Frasse | 4 Nov 10:07 2014
Picon

scp_write example is incomplete.

Hi.

The scp_write example is incomplete.

According to the scp spec a completed file transfer should be followed by a single 0 that the remote machine acknowledge with a status of 0,1 or 2. If the status is not 0 then an error message can follow ending with a linefeed.

I couldn't understand why I got no indication that my uploads failed when the disk on the remote machine was full. The answer was that the code never requested the acknowledgement.

I am attaching a modified version of the example that writes out the error message to stderr.

/Frasse

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Erwin Brandenberger | 3 Nov 16:27 2014
Picon

libssh2 through squid3

I like to connect to a SFTP server through a squid3 proxy

A test with filezilla seams to work.

With my test binary I have troubles. At the handshake I get a -2 as error
  known as LIBSSH2_ERROR_BANNER_RECV.

My code looks like

error = libssh2_init (0);
...
error = mTCP->Bind(ownip, mPort);
...
error = mTCP->Connect(mProxyIp, mProxyPort);
...
error = ProxyConnectCommand(mTCP, ip, port, mProxyUser, mProxyPassword); 
/* HTTP CONNECT method */
...
mSession = libssh2_session_init();
...
/* Since we have set non-blocking, tell libssh2 we are blocking */
libssh2_session_set_blocking((LIBSSH2_SESSION *)mSession, 1);

error = libssh2_session_banner_set((LIBSSH2_SESSION *)mSession, "SFTP 
Client\r\n");
...

#if LIBSSH2_VERSION_NUM >= 0x010208
/* correct method since libssl 1.2.8 */
error = libssh2_session_handshake((LIBSSH2_SESSION *)mSession, 
mTCP->GetSocket());
#else
#endif

At this last libssh2_session_handshake call I get the -2 error code:

My Log looks like:

RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client Bind to c0a80d50/0
RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client Connect to proxy 
c0a80d58/3128
RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client [Send Proxy 
Connect]:CONNECT xxx.xxx.xxx.xxx:22 HTTP/1.0
Proxy-authorization: Basic ZXJ3aW46Z29nb2dvMQ==

RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client [Wait for Proxy 
Connect Reply]:CONNECT xxx.xxx.xxx.xxx:22 HTTP/1.0
Proxy-authorization: Basic ZXJ3aW46Z29nb2dvMQ==

RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client [Proxy Reply 
(200=OK, 401=NeedAuth)]:HTTP/1.1 200 Connection established

RWSftpCronThread.cpp(161) 31/10 14:19:30(23)=FTP Client Initialize ssh 
session
RWSftpCronThread.cpp(170) 31/10 14:19:30(13)=FTP Client ErrorTcpBase - 
Code: -2, Msg: Failure establishing SFTP session

Any hint ?

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Martin Drašar | 13 Oct 12:55 2014
Picon

Using libSSH2 in fiber-based parallel system

Hi,

I have a program that uses fibers as a mean for parallelism and would
like to use libssh2 in it. However, some of these functions seem more
apt for thread-based parallelism. I have in mind functions using e.g.
the BLOCK_ADJUST macros.

So I just want to ask you, if the following approach I want to use is
the correct one. Instead of calling libssh2_session_handshake I have
this cycle that is basically BLOCK_ADJUST sans keepalive:

while (socket not read or written to)
{
  session_startup(session, socket);
  yield(); // Pass execution to another fiber
}

I ask, because the session_startup function is not exported into public API.

Thanks.
Martin

Attachment (smime.p7s): application/pkcs7-signature, 4432 bytes
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Otavio Augusto | 4 Oct 08:34 2014
Picon

libssh2_channel_forward_accept never returns!

Hi fellows, 

Today I started using libssh2 API, mainly to use tcp forward. So the first thing I did was compiling the
tcpip-forward.c example.

All goes well until the execution stop at "Waiting for remote connection" print.. right there:

fprintf(stderr, "Waiting for remote connection\n");
    channel = libssh2_channel_forward_accept(listener);

    if (!channel) {
        fprintf(stderr, "Could not accept connection!\n"

So  libssh2_channel_forward_accept nevers return .... the execution is stuk there forever.


To confirm that the problem isn't the server, I successful did tcp forward using putty on the same server.

   

Any help on this issue will be extremely appreciated :) 

Btw: I'm using libssh2 on windows. I'm using libssh2.a from perl-5.14.2.1-32bit-windows-master, and compiled with mingw32-gcc.exe.

