RELEASE-NOTES: fixed for 1.4.3

The function returns NULL also if the hash algorithm is not available.

AUTHORS

@@ -6,32 +6,57 @@
 Adam Gobiowski
 Alexander Holyapin
 Alexander Lamaison
+Alfred Gebert
 Ben Kibbey
 Bjorn Stenborg
 Carlo Bramini
+Cristian Rodríguez
+Daiki Ueno
 Dan Casey
 Dan Fandrich
 Daniel Stenberg
+Dave Hayden
+Dave McCaldon
 David J Sullivan
 David Robins
+Dmitry Smirnov
+Douglas Masterson
 Edink Kadribasic
 Erik Brossler
 Francois Dupoux
+Gellule Xg
+Grubsky Grigory
 Guenter Knauf
 Heiner Steven
+Henrik Nordstrom
 James Housleys
+Jasmeet Bagga
 Jean-Louis Charton
+Jernej Kovacic
+Joey Degges
+John Little
+Jose Baars
 Jussi Mononen
+Kamil Dudka
+Lars Nordin
 Mark McPherson
+Mark Smith
 Markus Moeller
+Matt Lilley
+Matthew Booth
+Maxime Larocque
 Mike Protts
 Mikhail Gusarov
 Neil Gierman
 Olivier Hervieu
+Paul Howarth
+Paul Querna
 Paul Veldkamp
 Peter Krempa
 Peter O'Gorman
 Peter Stuge
+Pierre Joye
+Rafael Kitover
 Romain Bondue
 Sara Golemon
 Satish Mittal
@@ -39,10 +64,16 @@ Sean Peterson
 Selcuk Gueney
 Simon Hart
 Simon Josefsson
+Sofian Brabez
 Steven Ayre
+Steven Dake
 Steven Van Ingelgem
+TJ Saunders
+Tommy Lindgren
 Tor Arntsen
 Vincent Jaulin
+Vincent Torri
 Vlad Grachov
 Wez Furlong
 Yang Tse
+Zl Liu

Makefile.am

@@ -1,6 +1,9 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-SUBDIRS = src example tests docs
+SUBDIRS = src tests docs
+if BUILD_EXAMPLES
+SUBDIRS += example
+endif
 
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libssh2.pc
@@ -11,10 +14,9 @@ include_HEADERS =			\
 	include/libssh2_sftp.h
 
 NETWAREFILES =  nw/keepscreen.c \
- nw/Makefile \
- nw/Makefile.netware \
- nw/nwlib.c \
- nw/test/Makefile.netware
+	nw/nwlib.c \
+	nw/GNUmakefile \
+	nw/test/GNUmakefile
 
 DSP = win32/libssh2.dsp
 VCPROJ = win32/libssh2.vcproj
@@ -31,7 +33,7 @@ win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP)	\
 win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc
 
 EXTRA_DIST = $(WIN32FILES) buildconf $(NETWAREFILES) get_ver.awk HACKING \
- maketgz NMakefile TODO RELEASE-NOTES libssh2.pc.in $(VMSFILES)
+ maketgz NMakefile TODO RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath
 
 ACLOCAL_AMFLAGS = -I m4
 

NMakefile

@@ -1,19 +1,28 @@
 !include "win32/config.mk"
 
+!include "Makefile.inc"
+
+OBJECTS=$(CSOURCES:.c=.obj)
+
 # SUBDIRS=src example
 SUBDIRS=src
 
-all-sub:
+all-sub: win32\objects.mk
 	-for %D in ($(SUBDIRS)) do $(MAKE) /nologo /f %D/NMakefile BUILD=$(BUILD) SUBDIR=%D all-sub
 
 clean: 
-	-rmdir /s/q $(TARGET)
+	-rmdir 2>NUL /s/q $(TARGET)
 
-real-clean: clean
-	-del libssh2.dll
-	-del libssh2.exp
-	-del libssh2.ilk
-	-del libssh2.lib
-	-del *.pdb
+real-clean vclean: clean
+	-del 2>NUL libssh2.dll
+	-del 2>NUL libssh2.exp
+	-del 2>NUL libssh2.ilk
+	-del 2>NUL libssh2.lib
+	-del 2>NUL *.pdb
+	-del 2>NUL win32\objects.mk
 
+win32\objects.mk: Makefile.inc
+	@echo OBJECTS = \>$@
+	@for %O in ($(OBJECTS)) do @echo $$(INTDIR)\%O \>>$@
+	@echo $$(EOL)>>$@
 

RELEASE-NOTES

@@ -1,30 +1,28 @@
-libssh2 1.4.0
+libssh2 1.4.3
 
 This release includes the following changes:
 
- o Added libssh2_session_supported_algs()
- o Added libssh2_session_banner_get()
- o Added libssh2_sftp_get_channel()
- o libssh2.h: bump the default window size to 256K
+ o compression: add support for zlib@openssh.com
 
 This release includes the following bugfixes:
 
- o sftp-seek: clear EOF flag
- o userauth: Provide more informations if ssh pub key extraction fails
- o ssh2_exec: skip error outputs for EAGAIN
- o LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000
- o knownhost_check(): Don't dereference ext if NULL is passed
- o knownhost_add: Avoid dereferencing uninitialized memory on error path
- o OpenSSL EVP: fix threaded use of structs
- o _libssh2_channel_read: react on errors from receive_window_adjust
- o sftp_read: cap the read ahead maximum amount
- o _libssh2_channel_read: fix non-blocking window adjusting
+ o sftp_read: return error if a too large package arrives
+ o libssh2_hostkey_hash.3: update the description of return value
+ o Fixed MSVC NMakefile
+ o examples: use stderr for messages, stdout for data
+ o openssl: do not leak memory when handling errors
+ o improved handling of disabled MD5 algorithm in OpenSSL
+ o known_hosts: Fail when parsing unknown keys in known_hosts file
+ o configure: gcrypt doesn't come with pkg-config support
+ o session_free: wrong variable used for keeping state
+ o libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL
+ o comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Gellule Xg, Jernej Kovacic, Peter Krempa, Vincent Torri, Kamil Dudka,
- Peter Stuge, Guenter Knauf, John Engstrom, Alexander Lamaison,
- Mikhail Gusarov
+ Guenter Knauf, Peter Stuge, TJ Saunders, Mike Abdullah, Maxime Larocque,
+ Dmitry Smirnov, Dave Hayden, Peter Krempa, Kamil Dudka
  
         Thanks! (and sorry if I forgot to mention someone)
+

configure.ac

@@ -96,13 +96,17 @@ AC_ARG_WITH(libz,
 # Look for OpenSSL (default)
 if test "$use_openssl" != "no" && test "$use_libgcrypt" != "yes"; then
   AC_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include <openssl/ssl.h>])
+  LIBSREQUIRED=libssl,libcrypto
 fi
 
 # Look for libgcrypt
 if test "$ac_cv_libssl" != "yes" && test "$use_libgcrypt" != "no"; then
   AC_LIB_HAVE_LINKFLAGS([gcrypt], [], [#include <gcrypt.h>])
+  LIBS="$LIBS -lgcrypt"
 fi
 
+AC_SUBST(LIBSREQUIRED)
+
 if test "$ac_cv_libssl" != "yes" && test "$ac_cv_libgcrypt" != "yes"; then
   AC_MSG_ERROR([cannot find OpenSSL or Libgcrypt,
 try --with-libssl-prefix=PATH or --with-libgcrypt-prefix=PATH])
@@ -215,12 +219,29 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi
        AC_MSG_RESULT(no)
 )
 
+# Build example applications?
+AC_MSG_CHECKING([whether to build example applications])
+AC_ARG_ENABLE([examples-build],
+AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)])
+AC_HELP_STRING([--disable-examples-build], [Do not build example applications]),
+[case "$enableval" in
+  no | false)
+    build_examples='no'
+    ;;
+  *)
+    build_examples='yes'
+    ;;
+esac], [build_examples='yes'])
+AC_MSG_RESULT($build_examples)
+AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$build_examples" != "xno"])
+
 # Checks for header files.
 # AC_HEADER_STDC
 AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h])
 AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h])
 AC_CHECK_HEADERS([arpa/inet.h netinet/in.h])
-AC_CHECK_HEADERS([sys/un.h])
+AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no])
+AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes)
 
 case $host in
   *-*-cygwin* | *-*-cegcc*)
@@ -299,6 +320,7 @@ AC_MSG_NOTICE([summary of build options:
   Library types:    Shared=${enable_shared}, Static=${enable_static}
   Crypto library:   openssl: ${ac_cv_libssl:-no} (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A}) libgcrypt: ${ac_cv_libgcrypt:-no}
   Debug build:      $enable_debug
+  Build examples:   $build_examples
   Path to sshd:     $ac_cv_path_SSHD (only for self-tests)
   libz compression: $ac_cv_libz
 ])

docs/BINDINGS

@@ -0,0 +1,29 @@
+
+Creative people have written bindings or interfaces for various environments
+and programming languages. Using one of these bindings allows you to take
+advantage of libssh2 directly from within your favourite language.
+
+The bindings listed below are not part of the libssh2 distribution archives,
+but must be downloaded and installed separately.
+
+Cocoa/Objective-C
+  https://github.com/karelia/libssh2_sftp-Cocoa-wrapper
+
+Haskell
+  FFI bindings - http://hackage.haskell.org/package/libssh2
+
+Perl
+  Net::SSH2 - http://search.cpan.org/~rkitover/Net-SSH2-0.45/lib/Net/SSH2.pm
+
+PHP
+  ssh2 - http://pecl.php.net/package/ssh2 
+
+Python
+  pylibssh2 - http://www.wallix.org/pylibssh2-project/
+
+Python-ctypes
+
+  PySsh2 - https://github.com/gellule/PySsh2
+
+Ruby
+  libssh2-ruby - https://github.com/mitchellh/libssh2-ruby

docs/Makefile.am

@@ -1,6 +1,6 @@
 # $Id: Makefile.am,v 1.37 2009/03/26 15:41:15 bagder Exp $
 
-EXTRA_DIST = template.3
+EXTRA_DIST = template.3 BINDINGS
 
 dist_man_MANS = \
 	libssh2_agent_connect.3 \

docs/libssh2_hostkey_hash.3

@@ -18,8 +18,9 @@ Returns the computed digest of the remote system's hostkey. The length of
 the returned string is hash_type specific (e.g. 16 bytes for MD5, 
 20 bytes for SHA1).
 .SH RETURN VALUE
-Computed hostkey hash value. or NULL if the session has not yet been started 
-up. (The hash consists of raw binary bytes, not hex digits, so is not 
-directly printable.)
+Computed hostkey hash value, or NULL if the information is not available
+(either the session has not yet been started up, or the requested hash
+algorithm was not available). The hash consists of raw binary bytes, not hex
+digits, so it is not directly printable.
 .SH SEE ALSO
 .BR libssh2_session_init_ex(3)

docs/libssh2_userauth_publickey_fromfile_ex.3

@@ -11,20 +11,23 @@ int libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session,
                                            const char *privatekey,
                                            const char *passphrase);
 .SH DESCRIPTION
-\fIsession\fP - Session instance as returned by 
-.BR libssh2_session_init_ex(3)
+\fIsession\fP - Session instance as returned by
+\fBlibssh2_session_init_ex(3)\fP
 
-\fIusername\fP - Remote user name to authenticate as.
+\fIusername\fP - Pointer to user name to authenticate as.
 
-\fIusername_len\fP - Length of username.
+\fIusername_len\fP - Length of \fIusername\fP.
 
-\fIpublickey\fP - Path and name of public key file. (e.g. /etc/ssh/hostkey.pub)
+\fIpublickey\fP - Path name of the public key file.
+(e.g. /etc/ssh/hostkey.pub). If libssh2 is built against OpenSSL, this option
+can be set to NULL.
 
-\fIprivatekey\fP - Path and name of private key file. (e.g. /etc/ssh/hostkey)
+\fIprivatekey\fP - Path name of the private key file. (e.g. /etc/ssh/hostkey)
 
-\fIpassphrase\fP - Passphrase to use when decoding private key file.
+\fIpassphrase\fP - Passphrase to use when decoding \fIprivatekey\fP.
 
-Attempt public key authentication using a PEM encoded private key file stored on disk
+Attempt public key authentication using a PEM encoded private key file stored
+on disk
 
 .SH RETURN VALUE
 Return 0 on success or negative on failure.  It returns

example/.gitignore

@@ -33,4 +33,5 @@ test-sftp_nonblock
 test-sftp_write
 test-sftp_write_nonblock
 test-ssh2_echo
+tcpip-forward
 x11

example/Makefile.am

@@ -7,7 +7,11 @@ noinst_PROGRAMS = direct_tcpip ssh2 scp scp_nonblock scp_write		\
  scp_write_nonblock sftp sftp_nonblock sftp_write sftp_write_nonblock	\
  sftp_mkdir sftp_mkdir_nonblock sftp_RW_nonblock sftp_write_sliding	\
  sftpdir sftpdir_nonblock ssh2_exec ssh2_agent ssh2_echo sftp_append	\
- subsystem_netconf x11
+ subsystem_netconf tcpip-forward
+
+if HAVE_SYS_UN_H
+noinst_PROGRAMS += x11
+endif
 
 AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/example
 LDADD = $(top_builddir)/src/libssh2.la

example/direct_tcpip.c

@@ -135,7 +135,7 @@ int main(int argc, char *argv[])
 
     /* check what authentication methods are available */
     userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
     if (strstr(userauthlist, "password"))
         auth |= AUTH_PASSWORD;
     if (strstr(userauthlist, "publickey"))
@@ -157,12 +157,12 @@ int main(int argc, char *argv[])
     } else if (auth & AUTH_PUBLICKEY) {
         if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
                                                 keyfile2, password)) {
-            printf("\tAuthentication by public key failed!\n");
+            fprintf(stderr, "\tAuthentication by public key failed!\n");
             goto shutdown;
         }
-        printf("\tAuthentication by public key succeeded.\n");
+        fprintf(stderr, "\tAuthentication by public key succeeded.\n");
     } else {
-        printf("No supported authentication methods found!\n");
+        fprintf(stderr, "No supported authentication methods found!\n");
         goto shutdown;
     }
 
@@ -185,7 +185,7 @@ int main(int argc, char *argv[])
         goto shutdown;
     }
 
-    printf("Waiting for TCP connection on %s:%d...\n",
+    fprintf(stderr, "Waiting for TCP connection on %s:%d...\n",
         inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
 
     forwardsock = accept(listensock, (struct sockaddr *)&sin, &sinlen);
@@ -197,8 +197,8 @@ int main(int argc, char *argv[])
     shost = inet_ntoa(sin.sin_addr);
     sport = ntohs(sin.sin_port);
 
