Also:
- uppercase `(C)`.
- add missing 'All rights reserved.' lines.
- drop duplicate 'Author' lines.
- add copyright headers where missing.
- enable copyright header check in checksrc.
Reasons for deleting years (copied as-is from curl):
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
Closes#1082
```
In file included from $HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:57:
$HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c: In function 'run_command_varg':
$HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:136:37: warning: array subscript has type 'char' [-Wchar-subscripts]
136 | while(end > 0 && isspace(buf[end - 1])) {
| ~~~^~~~~~~~~
```
Ref: https://github.com/libssh2/libssh2/files/11644340/cygwin-x86_64-libssh2-1.11.0-1-check.log
Reported-by: Brian Inglis
Fixes#1080Closes#1081
`DYN=1` means to build examples/tests against the shared libssh2.
Before this patch this was broken for building tests. This patch skips
building tests that require the static libssh2 library, so the build now
succeeds.
Also move the list of tests that require static lib from
`CMakeLists.txt` to `Makefile.inc`, so that we can reuse it in
`Makefile.mk`.
Couldn't find a way to also reuse it in `Makefile.am`. Move the
`Makefile.am` specific definitions close to the shared list, to make it
easier to keep them synced.
Cherry-picked from #1036
Before this patch, the CMake build did not allow to disable static
libssh2 library while also building tests.
This patch removes this constraint, and makes this combination possible.
In this case the 3 (at the moment) tests that require a static libssh2
library, are skipped from the build and test runs.
Cherry-picked from #1036
Before this patch, this test returned success even when one of its tests
failed. Fix it by returning 1 in case any of the tests fails.
This issue masked a CMake build bug with logging enabled. Subject to an
upcoming patch.
Cherry-picked from #1037
"Unity" (aka "jumbo", aka "amalgamation" builds concatenate source files
before compiling. It has these benefits for example: faster builds,
improved code optimization, cleaner code. Let's support and test this.
- enable unity builds for some existing CI builds to test this build
scenario.
- tune `UNITY_BUILD_BATCH_SIZE` size.
- disable unity build for example and test programs (they use one source
each already).
You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake.
Supported by CMake 3.16 and newer.
Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.htmlCloses#1034
Before this patch libssh2 used a variety of solutions to pass the source
directory to tests: `FIXTURE_WORKDIR` build-time macro (cmake),
`FIXTURE_WORKDIR` envvar (unused), setting `srcdir` manually
(autotools), setting current directory (cmake), and also `builddir`
envvar (autotools) for passing current working dir to `mansyntax.sh`.
This patch reduces this to using existing `srcdir` with autotools and
setting it ourselves in CMake. This was mostly enabled by this recent
patch: 4c9ed51f96
Details:
- cmake: replace baked-in `FIXTURE_WORKDIR` macro with env.
Added in 54bef4c5da#198 (2018-03-21)
- rename `FIXTURE_WORKDIR` to `srcdir`, to match autotools.
- cmake: add missing `srcdir` for algo and sshd tests.
- session_fixture: stop `chdir()`-ing, rely on prefixing with `srcdir`.
Changing current directory should be unnecessary after
4c9ed51f96#801 (2023-02-24),
that prefixes referenced input filenames with the `srcdir` envvar.
The `srcdir` envvar was already exported by autotools, and now we're
also setting it from CMake.
- cmake: stop setting `WORKING_DIRECTORY`, rely on `srcdir` env.
`WORKING_DIRECTORY` is no longer necessary, after passing `srcdir` to
all tests, so they can find our source tree and keys/etc in it
regardless of the current directory.
Also this past commit hints that `WORKING_DIRECTORY` wasn't always
working for this purpose as expected:
"tests: Xcode doesn't obey CMake's test working directory"
Ref: 10a5cbf945
- autotools: delete explicit `srcdir` for test env.
Added in 13f8addd1b (2015-07-02)
automake documents `srcdir` as exported to the test environment:
c04c4e8856/doc/automake.texi (L9302-L9304)https://www.gnu.org/software/automake/manual/html_node/Scripts_002dbased-Testsuites.html
It's mentioned in the docs back in 1997 and got a regression test in
2012. We can safely assume it to be available without setting it
ourselves.
- autotools: delete explicit `builddir`.
Added in 13f8addd1b (2015-07-02)
It seems this wasn't necessary to make the above fix work, and
`mansyntax.sh` is able to figure out the build workdir by reading
`$PWD`. Our out-of-tree and `make distcheck` CI builds also work
without it.
