RELEASE-NOTES: synced with 92a9f95279

Rationale: Everything else in this file states a fact about the win32
platform that is unconditional for that platform.  There is nothing
unconditional about the presence of zlib.  It is neither included with
Windows nor with the platform SDK.  Therefore, this is not an appropriate
place to assert its presence.  Especially as, once asserted, it cannot be
overridden using a compiler flag.

In contrast, if it is omitted, then it can easily be reasserted by adding
a compiler flag defining LIBSSH2_HAVE_ZLIB.

Makefile.am

@@ -1,6 +1,9 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-SUBDIRS = src example tests docs
+SUBDIRS = src tests docs
+if BUILD_EXAMPLES
+SUBDIRS += example
+endif
 
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libssh2.pc

RELEASE-NOTES

@@ -1,30 +1,21 @@
-libssh2 1.4.0
-
-This release includes the following changes:
-
- o Added libssh2_session_supported_algs()
- o Added libssh2_session_banner_get()
- o Added libssh2_sftp_get_channel()
- o libssh2.h: bump the default window size to 256K
+libssh2 1.4.2
 
 This release includes the following bugfixes:
 
- o sftp-seek: clear EOF flag
- o userauth: Provide more informations if ssh pub key extraction fails
- o ssh2_exec: skip error outputs for EAGAIN
- o LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000
- o knownhost_check(): Don't dereference ext if NULL is passed
- o knownhost_add: Avoid dereferencing uninitialized memory on error path
- o OpenSSL EVP: fix threaded use of structs
- o _libssh2_channel_read: react on errors from receive_window_adjust
- o sftp_read: cap the read ahead maximum amount
- o _libssh2_channel_read: fix non-blocking window adjusting
+ o Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner
+ o userauth.c: fread() from public key file to correctly detect any errors
+ o configure.ac: Add option to disable build of the example applications
+ o Added 'Requires.private:' line to libssh2.pc
+ o SFTP: filter off incoming "zombie" responses
+ o gettimeofday: no need for a replacement under cygwin
+ o SSH_MSG_CHANNEL_REQUEST: default to want_reply
+ o win32/libssh2_config.h: Remove hardcoded #define LIBSSH2_HAVE_ZLIB
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Gellule Xg, Jernej Kovacic, Peter Krempa, Vincent Torri, Kamil Dudka,
- Peter Stuge, Guenter Knauf, John Engstrom, Alexander Lamaison,
- Mikhail Gusarov
+ Alexander Lamaison, Rafael Kitover, Guenter Knauf, Peter Stuge,
+ Oleksiy Zagorskyi
  
         Thanks! (and sorry if I forgot to mention someone)
+

configure.ac

@@ -96,13 +96,17 @@ AC_ARG_WITH(libz,
 # Look for OpenSSL (default)
 if test "$use_openssl" != "no" && test "$use_libgcrypt" != "yes"; then
   AC_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include <openssl/ssl.h>])
+  LIBSREQUIRED=libssl,libcrypto
 fi
 
 # Look for libgcrypt
 if test "$ac_cv_libssl" != "yes" && test "$use_libgcrypt" != "no"; then
   AC_LIB_HAVE_LINKFLAGS([gcrypt], [], [#include <gcrypt.h>])
+  LIBSREQUIRED=libgcrypt
 fi
 
+AC_SUBST(LIBSREQUIRED)
+
 if test "$ac_cv_libssl" != "yes" && test "$ac_cv_libgcrypt" != "yes"; then
   AC_MSG_ERROR([cannot find OpenSSL or Libgcrypt,
 try --with-libssl-prefix=PATH or --with-libgcrypt-prefix=PATH])
@@ -215,12 +219,29 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi
        AC_MSG_RESULT(no)
 )
 
+# Build example applications?
+AC_MSG_CHECKING([whether to build example applications])
+AC_ARG_ENABLE([examples-build],
+AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)])
+AC_HELP_STRING([--disable-examples-build], [Do not build example applications]),
+[case "$enableval" in
+  no | false)
+    build_examples='no'
+    ;;
+  *)
+    build_examples='yes'
+    ;;
+esac], [build_examples='yes'])
+AC_MSG_RESULT($build_examples)
+AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$build_examples" != "xno"])
+
 # Checks for header files.
 # AC_HEADER_STDC
 AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h])
 AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h])
 AC_CHECK_HEADERS([arpa/inet.h netinet/in.h])
-AC_CHECK_HEADERS([sys/un.h])
+AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no])
+AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes)
 
 case $host in
   *-*-cygwin* | *-*-cegcc*)
@@ -299,6 +320,7 @@ AC_MSG_NOTICE([summary of build options:
   Library types:    Shared=${enable_shared}, Static=${enable_static}
   Crypto library:   openssl: ${ac_cv_libssl:-no} (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A}) libgcrypt: ${ac_cv_libgcrypt:-no}
   Debug build:      $enable_debug
+  Build examples:   $build_examples
   Path to sshd:     $ac_cv_path_SSHD (only for self-tests)
   libz compression: $ac_cv_libz
 ])

example/.gitignore

@@ -33,4 +33,5 @@ test-sftp_nonblock
 test-sftp_write
 test-sftp_write_nonblock
 test-ssh2_echo
+tcpip-forward
 x11

example/Makefile.am

@@ -7,7 +7,11 @@ noinst_PROGRAMS = direct_tcpip ssh2 scp scp_nonblock scp_write		\
  scp_write_nonblock sftp sftp_nonblock sftp_write sftp_write_nonblock	\
  sftp_mkdir sftp_mkdir_nonblock sftp_RW_nonblock sftp_write_sliding	\
  sftpdir sftpdir_nonblock ssh2_exec ssh2_agent ssh2_echo sftp_append	\
- subsystem_netconf x11
+ subsystem_netconf tcpip-forward
+
+if HAVE_SYS_UN_H
+noinst_PROGRAMS += x11
+endif
 
 AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/example
 LDADD = $(top_builddir)/src/libssh2.la

example/subsystem_netconf.c

@@ -61,7 +61,8 @@ static int netconf_write(LIBSSH2_CHANNEL *channel, const char *buf, size_t len)
 static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
                               char *buf, size_t buflen)
 {
-    ssize_t len, rd = 0;
+    ssize_t len;
+    size_t rd = 0;
     char *endreply = NULL, *specialsequence = NULL;
 
     memset(buf, 0, buflen);
@@ -71,7 +72,7 @@ static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
         if (LIBSSH2_ERROR_EAGAIN == len)
             continue;
         else if (len < 0) {
-            fprintf(stderr, "libssh2_channel_read: %d", (int)len);
+            fprintf(stderr, "libssh2_channel_read: %d\n", (int)len);
             return -1;
         }
         rd += len;
@@ -85,7 +86,12 @@ static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
         if (endreply)
             specialsequence = strstr(endreply, "]]>]]>");
 
-    } while (!endreply || !specialsequence);
+    } while (!specialsequence && rd < buflen);
+
+    if (!specialsequence) {
+        fprintf(stderr, "%s: ]]>]]> not found! read buffer too small?\n", __func__);
+        return -1;
+    }
 
     /* discard the special sequence so that only XML is returned */
     rd = specialsequence - buf;

