Workaround ssh_get_user_home_dir on LDAP accounts

(cherry picked from commit 7150cabafa)

CMakeLists.txt

@@ -8,7 +8,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 
 set(APPLICATION_VERSION_MAJOR "0")
 set(APPLICATION_VERSION_MINOR "4")
-set(APPLICATION_VERSION_PATCH "6")
+set(APPLICATION_VERSION_PATCH "8")
 
 set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
 
@@ -19,7 +19,7 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.1.3")
+set(LIBRARY_VERSION "4.1.4")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -30,6 +30,7 @@ set(CMAKE_MODULE_PATH
 # add definitions
 include(DefineCMakeDefaults)
 include(DefineCompilerFlags)
+include(DefinePlatformDefaults)
 include(DefineInstallationPaths)
 include(DefineOptions.cmake)
 include(CPackConfig.cmake)

CPackConfig.cmake

@@ -13,7 +13,7 @@ set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
 ### versions
 set(CPACK_PACKAGE_VERSION_MAJOR "0")
 set(CPACK_PACKAGE_VERSION_MINOR "4")
-set(CPACK_PACKAGE_VERSION_PATCH "6")
+set(CPACK_PACKAGE_VERSION_PATCH "8")
 set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
 
 

ChangeLog

@@ -1,6 +1,24 @@
 ChangeLog
 ==========
 
+version 0.4.8 (released 2011-01-15)
+  * Fixed memory leaks in session signing.
+  * Fixed memory leak in ssh_print_hexa.
+  * Fixed problem with ssh_connect w/ timeout and fd > 1024.
+  * Fixed some warnings on OS/2.
+  * Fixed installation path for OS/2.
+
+version 0.4.7 (released 2010-12-28)
+  * Fixed a possible memory leak in ssh_get_user_home().
+  * Fixed a memory leak in sftp_xstat.
+  * Fixed uninitialized fd->revents member.
+  * Fixed timout value in ssh_channel_accept().
+  * Fixed length checks in ssh_analyze_banner().
+  * Fixed a possible data overread and crash bug.
+  * Fixed setting max_fd which breaks ssh_select().
+  * Fixed some pedantic build warnings.
+  * Fixed a memory leak with session->bindaddr.
+
 version 0.4.6 (released 2010-09-03)
   * Added a cleanup function to free the ws2_32 library.
   * Fixed build with gcc 3.4.

ConfigureChecks.cmake

@@ -25,22 +25,23 @@ function(COMPILER_DUMPVERSION _OUTPUT_VERSION)
     )
 
     string(REGEX REPLACE "([0-9])\\.([0-9])(\\.[0-9])?" "\\1\\2"
-        _COMPILER_VERSION ${_COMPILER_VERSION})
+           _COMPILER_VERSION "${_COMPILER_VERSION}")
 
     set(${_OUTPUT_VERSION} ${_COMPILER_VERSION} PARENT_SCOPE)
 endfunction()
 
-if(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
+if(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW AND NOT OS2)
     compiler_dumpversion(GNUCC_VERSION)
     if (NOT GNUCC_VERSION EQUAL 34)
         check_c_compiler_flag("-fvisibility=hidden" WITH_VISIBILITY_HIDDEN)
     endif (NOT GNUCC_VERSION EQUAL 34)
-endif(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
+endif(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW AND NOT OS2)
 
 # HEADER FILES
 check_include_file(argp.h HAVE_ARGP_H)
 check_include_file(pty.h HAVE_PTY_H)
-check_include_file(terminos.h HAVE_TERMIOS_H)
+check_include_file(termios.h HAVE_TERMIOS_H)
+
 if (WIN32)
   check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
   if (NOT HAVE_WSPIAPI_H)

