"Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared,
HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol
undeclared. When you are sure that the check was performed,
use HAVE_DECL_symbol in #if."
Source: autoconf documentation for AC_CHECK_DECLS.
OpenSSH Key and ED25519 support #39
Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120
* ED25519 Key file support - Requires OpenSSL 1.1.1 or later
* OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types
* New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading.
* Added new tests for OpenSSH formatted Keys
Use checksrc.pl from the curl project, with (for now)
suppressed long line warnings and indentation set to
4 spaces. Fixes are whitespace for the most part.
Warning count went down from 2704 to 12.
Also fix codespell typos, two non-ANSI C89 comments
and a stray tab in include/libssh2.h.
Ref: https://github.com/libssh2/libssh2/pull/235
When trying to decode invalid data, it frees the buffer but doesn't nil it so the caller gets a junk memory pointer which they could potentially double free.
Before this patch "_libssh2_error" required the error message to be a
static string.
This patch adds a new function "_libssh2_error_flags" accepting an
additional "flags" argument and specifically the flag
"LIBSSH2_ERR_FLAG_DUP" indicating that the passed string must be
duplicated into the heap.
Then, the method "_libssh2_error" has been rewritten to use that new
function under the hood.
Signed-off-by: Salvador Fandino <sfandino@yahoo.com>
Signed-off-by: Salvador Fandiño <sfandino@yahoo.com>
A sftp session failed with error "failure establishing ssh session" on
Solaris and HP-UX. Sometimes the first recv() function call sets errno
to ENOENT. In the man pages for recv of Solaris and HP-UX the error
ENOENT is not documented.
I tested Solaris SPARC and x86, HP-UX i64, AIX, Windows and Linux.
Starting now, we unconditionally use the internal replacement functions
for send() and recv() - creatively named _libssh2_recv() and
_libssh2_send().
On errors, these functions return the negative 'errno' value instead of
the traditional -1. This design allows systems that have no "natural"
errno support to not have to invent it. It also means that no code
outside of these two transfer functions should use the errno variable.
In an attempt to make the trace output less cluttered for non-blocking
sessions the error function now avoids calling the debug function if the
error is the EAGAIN and the session is non-blocking.
There was a buffer overflow waiting to happen when a debug message was
longer than 1536 bytes.
Thanks to Daniel who spotted that there was a problem with the message
length passed to a trace handler also after commit
0f0652a309.
I'll introduce a new internal function set named
_libssh2_store_u32
_libssh2_store_u64
_libssh2_store_str
That can be used all through the library to build binary outgoing
packets. Using these instead of the current approach removes
hundreds of lines from the library while at the same time greatly
enhances readability. I've not yet fully converted everything to
use these functions.
I've converted LOTS of 'unsigned long' to 'size_t' where
data/string lengths are dealt with internally. This is The Right
Thing and it will help us make the transition to our
size_t-polished API later on as well.
I'm removing the PACKET_* error codes. They were originally
introduced as a set of separate error codes from the transport
layer, but having its own set of errors turned out to be very
awkward and they were then converted into a set of #defines that
simply maps them to the global libssh2 error codes instead. Now,
I'l take the next logical step and simply replace the PACKET_*
defines with the actual LIBSSH2_ERROR_* defines. It will increase
readability and decrease confusion.
I also separated packet stuff into its own packet.h header file.
We reserve ^libssh2_ for public symbols and we use _libssh2 as
prefix for internal ones. I fixed the intendation of all these
edits with emacs afterwards, which then changed it slightly more
than just _libssh2_error() expressions but I didn't see any
obvious problems.
libssh2_error() no longer allocates a string and only accepts a const
error string. I also made a lot of functions use the construct of
return libssh2_error(...) instead of having one call to
libssh2_error() and then a separate return call. In several of those
cases I then also changed the former -1 return code to a more
detailed one - something that I think will not change behaviors
anywhere but it's worth keeping an eye open for any such.
The libssh2 API calls should set the last error code and a message when
returning a failure by calling libssh2_error. This changeset adds these
calls to the libssh2_knownhost_* API as well as libssh2_base64_decode.
This change also makes libssh2_error into a function rather than a macro.
Its implementation is moved to misc.c. This function returns the error
code passed to it allowing callers to return the error value directly
without duplicating the error code.
The trace context is actually a bitmask so that tracing output can be
controlled by setting a bitmask using libssh2_trace(). However, the logic
in libssh2_debug() that converted the context to a string was using the
context value as an array index. Because the code used a bounds check on
the array, there was never a danger of a crash, but you would certainly
either get the wrong string, or "unknown".
This patch adds a lookup that iterates over the context strings and uses
it's index to check for the corresponding bit in the context.
The libssh2_trace_sethandler() call allows the user to handle the output of libssh2 rather than having it written to stderr. This patch updates libssh2_trace_sethandler() to allow a user-defined void* context value to be passed back to the output handler.
While this is code not currently in use, it is part of the generic linked
list code and since I found the error I thought I'd better fix it since we
might bring in this function into the code one day.
Neil Gierman's patch adds a gettimeofday() function for win32
for the libssh2_trace() functionality. The code originates from
cygwin and was put in the public domain by the author
Danny Smith <dannysmith@users.sourceforge.net>
Steven Van Ingelgem introduces libssh2_socket_t as a generic socket
type to use internally to avoid compiler warnings and mistakes. Also,
the private struct iovec declaration for windows is now made to look
like the POSIX struct does.
Each SFTP file handle is now handled by the "mother-struct"
using the generic linked list functions. The goal is to move
all custom linked list code to use this set of functions.
I also moved the list declarations to the misc.h where they
belong and made misc.h no longer include libssh2_priv.h itself
since now libssh2_priv.h needs misc.h...
In misc.c I added a #if 0'ed _libssh2_list_insert() function
because I ended up writing one, and I believe we may need it here
too once we move over more stuff to use the _libssh2_list* family.
