PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

Update libssh2 to 1.8.1. Fixes #1523

Browse Source
This commit is contained in:
dmiller
2019-03-20 03:33:51 +00:00
parent 840af24083
commit 2f7b505bd8
31 changed files with 976 additions and 456 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
libssh2/NEWS
View File

@@ -1,5 +1,53 @@
Changelog for the libssh2 project. Generated with git2news.pl Changelog for the libssh2 project. Generated with git2news.pl
Version 1.8.1 (14 Mar 2019)
Will Cosgrove (14 Mar 2019)
- [Michael Buckley brought this change]
More 1.8.0 security fixes (#316)
* Defend against possible integer overflows in comp_method_zlib_decomp.
* Defend against writing beyond the end of the payload in _libssh2_transport_read().
* Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html
This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent.
* Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html
* Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads.
* Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html
* Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html
GitHub (14 Mar 2019)
- [Will Cosgrove brought this change]
1.8 Security fixes (#314)
* fixed possible integer overflow in packet_length
CVE https://www.libssh2.org/CVE-2019-3861.html
* fixed possible interger overflow with userauth_keyboard_interactive
CVE https://www.libssh2.org/CVE-2019-3856.html
* fixed possible out zero byte/incorrect bounds allocation
CVE https://www.libssh2.org/CVE-2019-3857.html
* bounds checks for response packets
* fixed integer overflow in userauth_keyboard_interactive
CVE https://www.libssh2.org/CVE-2019-3863.html
* 1.8.1 release notes
Version 1.8.0 (25 Oct 2016) Version 1.8.0 (25 Oct 2016)
Daniel Stenberg (25 Oct 2016) Daniel Stenberg (25 Oct 2016)
@@ -5482,10 +5530,3 @@ Simon Josefsson (16 Nov 2009)
<http://thread.gmane.org/gmane.network.ssh.libssh2.devel/2530>. <http://thread.gmane.org/gmane.network.ssh.libssh2.devel/2530>.
- Add. - Add.
- Protect against crash on too small SSH_MSG_IGNORE packets.
Reported by Bob Alexander <balexander@expressor-software.com>
in <http://thread.gmane.org/gmane.network.ssh.libssh2.devel/2530>.
- add copyright line

48
libssh2/RELEASE-NOTES
View File

@@ -1,31 +1,29 @@
libssh2 1.8.0 libssh2 1.8.1
This release includes the following changes:
o added a basic dockerised test suite
o crypto: add support for the mbedTLS backend
This release includes the following bugfixes: This release includes the following bugfixes:
o libgcrypt: fixed a NULL pointer dereference on OOM
o VMS: can't use %zd for off_t format
o VMS: update vms/libssh2_config.h
o windows: link with crypt32.lib
o libssh2_channel_open: speeling error fixed in channel error message
o msvc: fixed 14 compilation warnings
o tests: HAVE_NETINET_IN_H was not defined correctly
o openssl: add OpenSSL 1.1.0 compatibility
o cmake: Add CLEAR_MEMORY option, analogously to that for autoconf
o configure: make the --with-* options override the OpenSSL default
o libssh2_wait_socket: set err_msg on errors
o libssh2_wait_socket: Fix comparison with api_timeout to use milliseconds
o fixed possible integer overflow when reading a specially crafted packet
(https://www.libssh2.org/CVE-2019-3855.html)
o fixed possible integer overflow in userauth_keyboard_interactive with a
number of extremely long prompt strings
(https://www.libssh2.org/CVE-2019-3863.html)
o fixed possible integer overflow if the server sent an extremely large number
of keyboard prompts (https://www.libssh2.org/CVE-2019-3856.html)
o fixed possible out of bounds read when processing a specially crafted packet
(https://www.libssh2.org/CVE-2019-3861.html)
o fixed possible integer overflow when receiving a specially crafted exit
signal message channel packet (https://www.libssh2.org/CVE-2019-3857.html)
o fixed possible out of bounds read when receiving a specially crafted exit
status message channel packet (https://www.libssh2.org/CVE-2019-3862.html)
o fixed possible zero byte allocation when reading a specially crafted SFTP
packet (https://www.libssh2.org/CVE-2019-3858.html)
o fixed possible out of bounds reads when processing specially crafted SFTP
packets (https://www.libssh2.org/CVE-2019-3860.html)
o fixed possible out of bounds reads in _libssh2_packet_require(v)
(https://www.libssh2.org/CVE-2019-3859.html)
This release would not have looked like this without help, code, reports and This release would not have looked like this without help, code, reports and
advice from friends like these: advice from friends like these:
Alexander Lamaison, Antenore Gatta, Brad Harder, Charles Collicutt, Chris Coulson, Michael Buckley, Will Cosgrove, Daniel Stenberg
Craig A. Berry, Dan Fandrich, Daniel Stenberg, Kamil Dudka, Keno Fischer, (4 contributors)
Taylor Holberton, Viktor Szakats, Will Cosgrove, Zenju
(12 contributors)
Thanks! (and sorry if I forgot to mention someone)

191
libssh2/aclocal.m4 vendored
View File

@@ -1,6 +1,6 @@
# generated automatically by aclocal 1.15 -*- Autoconf -*- # generated automatically by aclocal 1.16.1 -*- Autoconf -*-
# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Copyright (C) 1996-2018 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -20,7 +20,7 @@ You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely. If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically 'autoreconf'.])]) To do so, use the procedure documented by the package, typically 'autoreconf'.])])
# Copyright (C) 2002-2014 Free Software Foundation, Inc. # Copyright (C) 2002-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -32,10 +32,10 @@ To do so, use the procedure documented by the package, typically 'autoreconf'.])
# generated from the m4 files accompanying Automake X.Y. # generated from the m4 files accompanying Automake X.Y.
# (This private macro should not be called outside this file.) # (This private macro should not be called outside this file.)
AC_DEFUN([AM_AUTOMAKE_VERSION], AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.15' [am__api_version='1.16'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro. dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.15], [], m4_if([$1], [1.16.1], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
]) ])
@@ -51,14 +51,14 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.15])dnl [AM_AUTOMAKE_VERSION([1.16.1])dnl
m4_ifndef([AC_AUTOCONF_VERSION], m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*- # AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -110,7 +110,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*- # AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2014 Free Software Foundation, Inc. # Copyright (C) 1997-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -141,7 +141,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]]) Usually this means the macro was only invoked conditionally.]])
fi])]) fi])])
# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Copyright (C) 1999-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -332,13 +332,12 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*- # Generate code to set up dependency tracking. -*- Autoconf -*-
# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Copyright (C) 1999-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# _AM_OUTPUT_DEPENDENCY_COMMANDS # _AM_OUTPUT_DEPENDENCY_COMMANDS
# ------------------------------ # ------------------------------
AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
@@ -346,49 +345,41 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
# Older Autoconf quotes --file arguments for eval, but not when files # Older Autoconf quotes --file arguments for eval, but not when files
# are listed without --file. Let's play safe and only enable the eval # are listed without --file. Let's play safe and only enable the eval
# if we detect the quoting. # if we detect the quoting.
case $CONFIG_FILES in # TODO: see whether this extra hack can be removed once we start
*\'*) eval set x "$CONFIG_FILES" ;; # requiring Autoconf 2.70 or later.
*) set x $CONFIG_FILES ;; AS_CASE([$CONFIG_FILES],
esac [*\'*], [eval set x "$CONFIG_FILES"],
[*], [set x $CONFIG_FILES])
shift shift
for mf # Used to flag and report bootstrapping failures.
am_rc=0
for am_mf
do do
# Strip MF so we end up with the name of the file. # Strip MF so we end up with the name of the file.
mf=`echo "$mf" | sed -e 's/:.*$//'` am_mf=`AS_ECHO(["$am_mf"]) | sed -e 's/:.*$//'`
# Check whether this is an Automake generated Makefile or not. # Check whether this is an Automake generated Makefile which includes
# We used to match only the files named 'Makefile.in', but # dependency-tracking related rules and includes.
# some people rename them; so instead we look at the file content. # Grep'ing the whole file directly is not great: AIX grep has a line
# Grep'ing the first line is not enough: some people post-process
# each Makefile.in and add a new line on top of each file to say so.
# Grep'ing the whole file is not good either: AIX grep has a line
# limit of 2048, but all sed's we know have understand at least 4000. # limit of 2048, but all sed's we know have understand at least 4000.
if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \
dirpart=`AS_DIRNAME("$mf")` || continue
else am_dirpart=`AS_DIRNAME(["$am_mf"])`
continue am_filepart=`AS_BASENAME(["$am_mf"])`
fi AM_RUN_LOG([cd "$am_dirpart" \
# Extract the definition of DEPDIR, am__include, and am__quote && sed -e '/# am--include-marker/d' "$am_filepart" \
# from the Makefile without running 'make'. | $MAKE -f - am--depfiles]) || am_rc=$?
DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
test -z "$DEPDIR" && continue
am__include=`sed -n 's/^am__include = //p' < "$mf"`
test -z "$am__include" && continue
am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
# Find all dependency output files, they are included files with
# $(DEPDIR) in their names. We invoke sed twice because it is the
# simplest approach to changing $(DEPDIR) to its actual value in the
# expansion.
for file in `sed -n "
s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
# Make sure the directory exists.
test -f "$dirpart/$file" && continue
fdir=`AS_DIRNAME(["$file"])`
AS_MKDIR_P([$dirpart/$fdir])
# echo "creating $dirpart/$file"
echo '# dummy' > "$dirpart/$file"
done
done done
if test $am_rc -ne 0; then
AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).])
fi
AS_UNSET([am_dirpart])
AS_UNSET([am_filepart])
AS_UNSET([am_mf])
AS_UNSET([am_rc])
rm -f conftest-deps.mk
} }
])# _AM_OUTPUT_DEPENDENCY_COMMANDS ])# _AM_OUTPUT_DEPENDENCY_COMMANDS
@@ -397,18 +388,17 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
# ----------------------------- # -----------------------------
# This macro should only be invoked once -- use via AC_REQUIRE. # This macro should only be invoked once -- use via AC_REQUIRE.
# #
# This code is only required when automatic dependency tracking # This code is only required when automatic dependency tracking is enabled.
# is enabled. FIXME. This creates each '.P' file that we will # This creates each '.Po' and '.Plo' makefile fragment that we'll need in
# need in order to bootstrap the dependency handling code. # order to bootstrap the dependency handling code.
AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
[AC_CONFIG_COMMANDS([depfiles], [AC_CONFIG_COMMANDS([depfiles],
[test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
[AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) [AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"])])
])
# Do all the work for Automake. -*- Autoconf -*- # Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Copyright (C) 1996-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -495,8 +485,8 @@ AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl
AC_REQUIRE([AC_PROG_MKDIR_P])dnl AC_REQUIRE([AC_PROG_MKDIR_P])dnl
# For better backward compatibility. To be removed once Automake 1.9.x # For better backward compatibility. To be removed once Automake 1.9.x
# dies out for good. For more background, see: # dies out for good. For more background, see:
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html> # <https://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html> # <https://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
AC_SUBST([mkdir_p], ['$(MKDIR_P)']) AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
# We need awk for the "check" target (and possibly the TAP driver). The # We need awk for the "check" target (and possibly the TAP driver). The
# system "awk" is bad on some platforms. # system "awk" is bad on some platforms.
@@ -563,7 +553,7 @@ END
Aborting the configuration process, to ensure you take notice of the issue. Aborting the configuration process, to ensure you take notice of the issue.
You can download and install GNU coreutils to get an 'rm' implementation You can download and install GNU coreutils to get an 'rm' implementation
that behaves properly: <http://www.gnu.org/software/coreutils/>. that behaves properly: <https://www.gnu.org/software/coreutils/>.
If you want to complete the configuration process using your problematic If you want to complete the configuration process using your problematic
'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
@@ -605,7 +595,7 @@ for _am_header in $config_headers :; do
done done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -626,7 +616,7 @@ if test x"${install_sh+set}" != xset; then
fi fi
AC_SUBST([install_sh])]) AC_SUBST([install_sh])])
# Copyright (C) 2003-2014 Free Software Foundation, Inc. # Copyright (C) 2003-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -648,7 +638,7 @@ AC_SUBST([am__leading_dot])])
# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- # Add --enable-maintainer-mode option to configure. -*- Autoconf -*-
# From Jim Meyering # From Jim Meyering
# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Copyright (C) 1996-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -683,7 +673,7 @@ AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
# Check to see how 'make' treats includes. -*- Autoconf -*- # Check to see how 'make' treats includes. -*- Autoconf -*-
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -691,49 +681,42 @@ AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
# AM_MAKE_INCLUDE() # AM_MAKE_INCLUDE()
# ----------------- # -----------------
# Check to see how make treats includes. # Check whether make has an 'include' directive that can support all
# the idioms we need for our automatic dependency tracking code.
AC_DEFUN([AM_MAKE_INCLUDE], AC_DEFUN([AM_MAKE_INCLUDE],
[am_make=${MAKE-make} [AC_MSG_CHECKING([whether ${MAKE-make} supports the include directive])
cat > confinc << 'END' cat > confinc.mk << 'END'
am__doit: am__doit:
@echo this is the am__doit target @echo this is the am__doit target >confinc.out
.PHONY: am__doit .PHONY: am__doit
END END
# If we don't find an include directive, just comment out the code.
AC_MSG_CHECKING([for style of include used by $am_make])
am__include="#" am__include="#"
am__quote= am__quote=
_am_result=none # BSD make does it like this.
# First try GNU make style include. echo '.include "confinc.mk" # ignored' > confmf.BSD
echo "include confinc" > confmf # Other make implementations (GNU, Solaris 10, AIX) do it like this.
# Ignore all kinds of additional output from 'make'. echo 'include confinc.mk # ignored' > confmf.GNU
case `$am_make -s -f confmf 2> /dev/null` in #( _am_result=no
*the\ am__doit\ target*) for s in GNU BSD; do
am__include=include AM_RUN_LOG([${MAKE-make} -f confmf.$s && cat confinc.out])
am__quote= AS_CASE([$?:`cat confinc.out 2>/dev/null`],
_am_result=GNU ['0:this is the am__doit target'],
;; [AS_CASE([$s],
esac [BSD], [am__include='.include' am__quote='"'],
# Now try BSD make style include. [am__include='include' am__quote=''])])
if test "$am__include" = "#"; then if test "$am__include" != "#"; then
echo '.include "confinc"' > confmf _am_result="yes ($s style)"
case `$am_make -s -f confmf 2> /dev/null` in #( break
*the\ am__doit\ target*) fi
am__include=.include done
am__quote="\"" rm -f confinc.* confmf.*
_am_result=BSD AC_MSG_RESULT([${_am_result}])
;; AC_SUBST([am__include])])
esac AC_SUBST([am__quote])])
fi
AC_SUBST([am__include])
AC_SUBST([am__quote])
AC_MSG_RESULT([$_am_result])
rm -f confinc confmf
])
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
# Copyright (C) 1997-2014 Free Software Foundation, Inc. # Copyright (C) 1997-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -772,7 +755,7 @@ fi
# Helper functions for option handling. -*- Autoconf -*- # Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -801,7 +784,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION], AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Copyright (C) 1999-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -848,7 +831,7 @@ AC_LANG_POP([C])])
# For backward compatibility. # For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -867,7 +850,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*- # Check to make sure that the build environment is sane. -*- Autoconf -*-
# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Copyright (C) 1996-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -948,7 +931,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file rm -f conftest.file
]) ])
# Copyright (C) 2009-2014 Free Software Foundation, Inc. # Copyright (C) 2009-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -1008,7 +991,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl _AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
]) ])
# Copyright (C) 2001-2014 Free Software Foundation, Inc. # Copyright (C) 2001-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -1036,7 +1019,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])]) AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006-2014 Free Software Foundation, Inc. # Copyright (C) 2006-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -1055,7 +1038,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*- # Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004-2014 Free Software Foundation, Inc. # Copyright (C) 2004-2018 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,

