Don't add the tests directory to the build.

Resolves #56

CMakeLists.txt

@@ -10,9 +10,11 @@ set(APPLICATION_VERSION "0.4.0")
 
 set(APPLICATION_VERSION_MAJOR "0")
 set(APPLICATION_VERSION_MINOR "4")
-set(APPLICATION_VERSION_PATCH "0")
+set(APPLICATION_VERSION_PATCH "1")
 
-set(LIBRARY_VERSION "4.0.0")
+set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}${APPLICATION_VERSION_MINOR}${APPLICATION_VERSION_PATCH}")
+
+set(LIBRARY_VERSION "4.0.1")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -61,7 +63,6 @@ configure_file(config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h)
 add_subdirectory(doc)
 add_subdirectory(include)
 add_subdirectory(libssh)
-add_subdirectory(tests)
 
 # build samples
 include_directories(${CMAKE_SOURCE_DIR}/include)

CPackConfig.cmake

@@ -12,8 +12,8 @@ set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
 
 ### versions
 set(CPACK_PACKAGE_VERSION_MAJOR "0")
-set(CPACK_PACKAGE_VERSION_MINOR "3")
-set(CPACK_PACKAGE_VERSION_PATCH "91")
+set(CPACK_PACKAGE_VERSION_MINOR "4")
+set(CPACK_PACKAGE_VERSION_PATCH "1")
 set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
 
 

ChangeLog

@@ -1,7 +1,21 @@
 ChangeLog
 ==========
 
-version 0.4 (released xxxx-xx-xx)
+version 0.4.1 (released 2010-02-13)
+  * Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.
+  * Added an example for exec.
+  * Added private key type detection feature in privatekey_from_file().
+  * Fixed zlib compression fallback.
+  * Fixed kex bug that client preference should be prioritary
+  * Fixed known_hosts file set by the user.
+  * Fixed a memleak in channel_accept().
+  * Fixed underflow when leave_function() are unbalanced
+  * Fixed memory corruption in handle_channel_request_open().
+  * Fixed closing of a file handle case of errors in privatekey_from_file().
+  * Fixed ssh_get_user_home_dir() to be thread safe.
+  * Fixed the doxygen documentation.
+
+version 0.4.0 (released 2009-12-10)
   * Added scp support.
   * Added support for sending signals (RFC 4254, section 6.9).
   * Added MSVC support.

cmake/Modules/DefineCompilerFlags.cmake

@@ -3,27 +3,27 @@
 include(CheckCCompilerFlag)
 
 if (UNIX AND NOT WIN32)
-  if (CMAKE_COMPILER_IS_GNUCC)
+  if (${CMAKE_C_COMPILER_ID} MATCHES GNU)
     # add -Wconversion ?
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -pedantic -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute")
 
     # with -fPIC
     check_c_compiler_flag("-fPIC" WITH_FPIC)
     if (WITH_FPIC)
-      add_definitions(-fPIC)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
     endif (WITH_FPIC)
 
     check_c_compiler_flag("-fstack-protector" WITH_STACK_PROTECTOR)
     if (WITH_STACK_PROTECTOR)
-      add_definitions(-fstack-protector)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
     endif (WITH_STACK_PROTECTOR)
 
     check_c_compiler_flag("-D_FORTIFY_SOURCE=2" WITH_FORTIFY_SOURCE)
     if (WITH_FORTIFY_SOURCE)
-      add_definitions(-D_FORTIFY_SOURCE=2)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2")
     endif (WITH_FORTIFY_SOURCE)
 
-  endif (CMAKE_COMPILER_IS_GNUCC)
+  endif (${CMAKE_C_COMPILER_ID} MATCHES GNU)
 
   if (CMAKE_SIZEOF_VOID_P MATCHES "8")
    # with large file support
@@ -48,12 +48,12 @@ if (UNIX AND NOT WIN32)
  endif (CMAKE_SIZEOF_VOID_P MATCHES "8")
  if (_lfs_CFLAGS)
    string(REGEX REPLACE "[\r\n]" " " "${_lfs_CFLAGS}" "${${_lfs_CFLAGS}}")
-   add_definitions(${_lfs_CFLAGS})
+   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_lfs_CFLAGS}")
  endif (_lfs_CFLAGS)
 
 endif (UNIX AND NOT WIN32)
 
 # suppress warning about "deprecated" functions
 if (MSVC)
-  add_definitions(-D_CRT_SECURE_NO_WARNINGS)
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_CRT_SECURE_NO_WARNINGS")
 endif (MSVC)

doc/doxy.config.in

@@ -1,4 +1,4 @@
-# Doxyfile 1.5.8
+# Doxyfile 1.5.6
 
 # This file describes the settings to be used by the documentation system
 # doxygen (www.doxygen.org) for a project
@@ -57,8 +57,8 @@ CREATE_SUBDIRS         = NO
 # Croatian, Czech, Danish, Dutch, Farsi, Finnish, French, German, Greek, 
 # Hungarian, Italian, Japanese, Japanese-en (Japanese with English messages), 
 # Korean, Korean-en, Lithuanian, Norwegian, Macedonian, Persian, Polish, 
-# Portuguese, Romanian, Russian, Serbian, Serbian-Cyrilic, Slovak, Slovene, 
-# Spanish, Swedish, and Ukrainian.
+# Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish, 
+# and Ukrainian.
 
 OUTPUT_LANGUAGE        = English
 
@@ -165,6 +165,13 @@ QT_AUTOBRIEF           = NO
 
 MULTILINE_CPP_IS_BRIEF = NO
 
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen 
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member 
+# documentation.
+
+DETAILS_AT_TOP         = YES
+
 # If the INHERIT_DOCS tag is set to YES (the default) then an undocumented 
 # member inherits the documentation from any documented member that it 
 # re-implements.
@@ -217,17 +224,6 @@ OPTIMIZE_FOR_FORTRAN   = NO
 
 OPTIMIZE_OUTPUT_VHDL   = NO
 
-# Doxygen selects the parser to use depending on the extension of the files it parses. 
-# With this tag you can assign which parser to use for a given extension. 
-# Doxygen has a built-in mapping, but you can override or extend it using this tag. 
-# The format is ext=language, where ext is a file extension, and language is one of 
-# the parsers supported by doxygen: IDL, Java, Javascript, C#, C, C++, D, PHP, 
-# Objective-C, Python, Fortran, VHDL, C, C++. For instance to make doxygen treat 
-# .inc files as Fortran files (default is PHP), and .f files as C (default is Fortran), 
-# use: inc=Fortran f=C
-
-EXTENSION_MAPPING      = 
-
 # If you use STL classes (i.e. std::string, std::vector, etc.) but do not want 
 # to include (a tag file for) the STL sources as input, then you should 
 # set this tag to YES in order to let doxygen match functions declarations and 
@@ -237,7 +233,7 @@ EXTENSION_MAPPING      =
 
 BUILTIN_STL_SUPPORT    = NO
 
-# If you use Microsoft's C++/CLI language, you should set this option to YES to 
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
 # enable parsing support.
 
 CPP_CLI_SUPPORT        = NO
@@ -280,23 +276,7 @@ SUBGROUPING            = YES
 # be useful for C code in case the coding convention dictates that all compound 
 # types are typedef'ed and only the typedef is referenced, never the tag name.
 
