Hello community, here is the log from the commit of package libssh for openSUSE:Factory checked in at 2017-02-11 01:35:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libssh (Old) and /work/SRC/openSUSE:Factory/.libssh.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh" Changes: -------- --- /work/SRC/openSUSE:Factory/libssh/libssh.changes 2016-12-11 13:25:00.371385433 +0100 +++ /work/SRC/openSUSE:Factory/.libssh.new/libssh.changes 2017-02-11 01:35:30.425068821 +0100 @@ -1,0 +2,10 @@ +Wed Feb 8 10:43:05 UTC 2017 - [email protected] + +- Update to version 0.7.4 + * Added id_ed25519 to the default identity list + * Fixed sftp EOF packet handling + * Fixed ssh_send_banner() to confirm with RFC 4253 + * Fixed some memory leaks +- Removed patch gcc5-fixes.patch + +------------------------------------------------------------------- Old: ---- gcc5-fixes.patch libssh-0.7.2.tar.xz New: ---- libssh-0.7.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libssh.spec ++++++ --- /var/tmp/diff_new_pack.gkYYan/_old 2017-02-11 01:35:31.728884823 +0100 +++ /var/tmp/diff_new_pack.gkYYan/_new 2017-02-11 01:35:31.732884258 +0100 @@ -1,7 +1,7 @@ # # spec file for package libssh # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: libssh -Version: 0.7.2 +Version: 0.7.4 Release: 0 Summary: The SSH library License: LGPL-2.1+ @@ -26,7 +26,6 @@ # Dynamic number: https://red.libssh.org/projects/libssh/files Source0: %{name}-%{version}.tar.xz Source99: baselibs.conf -Patch0: gcc5-fixes.patch BuildRequires: cmake BuildRequires: doxygen BuildRequires: gcc-c++ @@ -79,7 +78,6 @@ %prep %setup -q -%patch0 %build %cmake \ ++++++ libssh-0.7.2.tar.xz -> libssh-0.7.4.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/CMakeLists.txt new/libssh-0.7.4/CMakeLists.txt --- old/libssh-0.7.2/CMakeLists.txt 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/CMakeLists.txt 2017-02-03 09:51:50.000000000 +0100 @@ -8,7 +8,7 @@ set(APPLICATION_VERSION_MAJOR "0") set(APPLICATION_VERSION_MINOR "7") -set(APPLICATION_VERSION_PATCH "2") +set(APPLICATION_VERSION_PATCH "4") set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}") @@ -19,7 +19,7 @@ # Increment AGE. Set REVISION to 0 # If the source code was changed, but there were no interface changes: # Increment REVISION. -set(LIBRARY_VERSION "4.4.0") +set(LIBRARY_VERSION "4.4.1") set(LIBRARY_SOVERSION "4") # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/CPackConfig.cmake new/libssh-0.7.4/CPackConfig.cmake --- old/libssh-0.7.2/CPackConfig.cmake 2015-09-16 08:34:58.000000000 +0200 +++ new/libssh-0.7.4/CPackConfig.cmake 2017-02-03 09:52:51.000000000 +0100 @@ -19,7 +19,7 @@ ### source generator set(CPACK_SOURCE_GENERATOR "TXZ") -set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;/obj/;tags;cscope.*") +set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;/obj*/;tags;cscope.*") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}") if (WIN32) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/ChangeLog new/libssh-0.7.4/ChangeLog --- old/libssh-0.7.2/ChangeLog 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/ChangeLog 2017-02-03 09:51:50.000000000 +0100 @@ -1,5 +1,15 @@ ChangeLog ========== +version 0.7.4 (released 2017-02-03) + * Added id_ed25519 to the default identity list + * Fixed sftp EOF packet handling + * Fixed ssh_send_banner() to confirm with RFC 4253 + * Fixed some memory leaks + +version 0.7.3 (released 2016-01-23) + * Fixed CVE-2016-0739 + * Fixed ssh-agent on big endian + * Fixed some documentation issues version 0.7.2 (released 2015-09-15) * Fixed OpenSSL detection on Windows diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/ConfigureChecks.cmake new/libssh-0.7.4/ConfigureChecks.cmake --- old/libssh-0.7.2/ConfigureChecks.cmake 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/ConfigureChecks.cmake 2017-02-03 09:51:50.000000000 +0100 @@ -1,4 +1,5 @@ include(CheckIncludeFile) +include(CheckIncludeFiles) include(CheckSymbolExists) include(CheckFunctionExists) include(CheckLibraryExists) @@ -56,6 +57,7 @@ check_include_file(sys/time.h HAVE_SYS_TIME_H) check_include_file(sys/param.h HAVE_SYS_PARAM_H) check_include_file(arpa/inet.h HAVE_ARPA_INET_H) +check_include_file(byteswap.h HAVE_BYTESWAP_H) if (WIN32) check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H) @@ -109,16 +111,21 @@ check_function_exists(isblank HAVE_ISBLANK) check_function_exists(strncpy HAVE_STRNCPY) -check_function_exists(vsnprintf HAVE_VSNPRINTF) -check_function_exists(snprintf HAVE_SNPRINTF) +check_function_exists(strtoull HAVE_STRTOULL) + +if (NOT WIN32) + check_function_exists(vsnprintf HAVE_VSNPRINTF) + check_function_exists(snprintf HAVE_SNPRINTF) +endif (NOT WIN32) if (WIN32) - check_function_exists(_strtoui64 HAVE__STRTOUI64) + check_symbol_exists(vsnprintf "stdio.h" HAVE_VSNPRINTF) + check_symbol_exists(snprintf "stdio.h" HAVE_SNPRINTF) - check_function_exists(_vsnprintf_s HAVE__VSNPRINTF_S) - check_function_exists(_vsnprintf HAVE__VSNPRINTF) - check_function_exists(_snprintf HAVE__SNPRINTF) - check_function_exists(_snprintf_s HAVE__SNPRINTF_S) + check_symbol_exists(_vsnprintf_s "stdio.h" HAVE__VSNPRINTF_S) + check_symbol_exists(_vsnprintf "stdio.h" HAVE__VSNPRINTF) + check_symbol_exists(_snprintf "stdio.h" HAVE__SNPRINTF) + check_symbol_exists(_snprintf_s "stdio.h" HAVE__SNPRINTF_S) if (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H) check_symbol_exists(ntohll winsock2.h HAVE_NTOHLL) @@ -132,6 +139,8 @@ set(CMAKE_REQUIRED_LIBRARIES) endif (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H) + check_function_exists(_strtoui64 HAVE__STRTOUI64) + set(HAVE_SELECT TRUE) else (WIN32) check_function_exists(poll HAVE_POLL) @@ -169,7 +178,6 @@ check_library_exists(util forkpty "" HAVE_LIBUTIL) check_function_exists(cfmakeraw HAVE_CFMAKERAW) - check_function_exists(strtoull HAVE_STRTOULL) check_function_exists(__strtoull HAVE___STRTOULL) endif (UNIX) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/README new/libssh-0.7.4/README --- old/libssh-0.7.2/README 2015-04-23 11:12:36.000000000 +0200 +++ new/libssh-0.7.4/README 2016-05-03 17:13:09.000000000 +0200 @@ -33,130 +33,11 @@ http://www.libssh.org -4* API Changes ! +4* Contributing -_-_-_-_-_-_-_-_-_ -Changes between 0.4 and 0.5 ---------------------------- - -We use the ssh_ prefix as namespace for every function now. There is a legacy.h -which could be used to get the old function names. - -Changes between 0.3 and 0.4 ---------------------------- - -We changed libssh to be typesafe now: - -SSH_SESSION *session -> ssh_session session -SFTP_SESSION *sftp -> sftp_session sftp -CHANNEL *channel -> ssh_channel channel -STRING *string -> ssh_string string -... - -The options structure has been removed and there is a new function. This -function can set all available options now. You can find the enum in the -header file and it is documented. Example: - -ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); - -5* Copyright policy --_-_-_-_-_-_-_-_-_-_ - -libssh is a project with distributed copyright ownership, which means we prefer -the copyright on parts of libssh to be held by individuals rather than -corporations if possible. There are historical legal reasons for this, but one -of the best ways to explain it is that it’s much easier to work with -individuals who have ownership than corporate legal departments if we ever need -to make reasonable compromises with people using and working with libssh. - -We track the ownership of every part of libssh via git, our source code control -system, so we know the provenance of every piece of code that is committed to -libssh. - -So if possible, if you’re doing libssh changes on behalf of a company who -normally owns all the work you do please get them to assign personal copyright -ownership of your changes to you as an individual, that makes things very easy -for us to work with and avoids bringing corporate legal departments into the -picture. - -If you can’t do this we can still accept patches from you owned by your -employer under a standard employment contract with corporate copyright -ownership. It just requires a simple set-up process first. - -We use a process very similar to the way things are done in the Linux Kernel -community, so it should be very easy to get a sign off from your corporate -legal department. The only changes we’ve made are to accommodate the license we -use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2. - -The process is called signing. - -How to sign your work ----------------------- - -Once you have permission to contribute to libssh from your employer, simply -email a copy of the following text from your corporate email address to: - [email protected] - --------------------------------------------------------------------------- -libssh Developer's Certificate of Origin. Version 1.0 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the appropriate - version of the GNU General Public License; or - -(b) The contribution is based upon previous work that, to the best of - my knowledge, is covered under an appropriate open source license - and I have the right under that license to submit that work with - modifications, whether created in whole or in part by me, under - the GNU General Public License, in the appropriate version; or - -(c) The contribution was provided directly to me by some other - person who certified (a) or (b) and I have not modified it. - -(d) I understand and agree that this project and the contribution are - public and that a record of the contribution (including all - metadata and personal information I submit with it, including my - sign-off) is maintained indefinitely and may be redistributed - consistent with the libssh Team's policies and the requirements of - the GNU GPL where they are relevant. - -(e) I am granting this work to this project under the terms of the - GNU Lesser General Public License as published by the - Free Software Foundation; either version 2.1 of - the License, or (at the option of the project) any later version. - -http://www.gnu.org/licenses/lgpl-2.1.html --------------------------------------------------------------------------- - -We will maintain a copy of that email as a record that you have the rights to -contribute code to libssh under the required licenses whilst working for the -company where the email came from. - -Then when sending in a patch via the normal mechanisms described above, add a -line that states: - - - Signed-off-by: Random J Developer <[email protected]> - - -using your real name and the email address you sent the original email you used -to send the libssh Developer’s Certificate of Origin to us (sorry, no -pseudonyms or anonymous contributions.) - -That’s it! Such code can then quite happily contain changes that have copyright -messages such as: - - - (c) Example Corporation. - - -and can be merged into the libssh codebase in the same way as patches from any -other individual. You don’t need to send in a copy of the libssh Developer’s -Certificate of Origin for each patch, or inside each patch. Just the sign-off -message is all that is required once we’ve received the initial email. +Please read the file 'SubmittingPatches' next to this README file. It explains +our copyright policy and how you should send patches for upstream inclusion. Have fun and happy libssh hacking! