
else
return session->scpSend_channel;
/* fall-through */
scp_send_error:
scp_send_error:
tmp_err_code = session->err_code;
tmp_err_msg = session->err_msg;
while(libssh2_channel_free(session->scpSend_channel) ==

393
libssh2/src/session.c
View File

@@ -38,32 +38,40 @@
*/
#include "libssh2_priv.h"
#include <errno.h>
#ifdef WIN32
#include <ws2tcpip.h> /* for socklen_t */
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <stdlib.h>
#include <fcntl.h>
#ifdef HAVE_GETTIMEOFDAY
#include <sys/time.h>
#endif
#ifdef HAVE_ALLOCA_H
#include <alloca.h>
#endif
#include <errno.h>
#include <stdlib.h>
#include <fcntl.h>
#include "transport.h"
#include "session.h"
#include "channel.h"
#include "mac.h"
#include "misc.h"
#if defined(WIN32)
#define libssh2_usec_t long
#elif defined(__APPLE__)
#define libssh2_usec_t suseconds_t
#else
#undef libssh2_usec_t
#endif
/* libssh2_default_alloc
*/
static
LIBSSH2_ALLOC_FUNC(libssh2_default_alloc)
{
(void) abstract;
(void)abstract;
return malloc(count);
}
@@ -72,7 +80,7 @@ LIBSSH2_ALLOC_FUNC(libssh2_default_alloc)
static
LIBSSH2_FREE_FUNC(libssh2_default_free)
{
(void) abstract;
(void)abstract;
free(ptr);
}
@@ -81,7 +89,7 @@ LIBSSH2_FREE_FUNC(libssh2_default_free)
static
LIBSSH2_REALLOC_FUNC(libssh2_default_realloc)
{
(void) abstract;
(void)abstract;
return realloc(ptr, count);
}
@@ -96,8 +104,8 @@ LIBSSH2_REALLOC_FUNC(libssh2_default_realloc)
static int
banner_receive(LIBSSH2_SESSION * session)
{
int ret;
int banner_len;
ssize_t ret;
size_t banner_len;
if(session->banner_TxRx_state == libssh2_NB_state_idle) {
banner_len = 0;
@@ -108,7 +116,7 @@ banner_receive(LIBSSH2_SESSION * session)
banner_len = session->banner_TxRx_total_send;
}
while((banner_len < (int) sizeof(session->banner_TxRx_banner)) &&
while((banner_len < sizeof(session->banner_TxRx_banner)) &&
((banner_len == 0)
|| (session->banner_TxRx_banner[banner_len - 1] != '\n'))) {
char c = '\0';
@@ -121,12 +129,12 @@ banner_receive(LIBSSH2_SESSION * session)
if(ret < 0) {
if(session->api_block_mode || (ret != -EAGAIN))
/* ignore EAGAIN when non-blocking */
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
"Error recving %d bytes: %d", 1, -ret);
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Error recving %d bytes: %d", 1, (int)-ret));
}
else
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
"Recved %d bytes banner", ret);
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Recved %d bytes banner", (int)ret));
if(ret < 0) {
if(ret == -EAGAIN) {
@@ -147,6 +155,10 @@ banner_receive(LIBSSH2_SESSION * session)
return LIBSSH2_ERROR_SOCKET_DISCONNECT;
}
if((c == '\r' || c == '\n') && banner_len == 0) {
continue;
}
if(c == '\0') {
/* NULLs are not allowed in SSH banners */
session->banner_TxRx_state = libssh2_NB_state_idle;
@@ -180,8 +192,8 @@ banner_receive(LIBSSH2_SESSION * session)
}
memcpy(session->remote.banner, session->banner_TxRx_banner, banner_len);
session->remote.banner[banner_len] = '\0';
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Received Banner: %s",
session->remote.banner);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Received Banner: %s",
session->remote.banner));
return LIBSSH2_ERROR_NONE;
}
@@ -199,11 +211,8 @@ static int
banner_send(LIBSSH2_SESSION * session)
{
char *banner = (char *) LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF;
int banner_len = sizeof(LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF) - 1;
size_t banner_len = sizeof(LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF) - 1;
ssize_t ret;
#ifdef LIBSSH2DEBUG
char banner_dup[256];
#endif
if(session->banner_TxRx_state == libssh2_NB_state_idle) {
if(session->local.banner) {
@@ -212,6 +221,9 @@ banner_send(LIBSSH2_SESSION * session)
banner = (char *) session->local.banner;
}
#ifdef LIBSSH2DEBUG
{
char banner_dup[256];
/* Hack and slash to avoid sending CRLF in debug output */
if(banner_len < 256) {
memcpy(banner_dup, banner, banner_len - 2);
@@ -222,8 +234,9 @@ banner_send(LIBSSH2_SESSION * session)
banner_dup[255] = '\0';
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Sending Banner: %s",
banner_dup);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Sending Banner: %s", banner_dup));
}
#endif
session->banner_TxRx_state = libssh2_NB_state_created;
@@ -237,16 +250,16 @@ banner_send(LIBSSH2_SESSION * session)
banner_len - session->banner_TxRx_total_send,
LIBSSH2_SOCKET_SEND_FLAGS(session));
if(ret < 0)
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Error sending %d bytes: %d",
banner_len - session->banner_TxRx_total_send, -ret);
banner_len - session->banner_TxRx_total_send, -ret));
else
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Sent %d/%d bytes at %p+%d", ret,
banner_len - session->banner_TxRx_total_send,
banner, session->banner_TxRx_total_send);
banner, session->banner_TxRx_total_send));
if(ret != (banner_len - session->banner_TxRx_total_send)) {
if(ret != (ssize_t)(banner_len - session->banner_TxRx_total_send)) {
if(ret >= 0 || ret == -EAGAIN) {
/* the whole packet could not be sent, save the what was */
session->socket_block_directions =
@@ -276,8 +289,6 @@ static int
session_nonblock(libssh2_socket_t sockfd, /* operate on this */
int nonblock /* TRUE or FALSE */ )
{
#undef SETBLOCK
#define SETBLOCK 0
#ifdef HAVE_O_NONBLOCK
/* most recent unix versions */
int flags;
@@ -287,66 +298,39 @@ session_nonblock(libssh2_socket_t sockfd, /* operate on this */
return fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
else
return fcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK));
#undef SETBLOCK
#define SETBLOCK 1
#endif
#if defined(HAVE_FIONBIO) && (SETBLOCK == 0)
/* older unix versions and VMS*/
#elif defined(HAVE_FIONBIO)
/* older unix versions and VMS */
int flags;
flags = nonblock;
return ioctl(sockfd, FIONBIO, &flags);
#undef SETBLOCK
#define SETBLOCK 2
#endif
#if defined(HAVE_IOCTLSOCKET) && (SETBLOCK == 0)
/* Windows? */
unsigned long flags;
flags = nonblock;
return ioctlsocket(sockfd, FIONBIO, &flags);
#undef SETBLOCK
#define SETBLOCK 3
#endif
#if defined(HAVE_IOCTLSOCKET_CASE) && (SETBLOCK == 0)
#elif defined(HAVE_IOCTLSOCKET_CASE)
/* presumably for Amiga */
return IoctlSocket(sockfd, FIONBIO, (long) nonblock);
#undef SETBLOCK
#define SETBLOCK 4
#endif
#if defined(HAVE_SO_NONBLOCK) && (SETBLOCK == 0)
#elif defined(HAVE_SO_NONBLOCK)
/* BeOS */
long b = nonblock ? 1 : 0;
return setsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b));
#undef SETBLOCK
#define SETBLOCK 5
#endif
#elif defined(WIN32)
unsigned long flags;
#ifdef HAVE_DISABLED_NONBLOCKING
flags = nonblock;
return ioctlsocket(sockfd, FIONBIO, &flags);
#else
(void)sockfd;
(void)nonblock;
return 0; /* returns success */
#undef SETBLOCK
#define SETBLOCK 6
#endif
#if(SETBLOCK == 0)
#error "no non-blocking method was found/used/set"
#endif
}
/*
* get_socket_nonblocking()
* get_socket_nonblocking
*
* gets the given blocking or non-blocking state of the socket.
*/
static int
get_socket_nonblocking(int sockfd)
get_socket_nonblocking(libssh2_socket_t sockfd)
{ /* operate on this */
#undef GETBLOCK
#define GETBLOCK 0
#ifdef HAVE_O_NONBLOCK
/* most recent unix versions */
int flags = fcntl(sockfd, F_GETFL, 0);
@@ -356,26 +340,7 @@ get_socket_nonblocking(int sockfd)
return 1;
}
return (flags & O_NONBLOCK);
#undef GETBLOCK
#define GETBLOCK 1
#endif
#if defined(WSAEWOULDBLOCK) && (GETBLOCK == 0)
/* Windows? */
unsigned int option_value;
socklen_t option_len = sizeof(option_value);
if(getsockopt
(sockfd, SOL_SOCKET, SO_ERROR, (void *) &option_value, &option_len)) {
/* Assume blocking on error */
return 1;
}
return (int) option_value;
#undef GETBLOCK
#define GETBLOCK 2
#endif
#if defined(HAVE_SO_NONBLOCK) && (GETBLOCK == 0)
#elif defined(HAVE_SO_NONBLOCK)
/* BeOS */
long b;
if(getsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b))) {
@@ -383,12 +348,7 @@ get_socket_nonblocking(int sockfd)
return 1;
}
return (int) b;
#undef GETBLOCK
#define GETBLOCK 5
#endif
#if defined(SO_STATE) && defined(__VMS) && (GETBLOCK == 0)
#elif defined(SO_STATE) && defined(__VMS)
/* VMS TCP/IP Services */
size_t sockstat = 0;
@@ -397,22 +357,26 @@ get_socket_nonblocking(int sockfd)
callstat = getsockopt(sockfd, SOL_SOCKET, SO_STATE,
(char *)&sockstat, &size);
if(callstat == -1) return 0;
if((sockstat&SS_NBIO) != 0) return 1;
if(callstat == -1) {
return 0;
}
if((sockstat&SS_NBIO) != 0) {
return 1;
}
return 0;
#elif defined(WIN32)
unsigned int option_value;
socklen_t option_len = sizeof(option_value);
#undef GETBLOCK
#define GETBLOCK 6
#endif
#ifdef HAVE_DISABLED_NONBLOCKING
if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR,
(void *) &option_value, &option_len)) {
/* Assume blocking on error */
return 1;
}
return (int) option_value;
#else
(void)sockfd;
return 1; /* returns blocking */
#undef GETBLOCK
#define GETBLOCK 7
#endif
#if(GETBLOCK == 0)
#error "no non-blocking method was found/used/get"
#endif
}
@@ -442,8 +406,8 @@ libssh2_session_banner_set(LIBSSH2_SESSION * session, const char *banner)
/* first zero terminate like this so that the debug output is nice */
session->local.banner[banner_len] = '\0';
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Setting local Banner: %s",
session->local.banner);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Setting local Banner: %s",
session->local.banner));
session->local.banner[banner_len++] = '\r';
session->local.banner[banner_len++] = '\n';
session->local.banner[banner_len] = '\0';
@@ -500,8 +464,11 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)),
session->abstract = abstract;
session->api_timeout = 0; /* timeout-free API by default */
session->api_block_mode = 1; /* blocking API by default */
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"New session resource allocated");
session->packet_read_timeout = LIBSSH2_DEFAULT_READ_TIMEOUT;
session->flag.quote_paths = 1; /* default behavior is to quote paths
for the scp subsystem */
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"New session resource allocated"));
_libssh2_init_if_needed();
}
return session;
@@ -516,8 +483,14 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)),
* ALERT: this function relies on that we can typecast function pointers
* to void pointers, which isn't allowed in ISO C!
*/
#ifdef _MSC_VER
#pragma warning(push)
/* nonstandard extension, function/data pointer conversion in expression */
#pragma warning(disable:4152)
#else
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wpedantic"
#endif
LIBSSH2_API void *
libssh2_session_callback_set(LIBSSH2_SESSION * session,
int cbtype, void *callback)
@@ -559,16 +532,35 @@ libssh2_session_callback_set(LIBSSH2_SESSION * session,
oldcb = session->recv;
session->recv = callback;
return oldcb;
case LIBSSH2_CALLBACK_AUTHAGENT:
oldcb = session->authagent;
session->authagent = callback;
return oldcb;
case LIBSSH2_CALLBACK_AUTHAGENT_IDENTITIES:
oldcb = session->addLocalIdentities;
session->addLocalIdentities = callback;
return oldcb;
case LIBSSH2_CALLBACK_AUTHAGENT_SIGN:
oldcb = session->agentSignCallback;
session->agentSignCallback = callback;
return oldcb;
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Setting Callback %d",
cbtype);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Setting Callback %d",
cbtype));
return NULL;
}
#ifdef _MSC_VER
#pragma warning(pop)
#else
#pragma GCC diagnostic pop
#endif
/*
* _libssh2_wait_socket()
* _libssh2_wait_socket
*
* Utility function that waits for action on the socket. Returns 0 when ready
* to run again or error on timeout.
@@ -598,8 +590,8 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time)
dir = libssh2_session_block_directions(session);
if(!dir) {
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
"Nothing to wait for in wait_socket");
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Nothing to wait for in wait_socket"));
/* To avoid that we hang below just because there's nothing set to
wait for, we timeout on 1 second to also avoid busy-looping
during this condition */
@@ -638,7 +630,7 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time)
if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND)
sockets[0].events |= POLLOUT;
rc = poll(sockets, 1, has_timeout?ms_to_next: -1);
rc = poll(sockets, 1, has_timeout ? (int)ms_to_next : -1);
}
#else
{
@@ -649,7 +641,11 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time)