-TYPEDEF_HIDES_STRUCT   = NO
-
-# The SYMBOL_CACHE_SIZE determines the size of the internal cache use to 
-# determine which symbols to keep in memory and which to flush to disk. 
-# When the cache is full, less often used symbols will be written to disk. 
-# For small to medium size projects (<1000 input files) the default value is 
-# probably good enough. For larger projects a too small cache size can cause 
-# doxygen to be busy swapping symbols to and from disk most of the time 
-# causing a significant performance penality. 
-# If the system has enough physical memory increasing the cache will improve the 
-# performance by keeping more symbols in memory. Note that the value works on 
-# a logarithmic scale so increasing the size by one will rougly double the 
-# memory usage. The cache size is given by this formula: 
-# 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0, 
-# corresponding to a cache size of 2^16 = 65536 symbols
-
-SYMBOL_CACHE_SIZE      = 0
+TYPEDEF_HIDES_STRUCT   = YES
 
 #---------------------------------------------------------------------------
 # Build related configuration options
@@ -425,7 +405,7 @@ SORT_GROUP_NAMES       = NO
 # sorted by fully-qualified names, including namespaces. If set to 
 # NO (the default), the class list will be sorted only by class name, 
 # not including the namespace part. 
-# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. 
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
 # Note: This option applies only to the class list, not to the 
 # alphabetical list.
 
@@ -482,15 +462,14 @@ SHOW_USED_FILES        = YES
 
 SHOW_DIRECTORIES       = NO
 
-# Set the SHOW_FILES tag to NO to disable the generation of the Files page. 
+# Set the SHOW_FILES tag to NO to disable the generation of the Files page.
 # This will remove the Files entry from the Quick Index and from the 
 # Folder Tree View (if specified). The default is YES.
 
 SHOW_FILES             = YES
 
 # Set the SHOW_NAMESPACES tag to NO to disable the generation of the 
-# Namespaces page. 
-# This will remove the Namespaces entry from the Quick Index 
+# Namespaces page.  This will remove the Namespaces entry from the Quick Index
 # and from the Folder Tree View (if specified). The default is YES.
 
 SHOW_NAMESPACES        = YES
@@ -505,15 +484,6 @@ SHOW_NAMESPACES        = YES
 
 FILE_VERSION_FILTER    = 
 
-# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed by 
-# doxygen. The layout file controls the global structure of the generated output files 
-# in an output format independent way. The create the layout file that represents 
-# doxygen's defaults, run doxygen with the -l option. You can optionally specify a 
-# file name after the option, if omitted DoxygenLayout.xml will be used as the name 
-# of the layout file.
-
-LAYOUT_FILE            = 
-
 #---------------------------------------------------------------------------
 # configuration options related to warning and progress messages
 #---------------------------------------------------------------------------
@@ -575,7 +545,8 @@ WARN_LOGFILE           = @CMAKE_CURRENT_BINARY_DIR@/doxy.log
 # with spaces.
 
 INPUT                  = @CMAKE_SOURCE_DIR@/include \
-                         @CMAKE_SOURCE_DIR@/libssh
+                         @CMAKE_SOURCE_DIR@/libssh \
+                         @CMAKE_SOURCE_DIR@/doc
 
 # This tag can be used to specify the character encoding of the source files 
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is 
@@ -642,18 +613,15 @@ EXCLUDE_SYMBOLS        =
 # directories that contain example code fragments that are included (see 
 # the \include command).
 
-EXAMPLE_PATH           = @CMAKE_SOURCE_DIR@/tests \
-                         @CMAKE_SOURCE_DIR@
+EXAMPLE_PATH           = @CMAKE_SOURCE_DIR@/examples
 
 # If the value of the EXAMPLE_PATH tag contains directories, you can use the 
 # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp 
 # and *.h) to filter out the source-files in the directories. If left 
 # blank all files are included.
 
-EXAMPLE_PATTERNS       = *.cpp \
-                         *.cc \
+EXAMPLE_PATTERNS       = *.c \
                          *.h \
-                         *.hh \
                          INSTALL \
                          DEPENDENCIES \
                          CHANGELOG \
@@ -678,17 +646,14 @@ IMAGE_PATH             =
 # by executing (via popen()) the command <filter> <input-file>, where <filter> 
 # is the value of the INPUT_FILTER tag, and <input-file> is the name of an 
 # input file. Doxygen will then use the output that the filter program writes 
-# to standard output. 
-# If FILTER_PATTERNS is specified, this tag will be 
+# to standard output.  If FILTER_PATTERNS is specified, this tag will be 
 # ignored.
 
 INPUT_FILTER           = 
 
 # The FILTER_PATTERNS tag can be used to specify filters on a per file pattern 
-# basis. 
-# Doxygen will compare the file name with each pattern and apply the 
-# filter if there is a match. 
-# The filters are a list of the form: 
+# basis.  Doxygen will compare the file name with each pattern and apply the 
+# filter if there is a match.  The filters are a list of the form: 
 # pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further 
 # info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER 
 # is applied to all files.
@@ -735,11 +700,10 @@ REFERENCED_BY_RELATION = YES
 
 REFERENCES_RELATION    = YES
 
-# If the REFERENCES_LINK_SOURCE tag is set to YES (the default) 
-# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from 
-# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will 
-# link to the source code. 
-# Otherwise they will link to the documentation.
+# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
+# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
+# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
+# link to the source code.  Otherwise they will link to the documentstion.
 
 REFERENCES_LINK_SOURCE = YES
 
@@ -828,13 +792,12 @@ HTML_STYLESHEET        =
 
 HTML_ALIGN_MEMBERS     = YES
 
-# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML 
-# documentation will contain sections that can be hidden and shown after the 
-# page has loaded. For this to work a browser that supports 
-# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox 
-# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files 
+# will be generated that can be used as input for tools like the 
+# Microsoft HTML help workshop to generate a compiled HTML help file (.chm) 
+# of the generated HTML documentation.
 
-HTML_DYNAMIC_SECTIONS  = NO
+GENERATE_HTMLHELP      = NO
 
 # If the GENERATE_DOCSET tag is set to YES, additional index files 
 # will be generated that can be used as input for Apple's Xcode 3 
@@ -843,8 +806,7 @@ HTML_DYNAMIC_SECTIONS  = NO
 # HTML output directory. Running make will produce the docset in that 
 # directory and running "make install" will install the docset in 
 # ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find 
-# it at startup. 
-# See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html for more information.
+# it at startup.
 
 GENERATE_DOCSET        = NO
 
@@ -862,12 +824,13 @@ DOCSET_FEEDNAME        = "Doxygen generated docs"
 
 DOCSET_BUNDLE_ID       = org.doxygen.Project
 
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files 
-# will be generated that can be used as input for tools like the 
-# Microsoft HTML help workshop to generate a compiled HTML help file (.chm) 
-# of the generated HTML documentation.
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML 
+# documentation will contain sections that can be hidden and shown after the 
+# page has loaded. For this to work a browser that supports 
+# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox 
+# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
 
-GENERATE_HTMLHELP      = NO
+HTML_DYNAMIC_SECTIONS  = NO
 
 # If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can 
 # be used to specify the file name of the resulting .chm file. You 
@@ -889,8 +852,8 @@ HHC_LOCATION           =
 
 GENERATE_CHI           = NO
 
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING 
-# is used to encode HtmlHelp index (hhk), content (hhc) and project file 
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING
+# is used to encode HtmlHelp index (hhk), content (hhc) and project file
 # content.
 
