Bump version to 0.8.7

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>

.gitlab-ci.yml

@@ -357,5 +357,5 @@ mingw32:
     paths:
       - obj/
 
-Debian.cross.mips-linux-gnu:
+.Debian.cross.mips-linux-gnu:
   <<: *Debian_cross_template

CMakeLists.txt

@@ -10,7 +10,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules")
 include(DefineCMakeDefaults)
 include(DefineCompilerFlags)
 
-project(libssh VERSION 0.8.5 LANGUAGES C)
+project(libssh VERSION 0.8.7 LANGUAGES C)
 
 # global needed variable
 set(APPLICATION_NAME ${PROJECT_NAME})
@@ -22,7 +22,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.7.2")
+set(LIBRARY_VERSION "4.7.4")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -39,6 +39,9 @@ include(CompilerChecks.cmake)
 include(MacroEnsureOutOfSourceBuild)
 macro_ensure_out_of_source_build("${PROJECT_NAME} requires an out of source build. Please create a separate build directory and run 'cmake /path/to/${PROJECT_NAME} [options]' there.")
 
+# Copy library files to a lib sub-directory
+set(CMAKE_LIBRARY_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/lib")
+
 # search for libraries
 if (WITH_ZLIB)
     find_package(ZLIB REQUIRED)
@@ -116,11 +119,22 @@ install(
 )
 endif (UNIX)
 
-# cmake config files
+# CMake config files
+include(CMakePackageConfigHelpers)
+
 set(LIBSSH_LIBRARY_NAME ${CMAKE_SHARED_LIBRARY_PREFIX}ssh${CMAKE_SHARED_LIBRARY_SUFFIX})
 
-configure_file(${PROJECT_NAME}-config.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config.cmake @ONLY)
-configure_file(${PROJECT_NAME}-config-version.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config-version.cmake @ONLY)
+# libssh-config-version.cmake
+write_basic_package_version_file(libssh-config-version.cmake
+                                 VERSION ${PROJECT_VERSION}
+                                 COMPATIBILITY SameMajorVersion)
+
+# libssh-config.cmake
+configure_package_config_file(${PROJECT_NAME}-config.cmake.in
+                              ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config.cmake
+                              INSTALL_DESTINATION ${CMAKE_INSTALL_DIR}/${PROJECT_NAME}
+                              PATH_VARS INCLUDE_INSTALL_DIR LIB_INSTALL_DIR)
+
 install(
     FILES
         ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config.cmake
@@ -131,10 +145,6 @@ install(
         devel
 )
 
-
-# in tree build settings
-configure_file(libssh-build-tree-settings.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/libssh-build-tree-settings.cmake @ONLY)
-
 if (WITH_EXAMPLES)
     add_subdirectory(examples)
 endif (WITH_EXAMPLES)

COPYING

@@ -455,6 +455,15 @@ FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
 DAMAGES.
 
-        Linking with OpenSSL
-17. In addition, as a special exception, we give permission to link the code of its release of libssh with the OpenSSL project's "OpenSSL" library (or with modified versions of it that use the same license as the "OpenSSL" library), and distribute the linked executables. You must obey the GNU Lesser General Public License in all respects for all of the code used other than "OpenSSL". If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.
+			    Linking with OpenSSL
+
+  17. In addition, as a special exception, we give permission to link the code
+of its release of libssh with the OpenSSL project's "OpenSSL" library (or with
+modified versions of it that use the same license as the "OpenSSL" library),
+and distribute the linked executables. You must obey the GNU Lesser General
+Public License in all respects for all of the code used other than "OpenSSL".
+If you modify this file, you may extend this exception to your version of the
+file, but you are not obligated to do so. If you do not wish to do so, delete
+this exception statement from your version.
+
 		     END OF TERMS AND CONDITIONS

ChangeLog

@@ -1,6 +1,23 @@
 ChangeLog
 ==========
 
+version 0.8.7 (released 2019-02-25)
+  * Fixed handling extension flags in the server implementation
+  * Fixed exporting ed25519 private keys
+  * Fixed corner cases for rsa-sha2 signatures
+  * Fixed some issues with connector
+
+version 0.8.6 (released 2018-12-24)
+  * Fixed compilation issues with different OpenSSL versions
+  * Fixed StrictHostKeyChecking in new knownhosts API
+  * Fixed ssh_send_keepalive() with packet filter
+  * Fixed possible crash with knownhosts options
+  * Fixed issus with rekeying
+  * Fixed strong ECDSA keys
+  * Fixed some issues with rsa-sha2 extentions
+  * Fixed access violation in ssh_init() (static linking)
+  * Fixed ssh_channel_close() handling
+
 version 0.8.5 (released 2018-10-29)
   * Added support to get known_hosts locations with ssh_options_get()
   * Fixed preferred algorithm for known hosts negotiations

doc/mainpage.dox

@@ -23,7 +23,7 @@ The libssh library provides:
  - <strong>Public Key Algorithms</strong>: ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-rsa, rsa-sha2-512, rsa-sha2-256,ssh-dss
  - <strong>Ciphers</strong>: <i>aes256-ctr, aes192-ctr, aes128-ctr</i>, aes256-cbc (rijndael-cbc@lysator.liu.se), aes192-cbc, aes128-cbc, 3des-cbc, blowfish-cbc, none
  - <strong>Compression Schemes</strong>: zlib, <i>zlib@openssh.com</i>, none
- - <strong>MAC hashes</strong>: hmac-sha1, hmac-sha2-256, hmac-sha2-384, hmac-sha2-512, hmac-md5, none
+ - <strong>MAC hashes</strong>: hmac-sha1, hmac-sha2-256, hmac-sha2-512, hmac-md5, none
  - <strong>Authentication</strong>: none, password, public-key, keyboard-interactive, <i>gssapi-with-mic</i>
  - <strong>Channels</strong>: shell, exec (incl. SCP wrapper), direct-tcpip, subsystem, <i>auth-agent-req@openssh.com</i>
  - <strong>Global Requests</strong>: tcpip-forward, forwarded-tcpip

include/libssh/channels.h

@@ -48,11 +48,16 @@ enum ssh_channel_state_e {
 };
 
 /* The channel has been closed by the remote side */
-#define SSH_CHANNEL_FLAG_CLOSED_REMOTE 0x1
+#define SSH_CHANNEL_FLAG_CLOSED_REMOTE 0x0001
+
+/* The channel has been closed locally */
+#define SSH_CHANNEL_FLAG_CLOSED_LOCAL 0x0002
+
 /* The channel has been freed by the calling program */
-#define SSH_CHANNEL_FLAG_FREED_LOCAL 0x2
+#define SSH_CHANNEL_FLAG_FREED_LOCAL 0x0004
+
 /* the channel has not yet been bound to a remote one */
-#define SSH_CHANNEL_FLAG_NOT_BOUND 0x4
+#define SSH_CHANNEL_FLAG_NOT_BOUND 0x0008
 
 struct ssh_channel_struct {
     ssh_session session; /* SSH_SESSION pointer */
@@ -98,5 +103,9 @@ int ssh_channel_flush(ssh_channel channel);
 uint32_t ssh_channel_new_id(ssh_session session);
 ssh_channel ssh_channel_from_local(ssh_session session, uint32_t id);
 void ssh_channel_do_free(ssh_channel channel);
+int ssh_global_request(ssh_session session,
+                       const char *request,
+                       ssh_buffer buffer,
+                       int reply);
 
 #endif /* CHANNELS_H_ */

include/libssh/libssh.h

@@ -79,7 +79,7 @@
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  8
-#define LIBSSH_VERSION_MICRO  5
+#define LIBSSH_VERSION_MICRO  7
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \

include/libssh/pki.h

@@ -110,11 +110,11 @@ int ssh_pki_export_signature_blob(const ssh_signature sign,
 int ssh_pki_import_signature_blob(const ssh_string sig_blob,
                                   const ssh_key pubkey,
                                   ssh_signature *psig);
-int ssh_pki_signature_verify_blob(ssh_session session,
-                                  ssh_string sig_blob,
-                                  const ssh_key key,
-                                  unsigned char *digest,
-                                  size_t dlen);
+int ssh_pki_signature_verify(ssh_session session,
+                             ssh_signature sig,
+                             const ssh_key key,
+                             unsigned char *digest,
+                             size_t dlen);
 
 /* SSH Public Key Functions */
 int ssh_pki_export_pubkey_blob(const ssh_key key,

include/libssh/session.h

@@ -87,10 +87,11 @@ enum ssh_pending_call_e {
 #define SSH_OPT_FLAG_GSSAPI_AUTH 0x8
 
 /* extensions flags */
+/* negotiation enabled */
+#define SSH_EXT_NEGOTIATION     0x01
 /* server-sig-algs extension */
-#define SSH_EXT_SIG_RSA_SHA256  0x01
-#define SSH_EXT_SIG_RSA_SHA512  0x02
-#define SSH_EXT_ALL             SSH_EXT_SIG_RSA_SHA256 | SSH_EXT_SIG_RSA_SHA512
+#define SSH_EXT_SIG_RSA_SHA256  0x02
+#define SSH_EXT_SIG_RSA_SHA512  0x04
 
 /* members that are common to ssh_session and ssh_bind */
 struct ssh_common_struct {
@@ -164,8 +165,6 @@ struct ssh_session_struct {
 
     struct ssh_list *channels; /* linked list of channels */
     int maxchannel;
-    int exec_channel_opened; /* version 1 only. more
-                                info in channels1.c */
     ssh_agent agent; /* ssh agent */
 
 /* keyb interactive data */

include/libssh/wrapper.h

@@ -44,7 +44,6 @@ enum ssh_mac_e {
 enum ssh_hmac_e {
   SSH_HMAC_SHA1 = 1,
   SSH_HMAC_SHA256,
-  SSH_HMAC_SHA384,
   SSH_HMAC_SHA512,
   SSH_HMAC_MD5,
   SSH_HMAC_AEAD_POLY1305

libssh-build-tree-settings.cmake.in

@@ -1 +0,0 @@
-set(LIBSSH_INLUDE_DIR @PROJECT_SOURCE_DIR@/include)

libssh-config-version.cmake.in

@@ -1,11 +0,0 @@
-set(PACKAGE_VERSION @PROJECT_VERSION@)
-
-# Check whether the requested PACKAGE_FIND_VERSION is compatible
-if("${PACKAGE_VERSION}" VERSION_LESS "${PACKAGE_FIND_VERSION}")
-    set(PACKAGE_VERSION_COMPATIBLE FALSE)
-else()
-    set(PACKAGE_VERSION_COMPATIBLE TRUE)
-    if ("${PACKAGE_VERSION}" VERSION_EQUAL "${PACKAGE_FIND_VERSION}")
-        set(PACKAGE_VERSION_EXACT TRUE)
-    endif()
-endif()

libssh-config.cmake.in

@@ -1,15 +1,15 @@
-get_filename_component(LIBSSH_CMAKE_DIR "${CMAKE_CURRENT_LIST_FILE}" PATH)
+@PACKAGE_INIT@
 
-if (EXISTS "${LIBSSH_CMAKE_DIR}/CMakeCache.txt")
-    # In build tree
-    include(${LIBSSH_CMAKE_DIR}/libssh-build-tree-settings.cmake)
+if (EXISTS "${CMAKE_CURRENT_LIST_DIR}/CMakeCache.txt")
+    # In tree build
+    set_and_check(LIBSSH_INCLUDE_DIR "${CMAKE_CURRENT_LIST_DIR}/include")
+    set_and_check(LIBSSH_LIBRARIES "${CMAKE_CURRENT_LIST_DIR}/lib/@LIBSSH_LIBRARY_NAME@")
 else()
-    set(LIBSSH_INCLUDE_DIR @INCLUDE_INSTALL_DIR@)
+    set_and_check(LIBSSH_INCLUDE_DIR "@PACKAGE_INCLUDE_INSTALL_DIR@")
+    set_and_check(LIBSSH_LIBRARIES "@PACKAGE_LIB_INSTALL_DIR@/@LIBSSH_LIBRARY_NAME@")
 endif()
 
-set(LIBSSH_LIBRARY @LIB_INSTALL_DIR@/@LIBSSH_LIBRARY_NAME@)
-set(LIBSSH_LIBRARIES @LIB_INSTALL_DIR@/@LIBSSH_LIBRARY_NAME@)
+# For backward compatibility
+set(LIBSSH_LIBRARY ${LIBSSH_LIBRARIES})
 