example/tcpip-forward.c

@@ -0,0 +1,292 @@
+#include "libssh2_config.h"
+#include <libssh2.h>
+
+#ifdef WIN32
+#include <windows.h>
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/time.h>
+#endif
+
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+
+#ifndef INADDR_NONE
+#define INADDR_NONE (in_addr_t)-1
+#endif
+
+const char *keyfile1 = "/home/username/.ssh/id_rsa.pub";
+const char *keyfile2 = "/home/username/.ssh/id_rsa";
+const char *username = "username";
+const char *password = "";
+
+const char *server_ip = "127.0.0.1";
+
+const char *remote_listenhost = "localhost"; /* resolved by the server */
+unsigned int remote_wantport = 2222;
+unsigned int remote_listenport;
+
+const char *local_destip = "127.0.0.1";
+unsigned int local_destport = 22;
+
+enum {
+    AUTH_NONE = 0,
+    AUTH_PASSWORD,
+    AUTH_PUBLICKEY
+};
+
+int main(int argc, char *argv[])
+{
+    int rc, sock = -1, forwardsock = -1, i, auth = AUTH_NONE;
+    struct sockaddr_in sin;
+    socklen_t sinlen = sizeof(sin);
+    const char *fingerprint;
+    char *userauthlist;
+    LIBSSH2_SESSION *session;
+    LIBSSH2_LISTENER *listener = NULL;
+    LIBSSH2_CHANNEL *channel = NULL;
+    const char *shost;
+    unsigned int sport;
+    fd_set fds;
+    struct timeval tv;
+    ssize_t len, wr;
+    char buf[16384];
+
+#ifdef WIN32
+    char sockopt;
+    WSADATA wsadata;
+
+    WSAStartup(MAKEWORD(2,0), &wsadata);
+#else
+    int sockopt;
+#endif
+
+    if (argc > 1)
+        server_ip = argv[1];
+    if (argc > 2)
+        username = argv[2];
+    if (argc > 3)
+        password = argv[3];
+    if (argc > 4)
+        remote_listenhost = argv[4];
+    if (argc > 5)
+        remote_wantport = atoi(argv[5]);
+    if (argc > 6)
+        local_destip = argv[6];
+    if (argc > 7)
+        local_destport = atoi(argv[7]);
+
+    rc = libssh2_init (0);
+    if (rc != 0) {
+        fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
+        return 1;
+    }
+
+    /* Connect to SSH server */
+    sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+    sin.sin_family = AF_INET;
+    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(server_ip))) {
+        perror("inet_addr");
+        return -1;
+    }
+    sin.sin_port = htons(22);
+    if (connect(sock, (struct sockaddr*)(&sin),
+                sizeof(struct sockaddr_in)) != 0) {
+        fprintf(stderr, "failed to connect!\n");
+        return -1;
+    }
+
+    /* Create a session instance */
+    session = libssh2_session_init();
+    if(!session) {
+        fprintf(stderr, "Could not initialize SSH session!\n");
+        return -1;
+    }
+
+    /* ... start it up. This will trade welcome banners, exchange keys,
+     * and setup crypto, compression, and MAC layers
+     */
+    rc = libssh2_session_handshake(session, sock);
+    if(rc) {
+        fprintf(stderr, "Error when starting up SSH session: %d\n", rc);
+        return -1;
+    }
+
+    /* At this point we havn't yet authenticated.  The first thing to do
+     * is check the hostkey's fingerprint against our known hosts Your app
+     * may have it hard coded, may go to a file, may present it to the
+     * user, that's your call
+     */
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
+    fprintf(stderr, "Fingerprint: ");
+    for(i = 0; i < 20; i++)
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
+    fprintf(stderr, "\n");
+
+    /* check what authentication methods are available */
+    userauthlist = libssh2_userauth_list(session, username, strlen(username));
+    printf("Authentication methods: %s\n", userauthlist);
+    if (strstr(userauthlist, "password"))
+        auth |= AUTH_PASSWORD;
+    if (strstr(userauthlist, "publickey"))
+        auth |= AUTH_PUBLICKEY;
+
+    /* check for options */
+    if(argc > 8) {
+        if ((auth & AUTH_PASSWORD) && !strcasecmp(argv[8], "-p"))
+            auth = AUTH_PASSWORD;
+        if ((auth & AUTH_PUBLICKEY) && !strcasecmp(argv[8], "-k"))
+            auth = AUTH_PUBLICKEY;
+    }
+
+    if (auth & AUTH_PASSWORD) {
+        if (libssh2_userauth_password(session, username, password)) {
+            fprintf(stderr, "Authentication by password failed.\n");
+            goto shutdown;
+        }
+    } else if (auth & AUTH_PUBLICKEY) {
+        if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
+                                                keyfile2, password)) {
+            printf("\tAuthentication by public key failed!\n");
+            goto shutdown;
+        }
+        printf("\tAuthentication by public key succeeded.\n");
+    } else {
+        printf("No supported authentication methods found!\n");
+        goto shutdown;
+    }
+
+    printf("Asking server to listen on remote %s:%d\n", remote_listenhost,
+        remote_wantport);
+
+    listener = libssh2_channel_forward_listen_ex(session, remote_listenhost,
+        remote_wantport, &remote_listenport, 1);
+    if (!listener) {
+        fprintf(stderr, "Could not start the tcpip-forward listener!\n"
+                "(Note that this can be a problem at the server!"
+                " Please review the server logs.)\n");
+        goto shutdown;
+    }
+
+    printf("Server is listening on %s:%d\n", remote_listenhost,
+        remote_listenport);
+
+    printf("Waiting for remote connection\n");
+    channel = libssh2_channel_forward_accept(listener);
+    if (!channel) {
+        fprintf(stderr, "Could not accept connection!\n"
+                "(Note that this can be a problem at the server!"
+                " Please review the server logs.)\n");
+        goto shutdown;
+    }
+
+    printf("Accepted remote connection. Connecting to local server %s:%d\n",
+        local_destip, local_destport);
+    forwardsock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+    sin.sin_family = AF_INET;
+    sin.sin_port = htons(local_destport);
+    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(local_destip))) {
+        perror("inet_addr");
+        goto shutdown;
+    }
+    if (-1 == connect(forwardsock, (struct sockaddr *)&sin, sinlen)) {
+        perror("connect");
+        goto shutdown;
+    }
+
+    printf("Forwarding connection from remote %s:%d to local %s:%d\n",
+        remote_listenhost, remote_listenport, local_destip, local_destport);
+
+    /* Must use non-blocking IO hereafter due to the current libssh2 API */
+    libssh2_session_set_blocking(session, 0);
+
+    while (1) {
+        FD_ZERO(&fds);
+        FD_SET(forwardsock, &fds);
+        tv.tv_sec = 0;
+        tv.tv_usec = 100000;
+        rc = select(forwardsock + 1, &fds, NULL, NULL, &tv);
+        if (-1 == rc) {
+            perror("select");
+            goto shutdown;
+        }
+        if (rc && FD_ISSET(forwardsock, &fds)) {
+            len = recv(forwardsock, buf, sizeof(buf), 0);
+            if (len < 0) {
+                perror("read");
+                goto shutdown;
+            } else if (0 == len) {
+                printf("The local server at %s:%d disconnected!\n",
+                    local_destip, local_destport);
+                goto shutdown;
+            }
+            wr = 0;
+            do {
+                i = libssh2_channel_write(channel, buf, len);
+                if (i < 0) {
+                    fprintf(stderr, "libssh2_channel_write: %d\n", i);
+                    goto shutdown;
+                }
+                wr += i;
+            } while(i > 0 && wr < len);
+        }
+        while (1) {
+            len = libssh2_channel_read(channel, buf, sizeof(buf));
+            if (LIBSSH2_ERROR_EAGAIN == len)
+                break;
+            else if (len < 0) {
+                fprintf(stderr, "libssh2_channel_read: %d", (int)len);
+                goto shutdown;
+            }
+            wr = 0;
+            while (wr < len) {
+                i = send(forwardsock, buf + wr, len - wr, 0);
+                if (i <= 0) {
+                    perror("write");
+                    goto shutdown;
+                }
+                wr += i;
+            }
+            if (libssh2_channel_eof(channel)) {
+                printf("The remote client at %s:%d disconnected!\n",
+                    remote_listenhost, remote_listenport);
+                goto shutdown;
+            }
+        }
+    }
+
+shutdown:
+#ifdef WIN32
+    closesocket(forwardsock);
+#else
+    close(forwardsock);
+#endif
+    if (channel)
+        libssh2_channel_free(channel);
+    if (listener)
+        libssh2_channel_forward_cancel(listener);
+    libssh2_session_disconnect(session, "Client disconnecting normally");
+    libssh2_session_free(session);
+
+#ifdef WIN32
+    closesocket(sock);
+#else
+    close(sock);
+#endif
+
+    libssh2_exit();
+
+    return 0;
+}