--
Otavio Augusto.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
David Calavera | 2 Sep 01:06 2014
Picon

Allow authentication to be passed in memory - blast from the past

Hi,

I was doing some digging to see how I could pass auth keys by memory when I discovered this old thread from 2012 with a patch:

I'm really interested in seeing this incorporated to libssh2, so I decided to try to address the problems raised in the next message in that thread:

I created a new patch that addressed part those points. You can see it at:


I replaced the use of `memcpy_s` to use `memcpy`. I also formatted the code to use less that 80 columns.

I ran `./configure --enable-debug` to try to address the warnings in the code, but unfortunately I didn't get any. I'm not sure if I'm doing anything wrong, I posted the output here:


I'd really appreciate if anybody could point me to those warnings if there is anything I'm missing.

As I said, I'm really interested in seeing this merged into libssh2. Please, let me know if there is anything else I can help with to make that possible.

Cheers,
David

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Joern Heissler | 29 Aug 10:45 2014

Download text file via SFTP

Hi,

I'm trying to download a large text file using the sftp protocol.

The remote server runs on "Maverick SSHD". I'm using libssh2-1.4.3 (debian unstable).

I enabled compression and negotiated zlib because it's a text file.

Next, I compared the speed to what OpenSSH's `sftp' utility achieves, and
libssh2 was just terribly slow.

Then I increased buffer size for libssh2_sftp_read to a big value. It
helps a little, but the chunks returned by libssh2_sftp_read are exactly 2000
bytes, regardless of my setting.

tcpdump shows that the packets sent by the server are mostly around
200-300 bytes which obviously is too small.

I found that when I change MAX_SFTP_READ_SIZE from 2000 to a larger
value, the packet size increases, as does the download speed.

To me it looks like the server has strange TCP_NODELAY / TCP_CORK
settings. For each request of 2000 bytes, the data is gzipped and gets sent in
one tcp packet (or multiple if too large).
I found that a chunk size of 13500 bytes gives me a good ratio of uncompressed_bytes / tcp_packets.

The optimal value for MAX_SFTP_READ_SIZE heavily depends on the specific
use case, so I ask that it's made a configurable option, please :)

Thanks,
Joern
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
이효신 | 25 Aug 02:03 2014

About "Channel open fail"..help pls

hello. i am lee from korea.

for ask ur help, write this mail. ^^

 

when i had made ssh module with libssh2, encounter Two error. and i cant solve this for 2 weeks.

 

first one, by sample code,  libssh2_channel_open_session() did work  just one time. i can open first channel .

after open and excute command line, read and close channel. and when retry open other channel, i can see this error message in debug panel " Unable  to send  channel-open request".

any information by FAQ useless for me..

 

and i try other way with libssh2_channel_direct_tcpip().

 

second problem, by sample code by FAQ info, i get some test code.

thsi one.

but just change err message. i cant open first channel. with message "Channel open failure"

 

os : window7

tool: microsoft visual studio 2010

 

any information, any advice! pls help

 

char request[]="GET /\n";
 char buffer[BUFSIZE];
 LIBSSH2_CHANNEL *channel;
 char *error;
 int rv;
 channel=libssh2_channel_direct_tcpip(session, "localhost", 3017);
 if(!channel) {
  libssh2_session_last_error(session, &error, NULL, 0);
  fprintf(stderr, "libssh2_channel_direct_tcpip: %s\n", error);
  return 1;
 }
 if(libssh2_channel_write(channel, request, strlen(request)) <= 0) {
  libssh2_session_last_error(session, &error, NULL, 0);
  fprintf(stderr, "libssh2_channel_write: %s\n", error);
  return 1;
 }
 
 rv=libssh2_channel_read(channel, buffer, BUFSIZE-1);
 if(rv <= 0) {
  libssh2_session_last_error(session, &error, NULL, 0);
  fprintf(stderr, "libssh2_channel_read: %s\n", error);
  return 1;
 }
 buffer[rv]='\0';

 printf("%s\n", buffer);

 libssh2_channel_free(channel);
 return 0;