-set(LIBSSH_THREADS_LIBRARY @LIB_INSTALL_DIR@/@LIBSSH_THREADS_LIBRARY_NAME@)
-
-mark_as_advanced(LIBSSH_LIBRARIES LIBSSH_INCLUDE_DIR)
+mark_as_advanced(LIBSSH_LIBRARIES LIBSSH_LIBRARY LIBSSH_INCLUDE_DIR)

src/ABI/current

@@ -1 +1 @@
-4.7.2
+4.7.4

src/ABI/libssh-4.7.3.symbols

@@ -0,0 +1,415 @@
+_ssh_log
+buffer_free
+buffer_get
+buffer_get_len
+buffer_new
+channel_accept_x11
+channel_change_pty_size
+channel_close
+channel_forward_accept
+channel_forward_cancel
+channel_forward_listen
+channel_free
+channel_get_exit_status
+channel_get_session
+channel_is_closed
+channel_is_eof
+channel_is_open
+channel_new
+channel_open_forward
+channel_open_session
+channel_poll
+channel_read
+channel_read_buffer
+channel_read_nonblocking
+channel_request_env
+channel_request_exec
+channel_request_pty
+channel_request_pty_size
+channel_request_send_signal
+channel_request_sftp
+channel_request_shell
+channel_request_subsystem
+channel_request_x11
+channel_select
+channel_send_eof
+channel_set_blocking
+channel_write
+channel_write_stderr
+privatekey_free
+privatekey_from_file
+publickey_free
+publickey_from_file
+publickey_from_privatekey
+publickey_to_string
+sftp_async_read
+sftp_async_read_begin
+sftp_attributes_free
+sftp_canonicalize_path
+sftp_chmod
+sftp_chown
+sftp_client_message_free
+sftp_client_message_get_data
+sftp_client_message_get_filename
+sftp_client_message_get_flags
+sftp_client_message_get_submessage
+sftp_client_message_get_type
+sftp_client_message_set_filename
+sftp_close
+sftp_closedir
+sftp_dir_eof
+sftp_extension_supported
+sftp_extensions_get_count
+sftp_extensions_get_data
+sftp_extensions_get_name
+sftp_file_set_blocking
+sftp_file_set_nonblocking
+sftp_free
+sftp_fstat
+sftp_fstatvfs
+sftp_fsync
+sftp_get_client_message
+sftp_get_error
+sftp_handle
+sftp_handle_alloc
+sftp_handle_remove
+sftp_init
+sftp_lstat
+sftp_mkdir
+sftp_new
+sftp_new_channel
+sftp_open
+sftp_opendir
+sftp_read
+sftp_readdir
+sftp_readlink
+sftp_rename
+sftp_reply_attr
+sftp_reply_data
+sftp_reply_handle
+sftp_reply_name
+sftp_reply_names
+sftp_reply_names_add
+sftp_reply_status
+sftp_rewind
+sftp_rmdir
+sftp_seek
+sftp_seek64
+sftp_send_client_message
+sftp_server_init
+sftp_server_new
+sftp_server_version
+sftp_setstat
+sftp_stat
+sftp_statvfs
+sftp_statvfs_free
+sftp_symlink
+sftp_tell
+sftp_tell64
+sftp_unlink
+sftp_utimes
+sftp_write
+ssh_accept
+ssh_add_channel_callbacks
+ssh_auth_list
+ssh_basename
+ssh_bind_accept
+ssh_bind_accept_fd
+ssh_bind_fd_toaccept
+ssh_bind_free
+ssh_bind_get_fd
+ssh_bind_listen
+ssh_bind_new
+ssh_bind_options_set
+ssh_bind_set_blocking
+ssh_bind_set_callbacks
+ssh_bind_set_fd
+ssh_blocking_flush
+ssh_buffer_add_data
+ssh_buffer_free
+ssh_buffer_get
+ssh_buffer_get_data
+ssh_buffer_get_len
+ssh_buffer_new
+ssh_buffer_reinit
+ssh_channel_accept_forward
+ssh_channel_accept_x11
+ssh_channel_cancel_forward
+ssh_channel_change_pty_size
+ssh_channel_close
+ssh_channel_free
+ssh_channel_get_exit_status
+ssh_channel_get_session
+ssh_channel_is_closed
+ssh_channel_is_eof
+ssh_channel_is_open
+ssh_channel_listen_forward
+ssh_channel_new
+ssh_channel_open_auth_agent
+ssh_channel_open_forward
+ssh_channel_open_reverse_forward
+ssh_channel_open_session
+ssh_channel_open_x11
+ssh_channel_poll
+ssh_channel_poll_timeout
+ssh_channel_read
+ssh_channel_read_nonblocking
+ssh_channel_read_timeout
+ssh_channel_request_auth_agent
+ssh_channel_request_env
+ssh_channel_request_exec
+ssh_channel_request_pty
+ssh_channel_request_pty_size
+ssh_channel_request_send_break
+ssh_channel_request_send_exit_signal
+ssh_channel_request_send_exit_status
+ssh_channel_request_send_signal
+ssh_channel_request_sftp
+ssh_channel_request_shell
+ssh_channel_request_subsystem
+ssh_channel_request_x11
+ssh_channel_select
+ssh_channel_send_eof
+ssh_channel_set_blocking
+ssh_channel_set_counter
+ssh_channel_window_size
+ssh_channel_write
+ssh_channel_write_stderr
+ssh_clean_pubkey_hash
+ssh_connect
+ssh_connector_free
+ssh_connector_new
+ssh_connector_set_in_channel
+ssh_connector_set_in_fd
+ssh_connector_set_out_channel
+ssh_connector_set_out_fd
+ssh_copyright
+ssh_dirname
+ssh_disconnect
+ssh_dump_knownhost
+ssh_event_add_connector
+ssh_event_add_fd
+ssh_event_add_session
+ssh_event_dopoll
+ssh_event_free
+ssh_event_new
+ssh_event_remove_connector
+ssh_event_remove_fd
+ssh_event_remove_session
+ssh_execute_message_callbacks
+ssh_finalize
+ssh_forward_accept
+ssh_forward_cancel
+ssh_forward_listen
+ssh_free
+ssh_get_cipher_in
+ssh_get_cipher_out
+ssh_get_clientbanner
+ssh_get_disconnect_message
+ssh_get_error
+ssh_get_error_code
+ssh_get_fd
+ssh_get_fingerprint_hash
+ssh_get_hexa
+ssh_get_hmac_in
+ssh_get_hmac_out
+ssh_get_issue_banner
+ssh_get_kex_algo
+ssh_get_log_callback
+ssh_get_log_level
+ssh_get_log_userdata
+ssh_get_openssh_version
+ssh_get_poll_flags
+ssh_get_pubkey
+ssh_get_pubkey_hash
+ssh_get_publickey
+ssh_get_publickey_hash
+ssh_get_random
+ssh_get_server_publickey
+ssh_get_serverbanner
+ssh_get_status
+ssh_get_version
+ssh_getpass
+ssh_gssapi_get_creds
+ssh_gssapi_set_creds
+ssh_handle_key_exchange
+ssh_init
+ssh_is_blocking
+ssh_is_connected
+ssh_is_server_known
+ssh_key_cmp
+ssh_key_free
+ssh_key_is_private
+ssh_key_is_public
+ssh_key_new
+ssh_key_type
+ssh_key_type_from_name
+ssh_key_type_to_char
+ssh_known_hosts_parse_line
+ssh_knownhosts_entry_free
+ssh_log
+ssh_message_auth_interactive_request
+ssh_message_auth_kbdint_is_response
+ssh_message_auth_password
+ssh_message_auth_pubkey
+ssh_message_auth_publickey
+ssh_message_auth_publickey_state
+ssh_message_auth_reply_pk_ok
+ssh_message_auth_reply_pk_ok_simple
+ssh_message_auth_reply_success
+ssh_message_auth_set_methods
+ssh_message_auth_user
+ssh_message_channel_request_channel
+ssh_message_channel_request_command
+ssh_message_channel_request_env_name
+ssh_message_channel_request_env_value
+ssh_message_channel_request_open_destination
+ssh_message_channel_request_open_destination_port
+ssh_message_channel_request_open_originator
+ssh_message_channel_request_open_originator_port
+ssh_message_channel_request_open_reply_accept
+ssh_message_channel_request_pty_height
+ssh_message_channel_request_pty_pxheight
+ssh_message_channel_request_pty_pxwidth
+ssh_message_channel_request_pty_term
+ssh_message_channel_request_pty_width
+ssh_message_channel_request_reply_success
+ssh_message_channel_request_subsystem
+ssh_message_channel_request_x11_auth_cookie
+ssh_message_channel_request_x11_auth_protocol
+ssh_message_channel_request_x11_screen_number
+ssh_message_channel_request_x11_single_connection
+ssh_message_free
+ssh_message_get
+ssh_message_global_request_address
+ssh_message_global_request_port
+ssh_message_global_request_reply_success
+ssh_message_reply_default
+ssh_message_retrieve
+ssh_message_service_reply_success
+ssh_message_service_service
+ssh_message_subtype
+ssh_message_type
+ssh_mkdir
+ssh_new
+ssh_options_copy
+ssh_options_get
+ssh_options_get_port
+ssh_options_getopt
+ssh_options_parse_config
+ssh_options_set
+ssh_pcap_file_close
+ssh_pcap_file_free
+ssh_pcap_file_new
+ssh_pcap_file_open
+ssh_pki_copy_cert_to_privkey
+ssh_pki_export_privkey_base64
+ssh_pki_export_privkey_file
+ssh_pki_export_privkey_to_pubkey
+ssh_pki_export_pubkey_base64
+ssh_pki_export_pubkey_file
+ssh_pki_generate
+ssh_pki_import_cert_base64
+ssh_pki_import_cert_file
+ssh_pki_import_privkey_base64
+ssh_pki_import_privkey_file
+ssh_pki_import_pubkey_base64
+ssh_pki_import_pubkey_file
+ssh_pki_key_ecdsa_name
+ssh_print_hash
+ssh_print_hexa
+ssh_privatekey_type
+ssh_publickey_to_file
+ssh_remove_channel_callbacks
+ssh_scp_accept_request
+ssh_scp_close
+ssh_scp_deny_request
+ssh_scp_free
+ssh_scp_init
+ssh_scp_leave_directory
+ssh_scp_new
+ssh_scp_pull_request
+ssh_scp_push_directory
+ssh_scp_push_file
+ssh_scp_push_file64
+ssh_scp_read
+ssh_scp_request_get_filename
+ssh_scp_request_get_permissions
+ssh_scp_request_get_size
+ssh_scp_request_get_size64
+ssh_scp_request_get_warning
+ssh_scp_write
+ssh_select
+ssh_send_debug
+ssh_send_ignore
+ssh_send_keepalive
+ssh_server_init_kex
+ssh_service_request
+ssh_session_export_known_hosts_entry
+ssh_session_has_known_hosts_entry
+ssh_session_is_known_server
+ssh_session_update_known_hosts
+ssh_set_agent_channel
+ssh_set_agent_socket
+ssh_set_auth_methods
+ssh_set_blocking
+ssh_set_callbacks
+ssh_set_channel_callbacks
+ssh_set_counters
+ssh_set_fd_except
+ssh_set_fd_toread
+ssh_set_fd_towrite
+ssh_set_log_callback
+ssh_set_log_level
+ssh_set_log_userdata
+ssh_set_message_callback
+ssh_set_pcap_file
+ssh_set_server_callbacks
+ssh_silent_disconnect
+ssh_string_burn
+ssh_string_copy
+ssh_string_data
+ssh_string_fill
+ssh_string_free
+ssh_string_free_char
+ssh_string_from_char
+ssh_string_get_char
+ssh_string_len
+ssh_string_new
+ssh_string_to_char
+ssh_threads_get_noop
+ssh_threads_get_pthread
+ssh_threads_set_callbacks
+ssh_try_publickey_from_file
+ssh_userauth_agent
+ssh_userauth_agent_pubkey
+ssh_userauth_autopubkey
+ssh_userauth_gssapi
+ssh_userauth_kbdint
+ssh_userauth_kbdint_getanswer
+ssh_userauth_kbdint_getinstruction
+ssh_userauth_kbdint_getname
+ssh_userauth_kbdint_getnanswers
+ssh_userauth_kbdint_getnprompts
+ssh_userauth_kbdint_getprompt
+ssh_userauth_kbdint_setanswer
+ssh_userauth_list
+ssh_userauth_none
+ssh_userauth_offer_pubkey
+ssh_userauth_password
+ssh_userauth_privatekey_file
+ssh_userauth_pubkey
+ssh_userauth_publickey
+ssh_userauth_publickey_auto
+ssh_userauth_try_publickey
+ssh_version
+ssh_write_knownhost
+string_burn
+string_copy
+string_data
+string_fill
+string_free
+string_from_char
+string_len
+string_new
+string_to_char