 CHM_INDEX_ENCODING     = 
@@ -906,55 +869,6 @@ BINARY_TOC             = NO
 
 TOC_EXPAND             = NO
 
-# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and QHP_VIRTUAL_FOLDER 
-# are set, an additional index file will be generated that can be used as input for 
-# Qt's qhelpgenerator to generate a Qt Compressed Help (.qch) of the generated 
-# HTML documentation.
-
-GENERATE_QHP           = NO
-
-# If the QHG_LOCATION tag is specified, the QCH_FILE tag can 
-# be used to specify the file name of the resulting .qch file. 
-# The path specified is relative to the HTML output folder.
-
-QCH_FILE               = 
-
-# The QHP_NAMESPACE tag specifies the namespace to use when generating 
-# Qt Help Project output. For more information please see 
-# http://doc.trolltech.com/qthelpproject.html#namespace
-
-QHP_NAMESPACE          = 
-
-# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating 
-# Qt Help Project output. For more information please see 
-# http://doc.trolltech.com/qthelpproject.html#virtual-folders
-
-QHP_VIRTUAL_FOLDER     = doc
-
-# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to add. 
-# For more information please see 
-# http://doc.trolltech.com/qthelpproject.html#custom-filters
-
-QHP_CUST_FILTER_NAME   = 
-
-# The QHP_CUST_FILT_ATTRS tag specifies the list of the attributes of the custom filter to add.For more information please see 
-# <a href="http://doc.trolltech.com/qthelpproject.html#custom-filters">Qt Help Project / Custom Filters</a>.
-
-QHP_CUST_FILTER_ATTRS  = 
-
-# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this project's 
-# filter section matches. 
-# <a href="http://doc.trolltech.com/qthelpproject.html#filter-attributes">Qt Help Project / Filter Attributes</a>.
-
-QHP_SECT_FILTER_ATTRS  = 
-
-# If the GENERATE_QHP tag is set to YES, the QHG_LOCATION tag can 
-# be used to specify the location of Qt's qhelpgenerator. 
-# If non-empty doxygen will try to run qhelpgenerator on the generated 
-# .qhp file.
-
-QHG_LOCATION           = 
-
 # The DISABLE_INDEX tag can be used to turn on/off the condensed index at 
 # top of each HTML page. The value NO (the default) enables the index and 
 # the value YES disables it.
@@ -966,19 +880,19 @@ DISABLE_INDEX          = NO
 
 ENUM_VALUES_PER_LINE   = 4
 
-# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index 
-# structure should be generated to display hierarchical information. 
-# If the tag value is set to FRAME, a side panel will be generated 
+# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
+# structure should be generated to display hierarchical information.
+# If the tag value is set to FRAME, a side panel will be generated
 # containing a tree-like index structure (just like the one that 
 # is generated for HTML Help). For this to work a browser that supports 
 # JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, 
 # Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are 
 # probably better off using the HTML help feature. Other possible values 
-# for this tag are: HIERARCHIES, which will generate the Groups, Directories, 
-# and Class Hierarchy pages using a tree view instead of an ordered list; 
-# ALL, which combines the behavior of FRAME and HIERARCHIES; and NONE, which 
-# disables this behavior completely. For backwards compatibility with previous 
-# releases of Doxygen, the values YES and NO are equivalent to FRAME and NONE 
+# for this tag are: HIERARCHIES, which will generate the Groups, Directories,
+# and Class Hiererachy pages using a tree view instead of an ordered list;
+# ALL, which combines the behavior of FRAME and HIERARCHIES; and NONE, which
+# disables this behavior completely. For backwards compatibility with previous
+# releases of Doxygen, the values YES and NO are equivalent to FRAME and NONE
 # respectively.
 
 GENERATE_TREEVIEW      = NO
@@ -1209,10 +1123,8 @@ GENERATE_PERLMOD       = NO
 PERLMOD_LATEX          = NO
 
 # If the PERLMOD_PRETTY tag is set to YES the Perl module output will be 
-# nicely formatted so it can be parsed by a human reader. 
-# This is useful 
-# if you want to understand what is going on. 
-# On the other hand, if this 
+# nicely formatted so it can be parsed by a human reader.  This is useful 
+# if you want to understand what is going on.  On the other hand, if this 
 # tag is set to NO the size of the Perl module output will be much smaller 
 # and Perl will parse it just the same.
 
@@ -1299,16 +1211,14 @@ SKIP_FUNCTION_MACROS   = YES
 # Optionally an initial location of the external documentation 
 # can be added for each tagfile. The format of a tag file without 
 # this location is as follows: 
-#  
-# TAGFILES = file1 file2 ... 
+#   TAGFILES = file1 file2 ... 
 # Adding location for the tag files is done as follows: 
-#  
-# TAGFILES = file1=loc1 "file2 = loc2" ... 
+#   TAGFILES = file1=loc1 "file2 = loc2" ... 
 # where "loc1" and "loc2" can be relative or absolute paths or 
 # URLs. If a location is present for each tag, the installdox tool 
-# does not have to be run to correct the links. 
-# Note that each tag file must have a unique name 
-# (where the name does NOT include the path) 
+# does not have to be run to correct the links.
+# Note that each tag file must have a unique name
+# (where the name does NOT include the path)
 # If a tag file is not located in the directory in which doxygen 
 # is run, you must also specify the path to the tagfile here.
 
@@ -1382,11 +1292,6 @@ HAVE_DOT               = @DOXYGEN_DOT_FOUND@
 
 DOT_FONTNAME           = FreeSans
 
-# The DOT_FONTSIZE tag can be used to set the size of the font of dot graphs. 
-# The default size is 10pt.
-
-DOT_FONTSIZE           = 10
-
 # By default doxygen will tell dot to use the output directory to look for the 
 # FreeSans.ttf font (which doxygen will put there itself). If you specify a 
 # different font using DOT_FONTNAME you can set the path where dot 
@@ -1429,7 +1334,7 @@ TEMPLATE_RELATIONS     = YES
 # file showing the direct and indirect include dependencies of the file with 
 # other documented files.
 
-INCLUDE_GRAPH          = YES
+INCLUDE_GRAPH          = NO
 
 # If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and 
 # HAVE_DOT tags are set to YES then doxygen will generate a graph for each 
@@ -1444,7 +1349,7 @@ INCLUDED_BY_GRAPH      = YES
 # the time of a run. So in most cases it will be better to enable call graphs 
 # for selected functions only using the \callgraph command.
 
-CALL_GRAPH             = YES
+CALL_GRAPH             = NO
 
 # If the CALLER_GRAPH and HAVE_DOT tags are set to YES then 
 # doxygen will generate a caller dependency graph for every global function 
@@ -1452,7 +1357,7 @@ CALL_GRAPH             = YES
 # the time of a run. So in most cases it will be better to enable caller 
 # graphs for selected functions only using the \callergraph command.
 
-CALLER_GRAPH           = YES
+CALLER_GRAPH           = NO
 
 # If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen 
 # will graphical hierarchy of all classes instead of a textual one.
@@ -1461,13 +1366,13 @@ GRAPHICAL_HIERARCHY    = YES
 
 # If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES 
 # then doxygen will show the dependencies a directory has on other directories 
-# in a graphical way. The dependency relations are determined by the #include 
+# in a graphical way. The dependency relations are determined by the #include
 # relations between the files in the directories.
 
 DIRECTORY_GRAPH        = YES
 
 # The DOT_IMAGE_FORMAT tag can be used to set the image format of the images 
-# generated by dot. Possible values are png, jpg, or gif 
+# generated by dot. Possible values are png, jpg, or gif
 # If left blank png will be used.
 