cmake/Modules/DefineInstallationPaths.cmake

@@ -1,4 +1,15 @@
-if (UNIX)
+if (WIN32)
+  # Same same
+  set(BIN_INSTALL_DIR "bin" CACHE PATH "-")
+  set(SBIN_INSTALL_DIR "." CACHE PATH "-")
+  set(LIB_INSTALL_DIR "lib" CACHE PATH "-")
+  set(INCLUDE_INSTALL_DIR "include" CACHE PATH "-")
+  set(PLUGIN_INSTALL_DIR "plugins" CACHE PATH "-")
+  set(HTML_INSTALL_DIR "doc/HTML" CACHE PATH "-")
+  set(ICON_INSTALL_DIR "." CACHE PATH "-")
+  set(SOUND_INSTALL_DIR "." CACHE PATH "-")
+  set(LOCALE_INSTALL_DIR "lang" CACHE PATH "-")
+elseif (UNIX OR OS2)
   IF (NOT APPLICATION_NAME)
     MESSAGE(STATUS "${PROJECT_NAME} is used as APPLICATION_NAME")
     SET(APPLICATION_NAME ${PROJECT_NAME})
@@ -90,18 +101,4 @@ if (UNIX)
     "${SHARE_INSTALL_PREFIX}/info"
     CACHE PATH "The ${APPLICATION_NAME} info install dir (default prefix/info)"
   )
-endif (UNIX)
-
-if (WIN32)
-  # Same same
-  set(BIN_INSTALL_DIR "bin" CACHE PATH "-")
-  set(SBIN_INSTALL_DIR "." CACHE PATH "-")
-  set(LIB_INSTALL_DIR "lib" CACHE PATH "-")
-  set(INCLUDE_INSTALL_DIR "include" CACHE PATH "-")
-  set(PLUGIN_INSTALL_DIR "plugins" CACHE PATH "-")
-  set(HTML_INSTALL_DIR "doc/HTML" CACHE PATH "-")
-  set(ICON_INSTALL_DIR "." CACHE PATH "-")
-  set(SOUND_INSTALL_DIR "." CACHE PATH "-")
-  set(LOCALE_INSTALL_DIR "lang" CACHE PATH "-")
-endif (WIN32)
-
+endif ()

cmake/Modules/DefinePlatformDefaults.cmake

@@ -0,0 +1,25 @@
+# Set system vars
+
+if (CMAKE_SYSTEM_NAME MATCHES "Linux")
+    set(LINUX TRUE)
+endif(CMAKE_SYSTEM_NAME MATCHES "Linux")
+
+if (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
+    set(FREEBSD TRUE)
+endif (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
+
+if (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
+    set(OPENBSD TRUE)
+endif (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
+
+if (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
+    set(NETBSD TRUE)
+endif (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
+
+if (CMAKE_SYSTEM_NAME MATCHES "(Solaris|SunOS)")
+    set(SOLARIS TRUE)
+endif (CMAKE_SYSTEM_NAME MATCHES "(Solaris|SunOS)")
+
+if (CMAKE_SYSTEM_NAME MATCHES "OS2")
+    set(OS2 TRUE)
+endif (CMAKE_SYSTEM_NAME MATCHES "OS2")

cmake/Modules/FindOpenSSL.cmake

@@ -52,6 +52,7 @@ else (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
   find_library(SSL_LIBRARY
     NAMES
       ssl
+      ssl_dl
       libssl
     PATHS
       ${_OPENSSL_DIR}/lib
@@ -101,6 +102,7 @@ else (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
   find_library(CRYPTO_LIBRARY
     NAMES
       crypto
+      crypto_dl
       libcrypto
       eay
       eay32

include/libssh/callbacks.h

@@ -33,6 +33,11 @@
 extern "C" {
 #endif
 
+/**
+ * @addtogroup ssh_session
+ * @{
+ */
+
 /**
  * @brief SSH authentication callback.
  *
@@ -110,4 +115,6 @@ LIBSSH_API int ssh_set_callbacks(ssh_session session, ssh_callbacks cb);
 }
 #endif
 
+/** @} */
+
 #endif /*_SSH_CALLBACK_H */

include/libssh/libssh.h

@@ -40,7 +40,7 @@
       #endif
     #endif
   #else
-    #if __GNUC__ >= 4
+    #if __GNUC__ >= 4 && !defined(__OS2__)
       #define LIBSSH_API __attribute__((visibility("default")))
     #else
       #define LIBSSH_API
@@ -79,7 +79,7 @@
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  4
-#define LIBSSH_VERSION_MICRO  6
+#define LIBSSH_VERSION_MICRO  8
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \
@@ -171,7 +171,7 @@ enum ssh_requests_e {
 	SSH_REQUEST_CHANNEL_OPEN,
 	SSH_REQUEST_CHANNEL,
 	SSH_REQUEST_SERVICE,
-	SSH_REQUEST_GLOBAL,
+	SSH_REQUEST_GLOBAL
 };
 