struct timeval tv;
tv.tv_sec = ms_to_next / 1000;
#ifdef libssh2_usec_t
tv.tv_usec = (libssh2_usec_t)((ms_to_next - tv.tv_sec*1000) * 1000);
#else
tv.tv_usec = (ms_to_next - tv.tv_sec*1000) * 1000;
#endif
if(dir & LIBSSH2_SESSION_BLOCK_INBOUND) {
FD_ZERO(&rfd);
@@ -663,7 +659,7 @@ int _libssh2_wait_socket(LIBSSH2_SESSION *session, time_t start_time)
writefd = &wfd;
}
rc = select(session->socket_fd + 1, readfd, writefd, NULL,
rc = select((int)(session->socket_fd + 1), readfd, writefd, NULL,
has_timeout ? &tv : NULL);
}
#endif
@@ -685,8 +681,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
int rc;
if(session->startup_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"session_startup for socket %d", sock);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"session_startup for socket %d", sock));
if(LIBSSH2_INVALID_SOCKET == sock) {
/* Did we forget something? */
return _libssh2_error(session, LIBSSH2_ERROR_BAD_SOCKET,
@@ -730,7 +726,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
else if(rc)
return _libssh2_error(session, rc,
"Failed getting banner");
} while(strncmp("SSH-", (char *)session->remote.banner, 4));
} while(strncmp("SSH-", (const char *)session->remote.banner, 4));
session->startup_state = libssh2_NB_state_sent1;
}
@@ -747,8 +743,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
}
if(session->startup_state == libssh2_NB_state_sent2) {
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"Requesting userauth service");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Requesting userauth service"));
/* Request the userauth service */
session->startup_service[0] = SSH_MSG_SERVICE_REQUEST;
@@ -780,7 +776,9 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
&session->startup_data_len, 0, NULL, 0,
&session->startup_req_state);
if(rc)
return rc;
return _libssh2_error(session, rc,
"Failed to get response to "
"ssh-userauth request");
if(session->startup_data_len < 5) {
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
@@ -792,7 +790,8 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
if((session->startup_service_length != (sizeof("ssh-userauth") - 1))
|| strncmp("ssh-userauth", (char *) session->startup_data + 5,
|| strncmp("ssh-userauth",
(const char *) session->startup_data + 5,
session->startup_service_length)) {
LIBSSH2_FREE(session, session->startup_data);
session->startup_data = NULL;
@@ -812,7 +811,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
}
/*
* libssh2_session_handshake()
* libssh2_session_handshake
*
* session: LIBSSH2_SESSION struct allocated and owned by the calling program
* sock: *must* be populated with an opened and connected socket.
@@ -824,13 +823,13 @@ libssh2_session_handshake(LIBSSH2_SESSION *session, libssh2_socket_t sock)
{
int rc;
BLOCK_ADJUST(rc, session, session_startup(session, sock) );
BLOCK_ADJUST(rc, session, session_startup(session, sock));
return rc;
}
/*
* libssh2_session_startup()
* libssh2_session_startup
*
* DEPRECATED. Use libssh2_session_handshake() instead! This function is not
* portable enough.
@@ -847,7 +846,7 @@ libssh2_session_startup(LIBSSH2_SESSION *session, int sock)
}
/*
* libssh2_session_free
* session_free
*
* Frees the memory allocated to the session
* Also closes and frees any channels attached to this session
@@ -862,16 +861,16 @@ session_free(LIBSSH2_SESSION *session)
int packets_left = 0;
if(session->free_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Freeing session resource",
session->remote.banner);
session->remote.banner));
session->free_state = libssh2_NB_state_created;
}
if(session->free_state == libssh2_NB_state_created) {
while((ch = _libssh2_list_first(&session->channels))) {
/* !checksrc! disable EQUALSNULL 1 */
while((ch = _libssh2_list_first(&session->channels)) != NULL) {
rc = _libssh2_channel_free(ch);
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -881,7 +880,8 @@ session_free(LIBSSH2_SESSION *session)
}
if(session->free_state == libssh2_NB_state_sent) {
while((l = _libssh2_list_first(&session->listeners))) {
/* !checksrc! disable EQUALSNULL 1 */
while((l = _libssh2_list_first(&session->listeners)) != NULL) {
rc = _libssh2_channel_forward_cancel(l);
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -981,6 +981,12 @@ session_free(LIBSSH2_SESSION *session)
if(session->remote.lang_prefs) {
LIBSSH2_FREE(session, session->remote.lang_prefs);
}
if(session->server_sign_algorithms) {
LIBSSH2_FREE(session, session->server_sign_algorithms);
}
if(session->sign_algo_prefs) {
LIBSSH2_FREE(session, session->sign_algo_prefs);
}
/*
* Make sure all memory used in the state variables are free
@@ -994,6 +1000,9 @@ session_free(LIBSSH2_SESSION *session)
if(session->userauth_list_data) {
LIBSSH2_FREE(session, session->userauth_list_data);
}
if(session->userauth_banner) {
LIBSSH2_FREE(session, session->userauth_banner);
}
if(session->userauth_pswd_data) {
LIBSSH2_FREE(session, session->userauth_pswd_data);
}
@@ -1058,10 +1067,11 @@ session_free(LIBSSH2_SESSION *session)
}
/* Cleanup all remaining packets */
while((pkg = _libssh2_list_first(&session->packets))) {
/* !checksrc! disable EQUALSNULL 1 */
while((pkg = _libssh2_list_first(&session->packets)) != NULL) {
packets_left++;
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"packet left with id %d", pkg->data[0]);
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"packet left with id %d", pkg->data[0]));
/* unlink the node */
_libssh2_list_remove(&pkg->node);
@@ -1069,15 +1079,16 @@ session_free(LIBSSH2_SESSION *session)
LIBSSH2_FREE(session, pkg->data);
LIBSSH2_FREE(session, pkg);
}
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"Extra packets left %d", packets_left);
(void)packets_left;
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Extra packets left %d", packets_left));
if(session->socket_prev_blockstate) {
/* if the socket was previously blocking, put it back so */
rc = session_nonblock(session->socket_fd, 0);
if(rc) {
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
"unable to reset socket's blocking state");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"unable to reset socket's blocking state"));
}
}
@@ -1107,13 +1118,13 @@ libssh2_session_free(LIBSSH2_SESSION * session)
{
int rc;
BLOCK_ADJUST(rc, session, session_free(session) );
BLOCK_ADJUST(rc, session, session_free(session));
return rc;
}
/*
* libssh2_session_disconnect_ex
* session_disconnect
*/
static int
session_disconnect(LIBSSH2_SESSION *session, int reason,
@@ -1121,13 +1132,13 @@ session_disconnect(LIBSSH2_SESSION *session, int reason,
const char *lang)
{
unsigned char *s;
unsigned long descr_len = 0, lang_len = 0;
size_t descr_len = 0, lang_len = 0;
int rc;
if(session->disconnect_state == libssh2_NB_state_idle) {
_libssh2_debug(session, LIBSSH2_TRACE_TRANS,
_libssh2_debug((session, LIBSSH2_TRACE_TRANS,
"Disconnecting: reason=%d, desc=%s, lang=%s", reason,
description, lang);
description, lang));
if(description)
descr_len = strlen(description);
@@ -1138,6 +1149,10 @@ session_disconnect(LIBSSH2_SESSION *session, int reason,
return _libssh2_error(session, LIBSSH2_ERROR_INVAL,
"too long description");
if(lang_len > 256)
return _libssh2_error(session, LIBSSH2_ERROR_INVAL,
"too long language string");
/* 13 = packet_type(1) + reason code(4) + descr_len(4) + lang_len(4) */
session->disconnect_data_len = descr_len + lang_len + 13;
@@ -1147,14 +1162,14 @@ session_disconnect(LIBSSH2_SESSION *session, int reason,
_libssh2_store_u32(&s, reason);
_libssh2_store_str(&s, description, descr_len);
/* store length only, lang is sent separately */
_libssh2_store_u32(&s, lang_len);
_libssh2_store_u32(&s, (uint32_t)lang_len);
session->disconnect_state = libssh2_NB_state_created;
}
rc = _libssh2_transport_send(session, session->disconnect_data,
session->disconnect_data_len,
(unsigned char *)lang, lang_len);
(const unsigned char *)lang, lang_len);
if(rc == LIBSSH2_ERROR_EAGAIN)
return rc;
@@ -1303,7 +1318,7 @@ libssh2_session_last_error(LIBSSH2_SESSION * session, char **errmsg,
}
if(errmsg_len) {
*errmsg_len = msglen;
*errmsg_len = (int)msglen;
}
return session->err_code;
@@ -1336,7 +1351,7 @@ libssh2_session_set_last_error(LIBSSH2_SESSION* session,
LIBSSH2_ERR_FLAG_DUP);
}
/* Libssh2_session_flag
/* libssh2_session_flag
*
* Set/Get session flags
*
@@ -1352,6 +1367,9 @@ libssh2_session_flag(LIBSSH2_SESSION * session, int flag, int value)
case LIBSSH2_FLAG_COMPRESS:
session->flag.compress = value;
break;
case LIBSSH2_FLAG_QUOTE_PATHS:
session->flag.quote_paths = value;
break;
default:
/* unknown flag */
return LIBSSH2_ERROR_INVAL;
@@ -1370,8 +1388,8 @@ int
_libssh2_session_set_blocking(LIBSSH2_SESSION *session, int blocking)
{
int bl = session->api_block_mode;
_libssh2_debug(session, LIBSSH2_TRACE_CONN,
"Setting blocking mode %s", blocking?"ON":"OFF");
_libssh2_debug((session, LIBSSH2_TRACE_CONN,
"Setting blocking mode %s", blocking ? "ON" : "OFF"));
session->api_block_mode = blocking;
return bl;
@@ -1385,7 +1403,7 @@ _libssh2_session_set_blocking(LIBSSH2_SESSION *session, int blocking)
LIBSSH2_API void
libssh2_session_set_blocking(LIBSSH2_SESSION * session, int blocking)
{
(void) _libssh2_session_set_blocking(session, blocking);
(void)_libssh2_session_set_blocking(session, blocking);
}
/* libssh2_session_get_blocking
@@ -1420,6 +1438,30 @@ libssh2_session_get_timeout(LIBSSH2_SESSION * session)
return session->api_timeout;
}
/* libssh2_session_set_read_timeout
*
* Set a session's timeout (in sec) when reading packets,
* or 0 to use default of 60 seconds.
*/
LIBSSH2_API void
libssh2_session_set_read_timeout(LIBSSH2_SESSION * session, long timeout)
{
if(timeout <= 0) {
timeout = LIBSSH2_DEFAULT_READ_TIMEOUT;
}
session->packet_read_timeout = timeout;
}
/* libssh2_session_get_read_timeout
*
* Returns a session's timeout. Default is 60 seconds.
*/
LIBSSH2_API long
libssh2_session_get_read_timeout(LIBSSH2_SESSION * session)
{
return session->packet_read_timeout;
}
/*
* libssh2_poll_channel_read
*
@@ -1513,7 +1555,7 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout)
switch(fds[i].type) {
case LIBSSH2_POLLFD_SOCKET:
sockets[i].fd = fds[i].fd.socket;
sockets[i].events = fds[i].events;
sockets[i].events = (short)fds[i].events;
sockets[i].revents = 0;
break;
@@ -1675,23 +1717,15 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout)
}
#ifdef HAVE_POLL
#ifdef HAVE_LIBSSH2_GETTIMEOFDAY
{
struct timeval tv_begin, tv_end;
_libssh2_gettimeofday((struct timeval *) &tv_begin, NULL);
sysret = poll(sockets, nfds, timeout_remaining);
_libssh2_gettimeofday((struct timeval *) &tv_end, NULL);
gettimeofday(&tv_begin, NULL);
sysret = poll(sockets, nfds, (int)timeout_remaining);
gettimeofday(&tv_end, NULL);
timeout_remaining -= (tv_end.tv_sec - tv_begin.tv_sec) * 1000;
timeout_remaining -= (tv_end.tv_usec - tv_begin.tv_usec) / 1000;
}
#else
/* If the platform doesn't support gettimeofday,
* then just make the call non-blocking and walk away
*/
sysret = poll(sockets, nfds, timeout_remaining);
timeout_remaining = 0;
#endif /* HAVE_GETTIMEOFDAY */
if(sysret > 0) {
for(i = 0; i < nfds; i++) {
@@ -1738,24 +1772,17 @@ libssh2_poll(LIBSSH2_POLLFD * fds, unsigned int nfds, long timeout)
#elif defined(HAVE_SELECT)
tv.tv_sec = timeout_remaining / 1000;
tv.tv_usec = (timeout_remaining % 1000) * 1000;
#ifdef HAVE_LIBSSH2_GETTIMEOFDAY
{
struct timeval tv_begin, tv_end;
_libssh2_gettimeofday((struct timeval *) &tv_begin, NULL);
sysret = select(maxfd + 1, &rfds, &wfds, NULL, &tv);
_libssh2_gettimeofday((struct timeval *) &tv_end, NULL);
gettimeofday(&tv_begin, NULL);
sysret = select((int)(maxfd + 1), &rfds, &wfds, NULL, &tv);
gettimeofday(&tv_end, NULL);
timeout_remaining -= (tv_end.tv_sec - tv_begin.tv_sec) * 1000;
timeout_remaining -= (tv_end.tv_usec - tv_begin.tv_usec) / 1000;
}
#else
/* If the platform doesn't support gettimeofday,
* then just make the call non-blocking and walk away
*/
sysret = select(maxfd + 1, &rfds, &wfds, NULL, &tv);
timeout_remaining = 0;
#endif
if(sysret > 0) {
for(i = 0; i < nfds; i++) {
@@ -1822,10 +1849,10 @@ LIBSSH2_API const char *
libssh2_session_banner_get(LIBSSH2_SESSION *session)
{
/* to avoid a coredump when session is NULL */
if(NULL == session)
if(!session)
return NULL;
if(NULL == session->remote.banner)
if(!session->remote.banner)
return NULL;
return (const char *) session->remote.banner;