}

 

int test7() {
 struct hostent *hen;
 struct sockaddr_in sin;
 int ssh_socket;
 char *error;
 LIBSSH2_SESSION *ssh_session;

  ssh_socket = socket(AF_INET, SOCK_STREAM, 0);

 if(ssh_socket < 0) {
  perror("socket");
  return 1;
 }

 sin.sin_family = AF_INET;
 sin.sin_port = htons(22);
 hen=gethostbyname("xxx.xxx.xxx.xxx");
 if(!hen) {
//  fprintf(stderr, "gethostbyname: %s", hstrerror(h_errno));
  return 1;
 }
 memcpy(&(sin.sin_addr.s_addr), hen->h_addr_list[0], hen->h_length);
 
 if ( connect(ssh_socket, (struct sockaddr*)(&sin), sizeof(struct sockaddr_in)) ) {
  perror("connect");
  //return 1;
 }
 
 ssh_session = libssh2_session_init();
 
 if (libssh2_session_startup(ssh_session, ssh_socket)) {
  libssh2_session_last_error(ssh_session, &error, NULL, 0);
  fprintf(stderr, "libssh2_session_startup: %s\n", error);
  return 1;
 }
 
 if(libssh2_userauth_password(ssh_session, "id", "pw")) {
  libssh2_session_last_error(ssh_session, &error, NULL, 0);
  fprintf(stderr, "libssh2_userauth_password: %s\n", error);
  return 1;
 }
 if(do_channel(ssh_session)) return 1;
 if(do_channel(ssh_session)) return 1;
 return 0;

 

 

 

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Lubos Uhliarik | 13 Aug 15:10 2014
Picon

[PATCH] - datacount

Hello Daniel, 

my colleague wrote you an email before about 9 months. Company in which 
I'm working would like to cooperate with you on libssh2 development,
because we are using this lib in several projects. 

We made a few patches, but we would like to move those patches to the
upstream version. In this email, I will try introduce you first patch,
which we would like to apply on the upstream version. 

This first patch should count total amount of transferred data during
the connection to a server. For this purpose, two functions were
created:

libssh2_session_recv_data(LIBSSH2_SESSION *session) and 
libssh2_session_recv_data(LIBSSH2_SESSION *session). 

Better explanation of this PATCH sent my colleague Jiri. You can read
his email here:

http://www.libssh2.org/mail/libssh2-devel-archive-2013-11/0027.shtml

If there is any problem with applying this patch, please let me know and
I will try to fix those problems.

Regards,
Lubos

Signed-off-by: Lubos Uhliarik <uhliarik <at> seznam.cz>
---
diff -Naur libssh2-1.4.3_keepalive/include/libssh2.h
libssh2-1.4.3_datacount/include/libssh2.h
--- libssh2-1.4.3_keepalive/include/libssh2.h	2013-11-20
10:04:02.985780814 +0100
+++ libssh2-1.4.3_datacount/include/libssh2.h	2013-11-22
13:15:10.870131905 +0100
 <at>  <at>  -241,10 +241,10  <at>  <at> 
 /* I/O callbacks */
 #define LIBSSH2_RECV_FUNC(name)  ssize_t name(libssh2_socket_t socket,
\
                                               void *buffer, size_t
length, \
-                                              int flags, void
**abstract)
+                                              int flags, void
**abstract, LIBSSH2_SESSION *session)
 #define LIBSSH2_SEND_FUNC(name)  ssize_t name(libssh2_socket_t socket,
\
                                               const void *buffer,
size_t length,\
-                                              int flags, void
**abstract)
+                                              int flags, void
**abstract, LIBSSH2_SESSION *session)

 /* libssh2_session_callback_set() constants */
 #define LIBSSH2_CALLBACK_IGNORE             0
 <at>  <at>  -329,9 +329,9  <at>  <at> 
 #define LIBSSH2_HOSTKEY_HASH_SHA1                           2

 /* Hostkey Types */
-#define LIBSSH2_HOSTKEY_TYPE_UNKNOWN          0
-#define LIBSSH2_HOSTKEY_TYPE_RSA          1
-#define LIBSSH2_HOSTKEY_TYPE_DSS          2
+#define LIBSSH2_HOSTKEY_TYPE_UNKNOWN			    0
+#define LIBSSH2_HOSTKEY_TYPE_RSA			    1
+#define LIBSSH2_HOSTKEY_TYPE_DSS			    2

 /* Disconnect Codes (defined by SSH protocol) */
 #define SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT          1
 <at>  <at>  -1159,6 +1159,12  <at>  <at> 
 LIBSSH2_API int libssh2_keepalive_send (LIBSSH2_SESSION *session,
                                         int *seconds_to_next);

