712 Commits

Author SHA1 Message Date
Daniel Stenberg
7dc2bfac94 _libssh2_userauth_publickey: reject method names longer than the data
This functions get the method length by looking at the first 32
bit of data, and I now made it not accept method lengths that are
longer than the whole data set is, as given in the dedicated
function argument.

This was detected when the function was given bogus public key
data as an ascii string, which caused the first 32bits to create
a HUGE number.
2010-06-20 00:23:28 +02:00
Daniel Stenberg
35cf08e130 NULL resistance: make more public functions survive NULL pointer input
Sending in NULL as the primary pointer is now dealt with by more
public functions. I also narrowed the userauth.c code somewhat to
stay within 80 columns better.
2010-06-18 20:25:03 +02:00
Daniel Stenberg
32bd0df992 agent: make libssh2_agent_userauth() work blocking properly
previously it would always work in a non-blocking manner
2010-06-18 20:13:08 +02:00
Peter Stuge
38940f45d2 Fix underscore typo for 64-bit printf format specifiers on Windows
Commit 49ddf447ff4bd80285f926eac0115f4e595f9425 was missing underscores.
2010-06-17 12:23:25 +02:00
John
6ddcc493e8 LIBSSH2_DEBUG: macro uses incorrect function variable
The LIBSSH2_DEBUG macro, defined in libssh2_priv.h, incorrectly uses the
function variable ssh_msg_disconnect when it should use ssh_msg_debug.

This shows that the LIBSSH2_CALLBACK_DEBUG callback never has worked...
2010-06-16 00:04:25 +02:00
Daniel Stenberg
3496e1c2a2 warning: fix a compiler warning 'pointer differs in signedness'
As reported in bug #177
2010-06-15 19:51:26 +02:00
Daniel Stenberg
49ddf447ff portability: introduce LIBSSH2_INT64_T_FORMAT for 64bit printf()s
As pointed out in bug #177, some of the Windows compilers use
%I64 to output 64 bit variables with the printf family.
2010-06-15 19:47:31 +02:00
Daniel Stenberg
04d4bbb66b debug: avoid sending NULL to sprintf %s
Via the _libssh2_debug() macro/function. Pointed out by john in bug report
2010-06-15 17:00:02 +02:00
Daniel Stenberg
2fd044fdf5 code police: make the code use less than 80 columns 2010-06-14 17:23:00 +02:00
Daniel Stenberg
518d25eba1 SFTP: limit write() to not produce overly large packets
sftp_write() now limits how much data it gets at a time even more
than before. Since this function creates a complete outgoing
packet based on what gets passed to it, it is crucial that it
doesn't create too large packets.