17
libssh2/src/session.h
View File

@@ -41,14 +41,13 @@
/* Conveniance-macros to allow code like this;
int rc = BLOCK_ADJUST(rc, session, session_startup(session, sock) );
int rc = BLOCK_ADJUST(rc, session, session_startup(session, sock));
int rc = BLOCK_ADJUST_ERRNO(ptr, session, session_startup(session, sock) );
int rc = BLOCK_ADJUST_ERRNO(ptr, session, session_startup(session, sock));
The point of course being to make sure that while in non-blocking mode
these always return no matter what the return code is, but in blocking mode
it blocks if EAGAIN is the reason for the return from the underlying
function.
The point being to make sure that while in non-blocking mode these always
return no matter what the return code is, but in blocking mode it blocks
if EAGAIN is the reason for the return from the underlying function.
*/
#define BLOCK_ADJUST(rc, sess, x) \
@@ -56,8 +55,8 @@
time_t entry_time = time(NULL); \
do { \
rc = x; \
/* the order of the check below is important to properly deal with \
the case when the 'sess' is freed */ \
/* the order of the check below is important to properly \
deal with the case when the 'sess' is freed */ \
if((rc != LIBSSH2_ERROR_EAGAIN) || !sess->api_block_mode) \
break; \
rc = _libssh2_wait_socket(sess, entry_time); \
@@ -78,7 +77,7 @@
ptr = x; \
if(!sess->api_block_mode || \
(ptr != NULL) || \
(libssh2_session_last_errno(sess) != LIBSSH2_ERROR_EAGAIN) ) \
(libssh2_session_last_errno(sess) != LIBSSH2_ERROR_EAGAIN)) \
break; \
rc = _libssh2_wait_socket(sess, entry_time); \
} while(!rc); \

689
libssh2/src/sftp.c
View File

File diff suppressed because it is too large Load Diff

11
libssh2/src/sftp.h
View File

@@ -67,10 +67,6 @@ struct sftp_zombie_requests {
uint32_t request_id;
};
#ifndef MIN
#define MIN(x,y) ((x)<(y)?(x):(y))
#endif
struct _LIBSSH2_SFTP_PACKET
{
struct list_node node; /* linked list header */
@@ -153,9 +149,10 @@ struct _LIBSSH2_SFTP
uint32_t last_errno;
/* Holder for partial packet, use in libssh2_sftp_packet_read() */
unsigned char partial_size[4]; /* buffer for size field */
size_t partial_size_len; /* size field length */
unsigned char *partial_packet; /* The data */
unsigned char packet_header[9];
/* packet size (4) packet type (1) request id (4) */
size_t packet_header_len; /* packet_header length */
unsigned char *partial_packet; /* The data, with header */
uint32_t partial_len; /* Desired number of bytes */
size_t partial_received; /* Bytes received so far */

