updated info for 1.2.4

Allow compiling with OpenSSL when AES isn't available.
Fix Tru64 socklen_t compile issue with example/direct_tcpip.c
2010-02-13 17:10:30 +01:00 · 2010-02-10 14:49:17 -08:00 · 2010-02-09 11:45:40 +01:00 · 2010-02-09 11:19:52 +01:00 · 2010-02-03 19:36:19 +01:00 · 2010-02-03 19:23:28 +01:00
116 changed files with 6915 additions and 2316 deletions
--- a/.cvsusers
+++ b/.cvsusers
@@ -1,11 +0,0 @@
 jas4711:Simon Josefsson <simon@josefsson.org>
 bagder:Daniel Stenberg
 sarag:Sara Golemon <pollita@libssh2.org>
 gusarov:Mikhail Gusarov <dottedmag@dottedmag.net>
 wez:Wez Furlong
 edink:Edink Kadribasic
 jehousley: James Housley
 gknauf: Guenter Knauf
 dfandrich: Dan Fandrich
 yangtse: Yang Tse
 thomaspu: Paul Thomas
--- a/.gitattribute
+++ b/.gitattribute
@@ -0,0 +1,2 @@
 win32/msvcproj.head -crlf
 win32/msvcproj.foot -crlf
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,9 @@ ssh2_sample
 libssh2-*.tar.gz
 INSTALL
 install-sh
 *.o
 *.lo
 *.la
 mkinstalldirs
 tags
 libssh2.pc
--- a/58
+++ b/58
@@ -1,15 +1,47 @@
-* Sara Golemon: Author / Project Manager
+ libssh2 is the result of many friendly people. This list is an attempt to
 mention all contributors. If we've missed anyone, tell us!
-* Daniel Stenberg: Co-maintainer
+ This list of names is a-z sorted.
-* James Housleys: Nonblocking conversion
+Adam Gobiowski
-
+Alexander Holyapin
-* Simon Josefsson: libgcrypt support
+Alexander Lamaison
-
+Ben Kibbey
-* Mikhail Gusarov: Keyboard Interactive Authentication
+Bjorn Stenborg
-
+Carlo Bramini
-* Wez Furlong & Edink Kadribasic: Windows Port
+Dan Casey
-
+Dan Fandrich
-* Dan Fandrich: bug fixes, cleanups
+Daniel Stenberg
-
+David J Sullivan
-* Guenter Knauf: win32 work and more
+David Robins
 Edink Kadribasic
 Erik Brossler
 Francois Dupoux
 Guenter Knauf
 Heiner Steven
 James Housleys
 Jean-Louis Charton
 Jussi Mononen
 Mark McPherson
 Markus Moeller
 Mike Protts
 Mikhail Gusarov
 Neil Gierman
 Olivier Hervieu
 Paul Veldkamp
 Peter O'Gorman
 Peter Stuge
 Romain Bondue
 Sara Golemon
 Satish Mittal
 Sean Peterson
 Selcuk Gueney
 Simon Hart
 Simon Josefsson
 Steven Ayre
 Steven Van Ingelgem
 Tor Arntsen
 Vincent Jaulin
 Vlad Grachov
 Wez Furlong
 Yang Tse
--- a/4
+++ b/4
@@ -1,5 +1,7 @@
 /* Copyright (c) 2004-2007 Sara Golemon <sarag@libssh2.org>
- * Copyright (C) 2006-2007 The Written Word, Inc.
+ * Copyright (c) 2006-2007 The Written Word, Inc.
 * Copyright (c) 2009 Daniel Stenberg
 * Copyright (C) 2008, 2009 Simon Josefsson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
--- a/21
+++ b/21
@@ -9,24 +9,5 @@ libssh2 source code style guide:
         go_nuts();
     }
 - write both braces on the else line:
     if (banana) {
         go_nuts();
     } else {
         stay_calm();
     }
 - use braces even for single-statement blocks
 - keep source lines shorter than 80 columns
-
+ - See libssh2-style.el for how to achieve this within Emacs
 ------------
 Older libssh2 code that still hasn't quite transitioned to the above
 mentioned style, used a different style:
 - indented with tabs (only)
 - no line length limits
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,5 +1,10 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 SUBDIRS = src example tests docs
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libssh2.pc
 include_HEADERS =			\
 	include/libssh2.h		\
 	include/libssh2_publickey.h	\
@@ -11,20 +16,25 @@ NETWAREFILES =  nw/keepscreen.c \
 nw/nwlib.c \
 nw/test/Makefile.netware
-WIN32FILES = win32/libssh2_dll.dsp win32/libssh2.dsw win32/Makefile.win32      \
+DSP = win32/libssh2.dsp
-win32/config.mk win32/Makefile win32/test/Makefile.win32 win32/libssh2_lib.dsp \
+VCPROJ = win32/libssh2.vcproj
-win32/libssh2_config.h win32/tests.dsp win32/rules.mk
+
 DISTCLEANFILES = $(DSP)
 WIN32FILES = win32/Makefile.win32 win32/libssh2.dsw     \
 win32/config.mk win32/Makefile win32/test/Makefile.win32 \
 win32/libssh2_config.h win32/tests.dsp win32/rules.mk $(DSP) \
 win32/msvcproj.head win32/msvcproj.foot
 EXTRA_DIST = $(WIN32FILES) buildconf $(NETWAREFILES) get_ver.awk HACKING \
- maketgz NMakefile TODO
+ maketgz NMakefile TODO RELEASE-NOTES libssh2.pc.in
 ACLOCAL_AMFLAGS = -I m4
 .PHONY: ChangeLog
 ChangeLog:
-	if test -f .cvsusers; then \
+	echo "see NEWS" > ./ChangeLog
-	  cvs2cl --utc --fsf --FSF --usermap .cvsusers -I ChangeLog -I .cvs; \
+DISTCLEANFILES += ChangeLog
 	fi
 dist-hook:
 	rm -rf $(top_builddir)/tests/log
@@ -57,3 +67,62 @@ gen-coverage:
 		--title "$(PACKAGE_NAME)"
 coverage: init-coverage build-coverage gen-coverage
 # DSP/VCPROJ generation adapted from libcurl
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc
 WIN32SOURCES = $(CSOURCES)
 WIN32HEADERS = $(HHEADERS) libssh2_config.h
 $(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am
 	echo "creating $(DSP)"
 	@( (cat $(srcdir)/win32/msvcproj.head; \
 	echo "# Begin Group \"Source Files\""; \
 	echo ""; \
 	echo "# PROP Default_Filter \"cpp;c;cxx\""; \
 	win32_srcs='$(WIN32SOURCES)'; \
 	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
 	for file in $$sorted_srcs; do \
 		echo "# Begin Source File"; \
 		echo ""; \
 		echo "SOURCE=..\\src\\"$$file; \
 		echo "# End Source File"; \
 	done; \
 	echo "# End Group"; \
 	echo "# Begin Group \"Header Files\""; \
 	echo ""; \
 	echo "# PROP Default_Filter \"h;hpp;hxx\""; \
 	win32_hdrs='$(WIN32HEADERS)'; \
 	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
 	for file in $$sorted_hdrs; do \
 		echo "# Begin Source File"; \
 		echo ""; \
 		if [ "$$file" == "libssh2_config.h" ]; \
 		then \
 			echo "SOURCE=.\\"$$file; \
 		else \
 			echo "SOURCE=..\\src\\"$$file; \
 		fi; \
 		echo "# End Source File"; \
 	done; \
 	echo "# End Group"; \
 	cat $(srcdir)/win32/msvcproj.foot) | \
 	awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
 $(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am
 	echo "creating $(VCPROJ)"
 	@( (cat $(srcdir)/vc8proj.head; \
 	win32_srcs='$(WIN32SOURCES)'; \
 	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
 	for file in $$sorted_srcs; do \
 		echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
 	done; \
 	echo "</Filter><Filter	Name=\"Header Files\">"; \
 	win32_hdrs='$(WIN32HEADERS)'; \
 	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
 	for file in $$sorted_hdrs; do \
 		echo "<File RelativePath=\""..\src\$$file"\"></File>"; \
 	done; \
 	cat $(srcdir)/vc8proj.foot) | \
 	awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ )
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -0,0 +1,5 @@
 CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \
 packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \
 version.c knownhost.c agent.c openssl.c libgcrypt.c pem.c
 HHEADERS = libssh2_priv.h openssl.h libgcrypt.h transport.h channel.h comp.h mac.h misc.h
--- a/154
+++ b/154
@@ -1,3 +1,157 @@
 Version 1.2.4 (February 13, 2010)
 o Resolve compile issues on Solaris x64 and UltraSPARC
 o Allow compiling with OpenSSL when AES isn't available
 o Fix Tru64 socklen_t compile issue with example/direct_tcpip.c
 Version 1.2.3 (February 3, 2010)
 o Added libssh2_trace_sethandler()
 o Added the direct_tcpip.c example
 o Fixed memory leak in userauth_publickey
 o Added support for authentication via SSH-Agent.  By Daiki Ueno.
 o Respond to unknown SSH_MSG_GLOBAL_REQUEST/SSH_MSG_CHANNEL_REQUEST
   with SSH_MSG_REQUEST_FAILURE/SSH_MSG_CHANNEL_FAILURE in order to
   make (at least) OpenSSH server keepalive work.  Before OpenSSH
   servers (configured with a positive ClientAliveInterval) would
   terminate connections against libssh2 clients because libssh2 did
   not respond properly to the request.  By Simon Josefsson.
 Version 1.2.2 (November 16, 2009)
 * This release includes the following changes:
  o Fix crash when server sends an invalid SSH_MSG_IGNORE message.
    Reported by Bob Alexander <balexander@expressor-software.com> in
    <http://thread.gmane.org/gmane.network.ssh.libssh2.devel/2530>.
    By Simon Josefsson.
  o Support for the "aes128-ctr", "aes192-ctr", "aes256-ctr" ciphers
    as per RFC 4344 for libgcrypt and OpenSSL.  They are now the
    preferred ciphers.  By Simon Josefsson.
  o Support for the "arcfour128" cipher as per RFC 4345 for libgcrypt
    and OpenSSL.  It is preferred over the normal "arcfour" cipher
    which is somewhat broken.  By Simon Josefsson.
  o Add support for GCC visibility features.  By Cristian Rodr<64>guez.
  o Fix libssh2_channel_forward_accept.  By Juzna.
  o Generate Win32 files correctly.   By Peter Stuge.
  o Fix permission issue in ssh2 self test.  By Dan Fandrich.
  o Use memmove instead of memcpy in one place which copies
    overlapping memory areas.
  o Cleanup hard coding of cipher modes in libgcrypt backend.  By Simon.
  o Added man page for libssh2_knownhost_free.  By Daniel.
 Version 1.2.1 (September 28, 2009)
 * This release includes the following changes:
  o generate and install libssh2.pc
  ... and the following bugfixes:
  o proper return codes returned from several functions
  o return EAGAIN internal cleanup
  o added knownhost.c to windows makefiles
  o pass private-key to OpenSSL as a filename with BIO_new_file().
  o make libssh2_scp_send/recv do blocking mode correctly
  o libssh2_channel_wait_closed() could hang
  o libssh2_channel_read_ex() must return 0 when closed
  o added gettimeofday() function for win32 for the debug trace outputs
  o transport layer bug causing invalid -39 (LIBSSH2_ERROR_BAD_USE) errors
  o scp examples now loop correctly over libssh2_channel_write()
 * (August 29 2009) Daniel Stenberg:
 - I fixed all code to use the recently added dedicated linked list functions
   instead of doing the same stuff spread out all over.
 - I also fixed a few cases where local variables where used to keep memory
   but was used to keep state for re-invokes due to non-blocking situations
   which would lead to segfaults.
 Version 1.2 (August 10, 2009)
 -----------------------------
 * (August 02 2009) Alexander Lamaison:
 - changed _libssh2_rsa_new_private and _libssh2_rsa_new_private so that they
   no longer use the OpenSSL functions that take a FILE* argument.  Passing
   CRT-created objects across a DLL boundary causes crashes on Windows of the
   DLL and the client aren't linked to the exact same verison of the CRT. Now
   we pass the keys as strings to avoid this issue.
 * (May 29 2009) Daniel Stenberg:
 - Updated the knownhost API and there are now 9 functions, and all of them
   have man pages. The libssh2.h now defines HAVE_LIBSSH2_KNOWNHOST_API to
   ease things for applications to check for the correct release before trying
   to use it.
 * (May 23 2009) Daniel Stenberg:
 - Anonymous bug report #2795816 revealed that doing subsequent
   libssh2_sftp_init() calls on the same session failed.
 * (May 20 2009) Daniel Stenberg:
  - made libssh2_sftp_write() properly deal with huge/any sized input buffers.
  - fixed libssh2_channel_write_ex() to return the correct return code, and
    deal with sending off huge buffers better
 * (May 7 2009) Daniel Stenberg:
  - linked list code. I got a bit tired of the fact that we don't have any
    generic linked-list functions within libssh2 so I wrote up the first embryo
    for one that I use for this new functionality. The plan would then be to
    move all existing code that uses linked lists to use this new set.
  - base64 encode. I had to add a base64 encoding function which was missing
    in the code base so it helps to "bloat" my patch.
  - The knownhost API is currently:
    _init() - init a bundle of known hosts
    _add()  - add a known host
    _del()  - delete a known host
    _free() - free an entire bundle of known hosts
    _check() - check if a host+key is present in the bundle
    The convenience function:
    _parsefile() - reads a ~/.ssh/known_hosts file and add all entries to the
                   given bundle
   - there's no docs other than some comments in the code/headers yet
  - the patch includes changes to example/simple/ssh2_exec.c that makes use of
    a few of these functions. Using that I've verified that the functions in
    fact can verify my localhost's key agains my ~/.ssh/known_hosts file
 * (Apr 30 2009) Daniel Stenberg:
  Markus posted a bug report about a bad 0-return from libssh2_channel_read:
  http://libssh2.haxx.se/mail/libssh2-devel-archive-2009-04/0076.shtml
  And it was indeed a bad loop that terminated too early due to a receveived
  close packet.
 * (Apr 14 2009) Daniel Stenberg:
  libssh2_poll() and libssh2_poll_channel_read() are now considered and
  documented deprecated and they will be removed at next soname bump. It also
  saves us from fixing some rather quirky bugs in libssh2_poll()...
 Version 1.1 (April 2, 2009)
 ---------------------------
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 !include "win32/config.mk"
-# SUBDIRS=src example\simple
+# SUBDIRS=src example
 SUBDIRS=src
 all-sub:
--- a/2
+++ b/2
@@ -6,7 +6,7 @@ the revised BSD license.
 Web site: http://www.libssh2.org/
-Mailing list: https://lists.sourceforge.net/lists/listinfo/libssh2-devel
+Mailing list: http://cool.haxx.se/mailman/listinfo/libssh2-devel
 Generic installation instructions are in INSTALL.  Some ./configure
 options deserve additional comments:
--- a/18
+++ b/18
@@ -0,0 +1,18 @@
 libssh2 1.2.4
 This release includes the following changes:
 o 
 This release includes the following bugfixes:
 o Resolve compile issues on Solaris x64 and UltraSPARC
 o Allow compiling with OpenSSL when AES isn't available
 o Fix Tru64 socklen_t compile issue with example/direct_tcpip.c
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 Dan Fandrich, Dave McCaldon, Peter Stuge
        Thanks! (and sorry if I forgot to mention someone)
--- a/34
+++ b/34
@@ -1,19 +1,14 @@
 Things TODO
 ===========
-* Add one of the missing man pages:
+* make sure the windowing code adapts better to slow situations so that it
  doesn't then use as much memory as today
-  libssh2_channel_receive_window_adjust
+* Introduce a 'libssh2_socket_t' type for sockets in internal code
-  libssh2_channel_request_pty_size_ex
+
-  libssh2_channel_window_read_ex
+* Provide a libssh2_scp_send() API for files larger than 4GB (32bit size)
-  libssh2_channel_window_write_ex
+
-  libssh2_publickey_add_ex
+* Add more info to the man pages.
  libssh2_publickey_init
  libssh2_publickey_list_fetch
  libssh2_publickey_list_free
  libssh2_publickey_remove_ex
  libssh2_publickey_shutdown
  libssh2_userauth_hostbased_fromfile_ex
 * Decrease the number of mallocs. Everywhere.
@@ -21,8 +16,9 @@ Things TODO
 * Extend the test suite to actually test lots of aspects of libssh2
-* libssh2_channel_receive_window_adjust() can return EAGAIN while documented
+* Fix all compiler warnings (some can't be done without API changes)
-  to return the window as an "unsigned long".
+
 * Expose error messages sent by the server
 At next SONAME bump
 ===================
@@ -30,9 +26,19 @@ At next SONAME bump
 * stop using #defined macros as part of the official API. The macros should
  either be turned into real functions or discarded from the API.
 * fix the parts of the API where object pointers and function pointers are
  mixed like libssh2_session_callback_set()
 * remove the following functions from the API/ABI
  libssh2_base64_decode()
  libssh2_session_flag()
  libssh2_channel_handle_extended_data()
  libssh2_channel_receive_window_adjust()
  libssh2_poll()
  libssh2_poll_channel_read()
 * Rename a few function:
  libssh2_hostkey_hash => libssh2_session_hostkey_hash
  libssh2_banner_set => libssh2_session_banner_set
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -288,3 +288,97 @@ dnl end of non-blocking try-compile test
    AC_MSG_WARN([non-block sockets disabled])
  fi
 ])
 dnl CURL_CHECK_NEED_REENTRANT_SYSTEM
 dnl -------------------------------------------------
 dnl Checks if the preprocessor _REENTRANT definition
 dnl must be unconditionally done for this platform.
 dnl Internal macro for CURL_CONFIGURE_REENTRANT.
 AC_DEFUN([CURL_CHECK_NEED_REENTRANT_SYSTEM], [
  case $host in
    *-*-solaris* | *-*-hpux*)
      tmp_need_reentrant="yes"
      ;;
    *)
      tmp_need_reentrant="no"
      ;;
  esac
 ])
 dnl CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT
 dnl -------------------------------------------------
 dnl This macro ensures that configuration tests done
 dnl after this will execute with preprocessor symbol
 dnl _REENTRANT defined. This macro also ensures that
 dnl the generated config file defines NEED_REENTRANT
 dnl and that in turn setup.h will define _REENTRANT.
 dnl Internal macro for CURL_CONFIGURE_REENTRANT.
 AC_DEFUN([CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT], [
 AC_DEFINE(NEED_REENTRANT, 1,
  [Define to 1 if _REENTRANT preprocessor symbol must be defined.])
 cat >>confdefs.h <<_EOF
 #ifndef _REENTRANT
 #  define _REENTRANT
 #endif
 _EOF
 ])
 dnl CURL_CONFIGURE_REENTRANT
 dnl -------------------------------------------------
 dnl This first checks if the preprocessor _REENTRANT
 dnl symbol is already defined. If it isn't currently
 dnl defined a set of checks are performed to verify
 dnl if its definition is required to make visible to
 dnl the compiler a set of *_r functions. Finally, if
 dnl _REENTRANT is already defined or needed it takes
 dnl care of making adjustments necessary to ensure
 dnl that it is defined equally for further configure
 dnl tests and generated config file.
 AC_DEFUN([CURL_CONFIGURE_REENTRANT], [
  AC_PREREQ([2.50])dnl
  #
  AC_MSG_CHECKING([if _REENTRANT is already defined])
  AC_COMPILE_IFELSE([
    AC_LANG_PROGRAM([[
    ]],[[
 #ifdef _REENTRANT
      int dummy=1;
 #else
      force compilation error
 #endif
    ]])
  ],[
    AC_MSG_RESULT([yes])
    tmp_reentrant_initially_defined="yes"
  ],[
    AC_MSG_RESULT([no])
    tmp_reentrant_initially_defined="no"
  ])
  #
  if test "$tmp_reentrant_initially_defined" = "no"; then
    AC_MSG_CHECKING([if _REENTRANT is actually needed])
    CURL_CHECK_NEED_REENTRANT_SYSTEM
    if test "$tmp_need_reentrant" = "yes"; then
      AC_MSG_RESULT([yes])
    else
      AC_MSG_RESULT([no])
    fi
  fi
  #
  AC_MSG_CHECKING([if _REENTRANT is onwards defined])
  if test "$tmp_reentrant_initially_defined" = "yes" ||
    test "$tmp_need_reentrant" = "yes"; then
    CURL_CONFIGURE_FROM_NOW_ON_WITH_REENTRANT
    AC_MSG_RESULT([yes])
  else
    AC_MSG_RESULT([no])
  fi
  #
 ])
--- a/20
+++ b/20
@@ -1,11 +1,27 @@
 #!/bin/sh
-${LIBTOOLIZE:-libtoolize} --copy --automake --force
+LIBTOOLIZE="libtoolize"
 if [ "x`which $LIBTOOLIZE`" == "x" ];
 then
  LIBTOOLIZE="glibtoolize";
 fi
 if [ "x`which $LIBTOOLIZE`" == "x" ];
 then
  echo "Neither libtoolize nor glibtoolize could be found!";
  exit 1
 fi
 ${LIBTOOLIZE} --copy --automake --force
 ${ACLOCAL:-aclocal} -I m4 $ACLOCAL_FLAGS
 ${AUTOHEADER:-autoheader}
 # copy the private libssh2_config.h.in to the examples dir so that
 # it can be included without pointing the include path to the private
 # source dir
-cp src/libssh2_config.h.in example/simple/config.h.in
+cp src/libssh2_config.h.in example/libssh2_config.h.in
 ${AUTOCONF:-autoconf}
 ${AUTOMAKE:-automake} --add-missing --copy
--- a/configure.ac
+++ b/configure.ac
@@ -1,8 +1,8 @@
 # AC_PREREQ(2.57)
-AC_INIT(libssh2, [-], libssh2-devel@lists.sourceforge.net)
+AC_INIT(libssh2, [-], libssh2-devel@cool.haxx.se)
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([src])
-AC_CONFIG_HEADER([src/libssh2_config.h])
+AM_CONFIG_HEADER([src/libssh2_config.h example/libssh2_config.h])
 AM_MAINTAINER_MODE
 dnl SED is needed by some of the tools
@@ -41,6 +41,9 @@ case "$host" in
 	;;
    *hpux*)
    ;;
    *osf*)
    CFLAGS="$CFLAGS -D_POSIX_PII_SOCKET"
    ;;
    *)
    ;;
 esac
@@ -50,6 +53,10 @@ AC_CHECK_TYPE(long long,
      [Define to 1 if the compiler supports the 'long long' data type.])]
   longlong="yes"
 )
 dnl Our configure and build reentrant settings
 CURL_CONFIGURE_REENTRANT
 # Some systems (Solaris?) have socket() in -lsocket.
 AC_SEARCH_LIBS(socket, socket)
@@ -158,11 +165,51 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
       AC_MSG_RESULT(no)
 )
 dnl ************************************************************
 dnl Enable hiding of internal symbols in library to reduce its size and
 dnl speed dynamic linking of applications.  This currently is only supported
 dnl on gcc >= 4.0 and SunPro C.
 dnl
 AC_MSG_CHECKING([whether to enable hidden symbols in the library])
 AC_ARG_ENABLE(hidden-symbols,
 AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library])
 AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]),
 [ case "$enableval" in
  no)
       AC_MSG_RESULT(no)
       ;;
  *)
       AC_MSG_CHECKING([whether $CC supports it])
       if test "$GCC" = yes ; then
         if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then
           AC_MSG_RESULT(yes)
           AC_DEFINE(LIBSSH2_API, [__attribute__ ((visibility ("default")))], [to make a symbol visible])
           CFLAGS="$CFLAGS -fvisibility=hidden"
         else
            AC_MSG_RESULT(no)
          fi
       else
         dnl Test for SunPro cc
         if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then
           AC_MSG_RESULT(yes)
           AC_DEFINE(LIBSSH2_API, [__global], [to make a symbol visible])
           CFLAGS="$CFLAGS -xldscope=hidden"
         else
           AC_MSG_RESULT(no)
         fi
       fi
       ;;
  esac ],
       AC_MSG_RESULT(no)
 )
 # Checks for header files.
 # AC_HEADER_STDC
 AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h])
 AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h])
 AC_CHECK_HEADERS([arpa/inet.h netinet/in.h])
 AC_CHECK_HEADERS([sys/un.h])
 case $host in
  *-*-cygwin* | *-*-cegcc*)
@@ -209,6 +256,6 @@ AC_CONFIG_FILES([Makefile
                 src/Makefile
                 tests/Makefile
                 example/Makefile
-                 example/simple/Makefile
+                 docs/Makefile
-                 docs/Makefile])
+                 libssh2.pc])
 AC_OUTPUT
--- a/docs/.gitignore
+++ b/docs/.gitignore
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -3,7 +3,15 @@
 EXTRA_DIST = template.3
 dist_man_MANS = \
 	libssh2_agent_connect.3 \
 	libssh2_agent_disconnect.3 \
 	libssh2_agent_free.3 \
 	libssh2_agent_get_identity.3 \
 	libssh2_agent_init.3 \
 	libssh2_agent_list_identities.3 \
 	libssh2_agent_userauth.3 \
 	libssh2_banner_set.3 \
 	libssh2_base64_decode.3 \
 	libssh2_channel_close.3 \
 	libssh2_channel_direct_tcpip_ex.3 \
 	libssh2_channel_eof.3 \
@@ -21,23 +29,48 @@ dist_man_MANS = \
 	libssh2_channel_receive_window_adjust.3 \
 	libssh2_channel_receive_window_adjust2.3 \
 	libssh2_channel_request_pty_ex.3 \
 	libssh2_channel_request_pty_size_ex.3 \
 	libssh2_channel_send_eof.3 \
 	libssh2_channel_set_blocking.3 \
 	libssh2_channel_setenv_ex.3 \
 	libssh2_channel_wait_eof.3 \
 	libssh2_channel_wait_closed.3 \
 	libssh2_channel_wait_eof.3 \
 	libssh2_channel_window_read_ex.3 \
 	libssh2_channel_window_write_ex.3 \
 	libssh2_channel_write_ex.3 \
 	libssh2_channel_x11_req_ex.3 \
 	libssh2_free_host_entry.3 \
 	libssh2_host_entry_match.3 \
 	libssh2_hostkey_hash.3 \
 	libssh2_knownhost_add.3 \
 	libssh2_knownhost_check.3 \
 	libssh2_knownhost_del.3 \
 	libssh2_knownhost_get.3 \
 	libssh2_knownhost_init.3 \
 	libssh2_knownhost_free.3 \
 	libssh2_knownhost_readfile.3 \
 	libssh2_knownhost_readline.3 \
 	libssh2_knownhost_writefile.3 \
 	libssh2_knownhost_writeline.3 \
 	libssh2_new_host_entry.3 \
 	libssh2_poll.3 \
 	libssh2_poll_channel_read.3 \
 	libssh2_publickey_add_ex.3 \
 	libssh2_publickey_init.3 \
 	libssh2_publickey_list_fetch.3 \
 	libssh2_publickey_list_free.3 \
 	libssh2_publickey_remove_ex.3 \
 	libssh2_publickey_shutdown.3 \
 	libssh2_scp_recv.3 \
 	libssh2_scp_send_ex.3 \
 	libssh2_session_abstract.3 \
 	libssh2_session_block_directions.3 \
 	libssh2_session_callback_set.3 \
 	libssh2_session_free.3 \
 	libssh2_session_disconnect_ex.3 \
 	libssh2_session_flag.3 \
 	libssh2_session_free.3 \
 	libssh2_session_get_blocking.3 \
 	libssh2_session_hostkey.3 \
 	libssh2_session_init_ex.3 \
 	libssh2_session_last_errno.3 \
 	libssh2_session_last_error.3 \
@@ -45,14 +78,12 @@ dist_man_MANS = \
 	libssh2_session_methods.3 \
 	libssh2_session_set_blocking.3 \
 	libssh2_session_startup.3 \
 	libssh2_poll.3 \
 	libssh2_poll_channel_read.3 \
 	libssh2_sftp_close_handle.3 \
 	libssh2_sftp_fstat_ex.3 \
 	libssh2_sftp_last_error.3 \
 	libssh2_sftp_init.3 \
-	libssh2_sftp_open_ex.3 \
+	libssh2_sftp_last_error.3 \
 	libssh2_sftp_mkdir_ex.3 \
 	libssh2_sftp_open_ex.3 \
 	libssh2_sftp_read.3 \
 	libssh2_sftp_readdir_ex.3 \
 	libssh2_sftp_rename_ex.3 \
@@ -65,24 +96,12 @@ dist_man_MANS = \
 	libssh2_sftp_tell64.3 \
 	libssh2_sftp_unlink_ex.3 \
 	libssh2_sftp_write.3 \
 	libssh2_trace.3 \
 	libssh2_trace_sethandler.3 \
 	libssh2_userauth_authenticated.3 \
 	libssh2_userauth_hostbased_fromfile_ex.3 \
 	libssh2_userauth_keyboard_interactive_ex.3 \
 	libssh2_userauth_list.3 \
 	libssh2_userauth_password_ex.3 \
 	libssh2_userauth_publickey_fromfile_ex.3 \
 	libssh2_base64_decode.3 \
 	libssh2_trace.3 \
 	libssh2_version.3
 	libssh2_channel_request_pty_size_ex.3 \
 	libssh2_free_host_entry.3 \
 	libssh2_host_entry_match.3 \
 	libssh2_new_host_entry.3 \
 	libssh2_publickey_add_ex.3 \
 	libssh2_publickey_init.3 \
 	libssh2_publickey_list_fetch.3 \
 	libssh2_publickey_list_free.3 \
 	libssh2_publickey_remove_ex.3 \
 	libssh2_publickey_shutdown.3 \
 	libssh2_session_flag.3 \
 	libssh2_session_get_blocking.3 \
 	libssh2_userauth_hostbased_fromfile_ex.3
--- a/docs/libssh2_agent_connect.3
+++ b/docs/libssh2_agent_connect.3
@@ -0,0 +1,23 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_connect 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_connect - connect to an ssh-agent
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_agent_connect(LIBSSH2_AGENT *agent);
 .SH DESCRIPTION
 Connect to an ssh-agent running on the system.
 Call \fBlibssh2_agent_disconnect(3)\fP to close the connection after
 you're doing using it.
 .SH RETURN VALUE
 Returns 0 if succeeded, or a negative value for error.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_init(3)
 .BR libssh2_agent_disconnect(3)
--- a/docs/libssh2_agent_disconnect.3
+++ b/docs/libssh2_agent_disconnect.3
@@ -0,0 +1,20 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_disconnect 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_disconnect - close a connection to an ssh-agent
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_agent_disconnect(LIBSSH2_AGENT *agent);
 .SH DESCRIPTION
 Close a connection to an ssh-agent.
 .SH RETURN VALUE
 Returns 0 if succeeded, or a negative value for error.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_connect(3)
 .BR libssh2_agent_free(3)
--- a/docs/libssh2_agent_free.3
+++ b/docs/libssh2_agent_free.3
@@ -0,0 +1,20 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_free 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_free - free an ssh-agent handle
 .SH SYNOPSIS
 #include <libssh2.h>
 void libssh2_agent_free(LIBSSH2_AGENT *agent);
 .SH DESCRIPTION
 Free an ssh-agent handle.  This function also frees the internal
 collection of public keys.
 .SH RETURN VALUE
 None.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_init(3)
 .BR libssh2_agent_disconnect(3)
--- a/docs/libssh2_agent_get_identity.3
+++ b/docs/libssh2_agent_get_identity.3
@@ -0,0 +1,34 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_get_identity 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_get_identity - get a public key off the collection of public keys managed by ssh-agent
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_agent_get_identity(LIBSSH2_AGENT *agent,
                               struct libssh2_agent_publickey **store,
                               struct libssh2_agent_publickey *prev);
 .SH DESCRIPTION
 \fIlibssh2_agent_get_identity(3)\fP allows an application to iterate
 over all public keys in the collection managed by ssh-agent.
 \fIstore\fP should point to a pointer that gets filled in to point to the
 public key data.
 \fIprev\fP is a pointer to a previous 'struct libssh2_agent_publickey'
 as returned by a previous invoke of this function, or NULL to get the
 first entry in the internal collection.
 .SH RETURN VALUE
 Returns 0 if everything is fine and information about a host was stored in
 the \fIstore\fP struct.
 Returns 1 if it reached the end of public keys.
 Returns negative values for error
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_list_identities(3)
 .BR libssh2_agent_userauth(3)
--- a/docs/libssh2_agent_init.3
+++ b/docs/libssh2_agent_init.3
@@ -0,0 +1,26 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_init 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_init - init an ssh-agent handle
 .SH SYNOPSIS
 #include <libssh2.h>
 LIBSSH2_AGENT *libssh2_agent_init(LIBSSH2_SESSION *session);
 .SH DESCRIPTION
 Init an ssh-agent handle. Returns the handle to an internal
 representation of an ssh-agent connection.  After the successful
 initialization, an application can call \fBlibssh2_agent_connect(3)\fP
 to connect to a running ssh-agent.
 Call \fBlibssh2_agent_free(3)\fP to free the handle again after you're
 doing using it.
 .SH RETURN VALUE
 Returns a handle pointer or NULL if something went wrong. The returned handle
 is used as input to all other ssh-agent related functions libssh2 provides.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_connect(3)
 .BR libssh2_agent_free(3)
--- a/docs/libssh2_agent_list_identities.3
+++ b/docs/libssh2_agent_list_identities.3
@@ -0,0 +1,24 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_list_identities 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_list_identities - request an ssh-agent to list of public keys.
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_agent_list_identities(LIBSSH2_AGENT *agent);
 .SH DESCRIPTION
 Request an ssh-agent to list of public keys, and stores them in the
 internal collection of the handle.  Call
 \fIlibssh2_agent_get_identity(3)\fP to get a public key off the
 collection.
 .SH RETURN VALUE
 Returns 0 if succeeded, or a negative value for error.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_connect(3)
 .BR libssh2_agent_get_identity(3)
--- a/docs/libssh2_agent_userauth.3
+++ b/docs/libssh2_agent_userauth.3
@@ -0,0 +1,29 @@
 .\"
 .\" Copyright (c) 2009 by Daiki Ueno
 .\"
 .TH libssh2_agent_userauth 3 "23 Dec 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_agent_userauth - authenticate a session with a public key, with the help of ssh-agent
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_agent_userauth(LIBSSH2_AGENT *agent,
                           const char *username,
                           struct libssh2_agent_publickey *identity);
 .SH DESCRIPTION
 \fIagent\fP - ssh-agent handle as returned by 
 .BR libssh2_agent_init(3)
 \fIusername\fP - Remote user name to authenticate as.
 \fIidentity\fP - Public key to authenticate with, as returned by 
 .BR libssh2_agent_get_identity(3)
 Attempt public key authentication with the help of ssh-agent.
 .SH RETURN VALUE
 Returns 0 if succeeded, or a negative value for error.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_agent_init(3)
 .BR libssh2_agent_get_identity(3)
--- a/docs/libssh2_channel_direct_tcpip_ex.3
+++ b/docs/libssh2_channel_direct_tcpip_ex.3
@@ -13,16 +13,16 @@ LIBSSH2_CHANNEL *
 libssh2_channel_direct_tcpip(LIBSSH2_SESSION *session, const char *host, int port);
 .SH DESCRIPTION
-/fIsession/fP - Session instance as returned by 
+\fIsession\fP - Session instance as returned by 
 .BR libssh2_session_init_ex(3)
-/fIhost/fP - Third party host to connect to using the SSH host as a proxy.
+\fIhost\fP - Third party host to connect to using the SSH host as a proxy.
-/fIport/fP - Port on third party host to connect to.
+\fIport\fP - Port on third party host to connect to.
-/fIshost/fP - Host to tell the SSH server the connection originated on.
+\fIshost\fP - Host to tell the SSH server the connection originated on.
-/fIsport/fP - Port to tell the SSH server the connection originated from.
+\fIsport\fP - Port to tell the SSH server the connection originated from.
 Tunnel a TCP/IP connection through the SSH transport via the remote host to 
 a third party. Communication from the client to the SSH server remains 
--- a/docs/libssh2_channel_forward_cancel.3
+++ b/docs/libssh2_channel_forward_cancel.3
@@ -10,7 +10,7 @@ int
 libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener);
 .SH DESCRIPTION
-/fIlistener/fP - Forwarding listener instance as returned by 
+\fIlistener\fP - Forwarding listener instance as returned by 
 .BR libssh2_channel_forward_listen_ex(3)
 Instruct the remote host to stop listening for new connections on a previously requested host/port.