Let us know if there is a scenario we're missing and needs this.
Closes#1032
Merge the loop executing multiple tests and the script that actually
launches the tests into a single script. This same script is now called
from both autotools and CMake. autotools loads the list of tests from
`Makefile.inc`, CMake passes it via the command-line. It's also possible
to call the script manually with a custom list of tests or individual
ones.
With this setup we're now launching a single sshd session for all tests,
instead of launching and killing it for each test. This did not improve
reliability of these test on CI machines, and it's easy to go back to
the previous behaviour if necessary.
Also:
- allow passing custom sshd options via `SSHD_FLAGS`.
- add `SSHD_TESTS_LIMIT_TO` to limit the number of tests to its value.
E.g. `SSHD_TESTS_LIMIT_TO=1` executes the first test only. Meant for
debugging.
- use `ssh` to test the connection (if available) instead of fixed
amount of wait. Made to also work on Windows.
- set `PermitRootLogin yes` in `sshd`, to allow running tests as root.
- show `sshd` path and version.
Cherry-picked from #1017 (the last one)
Closes#1024
Instead of using hacks inside the build systems.
`SSHD` variable added to GitHub Actions is not currently used.
Added there to make it easy to experiment with these tests and
the path is non-trivial to discover. Using the Windows built-in
sshd server is another option (haven't discovered its path yet).
Cherry-picked from #1017
autotools:
- `--disable-docker-tests`
- `--disable-sshd-tests`
cmake:
- `RUN_DOCKER_TESTS`
- `RUN_SSHD_TESTS`
Update automake and ci to use this new flag and delete former logic
of relying on Windows detection and `HOST_WINDOWS`. Also fix honoring
this when running `test_read_algos.test`.
This allows to disable these individually and on per-CI/local-job basis.
To run as much tests as the env allows.
Cherry-picked from #1017
Instead of assembling the list using `$(wildcard ...)`.
Also split off a `tests/Makefile.inc` from `tests/Makefile.am`. With its
simpler syntax, this also allows to delete some complexity from the
CMake loader.
Cherry-picked from #1017
Before this patch ssh2 and test_ssh2 returned success even if the session
failed at `libssh2_session_handshake()` or after.
This patch depends on cda41f7cb8, that fixed
running test_ssh2 on Windows via sshd_fixture.
Cherry-picked from #1017
Re-sync with autotools and v1.10.0 behavior.
This improves build times. It also allows to stop building our special
shared test target to test shared builds.
Follow-up to 4e2580628d
Cherry-picked from #1017Closes#1022
Twice. This tests are flaky and we haven't figured out why. In the
meantime use this workaround to test and log these issues, but also
ensure that CI run aren't flagged red because of it.
Also:
- kex: add debug message when hostkey `sig_verify` fails,
to help tracking WinCNG KEX failures.
- test_ssh2: also add retry logic.
I'm not quite sure this is correct. Please let me know.
- session_fixture: bump up `src_path` slots to fit retries and show
message when hitting the limit.
- session_fixture: clear `kbd_password` static variable after use.
- session_fixture: close and deinit socket after use.
- session_fixture: deinit libssh2 after use.
Ref: #804#846#979#1012#1015
Cherry-picked from #1017Closes#1023
Make sure these files get LF newlines on checkout. Before this patch
a checked out libssh2 Git repository may have used CRLF newlines in text
files, include test keys. Private keys with CRLF newlines could confuse
sshd on Windows:
```
# sshd version: 'OpenSSH_9.2, OpenSSL 1.1.1t 7 Feb 2023'
Unable to load host key "/d/a/libssh2/libssh2/tests/openssh_server/ssh_host_ed25519_key": invalid format
Unable to load host key: /d/a/libssh2/libssh2/tests/openssh_server/ssh_host_ed25519_key
```
Ref: https://github.com/libssh2/libssh2/actions/runs/4846188677/jobs/8635575847#step:6:39
Cherry-picked from #1017
Add macOS CI jobs, both cmake and autotools for all supported crypto
backends (except BoringSSL), with debug, zlib enabled. Without running
tests. It also introduces OpenSSL 1.1 into the CI with a non-MSVC
compiler.
Credits to curl's `macos.yml`, that I used as a base.
Fix these issues uncovered by the new tests:
- openssl: fix warning when built with wolfSSL, or OpenSSL 1.1 and
earlier. CI missed it because apparently the only OpenSSL 1.1 test
we had used MSVC, which did not complain.