0
libssh2/buildconf Normal file → Executable file
View File

13
libssh2/compile Normal file → Executable file
View File

@@ -1,9 +1,9 @@
#! /bin/sh #! /bin/sh
# Wrapper for compilers which do not understand '-c -o'. # Wrapper for compilers which do not understand '-c -o'.
scriptversion=2012-10-14.11; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>. # Written by Tom Tromey <tromey@cygnus.com>.
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@@ -17,7 +17,7 @@ scriptversion=2012-10-14.11; # UTC
# GNU General Public License for more details. # GNU General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you # As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a # distribute this file as part of a program that contains a
@@ -255,7 +255,8 @@ EOF
echo "compile $scriptversion" echo "compile $scriptversion"
exit $? exit $?
;; ;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
func_cl_wrapper "$@" # Doesn't return... func_cl_wrapper "$@" # Doesn't return...
;; ;;
esac esac
@@ -339,9 +340,9 @@ exit $ret
# Local Variables: # Local Variables:
# mode: shell-script # mode: shell-script
# sh-indentation: 2 # sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp) # eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion=" # time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC" # time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC" # time-stamp-end: "; # UTC"
# End: # End:

0
libssh2/config.guess vendored Normal file → Executable file
View File

0
libssh2/config.rpath Normal file → Executable file
View File

0
libssh2/config.sub vendored Normal file → Executable file
View File

204
libssh2/configure vendored Normal file → Executable file
View File

@@ -709,7 +709,6 @@ am__nodep
AMDEPBACKSLASH AMDEPBACKSLASH
AMDEP_FALSE AMDEP_FALSE
AMDEP_TRUE AMDEP_TRUE
am__quote
am__include am__include
DEPDIR DEPDIR
OBJEXT OBJEXT
@@ -797,7 +796,8 @@ PACKAGE_VERSION
PACKAGE_TARNAME PACKAGE_TARNAME
PACKAGE_NAME PACKAGE_NAME
PATH_SEPARATOR PATH_SEPARATOR
SHELL' SHELL
am__quote'
ac_subst_files='' ac_subst_files=''
ac_user_opts=' ac_user_opts='
enable_option_checking enable_option_checking
@@ -2544,7 +2544,7 @@ $as_echo "$as_me: WARNING: sed was not found, this may ruin your chances to buil
fi fi
LIBSSH2VER=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` LIBSSH2VER=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h`
am__api_version='1.15' am__api_version='1.16'
ac_aux_dir= ac_aux_dir=
for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
@@ -3050,8 +3050,8 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
# For better backward compatibility. To be removed once Automake 1.9.x # For better backward compatibility. To be removed once Automake 1.9.x
# dies out for good. For more background, see: # dies out for good. For more background, see:
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html> # <https://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html> # <https://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
mkdir_p='$(MKDIR_P)' mkdir_p='$(MKDIR_P)'
# We need awk for the "check" target (and possibly the TAP driver). The # We need awk for the "check" target (and possibly the TAP driver). The
@@ -3102,7 +3102,7 @@ END
Aborting the configuration process, to ensure you take notice of the issue. Aborting the configuration process, to ensure you take notice of the issue.
You can download and install GNU coreutils to get an 'rm' implementation You can download and install GNU coreutils to get an 'rm' implementation
that behaves properly: <http://www.gnu.org/software/coreutils/>. that behaves properly: <https://www.gnu.org/software/coreutils/>.
If you want to complete the configuration process using your problematic If you want to complete the configuration process using your problematic
'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
@@ -3255,45 +3255,45 @@ DEPDIR="${am__leading_dot}deps"
ac_config_commands="$ac_config_commands depfiles" ac_config_commands="$ac_config_commands depfiles"
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5
am_make=${MAKE-make} $as_echo_n "checking whether ${MAKE-make} supports the include directive... " >&6; }
cat > confinc << 'END' cat > confinc.mk << 'END'
am__doit: am__doit:
@echo this is the am__doit target @echo this is the am__doit target >confinc.out
.PHONY: am__doit .PHONY: am__doit
END END
# If we don't find an include directive, just comment out the code.
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5
$as_echo_n "checking for style of include used by $am_make... " >&6; }
am__include="#" am__include="#"
am__quote= am__quote=
_am_result=none # BSD make does it like this.
# First try GNU make style include. echo '.include "confinc.mk" # ignored' > confmf.BSD
echo "include confinc" > confmf # Other make implementations (GNU, Solaris 10, AIX) do it like this.
# Ignore all kinds of additional output from 'make'. echo 'include confinc.mk # ignored' > confmf.GNU
case `$am_make -s -f confmf 2> /dev/null` in #( _am_result=no
*the\ am__doit\ target*) for s in GNU BSD; do
am__include=include { echo "$as_me:$LINENO: ${MAKE-make} -f confmf.$s && cat confinc.out" >&5
am__quote= (${MAKE-make} -f confmf.$s && cat confinc.out) >&5 2>&5
_am_result=GNU ac_status=$?
;; echo "$as_me:$LINENO: \$? = $ac_status" >&5
esac (exit $ac_status); }
# Now try BSD make style include. case $?:`cat confinc.out 2>/dev/null` in #(
if test "$am__include" = "#"; then '0:this is the am__doit target') :
echo '.include "confinc"' > confmf case $s in #(
case `$am_make -s -f confmf 2> /dev/null` in #( BSD) :
*the\ am__doit\ target*) am__include='.include' am__quote='"' ;; #(
am__include=.include *) :
am__quote="\"" am__include='include' am__quote='' ;;
_am_result=BSD esac ;; #(
*) :
;; ;;
esac esac
fi if test "$am__include" != "#"; then
_am_result="yes ($s style)"
break
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 fi
$as_echo "$_am_result" >&6; } done
rm -f confinc confmf rm -f confinc.* confmf.*
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5
$as_echo "${_am_result}" >&6; }
# Check whether --enable-dependency-tracking was given. # Check whether --enable-dependency-tracking was given.
if test "${enable_dependency_tracking+set}" = set; then : if test "${enable_dependency_tracking+set}" = set; then :
@@ -7980,11 +7980,8 @@ _LT_EOF
test $ac_status = 0; }; then test $ac_status = 0; }; then
# Now try to grab the symbols. # Now try to grab the symbols.
nlist=conftest.nm nlist=conftest.nm
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5
(eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; } && test -s "$nlist"; then
# Try sorting and uniquifying the output. # Try sorting and uniquifying the output.
if sort "$nlist" | uniq > "$nlist"T; then if sort "$nlist" | uniq > "$nlist"T; then
mv -f "$nlist"T "$nlist" mv -f "$nlist"T "$nlist"
@@ -10064,6 +10061,12 @@ lt_prog_compiler_static=
lt_prog_compiler_pic='-KPIC' lt_prog_compiler_pic='-KPIC'
lt_prog_compiler_static='-static' lt_prog_compiler_static='-static'
;; ;;
# flang / f18. f95 an alias for gfortran or flang on Debian
flang* | f18* | f95*)
lt_prog_compiler_wl='-Wl,'
lt_prog_compiler_pic='-fPIC'
lt_prog_compiler_static='-static'
;;
# icc used to be incompatible with GCC. # icc used to be incompatible with GCC.
# ICC 10 doesn't accept -KPIC any more. # ICC 10 doesn't accept -KPIC any more.
icc* | ifort*) icc* | ifort*)
@@ -19338,7 +19341,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
# #
# INIT-COMMANDS # INIT-COMMANDS
# #
AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"
# The HP-UX ksh and POSIX shell print the target directory to stdout # The HP-UX ksh and POSIX shell print the target directory to stdout
@@ -20238,29 +20241,35 @@ $as_echo "$as_me: executing $ac_file commands" >&6;}
# Older Autoconf quotes --file arguments for eval, but not when files # Older Autoconf quotes --file arguments for eval, but not when files
# are listed without --file. Let's play safe and only enable the eval # are listed without --file. Let's play safe and only enable the eval
# if we detect the quoting. # if we detect the quoting.
case $CONFIG_FILES in # TODO: see whether this extra hack can be removed once we start
*\'*) eval set x "$CONFIG_FILES" ;; # requiring Autoconf 2.70 or later.
*) set x $CONFIG_FILES ;; case $CONFIG_FILES in #(
esac *\'*) :
eval set x "$CONFIG_FILES" ;; #(
*) :
set x $CONFIG_FILES ;; #(
*) :
;;
esac
shift shift
for mf # Used to flag and report bootstrapping failures.
am_rc=0
for am_mf
do do
# Strip MF so we end up with the name of the file. # Strip MF so we end up with the name of the file.
mf=`echo "$mf" | sed -e 's/:.*$//'` am_mf=`$as_echo "$am_mf" | sed -e 's/:.*$//'`
# Check whether this is an Automake generated Makefile or not. # Check whether this is an Automake generated Makefile which includes
# We used to match only the files named 'Makefile.in', but # dependency-tracking related rules and includes.
# some people rename them; so instead we look at the file content. # Grep'ing the whole file directly is not great: AIX grep has a line
# Grep'ing the first line is not enough: some people post-process
# each Makefile.in and add a new line on top of each file to say so.
# Grep'ing the whole file is not good either: AIX grep has a line
# limit of 2048, but all sed's we know have understand at least 4000. # limit of 2048, but all sed's we know have understand at least 4000.
if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \
dirpart=`$as_dirname -- "$mf" || || continue
$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ am_dirpart=`$as_dirname -- "$am_mf" ||
X"$mf" : 'X\(//\)[^/]' \| \ $as_expr X"$am_mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$mf" : 'X\(//\)$' \| \ X"$am_mf" : 'X\(//\)[^/]' \| \
X"$mf" : 'X\(/\)' \| . 2>/dev/null || X"$am_mf" : 'X\(//\)$' \| \
$as_echo X"$mf" | X"$am_mf" : 'X\(/\)' \| . 2>/dev/null ||
$as_echo X"$am_mf" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
s//\1/ s//\1/
q q
@@ -20278,53 +20287,48 @@ $as_echo X"$mf" |
q q
} }
s/.*/./; q'` s/.*/./; q'`
else am_filepart=`$as_basename -- "$am_mf" ||
continue $as_expr X/"$am_mf" : '.*/\([^/][^/]*\)/*$' \| \
fi X"$am_mf" : 'X\(//\)$' \| \
# Extract the definition of DEPDIR, am__include, and am__quote X"$am_mf" : 'X\(/\)' \| . 2>/dev/null ||
# from the Makefile without running 'make'. $as_echo X/"$am_mf" |
DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` sed '/^.*\/\([^/][^/]*\)\/*$/{
test -z "$DEPDIR" && continue
am__include=`sed -n 's/^am__include = //p' < "$mf"`
test -z "$am__include" && continue
am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
# Find all dependency output files, they are included files with
# $(DEPDIR) in their names. We invoke sed twice because it is the
# simplest approach to changing $(DEPDIR) to its actual value in the
# expansion.
for file in `sed -n "
s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
# Make sure the directory exists.
test -f "$dirpart/$file" && continue
fdir=`$as_dirname -- "$file" ||
$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$file" : 'X\(//\)[^/]' \| \
X"$file" : 'X\(//\)$' \| \
X"$file" : 'X\(/\)' \| . 2>/dev/null ||
$as_echo X"$file" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
s//\1/ s//\1/
q q
} }
/^X\(\/\/\)[^/].*/{ /^X\/\(\/\/\)$/{
s//\1/ s//\1/
q q
} }
/^X\(\/\/\)$/{ /^X\/\(\/\).*/{
s//\1/
q
}
/^X\(\/\).*/{
s//\1/ s//\1/
q q
} }
s/.*/./; q'` s/.*/./; q'`
as_dir=$dirpart/$fdir; as_fn_mkdir_p { echo "$as_me:$LINENO: cd "$am_dirpart" \
# echo "creating $dirpart/$file" && sed -e '/# am--include-marker/d' "$am_filepart" \
echo '# dummy' > "$dirpart/$file" | $MAKE -f - am--depfiles" >&5
done (cd "$am_dirpart" \
&& sed -e '/# am--include-marker/d' "$am_filepart" \
| $MAKE -f - am--depfiles) >&5 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } || am_rc=$?
done done
if test $am_rc -ne 0; then
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
as_fn_error $? "Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).
See \`config.log' for more details" "$LINENO" 5; }
fi
{ am_dirpart=; unset am_dirpart;}
{ am_filepart=; unset am_filepart;}
{ am_mf=; unset am_mf;}
{ am_rc=; unset am_rc;}
rm -f conftest-deps.mk
} }
;; ;;
"libtool":C) "libtool":C)