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/include/libssh/libssh.h new/libssh-0.7.4/include/libssh/libssh.h --- old/libssh-0.7.2/include/libssh/libssh.h 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/include/libssh/libssh.h 2017-02-03 09:51:50.000000000 +0100 @@ -58,6 +58,7 @@ #else /* _MSC_VER */ #include <unistd.h> #include <inttypes.h> + #include <sys/types.h> #endif /* _MSC_VER */ #ifdef _WIN32 @@ -78,7 +79,7 @@ /* libssh version */ #define LIBSSH_VERSION_MAJOR 0 #define LIBSSH_VERSION_MINOR 7 -#define LIBSSH_VERSION_MICRO 2 +#define LIBSSH_VERSION_MICRO 4 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \ LIBSSH_VERSION_MINOR, \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/include/libssh/misc.h new/libssh-0.7.4/include/libssh/misc.h --- old/libssh-0.7.2/include/libssh/misc.h 2015-04-23 11:12:36.000000000 +0200 +++ new/libssh-0.7.4/include/libssh/misc.h 2016-11-07 19:56:07.000000000 +0100 @@ -33,15 +33,6 @@ int ssh_is_ipaddr_v4(const char *str); int ssh_is_ipaddr(const char *str); -#ifndef HAVE_NTOHLL -/* macro for byte ordering */ -uint64_t ntohll(uint64_t); -#endif - -#ifndef HAVE_HTONLL -#define htonll(x) ntohll((x)) -#endif - /* list processing */ struct ssh_list { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/include/libssh/priv.h new/libssh-0.7.4/include/libssh/priv.h --- old/libssh-0.7.2/include/libssh/priv.h 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/include/libssh/priv.h 2017-02-03 09:51:50.000000000 +0100 @@ -43,6 +43,16 @@ # endif #endif /* !defined(HAVE_STRTOULL) */ +#ifdef HAVE_BYTESWAP_H +#include <byteswap.h> +#endif + +#ifndef bswap_32 +#define bswap_32(x) \ + ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >> 8) | \ + (((x) & 0x0000ff00) << 8) | (((x) & 0x000000ff) << 24)) +#endif + #ifdef _WIN32 /* Imitate define of inttypes.h */ @@ -136,10 +146,10 @@ #define ERROR_BUFFERLEN 1024 #endif #ifndef CLIENTBANNER1 -#define CLIENTBANNER1 "SSH-1.5-libssh-" SSH_STRINGIFY(LIBSSH_VERSION) +#define CLIENTBANNER1 "SSH-1.5-libssh_" SSH_STRINGIFY(LIBSSH_VERSION) #endif #ifndef CLIENTBANNER2 -#define CLIENTBANNER2 "SSH-2.0-libssh-" SSH_STRINGIFY(LIBSSH_VERSION) +#define CLIENTBANNER2 "SSH-2.0-libssh_" SSH_STRINGIFY(LIBSSH_VERSION) #endif #ifndef KBDINT_MAX_PROMPT #define KBDINT_MAX_PROMPT 256 /* more than openssh's :) */ @@ -351,5 +361,25 @@ #define CLOSE_SOCKET(s) do { if ((s) != SSH_INVALID_SOCKET) { _XCLOSESOCKET(s); (s) = SSH_INVALID_SOCKET;} } while(0) +#ifndef HAVE_HTONLL +# ifdef WORDS_BIGENDIAN +# define htonll(x) (x) +# else +# define htonll(x) \ + (((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32)) +# endif +#endif + +#ifndef HAVE_NTOHLL +# ifdef WORDS_BIGENDIAN +# define ntohll(x) (x) +# else +# define ntohll(x) \ + (((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32)) +# endif +#endif + +void ssh_agent_state_free(void *data); + #endif /* _LIBSSH_PRIV_H */ /* vim: set ts=4 sw=4 et cindent: */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/agent.c new/libssh-0.7.4/src/agent.c --- old/libssh-0.7.2/src/agent.c 2015-08-24 10:58:06.000000000 +0200 +++ new/libssh-0.7.4/src/agent.c 2017-02-03 09:51:50.000000000 +0100 @@ -382,6 +382,9 @@ ssh_buffer_free(reply); return -1; } +#ifdef WORDS_BIGENDIAN + type = bswap_32(type); +#endif SSH_LOG(SSH_LOG_WARN, "Answer type: %d, expected answer: %d", @@ -392,7 +395,7 @@ return 0; } else if (type != c2) { ssh_set_error(session, SSH_FATAL, - "Bad authentication reply message type: %d", type); + "Bad authentication reply message type: %u", type); ssh_buffer_free(reply); return -1; } @@ -507,8 +510,8 @@ ssh_buffer reply; ssh_string key_blob; ssh_string sig_blob; - int type = SSH2_AGENT_FAILURE; - int flags = 0; + unsigned int type = 0; + unsigned int flags = 0; uint32_t dlen; int rc; @@ -572,13 +575,19 @@ ssh_buffer_free(reply); return NULL; } +#ifdef WORDS_BIGENDIAN + type = bswap_32(type); +#endif if (agent_failed(type)) { SSH_LOG(SSH_LOG_WARN, "Agent reports failure in signing the key"); ssh_buffer_free(reply); return NULL; } else if (type != SSH2_AGENT_SIGN_RESPONSE) { - ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type); + ssh_set_error(session, + SSH_FATAL, + "Bad authentication response: %u", + type); ssh_buffer_free(reply); return NULL; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/auth.c new/libssh-0.7.4/src/auth.c --- old/libssh-0.7.2/src/auth.c 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/src/auth.c 2017-02-03 09:51:50.000000000 +0100 @@ -740,6 +740,15 @@ char *comment; }; +/* Internal function */ +void ssh_agent_state_free(void *data) { + struct ssh_agent_state_struct *state = data; + if (state) { + ssh_string_free_char(state->comment); + ssh_key_free(state->pubkey); + free (state); + } +} /** * @brief Try to do public key authentication with ssh agent. @@ -800,9 +809,8 @@ state->state == SSH_AGENT_STATE_PUBKEY){ rc = ssh_userauth_try_publickey(session, username, state->pubkey); if (rc == SSH_AUTH_ERROR) { - ssh_string_free_char(state->comment); - ssh_key_free(state->pubkey); - SAFE_FREE(session->agent_state); + ssh_agent_state_free (state); + session->agent_state = NULL; return rc; } else if (rc == SSH_AUTH_AGAIN) { state->state = SSH_AGENT_STATE_PUBKEY; @@ -811,6 +819,7 @@ SSH_LOG(SSH_LOG_DEBUG, "Public key of %s refused by server", state->comment); ssh_string_free_char(state->comment); + state->comment = NULL; ssh_key_free(state->pubkey); state->pubkey = ssh_agent_get_next_ident(session, &state->comment); state->state = SSH_AGENT_STATE_NONE; @@ -826,23 +835,27 @@ if (rc == SSH_AUTH_AGAIN) return rc; ssh_string_free_char(state->comment); - ssh_key_free(state->pubkey); + state->comment = NULL; if (rc == SSH_AUTH_ERROR) { - SAFE_FREE(session->agent_state); + ssh_agent_state_free (session->agent_state); + session->agent_state = NULL; return rc; } else if (rc != SSH_AUTH_SUCCESS) { SSH_LOG(SSH_LOG_INFO, "Server accepted public key but refused the signature"); + ssh_key_free(state->pubkey); state->pubkey = ssh_agent_get_next_ident(session, &state->comment); state->state = SSH_AGENT_STATE_NONE; continue; } - SAFE_FREE(session->agent_state); + ssh_agent_state_free (session->agent_state); + session->agent_state = NULL; return SSH_AUTH_SUCCESS; } } - SAFE_FREE(session->agent_state); + ssh_agent_state_free (session->agent_state); + session->agent_state = NULL; return rc; } #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/auth1.c new/libssh-0.7.4/src/auth1.c --- old/libssh-0.7.2/src/auth1.c 2015-04-23 11:12:36.000000000 +0200 +++ new/libssh-0.7.4/src/auth1.c 2017-02-03 09:51:50.000000000 +0100 @@ -23,6 +23,7 @@ #include "config.h" +#include <errno.h> #include <string.h> #include <stdlib.h> @@ -117,6 +118,7 @@ if (packet_send(session) == SSH_ERROR) { return SSH_AUTH_ERROR; } + return SSH_AUTH_AGAIN; pending: rc = wait_auth1_status(session); switch (rc){ @@ -161,12 +163,14 @@ ssh_string pwd = NULL; int rc; + if (session->pending_call_state == SSH_PENDING_CALL_AUTH_PASSWORD) { + goto pending; + } + rc = send_username(session, username); if (rc != SSH_AUTH_DENIED) { return rc; } - if (session->pending_call_state == SSH_PENDING_CALL_AUTH_PASSWORD) - goto pending; /* we trick a bit here. A known flaw in SSH1 protocol is that it's * easy to guess password sizes. * not that sure ... @@ -219,8 +223,11 @@ } pending: rc = wait_auth1_status(session); - if (rc != SSH_AUTH_AGAIN) - session->pending_call_state = SSH_PENDING_CALL_NONE; + if (rc == SSH_AUTH_ERROR && errno == EAGAIN) { + /* Nothing to do */ + } else if (rc != SSH_AUTH_AGAIN) { + session->pending_call_state = SSH_PENDING_CALL_NONE; + } return rc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/channels.c new/libssh-0.7.4/src/channels.c --- old/libssh-0.7.2/src/channels.c 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/src/channels.c 2017-02-03 09:51:50.000000000 +0100 @@ -1245,7 +1245,7 @@ return -1; } - if (channel->session->session_state == SSH_SESSION_STATE_ERROR) { + if (session->session_state == SSH_SESSION_STATE_ERROR) { return SSH_ERROR; } #ifdef WITH_SSH1 @@ -1276,7 +1276,7 @@ ssh_channel_waitwindow_termination,channel); if (rc == SSH_ERROR || !ssh_channel_waitwindow_termination(channel) || - channel->session->session_state == SSH_SESSION_STATE_ERROR || + session->session_state == SSH_SESSION_STATE_ERROR || channel->state == SSH_CHANNEL_STATE_CLOSED) goto out; continue; @@ -2689,7 +2689,7 @@ if (rc == SSH_ERROR){ return rc; } - if (channel->session->session_state == SSH_SESSION_STATE_ERROR){ + if (session->session_state == SSH_SESSION_STATE_ERROR){ return SSH_ERROR; } if (channel->remote_eof && buffer_get_rest_len(stdbuf) == 0) { @@ -2754,7 +2754,7 @@ to_read = ssh_channel_poll(channel, is_stderr); if (to_read <= 0) { - if (channel->session->session_state == SSH_SESSION_STATE_ERROR){ + if (session->session_state == SSH_SESSION_STATE_ERROR){ return SSH_ERROR; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/client.c new/libssh-0.7.4/src/client.c --- old/libssh-0.7.2/src/client.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/client.c 2017-02-03 09:51:50.000000000 +0100 @@ -90,52 +90,74 @@ * @param user is a pointer to session * @returns Number of bytes processed, or zero if the banner is not complete. */ -static int callback_receive_banner(const void *data, size_t len, void *user) { - char *buffer = (char *)data; - ssh_session session=(ssh_session) user; - char *str = NULL; - size_t i; - int ret=0; +static int callback_receive_banner(const void *data, size_t len, void *user) +{ + char *buffer = (char *)data; + ssh_session session=(ssh_session) user; + char *str = NULL; + size_t i; + int ret=0; + + if (session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED) { + ssh_set_error(session,SSH_FATAL, + "Wrong state in callback_receive_banner : %d", + session->session_state); - if(session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED){ - ssh_set_error(session,SSH_FATAL,"Wrong state in callback_receive_banner : %d",session->session_state); - - return SSH_ERROR; - } - for(i=0;i<len;++i){ + return SSH_ERROR; + } + for (i = 0; i < len; ++i) { #ifdef WITH_PCAP - if(session->pcap_ctx && buffer[i] == '\n'){ - ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_IN,buffer,i+1,i+1); - } + if (session->pcap_ctx && buffer[i] == '\n') { + ssh_pcap_context_write(session->pcap_ctx, + SSH_PCAP_DIR_IN, + buffer,i+1, + i+1); + } #endif - if(buffer[i]=='\r') { - buffer[i]='\0'; - } - if (buffer[i]=='\n') { - buffer[i] = '\0'; - str = strdup(buffer); - if (str == NULL) { - return SSH_ERROR; + if (buffer[i] == '\r') { + buffer[i] = '\0'; } - /* number of bytes read */ - ret = i + 1; - session->serverbanner = str; - session->session_state=SSH_SESSION_STATE_BANNER_RECEIVED; - SSH_LOG(SSH_LOG_PACKET,"Received banner: %s",str); - session->ssh_connection_callback(session); - - return ret; - } - if(i>127){ - /* Too big banner */ - session->session_state=SSH_SESSION_STATE_ERROR; - ssh_set_error(session,SSH_FATAL,"Receiving banner: too large banner"); + if (buffer[i] == '\n') { + int cmp; - return 0; - } - } + buffer[i] = '\0'; - return ret; + /* The server MAY send other lines of data... */ + cmp = strncmp(buffer, "SSH-", 4); + if (cmp == 0) { + str = strdup(buffer); + if (str == NULL) { + return SSH_ERROR; + } + /* number of bytes read */ + ret = i + 1; + session->serverbanner = str; + session->session_state = SSH_SESSION_STATE_BANNER_RECEIVED; + SSH_LOG(SSH_LOG_PACKET, "Received banner: %s", str); + session->ssh_connection_callback(session); + + return ret; + } else { + SSH_LOG(SSH_LOG_DEBUG, + "ssh_protocol_version_exchange: %s", + buffer); + ret = i + 1; + break; + } + } + /* According to RFC 4253 the max banner length is 255 */ + if (i > 255) { + /* Too big banner */ + session->session_state=SSH_SESSION_STATE_ERROR; + ssh_set_error(session, + SSH_FATAL, + "Receiving banner: too large banner"); + + return 0; + } + } + + return ret; } /** @internal @@ -147,46 +169,75 @@ * * @return 0 on success, < 0 on error. */ -int ssh_send_banner(ssh_session session, int server) { - const char *banner = NULL; - char buffer[128] = {0}; - int err=SSH_ERROR; - - banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2; - - if (server) { - if(session->opts.custombanner == NULL){ - session->serverbanner = strdup(banner); +int ssh_send_banner(ssh_session session, int server) +{ + const char *banner = NULL; + const char *terminator = NULL; + /* The maximum banner length is 255 for SSH2 */ + char buffer[256] = {0}; + size_t len; + int rc = SSH_ERROR; + + banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2; + terminator = session->version == 1 ? "\n" : "\r\n"; + + if (server == 1) { + if (session->opts.custombanner == NULL){ + len = strlen(banner); + session->serverbanner = strdup(banner); + if (session->serverbanner == NULL) { + goto end; + } + } else { + len = strlen(session->opts.custombanner); + session->serverbanner = malloc(len + 8 + 1); + if(session->serverbanner == NULL) { + goto end; + } + snprintf(session->serverbanner, + len + 8 + 1, + "SSH-2.0-%s", + session->opts.custombanner); + } + + snprintf(buffer, + sizeof(buffer), + "%s%s", + session->serverbanner, + terminator); } else { - session->serverbanner = malloc(strlen(session->opts.custombanner) + 9); - if(!session->serverbanner) - goto end; - strcpy(session->serverbanner, "SSH-2.0-"); - strcat(session->serverbanner, session->opts.custombanner); - } - if (session->serverbanner == NULL) { - goto end; - } - snprintf(buffer, 128, "%s\n", session->serverbanner); - } else { - session->clientbanner = strdup(banner); - if (session->clientbanner == NULL) { - goto end; + session->clientbanner = strdup(banner); + if (session->clientbanner == NULL) { + goto end; + } + + /* SSH version 1 has a banner length of 128 only */ + len = session->version == 1 ? 128 : 0; + + snprintf(buffer, + sizeof(buffer) - len, + "%s%s", + session->clientbanner, + terminator); } - snprintf(buffer, 128, "%s\n", session->clientbanner); - } - if (ssh_socket_write(session->socket, buffer, strlen(buffer)) == SSH_ERROR) { - goto end; - } + rc = ssh_socket_write(session->socket, buffer, strlen(buffer)); + if (rc == SSH_ERROR) { + goto end; + } #ifdef WITH_PCAP - if(session->pcap_ctx) - ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_OUT,buffer,strlen(buffer),strlen(buffer)); + if (session->pcap_ctx != NULL) { + ssh_pcap_context_write(session->pcap_ctx, + SSH_PCAP_DIR_OUT, + buffer, + strlen(buffer), + strlen(buffer)); + } #endif - err=SSH_OK; -end: - return err; + rc = SSH_OK; +end: + return rc; } /** @internal @@ -335,7 +386,13 @@ switch(session->session_state){ case SSH_SESSION_STATE_NONE: case SSH_SESSION_STATE_CONNECTING: + break; case SSH_SESSION_STATE_SOCKET_CONNECTED: + /* If SSHv1 is disabled, we can send the banner immedietly */ + if (session->opts.ssh1 == 0) { + ssh_set_fd_towrite(session); + ssh_send_banner(session, 0); + } break; case SSH_SESSION_STATE_BANNER_RECEIVED: if (session->serverbanner == NULL) { @@ -381,7 +438,9 @@ #endif ssh_packet_set_default_callbacks(session); session->session_state=SSH_SESSION_STATE_INITIAL_KEX; - ssh_send_banner(session, 0); + if (session->opts.ssh1 == 1) { + ssh_send_banner(session, 0); + } set_status(session, 0.5f); break; case SSH_SESSION_STATE_INITIAL_KEX: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/config.c new/libssh-0.7.4/src/config.c --- old/libssh-0.7.2/src/config.