368
libssh2/src/transport.c
View File

@@ -34,18 +34,16 @@
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*
*/
/*
* This file handles reading and writing to the SECSH transport layer. RFC4253.
*/
#include "libssh2_priv.h"
#include <errno.h>
#include <fcntl.h>
#include <ctype.h>
#ifdef LIBSSH2DEBUG
#include <stdio.h>
#endif
#include <errno.h>
#include <ctype.h>
#include <assert.h>
#include "transport.h"
@@ -118,29 +116,50 @@ debugdump(LIBSSH2_SESSION * session,
}
}
#else
#define debugdump(a,x,y,z)
#define debugdump(a,x,y,z) do {} while(0)
#endif
/* decrypt() decrypts 'len' bytes from 'source' to 'dest'.
/* decrypt() decrypts 'len' bytes from 'source' to 'dest' in units of
* blocksize.
*
* returns 0 on success and negative on failure
*/
static int
decrypt(LIBSSH2_SESSION * session, unsigned char *source,
unsigned char *dest, int len)
unsigned char *dest, ssize_t len, int firstlast)
{
struct transportpacket *p = &session->packet;
int blocksize = session->remote.crypt->blocksize;
/* if we get called with a len that isn't an even number of blocksizes
we risk losing those extra bytes */
we risk losing those extra bytes. AAD is an exception, since those first
few bytes aren't encrypted so it throws off the rest of the count. */
if(!CRYPT_FLAG_L(session, PKTLEN_AAD))
assert((len % blocksize) == 0);
while(len >= blocksize) {
if(session->remote.crypt->crypt(session, source, blocksize,
&session->remote.crypt_abstract)) {
while(len > 0) {
/* normally decrypt up to blocksize bytes at a time */
ssize_t decryptlen = LIBSSH2_MIN(blocksize, len);
/* The first block is special (since it needs to be decoded to get the
length of the remainder of the block) and takes priority. When the
length finally gets to the last blocksize bytes, and there's no
more data to come, it's the end. */
int lowerfirstlast = IS_FIRST(firstlast) ? FIRST_BLOCK :
((len <= blocksize) ? firstlast : MIDDLE_BLOCK);
/* If the last block would be less than a whole blocksize, combine it
with the previous block to make it larger. This ensures that the
whole MAC is included in a single decrypt call. */
if(CRYPT_FLAG_L(session, PKTLEN_AAD) && IS_LAST(firstlast)
&& (len < blocksize*2)) {
decryptlen = len;
lowerfirstlast = LAST_BLOCK;
}
if(session->remote.crypt->crypt(session, source, decryptlen,
&session->remote.crypt_abstract,
lowerfirstlast)) {
LIBSSH2_FREE(session, p->payload);
return LIBSSH2_ERROR_DECRYPT;
}
@@ -148,11 +167,11 @@ decrypt(LIBSSH2_SESSION * session, unsigned char *source,
/* if the crypt() function would write to a given address it
wouldn't have to memcpy() and we could avoid this memcpy()
too */
memcpy(dest, source, blocksize);
memcpy(dest, source, decryptlen);
len -= blocksize; /* less bytes left */
dest += blocksize; /* advance write pointer */
source += blocksize; /* advance read pointer */
len -= decryptlen; /* less bytes left */
dest += decryptlen; /* advance write pointer */
source += decryptlen; /* advance read pointer */
}
return LIBSSH2_ERROR_NONE; /* all is fine */
}
@@ -173,24 +192,84 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED;
session->fullpacket_payload_len = p->packet_length - 1;
if(encrypted) {
if(encrypted && !CRYPT_FLAG_L(session, INTEGRATED_MAC)) {
/* Calculate MAC hash */
session->remote.mac->hash(session, macbuf, /* store hash here */
int etm = session->remote.mac->etm;
size_t mac_len = session->remote.mac->mac_len;
if(etm) {
/* store hash here */
session->remote.mac->hash(session, macbuf,
session->remote.seqno,
p->payload, p->total_num - mac_len,
NULL, 0,
&session->remote.mac_abstract);
}
else {
/* store hash here */
session->remote.mac->hash(session, macbuf,
session->remote.seqno,
p->init, 5,
p->payload,
session->fullpacket_payload_len,
&session->remote.mac_abstract);
}
/* Compare the calculated hash with the MAC we just read from
* the network. The read one is at the very end of the payload
* buffer. Note that 'payload_len' here is the packet_length
* field which includes the padding but not the MAC.
*/
if(memcmp(macbuf, p->payload + session->fullpacket_payload_len,
session->remote.mac->mac_len)) {
if(memcmp(macbuf, p->payload + p->total_num - mac_len, mac_len)) {
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Failed MAC check"));
session->fullpacket_macstate = LIBSSH2_MAC_INVALID;
}
else if(etm) {
/* MAC was ok and we start by decrypting the first block that
contains padding length since this allows us to decrypt
all other blocks to the right location in memory
avoiding moving a larger block of memory one byte. */
unsigned char first_block[MAX_BLOCKSIZE];
ssize_t decrypt_size;
unsigned char *decrypt_buffer;
int blocksize = session->remote.crypt->blocksize;
rc = decrypt(session, p->payload + 4,
first_block, blocksize, FIRST_BLOCK);
if(rc) {
return rc;
}
/* we need buffer for decrypt */
decrypt_size = p->total_num - mac_len - 4;
decrypt_buffer = LIBSSH2_ALLOC(session, decrypt_size);
if(!decrypt_buffer) {
return LIBSSH2_ERROR_ALLOC;
}
/* grab padding length and copy anything else
into target buffer */
p->padding_length = first_block[0];
if(blocksize > 1) {
memcpy(decrypt_buffer, first_block + 1, blocksize - 1);
}
/* decrypt all other blocks packet */
if(blocksize < decrypt_size) {
rc = decrypt(session, p->payload + blocksize + 4,
decrypt_buffer + blocksize - 1,
decrypt_size - blocksize, LAST_BLOCK);
if(rc) {
LIBSSH2_FREE(session, decrypt_buffer);
return rc;
}
}
/* replace encrypted payload with plain text payload */
LIBSSH2_FREE(session, p->payload);
p->payload = decrypt_buffer;
}
}
@@ -200,8 +279,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
session->fullpacket_payload_len -= p->padding_length;
/* Check for and deal with decompression */
compressed =
session->local.comp != NULL &&
compressed = session->local.comp &&
session->local.comp->compress &&
((session->state & LIBSSH2_STATE_AUTHENTICATED) ||
session->local.comp->use_in_auth);
@@ -274,13 +352,19 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
{
int rc;
struct transportpacket *p = &session->packet;
int remainbuf;
int remainpack;
int numbytes;
int numdecrypt;
unsigned char block[MAX_BLOCKSIZE];
int blocksize;
int encrypted = 1;
ssize_t remainpack; /* how much there is left to add to the current payload
package */
ssize_t remainbuf; /* how much data there is remaining in the buffer to
deal with before we should read more from the
network */
ssize_t numbytes; /* how much data to deal with from the buffer on this
iteration through the loop */
ssize_t numdecrypt; /* number of bytes to decrypt this iteration */
unsigned char block[MAX_BLOCKSIZE]; /* working block buffer */
int blocksize; /* minimum number of bytes we need before we can
use them */
int encrypted = 1; /* whether the packet is encrypted or not */
int firstlast = FIRST_BLOCK; /* if the first or last block to decrypt */
/* default clear the bit */
session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_INBOUND;
@@ -303,8 +387,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
/* Whoever wants a packet won't get anything until the key re-exchange
* is done!
*/
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
" key re-exchange from _libssh2_transport_read");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
" key re-exchange from _libssh2_transport_read"));
rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
if(rc)
return rc;
@@ -322,6 +406,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
}
do {
int etm;
if(session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) {
return LIBSSH2_ERROR_SOCKET_DISCONNECT;
}
@@ -335,6 +420,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
make the checks below work fine still */
}
etm = encrypted && session->local.mac ? session->local.mac->etm : 0;
/* read/use a whole big chunk into a temporary area stored in
the LIBSSH2_SESSION struct. We will decrypt data from that
buffer into the packet buffer so this temp one doesn't have
@@ -366,8 +453,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
}
/* now read a big chunk from the network into the temp buffer */
nread =
LIBSSH2_RECV(session, &p->buf[remainbuf],
nread = LIBSSH2_RECV(session, &p->buf[remainbuf],
PACKETBUFSIZE - remainbuf,
LIBSSH2_SOCKET_RECV_FLAGS(session));
if(nread <= 0) {
@@ -378,14 +464,14 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
LIBSSH2_SESSION_BLOCK_INBOUND;
return LIBSSH2_ERROR_EAGAIN;
}
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Error recving %d bytes (got %d)",
PACKETBUFSIZE - remainbuf, -nread);
PACKETBUFSIZE - remainbuf, -nread));
return LIBSSH2_ERROR_SOCKET_RECV;
}
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Recved %d/%d bytes to %p+%d", nread,
PACKETBUFSIZE - remainbuf, p->buf, remainbuf);
PACKETBUFSIZE - remainbuf, p->buf, remainbuf));
debugdump(session, "libssh2_transport_read() raw",
&p->buf[remainbuf], nread);
@@ -400,13 +486,19 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
numbytes = remainbuf;
if(!p->total_num) {
size_t total_num;
size_t total_num; /* the number of bytes following the initial
(5 bytes) packet length and padding length
fields */
/* packet length is not encrypted in encode-then-mac mode
and we donøt need to decrypt first block */
ssize_t required_size = etm ? 4 : blocksize;
/* No payload package area allocated yet. To know the
size of this payload, we need to decrypt the first
size of this payload, we need enough to decrypt the first
blocksize data. */
if(numbytes < blocksize) {
if(numbytes < required_size) {
/* we can't act on anything less than blocksize, but this
check is only done for the initial block since once we have
got the start of a block we can in fact deal with fractions
@@ -416,13 +508,20 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
return LIBSSH2_ERROR_EAGAIN;
}
if(etm) {
p->packet_length = _libssh2_ntohu32(&p->buf[p->readidx]);
}
else {
if(encrypted) {
rc = decrypt(session, &p->buf[p->readidx], block, blocksize);
/* first decrypted block */
rc = decrypt(session, &p->buf[p->readidx],
block, blocksize, FIRST_BLOCK);
if(rc != LIBSSH2_ERROR_NONE) {
return rc;
}
/* save the first 5 bytes of the decrypted package, to be
used in the hash calculation later down. */
/* Save the first 5 bytes of the decrypted package, to be
used in the hash calculation later down.
This is ignored in the INTEGRATED_MAC case. */
memcpy(p->init, block, 5);
}
else {
@@ -438,6 +537,8 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
* and we can extract packet and padding length from it
*/
p->packet_length = _libssh2_ntohu32(block);
}
if(p->packet_length < 1) {
return LIBSSH2_ERROR_DECRYPT;
}
@@ -445,17 +546,27 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
if(etm) {
/* we collect entire undecrypted packet including the
packet length field that we run MAC over */
total_num = 4 + p->packet_length +
session->remote.mac->mac_len;
}
else {
/* padding_length has not been authenticated yet, but it won't
actually be used (except for the sanity check immediately
following) until after the entire packet is authenticated,
so this is safe. */
p->padding_length = block[4];
if(p->padding_length > p->packet_length - 1) {
return LIBSSH2_ERROR_DECRYPT;
}
/* total_num is the number of bytes following the initial
(5 bytes) packet length and padding length fields */
total_num =
p->packet_length - 1 +
total_num = p->packet_length - 1 +
(encrypted ? session->remote.mac->mac_len : 0);
}
/* RFC4253 section 6.1 Maximum Packet Length says:
*
@@ -479,13 +590,17 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
/* init write pointer to start of payload buffer */
p->wptr = p->payload;
if(blocksize > 5) {
if(!etm && blocksize > 5) {