example/x11.c

@@ -79,7 +79,12 @@ static int _raw_mode(void)
     rc = tcgetattr(fileno(stdin), &tio);
     if (rc != -1) {
         _saved_tio = tio;
-        cfmakeraw(&tio);
+        /* do the equivalent of cfmakeraw() manually, to build on Solaris */
+        tio.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP|INLCR|IGNCR|ICRNL|IXON);
+        tio.c_oflag &= ~OPOST;
+        tio.c_lflag &= ~(ECHO|ECHONL|ICANON|ISIG|IEXTEN);
+        tio.c_cflag &= ~(CSIZE|PARENB);
+        tio.c_cflag |= CS8;
         rc = tcsetattr(fileno(stdin), TCSADRAIN, &tio);
     }
     return rc;
@@ -203,7 +208,7 @@ static int x11_send_receive(LIBSSH2_CHANNEL *channel, int sock)
 
     rc = libssh2_poll(fds, nfds, 0);
     if (rc >0) {
-        rc = libssh2_channel_read(channel, buf,sizeof(buf));
+        rc = libssh2_channel_read(channel, buf, bufsize);
         rc = write(sock, buf, rc);
     }
 
@@ -212,7 +217,7 @@ static int x11_send_receive(LIBSSH2_CHANNEL *channel, int sock)
         memset((void *)buf,0,bufsize);
 
         /* Data in sock*/
-        rc = read(sock, buf,sizeof(buf));
+        rc = read(sock, buf, bufsize);
         if (rc > 0)
             rc = libssh2_channel_write(channel,buf, rc);
         else

include/libssh2.h

@@ -1,5 +1,5 @@
 /* Copyright (c) 2004-2009, Sara Golemon <sarag@libssh2.org>
- * Copyright (c) 2009-2010 Daniel Stenberg
+ * Copyright (c) 2009-2012 Daniel Stenberg
  * Copyright (c) 2010 Simon Josefsson <simon@josefsson.org>
  * All rights reserved.
  *
@@ -40,19 +40,19 @@
 #ifndef LIBSSH2_H
 #define LIBSSH2_H 1
 
-#define LIBSSH2_COPYRIGHT "2004-2011 The libssh2 project and its contributors."
+#define LIBSSH2_COPYRIGHT "2004-2012 The libssh2 project and its contributors."
 
 /* We use underscore instead of dash when appending DEV in dev versions just
    to make the BANNER define (used by src/session.c) be a valid SSH
    banner. Release versions have no appended strings and may of course not
    have dashes either. */
-#define LIBSSH2_VERSION                             "1.4.0_DEV"
+#define LIBSSH2_VERSION                             "1.4.2_DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBSSH2_VERSION_MAJOR                       1
 #define LIBSSH2_VERSION_MINOR                       4
-#define LIBSSH2_VERSION_PATCH                       0
+#define LIBSSH2_VERSION_PATCH                       2
 
 /* This is the numeric version of the libssh2 version number, meant for easier
    parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
@@ -69,7 +69,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBSSH2_VERSION_NUM                         0x010400
+#define LIBSSH2_VERSION_NUM                         0x010402
 
 /*
  * This is the date and time when the full source package was created. The
@@ -135,9 +135,10 @@ typedef long long libssh2_int64_t;
 
 #ifdef WIN32
 typedef SOCKET libssh2_socket_t;
+#define LIBSSH2_INVALID_SOCKET INVALID_SOCKET
 #else /* !WIN32 */
 typedef int libssh2_socket_t;
-#define INVALID_SOCKET -1
+#define LIBSSH2_INVALID_SOCKET -1
 #endif /* WIN32 */
 
 /* Part of every banner, user specified or not */
@@ -466,6 +467,8 @@ LIBSSH2_API void **libssh2_session_abstract(LIBSSH2_SESSION *session);
 
 LIBSSH2_API void *libssh2_session_callback_set(LIBSSH2_SESSION *session,
                                                int cbtype, void *callback);
+LIBSSH2_API int libssh2_session_banner_set(LIBSSH2_SESSION *session,
+                                           const char *banner);
 LIBSSH2_API int libssh2_banner_set(LIBSSH2_SESSION *session,
                                    const char *banner);
 

libssh2.pc.in

@@ -11,6 +11,7 @@ Name: libssh2
 URL: http://www.libssh2.org/
 Description: Library for SSH-based communication
 Version: @LIBSSH2VER@
+Requires.private: @LIBSREQUIRED@
 Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@
 Libs.private: @LIBS@
 Cflags: -I${includedir}

nw/Makefile.netware

@@ -14,12 +14,12 @@ endif
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.5
+ZLIB_PATH = ../../zlib-1.2.6
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8r
+OPENSSL_PATH = ../../openssl-0.9.8v
 endif
 
