- All files have prominent copyright and SPDX identifier
- If not embedded in the file, in the .reuse/dep5 file
- All used licenses are in LICENSES/ (not shipped in tarballs)
- A new REUSE CI job verify that all files are OK
Assisted-by: Viktor Szakats
Closes#1084
Simplify the code to avoid this warning. This might also help avoiding
it with other compilers (e.g. gcc?).
Improves 02f2700a61#876
Might fix#1083Closes#1086
Also:
- uppercase `(C)`.
- add missing 'All rights reserved.' lines.
- drop duplicate 'Author' lines.
- add copyright headers where missing.
- enable copyright header check in checksrc.
Reasons for deleting years (copied as-is from curl):
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
Closes#1082
```
In file included from $HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:57:
$HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c: In function 'run_command_varg':
$HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:136:37: warning: array subscript has type 'char' [-Wchar-subscripts]
136 | while(end > 0 && isspace(buf[end - 1])) {
| ~~~^~~~~~~~~
```
Ref: https://github.com/libssh2/libssh2/files/11644340/cygwin-x86_64-libssh2-1.11.0-1-check.log
Reported-by: Brian Inglis
Fixes#1080Closes#1081
We repositioned crypto libs in 4f0f4bff5a
via #941 and subsequently in d4f58f0343
from d93ccf4901 via #1013.
This patch moves libz accordingly, to unbreak certain build scenarios.
Reported-by: Kenneth Davidson
Regression from 4f0f4bff5a#941Fixes#1075Closes#1077
Add a non-static autotools build to GitHub Actions. Make this build
target i386 and libgcrypt, to test a new build combination if we are at
it.
Also:
- GHA: add necessary generic bits for i386 autotools builds.
- AppVeyor CI: teach it to ignore commits updating our GHA config.
Follow-up to 572c57c9d8#1072Closes#1074
E.g. on 32-bit Linux. Issue revealed after adding i386 Linux CI build
in abdf40c741#1057.
```
/home/runner/work/libssh2/libssh2/src/scp.c: In function 'scp_recv':
/home/runner/work/libssh2/libssh2/src/scp.c:765:23: error: conversion from 'libssh2_int64_t' {aka 'long long int'} to '__off_t' {aka 'long int'} may change value [-Werror=conversion]
765 | sb->st_size = session->scpRecv_size;
| ^~~~~~~
```
Ref: https://github.com/libssh2/libssh2/actions/runs/5126803482/jobs/9221746299?pr=1054#step:12:51
Regression from 5db836b2a8#1002Closes#1060
Also:
- reorder Linux build matrix to make build tool more visible.
- hide apt-get progress bar.
- prepare package install step for i386 builds.
Detects bug #1053Closes#1057
- add `LIBSSH2_NO_ED25519` build-time option to force-disable ED25519
support. Useful to replicate crypto-backend builds without ED25519,
such as wolfSSL.
- openssl: fix unused variable and function warnings with all supported
`LIBSSH2_NO_*` options enabled.
- mbedtls: fix misplaced `#endif` leaving out the required internal
public function `libssh2_supported_key_sign_algorithms()`.
- mbedtls: add missing prototype for two internal public functions.
- delete a redundant block.
All `NO` options:
```shell
CPPFLAGS='
-DLIBSSH2_NO_MD5 -DLIBSSH2_NO_HMAC_RIPEMD -DLIBSSH2_NO_DSA
-DLIBSSH2_NO_RSA -DLIBSSH2_NO_RSA_SHA1
-DLIBSSH2_NO_ECDSA -DLIBSSH2_NO_ED25519 -DLIBSSH2_NO_AES_CTR
-DLIBSSH2_NO_BLOWFISH -DLIBSSH2_NO_RC4 -DLIBSSH2_NO_CAST
-DLIBSSH2_NO_3DES'
```
Closes#1044
`list(PREPEND)` requires CMake v3.15, our minimum is v3.1. `APPEND`
should work fine for headers anyway.
Also fix a wrongly placed comment.
Ref: https://cmake.org/cmake/help/latest/command/list.html#prepend
Regression from 1e3319a167d2f32d295603167486e9e88af9bb4e
Closes#1043
Both autotools and cmake build both shared and static lib by default.
Ref: 896154bc17
Delete configuration enabling these explicitly in CI jobs.
Cherry-picked from #1036Closes#1036
This brings default behaviour in sync with autotools, which builds both
lib flavours by default.
(Notice that on Windows, autotools includes the Windows Resource in the
static library, when building both at the same time. CMake doesn't have
this issue.)
