Bump version to 0.7.4

Signed-off-by: Tilo Eckert <tilo.eckert@flam.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 4f392ebc7e)

.gitignore

@@ -3,7 +3,7 @@
 .*
 *.swp
 *~$
-obj
 cscope.*
 tags
-build
+/build
+/obj*

CMakeLists.txt

@@ -8,7 +8,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 
 set(APPLICATION_VERSION_MAJOR "0")
 set(APPLICATION_VERSION_MINOR "7")
-set(APPLICATION_VERSION_PATCH "0")
+set(APPLICATION_VERSION_PATCH "4")
 
 set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
 
@@ -19,12 +19,12 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.4.0")
+set(LIBRARY_VERSION "4.4.1")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
 set(CMAKE_MODULE_PATH
-  ${CMAKE_SOURCE_DIR}/cmake/Modules
+  ${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules
 )
 
 # add definitions
@@ -84,8 +84,8 @@ add_subdirectory(include)
 add_subdirectory(src)
 
 # pkg-config file
+if (UNIX)
 configure_file(libssh.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc)
-configure_file(libssh_threads.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh_threads.pc)
 install(
   FILES
     ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc
@@ -96,6 +96,20 @@ install(
     pkgconfig
 )
 
+    if (LIBSSH_THREADS)
+        configure_file(libssh_threads.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh_threads.pc)
+        install(
+          FILES
+            ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc
+            ${CMAKE_CURRENT_BINARY_DIR}/libssh_threads.pc
+          DESTINATION
+            ${LIB_INSTALL_DIR}/pkgconfig
+          COMPONENT
+            pkgconfig
+        )
+    endif (LIBSSH_THREADS)
+endif (UNIX)
+
 # cmake config files
 set(LIBSSH_LIBRARY_NAME ${CMAKE_SHARED_LIBRARY_PREFIX}ssh${CMAKE_SHARED_LIBRARY_SUFFIX})
 set(LIBSSH_THREADS_LIBRARY_NAME ${CMAKE_SHARED_LIBRARY_PREFIX}ssh${CMAKE_SHARED_LIBRARY_SUFFIX})

CPackConfig.cmake

@@ -4,10 +4,10 @@
 ### general settings
 set(CPACK_PACKAGE_NAME ${APPLICATION_NAME})
 set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "The SSH library")
-set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_SOURCE_DIR}/README")
+set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_CURRENT_SOURCE_DIR}/README")
 set(CPACK_PACKAGE_VENDOR "The SSH Library Development Team")
 set(CPACK_PACKAGE_INSTALL_DIRECTORY ${CPACK_PACKAGE_NAME})
-set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
+set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_CURRENT_SOURCE_DIR}/COPYING")
 
 
 ### versions
@@ -18,8 +18,8 @@ set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSIO
 
 
 ### source generator
-set(CPACK_SOURCE_GENERATOR "TGZ")
+set(CPACK_SOURCE_GENERATOR "TXZ")
-set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;/obj/;tags;cscope.*")
+set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;/obj*/;tags;cscope.*")
 set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 
 if (WIN32)

ChangeLog

@@ -1,7 +1,32 @@
 ChangeLog
 ==========
+version 0.7.4 (released 2017-02-03)
+  * Added id_ed25519 to the default identity list
+  * Fixed sftp EOF packet handling
+  * Fixed ssh_send_banner() to confirm with RFC 4253
+  * Fixed some memory leaks
 
-version 0.7.0 (released 2015-05-xx)
+version 0.7.3 (released 2016-01-23)
+  * Fixed CVE-2016-0739
+  * Fixed ssh-agent on big endian
+  * Fixed some documentation issues
+
+version 0.7.2 (released 2015-09-15)
+  * Fixed OpenSSL detection on Windows
+  * Fixed return status for ssh_userauth_agent()
+  * Fixed KEX to prefer hmac-sha2-256
+  * Fixed sftp packet handling
+  * Fixed return values of ssh_key_is_(public|private)
+  * Fixed bug in global success reply
+
+version 0.7.1 (released 2015-06-30)
+  * Fixed SSH_AUTH_PARTIAL auth with auto public key
+  * Fixed memory leak in session options
+  * Fixed allocation of ed25519 public keys
+  * Fixed channel exit-status and exit-signal
+  * Reintroduce ssh_forward_listen()
+
+version 0.7.0 (released 2015-05-11)
   * Added support for ed25519 keys
   * Added SHA2 algorithms for HMAC
   * Added improved and more secure buffer handling code

ConfigureChecks.cmake

@@ -1,4 +1,5 @@
 include(CheckIncludeFile)
+include(CheckIncludeFiles)
 include(CheckSymbolExists)
 include(CheckFunctionExists)
 include(CheckLibraryExists)
@@ -56,6 +57,7 @@ check_include_file(libutil.h HAVE_LIBUTIL_H)
 check_include_file(sys/time.h HAVE_SYS_TIME_H)
 check_include_file(sys/param.h HAVE_SYS_PARAM_H)
 check_include_file(arpa/inet.h HAVE_ARPA_INET_H)
+check_include_file(byteswap.h HAVE_BYTESWAP_H)
 
 if (WIN32)
   check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
@@ -65,23 +67,31 @@ if (WIN32)
   check_include_files("winsock2.h;ws2tcpip.h" HAVE_WS2TCPIP_H)
 endif (WIN32)
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+if (OPENSSL_FOUND)
-check_include_file(openssl/aes.h HAVE_OPENSSL_AES_H)
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+    check_include_file(openssl/des.h HAVE_OPENSSL_DES_H)
+    if (NOT HAVE_OPENSSL_DES_H)
+        message(FATAL_ERROR "Could not detect openssl/des.h")
+    endif()
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
+    check_include_file(openssl/aes.h HAVE_OPENSSL_AES_H)
+    if (NOT HAVE_OPENSSL_AES_H)
+        message(FATAL_ERROR "Could not detect openssl/aes.h")
+    endif()
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-check_include_file(openssl/des.h HAVE_OPENSSL_DES_H)
+    check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-check_include_file(openssl/ecdh.h HAVE_OPENSSL_ECDH_H)
+    check_include_file(openssl/ecdh.h HAVE_OPENSSL_ECDH_H)
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-check_include_file(openssl/ec.h HAVE_OPENSSL_EC_H)
+    check_include_file(openssl/ec.h HAVE_OPENSSL_EC_H)
 
-set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-check_include_file(openssl/ecdsa.h HAVE_OPENSSL_ECDSA_H)
+    check_include_file(openssl/ecdsa.h HAVE_OPENSSL_ECDSA_H)
+endif()
 
 if (CMAKE_HAVE_PTHREAD_H)
   set(HAVE_PTHREAD_H 1)
@@ -101,16 +111,21 @@ endif (NOT WITH_GCRYPT)
 
 check_function_exists(isblank HAVE_ISBLANK)
 check_function_exists(strncpy HAVE_STRNCPY)
-check_function_exists(vsnprintf HAVE_VSNPRINTF)
+check_function_exists(strtoull HAVE_STRTOULL)
-check_function_exists(snprintf HAVE_SNPRINTF)
+
+if (NOT WIN32)
+  check_function_exists(vsnprintf HAVE_VSNPRINTF)
+  check_function_exists(snprintf HAVE_SNPRINTF)
+endif (NOT WIN32)
 
 if (WIN32)
-    check_function_exists(_strtoui64 HAVE__STRTOUI64)
+    check_symbol_exists(vsnprintf "stdio.h" HAVE_VSNPRINTF)
+    check_symbol_exists(snprintf "stdio.h" HAVE_SNPRINTF)
 
-    check_function_exists(_vsnprintf_s HAVE__VSNPRINTF_S)
+    check_symbol_exists(_vsnprintf_s "stdio.h" HAVE__VSNPRINTF_S)
-    check_function_exists(_vsnprintf HAVE__VSNPRINTF)
+    check_symbol_exists(_vsnprintf "stdio.h" HAVE__VSNPRINTF)
-    check_function_exists(_snprintf HAVE__SNPRINTF)
+    check_symbol_exists(_snprintf "stdio.h" HAVE__SNPRINTF)
-    check_function_exists(_snprintf_s HAVE__SNPRINTF_S)
+    check_symbol_exists(_snprintf_s "stdio.h" HAVE__SNPRINTF_S)
 
     if (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H)
         check_symbol_exists(ntohll winsock2.h HAVE_NTOHLL)
@@ -124,6 +139,8 @@ if (WIN32)
         set(CMAKE_REQUIRED_LIBRARIES)
     endif (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H)
 
+    check_function_exists(_strtoui64 HAVE__STRTOUI64)
+
     set(HAVE_SELECT TRUE)
 else (WIN32)
     check_function_exists(poll HAVE_POLL)
@@ -161,7 +178,6 @@ if (UNIX)
 
     check_library_exists(util forkpty "" HAVE_LIBUTIL)
     check_function_exists(cfmakeraw HAVE_CFMAKERAW)
-    check_function_exists(strtoull HAVE_STRTOULL)
     check_function_exists(__strtoull HAVE___STRTOULL)
 endif (UNIX)
 

README

@@ -33,130 +33,11 @@ If you ask yourself how to compile libssh, please read INSTALL before anything.
 