/* copy the data from index 5 to the end of
the blocksize from the temporary buffer to
the start of the decrypted buffer */
if(blocksize - 5 <= (int) total_num) {
memcpy(p->wptr, &block[5], blocksize - 5);
p->wptr += blocksize - 5; /* advance write pointer */
if(etm) {
/* advance past unencrypted packet length */
p->wptr += 4;
}
}
else {
if(p->payload)
@@ -499,6 +614,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
p->data_num = p->wptr - p->payload;
/* we already dealt with a blocksize worth of data */
if(!etm)
numbytes -= blocksize;
}
@@ -512,42 +628,60 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
numbytes = remainpack;
}
if(encrypted) {
if(encrypted && !etm) {
/* At the end of the incoming stream, there is a MAC,
and we don't want to decrypt that since we need it
"raw". We MUST however decrypt the padding data
since it is used for the hash later on. */
int skip = session->remote.mac->mac_len;
if(CRYPT_FLAG_R(session, INTEGRATED_MAC))
/* This crypto method DOES need the MAC to go through
decryption so it can be authenticated. */
skip = 0;
/* if what we have plus numbytes is bigger than the
total minus the skip margin, we should lower the
amount to decrypt even more */
if((p->data_num + numbytes) > (p->total_num - skip)) {
numdecrypt = (p->total_num - skip) - p->data_num;
if((p->data_num + numbytes) >= (p->total_num - skip)) {
/* decrypt the entire rest of the package */
numdecrypt = LIBSSH2_MAX(0,
(int)(p->total_num - skip) - (int)p->data_num);
firstlast = LAST_BLOCK;
}
else {
int frac;
ssize_t frac;
numdecrypt = numbytes;
frac = numdecrypt % blocksize;
if(frac) {
/* not an aligned amount of blocks,
align it */
/* not an aligned amount of blocks, align it by reducing
the number of bytes processed this loop */
numdecrypt -= frac;
/* and make it no unencrypted data
after it */
numbytes = 0;
}
if(CRYPT_FLAG_R(session, INTEGRATED_MAC)) {
/* Make sure that we save enough bytes to make the last
* block large enough to hold the entire integrated MAC */
numdecrypt = LIBSSH2_MIN(numdecrypt,
(int)(p->total_num - skip - blocksize - p->data_num));
numbytes = 0;
}
firstlast = MIDDLE_BLOCK;
}
}
else {
/* unencrypted data should not be decrypted at all */
numdecrypt = 0;
}
assert(numdecrypt >= 0);
/* if there are bytes to decrypt, do that */
if(numdecrypt > 0) {
/* now decrypt the lot */
rc = decrypt(session, &p->buf[p->readidx], p->wptr, numdecrypt);
rc = decrypt(session, &p->buf[p->readidx], p->wptr, numdecrypt,
firstlast);
if(rc != LIBSSH2_ERROR_NONE) {
p->total_num = 0; /* no packet buffer available */
return rc;
@@ -564,11 +698,11 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
numbytes -= numdecrypt;
}
/* if there are bytes to copy that aren't decrypted, simply
/* if there are bytes to copy that aren't decrypted,
copy them as-is to the target buffer */
if(numbytes > 0) {
if(numbytes <= (int)(p->total_num - (p->wptr - p->payload))) {
if((size_t)numbytes <= (p->total_num - (p->wptr - p->payload))) {
memcpy(p->wptr, &p->buf[p->readidx], numbytes);
}
else {
@@ -591,13 +725,13 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
if(!remainpack) {
/* we have a full packet */
libssh2_transport_read_point1:
libssh2_transport_read_point1:
rc = fullpacket(session, encrypted);
if(rc == LIBSSH2_ERROR_EAGAIN) {
if(session->packAdd_state != libssh2_NB_state_idle) {
/* fullpacket only returns LIBSSH2_ERROR_EAGAIN if
* libssh2_packet_add returns LIBSSH2_ERROR_EAGAIN. If
* libssh2_packet_add() returns LIBSSH2_ERROR_EAGAIN. If
* that returns LIBSSH2_ERROR_EAGAIN but the packAdd_state
* is idle, then the packet has been added to the brigade,
* but some immediate action that was taken based on the
@@ -641,7 +775,8 @@ send_existing(LIBSSH2_SESSION *session, const unsigned char *data,
we don't add this one up until the previous one has been sent. To
make the caller really notice his/hers flaw, we return error for
this case */
return LIBSSH2_ERROR_BAD_USE;
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Address is different, but will resume nonetheless"));
}
*ret = 1; /* set to make our parent return */
@@ -652,12 +787,12 @@ send_existing(LIBSSH2_SESSION *session, const unsigned char *data,
rc = LIBSSH2_SEND(session, &p->outbuf[p->osent], length,
LIBSSH2_SOCKET_SEND_FLAGS(session));
if(rc < 0)
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
"Error sending %d bytes: %d", length, -rc);
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Error sending %d bytes: %d", length, -rc));
else {
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Sent %d/%d bytes at %p+%d", rc, length, p->outbuf,
p->osent);
p->osent));
debugdump(session, "libssh2_transport_write send()",
&p->outbuf[p->osent], rc);
}
@@ -712,20 +847,22 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
int blocksize =
(session->state & LIBSSH2_STATE_NEWKEYS) ?
session->local.crypt->blocksize : 8;
int padding_length;
ssize_t padding_length;
size_t packet_length;
int total_length;
#ifdef RANDOM_PADDING
ssize_t total_length;
#ifdef LIBSSH2_RANDOM_PADDING
int rand_max;
int seed = data[0]; /* FIXME: make this random */
#endif
struct transportpacket *p = &session->packet;
int encrypted;
int compressed;
int etm;
ssize_t ret;
int rc;
const unsigned char *orgdata = data;
size_t orgdata_len = data_len;
size_t crypt_offset, etm_crypt_offset;
/*
* If the last read operation was interrupted in the middle of a key
@@ -738,8 +875,8 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
!(session->state & LIBSSH2_STATE_KEX_ACTIVE)) {
/* Don't write any new packets if we're still in the middle of a key
* exchange. */
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
" key re-exchange from _libssh2_transport_send");
_libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
" key re-exchange from _libssh2_transport_send"));
rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
if(rc)
return rc;
@@ -763,8 +900,9 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
encrypted = (session->state & LIBSSH2_STATE_NEWKEYS) ? 1 : 0;
compressed =
session->local.comp != NULL &&
etm = encrypted && session->local.mac ? session->local.mac->etm : 0;
compressed = session->local.comp &&
session->local.comp->compress &&
((session->state & LIBSSH2_STATE_AUTHENTICATED) ||
session->local.comp->use_in_auth);
@@ -825,12 +963,17 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
packet_length = data_len + 1 + 4; /* 1 is for padding_length field
4 for the packet_length field */
/* subtract 4 bytes of the packet_length field when padding AES-GCM
or with ETM */
crypt_offset = (etm || (encrypted && CRYPT_FLAG_R(session, PKTLEN_AAD)))
? 4 : 0;
etm_crypt_offset = etm ? 4 : 0;
/* at this point we have it all except the padding */
/* first figure out our minimum padding amount to make it an even
block size */
padding_length = blocksize - (packet_length % blocksize);
padding_length = blocksize - ((packet_length - crypt_offset) % blocksize);
/* if the padding becomes too small we add another blocksize worth
of it (taken from the original libssh2 where it didn't have any
@@ -838,7 +981,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
if(padding_length < 4) {
padding_length += blocksize;
}
#ifdef RANDOM_PADDING
#ifdef LIBSSH2_RANDOM_PADDING
/* FIXME: we can add padding here, but that also makes the packets
bigger etc */
@@ -857,7 +1000,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
/* store packet_length, which is the size of the whole packet except
the MAC and the packet_length field itself */
_libssh2_htonu32(p->outbuf, packet_length - 4);
_libssh2_htonu32(p->outbuf, (uint32_t)(packet_length - 4));
/* store padding_length */
p->outbuf[4] = (unsigned char)padding_length;
@@ -873,21 +1016,77 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
/* Calculate MAC hash. Put the output at index packet_length,
since that size includes the whole packet. The MAC is
calculated on the entire unencrypted packet, including all
fields except the MAC field itself. */
fields except the MAC field itself. This is skipped in the
INTEGRATED_MAC case, where the crypto algorithm also does its
own hash. */
if(!etm && !CRYPT_FLAG_R(session, INTEGRATED_MAC)) {
session->local.mac->hash(session, p->outbuf + packet_length,
session->local.seqno, p->outbuf,
packet_length, NULL, 0,
&session->local.mac_abstract);
}
/* Encrypt the whole packet data, one block size at a time.
The MAC field is not encrypted. */
for(i = 0; i < packet_length; i += session->local.crypt->blocksize) {
The MAC field is not encrypted unless INTEGRATED_MAC. */
/* Some crypto back-ends could handle a single crypt() call for
encryption, but (presumably) others cannot, so break it up
into blocksize-sized chunks to satisfy them all. */
for(i = etm_crypt_offset; i < packet_length;
i += session->local.crypt->blocksize) {
unsigned char *ptr = &p->outbuf[i];
size_t bsize = LIBSSH2_MIN(session->local.crypt->blocksize,
(int)(packet_length-i));
/* The INTEGRATED_MAC case always has an extra call below, so it
will never be LAST_BLOCK up here. */
int firstlast = i == 0 ? FIRST_BLOCK :
(!CRYPT_FLAG_L(session, INTEGRATED_MAC)
&& (i == packet_length - session->local.crypt->blocksize)
? LAST_BLOCK: MIDDLE_BLOCK);
/* In the AAD case, the last block would be only 4 bytes because
everything is offset by 4 since the initial packet_length isn't
encrypted. In this case, combine that last short packet with the
previous one since AES-GCM crypt() assumes that the entire MAC
is available in that packet so it can set that to the
authentication tag. */
if(!CRYPT_FLAG_L(session, INTEGRATED_MAC))
if(i > packet_length - 2*bsize) {
/* increase the final block size */
bsize = packet_length - i;
/* advance the loop counter by the extra amount */
i += bsize - session->local.crypt->blocksize;
}
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"crypting bytes %d-%d", i,
i + session->local.crypt->blocksize - 1));
if(session->local.crypt->crypt(session, ptr,
session->local.crypt->blocksize,
&session->local.crypt_abstract))
bsize,
&session->local.crypt_abstract,
firstlast))
return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */
}
/* Call crypt() one last time so it can be filled in with the MAC */
if(CRYPT_FLAG_L(session, INTEGRATED_MAC)) {
int authlen = session->local.mac->mac_len;
assert((size_t)total_length <=
packet_length + session->local.crypt->blocksize);
if(session->local.crypt->crypt(session, &p->outbuf[packet_length],
authlen,
&session->local.crypt_abstract,
LAST_BLOCK))
return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */
}
if(etm) {
/* Calculate MAC hash. Put the output at index packet_length,
since that size includes the whole packet. The MAC is
calculated on the entire packet (length plain the rest
encrypted), including all fields except the MAC field
itself. */
session->local.mac->hash(session, p->outbuf + packet_length,
session->local.seqno, p->outbuf,
packet_length, NULL, 0,
&session->local.mac_abstract);
}
}
session->local.seqno++;
@@ -895,11 +1094,12 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
ret = LIBSSH2_SEND(session, p->outbuf, total_length,
LIBSSH2_SOCKET_SEND_FLAGS(session));
if(ret < 0)
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET,
"Error sending %d bytes: %d", total_length, -ret);
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Error sending %d bytes: %d", total_length, -ret));
else {
_libssh2_debug(session, LIBSSH2_TRACE_SOCKET, "Sent %d/%d bytes at %p",
ret, total_length, p->outbuf);
_libssh2_debug((session, LIBSSH2_TRACE_SOCKET,
"Sent %d/%d bytes at %p",
ret, total_length, p->outbuf));
debugdump(session, "libssh2_transport_write send()", p->outbuf, ret);
}