src/ABI/libssh-4.7.4.symbols

@@ -0,0 +1,415 @@
+_ssh_log
+buffer_free
+buffer_get
+buffer_get_len
+buffer_new
+channel_accept_x11
+channel_change_pty_size
+channel_close
+channel_forward_accept
+channel_forward_cancel
+channel_forward_listen
+channel_free
+channel_get_exit_status
+channel_get_session
+channel_is_closed
+channel_is_eof
+channel_is_open
+channel_new
+channel_open_forward
+channel_open_session
+channel_poll
+channel_read
+channel_read_buffer
+channel_read_nonblocking
+channel_request_env
+channel_request_exec
+channel_request_pty
+channel_request_pty_size
+channel_request_send_signal
+channel_request_sftp
+channel_request_shell
+channel_request_subsystem
+channel_request_x11
+channel_select
+channel_send_eof
+channel_set_blocking
+channel_write
+channel_write_stderr
+privatekey_free
+privatekey_from_file
+publickey_free
+publickey_from_file
+publickey_from_privatekey
+publickey_to_string
+sftp_async_read
+sftp_async_read_begin
+sftp_attributes_free
+sftp_canonicalize_path
+sftp_chmod
+sftp_chown
+sftp_client_message_free
+sftp_client_message_get_data
+sftp_client_message_get_filename
+sftp_client_message_get_flags
+sftp_client_message_get_submessage
+sftp_client_message_get_type
+sftp_client_message_set_filename
+sftp_close
+sftp_closedir
+sftp_dir_eof
+sftp_extension_supported
+sftp_extensions_get_count
+sftp_extensions_get_data
+sftp_extensions_get_name
+sftp_file_set_blocking
+sftp_file_set_nonblocking
+sftp_free
+sftp_fstat
+sftp_fstatvfs
+sftp_fsync
+sftp_get_client_message
+sftp_get_error
+sftp_handle
+sftp_handle_alloc
+sftp_handle_remove
+sftp_init
+sftp_lstat
+sftp_mkdir
+sftp_new
+sftp_new_channel
+sftp_open
+sftp_opendir
+sftp_read
+sftp_readdir
+sftp_readlink
+sftp_rename
+sftp_reply_attr
+sftp_reply_data
+sftp_reply_handle
+sftp_reply_name
+sftp_reply_names
+sftp_reply_names_add
+sftp_reply_status
+sftp_rewind
+sftp_rmdir
+sftp_seek
+sftp_seek64
+sftp_send_client_message
+sftp_server_init
+sftp_server_new
+sftp_server_version
+sftp_setstat
+sftp_stat
+sftp_statvfs
+sftp_statvfs_free
+sftp_symlink
+sftp_tell
+sftp_tell64
+sftp_unlink
+sftp_utimes
+sftp_write
+ssh_accept
+ssh_add_channel_callbacks
+ssh_auth_list
+ssh_basename
+ssh_bind_accept
+ssh_bind_accept_fd
+ssh_bind_fd_toaccept
+ssh_bind_free
+ssh_bind_get_fd
+ssh_bind_listen
+ssh_bind_new
+ssh_bind_options_set
+ssh_bind_set_blocking
+ssh_bind_set_callbacks
+ssh_bind_set_fd
+ssh_blocking_flush
+ssh_buffer_add_data
+ssh_buffer_free
+ssh_buffer_get
+ssh_buffer_get_data
+ssh_buffer_get_len
+ssh_buffer_new
+ssh_buffer_reinit
+ssh_channel_accept_forward
+ssh_channel_accept_x11
+ssh_channel_cancel_forward
+ssh_channel_change_pty_size
+ssh_channel_close
+ssh_channel_free
+ssh_channel_get_exit_status
+ssh_channel_get_session
+ssh_channel_is_closed
+ssh_channel_is_eof
+ssh_channel_is_open
+ssh_channel_listen_forward
+ssh_channel_new
+ssh_channel_open_auth_agent
+ssh_channel_open_forward
+ssh_channel_open_reverse_forward
+ssh_channel_open_session
+ssh_channel_open_x11
+ssh_channel_poll
+ssh_channel_poll_timeout
+ssh_channel_read
+ssh_channel_read_nonblocking
+ssh_channel_read_timeout
+ssh_channel_request_auth_agent
+ssh_channel_request_env
+ssh_channel_request_exec
+ssh_channel_request_pty
+ssh_channel_request_pty_size
+ssh_channel_request_send_break
+ssh_channel_request_send_exit_signal
+ssh_channel_request_send_exit_status
+ssh_channel_request_send_signal
+ssh_channel_request_sftp
+ssh_channel_request_shell
+ssh_channel_request_subsystem
+ssh_channel_request_x11
+ssh_channel_select
+ssh_channel_send_eof
+ssh_channel_set_blocking
+ssh_channel_set_counter
+ssh_channel_window_size
+ssh_channel_write
+ssh_channel_write_stderr
+ssh_clean_pubkey_hash
+ssh_connect
+ssh_connector_free
+ssh_connector_new
+ssh_connector_set_in_channel
+ssh_connector_set_in_fd
+ssh_connector_set_out_channel
+ssh_connector_set_out_fd
+ssh_copyright
+ssh_dirname
+ssh_disconnect
+ssh_dump_knownhost
+ssh_event_add_connector
+ssh_event_add_fd
+ssh_event_add_session
+ssh_event_dopoll
+ssh_event_free
+ssh_event_new
+ssh_event_remove_connector
+ssh_event_remove_fd
+ssh_event_remove_session
+ssh_execute_message_callbacks
+ssh_finalize
+ssh_forward_accept
+ssh_forward_cancel
+ssh_forward_listen
+ssh_free
+ssh_get_cipher_in
+ssh_get_cipher_out
+ssh_get_clientbanner
+ssh_get_disconnect_message
+ssh_get_error
+ssh_get_error_code
+ssh_get_fd
+ssh_get_fingerprint_hash
+ssh_get_hexa
+ssh_get_hmac_in
+ssh_get_hmac_out
+ssh_get_issue_banner
+ssh_get_kex_algo
+ssh_get_log_callback
+ssh_get_log_level
+ssh_get_log_userdata
+ssh_get_openssh_version
+ssh_get_poll_flags
+ssh_get_pubkey
+ssh_get_pubkey_hash
+ssh_get_publickey
+ssh_get_publickey_hash
+ssh_get_random
+ssh_get_server_publickey
+ssh_get_serverbanner
+ssh_get_status
+ssh_get_version
+ssh_getpass
+ssh_gssapi_get_creds
+ssh_gssapi_set_creds
+ssh_handle_key_exchange
+ssh_init
+ssh_is_blocking
+ssh_is_connected
+ssh_is_server_known
+ssh_key_cmp
+ssh_key_free
+ssh_key_is_private
+ssh_key_is_public
+ssh_key_new
+ssh_key_type
+ssh_key_type_from_name
+ssh_key_type_to_char
+ssh_known_hosts_parse_line
+ssh_knownhosts_entry_free
+ssh_log
+ssh_message_auth_interactive_request
+ssh_message_auth_kbdint_is_response
+ssh_message_auth_password
+ssh_message_auth_pubkey
+ssh_message_auth_publickey
+ssh_message_auth_publickey_state
+ssh_message_auth_reply_pk_ok
+ssh_message_auth_reply_pk_ok_simple
+ssh_message_auth_reply_success
+ssh_message_auth_set_methods
+ssh_message_auth_user
+ssh_message_channel_request_channel
+ssh_message_channel_request_command
+ssh_message_channel_request_env_name
+ssh_message_channel_request_env_value
+ssh_message_channel_request_open_destination
+ssh_message_channel_request_open_destination_port
+ssh_message_channel_request_open_originator
+ssh_message_channel_request_open_originator_port
+ssh_message_channel_request_open_reply_accept
+ssh_message_channel_request_pty_height
+ssh_message_channel_request_pty_pxheight
+ssh_message_channel_request_pty_pxwidth
+ssh_message_channel_request_pty_term
+ssh_message_channel_request_pty_width
+ssh_message_channel_request_reply_success
+ssh_message_channel_request_subsystem
+ssh_message_channel_request_x11_auth_cookie
+ssh_message_channel_request_x11_auth_protocol
+ssh_message_channel_request_x11_screen_number
+ssh_message_channel_request_x11_single_connection
+ssh_message_free
+ssh_message_get
+ssh_message_global_request_address
+ssh_message_global_request_port
+ssh_message_global_request_reply_success
+ssh_message_reply_default
+ssh_message_retrieve
+ssh_message_service_reply_success
+ssh_message_service_service
+ssh_message_subtype
+ssh_message_type
+ssh_mkdir
+ssh_new
+ssh_options_copy
+ssh_options_get
+ssh_options_get_port
+ssh_options_getopt
+ssh_options_parse_config
+ssh_options_set
+ssh_pcap_file_close
+ssh_pcap_file_free
+ssh_pcap_file_new
+ssh_pcap_file_open
+ssh_pki_copy_cert_to_privkey
+ssh_pki_export_privkey_base64
+ssh_pki_export_privkey_file
+ssh_pki_export_privkey_to_pubkey
+ssh_pki_export_pubkey_base64
+ssh_pki_export_pubkey_file
+ssh_pki_generate
+ssh_pki_import_cert_base64
+ssh_pki_import_cert_file
+ssh_pki_import_privkey_base64
+ssh_pki_import_privkey_file
+ssh_pki_import_pubkey_base64
+ssh_pki_import_pubkey_file
+ssh_pki_key_ecdsa_name
+ssh_print_hash
+ssh_print_hexa
+ssh_privatekey_type
+ssh_publickey_to_file
+ssh_remove_channel_callbacks
+ssh_scp_accept_request
+ssh_scp_close
+ssh_scp_deny_request
+ssh_scp_free
+ssh_scp_init
+ssh_scp_leave_directory
+ssh_scp_new
+ssh_scp_pull_request
+ssh_scp_push_directory
+ssh_scp_push_file
+ssh_scp_push_file64
+ssh_scp_read
+ssh_scp_request_get_filename
+ssh_scp_request_get_permissions
+ssh_scp_request_get_size
+ssh_scp_request_get_size64
+ssh_scp_request_get_warning
+ssh_scp_write
+ssh_select
+ssh_send_debug
+ssh_send_ignore
+ssh_send_keepalive
+ssh_server_init_kex
+ssh_service_request
+ssh_session_export_known_hosts_entry
+ssh_session_has_known_hosts_entry
+ssh_session_is_known_server
+ssh_session_update_known_hosts
+ssh_set_agent_channel
+ssh_set_agent_socket
+ssh_set_auth_methods
+ssh_set_blocking
+ssh_set_callbacks
+ssh_set_channel_callbacks
+ssh_set_counters
+ssh_set_fd_except
+ssh_set_fd_toread
+ssh_set_fd_towrite
+ssh_set_log_callback
+ssh_set_log_level
+ssh_set_log_userdata
+ssh_set_message_callback
+ssh_set_pcap_file
+ssh_set_server_callbacks
+ssh_silent_disconnect
+ssh_string_burn
+ssh_string_copy
+ssh_string_data
+ssh_string_fill
+ssh_string_free
+ssh_string_free_char
+ssh_string_from_char
+ssh_string_get_char
+ssh_string_len
+ssh_string_new
+ssh_string_to_char
+ssh_threads_get_noop
+ssh_threads_get_pthread
+ssh_threads_set_callbacks
+ssh_try_publickey_from_file
+ssh_userauth_agent
+ssh_userauth_agent_pubkey
+ssh_userauth_autopubkey
+ssh_userauth_gssapi
+ssh_userauth_kbdint
+ssh_userauth_kbdint_getanswer
+ssh_userauth_kbdint_getinstruction
+ssh_userauth_kbdint_getname
+ssh_userauth_kbdint_getnanswers
+ssh_userauth_kbdint_getnprompts
+ssh_userauth_kbdint_getprompt
+ssh_userauth_kbdint_setanswer
+ssh_userauth_list
+ssh_userauth_none
+ssh_userauth_offer_pubkey
+ssh_userauth_password
+ssh_userauth_privatekey_file
+ssh_userauth_pubkey
+ssh_userauth_publickey
+ssh_userauth_publickey_auto
+ssh_userauth_try_publickey
+ssh_version
+ssh_write_knownhost
+string_burn
+string_copy
+string_data
+string_fill
+string_free
+string_from_char
+string_len
+string_new
+string_to_char

src/channels.c

@@ -28,6 +28,7 @@
 #include <stdio.h>
 #include <errno.h>
 #include <time.h>
+#include <stdbool.h>
 
 #ifndef _WIN32
 #include <netinet/in.h>
@@ -999,28 +1000,50 @@ error:
  *
  * @warning Any data unread on this channel will be lost.
  */
-void ssh_channel_free(ssh_channel channel) {
-  ssh_session session;
+void ssh_channel_free(ssh_channel channel)
+{
+    ssh_session session;
 
-  if (channel == NULL) {
-    return;
-  }
+    if (channel == NULL) {
+        return;
+    }
 
-  session = channel->session;
-  if (session->alive && channel->state == SSH_CHANNEL_STATE_OPEN) {
-    ssh_channel_close(channel);
-  }
-  channel->flags |= SSH_CHANNEL_FLAG_FREED_LOCAL;
+    session = channel->session;
+    if (session->alive) {
+        bool send_close = false;
 
-  /* The idea behind the flags is the following : it is well possible
-   * that a client closes a channel that stills exists on the server side.
-   * We definitively close the channel when we receive a close message *and*
-   * the user closed it.
-   */
-  if((channel->flags & SSH_CHANNEL_FLAG_CLOSED_REMOTE)
-      || (channel->flags & SSH_CHANNEL_FLAG_NOT_BOUND)){
-    ssh_channel_do_free(channel);
-  }
+        switch (channel->state) {
+        case SSH_CHANNEL_STATE_OPEN:
+            send_close = true;
+            break;
+        case SSH_CHANNEL_STATE_CLOSED:
+            if (channel->flags & SSH_CHANNEL_FLAG_CLOSED_REMOTE) {
+                send_close = true;
+            }
+            if (channel->flags & SSH_CHANNEL_FLAG_CLOSED_LOCAL) {
+                send_close = false;
+            }
+            break;
+        default:
+            send_close = false;
+            break;
+        }
+
+        if (send_close) {
+            ssh_channel_close(channel);
+        }
+    }
+    channel->flags |= SSH_CHANNEL_FLAG_FREED_LOCAL;
+
+    /* The idea behind the flags is the following : it is well possible
+     * that a client closes a channel that stills exists on the server side.
+     * We definitively close the channel when we receive a close message *and*
+     * the user closed it.
+     */
+    if ((channel->flags & SSH_CHANNEL_FLAG_CLOSED_REMOTE) ||
+        (channel->flags & SSH_CHANNEL_FLAG_NOT_BOUND)) {
+        ssh_channel_do_free(channel);
+    }
 }
 
 /**
@@ -1128,52 +1151,60 @@ error:
  * @see ssh_channel_free()
  * @see ssh_channel_is_eof()
  */
-int ssh_channel_close(ssh_channel channel){
-  ssh_session session;
-  int rc = 0;
+int ssh_channel_close(ssh_channel channel)
+{
+    ssh_session session;
+    int rc = 0;
 
-  if(channel == NULL) {
-    return SSH_ERROR;
-  }
+    if(channel == NULL) {
+        return SSH_ERROR;
+    }
 
-  session = channel->session;
+    /* If the channel close has already been sent we're done here. */
+    if (channel->flags & SSH_CHANNEL_FLAG_CLOSED_LOCAL) {
+        return SSH_OK;
+    }
 
-  if (channel->local_eof == 0) {
-    rc = ssh_channel_send_eof(channel);
-  }
+    session = channel->session;
+
+    if (channel->local_eof == 0) {
+        rc = ssh_channel_send_eof(channel);
+    }
+
+    if (rc != SSH_OK) {
+        return rc;
+    }
+
+    rc = ssh_buffer_pack(session->out_buffer,
+                         "bd",
+                         SSH2_MSG_CHANNEL_CLOSE,
+                         channel->remote_channel);
+    if (rc != SSH_OK) {
+        ssh_set_error_oom(session);
+        goto error;
+    }
+
+    rc = ssh_packet_send(session);
+    SSH_LOG(SSH_LOG_PACKET,
+            "Sent a close on client channel (%d:%d)",
+            channel->local_channel,
+            channel->remote_channel);
+
+    if (rc == SSH_OK) {
+        channel->state = SSH_CHANNEL_STATE_CLOSED;
+        channel->flags |= SSH_CHANNEL_FLAG_CLOSED_LOCAL;
+    }
+
+    rc = ssh_channel_flush(channel);
+    if(rc == SSH_ERROR) {
+        goto error;
+    }
 