 http://www.libssh.org
 
-4* API Changes !
+4* Contributing
 -_-_-_-_-_-_-_-_-_
 
-Changes between 0.4 and 0.5
+Please read the file 'SubmittingPatches' next to this README file. It explains
----------------------------
+our copyright policy and how you should send patches for upstream inclusion.
-
-We use the ssh_ prefix as namespace for every function now. There is a legacy.h
-which could be used to get the old function names.
-
-Changes between 0.3 and 0.4
----------------------------
-
-We changed libssh to be typesafe now:
-
-SSH_SESSION *session -> ssh_session session
-SFTP_SESSION *sftp -> sftp_session sftp
-CHANNEL *channel -> ssh_channel channel
-STRING *string -> ssh_string string
-...
-
-The options structure has been removed and there is a new function. This
-function can set all available options now. You can find the enum in the
-header file and it is documented. Example:
-
-ssh_options_set(session, SSH_OPTIONS_HOST, "localhost");
-
-5* Copyright policy
--_-_-_-_-_-_-_-_-_-_
-
-libssh is a project with distributed copyright ownership, which means we prefer
-the copyright on parts of libssh to be held by individuals rather than
-corporations if possible. There are historical legal reasons for this, but one
-of the best ways to explain it is that it’s much easier to work with
-individuals who have ownership than corporate legal departments if we ever need
-to make reasonable compromises with people using and working with libssh.
-
-We track the ownership of every part of libssh via git, our source code control
-system, so we know the provenance of every piece of code that is committed to
-libssh.
-
-So if possible, if you’re doing libssh changes on behalf of a company who
-normally owns all the work you do please get them to assign personal copyright
-ownership of your changes to you as an individual, that makes things very easy
-for us to work with and avoids bringing corporate legal departments into the
-picture.
-
-If you can’t do this we can still accept patches from you owned by your
-employer under a standard employment contract with corporate copyright
-ownership. It just requires a simple set-up process first.
-
-We use a process very similar to the way things are done in the Linux Kernel
-community, so it should be very easy to get a sign off from your corporate
-legal department. The only changes we’ve made are to accommodate the license we
-use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2.
-
-The process is called signing.
-
-How to sign your work
-----------------------
-
-Once you have permission to contribute to libssh from your employer, simply
-email a copy of the following text from your corporate email address to:
-
-contributing@libssh.org
-
---------------------------------------------------------------------------
-libssh Developer's Certificate of Origin. Version 1.0
-
-By making a contribution to this project, I certify that:
-
-(a) The contribution was created in whole or in part by me and I
-    have the right to submit it under the appropriate
-    version of the GNU General Public License; or
-
-(b) The contribution is based upon previous work that, to the best of
-    my knowledge, is covered under an appropriate open source license
-    and I have the right under that license to submit that work with
-    modifications, whether created in whole or in part by me, under
-    the GNU General Public License, in the appropriate version; or
-
-(c) The contribution was provided directly to me by some other
-    person who certified (a) or (b) and I have not modified it.
-
-(d) I understand and agree that this project and the contribution are
-    public and that a record of the contribution (including all
-    metadata and personal information I submit with it, including my
-    sign-off) is maintained indefinitely and may be redistributed
-    consistent with the libssh Team's policies and the requirements of
-    the GNU GPL where they are relevant.
-
-(e) I am granting this work to this project under the terms of the
-    GNU Lesser General Public License as published by the
-    Free Software Foundation; either version 2.1 of
-    the License, or (at the option of the project) any later version.
-
-http://www.gnu.org/licenses/lgpl-2.1.html
---------------------------------------------------------------------------
-
-We will maintain a copy of that email as a record that you have the rights to
-contribute code to libssh under the required licenses whilst working for the
-company where the email came from.
-
-Then when sending in a patch via the normal mechanisms described above, add a
-line that states:
-
-
-   Signed-off-by: Random J Developer <random@developer.example.org>
-
-
-using your real name and the email address you sent the original email you used
-to send the libssh Developer’s Certificate of Origin to us (sorry, no
-pseudonyms or anonymous contributions.)
-
-That’s it! Such code can then quite happily contain changes that have copyright
-messages such as:
-
-
-   (c) Example Corporation.
-
-
-and can be merged into the libssh codebase in the same way as patches from any
-other individual. You don’t need to send in a copy of the libssh Developer’s
-Certificate of Origin for each patch, or inside each patch. Just the sign-off
-message is all that is required once we’ve received the initial email.
 
 Have fun and happy libssh hacking!
 

doc/command.dox

@@ -56,7 +56,7 @@ If an error has been encountered, it returns a negative value:
 
 @code
   char buffer[256];
-  unsigned int nbytes;
+  int nbytes;
 
   nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
   while (nbytes > 0)

doc/guided_tour.dox

@@ -367,7 +367,7 @@ int show_remote_processes(ssh_session session)
   ssh_channel channel;
   int rc;
   char buffer[256];
-  unsigned int nbytes;
+  int nbytes;
 
   channel = ssh_channel_new(session);
   if (channel == NULL)
@@ -391,7 +391,7 @@ int show_remote_processes(ssh_session session)
   nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
   while (nbytes > 0)
   {
-    if (write(1, buffer, nbytes) != nbytes)
+    if (write(1, buffer, nbytes) != (unsigned int) nbytes)
     {
       ssh_channel_close(channel);
       ssh_channel_free(channel);

doc/sftp.dox

@@ -253,7 +253,7 @@ int sftp_read_sync(ssh_session session, sftp_session sftp)
           return SSH_ERROR;
       }
 
-      nwritten = write(fd, buf, nbytes);
+      nwritten = write(fd, buffer, nbytes);
       if (nwritten != nbytes) {
           fprintf(stderr, "Error writing: %s\n",
                   strerror(errno));
@@ -282,7 +282,7 @@ sftp_async_read() waits for the data to come. To open a file in nonblocking mode
 call sftp_file_set_nonblocking() right after you opened it. Default is blocking mode.
 
 The example below reads a very big file in asynchronous, nonblocking, mode. Each
-time the data are not ready yet, a counter is incrementer.
+time the data is not ready yet, a counter is incremented.
 
 @code
 // Good chunk size

include/CMakeLists.txt

@@ -1,3 +1,3 @@
-project(headers C)
+project(libssh-headers-x C)
 
 add_subdirectory(libssh)

include/libssh/libssh.h

@@ -58,6 +58,7 @@
 #else /* _MSC_VER */
   #include <unistd.h>
   #include <inttypes.h>
+  #include <sys/types.h>
 #endif /* _MSC_VER */
 
 #ifdef _WIN32
@@ -78,7 +79,7 @@
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  7
-#define LIBSSH_VERSION_MICRO  0
+#define LIBSSH_VERSION_MICRO  4
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \
@@ -588,6 +589,7 @@ LIBSSH_API int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socke
     fd_set *readfds, struct timeval *timeout);
 LIBSSH_API int ssh_service_request(ssh_session session, const char *service);
 LIBSSH_API int ssh_set_agent_channel(ssh_session session, ssh_channel channel);
+LIBSSH_API int ssh_set_agent_socket(ssh_session session, socket_t fd);
 LIBSSH_API void ssh_set_blocking(ssh_session session, int blocking);
 LIBSSH_API void ssh_set_counters(ssh_session session, ssh_counter scounter,
                                  ssh_counter rcounter);

include/libssh/misc.h

@@ -33,15 +33,6 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2);
 int ssh_is_ipaddr_v4(const char *str);
 int ssh_is_ipaddr(const char *str);
 
-#ifndef HAVE_NTOHLL
-/* macro for byte ordering */
-uint64_t ntohll(uint64_t);
-#endif
-
-#ifndef HAVE_HTONLL
-#define htonll(x) ntohll((x))
-#endif
-
 /* list processing */
 
 struct ssh_list {

include/libssh/priv.h

@@ -43,6 +43,16 @@
 # endif
 #endif /* !defined(HAVE_STRTOULL) */
 
+#ifdef HAVE_BYTESWAP_H
+#include <byteswap.h>
+#endif
+
+#ifndef bswap_32
+#define bswap_32(x) \
+    ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >>  8) | \
+     (((x) & 0x0000ff00) <<  8) | (((x) & 0x000000ff) << 24))
+#endif
+
 #ifdef _WIN32
 
 /* Imitate define of inttypes.h */
@@ -60,11 +70,16 @@
 
 # ifdef _MSC_VER
 #  include <stdio.h>
+#  include <stdarg.h> /* va_copy define check */
 
 /* On Microsoft compilers define inline to __inline on all others use inline */
 #  undef inline
 #  define inline __inline
 
+#  ifndef va_copy
+#   define va_copy(dest, src) (dest = src)
+#  endif
+
 #  define strcasecmp _stricmp
 #  define strncasecmp _strnicmp
 #  if ! defined(HAVE_ISBLANK)
@@ -131,10 +146,10 @@ int gettimeofday(struct timeval *__p, void *__t);
 #define ERROR_BUFFERLEN 1024
 #endif
 #ifndef CLIENTBANNER1
-#define CLIENTBANNER1 "SSH-1.5-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
+#define CLIENTBANNER1 "SSH-1.5-libssh_" SSH_STRINGIFY(LIBSSH_VERSION)
 #endif
 #ifndef CLIENTBANNER2
-#define CLIENTBANNER2 "SSH-2.0-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
+#define CLIENTBANNER2 "SSH-2.0-libssh_" SSH_STRINGIFY(LIBSSH_VERSION)
 #endif
 #ifndef KBDINT_MAX_PROMPT
 #define KBDINT_MAX_PROMPT 256 /* more than openssh's :) */
@@ -346,5 +361,25 @@ int match_hostname(const char *host, const char *pattern, unsigned int len);
 