 enum ssh_channel_type_e {
@@ -189,7 +189,7 @@ enum ssh_channel_requests_e {
 	SSH_CHANNEL_REQUEST_SHELL,
 	SSH_CHANNEL_REQUEST_ENV,
 	SSH_CHANNEL_REQUEST_SUBSYSTEM,
-	SSH_CHANNEL_REQUEST_WINDOW_CHANGE,
+	SSH_CHANNEL_REQUEST_WINDOW_CHANGE
 };
 
 /* status flags */
@@ -203,7 +203,7 @@ enum ssh_server_known_e {
 	SSH_SERVER_KNOWN_OK,
 	SSH_SERVER_KNOWN_CHANGED,
 	SSH_SERVER_FOUND_OTHER,
-	SSH_SERVER_FILE_NOT_FOUND,
+	SSH_SERVER_FILE_NOT_FOUND
 };
 
 #ifndef MD5_DIGEST_LEN

libssh/auth.c

@@ -226,7 +226,7 @@ int ssh_userauth_none(ssh_session session, const char *username) {
 
 #ifdef WITH_SSH1
   if (session->version == 1) {
-    ssh_userauth1_none(session, username);
+    rc = ssh_userauth1_none(session, username);
     leave_function();
     return rc;
   }
@@ -332,7 +332,7 @@ int ssh_userauth_offer_pubkey(ssh_session session, const char *username,
 
 #ifdef WITH_SSH1
   if (session->version == 1) {
-    ssh_userauth1_offer_pubkey(session, username, type, publickey);
+    rc = ssh_userauth1_offer_pubkey(session, username, type, publickey);
     leave_function();
     return rc;
   }

libssh/auth1.c

@@ -35,38 +35,46 @@
 
 #ifdef WITH_SSH1
 static int wait_auth1_status(ssh_session session) {
+  enter_function();
   /* wait for a packet */
   if (packet_read(session) != SSH_OK) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
   if(packet_translate(session) != SSH_OK) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
   switch(session->in_packet.type) {
     case SSH_SMSG_SUCCESS:
+      leave_function();
       return SSH_AUTH_SUCCESS;
     case SSH_SMSG_FAILURE:
+      leave_function();
       return SSH_AUTH_DENIED;
   }
 
   ssh_set_error(session, SSH_FATAL, "Was waiting for a SUCCESS or "
       "FAILURE, got %d", session->in_packet.type);
-
+  leave_function();
   return SSH_AUTH_ERROR;
 }
 
 static int send_username(ssh_session session, const char *username) {
   ssh_string user = NULL;
   /* returns SSH_AUTH_SUCCESS or SSH_AUTH_DENIED */
+  enter_function();
   if(session->auth_service_asked) {
+    leave_function();
     return session->auth_service_asked;
   }
 
   if (!username) {
     if(!(username = session->username)) {
       if (ssh_options_set(session, SSH_OPTIONS_USER, NULL) < 0) {
+        leave_function();
         return session->auth_service_asked = SSH_AUTH_ERROR;
       } else {
         username = session->username;
@@ -75,24 +83,30 @@ static int send_username(ssh_session session, const char *username) {
   }
   user = string_from_char(username);
   if (user == NULL) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_USER) < 0) {
     string_free(user);
+    leave_function();
     return SSH_AUTH_ERROR;
   }
   if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
     string_free(user);
+    leave_function();
     return SSH_AUTH_ERROR;
   }
   string_free(user);
   if (packet_send(session) != SSH_OK) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
   session->auth_service_asked = wait_auth1_status(session);
-
+  if(session->auth_service_asked != SSH_AUTH_ERROR)
+    session->auth_methods=SSH_AUTH_METHOD_PASSWORD;
+  leave_function();
   return session->auth_service_asked;
 }
 

libssh/channels.c

@@ -1392,11 +1392,13 @@ static ssh_channel channel_accept(ssh_session session, int channeltype,
         iterator = iterator->next;
       }
     }
+    if(t>0){
 #ifdef _WIN32
-    Sleep(50); /* 50ms */
+      Sleep(50); /* 50ms */
 #else
-    nanosleep(&ts, NULL);
+      nanosleep(&ts, NULL);
 #endif
+    }
   }
 
   return NULL;

libssh/client.c

@@ -110,26 +110,37 @@ static int ssh_analyze_banner(ssh_session session, int *ssh1, int *ssh2) {
   const char *banner = session->serverbanner;
   const char *openssh;
 