--- a/docs/libssh2_channel_read_ex.3
+++ b/docs/libssh2_channel_read_ex.3
@@ -35,6 +35,9 @@ macros.
 Actual number of bytes read or negative on failure. It returns
 LIBSSH2_ERROR_EAGAIN when it would otherwise block. While
 LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 Note that a return value of zero (0) can in fact be a legitimate value and
 only signals that no payload data was read. It is not an error.
 .SH ERRORS
 \fILIBSSH2_ERROR_SOCKET_SEND\fP - Unable to send data on socket.
--- a/docs/libssh2_knownhost_add.3
+++ b/docs/libssh2_knownhost_add.3
@@ -0,0 +1,58 @@
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_add 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_add - add a known host
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
                          char *host, char *salt,
                          char *key, size_t keylen,
                          int typemask,
                          struct libssh2_knownhost **store);
 .SH DESCRIPTION
 Adds a known host to the collection of known hosts identified by the 'hosts'
 handle.
 \fIhost\fP is a pointer the host name in plain text or hashed. If hashed, it
 must be provided base64 encoded. The host name can be the IP numerical address
 of the host or the full name.
 \fIsalt\P is a pointer to the salt used for the host hashing, if the host is
 provided hashed. If the host is provided in plain text, salt has no meaning.
 The salt has to be provided base64 encoded with a trailing zero byte.
 \fIkey\fP is a pointer to the key for the given host.
 \fIkeylen\fP is the total size in bytes of the key pointed to by the \fIkey\fP
 argument
 \fItypemask\fP is a bitmask that specifies format and info about the data
 passed to this function. Specificly, it details what format the host name is,
 what format the key is and what key type it is.
 The host name is given as one of the following types:
 LIBSSH2_KNOWNHOST_TYPE_PLAIN, LIBSSH2_KNOWNHOST_TYPE_SHA1 or
 LIBSSH2_KNOWNHOST_TYPE_CUSTOM.
 The key is encoded using one of the following encodings:
 LIBSSH2_KNOWNHOST_KEYENC_RAW or LIBSSH2_KNOWNHOST_KEYENC_BASE64.
 The key is using one of these algorithms:
 LIBSSH2_KNOWNHOST_KEY_RSA1, LIBSSH2_KNOWNHOST_KEY_SSHRSA or
 LIBSSH2_KNOWNHOST_KEY_SSHDSS.
 \fIstore\fP should point to a pointer that gets filled in to point to the
 known host data after the addition. NULL can be passed if you don't care about
 this pointer.
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_init(3)
 .BR libssh2_knownhost_free(3)
 .BR libssh2_knownhost_check(3)
--- a/docs/libssh2_knownhost_check.3
+++ b/docs/libssh2_knownhost_check.3
@@ -0,0 +1,57 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_check 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_check - check a host+key against the list of known hosts
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_check(LIBSSH2_KNOWNHOSTS *hosts,
                            char *host, char *key, size_t keylen,
                            int typemask,
                            struct libssh2_knownhost **knownhost);
 .SH DESCRIPTION
 Checks a host and its associated key against the collection of known hosts,
 and returns info back about the (partially) matched entry.
 \fIhost\fP is a pointer the host name in plain text. The host name can be the
 IP numerical address of the host or the full name.
 \fIkey\fP is a pointer to the key for the given host.
 \fIkeylen\fP is the total size in bytes of the key pointed to by the \fIkey\fP
 argument
 \fItypemask\fP is a bitmask that specifies format and info about the data
 passed to this function. Specificly, it details what format the host name is,
 what format the key is and what key type it is.
 The host name is given as one of the following types:
 LIBSSH2_KNOWNHOST_TYPE_PLAIN or LIBSSH2_KNOWNHOST_TYPE_CUSTOM.
 The key is encoded using one of the following encodings:
 LIBSSH2_KNOWNHOST_KEYENC_RAW or LIBSSH2_KNOWNHOST_KEYENC_BASE64.
 \fIknownhost\fP if set to non-NULL, it must be a pointer to a 'struct
 libssh2_knownhost' pointer that gets filled in to point to info about a known
 host that matches or partially matches.
 .SH RETURN VALUE
 \fIlibssh2_knownhost_check(3)\fP returns info about how well the provided
 host + key pair matched one of the entries in the list of known hosts.
 LIBSSH2_KNOWNHOST_CHECK_FAILURE - something prevented the check to be made
 LIBSSH2_KNOWNHOST_CHECK_NOTFOUND - no host match was found
 LIBSSH2_KNOWNHOST_CHECK_MATCH - hosts and keys match.
 LIBSSH2_KNOWNHOST_CHECK_MISMATCH - host was found, but the keys didn't match!
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH EXAMPLE
 See the ssh2_exec.c example as provided in the tarball.
 .SH SEE ALSO
 .BR libssh2_knownhost_init(3)
 .BR libssh2_knownhost_free(3)
 .BR libssh2_knownhost_add(3)
--- a/docs/libssh2_knownhost_del.3
+++ b/docs/libssh2_knownhost_del.3
@@ -0,0 +1,26 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_del 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_del - delete a known host entry
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_del(LIBSSH2_KNOWNHOSTS *hosts,
                          struct libssh2_knownhost *entry);
 .SH DESCRIPTION
 Delete a known host entry from the collection of known hosts.
 \fIentry\fP is a pointer to a struct that you can extract with
 \fIlibssh2_knownhost_check(3)\fP or \fIlibssh2_knownhost_get(3)\fP.
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_init(3)
 .BR libssh2_knownhost_free(3)
 .BR libssh2_knownhost_add(3)
 .BR libssh2_knownhost_check(3)
--- a/docs/libssh2_knownhost_free.3
+++ b/docs/libssh2_knownhost_free.3
@@ -0,0 +1,20 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_free 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_free - free a collection of known hosts
 .SH SYNOPSIS
 #include <libssh2.h>
 void libssh2_knownhost_free(LIBSSH2_KNOWNHOSTS *hosts);
 .SH DESCRIPTION
 Free a collection of known hosts.
 .SH RETURN VALUE
 None.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_init(3)
 .BR libssh2_knownhost_add(3)
 .BR libssh2_knownhost_check(3)
--- a/docs/libssh2_knownhost_get.3
+++ b/docs/libssh2_knownhost_get.3
@@ -0,0 +1,35 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_get 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_get - get a known host off the collection of known hosts
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_get(LIBSSH2_KNOWNHOSTS *hosts,
                          struct libssh2_knownhost **store,
                          struct libssh2_knownhost *prev):
 .SH DESCRIPTION
 \fIlibssh2_knownhost_get(3)\fP allows an application to iterate over all known
 hosts in the collection.
 \fIstore\fP should point to a pointer that gets filled in to point to the
 known host data.
 \fIprev\fP is a pointer to a previous 'struct libssh2_knownhost' as returned
 by a previous invoke of this function, or NULL to get the first entry in the
 internal collection.
 .SH RETURN VALUE
 Returns 0 if everything is fine and information about a host was stored in
 the \fIstore\fP struct.
 Returns 1 if it reached the end of hosts.
 Returns negative values for error
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_readfile(3)
 .BR libssh2_knownhost_writefile(3)
 .BR libssh2_knownhost_add(3)
--- a/docs/libssh2_knownhost_init.3
+++ b/docs/libssh2_knownhost_init.3
@@ -0,0 +1,25 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_init 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_init - init a collection of known hosts
 .SH SYNOPSIS
 #include <libssh2.h>
 LIBSSH2_KNOWNHOSTS *libssh2_knownhost_init(LIBSSH2_SESSION *session);
 .SH DESCRIPTION
 Init a collection of known hosts for this session. Returns the handle to an
 internal representation of a known host collection.
 Call \fBlibssh2_knownhost_free(3)\fP to free the collection again after you're
 doing using it.
 .SH RETURN VALUE
 Returns a handle pointer or NULL if something went wrong. The returned handle
 is used as input to all other known host related functions libssh2 provides.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_free(3)
 .BR libssh2_knownhost_add(3)
 .BR libssh2_knownhost_check(3)
--- a/docs/libssh2_knownhost_readfile.3
+++ b/docs/libssh2_knownhost_readfile.3
@@ -0,0 +1,29 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_readfile 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_readfile - parse a file of known hosts
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
                               const char *filename, int type);
 .SH DESCRIPTION
 Reads a collection of known hosts from a specified file and adds them to the
 collection of known hosts.
 \fIfilename\fP specifies which file to read
 \fItype\fP specifies what file type it is, and
 \fILIBSSH2_KNOWNHOST_FILE_OPENSSH\fP is the only currently supported
 format. This file is normally found named ~/.ssh/known_hosts
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_init(3)
 .BR libssh2_knownhost_free(3)
 .BR libssh2_knownhost_check(3)
--- a/docs/libssh2_knownhost_readline.3
+++ b/docs/libssh2_knownhost_readline.3
@@ -0,0 +1,30 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_readline 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_readline - read a known host line
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_readline(LIBSSH2_KNOWNHOSTS *hosts,
                               const char *line, size_t len, int type):
 .SH DESCRIPTION
 Tell libssh2 to read a buffer as it if is a line from a known hosts file.
 \fIline\fP points to the start of the line
 \fIlen\fP is the length of the line in bytes
 \fItype\fP specifies what file type it is, and
 \fILIBSSH2_KNOWNHOST_FILE_OPENSSH\fP is the only currently supported
 format. This file is normally found named ~/.ssh/known_hosts
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_get(3)
 .BR libssh2_knownhost_writeline(3)
 .BR libssh2_knownhost_readfile(3)
--- a/docs/libssh2_knownhost_writefile.3
+++ b/docs/libssh2_knownhost_writefile.3
@@ -0,0 +1,29 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_writefile 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_writefile - write a collection of known hosts to a file
 .SH SYNOPSIS
 #include <libssh2.h>
 int libssh2_knownhost_writefile(LIBSSH2_KNOWNHOSTS *hosts,
                                const char *filename, int type);
 .SH DESCRIPTION
 Writes all the known hosts to the specified file using the specified file
 format.
 \fIfilename\fP specifies what filename to create
 \fItype\fP specifies what file type it is, and
 \fILIBSSH2_KNOWNHOST_FILE_OPENSSH\fP is the only currently supported
 format.
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_readfile(3)
 .BR libssh2_knownhost_add(3)
--- a/docs/libssh2_knownhost_writeline.3
+++ b/docs/libssh2_knownhost_writeline.3
@@ -0,0 +1,46 @@
 .\"
 .\" Copyright (c) 2009 by Daniel Stenberg
 .\"
 .TH libssh2_knownhost_writeline 3 "28 May 2009" "libssh2 1.2" "libssh2 manual"
 .SH NAME
 libssh2_knownhost_writeline - convert a known host to a line for storage
 .SH SYNOPSIS
 #include <libssh2.h>
 libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
                            struct libssh2_knownhost *known,
                            char *buffer, size_t buflen,
                            size_t *outlen,
                            int type);
 .SH DESCRIPTION
 Converts a single known host to a single line of output for storage, using
 the 'type' output format.
 \fIknown\fP identifies which particular known host
 \fIbuffer\fP points to an allocated buffer
 \fIbuflen\fP is the size of the \fIbuffer\fP. See RETURN VALUE about the size.
 \fIoutlen\fP must be a pointer to a size_t variable that will get the output
 length of the stored data chunk. The number does not included the trailing
 zero!
 \fItype\fP specifies what file type it is, and
 \fILIBSSH2_KNOWNHOST_FILE_OPENSSH\fP is the only currently supported
 format.
 .SH RETURN VALUE
 Returns a regular libssh2 error code, where negative values are error codes
 and 0 indicates success.
 If the provided buffer is deemed too small to fit the data libssh2 wants to
 store in it, LIBSSH2_ERROR_BUFFER_TOO_SMALL will be returned. The application
 is then adviced to call the function again with a larger buffer. The
 \fIoutlen\fP size will then hold the requested size.
 .SH AVAILABILITY
 Added in libssh2 1.2
 .SH SEE ALSO
 .BR libssh2_knownhost_get(3)
 .BR libssh2_knownhost_readline(3)
 .BR libssh2_knownhost_writefile(3)
--- a/docs/libssh2_poll.3
+++ b/docs/libssh2_poll.3
@@ -1,4 +1,4 @@
-.\" $Id: libssh2_poll.3,v 1.3 2007/06/13 12:51:11 jehousley Exp $
+.\" $Id: libssh2_poll.3,v 1.4 2009/04/14 21:38:36 bagder Exp $
 .\"
 .TH libssh2_poll 3 "14 Dec 2006" "libssh2 0.15" "libssh2 manual"
 .SH NAME
@@ -8,6 +8,8 @@ libssh2_poll - poll for activity on a socket, channel or listener
 int libssh2_poll(LIBSSH2_POLLFD *fds, unsigned int nfds, long timeout);
 .SH DESCRIPTION
 This function is deprecated. Do note use.
 Poll for activity on a socket, channel, listener, or any combination of these
 three types. The calling semantics for this function generally match
 \fIpoll(2)\fP however the structure of fds is somewhat more complex in order
--- a/docs/libssh2_poll_channel_read.3
+++ b/docs/libssh2_poll_channel_read.3
@@ -1,4 +1,4 @@
-.\" $Id: libssh2_poll_channel_read.3,v 1.2 2007/06/13 12:51:11 jehousley Exp $
+.\" $Id: libssh2_poll_channel_read.3,v 1.3 2009/04/14 21:38:36 bagder Exp $
 .\"
 .TH libssh2_poll_channel_read 3 "14 Dec 2006" "libssh2 0.15" "libssh2 manual"
 .SH NAME
@@ -8,6 +8,8 @@ libssh2_poll_channel_read - check if data is available
 int libssh2_poll_channel_read(LIBSSH2_CHANNEL *channel, int extended);
 .SH DESCRIPTION
 This function is deprecated. Do note use.
 \fIlibssh2_poll_channel_read(3)\fP checks to see if data is available in the
 \fIchannel\fP's read buffer. No attempt is made with this method to see if
 packets are available to be processed. For full polling support, use
--- a/docs/libssh2_scp_recv.3
+++ b/docs/libssh2_scp_recv.3
@@ -13,7 +13,8 @@ libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat *sb);
 \fIsession\fP - Session instance as returned by 
 .BR libssh2_session_init_ex(3)
-\fIpath\fP - Full path and filename of file to transfer
+\fIpath\fP - Full path and filename of file to transfer. That is the remote
 file name.
 \fIsb\fP - Populated with remote file's size, mode, mtime, and atime
--- a/docs/libssh2_scp_send_ex.3
+++ b/docs/libssh2_scp_send_ex.3
@@ -12,7 +12,8 @@ libssh2_scp_send_ex(LIBSSH2_SESSION *session, const char *path, int mode, size_t
 \fIsession\fP - Session instance as returned by 
 .BR libssh2_session_init_ex(3)
-\fIpath\fP - Full path and filename of file to transfer
+\fIpath\fP - Full path and filename of file to transfer to. That is the remote
 file name.
 \fImode\fP - File access mode to create file with
--- a/docs/libssh2_session_hostkey.3
+++ b/docs/libssh2_session_hostkey.3
@@ -0,0 +1,23 @@
 .\" $Id: session_hostkey.3,v 1.4 2007/06/13 16:41:33 jehousley Exp $
 .\"
 .TH libssh2_session_hostkey 3 "1 Jun 2007" "libssh2 0.15" "libssh2 manual"
 .SH NAME
 libssh2_session_hostkey - get the remote key
 .SH SYNOPSIS
 #include <libssh2.h>
 const char *libssh2_session_hostkey(LIBSSH2_SESSION *session,
                                    size_t *len, int *type);
 .SH DESCRIPTION
 Returns a pointer to the current host key, the value \fIlen\fP points to will
 get the length of the key.
 The value \fItype\fP points to the type of hostkey which is one of:
 LIBSSH2_HOSTKEY_TYPE_RSA, LIBSSH2_HOSTKEY_TYPE_DSS, or
 LIBSSH2_HOSTKEY_TYPE_UNKNOWN.
 .SH RETURN VALUE
 A pointer, or NULL if something went wrong.
 .SH SEE ALSO
 .BR libssh2_knownhost_check(3)
 .BR libssh2_knownhost_add(3)
--- a/docs/libssh2_sftp_close_handle.3
+++ b/docs/libssh2_sftp_close_handle.3
@@ -20,14 +20,10 @@ libssh2_sftp_closedir(LIBSSH2_SFTP_HANDLE *handle);
 \fIhandle\fP - SFTP File Handle as returned by \fBlibssh2_sftp_open_ex(3)\fP
 or \fBlibssh2_sftp_opendir(3)\fP (which is a macro).
-Close an active LIBSSH2_SFTP_HANDLE. Because files and directories 
+Close an active LIBSSH2_SFTP_HANDLE. Because files and directories share the
-share the same underlying storage mechanism these methods may be used 
+same underlying storage mechanism these methods may be used
-interchangably. It is recommended that 
+interchangably. \fBlibssh2_sftp_close(3)\fP and \fBlibssh2_sftp_closedir(3)\fP
-.BR libssh2_sftp_closedir()
+are macros for \fBlibssh2_sftp_close_handle(3)\fP.
 be used for files and that 
 .BR libssh2_sftp_closedir()
 be used for directories so that future changes in the library may cause
 minimal disruption. Both are macros for \fBlibssh2_sftp_close_handle\fP.
 .SH RETURN VALUE
 Return 0 on success or negative on failure.  It returns
--- a/docs/libssh2_sftp_write.3
+++ b/docs/libssh2_sftp_write.3
@@ -11,21 +11,26 @@ ssize_t
 libssh2_sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer, size_t count);
 .SH DESCRIPTION
-\fIhandle\fP - SFTP File Handle as returned by 
+\fIhandle\fP - SFTP file handle as returned by \fIlibssh2_sftp_open_ex(3)\fP.
 .BR libssh2_sftp_open_ex(3)
-\fIbuffer\fP - Pre-initialized data buffer to write to the LIBSSH2_SFTP_HANDLE.
+\fIbuffer\fP - points to the data to send off
-\fIcount\fP - Number of bytes from buffer to write. Note that it may not 
+\fIcount\fP - Number of bytes from 'buffer' to write. Note that it may not be
-be possible to write all bytes as requested.
+possible to write all bytes as requested.
 Write a block of data to a LIBSSH2_SFTP_HANDLE. This method is modeled after the POSIX write() function and uses the same calling semantics.
 \fBlibssh2_sftp_write(3)\fP writes a block of data to the SFTP server. This
 method is modeled after the POSIX write() function and uses the same calling
 semantics.
 .SH RETURN VALUE
-Actual number of bytes written or negative on failure.  It returns
+Actual number of bytes written or negative on failure.
 LIBSSH2_ERROR_EAGAIN when it would otherwise block. While
 LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 If used in non-blocking mode, it returns LIBSSH2_ERROR_EAGAIN when it would
 otherwise block. While LIBSSH2_ERROR_EAGAIN is a negative number, it isn't
 really a failure per se.
 If this function returns 0 (zero) it should not be considered an error, but
 simply that there was no error but yet no payload data got sent to the other
 end.
 .SH ERRORS
 \fILIBSSH2_ERROR_ALLOC\fP -  An internal memory allocation call failed.
@@ -36,6 +41,5 @@ LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 \fILIBSSH2_ERROR_SFTP_PROTOCOL\fP - An invalid SFTP protocol response was 
 received on the socket, or an SFTP operation caused an errorcode to 
 be returned by the server.
 .SH SEE ALSO
 .BR libssh2_sftp_open_ex(3)
--- a/docs/libssh2_trace.3
+++ b/docs/libssh2_trace.3
@@ -6,16 +6,18 @@ libssh2_trace - enable debug info from inside libssh2
 .SH SYNOPSIS
 #include <libssh2.h>
-void libssh2_trace(int bitmask);
+void libssh2_trace(LIBSSH2_SESSION *session, int bitmask);
 .SH DESCRIPTION
 This is a function present in the library that can be used to get debug info
 from within libssh2 when it is running. Helpful when trying to trace or debug
-behaviors. This function has no effect unless libssh2 was built to support
+behaviors. Note that this function has no effect unless libssh2 was built to
-this option, and a typical "release build" might not.
+support tracing! It is usually disabled in release builds.
-\fBbitmask\fP can be set to none, one or more of these bits:
+\fBbitmask\fP can be set to the logical OR of none, one or more of these:
 .RS
 .IP LIBSSH2_TRACE_SOCKET
 Socket low-level debugging
 .IP LIBSSH2_TRACE_TRANS
 Transport layer debugging
 .IP LIBSSH2_TRACE_KEX
--- a/docs/libssh2_trace_sethandler.3
+++ b/docs/libssh2_trace_sethandler.3
@@ -0,0 +1,30 @@
 .\" $Id: libssh2_trace_sethandler.3,v 1.1 2008/12/26 07:46:45 bagder Exp $
 .\"
 .TH libssh2_trace_sethandler 3 "15 Jan 2010" "libssh2 1.2.3" "libssh2 manual"
 .SH NAME
 libssh2_trace_sethandler - set a trace output handler
 .SH SYNOPSIS
 .nf
 #include <libssh2.h>
 typedef void (*libssh2_trace_handler_func)(LIBSSH2_SESSION *session,
                                           void* context,
                                           const char *data,
                                           size_t length);
 int libssh2_trace_sethandler(LIBSSH2_SESSION *session,
                             void* context,
                             libssh2_trace_handler_func callback);
 .SH DESCRIPTION
 libssh2_trace_sethandler installs a trace output handler for your application.
 By default, when tracing has been switched on via a call to libssh2_trace(),
 all output is written to stderr.  By calling this method and passing a
 function pointer that matches the libssh2_trace_handler_func prototype,
 libssh2 will call back as it generates trace output.  This can be used to
 capture the trace output and put it into a log file or diagnostic window.
 This function has no effect unless libssh2 was built to support this option,
 and a typical "release build" might not.
 \fBcontext\fP can be used to pass arbitrary user defined data back into the callback when invoked.
 .SH AVAILABILITY
 Added in libssh2 version 1.2.3
--- a/docs/libssh2_userauth_keyboard_interactive_ex.3
+++ b/docs/libssh2_userauth_keyboard_interactive_ex.3
@@ -39,5 +39,7 @@ LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 \fILIBSSH2_ERROR_SOCKET_SEND\fP - Unable to send data on socket.
 \fLIBSSH2_ERROR_AUTHENTICATION_FAILED\fP -  failed, invalid username/password or public/private key.
 .SH SEE ALSO
 .BR libssh2_session_init_ex(3)
--- a/docs/libssh2_userauth_password_ex.3
+++ b/docs/libssh2_userauth_password_ex.3
@@ -46,5 +46,7 @@ LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 \fILIBSSH2_ERROR_PASSWORD_EXPIRED\fP - 
 \fLIBSSH2_ERROR_AUTHENTICATION_FAILED\fP -  failed, invalid username/password or public/private key.
 .SH SEE ALSO
 .BR libssh2_session_init_ex(3)
--- a/docs/libssh2_userauth_publickey_fromfile_ex.3
+++ b/docs/libssh2_userauth_publickey_fromfile_ex.3
@@ -40,12 +40,11 @@ LIBSSH2_ERROR_EAGAIN is a negative number, it isn't really a failure per se.
 \fILIBSSH2_ERROR_SOCKET_TIMEOUT\fP - 
-\fILIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED\fP - >The username/public key 
+\fILIBSSH2_ERROR_PUBLICKEY_UNVERIFIED\fP - The username/public key
 combination was invalid.
-\fILIBSSH2_ERROR_PUBLICKEY_UNVERIFIED\fP - The username/public key 
+\fILIBSSH2_ERROR_AUTHENTICATION_FAILED\fP - Authentication using the supplied
-combination was invalid, or the signature for the supplied public 
+public key was not accepted.
 key was invalid.
 .SH SEE ALSO
 .BR libssh2_session_init_ex(3)
--- a/example/.cvsignore
+++ b/example/.cvsignore
@@ -1,2 +0,0 @@
 Makefile
 Makefile.in
--- a/example/simple/.cvsignore
+++ b/example/simple/.cvsignore
@@ -1,9 +1,8 @@
 Makefile
 Makefile.in
 .deps
 .libs
 *.gcno
 *.gcda
 direct_tcpip
 scp
 scp_nonblock
 scp_write
@@ -18,4 +17,9 @@ sftp_mkdir
 sftp_mkdir_nonblock
 sftp_write
 sftp_write_nonblock
-
+config.h.in
 ssh2_exec
 ssh2_agent
 libssh2_config.h
 libssh2_config.h.in
 stamp-h2
--- a/example/Makefile.am
+++ b/example/Makefile.am
@@ -1,2 +1,16 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
-SUBDIRS = simple
+
 EXTRA_DIST = libssh2_config.h.in
 # samples
 noinst_PROGRAMS = direct_tcpip ssh2 \
 		scp scp_nonblock \
 		scp_write scp_write_nonblock \
 		sftp sftp_nonblock \
 		sftp_write sftp_write_nonblock \
 		sftp_mkdir sftp_mkdir_nonblock \
 		sftp_RW_nonblock \
 		sftpdir sftpdir_nonblock ssh2_exec ssh2_agent
 AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/example
 LDADD = $(top_builddir)/src/libssh2.la
--- a/example/direct_tcpip.c
+++ b/example/direct_tcpip.c
@@ -0,0 +1,275 @@
 #include <libssh2.h>
 #ifdef WIN32
 #include <windows.h>
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #else
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <sys/time.h>
 #endif
 #include <fcntl.h>
 #include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <sys/types.h>
 #ifndef INADDR_NONE
 #define INADDR_NONE (in_addr_t)-1
 #endif
 const char *keyfile1 = "/home/username/.ssh/id_rsa.pub";
 const char *keyfile2 = "/home/username/.ssh/id_rsa";
 const char *username = "username";
 const char *password = "";
 const char *server_ip = "127.0.0.1";
 const char *local_listenip = "127.0.0.1";
 unsigned int local_listenport = 2222;
 const char *remote_desthost = "localhost"; /* resolved by the server */
 unsigned int remote_destport = 22;
 enum {
    AUTH_NONE = 0,
    AUTH_PASSWORD,
    AUTH_PUBLICKEY
 };
 int main(int argc, char *argv[])
 {
    int rc, sock = -1, listensock = -1, forwardsock = -1, i, auth = AUTH_NONE;
    struct sockaddr_in sin;
    socklen_t sinlen;
    const char *fingerprint;
    char *userauthlist;
    LIBSSH2_SESSION *session;
    LIBSSH2_CHANNEL *channel = NULL;
    const char *shost;
    unsigned int sport;
    fd_set fds;
    struct timeval tv;
    ssize_t len, wr;
    char buf[16384];
 #ifdef WIN32
    char sockopt;
    WSADATA wsadata;
    WSAStartup(MAKEWORD(2,0), &wsadata);
 #else
    int sockopt;
 #endif
    if (argc > 1)
        server_ip = argv[1];
    if (argc > 2)
        username = argv[2];
    if (argc > 3)
        password = argv[3];
    if (argc > 4)
        local_listenip = argv[4];
    if (argc > 5)
        local_listenport = atoi(argv[5]);
    if (argc > 6)
        remote_desthost = argv[6];
    if (argc > 7)
        remote_destport = atoi(argv[7]);
    /* Connect to SSH server */
    sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
    sin.sin_family = AF_INET;
    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(server_ip))) {
        perror("inet_addr");
        return -1;
    }
    sin.sin_port = htons(22);
    if (connect(sock, (struct sockaddr*)(&sin),
                sizeof(struct sockaddr_in)) != 0) {
        fprintf(stderr, "failed to connect!\n");
        return -1;
    }
    /* Create a session instance */
    session = libssh2_session_init();
    if(!session) {
        fprintf(stderr, "Could not initialize SSH session!\n");
        return -1;
    }
    /* ... start it up. This will trade welcome banners, exchange keys,
     * and setup crypto, compression, and MAC layers
     */
    rc = libssh2_session_startup(session, sock);
    if(rc) {
        fprintf(stderr, "Error when starting up SSH session: %d\n", rc);
        return -1;
    }
    /* At this point we havn't yet authenticated.  The first thing to do
     * is check the hostkey's fingerprint against our known hosts Your app
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
    for(i = 0; i < 20; i++)
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    fprintf(stderr, "\n");
    /* check what authentication methods are available */
    userauthlist = libssh2_userauth_list(session, username, strlen(username));
    printf("Authentication methods: %s\n", userauthlist);
    if (strstr(userauthlist, "password"))
        auth |= AUTH_PASSWORD;
    if (strstr(userauthlist, "publickey"))
        auth |= AUTH_PUBLICKEY;
    /* check for options */
    if(argc > 8) {
        if ((auth & AUTH_PASSWORD) && !strcasecmp(argv[8], "-p"))
            auth = AUTH_PASSWORD;
        if ((auth & AUTH_PUBLICKEY) && !strcasecmp(argv[8], "-k"))
            auth = AUTH_PUBLICKEY;
    }
    if (auth & AUTH_PASSWORD) {
        if (libssh2_userauth_password(session, username, password)) {
            fprintf(stderr, "Authentication by password failed.\n");
            goto shutdown;
        }
    } else if (auth & AUTH_PUBLICKEY) {
        if (libssh2_userauth_publickey_fromfile(session, username, keyfile1, keyfile2, password)) {
            printf("\tAuthentication by public key failed!\n");
            goto shutdown;
        }
        printf("\tAuthentication by public key succeeded.\n");
    } else {
        printf("No supported authentication methods found!\n");
        goto shutdown;
    }
    listensock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
    sin.sin_family = AF_INET;
    sin.sin_port = htons(local_listenport);
    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(local_listenip))) {
        perror("inet_addr");
        goto shutdown;
    }
    sockopt = 1;
    setsockopt(listensock, SOL_SOCKET, SO_REUSEADDR, &sockopt, sizeof(sockopt));
    sinlen=sizeof(sin);
    if (-1 == bind(listensock, (struct sockaddr *)&sin, sinlen)) {
        perror("bind");
        goto shutdown;
    }
    if (-1 == listen(listensock, 2)) {
        perror("listen");
        goto shutdown;
    }
    printf("Waiting for TCP connection on %s:%d...\n",
        inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
    forwardsock = accept(listensock, (struct sockaddr *)&sin, &sinlen);
    if (-1 == forwardsock) {
        perror("accept");
        goto shutdown;
    }
    shost = inet_ntoa(sin.sin_addr);
    sport = ntohs(sin.sin_port);
    printf("Forwarding connection from %s:%d here to remote %s:%d\n", shost,
        sport, remote_desthost, remote_destport);
    channel = libssh2_channel_direct_tcpip_ex(session, remote_desthost,
        remote_destport, shost, sport);
    if (!channel) {
        fprintf(stderr, "Could not open the direct-tcpip channel!\n");
        fprintf(stderr, "(Note that this can be a problem at the server! Please review the server logs.)\n");
        goto shutdown;
    }
    /* Must use non-blocking IO hereafter due to the current libssh2 API */
    libssh2_session_set_blocking(session, 0);
    while (1) {
        FD_ZERO(&fds);
        FD_SET(forwardsock, &fds);
        tv.tv_sec = 0;
        tv.tv_usec = 100000;
        rc = select(forwardsock + 1, &fds, NULL, NULL, &tv);
        if (-1 == rc) {
            perror("select");
            goto shutdown;
        }
        if (rc && FD_ISSET(forwardsock, &fds)) {
            len = recv(forwardsock, buf, sizeof(buf), 0);
            if (len < 0) {
                perror("read");
                goto shutdown;
            } else if (0 == len) {
                printf("The client at %s:%d disconnected!\n", shost, sport);
                goto shutdown;
            }
            wr = 0;
            do {
                i = libssh2_channel_write(channel, buf, len);
                if (i < 0) {
                    fprintf(stderr, "libssh2_channel_write: %d\n", i);
                    goto shutdown;
                }
                wr += i;
            } while(i > 0 && wr < len);
        }
        while (1) {
            len = libssh2_channel_read(channel, buf, sizeof(buf));
            if (LIBSSH2_ERROR_EAGAIN == len)
                break;
            else if (len < 0) {
                fprintf(stderr, "libssh2_channel_read: %d", (int)len);
                goto shutdown;
            }
            wr = 0;
            while (wr < len) {
                i = send(forwardsock, buf + wr, len - wr, 0);
                if (i <= 0) {
                    perror("write");
                    goto shutdown;
                }
                wr += i;
            }
            if (libssh2_channel_eof(channel)) {
                printf("The server at %s:%d disconnected!\n",
                    remote_desthost, remote_destport);
                goto shutdown;
            }
        }
    }
 shutdown:
 #ifdef WIN32
    closesocket(forwardsock);
    closesocket(listensock);
 #else
    close(forwardsock);
    close(listensock);
 #endif
    if (channel)
        libssh2_channel_free(channel);
    libssh2_session_disconnect(session, "Client disconnecting normally");
    libssh2_session_free(session);
 #ifdef WIN32
    closesocket(sock);
 #else
    close(sock);
 #endif
    return 0;
 }
--- a/example/simple/scp.c
+++ b/example/simple/scp.c
@@ -1,5 +1,5 @@
 /*
- * $Id: scp.c,v 1.11 2008/11/10 16:48:41 bagder Exp $
+ * $Id: scp.c,v 1.12 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do a simple SCP transfer.
 */
@@ -10,12 +10,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -103,9 +103,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -164,10 +164,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/scp_nonblock.c
+++ b/example/simple/scp_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: scp_nonblock.c,v 1.15 2009/03/25 22:52:32 bagder Exp $
+ * $Id: scp_nonblock.c,v 1.16 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SCP transfers in a non-blocking manner.
 *
@@ -15,11 +15,14 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
-#ifdef HAVE_SYS_SOCKET_H
+#ifdef HAVE_SYS_SELECT_H
-# include <sys/socket.h>
+# include <sys/select.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
@@ -132,23 +135,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
        simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance */
    session = libssh2_session_init();
    if (!session)
@@ -174,9 +160,9 @@ int main(int argc, char *argv[])
        * may have it hard coded, may go to a file, may present it to the
        * user, that's your call
        */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -276,10 +262,8 @@ shutdown:
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/scp_write.c
+++ b/example/simple/scp_write.c
@@ -1,5 +1,5 @@
 /*
- * $Id: scp_write.c,v 1.6 2008/11/10 16:48:41 bagder Exp $
+ * $Id: scp_write.c,v 1.7 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do a simple SCP transfer.
 */
@@ -10,12 +10,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -47,7 +47,7 @@ int main(int argc, char *argv[])
    FILE *local;
    int rc;
    char mem[1024];
-    size_t nread;
+    size_t nread, sent;
    char *ptr;
    struct stat fileinfo;
@@ -118,9 +118,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -142,8 +142,8 @@ int main(int argc, char *argv[])
        }
    }
-    /* Request a file via SCP */
+    /* Send a file via scp. The mode parameter must only have permissions! */
-    channel = libssh2_scp_send(session, scppath, 0x1FF & fileinfo.st_mode,
+    channel = libssh2_scp_send(session, scppath, fileinfo.st_mode & 0777,
                               (unsigned long)fileinfo.st_size);
    if (!channel) {
@@ -159,13 +159,20 @@ int main(int argc, char *argv[])
            break;
        }
        ptr = mem;
        sent = 0;
        do {
-            /* write data in a loop until we block */
+            /* write the same data over and over, until error or completion */
            rc = libssh2_channel_write(channel, ptr, nread);
-            ptr += rc;
+            if (rc < 0) {
-            nread -= nread;
+                fprintf(stderr, "ERROR %d\n", rc);
-        } while (rc > 0);
+            } else {
                /* rc indicates how many bytes were written this time */
                sent += rc;
            }
        } while (rc > 0 && sent < nread);
        ptr += sent;
        nread -= sent;
    } while (1);
    fprintf(stderr, "Sending EOF\n");
@@ -186,10 +193,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/scp_write_nonblock.c
+++ b/example/simple/scp_write_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: scp_write_nonblock.c,v 1.9 2008/11/10 16:48:41 bagder Exp $
+ * $Id: scp_write_nonblock.c,v 1.10 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do a simple SCP transfer.