Enabling both lib flavours has a side-effect when using non-MinGW
toolchains (e.g. MSVC): to resolve the filename conflict between import
and static libraries, we add a suffix to the static lib, naming it
`libssh2_static.lib`. This can break dependent builds relying on
`libssh2.lib` for linking the static libssh2.
Workarounds:
- disable either shared or static libssh2 via
`-DBUILD_STATIC_LIBS=OFF` or
`-DBUILD_SHARED_LIBS=OFF`. This results in a libssh2 library (either
static or shared) without a prefix: `libssh2.lib`.
- set a custom static library suffix via:
`-DSTATIC_LIB_SUFFIX=_my_static`. Resulting in
`libssh2_my_static.lib`, and import library
`libssh2.lib`.
- set a custom import library suffix via:
`-DIMPORT_LIB_SUFFIX=_my_implib`. Resulting in
`libssh2_my_implib.lib` import library, and static library
`libssh2.lib`.
- customize the default static/import library suffix (incl. extension)
via
`-DCMAKE_STATIC_LIBRARY_SUFFIX=_my_static_suffix.lib` or
`-DCMAKE_IMPORT_LIBRARY_SUFFIX=_my_import_suffix.lib`.
Cherry-picked from #1036
The collision issue affects (typically) MSVC, when building both shared
and static libssh2 in one go.
Ref: https://stackoverflow.com/questions/2140129/what-is-proper-naming-convention-for-msvc-dlls-static-libraries-and-import-libr
Initially we handled this by appending the `_imp` suffix to the import
library filename. This is how curl tackles this, but on a second look,
this solution seem to be accidental and has no widespread use.
It seems more widely accepted to use the '_static' suffix for the static
library. This patch implements this.
(MinGW, Cygwin and unixy platforms are not affected by this issue.)
Follow-up to 4e2580628d
Cherry-picked from #1036
Allow resolving the import/static library name collision also by setting
a custom _import_ library name suffix.
Follow-up to 4e2580628d
Cherry-picked from #1036
`DYN=1` means to build examples/tests against the shared libssh2.
Before this patch this was broken for building tests. This patch skips
building tests that require the static libssh2 library, so the build now
succeeds.
Also move the list of tests that require static lib from
`CMakeLists.txt` to `Makefile.inc`, so that we can reuse it in
`Makefile.mk`.
Couldn't find a way to also reuse it in `Makefile.am`. Move the
`Makefile.am` specific definitions close to the shared list, to make it
easier to keep them synced.
Cherry-picked from #1036
Before this patch, the CMake build did not allow to disable static
libssh2 library while also building tests.
This patch removes this constraint, and makes this combination possible.
In this case the 3 (at the moment) tests that require a static libssh2
library, are skipped from the build and test runs.
Cherry-picked from #1036
Required for tests using libssh2 internals. These are the ones
requiring the libssh2 _static_ lib.
Before this patch, `src` and `tests` declared the `session` structure
differently, due to extra struct members added with the `LIBSSH2DEBUG`
macro set. But, the macro was only set for `src` when using CMake. At
runtime this caused struct members to be at different offsets between
lib and test code, resulting in the test failures below.
Due to another bug in the affected test, these failures did not reflect
in the exit code, which always returned success, so this went unnoticed
for a good while. Fixed in: 84d31d0ca7
```
Start 5: test_auth_keyboard_info_request
[...]
5: Test case 1 passed
5: Test case 2 passed
5: Test case 3: expected return code to be 0 got -1
5: Test case 4: expected last error code to be "-6" got "-38"
5: Test case 5: expected last error code to be "-6" got "-38"
5: Test case 6: expected last error code to be "-6" got "-38"
5: Test case 7: expected last error message to be "Unable to decode keyboard-interactive number of keyboard prompts" got "userauth keyboard data buffer too small to get l
5: Test case 8: expected last error code to be "-41" got "-38"
5: Test case 9: expected return code to be 0 got -1
5: Test case 10: expected return code to be 0 got -1
5: Test case 11: expected last error code to be "-6" got "-38"
5: Test case 12: expected last error message to be "Unable to decode user auth keyboard prompt echo" got "userauth keyboard data buffer too small to get length"
5: Test case 13: expected return code to be 0 got -1
5: Test case 14: expected return code to be 0 got -1
5: Test case 15: expected last error code to be "-6" got "-38"
5: Test case 16: expected last error code to be "-6" got "-38"
5: Test case 17: expected last error code to be "-6" got "-38"
5: Test case 18: expected last error code to be "-6" got "-38"
```
Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46925869/job/i9uasceu3coss0i2#L440
Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46983040/job/c3vag25c26a77lyr#L485
Cherry-picked from #1037Closes#1037
Before this patch, this test returned success even when one of its tests
failed. Fix it by returning 1 in case any of the tests fails.