-  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
-
-  if (strncmp(banner, "SSH-", 4) != 0) {
-    ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
-    return -1;
+  if (banner == NULL) {
+      ssh_set_error(session, SSH_FATAL, "Invalid banner");
+      return -1;
   }
 
   /*
    * Typical banners e.g. are:
-   * SSH-1.5-blah
-   * SSH-1.99-blah
-   * SSH-2.0-blah
+   *
+   * SSH-1.5-openSSH_5.4
+   * SSH-1.99-openSSH_3.0
+   *
+   * SSH-2.0-something
+   * 012345678901234567890
    */
+  if (strlen(banner) < 6 ||
+      strncmp(banner, "SSH-", 4) != 0) {
+    ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
+
   switch(banner[4]) {
     case '1':
       *ssh1 = 1;
-      if (banner[6] == '9') {
-        *ssh2 = 1;
-      } else {
-        *ssh2 = 0;
+      if (strlen(banner) > 6) {
+          if (banner[6] == '9') {
+            *ssh2 = 1;
+          } else {
+            *ssh2 = 0;
+          }
       }
       break;
     case '2':
@@ -143,13 +154,21 @@ static int ssh_analyze_banner(ssh_session session, int *ssh1, int *ssh2) {
 
   openssh = strstr(banner, "OpenSSH");
   if (openssh != NULL) {
-    int major, minor;
-    major = strtol(openssh + 8, (char **) NULL, 10);
-    minor = strtol(openssh + 10, (char **) NULL, 10);
-    session->openssh = SSH_VERSION_INT(major, minor, 0);
-    ssh_log(session, SSH_LOG_RARE,
-        "We are talking to an OpenSSH server version: %d.%d (%x)",
-        major, minor, session->openssh);
+      int major, minor;
+
+      /*
+       * The banner is typical:
+       * OpenSSH_5.4
+       * 012345678901234567890
+       */
+      if (strlen(openssh) > 9) {
+          major = strtol(openssh + 8, (char **) NULL, 10);
+          minor = strtol(openssh + 10, (char **) NULL, 10);
+          session->openssh = SSH_VERSION_INT(major, minor, 0);
+          ssh_log(session, SSH_LOG_RARE,
+                  "We are talking to an OpenSSH client version: %d.%d (%x)",
+                  major, minor, session->openssh);
+      }
   }
 
   return 0;
@@ -554,8 +573,10 @@ int ssh_connect(ssh_session session) {
   /* Here we decide which version of the protocol to use. */
   if (ssh2 && session->ssh2) {
     session->version = 2;
+#ifdef WITH_SSH1
   } else if(ssh1 && session->ssh1) {
     session->version = 1;
+#endif
   } else {
     ssh_set_error(session, SSH_FATAL,
         "No version of SSH protocol usable (banner: %s)",
@@ -610,6 +631,7 @@ int ssh_connect(ssh_session session) {
 
       session->connected = 1;
       break;
+#ifdef WITH_SSH1
     case 1:
       if (ssh_get_kex1(session) < 0) {
         ssh_socket_close(session->socket);
@@ -621,6 +643,7 @@ int ssh_connect(ssh_session session) {
 
       session->connected = 1;
       break;
+#endif
   }
 
   leave_function();

libssh/connect.c

@@ -67,10 +67,7 @@
 #include "libssh/socket.h"
 #include "libssh/channels.h"
 #include "libssh/session.h"
-
-#ifndef HAVE_SELECT
-#error "Your system must have select()"
-#endif
+#include "libssh/poll.h"
 