 */
@@ -11,12 +11,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -51,7 +51,7 @@ int main(int argc, char *argv[])
    long flag = 1;
 #endif
    char mem[1024];
-    size_t nread;
+    size_t nread, sent;
    char *ptr;
    struct stat fileinfo;
@@ -102,23 +102,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
        simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance
     */
    session = libssh2_session_init();
@@ -143,9 +126,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -170,9 +153,9 @@ int main(int argc, char *argv[])
        }
    }
-    /* Request a file via SCP */
+    /* Send a file via scp. The mode parameter must only have permissions! */
    do {
-        channel = libssh2_scp_send(session, scppath, 0x1FF & fileinfo.st_mode,
+        channel = libssh2_scp_send(session, scppath, fileinfo.st_mode & 0777,
                                   (unsigned long)fileinfo.st_size);
        if ((!channel) && (libssh2_session_last_errno(session) !=
@@ -193,17 +176,22 @@ int main(int argc, char *argv[])
            break;
        }
        ptr = mem;
        sent = 0;
        do {
-            /* write data in a loop until we block */
+            /* write the same data over and over, until error or completion */
-            while ((rc = libssh2_channel_write(channel, ptr, nread)) ==
+            rc = libssh2_channel_write(channel, ptr, nread);
-                   LIBSSH2_ERROR_EAGAIN);
+            if (LIBSSH2_ERROR_EAGAIN == rc) { /* must loop around */
-            if (rc < 0) {
+                continue;
            } else if (rc < 0) {
                fprintf(stderr, "ERROR %d\n", rc);
            } else {
                /* rc indicates how many bytes were written this time */
                sent += rc;
            }
-            ptr += rc;
+        } while (rc > 0 && sent < nread);
-            nread -= rc;
+        ptr += sent;
-        } while (nread > 0);
+        nread -= sent;
    } while (1);
    fprintf(stderr, "Sending EOF\n");
@@ -225,10 +213,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/sftp.c
+++ b/example/simple/sftp.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp.c,v 1.16 2009/03/31 12:20:36 bagder Exp $
+ * $Id: sftp.c,v 1.17 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP transfers.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -136,9 +136,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -236,10 +236,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/sftp_RW_nonblock.c
+++ b/example/simple/sftp_RW_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_RW_nonblock.c,v 1.12 2008/11/10 16:48:41 bagder Exp $
+ * $Id: sftp_RW_nonblock.c,v 1.13 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP transfers in a non-blocking manner.
 *
@@ -16,11 +16,14 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
-#ifdef HAVE_SYS_SOCKET_H
+#ifdef HAVE_SYS_SELECT_H
-# include <sys/socket.h>
+# include <sys/select.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
@@ -84,23 +87,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
       simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance
     */
    session = libssh2_session_init();
@@ -123,9 +109,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -293,10 +279,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    printf("all done\n");
--- a/example/simple/sftp_mkdir.c
+++ b/example/simple/sftp_mkdir.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_mkdir.c,v 1.8 2008/11/10 16:48:41 bagder Exp $
+ * $Id: sftp_mkdir.c,v 1.9 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP mkdir
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -105,9 +105,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -155,10 +155,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
 printf("all done\n");
--- a/example/simple/sftp_mkdir_nonblock.c
+++ b/example/simple/sftp_mkdir_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_mkdir_nonblock.c,v 1.11 2008/11/10 16:48:41 bagder Exp $
+ * $Id: sftp_mkdir_nonblock.c,v 1.12 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP non-blocking mkdir.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -88,23 +88,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
       simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance
     */
    session = libssh2_session_init();
@@ -125,9 +108,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -178,10 +161,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
 printf("all done\n");
--- a/example/simple/sftp_nonblock.c
+++ b/example/simple/sftp_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_nonblock.c,v 1.17 2009/03/13 22:14:47 bagder Exp $
+ * $Id: sftp_nonblock.c,v 1.18 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP non-blocking transfers.
 *
@@ -16,11 +16,14 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
-#ifdef HAVE_SYS_SOCKET_H
+#ifdef HAVE_SYS_SELECT_H
-# include <sys/socket.h>
+# include <sys/select.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
@@ -133,23 +136,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
        simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance */
    session = libssh2_session_init();
    if (!session)
@@ -175,9 +161,9 @@ int main(int argc, char *argv[])
        * may have it hard coded, may go to a file, may present it to the
        * user, that's your call
        */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    fprintf(stderr, "Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
    }
    fprintf(stderr, "\n");
@@ -278,10 +264,8 @@ shutdown:
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
--- a/example/simple/sftp_write.c
+++ b/example/simple/sftp_write.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_write.c,v 1.10 2009/03/31 12:20:36 bagder Exp $
+ * $Id: sftp_write.c,v 1.11 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP write transfers.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -123,9 +123,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -195,10 +195,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
 printf("all done\n");
--- a/example/simple/sftp_write_nonblock.c
+++ b/example/simple/sftp_write_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftp_write_nonblock.c,v 1.13 2009/03/31 12:20:36 bagder Exp $
+ * $Id: sftp_write_nonblock.c,v 1.14 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SFTP non-blocking write transfers.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -103,23 +103,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
        simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance
        */
    session = libssh2_session_init();
@@ -139,14 +122,14 @@ int main(int argc, char *argv[])
        return -1;
    }
-    /* At this point we havn't yet authenticated.  The first thing to do
+    /* At this point we havn't yet authenticated.  The first thing to do is
-        * is check the hostkey's fingerprint against our known hosts Your app
+     * check the hostkey's fingerprint against our known hosts Your app may
-        * may have it hard coded, may go to a file, may present it to the
+     * have it hard coded, may go to a file, may present it to the user,
-        * user, that's your call
+     * that's your call
-        */
+     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -224,10 +207,8 @@ shutdown:
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    printf("all done\n");
--- a/example/simple/sftpdir.c
+++ b/example/simple/sftpdir.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftpdir.c,v 1.10 2008/11/10 16:48:41 bagder Exp $
+ * $Id: sftpdir.c,v 1.11 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample doing an SFTP directory listing.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -105,9 +105,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -207,10 +207,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
 printf("all done\n");
--- a/example/simple/sftpdir_nonblock.c
+++ b/example/simple/sftpdir_nonblock.c
@@ -1,5 +1,5 @@
 /*
- * $Id: sftpdir_nonblock.c,v 1.12 2008/11/10 16:48:41 bagder Exp $
+ * $Id: sftpdir_nonblock.c,v 1.13 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample doing an SFTP directory listing.
 *
@@ -16,12 +16,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -88,23 +88,6 @@ int main(int argc, char *argv[])
        return -1;
    }
    /* We set the socket non-blocking. We do it after the connect just to
       simplify the example code. */
 #ifdef F_SETFL
    /* FIXME: this can/should be done in a more portable manner */
    rc = fcntl(sock, F_GETFL, 0);
    fcntl(sock, F_SETFL, rc | O_NONBLOCK);
 #elif defined(HAVE_IOCTLSOCKET)
    ioctlsocket(sock, FIONBIO, &flag);
 #else
 #ifdef WIN32
    u_long mode = 1;
    ioctlsocket (sock, FIONBIO, &mode);
 #else
 #error "add support for setting the socket non-blocking here"
 #endif
 #endif
    /* Create a session instance
     */
    session = libssh2_session_init();
@@ -128,9 +111,9 @@ int main(int argc, char *argv[])
     * may have it hard coded, may go to a file, may present it to the
     * user, that's your call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -236,10 +219,8 @@ int main(int argc, char *argv[])
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    printf("all done\n");
--- a/example/simple/Makefile.am
+++ b/example/simple/Makefile.am
@@ -1,16 +0,0 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 # samples
 noinst_PROGRAMS = ssh2 \
 		scp scp_nonblock \
 		scp_write scp_write_nonblock \
 		sftp sftp_nonblock \
 		sftp_write sftp_write_nonblock \
 		sftp_mkdir sftp_mkdir_nonblock \
 		sftp_RW_nonblock \
 		sftpdir sftpdir_nonblock
 # the examples need the $(top_builddir)/src since when building outside of the
 # source dir they still need to reach the libssh2_config.h header
 AM_CPPFLAGS = -I$(top_srcdir)/src -I$(top_srcdir)/include -I$(top_builddir)/src
 LDADD = $(top_builddir)/src/libssh2.la
--- a/example/simple/ssh2.c
+++ b/example/simple/ssh2.c
@@ -1,5 +1,5 @@
 /*
- * $Id: ssh2.c,v 1.18 2008/11/10 16:48:41 bagder Exp $
+ * $Id: ssh2.c,v 1.19 2009/04/28 10:35:30 bagder Exp $
 *
 * Sample showing how to do SSH2 connect.
 *
@@ -19,12 +19,12 @@
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -46,10 +46,11 @@ const char *password="password";
 static void kbd_callback(const char *name, int name_len,
-             const char *instruction, int instruction_len, int num_prompts,
+                         const char *instruction, int instruction_len,
-             const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
+                         int num_prompts,
-             LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
+                         const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
-             void **abstract)
+                         LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
                         void **abstract)
 {
    (void)name;
    (void)name_len;
@@ -92,13 +93,11 @@ int main(int argc, char *argv[])
        password = argv[3];
    }
-    /* Ultra basic "connect to port 22 on localhost"
+    /* Ultra basic "connect to port 22 on localhost".  Your code is
-     * Your code is responsible for creating the socket establishing the connection
+     * responsible for creating the socket establishing the connection
     */
    sock = socket(AF_INET, SOCK_STREAM, 0);
-#ifndef WIN32
+
    fcntl(sock, F_SETFL, 0);
 #endif
    sin.sin_family = AF_INET;
    sin.sin_port = htons(22);
    sin.sin_addr.s_addr = hostaddr;
@@ -108,8 +107,8 @@ int main(int argc, char *argv[])
        return -1;
    }
-    /* Create a session instance and start it up
+    /* Create a session instance and start it up. This will trade welcome
-     * This will trade welcome banners, exchange keys, and setup crypto, compression, and MAC layers
+     * banners, exchange keys, and setup crypto, compression, and MAC layers
     */
    session = libssh2_session_init();
    if (libssh2_session_startup(session, sock)) {
@@ -117,13 +116,14 @@ int main(int argc, char *argv[])
        return -1;
    }
-    /* At this point we havn't authenticated,
+    /* At this point we havn't authenticated. The first thing to do is check
-     * The first thing to do is check the hostkey's fingerprint against our known hosts
+     * the hostkey's fingerprint against our known hosts Your app may have it
-     * Your app may have it hard coded, may go to a file, may present it to the user, that's your call
+     * hard coded, may go to a file, may present it to the user, that's your
     * call
     */
-    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
-    for(i = 0; i < 16; i++) {
+    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
@@ -164,7 +164,8 @@ int main(int argc, char *argv[])
        }
    } else if (auth_pw & 2) {
        /* Or via keyboard-interactive */
-        if (libssh2_userauth_keyboard_interactive(session, username, &kbd_callback) ) {
+        if (libssh2_userauth_keyboard_interactive(session, username,
                                                  &kbd_callback) ) {
            printf("\tAuthentication by keyboard-interactive failed!\n");
            goto shutdown;
        } else {
@@ -172,7 +173,8 @@ int main(int argc, char *argv[])
        }
    } else if (auth_pw & 4) {
        /* Or by public key */
-        if (libssh2_userauth_publickey_fromfile(session, username, keyfile1, keyfile2, password)) {
+        if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
                                                keyfile2, password)) {
            printf("\tAuthentication by public key failed!\n");
            goto shutdown;
        } else {
@@ -235,14 +237,13 @@ int main(int argc, char *argv[])
  shutdown:
-    libssh2_session_disconnect(session, "Normal Shutdown, Thank you for playing");
+    libssh2_session_disconnect(session,
                               "Normal Shutdown, Thank you for playing");
    libssh2_session_free(session);
 #ifdef WIN32
    Sleep(1000);
    closesocket(sock);
 #else
    sleep(1);
    close(sock);
 #endif
    printf("all done!\n");
--- a/example/ssh2_agent.c
+++ b/example/ssh2_agent.c
@@ -0,0 +1,229 @@
 /*
 * Sample showing how to do SSH2 connect using ssh-agent.
 *
 * The sample code has default values for host name, user name:
 *
 * "ssh2_agent host user"
 */
 #include "libssh2_config.h"
 #include <libssh2.h>
 #include <libssh2_sftp.h>
 #ifdef HAVE_WINDOWS_H
 # include <windows.h>
 #endif
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
 # ifdef HAVE_ARPA_INET_H
 #include <arpa/inet.h>
 #endif
 #include <sys/types.h>
 #include <fcntl.h>
 #include <errno.h>
 #include <stdio.h>
 #include <ctype.h>
 #include <stdlib.h>
 const char *username="username";
 int main(int argc, char *argv[])
 {
    unsigned long hostaddr;
    int sock = -1, i, j, rc;
    struct sockaddr_in sin;
    const char *fingerprint;
    char *userauthlist;
    LIBSSH2_SESSION *session;
    LIBSSH2_CHANNEL *channel;
    LIBSSH2_AGENT *agent = NULL;
    struct libssh2_agent_publickey *identity, *prev_identity = NULL;
 #ifdef WIN32
    WSADATA wsadata;
    WSAStartup(MAKEWORD(2,0), &wsadata);
 #endif
    if (argc > 1) {
        hostaddr = inet_addr(argv[1]);
    } else {
        hostaddr = htonl(0x7F000001);
    }
    if(argc > 2) {
        username = argv[2];
    }
    /* Ultra basic "connect to port 22 on localhost".  Your code is
     * responsible for creating the socket establishing the connection
     */
    sock = socket(AF_INET, SOCK_STREAM, 0);
    if (sock == -1) {
        fprintf(stderr, "failed to create socket!\n");
        rc = 1;
        goto shutdown;
    }
    sin.sin_family = AF_INET;
    sin.sin_port = htons(22);
    sin.sin_addr.s_addr = hostaddr;
    if (connect(sock, (struct sockaddr*)(&sin),
                sizeof(struct sockaddr_in)) != 0) {
        fprintf(stderr, "failed to connect!\n");
        goto shutdown;
    }
    /* Create a session instance and start it up. This will trade welcome
     * banners, exchange keys, and setup crypto, compression, and MAC layers
     */
    session = libssh2_session_init();
    if (libssh2_session_startup(session, sock)) {
        fprintf(stderr, "Failure establishing SSH session\n");
        return 1;
    }
    /* check what authentication methods are available */
    userauthlist = libssh2_userauth_list(session, username, strlen(username));
    printf("Authentication methods: %s\n", userauthlist);
    if (strstr(userauthlist, "publickey") == NULL) {
        fprintf(stderr, "\"publickey\" authentication is not supported\n");
        goto shutdown;
    }
    /* Connect to the ssh-agent */
    agent = libssh2_agent_init(session);
    if (!agent) {
        fprintf(stderr, "Failure initializing ssh-agent support\n");
        rc = 1;
        goto shutdown;
    }
    if (libssh2_agent_connect(agent)) {
        fprintf(stderr, "Failure connecting to ssh-agent\n");
        rc = 1;
        goto shutdown;
    }
    if (libssh2_agent_list_identities(agent)) {
        fprintf(stderr, "Failure requesting identities to ssh-agent\n");
        rc = 1;
        goto shutdown;
    }
    while (1) {
        rc = libssh2_agent_get_identity(agent, &identity, prev_identity);
        if (rc == 1)
            break;
        if (rc < 0) {
            fprintf(stderr,
                    "Failure obtaining identity from ssh-agent support\n");
            rc = 1;
            goto shutdown;
        }
        if (libssh2_agent_userauth(agent, username, identity)) {
            printf("\tAuthentication with username %s and "
                   "public key %s failed!\n",
                   username, identity->comment);
        } else {
            printf("\tAuthentication with username %s and "
                   "public key %s succeeded!\n",
                   username, identity->comment);
            break;
        }
 	prev_identity = identity;
    }
    if (rc) {
        fprintf(stderr, "Couldn't continue authentication\n");
        goto shutdown;
    }
    /* At this point we havn't authenticated. The first thing to do is check
     * the hostkey's fingerprint against our known hosts Your app may have it
     * hard coded, may go to a file, may present it to the user, that's your
     * call
     */
    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
    printf("Fingerprint: ");
    for(i = 0; i < 20; i++) {
        printf("%02X ", (unsigned char)fingerprint[i]);
    }
    printf("\n");
    /* Request a shell */
    if (!(channel = libssh2_channel_open_session(session))) {
        fprintf(stderr, "Unable to open a session\n");
        goto shutdown;
    }
    /* Some environment variables may be set,
     * It's up to the server which ones it'll allow though
     */
    libssh2_channel_setenv(channel, "FOO", "bar");
    /* Request a terminal with 'vanilla' terminal emulation
     * See /etc/termcap for more options
     */
    if (libssh2_channel_request_pty(channel, "vanilla")) {
        fprintf(stderr, "Failed requesting pty\n");
        goto skip_shell;
    }
    /* Open a SHELL on that pty */
    if (libssh2_channel_shell(channel)) {
        fprintf(stderr, "Unable to request shell on allocated pty\n");
        goto shutdown;
    }
    /* At this point the shell can be interacted with using
     * libssh2_channel_read()
     * libssh2_channel_read_stderr()
     * libssh2_channel_write()
     * libssh2_channel_write_stderr()
     *
     * Blocking mode may be (en|dis)abled with: libssh2_channel_set_blocking()
     * If the server send EOF, libssh2_channel_eof() will return non-0
     * To send EOF to the server use: libssh2_channel_send_eof()
     * A channel can be closed with: libssh2_channel_close()
     * A channel can be freed with: libssh2_channel_free()
     */
  skip_shell:
    if (channel) {
        libssh2_channel_free(channel);
        channel = NULL;
    }
    /* Other channel types are supported via:
     * libssh2_scp_send()
     * libssh2_scp_recv()
     * libssh2_channel_direct_tcpip()
     */
  shutdown:
    libssh2_agent_disconnect(agent);
    libssh2_agent_free(agent);
    libssh2_session_disconnect(session,
                               "Normal Shutdown, Thank you for playing");
    libssh2_session_free(session);
    if (sock != -1) {
 #ifdef WIN32
        closesocket(sock);
 #else
        close(sock);
 #endif
    }
    printf("all done!\n");
    return rc;
 }
--- a/example/ssh2_exec.c
+++ b/example/ssh2_exec.c
@@ -0,0 +1,294 @@
 /*
 * $Id: ssh2_exec.c,v 1.4 2009/05/07 20:30:22 bagder Exp $
 *
 * Sample showing how to use libssh2 to execute a command remotely.
 *
 * The sample code has fixed values for host name, user name, password
 * and command to run.
 *
 * Run it like this:
 *
 * $ ./ssh2_exec 127.0.0.1 user password "uptime"
 *
 */
 #include "libssh2_config.h"
 #include <libssh2.h>
 #ifdef HAVE_WINSOCK2_H
 # include <winsock2.h>
 #endif
 #ifdef HAVE_SYS_SOCKET_H
 # include <sys/socket.h>
 #endif
 #ifdef HAVE_NETINET_IN_H
 # include <netinet/in.h>
 #endif
 #ifdef HAVE_SYS_SELECT_H
 # include <sys/select.h>
 #endif
 # ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
 #ifdef HAVE_ARPA_INET_H
 # include <arpa/inet.h>
 #endif
 #include <sys/time.h>
 #include <sys/types.h>
 #include <stdlib.h>
 #include <fcntl.h>
 #include <errno.h>
 #include <stdio.h>
 #include <ctype.h>
 static int waitsocket(int socket_fd, LIBSSH2_SESSION *session)
 {
    struct timeval timeout;
    int rc;
    fd_set fd;
    fd_set *writefd = NULL;
    fd_set *readfd = NULL;
    int dir;
    timeout.tv_sec = 10;
    timeout.tv_usec = 0;
    FD_ZERO(&fd);
    FD_SET(socket_fd, &fd);
    /* now make sure we wait in the correct direction */
    dir = libssh2_session_block_directions(session);
    if(dir & LIBSSH2_SESSION_BLOCK_INBOUND)
        readfd = &fd;
    if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND)
        writefd = &fd;
    rc = select(socket_fd + 1, readfd, writefd, NULL, &timeout);
    return rc;
 }
 int main(int argc, char *argv[])
 {
    const char *hostname = "127.0.0.1";
    const char *commandline = "uptime";
    const char *username    = "user";
    const char *password    = "password";
    unsigned long hostaddr;
    int sock;
    struct sockaddr_in sin;
    const char *fingerprint;
    LIBSSH2_SESSION *session;
    LIBSSH2_CHANNEL *channel;
    int rc;
    int exitcode;
    int bytecount = 0;
    size_t len;
    LIBSSH2_KNOWNHOSTS *nh;
    int type;
 #ifdef WIN32
    WSADATA wsadata;
    WSAStartup(MAKEWORD(2,0), &wsadata);
 #endif
    if (argc > 1)
        /* must be ip address only */
        hostname = argv[1];
    if (argc > 2) {
        username = argv[2];
    }
    if (argc > 3) {
        password = argv[3];
    }
    if (argc > 4) {
        commandline = argv[4];
    }
    hostaddr = inet_addr(hostname);
    /* Ultra basic "connect to port 22 on localhost"
     * Your code is responsible for creating the socket establishing the
     * connection
     */
    sock = socket(AF_INET, SOCK_STREAM, 0);
    sin.sin_family = AF_INET;
    sin.sin_port = htons(22);
    sin.sin_addr.s_addr = hostaddr;
    if (connect(sock, (struct sockaddr*)(&sin),
                sizeof(struct sockaddr_in)) != 0) {
        fprintf(stderr, "failed to connect!\n");
        return -1;
    }
    /* Create a session instance */
    session = libssh2_session_init();
    if (!session)
        return -1;
    /* tell libssh2 we want it all done non-blocking */
    libssh2_session_set_blocking(session, 0);
    /* ... start it up. This will trade welcome banners, exchange keys,
     * and setup crypto, compression, and MAC layers
     */
    while ((rc = libssh2_session_startup(session, sock)) ==
           LIBSSH2_ERROR_EAGAIN);
    if (rc) {
        fprintf(stderr, "Failure establishing SSH session: %d\n", rc);
        return -1;
    }
    nh = libssh2_knownhost_init(session);
    if(!nh) {
        /* eeek, do cleanup here */
        return 2;
    }
    /* read all hosts from here */
    libssh2_knownhost_readfile(nh, "known_hosts",
                               LIBSSH2_KNOWNHOST_FILE_OPENSSH);
    /* store all known hosts to here */
    libssh2_knownhost_writefile(nh, "dumpfile",
                                LIBSSH2_KNOWNHOST_FILE_OPENSSH);
    fingerprint = libssh2_session_hostkey(session, &len, &type);
    if(fingerprint) {
        struct libssh2_knownhost *host;
        int check = libssh2_knownhost_check(nh, (char *)hostname,
                                            (char *)fingerprint, len,
                                            LIBSSH2_KNOWNHOST_TYPE_PLAIN|
                                            LIBSSH2_KNOWNHOST_KEYENC_RAW,
                                            &host);
        fprintf(stderr, "Host check: %d, key: %s\n", check,
                (check <= LIBSSH2_KNOWNHOST_CHECK_MISMATCH)?
                host->key:"<none>");
        /*****
         * At this point, we could verify that 'check' tells us the key is
         * fine or bail out.
         *****/
    }
    else {
        /* eeek, do cleanup here */
        return 3;
    }
    libssh2_knownhost_free(nh);
    if ( strlen(password) != 0 ) {
        /* We could authenticate via password */
        while ((rc = libssh2_userauth_password(session, username, password)) ==
               LIBSSH2_ERROR_EAGAIN);
        if (rc) {
            fprintf(stderr, "Authentication by password failed.\n");
            goto shutdown;
        }
    }
    else {
        /* Or by public key */
        while ((rc = libssh2_userauth_publickey_fromfile(session, username,
                                                         "/home/user/"
                                                         ".ssh/id_rsa.pub",
                                                         "/home/user/"
                                                         ".ssh/id_rsa",
                                                         password)) ==
               LIBSSH2_ERROR_EAGAIN);
        if (rc) {
            fprintf(stderr, "\tAuthentication by public key failed\n");
            goto shutdown;
        }
    }
 #if 0
    libssh2_trace(session, ~0 );
 #endif
    /* Exec non-blocking on the remove host */
    while( (channel = libssh2_channel_open_session(session)) == NULL &&
           libssh2_session_last_error(session,NULL,NULL,0) ==
           LIBSSH2_ERROR_EAGAIN )
    {
        waitsocket(sock, session);
    }
    if( channel == NULL )
    {
        fprintf(stderr,"Error\n");
        exit( 1 );
    }
    while( (rc = libssh2_channel_exec(channel, commandline)) ==
           LIBSSH2_ERROR_EAGAIN )
    {
        waitsocket(sock, session);
    }
    if( rc != 0 )
    {
        fprintf(stderr,"Error\n");
        exit( 1 );
    }
    for( ;; )
    {
        /* loop until we block */
        int rc;
        do
        {
            char buffer[0x4000];
            rc = libssh2_channel_read( channel, buffer, sizeof(buffer) );
            if( rc > 0 )
            {
                int i;
                bytecount += rc;
                fprintf(stderr, "We read:\n");
                for( i=0; i < rc; ++i )
                    fputc( buffer[i], stderr);
                fprintf(stderr, "\n");
            }
            else {
                fprintf(stderr, "libssh2_channel_read returned %d\n", rc);
            }
        }
        while( rc > 0 );
        /* this is due to blocking that would occur otherwise so we loop on
           this condition */
        if( rc == LIBSSH2_ERROR_EAGAIN )
        {
            waitsocket(sock, session);
        }
        else
            break;
    }
    exitcode = 127;
    while( (rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN )
        waitsocket(sock, session);
    if( rc == 0 )
    {
        exitcode = libssh2_channel_get_exit_status( channel );
    }
    printf("\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
    libssh2_channel_free(channel);
    channel = NULL;
 shutdown:
    libssh2_session_disconnect(session,
                               "Normal Shutdown, Thank you for playing");
    libssh2_session_free(session);
 #ifdef WIN32
    closesocket(sock);
 #else
    close(sock);
 #endif
    fprintf(stderr, "all done\n");
    return 0;
 }
--- a/example/x11.c
+++ b/example/x11.c
@@ -0,0 +1,433 @@
 /*
 *
 * Sample showing how to makes SSH2 with X11 Forwarding works.
 *
 * Usage :
 * "ssh2 host user password [DEBUG]"
 */
 #include <string.h>
 #include <sys/ioctl.h>
 #include <netinet/in.h>
 #include <sys/socket.h>
 #include <arpa/inet.h>
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/un.h>
 #include <fcntl.h>
 #include <errno.h>
 #include <stdio.h>
 #include <ctype.h>
 #include <stdlib.h>
 #include <termios.h>
 #include <libssh2.h>
 #define _PATH_UNIX_X "/tmp/.X11-unix/X%d"
 /*
 * Chained list that contains channels and associated X11 socket for each X11
 * connections
 */
 struct chan_X11_list {
    LIBSSH2_CHANNEL  *chan;
    int               sock;
    struct chan_X11_list *next;
 };
 struct chan_X11_list * gp_x11_chan = NULL;
 struct termios         _saved_tio;
 /*
 * Utility function to remove a Node of the chained list
 */
 static void remove_node(struct chan_X11_list *elem)
 {
    struct chan_X11_list *current_node = NULL;
    current_node = gp_x11_chan;
    if (gp_x11_chan == elem) {
        /* Removing the only one element in the list */
        free(gp_x11_chan);
        gp_x11_chan = NULL;
    }
    while( current_node->next != NULL) {
        if (current_node->next ==elem) {
            current_node->next = current_node->next->next;
            current_node = current_node->next;
            free(current_node);
            break;
        }
    }
 }
 static void session_shutdown(LIBSSH2_SESSION *session)
 {
    libssh2_session_disconnect(session,
                                "Session Shutdown, Thank you for playing");
    libssh2_session_free(session);
 }
 static int _raw_mode(void)
 {
    int rc;
    struct termios tio;
    rc = tcgetattr(fileno(stdin), &tio);
    if (rc != -1) {
        _saved_tio = tio;
        cfmakeraw(&tio);
        rc = tcsetattr(fileno(stdin), TCSADRAIN, &tio);
    }
    return rc;
 }
 static int _normal_mode(void)
 {
    int rc;
    rc = tcsetattr(fileno(stdin), TCSADRAIN, &_saved_tio);
    return rc;
 }
 /*
 * CallBack to initialize the forwarding.
 * Save the channel to loop on it, save the X11 forwarded socket to send
 * and receive info from our X server.
 */
 static void x11_callback(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL *channel,
                         char *shost, int sport, void **abstract)
 {
    const char * display      = NULL;
    char * ptr          = NULL;
    char * temp_buff    = NULL;
    int   display_port = 0;
    int   sock         = 0;
    int   rc           = 0;
    struct sockaddr_un addr;
    struct chan_X11_list *new;
    struct chan_X11_list *chan_iter;
    /*
     * Connect to the display
     * Inspired by x11_connect_display in openssh
     */
    display = getenv("DISPLAY");
    if ( display != NULL) {
        if (strncmp( display, "unix:", 5) == 0 ||
            display[0] == ':') {
            /* Connect to the local unix domain */
            ptr = strrchr(display, ':');
            temp_buff = (char *) calloc(strlen(ptr+1), sizeof(char));
            memcpy(temp_buff, ptr+1, strlen(ptr+1));
            display_port = atoi(temp_buff);
            sock = socket(AF_UNIX,SOCK_STREAM, 0);
            if (sock <0)
                return;
            memset(&addr, 0, sizeof(addr));
            addr.sun_family = AF_UNIX;
            snprintf(addr.sun_path, sizeof(addr.sun_path),
                     _PATH_UNIX_X, display_port);
            rc = connect(sock, (struct sockaddr *) &addr, sizeof(addr));
            if (rc != -1){
                /* Connection Successfull */
                if (gp_x11_chan == NULL) {
                    /* Calloc ensure that gp_X11_chan is full of 0 */
                    gp_x11_chan = (struct chan_X11_list *)
                        calloc(1, sizeof(struct chan_X11_list));
                    gp_x11_chan->sock = sock;
                    gp_x11_chan->chan = channel;
                    gp_x11_chan->next = NULL;
                }
                else {
                    chan_iter = gp_x11_chan;
                    while (chan_iter->next != NULL)
                        chan_iter = chan_iter->next;
                    /* Create the new Node */
                    new = (struct chan_X11_list *)
                        malloc(sizeof(struct chan_X11_list));
                    new->sock = sock;
                    new->chan = channel;
                    new->next = NULL;
                    chan_iter->next = new;
                }
            }
            else
                close(sock);
        }
    }
    return;
 }
 /*
 * Send and receive Data for the X11 channel.
 * If the connection is closed, returns -1, 0 either.
 */
 static int x11_send_receive(LIBSSH2_CHANNEL *channel, int sock)
 {
    char * buf          = NULL;
    int    bufsize      = 8192;
    int    rc           = 0;
    int    nfds         = 1;
    LIBSSH2_POLLFD  *fds      = NULL;
    fd_set set;
    struct timeval timeval_out;
    timeval_out.tv_sec = 0;
    timeval_out.tv_usec = 0;
    FD_ZERO(&set);
    FD_SET(sock,&set);
    if ((buf = calloc (bufsize, sizeof(char))) == NULL)
        return 0;
    if ((fds = malloc (sizeof (LIBSSH2_POLLFD))) == NULL) {
        free(buf);
        return 0;
    }
    fds[0].type = LIBSSH2_POLLFD_CHANNEL;
    fds[0].fd.channel = channel;
    fds[0].events = LIBSSH2_POLLFD_POLLIN;
    fds[0].revents = LIBSSH2_POLLFD_POLLIN;
    rc = libssh2_poll(fds, nfds, 0);
    if (rc >0) {
        rc = libssh2_channel_read(channel, buf,sizeof(buf));
        rc = write(sock, buf, rc);
    }
    rc = select(sock+1,&set,NULL,NULL,&timeval_out);
    if (rc > 0) {
        memset((void *)buf,0,bufsize);
        /* Data in sock*/
        rc = read(sock, buf,sizeof(buf));
        if (rc > 0)
            rc = libssh2_channel_write(channel,buf, rc);
        else
            return -1;
    }
    free(fds);
    free(buf);
    if (libssh2_channel_eof (channel) == 1) {
        return -1;
    }
    return 0;
 }
 /*
 * Main, more than inspired by ssh2.c by Bagder
 */
 int
 main (int argc, char *argv[])
 {
    unsigned long hostaddr = 0;
    int sock = 0;
    int rc = 0;
    struct sockaddr_in sin;
    LIBSSH2_SESSION *session;
    LIBSSH2_CHANNEL *channel;
    char *username = NULL;
    char *password = NULL;
    size_t bufsiz = 8193;
    char *buf = NULL;
    int set_debug_on = 0;
    int nfds = 1;
    LIBSSH2_POLLFD *fds = NULL;
    /* Chan List struct */
    struct chan_X11_list *current_node = NULL;
    /* Struct winsize for term size */
    struct winsize w_size;
    struct winsize w_size_bck;
    /* For select on stdin */
    fd_set set;
    struct timeval timeval_out;
    timeval_out.tv_sec = 0;
    timeval_out.tv_usec = 10;
    if (argc > 3) {
      hostaddr = inet_addr(argv[1]);
      username = argv[2];
      password = argv[3];
    }
    else {
        fprintf(stderr, "Usage: %s destination username password",
                argv[0]);
        return -1;
    }
    if (argc > 4) {
        set_debug_on = 1;
        fprintf (stderr, "DEBUG is ON: %d\n", set_debug_on);
    }
    sock = socket (AF_INET, SOCK_STREAM, 0);
    sin.sin_family = AF_INET;
    sin.sin_port = htons (22);
    sin.sin_addr.s_addr = hostaddr;
    rc = connect(sock, (struct sockaddr *) &sin,
                 sizeof(struct sockaddr_in));
    if (rc != 0) {
        fprintf (stderr, "Failed to established connection!\n");
        return -1;
    }
    /* Open a session */
    session = libssh2_session_init ();
    rc      = libssh2_session_startup (session, sock);
    if (rc != 0) {
        fprintf(stderr, "Failed Start the SSH session\n");
        return -1;
    }
    if (set_debug_on == 1)
        libssh2_trace(session, LIBSSH2_TRACE_CONN);
    /* Set X11 Callback */
    libssh2_session_callback_set(session, LIBSSH2_CALLBACK_X11,
                                 (void *)x11_callback);
    /* Authenticate via password */
    rc = libssh2_userauth_password(session, username, password);
    if (rc != 0) {
        fprintf(stderr, "Failed to authenticate\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    /* Open a channel */
    channel  = libssh2_channel_open_session(session);
    if ( channel == NULL ) {
        fprintf(stderr, "Failed to open a new channel\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    /* Request a PTY */
    rc = libssh2_channel_request_pty( channel, "xterm");
    if (rc != 0) {
        fprintf(stderr, "Failed to request a pty\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    /* Request X11 */
    rc = libssh2_channel_x11_req(channel,0);
    if(rc!=0) {
        fprintf(stderr, "Failed to request X11 forwarding\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    /* Request a shell */
    rc = libssh2_channel_shell(channel);
    if (rc!=0) {
        fprintf(stderr, "Failed to open a shell\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    rc = _raw_mode();
    if (rc != 0) {
        fprintf(stderr, "Failed to entered in raw mode\n");
        session_shutdown(session);
        close(sock);
        return -1;
    }
    while (1) {
        FD_ZERO(&set);
        FD_SET(fileno(stdin),&set);
        /* Search if a resize pty has to be send */
        ioctl(fileno(stdin), TIOCGWINSZ, &w_size);
        if ((w_size.ws_row != w_size_bck.ws_row) ||
            (w_size.ws_col != w_size_bck.ws_col))   {
            w_size_bck = w_size;
            libssh2_channel_request_pty_size(channel,
                                             w_size.ws_col,
                                             w_size.ws_row);
        }
        if ((buf = calloc (bufsiz, sizeof(char))) == NULL)
            break;
        if ((fds = malloc (sizeof (LIBSSH2_POLLFD))) == NULL) {
            free(buf);
            break;
        }
        fds[0].type = LIBSSH2_POLLFD_CHANNEL;
        fds[0].fd.channel = channel;
        fds[0].events = LIBSSH2_POLLFD_POLLIN;
        fds[0].revents = LIBSSH2_POLLFD_POLLIN;
        rc = libssh2_poll(fds, nfds, 0);
        if (rc >0) {
            rc = libssh2_channel_read(channel, buf,sizeof(buf));
            fprintf(stdout, "%s", buf);
            fflush(stdout);
        }
        /* Looping on X clients */
        if (gp_x11_chan != NULL) {
            current_node = gp_x11_chan;
        }
        else
            current_node = NULL;
        while (current_node != NULL) {
            rc = x11_send_receive(current_node->chan, current_node->sock);
            if (rc == -1){
                shutdown(current_node->sock,SHUT_RDWR);
                close(current_node->sock);
                remove_node(current_node);
            }
            current_node = current_node->next;
        }
        rc = select(fileno(stdin)+1,&set,NULL,NULL,&timeval_out);
        if (rc > 0) {
            /* Data in stdin*/
            rc = read(fileno(stdin), buf,1);
            if (rc > 0)
                libssh2_channel_write(channel,buf, sizeof(buf));
        }
        free (fds);
        free (buf);
        if (libssh2_channel_eof (channel) == 1) {
          break;
        }
    }
    if (channel) {
      libssh2_channel_free (channel);
      channel = NULL;
    }
    _normal_mode();
    return 0;
 }
--- a/include/libssh2.h
+++ b/include/libssh2.h
@@ -1,4 +1,5 @@
-/* Copyright (c) 2004-2008, Sara Golemon <sarag@libssh2.org>
+/* Copyright (c) 2004-2009, Sara Golemon <sarag@libssh2.org>
 * Copyright (c) 2009 by Daniel Stenberg
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -83,17 +84,17 @@ typedef unsigned long long libssh2_uint64_t;
 typedef long long libssh2_int64_t;
 #endif
-/* We use underscore instead of dash when appending CVS in dev versions just
+/* We use underscore instead of dash when appending DEV in dev versions just
   to make the BANNER define (used by src/session.c) be a valid SSH
   banner. Release versions have no appended strings and may of course not
   have dashes either. */
-#define LIBSSH2_VERSION                             "1.1_CVS"
+#define LIBSSH2_VERSION                             "1.2.4_DEV"
 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBSSH2_VERSION_MAJOR                       1
-#define LIBSSH2_VERSION_MINOR                       1
+#define LIBSSH2_VERSION_MINOR                       2
-#define LIBSSH2_VERSION_PATCH                       0
+#define LIBSSH2_VERSION_PATCH                       4
 /* This is the numeric version of the libssh2 version number, meant for easier
   parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
@@ -110,18 +111,18 @@ typedef long long libssh2_int64_t;
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBSSH2_VERSION_NUM                         0x010100
+#define LIBSSH2_VERSION_NUM                         0x010204
 /*
 * This is the date and time when the full source package was created. The
- * timestamp is not stored in CVS, as the timestamp is properly set in the
+ * timestamp is not stored in the source code repo, as the timestamp is
- * tarballs by the maketgz script.