+LIBSSH2_API long long 
+libssh2_session_recv_data(LIBSSH2_SESSION *session);
+
+LIBSSH2_API long long
+libssh2_session_send_data(LIBSSH2_SESSION *session);
+
 /* NOTE NOTE NOTE
    libssh2_trace() has no function in builds that aren't built with
debug
    enabled
diff -Naur libssh2-1.4.3_keepalive/src/libssh2_priv.h
libssh2-1.4.3_datacount/src/libssh2_priv.h
--- libssh2-1.4.3_keepalive/src/libssh2_priv.h	2013-11-14
10:15:24.000000000 +0100
+++ libssh2-1.4.3_datacount/src/libssh2_priv.h	2013-11-22
13:37:21.543860697 +0100
 <at>  <at>  -184,9 +184,9  <at>  <at> 
                       (channel), &(channel)->abstract)

 #define LIBSSH2_SEND_FD(session, fd, buffer, length, flags) \
-    session->send(fd, buffer, length, flags, &session->abstract)
+    session->send(fd, buffer, length, flags, &session->abstract,
session)
 #define LIBSSH2_RECV_FD(session, fd, buffer, length, flags) \
-    session->recv(fd, buffer, length, flags, &session->abstract)
+    session->recv(fd, buffer, length, flags, &session->abstract,
session)

 #define LIBSSH2_SEND(session, buffer, length, flags)  \
     LIBSSH2_SEND_FD(session, session->socket_fd, buffer, length, flags)
 <at>  <at>  -810,6 +810,8  <at>  <at> 
     int keepalive_want_reply;
     time_t keepalive_last_sent;
     unsigned int keepalive_count;
+    long long recv_data;
+    long long send_data;
 };

 /* session.state bits */
 <at>  <at>  -1001,9 +1003,9  <at>  <at> 
 #define SSH_OPEN_RESOURCE_SHORTAGE           4

 ssize_t _libssh2_recv(libssh2_socket_t socket, void *buffer,
-                      size_t length, int flags, void **abstract);
+                      size_t length, int flags, void **abstract,
LIBSSH2_SESSION *session);
 ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer,
-                      size_t length, int flags, void **abstract);
+                      size_t length, int flags, void **abstract,
LIBSSH2_SESSION *session);

 #define LIBSSH2_READ_TIMEOUT 60 /* generic timeout in seconds used when
                                    waiting for more data to arrive */
diff -Naur libssh2-1.4.3_keepalive/src/misc.c
libssh2-1.4.3_datacount/src/misc.c
--- libssh2-1.4.3_keepalive/src/misc.c	2011-08-25 19:59:47.000000000
+0200
+++ libssh2-1.4.3_datacount/src/misc.c	2013-11-22 11:25:39.000000000
+0100
 <at>  <at>  -94,7 +94,7  <at>  <at> 
  * Replacement for the standard recv, return -errno on failure.
  */
 ssize_t
-_libssh2_recv(libssh2_socket_t sock, void *buffer, size_t length, int
flags, void **abstract)
+_libssh2_recv(libssh2_socket_t sock, void *buffer, size_t length, int
flags, void **abstract, LIBSSH2_SESSION *session)
 {
     ssize_t rc = recv(sock, buffer, length, flags);
 #ifdef WIN32
 <at>  <at>  -117,6 +117,7  <at>  <at> 
             return -errno;
     }
 #endif
+    session->recv_data += rc;
     return rc;
 }

 <at>  <at>  -126,7 +127,7  <at>  <at> 
  */
 ssize_t
 _libssh2_send(libssh2_socket_t sock, const void *buffer, size_t length,
-              int flags, void **abstract)
+              int flags, void **abstract, LIBSSH2_SESSION *session)
 {
     ssize_t rc = send(sock, buffer, length, flags);
 #ifdef WIN32
 <at>  <at>  -143,6 +144,7  <at>  <at> 
     if (rc < 0 )
         return -errno;
 #endif
+    session->send_data += rc;
     return rc;
 }

diff -Naur libssh2-1.4.3_keepalive/src/session.c
libssh2-1.4.3_datacount/src/session.c
--- libssh2-1.4.3_keepalive/src/session.c	2012-07-25 01:03:27.000000000
+0200
+++ libssh2-1.4.3_datacount/src/session.c	2013-11-22 11:28:00.000000000
+0100
 <at>  <at>  -1749,3 +1749,20  <at>  <at> 

     return (const char *) session->remote.banner;
 }
+
+LIBSSH2_API long long 
+libssh2_session_recv_data(LIBSSH2_SESSION *session)
+{
+    long long recv;
+    recv = session->recv_data;
+    session->recv_data = 0;
+    return recv;
+}
+
+LIBSSH2_API long long
+libssh2_session_send_data(LIBSSH2_SESSION *session){
+    long long send;
+    send = session->send_data;
+    session->send_data = 0;
+    return send;
+}
\ No newline at end of file

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Kamil Dudka | 30 Jul 12:46 2014
Picon

Re: FIPS Compliance.