-  if (rc != SSH_OK) {
     return rc;
-  }
-
-  rc = ssh_buffer_pack(session->out_buffer,
-                       "bd",
-                       SSH2_MSG_CHANNEL_CLOSE,
-                       channel->remote_channel);
-  if (rc != SSH_OK) {
-    ssh_set_error_oom(session);
-    goto error;
-  }
-
-  rc = ssh_packet_send(session);
-  SSH_LOG(SSH_LOG_PACKET,
-      "Sent a close on client channel (%d:%d)",
-      channel->local_channel,
-      channel->remote_channel);
-
-  if(rc == SSH_OK) {
-    channel->state=SSH_CHANNEL_STATE_CLOSED;
-  }
-
-  rc = ssh_channel_flush(channel);
-  if(rc == SSH_ERROR)
-    goto error;
-
-  return rc;
 error:
-  ssh_buffer_reinit(session->out_buffer);
+    ssh_buffer_reinit(session->out_buffer);
 
-  return rc;
+    return rc;
 }
 
 /* this termination function waits for a window growing condition */
@@ -2082,8 +2113,11 @@ static int ssh_global_request_termination(void *s){
  *                      SSH_AGAIN if in nonblocking mode and call has
  *                      to be done again.
  */
-static int global_request(ssh_session session, const char *request,
-    ssh_buffer buffer, int reply) {
+int ssh_global_request(ssh_session session,
+                       const char *request,
+                       ssh_buffer buffer,
+                       int reply)
+{
   int rc;
 
   switch (session->global_req_state) {
@@ -2214,7 +2248,7 @@ int ssh_channel_listen_forward(ssh_session session,
     goto error;
   }
 pending:
-  rc = global_request(session, "tcpip-forward", buffer, 1);
+  rc = ssh_global_request(session, "tcpip-forward", buffer, 1);
 
   /* TODO: FIXME no guarantee the last packet we received contains
    * that info */
@@ -2294,7 +2328,7 @@ int ssh_channel_cancel_forward(ssh_session session,
       goto error;
   }
 pending:
-  rc = global_request(session, "cancel-tcpip-forward", buffer, 1);
+  rc = ssh_global_request(session, "cancel-tcpip-forward", buffer, 1);
 
 error:
   ssh_buffer_free(buffer);

src/client.c

@@ -494,8 +494,8 @@ static int ssh_connect_termination(void *user){
  * @param[in]  session  The ssh session to connect.
  *
  * @returns             SSH_OK on success, SSH_ERROR on error.
- * @returns 						SSH_AGAIN, if the session is in nonblocking mode,
- * 											and call must be done again.
+ * @returns             SSH_AGAIN, if the session is in nonblocking mode,
+ *                      and call must be done again.
  *
  * @see ssh_new()
  * @see ssh_disconnect()

src/config.c

@@ -210,6 +210,7 @@ static struct ssh_config_match_keyword_table_s ssh_config_match_keyword_table[]
     { "originalhost", MATCH_ORIGINALHOST },
     { "user", MATCH_USER },
     { "localuser", MATCH_LOCALUSER },
+    { NULL, MATCH_UNKNOWN },
 };
 
 static int ssh_config_parse_line(ssh_session session, const char *line,

src/connect.c

@@ -476,7 +476,7 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
     fd_set *readfds, struct timeval *timeout) {
   fd_set origfds;
   socket_t fd;
-  int i,j;
+  size_t i, j;
   int rc;
   int base_tm, tm;
   struct ssh_timestamp ts;

src/connector.c

@@ -641,14 +641,12 @@ int ssh_connector_remove_event(ssh_connector connector) {
         session = ssh_channel_get_session(connector->in_channel);
 
         ssh_event_remove_session(connector->event, session);
-        connector->in_channel = NULL;
     }
 
     if (connector->out_channel != NULL) {
         session = ssh_channel_get_session(connector->out_channel);
 
         ssh_event_remove_session(connector->event, session);
-        connector->out_channel = NULL;
     }
     connector->event = NULL;
 

src/dh.c

@@ -1274,6 +1274,10 @@ int ssh_get_server_publickey(ssh_session session, ssh_key *key)
 
 ssh_key ssh_dh_get_current_server_publickey(ssh_session session)
 {
+    if (session->current_crypto == NULL) {
+        return NULL;
+    }
+
     return session->current_crypto->server_pubkey;
 }
 

src/ecdh_gcrypt.c

@@ -286,7 +286,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) {
     session->next_crypto->ecdh_client_pubkey = q_c_string;
 
     /* Build server's keypair */
-    err = gcry_sexp_build(&param, NULL, "(genkey(ecdh(curve %s)))",
+    err = gcry_sexp_build(&param, NULL, "(genkey(ecdh(curve %s) (flags transient-key)))",
                           curve);
     if (err) {
         goto out;

src/kex.c

@@ -38,6 +38,7 @@
 #include "libssh/curve25519.h"
 #include "libssh/knownhosts.h"
 #include "libssh/misc.h"
+#include "libssh/pki.h"
 
 #ifdef HAVE_LIBGCRYPT
 # define BLOWFISH "blowfish-cbc,"
@@ -420,6 +421,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
     int server_kex=session->server;
     ssh_string str = NULL;
     char *strings[KEX_METHODS_SIZE] = {0};
+    char *rsa_sig_ext = NULL;
     int rc = SSH_ERROR;
 
     uint8_t first_kex_packet_follows = 0;
@@ -526,13 +528,52 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
         ok = ssh_match_group(session->next_crypto->client_kex.methods[SSH_KEX],
                              KEX_EXTENSION_CLIENT);
         if (ok) {
+            const char *hostkeys = NULL;
+
+            /* The client supports extension negotiation */
+            session->extensions |= SSH_EXT_NEGOTIATION;
             /*
-             * Enable all the supported extensions and when the time comes
-             * (after NEWKEYS) send them to the client.
+             * RFC 8332 Section 3.1: Use for Server Authentication
+             * Check what algorithms were provided in the SSH_HOSTKEYS list
+             * by the client and enable the respective extensions to provide
+             * correct signature in the next packet if RSA is negotiated
              */
+            hostkeys = session->next_crypto->client_kex.methods[SSH_HOSTKEYS];
+            ok = ssh_match_group(hostkeys, "rsa-sha2-512");
+            if (ok) {
+                session->extensions |= SSH_EXT_SIG_RSA_SHA512;
+            }
+            ok = ssh_match_group(hostkeys, "rsa-sha2-256");
+            if (ok) {
+                session->extensions |= SSH_EXT_SIG_RSA_SHA256;
+            }
+
+            /*
+             * Ensure that the client preference is honored for the case
+             * both signature types are enabled.
+             */
+            if ((session->extensions & SSH_EXT_SIG_RSA_SHA256) &&
+                (session->extensions & SSH_EXT_SIG_RSA_SHA512)) {
+                session->extensions &= ~(SSH_EXT_SIG_RSA_SHA256 | SSH_EXT_SIG_RSA_SHA512);
+                rsa_sig_ext = ssh_find_matching("rsa-sha2-512,rsa-sha2-256",
+                                                session->next_crypto->client_kex.methods[SSH_HOSTKEYS]);
+                if (rsa_sig_ext == NULL) {
+                    goto error; /* should never happen */
+                } else if (strcmp(rsa_sig_ext, "rsa-sha2-512") == 0) {
+                    session->extensions |= SSH_EXT_SIG_RSA_SHA512;
+                } else if (strcmp(rsa_sig_ext, "rsa-sha2-256") == 0) {
+                    session->extensions |= SSH_EXT_SIG_RSA_SHA256;
+                } else {
+                    SAFE_FREE(rsa_sig_ext);
+                    goto error; /* should never happen */
+                }
+                SAFE_FREE(rsa_sig_ext);
+            }
+
             SSH_LOG(SSH_LOG_DEBUG, "The client supports extension "
-                    "negotiation: enabling all extensions");
-            session->extensions = SSH_EXT_ALL;
+                    "negotiation. Enabled signature algorithms: %s%s",
+                    session->extensions & SSH_EXT_SIG_RSA_SHA256 ? "SHA256" : "",
+                    session->extensions & SSH_EXT_SIG_RSA_SHA512 ? " SHA512" : "");
         }
 
         /*
@@ -603,6 +644,8 @@ char *ssh_client_select_hostkeys(ssh_session session)
         "ecdsa-sha2-nistp521",
         "ecdsa-sha2-nistp384",
         "ecdsa-sha2-nistp256",
+        "rsa-sha2-512",
+        "rsa-sha2-256",
         "ssh-rsa",
 #ifdef HAVE_DSA
         "ssh-dss",
@@ -628,29 +671,30 @@ char *ssh_client_select_hostkeys(ssh_session session)
 
     for (i = 0; preferred_hostkeys[i] != NULL; ++i) {
         bool found = false;
+        /* This is a signature type: We list also the SHA2 extensions */
+        enum ssh_keytypes_e base_preferred =
+            ssh_key_type_from_signature_name(preferred_hostkeys[i]);
 
         for (it = ssh_list_get_iterator(algo_list);
              it != NULL;
              it = it->next) {
             const char *algo = ssh_iterator_value(const char *, it);
-            int cmp;
-            int ok;
+            /* This is always key type so we do not have to care for the
+             * SHA2 extension */
+            enum ssh_keytypes_e base_algo = ssh_key_type_from_name(algo);
 
-            cmp = strcmp(preferred_hostkeys[i], algo);
-            if (cmp == 0) {
-                ok = ssh_verify_existing_algo(SSH_HOSTKEYS, algo);
-                if (ok) {
-                    if (needcomma) {
-                        strncat(methods_buffer,
-                                ",",
-                                sizeof(methods_buffer) - strlen(methods_buffer) - 1);
-                    }
+            if (base_preferred == base_algo) {
+                /* Matching the keys already verified it is a known type */
+                if (needcomma) {
                     strncat(methods_buffer,
-                            algo,
+                            ",",
                             sizeof(methods_buffer) - strlen(methods_buffer) - 1);
-                    needcomma = 1;
-                    found = true;
                 }
+                strncat(methods_buffer,
+                        preferred_hostkeys[i],
+                        sizeof(methods_buffer) - strlen(methods_buffer) - 1);
+                needcomma = 1;
+                found = true;
             }
         }
         /* Collect the rest of the algorithms in other buffer, that will
@@ -712,10 +756,10 @@ int ssh_set_client_kex(ssh_session session)
 
     memset(client->methods, 0, KEX_METHODS_SIZE * sizeof(char **));
     /* first check if we have specific host key methods */
-    if(session->opts.wanted_methods[SSH_HOSTKEYS] == NULL){
+    if (session->opts.wanted_methods[SSH_HOSTKEYS] == NULL) {
     	/* Only if no override */
     	session->opts.wanted_methods[SSH_HOSTKEYS] =
-    			ssh_client_select_hostkeys(session);
+            ssh_client_select_hostkeys(session);
     }
 
     for (i = 0; i < KEX_METHODS_SIZE; i++) {
@@ -729,6 +773,11 @@ int ssh_set_client_kex(ssh_session session)
         }
     }
 
+    /* For rekeying, skip the extension negotiation */
+    if (session->session_state == SSH_SESSION_STATE_AUTHENTICATED) {
+        return SSH_OK;
+    }
+
     /* Here we append  ext-info-c  to the list of kex algorithms */
     kex = client->methods[SSH_KEX];
     len = strlen(kex);

src/knownhosts.c

@@ -306,7 +306,8 @@ struct ssh_list *ssh_known_hosts_get_algorithms(ssh_session session)
     int list_error = 0;
     int rc;
 
-    if (session->opts.knownhosts == NULL) {
+    if (session->opts.knownhosts == NULL ||
+        session->opts.global_knownhosts == NULL) {
         if (ssh_options_apply(session) < 0) {
             ssh_set_error(session,
                           SSH_REQUEST_DENIED,
@@ -882,6 +883,9 @@ ssh_session_get_known_hosts_entry(ssh_session session,
 
     /* If we did not find any match at all:  we report the previous result */
     if (rv == SSH_KNOWN_HOSTS_UNKNOWN) {
+        if (session->opts.StrictHostKeyChecking == 0) {
+            return SSH_KNOWN_HOSTS_OK;
+        }
         return old_rv;
     }
 

src/libcrypto-compat.c

@@ -10,9 +10,12 @@
 #include "config.h"
 
 #include <string.h>
-#include <openssl/engine.h>
 #include "libcrypto-compat.h"
 
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+
 static void *OPENSSL_zalloc(size_t num)
 {
     void *ret = OPENSSL_malloc(num);

src/libcrypto-compat.h

@@ -10,6 +10,7 @@
 #include <openssl/dh.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#include <openssl/bn.h>
 
 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
 int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);

src/libcrypto.c

@@ -427,9 +427,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
     case SSH_HMAC_SHA256:
       HMAC_Init_ex(ctx, key, len, EVP_sha256(), NULL);
       break;
-    case SSH_HMAC_SHA384:
-      HMAC_Init_ex(ctx, key, len, EVP_sha384(), NULL);
-      break;
     case SSH_HMAC_SHA512:
       HMAC_Init_ex(ctx, key, len, EVP_sha512(), NULL);
       break;

src/libgcrypt.c

@@ -282,9 +282,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
     case SSH_HMAC_SHA256:
       gcry_md_open(&c, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
       break;
-    case SSH_HMAC_SHA384:
-      gcry_md_open(&c, GCRY_MD_SHA384, GCRY_MD_FLAG_HMAC);
-      break;
     case SSH_HMAC_SHA512:
       gcry_md_open(&c, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC);
       break;

src/libmbedcrypto.c

@@ -462,9 +462,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type)
         case SSH_HMAC_SHA256:
             md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
             break;
-        case SSH_HMAC_SHA384:
-            md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
-            break;
         case SSH_HMAC_SHA512:
             md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
             break;

src/messages.c

@@ -702,6 +702,7 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session,
  */
 SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
   ssh_message msg = NULL;
+  ssh_signature sig = NULL;
   char *service = NULL;
   char *method = NULL;
   int cmp;
@@ -835,13 +836,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
             goto error;
         }
 