+ * properly set in the tarballs by the maketgz script.
 *
 * The format of the date should follow this template:
 *
 * "Mon Feb 12 11:35:33 UTC 2007"
 */
-#define LIBSSH2_TIMESTAMP "CVS"
+#define LIBSSH2_TIMESTAMP "DEV"
 /* Part of every banner, user specified or not */
 #define LIBSSH2_SSH_BANNER                  "SSH-2.0-libssh2_" LIBSSH2_VERSION
@@ -177,6 +178,11 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
    unsigned int length;
 } LIBSSH2_USERAUTH_KBDINT_RESPONSE;
 /* 'publickey' authentication callback */
 #define LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC(name) \
  int name(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, \
           const unsigned char *data, size_t data_len, void **abstract)
 /* 'keyboard-interactive' authentication callback */
 #define LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(name_) \
 void name_(const char* name, int name_len, const char* instruction, \
@@ -240,6 +246,8 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE
 typedef struct _LIBSSH2_SESSION                     LIBSSH2_SESSION;
 typedef struct _LIBSSH2_CHANNEL                     LIBSSH2_CHANNEL;
 typedef struct _LIBSSH2_LISTENER                    LIBSSH2_LISTENER;
 typedef struct _LIBSSH2_KNOWNHOSTS                  LIBSSH2_KNOWNHOSTS;
 typedef struct _LIBSSH2_AGENT                       LIBSSH2_AGENT;
 typedef struct _LIBSSH2_POLLFD {
    unsigned char type; /* LIBSSH2_POLLFD_* below */
@@ -292,6 +300,11 @@ typedef struct _LIBSSH2_POLLFD {
 #define LIBSSH2_HOSTKEY_HASH_MD5                            1
 #define LIBSSH2_HOSTKEY_HASH_SHA1                           2
 /* Hostkey Types */
 #define LIBSSH2_HOSTKEY_TYPE_UNKNOWN			    0
 #define LIBSSH2_HOSTKEY_TYPE_RSA			    1
 #define LIBSSH2_HOSTKEY_TYPE_DSS			    2
 /* Disconnect Codes (defined by SSH protocol) */
 #define SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT          1
 #define SSH_DISCONNECT_PROTOCOL_ERROR                       2
@@ -328,7 +341,8 @@ typedef struct _LIBSSH2_POLLFD {
 #define LIBSSH2_ERROR_PASSWORD_EXPIRED          -15
 #define LIBSSH2_ERROR_FILE                      -16
 #define LIBSSH2_ERROR_METHOD_NONE               -17
-#define LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED    -18
+#define LIBSSH2_ERROR_AUTHENTICATION_FAILED     -18
 #define LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED    LIBSSH2_ERROR_AUTHENTICATION_FAILED
 #define LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED      -19
 #define LIBSSH2_ERROR_CHANNEL_OUTOFORDER        -20
 #define LIBSSH2_ERROR_CHANNEL_FAILURE           -21
@@ -348,6 +362,11 @@ typedef struct _LIBSSH2_POLLFD {
 #define LIBSSH2_ERROR_INVALID_POLL_TYPE         -35
 #define LIBSSH2_ERROR_PUBLICKEY_PROTOCOL        -36
 #define LIBSSH2_ERROR_EAGAIN                    -37
 #define LIBSSH2_ERROR_BUFFER_TOO_SMALL          -38
 #define LIBSSH2_ERROR_BAD_USE                   -39
 #define LIBSSH2_ERROR_COMPRESS                  -40
 #define LIBSSH2_ERROR_OUT_OF_BOUNDARY           -41
 #define LIBSSH2_ERROR_AGENT_PROTOCOL            -42
 /* Session API */
 LIBSSH2_API LIBSSH2_SESSION *
@@ -377,6 +396,9 @@ LIBSSH2_API int libssh2_session_free(LIBSSH2_SESSION *session);
 LIBSSH2_API const char *libssh2_hostkey_hash(LIBSSH2_SESSION *session,
                                             int hash_type);
 LIBSSH2_API const char *libssh2_session_hostkey(LIBSSH2_SESSION *session,
                                                size_t *len, int *type);
 LIBSSH2_API int libssh2_session_method_pref(LIBSSH2_SESSION *session,
                                            int method_type,
                                            const char *prefs);
@@ -422,6 +444,14 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session,
                                         strlen(username), (publickey), \
                                         (privatekey), (passphrase))
 LIBSSH2_API int
 libssh2_userauth_publickey(LIBSSH2_SESSION *session,
                           const char *username,
                           const unsigned char *pubkeydata,
                           size_t pubkeydata_len,
                           LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC((*sign_callback)),
                           void **abstract);
 LIBSSH2_API int
 libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session,
                                       const char *username,
@@ -663,6 +693,285 @@ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest,
 LIBSSH2_API
 const char *libssh2_version(int req_version_num);
 #define HAVE_LIBSSH2_KNOWNHOST_API 0x010101 /* since 1.1.1 */
 #define HAVE_LIBSSH2_VERSION_API   0x010100 /* libssh2_version since 1.1 */
 struct libssh2_knownhost {
    unsigned int magic;  /* magic stored by the library */
    void *node; /* handle to the internal representation of this host */
    char *name; /* this is NULL if no plain text host name exists */
    char *key;  /* key in base64/printable format */
    int typemask;
 };
 /*
 * libssh2_knownhost_init
 *
 * Init a collection of known hosts. Returns the pointer to a collection.
 *
 */
 LIBSSH2_API LIBSSH2_KNOWNHOSTS *
 libssh2_knownhost_init(LIBSSH2_SESSION *session);
 /*
 * libssh2_knownhost_add
 *
 * Add a host and its associated key to the collection of known hosts.
 *
 * The 'type' argument specifies on what format the given host is:
 *
 * plain  - ascii "hostname.domain.tld"
 * sha1   - SHA1(<salt> <host>) base64-encoded!
 * custom - another hash
 *
 * If 'sha1' is selected as type, the salt must be provided to the salt
 * argument. This too base64 encoded.
 *
 * The SHA-1 hash is what OpenSSH can be told to use in known_hosts files.  If
 * a custom type is used, salt is ignored and you must provide the host
 * pre-hashed when checking for it in the libssh2_knownhost_check() function.
 *
 */
 /* host format (2 bits) */
 #define LIBSSH2_KNOWNHOST_TYPE_MASK    0xffff
 #define LIBSSH2_KNOWNHOST_TYPE_PLAIN   1
 #define LIBSSH2_KNOWNHOST_TYPE_SHA1    2 /* always base64 encoded */
 #define LIBSSH2_KNOWNHOST_TYPE_CUSTOM  3
 /* key format (2 bits) */
 #define LIBSSH2_KNOWNHOST_KEYENC_MASK     (3<<16)
 #define LIBSSH2_KNOWNHOST_KEYENC_RAW      (1<<16)
 #define LIBSSH2_KNOWNHOST_KEYENC_BASE64   (2<<16)
 /* type of key (2 bits) */
 #define LIBSSH2_KNOWNHOST_KEY_MASK     (3<<18)
 #define LIBSSH2_KNOWNHOST_KEY_SHIFT    18
 #define LIBSSH2_KNOWNHOST_KEY_RSA1     (1<<18)
 #define LIBSSH2_KNOWNHOST_KEY_SSHRSA   (2<<18)
 #define LIBSSH2_KNOWNHOST_KEY_SSHDSS   (3<<18)
 LIBSSH2_API int
 libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
                      const char *host,
                      const char *salt,
                      const char *key, size_t keylen, int typemask,
                      struct libssh2_knownhost **store);
 /*
 * libssh2_knownhost_check
 *
 * Check a host and its associated key against the collection of known hosts.
 *
 * The type is the type/format of the given host name.
 *
 * plain  - ascii "hostname.domain.tld"
 * custom - prehashed base64 encoded. Note that this cannot use any salts.
 *
 *
 * 'knownhost' may be set to NULL if you don't care about that info.
 *
 * Returns:
 *
 * LIBSSH2_KNOWNHOST_CHECK_* values, see below
 *
 */
 #define LIBSSH2_KNOWNHOST_CHECK_MATCH    0
 #define LIBSSH2_KNOWNHOST_CHECK_MISMATCH 1
 #define LIBSSH2_KNOWNHOST_CHECK_NOTFOUND 2
 #define LIBSSH2_KNOWNHOST_CHECK_FAILURE  3
 LIBSSH2_API int
 libssh2_knownhost_check(LIBSSH2_KNOWNHOSTS *hosts,
                        const char *host, const char *key, size_t keylen,
                        int typemask,
                        struct libssh2_knownhost **knownhost);
 /*
 * libssh2_knownhost_del
 *
 * Remove a host from the collection of known hosts. The 'entry' struct is
 * retrieved by a call to libssh2_knownhost_check().
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_del(LIBSSH2_KNOWNHOSTS *hosts,
                      struct libssh2_knownhost *entry);
 /*
 * libssh2_knownhost_free
 *
 * Free an entire collection of known hosts.
 *
 */
 LIBSSH2_API void
 libssh2_knownhost_free(LIBSSH2_KNOWNHOSTS *hosts);
 /*
 * libssh2_knownhost_readline()
 *
 * Pass in a line of a file of 'type'. It makes libssh2 read this line.
 *
 * LIBSSH2_KNOWNHOST_FILE_OPENSSH is the only supported type.
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_readline(LIBSSH2_KNOWNHOSTS *hosts,
                           const char *line, size_t len, int type);
 /*
 * libssh2_knownhost_readfile
 *
 * Add hosts+key pairs from a given file.
 *
 * Returns a negative value for error or number of successfully added hosts.
 *
 * This implementation currently only knows one 'type' (openssh), all others
 * are reserved for future use.
 */
 #define LIBSSH2_KNOWNHOST_FILE_OPENSSH 1
 LIBSSH2_API int
 libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
                           const char *filename, int type);
 /*
 * libssh2_knownhost_writeline()
 *
 * Ask libssh2 to convert a known host to an output line for storage.
 *
 * Note that this function returns LIBSSH2_ERROR_BUFFER_TOO_SMALL if the given
 * output buffer is too small to hold the desired output.
 *
 * This implementation currently only knows one 'type' (openssh), all others
 * are reserved for future use.
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
                            struct libssh2_knownhost *known,
                            char *buffer, size_t buflen,
                            size_t *outlen, /* the amount of written data */
                            int type);
 /*
 * libssh2_knownhost_writefile
 *
 * Write hosts+key pairs to a given file.
 *
 * This implementation currently only knows one 'type' (openssh), all others
 * are reserved for future use.
 */
 LIBSSH2_API int
 libssh2_knownhost_writefile(LIBSSH2_KNOWNHOSTS *hosts,
                            const char *filename, int type);
 /*
 * libssh2_knownhost_get()
 *
 * Traverse the internal list of known hosts. Pass NULL to 'prev' to get
 * the first one. Or pass a poiner to the previously returned one to get the
 * next.
 *
 * Returns:
 * 0 if a fine host was stored in 'store'
 * 1 if end of hosts
 * [negative] on errors
 */
 LIBSSH2_API int
 libssh2_knownhost_get(LIBSSH2_KNOWNHOSTS *hosts,
                      struct libssh2_knownhost **store,
                      struct libssh2_knownhost *prev);
 #define HAVE_LIBSSH2_AGENT_API 0x010202 /* since 1.2.2 */
 struct libssh2_agent_publickey {
    unsigned int magic;              /* magic stored by the library */
    void *node;	    /* handle to the internal representation of key */
    unsigned char *blob;           /* public key blob */
    size_t blob_len;               /* length of the public key blob */
    char *comment;                 /* comment in printable format */
 };
 /*
 * libssh2_agent_init
 *
 * Init an ssh-agent handle. Returns the pointer to the handle.
 *
 */
 LIBSSH2_API LIBSSH2_AGENT *
 libssh2_agent_init(LIBSSH2_SESSION *session);
 /*
 * libssh2_agent_connect()
 *
 * Connect to an ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_connect(LIBSSH2_AGENT *agent);
 /*
 * libssh2_agent_list_identities()
 *
 * Request an ssh-agent to list identities.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_list_identities(LIBSSH2_AGENT *agent);
 /*
 * libssh2_agent_get_identity()
 *
 * Traverse the internal list of public keys. Pass NULL to 'prev' to get
 * the first one. Or pass a poiner to the previously returned one to get the
 * next.
 *
 * Returns:
 * 0 if a fine public key was stored in 'store'
 * 1 if end of public keys
 * [negative] on errors
 */
 LIBSSH2_API int
 libssh2_agent_get_identity(LIBSSH2_AGENT *agent,
 			   struct libssh2_agent_publickey **store,
 			   struct libssh2_agent_publickey *prev);
 /*
 * libssh2_agent_userauth()
 *
 * Do publickey user authentication with the help of ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_userauth(LIBSSH2_AGENT *agent,
 		       const char *username,
 		       struct libssh2_agent_publickey *identity);
 /*
 * libssh2_agent_disconnect()
 *
 * Close a connection to an ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_disconnect(LIBSSH2_AGENT *agent);
 /*
 * libssh2_agent_free()
 *
 * Free an ssh-agent handle.  This function also frees the internal
 * collection of public keys.
 */
 LIBSSH2_API void
 libssh2_agent_free(LIBSSH2_AGENT *agent);
 /* NOTE NOTE NOTE
   libssh2_trace() has no function in builds that aren't built with debug
@@ -677,6 +986,15 @@ LIBSSH2_API int libssh2_trace(LIBSSH2_SESSION *session, int bitmask);
 #define LIBSSH2_TRACE_SFTP  (1<<6)
 #define LIBSSH2_TRACE_ERROR (1<<7)
 #define LIBSSH2_TRACE_PUBLICKEY (1<<8)
 #define LIBSSH2_TRACE_SOCKET (1<<9)
 typedef void (*libssh2_trace_handler_func)(LIBSSH2_SESSION*,
                                           void*,
                                           const char *,
                                           size_t);
 LIBSSH2_API int libssh2_trace_sethandler(LIBSSH2_SESSION *session,
                                         void* context,
                                         libssh2_trace_handler_func callback);
 #ifdef __cplusplus
 } /* extern "C" */
--- a/include/libssh2_publickey.h
+++ b/include/libssh2_publickey.h
@@ -46,6 +46,8 @@
 #ifndef LIBSSH2_PUBLICKEY_H
 #define LIBSSH2_PUBLICKEY_H 1
 #include "libssh2.h"
 typedef struct _LIBSSH2_PUBLICKEY               LIBSSH2_PUBLICKEY;
 typedef struct _libssh2_publickey_attribute {
--- a/include/libssh2_sftp.h
+++ b/include/libssh2_sftp.h
@@ -38,6 +38,8 @@
 #ifndef LIBSSH2_SFTP_H
 #define LIBSSH2_SFTP_H 1
 #include "libssh2.h"
 #ifndef WIN32
 #include <unistd.h>
 #endif
--- a/libssh2.pc.in
+++ b/libssh2.pc.in
@@ -0,0 +1,16 @@
 ###########################################################################
 # libssh2 installation details
 ###########################################################################
 prefix=@prefix@
 exec_prefix=@exec_prefix@
 libdir=@libdir@
 includedir=@includedir@
 Name: libssh2
 URL: http://www.libssh2.org/
 Description: Library for SSH based connunication
 Version: @VERSION@
 Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@
 Libs.private: @LIBS@
 Cflags: -I${includedir}
--- a/m4/.gitignore
+++ b/m4/.gitignore
--- a/nw/Makefile.netware
+++ b/nw/Makefile.netware
@@ -5,7 +5,7 @@
 ##
 ## Comments to: Guenter Knauf <eflash@gmx.net>
 ##
-## $Id: Makefile.netware,v 1.13 2009/03/06 07:25:37 gknauf Exp $
+## $Id: Makefile.netware,v 1.14 2009/04/09 03:13:51 gknauf Exp $
 #
 #########################################################################
@@ -21,7 +21,7 @@ endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8j
+OPENSSL_PATH = ../../openssl-0.9.8k
 endif
 # Edit the path below to point to your Distribution folder.
@@ -76,7 +76,7 @@ ifdef METROWERKS
 	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
-	CC = gcc
+	CC = $(CROSSPREFIX)gcc
 endif
 CP	= cp -afv
 # RM	= rm -f
@@ -96,7 +96,7 @@ LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
 -include $(OBJDIR)/version.inc
 # Global flags for all compilers
-CFLAGS	= $(OPT) -D$(DB) -DNETWARE -nostdinc
+CFLAGS	+= $(OPT) -D$(DB) -DNETWARE -nostdinc
 #CFLAGS	+= -DHAVE_CONFIG_H
 ifeq ($(CC),mwccnlm)
@@ -119,12 +119,12 @@ else
 	CFLAGS += -align 1
 endif
 else
-LD	= nlmconv
+LD	= $(CROSSPREFIX)nlmconv
 LDFLAGS	= -T
-AR	= ar
+AR	= $(CROSSPREFIX)ar
 ARFLAGS	= -cq
 LIBEXT	= a
-RANLIB	= ranlib
+RANLIB	= $(CROSSPREFIX)ranlib
 CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 #CFLAGS	+= -Wno-pointer-sign
@@ -184,8 +184,7 @@ ifdef XDCOPT
 	XDCDATA = $(OBJDIR)/$(TARGET).xdc
 endif
-ifeq ($(findstring linux,$(OSTYPE)),linux)
+ifeq ($(findstring /sh,$(SHELL)),/sh)
 #-include $(NDKBASE)/nlmconv/ncpfs.inc
 DL	= '
 DS	= /
 else
@@ -194,24 +193,10 @@ endif
 vpath %.c . ../src
-OBJECTS = \
+# include Makefile.inc to get CSOURCES define
-	channel.o \
+include ../Makefile.inc
 	comp.o \
 	crypt.o \
 	hostkey.o \
 	kex.o \
 	mac.o \
 	misc.o \
 	openssl.o \
 	packet.o \
 	pem.o \
 	publickey.o \
 	scp.o \
 	session.o \
 	sftp.o \
 	transport.o \
 	userauth.o
 OBJECTS := $(patsubst %.c,%.o,$(CSOURCES))
 ifeq ($(LIBARCH),CLIB)
 # CLIB lacks of snprint() function - here's a replacement:
 # http://www.ijs.si/software/snprintf/
@@ -220,7 +205,6 @@ vpath %.c $(SNPRINTF)
 endif
 OBJS	:= $(addprefix $(OBJDIR)/,$(OBJECTS))
 OBJL	= $(OBJS) $(OBJDIR)/nwlib.o $(LDLIBS)
 all: lib nlm
@@ -382,6 +366,8 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define HAVE_STRICMP 1$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define sleep(s) delay(1000 * s)$(DL) >> $@
 	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
 	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
@@ -508,6 +494,7 @@ endif
 	@echo $(DL)  libssh2_channel_eof,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_flush_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_free,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_get_exit_status,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_open_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_process_startup,$(DL) >> $@
 	@echo $(DL)  libssh2_channel_read_ex,$(DL) >> $@
@@ -521,11 +508,18 @@ endif
 	@echo $(DL)  libssh2_hostkey_hash,$(DL) >> $@
 	@echo $(DL)  libssh2_scp_recv,$(DL) >> $@
 	@echo $(DL)  libssh2_scp_send_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_add,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_check,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_free,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_init,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_readfile,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_writefile,$(DL) >> $@
 	@echo $(DL)  libssh2_session_abstract,$(DL) >> $@
 	@echo $(DL)  libssh2_session_block_directions,$(DL) >> $@
 	@echo $(DL)  libssh2_session_callback_set,$(DL) >> $@
 	@echo $(DL)  libssh2_session_disconnect_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_session_free,$(DL) >> $@
 	@echo $(DL)  libssh2_session_hostkey,$(DL) >> $@
 	@echo $(DL)  libssh2_session_init_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_session_last_errno,$(DL) >> $@
 	@echo $(DL)  libssh2_session_last_error,$(DL) >> $@
--- a/nw/test/Makefile.netware
+++ b/nw/test/Makefile.netware
@@ -5,7 +5,7 @@
 ##
 ## Comments to: Guenter Knauf <eflash@gmx.net>
 ##
-## $Id: Makefile.netware,v 1.9 2009/03/06 07:25:37 gknauf Exp $
+## $Id: Makefile.netware,v 1.10 2009/04/09 03:13:52 gknauf Exp $
 #
 #########################################################################
@@ -21,15 +21,15 @@ endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8j
+OPENSSL_PATH = ../../../openssl-0.9.8k
 endif
 # Edit the var below to enable static linking of libssh2 and libz
 LINK_STATIC = 1
 # Edit the vars below to change NLM target settings.
-SAMPLES	= ../../example/simple
+SAMPLES	= ../../example
-TARGETS	:= $(patsubst $(SAMPLES)/%.c,%.nlm,$(strip $(wildcard $(SAMPLES)/*.c)))
+TARGETS := $(filter-out x11.nlm,$(patsubst $(SAMPLES)/%.c,%.nlm,$(strip $(wildcard $(SAMPLES)/*.c))))
 VERSION	= $(LIBSSH2_VERSION)
 COPYR	= Copyright (c) 2004-2009, Sara Golemon <sarag@libssh2.org>
 WWWURL	= http://www.libssh2.org/
@@ -70,7 +70,7 @@ ifdef METROWERKS
 	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
-	CC = gcc
+	CC = $(CROSSPREFIX)gcc
 endif
 CP	= cp -afv
 # RM	= rm -f
@@ -89,7 +89,7 @@ LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
 -include $(OBJDIR)/version.inc
 # Global flags for all compilers
-CFLAGS	= $(OPT) -D$(DB) -DNETWARE -nostdinc
+CFLAGS	+= $(OPT) -D$(DB) -DNETWARE -nostdinc
 ifeq ($(CC),mwccnlm)
 LD	= mwldnlm
@@ -116,12 +116,15 @@ LDFLAGS	= -T
 AR	= ar
 ARFLAGS	= -cq
 LIBEXT	= a
-CFLAGS	+= -fno-builtin -fpack-struct -fpcc-struct-return -fno-strict-aliasing
+CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
-CFLAGS	+= -Wall,no-unused # -pedantic
+CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
        # to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
        # http://www.gknw.net/development/mk_nlm/gcc_pre.zip
        PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -131,10 +134,17 @@ SDK_CLIB = $(NDK_ROOT)/nwsdk
 SDK_LIBC = $(NDK_ROOT)/libc
 SNPRINTF = $(NDKBASE)/snprintf
-INCLUDES = -I. -I../../include
+INCLUDES = -I.. -I../../include
 LDLIBS =
 ifdef LINK_STATIC
 	LDLIBS += ../libssh2.$(LIBEXT)
 else
 	IMPORTS += @../libssh2.imp
 	MODULES += libssh2.nlm
 endif
 INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L) -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L)/openssl
 LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
 LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
@@ -150,13 +160,6 @@ else
 endif
 endif
 ifdef LINK_STATIC
 	LDLIBS += ../libssh2.$(LIBEXT)
 else
 	IMPORTS += @../libssh2.imp
 	MODULES += libssh2.nlm
 endif
 ifeq ($(LIBARCH),LIBC)
 	INCLUDES += -I$(SDK_LIBC)/include
 	# INCLUDES += -I$(SDK_LIBC)/include/nks
@@ -177,8 +180,11 @@ ifeq ($(MTSAFE),NO)
 	XDCOPT = -u
 endif
-ifeq ($(findstring linux,$(OSTYPE)),linux)
+ifeq ($(findstring /sh,$(SHELL)),/sh)
-DL	= '
+DL      = '
 DS      = /
 else
 DS      = \\
 endif
 vpath %.c $(SAMPLES)
@@ -188,7 +194,7 @@ vpath %.c $(SAMPLES)
 all: prebuild $(TARGETS) 
-prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h
+prebuild: $(OBJDIR) $(OBJDIR)/version.inc
 $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
@@ -276,7 +282,7 @@ ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
 ifeq ($(LD),nlmconv)
-	@echo $(DL)input $(<:.def=.o)$(DL) >> $@
+	@echo $(DL)input $(@:.def=.o)$(DL) >> $@
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
 ifdef LDLIBS
 	@echo $(DL)input $(LDLIBS)$(DL) >> $@
@@ -284,7 +290,7 @@ endif
 	@echo $(DL)output $(notdir $(@:.def=.nlm))$(DL) >> $@
 endif
-config.h: Makefile.netware
+ssh2_config.h: Makefile.netware
 	@echo Creating $@
 	@echo $(DL)/* $@ for NetWare target.$(DL) > $@
 	@echo $(DL)** Do not edit this file - it is created by make!$(DL) >> $@
--- a/src/.cvsignore
+++ b/src/.cvsignore
@@ -1,20 +0,0 @@
 .deps
 .libs
 *.lib
 *.pdb
 *.dll
 *.exe
 *.obj
 *.gcno
 *.gcda
 .*.swp
 Debug
 Release
 *.exp
 Makefile
 Makefile.in
 *.lo
 libssh2.la
 libssh2_config.h
 libssh2_config.h.in
 stamp-h1
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -0,0 +1,3 @@
 libssh2_config.h
 libssh2_config.h.in
 stamp-h1
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,15 +1,10 @@
-# $Id: Makefile.am,v 1.19 2009/03/26 22:25:23 bagder Exp $
+# $Id: Makefile.am,v 1.21 2009/05/07 17:21:56 bagder Exp $
 AUTOMAKE_OPTIONS = foreign nostdinc
-libssh2_la_SOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c     \
+# Makefile.inc provides the CSOURCES and HHEADERS defines
-packet.c publickey.c scp.c session.c sftp.c userauth.c libssh2_priv.h	       \
+include ../Makefile.inc
 openssl.h libgcrypt.h transport.c version.c transport.h channel.h comp.h mac.h
-if LIBGCRYPT
+libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS)
 libssh2_la_SOURCES += libgcrypt.c pem.c
 else
 libssh2_la_SOURCES += openssl.c
 endif
 EXTRA_DIST = libssh2_config.h.in NMakefile
--- a/src/agent.c
+++ b/src/agent.c
@@ -0,0 +1,759 @@
 /*
 * Copyright (c) 2009 by Daiki Ueno
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
 * with or without modification, are permitted provided
 * that the following conditions are met:
 *
 *   Redistributions of source code must retain the above
 *   copyright notice, this list of conditions and the
 *   following disclaimer.
 *
 *   Redistributions in binary form must reproduce the above
 *   copyright notice, this list of conditions and the following
 *   disclaimer in the documentation and/or other materials
 *   provided with the distribution.
 *
 *   Neither the name of the copyright holder nor the names
 *   of any other contributors may be used to endorse or
 *   promote products derived from this software without
 *   specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
 * OF SUCH DAMAGE.
 */
 #include "libssh2_priv.h"
 #include "misc.h"
 #include <errno.h>
 #ifdef HAVE_SYS_UN_H
 #include <sys/un.h>
 #else
 /* Use the existence of sys/un.h as a test if Unix domain socket is
   supported.  winsock*.h define PF_UNIX/AF_UNIX but do not actually
   support them. */
 #undef PF_UNIX
 #endif
 /* Requests from client to agent for protocol 1 key operations */
 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
 #define SSH_AGENTC_RSA_CHALLENGE 3
 #define SSH_AGENTC_ADD_RSA_IDENTITY 7
 #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
 #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24
 /* Requests from client to agent for protocol 2 key operations */
 #define SSH2_AGENTC_REQUEST_IDENTITIES 11
 #define SSH2_AGENTC_SIGN_REQUEST 13
 #define SSH2_AGENTC_ADD_IDENTITY 17
 #define SSH2_AGENTC_REMOVE_IDENTITY 18
 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19
 #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
 /* Key-type independent requests from client to agent */
 #define SSH_AGENTC_ADD_SMARTCARD_KEY 20
 #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
 #define SSH_AGENTC_LOCK 22
 #define SSH_AGENTC_UNLOCK 23
 #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
 /* Generic replies from agent to client */
 #define SSH_AGENT_FAILURE 5
 #define SSH_AGENT_SUCCESS 6
 /* Replies from agent to client for protocol 1 key operations */
 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
 #define SSH_AGENT_RSA_RESPONSE 4
 /* Replies from agent to client for protocol 2 key operations */
 #define SSH2_AGENT_IDENTITIES_ANSWER 12
 #define SSH2_AGENT_SIGN_RESPONSE 14
 /* Key constraint identifiers */
 #define SSH_AGENT_CONSTRAIN_LIFETIME 1
 #define SSH_AGENT_CONSTRAIN_CONFIRM 2
 /* non-blocking mode on agent connection is not yet implemented, but
   for future use. */
 typedef enum {
    agent_NB_state_init = 0,
    agent_NB_state_request_created,
    agent_NB_state_request_length_sent,
    agent_NB_state_request_sent,
    agent_NB_state_response_length_received,
    agent_NB_state_response_received
 } agent_nonblocking_states;
 typedef struct agent_transaction_ctx {
    unsigned char *request;
    size_t request_len;
    unsigned char *response;
    size_t response_len;
    agent_nonblocking_states state;
 } *agent_transaction_ctx_t;
 typedef int (*agent_connect_func)(LIBSSH2_AGENT *agent);
 typedef int (*agent_transact_func)(LIBSSH2_AGENT *agent,
                                   agent_transaction_ctx_t transctx);
 typedef int (*agent_disconnect_func)(LIBSSH2_AGENT *agent);
 struct agent_publickey {
    struct list_node node;
    /* this is the struct we expose externally */
    struct libssh2_agent_publickey external;
 };
 struct agent_ops {
    agent_connect_func connect;
    agent_transact_func transact;
    agent_disconnect_func disconnect;
 };
 struct _LIBSSH2_AGENT
 {
    LIBSSH2_SESSION *session;  /* the session this "belongs to" */
    libssh2_socket_t fd;
    struct agent_ops *ops;
    struct agent_transaction_ctx transctx;
    struct agent_publickey *identity;
    struct list_head head;              /* list of public keys */
 };
 #ifdef PF_UNIX
 static int
 agent_connect_unix(LIBSSH2_AGENT *agent)
 {
    const char *path;
    struct sockaddr_un s_un;
    path = getenv("SSH_AUTH_SOCK");
    if (!path) {
        return -1;
    }
    agent->fd = socket(PF_UNIX, SOCK_STREAM, 0);
    if (agent->fd < 0) {
        return -1;
    }
    s_un.sun_family = AF_UNIX;
    strncpy (s_un.sun_path, path, sizeof s_un.sun_path);
    if (connect(agent->fd, (struct sockaddr*)(&s_un), sizeof s_un) != 0) {
        close (agent->fd);
        return -1;
    }
    return 0;
 }
 static int
 agent_transact_unix(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
 {
    unsigned char buf[4], *s;
    int rc;
    /* Send the length of the request */
    if (transctx->state == agent_NB_state_request_created) {
        _libssh2_htonu32(buf, transctx->request_len);
        rc = send(agent->fd, buf, sizeof buf, 0);
        if (rc < 0) {
            if (errno == EAGAIN)
                return LIBSSH2_ERROR_EAGAIN;
            return -1;
        }
        transctx->state = agent_NB_state_request_length_sent;
    }
    /* Send the request body */
    if (transctx->state == agent_NB_state_request_length_sent) {
        rc = send(agent->fd, transctx->request,
                  transctx->request_len, 0);
        if (rc < 0) {
            if (errno == EAGAIN)
                return LIBSSH2_ERROR_EAGAIN;
            return -1;
        }
        transctx->state = agent_NB_state_request_sent;
    }
    /* Receive the length of a response */
    if (transctx->state == agent_NB_state_request_sent) {
        rc = recv(agent->fd, buf, sizeof buf, 0);
        if (rc < 0) {
            if (errno == EAGAIN)
                return LIBSSH2_ERROR_EAGAIN;
            return -1;
        }
        transctx->response_len = _libssh2_ntohu32(buf);
        s = transctx->response = LIBSSH2_ALLOC(agent->session,
                                                  transctx->response_len);
        if (!transctx->response) {
            return LIBSSH2_ERROR_ALLOC;
        }
        transctx->state = agent_NB_state_response_length_received;
    }
    /* Receive the response body */
    if (transctx->state == agent_NB_state_response_length_received) {
        rc = recv(agent->fd, transctx->response, transctx->response_len, 0);
        if (rc < 0) {
            if (errno == EAGAIN)
                return LIBSSH2_ERROR_EAGAIN;
            return -1;
        }
        transctx->state = agent_NB_state_response_received;
    }
    return 0;
 }
 static int
 agent_disconnect_unix(LIBSSH2_AGENT *agent)
 {
    return close(agent->fd);
 }
 struct agent_ops agent_ops_unix = {
    agent_connect_unix,
    agent_transact_unix,
    agent_disconnect_unix
 };
 #endif  /* PF_UNIX */
 #ifdef WIN32
 /* Code to talk to Pageant was taken from PuTTY.
 *
 * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
 * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas
 * Barry, Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa,
 * Markus Kuhn, Colin Watson, and CORE SDI S.A.