10
libssh2/depcomp Normal file → Executable file
View File

@@ -1,9 +1,9 @@
#! /bin/sh #! /bin/sh
# depcomp - compile a program generating dependencies as side-effects # depcomp - compile a program generating dependencies as side-effects
scriptversion=2013-05-30.07; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Copyright (C) 1999-2018 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@@ -16,7 +16,7 @@ scriptversion=2013-05-30.07; # UTC
# GNU General Public License for more details. # GNU General Public License for more details.
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you # As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a # distribute this file as part of a program that contains a
@@ -783,9 +783,9 @@ exit 0
# Local Variables: # Local Variables:
# mode: shell-script # mode: shell-script
# sh-indentation: 2 # sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp) # eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion=" # time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC" # time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC" # time-stamp-end: "; # UTC"
# End: # End:

0
libssh2/get_ver.awk Normal file → Executable file
View File

20
libssh2/include/libssh2.h
View File

@@ -46,13 +46,13 @@
to make the BANNER define (used by src/session.c) be a valid SSH to make the BANNER define (used by src/session.c) be a valid SSH
banner. Release versions have no appended strings and may of course not banner. Release versions have no appended strings and may of course not
have dashes either. */ have dashes either. */
#define LIBSSH2_VERSION "1.8.0" #define LIBSSH2_VERSION "1.8.1"
/* The numeric version number is also available "in parts" by using these /* The numeric version number is also available "in parts" by using these
defines: */ defines: */
#define LIBSSH2_VERSION_MAJOR 1 #define LIBSSH2_VERSION_MAJOR 1
#define LIBSSH2_VERSION_MINOR 8 #define LIBSSH2_VERSION_MINOR 8
#define LIBSSH2_VERSION_PATCH 0 #define LIBSSH2_VERSION_PATCH 1
/* This is the numeric version of the libssh2 version number, meant for easier /* This is the numeric version of the libssh2 version number, meant for easier
parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
@@ -69,7 +69,7 @@
and it is always a greater number in a more recent release. It makes and it is always a greater number in a more recent release. It makes
comparisons with greater than and less than work. comparisons with greater than and less than work.
*/ */
#define LIBSSH2_VERSION_NUM 0x010800 #define LIBSSH2_VERSION_NUM 0x010801
/* /*
* This is the date and time when the full source package was created. The * This is the date and time when the full source package was created. The
@@ -80,7 +80,7 @@
* *
* "Mon Feb 12 11:35:33 UTC 2007" * "Mon Feb 12 11:35:33 UTC 2007"
*/ */
#define LIBSSH2_TIMESTAMP "Tue Oct 25 06:44:33 UTC 2016" #define LIBSSH2_TIMESTAMP "Mon Mar 18 21:30:25 UTC 2019"
#ifndef RC_INVOKED #ifndef RC_INVOKED
@@ -145,6 +145,18 @@ typedef int libssh2_socket_t;
#define LIBSSH2_INVALID_SOCKET -1 #define LIBSSH2_INVALID_SOCKET -1
#endif /* WIN32 */ #endif /* WIN32 */
#ifndef SIZE_MAX
#if _WIN64
#define SIZE_MAX 0xFFFFFFFFFFFFFFFF
#else
#define SIZE_MAX 0xFFFFFFFF
#endif
#endif
#ifndef UINT_MAX
#define UINT_MAX 0xFFFFFFFF
#endif
/* /*
* Determine whether there is small or large file support on windows. * Determine whether there is small or large file support on windows.
*/ */

2
libssh2/libssh2v.h
View File

@@ -1,2 +0,0 @@
#define LIBSSH2_VERSION_TEXT "Libssh2 1.8.0"