 #define CLOSE_SOCKET(s) do { if ((s) != SSH_INVALID_SOCKET) { _XCLOSESOCKET(s); (s) = SSH_INVALID_SOCKET;} } while(0)
 
+#ifndef HAVE_HTONLL
+# ifdef WORDS_BIGENDIAN
+#  define htonll(x) (x)
+# else
+#  define htonll(x) \
+    (((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32))
+# endif
+#endif
+
+#ifndef HAVE_NTOHLL
+# ifdef WORDS_BIGENDIAN
+#  define ntohll(x) (x)
+# else
+#  define ntohll(x) \
+    (((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32))
+# endif
+#endif
+
+void ssh_agent_state_free(void *data);
+
 #endif /* _LIBSSH_PRIV_H */
 /* vim: set ts=4 sw=4 et cindent: */

src/CMakeLists.txt

@@ -1,12 +1,12 @@
 project(libssh-library C)
 
 set(LIBSSH_PUBLIC_INCLUDE_DIRS
-  ${CMAKE_SOURCE_DIR}/include
+  ${libssh_SOURCE_DIR}/include
   CACHE INTERNAL "libssh public include directories"
 )
 
 set(LIBSSH_PRIVATE_INCLUDE_DIRS
-  ${CMAKE_BINARY_DIR}
+  ${libssh_BINARY_DIR}
 )
 
 set(LIBSSH_LINK_LIBRARIES
@@ -54,7 +54,7 @@ endif (GCRYPT_LIBRARY)
 if (WITH_ZLIB)
   set(LIBSSH_PRIVATE_INCLUDE_DIRS
     ${LIBSSH_PRIVATE_INCLUDE_DIRS}
-    ${ZLIB_INCLUDE_DIRS}
+    ${ZLIB_INCLUDE_DIR}
   )
 
   set(LIBSSH_LINK_LIBRARIES
@@ -300,6 +300,7 @@ if (WITH_STATIC_LIB)
   )
 endif (WITH_STATIC_LIB)
 
+message(STATUS "Threads_FOUND=${Threads_FOUND}")
 if (Threads_FOUND)
     add_subdirectory(threads)
 endif (Threads_FOUND)

src/agent.c

@@ -185,15 +185,32 @@ int ssh_set_agent_channel(ssh_session session, ssh_channel channel){
   return SSH_OK;
 }
 
+/** @brief sets the SSH agent socket.
+ * The SSH agent will be used to authenticate this client using
+ * the given socket to communicate with the ssh-agent. The caller
+ * is responsible for connecting to the socket prior to calling
+ * this function.
+ * @returns SSH_OK in case of success
+ *          SSH_ERROR in case of an error
+ */
+int ssh_set_agent_socket(ssh_session session, socket_t fd){
+  if (!session)
+    return SSH_ERROR;
+  if (!session->agent){
+    ssh_set_error(session, SSH_REQUEST_DENIED, "Session has no active agent");
+    return SSH_ERROR;
+  }
+
+  ssh_socket_set_fd(session->agent->sock, fd);
+  return SSH_OK;
+}
 
 void agent_close(struct ssh_agent_struct *agent) {
   if (agent == NULL) {
     return;
   }
 
-  if (getenv("SSH_AUTH_SOCK")) {
+  ssh_socket_close(agent->sock);
-    ssh_socket_close(agent->sock);
-  }
 }
 
 void agent_free(ssh_agent agent) {
@@ -365,6 +382,9 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
     ssh_buffer_free(reply);
     return -1;
   }
+#ifdef WORDS_BIGENDIAN
+  type = bswap_32(type);
+#endif
 
   SSH_LOG(SSH_LOG_WARN,
       "Answer type: %d, expected answer: %d",
@@ -375,7 +395,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
       return 0;
   } else if (type != c2) {
       ssh_set_error(session, SSH_FATAL,
-          "Bad authentication reply message type: %d", type);
+          "Bad authentication reply message type: %u", type);
       ssh_buffer_free(reply);
       return -1;
   }
@@ -490,8 +510,8 @@ ssh_string ssh_agent_sign_data(ssh_session session,
     ssh_buffer reply;
     ssh_string key_blob;
     ssh_string sig_blob;
-    int type = SSH2_AGENT_FAILURE;
+    unsigned int type = 0;
-    int flags = 0;
+    unsigned int flags = 0;
     uint32_t dlen;
     int rc;
 
@@ -555,13 +575,19 @@ ssh_string ssh_agent_sign_data(ssh_session session,
         ssh_buffer_free(reply);
         return NULL;
     }
+#ifdef WORDS_BIGENDIAN
+    type = bswap_32(type);
+#endif
 
     if (agent_failed(type)) {
         SSH_LOG(SSH_LOG_WARN, "Agent reports failure in signing the key");
         ssh_buffer_free(reply);
         return NULL;
     } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
-        ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type);
+        ssh_set_error(session,
+                      SSH_FATAL,
+                      "Bad authentication response: %u",
+                      type);
         ssh_buffer_free(reply);
         return NULL;
     }

src/auth.c

@@ -209,8 +209,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure){
             "Access denied. Authentication that can continue: %s",
             auth_methods);
 
-    session->auth_methods = 0;
   }
+  session->auth_methods = 0;
   if (strstr(auth_methods, "password") != NULL) {
     session->auth_methods |= SSH_AUTH_METHOD_PASSWORD;
   }
@@ -740,6 +740,15 @@ struct ssh_agent_state_struct {
     char *comment;
 };
 
+/* Internal function */
+void ssh_agent_state_free(void *data) {
+    struct ssh_agent_state_struct *state = data;
+    if (state) {
+        ssh_string_free_char(state->comment);
+        ssh_key_free(state->pubkey);
+        free (state);
+    }
+}
 
 /**
  * @brief Try to do public key authentication with ssh agent.
@@ -786,6 +795,11 @@ int ssh_userauth_agent(ssh_session session,
     state = session->agent_state;
     if (state->pubkey == NULL)
         state->pubkey = ssh_agent_get_first_ident(session, &state->comment);
+
+    if (state->pubkey == NULL) {
+        return SSH_AUTH_DENIED;
+    }
+
     while (state->pubkey != NULL) {
         if(state->state == SSH_AGENT_STATE_NONE){
             SSH_LOG(SSH_LOG_DEBUG,
@@ -795,9 +809,8 @@ int ssh_userauth_agent(ssh_session session,
                 state->state == SSH_AGENT_STATE_PUBKEY){
             rc = ssh_userauth_try_publickey(session, username, state->pubkey);
             if (rc == SSH_AUTH_ERROR) {
-                ssh_string_free_char(state->comment);
+                ssh_agent_state_free (state);
-                ssh_key_free(state->pubkey);
+                session->agent_state = NULL;
-                SAFE_FREE(session->agent_state);
                 return rc;
             } else if (rc == SSH_AUTH_AGAIN) {
                 state->state = SSH_AGENT_STATE_PUBKEY;
@@ -806,6 +819,7 @@ int ssh_userauth_agent(ssh_session session,
                 SSH_LOG(SSH_LOG_DEBUG,
                         "Public key of %s refused by server", state->comment);
                 ssh_string_free_char(state->comment);
+                state->comment = NULL;
                 ssh_key_free(state->pubkey);
                 state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
                 state->state = SSH_AGENT_STATE_NONE;
@@ -821,23 +835,27 @@ int ssh_userauth_agent(ssh_session session,
             if (rc == SSH_AUTH_AGAIN)
                 return rc;
             ssh_string_free_char(state->comment);
-            ssh_key_free(state->pubkey);
+            state->comment = NULL;
             if (rc == SSH_AUTH_ERROR) {
-                SAFE_FREE(session->agent_state);
+                ssh_agent_state_free (session->agent_state);
+                session->agent_state = NULL;
                 return rc;
             } else if (rc != SSH_AUTH_SUCCESS) {
                 SSH_LOG(SSH_LOG_INFO,
                         "Server accepted public key but refused the signature");
+                ssh_key_free(state->pubkey);
                 state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
                 state->state = SSH_AGENT_STATE_NONE;
                 continue;
             }
-            SAFE_FREE(session->agent_state);
+            ssh_agent_state_free (session->agent_state);
+            session->agent_state = NULL;
             return SSH_AUTH_SUCCESS;
         }
     }
 
-    SAFE_FREE(session->agent_state);
+    ssh_agent_state_free (session->agent_state);
+    session->agent_state = NULL;
     return rc;
 }
 #endif
@@ -1045,15 +1063,14 @@ int ssh_userauth_publickey_auto(ssh_session session,
                 ssh_key_free(state->privkey);
                 ssh_key_free(state->pubkey);
                 SAFE_FREE(session->auth_auto_state);
+                if (rc == SSH_AUTH_SUCCESS) {
+                    SSH_LOG(SSH_LOG_INFO,
+                            "Successfully authenticated using %s",
+                            privkey_file);
+                }
+                return rc;
             }
-            if (rc == SSH_AUTH_ERROR) {
+            if (rc == SSH_AUTH_AGAIN){
-                return rc;
-            } else if (rc == SSH_AUTH_SUCCESS) {
-                SSH_LOG(SSH_LOG_INFO,
-                        "Successfully authenticated using %s",
-                        privkey_file);
-                return rc;
-            } else if (rc == SSH_AUTH_AGAIN){
                 return rc;
             }
 

src/auth1.c

@@ -23,6 +23,7 @@
 
 #include "config.h"
 
