This commit adds a simple check to see if the offset of the read
request matches the expected file offset.
We could try to recover, from this condition at some point in the future.
Right now it is better to return an error instead of corrupted data.
This commit ensures that we have sent at least one read request before
we try to read data in sftp_read().
Otherwise sftp_read() would return 0 bytes (indicating EOF) if the
socket is not ready for writing.
Since we can only store data from a single chunk in filep,
we have to stop receiving data as soon as the buffer is full.
This adresses the following bug report:
https://github.com/libssh2/libssh2/issues/50
"agent_disconnect_unix", called by "libssh2_agent_disconnect", was
leaving the file descriptor in the agent structure unchanged. Later,
"libssh2_agent_free" would call again "libssh2_agent_disconnect" under
the hood and it would try to close again the same file descriptor. In
most cases that resulted in just a harmless error, but it is also
possible that the file descriptor had been reused between the two
calls resulting in the closing of an unrelated file descriptor.
This patch sets agent->fd to LIBSSH2_INVALID_SOCKET avoiding that
issue.
Signed-off-by: Salvador Fandiño <sfandino@yahoo.com>
The Qc3 library is not able to handle PKCS#8 EncryptedPrivateKeyInfo structures
by itself. It is only capable of decrypting the (encrypted) PrivateKeyInfo
part, providing a key encryption key and an encryption algorithm are given.
Since the encryption key and algorithm description part in a PKCS#8
EncryptedPrivateKeyInfo is a PKCS#5 structure, such a decoder is needed to
get the derived key method and hash, as well as encryption algorith and
initialisation vector.
The Qc3 library requires a minimum key length depending on the target
hash algorithm. Append binary zeroes to the given key if not long enough.
This matches RFC 2104 specifications.
The Qc3 library requires the key encryption key to exist as long as
the encrypted key is used. Its descriptor token is then kept as an
"encrypted key slave" for recursive release.
Build procedure extproto() did not strip braces from header files, thus
possibly prepended them to true prototypes. This prevented the prototype to
be recognized as such.
The solution implemented here is to map braces to semicolons, effectively
considering them as potential prototype delimiters.
In addition, file os400/macros.h declares all procedures originally
defined as macros. It must not be used for real inclusion and is only
intended to be used as a `database' for macro wrapping procedures generation.
Some structure fields holding callback addresses have the same name as the
underlying system function (connect, send, recv). Set parentheses around
their reference to suppress a possible macro substitution.
Use a macro for connect() on OS/400 to resolve a const/nonconst parameter
problem.
OS/400 crypto library is unable to sign a precomputed SHA1 hash: however
it does support a procedure that hashes data fragments and rsa signs.
If defined, the new macro _libssh2_rsa_sha1_signv() implements this function
and disables use of _libssh2_rsa_sha1_sign().
The function described above requires that the struct iovec unused slacks are
cleared: for this reason, macro libssh2_prepare_iovec() has been introduced.
It should be defined as empty for crypto backends that are not sensitive
to struct iovec unused slack values.
* close https://github.com/libssh2/libssh2/issues/69
* sync a declaration with the rest of similar ones
* handle EVP_MD_CTX_new() returning NULL with OpenSSL 1.1.0
* fix potential memory leak with OpenSSL 1.1.0 in
_libssh2_*_init() functions, when EVP_MD_CTX_new() succeeds,
but EVP_DigestInit() fails.