 */
 #define PAGEANT_COPYDATA_ID 0x804e50ba   /* random goop */
 #define PAGEANT_MAX_MSGLEN  8192
 static int
 agent_connect_pageant(LIBSSH2_AGENT *agent)
 {
    HWND hwnd;
    hwnd = FindWindow("Pageant", "Pageant");
    if (!hwnd)
 	return -1;
    agent->fd = 0;         /* Mark as the connection has been established */
    return 0;
 }
 static int
 agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
 {
    HWND hwnd;
    char mapname[23];
    HANDLE filemap;
    unsigned char *p;
    int id;
    COPYDATASTRUCT cds;
    if (!transctx || 4 + transctx->request_len > PAGEANT_MAX_MSGLEN) {
        return LIBSSH2_ERROR_INVAL;
    }
    hwnd = FindWindow("Pageant", "Pageant");
    if (!hwnd) {
 	return -1;
    }
    sprintf(mapname, "PageantRequest%08x", (unsigned)GetCurrentThreadId());
    filemap = CreateFileMapping(INVALID_HANDLE_VALUE, NULL, PAGE_READWRITE,
 				0, PAGEANT_MAX_MSGLEN, mapname);
    if (filemap == NULL || filemap == INVALID_HANDLE_VALUE) {
 	return -1;
    }
    p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0);
    _libssh2_htonu32(p, transctx->request_len);
    memcpy(p + 4, transctx->request, transctx->request_len);
    cds.dwData = PAGEANT_COPYDATA_ID;
    cds.cbData = 1 + strlen(mapname);
    cds.lpData = mapname;
    id = SendMessage(hwnd, WM_COPYDATA, (WPARAM) NULL, (LPARAM) &cds);
    if (id > 0) {
 	transctx->response_len = _libssh2_ntohu32(p);
        if (transctx->response_len > PAGEANT_MAX_MSGLEN) {
            UnmapViewOfFile(p);
            CloseHandle(filemap);
            return LIBSSH2_ERROR_AGENT_PROTOCOL;
        }
 	transctx->response = LIBSSH2_ALLOC(agent->session,
                                           transctx->response_len);
 	if (!transctx->response) {
            UnmapViewOfFile(p);
            CloseHandle(filemap);
            return LIBSSH2_ERROR_ALLOC;
        }
        memcpy(transctx->response, p + 4, transctx->response_len);
    }
    UnmapViewOfFile(p);
    CloseHandle(filemap);
    return 0;
 }
 static int
 agent_disconnect_pageant(LIBSSH2_AGENT *agent)
 {
    agent->fd = INVALID_SOCKET;
    return 0;
 }
 struct agent_ops agent_ops_pageant = {
    agent_connect_pageant,
    agent_transact_pageant,
    agent_disconnect_pageant
 };
 #endif  /* WIN32 */
 static struct {
    const char *name;
    struct agent_ops *ops;
 } supported_backends[] = {
 #ifdef WIN32
    {"Pageant", &agent_ops_pageant},
 #endif  /* WIN32 */
 #ifdef PF_UNIX
    {"Unix", &agent_ops_unix},
 #endif  /* PF_UNIX */
    {NULL}
 };
 static int
 agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
           const unsigned char *data, size_t data_len, void **abstract)
 {
    LIBSSH2_AGENT *agent = (LIBSSH2_AGENT *) (*abstract);
    agent_transaction_ctx_t transctx = &agent->transctx;
    struct agent_publickey *identity = agent->identity;
    ssize_t len = 1 + 4 + identity->external.blob_len + 4 + data_len + 4;
    ssize_t method_len;
    unsigned char *s;
    int rc;
    /* Create a request to sign the data */
    if (transctx->state == agent_NB_state_init) {
        s = transctx->request = LIBSSH2_ALLOC(session, len);
        if (!transctx->request) {
            return LIBSSH2_ERROR_ALLOC;
        }
        *s++ = SSH2_AGENTC_SIGN_REQUEST;
        /* key blob */
        _libssh2_htonu32(s, identity->external.blob_len);
        s += 4;
         memcpy(s, identity->external.blob, identity->external.blob_len);
        s += identity->external.blob_len;
        /* data */
        _libssh2_htonu32(s, data_len);
        s += 4;
        memcpy(s, data, data_len);
        s += data_len;
        /* flags */
        _libssh2_htonu32(s, 0);
        s += 4;
        transctx->request_len = s - transctx->request;
        transctx->state = agent_NB_state_request_created;
    }
    /* Make sure to be re-called as a result of EAGAIN. */
    if (*transctx->request != SSH2_AGENTC_SIGN_REQUEST) {
        return LIBSSH2_ERROR_BAD_USE;
    }
    rc = agent->ops->transact(agent, transctx);
    if (rc) {
        goto error;
    }
    LIBSSH2_FREE(session, transctx->request);
    transctx->request = NULL;
    len = transctx->response_len;
    s = transctx->response;
    len--;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    if (*s != SSH2_AGENT_SIGN_RESPONSE) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    s++;
    /* Skip the entire length of the signature */
    len -= 4;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    s += 4;
    /* Skip signing method */
    len -= 4;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    method_len = _libssh2_ntohu32(s);
    s += 4;
    len -= method_len;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    s += method_len;
    /* Read the signature */
    len -= 4;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    *sig_len = _libssh2_ntohu32(s);
    s += 4;
    len -= *sig_len;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    *sig = LIBSSH2_ALLOC(session, *sig_len);
    if (!*sig) {
        rc = LIBSSH2_ERROR_ALLOC;
        goto error;
    }
    memcpy(*sig, s, *sig_len);
  error:
    LIBSSH2_FREE(session, transctx->request);
    transctx->request = NULL;
    LIBSSH2_FREE(session, transctx->response);
    transctx->response = NULL;
    return rc;
 }
 static int
 agent_list_identities(LIBSSH2_AGENT *agent)
 {
    agent_transaction_ctx_t transctx = &agent->transctx;
    ssize_t len, num_identities;
    unsigned char *s;
    int rc;
    /* Create a request to list identities */
    if (transctx->state == agent_NB_state_init) {
      unsigned char c = SSH2_AGENTC_REQUEST_IDENTITIES;
      transctx->request = &c;
      transctx->request_len = 1;
      transctx->state = agent_NB_state_request_created;
    }
    /* Make sure to be re-called as a result of EAGAIN. */
    if (*transctx->request != SSH2_AGENTC_REQUEST_IDENTITIES) {
        return LIBSSH2_ERROR_BAD_USE;
    }
    rc = agent->ops->transact(agent, transctx);
    if (rc) {
        goto error;
    }
    transctx->request = NULL;
    len = transctx->response_len;
    s = transctx->response;
    len--;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    if (*s != SSH2_AGENT_IDENTITIES_ANSWER) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    s++;
    /* Read the length of identities */
    len -= 4;
    if (len < 0) {
        rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
        goto error;
    }
    num_identities = _libssh2_ntohu32(s);
    s += 4;
    while (num_identities--) {
        struct agent_publickey *identity;
        ssize_t comment_len;
        identity = LIBSSH2_ALLOC(agent->session, sizeof *identity);
        if (!identity) {
            rc = LIBSSH2_ERROR_ALLOC;
            goto error;
        }
        /* Read the length of the blob */
        len -= 4;
        if (len < 0) {
            rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
            goto error;
        }
        identity->external.blob_len = _libssh2_ntohu32(s);
        s += 4;
        /* Read the blob */
        len -= identity->external.blob_len;
        if (len < 0) {
            rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
            goto error;
        }
        identity->external.blob = LIBSSH2_ALLOC(agent->session,
                                                identity->external.blob_len);
        if (!identity->external.blob) {
            rc = LIBSSH2_ERROR_ALLOC;
            goto error;
        }
        memcpy(identity->external.blob, s, identity->external.blob_len);
        s += identity->external.blob_len;
        /* Read the length of the comment */
        len -= 4;
        if (len < 0) {
            rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
            goto error;
        }
        comment_len = _libssh2_ntohu32(s);
        s += 4;
        /* Read the comment */
        len -= comment_len;
        if (len < 0) {
            rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
            goto error;
        }
        identity->external.comment = LIBSSH2_ALLOC(agent->session,
                                                   comment_len + 1);
        if (!identity->external.comment) {
            rc = LIBSSH2_ERROR_ALLOC;
            goto error;
        }
        identity->external.comment[comment_len] = '\0';
        memcpy(identity->external.comment, s, comment_len);
        s += comment_len;
        _libssh2_list_add(&agent->head, &identity->node);
    }
 error:
    LIBSSH2_FREE(agent->session, transctx->response);
    transctx->response = NULL;
    return rc;
 }
 static void
 agent_free_identities(LIBSSH2_AGENT *agent) {
    struct agent_publickey *node;
    struct agent_publickey *next;
    for (node = _libssh2_list_first(&agent->head); node; node = next) {
        next = _libssh2_list_next(&node->node);
        LIBSSH2_FREE(agent->session, node->external.blob);
        LIBSSH2_FREE(agent->session, node->external.comment);
        LIBSSH2_FREE(agent->session, node);
    }
    _libssh2_list_init(&agent->head);
 }
 #define AGENT_PUBLICKEY_MAGIC 0x3bdefed2
 /*
 * agent_publickey_to_external()
 *
 * Copies data from the internal to the external representation struct.
 *
 */
 static struct libssh2_agent_publickey *
 agent_publickey_to_external(struct agent_publickey *node)
 {
    struct libssh2_agent_publickey *ext = &node->external;
    ext->magic = AGENT_PUBLICKEY_MAGIC;
    ext->node = node;
    return ext;
 }
 /*
 * libssh2_agent_init
 *
 * Init an ssh-agent handle. Returns the pointer to the handle.
 *
 */
 LIBSSH2_API LIBSSH2_AGENT *
 libssh2_agent_init(LIBSSH2_SESSION *session)
 {
    LIBSSH2_AGENT *agent;
    agent = LIBSSH2_ALLOC(session, sizeof *agent);
    if (!agent) {
        libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                      "Unable to allocate space for agent connection", 0);
        return NULL;
    }
    memset(agent, 0, sizeof *agent);
    agent->session = session;
    _libssh2_list_init(&agent->head);
    return agent;
 }
 /*
 * libssh2_agent_connect()
 *
 * Connect to an ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_connect(LIBSSH2_AGENT *agent)
 {
    int i, rc = -1;
    for (i = 0; supported_backends[i].name; i++) {
        agent->ops = supported_backends[i].ops;
        rc = agent->ops->connect(agent);
        if (!rc)
            return 0;
    }
    return rc;
 }
 /*
 * libssh2_agent_list_identities()
 *
 * Request ssh-agent to list identities.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_list_identities(LIBSSH2_AGENT *agent)
 {
    memset(&agent->transctx, 0, sizeof agent->transctx);
    /* Abondon the last fetched identities */
    agent_free_identities(agent);
    return agent_list_identities(agent);
 }
 /*
 * libssh2_agent_get_identity()
 *
 * Traverse the internal list of public keys. Pass NULL to 'prev' to get
 * the first one. Or pass a poiner to the previously returned one to get the
 * next.
 *
 * Returns:
 * 0 if a fine public key was stored in 'store'
 * 1 if end of public keys
 * [negative] on errors
 */
 LIBSSH2_API int
 libssh2_agent_get_identity(LIBSSH2_AGENT *agent,
                           struct libssh2_agent_publickey **ext,
                           struct libssh2_agent_publickey *oprev)
 {
    struct agent_publickey *node;
    if (oprev && oprev->node) {
        /* we have a starting point */
        struct agent_publickey *prev = oprev->node;
        /* get the next node in the list */
        node = _libssh2_list_next(&prev->node);
    }
    else
        node = _libssh2_list_first(&agent->head);
    if (!node)
        /* no (more) node */
        return 1;
    *ext = agent_publickey_to_external(node);
    return 0;
 }
 /*
 * libssh2_agent_userauth()
 *
 * Do publickey user authentication with the help of ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_userauth(LIBSSH2_AGENT *agent,
                       const char *username,
                       struct libssh2_agent_publickey *identity)
 {
    void *abstract = agent;
    if (agent->session->userauth_pblc_state == libssh2_NB_state_idle) {
        memset(&agent->transctx, 0, sizeof agent->transctx);
        agent->identity = identity->node;
    }
    return libssh2_userauth_publickey(agent->session, username,
 				      identity->blob,
 				      identity->blob_len,
 				      agent_sign,
 				      &abstract);
 }
 /*
 * libssh2_agent_disconnect()
 *
 * Close a connection to an ssh-agent.
 *
 * Returns 0 if succeeded, or a negative value for error.
 */
 LIBSSH2_API int
 libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
 {
    if (agent->ops && agent->fd != INVALID_SOCKET)
        return agent->ops->disconnect(agent);
    return 0;
 }
 /*
 * libssh2_agent_free()
 *
 * Free an ssh-agent handle.  This function also frees the internal
 * collection of public keys.
 */
 LIBSSH2_API void
 libssh2_agent_free(LIBSSH2_AGENT *agent) {
    /* Allow connection freeing when the socket has lost its connection */
    if (agent->fd != INVALID_SOCKET) {
        libssh2_agent_disconnect(agent);
    }
    agent_free_identities(agent);
    LIBSSH2_FREE(agent->session, agent);
 }
--- a/src/channel.c
+++ b/src/channel.c
--- a/src/channel.h
+++ b/src/channel.h
@@ -104,5 +104,17 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
                                 const char *request, unsigned int request_len,
                                 const char *message, unsigned int message_len);
 /*
 * _libssh2_channel_read
 *
 * Read data from a channel
 *
 * It is important to not return 0 until the currently read channel is
 * complete. If we read stuff from the wire but it was no payload data to fill
 * in the buffer with, we MUST make sure to return PACKET_EAGAIN.
 */
 ssize_t _libssh2_channel_read(LIBSSH2_CHANNEL *channel, int stream_id,
                              char *buf, size_t buflen);
 #endif /* __LIBSSH2_CHANNEL_H */
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -1,4 +1,5 @@
-/* Copyright (c) 2004-2007, Sara Golemon <sarag@libssh2.org>
+/* Copyright (c) 2009 Simon Josefsson <simon@josefsson.org>
 * Copyright (c) 2004-2007, Sara Golemon <sarag@libssh2.org>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -114,6 +115,44 @@ crypt_dtor(LIBSSH2_SESSION * session, void **abstract)
    return 0;
 }
 #if LIBSSH2_AES_CTR
 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_ctr = {
    "aes128-ctr",
    16,                         /* blocksize */
    16,                         /* initial value length */
    16,                         /* secret length -- 16*8 == 128bit */
    0,                          /* flags */
    &crypt_init,
    &crypt_encrypt,
    &crypt_dtor,
    _libssh2_cipher_aes128ctr
 };
 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes192_ctr = {
    "aes192-ctr",
    16,                         /* blocksize */
    16,                         /* initial value length */
    24,                         /* secret length -- 24*8 == 192bit */
    0,                          /* flags */
    &crypt_init,
    &crypt_encrypt,
    &crypt_dtor,
    _libssh2_cipher_aes192ctr
 };
 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes256_ctr = {
    "aes256-ctr",
    16,                         /* blocksize */
    16,                         /* initial value length */
    32,                         /* secret length -- 32*8 == 256bit */
    0,                          /* flags */
    &crypt_init,
    &crypt_encrypt,
    &crypt_dtor,
    _libssh2_cipher_aes256ctr
 };
 #endif
 #if LIBSSH2_AES
 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_aes128_cbc = {
    "aes128-cbc",
@@ -192,6 +231,40 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_arcfour = {
    &crypt_dtor,
    _libssh2_cipher_arcfour
 };
 static int
 crypt_init_arcfour128(LIBSSH2_SESSION * session,
                      const LIBSSH2_CRYPT_METHOD * method,
                      unsigned char *iv, int *free_iv,
                      unsigned char *secret, int *free_secret,
                      int encrypt, void **abstract)
 {
    int rc;
    rc = crypt_init (session, method, iv, free_iv, secret, free_secret,
 		     encrypt, abstract);
    if (rc == 0) {
 	struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
 	unsigned char block[8];
 	size_t discard = 1536;
 	for (; discard; discard -= 8)
 	    _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
    }
    return rc;
 }
 static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_arcfour128 = {
    "arcfour128",
    8,                          /* blocksize */
    8,                          /* initial value length */
    16,                         /* secret length */
    0,                          /* flags */
    &crypt_init_arcfour128,
    &crypt_encrypt,
    &crypt_dtor,
    _libssh2_cipher_arcfour
 };
 #endif /* LIBSSH2_RC4 */
 #if LIBSSH2_CAST
@@ -223,6 +296,11 @@ static const LIBSSH2_CRYPT_METHOD libssh2_crypt_method_3des_cbc = {
 #endif
 static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
 #if LIBSSH2_AES_CTR
  &libssh2_crypt_method_aes128_ctr,
  &libssh2_crypt_method_aes192_ctr,
  &libssh2_crypt_method_aes256_ctr,
 #endif /* LIBSSH2_AES */
 #if LIBSSH2_AES
    &libssh2_crypt_method_aes256_cbc,
    &libssh2_crypt_method_rijndael_cbc_lysator_liu_se,  /* == aes256-cbc */
@@ -233,6 +311,7 @@ static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
    &libssh2_crypt_method_blowfish_cbc,
 #endif /* LIBSSH2_BLOWFISH */
 #if LIBSSH2_RC4
    &libssh2_crypt_method_arcfour128,
    &libssh2_crypt_method_arcfour,
 #endif /* LIBSSH2_RC4 */
 #if LIBSSH2_CAST
--- a/src/hostkey.c
+++ b/src/hostkey.c
@@ -1,4 +1,5 @@
 /* Copyright (c) 2004-2006, Sara Golemon <sarag@libssh2.org>
 * Copyright (c) 2009 by Daniel Stenberg
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -36,6 +37,7 @@
 */
 #include "libssh2_priv.h"
 #include "misc.h"
 /* Needed for struct iovec on some platforms */
 #ifdef HAVE_SYS_UIO_H
@@ -112,7 +114,6 @@ hostkey_method_ssh_rsa_initPEM(LIBSSH2_SESSION * session,
                               void **abstract)
 {
    libssh2_rsa_ctx *rsactx;
    FILE *fp;
    int ret;
    if (*abstract) {
@@ -120,13 +121,7 @@ hostkey_method_ssh_rsa_initPEM(LIBSSH2_SESSION * session,
        *abstract = NULL;
    }
-    fp = fopen(privkeyfile, "r");
+    ret = _libssh2_rsa_new_private(&rsactx, session, privkeyfile, passphrase);
    if (!fp) {
        return -1;
    }
    ret = _libssh2_rsa_new_private(&rsactx, session, fp, passphrase);
    fclose(fp);
    if (ret) {
        return -1;
    }
@@ -294,7 +289,6 @@ hostkey_method_ssh_dss_initPEM(LIBSSH2_SESSION * session,
                               void **abstract)
 {
    libssh2_dsa_ctx *dsactx;
    FILE *fp;
    int ret;
    if (*abstract) {
@@ -302,13 +296,7 @@ hostkey_method_ssh_dss_initPEM(LIBSSH2_SESSION * session,
        *abstract = NULL;
    }
-    fp = fopen(privkeyfile, "r");
+    ret = _libssh2_dsa_new_private(&dsactx, session, privkeyfile, passphrase);
    if (!fp) {
        return -1;
    }
    ret = _libssh2_dsa_new_private(&dsactx, session, fp, passphrase);
    fclose(fp);
    if (ret) {
        return -1;
    }
@@ -453,3 +441,47 @@ libssh2_hostkey_hash(LIBSSH2_SESSION * session, int hash_type)
        return NULL;
    }
 }
 static int hostkey_type(const unsigned char *hostkey, size_t len)
 {
    const unsigned char rsa[] = {
        0, 0, 0, 0x07, 's', 's', 'h', '-', 'r', 's', 'a'
    };
    const unsigned char dss[] = {
        0, 0, 0, 0x07, 's', 's', 'h', '-', 'd', 's', 's'
    };
    if (len < 11)
        return LIBSSH2_HOSTKEY_TYPE_UNKNOWN;
    if (!memcmp(rsa, hostkey, 11))
        return LIBSSH2_HOSTKEY_TYPE_RSA;
    if (!memcmp(dss, hostkey, 11))
        return LIBSSH2_HOSTKEY_TYPE_DSS;
    return LIBSSH2_HOSTKEY_TYPE_UNKNOWN;
 }
 /*
 * libssh2_session_hostkey()
 *
 * Returns the server key and length.
 *
 */
 LIBSSH2_API const char *
 libssh2_session_hostkey(LIBSSH2_SESSION *session, size_t *len, int *type)
 {
    if(session->server_hostkey_len) {
        if(len)
            *len = session->server_hostkey_len;
        if (type)
            *type = hostkey_type(session->server_hostkey,
                                 session->server_hostkey_len);
        return (char *) session->server_hostkey;
    }
    if(len)
        *len = 0;
    return NULL;
 }
--- a/src/kex.c
+++ b/src/kex.c
@@ -69,22 +69,20 @@
        }                                                                   \
 }
-/* kex_method_diffie_hellman_groupGP_sha1_key_exchange
+/*
 * diffie_hellman_sha1
 *
 * Diffie Hellman Key Exchange, Group Agnostic
 */
-static int
+static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
-kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
+                               _libssh2_bn *g,
-                                                    _libssh2_bn * g,
+                               _libssh2_bn *p,
-                                                    _libssh2_bn * p,
+                               int group_order,
-                                                    int group_order,
+                               unsigned char packet_type_init,
-                                                    unsigned char
+                               unsigned char packet_type_reply,
-                                                    packet_type_init,
+                               unsigned char *midhash,
-                                                    unsigned char
+                               unsigned long midhash_len,
-                                                    packet_type_reply,
+                               kmdhgGPsha1kex_state_t *exchange_state)
                                                    unsigned char *midhash,
                                                    unsigned long midhash_len,
                                                    kmdhgGPsha1kex_state_t
                                                    * exchange_state)
 {
    int ret = 0;
    int rc;
@@ -122,7 +120,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
        if (!exchange_state->e_packet) {
            libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Out of memory error",
                          0);
-            ret = -1;
+            ret = LIBSSH2_ERROR_ALLOC;
            goto clean_exit;
        }
        exchange_state->e_packet[0] = packet_type_init;
@@ -137,7 +135,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                               exchange_state->e_packet + 6);
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sending KEX packet %d",
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending KEX packet %d",
                       (int) packet_type_init);
        exchange_state->state = libssh2_NB_state_created;
    }
@@ -146,11 +144,11 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
        rc = _libssh2_transport_write(session, exchange_state->e_packet,
                                      exchange_state->e_packet_len);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+            libssh2_error(session, rc,
                          "Unable to send KEX init message", 0);
-            ret = -1;
+            ret = rc;
            goto clean_exit;
        }
        exchange_state->state = libssh2_NB_state_sent;
@@ -163,20 +161,20 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
             * need to silently ignore it */
            int burn_type;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX,
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                           "Waiting for badly guessed KEX packet (to be ignored)");
            burn_type =
                _libssh2_packet_burn(session, &exchange_state->burn_state);
            if (burn_type == PACKET_EAGAIN) {
-                return PACKET_EAGAIN;
+                return burn_type;
            } else if (burn_type <= 0) {
                /* Failed to receive a packet */
-                ret = -1;
+                ret = burn_type;
                goto clean_exit;
            }
            session->burn_optimistic_kexinit = 0;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX,
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                           "Burnt packet of type: %02x",
                           (unsigned int) burn_type);
        }
@@ -191,12 +189,12 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                     &exchange_state->s_packet_len, 0, NULL,
                                     0, &exchange_state->req_state);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        }
        if (rc) {
            libssh2_error(session, LIBSSH2_ERROR_TIMEOUT,
                          "Timed out waiting for KEX reply", 0);
-            ret = -1;
+            ret = rc;
            goto clean_exit;
        }
@@ -211,7 +209,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
            libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                          "Unable to allocate memory for a copy of the host key",
                          0);
-            ret = -1;
+            ret = LIBSSH2_ERROR_ALLOC;
            goto clean_exit;
        }
        memcpy(session->server_hostkey, exchange_state->s,
@@ -235,7 +233,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]);
            }
            *(--fprint) = '\0';
-            _libssh2_debug(session, LIBSSH2_DBG_KEX,
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                           "Server's MD5 Fingerprint: %s", fingerprint);
        }
 #endif /* LIBSSH2DEBUG */
@@ -258,17 +256,17 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]);
            }
            *(--fprint) = '\0';
-            _libssh2_debug(session, LIBSSH2_DBG_KEX,
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                           "Server's SHA1 Fingerprint: %s", fingerprint);
        }
 #endif /* LIBSSH2DEBUG */
-        if (session->hostkey->
+        if (session->hostkey->init(session, session->server_hostkey,
-            init(session, session->server_hostkey, session->server_hostkey_len,
+                                   session->server_hostkey_len,
-                 &session->server_hostkey_abstract)) {
+                                   &session->server_hostkey_abstract)) {
            libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT,
                          "Unable to initialize hostkey importer", 0);
-            ret = -1;
+            ret = LIBSSH2_ERROR_HOSTKEY_INIT;
            goto clean_exit;
        }
@@ -296,7 +294,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
        if (!exchange_state->k_value) {
            libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                          "Unable to allocate buffer for K", 0);
-            ret = -1;
+            ret = LIBSSH2_ERROR_ALLOC;
            goto clean_exit;
        }
        _libssh2_htonu32(exchange_state->k_value,
@@ -412,7 +410,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
            goto clean_exit;
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sending NEWKEYS message");
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending NEWKEYS message");
        exchange_state->c = SSH_MSG_NEWKEYS;
        exchange_state->state = libssh2_NB_state_sent2;
@@ -421,11 +419,10 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
    if (exchange_state->state == libssh2_NB_state_sent2) {
        rc = _libssh2_transport_write(session, &exchange_state->c, 1);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+            libssh2_error(session, rc, "Unable to send NEWKEYS message", 0);
-                          "Unable to send NEWKEYS message", 0);
+            ret = rc;
            ret = -1;
            goto clean_exit;
        }
@@ -438,17 +435,16 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                     &exchange_state->tmp_len, 0, NULL, 0,
                                     &exchange_state->req_state);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_TIMEOUT,
+            libssh2_error(session, rc, "Timed out waiting for NEWKEYS", 0);
-                          "Timed out waiting for NEWKEYS", 0);
+            ret = rc;
            ret = -1;
            goto clean_exit;
        }
        /* The first key exchange has been performed,
           switch to active crypt/comp/mac mode */
        session->state |= LIBSSH2_STATE_NEWKEYS;
-        _libssh2_debug(session, LIBSSH2_DBG_KEX, "Received NEWKEYS message");
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Received NEWKEYS message");
        /* This will actually end up being just packet_type(1)
           for this packet type anyway */
@@ -457,13 +453,15 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
        if (!session->session_id) {
            session->session_id = LIBSSH2_ALLOC(session, SHA_DIGEST_LENGTH);
            if (!session->session_id) {
-                ret = -1;
+                libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                              "Unable to allocate buffer for SHA digest", 0);
                ret = LIBSSH2_ERROR_ALLOC;
                goto clean_exit;
            }
            memcpy(session->session_id, exchange_state->h_sig_comp,
                   SHA_DIGEST_LENGTH);
            session->session_id_len = SHA_DIGEST_LENGTH;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "session_id calculated");
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "session_id calculated");
        }
        /* Cleanup any existing cipher */
@@ -489,7 +487,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                                        secret_len, "C");
            if (!secret) {
                LIBSSH2_FREE(session, iv);
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
            if (session->local.crypt->
@@ -497,7 +495,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                     &free_secret, 1, &session->local.crypt_abstract)) {
                LIBSSH2_FREE(session, iv);
                LIBSSH2_FREE(session, secret);
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
@@ -511,7 +509,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                LIBSSH2_FREE(session, secret);
            }
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Client to Server IV and Key calculated");
        if (session->remote.crypt->dtor) {
@@ -528,7 +526,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                                        session->remote.crypt->
                                                        iv_len, "B");
            if (!iv) {
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA1_HASH(secret,
@@ -536,7 +534,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                                        secret_len, "D");
            if (!secret) {
                LIBSSH2_FREE(session, iv);
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
            if (session->remote.crypt->
@@ -544,7 +542,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                     &free_secret, 0, &session->remote.crypt_abstract)) {
                LIBSSH2_FREE(session, iv);
                LIBSSH2_FREE(session, secret);
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
@@ -558,7 +556,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                LIBSSH2_FREE(session, secret);
            }
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Server to Client IV and Key calculated");
        if (session->local.mac->dtor) {
@@ -573,7 +571,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                                        session->local.mac->
                                                        key_len, "E");
            if (!key) {
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
            session->local.mac->init(session, key, &free_key,
@@ -584,7 +582,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                LIBSSH2_FREE(session, key);
            }
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Client to Server HMAC Key calculated");
        if (session->remote.mac->dtor) {
@@ -599,7 +597,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                                                        session->remote.mac->
                                                        key_len, "F");
            if (!key) {
-                ret = -1;
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
                goto clean_exit;
            }
            session->remote.mac->init(session, key, &free_key,
@@ -610,7 +608,7 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
                LIBSSH2_FREE(session, key);
            }
        }
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Server to Client HMAC Key calculated");
    }
@@ -641,11 +639,6 @@ kex_method_diffie_hellman_groupGP_sha1_key_exchange(LIBSSH2_SESSION *session,
        exchange_state->k_value = NULL;
    }
    if (session->server_hostkey) {
        LIBSSH2_FREE(session, session->server_hostkey);
        session->server_hostkey = NULL;
    }
    exchange_state->state = libssh2_NB_state_idle;
    return ret;
@@ -691,23 +684,16 @@ kex_method_diffie_hellman_group1_sha1_key_exchange(LIBSSH2_SESSION *session,
        _libssh2_bn_set_word(key_state->g, 2);
        _libssh2_bn_from_bin(key_state->p, 128, p_value);
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Initiating Diffie-Hellman Group1 Key Exchange");
        key_state->state = libssh2_NB_state_created;
    }
-
+    ret = diffie_hellman_sha1(session, key_state->g, key_state->p, 128,
-    ret =
+                              SSH_MSG_KEXDH_INIT, SSH_MSG_KEXDH_REPLY,
-        kex_method_diffie_hellman_groupGP_sha1_key_exchange(session,
+                              NULL, 0, &key_state->exchange_state);
                                                            key_state->g,
                                                            key_state->p, 128,
                                                            SSH_MSG_KEXDH_INIT,
                                                            SSH_MSG_KEXDH_REPLY,
                                                            NULL, 0,
                                                            &key_state->
                                                            exchange_state);
    if (ret == PACKET_EAGAIN) {
-        return PACKET_EAGAIN;
+        return ret;
    }
    _libssh2_bn_free(key_state->p);
@@ -774,23 +760,16 @@ kex_method_diffie_hellman_group14_sha1_key_exchange(LIBSSH2_SESSION *session,
        _libssh2_bn_set_word(key_state->g, 2);
        _libssh2_bn_from_bin(key_state->p, 256, p_value);
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Initiating Diffie-Hellman Group14 Key Exchange");
        key_state->state = libssh2_NB_state_created;
    }
-    ret =
+    ret = diffie_hellman_sha1(session, key_state->g, key_state->p,
-        kex_method_diffie_hellman_groupGP_sha1_key_exchange(session,
+                              256, SSH_MSG_KEXDH_INIT, SSH_MSG_KEXDH_REPLY,
-                                                            key_state->g,
+                              NULL, 0, &key_state->exchange_state);
                                                            key_state->p,
                                                            256,
                                                            SSH_MSG_KEXDH_INIT,
                                                            SSH_MSG_KEXDH_REPLY,
                                                            NULL, 0,
                                                            &key_state->
                                                            exchange_state);
    if (ret == PACKET_EAGAIN) {
-        return PACKET_EAGAIN;
+        return ret;
    }
    key_state->state = libssh2_NB_state_idle;
@@ -827,13 +806,13 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange
        _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP);
        _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP);
        key_state->request_len = 13;
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Initiating Diffie-Hellman Group-Exchange (New Method)");
 #else
        key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST_OLD;
        _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_OPTGROUP);
        key_state->request_len = 5;
-        _libssh2_debug(session, LIBSSH2_DBG_KEX,
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
                       "Initiating Diffie-Hellman Group-Exchange (Old Method)");
 #endif
@@ -844,11 +823,11 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange
        rc = _libssh2_transport_write(session, key_state->request,
                                   key_state->request_len);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+            libssh2_error(session, rc,
                          "Unable to send Group Exchange Request", 0);
-            ret = -1;
+            ret = rc;
            goto dh_gex_clean_exit;
        }
@@ -860,11 +839,11 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange
                                     &key_state->data, &key_state->data_len,
                                     0, NULL, 0, &key_state->req_state);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_TIMEOUT,
+            libssh2_error(session, rc,
                          "Timeout waiting for GEX_GROUP reply", 0);
-            ret = -1;
+            ret = rc;
            goto dh_gex_clean_exit;
        }
@@ -883,14 +862,14 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange
        _libssh2_bn_from_bin(key_state->g, g_len, s);
        s += g_len;
-        ret =
+        ret = diffie_hellman_sha1(session, key_state->g, key_state->p, p_len,
-            kex_method_diffie_hellman_groupGP_sha1_key_exchange
+                                  SSH_MSG_KEX_DH_GEX_INIT,
-            (session, key_state->g, key_state->p, p_len,
+                                  SSH_MSG_KEX_DH_GEX_REPLY,
-             SSH_MSG_KEX_DH_GEX_INIT, SSH_MSG_KEX_DH_GEX_REPLY,
+                                  key_state->data + 1,
-             key_state->data + 1, key_state->data_len - 1,
+                                  key_state->data_len - 1,
-             &key_state->exchange_state);
+                                  &key_state->exchange_state);
        if (ret == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return ret;
        }
        LIBSSH2_FREE(session, key_state->data);
@@ -1061,7 +1040,7 @@ static int kexinit(LIBSSH2_SESSION * session)
        if (!data) {
            libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                          "Unable to allocate memory", 0);
-            return -1;
+            return LIBSSH2_ERROR_ALLOC;
        }
        *(s++) = SSH_MSG_KEXINIT;
@@ -1111,25 +1090,25 @@ static int kexinit(LIBSSH2_SESSION * session)
            /* Funnily enough, they'll all "appear" to be '\0' terminated */
            unsigned char *p = data + 21;       /* type(1) + cookie(16) + len(4) */
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent KEX: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent KEX: %s", p);
            p += kex_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent HOSTKEY: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent HOSTKEY: %s", p);
            p += hostkey_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent CRYPT_CS: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent CRYPT_CS: %s", p);
            p += crypt_cs_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent CRYPT_SC: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent CRYPT_SC: %s", p);
            p += crypt_sc_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent MAC_CS: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent MAC_CS: %s", p);
            p += mac_cs_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent MAC_SC: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent MAC_SC: %s", p);
            p += mac_sc_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent COMP_CS: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent COMP_CS: %s", p);
            p += comp_cs_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent COMP_SC: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent COMP_SC: %s", p);
            p += comp_sc_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent LANG_CS: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent LANG_CS: %s", p);
            p += lang_cs_len + 4;
-            _libssh2_debug(session, LIBSSH2_DBG_KEX, "Sent LANG_SC: %s", p);
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sent LANG_SC: %s", p);
            p += lang_sc_len + 4;
        }
 #endif /* LIBSSH2DEBUG */
@@ -1144,14 +1123,14 @@ static int kexinit(LIBSSH2_SESSION * session)
    if (rc == PACKET_EAGAIN) {
        session->kexinit_data = data;
        session->kexinit_data_len = data_len;
-        return PACKET_EAGAIN;
+        return rc;
    }
    else if (rc) {
        LIBSSH2_FREE(session, data);
-        libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+        libssh2_error(session, rc,
                      "Unable to send KEXINIT packet to remote host", 0);
        session->kexinit_state = libssh2_NB_state_idle;
-        return -1;
+        return rc;
    }
    if (session->local.kexinit) {
@@ -1628,24 +1607,24 @@ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
        return -1;
    }
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on KEX method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on KEX method: %s",
                   session->kex->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on HOSTKEY method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on HOSTKEY method: %s",
                   session->hostkey->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on CRYPT_CS method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on CRYPT_CS method: %s",
                   session->local.crypt->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on CRYPT_SC method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on CRYPT_SC method: %s",
                   session->remote.crypt->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on MAC_CS method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on MAC_CS method: %s",
                   session->local.mac->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on MAC_SC method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on MAC_SC method: %s",
                   session->remote.mac->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on COMP_CS method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on COMP_CS method: %s",
                   session->local.comp->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on COMP_SC method: %s",
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on COMP_SC method: %s",
                   session->remote.comp->name);
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on LANG_CS method:");      /* None yet */
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on LANG_CS method:");      /* None yet */
-    _libssh2_debug(session, LIBSSH2_DBG_KEX, "Agreed on LANG_SC method:");      /* None yet */
+    _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Agreed on LANG_SC method:");      /* None yet */
    /* Initialize compression layer */
    if (session->local.comp && session->local.comp->init &&
@@ -1667,6 +1646,8 @@ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
 /* libssh2_kex_exchange
 * Exchange keys
 * Returns 0 on success, non-zero on failure
 *
 * Returns some errors without libssh2_error()
 */
 int
 libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
@@ -1709,7 +1690,7 @@ libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
            retcode = kexinit(session);
            if (retcode == PACKET_EAGAIN) {
                session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
-                return PACKET_EAGAIN;
+                return retcode;
            } else if (retcode) {
                session->local.kexinit = key_state->oldlocal;
                session->local.kexinit_len = key_state->oldlocal_len;
@@ -1730,7 +1711,7 @@ libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
                                        &key_state->req_state);
            if (retcode == PACKET_EAGAIN) {
                session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
-                return PACKET_EAGAIN;
+                return retcode;
            }
            else if (retcode) {
                if (session->local.kexinit) {
@@ -1751,9 +1732,8 @@ libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
            session->remote.kexinit_len = key_state->data_len;
            if (kex_agree_methods(session, key_state->data,
-                                  key_state->data_len)) {
+                                  key_state->data_len))
-                rc = -1;
+                rc = LIBSSH2_ERROR_KEX_FAILURE;
            }
            key_state->state = libssh2_NB_state_sent2;
        }
@@ -1763,16 +1743,15 @@ libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
    if (rc == 0) {
        if (key_state->state == libssh2_NB_state_sent2) {
-            retcode =
+            retcode = session->kex->exchange_keys(session,
-                session->kex->exchange_keys(session,
+                                                  &key_state->key_state_low);
                                            &key_state->key_state_low);
            if (retcode == PACKET_EAGAIN) {
                session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
-                return PACKET_EAGAIN;
+                return retcode;
            } else if (retcode) {
                libssh2_error(session, LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE,
                              "Unrecoverable error exchanging keys", 0);
-                rc = -1;
+                rc = retcode;
            }
        }
    }
--- a/src/knownhost.c
+++ b/src/knownhost.c
@@ -0,0 +1,843 @@
 /*
 * Copyright (c) 2009 by Daniel Stenberg
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
 * with or without modification, are permitted provided
 * that the following conditions are met:
 *
 *   Redistributions of source code must retain the above
 *   copyright notice, this list of conditions and the
 *   following disclaimer.