+#include <errno.h>
 #include <string.h>
 #include <stdlib.h>
 
@@ -117,6 +118,7 @@ static int send_username(ssh_session session, const char *username) {
   if (packet_send(session) == SSH_ERROR) {
     return SSH_AUTH_ERROR;
   }
+  return SSH_AUTH_AGAIN;
 pending:
   rc = wait_auth1_status(session);
   switch (rc){
@@ -161,12 +163,14 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   ssh_string pwd = NULL;
   int rc;
 
+  if (session->pending_call_state == SSH_PENDING_CALL_AUTH_PASSWORD) {
+      goto pending;
+  }
+
   rc = send_username(session, username);
   if (rc != SSH_AUTH_DENIED) {
     return rc;
   }
-  if (session->pending_call_state == SSH_PENDING_CALL_AUTH_PASSWORD)
-      goto pending;
   /* we trick a bit here. A known flaw in SSH1 protocol is that it's
    * easy to guess password sizes.
    * not that sure ...
@@ -219,8 +223,11 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   }
 pending:
   rc = wait_auth1_status(session);
-  if (rc != SSH_AUTH_AGAIN)
+  if (rc == SSH_AUTH_ERROR && errno == EAGAIN) {
-      session->pending_call_state = SSH_PENDING_CALL_NONE;
+    /* Nothing to do */
+  } else if (rc != SSH_AUTH_AGAIN) {
+    session->pending_call_state = SSH_PENDING_CALL_NONE;
+  }
 
   return rc;
 }

src/bignum.c

@@ -103,5 +103,9 @@ void ssh_print_bignum(const char *which, bignum num) {
 #endif
   fprintf(stderr, "%s value: ", which);
   fprintf(stderr, "%s\n", (hex == NULL) ? "(null)" : (char *) hex);
+#ifdef HAVE_LIBGCRYPT
   SAFE_FREE(hex);
+#elif defined HAVE_LIBCRYPTO
+  OPENSSL_free(hex);
+#endif
 }

src/channels.c

@@ -664,11 +664,9 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
 	}
 
 	if (strcmp(request,"exit-status") == 0) {
-        uint32_t exit_status = 0;
+        SAFE_FREE(request);
-
+        rc = ssh_buffer_unpack(packet, "d", &channel->exit_status);
-		SAFE_FREE(request);
+        SSH_LOG(SSH_LOG_PACKET, "received exit-status %d", channel->exit_status);
-        rc = ssh_buffer_unpack(packet, "d", &exit_status);
-		SSH_LOG(SSH_LOG_PACKET, "received exit-status %d", channel->exit_status);
 
         if(ssh_callbacks_exists(channel->callbacks, channel_exit_status_function)) {
             channel->callbacks->channel_exit_status_function(channel->session,
@@ -714,7 +712,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
 
 		SAFE_FREE(request);
 
-		rc = ssh_buffer_unpack(packet, "sbs",
+		rc = ssh_buffer_unpack(packet, "sbss",
 		        &sig, /* signal name */
 		        &core_dumped,    /* core dumped */
 		        &errmsg, /* error message */
@@ -1247,7 +1245,7 @@ static int channel_write_common(ssh_channel channel,
     return -1;
   }
 
-  if (channel->session->session_state == SSH_SESSION_STATE_ERROR) {
+  if (session->session_state == SSH_SESSION_STATE_ERROR) {
     return SSH_ERROR;
   }
 #ifdef WITH_SSH1
@@ -1278,7 +1276,7 @@ static int channel_write_common(ssh_channel channel,
               ssh_channel_waitwindow_termination,channel);
           if (rc == SSH_ERROR ||
               !ssh_channel_waitwindow_termination(channel) ||
-              channel->session->session_state == SSH_SESSION_STATE_ERROR ||
+              session->session_state == SSH_SESSION_STATE_ERROR ||
               channel->state == SSH_CHANNEL_STATE_CLOSED)
             goto out;
           continue;
@@ -2205,6 +2203,11 @@ error:
   return rc;
 }
 
+/* DEPRECATED */
+int ssh_forward_listen(ssh_session session, const char *address, int port, int *bound_port) {
+  return ssh_channel_listen_forward(session, address, port, bound_port);
+}
+
 /* DEPRECATED */
 ssh_channel ssh_forward_accept(ssh_session session, int timeout_ms) {
   return ssh_channel_accept(session, SSH_CHANNEL_FORWARDED_TCPIP, timeout_ms, NULL);
@@ -2272,6 +2275,7 @@ error:
   return rc;
 }
 
+/* DEPRECATED */
 int ssh_forward_cancel(ssh_session session, const char *address, int port) {
     return ssh_channel_cancel_forward(session, address, port);
 }
@@ -2685,7 +2689,7 @@ int ssh_channel_read_timeout(ssh_channel channel,
   if (rc == SSH_ERROR){
     return rc;
   }
-  if (channel->session->session_state == SSH_SESSION_STATE_ERROR){
+  if (session->session_state == SSH_SESSION_STATE_ERROR){
       return SSH_ERROR;
   }
   if (channel->remote_eof && buffer_get_rest_len(stdbuf) == 0) {
@@ -2750,7 +2754,7 @@ int ssh_channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count
   to_read = ssh_channel_poll(channel, is_stderr);
 
   if (to_read <= 0) {
-      if (channel->session->session_state == SSH_SESSION_STATE_ERROR){
+      if (session->session_state == SSH_SESSION_STATE_ERROR){
           return SSH_ERROR;
       }
 

src/client.c

@@ -90,52 +90,74 @@ static void socket_callback_connected(int code, int errno_code, void *user){
  * @param  user is a pointer to session
  * @returns Number of bytes processed, or zero if the banner is not complete.
  */
-static int callback_receive_banner(const void *data, size_t len, void *user) {
+static int callback_receive_banner(const void *data, size_t len, void *user)
-  char *buffer = (char *)data;
+{
-  ssh_session session=(ssh_session) user;
+    char *buffer = (char *)data;
-  char *str = NULL;
+    ssh_session session=(ssh_session) user;
-  size_t i;
+    char *str = NULL;
-  int ret=0;
+    size_t i;
+    int ret=0;
 
-  if(session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED){
+    if (session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED) {
-  	ssh_set_error(session,SSH_FATAL,"Wrong state in callback_receive_banner : %d",session->session_state);
+        ssh_set_error(session,SSH_FATAL,
+                      "Wrong state in callback_receive_banner : %d",
+                      session->session_state);
 
-  	return SSH_ERROR;
+        return SSH_ERROR;
-  }
-  for(i=0;i<len;++i){
-#ifdef WITH_PCAP
-  	if(session->pcap_ctx && buffer[i] == '\n'){
-  		ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_IN,buffer,i+1,i+1);
-  	}
-#endif
-    if(buffer[i]=='\r') {
-        buffer[i]='\0';
     }
-    if (buffer[i]=='\n') {
+    for (i = 0; i < len; ++i) {
-        buffer[i] = '\0';
+#ifdef WITH_PCAP
-        str = strdup(buffer);
+        if (session->pcap_ctx && buffer[i] == '\n') {
-        if (str == NULL) {
+            ssh_pcap_context_write(session->pcap_ctx,
-            return SSH_ERROR;
+                                   SSH_PCAP_DIR_IN,
+                                   buffer,i+1,
+                                   i+1);
         }
-        /* number of bytes read */
+#endif
-        ret = i + 1;
+        if (buffer[i] == '\r') {
-        session->serverbanner = str;
+            buffer[i] = '\0';
-  		session->session_state=SSH_SESSION_STATE_BANNER_RECEIVED;
+        }
-  		SSH_LOG(SSH_LOG_PACKET,"Received banner: %s",str);
+        if (buffer[i] == '\n') {
-		session->ssh_connection_callback(session);
+            int cmp;
 
-  		return ret;
+            buffer[i] = '\0';
-  	}
-  	if(i>127){
-  		/* Too big banner */
-  		session->session_state=SSH_SESSION_STATE_ERROR;
-  		ssh_set_error(session,SSH_FATAL,"Receiving banner: too large banner");
 
-  		return 0;
+            /* The server MAY send other lines of data... */
-  	}
+            cmp = strncmp(buffer, "SSH-", 4);
-  }
+            if (cmp == 0) {
+                str = strdup(buffer);
+                if (str == NULL) {
+                    return SSH_ERROR;
+                }
+                /* number of bytes read */
+                ret = i + 1;
+                session->serverbanner = str;
+                session->session_state = SSH_SESSION_STATE_BANNER_RECEIVED;
+                SSH_LOG(SSH_LOG_PACKET, "Received banner: %s", str);
+                session->ssh_connection_callback(session);
 
-  return ret;
+                return ret;
+            } else {
+                SSH_LOG(SSH_LOG_DEBUG,
+                        "ssh_protocol_version_exchange: %s",
+                        buffer);
+                ret = i + 1;
+                break;
+            }
+        }
+        /* According to RFC 4253 the max banner length is 255 */
+        if (i > 255) {
+            /* Too big banner */
+            session->session_state=SSH_SESSION_STATE_ERROR;
+            ssh_set_error(session,
+                          SSH_FATAL,
+                          "Receiving banner: too large banner");
+
+            return 0;
+        }
+    }
+
+    return ret;
 }
 