With this method, there's also no longer any problem to use very
large buffers in your application and feed that to libssh2. I've
done numerous tests now with uploading data over SFTP using 100K
buffers and I've had no problems with that.
2010-06-11 16:07:30 +02:00
Daniel Stenberg
22a2de7347 agent: use _libssh2_error() when returning errors
As pointed out in bug report #173, this module basically never
used _libssh2_error() which made it work inconstently with other
parts of the libssh2 code base. This is my first take at making
this code more in line with the rest.
2010-06-11 13:32:41 +02:00
Daniel Stenberg
4cf935abab inputchecks: make lots of API functions check for NULL pointers
If an application accidentally provides a NULL handle pointer to
the channel or sftp public functions, they now return an error
instead of segfaulting.
2010-06-11 13:05:55 +02:00
Daniel Stenberg
18605cb81f SFTP: keep the sftp error code as 32 bit
'last_errno' holds to the error code from the SFTP protocol and
since that is 32 bits on the wire there's no point in using a
long for this internally which is larger on some platforms.
2010-06-11 13:00:31 +02:00
Daniel Stenberg
3490b3fe10 agent: make the code better deal with unexpected code flows
agent->ops gets initialized by the libssh2_agent_connect() call
but we need to make sure that we don't segfault even if a bad
sequence of function calls is used.
2010-06-11 11:13:46 +02:00
Alexander Lamaison
c87a48ae4c Better handling of invalid key files.
Passing an invalid public key to libssh2_userauth_publickey_fromfile_ex
triggered an assertion.  Replaced this with a runtime check that rejects
obviously invalid key data.
2010-06-10 12:25:26 +01:00
Guenter Knauf
f682684fdd added missing source files to src/NMakefile. 2010-06-10 02:28:47 +02:00
Daniel Stenberg
eeeebd02e7 SFTP: fail init SFTP if session isn't authenticated
Alexander Lamaison filed bug #172
(http://trac.libssh2.org/ticket/172), and pointed out that SFTP
init would do bad if the session isn't yet authenticated at the
time of the call, so we now check for this situation and returns
an error if detected. Calling sftp_init() at this point is bad
usage to start with.
2010-06-07 13:10:51 +02:00
Guenter Knauf
81912f67e7 cast away a warning. 2010-06-03 05:21:02 +02:00
Guenter Knauf
fa5d6c705d MingW32 has gettimeofday() implemented, so proper ifdef this function here. 2010-06-01 21:09:08 +02:00
Guenter Knauf
86c935317c cleaned up MSVC ifdefs which where spreaded over 3 places. 2010-06-01 19:32:11 +02:00
Guenter Knauf
0b593c8a9d if the function declaration gets changed the header should be changed too. 2010-06-01 17:28:46 +02:00
Guenter Knauf
8ff3f62786 this is MSVC specific and doesnt apply for all Win32 compilers;
the uint8_t typedef clashes with MingW32 headers.
2010-06-01 17:15:46 +02:00
Dan Fandrich
7a088a8ab7 Fixed compiling with libgcrypt
A change of parameter types from unsigned long to size_t was
missed in the prototype in libgcrypt.h
2010-05-30 22:53:53 -07:00
Daniel Stenberg
d15663477b statvfs: use libssh2_sftp_statvfs only, no "_ex"
As the long-term goal is to get rid of the extensive set of
macros from the API we can just as well start small by not adding
new macros when we add new functions. Therefore we let the
function be libssh2_sftp_statvfs() plainly without using an _ex
suffix.

I also made it use size_t instead of unsigned int for the string
length as that too is a long-term goal for the API.
2010-05-28 17:25:42 +02:00
Grubsky Grigory
dc747fb221 win32: provide a uint8_t typedef for better building on windows 2010-05-25 23:22:39 +02:00
Daniel Stenberg
76fd96e63e agent: win32: fix bad _libssh2_store_str call
As pointed out by Grubsky Grigory <g.grubsky@securitycode.ru>, I
made a mistake when I added the _libssh2_store_str() call before
and I made a slightly different patch than what he suggested.
Based purely on taste.
2010-05-25 23:19:46 +02:00
Joey Degges
ed526a0e24 Add libssh2_sftp_statvfs() and libssh2_sftp_fstatvfs()
These can be used to get file system statistics from servers that
support the statvfs@openssh.com and fstatvfs@openssh.com extensions.
2010-05-24 07:05:23 +02:00
Alexander Lamaison
798a808a2b Change magic port number for generic knownhost check.
libssh2_knownhost_checkp took 0 as a magic port number that indicated
a 'generic' check should be performed.  However, 0 is a valid port
number in its own right so this commit changes the magic value to any
negative int.
2010-05-21 00:01:57 +01:00
Mikhail Gusarov
b3ed8e064a Restoring copyright statements from pre-git era
Eli Fant has contributed fragmenting SFTP requests
2010-05-05 15:44:15 +07:00
Mikhail Gusarov
ffb55aa2a3 Restoring my copyright statements from pre-git era
keyboard_interactive, 'exit-status' information packet, non-atomic read/write
under FreeBSD, multi-channel operation bugfixes.
2010-05-05 15:41:19 +07:00
Daniel Stenberg
a3f3347c12 knownhost: support [host]:port in knownhost file
OpenSSH has ways to add hosts to the knownhosts file that include
a specific port number which makes the key associated with only
that specific host+port pair. libssh2 previously did not support
this, and I was forced to add a new function to the API to
properly expose this ability to applications:
libssh2_knownhost_checkp()