-    printf("Forwarding connection from %s:%d here to remote %s:%d\n", shost,
-        sport, remote_desthost, remote_destport);
+    fprintf(stderr, "Forwarding connection from %s:%d here to remote %s:%d\n",
+        shost, sport, remote_desthost, remote_destport);
 
     channel = libssh2_channel_direct_tcpip_ex(session, remote_desthost,
         remote_destport, shost, sport);
@@ -228,7 +228,8 @@ int main(int argc, char *argv[])
                 perror("read");
                 goto shutdown;
             } else if (0 == len) {
-                printf("The client at %s:%d disconnected!\n", shost, sport);
+                fprintf(stderr, "The client at %s:%d disconnected!\n", shost,
+                    sport);
                 goto shutdown;
             }
             wr = 0;
@@ -259,7 +260,7 @@ int main(int argc, char *argv[])
                 wr += i;
             }
             if (libssh2_channel_eof(channel)) {
-                printf("The server at %s:%d disconnected!\n",
+                fprintf(stderr, "The server at %s:%d disconnected!\n",
                     remote_desthost, remote_destport);
                 goto shutdown;
             }

example/scp_nonblock.c

@@ -250,7 +250,7 @@ int main(int argc, char *argv[])
     gettimeofday(&end, NULL);
 
     time_ms = tvdiff(end, start);
-    printf("Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
+    fprintf(stderr, "Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
            time_ms, total/(time_ms/1000.0), spin );
 
     libssh2_channel_free(channel);

example/scp_write_nonblock.c

@@ -243,7 +243,7 @@ int main(int argc, char *argv[])
 
     duration = (int)(time(NULL)-start);
 
-    printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
+    fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
            total, duration, total/(double)duration);
 
     fprintf(stderr, "Sending EOF\n");

example/sftp.c

@@ -55,24 +55,24 @@ static void kbd_callback(const char *name, int name_len,
     char buf[1024];
     (void)abstract;
 
-    printf("Performing keyboard-interactive authentication.\n");
+    fprintf(stderr, "Performing keyboard-interactive authentication.\n");
 
-    printf("Authentication name: '");
-    fwrite(name, 1, name_len, stdout);
-    printf("'\n");
+    fprintf(stderr, "Authentication name: '");
+    fwrite(name, 1, name_len, stderr);
+    fprintf(stderr, "'\n");
 
-    printf("Authentication instruction: '");
-    fwrite(instruction, 1, instruction_len, stdout);
-    printf("'\n");
+    fprintf(stderr, "Authentication instruction: '");
+    fwrite(instruction, 1, instruction_len, stderr);
+    fprintf(stderr, "'\n");
 
-    printf("Number of prompts: %d\n\n", num_prompts);
+    fprintf(stderr, "Number of prompts: %d\n\n", num_prompts);
 
     for (i = 0; i < num_prompts; i++) {
-        printf("Prompt %d from server: '", i);
-        fwrite(prompts[i].text, 1, prompts[i].length, stdout);
-        printf("'\n");
+        fprintf(stderr, "Prompt %d from server: '", i);
+        fwrite(prompts[i].text, 1, prompts[i].length, stderr);
+        fprintf(stderr, "'\n");
 
-        printf("Please type response: ");
+        fprintf(stderr, "Please type response: ");
         fgets(buf, sizeof(buf), stdin);
         n = strlen(buf);
         while (n > 0 && strchr("\r\n", buf[n - 1]))
@@ -82,12 +82,13 @@ static void kbd_callback(const char *name, int name_len,
         responses[i].text = strdup(buf);
         responses[i].length = n;
 
-        printf("Response %d from user is '", i);
-        fwrite(responses[i].text, 1, responses[i].length, stdout);
-        printf("'\n\n");
+        fprintf(stderr, "Response %d from user is '", i);
+        fwrite(responses[i].text, 1, responses[i].length, stderr);
+        fprintf(stderr, "'\n\n");
     }
 
-    printf("Done. Sending keyboard-interactive responses to server now.\n");
+    fprintf(stderr,
+        "Done. Sending keyboard-interactive responses to server now.\n");
 }
 
 
@@ -127,7 +128,7 @@ int main(int argc, char *argv[])
 
     rc = libssh2_init (0);
     if (rc != 0) {
-        fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
+        fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
         return 1;
     }
 
@@ -178,7 +179,7 @@ int main(int argc, char *argv[])
 
     /* check what authentication methods are available */
     userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
     if (strstr(userauthlist, "password") != NULL) {
         auth_pw |= 1;
     }
@@ -211,21 +212,23 @@ int main(int argc, char *argv[])
     } else if (auth_pw & 2) {
         /* Or via keyboard-interactive */
         if (libssh2_userauth_keyboard_interactive(session, username, &kbd_callback) ) {
-            printf("\tAuthentication by keyboard-interactive failed!\n");
+            fprintf(stderr,
+                "\tAuthentication by keyboard-interactive failed!\n");
             goto shutdown;
         } else {
-            printf("\tAuthentication by keyboard-interactive succeeded.\n");
+            fprintf(stderr,
+                "\tAuthentication by keyboard-interactive succeeded.\n");
         }
     } else if (auth_pw & 4) {
         /* Or by public key */
         if (libssh2_userauth_publickey_fromfile(session, username, keyfile1, keyfile2, password)) {
-            printf("\tAuthentication by public key failed!\n");
+            fprintf(stderr, "\tAuthentication by public key failed!\n");
             goto shutdown;
         } else {
-            printf("\tAuthentication by public key succeeded.\n");
+            fprintf(stderr, "\tAuthentication by public key succeeded.\n");
         }
     } else {
-        printf("No supported authentication methods found!\n");
+        fprintf(stderr, "No supported authentication methods found!\n");
         goto shutdown;
     }
 

example/sftp_RW_nonblock.c

@@ -141,11 +141,11 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if(argc > 1) {
         username = argv[1];
@@ -162,7 +162,7 @@ int main(int argc, char *argv[])
 
     tempstorage = fopen(STORAGE, "wb");
     if(!tempstorage) {
-        printf("Can't open temp storage file %s\n", STORAGE);
+        fprintf(stderr, "Can't open temp storage file %s\n", STORAGE);
         goto shutdown;
     }
 
@@ -171,7 +171,7 @@ int main(int argc, char *argv[])
         while ((rc = libssh2_userauth_password(session, username, password))
                == LIBSSH2_ERROR_EAGAIN);
         if (rc) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -185,7 +185,7 @@ int main(int argc, char *argv[])
                                                     password)) ==
                LIBSSH2_ERROR_EAGAIN);
         if (rc) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -341,7 +341,7 @@ int main(int argc, char *argv[])
 #endif
     if (tempstorage)
         fclose(tempstorage);
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_append.c

@@ -86,7 +86,7 @@ int main(int argc, char *argv[])
 
     local = fopen(loclfile, "rb");
     if (!local) {
-        printf("Can't local file %s\n", loclfile);
+        fprintf(stderr, "Can't open local file %s\n", loclfile);
         return -1;
     }
 
@@ -129,16 +129,16 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -147,7 +147,7 @@ int main(int argc, char *argv[])
                             "/home/username/.ssh/id_rsa.pub",
                             "/home/username/.ssh/id_rsa",
                             password)) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -174,12 +174,12 @@ int main(int argc, char *argv[])
     }
 
     if(libssh2_sftp_fstat_ex(sftp_handle, &attrs, 0) < 0) {
-        printf("libssh2_sftp_fstat_ex failed\n");
+        fprintf(stderr, "libssh2_sftp_fstat_ex failed\n");
         goto shutdown;
     }
     else
         libssh2_sftp_seek64(sftp_handle, attrs.filesize);
-    printf("Did a seek to position %ld\n", (long) attrs.filesize);
+    fprintf(stderr, "Did a seek to position %ld\n", (long) attrs.filesize);
 
     fprintf(stderr, "libssh2_sftp_open() a handle for APPEND\n");
 
@@ -222,7 +222,7 @@ shutdown:
 #endif
     if (local)
         fclose(local);
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_mkdir.c

@@ -110,16 +110,16 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -128,7 +128,7 @@ int main(int argc, char *argv[])
                             "/home/username/.ssh/id_rsa.pub",
                             "/home/username/.ssh/id_rsa",
                             password)) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -164,7 +164,7 @@ int main(int argc, char *argv[])
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_mkdir_nonblock.c

@@ -110,16 +110,16 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -128,7 +128,7 @@ int main(int argc, char *argv[])
                             "/home/username/.ssh/id_rsa.pub",
                             "/home/username/.ssh/id_rsa",
                             password)) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -164,7 +164,7 @@ int main(int argc, char *argv[])
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_nonblock.c

@@ -251,7 +251,7 @@ int main(int argc, char *argv[])
 
     gettimeofday(&end, NULL);
     time_ms = tvdiff(end, start);
-    printf("Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
+    fprintf(stderr, "Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
            time_ms, total/(time_ms/1000.0), spin );
 
     libssh2_sftp_close(sftp_handle);
@@ -259,7 +259,7 @@ int main(int argc, char *argv[])
 
 shutdown:
 
-    printf("libssh2_session_disconnect\n");
+    fprintf(stderr, "libssh2_session_disconnect\n");
     while (libssh2_session_disconnect(session,
                                       "Normal Shutdown, Thank you") ==
            LIBSSH2_ERROR_EAGAIN);

example/sftp_write.c

@@ -85,7 +85,7 @@ int main(int argc, char *argv[])
 
     local = fopen(loclfile, "rb");
     if (!local) {
-        printf("Can't local file %s\n", loclfile);
+        fprintf(stderr, "Can't open local file %s\n", loclfile);
         return -1;
     }
 
@@ -128,16 +128,16 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -146,7 +146,7 @@ int main(int argc, char *argv[])
                             "/home/username/.ssh/id_rsa.pub",
                             "/home/username/.ssh/id_rsa",
                             password)) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -206,7 +206,7 @@ shutdown:
 #endif
     if (local)
         fclose(local);
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_write_nonblock.c

@@ -125,7 +125,7 @@ int main(int argc, char *argv[])
 
     local = fopen(loclfile, "rb");
     if (!local) {
-        printf("Can't local file %s\n", loclfile);
+        fprintf(stderr, "Can't open local file %s\n", loclfile);
         return -1;
     }
 
@@ -169,18 +169,18 @@ int main(int argc, char *argv[])
      * that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         while ((rc = libssh2_userauth_password(session, username, password)) ==
                LIBSSH2_ERROR_EAGAIN);
         if (rc) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -191,7 +191,7 @@ int main(int argc, char *argv[])
                                                          password)) ==
                LIBSSH2_ERROR_EAGAIN);
     if (rc) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -253,7 +253,7 @@ int main(int argc, char *argv[])
 
     duration = (int)(time(NULL)-start);
 
-    printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
+    fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
            total, duration, total/(double)duration);
 
 
@@ -272,7 +272,7 @@ shutdown:
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftp_write_sliding.c

@@ -125,7 +125,7 @@ int main(int argc, char *argv[])
 
     local = fopen(loclfile, "rb");
     if (!local) {
-        printf("Can't local file %s\n", loclfile);
+        fprintf(stderr, "Can't open local file %s\n", loclfile);
         return -1;
     }
 
@@ -169,18 +169,18 @@ int main(int argc, char *argv[])
      * that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         while ((rc = libssh2_userauth_password(session, username, password)) ==
                LIBSSH2_ERROR_EAGAIN);
         if (rc) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -191,7 +191,7 @@ int main(int argc, char *argv[])
                                                          password)) ==
                LIBSSH2_ERROR_EAGAIN);
     if (rc) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -262,7 +262,7 @@ int main(int argc, char *argv[])
 
     duration = (int)(time(NULL)-start);
 
-    printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
+    fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
            total, duration, total/(double)duration);
 
 
@@ -281,7 +281,7 @@ shutdown:
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftpdir.c

@@ -130,16 +130,16 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("Authentication by password failed.\n");
+            fprintf(stderr, "Authentication by password failed.\n");
             goto shutdown;
         }
     } else {
@@ -148,7 +148,7 @@ int main(int argc, char *argv[])
                             "/home/username/.ssh/id_rsa.pub",
                             "/home/username/.ssh/id_rsa",
                             password)) {
-            printf("\tAuthentication by public key failed\n");
+            fprintf(stderr, "\tAuthentication by public key failed\n");
             goto shutdown;
         }
     }
@@ -229,7 +229,7 @@ int main(int argc, char *argv[])
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/sftpdir_nonblock.c

@@ -134,11 +134,11 @@ int main(int argc, char *argv[])
      * user, that's your call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     if (auth_pw) {
         /* We could authenticate via password */
@@ -239,7 +239,7 @@ int main(int argc, char *argv[])
 #else
     close(sock);
 #endif
-    printf("all done\n");
+    fprintf(stderr, "all done\n");
 
     libssh2_exit();
 

example/ssh2.c

@@ -126,15 +126,15 @@ int main(int argc, char *argv[])
      * call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     /* check what authentication methods are available */
     userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
     if (strstr(userauthlist, "password") != NULL) {
         auth_pw |= 1;
     }
@@ -161,31 +161,33 @@ int main(int argc, char *argv[])
     if (auth_pw & 1) {
         /* We could authenticate via password */
         if (libssh2_userauth_password(session, username, password)) {
-            printf("\tAuthentication by password failed!\n");
+            fprintf(stderr, "\tAuthentication by password failed!\n");
             goto shutdown;
         } else {
-            printf("\tAuthentication by password succeeded.\n");
+            fprintf(stderr, "\tAuthentication by password succeeded.\n");
         }
     } else if (auth_pw & 2) {
         /* Or via keyboard-interactive */
         if (libssh2_userauth_keyboard_interactive(session, username,
                                                   &kbd_callback) ) {
-            printf("\tAuthentication by keyboard-interactive failed!\n");
+            fprintf(stderr,
+                "\tAuthentication by keyboard-interactive failed!\n");
             goto shutdown;
         } else {
-            printf("\tAuthentication by keyboard-interactive succeeded.\n");
+            fprintf(stderr,
+                "\tAuthentication by keyboard-interactive succeeded.\n");
         }
     } else if (auth_pw & 4) {
         /* Or by public key */
         if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
                                                 keyfile2, password)) {
-            printf("\tAuthentication by public key failed!\n");
+            fprintf(stderr, "\tAuthentication by public key failed!\n");
             goto shutdown;
         } else {
-            printf("\tAuthentication by public key succeeded.\n");
+            fprintf(stderr, "\tAuthentication by public key succeeded.\n");
         }
     } else {
-        printf("No supported authentication methods found!\n");
+        fprintf(stderr, "No supported authentication methods found!\n");
         goto shutdown;
     }
 
@@ -250,7 +252,7 @@ int main(int argc, char *argv[])
 #else
     close(sock);
 #endif
-    printf("all done!\n");
+    fprintf(stderr, "all done!\n");
 
     libssh2_exit();
 

example/ssh2_agent.c

@@ -105,15 +105,15 @@ int main(int argc, char *argv[])
      * call
      */
     fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-    printf("Fingerprint: ");
+    fprintf(stderr, "Fingerprint: ");
     for(i = 0; i < 20; i++) {
-        printf("%02X ", (unsigned char)fingerprint[i]);
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
     }
-    printf("\n");
+    fprintf(stderr, "\n");
 
     /* check what authentication methods are available */
     userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
     if (strstr(userauthlist, "publickey") == NULL) {
         fprintf(stderr, "\"publickey\" authentication is not supported\n");
         goto shutdown;
@@ -147,11 +147,11 @@ int main(int argc, char *argv[])
             goto shutdown;
         }
         if (libssh2_agent_userauth(agent, username, identity)) {
-            printf("\tAuthentication with username %s and "
+            fprintf(stderr, "\tAuthentication with username %s and "
                    "public key %s failed!\n",
                    username, identity->comment);
         } else {
-            printf("\tAuthentication with username %s and "
+            fprintf(stderr, "\tAuthentication with username %s and "
                    "public key %s succeeded!\n",
                    username, identity->comment);
             break;
@@ -234,7 +234,7 @@ int main(int argc, char *argv[])
 #endif
     }
 
