web: the site is now HTTPS

As otherwise we get far too small numbers.

Reported-by: Andreas Schneider

CVE-2016-0787

CMakeLists.txt

@@ -38,7 +38,7 @@ cmake_minimum_required(VERSION 2.8.11)
 set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake)
 
 project(libssh2 C)
-set(PROJECT_URL "http://www.libssh2.org/")
+set(PROJECT_URL "https://www.libssh2.org/")
 set(PROJECT_DESCRIPTION "The SSH library")
 
 option(BUILD_SHARED_LIBS "Build Shared Libraries" OFF)

Makefile.am

@@ -32,8 +32,20 @@ win32/libssh2_config.h win32/config.mk win32/rules.mk		\
 win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP)	\
 win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc
 
+OS400FILES = os400/README400 os400/initscript.sh os400/make.sh		\
+os400/make-src.sh os400/make-rpg.sh os400/make-include.sh		\
+os400/os400sys.c os400/ccsid.c						\
+os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h		\
+os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h	\
+os400/libssh2rpg/libssh2.rpgle.in					\
+os400/libssh2rpg/libssh2_ccsid.rpgle.in					\
+os400/libssh2rpg/libssh2_publickey.rpgle				\
+os400/libssh2rpg/libssh2_sftp.rpgle					\
+Makefile.os400qc3.inc
+
 EXTRA_DIST = $(WIN32FILES) buildconf $(NETWAREFILES) get_ver.awk \
- maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath
+ maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \
+ CMakeLists.txt cmake $(OS400FILES)
 
 ACLOCAL_AMFLAGS = -I m4
 

Makefile.os400qc3.inc

@@ -0,0 +1,2 @@
+CRYPTO_CSOURCES = os400qc3.c
+CRYPTO_HHEADERS = os400qc3.h

RELEASE-NOTES

@@ -1,45 +1,56 @@
-libssh2 1.6.0
+libssh2 1.7.0
 
 This release includes the following changes:
 
- o Added CMake build system
+ o libssh2_session_set_last_error: Add function
- o Added libssh2_userauth_publickey_frommemory()
+ o mac: Add support for HMAC-SHA-256 and HMAC-SHA-512
+ o WinCNG: support for SHA256/512 HMAC
+ o kex: Added diffie-hellman-group-exchange-sha256 support
+ o OS/400 crypto library QC3 support
+
+This release includes the following security advisory:
+
+ o diffie_hellman_sha256: convert bytes to bits
+   CVE-2016-0787: http://www.libssh2.org/adv_20160223.html
 
 This release includes the following bugfixes:
 
- o wait_socket: wrong use of difftime() [1]
+ o SFTP: Increase speed and datasize in SFTP read
- o userauth: Fixed prompt text no longer being copied to the prompts struct
+ o openssl: make libssh2_sha1 return error code
- o mingw build: allow to pass custom CFLAGS
+ o openssl: fix memleak in _libssh2_dsa_sha1_verify()
- o Let mansyntax.sh work regardless of where it is called from
+ o cmake: include CMake files in the release tarballs
- o Init HMAC_CTX before using it
+ o Fix builds with Visual Studio 2015
- o direct_tcpip: Fixed channel write
+ o hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined
- o WinCNG: fixed backend breakage
+ o GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS
- o OpenSSL: caused by introducing libssh2_hmac_ctx_init
+ o GNUmakefile: add -m64 CFLAGS when targeting mingw64
- o userauth.c: fix possible dereferences of a null pointer
+ o kex: free server host key before allocating it (again)
- o wincng: Added explicit clear memory feature to WinCNG backend
+ o SCP: add libssh2_scp_recv2 to support large (> 2GB) files on windows
- o openssl.c: fix possible segfault in case EVP_DigestInit fails
+ o channel: Detect bad usage of libssh2_channel_process_startup
- o wincng: fix return code of libssh2_md5_init()
+ o userauth: Fix off by one error when reading public key file
- o kex: do not ignore failure of libssh2_sha1_init()
+ o kex: removed dupe entry from libssh2_kex_methods
- o scp: fix that scp_send may transmit not initialised memory [3]
+ o _libssh2_error: Support allocating the error message
- o scp.c: improved command length calculation
+ o hostkey: fix invalid memory access if libssh2_dsa_new fails
- o nonblocking examples: fix warning about unused tvdiff on Mac OS X
+ o hostkey: align code path of ssh_rsa_init to ssh_dss_init
- o configure: make clear-memory default but WARN if backend unsupported
+ o libssh2.pc.in: fix the output of pkg-config --libs
- o OpenSSL: Enable use of OpenSSL that doesn't have DSA
+ o wincng: fixed possible memory leak in _libssh2_wincng_hash
- o OpenSSL: Use correct no-blowfish #define
+ o wincng: fixed _libssh2_wincng_hash_final return value
- o kex: fix libgcrypt memory leaks of bignum [2]
+ o add OpenSSL 1.1.0-pre2 compatibility
- o libssh2_channel_open: more detailed error message
+ o agent_disconnect_unix: unset the agent fd after closing it
- o wincng: fixed memleak in (block) cipher destructor
+ o sftp: stop reading when buffer is full
- 
+ o sftp: Send at least one read request before reading
+ o sftp: Don't return EAGAIN if data was written to buffer
+ o sftp: Check read packet file offset
+ o configure: build "silent" if possible
+ o openssl: add OpenSSL 1.1.0-pre3-dev compatibility
+ o GNUmakefile: list system libs after user libs
  
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Alexander Lamaison, Daniel Stenberg, David Calavera, Hannes Domani,
+  Alexander Lamaison, Andreas Schneider, brian m. carlson, Daniel Stenberg,
-  Jakob Egger, Joe Turpin, Marc Hoersken, Viktor Szakáts, Will Cosgrove,
+  David Byron, Jakob Egger, Kamil Dudka, Marc Hoersken, Mizunashi Mana,
-  (9 contributors)
+  Patrick Monnerat, Paul Howarth, Salvador Fandino, Salvador Fandiño,
+  Salvador Fandiño, Viktor Szakats, Will Cosgrove,
+  (16 contributors)
 
         Thanks! (and sorry if I forgot to mention someone)
-
- [1] = https://github.com/bagder/libssh2/issues/1
- [2] = https://trac.libssh2.org/ticket/168
- [3] = https://trac.libssh2.org/ticket/244

appveyor.yml

@@ -1,5 +1,5 @@
 # Copyright (c) 2014, Ruslan Baratov
-# Copyright (c) 2014, Alexander Lamaison
+# Copyright (c) 2014, 2016 Alexander Lamaison
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -23,27 +23,52 @@
 # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+os: Visual Studio 2015
+
 environment:
   matrix:
-    - GENERATOR: "Visual Studio 12"
+    - GENERATOR: "Visual Studio 14 2015"
       BUILD_SHARED_LIBS: ON
 
-    - GENERATOR: "Visual Studio 12"
+    - GENERATOR: "Visual Studio 14 2015"
       BUILD_SHARED_LIBS: OFF
 
-    - GENERATOR: "Visual Studio 11"
+    - GENERATOR: "Visual Studio 12 2013"
       BUILD_SHARED_LIBS: ON
 
-    - GENERATOR: "Visual Studio 11"
+    - GENERATOR: "Visual Studio 12 2013"
+      BUILD_SHARED_LIBS: OFF
+
+    - GENERATOR: "Visual Studio 11 2012"
+      BUILD_SHARED_LIBS: ON
+
+    - GENERATOR: "Visual Studio 11 2012"
+      BUILD_SHARED_LIBS: OFF
+
+    - GENERATOR: "Visual Studio 10 2010"
+      BUILD_SHARED_LIBS: ON
+
+    - GENERATOR: "Visual Studio 10 2010"
+      BUILD_SHARED_LIBS: OFF
+
+    - GENERATOR: "Visual Studio 9 2008"
+      BUILD_SHARED_LIBS: ON
+
+    - GENERATOR: "Visual Studio 9 2008"
       BUILD_SHARED_LIBS: OFF
 
 platform:
   - x86
   - x64
 
-# configuration:
+configuration:
 # - Debug
-#   - Release
+  - Release
+
+matrix:
+  allow_failures:
+    - GENERATOR: "Visual Studio 9 2008"
+      platform: x64
 
 build_script:
   - ps: if($env:PLATFORM -eq "x64") { $env:CMAKE_GEN_SUFFIX=" Win64" }
@@ -52,8 +77,8 @@ build_script:
 
 test_script:
   - ps: cd _builds
-  - ctest -VV -C "%CONFIGURATION%" --output-on-failure
+  - ctest -VV -C "%CONFIGURATION%" -E ssh2 --output-on-failure
 
 on_failure:
-  - ps: cat _builds/CMakeFiles/CMakeOutput.log
+  - ps: if (Test-Path _builds/CMakeFiles/CMakeOutput.log) { cat _builds/CMakeFiles/CMakeOutput.log }
-  - ps: cat _builds/CMakeFiles/CMakeError.log
+  - ps: if (Test-Path _builds/CMakeFiles/CMakeError.log) { cat _builds/CMakeFiles/CMakeError.log }

configure.ac

@@ -4,6 +4,7 @@ AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([src])
 AC_CONFIG_HEADERS([src/libssh2_config.h example/libssh2_config.h])
 AM_MAINTAINER_MODE
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 
 dnl SED is needed by some of the tools
 AC_PATH_PROG( SED, sed, sed-was-not-found-by-configure,
@@ -160,6 +161,8 @@ if test "$ac_cv_libbcrypt" = "yes"; then
 fi
 AM_CONDITIONAL(WINCNG, test "$ac_cv_libbcrypt" = "yes")
 
+AM_CONDITIONAL(OS400QC3, false)
+
 # Check if crypto library was found
 if test "$found_crypto" = "none"; then
   AC_MSG_ERROR([No crypto library found!

docs/CMakeLists.txt

@@ -119,6 +119,7 @@ set(MAN_PAGES
   libssh2_publickey_remove_ex.3
   libssh2_publickey_shutdown.3
   libssh2_scp_recv.3
+  libssh2_scp_recv2.3
   libssh2_scp_send.3
   libssh2_scp_send64.3
   libssh2_scp_send_ex.3
@@ -138,6 +139,7 @@ set(MAN_PAGES
   libssh2_session_init_ex.3
   libssh2_session_last_errno.3
   libssh2_session_last_error.3
+  libssh2_session_set_last_error.3
   libssh2_session_method_pref.3
   libssh2_session_methods.3
   libssh2_session_set_blocking.3

docs/HACKING.CRYPTO

@@ -0,0 +1,593 @@
+	Definitions needed to implement a specific crypto library
+
+This document offers some hints about implementing a new crypto library
+interface.
+
+A crypto library interface consists of at least a header file, defining
+entities referenced from the libssh2 core modules.
+Real code implementation (if needed), is left at the implementor's choice.
+
+This document lists the entities that must/may be defined in the header file.
+
+Procedures listed as "void" may indeed have a result type: the void indication
+indicates the libssh2 core modules never use the function result.
+
+
+1) Crypto library initialization/termination.
+
+void libssh2_crypto_init(void);
+Initializes the crypto library. May be an empty macro if not needed.
+
+void libssh2_crypto_exit(void);
+Terminates the crypto library use. May be an empty macro if not needed.
+
+
+2) HMAC
+
+libssh2_hmac_ctx
+Type of an HMAC computation context. Generally a struct.
+Used for all hash algorithms.
+
+void libssh2_hmac_ctx_init(libssh2_hmac_ctx ctx);
+Initializes the HMAC computation context ctx.
+Called before setting-up the hash algorithm.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_hmac_update(libssh2_hmac_ctx ctx,
+	                 const unsigned char *data,
+	                 int datalen);
+Continue computation of an HMAC on datalen bytes at data using context ctx.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_hmac_final(libssh2_hmac_ctx ctx,
+	                unsigned char output[]);
+Get the computed HMAC from context ctx into the output buffer. The
+minimum data buffer size depends on the HMAC hash algorithm.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_hmac_cleanup(libssh2_hmac_ctx *ctx);
+Releases the HMAC computation context at ctx.
+
+
+3) Hash algorithms.
+
+3.1) SHA-1
+Must always be implemented.
+
+SHA_DIGEST_LENGTH
+#define to 20, the SHA-1 digest length.
+
+libssh2_sha1_ctx
+Type of an SHA1 computation context. Generally a struct.
+
+int libssh2_sha1_init(libssh2_sha1_ctx *x);
+Initializes the SHA-1 computation context at x.
+Returns 1 for success and 0 for failure
+
+void libssh2_sha1_update(libssh2_sha1_ctx ctx,
+	                 const unsigned char *data,
+	                 size_t len);
+Continue computation of SHA-1 on len bytes at data using context ctx.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_sha1_final(libssh2_sha1_ctx ctx,
+                        unsigned char output[SHA1_DIGEST_LEN]);
+Get the computed SHA-1 signature from context ctx and store it into the
+output buffer.
+Release the context.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx,
+	                    const void *key,
+	                    int keylen);
+Setup the HMAC computation context ctx for an HMAC-SHA-1 computation using the
+keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().
+
+3.2) SHA-256
+Must always be implemented.
+
+SHA256_DIGEST_LENGTH
+#define to 32, the SHA-256 digest length.
+
+libssh2_sha256_ctx
+Type of an SHA-256 computation context. Generally a struct.
+
+int libssh2_sha256_init(libssh2_sha256_ctx *x);
+Initializes the SHA-256 computation context at x.
+Returns 1 for success and 0 for failure
+
+void libssh2_sha256_update(libssh2_sha256_ctx ctx,
+	                   const unsigned char *data,
+	                   size_t len);
+Continue computation of SHA-256 on len bytes at data using context ctx.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_sha256_final(libssh2_sha256_ctx ctx,
+	                  unsigned char output[SHA256_DIGEST_LENGTH]);
+Gets the computed SHA-256 signature from context ctx into the output buffer.
+Release the context.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+int libssh2_sha256(const unsigned char *message,
+                   unsigned long len,
+                   unsigned char output[SHA256_DIGEST_LENGTH]);
+Computes the SHA-256 signature over the given message of length len and
+store the result into the output buffer.
+Return 1 if error, else 0.
+Note: Seems unused in current code, but defined in each crypto library backend.
+
+LIBSSH2_HMAC_SHA256
+#define as 1 if the crypto library supports HMAC-SHA-256, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+void libssh2_hmac_sha256_init(libssh2_hmac_ctx *ctx,
+	                      const void *key,
+	                      int keylen);
+Setup the HMAC computation context ctx for an HMAC-256 computation using the
+keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().
+
+3.3) SHA-512
+LIBSSH2_HMAC_SHA512
+#define as 1 if the crypto library supports HMAC-SHA-512, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+SHA512_DIGEST_LENGTH
+#define to 64, the SHA-512 digest length.
+
+void libssh2_hmac_sha512_init(libssh2_hmac_ctx *ctx,
+	                      const void *key,
+	                      int keylen);
+Setup the HMAC computation context ctx for an HMAC-512 computation using the
+keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().
+
+3.4) MD5
+LIBSSH2_MD5
+#define to 1 if the crypto library supports MD5, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+MD5_DIGEST_LENGTH
+#define to 16, the MD5 digest length.
+
+libssh2_md5_ctx
+Type of an MD5 computation context. Generally a struct.
+
+int libssh2_md5_init(libssh2_md5_ctx *x);
+Initializes the MD5 computation context at x.
+Returns 1 for success and 0 for failure
+
+void libssh2_md5_update(libssh2_md5_ctx ctx,
+	                const unsigned char *data,
+	                size_t len);
+Continues computation of MD5 on len bytes at data using context ctx.
+Returns 1 for success and 0 for failure.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_md5_final(libssh2_md5_ctx ctx,
+	               unsigned char output[MD5_DIGEST_LENGTH]);
+Gets the computed MD5 signature from context ctx into the output buffer.
+Release the context.
+Note: if the ctx parameter is modified by the underlying code,
+this procedure must be implemented as a macro to map ctx --> &ctx.
+
+void libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx,
+	                   const void *key,
+	                   int keylen);
+Setup the HMAC computation context ctx for an HMAC-MD5 computation using the
+keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().
+
+3.5) RIPEMD-160
+LIBSSH2_HMAC_RIPEMD
+#define as 1 if the crypto library supports HMAC-RIPEMD-160, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+void libssh2_hmac_ripemd160_init(libssh2_hmac_ctx *ctx,
+	                         const void *key,
+	                         int keylen);
+Setup the HMAC computation context ctx for an HMAC-RIPEMD-160 computation using
+the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().
+Returns 1 for success and 0 for failure.
+
+
+4) Bidirectional Key ciphers.
+
+_libssh2_cipher_ctx
+Type of a cipher computation context.
+
+_libssh2_cipher_type(name);
+Macro defining name as storage identifying a cipher algorithm for
+the crypto library interface. No trailing semicolon.
+
+int _libssh2_cipher_init(_libssh2_cipher_ctx *h,
+                         _libssh2_cipher_type(algo),
+                         unsigned char *iv,
+                         unsigned char *secret,
+                         int encrypt);
+Creates a cipher context for the given algorithm with the initialization vector
+iv and the secret key secret. Prepare for encryption or decryption depending on
+encrypt.
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx,
+                          _libssh2_cipher_type(algo),
+                          int encrypt,
+                          unsigned char *block,
+                          size_t blocksize);
+Encrypt or decrypt in-place data at (block, blocksize) using the given
+context and/or algorithm.
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+void _libssh2_cipher_dtor(_libssh2_cipher_ctx *ctx);
+Release cipher context at ctx.
+
+4.1) AES
+4.1.1) AES in CBC block mode.
+LIBSSH2_AES
+#define as 1 if the crypto library supports AES in CBC mode, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+_libssh2_cipher_aes128
+AES-128-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+_libssh2_cipher_aes192
+AES-192-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+_libssh2_cipher_aes256
+AES-256-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+4.1.2) AES in CTR block mode.
+LIBSSH2_AES_CTR
+#define as 1 if the crypto library supports AES in CTR mode, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+void _libssh2_init_aes_ctr(void);
+Initialize static AES CTR ciphers.
+This procedure is already prototyped in crypto.h.
+
+_libssh2_cipher_aes128ctr
+AES-128-CTR algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+_libssh2_cipher_aes192ctr
+AES-192-CTR algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+_libssh2_cipher_aes256ctr
+AES-256-CTR algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+4.2) Blowfish in CBC block mode.
+LIBSSH2_BLOWFISH
+#define as 1 if the crypto library supports blowfish in CBC mode, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+_libssh2_cipher_blowfish
+Blowfish-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+4.3) RC4.
+LIBSSH2_RC4
+#define as 1 if the crypto library supports RC4 (arcfour), else 0.
+If defined as 0, the rest of this section can be omitted.
+
+_libssh2_cipher_arcfour
+RC4 algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+4.4) CAST5 in CBC block mode.
+LIBSSH2_CAST
+#define 1 if the crypto library supports cast, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+_libssh2_cipher_cast5
+CAST5-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+4.5) Tripple DES in CBC block mode.
+LIBSSH2_3DES
+#define as 1 if the crypto library supports TripleDES in CBC mode, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+_libssh2_cipher_3des
+TripleDES-CBC algorithm identifier initializer.
+#define with constant value of type _libssh2_cipher_type().
+
+
+5) Big numbers.
+Positive multi-byte integers support is sufficient.
+
+5.1) Computation contexts.
+This has a real meaning if the big numbers computations need some context
+storage. If not, use a dummy type and functions (macros).
+
+_libssh2_bn_ctx
+Type of multiple precision computation context. May not be empty. if not used,
+#define as char, for example.
+
+libssh2_bn_ctx _libssh2_bn_ctx_new(void);
+Returns a new multiple precision computation context.
+
+void _libssh2_bn_ctx_free(_libssh2_bn_ctx ctx);
+Releases a multiple precision computation context.
+
+5.2) Computation support.
+_libssh2_bn
+Type of multiple precision numbers (aka bignumbers or huge integers) for the
+crypto library.
+
+_libssh2_bn * _libssh2_bn_init(void);
+Creates a multiple precision number (preset to zero).
+
+_libssh2_bn * _libssh2_bn_init_from_bin(void);
+Create a multiple precision number intended to be set by the
+_libssh2_bn_from_bin() function (see below). Unlike _libssh2_bn_init(), this
+code may be a dummy initializer if the _libssh2_bn_from_bin() actually
+allocates the number. Returns a value of type _libssh2_bn *.
+
+void _libssh2_bn_free(_libssh2_bn *bn);
+Destroys the multiple precision number at bn.
+
+unsigned long _libssh2_bn_bytes(libssh2_bn *bn);
+Get the number of bytes needed to store the bits of the multiple precision
+number at bn.
+
+unsigned long _libssh2_bn_bits(_libssh2_bn *bn);
+Returns the number of bits of multiple precision number at bn.
+
+int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val);
+Sets the value of bn to val.
+Returns 1 on success, 0 otherwise.
+
+_libssh2_bn * _libssh2_bn_from_bin(_libssh2_bn *bn, int len,
+	                           const unsigned char *val);
+Converts the positive integer in big-endian form of length len at val
+into a _libssh2_bn and place it in bn. If bn is NULL, a new _libssh2_bn is
+created.
+Returns a pointer to target _libssh2_bn or NULL if error.
+
+int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val);
+Converts the absolute value of bn into big-endian form and store it at
+val. val must point to _libssh2_bn_bytes(bn) bytes of memory.
+Returns the length of the big-endian number.
+
+void _libssh2_bn_rand(_libssh2_bn *bn, int bits, int top, int bottom);
+Generates a cryptographically strong pseudo-random number of bits in
+length and stores it in bn. If top is -1, the most significant bit of the
+random number can be zero. If top is 0, it is set to 1, and if top is 1, the
+two most significant bits of the number will be set to 1, so that the product
+of two such random numbers will always have 2*bits length. If bottom is true,
+the number will be odd.
+
+void _libssh2_bn_mod_exp(_libssh2_bn *r, _libssh2_bn *a,
+	                 _libssh2_bn *p, _libssh2_bn *m,
+	                 _libssh2_bn_ctx *ctx);
+Computes a to the p-th power modulo m and stores the result into r (r=a^p % m).
+May use the given context.
+
+
+6) Private key algorithms.
+Format of an RSA public key:
+a) "ssh-rsa".
+b) RSA exponent, MSB first, with high order bit = 0.
+c) RSA modulus, MSB first, with high order bit = 0.
+Each item is preceded by its 32-bit byte length, MSB first.
+
+Format of a DSA public key:
+a) "ssh-dss".
+b) p, MSB first, with high order bit = 0.
+c) q, MSB first, with high order bit = 0.
+d) g, MSB first, with high order bit = 0.
+e) pub_key, MSB first, with high order bit = 0.
+Each item is preceded by its 32-bit byte length, MSB first.
+
+int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
+                              unsigned char **method,
+                              size_t *method_len,
+                              unsigned char **pubkeydata,
+                              size_t *pubkeydata_len,
+                              const char *privatekey,
+                              const char *passphrase);
+Reads a private key from file privatekey and extract the public key -->
+(pubkeydata, pubkeydata_len). Store the associated method (ssh-rsa or ssh-dss)
+into (method, method_len).
+Both buffers have to be allocated using LIBSSH2_ALLOC().
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
+                                    unsigned char **method,
+                                    size_t *method_len,
+                                    unsigned char **pubkeydata,
+                                    size_t *pubkeydata_len,
+                                    const char *privatekeydata,
+                                    size_t privatekeydata_len,
+                                    const char *passphrase);
+Gets a private key from bytes at (privatekeydata, privatekeydata_len) and
+extract the public key --> (pubkeydata, pubkeydata_len). Store the associated
+method (ssh-rsa or ssh-dss) into (method, method_len).
+Both buffers have to be allocated using LIBSSH2_ALLOC().
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+6.1) RSA
+LIBSSH2_RSA
+#define as 1 if the crypto library supports RSA, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+libssh2_rsa_ctx
+Type of an RSA computation context. Generally a struct.
+
+int _libssh2_rsa_new(libssh2_rsa_ctx **rsa,
+                     const unsigned char *edata,
+                     unsigned long elen,
+                     const unsigned char *ndata,
+                     unsigned long nlen,
+                     const unsigned char *ddata,
+                     unsigned long dlen,
+                     const unsigned char *pdata,
+                     unsigned long plen,
+                     const unsigned char *qdata,
+                     unsigned long qlen,
+                     const unsigned char *e1data,
+                     unsigned long e1len,
+                     const unsigned char *e2data,
+                     unsigned long e2len,
+                     const unsigned char *coeffdata, unsigned long coefflen);
+Creates a new context for RSA computations from key source values:
+	pdata, plen	Prime number p. Only used if private key known (ddata).
+	qdata, qlen	Prime number q. Only used if private key known (ddata).
+	ndata, nlen	Modulus n.
+	edata, elen	Exponent e.
+	ddata, dlen	e^-1 % phi(n) = private key. May be NULL if unknown.
+	e1data, e1len	dp = d % (p-1). Only used if private key known (dtata).
+	e2data, e2len	dq = d % (q-1). Only used if private key known (dtata).
+	coeffdata, coefflen	q^-1 % p. Only used if private key known.
+Returns 0 if OK.
+This procedure is already prototyped in crypto.h.
+Note: the current generic code only calls this function with e and n (public
+key parameters): unless used internally by the backend, it is not needed to
+support the private key and the other parameters here.
+
+int _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa,
+                             LIBSSH2_SESSION *session,
+                             const char *filename,
+                             unsigned const char *passphrase);
+Reads an RSA private key from file filename into a new RSA context.
+Must call _libssh2_init_if_needed().
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
+                                        LIBSSH2_SESSION *session,
+                                        const char *data,
+					size_t data_len,
+                                        unsigned const char *passphrase);
+Gets an RSA private key from data into a new RSA context.
+Must call _libssh2_init_if_needed().
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
+                             const unsigned char *sig,
+                             unsigned long sig_len,
+                             const unsigned char *m, unsigned long m_len);
+Verify (sig, siglen) signature of (m, m_len) using an SHA-1 hash and the
+RSA context.
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_rsa_sha1_signv(LIBSSH2_SESSION *session,
+	                    unsigned char **sig, size_t *siglen,
+	                    int count, const struct iovec vector[],
+	                    libssh2_rsa_ctx *ctx);
+RSA signs the SHA-1 hash computed over the count data chunks in vector.
+Signature is stored at (sig, siglen).
+Signature buffer must be allocated from the given session.
+Returns 0 if OK, else -1.
+Note: this procedure is optional: if provided, it MUST be defined as a macro.
+
+int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION *session,
+                           libssh2_rsa_ctx *rsactx,
+                           const unsigned char *hash,
+                           size_t hash_len,
+                           unsigned char **signature,
+                           size_t *signature_len);
+RSA signs the (hash, hashlen) SHA-1 hash bytes and stores the allocated
+signature at (signature, signature_len).
+Signature buffer must be allocated from the given session.
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+Note: this procedure is not used if macro _libssh2_rsa_sha1_signv() is defined.
+
+void _libssh2_rsa_free(libssh2_rsa_ctx *rsactx);
+Releases the RSA computation context at rsactx.
+
+
+6.2) DSA
+LIBSSH2_DSA
+#define as 1 if the crypto library supports DSA, else 0.
+If defined as 0, the rest of this section can be omitted.
+
+
+libssh2_dsa_ctx
+Type of a DSA computation context. Generally a struct.
+
+int _libssh2_dsa_new(libssh2_dsa_ctx **dsa,
+                     const unsigned char *pdata,
+                     unsigned long plen,
+                     const unsigned char *qdata,
+                     unsigned long qlen,
+                     const unsigned char *gdata,
+                     unsigned long glen,
+                     const unsigned char *ydata,
+                     unsigned long ylen,
+                     const unsigned char *x, unsigned long x_len);
+Creates a new context for DSA computations from source key values:
+	pdata, plen	Prime number p. Only used if private key known (ddata).
+	qdata, qlen	Prime number q. Only used if private key known (ddata).
+	gdata, glen	G number.
+	ydata, ylen	Public key.
+	xdata, xlen	Private key. Only taken if xlen non-zero.
+Returns 0 if OK.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_dsa_new_private(libssh2_dsa_ctx **dsa,
+                             LIBSSH2_SESSION *session,
+                             const char *filename,
+                             unsigned const char *passphrase);
+Gets a DSA private key from file filename into a new DSA context.
+Must call _libssh2_init_if_needed().
+Return 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa,
+                                        LIBSSH2_SESSION *session,
+                                        const char *data,
+					size_t data_len,
+                                        unsigned const char *passphrase);
+Gets a DSA private key from the data_len-bytes data into a new DSA context.
+Must call _libssh2_init_if_needed().
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx *dsactx,
+                             const unsigned char *sig,
+                             const unsigned char *m, unsigned long m_len);
+Verify (sig, siglen) signature of (m, m_len) using an SHA1 hash and the
+DSA context.
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx *dsactx,
+                           const unsigned char *hash,
+                           unsigned long hash_len, unsigned char *sig);
+DSA signs the (hash, hash_len) data using SHA-1 and store the signature at sig.
+Returns 0 if OK, else -1.
+This procedure is already prototyped in crypto.h.
+
+void _libssh2_dsa_free(libssh2_dsa_ctx *dsactx);
+Releases the DSA computation context at dsactx.
+
+
+7) Miscellaneous
+
+void libssh2_prepare_iovec(struct iovec *vector, unsigned int len);
+Prepare len consecutive iovec slots before using them.
+In example, this is needed to preset unused structure slacks on platforms
+requiring it.
+If this is not needed, it should be defined as an empty macro.
+
+void _libssh2_random(unsigned char *buf, int len);
+Store len random bytes at buf.

docs/Makefile.am

@@ -1,7 +1,7 @@
 # $Id: Makefile.am,v 1.37 2009/03/26 15:41:15 bagder Exp $
 
 EXTRA_DIST = template.3 BINDINGS INSTALL_AUTOTOOLS INSTALL_CMAKE HACKING TODO	\
- AUTHORS
+ AUTHORS CMakeLists.txt HACKING.CRYPTO
 
 dist_man_MANS = \
 	libssh2_agent_connect.3 \
@@ -89,6 +89,7 @@ dist_man_MANS = \
 	libssh2_publickey_remove_ex.3 \
 	libssh2_publickey_shutdown.3 \
 	libssh2_scp_recv.3 \
+	libssh2_scp_recv2.3 \
 	libssh2_scp_send.3 \
 	libssh2_scp_send64.3 \
 	libssh2_scp_send_ex.3 \
@@ -109,6 +110,7 @@ dist_man_MANS = \
 	libssh2_session_init_ex.3 \
 	libssh2_session_last_errno.3 \
 	libssh2_session_last_error.3 \
+	libssh2_session_set_last_error.3 \
 	libssh2_session_method_pref.3 \
 	libssh2_session_methods.3 \
 	libssh2_session_set_blocking.3 \

docs/libssh2_scp_recv.3

@@ -8,6 +8,9 @@ LIBSSH2_CHANNEL *
 libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat *sb);
 
 .SH DESCRIPTION
+This function is \fBDEPRECATED\fP. Use \fIlibssh2_scp_recv2(3)\fP
+instead!
+
 \fIsession\fP - Session instance as returned by 
 .BR libssh2_session_init_ex(3)
 

docs/libssh2_scp_recv2.3

@@ -0,0 +1,32 @@
+.TH libssh2_scp_recv2 3 "29 Jun 2015" "libssh2 1.6.1" "libssh2 manual"
+.SH NAME
+libssh2_scp_recv2 - request a remote file via SCP
+.SH SYNOPSIS
+#include <libssh2.h>
+
+LIBSSH2_CHANNEL *
+libssh2_scp_recv2(LIBSSH2_SESSION *session, const char *path, struct_stat *sb);
+
+.SH DESCRIPTION
+\fIsession\fP - Session instance as returned by 
+.BR libssh2_session_init_ex(3)
+
+\fIpath\fP - Full path and filename of file to transfer. That is the remote
+file name.
+
+\fIsb\fP - Populated with remote file's size, mode, mtime, and atime
+
+Request a file from the remote host via SCP.
+.SH RETURN VALUE
+Pointer to a newly allocated LIBSSH2_CHANNEL instance, or NULL on errors.
+.SH ERRORS
+\fILIBSSH2_ERROR_ALLOC\fP -  An internal memory allocation call failed.
+
+\fILIBSSH2_ERROR_SCP_PROTOCOL\fP - 
+
+\fILIBSSH2_ERROR_EAGAIN\fP - Marked for non-blocking I/O but the call would
+block.
+.SH SEE ALSO
+.BR libssh2_session_init_ex(3)
+.BR libssh2_channel_open_ex(3)
+

docs/libssh2_session_last_errno.3

@@ -18,3 +18,4 @@ Numeric error code corresponding to the the Error Code constants.
 