```
../src/openssl.c:3852:19: error: variable 'sslError' set but not used [-Werror,-Wunused-but-set-variable]
unsigned long sslError;
^
```
Regression from 097c8f0dae
- pem: add hack to build without MD5 crypto-backend support.
The Homebrew wolfSSL build comes with MD5 support disabled. We can
expect this becoming the norm. FIPS also requires MD5 disabled.
We deleted the same hack from `hostkey.c` a month ago:
ad6aae302a
A better fix would be to guard the MD5 logic with our `LIBSSH2_MD5`
macro.
```
pem.c:214:32: error: use of undeclared identifier 'MD5_DIGEST_LENGTH'; did you mean 'SHA_DIGEST_LENGTH'?
unsigned char secret[2*MD5_DIGEST_LENGTH];
^~~~~~~~~~~~~~~~~
SHA_DIGEST_LENGTH
```
Regression from 386e012292
- `configure.ac`: add crypto libs late.
Fix it by adding crypto libs to `LIBS` at the end of the configuration
process.
Otherwise `configure` links crypto libs while doing feature tests,
which can cause unwanted detections. For example LibreSSL publishes
the function `explicit_bzero()`, which masks the system alternative,
e.g. `memset_s()` on macOS. Then when trying to compile libssh2, its
declaration is missing:
```
bcrypt_pbkdf.c:93:5: error: implicit declaration of function 'explicit_bzero' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
_libssh2_explicit_zero(ciphertext, sizeof(ciphertext));
^
../src/misc.h:50:43: note: expanded from macro '_libssh2_explicit_zero'
^
```
Regression from 4f0f4bff5a
- cmake: fix to list our own include directory before the crypto libs',
when building tests.
Otherwise a global crypto header path, such as `/usr/local/include`,
containing an external `libssh2.h` of a different version, could cause
weird errors:
```
cc -DHAVE_CONFIG_H -DLIBSSH2_LIBGCRYPT \
-I../src -I../../src -I/usr/local/include -I[...]/libssh2/include \
-g -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX13.1.sdk \
-mmacosx-version-min=12.6 -MD -MT \
tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o \
-MF CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o.d \
-o CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o -c \
[...]/libssh2/tests/test_aa_warmup.c
```
```
[ 62%] Building C object tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o
In file included from /Users/runner/work/libssh2/libssh2/tests/test_aa_warmup.c:4:
In file included from /Users/runner/work/libssh2/libssh2/tests/runner.h:42:
In file included from /Users/runner/work/libssh2/libssh2/tests/session_fixture.h:43:
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:5: error: type name requires a specifier or qualifier
LIBSSH2_AUTHAGENT_FUNC((*authagent));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:30: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_AUTHAGENT_FUNC((*authagent));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:5: error: type name requires a specifier or qualifier
LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:5: error: type name requires a specifier or qualifier
LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback));
^
6 errors generated.
```
- `tests/session_fixture.h`: delete duplicate `libssh2.h`,
`libssh2_priv.h` already includes it.
Follow-up to a683133dfe
CI logs with these errors:
https://github.com/libssh2/libssh2/actions/runs/4824079094https://github.com/libssh2/libssh2/actions/runs/4824270819
curl's `macos.yml`: da2470de96/.github/workflows/macos.yml
Tidying-up while here:
- tests/session_fixture.h: delete duplicate `libssh2.h`.
`libssh2_priv.h` includes it already.
Follow-up to a683133dfe
- ci.yml: yamllint warnings and formatting.
- ci.yml: msvc section formatting and step-naming sync with macOS.
Follow-up to f4a4c05dc3
- ci.yml: enable `--enable-werror` for msys2 jobs.
Follow-up to 71cae949d5
- appveyor.yml: show OpenSSL versions, link to image content.
Closes#1013
- drop unused or duplicate C headers.
- add missing ones (that worked by chance).
(`string.h`, `stdlib.h`)
- mention the functions that need certain headers.
- move some headers from crypto header to crypto C source.
- reorder headers in some places.
- simplify the #if tree for `sys/select.h` in `libssh2_priv.h`.
- move scp-specific macros next to their header to `scp.c`
Follow-up to 5db836b2a8Closes#999
- add MSVC jobs to GitHub Actions. They are similar to the 'Build-only'
jobs we have on AppVeyor CI, though only the ARM64 Windows one is
identical. Major disadvantage is that we don't run tests here. Major
advantage is they only take a few minutes to complete, compared to
an hour on AppVeyor, so WinCNG build results now appear quicker.