 *
 *   Redistributions in binary form must reproduce the above
 *   copyright notice, this list of conditions and the following
 *   disclaimer in the documentation and/or other materials
 *   provided with the distribution.
 *
 *   Neither the name of the copyright holder nor the names
 *   of any other contributors may be used to endorse or
 *   promote products derived from this software without
 *   specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
 * OF SUCH DAMAGE.
 */
 #include "libssh2_priv.h"
 #include "misc.h"
 struct known_host {
    struct list_node node;
    char *name;      /* points to the name or the hash (allocated) */
    size_t name_len; /* needed for hashed data */
    int typemask;    /* plain, sha1, custom, ... */
    char *salt;      /* points to binary salt (allocated) */
    size_t salt_len; /* size of salt */
    char *key;       /* the (allocated) associated key. This is kept base64
                        encoded in memory. */
    /* this is the struct we expose externally */
    struct libssh2_knownhost external;
 };
 struct _LIBSSH2_KNOWNHOSTS
 {
    LIBSSH2_SESSION *session;  /* the session this "belongs to" */
    struct list_head head;
 };
 static void free_host(LIBSSH2_SESSION *session, struct known_host *entry)
 {
    if(entry) {
        if(entry->key)
            LIBSSH2_FREE(session, entry->key);
        if(entry->salt)
            LIBSSH2_FREE(session, entry->salt);
        if(entry->name)
            LIBSSH2_FREE(session, entry->name);
        LIBSSH2_FREE(session, entry);
    }
 }
 /*
 * libssh2_knownhost_init
 *
 * Init a collection of known hosts. Returns the pointer to a collection.
 *
 */
 LIBSSH2_API LIBSSH2_KNOWNHOSTS *
 libssh2_knownhost_init(LIBSSH2_SESSION *session)
 {
    LIBSSH2_KNOWNHOSTS *knh =
        LIBSSH2_ALLOC(session, sizeof(struct _LIBSSH2_KNOWNHOSTS));
    if(!knh)
        return NULL;
    knh->session = session;
    _libssh2_list_init(&knh->head);
    return knh;
 }
 #define KNOWNHOST_MAGIC 0xdeadcafe
 /*
 * knownhost_to_external()
 *
 * Copies data from the internal to the external representation struct.
 *
 */
 static struct libssh2_knownhost *knownhost_to_external(struct known_host *node)
 {
    struct libssh2_knownhost *ext = &node->external;
    ext->magic = KNOWNHOST_MAGIC;
    ext->node = node;
    ext->name = ((node->typemask & LIBSSH2_KNOWNHOST_TYPE_MASK) ==
                 LIBSSH2_KNOWNHOST_TYPE_PLAIN)? node->name:NULL;
    ext->key = node->key;
    ext->typemask = node->typemask;
    return ext;
 }
 /*
 * libssh2_knownhost_add
 *
 * Add a host and its associated key to the collection of known hosts.
 *
 * The 'type' argument specifies on what format the given host and keys are:
 *
 * plain  - ascii "hostname.domain.tld"
 * sha1   - SHA1(<salt> <host>) base64-encoded!
 * custom - another hash
 *
 * If 'sha1' is selected as type, the salt must be provided to the salt
 * argument. This too base64 encoded.
 *
 * The SHA-1 hash is what OpenSSH can be told to use in known_hosts files.  If
 * a custom type is used, salt is ignored and you must provide the host
 * pre-hashed when checking for it in the libssh2_knownhost_check() function.
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
                      const char *host, const char *salt,
                      const char *key, size_t keylen,
                      int typemask, struct libssh2_knownhost **store)
 {
    struct known_host *entry =
        LIBSSH2_ALLOC(hosts->session, sizeof(struct known_host));
    size_t hostlen = strlen(host);
    int rc = LIBSSH2_ERROR_ALLOC;
    char *ptr;
    unsigned int ptrlen;
    if(!entry)
        return rc;
    if(!(typemask & LIBSSH2_KNOWNHOST_KEY_MASK))
        /* make sure we have a key type set */
        return LIBSSH2_ERROR_INVAL;
    memset(entry, 0, sizeof(struct known_host));
    entry->typemask = typemask;
    switch(entry->typemask  & LIBSSH2_KNOWNHOST_TYPE_MASK) {
    case LIBSSH2_KNOWNHOST_TYPE_PLAIN:
    case LIBSSH2_KNOWNHOST_TYPE_CUSTOM:
        entry->name = LIBSSH2_ALLOC(hosts->session, hostlen+1);
        if(!entry)
            goto error;
        memcpy(entry->name, host, hostlen+1);
        break;
    case LIBSSH2_KNOWNHOST_TYPE_SHA1:
        rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
                                   host, hostlen);
        if(rc)
            goto error;
        entry->name = ptr;
        entry->name_len = ptrlen;
        rc = libssh2_base64_decode(hosts->session, &ptr, &ptrlen,
                                   salt, strlen(salt));
        if(rc)
            goto error;
        entry->salt = ptr;
        entry->salt_len = ptrlen;
        break;
    default:
        rc = LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
        goto error;
    }
    if(typemask & LIBSSH2_KNOWNHOST_KEYENC_BASE64) {
        /* the provided key is base64 encoded already */
        if(!keylen)
            keylen = strlen(key);
        entry->key = LIBSSH2_ALLOC(hosts->session, keylen+1);
        if(!entry)
            goto error;
        memcpy(entry->key, key, keylen+1);
        entry->key[keylen]=0; /* force a terminating zero trailer */
    }
    else {
        /* key is raw, we base64 encode it and store it as such */
        size_t nlen = _libssh2_base64_encode(hosts->session, key, keylen,
                                             &ptr);
        if(!nlen)
            goto error;
        entry->key = ptr;
    }
    /* add this new host to the big list of known hosts */
    _libssh2_list_add(&hosts->head, &entry->node);
    if(store)
        *store = knownhost_to_external(entry);
    return LIBSSH2_ERROR_NONE;
  error:
    free_host(hosts->session, entry);
    return rc;
 }
 /*
 * libssh2_knownhost_check
 *
 * Check a host and its associated key against the collection of known hosts.
 *
 * The typemask is the type/format of the given host name and key
 *
 * plain  - ascii "hostname.domain.tld"
 * sha1   - NOT SUPPORTED AS INPUT
 * custom - prehashed base64 encoded. Note that this cannot use any salts.
 *
 * Returns:
 *
 * LIBSSH2_KNOWNHOST_CHECK_FAILURE
 * LIBSSH2_KNOWNHOST_CHECK_NOTFOUND
 * LIBSSH2_KNOWNHOST_CHECK_MATCH
 * LIBSSH2_KNOWNHOST_CHECK_MISMATCH
 */
 LIBSSH2_API int
 libssh2_knownhost_check(LIBSSH2_KNOWNHOSTS *hosts,
                        const char *host, const char *key, size_t keylen,
                        int typemask,
                        struct libssh2_knownhost **ext)
 {
    struct known_host *node = _libssh2_list_first(&hosts->head);
    struct known_host *badkey = NULL;
    int type = typemask & LIBSSH2_KNOWNHOST_TYPE_MASK;
    char *keyalloc = NULL;
    int rc = LIBSSH2_KNOWNHOST_CHECK_NOTFOUND;
    if(type == LIBSSH2_KNOWNHOST_TYPE_SHA1)
        /* we can't work with a sha1 as given input */
        return LIBSSH2_KNOWNHOST_CHECK_MISMATCH;
    if(!(typemask & LIBSSH2_KNOWNHOST_KEYENC_BASE64)) {
        /* we got a raw key input, convert it to base64 for the checks below */
        size_t nlen = _libssh2_base64_encode(hosts->session, key, keylen,
                                             &keyalloc);
        if(!nlen)
            return LIBSSH2_KNOWNHOST_CHECK_FAILURE;
        /* make the key point to this */
        key = keyalloc;
        keylen = nlen;
    }
    while (node) {
        int match = 0;
        switch(node->typemask & LIBSSH2_KNOWNHOST_TYPE_MASK) {
        case LIBSSH2_KNOWNHOST_TYPE_PLAIN:
            if(type == LIBSSH2_KNOWNHOST_TYPE_PLAIN)
                match = !strcmp(host, node->name);
            break;
        case LIBSSH2_KNOWNHOST_TYPE_CUSTOM:
            if(type == LIBSSH2_KNOWNHOST_TYPE_CUSTOM)
                match = !strcmp(host, node->name);
            break;
        case LIBSSH2_KNOWNHOST_TYPE_SHA1:
            if(type == LIBSSH2_KNOWNHOST_TYPE_PLAIN) {
                /* when we have the sha1 version stored, we can use a plain
                   input to produce a hash to compare with the stored hash.
                */
                libssh2_hmac_ctx ctx;
                unsigned char hash[SHA_DIGEST_LENGTH];
                if(SHA_DIGEST_LENGTH != node->name_len) {
                    /* the name hash length must be the sha1 size or
                       we can't match it */
                    break;
                }
                libssh2_hmac_sha1_init(&ctx, node->salt, node->salt_len);
                libssh2_hmac_update(ctx, (unsigned char *)host, strlen(host));
                libssh2_hmac_final(ctx, hash);
                libssh2_hmac_cleanup(&ctx);
                if(!memcmp(hash, node->name, SHA_DIGEST_LENGTH))
                    /* this is a node we're interested in */
                    match = 1;
            }
            break;
        default: /* unsupported type */
            break;
        }
        if(match) {
            /* host name match, now compare the keys */
            if(!strcmp(key, node->key)) {
                /* they match! */
                *ext = knownhost_to_external(node);
                badkey = NULL;
                rc = LIBSSH2_KNOWNHOST_CHECK_MATCH;
                break;
            }
            else {
                /* remember the first node that had a host match but a failed
                   key match since we continue our search from here */
                if(!badkey)
                    badkey = node;
            }
        }
        node= _libssh2_list_next(&node->node);
    }
    if(badkey) {
        /* key mismatch */
        *ext = knownhost_to_external(badkey);
        rc = LIBSSH2_KNOWNHOST_CHECK_MISMATCH;
    }
    if(keyalloc)
        LIBSSH2_FREE(hosts->session, keyalloc);
    return rc;
 }
 /*
 * libssh2_knownhost_del
 *
 * Remove a host from the collection of known hosts.
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_del(LIBSSH2_KNOWNHOSTS *hosts,
                      struct libssh2_knownhost *entry)
 {
    struct known_host *node;
    if(!entry || (entry->magic != KNOWNHOST_MAGIC))
        /* check that this was retrieved the right way or get out */
        return LIBSSH2_ERROR_INVAL;
    /* get the internal node pointer */
    node = entry->node;
    /* unlink from the list of all hosts */
    _libssh2_list_remove(&node->node);
    /* free all resources */
    free_host(hosts->session, node);
    /* clear the struct now since this host entry has been removed! */
    memset(entry, 0, sizeof(struct libssh2_knownhost));
    return 0;
 }
 /*
 * libssh2_knownhost_free
 *
 * Free an entire collection of known hosts.
 *
 */
 LIBSSH2_API void
 libssh2_knownhost_free(LIBSSH2_KNOWNHOSTS *hosts)
 {
    struct known_host *node;
    struct known_host *next;
    for(node = _libssh2_list_first(&hosts->head); node; node = next) {
        next = _libssh2_list_next(&node->node);
        free_host(hosts->session, node);
    }
    LIBSSH2_FREE(hosts->session, hosts);
 }
 /*
 * hostline()
 *
 * Parse a single known_host line pre-split into host and key.
 *
 */
 static int hostline(LIBSSH2_KNOWNHOSTS *hosts,
                    const char *host, size_t hostlen,
                    const char *key, size_t keylen)
 {
    const char *p;
    const char *orig = host;
    const char *salt = NULL;
    int rc;
    int type = LIBSSH2_KNOWNHOST_TYPE_PLAIN;
    const char *sep = NULL;
    size_t seplen = 0;
    char saltbuf[32];
    char hostbuf[256];
    /* Figure out host format */
    if((hostlen >2) && memcmp(host, "|1|", 3)) {
        /* old style plain text: [name][,][ip-address]
           for the sake of simplicity, we add them as two hosts with the same
           key
         */
        size_t scan = hostlen;
        while(scan && (*host != ',')) {
            host++;
            scan--;
        }
        if(scan) {
            sep = host+1;
            seplen = scan-1;
            hostlen -= scan; /* deduct what's left to scan from the first
                                host name */
        }
        else
            host = orig;
    }
    else {
        /* |1|[salt]|[hash] */
        type = LIBSSH2_KNOWNHOST_TYPE_SHA1;
        salt = &host[3]; /* skip the magic marker */
        hostlen -= 3;    /* deduct the marker */
        /* this is where the salt starts, find the end of it */
        for(p = salt; *p && (*p != '|'); p++)
            ;
        if(*p=='|') {
            const char *hash = NULL;
            size_t saltlen = p - salt;
            if(saltlen >= (sizeof(saltbuf)-1))
                return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED; /* weird length */
            memcpy(saltbuf, salt, saltlen);
            saltbuf[saltlen] = 0; /* zero terminate */
            salt = saltbuf; /* point to the stack based buffer */
            hash = p+1; /* the host hash is after the separator */
            /* now make the host point to the hash */
            host = hash;
            hostlen -= saltlen+1; /* deduct the salt and separator */
        }
        else
            return 0;
    }
    /* make some checks that the lenghts seem sensible */
    if((keylen < 20) ||
       (seplen >= sizeof(hostbuf)-1) ||
       (hostlen >= sizeof(hostbuf)-1))
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    switch(key[0]) {
    case '0': case '1': case '2': case '3': case '4':
    case '5': case '6': case '7': case '8': case '9':
        type |= LIBSSH2_KNOWNHOST_KEY_RSA1;
        /* Note that the old-style keys (RSA1) aren't truly base64, but we
         * claim it is for now since we can get away with strcmp()ing the
         * entire anything anyway! We need to check and fix these to make them
         * work properly.
         */
        break;
    case 's': /* ssh-dss or ssh-rsa */
        if(!strncmp(key, "ssh-dss", 7))
            type |= LIBSSH2_KNOWNHOST_KEY_SSHDSS;
        else if(!strncmp(key, "ssh-rsa", 7))
            type |= LIBSSH2_KNOWNHOST_KEY_SSHRSA;
        else
            return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED; /* unknown key type */
        key += 7;
        keylen -= 7;
        /* skip whitespaces */
        while((*key ==' ') || (*key == '\t')) {
            key++;
            keylen--;
        }
        break;
    default: /* unknown key format */
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    }
    if(sep) {
        /* The second host after the comma, add this first. Copy it to the
           temp buffer and zero terminate */
        memcpy(hostbuf, sep, seplen);
        hostbuf[seplen]=0;
        rc = libssh2_knownhost_add(hosts, hostbuf, salt, key, keylen,
                                   type | LIBSSH2_KNOWNHOST_KEYENC_BASE64,
                                   NULL);
        if(rc)
            return rc;
    }
    if (!salt)
        host = orig;
    memcpy(hostbuf, host, hostlen);
    hostbuf[hostlen]=0;
    rc = libssh2_knownhost_add(hosts, hostbuf, salt, key, keylen,
                               type | LIBSSH2_KNOWNHOST_KEYENC_BASE64,
                               NULL);
    return rc;
 }
 /*
 * libssh2_knownhost_readline()
 *
 * Pass in a line of a file of 'type'.
 *
 * LIBSSH2_KNOWNHOST_FILE_OPENSSH is the only supported type.
 *
 * OpenSSH line format:
 *
 * <host> <key>
 *
 * Where the two parts can be created like:
 *
 * <host> can be either
 * <name> or <hash>
 *
 * <name> consists of
 * [name,address] or just [name] or just [address]
 *
 * <hash> consists of
 * |1|<salt>|hash
 *
 * <key> can be one of:
 * [RSA bits] [e] [n as a decimal number]
 * 'ssh-dss' [base64-encoded-key]
 * 'ssh-rsa' [base64-encoded-key]
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_readline(LIBSSH2_KNOWNHOSTS *hosts,
                           const char *line, size_t len, int type)
 {
    const char *cp;
    const char *hostp;
    const char *keyp;
    size_t hostlen;
    size_t keylen;
    int rc;
    if(type != LIBSSH2_KNOWNHOST_FILE_OPENSSH)
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    cp = line;
    /* skip leading whitespaces */
    while(len && ((*cp==' ') || (*cp == '\t'))) {
        cp++;
        len--;
    }
    if(!len || !*cp || (*cp == '#') || (*cp == '\n'))
        /* comment or empty line */
        return LIBSSH2_ERROR_NONE;
    /* the host part starts here */
    hostp = cp;
    /* move over the host to the separator */
    while(len && *cp && (*cp!=' ') && (*cp != '\t')) {
        cp++;
        len--;
    }
    hostlen = cp - hostp;
    /* the key starts after the whitespaces */
    while(len && *cp && ((*cp==' ') || (*cp == '\t'))) {
        cp++;
        len--;
    }
    if(!*cp || !len)
        /* illegal line */
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    keyp = cp; /* the key starts here */
    keylen = len;
    /* check if the line (key) ends with a newline and if so kill it */
    while(len && *cp && (*cp != '\n')) {
        cp++;
        len--;
    }
    /* zero terminate where the newline is */
    if(*cp == '\n')
        keylen--; /* don't include this in the count */
    /* deal with this one host+key line */
    rc = hostline(hosts, hostp, hostlen, keyp, keylen);
    if(rc)
        return rc; /* failed */
    return LIBSSH2_ERROR_NONE; /* success */
 }
 /*
 * libssh2_knownhost_readfile
 *
 * Read hosts+key pairs from a given file.
 *
 * Returns a negative value for error or number of successfully added hosts.
 *
 */
 LIBSSH2_API int
 libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
                           const char *filename, int type)
 {
    FILE *file;
    int num = 0;
    char buf[2048];
    if(type != LIBSSH2_KNOWNHOST_FILE_OPENSSH)
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    file = fopen(filename, "r");
    if(file) {
        while(fgets(buf, sizeof(buf), file)) {
            if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type))
                break;
            num++;
        }
        fclose(file);
    }
    else
        return LIBSSH2_ERROR_FILE;
    return num;
 }
 /*
 * knownhost_writeline()
 *
 * Ask libssh2 to convert a known host to an output line for storage.
 *
 * Note that this function returns LIBSSH2_ERROR_BUFFER_TOO_SMALL if the given
 * output buffer is too small to hold the desired output. The 'outlen' field
 * will then contain the size libssh2 wanted to store, which then is the
 * smallest sufficient buffer it would require.
 *
 */
 static int
 knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
                    struct known_host *node,
                    char *buf, size_t buflen,
                    size_t *outlen, int type)
 {
    int rc = LIBSSH2_ERROR_NONE;
    int tindex;
    const char *keytypes[4]={
        "", /* not used */
        "", /* this type has no name in the file */
        " ssh-rsa",
        " ssh-dss"
    };
    const char *keytype;
    size_t nlen;
    /* we only support this single file type for now, bail out on all other
       attempts */
    if(type != LIBSSH2_KNOWNHOST_FILE_OPENSSH)
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    tindex = (node->typemask & LIBSSH2_KNOWNHOST_KEY_MASK) >>
        LIBSSH2_KNOWNHOST_KEY_SHIFT;
    /* set the string used in the file */
    keytype = keytypes[tindex];
    if((node->typemask & LIBSSH2_KNOWNHOST_TYPE_MASK) ==
       LIBSSH2_KNOWNHOST_TYPE_SHA1) {
        char *namealloc;
        char *saltalloc;
        nlen = _libssh2_base64_encode(hosts->session, node->name,
                                      node->name_len, &namealloc);
        if(!nlen)
            return LIBSSH2_ERROR_ALLOC;
        nlen = _libssh2_base64_encode(hosts->session,
                                      node->salt, node->salt_len,
                                      &saltalloc);
        if(!nlen) {
            free(namealloc);
            return LIBSSH2_ERROR_ALLOC;
        }
        nlen = strlen(saltalloc) + strlen(namealloc) + strlen(keytype) +
            strlen(node->key) + 7; /* |1| + | + ' ' + \n + \0 = 7 */
        if(nlen <= buflen)
            sprintf(buf, "|1|%s|%s%s %s\n", saltalloc, namealloc, keytype,
                    node->key);
        else
            rc = LIBSSH2_ERROR_BUFFER_TOO_SMALL;
        free(namealloc);
        free(saltalloc);
    }
    else {
        nlen = strlen(node->name) + strlen(keytype) + strlen(node->key) + 3;
        /* ' ' + '\n' + \0 = 3 */
        if(nlen <= buflen)
            /* these types have the plain name */
            sprintf(buf, "%s%s %s\n", node->name, keytype, node->key);
        else
            rc = LIBSSH2_ERROR_BUFFER_TOO_SMALL;
    }
    /* we report the full length of the data with the trailing zero excluded */
    *outlen = nlen-1;
    return rc;
 }
 /*
 * libssh2_knownhost_writeline()
 *
 * Ask libssh2 to convert a known host to an output line for storage.
 *
 * Note that this function returns LIBSSH2_ERROR_BUFFER_TOO_SMALL if the given
 * output buffer is too small to hold the desired output.
 */
 LIBSSH2_API int
 libssh2_knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
                            struct libssh2_knownhost *known,
                            char *buffer, size_t buflen,
                            size_t *outlen, /* the amount of written data */
                            int type)
 {
    struct known_host *node;
    if(known->magic != KNOWNHOST_MAGIC)
        return LIBSSH2_ERROR_INVAL;
    node = known->node;
    return knownhost_writeline(hosts, node, buffer, buflen, outlen, type);
 }
 /*
 * libssh2_knownhost_writefile()
 *
 * Write hosts+key pairs to the given file.
 */
 LIBSSH2_API int
 libssh2_knownhost_writefile(LIBSSH2_KNOWNHOSTS *hosts,
                           const char *filename, int type)
 {
    struct known_host *node;
    FILE *file;
    int rc = LIBSSH2_ERROR_NONE;
    char buffer[2048];
    /* we only support this single file type for now, bail out on all other
       attempts */
    if(type != LIBSSH2_KNOWNHOST_FILE_OPENSSH)
        return LIBSSH2_ERROR_METHOD_NOT_SUPPORTED;
    file = fopen(filename, "w");
    if(!file)
        return LIBSSH2_ERROR_FILE;
    for(node = _libssh2_list_first(&hosts->head);
        node;
        node= _libssh2_list_next(&node->node) ) {
        size_t wrote;
        size_t nwrote;
        rc = knownhost_writeline(hosts, node, buffer, sizeof(buffer), &wrote,
                                 type);
        if(rc)
            break;
        nwrote = fwrite(buffer, 1, wrote, file);
        if(nwrote != wrote) {
            /* failed to write the whole thing, bail out */
            rc = LIBSSH2_ERROR_FILE;
            break;
        }
    }
    fclose(file);
    return rc;
 }
 /*
 * libssh2_knownhost_get()
 *
 * Traverse the internal list of known hosts. Pass NULL to 'prev' to get
 * the first one.
 *
 * Returns:
 * 0 if a fine host was stored in 'store'
 * 1 if end of hosts
 * [negative] on errors
 */
 LIBSSH2_API int
 libssh2_knownhost_get(LIBSSH2_KNOWNHOSTS *hosts,
                      struct libssh2_knownhost **ext,
                      struct libssh2_knownhost *oprev)
 {
    struct known_host *node;
    if(oprev && oprev->node) {
        /* we have a starting point */
        struct known_host *prev = oprev->node;
        /* get the next node in the list */
        node = _libssh2_list_next(&prev->node);
    }
    else
        node = _libssh2_list_first(&hosts->head);
    if(!node)
        /* no (more) node */
        return 1;
    *ext = knownhost_to_external(node);
    return 0;
 }
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -1,5 +1,5 @@
-/* Copyright (C) 2006, 2007, The Written Word, Inc.
+/* Copyright (C) 2008, 2009, Simon Josefsson
- * Copyright (C) 2008, Simon Josefsson
+ * Copyright (C) 2006, 2007, The Written Word, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -37,6 +37,9 @@
 */
 #include "libssh2_priv.h"
 #ifdef LIBSSH2_LIBGCRYPT /* compile only if we build with libgcrypt */
 #include <string.h>
 int
@@ -149,8 +152,9 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx,
 int
 _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
                         LIBSSH2_SESSION * session,
-                         FILE * fp, unsigned const char *passphrase)
+                         const char *filename, unsigned const char *passphrase)
 {
    FILE *fp;
    unsigned char *data, *save_data;
    unsigned int datalen;
    int ret;
@@ -159,10 +163,16 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
    (void) passphrase;
    fp = fopen(filename, "r");
    if (!fp) {
        return -1;
    }
    ret = _libssh2_pem_parse(session,
                             "-----BEGIN RSA PRIVATE KEY-----",
                             "-----END RSA PRIVATE KEY-----",
                             fp, &data, &datalen);
    fclose(fp);
    if (ret) {
        return -1;
    }
@@ -244,8 +254,9 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
 int
 _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
                         LIBSSH2_SESSION * session,
-                         FILE * fp, unsigned const char *passphrase)
+                         const char *filename, unsigned const char *passphrase)
 {
    FILE *fp;
    unsigned char *data, *save_data;
    unsigned int datalen;
    int ret;
@@ -254,10 +265,16 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
    (void) passphrase;
    fp = fopen(filename, "r");
    if (!fp) {
        return -1;
    }
    ret = _libssh2_pem_parse(session,
                             "-----BEGIN DSA PRIVATE KEY-----",
                             "-----END DSA PRIVATE KEY-----",
                             fp, &data, &datalen);
    fclose(fp);
    if (ret) {
        return -1;
    }
@@ -407,61 +424,54 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
        return -1;
    }
    memset(sig, 0, 40);
 /* Extract R. */
    data = gcry_sexp_find_token(sig_sexp, "r", 0);
-    if (!data) {
+    if (!data)
-        ret = -1;
+        goto err;
        goto out;
    }
    tmp = gcry_sexp_nth_data(data, 1, &size);
-    if (!tmp) {
+    if (!tmp)
-        ret = -1;
+        goto err;
        goto out;
    }
    if (tmp[0] == '\0') {
        tmp++;
        size--;
    }
-    if (size != 20) {
+    if (size < 1 || size > 20)
-        ret = -1;
+        goto err;
        goto out;
    }
-    memcpy(sig, tmp, 20);
+    memcpy(sig + (20 - size), tmp, size);
    gcry_sexp_release(data);
 /* Extract S. */
    data = gcry_sexp_find_token(sig_sexp, "s", 0);
-    if (!data) {
+    if (!data)
-        ret = -1;
+        goto err;
        goto out;
    }
    tmp = gcry_sexp_nth_data(data, 1, &size);
-    if (!tmp) {
+    if (!tmp)
-        ret = -1;
+        goto err;
        goto out;
    }
    if (tmp[0] == '\0') {
        tmp++;
        size--;
    }
-    if (size != 20) {
+    if (size < 1 || size > 20)
-        ret = -1;
+        goto err;
        goto out;
    }
-    memcpy(sig + 20, tmp, 20);
+    memcpy(sig + 20 + (20 - size), tmp, size);
    goto out;
  err:
    ret = -1;
    ret = 0;
  out:
    if (sig_sexp) {
        gcry_sexp_release(sig_sexp);
@@ -507,16 +517,14 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
                     _libssh2_cipher_type(algo),
                     unsigned char *iv, unsigned char *secret, int encrypt)
 {
-    int mode = 0, ret;
+    int ret;
-    int keylen = gcry_cipher_get_algo_keylen(algo);
+    int cipher = _libssh2_gcry_cipher (algo);
    int mode = _libssh2_gcry_mode (algo);
    int keylen = gcry_cipher_get_algo_keylen(cipher);
    (void) encrypt;
-    if (algo != GCRY_CIPHER_ARCFOUR) {
+    ret = gcry_cipher_open(h, cipher, mode, 0);
        mode = GCRY_CIPHER_MODE_CBC;
    }
    ret = gcry_cipher_open(h, algo, mode, 0);
    if (ret) {
        return -1;
    }
@@ -527,10 +535,13 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
        return -1;
    }
-    if (algo != GCRY_CIPHER_ARCFOUR) {
+    if (mode != GCRY_CIPHER_MODE_STREAM) {
-        int blklen = gcry_cipher_get_algo_blklen(algo);
+        int blklen = gcry_cipher_get_algo_blklen(cipher);
-        ret = gcry_cipher_setiv(*h, iv, blklen);
+	if (mode == GCRY_CIPHER_MODE_CTR)
-        if (ret) {
+	  ret = gcry_cipher_setctr(*h, iv, blklen);
 	else
 	  ret = gcry_cipher_setiv(*h, iv, blklen);
 	if (ret) {
            gcry_cipher_close(*h);
            return -1;
        }
@@ -544,8 +555,10 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
                      _libssh2_cipher_type(algo),
                      int encrypt, unsigned char *block)
 {
-    size_t blklen = gcry_cipher_get_algo_blklen(algo);
+    int cipher = _libssh2_gcry_cipher (algo);
    size_t blklen = gcry_cipher_get_algo_blklen(cipher);
    int ret;
    if (blklen == 1) {
 /* Hack for arcfour. */
        blklen = 8;
@@ -558,3 +571,5 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
    }
    return ret;
 }
 #endif /* LIBSSH2_LIBGCRYPT */
--- a/src/libgcrypt.h
+++ b/src/libgcrypt.h
@@ -1,5 +1,6 @@
-/* Copyright (C) 2006, 2007, The Written Word, Inc.