 /** @internal
@@ -147,46 +169,75 @@ static int callback_receive_banner(const void *data, size_t len, void *user) {
  *
  * @return 0 on success, < 0 on error.
  */
-int ssh_send_banner(ssh_session session, int server) {
+int ssh_send_banner(ssh_session session, int server)
-  const char *banner = NULL;
+{
-  char buffer[128] = {0};
+    const char *banner = NULL;
-  int err=SSH_ERROR;
+    const char *terminator = NULL;
+    /* The maximum banner length is 255 for SSH2 */
+    char buffer[256] = {0};
+    size_t len;
+    int rc = SSH_ERROR;
 
-  banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2;
+    banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2;
+    terminator = session->version == 1 ? "\n" : "\r\n";
 
-  if (server) {
+    if (server == 1) {
-    if(session->opts.custombanner == NULL){
+        if (session->opts.custombanner == NULL){
-    	session->serverbanner = strdup(banner);
+            len = strlen(banner);
+            session->serverbanner = strdup(banner);
+            if (session->serverbanner == NULL) {
+                goto end;
+            }
+        } else {
+            len = strlen(session->opts.custombanner);
+            session->serverbanner = malloc(len + 8 + 1);
+            if(session->serverbanner == NULL) {
+                goto end;
+            }
+            snprintf(session->serverbanner,
+                     len + 8 + 1,
+                     "SSH-2.0-%s",
+                     session->opts.custombanner);
+        }
+
+        snprintf(buffer,
+                 sizeof(buffer),
+                 "%s%s",
+                 session->serverbanner,
+                 terminator);
     } else {
-    	session->serverbanner = malloc(strlen(session->opts.custombanner) + 9);
+        session->clientbanner = strdup(banner);
-    	if(!session->serverbanner)
+        if (session->clientbanner == NULL) {
-    		goto end;
+            goto end;
-    	strcpy(session->serverbanner, "SSH-2.0-");
+        }
-    	strcat(session->serverbanner, session->opts.custombanner);
-    }
-    if (session->serverbanner == NULL) {
-      goto end;
-    }
-    snprintf(buffer, 128, "%s\n", session->serverbanner);
-  } else {
-    session->clientbanner = strdup(banner);
-    if (session->clientbanner == NULL) {
-      goto end;
-    }
-    snprintf(buffer, 128, "%s\n", session->clientbanner);
-  }
 
-  if (ssh_socket_write(session->socket, buffer, strlen(buffer)) == SSH_ERROR) {
+        /* SSH version 1 has a banner length of 128 only */
-    goto end;
+        len = session->version == 1 ? 128 : 0;
-  }
+
+        snprintf(buffer,
+                 sizeof(buffer) - len,
+                 "%s%s",
+                 session->clientbanner,
+                 terminator);
+    }
+
+    rc = ssh_socket_write(session->socket, buffer, strlen(buffer));
+    if (rc == SSH_ERROR) {
+        goto end;
+    }
 #ifdef WITH_PCAP
-  if(session->pcap_ctx)
+    if (session->pcap_ctx != NULL) {
-  	ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_OUT,buffer,strlen(buffer),strlen(buffer));
+        ssh_pcap_context_write(session->pcap_ctx,
+                               SSH_PCAP_DIR_OUT,
+                               buffer,
+                               strlen(buffer),
+                               strlen(buffer));
+    }
 #endif
-  err=SSH_OK;
-end:
 
-  return err;
+    rc = SSH_OK;
+end:
+    return rc;
 }
 
 /** @internal
@@ -335,7 +386,13 @@ static void ssh_client_connection_callback(ssh_session session){
 	switch(session->session_state){
 		case SSH_SESSION_STATE_NONE:
 		case SSH_SESSION_STATE_CONNECTING:
+			break;
 		case SSH_SESSION_STATE_SOCKET_CONNECTED:
+            /* If SSHv1 is disabled, we can send the banner immedietly */
+            if (session->opts.ssh1 == 0) {
+                ssh_set_fd_towrite(session);
+                ssh_send_banner(session, 0);
+            }
 			break;
 		case SSH_SESSION_STATE_BANNER_RECEIVED:
 		  if (session->serverbanner == NULL) {
@@ -381,7 +438,9 @@ static void ssh_client_connection_callback(ssh_session session){
 #endif
 		  ssh_packet_set_default_callbacks(session);
 		  session->session_state=SSH_SESSION_STATE_INITIAL_KEX;
-		  ssh_send_banner(session, 0);
+          if (session->opts.ssh1 == 1) {
+              ssh_send_banner(session, 0);
+          }
 		  set_status(session, 0.5f);
 		  break;
 		case SSH_SESSION_STATE_INITIAL_KEX:

src/config.c

@@ -218,26 +218,32 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
   opcode = ssh_config_get_opcode(keyword);
 
   switch (opcode) {
-    case SOC_HOST:
+    case SOC_HOST: {
+        int ok = 0;
+
         *parsing = 0;
         lowerhost = (session->opts.host) ? ssh_lowercase(session->opts.host) : NULL;
         for (p = ssh_config_get_str_tok(&s, NULL);
              p != NULL && p[0] != '\0';
              p = ssh_config_get_str_tok(&s, NULL)) {
-            char *z = ssh_path_expand_escape(session, p);
+             if (ok >= 0) {
-            int ok;
+               char *z = ssh_path_expand_escape(session, p);
 
-            if (z == NULL) {
+               if (z == NULL) {
-                z = strdup(p);
+                   z = strdup(p);
+               }
+               ok = match_hostname(lowerhost, z, strlen(z));
+               if (ok < 0) {
+                   *parsing = 0;
+               } else if (ok > 0) {
+                   *parsing = 1;
+               }
+               free(z);
             }
-            ok = match_hostname(lowerhost, z, strlen(z));
-            if (ok) {
-                *parsing = 1;
-            }
-            free(z);
         }
         SAFE_FREE(lowerhost);
         break;
+    }
     case SOC_HOSTNAME:
       p = ssh_config_get_str_tok(&s, NULL);
       if (p && *parsing) {

src/dh.c

@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
 }
 
 int dh_generate_x(ssh_session session) {
+  int keysize;
+  if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
+    keysize = 1023;
+  } else {
+    keysize = 2047;
+  }
   session->next_crypto->x = bignum_new();
   if (session->next_crypto->x == NULL) {
     return -1;
   }
 
 #ifdef HAVE_LIBGCRYPT
-  bignum_rand(session->next_crypto->x, 128);
+  bignum_rand(session->next_crypto->x, keysize);
 #elif defined HAVE_LIBCRYPTO
-  bignum_rand(session->next_crypto->x, 128, 0, -1);
+  bignum_rand(session->next_crypto->x, keysize, -1, 0);
 #endif
 
   /* not harder than this */
@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
 
 /* used by server */
 int dh_generate_y(ssh_session session) {
-    session->next_crypto->y = bignum_new();
+  int keysize;
+  if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
+    keysize = 1023;
+  } else {
+    keysize = 2047;
+  }
+  session->next_crypto->y = bignum_new();
   if (session->next_crypto->y == NULL) {
     return -1;
   }
 
 #ifdef HAVE_LIBGCRYPT
-  bignum_rand(session->next_crypto->y, 128);
+  bignum_rand(session->next_crypto->y, keysize);
 #elif defined HAVE_LIBCRYPTO
-  bignum_rand(session->next_crypto->y, 128, 0, -1);
+  bignum_rand(session->next_crypto->y, keysize, -1, 0);
 #endif
 
   /* not harder than this */

src/gssapi.c

@@ -129,11 +129,53 @@ static int ssh_gssapi_send_response(ssh_session session, ssh_string oid){
 
 #endif /* WITH_SERVER */
 
-static void ssh_gssapi_log_error(int verb, const char *msg, int maj_stat){
+static void ssh_gssapi_log_error(int verb,
-    gss_buffer_desc buffer;
+                                 const char *msg,
-    OM_uint32 dummy, message_context;
+                                 int maj_stat,
-    gss_display_status(&dummy,maj_stat,GSS_C_GSS_CODE, GSS_C_NO_OID, &message_context, &buffer);
+                                 int min_stat)
-    SSH_LOG(verb, "GSSAPI(%s): %s", msg, (const char *)buffer.value);
+{
+    gss_buffer_desc msg_maj = {
+        .length = 0,
+    };
+    gss_buffer_desc msg_min = {
+        .length = 0,
+    };
+    OM_uint32 dummy_maj, dummy_min;
+    OM_uint32 message_context = 0;
+
+    dummy_maj = gss_display_status(&dummy_min,
+                                   maj_stat,
+                                   GSS_C_GSS_CODE,
+                                   GSS_C_NO_OID,
+                                   &message_context,
+                                   &msg_maj);
+    if (dummy_maj != 0) {
+        goto out;
+    }
+
+    dummy_maj = gss_display_status(&dummy_min,
+                                   min_stat,
+                                   GSS_C_MECH_CODE,
+                                   GSS_C_NO_OID,
+                                   &message_context,
+                                   &msg_min);
+    if (dummy_maj != 0) {
+        goto out;
+    }
+
+    SSH_LOG(verb,
+            "GSSAPI(%s): %s - %s",
+            msg,
+            (const char *)msg_maj.value,
+            (const char *)msg_min.value);
+
+out:
+    if (msg_maj.value) {
+        dummy_maj = gss_release_buffer(&dummy_min, &msg_maj);
+    }
+    if (msg_min.value) {
+        dummy_maj = gss_release_buffer(&dummy_min, &msg_min);
+    }
 }
 