 DOT_IMAGE_FORMAT       = png
@@ -1504,10 +1409,10 @@ DOT_GRAPH_MAX_NODES    = 50
 MAX_DOT_GRAPH_DEPTH    = 0
 
 # Set the DOT_TRANSPARENT tag to YES to generate images with a transparent 
-# background. This is disabled by default, because dot on Windows does not 
-# seem to support this out of the box. Warning: Depending on the platform used, 
-# enabling this option may lead to badly anti-aliased labels on the edges of 
-# a graph (i.e. they become hard to read).
+# background. This is enabled by default, which results in a transparent 
+# background. Warning: Depending on the platform used, enabling this option 
+# may lead to badly anti-aliased labels on the edges of a graph (i.e. they 
+# become hard to read).
 
 DOT_TRANSPARENT        = NO
 
@@ -1531,7 +1436,7 @@ GENERATE_LEGEND        = YES
 DOT_CLEANUP            = YES
 
 #---------------------------------------------------------------------------
-# Options related to the search engine
+# Configuration::additions related to the search engine   
 #---------------------------------------------------------------------------
 
 # The SEARCHENGINE tag specifies whether or not a search engine should be 

doc/mainpage.dox

@@ -0,0 +1,12 @@
+/**
+ * @mainpage
+ * This manual documents the libssh C API.
+ *
+ * There are several other places to look for libssh information, such as the
+ * <a href="http://dev.libssh.org/wiki/Tutorial" target="_blank">tutorial</a>
+ * and the specification; those can be found at the <a
+ * href="http://www.libssh.org/" target="_blank">libssh website</a>.
+ *
+ * To be continued...
+ */
+

examples/CMakeLists.txt

@@ -14,10 +14,12 @@ include_directories(
 add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
 add_executable(scp_download scp_download.c ${examples_SRCS})
 add_executable(samplessh sample.c ${examples_SRCS})
+add_executable(exec exec.c ${examples_SRCS})
 
 target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
 target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
 target_link_libraries(samplessh ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
 
 include_directories(
   ${LIBSSH_PUBLIC_INCLUDE_DIRS}

examples/exec.c

@@ -0,0 +1,67 @@
+/* simple exec example */
+#include <stdio.h>
+
+#include <libssh/libssh.h>
+#include "examples_common.h"
+
+int main(void) {
+  ssh_session session;
+  ssh_channel channel;
+  ssh_buffer buf;
+  int rc;
+
+  session = connect_ssh("localhost", NULL, 0);
+  if (session == NULL) {
+    return 1;
+  }
+
+  channel = channel_new(session);;
+  if (channel == NULL) {
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_open_session(channel);
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_request_exec(channel, "ps aux");
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+
+  if (channel_is_open(channel)) {
+    while (channel_poll(channel, 0) >= 0) {
+      buf = buffer_new();
+      rc = channel_read_buffer(channel, buf, 0, 0);
+      if (rc < 0) {
+        buffer_free(buf);
+        channel_close(channel);
+        ssh_disconnect(session);
+        ssh_finalize();
+        return 1;
+      }
+
+      printf("%s\n", (char *) buffer_get(buf));
+
+      buffer_free(buf);
+    }
+  }
+
+  channel_send_eof(channel);
+  channel_close(channel);
+
+  ssh_disconnect(session);
+  ssh_finalize();
+
+  return 0;
+}

include/libssh/CMakeLists.txt

@@ -3,7 +3,6 @@ project(libssh-headers C)
 set(libssh_HDRS
   callbacks.h
   libssh.h
-  crypto.h
   ssh2.h
 )
 

include/libssh/buffer.h

@@ -22,8 +22,7 @@
 #ifndef BUFFER_H_
 #define BUFFER_H_
 
-/** Describes a buffer state at a moment
- */
+/* Describes a buffer state */
 struct ssh_buffer_struct {
     char *data;
     uint32_t used;

include/libssh/libssh.h

@@ -50,6 +50,7 @@
 
 #ifdef _MSC_VER
   /* Visual Studio hasn't inttypes.h so it doesn't know uint32_t */
+  typedef int int32_t;
   typedef unsigned int uint32_t;
   typedef unsigned short uint16_t;
   typedef unsigned char uint8_t;
@@ -78,7 +79,7 @@
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  4
-#define LIBSSH_VERSION_MICRO  0
+#define LIBSSH_VERSION_MICRO  1
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \

include/libssh/pcap.h

@@ -7,7 +7,7 @@
 #ifdef WITH_PCAP
 typedef struct ssh_pcap_context_struct* ssh_pcap_context;
 
-int ssh_pcap_file_write_packet(ssh_pcap_file pcap, ssh_buffer packet, u_int32_t original_len);
+int ssh_pcap_file_write_packet(ssh_pcap_file pcap, ssh_buffer packet, uint32_t original_len);
 
 ssh_pcap_context ssh_pcap_context_new(ssh_session session);
 void ssh_pcap_context_free(ssh_pcap_context ctx);
@@ -18,7 +18,7 @@ enum ssh_pcap_direction{
 };
 void ssh_pcap_context_set_file(ssh_pcap_context, ssh_pcap_file);
 int ssh_pcap_context_write(ssh_pcap_context,enum ssh_pcap_direction direction, void *data,
-		u_int32_t len, u_int32_t origlen);
+		uint32_t len, uint32_t origlen);
 
 
 #endif /* WITH_PCAP */

include/libssh/priv.h

@@ -77,7 +77,7 @@ typedef struct kex_struct {
 
 struct error_struct {
 /* error handling */
-    int error_code;
+    unsigned int error_code;
     char error_buffer[ERROR_BUFFERLEN];
 };
 
@@ -185,6 +185,11 @@ int match_hostname(const char *host, const char *pattern, unsigned int len);
 
 /* log.c */
 
+/* misc.c */
+#ifdef _WIN32
+int gettimeofday(struct timeval *__p, void *__t);
+#endif /* _WIN32 */
+
 #ifndef __FUNCTION__
 #if defined(__SUNPRO_C)
 #define __FUNCTION__ __func__

libssh/channels.c

@@ -1359,6 +1359,7 @@ static ssh_channel channel_accept(ssh_session session, int channeltype,
   };
 #endif
   ssh_message msg = NULL;
+  ssh_channel channel = NULL;
   struct ssh_iterator *iterator;
   int t;
 
@@ -1373,7 +1374,9 @@ static ssh_channel channel_accept(ssh_session session, int channeltype,
         if (ssh_message_type(msg) == SSH_REQUEST_CHANNEL_OPEN &&
             ssh_message_subtype(msg) == channeltype) {
           ssh_list_remove(session->ssh_message_list, iterator);
-          return ssh_message_channel_request_open_reply_accept(msg);
+          channel = ssh_message_channel_request_open_reply_accept(msg);
+          ssh_message_free(msg);
+          return channel;
         }
         iterator = iterator->next;
       }

libssh/config.c

@@ -227,8 +227,8 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
       i = ssh_config_get_yesno(&s, -1);
       if (i >= 0 && *parsing) {
         if (i) {
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib");
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib,none");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib,none");
         } else {
           ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
           ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");

libssh/connect.c

@@ -341,7 +341,6 @@ socket_t ssh_connect_host(ssh_session session, const char *host,
       ssh_set_error(session, SSH_FATAL, "Connect failed: %s", strerror(errno));
       ssh_connect_socket_close(s);
       s = -1;
-      leave_function();
       continue;
     } else {
       /* We are connected */