213
libssh2/ltmain.sh
View File

@@ -31,7 +31,7 @@
PROGRAM=libtool PROGRAM=libtool
PACKAGE=libtool PACKAGE=libtool
VERSION="2.4.6 Debian-2.4.6-2" VERSION="2.4.6 Debian-2.4.6-10"
package_revision=2.4.6 package_revision=2.4.6
@@ -1370,7 +1370,7 @@ func_lt_ver ()
#! /bin/sh #! /bin/sh
# Set a version string for this script. # Set a version string for this script.
scriptversion=2014-01-07.03; # UTC scriptversion=2015-10-07.11; # UTC
# A portable, pluggable option parser for Bourne shell. # A portable, pluggable option parser for Bourne shell.
# Written by Gary V. Vaughan, 2010 # Written by Gary V. Vaughan, 2010
@@ -1530,6 +1530,8 @@ func_run_hooks ()
{ {
$debug_cmd $debug_cmd
_G_rc_run_hooks=false
case " $hookable_fns " in case " $hookable_fns " in
*" $1 "*) ;; *" $1 "*) ;;
*) func_fatal_error "'$1' does not support hook funcions.n" ;; *) func_fatal_error "'$1' does not support hook funcions.n" ;;
@@ -1538,16 +1540,16 @@ func_run_hooks ()
eval _G_hook_fns=\$$1_hooks; shift eval _G_hook_fns=\$$1_hooks; shift
for _G_hook in $_G_hook_fns; do for _G_hook in $_G_hook_fns; do
eval $_G_hook '"$@"' if eval $_G_hook '"$@"'; then
# store returned options list back into positional
# store returned options list back into positional # parameters for next 'cmd' execution.
# parameters for next 'cmd' execution. eval _G_hook_result=\$${_G_hook}_result
eval _G_hook_result=\$${_G_hook}_result eval set dummy "$_G_hook_result"; shift
eval set dummy "$_G_hook_result"; shift _G_rc_run_hooks=:
fi
done done
func_quote_for_eval ${1+"$@"} $_G_rc_run_hooks && func_run_hooks_result=$_G_hook_result
func_run_hooks_result=$func_quote_for_eval_result
} }
@@ -1557,10 +1559,16 @@ func_run_hooks ()
## --------------- ## ## --------------- ##
# In order to add your own option parsing hooks, you must accept the # In order to add your own option parsing hooks, you must accept the
# full positional parameter list in your hook function, remove any # full positional parameter list in your hook function, you may remove/edit
# options that you action, and then pass back the remaining unprocessed # any options that you action, and then pass back the remaining unprocessed
# options in '<hooked_function_name>_result', escaped suitably for # options in '<hooked_function_name>_result', escaped suitably for
# 'eval'. Like this: # 'eval'. In this case you also must return $EXIT_SUCCESS to let the
# hook's caller know that it should pay attention to
# '<hooked_function_name>_result'. Returning $EXIT_FAILURE signalizes that
# arguments are left untouched by the hook and therefore caller will ignore the
# result variable.
#
# Like this:
# #
# my_options_prep () # my_options_prep ()
# { # {
@@ -1570,9 +1578,11 @@ func_run_hooks ()
# usage_message=$usage_message' # usage_message=$usage_message'
# -s, --silent don'\''t print informational messages # -s, --silent don'\''t print informational messages
# ' # '
# # # No change in '$@' (ignored completely by this hook). There is
# func_quote_for_eval ${1+"$@"} # # no need to do the equivalent (but slower) action:
# my_options_prep_result=$func_quote_for_eval_result # # func_quote_for_eval ${1+"$@"}
# # my_options_prep_result=$func_quote_for_eval_result
# false
# } # }
# func_add_hook func_options_prep my_options_prep # func_add_hook func_options_prep my_options_prep
# #
@@ -1581,25 +1591,37 @@ func_run_hooks ()
# { # {
# $debug_cmd # $debug_cmd
# #
# args_changed=false
#
# # Note that for efficiency, we parse as many options as we can # # Note that for efficiency, we parse as many options as we can
# # recognise in a loop before passing the remainder back to the # # recognise in a loop before passing the remainder back to the
# # caller on the first unrecognised argument we encounter. # # caller on the first unrecognised argument we encounter.
# while test $# -gt 0; do # while test $# -gt 0; do
# opt=$1; shift # opt=$1; shift
# case $opt in # case $opt in
# --silent|-s) opt_silent=: ;; # --silent|-s) opt_silent=:
# args_changed=:
# ;;
# # Separate non-argument short options: # # Separate non-argument short options:
# -s*) func_split_short_opt "$_G_opt" # -s*) func_split_short_opt "$_G_opt"
# set dummy "$func_split_short_opt_name" \ # set dummy "$func_split_short_opt_name" \
# "-$func_split_short_opt_arg" ${1+"$@"} # "-$func_split_short_opt_arg" ${1+"$@"}
# shift # shift
# args_changed=:
# ;; # ;;
# *) set dummy "$_G_opt" "$*"; shift; break ;; # *) # Make sure the first unrecognised option "$_G_opt"
# # is added back to "$@", we could need that later
# # if $args_changed is true.
# set dummy "$_G_opt" ${1+"$@"}; shift; break ;;
# esac # esac
# done # done
# #
# func_quote_for_eval ${1+"$@"} # if $args_changed; then
# my_silent_option_result=$func_quote_for_eval_result # func_quote_for_eval ${1+"$@"}
# my_silent_option_result=$func_quote_for_eval_result
# fi
#
# $args_changed
# } # }
# func_add_hook func_parse_options my_silent_option # func_add_hook func_parse_options my_silent_option
# #
@@ -1611,16 +1633,32 @@ func_run_hooks ()
# $opt_silent && $opt_verbose && func_fatal_help "\ # $opt_silent && $opt_verbose && func_fatal_help "\
# '--silent' and '--verbose' options are mutually exclusive." # '--silent' and '--verbose' options are mutually exclusive."
# #
# func_quote_for_eval ${1+"$@"} # false
# my_option_validation_result=$func_quote_for_eval_result
# } # }
# func_add_hook func_validate_options my_option_validation # func_add_hook func_validate_options my_option_validation
# #
# You'll alse need to manually amend $usage_message to reflect the extra # You'll also need to manually amend $usage_message to reflect the extra
# options you parse. It's preferable to append if you can, so that # options you parse. It's preferable to append if you can, so that
# multiple option parsing hooks can be added safely. # multiple option parsing hooks can be added safely.
# func_options_finish [ARG]...
# ----------------------------
# Finishing the option parse loop (call 'func_options' hooks ATM).
func_options_finish ()
{
$debug_cmd
_G_func_options_finish_exit=false
if func_run_hooks func_options ${1+"$@"}; then
func_options_finish_result=$func_run_hooks_result
_G_func_options_finish_exit=:
fi
$_G_func_options_finish_exit
}
# func_options [ARG]... # func_options [ARG]...
# --------------------- # ---------------------
# All the functions called inside func_options are hookable. See the # All the functions called inside func_options are hookable. See the
@@ -1630,17 +1668,28 @@ func_options ()
{ {
$debug_cmd $debug_cmd
func_options_prep ${1+"$@"} _G_rc_options=false
eval func_parse_options \
${func_options_prep_result+"$func_options_prep_result"}
eval func_validate_options \
${func_parse_options_result+"$func_parse_options_result"}
eval func_run_hooks func_options \ for my_func in options_prep parse_options validate_options options_finish
${func_validate_options_result+"$func_validate_options_result"} do
if eval func_$my_func '${1+"$@"}'; then
eval _G_res_var='$'"func_${my_func}_result"
eval set dummy "$_G_res_var" ; shift
_G_rc_options=:
fi
done
# save modified positional parameters for caller # Save modified positional parameters for caller. As a top-level
func_options_result=$func_run_hooks_result # options-parser function we always need to set the 'func_options_result'
# variable (regardless the $_G_rc_options value).
if $_G_rc_options; then
func_options_result=$_G_res_var
else
func_quote_for_eval ${1+"$@"}
func_options_result=$func_quote_for_eval_result
fi
$_G_rc_options
} }
@@ -1649,9 +1698,9 @@ func_options ()
# All initialisations required before starting the option parse loop. # All initialisations required before starting the option parse loop.
# Note that when calling hook functions, we pass through the list of # Note that when calling hook functions, we pass through the list of
# positional parameters. If a hook function modifies that list, and # positional parameters. If a hook function modifies that list, and
# needs to propogate that back to rest of this script, then the complete # needs to propagate that back to rest of this script, then the complete
# modified list must be put in 'func_run_hooks_result' before # modified list must be put in 'func_run_hooks_result' before
# returning. # returning $EXIT_SUCCESS (otherwise $EXIT_FAILURE is returned).
func_hookable func_options_prep func_hookable func_options_prep
func_options_prep () func_options_prep ()
{ {
@@ -1661,10 +1710,14 @@ func_options_prep ()
opt_verbose=false opt_verbose=false
opt_warning_types= opt_warning_types=
func_run_hooks func_options_prep ${1+"$@"} _G_rc_options_prep=false
if func_run_hooks func_options_prep ${1+"$@"}; then
_G_rc_options_prep=:
# save modified positional parameters for caller
func_options_prep_result=$func_run_hooks_result
fi
# save modified positional parameters for caller $_G_rc_options_prep
func_options_prep_result=$func_run_hooks_result
} }
@@ -1678,18 +1731,20 @@ func_parse_options ()
func_parse_options_result= func_parse_options_result=
_G_rc_parse_options=false
# this just eases exit handling # this just eases exit handling
while test $# -gt 0; do while test $# -gt 0; do
# Defer to hook functions for initial option parsing, so they # Defer to hook functions for initial option parsing, so they
# get priority in the event of reusing an option name. # get priority in the event of reusing an option name.
func_run_hooks func_parse_options ${1+"$@"} if func_run_hooks func_parse_options ${1+"$@"}; then
eval set dummy "$func_run_hooks_result"; shift
# Adjust func_parse_options positional parameters to match _G_rc_parse_options=:
eval set dummy "$func_run_hooks_result"; shift fi
# Break out of the loop if we already parsed every option. # Break out of the loop if we already parsed every option.
test $# -gt 0 || break test $# -gt 0 || break
_G_match_parse_options=:
_G_opt=$1 _G_opt=$1
shift shift
case $_G_opt in case $_G_opt in
@@ -1704,7 +1759,10 @@ func_parse_options ()
;; ;;
--warnings|--warning|-W) --warnings|--warning|-W)
test $# = 0 && func_missing_arg $_G_opt && break if test $# = 0 && func_missing_arg $_G_opt; then
_G_rc_parse_options=:
break
fi
case " $warning_categories $1" in case " $warning_categories $1" in
*" $1 "*) *" $1 "*)
# trailing space prevents matching last $1 above # trailing space prevents matching last $1 above
@@ -1757,15 +1815,25 @@ func_parse_options ()
shift shift
;; ;;
--) break ;; --) _G_rc_parse_options=: ; break ;;
-*) func_fatal_help "unrecognised option: '$_G_opt'" ;; -*) func_fatal_help "unrecognised option: '$_G_opt'" ;;
*) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; *) set dummy "$_G_opt" ${1+"$@"}; shift
_G_match_parse_options=false
break
;;
esac esac
$_G_match_parse_options && _G_rc_parse_options=:
done done
# save modified positional parameters for caller
func_quote_for_eval ${1+"$@"} if $_G_rc_parse_options; then
func_parse_options_result=$func_quote_for_eval_result # save modified positional parameters for caller
func_quote_for_eval ${1+"$@"}
func_parse_options_result=$func_quote_for_eval_result
fi
$_G_rc_parse_options
} }
@@ -1778,16 +1846,21 @@ func_validate_options ()
{ {
$debug_cmd $debug_cmd
_G_rc_validate_options=false
# Display all warnings if -W was not given. # Display all warnings if -W was not given.
test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" test -n "$opt_warning_types" || opt_warning_types=" $warning_categories"
func_run_hooks func_validate_options ${1+"$@"} if func_run_hooks func_validate_options ${1+"$@"}; then
# save modified positional parameters for caller
func_validate_options_result=$func_run_hooks_result
_G_rc_validate_options=:
fi
# Bail if the options were screwed! # Bail if the options were screwed!
$exit_cmd $EXIT_FAILURE $exit_cmd $EXIT_FAILURE
# save modified positional parameters for caller $_G_rc_validate_options
func_validate_options_result=$func_run_hooks_result
} }
@@ -2068,7 +2141,7 @@ include the following information:
compiler: $LTCC compiler: $LTCC
compiler flags: $LTCFLAGS compiler flags: $LTCFLAGS
linker: $LD (gnu? $with_gnu_ld) linker: $LD (gnu? $with_gnu_ld)
version: $progname $scriptversion Debian-2.4.6-2 version: $progname $scriptversion Debian-2.4.6-10
automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q`
autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q`
@@ -2270,6 +2343,8 @@ libtool_options_prep ()
nonopt= nonopt=
preserve_args= preserve_args=
_G_rc_lt_options_prep=:
# Shorthand for --mode=foo, only valid as the first argument # Shorthand for --mode=foo, only valid as the first argument
case $1 in case $1 in
clean|clea|cle|cl) clean|clea|cle|cl)
@@ -2293,11 +2368,18 @@ libtool_options_prep ()
uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
shift; set dummy --mode uninstall ${1+"$@"}; shift shift; set dummy --mode uninstall ${1+"$@"}; shift
;; ;;
*)
_G_rc_lt_options_prep=false
;;
esac esac
# Pass back the list of options. if $_G_rc_lt_options_prep; then
func_quote_for_eval ${1+"$@"} # Pass back the list of options.
libtool_options_prep_result=$func_quote_for_eval_result func_quote_for_eval ${1+"$@"}
libtool_options_prep_result=$func_quote_for_eval_result
fi
$_G_rc_lt_options_prep
} }
func_add_hook func_options_prep libtool_options_prep func_add_hook func_options_prep libtool_options_prep
@@ -2309,9 +2391,12 @@ libtool_parse_options ()
{ {
$debug_cmd $debug_cmd
_G_rc_lt_parse_options=false
# Perform our own loop to consume as many options as possible in # Perform our own loop to consume as many options as possible in
# each iteration. # each iteration.
while test $# -gt 0; do while test $# -gt 0; do
_G_match_lt_parse_options=:
_G_opt=$1 _G_opt=$1
shift shift
case $_G_opt in case $_G_opt in
@@ -2386,15 +2471,22 @@ libtool_parse_options ()
func_append preserve_args " $_G_opt" func_append preserve_args " $_G_opt"
;; ;;
# An option not handled by this hook function: # An option not handled by this hook function:
*) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; *) set dummy "$_G_opt" ${1+"$@"} ; shift
_G_match_lt_parse_options=false
break
;;
esac esac
$_G_match_lt_parse_options && _G_rc_lt_parse_options=:
done done
if $_G_rc_lt_parse_options; then
# save modified positional parameters for caller
func_quote_for_eval ${1+"$@"}
libtool_parse_options_result=$func_quote_for_eval_result
fi
# save modified positional parameters for caller $_G_rc_lt_parse_options
func_quote_for_eval ${1+"$@"}
libtool_parse_options_result=$func_quote_for_eval_result
} }
func_add_hook func_parse_options libtool_parse_options func_add_hook func_parse_options libtool_parse_options
@@ -7275,10 +7367,11 @@ func_mode_link ()
# -specs=* GCC specs files # -specs=* GCC specs files
# -stdlib=* select c++ std lib with clang # -stdlib=* select c++ std lib with clang
# -fsanitize=* Clang/GCC memory and address sanitizer # -fsanitize=* Clang/GCC memory and address sanitizer
# -fuse-ld=* Linker select flags for GCC
-64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
-t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \
-O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \
-specs=*|-fsanitize=*) -specs=*|-fsanitize=*|-fuse-ld=*)
func_quote_for_eval "$arg" func_quote_for_eval "$arg"
arg=$func_quote_for_eval_result arg=$func_quote_for_eval_result
func_append compile_command " $arg" func_append compile_command " $arg"