 #ifndef HAVE_GETADDRINFO
 #error "Your system must have getaddrinfo()"
@@ -202,29 +199,35 @@ static int getai(ssh_session session, const char *host, int port, struct addrinf
 
 static int ssh_connect_ai_timeout(ssh_session session, const char *host,
     int port, struct addrinfo *ai, long timeout, long usec, socket_t s) {
-  struct timeval to;
-  fd_set set;
+  int timeout_ms;
+  ssh_pollfd_t fds;
   int rc = 0;
   unsigned int len = sizeof(rc);
 
   enter_function();
 
-  to.tv_sec = timeout;
-  to.tv_usec = usec;
+  /* I know we're losing some precision. But it's not like poll-like family
+   * type of mechanisms are precise up to the microsecond.
+   */
+  timeout_ms=timeout * 1000 + usec / 1000;
 
   sock_set_nonblocking(s);
 
   ssh_log(session, SSH_LOG_RARE, "Trying to connect to host: %s:%d with "
-      "timeout %ld.%ld", host, port, timeout, usec);
+      "timeout %d ms", host, port, timeout_ms);
 
   /* The return value is checked later */
   connect(s, ai->ai_addr, ai->ai_addrlen);
   freeaddrinfo(ai);
 
-  FD_ZERO(&set);
-  FD_SET(s, &set);
+  fds.fd=s;
+  fds.revents=0;
+  fds.events=POLLOUT;
+#ifdef _WIN32
+  fds.events |= POLLWRNORM;
+#endif
+  rc = ssh_poll(&fds,1,timeout_ms);
 
-  rc = select(s + 1, NULL, &set, NULL, &to);
   if (rc == 0) {
     /* timeout */
     ssh_set_error(session, SSH_FATAL,
@@ -236,7 +239,7 @@ static int ssh_connect_ai_timeout(ssh_session session, const char *host,
 
   if (rc < 0) {
     ssh_set_error(session, SSH_FATAL,
-        "Select error: %s", strerror(errno));
+        "poll error: %s", strerror(errno));
     ssh_connect_socket_close(s);
     leave_function();
     return -1;

libssh/dh.c

@@ -222,6 +222,8 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) {
       return;
     }
     printf("%s: %s\n", descr, hexa);
+
+    free(hexa);
 }
 
 int dh_generate_x(ssh_session session) {

libssh/kex.c

@@ -450,6 +450,8 @@ int verify_existing_algo(int algo, const char *name){
     return 0;
 }
 
+#ifdef WITH_SSH1
+
 /* makes a STRING contating 3 strings : ssh-rsa1,e and n */
 /* this is a public key in openssh's format */
 static ssh_string make_rsa1_string(ssh_string e, ssh_string n){
@@ -507,6 +509,7 @@ static int build_session_id1(ssh_session session, ssh_string servern,
   return 0;
 }
 
+
 /* returns 1 if the modulus of k1 is < than the one of k2 */
 static int modulus_smaller(ssh_public_key k1, ssh_public_key k2){
     bignum n1;
@@ -796,4 +799,6 @@ error:
   return rc;
 }
 
+#endif /* WITH_SSH1 */
+
 /* vim: set ts=2 sw=2 et cindent: */

libssh/keyfiles.c

@@ -1457,6 +1457,7 @@ static int match_hashed_host(ssh_session session, const char *host,
   enter_function();
 
   if (strncmp(sourcehash, "|1|", 3) != 0) {
+    leave_function();
     return 0;
   }
 

libssh/keys.c

@@ -1308,6 +1308,9 @@ ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
 #endif
       sign->dsa_sign = NULL;
       break;
+    default:
+      signature_free(sign);
+      return NULL;
   }
 #ifdef HAVE_LIBGCRYPT
   gcry_sexp_release(gcryhash);
@@ -1463,6 +1466,9 @@ ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey)
 #endif
       sign->dsa_sign = NULL;
       break;
+    default:
+      signature_free(sign);
+      return NULL;
   }
 
 #ifdef HAVE_LIBGCRYPT

libssh/misc.c

@@ -129,9 +129,11 @@ char *ssh_get_user_home_dir(void) {
 
   rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
   if (rc != 0) {
-    return NULL;
+    szPath = getenv("HOME");
+    return szPath ? strdup(szPath) : NULL;
   }
 
