From d93d59807ef355920625505a3e1898c3d7f81e83 Mon Sep 17 00:00:00 2001 From: John-Mark Gurney Date: Thu, 22 Oct 2020 05:12:28 +0000 Subject: [PATCH] Squashed 'libssh2/' content from commit 6c7769d git-subtree-dir: libssh2 git-subtree-split: 6c7769dcc422250d14af1b06fce378b6ee009440 --- .editorconfig | 9 + .gitattribute | 2 + .github/ISSUE_TEMPLATE/bug_report.md | 26 + .github/stale.yml | 17 + .gitignore | 37 + .travis.yml | 130 + CMakeLists.txt | 109 + COPYING | 42 + Makefile.OpenSSL.inc | 3 + Makefile.WinCNG.inc | 3 + Makefile.am | 154 + Makefile.inc | 7 + Makefile.libgcrypt.inc | 3 + Makefile.mbedTLS.inc | 3 + Makefile.os400qc3.inc | 2 + NEWS | 3 + NMakefile | 33 + README | 19 + README.md | 16 + RELEASE-NOTES | 44 + acinclude.m4 | 512 ++ appveyor.yml | 109 + buildconf | 8 + cmake/CheckFunctionExistsMayNeedLibrary.cmake | 81 + cmake/CheckNonblockingSocketSupport.cmake | 119 + cmake/CopyRuntimeDependencies.cmake | 72 + cmake/FindLibgcrypt.cmake | 53 + cmake/FindmbedTLS.cmake | 64 + cmake/SocketLibraries.cmake | 64 + cmake/Toolchain-Linux-32.cmake | 42 + cmake/max_warnings.cmake | 23 + config.rpath | 660 +++ configure.ac | 412 ++ docs/.gitignore | 3 + docs/AUTHORS | 79 + docs/BINDINGS | 29 + docs/CMakeLists.txt | 210 + docs/HACKING | 13 + docs/HACKING.CRYPTO | 901 ++++ docs/INSTALL_AUTOTOOLS | 355 ++ docs/INSTALL_CMAKE.md | 188 + docs/Makefile.am | 177 + docs/SECURITY.md | 100 + docs/TODO | 174 + docs/libssh2_agent_connect.3 | 23 + docs/libssh2_agent_disconnect.3 | 20 + docs/libssh2_agent_free.3 | 20 + docs/libssh2_agent_get_identity.3 | 34 + docs/libssh2_agent_get_identity_path.3 | 22 + docs/libssh2_agent_init.3 | 26 + docs/libssh2_agent_list_identities.3 | 24 + docs/libssh2_agent_set_identity_path.3 | 22 + docs/libssh2_agent_userauth.3 | 29 + docs/libssh2_banner_set.3 | 32 + docs/libssh2_base64_decode.3 | 25 + docs/libssh2_channel_close.3 | 29 + docs/libssh2_channel_direct_tcpip.3 | 18 + docs/libssh2_channel_direct_tcpip_ex.3 | 35 + docs/libssh2_channel_eof.3 | 17 + docs/libssh2_channel_exec.3 | 17 + docs/libssh2_channel_flush.3 | 17 + docs/libssh2_channel_flush_ex.3 | 32 + docs/libssh2_channel_flush_stderr.3 | 17 + docs/libssh2_channel_forward_accept.3 | 20 + docs/libssh2_channel_forward_cancel.3 | 27 + docs/libssh2_channel_forward_listen.3 | 17 + docs/libssh2_channel_forward_listen_ex.3 | 46 + docs/libssh2_channel_free.3 | 25 + docs/libssh2_channel_get_exit_signal.3 | 34 + docs/libssh2_channel_get_exit_status.3 | 18 + docs/libssh2_channel_handle_extended_data.3 | 35 + docs/libssh2_channel_handle_extended_data2.3 | 35 + docs/libssh2_channel_ignore_extended_data.3 | 20 + docs/libssh2_channel_open_ex.3 | 54 + docs/libssh2_channel_open_session.3 | 18 + docs/libssh2_channel_process_startup.3 | 38 + docs/libssh2_channel_read.3 | 17 + docs/libssh2_channel_read_ex.3 | 45 + docs/libssh2_channel_read_stderr.3 | 17 + docs/libssh2_channel_receive_window_adjust.3 | 29 + docs/libssh2_channel_receive_window_adjust2.3 | 27 + docs/libssh2_channel_request_auth_agent.3 | 22 + docs/libssh2_channel_request_pty.3 | 17 + docs/libssh2_channel_request_pty_ex.3 | 47 + docs/libssh2_channel_request_pty_size.3 | 17 + docs/libssh2_channel_request_pty_size_ex.3 | 12 + docs/libssh2_channel_send_eof.3 | 24 + docs/libssh2_channel_set_blocking.3 | 23 + docs/libssh2_channel_setenv.3 | 17 + docs/libssh2_channel_setenv_ex.3 | 41 + docs/libssh2_channel_shell.3 | 17 + docs/libssh2_channel_subsystem.3 | 17 + docs/libssh2_channel_wait_closed.3 | 22 + docs/libssh2_channel_wait_eof.3 | 19 + docs/libssh2_channel_window_read.3 | 17 + docs/libssh2_channel_window_read_ex.3 | 24 + docs/libssh2_channel_window_write.3 | 17 + docs/libssh2_channel_window_write_ex.3 | 21 + docs/libssh2_channel_write.3 | 18 + docs/libssh2_channel_write_ex.3 | 47 + docs/libssh2_channel_write_stderr.3 | 18 + docs/libssh2_channel_x11_req.3 | 17 + docs/libssh2_channel_x11_req_ex.3 | 44 + docs/libssh2_exit.3 | 14 + docs/libssh2_free.3 | 19 + docs/libssh2_hostkey_hash.3 | 26 + docs/libssh2_init.3 | 20 + docs/libssh2_keepalive_config.3 | 27 + docs/libssh2_keepalive_send.3 | 18 + docs/libssh2_knownhost_add.3 | 66 + docs/libssh2_knownhost_addc.3 | 68 + docs/libssh2_knownhost_check.3 | 58 + docs/libssh2_knownhost_checkp.3 | 63 + docs/libssh2_knownhost_del.3 | 26 + docs/libssh2_knownhost_free.3 | 20 + docs/libssh2_knownhost_get.3 | 35 + docs/libssh2_knownhost_init.3 | 25 + docs/libssh2_knownhost_readfile.3 | 29 + docs/libssh2_knownhost_readline.3 | 30 + docs/libssh2_knownhost_writefile.3 | 29 + docs/libssh2_knownhost_writeline.3 | 46 + docs/libssh2_poll.3 | 21 + docs/libssh2_poll_channel_read.3 | 18 + docs/libssh2_publickey_add.3 | 20 + docs/libssh2_publickey_add_ex.3 | 25 + docs/libssh2_publickey_init.3 | 12 + docs/libssh2_publickey_list_fetch.3 | 12 + docs/libssh2_publickey_list_free.3 | 12 + docs/libssh2_publickey_remove.3 | 19 + docs/libssh2_publickey_remove_ex.3 | 12 + docs/libssh2_publickey_shutdown.3 | 12 + docs/libssh2_scp_recv.3 | 35 + docs/libssh2_scp_recv2.3 | 32 + docs/libssh2_scp_send.3 | 18 + docs/libssh2_scp_send64.3 | 47 + docs/libssh2_scp_send_ex.3 | 48 + docs/libssh2_session_abstract.3 | 24 + docs/libssh2_session_banner_get.3 | 21 + docs/libssh2_session_banner_set.3 | 32 + docs/libssh2_session_block_directions.3 | 29 + docs/libssh2_session_callback_set.3 | 76 + docs/libssh2_session_disconnect.3 | 17 + docs/libssh2_session_disconnect_ex.3 | 38 + docs/libssh2_session_flag.3 | 23 + docs/libssh2_session_free.3 | 18 + docs/libssh2_session_get_blocking.3 | 12 + docs/libssh2_session_get_timeout.3 | 19 + docs/libssh2_session_handshake.3 | 40 + docs/libssh2_session_hostkey.3 | 21 + docs/libssh2_session_init.3 | 18 + docs/libssh2_session_init_ex.3 | 42 + docs/libssh2_session_last_errno.3 | 21 + docs/libssh2_session_last_error.3 | 32 + docs/libssh2_session_method_pref.3 | 40 + docs/libssh2_session_methods.3 | 27 + docs/libssh2_session_set_blocking.3 | 30 + docs/libssh2_session_set_last_error.3 | 33 + docs/libssh2_session_set_timeout.3 | 20 + docs/libssh2_session_startup.3 | 42 + docs/libssh2_session_supported_algs.3 | 74 + docs/libssh2_sftp_close.3 | 17 + docs/libssh2_sftp_close_handle.3 | 43 + docs/libssh2_sftp_closedir.3 | 17 + docs/libssh2_sftp_fsetstat.3 | 17 + docs/libssh2_sftp_fstat.3 | 17 + docs/libssh2_sftp_fstat_ex.3 | 104 + docs/libssh2_sftp_fstatvfs.3 | 1 + docs/libssh2_sftp_fsync.3 | 39 + docs/libssh2_sftp_get_channel.3 | 21 + docs/libssh2_sftp_init.3 | 39 + docs/libssh2_sftp_last_error.3 | 24 + docs/libssh2_sftp_lstat.3 | 17 + docs/libssh2_sftp_mkdir.3 | 17 + docs/libssh2_sftp_mkdir_ex.3 | 40 + docs/libssh2_sftp_open.3 | 18 + docs/libssh2_sftp_open_ex.3 | 65 + docs/libssh2_sftp_opendir.3 | 18 + docs/libssh2_sftp_read.3 | 43 + docs/libssh2_sftp_readdir.3 | 17 + docs/libssh2_sftp_readdir_ex.3 | 65 + docs/libssh2_sftp_readlink.3 | 19 + docs/libssh2_sftp_realpath.3 | 19 + docs/libssh2_sftp_rename.3 | 17 + docs/libssh2_sftp_rename_ex.3 | 56 + docs/libssh2_sftp_rewind.3 | 17 + docs/libssh2_sftp_rmdir.3 | 18 + docs/libssh2_sftp_rmdir_ex.3 | 36 + docs/libssh2_sftp_seek.3 | 25 + docs/libssh2_sftp_seek64.3 | 29 + docs/libssh2_sftp_setstat.3 | 17 + docs/libssh2_sftp_shutdown.3 | 24 + docs/libssh2_sftp_stat.3 | 17 + docs/libssh2_sftp_stat_ex.3 | 74 + docs/libssh2_sftp_statvfs.3 | 79 + docs/libssh2_sftp_symlink.3 | 19 + docs/libssh2_sftp_symlink_ex.3 | 79 + docs/libssh2_sftp_tell.3 | 20 + docs/libssh2_sftp_tell64.3 | 21 + docs/libssh2_sftp_unlink.3 | 17 + docs/libssh2_sftp_unlink_ex.3 | 42 + docs/libssh2_sftp_write.3 | 71 + docs/libssh2_trace.3 | 35 + docs/libssh2_trace_sethandler.3 | 28 + docs/libssh2_userauth_authenticated.3 | 20 + docs/libssh2_userauth_hostbased_fromfile.3 | 17 + docs/libssh2_userauth_hostbased_fromfile_ex.3 | 12 + docs/libssh2_userauth_keyboard_interactive.3 | 20 + ...libssh2_userauth_keyboard_interactive_ex.3 | 58 + docs/libssh2_userauth_list.3 | 39 + docs/libssh2_userauth_password.3 | 19 + docs/libssh2_userauth_password_ex.3 | 57 + docs/libssh2_userauth_publickey.3 | 27 + docs/libssh2_userauth_publickey_fromfile.3 | 22 + docs/libssh2_userauth_publickey_fromfile_ex.3 | 52 + docs/libssh2_userauth_publickey_frommemory.3 | 56 + docs/libssh2_version.3 | 36 + docs/template.3 | 20 + example/.gitignore | 36 + example/CMakeLists.txt | 101 + example/Makefile.am | 17 + example/direct_tcpip.c | 343 ++ example/libssh2_config_cmake.h.in | 72 + example/scp.c | 190 + example/scp_nonblock.c | 293 ++ example/scp_write.c | 228 + example/scp_write_nonblock.c | 287 ++ example/sftp.c | 300 ++ example/sftp_RW_nonblock.c | 358 ++ example/sftp_append.c | 238 + example/sftp_mkdir.c | 179 + example/sftp_mkdir_nonblock.c | 179 + example/sftp_nonblock.c | 297 ++ example/sftp_write.c | 222 + example/sftp_write_nonblock.c | 288 ++ example/sftp_write_sliding.c | 298 ++ example/sftpdir.c | 304 ++ example/sftpdir_nonblock.c | 249 + example/ssh2.c | 274 ++ example/ssh2_agent.c | 253 + example/ssh2_agent_forwarding.c | 292 ++ example/ssh2_echo.c | 371 ++ example/ssh2_exec.c | 319 ++ example/subsystem_netconf.c | 312 ++ example/tcpip-forward.c | 328 ++ example/x11.c | 476 ++ get_ver.awk | 24 + git2news.pl | 76 + include/libssh2.h | 1348 ++++++ include/libssh2_publickey.h | 122 + include/libssh2_sftp.h | 351 ++ libssh2-style.el | 51 + libssh2.pc.in | 17 + m4/.gitignore | 5 + m4/autobuild.m4 | 44 + m4/lib-ld.m4 | 110 + m4/lib-link.m4 | 709 +++ m4/lib-prefix.m4 | 185 + maketgz | 99 + nw/GNUmakefile | 630 +++ nw/keepscreen.c | 25 + nw/nwlib.c | 304 ++ nw/test/GNUmakefile | 311 ++ os400/README400 | 169 + os400/ccsid.c | 252 + os400/include/alloca.h | 50 + os400/include/stdio.h | 72 + os400/include/sys/socket.h | 75 + os400/initscript.sh | 243 + os400/libssh2_ccsid.h | 63 + os400/libssh2_config.h | 299 ++ os400/libssh2rpg/libssh2.rpgle.in | 1704 +++++++ os400/libssh2rpg/libssh2_ccsid.rpgle.in | 69 + os400/libssh2rpg/libssh2_publickey.rpgle | 141 + os400/libssh2rpg/libssh2_sftp.rpgle | 621 +++ os400/macros.h | 168 + os400/make-include.sh | 56 + os400/make-rpg.sh | 92 + os400/make-src.sh | 208 + os400/make.sh | 49 + os400/os400sys.c | 218 + src/.gitignore | 3 + src/CMakeLists.txt | 432 ++ src/Makefile.am | 65 + src/NMakefile | 30 + src/agent.c | 896 ++++ src/bcrypt_pbkdf.c | 180 + src/blf.h | 89 + src/blowfish.c | 697 +++ src/channel.c | 2891 ++++++++++++ src/channel.h | 141 + src/checksrc.pl | 756 +++ src/comp.c | 377 ++ src/comp.h | 44 + src/crypt.c | 349 ++ src/crypto.h | 248 + src/global.c | 78 + src/hostkey.c | 1129 +++++ src/keepalive.c | 100 + src/kex.c | 4122 +++++++++++++++++ src/knownhost.c | 1271 +++++ src/libgcrypt.c | 667 +++ src/libgcrypt.h | 237 + src/libssh2.pc.in | 17 + src/libssh2_config_cmake.h.in | 105 + src/libssh2_priv.h | 1149 +++++ src/mac.c | 414 ++ src/mac.h | 66 + src/mbedtls.c | 1251 +++++ src/mbedtls.h | 586 +++ src/misc.c | 872 ++++ src/misc.h | 125 + src/openssl.c | 3270 +++++++++++++ src/openssl.h | 396 ++ src/os400qc3.c | 2411 ++++++++++ src/os400qc3.h | 401 ++ src/packet.c | 1336 ++++++ src/packet.h | 76 + src/pem.c | 902 ++++ src/publickey.c | 1278 +++++ src/scp.c | 1145 +++++ src/session.c | 1832 ++++++++ src/session.h | 93 + src/sftp.c | 3755 +++++++++++++++ src/sftp.h | 238 + src/transport.c | 917 ++++ src/transport.h | 86 + src/userauth.c | 2110 +++++++++ src/userauth.h | 51 + src/version.c | 54 + src/wincng.c | 2593 +++++++++++ src/wincng.h | 599 +++ tests/.gitignore | 8 + tests/CMakeLists.txt | 184 + tests/Makefile.am | 62 + tests/etc/host | 27 + tests/etc/host.pub | 1 + tests/etc/sshd_config | 3 + tests/etc/user | 27 + tests/etc/user.pub | 1 + tests/key_dsa | 12 + tests/key_dsa.pub | 1 + tests/key_dsa_wrong | 12 + tests/key_dsa_wrong.pub | 1 + tests/key_ed25519 | 7 + tests/key_ed25519.pub | 1 + tests/key_ed25519_encrypted | 8 + tests/key_ed25519_encrypted.pub | 1 + tests/key_rsa | 27 + tests/key_rsa.pub | 1 + tests/key_rsa_encrypted | 30 + tests/key_rsa_encrypted.pub | 1 + tests/key_rsa_openssh | 27 + tests/key_rsa_openssh.pub | 1 + tests/libssh2_config_cmake.h.in | 72 + tests/mansyntax.sh | 37 + tests/openssh_fixture.c | 323 ++ tests/openssh_fixture.h | 45 + tests/openssh_server/Dockerfile | 82 + tests/openssh_server/authorized_keys | 6 + tests/openssh_server/ssh_host_ecdsa_key | 5 + tests/openssh_server/ssh_host_ed25519_key | 7 + tests/openssh_server/ssh_host_rsa_key | 27 + tests/ossfuzz/.gitignore | 2 + tests/ossfuzz/Makefile.am | 32 + tests/ossfuzz/ossfuzz.sh | 30 + tests/ossfuzz/ssh2_client_fuzzer.cc | 87 + tests/ossfuzz/standaloneengine.cc | 74 + tests/ossfuzz/testinput.h | 3 + tests/ossfuzz/travisoss.sh | 26 + tests/runner.c | 51 + tests/session_fixture.c | 159 + tests/session_fixture.h | 47 + tests/simple.c | 95 + tests/ssh2.c | 186 + tests/ssh2.sh | 48 + tests/sshd_fixture.sh.in | 53 + tests/sshdwrap | 28 + tests/test_agent_forward_succeeds.c | 51 + tests/test_hostkey.c | 65 + tests/test_hostkey_hash.c | 178 + ...teractive_auth_fails_with_wrong_response.c | 59 + ...tive_auth_succeeds_with_correct_response.c | 59 + ..._password_auth_fails_with_wrong_password.c | 36 + ..._password_auth_fails_with_wrong_username.c | 36 + ...d_auth_succeeds_with_correct_credentials.c | 41 + ...est_public_key_auth_fails_with_wrong_key.c | 37 + ...c_key_auth_succeeds_with_correct_dsa_key.c | 37 + ...y_auth_succeeds_with_correct_ed25519_key.c | 37 + ...cceeds_with_correct_ed25519_key_from_mem.c | 98 + ...ceeds_with_correct_encrypted_ed25519_key.c | 39 + ..._succeeds_with_correct_encrypted_rsa_key.c | 39 + ...c_key_auth_succeeds_with_correct_rsa_key.c | 37 + ...th_succeeds_with_correct_rsa_openssh_key.c | 38 + vms/libssh2_config.h | 88 + vms/libssh2_make_example.dcl | 125 + vms/libssh2_make_help.dcl | 95 + vms/libssh2_make_kit.dcl | 222 + vms/libssh2_make_lib.dcl | 345 ++ vms/man2help.c | 516 +++ vms/readme.vms | 319 ++ win32/.gitignore | 14 + win32/GNUmakefile | 365 ++ win32/Makefile.Watcom | 190 + win32/config.mk | 54 + win32/libssh2.dsw | 41 + win32/libssh2.rc | 45 + win32/libssh2_config.h | 47 + win32/msvcproj.foot | 3 + win32/msvcproj.head | 256 + win32/rules.mk | 15 + win32/test/GNUmakefile | 283 ++ win32/tests.dsp | 102 + 412 files changed, 75167 insertions(+) create mode 100644 .editorconfig create mode 100644 .gitattribute create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/stale.yml create mode 100644 .gitignore create mode 100644 .travis.yml create mode 100644 CMakeLists.txt create mode 100644 COPYING create mode 100644 Makefile.OpenSSL.inc create mode 100644 Makefile.WinCNG.inc create mode 100644 Makefile.am create mode 100644 Makefile.inc create mode 100644 Makefile.libgcrypt.inc create mode 100644 Makefile.mbedTLS.inc create mode 100644 Makefile.os400qc3.inc create mode 100644 NEWS create mode 100644 NMakefile create mode 100644 README create mode 100644 README.md create mode 100644 RELEASE-NOTES create mode 100644 acinclude.m4 create mode 100644 appveyor.yml create mode 100755 buildconf create mode 100644 cmake/CheckFunctionExistsMayNeedLibrary.cmake create mode 100644 cmake/CheckNonblockingSocketSupport.cmake create mode 100644 cmake/CopyRuntimeDependencies.cmake create mode 100644 cmake/FindLibgcrypt.cmake create mode 100644 cmake/FindmbedTLS.cmake create mode 100644 cmake/SocketLibraries.cmake create mode 100644 cmake/Toolchain-Linux-32.cmake create mode 100644 cmake/max_warnings.cmake create mode 100755 config.rpath create mode 100644 configure.ac create mode 100644 docs/.gitignore create mode 100644 docs/AUTHORS create mode 100644 docs/BINDINGS create mode 100644 docs/CMakeLists.txt create mode 100644 docs/HACKING create mode 100644 docs/HACKING.CRYPTO create mode 100644 docs/INSTALL_AUTOTOOLS create mode 100644 docs/INSTALL_CMAKE.md create mode 100644 docs/Makefile.am create mode 100644 docs/SECURITY.md create mode 100644 docs/TODO create mode 100644 docs/libssh2_agent_connect.3 create mode 100644 docs/libssh2_agent_disconnect.3 create mode 100644 docs/libssh2_agent_free.3 create mode 100644 docs/libssh2_agent_get_identity.3 create mode 100644 docs/libssh2_agent_get_identity_path.3 create mode 100644 docs/libssh2_agent_init.3 create mode 100644 docs/libssh2_agent_list_identities.3 create mode 100644 docs/libssh2_agent_set_identity_path.3 create mode 100644 docs/libssh2_agent_userauth.3 create mode 100644 docs/libssh2_banner_set.3 create mode 100644 docs/libssh2_base64_decode.3 create mode 100644 docs/libssh2_channel_close.3 create mode 100644 docs/libssh2_channel_direct_tcpip.3 create mode 100644 docs/libssh2_channel_direct_tcpip_ex.3 create mode 100644 docs/libssh2_channel_eof.3 create mode 100644 docs/libssh2_channel_exec.3 create mode 100644 docs/libssh2_channel_flush.3 create mode 100644 docs/libssh2_channel_flush_ex.3 create mode 100644 docs/libssh2_channel_flush_stderr.3 create mode 100644 docs/libssh2_channel_forward_accept.3 create mode 100644 docs/libssh2_channel_forward_cancel.3 create mode 100644 docs/libssh2_channel_forward_listen.3 create mode 100644 docs/libssh2_channel_forward_listen_ex.3 create mode 100644 docs/libssh2_channel_free.3 create mode 100644 docs/libssh2_channel_get_exit_signal.3 create mode 100644 docs/libssh2_channel_get_exit_status.3 create mode 100644 docs/libssh2_channel_handle_extended_data.3 create mode 100644 docs/libssh2_channel_handle_extended_data2.3 create mode 100644 docs/libssh2_channel_ignore_extended_data.3 create mode 100644 docs/libssh2_channel_open_ex.3 create mode 100644 docs/libssh2_channel_open_session.3 create mode 100644 docs/libssh2_channel_process_startup.3 create mode 100644 docs/libssh2_channel_read.3 create mode 100644 docs/libssh2_channel_read_ex.3 create mode 100644 docs/libssh2_channel_read_stderr.3 create mode 100644 docs/libssh2_channel_receive_window_adjust.3 create mode 100644 docs/libssh2_channel_receive_window_adjust2.3 create mode 100644 docs/libssh2_channel_request_auth_agent.3 create mode 100644 docs/libssh2_channel_request_pty.3 create mode 100644 docs/libssh2_channel_request_pty_ex.3 create mode 100644 docs/libssh2_channel_request_pty_size.3 create mode 100644 docs/libssh2_channel_request_pty_size_ex.3 create mode 100644 docs/libssh2_channel_send_eof.3 create mode 100644 docs/libssh2_channel_set_blocking.3 create mode 100644 docs/libssh2_channel_setenv.3 create mode 100644 docs/libssh2_channel_setenv_ex.3 create mode 100644 docs/libssh2_channel_shell.3 create mode 100644 docs/libssh2_channel_subsystem.3 create mode 100644 docs/libssh2_channel_wait_closed.3 create mode 100644 docs/libssh2_channel_wait_eof.3 create mode 100644 docs/libssh2_channel_window_read.3 create mode 100644 docs/libssh2_channel_window_read_ex.3 create mode 100644 docs/libssh2_channel_window_write.3 create mode 100644 docs/libssh2_channel_window_write_ex.3 create mode 100644 docs/libssh2_channel_write.3 create mode 100644 docs/libssh2_channel_write_ex.3 create mode 100644 docs/libssh2_channel_write_stderr.3 create mode 100644 docs/libssh2_channel_x11_req.3 create mode 100644 docs/libssh2_channel_x11_req_ex.3 create mode 100644 docs/libssh2_exit.3 create mode 100644 docs/libssh2_free.3 create mode 100644 docs/libssh2_hostkey_hash.3 create mode 100644 docs/libssh2_init.3 create mode 100644 docs/libssh2_keepalive_config.3 create mode 100644 docs/libssh2_keepalive_send.3 create mode 100644 docs/libssh2_knownhost_add.3 create mode 100644 docs/libssh2_knownhost_addc.3 create mode 100644 docs/libssh2_knownhost_check.3 create mode 100644 docs/libssh2_knownhost_checkp.3 create mode 100644 docs/libssh2_knownhost_del.3 create mode 100644 docs/libssh2_knownhost_free.3 