21
libssh2/m4/libtool.m4 vendored
View File

@@ -4063,7 +4063,8 @@ _LT_EOF
if AC_TRY_EVAL(ac_compile); then if AC_TRY_EVAL(ac_compile); then
# Now try to grab the symbols. # Now try to grab the symbols.
nlist=conftest.nm nlist=conftest.nm
if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&AS_MESSAGE_LOG_FD
if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&AS_MESSAGE_LOG_FD && test -s "$nlist"; then
# Try sorting and uniquifying the output. # Try sorting and uniquifying the output.
if sort "$nlist" | uniq > "$nlist"T; then if sort "$nlist" | uniq > "$nlist"T; then
mv -f "$nlist"T "$nlist" mv -f "$nlist"T "$nlist"
@@ -4703,6 +4704,12 @@ m4_if([$1], [CXX], [
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-static' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
;; ;;
# flang / f18. f95 an alias for gfortran or flang on Debian
flang* | f18* | f95*)
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
;;
# icc used to be incompatible with GCC. # icc used to be incompatible with GCC.
# ICC 10 doesn't accept -KPIC any more. # ICC 10 doesn't accept -KPIC any more.
icc* | ifort*) icc* | ifort*)
@@ -6438,7 +6445,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# Commands to make compiler produce verbose output that lists # Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when # what "hidden" libraries, object files and flags are used when
# linking a shared library. # linking a shared library.
output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
else else
GXX=no GXX=no
@@ -6813,7 +6820,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# explicitly linking system object files so we need to strip them # explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library # from the output so that they don't get included in the library
# dependencies. # dependencies.
output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
;; ;;
*) *)
if test yes = "$GXX"; then if test yes = "$GXX"; then
@@ -6878,7 +6885,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# explicitly linking system object files so we need to strip them # explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library # from the output so that they don't get included in the library
# dependencies. # dependencies.
output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
;; ;;
*) *)
if test yes = "$GXX"; then if test yes = "$GXX"; then
@@ -7217,7 +7224,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# Commands to make compiler produce verbose output that lists # Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when # what "hidden" libraries, object files and flags are used when
# linking a shared library. # linking a shared library.
output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
else else
# FIXME: insert proper C++ library support # FIXME: insert proper C++ library support
@@ -7301,7 +7308,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# Commands to make compiler produce verbose output that lists # Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when # what "hidden" libraries, object files and flags are used when
# linking a shared library. # linking a shared library.
output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
else else
# g++ 2.7 appears to require '-G' NOT '-shared' on this # g++ 2.7 appears to require '-G' NOT '-shared' on this
# platform. # platform.
@@ -7312,7 +7319,7 @@ if test yes != "$_lt_caught_CXX_error"; then
# Commands to make compiler produce verbose output that lists # Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when # what "hidden" libraries, object files and flags are used when
# linking a shared library. # linking a shared library.
output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
fi fi
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir'

0
libssh2/maketgz Normal file → Executable file
View File

16
libssh2/missing Normal file → Executable file
View File

@@ -1,9 +1,9 @@
#! /bin/sh #! /bin/sh
# Common wrapper for a few potentially missing GNU programs. # Common wrapper for a few potentially missing GNU programs.
scriptversion=2013-10-28.13; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Copyright (C) 1996-2018 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. # Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@@ -17,7 +17,7 @@ scriptversion=2013-10-28.13; # UTC
# GNU General Public License for more details. # GNU General Public License for more details.
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you # As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a # distribute this file as part of a program that contains a
@@ -101,9 +101,9 @@ else
exit $st exit $st
fi fi
perl_URL=http://www.perl.org/ perl_URL=https://www.perl.org/
flex_URL=http://flex.sourceforge.net/ flex_URL=https://github.com/westes/flex
gnu_software_URL=http://www.gnu.org/software gnu_software_URL=https://www.gnu.org/software
program_details () program_details ()
{ {
@@ -207,9 +207,9 @@ give_advice "$1" | sed -e '1s/^/WARNING: /' \
exit $st exit $st
# Local variables: # Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp) # eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion=" # time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC" # time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC" # time-stamp-end: "; # UTC"
# End: # End:

142
libssh2/src/Makefile.in
View File

@@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15 from Makefile.am. # Makefile.in generated by automake 1.16.1 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2014 Free Software Foundation, Inc. # Copyright (C) 1994-2018 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@@ -176,7 +176,20 @@ am__v_at_0 = @
am__v_at_1 = am__v_at_1 =
DEFAULT_INCLUDES = DEFAULT_INCLUDES =
depcomp = $(SHELL) $(top_srcdir)/depcomp depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/agent.Plo ./$(DEPDIR)/channel.Plo \
./$(DEPDIR)/comp.Plo ./$(DEPDIR)/crypt.Plo \
./$(DEPDIR)/global.Plo ./$(DEPDIR)/hostkey.Plo \
./$(DEPDIR)/keepalive.Plo ./$(DEPDIR)/kex.Plo \
./$(DEPDIR)/knownhost.Plo ./$(DEPDIR)/libgcrypt.Plo \
./$(DEPDIR)/mac.Plo ./$(DEPDIR)/mbedtls.Plo \
./$(DEPDIR)/misc.Plo ./$(DEPDIR)/openssl.Plo \
./$(DEPDIR)/os400qc3.Plo ./$(DEPDIR)/packet.Plo \
./$(DEPDIR)/pem.Plo ./$(DEPDIR)/publickey.Plo \
./$(DEPDIR)/scp.Plo ./$(DEPDIR)/session.Plo \
./$(DEPDIR)/sftp.Plo ./$(DEPDIR)/transport.Plo \
./$(DEPDIR)/userauth.Plo ./$(DEPDIR)/version.Plo \
./$(DEPDIR)/wincng.Plo
am__mv = mv -f am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -463,8 +476,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
*config.status*) \ *config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \ *) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac; esac;
$(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.os400qc3.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__empty): $(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.os400qc3.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__empty):
@@ -536,31 +549,37 @@ mostlyclean-compile:
distclean-compile: distclean-compile:
-rm -f *.tab.c -rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/os400qc3.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/os400qc3.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scp.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ # am--include-marker
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@echo '# dummy' >$@-t && $(am__mv) $@-t $@
am--depfiles: $(am__depfiles_remade)
.c.o: .c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -641,7 +660,10 @@ cscopelist-am: $(am__tagged_files)
distclean-tags: distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES) distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \ list='$(DISTFILES)'; \
@@ -714,7 +736,31 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am mostlyclean-am
distclean: distclean-am distclean: distclean-am
-rm -rf ./$(DEPDIR) -rm -f ./$(DEPDIR)/agent.Plo
-rm -f ./$(DEPDIR)/channel.Plo
-rm -f ./$(DEPDIR)/comp.Plo
-rm -f ./$(DEPDIR)/crypt.Plo
-rm -f ./$(DEPDIR)/global.Plo
-rm -f ./$(DEPDIR)/hostkey.Plo
-rm -f ./$(DEPDIR)/keepalive.Plo
-rm -f ./$(DEPDIR)/kex.Plo
-rm -f ./$(DEPDIR)/knownhost.Plo
-rm -f ./$(DEPDIR)/libgcrypt.Plo
-rm -f ./$(DEPDIR)/mac.Plo
-rm -f ./$(DEPDIR)/mbedtls.Plo
-rm -f ./$(DEPDIR)/misc.Plo
-rm -f ./$(DEPDIR)/openssl.Plo
-rm -f ./$(DEPDIR)/os400qc3.Plo
-rm -f ./$(DEPDIR)/packet.Plo
-rm -f ./$(DEPDIR)/pem.Plo
-rm -f ./$(DEPDIR)/publickey.Plo
-rm -f ./$(DEPDIR)/scp.Plo
-rm -f ./$(DEPDIR)/session.Plo
-rm -f ./$(DEPDIR)/sftp.Plo
-rm -f ./$(DEPDIR)/transport.Plo
-rm -f ./$(DEPDIR)/userauth.Plo
-rm -f ./$(DEPDIR)/version.Plo
-rm -f ./$(DEPDIR)/wincng.Plo
-rm -f Makefile -rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \ distclean-am: clean-am distclean-compile distclean-generic \
distclean-hdr distclean-tags distclean-hdr distclean-tags
@@ -760,7 +806,31 @@ install-ps-am:
installcheck-am: installcheck-am:
maintainer-clean: maintainer-clean-am maintainer-clean: maintainer-clean-am
-rm -rf ./$(DEPDIR) -rm -f ./$(DEPDIR)/agent.Plo
-rm -f ./$(DEPDIR)/channel.Plo
-rm -f ./$(DEPDIR)/comp.Plo
-rm -f ./$(DEPDIR)/crypt.Plo
-rm -f ./$(DEPDIR)/global.Plo
-rm -f ./$(DEPDIR)/hostkey.Plo
-rm -f ./$(DEPDIR)/keepalive.Plo
-rm -f ./$(DEPDIR)/kex.Plo
-rm -f ./$(DEPDIR)/knownhost.Plo
-rm -f ./$(DEPDIR)/libgcrypt.Plo
-rm -f ./$(DEPDIR)/mac.Plo
-rm -f ./$(DEPDIR)/mbedtls.Plo
-rm -f ./$(DEPDIR)/misc.Plo
-rm -f ./$(DEPDIR)/openssl.Plo
-rm -f ./$(DEPDIR)/os400qc3.Plo
-rm -f ./$(DEPDIR)/packet.Plo
-rm -f ./$(DEPDIR)/pem.Plo
-rm -f ./$(DEPDIR)/publickey.Plo
-rm -f ./$(DEPDIR)/scp.Plo
-rm -f ./$(DEPDIR)/session.Plo
-rm -f ./$(DEPDIR)/sftp.Plo
-rm -f ./$(DEPDIR)/transport.Plo
-rm -f ./$(DEPDIR)/userauth.Plo
-rm -f ./$(DEPDIR)/version.Plo
-rm -f ./$(DEPDIR)/wincng.Plo
-rm -f Makefile -rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -781,9 +851,9 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: all install-am install-strip .MAKE: all install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
ctags-am distclean distclean-compile distclean-generic \ ctags ctags-am distclean distclean-compile distclean-generic \
distclean-hdr distclean-libtool distclean-tags distdir dvi \ distclean-hdr distclean-libtool distclean-tags distdir dvi \
dvi-am html html-am info info-am install install-am \ dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \ install-data install-data-am install-dvi install-dvi-am \

26
libssh2/src/channel.c
View File

@@ -238,7 +238,20 @@ _libssh2_channel_open(LIBSSH2_SESSION * session, const char *channel_type,
goto channel_error; goto channel_error;
} }
if(session->open_data_len < 1) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
goto channel_error;
}
if (session->open_data[0] == SSH_MSG_CHANNEL_OPEN_CONFIRMATION) { if (session->open_data[0] == SSH_MSG_CHANNEL_OPEN_CONFIRMATION) {
if(session->open_data_len < 17) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
goto channel_error;
}
session->open_channel->remote.id = session->open_channel->remote.id =
_libssh2_ntohu32(session->open_data + 5); _libssh2_ntohu32(session->open_data + 5);
session->open_channel->local.window_size = session->open_channel->local.window_size =
@@ -518,7 +531,7 @@ channel_forward_listen(LIBSSH2_SESSION * session, const char *host,
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block"); _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
return NULL; return NULL;
} else if (rc) { } else if (rc || data_len < 1) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO, "Unknown"); _libssh2_error(session, LIBSSH2_ERROR_PROTO, "Unknown");
session->fwdLstn_state = libssh2_NB_state_idle; session->fwdLstn_state = libssh2_NB_state_idle;
return NULL; return NULL;
@@ -855,6 +868,11 @@ static int channel_setenv(LIBSSH2_CHANNEL *channel,
channel->setenv_state = libssh2_NB_state_idle; channel->setenv_state = libssh2_NB_state_idle;
return rc; return rc;
} }
else if(data_len < 1) {
channel->setenv_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
}
if (data[0] == SSH_MSG_CHANNEL_SUCCESS) { if (data[0] == SSH_MSG_CHANNEL_SUCCESS) {
LIBSSH2_FREE(session, data); LIBSSH2_FREE(session, data);
@@ -971,7 +989,7 @@ static int channel_request_pty(LIBSSH2_CHANNEL *channel,
&channel->reqPTY_packet_requirev_state); &channel->reqPTY_packet_requirev_state);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { } else if (rc || data_len < 1) {
channel->reqPTY_state = libssh2_NB_state_idle; channel->reqPTY_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_PROTO, return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Failed to require the PTY package"); "Failed to require the PTY package");
@@ -1197,7 +1215,7 @@ channel_x11_req(LIBSSH2_CHANNEL *channel, int single_connection,
&channel->reqX11_packet_requirev_state); &channel->reqX11_packet_requirev_state);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { } else if (rc || data_len < 1) {
channel->reqX11_state = libssh2_NB_state_idle; channel->reqX11_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"waiting for x11-req response packet"); "waiting for x11-req response packet");
@@ -1324,7 +1342,7 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
&channel->process_packet_requirev_state); &channel->process_packet_requirev_state);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { } else if (rc || data_len < 1) {
channel->process_state = libssh2_NB_state_end; channel->process_state = libssh2_NB_state_end;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Failed waiting for channel success"); "Failed waiting for channel success");

