- replace `OPENSSLINC` and `OPENSSLLIB` with `OPENSSL_PATH`.
Assume `include` and `lib` subdirs for headers and libs.
- replace `WITH_ZLIB`, `ZLIBINC` and `ZLIBLIB` with `ZLIB_PATH`.
Assume `include` and `lib` subdirs for header and lib.
- make WinCNG the default if `WITH_OPENSSL` is not set.
With 20-ish extra lines, make this Makefile support all GCC-like
toolchains.
The temporary directory becomes `<triplet>-{release|debug}` from
the former `{release|debug}`.
Also change the lib directory name in the `dist` package from
`win32` to `lib`, to match other packages and build tools.
It was used once in `src/libssh2_priv.h`, but without any effect.
The header included `ws2tcpip.h` twice, once guarded by
`HAVE_WS2TCPIP_H` and another time by `HAVE_WINSOCK2_H`.
Dedupe these to not use `HAVE_WS2TCPIP_H`. Then delete detection
of this feature from all build methods.
TODO: Replace `HAVE_WINSOCK2_H` with `_WIN32`/`WIN32`.
- enable `HAVE_LONGLONG` for MinGW and MSVC versions supporting it.
Necessary for `GNUmakefile`/`NMakefile` builds to create the same
binaries as CMake/autotools ones do.
- enable `HAVE_STDLIB_H`. It has been universally available on
Windows for a long time.
Fixes these clang-cl warnings:
```
src\wincng.c(444,5) : warning: implicit declaration of function 'free' is invalid in C99 [-Wimplicit-function-declaration]
free(buf);
^
src\wincng.c(491,20) : warning: implicitly declaring library function 'malloc' with type 'void *(unsigned long long)' [-Wimplicit-function-declaration]
pbHashObject = malloc(dwHashObject);
^
src\wincng.c(491,20) : note: include the header <stdlib.h> or explicitly provide a declaration for 'malloc'
src\wincng.c(2106,14) : warning: implicitly declaring library function 'realloc' with type 'void *(void *, unsigned long long)' [-Wimplicit-function-declaration]
bignum = realloc(bn->bignum, length);
^
src\wincng.c(2106,14) : note: include the header <stdlib.h> or explicitly provide a declaration for 'realloc'
3 warnings generated.
```
Whether to build the `x11` example or not was decided by each build
tool. CMake didn't build it even on supported platforms. GNUMakefile
used a specific blocklist for it, while autotools enabled it based on
feature-detection.
Migrate the enabler logic to an #ifdef in source and build `x11`
unconditionally with all build tools.
On unsupported platforms (=Windows) this program now displays a short
message stating that fact.
Also:
- fix `x11.c` warnings uncovered after CMake started building it.
- use `libssh2_socket_t` type for portability in `x11.c` too.
- use detected header guards in `x11.c`.
- delete a duplicate reference to `-lws2_32` from `win32/GNUmakefile`
while there.
Closes#909
Before this patch CMake did feature detections in three files:
`src/CMakefiles.txt`, `examples/CMakefiles.txt` and
`tests/CMakefiles.txt`.
Merge and move them to the root `CMakefiles.txt`.
After this patch we end up with a single `src/libssh2_config.h`. This
brings CMake in sync with autotools builds, which already worked with
a single config header.
This also prevents mistakes where feature detection went out of sync
between `src` & `tests` (see ae90a35d15).
`tests` do compile sources from `src` directly, so these should always
be in sync.
It also allows to better integrate hand-crafted, platform-specific
config headers into the builds, like the one currently residing in
the `win32` directory (and also in `vms` and `os400`). Subject to an
upcoming PR.
Also fix a warning revealed after this patch made CMake correctly
enable `HAVE_GETTIMEOFDAY` for `example` programs.
Closes#906
Before this patch CMake did crypto-backend detection in both
`src/CMakefiles.txt` and `tests/CMakefiles.txt`.
Merge them and move it to the root `CMakefiles.txt`.
While here, also add zlib for OpenSSL. Necessary when using OpenSSL
builds with zlib enabled.
Closes#905
Also:
- allow to override `AR` and `ARFLAGS`.
- The extra `src` subdir in the target directory is no longer, to
simplify things.
- gone the dynamically generated `objects.mk`. Now replaced with some
tricky logic to do that inline.
- add necessary `LIBS` for WinCNG. (untested)
Lightly tested via clang-cl.
- fix shellcheck warnings:
- use quotes
- use `$()`
- use `printf` (instead of calling perl).
- indent.
- copy/adapt header comment from curl to `maketgz`.
This results in better job names (now including CPU), avoiding the
complex exception rules, and fine-tuning the order and variation of
these tests.
Enable `LIBSSH2DEBUG` for two of the existing jobs.
- add MSVS 2022 WinCNG builds for x64 and ARM64,
replacing MSVS 2013 WinCNG builds for x64 and x86.
