libssh2 Trac | 16 Dec 22:41 2014
Picon

#293: error in direct_tcpip.c example

#293: error in direct_tcpip.c example
----------------------+--------------------
 Reporter:  bbo       |       Owner:
     Type:  defect    |      Status:  new
 Priority:  normal    |   Milestone:  1.5.0
Component:  examples  |     Version:  1.4.2
 Keywords:            |  Blocked By:
   Blocks:            |
----------------------+--------------------
 The example direct_tcpip.c doesn't take care of EAGAIN case return by
 libssh2_channel_write. This can lead to non transmitted file when this
 error is raised, while this should just delay the transmission because the
 socket are busy.
 To see the error, just run a process with high priority on the receiver of
 data trasnmitted through the libssh2_channel_write.
 Solution is just to retry the call to libssh2_channel_write one (or
 several) other time.

 Here under is the current code taken from the git repo today:
 Git repo code:

 wr = 0;
 do {
   i = libssh2_channel_write(channel, buf, len);
   if (i < 0) {
     fprintf(stderr, "libssh2_channel_write: %d\n", i);
     goto shutdown;
   }
   wr += i;
 } while(i > 0 && wr < len);
(Continue reading)

Marc Hörsken | 15 Dec 12:26 2014
Picon

[PATCH] silence multiple data conversion warnings

Hello everyone,

attached you will find a patch to silence multiple compiler warnings about invalid data conversions with
possible data loss using the VS2012 compiler.

Since these are quite a lot of small changes, I would like someone else to review and push it to the repository.

Thanks in advance.

Best regards,
Marc

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Marc Hoersken | 15 Dec 01:32 2014
Picon

Additional questions related to my fixes of possible NULL pointer de-references

Hello everyone,

I just posted a bunch of patches to the Git repository that are the
result of running the code analysis feature of VS2012 against libssh2
using the new CMake generated project files.

Most of them are quite basic, but at least the following two patches
raise additional questions that I would like to bring to your attention:
- kex.c: fix possible NULL pointer de-reference with session->kex [1]
- packet.c: fix possible NULL pointer de-reference within listen_state [2]

I think that just catching the possible NULL pointer in those code paths
is actually not enough to make libssh2 behave correctly.
In my opinion some kind of error code needs to be raised if such an
error condition is reached.

What do you think? Patches and ideas are welcome.

Best regards,
Marc

[1]
http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=1c1699545b0a1114e8ca3e6cd097cc9df1e67201;js=1
[2]
http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=e57f29f8f65c83063fd8f63c88f88830fc269bd6;js=1

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Alexander Lamaison | 6 Dec 01:34 2014
Picon

CMake

You may recall that back in March I promised to convert the libssh2
build system to CMake 'soon'.  Well, 9 months later, it is more or
less complete: https://github.com/alamaison/libssh2/tree/cmake.  I
would greatly appreciate your feedback and help with testing on the
platforms that matter to you.

The goal is to match or exceed every relevant feature of the autotools
system like-for-like, so, unless otherwise stated in this email,
assume that any missing functionality is a bug.  Please report it.

CMake, however, is fundamentally different from autotools, so some
features (for example, building source distributions, aka `make dist`)
aren't relevant anymore and aren't specifically catered for.  The
README should get you started but, if you need help getting accustomed
to CMake, I'm very happy to answer any questions you have.

tl;dr
- A version of libssh2 using CMake is available at
  https://github.com/alamaison/libssh2/tree/cmake
- Please test

Platform support
================

I've tested the build with the three major platforms, Linux (GCC
4.6.3, Clang 3.4), Windows (VS2005, VS2008) and MacOS X (AppleClang
6.0.0), in a variety of configurations.  I've also set up continuous
integration using Travis CI [2], so libssh2 is continually tested on
Linux in 32 combinations of OpenSSL/Libgrypt, 32-bit/64-bit,
GCC/Clang, shared/static, with/without zlib.
(Continue reading)

Niels Larsen | 4 Dec 20:36 2014
Picon

gcc -V causes ubuntu 14.04 compile failure?

Libssh2 people,

On stock Ubuntu 14.04 (Linux 64 bit) I get:

~/BION/Software/Package_sources/Utilities/libssh2-1.4.3> ./configure 
checking whether to enable maintainer-specific portions of Makefiles...
no
checking for sed... /bin/sed
checking for a BSD-compatible
install... /home/bion/BION/Software/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir
-p... /home/bion/BION/Software/bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking libssh2 version... 1.4.3
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
configure: autobuild project... libssh2
configure: autobuild revision... 1.4.3
configure: autobuild hostname... bion-VirtualBox
configure: autobuild timestamp... 20141204-202652
checking for style of include used by make... GNU
checking for gcc... gcc
checking whether the C compiler works... no
configure: error: in
`/home/bion/BION/Software/Package_sources/Utilities/libssh2-1.4.3':
configure: error: C compiler cannot create executables
See `config.log' for more details
(Continue reading)

libssh2 Trac | 3 Dec 20:18 2014
Picon

#290: segfault in diffie_hellman_sha1

#290: segfault in diffie_hellman_sha1
--------------------+--------------------
 Reporter:  mstrsn  |       Owner:
     Type:  defect  |      Status:  new
 Priority:  normal  |   Milestone:  1.4.3
Component:  crypto  |     Version:  1.4.2
 Keywords:          |  Blocked By:
   Blocks:          |
--------------------+--------------------
 If an application happens to call the OpenSSL routine EVP_cleanup, then
 libssh2 will generate a segfault at the call to libssh2_sh1_update at line
 249 in kex.c. Of course, the application should not call EVP_cleanup
 prematurely, but to avoid crashes in your library, I suggest you guard
 against this possibility in a manner similar to your guard around the call
 to libssh2_md5_update at line 222 in kex.c.

