File: libssh2.h
Notes:
Update the min, preferred and max DH group values based on RFC 8270.
Credit:
Will Cosgrove, noted from email list by Mitchell Holland
File: INSTALL_CMAKE.md
Notes:
Although the original text would be immediately clear to seasoned users of CMAKE and/or Unix shell, the lack of newlines may cause some confusion for newcomers. Hence, wrapping the texts in a md code-block such that the newlines appear as intended.
credit:
suryakalpo
file: transport.c
notes:
moving total_num zero length check from #476 up to the prior bounds check which already includes a total_num check. Makes it slightly more readable.
credit:
Will Cosgrove
File:
libssh2_sftp.h
Notes:
Error constants `LIBSSH2_FX_*` are only returned by `libssh2_sftp_last_error()` which returns `unsigned long`.
Therefore these constants should be defined as unsigned long literals, instead of int literals.
Credit:
Dr. Koutheir Attouchi
File: HACKING.CRYPTO
Notes:
This commit updates the HACKING.CRYPTO documentation file in an attempt to make it in sync with current code.
New documented features are:
SHA384
SHA512
ECDSA
ED25519
Credit:
monnerat
File: hostkey.c
Notes:
These types are the same size so most compilers are fine with it, but CodeWarrior (on classic MacOS) throws an ‘illegal implicit conversion’ error
Credit: Brendan Shanks
file: Makefile.am
Notes:
The POSIX comparison operator for test(1) is =; bash supports == but not even test from GNU coreutils does.
Credit:
Thomas Klausner
File:
Openssl.c
Notes:
* Fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression from #439
Credit:
Hans Meirer, Tseng Jun
File: Session.c
Notes:
With gcc 9, libssh2, libcurl and LTO enabled for all binaries I see this
warning (error with -Werror):
vssh/libssh2.c: In function ‘ssh_statemach_act’:
/data/mwrep/rgeissler/ospack/ssh2/BUILD/libssh2-libssh2-03c7c4a/src/session.c:579:9: error: ‘seconds_to_next’ is used uninitialized in this function [-Werror=uninitialized]
579 | int seconds_to_next;
| ^
lto1: all warnings being treated as errors
Gcc normally issues -Wuninitialized when it is sure there is a problem,
and -Wmaybe-uninitialized when it's not sure, but it's possible. Here
the compiler seems to have find a real case where this could happen. I
looked in your code and overall it seems you always check if the return
code is non null, not often that it's below zero. I think we should do
the same here. With this patch, gcc is fine.
Credit:
Romain-Geissler-1A
Files: openssl.c/h
Author: Zenju
Notes:
Adds support for PKIX key reading by fixing:
_libssh2_pub_priv_keyfile() is missing the code to extract the ed25519 public key from a given private key
_libssh2_ed25519_new_private_frommemory is only parsing the openssh key format but does not understand PKIX (as retrieved via PEM_read_bio_PrivateKey)
File: .travis.yml
Notes:
* Fix Chrome installing by using Travis build in directive
* Update to use libgcrypt20-dev package to fix 32 bit builds based on comments found here:
https://launchpad.net/ubuntu/xenial/i386/libgcrypt11-dev
Notes:
We had a user who was being repeatedly prompted to accept a server key repeatedly. It turns out the base64-encoded key was larger than the static buffers allocated to read and write known hosts. I doubled the size of these buffers.
Credit:
Michael Buckley
* packet.c: improve parsing of packets
file: packet.c
notes:
Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional uint32 bounds check in SSH_MSG_GLOBAL_REQUEST.
Notes:
This is useful for static builds so that the Libs.private field in
libssh2.pc contains correct info for the benefit of pkg-config users.
Static link with libssh2 requires this information.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/libssh2/0002-acinclude.m4-add-mbedtls-to-LIBS.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Credit:
Fabrice Fontaine