-    printf("all done!\n");
+    fprintf(stderr, "all done!\n");
 
     libssh2_exit();
 

example/ssh2_echo.c

@@ -327,7 +327,7 @@ int main(int argc, char *argv[])
         }
 
         if (exitsignal)
-            printf("\nGot signal: %s\n", exitsignal);
+            fprintf(stderr, "\nGot signal: %s\n", exitsignal);
 
         libssh2_channel_free(channel);
         channel = NULL;

example/ssh2_exec.c

@@ -292,9 +292,9 @@ int main(int argc, char *argv[])
     }
 
     if (exitsignal)
-        printf("\nGot signal: %s\n", exitsignal);
+        fprintf(stderr, "\nGot signal: %s\n", exitsignal);
     else 
-        printf("\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
+        fprintf(stderr, "\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
 
     libssh2_channel_free(channel);
     channel = NULL;

example/subsystem_netconf.c

@@ -61,7 +61,8 @@ static int netconf_write(LIBSSH2_CHANNEL *channel, const char *buf, size_t len)
 static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
                               char *buf, size_t buflen)
 {
-    ssize_t len, rd = 0;
+    ssize_t len;
+    size_t rd = 0;
     char *endreply = NULL, *specialsequence = NULL;
 
     memset(buf, 0, buflen);
@@ -71,7 +72,7 @@ static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
         if (LIBSSH2_ERROR_EAGAIN == len)
             continue;
         else if (len < 0) {
-            fprintf(stderr, "libssh2_channel_read: %d", (int)len);
+            fprintf(stderr, "libssh2_channel_read: %d\n", (int)len);
             return -1;
         }
         rd += len;
@@ -85,7 +86,12 @@ static int netconf_read_until(LIBSSH2_CHANNEL *channel, const char *endtag,
         if (endreply)
             specialsequence = strstr(endreply, "]]>]]>");
 
-    } while (!endreply || !specialsequence);
+    } while (!specialsequence && rd < buflen);
+
+    if (!specialsequence) {
+        fprintf(stderr, "%s: ]]>]]> not found! read buffer too small?\n", __func__);
+        return -1;
+    }
 
     /* discard the special sequence so that only XML is returned */
     rd = specialsequence - buf;
@@ -167,7 +173,7 @@ int main(int argc, char *argv[])
 
     /* check what authentication methods are available */
     userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
     if (strstr(userauthlist, "password"))
         auth |= AUTH_PASSWORD;
     if (strstr(userauthlist, "publickey"))
@@ -189,12 +195,12 @@ int main(int argc, char *argv[])
     } else if (auth & AUTH_PUBLICKEY) {
         if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
                                                 keyfile2, password)) {
-            printf("Authentication by public key failed!\n");
+            fprintf(stderr, "Authentication by public key failed!\n");
             goto shutdown;
         }
-        printf("Authentication by public key succeeded.\n");
+        fprintf(stderr, "Authentication by public key succeeded.\n");
     } else {
-        printf("No supported authentication methods found!\n");
+        fprintf(stderr, "No supported authentication methods found!\n");
         goto shutdown;
     }
 
@@ -217,7 +223,7 @@ int main(int argc, char *argv[])
 
     /* NETCONF: http://tools.ietf.org/html/draft-ietf-netconf-ssh-06 */
 
-    printf("Sending NETCONF client <hello>\n");
+    fprintf(stderr, "Sending NETCONF client <hello>\n");
     snprintf(buf, sizeof(buf),
       "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
       "<hello>"
@@ -229,14 +235,14 @@ int main(int argc, char *argv[])
     if (-1 == netconf_write(channel, buf, len))
         goto shutdown;
 
-    printf("Reading NETCONF server <hello>\n");
+    fprintf(stderr, "Reading NETCONF server <hello>\n");
     len = netconf_read_until(channel, "</hello>", buf, sizeof(buf));
     if (-1 == len)
         goto shutdown;
 
-    printf("Got %d bytes:\n----------------------\n%s", (int)len, buf);
+    fprintf(stderr, "Got %d bytes:\n----------------------\n%s", (int)len, buf);
 
-    printf("Sending NETCONF <rpc>\n");
+    fprintf(stderr, "Sending NETCONF <rpc>\n");
     snprintf(buf, sizeof(buf),
       "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
       "<rpc xmlns=\"urn:ietf:params:xml:ns:netconf:base:1.0\">"
@@ -246,12 +252,12 @@ int main(int argc, char *argv[])
     if (-1 == netconf_write(channel, buf, len))
         goto shutdown;
 
-    printf("Reading NETCONF <rpc-reply>\n");
+    fprintf(stderr, "Reading NETCONF <rpc-reply>\n");
     len = netconf_read_until(channel, "</rpc-reply>", buf, sizeof(buf));
     if (-1 == len)
         goto shutdown;
 
-    printf("Got %d bytes:\n----------------------\n%s", (int)len, buf);
+    fprintf(stderr, "Got %d bytes:\n----------------------\n%s", (int)len, buf);
 
 shutdown:
     if (channel)

example/tcpip-forward.c

@@ -0,0 +1,293 @@
+#include "libssh2_config.h"
+#include <libssh2.h>
+
+#ifdef WIN32
+#include <windows.h>
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/time.h>
+#endif
+
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+
+#ifndef INADDR_NONE
+#define INADDR_NONE (in_addr_t)-1
+#endif
+
+const char *keyfile1 = "/home/username/.ssh/id_rsa.pub";
+const char *keyfile2 = "/home/username/.ssh/id_rsa";
+const char *username = "username";
+const char *password = "";
+
+const char *server_ip = "127.0.0.1";
+
+const char *remote_listenhost = "localhost"; /* resolved by the server */
+unsigned int remote_wantport = 2222;
+unsigned int remote_listenport;
+
+const char *local_destip = "127.0.0.1";
+unsigned int local_destport = 22;
+
+enum {
+    AUTH_NONE = 0,
+    AUTH_PASSWORD,
+    AUTH_PUBLICKEY
+};
+
+int main(int argc, char *argv[])
+{
+    int rc, sock = -1, forwardsock = -1, i, auth = AUTH_NONE;
+    struct sockaddr_in sin;
+    socklen_t sinlen = sizeof(sin);
+    const char *fingerprint;
+    char *userauthlist;
+    LIBSSH2_SESSION *session;
+    LIBSSH2_LISTENER *listener = NULL;
+    LIBSSH2_CHANNEL *channel = NULL;
+    const char *shost;
+    unsigned int sport;
+    fd_set fds;
+    struct timeval tv;
+    ssize_t len, wr;
+    char buf[16384];
+
+#ifdef WIN32
+    char sockopt;
+    WSADATA wsadata;
+
+    WSAStartup(MAKEWORD(2,0), &wsadata);
+#else
+    int sockopt;
+#endif
+
+    if (argc > 1)
+        server_ip = argv[1];
+    if (argc > 2)
+        username = argv[2];
+    if (argc > 3)
+        password = argv[3];
+    if (argc > 4)
+        remote_listenhost = argv[4];
+    if (argc > 5)
+        remote_wantport = atoi(argv[5]);
+    if (argc > 6)
+        local_destip = argv[6];
+    if (argc > 7)
+        local_destport = atoi(argv[7]);
+
+    rc = libssh2_init (0);
+    if (rc != 0) {
+        fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
+        return 1;
+    }
+
+    /* Connect to SSH server */
+    sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+    sin.sin_family = AF_INET;
+    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(server_ip))) {
+        perror("inet_addr");
+        return -1;
+    }
+    sin.sin_port = htons(22);
+    if (connect(sock, (struct sockaddr*)(&sin),
+                sizeof(struct sockaddr_in)) != 0) {
+        fprintf(stderr, "failed to connect!\n");
+        return -1;
+    }
+
+    /* Create a session instance */
+    session = libssh2_session_init();
+    if(!session) {
+        fprintf(stderr, "Could not initialize SSH session!\n");
+        return -1;
+    }
+
+    /* ... start it up. This will trade welcome banners, exchange keys,
+     * and setup crypto, compression, and MAC layers
+     */
+    rc = libssh2_session_handshake(session, sock);
+    if(rc) {
+        fprintf(stderr, "Error when starting up SSH session: %d\n", rc);
+        return -1;
+    }
+
+    /* At this point we havn't yet authenticated.  The first thing to do
+     * is check the hostkey's fingerprint against our known hosts Your app
+     * may have it hard coded, may go to a file, may present it to the
+     * user, that's your call
+     */
+    fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
+    fprintf(stderr, "Fingerprint: ");
+    for(i = 0; i < 20; i++)
+        fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
+    fprintf(stderr, "\n");
+
+    /* check what authentication methods are available */
+    userauthlist = libssh2_userauth_list(session, username, strlen(username));
+    fprintf(stderr, "Authentication methods: %s\n", userauthlist);
+    if (strstr(userauthlist, "password"))
+        auth |= AUTH_PASSWORD;
+    if (strstr(userauthlist, "publickey"))
+        auth |= AUTH_PUBLICKEY;
+
+    /* check for options */
+    if(argc > 8) {
+        if ((auth & AUTH_PASSWORD) && !strcasecmp(argv[8], "-p"))
+            auth = AUTH_PASSWORD;
+        if ((auth & AUTH_PUBLICKEY) && !strcasecmp(argv[8], "-k"))
+            auth = AUTH_PUBLICKEY;
+    }
+
+    if (auth & AUTH_PASSWORD) {
+        if (libssh2_userauth_password(session, username, password)) {
+            fprintf(stderr, "Authentication by password failed.\n");
+            goto shutdown;
+        }
+    } else if (auth & AUTH_PUBLICKEY) {
+        if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
+                                                keyfile2, password)) {
+            fprintf(stderr, "\tAuthentication by public key failed!\n");
+            goto shutdown;
+        }
+        fprintf(stderr, "\tAuthentication by public key succeeded.\n");
+    } else {
+        fprintf(stderr, "No supported authentication methods found!\n");
+        goto shutdown;
+    }
+
+    fprintf(stderr, "Asking server to listen on remote %s:%d\n",
+        remote_listenhost, remote_wantport);
+
+    listener = libssh2_channel_forward_listen_ex(session, remote_listenhost,
+        remote_wantport, &remote_listenport, 1);
+    if (!listener) {
+        fprintf(stderr, "Could not start the tcpip-forward listener!\n"
+                "(Note that this can be a problem at the server!"
+                " Please review the server logs.)\n");
+        goto shutdown;
+    }
+
+    fprintf(stderr, "Server is listening on %s:%d\n", remote_listenhost,
+        remote_listenport);
+
+    fprintf(stderr, "Waiting for remote connection\n");
+    channel = libssh2_channel_forward_accept(listener);
+    if (!channel) {
+        fprintf(stderr, "Could not accept connection!\n"
+                "(Note that this can be a problem at the server!"
+                " Please review the server logs.)\n");
+        goto shutdown;
+    }
+
+    fprintf(stderr,
+        "Accepted remote connection. Connecting to local server %s:%d\n",
+        local_destip, local_destport);
+    forwardsock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+    sin.sin_family = AF_INET;
+    sin.sin_port = htons(local_destport);
+    if (INADDR_NONE == (sin.sin_addr.s_addr = inet_addr(local_destip))) {
+        perror("inet_addr");
+        goto shutdown;
+    }
+    if (-1 == connect(forwardsock, (struct sockaddr *)&sin, sinlen)) {
+        perror("connect");
+        goto shutdown;
+    }
+
+    fprintf(stderr, "Forwarding connection from remote %s:%d to local %s:%d\n",
+        remote_listenhost, remote_listenport, local_destip, local_destport);
+
+    /* Must use non-blocking IO hereafter due to the current libssh2 API */
+    libssh2_session_set_blocking(session, 0);
+
+    while (1) {
+        FD_ZERO(&fds);
+        FD_SET(forwardsock, &fds);
+        tv.tv_sec = 0;
+        tv.tv_usec = 100000;
+        rc = select(forwardsock + 1, &fds, NULL, NULL, &tv);
+        if (-1 == rc) {
+            perror("select");
+            goto shutdown;
+        }
+        if (rc && FD_ISSET(forwardsock, &fds)) {
+            len = recv(forwardsock, buf, sizeof(buf), 0);
+            if (len < 0) {
+                perror("read");
+                goto shutdown;
+            } else if (0 == len) {
+                fprintf(stderr, "The local server at %s:%d disconnected!\n",
+                    local_destip, local_destport);
+                goto shutdown;
+            }
+            wr = 0;
+            do {
+                i = libssh2_channel_write(channel, buf, len);
+                if (i < 0) {
+                    fprintf(stderr, "libssh2_channel_write: %d\n", i);
+                    goto shutdown;
+                }
+                wr += i;
+            } while(i > 0 && wr < len);
+        }
+        while (1) {
+            len = libssh2_channel_read(channel, buf, sizeof(buf));
+            if (LIBSSH2_ERROR_EAGAIN == len)
+                break;
+            else if (len < 0) {
+                fprintf(stderr, "libssh2_channel_read: %d", (int)len);
+                goto shutdown;
+            }
+            wr = 0;
+            while (wr < len) {
+                i = send(forwardsock, buf + wr, len - wr, 0);
+                if (i <= 0) {
+                    perror("write");
+                    goto shutdown;
+                }
+                wr += i;
+            }
+            if (libssh2_channel_eof(channel)) {
+                fprintf(stderr, "The remote client at %s:%d disconnected!\n",
+                    remote_listenhost, remote_listenport);
+                goto shutdown;
+            }
+        }
+    }
+
+shutdown:
+#ifdef WIN32
+    closesocket(forwardsock);
+#else
+    close(forwardsock);
+#endif
+    if (channel)
+        libssh2_channel_free(channel);
+    if (listener)
+        libssh2_channel_forward_cancel(listener);
+    libssh2_session_disconnect(session, "Client disconnecting normally");
+    libssh2_session_free(session);
+
+#ifdef WIN32
+    closesocket(sock);
+#else
+    close(sock);
+#endif
+
+    libssh2_exit();
+
+    return 0;
+}

example/x11.c

@@ -79,7 +79,12 @@ static int _raw_mode(void)
     rc = tcgetattr(fileno(stdin), &tio);
     if (rc != -1) {
         _saved_tio = tio;
-        cfmakeraw(&tio);
+        /* do the equivalent of cfmakeraw() manually, to build on Solaris */
+        tio.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP|INLCR|IGNCR|ICRNL|IXON);
+        tio.c_oflag &= ~OPOST;
+        tio.c_lflag &= ~(ECHO|ECHONL|ICANON|ISIG|IEXTEN);
+        tio.c_cflag &= ~(CSIZE|PARENB);
+        tio.c_cflag |= CS8;
         rc = tcsetattr(fileno(stdin), TCSADRAIN, &tio);
     }
     return rc;
@@ -203,7 +208,7 @@ static int x11_send_receive(LIBSSH2_CHANNEL *channel, int sock)
 
     rc = libssh2_poll(fds, nfds, 0);
     if (rc >0) {
-        rc = libssh2_channel_read(channel, buf,sizeof(buf));
+        rc = libssh2_channel_read(channel, buf, bufsize);
         rc = write(sock, buf, rc);
     }
 
@@ -212,7 +217,7 @@ static int x11_send_receive(LIBSSH2_CHANNEL *channel, int sock)
         memset((void *)buf,0,bufsize);
 
         /* Data in sock*/
-        rc = read(sock, buf,sizeof(buf));
+        rc = read(sock, buf, bufsize);
         if (rc > 0)
             rc = libssh2_channel_write(channel,buf, rc);
         else

include/libssh2.h

@@ -1,5 +1,5 @@
 /* Copyright (c) 2004-2009, Sara Golemon <sarag@libssh2.org>
- * Copyright (c) 2009-2010 Daniel Stenberg
+ * Copyright (c) 2009-2012 Daniel Stenberg
  * Copyright (c) 2010 Simon Josefsson <simon@josefsson.org>
  * All rights reserved.
  *
@@ -40,19 +40,19 @@
 #ifndef LIBSSH2_H
 #define LIBSSH2_H 1
 
-#define LIBSSH2_COPYRIGHT "2004-2011 The libssh2 project and its contributors."
+#define LIBSSH2_COPYRIGHT "2004-2012 The libssh2 project and its contributors."
 