To *add* such hosts to the knownhosts file, you make sure to pass
on the host name in that manner to the libssh2_knownhost_addc()
function.
2010-05-02 16:56:31 +02:00
Daniel Stenberg
204100e636 KEX: stop pretending we negotiate language
There was some stub-like parts of an implementation for
implementing kex language negotiation that caused clang-analyzer
to warn and as it did nothing I've now removed the dead code.
2010-04-29 23:57:47 +02:00
Daniel Stenberg
ab81b75a8e fix Value stored to 's' is never read warning
and moved variable declaration of s to be more local
2010-04-28 23:28:26 +02:00
Daniel Stenberg
0c918ef72a kexinit: simplify the code and avoid scan-build warning
Previously it would say "Value stored to 's' is never read" due
fourth increment of 's'.
2010-04-28 23:28:26 +02:00
Alexander Lamaison
6c3f2ec815 Removed unecessary brackets. 2010-04-28 17:41:17 +01:00
Alexander Lamaison
f1df0b7fbc Changed sftp_attrsize macro to a static function. 2010-04-28 17:38:00 +01:00
Daniel Stenberg
45210d8376 sftp_attrsize: protect the macro argument with proper parentheses 2010-04-28 10:23:40 +02:00
Daniel Stenberg
514f4d9305 publickey_init: remove useless variable increment 2010-04-28 08:59:17 +02:00
Daniel Stenberg
d5d80d296a hostkey_method_ssh_rsa_init: remove useless variable increment 2010-04-28 08:57:56 +02:00
Daniel Stenberg
568060d266 packet_x11_open: removed useless variable increment
and made the declaration of a variable more local
2010-04-28 08:48:50 +02:00
Daniel Stenberg
6e2a0e603a packet_queue_listener: removed useless variable increment
and made the declaration of a variable more local
2010-04-28 08:47:30 +02:00
Daniel Stenberg
d811478071 sftp_read: move a read_responses array to where its used
I find that this increases readability since the array is used
only in the function call just immediately below and nowhere
else.
2010-04-28 00:39:23 +02:00
Daniel Stenberg
b979af1eee sftp_readdir: turn a small array static const and move it 2010-04-28 00:38:22 +02:00
Daniel Stenberg
37624b61e3 sftp_attrsize: converted function to a macro
This way, the macro can evaluate a static number at compile time
for two out of four uses, and it probably runs faster for the
other two cases too.
2010-04-28 00:23:09 +02:00
Daniel Stenberg
4c26a46362 sftp_open: deal with short channel_write calls
This was an old TODO that just wasn't done before. If
channel_write returns short, that is not an error.
2010-04-28 00:12:47 +02:00
Daniel Stenberg
77efca961d sftp_open: clean up, better check of input data
The clang-analyzer report made it look into this function and
I've went through it to remove a potential use of an
uninitialized variable and I also added some validation of input
data received from the server.

In general, lots of more code in this file need to validate the
input before assuming it is correct: there are servers out there
that have bugs or just have another idea of how to do the SFTP
protocol.
2010-04-27 23:59:55 +02:00
Jose Baars
c511177d39 VMS port of libssh2; changes in the libssh2 common code 2010-04-25 19:57:45 +02:00
Daniel Stenberg
71fb9cc93e cleanup: prefer the internal functions
To get the blocking vs non-blocking to work as smooth as possible
and behave better internally, we avoid using the external
interfaces when calling functions internally.

Renamed a few internal functions to use _libssh2 prefix when not
being private within a file, and removed the libssh2_ for one
that was private within the file.
2010-04-25 19:35:43 +02:00
Daniel Stenberg
5163e4ecb8 session_free: remove dead code 2010-04-25 19:35:43 +02:00
Daniel Stenberg
000b0f73d0 libssh2_publickey_init: fixed to work better non-blocking
This was triggered by a clang-analyzer complaint that turned out
to be valid, and it made me dig deeper and fix some generic non-
blocking problems I disovered in the code.

While cleaning this up, I moved session-specific stuff over to a
new session.h header from the libssh2_priv.h header.
2010-04-25 19:35:43 +02:00