 #ifdef WITH_SERVER
@@ -212,7 +254,10 @@ int ssh_gssapi_handle_userauth(ssh_session session, const char *user, uint32_t n
             (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name);
     if (maj_stat != GSS_S_COMPLETE) {
         SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat);
-        ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_WARNING,
+                             "importing name",
+                             maj_stat,
+                             min_stat);
         return -1;
     }
 
@@ -224,7 +269,10 @@ int ssh_gssapi_handle_userauth(ssh_session session, const char *user, uint32_t n
 
     if (maj_stat != GSS_S_COMPLETE) {
         SSH_LOG(SSH_LOG_WARNING, "error acquiring credentials %d, %d", maj_stat, min_stat);
-        ssh_gssapi_log_error(SSH_LOG_WARNING, "acquiring creds", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_WARNING,
+                             "acquiring creds",
+                             maj_stat,
+                             min_stat);
         ssh_auth_reply_default(session,0);
         return SSH_ERROR;
     }
@@ -266,7 +314,10 @@ static char *ssh_gssapi_name_to_char(gss_name_t name){
     OM_uint32 maj_stat, min_stat;
     char *ptr;
     maj_stat = gss_display_name(&min_stat, name, &buffer, NULL);
-    ssh_gssapi_log_error(SSH_LOG_WARNING, "converting name", maj_stat);
+    ssh_gssapi_log_error(SSH_LOG_WARNING,
+                         "converting name",
+                         maj_stat,
+                         min_stat);
     ptr=malloc(buffer.length + 1);
     memcpy(ptr, buffer.value, buffer.length);
     ptr[buffer.length] = '\0';
@@ -335,14 +386,20 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){
     maj_stat = gss_accept_sec_context(&min_stat, &session->gssapi->ctx, session->gssapi->server_creds,
             &input_token, input_bindings, &client_name, NULL /*mech_oid*/, &output_token, &ret_flags,
             NULL /*time*/, &session->gssapi->client_creds);
-    ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat);
+    ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
+                         "accepting token",
+                         maj_stat,
+                         min_stat);
     ssh_string_free(token);
     if (client_name != GSS_C_NO_NAME){
         session->gssapi->client_name = client_name;
         session->gssapi->canonic_user = ssh_gssapi_name_to_char(client_name);
     }
     if (GSS_ERROR(maj_stat)){
-        ssh_gssapi_log_error(SSH_LOG_WARNING, "Gssapi error", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_WARNING,
+                             "Gssapi error",
+                             maj_stat,
+                             min_stat);
         ssh_auth_reply_default(session,0);
         ssh_gssapi_free(session);
         session->gssapi=NULL;
@@ -439,8 +496,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic)
         mic_token_buf.value = ssh_string_data(mic_token);
 
         maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL);
-        ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
-        ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC (min stat)", min_stat);
+                             "verifying MIC",
+                             maj_stat,
+                             min_stat);
         if (maj_stat == GSS_S_DEFECTIVE_TOKEN || GSS_ERROR(maj_stat)) {
             goto error;
         }
@@ -653,8 +712,11 @@ int ssh_gssapi_auth_mic(ssh_session session){
                                &session->gssapi->client.server_name);
     if (maj_stat != GSS_S_COMPLETE) {
         SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat);
-        ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_WARNING,
-        return SSH_PACKET_USED;
+                             "importing name",
+                             maj_stat,
+                             min_stat);
+        return SSH_AUTH_DENIED;
     }
 
     /* copy username */
@@ -759,7 +821,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
                                     0, NULL, &input_token, NULL,
                                     &output_token, NULL, NULL);
     if(GSS_ERROR(maj_stat)){
-        ssh_gssapi_log_error(SSH_LOG_WARNING, "Initializing gssapi context", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_WARNING,
+                             "Initializing gssapi context",
+                             maj_stat,
+                             min_stat);
         return SSH_PACKET_USED;
     }
     if (output_token.length != 0){
@@ -797,7 +862,10 @@ static int ssh_gssapi_send_mic(ssh_session session){
     maj_stat = gss_get_mic(&min_stat,session->gssapi->ctx, GSS_C_QOP_DEFAULT, &mic_buf, &mic_token_buf);
     if (GSS_ERROR(maj_stat)){
         ssh_buffer_free(mic_buffer);
-        ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "generating MIC", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
+                             "generating MIC",
+                             maj_stat,
+                             min_stat);
         return SSH_ERROR;
     }
 
@@ -848,10 +916,16 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
                                     0, NULL, &input_token, NULL,
                                     &output_token, NULL, NULL);
 
-    ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat);
+    ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
+                         "accepting token",
+                         maj_stat,
+                         min_stat);
     ssh_string_free(token);
     if (GSS_ERROR(maj_stat)){
-        ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "Gssapi error", maj_stat);
+        ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
+                             "Gssapi error",
+                             maj_stat,
+                             min_stat);
         ssh_gssapi_free(session);
         session->gssapi=NULL;
         return SSH_PACKET_USED;

src/kex.c

@@ -42,24 +42,28 @@
 # define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
 # define DES "3des-cbc"
 # define DES_SUPPORTED "3des-cbc,des-cbc-ssh1"
+
 #elif defined(HAVE_LIBCRYPTO)
+
 # ifdef HAVE_OPENSSL_BLOWFISH_H
 #  define BLOWFISH "blowfish-cbc,"
-# else
+# else /* HAVE_OPENSSL_BLOWFISH_H */
 #  define BLOWFISH ""
-# endif
+# endif /* HAVE_OPENSSL_BLOWFISH_H */
+
 # ifdef HAVE_OPENSSL_AES_H
 #  ifdef BROKEN_AES_CTR
 #   define AES "aes256-cbc,aes192-cbc,aes128-cbc,"
-#  else
+#  else /* BROKEN_AES_CTR */
 #   define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
 #  endif /* BROKEN_AES_CTR */
-# else
+# else /* HAVE_OPENSSL_AES_H */
 #  define AES ""
-#  endif
+# endif /* HAVE_OPENSSL_AES_H */
+
 # define DES "3des-cbc"
 # define DES_SUPPORTED "3des-cbc,des-cbc-ssh1"
-#endif
+#endif /* HAVE_LIBCRYPTO */
 
 #ifdef WITH_ZLIB
 #define ZLIB "none,zlib,zlib@openssh.com"
@@ -90,8 +94,8 @@ static const char *default_methods[] = {
   HOSTKEYS,
   AES BLOWFISH DES,
   AES BLOWFISH DES,
-  "hmac-sha1,hmac-sha2-256,hmac-sha2-512",
+  "hmac-sha2-256,hmac-sha2-512,hmac-sha1",
-  "hmac-sha1,hmac-sha2-256,hmac-sha2-512",
+  "hmac-sha2-256,hmac-sha2-512,hmac-sha1",
   "none",
   "none",
   "",
@@ -105,8 +109,8 @@ static const char *supported_methods[] = {
   HOSTKEYS,
   AES BLOWFISH DES_SUPPORTED,
   AES BLOWFISH DES_SUPPORTED,
-  "hmac-sha1,hmac-sha2-256,hmac-sha2-512",
+  "hmac-sha2-256,hmac-sha2-512,hmac-sha1",
-  "hmac-sha1,hmac-sha2-256,hmac-sha2-512",
+  "hmac-sha2-256,hmac-sha2-512,hmac-sha1",
   ZLIB,
   ZLIB,
   "",

src/libgcrypt.c

@@ -181,7 +181,7 @@ void ssh_mac_update(ssh_mac_ctx ctx, const void *data, unsigned long len) {
 }
 
 void ssh_mac_final(unsigned char *md, ssh_mac_ctx ctx) {
-  size_t len;
+  size_t len = 0;
   switch(ctx->mac_type){
     case SSH_MAC_SHA1:
       len=SHA_DIGEST_LEN;

src/misc.c

@@ -33,9 +33,10 @@
 #include <netinet/in.h>
 #include <arpa/inet.h>
 
-#ifndef HAVE_CLOCK_GETTIME
+#ifdef HAVE_SYS_TIME_H
 #include <sys/time.h>
-#endif /* HAVE_CLOCK_GETTIME */
+#endif /* HAVE_SYS_TIME_H */
+
 #endif /* _WIN32 */
 
 #include <limits.h>
@@ -289,23 +290,6 @@ int ssh_is_ipaddr(const char *str) {
 
 #endif /* _WIN32 */
 
-#ifndef HAVE_NTOHLL
-uint64_t ntohll(uint64_t a) {
-#ifdef WORDS_BIGENDIAN
-  return a;
-#else /* WORDS_BIGENDIAN */
-  return (((uint64_t)(a) << 56) | \
-         (((uint64_t)(a) << 40) & 0xff000000000000ULL) | \
-         (((uint64_t)(a) << 24) & 0xff0000000000ULL) | \
-         (((uint64_t)(a) << 8)  & 0xff00000000ULL) | \
-         (((uint64_t)(a) >> 8)  & 0xff000000ULL) | \
-         (((uint64_t)(a) >> 24) & 0xff0000ULL) | \
-         (((uint64_t)(a) >> 40) & 0xff00ULL) | \
-         ((uint64_t)(a)  >> 56));
-#endif /* WORDS_BIGENDIAN */
-}
-#endif /* HAVE_NTOHLL */
-
 char *ssh_lowercase(const char* str) {
   char *new, *p;
 

src/options.c

@@ -93,12 +93,6 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) {
     if (src->opts.identity) {
         struct ssh_iterator *it;
 