 /* We use underscore instead of dash when appending DEV in dev versions just
    to make the BANNER define (used by src/session.c) be a valid SSH
    banner. Release versions have no appended strings and may of course not
    have dashes either. */
-#define LIBSSH2_VERSION                             "1.4.0_DEV"
+#define LIBSSH2_VERSION                             "1.4.3_DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBSSH2_VERSION_MAJOR                       1
 #define LIBSSH2_VERSION_MINOR                       4
-#define LIBSSH2_VERSION_PATCH                       0
+#define LIBSSH2_VERSION_PATCH                       3
 
 /* This is the numeric version of the libssh2 version number, meant for easier
    parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
@@ -69,7 +69,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBSSH2_VERSION_NUM                         0x010400
+#define LIBSSH2_VERSION_NUM                         0x010403
 
 /*
  * This is the date and time when the full source package was created. The
@@ -135,9 +135,10 @@ typedef long long libssh2_int64_t;
 
 #ifdef WIN32
 typedef SOCKET libssh2_socket_t;
+#define LIBSSH2_INVALID_SOCKET INVALID_SOCKET
 #else /* !WIN32 */
 typedef int libssh2_socket_t;
-#define INVALID_SOCKET -1
+#define LIBSSH2_INVALID_SOCKET -1
 #endif /* WIN32 */
 
 /* Part of every banner, user specified or not */
@@ -404,6 +405,7 @@ typedef struct _LIBSSH2_POLLFD {
 #define LIBSSH2_ERROR_SOCKET_RECV               -43
 #define LIBSSH2_ERROR_ENCRYPT                   -44
 #define LIBSSH2_ERROR_BAD_SOCKET                -45
+#define LIBSSH2_ERROR_KNOWN_HOSTS               -46
 
 /* this is a define to provide the old (<= 1.2.7) name */
 #define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV
@@ -466,6 +468,8 @@ LIBSSH2_API void **libssh2_session_abstract(LIBSSH2_SESSION *session);
 
 LIBSSH2_API void *libssh2_session_callback_set(LIBSSH2_SESSION *session,
                                                int cbtype, void *callback);
+LIBSSH2_API int libssh2_session_banner_set(LIBSSH2_SESSION *session,
+                                           const char *banner);
 LIBSSH2_API int libssh2_banner_set(LIBSSH2_SESSION *session,
                                    const char *banner);
 

libssh2.pc.in

@@ -11,6 +11,7 @@ Name: libssh2
 URL: http://www.libssh2.org/
 Description: Library for SSH-based communication
 Version: @LIBSSH2VER@
+Requires.private: @LIBSREQUIRED@
 Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@
 Libs.private: @LIBS@
 Cflags: -I${includedir}

nw/GNUmakefile

@@ -1,7 +1,7 @@
 #########################################################################
 #
 ## Makefile for building libssh2 (NetWare version - gnu make)
-## Use: make -f Makefile.netware [help|all|clean|dev|devclean|dist|distclean|lib|nlm|objclean]
+## Use: make [help|all|clean|dev|devclean|dist|distclean|lib|nlm|objclean]
 ##
 ## Hacked by: Guenter Knauf
 #
@@ -14,12 +14,12 @@ endif
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.5
+ZLIB_PATH = ../../zlib-1.2.7
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8r
+OPENSSL_PATH = ../../openssl-0.9.8x
 endif
 
 # Edit the path below to point to your Distribution folder.
@@ -76,10 +76,7 @@ ifdef METROWERKS
 else
 	CC = $(CROSSPREFIX)gcc
 endif
-CP	= cp -afv
-MD	= mkdir
-RD	= rm -fr
-# RM	= rm -f
+
 # Here you can find a native Win32 binary of the original awk:
 # http://www.gknw.net/development/prgtools/awk-20100523.zip
 AWK	= awk
@@ -89,6 +86,34 @@ AWK	= awk
 MPKXDC	= mkxdc
 ZIP	= zip -qzr9
 
+# Platform-dependent helper tool macros
+ifeq ($(findstring /sh,$(SHELL)),/sh)
+DEL	= rm -f $1
+RMDIR	= rm -fr $1
+MKDIR	= mkdir -p $1
+COPY	= -cp -afv $1 $2
+#COPYR	= -cp -afr $1/* $2
+COPYR	= -rsync -aC $1/* $2
+TOUCH	= touch $1
+CAT	= cat
+ECHONL	= echo ""
+DL	= '
+else
+ifeq "$(OS)" "Windows_NT"
+DEL	= -del 2>NUL /q /f $(subst /,\,$1)
+RMDIR	= -rd 2>NUL /q /s $(subst /,\,$1)
+else
+DEL	= -del 2>NUL $(subst /,\,$1)
+RMDIR	= -deltree 2>NUL /y $(subst /,\,$1)
+endif     
+MKDIR	= -md 2>NUL $(subst /,\,$1)
+COPY	= -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
+COPYR	= -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
+TOUCH	= copy 2>&1>NUL /b $(subst /,\,$1) +,,
+CAT	= type
+ECHONL	= $(ComSpec) /c echo.
+endif
+
 # LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
 LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
 
@@ -120,13 +145,14 @@ else
 endif
 else
 LD	= $(CROSSPREFIX)nlmconv
-LDFLAGS	= -T
+LDFLAGS	= -UT
 AR	= $(CROSSPREFIX)ar
 ARFLAGS	= -cq
 LIBEXT	= a
 RANLIB	= $(CROSSPREFIX)ranlib
-CFLAGS  += -m32
-CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
+CFLAGS	+= -m32
+CFLAGS	+= -fno-builtin -fpcc-struct-return
+CFLAGS	+= -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 #CFLAGS	+= -Wno-pointer-sign
 ifeq ($(LIBARCH),LIBC)
@@ -185,13 +211,6 @@ ifdef XDCOPT
 	XDCDATA = $(OBJDIR)/$(TARGET).xdc
 endif
 
-ifeq ($(findstring /sh,$(SHELL)),/sh)
-DL	= '
-DS	= /
-else
-DS	= \\
-endif
-
 vpath %.c . ../src
 
 # include Makefile.inc to get CSOURCES define
@@ -217,69 +236,74 @@ lib: prebuild $(TARGET).$(LIBEXT)
 prebuild: $(OBJDIR) $(OBJDIR)/version.inc libssh2_config.h
 
 test: all
-	$(MAKE) -C test -f Makefile.netware
+	$(MAKE) -C test
 
 $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
 	$(CC) $(CFLAGS) -c $< -o $@
 
-$(OBJDIR)/version.inc: ../include/libssh2.h $(OBJDIR)
+$(OBJDIR)/version.inc: ../get_ver.awk ../include/libssh2.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../get_ver.awk $< > $@
+	@$(AWK) -f $^ > $@
 
 dist: all $(DISTDIR) $(DISTDIR)/readme.txt
-	@-$(MD) $(DISTDIR)$(DS)bin
-	@-$(CP) ../COPYING $(DISTDIR)
-	@-$(CP) ../INSTALL $(DISTDIR)
-	@-$(CP) ../README $(DISTDIR)
-	@$(CP) $(TARGET).nlm $(DISTDIR)/bin
+	@$(call MD, $(DISTDIR)/bin)
+	@$(call CP, ../AUTHORS, $(DISTDIR))
+	@$(call CP, ../COPYING, $(DISTDIR))
+	@$(call CP, ../INSTALL, $(DISTDIR))
+	@$(call CP, ../README, $(DISTDIR))
+	@$(call CP, ../RELEASE-NOTES, $(DISTDIR))
+	@$(call CP, $(TARGET).nlm, $(DISTDIR)/bin)
 	@echo Creating $(DISTARC)
 	@$(ZIP) $(DISTARC) $(DISTDIR)/* < $(DISTDIR)/readme.txt
 
 dev: all $(DEVLDIR) $(DEVLDIR)/readme.txt
-	@-$(MD) $(DEVLDIR)$(DS)bin
-	@-$(MD) $(DEVLDIR)$(DS)include
-	@-$(MD) $(DEVLDIR)$(DS)nw
-	@-$(CP) ../COPYING $(DISTDIR)
-	@-$(CP) ../INSTALL $(DEVLDIR)
-	@-$(CP) ../README $(DEVLDIR)
-	@$(CP) $(TARGET).nlm $(DEVLDIR)/bin
-	@$(CP) ../include/*.h $(DEVLDIR)/include
-	@$(CP) libssh2_config.h $(DEVLDIR)/include
-	@$(CP) $(TARGET).$(LIBEXT) $(DEVLDIR)/nw
+	@$(call MD, $(DEVLDIR)/bin)
+	@$(call MD, $(DEVLDIR)/include)
+	@$(call MD, $(DEVLDIR)/nw)
+	@$(call CP, ../AUTHORS, $(DEVLDIR))
+	@$(call CP, ../COPYING, $(DEVLDIR))
+	@$(call CP, ../INSTALL, $(DEVLDIR))
+	@$(call CP, ../README, $(DEVLDIR))
+	@$(call CP, ../RELEASE-NOTES, $(DEVLDIR))
+	@$(call CP, ../include/*.h, $(DEVLDIR)/include)
+	@$(call CP, libssh2_config.h, $(DEVLDIR)/include)
+	@$(call CP, $(TARGET).nlm, $(DEVLDIR)/bin)
+	@$(call CP, $(TARGET).imp, $(DEVLDIR)/nw)
+	@$(call CP, $(TARGET).$(LIBEXT), $(DEVLDIR)/nw)
 	@echo Creating $(DEVLARC)
 	@$(ZIP) $(DEVLARC) $(DEVLDIR)/* < $(DEVLDIR)/readme.txt
 
 distclean: clean
-	-$(RD) $(DISTDIR)
-	-$(RM) $(DISTARC)
+	$(call RMDIR, $(DISTDIR))
+	$(call DEL, $(DISTARC))
 
 devclean: clean
-	-$(RD) $(DEVLDIR)
-	-$(RM) $(DEVLARC)
+	$(call RMDIR, $(DEVLDIR))
+	$(call DEL, $(DEVLARC))
 
 objclean:
-	-$(RD) $(OBJDIR)
+	$(call RMDIR, $(OBJDIR))
 
 testclean: clean
-	$(MAKE) -C test -f Makefile.netware clean
+	$(MAKE) -C test clean
 
 clean: objclean
-	-$(RM) libssh2_config.h
-	-$(RM) $(TARGET).nlm $(TARGET).$(LIBEXT) $(TARGET).imp
+	$(call DEL, libssh2_config.h)
+	$(call DEL, $(TARGET).*)
 
 $(OBJDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(DISTDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(DEVLDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(TARGET).$(LIBEXT): $(OBJS)
 	@echo Creating $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	@$(AR) $(ARFLAGS) $@ $^
 ifdef RANLIB
 	@$(RANLIB) $@
@@ -287,14 +311,14 @@ endif
 
 $(TARGET).nlm: $(OBJDIR)/$(TARGET).def $(TARGET).imp $(OBJL) $(XDCDATA)
 	@echo Linking $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	@$(LD) $(LDFLAGS) $<
 
-$(OBJDIR)/%.xdc: Makefile.netware
+$(OBJDIR)/%.xdc: GNUmakefile
 	@echo Creating $@
 	@$(MPKXDC) $(XDCOPT) $@
 
-$(OBJDIR)/%.def: Makefile.netware
+$(OBJDIR)/%.def: GNUmakefile
 	@echo $(DL)# DEF file for linking with $(LD)$(DL) > $@
 	@echo $(DL)# Do not edit this file - it is created by make!$(DL) >> $@
 	@echo $(DL)# All your changes will be lost!!$(DL) >> $@
@@ -353,7 +377,7 @@ ifeq ($(LD),nlmconv)
 	@echo $(DL)output $(TARGET).nlm$(DL) >> $@
 endif
 
-libssh2_config.h: Makefile.netware
+libssh2_config.h: GNUmakefile
 	@echo Creating $@
 	@echo $(DL)/* $@ for NetWare target.$(DL) > $@
 	@echo $(DL)** Do not edit this file - it is created by make!$(DL) >> $@
@@ -479,7 +503,7 @@ ifeq ($(DB),DEBUG)
 	@echo $(DL)#define LIBSSH2_DEBUG_USERAUTH 1$(DL) >> $@
 endif
 
-libssh2.imp: Makefile.netware
+libssh2.imp: GNUmakefile
 	@echo Creating $@
 	@echo $(DL)# $@ for NetWare target.$(DL) > $@
 	@echo $(DL)# Do not edit this file - it is created by make!$(DL) >> $@
@@ -554,7 +578,7 @@ endif
 	@echo $(DL)  libssh2_userauth_password_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_userauth_publickey_fromfile_ex$(DL) >> $@
 
-$(DISTDIR)/readme.txt: Makefile.netware
+$(DISTDIR)/readme.txt: GNUmakefile
 	@echo Creating $@
 	@echo $(DL)This is a binary distribution for NetWare platform.$(DL) > $@
 	@echo $(DL)libssh2 version $(LIBSSH2_VERSION_STR)$(DL) >> $@
@@ -562,11 +586,11 @@ $(DISTDIR)/readme.txt: Makefile.netware
 	@echo $(DL)any further documentation:$(DL) >> $@
 	@echo $(DL)$(WWWURL)$(DL) >> $@
 