On Tuesday, July 29, 2014 02:48:58 john gloster wrote:
> Hi,
> 
> From http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=9f6fd5a
> 
> Did you mean that the following are not FIPS compliant?
> 
> ·         EVP_aes_256_cbc
> 
> ·         EVP_aes_192_cbc
> 
> ·         EVP_aes_128_cbc

I think the problem was that OpenSSL did not like that libssh2 implemented
the CTR cipher mode on its own when FIPS mode was enabled.  When I switched 
libssh2 back to use the OpenSSL-provided implementation of those ciphers, it 
started to work (after fixing the surrounding code to use correct block sizes 
via commit 5d567fa).

Kamil

> On Fri, Jul 25, 2014 at 1:59 PM, Kamil Dudka <kdudka <at> redhat.com> wrote:
> > On Friday, July 25, 2014 10:08:02 Bert Huijben wrote:
> > > If I remember correctly there is a compile time flag for libssh2 to
> > 
> > enable a
> > 
> > > strict fips mode.
> > 
> > I do not think so.  Did not you mean a compile time flag for OpenSSL?
> > 
> > > I would guess this might break compatibility with some (probably older)
> > 
> > ssh
> > 
> > > implementations that don't implement newer (optional) cyphers.
> > > 
> > > Bert
> > > 
> > > -----Original Message-----
> > > From: "john gloster" <glosterj9 <at> gmail.com>
> > > Sent: ‎25-‎7-‎2014 09:33
> > > To: "libssh2-devel <at> cool.haxx.se" <libssh2-devel <at> cool.haxx.se>
> > > Subject: FIPS Compliance.
> > > 
> > > Hi,
> > > 
> > > 
> > > I wanted to know whether libssh2 1.4.2/1.4.3 are compatible with FIPS
> > > compliant OpenSSL version openssl-1.0.0-20 ?
> > 
> > I pushed a few FIPS-related patches between 1.4.2 and 1.4.3:
> > 
> > http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=43b730c
> > http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=bfbb5a4
> > http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=5d567fa
> > http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=9f6fd5a
> > 
> > > I compiled libssh2 1.4.3 with this particular version of openssl and i
> > 
> > could
> > 
> > > see that my application linking to this libssh crashes.
> > > 
> > > 
> > > In other cases, my application runs successfully if i compile libssh2
> > 
> > 1.4.3
> > 
> > > with openssl-1.0.1e-16.
> > > 
> > > 
> > > Could some one please shed light on this one?
> > 
> > The basic idea behind those patches is to return a failure if a non-FIPS
> > algorithm (such as MD5) is requested by the application.  So libssh2
> > should
> > no longer crash on its own.  Still you need to handle these failures in
> > your
> > application in order not to crash anyway.
> > 
> > Kamil
> > 
> > > Alternately please let me know whether i can configure libssh2 to use a
> > > particular set crypto algorithms supported by the openssl.
> > > 
> > > 
> > > Thanking you on advance.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
john gloster | 25 Jul 09:30 2014
Picon

FIPS Compliance.

Hi,

I wanted to know whether libssh2 1.4.2/1.4.3 are compatible with FIPS compliant OpenSSL version openssl-1.0.0-20 ?

I compiled libssh2 1.4.3 with this particular version of openssl and i could see that my application linking to this libssh crashes.

In other cases, my application runs successfully if i compile libssh2 1.4.3 with openssl-1.0.1e-16.

Could some one please shed light on this one?

Alternately please let me know whether i can configure libssh2 to use a particular set crypto algorithms supported by the openssl.

Thanking you on advance. 

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Eduardo Silva | 23 Jun 22:32 2014
Picon

Multiple channels and epoll(7)

Hi,

i was searching around for a mechanism to listen in a local socket for
libssh2 session events through epoll and handle properly multiple
channels, i ended up on this thread:

      https://www.mail-archive.com/libssh2-devel <at> cool.haxx.se/msg03737.html

as of today, is there a mechanism to perform specific operations on
specific events ?, i am mostly interested into know when to accept a
channel request and when to read for channels waiting for data.

thanks for your help,

--

-- 
Eduardo Silva
http://edsiper.linuxchile.cl
http://monkey-project.com
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Gmane