autotools lib detection routine failed to extend LDFLAGS for each
detection. This could cause successful detection of a dependency, but
later failing to use it. This did not cause an issue as long as all
dependencies lived under the same prefix, but started breaking on macOS
ARM + Homebrew where this was no longer true for mbedTLS and zlib in
particular.
Follow-up to 844115393b#1381
Follow-up to ae2770de25#1377Closes#1384
In 1c3a03ebc3#493,
`LIBSSH2_DH_GEX_MAXGROUP` was introduced to specify
crypto-backend-specific modulus sizes. Unfortunately, the max size for
the wincng DH modulus was defined to 8192, probably because this is the
value most other backends support.
According to Microsoft documentation [1], `BCryptGenerateKeyPair`
currently only supports up to 4096-bit keys when the selected algorithm
is `BCRYPT_DH_ALGORITHM`. Requesting larger keys when calling
`BCryptGenerateKeyPair` in `_libssh2_dh_key_pair` always results in
`STATUS_INVALID_PARAMETER` being returned and ultimately key exchange
failing.
When attempting to connect to any server that offers 8192 bit DH, this
causes key exchange to always fail when using the wincng backend.
Reducing `LIBSSH2_DH_GEX_MAXGROUP` to 4096 fixes the issue.
[1] https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgeneratekeypairCloses#1372
Use an ugly workaround to silence `-Wsign-conversion` warnings triggered
by the internals of `FD_SET()`/`FD_ISSET()` macros. They've been showing
up in OmniOS CI builds when compiling `example` programs. They also have
been seen with older Cygwin and other envs and configurations.
Also scope two related variables in examples.
E.g.:
```
../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion]
251 | FD_SET(forwardsock, &fds);
| ^~~~~~
../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion]
../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
../../example/direct_tcpip.c:251:9: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion]
259 | if(rc && FD_ISSET(forwardsock, &fds)) {
| ^~~~~~~~
../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion]
../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
```
Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/24316762831#step:3:2020Closes#1379
Use `AM_CFLAGS` to pass custom, per-target C flags. This replaces using
`CFLAGS` which triggered this warning when running `autoreconf -fi`:
```
tests/Makefile.am:8: warning: 'CFLAGS' is a user variable, you should not override it;
tests/Makefile.am:8: use 'AM_CFLAGS' instead
```
(Only for `tests`, even though `example` and `src` also used this
method. The warning is also missing from curl, that also uses
`CFLAGS`.)
Follow-up to 3ec53f3ea2#1286Closes#1378
- add `./configure` option `--enable-ecdsa-wincng`
- add WinCNG autotools jobs to GHA.
- enable WinCNG ECDSA in some GHA jobs (both CMake and autotools).
Follow-up to 3e72343737#1315Closes#1368
The WinCNG backend currently only supports DSA and RSA. This PR
adds ECDSA support for host and user authentication.
* Disable WinCNG ECDSA support by default to maintain backward
compatibility for projects that target versions below Windows 10.
* Add cmake option `ENABLE_ECDSA_WINCNG` to guard ECDSA support.
* Update AppVeyor job matrix to only enable ECDSA on Server 2016+
- Build scripts must be executed by the os/400 shell (sh), not bash which
is a PASE program: The `-ot` non-POSIX test extension works in os/400 as
well. Ref: https://github.com/libssh2/libssh2/pull/1364#issue-2241646754
- Drop/fixup mods trying to make some syntax highlighters happier.
Follow-up to c6625707b9#1358
Assisted-by: Patrick Monnerat
Closes#1364Closes#1366
- use `$()` instead of backticks, and re-arrange double-quotes inside.
- add missing `|| exit 1` to `cd` calls. (could be dropped by using `set -eu`.)
- add `-n` to a few `if`s.
- shorten redirections by using `{} >` (as shellcheck recommended).
- silence warnings where variables were detected as unused (SC2034).
- a couple misc updates to silence warnings.