Docker tests might be possible, but my light attempts failed.
Finding ZLIB also failed, so we still miss an MSVC test with it.
Tool versions as of now: Server 2022, VS2022, OpenSSL 1.1.1
- add UWP builds for both ARM64 and x64. This hasn't been CI tested
before.
(We could probably enable UWP on AppVeyor CI as well.
I haven't tried.)
- fix two uncovered UWP issues in tests.
- rename internal macro `LIBSSH2_WINDOWS_APP` to `LIBSSH2_WINDOWS_UWP`.
Follow-up to 2addafb77b
- fold long lines and quote truthy values in `.github/workflows/ci.yml`.
Closes#1010
If no `FIXTURE_WORKDIR` macro or envvar is present to set the cwd,
avoid querying the cwd and then calling chdir with the result.
Ref: 54bef4c5da (patch)
Ref: 10a5cbf945 (individual commit)
Closes#1009
- add #included C files to `EXTRA_DIST`.
Regression from 4f0f4bff5a
- fix `tests/sshd_fixture.sh` to not write into the test dir, by using
a pre-assembled `TrustedUserCAKeys` file. Update `Dockerfile` too to
use this.
Regression from a459a25302
Also update `tests/sshd_fixture.sh` to use
`openssh_server/authorized_keys` like `Dockerfile` does. And a few more
cosmetic updates.
Closes#1006
TL;DR: Sync test builds between autotools and CMake. Sync sshd
configuration between Docker and non-Docker fixtures. Bump up
sshd_config for recent OpenSSH releases.
This also opens up the path to have non-Docker tests that use a
local sshd process. Though sshd is practically unusable on Windows
CI machines out of the box, so this will need further efforts.
Details:
- cmake: run sshd fixture test just like autotool did already.
- sync tests and their order between autotools and CMake.
It makes `test_aa_warmup` the first test with both.
- cmake: load test lists from `Makefile.am`.
Needed to update the loader to throw away certain lines to keep the
converted output conform CMake syntax. Using regexp might be an
alternative way of doing this, but couldn't make it work.
- cmake: use the official way to configure test environment variables.
Switch to syntax that's extendable.
- cmake: allow to run the same test both under Docker and sshd fixture.
Useful for testing the sshd fixture runner, or how the same test
behaves in each fixture.
- update test fixture to read the username from `USER` envvar instead of
using the Dockfile-specific hardwired one, when running outside Docker.
- rework `ssh2.sh` into `sshd_fixture.sh`, to:
- allow running any tests (not just `test_ssh2`).
- configure Docker tests for running outside Docker.
- fixup `SSHD` path when running on Windows (e.g. in AppVeyor CI).
Fixes: `sshd re-exec requires execution with an absolute path`
- allow overriding `PUBKEY` and `PRIVKEY` envvars.
- allow overriding `ssh_config` via `SSHD_FIXTURE_CONFIG`.
- prepare support for running multiple tests via sshd_fixture.
Add a TAP runner for autotools and extend CMake logic. The TAP runner
loads the test list from `Makefile.am`.
Notice however that on Windows, `sshd_fixture.sh` is very flaky with
GitHub Actions. And consistently broken for subsequent tests in
AppVeyor CI:
'libssh2_session_handshake failed (-43): Failed getting banner'
Another way to try is a single sshd instance serving all tests.
For CMake this would probably mean using an external script.
- ed25519 test keys were identical for auth and host. Regenerate the
auth keypair to make them distinct.
- sync the sshd environment between Docker and sshd_fixture.
- use common via `openssh_server/sshd_config`.
- accept same auth keys.
- offer the same host keys.
- sync TrustedUserCAKeys.
- delete now unused keypairs: `etc/host*`, `etc/user*`.
- bump up startup delay for Windows (randomly, to 5 secs, from 3).
- delete `UsePrivilegeSeparation no` to avoid deprecation warnings.
`command-line line 0: Deprecated option UsePrivilegeSeparation`
- delete `Protocol 2` to avoid deprecation warnings.
It has been the default since OpenSSH 3.0 (2001-11-06).
- delete `StrictModes no` (CI tests work without it, Docker tests
never used it).
- bump `Dockerfile` base image to `testing-slim` (from `bullseye-slim`).
It needed `sshd_config` updates to keep things working with
OpenSSH 9.2 (compared to bullseye's 8.4).
- replace `ChallengeResponseAuthentication` alias with
`KbdInteractiveAuthentication`.