create mode 100644 docs/libssh2_knownhost_get.3 create mode 100644 docs/libssh2_knownhost_init.3 create mode 100644 docs/libssh2_knownhost_readfile.3 create mode 100644 docs/libssh2_knownhost_readline.3 create mode 100644 docs/libssh2_knownhost_writefile.3 create mode 100644 docs/libssh2_knownhost_writeline.3 create mode 100644 docs/libssh2_poll.3 create mode 100644 docs/libssh2_poll_channel_read.3 create mode 100644 docs/libssh2_publickey_add.3 create mode 100644 docs/libssh2_publickey_add_ex.3 create mode 100644 docs/libssh2_publickey_init.3 create mode 100644 docs/libssh2_publickey_list_fetch.3 create mode 100644 docs/libssh2_publickey_list_free.3 create mode 100644 docs/libssh2_publickey_remove.3 create mode 100644 docs/libssh2_publickey_remove_ex.3 create mode 100644 docs/libssh2_publickey_shutdown.3 create mode 100644 docs/libssh2_scp_recv.3 create mode 100644 docs/libssh2_scp_recv2.3 create mode 100644 docs/libssh2_scp_send.3 create mode 100644 docs/libssh2_scp_send64.3 create mode 100644 docs/libssh2_scp_send_ex.3 create mode 100644 docs/libssh2_session_abstract.3 create mode 100644 docs/libssh2_session_banner_get.3 create mode 100644 docs/libssh2_session_banner_set.3 create mode 100644 docs/libssh2_session_block_directions.3 create mode 100644 docs/libssh2_session_callback_set.3 create mode 100644 docs/libssh2_session_disconnect.3 create mode 100644 docs/libssh2_session_disconnect_ex.3 create mode 100644 docs/libssh2_session_flag.3 create mode 100644 docs/libssh2_session_free.3 create mode 100644 docs/libssh2_session_get_blocking.3 create mode 100644 docs/libssh2_session_get_timeout.3 create mode 100644 docs/libssh2_session_handshake.3 create mode 100644 docs/libssh2_session_hostkey.3 create mode 100644 docs/libssh2_session_init.3 create mode 100644 docs/libssh2_session_init_ex.3 create mode 100644 docs/libssh2_session_last_errno.3 create mode 100644 docs/libssh2_session_last_error.3 create mode 100644 docs/libssh2_session_method_pref.3 create mode 100644 docs/libssh2_session_methods.3 create mode 100644 docs/libssh2_session_set_blocking.3 create mode 100644 docs/libssh2_session_set_last_error.3 create mode 100644 docs/libssh2_session_set_timeout.3 create mode 100644 docs/libssh2_session_startup.3 create mode 100644 docs/libssh2_session_supported_algs.3 create mode 100644 docs/libssh2_sftp_close.3 create mode 100644 docs/libssh2_sftp_close_handle.3 create mode 100644 docs/libssh2_sftp_closedir.3 create mode 100644 docs/libssh2_sftp_fsetstat.3 create mode 100644 docs/libssh2_sftp_fstat.3 create mode 100644 docs/libssh2_sftp_fstat_ex.3 create mode 100644 docs/libssh2_sftp_fstatvfs.3 create mode 100644 docs/libssh2_sftp_fsync.3 create mode 100644 docs/libssh2_sftp_get_channel.3 create mode 100644 docs/libssh2_sftp_init.3 create mode 100644 docs/libssh2_sftp_last_error.3 create mode 100644 docs/libssh2_sftp_lstat.3 create mode 100644 docs/libssh2_sftp_mkdir.3 create mode 100644 docs/libssh2_sftp_mkdir_ex.3 create mode 100644 docs/libssh2_sftp_open.3 create mode 100644 docs/libssh2_sftp_open_ex.3 create mode 100644 docs/libssh2_sftp_opendir.3 create mode 100644 docs/libssh2_sftp_read.3 create mode 100644 docs/libssh2_sftp_readdir.3 create mode 100644 docs/libssh2_sftp_readdir_ex.3 create mode 100644 docs/libssh2_sftp_readlink.3 create mode 100644 docs/libssh2_sftp_realpath.3 create mode 100644 docs/libssh2_sftp_rename.3 create mode 100644 docs/libssh2_sftp_rename_ex.3 create mode 100644 docs/libssh2_sftp_rewind.3 create mode 100644 docs/libssh2_sftp_rmdir.3 create mode 100644 docs/libssh2_sftp_rmdir_ex.3 create mode 100644 docs/libssh2_sftp_seek.3 create mode 100644 docs/libssh2_sftp_seek64.3 create mode 100644 docs/libssh2_sftp_setstat.3 create mode 100644 docs/libssh2_sftp_shutdown.3 create mode 100644 docs/libssh2_sftp_stat.3 create mode 100644 docs/libssh2_sftp_stat_ex.3 create mode 100644 docs/libssh2_sftp_statvfs.3 create mode 100644 docs/libssh2_sftp_symlink.3 create mode 100644 docs/libssh2_sftp_symlink_ex.3 create mode 100644 docs/libssh2_sftp_tell.3 create mode 100644 docs/libssh2_sftp_tell64.3 create mode 100644 docs/libssh2_sftp_unlink.3 create mode 100644 docs/libssh2_sftp_unlink_ex.3 create mode 100644 docs/libssh2_sftp_write.3 create mode 100644 docs/libssh2_trace.3 create mode 100644 docs/libssh2_trace_sethandler.3 create mode 100644 docs/libssh2_userauth_authenticated.3 create mode 100644 docs/libssh2_userauth_hostbased_fromfile.3 create mode 100644 docs/libssh2_userauth_hostbased_fromfile_ex.3 create mode 100644 docs/libssh2_userauth_keyboard_interactive.3 create mode 100644 docs/libssh2_userauth_keyboard_interactive_ex.3 create mode 100644 docs/libssh2_userauth_list.3 create mode 100644 docs/libssh2_userauth_password.3 create mode 100644 docs/libssh2_userauth_password_ex.3 create mode 100644 docs/libssh2_userauth_publickey.3 create mode 100644 docs/libssh2_userauth_publickey_fromfile.3 create mode 100644 docs/libssh2_userauth_publickey_fromfile_ex.3 create mode 100644 docs/libssh2_userauth_publickey_frommemory.3 create mode 100644 docs/libssh2_version.3 create mode 100644 docs/template.3 create mode 100644 example/.gitignore create mode 100644 example/CMakeLists.txt create mode 100644 example/Makefile.am create mode 100644 example/direct_tcpip.c create mode 100644 example/libssh2_config_cmake.h.in create mode 100644 example/scp.c create mode 100644 example/scp_nonblock.c create mode 100644 example/scp_write.c create mode 100644 example/scp_write_nonblock.c create mode 100644 example/sftp.c create mode 100644 example/sftp_RW_nonblock.c create mode 100644 example/sftp_append.c create mode 100644 example/sftp_mkdir.c create mode 100644 example/sftp_mkdir_nonblock.c create mode 100644 example/sftp_nonblock.c create mode 100644 example/sftp_write.c create mode 100644 example/sftp_write_nonblock.c create mode 100644 example/sftp_write_sliding.c create mode 100644 example/sftpdir.c create mode 100644 example/sftpdir_nonblock.c create mode 100644 example/ssh2.c create mode 100644 example/ssh2_agent.c create mode 100644 example/ssh2_agent_forwarding.c create mode 100644 example/ssh2_echo.c create mode 100644 example/ssh2_exec.c create mode 100644 example/subsystem_netconf.c create mode 100644 example/tcpip-forward.c create mode 100644 example/x11.c create mode 100755 get_ver.awk create mode 100755 git2news.pl create mode 100644 include/libssh2.h create mode 100644 include/libssh2_publickey.h create mode 100644 include/libssh2_sftp.h create mode 100644 libssh2-style.el create mode 100644 libssh2.pc.in create mode 100644 m4/.gitignore create mode 100644 m4/autobuild.m4 create mode 100644 m4/lib-ld.m4 create mode 100644 m4/lib-link.m4 create mode 100644 m4/lib-prefix.m4 create mode 100755 maketgz create mode 100644 nw/GNUmakefile create mode 100644 nw/keepscreen.c create mode 100644 nw/nwlib.c create mode 100644 nw/test/GNUmakefile create mode 100644 os400/README400 create mode 100644 os400/ccsid.c create mode 100644 os400/include/alloca.h create mode 100644 os400/include/stdio.h create mode 100644 os400/include/sys/socket.h create mode 100644 os400/initscript.sh create mode 100644 os400/libssh2_ccsid.h create mode 100644 os400/libssh2_config.h create mode 100644 os400/libssh2rpg/libssh2.rpgle.in create mode 100644 os400/libssh2rpg/libssh2_ccsid.rpgle.in create mode 100644 os400/libssh2rpg/libssh2_publickey.rpgle create mode 100644 os400/libssh2rpg/libssh2_sftp.rpgle create mode 100644 os400/macros.h create mode 100644 os400/make-include.sh create mode 100644 os400/make-rpg.sh create mode 100644 os400/make-src.sh create mode 100644 os400/make.sh create mode 100644 os400/os400sys.c create mode 100644 src/.gitignore create mode 100644 src/CMakeLists.txt create mode 100644 src/Makefile.am create mode 100644 src/NMakefile create mode 100644 src/agent.c create mode 100644 src/bcrypt_pbkdf.c create mode 100644 src/blf.h create mode 100644 src/blowfish.c create mode 100644 src/channel.c create mode 100644 src/channel.h create mode 100755 src/checksrc.pl create mode 100644 src/comp.c create mode 100644 src/comp.h create mode 100644 src/crypt.c create mode 100644 src/crypto.h create mode 100644 src/global.c create mode 100644 src/hostkey.c create mode 100644 src/keepalive.c create mode 100644 src/kex.c create mode 100644 src/knownhost.c create mode 100644 src/libgcrypt.c create mode 100644 src/libgcrypt.h create mode 100644 src/libssh2.pc.in create mode 100644 src/libssh2_config_cmake.h.in create mode 100644 src/libssh2_priv.h create mode 100644 src/mac.c create mode 100644 src/mac.h create mode 100644 src/mbedtls.c create mode 100644 src/mbedtls.h create mode 100644 src/misc.c create mode 100644 src/misc.h create mode 100644 src/openssl.c create mode 100644 src/openssl.h create mode 100644 src/os400qc3.c create mode 100644 src/os400qc3.h create mode 100644 src/packet.c create mode 100644 src/packet.h create mode 100644 src/pem.c create mode 100644 src/publickey.c create mode 100644 src/scp.c create mode 100644 src/session.c create mode 100644 src/session.h create mode 100644 src/sftp.c create mode 100644 src/sftp.h create mode 100644 src/transport.c create mode 100644 src/transport.h create mode 100644 src/userauth.c create mode 100644 src/userauth.h create mode 100644 src/version.c create mode 100644 src/wincng.c create mode 100755 src/wincng.h create mode 100644 tests/.gitignore create mode 100644 tests/CMakeLists.txt create mode 100644 tests/Makefile.am create mode 100644 tests/etc/host create mode 100644 tests/etc/host.pub create mode 100644 tests/etc/sshd_config create mode 100644 tests/etc/user create mode 100644 tests/etc/user.pub create mode 100644 tests/key_dsa create mode 100644 tests/key_dsa.pub create mode 100644 tests/key_dsa_wrong create mode 100644 tests/key_dsa_wrong.pub create mode 100644 tests/key_ed25519 create mode 100644 tests/key_ed25519.pub create mode 100644 tests/key_ed25519_encrypted create mode 100644 tests/key_ed25519_encrypted.pub create mode 100644 tests/key_rsa create mode 100644 tests/key_rsa.pub create mode 100644 tests/key_rsa_encrypted create mode 100644 tests/key_rsa_encrypted.pub create mode 100644 tests/key_rsa_openssh create mode 100644 tests/key_rsa_openssh.pub create mode 100644 tests/libssh2_config_cmake.h.in create mode 100755 tests/mansyntax.sh create mode 100644 tests/openssh_fixture.c create mode 100644 tests/openssh_fixture.h create mode 100644 tests/openssh_server/Dockerfile create mode 100644 tests/openssh_server/authorized_keys create mode 100644 tests/openssh_server/ssh_host_ecdsa_key create mode 100644 tests/openssh_server/ssh_host_ed25519_key create mode 100644 tests/openssh_server/ssh_host_rsa_key create mode 100644 tests/ossfuzz/.gitignore create mode 100644 tests/ossfuzz/Makefile.am create mode 100755 tests/ossfuzz/ossfuzz.sh create mode 100644 tests/ossfuzz/ssh2_client_fuzzer.cc create mode 100644 tests/ossfuzz/standaloneengine.cc create mode 100644 tests/ossfuzz/testinput.h create mode 100755 tests/ossfuzz/travisoss.sh create mode 100644 tests/runner.c create mode 100644 tests/session_fixture.c create mode 100644 tests/session_fixture.h create mode 100644 tests/simple.c create mode 100644 tests/ssh2.c create mode 100755 tests/ssh2.sh create mode 100644 tests/sshd_fixture.sh.in create mode 100755 tests/sshdwrap create mode 100644 tests/test_agent_forward_succeeds.c create mode 100644 tests/test_hostkey.c create mode 100644 tests/test_hostkey_hash.c create mode 100644 tests/test_keyboard_interactive_auth_fails_with_wrong_response.c create mode 100644 tests/test_keyboard_interactive_auth_succeeds_with_correct_response.c create mode 100644 tests/test_password_auth_fails_with_wrong_password.c create mode 100644 tests/test_password_auth_fails_with_wrong_username.c create mode 100644 tests/test_password_auth_succeeds_with_correct_credentials.c create mode 100644 tests/test_public_key_auth_fails_with_wrong_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_dsa_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_ed25519_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_encrypted_ed25519_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_encrypted_rsa_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_rsa_key.c create mode 100644 tests/test_public_key_auth_succeeds_with_correct_rsa_openssh_key.c create mode 100644 vms/libssh2_config.h create mode 100644 vms/libssh2_make_example.dcl create mode 100644 vms/libssh2_make_help.dcl create mode 100644 vms/libssh2_make_kit.dcl create mode 100644 vms/libssh2_make_lib.dcl create mode 100644 vms/man2help.c create mode 100644 vms/readme.vms create mode 100644 win32/.gitignore create mode 100644 win32/GNUmakefile create mode 100644 win32/Makefile.Watcom create mode 100644 win32/config.mk create mode 100644 win32/libssh2.dsw create mode 100644 win32/libssh2.rc create mode 100644 win32/libssh2_config.h create mode 100644 win32/msvcproj.foot create mode 100644 win32/msvcproj.head create mode 100644 win32/rules.mk create mode 100644 win32/test/GNUmakefile create mode 100644 win32/tests.dsp diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..b39609a --- /dev/null +++ b/.editorconfig @@ -0,0 +1,9 @@ +root = true + +[*.{c, h}] +end_of_line = lf +insert_final_newline = true +indent_style = space +indent_size = 4 +trim_trailing_whitespace = true +max_line_length = 80 diff --git a/.gitattribute b/.gitattribute new file mode 100644 index 0000000..bc50144 --- /dev/null +++ b/.gitattribute @@ -0,0 +1,2 @@ +win32/msvcproj.head -crlf +win32/msvcproj.foot -crlf diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..f883236 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,26 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior. + +A recipe or example code that reproduces the problem? A stack trace from a crash + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Version (please complete the following information):** + - OS: [e.g. iOS] + - libssh2 version [e.g. 1.8.0] + +**Additional context** +Add any other context about the problem here. diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 0000000..159f419 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,17 @@ +# Number of days of inactivity before an issue becomes stale +daysUntilStale: 120 +# Number of days of inactivity before a stale issue is closed +daysUntilClose: 30 +# Issues with these labels will never be considered stale +exemptLabels: + - pinned + - security +# Label to use when marking an issue as stale +staleLabel: stale +# Comment to post when marking an issue as stale. Set to `false` to disable +markComment: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. +# Comment to post when closing a stale issue. Set to `false` to disable +closeComment: false diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b6d6b5c --- /dev/null +++ b/.gitignore @@ -0,0 +1,37 @@ +.deps +.libs +*.lib +*.pdb +*.dll +*.exe +*.obj +.*.swp +Debug +Release +*.exp +Makefile +Makefile.in +aclocal.m4 +autom4te.cache +compile +test-driver +config.guess +config.log +config.status +config.sub +configure +depcomp +libtool +ltmain.sh +missing +ssh2_sample +libssh2-*.tar.gz +install-sh +*.o +*.lo +*.la +mkinstalldirs +tags +libssh2.pc +TAGS +*~ diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..64a3c40 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,130 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +sudo: required + +services: + - docker + +language: c + +compiler: + - gcc + - clang + +addons: + chrome: stable + +env: + matrix: + - B=style + - ADDRESS_SIZE=64 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=configure + - ADDRESS_SIZE=64 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=64 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=OpenSSL BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=Libgcrypt BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=OFF B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=OFF ENABLE_ZLIB_COMPRESSION=ON B=cmake + - ADDRESS_SIZE=32 CRYPTO_BACKEND=mbedTLS BUILD_SHARED_LIBS=ON ENABLE_ZLIB_COMPRESSION=ON B=cmake + - B=fuzzer + +before_install: + - if [ $ADDRESS_SIZE = '32' ]; then sudo dpkg --add-architecture i386; fi + - if [ $ADDRESS_SIZE = '32' ]; then sudo apt-get update -qq; fi + - if [ $ADDRESS_SIZE = '32' ]; then sudo apt-get install -y gcc-multilib; fi + - if [ $ADDRESS_SIZE = '32' ]; then sudo apt-get install -y libssl-dev:i386 libgcrypt20-dev:i386 build-essential gcc-multilib; fi + - if [ $ADDRESS_SIZE = '32' ]; then sudo dpkg --purge --force-depends gcc-multilib && sudo dpkg --purge --force-depends libssl-dev; fi + - if [ $ADDRESS_SIZE = '64' ]; then sudo apt-get install -y libssl-dev; fi + - if [ $ADDRESS_SIZE = '64' ]; then sudo apt-get install -y libgcrypt11-dev; fi + - if [ $ADDRESS_SIZE = '32' ]; then export TOOLCHAIN_OPTION="-DCMAKE_TOOLCHAIN_FILE=../cmake/Toolchain-Linux-32.cmake"; fi + - if [ $CRYPTO_BACKEND = 'mbedTLS' ]; then + MBEDTLSVER=mbedtls-2.7.0; + curl -L https://github.com/ARMmbed/mbedtls/archive/$MBEDTLSVER.tar.gz | tar -xzf -; + cd mbedtls-$MBEDTLSVER; + cmake $TOOLCHAIN_OPTION -DUSE_SHARED_MBEDTLS_LIBRARY=ON -DCMAKE_INSTALL_PREFIX:PATH=../usr .; + make -j3 install; + cd ..; + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/usr/lib; + export TOOLCHAIN_OPTION="$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$PWD/usr"; + fi + +install: + +script: + - | + if [ "$B" = "style" ]; then + ./buildconf + ./configure + make checksrc + fi + - | + if [ "$B" = "configure" ]; then + autoreconf -fi + ./configure --enable-debug --enable-werror + make + make check + fi + - | + if [ "$B" = "cmake" ]; then + mkdir bin + cd bin + cmake $TOOLCHAIN_OPTION -DCRYPTO_BACKEND=$CRYPTO_BACKEND -DBUILD_SHARED_LIBS=$BUILD_SHARED_LIBS -DENABLE_ZLIB_COMPRESSION=$ENABLE_ZLIB_COMPRESSION .. && cmake --build . && CTEST_OUTPUT_ON_FAILURE=1 cmake --build . --target test && cmake --build . --target package + fi + - | + if [ "$B" = "fuzzer" ]; then + ./tests/ossfuzz/travisoss.sh + fi + +# whitelist branches to avoid testing feature branches twice (as branch and as pull request) +branches: + only: + - master diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..ae55942 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,109 @@ +# Copyright (c) 2014, 2015 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +cmake_minimum_required(VERSION 2.8.11) + +set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake) + +project(libssh2 C) +set(PROJECT_URL "https://www.libssh2.org/") +set(PROJECT_DESCRIPTION "The SSH library") + +if (CMAKE_VERSION VERSION_LESS "3.1") + if (CMAKE_C_COMPILER_ID STREQUAL "GNU") + set (CMAKE_C_FLAGS "--std=gnu90 ${CMAKE_C_FLAGS}") + endif() +else() + set (CMAKE_C_STANDARD 90) +endif() + +option(BUILD_SHARED_LIBS "Build Shared Libraries" OFF) + +# Parse version + +file(READ ${CMAKE_CURRENT_SOURCE_DIR}/include/libssh2.h _HEADER_CONTENTS) +string( + REGEX REPLACE ".*#define LIBSSH2_VERSION[ \t]+\"([^\"]+)\".*" "\\1" + LIBSSH2_VERSION "${_HEADER_CONTENTS}") +string( + REGEX REPLACE ".*#define LIBSSH2_VERSION_MAJOR[ \t]+([0-9]+).*" "\\1" + LIBSSH2_VERSION_MAJOR "${_HEADER_CONTENTS}") +string( + REGEX REPLACE ".*#define LIBSSH2_VERSION_MINOR[ \t]+([0-9]+).*" "\\1" + LIBSSH2_VERSION_MINOR "${_HEADER_CONTENTS}") +string( + REGEX REPLACE ".*#define LIBSSH2_VERSION_PATCH[ \t]+([0-9]+).