-$(DEVLDIR)/readme.txt: Makefile.netware
+$(DEVLDIR)/readme.txt: GNUmakefile
 	@echo Creating $@
 	@echo $(DL)This is a development distribution for NetWare platform.$(DL) > $@
 	@echo $(DL)libssh2 version $(LIBSSH2_VERSION_STR)$(DL) >> $@
-	@echo $(DL)Please download the complete libssh package for$(DL) >> $@
+	@echo $(DL)Please download the complete libssh2 package for$(DL) >> $@
 	@echo $(DL)any further documentation:$(DL) >> $@
 	@echo $(DL)$(WWWURL)$(DL) >> $@
 

nw/Makefile

@@ -1,2 +0,0 @@
-include Makefile.netware
-

nw/test/GNUmakefile

@@ -1,7 +1,6 @@
 #########################################################################
 #
 ## Makefile for building libssh2 (NetWare version - gnu make)
-## Use: make -f Makefile.netware
 ##
 ## Hacked by: Guenter Knauf
 #
@@ -14,12 +13,12 @@ endif
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../../zlib-1.2.5
+ZLIB_PATH = ../../../zlib-1.2.7
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8r
+OPENSSL_PATH = ../../../openssl-0.9.8x
 endif
 
 # Edit the var below to enable static linking of libssh2 and libz
@@ -70,10 +69,7 @@ ifdef METROWERKS
 else
 	CC = $(CROSSPREFIX)gcc
 endif
-CP	= cp -afv
-MD	= mkdir
-RD	= rm -fr
-# RM	= rm -f
+
 # Here you can find a native Win32 binary of the original awk:
 # http://www.gknw.net/development/prgtools/awk-20100523.zip
 AWK	= awk
@@ -82,6 +78,34 @@ AWK	= awk
 # http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
 
+# Platform-dependent helper tool macros
+ifeq ($(findstring /sh,$(SHELL)),/sh)
+DEL	= rm -f $1
+RMDIR	= rm -fr $1
+MKDIR	= mkdir -p $1
+COPY	= -cp -afv $1 $2
+#COPYR	= -cp -afr $1/* $2
+COPYR	= -rsync -aC $1/* $2
+TOUCH	= touch $1
+CAT	= cat
+ECHONL	= echo ""
+DL	= '
+else
+ifeq "$(OS)" "Windows_NT"
+DEL	= -del 2>NUL /q /f $(subst /,\,$1)
+RMDIR	= -rd 2>NUL /q /s $(subst /,\,$1)
+else
+DEL	= -del 2>NUL $(subst /,\,$1)
+RMDIR	= -deltree 2>NUL /y $(subst /,\,$1)
+endif     
+MKDIR	= -md 2>NUL $(subst /,\,$1)
+COPY	= -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
+COPYR	= -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
+TOUCH	= copy 2>&1>NUL /b $(subst /,\,$1) +,,
+CAT	= type
+ECHONL	= $(ComSpec) /c echo.
+endif
+
 # LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
 LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
 
@@ -112,12 +136,13 @@ else
 endif
 else
 LD	= nlmconv
-LDFLAGS	= -T
+LDFLAGS	= -UT
 AR	= ar
 ARFLAGS	= -cq
 LIBEXT	= a
 CFLAGS	+= -m32
-CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
+CFLAGS	+= -fno-builtin -fpcc-struct-return
+CFLAGS	+= -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
@@ -181,13 +206,6 @@ ifeq ($(MTSAFE),NO)
 	XDCOPT = -u
 endif
 
-ifeq ($(findstring /sh,$(SHELL)),/sh)
-DL      = '
-DS      = /
-else
-DS      = \\
-endif
-
 vpath %.c $(SAMPLES)
 
 .PRECIOUS: $(OBJDIR)/%.o $(OBJDIR)/%.def $(OBJDIR)/%.xdc
@@ -201,29 +219,29 @@ $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
 	$(CC) $(CFLAGS) -c $< -o $@
 
-$(OBJDIR)/version.inc: ../../include/libssh2.h $(OBJDIR)
+$(OBJDIR)/version.inc: ../../get_ver.awk ../../include/libssh2.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../../get_ver.awk $< > $@
+	@$(AWK) -f $^ > $@
 
 objclean:
-	-$(RD) $(OBJDIR)
+	$(call RMDIR, $(OBJDIR))
 
 clean: objclean
-	-$(RM) $(TARGETS)
+	$(foreach f, $(TARGETS), $(call DEL, $(f)))
 
 $(OBJDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 %.nlm: $(OBJDIR)/%.def $(OBJDIR)/%.o $(OBJDIR)/%.xdc
 	@echo Linking $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	@$(LD) $(LDFLAGS) $<
 
-$(OBJDIR)/%.xdc: Makefile.netware
+$(OBJDIR)/%.xdc: GNUmakefile
 	@echo Creating $@
 	@$(MPKXDC) $(XDCOPT) $@
 
-$(OBJDIR)/%.def: Makefile.netware
+$(OBJDIR)/%.def: GNUmakefile
 	@echo $(DL)# DEF file for linking with $(LD)$(DL) > $@
 	@echo $(DL)# Do not edit this file - it is created by make!$(DL) >> $@
 	@echo $(DL)# All your changes will be lost!!$(DL) >> $@

src/NMakefile

@@ -1,33 +1,20 @@
 !include "win32/config.mk"
 
+!include "win32/objects.mk"
+
 CFLAGS=$(CFLAGS)
 
-OBJECTS = \
-	$(INTDIR)\channel.obj \
-	$(INTDIR)\comp.obj \
-	$(INTDIR)\crypt.obj \
-	$(INTDIR)\global.obj \
-	$(INTDIR)\hostkey.obj \
-	$(INTDIR)\keepalive.obj \
-	$(INTDIR)\kex.obj \
-	$(INTDIR)\mac.obj \
-	$(INTDIR)\misc.obj \
-	$(INTDIR)\openssl.obj \
-	$(INTDIR)\packet.obj \
-	$(INTDIR)\pem.obj \
-	$(INTDIR)\publickey.obj \
-	$(INTDIR)\scp.obj \
-	$(INTDIR)\session.obj \
-	$(INTDIR)\sftp.obj \
-	$(INTDIR)\transport.obj \
-	$(INTDIR)\userauth.obj
+RESOURCE=$(INTDIR)\libssh2.res
 
 DLL=libssh2$(SUFFIX).dll
 
-$(DLL): $(OBJECTS)
-	$(CC) -o $(DLL) $(DLLFLAGS) $(OBJECTS) $(LIBS)
-
 all: $(DLL)
 
+$(DLL): $(OBJECTS) $(RESOURCE)
+	$(CC) -o $(DLL) $(DLLFLAGS) $(OBJECTS) $(RESOURCE) $(LIBS)
+
+$(RESOURCE): win32\libssh2.rc
+	$(RC) $(RCFLAGS) /Fo"$@" $?
+
 !include "win32/rules.mk"
 

src/agent.c

@@ -338,7 +338,7 @@ agent_transact_pageant(LIBSSH2_AGENT *agent, agent_transaction_ctx_t transctx)
 static int
 agent_disconnect_pageant(LIBSSH2_AGENT *agent)
 {
-    agent->fd = INVALID_SOCKET;
+    agent->fd = LIBSSH2_INVALID_SOCKET;
     return 0;
 }
 
@@ -771,7 +771,7 @@ libssh2_agent_userauth(LIBSSH2_AGENT *agent,
 LIBSSH2_API int
 libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
 {
-    if (agent->ops && agent->fd != INVALID_SOCKET)
+    if (agent->ops && agent->fd != LIBSSH2_INVALID_SOCKET)
         return agent->ops->disconnect(agent);
     return 0;
 }
@@ -785,7 +785,7 @@ libssh2_agent_disconnect(LIBSSH2_AGENT *agent)
 LIBSSH2_API void
 libssh2_agent_free(LIBSSH2_AGENT *agent) {
     /* Allow connection freeing when the socket has lost its connection */
-    if (agent->fd != INVALID_SOCKET) {
+    if (agent->fd != LIBSSH2_INVALID_SOCKET) {
         libssh2_agent_disconnect(agent);
     }
     agent_free_identities(agent);

src/channel.c

@@ -1418,7 +1418,7 @@ _libssh2_channel_flush(LIBSSH2_CHANNEL *channel, int streamid)
 
         rc = _libssh2_channel_receive_window_adjust(channel,
                                                     channel->flush_refund_bytes,
-                                                    0, NULL);
+                                                    1, NULL);
         if (rc == LIBSSH2_ERROR_EAGAIN)
             return rc;
     }
@@ -1483,10 +1483,11 @@ libssh2_channel_get_exit_signal(LIBSSH2_CHANNEL *channel,
                                 char **langtag,
                                 size_t *langtag_len)
 {
-    LIBSSH2_SESSION *session = channel->session;
     size_t namelen = 0;
 
     if (channel) {
+        LIBSSH2_SESSION *session = channel->session;
+
         if (channel->exit_signal) {
             namelen = strlen(channel->exit_signal);
             if (exitsignal) {
@@ -1898,7 +1899,7 @@ libssh2_channel_read_ex(LIBSSH2_CHANNEL *channel, int stream_id, char *buf,
     if(buflen > recv_window) {
         BLOCK_ADJUST(rc, channel->session,
                      _libssh2_channel_receive_window_adjust(channel, buflen,
-                                                            0, NULL));
+                                                            1, NULL));
     }
 
     BLOCK_ADJUST(rc, channel->session,
@@ -2008,6 +2009,9 @@ _libssh2_channel_write(LIBSSH2_CHANNEL *channel, int stream_id,
             rc = _libssh2_transport_read(session);
         while (rc > 0);
 
+        if((rc < 0) && (rc != LIBSSH2_ERROR_EAGAIN))
+            return rc;
+
         if(channel->local.window_size <= 0)
             /* there's no room for data so we stop */
             return (rc==LIBSSH2_ERROR_EAGAIN?rc:0);

src/comp.c

@@ -96,6 +96,7 @@ comp_method_none_decomp(LIBSSH2_SESSION * session,
 static const LIBSSH2_COMP_METHOD comp_method_none = {
     "none",
     0, /* not really compressing */
+    0, /* isn't used in userauth, go figure */
     NULL,
     comp_method_none_comp,
     comp_method_none_decomp,
@@ -248,83 +249,56 @@ comp_method_zlib_decomp(LIBSSH2_SESSION * session,
     if (!strm->next_out)
         return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                               "Unable to allocate decompression buffer");
-    while (strm->avail_in) {
-        int status;
+
+    /* Loop until it's all inflated or hit error */
+    for (;;) {
+        int status, grow_size;
+        size_t out_ofs;
+        char *newout;
 
         status = inflate(strm, Z_PARTIAL_FLUSH);
 
-        if (status != Z_OK) {
+        if (status == Z_OK) {
+            if (! strm->avail_in) {
+                /* status is OK and input all used so we're done */
+                break;
+            }
+        } else if (status == Z_BUF_ERROR) {
+            /* This is OK, just drop through to grow the buffer */
+        } else {
+            /* error state */
             LIBSSH2_FREE(session, out);
             _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                            "unhandled zlib error %d", status);
             return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
                                   "decompression failure");
         }
+
+        /* If we get here we need to grow the output buffer and try again */
+        out_ofs = out_maxlen - strm->avail_out;
         if (strm->avail_in) {
-            size_t out_ofs = out_maxlen - strm->avail_out;
-            char *newout;
+            grow_size = strm->avail_in * 8;
+        } else {
+            /* Not sure how much to grow by */
+            grow_size = 32;
+        }
+        out_maxlen += grow_size;
 
-            out_maxlen += 8 * strm->avail_in;
+        if ((out_maxlen > (int) payload_limit) && limiter++) {
+            LIBSSH2_FREE(session, out);
+            return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
+                                  "Excessive growth in decompression phase");
+        }
 
-            if ((out_maxlen > (int) payload_limit) && limiter++) {
-                LIBSSH2_FREE(session, out);
-                return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
-                                      "Excessive growth in decompression phase");
-            }
-
-            newout = LIBSSH2_REALLOC(session, out, out_maxlen);
-            if (!newout) {
-                LIBSSH2_FREE(session, out);
-                return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
-                                      "Unable to expand decompression buffer");
-            }
-            out = newout;
-            strm->next_out = (unsigned char *) out + out_ofs;
-            strm->avail_out += 8 * strm->avail_in;
-        } else
-            while (!strm->avail_out) {
-                /* Done with input, might be a byte or two in internal buffer
-                 * during compress.  Or potentially many bytes if it's a
-                 * decompress
-                 */
-                int grow_size = 2048;
-                char *newout;
-
-                if (out_maxlen >= (int) payload_limit) {
-                    LIBSSH2_FREE(session, out);
-                    return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
-                                          "Excessive growth in decompression "
-                                          "phase");
-                }
-
-                if (grow_size > (int) (payload_limit - out_maxlen)) {
-                    grow_size = payload_limit - out_maxlen;
-                }
-
-                out_maxlen += grow_size;
-                strm->avail_out = grow_size;
-
-                newout = LIBSSH2_REALLOC(session, out, out_maxlen);
-                if (!newout) {
-                    LIBSSH2_FREE(session, out);
-                    return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
-                                          "Unable to expand final "
-                                          "decompress buffer");
-                }
-                out = newout;
-                strm->next_out = (unsigned char *) out + out_maxlen -
-                    grow_size;
-
-                status = inflate(strm, Z_PARTIAL_FLUSH);
-
-                if (status != Z_OK) {
-                    LIBSSH2_FREE(session, out);
-                    _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
-                                   "unhandled zlib error %d", status);
-                    return _libssh2_error(session, LIBSSH2_ERROR_ZLIB,
-                                          "decompression failure");
-                }
-            }
+        newout = LIBSSH2_REALLOC(session, out, out_maxlen);
+        if (!newout) {
+            LIBSSH2_FREE(session, out);
+            return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                  "Unable to expand decompression buffer");
+        }
+        out = newout;
+        strm->next_out = (unsigned char *) out + out_ofs;
+        strm->avail_out += grow_size;
     }
 
     *dest = (unsigned char *) out;
@@ -357,6 +331,17 @@ comp_method_zlib_dtor(LIBSSH2_SESSION *session, int compr, void **abstract)
 static const LIBSSH2_COMP_METHOD comp_method_zlib = {
     "zlib",
     1, /* yes, this compresses */
+    1, /* do compression during userauth */
+    comp_method_zlib_init,
+    comp_method_zlib_comp,
+    comp_method_zlib_decomp,
+    comp_method_zlib_dtor,
+};
+
+static const LIBSSH2_COMP_METHOD comp_method_zlib_openssh = {
+    "zlib@openssh.com",
+    1, /* yes, this compresses */
+    0, /* don't use compression during userauth */
     comp_method_zlib_init,
     comp_method_zlib_comp,
     comp_method_zlib_decomp,
@@ -369,6 +354,7 @@ static const LIBSSH2_COMP_METHOD comp_method_zlib = {
 static const LIBSSH2_COMP_METHOD *comp_methods[] = {
 #ifdef LIBSSH2_HAVE_ZLIB
     &comp_method_zlib,
+    &comp_method_zlib_openssh,
 #endif /* LIBSSH2_HAVE_ZLIB */
     &comp_method_none,
     NULL

src/crypt.c

@@ -96,11 +96,12 @@ crypt_init(LIBSSH2_SESSION * session,
 
 static int
 crypt_encrypt(LIBSSH2_SESSION * session, unsigned char *block,
-                 void **abstract)
+              size_t blocksize, void **abstract)
 {
     struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
     (void) session;
-    return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
+    return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
+                                 blocksize);
 }
 
 static int
@@ -248,7 +249,8 @@ crypt_init_arcfour128(LIBSSH2_SESSION * session,
         unsigned char block[8];
         size_t discard = 1536;
         for (; discard; discard -= 8)
-            _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
+            _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
+                                  method->blocksize);
     }
 
     return rc;

src/crypto.h

@@ -75,6 +75,7 @@ int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session,
                            unsigned char **signature,
                            size_t *signature_len);
 