 # Edit the path below to point to your Distribution folder.
@@ -229,9 +229,11 @@ $(OBJDIR)/version.inc: ../include/libssh2.h $(OBJDIR)
 
 dist: all $(DISTDIR) $(DISTDIR)/readme.txt
 	@-$(MD) $(DISTDIR)$(DS)bin
+	@-$(CP) ../AUTHORS $(DISTDIR)
 	@-$(CP) ../COPYING $(DISTDIR)
 	@-$(CP) ../INSTALL $(DISTDIR)
 	@-$(CP) ../README $(DISTDIR)
+	@-$(CP) ../RELEASE-NOTES $(DEVLDIR)
 	@$(CP) $(TARGET).nlm $(DISTDIR)/bin
 	@echo Creating $(DISTARC)
 	@$(ZIP) $(DISTARC) $(DISTDIR)/* < $(DISTDIR)/readme.txt
@@ -240,9 +242,11 @@ dev: all $(DEVLDIR) $(DEVLDIR)/readme.txt
 	@-$(MD) $(DEVLDIR)$(DS)bin
 	@-$(MD) $(DEVLDIR)$(DS)include
 	@-$(MD) $(DEVLDIR)$(DS)nw
+	@-$(CP) ../AUTHORS $(DISTDIR)
 	@-$(CP) ../COPYING $(DISTDIR)
 	@-$(CP) ../INSTALL $(DEVLDIR)
 	@-$(CP) ../README $(DEVLDIR)
+	@-$(CP) ../RELEASE-NOTES $(DEVLDIR)
 	@$(CP) $(TARGET).nlm $(DEVLDIR)/bin
 	@$(CP) ../include/*.h $(DEVLDIR)/include
 	@$(CP) libssh2_config.h $(DEVLDIR)/include
@@ -566,7 +570,7 @@ $(DEVLDIR)/readme.txt: Makefile.netware
 	@echo Creating $@
 	@echo $(DL)This is a development distribution for NetWare platform.$(DL) > $@
 	@echo $(DL)libssh2 version $(LIBSSH2_VERSION_STR)$(DL) >> $@
-	@echo $(DL)Please download the complete libssh package for$(DL) >> $@
+	@echo $(DL)Please download the complete libssh2 package for$(DL) >> $@
 	@echo $(DL)any further documentation:$(DL) >> $@
 	@echo $(DL)$(WWWURL)$(DL) >> $@
 

nw/test/Makefile.netware

@@ -14,12 +14,12 @@ endif
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../../zlib-1.2.5
+ZLIB_PATH = ../../../zlib-1.2.6
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8r
+OPENSSL_PATH = ../../../openssl-0.9.8v
 endif
 
 # Edit the var below to enable static linking of libssh2 and libz

src/agent.c

@@ -338,7 +338,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
 static int
 agent_disconnect_pageant(LIBSSH2_AGENT *agent)
 {
-    agent->fd = INVALID_SOCKET;
+    agent->fd = LIBSSH2_INVALID_SOCKET;
     return 0;
 }
 
@@ -771,7 +771,7 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent,
 LIBSSH2_API int
 libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
 {
-    if (agent->ops && agent->fd != INVALID_SOCKET)
+    if (agent->ops && agent->fd != LIBSSH2_INVALID_SOCKET)
         return agent->ops->disconnect(agent);
     return 0;
 }
@@ -785,7 +785,7 @@ libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
 LIBSSH2_API void
 libssh2_agent_free(LIBSSH2_AGENT *agent) {
     /* Allow connection freeing when the socket has lost its connection */
-    if (agent->fd != INVALID_SOCKET) {
+    if (agent->fd != LIBSSH2_INVALID_SOCKET) {
         libssh2_agent_disconnect(agent);
     }
     agent_free_identities(agent);

src/channel.c

@@ -1418,7 +1418,7 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
 
         rc = _libssh2_channel_receive_window_adjust(channel,
                                                     channel->flush_refund_bytes,
-                                                    0, NULL);
+                                                    1, NULL);
         if (rc == LIBSSH2_ERROR_EAGAIN)
             return rc;
     }
@@ -1898,7 +1898,7 @@ libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf,
     if(buflen > recv_window) {
         BLOCK_ADJUST(rc, channel->session,
                      _libssh2_channel_receive_window_adjust(channel, buflen,
-                                                            0, NULL));
+                                                            1, NULL));
     }
 
     BLOCK_ADJUST(rc, channel->session,
@@ -2008,6 +2008,9 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
             rc = _libssh2_transport_read(session);
         while (rc > 0);
 
+        if((rc < 0) && (rc != LIBSSH2_ERROR_EAGAIN))
+            return rc;
+
         if(channel->local.window_size <= 0)
             /* there's no room for data so we stop */
             return (rc==LIBSSH2_ERROR_EAGAIN?rc:0);

src/global.c

@@ -74,5 +74,5 @@ void
 _libssh2_init_if_needed(void)
 {
     if (_libssh2_initialized == 0)
-        libssh2_init (0);
+        (void)libssh2_init (0);
 }

src/knownhost.c

@@ -997,10 +997,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
 
         if(nlen <= buflen)
             if(node->comment)
-                sprintf(buf, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
                         keytype, node->key, node->comment);
             else
-                sprintf(buf, "|1|%s|%s%s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s\n", saltalloc, namealloc,
                         keytype, node->key);
         else
             rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
@@ -1016,10 +1016,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
         if(nlen <= buflen)
             /* these types have the plain name */
             if(node->comment)
-                sprintf(buf, "%s%s %s %s\n", node->name, keytype, node->key,
+                snprintf(buf, buflen, "%s%s %s %s\n", node->name, keytype, node->key,
                         node->comment);
             else
-                sprintf(buf, "%s%s %s\n", node->name, keytype, node->key);
+                snprintf(buf, buflen, "%s%s %s\n", node->name, keytype, node->key);
         else
             rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
                                 "Known-host write buffer too small");

src/libgcrypt.c

@@ -581,7 +581,7 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
                           const char *privatekey,
                           const char *passphrase)
 {
-    return _libssh_error(session, LIBSSH2_ERROR_FILE,
+    return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                          "Unable to extract public key from private key file: "
                          "Method unimplemented in libgcrypt backend");
 }

src/misc.h

@@ -78,7 +78,7 @@ void _libssh2_htonu32(unsigned char *buf, uint32_t val);
 void _libssh2_store_u32(unsigned char **buf, uint32_t value);
 void _libssh2_store_str(unsigned char **buf, const char *str, size_t len);
 