libssh/kex.c

@@ -43,7 +43,7 @@
 
 #ifdef HAVE_LIBGCRYPT
 #define BLOWFISH "blowfish-cbc,"
-#define AES "aes256-cbc,aes192-cbc,aes128-cbc,"
+#define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
 #define DES "3des-cbc"
 #elif defined HAVE_LIBCRYPTO
 #ifdef HAVE_OPENSSL_BLOWFISH_H
@@ -52,7 +52,7 @@
 #define BLOWFISH ""
 #endif
 #ifdef HAVE_OPENSSL_AES_H
-#define AES "aes256-cbc,aes192-cbc,aes128-cbc,"
+#define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
 #else
 #define AES ""
 #endif
@@ -67,7 +67,7 @@
 
 const char *default_methods[] = {
   "diffie-hellman-group1-sha1",
-  "ssh-dss,ssh-rsa",
+  "ssh-rsa,ssh-dss",
   AES BLOWFISH DES,
   AES BLOWFISH DES,
   "hmac-sha1",
@@ -81,7 +81,7 @@ const char *default_methods[] = {
 
 const char *supported_methods[] = {
   "diffie-hellman-group1-sha1",
-  "ssh-dss,ssh-rsa",
+  "ssh-rsa,ssh-dss",
   AES BLOWFISH DES,
   AES BLOWFISH DES,
   "hmac-sha1",
@@ -218,19 +218,19 @@ char *ssh_find_matching(const char *in_d, const char *what_d){
       SAFE_FREE(tok_in);
     }
 
-    for(i_in=0; tok_in[i_in]; ++i_in){
-        for(i_what=0; tok_what[i_what] ; ++i_what){
-            if(!strcmp(tok_in[i_in],tok_what[i_what])){
-                /* match */            
-                ret=strdup(tok_in[i_in]);
-                /* free the tokens */
-                free(tok_in[0]);
-                free(tok_what[0]);
-                free(tok_in);
-                free(tok_what);
-                return ret;
-            }
+    for(i_what=0; tok_what[i_what] ; ++i_what){
+      for(i_in=0; tok_in[i_in]; ++i_in){
+        if(!strcmp(tok_in[i_in],tok_what[i_what])){
+          /* match */
+          ret=strdup(tok_in[i_in]);
+          /* free the tokens */
+          free(tok_in[0]);
+          free(tok_what[0]);
+          free(tok_in);
+          free(tok_what);
+          return ret;
         }
+      }
     }
     free(tok_in[0]);
     free(tok_what[0]);

libssh/keyfiles.c

@@ -59,15 +59,15 @@
 #endif /* HAVE_LIBCRYPTO */
 
 #define MAXLINESIZE 80
+#define RSA_HEADER_BEGIN "-----BEGIN RSA PRIVATE KEY-----"
+#define RSA_HEADER_END "-----END RSA PRIVATE KEY-----"
+#define DSA_HEADER_BEGIN "-----BEGIN DSA PRIVATE KEY-----"
+#define DSA_HEADER_END "-----END DSA PRIVATE KEY-----"
 
 #ifdef HAVE_LIBGCRYPT
 
 #define MAX_KEY_SIZE 32
 #define MAX_PASSPHRASE_SIZE 1024
-#define RSA_HEADER_BEGIN "-----BEGIN RSA PRIVATE KEY-----"
-#define RSA_HEADER_END "-----END RSA PRIVATE KEY-----"
-#define DSA_HEADER_BEGIN "-----BEGIN DSA PRIVATE KEY-----"
-#define DSA_HEADER_END "-----END DSA PRIVATE KEY-----"
 #define ASN1_INTEGER 2
 #define ASN1_SEQUENCE 48
 #define PKCS5_SALT_LEN 8
@@ -611,6 +611,22 @@ static int pem_get_password(char *buf, int size, int rwflag, void *userdata) {
 }
 #endif /* HAVE_LIBCRYPTO */
 
+static int privatekey_type_from_file(FILE *fp) {
+  char buffer[MAXLINESIZE] = {0};
+
+  if (!fgets(buffer, MAXLINESIZE, fp)) {
+    return 0;
+  }
+  fseek(fp, 0, SEEK_SET);
+  if (strncmp(buffer, DSA_HEADER_BEGIN, strlen(DSA_HEADER_BEGIN)) == 0) {
+    return TYPE_DSS;
+  }
+  if (strncmp(buffer, RSA_HEADER_BEGIN, strlen(RSA_HEADER_BEGIN)) == 0) {
+    return TYPE_RSA;
+  }
+  return 0;
+}
+
 /** \addtogroup ssh_auth
  * @{
  */
@@ -618,7 +634,7 @@ static int pem_get_password(char *buf, int size, int rwflag, void *userdata) {
 /** \brief Reads a SSH private key from a file
  * \param session SSH Session
  * \param filename Filename containing the private key
- * \param type Type of the private key. One of TYPE_DSS or TYPE_RSA.
+ * \param type Type of the private key. One of TYPE_DSS or TYPE_RSA. Pass 0 to automatically detect the type.
  * \param passphrase Passphrase to decrypt the private key. Set to null if none is needed or it is unknown.
  * \returns a PRIVATE_KEY object containing the private key, or NULL if it failed.
  * \see privatekey_free()
@@ -649,6 +665,15 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
   ssh_log(session, SSH_LOG_RARE, "Trying to read %s, passphase=%s, authcb=%s",
       filename, passphrase ? "true" : "false",
       session->callbacks && session->callbacks->auth_function ? "true" : "false");
+
+  if (type == 0) {
+    type = privatekey_type_from_file(file);
+    if (type == 0) {
+      fclose(file);
+      ssh_set_error(session, SSH_FATAL, "Invalid private key file.");
+      return NULL;
+    }
+  }
   switch (type) {
     case TYPE_DSS:
       if (passphrase == NULL) {
@@ -731,6 +756,7 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
       }
       break;
     default:
+      fclose(file);
       ssh_set_error(session, SSH_FATAL, "Invalid private key type %d", type);
       return NULL;
   } /* switch */
@@ -1474,9 +1500,11 @@ int ssh_write_knownhost(ssh_session session) {
   char *dir;
   size_t len = 0;
 
-  if (ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, NULL) < 0) {
-    ssh_set_error(session, SSH_FATAL, "Cannot find known_hosts file.");
-    return -1;
+  if (session->knownhosts == NULL) {
+    if (ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, NULL) < 0) {
+      ssh_set_error(session, SSH_FATAL, "Can't find a known_hosts file");
+      return -1;
+    }
   }
 
   if (session->host == NULL) {

libssh/messages.c

@@ -319,7 +319,6 @@ static ssh_message handle_channel_request_open(ssh_session session) {
 
   ssh_log(session, SSH_LOG_PACKET,
       "Clients wants to open a %s channel", type_c);
-  string_free(type);
 
   buffer_get_u32(session->in_buffer, &sender);
   buffer_get_u32(session->in_buffer, &window);
@@ -331,6 +330,7 @@ static ssh_message handle_channel_request_open(ssh_session session) {
 
   if (strcmp(type_c,"session") == 0) {
     msg->channel_request_open.type = SSH_CHANNEL_SESSION;
+    string_free(type);
     SAFE_FREE(type_c);
     leave_function();
     return msg;
@@ -370,6 +370,7 @@ static ssh_message handle_channel_request_open(ssh_session session) {
     msg->channel_request_open.originator_port = ntohl(originator_port);
 
     msg->channel_request_open.type = SSH_CHANNEL_DIRECT_TCPIP;
+    string_free(type);
     SAFE_FREE(type_c);
     leave_function();
     return msg;
@@ -409,6 +410,7 @@ static ssh_message handle_channel_request_open(ssh_session session) {
     msg->channel_request_open.originator_port = ntohl(originator_port);
 
     msg->channel_request_open.type = SSH_CHANNEL_FORWARDED_TCPIP;
+    string_free(type);
     SAFE_FREE(type_c);
     leave_function();
     return msg;
@@ -432,12 +434,14 @@ static ssh_message handle_channel_request_open(ssh_session session) {
     msg->channel_request_open.originator_port = ntohl(originator_port);
 
     msg->channel_request_open.type = SSH_CHANNEL_X11;
+    string_free(type);
     SAFE_FREE(type_c);
     leave_function();
     return msg;
   }
 
   msg->channel_request_open.type = SSH_CHANNEL_UNKNOWN;
+  string_free(type);
   SAFE_FREE(type_c);
 
   leave_function();

libssh/misc.c

@@ -38,6 +38,8 @@
 #include <shlobj.h>
 #include <direct.h>
 #else
+/* This is needed for a standard getpwuid_r on opensolaris */
+#define _POSIX_PTHREAD_SEMANTICS
 #include <pwd.h>
 #include <arpa/inet.h>
 #endif
@@ -87,25 +89,48 @@ char *ssh_get_user_home_dir(void) {
   return NULL;
 }
 