+/*
- * Copyright (C) 2008, Simon Josefsson
+ * Copyright (C) 2008, 2009 Simon Josefsson
 * Copyright (C) 2006, 2007, The Written Word, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -43,6 +44,7 @@
 #define LIBSSH2_HMAC_RIPEMD 1
 #define LIBSSH2_AES 1
 #define LIBSSH2_AES_CTR 1
 #define LIBSSH2_BLOWFISH 1
 #define LIBSSH2_RC4 1
 #define LIBSSH2_CAST 1
@@ -112,7 +114,8 @@ int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
                     const unsigned char *coeffdata, unsigned long coefflen);
 int _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
                             LIBSSH2_SESSION * session,
-                             FILE * fp, unsigned const char *passphrase);
+                             const char *filename,
                             unsigned const char *passphrase);
 int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
                             const unsigned char *sig,
                             unsigned long sig_len,
@@ -140,7 +143,8 @@ int _libssh2_dsa_new(libssh2_dsa_ctx ** dsa,
                     const unsigned char *x, unsigned long x_len);
 int _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
                             LIBSSH2_SESSION * session,
-                             FILE * fp, unsigned const char *passphrase);
+                             const char *filename,
                             unsigned const char *passphrase);
 int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsa,
                             const unsigned char *sig,
                             const unsigned char *m, unsigned long m_len);
@@ -153,13 +157,30 @@ int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
 #define _libssh2_cipher_type(name) int name
 #define _libssh2_cipher_ctx gcry_cipher_hd_t
-#define _libssh2_cipher_aes256 GCRY_CIPHER_AES256
+#define _libssh2_gcry_ciphermode(c,m) ((c << 8) | m)
-#define _libssh2_cipher_aes192 GCRY_CIPHER_AES192
+#define _libssh2_gcry_cipher(c) (c >> 8)
-#define _libssh2_cipher_aes128 GCRY_CIPHER_AES128
+#define _libssh2_gcry_mode(m) (m & 0xFF)
-#define _libssh2_cipher_blowfish GCRY_CIPHER_BLOWFISH
+
-#define _libssh2_cipher_arcfour GCRY_CIPHER_ARCFOUR
+#define _libssh2_cipher_aes256ctr		\
-#define _libssh2_cipher_cast5 GCRY_CIPHER_CAST5
+  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR)
-#define _libssh2_cipher_3des GCRY_CIPHER_3DES
+#define _libssh2_cipher_aes192ctr		\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CTR)
 #define _libssh2_cipher_aes128ctr					\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR)
 #define _libssh2_cipher_aes256						\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC)
 #define _libssh2_cipher_aes192			\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CBC)
 #define _libssh2_cipher_aes128			\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC)
 #define _libssh2_cipher_blowfish		\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC)
 #define _libssh2_cipher_arcfour			\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM)
 #define _libssh2_cipher_cast5			\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_CAST5, GCRY_CIPHER_MODE_CBC)
 #define _libssh2_cipher_3des			\
  _libssh2_gcry_ciphermode(GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC)
 int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
                         _libssh2_cipher_type(algo),
--- a/src/libssh2_priv.h
+++ b/src/libssh2_priv.h
@@ -1,5 +1,6 @@
 /* Copyright (c) 2004-2008, Sara Golemon <sarag@libssh2.org>
 * Copyright (c) 2009 by Daniel Stenberg
 * Copyright (c) 2010 Simon Josefsson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -39,6 +40,12 @@
 #ifndef LIBSSH2_PRIV_H
 #define LIBSSH2_PRIV_H 1
 #ifdef _WIN32
  #ifndef _CRT_SECURE_NO_DEPRECATE
    #define _CRT_SECURE_NO_DEPRECATE 1
  #endif /* _CRT_SECURE_NO_DEPRECATE */
 #endif /* WIN32 */
 #define LIBSSH2_LIBRARY
 #include "libssh2_config.h"
@@ -79,6 +86,7 @@
 #include "libssh2.h"
 #include "libssh2_publickey.h"
 #include "libssh2_sftp.h"
 #include "misc.h" /* for the linked list stuff */
 #ifndef FALSE
 #define FALSE 0
@@ -90,10 +98,9 @@
 /* Provide iovec / writev on WIN32 platform. */
 #ifdef WIN32
 /* same as WSABUF */
 struct iovec {
-    u_long iov_len;
+    size_t iov_len;
-    char *iov_base;
+    void * iov_base;
 };
 #define inline __inline
@@ -143,6 +150,13 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
 #endif
 #ifdef WIN32
 typedef SOCKET libssh2_socket_t;
 #else /* !WIN32 */
 typedef int libssh2_socket_t;
 #define INVALID_SOCKET -1
 #endif /* WIN32 */
 /* RFC4253 section 6.1 Maximum Packet Length says:
 *
 * "All implementations MUST be able to process packets with
@@ -181,10 +195,6 @@ typedef struct _LIBSSH2_CRYPT_METHOD LIBSSH2_CRYPT_METHOD;
 typedef struct _LIBSSH2_COMP_METHOD LIBSSH2_COMP_METHOD;
 typedef struct _LIBSSH2_PACKET LIBSSH2_PACKET;
 typedef struct _LIBSSH2_PACKET_BRIGADE LIBSSH2_PACKET_BRIGADE;
 typedef struct _LIBSSH2_CHANNEL_BRIGADE LIBSSH2_CHANNEL_BRIGADE;
 typedef int libssh2pack_t;
 typedef enum
 {
@@ -201,7 +211,9 @@ typedef enum
    libssh2_NB_state_sent7,
    libssh2_NB_state_jump1,
    libssh2_NB_state_jump2,
-    libssh2_NB_state_jump3
+    libssh2_NB_state_jump3,
    libssh2_NB_state_jump4,
    libssh2_NB_state_jump5
 } libssh2_nonblocking_states;
 typedef struct packet_require_state_t
@@ -282,6 +294,7 @@ typedef struct packet_queue_listener_state_t
    uint32_t sport;
    uint32_t host_len;
    uint32_t shost_len;
    LIBSSH2_CHANNEL *channel;
 } packet_queue_listener_state_t;
 #define X11FwdUnAvil "X11 Forward Unavailable"
@@ -296,10 +309,13 @@ typedef struct packet_x11_open_state_t
    uint32_t packet_size;
    uint32_t sport;
    uint32_t shost_len;
    LIBSSH2_CHANNEL *channel;
 } packet_x11_open_state_t;
 struct _LIBSSH2_PACKET
 {
    struct list_node node; /* linked list header */
    unsigned char type;
    /* Unencrypted Payload (no type byte, no padding, just the facts ma'am) */
@@ -312,15 +328,6 @@ struct _LIBSSH2_PACKET
    /* Can the message be confirmed? */
    int mac;
    LIBSSH2_PACKET_BRIGADE *brigade;
    LIBSSH2_PACKET *next, *prev;
 };
 struct _LIBSSH2_PACKET_BRIGADE
 {
    LIBSSH2_PACKET *head, *tail;
 };
 typedef struct _libssh2_channel_data
@@ -337,6 +344,8 @@ typedef struct _libssh2_channel_data
 struct _LIBSSH2_CHANNEL
 {
    struct list_node node;
    unsigned char *channel_type;
    unsigned channel_type_len;
@@ -349,8 +358,6 @@ struct _LIBSSH2_CHANNEL
    LIBSSH2_SESSION *session;
    LIBSSH2_CHANNEL *next, *prev;
    void *abstract;
      LIBSSH2_CHANNEL_CLOSE_FUNC((*close_cb));
@@ -393,8 +400,6 @@ struct _LIBSSH2_CHANNEL
    /* State variables used in libssh2_channel_read_ex() */
    libssh2_nonblocking_states read_state;
    LIBSSH2_PACKET *read_packet;
    LIBSSH2_PACKET *read_next;
    uint32_t read_local_id;
@@ -423,24 +428,21 @@ struct _LIBSSH2_CHANNEL
    libssh2_nonblocking_states extData2_state;
 };
 struct _LIBSSH2_CHANNEL_BRIGADE
 {
    LIBSSH2_CHANNEL *head, *tail;
 };
 struct _LIBSSH2_LISTENER
 {
    struct list_node node; /* linked list header */
    LIBSSH2_SESSION *session;
    char *host;
    int port;
-    LIBSSH2_CHANNEL *queue;
+    /* a list of CHANNELs for this listener */
    struct list_head queue;
    int queue_size;
    int queue_maxsize;
    LIBSSH2_LISTENER *prev, *next;
    /* State variables used in libssh2_channel_forward_cancel() */
    libssh2_nonblocking_states chanFwdCncl_state;
    unsigned char *chanFwdCncl_data;
@@ -541,8 +543,9 @@ struct _LIBSSH2_PUBLICKEY
 struct _LIBSSH2_SFTP_HANDLE
 {
    struct list_node node;
    LIBSSH2_SFTP *sftp;
    LIBSSH2_SFTP_HANDLE *prev, *next;
    /* This is a pre-allocated buffer used for sending SFTP requests as the
       whole thing might not get sent in one go. This buffer is used for read,
@@ -580,9 +583,10 @@ struct _LIBSSH2_SFTP
    unsigned long request_id, version;
-    LIBSSH2_PACKET_BRIGADE packets;
+    struct list_head packets;
-    LIBSSH2_SFTP_HANDLE *handles;
+    /* a list of _LIBSSH2_SFTP_HANDLE structs */
    struct list_head sftp_handles;
    unsigned long last_errno;
@@ -707,18 +711,19 @@ struct _LIBSSH2_SESSION
    /* (local as source of data -- packet_write ) */
    libssh2_endpoint_data local;
-    /* Inbound Data buffer -- Sometimes the packet that comes in isn't the
+    /* Inbound Data linked list -- Sometimes the packet that comes in isn't the
       packet we're ready for */
-    LIBSSH2_PACKET_BRIGADE packets;
+    struct list_head packets;
    /* Active connection channels */
-    LIBSSH2_CHANNEL_BRIGADE channels;
+    struct list_head channels;
    unsigned long next_channel;
-    LIBSSH2_LISTENER *listeners;
+    struct list_head listeners; /* list of LIBSSH2_LISTENER structs */
    /* Actual I/O socket */
-    int socket_fd;
+    libssh2_socket_t socket_fd;
    int socket_state;
    int socket_block_directions;
    int socket_prev_blockstate; /* stores the state of the socket blockiness
@@ -734,6 +739,8 @@ struct _LIBSSH2_SESSION
    struct transportpacket packet;
 #ifdef LIBSSH2DEBUG
    int showmask;               /* what debug/trace messages to display */
    libssh2_trace_handler_func tracehandler; /* callback to display trace messages */
    void* tracehandler_context; /* context for the trace handler */
 #endif
    /* State variables used in libssh2_banner_send() */
@@ -805,7 +812,7 @@ struct _LIBSSH2_SESSION
    unsigned char *userauth_pblc_b;
    packet_requirev_state_t userauth_pblc_packet_requirev_state;
-    /* State variables used in llibssh2_userauth_keyboard_interactive_ex() */
+    /* State variables used in libssh2_userauth_keyboard_interactive_ex() */
    libssh2_nonblocking_states userauth_kybd_state;
    unsigned char *userauth_kybd_data;
    unsigned long userauth_kybd_data_len;
@@ -854,7 +861,6 @@ struct _LIBSSH2_SESSION
    /* State variables used in libssh2_packet_add() */
    libssh2_nonblocking_states packAdd_state;
    LIBSSH2_PACKET *packAdd_packet;
    LIBSSH2_CHANNEL *packAdd_channel;
    unsigned long packAdd_data_head;
    key_exchange_state_t packAdd_key_state;
@@ -865,7 +871,7 @@ struct _LIBSSH2_SESSION
    libssh2_nonblocking_states fullpacket_state;
    int fullpacket_macstate;
    int fullpacket_payload_len;
-    libssh2pack_t fullpacket_packet_type;
+    int fullpacket_packet_type;
    /* State variables used in libssh2_sftp_init() */
    libssh2_nonblocking_states sftpInit_state;
@@ -881,7 +887,7 @@ struct _LIBSSH2_SESSION
    unsigned char scpRecv_response[LIBSSH2_SCP_RESPONSE_BUFLEN];
    unsigned long scpRecv_response_len;
    long scpRecv_mode;
-#if defined(HAVE_LONGLONG) && defined(strtoll)
+#if defined(HAVE_LONGLONG) && defined(HAVE_STRTOLL)
    /* we have the type and we can parse such numbers */
    long long scpRecv_size;
 #define scpsize_strtol strtoll
@@ -922,7 +928,10 @@ struct _LIBSSH2_SESSION
 #define LIBSSH2_SOCKET_RECV_FLAGS(session)      0
 #endif
-/* libssh2 extensible ssh api, ultimately I'd like to allow loading additional methods via .so/.dll */
+/* --------- */
 /* libssh2 extensible ssh api, ultimately I'd like to allow loading additional
   methods via .so/.dll */
 struct _LIBSSH2_KEX_METHOD
 {
@@ -1011,23 +1020,12 @@ struct _LIBSSH2_MAC_METHOD
    int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
 };
 #define LIBSSH2_DBG_TRANS   1
 #define LIBSSH2_DBG_KEX     2
 #define LIBSSH2_DBG_AUTH    3
 #define LIBSSH2_DBG_CONN    4
 #define LIBSSH2_DBG_SCP     5
 #define LIBSSH2_DBG_SFTP    6
 #define LIBSSH2_DBG_ERROR   7
 #define LIBSSH2_DBG_PUBLICKEY   8
 #ifdef LIBSSH2DEBUG
 void _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format,
                    ...);
 #else
-#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)
+#if (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)) || defined(__GNUC__)
-/* C99 style */
+/* C99 supported and also by older GCC */
 #define _libssh2_debug(x,y,z, __VA_ARGS__) do {} while (0)
 #elif defined(__GNUC__)
 /* GNU style */
 #define _libssh2_debug(x,y,z,...) do {} while (0)
 #else
 /* no gcc and not C99, do static and hopefully inline */
@@ -1048,7 +1046,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
    session->err_msglen = strlen(errmsg); \
    session->err_should_free = should_free; \
    session->err_code = errcode; \
-    _libssh2_debug(session, LIBSSH2_DBG_ERROR, "%d - %s", session->err_code, session->err_msg); \
+    _libssh2_debug(session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code, session->err_msg); \
 }
 #else /* ! LIBSSH2DEBUG */
@@ -1139,8 +1137,8 @@ libssh2_uint64_t _libssh2_ntohu64(const unsigned char *buf);
 void _libssh2_htonu32(unsigned char *buf, unsigned int val);
 #ifdef WIN32
-ssize_t _libssh2_recv(int socket, void *buffer, size_t length, int flags);
+ssize_t _libssh2_recv(libssh2_socket_t socket, void *buffer, size_t length, int flags);
-ssize_t _libssh2_send(int socket, const void *buffer, size_t length, int flags);
+ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer, size_t length, int flags);
 #else
 #define _libssh2_recv(a,b,c,d) recv(a,b,c,d)
 #define _libssh2_send(a,b,c,d) send(a,b,c,d)
@@ -1152,20 +1150,21 @@ ssize_t _libssh2_send(int socket, const void *buffer, size_t length, int flags);
 int _libssh2_wait_socket(LIBSSH2_SESSION *session);
-/* CAUTION: some of these error codes are returned in the public API and is
+/* These started out as private return codes for the transport layer, but was
-   there known with other #defined names from the public header file. They
+   converted to using the library-wide return codes to easy propagation of the
-   should not be changed. */
+   error reasons all over etc without risking mixups. The PACKET_* names are
   left only to reduce the impact of changing the code all over.*/
-#define PACKET_TIMEOUT  -7
+#define PACKET_TIMEOUT  LIBSSH2_ERROR_TIMEOUT
-#define PACKET_BADUSE   -6
+#define PACKET_BADUSE   LIBSSH2_ERROR_BAD_USE
-#define PACKET_COMPRESS -5
+#define PACKET_COMPRESS LIBSSH2_ERROR_COMPRESS
-#define PACKET_TOOBIG   -4
+#define PACKET_TOOBIG   LIBSSH2_ERROR_OUT_OF_BOUNDARY
-#define PACKET_ENOMEM   -3
+#define PACKET_ENOMEM   LIBSSH2_ERROR_ALLOC
 #define PACKET_EAGAIN   LIBSSH2_ERROR_EAGAIN
-#define PACKET_FAIL     -1
+#define PACKET_FAIL     LIBSSH2_ERROR_SOCKET_NONE
-#define PACKET_NONE      0
+#define PACKET_NONE     LIBSSH2_ERROR_NONE
-libssh2pack_t _libssh2_packet_read(LIBSSH2_SESSION * session);
+int _libssh2_packet_read(LIBSSH2_SESSION * session);
 int _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type,
                        unsigned char **data, unsigned long *data_len,
@@ -1270,4 +1269,7 @@ int _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen,
    } while(1)
 #define ARRAY_SIZE(a) (sizeof ((a)) / sizeof ((a)[0]))
 #endif /* LIBSSH2_H */
--- a/src/mac.c
+++ b/src/mac.c
@@ -167,6 +167,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_sha1_96 = {
    mac_method_common_dtor,
 };
 #if LIBSSH2_MD5
 /* mac_method_hmac_md5_hash
 * Calculate hash using full md5 value
 */
@@ -235,6 +236,7 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_md5_96 = {
    mac_method_hmac_md5_96_hash,
    mac_method_common_dtor,
 };
 #endif /* LIBSSH2_MD5 */
 #if LIBSSH2_HMAC_RIPEMD
 /* mac_method_hmac_ripemd160_hash
@@ -291,8 +293,10 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = {
 static const LIBSSH2_MAC_METHOD *mac_methods[] = {
    &mac_method_hmac_sha1,
    &mac_method_hmac_sha1_96,
 #if LIBSSH2_MD5
    &mac_method_hmac_md5,
    &mac_method_hmac_md5_96,
 #endif
 #if LIBSSH2_HMAC_RIPEMD
    &mac_method_hmac_ripemd160,
    &mac_method_hmac_ripemd160_openssh_com,
--- a/src/misc.c
+++ b/src/misc.c
@@ -37,6 +37,8 @@
 */
 #include "libssh2_priv.h"
 #include "misc.h"
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -76,7 +78,7 @@ static int wsa2errno(void)
 * to set errno
 */
 ssize_t
-_libssh2_recv(int socket, void *buffer, size_t length, int flags)
+_libssh2_recv(libssh2_socket_t socket, void *buffer, size_t length, int flags)
 {
    ssize_t rc = recv(socket, buffer, length, flags);
 #ifdef WIN32
@@ -95,7 +97,7 @@ _libssh2_recv(int socket, void *buffer, size_t length, int flags)
 * to set errno
 */
 ssize_t
-_libssh2_send(int socket, const void *buffer, size_t length, int flags)
+_libssh2_send(libssh2_socket_t socket, const void *buffer, size_t length, int flags)
 {
    ssize_t rc = send(socket, buffer, length, flags);
 #ifdef WIN32
@@ -176,7 +178,7 @@ static const short base64_reverse_table[256] = {
 * Decode a base64 chunk and store it into a newly alloc'd buffer
 */
 LIBSSH2_API int
-libssh2_base64_decode(LIBSSH2_SESSION * session, char **data,
+libssh2_base64_decode(LIBSSH2_SESSION *session, char **data,
                      unsigned int *datalen, const char *src,
                      unsigned int src_len)
 {
@@ -222,6 +224,86 @@ libssh2_base64_decode(LIBSSH2_SESSION * session, char **data,
    return 0;
 }
 /* ---- Base64 Encoding/Decoding Table --- */
 static const char table64[]=
  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 /*
 * _libssh2_base64_encode()
 *
 * Returns the length of the newly created base64 string. The third argument
 * is a pointer to an allocated area holding the base64 data. If something
 * went wrong, 0 is returned.
 *
 */
 size_t _libssh2_base64_encode(LIBSSH2_SESSION *session,
                              const char *inp, size_t insize, char **outptr)
 {
  unsigned char ibuf[3];
  unsigned char obuf[4];
  int i;
  int inputparts;
  char *output;
  char *base64data;
  const char *indata = inp;
  *outptr = NULL; /* set to NULL in case of failure before we reach the end */
  if(0 == insize)
    insize = strlen(indata);
  base64data = output = LIBSSH2_ALLOC(session, insize*4/3+4);
  if(NULL == output)
    return 0;
  while(insize > 0) {
    for (i = inputparts = 0; i < 3; i++) {
      if(insize > 0) {
        inputparts++;
        ibuf[i] = *indata;
        indata++;
        insize--;
      }
      else
        ibuf[i] = 0;
    }
    obuf[0] = (unsigned char)  ((ibuf[0] & 0xFC) >> 2);
    obuf[1] = (unsigned char) (((ibuf[0] & 0x03) << 4) | \
                               ((ibuf[1] & 0xF0) >> 4));
    obuf[2] = (unsigned char) (((ibuf[1] & 0x0F) << 2) | \
                               ((ibuf[2] & 0xC0) >> 6));
    obuf[3] = (unsigned char)   (ibuf[2] & 0x3F);
    switch(inputparts) {
    case 1: /* only one byte read */
      snprintf(output, 5, "%c%c==",
               table64[obuf[0]],
               table64[obuf[1]]);
      break;
    case 2: /* two bytes read */
      snprintf(output, 5, "%c%c%c=",
               table64[obuf[0]],
               table64[obuf[1]],
               table64[obuf[2]]);
      break;
    default:
      snprintf(output, 5, "%c%c%c%c",
               table64[obuf[0]],
               table64[obuf[1]],
               table64[obuf[2]],
               table64[obuf[3]] );
      break;
    }
    output += 4;
  }
  *output=0;
  *outptr = base64data; /* make it return the actual data memory */
  return strlen(base64data); /* return the length of the new data */
 }
 /* ---- End of Base64 Encoding ---- */
 #ifdef LIBSSH2DEBUG
 LIBSSH2_API int
 libssh2_trace(LIBSSH2_SESSION * session, int bitmask)
@@ -230,6 +312,14 @@ libssh2_trace(LIBSSH2_SESSION * session, int bitmask)
    return 0;
 }
 LIBSSH2_API int
 libssh2_trace_sethandler(LIBSSH2_SESSION *session, void* handler_context, libssh2_trace_handler_func callback)
 {
    session->tracehandler = callback;
    session->tracehandler_context = handler_context;
    return 0;
 }
 void
 _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
 {
@@ -238,7 +328,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
    va_list vargs;
    struct timeval now;
    static int firstsec;
-    static const char *const contexts[9] = {
+    static const char *const contexts[] = {
        "Unknown",
        "Transport",
        "Key Ex",
@@ -248,15 +338,24 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
        "SFTP",
        "Failure Event",
        "Publickey",
        "Socket",
    };
    const char* contexttext = contexts[0];
    unsigned int contextindex;
-    if (context < 1 || context > 8) {
+    if (!(session->showmask & context)) {
        context = 0;
    }
    if (!(session->showmask & (1 << context))) {
        /* no such output asked for */
        return;
    }
    /* Find the first matching context string for this message */
    for (contextindex = 0; contextindex < ARRAY_SIZE(contexts); contextindex++) {
        if ((context & (1 << contextindex)) != 0) {
            contexttext = contexts[contextindex];
            break;
        }
    }
    gettimeofday(&now, NULL);
    if(!firstsec) {
        firstsec = now.tv_sec;
@@ -264,14 +363,18 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
    now.tv_sec -= firstsec;
    len = snprintf(buffer, sizeof(buffer), "[libssh2] %d.%06d %s: ",
-                   (int)now.tv_sec, (int)now.tv_usec, contexts[context]);
+                   (int)now.tv_sec, (int)now.tv_usec, contexttext);
    va_start(vargs, format);
    len += vsnprintf(buffer + len, 1535 - len, format, vargs);
    buffer[len] = '\n';
    va_end(vargs);
    write(2, buffer, len + 1);
    if (session->tracehandler) {
        (session->tracehandler)(session, session->tracehandler_context, buffer, len + 1);
    } else {
        write(2, buffer, len + 1);
    }
 }
 #else
@@ -282,4 +385,156 @@ libssh2_trace(LIBSSH2_SESSION * session, int bitmask)
    (void) bitmask;
    return 0;
 }
 LIBSSH2_API int
 libssh2_trace_sethandler(LIBSSH2_SESSION *session, void* handler_context, libssh2_trace_handler_func callback)
 {
    (void) session;
    (void) handler_context;
    (void) callback;
    return 0;
 }
 #endif
 /* init the list head */
 void _libssh2_list_init(struct list_head *head)
 {
    head->first = head->last = NULL;
 }
 /* add a node to the list */
 void _libssh2_list_add(struct list_head *head,
                       struct list_node *entry)
 {
    /* store a pointer to the head */
    entry->head = head;
    /* we add this entry at the "top" so it has no next */
    entry->next = NULL;
    /* make our prev point to what the head thinks is last */
    entry->prev = head->last;
    /* and make head's last be us now */
    head->last = entry;
    /* make sure our 'prev' node points to us next */
    if(entry->prev)
        entry->prev->next = entry;
    else
        head->first = entry;
 }
 /* return the "first" node in the list this head points to */
 void *_libssh2_list_first(struct list_head *head)
 {
    return head->first;
 }
 /* return the next node in the list */
 void *_libssh2_list_next(struct list_node *node)
 {
    return node->next;
 }
 /* return the prev node in the list */
 void *_libssh2_list_prev(struct list_node *node)
 {
    return node->prev;
 }
 /* remove this node from the list */
 void _libssh2_list_remove(struct list_node *entry)
 {
    if(entry->prev)
        entry->prev->next = entry->next;
    else
        entry->head->first = entry->next;
    if(entry->next)
        entry->next->prev = entry->prev;
    else
        entry->head->last = entry->prev;
 }
 #if 0
 /* insert a node before the given 'after' entry */
 void _libssh2_list_insert(struct list_node *after, /* insert before this */
                          struct list_node *entry)
 {
    /* 'after' is next to 'entry' */
    bentry->next = after;
    /* entry's prev is then made to be the prev after current has */
    entry->prev = after->prev;
    /* the node that is now before 'entry' was previously before 'after'
       and must be made to point to 'entry' correctly */
    if(entry->prev)
        entry->prev->next = entry;
    else
      /* there was no node before this, so we make sure we point the head
         pointer to this node */
      after->head->first = entry;
    /* after's prev entry points back to entry */
    after->prev = entry;
    /* after's next entry is still the same as before */
    /* entry's head is the same as after's */
    entry->head = after->head;
 }
 #endif
 #ifdef WIN32
 /*
 * gettimeofday
 * Implementation according to:
 * The Open Group Base Specifications Issue 6
 * IEEE Std 1003.1, 2004 Edition
 */
 /*
 *  THIS SOFTWARE IS NOT COPYRIGHTED
 *
 *  This source code is offered for use in the public domain. You may
 *  use, modify or distribute it freely.
 *
 *  This code is distributed in the hope that it will be useful but
 *  WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
 *  DISCLAIMED. This includes but is not limited to warranties of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 *
 *  Contributed by:
 *  Danny Smith <dannysmith@users.sourceforge.net>
 */
 /* Offset between 1/1/1601 and 1/1/1970 in 100 nanosec units */
 #define _W32_FT_OFFSET (116444736000000000ULL)
 int __cdecl gettimeofday(struct timeval *tp,
                         void *tzp)
 {
  union {
    unsigned long long ns100; /*time since 1 Jan 1601 in 100ns units */
    FILETIME ft;
  }  _now;
  if(tp)
    {
      GetSystemTimeAsFileTime (&_now.ft);
      tp->tv_usec=(long)((_now.ns100 / 10ULL) % 1000000ULL );
      tp->tv_sec= (long)((_now.ns100 - _W32_FT_OFFSET) / 10000000ULL);
    }
  /* Always return 0 as per Open Group Base Specifications Issue 6.
     Do not set errno on error.  */
  return 0;
 }
 #endif
--- a/src/misc.h
+++ b/src/misc.h
@@ -0,0 +1,72 @@
 #ifndef __LIBSSH2_MISC_H
 #define __LIBSSH2_MISC_H
 /* Copyright (c) 2009 by Daniel Stenberg
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
 * with or without modification, are permitted provided
 * that the following conditions are met:
 *
 *   Redistributions of source code must retain the above
 *   copyright notice, this list of conditions and the
 *   following disclaimer.
 *
 *   Redistributions in binary form must reproduce the above
 *   copyright notice, this list of conditions and the following
 *   disclaimer in the documentation and/or other materials
 *   provided with the distribution.
 *
 *   Neither the name of the copyright holder nor the names
 *   of any other contributors may be used to endorse or
 *   promote products derived from this software without
 *   specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
 * OF SUCH DAMAGE.
 */
 struct list_head {
    struct list_node *last;
    struct list_node *first;
 };
 struct list_node {
    struct list_node *next;
    struct list_node *prev;
    struct list_head *head;
 };
 void _libssh2_list_init(struct list_head *head);
 /* add a node last in the list */
 void _libssh2_list_add(struct list_head *head,
                       struct list_node *entry);
 /* return the "first" node in the list this head points to */
 void *_libssh2_list_first(struct list_head *head);
 /* return the next node in the list */
 void *_libssh2_list_next(struct list_node *node);
 /* return the prev node in the list */
 void *_libssh2_list_prev(struct list_node *node);
 /* remove this node from the list */
 void _libssh2_list_remove(struct list_node *entry);
 size_t _libssh2_base64_encode(struct _LIBSSH2_SESSION *session,
                              const char *inp, size_t insize, char **outptr);
 #endif /* _LIBSSH2_MISC_H */
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -1,7 +1,9 @@
-/* Copyright (C) 2006, 2007 The Written Word, Inc.  All rights reserved.
+/* Copyright (C) 2009 Simon Josefsson
- * Author: Simon Josefsson
+ * Copyright (C) 2006, 2007 The Written Word, Inc.  All rights reserved.
 * Copyright (c) 2004-2006, Sara Golemon <sarag@libssh2.org>
 *
 * Author: Simon Josefsson
 *
 * Redistribution and use in source and binary forms,
 * with or without modification, are permitted provided
 * that the following conditions are met:
@@ -37,6 +39,9 @@
 */
 #include "libssh2_priv.h"
 #ifndef LIBSSH2_LIBGCRYPT /* compile only if we build with OpenSSL */
 #include <string.h>
 #ifndef EVP_MAX_BLOCK_LENGTH
@@ -194,6 +199,110 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
    return ret == 1 ? 0 : 1;
 }
 #if LIBSSH2_AES_CTR
 #include <openssl/aes.h>
 typedef struct
 {
    AES_KEY       key;
    unsigned char ctr[AES_BLOCK_SIZE];
 } aes_ctr_ctx;
 static int
 aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	     const unsigned char *iv, int enc) /* init key */
 {
    aes_ctr_ctx *c = malloc(sizeof(*c));
    (void) enc;
    if (c == NULL)
 	return 0;
    AES_set_encrypt_key(key, 8 * ctx->key_len, &c->key);
    memcpy(c->ctr, iv, AES_BLOCK_SIZE);
    EVP_CIPHER_CTX_set_app_data(ctx, c);
    return 1;
 }
 static int
 aes_ctr_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		  const unsigned char *in,
 		  unsigned int inl) /* encrypt/decrypt data */
 {
    aes_ctr_ctx *c = EVP_CIPHER_CTX_get_app_data(ctx);
    unsigned char b1[AES_BLOCK_SIZE];
    size_t i;
    if (inl != 16) /* libssh2 only ever encrypt one block */
 	return 0;
 /*
  To encrypt a packet P=P1||P2||...||Pn (where P1, P2, ..., Pn are each
  blocks of length L), the encryptor first encrypts <X> with <cipher>
  to obtain a block B1.  The block B1 is then XORed with P1 to generate
  the ciphertext block C1.  The counter X is then incremented
 */
    AES_encrypt(c->ctr, b1, &c->key);
    for (i = 0; i < 16; i++)
 	*out++ = *in++ ^ b1[i];
    i = 15;
    while (c->ctr[i]++ == 0xFF) {
 	if (i == 0)
 	    break;
 	i--;
    }
    return 1;
 }
 static int
 aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) /* cleanup ctx */
 {
    free(EVP_CIPHER_CTX_get_app_data(ctx));
    return 1;
 }
 static const EVP_CIPHER *
 make_ctr_evp (size_t keylen)
 {
    static EVP_CIPHER aes_ctr_cipher;
    memset(&aes_ctr_cipher, 0, sizeof(aes_ctr_cipher));
    aes_ctr_cipher.block_size = 16;
    aes_ctr_cipher.key_len = keylen;
    aes_ctr_cipher.iv_len = 16;
    aes_ctr_cipher.init = aes_ctr_init;
    aes_ctr_cipher.do_cipher = aes_ctr_do_cipher;
    aes_ctr_cipher.cleanup = aes_ctr_cleanup;
    return &aes_ctr_cipher;
 }
 const EVP_CIPHER *
 _libssh2_EVP_aes_128_ctr(void)
 {
    return make_ctr_evp (16);
 }
 const EVP_CIPHER *
 _libssh2_EVP_aes_192_ctr(void)
 {
    return make_ctr_evp (24);
 }
 const EVP_CIPHER *
 _libssh2_EVP_aes_256_ctr(void)
 {
    return make_ctr_evp (32);
 }
 #endif /* LIBSSH2_AES_CTR */
 /* TODO: Optionally call a passphrase callback specified by the
 * calling program
 */
@@ -212,12 +321,40 @@ passphrase_cb(char *buf, int size, int rwflag, char *passphrase)
    return passphrase_len;
 }
 typedef void * (*pem_read_bio_func)(BIO *, void **, pem_password_cb *,
                                    void * u);
 static int
 read_private_key_from_file(void ** key_ctx,
                           pem_read_bio_func read_private_key,
                           const char * filename,
                           unsigned const char *passphrase)
 {
    BIO * bp;
    *key_ctx = NULL;
    bp = BIO_new_file(filename, "r");
    if (!bp) {
        return -1;
    }
    *key_ctx = read_private_key(bp, NULL, (pem_password_cb *) passphrase_cb,
                                (void *) passphrase);
    BIO_free(bp);
    return (*key_ctx) ? 0 : -1;
 }
 int
 _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
                         LIBSSH2_SESSION * session,
-                         FILE * fp, unsigned const char *passphrase)
+                         const char *filename, unsigned const char *passphrase)
 {
    pem_read_bio_func read_rsa =
        (pem_read_bio_func) &PEM_read_bio_RSAPrivateKey;
    (void) session;
    if (!EVP_get_cipherbyname("des")) {
 /* If this cipher isn't loaded it's a pretty good indication that none are.
 * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#(
@@ -225,20 +362,20 @@ _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
 */
        OpenSSL_add_all_ciphers();
    }
-    *rsa = PEM_read_RSAPrivateKey(fp, NULL, (void *) passphrase_cb,
+
-                                  (void *) passphrase);
+    return read_private_key_from_file((void **) rsa, read_rsa,
-    if (!*rsa) {
+                                      filename, passphrase);
        return -1;
    }
    return 0;
 }
 int
 _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
                         LIBSSH2_SESSION * session,
-                         FILE * fp, unsigned const char *passphrase)
+                         const char *filename, unsigned const char *passphrase)
 {
    pem_read_bio_func read_dsa =
        (pem_read_bio_func) &PEM_read_bio_DSAPrivateKey;
    (void) session;
    if (!EVP_get_cipherbyname("des")) {
 /* If this cipher isn't loaded it's a pretty good indication that none are.
 * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#(
@@ -246,12 +383,9 @@ _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
 */
        OpenSSL_add_all_ciphers();
    }
-    *dsa = PEM_read_DSAPrivateKey(fp, NULL, (void *) passphrase_cb,
+
-                                  (void *) passphrase);
+    return read_private_key_from_file((void **) dsa, read_dsa,
-    if (!*dsa) {
+                                      filename, passphrase);
        return -1;
    }
    return 0;
 }
 int
@@ -291,7 +425,7 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
                       unsigned long hash_len, unsigned char *signature)
 {
    DSA_SIG *sig;
-    int r_len, s_len, rs_pad;
+    int r_len, s_len;
    (void) hash_len;
    sig = DSA_do_sign(hash, SHA_DIGEST_LENGTH, dsactx);
@@ -300,17 +434,24 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
    }
    r_len = BN_num_bytes(sig->r);
    if (r_len < 1 || r_len > 20) {
        DSA_SIG_free(sig);
        return -1;
    }
    s_len = BN_num_bytes(sig->s);
-    rs_pad = (2 * SHA_DIGEST_LENGTH) - (r_len + s_len);
+    if (s_len < 1 || s_len > 20) {
    if (rs_pad < 0) {
        DSA_SIG_free(sig);
        return -1;
    }
-    BN_bn2bin(sig->r, signature + rs_pad);
+    memset(signature, 0, 40);
-    BN_bn2bin(sig->s, signature + rs_pad + r_len);
+
    BN_bn2bin(sig->r, signature + (20 - r_len));
    BN_bn2bin(sig->s, signature + 20 + (20 - s_len));
    DSA_SIG_free(sig);
    return 0;
 }
 #endif /* !LIBSSH2_LIBGCRYPT */
--- a/src/openssl.h
+++ b/src/openssl.h
@@ -1,4 +1,6 @@
-/* Copyright (C) 2006, 2007 The Written Word, Inc.  All rights reserved.
+/* Copyright (C) 2009 Simon Josefsson
 * Copyright (C) 2006, 2007 The Written Word, Inc.  All rights reserved.