1
libssh2/src/transport.h
View File

@@ -43,7 +43,6 @@
#include "libssh2_priv.h"
#include "packet.h"
/*
* libssh2_transport_send
*

883
libssh2/src/userauth.c
View File

File diff suppressed because it is too large Load Diff

4
libssh2/src/userauth.h
View File

@@ -41,9 +41,9 @@
int
_libssh2_userauth_publickey(LIBSSH2_SESSION *session,
const char *username,
unsigned int username_len,
size_t username_len,
const unsigned char *pubkeydata,
unsigned long pubkeydata_len,
size_t pubkeydata_len,
LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC
((*sign_callback)),
void *abstract);

164
libssh2/src/userauth_kbd_packet.c Normal file
View File

@@ -0,0 +1,164 @@
/* Copyright (c) 2022, Xaver Loppenstedt <xaver@loppenstedt.de>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* Neither the name of the copyright holder nor the names
* of any other contributors may be used to endorse or
* promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/
#include "libssh2_priv.h"
#include "userauth_kbd_packet.h"
int userauth_keyboard_interactive_decode_info_request(LIBSSH2_SESSION *session)
{
unsigned char *language_tag;
size_t language_tag_len;
unsigned int i;
unsigned char packet_type;
uint32_t tmp_u32;
struct string_buf decoded;
decoded.data = session->userauth_kybd_data;
decoded.dataptr = session->userauth_kybd_data;
decoded.len = session->userauth_kybd_data_len;
if(session->userauth_kybd_data_len < 17) {
_libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
"userauth keyboard data buffer too small "
"to get length");
return -1;
}
/* byte SSH_MSG_USERAUTH_INFO_REQUEST */
_libssh2_get_byte(&decoded, &packet_type);
/* string name (ISO-10646 UTF-8) */
if(_libssh2_copy_string(session, &decoded,
&session->userauth_kybd_auth_name,
&session->userauth_kybd_auth_name_len) == -1) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to decode "
"keyboard-interactive 'name' "
"request field");
return -1;
}
/* string instruction (ISO-10646 UTF-8) */
if(_libssh2_copy_string(session, &decoded,
&session->userauth_kybd_auth_instruction,
&session->userauth_kybd_auth_instruction_len)
== -1) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to decode "
"keyboard-interactive 'instruction' "
"request field");
return -1;
}
/* string language tag (as defined in [RFC-3066]) */
if(_libssh2_get_string(&decoded, &language_tag,
&language_tag_len) == -1) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to decode "
"keyboard-interactive 'language tag' "
"request field");
return -1;
}
/* int num-prompts */
if(_libssh2_get_u32(&decoded, &tmp_u32) == -1 ||
(session->userauth_kybd_num_prompts = tmp_u32) != tmp_u32) {
_libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
"Unable to decode "
"keyboard-interactive number of keyboard prompts");
return -1;
}
if(session->userauth_kybd_num_prompts > 100) {
_libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
"Too many replies for "
"keyboard-interactive prompts");
return -1;
}
if(session->userauth_kybd_num_prompts == 0) {
return 0;
}
session->userauth_kybd_prompts =
LIBSSH2_CALLOC(session,
sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) *
session->userauth_kybd_num_prompts);
if(!session->userauth_kybd_prompts) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for "
"keyboard-interactive prompts array");
return -1;
}
session->userauth_kybd_responses =
LIBSSH2_CALLOC(session,
sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) *
session->userauth_kybd_num_prompts);
if(!session->userauth_kybd_responses) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for "
"keyboard-interactive responses array");
return -1;
}
for(i = 0; i < session->userauth_kybd_num_prompts; i++) {
/* string prompt[1] (ISO-10646 UTF-8) */
if(_libssh2_copy_string(session, &decoded,
&session->userauth_kybd_prompts[i].text,
&session->userauth_kybd_prompts[i].length)
== -1) {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to decode "
"keyboard-interactive prompt message");
return -1;
}
/* boolean echo[1] */
if(_libssh2_get_boolean(&decoded,
&session->userauth_kybd_prompts[i].echo)
== -1) {
_libssh2_error(session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
"Unable to decode "
"user auth keyboard prompt echo");
return -1;
}
}
return 0;
}

43
libssh2/src/userauth_kbd_packet.h Normal file
View File

@@ -0,0 +1,43 @@
/* Copyright (c) 2022, Xaver Loppenstedt <xaver@loppenstedt.de>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* Neither the name of the copyright holder nor the names
* of any other contributors may be used to endorse or
* promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/
#ifndef __LIBSSH2_USERAUTH_KBD_PARSE_H
#define __LIBSSH2_USERAUTH_KBD_PARSE_H
int userauth_keyboard_interactive_decode_info_request(LIBSSH2_SESSION *);
#endif /* __LIBSSH2_USERAUTH_KBD_PARSE_H */

14
libssh2/src/version.c
View File

@@ -37,14 +37,6 @@
#include "libssh2_priv.h"
/*
libssh2_version() can be used like this:
if (!libssh2_version(LIBSSH2_VERSION_NUM)) {
fprintf (stderr, "Runtime libssh2 version too old!\n");
exit(1);
}
*/
LIBSSH2_API
const char *libssh2_version(int req_version_num)
{
@@ -52,3 +44,9 @@ const char *libssh2_version(int req_version_num)
return LIBSSH2_VERSION;
return NULL; /* this is not a suitable library! */
}
LIBSSH2_API
libssh2_crypto_engine_t libssh2_crypto_engine(void)
{
return LIBSSH2_CRYPTO_ENGINE;
}

557
libssh2/src/wincng.c
View File

File diff suppressed because it is too large Load Diff

93
libssh2/src/wincng.h Executable file → Normal file
View File

@@ -38,6 +38,8 @@
* OF SUCH DAMAGE.
*/
#define LIBSSH2_CRYPTO_ENGINE libssh2_wincng
/* required for cross-compilation against the w64 mingw-runtime package */
#if defined(_WIN32_WINNT) && (_WIN32_WINNT < 0x0600)
#undef _WIN32_WINNT
@@ -55,14 +57,17 @@
#define LIBSSH2_HMAC_SHA256 1
#define LIBSSH2_HMAC_SHA512 1
#define LIBSSH2_AES 1
#define LIBSSH2_AES_CBC 1
#define LIBSSH2_AES_CTR 1
#define LIBSSH2_AES_GCM 0
#define LIBSSH2_BLOWFISH 0
#define LIBSSH2_RC4 1
#define LIBSSH2_CAST 0
#define LIBSSH2_3DES 1
#define LIBSSH2_RSA 1
#define LIBSSH2_RSA_SHA1 1
#define LIBSSH2_RSA_SHA2 1
#define LIBSSH2_DSA 1
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
@@ -150,7 +155,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA1, \
SHA_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha1_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_sha1_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash)
#define libssh2_sha1(data, datalen, hash) \
@@ -162,29 +169,37 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \
SHA256_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha256_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_sha256_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash)
#define libssh2_sha256(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \
hash, SHA256_DIGEST_LENGTH)
#define libssh2_sha384_ctx _libssh2_wincng_hash_ctx
#define libssh2_sha384_init(ctx) \
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA384, \
SHA384_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha384_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_sha384_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash)
#define libssh2_sha384(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
hash, SHA384_DIGEST_LENGTH)
#define libssh2_sha512_ctx _libssh2_wincng_hash_ctx
#define libssh2_sha512_init(ctx) \
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \
SHA512_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha512_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_sha512_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash)
#define libssh2_sha512(data, datalen, hash) \
@@ -196,7 +211,9 @@ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \
MD5_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_md5_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_md5_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash)
#define libssh2_md5(data, datalen, hash) \
@@ -211,20 +228,26 @@ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
#define libssh2_hmac_ctx_init(ctx)
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA1, \
SHA_DIGEST_LENGTH, key, keylen)
SHA_DIGEST_LENGTH, \
key, (unsigned long) keylen)
#define libssh2_hmac_md5_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacMD5, \
MD5_DIGEST_LENGTH, key, keylen)
MD5_DIGEST_LENGTH, \
key, (unsigned long) keylen)
#define libssh2_hmac_ripemd160_init(ctx, key, keylen)
/* not implemented */
#define libssh2_hmac_sha256_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA256, \
SHA256_DIGEST_LENGTH, key, keylen)
SHA256_DIGEST_LENGTH, \
key, (unsigned long) keylen)
#define libssh2_hmac_sha512_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA512, \
SHA512_DIGEST_LENGTH, key, keylen)
SHA512_DIGEST_LENGTH, \
key, (unsigned long) keylen)
#define libssh2_hmac_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
_libssh2_wincng_hash_update(&ctx, \
(const unsigned char *) data, \
(unsigned long) datalen)
#define libssh2_hmac_final(ctx, hash) \
_libssh2_wincng_hmac_final(&ctx, hash)
#define libssh2_hmac_cleanup(ctx) \
@@ -238,7 +261,7 @@ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
typedef struct __libssh2_wincng_key_ctx {
BCRYPT_KEY_HANDLE hKey;
unsigned char *pbKeyObject;
void *pbKeyObject;
unsigned long cbKeyObject;
} _libssh2_wincng_key_ctx;
@@ -261,9 +284,13 @@ typedef struct __libssh2_wincng_key_ctx {
_libssh2_wincng_rsa_new_private_frommemory(rsactx, s, filedata, \
filedata_len, passphrase)
#define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \
_libssh2_wincng_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len)
_libssh2_wincng_rsa_sha_sign(s, rsactx, hash, hash_len, sig, sig_len)
#define _libssh2_rsa_sha2_sign(s, rsactx, hash, hash_len, sig, sig_len) \
_libssh2_wincng_rsa_sha_sign(s, rsactx, hash, hash_len, sig, sig_len)
#define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \
_libssh2_wincng_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len)
#define _libssh2_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len) \
_libssh2_wincng_rsa_sha2_verify(rsactx, hash_len, sig, sig_len, m, m_len)
#define _libssh2_rsa_free(rsactx) \
_libssh2_wincng_rsa_free(rsactx)
@@ -299,7 +326,10 @@ typedef struct __libssh2_wincng_key_ctx {
pk, pk_len, pw) \
_libssh2_wincng_pub_priv_keyfilememory(s, m, m_len, p, p_len, \
pk, pk_len, pw)
#define _libssh2_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \
f, kh, kh_len, pk, pk_len, pw) \
_libssh2_wincng_sk_pub_keyfilememory(s, m, m_len, p, p_len, alg, app, \
f, kh, kh_len, pk, pk_len, pw)
/*******************************************************************/
/*
@@ -348,8 +378,8 @@ struct _libssh2_wincng_cipher_type {
#define _libssh2_cipher_init(ctx, type, iv, secret, encrypt) \
_libssh2_wincng_cipher_init(ctx, type, iv, secret, encrypt)
#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen) \
_libssh2_wincng_cipher_crypt(ctx, type, encrypt, block, blocklen)
#define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen, fl) \
_libssh2_wincng_cipher_crypt(ctx, type, encrypt, block, blocklen, fl)
#define _libssh2_cipher_dtor(ctx) \
_libssh2_wincng_cipher_dtor(ctx)
@@ -388,7 +418,7 @@ _libssh2_bn *_libssh2_wincng_bignum_init(void);
#define _libssh2_bn_set_word(bn, word) \
_libssh2_wincng_bignum_set_word(bn, word)
#define _libssh2_bn_from_bin(bn, len, bin) \
_libssh2_wincng_bignum_from_bin(bn, len, bin)
_libssh2_wincng_bignum_from_bin(bn, (unsigned long) len, bin)
#define _libssh2_bn_to_bin(bn, bin) \
_libssh2_wincng_bignum_to_bin(bn, bin)
#define _libssh2_bn_bytes(bn) bn->length
@@ -401,6 +431,14 @@ _libssh2_bn *_libssh2_wincng_bignum_init(void);
* Windows CNG backend: Diffie-Hellman support
*/
/* Default generate and safe prime sizes for
diffie-hellman-group-exchange-sha1 */
#define LIBSSH2_DH_GEX_MINGROUP 2048
#define LIBSSH2_DH_GEX_OPTGROUP 4096
#define LIBSSH2_DH_GEX_MAXGROUP 8192
#define LIBSSH2_DH_MAX_MODULUS_BITS 16384
typedef struct {
/* holds our private and public key components */
BCRYPT_KEY_HANDLE dh_handle;
@@ -409,7 +447,7 @@ typedef struct {
BCRYPT_DH_PARAMETER_HEADER *dh_params;
/* records the parsed out private key component for
* fallback if the DH API raw KDF is not supported */
struct _libssh2_wincng_bignum *bn;
struct _libssh2_wincng_bignum *dh_privbn;
} _libssh2_dh_ctx;
#define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx)
@@ -425,7 +463,7 @@ typedef struct {
*/
void _libssh2_wincng_init(void);
void _libssh2_wincng_free(void);
int _libssh2_wincng_random(void *buf, int len);
int _libssh2_wincng_random(void *buf, size_t len);
int
_libssh2_wincng_hash_init(_libssh2_wincng_hash_ctx *ctx,
@@ -438,7 +476,7 @@ int
_libssh2_wincng_hash_final(_libssh2_wincng_hash_ctx *ctx,
unsigned char *hash);
int
_libssh2_wincng_hash(unsigned char *data, unsigned long datalen,
_libssh2_wincng_hash(const unsigned char *data, unsigned long datalen,
BCRYPT_ALG_HANDLE hAlg,
unsigned char *hash, unsigned long hashlen);
@@ -449,7 +487,8 @@ void
_libssh2_wincng_hmac_cleanup(_libssh2_wincng_hash_ctx *ctx);
int
_libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx,
_libssh2_wincng_key_sha_verify(_libssh2_wincng_key_ctx *ctx,
unsigned long hashlen,
const unsigned char *sig,
unsigned long sig_len,
const unsigned char *m,
@@ -488,11 +527,11 @@ _libssh2_wincng_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
int
_libssh2_wincng_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
const unsigned char *sig,
unsigned long sig_len,
size_t sig_len,
const unsigned char *m,
unsigned long m_len);
size_t m_len);
int
_libssh2_wincng_rsa_sha1_sign(LIBSSH2_SESSION *session,
_libssh2_wincng_rsa_sha_sign(LIBSSH2_SESSION *session,
libssh2_rsa_ctx *rsa,
const unsigned char *hash,
size_t hash_len,
@@ -529,7 +568,7 @@ int
_libssh2_wincng_dsa_sha1_verify(libssh2_dsa_ctx *dsa,
const unsigned char *sig_fixed,
const unsigned char *m,
unsigned long m_len);
size_t m_len);
int
_libssh2_wincng_dsa_sha1_sign(libssh2_dsa_ctx *dsa,
const unsigned char *hash,
@@ -568,7 +607,7 @@ _libssh2_wincng_cipher_crypt(_libssh2_cipher_ctx *ctx,
_libssh2_cipher_type(type),
int encrypt,
unsigned char *block,
size_t blocklen);
size_t blocklen, int firstlast);
void
_libssh2_wincng_cipher_dtor(_libssh2_cipher_ctx *ctx);