9
libssh2/src/comp.c
View File

@@ -224,7 +224,12 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
/* A short-term alloc of a full data chunk is better than a series of /* A short-term alloc of a full data chunk is better than a series of
reallocs */ reallocs */
char *out; char *out;
int out_maxlen = 4 * src_len; size_t out_maxlen = src_len;
if (src_len <= SIZE_MAX / 4)
out_maxlen = src_len * 4;
else
out_maxlen = payload_limit;
/* If strm is null, then we have not yet been initialized. */ /* If strm is null, then we have not yet been initialized. */
if (strm == NULL) if (strm == NULL)
@@ -271,7 +276,7 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
"decompression failure"); "decompression failure");
} }
if (out_maxlen >= (int) payload_limit) { if (out_maxlen > (int) payload_limit || out_maxlen > SIZE_MAX / 2) {
LIBSSH2_FREE(session, out); LIBSSH2_FREE(session, out);
return _libssh2_error(session, LIBSSH2_ERROR_ZLIB, return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
"Excessive growth in decompression phase"); "Excessive growth in decompression phase");

24
libssh2/src/kex.c
View File

@@ -228,11 +228,23 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
} }
/* Parse KEXDH_REPLY */ /* Parse KEXDH_REPLY */
if(exchange_state->s_packet_len < 5) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet length");
goto clean_exit;
}
exchange_state->s = exchange_state->s_packet + 1; exchange_state->s = exchange_state->s_packet + 1;
session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s); session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s);
exchange_state->s += 4; exchange_state->s += 4;
if(session->server_hostkey_len > exchange_state->s_packet_len - 5) {
ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
"Host key length out of bounds");
goto clean_exit;
}
if (session->server_hostkey) if (session->server_hostkey)
LIBSSH2_FREE(session, session->server_hostkey); LIBSSH2_FREE(session, session->server_hostkey);
@@ -848,11 +860,23 @@ static int diffie_hellman_sha256(LIBSSH2_SESSION *session,
} }
/* Parse KEXDH_REPLY */ /* Parse KEXDH_REPLY */
if(exchange_state->s_packet_len < 5) {
ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet length");
goto clean_exit;
}
exchange_state->s = exchange_state->s_packet + 1; exchange_state->s = exchange_state->s_packet + 1;
session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s); session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s);
exchange_state->s += 4; exchange_state->s += 4;
if(session->server_hostkey_len > exchange_state->s_packet_len - 5) {
ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
"Host key length out of bounds");
goto clean_exit;
}
if (session->server_hostkey) if (session->server_hostkey)
LIBSSH2_FREE(session, session->server_hostkey); LIBSSH2_FREE(session, session->server_hostkey);

4
libssh2/src/openssl.c
View File

@@ -1062,7 +1062,6 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
"Unable to extract public key from private key " "Unable to extract public key from private key "
"file: Unable to open private key file"); "file: Unable to open private key file");
} }
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (!EVP_get_cipherbyname("des")) { if (!EVP_get_cipherbyname("des")) {
/* If this cipher isn't loaded it's a pretty good indication that none /* If this cipher isn't loaded it's a pretty good indication that none
* are. I have *NO DOUBT* that there's a better way to deal with this * are. I have *NO DOUBT* that there's a better way to deal with this
@@ -1071,7 +1070,6 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
*/ */
OpenSSL_add_all_ciphers(); OpenSSL_add_all_ciphers();
} }
#endif
BIO_reset(bp); BIO_reset(bp);
pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void*)passphrase); pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void*)passphrase);
BIO_free(bp); BIO_free(bp);
@@ -1140,7 +1138,6 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
if (!bp) { if (!bp) {
return -1; return -1;
} }
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (!EVP_get_cipherbyname("des")) { if (!EVP_get_cipherbyname("des")) {
/* If this cipher isn't loaded it's a pretty good indication that none /* If this cipher isn't loaded it's a pretty good indication that none
* are. I have *NO DOUBT* that there's a better way to deal with this * are. I have *NO DOUBT* that there's a better way to deal with this
@@ -1149,7 +1146,6 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
*/ */
OpenSSL_add_all_ciphers(); OpenSSL_add_all_ciphers();
} }
#endif
BIO_reset(bp); BIO_reset(bp);
pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void*)passphrase); pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void*)passphrase);
BIO_free(bp); BIO_free(bp);

6
libssh2/src/openssl.h
View File

@@ -226,16 +226,10 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx);
#define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx) #define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx)
#endif #endif
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
#define libssh2_crypto_init() \
ENGINE_load_builtin_engines(); \
ENGINE_register_all_complete()
#else
#define libssh2_crypto_init() \ #define libssh2_crypto_init() \
OpenSSL_add_all_algorithms(); \ OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); \ ENGINE_load_builtin_engines(); \
ENGINE_register_all_complete() ENGINE_register_all_complete()
#endif
#define libssh2_crypto_exit() #define libssh2_crypto_exit()

25
libssh2/src/packet.c
View File

@@ -775,8 +775,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
uint32_t len = _libssh2_ntohu32(data + 5); uint32_t len = _libssh2_ntohu32(data + 5);
unsigned char want_reply = 1; unsigned char want_reply = 1;
if(len < (datalen - 10)) if((len + 9) < datalen)
want_reply = data[9 + len]; want_reply = data[len + 9];
_libssh2_debug(session, _libssh2_debug(session,
LIBSSH2_TRACE_CONN, LIBSSH2_TRACE_CONN,
@@ -784,6 +784,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
channel, len, data + 9, want_reply); channel, len, data + 9, want_reply);
if (len == sizeof("exit-status") - 1 if (len == sizeof("exit-status") - 1
&& (sizeof("exit-status") - 1 + 9) <= datalen
&& !memcmp("exit-status", data + 9, && !memcmp("exit-status", data + 9,
sizeof("exit-status") - 1)) { sizeof("exit-status") - 1)) {
@@ -792,7 +793,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
channelp = channelp =
_libssh2_channel_locate(session, channel); _libssh2_channel_locate(session, channel);
if (channelp) { if (channelp && (sizeof("exit-status") + 13) <= datalen) {
channelp->exit_status = channelp->exit_status =
_libssh2_ntohu32(data + 9 + sizeof("exit-status")); _libssh2_ntohu32(data + 9 + sizeof("exit-status"));
_libssh2_debug(session, LIBSSH2_TRACE_CONN, _libssh2_debug(session, LIBSSH2_TRACE_CONN,
@@ -805,24 +806,32 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
} }
else if (len == sizeof("exit-signal") - 1 else if (len == sizeof("exit-signal") - 1
&& (sizeof("exit-signal") - 1 + 9) <= datalen
&& !memcmp("exit-signal", data + 9, && !memcmp("exit-signal", data + 9,
sizeof("exit-signal") - 1)) { sizeof("exit-signal") - 1)) {
/* command terminated due to signal */ /* command terminated due to signal */
if(datalen >= 20) if(datalen >= 20)
channelp = _libssh2_channel_locate(session, channel); channelp = _libssh2_channel_locate(session, channel);
if (channelp) { if (channelp && (sizeof("exit-signal") + 13) <= datalen) {
/* set signal name (without SIG prefix) */ /* set signal name (without SIG prefix) */
uint32_t namelen = uint32_t namelen =
_libssh2_ntohu32(data + 9 + sizeof("exit-signal")); _libssh2_ntohu32(data + 9 + sizeof("exit-signal"));
channelp->exit_signal =
LIBSSH2_ALLOC(session, namelen + 1); if(namelen <= UINT_MAX - 1) {
channelp->exit_signal =
LIBSSH2_ALLOC(session, namelen + 1);
}
else {
channelp->exit_signal = NULL;
}
if (!channelp->exit_signal) if (!channelp->exit_signal)
rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"memory for signal name"); "memory for signal name");
else { else if ((sizeof("exit-signal") + 13 + namelen <= datalen)) {
memcpy(channelp->exit_signal, memcpy(channelp->exit_signal,
data + 13 + sizeof("exit_signal"), namelen); data + 13 + sizeof("exit-signal"), namelen);
channelp->exit_signal[namelen] = '\0'; channelp->exit_signal[namelen] = '\0';
/* TODO: save error message and language tag */ /* TODO: save error message and language tag */
_libssh2_debug(session, LIBSSH2_TRACE_CONN, _libssh2_debug(session, LIBSSH2_TRACE_CONN,

5
libssh2/src/session.c
View File

@@ -765,6 +765,11 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
if (rc) if (rc)
return rc; return rc;
if(session->startup_data_len < 5) {
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet length");
}
session->startup_service_length = session->startup_service_length =
_libssh2_ntohu32(session->startup_data + 1); _libssh2_ntohu32(session->startup_data + 1);