-        new->opts.identity = ssh_list_new();
-        if (new->opts.identity == NULL) {
-            ssh_free(new);
-            return -1;
-        }
-
         it = ssh_list_get_iterator(src->opts.identity);
         while (it) {
             char *id;
@@ -338,7 +332,7 @@ int ssh_options_set_algo(ssh_session session, int algo,
  *              - SSH_OPTIONS_HOSTKEYS:
  *                Set the preferred server host key types (const char *,
  *                comma-separated list). ex:
- *                "ssh-rsa,ssh-dsa,ecdh-sha2-nistp256"
+ *                "ssh-rsa,ssh-dss,ecdh-sha2-nistp256"
  *
  *              - SSH_OPTIONS_COMPRESSION_C_S:
  *                Set the compression to use for client to server
@@ -1356,10 +1350,10 @@ static int ssh_bind_set_key(ssh_bind sshbind, char **key_loc,
  *                        with verbosity less than or equal to the
  *                        logging verbosity will be shown.
  *                        - SSH_LOG_NOLOG: No logging
- *                        - SSH_LOG_RARE: Rare conditions or warnings
+ *                        - SSH_LOG_WARNING: Only warnings
- *                        - SSH_LOG_ENTRY: API-accessible entrypoints
+ *                        - SSH_LOG_PROTOCOL: High level protocol information
- *                        - SSH_LOG_PACKET: Packet id and size
+ *                        - SSH_LOG_PACKET: Lower level protocol infomations, packet level
- *                        - SSH_LOG_FUNCTIONS: Function entering and leaving
+ *                        - SSH_LOG_FUNCTIONS: Every function path
  *
  *                      - SSH_BIND_OPTIONS_LOG_VERBOSITY_STR:
  *                        Set the session logging verbosity via a

src/pki.c

@@ -271,7 +271,7 @@ int ssh_key_is_public(const ssh_key k) {
         return 0;
     }
 
-    return (k->flags & SSH_KEY_FLAG_PUBLIC);
+    return (k->flags & SSH_KEY_FLAG_PUBLIC) == SSH_KEY_FLAG_PUBLIC;
 }
 
 /**
@@ -286,7 +286,7 @@ int ssh_key_is_private(const ssh_key k) {
         return 0;
     }
 
-    return (k->flags & SSH_KEY_FLAG_PRIVATE);
+    return (k->flags & SSH_KEY_FLAG_PRIVATE) == SSH_KEY_FLAG_PRIVATE;
 }
 
 /**
@@ -1094,7 +1094,7 @@ error:
  * @param[out] pkey     A pointer to store the newly allocated public key. You
  *                      NEED to free the key.
  *
- * @return              A public key, NULL on error.
+ * @return              SSH_OK on success, SSH_ERROR on error.
  *
  * @see ssh_key_free()
  */
@@ -1584,7 +1584,7 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
                                          const ssh_key privkey)
 {
     struct ssh_crypto_struct *crypto;
-    ssh_signature sig;
+    ssh_signature sig = NULL;
     ssh_string sig_blob;
     int rc;
 

src/pki_ed25519.c

@@ -35,8 +35,8 @@ int pki_key_generate_ed25519(ssh_key key)
         goto error;
     }
 
-    key->ed25519_pubkey = malloc(sizeof (ed25519_privkey));
+    key->ed25519_pubkey = malloc(sizeof (ed25519_pubkey));
-    if (key->ed25519_privkey == NULL) {
+    if (key->ed25519_pubkey == NULL) {
         goto error;
     }
 

src/pki_gcrypt.c

@@ -737,7 +737,7 @@ int pki_pubkey_build_ecdsa(ssh_key key, int nid, ssh_string e)
 ssh_key pki_key_dup(const ssh_key key, int demote)
 {
     ssh_key new;
-    gcry_sexp_t sexp;
+    gcry_sexp_t sexp = NULL;
     gcry_error_t err;
     const char *tmp = NULL;
     size_t size;

src/poll.c

@@ -116,7 +116,11 @@ static poll_fn ssh_poll_emu;
 #else /* _WIN32 */
 #include <sys/select.h>
 #include <sys/socket.h>
-#include <sys/time.h>
+
+# ifdef HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# endif
+
 #endif /* _WIN32 */
 
 #ifdef HAVE_UNISTD_H

src/server.c

@@ -746,7 +746,7 @@ int ssh_message_global_request_reply_success(ssh_message msg, uint16_t bound_por
         if(msg->global_request.type == SSH_GLOBAL_REQUEST_TCPIP_FORWARD 
                                 && msg->global_request.bind_port == 0) {
             rc = ssh_buffer_pack(msg->session->out_buffer, "d", bound_port);
-            if (rc != SSH_ERROR) {
+            if (rc != SSH_OK) {
                 ssh_set_error_oom(msg->session);
                 goto error;
             }

src/session.c

@@ -115,6 +115,15 @@ ssh_session ssh_new(void) {
       goto err;
     }
 
+    id = strdup("%d/id_ed25519");
+    if (id == NULL) {
+      goto err;
+    }
+    rc = ssh_list_append(session->opts.identity, id);
+    if (rc == SSH_ERROR) {
+      goto err;
+    }
+
 #ifdef HAVE_ECC
     id = strdup("%d/id_ecdsa");
     if (id == NULL) {
@@ -261,6 +270,11 @@ void ssh_free(ssh_session session) {
       ssh_list_free(session->opts.identity);
   }
 
+#ifndef _WIN32
+  ssh_agent_state_free (session->agent_state);
+#endif
+  session->agent_state = NULL;
+
   SAFE_FREE(session->auth_auto_state);
   SAFE_FREE(session->serverbanner);
   SAFE_FREE(session->clientbanner);

src/sftp.c

@@ -315,7 +315,7 @@ sftp_packet sftp_packet_read(sftp_session sftp) {
   sftp_packet packet = NULL;
   uint32_t tmp;
   size_t size;
-  int r;
+  int r, s;
 
   packet = malloc(sizeof(struct sftp_packet_struct));
   if (packet == NULL) {
@@ -330,26 +330,33 @@ sftp_packet sftp_packet_read(sftp_session sftp) {
     return NULL;
   }
 
-  r=ssh_channel_read(sftp->channel, buffer, 4, 0);
+  r=0;
-  if (r < 0) {
+  do {
-    ssh_buffer_free(packet->payload);
+    // read from channel until 4 bytes have been read or an error occurs
-    SAFE_FREE(packet);
+    s=ssh_channel_read(sftp->channel, buffer+r, 4-r, 0);
-    return NULL;
+    if (s < 0) {
-  }
+        goto error;
+    } else if (s == 0) {
+        int is_eof;
+
+        is_eof = ssh_channel_is_eof(sftp->channel);
+        if (is_eof) {
+            goto error;
+        }
+    } else {
+      r += s;
+    }
+  } while (r<4);
   ssh_buffer_add_data(packet->payload, buffer, r);
   if (buffer_get_u32(packet->payload, &tmp) != sizeof(uint32_t)) {
     ssh_set_error(sftp->session, SSH_FATAL, "Short sftp packet!");
-    ssh_buffer_free(packet->payload);
+    goto error;
-    SAFE_FREE(packet);
-    return NULL;
   }
 
   r=ssh_channel_read(sftp->channel, buffer, 1, 0);
   if (r <= 0) {
     /* TODO: check if there are cases where an error needs to be set here */
-    ssh_buffer_free(packet->payload);
+    goto error;
-    SAFE_FREE(packet);
-    return NULL;
   }
   ssh_buffer_add_data(packet->payload, buffer, r);
   buffer_get_u8(packet->payload, &packet->type);
@@ -366,20 +373,20 @@ sftp_packet sftp_packet_read(sftp_session sftp) {
 
     if(r <= 0) {
       /* TODO: check if there are cases where an error needs to be set here */
-      ssh_buffer_free(packet->payload);
+      goto error;
-      SAFE_FREE(packet);
-      return NULL;
     }
     if (ssh_buffer_add_data(packet->payload, buffer, r) == SSH_ERROR) {
-      ssh_buffer_free(packet->payload);
-      SAFE_FREE(packet);
       ssh_set_error_oom(sftp->session);
-      return NULL;
+      goto error;
     }
     size -= r;
   }
 
   return packet;
+error:
+    ssh_buffer_free(packet->payload);
+    SAFE_FREE(packet);
+    return NULL;
 }
 
 static void sftp_set_error(sftp_session sftp, int errnum) {
@@ -3070,7 +3077,10 @@ sftp_attributes sftp_fstat(sftp_file file) {
   }
 
   if (msg->packet_type == SSH_FXP_ATTRS){
-    return sftp_parse_attr(file->sftp, msg->payload, 0);
+    sftp_attributes attr = sftp_parse_attr(file->sftp, msg->payload, 0);
+    sftp_message_free(msg);
+
+    return attr;
   } else if (msg->packet_type == SSH_FXP_STATUS) {
     status = parse_status_msg(msg);
     sftp_message_free(msg);

src/sftpserver.c

@@ -194,9 +194,8 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
       break;
     case SSH_FXP_FSTAT:
       rc = ssh_buffer_unpack(payload,
-                             "Sd",
+                             "S",
-                             &msg->handle,
+                             &msg->handle);
-                             &msg->flags);
       if (rc != SSH_OK) {
         ssh_set_error_oom(session);
         sftp_client_message_free(msg);

src/threads/CMakeLists.txt

@@ -27,8 +27,9 @@ set(LIBSSH_THREADS_LINK_LIBRARIES
     ${LIBSSH_SHARED_LIBRARY}
 )
 