- /* we have read access on file */
- int ssh_file_readaccess_ok(const char *file) {
+/* we have read access on file */
+int ssh_file_readaccess_ok(const char *file) {
   if (_access(file, 4) < 0) {
     return 0;
   }
 
   return 1;
 }
+
+#define SSH_USEC_IN_SEC         1000000LL
+#define SSH_SECONDS_SINCE_1601  11644473600LL
+
+int gettimeofday(struct timeval *__p, void *__t) {
+  union {
+    unsigned long long ns100; /* time since 1 Jan 1601 in 100ns units */
+    FILETIME ft;
+  } now;
+
+  GetSystemTimeAsFileTime (&now.ft);
+  __p->tv_usec = (long) ((now.ns100 / 10LL) % SSH_USEC_IN_SEC);
+  __p->tv_sec  = (long)(((now.ns100 / 10LL ) / SSH_USEC_IN_SEC) - SSH_SECONDS_SINCE_1601);
+
+  return (0);
+}
 #else /* _WIN32 */
+#ifndef NSS_BUFLEN_PASSWD
+#define NSS_BUFLEN_PASSWD 4096
+#endif
+
 char *ssh_get_user_home_dir(void) {
   char *szPath = NULL;
-  struct passwd *pwd = NULL;
+  struct passwd pwd;
+  struct passwd *pwdbuf;
+  char buf[NSS_BUFLEN_PASSWD];
+  int rc;
 
-  pwd = getpwuid(getuid());
-  if (pwd == NULL) {
+  rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
+  if (rc != 0) {
     return NULL;
   }
 
-  szPath = strdup(pwd->pw_dir);
+  szPath = strdup(pwd.pw_dir);
 