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/config.c 2017-02-03 09:51:50.000000000 +0100 @@ -218,26 +218,32 @@ opcode = ssh_config_get_opcode(keyword); switch (opcode) { - case SOC_HOST: + case SOC_HOST: { + int ok = 0; + *parsing = 0; lowerhost = (session->opts.host) ? ssh_lowercase(session->opts.host) : NULL; for (p = ssh_config_get_str_tok(&s, NULL); p != NULL && p[0] != '\0'; p = ssh_config_get_str_tok(&s, NULL)) { - char *z = ssh_path_expand_escape(session, p); - int ok; + if (ok >= 0) { + char *z = ssh_path_expand_escape(session, p); - if (z == NULL) { - z = strdup(p); - } - ok = match_hostname(lowerhost, z, strlen(z)); - if (ok) { - *parsing = 1; + if (z == NULL) { + z = strdup(p); + } + ok = match_hostname(lowerhost, z, strlen(z)); + if (ok < 0) { + *parsing = 0; + } else if (ok > 0) { + *parsing = 1; + } + free(z); } - free(z); } SAFE_FREE(lowerhost); break; + } case SOC_HOSTNAME: p = ssh_config_get_str_tok(&s, NULL); if (p && *parsing) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/dh.c new/libssh-0.7.4/src/dh.c --- old/libssh-0.7.2/src/dh.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/dh.c 2017-02-03 09:51:50.000000000 +0100 @@ -227,15 +227,21 @@ } int dh_generate_x(ssh_session session) { + int keysize; + if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { + keysize = 1023; + } else { + keysize = 2047; + } session->next_crypto->x = bignum_new(); if (session->next_crypto->x == NULL) { return -1; } #ifdef HAVE_LIBGCRYPT - bignum_rand(session->next_crypto->x, 128); + bignum_rand(session->next_crypto->x, keysize); #elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->x, 128, 0, -1); + bignum_rand(session->next_crypto->x, keysize, -1, 0); #endif /* not harder than this */ @@ -248,15 +254,21 @@ /* used by server */ int dh_generate_y(ssh_session session) { - session->next_crypto->y = bignum_new(); + int keysize; + if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { + keysize = 1023; + } else { + keysize = 2047; + } + session->next_crypto->y = bignum_new(); if (session->next_crypto->y == NULL) { return -1; } #ifdef HAVE_LIBGCRYPT - bignum_rand(session->next_crypto->y, 128); + bignum_rand(session->next_crypto->y, keysize); #elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->y, 128, 0, -1); + bignum_rand(session->next_crypto->y, keysize, -1, 0); #endif /* not harder than this */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/gssapi.c new/libssh-0.7.4/src/gssapi.c --- old/libssh-0.7.2/src/gssapi.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/gssapi.c 2017-02-03 09:51:50.000000000 +0100 @@ -129,11 +129,53 @@ #endif /* WITH_SERVER */ -static void ssh_gssapi_log_error(int verb, const char *msg, int maj_stat){ - gss_buffer_desc buffer; - OM_uint32 dummy, message_context; - gss_display_status(&dummy,maj_stat,GSS_C_GSS_CODE, GSS_C_NO_OID, &message_context, &buffer); - SSH_LOG(verb, "GSSAPI(%s): %s", msg, (const char *)buffer.value); +static void ssh_gssapi_log_error(int verb, + const char *msg, + int maj_stat, + int min_stat) +{ + gss_buffer_desc msg_maj = { + .length = 0, + }; + gss_buffer_desc msg_min = { + .length = 0, + }; + OM_uint32 dummy_maj, dummy_min; + OM_uint32 message_context = 0; + + dummy_maj = gss_display_status(&dummy_min, + maj_stat, + GSS_C_GSS_CODE, + GSS_C_NO_OID, + &message_context, + &msg_maj); + if (dummy_maj != 0) { + goto out; + } + + dummy_maj = gss_display_status(&dummy_min, + min_stat, + GSS_C_MECH_CODE, + GSS_C_NO_OID, + &message_context, + &msg_min); + if (dummy_maj != 0) { + goto out; + } + + SSH_LOG(verb, + "GSSAPI(%s): %s - %s", + msg, + (const char *)msg_maj.value, + (const char *)msg_min.value); + +out: + if (msg_maj.value) { + dummy_maj = gss_release_buffer(&dummy_min, &msg_maj); + } + if (msg_min.value) { + dummy_maj = gss_release_buffer(&dummy_min, &msg_min); + } } #ifdef WITH_SERVER @@ -212,7 +254,10 @@ (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name); if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "importing name", + maj_stat, + min_stat); return -1; } @@ -224,7 +269,10 @@ if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "error acquiring credentials %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "acquiring creds", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "acquiring creds", + maj_stat, + min_stat); ssh_auth_reply_default(session,0); return SSH_ERROR; } @@ -266,7 +314,10 @@ OM_uint32 maj_stat, min_stat; char *ptr; maj_stat = gss_display_name(&min_stat, name, &buffer, NULL); - ssh_gssapi_log_error(SSH_LOG_WARNING, "converting name", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "converting name", + maj_stat, + min_stat); ptr=malloc(buffer.length + 1); memcpy(ptr, buffer.value, buffer.length); ptr[buffer.length] = '\0'; @@ -335,14 +386,20 @@ maj_stat = gss_accept_sec_context(&min_stat, &session->gssapi->ctx, session->gssapi->server_creds, &input_token, input_bindings, &client_name, NULL /*mech_oid*/, &output_token, &ret_flags, NULL /*time*/, &session->gssapi->client_creds); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "accepting token", + maj_stat, + min_stat); ssh_string_free(token); if (client_name != GSS_C_NO_NAME){ session->gssapi->client_name = client_name; session->gssapi->canonic_user = ssh_gssapi_name_to_char(client_name); } if (GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_WARNING, "Gssapi error", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "Gssapi