-        rc = ssh_pki_signature_verify_blob(session,
-                                           sig_blob,
+        rc = ssh_pki_import_signature_blob(sig_blob,
                                            msg->auth_request.pubkey,
-                                           ssh_buffer_get(digest),
-                                           ssh_buffer_get_len(digest));
+                                           &sig);
+        if (rc == SSH_OK) {
+            rc = ssh_pki_signature_verify(session,
+                                          sig,
+                                          msg->auth_request.pubkey,
+                                          ssh_buffer_get(digest),
+                                          ssh_buffer_get_len(digest));
+        }
         ssh_string_free(sig_blob);
         ssh_buffer_free(digest);
+        ssh_signature_free(sig);
         if (rc < 0) {
             SSH_LOG(
                     SSH_LOG_PACKET,

src/misc.c

@@ -213,47 +213,50 @@ int ssh_is_ipaddr(const char *str) {
 #define NSS_BUFLEN_PASSWD 4096
 #endif /* NSS_BUFLEN_PASSWD */
 
-char *ssh_get_user_home_dir(void) {
-  char *szPath = NULL;
-  struct passwd pwd;
-  struct passwd *pwdbuf;
-  char buf[NSS_BUFLEN_PASSWD] = {0};
-  int rc;
+char *ssh_get_user_home_dir(void)
+{
+    char *szPath = NULL;
+    struct passwd pwd;
+    struct passwd *pwdbuf = NULL;
+    char buf[NSS_BUFLEN_PASSWD] = {0};
+    int rc;
 
-  rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
-  if (rc != 0) {
-      szPath = getenv("HOME");
-      if (szPath == NULL) {
-          return NULL;
-      }
-      snprintf(buf, sizeof(buf), "%s", szPath);
+    rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
+    if (rc != 0 || pwdbuf == NULL ) {
+        szPath = getenv("HOME");
+        if (szPath == NULL) {
+            return NULL;
+        }
+        snprintf(buf, sizeof(buf), "%s", szPath);
 
-      return strdup(buf);
-  }
+        return strdup(buf);
+    }
 
-  szPath = strdup(pwd.pw_dir);
+    szPath = strdup(pwd.pw_dir);
 
-  return szPath;
+    return szPath;
 }
 
 /* we have read access on file */
-int ssh_file_readaccess_ok(const char *file) {
-  if (access(file, R_OK) < 0) {
-    return 0;
-  }
+int ssh_file_readaccess_ok(const char *file)
+{
+    if (access(file, R_OK) < 0) {
+        return 0;
+    }
 
-  return 1;
+    return 1;
 }
 
-char *ssh_get_local_username(void) {
+char *ssh_get_local_username(void)
+{
     struct passwd pwd;
-    struct passwd *pwdbuf;
+    struct passwd *pwdbuf = NULL;
     char buf[NSS_BUFLEN_PASSWD];
     char *name;
     int rc;
 
     rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
-    if (rc != 0) {
+    if (rc != 0 || pwdbuf == NULL) {
         return NULL;
     }
 

src/options.c

@@ -302,37 +302,6 @@ int ssh_options_set_algo(ssh_session session,
  *                \n
  *                See the corresponding numbers in libssh.h.
  *
- *              - SSH_OPTIONS_AUTH_CALLBACK:
- *                Set a callback to use your own authentication function
- *                (function pointer).
- *
- *              - SSH_OPTIONS_AUTH_USERDATA:
- *                Set the user data passed to the authentication
- *                function (generic pointer).
- *
- *              - SSH_OPTIONS_LOG_CALLBACK:
- *                Set a callback to use your own logging function
- *                (function pointer).
- *
- *              - SSH_OPTIONS_LOG_USERDATA:
- *                Set the user data passed to the logging function
- *                (generic pointer).
- *
- *              - SSH_OPTIONS_STATUS_CALLBACK:
- *                Set a callback to show connection status in realtime
- *                (function pointer).\n
- *                \n
- *                @code
- *                fn(void *arg, float status)
- *                @endcode
- *                \n
- *                During ssh_connect(), libssh will call the callback
- *                with status from 0.0 to 1.0.
- *
- *              - SSH_OPTIONS_STATUS_ARG:
- *                Set the status argument which should be passed to the
- *                status callback (generic pointer).
- *
  *              - SSH_OPTIONS_CIPHERS_C_S:
  *                Set the symmetric cipher client to server (const char *,
  *                comma-separated list).
@@ -605,12 +574,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
             v = value;
             SAFE_FREE(session->opts.knownhosts);
             if (v == NULL) {
-                session->opts.knownhosts = ssh_path_expand_escape(session,
-                                                             "%d/known_hosts");
-                if (session->opts.knownhosts == NULL) {
-                    ssh_set_error_oom(session);
-                    return -1;
-                }
+                /* The default value will be set by the ssh_options_apply() */
             } else if (v[0] == '\0') {
                 ssh_set_error_invalid(session);
                 return -1;

src/packet.c

@@ -263,13 +263,17 @@ static enum ssh_packet_filter_result_e ssh_packet_incoming_filter(ssh_session se
         /*
          * States required:
          * - session_state == SSH_SESSION_STATE_AUTHENTICATING
+         *   or session->session_state == SSH_SESSION_STATE_AUTHENTICATED
+         *   (re-exchange)
          * - dh_handshake_state == DH_STATE_FINISHED
          *
          * Transitions:
          * - None
          * */
 
-        if (session->session_state != SSH_SESSION_STATE_AUTHENTICATING) {
+        if ((session->session_state != SSH_SESSION_STATE_AUTHENTICATING) &&
+            (session->session_state != SSH_SESSION_STATE_AUTHENTICATED))
+        {
             rc = SSH_PACKET_DENIED;
             break;
         }

src/packet_cb.c

@@ -138,6 +138,7 @@ error:
 
 SSH_PACKET_CALLBACK(ssh_packet_newkeys){
   ssh_string sig_blob = NULL;
+  ssh_signature sig = NULL;
   int rc;
   (void)packet;
   (void)user;
@@ -185,30 +186,36 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
     /* get the server public key */
     server_key = ssh_dh_get_next_server_publickey(session);
     if (server_key == NULL) {
-        return SSH_ERROR;
+        goto error;
     }
 
-    /* check if public key from server matches user preferences */
+    rc = ssh_pki_import_signature_blob(sig_blob, server_key, &sig);
+    if (rc != SSH_OK) {
+        goto error;
+    }
+
+    /* Check if signature from server matches user preferences */
     if (session->opts.wanted_methods[SSH_HOSTKEYS]) {
-        if(!ssh_match_group(session->opts.wanted_methods[SSH_HOSTKEYS],
-                            server_key->type_c)) {
+        if (!ssh_match_group(session->opts.wanted_methods[SSH_HOSTKEYS],
+                             sig->type_c)) {
             ssh_set_error(session,
                           SSH_FATAL,
                           "Public key from server (%s) doesn't match user "
                           "preference (%s)",
-                          server_key->type_c,
+                          sig->type_c,
                           session->opts.wanted_methods[SSH_HOSTKEYS]);
-            return -1;
+            goto error;
         }
     }
 
-    rc = ssh_pki_signature_verify_blob(session,
-                                       sig_blob,
-                                       server_key,
-                                       session->next_crypto->secret_hash,
-                                       session->next_crypto->digest_len);
+    rc = ssh_pki_signature_verify(session,
+                                  sig,
+                                  server_key,
+                                  session->next_crypto->secret_hash,
+                                  session->next_crypto->digest_len);
     ssh_string_burn(sig_blob);
     ssh_string_free(sig_blob);
+    ssh_signature_free(sig);
     sig_blob = NULL;
     if (rc == SSH_ERROR) {
       goto error;

src/packet_crypt.c

@@ -176,6 +176,17 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len)
   return session->current_crypto->hmacbuf;
 }
 
+static int secure_memcmp(const void *s1, const void *s2, size_t n)
+{
+    int rc = 0;
+    const unsigned char *p1 = s1;
+    const unsigned char *p2 = s2;
+    for (; n > 0; --n) {
+        rc |= *p1++ ^ *p2++;
+    }
+    return (rc != 0);
+}
+
 /**
  * @internal
  *
@@ -219,7 +230,7 @@ int ssh_packet_hmac_verify(ssh_session session,
   ssh_print_hexa("Computed mac",hmacbuf,len);
   ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t));
 #endif
-  if (memcmp(mac, hmacbuf, len) == 0) {
+  if (secure_memcmp(mac, hmacbuf, len) == 0) {
     return 0;
   }
 

src/pki.c

@@ -214,6 +214,7 @@ ssh_key_signature_to_char(enum ssh_keytypes_e type,
     case SSH_DIGEST_SHA512:
         return "rsa-sha2-512";
     case SSH_DIGEST_SHA1:
+    case SSH_DIGEST_AUTO:
         return "ssh-rsa";
     default:
         return NULL;
@@ -271,13 +272,14 @@ static enum ssh_digest_e ssh_key_hash_from_name(const char *name)
     /* we do not care for others now */
     return SSH_DIGEST_AUTO;
 }
+
 /**
  * @brief Checks the given key against the configured allowed
  * public key algorithm types
  *
  * @param[in] session The SSH session
- * @parma[in] type    The key algorithm to check
- * @returns           1 if the key algorithm is allowed 0 otherwise
+ * @param[in] type    The key algorithm to check
+ * @returns           1 if the key algorithm is allowed, 0 otherwise
  */
 int ssh_key_algorithm_allowed(ssh_session session, const char *type)
 {
@@ -1534,7 +1536,7 @@ int ssh_pki_import_cert_file(const char *filename, ssh_key *pkey)
  * @param[in] parameter Parameter to the creation of key:
  *                      rsa : length of the key in bits (e.g. 1024, 2048, 4096)
  *                      dsa : length of the key in bits (e.g. 1024, 2048, 3072)
- *                      ecdsa : bits of the key (e.g. 256, 384, 512)
+ *                      ecdsa : bits of the key (e.g. 256, 384, 521)
  * @param[out] pkey     A pointer to store the allocated private key. You need
  *                      to free the memory.
  *
@@ -1863,10 +1865,10 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
                                   const ssh_key pubkey,
                                   ssh_signature *psig)
 {
-    ssh_signature sig;
+    ssh_signature sig = NULL;
     enum ssh_keytypes_e type;
     enum ssh_digest_e hash_type;
-    ssh_string str;
+    ssh_string algorithm = NULL, blob = NULL;
     ssh_buffer buf;
     const char *alg = NULL;
     int rc;
@@ -1888,25 +1890,25 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
         return SSH_ERROR;
     }
 
-    str = ssh_buffer_get_ssh_string(buf);
-    if (str == NULL) {
+    algorithm = ssh_buffer_get_ssh_string(buf);
+    if (algorithm == NULL) {
         ssh_buffer_free(buf);
         return SSH_ERROR;
     }
 
-    alg = ssh_string_get_char(str);
+    alg = ssh_string_get_char(algorithm);
     type = ssh_key_type_from_signature_name(alg);
     hash_type = ssh_key_hash_from_name(alg);
-    ssh_string_free(str);
+    ssh_string_free(algorithm);
 
-    str = ssh_buffer_get_ssh_string(buf);
+    blob = ssh_buffer_get_ssh_string(buf);
     ssh_buffer_free(buf);
-    if (str == NULL) {
+    if (blob == NULL) {
         return SSH_ERROR;
     }
 
-    sig = pki_signature_from_blob(pubkey, str, type, hash_type);
-    ssh_string_free(str);
+    sig = pki_signature_from_blob(pubkey, blob, type, hash_type);
+    ssh_string_free(blob);
     if (sig == NULL) {
         return SSH_ERROR;
     }
@@ -1915,24 +1917,24 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
     return SSH_OK;
 }
 
-int ssh_pki_signature_verify_blob(ssh_session session,
-                                  ssh_string sig_blob,
-                                  const ssh_key key,
-                                  unsigned char *digest,
-                                  size_t dlen)
+int ssh_pki_signature_verify(ssh_session session,
+                             ssh_signature sig,
+                             const ssh_key key,
+                             unsigned char *digest,
+                             size_t dlen)
 {
-    ssh_signature sig;
     int rc;
 
-    rc = ssh_pki_import_signature_blob(sig_blob, key, &sig);
-    if (rc < 0) {
-        return SSH_ERROR;
-    }
-
     SSH_LOG(SSH_LOG_FUNCTIONS,
             "Going to verify a %s type signature",
             sig->type_c);
 
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c, key->type_c);
+        return SSH_ERROR;
+    }
 
     if (key->type == SSH_KEYTYPE_ECDSA) {
 #if HAVE_ECC
@@ -1996,8 +1998,6 @@ int ssh_pki_signature_verify_blob(ssh_session session,
                                   hlen);
     }
 
-    ssh_signature_free(sig);
-
     return rc;
 }
 

src/pki_container_openssh.c

@@ -409,7 +409,7 @@ static int pki_openssh_export_privkey_blob(const ssh_key privkey,
         return SSH_ERROR;
     }
     if (privkey->ed25519_privkey == NULL ||
-            privkey->ed25519_pubkey == NULL){
+        privkey->ed25519_pubkey == NULL) {
         return SSH_ERROR;
     }
     rc = ssh_buffer_pack(buffer,
@@ -442,7 +442,6 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
     char passphrase_buffer[128];
     int rc;
     int i;
-    uint8_t padding = 1;
     int cmp;
 
     cmp = strcmp(ciphername, "none");
@@ -469,14 +468,6 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
         SSH_LOG(SSH_LOG_WARN, "Unsupported KDF %s", kdfname);
         return SSH_ERROR;
     }
-    while (ssh_buffer_get_len(privkey_buffer) % cipher.blocksize != 0) {
-        rc = ssh_buffer_add_u8(privkey_buffer, padding);
-        if (rc < 0) {
-            return SSH_ERROR;
-        }
-        padding++;
-    }
-
     /* We need material for key (keysize bits / 8) and IV (blocksize)  */
     key_material_len =  cipher.keysize/8 + cipher.blocksize;
     if (key_material_len > sizeof(key_material)){
@@ -553,6 +544,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
     int to_encrypt=0;
     unsigned char *b64;
     uint32_t str_len, len;
+    uint8_t padding = 1;
     int ok;
     int rc;
 