- add MSVS 2022 OpenSSL builds for x64.
- fix a compiler warning uncovered by the new ARM64 build:
```
tests\openssh_fixture.c(393,17): warning C4477: 'fprintf' : format string '%d' requires an argument of type 'int', but variadic argument 1 has type 'libssh2_socket_t'
tests\openssh_fixture.c(393,17): message : consider using '%lld' in the format string
tests\openssh_fixture.c(393,17): message : consider using '%Id' in the format string
tests\openssh_fixture.c(393,17): message : consider using '%I64d' in the format string
```
- echo the actual CMake command-line.
- cmake: echo the DLL filenames found by the OpenSSL DLL-finder
heuristics.
- cmake: delete `libcrypto.dll` and `libssl.dll` names from the above
logic.
I've added these in 19884e5055. That
resulted in CMake picking up a rogue `libcrypto.dll` (with no
`libssl.dll` pair) from `C:\Windows\System32\` on the
`Visual Studio 2022` image, breaking tests.
Turns out, OpenSSL v1.0.2 uses the "EAY" names, but let's not re-add
those either, because CMake mis-picks those up from
`C:/OpenSSL-Win64/bin/`, even while pointing `OPENSSL_ROOT_DIR` to a
v1.1.1 installation.
- cmake: set `NO_DEFAULT_PATH` for OpenSSL DLL lookup to avoid picking
up all kinds of wrong DLLs. CMake considers not the first, but the
_last_ hit the valid one. This happened to be
`C:/Program Files/Meson/lib*-1_1.dll` when using the
`Visual Studio 2022` image.
Ref: https://cmake.org/cmake/help/latest/command/find_file.html
- cmake: leave two commented debug lines that will be useful next time
the DLL detection lookup goes wrong.
Ref: https://cmake.org/cmake/help/latest/variable/CMAKE_FIND_DEBUG_MODE.html
- on error, also dump `CMakeFiles/CMakeConfigureLog.yaml` if it exists
(requires CMake 3.26 and newer)
Make our CMake config more self-documenting by introducing variables
for the shared and static lib target names. Without this, it might be
non-trivial to find out which line is referring to a target name vs
libname, export name or other occurrences of `libssh2`.
This allows to rename back the shared lib target name to the value used
before 4e2580628d:
`libssh2_shared` -> `libssh2`, if necessary for compatibility. Notice:
before that patch, `libssh2` name referred to either the static or
shared lib, depending on build settings.
Update from:
5fec927374/scripts/checksrc.pl
- suppress these new checks:
- EQUALSNULL: 320 warnings
- NOTEQUALSZERO: 142 warnings
- TYPEDEFSTRUCT: 16 warnings
We can enabled them in the future.
- fix all other new ones.
- also fix whitespace in two `NMakefile` files.
`--parallel 2` did not seem to make builds faster. Neither did 4 or 6.
Delete this option from both GHA and AppVeyor jobs.
On AppVeyor, with VS, it uses MSBuild under the hood where apparently
`--parallel` doesn't do much [1]. The suggested MSBuild-specific option
`/p:CL_MPcount=2` did not improve build times either.
CMake spends significant time (comparable to building the project
itself) on feature detection, it'd be nice to execute those in parallel,
but I found not such CMake option.
[1] https://discourse.cmake.org/t/parallel-does-not-really-enable-parallel-compiles-with-msbuild/964
Partial revert of 7a039d9a7a
Null-cipher and null-MAC are security footguns we want to avoid.
Existing option names to toggle these were ambiguous and gave room for
misinterpretation. Some projects may have had these options enabled by
accident.
This patch aims to make it more difficult to enable them, and making
sure that existing methods require an update to stay enabled.
- delete CMake/autotools settings to enable the "none" cipher and MAC.
- rename existing C macros that can enable them.
To use them, pass them as custom `CPPFLAGS` to the build.
- enable them only if `LIBSSH2DEBUG` is also enabled.
Best would be to delete them, though they may have some use while
developing libssh2 itself, or debugging.
libssh2 supports an "old" style KEX message
`SSH2_MSG_KEX_DH_GEX_REQUEST_OLD`, as an off-by-default build option.
OpenSSH deprecated/disabled this feature in v6.9 (2015-07-01):
https://www.openssh.com/releasenotes.html#6.9
This patch deletes this obsolete feature from libssh2, with no option
to enable it.
Added to libssh2 in: cf8ca63ea0 (2004-12-31)
RFC: https://datatracker.ietf.org/doc/html/rfc4419 (2006-03)
`#undef snprintf` before redefining it, when `HAVE_SNPRINTF` is not
defined, even though `snprintf` is available and it should have been.
Possibly with 3rd party builds.
Downside is that cases of missing `HAVE_SNPRINTF` are less trivially
detected at compile-time.