+#if LIBSSH2_DSA
 int _libssh2_dsa_new(libssh2_dsa_ctx ** dsa,
                      const unsigned char *pdata,
                      unsigned long plen,
@@ -95,6 +96,7 @@ int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
 int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
                            const unsigned char *hash,
                            unsigned long hash_len, unsigned char *sig);
+#endif
 
 int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
                          _libssh2_cipher_type(algo),
@@ -103,7 +105,7 @@ int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
 
 int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
                           _libssh2_cipher_type(algo),
-                          int encrypt, unsigned char *block);
+                          int encrypt, unsigned char *block, size_t blocksize);
 
 int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
                               unsigned char **method,

src/global.c

@@ -74,5 +74,5 @@ void
 _libssh2_init_if_needed(void)
 {
     if (_libssh2_initialized == 0)
-        libssh2_init (0);
+        (void)libssh2_init (0);
 }

src/hostkey.c

@@ -429,7 +429,9 @@ libssh2_hostkey_hash(LIBSSH2_SESSION * session, int hash_type)
     switch (hash_type) {
 #if LIBSSH2_MD5
     case LIBSSH2_HOSTKEY_HASH_MD5:
-        return (char *) session->server_hostkey_md5;
+        return (session->server_hostkey_md5_valid)
+          ? (char *) session->server_hostkey_md5
+          : NULL;
         break;
 #endif /* LIBSSH2_MD5 */
     case LIBSSH2_HOSTKEY_HASH_SHA1:

src/kex.c

@@ -218,10 +218,15 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
         {
             libssh2_md5_ctx fingerprint_ctx;
 
-            libssh2_md5_init(&fingerprint_ctx);
-            libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
-                               session->server_hostkey_len);
-            libssh2_md5_final(fingerprint_ctx, session->server_hostkey_md5);
+            if (libssh2_md5_init(&fingerprint_ctx)) {
+                libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
+                                   session->server_hostkey_len);
+                libssh2_md5_final(fingerprint_ctx, session->server_hostkey_md5);
+                session->server_hostkey_md5_valid = TRUE;
+            }
+            else {
+                session->server_hostkey_md5_valid = FALSE;
+            }
         }
 #ifdef LIBSSH2DEBUG
         {

src/knownhost.c

@@ -910,8 +910,11 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
     file = fopen(filename, "r");
     if(file) {
         while(fgets(buf, sizeof(buf), file)) {
-            if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type))
+            if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) {
+                num = _libssh2_error(hosts->session, LIBSSH2_ERROR_KNOWN_HOSTS,
+                                     "Failed to parse known hosts file");
                 break;
+            }
             num++;
         }
         fclose(file);
@@ -997,10 +1000,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
 
         if(nlen <= buflen)
             if(node->comment)
-                sprintf(buf, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
                         keytype, node->key, node->comment);
             else
-                sprintf(buf, "|1|%s|%s%s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s\n", saltalloc, namealloc,
                         keytype, node->key);
         else
             rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
@@ -1016,10 +1019,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
         if(nlen <= buflen)
             /* these types have the plain name */
             if(node->comment)
-                sprintf(buf, "%s%s %s %s\n", node->name, keytype, node->key,
+                snprintf(buf, buflen, "%s%s %s %s\n", node->name, keytype, node->key,
                         node->comment);
             else
-                sprintf(buf, "%s%s %s\n", node->name, keytype, node->key);
+                snprintf(buf, buflen, "%s%s %s\n", node->name, keytype, node->key);
         else
             rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
                                 "Known-host write buffer too small");

src/libgcrypt.c

@@ -553,17 +553,11 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
 int
 _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
                       _libssh2_cipher_type(algo),
-                      int encrypt, unsigned char *block)
+                      int encrypt, unsigned char *block, size_t blklen)
 {
     int cipher = _libssh2_gcry_cipher (algo);
-    size_t blklen = gcry_cipher_get_algo_blklen(cipher);
     int ret;
 
-    if (blklen == 1) {
-/* Hack for arcfour. */
-        blklen = 8;
-    }
-
     if (encrypt) {
         ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen);
     } else {
@@ -581,7 +575,7 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
                           const char *privatekey,
                           const char *passphrase)
 {
-    return _libssh_error(session, LIBSSH2_ERROR_FILE,
+    return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                          "Unable to extract public key from private key file: "
                          "Method unimplemented in libgcrypt backend");
 }

src/libgcrypt.h

@@ -68,7 +68,11 @@
   gcry_md_hash_buffer (GCRY_MD_SHA1, out, message, len)
 
 #define libssh2_md5_ctx gcry_md_hd_t
-#define libssh2_md5_init(ctx) gcry_md_open (ctx,  GCRY_MD_MD5, 0);
+
+/* returns 0 in case of failure */
+#define libssh2_md5_init(ctx) \
+  (GPG_ERR_NO_ERROR == gcry_md_open (ctx,  GCRY_MD_MD5, 0))
+
 #define libssh2_md5_update(ctx, data, len) gcry_md_write (ctx, data, len)
 #define libssh2_md5_final(ctx, out) \
   memcpy (out, gcry_md_read (ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close (ctx)

src/libssh2_priv.h

@@ -597,6 +597,7 @@ struct _LIBSSH2_SESSION
     uint32_t server_hostkey_len;
 #if LIBSSH2_MD5
     unsigned char server_hostkey_md5[MD5_DIGEST_LENGTH];
+    int server_hostkey_md5_valid;
 #endif                          /* ! LIBSSH2_MD5 */
     unsigned char server_hostkey_sha1[SHA_DIGEST_LENGTH];
 
@@ -882,7 +883,7 @@ struct _LIBSSH2_CRYPT_METHOD
                  int *free_iv, unsigned char *secret, int *free_secret,
                  int encrypt, void **abstract);
     int (*crypt) (LIBSSH2_SESSION * session, unsigned char *block,
-                  void **abstract);
+                  size_t blocksize, void **abstract);
     int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
 
       _libssh2_cipher_type(algo);
@@ -892,6 +893,7 @@ struct _LIBSSH2_COMP_METHOD
 {
     const char *name;
     int compress; /* 1 if it does compress, 0 if it doesn't */
+    int use_in_auth; /* 1 if compression should be used in userauth */
     int (*init) (LIBSSH2_SESSION *session, int compress, void **abstract);
     int (*comp) (LIBSSH2_SESSION *session,
                  unsigned char *dest,
@@ -1030,9 +1032,9 @@ void _libssh2_init_if_needed (void);
 
 /* define to output the libssh2_int64_t type in a *printf() */
 #if defined( __BORLANDC__ ) || defined( _MSC_VER ) || defined( __MINGW32__ )
-#define LIBSSH2_INT64_T_FORMAT "I64"
+#define LIBSSH2_INT64_T_FORMAT "I64d"
 #else
-#define LIBSSH2_INT64_T_FORMAT "ll"
+#define LIBSSH2_INT64_T_FORMAT "lld"
 #endif
 
 #endif /* LIBSSH2_H */

src/misc.h

@@ -78,7 +78,7 @@ void _libssh2_htonu32(unsigned char *buf, uint32_t val);
 void _libssh2_store_u32(unsigned char **buf, uint32_t value);
 void _libssh2_store_str(unsigned char **buf, const char *str, size_t len);
 
-#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__)
+#if defined(LIBSSH2_WIN32) && !defined(__MINGW32__) && !defined(__CYGWIN__)
 /* provide a private one */
 #undef HAVE_GETTIMEOFDAY
 int __cdecl _libssh2_gettimeofday(struct timeval *tp, void *tzp);

src/openssl.c

@@ -175,25 +175,19 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
                      unsigned char *iv, unsigned char *secret, int encrypt)
 {
     EVP_CIPHER_CTX_init(h);
-    EVP_CipherInit(h, algo(), secret, iv, encrypt);
-    return 0;
+    return !EVP_CipherInit(h, algo(), secret, iv, encrypt);
 }
 
 int
 _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
                       _libssh2_cipher_type(algo),
-                      int encrypt, unsigned char *block)
+                      int encrypt, unsigned char *block, size_t blocksize)
 {
-    int blocksize = ctx->cipher->block_size;
     unsigned char buf[EVP_MAX_BLOCK_LENGTH];
     int ret;
     (void) algo;
     (void) encrypt;
 
-    if (blocksize == 1) {
-/* Hack for arcfour. */
-        blocksize = 8;
-    }
     ret = EVP_Cipher(ctx, buf, block, blocksize);
     if (ret == 1) {
         memcpy(block, buf, blocksize);
@@ -201,7 +195,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
     return ret == 1 ? 0 : 1;
 }
 
-#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR)
+#if LIBSSH2_AES_CTR
 
 #include <openssl/aes.h>
 #include <openssl/evp.h>
@@ -217,13 +211,14 @@ static int
 aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
              const unsigned char *iv, int enc) /* init key */
 {
-    aes_ctr_ctx *c = malloc(sizeof(*c));
+    /*
+     * variable "c" is leaked from this scope, but is later freed
+     * in aes_ctr_cleanup
+     */
+    aes_ctr_ctx *c;
     const EVP_CIPHER *aes_cipher;
     (void) enc;
 
-    if (c == NULL)
-        return 0;
-
     switch (ctx->key_len) {
     case 16:
         aes_cipher = EVP_aes_128_ecb();
@@ -237,11 +232,20 @@ aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     default:
         return 0;
     }
-    c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
-    if (c->aes_ctx == NULL)
+
+    c = malloc(sizeof(*c));
+    if (c == NULL)
         return 0;
 
+    c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
+    if (c->aes_ctx == NULL) {
+        free(c);
+        return 0;
+    }
+
     if (EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {
+        free(c->aes_ctx);
+        free(c);
         return 0;
     }
 
@@ -358,6 +362,8 @@ void _libssh2_init_aes_ctr(void)
     _libssh2_EVP_aes_256_ctr();
 }
 
+#else
+void _libssh2_init_aes_ctr(void) {}
 #endif /* LIBSSH2_AES_CTR */
 
 /* TODO: Optionally call a passphrase callback specified by the

src/openssl.h

@@ -113,7 +113,10 @@
 void libssh2_sha1(const unsigned char *message, unsigned long len, unsigned char *out);
 
 #define libssh2_md5_ctx EVP_MD_CTX
+
+/* returns 0 in case of failure */
 #define libssh2_md5_init(ctx) EVP_DigestInit(ctx, EVP_get_digestbyname("md5"))
+
 #define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
 #define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
 void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char *out);

src/packet.c

@@ -661,7 +661,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
                 rc = _libssh2_channel_receive_window_adjust(session->
                                                             packAdd_channelp,
                                                             datalen - 13,
-                                                            0, NULL);
+                                                            1, NULL);
                 if (rc == LIBSSH2_ERROR_EAGAIN)
                     return rc;
 
@@ -751,7 +751,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
             if(datalen >= 9) {
                 uint32_t channel = _libssh2_ntohu32(data + 1);
                 uint32_t len = _libssh2_ntohu32(data + 5);
-                unsigned char want_reply = 0;
+                unsigned char want_reply = 1;
 
                 if(len < (datalen - 10))
                     want_reply = data[9 + len];

src/publickey.c

@@ -1,5 +1,5 @@
 /* Copyright (c) 2004-2007, Sara Golemon <sarag@libssh2.org>
- * Copyright (c) 2010 by Daniel Stenberg
+ * Copyright (c) 2010-2012 by Daniel Stenberg
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms,
@@ -384,7 +384,7 @@ static LIBSSH2_PUBLICKEY *publickey_init(LIBSSH2_SESSION *session)
             _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
                            "Would block sending publickey version packet");
             return NULL;
-        } else if (rc) {
+        } else if (rc < 0) {
             _libssh2_error(session, rc,
                            "Unable to send publickey version packet");
             goto err_exit;

src/scp.c

@@ -294,8 +294,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, struct stat * sb)
             return NULL;
         }
 
-        /* sprintf() is fine here since we allocated a large enough buffer */
-        sprintf((char *)session->scpRecv_command, "scp -%sf ", sb?"p":"");
+        snprintf((char *)session->scpRecv_command,
+                 session->scpRecv_command_len, "scp -%sf ", sb?"p":"");
 
         cmd_len = strlen((char *)session->scpRecv_command);
 
@@ -796,8 +796,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
             return NULL;
         }
 
-        sprintf((char *)session->scpSend_command, "scp -%st ",
-                (mtime || atime)?"p":"");
+        snprintf((char *)session->scpSend_command, session->scpSend_command_len,
+                 "scp -%st ", (mtime || atime)?"p":"");
 
         cmd_len = strlen((char *)session->scpSend_command);
 
@@ -957,7 +957,7 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode,
         session->scpSend_response_len =
             snprintf((char *) session->scpSend_response,
                      LIBSSH2_SCP_RESPONSE_BUFLEN, "C0%o %"
-                     LIBSSH2_INT64_T_FORMAT "u %s\n", mode,
+                     LIBSSH2_INT64_T_FORMAT " %s\n", mode,
                      size, base);
         _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Sent %s",
                        session->scpSend_response);

src/session.c

@@ -143,7 +143,7 @@ banner_receive(LIBSSH2_SESSION * session)
 
         if (ret == 0) {
             session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
-            return LIBSSH2_ERROR_SOCKET_RECV;
+            return LIBSSH2_ERROR_SOCKET_DISCONNECT;
         }
 
         if (c == '\0') {
@@ -675,7 +675,7 @@ session_startup(LIBSSH2_SESSION *session, libssh2_socket_t sock)
     if (session->startup_state == libssh2_NB_state_idle) {
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
                        "session_startup for socket %d", sock);
-        if (INVALID_SOCKET == sock) {
+        if (LIBSSH2_INVALID_SOCKET == sock) {
             /* Did we forget something? */
             return _libssh2_error(session, LIBSSH2_ERROR_BAD_SOCKET,
                                   "Bad socket provided");
@@ -828,12 +828,13 @@ session_free(LIBSSH2_SESSION *session)
     LIBSSH2_PACKET *pkg;
     LIBSSH2_CHANNEL *ch;
     LIBSSH2_LISTENER *l;
+    int packets_left = 0;
 
     if (session->free_state == libssh2_NB_state_idle) {
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Freeing session resource",
                        session->remote.banner);
 
-        session->state = libssh2_NB_state_created;
+        session->free_state = libssh2_NB_state_created;
     }
 
     if (session->free_state == libssh2_NB_state_created) {
@@ -844,17 +845,17 @@ session_free(LIBSSH2_SESSION *session)
                 return rc;
         }
 
-        session->state = libssh2_NB_state_sent;
+        session->free_state = libssh2_NB_state_sent;
     }
 
-    if (session->state == libssh2_NB_state_sent) {
+    if (session->free_state == libssh2_NB_state_sent) {
         while ((l = _libssh2_list_first(&session->listeners))) {
             rc = _libssh2_channel_forward_cancel(l);
             if (rc == LIBSSH2_ERROR_EAGAIN)
                 return rc;
         }
 