*" "\\1" + LIBSSH2_VERSION_PATCH "${_HEADER_CONTENTS}") + +if(NOT LIBSSH2_VERSION OR + NOT LIBSSH2_VERSION_MAJOR MATCHES "^[0-9]+$" OR + NOT LIBSSH2_VERSION_MINOR MATCHES "^[0-9]+$" OR + NOT LIBSSH2_VERSION_PATCH MATCHES "^[0-9]+$") + message( + FATAL_ERROR + "Unable to parse version from" + "${CMAKE_CURRENT_SOURCE_DIR}/include/libssh2.h") +endif() + +include(GNUInstallDirs) +install( + FILES docs/AUTHORS COPYING docs/HACKING README RELEASE-NOTES NEWS + DESTINATION ${CMAKE_INSTALL_DOCDIR}) + +include(max_warnings) +include(FeatureSummary) + +add_subdirectory(src) + +option(BUILD_EXAMPLES "Build libssh2 examples" ON) +if(BUILD_EXAMPLES) + add_subdirectory(example) +endif() + +option(BUILD_TESTING "Build libssh2 test suite" ON) +if(BUILD_TESTING) + enable_testing() + add_subdirectory(tests) +endif() + +add_subdirectory(docs) + +feature_summary(WHAT ALL) + +set(CPACK_PACKAGE_VERSION_MAJOR ${LIBSSH2_VERSION_MAJOR}) +set(CPACK_PACKAGE_VERSION_MINOR ${LIBSSH2_VERSION_MINOR}) +set(CPACK_PACKAGE_VERSION_PATCH ${LIBSSH2_VERSION_PATCH}) +set(CPACK_PACKAGE_VERSION ${LIBSSH2_VERSION}) +include(CPack) diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..68c8d36 --- /dev/null +++ b/COPYING @@ -0,0 +1,42 @@ +/* Copyright (c) 2004-2007 Sara Golemon + * Copyright (c) 2005,2006 Mikhail Gusarov + * Copyright (c) 2006-2007 The Written Word, Inc. + * Copyright (c) 2007 Eli Fant + * Copyright (c) 2009-2019 Daniel Stenberg + * Copyright (C) 2008, 2009 Simon Josefsson + * All rights reserved. + * + * Redistribution and use in source and binary forms, + * with or without modification, are permitted provided + * that the following conditions are met: + * + * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * Neither the name of the copyright holder nor the names + * of any other contributors may be used to endorse or + * promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + */ + diff --git a/Makefile.OpenSSL.inc b/Makefile.OpenSSL.inc new file mode 100644 index 0000000..1e4e8f0 --- /dev/null +++ b/Makefile.OpenSSL.inc @@ -0,0 +1,3 @@ +CRYPTO_CSOURCES = openssl.c +CRYPTO_HHEADERS = openssl.h +CRYPTO_LTLIBS = $(LTLIBSSL) diff --git a/Makefile.WinCNG.inc b/Makefile.WinCNG.inc new file mode 100644 index 0000000..bbcb82b --- /dev/null +++ b/Makefile.WinCNG.inc @@ -0,0 +1,3 @@ +CRYPTO_CSOURCES = wincng.c +CRYPTO_HHEADERS = wincng.h +CRYPTO_LTLIBS = $(LTLIBBCRYPT) $(LTLIBCRYPT32) diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 0000000..986441b --- /dev/null +++ b/Makefile.am @@ -0,0 +1,154 @@ +AUTOMAKE_OPTIONS = foreign nostdinc + +SUBDIRS = src tests docs +if BUILD_EXAMPLES +SUBDIRS += example +endif + +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = libssh2.pc + +include_HEADERS = \ + include/libssh2.h \ + include/libssh2_publickey.h \ + include/libssh2_sftp.h + +NETWAREFILES = nw/keepscreen.c \ + nw/nwlib.c \ + nw/GNUmakefile \ + nw/test/GNUmakefile + +DSP = win32/libssh2.dsp +VCPROJ = win32/libssh2.vcproj + +DISTCLEANFILES = $(DSP) + +VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ +vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ +vms/readme.vms vms/libssh2_config.h + +WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \ +win32/libssh2_config.h win32/config.mk win32/rules.mk \ +win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \ +win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc + +OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ +os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ +os400/os400sys.c os400/ccsid.c \ +os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ +os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ +os400/libssh2rpg/libssh2.rpgle.in \ +os400/libssh2rpg/libssh2_ccsid.rpgle.in \ +os400/libssh2rpg/libssh2_publickey.rpgle \ +os400/libssh2rpg/libssh2_sftp.rpgle \ +Makefile.os400qc3.inc + +EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \ + maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ + CMakeLists.txt cmake $(OS400FILES) + +ACLOCAL_AMFLAGS = -I m4 + +.PHONY: ChangeLog +ChangeLog: + echo "see NEWS" > ./ChangeLog +DISTCLEANFILES += ChangeLog + +dist-hook: + rm -rf $(top_builddir)/tests/log + find $(distdir) -name "*.dist" -exec rm {} \; + (distit=`find $(srcdir) -name "*.dist"`; \ + for file in $$distit; do \ + strip=`echo $$file | sed -e s/^$(srcdir)// -e s/\.dist//`; \ + cp $$file $(distdir)$$strip; \ + done) + +# Code Coverage + +init-coverage: + make clean + lcov --directory . --zerocounters + +COVERAGE_CCOPTS ?= "-g --coverage" +COVERAGE_OUT ?= docs/coverage + +build-coverage: + make CFLAGS=$(COVERAGE_CCOPTS) check + mkdir -p $(COVERAGE_OUT) + lcov --directory . --output-file $(COVERAGE_OUT)/$(PACKAGE).info \ + --capture + +gen-coverage: + genhtml --output-directory $(COVERAGE_OUT) \ + $(COVERAGE_OUT)/$(PACKAGE).info \ + --highlight --frames --legend \ + --title "$(PACKAGE_NAME)" + +coverage: init-coverage build-coverage gen-coverage + +# DSP/VCPROJ generation adapted from libcurl +# only OpenSSL and WinCNG are supported with this build system +CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c +CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h +# Makefile.inc provides the CSOURCES and HHEADERS defines +include Makefile.inc + +WIN32SOURCES = $(CSOURCES) +WIN32HEADERS = $(HHEADERS) libssh2_config.h + +$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am + echo "creating $(DSP)" + @( (cat $(srcdir)/win32/msvcproj.head; \ + echo "# Begin Group \"Source Files\""; \ + echo ""; \ + echo "# PROP Default_Filter \"cpp;c;cxx\""; \ + win32_srcs='$(WIN32SOURCES)'; \ + sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ + for file in $$sorted_srcs; do \ + echo "# Begin Source File"; \ + echo ""; \ + echo "SOURCE=..\\src\\"$$file; \ + echo "# End Source File"; \ + done; \ + echo "# End Group"; \ + echo "# Begin Group \"Header Files\""; \ + echo ""; \ + echo "# PROP Default_Filter \"h;hpp;hxx\""; \ + win32_hdrs='$(WIN32HEADERS)'; \ + sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ + for file in $$sorted_hdrs; do \ + echo "# Begin Source File"; \ + echo ""; \ + if [ "$$file" = "libssh2_config.h" ]; \ + then \ + echo "SOURCE=.\\"$$file; \ + else \ + echo "SOURCE=..\\src\\"$$file; \ + fi; \ + echo "# End Source File"; \ + done; \ + echo "# End Group"; \ + cat $(srcdir)/win32/msvcproj.foot) | \ + awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) + +$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am + echo "creating $(VCPROJ)" + @( (cat $(srcdir)/vc8proj.head; \ + win32_srcs='$(WIN32SOURCES)'; \ + sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ + for file in $$sorted_srcs; do \ + echo ""; \ + done; \ + echo ""; \ + win32_hdrs='$(WIN32HEADERS)'; \ + sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ + for file in $$sorted_hdrs; do \ + echo ""; \ + done; \ + cat $(srcdir)/vc8proj.foot) | \ + awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) + +checksrc: + perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \ + -AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ + tests/*.[ch] diff --git a/Makefile.inc b/Makefile.inc new file mode 100644 index 0000000..ff8e6ef --- /dev/null +++ b/Makefile.inc @@ -0,0 +1,7 @@ +CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \ + packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \ + version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \ + blowfish.c bcrypt_pbkdf.c + +HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \ + mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h diff --git a/Makefile.libgcrypt.inc b/Makefile.libgcrypt.inc new file mode 100644 index 0000000..0a3aae9 --- /dev/null +++ b/Makefile.libgcrypt.inc @@ -0,0 +1,3 @@ +CRYPTO_CSOURCES = libgcrypt.c +CRYPTO_HHEADERS = libgcrypt.h +CRYPTO_LTLIBS = $(LTLIBGCRYPT) diff --git a/Makefile.mbedTLS.inc b/Makefile.mbedTLS.inc new file mode 100644 index 0000000..b9f19fc --- /dev/null +++ b/Makefile.mbedTLS.inc @@ -0,0 +1,3 @@ +CRYPTO_CSOURCES = mbedtls.c +CRYPTO_HHEADERS = mbedtls.h +CRYPTO_LTLIBS = $(LTLIBMBEDCRYPTO) diff --git a/Makefile.os400qc3.inc b/Makefile.os400qc3.inc new file mode 100644 index 0000000..e55094d --- /dev/null +++ b/Makefile.os400qc3.inc @@ -0,0 +1,2 @@ +CRYPTO_CSOURCES = os400qc3.c +CRYPTO_HHEADERS = os400qc3.h diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..f48ae35 --- /dev/null +++ b/NEWS @@ -0,0 +1,3 @@ +The old NEWS file. + +NEWS is now generated from git and put into the release tarballs. diff --git a/NMakefile b/NMakefile new file mode 100644 index 0000000..07bc2dd --- /dev/null +++ b/NMakefile @@ -0,0 +1,33 @@ +!include "win32/config.mk" + +!if "$(WITH_WINCNG)" == "1" +!include "Makefile.WinCNG.inc" +!else +!include "Makefile.OpenSSL.inc" +!endif +!include "Makefile.inc" + +OBJECTS=$(CSOURCES:.c=.obj) + +# SUBDIRS=src example +SUBDIRS=src + +all-sub: win32\objects.mk + -for %D in ($(SUBDIRS)) do $(MAKE) /nologo /f %D/NMakefile BUILD=$(BUILD) SUBDIR=%D all-sub + +clean: + -rmdir 2>NUL /s/q $(TARGET) + -del 2>NUL win32\objects.mk + +real-clean vclean: clean + -del 2>NUL libssh2.dll + -del 2>NUL libssh2.exp + -del 2>NUL libssh2.ilk + -del 2>NUL libssh2.lib + -del 2>NUL *.pdb + +win32\objects.mk: Makefile.inc + @echo OBJECTS = \>$@ + @for %O in ($(OBJECTS)) do @echo $$(INTDIR)\%O \>>$@ + @echo $$(EOL)>>$@ + diff --git a/README b/README new file mode 100644 index 0000000..8a14856 --- /dev/null +++ b/README @@ -0,0 +1,19 @@ +libssh2 - SSH2 library +====================== + +libssh2 is a library implementing the SSH2 protocol, available under +the revised BSD license. + +Web site: https://www.libssh2.org/ + +Mailing list: https://cool.haxx.se/mailman/listinfo/libssh2-devel + +License: see COPYING + +Source code: https://github.com/libssh2/libssh2 + +Web site source code: https://github.com/libssh2/www + +Installation instructions are in: + - docs/INSTALL_CMAKE for CMake + - docs/INSTALL_AUTOTOOLS for Autotools diff --git a/README.md b/README.md new file mode 100644 index 0000000..a4c741f --- /dev/null +++ b/README.md @@ -0,0 +1,16 @@ +# libssh2 - SSH2 library + +libssh2 is a library implementing the SSH2 protocol, available under +the revised BSD license. + +[Web site](https://www.libssh2.org/) + +[Mailing list](https://cool.haxx.se/mailman/listinfo/libssh2-devel) + +[BSD Licensed](https://libssh2.org/license.html) + +[Web site source code](https://github.com/libssh2/www) + +Installation instructions: + - [for CMake](docs/INSTALL_CMAKE.md) + - [for autotools](docs/INSTALL_AUTOTOOLS) diff --git a/RELEASE-NOTES b/RELEASE-NOTES new file mode 100644 index 0000000..98cb803 --- /dev/null +++ b/RELEASE-NOTES @@ -0,0 +1,44 @@ +libssh2 1.9.0 + +This release includes the following enhancements and bugfixes: + + o adds ECDSA keys and host key support when using OpenSSL + o adds ED25519 key and host key support when using OpenSSL 1.1.1 + o adds OpenSSH style key file reading + o adds AES CTR mode support when using WinCNG + o adds PEM passphrase protected file support for Libgcrypt and WinCNG + o adds SHA256 hostkey fingerprint + o adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() + o adds explicit zeroing of sensitive data in memory + o adds additional bounds checks to network buffer reads + o adds the ability to use the server default permissions when creating sftp directories + o adds support for building with OpenSSL no engine flag + o adds support for building with LibreSSL + o increased sftp packet size to 256k + o fixed oversized packet handling in sftp + o fixed building with OpenSSL 1.1 + o fixed a possible crash if sftp stat gets an unexpected response + o fixed incorrect parsing of the KEX preference string value + o fixed conditional RSA and AES-CTR support + o fixed a small memory leak during the key exchange process + o fixed a possible memory leak of the ssh banner string + o fixed various small memory leaks in the backends + o fixed possible out of bounds read when parsing public keys from the server + o fixed possible out of bounds read when parsing invalid PEM files + o no longer null terminates the scp remote exec command + o now handle errors when diffie hellman key pair generation fails + o fixed compiling on Windows with the flag STDCALL=ON + o improved building instructions + o improved unit tests + +This release would not have looked like this without help, code, reports and +advice from friends like these: + + Peter Surge, Will Cosgrove, Daniel Stenberg, Alex Arslan, Alex Crichton, + Thomas Bleeker, Keno Fischer, Marc Hörsken, Marcel Raad, Viktor Szakats, + Kamil Dudka, Panos, Etienne Samson, Tseng Jun, Brendan Shanks, doublex, + Erik B, Jakob Egger, Thomas Lochmatter, alex-weaver, Adrian Moran, Zenju, + gartens, Matthew D. Fuller, Ryan Kelley, Zhen-Huan HWANG, Orivej Desh, + Alexander Curtiss + + (29 contributors) diff --git a/acinclude.m4 b/acinclude.m4 new file mode 100644 index 0000000..2066f0e --- /dev/null +++ b/acinclude.m4 @@ -0,0 +1,512 @@ + +dnl ********************************************************************** +dnl CURL_DETECT_ICC ([ACTION-IF-YES]) +dnl +dnl check if this is the Intel ICC compiler, and if so run the ACTION-IF-YES +dnl sets the $ICC variable to "yes" or "no" +dnl ********************************************************************** +AC_DEFUN([CURL_DETECT_ICC], +[ + ICC="no" + AC_MSG_CHECKING([for icc in use]) + if test "$GCC" = "yes"; then + dnl check if this is icc acting as gcc in disguise + AC_EGREP_CPP([^__INTEL_COMPILER], [__INTEL_COMPILER], + dnl action if the text is found, this it has not been replaced by the + dnl cpp + ICC="no", + dnl the text was not found, it was replaced by the cpp + ICC="yes" + AC_MSG_RESULT([yes]) + [$1] + ) + fi + if test "$ICC" = "no"; then + # this is not ICC + AC_MSG_RESULT([no]) + fi +]) + +dnl We create a function for detecting which compiler we use and then set as +dnl pendantic compiler options as possible for that particular compiler. The +dnl options are only used for debug-builds. + +AC_DEFUN([CURL_CC_DEBUG_OPTS], +[ + if test "z$ICC" = "z"; then + CURL_DETECT_ICC + fi + + if test "$GCC" = "yes"; then + + dnl figure out gcc version! + AC_MSG_CHECKING([gcc version]) + gccver=`$CC -dumpversion` + num1=`echo $gccver | cut -d . -f1` + num2=`echo $gccver | cut -d . -f2` + gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null` + AC_MSG_RESULT($gccver) + + if test "$ICC" = "yes"; then + dnl this is icc, not gcc. + + dnl ICC warnings we ignore: + dnl * 269 warns on our "%Od" printf formatters for curl_off_t output: + dnl "invalid format string conversion" + dnl * 279 warns on static conditions in while expressions + dnl * 981 warns on "operands are evaluated in unspecified order" + dnl * 1418 "external definition with no prior declaration" + dnl * 1419 warns on "external declaration in primary source file" + dnl which we know and do on purpose. + + WARN="-wd279,269,981,1418,1419" + + if test "$gccnum" -gt "600"; then + dnl icc 6.0 and older doesn't have the -Wall flag + WARN="-Wall $WARN" + fi + else dnl $ICC = yes + dnl this is a set of options we believe *ALL* gcc versions support: + WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes" + + dnl -Wcast-align is a bit too annoying on all gcc versions ;-) + + if test "$gccnum" -ge "207"; then + dnl gcc 2.7 or later + WARN="$WARN -Wmissing-declarations" + fi + + if test "$gccnum" -gt "295"; then + dnl only if the compiler is newer than 2.95 since we got lots of + dnl "`_POSIX_C_SOURCE' is not defined" in system headers with + dnl gcc 2.95.4 on FreeBSD 4.9! + WARN="$WARN -Wundef -Wno-long-long -Wsign-compare" + fi + + if test "$gccnum" -ge "296"; then + dnl gcc 2.96 or later + WARN="$WARN -Wfloat-equal" + fi + + if test "$gccnum" -gt "296"; then + dnl this option does not exist in 2.96 + WARN="$WARN -Wno-format-nonliteral" + fi + + dnl -Wunreachable-code seems totally unreliable on my gcc 3.3.2 on + dnl on i686-Linux as it gives us heaps with false positives. + dnl Also, on gcc 4.0.X it is totally unbearable and complains all + dnl over making it unusable for generic purposes. Let's not use it. + + if test "$gccnum" -ge "303"; then + dnl gcc 3.3 and later + WARN="$WARN -Wendif-labels -Wstrict-prototypes" + fi + + if test "$gccnum" -ge "304"; then + # try these on gcc 3.4 + WARN="$WARN -Wdeclaration-after-statement" + fi + + for flag in $CPPFLAGS; do + case "$flag" in + -I*) + dnl Include path, provide a -isystem option for the same dir + dnl to prevent warnings in those dirs. The -isystem was not very + dnl reliable on earlier gcc versions. + add=`echo $flag | sed 's/^-I/-isystem /g'` + WARN="$WARN $add" + ;; + esac + done + + fi dnl $ICC = no + + CFLAGS="$CFLAGS $WARN" + + AC_MSG_NOTICE([Added this set of compiler options: $WARN]) + + else dnl $GCC = yes + + AC_MSG_NOTICE([Added no extra compiler options]) + + fi dnl $GCC = yes + + dnl strip off optimizer flags + NEWFLAGS="" + for flag in $CFLAGS; do + case "$flag" in + -O*) + dnl echo "cut off $flag" + ;; + *) + NEWFLAGS="$NEWFLAGS $flag" + ;; + esac + done + CFLAGS=$NEWFLAGS + +]) dnl end of AC_DEFUN() + +dnl CURL_CHECK_NONBLOCKING_SOCKET +dnl ------------------------------------------------- +dnl Check for how to set a socket to non-blocking state. There seems to exist +dnl four known different ways, with the one used almost everywhere being POSIX +dnl and XPG3, while the other different ways for different systems (old BSD, +dnl Windows and Amiga). +dnl +dnl There are two known platforms (AIX 3.x and SunOS 4.1.x) where the +dnl O_NONBLOCK define is found but does not work. This condition is attempted +dnl to get caught in this script by using an excessive number of #ifdefs... +dnl +AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], +[ + AC_MSG_CHECKING([non-blocking sockets style]) + + AC_TRY_COMPILE([ +/* headers for O_NONBLOCK test */ +#include +#include +#include +],[ +/* try to compile O_NONBLOCK */ + +#if defined(sun) || defined(__sun__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) +# if defined(__SVR4) || defined(__srv4__) +# define PLATFORM_SOLARIS +# else +# define PLATFORM_SUNOS4 +# endif +#endif +#if (defined(_AIX) || defined(__xlC__)) && !defined(_AIX41) +# define PLATFORM_AIX_V3 +#endif + +#if defined(PLATFORM_SUNOS4) || defined(PLATFORM_AIX_V3) || defined(__BEOS__) +#error "O_NONBLOCK does not work on this platform" +#endif + int socket; + int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); +],[ +dnl the O_NONBLOCK test was fine +nonblock="O_NONBLOCK" +AC_DEFINE(HAVE_O_NONBLOCK, 1, [use O_NONBLOCK for non-blocking sockets]) +],[ +dnl the code was bad, try a different program now, test 2 + + AC_TRY_COMPILE([ +/* headers for FIONBIO test */ +#include +#include +],[ +/* FIONBIO source test (old-style unix) */ + int socket; + int flags = ioctl(socket, FIONBIO, &flags); +],[ +dnl FIONBIO test was good +nonblock="FIONBIO" +AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets]) +],[ +dnl FIONBIO test was also bad +dnl the code was bad, try a different program now, test 3 + + AC_TRY_COMPILE([ +/* headers for ioctlsocket test (Windows) */ +#undef inline +#ifdef HAVE_WINDOWS_H +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif +#include +#ifdef HAVE_WINSOCK2_H +#include +#else +#ifdef HAVE_WINSOCK_H +#include +#endif +#endif +#endif +],[ +/* ioctlsocket source code */ + SOCKET sd; + unsigned long flags = 0; + sd = socket(0, 0, 0); + ioctlsocket(sd, FIONBIO, &flags); +],[ +dnl ioctlsocket test was good +nonblock="ioctlsocket" +AC_DEFINE(HAVE_IOCTLSOCKET, 1, [use ioctlsocket() for non-blocking sockets]) +],[ +dnl ioctlsocket didnt compile!, go to test 4 + + AC_TRY_LINK([ +/* headers for