-#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__)
+#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__) && !defined(__CYGWIN__)
 /* provide a private one */
 #undef HAVE_GETTIMEOFDAY
 int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp);

src/openssl.c

@@ -201,7 +201,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
     return ret == 1 ? 0 : 1;
 }
 
-#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR)
+#if LIBSSH2_AES_CTR
 
 #include <openssl/aes.h>
 #include <openssl/evp.h>
@@ -217,6 +217,10 @@ static int
 aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
              const unsigned char *iv, int enc) /* init key */
 {
+    /*
+     * variable "c" is leaked from this scope, but is later freed
+     * in aes_ctr_cleanup
+     */
     aes_ctr_ctx *c = malloc(sizeof(*c));
     const EVP_CIPHER *aes_cipher;
     (void) enc;
@@ -358,6 +362,8 @@ void _libssh2_init_aes_ctr(void)
     _libssh2_EVP_aes_256_ctr();
 }
 
+#else
+void _libssh2_init_aes_ctr(void) {}
 #endif /* LIBSSH2_AES_CTR */
 
 /* TODO: Optionally call a passphrase callback specified by the

src/openssl.h

@@ -148,15 +148,9 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char
 #define _libssh2_cipher_aes256 EVP_aes_256_cbc
 #define _libssh2_cipher_aes192 EVP_aes_192_cbc
 #define _libssh2_cipher_aes128 EVP_aes_128_cbc
-#ifdef HAVE_EVP_AES_128_CTR
-#define _libssh2_cipher_aes128ctr EVP_aes_128_ctr
-#define _libssh2_cipher_aes192ctr EVP_aes_192_ctr
-#define _libssh2_cipher_aes256ctr EVP_aes_256_ctr
-#else
 #define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr
 #define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr
 #define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr
-#endif
 #define _libssh2_cipher_blowfish EVP_bf_cbc
 #define _libssh2_cipher_arcfour EVP_rc4
 #define _libssh2_cipher_cast5 EVP_cast5_cbc

src/packet.c

@@ -661,7 +661,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                 rc = _libssh2_channel_receive_window_adjust(session->
                                                             packAdd_channelp,
                                                             datalen - 13,
-                                                            0, NULL);
+                                                            1, NULL);
                 if (rc == LIBSSH2_ERROR_EAGAIN)
                     return rc;
 
@@ -751,7 +751,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
             if(datalen >= 9) {
                 uint32_t channel = _libssh2_ntohu32(data + 1);
                 uint32_t len = _libssh2_ntohu32(data + 5);
-                unsigned char want_reply = 0;
+                unsigned char want_reply = 1;
 
                 if(len < (datalen - 10))
                     want_reply = data[9 + len];

src/scp.c

@@ -294,8 +294,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, struct stat * sb)
             return NULL;
         }
 
-        /* sprintf() is fine here since we allocated a large enough buffer */
-        sprintf((char *)session->scpRecv_command, "scp -%sf ", sb?"p":"");
+        snprintf((char *)session->scpRecv_command,
+                 session->scpRecv_command_len, "scp -%sf ", sb?"p":"");
 
         cmd_len = strlen((char *)session->scpRecv_command);
 
@@ -796,8 +796,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
             return NULL;
         }
 
-        sprintf((char *)session->scpSend_command, "scp -%st ",
-                (mtime || atime)?"p":"");
+        snprintf((char *)session->scpSend_command, session->scpSend_command_len,
+                 "scp -%st ", (mtime || atime)?"p":"");
 
         cmd_len = strlen((char *)session->scpSend_command);
 

src/session.c

@@ -143,7 +143,7 @@ banner_receive(LIBSSH2_SESSION * session)
 
         if (ret == 0) {
             session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
-            return LIBSSH2_ERROR_SOCKET_RECV;
+            return LIBSSH2_ERROR_SOCKET_DISCONNECT;
         }
 
         if (c == '\0') {
@@ -675,7 +675,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
     if (session->startup_state == libssh2_NB_state_idle) {
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                        "session_startup for socket %d", sock);
-        if (INVALID_SOCKET == sock) {
+        if (LIBSSH2_INVALID_SOCKET == sock) {
             /* Did we forget something? */
             return _libssh2_error(session, LIBSSH2_ERROR_BAD_SOCKET,
                                   "Bad socket provided");
@@ -828,6 +828,7 @@ session_free(LIBSSH2_SESSION *session)
     LIBSSH2_PACKET *pkg;
     LIBSSH2_CHANNEL *ch;
     LIBSSH2_LISTENER *l;
+    int packets_left = 0;
 
     if (session->free_state == libssh2_NB_state_idle) {
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Freeing session resource",
@@ -1018,6 +1019,9 @@ session_free(LIBSSH2_SESSION *session)
 