-        session->state = libssh2_NB_state_sent1;
+        session->free_state = libssh2_NB_state_sent1;
     }
 
     if (session->state & LIBSSH2_STATE_NEWKEYS) {
@@ -1018,6 +1019,9 @@ session_free(LIBSSH2_SESSION *session)
 
     /* Cleanup all remaining packets */
     while ((pkg = _libssh2_list_first(&session->packets))) {
+        packets_left++;
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
+            "packet left with id %d", pkg->data[0]);
         /* unlink the node */
         _libssh2_list_remove(&pkg->node);
 
@@ -1025,6 +1029,8 @@ session_free(LIBSSH2_SESSION *session)
         LIBSSH2_FREE(session, pkg->data);
         LIBSSH2_FREE(session, pkg);
     }
+    _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
+         "Extra packets left %d", packets_left);
 
     if(session->socket_prev_blockstate)
         /* if the socket was previously blocking, put it back so */

src/sftp.h

@@ -1,7 +1,7 @@
 #ifndef _LIBSSH2_SFTP_H
 #define _LIBSSH2_SFTP_H
 /*
- * Copyright (C) 2010, 2011 by Daniel Stenberg
+ * Copyright (C) 2010 - 2012 by Daniel Stenberg
  * Author: Daniel Stenberg <daniel@haxx.se>
  *
  * Redistribution and use in source and binary forms,
@@ -60,6 +60,11 @@ struct sftp_pipeline_chunk {
     unsigned char packet[1]; /* data */
 };
 
+struct sftp_zombie_requests {
+    struct list_node node;
+    uint32_t request_id;
+};
+
 #ifndef MIN
 #define MIN(x,y) ((x)<(y)?(x):(y))
 #endif
@@ -136,6 +141,9 @@ struct _LIBSSH2_SFTP
 
     struct list_head packets;
 
+    /* List of FXP_READ responses to ignore because EOF already received. */
+    struct list_head zombie_requests;
+
     /* a list of _LIBSSH2_SFTP_HANDLE structs */
     struct list_head sftp_handles;
 
@@ -158,9 +166,15 @@ struct _LIBSSH2_SFTP
     size_t open_packet_sent;
     uint32_t open_request_id;
 
-    /* State variables used in libssh2_sftp_read() */
+    /* State variable used in sftp_read() */
     libssh2_nonblocking_states read_state;
 
+    /* State variable used in sftp_packet_read() */
+    libssh2_nonblocking_states packet_state;
+
+    /* State variable used in sftp_write() */
+    libssh2_nonblocking_states write_state;
+
     /* State variables used in libssh2_sftp_readdir() */
     libssh2_nonblocking_states readdir_state;
     unsigned char *readdir_packet;

src/transport.c

@@ -139,7 +139,7 @@ decrypt(LIBSSH2_SESSION * session, unsigned char *source,
     assert((len % blocksize) == 0);
 
     while (len >= blocksize) {
-        if (session->remote.crypt->crypt(session, source,
+        if (session->remote.crypt->crypt(session, source, blocksize,
                                          &session->remote.crypt_abstract)) {
             LIBSSH2_FREE(session, p->payload);
             return LIBSSH2_ERROR_DECRYPT;
@@ -167,6 +167,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
     unsigned char macbuf[MAX_MACSIZE];
     struct transportpacket *p = &session->packet;
     int rc;
+    int compressed;
 
     if (session->fullpacket_state == libssh2_NB_state_idle) {
         session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED;
@@ -199,9 +200,13 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
         session->fullpacket_payload_len -= p->padding_length;
 
         /* Check for and deal with decompression */
-        if (session->remote.comp &&
-            session->remote.comp->compress &&
-            session->remote.comp_abstract) {
+        compressed =
+            session->local.comp != NULL &&
+            session->local.comp->compress &&
+            ((session->state & LIBSSH2_STATE_AUTHENTICATED) ||
+             session->local.comp->use_in_auth);
+
+        if (compressed && session->remote.comp_abstract) {
             /*
              * The buffer for the decompression (remote.comp_abstract) is
              * initialised in time when it is needed so as long it is NULL we
@@ -296,7 +301,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session)
          * is done!
          */
         _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
-                       " key re-exchange");
+                       " key re-exchange from _libssh2_transport_read");
         rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
         if (rc)
             return rc;
@@ -682,11 +687,30 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
 #endif
     struct transportpacket *p = &session->packet;
     int encrypted;
+    int compressed;
     ssize_t ret;
     int rc;
     const unsigned char *orgdata = data;
     size_t orgdata_len = data_len;
 
+    /*
+     * If the last read operation was interrupted in the middle of a key
+     * exchange, we must complete that key exchange before continuing to write
+     * further data.
+     *
+     * See the similar block in _libssh2_transport_read for more details.
+     */
+    if (session->state & LIBSSH2_STATE_EXCHANGING_KEYS &&
+        !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) {
+        /* Don't write any new packets if we're still in the middle of a key
+         * exchange. */
+        _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
+                       " key re-exchange from _libssh2_transport_send");
+        rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
+        if (rc)
+            return rc;
+    }
+
     debugdump(session, "libssh2_transport_write plain", data, data_len);
     if(data2)
         debugdump(session, "libssh2_transport_write plain2", data2, data2_len);
@@ -705,7 +729,13 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
 
     encrypted = (session->state & LIBSSH2_STATE_NEWKEYS) ? 1 : 0;
 
-    if (encrypted && session->local.comp->compress) {
+    compressed =
+        session->local.comp != NULL &&
+        session->local.comp->compress &&
+        ((session->state & LIBSSH2_STATE_AUTHENTICATED) ||
+         session->local.comp->use_in_auth);
+
+    if (encrypted && compressed) {
         /* the idea here is that these function must fail if the output gets
            larger than what fits in the assigned buffer so thus they don't
            check the input size as we don't know how much it compresses */
@@ -816,6 +846,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
         for(i = 0; i < packet_length; i += session->local.crypt->blocksize) {
             unsigned char *ptr = &p->outbuf[i];
             if (session->local.crypt->crypt(session, ptr,
+                                            session->local.crypt->blocksize,
                                             &session->local.crypt_abstract))
                 return LIBSSH2_ERROR_ENCRYPT;     /* encryption failure */
         }

src/userauth.c

@@ -472,7 +472,7 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method,
         return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                               "Unable to open public key file");
     }
-    while (!feof(fd) && (c = fgetc(fd)) != '\r' && c != '\n')
+    while (!feof(fd) && 1 == fread(&c, 1, 1, fd) && c != '\r' && c != '\n')
         pubkey_len++;
     if (feof(fd)) {
         /* the last character was EOF */

win32/.gitignore

@@ -11,3 +11,4 @@ Release
 *.opt
 *.plg
 libssh2.dsp
+objects.mk

win32/GNUmakefile

@@ -9,14 +9,12 @@
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.5
+ZLIB_PATH = ../../zlib-1.2.7
 endif
-# since currently always enabled in libssh2_config.h set here too!
-WITH_ZLIB = 1
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8r
+OPENSSL_PATH = ../../openssl-0.9.8x
 endif
 
 # Edit the var below to set to your architecture or set environment var.
@@ -38,8 +36,6 @@ DEVLARC	= $(DEVLDIR).zip
 
 # Edit the vars below to change target settings.
 TARGET	= libssh2
-VERSION	= $(LIBSSH2_VERSION)
-COPYR   = (c) $(LIBSSH2_COPYRIGHT_STR)
 WWWURL	= http://www.libssh2.org/
 DESCR	= libssh2 $(LIBSSH2_VERSION_STR)
 #STACK	= 64000
@@ -59,29 +55,39 @@ else
 	OBJDIR	= debug
 endif
 
-# Include the version info retrieved from libssh2.h
--include $(OBJDIR)/version.inc
-
-ifeq ($(findstring /sh,$(SHELL)),/sh)
-CP	= cp -afv
-# RM	= rm -f
-MD	= mkdir
-RD	= rm -fr
-DL	= '
-DS	= /
-else
-CP	= copy
-RM	= del /q /f 2>NUL
-MD	= md
-RD	= rd /q /s 2>NUL
-XX	=
-DS	= $(XX)\$(XX)
-endif
 # Here you can find a native Win32 binary of the original awk:
 # http://www.gknw.net/development/prgtools/awk-20100523.zip
 AWK	= awk
 ZIP	= zip -qzr9
 
+# Platform-dependent helper tool macros
+ifeq ($(findstring /sh,$(SHELL)),/sh)
+DEL	= rm -f $1
+RMDIR	= rm -fr $1
+MKDIR	= mkdir -p $1
+COPY	= -cp -afv $1 $2
+#COPYR	= -cp -afr $1/* $2
+COPYR	= -rsync -aC $1/* $2
+TOUCH	= touch $1
+CAT	= cat
+ECHONL	= echo ""
+DL	= '
+else
+ifeq "$(OS)" "Windows_NT"
+DEL	= -del 2>NUL /q /f $(subst /,\,$1)
+RMDIR	= -rd 2>NUL /q /s $(subst /,\,$1)
+else
+DEL	= -del 2>NUL $(subst /,\,$1)
+RMDIR	= -deltree 2>NUL /y $(subst /,\,$1)
+endif
+MKDIR	= -md 2>NUL $(subst /,\,$1)
+COPY	= -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
+COPYR	= -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
+TOUCH	= copy 2>&1>NUL /b $(subst /,\,$1) +,,
+CAT	= type
+ECHONL	= $(ComSpec) /c echo.
+endif
+
 # The following line defines your compiler.
 ifdef METROWERKS
 	CC = mwcc
@@ -89,8 +95,11 @@ else
 	CC = $(CROSSPREFIX)gcc
 endif
 
+# Include the version info retrieved from libssh2.h
+-include $(OBJDIR)/version.inc
+
 # Global flags for all compilers
-CFLAGS	= $(OPT) -D$(DB) -DWIN32 -DLIBSSH2_WIN32 # -DHAVE_CONFIG_H
+CFLAGS	= $(OPT) -D$(DB) -DLIBSSH2_WIN32 # -DHAVE_CONFIG_H
 ifeq ($(ARCH),w64)
 CFLAGS	+= -D_AMD64_
 endif
@@ -113,7 +122,7 @@ CFLAGS	+= -w on,nounused,nounusedexpr # -ansi strict
 else
 LD	= $(CROSSPREFIX)gcc
 RC	= $(CROSSPREFIX)windres
-LDFLAGS	= -s -shared -Wl,--out-implib,$(TARGET)dll.a
+LDFLAGS	= -s -shared -Wl,--output-def,$(TARGET).def,--out-implib,$(TARGET)dll.a
 AR	= $(CROSSPREFIX)ar
 ARFLAGS	= -cq
 LIBEXT	= a
@@ -126,17 +135,44 @@ CFLAGS	+= -Wall # -pedantic
 endif
 
 INCLUDES = -I. -I../include
-INCLUDES += -I$(OPENSSL_PATH)/outinc -I$(OPENSSL_PATH)/outinc/openssl
 
-ifdef LINK_STATIC
-LDLIBS += $(OPENSSL_PATH)/out/libcrypto.$(LIBEXT) $(OPENSSL_PATH)/out/libssl.$(LIBEXT)
+ifndef OPENSSL_INCLUDE
+	ifeq "$(wildcard $(OPENSSL_PATH)/outinc)" "$(OPENSSL_PATH)/outinc"
+		OPENSSL_INCLUDE = $(OPENSSL_PATH)/outinc
+	endif
+	ifeq "$(wildcard $(OPENSSL_PATH)/include)" "$(OPENSSL_PATH)/include"
+		OPENSSL_INCLUDE = $(OPENSSL_PATH)/include
+	endif
+endif
+ifneq "$(wildcard $(OPENSSL_INCLUDE)/openssl/opensslv.h)" "$(OPENSSL_INCLUDE)/openssl/opensslv.h"
+$(error Invalid OPENSSL_PATH: $(OPENSSL_PATH))
+endif
+INCLUDES += -I"$(OPENSSL_INCLUDE)"
+ifndef OPENSSL_LIBPATH
+	OPENSSL_LIBS_STAT = crypto ssl
+	ifeq "$(wildcard $(OPENSSL_PATH)/out)" "$(OPENSSL_PATH)/out"
+		OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
+		OPENSSL_LIBS_DYN = eay32 ssl32
+	endif
+	ifeq "$(wildcard $(OPENSSL_PATH)/lib)" "$(OPENSSL_PATH)/lib"
+		OPENSSL_LIBPATH = $(OPENSSL_PATH)/lib
+		OPENSSL_LIBS_DYN = crypto.dll ssl.dll
+	endif
+endif
+ifdef LINK_OPENSSL_STATIC
+	LDLIBS += $(patsubst %,$(OPENSSL_LIBPATH)/lib%.$(LIBEXT), $(OPENSSL_LIBS_STAT)) -lgdi32
 else
-LDLIBS += $(OPENSSL_PATH)/out/libeay32.$(LIBEXT) $(OPENSSL_PATH)/out/libssl32.$(LIBEXT)
+	LDLIBS += $(patsubst %,$(OPENSSL_LIBPATH)/lib%.$(LIBEXT), $(OPENSSL_LIBS_DYN))
 endif
 
 ifdef WITH_ZLIB
+	CFLAGS += -DLIBSSH2_HAVE_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
-	LDLIBS += $(ZLIB_PATH)/libz.$(LIBEXT)
+	ifdef LINK_ZLIB_STATIC
+		LDLIBS += $(ZLIB_PATH)/libz.$(LIBEXT)
+	else
+		LDLIBS += $(ZLIB_PATH)/libz.dll.$(LIBEXT)
+	endif
 endif
 
 CFLAGS	+= $(INCLUDES)
@@ -166,64 +202,68 @@ $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
 	$(CC) $(CFLAGS) -c $< -o $@
 