IoctlSocket test (Amiga?) */ +#include +],[ +/* IoctlSocket source code */ + int socket; + int flags = IoctlSocket(socket, FIONBIO, (long)1); +],[ +dnl ioctlsocket test was good +nonblock="IoctlSocket" +AC_DEFINE(HAVE_IOCTLSOCKET_CASE, 1, [use Ioctlsocket() for non-blocking sockets]) +],[ +dnl Ioctlsocket didnt compile, do test 5! + AC_TRY_COMPILE([ +/* headers for SO_NONBLOCK test (BeOS) */ +#include +],[ +/* SO_NONBLOCK source code */ + long b = 1; + int socket; + int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); +],[ +dnl the SO_NONBLOCK test was good +nonblock="SO_NONBLOCK" +AC_DEFINE(HAVE_SO_NONBLOCK, 1, [use SO_NONBLOCK for non-blocking sockets]) +],[ +dnl test 5 didnt compile! +nonblock="nada" +AC_DEFINE(HAVE_DISABLED_NONBLOCKING, 1, [disabled non-blocking sockets]) +]) +dnl end of fifth test + +]) +dnl end of forth test + +]) +dnl end of third test + +]) +dnl end of second test + +]) +dnl end of non-blocking try-compile test + AC_MSG_RESULT($nonblock) + + if test "$nonblock" = "nada"; then + AC_MSG_WARN([non-block sockets disabled]) + fi +]) + +dnl CURL_CHECK_NEED_REENTRANT_SYSTEM +dnl ------------------------------------------------- +dnl Checks if the preprocessor _REENTRANT definition +dnl must be unconditionally done for this platform. +dnl Internal macro for CURL_CONFIGURE_REENTRANT. + +AC_DEFUN([CURL_CHECK_NEED_REENTRANT_SYSTEM], [ + case $host in + *-*-solaris* | *-*-hpux*) + tmp_need_reentrant="yes" + ;; + *) + tmp_need_reentrant="no" + ;; + esac +]) + + +dnl CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT +dnl ------------------------------------------------- +dnl This macro ensures that configuration tests done +dnl after this will execute with preprocessor symbol +dnl _REENTRANT defined. This macro also ensures that +dnl the generated config file defines NEED_REENTRANT +dnl and that in turn setup.h will define _REENTRANT. +dnl Internal macro for CURL_CONFIGURE_REENTRANT. + +AC_DEFUN([CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT], [ +AC_DEFINE(NEED_REENTRANT, 1, + [Define to 1 if _REENTRANT preprocessor symbol must be defined.]) +cat >>confdefs.h <<_EOF +#ifndef _REENTRANT +# define _REENTRANT +#endif +_EOF +]) + + +dnl CURL_CONFIGURE_REENTRANT +dnl ------------------------------------------------- +dnl This first checks if the preprocessor _REENTRANT +dnl symbol is already defined. If it isn't currently +dnl defined a set of checks are performed to verify +dnl if its definition is required to make visible to +dnl the compiler a set of *_r functions. Finally, if +dnl _REENTRANT is already defined or needed it takes +dnl care of making adjustments necessary to ensure +dnl that it is defined equally for further configure +dnl tests and generated config file. + +AC_DEFUN([CURL_CONFIGURE_REENTRANT], [ + AC_PREREQ([2.50])dnl + # + AC_MSG_CHECKING([if _REENTRANT is already defined]) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ + ]],[[ +#ifdef _REENTRANT + int dummy=1; +#else + force compilation error +#endif + ]]) + ],[ + AC_MSG_RESULT([yes]) + tmp_reentrant_initially_defined="yes" + ],[ + AC_MSG_RESULT([no]) + tmp_reentrant_initially_defined="no" + ]) + # + if test "$tmp_reentrant_initially_defined" = "no"; then + AC_MSG_CHECKING([if _REENTRANT is actually needed]) + CURL_CHECK_NEED_REENTRANT_SYSTEM + + if test "$tmp_need_reentrant" = "yes"; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + fi + # + AC_MSG_CHECKING([if _REENTRANT is onwards defined]) + if test "$tmp_reentrant_initially_defined" = "yes" || + test "$tmp_need_reentrant" = "yes"; then + CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + # +]) + +dnl LIBSSH2_LIB_HAVE_LINKFLAGS +dnl -------------------------- +dnl Wrapper around AC_LIB_HAVE_LINKFLAGS to also check $prefix/lib, if set. +dnl +dnl autoconf only checks $prefix/lib64 if gcc -print-search-dirs output +dnl includes a directory named lib64. So, to find libraries in $prefix/lib +dnl we append -L$prefix/lib to LDFLAGS before checking. +dnl +dnl For conveniece, $4 is expanded if [lib]$1 is found. + +AC_DEFUN([LIBSSH2_LIB_HAVE_LINKFLAGS], [ + libssh2_save_CPPFLAGS="$CPPFLAGS" + libssh2_save_LDFLAGS="$LDFLAGS" + + if test "${with_lib$1_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_lib$1_prefix}/include" + LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_lib$1_prefix}/lib" + fi + + AC_LIB_HAVE_LINKFLAGS([$1], [$2], [$3]) + + LDFLAGS="$libssh2_save_LDFLAGS" + + if test "$ac_cv_lib$1" = "yes"; then : + $4 + else + CPPFLAGS="$libssh2_save_CPPFLAGS" + fi +]) + +AC_DEFUN([LIBSSH2_CHECK_CRYPTO], [ +if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "$1"; then +m4_case([$1], +[openssl], [ + LIBSSH2_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include ], [ + AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use $1]) + LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto" + + # Not all OpenSSL have AES-CTR functions. + libssh2_save_LIBS="$LIBS" + LIBS="$LIBS $LIBSSL" + AC_CHECK_FUNCS(EVP_aes_128_ctr) + LIBS="$libssh2_save_LIBS" + + found_crypto="$1" + found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})" + ]) +], + +[libgcrypt], [ + LIBSSH2_LIB_HAVE_LINKFLAGS([gcrypt], [], [#include ], [ + AC_DEFINE(LIBSSH2_LIBGCRYPT, 1, [Use $1]) + found_crypto="$1" + ]) +], + +[mbedtls], [ + LIBSSH2_LIB_HAVE_LINKFLAGS([mbedcrypto], [], [#include ], [ + AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use $1]) + LIBS="$LIBS -lmbedcrypto" + found_crypto="$1" + support_clear_memory=yes + ]) +], + +[wincng], [ + # Look for Windows Cryptography API: Next Generation + + AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [#include ]) + AC_CHECK_DECLS([SecureZeroMemory], [], [], [#include ]) + + LIBSSH2_LIB_HAVE_LINKFLAGS([crypt32], [], [ + #include + #include + ]) + LIBSSH2_LIB_HAVE_LINKFLAGS([bcrypt], [], [ + #include + #include + ], [ + AC_DEFINE(LIBSSH2_WINCNG, 1, [Use $1]) + found_crypto="$1" + found_crypto_str="Windows Cryptography API: Next Generation" + support_clear_memory="$ac_cv_have_decl_SecureZeroMemory" + ]) +], +) + test "$found_crypto" = "none" && + crypto_errors="${crypto_errors}No $1 crypto library found! +" +fi +]) + + +dnl LIBSSH2_CHECK_OPTION_WERROR +dnl ------------------------------------------------- +dnl Verify if configure has been invoked with option +dnl --enable-werror or --disable-werror, and set +dnl shell variable want_werror as appropriate. + +AC_DEFUN([LIBSSH2_CHECK_OPTION_WERROR], [ + AC_BEFORE([$0],[LIBSSH2_CHECK_COMPILER])dnl + AC_MSG_CHECKING([whether to enable compiler warnings as errors]) + OPT_COMPILER_WERROR="default" + AC_ARG_ENABLE(werror, +AC_HELP_STRING([--enable-werror],[Enable compiler warnings as errors]) +AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), + OPT_COMPILER_WERROR=$enableval) + case "$OPT_COMPILER_WERROR" in + no) + dnl --disable-werror option used + want_werror="no" + ;; + default) + dnl configure option not specified + want_werror="no" + ;; + *) + dnl --enable-werror option used + want_werror="yes" + ;; + esac + AC_MSG_RESULT([$want_werror]) + + if test X"$want_werror" = Xyes; then + CFLAGS="$CFLAGS -Werror" + fi +]) + diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 0000000..08e60c1 --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,109 @@ +# Copyright (c) 2014, Ruslan Baratov +# Copyright (c) 2014, 2016 Alexander Lamaison +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +os: Visual Studio 2015 + +environment: + matrix: + - GENERATOR: "Visual Studio 14 2015" + BUILD_SHARED_LIBS: ON + CRYPTO_BACKEND: "OpenSSL" + + - GENERATOR: "Visual Studio 14 2015" + BUILD_SHARED_LIBS: OFF + CRYPTO_BACKEND: "OpenSSL" + + - GENERATOR: "Visual Studio 12 2013" + BUILD_SHARED_LIBS: ON + CRYPTO_BACKEND: "OpenSSL" + + - GENERATOR: "Visual Studio 12 2013" + BUILD_SHARED_LIBS: OFF + CRYPTO_BACKEND: "OpenSSL" + + - GENERATOR: "Visual Studio 14 2015" + BUILD_SHARED_LIBS: ON + CRYPTO_BACKEND: "WinCNG" + + - GENERATOR: "Visual Studio 14 2015" + BUILD_SHARED_LIBS: OFF + CRYPTO_BACKEND: "WinCNG" + + - GENERATOR: "Visual Studio 12 2013" + BUILD_SHARED_LIBS: ON + CRYPTO_BACKEND: "WinCNG" + + - GENERATOR: "Visual Studio 12 2013" + BUILD_SHARED_LIBS: OFF + CRYPTO_BACKEND: "WinCNG" + + digitalocean_access_token: + secure: 8qRitvrj69Xhf0Tmu27xnz5drmL2YhmOJLGpXIkYyTCC0JNtBoXW6fMcF3u4Uj1+pIQ+TjegQOwYimlz0oivKTro3v3EXro+osAMNJG6NKc= + +platform: + - x86 + - x64 + +configuration: +# - Debug + - Release + +matrix: + fast_finish: true + allow_failures: + - GENERATOR: "Visual Studio 9 2008" + platform: x64 + +install: + - choco install -y docker + - choco install -y docker-machine + +build_script: + - ps: if($env:PLATFORM -eq "x64") { $env:CMAKE_GEN_SUFFIX=" Win64" } + - cmake "-G%GENERATOR%%CMAKE_GEN_SUFFIX%" -DBUILD_SHARED_LIBS=%BUILD_SHARED_LIBS% -DCRYPTO_BACKEND=%CRYPTO_BACKEND% -H. -B_builds + - cmake --build _builds --config "%CONFIGURATION%" + +before_test: + - set DOCKER_MACHINE_NAME=appveyor-%APPVEYOR_PROJECT_SLUG%-%APPVEYOR_JOB_ID% + - ps: if($env:digitalocean_access_token) { echo "Using DigitalOcean for testing." } else { echo "DigitalOcean not available. Skipping testing." } + - ps: if($env:digitalocean_access_token) { docker-machine create --driver digitalocean --digitalocean-access-token $($env:digitalocean_access_token) $($env:DOCKER_MACHINE_NAME) } + - ps: if($env:digitalocean_access_token) { docker-machine env $($env:DOCKER_MACHINE_NAME) --shell powershell | Invoke-Expression } + +test_script: + - ps: cd _builds + - ps: if($env:digitalocean_access_token) { ctest -VV -C $($env:CONFIGURATION) --output-on-failure } + +after_test: + - ps: if($env:digitalocean_access_token) { docker-machine rm -y $($env:DOCKER_MACHINE_NAME) } + +on_failure: + - ps: if($env:digitalocean_access_token) { docker-machine rm -y $($env:DOCKER_MACHINE_NAME) } + - ps: if(Test-Path _builds/CMakeFiles/CMakeOutput.log) { cat _builds/CMakeFiles/CMakeOutput.log } + - ps: if(Test-Path _builds/CMakeFiles/CMakeError.log) { cat _builds/CMakeFiles/CMakeError.log } + +# whitelist branches to avoid testing feature branches twice (as branch and as pull request) +branches: + only: + - master diff --git a/buildconf b/buildconf new file mode 100755 index 0000000..8097193 --- /dev/null +++ b/buildconf @@ -0,0 +1,8 @@ +#!/bin/sh + +echo "***" >&2 +echo "*** Do not use buildconf. Instead, just use: autoreconf -fi" >&2 +echo "*** Doing it for you now, but buildconf may disapear in the future." >&2 +echo "***" >&2 + +exec ${AUTORECONF:-autoreconf} -fi "${@}" diff --git a/cmake/CheckFunctionExistsMayNeedLibrary.cmake b/cmake/CheckFunctionExistsMayNeedLibrary.cmake new file mode 100644 index 0000000..8ac61ab --- /dev/null +++ b/cmake/CheckFunctionExistsMayNeedLibrary.cmake @@ -0,0 +1,81 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + + +# - check_function_exists_maybe_need_library( [lib1 ... libn]) +# +# Check if function is available for linking, first without extra libraries, and +# then, if not found that way, linking in each optional library as well. This +# function is similar to autotools AC_SEARCH_LIBS. +# +# If the function if found, this will define . +# +# If the function was only found by linking in an additional library, this +# will define NEED_LIB_LIBX, where LIBX is the one of lib1 to libn that +# makes the function available, in uppercase. +# +# The following variables may be set before calling this macro to +# modify the way the check is run: +# +# CMAKE_REQUIRED_FLAGS = string of compile command line flags +# CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar) +# CMAKE_REQUIRED_INCLUDES = list of include directories +# CMAKE_REQUIRED_LIBRARIES = list of libraries to link +# + +include(CheckFunctionExists) +include(CheckLibraryExists) + +function(check_function_exists_may_need_library function variable) + + check_function_exists(${function} ${variable}) + + if(NOT ${variable}) + foreach(lib ${ARGN}) + string(TOUPPER ${lib} UP_LIB) + # Use new variable to prevent cache from previous step shortcircuiting + # new test + check_library_exists(${lib} ${function} "" HAVE_${function}_IN_${lib}) + if(HAVE_${function}_IN_${lib}) + set(${variable} 1 CACHE INTERNAL + "Function ${function} found in library ${lib}") + set(NEED_LIB_${UP_LIB} 1 CACHE INTERNAL + "Need to link ${lib}") + break() + endif() + endforeach() + endif() + +endfunction() \ No newline at end of file diff --git a/cmake/CheckNonblockingSocketSupport.cmake b/cmake/CheckNonblockingSocketSupport.cmake new file mode 100644 index 0000000..74f4776 --- /dev/null +++ b/cmake/CheckNonblockingSocketSupport.cmake @@ -0,0 +1,119 @@ +include(CheckCSourceCompiles) + +# - check_nonblocking_socket_support() +# +# Check for how to set a socket to non-blocking state. There seems to exist +# four known different ways, with the one used almost everywhere being POSIX +# and XPG3, while the other different ways for different systems (old BSD, +# Windows and Amiga). +# +# One of the following variables will be set indicating the supported +# method (if any): +# HAVE_O_NONBLOCK +# HAVE_FIONBIO +# HAVE_IOCTLSOCKET +# HAVE_IOCTLSOCKET_CASE +# HAVE_SO_NONBLOCK +# HAVE_DISABLED_NONBLOCKING +# +# The following variables may be set before calling this macro to +# modify the way the check is run: +# +# CMAKE_REQUIRED_FLAGS = string of compile command line flags +# CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar) +# CMAKE_REQUIRED_INCLUDES = list of include directories +# CMAKE_REQUIRED_LIBRARIES = list of libraries to link +# +macro(check_nonblocking_socket_support) + # There are two known platforms (AIX 3.x and SunOS 4.1.x) where the + # O_NONBLOCK define is found but does not work. + check_c_source_compiles(" +#include +#include +#include + +#if defined(sun) || defined(__sun__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) +# if defined(__SVR4) || defined(__srv4__) +# define PLATFORM_SOLARIS +# else +# define PLATFORM_SUNOS4 +# endif +#endif +#if (defined(_AIX) || defined(__xlC__)) && !defined(_AIX41) +# define PLATFORM_AIX_V3 +#endif + +#if defined(PLATFORM_SUNOS4) || defined(PLATFORM_AIX_V3) || defined(__BEOS__) +#error \"O_NONBLOCK does not work on this platform\" +#endif + +int main() +{ + int socket; + int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); +}" + HAVE_O_NONBLOCK) + + if(NOT HAVE_O_NONBLOCK) + check_c_source_compiles("/* FIONBIO test (old-style unix) */ +#include +#include + +int main() +{ + int socket; + int flags = ioctl(socket, FIONBIO, &flags); +}" + HAVE_FIONBIO) + + if(NOT HAVE_FIONBIO) + check_c_source_compiles("/* ioctlsocket test (Windows) */ +#undef inline +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif + +#include +#include + +int main() +{ + SOCKET sd; + unsigned long flags = 0; + sd = socket(0, 0, 0); + ioctlsocket(sd, FIONBIO, &flags); +}" + HAVE_IOCTLSOCKET) + + if(NOT HAVE_IOCTLSOCKET) + check_c_source_compiles("/* IoctlSocket test (Amiga?) */ +#include + +int main() +{ + int socket; + int flags = IoctlSocket(socket, FIONBIO, (long)1); +}" + HAVE_IOCTLSOCKET_CASE) + + if(NOT HAVE_IOCTLSOCKET_CASE) + check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */ +#include + +int main() +{ + long b = 1; + int socket; + int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); +}" + HAVE_SO_NONBLOCK) + + if(NOT HAVE_SO_NONBLOCK) + # No non-blocking socket method found + set(HAVE_DISABLED_NONBLOCKING 1) + endif() + endif() + endif() + endif() + endif() +endmacro() \ No newline at end of file diff --git a/cmake/CopyRuntimeDependencies.cmake b/cmake/CopyRuntimeDependencies.cmake new file mode 100644 index 0000000..083f762 --- /dev/null +++ b/cmake/CopyRuntimeDependencies.cmake @@ -0,0 +1,72 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +include(CMakeParseArguments) + +function(ADD_TARGET_TO_COPY_DEPENDENCIES) + set(options) + set(oneValueArgs TARGET) + set(multiValueArgs DEPENDENCIES BEFORE_TARGETS) + cmake_parse_arguments(COPY + "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN}) + + if(NOT COPY_DEPENDENCIES) + return() + endif() + + # Using a custom target to drive custom commands stops multiple + # parallel builds trying to kick off the commands at the same time + add_custom_target(${COPY_TARGET}) + + foreach(target ${COPY_BEFORE_TARGETS}) + add_dependencies(${target} ${COPY_TARGET}) + endforeach() + + foreach(dependency ${COPY_DEPENDENCIES}) + + add_custom_command( + TARGET ${COPY_TARGET} + DEPENDS ${dependency} + # Make directory first otherwise file is copied in place of + # directory instead of into it + COMMAND ${CMAKE_COMMAND} + ARGS -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR} + COMMAND ${CMAKE_COMMAND} + ARGS -E copy ${dependency} ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR} + VERBATIM) + + endforeach() + +endfunction() diff --git a/cmake/FindLibgcrypt.cmake b/cmake/FindLibgcrypt.cmake new file mode 100644 index 0000000..44a7987 --- /dev/null +++ b/cmake/FindLibgcrypt.cmake @@ -0,0 +1,53 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +# - Try to find Libgcrypt +# This will define all or none of: +# LIBGCRYPT_FOUND - if Libgcrypt headers and library was found +# LIBGCRYPT_INCLUDE_DIRS - The Libgcrypt include directories +# LIBGCRYPT_LIBRARIES - The libraries needed to use Libgcrypt + +find_path(LIBGCRYPT_INCLUDE_DIR gcrypt.h) + +find_library(LIBGCRYPT_LIBRARY NAMES gcrypt libgcrypt) + +set(LIBGCRYPT_LIBRARIES ${LIBGCRYPT_LIBRARY}) +set(LIBGCRYPT_INCLUDE_DIRS ${LIBGCRYPT_INCLUDE_DIR}) + +include(FindPackageHandleStandardArgs) +find_package_handle_standard_args(Libgcrypt DEFAULT_MSG + LIBGCRYPT_LIBRARY LIBGCRYPT_INCLUDE_DIR) + +mark_as_advanced(LIBGCRYPT_INCLUDE_DIR LIBGCRYPT_LIBRARY) \ No newline at end of file diff --git a/cmake/FindmbedTLS.cmake b/cmake/FindmbedTLS.cmake new file mode 100644 index 0000000..2f4adbc --- /dev/null +++ b/cmake/FindmbedTLS.cmake @@ -0,0 +1,64 @@ +# - Try to find mbedTLS +# Once done this will define +# +# Read-Only variables +# MBEDTLS_FOUND - system has mbedTLS +# MBEDTLS_INCLUDE_DIR - the mbedTLS include directory +# MBEDTLS_LIBRARY_DIR - the mbedTLS library directory +# MBEDTLS_LIBRARIES - Link these to use mbedTLS +# MBEDTLS_LIBRARY - path to mbedTLS library +# MBEDX509_LIBRARY - path to mbedTLS X.509 library +# MBEDCRYPTO_LIBRARY - path to mbedTLS Crypto library + +FIND_PATH(MBEDTLS_INCLUDE_DIR mbedtls/version.h) + +IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES) + # Already in cache, be silent + SET(MBEDTLS_FIND_QUIETLY TRUE) +ENDIF() + +FIND_LIBRARY(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509) +FIND_LIBRARY(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509) +FIND_LIBRARY(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto) + +IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY) + SET(MBEDTLS_FOUND TRUE) +ENDIF() + +IF(MBEDTLS_FOUND) + # split mbedTLS into -L and -l linker options, so we can set them for pkg-config + GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH) + GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE) + GET_FILENAME_COMPONENT(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE) + GET_FILENAME_COMPONENT(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE) + STRING(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE}) + STRING(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE}) + STRING(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE}) + SET(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}") + + IF(NOT MBEDTLS_FIND_QUIETLY) + MESSAGE(STATUS "Found