 .SH SEE ALSO
 .BR libssh2_session_last_error(3)
+.BR libssh2_session_set_last_error(3)

docs/libssh2_session_last_error.3

@@ -29,3 +29,4 @@ Numeric error code corresponding to the the Error Code constants.
 
 .SH SEE ALSO
 .BR libssh2_session_last_errno(3)
+.BR libssh2_session_set_last_error(3)

docs/libssh2_session_set_last_error.3

@@ -0,0 +1,33 @@
+.TH libssh2_session_set_last_error 3 "26 Oct 2015" "libssh2 1.6.1" "libssh2 manual"
+.SH NAME
+libssh2_session_set_last_error - sets the internal error state
+.SH SYNOPSIS
+#include <libssh2.h>
+
+int
+libssh2_session_set_last_error(LIBSSH2_SESSION *session, int errcode, const char *errmsg)
+
+.SH DESCRIPTION
+\fIsession\fP - Session instance as returned by
+.BR libssh2_session_init_ex(3)
+
+\fIerrcode\fP - One of the error codes as defined in the public
+libssh2 header file.
+
+\fIerrmsg\fP - If not NULL, a copy of the given string is stored
+inside the session object as the error message.
+
+This function is provided for high level language wrappers
+(i.e. Python or Perl) and other libraries that may extend libssh2 with
+additional features while still relying on its error reporting
+mechanism.
+
+.SH RETURN VALUE
+Numeric error code corresponding to the the Error Code constants.
+
+.SH AVAILABILITY
+Added in 1.6.1
+
+.SH SEE ALSO
+.BR libssh2_session_last_error(3)
+.BR libssh2_session_last_errno(3)

example/CMakeLists.txt

@@ -34,7 +34,6 @@
 # OF SUCH DAMAGE.
 
 include(CheckIncludeFiles)
-include(CheckFunctionExists)
 include(CheckSymbolExists)
 include(CopyRuntimeDependencies)
 include(SocketLibraries)
@@ -88,10 +87,10 @@ check_include_files(arpa/inet.h HAVE_ARPA_INET_H)
 check_include_files(netinet/in.h HAVE_NETINET_IN_H)
 check_include_files(winsock2.h HAVE_WINSOCK2_H)
 
-check_function_exists(strcasecmp HAVE_STRCASECMP)
+check_symbol_exists(strcasecmp strings.h HAVE_STRCASECMP)
-check_function_exists(_stricmp HAVE__STRICMP)
+check_symbol_exists(_stricmp string.h HAVE__STRICMP)
-check_function_exists(snprintf HAVE_SNPRINTF)
+check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF)
-check_function_exists(_snprintf HAVE__SNPRINTF)
+check_symbol_exists(_snprintf stdio.h HAVE__SNPRINTF)
 
 check_symbol_exists(__func__ "" HAVE___FUNC__)
 check_symbol_exists(__FUNCTION__ "" HAVE___FUNCTION__)

example/Makefile.am

@@ -1,6 +1,6 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-EXTRA_DIST = libssh2_config.h.in
+EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in CMakeLists.txt
 
 # samples
 noinst_PROGRAMS = direct_tcpip ssh2 scp scp_nonblock scp_write		\

example/scp.c

@@ -41,9 +41,9 @@ int main(int argc, char *argv[])
     const char *username="username";
     const char *password="password";
     const char *scppath="/tmp/TEST";
-    struct stat fileinfo;
+    libssh2_struct_stat fileinfo;
     int rc;
-    off_t got=0;
+    libssh2_struct_stat_size got = 0;
 
 #ifdef WIN32
     WSADATA wsadata;
@@ -137,7 +137,7 @@ int main(int argc, char *argv[])
     }
 
     /* Request a file via SCP */
-    channel = libssh2_scp_recv(session, scppath, &fileinfo);
+    channel = libssh2_scp_recv2(session, scppath, &fileinfo);
 
     if (!channel) {
         fprintf(stderr, "Unable to open a session: %d\n",
@@ -151,7 +151,7 @@ int main(int argc, char *argv[])
         int amount=sizeof(mem);
 
         if((fileinfo.st_size -got) < amount) {
-            amount = fileinfo.st_size -got;
+            amount = (int)(fileinfo.st_size -got);
         }
 
         rc = libssh2_channel_read(channel, mem, amount);

example/scp_nonblock.c

@@ -88,16 +88,16 @@ int main(int argc, char *argv[])
     const char *username="username";
     const char *password="password";
     const char *scppath="/tmp/TEST";
-    struct stat fileinfo;
+    libssh2_struct_stat fileinfo;
 #ifdef HAVE_GETTIMEOFDAY
     struct timeval start;
     struct timeval end;
     long time_ms;
 #endif
     int rc;
-    int total = 0;
     int spin = 0;
-    off_t got=0;
+    libssh2_struct_stat_size got = 0;
+    libssh2_struct_stat_size total = 0;
 
 #ifdef WIN32
     WSADATA wsadata;
@@ -207,9 +207,9 @@ int main(int argc, char *argv[])
 #endif
 
     /* Request a file via SCP */
-    fprintf(stderr, "libssh2_scp_recv()!\n");
+    fprintf(stderr, "libssh2_scp_recv2()!\n");
     do {
-        channel = libssh2_scp_recv(session, scppath, &fileinfo);
+        channel = libssh2_scp_recv2(session, scppath, &fileinfo);
 
         if (!channel) {
             if(libssh2_session_last_errno(session) != LIBSSH2_ERROR_EAGAIN) {
@@ -235,7 +235,7 @@ int main(int argc, char *argv[])
             int amount=sizeof(mem);
 
             if ((fileinfo.st_size -got) < amount) {
-                amount = fileinfo.st_size - got;
+                amount = (int)(fileinfo.st_size - got);
             }
 
             /* loop until we block */
@@ -262,10 +262,10 @@ int main(int argc, char *argv[])
     gettimeofday(&end, NULL);
 
     time_ms = tvdiff(end, start);
-    fprintf(stderr, "Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
+    fprintf(stderr, "Got " LIBSSH2_STRUCT_STAT_SIZE_FORMAT " bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
            time_ms, total/(time_ms/1000.0), spin);
 #else
-    fprintf(stderr, "Got %d bytes spin: %d\n", total, spin);
+    fprintf(stderr, "Got " LIBSSH2_STRUCT_STAT_SIZE_FORMAT " bytes spin: %d\n", total, spin);
 #endif
 
     libssh2_channel_free(channel);

example/ssh2.c

@@ -243,7 +243,7 @@ int main(int argc, char *argv[])
 
     /* Other channel types are supported via:
      * libssh2_scp_send()
-     * libssh2_scp_recv()
+     * libssh2_scp_recv2()
      * libssh2_channel_direct_tcpip()
      */
 

example/ssh2_agent.c

@@ -217,7 +217,7 @@ int main(int argc, char *argv[])
 
     /* Other channel types are supported via:
      * libssh2_scp_send()
-     * libssh2_scp_recv()
+     * libssh2_scp_recv2()
      * libssh2_channel_direct_tcpip()
      */
 

include/libssh2.h

@@ -40,18 +40,18 @@
 #ifndef LIBSSH2_H
 #define LIBSSH2_H 1
 
-#define LIBSSH2_COPYRIGHT "2004-2015 The libssh2 project and its contributors."
+#define LIBSSH2_COPYRIGHT "2004-2016 The libssh2 project and its contributors."
 
 /* We use underscore instead of dash when appending DEV in dev versions just
    to make the BANNER define (used by src/session.c) be a valid SSH
    banner. Release versions have no appended strings and may of course not
    have dashes either. */
-#define LIBSSH2_VERSION                             "1.6.0_DEV"
+#define LIBSSH2_VERSION                             "1.7.0_DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBSSH2_VERSION_MAJOR                       1
-#define LIBSSH2_VERSION_MINOR                       6
+#define LIBSSH2_VERSION_MINOR                       7
 #define LIBSSH2_VERSION_PATCH                       0
 
 /* This is the numeric version of the libssh2 version number, meant for easier
@@ -69,7 +69,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBSSH2_VERSION_NUM                         0x010600
+#define LIBSSH2_VERSION_NUM                         0x010700
 
 /*
  * This is the date and time when the full source package was created. The
@@ -145,6 +145,68 @@ typedef int libssh2_socket_t;
 #define LIBSSH2_INVALID_SOCKET -1
 #endif /* WIN32 */
 
+/*
+ * Determine whether there is small or large file support on windows.
+ */
+
+#if defined(_MSC_VER) && !defined(_WIN32_WCE)
+#  if (_MSC_VER >= 900) && (_INTEGRAL_MAX_BITS >= 64)
+#    define LIBSSH2_USE_WIN32_LARGE_FILES
+#  else
+#    define LIBSSH2_USE_WIN32_SMALL_FILES
+#  endif
+#endif
+
+#if defined(__MINGW32__) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES)
+#  define LIBSSH2_USE_WIN32_LARGE_FILES
+#endif
+
+#if defined(__WATCOMC__) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES)
+#  define LIBSSH2_USE_WIN32_LARGE_FILES
+#endif
+
+#if defined(__POCC__)
+#  undef LIBSSH2_USE_WIN32_LARGE_FILES
+#endif
+
+#if defined(_WIN32) && !defined(LIBSSH2_USE_WIN32_LARGE_FILES) && \
+    !defined(LIBSSH2_USE_WIN32_SMALL_FILES)
+#  define LIBSSH2_USE_WIN32_SMALL_FILES
+#endif
+
+/*
+ * Large file (>2Gb) support using WIN32 functions.
+ */
+
+#ifdef LIBSSH2_USE_WIN32_LARGE_FILES
+#  include <io.h>
+#  include <sys/types.h>
+#  include <sys/stat.h>
+#  define LIBSSH2_STRUCT_STAT_SIZE_FORMAT    "%I64d"
+typedef struct _stati64 libssh2_struct_stat;
+typedef __int64 libssh2_struct_stat_size;
+#endif
+
+/*
+ * Small file (<2Gb) support using WIN32 functions.
+ */
+
+#ifdef LIBSSH2_USE_WIN32_SMALL_FILES
+#  include <sys/types.h>
+#  include <sys/stat.h>
+#  ifndef _WIN32_WCE
+#    define LIBSSH2_STRUCT_STAT_SIZE_FORMAT    "%d"
+typedef struct _stat libssh2_struct_stat;
+typedef off_t libssh2_struct_stat_size;
+#  endif
+#endif
+
+#ifndef LIBSSH2_STRUCT_STAT_SIZE_FORMAT
+#  define LIBSSH2_STRUCT_STAT_SIZE_FORMAT      "%zd"
+typedef struct stat libssh2_struct_stat;
+typedef off_t libssh2_struct_stat_size;
+#endif
+
 /* Part of every banner, user specified or not */
 #define LIBSSH2_SSH_BANNER                  "SSH-2.0-libssh2_" LIBSSH2_VERSION
 
@@ -506,6 +568,9 @@ LIBSSH2_API int libssh2_session_last_error(LIBSSH2_SESSION *session,
                                            char **errmsg,
                                            int *errmsg_len, int want_buf);
 LIBSSH2_API int libssh2_session_last_errno(LIBSSH2_SESSION *session);
+LIBSSH2_API int libssh2_session_set_last_error(LIBSSH2_SESSION* session,
+                                               int errcode,
+                                               const char* errmsg);
 LIBSSH2_API int libssh2_session_block_directions(LIBSSH2_SESSION *session);
 
 LIBSSH2_API int libssh2_session_flag(LIBSSH2_SESSION *session, int flag,
@@ -596,7 +661,8 @@ LIBSSH2_API int
 libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION* session,
                                          const char *username,
                                          unsigned int username_len,
-                                         LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC((*response_callback)));
+                                         LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(
+                                                       (*response_callback)));
 
 #define libssh2_userauth_keyboard_interactive(session, username,        \
                                               response_callback)        \
@@ -805,9 +871,14 @@ LIBSSH2_API int libssh2_channel_close(LIBSSH2_CHANNEL *channel);
 LIBSSH2_API int libssh2_channel_wait_closed(LIBSSH2_CHANNEL *channel);
 LIBSSH2_API int libssh2_channel_free(LIBSSH2_CHANNEL *channel);
 
+/* libssh2_scp_recv is DEPRECATED, do not use! */
 LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv(LIBSSH2_SESSION *session,
                                               const char *path,
                                               struct stat *sb);
+/* Use libssh2_scp_recv2 for large (> 2GB) file support on windows */
+LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_recv2(LIBSSH2_SESSION *session,
+                                               const char *path,
+                                               libssh2_struct_stat *sb);
 LIBSSH2_API LIBSSH2_CHANNEL *libssh2_scp_send_ex(LIBSSH2_SESSION *session,
                                                  const char *path, int mode,
                                                  size_t size, long mtime,

include/libssh2_publickey.h

@@ -69,7 +69,8 @@ typedef struct _libssh2_publickey_list {
     libssh2_publickey_attribute *attrs; /* free me */
 } libssh2_publickey_list;
 
-/* Generally use the first macro here, but if both name and value are string literals, you can use _fast() to take advantage of preprocessing */
+/* Generally use the first macro here, but if both name and value are string
+   literals, you can use _fast() to take advantage of preprocessing */
 #define libssh2_publickey_attribute(name, value, mandatory) \
   { (name), strlen(name), (value), strlen(value), (mandatory) },
 #define libssh2_publickey_attribute_fast(name, value, mandatory) \

libssh2.pc.in

@@ -12,6 +12,6 @@ URL: http://www.libssh2.org/
 Description: Library for SSH-based communication
 Version: @LIBSSH2VER@
 Requires.private: @LIBSREQUIRED@
-Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@
+Libs: -L${libdir} -lssh2 @LIBS@
 Libs.private: @LIBS@
 Cflags: -I${includedir}

nw/GNUmakefile

@@ -545,6 +545,7 @@ endif
 	@echo $(DL)  libssh2_knownhost_readfile,$(DL) >> $@
 	@echo $(DL)  libssh2_knownhost_writefile,$(DL) >> $@
 	@echo $(DL)  libssh2_scp_recv,$(DL) >> $@
+	@echo $(DL)  libssh2_scp_recv2,$(DL) >> $@
 	@echo $(DL)  libssh2_scp_send64,$(DL) >> $@
 	@echo $(DL)  libssh2_scp_send_ex,$(DL) >> $@
 	@echo $(DL)  libssh2_session_abstract,$(DL) >> $@

os400/README400

@@ -0,0 +1,169 @@
+
+Implementation notes:
+
+  This is a true OS/400 implementation, not a PASE implementation (for PASE,
+use AIX implementation).
+
+It uses ASCII as internal character set. This has been accomplished using the
+QADRT library and include files, a C and system procedures ASCII wrapper
+library. See IBM QADRT description for more information.
+  This results in libssh2 being an ASCII library: any function string
+argument is taken/returned in ASCII and a C/C++ calling program built around
+QADRT may use libssh2 functions as on any other platform.
+  QADRT does not define ASCII wrappers for all C/system procedures: an
+additional module (os400sys.c) define some more of them, that are used by
+libssh2 and that QADRT left out.
+  Since standard library entry points expect and return ASCII character strings,
+additional procedures are provided for string transcoding (see below). No
+wrappers to standard procedures are provided: however, nested calls to
+transcoding procedures may be used.
+
+Crypto API is provided by the IBM QC3 API library. It supports RSA, but not DSA.
+
+
+  Standard compilation environment does support neither autotools nor make;
+in fact, very few common utilities are available. As a consequence, the
+libssh2_config.h has been coded manually and the compilation scripts are
+a set of shell scripts stored in subdirectory os400.
+
+  The test environment is currently not supported on OS/400.
+
+
+
+Compiling on OS/400:
+
+  These instructions target people who knows about OS/400, compiling, IFS and
+archive extraction. Do not ask questions about these subjects if you're not
+familiar with.
+
+_ As a prerequisite, QADRT development environment must be installed.
+_ Install the libssh2 sources directory in IFS.
+_ Enter shell (QSH)
+_ Change current directory to the libssh2 sources installation directory
+_ Change current directory to os400
+_ Edit file iniscript.sh. You may want to change tunable configuration
+  parameters, like debug info generation, optimisation level, listing option,
+  target library, zlib availability and location, etc.
+_ Copy any file in the current directory to makelog (i.e.:
+  cp initscript.sh makelog): this is intended to create the makelog file with
+  an ASCII CCSID!
+_ Enter the command "sh make.sh > makelog 2>&1'
+_ Examine the makelog file to check for compilation errors.
+
+  Leaving file initscript.sh unchanged, this will produce the following OS/400
+objects:
+_ Library LIBSSH2. All other objects will be stored in this library.
+_ Modules for all libssh2 units.
+_ Binding directory LIBSSH2_A, to be used at calling program link time for
+  statically binding the modules (specify BNDSRVPGM(QADRTTS) when creating a
+  program using LIBSSH2_A. Also give access to the zlib BNDDIR/SRVPGM if
+  libssh2 is compiled with zlib).
+_ Service program LIBSSH2.<soname>, where <soname> is extracted from the
+  src/Makefile.am VERSION variable. To be used at calling program run-time
+  when this program has dynamically bound libssh2 at link time.
+_ Binding directory LIBSSH2. To be used to dynamically bind libssh2 when
+  linking a calling program.
+_ Source file H. It contains all the include members needed to compile a C/C++
+  module using libssh2.
+_ LIBSSH2, SSH2_PKEY, SSH2_SFTP members in file H. These are the C/C++ header
+  files. Original fames have been mangled to fit member name allowed syntax.
+_ Source file LIBSSH2RPG. It contains all the ILE/RPG /INCLUDE members
+  needed to compile an ILE/RPG program calling libssh2 procedures.
+_ LIBSSH2, SSH2_PKEY, SSH2_SFTP members in file LIBSSH2RPG. These are
+  ILE/RPG translations of the corresponding C header files.
+
+
+
+Special programming consideration:
+
+QADRT being used, the following points must be considered:
+_ If static binding is used, service program QADRTTS must be linked too.
+_ Likewise, if libssh2 has been compiled with zlib support, access to the
+  zlib objects must be provided at link time.
+_ The EBCDIC CCSID used by QADRT is 37 by default, NOT THE JOB'S CCSID. If
+  another EBCDIC CCSID is required, it must be set via a locale through a call
+  to setlocale_a (QADRT's setlocale() ASCII wrapper) with category LC_ALL or
+  LC_CTYPE, or by setting environment variable QADRT_ENV_LOCALE to the locale
+  object path before executing the program.
+_ Do not use original source include files unless you know what you are doing.
+  Use the installed members instead (in /QSYS.LIB/LIBSSH2.LIB/H.FILE).
+
+
+
+String transcoding support:
+
+  To help passing arbitrarily encoded string arguments and/or receiving string
+values from/to the libssh2 API, three non-standard additional procedures are
+provided. They use a session pointer and a "string cache" pointer.
+  Each time a string is transcoded, it is cached in the given cache. It is
+the responsibility of the caller to release the cache when its associted strings
+are no longer needed. These procedures and the string cache type are defined
+in a new libssh2_ccsid.h header file.
+  To create a string cache, use:
+
+#include <libssh2_ccsid.h>
+libssh2_string_cache *  cache = NULL;
+
+  To release all strings in a cache, call:
+
+libssh2_release_string_cache(session, &cache);
+
+  The transcoding procedures are:
+
+char * libssh2_from_ccsid(LIBSSH2_SESSION *session,
+                          libssh2_string_cache **cache,
+                          unsigned short ccsid,
+                          const char *string, ssize_t inlen,
+                          size_t *outlen);
+char * libssh2_to_ccsid(LIBSSH2_SESSION *session,
+                        libssh2_string_cache **cache,
+                        unsigned short ccsid,
+                        const char *string, ssize_t inlen,
+                        size_t *outlen);
+
+where:
+    session      is a libssh2 session used for memory allocation.
+    cache        is the address of a string cache.
+    ccsid        is the external (i.e.: non libssh2) coded character set id.
+                 65535 means no conversion and 0 means the current job's CCSID.
+    string       is the string to convert.
+    inlen        is the source string length in bytes: set to -1 if
+                 null-terminated.
+    outlen       if not NULL, is the address of a variable that will receive
+                 the transcoded string length upon return.
+
+  libssh2_from_ccsid() transcodes the string from the given CCSID to libssh2
+internal encoding (UTF-8). It is intended to be used to convert API input
+parameters.
+  libssh2_to_ccsid() transcodes the string from libssh2 internal encoding
+(UTF-8) to the given CCSID. This has been implemented to get standard API
+string results in a program's native encoding.
+
+  Both these functions return a pointer to the null-terminated converted string,
+or NULL if an error occurred. In addition, the variable pointed by outlen
+receives the effective byte length of the (cached) translated string, or -1
+in case of error.
+
+
+
+ILE/RPG support:
+
+  Since 95% of the OS/400 programmers use ILE/RPG exclusively, a definition
+  /INCLUDE member is provided for this language. To include libssh2
+  definitions in an ILE/RPG module, line
+
+     h bnddir('LIBSSH2/LIBSSH2')
+
+must figure in the program header, and line
+
+     d/include libssh2/libssh2rpg,libssh2
+
+in the global data section of the module's source code.
+If required, members ssh2_sftp, ssh2_pkey and ssh2_ccsid may also be included.
+
+For IFS source compilations, include members are located in directory
+/libssh2/include/libssh2rpg and have their original names retained.
+
+ILE/RPG lacks a serious macro preprocessor, thus C macros requiring this
+feature have not been translated. However, function-like C macros have been
+implemented as procedures and therefore supported in ILE/RPG.

os400/ccsid.c

@@ -0,0 +1,252 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+/* Character encoding wrappers. */
+
+#include "libssh2_priv.h"
+#include "libssh2_ccsid.h"
+
+#include <qtqiconv.h>
+#include <iconv.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+
+
+#define CCSID_UTF8      1208
+#define CCSID_UTF16BE   13488
+#define STRING_GRANULE  256
+#define MAX_CHAR_SIZE   4
+
+#define OFFSET_OF(t, f) ((size_t) ((char *) &((t *) 0)->f - (char *) 0))
+
+
+struct _libssh2_string_cache {
+    libssh2_string_cache *  next;
+    char                    string[1];
+};
+
+
+static const QtqCode_T  utf8code = { CCSID_UTF8 };
+
+
+static ssize_t
+terminator_size(unsigned short ccsid)
+{
+    QtqCode_T outcode;
+    iconv_t cd;
+    char *inp;
+    char *outp;
+    size_t ilen;
+    size_t olen;
+    char buf[MAX_CHAR_SIZE];
+
+    /* Return the null-terminator size for the given CCSID. */
+
+    /* Fast check usual CCSIDs. */
+    switch (ccsid) {
+    case CCSID_UTF8:
+    case 0:                                 /* Job CCSID is SBCS EBCDIC. */
+        return 1;
+    case CCSID_UTF16BE:
+        return 2;
+    }
+
+    /* Convert an UTF-8 NUL to the target CCSID: use the converted size as
+       result. */
+    memset((void *) &outcode, 0, sizeof outcode);
+    outcode.CCSID = ccsid;
+    cd = QtqIconvOpen(&outcode, (QtqCode_T *) &utf8code);
+    if (cd.return_value == -1)
+        return -1;
+    inp = "";
+    ilen = 1;
+    outp = buf;
+    olen = sizeof buf;
+    iconv(cd, &inp, &ilen, &outp, &olen);
+    iconv_close(cd);
+    olen = sizeof buf - olen;
+    return olen? olen: -1;
+}
+
+static char *
+convert_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache,
+              unsigned short outccsid, unsigned short inccsid,
+              const char *instring, ssize_t inlen, size_t *outlen)
+{
+    char *inp;
+    char *outp;
+    size_t olen;
+    size_t ilen;
+    size_t buflen;
+    size_t curlen;
+    ssize_t termsize;
+    int i;
+    char *dst;
+    libssh2_string_cache *outstring;
+    QtqCode_T incode;
+    QtqCode_T outcode;
+    iconv_t cd;
+
+    if (!instring) {
+        if (outlen)
+            *outlen = 0;
+        return NULL;
+    }
+    if (outlen)
+        *outlen = -1;
+    if (!session || !cache)
+        return NULL;
+
+    /* Get terminator size. */
+    termsize = terminator_size(outccsid);
+    if (termsize < 0)
+        return NULL;
+ 
+    /* Prepare conversion parameters. */
+    memset((void *) &incode, 0, sizeof incode);
+    memset((void *) &outcode, 0, sizeof outcode);
+    incode.CCSID = inccsid;
+    outcode.CCSID = outccsid;
+    curlen = OFFSET_OF(libssh2_string_cache, string);
+    inp = (char *) instring;
+    ilen = inlen;
+    buflen = inlen + curlen;
+    if (inlen < 0) {
+        incode.length_option = 1;
+        buflen = STRING_GRANULE;
+        ilen = 0;
+    }
+
+    /* Allocate output string buffer and open conversion descriptor. */
+    dst = LIBSSH2_ALLOC(session, buflen + termsize);
+    if (!dst)
+        return NULL;
+    cd = QtqIconvOpen(&outcode, &incode);
+    if (cd.return_value == -1) {
+        LIBSSH2_FREE(session, (char *) dst);
+        return NULL;
+    }
+
+    /* Convert string. */
+    for (;;) {
+        outp = dst + curlen;
+        olen = buflen - curlen;
+        i = iconv(cd, &inp, &ilen, &outp, &olen);
+        if (inlen < 0 && olen == buflen - curlen) {
+            /* Special case: converted 0-length (sub)strings do not store the
+               terminator. */
+            if (termsize) {
+                memset(outp, 0, termsize);
+                olen -= termsize;
+            }
+        }
+        curlen = buflen - olen;
+        if (i >= 0 || errno != E2BIG)
+            break;
+        /* Must expand buffer. */
+        buflen += STRING_GRANULE;
+        outp = LIBSSH2_REALLOC(session, dst, buflen + termsize);
+        if (!outp)
+            break;
+        dst = outp;
+    }
+
+    iconv_close(cd);
+
+    /* Check for error. */
+    if (i < 0 || !outp) {
+        LIBSSH2_FREE(session, dst);
+        return NULL;
+    }
+
+    /* Process terminator. */
+    if (inlen < 0)
+        curlen -= termsize;
+    else if (termsize)
+        memset(dst + curlen, 0, termsize);
+
+    /* Shorten buffer if possible. */
+    if (curlen < buflen)
+        dst = LIBSSH2_REALLOC(session, dst, curlen + termsize);
+
+    /* Link to cache. */
+    outstring = (libssh2_string_cache *) dst;
+    outstring->next = *cache;
+    *cache = outstring;
+
+    /* Return length if required. */
+    if (outlen)
+        *outlen = curlen - OFFSET_OF(libssh2_string_cache, string);
+
+    return outstring->string;
+}
+
+LIBSSH2_API char *
+libssh2_from_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache,
+                   unsigned short ccsid, const char *string, ssize_t inlen,
+                   size_t *outlen)
+{
+    return convert_ccsid(session, cache,
+                         CCSID_UTF8, ccsid, string, inlen, outlen);
+}
+
+LIBSSH2_API char *
+libssh2_to_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache,
+                 unsigned short ccsid, const char *string, ssize_t inlen,
+                 size_t *outlen)
+{
+    return convert_ccsid(session, cache,
+                         ccsid, CCSID_UTF8, string, inlen, outlen);
+}
+
+LIBSSH2_API void
+libssh2_release_string_cache(LIBSSH2_SESSION *session,
+                             libssh2_string_cache **cache)
+{
+    libssh2_string_cache *p;
+
+    if (session && cache)
+        while ((p = *cache)) {
+            *cache = p->next;
+            LIBSSH2_FREE(session, (char *) p);
+        }
+}
+
+/* vim: set expandtab ts=4 sw=4: */

os400/include/alloca.h

@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_ALLOCA_H
+#define LIBSSH2_ALLOCA_H
+
+/* alloca() emulation. */
+
+#include <modasa.mih>
+
+#define alloca(n)       _MODASA(n)
+
+#endif
+
+/* vim: set expandtab ts=4 sw=4: */

os400/include/stdio.h

@@ -0,0 +1,72 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_STDIO_H
+#define LIBSSH2_STDIO_H
+
+/*
+ *  <stdio.h> wrapper.
+ *  Its goal is to redefine snprintf/vsnprintf which are not supported by QADRT.
+ */
+
+#include <qadrt.h>
+
+#if __ILEC400_TGTVRM__ >= 710
+# include_next <stdio.h>
+#elif __ILEC400_TGTVRM__ >= 510
+# ifndef __SRCSTMF__
+#  include <QADRT/h/stdio>
+# else
+#  include </QIBM/ProdData/qadrt/include/stdio.h>
+# endif
+#endif
+
+extern int  _libssh2_os400_vsnprintf(char *dst, size_t len,
+                                     const char *fmt, va_list args);
+extern int  _libssh2_os400_snprintf(char *dst, size_t len,
+                                    const char *fmt, ...);
+
+#ifndef LIBSSH2_DISABLE_QADRT_EXT
+# define vsnprintf(dst, len, fmt, args)                                     \
+                        _libssh2_os400_vsnprintf((dst), (len), (fmt), (args))
+# define snprintf       _libssh2_os400_snprintf
+#endif
+
+#endif
+
+/* vim: set expandtab ts=4 sw=4: */

os400/include/sys/socket.h

@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_SYS_SOCKET_H
+#define LIBSSH2_SYS_SOCKET_H
+
+/*
+ *  <sys/socket.h> wrapper.
+ *  Redefines connect().
+ */
+
+#include <qadrt.h>
+
+#ifndef _QADRT_LT
+# define _QADRT_LT <
+#endif
+#ifndef _QADRT_GT
+# define _QADRT_GT >
+#endif
+
+#ifdef QADRT_SYSINC
+# include _QADRT_LT QADRT_SYSINC/sys/socket.h _QADRT_GT
+#elif __ILEC400_TGTVRM__ >= 710
+# include_next <sys/socket.h>
+#elif !defined(__SRCSTMF__)
+# include <QSYSINC/sys/socket>
+#else
+# include </QIBM/include/sys/socket.h>
+#endif
+
+extern int  _libssh2_os400_connect(int sd,
+                                   struct sockaddr * destaddr, int addrlen);
+
+#ifndef LIBSSH2_DISABLE_QADRT_EXT
+#define connect(sd, addr, len)  _libssh2_os400_connect((sd), (addr), (len))
+#endif
+
+#endif
+
+/* vim: set expandtab ts=4 sw=4: */