The former is no longer present in default `sshd_config` since
OpenSSH 8.7 (2021-08-20). This broke the `Dockerfile` script.
The new name is documented since OpenSSH 4.9 (2008-03-31)
- add `PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss,ssh-rsa-cert-v01@openssh.com`
and `HostKeyAlgorithms +ssh-rsa`.
Original-patch-by: Eric van Gyzen (@vangyzen on github)
Fixes#691
There is a new name for `PubkeyAcceptedKeyTypes`:
`PubkeyAcceptedAlgorithms`.
It requires OpenSSH 8.5 (2021-03-03) and breaks some envs so we're
not using it just yet.
- drop `rijndael-cbc@lysator.liu.se` tests and references from config.
This is a draft alias for `aes256-cbc`. No need to test it twice.
Also this alias is no longer recognized by OpenSSH 8.5 (2021-03-03).
- update `mansyntax.sh` and `sshd_fixture.sh` to not rely on `srcdir`.
Hopefully this works with out-of-tree builds.
- fix `test_read_algos.test` to honor CRLF EOLs in their inputs
(necessary when running on Windows.)
- fix `test_read_algos.test` to honor `EXEEXT`. Might be useful when
running tests under cross-builds?
- `test_ssh2.c`:
- use libssh2 API to set blocking mode. This makes it support all
platforms.
- adapt socket open timeout logic from `openssh_fixture.c`.
Sadly this did not help fix flakiness on GHA Windows.
- tests: delete unused C headers and variable initialization.
- delete unused test files: `sshd_fixture.sh.in`, `sshdwrap`,
`etc/sshd_config`.
Ref: cf80f2f4b5
- autotools: delete stray `.c` test sources from `EXTRA_DIST` in tests.
- `tests/.gitignore`: drop two stray tests.
- autotools: fix passing `SSHD` containing space (Windows needs this).
- autotools: sort `EXTRA_DIST` in tests.
- cmake: fix to add `test_ssh2` to `TEST_TARGETS`.
- fix `authorized_key` order in `tests/gen_keys.sh`.
- silence shellcheck warning in `ci/checksrc.sh`.
- set `SSHD` for autotools on GitHub Actions Windows. [skipped]
Auto-detection doesn't work (maybe because sshd is installed via
Git for Windows and we're using MSYS2's shell.)
It enables running sshd fixture (non-Docker) tests in these jobs.
I did not include this in the final patch due to flakiness:
```
Connection to 127.0.0.1:4711 attempt #0 failed: retrying...
Connection to 127.0.0.1:4711 attempt #1 failed: retrying...
Connection to 127.0.0.1:4711 attempt #2 failed: retrying...
Failure establishing SSH session: -43
```
Can be enabled with:
`export SSHD='C:/Program Files/Git/usr/bin/sshd.exe'`
Closes#996
Make the block count customizable in `test_read` via environment
`FIXTURE_XFER_COUNT`.
Set the custom count lower than the default when running on AppVeyor.
The goal is to reduce CI roundtrip times.
Closes#995
We had Windows Server 2012 R2 (8.1) and Windows Server 2019 (10) before
this patch. After, we also have Windows Server 2016 (10).
The WinCNG flakey tests should have a better chance when running on the
newer OS.
This update does not change the compiler mix.
Also change the test fixture to not use the `--quiet` option with the
`docker pull` commant. This option requires docker v19.03, and
AppVeyor's Visual Studio 2017 image doesn't support it. Log output did
not change without `--quiet`, so it seems safe to delete it. In case
we'd need it, another solution is to retry without `--quiet` if the
command fails. docker's exit status is 125 in that case.
Ref: https://github.com/libssh2/libssh2/issues/804#issuecomment-1515232799
Ref: https://www.appveyor.com/docs/windows-images-software/Closes#994
Keep a single list for mac and crypt algos that we use in both CMake
and autotools. Use the same test names across build tools.
Use the TAP protocol to track individual tests run from a single shell
script.
Also:
- enable the rest of our tests with autotools.
- set `make check` verbose to see errors in case they happen.
- silence stray 'command not found' error when running `mansyntax.sh`
on Windows.
GitHub Actions Windows docker tests disabled due to:
```
Command: docker build --quiet -t libssh2/openssh_server ../tests/openssh_server
Error running command 'docker build --quiet -t libssh2/openssh_server ../tests/openssh_server' (exit 1): Sending build context to Docker daemon 22.02kB
Step 1/42 : FROM debian:bullseye-slim
bullseye-slim: Pulling from library/debian
no matching manifest for windows/amd64 10.0.20348 in the manifest list entries
Failed to build docker image
```
Closes#993
Support for calculating MAC (message authentication code) on encrypted
data instead of plain text data.