651
libssh2/tap-driver.sh Executable file
View File

@@ -0,0 +1,651 @@
#! /bin/sh
# Copyright (C) 2011-2021 Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
scriptversion=2013-12-23.17; # UTC
# Make unconditional expansion of undefined variables an error. This
# helps a lot in preventing typo-related bugs.
set -u
me=tap-driver.sh
fatal ()
{
echo "$me: fatal: $*" >&2
exit 1
}
usage_error ()
{
echo "$me: $*" >&2
print_usage >&2
exit 2
}
print_usage ()
{
cat <<END
Usage:
tap-driver.sh --test-name=NAME --log-file=PATH --trs-file=PATH
[--expect-failure={yes|no}] [--color-tests={yes|no}]
[--enable-hard-errors={yes|no}] [--ignore-exit]
[--diagnostic-string=STRING] [--merge|--no-merge]
[--comments|--no-comments] [--] TEST-COMMAND
The '--test-name', '-log-file' and '--trs-file' options are mandatory.
END
}
# TODO: better error handling in option parsing (in particular, ensure
# TODO: $log_file, $trs_file and $test_name are defined).
test_name= # Used for reporting.
log_file= # Where to save the result and output of the test script.
trs_file= # Where to save the metadata of the test run.
expect_failure=0
color_tests=0
merge=0
ignore_exit=0
comments=0
diag_string='#'
while test $# -gt 0; do
case $1 in
--help) print_usage; exit $?;;
--version) echo "$me $scriptversion"; exit $?;;
--test-name) test_name=$2; shift;;
--log-file) log_file=$2; shift;;
--trs-file) trs_file=$2; shift;;
--color-tests) color_tests=$2; shift;;
--expect-failure) expect_failure=$2; shift;;
--enable-hard-errors) shift;; # No-op.
--merge) merge=1;;
--no-merge) merge=0;;
--ignore-exit) ignore_exit=1;;
--comments) comments=1;;
--no-comments) comments=0;;
--diagnostic-string) diag_string=$2; shift;;
--) shift; break;;
-*) usage_error "invalid option: '$1'";;
esac
shift
done
test $# -gt 0 || usage_error "missing test command"
case $expect_failure in
yes) expect_failure=1;;
*) expect_failure=0;;
esac
if test $color_tests = yes; then
init_colors='
color_map["red"]="" # Red.
color_map["grn"]="" # Green.
color_map["lgn"]="" # Light green.
color_map["blu"]="" # Blue.
color_map["mgn"]="" # Magenta.
color_map["std"]="" # No color.
color_for_result["ERROR"] = "mgn"
color_for_result["PASS"] = "grn"
color_for_result["XPASS"] = "red"
color_for_result["FAIL"] = "red"
color_for_result["XFAIL"] = "lgn"
color_for_result["SKIP"] = "blu"'
else
init_colors=''
fi
# :; is there to work around a bug in bash 3.2 (and earlier) which
# does not always set '$?' properly on redirection failure.
# See the Autoconf manual for more details.
:;{
(
# Ignore common signals (in this subshell only!), to avoid potential
# problems with Korn shells. Some Korn shells are known to propagate
# to themselves signals that have killed a child process they were
# waiting for; this is done at least for SIGINT (and usually only for
# it, in truth). Without the `trap' below, such a behaviour could
# cause a premature exit in the current subshell, e.g., in case the
# test command it runs gets terminated by a SIGINT. Thus, the awk
# script we are piping into would never seen the exit status it
# expects on its last input line (which is displayed below by the
# last `echo $?' statement), and would thus die reporting an internal
# error.
# For more information, see the Autoconf manual and the threads:
# <https://lists.gnu.org/archive/html/bug-autoconf/2011-09/msg00004.html>
# <http://mail.opensolaris.org/pipermail/ksh93-integration-discuss/2009-February/004121.html>
trap : 1 3 2 13 15
if test $merge -gt 0; then
exec 2>&1
else
exec 2>&3
fi
"$@"
echo $?
) | LC_ALL=C ${AM_TAP_AWK-awk} \
-v me="$me" \
-v test_script_name="$test_name" \
-v log_file="$log_file" \
-v trs_file="$trs_file" \
-v expect_failure="$expect_failure" \
-v merge="$merge" \
-v ignore_exit="$ignore_exit" \
-v comments="$comments" \
-v diag_string="$diag_string" \
'
# TODO: the usages of "cat >&3" below could be optimized when using
# GNU awk, and/on on systems that supports /dev/fd/.
# Implementation note: in what follows, `result_obj` will be an
# associative array that (partly) simulates a TAP result object
# from the `TAP::Parser` perl module.
## ----------- ##
## FUNCTIONS ##
## ----------- ##
function fatal(msg)
{
print me ": " msg | "cat >&2"
exit 1
}
function abort(where)
{
fatal("internal error " where)
}
# Convert a boolean to a "yes"/"no" string.
function yn(bool)
{
return bool ? "yes" : "no";
}
function add_test_result(result)
{
if (!test_results_index)
test_results_index = 0
test_results_list[test_results_index] = result
test_results_index += 1
test_results_seen[result] = 1;
}
# Whether the test script should be re-run by "make recheck".
function must_recheck()
{
for (k in test_results_seen)
if (k != "XFAIL" && k != "PASS" && k != "SKIP")
return 1
return 0
}
# Whether the content of the log file associated to this test should
# be copied into the "global" test-suite.log.
function copy_in_global_log()
{
for (k in test_results_seen)
if (k != "PASS")
return 1
return 0
}
function get_global_test_result()
{
if ("ERROR" in test_results_seen)
return "ERROR"
if ("FAIL" in test_results_seen || "XPASS" in test_results_seen)
return "FAIL"
all_skipped = 1
for (k in test_results_seen)
if (k != "SKIP")
all_skipped = 0
if (all_skipped)
return "SKIP"
return "PASS";
}
function stringify_result_obj(result_obj)
{
if (result_obj["is_unplanned"] || result_obj["number"] != testno)
return "ERROR"
if (plan_seen == LATE_PLAN)
return "ERROR"
if (result_obj["directive"] == "TODO")
return result_obj["is_ok"] ? "XPASS" : "XFAIL"
if (result_obj["directive"] == "SKIP")
return result_obj["is_ok"] ? "SKIP" : COOKED_FAIL;
if (length(result_obj["directive"]))
abort("in function stringify_result_obj()")
return result_obj["is_ok"] ? COOKED_PASS : COOKED_FAIL
}
function decorate_result(result)
{
color_name = color_for_result[result]
if (color_name)
return color_map[color_name] "" result "" color_map["std"]
# If we are not using colorized output, or if we do not know how
# to colorize the given result, we should return it unchanged.
return result
}
function report(result, details)
{
if (result ~ /^(X?(PASS|FAIL)|SKIP|ERROR)/)
{
msg = ": " test_script_name
add_test_result(result)
}
else if (result == "#")
{
msg = " " test_script_name ":"
}
else
{
abort("in function report()")
}
if (length(details))
msg = msg " " details
# Output on console might be colorized.
print decorate_result(result) msg
# Log the result in the log file too, to help debugging (this is
# especially true when said result is a TAP error or "Bail out!").
print result msg | "cat >&3";
}
function testsuite_error(error_message)
{
report("ERROR", "- " error_message)
}
function handle_tap_result()
{
details = result_obj["number"];
if (length(result_obj["description"]))
details = details " " result_obj["description"]
if (plan_seen == LATE_PLAN)
{
details = details " # AFTER LATE PLAN";
}
else if (result_obj["is_unplanned"])
{
details = details " # UNPLANNED";
}
else if (result_obj["number"] != testno)
{
details = sprintf("%s # OUT-OF-ORDER (expecting %d)",
details, testno);
}
else if (result_obj["directive"])
{
details = details " # " result_obj["directive"];
if (length(result_obj["explanation"]))
details = details " " result_obj["explanation"]
}
report(stringify_result_obj(result_obj), details)
}
# `skip_reason` should be empty whenever planned > 0.
function handle_tap_plan(planned, skip_reason)
{
planned += 0 # Avoid getting confused if, say, `planned` is "00"
if (length(skip_reason) && planned > 0)
abort("in function handle_tap_plan()")
if (plan_seen)
{
# Error, only one plan per stream is acceptable.
testsuite_error("multiple test plans")
return;
}
planned_tests = planned
# The TAP plan can come before or after *all* the TAP results; we speak
# respectively of an "early" or a "late" plan. If we see the plan line
# after at least one TAP result has been seen, assume we have a late
# plan; in this case, any further test result seen after the plan will
# be flagged as an error.
plan_seen = (testno >= 1 ? LATE_PLAN : EARLY_PLAN)
# If testno > 0, we have an error ("too many tests run") that will be
# automatically dealt with later, so do not worry about it here. If
# $plan_seen is true, we have an error due to a repeated plan, and that
# has already been dealt with above. Otherwise, we have a valid "plan
# with SKIP" specification, and should report it as a particular kind
# of SKIP result.
if (planned == 0 && testno == 0)
