Most of libssh2 already has conditional support for RSA according to
the LIBSSH2_RSA crypto backend #define, but crypto.h and userauth.c
needed a few small fixes.
The change fixes passing of bogus gcrypt prefix.
Reproducible as:
$ ./configure --with-libgcrypt
$ make V=1
...
/bin/sh ../libtool --tag=CC --mode=link gcc -g -O2 -Iyes/include -version-info 1:1:0 -no-undefined -export-symbols-regex '^libssh2_.*' -lgcrypt -lz -Lyes/lib -o libssh2.la -rpath /usr/local/lib channel.lo comp.lo crypt.lo hostkey.lo kex.lo mac.lo misc.lo packet.lo publickey.lo scp.lo session.lo sftp.lo userauth.lo transport.lo version.lo knownhost.lo agent.lo libgcrypt.lo pem.lo keepalive.lo global.lo -lgcrypt
../libtool: line 7475: cd: yes/lib: No such file or directory
libtool: error: cannot determine absolute directory name of 'yes/lib'
These
-Iyes/include
-Lyes/lib
come from libgcrypt code autodetection:
if test -n "$use_libgcrypt" && test "$use_libgcrypt" != "no"; then
LDFLAGS="$LDFLAGS -L$use_libgcrypt/lib"
CFLAGS="$CFLAGS -I$use_libgcrypt/include"
I assume it's a typo to use yes/no flag as a prefix and changed
it to '$with_libgcrypt_prefix'.
Reported-by: Mikhail Pukhlikov <cynede@gentoo.org>
Signed-off-by: Sergei Trofimovich <siarheit@google.com>
The problem is that the original if statement simply returns NULL, but does not set the session last error code. The consequence is that libssh2_sftp_init() also returns NULL and libssh2_session_last_errno(sshSession) == LIBSSH2_ERROR_NONE.
In my test the LIBSSH2_ERROR_EAGAIN is coming from sftp.c row 337:
if(4 != sftp->partial_size_len)
/* we got a short read for the length part */
return LIBSSH2_ERROR_EAGAIN;
with "partial_size_len == 0". Not sure if this is expected.
channel_wait_eof waits for channel->remote.eof, which is set on
receiving a `SSH_MSG_CHANNEL_EOF` message. This message is sent
when a party has no more data to send on a channel.
1> sftp.c
1>libssh2-files\src\sftp.c(3393): warning C4456: declaration of 'retcode' hides previous local declaration
1> libssh2-files\src\sftp.c(3315): note: see declaration of 'retcode'
In order to signal that the requested operation can not succeed
because the receiving window had been exhausted, the error code
LIBSSH2_ERROR_BUFFER_TOO_SMALL has been reused but I have found
that in certain context it may be ambigous.
This patch introduces a new error code,
LIBSSH2_ERROR_CHANNEL_WINDOW_FULL, exclusive to signal that condition.
Until now, in blocking mode, if the remote receiving window is
exhausted this function hangs forever as data is not read and the
remote side just keeps waiting for the window to grow before sending
more data.
This patch, makes this function check for that condition and abort
with an error when it happens.
This function was calling channel_wait_eof to ensure that the EOF
packet has already been received, but that function also checks that
the read data queue is empty before reporting the EOF. That caused
channel_wait_closed to fail with a LIBSSH2_ERROR_INVAL when some data
was queued even after a successful call to libssh2_channel_wait_eof.
This patch changes libssh2_channel_wait_closed to look directly into
channel->remote.eof so that both libssh2_channel_wait_eof and
libssh2_channel_wait_closed bahave consistently.
This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864
because it caused the compatibility code to call initialization routines
redundantly, leading to memory leakage with OpenSSL 1.1 and broken curl
test-suite in Fedora:
88 bytes in 1 blocks are definitely lost in loss record 5 of 8
at 0x4C2DB8D: malloc (vg_replace_malloc.c:299)
by 0x72C607D: CRYPTO_zalloc (mem.c:100)
by 0x72A2480: EVP_CIPHER_meth_new (cmeth_lib.c:18)
by 0x4E5A550: make_ctr_evp.isra.0 (openssl.c:407)
by 0x4E5A8E8: _libssh2_init_aes_ctr (openssl.c:471)
by 0x4E5BB5A: libssh2_init (global.c:49)
... previously it would default to OpenSSL even with the --with-[crypto]
options used unless you specificly disabled OpenSSL. Now, enabling another
backend will automatically disable OpenSSL if the other one is found.
This introduces a test suite for libssh2. It runs OpenSSH in a Docker
container because that works well on Windows (via docker-machine) as
well as Linux. Presumably it works on Mac too with docker-machine, but
I've not tested that.
Because the test suite is docker-machine aware, you can also run it
against a cloud provider, for more realistic network testing, by setting
your cloud provider as your active docker machine. The Appveyor CI setup
in this commit does that because Appveyor doesn't support docker
locally.
Primarily this is handling cases where top-level files moved into
the docs/ directory. I also corrected a typo and removed the
claim that libssh2 is public domain.
This gets us large file support, is available on any VMS release
in the last decade and more, and gives stat other modern features
such as 64-bit ino_t.
VMS does have stdlib.h, gettimeofday(), and OpenSSL. The latter
is appropriate to hard-wire in the configuration because it's
installed by default as part of the base operating system and
there is currently no libgcrypt port.
%z is a C99-ism that VMS doesn't currently have; even though the
compiler is C99-compliant, the library isn't quite. The off_t used
for the st_size element of the stat can be 32-bit or 64-bit, so
detect what we've got and pick a format accordingly.
Somehow it got Windows-style CRLF endings so convert to just LF,
for consistency as well as not to confuse tools that will regard
the \r as content (e.g. the OpenVMS help librarian).