   return szPath;
 }

libssh/options.c

@@ -39,15 +39,22 @@
 #include "libssh/server.h"
 #endif
 
+/**
+ * @addtogroup ssh_session
+ * @{
+ */
+
 /**
  * @brief Duplicate the options of a session structure.
  *
  * If you make several sessions with the same options this is useful. You
  * cannot use twice the same option structure in ssh_session_connect.
  *
- * @param opt           Option structure to copy.
+ * @param src           The session to use to copy the options.
  *
- * @returns New copied option structure, NULL on error.
+ * @param dest          The session to copy the options to.
+ *
+ * @returns             0 on sucess, -1 on error with errno set.
  *
  * @see ssh_session_connect()
  */
@@ -219,140 +226,143 @@ char *dir_expand_dup(ssh_session session, const char *value, int allowsshdir) {
  * @param  type         The option type to set. This could be one of the
  *                      following:
  *
- *                      SSH_OPTIONS_HOST:
+ *                      - SSH_OPTIONS_HOST:
  *                        The hostname or ip address to connect to (string).
  *
- *                      SSH_OPTIONS_PORT:
+ *                      - SSH_OPTIONS_PORT:
  *                        The port to connect to (integer).
  *
- *                      SSH_OPTIONS_PORT_STR:
+ *                      - SSH_OPTIONS_PORT_STR:
  *                        The port to connect to (string).
  *
- *                      SSH_OPTIONS_FD:
- *                        The file descriptor to use (socket_t).
- *
+ *                      - SSH_OPTIONS_FD:
+ *                        The file descriptor to use (socket_t).\n
+ *                        \n
  *                        If you wish to open the socket yourself for a reason
  *                        or another, set the file descriptor. Don't forget to
  *                        set the hostname as the hostname is used as a key in
  *                        the known_host mechanism.
  *
- *                      SSH_OPTIONS_USER:
- *                        The username for authentication (string).
- *
+ *                      - SSH_OPTIONS_USER:
+ *                        The username for authentication (string).\n
+ *                        \n
  *                        If the value is NULL, the username is set to the
  *                        default username.
  *
- *                      SSH_OPTIONS_SSH_DIR:
- *                        Set the ssh directory (format string).
- *
+ *                      - SSH_OPTIONS_SSH_DIR:
+ *                        Set the ssh directory (format string).\n
+ *                        \n
  *                        If the value is NULL, the directory is set to the
- *                        default ssh directory.
- *
+ *                        default ssh directory.\n
+ *                        \n
  *                        The ssh directory is used for files like known_hosts
  *                        and identity (private and public key). It may include
  *                        "%s" which will be replaced by the user home
  *                        directory.
  *
- *                      SSH_OPTIONS_KNOWNHOSTS:
- *                        Set the known hosts file name (format string).
- *
+ *                      - SSH_OPTIONS_KNOWNHOSTS:
+ *                        Set the known hosts file name (format string).\n
+ *                        \n
  *                        If the value is NULL, the directory is set to the
- *                        default known hosts file, normally ~/.ssh/known_hosts.
- *
+ *                        default known hosts file, normally
+ *                        ~/.ssh/known_hosts.\n
+ *                        \n
  *                        The known hosts file is used to certify remote hosts
  *                        are genuine. It may include "%s" which will be
  *                        replaced by the user home directory.
  *
- *                      SSH_OPTIONS_IDENTITY:
- *                        Set the identity file name (format string).
- *
- *                        By default identity, id_dsa and id_rsa are checked.
- *
+ *                      - SSH_OPTIONS_IDENTITY:
+ *                        Set the identity file name (format string).\n
+ *                        \n
+ *                        By default identity, id_dsa and id_rsa are checked.\n
+ *                        \n
  *                        The identity file used authenticate with public key.
  *                        It may include "%s" which will be replaced by the
  *                        user home directory.
  *
- *                      SSH_OPTIONS_TIMEOUT:
+ *                      - SSH_OPTIONS_TIMEOUT:
  *                        Set a timeout for the connection in seconds (integer).
  *
- *                      SSH_OPTIONS_TIMEOUT_USEC:
+ *                      - SSH_OPTIONS_TIMEOUT_USEC:
  *                        Set a timeout for the connection in micro seconds
  *                        (integer).
  *
- *                      SSH_OPTIONS_SSH1:
+ *                      - SSH_OPTIONS_SSH1:
  *                        Allow or deny the connection to SSH1 servers
  *                        (integer).
  *
- *                      SSH_OPTIONS_SSH2:
+ *                      - SSH_OPTIONS_SSH2:
  *                        Allow or deny the connection to SSH2 servers
  *                        (integer).
  *
- *                      SSH_OPTIONS_LOG_VERBOSITY:
- *                        Set the session logging verbosity (integer).
- *
+ *                      - SSH_OPTIONS_LOG_VERBOSITY:
+ *                        Set the session logging verbosity (integer).\n
+ *                        \n
  *                        The verbosity of the messages. Every log smaller or
  *                        equal to verbosity will be shown.
- *                          SSH_LOG_NOLOG: No logging
- *                          SSH_LOG_RARE: Rare conditions or warnings
- *                          SSH_LOG_ENTRY: API-accessible entrypoints
- *                          SSH_LOG_PACKET: Packet id and size
- *                          SSH_LOG_FUNCTIONS: Function entering and leaving
- *
- *                      SSH_OPTIONS_LOG_VERBOSITY_STR:
- *                        Set the session logging verbosity (string).
+ *                          - SSH_LOG_NOLOG: No logging
+ *                          - SSH_LOG_RARE: Rare conditions or warnings
+ *                          - SSH_LOG_ENTRY: API-accessible entrypoints
+ *                          - SSH_LOG_PACKET: Packet id and size
+ *                          - SSH_LOG_FUNCTIONS: Function entering and leaving
  *
+ *                      - SSH_OPTIONS_LOG_VERBOSITY_STR:
+ *                        Set the session logging verbosity (string).\n
+ *                        \n
  *                        The verbosity of the messages. Every log smaller or
  *                        equal to verbosity will be shown.
- *                          SSH_LOG_NOLOG: No logging
- *                          SSH_LOG_RARE: Rare conditions or warnings
- *                          SSH_LOG_ENTRY: API-accessible entrypoints
- *                          SSH_LOG_PACKET: Packet id and size
- *                          SSH_LOG_FUNCTIONS: Function entering and leaving
- *
+ *                          - SSH_LOG_NOLOG: No logging
+ *                          - SSH_LOG_RARE: Rare conditions or warnings
+ *                          - SSH_LOG_ENTRY: API-accessible entrypoints
+ *                          - SSH_LOG_PACKET: Packet id and size
+ *                          - SSH_LOG_FUNCTIONS: Function entering and leaving
+ *                          \n
  *                          See the corresponding numbers in libssh.h.
  *
- *                      SSH_OPTTIONS_AUTH_CALLBACK:
+ *                      - SSH_OPTTIONS_AUTH_CALLBACK:
  *                        Set a callback to use your own authentication function
  *                        (function pointer).
  *
- *                      SSH_OPTTIONS_AUTH_USERDATA:
- *                        Set the user data passed to the authentication function
- *                        (generic pointer).
+ *                      - SSH_OPTTIONS_AUTH_USERDATA:
+ *                        Set the user data passed to the authentication
+ *                        function (generic pointer).
  *
- *                      SSH_OPTTIONS_LOG_CALLBACK:
+ *                      - SSH_OPTTIONS_LOG_CALLBACK:
  *                        Set a callback to use your own logging function
  *                        (function pointer).
  *
- *                      SSH_OPTTIONS_LOG_USERDATA:
+ *                      - SSH_OPTTIONS_LOG_USERDATA:
  *                        Set the user data passed to the logging function
  *                        (generic pointer).
  *
- *                      SSH_OPTTIONS_STATUS_CALLBACK:
+ *                      - SSH_OPTTIONS_STATUS_CALLBACK:
  *                        Set a callback to show connection status in realtime
- *                        (function pointer).
- *
+ *                        (function pointer).\n
+ *                        \n
+ *                        @code
  *                        fn(void *arg, float status)
- *
+ *                        @endcode
+ *                        \n
  *                        During ssh_connect(), libssh will call the callback
  *                        with status from 0.0 to 1.0.
  *
- *                      SSH_OPTTIONS_STATUS_ARG:
+ *                      - SSH_OPTTIONS_STATUS_ARG:
  *                        Set the status argument which should be passed to the
  *                        status callback (generic pointer).
  *
- *                      SSH_OPTIONS_CIPHERS_C_S:
+ *                      - SSH_OPTIONS_CIPHERS_C_S:
  *                        Set the symmetric cipher client to server (string,
  *                        comma-separated list).
  *
- *                      SSH_OPTIONS_CIPHERS_S_C:
+ *                      - SSH_OPTIONS_CIPHERS_S_C:
  *                        Set the symmetric cipher server to client (string,
  *                        comma-separated list).
  *
- *                      SSH_OPTIONS_COMPRESSION_C_S:
+ *                      - SSH_OPTIONS_COMPRESSION_C_S:
  *                        Set the compression to use for client to server
  *                        communication (string, "none" or "zlib").
  *
- *                      SSH_OPTIONS_COMPRESSION_S_C:
+ *                      - SSH_OPTIONS_COMPRESSION_S_C:
  *                        Set the compression to use for server to client
  *                        communication (string, "none" or "zlib").
  *
@@ -553,6 +563,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
 
         session->log_verbosity = *x & 0xffff;
       }
+      break;
     case SSH_OPTIONS_LOG_VERBOSITY_STR:
       if (value == NULL) {
         session->log_verbosity = 0 & 0xffff;
@@ -615,8 +626,13 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
 
   return 0;
 }
+/** @} */
 
 #ifdef WITH_SERVER
+/**
+ * @addtogroup ssh_server
+ * @{
+ */
 static int ssh_bind_options_set_algo(ssh_bind sshbind, int algo,
     const char *list) {
   if (!verify_existing_algo(algo, list)) {

libssh/pcap.c

@@ -30,8 +30,10 @@
 #ifdef WITH_PCAP
 
 #include <stdio.h>
+#ifndef _WIN32
 #include <sys/time.h>
 #include <sys/socket.h>
+#endif
 #include <errno.h>
 
 
@@ -46,13 +48,13 @@
  * Just for information.
  */
 struct pcap_hdr_s {
-	u_int32_t magic_number;   /* magic number */
-	u_int16_t version_major;  /* major version number */
-	u_int16_t version_minor;  /* minor version number */
+	uint32_t magic_number;   /* magic number */
+	uint16_t version_major;  /* major version number */
+	uint16_t version_minor;  /* minor version number */
 	int32_t   thiszone;       /* GMT to local correction */
-	u_int32_t sigfigs;        /* accuracy of timestamps */
-	u_int32_t snaplen;        /* max length of captured packets, in octets */
-	u_int32_t network;        /* data link type */
+	uint32_t sigfigs;        /* accuracy of timestamps */
+	uint32_t snaplen;        /* max length of captured packets, in octets */
+	uint32_t network;        /* data link type */
 };
 
 #define PCAP_MAGIC 0xa1b2c3d4
@@ -73,10 +75,10 @@ struct pcap_hdr_s {
  * Just for information.
  */
 struct pcaprec_hdr_s {
-	u_int32_t ts_sec;         /* timestamp seconds */
-	u_int32_t ts_usec;        /* timestamp microseconds */
-	u_int32_t incl_len;       /* number of octets of packet saved in file */
-	u_int32_t orig_len;       /* actual length of packet */
+	uint32_t ts_sec;         /* timestamp seconds */
+	uint32_t ts_usec;        /* timestamp microseconds */
+	uint32_t incl_len;       /* number of octets of packet saved in file */
+	uint32_t orig_len;       /* actual length of packet */
 };
 
 /** @private
@@ -92,12 +94,12 @@ struct ssh_pcap_context_struct {
 	/* All of these informations are useful to generate
 	 * the dummy IP and TCP packets
 	 */
-	u_int32_t ipsource;
-	u_int32_t ipdest;
-	u_int16_t portsource;
-	u_int16_t portdest;
-	u_int32_t outsequence;
-	u_int32_t insequence;
+	uint32_t ipsource;
+	uint32_t ipdest;
+	uint16_t portsource;
+	uint16_t portdest;
+	uint32_t outsequence;
+	uint32_t insequence;
 };
 