-set(libssh_threads_SRCS
+message(STATUS "threads library: Threads_FOUND=${Threads_FOUND}")
-)
+
+set(libssh_threads_SRCS) # empty SRC
 
 # build and link pthread
 if (CMAKE_USE_PTHREADS_INIT)
@@ -41,6 +42,8 @@ if (CMAKE_USE_PTHREADS_INIT)
         ${LIBSSH_THREADS_LINK_LIBRARIES}
         ${CMAKE_THREAD_LIBS_INIT}
     )
+
+    message(STATUS "libssh_threads_SRCS=${libssh_threads_SRCS}")
 endif (CMAKE_USE_PTHREADS_INIT)
 
 set(LIBSSH_THREADS_LINK_LIBRARIES
@@ -54,6 +57,8 @@ include_directories(
 )
 
 if (libssh_threads_SRCS)
+    set(LIBSSH_THREADS ON CACHE "libssh threads lib" INTERNAL)
+
     add_library(${LIBSSH_THREADS_SHARED_LIBRARY} SHARED ${libssh_threads_SRCS})
 
     target_link_libraries(${LIBSSH_THREADS_SHARED_LIBRARY} ${LIBSSH_THREADS_LINK_LIBRARIES})

src/wrapper.c

@@ -160,6 +160,10 @@ void crypto_free(struct ssh_crypto_struct *crypto){
 #ifdef HAVE_ECDH
   SAFE_FREE(crypto->ecdh_client_pubkey);
   SAFE_FREE(crypto->ecdh_server_pubkey);
+  if(crypto->ecdh_privkey != NULL){
+    EC_KEY_free(crypto->ecdh_privkey);
+    crypto->ecdh_privkey = NULL;
+  }
 #endif
   if(crypto->session_id != NULL){
     memset(crypto->session_id, '\0', crypto->digest_len);

tests/CMakeLists.txt

@@ -1,4 +1,4 @@
-project(tests C)
+project(libssh-tests C)
 
 if (BSD OR SOLARIS OR OSX)
     find_package(Argp)
@@ -9,9 +9,9 @@ set(TORTURE_LIBRARY torture)
 include_directories(
   ${LIBSSH_PUBLIC_INCLUDE_DIRS}
   ${CMOCKA_INCLUDE_DIR}
-  ${OPENSSL_INCLUDE_DIRS}
+  ${OPENSSL_INCLUDE_DIR}
-  ${GCRYPT_INCLUDE_DIRS}
+  ${GCRYPT_INCLUDE_DIR}
-  ${ZLIB_INCLUDE_DIRS}
+  ${ZLIB_INCLUDE_DIR}
   ${CMAKE_BINARY_DIR}
   ${CMAKE_SOURCE_DIR}/src
   ${CMAKE_CURRENT_SOURCE_DIR}
@@ -22,12 +22,12 @@ set(TORTURE_LINK_LIBRARIES
     ${LIBSSH_STATIC_LIBRARY}
     ${LIBSSH_LINK_LIBRARIES})
 
-if (Threads_FOUND)
+if (LIBSSH_THREADS)
     set(TORTURE_LINK_LIBRARIES
         ${TORTURE_LINK_LIBRARIES}
         ${LIBSSH_THREADS_STATIC_LIBRARY}
         ${LIBSSH_THREADS_LINK_LIBRARIES})
-endif ()
+endif (LIBSSH_THREADS)
 
 # create test library
 add_library(${TORTURE_LIBRARY} STATIC cmdline.c torture.c)

tests/benchmarks/bench_sftp.c

@@ -45,7 +45,7 @@ int benchmarks_sync_sftp_up (ssh_session session, struct argument_s *args,
   float ms=0.0;
   unsigned long total=0;
   sftp_session sftp;
-  sftp_file file;
+  sftp_file file = NULL;
 
   bytes = args->datasize * 1024 * 1024;
   sftp = sftp_new(session);
@@ -101,7 +101,7 @@ int benchmarks_sync_sftp_down (ssh_session session, struct argument_s *args,
   float ms=0.0;
   unsigned long total=0;
   sftp_session sftp;
-  sftp_file file;
+  sftp_file file = NULL;
   int r;
 
   bytes = args->datasize * 1024 * 1024;
@@ -163,7 +163,7 @@ int benchmarks_async_sftp_down (ssh_session session, struct argument_s *args,
   float ms=0.0;
   unsigned long total=0;
   sftp_session sftp;
-  sftp_file file;
+  sftp_file file = NULL;
   int r,i;
   int warned = 0;
   unsigned long toread;

tests/pkd/CMakeLists.txt

@@ -5,9 +5,9 @@ if (WITH_SERVER AND UNIX AND NOT WIN32)
 include_directories(
   ${LIBSSH_PUBLIC_INCLUDE_DIRS}
   ${CMOCKA_INCLUDE_DIR}
-  ${OPENSSL_INCLUDE_DIRS}
+  ${OPENSSL_INCLUDE_DIR}
-  ${GCRYPT_INCLUDE_DIRS}
+  ${GCRYPT_INCLUDE_DIR}
-  ${ZLIB_INCLUDE_DIRS}
+  ${ZLIB_INCLUDE_DIR}
   ${CMAKE_BINARY_DIR}
   ${CMAKE_SOURCE_DIR}/src
   ${CMAKE_CURRENT_SOURCE_DIR}

tests/unittests/CMakeLists.txt

@@ -14,11 +14,13 @@ if (UNIX AND NOT WIN32)
     # requires ssh-keygen
     add_cmocka_test(torture_keyfiles torture_keyfiles.c ${TORTURE_LIBRARY})
     add_cmocka_test(torture_pki torture_pki.c ${TORTURE_LIBRARY})
-    # requires pthread
-    add_cmocka_test(torture_rand torture_rand.c ${TORTURE_LIBRARY})
     # requires /dev/null
     add_cmocka_test(torture_channel torture_channel.c ${TORTURE_LIBRARY})
-    if (WITH_SERVER AND Threads_FOUND)
+    # requires pthread
-        add_cmocka_test(torture_server_x11 torture_server_x11.c ${TORTURE_LIBRARY})
+    if (LIBSSH_THREADS)
-    endif (WITH_SERVER AND Threads_FOUND)
+        add_cmocka_test(torture_rand torture_rand.c ${TORTURE_LIBRARY})
+        if (WITH_SERVER)
+            add_cmocka_test(torture_server_x11 torture_server_x11.c ${TORTURE_LIBRARY})
+        endif (WITH_SERVER)
+    endif (LIBSSH_THREADS)
 endif (UNIX AND NOT WIN32)

tests/unittests/torture_pki.c

@@ -212,6 +212,9 @@ static void torture_pki_import_privkey_base64_RSA(void **state) {
     type = ssh_key_type(key);
     assert_true(type == SSH_KEYTYPE_RSA);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     rc = ssh_key_is_public(key);
     assert_true(rc == 1);
 
@@ -281,6 +284,9 @@ static void torture_pki_import_privkey_base64_ECDSA(void **state) {
     rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key);
     assert_true(rc == 0);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     free(key_str);
     ssh_key_free(key);
 }
@@ -300,6 +306,10 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
                                        NULL,
                                        &key);
     assert_true(rc == 0);
+
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     ssh_key_free(key);
 
     /* test if it returns -1 if passphrase is wrong */
@@ -329,6 +339,10 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
                                        NULL,
                                        &key);
     assert_true(rc == 0);
+
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     ssh_key_free(key);
 
     /* test if it returns -1 if passphrase is wrong */
@@ -358,6 +372,10 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
                                        NULL,
                                        &key);
     assert_true(rc == 0);
+
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     ssh_key_free(key);
 
     /* test if it returns -1 if passphrase is wrong */
@@ -388,6 +406,9 @@ static void torture_pki_import_privkey_base64_ed25519(void **state){
     type = ssh_key_type(key);
     assert_true(type == SSH_KEYTYPE_ED25519);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     rc = ssh_key_is_public(key);
     assert_true(rc == 1);
 
@@ -411,6 +432,9 @@ static void torture_pki_pki_publickey_from_privatekey_RSA(void **state) {
                                        &key);
     assert_true(rc == 0);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
     assert_true(rc == SSH_OK);
 
@@ -433,6 +457,9 @@ static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) {
                                        &key);
     assert_true(rc == 0);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
     assert_true(rc == SSH_OK);
 
@@ -455,6 +482,9 @@ static void torture_pki_pki_publickey_from_privatekey_ed25519(void **state){
                                        &key);
     assert_true(rc == 0);
 
+    rc = ssh_key_is_private(key);
+    assert_true(rc == 1);
+
     rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
     assert_true(rc == SSH_OK);