error", + maj_stat, + min_stat); ssh_auth_reply_default(session,0); ssh_gssapi_free(session); session->gssapi=NULL; @@ -439,8 +496,10 @@ mic_token_buf.value = ssh_string_data(mic_token); maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC", maj_stat); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC (min stat)", min_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "verifying MIC", + maj_stat, + min_stat); if (maj_stat == GSS_S_DEFECTIVE_TOKEN || GSS_ERROR(maj_stat)) { goto error; } @@ -653,8 +712,11 @@ &session->gssapi->client.server_name); if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat); - return SSH_PACKET_USED; + ssh_gssapi_log_error(SSH_LOG_WARNING, + "importing name", + maj_stat, + min_stat); + return SSH_AUTH_DENIED; } /* copy username */ @@ -759,7 +821,10 @@ 0, NULL, &input_token, NULL, &output_token, NULL, NULL); if(GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_WARNING, "Initializing gssapi context", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "Initializing gssapi context", + maj_stat, + min_stat); return SSH_PACKET_USED; } if (output_token.length != 0){ @@ -797,7 +862,10 @@ maj_stat = gss_get_mic(&min_stat,session->gssapi->ctx, GSS_C_QOP_DEFAULT, &mic_buf, &mic_token_buf); if (GSS_ERROR(maj_stat)){ ssh_buffer_free(mic_buffer); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "generating MIC", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "generating MIC", + maj_stat, + min_stat); return SSH_ERROR; } @@ -848,10 +916,16 @@ 0, NULL, &input_token, NULL, &output_token, NULL, NULL); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "accepting token", + maj_stat, + min_stat); ssh_string_free(token); if (GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "Gssapi error", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "Gssapi error", + maj_stat, + min_stat); ssh_gssapi_free(session); session->gssapi=NULL; return SSH_PACKET_USED; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/libgcrypt.c new/libssh-0.7.4/src/libgcrypt.c --- old/libssh-0.7.2/src/libgcrypt.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/libgcrypt.c 2017-02-03 09:51:50.000000000 +0100 @@ -181,7 +181,7 @@ } void ssh_mac_final(unsigned char *md, ssh_mac_ctx ctx) { - size_t len; + size_t len = 0; switch(ctx->mac_type){ case SSH_MAC_SHA1: len=SHA_DIGEST_LEN; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/misc.c new/libssh-0.7.4/src/misc.c --- old/libssh-0.7.2/src/misc.c 2015-08-21 15:58:17.000000000 +0200 +++ new/libssh-0.7.4/src/misc.c 2017-02-03 09:51:50.000000000 +0100 @@ -290,23 +290,6 @@ #endif /* _WIN32 */ -#ifndef HAVE_NTOHLL -uint64_t ntohll(uint64_t a) { -#ifdef WORDS_BIGENDIAN - return a; -#else /* WORDS_BIGENDIAN */ - return (((uint64_t)(a) << 56) | \ - (((uint64_t)(a) << 40) & 0xff000000000000ULL) | \ - (((uint64_t)(a) << 24) & 0xff0000000000ULL) | \ - (((uint64_t)(a) << 8) & 0xff00000000ULL) | \ - (((uint64_t)(a) >> 8) & 0xff000000ULL) | \ - (((uint64_t)(a) >> 24) & 0xff0000ULL) | \ - (((uint64_t)(a) >> 40) & 0xff00ULL) | \ - ((uint64_t)(a) >> 56)); -#endif /* WORDS_BIGENDIAN */ -} -#endif /* HAVE_NTOHLL */ - char *ssh_lowercase(const char* str) { char *new, *p; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/options.c new/libssh-0.7.4/src/options.c --- old/libssh-0.7.2/src/options.c 2015-08-21 15:58:18.000000000 +0200 +++ new/libssh-0.7.4/src/options.c 2017-02-03 09:51:50.000000000 +0100 @@ -332,7 +332,7 @@ * - SSH_OPTIONS_HOSTKEYS: * Set the preferred server host key types (const char *, * comma-separated list). ex: - * "ssh-rsa,ssh-dsa,ecdh-sha2-nistp256" + * "ssh-rsa,ssh-dss,ecdh-sha2-nistp256" * * - SSH_OPTIONS_COMPRESSION_C_S: * Set the compression to use for client to server @@ -1350,10 +1350,10 @@ * with verbosity less than or equal to the * logging verbosity will be shown. * - SSH_LOG_NOLOG: No logging - * - SSH_LOG_RARE: Rare conditions or warnings - * - SSH_LOG_ENTRY: API-accessible entrypoints - * - SSH_LOG_PACKET: Packet id and size - * - SSH_LOG_FUNCTIONS: Function entering and leaving + * - SSH_LOG_WARNING: Only warnings + * - SSH_LOG_PROTOCOL: High level protocol information + * - SSH_LOG_PACKET: Lower level protocol infomations, packet level + * - SSH_LOG_FUNCTIONS: Every function path * * - SSH_BIND_OPTIONS_LOG_VERBOSITY_STR: * Set the session logging verbosity via a diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/pki.c new/libssh-0.7.4/src/pki.c --- old/libssh-0.7.2/src/pki.c 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/src/pki.c 2017-02-03 09:51:50.000000000 +0100 @@ -1094,7 +1094,7 @@ * @param[out] pkey A pointer to store the newly allocated public key. You * NEED to free the key. * - * @return A public key, NULL on error. + * @return SSH_OK on success, SSH_ERROR on error. * * @see ssh_key_free() */ @@ -1584,7 +1584,7 @@ const ssh_key privkey) { struct ssh_crypto_struct *crypto; - ssh_signature sig; + ssh_signature sig = NULL; ssh_string sig_blob; int rc; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/pki_gcrypt.c new/libssh-0.7.4/src/pki_gcrypt.c --- old/libssh-0.7.2/src/pki_gcrypt.c 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/src/pki_gcrypt.c 2017-02-03 09:51:50.000000000 +0100 @@ -737,7 +737,7 @@ ssh_key pki_key_dup(const ssh_key key, int demote) { ssh_key new; - gcry_sexp_t sexp; + gcry_sexp_t sexp = NULL; gcry_error_t err; const char *tmp = NULL; size_t size; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/session.c new/libssh-0.7.4/src/session.c --- old/libssh-0.7.2/src/session.c 2015-08-21 15:58:18.000000000 +0200 +++ new/libssh-0.7.4/src/session.c 2017-02-03 09:51:50.000000000 +0100 @@ -115,6 +115,15 @@ goto err; } + id = strdup("%d/id_ed25519"); + if (id == NULL) { + goto err; + } + rc = ssh_list_append(session->opts.identity, id); + if (rc == SSH_ERROR) { + goto err; + } + #ifdef HAVE_ECC id = strdup("%d/id_ecdsa"); if (id == NULL) { @@ -261,6 +270,11 @@ ssh_list_free(session->opts.identity); } +#ifndef _WIN32 + ssh_agent_state_free (session->agent_state); +#endif + session->agent_state = NULL; + SAFE_FREE(session->auth_auto_state); SAFE_FREE(session->serverbanner); SAFE_FREE(session->clientbanner); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/sftp.c new/libssh-0.7.4/src/sftp.c --- old/libssh-0.7.2/src/sftp.c 2015-09-16 08:44:35.000000000 +0200 +++ new/libssh-0.7.4/src/sftp.c 2017-02-03 09:51:50.000000000 +0100 @@ -335,9 +335,14 @@ // read from channel until 4 bytes have been read or an error occurs s=ssh_channel_read(sftp->channel, buffer+r, 4-r, 0); if (s < 0) { - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; + } else if (s == 0) { + int is_eof; + + is_eof = ssh_channel_is_eof(sftp->channel); + if (is_eof) { + goto error; + } } else { r += s; } @@ -345,17 +350,13 @@ ssh_buffer_add_data(packet->payload, buffer, r); if (buffer_get_u32(packet->payload, &tmp) != sizeof(uint32_t)) { ssh_set_error(sftp->session, SSH_FATAL, "Short sftp packet!"); - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } r=ssh_channel_read(sftp->channel, buffer, 1, 0); if (r <= 0) { /* TODO: check if there are cases where an error needs to be set here */ - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } ssh_buffer_add_data(packet->payload, buffer, r); buffer_get_u8(packet->payload, &packet->type); @@ -372,20 +373,20 @@ if(r <= 0) { /* TODO: check if there are cases where an error needs to be set here */ - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } if (ssh_buffer_add_data(packet->payload, buffer, r) == SSH_ERROR) { - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); ssh_set_error_oom(sftp->session); - return NULL; + goto error; } size -= r; } return packet; +error: + ssh_buffer_free(packet->payload); + SAFE_FREE(packet); + return NULL; } static void sftp_set_error(sftp_session sftp, int errnum) { @@ -3076,7 +3077,10 @@ } if (msg->packet_type == SSH_FXP_ATTRS){ - return sftp_parse_attr(file->sftp, msg->payload, 0); + sftp_attributes attr = sftp_parse_attr(file->sftp, msg->payload, 0); + sftp_message_free(msg); + + return attr; } else if (msg->packet_type == SSH_FXP_STATUS) { status = parse_status_msg(msg); sftp_message_free(msg); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/sftpserver.c new/libssh-0.7.4/src/sftpserver.c --- old/libssh-0.7.2/src/sftpserver.c 2015-08-21 15:58:18.000000000 +0200 +++ new/libssh-0.7.4/src/sftpserver.c 2017-02-03 09:51:50.000000000 +0100 @@ -194,9 +194,8 @@ break; case SSH_FXP_FSTAT: rc = ssh_buffer_unpack(payload, - "Sd", - &msg->handle, - &msg->flags); + "S", + &msg->handle); if (rc != SSH_OK) { ssh_set_error_oom(session); sftp_client_message_free(msg); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/src/wrapper.c new/libssh-0.7.4/src/wrapper.c --- old/libssh-0.7.2/src/wrapper.c 2015-08-21 15:58:18.000000000 +0200 +++ new/libssh-0.7.4/src/wrapper.c 2017-02-03 09:51:50.000000000 +0100 @@ -160,6 +160,10 @@ #ifdef HAVE_ECDH SAFE_FREE(crypto->ecdh_client_pubkey); SAFE_FREE(crypto->ecdh_server_pubkey); + if(crypto->ecdh_privkey != NULL){ + EC_KEY_free(crypto->ecdh_privkey); + crypto->ecdh_privkey = NULL; + } #endif if(crypto->session_id != NULL){ memset(crypto->session_id, '\0', crypto->digest_len); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/tests/benchmarks/bench_sftp.c new/libssh-0.7.4/tests/benchmarks/bench_sftp.c --- old/libssh-0.7.2/tests/benchmarks/bench_sftp.c 2015-04-23 11:12:36.000000000 +0200 +++ new/libssh-0.7.4/tests/benchmarks/bench_sftp.c 2016-05-03 17:13:09.000000000 +0200 @@ -45,7 +45,7 @@ float ms=0.0; unsigned long total=0; sftp_session sftp; - sftp_file file; + sftp_file file = NULL; bytes = args->datasize * 1024 * 1024; sftp = sftp_new(session); @@ -101,7 +101,7 @@ float ms=0.0; unsigned long total=0; sftp_session sftp; - sftp_file file; + sftp_file file = NULL; int r; bytes = args->datasize * 1024 * 1024; @@ -163,7 +163,7 @@ float ms=0.0; unsigned long total=0; sftp_session sftp; - sftp_file file; + sftp_file file = NULL; int r,i; int warned = 0; unsigned long toread; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libssh-0.7.2/tests/keys/.ssh/authorized_keys new/libssh-0.7.4/tests/keys/.ssh/authorized_keys --- old/libssh-0.7.2/tests/keys/.ssh/authorized_keys 1970-01-01 01:00:00.000000000 +0100 +++ new/libssh-0.7.4/tests/keys/.ssh/authorized_keys 2015-09-09 11:34:54.000000000 +0200 @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz98jP4bLz1eNSFd5s2rauzUrREkRlcNt9yh9vXcRIMn19Jt35GUJQzqL5+gRVXbfFZ1qd2zYGSfva0aKclp0iA5ZT6SjGn6BGa0ksT842IAolCpErd44k0EfoC33o0yongbC/nobhbry4+APBRVDBUhzoRzpHKmLPsMT5L76BK8FAhVRC3teQ9xc7I3nO6PmoOFkziXpXs6D0taPj/YgXlpy8qN8gyl6qaen3PoFNhlC25BTpvVW4RiFfK8zouQzCd2xUaHjqQMoyZFCHIDwDqq8sCWIwyrzyTmBHgB4l5OeoNH9DXbQjo8ypg2XpMtOTz8qic448NH9dcZveIXrv [email protected]