+
   szPath = strdup(pwd.pw_dir);
 
   return szPath;
@@ -504,7 +506,7 @@ int ssh_mkdir(const char *pathname, mode_t mode) {
  * @return              The expanded directory, NULL on error.
  */
 char *ssh_path_expand_tilde(const char *d) {
-    char *h, *r;
+    char *h = NULL, *r;
     const char *p;
     size_t ld;
     size_t lh = 0;
@@ -548,12 +550,14 @@ char *ssh_path_expand_tilde(const char *d) {
 
     r = malloc(ld + lh + 1);
     if (r == NULL) {
+        SAFE_FREE(h);
         return NULL;
     }
 
     if (lh > 0) {
         memcpy(r, h, lh);
     }
+    SAFE_FREE(h);
     memcpy(r + lh, p, ld + 1);
 
     return r;

libssh/options.c

@@ -266,33 +266,6 @@ int ssh_options_set_algo(ssh_session session, int algo,
  *                          \n
  *                          See the corresponding numbers in libssh.h.
  *
- *                      - SSH_OPTTIONS_AUTH_CALLBACK:
- *                        Set a callback to use your own authentication function
- *                        (function pointer).
- *
- *                      - SSH_OPTTIONS_AUTH_USERDATA:
- *                        Set the user data passed to the authentication
- *                        function (generic pointer).
- *
- *                      - SSH_OPTTIONS_LOG_CALLBACK:
- *                        Set a callback to use your own logging function
- *                        (function pointer).
- *
- *                      - SSH_OPTTIONS_LOG_USERDATA:
- *                        Set the user data passed to the logging function
- *                        (generic pointer).
- *
- *                      - SSH_OPTTIONS_STATUS_CALLBACK:
- *                        Set a callback to show connection status in realtime
- *                        (function pointer).\n
- *                        \n
- *                        @code
- *                        fn(void *arg, float status)
- *                        @endcode
- *                        \n
- *                        During ssh_connect(), libssh will call the callback
- *                        with status from 0.0 to 1.0.
- *
  *                      - SSH_OPTTIONS_STATUS_ARG:
  *                        Set the status argument which should be passed to the
  *                        status callback (generic pointer).

libssh/server.c

@@ -246,6 +246,7 @@ int ssh_bind_accept(ssh_bind sshbind, ssh_session session) {
   if (sshbind->bindaddr == NULL)
     session->bindaddr = NULL;
   else {
+    SAFE_FREE(session->bindaddr);
     session->bindaddr = strdup(sshbind->bindaddr);
     if (session->bindaddr == NULL) {
       privatekey_free(dsa);

libssh/session.c

@@ -153,6 +153,7 @@ void ssh_free(ssh_session session) {
 
   SAFE_FREE(session->serverbanner);
   SAFE_FREE(session->clientbanner);
+  SAFE_FREE(session->bindaddr);
   SAFE_FREE(session->banner);
 #ifdef WITH_PCAP
   if(session->pcap_ctx){

libssh/sftp.c

@@ -3123,7 +3123,10 @@ static sftp_attributes sftp_xstat(sftp_session sftp, const char *path,
   }
 
   if (msg->packet_type == SSH_FXP_ATTRS) {
-    return sftp_parse_attr(sftp, msg->payload, 0);
+    sftp_attributes attr = sftp_parse_attr(sftp, msg->payload, 0);
+    sftp_message_free(msg);
+
+    return attr;
   } else if (msg->packet_type == SSH_FXP_STATUS) {
     status = parse_status_msg(msg);
     sftp_message_free(msg);

libssh/socket.c

@@ -265,7 +265,10 @@ void ssh_socket_fd_set(struct socket *s, fd_set *set, socket_t *max_fd) {
   if (s->fd == SSH_INVALID_SOCKET)
     return;
   FD_SET(s->fd,set);
-  if (s->fd >= 0 && s->fd != SSH_INVALID_SOCKET) {
+
+  if (s->fd >= 0 &&
+      s->fd >= *max_fd &&
+      s->fd != SSH_INVALID_SOCKET) {
     *max_fd = s->fd + 1;
   }
 }
@@ -489,6 +492,7 @@ int ssh_socket_poll(struct socket *s, int *writeable, int *except) {
 
   fd->fd = s->fd;
   fd->events = 0;
+  fd->revents = 0;
 
   if (!s->data_to_read) {
     fd->events |= POLLIN;