{
if (length(skip_reason))
skip_reason = "- " skip_reason;
report("SKIP", skip_reason);
}
}
function extract_tap_comment(line)
{
if (index(line, diag_string) == 1)
{
# Strip leading `diag_string` from `line`.
line = substr(line, length(diag_string) + 1)
# And strip any leading and trailing whitespace left.
sub("^[ \t]*", "", line)
sub("[ \t]*$", "", line)
# Return what is left (if any).
return line;
}
return "";
}
# When this function is called, we know that line is a TAP result line,
# so that it matches the (perl) RE "^(not )?ok\b".
function setup_result_obj(line)
{
# Get the result, and remove it from the line.
result_obj["is_ok"] = (substr(line, 1, 2) == "ok" ? 1 : 0)
sub("^(not )?ok[ \t]*", "", line)
# If the result has an explicit number, get it and strip it; otherwise,
# automatically assign the next test number to it.
if (line ~ /^[0-9]+$/ || line ~ /^[0-9]+[^a-zA-Z0-9_]/)
{
match(line, "^[0-9]+")
# The final `+ 0` is to normalize numbers with leading zeros.
result_obj["number"] = substr(line, 1, RLENGTH) + 0
line = substr(line, RLENGTH + 1)
}
else
{
result_obj["number"] = testno
}
if (plan_seen == LATE_PLAN)
# No further test results are acceptable after a "late" TAP plan
# has been seen.
result_obj["is_unplanned"] = 1
else if (plan_seen && testno > planned_tests)
result_obj["is_unplanned"] = 1
else
result_obj["is_unplanned"] = 0
# Strip trailing and leading whitespace.
sub("^[ \t]*", "", line)
sub("[ \t]*$", "", line)
# This will have to be corrected if we have a "TODO"/"SKIP" directive.
result_obj["description"] = line
result_obj["directive"] = ""
result_obj["explanation"] = ""
if (index(line, "#") == 0)
return # No possible directive, nothing more to do.
# Directives are case-insensitive.
rx = "[ \t]*#[ \t]*([tT][oO][dD][oO]|[sS][kK][iI][pP])[ \t]*"
# See whether we have the directive, and if yes, where.
pos = match(line, rx "$")
if (!pos)
pos = match(line, rx "[^a-zA-Z0-9_]")
# If there was no TAP directive, we have nothing more to do.
if (!pos)
return
# Let`s now see if the TAP directive has been escaped. For example:
# escaped: ok \# SKIP
# not escaped: ok \\# SKIP
# escaped: ok \\\\\# SKIP
# not escaped: ok \ # SKIP
if (substr(line, pos, 1) == "#")
{
bslash_count = 0
for (i = pos; i > 1 && substr(line, i - 1, 1) == "\\"; i--)
bslash_count += 1
if (bslash_count % 2)
return # Directive was escaped.
}
# Strip the directive and its explanation (if any) from the test
# description.
result_obj["description"] = substr(line, 1, pos - 1)
# Now remove the test description from the line, that has been dealt
# with already.
line = substr(line, pos)
# Strip the directive, and save its value (normalized to upper case).
sub("^[ \t]*#[ \t]*", "", line)
result_obj["directive"] = toupper(substr(line, 1, 4))
line = substr(line, 5)
# Now get the explanation for the directive (if any), with leading
# and trailing whitespace removed.
sub("^[ \t]*", "", line)
sub("[ \t]*$", "", line)
result_obj["explanation"] = line
}
function get_test_exit_message(status)
{
if (status == 0)
return ""
if (status !~ /^[1-9][0-9]*$/)
abort("getting exit status")
if (status < 127)
exit_details = ""
else if (status == 127)
exit_details = " (command not found?)"
else if (status >= 128 && status <= 255)
exit_details = sprintf(" (terminated by signal %d?)", status - 128)
else if (status > 256 && status <= 384)
# We used to report an "abnormal termination" here, but some Korn
# shells, when a child process die due to signal number n, can leave
# in $? an exit status of 256+n instead of the more standard 128+n.
# Apparently, both behaviours are allowed by POSIX (2008), so be
# prepared to handle them both. See also Austing Group report ID
# 0000051 <http://www.austingroupbugs.net/view.php?id=51>
exit_details = sprintf(" (terminated by signal %d?)", status - 256)
else
# Never seen in practice.
exit_details = " (abnormal termination)"
return sprintf("exited with status %d%s", status, exit_details)
}
function write_test_results()
{
print ":global-test-result: " get_global_test_result() > trs_file
print ":recheck: " yn(must_recheck()) > trs_file
print ":copy-in-global-log: " yn(copy_in_global_log()) > trs_file
for (i = 0; i < test_results_index; i += 1)
print ":test-result: " test_results_list[i] > trs_file
close(trs_file);
}
BEGIN {
## ------- ##
## SETUP ##
## ------- ##
'"$init_colors"'
# Properly initialized once the TAP plan is seen.
planned_tests = 0
COOKED_PASS = expect_failure ? "XPASS": "PASS";
COOKED_FAIL = expect_failure ? "XFAIL": "FAIL";
# Enumeration-like constants to remember which kind of plan (if any)
# has been seen. It is important that NO_PLAN evaluates "false" as
# a boolean.
NO_PLAN = 0
EARLY_PLAN = 1
LATE_PLAN = 2
testno = 0 # Number of test results seen so far.
bailed_out = 0 # Whether a "Bail out!" directive has been seen.
# Whether the TAP plan has been seen or not, and if yes, which kind
# it is ("early" is seen before any test result, "late" otherwise).
plan_seen = NO_PLAN
## --------- ##
## PARSING ##
## --------- ##
is_first_read = 1
while (1)
{
# Involutions required so that we are able to read the exit status
# from the last input line.
st = getline
if (st < 0) # I/O error.
fatal("I/O error while reading from input stream")
else if (st == 0) # End-of-input
{
if (is_first_read)
abort("in input loop: only one input line")
break
}
if (is_first_read)
{
is_first_read = 0
nextline = $0
continue
}
else
{
curline = nextline
nextline = $0
$0 = curline
}
# Copy any input line verbatim into the log file.
print | "cat >&3"
# Parsing of TAP input should stop after a "Bail out!" directive.
if (bailed_out)
continue
# TAP test result.
if ($0 ~ /^(not )?ok$/ || $0 ~ /^(not )?ok[^a-zA-Z0-9_]/)
{
testno += 1
setup_result_obj($0)
handle_tap_result()
}
# TAP plan (normal or "SKIP" without explanation).
else if ($0 ~ /^1\.\.[0-9]+[ \t]*$/)
{
# The next two lines will put the number of planned tests in $0.
sub("^1\\.\\.", "")
sub("[^0-9]*$", "")
handle_tap_plan($0, "")
continue
}
# TAP "SKIP" plan, with an explanation.
else if ($0 ~ /^1\.\.0+[ \t]*#/)
{
# The next lines will put the skip explanation in $0, stripping
# any leading and trailing whitespace. This is a little more
# tricky in truth, since we want to also strip a potential leading
# "SKIP" string from the message.
sub("^[^#]*#[ \t]*(SKIP[: \t][ \t]*)?", "")
sub("[ \t]*$", "");
handle_tap_plan(0, $0)
}
# "Bail out!" magic.
# Older versions of prove and TAP::Harness (e.g., 3.17) did not
# recognize a "Bail out!" directive when preceded by leading
# whitespace, but more modern versions (e.g., 3.23) do. So we
# emulate the latter, "more modern" behaviour.
else if ($0 ~ /^[ \t]*Bail out!/)
{
bailed_out = 1
# Get the bailout message (if any), with leading and trailing
# whitespace stripped. The message remains stored in `$0`.
sub("^[ \t]*Bail out![ \t]*", "");
sub("[ \t]*$", "");
# Format the error message for the
bailout_message = "Bail out!"
if (length($0))
bailout_message = bailout_message " " $0
testsuite_error(bailout_message)
}
# Maybe we have too look for dianogtic comments too.
else if (comments != 0)
{
comment = extract_tap_comment($0);
if (length(comment))
report("#", comment);
}
}
## -------- ##
## FINISH ##
## -------- ##
# A "Bail out!" directive should cause us to ignore any following TAP
# error, as well as a non-zero exit status from the TAP producer.
if (!bailed_out)
{
if (!plan_seen)
{
testsuite_error("missing test plan")
}
else if (planned_tests != testno)
{
bad_amount = testno > planned_tests ? "many" : "few"
testsuite_error(sprintf("too %s tests run (expected %d, got %d)",
bad_amount, planned_tests, testno))
}
if (!ignore_exit)
{
# Fetch exit status from the last line.
exit_message = get_test_exit_message(nextline)
if (exit_message)
testsuite_error(exit_message)
}
}
write_test_results()
exit 0
} # End of "BEGIN" block.
'
# TODO: document that we consume the file descriptor 3 :-(
} 3>"$log_file"
test $? -eq 0 || fatal "I/O or internal error"
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

Some files were not shown because too many files have changed in this diff Show More