os400/initscript.sh

@@ -0,0 +1,243 @@
+#!/bin/sh
+
+
+setenv()
+
+{
+        #       Define and export.
+
+        eval ${1}="${2}"
+        export ${1}
+}
+
+
+case "${SCRIPTDIR}" in
+/*)     ;;
+*)      SCRIPTDIR="`pwd`/${SCRIPTDIR}"
+esac
+
+while true
+do      case "${SCRIPTDIR}" in
+        */.)    SCRIPTDIR="${SCRIPTDIR%/.}";;
+        *)      break;;
+        esac
+done
+
+#  The script directory is supposed to be in $TOPDIR/os400.
+
+TOPDIR=`dirname "${SCRIPTDIR}"`
+export SCRIPTDIR TOPDIR
+
+#  Extract the SONAME from the library makefile.
+
+SONAME=`sed -e '/^VERSION=/!d' -e 's/^.* \([0-9]*\):.*$/\1/' -e 'q'     \
+                                                < "${TOPDIR}/src/Makefile.am"`
+export SONAME
+
+
+################################################################################
+#
+#                       Tunable configuration parameters.
+#
+################################################################################
+
+setenv TARGETLIB        'LIBSSH2'               # Target OS/400 program library.
+setenv STATBNDDIR       'LIBSSH2_A'             # Static binding directory.
+setenv DYNBNDDIR        'LIBSSH2'               # Dynamic binding directory.
+setenv SRVPGM           "LIBSSH2.${SONAME}"     # Service program.
+setenv TGTCCSID         '500'                   # Target CCSID of objects.
+setenv DEBUG            '*ALL'                  # Debug level.
+setenv OPTIMIZE         '10'                    # Optimisation level
+setenv OUTPUT           '*NONE'                 # Compilation output option.
+setenv TGTRLS           'V5R3M0'                # Target OS release.
+setenv IFSDIR           '/libssh2'              # Installation IFS directory.
+
+#       Define ZLIB availability and locations.
+
+setenv WITH_ZLIB        0                       # Define to 1 to enable.
+setenv ZLIB_INCLUDE     '/zlib/include'         # ZLIB include IFS directory.
+setenv ZLIB_LIB         'ZLIB'                  # ZLIB library.
+setenv ZLIB_BNDDIR      'ZLIB_A'                # ZLIB binding directory.
+
+
+################################################################################
+
+#       Need to get the version definitions.
+
+LIBSSH2_VERSION=`grep '^#define  *LIBSSH2_VERSION '                     \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/.*"\(.*\)".*/\1/'`
+LIBSSH2_VERSION_MAJOR=`grep '^#define  *LIBSSH2_VERSION_MAJOR '         \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/^#define  *LIBSSH2_VERSION_MAJOR  *\([^ ]*\).*/\1/'`
+LIBSSH2_VERSION_MINOR=`grep '^#define  *LIBSSH2_VERSION_MINOR '         \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/^#define  *LIBSSH2_VERSION_MINOR  *\([^ ]*\).*/\1/'`
+LIBSSH2_VERSION_PATCH=`grep '^#define  *LIBSSH2_VERSION_PATCH '         \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/^#define  *LIBSSH2_VERSION_PATCH  *\([^ ]*\).*/\1/'`
+LIBSSH2_VERSION_NUM=`grep '^#define  *LIBSSH2_VERSION_NUM '             \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/^#define  *LIBSSH2_VERSION_NUM  *0x\([^ ]*\).*/\1/'`
+LIBSSH2_TIMESTAMP=`grep '^#define  *LIBSSH2_TIMESTAMP '                 \
+                        "${TOPDIR}/include/libssh2.h"                   |
+                sed 's/.*"\(.*\)".*/\1/'`
+export LIBSSH2_VERSION
+export LIBSSH2_VERSION_MAJOR LIBSSH2_VERSION_MINOR LIBSSH2_VERSION_PATCH
+export LIBSSH2_VERSION_NUM LIBSSH2_TIMESTAMP
+
+################################################################################
+#
+#                       OS/400 specific definitions.
+#
+################################################################################
+
+LIBIFSNAME="/QSYS.LIB/${TARGETLIB}.LIB"
+
+
+################################################################################
+#
+#                               Procedures.
+#
+################################################################################
+
+#       action_needed dest [src]
+#
+#       dest is an object to build
+#       if specified, src is an object on which dest depends.
+#
+#       exit 0 (succeeds) if some action has to be taken, else 1.
+
+action_needed()
+
+{
+        [ ! -e "${1}" ] && return 0
+        [ "${2}" ] || return 1
+        [ "${1}" -ot "${2}" ] && return 0
+        return 1
+}
+
+
+#       canonicalize_path path
+#
+#       Return canonicalized path as:
+#       - Absolute
+#       - No . or .. component.
+
+canonicalize_path()
+
+{
+        if expr "${1}" : '^/' > /dev/null
+        then    P="${1}"
+        else    P="`pwd`/${1}"
+        fi
+
+        R=
+        IFSSAVE="${IFS}"
+        IFS="/"
+
+        for C in ${P}
+        do      IFS="${IFSSAVE}"
+                case "${C}" in
+                .)      ;;
+                ..)     R=`expr "${R}" : '^\(.*/\)..*'`
+                        ;;
+                ?*)     R="${R}${C}/"
+                        ;;
+                *)      ;;
+                esac
+        done
+
+        IFS="${IFSSAVE}"
+        echo "/`expr "${R}" : '^\(.*\)/'`"
+}
+
+
+#       make_module module_name source_name [additional_definitions]
+#
+#       Compile source name into ASCII module if needed.
+#       As side effect, append the module name to variable MODULES.
+#       Set LINK to "YES" if the module has been compiled.
+
+make_module()
+
+{
+        MODULES="${MODULES} ${1}"
+        MODIFSNAME="${LIBIFSNAME}/${1}.MODULE"
+        action_needed "${MODIFSNAME}" "${2}" || return 0;
+        SRCDIR=`dirname \`canonicalize_path "${2}"\``
+
+        #       #pragma convert has to be in the source file itself, i.e.
+        #               putting it in an include file makes it only active
+        #               for that include file.
+        #       Thus we build a temporary file with the pragma prepended to
+        #               the source file and we compile that temporary file.
+
+        echo "#line 1 \"${2}\"" > __tmpsrcf.c
+        echo "#pragma convert(819)" >> __tmpsrcf.c
+        echo "#line 1" >> __tmpsrcf.c
+        cat "${2}" >> __tmpsrcf.c
+        CMD="CRTCMOD MODULE(${TARGETLIB}/${1}) SRCSTMF('__tmpsrcf.c')"
+#       CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST *SHOWINC *SHOWSYS)"
+        CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST)"
+        CMD="${CMD} LOCALETYPE(*LOCALE)"
+        CMD="${CMD} INCDIR('${TOPDIR}/os400/include'"
+        CMD="${CMD} '/QIBM/ProdData/qadrt/include' '${TOPDIR}/include'"
+        CMD="${CMD} '${TOPDIR}/os400' '${SRCDIR}'"
+
+        if [ "${WITH_ZLIB}" != "0" ]
+        then    CMD="${CMD} '${ZLIB_INCLUDE}'"
+        fi
+
+        CMD="${CMD} ${INCLUDES})"
+        CMD="${CMD} TGTCCSID(${TGTCCSID}) TGTRLS(${TGTRLS})"
+        CMD="${CMD} OUTPUT(${OUTPUT})"
+        CMD="${CMD} OPTIMIZE(${OPTIMIZE})"
+        CMD="${CMD} DBGVIEW(${DEBUG})"
+
+        DEFINES="${3}"
+
+        if [ "${WITH_ZLIB}" != "0" ]
+        then    DEFINES="${DEFINES} HAVE_LIBZ LIBSSH2_HAVE_ZLIB"
+        fi
+
+        if [ "${DEFINES}" ]
+        then    CMD="${CMD} DEFINE(${DEFINES})"
+        fi
+
+        system "${CMD}"
+        rm -f __tmpsrcf.c
+        LINK=YES
+}
+
+
+#       Determine DB2 object name from IFS name.
+
+db2_name()
+
+{
+        if [ "${2}" = 'nomangle' ]
+        then    basename "${1}"                                         |
+                tr 'a-z-' 'A-Z_'                                        |
+                sed -e 's/\..*//;s/^\(.\).*\(.........\)$/\1\2/'
+        else    basename "${1}"                                         |
+                tr 'a-z-' 'A-Z_'                                        |
+                sed -e 's/\..*//;s/^LIBSSH2_/SSH2_/'                    \
+                    -e 's/^\(.\).*\(.........\)$/\1\2/'                 \
+                    -e 's/^SPUBLICKEY$/SSH2_PKEY/'
+        fi
+}
+
+
+#       Copy stream replacing version info.
+
+versioned_copy()
+
+{
+        sed -e "s/@LIBSSH2_VERSION@/${LIBSSH2_VERSION}/g"               \
+            -e "s/@LIBSSH2_VERSION_MAJOR@/${LIBSSH2_VERSION_MAJOR}/g"   \
+            -e "s/@LIBSSH2_VERSION_MINOR@/${LIBSSH2_VERSION_MINOR}/g"   \
+            -e "s/@LIBSSH2_VERSION_PATCH@/${LIBSSH2_VERSION_PATCH}/g"   \
+            -e "s/@LIBSSH2_VERSION_NUM@/${LIBSSH2_VERSION_NUM}/g"       \
+            -e "s/@LIBSSH2_TIMESTAMP@/${LIBSSH2_TIMESTAMP}/g"
+}

os400/libssh2_ccsid.h

@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+/* CCSID conversion support. */
+
+#ifndef LIBSSH2_CCSID_H_
+#define LIBSSH2_CCSID_H_
+
+#include "libssh2.h"
+
+typedef struct _libssh2_string_cache    libssh2_string_cache;
+
+
+LIBSSH2_API char *
+libssh2_from_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache,
+                   unsigned short ccsid, const char *string, ssize_t inlen,
+                   size_t *outlen);
+LIBSSH2_API char *
+libssh2_to_ccsid(LIBSSH2_SESSION *session, libssh2_string_cache **cache,
+                 unsigned short ccsid, const char *string, ssize_t inlen,
+                 size_t *outlen);
+LIBSSH2_API void
+libssh2_release_string_cache(LIBSSH2_SESSION *session,
+                             libssh2_string_cache **cache);
+
+#endif
+
+/* vim: set expandtab ts=4 sw=4: */

os400/libssh2_config.h

@@ -0,0 +1,299 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_CONFIG_H
+#define LIBSSH2_CONFIG_H
+
+/* Define if building universal (internal helper macro) */
+#undef AC_APPLE_UNIVERSAL_BUILD
+
+/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP
+   systems. This function is required for `alloca.c' support on those systems.
+*/
+#undef CRAY_STACKSEG_END
+
+/* Define to 1 if using `alloca.c'. */
+#undef C_ALLOCA
+
+/* Define to 1 if you have `alloca', as a function or macro. */
+#define HAVE_ALLOCA 1
+
+/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix). */
+#define HAVE_ALLOCA_H 1
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the declaration of `SecureZeroMemory', and to 0 if
+   you don't. */
+#undef HAVE_DECL_SECUREZEROMEMORY
+
+/* disabled non-blocking sockets */
+#undef HAVE_DISABLED_NONBLOCKING
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#undef HAVE_DLFCN_H
+
+/* Define to 1 if you have the <errno.h> header file. */
+#define HAVE_ERRNO_H 1
+
+/* Define to 1 if you have the `EVP_aes_128_ctr' function. */
+#undef HAVE_EVP_AES_128_CTR
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define HAVE_FCNTL_H 1
+
+/* use FIONBIO for non-blocking sockets */
+#undef HAVE_FIONBIO
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#define HAVE_GETTIMEOFDAY 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* use ioctlsocket() for non-blocking sockets */
+#undef HAVE_IOCTLSOCKET
+
+/* use Ioctlsocket() for non-blocking sockets */
+#undef HAVE_IOCTLSOCKET_CASE
+
+/* Define if you have the bcrypt library. */
+#undef HAVE_LIBBCRYPT
+
+/* Define if you have the crypt32 library. */
+#undef HAVE_LIBCRYPT32
+
+/* Define if you have the gcrypt library. */
+#undef HAVE_LIBGCRYPT
+
+/* Define if you have the ssl library. */
+#undef HAVE_LIBSSL
+
+/* Define if you have the z library. */
+/* #undef HAVE_LIBZ */
+
+/* Define to 1 if the compiler supports the 'long long' data type. */
+#define HAVE_LONGLONG 1
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the <ntdef.h> header file. */
+#undef HAVE_NTDEF_H
+
+/* Define to 1 if you have the <ntstatus.h> header file. */
+#undef HAVE_NTSTATUS_H
+
+/* use O_NONBLOCK for non-blocking sockets */
+#define HAVE_O_NONBLOCK 1
+
+/* Define to 1 if you have the `poll' function. */
+#undef HAVE_POLL
+
+/* Define to 1 if you have the select function. */
+#define HAVE_SELECT 1
+
+/* use SO_NONBLOCK for non-blocking sockets */
+#undef HAVE_SO_NONBLOCK
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdio.h> header file. */
+#define HAVE_STDIO_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the `strtoll' function. */
+#define HAVE_STRTOLL 1
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#define HAVE_SYS_IOCTL_H 1
+
+/* Define to 1 if you have the <sys/select.h> header file. */
+#undef HAVE_SYS_SELECT_H
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#define HAVE_SYS_TIME_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#define HAVE_SYS_UIO_H 1
+
+/* Define to 1 if you have the <sys/un.h> header file. */
+#define HAVE_SYS_UN_H 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the <windows.h> header file. */
+#undef HAVE_WINDOWS_H
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+#undef HAVE_WINSOCK2_H
+
+/* Define to 1 if you have the <ws2tcpip.h> header file. */
+#undef HAVE_WS2TCPIP_H
+
+/* to make a symbol visible */
+#undef LIBSSH2_API
+
+/* Enable clearing of memory before being freed */
+#define LIBSSH2_CLEAR_MEMORY 1
+
+/* Enable "none" cipher -- NOT RECOMMENDED */
+#undef LIBSSH2_CRYPT_NONE
+
+/* Enable newer diffie-hellman-group-exchange-sha1 syntax */
+#define LIBSSH2_DH_GEX_NEW 1
+
+/* Compile in zlib support */
+/* #undef LIBSSH2_HAVE_ZLIB */
+
+/* Use libgcrypt */
+#undef LIBSSH2_LIBGCRYPT
+
+/* Enable "none" MAC -- NOT RECOMMENDED */
+#undef LIBSSH2_MAC_NONE
+
+/* Use OpenSSL */
+#undef LIBSSH2_OPENSSL
+
+/* Use Windows CNG */
+#undef LIBSSH2_WINCNG
+
+/* Use OS/400 Qc3 */
+#define LIBSSH2_OS400QC3
+
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+*/
+#define LT_OBJDIR ".libs/"
+
+/* Define to 1 if _REENTRANT preprocessor symbol must be defined. */
+#undef NEED_REENTRANT
+
+/* Name of package */
+#define PACKAGE "libssh2"
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT "libssh2-devel@cool.haxx.se"
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "libssh2"
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING "libssh2 -"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "libssh2"
+
+/* Define to the home page for this package. */
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION "-"
+
+/* If using the C implementation of alloca, define if you know the
+   direction of stack growth for your system; otherwise it will be
+   automatically deduced at runtime.
+	STACK_DIRECTION > 0 => grows toward higher addresses
+	STACK_DIRECTION < 0 => grows toward lower addresses
+	STACK_DIRECTION = 0 => direction of growth unknown */
+#undef STACK_DIRECTION
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Version number of package */
+#define VERSION "-"
+
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+   significant byte first (like Motorola and SPARC, unlike Intel). */
+#define WORDS_BIGENDIAN 1
+
+/* Enable large inode numbers on Mac OS X 10.5.  */
+#ifndef _DARWIN_USE_64_BIT_INODE
+# define _DARWIN_USE_64_BIT_INODE 1
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
+#undef _FILE_OFFSET_BITS
+
+/* Define for large files, on AIX-style hosts. */
+#undef _LARGE_FILES
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+   calls it, or to nothing if 'inline' is not supported under any name.  */
+#ifndef __cplusplus
+#define inline
+#endif
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+#undef size_t
+
+
+#ifndef LIBSSH2_DISABLE_QADRT_EXT
+/* Remap zlib procedures to ASCII versions. */
+#pragma map(inflateInit_, "_libssh2_os400_inflateInit_")
+#pragma map(deflateInit_, "_libssh2_os400_deflateInit_")
+#endif
+
+#endif
+/* vim: set expandtab ts=4 sw=4: */

os400/libssh2rpg/libssh2_ccsid.rpgle.in

@@ -0,0 +1,69 @@
+      * Copyright (c) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+      * All rights reserved.
+      *
+      * Redistribution and use in source and binary forms,
+      * with or without modification, are permitted provided
+      * that the following conditions are met:
+      *
+      *   Redistributions of source code must retain the above
+      *   copyright notice, this list of conditions and the
+      *   following disclaimer.
+      *
+      *   Redistributions in binary form must reproduce the above
+      *   copyright notice, this list of conditions and the following
+      *   disclaimer in the documentation and/or other materials
+      *   provided with the distribution.
+      *
+      *   Neither the name of the copyright holder nor the names
+      *   of any other contributors may be used to endorse or
+      *   promote products derived from this software without
+      *   specific prior written permission.
+      *
+      * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+      * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+      * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+      * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+      * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+      * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+      * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+      * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+      * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+      * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+      * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+      * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+      * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+      * OF SUCH DAMAGE.
+
+      /if not defined(LIBSSH2_CCSID_H_)
+      /define LIBSSH2_CCSID_H_
+
+      /include "libssh2rpg/libssh2"
+
+     d libssh2_from_ccsid...
+     d                 pr              *   extproc('libssh2_from_ccsid')        char *
+     d  session                        *   value                                LIBSSH2_SESSION *
+     d  cache                          *                                        libssh2_string_cache
+     d                                                                          *(*)
+     d  ccsid                              value like(libssh2_Cushort)
+     d  string                         *   value options(*string)               const char *
+     d  inlen                              value like(libssh2_Cssize_t)
+     d  outlen                             like(libssh2_Csize_t) options(*omit)
+
+     d libssh2_to_ccsid...
+     d                 pr              *   extproc('libssh2_to_ccsid')          char *
+     d  session                        *   value                                LIBSSH2_SESSION *
+     d  cache                          *                                        libssh2_string_cache
+     d                                                                          *(*)
+     d  ccsid                              value like(libssh2_Cushort)
+     d  string                         *   value options(*string)               const char *
+     d  inlen                              value like(libssh2_Cssize_t)
+     d  outlen                             like(libssh2_Csize_t) options(*omit)
+
+     d libssh2_release_string_cache...
+     d                 pr                  extproc(
+     d                                     'libssh2_release_string_cache')
+     d  session                        *   value                                LIBSSH2_SESSION *
+     d  cache                          *                                        libssh2_string_cache
+     d                                                                          *(*)
+
+      /endif                                                                    LIBSSH2_CCSID_H_

os400/libssh2rpg/libssh2_publickey.rpgle

@@ -0,0 +1,141 @@
+      * Copyright (c) 2015, Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+      * All rights reserved.
+      *
+      * Redistribution and use in source and binary forms,
+      * with or without modification, are permitted provided
+      * that the following conditions are met:
+      *
+      *   Redistributions of source code must retain the above
+      *   copyright notice, this list of conditions and the
+      *   following disclaimer.
+      *
+      *   Redistributions in binary form must reproduce the above
+      *   copyright notice, this list of conditions and the following
+      *   disclaimer in the documentation and/or other materials
+      *   provided with the distribution.
+      *
+      *   Neither the name of the copyright holder nor the names
+      *   of any other contributors may be used to endorse or
+      *   promote products derived from this software without
+      *   specific prior written permission.
+      *
+      * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+      * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+      * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+      * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+      * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+      * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+      * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+      * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+      * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+      * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+      * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+      * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+      * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+      * OF SUCH DAMAGE.
+
+      * Note: This include file is only needed for using the
+      * publickey SUBSYSTEM which is not the same as publickey
+      * authentication.  For authentication you only need libssh2.h
+      *
+      * For more information on the publickey subsystem,
+      * refer to IETF draft: secsh-publickey
+
+      /if not defined(LIBSSH2_PUBLICKEY_H_)
+      /define LIBSSH2_PUBLICKEY_H_
+
+      /include "libssh2rpg/libssh2"
+
+     d libssh2_publickey_attribute...
+     d                 ds                  based(######typedef######)
+     d                                     align qualified
+     d  name                           *                                        const char *
+     d  name_len                           like(libssh2_Culong)
+     d  value                          *                                        const char *
+     d  value_len                          like(libssh2_Culong)
+     d  mandatory                          like(libssh2_Cchar)
+
+     d libssh2_publickey_list...
+     d                 ds                  based(######typedef######)
+     d                                     align qualified
+     d  name                           *                                        const char *
+     d  name_len                           like(libssh2_Culong)
+     d  blob                           *                                        const uns char *
+     d  blob_len                           like(libssh2_Culong)
+     d  num_attrs                          like(libssh2_Culong)
+     d  attrs                          *                                        libssh2_publickey...
+     d                                                                          attribute *
+
+      * Publickey Subsystem.
+     d libssh2_publickey_init...
+     d                 pr              *   extproc('libssh2_publickey_init')    LIBSSH2_PUBLICKEY *
+     d  session                        *   value                                LIBSSH2_SESSION *
+
+     d libssh2_publickey_add_ex...
+     d                 pr                  extproc('libssh2_publickey_add_ex')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  name                           *   value options(*string)               const uns char *
+     d  name_len                           value like(libssh2_Culong)
+     d  blob                           *   value options(*string)               const uns char *
+     d  blob_len                           value like(libssh2_Culong)
+     d  overwrite                          value like(libssh2_Cchar)
+     d  num_attrs                          value like(libssh2_Culong)
+     d  attrs                              likeds(libssh2_publickey_attribute)
+     d                                     dim(1000)
+
+      * C macro implementation.
+     d libssh2_publickey_add...
+     d                 pr                  extproc('libssh2_publickey_add')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  name                           *   value options(*string)               const unsigned char
+     d                                                                          *
+     d  blob                           *   value options(*string)               const unsigned char
+     d                                                                          *
+     d  blob_len                           value like(libssh2_Culong)
+     d  overwrite                          value like(libssh2_Cchar)
+     d  num_attrs                          value like(libssh2_Culong)
+     d  attrs                              likeds(libssh2_publickey_attribute)
+     d                                     dim(1000)
+
+     d libssh2_publickey_remove_ex...
+     d                 pr                  extproc(
+     d                                     'libssh2_publickey_remove_ex')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  name                           *   value options(*string)               const uns char *
+     d  name_len                           value like(libssh2_Culong)
+     d  blob                           *   value options(*string)               const uns char *
+     d  blob_len                           value like(libssh2_Culong)
+
+      * C macro implementation.
+     d libssh2_publickey_remove...
+     d                 pr                  extproc('libssh2_publickey_remove')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  name                           *   value options(*string)               const uns char *
+     d  blob                           *   value options(*string)               const uns char *
+     d  blob_len                           value like(libssh2_Culong)
+
+     d libssh2_publickey_list_fetch...
+     d                 pr                  extproc(
+     d                                     'libssh2_publickey_list_fetch')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  num_keys                       *   value                                unsigned long *
+     d  pkey_list                      *                                        libssh2_publickey...
+     d                                                                          _list *(*)
+
+     d libssh2_publickey_list_free...
+     d                 pr                  extproc(
+     d                                     'libssh2_publickey_list_free')
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+     d  pkey_list                          likeds(libssh2_publickey_list)
+
+     d libssh2_publickey_shutdown...
+     d                 pr                  extproc('libssh2_publickey_shutdown')
+     d                                     like(libssh2_Cint)
+     d  pkey                           *   value                                LIBSSH2_PUBLICKEY *
+
+      /endif                                                                    LIBSSH2_PUBLICKEY_H_