@@ -603,6 +595,18 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
         goto error;
     }
 
+    /* Add padding regardless encryption because it is expected
+     * by OpenSSH tools.
+     * XXX Using 16 B as we use only AES cipher below anyway.
+     */
+    while (ssh_buffer_get_len(privkey_buffer) % 16 != 0) {
+        rc = ssh_buffer_add_u8(privkey_buffer, padding);
+        if (rc < 0) {
+            goto error;
+        }
+        padding++;
+    }
+
     if (to_encrypt){
         ssh_buffer kdf_buf;
 

src/pki_crypto.c

@@ -516,7 +516,7 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
 
 int pki_key_generate_dss(ssh_key key, int parameter){
     int rc;
-#if OPENSSL_VERSION_NUMBER > 0x10100000L
+#if OPENSSL_VERSION_NUMBER > 0x00908000L
     key->dsa = DSA_new();
     if (key->dsa == NULL) {
         return SSH_ERROR;
@@ -558,7 +558,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) {
         case 384:
             nid = NID_secp384r1;
             break;
-        case 512:
+        case 521:
             nid = NID_secp521r1;
             break;
         case 256:
@@ -1600,6 +1600,14 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
     int rc;
     BIGNUM *pr = NULL, *ps = NULL;
 
+    if (type != pubkey->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Incompatible public key provided (%d) expecting (%d)",
+                type,
+                pubkey->type);
+        return NULL;
+    }
+
     sig = ssh_signature_new();
     if (sig == NULL) {
         return NULL;
@@ -1607,7 +1615,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
 
     sig->type = type;
     sig->hash_type = hash_type;
-    sig->type_c = ssh_key_signature_to_char(type, hash_type);
+    sig->type_c = pubkey->type_c; /* for all types but RSA */
 
     len = ssh_string_len(sig_blob);
 
@@ -1649,6 +1657,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
 
             s = ssh_string_new(20);
             if (s == NULL) {
+                bignum_safe_free(pr);
                 ssh_signature_free(sig);
                 return NULL;
             }
@@ -1657,6 +1666,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
             ps = ssh_make_string_bn(s);
             ssh_string_free(s);
             if (ps == NULL) {
+                bignum_safe_free(pr);
                 ssh_signature_free(sig);
                 return NULL;
             }
@@ -1665,6 +1675,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
              * object */
             rc = DSA_SIG_set0(sig->dsa_sig, pr, ps);
             if (rc == 0) {
+                bignum_safe_free(ps);
+                bignum_safe_free(pr);
                 ssh_signature_free(sig);
                 return NULL;
             }
@@ -1673,6 +1685,10 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
         case SSH_KEYTYPE_RSA:
         case SSH_KEYTYPE_RSA1:
             sig = pki_signature_from_rsa_blob(pubkey, sig_blob, sig);
+            if (sig == NULL) {
+                return NULL;
+            }
+            sig->type_c = ssh_key_signature_to_char(type, hash_type);
             break;
         case SSH_KEYTYPE_ECDSA:
 #ifdef HAVE_OPENSSL_ECC
@@ -1725,6 +1741,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
                 rlen = ssh_buffer_get_len(b);
                 ssh_buffer_free(b);
                 if (s == NULL) {
+                    bignum_safe_free(pr);
                     ssh_signature_free(sig);
                     return NULL;
                 }
@@ -1737,6 +1754,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
                 ssh_string_burn(s);
                 ssh_string_free(s);
                 if (ps == NULL) {
+                    bignum_safe_free(pr);
                     ssh_signature_free(sig);
                     return NULL;
                 }
@@ -1745,6 +1763,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
                  * ECDSA signature object */
                 rc = ECDSA_SIG_set0(sig->ecdsa_sig, pr, ps);
                 if (rc == 0) {
+                    bignum_safe_free(ps);
+                    bignum_safe_free(pr);
                     ssh_signature_free(sig);
                     return NULL;
                 }
@@ -1787,7 +1807,15 @@ int pki_signature_verify(ssh_session session,
     int rc;
     int nid;
 
-    switch(key->type) {
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
+    switch (key->type) {
         case SSH_KEYTYPE_DSS:
             rc = DSA_do_verify(hash,
                                hlen,

src/pki_gcrypt.c

@@ -28,6 +28,7 @@
 #ifdef HAVE_LIBGCRYPT
 
 #include <assert.h>
+#include <stdbool.h>
 #include <string.h>
 #include <stdlib.h>
 #include <gcrypt.h>
@@ -389,7 +390,7 @@ static int privatekey_dek_header(const char *header, unsigned int header_len,
         while(p[len] == '\n' || p[len] == '\r') /* skip empty lines */  \
             len++;                                                      \
         if(p[len] == '\0')    /* EOL */                                 \
-            len = -1;                                                   \
+            eol = true;                                                 \
         else                  /* calculate length */                    \
             for(p += len, len = 0; p[len] && p[len] != '\n'             \
                                           && p[len] != '\r'; len++);    \
@@ -409,7 +410,8 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type,
     unsigned int iv_len = 0;
     int algo = 0;
     int mode = 0;
-    int len;
+    bool eol = false;
+    size_t len;
 
     buffer = ssh_buffer_new();
     if (buffer == NULL) {
@@ -441,25 +443,38 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type,
     len = 0;
     get_next_line(p, len);
 
-    while(len > 0 && strncmp(p, header_begin, header_begin_size)) {
+    while(!eol && strncmp(p, header_begin, header_begin_size)) {
         /* skip line */
         get_next_line(p, len);
     }
-    if(len < 0) {
-        /* no header found */
+    if (eol) {
+        ssh_buffer_free(buffer);
         return NULL;
     }
+
     /* skip header line */
     get_next_line(p, len);
+    if (eol) {
+        ssh_buffer_free(buffer);
+        return NULL;
+    }
 
     if (len > 11 && strncmp("Proc-Type: 4,ENCRYPTED", p, 11) == 0) {
         /* skip line */
         get_next_line(p, len);
+        if (eol) {
+            ssh_buffer_free(buffer);
+            return NULL;
+        }
 
         if (len > 10 && strncmp("DEK-Info: ", p, 10) == 0) {
             p += 10;
             len = 0;
             get_next_line(p, len);
+            if (eol) {
+                ssh_buffer_free(buffer);
+                return NULL;
+            }
             if (privatekey_dek_header(p, len, &algo, &mode, &key_len,
                         &iv, &iv_len) < 0) {
                 ssh_buffer_free(buffer);
@@ -482,7 +497,7 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type,
     }
 
     get_next_line(p, len);
-    while(len > 0 && strncmp(p, header_end, header_end_size) != 0) {
+    while(!eol && strncmp(p, header_end, header_end_size) != 0) {
         if (ssh_buffer_add_data(buffer, p, len) < 0) {
             ssh_buffer_free(buffer);
             SAFE_FREE(iv);
@@ -491,7 +506,7 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type,
         get_next_line(p, len);
     }
 
-    if (len == -1 || strncmp(p, header_end, header_end_size) != 0) {
+    if (eol || strncmp(p, header_end, header_end_size) != 0) {
         ssh_buffer_free(buffer);
         SAFE_FREE(iv);
         return NULL;
@@ -1348,7 +1363,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) {
         case 384:
             nid = NID_gcrypt_nistp384;
             break;
-        case 512:
+        case 521:
             nid = NID_gcrypt_nistp521;
             break;
         case 256:
@@ -1848,6 +1863,14 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
     size_t rsalen;
     int rc;
 
+    if (type != pubkey->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Incompatible public key provided (%d) expecting (%d)",
+                type,
+                pubkey->type);
+        return NULL;
+    }
+
     sig = ssh_signature_new();
     if (sig == NULL) {
         return NULL;
@@ -1855,7 +1878,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
 
     sig->type = type;
     sig->hash_type = hash_type;
-    sig->type_c = ssh_key_signature_to_char(type, hash_type);
+    sig->type_c = pubkey->type_c; /* for all types but RSA */
 
     len = ssh_string_len(sig_blob);
 
@@ -1921,6 +1944,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
                 ssh_signature_free(sig);
                 return NULL;
             }
+            sig->type_c = ssh_key_signature_to_char(type, hash_type);
             break;
         case SSH_KEYTYPE_ED25519:
 		rc = pki_ed25519_sig_from_blob(sig, sig_blob);
@@ -2025,6 +2049,14 @@ int pki_signature_verify(ssh_session session,
     gcry_sexp_t sexp;
     gcry_error_t err;
 
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
     switch(key->type) {
         case SSH_KEYTYPE_DSS:
             /* That is to mark the number as positive */
@@ -2124,7 +2156,6 @@ int pki_signature_verify(ssh_session session,
             gcry_sexp_release(sexp);
             if (err) {
                 ssh_set_error(session, SSH_FATAL, "Invalid ECDSA signature");
-                abort();
                 if (gcry_err_code(err) != GPG_ERR_BAD_SIGNATURE) {
                     ssh_set_error(session,
                             SSH_FATAL,

src/pki_mbedcrypto.c

@@ -897,6 +897,14 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
     ssh_signature sig = NULL;
     int rc;
 
+    if (type != pubkey->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Incompatible public key provided (%d) expecting (%d)",
+                type,
+                pubkey->type);
+        return NULL;
+    }
+
     sig = ssh_signature_new();
     if (sig == NULL) {
         return NULL;
@@ -904,11 +912,15 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
 
     sig->type = type;
     sig->hash_type = hash_type;
-    sig->type_c = ssh_key_signature_to_char(type, hash_type);
+    sig->type_c = pubkey->type_c; /* for all types but RSA */
 
     switch(type) {
         case SSH_KEYTYPE_RSA:
             sig = pki_signature_from_rsa_blob(pubkey, sig_blob, sig);
+            if (sig == NULL) {
+                return NULL;
+            }
+            sig->type_c = ssh_key_signature_to_char(type, hash_type);
             break;
         case SSH_KEYTYPE_ECDSA: {
             ssh_buffer b;
@@ -999,6 +1011,14 @@ int pki_signature_verify(ssh_session session, const ssh_signature sig, const
     int rc;
     mbedtls_md_type_t md = 0;
 
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
     switch (key->type) {
         case SSH_KEYTYPE_RSA:
             switch (sig->hash_type) {
@@ -1439,7 +1459,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter)
         case 384:
             nid = NID_mbedtls_nistp384;
             break;
-        case 512:
+        case 521:
             nid = NID_mbedtls_nistp521;
             break;
         case 256:

src/server.c

@@ -453,6 +453,7 @@ static void ssh_server_connection_callback(ssh_session session){
 
             /* from now, the packet layer is handling incoming packets */
             session->socket_callbacks.data=ssh_packet_socket_callback;
+            ssh_packet_register_socket_callback(session, session->socket);
 
             ssh_packet_set_default_callbacks(session);
             set_status(session, 0.5f);
@@ -518,20 +519,22 @@ static void ssh_server_connection_callback(ssh_session session){
                     goto error;
                 }
 
+                /*
+                 * If the client supports extension negotiation, we will send
+                 * our supported extensions now. This is the first message after
+                 * sending NEWKEYS message and after turning on crypto.
+                 */
+                if (session->extensions & SSH_EXT_NEGOTIATION &&
+                    session->session_state != SSH_SESSION_STATE_AUTHENTICATED) {
+                    ssh_server_send_extensions(session);
+                }
+
                 set_status(session,1.0f);
                 session->connected = 1;
                 session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
                 if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED)
                     session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
 
-               /*
-                * If the client supports extension negotiation, we will send
-                * our supported extensions now. This is the first message after
-                * sending NEWKEYS message and after turning on crypto.
-                */
-               if (session->extensions) {
-                   ssh_server_send_extensions(session);
-               }
             }
             break;
         case SSH_SESSION_STATE_AUTHENTICATING:
@@ -1253,30 +1256,10 @@ int ssh_execute_message_callbacks(ssh_session session){
 
 int ssh_send_keepalive(ssh_session session)
 {
-  int rc;
+    /* Client denies the request, so the error code is not meaningful */
+    (void)ssh_global_request(session, "keepalive@openssh.com", NULL, 1);
 
-  rc = ssh_buffer_pack(session->out_buffer,
-                       "bsb",
-                       SSH2_MSG_GLOBAL_REQUEST,
-                       "keepalive@openssh.com",
-                       1);
-  if (rc != SSH_OK) {
-    goto err;
-  }
-
-  if (ssh_packet_send(session) == SSH_ERROR) {
-    goto err;
-  }
-
-  ssh_handle_packets(session, SSH_TIMEOUT_NONBLOCKING);
-
-  SSH_LOG(SSH_LOG_PACKET, "Sent a keepalive");
-  return SSH_OK;
-
-err:
-  ssh_set_error_oom(session);
-  ssh_buffer_reinit(session->out_buffer);
-  return SSH_ERROR;
+    return SSH_OK;
 }
 
 /** @} */

src/sftp.c

@@ -127,22 +127,26 @@ sftp_session sftp_new(ssh_session session)
 
     sftp->ext = sftp_ext_new();
     if (sftp->ext == NULL) {
+        ssh_set_error_oom(session);
         goto error;
     }
 
     sftp->read_packet = calloc(1, sizeof(struct sftp_packet_struct));
     if (sftp->read_packet == NULL) {
+        ssh_set_error_oom(session);
         goto error;
     }
 
     sftp->read_packet->payload = ssh_buffer_new();
     if (sftp->read_packet->payload == NULL) {
+        ssh_set_error_oom(session);
         goto error;
     }
 
     sftp->session = session;
     sftp->channel = ssh_channel_new(session);
     if (sftp->channel == NULL) {
+        ssh_set_error_oom(session);
         goto error;
     }
 