 /** @private
@@ -106,7 +108,7 @@ struct ssh_pcap_context_struct {
  */
 struct ssh_pcap_file_struct {
 	FILE *output;
-	u_int16_t ipsequence;
+	uint16_t ipsequence;
 };
 
 /**
@@ -136,7 +138,7 @@ static int ssh_pcap_file_write(ssh_pcap_file pcap, ssh_buffer packet){
  * @brief prepends a packet with the pcap header and writes packet
  * on file
  */
-int ssh_pcap_file_write_packet(ssh_pcap_file pcap, ssh_buffer packet, u_int32_t original_len){
+int ssh_pcap_file_write_packet(ssh_pcap_file pcap, ssh_buffer packet, uint32_t original_len){
 	ssh_buffer header=buffer_new();
 	struct timeval now;
 	int err;
@@ -282,7 +284,7 @@ static int ssh_pcap_context_connect(ssh_pcap_context ctx){
  * @returns SSH_ERROR an error happened.
  */
 int ssh_pcap_context_write(ssh_pcap_context ctx,enum ssh_pcap_direction direction
-		, void *data, u_int32_t len, u_int32_t origlen){
+		, void *data, uint32_t len, uint32_t origlen){
 	ssh_buffer ip;
 	int err;
 	if(ctx==NULL || ctx->file ==NULL)

libssh/server.c

@@ -278,7 +278,11 @@ void ssh_bind_free(ssh_bind sshbind){
   }
 
   if (sshbind->bindfd >= 0) {
+#ifdef _WIN32
+    closesocket(sshbind->bindfd);
+#else
     close(sshbind->bindfd);
+#endif
   }
   sshbind->bindfd = -1;
 

libssh/wrapper.c

@@ -157,29 +157,31 @@ static void blowfish_decrypt(struct crypto_struct *cipher, void *in,
 }
 
 static int aes_set_key(struct crypto_struct *cipher, void *key, void *IV) {
+  int mode=GCRY_CIPHER_MODE_CBC;
   if (cipher->key == NULL) {
     if (alloc_key(cipher) < 0) {
       return -1;
     }
-
+    if(strstr(cipher->name,"-ctr"))
+      mode=GCRY_CIPHER_MODE_CTR;
     switch (cipher->keysize) {
       case 128:
         if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES128,
-              GCRY_CIPHER_MODE_CBC, 0)) {
+              mode, 0)) {
           SAFE_FREE(cipher->key);
           return -1;
         }
         break;
       case 192:
         if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES192,
-              GCRY_CIPHER_MODE_CBC, 0)) {
+              mode, 0)) {
           SAFE_FREE(cipher->key);
           return -1;
         }
         break;
       case 256:
         if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_AES256,
-              GCRY_CIPHER_MODE_CBC, 0)) {
+              mode, 0)) {
           SAFE_FREE(cipher->key);
           return -1;
         }
@@ -189,9 +191,17 @@ static int aes_set_key(struct crypto_struct *cipher, void *key, void *IV) {
       SAFE_FREE(cipher->key);
       return -1;
     }
-    if (gcry_cipher_setiv(cipher->key[0], IV, 16)) {
-      SAFE_FREE(cipher->key);
-      return -1;
+    if(mode == GCRY_CIPHER_MODE_CBC){
+      if (gcry_cipher_setiv(cipher->key[0], IV, 16)) {
+
+        SAFE_FREE(cipher->key);
+        return -1;
+      }
+    } else {
+      if(gcry_cipher_setctr(cipher->key[0],IV,16)){
+        SAFE_FREE(cipher->key);
+        return -1;
+      }
     }
   }
 
@@ -319,6 +329,39 @@ static struct crypto_struct ssh_ciphertab[] = {
     .cbc_encrypt     = blowfish_encrypt,
     .cbc_decrypt     = blowfish_decrypt
   },
+  {
+    .name            = "aes128-ctr",
+    .blocksize       = 16,
+    .keylen          = sizeof(gcry_cipher_hd_t),
+    .key             = NULL,
+    .keysize         = 128,
+    .set_encrypt_key = aes_set_key,
+    .set_decrypt_key = aes_set_key,
+    .cbc_encrypt     = aes_encrypt,
+    .cbc_decrypt     = aes_encrypt
+  },
+  {
+      .name            = "aes192-ctr",
+      .blocksize       = 16,
+      .keylen          = sizeof(gcry_cipher_hd_t),
+      .key             = NULL,
+      .keysize         = 192,
+      .set_encrypt_key = aes_set_key,
+      .set_decrypt_key = aes_set_key,
+      .cbc_encrypt     = aes_encrypt,
+      .cbc_decrypt     = aes_encrypt
+  },
+  {
+      .name            = "aes256-ctr",
+      .blocksize       = 16,
+      .keylen          = sizeof(gcry_cipher_hd_t),
+      .key             = NULL,
+      .keysize         = 256,
+      .set_encrypt_key = aes_set_key,
+      .set_decrypt_key = aes_set_key,
+      .cbc_encrypt     = aes_encrypt,
+      .cbc_decrypt     = aes_encrypt
+  },
   {
     .name            = "aes128-cbc",
     .blocksize       = 16,
@@ -570,6 +613,24 @@ static void aes_decrypt(struct crypto_struct *cipher, void *in, void *out,
     unsigned long len, void *IV) {
   AES_cbc_encrypt(in, out, len, cipher->key, IV, AES_DECRYPT);
 }
+
+/** @internal
+ * @brief encrypts/decrypts data with stream cipher AES_ctr128. 128 bits is actually
+ * the size of the CTR counter and incidentally the blocksize, but not the keysize.
+ * @param len[in] must be a multiple of AES128 block size.
+ */
+static void aes_ctr128_encrypt(struct crypto_struct *cipher, void *in, void *out,
+    unsigned long len, void *IV) {
+  unsigned char tmp_buffer[128/8];
+  unsigned int num=0;
+  /* Some things are special with ctr128 :
+   * In this case, tmp_buffer is not being used, because it is used to store temporary data
+   * when an encryption is made on lengths that are not multiple of blocksize.
+   * Same for num, which is being used to store the current offset in blocksize in CTR
+   * function.
+   */
+  AES_ctr128_encrypt(in, out, len, cipher->key, IV, tmp_buffer, &num);
+}
 #endif /* HAS_AES */
 
 #ifdef HAS_DES
@@ -661,6 +722,39 @@ static struct crypto_struct ssh_ciphertab[] = {
   },
 #endif /* HAS_BLOWFISH */
 #ifdef HAS_AES
+  {
+    "aes128-ctr",
+    16,
+    sizeof(AES_KEY),
+    NULL,
+    128,
+    aes_set_encrypt_key,
+    aes_set_encrypt_key,
+    aes_ctr128_encrypt,
+    aes_ctr128_encrypt
+  },
+  {
+    "aes192-ctr",
+    16,
+    sizeof(AES_KEY),
+    NULL,
+    192,
+    aes_set_encrypt_key,
+    aes_set_encrypt_key,
+    aes_ctr128_encrypt,
+    aes_ctr128_encrypt
+  },
+  {
+    "aes256-ctr",
+    16,
+    sizeof(AES_KEY),
+    NULL,
+    256,
+    aes_set_encrypt_key,
+    aes_set_encrypt_key,
+    aes_ctr128_encrypt,
+    aes_ctr128_encrypt
+  },
   {
     "aes128-cbc",
     16,