os400/libssh2rpg/libssh2_sftp.rpgle

@@ -0,0 +1,621 @@
+      * Copyright (c) 2015, Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+      * All rights reserved.
+      *
+      * Redistribution and use in source and binary forms,
+      * with or without modification, are permitted provided
+      * that the following conditions are met:
+      *
+      *   Redistributions of source code must retain the above
+      *   copyright notice, this list of conditions and the
+      *   following disclaimer.
+      *
+      *   Redistributions in binary form must reproduce the above
+      *   copyright notice, this list of conditions and the following
+      *   disclaimer in the documentation and/or other materials
+      *   provided with the distribution.
+      *
+      *   Neither the name of the copyright holder nor the names
+      *   of any other contributors may be used to endorse or
+      *   promote products derived from this software without
+      *   specific prior written permission.
+      *
+      * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+      * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+      * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+      * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+      * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+      * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+      * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+      * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+      * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+      * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+      * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+      * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+      * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+      * OF SUCH DAMAGE.
+
+      /if not defined(LIBSSH2_SFTP_H_)
+      /define LIBSSH2_SFTP_H_
+
+      /include "libssh2rpg/libssh2"
+
+      * Note: Version 6 was documented at the time of writing
+      * However it was marked as "DO NOT IMPLEMENT" due to pending changes
+      *
+      * Let's start with Version 3 (The version found in OpenSSH) and go from
+      * there.
+     d LIBSSH2_SFTP_VERSION...
+     d                 c                   3
+
+      * Flags for open_ex().
+     d LIBSSH2_SFTP_OPENFILE...
+     d                 c                   0
+     d LIBSSH2_SFTP_OPENDIR...
+     d                 c                   1
+
+      * Flags for rename_ex().
+     d LIBSSH2_SFTP_RENAME_OVERWRITE...
+     d                 c                   X'00000001'
+     d LIBSSH2_SFTP_RENAME_ATOMIC...
+     d                 c                   X'00000002'
+     d LIBSSH2_SFTP_RENAME_NATIVE...
+     d                 c                   X'00000004'
+
+      * Flags for stat_ex().
+     d LIBSSH2_SFTP_STAT...
+     d                 c                   0
+     d LIBSSH2_SFTP_LSTAT...
+     d                 c                   1
+     d LIBSSH2_SFTP_SETSTAT...
+     d                 c                   2
+
+      * Flags for symlink_ex().
+     d LIBSSH2_SFTP_SYMLINK...
+     d                 c                   0
+     d LIBSSH2_SFTP_READLINK...
+     d                 c                   1
+     d LIBSSH2_SFTP_REALPATH...
+     d                 c                   2
+
+      * SFTP attribute flag bits.
+     d LIBSSH2_SFTP_ATTR_SIZE...
+     d                 c                   X'00000001'
+     d LIBSSH2_SFTP_ATTR_UIDGID...
+     d                 c                   X'00000002'
+     d LIBSSH2_SFTP_ATTR_PERMISSIONS...
+     d                 c                   X'00000004'
+     d LIBSSH2_SFTP_ATTR_ACMODTIME...
+     d                 c                   X'00000008'
+     d LIBSSH2_SFTP_ATTR_EXTENDED...
+     d                 c                   X'80000000'
+
+      * SFTP statvfs flag bits.
+     d LIBSSH2_SFTP_ST_RDONLY...
+     d                 c                   X'00000001'
+     d LIBSSH2_SFTP_ST_NOSUID...
+     d                 c                   X'00000002'
+
+     d #LIBSSH2_SFTP_ATTRIBUTES...
+     d                 ds                  based(######typedef######)
+     d                                     align qualified
+      * If flags & ATTR_* bit is set, then the value in this struct will be
+      * meaningful Otherwise it should be ignored.
+     d  flags                              like(libssh2_Culong)
+     d  filesize                           like(libssh2_uint64_t)
+     d  uid                                like(libssh2_Culong)
+     d  gid                                like(libssh2_Culong)
+     d  permissions                        like(libssh2_Culong)
+     d  atime                              like(libssh2_Culong)
+     d  mtime                              like(libssh2_Culong)
+
+     d #LIBSSH2_SFTP_STATVFS...
+     d                 ds                  based(######typedef######)
+     d                                     align qualified
+     d  f_bsize                            like(libssh2_uint64_t)               Filesys block size
+     d  f_frsize                           like(libssh2_uint64_t)               Fragment size
+     d  f_blocks                           like(libssh2_uint64_t)               FS size in f_frsize
+     d  f_bfree                            like(libssh2_uint64_t)               Free blocks
+     d  f_bavail                           like(libssh2_uint64_t)               Free blks f. nonroot
+     d  f_files                            like(libssh2_uint64_t)               Inodes
+     d  f_ffree                            like(libssh2_uint64_t)               Free inodes
+     d  f_favail                           like(libssh2_uint64_t)               Free inds f. nonroot
+     d  f_fsid                             like(libssh2_uint64_t)               File system ID
+     d  f_flag                             like(libssh2_uint64_t)               Mount flags
+     d  f_namemax                          like(libssh2_uint64_t)               Max filename length
+
+      * SFTP filetypes.
+     d LIBSSH2_SFTP_TYPE_REGULAR...
+     d                 c                   1
+     d LIBSSH2_SFTP_TYPE_DIRECTORY...
+     d                 c                   2
+     d LIBSSH2_SFTP_TYPE_SYMLINK...
+     d                 c                   3
+     d LIBSSH2_SFTP_TYPE_SPECIAL...
+     d                 c                   4
+     d LIBSSH2_SFTP_TYPE_UNKNOWN...
+     d                 c                   5
+     d LIBSSH2_SFTP_TYPE_SOCKET...
+     d                 c                   6
+     d LIBSSH2_SFTP_TYPE_CHAR_DEVICE...
+     d                 c                   7
+     d LIBSSH2_SFTP_TYPE_BLOCK_DEVICE...
+     d                 c                   8
+     d LIBSSH2_SFTP_TYPE_FIFO...
+     d                 c                   9
+
+      * Reproduce the POSIX file modes here for systems that are not POSIX
+      * compliant.
+      *
+      * These is used in "permissions" of "struct _LIBSSH2_SFTP_ATTRIBUTES"
+
+      * File type.
+     d LIBSSH2_SFTP_S_IFMT...                                                   type of file mask
+     d                 c                   X'F000'
+     d LIBSSH2_SFTP_S_IFIFO...                                                  named pipe (fifo)
+     d                 c                   X'1000'
+     d LIBSSH2_SFTP_S_IFCHR...                                                  character special
+     d                 c                   X'2000'
+     d LIBSSH2_SFTP_S_IFDIR...                                                  directory
+     d                 c                   X'4000'
+     d LIBSSH2_SFTP_S_IFBLK...                                                  block special
+     d                 c                   X'6000'
+     d LIBSSH2_SFTP_S_IFREG...                                                  regular
+     d                 c                   X'8000'
+     d LIBSSH2_SFTP_S_IFLNK...                                                  symbolic link
+     d                 c                   X'A000'
+     d LIBSSH2_SFTP_S_IFSOCK...                                                 socket
+     d                 c                   X'C000'
+
+      * File mode.
+      * Read, write, execute/search by owner.
+     d LIBSSH2_SFTP_S_IRWXU...                                                  RWX mask for owner
+     d                 c                   X'01C0'
+     d LIBSSH2_SFTP_S_IRUSR...                                                  R for owner
+     d                 c                   X'0100'
+     d LIBSSH2_SFTP_S_IWUSR...                                                  W for owner
+     d                 c                   X'0080'
+     d LIBSSH2_SFTP_S_IXUSR...                                                  X for owner
+     d                 c                   X'0040'
+      * Read, write, execute/search by group.
+     d LIBSSH2_SFTP_S_IRWXG...                                                  RWX mask for group
+     d                 c                   X'0038'
+     d LIBSSH2_SFTP_S_IRGRP...                                                  R for group
+     d                 c                   X'0020'
+     d LIBSSH2_SFTP_S_IWGRP...                                                  W for group
+     d                 c                   X'0010'
+     d LIBSSH2_SFTP_S_IXGRP...                                                  X for group
+     d                 c                   X'0008'
+      * Read, write, execute/search by others.
+     d LIBSSH2_SFTP_S_IRWXO...                                                  RWX mask for other
+     d                 c                   X'0007'
+     d LIBSSH2_SFTP_S_IROTH...                                                  R for other
+     d                 c                   X'0004'
+     d LIBSSH2_SFTP_S_IWOTH...                                                  W for other
+     d                 c                   X'0002'
+     d LIBSSH2_SFTP_S_IXOTH...                                                  X for other
+     d                 c                   X'0001'
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISLNK...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISLNK')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISREG...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISREG')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISDIR...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISDIR')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISCHR...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISCHR')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISBLK...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISBLK')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISFIFO...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISFIFO')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * C macro implementation.
+     d LIBSSH2_SFTP_S_ISSOCK...
+     d                 pr                  extproc('LIBSSH2_SFTP_S_ISSOCK')
+     d                                     like(libssh2_Cint)
+     d  permissions                        value like(libssh2_Culong)
+
+      * SFTP File Transfer Flags -- (e.g. flags parameter to sftp_open())
+      * Danger will robinson... APPEND doesn't have any effect on OpenSSH
+      * servers.
+     d LIBSSH2_FXF_READ...
+     d                 c                   X'00000001'
+     d LIBSSH2_FXF_WRITE...
+     d                 c                   X'00000002'
+     d LIBSSH2_FXF_APPEND...
+     d                 c                   X'00000004'
+     d LIBSSH2_FXF_CREAT...
+     d                 c                   X'00000008'
+     d LIBSSH2_FXF_TRUNC...
+     d                 c                   X'00000010'
+     d LIBSSH2_FXF_EXCL...
+     d                 c                   X'00000020'
+
+      * SFTP Status Codes (returned by libssh2_sftp_last_error()).
+     d LIBSSH2_FX_OK...
+     d                 c                   0
+     d LIBSSH2_FX_EOF...
+     d                 c                   1
+     d LIBSSH2_FX_NO_SUCH_FILE...
+     d                 c                   2
+     d LIBSSH2_FX_PERMISSION_DENIED...
+     d                 c                   3
+     d LIBSSH2_FX_FAILURE...
+     d                 c                   4
+     d LIBSSH2_FX_BAD_MESSAGE...
+     d                 c                   5
+     d LIBSSH2_FX_NO_CONNECTION...
+     d                 c                   6
+     d LIBSSH2_FX_CONNECTION_LOST...
+     d                 c                   7
+     d LIBSSH2_FX_OP_UNSUPPORTED...
+     d                 c                   8
+     d LIBSSH2_FX_INVALID_HANDLE...
+     d                 c                   9
+     d LIBSSH2_FX_NO_SUCH_PATH...
+     d                 c                   10
+     d LIBSSH2_FX_FILE_ALREADY_EXISTS...
+     d                 c                   11
+     d LIBSSH2_FX_WRITE_PROTECT...
+     d                 c                   12
+     d LIBSSH2_FX_NO_MEDIA...
+     d                 c                   13
+     d LIBSSH2_FX_NO_SPACE_ON_FILESYSTEM...
+     d                 c                   14
+     d LIBSSH2_FX_QUOTA_EXCEEDED...
+     d                 c                   15
+     d LIBSSH2_FX_UNKNOWN_PRINCIPAL...
+     d                 c                   16
+     d LIBSSH2_FX_LOCK_CONFLICT...
+     d                 c                   17
+     d LIBSSH2_FX_DIR_NOT_EMPTY...
+     d                 c                   18
+     d LIBSSH2_FX_NOT_A_DIRECTORY...
+     d                 c                   19
+     d LIBSSH2_FX_INVALID_FILENAME...
+     d                 c                   20
+     d LIBSSH2_FX_LINK_LOOP...
+     d                 c                   21
+
+      * Returned by any function that would block during a read/write operation.
+     d LIBSSH2SFTP_EAGAIN...
+     d                 c                   -37
+
+      * SFTP API.
+     d libssh2_sftp_init...
+     d                 pr              *   extproc('libssh2_sftp_init')         LIBSSH2_SFTP *
+     d  session                        *   value                                LIBSSH2_SESSION *
+
+     d libssh2_sftp_shutdown...
+     d                 pr                  extproc('libssh2_sftp_shutdown')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+
+     d libssh2_sftp_last_error...
+     d                 pr                  extproc('libssh2_sftp_last_error')
+     d                                     like(libssh2_Culong)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+
+     d libssh2_sftp_get_channel...
+     d                 pr              *   extproc('libssh2_sftp_get_channel')  LIBSSH2_CHANNEL *
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+
+      * File / Directory Ops.
+     d libssh2_sftp_open_ex...
+     d                 pr              *   extproc('libssh2_sftp_open_ex')      LIBSSH2_SFTP_HANDLE*
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  filename                       *   value options(*string)               const char *
+     d  filename_len                       value like(libssh2_Cuint)
+     d  flags                              value like(libssh2_Culong)
+     d  mode                               value like(libssh2_Clong)
+     d  open_type                          value like(libssh2_Cint)
+
+      * C macro implementation.
+     d libssh2_sftp_open...
+     d                 pr              *   extproc('libssh2_sftp_open')         LIBSSH2_SFTP_HANDLE
+     d                                                                          *
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  filename                       *   value options(*string)               const char *
+     d  flags                              value like(libssh2_Culong)
+     d  mode                               value like(libssh2_Clong)
+
+      * C macro libssh2_sftp_opendir implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_open_dir...
+     d                 pr              *   extproc('libssh2_sftp_opendir')      LIBSSH2_SFTP_HANDLE
+     d                                                                          *
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+
+     d libssh2_sftp_read...
+     d                 pr                  extproc('libssh2_sftp_read')
+     d                                     like(libssh2_Cssize_t)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  buffer                         *   value options(*string)               char *
+     d  buffer_maxlen                      value like(libssh2_Csize_t)
+
+     d libssh2_sftp_readdir_ex...
+     d                 pr                  extproc('libssh2_sftp_readdir_ex')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  buffer                         *   value                                char *
+     d  buffer_maxlen                      value like(libssh2_Csize_t)
+     d  longentry                      *   value                                char *
+     d  longentry_maxlen...
+     d                                     value like(libssh2_Csize_t)
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * C macro implementation.
+     d libssh2_sftp_readdir...
+     d                 pr                  extproc('libssh2_sftp_readdir')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  buffer                         *   value                                char *
+     d  buffer_maxlen                      value like(libssh2_Csize_t)
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+     d libssh2_sftp_write...
+     d                 pr                  extproc('libssh2_sftp_write')
+     d                                     like(libssh2_Cssize_t)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  buffer                         *   value options(*string)               const char *
+     d  count                              value like(libssh2_Csize_t)
+
+     d libssh2_sftp_fsync...
+     d                 pr                  extproc('libssh2_sftp_fsync')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+     d libssh2_sftp_close_handle...
+     d                 pr                  extproc('libssh2_sftp_close_handle')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+      * C macro implementation.
+     d libssh2_sftp_close...
+     d                 pr                  extproc('libssh2_sftp_close_handle')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+      * C macro implementation.
+     d libssh2_sftp_closedir...
+     d                 pr                  extproc('libssh2_sftp_close_handle')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+     d libssh2_sftp_seek...
+     d                 pr                  extproc('libssh2_sftp_seek')
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  offset                             value like(libssh2_Csize_t)
+
+     d libssh2_sftp_seek64...
+     d                 pr                  extproc('libssh2_sftp_seek64')
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  offset                             value like(libssh2_uint64_t)
+
+      * C macro implementation.
+     d libssh2_sftp_rewind...
+     d                 pr                  extproc('libssh2_sftp_rewind')
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+     d libssh2_sftp_tell...
+     d                 pr                  extproc('libssh2_sftp_tell')
+     d                                     like(libssh2_Csize_t)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+     d libssh2_sftp_tell64...
+     d                 pr                  extproc('libssh2_sftp_tell64')
+     d                                     like(libssh2_uint64_t)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+
+     d libssh2_sftp_fstat_ex...
+     d                 pr                  extproc('libssh2_sftp_fstat_ex')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+     d  setstat                            value like(libssh2_Cint)
+
+      * C macro implementation.
+     d libssh2_sftp_fstat...
+     d                 pr                  extproc('libssh2_sftp_fstat')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * C macro implementation.
+     d libssh2_sftp_fsetstat...
+     d                 pr                  extproc('libssh2_sftp_fsetstat')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * Miscellaneous Ops.
+     d libssh2_sftp_rename_ex...
+     d                 pr                  extproc('libssh2_sftp_rename_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  source_filename...
+     d                                 *   value options(*string)               const char *
+     d  source_filename_len...
+     d                                     value like(libssh2_Cuint)
+     d  dest_filename                  *   value options(*string)               const char *
+     d  dest_filename_len...
+     d                                     value like(libssh2_Cuint)
+     d  flags                              value like(libssh2_Clong)
+
+      * C macro implementation.
+     d libssh2_sftp_rename...
+     d                 pr                  extproc('libssh2_sftp_rename')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  source_filename...
+     d                                 *   value options(*string)               const char *
+     d  dest_filename                  *   value options(*string)               const char *
+
+     d libssh2_sftp_unlink_ex...
+     d                 pr                  extproc('libssh2_sftp_unlink_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  filename                       *   value options(*string)               const char *
+     d  filename_len                       value like(libssh2_Cuint)
+
+      * C macro implementation.
+     d libssh2_sftp_unlink...
+     d                 pr                  extproc('libssh2_sftp_unlink')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  filename                       *   value options(*string)               const char *
+
+     d libssh2_sftp_fstatvfs...
+     d                 pr                  extproc('libssh2_sftp_fstatvfs')
+     d                                     like(libssh2_Cint)
+     d  handle                         *   value                                LIBSSH2_SFTP_HANDLE*
+     d  st                             *   value                                LIBSSH2_SFTP_STATVFS
+     d                                                                          *
+
+     d libssh2_sftp_statvfs...
+     d                 pr                  extproc('libssh2_sftp_statvfs')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  path_len                           value like(libssh2_Csize_t)
+     d  st                             *   value                                LIBSSH2_SFTP_STATVFS
+     d                                                                          *
+
+     d libssh2_sftp_mkdir_ex...
+     d                 pr                  extproc('libssh2_sftp_mkdir_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  path_len                           value like(libssh2_Cuint)
+     d  mode                               value like(libssh2_Clong)
+
+      * C macro implementation.
+     d libssh2_sftp_mkdir...
+     d                 pr                  extproc('libssh2_sftp_mkdir')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  mode                               value like(libssh2_Clong)
+
+     d libssh2_sftp_rmdir_ex...
+     d                 pr                  extproc('libssh2_sftp_rmdir_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  path_len                           value like(libssh2_Cuint)
+
+      * C macro implementation.
+     d libssh2_sftp_rmdir...
+     d                 pr                  extproc('libssh2_sftp_rmdir')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+
+     d libssh2_sftp_stat_ex...
+     d                 pr                  extproc('libssh2_sftp_stat_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  path_len                           value like(libssh2_Cuint)
+     d  stat_type                          value like(libssh2_Cint)
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * C macro libssh2_sftp_stat implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_get_stat...
+     d                 pr                  extproc('libssh2_sftp_stat')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * C macro libssh2_sftp_lstat implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_get_lstat...
+     d                 pr                  extproc('libssh2_sftp_lstat')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+      * C macro libssh2_sftp_setstat implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_set_stat...
+     d                 pr                  extproc('libssh2_sftp_setstat')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  attrs                          *   value                                LIBSSH2_SFTP_...
+     d                                                                          ATTRIBUTES *
+
+     d libssh2_sftp_symlink_ex...
+     d                 pr                  extproc('libssh2_sftp_symlink_ex')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  path_len                           value like(libssh2_Cuint)
+     d  target                         *   value options(*string)               char *
+     d  target_len                         value like(libssh2_Cuint)
+     d  link_type                          value like(libssh2_Cint)
+
+      * C macro libssh2_sftp_symlink implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_sym_link...
+     d                 pr                  extproc('libssh2_sftp_symlink')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  orig                           *   value options(*string)               const char *
+     d  linkpath                       *   value options(*string)               char *
+
+      * C macro libssh2_sftp_readlink implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_read_link...
+     d                 pr                  extproc('libssh2_sftp_readlink')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  target                         *   value                                char *
+     d  maxlen                             value like(libssh2_Cuint)
+
+      * C macro libssh2_sftp_realpath implementation.
+      * Renamed to avoid upper/lower case name clash.
+     d libssh2_sftp_real_path...
+     d                 pr                  extproc('libssh2_sftp_realpath')
+     d                                     like(libssh2_Cint)
+     d  sftp                           *   value                                LIBSSH2_SFTP *
+     d  path                           *   value options(*string)               const char *
+     d  target                         *   value                                char *
+     d  maxlen                             value like(libssh2_Cuint)
+
+      /endif                                                                    LIBSSH2_SFTP_H_

os400/macros.h

@@ -0,0 +1,168 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_MACROS_H_
+#define LIBSSH2_MACROS_H_
+
+#include "libssh2.h"
+#include "libssh2_publickey.h"
+#include "libssh2_sftp.h"
+
+/*
+ * Dummy prototypes to generate wrapper procedures to C macros.
+ * This is a helper for languages without a clever preprocessor (ILE/RPG).
+ */
+
+LIBSSH2_API LIBSSH2_SESSION * libssh2_session_init(void);
+LIBSSH2_API int libssh2_session_disconnect(LIBSSH2_SESSION *session,
+                                           const char *description);
+LIBSSH2_API int libssh2_userauth_password(LIBSSH2_SESSION *session,
+                                          const char *username,
+                                          const char *password);
+LIBSSH2_API int
+libssh2_userauth_publickey_fromfile(LIBSSH2_SESSION *session,
+                                    const char *username,
+                                    const char *publickey,
+                                    const char *privatekey,
+                                    const char *passphrase);
+LIBSSH2_API int
+libssh2_userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
+                                    const char *username,
+                                    const char *publickey,
+                                    const char *privatekey,
+                                    const char *passphrase,
+                                    const char *hostname);
+LIBSSH2_API int
+libssh2_userauth_keyboard_interactive(LIBSSH2_SESSION* session,
+                                      const char *username,
+                                      LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(
+                                                       (*response_callback)));
+LIBSSH2_API LIBSSH2_CHANNEL *
+libssh2_channel_open_session(LIBSSH2_SESSION *session);
+LIBSSH2_API LIBSSH2_CHANNEL *
+libssh2_channel_direct_tcpip(LIBSSH2_SESSION *session, const char *host,
+                             int port);
+LIBSSH2_API LIBSSH2_LISTENER *
+libssh2_channel_forward_listen(LIBSSH2_SESSION *session, int port);
+LIBSSH2_API int
+libssh2_channel_setenv(LIBSSH2_CHANNEL *channel,
+                       const char *varname, const char *value);
+LIBSSH2_API int
+libssh2_channel_request_pty(LIBSSH2_CHANNEL *channel, const char *term);
+LIBSSH2_API int
+libssh2_channel_request_pty_size(LIBSSH2_CHANNEL *channel,
+                                 int width, int height);
+LIBSSH2_API int
+libssh2_channel_x11_req(LIBSSH2_CHANNEL *channel, int screen_number);
+LIBSSH2_API int
+libssh2_channel_shell(LIBSSH2_CHANNEL *channel);
+LIBSSH2_API int
+libssh2_channel_exec(LIBSSH2_CHANNEL *channel, const char *command);
+LIBSSH2_API int
+libssh2_channel_subsystem(LIBSSH2_CHANNEL *channel, const char *subsystem);
+LIBSSH2_API ssize_t
+libssh2_channel_read(LIBSSH2_CHANNEL *channel, char *buf, size_t buflen);
+LIBSSH2_API ssize_t
+libssh2_channel_read_stderr(LIBSSH2_CHANNEL *channel, char *buf, size_t buflen);
+LIBSSH2_API unsigned long
+libssh2_channel_window_read(LIBSSH2_CHANNEL *channel);
+LIBSSH2_API ssize_t
+libssh2_channel_write(LIBSSH2_CHANNEL *channel, const char *buf, size_t buflen);
+LIBSSH2_API ssize_t
+libssh2_channel_write_stderr(LIBSSH2_CHANNEL *channel,
+                             const char *buf, size_t buflen);
+LIBSSH2_API unsigned long
+libssh2_channel_window_write(LIBSSH2_CHANNEL *channel);
+LIBSSH2_API int libssh2_channel_flush(LIBSSH2_CHANNEL *channel);
+LIBSSH2_API int libssh2_channel_flush_stderr(LIBSSH2_CHANNEL *channel);
+LIBSSH2_API LIBSSH2_CHANNEL *
+libssh2_scp_send(LIBSSH2_SESSION *session,
+                 const char *path, int mode, libssh2_int64_t size);
+
+LIBSSH2_API int
+libssh2_publickey_add(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
+		      const unsigned char *blob, unsigned long blob_len,
+                      char overwrite, unsigned long num_attrs,
+		      const libssh2_publickey_attribute attrs[]);
+LIBSSH2_API int
+libssh2_publickey_remove(LIBSSH2_PUBLICKEY *pkey, const unsigned char *name,
+                         const unsigned char *blob, unsigned long blob_len);
+
+LIBSSH2_API int LIBSSH2_SFTP_S_ISLNK(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISREG(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISDIR(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISCHR(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISBLK(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISFIFO(unsigned long permissions);
+LIBSSH2_API int LIBSSH2_SFTP_S_ISSOCK(unsigned long permissions);
+LIBSSH2_API LIBSSH2_SFTP_HANDLE *
+libssh2_sftp_open(LIBSSH2_SFTP *sftp, const char *filename,
+                  unsigned long flags, long mode);
+LIBSSH2_API LIBSSH2_SFTP_HANDLE *
+libssh2_sftp_opendir(LIBSSH2_SFTP *sftp, const char *path);
+LIBSSH2_API int libssh2_sftp_readdir(LIBSSH2_SFTP_HANDLE *handle,
+                                     char *buffer, size_t buffer_maxlen,
+                                     LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_close(LIBSSH2_SFTP_HANDLE *handle);
+LIBSSH2_API int libssh2_sftp_closedir(LIBSSH2_SFTP_HANDLE *handle);
+LIBSSH2_API void libssh2_sftp_rewind(LIBSSH2_SFTP_HANDLE *handle);
+LIBSSH2_API int libssh2_sftp_fstat(LIBSSH2_SFTP_HANDLE *handle,
+                                   LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_fsetstat(LIBSSH2_SFTP_HANDLE *handle,
+                                      LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_rename(LIBSSH2_SFTP *sftp,
+                                    const char *source_filename,
+                                    const char *dest_filename);
+LIBSSH2_API int libssh2_sftp_unlink(LIBSSH2_SFTP *sftp, const char *filename);
+LIBSSH2_API int libssh2_sftp_mkdir(LIBSSH2_SFTP *sftp,
+                                   const char *path, long mode);
+LIBSSH2_API int libssh2_sftp_rmdir(LIBSSH2_SFTP *sftp, const char *path);
+LIBSSH2_API int libssh2_sftp_stat(LIBSSH2_SFTP *sftp, const char *path,
+                                  LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_lstat(LIBSSH2_SFTP *sftp, const char *path,
+                                   LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_setstat(LIBSSH2_SFTP *sftp, const char *path,
+                                     LIBSSH2_SFTP_ATTRIBUTES *attrs);
+LIBSSH2_API int libssh2_sftp_symlink(LIBSSH2_SFTP *sftp, const char *orig,
+                                     char *linkpath);
+LIBSSH2_API int libssh2_sftp_readlink(LIBSSH2_SFTP *sftp, const char *path,
+                                      char *target, unsigned int maxlen);
+LIBSSH2_API int libssh2_sftp_realpath(LIBSSH2_SFTP *sftp, const char *path,
+                                      char *target, unsigned int maxlen);
+
+#endif

os400/make-include.sh

@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+#       Installation of the header files in the OS/400 library.
+#
+
+SCRIPTDIR=`dirname "${0}"`
+. "${SCRIPTDIR}/initscript.sh"
+cd "${TOPDIR}/include"
+
+
+#       Create the OS/400 source program file for the header files.
+
+SRCPF="${LIBIFSNAME}/H.FILE"
+
+if action_needed "${SRCPF}"
+then    CMD="CRTSRCPF FILE(${TARGETLIB}/H) RCDLEN(112)"
+        CMD="${CMD} CCSID(${TGTCCSID}) TEXT('libssh2: Header files')"
+        system "${CMD}"
+fi
+
+
+#       Create the IFS directory for the header files.
+
+IFSINCLUDE="${IFSDIR}/include"
+
+if action_needed "${IFSINCLUDE}"
+then    mkdir -p "${IFSINCLUDE}"
+fi
+
+
+copy_hfile()
+
+{
+        destfile="${1}"
+        srcfile="${2}"
+        shift
+        shift
+        sed -e '1i\
+#pragma datamodel(P128)\
+' "${@}" -e '$a\
+#pragma datamodel(pop)\
+' < "${srcfile}" > "${destfile}"
+}
+
+#       Copy the header files.
+
+for HFILE in *.h "${TOPDIR}/os400/libssh2_ccsid.h"
+do      DEST="${SRCPF}/`db2_name \"${HFILE}\"`.MBR"
+
+        if action_needed "${DEST}" "${HFILE}"
+        then    copy_hfile "${DEST}" "${HFILE}"
+                IFSDEST="${IFSINCLUDE}/`basename \"${HFILE}\"`"
+                rm -f "${IFSDEST}"
+                ln -s "${DEST}" "${IFSDEST}"
+        fi
+done

os400/make-rpg.sh

@@ -0,0 +1,92 @@
+#!/bin/sh
+#
+#       Installation of the ILE/RPG header files in the OS/400 library.
+#
+
+SCRIPTDIR=`dirname "${0}"`
+. "${SCRIPTDIR}/initscript.sh"
+cd "${TOPDIR}/os400/libssh2rpg"
+
+
+#       Create the OS/400 source program file for the ILE/RPG header files.
+
+SRCPF="${LIBIFSNAME}/LIBSSH2RPG.FILE"
+
+if action_needed "${SRCPF}"
+then    CMD="CRTSRCPF FILE(${TARGETLIB}/LIBSSH2RPG) RCDLEN(112)"
+        CMD="${CMD} CCSID(${TGTCCSID}) TEXT('libssh2: ILE/RPG header files')"
+        system "${CMD}"
+fi
+
+
+#       Map file names to DB2 name syntax.
+
+for HFILE in *.rpgle *.rpgle.in
+do      NAME="`basename \"${HFILE}\" .in`"
+        VAR="`basename \"${NAME}\" .rpgle`"
+        VAL="`db2_name \"${NAME}\"`"
+
+        eval "VAR_${VAR}=\"${VAL}\""
+        echo "${VAR} s/${VAR}/${VAL}/g"
+done > tmpsubstfile1
+
+#       Order substitution commands so that a prefix appears after all
+#               file names beginning with the prefix.
+
+sort -r tmpsubstfile1 | sed 's/^[^ ]*[ ]*//' > tmpsubstfile2
+
+
+change_include()
+
+{
+        sed -e '\#^....../include  *"libssh2rpg/#{'                     \
+            -e 's///'                                                   \
+            -e 's/".*//'                                                \
+            -f tmpsubstfile2                                            \
+            -e 's#.*#      /include libssh2rpg,&#'                      \
+            -e '}'
+}
+
+
+#       Create the IFS directory for the ILE/RPG header files.
+
+RPGIFSDIR="${IFSDIR}/include/libssh2rpg"
+
+if action_needed "${RPGIFSDIR}"
+then    mkdir -p "${RPGIFSDIR}"
+fi
+
+#       Copy the header files to IFS ILE/RPG include directory.
+#       Copy them with include path editing to the DB2 library.
+
+for HFILE in *.rpgle *.rpgle.in
+do      IFSCMD="cat \"${HFILE}\""
+        DB2CMD="change_include < \"${HFILE}\""
+        IFSFILE="`basename \"${HFILE}\" .in`"
+
+        case "${HFILE}" in
+
+        *.in)   IFSCMD="${IFSCMD} | versioned_copy"
+                DB2CMD="${DB2CMD} | versioned_copy"
+                ;;
+        esac
+
+        IFSDEST="${RPGIFSDIR}/${IFSFILE}"
+
+        if action_needed "${IFSDEST}" "${HFILE}"
+        then    eval "${IFSCMD}" > "${IFSDEST}"
+        fi
+
+        eval DB2MBR="\"\${VAR_`basename \"${IFSDEST}\" .rpgle`}\""
+        DB2DEST="${SRCPF}/${DB2MBR}.MBR"
+
+        if action_needed "${DB2DEST}" "${HFILE}"
+        then    eval "${DB2CMD}" | change_include > tmphdrfile
+
+                #       Need to translate to target CCSID.
+
+                CMD="CPY OBJ('`pwd`/tmphdrfile') TOOBJ('${DB2DEST}')"
+                CMD="${CMD} TOCCSID(${TGTCCSID}) DTAFMT(*TEXT) REPLACE(*YES)"
+                system "${CMD}"
+        fi
+done

os400/make-src.sh

@@ -0,0 +1,208 @@
+#!/bin/sh
+#
+#       libssh2 compilation script for the OS/400.
+#
+
+SCRIPTDIR=`dirname "${0}"`
+. "${SCRIPTDIR}/initscript.sh"
+cd "${TOPDIR}/src"
+
+
+#       Function to extract external prototypes from header files.
+#       Input: concatenated header files.
+#       Output: external prototypes, one per (long) line.
+
+extproto()
+{
+        sed -e 'x;G;s/^\n//;s/\n/ /g'                                   \
+            -e 's#[[:space:]]*/\*[^*]*\(\*\([^/*][^*]*\)\{0,1\}\)*\*/[[:space:]]*##g' \
+            -e 'h'                                                      \
+            -e '/\/\*/!{'                                               \
+            -e '/^#/{s/^.*[^\\]$//;h;d'                                 \
+            -e '}'                                                      \
+            -e 's/[{}]/;/g;s/\\$//'                                     \
+            -e ':loop1'                                                 \
+            -e '/;/{'                                                   \
+            -e 's/^[^;]*;//;x;s/;.*//'                                  \
+            -e '/^[[:space:]]*LIBSSH2_API[[:space:]].*(/{'              \
+            -e 's/^[[:space:]]*LIBSSH2_API[[:space:]]*//'               \
+            -e 's/[[:space:]]*$//'                                      \
+            -e 's/[[:space:]][[:space:]]*/ /g'                          \
+            -e 'p'                                                      \
+            -e '}'                                                      \
+            -e 'g;bloop1'                                               \
+            -e '}'                                                      \
+            -e '}'                                                      \
+            -n
+}
+
+#       Need to have IFS access to the mih/modasa header file.
+
+if action_needed modasa.mih '/QSYS.LIB/QSYSINC.LIB/MIH.FILE/MODASA.MBR'
+then    rm -f modasa.mih
+        ln -s '/QSYS.LIB/QSYSINC.LIB/MIH.FILE/MODASA.MBR' modasa.mih
+fi
+
+
+#      Create and compile the identification source file.
+
+echo '#pragma comment(user, "libssh2 version '"${LIBSSH2_VERSION}"'")' > os400.c
+echo '#pragma comment(user, __DATE__)' >> os400.c
+echo '#pragma comment(user, __TIME__)' >> os400.c
+echo '#pragma comment(copyright, "See COPYING file. OS/400 version by P. Monnerat")' >> os400.c
+make_module     OS400           os400.c
+LINK=                           # No need to rebuild service program yet.
+MODULES=
+
+
+#       Generate the procedures implementing macros.
+
+if action_needed macros.c "${TOPDIR}/os400/macros.h"
+then    (
+                echo '#include "libssh2_publickey.h"'
+                echo '#include "libssh2_sftp.h"'
+                extproto < "${TOPDIR}/os400/macros.h"                   |
+                sed -e 'h;s/^[^(]*[ *]\([^ (]*\) *(.*/\1/'              \
+                    -e 's/.*/#pragma map(_&, "&")/;p'                   \
+                    -e 'g;s/^\([^(]*[ *]\)\([^ (]*\)\( *(.*\)/\1_\2\3 {/;p' \
+                    -e 'g;s/^[^(]*(\(.*\))$/,\1,/;s/[^A-Za-z0-9_,]/ /g' \
+                    -e 's/  *,/,/g;s/,[^,]* \([^ ,]*\)/,\1/g'           \
+                    -e 's/ //g;s/^,void,$/,,/'                          \
+                    -e 's/^,\(.*\),$/(\1); }/;s/,/, /g'                 \
+                    -e 'x;s/(.*//;s/ *$//;G;s/\n//g'                    \
+                    -e 's/^void\([ *]\)/\1/;s/^ *//'                    \
+                    -e 's/^[^(]*[ *]\([A-Za-z][A-Za-z0-9_]* *(\)/return \1/' \
+                    -e 's/.*/    &/'
+        ) > macros.c
+fi
+
+#       Get source list.
+
+cat ../Makefile.inc ../Makefile.os400qc3.inc                            |
+  sed -e ':begin'                                                       \
+    -e '/\\$/{'                                                         \
+    -e 's/\\$/ /'                                                       \
+    -e 'N'                                                              \
+    -e 'bbegin'                                                         \
+    -e '}'                                                              \
+    -e 's/\n//g'                                                        \
+    -e 's/[[:space:]]*$//'                                              \
+    -e 's/^\([A-Za-z][A-Za-z0-9_]*\)[[:space:]]*=[[:space:]]*\(.*\)/\1="\2"/' \
+    -e 's/\$(\([A-Za-z][A-Za-z0-9_]*\))/${\1}/g'                        \
+        > tmpscript.sh
+. ./tmpscript.sh
+
+
+#       Compile the sources into modules.
+
+INCLUDES="'`pwd`'"
+
+for SRC in "${TOPDIR}/os400/os400sys.c" "${TOPDIR}/os400/ccsid.c"       \
+           ${CSOURCES} ${CRYPTO_CSOURCES} macros.c
+do      MODULE=`db2_name "${SRC}"`
+        make_module "${MODULE}" "${SRC}"
+done
+
+
+#       If needed, (re)create the static binding directory.
+
+if action_needed "${LIBIFSNAME}/${STATBNDDIR}.BNDDIR"
+then    LINK=YES
+fi
+
+if [ "${LINK}" ]
+then    rm -rf "${LIBIFSNAME}/${STATBNDDIR}.BNDDIR"
+        CMD="CRTBNDDIR BNDDIR(${TARGETLIB}/${STATBNDDIR})"
+        CMD="${CMD} TEXT('libssh2 API static binding directory')"
+        system "${CMD}"
+
+        for MODULE in ${MODULES}
+        do      CMD="ADDBNDDIRE BNDDIR(${TARGETLIB}/${STATBNDDIR})"
+                CMD="${CMD} OBJ((${TARGETLIB}/${MODULE} *MODULE))"
+                system "${CMD}"
+        done
+
+#       V6R1M0 does not list system service program QC3PBEXT in the
+#       implicit binding directory: thus we add it here in ours.
+
+        CMD="ADDBNDDIRE BNDDIR(${TARGETLIB}/${STATBNDDIR})"
+        CMD="${CMD} OBJ((QSYS/QC3PBEXT *SRVPGM))"
+        system "${CMD}"
+fi
+
+
+#       The exportation file for service program creation must be in a DB2
+#               source file, so make sure it exists.
+
+if action_needed "${LIBIFSNAME}/TOOLS.FILE"
+then    CMD="CRTSRCPF FILE(${TARGETLIB}/TOOLS) RCDLEN(112)"
+        CMD="${CMD} TEXT('libssh2: build tools')"
+        system "${CMD}"
+fi
+
+
+#       Gather the list of symbols to export.
+
+EXPORTS=`cat "${TOPDIR}"/include/*.h "${TOPDIR}/os400/macros.h"         \
+             "${TOPDIR}/os400/libssh2_ccsid.h"                          |
+         extproto                                                       |
+         sed -e 's/(.*//;s/[^A-Za-z0-9_]/ /g;s/ *$//;s/^.* //'`
+
+#       Create the service program exportation file in DB2 member if needed.
+
+BSF="${LIBIFSNAME}/TOOLS.FILE/BNDSRC.MBR"
+
+if action_needed "${BSF}" Makefile.am
+then    LINK=YES
+fi
+
+if [ "${LINK}" ]
+then    echo " STRPGMEXP PGMLVL(*CURRENT) SIGNATURE('LIBSSH2_${SONAME}')" \
+            > "${BSF}"
+        for EXPORT in ${EXPORTS}
+        do      echo ' EXPORT    SYMBOL("'"${EXPORT}"'")' >> "${BSF}"
+        done
+
+        echo ' ENDPGMEXP' >> "${BSF}"
+fi
+
+
+#       Build the service program if needed.
+
+if action_needed "${LIBIFSNAME}/${SRVPGM}.SRVPGM"
+then    LINK=YES
+fi
+
+if [ "${LINK}" ]
+then    CMD="CRTSRVPGM SRVPGM(${TARGETLIB}/${SRVPGM})"
+        CMD="${CMD} SRCFILE(${TARGETLIB}/TOOLS) SRCMBR(BNDSRC)"
+        CMD="${CMD} MODULE(${TARGETLIB}/OS400)"
+        CMD="${CMD} BNDDIR(${TARGETLIB}/${STATBNDDIR}"
+        if [ "${WITH_ZLIB}" != 0 ]
+        then    CMD="${CMD} ${ZLIB_LIB}/${ZLIB_BNDDIR}"
+                liblist -a "${ZLIB_LIB}"
+        fi
+        CMD="${CMD})"
+        CMD="${CMD} BNDSRVPGM(QADRTTS)"
+        CMD="${CMD} TEXT('libssh2 API library')"
+        CMD="${CMD} TGTRLS(${TGTRLS})"
+        system "${CMD}"
+        LINK=YES
+fi
+
+
+#       If needed, (re)create the dynamic binding directory.
+
+if action_needed "${LIBIFSNAME}/${DYNBNDDIR}.BNDDIR"
+then    LINK=YES
+fi
+
+if [ "${LINK}" ]
+then    rm -rf "${LIBIFSNAME}/${DYNBNDDIR}.BNDDIR"
+        CMD="CRTBNDDIR BNDDIR(${TARGETLIB}/${DYNBNDDIR})"
+        CMD="${CMD} TEXT('libssh2 API dynamic binding directory')"
+        system "${CMD}"
+        CMD="ADDBNDDIRE BNDDIR(${TARGETLIB}/${DYNBNDDIR})"
+        CMD="${CMD} OBJ((*LIBL/${SRVPGM} *SRVPGM))"
+        system "${CMD}"
+fi