     /* Cleanup all remaining packets */
     while ((pkg = _libssh2_list_first(&session->packets))) {
+        packets_left++;
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
+            "packet left with id %d", pkg->data[0]);
         /* unlink the node */
         _libssh2_list_remove(&pkg->node);
 
@@ -1025,6 +1029,8 @@ session_free(LIBSSH2_SESSION *session)
         LIBSSH2_FREE(session, pkg->data);
         LIBSSH2_FREE(session, pkg);
     }
+    _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
+         "Extra packets left %d", packets_left);
 
     if(session->socket_prev_blockstate)
         /* if the socket was previously blocking, put it back so */

src/sftp.h

@@ -1,7 +1,7 @@
 #ifndef _LIBSSH2_SFTP_H
 #define _LIBSSH2_SFTP_H
 /*
- * Copyright (C) 2010, 2011 by Daniel Stenberg
+ * Copyright (C) 2010 - 2012 by Daniel Stenberg
  * Author: Daniel Stenberg <daniel@haxx.se>
  *
  * Redistribution and use in source and binary forms,
@@ -60,6 +60,11 @@ struct sftp_pipeline_chunk {
     unsigned char packet[1]; /* data */
 };
 
+struct sftp_zombie_requests {
+    struct list_node node;
+    uint32_t request_id;
+};
+
 #ifndef MIN
 #define MIN(x,y) ((x)<(y)?(x):(y))
 #endif
@@ -136,6 +141,9 @@ struct _LIBSSH2_SFTP
 
     struct list_head packets;
 
+    /* List of FXP_READ responses to ignore because EOF already received. */
+    struct list_head zombie_requests;
+
     /* a list of _LIBSSH2_SFTP_HANDLE structs */
     struct list_head sftp_handles;
 
@@ -158,9 +166,15 @@ struct _LIBSSH2_SFTP
     size_t open_packet_sent;
     uint32_t open_request_id;
 
-    /* State variables used in libssh2_sftp_read() */
+    /* State variable used in sftp_read() */
     libssh2_nonblocking_states read_state;
 
+    /* State variable used in sftp_packet_read() */
+    libssh2_nonblocking_states packet_state;
+
+    /* State variable used in sftp_write() */
+    libssh2_nonblocking_states write_state;
+
     /* State variables used in libssh2_sftp_readdir() */
     libssh2_nonblocking_states readdir_state;
     unsigned char *readdir_packet;

src/transport.c

@@ -296,7 +296,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
          * is done!
          */
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
-                       " key re-exchange");
+                       " key re-exchange from _libssh2_transport_read");
         rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
         if (rc)
             return rc;
@@ -687,6 +687,24 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
     const unsigned char *orgdata = data;
     size_t orgdata_len = data_len;
 
+    /*
+     * If the last read operation was interrupted in the middle of a key
+     * exchange, we must complete that key exchange before continuing to write
+     * further data.
+     *
+     * See the similar block in _libssh2_transport_read for more details.
+     */
+    if (session->state & LIBSSH2_STATE_EXCHANGING_KEYS &&
+        !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) {
+        /* Don't write any new packets if we're still in the middle of a key
+         * exchange. */
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
+                       " key re-exchange from _libssh2_transport_send");
+        rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
+        if (rc)
+            return rc;
+    }
+
     debugdump(session, "libssh2_transport_write plain", data, data_len);
     if(data2)
         debugdump(session, "libssh2_transport_write plain2", data2, data2_len);

src/userauth.c

@@ -472,7 +472,7 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method,
         return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                               "Unable to open public key file");
     }
-    while (!feof(fd) && (c = fgetc(fd)) != '\r' && c != '\n')
+    while (!feof(fd) && 1 == fread(&c, 1, 1, fd) && c != '\r' && c != '\n')
         pubkey_len++;
     if (feof(fd)) {
         /* the last character was EOF */

win32/GNUmakefile

@@ -9,14 +9,14 @@
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.5
+ZLIB_PATH = ../../zlib-1.2.6
 endif
 # since currently always enabled in libssh2_config.h set here too!
 WITH_ZLIB = 1
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8r
+OPENSSL_PATH = ../../openssl-1.0.1a
 endif
 
 # Edit the var below to set to your architecture or set environment var.
@@ -72,7 +72,7 @@ DS	= /
 else
 CP	= copy
 RM	= del /q /f 2>NUL
-MD	= md
+MD	= md 2>NUL
 RD	= rd /q /s 2>NUL
 XX	=
 DS	= $(XX)\$(XX)
@@ -95,6 +95,12 @@ ifeq ($(ARCH),w64)
 CFLAGS	+= -D_AMD64_
 endif
 
+ifdef LINK_STATIC
+LDLIBS += $(OPENSSL_PATH)/out/libcrypto.$(LIBEXT) $(OPENSSL_PATH)/out/libssl.$(LIBEXT)
+else
+LDLIBS += $(OPENSSL_PATH)/out/libeay32.$(LIBEXT) $(OPENSSL_PATH)/out/libssl32.$(LIBEXT)
+endif
+
 ifeq ($(CC),mwcc)
 LD	= mwld
 RC	= mwwinrc
@@ -119,7 +125,7 @@ ARFLAGS	= -cq
 LIBEXT	= a
 RANLIB	= $(CROSSPREFIX)ranlib
 #LDLIBS	+= -lwsock32
-LDLIBS	+= -lws2_32
+LDLIBS	+= -lws2_32 -lgdi32
 RCFLAGS	= -I. -I ../include -O coff -i
 CFLAGS	+= -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
@@ -128,12 +134,6 @@ endif
 INCLUDES = -I. -I../include
 INCLUDES += -I$(OPENSSL_PATH)/outinc -I$(OPENSSL_PATH)/outinc/openssl
 