@@ -156,7 +160,6 @@ sftp_session sftp_new(ssh_session session)
 
     return sftp;
 error:
-    ssh_set_error_oom(session);
     if (sftp->ext != NULL) {
         sftp_ext_free(sftp->ext);
     }

src/socket.c

@@ -236,7 +236,7 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p,
             (revents & POLLOUT) ? "POLLOUT ":"",
             (revents & POLLERR) ? "POLLERR":"",
             ssh_buffer_get_len(s->out_buffer));
-    if (revents & POLLERR || revents & POLLHUP) {
+    if ((revents & POLLERR) || (revents & POLLHUP)) {
         /* Check if we are in a connecting state */
         if (s->state == SSH_SOCKET_CONNECTING) {
             s->state = SSH_SOCKET_ERROR;
@@ -270,17 +270,10 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p,
                 s->callbacks->exception(SSH_SOCKET_EXCEPTION_ERROR,
                                         s->last_errno,
                                         s->callbacks->userdata);
-
-                /* p may have been freed, so don't use it
-                 * anymore in this function */
-                p = NULL;
-                return -2;
             }
+            return -2;
         }
         if (nread == 0) {
-            if (p != NULL) {
-                ssh_poll_remove_events(p, POLLIN);
-            }
             if (p != NULL) {
                 ssh_poll_remove_events(p, POLLIN);
             }
@@ -288,12 +281,8 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p,
                 s->callbacks->exception(SSH_SOCKET_EXCEPTION_EOF,
                                         0,
                                         s->callbacks->userdata);
-
-                /* p may have been freed, so don't use it
-                 * anymore in this function */
-                p = NULL;
-                return -2;
             }
+            return -2;
         }
 
         if (s->session->socket_counter != NULL) {

src/threads/libcrypto.c

@@ -116,6 +116,14 @@ void crypto_thread_finalize(void)
         return;
     }
 
+#ifdef HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK
+    CRYPTO_THREADID_set_callback(NULL);
+#else
+    CRYPTO_set_id_callback(NULL);
+#endif
+
+    CRYPTO_set_locking_callback(NULL);
+
     for (i = 0; i < n; ++i) {
             user_callbacks->mutex_destroy(&libcrypto_mutexes[i]);
     }

src/wrapper.c

@@ -52,7 +52,6 @@
 static struct ssh_hmac_struct ssh_hmac_tab[] = {
   { "hmac-sha1",     SSH_HMAC_SHA1 },
   { "hmac-sha2-256", SSH_HMAC_SHA256 },
-  { "hmac-sha2-384", SSH_HMAC_SHA384 },
   { "hmac-sha2-512", SSH_HMAC_SHA512 },
   { "hmac-md5",      SSH_HMAC_MD5 },
   { "aead-poly1305", SSH_HMAC_AEAD_POLY1305 },
@@ -69,8 +68,6 @@ size_t hmac_digest_len(enum ssh_hmac_e type) {
       return SHA_DIGEST_LEN;
     case SSH_HMAC_SHA256:
       return SHA256_DIGEST_LEN;
-    case SSH_HMAC_SHA384:
-      return SHA384_DIGEST_LEN;
     case SSH_HMAC_SHA512:
       return SHA512_DIGEST_LEN;
     case SSH_HMAC_MD5:

tests/CMakeLists.txt

@@ -84,7 +84,7 @@ if (CLIENT_TESTING)
 
     # chroot_wrapper
     add_library(chroot_wrapper SHARED chroot_wrapper.c)
-    set(CHROOT_WRAPPER_LIBRARY ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
+    set(CHROOT_WRAPPER_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
     set(TEST_TARGET_LIBRARIES
         ${TEST_TARGET_LIBRARIES}
         chroot_wrapper

tests/client/torture_auth.c

@@ -232,7 +232,7 @@ static void torture_auth_none_nonblocking(void **state) {
 
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
 
     ssh_set_blocking(session,0);
@@ -241,7 +241,7 @@ static void torture_auth_none_nonblocking(void **state) {
         rc = ssh_userauth_none(session,NULL);
     } while (rc == SSH_AUTH_AGAIN);
     assert_int_equal(rc, SSH_AUTH_DENIED);
-    assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+    assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
 
 }
 
@@ -260,7 +260,7 @@ static void torture_auth_autopubkey(void **state) {
     rc = ssh_userauth_none(session,NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);
@@ -313,7 +313,7 @@ static void torture_auth_kbdint(void **state) {
     rc = ssh_userauth_none(session,NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_INTERACTIVE);
@@ -352,7 +352,7 @@ static void torture_auth_kbdint_nonblocking(void **state) {
 
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_INTERACTIVE);
@@ -392,7 +392,7 @@ static void torture_auth_password(void **state) {
     rc = ssh_userauth_none(session, NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_AUTH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PASSWORD);
@@ -419,7 +419,7 @@ static void torture_auth_password_nonblocking(void **state) {
 
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_AUTH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
 
     rc = ssh_userauth_list(session, NULL);
@@ -450,7 +450,7 @@ static void torture_auth_agent(void **state) {
     rc = ssh_userauth_none(session,NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);
@@ -477,7 +477,7 @@ static void torture_auth_agent_nonblocking(void **state) {
     rc = ssh_userauth_none(session,NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);
@@ -562,7 +562,7 @@ static void torture_auth_pubkey_types(void **state)
     rc = ssh_userauth_none(session, NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);
@@ -599,7 +599,7 @@ static void torture_auth_pubkey_types_ecdsa(void **state)
     rc = ssh_userauth_none(session, NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);
@@ -637,7 +637,7 @@ static void torture_auth_pubkey_types_ed25519(void **state)
     rc = ssh_userauth_none(session, NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
     if (rc == SSH_ERROR) {
-        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+        assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
     }
     rc = ssh_userauth_list(session, NULL);
     assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY);

tests/client/torture_hostkey.c

@@ -163,7 +163,7 @@ static void torture_hostkey_ecdsa(void **state) {
 static void torture_hostkey_rsa_sha256(void **state) {
     struct torture_state *s = *state;
     ssh_session session = s->ssh.session;
-    char rsa[] = "rsa-sha2-256,ssh-rsa";
+    char rsa[] = "rsa-sha2-256";
 
     int rc;
 
@@ -182,7 +182,7 @@ static void torture_hostkey_rsa_sha256(void **state) {
 static void torture_hostkey_rsa_sha512(void **state) {
     struct torture_state *s = *state;
     ssh_session session = s->ssh.session;
-    char rsa[] = "rsa-sha2-512,ssh-rsa";
+    char rsa[] = "rsa-sha2-512";
 
     int rc;
 

tests/client/torture_knownhosts.c

@@ -328,6 +328,41 @@ static void torture_knownhosts_conflict(void **state) {
     /* session will be freed by session_teardown() */
 }
 
+static void torture_knownhosts_no_hostkeychecking(void **state)
+{
+
+    struct torture_state *s = *state;
+    ssh_session session = s->ssh.session;
+    char known_hosts_file[1024] = {0};
+    enum ssh_known_hosts_e found;
+    int strict_host_key_checking = 0;
+    int rc;
+
+    snprintf(known_hosts_file,
+             sizeof(known_hosts_file),
+             "%s/%s",
+             s->socket_dir,
+             TORTURE_KNOWN_HOSTS_FILE);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, known_hosts_file);
+    assert_ssh_return_code(session, rc);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_HOSTKEYS, "ssh-ed25519");
+    assert_ssh_return_code(session, rc);
+
+    rc = ssh_connect(session);
+    assert_ssh_return_code(session, rc);
+
+    found = ssh_session_is_known_server(session);
+    assert_int_equal(found, SSH_KNOWN_HOSTS_UNKNOWN);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_STRICTHOSTKEYCHECK, &strict_host_key_checking);
+    assert_ssh_return_code(session, rc);
+
+    found = ssh_session_is_known_server(session);
+    assert_int_equal(found, SSH_KNOWN_HOSTS_OK);
+}
+
 int torture_run_tests(void) {
     int rc;
     struct CMUnitTest tests[] = {
@@ -346,6 +381,9 @@ int torture_run_tests(void) {
         cmocka_unit_test_setup_teardown(torture_knownhosts_conflict,
                                         session_setup,
                                         session_teardown),
+        cmocka_unit_test_setup_teardown(torture_knownhosts_no_hostkeychecking,
+                                        session_setup,
+                                        session_teardown),
     };
 
     ssh_init();

tests/client/torture_proxycommand.c

@@ -9,6 +9,7 @@
 #include <sys/types.h>
 #include <pwd.h>
 #include <errno.h>
+#include <fcntl.h>
 
 static int sshd_setup(void **state)
 {
@@ -61,11 +62,16 @@ static void torture_options_set_proxycommand(void **state) {
     struct torture_state *s = *state;
     ssh_session session = s->ssh.session;
     int rc;
+    socket_t fd;
 
     rc = ssh_options_set(session, SSH_OPTIONS_PROXYCOMMAND, "nc 127.0.0.10 22");
     assert_int_equal(rc, 0);
     rc = ssh_connect(session);
     assert_ssh_return_code(session, rc);
+    fd = ssh_get_fd(session);
+    assert_true(fd != SSH_INVALID_SOCKET);
+    rc = fcntl(fd, F_GETFL);
+    assert_int_equal(rc & O_RDWR, O_RDWR);
 }
 
 static void torture_options_set_proxycommand_notexist(void **state) {

tests/pkd/pkd_client.h

@@ -46,12 +46,12 @@
   OPENSSH_PKACCEPTED_ECDSA      \
   OPENSSH_PKACCEPTED_DSA
 
-#define OPENSSH_CMD_START \
+#define OPENSSH_CMD_START(hostkey_algos) \
     OPENSSH_BINARY " "                  \
     "-o UserKnownHostsFile=/dev/null "  \
     "-o StrictHostKeyChecking=no "      \
     "-F /dev/null "                     \
-    OPENSSH_HOSTKEY_ALGOS " "           \
+    hostkey_algos " "                   \
     OPENSSH_PKACCEPTED_TYPES " "        \
     "-i " CLIENT_ID_FILE " "            \
     "1> %s.out "                        \
@@ -61,16 +61,19 @@
 #define OPENSSH_CMD_END "-p 1234 localhost ls"
 
 #define OPENSSH_CMD \
-    OPENSSH_CMD_START OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) OPENSSH_CMD_END
 
 #define OPENSSH_KEX_CMD(kexalgo) \
-    OPENSSH_CMD_START "-o KexAlgorithms=" kexalgo " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-o KexAlgorithms=" kexalgo " " OPENSSH_CMD_END
 
 #define OPENSSH_CIPHER_CMD(ciphers) \
-    OPENSSH_CMD_START "-c " ciphers " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-c " ciphers " " OPENSSH_CMD_END
 
 #define OPENSSH_MAC_CMD(macs) \
-    OPENSSH_CMD_START "-o MACs=" macs " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-o MACs=" macs " " OPENSSH_CMD_END
+
+#define OPENSSH_HOSTKEY_CMD(hostkeyalgo) \
+    OPENSSH_CMD_START("-o HostKeyAlgorithms=" hostkeyalgo " ") OPENSSH_CMD_END
 
 
 /* Dropbear */

tests/pkd/pkd_daemon.h

@@ -35,7 +35,7 @@ struct pkd_daemon_args {
         unsigned int iterations;
 
         struct {
-            const char *mkdtemp_str;
+            char *mkdtemp_str;
         } socket_wrapper;
     } opts;
 };

tests/pkd/pkd_hello.c

@@ -478,6 +478,12 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
     f(client, ecdsa_521_hmac_sha2_512,  maccmd("hmac-sha2-512"),  setup_ecdsa_521,  teardown)
 #endif
 
+#define PKDTESTS_HOSTKEY_OPENSSHONLY(f, client, hkcmd) \
+    f(client, rsa_sha2_256,     hkcmd("rsa-sha2-256"),               setup_rsa,    teardown) \
+    f(client, rsa_sha2_512,     hkcmd("rsa-sha2-512"),               setup_rsa,    teardown) \
+    f(client, rsa_sha2_256_512, hkcmd("rsa-sha2-256,rsa-sha2-512"),  setup_rsa,    teardown) \
+    f(client, rsa_sha2_512_256, hkcmd("rsa-sha2-512,rsa-sha2-256"),  setup_rsa,    teardown)
+
 static void torture_pkd_client_noop(void **state) {
     struct pkd_state *pstate = (struct pkd_state *) (*state);
     (void) pstate;
@@ -545,6 +551,7 @@ PKDTESTS_CIPHER(emit_keytest, openssh_rsa, OPENSSH_CIPHER_CMD)
 PKDTESTS_CIPHER_OPENSSHONLY(emit_keytest, openssh_rsa, OPENSSH_CIPHER_CMD)
 PKDTESTS_MAC(emit_keytest, openssh_rsa, OPENSSH_MAC_CMD)
 PKDTESTS_MAC_OPENSSHONLY(emit_keytest, openssh_rsa, OPENSSH_MAC_CMD)
+PKDTESTS_HOSTKEY_OPENSSHONLY(emit_keytest, openssh_rsa, OPENSSH_HOSTKEY_CMD)
 #undef CLIENT_ID_FILE
 
 #define CLIENT_ID_FILE OPENSSH_ECDSA256_TESTKEY
@@ -621,6 +628,7 @@ struct {
     PKDTESTS_CIPHER_OPENSSHONLY(emit_testmap, openssh_rsa, OPENSSH_CIPHER_CMD)
     PKDTESTS_MAC(emit_testmap, openssh_rsa, OPENSSH_MAC_CMD)
     PKDTESTS_MAC_OPENSSHONLY(emit_testmap, openssh_rsa, OPENSSH_MAC_CMD)
+    PKDTESTS_HOSTKEY_OPENSSHONLY(emit_testmap, openssh_rsa, OPENSSH_HOSTKEY_CMD)
 