os400/make.sh

@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+#       libssh2 compilation script for the OS/400.
+#
+#
+#       This is a shell script since make is not a standard component of OS/400.
+
+SCRIPTDIR=`dirname "${0}"`
+. "${SCRIPTDIR}/initscript.sh"
+cd "${TOPDIR}"
+
+
+#       Create the OS/400 library if it does not exist.
+
+if action_needed "${LIBIFSNAME}"
+then    CMD="CRTLIB LIB(${TARGETLIB}) TEXT('libssh2: SSH2 protocol API')"
+        system "${CMD}"
+fi
+
+
+#       Create the DOCS source file if it does not exist.
+
+if action_needed "${LIBIFSNAME}/DOCS.FILE"
+then    CMD="CRTSRCPF FILE(${TARGETLIB}/DOCS) RCDLEN(240)"
+        CMD="${CMD} CCSID(${TGTCCSID}) TEXT('Documentation texts')"
+        system "${CMD}"
+fi
+
+
+#       Copy some documentation files if needed.
+
+for TEXT in "${TOPDIR}/COPYING" "${SCRIPTDIR}/README400"                \
+    "${TOPDIR}/NEWS" "${TOPDIR}/README" "${TOPDIR}/docs/AUTHORS"        \
+    "${TOPDIR}/docs/BINDINGS"
+do      MEMBER="${LIBIFSNAME}/DOCS.FILE/`db2_name \"${TEXT}\"`.MBR"
+
+        if action_needed "${MEMBER}" "${TEXT}"
+        then    CMD="CPY OBJ('${TEXT}') TOOBJ('${MEMBER}') TOCCSID(${TGTCCSID})"
+                CMD="${CMD} DTAFMT(*TEXT) REPLACE(*YES)"
+                system "${CMD}"
+        fi
+done
+
+
+#       Build in each directory.
+
+for SUBDIR in include rpg src
+do      "${SCRIPTDIR}/make-${SUBDIR}.sh"
+done

os400/os400sys.c

@@ -0,0 +1,218 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+/* OS/400 additional support. */
+
+#define LIBSSH2_DISABLE_QADRT_EXT
+
+#include "libssh2_priv.h"
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#include <stdarg.h>
+#include <string.h>
+#include <alloca.h>
+#include <netdb.h>
+#include <qadrt.h>
+#include <errno.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#ifdef LIBSSH2_HAVE_ZLIB
+# include <zlib.h>
+#endif
+
+
+/**
+***     QADRT OS/400 ASCII runtime defines only the most used procedures, but
+***             a lot of them are not supported. This module implements
+***             ASCII wrappers for those that are used by libssh2, but not
+***             defined by QADRT.
+**/
+
+#pragma convert(37)                             /* Restore EBCDIC. */
+
+
+static int
+convert_sockaddr(struct sockaddr_storage * dstaddr,
+                                const struct sockaddr * srcaddr, int srclen)
+
+{
+  const struct sockaddr_un * srcu;
+  struct sockaddr_un * dstu;
+  unsigned int i;
+  unsigned int dstsize;
+
+  /* Convert a socket address into job CCSID, if needed. */
+
+  if(!srcaddr || srclen < offsetof(struct sockaddr, sa_family) +
+     sizeof srcaddr->sa_family || srclen > sizeof *dstaddr) {
+    errno = EINVAL;
+    return -1;
+    }
+
+  memcpy((char *) dstaddr, (char *) srcaddr, srclen);
+
+  switch (srcaddr->sa_family) {
+
+  case AF_UNIX:
+    srcu = (const struct sockaddr_un *) srcaddr;
+    dstu = (struct sockaddr_un *) dstaddr;
+    dstsize = sizeof *dstaddr - offsetof(struct sockaddr_un, sun_path);
+    srclen -= offsetof(struct sockaddr_un, sun_path);
+    i = QadrtConvertA2E(dstu->sun_path, srcu->sun_path, dstsize - 1, srclen);
+    dstu->sun_path[i] = '\0';
+    i += offsetof(struct sockaddr_un, sun_path);
+    srclen = i;
+    }
+
+  return srclen;
+}
+
+
+int
+_libssh2_os400_connect(int sd, struct sockaddr * destaddr, int addrlen)
+
+{
+  int i;
+  struct sockaddr_storage laddr;
+
+  i = convert_sockaddr(&laddr, destaddr, addrlen);
+
+  if(i < 0)
+    return -1;
+
+  return connect(sd, (struct sockaddr *) &laddr, i);
+}
+
+
+int
+_libssh2_os400_vsnprintf(char *dst, size_t len, const char *fmt, va_list args)
+{
+    size_t l = 4096;
+    int i;
+    char *buf;
+
+    if (!dst || !len) {
+        errno = EINVAL;
+        return -1;
+    }
+
+    if (l < len)
+        l = len;
+
+    buf = alloca(l);
+
+    if (!buf) {
+        errno = ENOMEM;
+        return -1;
+    }
+
+    i = vsprintf(buf, fmt, args);
+
+    if (i < 0)
+        return i;
+
+    if (--len > i)
+        len = i;
+
+    if (len)
+        memcpy(dst, buf, len);
+
+    dst[len] = '\0';
+    return len;
+}
+
+/* VARARGS3 */
+int
+_libssh2_os400_snprintf(char *dst, size_t len, const char *fmt, ...)
+{
+    va_list args;
+    int ret;
+
+    va_start(args, fmt);
+    ret = _libssh2_os400_vsnprintf(dst, len, fmt, args);
+    va_end(args);
+    return ret;
+}
+
+
+#ifdef LIBSSH2_HAVE_ZLIB
+int
+_libssh2_os400_inflateInit_(z_streamp strm,
+                            const char *version, int stream_size)
+{
+    char *ebcversion;
+    int i;
+
+    if (!version)
+        return Z_VERSION_ERROR;
+    i = strlen(version);
+    ebcversion = alloca(i + 1);
+    if (!ebcversion)
+        return Z_VERSION_ERROR;
+    i = QadrtConvertA2E(ebcversion, version, i, i - 1);
+    ebcversion[i] = '\0';
+    return inflateInit_(strm, ebcversion, stream_size);
+}
+
+int
+_libssh2_os400_deflateInit_(z_streamp strm, int level,
+                            const char *version, int stream_size)
+{
+    char *ebcversion;
+    int i;
+
+    if (!version)
+        return Z_VERSION_ERROR;
+    i = strlen(version);
+    ebcversion = alloca(i + 1);
+    if (!ebcversion)
+        return Z_VERSION_ERROR;
+    i = QadrtConvertA2E(ebcversion, version, i, i - 1);
+    ebcversion[i] = '\0';
+    return deflateInit_(strm, level, ebcversion, stream_size);
+}
+
+#endif

src/CMakeLists.txt

@@ -34,9 +34,11 @@
 # OF SUCH DAMAGE.
 
 include(CheckFunctionExists)
+include(CheckSymbolExists)
 include(CheckFunctionExistsMayNeedLibrary)
 include(CheckIncludeFiles)
 include(CheckTypeSize)
+include(CheckSymbolExists)
 include(CheckNonblockingSocketSupport)
 include(SocketLibraries)
 
@@ -186,7 +188,7 @@ set(SOURCES
   version.c)
 
 if(WIN32)
-  list(APPEND SOURCES ${CMAKE_SOURCE_DIR}/win32/libssh2.rc)
+  list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/win32/libssh2.rc)
 endif()
 
 add_library(libssh2 ${SOURCES})
@@ -197,7 +199,7 @@ target_compile_definitions(libssh2 PRIVATE ${PRIVATE_COMPILE_DEFINITIONS})
 target_include_directories(libssh2
   PRIVATE ${PRIVATE_INCLUDE_DIRECTORIES}
   PUBLIC
-    $<BUILD_INTERFACE:${CMAKE_SOURCE_DIR}/include>
+    $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
     $<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>)
 
 ## Options
@@ -270,9 +272,21 @@ check_include_files(winsock2.h HAVE_WINSOCK2_H)
 
 check_type_size("long long" LONGLONG)
 
+if(HAVE_SYS_TIME_H)
+  check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY)
+else()
   check_function_exists(gettimeofday HAVE_GETTIMEOFDAY)
+endif()
+if(HAVE_STDLIB_H)
+  check_symbol_exists(strtoll stdlib.h HAVE_STRTOLL)
+else()
   check_function_exists(strtoll HAVE_STRTOLL)
-check_function_exists(snprintf HAVE_SNPRINTF)
+endif()
+if (NOT HAVE_STRTOLL)
+  # Try _strtoi64 if strtoll isn't available
+  check_symbol_exists(_strtoi64 stdlib.h HAVE_STRTOI64)
+endif()
+check_symbol_exists(snprintf stdio.h HAVE_SNPRINTF)
 
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" OR
    ${CMAKE_SYSTEM_NAME} STREQUAL "Interix")
@@ -326,9 +340,9 @@ endif()
 ## Installation
 
 install(FILES
-  ${CMAKE_SOURCE_DIR}/include/libssh2.h
+  ${PROJECT_SOURCE_DIR}/include/libssh2.h
-  ${CMAKE_SOURCE_DIR}/include/libssh2_publickey.h
+  ${PROJECT_SOURCE_DIR}/include/libssh2_publickey.h
-  ${CMAKE_SOURCE_DIR}/include/libssh2_sftp.h
+  ${PROJECT_SOURCE_DIR}/include/libssh2_sftp.h
   DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
 
 install(TARGETS libssh2

src/Makefile.am

@@ -11,13 +11,17 @@ endif
 if WINCNG
 include ../Makefile.WinCNG.inc
 endif
+if OS400QC3
+include ../Makefile.os400qc3.inc
+endif
 
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include ../Makefile.inc
 
 libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS)
 
-EXTRA_DIST = libssh2_config.h.in NMakefile
+EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in libssh2.pc.in
+EXTRA_DIST += CMakeLists.txt NMakefile
 
 lib_LTLIBRARIES = libssh2.la
 

src/agent.c

@@ -239,8 +239,9 @@ agent_disconnect_unix(LIBSSH2_AGENT *agent)
 {
     int ret;
     ret = close(agent->fd);
-
+    if(ret != -1)
-    if(ret == -1)
+        agent->fd = LIBSSH2_INVALID_SOCKET;
+    else
         return _libssh2_error(agent->session, LIBSSH2_ERROR_SOCKET_DISCONNECT,
                               "failed closing the agent socket");
     return LIBSSH2_ERROR_NONE;
@@ -688,7 +689,7 @@ libssh2_agent_connect(LIBSSH2_AGENT *agent)
     int i, rc = -1;
     for (i = 0; supported_backends[i].name; i++) {
         agent->ops = supported_backends[i].ops;
-        rc = agent->ops->connect(agent);
+        rc = (agent->ops->connect)(agent);
         if (!rc)
             return 0;
     }

src/channel.c

@@ -1252,6 +1252,11 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
         { SSH_MSG_CHANNEL_SUCCESS, SSH_MSG_CHANNEL_FAILURE, 0 };
     int rc;
 
+    if (channel->process_state == libssh2_NB_state_end) {
+        return _libssh2_error(session, LIBSSH2_ERROR_BAD_USE,
+                              "Channel can not be reused");
+    }
+
     if (channel->process_state == libssh2_NB_state_idle) {
         /* 10 = packet_type(1) + channel(4) + request_len(4) + want_reply(1) */
         channel->process_packet_len = request_len + 10;
@@ -1298,7 +1303,7 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
         else if (rc) {
             LIBSSH2_FREE(session, channel->process_packet);
             channel->process_packet = NULL;
-            channel->process_state = libssh2_NB_state_idle;
+            channel->process_state = libssh2_NB_state_end;
             return _libssh2_error(session, rc,
                                   "Unable to send channel request");
         }
@@ -1320,14 +1325,14 @@ _libssh2_channel_process_startup(LIBSSH2_CHANNEL *channel,
         if (rc == LIBSSH2_ERROR_EAGAIN) {
             return rc;
         } else if (rc) {
-            channel->process_state = libssh2_NB_state_idle;
+            channel->process_state = libssh2_NB_state_end;
             return _libssh2_error(session, rc,
                                   "Failed waiting for channel success");
         }
 
         code = data[0];
         LIBSSH2_FREE(session, data);
-        channel->process_state = libssh2_NB_state_idle;
+        channel->process_state = libssh2_NB_state_end;
 
         if (code == SSH_MSG_CHANNEL_SUCCESS)
             return 0;

src/crypto.h

@@ -50,6 +50,10 @@
 #include "wincng.h"
 #endif
 
+#ifdef LIBSSH2_OS400QC3
+#include "os400qc3.h"
+#endif
+
 int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
                      const unsigned char *edata,
                      unsigned long elen,

src/hostkey.c

@@ -66,6 +66,7 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
     libssh2_rsa_ctx *rsactx;
     const unsigned char *s, *e, *n;
     unsigned long len, e_len, n_len;
+    int ret;
 
     (void) hostkey_data_len;
 
@@ -92,9 +93,11 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
     s += 4;
     n = s;
 
-    if (_libssh2_rsa_new(&rsactx, e, e_len, n, n_len, NULL, 0,
+    ret = _libssh2_rsa_new(&rsactx, e, e_len, n, n_len, NULL, 0,
-                         NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0))
+                           NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0);
+    if (ret) {
         return -1;
+    }
 
     *abstract = rsactx;
 
@@ -197,6 +200,11 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
                              void **abstract)
 {
     libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *) (*abstract);
+
+#ifdef _libssh2_rsa_sha1_signv
+    return _libssh2_rsa_sha1_signv(session, signature, signature_len,
+                                   veccount, datavec, rsactx);
+#else
     int ret;
     int i;
     unsigned char hash[SHA_DIGEST_LENGTH];
@@ -215,6 +223,7 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
     }
 
     return 0;
+#endif
 }
 
 /*
@@ -235,6 +244,10 @@ hostkey_method_ssh_rsa_dtor(LIBSSH2_SESSION * session, void **abstract)
     return 0;
 }
 
+#ifdef OPENSSL_NO_MD5
+#define MD5_DIGEST_LENGTH 16
+#endif
+
 static const LIBSSH2_HOSTKEY_METHOD hostkey_method_ssh_rsa = {
     "ssh-rsa",
     MD5_DIGEST_LENGTH,
@@ -270,6 +283,8 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session,
     libssh2_dsa_ctx *dsactx;
     const unsigned char *p, *q, *g, *y, *s;
     unsigned long p_len, q_len, g_len, y_len, len;
+    int ret;
+
     (void) hostkey_data_len;
 
     if (*abstract) {
@@ -302,7 +317,11 @@ hostkey_method_ssh_dss_init(LIBSSH2_SESSION * session,
     y = s;
     /* s += y_len; */
 
-    _libssh2_dsa_new(&dsactx, p, p_len, q, q_len, g, g_len, y, y_len, NULL, 0);
+    ret = _libssh2_dsa_new(&dsactx, p, p_len, q, q_len,
+                           g, g_len, y, y_len, NULL, 0);
+    if (ret) {
+        return -1;
+    }
 
     *abstract = dsactx;
 

src/kex.c

@@ -70,6 +70,35 @@
             }                                                           \
     }
 
+
+/* Helper macro called from kex_method_diffie_hellman_group1_sha256_key_exchange */
+#define LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(value, reqlen, version) \
+    {                                                                      \
+        libssh2_sha256_ctx hash;                                           \
+        unsigned long len = 0;                                             \
+        if (!(value)) {                                                    \
+            value = LIBSSH2_ALLOC(session, reqlen + SHA256_DIGEST_LENGTH); \
+        }                                                                  \
+        if (value)                                                         \
+            while (len < (unsigned long)reqlen) {                          \
+                libssh2_sha256_init(&hash);                                \
+                libssh2_sha256_update(hash, exchange_state->k_value,       \
+                                      exchange_state->k_value_len);        \
+                libssh2_sha256_update(hash, exchange_state->h_sig_comp,    \
+                                      SHA256_DIGEST_LENGTH);               \
+                if (len > 0) {                                             \
+                    libssh2_sha256_update(hash, value, len);               \
+                } else {                                                   \
+                    libssh2_sha256_update(hash, (version), 1);             \
+                    libssh2_sha256_update(hash, session->session_id,       \
+                                          session->session_id_len);        \
+                }                                                          \
+                libssh2_sha256_final(hash, (value) + len);                 \
+                len += SHA256_DIGEST_LENGTH;                               \
+            }                                                              \
+    }
+
+
 /*
  * diffie_hellman_sha1
  *
@@ -83,10 +112,11 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
                                unsigned char packet_type_reply,
                                unsigned char *midhash,
                                unsigned long midhash_len,
-                               kmdhgGPsha1kex_state_t *exchange_state)
+                               kmdhgGPshakex_state_t *exchange_state)
 {
     int ret = 0;
     int rc;
+    libssh2_sha1_ctx exchange_hash_ctx;
 
     if (exchange_state->state == libssh2_NB_state_idle) {
         /* Setup initial values */
@@ -202,6 +232,10 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
 
         session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s);
         exchange_state->s += 4;
+
+        if (session->server_hostkey)
+            LIBSSH2_FREE(session, session->server_hostkey);
+
         session->server_hostkey =
             LIBSSH2_ALLOC(session, session->server_hostkey_len);
         if (!session->server_hostkey) {
@@ -314,54 +348,56 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
             _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 5);
         }
 
-        libssh2_sha1_init(&exchange_state->exchange_hash);
+        exchange_state->exchange_hash = (void*)&exchange_hash_ctx;
+        libssh2_sha1_init(&exchange_hash_ctx);
+
         if (session->local.banner) {
             _libssh2_htonu32(exchange_state->h_sig_comp,
                              strlen((char *) session->local.banner) - 2);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 exchange_state->h_sig_comp, 4);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 (char *) session->local.banner,
                                 strlen((char *) session->local.banner) - 2);
         } else {
             _libssh2_htonu32(exchange_state->h_sig_comp,
                              sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 exchange_state->h_sig_comp, 4);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 LIBSSH2_SSH_DEFAULT_BANNER,
                                 sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
         }
 
         _libssh2_htonu32(exchange_state->h_sig_comp,
                          strlen((char *) session->remote.banner));
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->h_sig_comp, 4);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             session->remote.banner,
                             strlen((char *) session->remote.banner));
 
         _libssh2_htonu32(exchange_state->h_sig_comp,
                          session->local.kexinit_len);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->h_sig_comp, 4);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             session->local.kexinit,
                             session->local.kexinit_len);
 
         _libssh2_htonu32(exchange_state->h_sig_comp,
                          session->remote.kexinit_len);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->h_sig_comp, 4);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             session->remote.kexinit,
                             session->remote.kexinit_len);
 
         _libssh2_htonu32(exchange_state->h_sig_comp,
                          session->server_hostkey_len);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->h_sig_comp, 4);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             session->server_hostkey,
                             session->server_hostkey_len);
 
@@ -374,38 +410,38 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
                              LIBSSH2_DH_GEX_OPTGROUP);
             _libssh2_htonu32(exchange_state->h_sig_comp + 8,
                              LIBSSH2_DH_GEX_MAXGROUP);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 exchange_state->h_sig_comp, 12);
 #else
             _libssh2_htonu32(exchange_state->h_sig_comp,
                              LIBSSH2_DH_GEX_OPTGROUP);
-            libssh2_sha1_update(exchange_state->exchange_hash,
+            libssh2_sha1_update(exchange_hash_ctx,
                                 exchange_state->h_sig_comp, 4);
 #endif
         }
 
         if (midhash) {
-            libssh2_sha1_update(exchange_state->exchange_hash, midhash,
+            libssh2_sha1_update(exchange_hash_ctx, midhash,
                                 midhash_len);
         }
 
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->e_packet + 1,
                             exchange_state->e_packet_len - 1);
 
         _libssh2_htonu32(exchange_state->h_sig_comp,
                          exchange_state->f_value_len);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->h_sig_comp, 4);
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->f_value,
                             exchange_state->f_value_len);
 
-        libssh2_sha1_update(exchange_state->exchange_hash,
+        libssh2_sha1_update(exchange_hash_ctx,
                             exchange_state->k_value,
                             exchange_state->k_value_len);
 
-        libssh2_sha1_final(exchange_state->exchange_hash,
+        libssh2_sha1_final(exchange_hash_ctx,
                            exchange_state->h_sig_comp);
 
         if (session->hostkey->
@@ -683,6 +719,628 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
 }
 
 
+/*
+ * diffie_hellman_sha256
+ *
+ * Diffie Hellman Key Exchange, Group Agnostic
+ */
+static int diffie_hellman_sha256(LIBSSH2_SESSION *session,
+                                 _libssh2_bn *g,
+                                 _libssh2_bn *p,
+                                 int group_order,
+                                 unsigned char packet_type_init,
+                                 unsigned char packet_type_reply,
+                                 unsigned char *midhash,
+                                 unsigned long midhash_len,
+                                 kmdhgGPshakex_state_t *exchange_state)
+{
+    int ret = 0;
+    int rc;
+    libssh2_sha256_ctx exchange_hash_ctx;
+
+    if (exchange_state->state == libssh2_NB_state_idle) {
+        /* Setup initial values */
+        exchange_state->e_packet = NULL;
+        exchange_state->s_packet = NULL;
+        exchange_state->k_value = NULL;
+        exchange_state->ctx = _libssh2_bn_ctx_new();
+        exchange_state->x = _libssh2_bn_init(); /* Random from client */
+        exchange_state->e = _libssh2_bn_init(); /* g^x mod p */
+        exchange_state->f = _libssh2_bn_init_from_bin(); /* g^(Random from server) mod p */
+        exchange_state->k = _libssh2_bn_init(); /* The shared secret: f^x mod p */
+
+        /* Zero the whole thing out */
+        memset(&exchange_state->req_state, 0, sizeof(packet_require_state_t));
+
+        /* Generate x and e */
+        _libssh2_bn_rand(exchange_state->x, group_order * 8 - 1, 0, -1);
+        _libssh2_bn_mod_exp(exchange_state->e, g, exchange_state->x, p,
+                            exchange_state->ctx);
+
+        /* Send KEX init */
+        /* packet_type(1) + String Length(4) + leading 0(1) */
+        exchange_state->e_packet_len =
+            _libssh2_bn_bytes(exchange_state->e) + 6;
+        if (_libssh2_bn_bits(exchange_state->e) % 8) {
+            /* Leading 00 not needed */
+            exchange_state->e_packet_len--;
+        }
+
+        exchange_state->e_packet =
+            LIBSSH2_ALLOC(session, exchange_state->e_packet_len);
+        if (!exchange_state->e_packet) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                 "Out of memory error");
+            goto clean_exit;
+        }
+        exchange_state->e_packet[0] = packet_type_init;
+        _libssh2_htonu32(exchange_state->e_packet + 1,
+                         exchange_state->e_packet_len - 5);
+        if (_libssh2_bn_bits(exchange_state->e) % 8) {
+            _libssh2_bn_to_bin(exchange_state->e,
+                               exchange_state->e_packet + 5);
+        } else {
+            exchange_state->e_packet[5] = 0;
+            _libssh2_bn_to_bin(exchange_state->e,
+                               exchange_state->e_packet + 6);
+        }
+
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending KEX packet %d",
+                       (int) packet_type_init);
+        exchange_state->state = libssh2_NB_state_created;
+    }
+
+    if (exchange_state->state == libssh2_NB_state_created) {
+        rc = _libssh2_transport_send(session, exchange_state->e_packet,
+                                     exchange_state->e_packet_len,
+                                     NULL, 0);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        } else if (rc) {
+            ret = _libssh2_error(session, rc,
+                                 "Unable to send KEX init message");
+            goto clean_exit;
+        }
+        exchange_state->state = libssh2_NB_state_sent;
+    }
+
+    if (exchange_state->state == libssh2_NB_state_sent) {
+        if (session->burn_optimistic_kexinit) {
+            /* The first KEX packet to come along will be the guess initially
+             * sent by the server.  That guess turned out to be wrong so we
+             * need to silently ignore it */
+            int burn_type;
+
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                           "Waiting for badly guessed KEX packet (to be ignored)");
+            burn_type =
+                _libssh2_packet_burn(session, &exchange_state->burn_state);
+            if (burn_type == LIBSSH2_ERROR_EAGAIN) {
+                return burn_type;
+            } else if (burn_type <= 0) {
+                /* Failed to receive a packet */
+                ret = burn_type;
+                goto clean_exit;
+            }
+            session->burn_optimistic_kexinit = 0;
+
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                           "Burnt packet of type: %02x",
+                           (unsigned int) burn_type);
+        }
+
+        exchange_state->state = libssh2_NB_state_sent1;
+    }
+
+    if (exchange_state->state == libssh2_NB_state_sent1) {
+        /* Wait for KEX reply */
+        rc = _libssh2_packet_require(session, packet_type_reply,
+                                     &exchange_state->s_packet,
+                                     &exchange_state->s_packet_len, 0, NULL,
+                                     0, &exchange_state->req_state);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        }
+        if (rc) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT,
+                                 "Timed out waiting for KEX reply");
+            goto clean_exit;
+        }
+
+        /* Parse KEXDH_REPLY */
+        exchange_state->s = exchange_state->s_packet + 1;
+
+        session->server_hostkey_len = _libssh2_ntohu32(exchange_state->s);
+        exchange_state->s += 4;
+
+        if (session->server_hostkey)
+            LIBSSH2_FREE(session, session->server_hostkey);
+
+        session->server_hostkey =
+            LIBSSH2_ALLOC(session, session->server_hostkey_len);
+        if (!session->server_hostkey) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                 "Unable to allocate memory for a copy "
+                                 "of the host key");
+            goto clean_exit;
+        }
+        memcpy(session->server_hostkey, exchange_state->s,
+               session->server_hostkey_len);
+        exchange_state->s += session->server_hostkey_len;
+
+#if LIBSSH2_MD5
+        {
+            libssh2_md5_ctx fingerprint_ctx;
+
+            if (libssh2_md5_init(&fingerprint_ctx)) {
+                libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
+                                   session->server_hostkey_len);
+                libssh2_md5_final(fingerprint_ctx,
+                                  session->server_hostkey_md5);
+                session->server_hostkey_md5_valid = TRUE;
+            }
+            else {
+                session->server_hostkey_md5_valid = FALSE;
+            }
+        }
+#ifdef LIBSSH2DEBUG
+        {
+            char fingerprint[50], *fprint = fingerprint;
+            int i;
+            for(i = 0; i < 16; i++, fprint += 3) {
+                snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]);
+            }
+            *(--fprint) = '\0';
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                           "Server's MD5 Fingerprint: %s", fingerprint);
+        }
+#endif /* LIBSSH2DEBUG */
+#endif /* ! LIBSSH2_MD5 */
+
+        {
+            libssh2_sha1_ctx fingerprint_ctx;
+
+            if (libssh2_sha1_init(&fingerprint_ctx)) {
+                libssh2_sha1_update(fingerprint_ctx, session->server_hostkey,
+                                    session->server_hostkey_len);
+                libssh2_sha1_final(fingerprint_ctx,
+                                   session->server_hostkey_sha1);
+                session->server_hostkey_sha1_valid = TRUE;
+            }
+            else {
+                session->server_hostkey_sha1_valid = FALSE;
+            }
+        }
+#ifdef LIBSSH2DEBUG
+        {
+            char fingerprint[64], *fprint = fingerprint;
+            int i;
+
+            for(i = 0; i < 20; i++, fprint += 3) {
+                snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]);
+            }
+            *(--fprint) = '\0';
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                           "Server's SHA1 Fingerprint: %s", fingerprint);
+        }
+#endif /* LIBSSH2DEBUG */
+
+        if (session->hostkey->init(session, session->server_hostkey,
+                                   session->server_hostkey_len,
+                                   &session->server_hostkey_abstract)) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT,
+                                 "Unable to initialize hostkey importer");
+            goto clean_exit;
+        }
+
+        exchange_state->f_value_len = _libssh2_ntohu32(exchange_state->s);
+        exchange_state->s += 4;
+        exchange_state->f_value = exchange_state->s;
+        exchange_state->s += exchange_state->f_value_len;
+        _libssh2_bn_from_bin(exchange_state->f, exchange_state->f_value_len,
+                             exchange_state->f_value);
+
+        exchange_state->h_sig_len = _libssh2_ntohu32(exchange_state->s);
+        exchange_state->s += 4;
+        exchange_state->h_sig = exchange_state->s;
+
+        /* Compute the shared secret */
+        _libssh2_bn_mod_exp(exchange_state->k, exchange_state->f,
+                            exchange_state->x, p, exchange_state->ctx);
+        exchange_state->k_value_len = _libssh2_bn_bytes(exchange_state->k) + 5;
+        if (_libssh2_bn_bits(exchange_state->k) % 8) {
+            /* don't need leading 00 */
+            exchange_state->k_value_len--;
+        }
+        exchange_state->k_value =
+            LIBSSH2_ALLOC(session, exchange_state->k_value_len);
+        if (!exchange_state->k_value) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                 "Unable to allocate buffer for K");
+            goto clean_exit;
+        }
+        _libssh2_htonu32(exchange_state->k_value,
+                         exchange_state->k_value_len - 4);
+        if (_libssh2_bn_bits(exchange_state->k) % 8) {
+            _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 4);
+        } else {
+            exchange_state->k_value[4] = 0;
+            _libssh2_bn_to_bin(exchange_state->k, exchange_state->k_value + 5);
+        }
+
+        exchange_state->exchange_hash = (void*)&exchange_hash_ctx;
+        libssh2_sha256_init(&exchange_hash_ctx);
+
+        if (session->local.banner) {
+            _libssh2_htonu32(exchange_state->h_sig_comp,
+                             strlen((char *) session->local.banner) - 2);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  exchange_state->h_sig_comp, 4);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  (char *) session->local.banner,
+                                  strlen((char *) session->local.banner) - 2);
+        } else {
+            _libssh2_htonu32(exchange_state->h_sig_comp,
+                             sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  exchange_state->h_sig_comp, 4);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  LIBSSH2_SSH_DEFAULT_BANNER,
+                                  sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
+        }
+
+        _libssh2_htonu32(exchange_state->h_sig_comp,
+                         strlen((char *) session->remote.banner));
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->h_sig_comp, 4);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              session->remote.banner,
+                              strlen((char *) session->remote.banner));
+
+        _libssh2_htonu32(exchange_state->h_sig_comp,
+                         session->local.kexinit_len);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->h_sig_comp, 4);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              session->local.kexinit,
+                              session->local.kexinit_len);
+
+        _libssh2_htonu32(exchange_state->h_sig_comp,
+                         session->remote.kexinit_len);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->h_sig_comp, 4);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              session->remote.kexinit,
+                              session->remote.kexinit_len);
+
+        _libssh2_htonu32(exchange_state->h_sig_comp,
+                         session->server_hostkey_len);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->h_sig_comp, 4);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              session->server_hostkey,
+                              session->server_hostkey_len);
+
+        if (packet_type_init == SSH_MSG_KEX_DH_GEX_INIT) {
+            /* diffie-hellman-group-exchange hashes additional fields */
+#ifdef LIBSSH2_DH_GEX_NEW
+            _libssh2_htonu32(exchange_state->h_sig_comp,
+                             LIBSSH2_DH_GEX_MINGROUP);
+            _libssh2_htonu32(exchange_state->h_sig_comp + 4,
+                             LIBSSH2_DH_GEX_OPTGROUP);
+            _libssh2_htonu32(exchange_state->h_sig_comp + 8,
+                             LIBSSH2_DH_GEX_MAXGROUP);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  exchange_state->h_sig_comp, 12);
+#else
+            _libssh2_htonu32(exchange_state->h_sig_comp,
+                             LIBSSH2_DH_GEX_OPTGROUP);
+            libssh2_sha256_update(exchange_hash_ctx,
+                                  exchange_state->h_sig_comp, 4);
+#endif
+        }
+
+        if (midhash) {
+            libssh2_sha256_update(exchange_hash_ctx, midhash,
+                                  midhash_len);
+        }
+
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->e_packet + 1,
+                              exchange_state->e_packet_len - 1);
+
+        _libssh2_htonu32(exchange_state->h_sig_comp,
+                         exchange_state->f_value_len);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->h_sig_comp, 4);
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->f_value,
+                              exchange_state->f_value_len);
+
+        libssh2_sha256_update(exchange_hash_ctx,
+                              exchange_state->k_value,
+                              exchange_state->k_value_len);
+
+        libssh2_sha256_final(exchange_hash_ctx,
+                             exchange_state->h_sig_comp);
+
+        if (session->hostkey->
+            sig_verify(session, exchange_state->h_sig,
+                       exchange_state->h_sig_len, exchange_state->h_sig_comp,
+                       SHA256_DIGEST_LENGTH, &session->server_hostkey_abstract)) {
+            ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN,
+                                 "Unable to verify hostkey signature");
+            goto clean_exit;
+        }
+
+
+
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Sending NEWKEYS message");
+        exchange_state->c = SSH_MSG_NEWKEYS;
+
+        exchange_state->state = libssh2_NB_state_sent2;
+    }
+
+    if (exchange_state->state == libssh2_NB_state_sent2) {
+        rc = _libssh2_transport_send(session, &exchange_state->c, 1, NULL, 0);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        } else if (rc) {
+            ret = _libssh2_error(session, rc, "Unable to send NEWKEYS message");
+            goto clean_exit;
+        }
+
+        exchange_state->state = libssh2_NB_state_sent3;
+    }
+
+    if (exchange_state->state == libssh2_NB_state_sent3) {
+        rc = _libssh2_packet_require(session, SSH_MSG_NEWKEYS,
+                                     &exchange_state->tmp,
+                                     &exchange_state->tmp_len, 0, NULL, 0,
+                                     &exchange_state->req_state);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        } else if (rc) {
+            ret = _libssh2_error(session, rc, "Timed out waiting for NEWKEYS");
+            goto clean_exit;
+        }
+        /* The first key exchange has been performed,
+           switch to active crypt/comp/mac mode */
+        session->state |= LIBSSH2_STATE_NEWKEYS;
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX, "Received NEWKEYS message");
+
+        /* This will actually end up being just packet_type(1)
+           for this packet type anyway */
+        LIBSSH2_FREE(session, exchange_state->tmp);
+
+        if (!session->session_id) {
+            session->session_id = LIBSSH2_ALLOC(session, SHA256_DIGEST_LENGTH);
+            if (!session->session_id) {
+                ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                     "Unable to allocate buffer for SHA digest");
+                goto clean_exit;
+            }
+            memcpy(session->session_id, exchange_state->h_sig_comp,
+                   SHA256_DIGEST_LENGTH);
+            session->session_id_len = SHA256_DIGEST_LENGTH;
+            _libssh2_debug(session, LIBSSH2_TRACE_KEX, "session_id calculated");
+        }
+
+        /* Cleanup any existing cipher */
+        if (session->local.crypt->dtor) {
+            session->local.crypt->dtor(session,
+                                       &session->local.crypt_abstract);
+        }
+
+        /* Calculate IV/Secret/Key for each direction */
+        if (session->local.crypt->init) {
+            unsigned char *iv = NULL, *secret = NULL;
+            int free_iv = 0, free_secret = 0;
+
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(iv,
+                                                          session->local.crypt->
+                                                          iv_len, "A");
+            if (!iv) {
+                ret = -1;
+                goto clean_exit;
+            }
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(secret,
+                                                          session->local.crypt->
+                                                          secret_len, "C");
+            if (!secret) {
+                LIBSSH2_FREE(session, iv);
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+            if (session->local.crypt->
+                init(session, session->local.crypt, iv, &free_iv, secret,
+                     &free_secret, 1, &session->local.crypt_abstract)) {
+                LIBSSH2_FREE(session, iv);
+                LIBSSH2_FREE(session, secret);
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+
+            if (free_iv) {
+                memset(iv, 0, session->local.crypt->iv_len);
+                LIBSSH2_FREE(session, iv);
+            }
+
+            if (free_secret) {
+                memset(secret, 0, session->local.crypt->secret_len);
+                LIBSSH2_FREE(session, secret);
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Client to Server IV and Key calculated");
+
+        if (session->remote.crypt->dtor) {
+            /* Cleanup any existing cipher */
+            session->remote.crypt->dtor(session,
+                                        &session->remote.crypt_abstract);
+        }
+
+        if (session->remote.crypt->init) {
+            unsigned char *iv = NULL, *secret = NULL;
+            int free_iv = 0, free_secret = 0;
+
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(iv,
+                                                          session->remote.crypt->
+                                                          iv_len, "B");
+            if (!iv) {
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(secret,
+                                                          session->remote.crypt->
+                                                          secret_len, "D");
+            if (!secret) {
+                LIBSSH2_FREE(session, iv);
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+            if (session->remote.crypt->
+                init(session, session->remote.crypt, iv, &free_iv, secret,
+                     &free_secret, 0, &session->remote.crypt_abstract)) {
+                LIBSSH2_FREE(session, iv);
+                LIBSSH2_FREE(session, secret);
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+
+            if (free_iv) {
+                memset(iv, 0, session->remote.crypt->iv_len);
+                LIBSSH2_FREE(session, iv);
+            }
+
+            if (free_secret) {
+                memset(secret, 0, session->remote.crypt->secret_len);
+                LIBSSH2_FREE(session, secret);
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Server to Client IV and Key calculated");
+
+        if (session->local.mac->dtor) {
+            session->local.mac->dtor(session, &session->local.mac_abstract);
+        }
+
+        if (session->local.mac->init) {
+            unsigned char *key = NULL;
+            int free_key = 0;
+
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(key,
+                                                          session->local.mac->
+                                                          key_len, "E");
+            if (!key) {
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+            session->local.mac->init(session, key, &free_key,
+                                     &session->local.mac_abstract);
+
+            if (free_key) {
+                memset(key, 0, session->local.mac->key_len);
+                LIBSSH2_FREE(session, key);
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Client to Server HMAC Key calculated");
+
+        if (session->remote.mac->dtor) {
+            session->remote.mac->dtor(session, &session->remote.mac_abstract);
+        }
+
+        if (session->remote.mac->init) {
+            unsigned char *key = NULL;
+            int free_key = 0;
+
+            LIBSSH2_KEX_METHOD_DIFFIE_HELLMAN_SHA256_HASH(key,
+                                                          session->remote.mac->
+                                                          key_len, "F");
+            if (!key) {
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+            session->remote.mac->init(session, key, &free_key,
+                                      &session->remote.mac_abstract);
+
+            if (free_key) {
+                memset(key, 0, session->remote.mac->key_len);
+                LIBSSH2_FREE(session, key);
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Server to Client HMAC Key calculated");
+
+        /* Initialize compression for each direction */
+
+        /* Cleanup any existing compression */
+        if (session->local.comp && session->local.comp->dtor) {
+            session->local.comp->dtor(session, 1,
+                                      &session->local.comp_abstract);
+        }
+
+        if (session->local.comp && session->local.comp->init) {
+            if (session->local.comp->init(session, 1,
+                                          &session->local.comp_abstract)) {
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Client to Server compression initialized");
+
+        if (session->remote.comp && session->remote.comp->dtor) {
+            session->remote.comp->dtor(session, 0,
+                                       &session->remote.comp_abstract);
+        }
+
+        if (session->remote.comp && session->remote.comp->init) {
+            if (session->remote.comp->init(session, 0,
+                                           &session->remote.comp_abstract)) {
+                ret = LIBSSH2_ERROR_KEX_FAILURE;
+                goto clean_exit;
+            }
+        }
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Server to Client compression initialized");
+
+    }
+
+  clean_exit:
+    _libssh2_bn_free(exchange_state->x);
+    exchange_state->x = NULL;
+    _libssh2_bn_free(exchange_state->e);
+    exchange_state->e = NULL;
+    _libssh2_bn_free(exchange_state->f);
+    exchange_state->f = NULL;
+    _libssh2_bn_free(exchange_state->k);
+    exchange_state->k = NULL;
+    _libssh2_bn_ctx_free(exchange_state->ctx);
+    exchange_state->ctx = NULL;
+
+    if (exchange_state->e_packet) {
+        LIBSSH2_FREE(session, exchange_state->e_packet);
+        exchange_state->e_packet = NULL;
+    }
+
+    if (exchange_state->s_packet) {
+        LIBSSH2_FREE(session, exchange_state->s_packet);
+        exchange_state->s_packet = NULL;
+    }
+
+    if (exchange_state->k_value) {
+        LIBSSH2_FREE(session, exchange_state->k_value);
+        exchange_state->k_value = NULL;
+    }
+
+    exchange_state->state = libssh2_NB_state_idle;
+
+    return ret;
+}
+
+
 