-$(OBJDIR)/version.inc: ../include/libssh2.h $(OBJDIR)
+$(OBJDIR)/version.inc: ../get_ver.awk ../include/libssh2.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../get_ver.awk $< > $@
+	@$(AWK) -f $^ > $@
 
 dist: all $(DISTDIR) $(DISTDIR)/readme.txt
-	@-$(MD) $(DISTDIR)$(DS)bin
-	@-$(CP) ..$(DS)INSTALL $(DISTDIR)
-	@-$(CP) ..$(DS)LICENSE $(DISTDIR)
-	@-$(CP) ..$(DS)README $(DISTDIR)
-	@$(CP) $(TARGET).dll $(DISTDIR)$(DS)bin
+	@$(call MKDIR, $(DISTDIR)/bin)
+	@$(call CP, ../AUTHORS, $(DISTDIR))
+	@$(call CP, ../COPYING, $(DISTDIR))
+	@$(call CP, ../INSTALL, $(DISTDIR))
+	@$(call CP, ../README, $(DISTDIR))
+	@$(call CP, ../RELEASE-NOTES, $(DISTDIR))
+	@$(call CP, $(TARGET).dll, $(DISTDIR)/bin)
 	@echo Creating $(DISTARC)
 	@$(ZIP) $(DISTARC) $(DISTDIR)/* < $(DISTDIR)/readme.txt
 
 dev: all $(DEVLDIR) $(DEVLDIR)/readme.txt
-	@-$(MD) $(DEVLDIR)$(DS)bin
-	@-$(MD)$(DEVLDIR)$(DS)include
-	@-$(MD) $(DEVLDIR)$(DS)win32
-	@-$(CP) ..$(DS)INSTALL $(DEVLDIR)
-	@-$(CP) ..$(DS)LICENSE $(DEVLDIR)
-	@-$(CP) ..$(DS)README $(DEVLDIR)
-	@$(CP) $(TARGET).dll $(DEVLDIR)$(DS)bin
-	@$(CP) ..$(DS)include$(DS)*.h $(DEVLDIR)$(DS)include
-	@$(CP) libssh2_config.h $(DEVLDIR)/include
-	@$(CP) *.$(LIBEXT) $(DEVLDIR)/win32
+	@$(call MKDIR, $(DEVLDIR)/bin)
+	@$(call MKDIR,$(DEVLDIR)/include)
+	@$(call MKDIR, $(DEVLDIR)/win32)
+	@$(call CP, ../AUTHORS, $(DEVLDIR))
+	@$(call CP, ../COPYING, $(DEVLDIR))
+	@$(call CP, ../INSTALL, $(DEVLDIR))
+	@$(call CP, ../README, $(DEVLDIR))
+	@$(call CP, ../RELEASE-NOTES, $(DEVLDIR))
+	@$(call CP, $(TARGET).dll, $(DEVLDIR)/bin)
+	@$(call CP, ../include/*.h, $(DEVLDIR)/include)
+	@$(call CP, libssh2_config.h, $(DEVLDIR)/include)
+	@$(call CP, *.$(LIBEXT), $(DEVLDIR)/win32)
 	@echo Creating $(DEVLARC)
 	@$(ZIP) $(DEVLARC) $(DEVLDIR)/* < $(DEVLDIR)/readme.txt
 
 distclean: clean
-	-$(RD) $(DISTDIR)
-	-$(RM) $(DISTARC)
+	$(call RMDIR, $(DISTDIR))
+	$(call DEL, $(DISTARC))
 
 devclean: clean
-	-$(RD) $(DEVLDIR)
-	-$(RM) $(DEVLARC)
+	$(call RMDIR, $(DEVLDIR))
+	$(call DEL, $(DEVLARC))
 
 objclean: all
-	-$(RD) $(OBJDIR)
+	$(call RMDIR, $(OBJDIR))
 
 testclean: clean
 	$(MAKE) -C test -f GNUmakefile clean
 
 clean:
-#	-$(RM) libssh2_config.h
-	-$(RM) $(TARGET).dll $(TARGET).$(LIBEXT) $(TARGET)dll.$(LIBEXT)
-	-$(RD) $(OBJDIR)
+#	$(call DEL, libssh2_config.h)
+	$(call DEL, $(TARGET).dll $(TARGET).def $(TARGET).$(LIBEXT) $(TARGET)dll.$(LIBEXT))
+	$(call RMDIR, $(OBJDIR))
 
 $(OBJDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(DISTDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(DEVLDIR):
-	@$(MD) $@
+	@$(call MKDIR, $@)
 
 $(TARGET).$(LIBEXT): $(OBJS)
 	@echo Creating $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	@$(AR) $(ARFLAGS) $@ $^
 ifdef RANLIB
 	@$(RANLIB) $@
@@ -231,7 +271,7 @@ endif
 
 $(TARGET).dll $(TARGET)dll.a: $(OBJL)
 	@echo Linking $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	@$(LD) $(LDFLAGS) $^ -o $@ $(LIBPATH) $(LDLIBS)
 
 

win32/Makefile.Watcom

@@ -64,13 +64,13 @@ CFLAGS += -d_WIN32_WINNT=0x0501 -dENABLE_IPV6
 !ifdef %zlib_root
 ZLIB_ROOT = $(%zlib_root)
 !else
-ZLIB_ROOT = ..\..\zlib-1.2.5
+ZLIB_ROOT = ..\..\zlib-1.2.7
 !endif
 
 !ifdef %openssl_root
 OPENSSL_ROOT = $(%openssl_root)
 !else
-OPENSSL_ROOT = ..\..\openssl-0.9.8r
+OPENSSL_ROOT = ..\..\openssl-0.9.8x
 !endif
 
 #!ifdef %use_zlib

win32/config.mk

@@ -1,10 +1,10 @@
 
 # Tweak these for your system
-OPENSSLINC=..\openssl-0.9.8q\inc32
-OPENSSLLIB=..\openssl-0.9.8q\out32dll
+OPENSSLINC=..\openssl-0.9.8x\inc32
+OPENSSLLIB=..\openssl-0.9.8x\out32dll
 
-ZLIBINC=-DLIBSSH2_HAVE_ZLIB=1 /I..\zlib-1.2.5
-ZLIBLIB=..\zlib-1.2.5
+ZLIBINC=-DLIBSSH2_HAVE_ZLIB=1 /I..\zlib-1.2.7
+ZLIBLIB=..\zlib-1.2.7
 
 !if "$(TARGET)" == ""
 TARGET=Release
@@ -21,8 +21,9 @@ DLLFLAGS=/DEBUG /LD
 
 CPPFLAGS=/nologo /GL /Zi /EHsc $(CPPFLAGS) /Iwin32 /Iinclude /I$(OPENSSLINC) $(ZLIBINC) -DLIBSSH2_WIN32
 CFLAGS=$(CPPFLAGS)
+RCFLAGS=/Iinclude
 DLLFLAGS=$(CFLAGS) $(DLLFLAGS)
-LIBS=$(OPENSSLLIB)\libeay32.lib $(OPENSSLLIB)\ssleay32.lib ws2_32.lib $(ZLIBLIB)\zlib.lib
+LIBS=$(OPENSSLLIB)\libeay32.lib $(OPENSSLLIB)\ssleay32.lib ws2_32.lib user32.lib $(ZLIBLIB)\zlib.lib
 
 INTDIR=$(TARGET)\$(SUBDIR)
 

win32/libssh2_config.h

@@ -15,6 +15,7 @@
 #define HAVE_UNISTD_H
 #define HAVE_INTTYPES_H
 #define HAVE_SYS_TIME_H
+#define HAVE_GETTIMEOFDAY
 #endif
 
 #define HAVE_WINSOCK2_H
@@ -34,9 +35,6 @@
 #define strcasecmp stricmp
 #endif /* _MSC_VER */
 
-/* Compile in zlib support */
-#define LIBSSH2_HAVE_ZLIB 1
-
 /* Enable newer diffie-hellman-group-exchange-sha1 syntax */
 #define LIBSSH2_DH_GEX_NEW 1
 

win32/test/GNUmakefile

@@ -9,12 +9,12 @@
 
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../../zlib-1.2.5
+ZLIB_PATH = ../../../zlib-1.2.7
 endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8r
+OPENSSL_PATH = ../../../openssl-0.9.8x
 endif
 
 # Edit the var below to set to your architecture or set environment var.
@@ -28,8 +28,6 @@ LINK_STATIC = 1
 # Edit the vars below to change target settings.
 SAMPLES	= ../../example
 TARGETS := $(filter-out x11.exe,$(patsubst $(SAMPLES)/%.c,%.exe,$(strip $(wildcard $(SAMPLES)/*.c))))
-VERSION	= $(LIBSSH2_VERSION)
-COPYR   = (c) $(LIBSSH2_COPYRIGHT_STR)
 WWWURL	= http://www.libssh2.org/
 DESCR	= libssh2 $(subst .rc,,$(notdir $@)) $(LIBSSH2_VERSION_STR)
 #STACK	= 64000
@@ -48,29 +46,39 @@ else
 	OBJDIR	= debug
 endif
 
-# Include the version info retrieved from libssh2.h
--include $(OBJDIR)/version.inc
-
-ifeq ($(findstring /sh,$(SHELL)),/sh)
-CP      = cp -afv
-# RM    = rm -f
-MD      = mkdir
-RD      = rm -fr
-DL      = '
-DS      = /
-else
-CP      = copy
-RM      = del /q /f 2>NUL
-MD      = md
-RD      = rd /q /s 2>NUL
-XX      =
-DS      = $(XX)\$(XX)
-endif
 # Here you can find a native Win32 binary of the original awk:
 # http://www.gknw.net/development/prgtools/awk-20100523.zip
 AWK     = awk
 ZIP     = zip -qzr9
 
+# Platform-dependent helper tool macros
+ifeq ($(findstring /sh,$(SHELL)),/sh)
+DEL	= rm -f $1
+RMDIR	= rm -fr $1
+MKDIR	= mkdir -p $1
+COPY	= -cp -afv $1 $2
+#COPYR	= -cp -afr $1/* $2
+COPYR	= -rsync -aC $1/* $2
+TOUCH	= touch $1
+CAT	= cat
+ECHONL	= echo ""
+DL	= '
+else
+ifeq "$(OS)" "Windows_NT"
+DEL	= -del 2>NUL /q /f $(subst /,\,$1)
+RMDIR	= -rd 2>NUL /q /s $(subst /,\,$1)
+else
+DEL	= -del 2>NUL $(subst /,\,$1)
+RMDIR	= -deltree 2>NUL /y $(subst /,\,$1)
+endif
+MKDIR	= -md 2>NUL $(subst /,\,$1)
+COPY	= -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
+COPYR	= -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
+TOUCH	= copy 2>&1>NUL /b $(subst /,\,$1) +,,
+CAT	= type
+ECHONL	= $(ComSpec) /c echo.
+endif
+
 # The following line defines your compiler.
 ifdef METROWERKS
 	CC = mwcc
@@ -78,8 +86,11 @@ else
 	CC = $(CROSSPREFIX)gcc
 endif
 
+# Include the version info retrieved from libssh2.h
+-include $(OBJDIR)/version.inc
+
 # Global flags for all compilers
-CFLAGS	= $(OPT) -D$(DB) -DWIN32 -DLIBSSH2_WIN32 # -DHAVE_CONFIG_H
+CFLAGS	= $(OPT) -D$(DB) -DLIBSSH2_WIN32 # -DHAVE_CONFIG_H
 ifeq ($(ARCH),w64)
 CFLAGS  += -D_AMD64_
 endif
@@ -113,26 +124,53 @@ CFLAGS	+= -Wall #-Wno-unused #-pedantic
 endif
 
 INCLUDES = -I.. -I../../include
-INCLUDES += -I$(OPENSSL_PATH)/outinc -I$(OPENSSL_PATH)/outinc/openssl
-#LIBPATH += -L$(OPENSSL_PATH)/out
 LIBPATH += -L..
 
 ifdef LINK_STATIC
 	LDLIBS += -llibssh2
-	#LDLIBS += $(OPENSSL_PATH)/out/libcrypto.$(LIBEXT) $(OPENSSL_PATH)/out/libssl.$(LIBEXT)
 else
 	LDLIBS += -llibssh2dll
-	#LDLIBS += $(OPENSSL_PATH)/out/libeay32.$(LIBEXT) $(OPENSSL_PATH)/out/libssl32.$(LIBEXT)
+endif
+
+ifndef OPENSSL_INCLUDE
+	ifeq "$(wildcard $(OPENSSL_PATH)/outinc)" "$(OPENSSL_PATH)/outinc"
+		OPENSSL_INCLUDE = $(OPENSSL_PATH)/outinc
+	endif
+	ifeq "$(wildcard $(OPENSSL_PATH)/include)" "$(OPENSSL_PATH)/include"
+		OPENSSL_INCLUDE = $(OPENSSL_PATH)/include
+	endif
+endif
+ifneq "$(wildcard $(OPENSSL_INCLUDE)/openssl/opensslv.h)" "$(OPENSSL_INCLUDE)/openssl/opensslv.h"
+$(error Invalid OPENSSL_PATH: $(OPENSSL_PATH))
+endif
+INCLUDES += -I"$(OPENSSL_INCLUDE)"
+ifndef OPENSSL_LIBPATH
+	OPENSSL_LIBS_STAT = crypto ssl
+	ifeq "$(wildcard $(OPENSSL_PATH)/out)" "$(OPENSSL_PATH)/out"
+		OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
+		OPENSSL_LIBS_DYN = eay32 ssl32
+	endif
+	ifeq "$(wildcard $(OPENSSL_PATH)/lib)" "$(OPENSSL_PATH)/lib"
+		OPENSSL_LIBPATH = $(OPENSSL_PATH)/lib
+		OPENSSL_LIBS_DYN = crypto.dll ssl.dll
+	endif
+endif
+ifdef LINK_STATIC
+ifdef LINK_OPENSSL_STATIC
+	LDLIBS += $(patsubst %,$(OPENSSL_LIBPATH)/lib%.$(LIBEXT), $(OPENSSL_LIBS_STAT)) -lgdi32
+else
+	LDLIBS += $(patsubst %,$(OPENSSL_LIBPATH)/lib%.$(LIBEXT), $(OPENSSL_LIBS_DYN))
+endif
 endif
 
 ifdef WITH_ZLIB
+	CFLAGS += -DLIBSSH2_HAVE_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
-	#LIBPATH = -L$(ZLIB_PATH)
-#ifdef LINK_STATIC
-#	LDLIBS += $(ZLIB_PATH)/libz.$(LIBEXT)
-#else
-#	LDLIBS += $(ZLIB_PATH)/libzdll.$(LIBEXT)
-#endif
+	ifdef LINK_ZLIB_STATIC
+		LDLIBS += $(ZLIB_PATH)/libz.$(LIBEXT)
+	else
+		LDLIBS += $(ZLIB_PATH)/libzdll.$(LIBEXT)
+	endif
 endif
 
 CFLAGS	+= $(INCLUDES)
@@ -155,17 +193,17 @@ $(OBJDIR)/version.inc: ../../include/libssh2.h $(OBJDIR)
 	@$(AWK) -f ../../get_ver.awk $< > $@
 
 objclean:
-	-$(RD) $(OBJDIR)
+	$(call RMDIR, $(OBJDIR))
 
 clean: objclean
-	-$(RM) $(TARGETS)
+	$(call DEL, $(TARGETS))
 
 $(OBJDIR):
-	$(MD) $@
+	$(call MKDIR, $@)
 
 %.exe: $(OBJDIR)/%.o $(OBJDIR)/%.res
 	@echo Linking $@
-	@-$(RM) $@
+	@$(call DEL, $@)
 	$(LD) $(LDFLAGS) $^ -o $@ $(LIBPATH) $(LDLIBS)
 
 $(OBJDIR)/%.res: $(OBJDIR)/%.rc
@@ -186,7 +224,7 @@ $(OBJDIR)/%.rc: GNUmakefile $(OBJDIR)/version.inc
 	@echo $(DL)  BEGIN$(DL) >> $@
 	@echo $(DL)    BLOCK "040904E4"$(DL) >> $@
 	@echo $(DL)    BEGIN$(DL) >> $@
-	@echo $(DL)      VALUE "LegalCopyright","$(COPYR)\0"$(DL) >> $@
+	@echo $(DL)      VALUE "LegalCopyright","\xA9 $(LIBSSH2_COPYRIGHT_STR)\0"$(DL) >> $@
 ifdef COMPANY
 	@echo $(DL)      VALUE "CompanyName","$(COMPANY)\0"$(DL) >> $@
 endif