     PKDTESTS_DEFAULT(emit_testmap, openssh_e256, OPENSSH_CMD)
     PKDTESTS_DEFAULT_OPENSSHONLY(emit_testmap, openssh_e256, OPENSSH_CMD)
@@ -849,6 +857,8 @@ static int pkd_cleanup_socket_wrapper(void) {
         goto errrmdir;
     }
 
+    free(pkd_dargs.opts.socket_wrapper.mkdtemp_str);
+
     goto out;
 errrmdir:
 errrmfiles:

tests/unittests/torture_config.c

@@ -284,7 +284,7 @@ static void torture_config_auth_methods(void **state) {
     assert_false(session->opts.flags & SSH_OPT_FLAG_PUBKEY_AUTH);
 
     /* no method should be left enabled */
-    assert_int_equal(session->opts.port, 0);
+    assert_int_equal(session->opts.flags, 0);
 
     /* gradually enable them again */
     ssh_options_set(session, SSH_OPTIONS_HOST, "gss");

tests/unittests/torture_init.c

@@ -16,10 +16,27 @@ static void torture_ssh_init(void **state) {
     assert_int_equal(rc, SSH_OK);
 }
 
+static void torture_ssh_init_after_finalize(void **state) {
+
+    int rc;
+
+    (void) state;
+
+    rc = ssh_init();
+    assert_int_equal(rc, SSH_OK);
+    rc = ssh_finalize();
+    assert_int_equal(rc, SSH_OK);
+    rc = ssh_init();
+    assert_int_equal(rc, SSH_OK);
+    rc = ssh_finalize();
+    assert_int_equal(rc, SSH_OK);
+}
+
 int torture_run_tests(void) {
     int rc;
     struct CMUnitTest tests[] = {
         cmocka_unit_test(torture_ssh_init),
+        cmocka_unit_test(torture_ssh_init_after_finalize),
     };
 
     torture_filter_tests(tests);

tests/unittests/torture_knownhosts_parsing.c

@@ -310,8 +310,9 @@ torture_knownhosts_algorithms(void **state)
     const char *knownhosts_file = *state;
     char *algo_list = NULL;
     ssh_session session;
-    const char *expect = "ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521,"
-                         "ecdsa-sha2-nistp384,ecdsa-sha2-nistp256"
+    const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,"
+                         "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,"
+                         "ecdsa-sha2-nistp256"
 #ifdef HAVE_DSA
                          ",ssh-dss"
 #endif
@@ -339,8 +340,9 @@ torture_knownhosts_algorithms_global(void **state)
     const char *knownhosts_file = *state;
     char *algo_list = NULL;
     ssh_session session;
-    const char *expect = "ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521,"
-                         "ecdsa-sha2-nistp384,ecdsa-sha2-nistp256"
+    const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,"
+                         "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,"
+                         "ecdsa-sha2-nistp256"
 #ifdef HAVE_DSA
                          ",ssh-dss"
 #endif

tests/unittests/torture_options.c

@@ -12,6 +12,7 @@
 #include <libssh/session.h>
 #include <libssh/misc.h>
 #include <libssh/pki_priv.h>
+#include <libssh/options.h>
 
 static int setup(void **state)
 {
@@ -392,6 +393,16 @@ static void torture_options_set_knownhosts(void **state)
     assert_ssh_return_code(session, rc);
     assert_string_equal(session->opts.knownhosts,
                         "/home/libssh/.ssh/known_hosts");
+
+    /* The NULL value should not crash the libssh */
+    rc = ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, NULL);
+    assert_ssh_return_code(session, rc);
+    assert_null(session->opts.knownhosts);
+
+    /* ssh_options_apply() should set the path to correct value */
+    rc = ssh_options_apply(session);
+    assert_ssh_return_code(session, rc);
+    assert_true(session->opts.knownhosts != NULL);
 }
 
 static void torture_options_get_knownhosts(void **state)
@@ -651,7 +662,7 @@ static void torture_bind_options_import_key(void **state)
     assert_int_equal(rc, 0);
 #endif
     /* set ecdsa key */
-    base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 512, 0);
+    base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 521, 0);
     rc = ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key);
     assert_int_equal(rc, SSH_OK);
     assert_non_null(key);

tests/unittests/torture_packet_filter.c

@@ -462,6 +462,36 @@ static void torture_packet_filter_check_auth_success(void **state)
     assert_int_equal(rc, 0);
 }
 
+static void torture_packet_filter_check_msg_ext_info(void **state)
+{
+    int rc;
+
+    global_state accepted[] = {
+        {
+            .flags = (COMPARE_SESSION_STATE |
+                    COMPARE_DH_STATE),
+            .session = SSH_SESSION_STATE_AUTHENTICATING,
+            .dh = DH_STATE_FINISHED,
+        },
+        {
+            .flags = (COMPARE_SESSION_STATE |
+                    COMPARE_DH_STATE),
+            .session = SSH_SESSION_STATE_AUTHENTICATED,
+            .dh = DH_STATE_FINISHED,
+        },
+    };
+
+    int accepted_count = 2;
+
+    /* Unused */
+    (void) state;
+
+    rc = check_message_in_all_states(accepted, accepted_count,
+            SSH2_MSG_EXT_INFO);
+
+    assert_int_equal(rc, 0);
+}
+
 static void torture_packet_filter_check_channel_open(void **state)
 {
     int rc;
@@ -492,6 +522,7 @@ int torture_run_tests(void)
         cmocka_unit_test(torture_packet_filter_check_auth_success),
         cmocka_unit_test(torture_packet_filter_check_channel_open),
         cmocka_unit_test(torture_packet_filter_check_unfiltered),
+        cmocka_unit_test(torture_packet_filter_check_msg_ext_info)
     };
 
     ssh_init();

tests/unittests/torture_pki.c

@@ -9,6 +9,10 @@
 #include "torture_pki.h"
 #include "pki.c"
 
+
+const unsigned char HASH[] = "1234567890123456789012345678901234567890"
+                             "123456789012345678901234";
+
 static void torture_pki_keytype(void **state) {
     enum ssh_keytypes_e type;
     const char *type_c;
@@ -43,11 +47,227 @@ static void torture_pki_signature(void **state)
     ssh_signature_free(sig);
 }
 
+/* Maps to enum ssh_keytypes_e */
+const char *key_types[] = {
+    "", /* UNKNOWN */
+    "ssh-dss",
+    "ssh-rsa",
+    "",/* RSA1 */
+    "ecdsa-sha2-nistp521",
+    "ssh-ed25519",
+};
+
+/* Maps to enum ssh_keytypes_e */
+const int key_sizes[] = {
+    0, /* UNKNOWN */
+    1024,
+    2048,
+    0, /* RSA1 */
+    521,
+    0,
+};
+
+/* Maps to enum ssh_keytypes_e */
+const int sig_lengths[]  = {
+    0, /* UNKNOWN */
+    20,
+    20,
+    0, /* RSA1 */
+    64,
+    33,
+};
+
+/* Maps to enum ssh_keytypes_e */
+const char *signature_types[] = {
+    "", /* UNKNOWN */
+    "ssh-dss",
+    "ssh-rsa",
+    "",/* RSA1 */
+    "ecdsa-sha2-nistp521",
+    "ssh-ed25519",
+};
+
+/* Maps to enum ssh_digest_e */
+const char *hash_signatures[] = {
+    "", /* Not used here */
+    "ssh-rsa",
+    "rsa-sha2-256",
+    "rsa-sha2-512",
+};
+
+/* Maps to enum ssh_digest_e */
+int hash_lengths[] = {
+    0, /* Not used here */
+    20,
+    32,
+    64,
+};
+
+/* This tests all the base types and their signatures against each other */
+static void torture_pki_verify_mismatch(void **state)
+{
+    int rc;
+    int verbosity = torture_libssh_verbosity();
+    ssh_key key = NULL, verify_key = NULL;
+    ssh_signature sign = NULL, import_sig = NULL, new_sig = NULL;
+    ssh_string blob;
+    ssh_session session = ssh_new();
+    enum ssh_keytypes_e key_type, sig_type, first_key;
+    enum ssh_digest_e hash;
+    int hash_length;
+
+    (void) state;
+
+    ssh_options_set(session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
+
+#ifdef HAVE_DSA
+    first_key = SSH_KEYTYPE_DSS;
+#else
+    first_key = SSH_KEYTYPE_RSA;
+#endif /* HAVE_DSA */
+
+    for (sig_type = first_key;
+         sig_type <= SSH_KEYTYPE_ED25519;
+         sig_type++) {
+        if (sig_type == SSH_KEYTYPE_RSA1) {
+            continue;
+        }
+        rc = ssh_pki_generate(sig_type, key_sizes[sig_type], &key);
+        assert_true(rc == SSH_OK);
+        assert_true(key != NULL);
+        assert_int_equal(key->type, sig_type);
+        assert_string_equal(key->type_c, key_types[sig_type]);
+
+        for (hash = SSH_DIGEST_AUTO;
+             hash <= SSH_DIGEST_SHA512;
+             hash++) {
+            hash_length = ((hash == SSH_DIGEST_AUTO) ?
+                              sig_lengths[sig_type] : hash_lengths[hash]);
+
+            SSH_LOG(SSH_LOG_TRACE, "Creating signature %d with hash %d",
+                    sig_type, hash);
+
+            /* Create a valid signature using this key */
+            sign = pki_do_sign_hash(key, HASH, hash_length, hash);
+            assert_true(sign != NULL);
+            assert_int_equal(sign->type, key->type);
+            if (hash == SSH_DIGEST_AUTO) {
+                assert_string_equal(sign->type_c, key->type_c);
+                assert_string_equal(sign->type_c, signature_types[sig_type]);
+            } else {
+                assert_string_equal(sign->type_c, hash_signatures[hash]);
+            }
+
+            /* Create a signature blob that can be imported and verified */
+            blob = pki_signature_to_blob(sign);
+            assert_non_null(blob);
+
+            /* Import and verify with current key
+             * (this is not tested anywhere else yet) */
+            import_sig = pki_signature_from_blob(key,
+                                                 blob,
+                                                 sig_type,
+                                                 hash);
+            assert_non_null(import_sig);
+            assert_int_equal(import_sig->type, key->type);
+            if (hash == SSH_DIGEST_AUTO) {
+                assert_string_equal(import_sig->type_c, key->type_c);
+                assert_string_equal(import_sig->type_c, signature_types[sig_type]);
+            } else {
+                assert_string_equal(import_sig->type_c, hash_signatures[hash]);
+            }
+
+            /* Internal API: Should work */
+            rc = pki_signature_verify(session,
+                                      import_sig,
+                                      key,
+                                      HASH,
+                                      hash_length);
+            assert_true(rc == SSH_OK);
+
+            /* XXX Test all the hash versions only with RSA.
+             * This also skips the cleanup for the last hash so we can use the
+             * created signatures later on
+             */
+            if (sig_type != SSH_KEYTYPE_RSA || hash == SSH_DIGEST_SHA512) {
+                break;
+            }
+            ssh_string_free(blob);
+            ssh_signature_free(sign);
+            ssh_signature_free(import_sig);
+        }
+
+        for (key_type = first_key;
+             key_type <= SSH_KEYTYPE_ED25519;
+             key_type++) {
+            if (key_type == SSH_KEYTYPE_RSA1) {
+                continue;
+            }
+            SSH_LOG(SSH_LOG_TRACE, "Trying key %d with signature %d",
+                    key_type, sig_type);
+
+            rc = ssh_pki_generate(key_type, key_sizes[key_type], &verify_key);
+            assert_true(rc == SSH_OK);
+            assert_true(verify_key != NULL);
+
+            /* Should gradefully fail, but not crash */
+            rc = pki_signature_verify(session,
+                                      sign,
+                                      verify_key,
+                                      HASH,
+                                      hash_length);
+            assert_true(rc != SSH_OK);
+
+            /* Try the same with the imported signature */
+            rc = pki_signature_verify(session,
+                                      import_sig,
+                                      verify_key,
+                                      HASH,
+                                      hash_length);
+            assert_true(rc != SSH_OK);
+
+            /* Try to import the signature blob with different key */
+            new_sig = pki_signature_from_blob(verify_key,
+                                              blob,
+                                              sig_type,
+                                              SSH_DIGEST_SHA1);
+            if (sig_type != key_type) {
+                assert_true(new_sig == NULL);
+            } else {
+                /* Importing with the same key type should work */
+                assert_true(new_sig != NULL);
+                assert_int_equal(new_sig->type, key->type);
+                assert_string_equal(new_sig->type_c, key->type_c);
+                assert_string_equal(new_sig->type_c, signature_types[sig_type]);
+
+                /* The verificaiton should not work */
+                rc = pki_signature_verify(session,
+                                          new_sig,
+                                          verify_key,
+                                          HASH,
+                                          hash_length);
+                assert_true(rc != SSH_OK);
+
+                ssh_signature_free(new_sig);
+            }
+            SSH_KEY_FREE(verify_key);
+        }
+        ssh_string_free(blob);
+        ssh_signature_free(sign);
+        ssh_signature_free(import_sig);
+        SSH_KEY_FREE(key);
+        key = NULL;
+    }
+
+    ssh_free(session);
+}
+
 int torture_run_tests(void) {
     int rc;
     struct CMUnitTest tests[] = {
         cmocka_unit_test(torture_pki_keytype),
         cmocka_unit_test(torture_pki_signature),
+        cmocka_unit_test(torture_pki_verify_mismatch),
     };
 
     ssh_init();

tests/unittests/torture_pki_ecdsa.c

@@ -392,7 +392,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
     ssh_signature_free(sign);
     SSH_KEY_FREE(key);
 
-    rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 512, &key);
+    rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 521, &key);
     assert_true(rc == SSH_OK);
     assert_true(key != NULL);
     sign = pki_do_sign(key, ECDSA_HASH, 20);