mbedTLS:") + FILE(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT) + STRING(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT}) + IF (MBEDTLSMATCH) + STRING(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH}) + MESSAGE(STATUS " version ${MBEDTLS_VERSION}") + ENDIF(MBEDTLSMATCH) + MESSAGE(STATUS " TLS: ${MBEDTLS_LIBRARY}") + MESSAGE(STATUS " X509: ${MBEDX509_LIBRARY}") + MESSAGE(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}") + ENDIF(NOT MBEDTLS_FIND_QUIETLY) +ELSE(MBEDTLS_FOUND) + IF(MBEDTLS_FIND_REQUIRED) + MESSAGE(FATAL_ERROR "Could not find mbedTLS") + ENDIF(MBEDTLS_FIND_REQUIRED) +ENDIF(MBEDTLS_FOUND) + +MARK_AS_ADVANCED( + MBEDTLS_INCLUDE_DIR + MBEDTLS_LIBRARY_DIR + MBEDTLS_LIBRARIES + MBEDTLS_LIBRARY + MBEDX509_LIBRARY + MBEDCRYPTO_LIBRARY +) diff --git a/cmake/SocketLibraries.cmake b/cmake/SocketLibraries.cmake new file mode 100644 index 0000000..bfbbd71 --- /dev/null +++ b/cmake/SocketLibraries.cmake @@ -0,0 +1,64 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +# Some systems have their socket functions in a library. +# (Solaris -lsocket/-lnsl, Windows -lws2_32). This macro appends those +# libraries to the given list +macro(append_needed_socket_libraries LIBRARIES_LIST) + if(CMAKE_SYSTEM_NAME STREQUAL "Windows" AND CMAKE_SIZEOF_VOID_P EQUAL 4) + # x86 Windows uses STDCALL for these functions, so their names are mangled, + # meaning the platform checks don't work. Hardcoding these until we get + # a better solution. + set(HAVE_SOCKET 1) + set(HAVE_SELECT 1) + set(HAVE_INET_ADDR 1) + set(NEED_LIB_WS2_32 1) + else() + check_function_exists_may_need_library(socket HAVE_SOCKET socket ws2_32) + check_function_exists_may_need_library(select HAVE_SELECT ws2_32) + check_function_exists_may_need_library(inet_addr HAVE_INET_ADDR nsl ws2_32) + endif() + + if(NEED_LIB_SOCKET) + list(APPEND ${LIBRARIES_LIST} socket) + endif() + if(NEED_LIB_NSL) + list(APPEND ${LIBRARIES_LIST} nsl) + endif() + if(NEED_LIB_WS2_32) + list(APPEND ${LIBRARIES_LIST} ws2_32) + endif() + +endmacro() \ No newline at end of file diff --git a/cmake/Toolchain-Linux-32.cmake b/cmake/Toolchain-Linux-32.cmake new file mode 100644 index 0000000..6aad9b1 --- /dev/null +++ b/cmake/Toolchain-Linux-32.cmake @@ -0,0 +1,42 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +# Cross-compile 32-bit binary on 64-bit linux host +set(CMAKE_SYSTEM_NAME Linux) +set(CMAKE_SYSTEM_VERSION 1) +set(CMAKE_SYSTEM_PROCESSOR "i386") + +set(CMAKE_CXX_COMPILER_ARG1 "-m32") +set(CMAKE_C_COMPILER_ARG1 "-m32") \ No newline at end of file diff --git a/cmake/max_warnings.cmake b/cmake/max_warnings.cmake new file mode 100644 index 0000000..b176d30 --- /dev/null +++ b/cmake/max_warnings.cmake @@ -0,0 +1,23 @@ +if(MSVC) + # Use the highest warning level for visual studio. + if(CMAKE_CXX_FLAGS MATCHES "/W[0-4]") + string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") + else() + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4") + endif() + if(CMAKE_C_FLAGS MATCHES "/W[0-4]") + string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}") + else() + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4") + endif() + + # Disable broken warnings + add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE) +elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX) + if(NOT CMAKE_CXX_FLAGS MATCHES "-Wall") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall") + endif() + if(NOT CMAKE_C_FLAGS MATCHES "-Wall") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall") + endif() +endif() diff --git a/config.rpath b/config.rpath new file mode 100755 index 0000000..e082db6 --- /dev/null +++ b/config.rpath @@ -0,0 +1,660 @@ +#! /bin/sh +# Output a system dependent set of variables, describing how to set the +# run time search path of shared libraries in an executable. +# +# Copyright 1996-2006 Free Software Foundation, Inc. +# Taken from GNU libtool, 2001 +# Originally by Gordon Matzigkeit , 1996 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# The first argument passed to this file is the canonical host specification, +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# The environment variables CC, GCC, LDFLAGS, LD, with_gnu_ld +# should be set by the caller. +# +# The set of defined variables is at the end of this script. + +# Known limitations: +# - On IRIX 6.5 with CC="cc", the run time search patch must not be longer +# than 256 bytes, otherwise the compiler driver will dump core. The only +# known workaround is to choose shorter directory names for the build +# directory and/or the installation directory. + +# All known linkers require a `.a' archive for static linking (except MSVC, +# which needs '.lib'). +libext=a +shrext=.so + +host="$1" +host_cpu=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` +host_vendor=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` +host_os=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` + +# Code taken from libtool.m4's _LT_CC_BASENAME. + +for cc_temp in $CC""; do + case $cc_temp in + compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; + distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; + \-*) ;; + *) break;; + esac +done +cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'` + +# Code taken from libtool.m4's AC_LIBTOOL_PROG_COMPILER_PIC. + +wl= +if test "$GCC" = yes; then + wl='-Wl,' +else + case "$host_os" in + aix*) + wl='-Wl,' + ;; + darwin*) + case $cc_basename in + xlc*) + wl='-Wl,' + ;; + esac + ;; + mingw* | pw32* | os2*) + ;; + hpux9* | hpux10* | hpux11*) + wl='-Wl,' + ;; + irix5* | irix6* | nonstopux*) + wl='-Wl,' + ;; + newsos6) + ;; + linux*) + case $cc_basename in + icc* | ecc*) + wl='-Wl,' + ;; + pgcc | pgf77 | pgf90) + wl='-Wl,' + ;; + ccc*) + wl='-Wl,' + ;; + como) + wl='-lopt=' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + wl='-Wl,' + ;; + esac + ;; + esac + ;; + osf3* | osf4* | osf5*) + wl='-Wl,' + ;; + sco3.2v5*) + ;; + solaris*) + wl='-Wl,' + ;; + sunos4*) + wl='-Qoption ld ' + ;; + sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) + wl='-Wl,' + ;; + sysv4*MP*) + ;; + unicos*) + wl='-Wl,' + ;; + uts4*) + ;; + esac +fi + +# Code taken from libtool.m4's AC_LIBTOOL_PROG_LD_SHLIBS. + +hardcode_libdir_flag_spec= +hardcode_libdir_separator= +hardcode_direct=no +hardcode_minus_L=no + +case "$host_os" in + cygwin* | mingw* | pw32*) + # FIXME: the MSVC++ port hasn't been tested in a loooong time + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + if test "$GCC" != yes; then + with_gnu_ld=no + fi + ;; + interix*) + # we just hope/assume this is gcc and not c89 (= MSVC++) + with_gnu_ld=yes + ;; + openbsd*) + with_gnu_ld=no + ;; +esac + +ld_shlibs=yes +if test "$with_gnu_ld" = yes; then + # Set some defaults for GNU ld with shared library support. These + # are reset later if shared libraries are not supported. Putting them + # here allows them to be overridden if necessary. + # Unlike libtool, we use -rpath here, not --rpath, since the documented + # option of GNU ld is called -rpath, not --rpath. + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + case "$host_os" in + aix3* | aix4* | aix5*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + ld_shlibs=no + fi + ;; + amigaos*) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + # Samuel A. Falvo II reports + # that the semantics of dynamic libraries on AmigaOS, at least up + # to version 4, is to share data among multiple programs linked + # with the same dynamic library. Since this doesn't match the + # behavior of shared libraries on other platforms, we cannot use + # them. + ld_shlibs=no + ;; + beos*) + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + : + else + ld_shlibs=no + fi + ;; + cygwin* | mingw* | pw32*) + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + hardcode_libdir_flag_spec='-L$libdir' + if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then + : + else + ld_shlibs=no + fi + ;; + interix3*) + hardcode_direct=no + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + ;; + linux*) + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + : + else + ld_shlibs=no + fi + ;; + netbsd*) + ;; + solaris*) + if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then + ld_shlibs=no + elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + : + else + ld_shlibs=no + fi + ;; + sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) + case `$LD -v 2>&1` in + *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) + ld_shlibs=no + ;; + *) + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' + else + ld_shlibs=no + fi + ;; + esac + ;; + sunos4*) + hardcode_direct=yes + ;; + *) + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + : + else + ld_shlibs=no + fi + ;; + esac + if test "$ld_shlibs" = no; then + hardcode_libdir_flag_spec= + fi +else + case "$host_os" in + aix3*) + # Note: this linker hardcodes the directories in LIBPATH if there + # are no directories specified by -L. + hardcode_minus_L=yes + if test "$GCC" = yes; then + # Neither direct hardcoding nor static linking is supported with a + # broken collect2. + hardcode_direct=unsupported + fi + ;; + aix4* | aix5*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + else + aix_use_runtimelinking=no + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[23]|aix4.[23].*|aix5*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes + break + fi + done + ;; + esac + fi + hardcode_direct=yes + hardcode_libdir_separator=':' + if test "$GCC" = yes; then + case $host_os in aix4.[012]|aix4.[012].*) + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && \ + strings "$collect2name" | grep resolve_lib_name >/dev/null + then + # We have reworked collect2 + hardcode_direct=yes + else + # We have old collect2 + hardcode_direct=unsupported + hardcode_minus_L=yes + hardcode_libdir_flag_spec='-L$libdir' + hardcode_libdir_separator= + fi + ;; + esac + fi + # Begin _LT_AC_SYS_LIBPATH_AIX. + echo 'int main () { return 0; }' > conftest.c + ${CC} ${LDFLAGS} conftest.c -o conftest + aix_libpath=`dump -H conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } +}'` + if test -z "$aix_libpath"; then + aix_libpath=`dump -HX64 conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } +}'` + fi + if test -z "$aix_libpath"; then + aix_libpath="/usr/lib:/lib" + fi + rm -f conftest.c conftest + # End _LT_AC_SYS_LIBPATH_AIX. + if test "$aix_use_runtimelinking" = yes; then + hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" + else + if test "$host_cpu" = ia64; then + hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' + else + hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" + fi + fi + ;; + amigaos*) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + # see comment about different semantics on the GNU ld section + ld_shlibs=no + ;; + bsdi[45]*) + ;; + cygwin* | mingw* | pw32*) + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + hardcode_libdir_flag_spec=' ' + libext=lib + ;; + darwin* | rhapsody*) + hardcode_direct=no + if test "$GCC" = yes ; then + : + else + case $cc_basename in + xlc*) + ;; + *) + ld_shlibs=no + ;; + esac + fi + ;; + dgux*) + hardcode_libdir_flag_spec='-L$libdir' + ;; + freebsd1*) + ld_shlibs=no + ;; + freebsd2.2*) + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + ;; + freebsd2*) + hardcode_direct=yes + hardcode_minus_L=yes + ;; + freebsd* | kfreebsd*-gnu | dragonfly*) + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + ;; + hpux9*) + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_separator=: + hardcode_direct=yes + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + ;; + hpux10*) + if test "$with_gnu_ld" = no; then + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_separator=: + hardcode_direct=yes + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + fi + ;; + hpux11*) + if test "$with_gnu_ld" = no; then + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_separator=: + case $host_cpu in + hppa*64*|ia64*) + hardcode_direct=no + ;; + *) + hardcode_direct=yes + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + ;; + esac + fi + ;; + irix5* | irix6* | nonstopux*) + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + ;; + netbsd*) + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + ;; + newsos6) + hardcode_direct=yes + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + ;; + openbsd*) + hardcode_direct=yes + if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + else + case "$host_os" in + openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) + hardcode_libdir_flag_spec='-R$libdir' + ;; + *) + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + ;; + esac + fi + ;; + os2*) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + osf3*) + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + ;; + osf4* | osf5*) + if test "$GCC" = yes; then + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + else + # Both cc and cxx compiler support -rpath directly + hardcode_libdir_flag_spec='-rpath $libdir' + fi + hardcode_libdir_separator=: + ;; + solaris*) + hardcode_libdir_flag_spec='-R$libdir' + ;; + sunos4*) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_direct=yes + hardcode_minus_L=yes + ;; + sysv4) + case $host_vendor in + sni) + hardcode_direct=yes # is this really true??? + ;; + siemens) + hardcode_direct=no + ;; + motorola) + hardcode_direct=no #Motorola manual says yes, but my tests say they lie + ;; + esac + ;; + sysv4.3*) + ;; + sysv4*MP*) + if test -d /usr/nec; then + ld_shlibs=yes + fi + ;; + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) + ;; + sysv5* | sco3.2v5* | sco5v6*) + hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' + hardcode_libdir_separator=':' + ;; + uts4*) + hardcode_libdir_flag_spec='-L$libdir' + ;; + *) + ld_shlibs=no + ;; + esac +fi + +# Check dynamic linker characteristics +# Code taken from libtool.m4's AC_LIBTOOL_SYS_DYNAMIC_LINKER. +# Unlike libtool.m4, here we don't care about _all_ names of the library, but +# only about the one the linker finds when passed -lNAME. This is the last +# element of library_names_spec in libtool.m4, or possibly two of them if the +# linker has special search rules. +library_names_spec= # the last element of library_names_spec in libtool.m4 +libname_spec='lib$name' +case "$host_os" in + aix3*) + library_names_spec='$libname.a' + ;; + aix4* | aix5*) + library_names_spec='$libname$shrext' + ;; + amigaos*) + library_names_spec='$libname.a' + ;; + beos*) + library_names_spec='$libname$shrext' + ;; + bsdi[45]*) + library_names_spec='$libname$shrext' + ;; + cygwin* | mingw* | pw32*) + shrext=.dll + library_names_spec='$libname.dll.a $libname.lib' + ;; + darwin* | rhapsody*) + shrext=.dylib + library_names_spec='$libname$shrext' + ;; + dgux*) + library_names_spec='$libname$shrext' + ;; + freebsd1*) + ;; + kfreebsd*-gnu) + library_names_spec='$libname$shrext' + ;; + freebsd* | dragonfly*) + case "$host_os" in + freebsd[123]*) + library_names_spec='$libname$shrext$versuffix' ;; + *) + library_names_spec='$libname$shrext' ;; + esac + ;; + gnu*) + library_names_spec='$libname$shrext' + ;; + hpux9* | hpux10* | hpux11*) + case $host_cpu in + ia64*) + shrext=.so + ;; + hppa*64*) + shrext=.sl + ;; + *) + shrext=.sl + ;; + esac + library_names_spec='$libname$shrext' + ;; + interix3*) + library_names_spec='$libname$shrext' + ;; + irix5* | irix6* | nonstopux*) + library_names_spec='$libname$shrext' + case "$host_os" in + irix5* | nonstopux*) + libsuff= shlibsuff= + ;; + *) + case $LD in + *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= ;; + *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 ;; + *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 ;; + *) libsuff= shlibsuff= ;; + esac + ;; + esac + ;; + linux*oldld* | linux*aout* | linux*coff*) + ;; + linux*) + library_names_spec='$libname$shrext' + ;; + knetbsd*-gnu) + library_names_spec='$libname$shrext' + ;; + netbsd*) + library_names_spec='$libname$shrext' + ;; + newsos6) + library_names_spec='$libname$shrext' + ;; + nto-qnx*) + library_names_spec='$libname$shrext' + ;; + openbsd*) + library_names_spec='$libname$shrext$versuffix' + ;; + os2*) + libname_spec='$name' + shrext=.dll + library_names_spec='$libname.a' + ;; + osf3* | osf4* | osf5*) + library_names_spec='$libname$shrext' + ;; + solaris*) + library_names_spec='$libname$shrext' + ;; + sunos4*) + library_names_spec='$libname$shrext$versuffix' + ;; + sysv4 | sysv4.3*) + library_names_spec='$libname$shrext' + ;; + sysv4*MP*) + library_names_spec='$libname$shrext' + ;; + sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + library_names_spec='$libname$shrext' + ;; + uts4*) + library_names_spec='$libname$shrext' + ;; +esac + +sed_quote_subst='s/\(["`$\\]\)/\\\1/g' +escaped_wl=`echo "X$wl" | sed -e 's/^X//' -e "$sed_quote_subst"` +shlibext=`echo "$shrext" | sed -e 's,^\.,,'` +escaped_libname_spec=`echo "X$libname_spec" | sed -e 's/^X//' -e "$sed_quote_subst"` +escaped_library_names_spec=`echo "X$library_names_spec" | sed -e 's/^X//' -e "$sed_quote_subst"` +escaped_hardcode_libdir_flag_spec=`echo "X$hardcode_libdir_flag_spec" | sed -e 's/^X//' -e "$sed_quote_subst"` + +LC_ALL=C sed -e 's/^\([a-zA-Z0-9_]*\)=/acl_cv_\1=/' <]) + if test "$ac_cv_libz" != yes; then + if test "$use_libz" = auto; then + AC_MSG_NOTICE([Cannot find libz, disabling compression]) + found_libz="disabled; no libz found" + else + libz_errors="No libz found! +Try --with-libz-prefix=PATH if you know that you have it." + AS_MESSAGE([ERROR: $libz_errors]) + fi + else + AC_DEFINE(LIBSSH2_HAVE_ZLIB, 1, [Compile in zlib support]) + LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }zlib" + found_libz="yes" + fi +fi + +AC_SUBST(LIBSREQUIRED) + +# +# Optional Settings +# +AC_ARG_ENABLE(crypt-none, + AC_HELP_STRING([--enable-crypt-none],[Permit "none" cipher -- NOT RECOMMENDED]), + [AC_DEFINE(LIBSSH2_CRYPT_NONE, 1, [Enable "none" cipher -- NOT RECOMMENDED])]) + +AC_ARG_ENABLE(mac-none, + AC_HELP_STRING([--enable-mac-none],[Permit "none" MAC -- NOT RECOMMENDED]), + [AC_DEFINE(LIBSSH2_MAC_NONE, 1, [Enable "none" MAC -- NOT RECOMMENDED])]) + +AC_ARG_ENABLE(gex-new, + AC_HELP_STRING([--disable-gex-new],[Disable "new" diffie-hellman-group-exchange-sha1 method]), + [GEX_NEW=$enableval]) +if test "$GEX_NEW" != "no"; then + AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax]) +fi + +AC_ARG_ENABLE(clear-memory, + AC_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]), + [CLEAR_MEMORY=$enableval]) +if test "$CLEAR_MEMORY" != "no"; then + if test "$support_clear_memory" = "yes"; then + AC_DEFINE(LIBSSH2_CLEAR_MEMORY, 1, [Enable clearing of memory before being freed]) + enable_clear_memory=yes + else + if test "$CLEAR_MEMORY" = "yes"; then + AC_MSG_ERROR([secure clearing/zeroing of memory is not supported by the selected crypto backend]) + else + AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) + fi + enable_clear_memory=unsupported + fi +else + if test "$support_clear_memory" = "yes"; then + enable_clear_memory=no + else + AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) + enable_clear_memory=unsupported + fi +fi + +dnl ************************************************************ +dnl option to switch on compiler debug options +dnl +AC_MSG_CHECKING([whether to enable pedantic and debug compiler options]) +AC_ARG_ENABLE(debug, +AC_HELP_STRING([--enable-debug],[Enable pedantic and debug options]) +AC_HELP_STRING([--disable-debug],[Disable debug options]), +[ case "$enable_debug" in + no) + AC_MSG_RESULT(no) + CPPFLAGS="$CPPFLAGS -DNDEBUG" + ;; + *) AC_MSG_RESULT(yes) + enable_debug=yes + CPPFLAGS="$CPPFLAGS -DLIBSSH2DEBUG" + CFLAGS="$CFLAGS -g" + + dnl set compiler "debug" options to become more picky, and remove + dnl optimize options from CFLAGS + CURL_CC_DEBUG_OPTS + ;; + esac + ], + enable_debug=no + AC_MSG_RESULT(no) +) + +dnl ************************************************************ +dnl Enable hiding of internal symbols in library to reduce its size and +dnl speed dynamic linking of applications. This currently is only supported +dnl on gcc >= 4.0 and SunPro C. +dnl +AC_MSG_CHECKING([whether to enable hidden symbols in the library]) +AC_ARG_ENABLE(hidden-symbols, +AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library]) +AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]), +[ case "$enableval" in + no) + AC_MSG_RESULT(no) + ;; + *) + AC_MSG_CHECKING([whether $CC supports it]) + if test "$GCC" = yes ; then + if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then + AC_MSG_RESULT(yes) + AC_DEFINE(LIBSSH2_API, [__attribute__ ((visibility ("default")))], [to make a symbol visible]) + CFLAGS="$CFLAGS -fvisibility=hidden" + else + AC_MSG_RESULT(no) + fi + + else + dnl Test for SunPro cc + if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then + AC_MSG_RESULT(yes) + AC_DEFINE(LIBSSH2_API, [__global], [to make a symbol visible]) + CFLAGS="$CFLAGS -xldscope=hidden" + else + AC_MSG_RESULT(no) + fi + fi + ;; + esac ], + AC_MSG_RESULT(no) +) + +# Build example applications? +AC_MSG_CHECKING([whether to build example applications]) +AC_ARG_ENABLE([examples-build], +AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)]) +AC_HELP_STRING([--disable-examples-build], [Do not build example applications]), +[case "$enableval" in + no | false) + build_examples='no' + ;; + *) + build_examples='yes' + ;; +esac], [build_examples='yes']) +AC_MSG_RESULT($build_examples) +AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$build_examples" != "xno"]) + + +# Build OSS fuzzing targets? +AC_ARG_ENABLE([ossfuzzers], + [AS_HELP_STRING([--enable-ossfuzzers], + [Whether to generate the fuzzers for OSS-Fuzz])], + [have_ossfuzzers=yes], [have_ossfuzzers=no]) +AM_CONDITIONAL([USE_OSSFUZZERS], [test "x$have_ossfuzzers" = "xyes"]) + + +# Set the correct flags for the given fuzzing engine. +AC_SUBST([LIB_FUZZING_ENGINE]) +AM_CONDITIONAL([USE_OSSFUZZ_FLAG], [test "x$LIB_FUZZING_ENGINE" = "x-fsanitize=fuzzer"]) +AM_CONDITIONAL([USE_OSSFUZZ_STATIC], [test -f "$LIB_FUZZING_ENGINE"]) + + +# Checks for header files. +# AC_HEADER_STDC +AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h]) +AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h]) +AC_CHECK_HEADERS([arpa/inet.h netinet/in.h]) +AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no]) +AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes) + +case $host in + *-*-cygwin* | *-*-cegcc*) + # These are POSIX-like systems using BSD-like sockets API. + ;; + *) + AC_CHECK_HEADERS([windows.h winsock2.h ws2tcpip.h]) + ;; +esac + +case $host in + *darwin*|*interix*) + dnl poll() does not work on these platforms + dnl Interix: "does provide poll(), but the implementing developer must + dnl have been in a bad mood, because poll() only works on the /proc + dnl filesystem here" + dnl Mac OS X's poll has funny behaviors, like: + dnl not being able to do poll on no fildescriptors (10.3?) + dnl not being able to poll on some files (like anything in /dev) + dnl not having reliable timeout support + dnl inconsistent return of POLLHUP where other implementations give POLLIN + AC_MSG_NOTICE([poll use is disabled on this platform]) + ;; + *) + AC_CHECK_FUNCS(poll) + ;; +esac + +AC_CHECK_FUNCS(gettimeofday select strtoll memset_s) + +dnl Check for select() into ws2_32 for Msys/Mingw +if test "$ac_cv_func_select" != "yes"; then + AC_MSG_CHECKING([for select in ws2_32]) + AC_TRY_LINK([ +#ifdef HAVE_WINSOCK2_H +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif +#include +#endif + ],[ + select(0,(fd_set *)NULL,(fd_set *)NULL,(fd_set *)NULL,(struct timeval *)NULL); + ],[ + AC_MSG_RESULT([yes]) + HAVE_SELECT="1" + AC_DEFINE_UNQUOTED(HAVE_SELECT, 1, + [Define to 1 if you have the select function.]) + ],[ + AC_MSG_RESULT([no]) + ]) +fi + +AC_FUNC_ALLOCA + +# Checks for typedefs, structures, and compiler characteristics. +AC_C_CONST +AC_C_INLINE + +CURL_CHECK_NONBLOCKING_SOCKET + +missing_required_deps=0 + +if test "${libz_errors}" != ""; then + AS_MESSAGE([ERROR: ${libz_errors}]) + missing_required_deps=1 +fi + +if test "$found_crypto" = "none"; then + AS_MESSAGE([ERROR: ${crypto_errors}]) + missing_required_deps=1 +fi + +if test $missing_required_deps = 1; then + AC_MSG_ERROR([Required dependencies are missing!]) +fi + +# Configure parameters +LIBSSH2_CHECK_OPTION_WERROR + +AC_CONFIG_FILES([Makefile + src/Makefile + tests/Makefile + tests/ossfuzz/Makefile + example/Makefile + docs/Makefile + libssh2.pc]) +AC_OUTPUT + +AC_MSG_NOTICE([summary of build options: + + version: ${LIBSSH2VER} + Host type: ${host} + Install prefix: ${prefix} + Compiler: ${CC} + Compiler flags: ${CFLAGS} + Library types: Shared=${enable_shared}, Static=${enable_static} + Crypto library: ${found_crypto_str} + Clear memory: $enable_clear_memory + Debug build: $enable_debug + Build examples: $build_examples + Path to sshd: $ac_cv_path_SSHD (only for self-tests) + zlib compression: ${found_libz} +]) diff --git a/docs/.gitignore b/docs/.gitignore new file mode 100644 index 0000000..3aed763 --- /dev/null +++ b/docs/.gitignore @@ -0,0 +1,3 @@ +Makefile +Makefile.in +coverage diff --git a/docs/AUTHORS b/docs/AUTHORS new file mode 100644 index 0000000..5c7445b --- /dev/null +++ b/docs/AUTHORS @@ -0,0 +1,79 @@ + libssh2 is the result of many friendly people. This list is an attempt to + mention all contributors. If we've missed anyone, tell us! + + This list of names is a-z sorted. + +Adam Gobiowski +Alexander Holyapin +Alexander Lamaison +Alfred Gebert +Ben Kibbey +Bjorn Stenborg +Carlo Bramini +Cristian Rodríguez +Daiki Ueno +Dan Casey +Dan Fandrich +Daniel Stenberg +Dave Hayden +Dave McCaldon +David J Sullivan +David Robins +Dmitry Smirnov +Douglas Masterson +Edink Kadribasic +Erik Brossler +Francois Dupoux +Gellule Xg +Grubsky Grigory +Guenter Knauf +Heiner Steven +Henrik Nordstrom +James Housleys +Jasmeet Bagga +Jean-Louis Charton +Jernej Kovacic +Joey Degges +John Little +Jose Baars +Jussi Mononen +Kamil Dudka +Lars Nordin +Mark McPherson +Mark Smith +Markus Moeller +Matt Lilley +Matthew Booth +Maxime Larocque +Mike Protts +Mikhail Gusarov +Neil Gierman +Olivier Hervieu +Paul Howarth +Paul Querna +Paul Veldkamp +Peter Krempa +Peter O'Gorman +Peter Stuge +Pierre Joye +Rafael Kitover +Romain Bondue +Sara Golemon +Satish Mittal +Sean Peterson +Selcuk Gueney +Simon Hart +Simon Josefsson +Sofian Brabez +Steven Ayre +Steven Dake +Steven Van Ingelgem +TJ Saunders +Tommy Lindgren +Tor Arntsen +Vincent Jaulin +Vincent Torri +Vlad Grachov +Wez Furlong +Yang Tse +Zl Liu diff --git a/docs/BINDINGS b/docs/BINDINGS new file mode 100644 index 0000000..471f9be --- /dev/null +++ b/docs/BINDINGS @@ -0,0 +1,29 @@ + +Creative people have written bindings or interfaces for various environments +and programming languages. Using one of these bindings allows you to take +advantage of libssh2 directly from within your favourite language. + +The bindings listed below are not part of the libssh2 distribution archives, +but must be downloaded and installed separately. + +Cocoa/Objective-C + https://github.com/karelia/libssh2_sftp-Cocoa-wrapper + +Haskell + FFI bindings - https://hackage.haskell.org/package/libssh2 + +Perl + Net::SSH2 - https://metacpan.org/pod/Net::SSH2 + +PHP + ssh2 - https://pecl.php.net/package/ssh2 + +Python + pylibssh2 - https://pypi.python.org/pypi/pylibssh2 + +Python-ctypes + + PySsh2 - https://github.com/gellule/PySsh2 + +Ruby + libssh2-ruby - https://github.com/mitchellh/libssh2-ruby diff --git a/docs/CMakeLists.txt b/docs/CMakeLists.txt new file mode 100644 index 0000000..6abf0e4 --- /dev/null +++ b/docs/CMakeLists.txt @@ -0,0 +1,210 @@ +# Copyright (c) 2014 Alexander Lamaison +# +# Redistribution and use in source and binary forms, +# with or without modification, are permitted provided +# that the following conditions are met: +# +# Redistributions of source code must retain the above +# copyright notice, this list of conditions and the +# following disclaimer. +# +# Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# Neither the name of the copyright holder nor the names +# of any other contributors may be used to endorse or +# promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY +# OF SUCH DAMAGE. + +set(MAN_PAGES + libssh2_agent_connect.3 + libssh2_agent_disconnect.3 + libssh2_agent_free.3 + libssh2_agent_get_identity.3 + libssh2_agent_get_identity_path.3 + libssh2_agent_init.3 + libssh2_agent_list_identities.3 + libssh2_agent_set_identity_path.3 + libssh2_agent_userauth.3 + libssh2_banner_set.3 + libssh2_base64_decode.3 + libssh2_channel_close.3 + libssh2_channel_direct_tcpip.3 + libssh2_channel_direct_tcpip_ex.3 + libssh2_channel_eof.3 + libssh2_channel_exec.3 + libssh2_channel_flush.3 + libssh2_channel_flush_ex.3 + libssh2_channel_flush_stderr.3 + libssh2_channel_forward_accept.3 + libssh2_channel_forward_cancel.3 + libssh2_channel_forward_listen.3 + libssh2_channel_forward_listen_ex.3 + libssh2_channel_free.3 + libssh2_channel_get_exit_signal.3 + libssh2_channel_get_exit_status.3 + libssh2_channel_handle_extended_data.3 + libssh2_channel_handle_extended_data2.3 + libssh2_channel_ignore_extended_data.3 + libssh2_channel_open_ex.3 + libssh2_channel_open_session.3 + libssh2_channel_process_startup.3 + libssh2_channel_read.3 + libssh2_channel_read_ex.3 + libssh2_channel_read_stderr.3 + libssh2_channel_receive_window_adjust.3 + libssh2_channel_receive_window_adjust2.3 + libssh2_channel_request_pty.3 + libssh2_channel_request_pty_ex.3 + libssh2_channel_request_pty_size.3 + libssh2_channel_request_pty_size_ex.3 + libssh2_channel_send_eof.3 + libssh2_channel_set_blocking.3 + libssh2_channel_setenv.3 + libssh2_channel_setenv_ex.3 + libssh2_channel_shell.3 + libssh2_channel_subsystem.3 + libssh2_channel_wait_closed.3 + libssh2_channel_wait_eof.3 + libssh2_channel_window_read.3 + libssh2_channel_window_read_ex.3 + libssh2_channel_window_write.3 + libssh2_channel_window_write_ex.3 + libssh2_channel_write.3 + libssh2_channel_write_ex.3 + libssh2_channel_write_stderr.3 + libssh2_channel_x11_req.3 + libssh2_channel_x11_req_ex.3 + libssh2_exit.3 + libssh2_free.3 + libssh2_hostkey_hash.3 + libssh2_init.3 + libssh2_keepalive_config.3 + libssh2_keepalive_send.3 + libssh2_knownhost_add.3 + libssh2_knownhost_addc.3 + libssh2_knownhost_check.3 + libssh2_knownhost_checkp.3 + libssh2_knownhost_del.3 + libssh2_knownhost_free.3 + libssh2_knownhost_get.3 + libssh2_knownhost_init.3 + libssh2_knownhost_readfile.3 + libssh2_knownhost_readline.3 + libssh2_knownhost_writefile.3 + libssh2_knownhost_writeline.3 + libssh2_poll.3 + libssh2_poll_channel_read.3 + libssh2_publickey_add.3 + libssh2_publickey_add_ex.3 + libssh2_publickey_init.3 + libssh2_publickey_list_fetch.3 + libssh2_publickey_list_free.3 + libssh2_publickey_remove.3 + libssh2_publickey_remove_ex.3 + libssh2_publickey_shutdown.3 + libssh2_scp_recv.3 + libssh2_scp_recv2.3 + libssh2_scp_send.3 + libssh2_scp_send64.3 + libssh2_scp_send_ex.3 + libssh2_session_abstract.3 + libssh2_session_banner_get.3 + libssh2_session_banner_set.3 + libssh2_session_block_directions.3 + libssh2_session_callback_set.3 + libssh2_session_disconnect.3 + libssh2_session_disconnect_ex.3 + libssh2_session_flag.3 + libssh2_session_free.3 + libssh2_session_get_blocking.3 + libssh2_session_get_timeout.3 + libssh2_session_handshake.3 + libssh2_session_hostkey.3 + libssh2_session_init.3 + libssh2_session_init_ex.3 + libssh2_session_last_errno.3 + libssh2_session_last_error.3 + libssh2_session_set_last_error.3 + libssh2_session_method_pref.3 + libssh2_session_methods.3 + libssh2_session_set_blocking.3 + libssh2_session_set_timeout.3 + libssh2_session_startup.3 + libssh2_session_supported_algs.3 + libssh2_sftp_close.3 + libssh2_sftp_close_handle.3 + libssh2_sftp_closedir.3 + libssh2_sftp_fsetstat.3 + libssh2_sftp_fstat.3 + libssh2_sftp_fstat_ex.3 + libssh2_sftp_fstatvfs.3 + libssh2_sftp_fsync.3 + libssh2_sftp_get_channel.3 + libssh2_sftp_init.3 + libssh2_sftp_last_error.3 + libssh2_sftp_lstat.3 + libssh2_sftp_mkdir.3 + libssh2_sftp_mkdir_ex.3 + libssh2_sftp_open.3 + libssh2_sftp_open_ex.3 + libssh2_sftp_opendir.3 + libssh2_sftp_read.3 + libssh2_sftp_readdir.3 + libssh2_sftp_readdir_ex.3 + libssh2_sftp_readlink.3 + libssh2_sftp_realpath.3 + libssh2_sftp_rename.3 + libssh2_sftp_rename_ex.3 + libssh2_sftp_rewind.3 + libssh2_sftp_rmdir.3 + libssh2_sftp_rmdir_ex.3 + libssh2_sftp_seek.3 + libssh2_sftp_seek64.3 + libssh2_sftp_setstat.3 + libssh2_sftp_shutdown.3 + libssh2_sftp_stat.3 + libssh2_sftp_stat_ex.3 + libssh2_sftp_statvfs.3 + libssh2_sftp_symlink.3 + libssh2_sftp_symlink_ex.3 + libssh2_sftp_tell.3 + libssh2_sftp_tell64.3 + libssh2_sftp_unlink.3 + libssh2_sftp_unlink_ex.3 + libssh2_sftp_write.3 + libssh2_trace.3 + libssh2_trace_sethandler.3 + libssh2_userauth_authenticated.3 + libssh2_userauth_hostbased_fromfile.3 + libssh2_userauth_hostbased_fromfile_ex.3 + libssh2_userauth_keyboard_interactive.3 + libssh2_userauth_keyboard_interactive_ex.3 + libssh2_userauth_list.3 + libssh2_userauth_password.3 + libssh2_userauth_password_ex.3 + libssh2_userauth_publickey.3 + libssh2_userauth_publickey_fromfile.3 + libssh2_userauth_publickey_fromfile_ex.3 + libssh2_userauth_publickey_frommemory.3 + libssh2_version.3) + +include(GNUInstallDirs) +install(FILES ${MAN_PAGES} DESTINATION ${CMAKE_INSTALL_MANDIR}/man3) diff --git a/docs/HACKING b/docs/HACKING new file mode 100644 index 0000000..5da8e66 --- /dev/null +++ b/docs/HACKING @@ -0,0 +1,13 @@ + +libssh2 source code style guide: + + - 4 level indent + - spaces-only (no tabs) + - open braces on the if/for line: + + if (banana) { + go_nuts(); + } + + - keep source lines shorter than 80 columns + - See libssh2-style.el for how to achieve this within Emacs diff --git a/docs/HACKING.CRYPTO b/docs/HACKING.CRYPTO new file mode 100644 index 0000000..b78a014 --- /dev/null +++ b/docs/HACKING.CRYPTO @@ -0,0 +1,901 @@ + Definitions needed to implement a specific crypto library + +This document offers some hints about implementing a new crypto library +interface. + +A crypto library interface consists of at least a header file, defining +entities referenced from the libssh2 core modules. +Real code implementation (if needed), is left at the implementor's choice. + +This document lists the entities that must/may be defined in the header file. + +Procedures listed as "void" may indeed have a result type: the void indication +indicates the libssh2 core modules never use the function result. + + +0) Build system. + +Adding a crypto backend to the autotools build system (./configure) is easy: + +0.1) Add one new line in configure.ac + +m4_set_add([crypto_backends], [newname]) + +This automatically creates a --with-crypto=newname option. + +0.2) Add an m4_case stanza to LIBSSH2_CRYPTO_CHECK in acinclude.m4 + +This must check for all required libraries, and if found set and AC_SUBST a +variable with the library linking flags. The recommended method is to use +LIBSSH2_LIB_HAVE_LINKFLAGS from LIBSSH2_CRYPTO_CHECK, which automatically +creates and handles a --with-$newname-prefix option and sets an +LTLIBNEWNAME variable on success. + +0.3) Create Makefile.newname.inc in the top-level directory + +This must set CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS. +Set CRYPTO_CSOURCES and CRYPTO_HHEADERS to the new backend source files +and set CRYPTO_LTLIBS to the required library linking parameters, e.g. +$(LTLIBNEWNAME) as generated by by LIBSSH2_LIB_HAVE_LINKFLAGS. + +0.4) Add a new block in src/Makefile.am + +if NEWNAME +include ../Makefile.newname.inc +endif + + +1) Crypto library initialization/termination. + +void libssh2_crypto_init(void); +Initializes the crypto library. May be an empty macro if not needed. + +void libssh2_crypto_exit(void); +Terminates the crypto library use. May be an empty macro if not needed. + + +2) HMAC + +libssh2_hmac_ctx +Type of an HMAC computation context. Generally a struct. +Used for all hash algorithms. + +void libssh2_hmac_ctx_init(libssh2_hmac_ctx ctx); +Initializes the HMAC computation context ctx. +Called before setting-up the hash algorithm. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_hmac_update(libssh2_hmac_ctx ctx, + const unsigned char *data, + int datalen); +Continue computation of an HMAC on datalen bytes at data using context ctx. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_hmac_final(libssh2_hmac_ctx ctx, + unsigned char output[]); +Get the computed HMAC from context ctx into the output buffer. The +minimum data buffer size depends on the HMAC hash algorithm. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_hmac_cleanup(libssh2_hmac_ctx *ctx); +Releases the HMAC computation context at ctx. + + +3) Hash algorithms. + +3.1) SHA-1 +Must always be implemented. + +SHA_DIGEST_LENGTH +#define to 20, the SHA-1 digest length. + +libssh2_sha1_ctx +Type of an SHA-1 computation context. Generally a struct. + +int libssh2_sha1_init(libssh2_sha1_ctx *x); +Initializes the SHA-1 computation context at x. +Returns 1 for success and 0 for failure + +void libssh2_sha1_update(libssh2_sha1_ctx ctx, + const unsigned char *data, + size_t len); +Continue computation of SHA-1 on len bytes at data using context ctx. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_sha1_final(libssh2_sha1_ctx ctx, + unsigned char output[SHA_DIGEST_LEN]); +Get the computed SHA-1 signature from context ctx and store it into the +output buffer. +Release the context. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); +Setup the HMAC computation context ctx for an HMAC-SHA-1 computation using the +keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). + +3.2) SHA-256 +Must always be implemented. + +SHA256_DIGEST_LENGTH +#define to 32, the SHA-256 digest length. + +libssh2_sha256_ctx +Type of an SHA-256 computation context. Generally a struct. + +int libssh2_sha256_init(libssh2_sha256_ctx *x); +Initializes the SHA-256 computation context at x. +Returns 1 for success and 0 for failure + +void libssh2_sha256_update(libssh2_sha256_ctx ctx, + const unsigned char *data, + size_t len); +Continue computation of SHA-256 on len bytes at data using context ctx. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_sha256_final(libssh2_sha256_ctx ctx, + unsigned char output[SHA256_DIGEST_LENGTH]); +Gets the computed SHA-256 signature from context ctx into the output buffer. +Release the context. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +int libssh2_sha256(const unsigned char *message, + unsigned long len, + unsigned char output[SHA256_DIGEST_LENGTH]); +Computes the SHA-256 signature over the given message of length len and +store the result into the output buffer. +Return 1 if error, else 0. +Note: Seems unused in current code, but defined in each crypto library backend. + +LIBSSH2_HMAC_SHA256 +#define as 1 if the crypto library supports HMAC-SHA-256, else 0. +If defined as 0, the rest of this section can be omitted. + +void libssh2_hmac_sha256_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); +Setup the HMAC computation context ctx for an HMAC-256 computation using the +keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). + +3.3) SHA-384 +Mandatory if ECDSA is implemented. Can be omitted otherwise. + +SHA384_DIGEST_LENGTH +#define to 48, the SHA-384 digest length. + +libssh2_sha384_ctx +Type of an SHA-384 computation context. Generally a struct. + +int libssh2_sha384_init(libssh2_sha384_ctx *x); +Initializes the SHA-384 computation context at x. +Returns 1 for success and 0 for failure + +void libssh2_sha384_update(libssh2_sha384_ctx ctx, + const unsigned char *data, + size_t len); +Continue computation of SHA-384 on len bytes at data using context ctx. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_sha384_final(libssh2_sha384_ctx ctx, + unsigned char output[SHA384_DIGEST_LENGTH]); +Gets the computed SHA-384 signature from context ctx into the output buffer. +Release the context. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +int libssh2_sha384(const unsigned char *message, + unsigned long len, + unsigned char output[SHA384_DIGEST_LENGTH]); +Computes the SHA-384 signature over the given message of length len and +store the result into the output buffer. +Return 1 if error, else 0. + +3.4) SHA-512 +Must always be implemented. + +SHA512_DIGEST_LENGTH +#define to 64, the SHA-512 digest length. + +libssh2_sha512_ctx +Type of an SHA-512 computation context. Generally a struct. + +int libssh2_sha512_init(libssh2_sha512_ctx *x); +Initializes the SHA-512 computation context at x. +Returns 1 for success and 0 for failure + +void libssh2_sha512_update(libssh2_sha512_ctx ctx, + const unsigned char *data, + size_t len); +Continue computation of SHA-512 on len bytes at data using context ctx. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_sha512_final(libssh2_sha512_ctx ctx, + unsigned char output[SHA512_DIGEST_LENGTH]); +Gets the computed SHA-512 signature from context ctx into the output buffer. +Release the context. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +int libssh2_sha512(const unsigned char *message, + unsigned long len, + unsigned char output[SHA512_DIGEST_LENGTH]); +Computes the SHA-512 signature over the given message of length len and +store the result into the output buffer. +Return 1 if error, else 0. +Note: Seems unused in current code, but defined in each crypto library backend. + +LIBSSH2_HMAC_SHA512 +#define as 1 if the crypto library supports HMAC-SHA-512, else 0. +If defined as 0, the rest of this section can be omitted. + +void libssh2_hmac_sha512_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); +Setup the HMAC computation context ctx for an HMAC-512 computation using the +keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). + +3.5) MD5 +LIBSSH2_MD5 +#define to 1 if the crypto library supports MD5, else 0. +If defined as 0, the rest of this section can be omitted. + +MD5_DIGEST_LENGTH +#define to 16, the MD5 digest length. + +libssh2_md5_ctx +Type of an MD5 computation context. Generally a struct. + +int libssh2_md5_init(libssh2_md5_ctx *x); +Initializes the MD5 computation context at x. +Returns 1 for success and 0 for failure + +void libssh2_md5_update(libssh2_md5_ctx ctx, + const unsigned char *data, + size_t len); +Continues computation of MD5 on len bytes at data using context ctx. +Returns 1 for success and 0 for failure. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_md5_final(libssh2_md5_ctx ctx, + unsigned char output[MD5_DIGEST_LENGTH]); +Gets the computed MD5 signature from context ctx into the output buffer. +Release the context. +Note: if the ctx parameter is modified by the underlying code, +this procedure must be implemented as a macro to map ctx --> &ctx. + +void libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); +Setup the HMAC computation context ctx for an HMAC-MD5 computation using the +keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). + +3.6) RIPEMD-160 +LIBSSH2_HMAC_RIPEMD +#define as 1 if the crypto library supports HMAC-RIPEMD-160, else 0. +If defined as 0, the rest of this section can be omitted. + +void libssh2_hmac_ripemd160_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); +Setup the HMAC computation context ctx for an HMAC-RIPEMD-160 computation using +the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). +Returns 1 for success and 0 for failure. + + +4) Bidirectional key ciphers. + +_libssh2_cipher_ctx +Type of a cipher computation context. + +_libssh2_cipher_type(name); +Macro defining name as storage identifying a cipher algorithm for +the crypto library interface. No trailing semicolon. + +int _libssh2_cipher_init(_libssh2_cipher_ctx *h, + _libssh2_cipher_type(algo), + unsigned char *iv, + unsigned char *secret, + int encrypt); +Creates a cipher context for the given algorithm with the initialization vector +iv and the secret key secret. Prepare for encryption or decryption depending on +encrypt. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx, + _libssh2_cipher_type(algo), + int encrypt, + unsigned char *block, + size_t blocksize); +Encrypt or decrypt in-place data at (block, blocksize) using the given +context and/or algorithm. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +void _libssh2_cipher_dtor(_libssh2_cipher_ctx *ctx); +Release cipher context at ctx. + +4.1) AES +4.1.1) AES in CBC block mode. +LIBSSH2_AES +#define as 1 if the crypto library supports AES in CBC mode, else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_aes128 +AES-128-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +_libssh2_cipher_aes192 +AES-192-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +_libssh2_cipher_aes256 +AES-256-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +4.1.2) AES in CTR block mode. +LIBSSH2_AES_CTR +#define as 1 if the crypto library supports AES in CTR mode, else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_aes128ctr +AES-128-CTR algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +_libssh2_cipher_aes192ctr +AES-192-CTR algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +_libssh2_cipher_aes256ctr +AES-256-CTR algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +4.2) Blowfish in CBC block mode. +LIBSSH2_BLOWFISH +#define as 1 if the crypto library supports blowfish in CBC mode, else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_blowfish +Blowfish-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +4.3) RC4. +LIBSSH2_RC4 +#define as 1 if the crypto library supports RC4 (arcfour), else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_arcfour +RC4 algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +4.4) CAST5 in CBC block mode. +LIBSSH2_CAST +#define 1 if the crypto library supports cast, else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_cast5 +CAST5-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + +4.5) Tripple DES in CBC block mode. +LIBSSH2_3DES +#define as 1 if the crypto library supports TripleDES in CBC mode, else 0. +If defined as 0, the rest of this section can be omitted. + +_libssh2_cipher_3des +TripleDES-CBC algorithm identifier initializer. +#define with constant value of type _libssh2_cipher_type(). + + +5) Diffie-Hellman support. + +5.1) Diffie-Hellman context. +_libssh2_dh_ctx +Type of a Diffie-Hellman computation context. +Must always be defined. + +5.2) Diffie-Hellman computation procedures. +void libssh2_dh_init(_libssh2_dh_ctx *dhctx); +Initializes the Diffie-Hellman context at `dhctx'. No effective context +creation needed here. + +int libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, + _libssh2_bn *g, _libssh2_bn *p, int group_order, + _libssh2_bn_ctx *bnctx); +Generates a Diffie-Hellman key pair using base `g', prime `p' and the given +`group_order'. Can use the given big number context `bnctx' if needed. +The private key is stored as opaque in the Diffie-Hellman context `*dhctx' and +the public key is returned in `public'. +0 is returned upon success, else -1. + +int libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, + _libssh2_bn *f, _libssh2_bn *p, _libssh2_bn_ctx * bnctx) +Computes the Diffie-Hellman secret from the previously created context `*dhctx', +the public key `f' from the other party and the same prime `p' used at +context creation. The result is stored in `secret'. +0 is returned upon success, else -1. + +void libssh2_dh_dtor(_libssh2_dh_ctx *dhctx) +Destroys Diffie-Hellman context at `dhctx' and resets its storage. + + +6) Big numbers. +Positive multi-byte integers support is sufficient. + +6.1) Computation contexts. +This has a real meaning if the big numbers computations need some context +storage. If not, use a dummy type and functions (macros). + +_libssh2_bn_ctx +Type of multiple precision computation context. May not be empty. if not used, +#define as char, for example. + +_libssh2_bn_ctx _libssh2_bn_ctx_new(void); +Returns a new multiple precision computation context. + +void _libssh2_bn_ctx_free(_libssh2_bn_ctx ctx); +Releases a multiple precision computation context. + +6.2) Computation support. +_libssh2_bn +Type of multiple precision numbers (aka bignumbers or huge integers) for the +crypto library. + +_libssh2_bn * _libssh2_bn_init(void); +Creates a multiple precision number (preset to zero). + +_libssh2_bn * _libssh2_bn_init_from_bin(void); +Create a multiple precision number intended to be set by the +_libssh2_bn_from_bin() function (see below). Unlike _libssh2_bn_init(), this +code may be a dummy initializer if the _libssh2_bn_from_bin() actually +allocates the number. Returns a value of type _libssh2_bn *. + +void _libssh2_bn_free(_libssh2_bn *bn); +Destroys the multiple precision number at bn. + +unsigned long _libssh2_bn_bytes(_libssh2_bn *bn); +Get the number of bytes needed to store the bits of the multiple precision +number at bn. + +unsigned long _libssh2_bn_bits(_libssh2_bn *bn); +Returns the number of bits of multiple precision number at bn. + +int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val); +Sets the value of bn to val. +Returns 1 on success, 0 otherwise. + +_libssh2_bn * _libssh2_bn_from_bin(_libssh2_bn *bn, int len, + const unsigned char *val); +Converts the positive integer in big-endian form of length len at val +into a _libssh2_bn and place it in bn. If bn is NULL, a new _libssh2_bn is +created. +Returns a pointer to target _libssh2_bn or NULL if error. + +int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val); +Converts the absolute value of bn into big-endian form and store it at +val. val must point to _libssh2_bn_bytes(bn) bytes of memory. +Returns the length of the big-endian number. + + +7) Private key algorithms. +Format of an RSA public key: +a) "ssh-rsa". +b) RSA exponent, MSB first, with high order bit = 0. +c) RSA modulus, MSB first, with high order bit = 0. +Each item is preceded by its 32-bit byte length, MSB first. + +Format of a DSA public key: +a) "ssh-dss". +b) p, MSB first, with high order bit = 0. +c) q, MSB first, with high order bit = 0. +d) g, MSB first, with high order bit = 0. +e) pub_key, MSB first, with high order bit = 0. +Each item is preceded by its 32-bit byte length, MSB first. + +Format of an ECDSA public key: +a) "ecdsa-sha2-nistp256" or "ecdsa-sha2-nistp384" or "ecdsa-sha2-nistp521". +b) domain: "nistp256", "nistp384" or "nistp521" matching a). +c) raw public key ("octal"). +Each item is preceded by its 32-bit byte length, MSB first. + +Format of an ED25519 public key: +a) "ssh-ed25519". +b) raw key (32 bytes). +Each item is preceded by its 32-bit byte length, MSB first. + +int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekey, + const char *passphrase); +Reads a private key from file privatekey and extract the public key --> +(pubkeydata, pubkeydata_len). Store the associated method (ssh-rsa or ssh-dss) +into (method, method_len). +Both buffers have to be allocated using LIBSSH2_ALLOC(). +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session, + unsigned char **method, + size_t *method_len, + unsigned char **pubkeydata, + size_t *pubkeydata_len, + const char *privatekeydata, + size_t privatekeydata_len, + const char *passphrase); +Gets a private key from bytes at (privatekeydata, privatekeydata_len) and +extract the public key --> (pubkeydata, pubkeydata_len). Store the associated +method (ssh-rsa or ssh-dss) into (method, method_len). +Both buffers have to be allocated using LIBSSH2_ALLOC(). +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + + +7.1) RSA +LIBSSH2_RSA +#define as 1 if the crypto library supports RSA, else 0. +If defined as 0, the rest of this section can be omitted. + +libssh2_rsa_ctx +Type of an RSA computation context. Generally a struct. + +int _libssh2_rsa_new(libssh2_rsa_ctx **rsa, + const unsigned char *edata, + unsigned long elen, + const unsigned char *ndata, + unsigned long nlen, + const unsigned char *ddata, + unsigned long dlen, + const unsigned char *pdata, + unsigned long plen, + const unsigned char *qdata, + unsigned long qlen, + const unsigned char *e1data, + unsigned long e1len, + const unsigned char *e2data, + unsigned long e2len, + const unsigned char *coeffdata, unsigned long coefflen); +Creates a new context for RSA computations from key source values: + pdata, plen Prime number p. Only used if private key known (ddata). + qdata, qlen Prime number q. Only used if private key known (ddata). + ndata, nlen Modulus n. + edata, elen Exponent e. + ddata, dlen e^-1 % phi(n) = private key. May be NULL if unknown. + e1data, e1len dp = d % (p-1). Only used if private key known (dtata). + e2data, e2len dq = d % (q-1). Only used if private key known (dtata). + coeffdata, coefflen q^-1 % p. Only used if private key known. +Returns 0 if OK. +This procedure is already prototyped in crypto.h. +Note: the current generic code only calls this function with e and n (public +key parameters): unless used internally by the backend, it is not needed to +support the private key and the other parameters here. + +int _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa, + LIBSSH2_SESSION *session, + const char *filename, + unsigned const char *passphrase); +Reads an RSA private key from file filename into a new RSA context. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, + LIBSSH2_SESSION *session, + const char *data, + size_t data_len, + unsigned const char *passphrase); +Gets an RSA private key from data into a new RSA context. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa, + const unsigned char *sig, + unsigned long sig_len, + const unsigned char *m, unsigned long m_len); +Verify (sig, sig_len) signature of (m, m_len) using an SHA-1 hash and the +RSA context. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_rsa_sha1_signv(LIBSSH2_SESSION *session, + unsigned char **sig, size_t *siglen, + int count, const struct iovec vector[], + libssh2_rsa_ctx *ctx); +RSA signs the SHA-1 hash computed over the count data chunks in vector. +Signature is stored at (sig, siglen). +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +Note: this procedure is optional: if provided, it MUST be defined as a macro. + +int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION *session, + libssh2_rsa_ctx *rsactx, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); +RSA signs the (hash, hashlen) SHA-1 hash bytes and stores the allocated +signature at (signature, signature_len). +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. +Note: this procedure is not used if macro _libssh2_rsa_sha1_signv() is defined. + +void _libssh2_rsa_free(libssh2_rsa_ctx *rsactx); +Releases the RSA computation context at rsactx. + + +7.2) DSA +LIBSSH2_DSA +#define as 1 if the crypto library supports DSA, else 0. +If defined as 0, the rest of this section can be omitted. + + +libssh2_dsa_ctx +Type of a DSA computation context. Generally a struct. + +int _libssh2_dsa_new(libssh2_dsa_ctx **dsa, + const unsigned char *pdata, + unsigned long plen, + const unsigned char *qdata, + unsigned long qlen, + const unsigned char *gdata, + unsigned long glen, + const unsigned char *ydata, + unsigned long ylen, + const unsigned char *x, unsigned long x_len); +Creates a new context for DSA computations from source key values: + pdata, plen Prime number p. Only used if private key known (ddata). + qdata, qlen Prime number q. Only used if private key known (ddata). + gdata, glen G number. + ydata, ylen Public key. + xdata, xlen Private key. Only taken if xlen non-zero. +Returns 0 if OK. +This procedure is already prototyped in crypto.h. + +int _libssh2_dsa_new_private(libssh2_dsa_ctx **dsa, + LIBSSH2_SESSION *session, + const char *filename, + unsigned const char *passphrase); +Gets a DSA private key from file filename into a new DSA context. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa, + LIBSSH2_SESSION *session, + const char *data, + size_t data_len, + unsigned const char *passphrase); +Gets a DSA private key from the data_len-bytes data into a new DSA context. +Must call _libssh2_init_if_needed(). +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx *dsactx, + const unsigned char *sig, + const unsigned char *m, unsigned long m_len); +Verify (sig, siglen) signature of (m, m_len) using an SHA-1 hash and the +DSA context. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx *dsactx, + const unsigned char *hash, + unsigned long hash_len, unsigned char *sig); +DSA signs the (hash, hash_len) data using SHA-1 and store the signature at sig. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +void _libssh2_dsa_free(libssh2_dsa_ctx *dsactx); +Releases the DSA computation context at dsactx. + + +7.3) ECDSA +LIBSSH2_ECDSA +#define as 1 if the crypto library supports ECDSA, else 0. +If defined as 0, _libssh2_ec_key should be defined as void and the rest of +this section can be omitted. + +EC_MAX_POINT_LEN +Maximum point length. Usually defined as ((528 * 2 / 8) + 1) (= 133). + +libssh2_ecdsa_ctx +Type of an ECDSA computation context. Generally a struct. + +_libssh2_ec_key +Type of an elliptic curve key. + +libssh2_curve_type +An enum type defining curve types. Current supported identifiers are: + LIBSSH2_EC_CURVE_NISTP256 + LIBSSH2_EC_CURVE_NISTP384 + LIBSSH2_EC_CURVE_NISTP521 + +int _libssh2_ecdsa_create_key(_libssh2_ec_key **out_private_key, + unsigned char **out_public_key_octal, + size_t *out_public_key_octal_len, + libssh2_curve_type curve_type); +Create a new ECDSA private key of type curve_type and return it at +out_private_key. If out_public_key_octal is not NULL, store an allocated +pointer to the associated public key in "octal" form in it and its length +at out_public_key_octal_len. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_new_private(libssh2_ecdsa_ctx **ec_ctx, + LIBSSH2_SESSION * session, + const char *filename, + unsigned const char *passphrase); +Reads an ECDSA private key from PEM file filename into a new ECDSA context. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx, + LIBSSH2_SESSION * session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase); +Builds an ECDSA private key from PEM data at filedata of length filedata_len +into a new ECDSA context stored at ec_ctx. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx **ecdsactx, + const unsigned char *k, + size_t k_len, + libssh2_curve_type type); +Stores at ecdsactx a new ECDSA context associated with the given curve type +and with "octal" form public key (k, k_len). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx **ec_ctx, + LIBSSH2_SESSION * session, + const char *filename, + unsigned const char *passphrase); +Reads a PEM-encoded ECDSA private key from file filename encrypted with +passphrase and stores at ec_ctx a new ECDSA context for it. +Return 0 if OK, else -1. +Currently used only from openssl backend (ought to be private). +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_sign(LIBSSH2_SESSION *session, libssh2_ecdsa_ctx *ec_ctx, + const unsigned char *hash, unsigned long hash_len, + unsigned char **signature, size_t *signature_len); +ECDSA signs the (hash, hashlen) hash bytes and stores the allocated +signature at (signature, signature_len). Hash algorithm used should be +SHA-256, SHA-384 or SHA-512 depending on type stored in ECDSA context at ec_ctx. +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_verify(libssh2_ecdsa_ctx *ctx, + const unsigned char *r, size_t r_len, + const unsigned char *s, size_t s_len, + const unsigned char *m, size_t m_len); +Verify the ECDSA signature made of (r, r_len) and (s, s_len) of (m, m_len) +using the hash algorithm configured in the ECDSA context ctx. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +libssh2_curve_type _libssh2_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ecdsactx); +Returns the curve type associated with given context. +This procedure is already prototyped in crypto.h. + +int _libssh2_ecdsa_curve_type_from_name(const char *name, + libssh2_curve_type *out_type); +Stores in out_type the curve type matching string name of the form +"ecdsa-sha2-nistpxxx". +Return 0 if OK, else -1. +Currently used only from openssl backend (ought to be private). +This procedure is already prototyped in crypto.h. + +void _libssh2_ecdsa_free(libssh2_ecdsa_ctx *ecdsactx); +Releases the ECDSA computation context at ecdsactx. + + +7.4) ED25519 +LIBSSH2_ED25519 +#define as 1 if the crypto library supports ED25519, else 0. +If defined as 0, the rest of this section can be omitted. + + +libssh2_ed25519_ctx +Type of an ED25519 computation context. Generally a struct. + +int _libssh2_curve25519_new(LIBSSH2_SESSION *session, libssh2_ed25519_ctx **ctx, + uint8_t **out_public_key, + uint8_t **out_private_key); +Generates an ED25519 key pair, stores a pointer to them at out_private_key +and out_public_key respectively and stores at ctx a new ED25519 context for +this key. +Argument ctx, out_private_key and out_public key may be NULL to disable storing +the corresponding value. +Length of each key is LIBSSH2_ED25519_KEY_LEN (32 bytes). +Key buffers are allocated and should be released by caller after use. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ed25519_new_private(libssh2_ed25519_ctx **ed_ctx, + LIBSSH2_SESSION *session, + const char *filename, + const uint8_t *passphrase); +Reads an ED25519 private key from PEM file filename into a new ED25519 context. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx, + LIBSSH2_SESSION *session, + const unsigned char *raw_pub_key, + const uint8_t key_len); +Stores at ed_ctx a new ED25519 key context for raw public key (raw_pub_key, +key_len). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx **ed_ctx, + LIBSSH2_SESSION *session, + const char *filedata, + size_t filedata_len, + unsigned const char *passphrase); +Builds an ED25519 private key from PEM data at filedata of length filedata_len +into a new ED25519 context stored at ed_ctx. +Must call _libssh2_init_if_needed(). +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session, + uint8_t **out_sig, size_t *out_sig_len, + const uint8_t *message, size_t message_len); +ED25519 signs the (message, message_len) bytes and stores the allocated +signature at (sig, sig_len). +Signature buffer is allocated from the given session. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_ed25519_verify(libssh2_ed25519_ctx *ctx, const uint8_t *s, + size_t s_len, const uint8_t *m, size_t m_len); +Verify (s, s_len) signature of (m, m_len) using the given ED25519 context. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +int _libssh2_curve25519_gen_k(_libssh2_bn **k, + uint8_t private_key[LIBSSH2_ED25519_KEY_LEN], + uint8_t srvr_public_key[LIBSSH2_ED25519_KEY_LEN]); +Computes a shared ED25519 secret key from the given raw server public key and +raw client public key and stores it as a big number in *k. Big number should +have been initialized before calling this function. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. + +void _libssh2_ed25519_free(libssh2_ed25519_ctx *ed25519ctx); +Releases the ED25519 computation context at ed25519ctx. + + +8) Miscellaneous + +void libssh2_prepare_iovec(struct iovec *vector, unsigned int len); +Prepare len consecutive iovec slots before using them. +In example, this is needed to preset unused structure slacks on platforms +requiring it. +If this is not needed, it should be defined as an empty macro. + +void _libssh2_random(unsigned char *buf, int len); +Store len random bytes at buf. diff --git a/docs/INSTALL_AUTOTOOLS b/docs/INSTALL_AUTOTOOLS new file mode 100644 index 0000000..a75b518 --- /dev/null +++ b/docs/INSTALL_AUTOTOOLS @@ -0,0 +1,355 @@ +Installation Instructions +************************* + +Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005 Free +Software Foundation, Inc. + +This file is free documentation; the Free Software Foundation gives +unlimited permission to copy, distribute and modify it. + +When Building directly from Master +================================== + +If you want to build directly from the git repository, you must first +generate the configure script and Makefile using autotools. There is +a convenience script that calls all tools in the correct order. Make +sure that autoconf, automake and libtool are installed on your system, +then execute: + + autoreconf -fi + +After executing this script, you can build the project as usual: + + ./configure + make + +Basic Installation +================== + +These are generic installation instructions. + + The `configure' shell script attempts to guess correct values for +various system-dependent variables used during compilation. It uses +those values to create a `Makefile' in each directory of the package. +It may also create one or more `.h' files containing system-dependent +definitions. Finally, it creates a shell script `config.status' that +you can run in the future to recreate the current configuration, and a +file `config.log' containing compiler output (useful mainly for +debugging `configure'). + + It can also use an optional file (typically called `config.cache' +and enabled with `--cache-file=config.cache' or simply `-C') that saves +the results of its tests to speed up reconfiguring. (Caching is +disabled by default to prevent problems with accidental use of stale +cache files.) + + If you need to do unusual things to compile the package, please try +to figure out how `configure' could check whether to do them, and mail +diffs or instructions to the address given in the `README' so they can +be considered for the next release. If you are using the cache, and at +some point `config.cache' contains results you don't want to keep, you +may remove or edit it. + + The file `configure.ac' (or `configure.in') is used to create +`configure' by a program called `autoconf'. You only need +`configure.ac' if you want to change it or regenerate `configure' using +a newer version of `autoconf'. + +The simplest way to compile this package is: + + 1. `cd' to the directory containing the package's source code and type + `./configure' to configure the package for your system. If you're + using `csh' on an old version of System V, you might need to type + `sh ./configure' instead to prevent `csh' from trying to execute + `configure' itself. + + Running `configure' takes awhile. While running, it prints some + messages telling which features it is checking for. + + 2. Type `make' to compile the package. + + 3. Optionally, type `make check' to run any self-tests that come with + the package. + + 4. Type `make install' to install the programs and any data files and + documentation. + + 5. You can remove the program binaries and object files from the + source code directory by typing `make clean'. To also remove the + files that `configure' created (so you can compile the package for + a different kind of computer), type `make distclean'. There is + also a `make maintainer-clean' target, but that is intended mainly + for the package's developers. If you use it, you may have to get + all sorts of other programs in order to regenerate files that came + with the distribution. + +Compilers and Options +===================== + +Some systems require unusual options for compilation or linking that the +`configure' script does not know about. Run `./configure --help' for +details on some of the pertinent environment variables. + + You can give `configure' initial values for configuration parameters +by setting variables in the command line or in the environment. Here +is an example: + + ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix + + *Note Defining Variables::, for more details. + +Compiling For Multiple Architectures +==================================== + +You can compile the package for more than one kind of computer at the +same time, by placing the object files for each architecture in their +own directory. To do this, you must use a version of `make' that +supports the `VPATH' variable, such as GNU `make'. `cd' to the +directory where you want the object files and executables to go and run +the `configure' script. `configure' automatically checks for the +source code in the directory that `configure' is in and in `..'. + + If you have to use a `make' that does not support the `VPATH' +variable, you have to compile the package for one architecture at a +time in the source code directory. After you have installed the +package for one architecture, use `make distclean' before reconfiguring +for another architecture. + +Installation Names +================== + +By default, `make install' installs the package's commands under +`/usr/local/bin', include files under `/usr/local/include', etc. You +can specify an installation prefix other than `/usr/local' by giving +`configure' the option `--prefix=PREFIX'. + + You can specify separate installation prefixes for +architecture-specific files and architecture-independent files. If you +pass the option `--exec-prefix=PREFIX' to `configure', the package uses +PREFIX as the prefix for installing programs and libraries. +Documentation and other data files still use the regular prefix. + + In addition, if you use an unusual directory layout you can give +options like `--bindir=DIR' to specify different values for particular +kinds of files. Run `configure --help' for a list of the directories +you can set and what kinds of files go in them. + + If the package supports it, you can cause programs to be installed +with an extra prefix or suffix on their names by giving `configure' the +option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. + +Optional Features +================= + +Some packages pay attention to `--enable-FEATURE' options to +`configure', where FEATURE indicates an optional part of the package. +They may also pay attention to `--with-PACKAGE' options, where PACKAGE +is something like `gnu-as' or `x' (for the X Window System). The +`README' should mention any `--enable-' and `--with-' options that the +package recognizes. + + For packages that use the X Window System, `configure' can usually +find the X include and library files automatically, but if it doesn't, +you can use the `configure' options `--x-includes=DIR' and +`--x-libraries=DIR' to specify their locations. + +Specifying the System Type +========================== + +There may be some features `configure' cannot figure out automatically, +but needs to determine by the type of machine the package will run on. +Usually, assuming the package is built to be run on the _same_ +architectures, `configure' can figure that out, but if it prints a +message saying it cannot guess the machine type, give it the +`--build=TYPE' option. TYPE can either be a short name for the system +type, such as `sun4', or a canonical name which has the form: + + CPU-COMPANY-SYSTEM + +where SYSTEM can have one of these forms: + + OS KERNEL-OS + + See the file `config.sub' for the possible values of each field. If +`config.sub' isn't included in this package, then this package doesn't +need to know the machine type. + + If you are _building_ compiler tools for cross-compiling, you should +use the option `--target=TYPE' to select the type of system they will +produce code for. + + If you want to _use_ a cross compiler, that generates code for a +platform different from the build platform, you should specify the +"host" platform (i.e., that on which the generated programs will +eventually be run) with `--host=TYPE'. + +Sharing Defaults +================ + +If you want to set default values for `configure' scripts to share, you +can create a site shell script called `config.site' that gives default +values for variables like `CC', `cache_file', and `prefix'. +`configure' looks for `PREFIX/share/config.site' if it exists, then +`PREFIX/etc/config.site' if it exists. Or, you can set the +`CONFIG_SITE' environment variable to the location of the site script. +A warning: not all `configure' scripts look for a site script. + +Defining Variables +================== + +Variables not defined in a site shell script can be set in the +environment passed to `configure'. However, some packages may run +configure again during the build, and the customized values of these +variables may be lost. In order to avoid this problem, you should set +them in the `configure' command line, using `VAR=value'. For example: + + ./configure CC=/usr/local2/bin/gcc + +causes the specified `gcc' to be used as the C compiler (unless it is +overridden in the site shell script). Here is a another example: + + /bin/bash ./configure CONFIG_SHELL=/bin/bash + +Here the `CONFIG_SHELL=/bin/bash' operand causes subsequent +configuration-related scripts to be executed by `/bin/bash'. + +`configure' Invocation +====================== + +`configure' recognizes the following options to control how it operates. + +`--help' +`-h' + Print a summary of the options to `configure', and exit. + +`--version' +`-V' + Print the version of Autoconf used to generate the `configure' + script, and exit. + +`--cache-file=FILE' + Enable the cache: use and save the results of the tests in FILE, + traditionally `config.cache'. FILE defaults to `/dev/null' to + disable caching. + +`--config-cache' +`-C' + Alias for `--cache-file=config.cache'. + +`--quiet' +`--silent' +`-q' + Do not print messages saying which checks are being made. To + suppress all normal output, redirect it to `/dev/null' (any error + messages will still be shown). + +`--srcdir=DIR' + Look for the package's source code in directory DIR. Usually + `configure' can determine that directory automatically. + +`configure' also accepts some other, not widely useful, options. Run +`configure --help' for more details. + +More configure options +====================== + +Some ./configure options deserve additional comments: + + * --enable-crypt-none + + The SSH2 Transport allows for unencrypted data + transmission using the "none" cipher. Because this is + such a huge security hole, it is typically disabled on + SSH2 implementations and is disabled in libssh2 by + default as well. + + Enabling this option will allow for "none" as a + negotiable method, however it still requires that the + method be advertized by the remote end and that no + more-preferable methods are available. + + * --enable-mac-none + + The SSH2 Transport also allows implementations to + forego a message authentication code. While this is + less of a security risk than using a "none" cipher, it + is still not recommended as disabling MAC hashes + removes a layer of security. + + Enabling this option will allow for "none" as a + negotiable method, however it still requires that the + method be advertized by the remote end and that no + more-preferable methods are available. + + * --disable-gex-new + + The diffie-hellman-group-exchange-sha1 (dh-gex) key + exchange method originally defined an exchange + negotiation using packet type 30 to request a + generation pair based on a single target value. Later + refinement of dh-gex provided for range and target + values. By default libssh2 will use the newer range + method. + + If you experience trouble connecting to an old SSH + server using dh-gex, try this option to fallback on + the older more reliable method. + + * --with-libgcrypt + * --without-libgcrypt + * --with-libgcrypt-prefix=DIR + + libssh2 can use the Libgcrypt library + (https://www.gnupg.org/) for cryptographic operations. + One of the cryptographic libraries is required. + + Configure will attempt to locate Libgcrypt + automatically. + + If your installation of Libgcrypt is in another + location, specify it using --with-libgcrypt-prefix. + + * --with-openssl + * --without-openssl + * --with-libssl-prefix=[DIR] + + libssh2 can use the OpenSSL library + (https://www.openssl.org) for cryptographic operations. + One of the cryptographic libraries is required. + + Configure will attempt to locate OpenSSL in the + default location. + + If your installation of OpenSSL is in another + location, specify it using --with-libssl-prefix. + + * --with-mbedtls + * --without-mbedtls + * --with-libmbedtls-prefix=[DIR] + + libssh2 can use the mbedTLS library + (https://tls.mbed.org) for cryptographic operations. + One of the cryptographic libraries is required. + + Configure will attempt to locate mbedTLS in the + default location. + + If your installation of mbedTLS is in another + location, specify it using --with-libmbedtls-prefix. + + * --with-libz + * --without-libz + * --with-libz-prefix=[DIR] + + If present, libssh2 will attempt to use the zlib + (http://www.zlib.org) for payload compression, however + zlib is not required. + + If your installation of Libz is in another location, + specify it using --with-libz-prefix. + + * --enable-debug + + Will make the build use more pedantic and strict compiler + options as well as enable the libssh2_trace() function (for + showing debug traces). diff --git a/docs/INSTALL_CMAKE.md b/docs/INSTALL_CMAKE.md new file mode 100644 index 0000000..9ad9f8d --- /dev/null +++ b/docs/INSTALL_CMAKE.md @@ -0,0 +1,188 @@ +License: see COPYING + +Source code: https://github.com/libssh2/libssh2 + +Web site source code: https://github.com/libssh2/www + +Installation instructions are in docs/INSTALL +======= +To build libssh2 you will need CMake v2.8 or later [1] and one of the +following cryptography libraries: + +* OpenSSL +* Libgcrypt +* WinCNG +* mbedTLS + +Getting started +--------------- + +If you are happy with the default options, make a new build directory, +change to it, configure the build environment and build the project: + +``` + mkdir bin + cd bin + cmake .. + cmake --build . +``` + +libssh2 will be built as a static library and will use any +cryptography library available. The library binary will be put in +`bin/src`, with the examples in `bin/example` and the tests in +`bin/tests`. + +Customising the build +--------------------- + +Of course, you might want to customise the build options. You can +pass the options to CMake on the command line: + + cmake -D