 *
 * Author: Simon Josefsson
 *
 * Redistribution and use in source and binary forms,
@@ -71,6 +73,7 @@
 #endif
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES)
 # define LIBSSH2_AES_CTR 1
 # define LIBSSH2_AES 1
 #else
 # define LIBSSH2_AES 0
@@ -148,7 +151,8 @@ int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
                     const unsigned char *coeffdata, unsigned long coefflen);
 int _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,
                             LIBSSH2_SESSION * session,
-                             FILE * fp, unsigned const char *passphrase);
+                             const char *filename,
                             unsigned const char *passphrase);
 int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
                             const unsigned char *sig,
                             unsigned long sig_len,
@@ -176,7 +180,8 @@ int _libssh2_dsa_new(libssh2_dsa_ctx ** dsa,
                     const unsigned char *x, unsigned long x_len);
 int _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa,
                             LIBSSH2_SESSION * session,
-                             FILE * fp, unsigned const char *passphrase);
+                             const char *filename,
                             unsigned const char *passphrase);
 int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
                             const unsigned char *sig,
                             const unsigned char *m, unsigned long m_len);
@@ -192,6 +197,9 @@ int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
 #define _libssh2_cipher_aes256 EVP_aes_256_cbc
 #define _libssh2_cipher_aes192 EVP_aes_192_cbc
 #define _libssh2_cipher_aes128 EVP_aes_128_cbc
 #define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr
 #define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr
 #define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr
 #define _libssh2_cipher_blowfish EVP_bf_cbc
 #define _libssh2_cipher_arcfour EVP_rc4
 #define _libssh2_cipher_cast5 EVP_cast5_cbc
@@ -221,3 +229,7 @@ int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
 #define _libssh2_bn_bytes(bn) BN_num_bytes(bn)
 #define _libssh2_bn_bits(bn) BN_num_bits(bn)
 #define _libssh2_bn_free(bn) BN_clear_free(bn)
 const EVP_CIPHER *_libssh2_EVP_aes_128_ctr(void);
 const EVP_CIPHER *_libssh2_EVP_aes_192_ctr(void);
 const EVP_CIPHER *_libssh2_EVP_aes_256_ctr(void);
--- a/src/packet.c
+++ b/src/packet.c
@@ -1,5 +1,6 @@
 /* Copyright (c) 2004-2007, Sara Golemon <sarag@libssh2.org>
 * Copyright (c) 2009 by Daniel Stenberg
 * Copyright (c) 2010 Simon Josefsson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms,
@@ -60,6 +61,7 @@
 #include <sys/types.h>
 #include "transport.h"
 #include "channel.h"
 /*
 * libssh2_packet_queue_listener
@@ -69,7 +71,7 @@
 static inline int
 packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
                      unsigned long datalen,
-                      packet_queue_listener_state_t * listen_state)
+                      packet_queue_listener_state_t *listen_state)
 {
    /*
     * Look for a matching listener
@@ -78,7 +80,7 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
    /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */
    unsigned long packet_len = 17 + (sizeof(FwdNotReq) - 1);
    unsigned char *p;
-    LIBSSH2_LISTENER *listen = session->listeners;
+    LIBSSH2_LISTENER *listen = _libssh2_list_first(&session->listeners);
    char failure_code = 1;      /* SSH_OPEN_ADMINISTRATIVELY_PROHIBITED */
    int rc;
@@ -107,7 +109,7 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
        listen_state->sport = _libssh2_ntohu32(s);
        s += 4;
-        _libssh2_debug(session, LIBSSH2_DBG_CONN,
+        _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                       "Remote received connection from %s:%ld to %s:%ld",
                       listen_state->shost, listen_state->sport,
                       listen_state->host, listen_state->port);
@@ -119,19 +121,18 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
        while (listen) {
            if ((listen->port == (int) listen_state->port) &&
                (strlen(listen->host) == listen_state->host_len) &&
-                (memcmp
+                (memcmp (listen->host, listen_state->host,
-                 (listen->host, listen_state->host,
+                         listen_state->host_len) == 0)) {
                  listen_state->host_len) == 0)) {
                /* This is our listener */
-                LIBSSH2_CHANNEL *channel, *last_queued = listen->queue;
+                LIBSSH2_CHANNEL *channel = NULL;
                listen_state->channel = NULL;
                last_queued = listen->queue;
                if (listen_state->state == libssh2_NB_state_allocated) {
                    if (listen->queue_maxsize &&
                        (listen->queue_maxsize <= listen->queue_size)) {
                        /* Queue is full */
                        failure_code = 4;       /* SSH_OPEN_RESOURCE_SHORTAGE */
-                        _libssh2_debug(session, LIBSSH2_DBG_CONN,
+                        _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                                       "Listener queue full, ignoring");
                        listen_state->state = libssh2_NB_state_sent;
                        break;
@@ -146,6 +147,8 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
                        listen_state->state = libssh2_NB_state_sent;
                        break;
                    }
                    listen_state->channel = channel;
                    memset(channel, 0, sizeof(LIBSSH2_CHANNEL));
                    channel->session = session;
@@ -181,7 +184,7 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
                        listen_state->initial_window_size;
                    channel->local.packet_size = listen_state->packet_size;
-                    _libssh2_debug(session, LIBSSH2_DBG_CONN,
+                    _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                                   "Connection queued: channel %lu/%lu win %lu/%lu packet %lu/%lu",
                                   channel->local.id, channel->remote.id,
                                   channel->local.window_size,
@@ -206,31 +209,19 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
                if (listen_state->state == libssh2_NB_state_created) {
                    rc = _libssh2_transport_write(session, listen_state->packet,
                                                  17);
-                    if (rc == PACKET_EAGAIN) {
+                    if (rc == PACKET_EAGAIN)
-                        return PACKET_EAGAIN;
+                        return rc;
-                    } else if (rc) {
+                    else if (rc) {
-                        libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+                        libssh2_error(session, rc,
-                                      "Unable to send channel open confirmation",
+                                      "Unable to send channel "
-                                      0);
+                                      "open confirmation", 0);
                        listen_state->state = libssh2_NB_state_idle;
-                        return -1;
+                        return rc;
                    }
                    /* Link the channel into the end of the queue list */
-
+                    _libssh2_list_add(&listen->queue,
-                    if (!last_queued) {
+                                      &listen_state->channel->node);
                        listen->queue = channel;
                        listen_state->state = libssh2_NB_state_idle;
                        return 0;
                    }
                    while (last_queued->next) {
                        last_queued = last_queued->next;
                    }
                    last_queued->next = channel;
                    channel->prev = last_queued;
                    listen->queue_size++;
                    listen_state->state = libssh2_NB_state_idle;
@@ -238,39 +229,36 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
                }
            }
-            listen = listen->next;
+            listen = _libssh2_list_next(&listen->node);
        }
        listen_state->state = libssh2_NB_state_sent;
    }
    /* We're not listening to you */
-    {
+    p = listen_state->packet;
-        p = listen_state->packet;
+    *(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE;
-        *(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE;
+    _libssh2_htonu32(p, listen_state->sender_channel);
-        _libssh2_htonu32(p, listen_state->sender_channel);
+    p += 4;
-        p += 4;
+    _libssh2_htonu32(p, failure_code);
-        _libssh2_htonu32(p, failure_code);
+    p += 4;
-        p += 4;
+    _libssh2_htonu32(p, sizeof(FwdNotReq) - 1);
-        _libssh2_htonu32(p, sizeof(FwdNotReq) - 1);
+    p += 4;
-        p += 4;
+    memcpy(s, FwdNotReq, sizeof(FwdNotReq) - 1);
-        memcpy(s, FwdNotReq, sizeof(FwdNotReq) - 1);
+    p += sizeof(FwdNotReq) - 1;
-        p += sizeof(FwdNotReq) - 1;
+    _libssh2_htonu32(p, 0);
        _libssh2_htonu32(p, 0);
-        rc = _libssh2_transport_write(session, listen_state->packet,
+    rc = _libssh2_transport_write(session, listen_state->packet,
-                                      packet_len);
+                                  packet_len);
-        if (rc == PACKET_EAGAIN) {
+    if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+        return rc;
-        } else if (rc) {
+    } else if (rc) {
-            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+        libssh2_error(session, rc, "Unable to send open failure", 0);
                          "Unable to send open failure", 0);
            listen_state->state = libssh2_NB_state_idle;
            return -1;
        }
        listen_state->state = libssh2_NB_state_idle;
-        return 0;
+        return rc;
    }
    listen_state->state = libssh2_NB_state_idle;
    return 0;
 }
 /*
@@ -281,14 +269,14 @@ packet_queue_listener(LIBSSH2_SESSION * session, unsigned char *data,
 static inline int
 packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
                unsigned long datalen,
-                packet_x11_open_state_t * x11open_state)
+                packet_x11_open_state_t *x11open_state)
 {
    int failure_code = 2;       /* SSH_OPEN_CONNECT_FAILED */
    unsigned char *s = data + (sizeof("x11") - 1) + 5;
    /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */
    unsigned long packet_len = 17 + (sizeof(X11FwdUnAvil) - 1);
    unsigned char *p;
-    LIBSSH2_CHANNEL *channel;
+    LIBSSH2_CHANNEL *channel = x11open_state->channel;
    int rc;
    (void) datalen;
@@ -307,7 +295,7 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
        x11open_state->sport = _libssh2_ntohu32(s);
        s += 4;
-        _libssh2_debug(session, LIBSSH2_DBG_CONN,
+        _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                       "X11 Connection Received from %s:%ld on channel %lu",
                       x11open_state->shost, x11open_state->sport,
                       x11open_state->sender_channel);
@@ -355,7 +343,7 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
            channel->local.window_size = x11open_state->initial_window_size;
            channel->local.packet_size = x11open_state->packet_size;
-            _libssh2_debug(session, LIBSSH2_DBG_CONN,
+            _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                           "X11 Connection established: channel %lu/%lu win %lu/%lu packet %lu/%lu",
                           channel->local.id, channel->remote.id,
                           channel->local.window_size,
@@ -379,7 +367,7 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
        if (x11open_state->state == libssh2_NB_state_created) {
            rc = _libssh2_transport_write(session, x11open_state->packet, 17);
            if (rc == PACKET_EAGAIN) {
-                return PACKET_EAGAIN;
+                return rc;
            } else if (rc) {
                libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
                              "Unable to send channel open confirmation", 0);
@@ -388,21 +376,13 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
            }
            /* Link the channel into the session */
-            if (session->channels.tail) {
+            _libssh2_list_add(&session->channels, &channel->node);
                session->channels.tail->next = channel;
                channel->prev = session->channels.tail;
            } else {
                session->channels.head = channel;
                channel->prev = NULL;
            }
            channel->next = NULL;
            session->channels.tail = channel;
            /*
             * Pass control to the callback, they may turn right around and
             * free the channel, or actually use it
             */
-            LIBSSH2_X11_OPEN(channel, (char *) x11open_state->shost,
+            LIBSSH2_X11_OPEN(channel, (char *)x11open_state->shost,
                             x11open_state->sport);
            x11open_state->state = libssh2_NB_state_idle;
@@ -427,12 +407,11 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
    rc = _libssh2_transport_write(session, x11open_state->packet, packet_len);
    if (rc == PACKET_EAGAIN) {
-        return PACKET_EAGAIN;
+        return rc;
    } else if (rc) {
-        libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
+        libssh2_error(session, rc, "Unable to send open failure", 0);
                      "Unable to send open failure", 0);
        x11open_state->state = libssh2_NB_state_idle;
-        return -1;
+        return rc;
    }
    x11open_state->state = libssh2_NB_state_idle;
    return 0;
@@ -442,7 +421,10 @@ packet_x11_open(LIBSSH2_SESSION * session, unsigned char *data,
 * _libssh2_packet_add
 *
 * Create a new packet and attach it to the brigade. Called from the transport
- * layer when it as received a packet.
+ * layer when it has received a packet.
 *
 * The input pointer 'data' is pointing to allocated data that this function
 * is asked to deal with so on failure OR success, it must be freed fine.
 */
 int
 _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
@@ -465,27 +447,14 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
        memset(&session->packAdd_x11open_state, 0,
               sizeof(session->packAdd_x11open_state));
-        _libssh2_debug(session, LIBSSH2_DBG_TRANS,
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                       "Packet type %d received, length=%d",
                       (int) data[0], (int) datalen);
        if (macstate == LIBSSH2_MAC_INVALID) {
-            if (session->macerror) {
+            if (session->macerror &&
-                if (LIBSSH2_MACERROR(session, (char *) data, datalen) == 0) {
+                LIBSSH2_MACERROR(session, (char *) data, datalen) == 0) {
-                    /* Calling app has given the OK, Process it anyway */
+                /* Calling app has given the OK, Process it anyway */
-                    macstate = LIBSSH2_MAC_CONFIRMED;
+                macstate = LIBSSH2_MAC_CONFIRMED;
                } else {
                    libssh2_error(session, LIBSSH2_ERROR_INVALID_MAC,
                                  "Invalid Message Authentication Code received",
                                  0);
                    if (session->ssh_msg_disconnect) {
                        LIBSSH2_DISCONNECT(session, SSH_DISCONNECT_MAC_ERROR,
                                           "Invalid MAC received",
                                           sizeof("Invalid MAC received") - 1,
                                           "", 0);
                    }
                    LIBSSH2_FREE(session, data);
                    return -1;
                }
            } else {
                libssh2_error(session, LIBSSH2_ERROR_INVALID_MAC,
                              "Invalid Message Authentication Code received",
@@ -497,7 +466,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                                       "", 0);
                }
                LIBSSH2_FREE(session, data);
-                return -1;
+                return LIBSSH2_ERROR_INVALID_MAC;
            }
        }
@@ -515,8 +484,16 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
        goto libssh2_packet_add_jump_point2;
    } else if (session->packAdd_state == libssh2_NB_state_jump3) {
        goto libssh2_packet_add_jump_point3;
    } else if (session->packAdd_state == libssh2_NB_state_jump4) {
        goto libssh2_packet_add_jump_point4;
    } else if (session->packAdd_state == libssh2_NB_state_jump5) {
        goto libssh2_packet_add_jump_point5;
    }
 /* FIXME: I've noticed that DATA is accessed without proper
 * out-of-bounds checking (i.e., DATALEN) in many places
 * below. --simon */
    if (session->packAdd_state == libssh2_NB_state_allocated) {
        /* A couple exceptions to the packet adding rule: */
        switch (data[0]) {
@@ -544,7 +521,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                message[message_len] = '\0';
                language = (char *) data + 9 + message_len + 3;
                if (language_len) {
-                    memcpy(language, language + 1, language_len);
+                    memmove(language, language + 1, language_len);
                }
                language[language_len] = '\0';
@@ -552,27 +529,32 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                    LIBSSH2_DISCONNECT(session, reason, message,
                                       message_len, language, language_len);
                }
-                _libssh2_debug(session, LIBSSH2_DBG_TRANS,
+                _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                               "Disconnect(%d): %s(%s)", reason,
                               message, language);
                LIBSSH2_FREE(session, data);
                session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
                session->packAdd_state = libssh2_NB_state_idle;
-                return -1;
+                libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT,
                              "socket disconnect", 0);
                return LIBSSH2_ERROR_SOCKET_DISCONNECT;
            }
            break;
        case SSH_MSG_IGNORE:
-            /* As with disconnect, back it up one and add a trailing NULL */
+            if (datalen >= 5) {
-            memcpy(data + 4, data + 5, datalen - 5);
+                /* Back it up one and add a trailing NULL */
-            data[datalen] = '\0';
+                memmove(data, data + 1, datalen - 1);
-            if (session->ssh_msg_ignore) {
+                data[datalen] = '\0';
-                LIBSSH2_IGNORE(session, (char *) data + 4, datalen - 5);
+                if (session->ssh_msg_ignore) {
                    LIBSSH2_IGNORE(session, (char *) data + 4, datalen - 1);
                }
            } else if (session->ssh_msg_ignore) {
                LIBSSH2_IGNORE(session, "", 0);
            }
            LIBSSH2_FREE(session, data);
            session->packAdd_state = libssh2_NB_state_idle;
            return 0;
            break;
        case SSH_MSG_DEBUG:
            {
@@ -598,7 +580,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                message[message_len] = '\0';
                language = (char *) data + 6 + message_len + 3;
                if (language_len) {
-                    memcpy(language, language + 1, language_len);
+                    memmove(language, language + 1, language_len);
                }
                language[language_len] = '\0';
@@ -610,7 +592,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                 * _libssh2_debug will actually truncate this for us so
                 * that it's not an inordinate about of data
                 */
-                _libssh2_debug(session, LIBSSH2_DBG_TRANS,
+                _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                               "Debug Packet: %s", message);
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
@@ -618,6 +600,30 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
            }
            break;
        case SSH_MSG_GLOBAL_REQUEST:
        {
            uint32_t strlen = _libssh2_ntohu32(data + 1);
            unsigned char want_reply = data[5 + strlen];
            _libssh2_debug(session,
                           LIBSSH2_TRACE_CONN,
                           "Received global request type %.*s (wr %X)",
                           strlen, data + 5, want_reply);
            if (want_reply) {
              libssh2_packet_add_jump_point5:
                session->packAdd_state = libssh2_NB_state_jump5;
                data[0] = SSH_MSG_REQUEST_FAILURE;
                rc = _libssh2_transport_write(session, data, 1);
                if (rc == PACKET_EAGAIN)
                    return rc;
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
        }
        break;
        case SSH_MSG_CHANNEL_EXTENDED_DATA:
            /* streamid(4) */
            session->packAdd_data_head += 4;
@@ -643,7 +649,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                    stream_id = _libssh2_ntohu32(data + 5);
                }
-                _libssh2_debug(session, LIBSSH2_DBG_CONN,
+                _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                               "%d bytes packet_add() for %lu/%lu/%lu",
                               (int) (datalen - session->packAdd_data_head),
                               session->packAdd_channel->local.id,
@@ -657,21 +663,19 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                /* Pretend we didn't receive this */
                LIBSSH2_FREE(session, data);
-                _libssh2_debug(session, LIBSSH2_DBG_CONN,
+                _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                               "Ignoring extended data and refunding %d bytes",
                               (int) (datalen - 13));
                /* Adjust the window based on the block we just freed */
              libssh2_packet_add_jump_point1:
                session->packAdd_state = libssh2_NB_state_jump1;
-                rc = libssh2_channel_receive_window_adjust(session->
+                rc = _libssh2_channel_receive_window_adjust(session->
-                                                           packAdd_channel,
+                                                            packAdd_channel,
-                                                           datalen - 13,
+                                                            datalen - 13,
-                                                           0);
+                                                            0, NULL);
-                if (rc == PACKET_EAGAIN) {
+                if (rc == PACKET_EAGAIN)
-                    session->socket_block_directions =
+                    return rc;
-                        LIBSSH2_SESSION_BLOCK_OUTBOUND;
+
                    return PACKET_EAGAIN;
                }
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
@@ -731,101 +735,110 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
            break;
        case SSH_MSG_CHANNEL_EOF:
-            {
+            session->packAdd_channel =
-                session->packAdd_channel =
+                _libssh2_channel_locate(session, _libssh2_ntohu32(data + 1));
                    _libssh2_channel_locate(session, _libssh2_ntohu32(data + 1));
                if (!session->packAdd_channel) {
                    /* We may have freed already, just quietly ignore this... */
                    LIBSSH2_FREE(session, data);
                    session->packAdd_state = libssh2_NB_state_idle;
                    return 0;
                }
                _libssh2_debug(session,
                               LIBSSH2_DBG_CONN,
                               "EOF received for channel %lu/%lu",
                               session->packAdd_channel->local.id,
                               session->packAdd_channel->remote.id);
                session->packAdd_channel->remote.eof = 1;
            if (!session->packAdd_channel) {
                /* We may have freed already, just quietly ignore this... */
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
-            break;
+
            _libssh2_debug(session,
                           LIBSSH2_TRACE_CONN,
                           "EOF received for channel %lu/%lu",
                           session->packAdd_channel->local.id,
                           session->packAdd_channel->remote.id);
            session->packAdd_channel->remote.eof = 1;
            LIBSSH2_FREE(session, data);
            session->packAdd_state = libssh2_NB_state_idle;
            return 0;
        case SSH_MSG_CHANNEL_REQUEST:
-            {
+        {
-                if (_libssh2_ntohu32(data + 5) == sizeof("exit-status") - 1
+            uint32_t channel = _libssh2_ntohu32(data + 1);
-                    && !memcmp("exit-status", data + 9,
+            uint32_t strlen = _libssh2_ntohu32(data + 5);
-                               sizeof("exit-status") - 1)) {
+            unsigned char want_reply = data[9 + strlen];
-                    /* we've got "exit-status" packet. Set the session value */
+            _libssh2_debug(session,
-                    session->packAdd_channel =
+                           LIBSSH2_TRACE_CONN,
-                        _libssh2_channel_locate(session,
+                           "Channel %d received request type %.*s (wr %X)",
-                                                _libssh2_ntohu32(data + 1));
+                           channel, strlen, data + 9, want_reply);
-                    if (session->packAdd_channel) {
+            if (strlen == sizeof("exit-status") - 1
-                        session->packAdd_channel->exit_status =
+                && !memcmp("exit-status", data + 9,
-                            _libssh2_ntohu32(data + 9 + sizeof("exit-status"));
+                           sizeof("exit-status") - 1)) {
                        _libssh2_debug(session, LIBSSH2_DBG_CONN,
                                       "Exit status %lu received for channel %lu/%lu",
                                       session->packAdd_channel->exit_status,
                                       session->packAdd_channel->local.id,
                                       session->packAdd_channel->remote.id);
                    }
-                    LIBSSH2_FREE(session, data);
+                /* we've got "exit-status" packet. Set the session value */
                    session->packAdd_state = libssh2_NB_state_idle;
                    return 0;
                }
            }
            break;
        case SSH_MSG_CHANNEL_CLOSE:
            {
                session->packAdd_channel =
-                    _libssh2_channel_locate(session, _libssh2_ntohu32(data + 1));
+                    _libssh2_channel_locate(session, channel);
-                if (!session->packAdd_channel) {
+                if (session->packAdd_channel) {
-                    /* We may have freed already, just quietly ignore this... */
+                    session->packAdd_channel->exit_status =
-                    LIBSSH2_FREE(session, data);
+                        _libssh2_ntohu32(data + 9 + sizeof("exit-status"));
-                    session->packAdd_state = libssh2_NB_state_idle;
+                    _libssh2_debug(session, LIBSSH2_TRACE_CONN,
-                    return 0;
+                                   "Exit status %lu received for channel %lu/%lu",
                                   session->packAdd_channel->exit_status,
                                   session->packAdd_channel->local.id,
                                   session->packAdd_channel->remote.id);
                }
                _libssh2_debug(session, LIBSSH2_DBG_CONN,
                               "Close received for channel %lu/%lu",
                               session->packAdd_channel->local.id,
                               session->packAdd_channel->remote.id);
                session->packAdd_channel->remote.close = 1;
                session->packAdd_channel->remote.eof = 1;
                /* TODO: Add a callback for this */
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
            if (want_reply) {
              libssh2_packet_add_jump_point4:
                session->packAdd_state = libssh2_NB_state_jump4;
                data[0] = SSH_MSG_CHANNEL_FAILURE;
                rc = _libssh2_transport_write(session, data, 5);
                if (rc == PACKET_EAGAIN)
                    return rc;
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
            break;
       }
        case SSH_MSG_CHANNEL_CLOSE:
            session->packAdd_channel =
                _libssh2_channel_locate(session, _libssh2_ntohu32(data + 1));
            if (!session->packAdd_channel) {
                /* We may have freed already, just quietly ignore this... */
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
                return 0;
            }
            _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                           "Close received for channel %lu/%lu",
                           session->packAdd_channel->local.id,
                           session->packAdd_channel->remote.id);
            session->packAdd_channel->remote.close = 1;
            session->packAdd_channel->remote.eof = 1;
            LIBSSH2_FREE(session, data);
            session->packAdd_state = libssh2_NB_state_idle;
            return 0;
        case SSH_MSG_CHANNEL_OPEN:
            if ((datalen >= (sizeof("forwarded-tcpip") + 4)) &&
                ((sizeof("forwarded-tcpip") - 1) == _libssh2_ntohu32(data + 1))
                &&
-                (memcmp
+                (memcmp(data + 5, "forwarded-tcpip",
-                 (data + 5, "forwarded-tcpip",
+                        sizeof("forwarded-tcpip") - 1) == 0)) {
                  sizeof("forwarded-tcpip") - 1) == 0)) {
              libssh2_packet_add_jump_point2:
                session->packAdd_state = libssh2_NB_state_jump2;
                rc = packet_queue_listener(session, data, datalen,
                                           &session->packAdd_Qlstn_state);
-                if (rc == PACKET_EAGAIN) {
+                if (rc == PACKET_EAGAIN)
-                    session->socket_block_directions =
+                    return rc;
                        LIBSSH2_SESSION_BLOCK_OUTBOUND;
                    return PACKET_EAGAIN;
                }
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
@@ -839,11 +852,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                session->packAdd_state = libssh2_NB_state_jump3;
                rc = packet_x11_open(session, data, datalen,
                                     &session->packAdd_x11open_state);
-                if (rc == PACKET_EAGAIN) {
+                if (rc == PACKET_EAGAIN)
-                    session->socket_block_directions =
+                    return rc;
                        LIBSSH2_SESSION_BLOCK_OUTBOUND;
                    return PACKET_EAGAIN;
                }
                LIBSSH2_FREE(session, data);
                session->packAdd_state = libssh2_NB_state_idle;
@@ -861,7 +871,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                if (session->packAdd_channel && bytestoadd) {
                    session->packAdd_channel->local.window_size += bytestoadd;
                }
-                _libssh2_debug(session, LIBSSH2_DBG_CONN,
+                _libssh2_debug(session, LIBSSH2_TRACE_CONN,
                               "Window adjust received for channel %lu/%lu, adding %lu bytes, new window_size=%lu",
                               session->packAdd_channel->local.id,
                               session->packAdd_channel->remote.id,
@@ -879,33 +889,23 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
    }
    if (session->packAdd_state == libssh2_NB_state_sent) {
-        session->packAdd_packet =
+        LIBSSH2_PACKET *packAdd_packet;
-            LIBSSH2_ALLOC(session, sizeof(LIBSSH2_PACKET));
+        packAdd_packet =
-        if (!session->packAdd_packet) {
+          LIBSSH2_ALLOC(session, sizeof(LIBSSH2_PACKET));
        if (!packAdd_packet) {
            _libssh2_debug(session, LIBSSH2_ERROR_ALLOC,
                           "Unable to allocate memory for LIBSSH2_PACKET");
            LIBSSH2_FREE(session, data);
            session->packAdd_state = libssh2_NB_state_idle;
            return -1;
        }
-        memset(session->packAdd_packet, 0, sizeof(LIBSSH2_PACKET));
+        memset(packAdd_packet, 0, sizeof(LIBSSH2_PACKET));
-        session->packAdd_packet->data = data;
+        packAdd_packet->data = data;
-        session->packAdd_packet->data_len = datalen;
+        packAdd_packet->data_len = datalen;
-        session->packAdd_packet->data_head = session->packAdd_data_head;
+        packAdd_packet->data_head = session->packAdd_data_head;
-        session->packAdd_packet->mac = macstate;
+        packAdd_packet->mac = macstate;
        session->packAdd_packet->brigade = &session->packets;
        session->packAdd_packet->next = NULL;
-        if (session->packets.tail) {
+        _libssh2_list_add(&session->packets, &packAdd_packet->node);
            session->packAdd_packet->prev = session->packets.tail;
            session->packAdd_packet->prev->next = session->packAdd_packet;
            session->packets.tail = session->packAdd_packet;
        } else {
            session->packets.head = session->packAdd_packet;
            session->packets.tail = session->packAdd_packet;
            session->packAdd_packet->prev = NULL;
        }
        session->packAdd_state = libssh2_NB_state_sent1;
    }
@@ -919,7 +919,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
             * Well, it's already in the brigade,
             * let's just call back into ourselves
             */
-            _libssh2_debug(session, LIBSSH2_DBG_TRANS, "Renegotiating Keys");
+            _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Renegotiating Keys");
            session->packAdd_state = libssh2_NB_state_sent2;
        }
@@ -948,7 +948,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
         */
        rc = libssh2_kex_exchange(session, 1, &session->startup_key_state);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        }
    }
@@ -968,9 +968,9 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type,
                    unsigned long match_ofs, const unsigned char *match_buf,
                    unsigned long match_len)
 {
-    LIBSSH2_PACKET *packet = session->packets.head;
+    LIBSSH2_PACKET *packet = _libssh2_list_first(&session->packets);
-    _libssh2_debug(session, LIBSSH2_DBG_TRANS,
+    _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                   "Looking for packet of type: %d", (int) packet_type);
    while (packet) {
@@ -982,24 +982,14 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type,
            *data = packet->data;
            *data_len = packet->data_len;
-            /* unlink struct */
+            /* unlink struct from session->packets */
-            if (packet->prev) {
+            _libssh2_list_remove(&packet->node);
                packet->prev->next = packet->next;
            } else {
                session->packets.head = packet->next;
            }
            if (packet->next) {
                packet->next->prev = packet->prev;
            } else {
                session->packets.tail = packet->prev;
            }
            LIBSSH2_FREE(session, packet);
            return 0;
        }
-        packet = packet->next;
+        packet = _libssh2_list_next(&packet->node);
    }
    return -1;
 }
@@ -1060,13 +1050,10 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type,
    }
    while (session->socket_state == LIBSSH2_SOCKET_CONNECTED) {
-        libssh2pack_t ret = _libssh2_transport_read(session);
+        int ret = _libssh2_transport_read(session);
-        if (ret == PACKET_EAGAIN) {
+        if (ret == PACKET_EAGAIN)
-            return PACKET_EAGAIN;
+            return ret;
-        } else if (ret == 0) {
+        else if (ret < 0) {
            /* There is no data, return that. TODO: is this really correct? */
            return PACKET_EAGAIN;
        } else if (ret < 0) {
            state->start = 0;
            /* an error which is not just because of blocking */
            return ret;
@@ -1078,17 +1065,18 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type,
            return ret;
        } else if (ret == 0) {
            /* nothing available, wait until data arrives or we time out */
-            long left = LIBSSH2_READ_TIMEOUT - (time(NULL) - state->start);
+            long left = LIBSSH2_READ_TIMEOUT - (long)(time(NULL) - state->start);
            if (left <= 0) {
                state->start = 0;
                return PACKET_TIMEOUT;
            }
            return -1; /* no packet available yet */
        }
    }
    /* Only reached if the socket died */
-    return -1;
+    return LIBSSH2_ERROR_SOCKET_DISCONNECT;
 }
 /*
@@ -1121,14 +1109,15 @@ _libssh2_packet_burn(LIBSSH2_SESSION * session,
            return i;
        }
-        _libssh2_debug(session, LIBSSH2_DBG_TRANS,
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                       "Blocking until packet becomes available to burn");
        *state = libssh2_NB_state_created;
    }
    while (session->socket_state == LIBSSH2_SOCKET_CONNECTED) {
-        if ((ret = _libssh2_transport_read(session)) == PACKET_EAGAIN) {
+        ret = _libssh2_transport_read(session);
-            return PACKET_EAGAIN;
+        if (ret == PACKET_EAGAIN) {
            return ret;
        } else if (ret < 0) {
            *state = libssh2_NB_state_idle;
            return ret;
@@ -1148,7 +1137,7 @@ _libssh2_packet_burn(LIBSSH2_SESSION * session,
    }
    /* Only reached if the socket died */
-    return -1;
+    return LIBSSH2_ERROR_SOCKET_DISCONNECT;
 }
 /*
@@ -1187,14 +1176,14 @@ _libssh2_packet_requirev(LIBSSH2_SESSION * session,
            return ret;
        }
        if (ret <= 0) {
-            long left = LIBSSH2_READ_TIMEOUT - (time(NULL) - state->start);
+            long left = LIBSSH2_READ_TIMEOUT - (long)(time(NULL) - state->start);
            if (left <= 0) {
                state->start = 0;
                return PACKET_TIMEOUT;
            }
            else if (ret == PACKET_EAGAIN) {
-                return PACKET_EAGAIN;
+                return ret;
            }
        }
@@ -1208,6 +1197,6 @@ _libssh2_packet_requirev(LIBSSH2_SESSION * session,
    /* Only reached if the socket died */
    state->start = 0;
-    return -1;
+    return LIBSSH2_ERROR_SOCKET_DISCONNECT;
 }
--- a/src/pem.c
+++ b/src/pem.c
@@ -38,6 +38,8 @@
 #include "libssh2_priv.h"
 #ifdef LIBSSH2_LIBGCRYPT /* compile only if we build with libgcrypt */
 static int
 readline(char *line, int line_size, FILE * fp)
 {
@@ -207,3 +209,5 @@ _libssh2_pem_decode_integer(unsigned char **data, unsigned int *datalen,
    return 0;
 }
 #endif /* LIBSSH2_LIBGCRYPT */
--- a/src/publickey.c
+++ b/src/publickey.c
@@ -37,6 +37,7 @@
 #include "libssh2_priv.h"
 #include "libssh2_publickey.h"
 #include "channel.h"
 #define LIBSSH2_PUBLICKEY_VERSION               2
@@ -168,9 +169,9 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey,
    int rc;
    if (pkey->receive_state == libssh2_NB_state_idle) {
-        rc = libssh2_channel_read_ex(channel, 0, (char *) buffer, 4);
+        rc = _libssh2_channel_read(channel, 0, (char *) buffer, 4);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc != 4) {
            libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_PROTOCOL,
                          "Invalid response from publickey subsystem", 0);
@@ -190,10 +191,10 @@ publickey_packet_receive(LIBSSH2_PUBLICKEY * pkey,
    }
    if (pkey->receive_state == libssh2_NB_state_sent) {
-        rc = libssh2_channel_read_ex(channel, 0, (char *) pkey->receive_packet,
+        rc = _libssh2_channel_read(channel, 0, (char *) pkey->receive_packet,
-                                     pkey->receive_packet_len);
+                                   pkey->receive_packet_len);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc != (int)pkey->receive_packet_len) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_TIMEOUT,
                          "Timeout waiting for publickey subsystem response packet",
@@ -265,7 +266,7 @@ publickey_response_success(LIBSSH2_PUBLICKEY * pkey)
    while (1) {
        rc = publickey_packet_receive(pkey, &data, &data_len);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_TIMEOUT,
                          "Timeout waiting for response from publickey subsystem",
@@ -352,7 +353,7 @@ libssh2_publickey_init(LIBSSH2_SESSION * session)
        session->pkeyInit_pkey = NULL;
        session->pkeyInit_channel = NULL;
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                       "Initializing publickey subsystem");
        session->pkeyInit_state = libssh2_NB_state_allocated;
@@ -433,7 +434,7 @@ libssh2_publickey_init(LIBSSH2_SESSION * session)
        _libssh2_htonu32(s, LIBSSH2_PUBLICKEY_VERSION);
        s += 4;
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                       "Sending publickey version packet advertising version %d support",
                       (int) LIBSSH2_PUBLICKEY_VERSION);
@@ -441,8 +442,8 @@ libssh2_publickey_init(LIBSSH2_SESSION * session)
    }
    if (session->pkeyInit_state == libssh2_NB_state_sent2) {
-        rc = libssh2_channel_write_ex(session->pkeyInit_channel, 0,
+        rc = _libssh2_channel_write(session->pkeyInit_channel, 0,
-                                      (char *) buffer, (s - buffer));
+                                    (char *) buffer, (s - buffer));
        if (rc == PACKET_EAGAIN) {
            libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
                          "Would block sending publickey version packet", 0);
@@ -518,13 +519,13 @@ libssh2_publickey_init(LIBSSH2_SESSION * session)
                session->pkeyInit_pkey->version = _libssh2_ntohu32(s);
                if (session->pkeyInit_pkey->version >
                    LIBSSH2_PUBLICKEY_VERSION) {
-                    _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+                    _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                                   "Truncating remote publickey version from %lu",
                                   session->pkeyInit_pkey->version);
                    session->pkeyInit_pkey->version =
                        LIBSSH2_PUBLICKEY_VERSION;
                }
-                _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+                _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                               "Enabling publickey subsystem version %lu",
                               session->pkeyInit_pkey->version);
                LIBSSH2_FREE(session, session->pkeyInit_data);
@@ -589,7 +590,7 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY * pkey, const unsigned char *name,
    if (pkey->add_state == libssh2_NB_state_idle) {
        pkey->add_packet = NULL;
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY, "Adding %s publickey",
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY, "Adding %s publickey",
                       name);
        if (pkey->version == 1) {
@@ -670,7 +671,7 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY * pkey, const unsigned char *name,
            }
        }
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                       "Sending publickey \"add\" packet: type=%s blob_len=%ld num_attrs=%ld",
                       name, blob_len, num_attrs);
@@ -678,10 +679,10 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY * pkey, const unsigned char *name,
    }
    if (pkey->add_state == libssh2_NB_state_created) {
-        rc = libssh2_channel_write_ex(channel, 0, (char *) pkey->add_packet,
+        rc = _libssh2_channel_write(channel, 0, (char *) pkey->add_packet,
-                                      (pkey->add_s - pkey->add_packet));
+                                    (pkey->add_s - pkey->add_packet));
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if ((pkey->add_s - pkey->add_packet) != rc) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
                          "Unable to send publickey add packet", 0);
@@ -697,7 +698,7 @@ libssh2_publickey_add_ex(LIBSSH2_PUBLICKEY * pkey, const unsigned char *name,
    rc = publickey_response_success(pkey);
    if (rc == PACKET_EAGAIN) {
-        return PACKET_EAGAIN;
+        return rc;
    }
    pkey->add_state = libssh2_NB_state_idle;
@@ -746,7 +747,7 @@ libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY * pkey,
        memcpy(pkey->remove_s, blob, blob_len);
        pkey->remove_s += blob_len;
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                       "Sending publickey \"remove\" packet: type=%s blob_len=%ld",
                       name, blob_len);
@@ -754,10 +755,10 @@ libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY * pkey,
    }
    if (pkey->remove_state == libssh2_NB_state_created) {
-        rc = libssh2_channel_write_ex(channel, 0, (char *) pkey->remove_packet,
+        rc = _libssh2_channel_write(channel, 0, (char *) pkey->remove_packet,
-                                      (pkey->remove_s - pkey->remove_packet));
+                                    (pkey->remove_s - pkey->remove_packet));
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if ((pkey->remove_s - pkey->remove_packet) != rc) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
                          "Unable to send publickey remove packet", 0);
@@ -774,7 +775,7 @@ libssh2_publickey_remove_ex(LIBSSH2_PUBLICKEY * pkey,
    rc = publickey_response_success(pkey);
    if (rc == PACKET_EAGAIN) {
-        return PACKET_EAGAIN;
+        return rc;
    }
    pkey->remove_state = libssh2_NB_state_idle;
@@ -808,19 +809,19 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys,
        memcpy(pkey->listFetch_s, "list", sizeof("list") - 1);
        pkey->listFetch_s += sizeof("list") - 1;
-        _libssh2_debug(session, LIBSSH2_DBG_PUBLICKEY,
+        _libssh2_debug(session, LIBSSH2_TRACE_PUBLICKEY,
                       "Sending publickey \"list\" packet");
        pkey->listFetch_state = libssh2_NB_state_created;
    }
    if (pkey->listFetch_state == libssh2_NB_state_created) {
-        rc = libssh2_channel_write_ex(channel, 0,
+        rc = _libssh2_channel_write(channel, 0,
-                                      (char *) pkey->listFetch_buffer,
+                                    (char *) pkey->listFetch_buffer,
-                                      (pkey->listFetch_s -
+                                    (pkey->listFetch_s -
-                                       pkey->listFetch_buffer));
+                                     pkey->listFetch_buffer));
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if ((pkey->listFetch_s - pkey->listFetch_buffer) != rc) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
                          "Unable to send publickey list packet", 0);
@@ -835,7 +836,7 @@ libssh2_publickey_list_fetch(LIBSSH2_PUBLICKEY * pkey, unsigned long *num_keys,
        rc = publickey_packet_receive(pkey, &pkey->listFetch_data,
                                      &pkey->listFetch_data_len);
        if (rc == PACKET_EAGAIN) {
-            return PACKET_EAGAIN;
+            return rc;
        } else if (rc) {
            libssh2_error(session, LIBSSH2_ERROR_SOCKET_TIMEOUT,
                          "Timeout waiting for response from publickey subsystem",
@@ -1040,6 +1041,7 @@ LIBSSH2_API int
 libssh2_publickey_shutdown(LIBSSH2_PUBLICKEY * pkey)
 {
    LIBSSH2_SESSION *session = pkey->channel->session;
    int rc;
    /*
     * Make sure all memory used in the state variables are free
@@ -1061,9 +1063,9 @@ libssh2_publickey_shutdown(LIBSSH2_PUBLICKEY * pkey)
        pkey->listFetch_data = NULL;
    }
-    if (libssh2_channel_free(pkey->channel) == PACKET_EAGAIN) {
+    rc = libssh2_channel_free(pkey->channel);
-        return PACKET_EAGAIN;
+    if (rc == PACKET_EAGAIN)
-    }
+        return rc;
    LIBSSH2_FREE(session, pkey);
    return 0;
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,2 @@`
							`win32/msvcproj.head -crlf`
							`win32/msvcproj.foot -crlf`