--

-- 
Ticket URL: <https://trac.libssh2.org/ticket/290>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
libssh2 Trac | 3 Dec 20:17 2014
Picon

#289: Configure check for EVP_aes_128_ctr does not work properly

#289: Configure check for EVP_aes_128_ctr does not work properly
--------------------------------------+--------------------
 Reporter:  maurerpe                  |       Owner:
     Type:  defect                    |      Status:  new
 Priority:  normal                    |   Milestone:  1.4.3
Component:  misc                      |     Version:  1.4.2
 Keywords:  autoconf EVP_aes_128_ctr  |  Blocked By:
   Blocks:                            |
--------------------------------------+--------------------
 configure never detects EVP_aes_128_ctr even when it is present in
 openssl.  I have confirmed this in libssh2 1.4.3 using both openssl 1.0.1h
 and libressl 2.0.5.

 The issue seems to be the order in which libraries appear on the command
 line for the configure test.  I have a simple patch that resolves the
 issue and causes libssh2 to properly detect EVP_aes_128_ctr for both
 openssl and libressl.

 The solution is to use put the libs (-lcrypto -lssl) in the LIBS variable
 and not the LDFLAGS variable.  Patch attached.

--

-- 
Ticket URL: <https://trac.libssh2.org/ticket/289>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
libssh2 Trac | 3 Dec 20:18 2014
Picon

#291: libssh2_agent_connect always returns -39 when using in on iOS

#291: libssh2_agent_connect always returns -39 when using in on iOS
--------------------+--------------------
 Reporter:  ali312  |       Owner:
     Type:  defect  |      Status:  new
 Priority:  normal  |   Milestone:  1.4.3
Component:  API     |     Version:  1.4.2
 Keywords:          |  Blocked By:
   Blocks:          |
--------------------+--------------------
 I'm trying to use lissh2 agent in my iOS app

 I've tried several different ways, even completely copy&paste in an empty
 http://www.libssh2.org/examples/ssh2_agent.html

 And when I get to libssh2_agent_connect it always returns -39

 All other methods work good

--

-- 
Ticket URL: <https://trac.libssh2.org/ticket/291>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
libssh2 Trac | 3 Dec 20:18 2014
Picon

#292: Wrap all uses of socket with callbacks for better compatibility

#292: Wrap all uses of socket with callbacks for better compatibility
-------------------------+------------------
 Reporter:  Eschaton     |       Owner:
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:
Component:  API          |     Version:
 Keywords:               |  Blocked By:
   Blocks:               |
-------------------------+------------------
 Only a subset of the functions used on a socket/fd passed into libssh2 are
 wrapped in standard callbacks. For example, libssh2 will still invoke the
 stock select/poll and ioctl functions on a socket it's passed, to do
 things like check for I/O and control non-blocking behavior.

 This makes it between difficult and impossible to use libssh2 (without
 significant modification) over another transport, or even over a socket
 where full control can't be given to the library (such as a socket managed
 via dispatch I/O on OS X or iOS).

 If all calls on the socket used by libssh2 always went through semantic
 callback wrappers (eg "set non blocking," "set reusable" and so on, rather
 than "do an ioctl") then it would be possible to use libssh2 with an
 entirely-application-layer transport. It might also make it easier to
 abstract

--

-- 
Ticket URL: <https://trac.libssh2.org/ticket/292>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients

(Continue reading)

libssh2 Trac | 3 Dec 20:17 2014
Picon

#288: Maximum concurrent connections to uniq servers

#288: Maximum concurrent connections to uniq servers
---------------------------------+---------------------------
 Reporter:  dsyeager             |       Owner:  Scott Yeager
     Type:  defect               |      Status:  new
 Priority:  normal               |   Milestone:  1.4.3
Component:  API                  |     Version:  1.4.2
 Keywords:  Maximum Connections  |  Blocked By:
   Blocks:                       |
---------------------------------+---------------------------
 I'm developing with the latest libssh2, both the stable and daily
 versions, on Ubuntu 10.04 and 12.04.

 Is there a known maximum number of concurrent connections to unique
 servers? I am writing an event driven (non blocking) application that
 connects, using ssh, to and runs commands on N servers concurrently. If I
 limit it to 1000 concurrent connections it works good. If I raise the
 limit to 1100 or higher I get cores that look like memory overwrites with
 NULL/0's.

 I'm assuming that it is not in my framework because the same underlying
 code works good with concurrent HTTP(S) connections.

--

-- 
Ticket URL: <https://trac.libssh2.org/ticket/288>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
(Continue reading)

Keith Duncan | 2 Dec 16:34 2014

Added OS X Native Crypto Support

Hello everyone,

Similar to the WinCNG crypto backend I’ve added support for using the OS X native crypto support as a libssh2 crypto backend.


SHA1 and MD5 hashes
HMAC_SHA1 and HMAC_MD5 signatures





CCCryptorRef claims to implement AES CTR mode but returns an unimplemented error at runtime.

It looks like Nick Zitzmann also started a similar project in 2012 but discovered that there’s no public BigNum API in OS X http://lists.apple.com/archives/apple-cdsa/2012/Aug/msg00009.html

I ran in to the same issue but went ahead and used the private BigNum API he references. For this reason I’m not sure that this would be a good candidate for submitting upstream. Then again perhaps it could serve as a compelling reason for the API to be made public if it would enable OS X native SSH2 crypto.

I hope this is of interest, let me know if there’s any interest in a patch.

Cheers,
Keith

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Gmane