 /* kex_method_diffie_hellman_group1_sha1_key_exchange
  * Diffie-Hellman Group1 (Actually Group2) Key Exchange using SHA1
@@ -921,6 +1579,105 @@ kex_method_diffie_hellman_group_exchange_sha1_key_exchange
 
 
 
+/* kex_method_diffie_hellman_group_exchange_sha256_key_exchange
+ * Diffie-Hellman Group Exchange Key Exchange using SHA256
+ * Negotiates random(ish) group for secret derivation
+ */
+static int
+kex_method_diffie_hellman_group_exchange_sha256_key_exchange
+(LIBSSH2_SESSION * session, key_exchange_state_low_t * key_state)
+{
+    unsigned long p_len, g_len;
+    int ret = 0;
+    int rc;
+
+    if (key_state->state == libssh2_NB_state_idle) {
+        key_state->p = _libssh2_bn_init();
+        key_state->g = _libssh2_bn_init();
+        /* Ask for a P and G pair */
+#ifdef LIBSSH2_DH_GEX_NEW
+        key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST;
+        _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_MINGROUP);
+        _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP);
+        _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP);
+        key_state->request_len = 13;
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Initiating Diffie-Hellman Group-Exchange (New Method SHA256)");
+#else
+        key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST_OLD;
+        _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_OPTGROUP);
+        key_state->request_len = 5;
+        _libssh2_debug(session, LIBSSH2_TRACE_KEX,
+                       "Initiating Diffie-Hellman Group-Exchange (Old Method SHA256)");
+#endif
+
+        key_state->state = libssh2_NB_state_created;
+    }
+
+    if (key_state->state == libssh2_NB_state_created) {
+        rc = _libssh2_transport_send(session, key_state->request,
+                                     key_state->request_len, NULL, 0);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        } else if (rc) {
+            ret = _libssh2_error(session, rc,
+                                 "Unable to send Group Exchange Request SHA256");
+            goto dh_gex_clean_exit;
+        }
+
+        key_state->state = libssh2_NB_state_sent;
+    }
+
+    if (key_state->state == libssh2_NB_state_sent) {
+        rc = _libssh2_packet_require(session, SSH_MSG_KEX_DH_GEX_GROUP,
+                                     &key_state->data, &key_state->data_len,
+                                     0, NULL, 0, &key_state->req_state);
+        if (rc == LIBSSH2_ERROR_EAGAIN) {
+            return rc;
+        } else if (rc) {
+            ret = _libssh2_error(session, rc,
+                                 "Timeout waiting for GEX_GROUP reply SHA256");
+            goto dh_gex_clean_exit;
+        }
+
+        key_state->state = libssh2_NB_state_sent1;
+    }
+
+    if (key_state->state == libssh2_NB_state_sent1) {
+        unsigned char *s = key_state->data + 1;
+        p_len = _libssh2_ntohu32(s);
+        s += 4;
+        _libssh2_bn_from_bin(key_state->p, p_len, s);
+        s += p_len;
+
+        g_len = _libssh2_ntohu32(s);
+        s += 4;
+        _libssh2_bn_from_bin(key_state->g, g_len, s);
+
+        ret = diffie_hellman_sha256(session, key_state->g, key_state->p, p_len,
+                                    SSH_MSG_KEX_DH_GEX_INIT,
+                                    SSH_MSG_KEX_DH_GEX_REPLY,
+                                    key_state->data + 1,
+                                    key_state->data_len - 1,
+                                    &key_state->exchange_state);
+        if (ret == LIBSSH2_ERROR_EAGAIN) {
+            return ret;
+        }
+
+        LIBSSH2_FREE(session, key_state->data);
+    }
+
+  dh_gex_clean_exit:
+    key_state->state = libssh2_NB_state_idle;
+    _libssh2_bn_free(key_state->g);
+    key_state->g = NULL;
+    _libssh2_bn_free(key_state->p);
+    key_state->p = NULL;
+
+    return ret;
+}
+
+
 #define LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY     0x0001
 #define LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY    0x0002
 
@@ -943,9 +1700,17 @@ kex_method_diffie_helman_group_exchange_sha1 = {
     LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY,
 };
 
+static const LIBSSH2_KEX_METHOD
+kex_method_diffie_helman_group_exchange_sha256 = {
+    "diffie-hellman-group-exchange-sha256",
+    kex_method_diffie_hellman_group_exchange_sha256_key_exchange,
+    LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY,
+};
+
 static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = {
-    &kex_method_diffie_helman_group14_sha1,
+    &kex_method_diffie_helman_group_exchange_sha256,
     &kex_method_diffie_helman_group_exchange_sha1,
+    &kex_method_diffie_helman_group14_sha1,
     &kex_method_diffie_helman_group1_sha1,
     NULL
 };

src/libgcrypt.h

@@ -42,6 +42,8 @@
 #define LIBSSH2_MD5 1
 
 #define LIBSSH2_HMAC_RIPEMD 1
+#define LIBSSH2_HMAC_SHA256 1
+#define LIBSSH2_HMAC_SHA512 1
 
 #define LIBSSH2_AES 1
 #define LIBSSH2_AES_CTR 1
@@ -55,10 +57,13 @@
 
 #define MD5_DIGEST_LENGTH 16
 #define SHA_DIGEST_LENGTH 20
+#define SHA256_DIGEST_LENGTH 32
 
 #define _libssh2_random(buf, len)                \
   (gcry_randomize ((buf), (len), GCRY_STRONG_RANDOM), 1)
 
+#define libssh2_prepare_iovec(vec, len)  /* Empty. */
+
 #define libssh2_sha1_ctx gcry_md_hd_t
 
 /* returns 0 in case of failure */
@@ -71,6 +76,17 @@
 #define libssh2_sha1(message, len, out) \
   gcry_md_hash_buffer (GCRY_MD_SHA1, out, message, len)
 
+#define libssh2_sha256_ctx gcry_md_hd_t
+
+#define libssh2_sha256_init(ctx) \
+  (GPG_ERR_NO_ERROR == gcry_md_open (ctx,  GCRY_MD_SHA256, 0))
+#define libssh2_sha256_update(ctx, data, len) \
+  gcry_md_write (ctx, (unsigned char *) data, len)
+#define libssh2_sha256_final(ctx, out) \
+  memcpy (out, gcry_md_read (ctx, 0), SHA256_DIGEST_LENGTH), gcry_md_close (ctx)
+#define libssh2_sha256(message, len, out) \
+  gcry_md_hash_buffer (GCRY_MD_SHA256, out, message, len)
+
 #define libssh2_md5_ctx gcry_md_hd_t
 
 /* returns 0 in case of failure */
@@ -95,6 +111,12 @@
 #define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
   gcry_md_open (ctx, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC), \
     gcry_md_setkey (*ctx, key, keylen)
+#define libssh2_hmac_sha256_init(ctx, key, keylen) \
+  gcry_md_open (ctx, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC), \
+    gcry_md_setkey (*ctx, key, keylen)
+#define libssh2_hmac_sha512_init(ctx, key, keylen) \
+  gcry_md_open (ctx, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC), \
+    gcry_md_setkey (*ctx, key, keylen)
 #define libssh2_hmac_update(ctx, data, datalen) \
   gcry_md_write (ctx, (unsigned char *) data, datalen)
 #define libssh2_hmac_final(ctx, data) \

src/libssh2_config_cmake.h.in

@@ -64,6 +64,7 @@
 #cmakedefine HAVE_SELECT
 #cmakedefine HAVE_SOCKET
 #cmakedefine HAVE_STRTOLL
+#cmakedefine HAVE_STRTOI64
 #cmakedefine HAVE_SNPRINTF
 
 /* OpenSSL functions */

src/libssh2_priv.h

@@ -132,6 +132,11 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
 
 #endif /* WIN32 */
 
+#ifdef __OS400__
+/* Force parameter type. */
+#define send(s, b, l, f)    send((s), (unsigned char *) (b), (l), (f))
+#endif
+
 #include "crypto.h"
 
 #ifdef HAVE_WINSOCK2_H
@@ -149,6 +154,7 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
  * padding length, payload, padding, and MAC.)."
  */
 #define MAX_SSH_PACKET_LEN 35000
+#define MAX_SHA_DIGEST_LEN SHA256_DIGEST_LENGTH
 
 #define LIBSSH2_ALLOC(session, count) \
   session->alloc((count), &(session)->abstract)
@@ -182,9 +188,9 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
                       (channel), &(channel)->abstract)
 
 #define LIBSSH2_SEND_FD(session, fd, buffer, length, flags) \
-    session->send(fd, buffer, length, flags, &session->abstract)
+    (session->send)(fd, buffer, length, flags, &session->abstract)
 #define LIBSSH2_RECV_FD(session, fd, buffer, length, flags) \
-    session->recv(fd, buffer, length, flags, &session->abstract)
+    (session->recv)(fd, buffer, length, flags, &session->abstract)
 
 #define LIBSSH2_SEND(session, buffer, length, flags)  \
     LIBSSH2_SEND_FD(session, session->socket_fd, buffer, length, flags)
@@ -215,7 +221,8 @@ typedef enum
     libssh2_NB_state_jump2,
     libssh2_NB_state_jump3,
     libssh2_NB_state_jump4,
-    libssh2_NB_state_jump5
+    libssh2_NB_state_jump5,
+    libssh2_NB_state_end
 } libssh2_nonblocking_states;
 
 typedef struct packet_require_state_t
@@ -229,13 +236,13 @@ typedef struct packet_requirev_state_t
     time_t start;
 } packet_requirev_state_t;
 
-typedef struct kmdhgGPsha1kex_state_t
+typedef struct kmdhgGPshakex_state_t
 {
     libssh2_nonblocking_states state;
     unsigned char *e_packet;
     unsigned char *s_packet;
     unsigned char *tmp;
-    unsigned char h_sig_comp[SHA_DIGEST_LENGTH];
+    unsigned char h_sig_comp[MAX_SHA_DIGEST_LEN];
     unsigned char c;
     size_t e_packet_len;
     size_t s_packet_len;
@@ -252,16 +259,16 @@ typedef struct kmdhgGPsha1kex_state_t
     size_t f_value_len;
     size_t k_value_len;
     size_t h_sig_len;
-    libssh2_sha1_ctx exchange_hash;
+    void *exchange_hash;
     packet_require_state_t req_state;
     libssh2_nonblocking_states burn_state;
-} kmdhgGPsha1kex_state_t;
+} kmdhgGPshakex_state_t;
 
 typedef struct key_exchange_state_low_t
 {
     libssh2_nonblocking_states state;
     packet_require_state_t req_state;
-    kmdhgGPsha1kex_state_t exchange_state;
+    kmdhgGPshakex_state_t exchange_state;
     _libssh2_bn *p;             /* SSH2 defined value (p_value) */
     _libssh2_bn *g;             /* SSH2 defined value (2) */
     unsigned char request[13];
@@ -629,6 +636,7 @@ struct _LIBSSH2_SESSION
     /* Error tracking */
     const char *err_msg;
     int err_code;
+    int err_flags;
 
     /* struct members for packet-level reading */
     struct transportpacket packet;
@@ -779,7 +787,7 @@ struct _LIBSSH2_SESSION
     int sftpInit_sent; /* number of bytes from the buffer that have been
                           sent */
 
-    /* State variables used in libssh2_scp_recv() */
+    /* State variables used in libssh2_scp_recv() / libssh_scp_recv2() */
     libssh2_nonblocking_states scpRecv_state;
     unsigned char *scpRecv_command;
     size_t scpRecv_command_len;
@@ -790,6 +798,9 @@ struct _LIBSSH2_SESSION
     /* we have the type and we can parse such numbers */
     long long scpRecv_size;
 #define scpsize_strtol strtoll
+#elif defined(HAVE_STRTOI64)
+    __int64 scpRecv_size;
+#define scpsize_strtol _strtoi64
 #else
     long scpRecv_size;
 #define scpsize_strtol strtol
@@ -945,6 +956,10 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
 /* Something very bad is going on */
 #define LIBSSH2_MAC_INVALID                     -1
 
+/* Flags for _libssh2_error_flags */
+/* Error message is allocated on the heap */
+#define LIBSSH2_ERR_FLAG_DUP                     1
+
 /* SSH Packet Types -- Defined by internet draft */
 /* Transport Layer */
 #define SSH_MSG_DISCONNECT                          1
@@ -961,7 +976,7 @@ _libssh2_debug(LIBSSH2_SESSION * session, int context, const char *format, ...)
 #define SSH_MSG_KEXDH_INIT                          30
 #define SSH_MSG_KEXDH_REPLY                         31
 
-/* diffie-hellman-group-exchange-sha1 */
+/* diffie-hellman-group-exchange-sha1 and diffie-hellman-group-exchange-sha256 */
 #define SSH_MSG_KEX_DH_GEX_REQUEST_OLD              30
 #define SSH_MSG_KEX_DH_GEX_REQUEST                  34
 #define SSH_MSG_KEX_DH_GEX_GROUP                    31

src/mac.c

@@ -96,6 +96,97 @@ mac_method_common_dtor(LIBSSH2_SESSION * session, void **abstract)
 
 
 
+#if LIBSSH2_HMAC_SHA512
+/* mac_method_hmac_sha512_hash
+ * Calculate hash using full sha512 value
+ */
+static int
+mac_method_hmac_sha2_512_hash(LIBSSH2_SESSION * session,
+                          unsigned char *buf, uint32_t seqno,
+                          const unsigned char *packet,
+                          uint32_t packet_len,
+                          const unsigned char *addtl,
+                          uint32_t addtl_len, void **abstract)
+{
+    libssh2_hmac_ctx ctx;
+    unsigned char seqno_buf[4];
+    (void) session;
+
+    _libssh2_htonu32(seqno_buf, seqno);
+
+    libssh2_hmac_ctx_init(ctx);
+    libssh2_hmac_sha512_init(&ctx, *abstract, 64);
+    libssh2_hmac_update(ctx, seqno_buf, 4);
+    libssh2_hmac_update(ctx, packet, packet_len);
+    if (addtl && addtl_len) {
+        libssh2_hmac_update(ctx, addtl, addtl_len);
+    }
+    libssh2_hmac_final(ctx, buf);
+    libssh2_hmac_cleanup(&ctx);
+
+    return 0;
+}
+
+
+
+static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_512 = {
+    "hmac-sha2-512",
+    64,
+    64,
+    mac_method_common_init,
+    mac_method_hmac_sha2_512_hash,
+    mac_method_common_dtor,
+};
+#endif
+
+
+
+#if LIBSSH2_HMAC_SHA256
+/* mac_method_hmac_sha256_hash
+ * Calculate hash using full sha256 value
+ */
+static int
+mac_method_hmac_sha2_256_hash(LIBSSH2_SESSION * session,
+                          unsigned char *buf, uint32_t seqno,
+                          const unsigned char *packet,
+                          uint32_t packet_len,
+                          const unsigned char *addtl,
+                          uint32_t addtl_len, void **abstract)
+{
+    libssh2_hmac_ctx ctx;
+    unsigned char seqno_buf[4];
+    (void) session;
+
+    _libssh2_htonu32(seqno_buf, seqno);
+
+    libssh2_hmac_ctx_init(ctx);
+    libssh2_hmac_sha256_init(&ctx, *abstract, 32);
+    libssh2_hmac_update(ctx, seqno_buf, 4);
+    libssh2_hmac_update(ctx, packet, packet_len);
+    if (addtl && addtl_len) {
+        libssh2_hmac_update(ctx, addtl, addtl_len);
+    }
+    libssh2_hmac_final(ctx, buf);
+    libssh2_hmac_cleanup(&ctx);
+
+    return 0;
+}
+
+
+
+static const LIBSSH2_MAC_METHOD mac_method_hmac_sha2_256 = {
+    "hmac-sha2-256",
+    32,
+    32,
+    mac_method_common_init,
+    mac_method_hmac_sha2_256_hash,
+    mac_method_common_dtor,
+};
+#endif
+
+
+
+
 /* mac_method_hmac_sha1_hash
  * Calculate hash using full sha1 value
  */
@@ -294,6 +385,12 @@ static const LIBSSH2_MAC_METHOD mac_method_hmac_ripemd160_openssh_com = {
 #endif /* LIBSSH2_HMAC_RIPEMD */
 
 static const LIBSSH2_MAC_METHOD *mac_methods[] = {
+#if LIBSSH2_HMAC_SHA256
+    &mac_method_hmac_sha2_256,
+#endif
+#if LIBSSH2_HMAC_SHA512
+    &mac_method_hmac_sha2_512,
+#endif
     &mac_method_hmac_sha1,
     &mac_method_hmac_sha1_96,
 #if LIBSSH2_MD5

src/misc.c

@@ -51,10 +51,29 @@
 #include <stdio.h>
 #include <errno.h>
 
-int _libssh2_error(LIBSSH2_SESSION* session, int errcode, const char* errmsg)
+int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode, const char* errmsg, int errflags)
 {
-    session->err_msg = errmsg;
+    if (session->err_flags & LIBSSH2_ERR_FLAG_DUP)
+        LIBSSH2_FREE(session, (char *)session->err_msg);
+
     session->err_code = errcode;
+    session->err_flags = 0;
+
+    if ((errmsg != NULL) && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) {
+        size_t len = strlen(errmsg);
+        char *copy = LIBSSH2_ALLOC(session, len + 1);
+        if (copy) {
+            memcpy(copy, errmsg, len + 1);
+            session->err_flags = LIBSSH2_ERR_FLAG_DUP;
+            session->err_msg = copy;
+        }
+        else
+            /* Out of memory: this code path is very unlikely */
+            session->err_msg = "former error forgotten (OOM)";
+    }
+    else
+        session->err_msg = errmsg;
+
 #ifdef LIBSSH2DEBUG
     if((errcode == LIBSSH2_ERROR_EAGAIN) && !session->api_block_mode)
         /* if this is EAGAIN and we're in non-blocking mode, don't generate
@@ -67,6 +86,11 @@ int _libssh2_error(LIBSSH2_SESSION* session, int errcode, const char* errmsg)
     return errcode;
 }
 
+int _libssh2_error(LIBSSH2_SESSION* session, int errcode, const char* errmsg)
+{
+    return _libssh2_error_flags(session, errcode, errmsg, 0);
+}
+
 #ifdef WIN32
 static int wsa2errno(void)
 {
@@ -380,6 +404,8 @@ libssh2_free(LIBSSH2_SESSION *session, void *ptr)
 }
 
 #ifdef LIBSSH2DEBUG
+#include <stdarg.h>
+
 LIBSSH2_API int
 libssh2_trace(LIBSSH2_SESSION * session, int bitmask)
 {

src/misc.h

@@ -49,6 +49,7 @@ struct list_node {
     struct list_head *head;
 };
 
+int _libssh2_error_flags(LIBSSH2_SESSION* session, int errcode, const char* errmsg, int errflags);
 int _libssh2_error(LIBSSH2_SESSION* session, int errcode, const char* errmsg);
 
 void _libssh2_list_init(struct list_head *head);

src/openssl.c

@@ -105,7 +105,8 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsactx,
     unsigned char hash[SHA_DIGEST_LENGTH];
     int ret;
 
-    libssh2_sha1(m, m_len, hash);
+    if (_libssh2_sha1(m, m_len, hash))
+        return -1; /* failure */
     ret = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH,
                      (unsigned char *) sig, sig_len, rsactx);
     return (ret == 1) ? 0 : -1;
@@ -153,15 +154,17 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
 {
     unsigned char hash[SHA_DIGEST_LENGTH];
     DSA_SIG dsasig;
-    int ret;
+    int ret = -1;
 
     dsasig.r = BN_new();
     BN_bin2bn(sig, 20, dsasig.r);
     dsasig.s = BN_new();
     BN_bin2bn(sig + 20, 20, dsasig.s);
 
-    libssh2_sha1(m, m_len, hash);
+    if (!_libssh2_sha1(m, m_len, hash))
+        /* _libssh2_sha1() succeeded */
         ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, &dsasig, dsactx);
+
     BN_clear_free(dsasig.s);
     BN_clear_free(dsasig.r);
 
@@ -174,8 +177,13 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
                      _libssh2_cipher_type(algo),
                      unsigned char *iv, unsigned char *secret, int encrypt)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    *h = EVP_CIPHER_CTX_new();
+    return !EVP_CipherInit(*h, algo(), secret, iv, encrypt);
+#else
     EVP_CIPHER_CTX_init(h);
     return !EVP_CipherInit(h, algo(), secret, iv, encrypt);
+#endif
 }
 
 int
@@ -188,7 +196,11 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
     (void) algo;
     (void) encrypt;
 
+#ifdef HAVE_OPAQUE_STRUCTS
+    ret = EVP_Cipher(*ctx, buf, block, blocksize);
+#else
     ret = EVP_Cipher(ctx, buf, block, blocksize);
+#endif
     if (ret == 1) {
         memcpy(block, buf, blocksize);
     }
@@ -219,7 +231,7 @@ aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     const EVP_CIPHER *aes_cipher;
     (void) enc;
 
-    switch (ctx->key_len) {
+    switch (EVP_CIPHER_CTX_key_length(ctx)) {
     case 16:
         aes_cipher = EVP_aes_128_ecb();
         break;
@@ -237,14 +249,22 @@ aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     if (c == NULL)
         return 0;
 