Silence alignment warnings in WinCNG, by reworking the code.
Also add two unrelated casts to avoid gcc compiler warnings
in surrounding code.
`increases required alignment from 1 to 4 [-Wcast-align]`
`increases required alignment from 1 to 8 [-Wcast-align]`
See warning details in the PR's individual commits.
Reviewed-by: Marc Hörsken in <https://github.com/libssh2/libssh2/pull/846#pullrequestreview-1350253621>
Cherry-picked from #846Closes#880
Apply type changes to avoid casts and warnings. In most cases this
means changing to a larger type, usually `size_t` or `ssize_t`.
Change signedness in a few places.
Also introduce new variables to avoid reusing them for multiple
purposes, to avoid casts and warnings.
- add FIXME for public `libssh2_sftp_readdir_ex()` return type.
- fix `_libssh2_mbedtls_rsa_sha2_verify()` to verify if `sig_len`
is large enough.
- fix `_libssh2_dh_key_pair()` in `wincng.c` to return error if
`group_order` input is negative.
Maybe we should also reject zero?
- bump `_libssh2_random()` size type `int` -> `size_t`. Add checks
for WinCNG and OpenSSL to return error if requested more than they
support (`ULONG_MAX`, `INT_MAX` respectively).
- change `_libssh2_ntohu32()` return value `unsigned int` -> `uint32_t`.
- fix `_libssh2_mbedtls_bignum_random()` to check for a negative `top`
input.
- size down `_libssh2_wincng_key_sha_verify()` `hashlen` to match
Windows'.
- fix `session_disconnect()` to limit length of `lang_len`
(to 256 bytes).
- fix bad syntax in an `assert()`.
- add a few `const` to casts.
- `while(1)` -> `for(;;)`.
- add casts that didn't fit into #876.
- update `docs/HACKING-CRYPTO` with new sizes.
May need review for OS400QC3: /cc @monnerat @jonrumsey
See warning details in the PR's individual commits.
Cherry-picked from #846Closes#879
Most of the changes aim to silence warnings by adding casts.
An assortment of other issues, mainly compiler warnings, resolved:
- unreachable code fixed by using `goto` in
`publickey_response_success()` in `publickey.c`.
- potentially uninitialized variable in `sftp_open()`.
- MSVS-specific bogus warnings with `nid_type` in `kex.c`.
- check result of `kex_session_ecdh_curve_type()`.
- add missing function declarations.
- type changes to fit values without casts:
- `cmd_len` in `scp_recv()` and `scp_send()`: `int` -> `size_t`
- `Blowfish_expandstate()`, `Blowfish_expand0state()` loop counters:
`uint16_t` -> `int`
- `RECV_SEND_ALL()`: `int` -> `ssize_t`
- `shell_quotearg()` -> `unsigned` -> `size_t`
- `sig_len` in `_libssh2_mbedtls_rsa_sha2_sign()`:
`unsigned` -> `size_t`
- `prefs_len` in `libssh2_session_method_pref()`: `int` -> `size_t`
- `firstsec` in `_libssh2_debug_low()`: `int` -> `long`
- `method_len` in `libssh2_session_method_pref()`: `int` -> `size_t`
- simplify `_libssh2_ntohu64()`.
- fix `LIBSSH2_INT64_T_FORMAT` for MinGW.
- fix gcc warning by not using a bit field for
`burn_optimistic_kexinit`.
- fix unused variable warning in `_libssh2_cipher_crypt()` in
`libgcrypt.c`.
- fix unused variables with `HAVE_DISABLED_NONBLOCKING`.
- avoid const stripping with `BIO_new_mem_buf()` and OpenSSL 1.0.2 and
newer.
- add a missing const in `wincng.h`.
- FIXME added for public:
- `libssh2_channel_window_read_ex()` `read_avail` argument type.
- `libssh2_base64_decode()` `datalen` argument type.
- fix possible overflow in `sftp_read()`.
Ref: 4552c73cd5
- formatting in `wincng.h`.
See warning details in the PR's individual commits.
Cherry-picked from #846Closes#876
In a recent CMake update I left the original CMake EXPORTS macro
unchanged (`libssh2_EXPORTS`) for compatibility.
However, that macro was also recently added [1] and not present in an
official release yet, so we might as well just use the new native one
instead (`libssh2_shared_EXPORTS`), defined by CMake automatically.
This way we don't need to define the old macro manually.
CMake forms this macro from the lib's internal name as defined in
`add_library()` by appending `_EXPORTS`. That target name changed from
`libssh2` to `libssh2_shared` after introducing dual shared + static
builds in the recent update.
If we're here, add a new, stable, build-tool agnostic macro with the
same effect, for non-CMake use: `LIBSSH2_EXPORTS`
[1] 1f0fe7443a (2021-10-26)
Follow-up to 4e2580628d
