Tidy up the way we handle options not to be passed to feature checks,
and make sure to show them in the configure log.
Also:
- drop redundant and obsolete compiler check.
- drop redundant parenthesis.
Closes#1576
- replace `CMAKE_C_FLAGS*` and `CMAKE_CXX_FLAGS` with `COMPILE_OPTIONS`.
- replace `CMAKE_SHARED_LINKER_FLAGS_DEBUG` with
`LINK_OPTIONS`/`LINK_FLAGS`.
- make it explicit to pass these C flags to feature checks.
- enable `-pedantic-errors` picky option for GCC with CMake <3.23.
- drop redundant condition when stripping existing MSVC `/Wn` options.
CMake passes `CMAKE_C_FLAGS` to targets, feature checks and raw
`try_compile()` calls. With `COMPILE_OPTIONS`, this is limited to
targets, and we must explicitly pass them to feature checks. This
makes the build logic clearer, and offers more control. It also
reduces log noise by omitting these options from linker commands,
and from `CMAKE_C_FLAGS` dumps in feature checks.
Closes#1575
- drop `VERSION` target property for cmake <3.19 compatibility
```
CMake Error at CMake/Find*.cmake:90 (set_target_properties):
INTERFACE_LIBRARY targets may only have whitelisted properties.
The property "VERSION" is not allowed.
```
- move custom target property to the `INTERFACE_` namespace
for cmake <3.19 compatibility. (To avoid same error as above)
- fix forwarding multiple `CFLAGS`, when detected via `pkg-config`.
- restore support for `-framework` and raw libs when processing
the internal lib list for generating `libssh2.pc`. For good measure,
at the moment libssh2 doesn't depend on a Framework.
- limit `libssh2_dumptargetprops()` to cmake 3.19+. It doesn't work with
older versions.
Issues found while applying this change to curl. They did not surface in
libssh2 CI.
Follow-up to df0563a857#1535Closes#1571
- kex: drop unused assigment.
- knownhost: error when salt is NULL.
- mbedtls: avoid unnecessary inline assigments, that were ignored for
the second block and replaceable with a `ret = 0` initialization for
the first one.
- mbedtls: fix ignoring an API failure and ending up calling
`mbedtls_rsa_check_privkey()` unconditionally.
- misc: initialize datalen on error in `_libssh2_base64_decode()`.
- openssl: drop unused assigments.
- openssl: fix unused static function.
- packet: avoid NULL deref.
- packet: avoid NULL in `memcpy` src.
- publickey: optimize struct layout to avoid padding.
- sftp: replace ignored `rc` error assigment with `_libssh2_error()` call.
- transport: fix potential NULL ptr dereferences.
- transport: silence uninitialized value warnings.
- userauth: drop unused assigment.
- userauth: possible use of unitialized pointer.
- userauth: replace `rewind()` with `fseek()`.
`rewind()` returns an error condition in `errno`. `errno` is
problematic and reduces portability. Use `fseek()` to avoid it.
- userauth: replace potential NULL deref by returning error from
`sign_frommemory()`. Possible false positive. `rc` should be set
upstream if the callback is NULL.
- userauth: replace potential NULL deref by returning error from
`sign_fromfile()`. clang-tidy did not warn about this one, but
let's match `sign_frommemory()` anyway.
- wincng: fix potentially unused macros.
- wincng: make sure bignum is not NULL before use.
tests:
- openssh_fixture: drop unused assignment.
- session_fixture: exit if `username` not set, to avoid `strlen(NULL)`.
- session_fixture: replace `rewind()` with `fseek()`.
`rewind()` returns an error condition in `errno`. `errno` is
problematic and reduces portability. Use `fseek()` to avoid it.
- test_read: exit if `username` not set, to avoid `strlen(NULL)`.
examples:
- scp_write_nonblock: fix file handle leak.
- sftp_write_nonblock: file handle leak on error.
- sftp_write_sliding: file handle leak on error.
- ssh2_agent_forwarding: fix unused error codes.
Details in the subcommits under the PR.
Thanks-to: Michael Buckley
Thanks-to: Will Cosgrove
Closes#1561
Instead build all crypto backend sources always, and exclude inactive
ones with guards.
To play better with code checkers and compilers that are blind to
included C sources, e.g. clang with certain compiler warnings and
clang-tidy.
We continue to include `blowfish.c`.
Follow-up to 4f0f4bff5a#941
Cherry-picked from #1561
To play better with code checkers and compilers that are blind to
included C sources, e.g. clang with certain compiler warnings and
clang-tidy.
Follow-up to 4f0f4bff5a#941
Cherry-picked from #1561
To run test program via `wine`:
```shell
export LIBSSH2_TEST_EXE_RUNNER=wine
```
It prefixes commands with the specified runner. For systems where this
isn't automatic or supported, e.g. macOS.
Closes#1562
Notes:
* Bug fix for gen_publickey_from_rsa
Increment buffer write pointer after writing modulus and after writing exponent.
Add 1 to modulus(bignum) size.
Credit:
skuodi
- move dependency properties (libs, libdirs, C flags, header dirs,
pkg-config module names) from global lists to imported target
`INTERFACE` properties. Rework FInd modules to return their results
like this and update the libssh2 build process to use it. It makes
Find modules re-usable from the cmake-config script by libssh2
consumers, to integrate with libssh2 dependencies.