+#ifdef HAVE_OPAQUE_STRUCTS
+    c->aes_ctx = EVP_CIPHER_CTX_new();
+#else
     c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
+#endif
     if (c->aes_ctx == NULL) {
         free(c);
         return 0;
     }
 
     if (EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {
+#ifdef HAVE_OPAQUE_STRUCTS
+        EVP_CIPHER_CTX_free(c->aes_ctx);
+#else
         free(c->aes_ctx);
+#endif
         free(c);
         return 0;
     }
@@ -309,8 +329,12 @@ aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) /* cleanup ctx */
     }
 
     if (c->aes_ctx != NULL) {
+#ifdef HAVE_OPAQUE_STRUCTS
+        EVP_CIPHER_CTX_free(c->aes_ctx);
+#else
         _libssh2_cipher_dtor(c->aes_ctx);
         free(c->aes_ctx);
+#endif
     }
 
     free(c);
@@ -319,14 +343,25 @@ aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) /* cleanup ctx */
 }
 
 static const EVP_CIPHER *
-make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher)
+make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher, int type)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    aes_ctr_cipher = EVP_CIPHER_meth_new(type, 16, keylen);
+    if (aes_ctr_cipher) {
+        EVP_CIPHER_meth_set_iv_length(aes_ctr_cipher, 16);
+        EVP_CIPHER_meth_set_init(aes_ctr_cipher, aes_ctr_init);
+        EVP_CIPHER_meth_set_do_cipher(aes_ctr_cipher, aes_ctr_do_cipher);
+        EVP_CIPHER_meth_set_cleanup(aes_ctr_cipher, aes_ctr_cleanup);
+    }
+#else
+    aes_ctr_cipher->nid = type;
     aes_ctr_cipher->block_size = 16;
     aes_ctr_cipher->key_len = keylen;
     aes_ctr_cipher->iv_len = 16;
     aes_ctr_cipher->init = aes_ctr_init;
     aes_ctr_cipher->do_cipher = aes_ctr_do_cipher;
     aes_ctr_cipher->cleanup = aes_ctr_cleanup;
+#endif
 
     return aes_ctr_cipher;
 }
@@ -334,25 +369,43 @@ make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher)
 const EVP_CIPHER *
 _libssh2_EVP_aes_128_ctr(void)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    static EVP_CIPHER * aes_ctr_cipher;
+    return !aes_ctr_cipher?
+        make_ctr_evp (16, aes_ctr_cipher, NID_aes_128_ctr) : aes_ctr_cipher;
+#else
     static EVP_CIPHER aes_ctr_cipher;
     return !aes_ctr_cipher.key_len?
-        make_ctr_evp (16, &aes_ctr_cipher) : &aes_ctr_cipher;
+        make_ctr_evp (16, &aes_ctr_cipher, 0) : &aes_ctr_cipher;
+#endif
 }
 
 const EVP_CIPHER *
 _libssh2_EVP_aes_192_ctr(void)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    static EVP_CIPHER * aes_ctr_cipher;
+    return !aes_ctr_cipher?
+        make_ctr_evp (24, aes_ctr_cipher, NID_aes_192_ctr) : aes_ctr_cipher;
+#else
     static EVP_CIPHER aes_ctr_cipher;
     return !aes_ctr_cipher.key_len?
-        make_ctr_evp (24, &aes_ctr_cipher) : &aes_ctr_cipher;
+        make_ctr_evp (24, &aes_ctr_cipher, 0) : &aes_ctr_cipher;
+#endif
 }
 
 const EVP_CIPHER *
 _libssh2_EVP_aes_256_ctr(void)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    static EVP_CIPHER * aes_ctr_cipher;
+    return !aes_ctr_cipher?
+        make_ctr_evp (32, aes_ctr_cipher, NID_aes_256_ctr) : aes_ctr_cipher;
+#else
     static EVP_CIPHER aes_ctr_cipher;
     return !aes_ctr_cipher.key_len?
-        make_ctr_evp (32, &aes_ctr_cipher) : &aes_ctr_cipher;
+        make_ctr_evp (32, &aes_ctr_cipher, 0) : &aes_ctr_cipher;
+#endif
 }
 
 void _libssh2_init_aes_ctr(void)
@@ -564,43 +617,129 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx,
 #endif /* LIBSSH_DSA */
 
 int
-libssh2_sha1_init(libssh2_sha1_ctx *ctx)
+_libssh2_sha1_init(libssh2_sha1_ctx *ctx)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    *ctx = EVP_MD_CTX_new();
+
+    if (*ctx == NULL)
+        return 0;
+
+    if (EVP_DigestInit(*ctx, EVP_get_digestbyname("sha1")))
+        return 1;
+
+    EVP_MD_CTX_free(*ctx);
+    *ctx = NULL;
+
+    return 0;
+#else
     EVP_MD_CTX_init(ctx);
     return EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"));
+#endif
 }
 
-void
+int
-libssh2_sha1(const unsigned char *message, unsigned long len,
+_libssh2_sha1(const unsigned char *message, unsigned long len,
               unsigned char *out)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    EVP_MD_CTX * ctx = EVP_MD_CTX_new();
+
+    if (ctx == NULL)
+        return 1; /* error */
+
+    if (EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"))) {
+        EVP_DigestUpdate(ctx, message, len);
+        EVP_DigestFinal(ctx, out, NULL);
+        EVP_MD_CTX_free(ctx);
+        return 0; /* success */
+    }
+    EVP_MD_CTX_free(ctx);
+#else
     EVP_MD_CTX ctx;
 
     EVP_MD_CTX_init(&ctx);
     if (EVP_DigestInit(&ctx, EVP_get_digestbyname("sha1"))) {
         EVP_DigestUpdate(&ctx, message, len);
         EVP_DigestFinal(&ctx, out, NULL);
+        return 0; /* success */
     }
+#endif
+    return 1; /* error */
 }
 
 int
-libssh2_md5_init(libssh2_md5_ctx *ctx)
+_libssh2_sha256_init(libssh2_sha256_ctx *ctx)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    *ctx = EVP_MD_CTX_new();
+
+    if (*ctx == NULL)
+        return 0;
+
+    if (EVP_DigestInit(*ctx, EVP_get_digestbyname("sha256")))
+        return 1;
+
+    EVP_MD_CTX_free(*ctx);
+    *ctx = NULL;
+
+    return 0;
+#else
     EVP_MD_CTX_init(ctx);
-    return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
+    return EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"));
+#endif
 }
 
-void
+int
-libssh2_md5(const unsigned char *message, unsigned long len,
+_libssh2_sha256(const unsigned char *message, unsigned long len,
                 unsigned char *out)
 {
+#ifdef HAVE_OPAQUE_STRUCTS
+    EVP_MD_CTX * ctx = EVP_MD_CTX_new();
+
+    if (ctx == NULL)
+        return 1; /* error */
+
+    if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"))) {
+        EVP_DigestUpdate(ctx, message, len);
+        EVP_DigestFinal(ctx, out, NULL);
+        EVP_MD_CTX_free(ctx);
+        return 0; /* success */
+    }
+    EVP_MD_CTX_free(ctx);
+#else
     EVP_MD_CTX ctx;
 
     EVP_MD_CTX_init(&ctx);
-    if (EVP_DigestInit(&ctx, EVP_get_digestbyname("md5"))) {
+    if(EVP_DigestInit(&ctx, EVP_get_digestbyname("sha256"))) {
         EVP_DigestUpdate(&ctx, message, len);
         EVP_DigestFinal(&ctx, out, NULL);
+        return 0; /* success */
     }
+#endif
+    return 1; /* error */
+}
+
+int
+_libssh2_md5_init(libssh2_md5_ctx *ctx)
+{
+#ifdef HAVE_OPAQUE_STRUCTS
+    *ctx = EVP_MD_CTX_new();
+
+    if (*ctx == NULL)
+        return 0;
+
+    if (EVP_DigestInit(*ctx, EVP_get_digestbyname("md5")))
+        return 1;
+
+    EVP_MD_CTX_free(*ctx);
+    *ctx = NULL;
+
+    return 0;
+#else
+    EVP_MD_CTX_init(ctx);
+    return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
+#endif
 }
 
 static unsigned char *
@@ -819,6 +958,7 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
     int       st;
     BIO*      bp;
     EVP_PKEY* pk;
+    int       pktype;
 
     _libssh2_debug(session,
                    LIBSSH2_TRACE_AUTH,
@@ -853,7 +993,13 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
                               "private key file format");
     }
 
-    switch (pk->type) {
+#ifdef HAVE_OPAQUE_STRUCTS
+    pktype = EVP_PKEY_id(pk);
+#else
+    pktype = pk->type;
+#endif
+
+    switch (pktype) {
     case EVP_PKEY_RSA :
         st = gen_publickey_from_rsa_evp(
             session, method, method_len, pubkeydata, pubkeydata_len, pk);
@@ -892,6 +1038,7 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
     int       st;
     BIO*      bp;
     EVP_PKEY* pk;
+    int       pktype;
 
     _libssh2_debug(session,
                    LIBSSH2_TRACE_AUTH,
@@ -922,7 +1069,13 @@ _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
                               "private key file format");
     }
 
-    switch (pk->type) {
+#ifdef HAVE_OPAQUE_STRUCTS
+    pktype = EVP_PKEY_id(pk);
+#else
+    pktype = pk->type;
+#endif
+
+    switch (pktype) {
     case EVP_PKEY_RSA :
         st = gen_publickey_from_rsa_evp(session, method, method_len,
                                         pubkeydata, pubkeydata_len, pk);

src/openssl.h

@@ -39,6 +39,11 @@
 
 #include <openssl/opensslconf.h>
 #include <openssl/sha.h>
+#include <openssl/rsa.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
 #ifndef OPENSSL_NO_MD5
 #include <openssl/md5.h>
 #endif
@@ -48,6 +53,11 @@
 #include <openssl/pem.h>
 #include <openssl/rand.h>
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
+    !defined(LIBRESSL_VERSION_NUMBER)
+# define HAVE_OPAQUE_STRUCTS 1
+#endif
+
 #ifdef OPENSSL_NO_RSA
 # define LIBSSH2_RSA 0
 #else
@@ -72,6 +82,9 @@
 # define LIBSSH2_HMAC_RIPEMD 1
 #endif
 
+#define LIBSSH2_HMAC_SHA256 1
+#define LIBSSH2_HMAC_SHA512 1
+
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L && !defined(OPENSSL_NO_AES)
 # define LIBSSH2_AES_CTR 1
 # define LIBSSH2_AES 1
@@ -106,37 +119,118 @@
 
 #define _libssh2_random(buf, len) RAND_bytes ((buf), (len))
 
+#define libssh2_prepare_iovec(vec, len)  /* Empty. */
+
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_sha1_ctx EVP_MD_CTX *
+#else
 #define libssh2_sha1_ctx EVP_MD_CTX
+#endif
 
 /* returns 0 in case of failure */
-int libssh2_sha1_init(libssh2_sha1_ctx *ctx);
+int _libssh2_sha1_init(libssh2_sha1_ctx *ctx);
+#define libssh2_sha1_init(x) _libssh2_sha1_init(x)
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
+#define libssh2_sha1_final(ctx, out) do { \
+                                         EVP_DigestFinal(ctx, out, NULL); \
+                                         EVP_MD_CTX_free(ctx); \
+                                     } while(0)
+#else
 #define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
 #define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
-void libssh2_sha1(const unsigned char *message, unsigned long len, unsigned char *out);
+#endif
+int _libssh2_sha1(const unsigned char *message, unsigned long len,
+                  unsigned char *out);
+#define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z)
 
-#define libssh2_md5_ctx EVP_MD_CTX
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_sha256_ctx EVP_MD_CTX *
+#else
+#define libssh2_sha256_ctx EVP_MD_CTX
+#endif
 
 /* returns 0 in case of failure */
-int libssh2_md5_init(libssh2_md5_ctx *); 
+int _libssh2_sha256_init(libssh2_sha256_ctx *ctx);
+#define libssh2_sha256_init(x) _libssh2_sha256_init(x)
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
+#define libssh2_sha256_final(ctx, out) do { \
+                                           EVP_DigestFinal(ctx, out, NULL); \
+                                           EVP_MD_CTX_free(ctx); \
+                                       } while(0)
+#else
+#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
+#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
+#endif
+int _libssh2_sha256(const unsigned char *message, unsigned long len,
+                  unsigned char *out);
+#define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z)
+
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_md5_ctx EVP_MD_CTX *
+#else
+#define libssh2_md5_ctx EVP_MD_CTX
+#endif
+
+/* returns 0 in case of failure */
+int _libssh2_md5_init(libssh2_md5_ctx *ctx);
+#define libssh2_md5_init(x) _libssh2_md5_init(x)
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
+#define libssh2_md5_final(ctx, out) do { \
+                                        EVP_DigestFinal(ctx, out, NULL); \
+                                        EVP_MD_CTX_free(ctx); \
+                                    } while(0)
+#else
 #define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
 #define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
-void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char *out);
+#endif
 
+#ifdef HAVE_OPAQUE_STRUCTS
+#define libssh2_hmac_ctx HMAC_CTX *
+#define libssh2_hmac_ctx_init(ctx) ctx = HMAC_CTX_new()
+#define libssh2_hmac_sha1_init(ctx, key, keylen) \
+  HMAC_Init_ex(*(ctx), key, keylen, EVP_sha1(), NULL)
+#define libssh2_hmac_md5_init(ctx, key, keylen) \
+  HMAC_Init_ex(*(ctx), key, keylen, EVP_md5(), NULL)
+#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
+  HMAC_Init_ex(*(ctx), key, keylen, EVP_ripemd160(), NULL)
+#define libssh2_hmac_sha256_init(ctx, key, keylen) \
+  HMAC_Init_ex(*(ctx), key, keylen, EVP_sha256(), NULL)
+#define libssh2_hmac_sha512_init(ctx, key, keylen) \
+  HMAC_Init_ex(*(ctx), key, keylen, EVP_sha512(), NULL)
+
+#define libssh2_hmac_update(ctx, data, datalen) \
+  HMAC_Update(ctx, data, datalen)
+#define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL)
+#define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx))
+#else
 #define libssh2_hmac_ctx HMAC_CTX
 #define libssh2_hmac_ctx_init(ctx) \
   HMAC_CTX_init(&ctx)
 #define libssh2_hmac_sha1_init(ctx, key, keylen) \
-  HMAC_Init(ctx, key, keylen, EVP_sha1())
+  HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL)
 #define libssh2_hmac_md5_init(ctx, key, keylen) \
-  HMAC_Init(ctx, key, keylen, EVP_md5())
+  HMAC_Init_ex(ctx, key, keylen, EVP_md5(), NULL)
 #define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
-  HMAC_Init(ctx, key, keylen, EVP_ripemd160())
+  HMAC_Init_ex(ctx, key, keylen, EVP_ripemd160(), NULL)
+#define libssh2_hmac_sha256_init(ctx, key, keylen) \
+  HMAC_Init_ex(ctx, key, keylen, EVP_sha256(), NULL)
+#define libssh2_hmac_sha512_init(ctx, key, keylen) \
+  HMAC_Init_ex(ctx, key, keylen, EVP_sha512(), NULL)
+
 #define libssh2_hmac_update(ctx, data, datalen) \
   HMAC_Update(&(ctx), data, datalen)
 #define libssh2_hmac_final(ctx, data) HMAC_Final(&(ctx), data, NULL)
 #define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx)
+#endif
+
+#define libssh2_crypto_init() \
+  OpenSSL_add_all_algorithms(); \
+  ENGINE_load_builtin_engines(); \
+  ENGINE_register_all_complete()
 
-#define libssh2_crypto_init() OpenSSL_add_all_algorithms()
 #define libssh2_crypto_exit()
 
 #define libssh2_rsa_ctx RSA
@@ -149,7 +243,11 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char
 #define _libssh2_dsa_free(dsactx) DSA_free(dsactx)
 
 #define _libssh2_cipher_type(name) const EVP_CIPHER *(*name)(void)
+#ifdef HAVE_OPAQUE_STRUCTS
+#define _libssh2_cipher_ctx EVP_CIPHER_CTX *
+#else
 #define _libssh2_cipher_ctx EVP_CIPHER_CTX
+#endif
 
 #define _libssh2_cipher_aes256 EVP_aes_256_cbc
 #define _libssh2_cipher_aes192 EVP_aes_192_cbc
@@ -168,7 +266,11 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char
 #define _libssh2_cipher_cast5 EVP_cast5_cbc
 #define _libssh2_cipher_3des EVP_des_ede3_cbc
 
+#ifdef HAVE_OPAQUE_STRUCTS
+#define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_reset(*(ctx))
+#else
 #define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_cleanup(ctx)
+#endif
 
 #define _libssh2_bn BIGNUM
 #define _libssh2_bn_ctx BN_CTX

src/os400qc3.h

@@ -0,0 +1,358 @@
+/*
+ * Copyright (C) 2015 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms,
+ * with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ *   Redistributions of source code must retain the above
+ *   copyright notice, this list of conditions and the
+ *   following disclaimer.
+ *
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials
+ *   provided with the distribution.
+ *
+ *   Neither the name of the copyright holder nor the names
+ *   of any other contributors may be used to endorse or
+ *   promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+#ifndef LIBSSH2_OS400QC3_H
+#define LIBSSH2_OS400QC3_H
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <qc3cci.h>
+
+
+/* Redefine character/string literals as always EBCDIC. */
+#undef Qc3_Alg_Token
+#define Qc3_Alg_Token       "\xC1\xD3\xC7\xC4\xF0\xF1\xF0\xF0"  /* ALGD0100 */
+#undef Qc3_Alg_Block_Cipher
+#define Qc3_Alg_Block_Cipher "\xC1\xD3\xC7\xC4\xF0\xF2\xF0\xF0" /* ALGD0200 */
+#undef Qc3_Alg_Block_CipherAuth
+#define Qc3_Alg_Block_CipherAuth                                            \
+                            "\xC1\xD3\xC7\xC4\xF0\xF2\xF1\xF0"  /* ALGD0210 */
+#undef Qc3_Alg_Stream_Cipher
+#define Qc3_Alg_Stream_Cipher                                               \
+                            "\xC1\xD3\xC7\xC4\xF0\xF3\xF0\xF0"  /* ALGD0300 */
+#undef Qc3_Alg_Public_Key
+#define Qc3_Alg_Public_Key  "\xC1\xD3\xC7\xC4\xF0\xF4\xF0\xF0"  /* ALGD0400 */
+#undef Qc3_Alg_Hash
+#define Qc3_Alg_Hash        "\xC1\xD3\xC7\xC4\xF0\xF5\xF0\xF0"  /* ALGD0500 */
+#undef Qc3_Data
+#define Qc3_Data            "\xC4\xC1\xE3\xC1\xF0\xF1\xF0\xF0"  /* DATA0100 */
+#undef Qc3_Array
+#define Qc3_Array           "\xC4\xC1\xE3\xC1\xF0\xF2\xF0\xF0"  /* DATA0200 */
+#undef Qc3_Key_Token
+#define Qc3_Key_Token       "\xD2\xC5\xE8\xC4\xF0\xF1\xF0\xF0"  /* KEYD0100 */
+#undef Qc3_Key_Parms
+#define Qc3_Key_Parms       "\xD2\xC5\xE8\xC4\xF0\xF2\xF0\xF0"  /* KEYD0200 */
+#undef Qc3_Key_KSLabel
+#define Qc3_Key_KSLabel     "\xD2\xC5\xE8\xC4\xF0\xF4\xF0\xF0"  /* KEYD0400 */
+#undef Qc3_Key_PKCS5
+#define Qc3_Key_PKCS5       "\xD2\xC5\xE8\xC4\xF0\xF5\xF0\xF0"  /* KEYD0500 */
+#undef Qc3_Key_PEMCert
+#define Qc3_Key_PEMCert     "\xD2\xC5\xE8\xC4\xF0\xF6\xF0\xF0"  /* KEYD0600 */
+#undef Qc3_Key_CSLabel
+#define Qc3_Key_CSLabel     "\xD2\xC5\xE8\xC4\xF0\xF7\xF0\xF0"  /* KEYD0700 */
+#undef Qc3_Key_CSDN
+#define Qc3_Key_CSDN        "\xD2\xC5\xE8\xC4\xF0\xF8\xF0\xF0"  /* KEYD0800 */
+#undef Qc3_Key_AppID
+#define Qc3_Key_AppID       "\xD2\xC5\xE8\xC4\xF0\xF9\xF0\xF0"  /* KEYD0900 */
+
+#undef Qc3_ECB
+#define Qc3_ECB             '\xF0'      /* '0' */
+#undef Qc3_CBC
+#define Qc3_CBC             '\xF1'      /* '1' */
+#undef Qc3_OFB
+#define Qc3_OFB             '\xF2'      /* '2' */
+#undef Qc3_CFB1Bit
+#define Qc3_CFB1Bit         '\xF3'      /* '3' */
+#undef Qc3_CFB8Bit
+#define Qc3_CFB8Bit         '\xF4'      /* '4' */
+#undef Qc3_CFB64Bit
+#define Qc3_CFB64Bit        '\xF5'      /* '5' */
+#undef Qc3_CUSP
+#define Qc3_CUSP            '\xF6'      /* '6' */
+#undef Qc3_CTR
+#define Qc3_CTR             '\xF7'      /* '7' */
+#undef Qc3_CCM
+#define Qc3_CCM             '\xF8'      /* '8' */
+#undef Qc3_No_Pad
+#define Qc3_No_Pad          '\xF0'      /* '0' */
+#undef Qc3_Pad_Char
+#define Qc3_Pad_Char        '\xF1'      /* '1' */
+#undef Qc3_Pad_Counter
+#define Qc3_Pad_Counter     '\xF2'      /* '2' */
+#undef Qc3_PKCS1_00
+#define Qc3_PKCS1_00        '\xF0'      /* '0' */
+#undef Qc3_PKCS1_01
+#define Qc3_PKCS1_01        '\xF1'      /* '1' */
+#undef Qc3_PKCS1_02
+#define Qc3_PKCS1_02        '\xF2'      /* '2' */
+#undef Qc3_ISO9796
+#define Qc3_ISO9796         '\xF3'      /* '3' */
+#undef Qc3_Zero_Pad
+#define Qc3_Zero_Pad        '\xF4'      /* '4' */
+#undef Qc3_ANSI_X931
+#define Qc3_ANSI_X931       '\xF5'      /* '5' */
+#undef Qc3_OAEP
+#define Qc3_OAEP            '\xF6'      /* '6' */
+#undef Qc3_Bin_String
+#define Qc3_Bin_String      '\xF0'      /* '0' */
+#undef Qc3_BER_String
+#define Qc3_BER_String      '\xF1'      /* '1' */
+#undef Qc3_MK_Struct
+#define Qc3_MK_Struct       '\xF3'      /* '3' */
+#undef Qc3_KSLabel_Struct
+#define Qc3_KSLabel_Struct  '\xF4'      /* '4' */
+#undef Qc3_PKCS5_Struct
+#define Qc3_PKCS5_Struct    '\xF5'      /* '5' */
+#undef Qc3_PEMCert_String
+#define Qc3_PEMCert_String  '\xF6'      /* '6' */
+#undef Qc3_CSLabel_String
+#define Qc3_CSLabel_String  '\xF7'      /* '7' */
+#undef Qc3_CSDN_String
+#define Qc3_CSDN_String     '\xF8'      /* '8' */
+#undef Qc3_Clear
+#define Qc3_Clear           '\xF0'      /* '0' */
+#undef Qc3_Encrypted
+#define Qc3_Encrypted       '\xF1'      /* '1' */
+#undef Qc3_MK_Encrypted
+#define Qc3_MK_Encrypted    '\xF2'      /* '2' */
+#undef Qc3_Any_CSP
+#define Qc3_Any_CSP         '\xF0'      /* '0' */
+#undef Qc3_Sfw_CSP
+#define Qc3_Sfw_CSP         '\xF1'      /* '1' */
+#undef Qc3_Hdw_CSP
+#define Qc3_Hdw_CSP         '\xF2'      /* '2' */
+#undef Qc3_Continue
+#define Qc3_Continue        '\xF0'      /* '0' */
+#undef Qc3_Final
+#define Qc3_Final           '\xF1'      /* '1' */
+#undef Qc3_MK_New
+#define Qc3_MK_New          '\xF0'      /* '0' */
+#undef Qc3_MK_Current
+#define Qc3_MK_Current      '\xF1'      /* '1' */
+#undef Qc3_MK_Old
+#define Qc3_MK_Old          '\xF2'      /* '2' */
+#undef Qc3_MK_Pending
+#define Qc3_MK_Pending      '\xF3'      /* '3' */
+
+
+/* Define which features are supported. */
+#define LIBSSH2_MD5             1
+#define LIBSSH2_HMAC_RIPEMD     0
+#define LIBSSH2_HMAC_SHA256     1
+#define LIBSSH2_HMAC_SHA512     1
+
+#define LIBSSH2_AES             1
+#define LIBSSH2_AES_CTR         1
+#define LIBSSH2_BLOWFISH        0
+#define LIBSSH2_RC4             1
+#define LIBSSH2_CAST            0
+#define LIBSSH2_3DES            1
+
+#define LIBSSH2_RSA             1
+#define LIBSSH2_DSA             0
+
+#define MD5_DIGEST_LENGTH       16
+#define SHA_DIGEST_LENGTH       20
+#define SHA256_DIGEST_LENGTH    32
+#define SHA512_DIGEST_LENGTH    64
+
+
+/*******************************************************************
+ *
+ * OS/400 QC3 crypto-library backend: global handles structures.
+ *
+ *******************************************************************/
+
+/* HMAC & private key algorithms support structure. */
+typedef struct _libssh2_os400qc3_crypto_ctx _libssh2_os400qc3_crypto_ctx;
+struct _libssh2_os400qc3_crypto_ctx {
+    Qc3_Format_ALGD0100_T           hash;           /* Hash algorithm. */
+    Qc3_Format_KEYD0100_T           key;            /* Key. */
+    _libssh2_os400qc3_crypto_ctx *  kek;            /* Key encryption. */
+};
+
+typedef struct {        /* Big number. */
+    unsigned char *         bignum;         /* Number bits, little-endian. */
+    unsigned int            length;         /* Length of bignum (# bytes). */
+}       _libssh2_bn;
+
+typedef struct {        /* Algorithm description. */
+    char *                  fmt;            /* Format of Qc3 structure. */
+    int                     algo;           /* Algorithm identifier. */
+    unsigned char           size;           /* Block length. */
+    unsigned char           mode;           /* Block mode. */
+    int                     keylen;         /* Key length. */
+}       _libssh2_os400qc3_cipher_t;
+
+/*******************************************************************
+ *
+ * OS/400 QC3 crypto-library backend: Define global types/codes.
+ *
+ *******************************************************************/
+
+#define libssh2_crypto_init()
+#define libssh2_crypto_exit()
+
+#define libssh2_sha1_ctx        Qc3_Format_ALGD0100_T
+#define libssh2_sha256_ctx      Qc3_Format_ALGD0100_T
+#define libssh2_md5_ctx         Qc3_Format_ALGD0100_T
+#define libssh2_hmac_ctx        _libssh2_os400qc3_crypto_ctx
+#define _libssh2_cipher_ctx     _libssh2_os400qc3_crypto_ctx
+
+#define libssh2_sha1_init(x)    libssh2_os400qc3_hash_init(x, Qc3_SHA1)
+#define libssh2_sha1_update(ctx, data, len)                                 \
+                                libssh2_os400qc3_hash_update(&(ctx), data, len)
+#define libssh2_sha1_final(ctx, out)                                        \
+                                libssh2_os400qc3_hash_final(&(ctx), out)
+#define libssh2_sha256_init(x)  libssh2_os400qc3_hash_init(x, Qc3_SHA256)
+#define libssh2_sha256_update(ctx, data, len)                               \
+                                libssh2_os400qc3_hash_update(&(ctx), data, len)
+#define libssh2_sha256_final(ctx, out)                                      \
+                                libssh2_os400qc3_hash_final(&(ctx), out)
+#define libssh2_sha256(message, len, out)                                   \
+                                libssh2_os400qc3_hash(message, len, out,    \
+                                                      Qc3_SHA256)
+#define libssh2_md5_init(x)     libssh2_os400qc3_hash_init(x, Qc3_MD5)
+#define libssh2_md5_update(ctx, data, len)                                  \
+                                libssh2_os400qc3_hash_update(&(ctx), data, len)
+#define libssh2_md5_final(ctx, out)                                         \
+                                libssh2_os400qc3_hash_final(&(ctx), out)
+#define libssh2_hmac_ctx_init(ctx)                                          \
+                                memset((char *) &(ctx), 0,                  \
+                                       sizeof(libssh2_hmac_ctx))
+#define libssh2_hmac_md5_init(ctx, key, keylen)                             \
+                                libssh2_os400qc3_hmac_init(ctx, Qc3_MD5,    \
+                                                           MD5_DIGEST_LENGTH, \
+                                                           key, keylen)
+#define libssh2_hmac_sha1_init(ctx, key, keylen)                            \
+                                libssh2_os400qc3_hmac_init(ctx, Qc3_SHA1,   \
+                                                           SHA_DIGEST_LENGTH, \
+                                                           key, keylen)
+#define libssh2_hmac_sha256_init(ctx, key, keylen)                          \
+                                libssh2_os400qc3_hmac_init(ctx, Qc3_SHA256, \
+                                                         SHA256_DIGEST_LENGTH, \
+                                                         key, keylen)
+#define libssh2_hmac_sha512_init(ctx, key, keylen)                          \
+                                libssh2_os400qc3_hmac_init(ctx, Qc3_SHA512, \
+                                                         SHA512_DIGEST_LENGTH, \
+                                                         key, keylen)
+#define libssh2_hmac_update(ctx, data, datalen)                             \
+                                libssh2_os400qc3_hmac_update(&(ctx),        \
+                                                             data, datalen)
+#define libssh2_hmac_final(ctx, data)                                       \
+                                libssh2_os400qc3_hmac_final(&(ctx), data)
+#define libssh2_hmac_cleanup(ctx)                                           \
+                                _libssh2_os400qc3_crypto_dtor(ctx)
+
+
+#define _libssh2_bn_ctx         int                 /* Not used. */
+
+#define _libssh2_bn_ctx_new()           0
+#define _libssh2_bn_ctx_free(bnctx)     ((void) 0)
+
+#define _libssh2_bn_init_from_bin() _libssh2_bn_init()
+#define _libssh2_bn_mod_exp(r, a, p, m, ctx)                                \
+                                _libssh2_os400qc3_bn_mod_exp(r, a, p, m)
+#define _libssh2_bn_bytes(bn)   ((bn)->length)
+
+#define _libssh2_cipher_type(name)  _libssh2_os400qc3_cipher_t name
+#define _libssh2_cipher_aes128 {Qc3_Alg_Block_Cipher, Qc3_AES, 16,          \
+                                Qc3_CBC, 16}
+#define _libssh2_cipher_aes192 {Qc3_Alg_Block_Cipher, Qc3_AES, 24,          \
+                                Qc3_CBC, 24}
+#define _libssh2_cipher_aes256 {Qc3_Alg_Block_Cipher, Qc3_AES, 32,          \
+                                Qc3_CBC, 32}
+#define _libssh2_cipher_aes128ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 16,       \
+                                   Qc3_CTR, 16}
+#define _libssh2_cipher_aes192ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 24,       \
+                                   Qc3_CTR, 24}
+#define _libssh2_cipher_aes256ctr {Qc3_Alg_Block_Cipher, Qc3_AES, 32,       \
+                                   Qc3_CTR, 32}
+#define _libssh2_cipher_3des   {Qc3_Alg_Block_Cipher, Qc3_TDES, 0,          \
+                                Qc3_CBC, 24}
+#define _libssh2_cipher_arcfour {Qc3_Alg_Stream_Cipher, Qc3_RC4, 0, 0, 16}
+
+#define _libssh2_cipher_dtor(ctx) _libssh2_os400qc3_crypto_dtor(ctx)
+
+#define libssh2_rsa_ctx         _libssh2_os400qc3_crypto_ctx
+#define _libssh2_rsa_free(ctx)  (_libssh2_os400qc3_crypto_dtor(ctx),        \
+                                 free((char *) ctx))
+#define libssh2_prepare_iovec(vec, len) memset((char *) (vec), 0,           \
+                                               (len) * sizeof(struct iovec))
+#define _libssh2_rsa_sha1_signv(session, sig, siglen, count, vector, ctx)   \
+            _libssh2_os400qc3_rsa_sha1_signv(session, sig, siglen,          \
+                                             count, vector, ctx)
+
+
+/*******************************************************************
+ *
+ * OS/400 QC3 crypto-library backend: Support procedure prototypes.
+ *
+ *******************************************************************/
+
+extern _libssh2_bn *    _libssh2_bn_init(void);
+extern void     _libssh2_bn_free(_libssh2_bn *bn);
+extern unsigned long    _libssh2_bn_bits(_libssh2_bn *bn);
+extern int      _libssh2_bn_from_bin(_libssh2_bn *bn, int len,
+                                     const unsigned char *v);
+extern int      _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val);
+extern int      _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val);
+extern void     _libssh2_random(unsigned char *buf, int len);
+extern int      _libssh2_bn_rand(_libssh2_bn *bn, int bits,
+                                int top, int bottom);
+extern int      _libssh2_os400qc3_bn_mod_exp(_libssh2_bn *r, _libssh2_bn *a,
+                                             _libssh2_bn *p, _libssh2_bn *m);
+extern void     _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x);
+extern int      libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x,
+                                           unsigned int algo);
+extern void     libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
+                                             unsigned char *data, int len);
+extern void     libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx,
+                                            unsigned char *out);
+extern int      libssh2_os400qc3_hash(const unsigned char *message,
+                                      unsigned long len, unsigned char *out,
+                                      unsigned int algo);
+extern void     libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *x,
+                                           int algo, size_t minkeylen,
+                                           void *key, int keylen);
+extern void     libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx,
+                                             const unsigned char *data,
+                                             int len);
+extern void     libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx,
+                                            unsigned char *out);
+extern int      _libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION *session,
+                                                 unsigned char **signature,
+                                                 size_t *signature_len,
+                                                 int veccount,
+                                                 const struct iovec vector[],
+                                                 libssh2_rsa_ctx *ctx);
+
+#endif
+
+/* vim: set expandtab ts=4 sw=4: */

src/scp.c

@@ -268,7 +268,7 @@ shell_quotearg(const char *path, unsigned char *buf,
  *
  */
 static LIBSSH2_CHANNEL *
-scp_recv(LIBSSH2_SESSION * session, const char *path, struct stat * sb)
+scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb)
 {
     int cmd_len;
     int rc;
@@ -724,7 +724,7 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, struct stat * sb)
     }
 
     if (sb) {
-        memset(sb, 0, sizeof(struct stat));
+        memset(sb, 0, sizeof(libssh2_struct_stat));
 
         sb->st_mtime = session->scpRecv_mtime;
         sb->st_atime = session->scpRecv_atime;
@@ -759,11 +759,47 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, struct stat * sb)
 /*
  * libssh2_scp_recv
  *
- * Open a channel and request a remote file via SCP
+ * DEPRECATED
+ *
+ * Open a channel and request a remote file via SCP.  This receives files larger
+ * than 2 GB, but is unable to report the proper size on platforms where the
+ * st_size member of struct stat is limited to 2 GB (e.g. windows).
  *
  */
 LIBSSH2_API LIBSSH2_CHANNEL *
 libssh2_scp_recv(LIBSSH2_SESSION *session, const char *path, struct stat * sb)
+{
+    LIBSSH2_CHANNEL *ptr;
+
+    /* scp_recv uses libssh2_struct_stat, so pass one if the caller gave us a struct to populate... */
+    libssh2_struct_stat sb_intl;
+    libssh2_struct_stat *sb_ptr;
+    sb_ptr = sb ? &sb_intl : NULL;
+
+    BLOCK_ADJUST_ERRNO(ptr, session, scp_recv(session, path, sb_ptr));
+
+    /* ...and populate the caller's with as much info as fits. */
+    if (sb) {
+        memset(sb, 0, sizeof(struct stat));
+
+        sb->st_mtime = sb_intl.st_mtime;
+        sb->st_atime = sb_intl.st_atime;
+        sb->st_size = (off_t)sb_intl.st_size;
+        sb->st_mode = sb_intl.st_mode;
+    }
+
+    return ptr;
+}
+
+/*
+ * libssh2_scp_recv2
+ *
+ * Open a channel and request a remote file via SCP.  This supports files > 2GB
+ * on platforms that support it.
+ *
+ */
+LIBSSH2_API LIBSSH2_CHANNEL *
+libssh2_scp_recv2(LIBSSH2_SESSION *session, const char *path, libssh2_struct_stat * sb)
 {
     LIBSSH2_CHANNEL *ptr;
     BLOCK_ADJUST_ERRNO(ptr, session, scp_recv(session, path, sb));

src/session.c

@@ -1058,6 +1058,11 @@ session_free(LIBSSH2_SESSION *session)
         LIBSSH2_FREE(session, session->server_hostkey);
     }
 