-ifdef LINK_STATIC
-LDLIBS += $(OPENSSL_PATH)/out/libcrypto.$(LIBEXT) $(OPENSSL_PATH)/out/libssl.$(LIBEXT)
-else
-LDLIBS += $(OPENSSL_PATH)/out/libeay32.$(LIBEXT) $(OPENSSL_PATH)/out/libssl32.$(LIBEXT)
-endif
-
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
 	LDLIBS += $(ZLIB_PATH)/libz.$(LIBEXT)
@@ -172,9 +172,11 @@ $(OBJDIR)/version.inc: ../include/libssh2.h $(OBJDIR)
 
 dist: all $(DISTDIR) $(DISTDIR)/readme.txt
 	@-$(MD) $(DISTDIR)$(DS)bin
+	@-$(CP) ..$(DS)AUTHORS $(DISTDIR)
+	@-$(CP) ..$(DS)COPYING $(DISTDIR)
 	@-$(CP) ..$(DS)INSTALL $(DISTDIR)
-	@-$(CP) ..$(DS)LICENSE $(DISTDIR)
 	@-$(CP) ..$(DS)README $(DISTDIR)
+	@-$(CP) ..$(DS)RELEASE-NOTES $(DEVLDIR)
 	@$(CP) $(TARGET).dll $(DISTDIR)$(DS)bin
 	@echo Creating $(DISTARC)
 	@$(ZIP) $(DISTARC) $(DISTDIR)/* < $(DISTDIR)/readme.txt
@@ -183,9 +185,11 @@ dev: all $(DEVLDIR) $(DEVLDIR)/readme.txt
 	@-$(MD) $(DEVLDIR)$(DS)bin
 	@-$(MD)$(DEVLDIR)$(DS)include
 	@-$(MD) $(DEVLDIR)$(DS)win32
+	@-$(CP) ..$(DS)AUTHORS $(DISTDIR)
+	@-$(CP) ..$(DS)COPYING $(DISTDIR)
 	@-$(CP) ..$(DS)INSTALL $(DEVLDIR)
-	@-$(CP) ..$(DS)LICENSE $(DEVLDIR)
 	@-$(CP) ..$(DS)README $(DEVLDIR)
+	@-$(CP) ..$(DS)RELEASE-NOTES $(DEVLDIR)
 	@$(CP) $(TARGET).dll $(DEVLDIR)$(DS)bin
 	@$(CP) ..$(DS)include$(DS)*.h $(DEVLDIR)$(DS)include
 	@$(CP) libssh2_config.h $(DEVLDIR)/include

win32/Makefile.Watcom

@@ -64,13 +64,13 @@ CFLAGS += -d_WIN32_WINNT=0x0501 -dENABLE_IPV6
 !ifdef %zlib_root
 ZLIB_ROOT = $(%zlib_root)
 !else
-ZLIB_ROOT = ..\..\zlib-1.2.5
+ZLIB_ROOT = ..\..\zlib-1.2.6
 !endif
 
 !ifdef %openssl_root
 OPENSSL_ROOT = $(%openssl_root)
 !else
-OPENSSL_ROOT = ..\..\openssl-0.9.8r
+OPENSSL_ROOT = ..\..\openssl-0.9.8v
 !endif
 
 #!ifdef %use_zlib

win32/config.mk

@@ -1,10 +1,10 @@
 
 # Tweak these for your system
-OPENSSLINC=..\openssl-0.9.8q\inc32
-OPENSSLLIB=..\openssl-0.9.8q\out32dll
+OPENSSLINC=..\openssl-0.9.8v\inc32
+OPENSSLLIB=..\openssl-0.9.8v\out32dll
 
-ZLIBINC=-DLIBSSH2_HAVE_ZLIB=1 /I..\zlib-1.2.5
-ZLIBLIB=..\zlib-1.2.5
+ZLIBINC=-DLIBSSH2_HAVE_ZLIB=1 /I..\zlib-1.2.6
+ZLIBLIB=..\zlib-1.2.6
 
 !if "$(TARGET)" == ""
 TARGET=Release

win32/libssh2_config.h

@@ -34,9 +34,6 @@
 #define strcasecmp stricmp
 #endif /* _MSC_VER */
 
-/* Compile in zlib support */
-#define LIBSSH2_HAVE_ZLIB 1
-
 /* Enable newer diffie-hellman-group-exchange-sha1 syntax */
 #define LIBSSH2_DH_GEX_NEW 1
 

win32/test/GNUmakefile

@@ -9,12 +9,12 @@
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../../zlib-1.2.5
+ZLIB_PATH = ../../../zlib-1.2.6
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8r
+OPENSSL_PATH = ../../../openssl-0.9.8v
 endif
 
 # Edit the var below to set to your architecture or set environment var.
@@ -61,7 +61,7 @@ DS      = /
 else
 CP      = copy
 RM      = del /q /f 2>NUL
-MD      = md
+MD      = md 2>NUL
 RD      = rd /q /s 2>NUL
 XX      =
 DS      = $(XX)\$(XX)