- define libssh2 dependencies as "imported targets" by the name:
`libssh2::<depname>`, e.g. `libssh2::libgcrypt`.
- cmake-config: add fall-back logic for CMake without
CMP0099 (v3.17 2020-03-20) to set lib directories.
- generate `libssh2.pc` based on imported target properties (instead of
global lists).
- add target property dump debug function.
- ci/GHA: also test cmake integration on macOS.
Follow-up to 96d7f404e7#1534Closes#1535
* Adds AWS-LC (cmake, gcc, amd64) to the GitHub CI tests.
* Adds note on how to build w/ BoringSSL or AWS-LC in `INSTALL_CMAKE.md`
AWS-LC recently added CI integration tests for Libssh2 to the AWS-LC
GitHub repo to ensure that we maintain our compatibility with libssh2:
https://github.com/aws/aws-lc/pull/2222
I've verified this change by running the CI job on my fork, which
completed successfully:
https://github.com/justsmth/libssh2/actions/runs/13547314774/job/37862097664Closes#1557
Notes:
PR Description:
Bug Type: Segv on unknown address
Summary: A vulnerability was discovered in the libssh2 program where an invalid memory access occurred due to dereferencing a NULL pointer. The issue was identified in the diffie_hellman_sha_algo function within kex.c.
Fix Summary: The patch resolves the issue by introducing a NULL pointer check for session->hostkey before dereferencing it. If the pointer is NULL, a corresponding error is returned, and the function exits gracefully. This fix ensures the program does not attempt to access invalid memory. The patch improves the security and stability of the program by preventing segmentation faults caused by invalid memory access.
Make sure to allocate enough space for malformed base64 encoded data. Changed signed size values to unsigned to match input so we can't possibly truncate input.
Credit:
Stanislav Osipov
- drop adding redundant ZLIB manual include headers.
It's done now via `ZLIB::ZLIB`.
Follow-up to 96d7f404e7#1534
- src: replace missed `ZLIB_LIBRARIES` with `ZLIB::ZLIB`.
Follow-up to 96d7f404e7#1534
- src: drop always true `ZLIB_FOUND` check.
Cherry-picked from #1535
CMake:
- Find*: set `<modulename>_FOUND` for compatibility when found via
`pkg-config`. E.g. `MbedTLS_FOUND`.
`find_package_handle_standard_args()` sets both `<MODULENAME>_FOUND`
and `<Modulename>_FOUND` when detecting the dependency. Some CMake
code relies on this and 3rd-party code may rely on it too. Make sure
to set the latter variant when detecting the dependency via
`pkg-config`, where we don't call
`find_package_handle_standard_args()`.
CMake sets these variable to `TRUE` (not `ON` or `1`). Replicate this
for compatibility.
- libssh2-config.cmake: inherit default `LIBSSH2_USE_PKGCONFIG`.
Follow-up to a3aa6b4ca8#1525
- document variables consumed by `libssh2-config.cmake.in`.
- `libssh2-config.cmake`: fix to link to non-OpenSSL crypto backends.
This is most likely not how this is supposed to be done, but better
than failing.
What's the canonical way to do this, and how OpenSSL and zlib does it
is yet to be figured out.
- use `ZLIB::ZLIB` to reference zlib.
- use `IN ITEMS` where missed.
- harmonize variable dump output formats.
CMake `find_package` integration tests:
- extend to all crypto backends (was: OpenSSL).
- show libssh2 variables set by `find_package()`.
- stop building examples and tests for the consumed package.
For performance.
- enable zlib, for coverage.
- be verbose when building the test targets.
ci/GHA:
- add packaged mbedTLS (2.x) build to Linux matrix.
- alphasort some tests.
Follow-up to d9c2e550ca#1460
Follow-up to 82b09f9b3a#1322Closes#1534
- ci/appveyor: add clang-cl job.
- ci/appvayor: optimize setting an env.
- build: fix clang-cl builds.
- build: fix `-Wcast-function-type` compiler warnings for OpenSSL 3.
- build: use `stdint.h` with MSVC when supported.
- src: use `PRId64` for MSVC where supported.
- src: avoid recursive macro definition for `recv()` and `send()`.
- session: silence `-Wcast-function-type` for `libssh2_session_callback_set2()`.
Sadly this function is still not fully warning-clean, and it
seems we'd need separate setter-getters for each callback
to avoid all warnings.
Closes#1484
Also replace manual `-fPIC` C flag with
`-DCMAKE_POSITION_INDEPENDENT_CODE=ON`. It makes it pass it to C++,
which is necessary for BoringSSL after this bump.
Fixes:
```
/usr/bin/ld: /home/runner/usr/lib/libcrypto.a(crypto.cc.o): warning: relocation against `stderr@@GLIBC_2.2.5' in read-only section `.text'
/usr/bin/ld: /home/runner/usr/lib/libcrypto.a(urandom.cc.o): relocation R_X86_64_PC32 against symbol `stderr@@GLIBC_2.2.5' can not be used when making a shared object; recompile with -fPIC
/usr/bin/ld: final link failed: bad value
```
https://github.com/libssh2/libssh2/actions/runs/13065421829/job/36456862458#step:27:23Closes#1530