+    /* error string */
+    if (session->err_msg && ((session->err_flags & LIBSSH2_ERR_FLAG_DUP) != 0)) {
+        LIBSSH2_FREE(session, (char *)session->err_msg);
+    }
+
     LIBSSH2_FREE(session, session);
 
     return 0;
@@ -1285,7 +1290,24 @@ libssh2_session_last_errno(LIBSSH2_SESSION * session)
     return session->err_code;
 }
 
-/* libssh2_session_flag
+/* libssh2_session_set_last_error
+ *
+ * Sets the internal error code for the session.
+ *
+ * This function is available specifically to be used by high level
+ * language wrappers (i.e. Python or Perl) that may extend the library
+ * features while still relying on its error reporting mechanism.
+ */
+LIBSSH2_API int
+libssh2_session_set_last_error(LIBSSH2_SESSION* session,
+                               int errcode,
+                               const char* errmsg)
+{
+    return _libssh2_error_flags(session, errcode, errmsg,
+                                LIBSSH2_ERR_FLAG_DUP);
+}
+
+/* Libssh2_session_flag
  *
  * Set/Get session flags
  *

src/sftp.c

@@ -204,7 +204,8 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data,
     LIBSSH2_SFTP_PACKET *packet;
     uint32_t request_id;
 
-    _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Received packet %d (len %d)",
+    _libssh2_debug(session, LIBSSH2_TRACE_SFTP,
+                   "Received packet type %d (len %d)",
                    (int) data[0], data_len);
 
     /*
@@ -250,6 +251,9 @@ sftp_packet_add(LIBSSH2_SFTP *sftp, unsigned char *data,
 
     request_id = _libssh2_ntohu32(&data[1]);
 
+    _libssh2_debug(session, LIBSSH2_TRACE_SFTP, "Received packet id %d",
+                   request_id);
+
     /* Don't add the packet if it answers a request we've given up on. */
     if((data[0] == SSH_FXP_STATUS || data[0] == SSH_FXP_DATA)
        && find_zombie_request(sftp, request_id)) {
@@ -1245,6 +1249,8 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
     ssize_t rc;
     struct _libssh2_sftp_handle_file_data *filep =
         &handle->u.file;
+    size_t bytes_in_buffer = 0;
+    char *sliding_bufferp = buffer;
 
     /* This function can be interrupted in three different places where it
        might need to wait for data from the network.  It returns EAGAIN to
@@ -1301,11 +1307,14 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
             return copy;
         }
 
+        if (filep->eof) {
+            return 0;
+        } else {
             /* We allow a number of bytes being requested at any given time
                without having been acked - until we reach EOF. */
-        if(!filep->eof) {
+
             /* Number of bytes asked for that haven't been acked yet */
-            size_t already = (filep->offset_sent - filep->offset);
+            size_t already = (size_t)(filep->offset_sent - filep->offset);
 
             size_t max_read_ahead = buffer_size*4;
             unsigned long recv_window;
@@ -1358,19 +1367,25 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
 
         while(count > 0) {
             unsigned char *s;
-            uint32_t size = MIN(MAX_SFTP_READ_SIZE, count);
 
             /* 25 = packet_len(4) + packet_type(1) + request_id(4) +
                handle_len(4) + offset(8) + count(4) */
             uint32_t packet_len = (uint32_t)handle->handle_len + 25;
             uint32_t request_id;
 
+            uint32_t size = count;
+            if (size < buffer_size)
+                size = buffer_size;
+            if (size > MAX_SFTP_READ_SIZE)
+                size = MAX_SFTP_READ_SIZE;
+
             chunk = LIBSSH2_ALLOC(session, packet_len +
                                   sizeof(struct sftp_pipeline_chunk));
             if (!chunk)
                 return _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
                                       "malloc fail for FXP_WRITE");
 
+            chunk->offset = filep->offset_sent;
             chunk->len = size;
             chunk->lefttosend = packet_len;
             chunk->sent = 0;
@@ -1389,8 +1404,11 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
 
             /* add this new entry LAST in the list */
             _libssh2_list_add(&handle->packet_list, &chunk->node);
-            count -= size; /* deduct the size we used, as we might have
+            count -= MIN(size,count); /* deduct the size we used, as we might
-                              to create more packets */
+                                       * have to create more packets */
+            _libssh2_debug(session, LIBSSH2_TRACE_SFTP,
+                           "read request id %d sent (offset: %d, size: %d)",
+                           request_id, (int)chunk->offset, (int)chunk->len);
         }
 
     case libssh2_NB_state_sent:
@@ -1416,9 +1434,16 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
                 chunk->lefttosend -= rc;
                 chunk->sent += rc;
 
-                if(chunk->lefttosend)
+                if(chunk->lefttosend) {
-                    /* data left to send, get out of loop */
+                    /* We still have data left to send for this chunk.
+                     * If there is at least one completely sent chunk,
+                     * we can get out of this loop and start reading.  */
+                    if (chunk != _libssh2_list_first(&handle->packet_list)) {
                         break;
+                    } else {
+                        continue;
+                    }
+                }
             }
 
             /* move on to the next chunk with data to send */
@@ -1442,13 +1467,27 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
                 SSH_FXP_DATA, SSH_FXP_STATUS
             };
 
-            if(chunk->lefttosend)
+            if(chunk->lefttosend) {
                 /* if the chunk still has data left to send, we shouldn't wait
                    for an ACK for it just yet */
-                break;
+                if (bytes_in_buffer > 0) {
+                    return bytes_in_buffer;
+                } else {
+                    /* we should never reach this point */
+                    return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
+                                          "sftp_read() internal error");
+                }
+            }
 
             rc = sftp_packet_requirev(sftp, 2, read_responses,
                                       chunk->request_id, &data, &data_len);
+
+            if (rc==LIBSSH2_ERROR_EAGAIN && bytes_in_buffer != 0) {
+                /* do not return EAGAIN if we have already
+                 * written data into the buffer */
+                return bytes_in_buffer;
+            }
+
             if (rc < 0) {
                 sftp->read_state = libssh2_NB_state_sent2;
                 return rc;
@@ -1475,7 +1514,7 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
 
                 if (rc32 == LIBSSH2_FX_EOF) {
                     filep->eof = TRUE;
-                    return 0;
+                    return bytes_in_buffer;
                 }
                 else {
                     sftp->last_errno = rc32;
@@ -1485,6 +1524,16 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
                 break;
 
             case SSH_FXP_DATA:
+                if (chunk->offset != filep->offset) {
+                    /* This could happen if the server returns less bytes than
+                       requested, which shouldn't happen for normal files. See:
+                       http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02
+                       #section-6.4
+                    */
+                    return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
+                                          "Read Packet At Unexpected Offset");
+                }
+
                 rc32 = _libssh2_ntohu32(data + 5);
                 if (rc32 > (data_len - 9))
                     return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
@@ -1505,13 +1554,13 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
                     filep->offset_sent -= (chunk->len - rc32);
                 }
 
-                if(rc32 > buffer_size) {
+                if((bytes_in_buffer + rc32) > buffer_size) {
                     /* figure out the overlap amount */
-                    filep->data_left = rc32 - buffer_size;
+                    filep->data_left = (bytes_in_buffer + rc32) - buffer_size;
 
                     /* getting the full packet would overflow the buffer, so
                        only get the correct amount and keep the remainder */
-                    rc32 = (uint32_t)buffer_size;
+                    rc32 = (uint32_t)buffer_size - bytes_in_buffer;
 
                     /* store data to keep for next call */
                     filep->data = data;
@@ -1522,29 +1571,28 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
 
                 /* copy the received data from the received FXP_DATA packet to
                    the buffer at the correct index */
-                memcpy(buffer, data + 9, rc32);
+                memcpy(sliding_bufferp, data + 9, rc32);
                 filep->offset += rc32;
+                bytes_in_buffer += rc32;
+                sliding_bufferp += rc32;
 
                 if(filep->data_len == 0)
                     /* free the allocated data if not stored to keep */
                     LIBSSH2_FREE(session, data);
 
-
                 /* remove the chunk we just processed keeping track of the
                  * next one in case we need it */
                 next = _libssh2_list_next(&chunk->node);
                 _libssh2_list_remove(&chunk->node);
                 LIBSSH2_FREE(session, chunk);
-                chunk = NULL;
 
-                if(rc32 > 0) {
+                /* check if we have space left in the buffer
-                    /* we must return as we wrote some data to the buffer */
+                 * and either continue to the next chunk or stop
-                    return rc32;
+                 */
-                } else {
+                if (bytes_in_buffer < buffer_size) {
-                    /* A zero-byte read is not necessarily EOF so we must not
-                     * return 0 (that would signal EOF to the caller) so
-                     * instead we carry on to the next chunk */
                     chunk = next;
+                } else {
+                    chunk = NULL;
                 }
 
                 break;
@@ -1555,13 +1603,18 @@ static ssize_t sftp_read(LIBSSH2_SFTP_HANDLE * handle, char *buffer,
             }
         }
 
+        if (bytes_in_buffer > 0)
+            return bytes_in_buffer;
+
         break;
 
     default:
         assert(!"State machine error; unrecognised read state");
     }
 
-    return 0;
+    /* we should never reach this point */
+    return _libssh2_error(session, LIBSSH2_ERROR_SFTP_PROTOCOL,
+                          "sftp_read() internal error");
 }
 
 /* libssh2_sftp_read
@@ -1827,7 +1880,7 @@ static ssize_t sftp_write(LIBSSH2_SFTP_HANDLE *handle, const char *buffer,
            acked but we haven't been able to return as such yet, so we will
            get that data as well passed in here again.
         */
-        already = (handle->u.file.offset_sent - handle->u.file.offset)+
+        already = (size_t) (handle->u.file.offset_sent - handle->u.file.offset)+
             handle->u.file.acked;
 
         if(count >= already) {
@@ -2767,7 +2820,7 @@ static int sftp_fstatvfs(LIBSSH2_SFTP_HANDLE *handle, LIBSSH2_SFTP_STATVFS *st)
     st->f_ffree = _libssh2_ntohu64(data + 53);
     st->f_favail = _libssh2_ntohu64(data + 61);
     st->f_fsid = _libssh2_ntohu64(data + 69);
-    flag = _libssh2_ntohu64(data + 77);
+    flag = (unsigned int)_libssh2_ntohu64(data + 77);
     st->f_namemax = _libssh2_ntohu64(data + 85);
 
     st->f_flag = (flag & SSH_FXE_STATVFS_ST_RDONLY)
@@ -2893,7 +2946,7 @@ static int sftp_statvfs(LIBSSH2_SFTP *sftp, const char *path,
     st->f_ffree = _libssh2_ntohu64(data + 53);
     st->f_favail = _libssh2_ntohu64(data + 61);
     st->f_fsid = _libssh2_ntohu64(data + 69);
-    flag = _libssh2_ntohu64(data + 77);
+    flag = (unsigned int)_libssh2_ntohu64(data + 77);
     st->f_namemax = _libssh2_ntohu64(data + 85);
 
     st->f_flag = (flag & SSH_FXE_STATVFS_ST_RDONLY)

src/sftp.h

@@ -48,10 +48,12 @@
 /* MAX_SFTP_READ_SIZE is how much data is asked for at max in each FXP_READ
  * packets.
  */
-#define MAX_SFTP_READ_SIZE 2000
+#define MAX_SFTP_READ_SIZE 30000
 
 struct sftp_pipeline_chunk {
     struct list_node node;
+    libssh2_uint64_t offset; /* READ: offset at which to start reading
+                                WRITE: not used */
     size_t len; /* WRITE: size of the data to write
                    READ: how many bytes that was asked for */
     size_t sent;

src/transport.c

@@ -52,7 +52,7 @@
 #include "mac.h"
 
 #define MAX_BLOCKSIZE 32    /* MUST fit biggest crypto block size we use/get */
-#define MAX_MACSIZE 20      /* MUST fit biggest MAC length we support */
+#define MAX_MACSIZE 64      /* MUST fit biggest MAC length we support */
 
 #ifdef LIBSSH2DEBUG
 #define UNPRINTABLE_CHAR '.'

src/userauth.c

@@ -546,10 +546,6 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method,
     while (!feof(fd) && 1 == fread(&c, 1, 1, fd) && c != '\r' && c != '\n') {
         pubkey_len++;
     }
-    if (feof(fd)) {
-        /* the last character was EOF */
-        pubkey_len--;
-    }
     rewind(fd);
 
     if (pubkey_len <= 1) {
@@ -720,6 +716,7 @@ sign_frommemory(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
     if(rc)
         return rc;
 
+    libssh2_prepare_iovec(&datavec, 1);
     datavec.iov_base = (void *)data;
     datavec.iov_len  = data_len;
 
@@ -755,6 +752,7 @@ sign_fromfile(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
     if(rc)
         return rc;
 
+    libssh2_prepare_iovec(&datavec, 1);
     datavec.iov_base = (void *)data;
     datavec.iov_len  = data_len;
 
@@ -877,6 +875,7 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
         }
 
         _libssh2_htonu32(buf, session->session_id_len);
+        libssh2_prepare_iovec(datavec, 4);
         datavec[0].iov_base = (void *)buf;
         datavec[0].iov_len = 4;
         datavec[1].iov_base = (void *)session->session_id;

src/wincng.c

@@ -93,6 +93,14 @@
 #define BCRYPT_SHA1_ALGORITHM L"SHA1"
 #endif
 
+#ifndef BCRYPT_SHA256_ALGORITHM
+#define BCRYPT_SHA256_ALGORITHM L"SHA256"
+#endif
+
+#ifndef BCRYPT_SHA512_ALGORITHM
+#define BCRYPT_SHA512_ALGORITHM L"SHA512"
+#endif
+
 #ifndef BCRYPT_RSA_ALGORITHM
 #define BCRYPT_RSA_ALGORITHM L"RSA"
 #endif
@@ -211,6 +219,10 @@ _libssh2_wincng_init(void)
                                       BCRYPT_MD5_ALGORITHM, NULL, 0);
     (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA1,
                                       BCRYPT_SHA1_ALGORITHM, NULL, 0);
+    (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA256,
+                                      BCRYPT_SHA256_ALGORITHM, NULL, 0);
+    (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA512,
+                                      BCRYPT_SHA512_ALGORITHM, NULL, 0);
 
     (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacMD5,
                                       BCRYPT_MD5_ALGORITHM, NULL,
@@ -218,6 +230,12 @@ _libssh2_wincng_init(void)
     (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA1,
                                       BCRYPT_SHA1_ALGORITHM, NULL,
                                       BCRYPT_ALG_HANDLE_HMAC_FLAG);
+    (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA256,
+                                      BCRYPT_SHA256_ALGORITHM, NULL,
+                                      BCRYPT_ALG_HANDLE_HMAC_FLAG);
+    (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA512,
+                                      BCRYPT_SHA512_ALGORITHM, NULL,
+                                      BCRYPT_ALG_HANDLE_HMAC_FLAG);
 
     (void)BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgRSA,
                                       BCRYPT_RSA_ALGORITHM, NULL, 0);
@@ -264,8 +282,12 @@ _libssh2_wincng_free(void)
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgRNG, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashMD5, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA1, 0);
+    (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA256, 0);
+    (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA512, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacMD5, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacSHA1, 0);
+    (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacSHA256, 0);
+    (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacSHA512, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgRSA, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgDSA, 0);
     (void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgAES_CBC, 0);
@@ -384,7 +406,7 @@ _libssh2_wincng_hash_final(_libssh2_wincng_hash_ctx *ctx,
     ctx->pbHashObject = NULL;
     ctx->dwHashObject = 0;
 
-    return ret;
+    return BCRYPT_SUCCESS(ret) ? 0 : -1;
 }
 
 int
@@ -393,16 +415,15 @@ _libssh2_wincng_hash(unsigned char *data, unsigned long datalen,
                      unsigned char *hash, unsigned long hashlen)
 {
     _libssh2_wincng_hash_ctx ctx;
+    int ret;
 
-    if (!_libssh2_wincng_hash_init(&ctx, hAlg, hashlen, NULL, 0)) {
+    ret = _libssh2_wincng_hash_init(&ctx, hAlg, hashlen, NULL, 0);
-        if (!_libssh2_wincng_hash_update(&ctx, data, datalen)) {
+    if (!ret) {
-            if (!_libssh2_wincng_hash_final(&ctx, hash)) {
+        ret = _libssh2_wincng_hash_update(&ctx, data, datalen);
-                return 0;
+        ret |= _libssh2_wincng_hash_final(&ctx, hash);
-            }
-        }
     }
 
-    return -1;
+    return ret;
 }
 
 

src/wincng.h

@@ -51,6 +51,8 @@
 #define LIBSSH2_MD5 1
 
 #define LIBSSH2_HMAC_RIPEMD 0
+#define LIBSSH2_HMAC_SHA256 1
+#define LIBSSH2_HMAC_SHA512 1
 
 #define LIBSSH2_AES 1
 #define LIBSSH2_AES_CTR 0
@@ -64,6 +66,8 @@
 
 #define MD5_DIGEST_LENGTH 16
 #define SHA_DIGEST_LENGTH 20
+#define SHA256_DIGEST_LENGTH 32
+#define SHA512_DIGEST_LENGTH 64
 
 
 /*******************************************************************/
@@ -75,8 +79,12 @@ struct _libssh2_wincng_ctx {
     BCRYPT_ALG_HANDLE hAlgRNG;
     BCRYPT_ALG_HANDLE hAlgHashMD5;
     BCRYPT_ALG_HANDLE hAlgHashSHA1;
+    BCRYPT_ALG_HANDLE hAlgHashSHA256;
+    BCRYPT_ALG_HANDLE hAlgHashSHA512;
     BCRYPT_ALG_HANDLE hAlgHmacMD5;
     BCRYPT_ALG_HANDLE hAlgHmacSHA1;
+    BCRYPT_ALG_HANDLE hAlgHmacSHA256;
+    BCRYPT_ALG_HANDLE hAlgHmacSHA512;
     BCRYPT_ALG_HANDLE hAlgRSA;
     BCRYPT_ALG_HANDLE hAlgDSA;
     BCRYPT_ALG_HANDLE hAlgAES_CBC;
@@ -103,6 +111,8 @@ void _libssh2_wincng_free(void);
 #define _libssh2_random(buf, len) \
   _libssh2_wincng_random(buf, len)
 
+#define libssh2_prepare_iovec(vec, len)  /* Empty. */
+
 
 /*******************************************************************/
 /*
@@ -132,6 +142,30 @@ typedef struct __libssh2_wincng_hash_ctx {
   _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA1, \
                        hash, SHA_DIGEST_LENGTH)
 
+#define libssh2_sha256_ctx _libssh2_wincng_hash_ctx
+#define libssh2_sha256_init(ctx) \
+  (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \
+                            SHA256_DIGEST_LENGTH, NULL, 0) == 0)
+#define libssh2_sha256_update(ctx, data, datalen) \
+  _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
+#define libssh2_sha256_final(ctx, hash) \
+  _libssh2_wincng_hash_final(&ctx, hash)
+#define libssh2_sha256(data, datalen, hash) \
+  _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \
+                       hash, SHA256_DIGEST_LENGTH)
+
+#define libssh2_sha512_ctx _libssh2_wincng_hash_ctx
+#define libssh2_sha512_init(ctx) \
+  (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \
+                            SHA512_DIGEST_LENGTH, NULL, 0) == 0)
+#define libssh2_sha512_update(ctx, data, datalen) \
+  _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
+#define libssh2_sha512_final(ctx, hash) \
+  _libssh2_wincng_hash_final(&ctx, hash)
+#define libssh2_sha512(data, datalen, hash) \
+  _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \
+                       hash, SHA512_DIGEST_LENGTH)
+
 #define libssh2_md5_ctx _libssh2_wincng_hash_ctx
 #define libssh2_md5_init(ctx) \
   (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \
@@ -158,6 +192,12 @@ typedef struct __libssh2_wincng_hash_ctx {
                             MD5_DIGEST_LENGTH, key, keylen)
 #define libssh2_hmac_ripemd160_init(ctx, key, keylen)
   /* not implemented */
+#define libssh2_hmac_sha256_init(ctx, key, keylen) \
+  _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA256, \
+                            SHA256_DIGEST_LENGTH, key, keylen)
+#define libssh2_hmac_sha512_init(ctx, key, keylen) \
+  _libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA512, \
+                            SHA512_DIGEST_LENGTH, key, keylen)
 #define libssh2_hmac_update(ctx, data, datalen) \
   _libssh2_wincng_hash_update(&ctx, (unsigned char *) data, datalen)
 #define libssh2_hmac_final(ctx, hash) \

tests/CMakeLists.txt

@@ -78,8 +78,9 @@ find_program(MAN_EXECUTABLE man)
 find_program(GREP_EXECUTABLE grep)
 mark_as_advanced(SH_EXECUTABLE MAN_EXECUTABLE GREP_EXECUTABLE)
 if(SH_EXECUTABLE AND MAN_EXECUTABLE AND GREP_EXECUTABLE)
-  add_test(mansyntax
+  set(cmd "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
-    ${SH_EXECUTABLE} "${CMAKE_CURRENT_SOURCE_DIR}/mansyntax.sh")
+  set(cmd "${cmd} ${CMAKE_CURRENT_SOURCE_DIR}/mansyntax.sh")
+  add_test(mansyntax ${SH_EXECUTABLE} -c "${cmd}")
 endif()
 
 add_test(simple test-simple)

tests/Makefile.am

@@ -14,6 +14,8 @@ endif
 check_PROGRAMS = $(ctests)
 
 TESTS_ENVIRONMENT = SSHD=$(SSHD) EXEEXT=$(EXEEXT)
+TESTS_ENVIRONMENT += srcdir=$(top_srcdir)/tests builddir=$(top_builddir)/tests
 
 EXTRA_DIST = ssh2.sh mansyntax.sh
 EXTRA_DIST += etc/host etc/host.pub etc/user etc/user.pub
+EXTRA_DIST += CMakeLists.txt libssh2_config_cmake.h.in sshd_fixture.sh.in

tests/mansyntax.sh

@@ -6,7 +6,8 @@ set -e
 # Run syntax checks for all manpages in the documentation tree.
 #
 
-srcdir="`cd $(dirname $0);pwd`"
+srcdir=${srcdir:-$PWD}
+dstdir=${builddir:-$PWD}
 mandir=${srcdir}/../docs
 
 #
@@ -19,13 +20,13 @@ fi
 
 ec=0
 
-trap "rm -f $srcdir/man3" EXIT
+trap "rm -f $dstdir/man3" EXIT
 
-ln -sf "$mandir" "$srcdir/man3"
+ln -sf "$mandir" "$dstdir/man3"
 
 for manpage in $mandir/libssh2_*.*; do
   echo "$manpage"
-  warnings=$(LANG=en_US.UTF-8 MANWIDTH=80 man -M "$srcdir" --warnings \
+  warnings=$(LANG=en_US.UTF-8 MANWIDTH=80 man -M "$dstdir" --warnings \
     -E UTF-8 -l "$manpage" 2>&1 >/dev/null)
   if [ -n "$warnings" ]; then
     echo "$warnings"

vms/readme.vms

@@ -8,7 +8,7 @@ LIBSSH2
 
 LIBSSH2 is a client-side library written in C that aims to 
 implement the SSH2 protocol. It is an open source project, 
-to be found at http://libssh2.org. 
+to be found at https://libssh2.org.
 
 GNV
 ---
@@ -190,7 +190,7 @@ You will need to have the following available:
 
 Optional:
 
-- curl, to be found at  http://curl.haxx.se
+- curl, to be found at  https://curl.haxx.se
   You might want to use curl to download the libssh2 kit directly
   to you VMS machine. Interestingly, sftp in curl is implemented using
   libssh2, soon to be expected on VMS as well, hopefully.
@@ -217,7 +217,7 @@ $ then
 $   delete libssh2-'libssh2_version'-'currentday'.tar.gz;*
 $ endif
 $!
-$ curl 'proxy_line' "http://libssh2.org/snapshots/libssh2-''libssh2_version'-''currentday'.tar.gz" -
+$ curl 'proxy_line' "https://libssh2.org/snapshots/libssh2-''libssh2_version'-''currentday'.tar.gz" -
                     -o libssh2-'libssh2_version'-'currentday'.tar.gz
 $!
 $!

win32/GNUmakefile

@@ -14,7 +14,7 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8zc
+OPENSSL_PATH = ../../openssl-1.0.2d
 endif
 
 # Edit the path below to point to your Distribution folder.
@@ -34,7 +34,7 @@ PROOT	= ..
 
 # Edit the vars below to change target settings.
 TARGET	= libssh2
-WWWURL	= http://www.libssh2.org/
+WWWURL	= https://www.libssh2.org/
 DESCR	= libssh2 $(LIBSSH2_VERSION_STR)
 #STACK	= 64000
 
@@ -111,18 +111,18 @@ endif
 
 # Global flags for all compilers
 CFLAGS	= $(LIBSSH2_CFLAG_EXTRAS) $(OPT) -D$(DB) -DLIBSSH2_WIN32 # -DHAVE_CONFIG_H
+LDFLAGS = $(LIBSSH2_LDFLAG_EXTRAS)
 
 ifeq ($(CC),mwcc)
 LD	= mwld
 RC	= mwwinrc
-LDFLAGS	= -nostdlib
+LDFLAGS	+= -nostdlib
 AR	= $(LD)
 ARFLAGS	= -nostdlib -library -o
 LIBEXT	= lib
 #RANLIB	=
 LIBPATH	+= -lr "$(METROWERKS)/MSL" -lr "$(METROWERKS)/Win32-x86 Support"
 LDLIBS	+= -lMSL_Runtime_x86.lib -lMSL_C_x86.lib -lMSL_Extras_x86.lib
-LDLIBS	+= -lkernel32.lib -luser32.lib -lwsock32.lib
 RCFLAGS	=
 CFLAGS	+= -nostdinc -gccinc -msgstyle gcc -inline off -opt nointrinsics -proc 586
 CFLAGS	+= -ir "$(METROWERKS)/MSL" -ir "$(METROWERKS)/Win32-x86 Support"
@@ -130,22 +130,22 @@ CFLAGS	+= -w on,nounused,nounusedexpr # -ansi strict
 else
 LD	= $(CROSSPREFIX)gcc
 RC	= $(CROSSPREFIX)windres
-LDFLAGS	= -s -shared -Wl,--output-def,$(TARGET).def,--out-implib,$(TARGET)dll.a
+LDFLAGS	+= -s -shared -Wl,--output-def,$(TARGET).def,--out-implib,$(TARGET)dll.a
 AR	= $(CROSSPREFIX)ar
 ARFLAGS	= -cq
 LIBEXT	= a
 RANLIB	= $(CROSSPREFIX)ranlib
-#LDLIBS	+= -lwsock32
-LDLIBS	+= -lws2_32
 RCFLAGS	= -I $(PROOT)/include -O coff
 CFLAGS	+= -fno-builtin
 CFLAGS	+= -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(ARCH),w64)
-CFLAGS	+= -D_AMD64_
+CFLAGS	+= -m64 -D_AMD64_
+LDFLAGS += -m64
 RCFLAGS	+= -F pe-x86-64
 else
 CFLAGS	+= -m32
+LDFLAGS += -m32
 RCFLAGS	+= -F pe-i386
 endif
 endif
@@ -186,6 +186,12 @@ else
 	LDLIBS += $(patsubst %,$(OPENSSL_LIBPATH)/lib%.$(LIBEXT), $(OPENSSL_LIBS_DYN))
 endif
 endif
+ifeq ($(CC),mwcc)
+LDLIBS	+= -lkernel32.lib -luser32.lib -lwsock32.lib
+else
+#LDLIBS	+= -lwsock32
+LDLIBS	+= -lws2_32
+endif
 
 ifdef WITH_ZLIB
 	CFLAGS += -DLIBSSH2_HAVE_ZLIB
@@ -342,5 +348,3 @@ help: $(OBJDIR)/version.inc
 	@echo $(DL)$(MAKE) objclean$(DL)
 	@echo $(DL)$(MAKE) test$(DL)
 	@echo $(DL)===========================================================$(DL)
-
-

win32/libssh2.rc

@@ -26,7 +26,7 @@ BEGIN
   BEGIN
     BLOCK "040904b0"
     BEGIN
-      VALUE "CompanyName",      "The libssh2 library, http://www.libssh2.org/\0"
+      VALUE "CompanyName",      "The libssh2 library, https://www.libssh2.org/\0"
       VALUE "FileDescription",  "libssh2 Shared Library\0"
       VALUE "FileVersion",      LIBSSH2_VERSION "\0"
       VALUE "InternalName",     "libssh2\0"
@@ -34,7 +34,7 @@ BEGIN
       VALUE "ProductName",      "The libssh2 library\0"
       VALUE "ProductVersion",   LIBSSH2_VERSION "\0"
       VALUE "LegalCopyright",   "<22> " LIBSSH2_COPYRIGHT "\0"
-      VALUE "License",          "http://www.libssh2.org/license.html\0"
+      VALUE "License",          "https://www.libssh2.org/license.html\0"
     END
   END
 

win32/test/GNUmakefile

@@ -26,7 +26,7 @@ LINK_STATIC = 1
 # Edit the vars below to change target settings.
 SAMPLES	= $(PROOT)/example
 TARGETS := $(filter-out x11.exe,$(patsubst $(SAMPLES)/%.c,%.exe,$(strip $(wildcard $(SAMPLES)/*.c))))
-WWWURL	= http://www.libssh2.org/
+WWWURL	= https://www.libssh2.org/
 DESCR	= libssh2 $(subst .rc,,$(notdir $@)) $(LIBSSH2_VERSION_STR)
 #STACK	= 64000