This adds support for the following MACs:
- `hmac-sha1-etm@openssh.com`
- `hmac-sha2-256-etm@openssh.com`
- `hmac-sha2-512-etm@openssh.com`
Integration-patches-by: Viktor Szakats
* rebase on master
* fix checksec warnings
* fix compiler warning
* fix indent/whitespace/eol
* rebase/manual merge onto AES-GCM patch #797
* more manual merge of `libssh2_transport_send()` based
on dfandrich/shellfish
Fixes#582Closes#655Closes#987
Add new guard `LIBSSH2_RSA_SHA1`. Add missing guards for `LIBSSH2_RSA`,
`LIBSSH2_DSA`.
Fix warnings when all options are disabled.
This is still not complete and it's possible to break a build with
certain crypto backends (e.g. mbedTLS) and/or combination of options.
It's not guaranteed that all bits everywhere get disabled by these
settings. Consider this a "best effort".
Add these new options to disable certain crypto elements:
- `LIBSSH2_NO_3DES`
- `LIBSSH2_NO_AES_CTR`
- `LIBSSH2_NO_BLOWFISH`
- `LIBSSH2_NO_CAST`
- `LIBSSH2_NO_ECDSA`
- `LIBSSH2_NO_RC4`
- `LIBSSH2_NO_RSA_SHA1`
- `LIBSSH2_NO_RSA`
The goal is to offer a way to disable legacy/obsolete/insecure ones.
See also: 146a25a06d `LIBSSH2_NO_HMAC_RIPEMD`
See also: 38015f4e46 `LIBSSH2_NO_DSA`
See also: be31457f30 `LIBSSH2_NO_MD5`
Closes#986
Works like the `FIXTURE_TRACE_ALL` envvar, but enables full trace for
the connection phase only.
Also fix a possible NULL deref with `FIXTURE_TRACE_ALL` and a failed
`libssh2_session_init_ex()`.
Tested in #979
- fix indentation errors.
- reformat `cmake/FindmbedTLS.cmake`
- replace a macro with a variable in `example/sftp_RW_nonblock.c`.
- delete macOS macro `_DARWIN_USE_64_BIT_INODE` from the
OS/400 config header, `os400/libssh2_config.h`.
- fix other minor nits.
Closes#983
- use `gman` alias if present. This makes it work when the correct `man`
command is provided via `brew` on macOS.
- move CMake attempts to detect tools necessary to run `mansyntax.sh`
into the script itself.
- delete CMake TODO to move more test logic into CMake. This would make
it CMake-specific and require maintaining it separately for each build
tool. Just use our external script when a POSIX shell is available.
Closes#982
Move `libssh2_config.h` generation and setting `-DHAVE_CONFIG_H` to
the root `CMakeFile.txt`.
Also move symbol hiding setup there. It needs to be done before
generating the config file for `LIBSSH2_API` value to be set in it.
After this change the `HIDE_SYMBOLS` setting is accepted without an
annoying CMake warning when not actually building a shared libssh2 lib.
Closes#981
Make the public `libssh2_base64_decode()` a wrapper for that.
Bump up length sizes in callers.
Also fix output size calculation to first divide then multiply.
Closes#978
- rename tests to have more succint names and a more useful natural
order.
- rename `simple` and `ssh2` in tests to have the `test_` prefix.
This avoids a name collisions with `ssh2` in examples.
- cmake: drop the `example-` prefix for generated examples.
Bringing their names in sync with other build tools, like autotools.
- move common auth test code into the fixture and simplify tests by
using that.
- move feature guards from CMake to preprocessor for auth tests.
Now it works with all build tools and it's easier to keep it in sync
with the lib itself.
For this we need to include `libssh2_priv.h` in tests, which in turn
needs tweaking on the trick we use to suppress extra MSVS warnings
when building tests and examples.
- move mbedTLS blocklist for crypto tests from CMake to the test
fixture.
- add ed25519 hostkey tests to `test_hostkey` and `test_hostkey_hash`.
- add shell script to regenerate all test keys used for our tests.
- alpha-sort tests.
- rename `signed_*` keys to begin with `key` like the rest of the keys
do.
- whitespace fixes.
Closes#969