317
libssh2/src/sftp.c
View File

@@ -204,6 +204,10 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data,
LIBSSH2_SFTP_PACKET *packet; LIBSSH2_SFTP_PACKET *packet;
uint32_t request_id; uint32_t request_id;
if (data_len < 5) {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
_libssh2_debug(session, LIBSSH2_TRACE_SFTP, _libssh2_debug(session, LIBSSH2_TRACE_SFTP,
"Received packet type %d (len %d)", "Received packet type %d (len %d)",
(int) data[0], data_len); (int) data[0], data_len);
@@ -345,6 +349,10 @@ sftp_packet_read(LIBSSH2_SFTP *sftp)
return _libssh2_error(session, return _libssh2_error(session,
LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED,
"SFTP packet too large"); "SFTP packet too large");
if (sftp->partial_len == 0)
return _libssh2_error(session,
LIBSSH2_ERROR_ALLOC,
"Unable to allocate empty SFTP packet");
_libssh2_debug(session, LIBSSH2_TRACE_SFTP, _libssh2_debug(session, LIBSSH2_TRACE_SFTP,
"Data begin - Packet Length: %lu", "Data begin - Packet Length: %lu",
@@ -504,11 +512,15 @@ sftp_packet_ask(LIBSSH2_SFTP *sftp, unsigned char packet_type,
static int static int
sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type, sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type,
uint32_t request_id, unsigned char **data, uint32_t request_id, unsigned char **data,
size_t *data_len) size_t *data_len, size_t required_size)
{ {
LIBSSH2_SESSION *session = sftp->channel->session; LIBSSH2_SESSION *session = sftp->channel->session;
int rc; int rc;
if (data == NULL || data_len == NULL || required_size == 0) {
return LIBSSH2_ERROR_BAD_USE;
}
_libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Requiring packet %d id %ld", _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Requiring packet %d id %ld",
(int) packet_type, request_id); (int) packet_type, request_id);
@@ -516,6 +528,11 @@ sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type,
/* The right packet was available in the packet brigade */ /* The right packet was available in the packet brigade */
_libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d", _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d",
(int) packet_type); (int) packet_type);
if (*data_len < required_size) {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
return LIBSSH2_ERROR_NONE; return LIBSSH2_ERROR_NONE;
} }
@@ -529,6 +546,11 @@ sftp_packet_require(LIBSSH2_SFTP *sftp, unsigned char packet_type,
/* The right packet was available in the packet brigade */ /* The right packet was available in the packet brigade */
_libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d", _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Got %d",
(int) packet_type); (int) packet_type);
if (*data_len < required_size) {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
return LIBSSH2_ERROR_NONE; return LIBSSH2_ERROR_NONE;
} }
} }
@@ -544,11 +566,15 @@ static int
sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses, sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses,
const unsigned char *valid_responses, const unsigned char *valid_responses,
uint32_t request_id, unsigned char **data, uint32_t request_id, unsigned char **data,
size_t *data_len) size_t *data_len, size_t required_size)
{ {
int i; int i;
int rc; int rc;
if (data == NULL || data_len == NULL || required_size == 0) {
return LIBSSH2_ERROR_BAD_USE;
}
/* If no timeout is active, start a new one */ /* If no timeout is active, start a new one */
if (sftp->requirev_start == 0) if (sftp->requirev_start == 0)
sftp->requirev_start = time(NULL); sftp->requirev_start = time(NULL);
@@ -562,6 +588,11 @@ sftp_packet_requirev(LIBSSH2_SFTP *sftp, int num_valid_responses,
* the timeout is not active * the timeout is not active
*/ */
sftp->requirev_start = 0; sftp->requirev_start = 0;
if (*data_len < required_size) {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
return LIBSSH2_ERROR_NONE; return LIBSSH2_ERROR_NONE;
} }
} }
@@ -636,36 +667,65 @@ sftp_attr2bin(unsigned char *p, const LIBSSH2_SFTP_ATTRIBUTES * attrs)
/* sftp_bin2attr /* sftp_bin2attr
*/ */
static int static int
sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES * attrs, const unsigned char *p) sftp_bin2attr(LIBSSH2_SFTP_ATTRIBUTES * attrs, const unsigned char *p, size_t data_len)
{ {
const unsigned char *s = p; const unsigned char *s = p;
memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES)); if (data_len >= 4) {
attrs->flags = _libssh2_ntohu32(s); memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES));
s += 4; attrs->flags = _libssh2_ntohu32(s);
s += 4;
data_len -= 4;
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
if (attrs->flags & LIBSSH2_SFTP_ATTR_SIZE) { if (attrs->flags & LIBSSH2_SFTP_ATTR_SIZE) {
attrs->filesize = _libssh2_ntohu64(s); if (data_len >= 8) {
s += 8; attrs->filesize = _libssh2_ntohu64(s);
s += 8;
data_len -= 8;
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
} }
if (attrs->flags & LIBSSH2_SFTP_ATTR_UIDGID) { if (attrs->flags & LIBSSH2_SFTP_ATTR_UIDGID) {
attrs->uid = _libssh2_ntohu32(s); if (data_len >= 8) {
s += 4; attrs->uid = _libssh2_ntohu32(s);
attrs->gid = _libssh2_ntohu32(s); s += 4;
s += 4; attrs->gid = _libssh2_ntohu32(s);
s += 4;
data_len -= 8;
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
} }
if (attrs->flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) { if (attrs->flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) {
attrs->permissions = _libssh2_ntohu32(s); if (data_len >= 4) {
s += 4; attrs->permissions = _libssh2_ntohu32(s);
s += 4;
data_len -= 4;
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
} }
if (attrs->flags & LIBSSH2_SFTP_ATTR_ACMODTIME) { if (attrs->flags & LIBSSH2_SFTP_ATTR_ACMODTIME) {
attrs->atime = _libssh2_ntohu32(s); if (data_len >= 8) {
s += 4; attrs->atime = _libssh2_ntohu32(s);
attrs->mtime = _libssh2_ntohu32(s); s += 4;
s += 4; attrs->mtime = _libssh2_ntohu32(s);
s += 4;
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
} }
return (s - p); return (s - p);
@@ -835,20 +895,25 @@ static LIBSSH2_SFTP *sftp_init(LIBSSH2_SESSION *session)
} }
rc = sftp_packet_require(sftp_handle, SSH_FXP_VERSION, rc = sftp_packet_require(sftp_handle, SSH_FXP_VERSION,
0, &data, &data_len); 0, &data, &data_len, 5);
if (rc == LIBSSH2_ERROR_EAGAIN) if (rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block receiving SSH_FXP_VERSION");
return NULL; return NULL;
}
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
_libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Invalid SSH_FXP_VERSION response");
goto sftp_init_error;
}
else if (rc) { else if (rc) {
_libssh2_error(session, rc, _libssh2_error(session, rc,
"Timeout waiting for response from SFTP subsystem"); "Timeout waiting for response from SFTP subsystem");
goto sftp_init_error; goto sftp_init_error;
} }
if (data_len < 5) {
_libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Invalid SSH_FXP_VERSION response");
LIBSSH2_FREE(session, data);
goto sftp_init_error;
}
s = data + 1; s = data + 1;
sftp_handle->version = _libssh2_ntohu32(s); sftp_handle->version = _libssh2_ntohu32(s);
@@ -1112,12 +1177,20 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename,
{ SSH_FXP_HANDLE, SSH_FXP_STATUS }; { SSH_FXP_HANDLE, SSH_FXP_STATUS };
rc = sftp_packet_requirev(sftp, 2, fopen_responses, rc = sftp_packet_requirev(sftp, 2, fopen_responses,
sftp->open_request_id, &data, sftp->open_request_id, &data,
&data_len); &data_len, 1);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN, _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block waiting for status message"); "Would block waiting for status message");
return NULL; return NULL;
} }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
_libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Response too small");
return NULL;
}
sftp->open_state = libssh2_NB_state_idle; sftp->open_state = libssh2_NB_state_idle;
if (rc) { if (rc) {
_libssh2_error(session, rc, "Timeout waiting for status message"); _libssh2_error(session, rc, "Timeout waiting for status message");
@@ -1148,12 +1221,20 @@ sftp_open(LIBSSH2_SFTP *sftp, const char *filename,
/* silly situation, but check for a HANDLE */ /* silly situation, but check for a HANDLE */
rc = sftp_packet_require(sftp, SSH_FXP_HANDLE, rc = sftp_packet_require(sftp, SSH_FXP_HANDLE,
sftp->open_request_id, &data, sftp->open_request_id, &data,
&data_len); &data_len, 10);
if(rc == LIBSSH2_ERROR_EAGAIN) { if(rc == LIBSSH2_ERROR_EAGAIN) {
/* go back to sent state and wait for something else */ /* go back to sent state and wait for something else */
sftp->open_state = libssh2_NB_state_sent; sftp->open_state = libssh2_NB_state_sent;
return NULL; return NULL;
} }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
_libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Too small FXP_HANDLE");
return NULL;
}
else if(!rc) else if(!rc)
/* we got the handle so this is not a bad situation */ /* we got the handle so this is not a bad situation */
badness = 0; badness = 0;
@@ -1480,15 +1561,21 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
} }
rc = sftp_packet_requirev(sftp, 2, read_responses, rc = sftp_packet_requirev(sftp, 2, read_responses,
chunk->request_id, &data, &data_len); chunk->request_id, &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN && bytes_in_buffer != 0) {
if (rc==LIBSSH2_ERROR_EAGAIN && bytes_in_buffer != 0) {
/* do not return EAGAIN if we have already /* do not return EAGAIN if we have already
* written data into the buffer */ * written data into the buffer */
return bytes_in_buffer; return bytes_in_buffer;
} }
if (rc < 0) { if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Response too small");
}
else if(rc < 0) {
sftp->read_state = libssh2_NB_state_sent2; sftp->read_state = libssh2_NB_state_sent2;
return rc; return rc;
} }
@@ -1698,7 +1785,7 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer,
if (attrs) if (attrs)
memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES)); memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES));
s += sftp_bin2attr(attrs ? attrs : &attrs_dummy, s); s += sftp_bin2attr(attrs ? attrs : &attrs_dummy, s, 32);
handle->u.dir.next_name = (char *) s; handle->u.dir.next_name = (char *) s;
end: end:
@@ -1753,9 +1840,16 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer,
retcode = sftp_packet_requirev(sftp, 2, read_responses, retcode = sftp_packet_requirev(sftp, 2, read_responses,
sftp->readdir_request_id, &data, sftp->readdir_request_id, &data,
&data_len); &data_len, 9);
if (retcode == LIBSSH2_ERROR_EAGAIN) if (retcode == LIBSSH2_ERROR_EAGAIN)
return retcode; return retcode;
else if (retcode == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Status message too short");
}
else if (retcode) { else if (retcode) {
sftp->readdir_state = libssh2_NB_state_idle; sftp->readdir_state = libssh2_NB_state_idle;
return _libssh2_error(session, retcode, return _libssh2_error(session, retcode,
@@ -1981,8 +2075,15 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer,
/* we check the packets in order */ /* we check the packets in order */
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
chunk->request_id, &data, &data_len); chunk->request_id, &data, &data_len, 9);
if (rc < 0) { if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"FXP write packet too short");
}
else if (rc < 0) {
if (rc == LIBSSH2_ERROR_EAGAIN) if (rc == LIBSSH2_ERROR_EAGAIN)
sftp->write_state = libssh2_NB_state_sent; sftp->write_state = libssh2_NB_state_sent;
return rc; return rc;
@@ -2124,10 +2225,18 @@ static int sftp_fsync(LIBSSH2_SFTP_HANDLE *handle)
} }
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
sftp->fsync_request_id, &data, &data_len); sftp->fsync_request_id, &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP fsync packet too short");
}
else if (rc) {
sftp->fsync_state = libssh2_NB_state_idle; sftp->fsync_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP EXTENDED REPLY"); "Error waiting for FXP EXTENDED REPLY");
@@ -2227,9 +2336,16 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle,
rc = sftp_packet_requirev(sftp, 2, fstat_responses, rc = sftp_packet_requirev(sftp, 2, fstat_responses,
sftp->fstat_request_id, &data, sftp->fstat_request_id, &data,
&data_len); &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) if (rc == LIBSSH2_ERROR_EAGAIN)
return rc; return rc;
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP fstat packet too short");
}
else if (rc) { else if (rc) {
sftp->fstat_state = libssh2_NB_state_idle; sftp->fstat_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
@@ -2252,7 +2368,12 @@ static int sftp_fstat(LIBSSH2_SFTP_HANDLE *handle,
} }
} }
sftp_bin2attr(attrs, data + 5); if (sftp_bin2attr(attrs, data + 5, data_len - 5) < 0) {
LIBSSH2_FREE(session, data);
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Attributes too short in SFTP fstat");
}
LIBSSH2_FREE(session, data); LIBSSH2_FREE(session, data);
return 0; return 0;
@@ -2429,11 +2550,19 @@ sftp_close_handle(LIBSSH2_SFTP_HANDLE *handle)
if (handle->close_state == libssh2_NB_state_sent) { if (handle->close_state == libssh2_NB_state_sent) {
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
handle->close_request_id, &data, handle->close_request_id, &data,
&data_len); &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
}
} else if (rc) { else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
data = NULL;
_libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Packet too short in FXP_CLOSE command");
}
else if (rc) {
_libssh2_error(session, rc, _libssh2_error(session, rc,
"Error waiting for status message"); "Error waiting for status message");
} }
@@ -2547,10 +2676,17 @@ static int sftp_unlink(LIBSSH2_SFTP *sftp, const char *filename,
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
sftp->unlink_request_id, &data, sftp->unlink_request_id, &data,
&data_len); &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP unlink packet too short");
}
else if (rc) { else if (rc) {
sftp->unlink_state = libssh2_NB_state_idle; sftp->unlink_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
@@ -2658,10 +2794,18 @@ static int sftp_rename(LIBSSH2_SFTP *sftp, const char *source_filename,
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
sftp->rename_request_id, &data, sftp->rename_request_id, &data,
&data_len); &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP rename packet too short");
}
else if (rc) {
sftp->rename_state = libssh2_NB_state_idle; sftp->rename_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP STATUS"); "Error waiting for FXP STATUS");
@@ -2783,11 +2927,19 @@ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st)
} }
rc = sftp_packet_requirev(sftp, 2, responses, sftp->fstatvfs_request_id, rc = sftp_packet_requirev(sftp, 2, responses, sftp->fstatvfs_request_id,
&data, &data_len); &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP rename packet too short");
}
else if (rc) {
sftp->fstatvfs_state = libssh2_NB_state_idle; sftp->fstatvfs_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP EXTENDED REPLY"); "Error waiting for FXP EXTENDED REPLY");
@@ -2910,10 +3062,18 @@ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path,
} }
rc = sftp_packet_requirev(sftp, 2, responses, sftp->statvfs_request_id, rc = sftp_packet_requirev(sftp, 2, responses, sftp->statvfs_request_id,
&data, &data_len); &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP fstat packet too short");
}
else if (rc) {
sftp->statvfs_state = libssh2_NB_state_idle; sftp->statvfs_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP EXTENDED REPLY"); "Error waiting for FXP EXTENDED REPLY");
@@ -3040,10 +3200,18 @@ static int sftp_mkdir(LIBSSH2_SFTP *sftp, const char *path,
} }
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, sftp->mkdir_request_id, rc = sftp_packet_require(sftp, SSH_FXP_STATUS, sftp->mkdir_request_id,
&data, &data_len); &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP mkdir packet too short");
}
else if (rc) {
sftp->mkdir_state = libssh2_NB_state_idle; sftp->mkdir_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP STATUS"); "Error waiting for FXP STATUS");
@@ -3134,10 +3302,18 @@ static int sftp_rmdir(LIBSSH2_SFTP *sftp, const char *path,
} }
rc = sftp_packet_require(sftp, SSH_FXP_STATUS, rc = sftp_packet_require(sftp, SSH_FXP_STATUS,
sftp->rmdir_request_id, &data, &data_len); sftp->rmdir_request_id, &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return rc; return rc;
} else if (rc) { }
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP rmdir packet too short");
}
else if (rc) {
sftp->rmdir_state = libssh2_NB_state_idle; sftp->rmdir_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Error waiting for FXP STATUS"); "Error waiting for FXP STATUS");
@@ -3247,9 +3423,16 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path,
} }
rc = sftp_packet_requirev(sftp, 2, stat_responses, rc = sftp_packet_requirev(sftp, 2, stat_responses,
sftp->stat_request_id, &data, &data_len); sftp->stat_request_id, &data, &data_len, 9);
if (rc == LIBSSH2_ERROR_EAGAIN) if (rc == LIBSSH2_ERROR_EAGAIN)
return rc; return rc;
else if (rc == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP stat packet too short");
}
else if (rc) { else if (rc) {
sftp->stat_state = libssh2_NB_state_idle; sftp->stat_state = libssh2_NB_state_idle;
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
@@ -3273,7 +3456,12 @@ static int sftp_stat(LIBSSH2_SFTP *sftp, const char *path,
} }
memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES)); memset(attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES));
sftp_bin2attr(attrs, data + 5); if (sftp_bin2attr(attrs, data + 5, data_len - 5) < 0) {
LIBSSH2_FREE(session, data);
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"Attributes too short in SFTP fstat");
}
LIBSSH2_FREE(session, data); LIBSSH2_FREE(session, data);
return 0; return 0;
@@ -3378,9 +3566,16 @@ static int sftp_symlink(LIBSSH2_SFTP *sftp, const char *path,
retcode = sftp_packet_requirev(sftp, 2, link_responses, retcode = sftp_packet_requirev(sftp, 2, link_responses,
sftp->symlink_request_id, &data, sftp->symlink_request_id, &data,
&data_len); &data_len, 9);
if (retcode == LIBSSH2_ERROR_EAGAIN) if (retcode == LIBSSH2_ERROR_EAGAIN)
return retcode; return retcode;
else if (retcode == LIBSSH2_ERROR_OUT_OF_BOUNDARY) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP symlink packet too short");
}
else if (retcode) { else if (retcode) {
sftp->symlink_state = libssh2_NB_state_idle; sftp->symlink_state = libssh2_NB_state_idle;
return _libssh2_error(session, retcode, return _libssh2_error(session, retcode,
@@ -3410,6 +3605,14 @@ static int sftp_symlink(LIBSSH2_SFTP *sftp, const char *path,
"no name entries"); "no name entries");
} }
if (data_len < 13) {
if (data_len > 0) {
LIBSSH2_FREE(session, data);
}
return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP stat packet too short");
}
/* this reads a u32 and stores it into a signed 32bit value */ /* this reads a u32 and stores it into a signed 32bit value */
link_len = _libssh2_ntohu32(data + 9); link_len = _libssh2_ntohu32(data + 9);
if (link_len < target_len) { if (link_len < target_len) {