- switch to bash shebang for `-ot` feature.
- split two lines to unbreak syntax highlighting in my editor. (`$(expr \`, `$(dirname \`)
Also enable CI checks for OS/400 shell scripts.
Ref: d88b9bcdafCloses#1358
In the initial implementation of reproducible tarballs, they were
missing directory entries, while .zip archives had them. It meant
that on extracting the tarball, on-disk directory entries got the
current timestamp.
This patch fixes this by including directory entries in the tarball,
with reproducible timestamps. It also moves sorting inside tar,
to ensure reproducible directory entry timestamps on extract
(without the need of `--delay-directory-restore` option, when
extracting with GNU tar. BSD tar got that right by default.)
GNU tar 1.28 (2014-07-28) introduced `--sort=`.
Follow-up to d52fe1b435#1357Closes#1359
Found by oss-fuzz. In `diffie_hellman_sha_algo()`, we were calling
`_libssh2_bn_from_bin()` with data recieved by the server without
checking whether that data was zero-length or ridiculously long.
In the OpenSSL backend, this would cause `_libssh2_bn_from_bin()`
to fail an allocation, which would eventually lead to a NULL
dereference when the bignum was used.
Add the same check for `_libssh2_bn_set_word()` and
`_libssh2_bn_to_bin()`.
- support `SOURCE_DATE_EPOCH` for reproducibility.
- make tarballs reproducible.
- make file timestamps in tarball/zip reproducible.
- make directory timestamps in zip reproducible.
- make timestamps of tarballs/zip reproducible.
- make file order in tarball/zip reproducible.
- use POSIX ustar tarball format to avoid supply chain vulnerability: https://seclists.org/oss-sec/2021/q4/0
- make uid/gid in tarball reproducible.
- omit owner user/group names from tarball for reproducibility and privacy.
- omit current timestamp from .gz header for reproducibility.
- display SHA-256 hashes of produced tarballs/zip. (Requires `sha256sum`)
- re-sync formatting with curl's `maketgz`.
Closes#1357
- set bash `-eu`.
- fix bash `-eu` issues.
- apply `TZ=UTC` and `LC_ALL=C` for reproducibility.
- sort `.zip` entries for reproducibility.
- zip with `--no-extra` for reproducibliity.
- use maximum zip compression.
- add the gpg sign command-line. Copied from curl.
- add CI test for `maketgz`.
Closes#1353
Replicating OpenSSH's behavior to handle RSA certificate authentication
differently based on the remote server version.
1. For OpenSSH versions >= 7.8, ascertain server's support for RSA Cert
types by checking if the certificate's signature type is present in
the `server-sig-algs`.
2. For OpenSSH versions < 7.8, Set the "SSH_BUG_SIGTYPE" flag when the
RSA key in question is a certificate to ignore `server-sig-algs` and
only offer ssh-rsa signature algorithm for RSA certs.
This arises from the fact that OpenSSH versions up to 7.7 accept
RSA-SHA2 keys but not RSA-SHA2 certificate types. Although OpenSSH <=7.7
includes RSA-SHA2 keys in the `server-sig-algs`, versions <=7.7 do not
actually support RSA certs. Therefore, server sending RSA-SHA2 keys in
`server-sig-algs` should not be interpreted as indicating support for
RSA-SHA2 certs. So, `server-sig-algs` are ignored when the RSA key in
question is a cert, and the remote server version is 7.7 or below.
Relevant sections of the OpenSSH source code:
<https://github.com/openssh/openssh-portable/blob/V_8_9_P1/sshconnect2.c#L1191-L1197>
<https://github.com/openssh/openssh-portable/blob/master/compat.c#L43>
Assisted-by: Will Cosgrove
Reviewed-by: Viktor Szakats
This is just a stub to make `_libssh2_mbedtls_ecdsa_new_private`
compile.
mbedtls 3.6.0 silently deleted its public API `mbedtls_pk_load_file`,
which this function relies on.
Closes#1349