This issue masked a CMake build bug with logging enabled. Subject to an
upcoming patch.
Cherry-picked from #1037
"Unity" (aka "jumbo", aka "amalgamation" builds concatenate source files
before compiling. It has these benefits for example: faster builds,
improved code optimization, cleaner code. Let's support and test this.
- enable unity builds for some existing CI builds to test this build
scenario.
- tune `UNITY_BUILD_BATCH_SIZE` size.
- disable unity build for example and test programs (they use one source
each already).
You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake.
Supported by CMake 3.16 and newer.
Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.htmlCloses#1034
Before this patch libssh2 used a variety of solutions to pass the source
directory to tests: `FIXTURE_WORKDIR` build-time macro (cmake),
`FIXTURE_WORKDIR` envvar (unused), setting `srcdir` manually
(autotools), setting current directory (cmake), and also `builddir`
envvar (autotools) for passing current working dir to `mansyntax.sh`.
This patch reduces this to using existing `srcdir` with autotools and
setting it ourselves in CMake. This was mostly enabled by this recent
patch: 4c9ed51f96
Details:
- cmake: replace baked-in `FIXTURE_WORKDIR` macro with env.
Added in 54bef4c5da#198 (2018-03-21)
- rename `FIXTURE_WORKDIR` to `srcdir`, to match autotools.
- cmake: add missing `srcdir` for algo and sshd tests.
- session_fixture: stop `chdir()`-ing, rely on prefixing with `srcdir`.
Changing current directory should be unnecessary after
4c9ed51f96#801 (2023-02-24),
that prefixes referenced input filenames with the `srcdir` envvar.
The `srcdir` envvar was already exported by autotools, and now we're
also setting it from CMake.
- cmake: stop setting `WORKING_DIRECTORY`, rely on `srcdir` env.
`WORKING_DIRECTORY` is no longer necessary, after passing `srcdir` to
all tests, so they can find our source tree and keys/etc in it
regardless of the current directory.
Also this past commit hints that `WORKING_DIRECTORY` wasn't always
working for this purpose as expected:
"tests: Xcode doesn't obey CMake's test working directory"
Ref: 10a5cbf945
- autotools: delete explicit `srcdir` for test env.
Added in 13f8addd1b (2015-07-02)
automake documents `srcdir` as exported to the test environment:
c04c4e8856/doc/automake.texi (L9302-L9304)https://www.gnu.org/software/automake/manual/html_node/Scripts_002dbased-Testsuites.html
It's mentioned in the docs back in 1997 and got a regression test in
2012. We can safely assume it to be available without setting it
ourselves.
- autotools: delete explicit `builddir`.
Added in 13f8addd1b (2015-07-02)
It seems this wasn't necessary to make the above fix work, and
`mansyntax.sh` is able to figure out the build workdir by reading
`$PWD`. Our out-of-tree and `make distcheck` CI builds also work
without it.
Let us know if there is a scenario we're missing and needs this.
Closes#1032
`_libssh2_store_str()` and `_libssh2_store_bignum2_bytes()` accept
inputs of `size_t` max, store the size as 32-bit unsigned integer, then
store the complete input buffer.
With inputs larger than `UINT_MAX` this means the stored size is smaller
than the data that follows it.
This patch truncates the stored data to the stored size, and now returns
a boolean with false if the stored length differs from the requested
one. Also add `assert()`s for this condition.
This is still not a correct fix, as we now dump consistent, but still
truncated data which is not what the caller wants. In future steps we'll
need to update all callers that might pass large data to this function
to check the return value and handle an error, or make sure to not call
this function with more than UINT_MAX bytes of data.
Ref: c3bcdd88a4 (2010-04-17)
Ref: ed439a29bb (2022-09-29)
Closes#1025
After deleting the `bcrypt.h` check, no check remained. Restore
a `WIN32` check here to ensure WinCNG is not enabled outside Windows.
Follow-up to 1289033598
Tested-in #1032
To not force this setting for local builds where they might serve
a good purpose.
It makes our CI runs slightly faster and we don't need to track
file changes in unattended, single, CI runs.
Cherry-picked from #1031