26
libssh2/src/transport.c
View File

@@ -438,6 +438,16 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
return LIBSSH2_ERROR_DECRYPT; return LIBSSH2_ERROR_DECRYPT;
p->padding_length = block[4]; p->padding_length = block[4];
if(p->packet_length < 1) {
return LIBSSH2_ERROR_DECRYPT;
}
else if(p->packet_length > LIBSSH2_PACKET_MAXPAYLOAD) {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
else if ( p->padding_length > p->packet_length - 1 ) {
return LIBSSH2_ERROR_DECRYPT;
}
/* total_num is the number of bytes following the initial /* total_num is the number of bytes following the initial
(5 bytes) packet length and padding length fields */ (5 bytes) packet length and padding length fields */
@@ -471,8 +481,12 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
/* copy the data from index 5 to the end of /* copy the data from index 5 to the end of
the blocksize from the temporary buffer to the blocksize from the temporary buffer to
the start of the decrypted buffer */ the start of the decrypted buffer */
memcpy(p->wptr, &block[5], blocksize - 5); if (blocksize - 5 <= total_num) {
p->wptr += blocksize - 5; /* advance write pointer */ memcpy(p->wptr, &block[5], blocksize - 5);
p->wptr += blocksize - 5; /* advance write pointer */
} else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
} }
/* init the data_num field to the number of bytes of /* init the data_num field to the number of bytes of
@@ -546,7 +560,13 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
/* if there are bytes to copy that aren't decrypted, simply /* if there are bytes to copy that aren't decrypted, simply
copy them as-is to the target buffer */ copy them as-is to the target buffer */
if (numbytes > 0) { if (numbytes > 0) {
memcpy(p->wptr, &p->buf[p->readidx], numbytes);
if (numbytes <= total_num - (p->wptr - p->payload)) {
memcpy(p->wptr, &p->buf[p->readidx], numbytes);
}
else {
return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
}
/* advance the read pointer */ /* advance the read pointer */
p->readidx += numbytes; p->readidx += numbytes;

55
libssh2/src/userauth.c
View File

@@ -107,7 +107,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
LIBSSH2_FREE(session, session->userauth_list_data); LIBSSH2_FREE(session, session->userauth_list_data);
session->userauth_list_data = NULL; session->userauth_list_data = NULL;
if (rc) { if (rc || (session->userauth_list_data_len < 1)) {
_libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
"Unable to send userauth-none request"); "Unable to send userauth-none request");
session->userauth_list_state = libssh2_NB_state_idle; session->userauth_list_state = libssh2_NB_state_idle;
@@ -143,8 +143,20 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
return NULL; return NULL;
} }
methods_len = _libssh2_ntohu32(session->userauth_list_data + 1); if(session->userauth_list_data_len < 5) {
LIBSSH2_FREE(session, session->userauth_list_data);
session->userauth_list_data = NULL;
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
return NULL;
}
methods_len = _libssh2_ntohu32(session->userauth_list_data + 1);
if(methods_len >= session->userauth_list_data_len - 5) {
_libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
"Unexpected userauth list size");
return NULL;
}
/* Do note that the memory areas overlap! */ /* Do note that the memory areas overlap! */
memmove(session->userauth_list_data, session->userauth_list_data + 5, memmove(session->userauth_list_data, session->userauth_list_data + 5,
methods_len); methods_len);
@@ -285,6 +297,11 @@ userauth_password(LIBSSH2_SESSION *session,
return _libssh2_error(session, rc, return _libssh2_error(session, rc,
"Waiting for password response"); "Waiting for password response");
} }
else if(session->userauth_pswd_data_len < 1) {
session->userauth_pswd_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
}
if (session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_SUCCESS) { if (session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_SUCCESS) {
_libssh2_debug(session, LIBSSH2_TRACE_AUTH, _libssh2_debug(session, LIBSSH2_TRACE_AUTH,
@@ -312,6 +329,12 @@ userauth_password(LIBSSH2_SESSION *session,
session->userauth_pswd_state = libssh2_NB_state_sent1; session->userauth_pswd_state = libssh2_NB_state_sent1;
} }
if(session->userauth_pswd_data_len < 1) {
session->userauth_pswd_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unexpected packet size");
}
if ((session->userauth_pswd_data[0] == if ((session->userauth_pswd_data[0] ==
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ) SSH_MSG_USERAUTH_PASSWD_CHANGEREQ)
|| (session->userauth_pswd_data0 == || (session->userauth_pswd_data0 ==
@@ -976,7 +999,7 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
} }
session->userauth_host_state = libssh2_NB_state_idle; session->userauth_host_state = libssh2_NB_state_idle;
if (rc) { if (rc || data_len < 1) {
return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED,
"Auth failed"); "Auth failed");
} }
@@ -1149,7 +1172,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
NULL, 0); NULL, 0);
if (rc == LIBSSH2_ERROR_EAGAIN) if (rc == LIBSSH2_ERROR_EAGAIN)
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block"); return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
else if (rc) { else if (rc || (session->userauth_pblc_data_len < 1)) {
LIBSSH2_FREE(session, session->userauth_pblc_packet); LIBSSH2_FREE(session, session->userauth_pblc_packet);
session->userauth_pblc_packet = NULL; session->userauth_pblc_packet = NULL;
LIBSSH2_FREE(session, session->userauth_pblc_method); LIBSSH2_FREE(session, session->userauth_pblc_method);
@@ -1332,7 +1355,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block requesting userauth list"); "Would block requesting userauth list");
} else if (rc) { } else if (rc || session->userauth_pblc_data_len < 1) {
session->userauth_pblc_state = libssh2_NB_state_idle; session->userauth_pblc_state = libssh2_NB_state_idle;
return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, return _libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED,
"Waiting for publickey USERAUTH response"); "Waiting for publickey USERAUTH response");
@@ -1654,7 +1677,7 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
if (rc == LIBSSH2_ERROR_EAGAIN) { if (rc == LIBSSH2_ERROR_EAGAIN) {
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block"); "Would block");
} else if (rc) { } else if (rc || session->userauth_kybd_data_len < 1) {
session->userauth_kybd_state = libssh2_NB_state_idle; session->userauth_kybd_state = libssh2_NB_state_idle;
return _libssh2_error(session, return _libssh2_error(session,
LIBSSH2_ERROR_AUTHENTICATION_FAILED, LIBSSH2_ERROR_AUTHENTICATION_FAILED,
@@ -1734,6 +1757,13 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
/* int num-prompts */ /* int num-prompts */
session->userauth_kybd_num_prompts = _libssh2_ntohu32(s); session->userauth_kybd_num_prompts = _libssh2_ntohu32(s);
s += 4; s += 4;
if(session->userauth_kybd_num_prompts &&
session->userauth_kybd_num_prompts > 100) {
_libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
"Too many replies for "
"keyboard-interactive prompts");
goto cleanup;
}
if(session->userauth_kybd_num_prompts) { if(session->userauth_kybd_num_prompts) {
session->userauth_kybd_prompts = session->userauth_kybd_prompts =
@@ -1801,8 +1831,17 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
for(i = 0; i < session->userauth_kybd_num_prompts; i++) { for(i = 0; i < session->userauth_kybd_num_prompts; i++) {
/* string response[1] (ISO-10646 UTF-8) */ /* string response[1] (ISO-10646 UTF-8) */
session->userauth_kybd_packet_len += if(session->userauth_kybd_responses[i].length <=
4 + session->userauth_kybd_responses[i].length; (SIZE_MAX - 4 - session->userauth_kybd_packet_len) ) {
session->userauth_kybd_packet_len +=
4 + session->userauth_kybd_responses[i].length;
}
else {
_libssh2_error(session, LIBSSH2_ERROR_ALLOC,
"Unable to allocate memory for keyboard-"
"interactive response packet");
goto cleanup;
}
} }
/* A new userauth_kybd_data area is to be allocated, free the /* A new userauth_kybd_data area is to be allocated, free the

0
libssh2/src/wincng.c Normal file → Executable file
View File

0
libssh2/src/wincng.h Normal file → Executable file
View File

0
libssh2/test-driver Normal file → Executable file
View File